3 <TITLE>Exim FAQ</TITLE>
5 <body bgcolor="#FFFFFF" text="#00005A">
8 This is the FAQ for the Exim Mail Transfer Agent. Thanks to the many
9 people who provided the original information. This file would be amazingly
10 cluttered if I tried to list them all. Suggestions for corrections,
11 improvements, and additions are welcome.
15 This version of the FAQ applies to Exim 3.10 and later releases. The syntax of
16 some of the options was altered and tidied up at release 3.00. Some of the
17 examples quoted here will not work with earlier releases.
21 References of the form Cnnn and Fnnn are to the sample configuration and filter
22 files that can be found in the separately distributed directory called
23 <B>config.samples.</B> The primary location is
27 <A HREF="ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/config.samples.tar.gz">ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/config.samples.tar.gz</A></PRE>
29 There are brief descriptions of these files at the end of this document.
32 The FAQ is divided into the following sections:
33 <A HREF="FAQ.html#TOC1">Debugging</A>,
34 <A HREF="FAQ.html#TOC37">Building exim</A>,
35 <A HREF="FAQ.html#TOC48">Mailbox locking</A>,
36 <A HREF="FAQ.html#TOC51">Routing</A>,
37 <A HREF="FAQ.html#TOC77">Directing</A>,
38 <A HREF="FAQ.html#TOC115">Delivery</A>,
39 <A HREF="FAQ.html#TOC151">UUCP</A>,
40 <A HREF="FAQ.html#TOC155">Performance</A>,
41 <A HREF="FAQ.html#TOC159">Policy controls</A>,
42 <A HREF="FAQ.html#TOC193">Majordomo</A>,
43 <A HREF="FAQ.html#TOC198">Rewriting addresses</A>,
44 <A HREF="FAQ.html#TOC206">Headers</A>,
45 <A HREF="FAQ.html#TOC211">Fetchmail</A>,
46 <A HREF="FAQ.html#TOC215">Perl</A>,
47 <A HREF="FAQ.html#TOC218">Dial-up</A>,
48 <A HREF="FAQ.html#TOC223">Modifying message bodies</A>,
49 <A HREF="FAQ.html#TOC226">Millennium</A>,
50 <A HREF="FAQ.html#TOC228">Miscellaneous</A>,
51 <A HREF="FAQ.html#TOC270">HP-UX</A>,
52 <A HREF="FAQ.html#TOC272">BSDI</A>,
53 <A HREF="FAQ.html#TOC274">IRIX</A>,
54 <A HREF="FAQ.html#TOC277">Linux</A>,
55 <A HREF="FAQ.html#TOC284">Sun systems</A>,
56 <A HREF="FAQ.html#TOC294">Cookbook</A>, and
57 <A HREF="FAQ.html#TOC318">List of sample configurations</A>.
59 Philip Hazel <B><B><ph10@cus.cam.ac.uk</B>></B><BR>
60 Last update: 13-June-2000 (addition of section 15)<BR>
61 Last general update: 15-December-1999<BR>
65 <A NAME="TOC1" HREF="FAQ.html#SEC1">0. DEBUGGING</A>
67 <LI><A NAME="TOC2" HREF="FAQ.html#SEC2">Q0001</A>: Exim is crashing. What is wrong?
68 <LI><A NAME="TOC3" HREF="FAQ.html#SEC3">Q0002</A>: Exim is not working. What is wrong?
69 <LI><A NAME="TOC4" HREF="FAQ.html#SEC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
70 69 from command <I>xxx</I>" mean?
71 <LI><A NAME="TOC5" HREF="FAQ.html#SEC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
72 <LI><A NAME="TOC6" HREF="FAQ.html#SEC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
73 receiving an SMTP message with a large number of recipients?
74 <LI><A NAME="TOC7" HREF="FAQ.html#SEC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
76 <LI><A NAME="TOC8" HREF="FAQ.html#SEC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
78 <LI><A NAME="TOC9" HREF="FAQ.html#SEC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
79 working. The expansion I'm using is:
80 <LI><A NAME="TOC10" HREF="FAQ.html#SEC10">Q0009</A>: Is there a way to print recognized local domains?
