X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/1921d2ea1648c90d45da23f26cf8855465521426..898d150f9aa9c796bb01117bc438b24ddb2e7435:/doc/doc-txt/ChangeLog?ds=sidebyside diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 7ac300ce2..632e11189 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.277 2005/12/15 15:44:46 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.325 2006/03/08 10:49:18 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -46,6 +46,256 @@ PH/08 Changed debug output of dbfn_open() flags from numbers to names, so as to PH/09 Moved a debug statement in filter processing to avoid a race problem when testing. +JJ/01 exipick: fixed bug where -b (brief) output option showed "Vars:" + whether --show-vars was specified or not + +JJ/02 exipick: Added support for new ACL variable spool format introduced + in 4.61-PH/06 + +PH/10 Fixed another bug related to PH/04 above: if an incoming message had a + syntactically invalid From: or Reply-to: line, and a filter used this to + generate an autoreply, and therefore failed to obtain an address for the + autoreply, Exim could try to deliver to a non-existent relative file + name, causing unrelated and misleading errors. What now happens is that + it logs this as a hard delivery error, but does not attempt to create a + bounce message. + +PH/11 The exinext utility has a -C option for testing purposes, but although + the given file was scanned by exinext itself; it wasn't being passed on + when Exim was called. + +PH/12 In the smtp transport, treat an explicit ECONNRESET error the same as + an end-of-file indication when reading a command response. + +PH/13 Domain literals for IPv6 were not recognized unless IPv6 support was + compiled. In many other places in Exim, IPv6 addresses are always + recognized, so I have changed this. It also means that IPv4 domain + literals of the form [IPV4:n.n.n.n] are now always recognized. + +PH/14 When a uid/gid is specified for the queryprogram router, it cannot be + used if the router is not running as root, for example, when verifying at + ACL time, or when using -bh. The debugging output from this situation was + non-existent - all you got was a failure to exec. I have made two + changes: + + (a) Failures to set uid/gid, the current directory, or a process leader + in a subprocess such as that created by queryprogram now generate + suitable debugging ouput when -d is set. + + (b) The queryprogram router detects when it is not running as root, + outputs suitable debugging information if -d is set, and then runs + the subprocess without attempting to change uid/gid. + +PH/15 Minor change to Makefile for building test_host (undocumented testing + feature). + +PH/16 As discussed on the list in Nov/Dec: Exim no longer looks at the + additional section of a DNS packet that returns MX or SRV records. + Instead, it always explicitly searches for A/AAAA records. This avoids + major problems that occur when a DNS server includes only records of one + type (A or AAAA) in an MX/SRV packet. A byproduct of this change has + fixed another bug: if SRV records were looked up and the corresponding + address records were *not* found in the additional section, the port + values from the SRV records were lost. + +PH/17 If a delivery to a pipe, file, or autoreply was deferred, Exim was not + using the correct key (the original address) when searching the retry + rules in order to find which one to use for generating the retry hint. + +PH/18 If quota_warn_message contains a From: header, Exim now refrains from + adding the default one. Similarly, if it contains a Reply-To: header, the + errors_reply_to option, if set, is not used. + +PH/19 When calculating a retry time, Exim used to measure the "time since + failure" by looking at the "first failed" field in the retry record. Now + it does not use this if it is later than than the arrival time of the + message. Instead it uses the arrival time. This makes for better + behaviour in cases where some deliveries succeed, thus re-setting the + "first failed" field. An example is a quota failure for a huge message + when small messages continue to be delivered. Without this change, the + "time since failure" will always be short, possible causing more frequent + delivery attempts for the huge message than are intended. + +PH/20 Added $auth1, $auth2, $auth3 to contain authentication data (as well as + $1, $2, $3) because the numerical variables can be reset during some + expansion items (e.g. "match"), thereby