Exim 4.99 Release Candidate 2 released
The second release candidate for Exim 4.99 has been released for testing. This release is a significant update to the popular message transfer agent (MTA) originally developed at the University of Cambridge for use on Unix systems connected to the Internet.
Exim 4.99-RC2 is freely available under the GNU General Public License and offers extensive facilities for checking incoming mail, along with flexibility in routing messages. This allows users to replace Sendmail with Exim, although a different configuration process may be required.
This release candidate includes several key improvements over its predecessor, Exim 4.99-RC1. First, various bug fixes have been implemented to address issues such as out-of-bounds reads and crashes in specific scenarios. Additionally, new features have been added to enhance the performance and functionality of Exim.
One notable feature is the introduction of a "tls_early_banner_hosts" option for the main section, which enables a TLS-on-connect performance feature. This feature can be used to improve the performance of TLS connections.
Other significant additions include support for sieve_inbox options in redirect routers, connection_id variables, and event notifications for SMTP protocol failures. Moreover, Exim 4.99-RC2 now offers build-time options to omit Exim- and Sieve filters, enabling users to customize their installation according to specific needs.
Furthermore, this release includes numerous enhancements related to authentication and lookup support. JSON and LDAP lookup capabilities have been added, along with PAM, RADIUS, perl, SPF, DKIM, DMARC, and ARC support. Additionally, most router and authenticator drivers, as well as transport drivers (except for SMTP), can now be built as loadable modules.
Exim 4.99-RC2 also addresses various security-related issues, including fixes for CVE-2025-26794 and CVE-2025-30232. Notably, bug fixes have been implemented to resolve issues with hintsdb support for dbmjz when compiled using sqlite3, as well as problems in the SPA authenticator.
The release notes also highlight notable bug fixes, including a fix for parsing DKIM pubkey DNS records and a crash in DKIM signing. Overall, Exim 4.99-RC2 represents a substantial update to this powerful MTA, offering numerous improvements in performance, functionality, and security.
In terms of configuration options, users can now expand hosts_randomize in manual route routers and SMTP transport options. Similarly, fallback_hosts options in SMTP transports and all routers are expanded as well. The support for SRV records specifying TLS availability has been added, following the specification outlined by IETF ().
To further enhance logging capabilities, Exim 4.99-RC2 introduces a log_ports option in the main-section configuration to filter logged port numbers. Additionally, an extra delivery log line element has been added under the "protocol detail" control, providing information about SMTP protocol startup sequences.
A command-line option for pre-config debug has also been introduced to facilitate debugging and testing processes. The release notes also mention EXPERIMENTAL_SPF_PERL and EXPERIMENTAL_NMH as optional build features that can be enabled or disabled depending on user requirements.
Finally, the log selector "tls_on_connect" has been added to provide distinguishable protocol labels in received log lines, affecting both the $received_protocol variable.
Download
The release candidate is available for download through https://ftp.exim.org/pub/exim/exim4/test/.