81 <LI><A NAME="TOC11" HREF="FAQ.html#SEC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
82 message from my User Agent, it does not arrive at its destination.
83 <LI><A NAME="TOC12" HREF="FAQ.html#SEC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
84 delivery: too many connections (19, max 0)". What am I missing?
85 <LI><A NAME="TOC13" HREF="FAQ.html#SEC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
87 <LI><A NAME="TOC14" HREF="FAQ.html#SEC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
88 messages. Is this a bug?
89 <LI><A NAME="TOC15" HREF="FAQ.html#SEC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
90 (or cdb) files, but Exim doesn't seem to be able to use them.
91 <LI><A NAME="TOC16" HREF="FAQ.html#SEC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
92 able to access the DNS.
93 <LI><A NAME="TOC17" HREF="FAQ.html#SEC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
94 end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
95 attempts fail with "458 Already processing".
96 <LI><A NAME="TOC18" HREF="FAQ.html#SEC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
97 transport driver "<B>aliasfile</B>" in line 92" mean?
98 <LI><A NAME="TOC19" HREF="FAQ.html#SEC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
99 from one particular host, and yet the client host also claims to be
100 timing out. This seems to affect only certain messages.
101 <LI><A NAME="TOC20" HREF="FAQ.html#SEC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
102 failed: address already in use" mean?
103 <LI><A NAME="TOC21" HREF="FAQ.html#SEC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
104 headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
105 look all right to me. Is this a bug?
106 <LI><A NAME="TOC22" HREF="FAQ.html#SEC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
107 server, it fails, giving the error "Remote end closed connection after
108 data" or "Broken pipe" or a timeout. What's going on?
109 <LI><A NAME="TOC23" HREF="FAQ.html#SEC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
110 something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
111 I see the appropriate "waiting for passed connections to get used"
113 <LI><A NAME="TOC24" HREF="FAQ.html#SEC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
114 assumed not to exist" mean?
115 <LI><A NAME="TOC25" HREF="FAQ.html#SEC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
116 recognize references to headers such as <B><B>${h_to}.</B></B>
117 <LI><A NAME="TOC26" HREF="FAQ.html#SEC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
118 host, and yet the remote host also claims to be timing out. This seems
119 to affect only certain messages.
120 <LI><A NAME="TOC27" HREF="FAQ.html#SEC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
121 request, the forked copy seems to go around in circles for a
122 significant (up to 5 minutes, so far) amount of time before deciding to
124 <LI><A NAME="TOC28" HREF="FAQ.html#SEC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
125 This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
126 problem started to occur at about 300 incoming connections.
127 <LI><A NAME="TOC29" HREF="FAQ.html#SEC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
128 by director" in a log line mean?
129 <LI><A NAME="TOC30" HREF="FAQ.html#SEC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
130 address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
131 configuration contains this:
132 <LI><A NAME="TOC31" HREF="FAQ.html#SEC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
133 <LI><A NAME="TOC32" HREF="FAQ.html#SEC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
134 with the banner, when connections to other ports respond instantly?
135 <LI><A NAME="TOC33" HREF="FAQ.html#SEC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
136 expansion in it. This fails:
137 <LI><A NAME="TOC34" HREF="FAQ.html#SEC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
138 gives error code 69, with the comment "(could mean service or program
140 <LI><A NAME="TOC35" HREF="FAQ.html#SEC35">Q0034</A>: I'm having a problem with an Exim RPM.
141 <LI><A NAME="TOC36" HREF="FAQ.html#SEC36">Q0035</A>: What does the error "Spool file is locked" mean?
144 <A NAME="TOC37" HREF="FAQ.html#SEC37">1. BUILDING EXIM</A>
146 <LI><A NAME="TOC38" HREF="FAQ.html#SEC38">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
148 <LI><A NAME="TOC39" HREF="FAQ.html#SEC39">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
149 <LI><A NAME="TOC40" HREF="FAQ.html#SEC40">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
150 <LI><A NAME="TOC41" HREF="FAQ.html#SEC41">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
151 build Exim. (On some systems this error is "undefined reference to
153 <LI><A NAME="TOC42" HREF="FAQ.html#SEC42">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
154 spool is empty, or take any other special action?
