./mail/exim, The Exim mail transfer agent, a replacement for sendmail

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.91, Package name: exim-4.91, Maintainer: abs

Exim is a mail transport agent (MTA) developed at the University of Cambridge
for use on Unix systems connected to the Internet. It is freely available
under the terms of the GNU General Public Licence. In style it is similar to
Smail 3, but its facilities are more extensive, and in particular it has
options for verifying incoming sender and recipient addresses, for refusing
mail from specified hosts, networks, or senders, and for controlling mail
relaying.

This build of exim has the following non-default features enabled:

TRANSPORT_LMTP SUPPORT_MAILDIR SUPPORT_MAILSTORE
SUPPORT_MBX AUTH_CRAM_MD5 AUTH_PLAINTEXT
AUTH_SPA SUPPORT_TLS USE_TCP_WRAPPERS

The following default feature is disabled by default, but may be enabled by
setting the 'exim-build-eximon' option:

EXIM_MONITOR


Required to run:
[lang/perl5] [devel/pcre]

Required to build:
[pkgtools/cwrappers]

Package options: exim-appendfile-maildir, exim-appendfile-mailstore, exim-appendfile-mbx, exim-content-scan, exim-lookup-dsearch, exim-old-demime, exim-tcp-wrappers, exim-tls, inet6

Master sites:

SHA1: 142f510b24f7ff5516a1a0adb5f4afded29f88c6
RMD160: a11c0a3db5197e4064c8898b4bd32b218661a635
Filesize: 1703.77 KB

Version history: (Expand)


CVS history: (Expand)


   2018-04-23 09:28:19 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
exim: updated to 4.91

Version 4.91

 1. Dual-certificate stacks on servers now support OCSP stapling, under GnuTLS
    version 3.5.6 or later.

 2. DANE is now supported under GnuTLS version 3.0.0 or later.  Both GnuTLS and
    OpenSSL versions are moved to mainline support from Experimental.
    New SMTP transport option "dane_require_tls_ciphers".

 3. Feature macros for the compiled-in set of malware scanner interfaces.

 4. SPF support is promoted from Experimental to mainline status.  The template
    src/EDITME makefile does not enable its inclusion.

 5. Logging control for DKIM verification.  The existing DKIM log line is
    controlled by a "dkim_verbose" selector which is _not_ enabled by \ 
default.
    A new tag "DKIM=<domain>" is added to <= lines by \ 
default, controlled by
    a "dkim" log_selector.

 6. Receive duration on <= lines, under a new log_selector \ 
"receive_time".

 7. Options "ipv4_only" and "ipv4_prefer" on the dnslookup \ 
router and on
    routing rules in the manualroute router.

 8. Expansion item ${sha3:<string>} / ${sha3_<N>:<string>} now \ 
also supported
    under OpenSSL version 1.1.1 or later.

 9. DKIM operations can now use the Ed25519 algorithm in addition to RSA, under
    GnuTLS 3.6.0 or OpenSSL 1.1.1 or later.

10. Builtin feature-macros _CRYPTO_HASH_SHA3 and _CRYPTO_SIGN_ED25519, library
    version dependent.

11. "exim -bP macro <name>" returns caller-usable status.

12. Expansion item ${authresults {<machine>}} for creating an
    Authentication-Results: header.

13. EXPERIMENTAL_ARC.  See the experimental.spec file.
    See also new util/renew-opendmarc-tlds.sh script for use with DMARC/ARC.

14: A dane:fail event, intended to facilitate reporting.

15. "Lightweight" support for Redis Cluster. Requires redis_servers list to
    contain all the servers in the cluster, all of which must be reachable from
    the running exim instance. If the cluster has master/slave replication, the
    list must contain all the master and slave servers.

16. Add an option to the Avast scanner interface: "pass_unscanned". This
    allows to treat unscanned files as clean. Files may be unscanned for
    several reasons: decompression bombs, broken archives.
   2018-04-14 09:34:46 by Adam Ciarcinski | Files touched by this commit (681) | Package updated
Log message:
revbump after icu update
   2018-03-07 09:24:47 by Adam Ciarcinski | Files touched by this commit (7) | Package updated
Log message:
exim: updated to 4.90.1

Exim version 4.90.1

JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
      Previously only the last row was returned.

JH/04 Bug 2217: Tighten up the parsing of DKIM signature headers. Previously
      we assumed that tags in the header were well-formed, and parsed the
      element content after inspecting only the first char of the tag.
      Assumptions at that stage could crash the receive process on malformed
      input.

JH/05 Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
      While running the DKIM ACL we operate on the Permanent memory pool so that
      variables created with "set" persist to the DATA ACL.  Also (at \ 
any time)
      DNS lookups that fail create cache records using the Permanent pool.  But
      expansions release any allocations made on the current pool - so a dnsdb
      lookup expansion done in the DKIM ACL releases the memory used for the
      DNS negative-cache, and bad things result.  Solution is to switch to the
      Main pool for expansions.
      While we're in that code, add checks on the DNS cache during store_reset,
      active in the testsuite.
      Problem spotted, and debugging aided, by Wolfgang Breyha.

JH/06 Fix issue with continued-connections when the DNS shifts unreliably.
      When none of the hosts presented to a transport match an already-open
      connection, close it and proceed with the list.  Previously we would
      queue the message.  Spotted by Lena with Yahoo, probably involving
      round-robin DNS.

JH/07 Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
      Previously a spurious "250 OK id=" response was appended to the \ 
proper
      failure response.

JH/10 Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
      rows affected is given instead).

JH/12 Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
      SMTP connection.  Previously, when one had more receipients than the
      first, an abortive onward connection was made.  Move to full support for
      multiple onward connections in sequence, handling cutthrough connection
      for all multi-message initiating connections.

JH/13 Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
      routers.  Previously, a multi-recipient message would fail to match the
      onward-connection opened for the first recipient, and cause its closure.

JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
      a timeout on read on a GnuTLS initiating connection, resulting in the
      initiating connection being dropped.  This mattered most when the callout
      was marked defer_ok.  Fix to keep the two timeout-detection methods
      separate.

HS/01 Fix Buffer overflow in base64d() (CVE-2018-6789)

JH/16 Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
      metadata, resulting in a crash in free().

PP/01 Fix broken Heimdal GSSAPI authenticator integration.
      Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
      Broken also in d185889f4, with init system revamp.
   2018-01-28 21:11:10 by Thomas Klausner | Files touched by this commit (462) | Package updated
Log message:
Bump PKGREVISION for gdbm shlib major bump
   2017-11-30 17:45:43 by Adam Ciarcinski | Files touched by this commit (654) | Package updated
Log message:
Revbump after textproc/icu update
   2017-09-18 11:53:40 by Maya Rashish | Files touched by this commit (676)
Log message:
revbump for requiring ICU 59.x
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-03-18 08:08:23 by Adam Ciarcinski | Files touched by this commit (11)
Log message:
Version 4.89
------------

 1. Allow relative config file names for ".include"

 2. A main-section config option "debug_store" to control the checks on
    variable locations during store-reset.  Normally false but can be enabled
    when a memory corrution issue is suspected on a production system.