losing the authentication data. + +PH/21 Make -bV show the size of off_t variables so that the test suite can + decide whether to run tests for quotas > 2G. + +PH/22 Test the values given for quota, quota_filecount, quota_warn_threshold, + mailbox_size, and mailbox_filecount in the appendfile transport. If a + filecount value is greater than 2G or if a quota value is greater than 2G + on a system where the size of off_t is not greater than 4, a panic error + is given. + +PH/23 When a malformed item such as 1.2.3/24 appears in a host list, it can + never match. The debug and -bh output now contains an explicit error + message indicating a malformed IPv4 address or mask. + +PH/24 An host item such as 1.2.3.4/abc was being treated as the IP address + 1.2.3.4 without a mask. Now it is not recognized as an IP address, and + PH/23 above applies. + +PH/25 Do not write to syslog when running in the test harness. The only + occasion when this arises is a failure to open the main or panic logs + (for which there is an explicit test). + +PH/26 Added the /no_tell option to "control=freeze". + +PH/27 If a host name lookup failed very early in a connection, for example, if + the IP address matched host_lookup and the reverse lookup yielded a name + that did not have a forward lookup, an error message of the form "no IP + address found for host xxx.xxx.xxx (during SMTP connection from NULL)" + could be logged. Now it outputs the IP address instead of "NULL". + +PH/28 An enabling patch from MH: add new function child_open_exim2() which + allows the sender and the authenticated sender to be set when + submitting a message from within Exim. Since child_open_exim() is + documented for local_scan(), the new function should be too. + +PH/29 In GnuTLS, a forced expansion failure for tls_privatekey was not being + ignored. In both GnuTLS and OpenSSL, an expansion of tls_privatekey that + results in an empty string is now treated as unset. + +PH/30 Fix eximon buffer overflow bug (Bugzilla #73). + +PH/31 Added sender_verify_fail logging option. + +PH/32 In November 2003, the code in Exim that added an empty Bcc: header when + needed by RFC 822 but not by RFC 2822 was commented out. I have now + tidied the source and removed it altogether. + +PH/33 When a queue run was abandoned because the load average was too high, a + log line was always written; now it is written only if the queue_run log + selector is set. In addition, the log line for abandonment now contains + information about the queue run such as the pid. This is always present + in "start" and "stop" lines but was omitted from the "abandon" line. + +PH/34 Omit spaces between a header name and the colon in the error message that + is given when verify = headers_syntax fails (if there are lots of them, + the message gets confusing). + +PH/35 Change the default for dns_check_names_pattern to allow slashes within + names, as there are now some PTR records that contain slashes. This check + is only to protect against broken name servers that fall over on strange + characters, so the fact that it applies to all lookups doesn't matter. + +PH/36 Now that the new test suite is complete, we can remove some of the + special code in Exim that was needed for the old test suite. For example, + sorting DNS records because real resolvers return them in an arbitrary + order. The new test suite's fake resolver always returns records in the + same order. + +PH/37 When running in the test harness, use -odi for submitted messages (e.g. + bounces) except when queue_only is set, to avoid logging races between + the different processes. + +PH/38 Panic-die if .include specifies a non-absolute path. + +PH/39 A tweak to the "H" retry rule from its user. + +JJ/03 exipick: Removed parentheses from 'next' and 'last' calls that specified + a label. They prevented compilation on older perls. + +JJ/04 exipick: Refactored code to prevent implicit split to @_ which caused + a warning to be raised on newish perls. + +JJ/05 exipick: Fixed bug where -bpc always showed a count of all messages + on queue. Changes to match documented behaviour of showing count of + messages matching specified criteria. + +PH/40 Changed the default ident timeout from 30s to 5s. + +PH/41 Added support for the use of login_cap features, on those BSD systems + that have them, for controlling the resources used by pipe deliveries. + +PH/42 The content-scanning code uses fopen() to create files in which to put + message data. Previously it was not paying any