Fix taint-handling in rDNS name construction

[users/heiko/exim.git] / doc / doc-docbook / spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 4fa87ff9efe240f84b696d84021460788b96bdff..bca6689b69e9be18ce516344723c7eec285c2133 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -52,7 +52,7 @@
 .set I   "    "
 
 .macro copyyear
-2018
+2018, 2019
 .endmacro
 
 . /////////////////////////////////////////////////////////////////////////////
@@ -3963,6 +3963,20 @@ is sent to the sender, containing the text &"cancelled by administrator"&.
 Bounce messages are just discarded. This option can be used only by an admin
 user.
 
+.new
+.vitem &%-MG%&&~<&'queue&~name'&&~<&'message&~id'&>&~<&'message&~id'&>&~...
+.oindex "&%-MG%&"
+.cindex queue named
+.cindex "named queues"
+.cindex "queue" "moving messages"
+This option requests that each listed message be moved from its current
+queue to the given named queue.
+The destination queue name argument is required, but can be an empty
+string to define the default queue.
+If the messages are not currently located in the default queue,
+a &%-qG<name>%& option will be required to define the source queue.
+.wen
+
 .vitem &%-Mmad%&&~<&'message&~id'&>&~<&'message&~id'&>&~...
 .oindex "&%-Mmad%&"
 .cindex "delivery" "cancelling all"
@@ -6663,11 +6677,10 @@ aliases or other indexed data referenced by an MTA. Information about cdb and
 tools for building the files can be found in several places:
 .display
 &url(https://cr.yp.to/cdb.html)
-&url(http://www.corpit.ru/mjt/tinycdb.html)
+&url(https://www.corpit.ru/mjt/tinycdb.html)
 &url(https://packages.debian.org/stable/utils/freecdb)
 &url(https://github.com/philpennock/cdbtools) (in Go)
 .endd
-. --- 2018-09-07: corpit.ru http:-only
 A cdb distribution is not needed in order to build Exim with cdb support,
 because the code for reading cdb files is included directly in Exim itself.
 However, no means of building or testing cdb files is provided with Exim, so
@@ -40329,8 +40342,12 @@ for more information of what they mean.
 
 SPF is a mechanism whereby a domain may assert which IP addresses may transmit
 messages with its domain in the envelope from, documented by RFC 7208.
-For more information on SPF see &url(http://www.openspf.org).
-. --- 2018-09-07: still not https
+For more information on SPF see &url(http://www.open-spf.org), a static copy of
+the &url(http://openspf.org).
+. --- 2019-10-28: still not https, open-spf.org is told to be a
+. --- web-archive copy of the now dead openspf.org site
+. --- See https://www.mail-archive.com/mailop@mailop.org/msg08019.html for a
+. --- discussion.
 
 Messages sent by a system not authorised will fail checking of such assertions.
 This includes retransmissions done by traditional forwarders.
@@ -40393,7 +40410,7 @@ deny spf = fail
      message = $sender_host_address is not allowed to send mail from \
                ${if def:sender_address_domain \
                     {$sender_address_domain}{$sender_helo_name}}.  \
-               Please see http://www.openspf.org/Why?scope=\
+               Please see http://www.open-spf.org/Why?scope=\
                ${if def:sender_address_domain {mfrom}{helo}};\
                identity=${if def:sender_address_domain \
                              {$sender_address}{$sender_helo_name}};\
@@ -40446,9 +40463,9 @@ In addition to SPF, you can also perform checks for so-called
 "Best-guess".  Strictly speaking, "Best-guess" is not standard
 SPF, but it is supported by the same framework that enables SPF
 capability.
-Refer to &url(http://www.openspf.org/FAQ/Best_guess_record)
+Refer to &url(http://www.open-spf.org/FAQ/Best_guess_record)
 for a description of what it means.
-. --- 2018-09-07: still not https:
+. --- 2019-10-28: still not https:
 
 To access this feature, simply use the spf_guess condition in place
 of the spf one.  For example: