diff --git a/ChangeLog b/ChangeLog
index cbf3ae9..c189116 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,11 +1,17 @@
 E-MailRelay Change Log
 ======================
 
+2.3 -> 2.3.1
+------------
+* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
+* TLS key and certificate files can be specified separately.
+* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50].
+
 2.2 -> 2.3
 ----------
 * Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").
 * Windows event log not used for verbose logging (prefer "--log-file").
-* New admin 'forward' command to trigger forwarding without waiting.
+* New admin "forward" command to trigger forwarding without waiting.
 * Optional base64 encoding of passwords in secrets files ("plain:b").
 * Support for MbedTLS version 3.
 
diff --git a/NEWS b/NEWS
index d0d4d31..7a931e8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,7 @@
 News
 ----
 Version 2.3 is a relatively minor release. The main functional change is to
-support unix domain sockets. Non-functional code changes include better 
+support unix domain sockets. Non-functional code changes include better
 separation of interface and implementation in the SMTP message store.
+
+Version 2.3.1 is a point release principally to fix bug-id #50.
diff --git a/VERSION b/VERSION
index bb576db..2bf1c1c 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.3
+2.3.1
diff --git a/bin/Makefile.am b/bin/Makefile.am
index 3b6b7ee..2ed57f1 100644
--- a/bin/Makefile.am
+++ b/bin/Makefile.am
@@ -17,6 +17,8 @@
 
 example_scripts_static = \
 	emailrelay-bcc-check.pl \
+	emailrelay-check-ipaddress.js \
+	emailrelay-check-ipaddress.pl \
 	emailrelay-ldap-verify.py \
 	emailrelay-multicast.sh \
 	emailrelay-rot13.pl \
diff --git a/bin/Makefile.in b/bin/Makefile.in
index 79dea1e..9d94961 100644
--- a/bin/Makefile.in
+++ b/bin/Makefile.in
@@ -284,6 +284,8 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 example_scripts_static = \
 	emailrelay-bcc-check.pl \
+	emailrelay-check-ipaddress.js \
+	emailrelay-check-ipaddress.pl \
 	emailrelay-ldap-verify.py \
 	emailrelay-multicast.sh \
 	emailrelay-rot13.pl \
diff --git a/bin/emailrelay-check-ipaddress.js b/bin/emailrelay-check-ipaddress.js
new file mode 100755
index 0000000..f3c51d1
--- /dev/null
+++ b/bin/emailrelay-check-ipaddress.js
@@ -0,0 +1,49 @@
+//
+// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
+// 
+// Copying and distribution of this file, with or without modification,
+// are permitted in any medium without royalty provided the copyright
+// notice and this notice are preserved.  This file is offered as-is,
+// without any warranty.
+// ===
+//
+// emailrelay-check-ipaddress.js
+//
+// An example "--filter" script for Windows that verifies the submitting
+// client's IP address. The IP address is read from the envelope file.
+// Invalid IP addresses are rejected by deleting the two message files and
+// exiting with the special exit code of 100. Note that this checks the
+// IP address very late in the submission process; a firewall or DNSBL check
+// might work better.
+//
+try
+{
+	var content = WScript.Arguments(0) ;
+	var envelope = WScript.Arguments(1) ;
+	var fs = WScript.CreateObject( "Scripting.FileSystemObject" ) ;
+	var ts = fs.OpenTextFile( envelope , 1 , false ) ;
+	var txt = ts.ReadAll() ;
+	ts.Close() ;
+	var re = new RegExp( "X-MailRelay-Client: (\\S*)" , "m" ) ;
+	var ip = txt.match(re)[1] ;
+	var ok = ip === "1.1.1.1" ; /// edit here
+	if( ok )
+	{
+		WScript.Quit( 0 ) ;
+	}
+	else
+	{
+		WScript.StdOut.WriteLine( "<<not allowed>>" ) ;
+		fs.DeleteFile( envelope ) ;
+		fs.DeleteFile( content ) ;
+		WScript.Quit( 100 ) ;
+	}
+}
+catch( e )
+{
+	// report errors using the special <<...>> markers
+	WScript.StdOut.WriteLine( "<<error>>" ) ;
+	WScript.StdOut.WriteLine( "<<" + e + ">>" ) ;
+	WScript.Quit( 1 ) ;
+}
+
diff --git a/bin/emailrelay-check-ipaddress.pl b/bin/emailrelay-check-ipaddress.pl
new file mode 100755
index 0000000..c0d4fd8
--- /dev/null
+++ b/bin/emailrelay-check-ipaddress.pl
@@ -0,0 +1,52 @@
+#!/usr/bin/env perl
+#
+# Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
+# 
+# Copying and distribution of this file, with or without modification,
+# are permitted in any medium without royalty provided the copyright
+# notice and this notice are preserved.  This file is offered as-is,
+# without any warranty.
+# ===
+#
+# emailrelay-check-ipaddress.pl
+#
+# An example "--filter" script that verifies the submitting client's IP
+# address. The IP address is read from the envelope file. Invalid IP
+# addresses are rejected by deleting the two message files and exiting
+# with the special exit code of 100. Note that this checks the IP
+# address very late in the submission process; a firewall or DNSBL
+# check might work better.
+#
+
+use strict ;
+use warnings ;
+use FileHandle ;
+$SIG{__DIE__} = sub { (my $e = join(" ",@_)) =~ s/\n/ /g ; print "<<error>>\n<<error: $e>>\n" ; exit 99 } ;
+
+my %allow = (
+	"127.0.0.1" => 1 ,
+	"1.1.1.1" => 1 ,
+	# etc
+) ;
+
+my $content = $ARGV[0] or die "usage error\n" ;
+my $envelope = $ARGV[1] or die "usage error\n" ;
+my $fh = new FileHandle( $envelope ) or die "cannot open envelope file: $!\n" ;
+my $txt ;
+{
+	local $/ = undef ;
+	$txt = <$fh> ;
+}
+my ( $ip ) = ( $txt =~ m/X-MailRelay-Client: (\S*)/m ) ;
+if( $allow{$ip} )
+{
+	exit( 0 ) ;
+}
+else
+{
+	print "<<not allowed>>\n<<not allowed: $ip>>\n" ;
+	unlink( $content ) ;
+	unlink( $envelope ) ;
+	exit( 100 ) ;
+}
+
diff --git a/configure b/configure
index 3207ae7..d8daa73 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for E-MailRelay 2.3.
+# Generated by GNU Autoconf 2.69 for E-MailRelay 2.3.1.
 #
 #
 # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='E-MailRelay'
 PACKAGE_TARNAME='emailrelay'
-PACKAGE_VERSION='2.3'
-PACKAGE_STRING='E-MailRelay 2.3'
+PACKAGE_VERSION='2.3.1'
+PACKAGE_STRING='E-MailRelay 2.3.1'
 PACKAGE_BUGREPORT=''
 PACKAGE_URL=''
 
@@ -1375,7 +1375,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures E-MailRelay 2.3 to adapt to many kinds of systems.
+\`configure' configures E-MailRelay 2.3.1 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1442,7 +1442,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of E-MailRelay 2.3:";;
+     short | recursive ) echo "Configuration of E-MailRelay 2.3.1:";;
    esac
   cat <<\_ACEOF
 
@@ -1575,7 +1575,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-E-MailRelay configure 2.3
+E-MailRelay configure 2.3.1
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2011,7 +2011,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by E-MailRelay $as_me 2.3, which was
+It was created by E-MailRelay $as_me 2.3.1, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2876,7 +2876,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='emailrelay'
- VERSION='2.3'
+ VERSION='2.3.1'
 
 
 # Some tools Automake needs.
@@ -10728,7 +10728,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by E-MailRelay $as_me 2.3, which was
+This file was extended by E-MailRelay $as_me 2.3.1, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -10794,7 +10794,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-E-MailRelay config.status 2.3
+E-MailRelay config.status 2.3.1
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/configure.ac b/configure.ac
index b3a5ef2..ce310ba 100755
--- a/configure.ac
+++ b/configure.ac
@@ -19,7 +19,7 @@ dnl
 dnl Process this file with autoconf to produce a configure script.
 dnl
 
-AC_INIT([E-MailRelay],[2.3],[],[emailrelay])
+AC_INIT([E-MailRelay],[2.3.1],[],[emailrelay])
 AC_CONFIG_SRCDIR([src/glib/gdef.h])
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE([no-define])
diff --git a/debian/changelog b/debian/changelog
index 0a024f8..95ebbd7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+emailrelay (2.3.1) unstable; urgency=low
+  * Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
+  * TLS key and certificate files can be specified separately.
+  * Fixed error handling for network client filters ("--client-filter=net:...") [bug-id 50].
+ -- maintainer graeme_walker <graeme_walker@users.sourceforge.net>  Thu, 30 Jun 2022 00:00:00 +0000
+
 emailrelay (2.3) unstable; urgency=low
   * Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").
   * Windows event log not used for verbose logging (prefer "--log-file").
diff --git a/doc/changelog.html b/doc/changelog.html
index bd5062b..b62db6c 100644
--- a/doc/changelog.html
+++ b/doc/changelog.html
@@ -9,6 +9,12 @@
   <!-- index:0::::E-MailRelay Change Log -->
  <div class="div-main">
   <h1><a class="a-header" name="H_1">E-MailRelay Change Log</a></h1> <!-- index:1:H:E-MailRelay Change Log -->
+   <h2><a class="a-header" name="SH_1_0">2.3 -> 2.3.1</a></h2> <!-- index:2:SH:1:0:2.3 -> 2.3.1 -->
+    <ul>
+     <li>Hourly log file rotation using <em>%h</em> (eg. <em>--log-file=log.%d.%h</em>).</li>
+     <li>TLS key and certificate files can be specified separately.</li>
+     <li>Fixed error handling for network client filters (<em>--client-filter=net:...</em>) [bug-id #50].</li>
+    </ul>
    <h2><a class="a-header" name="SH_1_1">2.2 -> 2.3</a></h2> <!-- index:2:SH:1:1:2.2 -> 2.3 -->
     <ul>
      <li>Unix domain sockets supported (eg. <em>--interface=/tmp/smtp.s</em>.</li>
diff --git a/doc/changelog.md b/doc/changelog.md
index ec4e9dc..d8aed12 100644
--- a/doc/changelog.md
+++ b/doc/changelog.md
@@ -1,6 +1,13 @@
 E-MailRelay Change Log
 ======================
 
+2.3 -> 2.3.1
+------------
+
+* Hourly log file rotation using `%h` (eg. `--log-file=log.%d.%h`).
+* TLS key and certificate files can be specified separately.
+* Fixed error handling for network client filters (`--client-filter=net:...`) [bug-id #50].
+
 2.2 -> 2.3
 ----------
 
diff --git a/doc/changelog.rst b/doc/changelog.rst
index 3312174..b0ca93f 100644
--- a/doc/changelog.rst
+++ b/doc/changelog.rst
@@ -2,6 +2,13 @@
 E-MailRelay Change Log
 **********************
 
+2.3 -> 2.3.1
+============
+
+* Hourly log file rotation using *%h* (eg. *--log-file=log.%d.%h*).
+* TLS key and certificate files can be specified separately.
+* Fixed error handling for network client filters (*--client-filter=net:...*) [bug-id #50].
+
 2.2 -> 2.3
 ==========
 
diff --git a/doc/changelog.txt b/doc/changelog.txt
index a2cb5eb..c189116 100644
--- a/doc/changelog.txt
+++ b/doc/changelog.txt
@@ -1,6 +1,12 @@
 E-MailRelay Change Log
 ======================
 
