I-ProHoster > Блог > izindaba ze-inthanethi > Inguqulo entsha ye-Exim 4.93 mail server

Inguqulo entsha ye-Exim 4.93 mail server

Ngemuva kwezinyanga eziyisi-10 zokuthuthukiswa kwenzeka ukukhululwa kweseva yemeyili Ukukhipha 4.93, lapho kuye kwenziwa izilungiso eziqoqiwe futhi kwengezwe izici ezintsha. Ngokuhambisana noNovemba inhlolovo ezenzakalelayo cishe amaseva e-mail ayisigidi, isabelo sika-Exim singama-56.90% (onyakeni odlule 56.56%), i-Postfix isetshenziswa ku-34.98% (33.79%) wamaseva e-imeyili, i-Sendmail - 3.90% (5.59%), iMicrosoft Exchange - 0.51% ( 0.85%).

main shintsha:

  • Ukusekelwa kweziqinisekisi zangaphandle (RFC 4422). Isebenzisa umyalo othi “SASL EXTERNAL”, iklayenti lingazisa iseva ukuthi isebenzise izifakazelo ezidluliswe kumasevisi angaphandle afana ne-IP Security (RFC4301) kanye ne-TLS ukuze kuqinisekiswe;
  • Kwengezwe amandla okusebenzisa ifomethi ye-JSON ukuze kuhlolwe ukubheka. Kungezwe nezinketho zamamaski anemibandela okuthi “forall” kanye “noma iyiphi” kusetshenziswa i-JSON.
  • Kwengezwe okuhlukile okungu-$tls_in_cipher_std kanye no-$tls_out_cipher_std okuqukethe amagama amasudi e-cipher ahambisana negama elisuka ku-RFC.
  • Kungezwe amafulegi amasha ukuze kulawulwe ukuvezwa kwama-ID omyalezo kulogi (asethwe ngezilungiselelo isikhethi_se-log_selector): “msg_id” (inikwe amandla ngokuzenzakalelayo) ngesihlonzi somlayezo kanye ne-“msg_id_created” nesihlonzi esenzelwe umlayezo omusha.
  • Kwengezwe usekelo lwenketho ethi “case_insensitive” kumodi ethi “verify=not_blind” ukuze uzibe uhlobo lohlamvu phakathi nokuqinisekiswa.
  • Kungezwe inketho yokuhlola engu-EXPERIMENTAL_TLS_RESUME, enikeza amandla okuqalisa kabusha uxhumo lwe-TLS oluphazanyiswe ngaphambilini.
  • Kwengezwe inketho ye-exim_version ukuze kweqe okukhiphayo kweyunithi yezinhlamvu zenguqulo ye-Exim ezindaweni ezihlukahlukene futhi kudlule okuguquguqukayo kwe-$exim_version kanye ne-$version_number.
  • Kwengezwe izinketho zika-opharetha ezingu-${sha2_N:} ze-N=256, 384, 512.
  • Kusetshenziswe okuguquguqukayo kwe-"$r_...", okusethwe ezinkethweni zomzila futhi kuyatholakala ukuze kusetshenziswe lapho kwenziwa izinqumo mayelana nokukhetha umzila nokukhetha ezokuthutha.
  • Usekelo lwe-IPv6 lwengeziwe ezicelweni zokubheka i-SPF.
  • Uma wenza ukuhlola nge-DKIM, amandla okuhlunga ngezinhlobo zokhiye namahashi angeziwe.
  • Uma usebenzisa i-TLS 1.3, usekelo lwesandiso se-OCSP (Online Certificate Status Protocol) lunikezwa проверки isimo sokuhoxiswa kwesitifiketi.
  • Kwengezwe umcimbi we-"smtp:ehlo" ukuze kuqashwe uhlu lokusebenza olunikezwa iqembu elikude.
  • Kwengezwe inketho yomugqa womyalo ukuhambisa imilayezo isuka kulayini enegama iye komunye.
  • Kwengezwe okuhlukile ngezinguqulo ze-TLS zezicelo ezingenayo neziphumayo - $tls_in_ver kanye ne-$tls_out_ver.
  • Uma usebenzisa i-OpenSSL, umsebenzi wengeziwe ukuze ubhale amafayela ngokhiye ngefomethi ye-NSS ukuze kuqondwe amaphakethe enethiwekhi abanjwe. Igama lefayela lisethwa nge-SSLKEYLOGFILE eguquguqukayo yemvelo. Uma wakha nge-GnuTLS, ukusebenza okufanayo kunikezwa amathuluzi e-GnuTLS, kodwa kudinga ukusebenza njengempande.

Source: opennet.ru

Engeza amazwana