X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/7ef88aa0c4c0608ee54ed2ff90b4b34c518d9bb5..8d2cbee4bb479e11fd3dfa0acd8ac547a98f12f8:/doc/doc-txt/experimental-spec.txt?ds=sidebyside diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index e9a557aec..3beab4b9c 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -642,6 +642,9 @@ ARC support Specification: https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-11 Note that this is not an RFC yet, so may change. +[RFC 8617 was published 2019/06. Draft 11 was 2018/01. A review of the +changes has not yet been done] + ARC is intended to support the utility of SPF and DKIM in the presence of intermediaries in the transmission path - forwarders and mailinglists - by establishing a cryptographically-signed chain in headers. @@ -650,10 +653,18 @@ Normally one would only bother doing ARC-signing when functioning as an intermediary. One might do verify for local destinations. ARC uses the notion of a "ADministrative Management Domain" (ADMD). -Described in RFC 5598 (section 2.3), this is essentially the set of -mail-handling systems that the mail transits. A label should be chosen to -identify the ADMD. Messages should be ARC-verified on entry to the ADMD, -and ARC-signed on exit from it. +Described in RFC 5598 (section 2.3), this is essentially a set of +mail-handling systems that mail transits that are all under the control +of one organisation. A label should be chosen to identify the ADMD. +Messages should be ARC-verified on entry to the ADMD, and ARC-signed on exit +from it. + + +Building with ARC Support +-- +Enable using EXPERIMENTAL_ARC=yes in your Local/Makefile. +You must also have DKIM present (not disabled), and you very likely +want to have SPF enabled. Verification @@ -797,6 +808,59 @@ Issues: hosts_require_ocsp will fail + +Dovecot authenticator via inet socket +------------------------------------ +If Dovecot is configured similar to :- + +service auth { +... +#SASL + inet_listener { + name = exim + port = 12345 + } +... +} + +then an Exim authenticator can be configured :- + + dovecot-plain: + driver = dovecot + public_name = PLAIN + server_socket = dovecot_server_name 12345 + server_tls = true + server_set_id = $auth1 + +If the server_socket does not start with a / it is taken as a hostname (or IP); +and a whitespace-separated port number must be given. + + + +Twophase queue run fast ramp +---------------------------- +To include this feature, add to Local/Makefile: + EXPERIMENTAL_QUEUE_RAMP=yes + +If the (added for this feature) main-section option "queue_fast_ramp" (boolean) +is set, and a two-phase ("-qq") queue run finds, during the first phase, a +suitably large number of message routed for a given host - then (subject to +the usual queue-runner resource limits) delivery for that host is initiated +immediately, overlapping with the remainder of the first phase. + +This is incompatible with queue_run_in_order. + +The result should be a faster startup of deliveries when a large queue is +present and reasonable numbers of messages are routed to common hosts; this +could be a smarthost case, or delivery onto the Internet where a large proportion +of recipients hapen to be on a Gorilla-sized provider. + +As usual, the presence of a configuration option is associated with a +predefined macro, making it possible to write portable configurations. +For this one, the macro is _OPT_MAIN_QUEUE_FAST_RAMP. + + + -------------------------------------------------------------- End of file --------------------------------------------------------------