+2.3 -> 2.3.1
+------------
+* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
+* TLS key and certificate files can be specified separately.
+* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50].
+
 2.2 -> 2.3
 ----------
 * Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").
diff --git a/doc/emailrelay-man.html b/doc/emailrelay-man.html
index 0a43183..d07cb10 100644
--- a/doc/emailrelay-man.html
+++ b/doc/emailrelay-man.html
@@ -119,7 +119,7 @@ Enables negotiated TLS for outgoing SMTP connections; the SMTP STARTTLS command
 <DT><B>--client-tls-certificate </B><I>&lt;pem-file&gt;</I>
 
 <DD>
-Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
+Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
 <DT><B>-b, --client-tls-connection</B>
 
 <DD>
@@ -135,7 +135,7 @@ Defines the target server hostname in the TLS handshake. With <I>--client-tls-co
 <DT><B>--client-tls-verify </B><I>&lt;ca-list&gt;</I>
 
 <DD>
-Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
+Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify <I>&lt;default&gt;</I> for the TLS library's default set of trusted CAs.
 <DT><B>--client-tls-verify-name </B><I>&lt;cname&gt;</I>
 
 <DD>
@@ -143,7 +143,7 @@ Enables verification of the CNAME within the remote SMTP server's certificate.
 <DT><B>-e, --close-stderr</B>
 
 <DD>
-Causes the standard error stream to be closed soon after start-up. This is useful when operating as a backgroud daemon and it is therefore implied by <I>--as-server</I> and <I>--as-proxy</I>.
+Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by <I>--as-server</I> and <I>--as-proxy</I>.
 <DT><B>-U, --connection-timeout </B><I>&lt;time&gt;</I>
 
 <DD>
@@ -243,7 +243,7 @@ Disables logging to the syslog. Note that <I>--as-client</I> implies <I>--no-sys
 <DT><B>-i, --pid-file </B><I>&lt;pid-file&gt;</I>
 
 <DD>
-Causes the process-id to be written into the specified file when the program starts up, typically after it has become a backgroud daemon.
+Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon.
 <DT><B>-O, --poll </B><I>&lt;period&gt;</I>
 
 <DD>
@@ -299,7 +299,7 @@ Enables TLS for incoming SMTP and POP connections. SMTP clients can then request
 <DT><B>--server-tls-certificate </B><I>&lt;pem-file&gt;</I>
 
 <DD>
-Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
+Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
 <DT><B>--server-tls-connection</B>
 
 <DD>
@@ -311,7 +311,7 @@ Makes the use of TLS mandatory for any incoming SMTP and POP connections. SMTP c
 <DT><B>--server-tls-verify </B><I>&lt;ca-list&gt;</I>
 
 <DD>
-Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
+Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify <I>&lt;default&gt;</I> for the TLS library's default set of trusted CAs.
 <DT><B>-M, --size </B><I>&lt;bytes&gt;</I>
 
 <DD>
@@ -366,8 +366,7 @@ Graeme Walker, mailto:<A HREF="mailto:graeme_walker@users.sourceforge.net">graem
 </DL>
 <HR>
 This document was created by
-<A HREF="lynxcgi:FOO/cgi-bin/man/man2html">man2html</A>,
+<A HREF="lynxcgi:./cgi-bin/man/man2html">man2html</A>,
 using the manual pages.<BR>
 </BODY>
 </HTML>
-<!-- Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>. All rights reserved. -->
diff --git a/doc/emailrelay.1 b/doc/emailrelay.1
index 3bb3d6b..b4d099c 100644
--- a/doc/emailrelay.1
+++ b/doc/emailrelay.1
@@ -89,7 +89,7 @@ Specifies the IP network address to be used to bind the local end of outgoing SM
 Enables negotiated TLS for outgoing SMTP connections; the SMTP STARTTLS command will be issued if the remote server supports it.
 .TP
 .B --client-tls-certificate \fI<pem-file>\fR
-Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
+Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
 .TP
 .B \-b, --client-tls-connection
 Enables the use of a TLS tunnel for outgoing SMTP connections. This is for SMTP over TLS (SMTPS), not TLS negotiated within SMTP using STARTTLS.
@@ -101,13 +101,13 @@ Makes the use of TLS mandatory for outgoing SMTP connections. The SMTP STARTTLS
 Defines the target server hostname in the TLS handshake. With \fI--client-tls-connection\fR this can be used for SNI, allowing the remote server to adopt an appropriate identity.
 .TP
 .B --client-tls-verify \fI<ca-list>\fR
-Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
+Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify \fI<default>\fR for the TLS library's default set of trusted CAs.
 .TP
 .B --client-tls-verify-name \fI<cname>\fR
 Enables verification of the CNAME within the remote SMTP server's certificate.
 .TP
 .B \-e, --close-stderr
-Causes the standard error stream to be closed soon after start-up. This is useful when operating as a backgroud daemon and it is therefore implied by \fI--as-server\fR and \fI--as-proxy\fR.
+Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by \fI--as-server\fR and \fI--as-proxy\fR.
 .TP
 .B \-U, --connection-timeout \fI<time>\fR
 Specifies a timeout (in seconds) for establishing a TCP connection to remote SMTP servers. The default is 40 seconds.
@@ -182,7 +182,7 @@ Disables listening for incoming SMTP connections.
 Disables logging to the syslog. Note that \fI--as-client\fR implies \fI--no-syslog\fR.
 .TP
 .B \-i, --pid-file \fI<pid-file>\fR
-Causes the process-id to be written into the specified file when the program starts up, typically after it has become a backgroud daemon.
+Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon.
 .TP
 .B \-O, --poll \fI<period>\fR
 Causes forwarding of spooled mail messages to happen at regular intervals (with the time given in seconds).
@@ -224,7 +224,7 @@ Configures the SMTP server authentication module using a semicolon-separated lis
 Enables TLS for incoming SMTP and POP connections. SMTP clients can then request TLS encryption by issuing the STARTTLS command. The \fI--server-tls-certificate\fR option must be used to define the server certificate.
 .TP
 .B --server-tls-certificate \fI<pem-file>\fR
-Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
+Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
 .TP
 .B --server-tls-connection
 Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over TLS (SMTPS), not TLS negotiated within SMTP using STARTTLS.
@@ -233,7 +233,7 @@ Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over TLS (
 Makes the use of TLS mandatory for any incoming SMTP and POP connections. SMTP clients must use the STARTTLS command to establish a TLS session before they can issue SMTP AUTH or SMTP MAIL-TO commands.
 .TP
 .B --server-tls-verify \fI<ca-list>\fR
-Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
+Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify \fI<default>\fR for the TLS library's default set of trusted CAs.
 .TP
 .B \-M, --size \fI<bytes>\fR
 Limits the size of mail messages that can be submitted over SMTP.
diff --git a/doc/reference.html b/doc/reference.html
index 32aa189..3fd5136 100644
--- a/doc/reference.html
+++ b/doc/reference.html
@@ -112,8 +112,9 @@
       <dd>
        Defines the TLS certificate file when acting as a SMTP client. This file must
        contain the client's private key and certificate chain using the PEM file
-       format. Keep the file permissions tight to avoid accidental exposure of the
-       private key.
+       format. Alternatively, use this option twice with the first one specifying 
+       the key file and the second the certificate file. Keep the file permissions 
+       tight to avoid accidental exposure of the private key.
       </dd>
      <dt>--client-tls-connection (-b)</dt>
       <dd>
@@ -137,7 +138,8 @@
        Enables verification of the remote SMTP server's certificate against any of
        the trusted CA certificates in the specified file or directory. In many use
        cases this should be a file containing just your self-signed root
-       certificate.
+       certificate. Specify <em>&lt;default&gt;</em> for the TLS library's default set of
+       trusted CAs.
       </dd>
      <dt>--client-tls-verify-name &lt;cname&gt;</dt>
       <dd>
@@ -147,7 +149,7 @@
      <dt>--close-stderr (-e)</dt>
       <dd>
        Causes the standard error stream to be closed soon after start-up. This is
-       useful when operating as a backgroud daemon and it is therefore implied by
+       useful when operating as a background daemon and it is therefore implied by
        <em>--as-server</em> and <em>--as-proxy</em>.
       </dd>
      <dt>--connection-timeout &lt;time&gt; (-U)</dt>
@@ -301,7 +303,7 @@
      <dt>--pid-file &lt;pid-file&gt; (-i)</dt>
       <dd>
        Causes the process-id to be written into the specified file when the program
-       starts up, typically after it has become a backgroud daemon.
+       starts up, typically after it has become a background daemon.
       </dd>
      <dt>--poll &lt;period&gt; (-O)</dt>
       <dd>
@@ -392,8 +394,9 @@
       <dd>
        Defines the TLS certificate file when acting as a SMTP or POP server. This
        file must contain the server's private key and certificate chain using the
-       PEM file format. Keep the file permissions tight to avoid accidental
-       exposure of the private key.
+       PEM file format. Alternatively, use this option twice with the first one 
+       specifying the key file and the second the certificate file. Keep the file 
+       permissions tight to avoid accidental exposure of the private key.
       </dd>
      <dt>--server-tls-connection</dt>
       <dd>
@@ -411,7 +414,8 @@
        Enables verification of remote SMTP and POP clients' certificates against any
        of the trusted CA certificates in the specified file or directory. In many
        use cases this should be a file containing just your self-signed root
-       certificate.
+       certificate. Specify <em>&lt;default&gt;</em> for the TLS library's default set of
+       trusted CAs.
       </dd>
      <dt>--size &lt;bytes&gt; (-M)</dt>
       <dd>
diff --git a/doc/reference.md b/doc/reference.md
index e23157c..1f1eda4 100644
--- a/doc/reference.md
+++ b/doc/reference.md
@@ -98,8 +98,9 @@ where &lt;option&gt; is:
 
     Defines the TLS certificate file when acting as a SMTP client. This file must
     contain the client's private key and certificate chain using the PEM file
-    format. Keep the file permissions tight to avoid accidental exposure of the
-    private key.
+    format. Alternatively, use this option twice with the first one specifying 
+    the key file and the second the certificate file. Keep the file permissions 
+    tight to avoid accidental exposure of the private key.
 
 *   \-\-client-tls-connection (-b)
 
@@ -123,7 +124,8 @@ where &lt;option&gt; is:
     Enables verification of the remote SMTP server's certificate against any of
     the trusted CA certificates in the specified file or directory. In many use
     cases this should be a file containing just your self-signed root
-    certificate.
+    certificate. Specify `<default>` for the TLS library's default set of
+    trusted CAs.
 
 *   \-\-client-tls-verify-name &lt;cname&gt;
 
@@ -133,7 +135,7 @@ where &lt;option&gt; is:
 *   \-\-close-stderr (-e)
 
     Causes the standard error stream to be closed soon after start-up. This is
-    useful when operating as a backgroud daemon and it is therefore implied by
+    useful when operating as a background daemon and it is therefore implied by
     `--as-server` and `--as-proxy`.
 
 *   \-\-connection-timeout &lt;time&gt; (-U)
@@ -287,7 +289,7 @@ where &lt;option&gt; is:
 *   \-\-pid-file &lt;pid-file&gt; (-i)
 
     Causes the process-id to be written into the specified file when the program
-    starts up, typically after it has become a backgroud daemon.
+    starts up, typically after it has become a background daemon.
 
 *   \-\-poll &lt;period&gt; (-O)
 
@@ -378,8 +380,9 @@ where &lt;option&gt; is:
 
     Defines the TLS certificate file when acting as a SMTP or POP server. This
     file must contain the server's private key and certificate chain using the
-    PEM file format. Keep the file permissions tight to avoid accidental
-    exposure of the private key.
+    PEM file format. Alternatively, use this option twice with the first one 
+    specifying the key file and the second the certificate file. Keep the file 
+    permissions tight to avoid accidental exposure of the private key.
 
 *   \-\-server-tls-connection
 
@@ -397,7 +400,8 @@ where &lt;option&gt; is:
     Enables verification of remote SMTP and POP clients' certificates against any
     of the trusted CA certificates in the specified file or directory. In many
     use cases this should be a file containing just your self-signed root
-    certificate.
+    certificate. Specify `<default>` for the TLS library's default set of
+    trusted CAs.
 
 *   \-\-size &lt;bytes&gt; (-M)
 
diff --git a/doc/reference.rst b/doc/reference.rst
index 81d6826..80b303f 100644
--- a/doc/reference.rst
+++ b/doc/reference.rst
@@ -101,8 +101,9 @@ where \<option\> is:
 
     Defines the TLS certificate file when acting as a SMTP client. This file must
     contain the client's private key and certificate chain using the PEM file
-    format. Keep the file permissions tight to avoid accidental exposure of the
-    private key.
+    format. Alternatively, use this option twice with the first one specifying 
+    the key file and the second the certificate file. Keep the file permissions 
+    tight to avoid accidental exposure of the private key.
 
 *   --client-tls-connection (-b)
 
@@ -126,7 +127,8 @@ where \<option\> is:
     Enables verification of the remote SMTP server's certificate against any of
     the trusted CA certificates in the specified file or directory. In many use
     cases this should be a file containing just your self-signed root
-    certificate.
+    certificate. Specify *\<default\>* for the TLS library's default set of
+    trusted CAs.
 
 *   --client-tls-verify-name \<cname\>
 
@@ -136,7 +138,7 @@ where \<option\> is:
 *   --close-stderr (-e)
 
     Causes the standard error stream to be closed soon after start-up. This is
-    useful when operating as a backgroud daemon and it is therefore implied by
+    useful when operating as a background daemon and it is therefore implied by
     *--as-server* and *--as-proxy*.
 
 *   --connection-timeout \<time\> (-U)
@@ -290,7 +292,7 @@ where \<option\> is:
 *   --pid-file \<pid-file\> (-i)
 
     Causes the process-id to be written into the specified file when the program
-    starts up, typically after it has become a backgroud daemon.
+    starts up, typically after it has become a background daemon.
 
 *   --poll \<period\> (-O)
 
@@ -381,8 +383,9 @@ where \<option\> is:
 
     Defines the TLS certificate file when acting as a SMTP or POP server. This
     file must contain the server's private key and certificate chain using the
-    PEM file format. Keep the file permissions tight to avoid accidental
-    exposure of the private key.
+    PEM file format. Alternatively, use this option twice with the first one 
+    specifying the key file and the second the certificate file. Keep the file 
+    permissions tight to avoid accidental exposure of the private key.
 
 *   --server-tls-connection
 
@@ -400,7 +403,8 @@ where \<option\> is:
     Enables verification of remote SMTP and POP clients' certificates against any
     of the trusted CA certificates in the specified file or directory. In many
     use cases this should be a file containing just your self-signed root
-    certificate.
+    certificate. Specify *\<default\>* for the TLS library's default  set of
+    trusted CAs.
 
 *   --size \<bytes\> (-M)
 
diff --git a/doc/reference.txt b/doc/reference.txt
index a92ca4f..b1f2787 100644
--- a/doc/reference.txt
+++ b/doc/reference.txt
@@ -85,8 +85,9 @@ where <option> is:
 # --client-tls-certificate <pem-file>
   Defines the TLS certificate file when acting as a SMTP client. This file must
   contain the client's private key and certificate chain using the PEM file
-  format. Keep the file permissions tight to avoid accidental exposure of the
-  private key.
+  format. Alternatively, use this option twice with the first one specifying
+  the key file and the second the certificate file. Keep the file permissions
+  tight to avoid accidental exposure of the private key.
 
 # --client-tls-connection (-b)
   Enables the use of a TLS tunnel for outgoing SMTP connections. This is for
@@ -106,7 +107,8 @@ where <option> is:
   Enables verification of the remote SMTP server's certificate against any of
   the trusted CA certificates in the specified file or directory. In many use
   cases this should be a file containing just your self-signed root
-  certificate.
+  certificate. Specify "<default>" for the TLS library's default set of
+  trusted CAs.
 
 # --client-tls-verify-name <cname>
   Enables verification of the CNAME within the remote SMTP server's
@@ -114,7 +116,7 @@ where <option> is:
 
 # --close-stderr (-e)
   Causes the standard error stream to be closed soon after start-up. This is
-  useful when operating as a backgroud daemon and it is therefore implied by
+  useful when operating as a background daemon and it is therefore implied by
   "--as-server" and "--as-proxy".
 
 # --connection-timeout <time> (-U)
@@ -243,7 +245,7 @@ where <option> is:
 
 # --pid-file <pid-file> (-i)
   Causes the process-id to be written into the specified file when the program
-  starts up, typically after it has become a backgroud daemon.
+  starts up, typically after it has become a background daemon.
 
 # --poll <period> (-O)
   Causes forwarding of spooled mail messages to happen at regular intervals
@@ -320,8 +322,9 @@ where <option> is:
 # --server-tls-certificate <pem-file>
   Defines the TLS certificate file when acting as a SMTP or POP server. This
   file must contain the server's private key and certificate chain using the
-  PEM file format. Keep the file permissions tight to avoid accidental
-  exposure of the private key.
+  PEM file format. Alternatively, use this option twice with the first one
+  specifying the key file and the second the certificate file. Keep the file
+  permissions tight to avoid accidental exposure of the private key.
 
 # --server-tls-connection
   Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over
@@ -336,7 +339,8 @@ where <option> is:
   Enables verification of remote SMTP and POP clients' certificates against any
   of the trusted CA certificates in the specified file or directory. In many
   use cases this should be a file containing just your self-signed root
-  certificate.
+  certificate. Specify "<default>" for the TLS library's default set of
+  trusted CAs.
 
 # --size <bytes> (-M)
   Limits the size of mail messages that can be submitted over SMTP.
diff --git a/src/glib/Makefile.am b/src/glib/Makefile.am
index 9e2d13e..819e25c 100644
--- a/src/glib/Makefile.am
+++ b/src/glib/Makefile.am
@@ -103,6 +103,7 @@ libglib_a_SOURCES = \
 	gnewprocess.h \
 	gnewprocess_win32.cpp \
 	gomembuf.h \
+	goptional.h \
 	goptionmap.h \
 	goptionmap.cpp \
 	goptionparser.h \
@@ -233,6 +234,7 @@ libglib_a_SOURCES = \
 	gnewprocess.h \
 	gnewprocess_unix.cpp \
 	gomembuf.h \
+	goptional.h \
 	goptionmap.h \
 	goptionmap.cpp \
 	goptionparser.h \
diff --git a/src/glib/Makefile.in b/src/glib/Makefile.in
index 0dd7cab..01926b1 100644
--- a/src/glib/Makefile.in
+++ b/src/glib/Makefile.in
@@ -124,12 +124,12 @@ am__libglib_a_SOURCES_DIST = gpam_none.cpp gpam_linux.cpp garg.h \
 	gidentity_unix.cpp gimembuf.h glimits.h glog.h glog.cpp \
 	glogoutput.h glogoutput.cpp glogoutput_unix.cpp gmapfile.h \
 	gmapfile.cpp gmd5.h gmd5.cpp gmsg_unix.cpp gmsg.h \
-	gnewprocess.h gnewprocess_unix.cpp gomembuf.h goptionmap.h \
-	goptionmap.cpp goptionparser.h goptionparser.cpp goptions.h \
-	goptions.cpp goptionvalue.h gpam.h gpath.h gpath.cpp \
-	gpidfile.h gpidfile.cpp gprocess.h gprocess_unix.cpp grandom.h \
-	grandom.cpp greadwrite.h greadwrite.cpp groot.h groot.cpp \
-	gscope.h gsignalsafe.h gsleep.h gslot.h gslot.cpp \
+	gnewprocess.h gnewprocess_unix.cpp gomembuf.h goptional.h \
+	goptionmap.h goptionmap.cpp goptionparser.h goptionparser.cpp \
+	goptions.h goptions.cpp goptionvalue.h gpam.h gpath.h \
+	gpath.cpp gpidfile.h gpidfile.cpp gprocess.h gprocess_unix.cpp \
+	grandom.h grandom.cpp greadwrite.h greadwrite.cpp groot.h \
+	groot.cpp gscope.h gsignalsafe.h gsleep.h gslot.h gslot.cpp \
 	gstatemachine.h gstr.h gstr.cpp gstrings.h gstringwrap.cpp \
 	gstringwrap.h gstringview.h gtest.h gtest.cpp gthread.cpp \
 	gtime.h gtime.cpp gxtext.h gxtext.cpp galign.h \
@@ -532,6 +532,7 @@ noinst_LIBRARIES = libglib.a
 @GCONFIG_WINDOWS_FALSE@	gnewprocess.h \
 @GCONFIG_WINDOWS_FALSE@	gnewprocess_unix.cpp \
 @GCONFIG_WINDOWS_FALSE@	gomembuf.h \
+@GCONFIG_WINDOWS_FALSE@	goptional.h \
 @GCONFIG_WINDOWS_FALSE@	goptionmap.h \
 @GCONFIG_WINDOWS_FALSE@	goptionmap.cpp \
 @GCONFIG_WINDOWS_FALSE@	goptionparser.h \
@@ -639,6 +640,7 @@ noinst_LIBRARIES = libglib.a
 @GCONFIG_WINDOWS_TRUE@	gnewprocess.h \
 @GCONFIG_WINDOWS_TRUE@	gnewprocess_win32.cpp \
 @GCONFIG_WINDOWS_TRUE@	gomembuf.h \
+@GCONFIG_WINDOWS_TRUE@	goptional.h \
 @GCONFIG_WINDOWS_TRUE@	goptionmap.h \
 @GCONFIG_WINDOWS_TRUE@	goptionmap.cpp \
 @GCONFIG_WINDOWS_TRUE@	goptionparser.h \
diff --git a/src/glib/gdatetime.cpp b/src/glib/gdatetime.cpp
index c550d6e..d017f88 100644
--- a/src/glib/gdatetime.cpp
+++ b/src/glib/gdatetime.cpp
@@ -1,5 +1,5 @@
 //
-// Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>
+// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -20,6 +20,7 @@
 
 #include "gdef.h"
 #include "gdatetime.h"
+#include "goptional.h"
 #include "gstr.h"
 #include "gassert.h"
 #include <sstream>
@@ -54,6 +55,79 @@ namespace G
 
 			return TimeInterval( static_cast<TimeInterval::s_type>(su) , static_cast<TimeInterval::us_type>(usu) ) ;
 		}
+		bool operator<( const std::tm & a , const std::tm & b ) noexcept
+		{
+			if( a.tm_year < b.tm_year ) return true ;
+			if( a.tm_year > b.tm_year ) return false ;
+			if( a.tm_mon < b.tm_mon ) return true ;
+			if( a.tm_mon > b.tm_mon ) return false ;
+			if( a.tm_mday < b.tm_mday ) return true ;
+			if( a.tm_mday > b.tm_mday ) return false ;
+			if( a.tm_hour < b.tm_hour ) return true ;
+			if( a.tm_hour > b.tm_hour ) return false ;
+			if( a.tm_min < b.tm_min ) return true ;
+			if( a.tm_min > b.tm_min ) return false ;
+			return a.tm_sec < b.tm_sec ;
+		}
+		bool sameMinute( const std::tm & a , const std::tm & b ) noexcept
+		{
+			return
+				a.tm_year == b.tm_year &&
+				a.tm_mon == b.tm_mon &&
+				a.tm_mday == b.tm_mday &&
+				a.tm_hour == b.tm_hour &&
+				a.tm_min == b.tm_min ;
+		}
+		bool same( const std::tm & a , const std::tm & b ) noexcept
+		{
+			return sameMinute( a , b ) && a.tm_sec == b.tm_sec ;
+		}
+		void localtime( std::tm & tm_out , std::time_t t_in )
+		{
+			if( localtime_r( &t_in , &tm_out ) == nullptr )
+				throw DateTime::Error() ;
+			tm_out.tm_isdst = -1 ;
+		}
+		void gmtime( std::tm & tm_out , std::time_t t_in )
+		{
+			if( gmtime_r( &t_in , &tm_out ) == nullptr )
+				throw DateTime::Error() ;
+			tm_out.tm_isdst = -1 ;
+		}
+		std::time_t mktimelocal( const std::tm & local_tm_in )
+		{
+			struct std::tm tm = local_tm_in ;
+			tm.tm_isdst = -1 ;
+			std::time_t t = std::mktime( &tm ) ;
+			if( t == std::time_t(-1) )
+				throw DateTime::Error() ;
+			return t ;
+		}
+		std::time_t mktimeutc( const std::tm & utc_tm_in , std::time_t begin , std::time_t end )
+		{
+			// returns 't' such that std::gmtime(t) gives the target broken-down time -- does
+			// a binary search over the time_t range down to one second resolution
+			std::time_t count = end - begin ;
+			std::time_t t = begin ;
+			while( count > 0 )
+			{
+				std::time_t i = t ;
+				std::time_t step = count / 2 ;
+				i += step ;
+				std::tm tm {} ;
+				gmtime( tm , i ) ;
+				if( tm < utc_tm_in )
+				{
+					t = ++i ;
+					count -= step + 1 ;
+				}
+				else
+				{
+					count = step ;
+				}
+			}
+			return t ;
+		}
 	}
 }
 
