Sorry - I didn't read the whole list of links about the new stuff. BTW-
I've been running the snapshot and using the new sender verify commands
and this is a MUST HAVE release. Phil has made excellent improvements in it.
Version 4.50
------------
1. There is a new build-time option called CONFIGURE_GROUP which works like
CONFIGURE_OWNER. It specifies one additional group that is permitted for
the runtime configuration file when the group write permission is set.
2. The "control=submission" facility has a new option /sender_retain. This
has the effect of setting local_sender_retain true and local_from_check
false for the incoming message in which it is encountered.
3. $recipients is now available in the predata ACL (oversight).
4. The value of address_data from a sender verification is now available in
$sender_address_data in subsequent conditions in the ACL statement. Note:
this is just like $address_data. The value does not persist after the end
of the current ACL statement. If you want to preserve it, you can use one
of the ACL variables.
5. The redirect router has two new options: forbid_sieve_filter and
forbid_exim_filter. When filtering is enabled by allow_filter, these
options control which type(s) of filtering are permitted. By default, both
Exim and Sieve filters are allowed.
6. A new option for callouts makes it possible to set a different (usually
smaller) timeout for making the SMTP connection. The keyword is "connect".
For example:
verify = sender/callout=5s,connect=1s
If not specified, it defaults to the general timeout value.
7. The new variables $sender_verify_failure and $recipient_verify_failure
contain information about exactly what failed. In an ACL, after one of
these failures, the relevant variable contains one of the following words:
qualify the address was unqualified (no domain), and the message
was neither local nor came from an exempted host;
route routing failed;
mail routing succeeded, and a callout was attempted; rejection
occurred at or before the MAIL command (that is, on initial
connection, HELO, or MAIL);
recipient the RCPT command in a callout was rejected;
postmaster the postmaster check in a callout was rejected.
The main use of these variables is expected to be to distinguish between
rejections of MAIL and rejections of RCPT.
8. The command line option -dd behaves exactly like -d except when used on a
command that starts a daemon process. In that case, debugging is turned off
for the subprocesses that the daemon creates. Thus, it is useful for
monitoring the behaviour of the daemon without creating as much output as
full debugging.
9. $host_address is now set to the target address during the checking of
ignore_target_hosts.
10. There are four new variables called $spool_space, $log_space,
$spool_inodes, and $log_inodes. The first two contain the amount of free
space in the disk partitions where Exim has its spool directory and log
directory, respectively. (When these are in the same partition, the values
will, of course, be the same.) The second two variables contain the numbers
of free inodes in the respective partitions.
NOTE: Because disks can nowadays be very large, the values in the space
variables are in kilobytes rather than in bytes. Thus, for example, to
check in an ACL that there is at least 50M free on the spool, you would
write:
condition = ${if > {$spool_space}{50000}{yes}{no}}
The values are recalculated whenever any of these variables is referenced.
If the relevant file system does not have the concept of inodes, the value
of those variables is -1. If the operating system does not have the ability
to find the amount of free space (only true for experimental systems), the
space value is -1.
11. It is now permitted to omit both strings after an "if" condition; if the
condition is true, the result is the string "true". As before, when the
second string is omitted, a false condition yields an empty string. This
makes it less cumbersome to write custom ACL and router conditions. For
example, instead of
condition = ${if eq {$acl_m4}{1}{yes}{no}}
or the shorter form
condition = ${if eq {$acl_m4}{1}{yes}}
(because the second string has always defaulted to ""), you can now write
condition = ${if eq {$acl_m4}{1}}
Previously this was a syntax error.
12. There is a new "record type" that can be specified in dnsdb lookups. It
is "zns" (for "zone NS"). It performs a lookup for NS records on the given
domain, but if none are found, it removes the first component of the domain
name, and tries again. This process continues until NS records are found
or there are no more components left (or there's a DNS error). In other
words, it may return the name servers for a top-level domain, but it never
returns the root name servers. If there are no NS records for the top-level
domain, the lookup fails.
For example, ${lookup dnsdb{zns=xxx.quercite.com}} returns the name
servers for quercite.com, whereas ${lookup dnsdb{zns=xxx.edu}} returns
the name servers for edu, assuming in each case that there are no NS
records for the full domain name.
You should be careful about how you use this lookup because, unless the
top-level domain does not exist, the lookup will always return some host
names. The sort of use to which this might be put is for seeing if the name
servers for a given domain are on a blacklist. You can probably assume that
the name servers for the high-level domains such as .com or .co.uk are not
going to be on such a list.
13. Another new "record type" is "mxh"; this looks up MX records just as "mx"
does, but it returns only the names of the hosts, omitting the priority
values.
14. It is now possible to specify a list of domains or IP addresses to be
looked up in a dnsdb lookup. The list is specified in the normal Exim way,
with colon as the default separator, but with the ability to change this.
