-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.146 2007/04/17 13:06:10 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.152 2007/06/22 14:38:58 ph10 Exp $
New Features in Exim
--------------------
test from the snapshots or the CVS before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.68
+------------
+
+ 1. The body_linecount and body_zerocount C variables are now exported in the
+ local_scan API.
+
+ 2. When a dnslists lookup succeeds, the key that was looked up is now placed
+ in $dnslist_matched. When the key is an IP address, it is not reversed in
+ this variable (though it is, of course, in the actual lookup). In simple
+ cases, for example:
+
+ deny dnslists = spamhaus.example
+
+ the key is also available in another variable (in this case,
+ $sender_host_address). In more complicated cases, however, this is not
+ true. For example, using a data lookup might generate a dnslists lookup
+ like this:
+
+ deny dnslists = spamhaus.example/<|192.168.1.2|192.168.6.7|...
+
+ If this condition succeeds, the value in $dnslist_matched might be
+ 192.168.6.7 (for example).
+
+ 3. Authenticators now have a client_condition option. When Exim is running as
+ a client, it skips an authenticator whose client_condition expansion yields
+ "0", "no", or "false". This can be used, for example, to skip plain text
+ authenticators when the connection is not encrypted by a setting such as:
+
+ client_condition = ${if !eq{$tls_cipher}{}}
+
+ Note that the 4.67 documentation states that $tls_cipher contains the
+ cipher used for incoming messages. In fact, during SMTP delivery, it
+ contains the cipher used for the delivery. The same is true for
+ $tls_peerdn.
+
+ 4. There is now a -Mvc <message-id> option, which outputs a copy of the
+ message to the standard output, in RFC 2822 format. The option can be used
+ only by an admin user.
+
+ 5. There is now a /noupdate option for the ratelimit ACL condition. It
+ computes the rate and checks the limit as normal, but it does not update
+ the saved data. This means that, in relevant ACLs, it is possible to lookup
+ the existence of a specified (or auto-generated) ratelimit key without
+ incrementing the ratelimit counter for that key.
+
+ In order for this to be useful, another ACL entry must set the rate
+ for the same key somewhere (otherwise it will always be zero).
+
+ Example:
+
+ acl_check_connect:
+ # Read the rate; if it doesn't exist or is below the maximum
+ # we update it below
+ deny ratelimit = 100 / 5m / strict / noupdate
+ log_message = RATE: $sender_rate / $sender_rate_period \
+ (max $sender_rate_limit)
+
+ [... some other logic and tests...]
+
+ warn ratelimit = 100 / 5m / strict / per_cmd
+ log_message = RATE UPDATE: $sender_rate / $sender_rate_period \
+ (max $sender_rate_limit)
+ condition = ${if le{$sender_rate}{$sender_rate_limit}}
+
+ accept
+
+ 6. The variable $max_received_linelength contains the number of bytes in the
+ longest line that was received as part of the message, not counting the
+ line termination character(s).
+
+
Version 4.67
------------
2. When an item in a dnslists list is followed by = and & and a list of IP
addresses, the behaviour was not clear when the lookup returned more than
one IP address. This has been solved by the addition of == and =& for "all"
- rather than the defaule "any" matching.
+ rather than the default "any" matching.
3. Up till now, the only control over which cipher suites GnuTLS uses has been
for the cipher algorithms. New options have been added to allow some of the