@@ -66,89 +140,57 @@ G::BrokenDownTime::BrokenDownTime() :
 G::BrokenDownTime::BrokenDownTime( const struct std::tm & tm_in ) :
 	m_tm(tm_in)
 {
+	// dont trust the dst flag passed in -- force mktime()
+	// to do the extra work (strftime() does anyway)
 	m_tm.tm_isdst = -1 ;
-	if( std::time_t(-1) == std::mktime( &m_tm ) ) // set wday and yday
-		throw DateTime::Error() ;
 }
 
 std::time_t G::BrokenDownTime::epochTimeFromLocal() const
 {
-	struct std::tm tm = m_tm ;
-	tm.tm_isdst = -1 ;
-	std::time_t t = std::mktime( &tm ) ;
-	if( t == std::time_t(-1) )
-		throw DateTime::Error() ;
-	return t ;
+	return DateTimeImp::mktimelocal( m_tm ) ;
 }
 
 std::time_t G::BrokenDownTime::epochTimeFromUtc() const
 {
-	BrokenDownTime copy( *this ) ;
-	copy.m_tm.tm_sec = 0 ; // simplify for leap-seconds, add back below
-	return copy.epochTimeFromUtcImp() + m_tm.tm_sec ;
-}
+	std::time_t t0 = DateTimeImp::mktimelocal( m_tm ) ;
 
-std::time_t G::BrokenDownTime::epochTimeFromUtcImp() const
-{
-	static bool diff_set = false ;
-	static std::time_t diff = 0 ;
-	return epochTimeFromUtcImp( diff_set , diff ) ;
-}
-
-std::time_t G::BrokenDownTime::epochTimeFromUtcImp( bool & diff_set , std::time_t & diff ) const
-{
-	constexpr int day = 24 * 60 * 60 ;
-	constexpr std::time_t dt = 60 * 15 ; // india 30mins, nepal 45mins // NOLINT
-	constexpr std::time_t day_and_a_bit = day + dt ;
-	constexpr std::time_t t_rounding = 30 ;
-
-	// use mktime() for a rough starting point
-	std::time_t t_base = epochTimeFromLocal() ;
-
-	// see if the previous diff result is still valid (no change of dst etc),
-	if( diff_set && !sameMinute( SystemTime(t_base+diff+t_rounding).utc() ) )
-		diff_set = false ;
-
-	// find the timezone diff
-	if( !diff_set )
+	static optional<std::time_t> memo ;
+	if( memo.has_value() )
 	{
-		// iterate over all possible timezones modifying the epoch time until
-		// its utc broken-down-time (gmtime()) matches ours
-		//
-		auto t = t_base - day_and_a_bit ;
-		auto end = t_base + day_and_a_bit ;
-		for( diff = -day_and_a_bit ; t <= end ; t += dt , diff += dt )
-		{
-			if( sameMinute( SystemTime(t+t_rounding).utc() ) )
-			{
-				diff_set = true ;
-				break ;
-			}
-		}
+		std::tm tm {} ;
+		DateTimeImp::gmtime( tm , t0+memo.value() ) ;
+		if( DateTimeImp::same(tm,m_tm) )
+			return t0 + memo.value() ;
 	}
 
-	if( !diff_set )
-		throw DateTime::Error( "unsupported timezone" ) ;
+	std::time_t dt = 25 * 3600 + 10 ;
+	std::time_t begin = std::max(dt,t0) - dt ;
+	std::time_t end = t0 + dt ;
+	std::time_t t = DateTimeImp::mktimeutc( m_tm , begin , end ) ;
+	if( t == begin || t == end )
+		throw DateTime::Error( "timezone error" ) ;
 
-	return t_base + diff ;
+	memo = t - t0 ;
+	return t ;
+}
+
+G::BrokenDownTime G::BrokenDownTime::null()
+{
+	return {} ;
 }
 
 G::BrokenDownTime G::BrokenDownTime::local( SystemTime t )
 {
-	BrokenDownTime tm ;
-	std::time_t s = t.s() ;
-	if( localtime_r( &s , &tm.m_tm ) == nullptr )
-		throw DateTime::Error() ;
-	return tm ;
+	BrokenDownTime bdt ;
+	DateTimeImp::localtime( bdt.m_tm , t.s() ) ;
+	return bdt ;
 }
 
 G::BrokenDownTime G::BrokenDownTime::utc( SystemTime t )
 {
-	BrokenDownTime tm ;
-	std::time_t s = t.s() ;
-	if( gmtime_r( &s , &tm.m_tm ) == nullptr )
-		throw DateTime::Error() ;
-	return tm ;
+	BrokenDownTime bdt ;
+	DateTimeImp::gmtime( bdt.m_tm , t.s() ) ;
+	return bdt ;
 }
 
 G::BrokenDownTime::BrokenDownTime( int y , int mon , int d , int h , int min , int sec ) :
@@ -161,8 +203,8 @@ G::BrokenDownTime::BrokenDownTime( int y , int mon , int d , int h , int min , i
 	m_tm.tm_min = min ;
 	m_tm.tm_sec = sec ;
 	m_tm.tm_isdst = -1 ;
-	if( std::time_t(-1) == std::mktime( &m_tm ) ) // set wday and yday
-		throw DateTime::Error() ;
+	m_tm.tm_wday = 0 ;
+	m_tm.tm_yday = 0 ;
 }
 
 G::BrokenDownTime G::BrokenDownTime::midday( int year , int month , int day )
@@ -170,15 +212,29 @@ G::BrokenDownTime G::BrokenDownTime::midday( int year , int month , int day )
 	return { year , month , day , 12 , 0 , 0 } ;
 }
 
-void G::BrokenDownTime::format( std::vector<char> & out , const char * fmt ) const
+G::BrokenDownTime G::BrokenDownTime::midnight( int year , int month , int day )
+{
+	return { year , month , day , 0 , 0 , 0 } ;
+}
+
+bool G::BrokenDownTime::format( char * out , std::size_t out_size , const char * fmt ) const
 {
 	for( const char * p = std::strchr(fmt,'%') ; p && p[1] ; p = std::strchr(p+1,'%') )
 	{
-		if( !std::strchr(DateTimeImp::good_format,p[1]) )
-			throw DateTime::Error() ;
+		if( std::strchr(DateTimeImp::good_format,p[1]) == nullptr )
+			throw DateTime::Error("bad format string") ;
 	}
 
-	if( std::strftime( &out[0] , out.size() , fmt , &m_tm ) == 0U )
+	std::tm tm_copy = m_tm ;
+	tm_copy.tm_isdst = -1 ;
+	(void) mktime( &tm_copy ) ; // fill in isdst, wday, yday
+
+	return std::strftime( out , out_size , fmt , &tm_copy ) > 0U ;
+}
+
+void G::BrokenDownTime::format( std::vector<char> & out , const char * fmt ) const
+{
+	if( !format( &out[0] , out.size() , fmt ) )
 		throw DateTime::Error() ;
 }
 
@@ -196,7 +252,7 @@ std::string G::BrokenDownTime::str( const char * fmt ) const
 	std::vector<char> buffer( n ) ;
 	format( buffer , fmt ) ;
 	buffer.at(buffer.size()-1U) = '\0' ; // just in case
-	return std::string( &buffer[0] ) ;
+	return { &buffer[0] } ;
 }
 
 int G::BrokenDownTime::hour() const
@@ -234,14 +290,9 @@ int G::BrokenDownTime::wday() const
 	return m_tm.tm_wday ;
 }
 
-bool G::BrokenDownTime::sameMinute( const BrokenDownTime & other ) const
+bool G::BrokenDownTime::sameMinute( const BrokenDownTime & other ) const noexcept
 {
-	return
-		year() == other.year() &&
-		month() == other.month() &&
-		day() == other.day() &&
-		hour() == other.hour() &&
-		min() == other.min() ;
+	return DateTimeImp::sameMinute( m_tm , other.m_tm ) ;
 }
 
 // ==
@@ -384,18 +435,13 @@ std::ostream & G::operator<<( std::ostream & stream , const SystemTime & t )
 
 G::TimerTime G::TimerTime::now()
 {
-	return TimerTime( std::chrono::steady_clock::now() , false ) ;
+	return { std::chrono::steady_clock::now() , false } ;
 }
 
 G::TimerTime G::TimerTime::zero()
 {
 	duration_type zero_duration{0} ;
-	return TimerTime( time_point_type(zero_duration) , true ) ;
-}
-
-G::TimerTime G::TimerTime::test( int s , int us )
-{
-	return TimerTime( time_point_type(std::chrono::seconds(s)+std::chrono::microseconds(us)) , s==0 && us==0 ) ;
+	return { time_point_type(zero_duration) , true } ;
 }
 
 G::TimerTime::TimerTime( time_point_type tp , bool is_zero ) :
@@ -404,18 +450,30 @@ G::TimerTime::TimerTime( time_point_type tp , bool is_zero ) :
 {
 }
 
-unsigned long G::TimerTime::test_s() const
+G::TimerTime G::TimerTime::test( int s , int us )
+{
+	return { time_point_type(std::chrono::seconds(s)+std::chrono::microseconds(us)) , s==0 && us==0 } ;
+}
+
+unsigned long G::TimerTime::s() const
 {
 	using namespace std::chrono ;
 	return static_cast<unsigned long>(duration_cast<seconds>(m_tp.time_since_epoch()).count()) ;
 }
 
-unsigned long G::TimerTime::test_us() const
+unsigned long G::TimerTime::us() const
 {
 	using namespace std::chrono ;
 	return static_cast<unsigned long>((duration_cast<microseconds>(m_tp.time_since_epoch()) % seconds(1)).count()) ;
 }
 
+std::string G::TimerTime::str() const
+{
+	std::ostringstream ss ;
+	ss << s() << '.' << std::setw(6) << std::setfill('0') << us() ;
+	return ss.str() ;
+}
+
 G::TimerTime G::TimerTime::operator+( const TimeInterval & interval ) const
 {
 	TimerTime t( *this ) ;
diff --git a/src/glib/gdatetime.h b/src/glib/gdatetime.h
index dfeb0a8..450e3aa 100644
--- a/src/glib/gdatetime.h
+++ b/src/glib/gdatetime.h
@@ -1,5 +1,5 @@
 //
-// Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>
+// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -50,9 +50,16 @@ public:
 	BrokenDownTime( int year , int month , int day , int hh , int mm , int ss ) ;
 		///< Constructor.
 
+	static BrokenDownTime null() ;
+		///< Factory function for an unusable object with bogus
+		///< component values.
+
 	static BrokenDownTime midday( int year , int month , int day ) ;
 		///< Factory function for midday on the given date.
 
+	static BrokenDownTime midnight( int year , int month , int day ) ;
+		///< Factory function for midnight starting the given date.
+
 	static BrokenDownTime local( SystemTime ) ;
 		///< Factory function for the locale-dependent local time of the
 		///< given epoch time. See also SystemTime::local().
@@ -61,11 +68,16 @@ public:
 		///< Factory function for the utc time of the given epoch time.
 		///< See also SystemTime::utc().
 
-	void format( std::vector<char> & out , const char * fmt ) const ;
+	bool format( char * out , std::size_t out_size , const char * fmt ) const ;
 		///< Puts the formatted date, including a terminating null character,
-		///< into the given buffer. Only simple non-locale-dependent format
-		///< specifiers are allowed, and these allowed specifiers explicitly
-		///< exclude '%z' and '%Z'.
+		///< into the given output buffer. Returns false if the output buffer
+		///< is too small. Only simple non-locale-dependent format specifiers
+		///< are allowed, and these allowed specifiers explicitly exclude
+		///< '%z' and '%Z'.
+
+	void format( std::vector<char> & out , const char * fmt ) const ;
+		///< Overload for an output vector. Throws if the vector is
+		///< too small for the result (with its null terminator).
 
 	std::string str( const char * fmt ) const ;
 		///< Returns the formatted date, with the same restrictions
@@ -103,15 +115,13 @@ public:
 		///< Uses std::mktime() to convert this locale-dependent
 		///< local broken-down time into epoch time.
 
-	bool sameMinute( const BrokenDownTime & other ) const ;
+	bool sameMinute( const BrokenDownTime & other ) const noexcept ;
 		///< Returns true if this and the other broken-down
 		///< times are the same, at minute resolution with
 		///< no rounding.
 
 private:
 	BrokenDownTime() ;
-	std::time_t epochTimeFromUtcImp( bool & , std::time_t & ) const ;
-	std::time_t epochTimeFromUtcImp() const ;
 
 private:
 	friend class G::DateTimeTest ;
@@ -267,8 +277,9 @@ private:
 	using time_point_type = std::chrono::time_point<std::chrono::steady_clock> ;
 	TimerTime( time_point_type , bool ) ;
 	static TimerTime test( int , int ) ;
-	unsigned long test_s() const ;
-	unsigned long test_us() const ;
+	unsigned long s() const ; // DateTimeTest
+	unsigned long us() const ; // DateTimeTest
+	std::string str() const ; // DateTimeTest
 
 private:
 	bool m_is_zero ;
diff --git a/src/glib/glogoutput.cpp b/src/glib/glogoutput.cpp
index 3f70c89..4bf895f 100644
--- a/src/glib/glogoutput.cpp
+++ b/src/glib/glogoutput.cpp
@@ -23,6 +23,7 @@
 #include "gdatetime.h"
 #include "gscope.h"
 #include "gfile.h"
+#include "groot.h"
 #include "gomembuf.h"
 #include "glimits.h"
 #include <algorithm>
@@ -81,7 +82,8 @@ G::LogOutput::LogOutput( const std::string & exename , const Config & config ,
 		m_path(path)
 {
 	updateTime() ;
-	open( m_path , true ) ;
+	updatePath() ;
+	open( m_real_path , true ) ;
 	osinit() ;
 	m_depth = 0U ;
 	if( LogOutputImp::this_ == nullptr )
@@ -99,7 +101,8 @@ G::LogOutput::LogOutput( bool output_enabled_and_summary_info ,
 		.set_debug(verbose_info_and_debug) ;
 
 	updateTime() ;
-	open( m_path , true ) ;
+	updatePath() ;
+	open( m_real_path , true ) ;
 	osinit() ;
 	m_depth = 0U ;
 	if( LogOutputImp::this_ == nullptr )
@@ -172,7 +175,24 @@ void G::LogOutput::output( std::ostream & ss )
 		instance()->output( ss , 0 ) ;
 }
 
-void G::LogOutput::open( std::string path , bool do_throw )
+bool G::LogOutput::updatePath()
+{
+	std::string real_path = m_path ;
+	std::size_t pos = 0U ;
+	if( (pos=real_path.find("%h")) != std::string::npos )
+	{
+		real_path[pos] = m_time_buffer[9] ;
+		real_path[pos+1] = m_time_buffer[10] ;
+	}
+	if( (pos=real_path.find("%d")) != std::string::npos )
+	{
+		real_path.replace( pos , 2U , std::string(&m_time_buffer[0],8U) ) ;
+	}
+	real_path.swap( m_real_path ) ;
+	return real_path != m_real_path ;
+}
+
+void G::LogOutput::open( const std::string & path , bool do_throw )
 {
 	if( path.empty() )
 	{
@@ -180,11 +200,11 @@ void G::LogOutput::open( std::string path , bool do_throw )
 	}
 	else
 	{
-		std::size_t pos = path.find( "%d" ) ;
-		if( pos != std::string::npos )
-			path.replace( pos , 2U , std::string(&m_time_buffer[0],8U) ) ;
-
-		int fd = File::open( path.c_str() , File::InOutAppend::Append ) ;
+		int fd = -1 ;
+		{
+			Root claim_root ;
+			fd = File::open( path.c_str() , File::InOutAppend::Append ) ;
+		}
 		if( fd < 0 )
 		{
 			if( do_throw )
@@ -205,8 +225,8 @@ std::ostream & G::LogOutput::start( Log::Severity severity )
 	if( m_depth > 1 )
 		return LogOutputImp::ostream2() ;
 
-	if( updateTime() )
-		open( m_path , false ) ;
+	if( updateTime() && updatePath() )
+		open( m_real_path , false ) ;
 
 	std::ostream & ss = LogOutputImp::ostream1() ;
 	ss << std::dec ;
@@ -295,17 +315,17 @@ bool G::LogOutput::updateTime()
 {
 	SystemTime now = SystemTime::now() ;
 	m_time_us = now.us() ;
-	bool new_day = false ;
+	bool new_hour = false ;
 	if( m_time_s == 0 || m_time_s != now.s() || m_time_buffer.empty() )
 	{
 		m_time_s = now.s() ;
 		m_time_buffer.resize( 17U ) ;
 		now.local().format( m_time_buffer , "%Y%m%d.%H%M%S." ) ;
 		m_time_buffer[16U] = '\0' ;
-		new_day = 0 != std::memcmp( &m_date_buffer[0] , &m_time_buffer[0] , m_date_buffer.size() ) ;
-		std::memcpy( &m_date_buffer[0] , &m_time_buffer[0] , m_date_buffer.size() ) ;
+		new_hour = 0 != std::memcmp( &m_time_change_buffer[0] , &m_time_buffer[0] , 11U ) ;
+		std::memcpy( &m_time_change_buffer[0] , &m_time_buffer[0] , m_time_change_buffer.size() ) ;
 	}
-	return new_day ;
+	return new_hour ;
 }
 
 void G::LogOutput::appendTimeTo( std::ostream & ss )
diff --git a/src/glib/glogoutput.h b/src/glib/glogoutput.h
index e65a848..3aecda0 100644
--- a/src/glib/glogoutput.h
+++ b/src/glib/glogoutput.h
@@ -191,12 +191,13 @@ public:
 
 private:
 	void osinit() ;
-	void open( std::string , bool ) ;
+	void open( const std::string & , bool ) ;
 	std::ostream & start( Log::Severity ) ;
 	void output( std::ostream & , int ) ;
 	void osoutput( int , Log::Severity , char * , std::size_t ) ;
 	void oscleanup() const noexcept ;
 	bool updateTime() ;
+	bool updatePath() ;
 	void appendTimeTo( std::ostream & ) ;
 	static const char * levelString( Log::Severity ) noexcept ;
 	static const char * basename( const char * ) noexcept ;
@@ -207,9 +208,10 @@ private:
 	std::time_t m_time_s{0} ;
 	unsigned int m_time_us{0U} ;
 	std::vector<char> m_time_buffer ;
-	std::array<char,8U> m_date_buffer {} ;
+	std::array<char,17U> m_time_change_buffer {} ;
 	HANDLE m_handle{0} ; // windows
 	std::string m_path ;
+	std::string m_real_path ;
 	int m_fd{-1} ;
 	unsigned int m_depth{1U} ;
 	Log::Severity m_severity{Log::Severity::s_Debug} ;
diff --git a/src/glib/goptional.h b/src/glib/goptional.h
new file mode 100644
index 0000000..551d5cc
--- /dev/null
+++ b/src/glib/goptional.h
@@ -0,0 +1,127 @@
+//
+// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+// ===
+///
+/// \file goptional.h
+///
+
+#ifndef G_OPTIONAL_H
+#define G_OPTIONAL_H
+
+#include "gdef.h"
+#include <utility>
+#include <stdexcept>
+
+namespace G
+{
+	template <typename T> class optional ;
+}
+
+//| \class G::optional
+/// A class template like a simplified c++17 std::optional.
+///
+template <typename T>
+class G::optional
+{
+public:
+	optional() noexcept(noexcept(T())) ;
+	explicit optional( const T & ) ;
+	optional( bool has_value , const T & value ) ; // not in std::optional()
+	void clear() noexcept ; // not in std::optional()
+	bool has_value() const noexcept ;
+	explicit operator bool() const noexcept ;
+	const T & value() const ;
+	T value_or( const T & ) const ;
+	optional<T> & operator=( const T & ) ;
+
+public:
+	~optional() = default ;
+	optional( const optional & ) = default ;
+	optional( optional && ) noexcept = default ;
+	optional & operator=( const optional & ) = default ;
+	optional & operator=( optional && ) noexcept = default ;
+
+private:
+	void doThrow() const ;
+
+private:
+	T m_value {} ;
+	bool m_has_value {false} ;
+} ;
+
+template <typename T>
+G::optional<T>::optional() noexcept(noexcept(T()))
+= default ;
+
+template <typename T>
+G::optional<T>::optional( const T & t ) :
+	m_value(t) ,
+	m_has_value(true)
+{
+}
+
+template <typename T>
+G::optional<T>::optional( bool has_value , const T & value ) :
+	m_value(value) ,
+	m_has_value(has_value)
+{
+}
+
+template <typename T>
+void G::optional<T>::clear() noexcept
+{
+	m_has_value = false ;
+}
+
+template <typename T>
+bool G::optional<T>::has_value() const noexcept
+{
+	return m_has_value ;
+}
+
+template <typename T>
+G::optional<T>::operator bool() const noexcept
+{
+	return m_has_value ;
+}
+
+template <typename T>
+const T & G::optional<T>::value() const
+{
+	return m_has_value ? m_value : ( doThrow() , m_value ) ;
+}
+
+template <typename T>
+void G::optional<T>::doThrow() const
+{
+	throw std::runtime_error( "bad optional access" ) ;
+}
+
+template <typename T>
+T G::optional<T>::value_or( const T & default_ ) const
+{
+	return m_has_value ? m_value : default_ ;
+}
+
+template <typename T>
+G::optional<T> & G::optional<T>::operator=( const T & t )
+{
+	m_value = t ;
+	m_has_value = true ;
+	return *this ;
+}
+
+#endif
diff --git a/src/glib/gslot.h b/src/glib/gslot.h
index ec3a5ec..118aad1 100644
--- a/src/glib/gslot.h
+++ b/src/glib/gslot.h
@@ -181,7 +181,7 @@ namespace G
 						m_slot.m_fn( args... ) ;
 				}
 			}
-			void reset()
+			void reset() noexcept
 			{
 				m_emitted = false ;
 			}
@@ -189,6 +189,14 @@ namespace G
 			{
 				return !! m_slot.m_fn ;
 			}
+			bool emitted() const noexcept
+			{
+				return m_emitted ;
+			}
+			void emitted( bool emitted ) noexcept
+			{
+				m_emitted = emitted ;
+			}
 			~Signal() = default ;
 			Signal( const Signal & ) = delete ;
 			Signal( Signal && ) = delete ;
diff --git a/src/gsmtp/gnetworkfilter.cpp b/src/gsmtp/gnetworkfilter.cpp
index c15c5ca..21c2e9a 100644
--- a/src/gsmtp/gnetworkfilter.cpp
+++ b/src/gsmtp/gnetworkfilter.cpp
@@ -27,18 +27,18 @@ GSmtp::NetworkFilter::NetworkFilter( GNet::ExceptionSink es , FileStore & file_s
 	const std::string & server , unsigned int connection_timeout , unsigned int response_timeout ) :
 		m_es(es) ,
 		m_file_store(file_store) ,
+		m_timer(*this,&NetworkFilter::onTimeout,m_es) ,
+		m_done_signal(true) , // one-shot until reset()
 		m_location(server) ,
 		m_connection_timeout(connection_timeout) ,
 		m_response_timeout(response_timeout)
 {
 	m_client_ptr.eventSignal().connect( G::Slot::slot(*this,&GSmtp::NetworkFilter::clientEvent) ) ;
-	m_client_ptr.deletedSignal().connect( G::Slot::slot(*this,&GSmtp::NetworkFilter::clientDeleted) ) ;
 }
 
 GSmtp::NetworkFilter::~NetworkFilter()
 {
 	m_client_ptr.eventSignal().disconnect() ;
-	m_client_ptr.deletedSignal().disconnect() ;
 }
 
 std::string GSmtp::NetworkFilter::id() const
@@ -53,35 +53,51 @@ bool GSmtp::NetworkFilter::simple() const
 
 void GSmtp::NetworkFilter::start( const MessageId & message_id )
 {
-	m_text.erase() ;
-	if( m_client_ptr.get() == nullptr )
+	m_text.clear() ;
+	m_timer.cancelTimer() ;
+	m_done_signal.reset() ;
+	if( m_client_ptr.get() == nullptr || m_client_ptr->busy() )
 	{
 		m_client_ptr.reset( std::make_unique<RequestClient>(
-			GNet::ExceptionSink(m_client_ptr,m_es.esrc()),
+			GNet::ExceptionSink(*this,&m_client_ptr),
 			"scanner" , "ok" ,
 			m_location , m_connection_timeout , m_response_timeout ) ) ;
 	}
 	m_client_ptr->request( m_file_store.contentPath(message_id).str() ) ; // (no need to wait for connection)
 }
 
-void GSmtp::NetworkFilter::clientDeleted( const std::string & reason )
+void GSmtp::NetworkFilter::onException( GNet::ExceptionSource * , std::exception & e , bool done )
 {
-	if( !reason.empty() )
-	{
-		m_text = "failed" "\t" + reason ;
-		m_done_signal.emit( 2 ) ;
-	}
+	if( m_client_ptr.get() )
+		m_client_ptr->doOnDelete( e.what() , done ) ;
+	m_client_ptr.reset() ;
+
+	sendResult( std::string("failed\t").append(e.what()) ) ;
 }
 
 void GSmtp::NetworkFilter::clientEvent( const std::string & s1 , const std::string & s2 , const std::string & )
 {
 	if( s1 == "scanner" ) // ie. this is the response received by the RequestClient
 	{
-		m_text = s2 ;
-		m_done_signal.emit( m_text.empty() ? 0 : 2 ) ;
+		sendResult( s2 ) ;
 	}
 }
 
+void GSmtp::NetworkFilter::sendResult( const std::string & reason )
+{
+	if( !m_text.has_value() )
+	{
+		m_text = reason ;
+		m_timer.startTimer( 0 ) ;
+	}
+}
+
+void GSmtp::NetworkFilter::onTimeout()
+{
+	if( m_text.has_value() )
+		m_done_signal.emit( m_text.value().empty() ? 0 : 2 ) ;
+}
+
 bool GSmtp::NetworkFilter::special() const
 {
 	return false ;
@@ -90,12 +106,12 @@ bool GSmtp::NetworkFilter::special() const
 std::string GSmtp::NetworkFilter::response() const
 {
 	// allow "<response><tab><reason>"
-	return G::Str::printable( G::Str::head( m_text , "\t" , false ) ) ;
+	return G::Str::printable( G::Str::head( m_text.value_or({}) , "\t" , false ) ) ;
 }
 
 std::string GSmtp::NetworkFilter::reason() const
 {
-	return G::Str::printable( G::Str::tail( m_text , "\t" , false ) ) ;
+	return G::Str::printable( G::Str::tail( m_text.value_or({}) , "\t" , false ) ) ;
 }
 
 G::Slot::Signal<int> & GSmtp::NetworkFilter::doneSignal()
@@ -105,11 +121,14 @@ G::Slot::Signal<int> & GSmtp::NetworkFilter::doneSignal()
 
 void GSmtp::NetworkFilter::cancel()
 {
+	m_text.clear() ;
+	m_timer.cancelTimer() ;
+	m_done_signal.emitted( true ) ;
 	m_client_ptr.reset() ;
-	m_text.erase() ;
 }
 
 bool GSmtp::NetworkFilter::abandoned() const
 {
 	return false ;
 }
+
diff --git a/src/gsmtp/gnetworkfilter.h b/src/gsmtp/gnetworkfilter.h
index 6ba104c..0c37a7d 100644
--- a/src/gsmtp/gnetworkfilter.h
+++ b/src/gsmtp/gnetworkfilter.h
@@ -27,6 +27,7 @@
 #include "gclientptr.h"
 #include "grequestclient.h"
 #include "geventhandler.h"
+#include "goptional.h"
 
 namespace GSmtp
 {
@@ -38,7 +39,7 @@ namespace GSmtp
 /// remote network server. The response of ok/abandon/fail is
 /// delivered via the base class's doneSignal().
 ///
-class GSmtp::NetworkFilter : public Filter
+class GSmtp::NetworkFilter : public Filter , private GNet::ExceptionHandler
 {
 public:
 	NetworkFilter( GNet::ExceptionSink , FileStore & , const std::string & server_location ,
@@ -58,6 +59,7 @@ private: // overrides
 	std::string response() const override ; // Override from from GSmtp::Filter.
 	std::string reason() const override ; // Override from from GSmtp::Filter.
 	bool special() const override ; // Override from from GSmtp::Filter.
+	void onException( GNet::ExceptionSource * , std::exception & , bool ) override ; // Override from from GNet::ExceptionHandler.
 
 public:
 	NetworkFilter( const NetworkFilter & ) = delete ;
@@ -67,17 +69,19 @@ public:
 
 private:
 	void clientEvent( const std::string & , const std::string & , const std::string & ) ;
-	void clientDeleted( const std::string & ) ;
+	void sendResult( const std::string & ) ;
+	void onTimeout() ;
 
 private:
 	GNet::ExceptionSink m_es ;
 	FileStore & m_file_store ;
+	GNet::ClientPtr<RequestClient> m_client_ptr ;
+	GNet::Timer<NetworkFilter> m_timer ;
 	G::Slot::Signal<int> m_done_signal ;
 	GNet::Location m_location ;
 	unsigned int m_connection_timeout ;
 	unsigned int m_response_timeout ;
-	GNet::ClientPtr<RequestClient> m_client_ptr ;
-	std::string m_text ;
+	G::optional<std::string> m_text ;
 } ;
 
 #endif
diff --git a/src/gui/emailrelay-gui.rc b/src/gui/emailrelay-gui.rc
index 7570990..898a8fb 100644
--- a/src/gui/emailrelay-gui.rc
+++ b/src/gui/emailrelay-gui.rc
@@ -7,8 +7,8 @@ LANGUAGE 0x9,0x1
 IDI_ICON1 ICON DISCARDABLE "emailrelay-icon.ico"
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 2, 3, 0, 0
- PRODUCTVERSION 2, 3, 0, 0
+ FILEVERSION 2, 3, 1, 0
+ PRODUCTVERSION 2, 3, 1, 0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -26,12 +26,12 @@ BEGIN
             VALUE "Comments", "GPL v3 license"
             VALUE "CompanyName", " "
             VALUE "FileDescription", "E-MailRelay GUI Application"
-            VALUE "FileVersion", "2, 3, 0, 0"
+            VALUE "FileVersion", "2, 3, 1, 0"
             VALUE "InternalName", "emailrelay"
             VALUE "LegalCopyright", "Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>"
             VALUE "OriginalFilename", "emailrelay-gui.exe"
             VALUE "ProductName", "E-MailRelay"
-            VALUE "ProductVersion", "2, 3, 0, 0"
+            VALUE "ProductVersion", "2, 3, 1, 0"
         END
     END
     BLOCK "VarFileInfo"
diff --git a/src/gui/installer.cpp b/src/gui/installer.cpp
index 2b39c90..dd8af3b 100644
--- a/src/gui/installer.cpp
+++ b/src/gui/installer.cpp
@@ -1260,7 +1260,7 @@ void Launcher::run()
 		// doesn't work well because stderr is not always inherited
 		// and then closed cleanly)
 		std::string s = m_cmd.exe().str() ;
-		(void) system( s.c_str() ) ;
+		(void) system( s.c_str() ) ; // NOLINT
 	}
 }
 
diff --git a/src/main/configuration.cpp b/src/main/configuration.cpp
index fe36199..01c62c8 100644
--- a/src/main/configuration.cpp
+++ b/src/main/configuration.cpp
@@ -373,9 +373,14 @@ std::string Main::Configuration::tlsConfig() const
 	return m_map.value( "tls-config" ) ;
 }
 
+G::Path Main::Configuration::serverTlsPrivateKey() const
+{
+	return keyFile( "server-tls-certificate" ) ;
+}
+
 G::Path Main::Configuration::serverTlsCertificate() const
 {
-	return m_map.contains("server-tls-certificate") ? pathValue("server-tls-certificate") : G::Path() ;
+	return certificateFile( "server-tls-certificate" ) ;
 }
 
 G::Path Main::Configuration::serverTlsCaList() const
@@ -393,9 +398,26 @@ std::string Main::Configuration::clientTlsPeerHostName() const
 	return m_map.value( "client-tls-server-name" ) ;
 }
 
+G::Path Main::Configuration::clientTlsPrivateKey() const
+{
+	return keyFile( "client-tls-certificate" ) ;
+}
+
 G::Path Main::Configuration::clientTlsCertificate() const
 {
-	return m_map.contains("client-tls-certificate") ? pathValue("client-tls-certificate") : G::Path() ;
+	return certificateFile( "client-tls-certificate" ) ;
+}
+
+G::Path Main::Configuration::keyFile( const std::string & option_name ) const
+{
+	std::string value = m_map.value( option_name ) ;
+	return value.empty() ? G::Path() : pathValueImp( G::Str::head(value,",",false) ) ;
+}
+
+G::Path Main::Configuration::certificateFile( const std::string & option_name ) const
+{
+	std::string value = m_map.value( option_name ) ;
+	return value.empty() ? G::Path() : pathValueImp( G::Str::tail(value,",",false) ) ;
 }
 
 G::Path Main::Configuration::clientTlsCaList() const
@@ -693,6 +715,18 @@ G::StringArray Main::Configuration::semantics( bool want_errors ) const
 			gettext("the --client-tls- options require --client-tls or --client-tls-connection") ) ;
 	}
 
+	if( m_map.count("server-tls-certificate") > 2U )
+	{
+		errors.push_back(
+			gettext("the --server-tls-certificate option cannot be used more than twice") ) ;
+	}
+
+	if( m_map.count("client-tls-certificate") > 2U )
+	{
+		errors.push_back(
+			gettext("the --client-tls-certificate option cannot be used more than twice") ) ;
+	}
+
 	if( m_map.contains("client-tls-verify-name") && !m_map.contains("client-tls-verify") )
 	{
 		errors.push_back(
@@ -786,14 +820,20 @@ G::Path Main::Configuration::pathValue( const std::string & option_name ) const
 	}
 	else
 	{
-		if( value.find("@app") == 0U && !m_app_dir.empty() )
-			G::Str::replace( value , "@app" , m_app_dir.str() ) ;
-
-		return G::Path(value).isAbsolute() ? G::Path(value) : ( daemon() ? (m_base_dir+value) : value ) ;
+		return pathValueImp( value ) ;
 	}
 }
 
-bool Main::Configuration::pathlike( const std::string & option_name ) const
+G::Path Main::Configuration::pathValueImp( const std::string & value_in ) const
+{
+	std::string value = value_in ;
+	if( value.find("@app") == 0U && !m_app_dir.empty() )
+		G::Str::replace( value , "@app" , m_app_dir.str() ) ;
+
+	return G::Path(value).isAbsolute() ? G::Path(value) : ( daemon() ? (m_base_dir+value) : value ) ;
+}
+
+bool Main::Configuration::pathlike( const std::string & option_name )
 {
 	return
 		option_name == "log-file" ||
@@ -812,7 +852,7 @@ bool Main::Configuration::pathlike( const std::string & option_name ) const
 		false ;
 }
 
-bool Main::Configuration::filterType( const std::string & option_name ) const
+bool Main::Configuration::filterType( const std::string & option_name )
 {
 	return
 		option_name == "filter" ||
@@ -820,21 +860,21 @@ bool Main::Configuration::filterType( const std::string & option_name ) const
 		option_name == "address-verifier" ;
 }
 
-bool Main::Configuration::specialFilterValue( const std::string & value ) const
+bool Main::Configuration::specialFilterValue( const std::string & value )
 {
 	return
 		value.find(':') != std::string::npos &&
 		value.find(':') >= 3U ;
 }
 
-bool Main::Configuration::verifyType( const std::string & option_name ) const
+bool Main::Configuration::verifyType( const std::string & option_name )
 {
 	return
 		option_name == "server-tls-verify" ||
 		option_name == "client-tls-verify" ;
 }
 
-bool Main::Configuration::specialVerifyValue( const std::string & value ) const
+bool Main::Configuration::specialVerifyValue( const std::string & value )
 {
 	return !value.empty() && value.at(0U) == '<' && value.at(value.length()-1U) == '>' ;
 }
diff --git a/src/main/configuration.h b/src/main/configuration.h
index 183b027..4c64198 100644
--- a/src/main/configuration.h
+++ b/src/main/configuration.h
@@ -281,12 +281,18 @@ public:
 	std::string tlsConfig() const ;
 		///< Returns low-level TLS configuration options.
 
+	G::Path serverTlsPrivateKey() const ;
+		///< Returns the server-side TLS private key file.
+
 	G::Path serverTlsCertificate() const ;
 		///< Returns the server-side TLS certificate file.
 
 	G::Path serverTlsCaList() const ;
 		///< Returns the server-side TLS CA file-or-directory.
 
+	G::Path clientTlsPrivateKey() const ;
+		///< Returns the client-side TLS private key file.
+
 	G::Path clientTlsCertificate() const ;
 		///< Returns the client-side TLS certificate file.
 
@@ -319,13 +325,16 @@ public:
 		///< sub-string.
 
 private:
-	G::Path pathValue( const std::string & ) const ;
+	G::Path pathValue( const std::string & option ) const ;
+	G::Path pathValueImp( const std::string & value ) const ;
+	G::Path keyFile( const std::string & option ) const ;
+	G::Path certificateFile( const std::string & option ) const ;
 	std::string semanticError( bool & ) const ;
-	bool pathlike( const std::string & ) const ;
-	bool filterType( const std::string & ) const ;
-	bool specialFilterValue( const std::string & ) const ;
-	bool verifyType( const std::string & ) const ;
-	bool specialVerifyValue( const std::string & ) const ;
+	static bool pathlike( const std::string & ) ;
+	static bool filterType( const std::string & ) ;
+	static bool specialFilterValue( const std::string & ) ;
+	static bool verifyType( const std::string & ) ;
+	static bool specialVerifyValue( const std::string & ) ;
 	G::StringArray semantics( bool ) const ;
 	bool validSyslogFacility() const ;
 
diff --git a/src/main/options.cpp b/src/main/options.cpp
index 9f83953..1a4c736 100644
--- a/src/main/options.cpp
+++ b/src/main/options.cpp
@@ -216,12 +216,14 @@ G::Options Main::Options::spec( bool is_windows )
 		opt.add( { "" , "server-tls-certificate" ,
 			gettext("specifies a private TLS key+certificate file for --server-tls! "
 				"or --server-tls-connection") ,
-			"1" , "pem-file" , "3" } , '!' ) ;
+			"2" , "pem-file" , "3" } , '!' ) ;
 				//example: /etc/ssl/certs/emailrelay.pem
 				//example: C:/ProgramData/E-MailRelay/emailrelay.pem
 				// Defines the TLS certificate file when acting as a SMTP or POP server.
 				// This file must contain the server's private key and certificate chain
-				// using the PEM file format. Keep the file permissions tight to avoid
+				// using the PEM file format. Alternatively, use this option twice
+				// with the first one specifying the key file and the second the
+				// certificate file. Keep the file permissions tight to avoid
 				// accidental exposure of the private key.
 
 		opt.add( { "" , "server-tls-verify" ,
@@ -251,13 +253,15 @@ G::Options Main::Options::spec( bool is_windows )
 
 		opt.add( { "" , "client-tls-certificate" ,
 			gettext("specifies a private TLS key+certificate file for --client-tls") ,
-			"1" , "pem-file" , "3" } , '!' ) ;
+			"2" , "pem-file" , "3" } , '!' ) ;
 				//example: /etc/ssl/certs/emailrelay.pem
 				//example: C:/ProgramData/E-MailRelay/emailrelay.pem
 				// Defines the TLS certificate file when acting as a SMTP client. This file
 				// must contain the client's private key and certificate chain using the
-				// PEM file format. Keep the file permissions tight to avoid accidental
-				// exposure of the private key.
+				// PEM file format. Alternatively, use this option twice with the first
+				// one specifying the key file and the second the certificate file.
+				// Keep the file permissions tight to avoid accidental exposure of the
+				// private key.
 
 		opt.add( { "" , "client-tls-verify" ,
 			gettext("enables verification of remote server's certificate! "
diff --git a/src/main/run.cpp b/src/main/run.cpp
index c521ee5..e538d14 100644
--- a/src/main/run.cpp
+++ b/src/main/run.cpp
@@ -68,7 +68,7 @@ namespace { std::string localedir() { return std::string() ; } }
 
 std::string Main::Run::versionNumber()
 {
-	return "2.3" ;
+	return "2.3.1" ;
 }
 
 Main::Run::Run( Main::Output & output , const G::Arg & arg , bool is_windows , bool has_gui ) :
@@ -267,14 +267,14 @@ void Main::Run::run()
 
 	if( configuration().serverTls() || configuration().serverTlsConnection() )
 		m_tls_library->addProfile( "server" , true ,
-			configuration().serverTlsCertificate().str() , // key
-			configuration().serverTlsCertificate().str() , // cert
+			configuration().serverTlsPrivateKey().str() ,
+			configuration().serverTlsCertificate().str() ,
 			configuration().serverTlsCaList().str() ) ;
 
 	if( configuration().clientTls() || configuration().clientOverTls() )
 		m_tls_library->addProfile( "client" , false ,
-			configuration().clientTlsCertificate().str() , // key
-			configuration().clientTlsCertificate().str() , // cert
+			configuration().clientTlsPrivateKey().str() ,
+			configuration().clientTlsCertificate().str() ,
 			configuration().clientTlsCaList().str() ,
 			configuration().clientTlsPeerCertificateName() ,
 			configuration().clientTlsPeerHostName() ) ;
diff --git a/src/main/servicewrapper.cpp b/src/main/servicewrapper.cpp
index 3af40bc..7a2eb17 100644
--- a/src/main/servicewrapper.cpp
+++ b/src/main/servicewrapper.cpp
@@ -19,7 +19,8 @@
 ///
 // A service wrapper program. When called from the command-line with
 // "--install" the wrapper registers itself with the Windows Service
-// sub-system so that it gets re-executed when the service is started.
+// sub-system so that it gets re-executed by the service manager
+// when the service is started.
 //
 // When re-executed the wrapper just registers its ServiceMain() entry
 // point and blocks within the service dispatcher function.
@@ -36,8 +37,8 @@
 // entry point to receive service stop requests.
 //
 // Once the server process is created a separate thread is used to
-// check that it is still running a short time later. If it is not
-// running then the service is reported as failed.
+// check that it is still running. If it is not running then the
+// service is reported as failed and the wrapper terminates.
 //
 // By default the "<name>-start.bat" file must be in the same directory
 // as this service wrapper, but if there is a file "<service-wrapper>.cfg"
@@ -64,8 +65,6 @@
 #include <new>
 
 #define G_SERVICE_DEBUG( expr ) do { std::ostringstream ss ; ss << expr ; ServiceImp::log( ss.str() ) ; } while(0)
-static constexpr unsigned int cfg_check_timeout_ms = 3000U ;
-static constexpr int cfg_checks = 2 ;
 static constexpr unsigned int cfg_overall_timeout_ms = 8000U ;
 using ServiceHandle = SERVICE_STATUS_HANDLE ;
 
@@ -136,15 +135,23 @@ struct ServiceChild
 
 struct ServiceEvent
 {
-	ServiceEvent( std::nullptr_t ) noexcept :
-		m_h(0)
-	{
-	}
 	ServiceEvent() :
 		m_h(0)
 	{
 		create() ;
 	}
+	explicit ServiceEvent( HANDLE h ) noexcept :
+		m_h(h)
+	{
+	}
+	ServiceEvent( std::nullptr_t ) noexcept :
+		m_h(0)
+	{
+	}
+	~ServiceEvent()
+	{
+		close() ;
+	}
 	void create()
 	{
 		const DWORD access = DELETE | SYNCHRONIZE | EVENT_MODIFY_STATE | PROCESS_DUP_HANDLE ;
@@ -155,14 +162,6 @@ struct ServiceEvent
 			throw ServiceError( "CreateEvent" , e ) ;
 		}
 	}
-	explicit ServiceEvent( HANDLE h ) noexcept :
-		m_h(h)
-	{
-	}
-	~ServiceEvent()
-	{
-		close() ;
-	}
 	void close() noexcept
 	{
 		if( m_h )
@@ -542,30 +541,35 @@ void Service::runThread()
 
