X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/633ffd487cc5a3ff851393b5a63e54275704e794..446415f5cd613d69abc8cd3324c06cb4695785f6:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 97df293d5..9cb1e4972 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -5044,7 +5044,7 @@ They can be used to conditionally include parts of a configuration The following classes of macros are defined: .display &` _HAVE_ `& build-time defines -&` _DRVR_AUTH_ `& authehticator drivers +&` _DRVR_AUTH_ `& authenticator drivers &` _DRVR_RTR_ `& router drivers &` _DRVR_TPT_ `& transport drivers &` _OPT_ `& configuration option support @@ -13593,6 +13593,7 @@ listed in more than one group. .row &%slow_lookup_log%& "control logging of slow DNS lookups" .row &%syslog_duplication%& "controls duplicate log lines on syslog" .row &%syslog_facility%& "set syslog &""facility""& field" +.row &%syslog_pid%& "pid in syslog lines" .row &%syslog_processname%& "set syslog &""ident""& field" .row &%syslog_timestamp%& "timestamp syslog lines" .row &%write_rejectlog%& "control use of message log" @@ -16856,6 +16857,15 @@ If this option is unset, &"mail"& is used. See chapter &<>& for details of Exim's logging. +.option syslog_pid main boolean true +.cindex "syslog" "pid" +If &%syslog_pid%& is set false, the PID on Exim's log lines are +omitted when these lines are sent to syslog. (Syslog normally prefixes +the log lines with the PID of the logging process automatically.) You need +to enable the &`+pid`& log selector item, if you want Exim to write it's PID +into the logs.) See chapter &<>& for details of Exim's logging. + + .option syslog_processname main string &`exim`& .cindex "syslog" "process name; setting" @@ -23986,11 +23996,30 @@ unauthenticated. See also &%hosts_require_auth%&, and chapter .cindex CHUNKING "enabling, in client" .cindex BDAT "SMTP command" .cindex "RFC 3030" "CHUNKING" -This option provides a list of server to which, provided they announce +This option provides a list of servers to which, provided they announce CHUNKING support, Exim will attempt to use BDAT commands rather than DATA. BDAT will not be used in conjuction with a transport filter. .wen +.new +.option hosts_try_fastopen smtp "host list!!" unset +.option "fast open, TCP" "enabling, in client" +.option "TCP Fast Open" "enabling, in client" +.option "RFC 7413" "TCP Fast Open" +This option provides a list of servers to which, provided +the facility is supported by this system, Exim will attempt to +perform a TCP Fast Open. +No data is sent on the SYN segment but, if the remote server also +supports the facility, it can send its SMTP banner immediately after +the SYN,ACK segment. This can save up to one round-trip time. + +The facility is only active for previously-contacted servers, +as the initiator must present a cookie in the SYN segment. + +On (at least some) current Linux distributions the facility must be enabled +in the kernel by the sysadmin before the support is usable. +.wen + .option hosts_try_prdr smtp "host list&!!" * .cindex "PRDR" "enabling, optional in client" This option provides a list of servers to which, provided they announce @@ -27537,8 +27566,13 @@ during TLS session handshake, to permit alternative values to be chosen: Great care should be taken to deal with matters of case, various injection attacks in the string (&`../`& or SQL), and ensuring that a valid filename -can always be referenced; it is important to remember that &$tls_sni$& is +can always be referenced; it is important to remember that &$tls_in_sni$& is arbitrary unverified data provided prior to authentication. +.new +Further, the initial cerificate is loaded before SNI is arrived, so +an expansion for &%tls_certificate%& must have a default which is used +when &$tls_in_sni$& is empty. +.wen The Exim developers are proceeding cautiously and so far no other TLS options are re-expanded.