- Added expansion of av_scanner global variable
when it starts with a dollar sign. This is useful
for implementing multiple malware scanners.
- Added support for adding ACL headers at the beginning
and in the "middle" of the message header block.
(This is a preliminary solution, see comment in SPF
section of exiscan-acl-spec).
2) Allow the operator to override exim user and group with EXIM_USER and
EXIM_GROUP. This was made possible by the introduction of runtime
resolution of the exim_user UID and the exim_group GID, new in
exim-4.30.
Reported by: Phil Pennock <pdp@nl.demon.net>
Improved clamd support.
New FAQ/example documentation.
2) Enable wildlsearch lookups by default and add new
WITHOUT_WILDLSEARCH knob for disabling them.
3) Issue a fat warning if 127.0.0.1 is found in the relay_from_hosts
hostlist of an existing configure file on upgrade. This is important
for IPv6 users and doesn't hurt IPv4-only users.
4) Attempt local deliveries as the owner of the mailbox (still group
mail) and don't fail if the existing mailbox permissions are narrower
than those with which we would have created it. This works around
pw(8) creating mailboxes with 0600 permission (instead of 0660).
Don't advertise Exim's configuration syntax as simple any more. This
implies that you could leverage Exim's power with just a little reading,
which is not the case.
Bump PORTREVISION accordingly.
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com> (1)
PR: ports/52952 (2)
Submitted by: Tim Bishop <tim@bishnet.net> (2)
Reported by: Yann Golanski <yann@kierun.org> (3)
Reported by: "Simon L. Nielsen" <simon@nitro.dk> (4)
2) In the sample configuration file, allow relaying from the IPv6 and
IPv4 localhost addresses.
This fixes relaying problems for folks using things like IPv6-enabled
mailman.
Bump PORTREVISION accordingly.
Reported by: Alexander Sabourenkov <lxnt@caravan.ru> (1)
Mark Edwards <mark@antsclimbtree.com> (2)
For Exim, this includes an enormous number of fixes. Most of these are
for esoteric configurations, although if you're bitten by them, you're
bitten hard.
The fixes also include closing up a buffer overflow that is not believed
to be exploitable, and a format string vulnerability that was only
exploitable by an Exim admin user, but then provided root access.
For Eximon, this just rationalizes a patch we carried locally for ages.
quality.
Move exim to exim-old for folks who need exim-3.xx, because the
configuration file for exim-4.xx is not backward compatible. Move
exim-devel to exim, removing NO_LATEST_LINK:
repo-copy exim -> exim-old
copy over exim-devel -> exim
retire exim-devel
Slave ports are intended for use with the exim port, as before, so they
now build and install for exim-4.xx.
Use the newly added mailnull user, and the now well-established group
mail.
The use of compile-time defaults for these values is not required for
many sites, but are important for more exotic applications.
This ensures that the packages are useful to the widest audience
possible.
Bite the bullet _now_ and use MTA user exim instead. This means that
only early adopters of Exim-3.31 are affected, rather than lots more
folks further down the line.
I still think mailnull is better, but nobody in the Exim community
agrees with me. :-)
Bump PORTREVISION as appropriate.
Replace it with a patch against the distribution configure.default,
which changes as little as possible so that folks who are accustomed to
Exim on other platforms will not be astonished.
Install the file as configure.default instead of configure.sample, since
it's as close as damnit to the default Exim configuration file.
The only arguably unnecessary deviation from the default is:
* Accept SMTP relay from the loopback IP address. Too many applications
require this, and the window of abuse is arguably negligible.
