X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/495ae4b01f36d0d8bb0e34a1d7263c2b8224aa4a..76a2d7bad2f69787569f842d9d154524c4758ce3:/doc/doc-txt/NewStuff?ds=sidebyside diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index dfcc5e711..5d6e915d3 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.1 2004/10/07 15:04:35 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.25 2005/01/04 16:36:27 ph10 Exp $ New Features in Exim -------------------- @@ -9,6 +9,253 @@ updated when there is a relatively large batch of changes). The doc/ChangeLog file contains a listing of all changes, including bug fixes. +Version 4.50 +------------ + + 1. There is a new build-time option called CONFIGURE_GROUP which works like + CONFIGURE_OWNER. It specifies one additional group that is permitted for + the runtime configuration file when the group write permission is set. + + 2. The "control=submission" facility has a new option /sender_retain. This + has the effect of setting local_sender_retain true and local_from_check + false for the incoming message in which it is encountered. + + 3. $recipients is now available in the predata ACL (oversight). + + 4. The value of address_data from a sender verification is now available in + $sender_address_data in subsequent conditions in the ACL statement. Note: + this is just like $address_data. The value does not persist after the end + of the current ACL statement. If you want to preserve it, you can use one + of the ACL variables. + + 5. The redirect router has two new options: forbid_sieve_filter and + forbid_exim_filter. When filtering is enabled by allow_filter, these + options control which type(s) of filtering are permitted. By default, both + Exim and Sieve filters are allowed. + + 6. A new option for callouts makes it possible to set a different (usually + smaller) timeout for making the SMTP connection. The keyword is "connect". + For example: + + verify = sender/callout=5s,connect=1s + + If not specified, it defaults to the general timeout value. + + 7. The new variables $sender_verify_failure and $recipient_verify_failure + contain information about exactly what failed. In an ACL, after one of + these failures, the relevant variable contains one of the following words: + + qualify the address was unqualified (no domain), and the message + was neither local nor came from an exempted host; + + route routing failed; + + mail routing succeeded, and a callout was attempted; rejection + occurred at or before the MAIL command (that is, on initial + connection, HELO, or MAIL); + + recipient the RCPT command in a callout was rejected; + + postmaster the postmaster check in a callout was rejected. + + The main use of these variables is expected to be to distinguish between + rejections of MAIL and rejections of RCPT. + + 8. The command line option -dd behaves exactly like -d except when used on a + command that starts a daemon process. In that case, debugging is turned off + for the subprocesses that the daemon creates. Thus, it is useful for + monitoring the behaviour of the daemon without creating as much output as + full debugging. + + 9. $host_address is now set to the target address during the checking of + ignore_target_hosts. + +10. There are four new variables called $spool_space, $log_space, + $spool_inodes, and $log_inodes. The first two contain the amount of free + space in the disk partitions where Exim has its spool directory and log + directory, respectively. (When these are in the same partition, the values + will, of course, be the same.) The second two variables contain the numbers + of free inodes in the respective partitions. + + NOTE: Because disks can nowadays be very large, the values in the space + variables are in kilobytes rather than in bytes. Thus, for example, to + check in an ACL that there is at least 50M free on the spool, you would + write: + + condition = ${if > {$spool_space}{50000}{yes}{no}} + + The values are recalculated whenever any of these variables is referenced. + If the relevant file system does not have the concept of inodes, the value + of those variables is -1. If the operating system does not have the ability + to find the amount of free space (only true for experimental systems), the + space value is -1. + +11. It is now permitted to omit both strings after an "if" condition; if the + condition is true, the result is the string "true". As before, when the + second string is omitted, a false condition yields an empty string. This + makes it less cumbersome to write custom ACL and router conditions. For + example, instead of + + condition = ${if eq {$acl_m4}{1}{yes}{no}} + + or the shorter form + + condition = ${if eq {$acl_m4}{1}{yes}} + + (because the second string has always defaulted to ""), you can now write + + condition = ${if eq {$acl_m4}{1}} + + Previously this was a syntax error. + +12. There is a new "record type" that can be specified in dnsdb lookups. It + is "zns" (for "zone NS"). It performs a lookup for NS records on the given + domain, but if none are found, it removes the first component of the domain + name, and tries again. This process continues until NS records are found + or there are no more components left (or there's a DNS error). In other + words, it may return the name servers for a top-level domain, but it never + returns the root name servers. If there are no NS records for the top-level + domain, the lookup fails. + + For example, ${lookup dnsdb{zns=xxx.quercite.com}} returns the name + servers for quercite.com, whereas ${lookup dnsdb{zns=xxx.edu}} returns + the name servers for edu, assuming in each case that there are no NS + records for the full domain name. + + You should be careful about how you use this lookup because, unless the + top-level domain does not exist, the lookup will always return some host + names. The sort of use to which this might be put is for seeing if the name + servers for a given domain are on a blacklist. You can probably assume that + the name servers for the high-level domains such as .com or .co.uk are not + going to be on such a list. + +13. Another new "record type" is "mxh"; this looks up MX records just as "mx" + does, but it returns only the names of the hosts, omitting the priority + values. + +14. It is now possible to specify a list of domains or IP addresses to be + looked up in a dnsdb lookup. The list is specified in the normal Exim way, + with colon as the default separator, but with the ability to change this. + For example: + + ${lookup dnsdb{one.domain.com:two.domain.com}} + ${lookup dnsdb{a=one.host.com:two.host.com}} + ${lookup dnsdb{ptr = <; 1.2.3.4 ; 4.5.6.8}} + + In order to retain backwards compatibility, there is one special case: if + the lookup type is PTR and no change of separator is specified, Exim looks + to see if the rest of the string is precisely one IPv6 address. In this + case, it does not treat it as a list. + + The data from each lookup is concatenated, with newline separators (by + default - see 14 below), in the same way that multiple DNS records for a + single item are handled. + + The dnsdb lookup fails only if all the DNS lookups fail. If there is a + temporary DNS error for any of them, the behaviour is controlled by + an optional keyword followed by a comma that may appear before the record + type. The possible keywords are "defer_strict", "defer_never", and + "defer_lax". With "strict" behaviour, any temporary DNS error causes the + whole lookup to defer. With "never" behaviour, a temporary DNS error is + ignored, and the behaviour is as if the DNS lookup failed to find anything. + With "lax" behaviour, all the queries are attempted, but a temporary DNS + error causes the whole lookup to defer only if none of the other lookups + succeed. The default is "lax", so the following lookups are equivalent: + + ${lookup dnsdb{defer_lax,a=one.host.com:two.host.com}} + ${lookup dnsdb{a=one.host.com:two.host.com}} + + Thus, in the default case, as long as at least one of the DNS lookups + yields some data, the dnsdb lookup succeeds. + +15. It is now possible to specify the character to be used as a separator when + a dnsdb lookup returns data from more than one DNS record. The default is a + newline. To specify a different character, put '>' followed by the new + character at the start of the query. For example: + + ${lookup dnsdb{>: a=h1.test.ex:h2.test.ex}} + ${lookup dnsdb{>| mxh=<;m1.test.ex;m2.test.ex}} + + It is permitted to specify a space as the separator character. Note that + more than one DNS record can be found for a single lookup item; this + feature is relevant even when you do not specify a list. + + The same effect could be achieved by wrapping the lookup in ${tr...}; this + feature is just a syntactic simplification. + +16. It is now possible to supply a list of domains and/or IP addresses to be + lookup up in a DNS blacklist. Previously, only a single domain name could + be given, for example: + + dnslists = black.list.tld/$sender_host_name + + What follows the slash can now be a list. As with all lists, the default + separator is a colon. However, because this is a sublist within the list of + DNS blacklist domains, it is necessary either to double the separators like + this: + + dnslists = black.list.tld/name.1::name.2 + + or to change the separator character, like this: + + dnslists = black.list.tld/<;name.1;name.2 + + If an item in the list is an IP address, it is inverted before the DNS + blacklist domain is appended. If it is not an IP address, no inversion + occurs. Consider this condition: + + dnslists = black.list.tls/<;192.168.1.2;a.domain + + The DNS lookups that occur are for + + 2.1.168.192.black.list.tld and a.domain.black.list.tld + + Once a DNS record has been found (that matches a specific IP return + address, if specified), no further lookups are done. If there is a + temporary DNS error, the rest of the sublist of domains or IP addresses is + tried. The dnslists item itself defers only if none of the other DNS + lookups in this sublist succeeds. In other words, a successful lookup for + any of the items in the sublist overrides a defer for a previous item. + +17. The log selector queue_time_overall causes Exim to output the time spent on + the queue as an addition to the "Completed" message. Like queue_time (which + puts the queue time on individual delivery lines), the time is tagged with + "QT=", and it is measured from the time that the message starts to be + received, so it includes the reception time. + +18. It is now possible to use both -bF and -bf on the same command, in order to + test a system filter and a user filter in the same run. For example: + + exim -bF /system/filter -bf /user/filter