New Features in Exim
--------------------

This file contains descriptions of new features that have been added to Exim,
but have not yet made it into the main manual (which is most conveniently
updated when there is a relatively large batch of changes). The doc/ChangeLog
file contains a listing of all changes, including bug fixes.


Version 4.34
------------

 1. There are two new variables called $recipient_data and $sender_data. These
    are set from a lookup success in an ACL "recipients" or "senders"
    condition, or in a router "senders" option, similar to $domain_data and
    $local_part_data. They remain set until the next senders or recipients
    test. Thus, you can do things like this:

      require recipients      = cdb*@;/some/file
      deny    some further test involving $recipient_data


Version 4.33
------------

 1. The special domain-matching patterns @mx_any, @mx_primary, and
    @mx_secondary can now be followed by "/ignore=<ip list>", where <ip list>
    is a list of IP addresses. Such addresses are ignored when processing the
    pattern (compare ignore_target_hosts on a router). For example:

      domains = @mx_any/ignore=127.0.0.1

    This example matches any domain that has an MX record pointing to one of
    the local host's IP addresses other than 127.0.0.1.

    Because the list is a sublist within the "domains" list, you have to be
    careful about delimiters if there is more than one address. Like any other
    list, the default delimiter can be changed. Thus, you might have

      domains = @mx_any/ignore=<;127.0.0.1;0.0.0.0 : an.other.domain : ...

    so that the sublist uses semicolons for delimiters. When IPv6 addresses are
    involved, it is easiest to change the delimiter for the main list as well:

      domains = <+ @mx_any/ignore=<;127.0.0.1;::1 + an.other.domain + ...

 2. There are three new expansion conditions: match_domain, match_address, and
    match_local_part. They make it possible to use domain, address, and local
    part lists within expansions. Each requires two arguments: an item and a
    list to match. A trivial example is:

      ${if match_domain{a.b.c}{x.y.z:a.b.c:p.q.r}{yes}{no}}

    However, the second argument can contain any of the allowable items for a
    list of the appropriate type.

    Because the second argument (after expansion) is a list, it is possible to
    use a named list. Thus, you can have things like this:

      ${if match_domain{$domain}{+local_domains}{...

    For address lists, the matching starts off caselessly, but the +caseful
    item can be used, as in all address lists, to cause subsequent items to
    have their local parts matched casefully. Domains are always matched
    caselessly.

    Note that hosts lists are *not* supported in this way. This is because
    hosts have two identities: a name and an IP address, and it is not clear
    how to specify how such a test would work cleanly. At least, I haven't come
    up with anything yet.

 3. To assist configurations for multi-homed hosts that want to pretend that
    they are several different hosts, there is a new option called
    smtp_active_hostname. At the start of an SMTP connection, its value is
    expanded and used instead of the value of primary_hostname in SMTP
    responses. For example, it is used as domain name in the response to an
    incoming HELO or EHLO command. If this option is unset, or if its expansion
    is forced to fail, or if the expansion results in an empty string, the
    value of primary_hostname is used. Other expansion failures cause a message
    to be written to the main and panic logs, and the SMTP command receives a
    temporary error. Typically, the value of smtp_active_hostname will depend
    on the incoming interface address. For example:

      smtp_active_hostname = ${if eq{$interface_address}{10.0.0.1}\
        {cox.mydomain}{box.mydomain}}

 4. There is a new lookup type called "iplsearch". It is another linear search
    lookup. The keys in the file must be IP addresses, or IP addresses with
    CIDR masks. Keys that involve IPv6 addresses must be enclosed in quotes to
    prevent the first internal colon being interpreted as a key terminator. An
    asterisk key is also permitted for use with iplsearch*. For example:

      *:                 data for *
      1.2.3.4:           data for 1.2.3.4
      192.168.0.0/16     data for 192.168.0.0/16
      "abcd::cdab":      data for abcd::cdab
      "abcd:abcd::/32"   data for abcd:abcd::/32

    The key for an iplsearch lookup must be an IP address. The file is searched
    linearly, until a matching key is found. The first key that matches is
    used; there is no attempt to find a "best" match.