For example:
${lookup dnsdb{one.domain.com:two.domain.com}}
${lookup dnsdb{a=one.host.com:two.host.com}}
${lookup dnsdb{ptr = <; 1.2.3.4 ; 4.5.6.8}}
In order to retain backwards compatibility, there is one special case: if
the lookup type is PTR and no change of separator is specified, Exim looks
to see if the rest of the string is precisely one IPv6 address. In this
case, it does not treat it as a list.
The data from each lookup is concatenated, with newline separators (by
default - see 14 below), in the same way that multiple DNS records for a
single item are handled.
The dnsdb lookup fails only if all the DNS lookups fail. If there is a
temporary DNS error for any of them, the behaviour is controlled by
an optional keyword followed by a comma that may appear before the record
type. The possible keywords are "defer_strict", "defer_never", and
"defer_lax". With "strict" behaviour, any temporary DNS error causes the
whole lookup to defer. With "never" behaviour, a temporary DNS error is
ignored, and the behaviour is as if the DNS lookup failed to find anything.
With "lax" behaviour, all the queries are attempted, but a temporary DNS
error causes the whole lookup to defer only if none of the other lookups
succeed. The default is "lax", so the following lookups are equivalent:
${lookup dnsdb{defer_lax,a=one.host.com:two.host.com}}
${lookup dnsdb{a=one.host.com:two.host.com}}
Thus, in the default case, as long as at least one of the DNS lookups
yields some data, the dnsdb lookup succeeds.
15. It is now possible to specify the character to be used as a separator when
a dnsdb lookup returns data from more than one DNS record. The default is a
newline. To specify a different character, put '>' followed by the new
character at the start of the query. For example:
${lookup dnsdb{>: a=h1.test.ex:h2.test.ex}}
${lookup dnsdb{>| mxh=<;m1.test.ex;m2.test.ex}}
It is permitted to specify a space as the separator character. Note that
more than one DNS record can be found for a single lookup item; this
feature is relevant even when you do not specify a list.
The same effect could be achieved by wrapping the lookup in ${tr...}; this
feature is just a syntactic simplification.
16. It is now possible to supply a list of domains and/or IP addresses to be
lookup up in a DNS blacklist. Previously, only a single domain name could
be given, for example:
dnslists = black.list.tld/$sender_host_name
What follows the slash can now be a list. As with all lists, the default
separator is a colon. However, because this is a sublist within the list of
DNS blacklist domains, it is necessary either to double the separators like
this:
dnslists = black.list.tld/name.1::name.2
or to change the separator character, like this:
dnslists = black.list.tld/<;name.1;name.2
If an item in the list is an IP address, it is inverted before the DNS
blacklist domain is appended. If it is not an IP address, no inversion
occurs. Consider this condition:
dnslists = black.list.tls/<;192.168.1.2;a.domain
The DNS lookups that occur are for
2.1.168.192.black.list.tld and a.domain.black.list.tld
Once a DNS record has been found (that matches a specific IP return
address, if specified), no further lookups are done. If there is a
temporary DNS error, the rest of the sublist of domains or IP addresses is
tried. The dnslists item itself defers only if none of the other DNS
lookups in this sublist succeeds. In other words, a successful lookup for
any of the items in the sublist overrides a defer for a previous item.
17. The log selector queue_time_overall causes Exim to output the time spent on
the queue as an addition to the "Completed" message. Like queue_time (which
puts the queue time on individual delivery lines), the time is tagged with
"QT=", and it is measured from the time that the message starts to be
received, so it includes the reception time.
18. It is now possible to use both -bF and -bf on the same command, in order to
test a system filter and a user filter in the same run. For example:
exim -bF /system/filter -bf /user/filter </test/message
This is helpful when the system filter adds header lines or sets filter
variables that are used by the user filter.
19. The Exiscan patch is now merged into the main source. See src/EDITME for
parameters for the build.
20. If the key for a dnsdb PTR lookup is not an IP address, it is used
verbatim, without component reversal and without the addition of
in-addr.arpa or ip6.arpa.
21. Two changes related to the smtp_active_hostname option:
(1) $smtp_active_hostname is now available as a variable. Its value
sticks with the message and is therefore available in routers and
transports at delivery time.
(2) The default for smtp_banner uses $smtp_active_hostname instead
of $primary_hostname.
22. The hosts_max_try_hardlimit option (default 50) is added to the smtp
transport. Exim will never try more than this number of IP addresses; if it
hits this limit and they are all timed out, the message is bounced, even
though not all IP addresses may have been tried. Compare hosts_max_try,
which is a "soft" limit, because Exim will exceed it when hosts time out.
The new limit is a protection against lunatic DNS configurations with
hundreds of IP addresses.
****
--
Marc Perkel - marc@???
Spam Filter: http://www.junkemailfilter.com
My Blog: http://marc.perkel.com
My Religion: http://www.churchofreality.org
~ "If it's real - we believe in it!" ~
