test from the snapshots or the Git before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.95
+------------
+
+ 1. The fast-ramp two phase queue run support, previously experimental, is
+ now supported by default.
+
+ 2. The native SRS support, previously experimental, is now supported. It is
+ not built unless specified in the Local/Makefile.
+
+ 3. TLS resumption support, previously experimental, is now supported and
+ included in default builds.
+
+ 4. Single-key LMDB lookups, previously experimental, are now supported.
+ The support is not built unless specified in the Local/Makefile.
+
+ 5. Option "message_linelength_limit" on the smtp transport to enforce (by
+ default) the RFC 998 character limit.
+
+ 6. An option to ignore the cache on a lookup.
+
+
Version 4.94
------------
5. Server-side support in the gsasl authenticator for encrypted passwords, as
an alternate for the existing plaintext.
- 6. Variable $local_part_verified, set by the router check_local_part condition
- with untainted data.
+ 6. Variable $local_part_data now also set by router check_local_user option,
+ with an de-tainted version of $local_part.
7. Named-list definitions can now be prefixed "hide" so that "-bP" commands do
not output the content. Previously this could only be done on options.
+ 8. As an exerimental feature, the dovecot authenticatino driver supports inet
+ sockets. Previously it was unix-domain sockets only.
+
+ 9. The ACL control "queue_only" can also be spelled "queue", and now takes an
+ option "first_pass_route" to do the same as a "-odqs" on the command line.
+
+10. Items specified for the router and transport headers_remove option can use
+ a trailing asterisk to specify globbing.
+
+11. New $queue_size variable.
+
+12. New variables $local_part_{pre,suf}fix_v.
+
+13. New main option "sqlite_dbfile", for use in preference to prefixing the
+ lookup string. The older method fails when tainted variables are used
+ in the lookup, as the filename becomes tainted. The new method keeps the
+ filename separate.
+
+14. Options on the dsearch lookup, to return the full path and to filter
+ filetypes for matching.
+
+15. Options on pgsql and mysql lookups, to specify server separate from the
+ lookup string.
+
+16. An option on all single-key lookups, to return (on a hit) a de-tainted
+ version of the lookup key rather than the looked-up data.
+
+17. $domain_data and $localpart_data are now set by all list-match successes.
+ Previously only list items that performed lookups did so.
+ Also, matching list items that are tail-match or RE-match now set the
+ numeric variables $0 (etc) in the same way os other RE matches.
+
+18. Expansion item ${listquote {<char} {<item>}}.
+
+19. An option for the ${readsocket {}{}{}} expansion to make the result data
+ cacheable.
+
+20. dkim_verify_min_keysizes, a list of minimum acceptable public-key sizes.
+
+21. bounce_message_file and warn_message_file are now expanded before use.
+
+
Version 4.93
------------
14. Main option "dns_trust_aa" for trusting your local nameserver at the
same level as DNSSEC.
-
Version 4.85
------------