ProHoster > Блог > wararka internetka > Nooca cusub ee server-ka Exim mail 4.93

Nooca cusub ee server-ka Exim mail 4.93

Kadib 10 bilood oo horumar ah dhacay sii daynta serverka boostada Exim 4.93, kaas oo sixitaan urursan lagu sameeyay laguna soo kordhiyay waxyaabo cusub. Sida ku cad Noofembar sahamin toos ah Qiyaastii hal milyan oo adeegayaal boosto ah, saamiga Exim waa 56.90% (sanad ka hor 56.56%), Postfix waxaa loo isticmaalaa 34.98% (33.79%) ee server-yada boostada, Sendmail - 3.90% (5.59%), Microsoft Exchange - 0.51% 0.85%).

Main isbedel:

  • Taageerada xaqiijinta dibadda (RFC 4422). Isticmaalka amarka "SASL EXTERNAL", macmiilku wuxuu ku wargelin karaa server-ka inuu isticmaalo waraaqaha aqoonsiga ee loo maro adeegyada dibadda sida IP Security (RFC4301) iyo TLS si loo xaqiijiyo;
  • Lagu daray awoodda isticmaalka qaabka JSON ee hubinta. Waxa kale oo lagu daray doorashooyin waji-xidho shuruudaysan “forall” iyo “mid kasta” iyadoo la isticmaalayo JSON.
  • Lagu darey $tls_in_cipher_std iyo $tls_out_cipher_std doorsoomayaal ka kooban magacyada xarafyada u dhigma magaca RFC.
  • Calamo cusub ayaa lagu daray si loo xakameeyo muujinta aqoonsiga fariinta ee ku jirta log-ka (lagu dejiyay goobaha log_doorta): "msg_id" (oo si caadi ah loo furay) oo wata aqoonsiga fariinta iyo "msg_id_created" oo wata aqoonsiga loo soo saaray fariinta cusub.
  • Taageero lagu daray ikhtiyaarka "kiis_aan_ indho la'aan" qaabka "xaqiiji=ma_indho la'aan" in la iska indho tiro kiis xarfo inta lagu jiro xaqiijinta.
  • Doorashada tijaabada ah ee lagu daray EXPERIMENTAL_TLS_RESUME, kaas oo bixiya awooda dib loogu bilaabo xidhiidhkii TLS ee hore u go'ay.
  • Waxaa lagu daray ikhtiyaarka exim_version si loo baabi'iyo wax soo saarka xargaha lambarka nooca Exim meelo kala duwan oo loo maro $exim_version iyo $version_number doorsoomayaasha.
  • Lagu daray ${sha2_N:} ikhtiyaarada hawlwadeenka ee N=256, 384, 512.
  • Hirgaliyay doorsoomayaal "$r_...", laga soo dejiyay xulashooyinka dariiqa oo diyaar u ah isticmaalka marka la sameynayo go'aannada ku saabsan marin-u-socodka iyo xulashada gaadiidka.
  • Taageerada IPV6 ayaa lagu daray codsiyada raadinta SPF.
  • Markaad samaynayso jeegaga DKIM, awooda lagu kala shaandheeyo noocyada furayaasha iyo xashiishyada ayaa lagu daray.
  • Markaad isticmaalayso TLS 1.3, taageerada OCSP (Online Status Protocol) ee borotokoolka ayaa la bixiyaa jeegaga heerka ka noqoshada shahaadada.
  • Waxaa lagu daray "smtp:ehlo" dhacdo si loola socdo liiska shaqada ee uu bixiyo xisbiga fog.
  • Waxaa lagu daray ikhtiyaarka khadka taliska si looga raro farriimaha safka la magacaabay loona wareejiyo mid kale.
  • Doorsoomayaasha lagu daray noocyada TLS ee codsiyada soo galaya iyo kuwa baxaya - $tls_in_ver iyo $tls_out_ver.
  • Markaad isticmaalayso OpenSSL, shaqo ayaa lagu daray in lagu qoro faylal leh furayaal qaab NSS ah si loo dejiyo xidhmooyinka shabakadaha la xidho. Magaca faylka waxa lagu dejiyay bedqabka deegaanka SSLKEYLOGFILE. Markaad ku dhiseyso GnuTLS, shaqeynta la midka ah waxaa bixiya qalabka GnuTLS, laakiin waxay u baahan tahay xidid ahaan.

Source: opennet.ru

Add a comment