ProHoster > Blog > internet news > New version of Exim mail server 4.99

New version of Exim mail server 4.99

Exim 4.99, the latest version of the mail server, has been released. It incorporates accumulated fixes and adds new features. The project's code is written in C and is distributed under the GPLv2+ license. According to an automated survey of approximately 500 mail servers, Exim's share is 56% (59.06% a year ago), Postfix is ​​used on 37.45% (34.68%) of mail servers, Sendmail - 3.53% (3.42%), MailEnable - 1.84% (1.81%), MDaemon - 0.40% (0.37%), and Microsoft Exchange - 0.20% (0.17%).

Major changes:

  • Added support for the ESMTP command "ATRN" (Authenticated TURN), which allows switching between server and client roles during message delivery. This command can be used to organize email delivery to systems with dynamic IP addresses or intermittent internet access. Such a system can connect to the SMTP server as a client and then use the ATRN command to assume the server role to receive backlogged messages. This command can only be used after successful authentication and with a permitting ACL (acl_smtp_atrn).
  • Most Exim components can now be built as loadable modules. For example, JSON and LDAP lookup engines, filters, authentication and routing drivers, PAM, RADIUS, Perl, SPF, DKIM, DMARC, and ARC components, as well as all transport modes except SMTP, can be built as loadable modules.
  • The ability to disable support for Exim and Sieve filters at the build stage has been implemented.
  • Added support for DNS SRV (Service Location Record) records to determine TLS (Transport Layer Security) support by mail servers recipients.
  • Added experimental build option "EXPERIMENTAL_SPF_PERL", which enables an alternative implementation of the SPF (Sender Policy Framework) authentication mechanism, using the Perl module Perl Mail::SPF instead of the libspf2 library, which has maintenance issues.
  • Added experimental build option "EXPERIMENTAL_NMH" with implementation of lookup engine for testing IP addresses in the NMH (Net-Masked Hero) repository.
  • The "tls_early_banner_hosts" setting has been added to the configuration file to define the hosts to which the "TLS Early Data" (0-RTT) mechanism will be applied to send an SMTP banner before the TLS connection is negotiated.
  • Added the "sieve_inbox" option to specify the name of the mailbox file in which messages redirected to Sieve-language filters using the "redirect_router" setting will be saved.
  • Added a "connection_id" variable containing the ID of the accepted connection. This variable can be used when configuring the log output format.
  • The smtp:fail:protocol and smtp:fail:syntax events have been implemented to allow tracking errors related to the protocol and syntax of SMTP commands.
  • The "socks_proxy" transport can now accept an empty string value, which will be interpreted as no proxying.
  • Added $dmarc_alignment_spf and $dmarc_alignment_dkim variables to reflect the results of SPF and DKIM checks.
  • Added the ability to use IPv6 connections when accessing MySQL and PostgreSQL DBMS.
  • It is allowed to use the envelope-from address specified in the transport parameters for cutthrough deliveries and recipient existence checks.
  • Added the ability to use variables and expressions to dynamically generate "hosts_randomize" options in the "manualroute" router and "smtp" transport. Similarly, support for dynamically generating "fallback_hosts" options has been added to all routers and the "smtp" transport.
  • The "log_ports" option has been added to the configuration file to filter port numbers reported in logs. For example, specifying "log_ports = !25 : !587" will log outgoing_port and incoming_interface entries not associated with ports 25 and 587.
  • Added the ability to reflect in the delivery log information about commands and responses transmitted when establishing an SMTP connection, as well as information about the use of TLS during the connection (label "tls_on_connect").
  • Added the "no_wr" option, which disables writing the results of lookup operations to the cache.
  • Added command line option "-dS" to output debugging information before parsing the configuration file.
  • Added "H=" and "U=" tags to the authentication failure log messages to reflect the host and username.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster