X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/12fa0e31a7141100d816dcd6d4eba165fdfa8df7..0800ef83ee2e0f769c96b7d4b972038188331627:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 738ed332f..a439a7b5e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -52,7 +52,7 @@ .set I "    " .macro copyyear -2017 +2018 .endmacro . ///////////////////////////////////////////////////////////////////////////// @@ -7839,6 +7839,19 @@ ${lookup redis{set keyname ${quote_redis:objvalue plus}}} ${lookup redis{get keyname}} .endd +.new +As of release 4.91, "lightweight" support for Redis Cluster is available. +Requires &%redis_servers%& list to contain all the servers in the cluster, all +of which must be reachable from the running exim instance. If the cluster has +master/slave replication, the list must contain all the master and slave +servers. + +When the Redis Cluster returns a "MOVED" response to a query, exim does not +immediately follow the redirection but treats the response as a DEFER, moving on +to the next server in the &%redis_servers%& list until the correct server is +reached. +.wen + .ecindex IIDfidalo1 .ecindex IIDfidalo2 @@ -12878,6 +12891,7 @@ is compiled with the content-scanning extension. For details, see section .vitem &$spf_header_comment$& &&& &$spf_received$& &&& &$spf_result$& &&& + &$spf_result_guessed$& &&& &$spf_smtp_comment$& These variables are only available if Exim is built with SPF support. For details see section &<>&. @@ -28153,7 +28167,16 @@ If verification was successful using DANE then the "CV" item in the delivery log There is a new variable &$tls_out_dane$& which will have "yes" if verification succeeded using DANE and "no" otherwise (only useful -in combination with EXPERIMENTAL_EVENT), and a new variable &$tls_out_tlsa_usage$& (detailed above). +in combination with events; see &<>&), +and a new variable &$tls_out_tlsa_usage$& (detailed above). + +.cindex DANE reporting +An event (see &<>&) of type "dane:fail" will be raised on failures +to achieve DANE-verified connection, if one was either requested and offered, or +required. This is intended to support TLS-reporting as defined in +&url(https://tools.ietf.org/html/draft-ietf-uta-smtp-tlsrpt-17). +The &$event_data$& will be one of the Result Types defined in +Section 4.3 of that document. Under GnuTLS, DANE is only supported from version 3.0.0 onwards. .wen @@ -31797,9 +31820,9 @@ though individual ones can be included or not at build time: .vitem &%avast%& .cindex "virus scanners" "avast" This is the scanner daemon of Avast. It has been tested with Avast Core -Security (currently at version 1.1.7). -You can get a trial version at &url(http://www.avast.com) or for Linux -at &url(http://www.avast.com/linux-server-antivirus). +Security (currently at version 2.2.0). +You can get a trial version at &url(https://www.avast.com) or for Linux +at &url(https://www.avast.com/linux-server-antivirus). This scanner type takes one option, which can be either a full path to a UNIX socket, or host and port specifiers separated by white space. @@ -31826,6 +31849,8 @@ $ socat UNIX:/var/run/avast/scan.sock STDIO: PACK .endd +Only the first virus detected will be reported. + .vitem &%aveserver%& .cindex "virus scanners" "Kaspersky" @@ -38879,7 +38904,8 @@ The result can either be a valid RSA private key in ASCII armor (.pem file), including line breaks .new .next -with GnuTLS 3.6.0 or later, be a valid Ed25519 private key (same format as above) +with GnuTLS 3.6.0 or OpenSSL 1.1.1 or later, +be a valid Ed25519 private key (same format as above) .wen .next start with a slash, in which case it is treated as a file that contains @@ -39090,7 +39116,8 @@ The key record selector string. .vitem &%$dkim_algo%& The algorithm used. One of 'rsa-sha1' or 'rsa-sha256'. .new -If running under GnuTLS 3.6.0 or later, may also be 'ed25519-sha256'. +If running under GnuTLS 3.6.0 or OpenSSL 1.1.1 or later, +may also be 'ed25519-sha256'. The "_CRYPTO_SIGN_ED25519" macro will be defined if support is present for EC keys. .wen @@ -39322,6 +39349,11 @@ variables: one of pass, fail, softfail, none, neutral, permerror or temperror. +.vitem &$spf_result_guessed$& +.vindex &$spf_result_guessed$& + This boolean is trus only if a best-guess operation was used + and required in order to obtain a result. + .vitem &$spf_smtp_comment$& .vindex &$spf_smtp_comment$& This contains a string that can be used in a SMTP response @@ -39709,6 +39741,7 @@ expansion must check this, as it will be called for every possible event type. The current list of events is: .display +&`dane:fail after transport `& per connection &`msg:complete after main `& per message &`msg:delivery after transport `& per recipient &`msg:rcpt:host:defer after transport `& per recipient per host @@ -39737,6 +39770,7 @@ should define the event action. An additional variable, &$event_data$&, is filled with information varying with the event type: .display +&`dane:fail `& failure reason &`msg:delivery `& smtp confirmation message &`msg:rcpt:host:defer `& error string &`msg:rcpt:defer `& error string @@ -39764,15 +39798,12 @@ The expansion of the event_action option should normally return an empty string. Should it return anything else the following will be forced: .display -&`msg:delivery `& (ignored) -&`msg:host:defer `& (ignored) -&`msg:fail:delivery`& (ignored) &`tcp:connect `& do not connect -&`tcp:close `& (ignored) &`tls:cert `& refuse verification &`smtp:connect `& close connection .endd -No other use is made of the result string. +All other message types ignore the result string, and +no other use is made of it. For a tcp:connect event, if the connection is being made to a proxy then the address and port variables will be that of the proxy and not