3 <TITLE>Exim FAQ</TITLE>
5 <body bgcolor="#FFFFFF" text="#00005A">
8 This is the FAQ for the Exim Mail Transfer Agent. Thanks to the many
9 people who provided the original information. This file would be amazingly
10 cluttered if I tried to list them all. Suggestions for corrections,
11 improvements, and additions are welcome.
15 This version of the FAQ applies to Exim 3.10 and later releases. The syntax of
16 some of the options was altered and tidied up at release 3.00. Some of the
17 examples quoted here will not work with earlier releases.
21 References of the form Cnnn and Fnnn are to the sample configuration and filter
22 files that can be found in the separately distributed directory called
23 <B>config.samples.</B> The primary location is
27 <A HREF="ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/config.samples.tar.gz">ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/config.samples.tar.gz</A></PRE>
29 There are brief descriptions of these files at the end of this document.
32 The FAQ is divided into the following sections:
33 <A HREF="FAQ.html#TOC1">Debugging</A>,
34 <A HREF="FAQ.html#TOC37">Building exim</A>,
35 <A HREF="FAQ.html#TOC48">Mailbox locking</A>,
36 <A HREF="FAQ.html#TOC51">Routing</A>,
37 <A HREF="FAQ.html#TOC77">Directing</A>,
38 <A HREF="FAQ.html#TOC115">Delivery</A>,
39 <A HREF="FAQ.html#TOC151">UUCP</A>,
40 <A HREF="FAQ.html#TOC155">Performance</A>,
41 <A HREF="FAQ.html#TOC159">Policy controls</A>,
42 <A HREF="FAQ.html#TOC193">Majordomo</A>,
43 <A HREF="FAQ.html#TOC198">Rewriting</A>,
44 <A HREF="FAQ.html#TOC206">Headers</A>,
45 <A HREF="FAQ.html#TOC211">Fetchmail</A>,
46 <A HREF="FAQ.html#TOC215">Perl</A>,
47 <A HREF="FAQ.html#TOC218">Dial-up</A>,
48 <A HREF="FAQ.html#TOC223">Millennium</A>,
49 <A HREF="FAQ.html#TOC225">Miscellaneous</A>,
50 <A HREF="FAQ.html#TOC267">HP-UX</A>,
51 <A HREF="FAQ.html#TOC269">BSDI</A>,
52 <A HREF="FAQ.html#TOC271">IRIX</A>,
53 <A HREF="FAQ.html#TOC274">Linux</A>,
54 <A HREF="FAQ.html#TOC281">Sun systems</A>,
55 <A HREF="FAQ.html#TOC291">Cookbook</A>, and
56 <A HREF="FAQ.html#TOC315">List of sample configurations</A>.
58 Philip Hazel <B><B><ph10@cus.cam.ac.uk</B>></B><BR>
59 Last updated: 15-December-1999
63 <A NAME="TOC1" HREF="FAQ.html#SEC1">0. DEBUGGING</A>
65 <LI><A NAME="TOC2" HREF="FAQ.html#SEC2">Q0001</A>: Exim is crashing. What is wrong?
66 <LI><A NAME="TOC3" HREF="FAQ.html#SEC3">Q0002</A>: Exim is not working. What is wrong?
67 <LI><A NAME="TOC4" HREF="FAQ.html#SEC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
68 69 from command <I>xxx</I>" mean?
69 <LI><A NAME="TOC5" HREF="FAQ.html#SEC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
70 <LI><A NAME="TOC6" HREF="FAQ.html#SEC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
71 receiving an SMTP message with a large number of recipients?
72 <LI><A NAME="TOC7" HREF="FAQ.html#SEC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
74 <LI><A NAME="TOC8" HREF="FAQ.html#SEC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
76 <LI><A NAME="TOC9" HREF="FAQ.html#SEC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
77 working. The expansion I'm using is:
78 <LI><A NAME="TOC10" HREF="FAQ.html#SEC10">Q0009</A>: Is there a way to print recognized local domains?
79 <LI><A NAME="TOC11" HREF="FAQ.html#SEC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
80 message from my User Agent, it does not arrive at its destination.
81 <LI><A NAME="TOC12" HREF="FAQ.html#SEC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
82 delivery: too many connections (19, max 0)". What am I missing?
83 <LI><A NAME="TOC13" HREF="FAQ.html#SEC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
85 <LI><A NAME="TOC14" HREF="FAQ.html#SEC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
86 messages. Is this a bug?
87 <LI><A NAME="TOC15" HREF="FAQ.html#SEC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
88 (or cdb) files, but Exim doesn't seem to be able to use them.
89 <LI><A NAME="TOC16" HREF="FAQ.html#SEC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
90 able to access the DNS.
91 <LI><A NAME="TOC17" HREF="FAQ.html#SEC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
92 end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
93 attempts fail with "458 Already processing".
94 <LI><A NAME="TOC18" HREF="FAQ.html#SEC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
95 transport driver "<B>aliasfile</B>" in line 92" mean?
96 <LI><A NAME="TOC19" HREF="FAQ.html#SEC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
97 from one particular host, and yet the client host also claims to be
98 timing out. This seems to affect only certain messages.
99 <LI><A NAME="TOC20" HREF="FAQ.html#SEC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
100 failed: address already in use" mean?
101 <LI><A NAME="TOC21" HREF="FAQ.html#SEC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
102 headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
103 look all right to me. Is this a bug?
104 <LI><A NAME="TOC22" HREF="FAQ.html#SEC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
105 server, it fails, giving the error "Remote end closed connection after
106 data" or "Broken pipe" or a timeout. What's going on?
107 <LI><A NAME="TOC23" HREF="FAQ.html#SEC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
108 something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
109 I see the appropriate "waiting for passed connections to get used"
111 <LI><A NAME="TOC24" HREF="FAQ.html#SEC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
112 assumed not to exist" mean?
113 <LI><A NAME="TOC25" HREF="FAQ.html#SEC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
114 recognize references to headers such as <B><B>${h_to}.</B></B>
115 <LI><A NAME="TOC26" HREF="FAQ.html#SEC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
116 host, and yet the remote host also claims to be timing out. This seems
117 to affect only certain messages.
118 <LI><A NAME="TOC27" HREF="FAQ.html#SEC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
119 request, the forked copy seems to go around in circles for a
120 significant (up to 5 minutes, so far) amount of time before deciding to
122 <LI><A NAME="TOC28" HREF="FAQ.html#SEC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
123 This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
124 problem started to occur at about 300 incoming connections.
125 <LI><A NAME="TOC29" HREF="FAQ.html#SEC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
126 by director" in a log line mean?
127 <LI><A NAME="TOC30" HREF="FAQ.html#SEC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
128 address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
129 configuration contains this:
130 <LI><A NAME="TOC31" HREF="FAQ.html#SEC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
131 <LI><A NAME="TOC32" HREF="FAQ.html#SEC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
132 with the banner, when connections to other ports respond instantly?
133 <LI><A NAME="TOC33" HREF="FAQ.html#SEC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
134 expansion in it. This fails:
135 <LI><A NAME="TOC34" HREF="FAQ.html#SEC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
136 gives error code 69, with the comment "(could mean service or program
138 <LI><A NAME="TOC35" HREF="FAQ.html#SEC35">Q0034</A>: I'm having a problem with an Exim RPM.
139 <LI><A NAME="TOC36" HREF="FAQ.html#SEC36">Q0035</A>: What does the error "Spool file is locked" mean?
142 <A NAME="TOC37" HREF="FAQ.html#SEC37">1. BUILDING EXIM</A>
144 <LI><A NAME="TOC38" HREF="FAQ.html#SEC38">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
146 <LI><A NAME="TOC39" HREF="FAQ.html#SEC39">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
147 <LI><A NAME="TOC40" HREF="FAQ.html#SEC40">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
148 <LI><A NAME="TOC41" HREF="FAQ.html#SEC41">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
149 build Exim. (On some systems this error is "undefined reference to
151 <LI><A NAME="TOC42" HREF="FAQ.html#SEC42">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
152 spool is empty, or take any other special action?
153 <LI><A NAME="TOC43" HREF="FAQ.html#SEC43">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
154 <LI><A NAME="TOC44" HREF="FAQ.html#SEC44">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
155 and so is failing to build.
156 <LI><A NAME="TOC45" HREF="FAQ.html#SEC45">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
157 <B>globals.c</B> module.
158 <LI><A NAME="TOC46" HREF="FAQ.html#SEC46">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
160 <LI><A NAME="TOC47" HREF="FAQ.html#SEC47">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
164 <A NAME="TOC48" HREF="FAQ.html#SEC48">2. MAILBOX LOCKING</A>
166 <LI><A NAME="TOC49" HREF="FAQ.html#SEC49">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
167 post" when Exim tries to do a local delivery?
168 <LI><A NAME="TOC50" HREF="FAQ.html#SEC50">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
172 <A NAME="TOC51" HREF="FAQ.html#SEC51">3. ROUTING</A>
174 <LI><A NAME="TOC52" HREF="FAQ.html#SEC52">Q0301</A>: What does "lowest numbered MX record points to local host" mean?
175 <LI><A NAME="TOC53" HREF="FAQ.html#SEC53">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
176 <LI><A NAME="TOC54" HREF="FAQ.html#SEC54">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
177 if it cannot be immediately delivered by my host? I don't want to have
178 queued mail waiting on my host.
179 <LI><A NAME="TOC55" HREF="FAQ.html#SEC55">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
181 <LI><A NAME="TOC56" HREF="FAQ.html#SEC56">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
182 pop3 mail account? The customer doesn't want to add a list of specific
183 local parts to the system.
184 <LI><A NAME="TOC57" HREF="FAQ.html#SEC57">Q0306</A>: The <TT>route_list</TT> setting
185 <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
186 router does not work.
187 <LI><A NAME="TOC58" HREF="FAQ.html#SEC58">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
188 <TT>require_files</TT> option.
189 <LI><A NAME="TOC59" HREF="FAQ.html#SEC59">Q0308</A>: I have a domain for which some local parts must be delivered locally,
190 but the remainder are to be treated like any other remote addresses.
191 <LI><A NAME="TOC60" HREF="FAQ.html#SEC60">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
192 want it just to look up the hosts' A records. I tried using a negative
193 entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
194 <LI><A NAME="TOC61" HREF="FAQ.html#SEC61">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
195 addressed to a domain whose MX points to the firewall, it is forwarded
196 to the internal mail server, without having to have a list of all the
198 <LI><A NAME="TOC62" HREF="FAQ.html#SEC62">Q0311</A>: How can I arrange that messages larger than some limit are handled by
200 <LI><A NAME="TOC63" HREF="FAQ.html#SEC63">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
202 <LI><A NAME="TOC64" HREF="FAQ.html#SEC64">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
203 send the messsage to the host defined by the A record?
204 <LI><A NAME="TOC65" HREF="FAQ.html#SEC65">Q0314</A>: Can you specify a list of domains to explicitly reject?
205 <LI><A NAME="TOC66" HREF="FAQ.html#SEC66">Q0315</A>: Is it possible to use a conditional expression for the host item in a
206 <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
208 <LI><A NAME="TOC67" HREF="FAQ.html#SEC67">Q0316</A>: I send all external mail to a smart host, but this means that bad
209 addresses also get passed to the smart host. Can I avoid this?
210 <LI><A NAME="TOC68" HREF="FAQ.html#SEC68">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
211 mail only goes out when I do a queue run. However, any email I send with
212 an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
213 'retry time exceeded', and all addresses are affected.
214 <LI><A NAME="TOC69" HREF="FAQ.html#SEC69">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
216 <LI><A NAME="TOC70" HREF="FAQ.html#SEC70">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
217 domains, and then pass them on to the next router?
218 <LI><A NAME="TOC71" HREF="FAQ.html#SEC71">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
219 like to know how to restrict mail which comes from that account to users
221 <LI><A NAME="TOC72" HREF="FAQ.html#SEC72">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
222 valid sites are rejected with "unknown mail domain". This only happens a
223 few times a day and there is no particular pattern to the sites it
224 rejects. If I try to lookup the same domain a few minutes later then it
226 <LI><A NAME="TOC73" HREF="FAQ.html#SEC73">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
227 <LI><A NAME="TOC74" HREF="FAQ.html#SEC74">Q0323</A>: I would like to forward all incoming email for a particular domain to
228 another machine via SMTP. Whereabouts would I configure that?
229 <LI><A NAME="TOC75" HREF="FAQ.html#SEC75">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
230 when MX records point to IP addresses?
231 <LI><A NAME="TOC76" HREF="FAQ.html#SEC76">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
232 to the relevant hosts, but all other mail to be sent to my ISP's mail
233 server? The local hosts are all DNS-registered and behave like normal
237 <A NAME="TOC77" HREF="FAQ.html#SEC77">4. DIRECTING</A>
239 <LI><A NAME="TOC78" HREF="FAQ.html#SEC78">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
240 aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
241 example, <B><B>postmaster@virt.dom.ain.</B></B>
242 <LI><A NAME="TOC79" HREF="FAQ.html#SEC79">Q0402</A>: How do I configure Exim to send all messages to a central server?
243 <LI><A NAME="TOC80" HREF="FAQ.html#SEC80">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
245 <LI><A NAME="TOC81" HREF="FAQ.html#SEC81">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
246 be handled specially?
247 <LI><A NAME="TOC82" HREF="FAQ.html#SEC82">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
248 qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
250 <LI><A NAME="TOC83" HREF="FAQ.html#SEC83">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
251 appends to the user's INBOX. How can I forbid this?
252 <LI><A NAME="TOC84" HREF="FAQ.html#SEC84">Q0407</A>: How can I arrange for a default value when using a query-style lookup
253 such as LDAP or NIS+ to handle aliases?
254 <LI><A NAME="TOC85" HREF="FAQ.html#SEC85">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
255 then mail to aliases which also match the local domain get delivered to
257 <LI><A NAME="TOC86" HREF="FAQ.html#SEC86">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
258 without root privilege, so Exim cannot access <B>~user/.forward.</B>
259 <LI><A NAME="TOC87" HREF="FAQ.html#SEC87">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
260 existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
261 <LI><A NAME="TOC88" HREF="FAQ.html#SEC88">Q0411</A>: How can I deliver mail into different directories for each virtual
262 domain, doing user lookups not against <B>/etc/passwd</B> but against
263 <B><B>/etc/passwd.domain</B>?</B>
264 <LI><A NAME="TOC89" HREF="FAQ.html#SEC89">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
265 to a single address for each domain.
266 <LI><A NAME="TOC90" HREF="FAQ.html#SEC90">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
267 <LI><A NAME="TOC91" HREF="FAQ.html#SEC91">Q0414</A>: What does the error message "error in forward file (filtering not
268 enabled): missing or malformed local part ..." mean?
269 <LI><A NAME="TOC92" HREF="FAQ.html#SEC92">Q0415</A>: Exim isn't recognizing certain forms of local address.
270 <LI><A NAME="TOC93" HREF="FAQ.html#SEC93">Q0416</A>: I have a domain for which some local parts must be delivered locally,
271 but the remainder are to be treated like any other remote addresses.
272 <LI><A NAME="TOC94" HREF="FAQ.html#SEC94">Q0417</A>: What I really need is the ability to obtain the result of a pipe
273 command so that I can filter externally and redirect internally. Is
275 <LI><A NAME="TOC95" HREF="FAQ.html#SEC95">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
276 checking the <TT>local_parts</TT> option. Why is this?
277 <LI><A NAME="TOC96" HREF="FAQ.html#SEC96">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
278 than 8 characters as long as the first 8 characters match one of the
280 <LI><A NAME="TOC97" HREF="FAQ.html#SEC97">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
281 (userforward director)"? I've looked through the documentation but can't
282 see anything to suggest that exim has to do anything other than read the
283 <B>.forward</B> file.
284 <LI><A NAME="TOC98" HREF="FAQ.html#SEC98">Q0421</A>: How can I arrange that messages larger than some limit are handled by
286 <LI><A NAME="TOC99" HREF="FAQ.html#SEC99">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
287 delivery of all messages to that user, which sometimes include the
288 user's own test messages. Can it be told to ignore the <B>.forward</B> file
289 and/or inform the user of the error?
290 <LI><A NAME="TOC100" HREF="FAQ.html#SEC100">Q0423</A>: I have some users on my system with upper case letters in their login
291 names, but these are not recognized.
292 <LI><A NAME="TOC101" HREF="FAQ.html#SEC101">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
293 in their login names, but incoming mail now has to use the correct case.
294 Can I relax this somehow?
295 <LI><A NAME="TOC102" HREF="FAQ.html#SEC102">Q0425</A>: I want to look up local users in an SQL database instead of looking in
297 <LI><A NAME="TOC103" HREF="FAQ.html#SEC103">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
298 of virtual domains and explicit aliases?
299 <LI><A NAME="TOC104" HREF="FAQ.html#SEC104">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
300 and effectively drop in exim in place of Sendmail ?
301 <LI><A NAME="TOC105" HREF="FAQ.html#SEC105">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
303 <LI><A NAME="TOC106" HREF="FAQ.html#SEC106">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
304 existing user would bounce back with a different message, based
305 on the name of non-existing user?
306 <LI><A NAME="TOC107" HREF="FAQ.html#SEC107">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
307 wondering if it worth leaving the actually list expansion to the
308 <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
309 transport? Is there any real difference in terms of facilities and/or
310 performance, and are the expansions basically the same code anyway?
311 <LI><A NAME="TOC108" HREF="FAQ.html#SEC108">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
312 automatically, so that people could just create a .<B>vacation.msg</B> file in
313 their home directory and not have to edit their <B>.forward</B> file?
314 <LI><A NAME="TOC109" HREF="FAQ.html#SEC109">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
315 local parts that the aliases generate. For example, if the alias file
317 <LI><A NAME="TOC110" HREF="FAQ.html#SEC110">Q0433</A>: I have some obsolete domains which people have been warned not to use
318 any more. How can I arrange to delete any mail that is sent to them?
319 <LI><A NAME="TOC111" HREF="FAQ.html#SEC111">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
320 gets delivered to <B><B>something@mydomain.com</B>?</B>
321 <LI><A NAME="TOC112" HREF="FAQ.html#SEC112">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
323 <LI><A NAME="TOC113" HREF="FAQ.html#SEC113">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
324 to share the same alias file? I have a number of such groups.
325 <LI><A NAME="TOC114" HREF="FAQ.html#SEC114">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
326 giving "Permission denied", but that file is world-readable!
329 <A NAME="TOC115" HREF="FAQ.html#SEC115">5. DELIVERY</A>
331 <LI><A NAME="TOC116" HREF="FAQ.html#SEC116">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
332 a uid for local delivery of..." mean?
333 <LI><A NAME="TOC117" HREF="FAQ.html#SEC117">Q0502</A>: Exim won't deliver to a host with no MX record.
334 <LI><A NAME="TOC118" HREF="FAQ.html#SEC118">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
335 system for a domain on a dial-up host?
336 <LI><A NAME="TOC119" HREF="FAQ.html#SEC119">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
337 also to generate a message to the envelope sender.
338 <LI><A NAME="TOC120" HREF="FAQ.html#SEC120">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
339 delivery. This seems to happen when it is about to contact a remote
340 host or when a delivery is deferred.
341 <LI><A NAME="TOC121" HREF="FAQ.html#SEC121">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
342 error for the <B>.forward</B> file, like this:
343 <LI><A NAME="TOC122" HREF="FAQ.html#SEC122">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
345 <LI><A NAME="TOC123" HREF="FAQ.html#SEC123">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
346 undeliverable, spammer senders) from clogging up the queue for days?
347 <LI><A NAME="TOC124" HREF="FAQ.html#SEC124">Q0509</A>: How can mails that are being routed through directors other than
348 localuser be delivered under the uid of the recipient?
349 <LI><A NAME="TOC125" HREF="FAQ.html#SEC125">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
350 ctrl-A characters that separate indvidual emails?
351 <LI><A NAME="TOC126" HREF="FAQ.html#SEC126">Q0511</A>: I have an ISDN connection and would like a way of running the queue
352 automatically when it is up.
353 <LI><A NAME="TOC127" HREF="FAQ.html#SEC127">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
354 that the mail bounces to the sender and is NOT stored in the mail queue?
355 <LI><A NAME="TOC128" HREF="FAQ.html#SEC128">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
356 <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
357 message bodies started to vanish.
358 <LI><A NAME="TOC129" HREF="FAQ.html#SEC129">Q0514</A>: What does the message "Unable to get root to set uid and gid
359 for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
360 <LI><A NAME="TOC130" HREF="FAQ.html#SEC130">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
361 is gone. Any idea how to get it back?
362 <LI><A NAME="TOC131" HREF="FAQ.html#SEC131">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
363 without logging any deliveries. What's going on?
364 <LI><A NAME="TOC132" HREF="FAQ.html#SEC132">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
365 sending options, then I get an error message from Exim... something
366 like "not supported". Can I activate delivery confirmations?
367 <LI><A NAME="TOC133" HREF="FAQ.html#SEC133">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
368 get delivered immediately; the remainder just sit on the queue until a
369 queue runner process finds them.
370 <LI><A NAME="TOC134" HREF="FAQ.html#SEC134">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
371 that they have no sender. The SMTP trace does indeed show that the
372 sender address is "<>". Why is the Sender on the bounce message empty?
373 <LI><A NAME="TOC135" HREF="FAQ.html#SEC135">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
374 mean? Why won't Exim try to deliver the message?
375 <LI><A NAME="TOC136" HREF="FAQ.html#SEC136">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
376 mail queued for that host, no matter what domain it's for, to be
377 dequeued. Why doesn't Exim support this?
378 <LI><A NAME="TOC137" HREF="FAQ.html#SEC137">Q0522</A>: If email has been deferred to a member on a local mailing list
379 (implemented through forward files), and one of our ETRN clients is on
380 this mailing list, the <B>-R</B> won't "flush" the mailing list message for
382 <LI><A NAME="TOC138" HREF="FAQ.html#SEC138">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
383 although there is a difference in capitalization of the local part of
385 <LI><A NAME="TOC139" HREF="FAQ.html#SEC139">Q0524</A>: How can I force the next retry time for a host to be now?
386 <LI><A NAME="TOC140" HREF="FAQ.html#SEC140">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
387 alias but it doesn't work.
388 <LI><A NAME="TOC141" HREF="FAQ.html#SEC141">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
390 <LI><A NAME="TOC142" HREF="FAQ.html#SEC142">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
391 <B>"sem@chat.ru</B> cannot be resolved at this time" Exim isn't using them.
392 <LI><A NAME="TOC143" HREF="FAQ.html#SEC143">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
393 These are forced down Exim's throat in one go. Exim spawns a lot of
394 kids, but is there some limit to the number of processes it creates?
395 <LI><A NAME="TOC144" HREF="FAQ.html#SEC144">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
396 exceeded' and removed <EM>all</EM> messages in the queue to this host - even
397 recent messages. How I can avoid this behaviour? I only want to remove
398 messages that have exceeded the maximum retry time.
399 <LI><A NAME="TOC145" HREF="FAQ.html#SEC145">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
400 <LI><A NAME="TOC146" HREF="FAQ.html#SEC146">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
401 the retry rules specify longer times after a while, because it is
402 writing a log entry every time, like this:
403 <LI><A NAME="TOC147" HREF="FAQ.html#SEC147">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
404 the system that it is sending all mail to is down.
405 <LI><A NAME="TOC148" HREF="FAQ.html#SEC148">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
406 No locks available", though the lock daemon is running on the NFS server
407 and other hosts are able to access it.
408 <LI><A NAME="TOC149" HREF="FAQ.html#SEC149">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
409 the error "retry time not reached for any host after a long failure
411 <LI><A NAME="TOC150" HREF="FAQ.html#SEC150">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
412 but there was a bounce to the sender, sending him the output of procmail.
413 How can I prevent this?
416 <A NAME="TOC151" HREF="FAQ.html#SEC151">6. UUCP</A>
418 <LI><A NAME="TOC152" HREF="FAQ.html#SEC152">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
419 get it to pass the messages on to UUCP?
420 <LI><A NAME="TOC153" HREF="FAQ.html#SEC153">Q0602</A>: How can I get Exim to handle "bang path" addresses?
421 <LI><A NAME="TOC154" HREF="FAQ.html#SEC154">Q0603</A>: We see something strange on our system in regards to mail comming in via
422 rmail from a UUCP link. The sender is being set to mailmaster instead of
423 the real sender, and a Sender: header is being added to the message.
426 <A NAME="TOC155" HREF="FAQ.html#SEC155">7. PERFORMANCE</A>
428 <LI><A NAME="TOC156" HREF="FAQ.html#SEC156">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
430 <LI><A NAME="TOC157" HREF="FAQ.html#SEC157">Q0702</A>: How well does Exim scale?
431 <LI><A NAME="TOC158" HREF="FAQ.html#SEC158">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
432 delivery to speed things up?
435 <A NAME="TOC159" HREF="FAQ.html#SEC159">8. POLICY CONTROLS</A>
437 <LI><A NAME="TOC160" HREF="FAQ.html#SEC160">Q0801</A>: How do I block unwanted messages from outside my host?
438 <LI><A NAME="TOC161" HREF="FAQ.html#SEC161">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
439 before deciding whether to deliver it or not?
440 <LI><A NAME="TOC162" HREF="FAQ.html#SEC162">Q0803</A>: How can I test that my spam blocks are working?
441 <LI><A NAME="TOC163" HREF="FAQ.html#SEC163">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
443 <LI><A NAME="TOC164" HREF="FAQ.html#SEC164">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
444 <LI><A NAME="TOC165" HREF="FAQ.html#SEC165">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
445 <LI><A NAME="TOC166" HREF="FAQ.html#SEC166">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
446 the remote machine is quite persistent, and keeps trying over and over.
447 <LI><A NAME="TOC167" HREF="FAQ.html#SEC167">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
448 is <>" in the reject log. Isn't <> a valid return path for error
450 <LI><A NAME="TOC168" HREF="FAQ.html#SEC168">Q0809</A>: Let's say that we want to run a mail server that does not care if you
451 have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
452 config file, Exim will always reject connections from such hosts. How
454 <LI><A NAME="TOC169" HREF="FAQ.html#SEC169">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
455 <LI><A NAME="TOC170" HREF="FAQ.html#SEC170">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
456 reject mail by matching regular expressions?
457 <LI><A NAME="TOC171" HREF="FAQ.html#SEC171">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
458 some uppercase letters in them seem to come through.
459 <LI><A NAME="TOC172" HREF="FAQ.html#SEC172">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
460 There doesn't seem to be an option for verification exceptions, so how
462 <LI><A NAME="TOC173" HREF="FAQ.html#SEC173">Q0814</A>: We are being plagued by forged mail coming from a number of different
463 hosts and sender addresses. The guy however leaves a fingerprint. The
464 first received line always contains 'Received: from baby'. What is the
465 best suggested way for eliminiating him from our systems?
466 <LI><A NAME="TOC174" HREF="FAQ.html#SEC174">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
468 <LI><A NAME="TOC175" HREF="FAQ.html#SEC175">Q0816</A>: How can I run customized verification checks on incoming addresses?
469 <LI><A NAME="TOC176" HREF="FAQ.html#SEC176">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
470 sender of "<>" ?
471 <LI><A NAME="TOC177" HREF="FAQ.html#SEC177">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
472 but with a user-defined message. I believe I have to use a director for
474 <LI><A NAME="TOC178" HREF="FAQ.html#SEC178">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
475 message for each such combination.
476 <LI><A NAME="TOC179" HREF="FAQ.html#SEC179">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
477 external email to the list - and if a match is found file the offending
478 message into a special location? Also is it possible to make exim only
479 filter parts of an incoming email - e.g. ignore large MIME attachments
480 for example and only process text/plain?
481 <LI><A NAME="TOC180" HREF="FAQ.html#SEC180">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
482 command, to check if a user has exceeded their email quota. If they have
483 I issue a temporary failure and a message - can I do this with Exim?
484 <LI><A NAME="TOC181" HREF="FAQ.html#SEC181">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
485 <LI><A NAME="TOC182" HREF="FAQ.html#SEC182">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
486 delivery. Can Exim do this?
487 <LI><A NAME="TOC183" HREF="FAQ.html#SEC183">Q0824</A>: How can I accomplish this: a message sent from any host must either be
488 sending to a domain in a list (a dbm file) or the sender's address
489 domain must be in the list.
490 <LI><A NAME="TOC184" HREF="FAQ.html#SEC184">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
491 tries sending to an arbitrary domain, Exim rejects it.
492 <LI><A NAME="TOC185" HREF="FAQ.html#SEC185">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
494 <LI><A NAME="TOC186" HREF="FAQ.html#SEC186">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
495 <LI><A NAME="TOC187" HREF="FAQ.html#SEC187">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
496 system filtering. What's wrong or what did I miss?
497 <LI><A NAME="TOC188" HREF="FAQ.html#SEC188">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
498 I do a string lookup if <B>$recipients</B> is a list of addresses?
499 <LI><A NAME="TOC189" HREF="FAQ.html#SEC189">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
500 <LI><A NAME="TOC190" HREF="FAQ.html#SEC190">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
501 sometimes after the MAIL command. What is the difference?
502 <LI><A NAME="TOC191" HREF="FAQ.html#SEC191">Q0832</A>: How can I get Exim to remove attachments from messages?
503 <LI><A NAME="TOC192" HREF="FAQ.html#SEC192">Q0833</A>: I ran a relay test against my host and it failed with an address
504 containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
505 broken? This is what the tester said:
508 <A NAME="TOC193" HREF="FAQ.html#SEC193">9. MAJORDOMO</A>
510 <LI><A NAME="TOC194" HREF="FAQ.html#SEC194">Q0901</A>: How do I set up Majordomo to work with Exim?
511 <LI><A NAME="TOC195" HREF="FAQ.html#SEC195">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
512 sender correctly in the messages it sends.
513 <LI><A NAME="TOC196" HREF="FAQ.html#SEC196">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
514 when I try to send it mail. The panic log entry reads:
515 <LI><A NAME="TOC197" HREF="FAQ.html#SEC197">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
516 when it is passed a message from Exim.
519 <A NAME="TOC198" HREF="FAQ.html#SEC198">10. REWRITING</A>
521 <LI><A NAME="TOC199" HREF="FAQ.html#SEC199">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
522 <LI><A NAME="TOC200" HREF="FAQ.html#SEC200">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
523 outgoing mail, and yet the hostname is present when the mail gets
525 <LI><A NAME="TOC201" HREF="FAQ.html#SEC201">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
526 world, but not for messages that remain within the local intranet.
527 <LI><A NAME="TOC202" HREF="FAQ.html#SEC202">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
528 names, but if mail comes in for an upper case login name, it doesn't
530 <LI><A NAME="TOC203" HREF="FAQ.html#SEC203">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
531 <LI><A NAME="TOC204" HREF="FAQ.html#SEC204">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
532 contents are not being lowercased. Aren't domains supposed to be handled
534 <LI><A NAME="TOC205" HREF="FAQ.html#SEC205">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
538 <A NAME="TOC206" HREF="FAQ.html#SEC206">11. HEADERS</A>
540 <LI><A NAME="TOC207" HREF="FAQ.html#SEC207">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
541 a specific domain and the subject line.
542 <LI><A NAME="TOC208" HREF="FAQ.html#SEC208">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
544 <LI><A NAME="TOC209" HREF="FAQ.html#SEC209">Q1103</A>: How can I remove some part of the Received: header?
545 <LI><A NAME="TOC210" HREF="FAQ.html#SEC210">Q1104</A>: How I can insert the PGP header line using exim filters?
