# Changes to EximConfig since public release (v1.4) on 30/10/2003. # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 07/11/2003 JPB Improvements to message body reject ACL, including support for matching obfuscated text (E.g: V-i-a-g-r-a-) 07/11/2003 JPB New ACL reject/sender_address_forged added to reject specific forged sender addresses. 07/11/2003 JPB Fixed division by zero error in bin/eximconfigstats script. 11/11/2003 JPB Added configurable list of invalid recipient localpart characters (config/localpart_chars) 11/11/2003 JPB accept/spam_sender is now taken into account for RCPT as well as From: address is header. 11/11/2003 JPB Message body ACL (reject/body) improved to deal with obfuscated URL's. 11/11/2003 JPB Added 'SMTP protocol violation' to bin/eximconfigstats (I.e: Spammers who try to send their spam all in one go, ignoring the SMTP protocol and any responses generated by the server. These get dropped by Exim immediately.) 18/11/2003 JPB Added 2->z and 9->g for obfuscated text translation. 26/11/2003 JPB Renamed accept/attachment to accept/attachment_sender 26/11/2003 JPB Added new ACL accept/attachment_filename, used to allow particular attachment filenames to override rejection rules, e.g: oleN.bmp used in Microsoft clients for attachments in HTML messages. 27/11/2003 JPB Added GPL and EximConfig URL to regularly updated ACL's available for separate download at http://www.jcdigita.com/eximconfig 28/11/2003 JPB Improved config/localpart_chars ACL - Allowed local part characters now apply to both sender and recipient addresses. 28/11/2003 JPB Added regexp to system filter to show last E-mail address as well as URL within body text for marked (Non-rejected) spam to assist with updating ACL's. 28/11/2003 JPB Updated reject/body ACL to show last E-mail address in rejected message body text. 28/11/2003 JPB Updated all reject messages (messages/*) to make these more friendly to the end-user and mailers that truncate the SMTP-time rejection text. 28/11/2003 JPB Added separate .custom reject ACL's for sender_address, sender_domain, host, subject and body. Customisations to these frequently updated ACL's can be made within these files, allowing the regularly updated distributed ACL files (Which can be downloadable from http://www.jcdigita.com/eximconfig) to be installed easily without losing any custom additions that you have made. 28/11/2003 JPB Split config/localpart_chars (Allowed characters in local part of E-mail address) into two separate config files for sender and recipient local parts. 28/11/2003 JPB Version number incremented to v1.5 03/12/2003 JPB Added '+' to list of allowed sender local part characters - Used in some solicited/group mailing lists. 05/12/2003 JPB Updated message body URL extraction regexp in exim4.conf and system_filter 09/12/2003 JPB Simplified reject/sender_domain by merging repeated name@domain.tld and name@host.domain.tld rules (Where domain.tld for both is the same) into one regexp-based rule. 11/12/2003 JPB Added support for SMTP authentication with ISP smarthost(s). See hosts/auth, config/hosts_auth_user and config/hosts_auth_password 15/12/2003 JPB Added '"' to list of alloed sender local part characters. 18/12/2003 JPB Improved reject/subject ACL. 19/12/2003 JPB Moved domains/direct (Recipient domain names always sent directly via SMTP rather than ISP 'smarthost(s)') to route/recipient_direct 19/12/2003 JPB Added route/recipient_smart for forcing particular domain names to always be routed via the ISP 'smarthost(s)' (NOTE: Domain names must be registered with ISP mail server or messages will be rejected.) 19/12/2003 JPB Routing in hosts/smart is now correctly based on sender domain name rather than recipient one. 19/12/2003 JPB Smart sending can now be forced by adding smart- to the beginning of the recipient address. 22/12/2003 JPB Added count of forced direct and smart SMTP sending to bin/eximconfigstats 24/12/2003 JPB Fixed routing for route/recipient_smart 24/12/2003 JPB Added rewrite rule for forced smart sending phrase so that the smart- is removed from the recipient address before the message is sent via the smarthost. 12/01/2004 JPB Further simplication of reject/sender_domain and reject/body ACL's. 13/01/2004 JPB Minor change to rules used for unobfuscating text (E.g: V 1 a.g-a => Viagra) 13/01/2004 JPB reject/*.custom files weren't included in eximconfig.tar.gz distribution file, resulting in errors in a fresh install. 14/01/2004 JPB Added SMTP-time SpamAssassin section to README. 14/01/2004 JPB Changed destination directory for scripts in bin/makelinks to /usr/local/bin, plus added checks that installation directories exist and ability to specify these on the command-line as parameters. 14/01/2004 JPB Improvements to obfuscated text matching rules. 15/01/2004 JPB Added ACL to config/exim4.conf to match sender Reply-to: address against reject/sender_domain[.custom] and reject/sender_address[.custom] ACL's 19/01/2004 JPB Domains and sender addresses explicitly whitelisted in accept/sender_domain and accept/sender_address no-longer generate warning message in Exim rejectlog (Unnecessary log file spam.) 19/01/2004 JPB Support for matching ACL's such as reject/body against escaped and Base64 encoded message text added using embedded Perl. 21/01/2004 JPB 8-bit subject rule adjusted to only match against groups of 3 or more 8-bit characters (To help avoid matching against legitimate subjects containing foreign characters.) 22/01/2004 JPB Started work on flood protect/duplicate message blocking feature using MySQL database (Duplicate checking feature working so far - Rejects if >=2 duplicates to same user or >=10 duplicates to any user within past 48 hours.) 23/01/2004 JPB Flood protect rules for host and sender implemented. Flood protection needs testing prior to switching ACL's to deny (Rather than warn) and creating suitable reject messages. 26/01/2004 JPB Message body is now able to match against HTML obfuscated text (E.g: test -> test) 26/01/2004 JPB Deletion of old records from database tables used by flood protect implemented. 26/01/2004 JPB Flood protect currently being tested (Only warns at present rather than rejects.) 27/01/2004 JPB Flood protect reject messages created and rules switched to deny rather than warn. Flood protection now fully working. 27/01/2004 JPB bin/eximconfigstats updated to include flood protection reject statistics. 28/01/2004 JPB Updated regexp used for displaying last URL found within text of message body block (config/exim4.conf) and marked spam (config/system_filter) 28/01/2004 JPB Flood protection now takes accept/hosts, accept/sender_address and accept/sender_domain into account. 28/01/2004 JPB Adjusted flood protect thresholds and changed 1 minute periods so that these temporarily reject messages to prevent too many false positives. Other periods (5 min, 15 min, etc.) will permanently reject. 