 void Service::runThread( HANDLE hthread_exit , ServiceHandle hservice , HANDLE hprocess )
 {
-	G_SERVICE_DEBUG( "Service::runThread: start" ) ;
-	ServiceEvent thread_exit( hthread_exit ) ;
-	bool set_running = false ; // setStatus(RUNNING) only once
-	for( int i = 0 ; i < cfg_checks ; i++ )
+	G_SERVICE_DEBUG( "Service::runThread: monitoring thread: start" ) ;
+	setStatus( hservice , SERVICE_RUNNING ) ;
+	for(;;)
 	{
-		if( !thread_exit.wait(cfg_check_timeout_ms) )
-		{
-			G_SERVICE_DEBUG( "Service::runThread: signalled to stop" ) ;
-			break ;
-		}
-		bool is_running = ServiceChild::isRunning( hprocess ) ;
-		G_SERVICE_DEBUG( "Service::runThread: " << (is_running?"is":"not") << " running" ) ;
-		if( is_running && !set_running )
-		{
-			set_running = true ;
-			setStatus( hservice , SERVICE_RUNNING ) ;
-		}
-		else if( !is_running )
+		HANDLE handles[2] = { hprocess , hthread_exit } ;
+		DWORD timeout_ms = INFINITE ;
+		DWORD rc =  WaitForMultipleObjects( 2U , handles , FALSE , timeout_ms ) ;
+		if( rc == WAIT_OBJECT_0 ) // hprocess
 		{
+			G_SERVICE_DEBUG( "Service::runThread: monitoring thread: server process has terminated" ) ;
 			setStatus( hservice , SERVICE_STOPPED ) ;
 			break ;
 		}
+		else if( rc == (WAIT_OBJECT_0+1) ) // hthread_exit
+		{
+			G_SERVICE_DEBUG( "Service::runThread: monitoring thread: asked to stop" ) ;
+			break ;
+		}
+		else if( rc == WAIT_TIMEOUT )
+		{
+			G_SERVICE_DEBUG( "Service::runThread: monitoring thread: timeout" ) ;
+		}
+		else
+		{
+			G_SERVICE_DEBUG( "Service::runThread: monitoring thread: wait error" ) ;
+			break ;
+		}
 	}
-	G_SERVICE_DEBUG( "Service::runThread: done" ) ;
+	G_SERVICE_DEBUG( "Service::runThread: monitoring thread: done" ) ;
 }
 
 ServiceHandle Service::statusHandle( const std::string & service_name )
diff --git a/src/main/submit.cpp b/src/main/submit.cpp
index 101a0b5..038d5ae 100644
--- a/src/main/submit.cpp
+++ b/src/main/submit.cpp
@@ -64,7 +64,7 @@ G_EXCEPTION_CLASS( NoBody , "no body text" ) ;
 
 std::string versionNumber()
 {
-	return "2.3" ;
+	return "2.3.1" ;
 }
 
 static std::string writeFiles( const G::Path & spool_dir ,
diff --git a/test/Server.pm b/test/Server.pm
index c8a9d6d..8a3c56a 100644
--- a/test/Server.pm
+++ b/test/Server.pm
@@ -182,8 +182,9 @@ sub _switches
 		( exists($sw{Filter}) ? "--filter __FILTER__ " : "" ) .
 		( exists($sw{FilterTimeout}) ? "--filter-timeout 1 " : "" ) .
 		( exists($sw{ConnectionTimeout}) ? "--connection-timeout 1 " : "" ) .
-		( exists($sw{ClientFilter}) ? "--client-filter __CLIENT_FILTER__ " : "" ) .
 		( exists($sw{Immediate}) ? "--immediate " : "" ) .
+		( exists($sw{ClientFilter}) ? "--client-filter __CLIENT_FILTER__ " : "" ) .
+		( exists($sw{ClientFilterNet}) ? "--client-filter __SCANNER__ " : "" ) .
 		( exists($sw{Scanner}) ? "--filter __SCANNER__ " : "" ) .
 		( exists($sw{Verifier}) ? "--address-verifier __VERIFIER__ " : "" ) .
 		( exists($sw{DontServe}) ? "--dont-serve " : "" ) .
diff --git a/test/System.pm b/test/System.pm
index 8f1ccf3..7e781b1 100644
--- a/test/System.pm
+++ b/test/System.pm
@@ -500,6 +500,25 @@ sub submitMessage
 	System::unlink( $path ) ;
 }
 
+sub submitMessageText
+{
+    # Submits a message using emailrelay-submit.
+	my ( $spool_dir , @lines ) = @_ ;
+	my $to = "me\@there.localnet" ;
+	my $path = tempfile( "message" ) ;
+	my $fh = new FileHandle( $path , "w" ) or die ;
+	print $fh "Subject: test\r\n\r\n" ;
+	for my $line ( @lines )
+	{
+		print $fh $line , "\r\n" ;
+	}
+	$fh->close() or die ;
+	my $rc = system( sanepath(exe($bin_dir,"emailrelay-submit")) . " --from me\@here.localnet " .
+		"--spool-dir $spool_dir $to < $path" ) ;
+	Check::that( $rc == 0 , "failed to submit" ) ;
+	System::unlink( $path ) ;
+}
+
 sub submitMessages
 {
 	# Submits 'n' message of 'm' lines using the "emailrelay-submit" utility.
diff --git a/test/emailrelay-test.pl b/test/emailrelay-test.pl
index 01f728c..4de6274 100755
--- a/test/emailrelay-test.pl
+++ b/test/emailrelay-test.pl
@@ -1604,6 +1604,68 @@ sub testClientFilterBlock
 	System::unlink( $outputfile ) ;
 }
 
+sub testClientNetworkFilter
+{
+	# setup
+	my %args = (
+		Log => 1 ,
+		LogFile => 1 ,
+		Verbose => 1 ,
+		Domain => 1 ,
+		SpoolDir => 1 ,
+		Forward => 1 ,
+		ForwardTo => 1 ,
+		ClientFilterNet => 1 ,
+		FilterTimeout => 1 ,
+		Hidden => 1 ,
+		Port => 1 ,
+		PidFile => 1 ,
+	) ;
+	my %server_args = (
+		Log => 1 ,
+		LogFile => 1 ,
+		Verbose => 1 ,
+		Domain => 1 ,
+		SpoolDir => 1 ,
+		Hidden => 1 ,
+		Port => 1 ,
+		PidFile => 1 ,
+	) ;
+	my $spool_dir_1 = System::createSpoolDir( "spool-1" ) ;
+	my $spool_dir_2 = System::createSpoolDir( "spool-2" ) ;
+	System::submitMessageText( $spool_dir_1 , "send ok" ) ;
+	System::submitMessageText( $spool_dir_1 , "send ok" , "shutdown" ) ;
+	System::submitMessageText( $spool_dir_1 , "send ok" , "shutdown" ) ;
+	System::submitMessageText( $spool_dir_1 , "send _failed_" ) ;
+	System::submitMessageText( $spool_dir_1 , "send ok" ) ;
+	Check::fileMatchCount( $spool_dir_1 ."/emailrelay.*.envelope", 5 ) ;
+	my $server_1 = new Server(undef,undef,undef,$spool_dir_1) ;
+	my $server_2 = new Server(System::nextPort(),undef,System::nextPort(),$spool_dir_2) ;
+	my $scanner = new Scanner( $server_1->scannerAddress() ) ;
+	$scanner->run() ;
+	Check::ok( $server_2->run(\%server_args) , "failed to run" , $server_2->message() ) ;
+	Check::running( $server_2->pid() , $server_2->message() ) ;
+	$server_1->set_dst( $server_2->smtpPort() ) ;
+	Check::ok( $server_1->run(\%args) , "failed to run" , $server_1->message() ) ;
+
+	# test that the messages are fowarded or not according to the filter
+	System::waitForFiles( $spool_dir_2."/emailrelay.*.envelope", 4 ) ;
+	System::waitForFiles( $spool_dir_1."/emailrelay.*.envelope.bad", 1 ) ;
+	Check::allFilesContain( $spool_dir_1."/emailrelay.*.envelope.bad" , "_failed_" ) ;
+	Check::fileContains( $scanner->logfile() , "info:.*new connection" , undef , 3 ) ;
+	Check::fileContains( $scanner->logfile() , "info:.*file: " , undef , 5 ) ;
+
+	# tear down
+	$server_1->kill() ;
+	$server_2->kill() ;
+	$server_1->cleanup() ;
+	$server_2->cleanup() ;
+	$scanner->kill() ;
+	$scanner->cleanup() ;
+	System::deleteSpoolDir( $spool_dir_1 , 1 ) ;
+	System::deleteSpoolDir( $spool_dir_2 , 1 ) ;
+}
+
 sub testClientGivenUnknownMechanisms
 {
 	# setup
diff --git a/test/emailrelay_test_scanner.cpp b/test/emailrelay_test_scanner.cpp
index 46621aa..af2831c 100644
--- a/test/emailrelay_test_scanner.cpp
+++ b/test/emailrelay_test_scanner.cpp
@@ -27,6 +27,7 @@
 //  * sleep [<time>]
 //  * delete-content
 //  * delete-envelope
+//  * shutdown
 //  * disconnect
 //  * terminate
 //
@@ -148,10 +149,12 @@ bool Main::ScannerPeer::processFile( std::string path , std::string eol )
 			G_LOG_S( "ScannerPeer::processFile: sleeping: " << sleep_time ) ;
 			::sleep( sleep_time ) ;
 		}
+		if( line.find("shutdown") == 0U )
+		{
+			socket().shutdown() ;
+		}
 		if( line.find("disconnect") == 0U )
 		{
-			if( sent )
-				::sleep( 1U ) ; // allow the data to get down the pipe
 			return false ;
 		}
 		if( line.find("terminate") == 0U )
@@ -231,7 +234,7 @@ int main( int argc , char * argv [] )
 		std::string log_file = arg.index("--log-file",1U) ? arg.v(arg.index("--log-file",1U)+1U) : std::string() ;
 		std::string port_str = arg.index("--port",1U) ? arg.v(arg.index("--port",1U)+1U) : std::string("10020") ;
 		std::string pid_file = arg.index("--pid-file",1U) ? arg.v(arg.index("--pid-file",1U)+1U) : std::string() ;
-		unsigned int idle_timeout = 30U ;
+		unsigned int idle_timeout = 10U ;
 
 		GNet::Address address = G::Str::isNumeric(port_str) ?
 			GNet::Address( GNet::Address::Family::ipv4 , G::Str::toUInt(port_str) ) :
@@ -244,7 +247,15 @@ int main( int argc , char * argv [] )
 			file << G::Process::Id().str() << std::endl ;
 		}
 
-		G::LogOutput log_output( log , debug , log_file ) ;
+		G::LogOutput log_output( arg.prefix() ,
+			G::LogOutput::Config()
+				.set_output_enabled()
+				.set_summary_info(log||debug)
+				.set_verbose_info(log||debug)
+				.set_debug(debug)
+				.set_with_level(true) ,
+			log_file ) ;
+
 		int rc = run( address , idle_timeout ) ;
 		std::cout << "done" << std::endl ;
 		return rc ;
diff --git a/winbuild.pl b/winbuild.pl
index c07ab60..96a5e65 100644
--- a/winbuild.pl
+++ b/winbuild.pl
@@ -69,7 +69,7 @@ my $cmake_args = {
 } ;
 
 # version
-chomp( my $version = eval { FileHandle->new("VERSION")->gets() } || "2.3" ) ;
+chomp( my $version = eval { FileHandle->new("VERSION")->gets() } || "2.3.1" ) ;
 
 # makefile conditionals
 my %switches = (
@@ -483,7 +483,7 @@ sub run_cmake
 	my $mbedtls_dir = Cwd::realpath( $mbedtls ) ;
 	my $mbedtls_include_dir = "$mbedtls_dir/include" ;
 	my $mbedtls_lib_dir = "$mbedtls_dir/$arch/library/Release" ; # fixed up to Debug elsewhere
-	my $qt_dir = Cwd::realpath( $qt_dirs->{$arch} ) ;
+	my $qt_dir = defined($qt_dirs) ? Cwd::realpath( $qt_dirs->{$arch} ) : "." ;
 	my $module_path = Cwd::realpath( "." ) ;
 
 	my @arch_args = @{$cmake_args->{$arch}} ;