 5. There's a new log selector called ident_timeout, which does what its name
    suggests - it writes a log line when an attempt to connect to a client's
    ident port times out.

 6. There's a new log selector called tls_certificate_verified which adds an
    extra item to <= and => log lines when TLS is in use. The item is "CV=yes"
    if the peer's certificate was verified, and "CV=no" if not.

 7. There is a new global option called tls_require_ciphers, which controls
    which ciphers can be used for incoming connections, in a similar way to the
    option of the same name in the smtp transport. The option is expanded for
    each connection, so can be varied for different clients if required.

 8. The way tls_require_ciphers works for GNUtls in the client has been
    changed, and this is now how it works for the server also. The only way I
    could figure out before was to check for a disallowed cipher after the TLS
    session had been set up, and then abort the session. This was not very
    useful. Now it works more like the way it works in OpenSSL. Below are the
    details for both libraries. Note that OpenSSL uses hyphens to separate the
    components of cipher suite names, whereas GNUtls uses underscores. Exim
    recognizes either in both cases, and translates as appropriate.

    OpenSSL
    -------

    There is a function in the OpenSSL library that can be passed a list of
    cipher suites before the cipher negotiation takes place. This specifies
    which ciphers are acceptable. The list is colon separated and may contain
    names like DES-CBC3-SHA. Exim passes the expanded value of tls_require_
    ciphers directly to this function call. The following paragraphs, which are
    quoted from the OpenSSL documentation, specify what forms of item are
    allowed in the list:

      The actual cipher string can take several different forms.

      It can consist of a single cipher suite such as RC4-SHA.

      It can represent a list of cipher suites containing a certain algorithm,
      or cipher suites of a certain type. For example SHA1 represents all
      ciphers suites using the digest algorithm SHA1 and SSLv3 represents all
      SSL v3 algorithms.

      Lists of cipher suites can be combined in a single cipher string using
      the + character. This is used as a logical and operation. For example
      SHA1+DES represents all cipher suites containing the SHA1 and the DES
      algorithms.

      Each cipher string can be optionally preceded by the characters !, - or
      +.

      If ! is used then the ciphers are permanently deleted from the list. The
      ciphers deleted can never reappear in the list even if they are
      explicitly stated.

      If - is used then the ciphers are deleted from the list, but some or all
      of the ciphers can be added again by later options.

      If + is used then the ciphers are moved to the end of the list. This
      option doesn't add any new ciphers it just moves matching existing ones.

      If none of these characters is present then the string is just
      interpreted as a list of ciphers to be appended to the current preference
      list. If the list includes any ciphers already present they will be
      ignored: that is they will not moved to the end of the list.

    GNUtls
    ------

    The GNUtls library does not have a combined function like OpenSSL. Instead,
    it allows the caller to specify separate lists of key-exchange methods,
    main cipher algorithms, and MAC algorithms. Unfortunately, these lists are
    numerical, and the library does not have a function for turning names into
    numbers. Consequently, the list of recognized names has to be built into
    the application.

    At present, Exim permits only the list of main cipher algorithms to be
    changed. The tls_require_ciphers option is in the same format as for
    OpenSSL. Exim searches each item for the name of available algorithm. For
    example, if the list contains RSA_ARCFOUR_SHA then ARCFOUR is recognized.

    The cipher algorithms list starts out with a default set of algorithms. If
    the first item in tls_require_ciphers does NOT start with an exclamation
    mark, all the default items are deleted. Thus, only those specified can be
    used. If the first item in tls_require_ciphers DOES start with an
    exclamation mark, the defaults are left on the list.