548 <A NAME="TOC211" HREF="FAQ.html#SEC211">12. FETCHMAIL</A>
550 <LI><A NAME="TOC212" HREF="FAQ.html#SEC212">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
551 recipient address <B><I>xxx</I>@localhost</B>".
552 <LI><A NAME="TOC213" HREF="FAQ.html#SEC213">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
553 set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
555 <LI><A NAME="TOC214" HREF="FAQ.html#SEC214">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
556 Exim, but will it work? Do I need to configure fetchmail any particular
557 way? As far as Exim knows, all mail is coming from 127.0.01. Will it
558 check the source address against RBL? Or will it check the From: header?
561 <A NAME="TOC215" HREF="FAQ.html#SEC215">13. PERL</A>
563 <LI><A NAME="TOC216" HREF="FAQ.html#SEC216">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
564 load library <B>'libperl.so'".</B>
565 <LI><A NAME="TOC217" HREF="FAQ.html#SEC217">Q1302</A>: Exim built with Perl support exits with several error messages of the
566 form "undefined reference to `PL_stack_sp'".
569 <A NAME="TOC218" HREF="FAQ.html#SEC218">14. DIAL-UP</A>
571 <LI><A NAME="TOC219" HREF="FAQ.html#SEC219">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
572 delivered when I'm not connected to the Internet?
573 <LI><A NAME="TOC220" HREF="FAQ.html#SEC220">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
574 that remote mail only goes out when I do a queue run. However, any email
575 I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
576 minutes saying 'retry time exceeded', and all addresses are affected.
577 <LI><A NAME="TOC221" HREF="FAQ.html#SEC221">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
578 system for a domain on a dial-up host?
579 <LI><A NAME="TOC222" HREF="FAQ.html#SEC222">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
580 force delivery of waiting mail when I dial in. How can I arrange for any
581 new messages that arrive while I'm connected to be delivered immediately?
584 <A NAME="TOC223" HREF="FAQ.html#SEC223">20. MILLENNIUM</A>
586 <LI><A NAME="TOC224" HREF="FAQ.html#SEC224">Q2000</A>: Are there any Y2K issues with Exim?
589 <A NAME="TOC225" HREF="FAQ.html#SEC225">50. MISCELLANEOUS</A>
591 <LI><A NAME="TOC226" HREF="FAQ.html#SEC226">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
593 <LI><A NAME="TOC227" HREF="FAQ.html#SEC227">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
594 set of Exim administration functions? I don't want to put them all in
596 <LI><A NAME="TOC228" HREF="FAQ.html#SEC228">Q5003</A>: How can I test for a message's size being greater or less than a given
597 value in an expansion string?
598 <LI><A NAME="TOC229" HREF="FAQ.html#SEC229">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
599 want to "tail", and the number of tailing windows is getting to be a
601 <LI><A NAME="TOC230" HREF="FAQ.html#SEC230">Q5005</A>: I would like to have Exim log information written to syslog.
602 <LI><A NAME="TOC231" HREF="FAQ.html#SEC231">Q5006</A>: What does the error "Failed to create spool file" mean?
603 <LI><A NAME="TOC232" HREF="FAQ.html#SEC232">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
604 <LI><A NAME="TOC233" HREF="FAQ.html#SEC233">Q5008</A>: Exim's databases keep getting corrupted.
605 <LI><A NAME="TOC234" HREF="FAQ.html#SEC234">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
606 but I can't get it to have an envelope from of <>.
607 <LI><A NAME="TOC235" HREF="FAQ.html#SEC235">Q5010</A>: I see entries in the log that mention two different IP addresses for the
608 same connection. Why is this? For example:
609 <LI><A NAME="TOC236" HREF="FAQ.html#SEC236">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
611 <LI><A NAME="TOC237" HREF="FAQ.html#SEC237">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
612 delivered to their final destination with the Bcc: line still present.
613 <LI><A NAME="TOC238" HREF="FAQ.html#SEC238">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
614 printed page, the printer ejects a blank sheet. Is this something to do
615 with using "letter" rather than A4 paper?
616 <LI><A NAME="TOC239" HREF="FAQ.html#SEC239">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
617 in to collect their mail.
618 <LI><A NAME="TOC240" HREF="FAQ.html#SEC240">Q5015</A>: A short time after I start Exim I see a <defunct> process. What is
620 <LI><A NAME="TOC241" HREF="FAQ.html#SEC241">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
621 daemons: exim abandoned: unknown, malformed, or incomplete option
622 <B>-bz</B> sendmail". What does this mean?
623 <LI><A NAME="TOC242" HREF="FAQ.html#SEC242">Q5017</A>: I would like to restrict e-mail usage for some users to the local
624 machine, ideally on a group basis.
625 <LI><A NAME="TOC243" HREF="FAQ.html#SEC243">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
626 the SMTP port. Why is this?
627 <LI><A NAME="TOC244" HREF="FAQ.html#SEC244">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
629 <LI><A NAME="TOC245" HREF="FAQ.html#SEC245">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
630 to the addresses within the message, not to those on the command line.
631 <LI><A NAME="TOC246" HREF="FAQ.html#SEC246">Q5021</A>: If I set up, for example,
632 <TT>local_domains = *customer.com</TT>, then it matches
633 <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
634 <B>"noncustomer.com",</B> which is wrong. How can I get round this?
635 <LI><A NAME="TOC247" HREF="FAQ.html#SEC247">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
636 exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
637 treated as local. What is the best way to do this?
638 <LI><A NAME="TOC248" HREF="FAQ.html#SEC248">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
639 is a Sparc 5 running Solaris 2.6.
640 <LI><A NAME="TOC249" HREF="FAQ.html#SEC249">Q5024</A>: Is there a Windows NT version of Exim available?
641 <LI><A NAME="TOC250" HREF="FAQ.html#SEC250">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
642 Notification (MSN), or any other form of delivery acknowledgement?
643 <LI><A NAME="TOC251" HREF="FAQ.html#SEC251">Q5026</A>: What does "Exim" stand for?
644 <LI><A NAME="TOC252" HREF="FAQ.html#SEC252">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
645 received in one connection" mean?
646 <LI><A NAME="TOC253" HREF="FAQ.html#SEC253">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
647 amount of space on the spool for incoming SMTP messages that use the
648 SIZE option. Can I suppress this?
649 <LI><A NAME="TOC254" HREF="FAQ.html#SEC254">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
650 assuming that the "<>" indicates that the envelope did not contain any
652 <LI><A NAME="TOC255" HREF="FAQ.html#SEC255">Q5030</A>: I've received a message which does not have my address in the To:
653 line. It is a spam message with the same address in both the From: and
654 the To: headers. How can this happen, and why doesn't Exim reject it?
655 <LI><A NAME="TOC256" HREF="FAQ.html#SEC256">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
656 that is, it is handled without it ever hitting the disc?
657 <LI><A NAME="TOC257" HREF="FAQ.html#SEC257">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
658 on the fly, or do I need to restart Exim every time I make a change?
659 <LI><A NAME="TOC258" HREF="FAQ.html#SEC258">Q5033</A>: What are the main differences between using an Exim filter and using
661 <LI><A NAME="TOC259" HREF="FAQ.html#SEC259">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
662 those addresses generated from a top-level address that have not yet
664 <LI><A NAME="TOC260" HREF="FAQ.html#SEC260">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
665 relaying that they are being blocked with a "Too many connections"
667 <LI><A NAME="TOC261" HREF="FAQ.html#SEC261">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
668 error message: "Filter error: unavailable filtering command "fail" near
669 line 8 of filter file".
670 <LI><A NAME="TOC262" HREF="FAQ.html#SEC262">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
671 deliver it? I want to be in this state while moving some mailboxes.
672 <LI><A NAME="TOC263" HREF="FAQ.html#SEC263">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
674 <LI><A NAME="TOC264" HREF="FAQ.html#SEC264">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
676 <LI><A NAME="TOC265" HREF="FAQ.html#SEC265">Q5040</A>: What does "ridiculously long message header" in an error report mean?
677 <LI><A NAME="TOC266" HREF="FAQ.html#SEC266">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
681 <A NAME="TOC267" HREF="FAQ.html#SEC267">93. HP-UX</A>
683 <LI><A NAME="TOC268" HREF="FAQ.html#SEC268">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
684 put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
687 <A NAME="TOC269" HREF="FAQ.html#SEC269">94. BSDI</A>
689 <LI><A NAME="TOC270" HREF="FAQ.html#SEC270">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
690 <B>"./exim:</B> can't load library <B>'libperl.so'".</B>
693 <A NAME="TOC271" HREF="FAQ.html#SEC271">95. IRIX</A>
695 <LI><A NAME="TOC272" HREF="FAQ.html#SEC272">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
696 Exim doesn't seem to recognize them as local addresses.
697 <LI><A NAME="TOC273" HREF="FAQ.html#SEC273">Q9502</A>: The IP addresses for incoming calls are all being given as
701 <A NAME="TOC274" HREF="FAQ.html#SEC274">96. LINUX</A>
703 <LI><A NAME="TOC275" HREF="FAQ.html#SEC275">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
705 <LI><A NAME="TOC276" HREF="FAQ.html#SEC276">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
706 trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
707 <LI><A NAME="TOC277" HREF="FAQ.html#SEC277">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
708 my mail logs. Anyone worked out the logrotate config file that will
710 <LI><A NAME="TOC278" HREF="FAQ.html#SEC278">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
711 service terminated" on a RedHat 5.2 system, causing imap connections to
712 be refused. The imapd in use is Washington Uni vers 12.250. Could this
713 be anything to do with Exim?
714 <LI><A NAME="TOC279" HREF="FAQ.html#SEC279">Q9605</A>: I get the "too many open files" error especially when a lot of messages
715 land for majordomo at the same time.
716 <LI><A NAME="TOC280" HREF="FAQ.html#SEC280">Q9606</A>: I'm having a problem with an Exim RPM.
719 <A NAME="TOC281" HREF="FAQ.html#SEC281">97. SUN SYSTEMS</A>
721 <LI><A NAME="TOC282" HREF="FAQ.html#SEC282">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
722 <LI><A NAME="TOC283" HREF="FAQ.html#SEC283">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
724 <LI><A NAME="TOC284" HREF="FAQ.html#SEC284">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
725 more than 10 A records.
726 <LI><A NAME="TOC285" HREF="FAQ.html#SEC285">Q9704</A>: The menu in Eximon isn't working on my Sun system.
727 <LI><A NAME="TOC286" HREF="FAQ.html#SEC286">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
729 <LI><A NAME="TOC287" HREF="FAQ.html#SEC287">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
730 running DBM functions.
731 <LI><A NAME="TOC288" HREF="FAQ.html#SEC288">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
732 <LI><A NAME="TOC289" HREF="FAQ.html#SEC289">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
733 <LI><A NAME="TOC290" HREF="FAQ.html#SEC290">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
734 want to alter the <B>nsswitch.conf</B> file in Solaris 2.
737 <A NAME="TOC291" HREF="FAQ.html#SEC291">98. COOKBOOK</A>
739 <LI><A NAME="TOC292" HREF="FAQ.html#SEC292">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
740 <LI><A NAME="TOC293" HREF="FAQ.html#SEC293">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
741 from a restricted list of our local users?
742 <LI><A NAME="TOC294" HREF="FAQ.html#SEC294">Q9803</A>: How do I configure Exim to run with SmartList?
743 <LI><A NAME="TOC295" HREF="FAQ.html#SEC295">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
744 <LI><A NAME="TOC296" HREF="FAQ.html#SEC296">Q9805</A>: How do I configure Exim to handle local parts with extensions?
745 <LI><A NAME="TOC297" HREF="FAQ.html#SEC297">Q9806</A>: How do I configure Exim so that only a restricted list of users can
746 receive mail from external domains?
747 <LI><A NAME="TOC298" HREF="FAQ.html#SEC298">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
748 to mail to. How do I accomplish this?
749 <LI><A NAME="TOC299" HREF="FAQ.html#SEC299">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
750 a way to run the queue for that destination separately from the main
752 <LI><A NAME="TOC300" HREF="FAQ.html#SEC300">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
753 <LI><A NAME="TOC301" HREF="FAQ.html#SEC301">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
754 there a solution for this using an Exim filter?
755 <LI><A NAME="TOC302" HREF="FAQ.html#SEC302">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
756 user in a specific directory, using a "save" command in a system filter.
757 How can I arrange for Exim to write to these files under the correct
759 <LI><A NAME="TOC303" HREF="FAQ.html#SEC303">Q9812</A>: How can I keep an archive of all mail for some specific local email
761 <LI><A NAME="TOC304" HREF="FAQ.html#SEC304">Q9813</A>: How can I configure Exim to provide a vacation message when there are
762 no local users on my mail hub?
763 <LI><A NAME="TOC305" HREF="FAQ.html#SEC305">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
764 password and moving the home directory to another place. How can we
765 arrange to reject mail for users in this state?
766 <LI><A NAME="TOC306" HREF="FAQ.html#SEC306">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
767 strip all reply-to: headers present, substitute another one pointing to
768 "otheraddress" and forward a message to "realaddress".
769 <LI><A NAME="TOC307" HREF="FAQ.html#SEC307">Q9816</A>: How can I set up Exim to work with Listar?
770 <LI><A NAME="TOC308" HREF="FAQ.html#SEC308">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
771 users. For each user there may be a different monitoring address.
772 <LI><A NAME="TOC309" HREF="FAQ.html#SEC309">Q9818</A>: How can I add a disclaimer to the end of every message?
773 <LI><A NAME="TOC310" HREF="FAQ.html#SEC310">Q9819</A>: I would like to append a simple advertisement text to all outgoing
775 <LI><A NAME="TOC311" HREF="FAQ.html#SEC311">Q9820</A>: How can I configure Exim so that all mails adressed to
776 <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
777 <LI><A NAME="TOC312" HREF="FAQ.html#SEC312">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
779 <LI><A NAME="TOC313" HREF="FAQ.html#SEC313">Q9822</A>: How can I get Exim to work with mailman?
780 <LI><A NAME="TOC314" HREF="FAQ.html#SEC314">Q9823</A>: Is there any way to have messages sent to a specific local address
781 delayed by - say - 24 hours?
784 <A NAME="TOC315" HREF="FAQ.html#SEC315">99. LIST OF SAMPLE CONFIGURATIONS</A>
787 <BR><H2><A NAME="SEC1" HREF="FAQ.html#TOC1">0. DEBUGGING
790 <A NAME="SEC2" HREF="FAQ.html#TOC2">Q0001</A>: Exim is crashing. What is wrong?
794 A0001: Exim should never crash. The author is always keen to know about
795 crashes, so that they can be diagnosed and fixed. However, before you
796 start sending email, please check that you are running the latest
797 release of Exim, in case the problem has already been fixed. The
798 techniques described below can also be useful in trying to pin down
799 exactly which circumstances caused the crash and what Exim was trying to
800 do at the time. If the crash is reproducable (by a particular message,
801 say) keep a copy of that message. If there is a core file (in Exim's
802 spool directory), see if you can get any information from it.
806 One thing that has caused crashes in the past has been incorrectly
807 installed DB libraries. In particular, if you are running any version of
808 Berkeley db, it is best to set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B> before
809 building Exim. This then avoids the use of the "ndbm compatibility
810 interface" via the <B>ndbm.h</B> include file, which has been found to be
811 incorrect on some systems. If you have already built Exim, you can just
812 edit <B>Local/Makefile</B> and run <B>make</B> again to rebuild. Before restarting
813 Exim, delete any existing database files in the <B>spool/db</B> directory.
816 <A NAME="SEC3" HREF="FAQ.html#TOC3">Q0002</A>: Exim is not working. What is wrong?
820 A0002: Exactly how is it not working? Check the more specific questions in the
821 other sections of this FAQ. Some general techniques for debugging are:
825 1. Look for information in Exim's log files. These are in the "log"
826 directory in Exim's spool directory, unless you have configured a
827 different path for them. Serious operational problems are reported
832 2. If the problem involves the delivery of one or more messages, try
833 forcing a delivery with the <B>-d</B> option, to cause Exim to output
834 debugging information. For example:
838 exim -d -M 0z6CXU-0005RR-00</PRE>
840 On its own, <B>-d</B> produces a small amount of information. Following it
841 with a number increases the amount given: <B>-d9</B> gives the maximum
842 amount of general information; <B>-d10</B> gives in addition details of the
843 interpretation of filter files, and <B>-d11</B> or higher also turns on the
844 debugging option for DNS lookups. The output is written to the
845 standard error stream.
849 3. If the problem involves incoming SMTP mail, try using the <B>-bh</B> option
850 to simulate an incoming connection from a specific host, for example:
854 exim -bh 10.9.8.7</PRE>
856 This goes through the motions of an SMTP session, without actually
857 accepting a message. Information about various policy checks is
858 output. You will need to know how to pretend to be an SMTP client.
862 4. If the problem involves lack of recognition or incorrect handling
863 of local addresses, try using the <B>-bt</B> option with debugging turned
864 on, to see how Exim is handling the address. For example,
868 exim -d2 -bt z6abc</PRE>
870 will show you how it would handle the local part "z6abc". Increase
871 the debug level to <B>-d9</B> for more information.
874 <A NAME="SEC4" HREF="FAQ.html#TOC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
875 69 from command <I>xxx</I>" mean?
879 A0003: The most common meaning of exit code 69 is "unavailable", and this often
880 means that when Exim tried to exec the command <I>xxx</I>, it failed. One
881 cause of this might be incorrect permissions on the file containing the
885 <A NAME="SEC5" HREF="FAQ.html#TOC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
889 A0004: You can use an exim command with <B>-d</B> (or <B>-d2,</B> <B>-d3</B> ... <B>-d9)</B> to get it to
890 show you how it is processing addresses. You don't actually need to send
891 a message; use the <B>-bt</B> option like this:
895 exim -d2 -bt localpart@virtualhost</PRE>
897 This will show you which directors it is using. If the problem appears
898 to be with the expansion of an option setting, you can use the
899 <TT>debug_print</TT> option on a director (or router) to get Exim to output the
900 expanded string values as it goes along.
903 <A NAME="SEC6" HREF="FAQ.html#TOC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
904 receiving an SMTP message with a large number of recipients?
908 A0005: You are verifying recipients, and your configuration is one that does a
909 different lookup of some sort for each recipient. Exim keeps lookup
910 files open, in case there are several lookups in the same file. Versions
911 of Exim prior to 2.10 did not limit the number of open files used for
912 this purpose, and your operating system's maximum per process has been
913 reached. Exim is trying to log the failure to open a file, but cannot
914 open the log file, for the same reason. If upgrading Exim is not
915 immediately possible, you might be able to increase your operating
916 system's maximum number of open files per process.
919 <A NAME="SEC7" HREF="FAQ.html#TOC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
924 A0006: Have you remembered to set <TT>receiver_verify</TT>? It is not the default.
927 <A NAME="SEC8" HREF="FAQ.html#TOC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
932 A0007: You need to request "partial matching" by setting the search type to
933 "partial-dbm" in order for this to work.
936 <A NAME="SEC9" HREF="FAQ.html#TOC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
937 working. The expansion I'm using is:
941 ${lookup{${lc:$sender_address}}dbm{/the/file} ...</PRE>
943 A0008: As no sender address will ever be <B><B>*@domain.com</B></B> this will indeed have
944 no effect as it stands. You need to tell Exim if you want it to look for
945 defaults after the normal lookup has failed. In this case, change the
946 search type from "dbm" to "dbm*@". See the section on "Default values in
947 single-key lookups" in the chapter entitled "File and database lookups".
950 <A NAME="SEC10" HREF="FAQ.html#TOC10">Q0009</A>: Is there a way to print recognized local domains?
954 A0009: If you run "exim <B>-bP</B> <TT>local_domains</TT>" it will output the string that is
955 set, but it won't print the contents of any files that are referenced.
958 <A NAME="SEC11" HREF="FAQ.html#TOC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
959 message from my User Agent, it does not arrive at its destination.
963 A0010: Try sending a message directly to Exim by typing this:
968 <some message, could be empty>
971 If the message gets delivered to a remote host, but never arrives at its
972 final destination, then the problem is at the remote host. If, however,
973 the message gets through correctly, then the problem may be between your
974 User Agent and Exim. Try setting Exim's <TT>log_arguments</TT> option, to see
975 with which arguments the UA is calling Exim.
978 <A NAME="SEC12" HREF="FAQ.html#TOC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
979 delivery: too many connections (19, max 0)". What am I missing?
983 A0011: A current release of Exim. :-) The message you are getting is the wrong
984 message. What it should be saying is "too many messages received in one
985 SMTP connection" (see next question). This bug was fixed in release
989 <A NAME="SEC13" HREF="FAQ.html#TOC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
994 A0012: An SMTP client may send any number of messages down a single SMTP
995 connection to a server. Initially, an Exim server starts up a delivery
996 process as soon as a message is received. However, in order not to start
997 up too many processes when lots of messages are arriving (typically
998 after a period of downtime), it stops doing immediate delivery after a
999 certain number of messages have arrived down the same connection. The
1000 threshold is set by <TT>smtp_accept_queue_per_connection</TT>, and the default
1001 value is 10. On large systems, the value should be increased. If you are
1002 running a dial-in host and expecting to get all your mail down a single
1003 SMTP connection, then you can disable the limit altogether by setting
1007 <A NAME="SEC14" HREF="FAQ.html#TOC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
1008 messages. Is this a bug?
1012 A0013: No. It is deliberate. Exim inserts a "for" phrase only if the incoming
1013 message has precisely one recipient. If there is more than one
1014 recipient, nothing is inserted. The reason for this is that not all
1015 recipients appear in the To: or Cc: headers, and it is considered a
1016 breach of privacy to expose such recipients to the others. A common
1017 case is when a message has come from a mailing list.
1020 <A NAME="SEC15" HREF="FAQ.html#TOC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
1021 (or cdb) files, but Exim doesn't seem to be able to use them.
1025 A0014: Exim expects there to be a binary zero value on the end of each key used
1026 in a DBM file if you use the "dbm" lookup type, but not for the "dbmnz"
1027 lookup type or for the keys of a cdb file. Check that you haven't
1028 slipped up in this regard.
1031 <A NAME="SEC16" HREF="FAQ.html#TOC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
1032 able to access the DNS.
1036 A0015: Try running "exim <B>-d11</B> <B>-bt</B> <remote address>". The <B>-d11</B> will make it show
1037 the resolver queries it is building and the results of its DNS queries.
1038 If it appears unable to contact any nameservers, check the contents and
1039 permissions of <B><B>/etc/resolv.conf</B>.</B>
1042 <A NAME="SEC17" HREF="FAQ.html#TOC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
1043 end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
1044 attempts fail with "458 Already processing".
1048 A0016: Set <TT>no_smtp_etrn_serialize</TT>.
1051 <A NAME="SEC18" HREF="FAQ.html#TOC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
1052 transport driver "<B>aliasfile</B>" in line 92" mean?
1056 A0017: "<B>aliasfile</B>" is a director, not a transport. You have put a configuration
1057 for a director into the transports section of the configuration file.
1060 <A NAME="SEC19" HREF="FAQ.html#TOC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
1061 from one particular host, and yet the client host also claims to be
1062 timing out. This seems to affect only certain messages.
1066 A0018: (A) This problem has been seen with a network that was dropping all
1067 packets over a certain size, which mean that the first part of the SMTP
1068 transaction worked, but when the body of a large message started
1069 flowing, the main data bits never got through the network. See also
1071 <A HREF="FAQ.html#SEC22">Q0021</A>.
1075 (B) This can also happen if a machine has a broken TCP stack and won't
1076 reassemble fragmented datagrams.
1080 (C) A very few ISDN lines have been seen which failed when certain data
1081 patterns were sent through them, and replacing the routers at both end
1082 of the link did not fix things. One of them was triggered by more than 4
1083 X's in a row in the data.
1086 <A NAME="SEC20" HREF="FAQ.html#TOC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
1087 failed: address already in use" mean?
1091 A0019: You are trying to run an Exim daemon when there is one already running -
1092 or maybe some other MTA is running, or perhaps you have an SMTP line in
1093 <B><B>/etc/inetd.conf</B></B> which is causing <B>inetd</B> to listen on port 25.
1096 <A NAME="SEC21" HREF="FAQ.html#TOC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
1097 headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
1098 look all right to me. Is this a bug?
1102 A0020: No. Header lines such as From:, To:, <B>etc.,</B> which contain addresses, are
1103 structured, and have to be in a specific format which is defined in RFC
1104 822. Unquoted colons are not allowed in the "phrase" part of an email
1105 address (they are OK in other headers such as Subject:). The correct
1106 form for that header is
1110 To: "Work: Jim" <jims@email>, "Home: Bob" <bobs@email></PRE>
1112 You will sometimes see unquoted colons in To: and Cc: headers, but only
1113 in connection with name lists (called "groups"), for example:
1117 To: My friends: X <x@y.x>, Y <y@w.z>;,
1118 My enemies: A <a@b.c>, B <b@c.d>;</PRE>
1120 Each list must be terminated by a semicolon, as shown.
1123 <A NAME="SEC22" HREF="FAQ.html#TOC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
1124 server, it fails, giving the error "Remote end closed connection after
1125 data" or "Broken pipe" or a timeout. What's going on?
1129 A0021: "Broken pipe" is the error you get on some OS when the far end just
1130 drops the connection. The alternative is "connection reset by peer".
1134 (A) There are some firewalls that fall over on \0 characters in the
1135 mail. Have a look, e.g. with hexdump <B>-c</B> mymail | tail to see if your
1136 mail contains any binary zero characters.
1140 (B) There are broken SMTP servers around that just drop the connection
1141 after the data has been sent if they don't like the message for some
1142 reason (e.g. it is too big) instead of sending a 5xx error code. Have
1143 you tried sending a small message to the same address?
1147 (C) If the problem occurs right at the start of the mail, then it could
1148 be a network problem with mishandling of large packets. Many emails are
1149 small and thus appear to propagate correctly, but big emails will
1150 generate big IP datagrams.
1154 There have been problems when something in the middle of the network
1155 mishandles large packets due to IP tunnelling. In a tunnelled link, your
1156 IP datagrams gets wrapped in a larger datagram and sent over a network.
1157 This is how virtual private networks (VPNs), and some ISP's transit
1158 circuits work. Since the datagrams going over the tunnel require a
1159 larger packet size, the tunnel needs a bigger maximum transfer unit
1160 (MTU) in the network handling the tunnelled packets. However, MTUs
1161 are often fixed, so the tunnel will try to fragment the packets.
1165 If the systems outside the tunnel are using MTU path discovery, (most
1166 Sun Sparc Solaris machines do by default), and set the DF (don't
1167 fragment) bit because they don't send packets larger than their <EM>local</EM>
1168 MTU, then ICMP control messages will be sent by the routers at the
1169 ends of the tunnel to tell them to reduce their MTU, since the tunnel
1170 can't fragment the data, and has to throw it away. If this mechanism
1171 stops working, e.g. a firewall blocks ICMP, then your host never
1172 knows it has hit the maximum path MTU, but it has received no ACK on
1173 the packet either, so it continues to resend the same packet and the
1174 connection stalls, eventually timing out.
1178 You can test the link using pings of large packets and see what works:
1182 ping -s host 2048</PRE>
1184 Try reducing the MTU on the sending host:
1188 ifconfig le0 mtu 1300</PRE>
1190 Alternatively, you can reduce the size of the buffer Exim uses for SMTP
1191 output by putting something like
1195 DELIVER_OUT_BUFFER_SIZE=512</PRE>
1197 in your <B>Local/Makefile</B> and rebuilding Exim (the default is 8192).
1200 <A NAME="SEC23" HREF="FAQ.html#TOC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
1201 something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
1202 I see the appropriate "waiting for passed connections to get used"
1207 A0022: Recall that Exim does not keep separate queues for each domain, but
1208 operates in a distributed fashion. Messages get into its "waiting for
1209 host x" hints database only when a delivery has been tried, and has had
1210 a temporary error. Here are some possibilities:
1214 (1) The messages to <B>aol.com</B> got put in your queue, but no previous
1215 delivery attempt occured before you did the <B><B>-R.</B></B> This might have been
1216 because of your settings of <TT>queue_only_load</TT>, <TT>smtp_accept_queue</TT>, or any
1217 other option that caused no immediate delivery attempt on arrival. If
1218 this is the case, you can try using <B>-qqR</B> instead of <B><B>-R.</B></B>
1222 (2) You have set <TT>batch_max</TT> on the smtp transport, and that limit was
1223 reached. This would show as a sequence of n messages down one
1224 connection, then another n down a new connection, etc.
1228 (3) Exim tried to pass on the SMTP connection to another message, but
1229 that message was in the process of being delivered to <B>aol.com</B> by some
1230 other process (typically, a normal queue runner). This will break the
1231 sequence, though the other delivery should pass its connection on to
1232 other messages if there are any.
1236 (4) The folk at <B>aol.com</B> changed the MX records so the host names have
1237 changed - or a new host has been added. I don't know how likely this is.
1241 (5) Exim is not performing as it should in this regard, for some reason.
1242 Next time you have mail queued up for <B>aol.com,</B> try running
1246 exim_dumpdb /var/spool/exim wait-remote_smtp</PRE>
1248 to see if those messages are listed among those waiting for the relevant
1249 <B>aol.com</B> hosts.
1252 <A NAME="SEC24" HREF="FAQ.html#TOC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
1253 assumed not to exist" mean?
1257 A0023: A crash is occuring when Exim calls your DBM library in order to read a
1258 record from one of its hints files. This kind of problem can be related
1259 to incorrectly installed DBM libraries. If you are using Slackware 3.6,
1260 the problem is that libgdbm is incorrectly installed on that system, and
1261 you will need to re-install it from source.
1264 <A NAME="SEC25" HREF="FAQ.html#TOC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
1265 recognize references to headers such as <B><B>${h_to}.</B></B>
1269 A0024: The only valid syntax for header references is (for example) <B>$h_to:</B>
1270 because header names are permitted by RFC 822 to contain a very wide
1271 range of characters. A colon (or white space) is required as the
1275 <A NAME="SEC26" HREF="FAQ.html#TOC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
1276 host, and yet the remote host also claims to be timing out. This seems
1277 to affect only certain messages.
1282 <A HREF="FAQ.html#SEC19">Q0018</A>.
1285 <A NAME="SEC27" HREF="FAQ.html#TOC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
1286 request, the forked copy seems to go around in circles for a
1287 significant (up to 5 minutes, so far) amount of time before deciding to
1292 A0026: These kinds of delay are usually caused by some kind of network problem
1293 that affects outgoing calls made by Exim at the start of an incoming
1294 message. Configuration options that cause outgoing calls are:
1298 (1) <TT>rfc1413_query_hosts</TT> and <TT>rfc1413_query_timeout</TT> (for ident calls);
1299 firewalls sometimes block ident calls, which can lead to this
1304 (2) <TT>rbl_domains</TT> and <TT>rbl_hosts</TT>.
1308 (3) <TT>host_lookup</TT> and any other options that require the remote host's
1309 name to be looked up from its IP address.
1313 You can use the <B>-bh</B> option to get more information about what is
1314 happening at the start of a connection.
1317 <A NAME="SEC28" HREF="FAQ.html#TOC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
1318 This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
1319 problem started to occur at about 300 incoming connections.
1323 A0027: Some message delivery failed, and when Exim wanted to send a bounce
1324 message, it was unable to create a process in which to do so. Probably
1325 the limit on the maximum number of simultaneously active processes has
1326 been reached. Most OS have some means of increasing this limit, and in
1327 some operating systems there is also a limit per uid which can be
1331 <A NAME="SEC29" HREF="FAQ.html#TOC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
1332 by director" in a log line mean?
1336 A0028: Your system filter contains a "save" command, but you have not set
1337 <TT>message_filter_file_transport</TT>.
1340 <A NAME="SEC30" HREF="FAQ.html#TOC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
1341 address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
1342 configuration contains this:
1346 host_accept_relay = "lsearch;/etc/mail/relaydomains:192.168.96.0/24"</PRE>
1348 A0029: When checking <TT>host_accept_relay</TT>, the items are tested in left-to-right
1349 order. The first item in your list is a lookup on the incoming host's
1350 name, so Exim has to determine the name from the incoming IP address in
1351 order to perform the test. If it can't find the host name, it can't do
1352 the check, so it gives up. The solution is to put all explicit IP
1353 addresses first in the list. You would have discovered what was going
1354 on if you had run a test such as
1358 exim -bh 192.168.96.131</PRE>
1359 <A NAME="SEC31" HREF="FAQ.html#TOC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
1363 A0030: This probably means that Exim doesn't know its own path so it can't
1364 re-exec itself to do the first queue run. Check the output of
1368 exim -bP exim_path</PRE>
1369 <A NAME="SEC32" HREF="FAQ.html#TOC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
1370 with the banner, when connections to other ports respond instantly?
1375 <A HREF="FAQ.html#SEC27">Q0026</A>.
1378 <A NAME="SEC33" HREF="FAQ.html#TOC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
1379 expansion in it. This fails:
1383 command = "perl -T /usr/local/rt/bin/rtmux.pl \
1384 rt-mailgate helpdesk \
1385 ${if eq {$local_part}{rt} {correspond}{action}}"</PRE>
1387 A0032: You need some internal quoting in there. Exim expands each individual
1388 argument separately. Because you have (necessarily) got spaces in your
1389 <B>${if</B> item, you have to quote that argument. Try
1393 command = "perl -T /usr/local/rt/bin/rtmux.pl \
1394 rt-mailgate helpdesk \
1395 \"${if eq {$local_part}{rt} {correspond}{action}}\""</PRE>
1396 <A NAME="SEC34" HREF="FAQ.html#TOC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
1397 gives error code 69, with the comment "(could mean service or program
1402 A0033: If your alias entry looks like this:
1406 alias: |"/some/command some parameters"</PRE>
1408 change it to look like this:
1412 alias: "|/some/command some parameters"</PRE>
1413 <A NAME="SEC35" HREF="FAQ.html#TOC35">Q0034</A>: I'm having a problem with an Exim RPM.
1418 <A HREF="FAQ.html#SEC280">Q9606</A>.
1421 <A NAME="SEC36" HREF="FAQ.html#TOC36">Q0035</A>: What does the error "Spool file is locked" mean?
1425 A0035: This is not an error[*]. All it means is that when an Exim delivery
1426 process (probably started by a queue runner process) looked at a message
1427 in order to start delivering it, it found that another Exim process was
1428 already busy delivering it. On a busy system this is quite a common
1429 occurrence. If you set <TT>log_level</TT> less than 5, these messages are omitted
1434 [*] The only time when this message might indicate a problem is if it is
1435 repeated for the same message for a very long time - say more than a few
1436 hours. That would suggest that the process that is delivering the
1437 message has somehow got stuck.
1440 <BR><H2><A NAME="SEC37" HREF="FAQ.html#TOC37">1. BUILDING EXIM
1443 <A NAME="SEC38" HREF="FAQ.html#TOC38">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
1448 A0101: The problem is that libident assumes "struct timeval" refers to
1449 <TT>DST_NONE</TT>, and so it tries to avoid using this structure when <TT>DST_NONE</TT>
1450 isn't defined. Unfortunately it doesn't make this change everywhere it
1451 should, and so it blows up. The problem has been seen on NetBSD and
1452 some versions of the Linux C library. An easy, albeit not particularly
1453 neat, fix is to add <B><TT>-DDST_NONE</TT></B> to <TT>LIBIDENTCFLAGS</TT> for systems that are
1454 afflicted like this - there's not a lot else you can do without
1455 modifying libident. The value of <TT>DST_NONE</TT> is never used, so defining it
1456 to be empty should be harmless.
1459 <A NAME="SEC39" HREF="FAQ.html#TOC39">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
1467 (A) This means you (or the default configuration for your operating
1468 system) have configured Exim to use Berkeley DB version 1<B><EM>.xx</EM></B>
1469 and it has not been given access to the DB library (where <TT>dbopen</TT>
1470 should be found). You may need something like <TT>DBMLIB=-ldb</TT> in
1471 <B>Local/Makefile</B>. Berkeley DB is one of several alternative DBM
1472 libraries that Exim can make use of. For a discussion of DBM issues,
1473 see the file <B>doc/dbm.discuss.txt</B> in the Exim distribution.
1477 (B) You are running on a version of Linux which has a problem in its
1478 libraries. This effect isn't fully understood. It has been seen with
1479 the libraries used in Caldera OpenLinux Base 1.1.
1482 <A NAME="SEC40" HREF="FAQ.html#TOC40">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
1486 A0103: Have you set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B>? This causes Exim to use the
1487 native interface to the DBM library instead of the compatibility
1488 interface, which needs a header called <B>ndbm.h</B> that may not exist on your
1492 <A NAME="SEC41" HREF="FAQ.html#TOC41">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
1493 build Exim. (On some systems this error is "undefined reference to
1498 A0104: You should either remove the definition of USE_TCP_WRAPPERS or add
1499 <B>-lwrap</B> to your <TT>EXTRALIBS</TT> setting in <B>Local/Makefile</B>.
1502 <A NAME="SEC42" HREF="FAQ.html#TOC42">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
1503 spool is empty, or take any other special action?
1507 A0105: If you are changing to release 3.00 or later from a release prior to
1508 3.00, you will probably need to make changes to the runtime
1509 configuration file. See <B>README.UPDATING</B> for details. Otherwise, you
1510 do not need to take special action. New releases are made backwards
1511 compatible with old spool files and "hints" databases so that upgrading
1512 can be done on a running system. All that should be necessary is to
1513 install a new binary and then HUP the daemon if you are running one.
1516 <A NAME="SEC43" HREF="FAQ.html#TOC43">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
1520 A0106: You have set INFO_DIRECTORY in your <B>Local/Makefile</B>, and Exim is trying
1521 to install the Texinfo documentation, but cannot find the command called
1522 <B>install-info</B>. If you have a version of Texinfo prior to 3.9, you
1523 should upgrade. Otherwise, check your installation of Texinfo to see why
1524 the <B>install-info</B> command is not available.
1527 <A NAME="SEC44" HREF="FAQ.html#TOC44">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
1528 and so is failing to build.
1532 A0107: Run the command "scripts/os-type <B><B>-generic".</B></B> The output should be one of
1533 the known OS types, and should correspond to your operating system. You
1534 can see which OS are supported by obeying "ls OS/Makefile-*" and looking
1535 at the file name suffixes.
1539 If there is a discrepancy, it means that the script is failing to
1540 interpret the output from the "uname" command correctly, or that the
1541 output is wrong. Meanwhile, you can build Exim by obeying
1545 EXIM_OSTYPE=xxxx make</PRE>
1547 instead of just <B>make</B>, provided you are running a Bourne-compatible
1548 shell, or otherwise by setting EXIM_OSTYPE correctly in your
1549 environment. It is probably best to start again from a clean
1550 distribution, to avoid any wreckage left over from the failed attempt.
1553 <A NAME="SEC45" HREF="FAQ.html#TOC45">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
1554 <B>globals.c</B> module.
1558 A0108: You have set EXIM_UID = exim in your <B>Local/Makefile</B>. Unfortunately,
1559 named uids are not permitted here; you must give a numerical uid.
1560 However, in the runtime configure file names are permitted.
1563 <A NAME="SEC46" HREF="FAQ.html#TOC46">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
1568 A0109: This function should be present in all modern flavours of Unix. If you
1569 are using an older version, you should be able to get round the problem
1574 #define killpg(pgid,sig) kill(-(pgid),sig)</PRE>
1576 into the file called <B>OS/os.h<I>-xx</I>x,</B> where <I>xxx</I> identifies your operating
1577 system, and is the output of the command "scripts/os-type <B><B>-generic".</B></B>
1580 <A NAME="SEC47" HREF="FAQ.html#TOC47">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
1585 A0110: You must have specified <TT>LOOKUP_LDAP=yes</TT> in the configuration. Have you
1586 remembered to set <B>-lldap</B> somewhere (e.g. in LOOKUP_LIBS)? You need that
1587 in order to get the LDAP scanned when linking.
1590 <BR><H2><A NAME="SEC48" HREF="FAQ.html#TOC48">2. MAILBOX LOCKING
1593 <A NAME="SEC49" HREF="FAQ.html#TOC49">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
1594 post" when Exim tries to do a local delivery?
1598 A0201: Your configuration specifies that local mailboxes are all held in
1599 single directory, via configuration lines like these (taken from the
1600 default configuration):
1606 file = /var/mail/${local_part}</PRE>
1608 and the permissions on the directory probably look like this:
1612 drwxrwxr-x 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
1614 Using the default configuration, Exim runs as the local user when doing
1615 a local delivery, and it uses a lock file to prevent any other process
1616 from updating the mailbox while it is writing to it. With those
1617 permissions the delivery process, running as the user, is unable to
1618 create a lock file in the <B>/var/mail</B> directory. There are two solutions
1623 (A) Set the "write" and "sticky bit" permissions on the directory, so
1624 that it looks like this:
1628 drwxrwxrwt 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
1630 The "w" allows any user to create new files in the directory, but
1631 the "t" bit means that only the creator of a file is able to remove
1632 it. This is the same setting as is normally used with the <B>/tmp</B>
1637 (B) Arrange to run the <TT>local_delivery</TT> transport under a specific group
1638 by changing the configuration to read
1644 file = /var/mail/${local_part}
1647 The delivery process still runs under the user's uid, but with the
1648 group set to "mail". The group permission on the directory allows
1649 the process to create and remove the lock file.
1653 The choice between (A) and (B) is up to the administrator. If the
1654 second solution is used, users can empty their mailboxes by updating
1655 them, but cannot delete them.
1659 If your problem involves mail to root, see also
1660 <A HREF="FAQ.html#SEC122">Q0507</A>.
1663 <A NAME="SEC50" HREF="FAQ.html#TOC50">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
1669 <A HREF="FAQ.html#SEC286">A9705</A> in the Sun-specific section below.
1672 <BR><H2><A NAME="SEC51" HREF="FAQ.html#TOC51">3. ROUTING
1675 <A NAME="SEC52" HREF="FAQ.html#TOC52">Q0301</A>: What does "lowest numbered MX record points to local host" mean?
1679 A0301: It means exactly what it says. Exim has tried to route a domain that it
1680 thinks is not local, and when it looked it up in the DNS, the lowest
1681 numbered MX record pointed at the local host.
1685 (A) If the domain is meant to be handled as a local domain, then there
1686 is a problem with the setting of the <TT>local_domains</TT> configuration
1687 option. If you have not set this, then only the name of the local
1688 host is treated as a local domain. If, for example, your host is
1689 called <B>myhost.mydomain.com</B> and you want it to handle mail for the
1690 domain <B>mydomain.com</B> as well as for its own name, you must set
1694 local_domains = myhost.mydomain.com:mydomain.com</PRE>
1696 or, if you want to be more general, you could use
1700 local_domains = *.mydomain.com:mydomain.com</PRE>
1702 If you have a large number of individual local domains, you should
1703 investigate storing them in a file and setting <TT>local_domains</TT> to do a
1708 All the domains in <TT>local_domains</TT> are treated as synonymous by
1709 default. If you want to specify different handling for different
1710 domains, you can either use <TT>domains</TT> options, to restrict certain
1711 directors to certain domains, or use the <B>$domain</B> expansion variable
1712 in director options to vary the value according to the domain, for
1713 example, setting the name of an alias file to <B>/etc/aliases/$domain</B>.
1717 (B) If the domain is one for which the local host is providing a
1718 forwarding service (called "mail hubbing"), possibly as part of a
1719 firewall, then you need to set up a router to tell Exim where to
1720 send messages addressed to this domain, since the DNS directs them
1721 to the local host. The routers section of your configuration file
1722 should look something like this:
1728 transport = remote_smtp
1729 route_list = see discussion below</PRE>
1733 transport = remote_smtp</PRE>
1735 Note that the <B>domainlist</B> router must come first so that it can pick
1736 off a hubbed host before it gets to the <B>lookuphost</B> router. The
1737 contents of the <TT>route_list</TT> option depend on how many hosts you are
1738 hubbing for, and how their names are related to the domain name.
1739 Suppose the local host is a firewall, and all the domains in
1740 <B>*.foo.bar</B> have MX records pointing to it, and each domain
1741 corresponds to a host of the same name. Then the setting could be
1745 route_list = "*.foo.bar $domain byname"</PRE>
1747 If there isn't a convenient relationship between the domain names
1748 and the host names, then you either have to list each domain
1749 separately, or use a lookup expansion to look up the host from the
1750 domain, or put the routing information in a file and use the
1751 <TT>route_file</TT> option.
1755 (C) If neither (A) nor (B) is the case, then the lowest numbered MX
1756 record for the domain should not be pointing to your host. You
1757 should arrange to get the DNS mended.
1760 <A NAME="SEC53" HREF="FAQ.html#TOC53">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
1764 A0302: Replace the <B>lookuphost</B> router in the default configuration with the
1771 transport = remote_smtp
1772 route_list = "* gate.way.host byname"</PRE>
1774 This uses gethostbyname() to find the gateway's IP address. You could
1775 alternatively have "bydns" to do a DNS lookup with MX handling, in which
1776 case <B>"gate.way.host"</B> is really being treated as a mail domain name
1777 rather than a host name. If there are several hosts you can send to,
1778 you can specify them as a colon-separated list. See also
1779 <A HREF="FAQ.html#SEC76">Q0325</A> and
1780 <A HREF="FAQ.html#SEC79">Q0402</A>.
1783 <A NAME="SEC54" HREF="FAQ.html#TOC54">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
1784 if it cannot be immediately delivered by my host? I don't want to have
1785 queued mail waiting on my host.
1789 A0303: Add to the <TT>remote_smtp</TT> transport the following:
1793 fallback_hosts = central.server.name(s)</PRE>
1795 If there are several names, they must be separated by colons.
1798 <A NAME="SEC55" HREF="FAQ.html#TOC55">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
1799 be routed specially?
1804 <A HREF="FAQ.html#SEC81">A0404</A>.
1807 <A NAME="SEC56" HREF="FAQ.html#TOC56">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
1808 pop3 mail account? The customer doesn't want to add a list of specific
1809 local parts to the system.
1813 A0305: Set up a special transport that writes to the mailbox like this:
1825 The file will be written as the user "exim". Then arrange to route all
1826 mail for that domain to that transport, with a router like this:
1832 transport = special_transport
1833 route_list = "some.domain"</PRE>
1835 Alternatively, you could make <B>some.domain</B> a local domain, and use a
1836 <B>smartuser</B> director instead.
1839 <A NAME="SEC57" HREF="FAQ.html#TOC57">Q0306</A>: The <TT>route_list</TT> setting
1840 <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
1841 router does not work.
1845 A0306: The first thing in a <TT>route_list</TT> item is a single pattern, not a list of
1846 patterns. You need to write that as
1847 <TT>^(foo|bar)$ $domain byname</TT>.
1848 Alternatively, you could use several items and write
1852 route_list = "foo $domain byname; bar $domain byname"</PRE>
1854 Note the semicolon separator. This is because the second thing in each
1855 item <EM>can</EM> be a list - of hosts.
1858 <A NAME="SEC58" HREF="FAQ.html#TOC58">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
1859 <TT>require_files</TT> option.
1864 <A HREF="FAQ.html#SEC87">A0410</A> below.
1867 <A NAME="SEC59" HREF="FAQ.html#TOC59">Q0308</A>: I have a domain for which some local parts must be delivered locally,
1868 but the remainder are to be treated like any other remote addresses.
1872 A0308: The way to do this is not to include the domain in <TT>local_domains</TT>, so
1873 that addresses initially get passed to the routers. The first router
1874 should be definied like this:
1880 local_parts = whatever...
1881 domains = whatever...
1882 route_list = * localhost byname
1885 That will pick off those addresses with matching local parts and
1886 domains, and hand them to the directors, because of the <TT>self = local</TT>
1887 setting. Any other addresses will fall through to the other routers and
1888 be handled as normal remote addresses.
1891 <A NAME="SEC60" HREF="FAQ.html#TOC60">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
1892 want it just to look up the hosts' A records. I tried using a negative
1893 entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
1897 A0309: The <TT>mx_domains</TT> option specifies domains for which there <EM>must</EM> be an MX
1898 record (an A record isn't good enough). Consequently, a negative item in
1899 it doesn't do what you want - any domain matching is is not required to
1900 have an MX record, but it doesn't stop Exim from using MX records for
1901 any that do have them. You can achieve what you want using either a
1902 <B>lookuphost</B> or a <B>domainlist</B> router:
1906 (A) Using <B>lookuphost</B>:
1912 transport = remote_smtp
1913 domains = list:of:domains:you:want:to:do:this:for
1916 (B) Using <B>domainlist</B>:
1922 transport = remote_smtp
1923 domains = list:of:domains:you:want:to:do:this:for
1924 route_list = * * byname</PRE>
1926 If the list of domains is actually a lookup in a file, you can dispense
1927 with <TT>domains</TT> in the <B>domainlist</B> case, and put the lookup into the
1928 <TT>route_list</TT> option.
1931 <A NAME="SEC61" HREF="FAQ.html#TOC61">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
1932 addressed to a domain whose MX points to the firewall, it is forwarded
1933 to the internal mail server, without having to have a list of all the
1938 A0310: As your first router, have the standard <B>lookuphost</B> router from the
1939 default configuration, with the added options
1944 self = fail_soft</PRE>
1946 This will handle all domains whose lowest numbered MX records do <EM>not</EM>
1947 point to your host. Because of the <TT>no_more</TT> setting, if it encounters
1948 an unknown domain, routing will fail. However, if it hits a domain whose
1949 lowest numbered MX points to your host, the "self" option comes into
1950 play, and overrides <TT>no_more</TT>. The <TT>fail_soft</TT> setting causes it to pass
1951 the address on to the next router. (The default causes it to generate an
1956 As your second (and last) router, set up a <B>domainlist</B> router that sends
1957 everything to your internal mail server. That is, use an option of the
1962 route_list = * internal.server byname</PRE>
1963 <A NAME="SEC62" HREF="FAQ.html#TOC62">Q0311</A>: How can I arrange that messages larger than some limit are handled by
1968 A0311: If you are using Exim 2.10 or greater, you can use a <TT>condition</TT> option
1969 on the router of the form
1973 condition = ${if >{$message_size}{100K}{yes}{no}}</PRE>
1975 Earlier versions of Exim do not have numerical comparison operators,
1976 though you can use tricks like
1980 condition = ${if eq {${substr_5:$message_size}}{}{no}{yes}}</PRE>
1981 <A NAME="SEC63" HREF="FAQ.html#TOC63">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
1986 A0312: If a DNS lookup returns no MXs, Exim looks for an A record, in
1987 accordance with the rules that are defined in the RFCs. If you want to
1988 break the rules, you can set <TT>mx_domains</TT> in the <B>lookuphost</B> router, but
1989 you will cut yourself off from those sites (and there still seem to be
1990 plenty) who do not set up MX records.
1993 <A NAME="SEC64" HREF="FAQ.html#TOC64">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
1994 send the messsage to the host defined by the A record?
1998 A0313: The RFCs are quite clear on this. Only if it is known that there are no
1999 MX records is an MTA allowed to make use of the A record. When an MX
2000 lookup fails to complete, Exim does not know whether there are any MX
2001 records or not. There seem to be some nameservers (or some
2002 configurations of some nameservers) that give a "server fail" error when
2003 asked for a non-existent MX record. Exim uses standard resolver calls,
2004 which unfortunately do not distinguish between this case and a timeout,
2005 so all Exim can do is try again later.
2008 <A NAME="SEC65" HREF="FAQ.html#TOC65">Q0314</A>: Can you specify a list of domains to explicitly reject?
2012 A0314: Use a router like this:
2019 domains = list:of:domains:to:reject
2020 route_list = * localhost byname</PRE>
2021 <A NAME="SEC66" HREF="FAQ.html#TOC66">Q0315</A>: Is it possible to use a conditional expression for the host item in a
2022 <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
2027 route_list = "* ${if match{$header_from:}{.*\\.usa\\.net\\$} \
2028 {<smarthost1>}{<smarthost2>} bydns_a"</PRE>
2030 A0315: The problem is that the second item in the <TT>route_list</TT> contains white
2031 space, which means that it gets terminated prematurely. To avoid this,
2032 you must put the second item in quotes, and because the whole item is
2033 already in quotes, you have to escape them like this:
2037 route_list = "* \"${if match{$header_from:}{.*\\.usa\\.net\\$} \
2038 {<smarthost1>}{<smarthost2>}\" bydns_a"</PRE>
2039 <A NAME="SEC67" HREF="FAQ.html#TOC67">Q0316</A>: I send all external mail to a smart host, but this means that bad
2040 addresses also get passed to the smart host. Can I avoid this?
2044 A0316: If you are receiving the mail via SMTP, then you can use verification to
2045 weed out the bad addresses. Set <TT>no_verify</TT> on the router which sends
2046 everything to your smart host, and insert a new router with <TT>verify_only</TT>
2047 that does general routing using DNS lookups (e.g. the default <B>lookuphost</B>
2048 router), or any other verification you want. Then set <TT>receiver_verify</TT>
2049 so that addresses are accepted only if they verify successfully.
2052 <A NAME="SEC68" HREF="FAQ.html#TOC68">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
2053 mail only goes out when I do a queue run. However, any email I send with
2054 an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
2055 'retry time exceeded', and all addresses are affected.
2060 <A HREF="FAQ.html#SEC219">Q1401</A>.
2063 <A NAME="SEC69" HREF="FAQ.html#TOC69">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
2069 <A HREF="FAQ.html#SEC105">A0428</A>.
2072 <A NAME="SEC70" HREF="FAQ.html#TOC70">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
2073 domains, and then pass them on to the next router?
2077 A0319: If you have some list of domains that you want to qualify, you can do
2078 this using a <B>domainlist</B> router. For example,
2084 route_list = "*.a.b $domain.c.com"</PRE>
2086 adds <B>".c.com"</B> to any domain that matches <B>"*.a.b".</B> In the absence of any
2087 options in the route item, the new domain is passed to the next router.
2091 If you want to do this in conjunction with a <B>lookuphost</B> router, the
2092 <TT>widen_domains</TT> option of that router may be another way of achieving what
2096 <A NAME="SEC71" HREF="FAQ.html#TOC71">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
2097 like to know how to restrict mail which comes from that account to users
2102 A0320: Set up a router with <B><B>senders=nobody@your.domain</B></B> which routes all
2103 mail to a local transport that delivers it to <B>/dev/null</B> (or to a pipe
2104 that bounces with an error message, or whatever). That would catch all
2105 mail to non-local domains.
2108 <A NAME="SEC72" HREF="FAQ.html#TOC72">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
2109 valid sites are rejected with "unknown mail domain". This only happens a
2110 few times a day and there is no particular pattern to the sites it
2111 rejects. If I try to lookup the same domain a few minutes later then it
2116 A0321: (A) Have you linked Exim against the newest DNS resolver library that
2117 comes with Bind? If you are using SunOS4 that may be your problem, as
2118 the resolver that comes with that OS is known to be buggy and to give
2119 intermittent false negatives.
2123 (B) Effects like this are sometimes seen if a domain's nameservers get
2124 out of step with each other.
2127 <A NAME="SEC73" HREF="FAQ.html#TOC73">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
2131 A0322: Set <TT>pass_on_timeout</TT> on your <B>lookuphost</B> router, and add below it a
2132 <B>domainlist</B> router that routes everything to the relay.
2135 <A NAME="SEC74" HREF="FAQ.html#TOC74">Q0323</A>: I would like to forward all incoming email for a particular domain to
2136 another machine via SMTP. Whereabouts would I configure that?
2140 A0323: First, do not list the domain in <TT>local_domains</TT>. Instead, list it in
2141 <TT>relay_domains</TT>. Then, if the domain's lowest numbered MX record points to
2142 your host, set up a <B>domainlist</B> router before your normal <B>lookuphost</B>
2143 router, in order to route the domain to the specific host.
2146 <A NAME="SEC75" HREF="FAQ.html#TOC75">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
2147 when MX records point to IP addresses?
2151 A0324: MX records cannot point to IP addresses. They are defined to point to
2152 host names, so Exim always interprets them that way. (An IP address is a
2153 syntactically valid host name.) The DNS for the domain you are having
2154 problems with is misconfigured.
2157 <A NAME="SEC76" HREF="FAQ.html#TOC76">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
2158 to the relevant hosts, but all other mail to be sent to my ISP's mail
2159 server? The local hosts are all DNS-registered and behave like normal
2164 A0325: Set up a first router to pick off all the domains for your local
2165 network. There are several ways you might do this. For example
2171 transport = remote_smtp
2172 domains = lsearch;/etc/local_domains.list</PRE>
2174 This does a perfectly conventional DNS routing operation, but only for
2175 your local domains. Follow this with a "smarthost" router:
2181 transport = remote_smtp
2182 route_list = * mail.isp.net bydns_a</PRE>
2184 This sends anything else to the smart host.
2187 <BR><H2><A NAME="SEC77" HREF="FAQ.html#TOC77">4. DIRECTING
2190 <A NAME="SEC78" HREF="FAQ.html#TOC78">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
2191 aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
2192 example, <B><B>postmaster@virt.dom.ain.</B></B>
2196 A0401: Adding an asterisk to a search type causes Exim to look up "*" when the
2197 normal lookup fails. So if your director is something like this:
2203 domains = virt.dom.ain
2204 file = /usr/lib/aliases.virt
2205 search_type = lsearch
2208 you should change "lsearch" to "lsearch*", and put this in the alias
2213 *: postmaster@virt.dom.ain</PRE>
2215 This solution has the feature that if there are several unknown
2216 addresses in the same message, only one copy gets sent to the
2217 postmaster, because of Exim's normal de-duplication rules.
2221 You can get separate deliveries for each unknown address only if you can
2222 direct them to a specific transport, by using a <B>smartuser</B> director like
2229 domains = virt.dom.ain
2230 file = /usr/lib/aliases.virt
2231 search_type = lsearch</PRE>
2235 domains = virt.dom.ain
2236 transport = special_delivery
2237 new_address = postmaster@virt.dom.ain
2240 If an address in the virtual domain is not matched by the normal alias
2241 lookup, then it gets picked up by the <B>smartuser</B> and passed to the
2242 transport with a new address. There is no checking for duplicates, so
2243 if there is more than one address that passes through this mechanism,
2244 multiple copies get delivered. In order to distinguish them, the
2245 <TT>envelope_to_add</TT> option can be set on the transport, to cause the
2246 insertion of an Envelope-To: header containing the original recipient
2250 <A NAME="SEC79" HREF="FAQ.html#TOC79">Q0402</A>: How do I configure Exim to send all messages to a central server?
2254 A0402: This implies that you are not doing any local deliveries at all. Set
2258 local_domains =</PRE>
2260 in the configuration file. This specifies that there are no local
2261 domains (by default your host name is set up as a local domain). Then
2262 all addresses are non-local -
2263 <A HREF="FAQ.html#SEC53">A0302</A> tells you how to deal with them.
2266 <A NAME="SEC80" HREF="FAQ.html#TOC80">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
2271 A0403: At the end of the directors section of the configuration, insert the
2278 transport = unknown_transport</PRE>
2280 You should add <TT>no_verify</TT> to this if you are verifying addresses;
2281 without it, all local parts will verify as valid in the local domain.
2282 Then somewhere in the transports section of the configuration insert
2288 hosts = server.host.name</PRE>
2290 A colon-separated list of hosts may be given. They are tried in order.
2291 By default, the IP address of any host is found by looking in the DNS
2292 and doing MX processing (so really it is a domain list rather than a
2293 host list). If you don't want MX processing, set the "gethostbyname"
2300 hosts = server.host.name
2303 This calls the gethostbyname() function to find IP addresses. Depending
2304 on your operating system and configuration, this usually consults
2305 <B>/etc/hosts</B> and possibly other sources of information, as well as, or
2306 instead of, the DNS.
2310 If you want to change the recipient address when doing this, you can use
2311 the <TT>new_address</TT> option on the <B>smartuser</B> director. For example, if the
2312 address is <B><B>user@foo.bar.com</B></B> and the setting is
2316 new_address = $local_part@bar.com</PRE>
2318 The message is sent to the server with the envelope recipient changed to
2319 <B><B>user@bar.com.</B></B> However, this does not make any changes to the message's
2323 <A NAME="SEC81" HREF="FAQ.html#TOC81">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
2324 be handled specially?
2328 A0404: You can use the <TT>condition</TT> option on a director or router, with a
2333 condition = "${if and {eq {$sender_host_address}{}} \
2334 {eq {$sender_ident}{majordom}} {yes}{no}}"</PRE>
2336 This first tests for a locally-submitted message, by ensuring there is
2337 no sending host address, and then it checks the identity of the user
2338 that ran the submitting process.
2341 <A NAME="SEC82" HREF="FAQ.html#TOC82">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
2342 qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
2347 A0405: You can do it either way. If you use a single file, you must set
2348 <TT>include_domains</TT> on the <B>aliasfile</B> director. If you use a separate file
2349 for each domain you can use a single director with an option such as
2353 file = /etc/aliases/$domain</PRE>
2355 (as in C007), or you can have several different directors, each one with
2359 domains = domain1:domain2:...</PRE>
2361 so that each one processes certain domains only. That way you could have
2362 several domains sharing an alias file. All of this assumes that you want
2363 have different aliases for each domain. If all the domain names are in
2364 effect just synonyms, you don't need to do anything other than ensure
2365 they all match something in <TT>local_domains</TT>.
2368 <A NAME="SEC83" HREF="FAQ.html#TOC83">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
2369 appends to the user's INBOX. How can I forbid this?
2373 A0406: If you allow your users to run shells in pipes, you cannot control which
2374 commands they run or which files they write to. However, you should point
2375 out to them that writing to an INBOX by arbitrary commands is not
2376 interlocked with the MTA and MUAs, and is liable to mess up the contents
2381 If a user simply wants to choose a specific file for the delivery of
2382 messages, this can be done by putting a file name in a <B>.forward</B> file
2383 rather than using a pipe, or by using the "save" command in an Exim
2388 You can set <TT>forbid_pipe</TT> on the <B>forwardfile</B> director, but that will
2389 prevent them from running any pipe commands at all. Alternatively, you
2390 can restrict which commands they may run in their pipes by setting the
2391 <TT>allow_commands</TT> and/or <TT>restrict_to_path</TT> options in the <TT>address_pipe</TT>
2395 <A NAME="SEC84" HREF="FAQ.html#TOC84">Q0407</A>: How can I arrange for a default value when using a query-style lookup
2396 such as LDAP or NIS+ to handle aliases?
2400 A0407: Using the queries option for the <B>aliasfile</B> driver should do what you
2401 want. You can supply a second query which gets obeyed when the first
2402 query fails. For example,
2407 ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=$local_part@$domain)):\
2408 ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=default@$domain))"</PRE>
2409 <A NAME="SEC85" HREF="FAQ.html#TOC85">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
2410 then mail to aliases which also match the local domain get delivered to
2415 For example, if the alias file for <B>foobar.com</B> is
2419 foo: joe@some.place.com
2420 postmaster: foo</PRE>
2422 then mail sent to <B><B>postmaster@foobar.com</B></B> is not delivered to
2423 <B><B>joe@some.place.com</B></B> but instead goes to <B><B>foo@localdomain.com.</B></B>
2427 A0408: Set the <TT>qualify_preserve_domain</TT> option on the <B>aliasfile</B> director.
2430 <A NAME="SEC86" HREF="FAQ.html#TOC86">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
2431 without root privilege, so Exim cannot access <B>~user/.forward.</B>
2435 A0409: Set the seteuid option on the <B>forwardfile</B> director so that Exim
2436 "becomes" the user before trying to read the file. However, if your
2437 operating system does not support the seteuid() function, you cannot do
2438 this. In that circumstance, if you cannot persuade your users to make
2439 their <B>.forward</B> files world readable, you can set the <TT>ignore_eacces</TT>
2440 option, which causes Exim to ignore unreadable files.
2443 <A NAME="SEC87" HREF="FAQ.html#TOC87">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
2444 existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
2448 A0410: Exim is running under its own uid (or root if there isn't an Exim uid)
2449 when it checks <TT>require_files</TT>. You can cause it to change to a specific
2450 uid by putting an item not containing any / characters at the start of
2451 the <TT>require_files</TT> list. In this case you probably want a director along
2458 require_files = ${local_part}:${home}/.procmailrc
2459 transport = procmail_pipe</PRE>
2460 <A NAME="SEC88" HREF="FAQ.html#TOC88">Q0411</A>: How can I deliver mail into different directories for each virtual
2461 domain, doing user lookups not against <B>/etc/passwd</B> but against
2462 <B><B>/etc/passwd.domain</B>?</B>
2466 A0411: See configuration sample C009.
2469 <A NAME="SEC89" HREF="FAQ.html#TOC89">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
2470 to a single address for each domain.
2474 A0412: One way to to this is
2480 domains = lsearch;/etc/virtual
2481 new_address = ${lookup{$domain}lsearch{/etc/virtual}{$value}fail}</PRE>
2483 The <B>/etc/virtual</B> file contains a list of domains and the addresses to
2484 which their mail should be sent. For example:
2488 domain1: postmaster@some.where.else
2489 domain2: joe@xyz.plc
2492 If the number of domains is large, using a DBM or cdb file would be more
2496 <A NAME="SEC90" HREF="FAQ.html#TOC90">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
2500 A0413: The default configuration does not use NIS (many hosts don't run it).
2501 You should change the <TT>system_aliases</TT> director to
2508 search_type = nis</PRE>
2510 If you want to use <B>/etc/aliases</B> as well as NIS, put this director (with
2511 a different name) before or after the default one, depending on which
2512 data source you want to take precedence.
2515 <A NAME="SEC91" HREF="FAQ.html#TOC91">Q0414</A>: What does the error message "error in forward file (filtering not
2516 enabled): missing or malformed local part ..." mean?
2520 A0414: If you are trying to use an Exim filter, you have forgotten to enable
2521 the facility, which is disabled by default. In the <B>forwardfile</B> director
2522 (in the Exim configuration file) you need to set
2528 to allow a <B>.forward</B> file to be used as an Exim filter. If you are not
2529 trying to use an Exim filter, then you have put a malformed address in
2530 the <B>.forward</B> file.
2533 <A NAME="SEC92" HREF="FAQ.html#TOC92">Q0415</A>: Exim isn't recognizing certain forms of local address.
2537 A0415: (A) Try using the <B>-bt</B> option with debugging turned on, to see how Exim
2538 is handling the addresses. For example,
2542 exim -d2 -bt z6abc</PRE>
2544 will show you how it would handle the local part "z6abc". Increase the
2545 debug level to <B>-d9</B> for more information.
2549 (B) If the local user names contain capital letters, that is probably
2550 the cause of your problem. Setting up such user names is a bad idea.
2551 By default, everything is lowercased before the final delivery for the
2552 sake of alias matching and user name matching, because people who type
2553 email addresses often get the case wrong. You can stop this by setting
2557 locally_caseless = false</PRE>
2559 but then incoming addresses are recognized only in the correct case.
2561 <A HREF="FAQ.html#SEC101">Q0424</A> for a way round this.
2564 <A NAME="SEC93" HREF="FAQ.html#TOC93">Q0416</A>: I have a domain for which some local parts must be delivered locally,
2565 but the remainder are to be treated like any other remote addresses.
2570 <A HREF="FAQ.html#SEC59">A0308</A>.
2573 <A NAME="SEC94" HREF="FAQ.html#TOC94">Q0417</A>: What I really need is the ability to obtain the result of a pipe
2574 command so that I can filter externally and redirect internally. Is
2579 A0417: This is not possible. The result of a pipe command is not available to
2580 a filter, because it doesn't run any deliveries while filtering. It just
2581 sets up deliveries. They all happen later. If you want to run pipes
2582 and examine their results, you need to set up a single delivery to a
2583 delivery agent such as procmail which provides this kind of facility.
2586 <A NAME="SEC95" HREF="FAQ.html#TOC95">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
2587 checking the <TT>local_parts</TT> option. Why is this?
2591 A0418: The test on local parts and domains is done early on, and only if they
2592 match is supplementary processing such as prefix and suffix recognition
2593 done. There is a section of the manual called "Skipping directors" which
2594 gives details. If you want to ignore a prefix or suffix in the initial
2595 test of the local part, you can do so by replacing <TT>local_parts</TT> with a
2596 setting of the <TT>condition</TT> option. For example, suppose you wanted to
2597 look up the basic local part in a file, and run the director if it is
2602 condition = "${if lookup{\
2603 ${if match{$local_part}{^(.*)-request}{$1}{$local_part}}\
2604 }lsearch{/some/file}{yes}}"</PRE>
2606 The key that is looked up is the second line, which uses a regular
2607 expression to strip "-request" from the local part if it is present.
2610 <A NAME="SEC96" HREF="FAQ.html#TOC96">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
2611 than 8 characters as long as the first 8 characters match one of the
2616 A0419: The problem is in your operating system. Exim just calls the getpwnam()
2617 function to test a local part for being a local login name. It does not
2618 presume to guess the maximum length of user name for the underlying
2619 operating system. Many operating systems correctly reject names that are
2620 longer than the maximum length; yours is apparently deficient in this
2621 regard. To cope with such systems, Exim has an option called
2622 <TT>max_user_name_length</TT> which you can set to the maximum allowed length.
2625 <A NAME="SEC97" HREF="FAQ.html#TOC97">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
2626 (userforward director)"? I've looked through the documentation but can't
2627 see anything to suggest that exim has to do anything other than read the
2628 <B>.forward</B> file.
2632 A0420: For security, Exim checks for mode bits that shouldn't be set, by
2633 default 022. You can change this by setting the "modemask" option of the
2634 <B>forwardfile</B> director.
2637 <A NAME="SEC98" HREF="FAQ.html#TOC98">Q0421</A>: How can I arrange that messages larger than some limit are handled by
2643 <A HREF="FAQ.html#SEC62">A0311</A>.
2646 <A NAME="SEC99" HREF="FAQ.html#TOC99">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
2647 delivery of all messages to that user, which sometimes include the
2648 user's own test messages. Can it be told to ignore the <B>.forward</B> file
2649 and/or inform the user of the error?
2653 A0422: Setting <TT>skip_syntax_errors</TT> on the <B>forwardfile</B> director causes syntax
2654 errors to be skipped. When dealing with users' <B>.forward</B> files it is best
2655 to combine this with a setting of <TT>syntax_errors_to</TT> in order to send
2656 a message about the error to the user. However, to avoid an infinite
2657 cascade of messages, you have to be able to send to an address that
2658 bypasses <B>.forward</B> file processing. This can be done by including a
2659 director like this one
2665 transport = local_delivery
2666 prefix = real-</PRE>
2668 <EM>before</EM> the <B>forwardfile</B> director. This will do an ordinary local
2669 delivery without <B>.forward</B> processing, if the local part is prefixed by
2670 "real-". You can then set something like the following options on the
2671 <B>forwardfile</B> director:
2676 syntax_errors_to = real-$local_part@$domain
2677 syntax_errors_text = "\
2678 This is an automatically generated message. An error has been \
2679 found\nin your .forward file. Details of the error are reported \
2680 below. While\nthis error persists, messages addressed to you will \
2681 get delivered into\nyour normal mailbox and you will receive a \
2682 copy of this message for\neach one."</PRE>
2684 A final tidying setting to go with this is a rewriting rule that changes
2685 "real-username" into just "username" in the headers of the message:
2689 ^real-([^@]+)@your\.dom\.ain$ $1@your.dom.ain h</PRE>
2691 This means that users won't ever see the "real-" prefix, unless they
2692 look at the Envelope-To header.
2695 <A NAME="SEC100" HREF="FAQ.html#TOC100">Q0423</A>: I have some users on my system with upper case letters in their login
2696 names, but these are not recognized.
2701 <A HREF="FAQ.html#SEC101">A0424</A>.
2704 <A NAME="SEC101" HREF="FAQ.html#TOC101">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
2705 in their login names, but incoming mail now has to use the correct case.
2706 Can I relax this somehow?
2710 A0424: If you really have to live with caseful user names but want incoming
2711 local parts to be caseless, then you have to maintain a file, indexed by
2712 the lower case forms, that gives the correct case for each login, like
2723 and at the start of your directors, put one like this:
2729 new_address = "${lookup{${lc:$local_part}}lsearch{/the/file}\
2730 {$value@$domain}fail}"</PRE>
2732 For efficiency, you should also set the <TT>new_director</TT> option to cause
2733 processing of the changed address to begin at the next director. If you
2734 are otherwise using the default configuration, then the setting would be
2738 new_director = system_aliases</PRE>
2740 If there are lots of users, then a DBM or cdb file would be more
2741 efficient than lsearch. If you are handling several domains, then you
2742 will have to extend this configuration to cope appropriately.
2745 <A NAME="SEC102" HREF="FAQ.html#TOC102">Q0425</A>: I want to look up local users in an SQL database instead of looking in
2750 A0425: (A) From release 3.03, Exim contains support for calling MySQL.
2754 (B) If you can set up an LDAP interface to your SQL database, then this
2755 is relatively straightforward to do, since Exim contains LDAP support.
2756 Sample configuration C009 shows you how to lookup users in
2757 <B>/etc/passwd/whatever</B> instead of <B>/etc/passwd</B>. Modifying this to use LDAP
2758 instead of looking in a file would be easy.
2762 (C) If you can access SQL from Perl, you could use Exim's embedded Perl
2763 facility, but this is expensive in terms of resources used.
2767 You must consider what will happen if your database is down. All local
2768 mail delivery will be delayed until it comes up again. Whether this
2769 matters is of course something for you to decide. If the database is
2770 down a lot and it does matter, then consider some scheme of extracting
2771 a list of users from the database at regular intervals, and getting Exim
2772 to work off that. This is also likely to be more efficient.
2775 <A NAME="SEC103" HREF="FAQ.html#TOC103">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
2776 of virtual domains and explicit aliases?
2781 <A HREF="FAQ.html#SEC102">A0425</A>.
2784 <A NAME="SEC104" HREF="FAQ.html#TOC104">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
2785 and effectively drop in exim in place of Sendmail ?
2789 A0427: Yes, as long as your alias/forward files don't assume that pipes are
2790 going to run under a shell. If they do, you either have to change them,
2791 or configure Exim to use a shell (which it doesn't by default).
2794 <A NAME="SEC105" HREF="FAQ.html#TOC105">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
2799 A0428: This is the same question as
2800 <A HREF="FAQ.html#SEC79">Q0402</A>. The duplication is a bug in the FAQ.
2803 <A NAME="SEC106" HREF="FAQ.html#TOC106">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
2804 existing user would bounce back with a different message, based
2805 on the name of non-existing user?
2809 A0429: See the example in the section of the manual entitled "System-wide
2810 automatic processing".
2813 <A NAME="SEC107" HREF="FAQ.html#TOC107">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
2814 wondering if it worth leaving the actually list expansion to the
2815 <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
2816 transport? Is there any real difference in terms of facilities and/or
2817 performance, and are the expansions basically the same code anyway?
2821 A0430: The code that pulls out individual addresses from a list is the same in
2822 both cases, so it's really just a matter of which is the most convenient
2826 <A NAME="SEC108" HREF="FAQ.html#TOC108">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
2827 automatically, so that people could just create a .<B>vacation.msg</B> file in
2828 their home directory and not have to edit their <B>.forward</B> file?
2832 A0431: Add a new director like this, immediately before the normal localuser
2839 require_files = .vacation.msg
2840 transport = vacation_transport
2843 and a matching new transport like this:
2849 command = "/usr/ucb/vacation \"$local_part\""</PRE>
2851 However, some versions of <B>/usr/ucb/vacation</B> do not work properly unless
2852 the DBM file(s) it uses are created in advance - it won't create them
2853 itself. You also need a way of removing them when the vacation is over.
2857 Another possibility is to use a fixed filter file which is run whenever
2858 .<B>vacation.msg</B> exists, for example:
2863 driver = forwardfile
2865 require_files = $home/.vacation.msg
2866 file = /some/central/filter
2869 The filter file should use the "if personal" check before sending mail,
2870 to avoid generating automatic responses to mailing lists. If sending a
2871 message is all that it does, this doesn't count as a "significant"
2872 delivery, so the message goes on to be delivered as normal.
2876 Yet another possibility is to make use of Exim's autoreply transport.
2880 <A NAME="SEC109" HREF="FAQ.html#TOC109">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
2881 local parts that the aliases generate. For example, if the alias file
2886 luke.skywalker: luke
2890 then messages addressed to <B>luke.skywalker</B> end up at postmaster.
2894 A0432: (A) If you know for certain that no alias in your alias file ever
2895 generates another alias that is in the same file, then the most
2896 efficient solution is to put
2900 new_director = name-of-following-director</PRE>
2902 in your <B>aliasfile</B> director. This stops Exim from processing the
2903 generated names as aliases the second time.
2907 (B) If you can't give that guarantee, then you have to put dummy entries
2908 in the alias file for all your local parts, for example:
2914 (C) Another possibility is to put the <B>aliasfile</B> director for these
2915 aliases <EM>after</EM> the localuser director, so that local parts get picked
2916 off first. You will need to have two <B>aliasfile</B> directors if there are
2917 some local parts (e.g. root) which you do want to handle as aliases
2918 rather than local users.
2921 <A NAME="SEC110" HREF="FAQ.html#TOC110">Q0433</A>: I have some obsolete domains which people have been warned not to use
2922 any more. How can I arrange to delete any mail that is sent to them?
2926 A0433: If you are using release 3.10 or later, you can use a <B>smartuser</B> director
2932 domains = lsearch;/etc/exim/obsolete.domains
2933 new_address = :blackhole:</PRE>
2935 If you want to make any exceptions, for example, for mail to postmaster
2936 at those domains, you can add the line
2940 local_parts = !postmaster</PRE>
2942 If you are using an earlier release of Exim, you have to set up an alias
2943 file in order to use :blackhole:
2948 domains = lsearch;/etc/exim/obsolete.domains
2949 file = /blackhole/all
2950 search_type = lsearch*</PRE>
2952 with the file containing
2960 and possibly a postmaster alias if you want.
2963 <A NAME="SEC111" HREF="FAQ.html#TOC111">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
2964 gets delivered to <B><B>something@mydomain.com</B>?</B>
2968 A0434: Ensure that all the relevant domains are local, by setting
2972 local_domains = mydomain.com : *.mydomain.com</PRE>
2974 Then set up a <B>smartuser</B> director like this:
2980 new_address = "${if match{$domain}{^(.+)\\\\.mydomain.com\\$}\
2981 {$1@mydomain.com}fail}"</PRE>
2982 <A NAME="SEC112" HREF="FAQ.html#TOC112">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
2983 one of my directors:
2987 local_parts = ^0740\d{6}</PRE>
2989 A0435: The <TT>local_parts</TT> option is expanded before use, so that you can, for
2990 example, make it dependent on the domain. Therefore, you need to write
2994 local_parts = ^0740\\d{6}</PRE>
2996 so as to preserve the backslash.
2999 <A NAME="SEC113" HREF="FAQ.html#TOC113">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
3000 to share the same alias file? I have a number of such groups.
3004 A0436: For a single group you could just hardwire the file name into a director
3009 domains = *.example.com</PRE>
3011 set, to restrict it to the relevant domains. For a number of such groups
3012 you can create a file containing the domains, like this:
3016 *.example1.com example1.com
3017 *.example2.com example2.com
3020 Arrange that the domains are treated as local by setting
3024 local_domains = "partial-lsearch;/that/file"</PRE>
3026 Then create a director like this
3032 domains = partial-lsearch;/that/file
3033 file = /etc/aliases.d/$domain_data
3034 search_type = lsearch*</PRE>
3036 The variable <B>$domain_data</B> contains the data that was looked up when the
3037 <TT>domains</TT> option was matched, i.e. <B>"example1.com",</B> <B>"example2.com",</B> etc.
3041 <A NAME="SEC114" HREF="FAQ.html#TOC114">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
3042 giving "Permission denied", but that file is world-readable!
3046 A0437: Check the permissions on the superior directories.
3049 <BR><H2><A NAME="SEC115" HREF="FAQ.html#TOC115">5. DELIVERY
3052 <A NAME="SEC116" HREF="FAQ.html#TOC116">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
3053 a uid for local delivery of..." mean?
3057 A0501: Whenever Exim does a local delivery, it runs a process under a specific
3058 user and group id (uid and gid). For deliveries into mailboxes, and to
3059 pipes and files set up by <B>.forward</B>ing, it normally picks up the uid/gid
3060 of the receiving user. However, if an address is directed to a pipe or a
3061 file by some other means, such an entry in the system alias file of the
3066 majordomo: |/local/mail/majordomo ...</PRE>
3068 then Exim has to be told what uid/gid to use for the delivery. This can
3069 be done either on the director that handled the address, or on the
3070 transport that actually does the delivery. If a pipe is going to run a
3071 setuid program, then it doesn't matter what uid Exim starts it out with,
3072 and so the most straightforward thing is to put
3078 on either the director or the transport. A setting on the transport
3079 overrides a setting on the director, so if the same transport is being
3080 used with several directors, you should set the user on it only if you
3081 want the same uid to be used in all cases.
3085 In the default configuration, the transports used for file and pipe
3086 deliveries are the ones called <TT>address_file</TT> and <TT>address_pipe</TT>. You
3087 can specify different transports by setting, for example,
3091 pipe_transport = special_pipe_transport</PRE>
3093 on the <B>aliasfile</B> director. Then you can set up <TT>special_pipe_transport</TT>
3097 special_pipe_transport:
3101 which will be used only for pipe deliveries from that one director.
3102 What you put for the ???? is up to you, and depends on the particular
3106 <A NAME="SEC117" HREF="FAQ.html#TOC117">Q0502</A>: Exim won't deliver to a host with no MX record.
3110 A0502: (A) Are you sure there really is no MX record? Sometimes a typo results
3111 in a malformed MX record in the zone file, in which case some nameservers
3112 give a SERVFAIL error rather than NXDOMAIN. Exim has to treat this as
3113 a temporary error, so it can't go on to look for an A record. You can
3114 check for this state using one of the DNS interrogation commands, such
3119 (B) Is there a wildcard MX record for <EM>your</EM> domain? Is the
3120 <TT>search_parents</TT> option on in your <B>lookuphost</B> router? (Prior to Exim
3121 version 1.80 this was the default; it was changed because of this
3122 problem.) If the answer to both these questions is "yes", then that is
3123 the cause of the problem. When the DNS resolver fails to find the MX
3124 record, it tries adding on your domain if <TT>search_parents</TT> is true, and
3125 thereby finds your wildcard MX record. For example:
3129 . There is a wildcard MX record for <B>*.a.b.c.</B>
3133 . There is a host called <B>x.y.z</B> that has an A record and no MX record.
3137 . Somebody on a machine <B>m.a.b.c</B> domain tries to mail to <B><B>user@x.y.z.</B></B>
3141 . Exim calls the DNS to look for an MX record for <B>x.y.z.</B>
3145 . The DNS doesn't find any MX record. Because <TT>search_parents</TT> is true,
3146 it then tries searching the current host's parent domain, so it
3147 looks for <B>x.y.z.a.b.c</B> and picks up the wildcard MX record.
3151 Setting <TT>search_parents</TT> false makes this case work while retaining the
3152 wildcard MX record. However, anybody on the machine <B>m.a.b.c</B> who mails to
3153 <B><B>user@n.a</B></B> (expecting it to go to <B><B>user@n.a.b.c</B>)</B> now has a problem. The
3154 <TT>widen_domains</TT> option of the <B>lookuphost</B> router may be helpful in this
3158 <A NAME="SEC118" HREF="FAQ.html#TOC118">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
3159 system for a domain on a dial-up host?
3164 <A HREF="FAQ.html#SEC220">Q1402</A>.
3167 <A NAME="SEC119" HREF="FAQ.html#TOC119">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
3168 also to generate a message to the envelope sender.
3172 A0504: If the domain is a local one, you can do this with an "unseen" <B>smartuser</B>
3173 director and an autoreply transport, along the following lines:
3180 file = /usr/local/mail/warning.txt
3182 from = postmaster@your.domain
3183 to = $sender_address
3185 subject = "Re: Your mail to ${local_part}@${domain}"</PRE>
3190 domains = <domains you want to do this for>
3191 condition = ${if eq{$sender_address}{}{no}{yes}}
3192 transport = warning_t
3196 Note the use of the <TT>condition</TT> option to avoid attempting to send a
3197 message when there is no sender (that is, when the incoming message is a
3198 delivery error report). You can of course extend this to include other
3199 conditions. If you want to log the sending of messages, you can add
3203 log = /some/file</PRE>
3205 to the transport and also make use of the "once" option if you want to
3206 send only one message to each sender.
3209 <A NAME="SEC120" HREF="FAQ.html#TOC120">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
3210 delivery. This seems to happen when it is about to contact a remote
3211 host or when a delivery is deferred.
3215 A0505: This could be a problem with Exim's databases. Check that your DBM
3216 library is correctly installed. In particular, if you have installed a
3217 second DBM library onto a system that already had one, check that its
3218 version of <B>ndbm.h</B> is being seen first. For example, if the new version
3219 is in <B>/usr/local/include</B>, check that there isn't another version in
3220 <B>/usr/include</B>. If you are using Berkeley db, you can set <TT>USE_DB=yes</TT> in
3221 your <B>Local/Makefile</B> to avoid using <B>ndbm.h</B> altogether. This is
3222 particularly relevant for version 2 of Berkeley db, because no <B>ndbm.h</B>
3223 file is distributed with it.
3226 <A NAME="SEC121" HREF="FAQ.html#TOC121">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
3227 error for the <B>.forward</B> file, like this:
3231 1998-08-10 16:55:32 0z5y2W-0000B8-00 == xxxx@yyy.zzz <xxxx@yyy.zz>
3232 D=userforward defer (-1): failed to open /home/xxxx/.forward
3233 (userforward director): Permission denied (euid=1234 egid=101)</PRE>
3235 A0506: Have you remembered to make Exim setuid root?
3238 <A NAME="SEC122" HREF="FAQ.html#TOC122">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
3243 A0507: Most people set up root as an alias for the manager of the machine. If
3244 you haven't done this, Exim will attempt to deliver to root as if it
3245 were a normal user. This isn't really a good idea because the delivery
3246 process would run as root. Exim has a trigger guard in the option
3250 never_users = root</PRE>
3252 in the default configuration file. This prevents it from running as root
3253 when doing any local deliveries. If you really want to run local
3254 deliveries as root, remove this line, but it would be better to create
3255 an alias for root instead.
3258 <A NAME="SEC123" HREF="FAQ.html#TOC123">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
3259 undeliverable, spammer senders) from clogging up the queue for days?
3263 A0508: Set <TT>ignore_errmsg_errors</TT> to drop them immediately, or set <TT>ignore_errmsg_</TT>
3264 <TT>errors_after</TT> to specify a (short) time to keep them for. I use 12h so
3265 that I notice them, but they go away relatively quickly.
3268 <A NAME="SEC124" HREF="FAQ.html#TOC124">Q0509</A>: How can mails that are being routed through directors other than
3269 localuser be delivered under the uid of the recipient?
3274 <A HREF="FAQ.html#SEC116">A0501</A> contains background information on this. If you are using, say, an
3275 alias file to direct messages to specific mailboxes, then you can use
3276 the "user" option on either the <B>aliasfile</B> director or the appendfile
3277 transport to set the uid. What you put in the setting depends on how
3278 the required uid is to be found. It could be looked up in a file or
3279 computed somehow from the local part, for example.
3282 <A NAME="SEC125" HREF="FAQ.html#TOC125">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
3283 ctrl-A characters that separate indvidual emails?
3287 A0510: Set the suffix option in the appendfile transport. In fact, for MMDF
3288 mailboxes you need a prefix as well as a suffix to get it working right,
3289 so your transport should contain these settings:
3293 prefix = "\1\1\1\1\n"
3294 suffix = "\1\1\1\1\n"</PRE>
3296 Also, you need to change the <TT>check_string</TT> and <TT>escape_string</TT> settings so
3297 that the escaping happens for lines in the message that happen to begin
3298 with the MMDF prefix or suffix string, rather than "From" (the default):
3302 check_string = "\1\1\1\1\n"
3303 escape_string = "\1\1\1\1 \n"</PRE>
3305 Adding a space to the line is sufficient to prevent it being taken as a
3309 <A NAME="SEC126" HREF="FAQ.html#TOC126">Q0511</A>: I have an ISDN connection and would like a way of running the queue
3310 automatically when it is up.
3314 A0511: The following shell commands test for the interface being up and then
3319 ifconfig ppp0 | fgrep UP >/dev/null
3320 if [ $? -eq 0 ] ; then exim -q ; fi</PRE>
3322 You could put these commands into a script which runs them at regular
3323 intervals. You might want to use <B>-qq</B> instead of <B><B>-q.</B></B>
3327 With Linux, the script <B>/etc/ppp/ip-up</B> is run after a ISDN connection
3328 or a more general PPP connection has been established. If you are using
3329 Linux, you could put the call to exim in that script.
3332 <A NAME="SEC127" HREF="FAQ.html#TOC127">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
3333 that the mail bounces to the sender and is NOT stored in the mail queue?
3337 A0512: In the retry section of the configuration, put
3341 *@your.dom.ain quota</PRE>
3343 That is, provide no retry timings for over quota errors. They will then
3344 bounce immediately. Alternatively, you can set up retries for a short
3345 time only, or use something like this:
3349 *@your.dom.ain quota_7d
3350 *@your.dom.ain quota F,2h,15m; F,3d,1h</PRE>
3352 which bounces immediately if the user's mailbox hasn't been read for 7
3353 days, but otherwise tries for up to 3 days after the first quota
3357 <A NAME="SEC128" HREF="FAQ.html#TOC128">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
3358 <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
3359 message bodies started to vanish.
3363 A0513: You need to unset the prefix option (or change it so that its default
3364 \n terminator becomes \r\n). For example, the transport could be:
3370 command = "/usr/local/bin/tmail ${local_part}"
3372 current_directory = /
3376 The reason for this is as follows: tmail uses the line terminator on
3377 the first line it sees to determine whether lines are terminated by
3378 \r\n or \n. If the latter, it moans to stderr and changes subsequent
3379 \n terminators to \r\n. The default setting of the prefix option is
3380 "From ...\n", and this is unaffected by the <TT>use_crlf</TT> option. If you
3381 don't change this, tmail sees the first line terminated by \n and
3382 prepends \r to the \n terminator on all subsequent lines. However, if
3383 <TT>use_crlf</TT> is set, Exim makes all other lines \r\n terminated leading to
3384 doubled \r\r\n lines and corrupt mbx mailboxes.
3387 <A NAME="SEC129" HREF="FAQ.html#TOC129">Q0514</A>: What does the message "Unable to get root to set uid and gid
3388 for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
3392 A0514: Have you remembered to make Exim setuid root? It needs root privilege if
3393 it is to do any local deliveries, because it does them "as the user".
3396 <A NAME="SEC130" HREF="FAQ.html#TOC130">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
3397 is gone. Any idea how to get it back?
3401 A0515: Read paragraph 1 of the 1.92 information in <B>README.UPDATING.</B> Add
3402 <TT>envelope_to_add</TT> to your transports for your virtual domains. You may
3403 also want to set <TT>return_path_add</TT> and <TT>delivery_date_add</TT>.
3406 <A NAME="SEC131" HREF="FAQ.html#TOC131">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
3407 without logging any deliveries. What's going on?
3411 A0516: This is unlikely in current versions of Exim, because more logging
3412 has been added. In versions before 2.053, one scenario is that the
3413 message was addressed to some user who has set up an Exim filter
3414 containing the command "seen finish", which discards a message without
3415 doing any deliveries. (In current versions of Exim this is logged as
3416 "discarded".) More information can be obtained by setting
3420 log_received_recipients</PRE>
3422 so that next time you can see to whom it is addressed. Another
3423 possibility, prior to version 2.053, was that the message was injected
3424 using the <B>-t</B> option, but all the addresses in the message were also on
3425 the command line. See
3426 <A HREF="FAQ.html#SEC245">A5020</A> for more detail. Current versions of Exim
3427 generate a bounce message in this case.
3430 <A NAME="SEC132" HREF="FAQ.html#TOC132">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
3431 sending options, then I get an error message from Exim... something
3432 like "not supported". Can I activate delivery confirmations?
3436 A0517: Exim does not support any kind of delivery notification.
3440 (A) You can configure it to recognize headers such as
3441 "Return-receipt-to:" if you wish.
3445 (B) Some people want MSN (message status notification). Such services
3446 are implemented in MUAs, and don't impact on the MTA at all.
3450 (C) I investigated the RFCs which describe the DSN (delivery status
3451 notification) system, and there is even a bit of code in there (excluded
3452 by #ifdef) for handling some of the data. However, I was unable to
3453 specify any sensible way of actually doing anything with the data. There
3454 were comments on the mailing list at the time; many people, including
3455 me, conclude that DSN is in practice unworkable. The killer problem is
3456 with forwarding and aliasing. Do you propagate the DSN data with the
3457 generated addresses? Do you send back a "reached end of the DSN world"
3458 or "expanded" message? Do you do this differently for different kinds of
3459 aliasing/forwarding? For a user who has a <B>.forward</B> file with a single
3460 address in, this might seem easy - just propagate the data. But what if
3461 there are several forwardings? If you propagate the DSN data, the sender
3462 may get back several DSN messages - and should the sender really know
3463 about the detail of the receiver's forwarding arrangements? There isn't
3464 really any way to distinguish between a <B>.forward</B> file that is forwarding
3465 and one that is a mini mailing list. And so on, and so on. There are so
3466 many questions that don't have obvious answers.
3469 <A NAME="SEC133" HREF="FAQ.html#TOC133">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
3470 get delivered immediately; the remainder just sit on the queue until a
3471 queue runner process finds them.
3475 A0518: Your ISP is delivering all the messages in a single SMTP session. Exim
3476 limits the number of immediate delivery processes it will create as a
3477 result of a single SMTP connection, in order to avoid creating a zillion
3478 processes on systems that can have many incoming connections. In your
3479 situation, you should probably set <TT>smtp_accept_queue_per_connection</TT> to
3480 some number larger than 10.
3483 <A NAME="SEC134" HREF="FAQ.html#TOC134">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
3484 that they have no sender. The SMTP trace does indeed show that the
3485 sender address is "<>". Why is the Sender on the bounce message empty?
3489 A0519: Because the RFCs say it must be. Your ISP is at fault. Send them this
3490 extract from RFC 1123 section 5.3.3 ("Reliable Mail Receipt"):
3494 If there is a delivery failure after acceptance of a message,
3495 the receiver-SMTP MUST formulate and mail a notification
3496 message. This notification MUST be sent using a null ("<>")
3497 reverse path in the envelope; see Section 3.6 of RFC-821. The
3498 recipient of this notification SHOULD be the address from the
3499 envelope return path (or the Return-Path: line). However, if
3500 this address is null ("<>"), the receiver-SMTP MUST NOT send a
3501 notification. If the address is an explicit source route, it
3502 SHOULD be stripped down to its final hop.
3505 <A NAME="SEC135" HREF="FAQ.html#TOC135">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
3506 mean? Why won't Exim try to deliver the message?
3510 A0520: That is not an error. It means exactly what it says. A previous attempt
3511 to deliver to that address failed with a temporary error, and Exim
3512 computed the earliest time at which to try again. This can apply to
3513 local as well as to remote deliveries. For remote deliveries, each host
3514 (if there are several) has its own retry time.
3518 Some MTAs have a retrying schedule for each message. Exim does not work
3519 like this. Retry timing is normally host-based for remote domains and
3520 address-based for local domains. (There are some exceptions for certain
3521 kinds of remote failure - see "Errors in outgoing SMTP" in the manual.)
3525 If a new message arrives for a failing address and the retry time has
3526 not yet arrived, Exim will log "retry time not reached" and leave the
3527 message on the queue, without attempting delivery. Similarly, if a queue
3528 runner notices the message before the time to retry has arrived, it
3529 writes the same log entry. When the retry time has past, Exim attempts
3530 delivery at the next queue run. If you want to know when that will be,
3531 run the exinext utility on the address, for example:
3535 exinext user@some.domain</PRE>
3537 You can suppress these messages on the log by setting <TT>log_level</TT> to a
3538 value that is less than 5. You can force a delivery attempt on a
3539 specific message (overriding the retry time) by means of the <B>-M</B> option:
3543 exim -M 10hCET-0000Bf-00</PRE>
3545 If you want to do this for the entire queue, use the <B>-qf</B> option. See
3547 <A HREF="FAQ.html#SEC148">Q0533</A>.
3550 <A NAME="SEC136" HREF="FAQ.html#TOC136">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
3551 mail queued for that host, no matter what domain it's for, to be
3552 dequeued. Why doesn't Exim support this?
3556 A0521: Exim does not keep queues of mail for specific destinations. It just
3557 keeps one pool of undelivered messages. What is more, once you start a
3558 delivery of a message, it tries to deliver to <EM>all</EM> the addresses in the
3559 message, not just the one you may be interested in. (Of course, this
3560 doesn't usually do any harm.)
3564 The only way it could be done within Exim would be, for <EM>every</EM> message
3565 on the queue, to go through the motions of routing each undelivered
3566 address and see if that resulted in a delivery to the host of interest.
3567 This could be extremely expensive (e.g. 1,000 messages on the queue,
3568 only 1 for the given host).
3572 The bottom line is that Exim just wasn't designed for this kind of
3573 operation, that is, holding messages for intermittently connected hosts.
3574 The queueing arrangements are designed for handling delivery problems
3575 that are not expected to be common.
3579 A better way to do this is to implement the required queues separately.
3580 After all, keeping such mail on an "active" queue (where Exim will keep
3581 trying to deliver) is silly. If there is a lot of mail for these hosts,
3582 it also masks genuine delivery problems when you inspect the queue.
3586 Large ISPs who provide this kind of functionality do not usually leave
3587 waiting mail on the MTA's queue. Instead, they get it delivered into
3588 per-host directories, one message per file, in one of the special
3589 formats (BSMTP, maildir, or mailstore) and when an ETRN arrives, it
3590 kicks off some completely different program that establishes an SMTP
3591 connection to the host and shovels the waiting mail down it. That seems
3592 to me to be a much neater way of doing this. It means you can easily add
3593 additional functionality such as archiving or throwing away uncollected
3594 mail. One program that has this functionality is "ssmtp", which can be
3595 found in <B><A HREF="ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.">ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.</A></B>
3598 <A NAME="SEC137" HREF="FAQ.html#TOC137">Q0522</A>: If email has been deferred to a member on a local mailing list
3599 (implemented through forward files), and one of our ETRN clients is on
3600 this mailing list, the <B>-R</B> won't "flush" the mailing list message for
3605 A0522: That is because <B>-R</B> matches only original recipient addresses, not those
3606 produced as a result of expansion, because these are not (by default)
3607 preserved from delivery to delivery. You can get round this by setting
3608 <TT>one_time</TT> on the <B>forwardfile</B> director, but you are not allowed to have
3609 expansions to pipes or files on directors that have <TT>one_time</TT> set.
3610 Therefore, you will have to have a separate director for mailing lists
3611 (with <TT>one_time</TT> set) to the one used for normal forward files that might
3612 specify pipe or file deliveries. However, the problem will then still be
3613 present for any user who sets up a <B>.forward</B> file to redirect to any of
3614 the ETRN domains. See the last 3 paragraphs of
3615 <A HREF="FAQ.html#SEC136">A0521</A> for a discussion of
3616 an alternative approach.
3619 <A NAME="SEC138" HREF="FAQ.html#TOC138">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
3620 although there is a difference in capitalization of the local part of
3625 A0523: That is correct. The RFCs are explicit in stating that capitalization
3626 matters for local parts. For remote domains, Exim is not entitled to
3627 assume case independence of local parts. I know, it is utterly silly,
3628 and it causes a lot of grief, but that's what the rules say. Here is a
3629 quote from the draft of the forthcoming revision to RFC 821:
3633 ... a command verb, an argument value other than a mailbox
3634 local-part, and free form text MAY be encoded in upper case,
3635 lower case, or any mixture of upper and lower case with no impact
3636 on its meaning. This is NOT true of a mailbox local-part. The
3637 local-part of a mailbox MUST BE treated as case sensitive.
3638 Therefore, SMTP implementations MUST take care to preserve the
3639 case of mailbox local-parts. Mailbox domains are not case
3640 sensitive. However, exploiting the case sensitivity of mailbox
3641 local-parts impedes interoperability and is discouraged.
3644 <A NAME="SEC139" HREF="FAQ.html#TOC139">Q0524</A>: How can I force the next retry time for a host to be now?
3648 A0524: (A) You can force a particular message to be delivered with the <B>-M</B>
3649 command line option. If it succeeds, the retry data will get cleared. If
3650 the host is past the cutoff time, so that messages are bouncing
3651 immediately without trying a delivery, you can use <B>-odq</B> to put a message
3652 on the queue without a delivery attempt, and then use <B>-M</B> on it.
3656 (B) You can change the retry time with the <TT>exim_fixdb</TT> utility, but its
3657 interface is very clumsy.
3660 <A NAME="SEC140" HREF="FAQ.html#TOC140">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
3661 alias but it doesn't work.
3665 A0525: That is a shell command line. Exim does not run pipe commands under a
3666 shell by default (for added security - and it saves a process). You
3671 "|/bin/sh -c '/bin/grep Subject|/usr/bin/smbclient -M <netbiosname>'"</PRE>
3672 <A NAME="SEC141" HREF="FAQ.html#TOC141">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
3677 A0526: Actually, it adds a line starting with "From", because that is the
3678 default of the "prefix" option (/usr/ucb/vacation needs it, and that is
3679 the most common use of piping). If you don't want it, change the setting
3683 <A NAME="SEC142" HREF="FAQ.html#TOC142">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
3684 <B>"sem@chat.ru</B> cannot be resolved at this time" Exim isn't using them.
3688 A0527: <TT>fallback_hosts</TT> only works if an attempt at delivery to the original
3689 host(s) fails. In this case, Exim couldn't even resolve the domain
3690 <B>chat.ru</B> to discover what the original hosts were, so it never got as far
3691 as the transport. However, see
3692 <A HREF="FAQ.html#SEC73">Q0322</A> for a possible solution.
3695 <A NAME="SEC143" HREF="FAQ.html#TOC143">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
3696 These are forced down Exim's throat in one go. Exim spawns a lot of
3697 kids, but is there some limit to the number of processes it creates?
3701 A0528: Unless you have changed <TT>smtp_accept_queue_per_connection</TT> (introduced at
3702 release 2.03) it should only spawn that many processes per connection
3703 (default 10). Your ISP may be making many connections, of course. That
3704 is limited by <TT>smtp_accept_max</TT>.
3707 <A NAME="SEC144" HREF="FAQ.html#TOC144">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
3708 exceeded' and removed <EM>all</EM> messages in the queue to this host - even
3709 recent messages. How I can avoid this behaviour? I only want to remove
3710 messages that have exceeded the maximum retry time.
3714 A0529: Exim's retrying is host-based rather than message-based. The philosophy
3715 is that if a host has been down for a very long time, there is no point
3716 in keeping messages hanging around. However, you might like to check
3717 out <TT>delay_after_cutoff</TT> in the smtp transport. It doesn't do what you
3718 want, but it might help.
3721 <A NAME="SEC145" HREF="FAQ.html#TOC145">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
3725 A0530: You could include something like
3729 headers_remove = "content-length"
3730 headers_add = "Content-Length: $message_body_size"</PRE>
3732 to the appendfile transport. However, the use of Content-Length: can
3733 cause several problems, and is not recommended unless you really know
3734 what you are doing. There is a discussion of the problems in
3738 <B><A HREF="http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html">http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html</A></B>
3741 <A NAME="SEC146" HREF="FAQ.html#TOC146">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
3742 the retry rules specify longer times after a while, because it is
3743 writing a log entry every time, like this:
3747 1999-08-26 14:51:19 11IVsE-000MuP-00 == example@example.com T=smtp defer
3748 (-34): some host address lookups failed and retry time not reached for
3749 other hosts or connection limit reached</PRE>
3751 A0531: It is <EM>looking</EM> at the message every 10 minutes, but it isn't actually
3752 trying to deliver. It's looking up <B>example.com</B> in the DNS and finding
3757 example.com. MX 10 example-com.isp.example.com.
3758 example.com. MX 0 mail.example.com.
3759 mail.example.com. A 202.77.183.45
3760 A lookup for example-com.isp.example.com. yielded NXDOMAIN</PRE>
3762 The last line means that there is no address (A) record in the DNS for
3763 <B>example-com.isp.example.com.</B> That accounts for "some host address
3764 lookups failed", but the retry time for <B>mail.example.com</B> hasn't been
3765 reached, which accounts for "retry time not reached for other hosts".
3768 <A NAME="SEC147" HREF="FAQ.html#TOC147">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
3769 the system that it is sending all mail to is down.
3773 A0532: Add to the <TT>remote_smtp</TT> transport the following:
3777 fallback_hosts = failover.server.name(s)</PRE>
3779 If there are several names, they must be separated by colons.
3782 <A NAME="SEC148" HREF="FAQ.html#TOC148">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
3783 No locks available", though the lock daemon is running on the NFS server
3784 and other hosts are able to access it.
3788 A0533: Check that you have lockd running on the NFS <EM>client</EM>. This is not
3789 always running by default on some systems (Red Hat is believed to be one
3793 <A NAME="SEC149" HREF="FAQ.html#TOC149">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
3794 the error "retry time not reached for any host after a long failure
3799 A0534: This message means that all hosts to which the message could be sent
3800 have been failing for so long that the end of the retry period
3801 (typically 4 or 5 days) has been reached. In this situation, Exim still
3802 computes a next time to retry, but any messages that arrive in the
3803 meantime are bounced straight away. You can alter this behaviour by
3804 unsetting the <TT>delay_after_cutoff</TT> option on the smtp transport. Then Exim
3805 will try most messages for those hosts once before giving up.
3808 <A NAME="SEC150" HREF="FAQ.html#TOC150">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
3809 but there was a bounce to the sender, sending him the output of procmail.
3810 How can I prevent this?
3814 A0535: Exim's default configuration is set up like this:
3822 The <TT>return_output</TT> option requests that <EM>any</EM> output that the pipe
3823 produces be returned to the sender. That is the safest default. If you
3824 don't want this, you can either remove the option altogether, or change
3825 it to <TT>return_fail_output</TT>, to return output only if the command fails.
3826 Note that this will affect all pipes that users run, not just your
3827 procmail one. It might be better to arrange for procmail not to produce
3828 any output when it succeeds.
3831 <BR><H2><A NAME="SEC151" HREF="FAQ.html#TOC151">6. UUCP
3834 <A NAME="SEC152" HREF="FAQ.html#TOC152">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
3835 get it to pass the messages on to UUCP?
3839 A0601: There are several possibilities. One straightforward way is to set up
3840 a <B>domainlist</B> router which matches the UUCP domains and routes to a
3841 suitable transport. Sample configuration C003 is such a configuration,
3842 while C004 shows another way to do it, by defining the domains as local
3843 and using a <B>smartuser</B> director.
3847 If <EM>all</EM> the domains whose MX records point to the local host are either
3848 local domains or UUCP domains, you can do without the <B>domainlist</B> router
3849 altogether, by making use of the "self" option. This means that only the
3850 DNS has to be updated when a UUCP domain is added or removed.
3854 For example, this router routes to remote hosts over SMTP using a DNS
3855 lookup with default options, and fails for unknown domains (because of
3856 the <TT>no_more</TT> setting), but if the MX for a domain points at the local
3857 host, Exim continues on to the next router (self = <TT>fail_soft</TT> overrides
3866 self = fail_soft</PRE>
3868 The next router can just send everything to a suitable UUCP transport:
3874 transport = uux_transport
3875 route_list = "* $domain"</PRE>
3877 This assumes that the transport can determine the UUCP host name from
3881 <A NAME="SEC153" HREF="FAQ.html#TOC153">Q0602</A>: How can I get Exim to handle "bang path" addresses?
3885 A0602: In general, you can't (Exim is an Internet mailer and recognizes only
3886 RFC 822 addresses) but some restricted kinds of bang path can be dealt
3887 with by appropriate rewriting - but please note the warning below.
3891 Exim treats a bang path address as an unqualified local part, and so
3892 will qualify it with your domain. A rule such as
3896 ^([^!]+)!(.+)@your\.domain$ $2@$1</PRE>
3898 turns <B><B>a!b@your.domain</B></B> into <B><B>b@a.</B></B> You can also use a repeating rule to
3899 turn multi-component paths into the "percent hack" notation with a rule
3904 ^([^!]+)!([^@%]+)(.+)$ $2%$1$3 R</PRE>
3906 which turns <B>a!b@c</B> into <B>b%a@c</B> and <B>a!b!c@d</B> first into <B>b!c%a@d</B> and then,
3907 because of the R flag, into <B><B>c%b%a@d.</B></B> The R flag causes repetition up to
3912 See also sample configuration C002, which contains some more
3913 sophisticated rewriting rules.
3917 WARNING: If you install a general rewriting rule like the above, you are
3918 opening yourself up to the possibility of unwanted relaying. A host that
3919 is not permitted to relay through your system could send a message with
3920 an SMTP command line such as
3924 RCPT TO:<victim-host!victim-user@your.domain></PRE>
3926 and this would be accepted because it is addressed to your domain.
3927 However, the rewriting then converts the address, and the message does
3928 in fact get relayed. One way round this, if all your bang path messages
3929 are passed to Exim via SMTP, is to use the "S" rewriting flag. This
3930 applies a rewriting rule to incoming SMTP addresses as soon as they are
3931 received, before checking for qualification, relaying, etc. So a rule
3936 ^([^!]+)!(.+)$ $2@$1 S</PRE>
3938 rewrites simple two-component bang paths before the result is checked
3939 for relaying. However, this does not rewrite addresses in the headers of
3943 <A NAME="SEC154" HREF="FAQ.html#TOC154">Q0603</A>: We see something strange on our system in regards to mail comming in via
3944 rmail from a UUCP link. The sender is being set to mailmaster instead of
3945 the real sender, and a Sender: header is being added to the message.
3949 A0603: If mailmaster is the user that is running rmail, you need to include
3950 that user in the <TT>trusted_users</TT> configuration option. Only trusted users
3951 are permitted to specify senders when mail is passed to Exim via the
3955 <BR><H2><A NAME="SEC155" HREF="FAQ.html#TOC155">7. PERFORMANCE
3958 <A NAME="SEC156" HREF="FAQ.html#TOC156">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
3959 improve performance?
3963 A0701: There doesn't seem to be any significant performance hit using a flat
3964 queue on Solaris systems, so there is no need to do this for them. On
3965 the other hand, there is a known performance problem on Linux filing
3966 systems, where <TT>split_spool_directory</TT> can make a significant difference.
3967 ???? Other operating systems ????
3970 <A NAME="SEC157" HREF="FAQ.html#TOC157">Q0702</A>: How well does Exim scale?
3974 A0702: Although the author did not specifically set out to write a high-
3975 performance MTA, Exim does seem to be fairly efficient. The biggest
3976 server at the University of Cambridge (a large Sun box) goes over
3977 100,000 deliveries per day on busy days (it has over 20,000 users).
3978 There was a report of a mailing list exploder that sometimes handles
3979 over 100,000 deliveries a day on a big Linux box, the record being
3980 177,000 deliveries (791MB in total). Up to 13,000 deliveries an hour
3985 These are quotes from some Exim users:
3989 "... Canada's largest internet provider, uses Exim on all of our mail
3990 machines, and we're absolutely delighted with it. It brought life back
3991 into one of our machines plagued with backlogs and high load averages.
3992 Here's just an example of how much email our largest mail server
3993 (quad SS1000) is seeing ... " [230,911 deliveries in a day: 4,475MB]
3997 "... Exim has to ... do gethostbyname()s and RBL lookups on all of the
3998 incoming mail servers, and he runs from <B>inetd</B> (TCP Wrappers connected).
3999 All the same, it seems to me that he runs as fast as lightning on our
4000 SCO 5.0.4 box (1 Pentium 166) - far faster than MMDF which I (and many
4001 customers) had before."
4005 "On a PII 400 with 128M of RAM running Linux 2.2.5, I have achieved
4006 36656 messages per hour (outgoing unique messages and recipients). For
4007 about a 5 minute period, I was able to achieve an average of 30 messages
4008 per second (that would be 108000 m/hour)! We are using: (options that
4014 split_spool_directory
4017 remote_max_parallel 1</PRE>
4019 We have a cron job hat runs every five minutes that spawns 5 exim <B>-q</B> if
4020 there are less that 120 exim processes currently running. We found
4021 that by "manually" controlling the concurrency of exim <B>-q</B> processes
4022 contending for the spool for <TT>remote_smtp</TT> delivery that we gained
4023 considerable performance <B>--</B> 10000 m/hour."
4026 <A NAME="SEC158" HREF="FAQ.html#TOC158">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
4027 delivery to speed things up?
4031 A0703: Yes. You don't have to use the password file at all. See sample
4032 configuration C009 for some suggestions. (It shows lsearch lookups, but
4033 these could equally be DBM or cdb or NIS or LDAP lookups.)
4036 <BR><H2><A NAME="SEC159" HREF="FAQ.html#TOC159">8. POLICY CONTROLS
4039 <A NAME="SEC160" HREF="FAQ.html#TOC160">Q0801</A>: How do I block unwanted messages from outside my host?
4043 A0801: There are several different options that can be used to block incoming
4044 SMTP messages according to different criteria. The following are the
4049 (A) Set <TT>sender_verify</TT>; this causes rejection of any message whose
4050 envelope sender cannot be successfully routed. This is mainly a
4051 check on the existence of remote domains, though it the domain is a
4052 local one, the local part also gets checked. Unfortunately, error
4053 mesages do not have envelope sender addresses, so cannot be checked
4054 in this way. See the <TT>headers_sender_verify</TT> options for ways of
4055 checking header addresses.
4059 (B) If you want to block all mail from specific hosts or IP networks,
4060 set <TT>host_reject_recipients</TT>. The <TT>_recipients</TT> form of the option is
4061 more likely to prevent the remote hosts from keeping on trying. For
4066 host_reject_recipients = 209.12.111.0/24</PRE>
4068 If you have many such blocks, they can be put in a file which is
4069 named in the option. If you have a mixture of IP addresses and names
4070 in your list, it is best to put the addresses first, because they
4071 can be checked without the need for a DNS lookup.
4075 (C) If you want to block mail from specific envelope sender addresses,
4076 one convenient way is to organize a file of local parts indexed by
4077 domain names, for example
4081 x.y.z creditrepair:^betterlovelife[0-9]+$:...
4084 This would block <B><B>creditrepair@x.y.z</B>,</B> any local part starting with
4085 <B>betterlovelife</B> and ending with digits in the <B>x.y.z</B> domain, and
4086 all addresses in the <B>p.q.r</B> domain. You refer to the file in the Exim
4087 configuration as follows:
4091 sender_reject_recipients = @@lsearch*;/name/of/the/file</PRE>
4093 If the file is big, you can convert it into a DBM or cdb file and
4094 use a faster lookup method. The asterisk on the end of the search
4095 type causes a lookup for "*" if the domain is not found; that is, it
4096 permits a default list of local parts that are blocked at any
4097 domain that is not specifically listed. If you use this, you
4098 probably also want to end each local part list with ">*" (except
4099 those that consist of "*"). This causes Exim to check the default
4100 list of local parts if none of the specific ones for a domain are
4101 matched. So, the file above could become
4105 * yourfriend:a.friend:...
4106 x.y.z creditrepair:^betterlovelife[0-9]+$:>*
4109 If you are using an lsearch file, putting the * entry first saves a
4114 (D) If you want to allow mail to postmaster through the blocks, you can
4119 recipients_reject_except = postmaster@your.domain</PRE>
4121 This overrides any of the policy controls that cause rejection by
4125 <A NAME="SEC161" HREF="FAQ.html#TOC161">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
4126 before deciding whether to deliver it or not?
4130 A0802: This can be done by using a system filter. See the sample configuration
4134 <A NAME="SEC162" HREF="FAQ.html#TOC162">Q0803</A>: How can I test that my spam blocks are working?
4138 A0803: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
4139 given IP address. For example,
4143 exim -bh 192.203.178.39</PRE>
4145 In addition to the normal SMTP replies, it outputs commentary about
4146 which tests have succeeded or failed.
4149 <A NAME="SEC163" HREF="FAQ.html#TOC163">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
4150 Blocking List (RBL)?
4154 A0804: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
4155 given address. You need to know a blocked IP address with which to test.
4156 Such a testing address is kindly provided by Russell Nelson:
4160 linux.crynwr.com [192.203.178.39]</PRE>
4162 You can also send mail to <B><B>nelson@linux.crynwr.com</B></B> from the server
4163 whose RBL block you are testing. The robot that receives that email
4164 will attempt to send a piece of test email in reply. If your RBL block
4165 didn't work, you get a message to that effect. Regardless of whether the
4166 RBL block succeeds or not it emails you the results of the SMTP
4167 conversation from a host that is not on the RBL, so you can see how your
4168 server looks from the view of someone on the RBL.
4171 <A NAME="SEC164" HREF="FAQ.html#TOC164">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
4175 A0805: Exim's own control facilities can do all that <B>tcpwrappers</B> can do.
4176 However, if you are already using <B>tcpwrappers</B> for other things it might
4177 be convenient to include Exim controls in the same place.
4181 First of all, ensure that Exim is built to call the <B>tcpwrappers</B> library,
4182 by including <TT>USE_TCPWRAPPERS=yes</TT> in <B>Local/Makefile</B>. You also need to
4183 ensure that the header file <B>tcpd.h</B> is available at compile time, and the
4184 <B>libwrap.a</B> library is available at link time, typically by including it in
4185 <TT>EXTRALIBS</TT>. You may need to copy these two files from the <B>tcpwrappers</B>
4186 build directory to, for example, <B>/usr/local/include</B> and <B>/usr/local/lib</B>,
4187 respectively. Then you could reference them by
4191 CFLAGS=-I/usr/local/include
4192 EXTRALIBS=-L/usr/local/lib -lwrap</PRE>
4194 in <B>Local/Makefile</B>. There are two ways to make use of the functionality,
4195 depending on how you have <B>tcpwrappers</B> set up. If you have it set up to
4196 use only one file, you ought to have something like:
4200 /etc/hosts.allow:</PRE>
4202 exim : <client_list> : <allow_or_deny></PRE>
4208 exim : LOCAL 192.168.0. .friendly.domain special.host : ALLOW
4209 exim : ALL : DENY</PRE>
4211 This allows connections from local hosts (chiefly `localhost'), from
4212 the subnet 192.168.0.0/24, from all hosts in <B>*.friendly.domain,</B> and
4213 from a specific host called <B>special.host.</B> All other connections are
4214 denied. If you have <B>tcpwrappers</B> set up to use two files, use the
4219 /etc/hosts.allow:</PRE>
4221 exim : <client_list></PRE>
4223 /etc/hosts.deny:</PRE>
4225 exim : <client_list></PRE>
4227 Read the <TT>hosts_access(5)</TT> man page for more ways of specifying clients,
4228 including ports, <B>etc.,</B> and on logging connections.
4231 <A NAME="SEC165" HREF="FAQ.html#TOC165">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
4235 A0806: See <B><A HREF="http://cc.ysu.edu/~doug/exim-pop.tar.Z">http://cc.ysu.edu/~doug/exim-pop.tar.Z</A></B> which has some scripts for
4236 this, courtesy of Doug S <B><B><doug@cc.ysu.edu</B>>.</B>
4239 <A NAME="SEC166" HREF="FAQ.html#TOC166">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
4240 the remote machine is quite persistent, and keeps trying over and over.
4244 A0807: It is an unfortunate fact that a number of SMTP clients, in violation of
4245 the SMTP RFC, do not treat a permanent error code that is given after
4246 the MAIL FROM command or the DATA portion of the transaction as a
4247 permanent error. Consequently they keep resending the message. Failing
4248 checks on a message's headers (the <TT>headers_</TT>... options) necessarily
4249 result in an error code after the data has been received.
4252 <A NAME="SEC167" HREF="FAQ.html#TOC167">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
4253 is <>" in the reject log. Isn't <> a valid return path for error
4258 A0808: It is indeed valid. The complaint here is about the contents of the
4259 message's headers, not the return path. This message has been reworded
4260 in later versions of Exim. You must have set the <TT>headers_sender_verify</TT>
4261 option. Check the From:, Reply-to: and Sender: headers that were logged
4262 with the error. You can use Exim's <B>-bv</B> option to find out why
4263 verification of those addresses failed.
4266 <A NAME="SEC168" HREF="FAQ.html#TOC168">Q0809</A>: Let's say that we want to run a mail server that does not care if you
4267 have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
4268 config file, Exim will always reject connections from such hosts. How
4269 can this be avoided?
4273 A0809: This is true only if you have wild-carded host names in <TT>host_reject</TT>.
4274 For complete host names, Exim uses a DNS forward lookup to obtain an IP
4275 address to compare. If you are using wild cards of any sort, put
4276 <TT>+allow_unknown</TT> as an item in your host list, for example:
4280 host_reject = +allow_unknown : *.def.zz : *.stu.yy</PRE>
4282 This will allow any host without reverse DNS to bypass the checks. Note
4283 that it means that the owner of <B>abc.def.zz</B> (for example) can trivially
4284 get round your block simply by deleting the PTR record for <B>abc.def.zz.</B>
4285 If you use +warn_unknown instead of <TT>+allow_unknown</TT>, the action is the
4286 same, but every time the exception is invoked, it is logged.
4289 <A NAME="SEC169" HREF="FAQ.html#TOC169">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
4293 A0810: Check out the <TT>rbl_hosts</TT> option.
4296 <A NAME="SEC170" HREF="FAQ.html#TOC170">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
4297 reject mail by matching regular expressions?
4301 A0811: You must either put the regular expressions directly in the option
4302 setting, or in a file that is referenced by a plain file name, or use
4303 an @@ type of search. If the regular expressions match the domain as
4304 well as the local part, then the first two approaches are the only
4305 possible ones. For example:
4309 sender_reject_recipients = ^.*\.spam\.com$ : ^.*@[0-9]+\.com$</PRE>
4315 sender_reject_recipients = /some/file</PRE>
4317 Each line of the file is treated as if it were an entry in the list, and
4318 must begin with ^ if it is a regular expression. No keys are involved
4319 because this is not a lookup,
4323 If you are using version 2.10 or later, the first of those regular
4324 expressions can be rewritten to execute much more efficiently by
4325 using lookbehinds and once-only subpatterns:
4329 sender_reject_recipients = ^(?>.*$)(?<=\.spam\.com)</PRE>
4331 See the manual section entitled "Address lists" for a description of the
4332 @@ type of split domain/local part lookup. See also
4333 <A HREF="FAQ.html#SEC160">Q0801</A>.
4336 <A NAME="SEC171" HREF="FAQ.html#TOC171">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
4337 some uppercase letters in them seem to come through.
4341 A0812: This should no longer be the case from release 3.00 onwards. Although
4342 host and domain names are case-insensitive, the RFCs about mail specify
4343 that local parts are case sensitive. When earlier versions of Exim
4344 looked up a sender address in <TT>sender_reject_recipients</TT>, they did so
4345 using the caseful form, in order to be compliant with the mail RFCs.
4346 (In principle, <B>user@domain</B> and <B>USER@domain</B> might be different
4347 people. Silly, I know, but that's the rule. It has caused a lot of
4348 grief.) However, RFC 2305 (Anti-Spam Recommendations for SMTP MTAs)
4349 recommends that address checking in blocking lists should be done
4350 caselessly, so Exim now does this by default.
4353 <A NAME="SEC172" HREF="FAQ.html#TOC172">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
4354 There doesn't seem to be an option for verification exceptions, so how
4359 A0813: Set up a special director or router to ensure that those addresses do
4360 verify, using <TT>verify_only</TT> and <TT>verify_sender</TT> so that it is not used
4361 during delivery or recipient verification. For example, here is a router
4362 which verifies the address <B><B>root@somedomain.com</B>:</B>
4370 domains = some.domain.com
4372 route_list = *</PRE>
4373 <A NAME="SEC173" HREF="FAQ.html#TOC173">Q0814</A>: We are being plagued by forged mail coming from a number of different
4374 hosts and sender addresses. The guy however leaves a fingerprint. The
4375 first received line always contains 'Received: from baby'. What is the
4376 best suggested way for eliminiating him from our systems?
4380 A0814: You cannot, unfortunately, prevent the message from getting into your
4381 system, because the message has to be read before you can inspect the
4382 Received: header. The best you can do is to install a system filter
4383 which junks any message containing such a header. Thus the sender still
4384 wastes bandwidth and your resources in transporting the message to you,
4385 but you just throw it away. A simple system filter that does this is
4390 if $h_Received: contains "from baby" then seen finish endif</PRE>
4391 <A NAME="SEC174" HREF="FAQ.html#TOC174">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
4396 A0815: (A) Did you remember to HUP or restart the Exim daemon after changing
4397 the configuration? You can get information as to what options Exim
4398 is checking by using the <B>-bh</B> option to test how it would handle mail
4399 from a specific host.
4403 (B) Have you used any wild-card host names in <TT>host_accept_relay</TT>? <B>E.g:</B>
4407 host_accept_relay = *.aaa.bbb</PRE>
4409 If so, the problem may be that the relevant hosts do not have
4410 reverse DNS entries for their IP addresses. In order to match a wild
4411 card name, Exim has to look up the calling host's name from its IP
4412 address, and if it cannot do so, it takes a hard line by default.
4413 Exim processes lists from left to right, and so will attempt a
4414 reverse DNS lookup at the first wild-carded entry it reaches. If you
4415 have IP addresses in your list, it is best to put them first for
4416 this reason. Suppose you had
4420 host_accept_relay = *.x.y : 10.9.8.7</PRE>
4422 Then when the host 10.9.8.7 connects, a reverse lookup will still
4423 be done, because the first check is against <B>*.x.y.</B> If the lookup
4424 fails, relaying is rejected. However, if the list were in the
4425 opposite order, the IP check would succeed, and no DNS lookup would
4427 <A HREF="FAQ.html#SEC168">Q0809</A>.
4430 <A NAME="SEC175" HREF="FAQ.html#TOC175">Q0816</A>: How can I run customized verification checks on incoming addresses?
4434 A0816: If you can implement your checks in Perl, then you can use Exim's
4435 facility for running an embedded Perl interpreter. For example, if you
4436 want to run special checks on local addresses, you could install this as
4437 your first director:
4443 condition = ${perl{verify}{$local_part}{$domain}}
4446 If you want this to be the only means of verification, you can set
4447 <TT>no_verify</TT> on all the other directors. Otherwise, if this director fails
4448 to verify, the address gets passed on to those that follow.
4452 The <TT>verify_sender</TT> and <TT>verify_recipient</TT> options can be used to restrict
4453 the director to sender or recipient verification only, and if necessary
4454 you could have two different directors, one for senders and one for
4459 If the result of the expansion of <TT>condition</TT> is not "no", "false" or
4460 "0", then address verification succeeds, because the director itself
4461 matches any address. The expansion of <TT>condition</TT> causes the Perl
4462 subroutine called "verify" to be run, with two arguments, the local part
4463 and the domain. The subroutine must be provided in Perl code that is
4464 referenced by the <TT>perl_startup</TT> option. See the chapter on embedded Perl
4469 Remote addresses can be handled in a similar way by using a <B>domainlist</B>
4470 router that matches all domains. See also
4471 <A HREF="FAQ.html#SEC172">Q0813</A>.
4475 Starting up a Perl interpreter is not cheap. On a busy system you should
4476 first make sure that there isn't some way of using Exim's own facilities
4477 for doing what you want before going down this road.
4480 <A NAME="SEC176" HREF="FAQ.html#TOC176">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
4481 sender of "<>" ?
4485 A0817: Yes, it does, because the RBL check happens immediately on connection,
4486 before any commands are passed, and so therefore before it even knows
4487 that the envelope sender is "<>".
4490 <A NAME="SEC177" HREF="FAQ.html#TOC177">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
4491 but with a user-defined message. I believe I have to use a director for
4496 A0818: You can do this using the <TT>prohibition_message</TT> mechanism (see the section
4497 entitled "Customizing prohibition messages" in the manual). This avoids
4498 having to use a director, and therefore doesn't require you to let the
4499 message into your host at all. Use something like this:
4503 prohibition_message = "\
4504 ${if eq {$prohibition_reason}{sender_reject_recipients}\
4505 {${lookup{$sender_address}lsearch{/some/file}{$value}}}{}}"</PRE>
4507 This example looks up a message that is specific to the sender, but you
4508 can of course tailor the message any way you like. Vertical bar is
4509 treated as a line separator in prohibition texts.
4512 <A NAME="SEC178" HREF="FAQ.html#TOC178">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
4513 message for each such combination.
4517 A0819: That needs a special director, using the "senders" option to predicate
4518 it on the sender, and a file of recipients to fail for each sender.
4519 Something like this:
4525 senders = sender@domain.com : *@otherdomain.com
4526 file = /blocked/${lc:$sender_address}
4527 search_type = lsearch</PRE>
4529 with the files containing lines like
4533 recipient: :fail: message</PRE>
4535 If you are handling multiple local domains, you may want to set
4536 <TT>include_domain</TT> so you can specify fully qualified addresses in the
4537 files. If the files get big, an indexed search type such as DBM or cdb
4542 If you want to block an entire domain from a specific sender, you could
4549 senders = dislikedsender@wherever
4551 search_type = lsearch*</PRE>
4553 with the file containing
4557 *: :fail: message</PRE>
4559 The message text supplied after :fail: is restricted to a single line.
4560 If you want to send several paragraphs of message, instead of using
4561 :fail: you could use the <B>aliasfile</B> to pipe the message off so some
4562 script which generates a long message and then gives a non-zero return
4563 code so that the message gets returned to the sender.
4567 In all of these cases you are in trouble if the sender address is bad,
4568 because the bounce message you generate will get stuck.
4571 <A NAME="SEC179" HREF="FAQ.html#TOC179">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
4572 external email to the list - and if a match is found file the offending
4573 message into a special location? Also is it possible to make exim only
4574 filter parts of an incoming email - e.g. ignore large MIME attachments
4575 for example and only process text/plain?
4579 A0820: You can do some of this in a system filter. For example:
4583 if $message_body matches <...some complicated regex...> or
4584 $message_body matches <...some other regex...> or
4585 $header_from: matches <...regex...> or
4588 save /some/special/file
4591 or instead of "save" you could have "deliver" (to some address) or
4592 "pipe" (to some script).
4596 There isn't any mechanism for ignoring attachments, but <B>$message_body</B>
4597 only looks at the first n bytes of the body, where n defaults to 500 but
4602 A more expensive alternative would be to run a Perl subroutine using the
4603 embedded Perl mechanism. If you passed over the message id, the Perl
4604 code could read the message files on the spool and implement any
4605 algorithm it liked for deciding what should be done.
4608 <A NAME="SEC180" HREF="FAQ.html#TOC180">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
4609 command, to check if a user has exceeded their email quota. If they have
4610 I issue a temporary failure and a message - can I do this with Exim?
4614 A0821: This could be done by arranging for a quota check to happen during the
4615 verification of the address after RCPT, but without hacking Exim you
4616 would have to use the embedded Perl facility to get it to run a Perl
4617 script to do the test.
4621 If the reason you want to do this is to avoid having messages for over-
4622 quota users sitting on your spool for many days, there is an
4623 alternative. In Exim you can set up special retry rules for quota
4624 excession (what we use is "if mailbox not read for 7 days, bounce
4625 immediately, otherwise try every hour for one day, then bounce").
4628 <A NAME="SEC181" HREF="FAQ.html#TOC181">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
4632 A0822: If the messages in question are coming in via SMTP, you can turn on
4633 <TT>receiver_verify</TT> (if you haven't already) and arrange for these addresses
4634 not to verify. For example, if they are not in your local domains, you
4635 could use a router like this:
4639 verify_check_specials:
4642 ${if eq {$local_part@$domain}{account@host.domain}{yes}{no}}"
4645 route_list = *</PRE>
4647 where of course you can extend the <TT>condition</TT> setting to use regular
4648 expressions, file lookups, Perl calls, or anything else that is
4649 available. The failure of the verification causes an error return to the
4650 SMTP RCPT command, so the messages never get into your system. For
4651 addresses in your local domains you could use a <B>smartuser</B> director in a
4652 similar fashion, but you could also use an alias file with :fail:
4657 If you are receiving such messages from the local host, then they are
4658 already in the system, and have to be failed locally as part of the
4659 delivery process. The :fail: mechanism is the simplest for local
4660 addresses. For remote addresses, one possibility would be to use a
4661 router with a <TT>condition</TT> setting to send such messages to an autoreply
4662 transport that sends back an error message to the sender. See also
4664 <A HREF="FAQ.html#SEC185">Q0826</A>.
4667 <A NAME="SEC182" HREF="FAQ.html#TOC182">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
4668 delivery. Can Exim do this?
4672 A0823: One way of achieving this is to deliver all messages via a pipe to a
4673 checking program that resubmits them for delivery in some private way
4674 that can be checked (e.g. on a specific SMTP port, or IP address). One
4675 possibility is to use the "received protocol" field that can be set
4676 for locally submitted mail via the <B>-oMr</B> command line option. This
4677 director sends all messages that are not from the local host and whose
4678 received protocol is not "scanned-ok" to the <TT>virus_scan</TT> transport:
4684 transport = virus_scan
4685 condition = "${if or {{eq {$received_protocol}{scanned-ok}} \
4686 {eq {$sender_host_address}{127.0.0.1}}}\
4689 A similar router could be used if you want to scan messages for remote
4690 addresses. One problem is that this approach scans the message for each
4691 recipient, not just once per message.
4695 The <TT>virus_scan</TT> transport should be set up to pipe the message to a
4696 suitable checking program or script which runs as a trusted user. This
4697 can then re-submit the message to Exim, using <B>-oMr</B> to set the received
4698 protocol to "scanned-ok", and the <B>-f</B> option to set the correct envelope
4702 <A NAME="SEC183" HREF="FAQ.html#TOC183">Q0824</A>: How can I accomplish this: a message sent from any host must either be
4703 sending to a domain in a list (a dbm file) or the sender's address
4704 domain must be in the list.
4708 A0824: First of all, set
4712 relay_domains = dbm;/the/dbm/file</PRE>
4714 This allows relaying from any host, provided that the recipient address
4715 matches one of the domains in the list. Then set
4719 host_accept_relay = *
4720 sender_address_relay = dbm;/the/dbm/file</PRE>
4722 This allows relaying from any host (because of the *) to any arbitrary
4723 domain, provided that the sender's address matches a domain in the list.
4727 WARNING: This setting makes it possible for your host to be used as an
4728 open relay by those unscrupulous enough to forge sender addresses. Your
4729 host may end up on one of the open relay blocking lists as a result.
4732 <A NAME="SEC184" HREF="FAQ.html#TOC184">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
4733 tries sending to an arbitrary domain, Exim rejects it.
4737 A0825: The safest way to control relaying arbitrary domains is by host, not
4738 by sender address. If you are able to specify the hosts which your users
4739 use, then set <TT>host_accept_relay</TT> to match them. You can then remove the
4740 setting of <TT>sender_address_relay</TT>, unless you also want to limit relaying
4741 to specific senders.
4745 If you want to permit relaying from specific senders on arbitrary hosts,
4746 you can set <TT>relay_match_host_or_sender</TT>. This requires that only one of
4747 the host or sender address be recognized, instead of both of them.
4751 WARNING: This setting makes it possible for your host to be used as an
4752 open relay by those unscrupulous enough to forge sender addresses. Your
4753 host may end up on one of the open relay blocking lists as a result.
4756 <A NAME="SEC185" HREF="FAQ.html#TOC185">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
4761 A0826: You have misunderstood the option. A setting like that rejects <EM>all</EM> the
4762 recipients of an incoming message with that <EM>sender</EM>. To reject a
4763 specific recipient in your own domain you can set up an alias like this:
4767 reject-me: :fail: mail for reject-me is not acceptable</PRE>
4769 If you want to reject a recipient that is not in a local domain, one
4770 approach is to set up a router to send the address to your directors,
4771 and then use an alias file to generate a :fail: message as above.
4772 Alternatively, you can use the verification mechanism: see
4773 <A HREF="FAQ.html#SEC181">Q0822</A>.
4776 <A NAME="SEC186" HREF="FAQ.html#TOC186">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
4780 A0827: Denying RCPT TO addresses is the job of verifying. You can set up
4781 directors and routers that are run only when verifying and not when
4782 delivering. This gives you a great deal of flexibility. See
4783 <A HREF="FAQ.html#SEC181">Q0822</A>.
4786 <A NAME="SEC187" HREF="FAQ.html#TOC187">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
4787 system filtering. What's wrong or what did I miss?
4791 A0828: A message may have many recipients. The system filter is run just once
4792 at the start of a delivery attempt. Consequently, it does not make sense
4793 to set <B><B>$local_part.</B></B> Which recipient should it be set to? However, you
4794 can access all the recipients from a system filter via the variable
4795 called <B><B>$recipients.</B></B>
4798 <A NAME="SEC188" HREF="FAQ.html#TOC188">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
4799 I do a string lookup if <B>$recipients</B> is a list of addresses?
4803 A0829: Check out section 25 of the filter document ("Testing a list of
4804 addresses"). If that doesn't help, you may have to resort to calling an
4805 embedded Perl interpreter - but that is expensive.
4808 <A NAME="SEC189" HREF="FAQ.html#TOC189">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
4812 A0830: No, only to certain domains. Use a configuration like this:
4817 local_domains = rejected.domain : <other local domains></PRE>
4819 with the first director as
4825 domains = rejected.domain
4828 <A NAME="SEC190" HREF="FAQ.html#TOC190">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
4829 sometimes after the MAIL command. What is the difference?
4833 A0831: The first time Exim encounters a particular bad sender, it rejects the
4834 message after the data has been received, so that it can log the
4835 headers. If the same sender re-appears within 24 hours, Exim assumes
4836 that the remote host has (in violation of RFC 821) not interpreted the
4837 previous 550 error code correctly, so this time it rejects the MAIL
4838 command. Some hosts don't even managed to handle that, so if the same
4839 sender turns up for a third time within 24 hours, Exim accepts MAIL, but
4840 rejects every RCPT command instead.
4843 <A NAME="SEC191" HREF="FAQ.html#TOC191">Q0832</A>: How can I get Exim to remove attachments from messages?
4847 A0832: (A) The cleanest way is to check for the existence of a "Content-type"
4848 header line, and route messages containing it down a pipe to some
4849 other program that strips the attachments and re-submits the message
4850 to Exim. Alternatively, a transport filter can be used to do the
4851 job, as described in C028.
4855 (B) A somewhat more hairy way is to use embedded Perl from a system
4856 filter to truncate the message's data file directly, and then use
4857 the "headers remote" filter command to get rid of the associated
4861 <A NAME="SEC192" HREF="FAQ.html#TOC192">Q0833</A>: I ran a relay test against my host and it failed with an address
4862 containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
4863 broken? This is what the tester said:
4868 >>> RSET
4869 <<< 250 Reset OK
4870 >>> MAIL FROM:<spamtest@example.com>
4871 <<< 250 <spamtest@example.com> is syntactically correct
4872 >>> RCPT TO:<relaytest%mail-abuse.org@example.com>
4873 <<< 250 <relaytest%mail-abuse.org@example.com> is syntactically correct
4875 Uh oh, host appeared to accept a message for relay.
4876 The host may reject this message internally, however</PRE>
4878 A0833: This does not prove that your host is open for relaying. Notice the
4879 wording of the last two sentences: "appeared to accept" and "may reject
4880 internally". Assuming that your Exim configuration is correct, Exim will
4881 discover that the local part <B>"relaytest%mail-abuse.org"</B> is not valid on
4882 your host, and it will bounce the message.
4886 Why doesn't it reject the RCPT TO command? Answer: because you have not
4887 set <TT>receiver_verify</TT> in your configuration file, or you have excluded
4888 these particular sender or recipient domains from receiver verification.
4891 <BR><H2><A NAME="SEC193" HREF="FAQ.html#TOC193">9. MAJORDOMO
4894 <A NAME="SEC194" HREF="FAQ.html#TOC194">Q0901</A>: How do I set up Majordomo to work with Exim?
4898 A0901: Users have found several ways of setting up Exim for use with Majordomo.
4899 There's a web page at
4903 <A HREF="http://www.netmaster.ca/exim/majordomo.html">http://www.netmaster.ca/exim/majordomo.html</A></PRE>
4905 which shows one way to do it, and discusses some of the issues. The
4906 sample configuration C018 is another approach which automates a lot of
4907 the functions based on whether the files or directories exist. Only
4908 three aliases per list are needed.
4912 Somewhere in the Majordomo docs or FAQ it mentions using batchmail or
4913 other additional programs to improve the performance of large lists.
4914 They are not needed with Exim, and their use can actually make things
4915 worse. However, it's a good idea to set <TT>remote_max_parallel</TT> to a value
4916 greater than 1 in the Exim configuration.
4919 <A NAME="SEC195" HREF="FAQ.html#TOC195">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
4920 sender correctly in the messages it sends.
4924 A0902: Make sure you have got the quoting correct in the <B>$mailer</B> setting. For
4929 <B>$mailer</B> = "$sendmail_command <B>-oi</B> <B>-oee</B> <B><B>-f$sender\@lists.mydomain.de</B>";</B>
4933 is not correct. It needs three backslashes, not one, and the $ at the
4934 start of <B>$sender</B> has to be escaped with a backslash.
4937 <A NAME="SEC196" HREF="FAQ.html#TOC196">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
4938 when I try to send it mail. The panic log entry reads:
4942 1999-01-05 11:23:34 0zxZGY-0000vB-00 <TT>majordomo_aliases</TT> director:
4943 <B><B>/var/lib/majordomo/lists/lists.aliases</B></B> (lsearch lookup): wrong mode
4947 A0903: Check the mode of <B><B>/var/lib/majordomo/lists/lists.aliases</B></B> and compare it
4948 with the setting of the modemask option in the <TT>majordomo_aliases</TT>
4949 director. This option specifies bits which must not be set for the alias
4950 file, and it defaults to 022.
4953 <A NAME="SEC197" HREF="FAQ.html#TOC197">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
4954 when it is passed a message from Exim.
4958 A0904: A problem like this turned out to be the Perl version that came with
4959 RedHat 5.2. Rebuilding Perl 5.005x solved it.
4962 <BR><H2><A NAME="SEC198" HREF="FAQ.html#TOC198">10. REWRITING
4965 <A NAME="SEC199" HREF="FAQ.html#TOC199">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
4969 A1001: If you set up a rewriting rule in the following form:
4973 *@*.your.domain $1@your.domain</PRE>
4975 then Exim will rewrite all addresses in the envelope and the headers,
4976 removing anything between "@" and <B>"your.domain".</B> This applies to all
4977 messages that Exim processes. If you want to rewrite sender addresses
4978 only, the the rule should be
4982 *@*.your.domain $1@your.domain Ffrs</PRE>
4984 This applies the rule only to the envelope "From" address and to the
4985 From:, Reply-to:, and Sender: headers.
4988 <A NAME="SEC200" HREF="FAQ.html#TOC200">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
4989 outgoing mail, and yet the hostname is present when the mail gets
4994 A1002: Check the DNS record for your domain. If the MX record points to a CNAME
4995 record instead of to an A record, MTAs are liable to rewrite addresses,
4996 changing your domain name to its "canonical" form, as obtained from the
5000 <A NAME="SEC201" HREF="FAQ.html#TOC201">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
5001 world, but not for messages that remain within the local intranet.
5005 A1003: Exim wasn't really designed to handle this kind of split world. Because
5006 it keeps only one copy of a message, and does all the rewriting at the
5007 time of reception, a standard configuration cannot handle this kind of
5008 rewriting in a message that has both internal and external recipients.
5012 However, what can be done is to split off a copy of the message to be
5013 sent to all external recipients, and do the rewriting on that. This can
5014 be achieved by running two differently-configured versions of Exim,
5015 either on a single host, or on two different hosts. If you have a
5016 gateway or firewall machine, that is the natural place to run the
5021 On a single machine, the following is one way of handling this:
5025 (1) Set up the normal configuration (in the configuration file whose
5026 name is screwed into the binary) such that it does local deliveries
5027 as required, but forwards a copy of the message for non-local
5028 recipients to a different incarnation of Exim via a private SMTP
5029 port. For example, use this transport and router:
5033 # Transport to send SMTP using port 26
5038 # Router to send everything the internal_smtp transport
5041 transport = internal_smtp
5042 route_list = * localhost byname
5045 This should be the only router. Because of the <TT>self = send</TT>
5046 setting, Exim will transport the messages, even though it knows it
5047 is going to the local host.
5051 (2) Set up a different configuration file for the rewriting version of
5052 Exim. This need do no local deliveries, so it needs no local
5053 domains or directors, and as it accepts mail only from the local
5054 host, there is no need for any spam-blocking or other policy
5055 controls. However, it does need to have its own spool area. The main
5056 part of the configuration could be like this:
5061 local_interfaces = 127.0.0.1
5062 host_reject = !127.0.0.1
5063 spool_directory = /var/spool/exim-external
5066 Note the use of a negated item for <TT>host_reject</TT>, causing rejection of
5067 SMTP calls from all but the local host.
5071 The directors section can be completely empty (apart from the line
5072 saying "end"), while the routers section should be as in a normal
5073 configuration, as it is going to control external delivery.
5077 The rule(s) for rewriting your internal addresses into external ones
5078 should be in this configuration. This is one example of what might
5084 ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}"</PRE>
5086 which looks up each local part in a per-host file to obtain the
5087 externally-visible address, including (in this example) the domain.
5091 (3) You have to arrange for a daemon to be listening on port 26, and to
5092 be using the alternate configuration file. It is necessary to do
5093 this as root so that Exim retains its privilege after reading a
5094 non-standard configuration. A command such as
5098 exim -C /etc/exim-configure2 -bd -oX 26</PRE>
5100 could be used in a suitable system start-up file. Alternatively you
5101 could set up <B>inetd</B> to run Exim with the <B>-C</B> option for incoming
5102 connections on port 26.
5106 The net result of all of this is that when a message has one or more
5107 external recipients, a copy of it is sent via port 26 to the second
5108 version of Exim, which rewrites any internal addresses and does the
5109 external deliveries. The cost of this is that the message has to be
5110 copied and spooled twice, and you have two different Exim queues to
5111 manage. Note that if the "external" Exim has to send a delivery failure
5112 message, it will use the rewritten sender address.
5115 <A NAME="SEC202" HREF="FAQ.html#TOC202">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
5116 names, but if mail comes in for an upper case login name, it doesn't
5121 *@my.domain ${lookup{$1}dbm{/usr/lib/exim/longforms}\
5122 {$value}fail}@my.domain bcfrtFT</PRE>
5124 The longforms database has entries of the form:
5128 ano23: A.N.Other</PRE>
5130 A1004: Replace <B>$1</B> in your rule by <B>${lc:$1}</B> to force the local part to lower
5131 case before it is used as a lookup key.
5134 <A NAME="SEC203" HREF="FAQ.html#TOC203">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
5138 A1005: It depends on what you mean by "fail a message" and what addresses you
5139 are rewriting. If you are rewriting recipient addresses for your local
5144 *@dom.ain ${lookup{$1}dbm{/wher/ever}{$value}{failaddr}} Ehq</PRE>
5146 and in your alias file put something like
5150 failaddr: :fail: Rewriting failed.</PRE>
5152 This fails a single recipient - others are processed independently.
5155 <A NAME="SEC204" HREF="FAQ.html#TOC204">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
5156 contents are not being lowercased. Aren't domains supposed to be handled
5161 A1006: The value of <B>$domain</B> is the actual domain that appears in the address.
5162 It could of course be lower cased, but I know that would cause some
5163 unhappiness, because some people have mixed-case domain names which look
5164 silly if the case is changed. Thus, one wants to preserve the case in
5169 *@*.TheRap.com <something>@$domain</PRE>
5171 (not the best example) because "therap" doesn't look like two words. I
5172 know it seems trivial, but it is important to some people - especially
5173 if by some unfortunate accident the lowercased word is something
5178 You can trivally force lower casing by means of the <B>${lc:</B> operator.
5179 Instead of "$domain" write "${lc:$domain}".
5182 <A NAME="SEC205" HREF="FAQ.html#TOC205">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
5187 A1007: In general, this is not possible, because a message may have more than
5188 one recipient and Exim keeps just a single copy of each message. You can
5189 do an incomplete job by using a regular expression match in a rewrite
5190 rule to test, for example, the contents of the To: header. This would
5191 work except in cases of multiple recipients. See also
5192 <A HREF="FAQ.html#SEC201">Q1003</A>.
5195 <BR><H2><A NAME="SEC206" HREF="FAQ.html#TOC206">11. HEADERS
5198 <A NAME="SEC207" HREF="FAQ.html#TOC207">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
5199 a specific domain and the subject line.
5203 A1101: To the <TT>remote_smtp</TT> transport, add something like
5207 headers_add = "${if and{\
5208 {eq{$domain}{spec.dom}}\
5209 {matches{$h_subject:}{whatever}}}\
5210 {Content-Type: text/html; charset=\"us-ascii\"} fail }"</PRE>
5212 This example shows a Content-Type header, but you can have anything you
5213 like, and multiple headers can be inserted by using \n to separate them.
5216 <A NAME="SEC208" HREF="FAQ.html#TOC208">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
5221 A1102: Only if you arrange for each such local part to receive its own private
5222 copy of the mail. See <TT>max_rcpt</TT> in the SMTP transport. Then you could use
5223 conditions in an expansion string to add or not add a header.
5226 <A NAME="SEC209" HREF="FAQ.html#TOC209">Q1103</A>: How can I remove some part of the Received: header?
5230 A1103: Set <TT>received_header_text</TT>.
5233 <A NAME="SEC210" HREF="FAQ.html#TOC210">Q1104</A>: How I can insert the PGP header line using exim filters?
5237 A1104: You can't insert headers in a user filter. A system filter can do so,
5238 but the inserted lines then are included for all recipients.
5241 <BR><H2><A NAME="SEC211" HREF="FAQ.html#TOC211">12. FETCHMAIL
5244 <A NAME="SEC212" HREF="FAQ.html#TOC212">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
5245 recipient address <B><I>xxx</I>@localhost</B>".
5249 A1201: Put "localhost" in a list of local domains, that is, add it to the
5250 <TT>local_domains</TT> option in your Exim configuration file.
5253 <A NAME="SEC213" HREF="FAQ.html#TOC213">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
5254 set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
5259 A1202: This was a fetchmail problem which has been fixed. Ideally, you should
5260 upgrade to the current fetchmail release. If you cannot do this, there
5261 is some Exim magic that might help. The 'S' rewriting flag allows
5262 rewriting of envelope addresses to be done as soon as they are received
5263 in the SMTP protocol, before any kind of checking or other processing is
5264 done. This is specifically provided for installations that have to cope
5265 with mangled addresses coming in over SMTP.
5268 <A NAME="SEC214" HREF="FAQ.html#TOC214">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
5269 Exim, but will it work? Do I need to configure fetchmail any particular
5270 way? As far as Exim knows, all mail is coming from 127.0.01. Will it
5271 check the source address against RBL? Or will it check the From: header?
5275 A1203: It will check 127.0.0.1 (not very useful). The point of the RBL is to
5276 keep messages from black-listed hosts out of your machine. If you are
5277 using fetchmail, you have got the messages into your machine before you
5278 approach Exim. That kind of defeats the purpose of the RBL. The right
5279 way to do this would be for the host from which you fetchmail to do the
5280 RBL checking and insert some kind of warning header for you to test, as
5281 Exim does if you run RBL checks in warning mode.
5284 <BR><H2><A NAME="SEC215" HREF="FAQ.html#TOC215">13. PERL
5287 <A NAME="SEC216" HREF="FAQ.html#TOC216">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
5288 load library <B>'libperl.so'".</B>
5292 A1301: If you are using BSDI, see
5293 <A HREF="FAQ.html#SEC270">Q9401</A>.
5296 <A NAME="SEC217" HREF="FAQ.html#TOC217">Q1302</A>: Exim built with Perl support exits with several error messages of the
5297 form "undefined reference to `PL_stack_sp'".
5301 A1302: This has been seen on FreeBSD systems that had two different versions of
5302 Perl installed, the older with an <B>a.out</B> library and the newer with an
5303 ELF library. Ensure that the older package is removed.
5306 <BR><H2><A NAME="SEC218" HREF="FAQ.html#TOC218">14. DIAL-UP
5309 <A NAME="SEC219" HREF="FAQ.html#TOC219">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
5310 delivered when I'm not connected to the Internet?
5314 A1401: Use the <TT>queue_remote_domains</TT> option to control which domains are held
5315 on the queue for later delivery. For example,
5319 queue_remote_domains = ! *.localnet</PRE>
5321 allows delivery to domains ending in .localnet, while queueing all the
5325 <A NAME="SEC220" HREF="FAQ.html#TOC220">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
5326 that remote mail only goes out when I do a queue run. However, any email
5327 I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
5328 minutes saying 'retry time exceeded', and all addresses are affected.
5332 A1402: (A) You should be using <TT>queue_remote_domains</TT> rather than <TT>queue_smtp_</TT>
5333 domains. With the latter, Exim is trying to route the addresses, which
5334 involves a DNS lookup. This is presumably timing out, causing a retry
5335 time to be set for the domain, and somehow a valid lookup never happened
5336 before the maximum retry time (default of 4 days) passed. Hence the
5337 bounce. The fact that it is <B>aol.com</B> is not relevant. You should probably
5338 also be using <B>-qq</B> to do your queue run rather than <B><B>-q.</B></B>
5342 (B) An alternative approach if you are sending all your outgoing mail to
5343 the same smart host is to use a single router like this:
5349 transport = remote_smtp
5350 route_list = "* smarthost.isp.net byname"</PRE>
5352 and put the address of the smart host in <B>/etc/hosts</B>, so that it can be
5353 found without the need of a DNS lookup. Then you can use <TT>queue_smtp_</TT>
5354 domains so that Exim does the routing for every message, but doesn't try
5355 to deliver it. See also
5356 <A HREF="FAQ.html#SEC221">Q1403</A>.
5359 <A NAME="SEC221" HREF="FAQ.html#TOC221">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
5360 system for a domain on a dial-up host?
5364 A1403: Exim isn't really designed for this, but... The lowest-numbered MX
5365 record for the domain should be pointing to your host. You should set a
5366 large retry time for that domain, so that Exim doesn't keep trying to
5367 deliver when the host is offline. When the host comes online, the
5368 waiting messages have to be kicked somehow. This can be done by calling
5369 Exim with the <B>-R</B> option, or via the SMTP ETRN command. This works
5370 provided the number of messages is low. If you are handling lots of
5371 mail, keeping messages waiting for their host to connect and those that
5372 are having delivery problems to remote hosts all in the same queue
5373 doesn't work so well. It is better in this case to get Exim to deliver
5374 the mail for the dial-in hosts into some local files which then get
5375 transmitted by other software when the host connects. See the manual
5376 chapter entitled "Intermittently connected hosts" and also
5377 <A HREF="FAQ.html#SEC239">Q5014</A> and
5379 <A HREF="FAQ.html#SEC136">Q0521</A>.
5382 <A NAME="SEC222" HREF="FAQ.html#TOC222">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
5383 force delivery of waiting mail when I dial in. How can I arrange for any
5384 new messages that arrive while I'm connected to be delivered immediately?
5388 A1404: (A) Instead of <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT>, use the
5389 <TT>queue_only_file</TT> option. This causes messages to be queued only if a
5390 particular file exists. The word "remote" or "smtp" before the file name
5391 controls which type of queueing is used. For example:
5395 queue_only_file = remote/etc/present/when/not/connected</PRE>
5397 Then, in the scripts which are run when you connect and disconnect,
5398 arrange to remove the file after connection, and create it just before
5403 (B) An alternative is to set <TT>hold_domains</TT> to point to a file lookup and
5404 switch that file appropriately.
5407 <BR><H2><A NAME="SEC223" HREF="FAQ.html#TOC223">20. MILLENNIUM
5410 <A NAME="SEC224" HREF="FAQ.html#TOC224">Q2000</A>: Are there any Y2K issues with Exim?
5414 A2000: The author of Exim believes that it is Y2K-compliant, as long as the
5415 underlying operating system and C library are. Exim does not parse dates
5416 or times at all. Internally, it makes some use of binary timestamps in
5417 Unix format (number of seconds since 1-Jan-1970) and uses C library
5418 services to convert these to printing forms (e.g. for logging). The
5419 printing forms all use 4-digit years. Some people have tried various
5420 tests. No problems have been reported, but details of what tests have
5421 been done are not available.
5424 <BR><H2><A NAME="SEC225" HREF="FAQ.html#TOC225">50. MISCELLANEOUS
5427 <A NAME="SEC226" HREF="FAQ.html#TOC226">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
5432 A5001: This is an error that occurs when Exim is trying to find out the all the
5433 IP addresses on all of the local host's interfaces. If you have lots of
5434 virtual interfaces, this can occur if there are more than around 250 of
5435 them. The solution is to set the option <TT>local_interfaces</TT> to list just
5436 those IP addresses that you want to use for making and receiving SMTP
5440 <A NAME="SEC227" HREF="FAQ.html#TOC227">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
5441 set of Exim administration functions? I don't want to put them all in
5446 A5002: See <B><A HREF="http://www.chiark.greenend.org.uk/~ian/userv/.">http://www.chiark.greenend.org.uk/~ian/userv/.</A></B> Using userv you can
5447 arrange (for example) for certain users to be able to invoke mailq or
5448 runq or other preset commands as exim (or any other user, as configured)
5449 with only userv configuration. If you want to check the particular Exim
5450 options available you can easily do it with shell or Perl scripts and
5451 userv configuration, and provided you know how to do argument
5452 `unparsing' properly in shell or Perl it will be secure.
5455 <A NAME="SEC228" HREF="FAQ.html#TOC228">Q5003</A>: How can I test for a message's size being greater or less than a given
5456 value in an expansion string?
5460 A5003: This isn't straightforward in versions of Exim prior to 2.10, because
5461 there were no arithmetic operators in expansion strings. In version
5462 2.10 or later you can write, straightforwardly,
5466 ${if > {$message_size}{10K} {yes} {no}}</PRE>
5468 In earlier versions, low cunning can be used to achieve certain
5469 kinds of test. For example, to test if the message size is less than
5470 or equal to 1000000:
5474 ${if eq{${expand:\$\{substr_-1000000_$message_size:x\}}} {} {yes} {no}}</PRE>
5475 <A NAME="SEC229" HREF="FAQ.html#TOC229">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
5476 want to "tail", and the number of tailing windows is getting to be a
5481 A5004: Look for a program called 'xtail' (despite its name, it's not an
5482 X-windows application). It allows you to do multiple tails, even of
5486 <A NAME="SEC230" HREF="FAQ.html#TOC230">Q5005</A>: I would like to have Exim log information written to syslog.
5490 A5005: Support for this is available from version 3.10 onwards.
5493 <A NAME="SEC231" HREF="FAQ.html#TOC231">Q5006</A>: What does the error "Failed to create spool file" mean?
5497 A5006: Exim has been unable to create a file in its spool area in which to
5498 store an incoming message. This is most likely to be either a
5499 permissions problem in the file hierarchy, or a problem with the uid
5500 under which Exim is running, though it could be something more drastic
5501 such as your disc being full. Check that you have defined the spool
5502 directory correctly by running
5506 exim -bP spool_directory</PRE>
5508 and examining the output. Check the mode of this directory. It should
5509 look like this, assuming you are running Exim as user `exim':
5513 drwxr-x--- 6 exim exim 512 Jul 16 12:29 /var/spool/exim</PRE>
5515 If there are any subdirectories already in existence, they should have
5516 the same permissions, owner, and group. Check also that you haven't got
5517 incorrect permissions on superior directories (for example, <B>/var/spool</B>).
5518 Check that you have set up the exim binary to be setuid root. It should
5523 -rwsr-xr-x 1 root xxx 502780 Jul 16 14:16 exim</PRE>
5525 Note that it is not just the owner that must be root, but also the third
5526 permission must be "s" rather than "x".
5529 <A NAME="SEC232" HREF="FAQ.html#TOC232">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
5533 A5007: This might be a problem with the db library. See
5534 <A HREF="FAQ.html#SEC120">Q0505</A>.
5537 <A NAME="SEC233" HREF="FAQ.html#TOC233">Q5008</A>: Exim's databases keep getting corrupted.
5542 <A HREF="FAQ.html#SEC120">Q0505</A>.
5545 <A NAME="SEC234" HREF="FAQ.html#TOC234">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
5546 but I can't get it to have an envelope from of <>.
5550 A5009: You haven't, by any chance, put "exim" in the list of <TT>never_users</TT>, have
5554 <A NAME="SEC235" HREF="FAQ.html#TOC235">Q5010</A>: I see entries in the log that mention two different IP addresses for the
5555 same connection. Why is this? For example:
5559 H=tip-mp8-ncs-13.stanford.edu ([36.173.0.189]) [36.173.0.156]</PRE>
5561 A5010: The actual IP address from which the call came is the final one.
5562 Whenever there's something in parentheses in a host name, it is what the
5563 host quoted as the domain part of an SMTP HELO or EHLO command. So in
5564 this case, the client, despite being 36.173.0.156, issued the command
5568 HELO [36.173.0.189]</PRE>
5570 when it sent your server the message. This is, of course, very
5574 <A NAME="SEC236" HREF="FAQ.html#TOC236">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
5579 A5011: Set the option
5583 smtp_etrn_command = /usr/lib/sendmail -R $domain</PRE>
5585 This causes Exim to run that command, with <B>$domain</B> replaced by the
5586 argument of ETRN. The default action of Exim is to require the # sign
5587 in order to be RFC-compliant, and to run the equivalent of
5591 smtp_etrn_command = /usr/lib/sendmail -R ${substr_1:$domain}</PRE>
5593 which uses the argument without the leading # as the value for the <B>-R</B>
5594 option. You aren't restricted to running Exim with the <B>-R</B> option, of
5595 course. You can specify any command you like, with any number of
5596 arguments. In particular, you can pass over the IP address of the caller
5597 via <B><B>$sender_host_address.</B></B> However, if you make use of expansion strings
5598 in the arguments, each one must be entirely contained in a single
5599 argument. For example, if you want to remove the first character of the
5600 ETRN argument when it is @ or #, you could use
5604 smtp_etrn_command = "/usr/lib/sendmail -R \
5605 \"${if match {$domain}{^[@#]}{${substr_1:$domain}}{$domain}}\""</PRE>
5607 The internal quotes are necessary because of the white space inside the
5612 If you use <TT>smtp_etrn_command</TT> to run something other than Exim with the
5613 <B>-R</B> option, you must disable <TT>smtp_etrn_serialize</TT>, because otherwise the
5614 serialization lock (which is set by default) never gets removed.
5617 <A NAME="SEC237" HREF="FAQ.html#TOC237">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
5618 delivered to their final destination with the Bcc: line still present.
5622 A5012: Exim removes Bcc lines only if you call it with the <B>-t</B> option (i.e.
5623 when it is acting partly as an MUA). It does not remove Bcc lines that
5624 are present in incoming SMTP mail or command-line mail that does not
5625 use <B><B>-t.</B></B> Indeed, it should not remove them. From RFC 822:
5629 5.3. BCC / RESENT-BCC
5633 This field contains the identity of additional recipients of the
5634 message. The contents of this field are not included in copies of the
5635 message sent to the primary and secondary recipients. Some systems may
5636 choose to include the text of the "Bcc" field only in the author(s)'s
5637 copy, while others may also include it in the text sent to all those
5638 indicated in the "Bcc" list.
5642 Only the initiating software (i.e. the MUA) can tell what to do with
5643 Bcc; any MTA software has to leave it alone.
5646 <A NAME="SEC238" HREF="FAQ.html#TOC238">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
5647 printed page, the printer ejects a blank sheet. Is this something to do
5648 with using "letter" rather than A4 paper?
5652 A5013: This seems to be an effect of using ghostview. Although the PostScript
5653 is generated for A4 pages, the size of the page images is such that they
5654 should fit on a letter page (they are shorter than would normally be
5655 used on A4 paper). If the PostScript file is sent directly to a
5656 PostScript printer, there is no problem. An alternative is to get hold
5657 of the "psutils" toolset, which is available from
5661 <A HREF="ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz">ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz</A></PRE>
5663 It contains utilities for extracting pages (which can be useful for
5664 double-sided printing) and for resizing pages. If you resize from A4 to
5665 letter the text shrinks a bit, but should then be printable via
5669 <A NAME="SEC239" HREF="FAQ.html#TOC239">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
5670 in to collect their mail.
5674 A5014: Exim isn't really designed for this kind of operation. The only way to
5675 do this would be to cause it to send those messages to a differently
5676 configured version of Exim with its own spool area. This could be done
5677 via a pipe or SMTP to a private port. The main Exim, listening on port
5678 25, would then be configured to run an appropriate command to prod one
5679 of the others when it received ETRN, by means of the <TT>etrn_command</TT> option.
5683 You could probably manage this with a single Exim binary and a number of
5684 different configuration files, passed to the special versions using the
5685 <B>-C</B> option. For this application they could all run as exim, since no
5686 root privilege would be needed.
5690 An alternative approach would be to get Exim to deliver mail for such
5691 hosts in batch SMTP format into some directory, and have the ETRN run
5692 something to pass such messages to the dialled-in host. See also
5693 <A HREF="FAQ.html#SEC118">Q0503</A>
5695 <A HREF="FAQ.html#SEC136">Q0521</A>.
5698 <A NAME="SEC240" HREF="FAQ.html#TOC240">Q5015</A>: A short time after I start Exim I see a <defunct> process. What is
5703 A5015: Your system must be lightly loaded as far as mail is concerned. The
5704 daemon sets off a queue runner process when it is started, but it only
5705 tidies up completed child processes when it wakes up for some other
5706 reason. When there's nothing much going on, you occasionally see
5707 <defunct> processes like this waiting to be dealt with. This is
5711 <A NAME="SEC241" HREF="FAQ.html#TOC241">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
5712 daemons: exim abandoned: unknown, malformed, or incomplete option
5713 <B>-bz</B> sendmail". What does this mean?
5717 A5016: <B>-bz</B> is a Sendmail option requesting it to create a "configuration freeze
5718 file". Exim has no such concept and so does not support the option. You
5719 probably have a line like
5723 /usr/lib/sendmail -bz</PRE>
5725 in some start-up script (e.g. <B><B>/etc/init.d/mail</B>)</B> immedately before
5729 /usr/lib/sendmail -bd -q15m</PRE>
5731 The first of these lines should be commented out.
5734 <A NAME="SEC242" HREF="FAQ.html#TOC242">Q5017</A>: I would like to restrict e-mail usage for some users to the local
5735 machine, ideally on a group basis.
5740 <A HREF="FAQ.html#SEC293">A9802</A>
5743 <A NAME="SEC243" HREF="FAQ.html#TOC243">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
5744 the SMTP port. Why is this?
5748 A5018: Something else is hanging onto port 25 and not releasing it. One place
5749 to look is <B><B>/etc/inetd.conf</B></B> in case for any reason an SMTP stream is
5753 <A NAME="SEC244" HREF="FAQ.html#TOC244">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
5758 A5019: As well as plain ASCII text, the Exim documentation is provided in two
5759 online forms - texinfo and HTML - which have a certain amount of built-
5760 in indexing for ease of finding your way around. There are no man pages
5761 because the author of Exim hasn't the time (or desire :-) to maintain
5762 yet another documentation format. Besides, it is hard to know how to
5763 split the Exim manual up.
5767 There is a contributed man page for a previous version of Exim in
5771 <B><A HREF="ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8">ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8</A></B>
5775 This was written by a previous maintainer of the Debian GNU/Linux Exim
5776 package. You can view a nicely formated version at:
5780 <B><A HREF="http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz">http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz</A></B>
5784 This contains some introductory text and the command line options only.
5787 <A NAME="SEC245" HREF="FAQ.html#TOC245">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
5788 to the addresses within the message, not to those on the command line.
5792 A5020: By default Exim operates according to the Sendmail documentation, and
5793 interprets addresses on the command line as addresses <EM>not</EM> to send to.
5798 extract_addresses_remove_arguments = false</PRE>
5800 to change this behaviour. There is some confusion in the Sendmail
5801 community about the interpretation of recipient addresses on the command
5802 line if the <B>-t</B> option is used.
5806 Here is an except from one version of the sendmail documentation
5810 <B>-t</B> Read message for recipients. To:, Cc:, and Bcc: lines will
5811 be scanned for recipient addresses. The Bcc: line will be
5812 deleted before transmission. Any addresses in the argument
5813 list will be suppressed, that is, they will not receive
5814 copies even if listed in the message header.
5818 Earlier versions of the sendmail documentation are ambiguous (unlike the
5819 snippet above). Apparently the code and documentation streams resolved
5820 the ambiguity differently.
5823 <A NAME="SEC246" HREF="FAQ.html#TOC246">Q5021</A>: If I set up, for example,
5824 <TT>local_domains = *customer.com</TT>, then it matches
5825 <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
5826 <B>"noncustomer.com",</B> which is wrong. How can I get round this?
5830 A5021: (A) You have to specify two entries in the list:
5834 local_domains = customer.com : *.customer.com</PRE>
5836 because * in a domain list matches any characters, including "." and
5837 including a null sequence.
5841 (B) Alternatively, you could use a regular expression:
5845 local_domains = ^(.+\.|)customer\.com$</PRE>
5847 but that probably will not be as efficient.
5851 (C) If you have lots of local domains, you could put them into a file to
5852 be searched (using lsearch, dbm, cdb, or whatever) and use a partial
5857 local_domains = partial-dbm;/list/of/domains</PRE>
5859 If the file contains the key <B>*.customer.com</B> then the desired effect is
5860 achieved, because partial lookups do operate on a component basis. See
5861 the section entitled "Partial matching in domain lists". It is a bit
5862 confusing that "*" is used in this context, because its meaning is not
5863 the same as when it appears directly in a domain list.
5866 <A NAME="SEC247" HREF="FAQ.html#TOC247">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
5867 exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
5868 treated as local. What is the best way to do this?
5872 A5022: (A) From release 3.00 onwards, you can put negative items in the
5873 <TT>local_domains</TT> setting, like this:
5877 local_domains = !foo.oyoy.org : !bar.oyoy.org : *.oyoy.org</PRE>
5879 If there are many exceptions, you can use a lookup instead of listing
5884 (B) Otherwise, you can use a regular expression:
5888 local_domains = ^.*(?<!^foo|^bar)\.oyoy\.org$</PRE>
5890 An alternative formulation that is more efficient in execution (because
5891 it doesn't backtrack for .* in cases that don't match) is
5895 local_domains = ^(?>.*$)(?<=\.oyoy\.org)(?<!^(foo|bar)\.oyoy\.org)</PRE>
5897 If you are using an earlier version of Exim in which the regular
5898 expression library does not have lookbehind support (versions prior to
5899 2.051, but after 1.735):
5903 local_domains = ^(?!(foo|bar)\.oyoy\.org$).+\.oyoy\.org$</PRE>
5905 If you are using a version of Exim that is earlier than 1.735, consider
5909 <A NAME="SEC248" HREF="FAQ.html#TOC248">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
5910 is a Sparc 5 running Solaris 2.6.
5914 A5023: The problem is that there are a number of build-time options, requiring
5915 the answer to questions like:
5919 . Which DBM library do you have? (On Solaris probably ndbm, but no easy
5920 default on some other systems.)
5924 . Which uid/gid do you want to use for Exim?
5928 . Where do you want the configuration file to be? (<EM>Many</EM> different
5929 answers, even on the same OS, depending on local policy.)
5933 . Ditto for the binaries.
5937 . Which optional bits of Exim do you want to include?
5941 ... and so on. One could impose a set of values, but I suspect they
5942 would probably please nobody.
5945 <A NAME="SEC249" HREF="FAQ.html#TOC249">Q5024</A>: Is there a Windows NT version of Exim available?
5949 A5024: A long time ago somebody took a copy of the Exim source with the aim of
5950 trying to port it to NT. However, I never heard anything more.
5953 <A NAME="SEC250" HREF="FAQ.html#TOC250">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
5954 Notification (MSN), or any other form of delivery acknowledgement?
5959 <A HREF="FAQ.html#SEC132">A0517</A>.
5962 <A NAME="SEC251" HREF="FAQ.html#TOC251">Q5026</A>: What does "Exim" stand for?
5966 A5026: Originally, it was "EXperimental Internet Mailer", which was the best I
5967 could come up with when I was starting out. At that point it <EM>was</EM>
5968 experimental - I wanted to see if the ideas I had for extending Smail's
5969 approach actually worked. Then somebody discovered about it and wanted
5970 to start using it, and told other people about it...
5973 <A NAME="SEC252" HREF="FAQ.html#TOC252">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
5974 received in one connection" mean?
5979 <A HREF="FAQ.html#SEC133">A0518</A>.
5982 <A NAME="SEC253" HREF="FAQ.html#TOC253">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
5983 amount of space on the spool for incoming SMTP messages that use the
5984 SIZE option. Can I suppress this?
5988 A5028: The RFC for the SIZE option says
5992 If the server currently lacks sufficient resources to accept a
5993 message of the indicated size, but may be able to accept the
5994 message at a later time, it responds with code "452
5995 insufficient system storage".
5999 and that is what Exim is trying to implement. This is entirely
6000 independent from <TT>check_spool_space</TT>, which says "don't accept any mail
6001 if there is less than so much space in the spool partition", though the
6002 code is optimised to do both checks at the same time if required.
6003 However, you can suppress the SIZE check if you want to, by unsetting
6004 <TT>smtp_check_spool_space</TT>.
6007 <A NAME="SEC254" HREF="FAQ.html#TOC254">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
6008 assuming that the "<>" indicates that the envelope did not contain any
6013 A5029: Yes. This indicates a delivery failure report (aka "bounce message").
6014 Here is what RFC 1123 has to say about this:
6018 "If there is a delivery failure after acceptance of a message,
6019 the receiver-SMTP MUST formulate and mail a notification
6020 message. This notification MUST be sent using a null ("<>")
6021 reverse path in the envelope; see Section 3.6 of RFC-821. The
6022 recipient of this notification SHOULD be the address from the
6023 envelope return path (or the Return-Path: line). However, if
6024 this address is null ("<>"), the receiver-SMTP MUST NOT send a
6025 notification. If the address is an explicit source route, it
6026 SHOULD be stripped down to its final hop."
6030 The reason for using empty sender addresses is to identify bounce
6031 messages so that they themselves do not cause further bounces. However,
6032 this has made life harder for those that want to check incoming mail for
6033 valid senders. It is a pity that some other mechanism (e.g. a keyword
6034 on the MAIL command) was not used instead, but it is far too late to
6039 Empty senders are also used for other kinds of report which should not
6040 themselves cause the generation of bounce messages. For example, Exim
6041 uses them when sending out warnings about delivery delays.
6044 <A NAME="SEC255" HREF="FAQ.html#TOC255">Q5030</A>: I've received a message which does not have my address in the To:
6045 line. It is a spam message with the same address in both the From: and
6046 the To: headers. How can this happen, and why doesn't Exim reject it?
6050 A5030: There is an important distinction between the "envelope" from and to and
6051 the "header" from and to. The former are sometimes called the "sender"
6052 and "recipient". An email message needs an "envelope" for the same
6053 reason that paper mail does - the envelope tells the delivery mechanism
6054 what to do with *this copy* of the message, whereas the To: header lists
6055 all the recipients, including those who have been sent different copies
6056 of the message because their mailbox is on some other host.
6060 An MTA such as Exim normally works entirely with the "envelope"
6061 addresses, not with those in the header lines. However, you can specify
6062 that it should do some checking of header addresses by setting a
6063 number of options whose names begin with <TT>headers_</TT>.
6067 Don't try to block mail where envelope from and the header from differ.
6068 There are common legitimate cases where this happens, for example,
6069 messages forwarded from mailing lists and delivery failure reports.
6072 <A NAME="SEC256" HREF="FAQ.html#TOC256">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
6073 that is, it is handled without it ever hitting the disc?
6077 A5031: It doesn't, and never will. Accepting and delivering a message are two
6078 entirely separate, independent processes, which communicate only by
6079 writing/reading the message on the disc.
6082 <A NAME="SEC257" HREF="FAQ.html#TOC257">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
6083 on the fly, or do I need to restart Exim every time I make a change?
6087 A5032: Exim re-reads the file every time it consults it, so if you are using a
6088 cdb or a DBM library that uses just a single file (i.e. NOT ndbm) then
6089 you can just build the new file with a temporary file name, and use "mv"
6090 to rename it into the correct place on the fly. If there are two files
6091 to rename, there is a window of time during which the DBM database is
6092 inconsistent. On lightly loaded systems this may not matter.
6095 <A NAME="SEC258" HREF="FAQ.html#TOC258">Q5033</A>: What are the main differences between using an Exim filter and using
6100 A5033: Exim filters and procmail provide different facilities. Exim filters run
6101 at directing time, before <EM>any</EM> deliveries are done. A filter is like a
6102 <B>".forward</B> file with conditions". One of the benefits is de-duplication.
6103 Another is that if you forward, you are forwarding the original message.
6107 However, this does mean that pipes etc. are not run at filtering time,
6108 nor can you change the headers, because the message may have other
6109 recipients and Exim keeps only a single set of headers.
6113 Procmail runs at delivery time. This is for one recipient only, and so
6114 it can change headers, run pipes and check the results, etc. However, if
6115 it wants to forward, it has to create a new message containing a copy
6116 of the original message.
6120 It's your choice as to which of these you use. You can of course use
6124 <A NAME="SEC259" HREF="FAQ.html#TOC259">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
6125 those addresses generated from a top-level address that have not yet
6130 A5034: Exim does not keep this information. It saves only the top-level
6131 addresses and the list of addresses that are finished with. At each
6132 delivery attempt, generated addresses are recomputed from scratch. This
6133 makes it possible to correct errors in <B>.forward</B> and alias files that are
6134 causing delivery delays. However, there is an option you can set on an
6135 <B>aliasfile</B> or <B>forwardfile</B> director that changes things. It is called
6136 <TT>one_time</TT>, and if it is set, the list of generated addresses gets added
6137 to the top-level list at the first delivery attempt, and is never
6138 regenerated. Because top-level address lists must be real email
6139 addresses, this option cannot be used if any of the generated addresses
6140 are pipes, files, or autoreplies.
6143 <A NAME="SEC260" HREF="FAQ.html#TOC260">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
6144 relaying that they are being blocked with a "Too many connections"
6149 A5035: See <TT>smtp_accept_max</TT> and related options such as <TT>smtp_accept_reserve</TT>.
6152 <A NAME="SEC261" HREF="FAQ.html#TOC261">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
6153 error message: "Filter error: unavailable filtering command "fail" near
6154 line 8 of filter file".
6158 A5036: Use the <B>-bF</B> option to test system filters. This gives you access to the
6159 freeze and fail actions.
6162 <A NAME="SEC262" HREF="FAQ.html#TOC262">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
6163 deliver it? I want to be in this state while moving some mailboxes.
6167 A5037: (1) Set <TT>queue_only</TT> in the Exim configuration. (2) Kill off your daemon,
6168 and restart it <EM>without</EM> the <B>-q</B> option (i.e. with just the <B>-bd</B> option),
6169 so that it does not spawn any queue runners. This stops all deliveries,
6170 remote as well as local. To stop just local deliveries, assuming that
6171 none of your routers are configured to send messages directly to a local
6172 transport, make this your first director:
6178 new_address = :defer:</PRE>
6180 When you are ready to go again, remove that director and do a <B>-qf</B> run to
6181 override the retry times. This solution works from release 3.10 onwards.
6182 In earlier releases an <B>aliasfile</B> director must be used because :defer:
6183 was not available for use in <B>smartuser</B>.
6186 <A NAME="SEC263" HREF="FAQ.html#TOC263">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
6191 A5038: See the section of the manual entitled "Sender verification". Exim has
6192 failed to verify a sender from the same host 3 times within a period of
6196 <A NAME="SEC264" HREF="FAQ.html#TOC264">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
6201 A5039: On some X implementations, if the numlock key is pressed (so that the
6202 numeric keypad is working) then the menu didn't work properly in
6203 versions of Eximon before Exim release 3.10. The problem is an
6204 infelicity in the particular implementation of X. A workaround was
6205 introduced at release 3.10, so this problem should no longer be
6209 <A NAME="SEC265" HREF="FAQ.html#TOC265">Q5040</A>: What does "ridiculously long message header" in an error report mean?
6213 A5040: There has to be some limit to the length of a message's header lines,
6214 because otherwise a malefactor could open an SMTP channel to your host,
6215 start a message, and then just send characters continuously until your
6216 machine ran out of memory. (Exim stores all the header lines in main
6217 memory). For this reason a limit is imposed on the total amount of
6218 memory that can be used for header lines. The default is 1MB, but this
6219 can be changed by setting HEADER_MAXSIZE in <B>Local/Makefile</B>. Exceeding
6220 the limit provokes the "ridiculous" error message.
6224 Prior to release 3.022 Exim used two separate limits, one on the length
6225 of an individual header line and one on the total number of header
6226 lines. A header line longer than 8192 used to provoke the error "Header
6227 line is ridiculously overlong". In subsequent releases there is no limit
6228 on individual header lines; only the total matters.
6231 <A NAME="SEC266" HREF="FAQ.html#TOC266">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
6236 A5041: Yes. Exim provides MTA functionality. That is, it delivers mail. POP is
6237 one of several ways of reading previously-delivered mail. Exim does not
6238 provide that functionality.
6241 <BR><H2><A NAME="SEC267" HREF="FAQ.html#TOC267">93. HP-UX
6244 <A NAME="SEC268" HREF="FAQ.html#TOC268">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
6245 put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
6249 (Bundled) cc: "buildconfig.c", line 54: error 1705: Function prototypes
6250 are an ANSI feature.</PRE>
6252 A9301: The bundled compiler is not an ANSI C compiler. You either have to get a
6253 copy of gcc from the HPUX Software Porting Archives or buy the ANSI cc
6254 from HP. The advice given by one user of HP systems on the Exim
6255 mailing list was as follows:
6259 "Personally, I wouldn't use anything but the ANSI C compiler. gcc
6260 works for compilation, but it doesn't know squat about PA-RISC chips
6261 past the 1.0 rev. Since then, HP has come out with PA-RISC 1.1, 2.0,
6262 and 2.1, each with better features. gcc will compile for them, but it
6263 doesn't produce anywhere near the optimization that HP's compiler
6268 I took the gcc road when we moved from FreeBSD to HP-UX because I was
6269 familiar with it. After 6 months, I had to go and re-port everything
6270 over when we realized that gcc wasn't going to do it for us long-term.
6271 If I could give advice to any new HP-UX admin: don't use gcc if you
6272 can afford the ANSI C compiler. Based on the cost of even the lowest
6273 HP workstation, that usually isn't a problem."
6276 <BR><H2><A NAME="SEC269" HREF="FAQ.html#TOC269">94. BSDI
6279 <A NAME="SEC270" HREF="FAQ.html#TOC270">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
6280 <B>"./exim:</B> can't load library <B>'libperl.so'".</B>
6284 A9401: You probably compiled perl5 yourself, without looking into
6288 /usr/src/contrib/perl5/perl5.004_02/hints/bsdos.sh</PRE>
6290 first. The problem is that the command
6294 perl5 -MExtUtils::Embed -e ldopts</PRE>
6296 doesn't give you sufficient flags to link something with libperl.
6297 Since 5.004_02 the <B>hints/bsdos.sh</B> file has changed to adapt to the
6298 changes between BSDI 3.1 and 4.0, but it is still not entirely right.
6302 The solution is, when you compile perl, change the "ccdlflags"
6303 variable in <B>config.sh</B> to:
6307 -rdynamic -Wl,-rpath,/usr/local/lib/perl5/5.00502/i386-bsdos/CORE</PRE>
6309 (or something similar). Alternatively, you can run ./Configure and
6310 answering the question "Any special flags to pass to cc to use dynamic
6311 loading?" with the above line. It is not known what <B>-rdynamic</B> means
6312 (it's not apparently documented in any man page), but that's what BSDI
6313 guys did to compile perl5 which comes with BSDI 4.0 distribution.
6316 <BR><H2><A NAME="SEC271" HREF="FAQ.html#TOC271">95. IRIX
6319 <A NAME="SEC272" HREF="FAQ.html#TOC272">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
6320 Exim doesn't seem to recognize them as local addresses.
6324 A9501: This problem was fixed in Exim release 2.03. If you are running an
6325 earlier version you should use the <TT>local_interfaces</TT> option to specify
6326 all your IP addresses explicitly.
6329 <A NAME="SEC273" HREF="FAQ.html#TOC273">Q9502</A>: The IP addresses for incoming calls are all being given as
6334 A9502: If you used the gcc compiler 2.8.x there is a known bug with the
6335 "gethost" function under Irix. SGI recommends using either their cc
6336 compiler in Irix 6.5, or a lesser version of the gnu compiler (2.6.x).
6340 Alternatively, there is an Inst-able port of exim for Irix at
6341 <B><A HREF="http://freeware.sgi.com">http://freeware.sgi.com</A>,</B> but it is not likely to be the latest release.
6344 <BR><H2><A NAME="SEC274" HREF="FAQ.html#TOC274">96. LINUX
6347 <A NAME="SEC275" HREF="FAQ.html#TOC275">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
6352 A9601: This has been seen in cases where Exim has been incorrectly built with
6353 a muddled combination of an <B>ndbm.h</B> include file and a non-matching
6358 Faults like this have also been seen on systems with faulty motherboards.
6359 You could try to compile the Linux kernel 10 times - if the compile
6360 process stops with signal 11, your hardware is to blame.
6363 <A NAME="SEC276" HREF="FAQ.html#TOC276">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
6364 trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
6368 A9602: You have several shells installed, which are setting conflicting values
6369 in the HOSTTYPE environment variable that is used to construct the name
6370 of the build directory. One way round this is to run this command:
6374 ln -s build-Linux-libc5-i386-linux build-Linux-libc5-i386</PRE>
6376 This problem should no longer be encountered in release 3.10 or later.
6377 Exim has been changed to get the host type from the "uname" command
6381 <A NAME="SEC277" HREF="FAQ.html#TOC277">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
6382 my mail logs. Anyone worked out the logrotate config file that will
6387 A9603: Here's one suggestion:
6391 /var/log/exim/main.log {
6392 create 644 exim exim
6398 The sleep is added to allow things to close the log file prior to
6399 compression. You also need similar entries for the panic log and the
6400 reject log, of course.
6403 <A NAME="SEC278" HREF="FAQ.html#TOC278">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
6404 service terminated" on a RedHat 5.2 system, causing imap connections to
6405 be refused. The imapd in use is Washington Uni vers 12.250. Could this
6406 be anything to do with Exim?
6410 A9604: No, it's nothing to do with Exim, but here's the answer anyway: there
6411 is a maximum connection rate for <B>inetd</B>. If connections come in faster
6412 than that, it thinks a caller is looping. The default setting on RedHat
6413 5.2 is 40 calls in any one minute before <B>inetd</B> thinks there's a problem
6414 and suspends further calls for 10 mins. This default setting is very
6415 conservative. You should probably increase it by a factor of 10 or 20.
6420 imap stream tcp nowait.400 root /usr/sbin/tcpd /usr/local/etc/imapd</PRE>
6422 The rate setting is the number following "nowait". This syntax seems to
6423 be specific to the Linux version of <B>inetd</B>. Other operating systems
6424 provide similar functionality, but in different ways.
6427 <A NAME="SEC279" HREF="FAQ.html#TOC279">Q9605</A>: I get the "too many open files" error especially when a lot of messages
6428 land for majordomo at the same time.
6432 A9605: The problem appears to be the number of open files the system can
6433 handle. This is changable by using the proc filesystem. To your
6434 <B><B>/etc/rc.d/rc.local</B></B> file append something like the following:
6438 # Now System is up, Modify kernel parameters for max open etc.</PRE>
6440 if [ -f /proc/sys/kernel/file-max ]; then
6441 echo 16384 >> /proc/sys/kernel/file-max
6443 if [ -f /proc/sys/kernel/inode-max ]; then
6444 echo 24576 >> /proc/sys/kernel/inode-max
6446 if [ -f /proc/sys/kernel/file-nr ]; then
6447 echo 2160 >> /proc/sys/kernel/file-nr
6450 By echoing the value you want for file-max to the file file-max <B>etc.,</B>
6451 you actually change the kernel parameters.
6454 <A NAME="SEC280" HREF="FAQ.html#TOC280">Q9606</A>: I'm having a problem with an Exim RPM.
6458 A9606: Normally the thing to do if you have a problem with an RPM package is
6459 to contact the person who built the package first, not the person who
6460 made the software that's in the package. You can usually find out who
6461 made a package using the following command:
6465 rpm --query --package --queryformat '%{PACKAGER}\n' <rpm-package-file></PRE>
6467 where <rpm-package-file> is the actual file, e.g. <B>`exim-3.03-2.i386.rpm'.</B>
6468 Or, if the package is installed on your system:
6472 rpm --query --queryformat '%{PACKAGER}\n' <package-name></PRE>
6474 where <package-name> is the name component of the package, e.g. `exim'.
6475 If the packager is unable or unwilling to help, only then should you
6476 contact the actual author or associated mailing list of the software.
6480 If you discover through the querying process that you can't tell who
6481 the person (or company or group) is who built the package, or that they
6482 no longer exist at the given address, then you should reconsider
6483 whether you want a package from an unknown source on your system.
6487 If you discover through the querying process that you yourself are the
6488 person who built the package, then you should either (a) contact the
6489 author or associated mailing list, or (b) reconsider whether you ought
6490 to be building and distributing RPM packages of software you don't
6495 Similar rules of thumb govern other binary package formats, including
6496 debs, tarballs, and POSIX packages.
6499 <BR><H2><A NAME="SEC281" HREF="FAQ.html#TOC281">97. SUN SYSTEMS
6502 <A NAME="SEC282" HREF="FAQ.html#TOC282">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
6506 A9701: Make sure you are liking with the GNU <B>ld</B> linker and not the system
6507 version of <B>ld</B>.
6510 <A NAME="SEC283" HREF="FAQ.html#TOC283">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
6515 A9702: CDE <B>dtmail</B> passes messages to Exim via the command line interface with
6516 lines terminated by CRLF, instead of the Unix convention of just LF. As
6517 Exim is an 8-bit clean program it treats the CR as just another data
6518 character. Exim has a command line option called <B>-dropcr</B> which causes
6519 it to ignore <EM>all</EM> CR characters in an incoming non-SMTP message. You
6520 should configure <B>dtmail</B> to add this option to the command it uses to
6521 call Exim (using the path <B>/usr/lib/sendmail</B>). However, it has been
6522 reported that it isn't possible to change this call from <B>dtmail</B> by any
6523 official means. An alternative approach is to replace <B>/usr/lib/sendmail</B>
6524 by a filtering script which removes the spurious CRs from the input
6525 before passing it to Exim.
6528 <A NAME="SEC284" HREF="FAQ.html#TOC284">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
6529 more than 10 A records.
6533 A9703: There are Sun library patches to fix this. It is not Exim's problem.
6534 For 4.13_U1 the patch is 101558<I>-xx</I>; for 4.1.3 the patch is 100891<I>-xx</I>.
6535 From the README: 1054748 ftp, ping dump core when connecting to a host
6536 with multiple DNS A records.
6540 An alternative is to build another resolver library - such as the ones
6541 that are part of the bind distribution - and explicitly link against
6545 <A NAME="SEC285" HREF="FAQ.html#TOC285">Q9704</A>: The menu in Eximon isn't working on my Sun system.
6549 A9704: With OpenWindows, if the numlock key is pressed (so that the numeric
6550 pad is working) then some menus don't work. This appears to be true for
6551 the console and (some) remote X-window servers. A workaround for this
6552 problem was introduced in the 3.10 Exim release, so it should no longer
6556 <A NAME="SEC286" HREF="FAQ.html#TOC286">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
6561 A9705: Under the "Expert" settings of mailtool is a option to turn on "Use
6562 network aware mail file locking". By default <B>dtmail</B> has this set, but
6563 mailtool doesn't. You should set it. The help info on <B>dtmail</B> has this
6568 "Mailer tries to prevent two different instances of itself from opening
6569 the same mail file at the same time through a technique that detects
6570 this access when both instances of Mailer and the file are all on the
6571 same machine. A network-aware mail file locking protocol is available
6572 that uses ToolTalk to coordinate instances of Mailer running from more
6573 than one machine, or mail files accessed over the network. Mailer can
6574 only change this option when first opening a mail file."
6578 If you are using the SunOS4 version of <B>mailtool</B>, this apparently
6579 doesn't work. The only thing which does seem to work it getting the user
6580 to hit the "done" button to make it release the lock.
6583 <A NAME="SEC287" HREF="FAQ.html#TOC287">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
6584 running DBM functions.
6588 A9706: The use of ndbm with gcc has caused problems on x86 Solaris systems.
6589 Try changing one or the other; using either db 1.85 with gcc, or Sun's
6590 WS compiler with ndbm, has fixed this in the past.
6593 <A NAME="SEC288" HREF="FAQ.html#TOC288">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
6597 A9707: Have you got <B>/usr/ucb</B> on your path? If so, it is probably picking up the
6598 wrong version of the <B>ps</B> command. The exiwhat script is built on
6599 Solaris to expect the normal Solaris version of <B>ps</B>.
6602 <A NAME="SEC289" HREF="FAQ.html#TOC289">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
6606 A9708: From qmail's FAQ: "There is a novice programming error in <B>dtcm</B>, known as
6607 ``failure to close the output side of the pipe in the <B>child.''</B> Sun has,
6608 at the time of this writing, not yet provided a patch."
6611 <A NAME="SEC290" HREF="FAQ.html#TOC290">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
6612 want to alter the <B>nsswitch.conf</B> file in Solaris 2.
6616 A9709: You need to rebuild Exim after fiddling with <B>OS/os.h-SunOS5:</B>
6620 #define gethostbyaddr res_gethostbyaddr
6621 #define gethostbyname res_gethostbyname
6622 #define endhostent res_endhostent
6623 #define endnetent res_endnetent
6624 #define gethostent res_gethostent
6625 #define getnetbyaddr res_getnetbyaddr
6626 #define getnetbyname res_getnetbyname
6627 #define getnetent res_getnetent
6628 #define sethostent res_sethostent
6629 #define setnetent res_setnetent</PRE>
6631 Exim uses gethostbyname and gethostbyaddr only, but may use others in
6632 the future. Note that <B>-lnsl</B> is still needed in the Makefile as it
6633 contains code used by the NIS lookup and also the <TT>inet_addr</TT> function
6637 <BR><H2><A NAME="SEC291" HREF="FAQ.html#TOC291">98. COOKBOOK
6640 <A NAME="SEC292" HREF="FAQ.html#TOC292">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
6644 A9801: (1) add <B>partial-lsearch;/etc/mail/tpc.domains</B> to <TT>local_domains</TT>;
6645 <B><B>/etc/mail/tpc.domains</B></B> is a text file with lines in this format:
6649 9.3.5.1.0.8.1.tpc.int.</PRE>
6651 This sample line indicates that we accept faxes destined for
6656 (2) Set up the following transport:
6662 command = "/usr/local/tpc/tpcmailer.pl ${local_part}@${domain} \
6664 pipe_as_creator</PRE>
6666 <B><B>/usr/local/tpc/tpcmailer.pl</B></B> is the mail processing script that can
6667 be obtained from the TPC distribution.
6671 (3) Set up the following director:
6678 domains = "partial-lsearch;/etc/mail/tpc.domains"</PRE>
6680 Of course, there are other things to do as well before your system is
6681 a functioning TPC server.
6684 <A NAME="SEC293" HREF="FAQ.html#TOC293">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
6685 from a restricted list of our local users?
6689 A9802: There are several possible ways that this can be done.
6693 (A) You can restrict the senders directly by putting a setting such as
6694 this one on all the drivers that route to the outside (usually this
6695 is just the final <B>lookuphost</B> router):
6699 senders = ":^[^@]+@(?!${rxquote:your.domain}\\$):\
6700 lsearch;/permitted/senders"</PRE>
6702 The first item in this list is empty, to match the empty sender.
6703 This is necessary because bounce messages have null senders. The
6704 second item is a regular expression that matches any address whose
6705 domain is <EM>not</EM> your domain. This caters for cases when mail from
6706 an external user has arrived for a local user who has forwarding
6707 set up to some outside address.
6711 If the first two items do not match (that is, the address is in your
6712 domain) the sender is looked up in a file of permitted senders; each
6713 item in the file must be a complete address, including the domain.
6714 If the sender is unacceptable, an "unrouteable mail domain" error
6715 will occur because the router won't run, and there are no more to
6720 (B) If your local users are in many domains, it may be easier to use a
6721 <TT>condition</TT> option to test the domain and local part independently,
6727 ${lookup{${domain:$sender_address}}lsearch{/domain/list}\
6729 ${lookup{${local_part:$sender_address}}lsearch\
6730 {/permitted/senders}{yes}{no}}\
6734 Obviously other means of testing the domain and local part could be
6735 substituted, for example, by having separate files of valid local
6736 parts for each local domain.
6740 (C) If your local users are logged in to your host, you could use a
6741 special group for those that are permitted to mail to the world.
6742 Assuming your groups are defined in <B>/etc/group</B> you could arrange to
6743 look up the group in that file and then check that the sender was in
6744 the group,using something along these lines:
6749 ${lookup{groupname}lsearch{/etc/group}\
6750 {${if match {$value}\
6751 {[:,]${rxquote:${local_part:$sender_address}}(,|\\\$)}\
6752 {yes}{no}}}{no}}"</PRE>
6754 This is checking the local part of the sender; a alternative might
6755 be to check <B><B>$sender_ident.</B></B> However, you should really also check
6756 that <B>$sender_host_address</B> is either unset or set to 127.0.0.1 or
6757 your IP address, so you check only locally-originated mail.
6761 A block like this does not prevent a logged in user from sending
6762 mail by telnetting to another host's SMTP port, or indeed from
6763 installing a private version of Exim to do the job for her.
6767 (D) On a gateway server that has no local users and so receives all the
6768 mail via SMTP from client hosts, you could use a rewriting rule to
6769 rewrite sender addresses in your local domain from a table of legal
6770 local parts, replacing any illegal addresses with an address such as
6771 <B><B>unknown@your.domain</B>.</B> If this is combined with <TT>sender_verify=true</TT>
6772 it causes messages from users that are not in the table to be
6773 refused, assuming that the gateway is capable of verifying the local
6774 part of <B><B>user@your.domain</B>.</B>
6777 <A NAME="SEC294" HREF="FAQ.html#TOC294">Q9803</A>: How do I configure Exim to run with SmartList?
6781 A9803: This is what was done for Exim's own mailing list, using SmartList/
6782 procmail 3.11pre7. It runs as its own user - trying to manage mailing
6783 lists under your own ID can be hard work. Smartlist is installed into
6784 <B>/var/spool/slist</B>, and there is an slist user defined. Each list appears
6785 as a directory under <B>/var/spool/slist</B> (as per usual for Smarlist).
6786 Exim is configured like this:
6790 # slist added to list of trusted users so it can
6791 # manipulate sender addresses</PRE>
6793 trusted_users = exim:slist</PRE>
6795 # in transports, a list transport is defined:</PRE>
6799 command = "/var/spool/slist/.bin/flist \
6800 ${local_part}${local_part_suffix}"
6801 current_directory = /var/spool/slist
6802 home_directory = /var/spool/slist
6806 # in directors a list director is defined:</PRE>
6812 local_parts = !.bin:!.etc
6813 require_files = /var/spool/slist/${local_part}/rc.init
6814 transport = list_transport</PRE>
6816 and thats it - no aliases, no special handling of out lists etc.
6817 What you do need is to ensure that choplist is used for distribution
6818 (that is, do not uncomment the <TT>alt_sendmail</TT> entry which is blank).
6822 A couple of other things are forced - for example since the list runs in
6823 its own domain the domain value is forced to <B>exim.org.</B>
6827 Then everything else is basic SmartList configuration - and that's
6828 moderately well documented. A confirmation stage on signup was added -
6829 now when you subscribe you are sent a confirmation which you must
6830 return before the system subscribes you (this prevents people
6831 subscribing their "friends" and makes sure that the addresses really do
6832 work). The confirm package is available at:
6836 <A HREF="ftp://ftp.fatfree.com/confirm-1.1.tar.gz">ftp://ftp.fatfree.com/confirm-1.1.tar.gz</A></PRE>
6838 and was written by Michelle Dick.
6841 <A NAME="SEC295" HREF="FAQ.html#TOC295">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
6848 <A NAME="SEC296" HREF="FAQ.html#TOC296">Q9805</A>: How do I configure Exim to handle local parts with extensions?
6855 <A NAME="SEC297" HREF="FAQ.html#TOC297">Q9806</A>: How do I configure Exim so that only a restricted list of users can
6856 receive mail from external domains?
6863 <A NAME="SEC298" HREF="FAQ.html#TOC298">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
6864 to mail to. How do I accomplish this?
6868 A9807: This is a transport:
6874 from = postmaster@mydomain.com
6875 to = $sender_address
6877 subject = "Re: Your mail to ${local_part}"
6878 text = "You are not allowed to mail to ${local_part}."</PRE>
6880 This is a director that should come before all the others:
6886 local_parts = someuser
6888 senders = !: !lsearch;/list/of/permitted/senders</PRE>
6890 Note that leading "!:" in senders. It allows the null sender <> to be
6891 valid (i.e. not to match this director). This is necessary, since bounce
6892 messages have null senders. All other permitted senders must be in the
6893 file as complete addresses, including a domain.
6896 <A NAME="SEC299" HREF="FAQ.html#TOC299">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
6897 a way to run the queue for that destination separately from the main
6902 A9808: No, because Exim does not have the concept of "the queue for that
6903 destination". It simply has a single pool of messages awaiting delivery
6904 (and some of them may have several destinations). The best approach to
6905 this is to arrange for all messages for the site to be saved somewhere
6906 other than the main spool, either on a separate dedicated MTA, or in
6907 BSMTP files. There is an example of the latter approach in C014.
6910 <A NAME="SEC300" HREF="FAQ.html#TOC300">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
6917 <A NAME="SEC301" HREF="FAQ.html#TOC301">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
6918 there a solution for this using an Exim filter?
6922 A9810: The following filter makes a copy of every message, except for delivery
6929 # Ignore error messages
6930 if error_message then finish endif</PRE>
6932 # Copy if this is the first delivery attempt
6933 if first_delivery then
6934 unseen deliver copy@your.domain errors_to postmaster@your.domain
6937 The keyword "unseen" stops this being a "significant delivery", so that
6938 the message goes on to be delivered as normal. The <TT>errors_to</TT> setting
6939 changes the envelope sender on the copy so that if there is a problem
6940 delivering it, the bounce message is sent to postmaster.
6944 You can add to the condition setting to select specific messages.
6945 To make a copy of outgoing messages only requires a definition
6946 of "outgoing". Because a message may have many recipients, simply
6947 testing for your own domain in both the From: and the To: headers is not
6948 enough. You can craft your own conditions, but here is one suggestion:
6952 if $h_from: contains your.domain and
6953 foranyaddress $h_to:,$h_cc:
6954 ($thisaddress does not contain your.domain)
6956 unseen deliver copy@your.domain errors_to postmaster@your.domain
6959 This takes copies of messages whose From: header contains <B>your.domain</B>
6960 and whose To: and Cc: headers contain at least one address that does not
6961 contain <B>your.domain.</B> See also
6962 <A HREF="FAQ.html#SEC308">Q9817</A>.
6965 <A NAME="SEC302" HREF="FAQ.html#TOC302">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
6966 user in a specific directory, using a "save" command in a system filter.
6967 How can I arrange for Exim to write to these files under the correct
6972 A9811: You need to set up a special transport and tell Exim to use it for
6973 file deliveries from the system filter. Add the following setting to
6978 message_filter_file_transport = copy_transport</PRE>
6980 Then define <TT>copy_transport</TT> like this
6988 user = ${local_part:$sender_address}</PRE>
6990 This assumes that you want to run the delivery under the uid associated
6991 with the local part of the sender address. Alternatively, you could just
6992 use <TT>user=exim</TT> and do all the writing under the same UID/GID.
6995 <A NAME="SEC303" HREF="FAQ.html#TOC303">Q9812</A>: How can I keep an archive of all mail for some specific local email
7000 A9812: You could use a system filter, along the lines of
7005 first_delivery and <tests for appropriate addresses>
7008 /mail/archive/${substr_0_10:$tod_log}
7011 That would create a new file for each day. However, in order to use
7012 this, you will need to set <TT>message_filter_file_transport</TT> to point to an
7013 appropriate transport which includes a setting of "user" to specify
7014 which uid to run the saving under, as is described in
7015 <A HREF="FAQ.html#SEC302">Q9811</A>.
7018 <A NAME="SEC304" HREF="FAQ.html#TOC304">Q9813</A>: How can I configure Exim to provide a vacation message when there are
7019 no local users on my mail hub?
7026 <A NAME="SEC305" HREF="FAQ.html#TOC305">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
7027 password and moving the home directory to another place. How can we
7028 arrange to reject mail for users in this state?
7032 A9814: Change the home directory pointer in the passwd file to something
7033 distinctive. For example, we use <B>/home/CANCELLED</B> for cancelled users.
7034 Then you can pick up such users with this director, which is placed
7035 immediately after <TT>system_aliases</TT>:
7041 transport = cancelleduser_pipe
7043 match_directory = /home/CANCELLED</PRE>
7045 This sends messages for cancelled users to the following special
7052 command = "/opt/exim/util/cancelleduser.sh"
7057 The script simply generates a message saying that the user is cancelled
7058 on its standard output. This gets returned to the original message
7059 sender in an error report.
7063 If you don't want to change the home directory in the passwd file,
7064 an alternative is to check for the non-existence of the home directory
7069 require_files = +!$home</PRE>
7071 instead of setting <TT>match_directory</TT>.
7074 <A NAME="SEC306" HREF="FAQ.html#TOC306">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
7075 strip all reply-to: headers present, substitute another one pointing to
7076 "otheraddress" and forward a message to "realaddress".
7080 A9815: Add this director:
7084 fakeaddress_director:
7086 domain = (if necessary to restrict the domain)
7087 local_parts = fakeaddress
7088 headers_remove = reply-to
7089 headers_add = reply-to: otheraddress
7090 new_address = realaddress</PRE>
7092 If there are several of these aliases then you could list them in a file
7093 along with the corresponding other addresses, and use lookups instead of
7094 the fixed values shown above.
7097 <A NAME="SEC307" HREF="FAQ.html#TOC307">Q9816</A>: How can I set up Exim to work with Listar?
7101 A9816: See <B><A HREF="http://www.cs.huji.ac.il/~vadik/listar-exim/.">http://www.cs.huji.ac.il/~vadik/listar-exim/.</A></B>
7104 <A NAME="SEC308" HREF="FAQ.html#TOC308">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
7105 users. For each user there may be a different monitoring address.
7109 A9817: You can adapt the filter solution given in
7110 <A HREF="FAQ.html#SEC301">Q9810</A> by adding a test for
7111 the relevant local parts. Create a file containing lines like this:
7115 user1@domain1: monitor1@monitor.domain1
7116 user2@domain2: monitor2@monitor.domain2</PRE>
7118 and then use the following command in a system filter:
7122 if ${lookup{$sender_address}lsearch{/some/file}{$value}{}} is not ""
7124 unseen deliver ${lookup{$sender_address}lsearch{/some/file}{$value}}
7125 errors_address = postmaster@your.domain
7127 if foranyaddress $recipients
7128 (${lookup{$thisaddress}lsearch{/some/file}{$value}{}} is not "")
7130 unseen deliver ${lookup{$thisaddress}lsearch{/some/file}{$value}}
7131 errors_address = postmaster@your.domain
7135 It is messy to have to repeat the lookups, but it won't be inefficient,
7136 because Exim caches the results of successful lookups.
7139 <A NAME="SEC309" HREF="FAQ.html#TOC309">Q9818</A>: How can I add a disclaimer to the end of every message?
7143 A9818: This isn't as easy as it appears. You cannot just add text to the bottom
7144 of messages because of the possibility of MIME attachments. In any case,
7145 it is not the job of an MTA to mess with the contents of messages. You
7146 can perhaps do things with Exim's transport filters if you really have
7147 to, but if the messages originate locally, it would be better to do
7148 what you want in the MUA (e.g. force all your local users to have it in
7152 <A NAME="SEC310" HREF="FAQ.html#TOC310">Q9819</A>: I would like to append a simple advertisement text to all outgoing
7158 <A HREF="FAQ.html#SEC309">Q9818</A>.
7161 <A NAME="SEC311" HREF="FAQ.html#TOC311">Q9820</A>: How can I configure Exim so that all mails adressed to
7162 <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
7166 A9820: There are several possibilities, depending on exactly how you are set
7167 up. Here is one approach: First, arrange that all the domains you are
7168 interested in are local domains, for example, by listing them in a file:
7172 local_domains = /list/of/domains</PRE>
7174 If there are lots of them, a DBM or cdb file should be used for a faster
7175 lookup. Assuming that "username" is set up as a user on your system, and
7176 you have a configuration that can handle <B><B>username@domain.net</B></B> in the
7177 normal way, all you have to do is to arrange to convert the recipient
7178 address by means of a <B>smartuser</B> director like this:
7184 domains = /list/of/domains
7185 new_address = ${if match{$domain}{^([^.]+)\\.domain\\.net\$}{$1}fail}@domain.net</PRE>
7187 This should be the first director.
7190 <A NAME="SEC312" HREF="FAQ.html#TOC312">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
7195 A9821: It only adds it if the From: header doesn't correspond to the user
7196 sending the message. You can't remove it in general (but this may be
7197 possible in a future release). However:
7201 (1) You can get it removed later, by putting
7205 headers_remove = Sender</PRE>
7207 on all your transports. This doesn't test for locally originated mail,
7208 but you could use a more complicated expansion string to make that test.
7213 headers_remove = ${if eq{$sender_host_address}{}{Sender}}</PRE>
7215 which removes it only if there is no sending host address.
7219 (2) If your <EM>real</EM> question "how do I submit mail from UUCP
7220 without it adding Sender:?" Then see
7221 <A HREF="FAQ.html#SEC154">Q0603</A>.
7224 <A NAME="SEC313" HREF="FAQ.html#TOC313">Q9822</A>: How can I get Exim to work with mailman?
7228 A9822: The Exim mailing list uses the configuration that is given in the "how
7229 to" information at <B><A HREF="http://www.exim.org/howto/mailman.html.">http://www.exim.org/howto/mailman.html.</A></B>
7232 <A NAME="SEC314" HREF="FAQ.html#TOC314">Q9823</A>: Is there any way to have messages sent to a specific local address
7233 delayed by - say - 24 hours?
7237 A9823: Using Exim 3.10 or later, the answer is "yes". Set up a <B>smartuser</B>
7244 domains = the.domain
7245 local_parts = thelocalpart
7246 condition = ${if < ${$message_age}{86400}{yes}{no}}
7247 new_address = :defer: message not old enough</PRE>
7249 Of course, this will also have the effect of setting a retry time for
7250 the address. You may want to set a special retry rule for it.
7253 <BR><H2><A NAME="SEC315" HREF="FAQ.html#TOC315">99. LIST OF SAMPLE CONFIGURATIONS
7257 Each sample configuration is held in a separate file in the <B>config.samples</B>
7258 directory. Those with names of the form Cnnn are Exim configurations; those
7259 with names of the form Fnnn are filter file fragments.
7263 <a href="config.samples/C001">C001:</a> "This config will support delivery across multiple systems using NIS to
7264 look up delivery addresses from the <B>mail.aliases</B> database."
7268 <a href="config.samples/C002">C002:</a> "Although exim not intended for use in UUCP environment (it doesn't
7269 know anything about bang!path addresses), I'm successfully using it for
7270 delivering mail to UUCP clients."
7274 <a href="config.samples/C003">C003:</a> "I've read down through
7275 <A HREF="FAQ.html#SEC152">Q0601</A> and your request for UUCP examples. Here's
7276 how I'm doing it." (This example uses routers.)
7280 <a href="config.samples/C004">C004:</a> "Here's a BSMTP over UUCP [configuration] - the transport is Taylor/GNU
7281 UUCP - which takes the long option types." (This example uses
7286 <a href="config.samples/C005">C005:</a> "I am using a virus scanner program that is invoked by a pipe, scans the
7287 mail and re-invokes Exim to do the delivery. The pipe is invoking a perl
7288 script that tries to unpack and MIME, zip and other archives and then
7289 applies the McAfee scanner on the results."
7293 <a href="config.samples/C006">C006:</a> "This is how I have configured a PP-inspired vacationnote, there is
7294 (was?) such a feature in PP. The user makes a file "tripnote" in his/her
7295 home directory, the message is passed to the sender once with a short
7300 <a href="config.samples/C007">C007:</a> "If I host a domain <B>foo.dom</B> on my machine as a virtual domain I expect
7301 it to be completely virtual and separate from other mail domains that
7302 end up on my machine."
7306 <a href="config.samples/C008">C008:</a> "And of course it is possible to do a very interesting solution to
7307 this [virtual domains] using LDAP."
7311 <a href="config.samples/C009">C009:</a> "These are suggested parts of a configuration for looking up users in
7312 <B><B>/etc/passwd.domain</B></B> rather than in <B>/etc/passwd</B> ..."
7316 <a href="config.samples/C010">C010:</a> "One of our customers is looking for us to support addresses of the form
7317 <B><B>username+extension@domain.com</B>,</B> primarily for use with procmail."
7321 <a href="config.samples/C011">C011:</a> "Thanks to Philip and others I now have my ISP style config built and
7322 therefore am posting the final configuration fragments to the list in
7323 case anyone else wants to do a similar thing."
7327 <a href="config.samples/C012">C012:</a> "I've written a small chapter how-to configure Exim for use with UUCP
7328 (mostly condensed from the exim-user mailing list plus some
7329 experimenting) and would be glad if it could be included in the Exim
7334 <a href="config.samples/C013">C013:</a> "I've take some tips from the FAQ about permitting only certain users
7335 to send to external mail and came up with my own for the receiving
7340 <a href="config.samples/C014">C014:</a> "If I have a situation where a site I MX for has a known outage I stash
7341 all their mail into a directory in BSMTP format."
7345 <a href="config.samples/C015">C015:</a> "This approach to virtual domains has helped me a great deal, and is so
7346 easy to maintain (add and modify as appropriate)."
7350 <a href="config.samples/C016">C016:</a> "Herewith my configuration." (A complete configuration, including simple
7351 virtual domains, along the lines of C015).
7355 <a href="config.samples/C017">C017:</a> "I have gotten the new VERP feature of Exim 2.054 working in test, along
7356 with some supporting programs to handle bounces that do come back."
7360 <a href="config.samples/C018">C018:</a> "This Majordomo configuration removes a lot of the aliases, and
7361 automates a lot of the other functions based on whether the files or
7366 <a href="config.samples/C019">C019:</a> "The following configuration file entries can be used to provide a
7367 'vacation'-style function for a mailhub which has no local users."
7371 <a href="config.samples/C020">C020:</a> "I was asked for a copy of the programs we were using to mail
7376 <a href="config.samples/C021">C021:</a> "Here is some sample code that might be useful for handling
7377 X-Failed-Recipients headers generated by Exim, with mailing lists."
7381 <a href="config.samples/C022">C022:</a> "This is the Exim configuration file of a machine which delivers mail to
7382 several local domains where the mail is delivered locally, several hairy
7383 domains, handled as described below, and a half-virtual domain, which is
7384 first processed by its special alias file, then processed as other local
7385 domains (including the processing by the global alias file)."
7389 <a href="config.samples/C023">C023:</a> A Perl script and instructions for hooking it into Exim in order to
7390 handle disposition-notification-to and return-receipt-to by using a
7391 shadow transport to send copies of delivered messages to the script.
7395 <a href="config.samples/C024">C024:</a> "In case anybody wants to use a MySql database to store aliases this is
7396 how I managed to get my site working."
7400 <a href="config.samples/C025">C025:</a> "As promised here is the way I got Exim to delver to Cyrus mailboxes if
7401 the user exists in the MySql database."
7405 <a href="config.samples/C026">C026:</a> "The following configuration and program will allow messages going to
7406 AOL only, to be filtered thru a Perl script. This Perl script will
7407 convert any URL's to the HTML syntax. In addition, the transport will
7408 use VERP to send a unique envelope sender with each message."
7412 <a href="config.samples/C027">C027:</a> "This is an FYI to demonstrate how to have exim work with SSL using the
7413 stunnel wrapper and its underlying OpenSSL libraries and toolkit."
7417 <a href="config.samples/C028">C028:</a> "This Python script reads from stdin and writes to stdout. It strips all
7418 the MIME attachments from a mail message that are one of the mime types
7419 listed on the command line. Exim can use it in its configuration file,
7420 for example, as follows:"
7424 <a href="config.samples/C029">C029:</a> "The standard way to connect one's MTA to a list manager seems to be to
7425 add a set of aliases for <EM>every</EM> list one creates. Once upon a time, I
7426 crufted a set of configs from Smail to work with majordomo, to
7427 automaticaly recognize the standard patterns, for all lists in
7428 existence...I have setup a set of transports and directors for Exim,
7429 which will do the same thing for mailman."
7433 <a href="config.samples/C030">C030:</a> "I am currently configuring an exim for a site that will to mail
7434 hosting for several domains. I want the domain holders to have control
7435 over 'their' alias files, being able to create their own aliases.
7436 However, I don't want them to have postmaster, abuse and other role
7437 accounts under their control."
7441 <a href="config.samples/C031">C031:</a> "These are config file snippets for handling certain remote addresses as
7442 local, and making only real external addresses visible to users."
7446 <a href="config.samples/C032">C032:</a> "This is the Exim Nervous Mailbox Quota Suite. It does not impose
7447 hard quotas on users' mailboxes, but it makes a user nervous by
7448 putting all his mail in a secondary mailbox, inaccessible to the
7449 user, when he is over his quota. When the user clears his
7450 mailbox (i.<B>e.,</B> deletes mail to make his mailbox below the quota
7451 again), mail from his secondary mailbox is transferred back to
7452 his primary mailbox, in FIFO order."
7456 <a href="config.samples/C033">C033:</a> "Here's our current automatic vacation recipe".
7460 <a href="config.samples/C034">C034:</a> "This is a HOW-TO for setting up Exim to support SMTP authentication
7461 under different environments, including regular password files, PAM
7466 <a href="config.samples/F001">F001:</a> "I thought that the rest of the list may be interested in reviewing our
7467 filter as a starting point for their own system message filter."
7471 <a href="config.samples/F002">F002:</a> "... program which refused mail from unknown addresses until they mailed
7472 me promising not to spam me ... since I'd already thought through how
7473 to do it in Exim, and knew it'd be slightly easier than falling out of
7474 bed, I went ahead and did it."
7478 <a href="config.samples/F003">F003:</a> "Here's four checks installed in our system wide filter that knock out
7479 a lot of otherwise hard to detect rubbish."
7483 <a href="config.samples/F004">F004:</a> "This is an Exim filter snippet to change locally-generated Message-Id:
7484 and Resent-Message-Id: headers to world-unique values."
git://git.exim.org / exim-website.git / blob