After eight months of development, the release of the postal server exim 4.98 has been published, incorporating accumulated corrections and new features. The project code is written in SI and distributed under the license gplv2+. As of June, a year ago, 55.93% of postal servers use Postfix, while 34.68% use Sendmail. Additionally, Mailenable accounts for 1.81%, MDAEMON for 0.37%, and Microsoft Exchange for 0.17% of postal servers.
- The vulnerability (cve-2024-39929) caused by incorrect analysis of file names in post investments has been eliminated. This vulnerability allowed the bypass of filters using the variable $MIME_filename, enabling the transfer of executable files despite being locked in the settings.
- The ACL now allows the use of the DKIM_STATUS variable in the data, enabling evaluation of verification results through the DKIM mechanism.
- With the DKIM_VERBOSE setting turned on, additional debugging information about the DKIM operation is displayed in the log, ensuring information about digital signatures.
- The DKIM_Timestamps option now allows the inclusion of time information in the signature by setting the value to “0” to add the current time.
- The recipients_max option, which sets a limit for
/Reports, release notes, official announcements.