X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/9f35c169ea5438eaa6331a6d51974de1c4f4fdb0..38d85dd18239ac5951fae2c61dcf7c037c666f00:/doc/doc-docbook/spec.xfpt?ds=sidebyside diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 18d67fe20..8a0c96753 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -9677,7 +9677,8 @@ ${readsocket{inet:[::1]:1234}{request string}} Only a single host name may be given, but if looking it up yields more than one IP address, they are each tried in turn until a connection is made. For both kinds of socket, Exim makes a connection, writes the request string -(unless it is an empty string) and reads from the socket until an end-of-file +unless it is an empty string; and no terminating NUL is ever sent) +and reads from the socket until an end-of-file is read. A timeout of 5 seconds is applied. Additional, optional arguments extend what can be done. Firstly, you can vary the timeout. For example: .code @@ -12966,6 +12967,14 @@ overriding the setting of &%perl_at_start%&. There is also a command line option &%-pd%& (for delay) which suppresses the initial startup, even if &%perl_at_start%& is set. +.ilist +.oindex "&%perl_taintmode%&" +To provide more security executing Perl code via the embedded Perl +interpeter, the &%perl_taintmode%& option can be set. This enables the +taint mode of the Perl interpreter. You are encouraged to set this +option to a true value. To avoid breaking existing installations, it +defaults to false. + .section "Calling Perl subroutines" "SECID86" When the configuration file includes a &%perl_startup%& option you can make use @@ -13494,6 +13503,7 @@ listed in more than one group. .table2 .row &%perl_at_start%& "always start the interpreter" .row &%perl_startup%& "code to obey when starting Perl" +.row &%perl_taintmode%& "enable taint mode in Perl" .endtable @@ -15581,14 +15591,20 @@ local parts. Exim's default configuration does this. .option perl_at_start main boolean false +.cindex "Perl" This option is available only when Exim is built with an embedded Perl interpreter. See chapter &<>& for details of its use. .option perl_startup main string unset +.cindex "Perl" This option is available only when Exim is built with an embedded Perl interpreter. See chapter &<>& for details of its use. +.option perl_startup main boolean false +.cindex "Perl" +This Option enables the taint mode of the embedded Perl interpreter. + .option pgsql_servers main "string list" unset .cindex "PostgreSQL lookup type" "server list" @@ -23417,6 +23433,15 @@ the message. As a result, the overall timeout for a message depends on the size of the message. Its value must not be zero. See also &%final_timeout%&. +.option dkim_domain smtp string&!! unset +.option dkim_selector smtp string&!! unset +.option dkim_private_key smtp string&!! unset +.option dkim_canon smtp string&!! unset +.option dkim_strict smtp string&!! unset +.option dkim_sign_headers smtp string&!! unset +DKIM signing options. For details see &<>&. + + .option delay_after_cutoff smtp boolean true This option controls what happens when all remote IP addresses for a given domain have been inaccessible for so long that they have passed their retry @@ -38005,7 +38030,7 @@ where you accept mail from relay sources (internal hosts or authenticated senders). -.section "Signing outgoing messages" "SECID513" +.section "Signing outgoing messages" "SECDKIMSIGN" .cindex "DKIM" "signing" Signing is implemented by setting private options on the SMTP transport.