Initial work removing PCRE from dist. Documentation needs to be updated. Related...
[users/heiko/exim.git] / doc / doc-txt / experimental-spec.txt
index 3ad0825d5ac65c70eca7b7f059225b7fceda1b6e..15fd247ae42eb8588ed78b0db26785b4c0f12b96 100644 (file)
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/experimental-spec.txt,v 1.8 2007/09/28 12:58:41 tom Exp $
+$Cambridge: exim/doc/doc-txt/experimental-spec.txt,v 1.10 2008/01/16 09:36:19 tom Exp $
 
 From time to time, experimental features may be added to Exim.
 While a feature  is experimental, there  will be a  build-time
@@ -140,6 +140,22 @@ arguments.
     can  use the $dkim_domain and $dkim_selector expansion
     variables here.
 
+  dkim_sign_headers = <expanded string> [OPTIONAL]
+
+    When set, this option must expand to (or be specified as)
+    a colon-separated list of header names. These headers will
+    be included in the message signature. When unspecified,
+    the recommended headers will be used. Currently, these
+    are:
+
+    from:sender:reply-to:subject:date:
+    message-id:to:cc:mime-version:content-type:
+    content-transfer-encoding:content-id:
+    content-description:resent-date:resent-from:
+    resent-sender:resent-to:resent-cc:resent-message-id:
+    in-reply-to:references:
+    list-id:list-help:list-unsubscribe:
+    list-subscribe:list-post:list-owner:list-archive
 
 
 
@@ -681,7 +697,7 @@ These four steps are explained in more details below.
 3. Sender Policy Framework (SPF) support
 --------------------------------------------------------------
 
-To learn  more  about  SPF, visit   http://spf.pobox.com. This
+To learn  more  about  SPF, visit   http://www.openspf.org. This
 document does   not explain  the SPF  fundamentals, you should
 read and understand the implications of deploying SPF on  your
 system before doing so.
@@ -745,11 +761,12 @@ the SPF check, the condition  succeeds. If none of the  listed
 strings matches the  outcome of the  SPF check, the  condition
 fails.
 
-Here is a simple example to fail forgery attempts from domains
-that publish SPF records:
+Here is an example to fail forgery attempts from domains that
+publish SPF records:
 
 /* -----------------
-deny message = $sender_host_address is not allowed to send mail from $sender_address_domain
+deny message = $sender_host_address is not allowed to send mail from ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}.  \
+              Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain {mfrom}{helo}};identity=${if def:sender_address_domain {$sender_address}{$sender_helo_name}};ip=$sender_host_address
      spf = fail
 --------------------- */