X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/47aaa9d6df68458c03a9fa65c6f2fd2bdee898f9..1950cf85b47f7c8407b3318a4f8fc57c0af6d6ba:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0f46896e9..870248570 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -8120,7 +8120,7 @@ daemon as in the other SQL databases. .new .oindex &%sqlite_dbfile%& -The preferred way of specifying the file is by using the +The preferred way of specifying the file is by using the &%sqlite_dbfile%& option, set to an absolute path. .wen @@ -10285,21 +10285,37 @@ ${readsocket{/socket/name}{request string}{3s}} .endd The third argument is a list of options, of which the first element is the timeout -and must be present if the argument is given. +and must be present if any options are given. Further elements are options of form &'name=value'&. -Two option types is currently recognised: shutdown and tls. -The first defines whether (the default) -or not a shutdown is done on the connection after sending the request. -Example, to not do so (preferred, eg. by some webservers): +Example: .code ${readsocket{/socket/name}{request string}{3s:shutdown=no}} .endd -The second, tls, controls the use of TLS on the connection. Example: -.code -${readsocket{/socket/name}{request string}{3s:tls=yes}} -.endd -The default is to not use TLS. + +.new +The following option names are recognised: +.ilist +&*cache*& +Defines if the result data can be cached for use by a later identical +request in the same process. +Values are &"yes"& or &"no"& (the default). +If not, all cached results for this connection specification +will be invalidated. + +.next +&*shutdown*& +Defines whether or not a write-shutdown is done on the connection after +sending the request. Values are &"yes"& (the default) or &"no"& +(preferred, eg. by some webservers). + +.next +&*tls*& +Controls the use of TLS on the connection. +Values are &"yes"& or &"no"& (the default). If it is enabled, a shutdown as descripbed above is never done. +.endlist +.wen + A fourth argument allows you to change any newlines that are in the data that is read, in the same way as for &%readfile%& (see above). This example @@ -13290,6 +13306,18 @@ library, by setting: dns_dnssec_ok = 1 .endd +.new +In addition, on Linux with glibc 2.31 or newer the resolver library will +default to stripping out a successful validation status. +This will break a previously working Exim installation. +Provided that you do trust the resolver (ie, is on localhost) you can tell +glibc to pass through any successful validation with a new option in +&_/etc/resolv.conf_&: +.code +options trust-ad +.endd +.wen + Exim does not perform DNSSEC validation itself, instead leaving that to a validating resolver (e.g. unbound, or bind with suitable configuration). @@ -15418,6 +15446,18 @@ default. A value of 0 coerces DNSSEC off, a value of 1 coerces DNSSEC on. If the resolver library does not support DNSSEC then this option has no effect. +.new +On Linux with glibc 2.31 or newer this is insufficient, the resolver library +will default to stripping out a successful validation status. +This will break a previously working Exim installation. +Provided that you do trust the resolver (ie, is on localhost) you can tell +glibc to pass through any successful validation with a new option in +&_/etc/resolv.conf_&: +.code +options trust-ad +.endd +.wen + .option dns_ipv4_lookup main "domain list&!!" unset .cindex "IPv6" "DNS lookup for AAAA records"