    Then, any item that starts with an exclamation mark causes the relevent
    algorithms to be removed from the list, and any item that does not start
    with an exclamation mark causes the relevant algorithms to be added to the
    list. Thus,

      tls_require_ciphers = !RSA_ARCFOUR_SHA

    allows all the defaults except those that use ARCFOUR, whereas

      tls_require_ciphers = AES : 3DES

    allows only cipher suites that use AES and 3DES. The currently recognized
    algorithms are: ARCFOUR_128, ARCFOUR_40, ARCFOUR (both of the preceding),
    AES_256, AES_128, AES (both of the preceding), and 3DES.

    Unrecognized algorithms are ignored. In a client, the order of the list
    specifies a preference order for the algorithms.


Version 4.32
------------

 1. The exinext utility calls Exim to find out information such as the location
    of the spool directory. This utility now has -C and -D options, which
    are passed on to the exim commands. The first specifies an alternate Exim
    configuration file, and the second sets macros for use within the
    configuration file. These features are mainly to help in testing, but might
    also be useful in environment where more than one configuration file is in
    use.

 2. Exim caches the result of checking a named list if it is sure that the
    list is the same each time. In practice, this means that the cache
    operates only if the list contains no $ characters, which guarantees that
    it will not change when it is expanded. Sometimes, however, you may have an
    expanded list that you know will be the same each time within a given
    message. For example:

      domainlist special_domains = ${lookup{$sender_host_address}cdb{/some/file}}

    This provides a list of domains that depends only on the sending host's IP
    address. If this domain list is referenced a number of times (for example,
    in several ACL lines, or in several routers) the result of the check is not
    cached by default, because Exim does not know that it is going to be the
    same list each time.

    By appending "_cache" to "domainlist" you can now tell Exim to go ahead and
    cache the result anyway. For example:

      domainlist_cache special_domains = ${lookup{....

    If you do this, you should be absolutely sure that caching is going to do
    the right thing in all cases. When in doubt, leave it out.

 3. For compatibility with Sendmail, the command line option

      -prval:sval

    is equivalent to

      -oMr rval -oMs sval

    and sets the incoming protocol and host name (for trusted callers). The
    host name and its colon can be omitted when only the protocol is to be set.
    Note the Exim already has two private options, -pd and -ps, that refer to
    embedded Perl. It is therefore impossible to set a protocol value of "p" or
    "s", but I don't think that's a major issue.

 4. There is a new expansion operator:

      ${time_interval:xxxxx}

    The argument (after sub-expansion) must be a sequence of digits that
    represents an interval of time as a number of seconds. It is converted into
    a number of larger units and output in Exim's normal time format, for
    example, "1w3d4h2m6s".

 5. There are two new log selectors that cause additional items to be added
    to each successful delivery log line:

      "queue_time" records the amount of time the message has been in the queue
      on the local host. It is logged as QT=<time>, for example, QT=3m45s. The
      clock starts when Exim starts to receive the message, so it includes
      reception time as well as the delivery time of the current address.

      "deliver_time" records the amount of time it has taken to perform the
      actual delivery for the current address. It is logged as DT=<time>,
      for example, DT=1s.

 6. There is a new callout option for use when verifying recipients. It causes
    the actual sender address to be used in the MAIL command when performing
    the callout, instead of <>. (Exim 4.31 did this by default, but it proved
    contentious.) The new option is called "use_sender" and is used like this:

      require  verify = recipient/callout=use_sender


Version 4.31
------------

 1. The support for maildirsize files has been completely re-written, in the
    light of a number of problems with the previous contributed implementation.
    In particular:

    . If the quota is zero, the maildirsize file is maintained, but no quota is
      imposed.

    . If the maildir directory does not exist, it is created before any attempt
      to write a maildirsize file.

    . The quota value in the file is just a cache; if the quota is changed in
      the transport, the new value overrides.