attention to the mode of + the files. Exim runs with umask(0) because the rest of the code creates + files with open(), and sets the required mode explicitly. Thus, these + files were ending up world-writeable. This was not a big issue, because, + being within the spool directory, they were not world-accessible. I have + created a function called modefopen, which takes an additional mode + argument. It sets umask(777), creates the file, chmods it to the required + mode, then resets the umask. All the relevant calls to fopen() in the + content scanning code have been changed to use this function. + +PH/43 If retry_interval_max is set greater than 24 hours, it is quietly reset + to 24 hours. This avoids potential overflow problems when processing G + and H retry rules. I suspect nobody ever tinkers with this value. + +PH/44 Added STRIP_COMMAND=/usr/bin/strip to the FreeBSD Makefile. + +PH/45 When the plaintext authenticator is running as a client, the server's + challenges are checked to ensure they are valid base64 strings. By + default, the authentication attempt is cancelled if an invalid string is + received. Setting client_ignore_invalid_base64 true ignores these errors. + The decoded challenge strings are now placed in $auth1, $auth2, etc. as + they are received. Thus, the responses can be made to depend on the + challenges. If an invalid string is ignored, an empty string is placed in + the variable. + +PH/46 Messages that are created by the autoreply transport now contains a + References: header, in accordance with RFCs 2822 and 3834. + +PH/47 Added authenticated_sender_force to the smtp transport. + +PH/48 The ${prvs expansion was broken on systems where time_t was long long. + +PH/49 Installed latest patch from the Sieve maintainer. + +PH/50 When an Exim quota was set without a file count quota, and mailbox_size + was also set, the appendfile transport was unnecessarily scanning a + directory of message files (e.g. for maildir delivery) to find the count + of files (along with the size), even though it did not need this + information. It now does the scan only if it needs to find either the + size of the count of files. + +PH/51 Added ${time_eval: to convert Exim time strings into seconds. + +PH/52 Two bugs concerned with error handling when the smtp transport is + used in LMTP mode: + + (i) Exim was not creating retry information for temporary errors given + for individual recipients after the DATA command when the smtp transport + was used in LMTP mode. This meant that they could be retried too + frequently, and not timed out correctly. + + (ii) Exim was setting the flag that allows error details to be returned + for LMTP errors on RCPT commands, but not for LMTP errors for individual + recipients that were returned after the DATA command. + +PH/53 This is related to PH/52, but is more general: for any failing address, + when detailed error information was permitted to be returned to the + sender, but the error was temporary, then after the final timeout, only + "retry timeout exceeded" was returned. Now it returns the full error as + well as "retry timeout exceeded". + +PH/54 Added control=allow_auth_unadvertised, as it seems there are clients that + do this, and (what is worse) MTAs that accept it. + +PH/55 Added the add_header modified to ACLs. The use of "message" with "warn" + will now be deprecated. + +PH/56 New os.c-cygwin from the Cygwin maintainer. + +JJ/06 exipick: added --unsorted option to allow unsorted output in all output + formats (previously only available in exim formats via -bpr, -bpru, + and -bpra. Now also available in native and exiqgrep formats) + +JJ/07 exipick: added --freeze and --thaw options to allow faster interaction + with very large, slow to parse queues + +JJ/08 exipick: added ! as generic prefix to negate any criteria format + +JJ/09 exipick: miscellaneous performance enhancements (~24% improvements) + +PH/57 Tidies in SMTP dialogue display in debug output: (i) It was not showing + responses to authentication challenges, though it was showing the + challenges; (ii) I've removed the CR characters from the debug output for + SMTP output lines. + Exim version 4.60 ----------------- @@ -238,9 +488,6 @@ TF/01 The control=submission/name=... option had a problem with syntax PH/05 Some modifications to the interface to the fake nameserver for the new testing suite. -PH/06 Add ${if def:sender_address {(envelope-from <$sender_address>)\n\t}} - into the default Received: header string. - Exim version 4.53