+ 2. MySQL stored procedures are now supported.
+
+ 3. The dkim_domain transport option is now a list, not a single string, and
+ messages will be signed for each element in the list (discarding
+ duplicates).
+
+ 4. The 4.70 release unexpectedly changed the behaviour of dnsdb TXT lookups
+ in the presence of multiple character strings within the RR. Prior to 4.70,
+ only the first string would be returned. The dnsdb lookup now, by default,
+ preserves the pre-4.70 semantics, but also now takes an extended output
+ separator specification. The first output separator is used to join
+ multiple TXT records together; use a second separator character, followed
+ by a colon, to join the strings within a TXT record on that second
+ character, or use a semicolon to concatenate strings within a TXT record
+ with no separator. Administrators are reminded that DNS provides no
+ ordering guarantees between multiple records in an RRset. For example:
+
+ foo.example. IN TXT "a" "b" "c"
+ foo.example. IN TXT "d" "e" "f"
+
+ ${lookup dnsdb{>/ txt=foo.example}} -> "a/d"
+ ${lookup dnsdb{>/; txt=foo.example}} -> "def/abc"
+ ${lookup dnsdb{>/+: txt=foo.example}} -> "a+b+c/d+e+f"
+
+ Some character combinations are currently unsupported.
+
+Version 4.70 / 4.71
+-------------------
+
+ 1. Native DKIM support without an external library.
+
+ 2. Experimental DCC support via dccifd (contributed by Wolfgang Breyha).
+
+ 3. There is now a bool{} expansion condition which maps certain strings to
+ true/false condition values (most likely of use in conjuction with the
+ and{} expansion operator).
+
+ 4. The $spam_score, $spam_bar and $spam_report variables are now available
+ at delivery time.
+
+ 5. exim -bP now supports "macros", "macro_list" or "macro MACRO_NAME" as
+ options, provided that Exim is invoked by an admin_user.
+
+ 6. There is a new option gnutls_compat_mode, when linked against GnuTLS,
+ which increases compatibility with older clients at the cost of decreased
+ security. Don't set this unless you need to support such clients.
+
+ 7. There is a new expansion operator, ${randint:...} which will produce a
+ "random" number less than the supplied integer. This randomness is
+ not guaranteed to be cryptographically strong, but depending upon how
+ Exim was built may be better than the most naive schemes.
+
+ 8. Exim now explicitly ensures that SHA256 is available when linked against
+ OpenSSL.
+
+ 9. The transport_filter_timeout option now applies to SMTP transports too.
+
+
+Version 4.68
+------------
+
+ 1. The body_linecount and body_zerocount C variables are now exported in the
+ local_scan API.
+
+ 2. When a dnslists lookup succeeds, the key that was looked up is now placed
+ in $dnslist_matched. When the key is an IP address, it is not reversed in
+ this variable (though it is, of course, in the actual lookup). In simple
+ cases, for example:
+
+ deny dnslists = spamhaus.example
+
+ the key is also available in another variable (in this case,
+ $sender_host_address). In more complicated cases, however, this is not
+ true. For example, using a data lookup might generate a dnslists lookup
+ like this:
+
+ deny dnslists = spamhaus.example/<|192.168.1.2|192.168.6.7|...
+
+ If this condition succeeds, the value in $dnslist_matched might be
+ 192.168.6.7 (for example).
+
+ 3. Authenticators now have a client_condition option. When Exim is running as
+ a client, it skips an authenticator whose client_condition expansion yields
+ "0", "no", or "false". This can be used, for example, to skip plain text
+ authenticators when the connection is not encrypted by a setting such as:
+
+ client_condition = ${if !eq{$tls_cipher}{}}
+
+ Note that the 4.67 documentation states that $tls_cipher contains the
+ cipher used for incoming messages. In fact, during SMTP delivery, it
+ contains the cipher used for the delivery. The same is true for
+ $tls_peerdn.
+
+ 4. There is now a -Mvc <message-id> option, which outputs a copy of the
+ message to the standard output, in RFC 2822 format. The option can be used
+ only by an admin user.
+
+ 5. There is now a /noupdate option for the ratelimit ACL condition. It
+ computes the rate and checks the limit as normal, but it does not update
+ the saved data. This means that, in relevant ACLs, it is possible to lookup
+ the existence of a specified (or auto-generated) ratelimit key without
+ incrementing the ratelimit counter for that key.
+
+ In order for this to be useful, another ACL entry must set the rate
+ for the same key somewhere (otherwise it will always be zero).
+
+ Example:
+
+ acl_check_connect:
+ # Read the rate; if it doesn't exist or is below the maximum
+ # we update it below
+ deny ratelimit = 100 / 5m / strict / noupdate
+ log_message = RATE: $sender_rate / $sender_rate_period \
+ (max $sender_rate_limit)
git://git.exim.org / users / jgh / exim.git / blobdiff