    . A regular expression is available for excluding directories from the
      count. This is set by the maildir_quota_directory_regex option, whose
      default value is

        maildir_quota_directory_regex = ^(?:cur|new|\..*)$

      which includes the cur and new directories, and any maildir++ folders,
      which are directories whose names begin with a dot. If you want to
      exclude the Trash folder from the count (as some sites do), you need to
      change this setting to

        maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash).*)$

      which uses a negative lookahead in the regex to exclude the directory
      whose name is .Trash. This option (maildir_quota_directory_regex) is used
      only when maildir_use_size_file is set.

 2. John Jetmore's "exipick" utility has been added to the distribution. It
    lists messages from the queue according to a variety of criteria. For
    details, run "exipick --help".

 3. If GnuTLS is used, version 1.0.0. or greater is required. The format for
    the display of Distinguished Names now uses commas instead of slashes for
    separators, in accordance with RFC 2253.

 4. The TLS code now supports CRLs. There is a global option tls_crl and an
    identically named option for the smtp transport. In each case, the value is
    expanded and must point to a file that contains a CRL in PEM format.

 5. The dnslookup router now supports the use of SRV records (see RFC 2782) in
    addition to MX and address records. The support is disabled by default. To
    enable SRV support, you need to set the check_srv option to the name of
    the service required. For example,

      check_srv = smtp

    looks for SRV records that refer to the normal smtp service. The option is
    expanded, so the service name can vary from message to message or address
    to address. This might be helpful if SRV records are being used for a
    submission service. If the expansion is forced to fail, the check_srv
    option is ignored, and the router proceeds to look for MX records in the
    normal way.

    When the expansion succeeds, the router searches first for SRV records for
    the given service (it assumes TCP protocol). A single SRV record with the
    host name "." indicates "no such service for this domain"; if this is
    encountered, the router declines. If other kinds of SRV record are found,
    they are used to construct a host list for delivery according to the rules
    of RFC 2782. MX records are not sought in this case.

    However, when no SRV records are found, MX records (and address records)
    are sought in the traditional way. In other words, SRV records take
    precedence over MX records, just as MX records take precedence over address
    records. Note that this behaviour is not sanctioned by RFC 2782, though a
    previous draft RFC defined it. It is apparently believed that MX records
    are sufficient for email and that SRV records should not be used for this
    purpose. However, SRV records to have an additional "weight" feature which
    some people might find useful when trying to split an SMTP load between
    hosts of different power.

    The mx_domains option, which used to mean "these domains must have MX
    records" is extended to mean "these domains must have either MX or SRV
    records". Perhaps at some future time I will rename it.

 6. There is a new logging option called "outgoing_port". It causes the port
    number to be added to delivery log lines (those containing => tags)
    following the IP address. This option is not included in the default
    setting, because for most "ordinary" configurations, the port number is
    always 25 (the SMTP port).

 7. There's a new expansion operator, ${eval10. It works like ${eval, except
    that it assumes all numbers are decimal, even if they start with a leading
    zero. This can be useful when processing numbers extracted from dates or
    times, which often do have leading zeros.

 8. The redirect router has a new option called qualify_domain. If this is set
    and an unqualified address (one without a domain) is generated, it is
    qualified with the domain specified by expanding this string, instead of
    the global setting in qualify_recipient. If the expansion fails, the router
    declines. If you want to revert to the default, you can have the expansion
    generate $qualify_recipient.

 9. exigrep's output now also includes lines that are not related to any
    particular message, but which do match the pattern.

10. There is a new global option called write_rejectlog, which defaults true.
    If it is set false, Exim no longer writes anything to the reject log.

11. There is a new log selector called return_path_on_delivery, which causes
    the return path to be included in delivery and bounce lines, using the tag
    "P=". Compare sender_on_delivery, which adds the original envelope sender
    address tagged with "F=".



Version 4.30
------------

The documentation is up-to-date for the 4.30 release. What follows here is a
brief list of the new features that have been added since 4.20.