28/01/2004 JPB Added sender to individual recipient flood protection (Requires FloodProtectSenderRcpt MySQL table - See README.) 29/01/2004 JPB Modifications to flood protection section of bin/eximconfigstats (Now also includes new sender to recipient flood protection stats.) 29/01/2004 JPB Fixed header To: address checking against reject/recipient so that this is only matched if the domain is listed in either domains/local or domains/relay 29/01/2004 JPB Updates to messages/* files. 30/01/2004 JPB Changed flood protect count matching to > rather than >= so ACL's are involked after correct count of messages. 30/01/2004 JPB Adjusted some of the flood protect settings in config/flood_protect to account for the above. 30/01/2004 JPB Separated duplicate message detection into two ACL's so that it's easier to see which one was matched within the rejectlog. 30/01/2004 JPB Log entry for rejected duplicate messages now includes display of URL/E-mail address found in text. 30/01/2004 JPB bin/eximconfigstats updated to show duplicate messages rejected for individual and any recipients. 02/02/2004 JPB bin/eximconfigstats now gives count for duplicate messages to individual users (Rather than always zero.) 02/02/2004 JPB MD5 hash value of body text is now used to detect duplicate messages. 02/02/2004 JPB Duplicate messages for individual users is now based on messages received over a configurable 1 hour time period (FLOOD_PROTECT_REPEAT_PERIOD_USER in config/flood_protect) 02/02/2004 JPB Threshold for detecting duplicate messages to any users increased to 10 and FLOOD_PROTECT_REPEAT_FLUSH reduced to 1 day. 02/02/2004 JPB Blank messages are now ignored by duplicate message detection. 02/02/2004 JPB New ACL added to force sender callback verification for hosts with names that indicate a potential dynamic IP address. See config/sender_verify_callback_dynamic and hosts/dynamic 03/02/2004 JPB Added JDBG.EXE to reject/virus_hoax 03/02/2004 JPB Added forced sender callback due to dynamic host (hosts/dynamic) stats to bin/eximconfigstats and fixed count for callback due to no reverse DNS. 04/02/2004 JPB bin/upgrade script implemented for assisting with upgrading from previous versions of EximConfig. See README for usage details. 10/02/2004 JPB messages/sender_callback modified. 10/02/2004 JPB Changed \.'s to \\\\.'s in reject/body due to use of substituted lookups in config/exim4.conf - This ends up dropping the protecting \'s off the .'s resulting in potential false positives. 16/02/2004 JPB Flood protect duplicate message protection is no-longer applied to bounce messages from <>. 17/02/2004 JPB Whitelisted addresses in accept/sender_address and accept/sender_domain are no-longer spam scanned by SpamAssassin. 18/02/2004 JPB Further tweak to config/exim4.conf to get above accept/sender_address and accept/sender_domain working correctly with SpamAssassin. 20/02/2004 JPB IP address-based rejections now take place during connect ACL, rejecting IP blocked hosts immediately. 20/02/2004 JPB List of rejected attachment filenames updated (Filenames used by viruses that utilise .ZIP files for propagation.) 24/02/2004 JPB Hosts listed in hosts/local and hosts/relay are now ignored by routers as target hosts when performing DNS lookups to verify sender/recipient. For example, a spammer registering a domain and then pointing the MX to 'mail' (Which for most people would lookup to the address of the local Exim server) would fail verification. 24/02/2004 JPB Reject bypass phrase can now be used to get past failed sender callback verification. messages/sender_callback updated to reflect this. 24/02/2004 JPB Callback verification on header From: address is no-longer performed if this is blank or not specified. 25/02/2004 JPB Added qualify_single = false to dnslookup router for verification of remote senders. This prevents single component names from being qualified with the default domain, i.e: Remote host domain with MX of just 'mail' will not be qualified to mail.yourdomain.tld and will be rejected as a MX pointing to invalid hosts. 26/02/2004 JPB Format of regexp's in domains/callback improved. 02/03/2004 JPB Fixed stats for host flood protection in bin/eximconfigstats 03/03/2004 JPB Support for Exiscan patch added, allowing this to be used to scan for viruses (Using 3rd party AV software such as ClamAV), check for bad MIME encoding and reject prohibited attachments in encoded multipart MIME messages. See Exiscan section in README and config/exiscan.conf for more details. 03/03/2004 JPB bin/eximconfigstats updated to include statistics for bad MIME and rejected viruses. 03/03/2004 JPB Version number upped to v1.7 due to above. 04/03/2004 JPB 'demime = *' added to virus scanning ACL of config/exiscan.conf 04/03/2004 JPB Condition to check severity added to bad MIME ACL in config/exiscan.conf 08/03/2004 JPB Newlines are replaced with spaces when logging subjects to prevent log entries from being truncated (Exim doesn't allow newlines in log messages, but newlines can be legally used in E-mail subjects.) 08/03/2004 JPB Use of message reject by-pass phrase now adds X-Verified-Recipient: Yes to header of message. 09/03/2004 JPB Indexes added to flood protect MySQL table definitions to optimise searching efficiency. Instructions included in README for adding these indexes to an existing EximConfig MySQL database. 09/03/2004 JPB Removed 30 and 60 minute flood protect rules. In practise these are rarely (If ever) hit, so are a waste of system resources. 09/03/2004 JPB Updated bin/eximconfigstats to take above into account. 09/03/2004 JPB Added missing rule to flush old records from sender/recipient flood protect table. 09/03/2004 JPB Added auto-whitelist feature for reject by-pass phrase, which utilises MySQL table to remember senders who have used it, whitelisting all further messages even if phrase is omitted. See section in README for details. 11/03/2004 JPB Modifications to outbound_smarthost_isp router, including wildlsearch on domains in route/smart and route/recipient_smart 12/03/2004 JPB Bug in ACL to stop SpamAssassin running if reject by-pass phrase present fixed (This was making SA not run if phrase was NOT present!) 12/03/2004 JPB Header Errors-to: address is now checked for blacklisted sender address/domain. 14/03/2004 JPB Small update to upgrading section in README. 14/03/2004 JPB Updated config/exiscan_av with correct paths for ClamAV socket under Debian testing and unstable. 15/03/2004 JPB Mail to postmaster (config/postmaster) now uses reject by-pass phrase mechanism to avoid most ACL's (This postmaster address is used for contact should messages be incorrectly blocked.) 17/03/2004 JPB bin/eximconfigstats now shows summary of viruses blocked by ExiScan (If using this feature along with a suitable virus scanner, such as ClamAV.) 19/03/2004 JPB Adjusted settings in config/smtp_accept_max and config/smtp_accept_max_per_host to more sensible values. 20/03/2004 JPB More adjustments to config/smtp_accept_max to take setting in config/smtp_accept_reserve into account. 20/03/2004 JPB Adjusted config/smtp_accept_max_per_host so that this does not apply to local or relay hosts. 20/03/2004 JPB Delays added to flood protection before rejection. This will help slow down hosts that ignore the rejection and keep on re-sending regardless. 20/03/2004 JPB reject/body ACL now able to match against URL's split over multiple lines (This resulted in Exim adding a space into the URL in place of the newline, preventing the regexp from matching. Additional test now added that matches reject/body with spaces/newlines/='s removed from text.) 20/03/2004 JPB Generic subject-based virus warning reject ACL updated to take account of subject containing 'no virus found'. Some AV software adds this to the subject of a clean message, which resulted in a false positive rejection. 24/03/2004 JPB Modified 8-bit From: address ACL so that it does not match 8-bit characters in the realname part of the E-mail address (These are legal in the realname.) 25/03/2004 JPB Fixed missing } problem in over-length subject ACL. 29/03/2004 JPB Virus warning/notification/hoax ACL updated to exclude subject containing 'virus free'. 29/03/2004 JPB SA-Exim upgraded to v4.0 - As per 3.0, code has been slightly modified so that it does a permanent reject after teergrube to prevent repeat teergrubing of ISP mail servers that spam/Nigerian scams have been sent via. Greylisting feature can also be utilised, providing SA has been patched to support this. See SA-Exim source for further information: http://marc.merlins.org/linux/exim/sa.html 30/03/2004 JPB hosts/dynamic updated to match *.dyn.* as potential dynamic host for callback testing. 30/03/2004 JPB Support for SPF (Sender Policy Framework) added (See spf.pobox.com) Version upped to 1.8 07/04/2004 JPB SPF is no-longer checked for hosts in hosts/remote (This allows host used for Fetchmail SMTP delivery to be excluded from SPF checks.) 07/04/2004 JPB SPF check on From: address now takes accept/sender_domain, accept/sender_address and domains/nocallback into account. 11/04/2004 JPB Hosts listed in hosts/remote are now excluded from SPF check on From: address (Prevents false SPF rejects for messages collected via Fetchmail and delivered via local SMTP host.) 15/04/2004 JPB Domain used in header Message-ID: is now checked against reject/sender_domain 15/04/2004 JPB Fixed above ACL so that it doesn't try to match an IP address within reject/sender_domain (E.g: Message-ID: ) 16/04/2004 JPB Modified Message-ID: ACL so that it does not match a potential dynamic hostname used within the message ID (E.g: host123-123-123-123.isp.com) against reject/sender_domain, potentially generating a false-positive. 24/04/2004 JPB bin/eximconfigstats updated to include overall statistics of messages rejected at SMTP-time vs those successfully delivered. 24/04/2004 JPB bin/eximconfigstats now shows number of SMTP connections lost and unexpected disconnections. 26/04/2004 JPB bin/eximconfigstats updated to show more detailed information about rejected sender domain, subject and body text. 04/05/2004 JPB Embedded Perl unescaping/decoding functions can now be controlled globally with config/check_perl - Set this to Yes if you wish to use the embedded Perl decoding functions of EximConfig (Highly recommended if your Exim MTA supports embedded Perl.) 04/05/2004 JPB Added function to decode body text 'hidden' using HTML entities (Some spammers are using these to hide their spam text and URL's from filtering software such as EximConfig's ACL's.) This function can be controlled via config/check_perl_entities 05/05/2004 JPB Removed trailing _ accidentally added to config/check_perl in distribution archive. 14/05/2004 JPB Flood protect 1 minute temporary rejects no-longer apply to hosts/remote 25/05/2004 JPB Percentages are no-longer shown if division by zero would occur (I.e: No spam rejected by SA in logs.) 30/05/2004 JPB Removed obsolete main configuration option hosts_treat_as_local - Hosts or domains with MX pointing to local hosts are handled within router configuration. 01/06/2004 JPB IP literals now work if enabled in config/ip_domain_literals (Not recommended.) 01/06/2004 JPB Descriptions in various config files updated (Particularly regarding placing uncommented blank lines in various included config files, which can cause problems.) 01/06/2004 JPB 8-bit sender and subject ACL's are now controlled separately by config/check_8bit_sender and config/check_8bit_subject 8-bit subject ACL is disabled by default (High potential for false-positives for non-English messages.) 03/06/2004 JPB If config/check_spam is set to No, SA-Do-Not-Run is set to prevent sa-exim.so module from still scanning message regardlessly. 07/06/2004 JPB ACL to match reject/body against plain body text fixed. 07/06/2004 JPB Maximum load average before connections are refused can now be set in config/smtp_load_reserve 07/06/2004 JPB Custom reserved hosts can now be set in hosts/reserved (These will still be allowed access (Dedending on config/smtp_accept_reserve) when maximum number of SMTP connections or load average is reached.) 07/06/2004 JPB Maximum load average before queued messages will stop being processed can now be set in config/deliver_queue_load_max 17/06/2004 JPB Generic bounced virus warnings are now matched in body text via separate ACL (From rules in reject/body, that are avoided if a host has been whitelisted) if config/check_virus_warning is set to Yes. 17/06/2004 JPB Auto-whitelisting no-longer applies to bounced messages. 17/06/2004 JPB Local (Non-SMTP) messages, mail to postmaster and permanently whitelisted senders/domains are not added to auto-whitelist database (These are whitelisted on a once-off basis per message sent.) 17/06/2004 JPB Rule that whitelists local SMTP messages (Not sent over TCP/IP) now only applies to local/relay sender domains. 17/06/2004 JPB Possible $acl_m8 variable conflict in prohibited attachment rules that could result in these being applied even if disabled (If $acl_m8 is non-blank) fixed. 21/06/2004 JPB Body virus warning ACL no-longer applies to postmaster address as defined in config/postmaster and config/postmaster_forward 23/06/2004 JPB Direct SMTP sending for outgoing messages from specific sender domains can now be forced by adding the domain(s) to route/direct 28/06/2004 JPB New, improved EximConfigStats script - For full usage instructions, please run 'bin/eximconfigstats help'. 28/06/2004 JPB Flood protection: Repeat delivery failure rejection feature added. An additional MySQL table is required for this and must be created. Please see IMPORTANT UPGRADE NOTES section in README for further information if you are using flood protection in EximConfig. 28/06/2004 JPB Version upped to v1.9 29/06/2004 JPB Removed unneccessary accept line for local/relay hosts in DATA ACL section (Each ACL excludes or includes local/relay hosts appropriately.) 29/06/2004 JPB Fixed bug in new flood protect repeat delivery failure ACL's - FloodProtectSenderRcpt table was being checked instead of FloodProtectRepeatFail! 29/06/2004 JPB Repeat failing bounces from same host to individual user are now rejected by flood protect repeat delivery failure ACL. 29/06/2004 JPB Fixed broken stats for flood protect repeat delivery failure in EximConfigStats and added count for above new ACL for repeat failed bounces. 30/06/2004 JPB EximConfigStats 'reset' option must now be confirmed (Safeguard against accidentally resetting stats.) 30/06/2004 JPB Flood protect repeat failed delivery feature is now applied on a per host and sender basis to prevent false blocking of sender addresses from legitimate sending hosts due to forgeries by viruses/spam from a third party (Unrelated) host. You may wish to add an index to the Host field of this table in your EximConfig database - Please see the IMPORTANT UPGRADE NOTES section in README. 30/06/2004 JPB Fixed typo in regexp for remote host using forged local/relay domain in EximConfigStats. 30/06/2004 JPB Fixed broken condition statement in once off whitelisting rule for mail to postmaster. 01/07/2004 JPB SMTP authentication for remote clients implemented. This allows users from external hosts to be treated as though they are a local/relay user even though their IP address is not listed in hosts/relay. This is particularly useful for authorised remote users connecting from a public ISP who wish to be able to use your mail servers to send messages. 01/07/2004 JPB Usernames and passwords for SMTP authentication are defined in the file accept/auth_logins 01/07/2004 JPB config/check_sender_auth defines whether a remote authenticated user must send using a local/relay domain or not (This prevents abuse of your mail server to send forged messages.) 01/07/2004 JPB config/check_sender_auth_exact defines whether a remote authenticated user must send using their login name as their localpart and optionally a specific domain name (If defined as part of their login name.) 01/07/2004 JPB Flood protect repeat delivery failure ACL's no-longer apply to hosts listed in hosts/remote 01/07/2004 JPB Flood protect repeat delivery failure flush time changed to 1 day (3600 mins.) This is the time after which each failure record will expire and be deleted from the database. 01/07/2004 JPB Code to add sender to flood protect repeat delivery failure table moved to after the ACL's that check for too many failures and reject. This prevents entries being added when a sender is already being rejected due to repeat failures (So these can time out after the flush time period) or by other RCPT ACL's. 01/07/2004 JPB Above move ensures that other RCPT rejections do not count towards repeat delivery failure count. The repeat delivery failure feature is intended for senders that fail DATA ACL's so that repeat failures generate a reject after RCPT - Some mail servers (Such as those operated by BT in the UK) ignore permanent rejections and keep sending regardless, generating a lot of log spam. 06/07/2004 JPB AccurateDays option added to EximConfigStats (Enabled by default.) This ensures that dates are taken into account when generating daily statistics rather than assuming that each rotated log file represents a single day (Not always the case.) However, this can be very resource intensive due to additional processing of log files (Especially when generating stats from first time (Or 'reset'.) However, providing stats are updated on a regular basis, this should not be a problem thanks to EximConfigStats keeping track of log files that it has already 'seen'. If performance is an issue, set AccurateDays=0 08/07/2004 JPB AccurateDays option in EximConfigStats was getting list of unique dates from all log files rather than just those that are 'unseen', which resulted in inaccurate accumulated day count and statistics. If you were using this option, please reset your statistics using the 'reset YES' option otherwise counts and averages will be inaccurate. 09/07/2004 JPB Log file date handling for AccurateDays option modified so that last seen date is stored in .eximconfigstats. Logs containing dates newer than this will be counted as unseen. Dates older than this last seen date will be ignored. This modification prevents entries from being potentially ignored when logs roll over. 12/07/2004 JPB Bug fixed in EximConfigStats code that determines time period covered by current day's log file if AccurateDays=1. Now takes into account entries for current day rolled over by log rotation resulting in more accurate averages. 13/07/2004 JPB Flood protect duplicate message ACL's no-longer apply to messages sent via a remote host listed in hosts/remote if a local or relay domain name is used in the sender address. 21/07/2004 JPB Reject messages tweaked to ensure that first line contains brief details of why the message was rejected. This is for the benefit of MTA's that truncate response messages or only relay the first line to the end-user in the undeliverable notification. 22/07/2004 JPB Added 0.0.0.0/32 to config/ignore_target_hosts - This prevents temporary rejection (Local problem) if the MX of a domain looks up to 0.0.0.0 - Sender is rejected permanently with invalid sender message. 23/07/2004 JPB Added non-SMTP ACL to prevent SpamAssassin being ran for locally generated messages. Exim doesn't run connect, RCPT, MAIL, etc. ACL's for these, which was preventing the messages from being whitelisted from spam scanning. 23/07/2004 JPB Obsolete rule that whitelists locally generated messages providing they were from a domain in domains/local or domains/relay removed. 23/07/2004 JPB Added missing $ to conditional ${if ... } statement in ACL rule that whitelists mail to postmaster. 19/08/2004 JPB reject/body is now matched with HTML tags removed only as well as HTML tags removed and text unobfuscated. 20/08/2004 JPB Updated listed of prohibited executable attachments. 23/08/2004 JPB config/dns_again_means_nonexist added - Permanently rejects messages from domains that do not successfully lookup in DNS (I.e: No records set, incorrectly configured or bad name server.) 24/08/2004 JPB Moved header syntax check ACL before header From: sender verification check. 02/09/2004 JPB Added optional rule to reject/recipient ACL that allows all recipients except those listed in a file to be rejected. This is useful if you are relaying for systems that are not capable of rejecting undeliverable recipients at SMTP-time (I.e: They bounce instead.) 03/09/2004 JPB config/deliver_queue_load_max value lowered to 10 and config/smtp_load_reserve lowered to 5. These new settings help prevent a busy Exim MTA from becoming too overloaded. 06/09/2004 JPB Notes about ClamAV Debian-exim group membership added to Exiscan section of README. 10/09/2004 JPB Sender/recipient verify callback check options can now be adjusted in config/callback 13/09/2004 JPB Greylisting support implemented. See README for further details. 13/09/2004 JPB The regularly updated ACL's for sender address/domain, host, subject and message body can now be optionally disabled, allowing you to use your .custom versions of these only. See: config/custom_acls 13/09/2004 JPB Greylisting stats added to bin/eximconfigstats 13/09/2004 JPB Version upped to 2.0 13/09/2004 JPB Greylisting for NULL sender <> now works properly. Temp. reject is performed after DATA instead of RCPT to prevent conflict with callback probes from remote MTA's. When a NULL sender bounce passes greylisting, it is not added to the verified table, unlike a normal sender would be (Further bounces must also go through the verification process again.) This avoids abuse of <> by spammers. 13/09/2004 JPB Maximum delay permanent reject is now once-off (Sender must go through greylisting verification process all over again if they attempt to send again after this rejection.) 13/09/2004 JPB Maximum delay can be disabled if multiple servers are being used without a central MySQL database (See comments in config/greylist) 14/09/2004 JPB Private IP networks (10.*.*.*, 172.16-31.*.* and 192.168.*.* added to config/ignore_target_hosts (These should never be used publicly on the Internet.) 14/09/2004 JPB Option to perform greylisting on domains in domains/callback (These are commonly forged by spammers) added to config/greylist. 14/09/2004 JPB Option to perform greylisting on all hosts added to config/greylist (Previously setting GREYLIST_DYNAMIC to No achieved this.) 15/09/2004 JPB Exim received headers now show EximConfig version instead of '(Debian)' (Regardless of whether O/S actually is GNU/Debian or not!) 15/09/2004 JPB Greylist maximum delay permanent reject is no-longer applied if sender has used the reject by-pass phrase (As instructed in the reject error message.) 15/09/2004 JPB Greylisting is no-longer applied to senders who have been previously whitelisted by the auto-whitelisting feature. However, it will still be applied to senders using the reject by-pass phrase who have not passed greylist verification yet. 16/09/2004 JPB Added option to apply greylisting to TLDs that are commonly forged/abused by spammers. These are set in the config file config/greylist_acls and enabled by setting GREYLIST_BY_TLD to Yes in config/greylist 17/09/2004 JPB Greylisting is now performed on hosts with no reverse DNS (PTR) record set if GREYLIST_ALL is set to No and GREYLIST_DYNAMIC is set to Yes. 17/09/2004 JPB Support for RBLs (Realtime BlackLists) added. By default this is used to force sender callback and greylisting on blacklisted hosts/domains. Outright reject is also possible, but this is strongly not recommended. See config/rbls and config/rbl_list 20/09/2004 JPB For stats purposes, initial greylisting message is different to time remaining messages for retries. 20/09/2004 JPB Stats for greylisting in bin/eximconfigstats improved. With above changes, greylist pass rate is now shown. 20/09/2004 JPB Inaccurate accumulated stats total time period fixed. This is now based on difference between today's time/date and stats accumulated from time/date. Average values (Which were worked out using this time period) will now be more accurate. 20/09/2004 JPB Fixed adjustment for average on newly added stats categories (RBL and greylisting.) 20/09/2004 JPB RBL TXT record contents (Usually a link to the RBL maintainer's website to show further details about block) is now shown in logs and reject messages, if set. List of RBL's in config/rbl_list updated. 21/09/2004 JPB Fixed several bugs in eximconfigstats which causing delay of update to accumulated stats (Entries older than current day in mainlog were not processed and accumulated until this log was rotated to mainlog.N) 21/09/2004 JPB Layout of some categories in eximconfigstats altered. Added summary of RBL listings. Summaries can now be optionally disabled to speed up stats generation on large log files. 22/09/2004 JPB Detection of 3rd party relaying now occurs earlier in RCPT ACL, preventing greylisting from being applied to obvious 3rd party relaying attempts. 22/09/2004 JPB Added support for GNU/Debian sa-exim package - Correct local_scan_path line added to config/local_scan_path 22/09/2004 JPB Reject messages in config/sa-exim.conf adjusted to make these more friendlier to MTA's that truncate multi-line 550 error messages. 22/09/2004 JPB no_details option added to config/callback 23/09/2004 JPB If GREYLIST_CALLBACK_DOMAINS is enabled, greylisting will only be applied if the sender's host does not match or end with the domain they are using. This prevents pointless greylisting of messages that have legitimately come from an ISP that is commonly forged (E.g: From somebody@hotmail.com where the sending host is actually a hotmail.com host.) 23/09/2004 JPB Above is also applied to potential dynamic hosts matched in hosts/dynamic - This prevents some legitimate ISP's (E.g: Hotmail) that use dynamic looking hostnames for their MTA's (E.g: bay12-f41.bay12.hotmail.com) from being greylisted. 24/09/2004 JPB $acl_m7 is now set for local/relay hosts and authenticated users (Some body tests may still be ran for these users which rely on the contents of this variable (Decoded body text), such as prohibited attachments, bad language, etc. 24/09/2004 JPB Flood protect duplicate message detection now filters HTML tags and MIME boundary values before generating MD5 checksum, improving detection of repeat spams (Particularly to different users on your system.) 26/09/2004 JPB Greylisting was set to Yes by default in config/greylist (Should be No (MySQL database required for this to work.) 28/09/2004 JPB Options to enable/disable sender callback verification moved into config/callback. The following config files are now obsolete: config/sender_verify_callback_all, config/sender_verify_callback_nodns, config/sender_verify_callback_dynamic and config/recipient_verify_callback_relay 28/09/2004 JPB Sender callback verification can now be applied to the header sender From: address as well as the envelope sender (MAIL FROM:) 01/10/2004 JPB Small change to X-EximConfig: header (Hostname included.) 04/10/2004 JPB X-EximConfig: header is now added at end of DATA ACL so that ACL's do not pick up this URL for Last URL found in message text. 05/10/2004 JPB Additional defer_ok added to callback verification options in config/callback - This prevents a temporary error being generated for header From: callback probes that timeout. Callback timeout values have also been changed from 90s to 60s by default. 06/10/2004 JPB Reject by-pass phrase can no-longer be used to by-pass prohibited recipients listed in reject/recipient 06/10/2004 JPB Sender domain for senders from local/relay hosts can now be changed 'on the fly' by using the format 'local_domain.tld%recipient@domain.tld' for the recipient address. See 'Recipient tags' section in README for further details. 07/10/2004 JPB Checking for forged HELO/EHLO and sender domain can now be optionally disabled by setting config/check_forged to No. 08/10/2004 JPB Updated virus hoax rules to match 'viruses found/detected/...' as well as 'virus found/detected/...'. 18/10/2004 JPB accept/recipient can be used to define valid recipient addresses. If a rule is added/enabled to reject/recipient, this will reject all recipient addresses that do not match. This is useful if you are relaying for systems that are incapable of rejecting undeliverable recipients at SMTP-time. 18/10/2004 JPB Rejected contact names (localparts/contact) will now be checked and rejected before reject/recipient is processed. 26/10/2004 JPB Adjusted default flush times for flood protect duplicate (Repeat) messages to 48 hours and flood protect repeat failure to 24 hours. 01/11/2004 JPB SMTP-time SpamAssassin is no-longer run for whitelisted hosts in accept/host 01/11/2004 JPB Whitelisting rules as per reject by-pass phrase are now applied to hosts whitelisted in accept/host 01/11/2004 JPB Values suitable for a server with a high level of incoming connections (E.g: ISP) added to config/flood_protect 02/11/2004 JPB Commenting of above adjusted so that it does not generate errors. 04/11/2004 JPB Flood protect repeat fail ACL's adjusted so that these reject after the correct number of failed messages. Due to error in logic in the ACL's, an additional failure over the counts set in config/flood_protect was being allowed. 08/11/2004 JPB Fixed LogDateStamp bug in eximconfigstats. Text date was being stored instead of a timestamp. This only affects recent EximConfig installations. The above variable is only set once, so those with older installations will not be affected by this problem. 10/11/2004 JPB Check for repeat failures from sender to individual or any recipient are now only done for the first RCPT TO: command. The rule will not be checked for further RCPT TO: commands in the same SMTP session. This prevents a message sent to multiple recipients within a single session from being rejected as a repeat failure (Entries added to FloodProtectRepeatFail table are not removed until the end of the DATA ACL.) 10/11/2004 JPB If a sender fails a sender-based ACL and attempts to send to further recipients (Ignoring the previous permanent reject), they will be automatically rejected. 10/11/2004 JPB Sender-based ACL's checked within the RCPT section that only need to be ran once per SMTP-session are now ran only once, saving processing time (E.g: Sender callback/SPF verification, forged sender, etc.) 10/11/2004 JPB bin/showconf script added - Shows current config settings from various files in the config directory. 15/11/2004 JPB Flood protect repeat fail rules added based for sender from any any host (Higher counts than those used for sender from individual host.) 15/11/2004 JPB bin/eximconfigstats updated to support the above. Collection of stats for sender from individual host to individual recipient fixed. 15/11/2004 JPB Fixed bug in eximconfigstats where stats are being compared between two servers and a stats category doesn't exist in comparison stats file. 18/11/2004 JPB Corrected FLOOD_PROTECT_REPEAT_FAIL_COUNT_USER in flood protect repeat failed bounce log error message to FLOOD_PROTECT_REPEAT_FAIL_COUNT_IDVUSER_IDVHOST 19/11/2004 JPB route/forward added. This contains full remote recipient E-mail addresses that messages received from external addresses may be forwarded to (From a local or a relay host.) This is used where system aliases (/etc/aliases) are setup to forward messages for a local/relay user onto a remote host. 26/11/2004 JPB Invalid characters in local part error message changed to make it more compatible with MTA's that truncate the error message they report back to the sender to a single line. 26/11/2004 JPB Connection is now dropped if there are too many failed recipients. Counts and delays are specified in config/failed 06/12/2004 JPB Unobfuscation regexp's used by subject and body ACL's updated to cope with text obfuscated with character set encodings, e.g: '=?utf-8?q?Let banks com?= =?utf-8?q?pete for your loan?=' -> 'Let banks compete for your loan' 07/12/2004 JPB Added GREYLIST_VERIFY_MULTIPLIER to config/greylist - This allows the multiplier for the minimum and maximum delays to be changed from the default of 1 hour to allow finer adjustment (E.g: Minutes or even seconds.) 08/12/2004 JPB Added rewrite condition so that config/postmaster is no-longer re-written to config/postmaster_forward if these are both the same. 13/12/2004 JPB Added unique tag to most reject messages so that EximConfig can detect its own reject messages that have been bounced back to local/relay users by a remote mailer. 15/12/2004 JPB bin/makelinks now creates backups (.old) of files in /etc/exim4 that are replaced with symlinks to EximConfig files (exim4.conf, sa-exim.conf, spamassassin.conf) 15/12/2004 JPB Filter is now applied to SMTP AUTH login names in accept/auth_logins - This can remove a Windows-style domain (Domain/login) from the login name as well as apply a custom (User defined) filter (An example for Novell GroupWise is included.) 16/12/2004 JPB ACL added to match blank message body text (Regexp in reject/body cannot match completely blank body text because $lookup ignores a blank search key.) 16/12/2004 JPB Exiscan MIME error checking can be enabled/disabled and the error level set in config/exiscan_demime 17/12/2004 JPB no_details removed from config/callback options - This hides reason for callback failure from reject message. messages/sender_callback adjusted appropriately. 20/12/2004 JPB STARTTLS is no-longer advertised to hosts listed in reject/tls 07/01/2005 JPB Flood protect defers moved to end of check_recipient ACL to ensure that other deny ACL's are processed first, so that message is permanently rejected rather than temporarily. 10/01/2005 JPB Flood protect host 1 min defer ACL moved to end of check_recipient ACL to ensure RCPT reject ACL's are processed first. 18/01/2005 JPB Disabled use of dsn.rfc-ignorant.org in config/rbl_list - Forcing callback for hosts that don't accept the null sender (<>) is pointless and will always fail (Callback uses <> as the sender from address.) 19/01/2005 JPB Moved warn ACL that adds sender to FloodProtectRepeatFail table to after the defer ACL's for other flood protect rules, otherwise sender that gets deferred by these counts as a repeat failure and potentially ends up being rejected. 19/01/2005 JPB Previously updated reject messages had accidentally been placed in a sub-directory messages within messages in the distribution archive! This has now been corrected (messages/messages directory can be removed if you have this.) 20/01/2005 JPB By enclosing regexp expressions within (), reject/body ACL now logs the text that matched, allowing the correct rule to be identified and adjusted in the event of false positives. 21/01/2005 JPB Above change to reject/body ACL now expands pre-defined messages in messages/reasons again. 24/01/2005 JPB Bounced bounce detection ACL (Via unique EximConfig tag in body) now only applies to bounce messages (From <>) This prevents messages that have been rejected and then forwarded again by the sender (Hopefully after correcting what caused it to be rejected) from being trapped by this rule. 24/01/2005 JPB Added config/allow_mx_from_ip - This allows you to optionally configure Exim to accept messages from/to domains with MX invalidly pointing to an IP address rather than hostname. This is not recommended, but may be neccessary if you need to communicate with users who's systems are misconfigured in this way and are either unable (Or unwilling) to correct this problem. 26/01/2005 JPB Order of required_files check for procmail router changed so that existence of /usr/bin/procmail is tested first under Exim's uid/gid rather than the local_part user. This gets around procmail not being readable to the local_part user on Gentoo. 07/02/2005 JPB config/return_path added - Allows disabling of return_path_remove so that return-path: can b SPF, forgery and reject/sender_address/domain checked. 07/02/2005 JPB Updated config/spf.conf to support the above and also display smtp_comment in returned reason. 07/02/2005 JPB config/check_spf now allows SPF checks on envelope sender, From: and return-path (New) to be separately enabled. 07/02/2005 JPB Return-path: is now checked for rejected sender domains and addresses (reject/sender_domain/address) 07/02/2005 JPB config/check_forged now allows forgery checks on HELO/EHLO, envelope sender, From: and return-path (New) to be separately enabled. 09/02/2005 JPB config/check_forged in distribution archive was earlier version with CHECK_FORGED_HELO missing (This traps a lot of spam/viruses if set to Yes.) 22/03/2005 JPB 'postmaster' check is no-longer enabled in config/callback by default. This can cause false positives due to the large number of ISP's, companies, etc. who ignore RFC's and don't bother setting up a postmaster account. 23/03/2005 JPB Corrected include for acl_rcpt used to include custom user-defined RCPT ACL's (acl_data was included instead of acl_rcpt) 01/04/2005 JPB Use of $1 in reject/body ACL matches to return text that matched the regexp appears to be a feature of Exim and may cause segmentation faults (It's supposed to be used for partial lookups only.) This has been disabled until a proper way of returning the text matched by lookup key is available. 01/04/2005 JPB Blank message ACL no-longer rejects blank messages with 'unsubscribe' in the subject. 17/06/2005 JPB Generic virus warning ACL's are no-longer applied to whitelisted senders. 22/06/2005 JPB Above changes to generic virus warning ACL's now only apply to senders directly using reject by-pass phrase (verified-name@domain.tld) or those permanently whitelisted in accept/sender_address, accept/sender_domain and accept/host. 30/06/2005 JPB Added config/rewrite_sender and config/rewrite_recipient. 21/07/2005 JPB Further adjustments to whitelisting regarding generic virus warning ACL's. 29/07/2005 JPB Postmaster whitelisting no-longer applies to generic virus warnings and spam scanning (Postmaster is a common target of both of these.) 29/07/2005 JPB Greylisting is no-longer applied to whitelisted senders (accept/sender_address, accept/host and accept/sender_domain) 29/07/2005 JPB domains/nogreylist added to allow specific domains to be excluded from greylisting. This can be used to prevent delaying legitimate senders from hosts that will be greylisted for one reason (E.g: No reverse DNS or dynamic looking reverse DNS and ISP doesn't allow it to be changed.) 04/08/2005 JPB outbound_direct and outbound_ipliteral routers now take account of authenticated users and hosts authorised to relay (hosts/relay) using domains not listed in domains/local or domains/relay (If allowed, these would be unroutable previously.) 04/08/2005 JPB SPA authenticator now sets $authenticated_id to allow above to work correctly. 15/08/2005 JPB Added hosts/nogreylist to allow specific hosts to be excluded from greylisting. This is mainly for hosts that are incompatible with greylisting due to using large pool of mail servers that share the task of resending messages that have been temporarily rejected. This means that it will take a long time for these to pass greylisting due to the fact that the message is not resent from the same host. 15/08/2005 JPB Added hosts/nocallback to allow specific hosts to be excluded from sender callback verification. 17/08/2005 JPB Fixed problem with outbound_forward router that resulted in external addresses used in user .forward files being unroutable for messages sent from remote senders. 26/08/2005 JPB Removed reject/ip_class_a, reject/ip_class_b and reject/ip_class_c ACL's to 'save' hostlists for older versions of Exim that limit these to 16 (Recented added ACL's exceed this limit.) The above 3 ACL's are not necessary because these IP's can be easily blocked in reject/ip 01/09/2005 JPB Translation table added to translate ISO8859-1 symbols commonly substituted in spam for similar looking plain ASCII letters back to their ASCII equivalents, so that the rules in ACL's can still match, e.g: Víâgrå --> Viagra 22/09/2005 JPB Rules added to match for URL links to prohibited executable and non-executable files within body text of messages. This is to address the problem of some viruses now sending E-mails containing links to infected files on compromised web servers rather than sending an actual infected attachment (Which would be blocked.) Blocking is controlled via: config/check_attachment_body_executable config/check_attachment_body_prohibited 23/09/2005 JPB Added exclusions list accept/attachment_executable_body for http:// URL links. This allows file types commonly used in server-side scripting to be excluded (E.g: .js) 26/09/2005 JPB Rule added to match for URL links to prohibited attachment filenames as defined in reject/attachment_filename. The format of this file has been modified (To a single regexp) to allow it to be used both for this purpose as well as attachment filename blocking. URL blocking is controlled by config/check_attachment_body_filename 30/09/2005 JPB List of prohibited attachments (Audio/video) updated. 