+PH/10 Added the log_reject_target ACL modifier to specify where to log
+ rejections.
+
+PH/11 Callouts were setting the name used for EHLO/HELO from $smtp_active_
+ hostname. This is wrong, because it relates to the incoming message (and
+ probably the interface on which it is arriving) and not to the outgoing
+ callout (which could be using a different interface). This has been
+ changed to use the value of the helo_data option from the smtp transport
+ instead - this is what is used when a message is actually being sent. If
+ there is no remote transport (possible with a router that sets up host
+ addresses), $smtp_active_hostname is used.
+
+PH/12 Installed Andrey Panin's patch to add a dovecot authenticator. Various
+ tweaks were necessary in order to get it to work:
+ (a) The code assumed that strncpy() returns a negative number on buffer
+ overflow, which isn't the case. Replaced with Exim's string_format()
+ function.
+ (b) There were several signed/unsigned issues. I just did the minimum
+ hacking in of casts. There is scope for a larger refactoring.
+ (c) The code used strcasecmp() which is not a standard C function.
+ Replaced with Exim's strcmpic() function.
+ (d) The code set only $1; it now sets $auth1 as well.
+ (e) A simple test gave the error "authentication client didn't specify
+ service in request". It would seem that Dovecot has changed its
+ interface. Fortunately there's a specification; I followed it and
+ changed what the client sends and it appears to be working now.
+
+PH/13 Added $message_headers_raw to provide the headers without RFC 2047
+ decoding.
+
+PH/14 Corrected misleading output from -bv when -v was also used. Suppose the
+ address A is aliased to B and C, where B exists and C does not. Without
+ -v the output is "A verified" because verification stops after a
+ successful redirection if more than one address is generated. However,
+ with -v the child addresses are also verified. Exim was outputting "A
+ failed to verify" and then showing the successful verification for C,
+ with its parentage. It now outputs "B failed to verify", showing B's
+ parentage before showing the successful verification of C.
+
+PH/15 Applied Michael Deutschmann's patch to allow DNS black list processing to
+ look up a TXT record in a specific list after matching in a combined
+ list.
+
+PH/16 It seems that the options setting for the resolver (RES_DEFNAMES and
+ RES_DNSRCH) can affect the behaviour of gethostbyname() and friends when
+ they consult the DNS. I had assumed they would set it the way they
+ wanted; and indeed my experiments on Linux seem to show that in some
+ cases they do (I could influence IPv6 lookups but not IPv4 lookups).
+ To be on the safe side, however, I have now made the interface to
+ host_find_byname() similar to host_find_bydns(), with an argument
+ containing the DNS resolver options. The host_find_byname() function now
+ sets these options at its start, just as host_find_bydns() does. The smtp
+ transport options dns_qualify_single and dns_search_parents are passed to
+ host_find_byname() when gethostbyname=TRUE in this transport. Other uses
+ of host_find_byname() use the default settings of RES_DEFNAMES
+ (qualify_single) but not RES_DNSRCH (search_parents).
+