X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=doc%2Fdoc-txt%2FNewStuff;h=b7980210308acb2844b981b53a3c57f16589079a;hb=173de73b7a0d9e715178397bd2753c0d5928f141;hp=aa05e67d59931269d41e7f6a87f79b55a8c5b7be;hpb=5b2fd993eadb7b476e5ef14028c7db09fda6c3ae;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index aa05e67d5..b79802103 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,6 +6,63 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the Git before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.94 +------------ + + 1. EXPERIMENTAL_SRS_NATIVE optional build feature. See the experimental.spec + file. + + 2. Channel-binding for authenticators is now supported under OpenSSL. + Previously it was GnuTLS-only. + + 3. A msg:defer event. + + 4. Client-side support in the gsasl authenticator. Tested against the + plaintext driver for PLAIN; only against itself for SCRAM-SHA-1 and + SCRAM-SHA-1-PLUS methods. + + 5. Server-side support in the gsasl authenticator for encrypted passwords, as + an alternate for the existing plaintext. + + 6. Variable $local_part_verified, set by the router check_local_part condition + with untainted data. + + 7. Named-list definitions can now be prefixed "hide" so that "-bP" commands do + not output the content. Previously this could only be done on options. + + 8. As an exerimental feature, the dovecot authenticatino driver supports inet + sockets. Previously it was unix-domain sockets only. + + 9. The ACL control "queue_only" can also be spelled "queue", and now takes an + option "first_pass_route" to do the same as a "-odqs" on the command line. + +10. Items specified for the router and transport headers_remove option can use + a trailing asterisk to specify globbing. + +11. New $queue_size variable. + +12. New variables $local_part_{pre,suf}fix_v. + +13. New main option "sqlite_dbfile", for use in preference to prefixing the + lookup string. The older method fails when tainted variables are used + in the lookup, as the filename becomes tainted. The new method keeps the + filename separate. + +14. Options on the dsearch lookup, to return the full path and to filter + filetypes for matching. + +15. Options on pgsql and mysql lookups, to specify server separate from the + lookup string. + +16. Expansion item ${listquote {}}. + +17. An option for the ${readsocket {}{}{}} expansion to make the result data + cacheable. + +18. dkim_verify_min_keysizes, a list of minimum acceptable public-key sizes. + + + Version 4.93 ------------ @@ -35,10 +92,23 @@ Version 4.93 11. Main options for DKIM verify to filter hash and key types. -12. Under GnuTLS, with TLS1.3, support for full-chain OCSP stapling. +12. With TLS1.3, support for full-chain OCSP stapling. 13. Dual-certificate stacks on servers now support OCSP stapling, under OpenSSL. +14: An smtp:ehlo transport event, for observability of the remote offered features. + +15: Support under OpenSSL for writing NSS-style key files for packet-capture + decode. The environment variable SSLKEYLOGFILE is used; if an absolute path + it must indicate a file under the spool directory; if relative the the spool + directory is prepended. Works on the server side only. Support under + GnuTLS was already there, being done purely by the library (server side + only, and exim must be run as root). + +16: Command-line option to move messages from one named queue to another. + +17. Variables $tls_in_ver, $tls_out_ver. + Version 4.92 -------------- @@ -323,7 +393,6 @@ Version 4.86 14. Main option "dns_trust_aa" for trusting your local nameserver at the same level as DNSSEC. - Version 4.85 ------------