05/10/2005 JPB hosts/ident added to control RFC 1413 ident calls. By default, these are enabled for all hosts, but this can cause problems for authenticated clients. The calls can be disabled for all or specific hosts via this file. 05/10/2005 JPB By default, copies of bounces/undeliverable messages are sent to postmaster. This can now be customised or disabled via config/errors_copy 05/10/2005 JPB Reply-to: address can now be set on bounced messages via config/errors_reply_to (The default is postmaster as defined in config/postmaster.) 05/10/2005 JPB Recipient(s) of frozen message notifications can now be set via config/freeze_tell 06/10/2005 JPB Tweaks made to prohibited URL rules to prevent false positive .com links caused by URL's containing an E-mail address/domain name. 17/10/2005 JPB URL link to prohibited filename ACL modified to ignore http://www.domain.tld/name@domain.com links used in some legitimate mailing lists. 26/10/2005 JPB URL regexp's in reject/body simplified, reducing CPU overhead. 03/11/2005 JPB Changed ._. string used to filter out allowed executable filenames in URL's in the body text to \\._\\. to prevent false postive matching against a filename with x_x extension. 22/11/2005 JPB Blank message rule no-longer applies to mail sent to *unsubscribe*@domain.tld 30/11/2005 JPB Generic body virus warning/hoax detection rules updated. 14/12/2005 JPB Tarpitting implemented (See config/tarpit) 27/01/2006 JPB Greylisted <> bounce no-longer counts as failure (Resulting in rejection as a consecutive failed bounce when the retry count reaches this number (Default 3.)) 28/02/2006 JPB Maildir directory changed to ${home}/Maildir/ to account for non-standard user home directory locations. 02/03/2006 JPB Added config/routers and config/transports. These allow custom routers and transports to be added without modifying exim4.conf The custom routers and transports will be included before the pre-defined routers and transports used by EximConfig. 02/03/2006 JPB Added config/settings. This allows custom main configuration settings to be added without modifying exim4.conf The custom settings will be included after the pre-defined settings used by EximConfig. 02/03/2006 JPB Custom transports now includes config/tranports rather than config/routers! 06/03/2006 JPB Unobfuscation rules updated. 04/05/2006 JPB Fixed problem with and{} condition in ACL's for greylisting and flood protection when using Exim 4.6x 31/05/2006 JPB Added com to accept/attachment_executable_body to prevent false positives with URL's in body text that contain a .com address. 31/05/2006 JPB Added config/bypass to allow reject bypass phrases to be changed without editing exim4.conf 31/05/2006 JPB Reject bypass phrases can be turned off via config/bypass 31/05/2006 JPB Unique ID added to reject bypass phrase. REJECTBYPASS_CODE and REJECTBYPASS_MULTIPLIER should be changed to ensure uniqueness. 01/06/2006 JPB 'logview' now assumes /var/log/exim4/rejectlog if this file exists and no logfile is specified by the user. 01/06/2006 JPB 'loggrep' now assumes /var/log/exim4/mainlog if this file exists and no logfile is specified by the user. 01/06/2006 JPB 'logview' and 'loggrep' now check that 'less' exists before using it to page output. 19/06/2006 JPB Executable attachments list updated to block CLSID attachments (name.ext.(clsid)) 30/06/2006 JPB config/spf.conf ACL updated. 03/07/2006 JPB config/spf.conf reverted back to previous version due to issues with new version. 04/07/2006 JPB Option to ignore last number in IP address when verifying a sender+recipient+host added (GREYLIST_VERIFY_POOL = Yes in config/greylist) This option allows pools of servers at some large ISP's to pass more quickly when retrying of messages occurs from different hosts in the pool. 04/07/2006 JPB Option to pass greylisting by host added (GREYLIST_PASS_HOST = Yes in config/greylist) This helps prevent unnecessary greylisting and delaying of messages from hosts that are likely to pass (E.g: Major ISP mail servers.) 12/07/2006 JPB Obfuscation rules moved into separate config file. 04/08/2006 JPB Undeliverable notification with EXIMCONFIGTAG present rule no-longer applies to local/relay hosts and hosts/remote. 14/08/2006 JPB SPF softfail can now optionally be considered as fail (Set SPF_DENY_SOFTFAIL in config/check_spf to Yes.) 15/08/2006 JPB bin/eximconfigstats statistic for SPF softfail now works. 30/11/2006 JPB Link to prohibited file rules now work with a URL that has a tilde (~), e.g: http://12.34.56.78/~someuser/file.gif.exe 08/12/2006 JPB Config file added for split_spool_directory option (config/split_spool_directory) 12/12/2006 JPB Error in and {} condition of reject/sender_address_forged ACL fixed (Only used for POP3/IMAP collected messages. 13/12/2007 JPB Support for multi-language reject and log messages added - See config/language, messages/en/*, domains/language 01/02/2008 JPB EximConfig v2.5 released. 26/10/2009 JPB Obsolete dsbl.org and opm.blitzed.org removed from config/rbl_list 01/03/2010 JPB wildlsearch is now used for domains/language lookup. 29/06/2010 JPB Added domains/outbound 16/07/2010 JPB Original (Unmodfiied) message body text is now matched against reject/body and reject/body.custom to allow matching of extended ASCII (For Chinese spams, etc.) 27/07/2010 JPB config/exiscan.conf updated to support messages/* 29/09/2010 JPB reject/sender_name ACL added to reject based on sender's header From: name (E.g: From: "Viagra" ) 01/10/2010 JPB bin/upgrade backup of old configuration no-longer includes the 'old' directory (Resulting in exponetially growing backup tar.gz) 05/10/2010 JPB Auto-whitelist for postmaster can now be disabled in config/auto-whitelist (PM_WHITELIST = No) 18/10/2010 JPB Corrections to sender_replyto_address and subject_length ACL's (messages/en/HERE) 26/10/2010 JPB bin/upgrade tests for existence of 'old' directory before excluding it from the backup archive. 07/02/2011 JPB $acl_m0 is now set to noscan for E-mail that should not be scanned by SpamAssassin via sa-exim 09/02/2011 JPB Improvements to bin/spfd script + Debian LSB tags added. 21/02/2011 JPB $acl_m0 is now used to disable teergrubing via sa-exim. config/sa-exim.conf updated appropriately. 31/10/2011 JPB Sender callback is now disabled by default - See: http://www.backscatterer.org/?target=sendercallouts 21/12/2016 JPB Added reject/recipient_name ACL 07/02/2016 JPB Added check for accepted sender address/domain in header From: to reject/body check. 07/02/2016 JPB SpamAssassin is disabled for accepted sender address/ domain in header From: 27/01/2020 JPB Fix security issue in AUTH PLAIN/AUTH LOGIN (Could pass authentication if non-existent login ID (not present in accept/auth_logins) was used with the password ERROR) 19/05/2021 JPB Limit last URL matching regex for reject/body log message to avoid exceeding 32K expansion limit in some cases (long encoded URL's) 19/05/2023 JPB Added ${quote_mysql:$...} to flood protect ACL's to fix tainted search query errors 19/09/2023 JPB Transports updated to use $local_part_data rather than tainted $local_part