 1. New expansion operator: ${quote_local_part. The ${quote operator now quotes
    empty strings. New expansion conditions: eqi, isip, isip4, isip6.

 2. New option -t<n> for exigrep.

 3. New configuration options/features: .include_if_exists, host_lookup_order,
    transport_filter_timeout, smtp_max_synprot_errors, tcp_nodelay,
    bounce_return_body, tls_remember_esmtp, hosts_avoid_esmtp,
    rcpt_include_affixes, queue_only_override, syslog_duplication,
    acl_smtp_mailauth, process_log_path, extra_local_interfaces. If
    received_header_text expands to an empty string, no Received: header line
    is added to the message.

 4. New variables: $received_count, $local_user_uid, $local_user_gid,
    $mailstore_basename. The $sender_host_variable now automatically does a
    lookup when referenced. The $acl_xxx variables are now saved with
    messages so are available at delivery time.

 5. Exim maildir support now includes support for maildirsize files.

 6. Some new error conditions are now recognizable in retry rules:

      timeout_A           any timeout for a host not obtained from an MX record
      timeout_connect_A   ditto, for connection timeouts only
      timeout_MX          any timeout for a host obtained from an MX record
      timeout_connect_MX  ditto, for connection timeouts only

 7. The "port" option of the smtp transport is now expanded.

 8. New ACL features: "logwrite" modifier; log_message modifier is used when
    "discard" triggers. The feature for contraining the result of dnslists
    lookup is considerably extended.

 9. Custom header lines can now be added to messages sent by "mail" or
    "vacation" in filter files, by means of the "extra_headers" argument.

10. If the definition of the Exim user in Local/Makefile is given in the form

      EXIM_USER=ref:exim

    the name is bound into the binary, instead of being looked up at build
    time.

11. New build-time options FIXED_NEVER_USERS, ALT_CONFIG_PREFIX,
    ALT_CONFIG_ROOT_ONLY, DISABLE_D_OPTION.

12. An LDAP query can now be preceded by "dereference=" to set the dereferenc-
    ing parameter for alias values.

13. The functions Exim::debug_write() and Exim::log_write() are now available
    for use in embedded Perl.

14. Support for lookups in Interbase databases has been added, courtesy of
    Ard Biesheuvel.

15. The new lookup type nwildlsearch is like wildlsearch, except that the key
    strings in the file are not string-expanded.

16. New log selector: smtp_incomplete_transaction.

17. When an ACL is read dynamically from a file (or anywhere else), the lines
    are now processed in the same way as lines in the Exim configuration file.

18. Command line options: -ti is equivalent to -t -i; -Ooption=value is
    ignored; -bhc is like -bh but does callouts.

19. When execve() failed while trying to run a command in a pipe transport,
    Exim was returning EX_UNAVAILBLE (69) from the subprocess. However, this
    could be confused with a return value of 69 from the command itself. This
    has been changed to 127, the value the shell returns if it is asked to run
    a non-existent command.

20. New eximstats option: -nt.

21. The way that the $h_ (and $header_) expansions work has been changed by the
    addition of RFC 2047 decoding.

22. There is now support for Sieve filters (RFC 3028).

23. The smtp_printf() function is now available for (careful) use in
    local_scan() functions.

24. Following a discussion on the list, the rules by which Exim recognises line
    endings on incoming messages have been changed. The -dropcr and drop_cr
    options are now no-ops, retained only for backwards compatibility. The
    following line terminators are recognized: LF CRLF CR.

25. An item in a manualroute/queryprogram list of hosts can be followed by /MX
    to mean "those hosts to which this MX resolves".

26. Exim now has support for Cyrus saslauthd authentication. This works in a
    similar way to Cyrus pwcheck authentication (which is now deprecated).

27. The way daemon_smtp_port, local_interfaces, and -oX interact has been
    extended, compatibily I hope. A new option called extra_local_interfaces
    has been added.

****
