SE-README.md

SpamExperts Exim Fork

This is a fork of the Exim repository, used by N-able for SpamExperts and Mail Assure products. We have a few patches (almost always with corresponding pull requests upstream) to fix issues or add functionality that we need.

Maintainers

• Dreas van Donselaar
• Mikhael Anisimov
• Alexandru Chirila

This documents the patches applied on the upstream exim-4_89 branch:

1. XCLIENT support

• Applied here
• Based on this patch
• Add support for XCLIENT
• Adds a new main option xclient_allow_hosts, only exposing the XCLIENT ESTMP extension to the specified hosts in the list.
• Internal ticket #19841

2. Extend auth ACLs

• Applied here
• Run ACL acl_smtp_auth AFTER the AUTH is completed instead of before
• Add new ACL acl_smtp_auth_accept runs on AUTH success
• Add new ACL acl_smtp_auth_fail runs on AUTH failure
• Copy the set_id in $smtp_command_argument and make that information available in the auth ACLs. This contains the user information.
• Internal ticket #16054

3. Add events for temporary failures

• Applied here
• Add new event msg:defer:delivery for temporary delivery error
• Add new event msg:defer:delivery:frozen for temporary delivery error, resulting in the message being frozen
• Add new event msg:fail:delivery:expired for permanent delivery error, resulting in the message being removed from the queue.
• Add new event msg:fail:delivery:bounced for permanent delivery error, resulting in the message being removed from the queue and bounced.
• Internal ticket #21627

4. Destination response in callout checks

• Applied here
• Exposes the destination response for callout checks.
• Adds a new variable $recipient_verify_message, containing the upstream response for SMTP callout verifications on the recipient.
• Adds a new variable $recipient_verify_cache, set to True if the callout check was based on on the cache, False otherwise.
• Adds a new variable $sender_verify_message, containing the upstream response for SMTP callout verifications on the sender.
• Adds a new variable $sender_verify_cache, set to True if the callout check was based on on the cache, False otherwise.
• Internal ticket #11866, #16480

5. Synthesized SPF in DMARC check

• Applied here
• Resolve not using synthesized SPF sender domain in DMARC.
• Exim bug
• Internal ticket #30818
• (Patch sent to upstream)

6. Diagnostic-Code to the unroutable addresses

• Applied here
• Add Diagnostic code for unroutable addresses.
• Exim bug
• Internal ticket #30350
• (Rejected from upstream)

7. Not-QUIT ACL connection lost after dot

• Applied here
• Change connection-lost to connection-lost-after-dot.
• Internal ticket #6423

8. Expansion of local parts larger than 256 characters

• Applied here
• Logs failing to expand local parts larger than 256 characters to mainlog instead of panic log.
• Internal ticket #8057

9. Extend header add buffer size

• Applied here
• Increase HEADER_ADD_BUFFER_SIZE value from 8192 * 4 to 8192 * 10
• Internal ticket #8958

10. Installing exim as exim4

• Applied here
• Based on this Debian patch
• Accommodates source for installing exim as exim4.

11. Disable version in binary

• Applied here
• Based on this Debian patch
• Exim's installation scripts install the binary as exim- - disable this feature.

12. Fix handling temporary rejection at callout

• Correctly handles 4XX rejections when doing the random callout check.
• Exim bug - Reject from upstream.
• Applied here
• Internal ticket #32589

13. Fix handling of catchall callouts

• Correctly handles non cached 2XX acceptance for random callout check
• Exim bug
• Applied here
• Internal ticket #32828

14. Fix use of SIZE in callouts

• Do not permit SIZE in callouts.
• Exim bug
• Applied here
• Internal ticket #32870

15. Fix segfault in print_dsn_diagnostic_code

• Add extra condition to prevent exim segfaults in print_dsn_diagnostic_code
• Exim bug
• Applied here
• Internal ticket #36071