New version of Exim mail server 4.94

After 6 months of development took place mail server release Exim 4.94, which includes the accumulated fixes and added new features. According to May automated survey about a million mail servers, Exim's share is 57.59% (53.03% a year ago), Postfix is ​​used on 34.70% (34.51%) of mail servers, Sendmail - 3.75% (4.05%), Microsoft Exchange - 0.42% (0.57%).

Changes in a new release may break backwards compatibility. In particular, some modes of transport stopped working with raw data (tainted, values ​​based on data received from the sender) when determining the location of the delivery. For example, problems may arise when using the $local_part variable in the "check_local_user" setting when routing a message. Instead of $local_part, the new cleared variable "$local_part_data" should be used. In addition, the operands of the headers_remove option now allow the use of masks defined using the "*" character, which can lead to configuration failures in which headers ending with an asterisk were removed (removal by mask will be performed instead of removing specific headers).

All changes:

  • Added experimental built-in support for the SRS (Sender Rewriting Scheme) mechanism, which allows you to rewrite the sender address when forwarding without violating SPF checks (Sender Policy Framework) and ensuring that the sender data is saved so that the server can forward messages in the event of a delivery error. The essence of the method is that when establishing a connection, information about the identity with the original sender is transmitted, for example, when rewriting alice@example.org to alice@example.com, it will indicate "SRS0=HHH=TT=example.org=alice@example.com". SRS is relevant, for example, when organizing the work of mailing lists, in which the original message is redirected to other recipients.
  • When using OpenSSL, support for pinning a channel has been added for authenticators (previously only supported for GnuTLS).
  • Added "msg:defer" event.
  • Implemented support for the gsasl authenticator on the client side, which has only been tested with the cleartext password handler (plaintext). The operation of the SCRAM-SHA-256 and SCRAM-SHA-256-PLUS methods is possible only through the gsasl.
  • Support for the gsasl authenticator on the server side for encrypted passwords has been implemented, acting as an alternative to the previously available plaintext mode.
  • Named list definitions can now be prefixed with "hide" to suppress output of content when executing the "-bP" command.
  • Experimental support for Internet sockets has been added to the Dovecot IMAP server authentication driver (previously only unix-domain sockets were supported).
  • The "queue_only" ACL expression can now be specified as "queue" and supports the "first_pass_route" option, similar to the "-odqs" command line option.
  • Added new variables $queue_size and $local_part_{pre,suf}fix_v.
  • Added "sqlite_dbfile" option to the main configuration block to use when defining the search string prefix. The change breaks backwards compatibility - the old method of setting the prefix stopped working when specifying uncleaned (tainted) variables in lookup requests. A new method ("sqlite_dbfile") allows you to keep the filename separate.
  • Added options to dsearch lookup blocks to return the full path and filter file types when matching.
  • Options have been added to the pgsql and mysql lookup blocks to specify the server name separately from the search string.
  • For lookup blocks that sample by a single key, an option has been added to return a de-tainted version of the key if there are matches, instead of the searched data.
  • For all successful list-match selections, the $domain_data and $localpart_data variables are set (previously, list items involved in the selection were inserted). In addition, the elements of the list used in the match are now assigned to the variables $0, $1, and so on.
  • Added expansion operator "${listquote { } { }}".
  • Added an option to the ${readsocket {}{}{}} expansion operator to ensure results are cached.
  • Added setting dkim_verify_min_keysizes to list the minimum allowed public key sizes.
  • Ensured that the "bounce_message_file" and "warn_message_file" parameters are expanded prior to their first use.
  • Added "spf_smtp_comment_template" option to set the value of "$spf_smtp_comment" variable.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers πŸ”₯ Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster