X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/cc00f4af38ebcc8255460398f573ba6e6ec842e3..858e91c21a3a14da760299b6d54676ac18526418:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index c9e35733e..4e5663fab 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -2,6 +2,78 @@ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.87 +----------------- +JH/01 Bug 1664: Disable OCSP for GnuTLS library versions at/before 3.3.16 + and 3.4.4 - once the server is enabled to respond to an OCSP request + it does even when not requested, resulting in a stapling non-aware + client dropping the TLS connection. + +TF/01 Code cleanup: Overhaul the debug_selector and log_selector machinery to + support variable-length bit vectors. No functional change. + +TF/02 Improve the consistency of logging incoming and outgoing interfaces. + The I= interface field on outgoing lines is now after the H= remote + host field, same as incoming lines. There is a separate + outgoing_interface log selector which allows you to disable the + outgoing I= field. + +JH/02 Bug 728: Close logfiles after a daemon-process "exceptional" log write. + If not running log_selector +smtp_connection the mainlog would be held + open indefinitely after a "too many connections" event, including to a + deleted file after a log rotate. Leave the per net connection logging + leaving it open for efficiency as that will be quickly detected by the + check on the next write. + +HS/01 Bug 1671: Fix post transport crash. + Processing the wait- messages could crash the delivery + process if the message IDs didn't exist for some reason. When + using 'split_spool_directory=yes' the construction of the spool + file name failed already, exposing the same netto behaviour. + +JH/03 Bug 425: Capture substrings in $regex1, $regex2 etc from regex & + mime_regex ACL conditions. + +JH/04 Bug 1686: When compiled with EXPERIMENTAL_DSN_INFO: Add extra information + to DSN fail messages (bounces): remote IP, remote greeting, remote response + to HELO, local diagnostic string. + +JH/05 Downgrade message for a TLS-certificate-based authentication fail from + log line to debug. Even when configured with a tls authenticator many + client connections are expected to not authenticate in this way, so + an authenticate fail is not an error. + +HS/02 Add the Exim version string to the process info. This way exiwhat + gives some more detail about the running daemon. + +JH/06 Bug 1395: time-limit cacheing of DNS lookups, to the TTL value. This may + matter for fast-change records such as DNSBLs. + +JH/07 Bug 1678: Always record an interface option value, if set, as part of a + retry record, even if constant. There may be multiple transports with + different interface settings and the retry behaviour needs to be kept + distinct. + +JH/08 Bug 1586: exiqgrep now refuses to run if there are unexpected arguments. + +JH/09 Bug 1700: ignore space & tab embedded in base64 during decode. + +JH/10 Bug 840: fix log_defer_output option of pipe transport + +JH/11 Bug 830: use same host for all RCPTS of a message, even under + hosts_randomize. This matters a lot when combined with mua_wrapper. + +JH/12 Bug 1706: percent and underbar characters are no longer escaped by the + ${quote_pgsql:} operator. + +JH/13 Bug 1708: avoid misaligned access in cached lookup. + +JH/14 Change header file name for freeradius-client. Relevant if compiling + with Radius support; from the Gentoo tree and checked under Fedora. + +JH/15 Bug 1712: Introduce $prdr_requested flag variable + + Exim version 4.86 ----------------- JH/01 Bug 1545: The smtp transport option "retry_include_ip_address" is now @@ -13,7 +85,7 @@ JH/03 The smtp transport now requests PRDR by default, if the server offers it. JH/04 Certificate name checking on server certificates, when exim is a client, - is now done by default. The transport option tls_verify_cert_hostname + is now done by default. The transport option tls_verify_cert_hostnames can be used to disable this per-host. The build option EXPERIMENTAL_CERTNAMES is withdrawn. @@ -70,11 +142,56 @@ JH/18 Bug 1581: Router and transport options headers_add/remove can JH/19 Bug 392: spamd_address, and clamd av_scanner, now support retry option values. -JH/20 BUG 1571: Ensure that $tls_in_peerdn is set, when verification fails +JH/20 Bug 1571: Ensure that $tls_in_peerdn is set, when verification fails under OpenSSL. JH/21 Support for the A6 type of dns record is withdrawn. +JH/22 Bug 608: The result of a QUIT or not-QUIT toplevel ACL now matters + rather than the verbs used. + +JH/23 Bug 1572: Increase limit on SMTP confirmation message copy size + from 255 to 1024 chars. + +JH/24 Verification callouts now attempt to use TLS by default. + +HS/01 DNSSEC options (dnssec_require_domains, dnssec_request_domains) + are generic router options now. The defaults didn't change. + +JH/25 Bug 466: Add RFC2322 support for MIME attachment filenames. + Original patch from Alexander Shikoff, worked over by JH. + +HS/02 Bug 1575: exigrep falls back to autodetection of compressed + files if ZCAT_COMMAND is not executable. + +JH/26 Bug 1539: Add timout/retry options on dnsdb lookups. + +JH/27 Bug 286: Support SOA lookup in dnsdb lookups. + +JH/28 Bug 1588: Do not use the A lookup following an AAAA for setting the FQDN. + Normally benign, it bites when the pair was led to by a CNAME; + modern usage is to not canoicalize the domain to a CNAME target + (and we were inconsistent anyway for A-only vs AAAA+A). + +JH/29 Bug 1632: Removed the word "rejected" from line logged for ACL discards. + +JH/30 Check the forward DNS lookup for DNSSEC, in addition to the reverse, + when evaluating $sender_host_dnssec. + +JH/31 Check the HELO verification lookup for DNSSEC, adding new + $sender_helo_dnssec variable. + +JH/32 Bug 1397: Enable ECDHE on OpenSSL, just the NIST P-256 curve. + +JH/33 Bug 1346: Note MAIL cmd seen in -bS batch, to avoid smtp_no_mail log. + +JH/34 Bug 1648: Fix a memory leak seen with "mailq" and large queues. + +JH/35 Bug 1642: Fix support of $spam_ variables at delivery time. Was + documented as working, but never had. Support all but $spam_report. + +JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command + added for tls authenticator. Exim version 4.85