X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/b80649a90444b89433d174d3de4dc1518325882c..0caec8e792b969ca442413e75c8966f074bc5fd4:/doc/doc-txt/experimental-spec.txt?ds=sidebyside diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index 3ad0825d5..15fd247ae 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/experimental-spec.txt,v 1.8 2007/09/28 12:58:41 tom Exp $ +$Cambridge: exim/doc/doc-txt/experimental-spec.txt,v 1.10 2008/01/16 09:36:19 tom Exp $ From time to time, experimental features may be added to Exim. While a feature is experimental, there will be a build-time @@ -140,6 +140,22 @@ arguments. can use the $dkim_domain and $dkim_selector expansion variables here. + dkim_sign_headers = [OPTIONAL] + + When set, this option must expand to (or be specified as) + a colon-separated list of header names. These headers will + be included in the message signature. When unspecified, + the recommended headers will be used. Currently, these + are: + + from:sender:reply-to:subject:date: + message-id:to:cc:mime-version:content-type: + content-transfer-encoding:content-id: + content-description:resent-date:resent-from: + resent-sender:resent-to:resent-cc:resent-message-id: + in-reply-to:references: + list-id:list-help:list-unsubscribe: + list-subscribe:list-post:list-owner:list-archive @@ -681,7 +697,7 @@ These four steps are explained in more details below. 3. Sender Policy Framework (SPF) support -------------------------------------------------------------- -To learn more about SPF, visit http://spf.pobox.com. This +To learn more about SPF, visit http://www.openspf.org. This document does not explain the SPF fundamentals, you should read and understand the implications of deploying SPF on your system before doing so. @@ -745,11 +761,12 @@ the SPF check, the condition succeeds. If none of the listed strings matches the outcome of the SPF check, the condition fails. -Here is a simple example to fail forgery attempts from domains -that publish SPF records: +Here is an example to fail forgery attempts from domains that +publish SPF records: /* ----------------- -deny message = $sender_host_address is not allowed to send mail from $sender_address_domain +deny message = $sender_host_address is not allowed to send mail from ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ + Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain {mfrom}{helo}};identity=${if def:sender_address_domain {$sender_address}{$sender_helo_name}};ip=$sender_host_address spf = fail --------------------- */