155 <LI><A NAME="TOC43" HREF="FAQ.html#SEC43">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
156 <LI><A NAME="TOC44" HREF="FAQ.html#SEC44">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
157 and so is failing to build.
158 <LI><A NAME="TOC45" HREF="FAQ.html#SEC45">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
159 <B>globals.c</B> module.
160 <LI><A NAME="TOC46" HREF="FAQ.html#SEC46">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
162 <LI><A NAME="TOC47" HREF="FAQ.html#SEC47">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
166 <A NAME="TOC48" HREF="FAQ.html#SEC48">2. MAILBOX LOCKING</A>
168 <LI><A NAME="TOC49" HREF="FAQ.html#SEC49">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
169 post" when Exim tries to do a local delivery?
170 <LI><A NAME="TOC50" HREF="FAQ.html#SEC50">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
174 <A NAME="TOC51" HREF="FAQ.html#SEC51">3. ROUTING</A>
176 <LI><A NAME="TOC52" HREF="FAQ.html#SEC52">Q0301</A>: What does "lowest numbered MX record points to local host" mean?
177 <LI><A NAME="TOC53" HREF="FAQ.html#SEC53">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
178 <LI><A NAME="TOC54" HREF="FAQ.html#SEC54">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
179 if it cannot be immediately delivered by my host? I don't want to have
180 queued mail waiting on my host.
181 <LI><A NAME="TOC55" HREF="FAQ.html#SEC55">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
183 <LI><A NAME="TOC56" HREF="FAQ.html#SEC56">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
184 pop3 mail account? The customer doesn't want to add a list of specific
185 local parts to the system.
186 <LI><A NAME="TOC57" HREF="FAQ.html#SEC57">Q0306</A>: The <TT>route_list</TT> setting
187 <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
188 router does not work.
189 <LI><A NAME="TOC58" HREF="FAQ.html#SEC58">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
190 <TT>require_files</TT> option.
191 <LI><A NAME="TOC59" HREF="FAQ.html#SEC59">Q0308</A>: I have a domain for which some local parts must be delivered locally,
192 but the remainder are to be treated like any other remote addresses.
193 <LI><A NAME="TOC60" HREF="FAQ.html#SEC60">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
194 want it just to look up the hosts' A records. I tried using a negative
195 entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
196 <LI><A NAME="TOC61" HREF="FAQ.html#SEC61">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
197 addressed to a domain whose MX points to the firewall, it is forwarded
198 to the internal mail server, without having to have a list of all the
200 <LI><A NAME="TOC62" HREF="FAQ.html#SEC62">Q0311</A>: How can I arrange that messages larger than some limit are handled by
202 <LI><A NAME="TOC63" HREF="FAQ.html#SEC63">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
204 <LI><A NAME="TOC64" HREF="FAQ.html#SEC64">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
205 send the messsage to the host defined by the A record?
206 <LI><A NAME="TOC65" HREF="FAQ.html#SEC65">Q0314</A>: Can you specify a list of domains to explicitly reject?
207 <LI><A NAME="TOC66" HREF="FAQ.html#SEC66">Q0315</A>: Is it possible to use a conditional expression for the host item in a
208 <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
210 <LI><A NAME="TOC67" HREF="FAQ.html#SEC67">Q0316</A>: I send all external mail to a smart host, but this means that bad
211 addresses also get passed to the smart host. Can I avoid this?
212 <LI><A NAME="TOC68" HREF="FAQ.html#SEC68">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
213 mail only goes out when I do a queue run. However, any email I send with
214 an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
215 'retry time exceeded', and all addresses are affected.
216 <LI><A NAME="TOC69" HREF="FAQ.html#SEC69">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
218 <LI><A NAME="TOC70" HREF="FAQ.html#SEC70">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
219 domains, and then pass them on to the next router?
220 <LI><A NAME="TOC71" HREF="FAQ.html#SEC71">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
221 like to know how to restrict mail which comes from that account to users
223 <LI><A NAME="TOC72" HREF="FAQ.html#SEC72">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
224 valid sites are rejected with "unknown mail domain". This only happens a
225 few times a day and there is no particular pattern to the sites it
226 rejects. If I try to lookup the same domain a few minutes later then it
228 <LI><A NAME="TOC73" HREF="FAQ.html#SEC73">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
229 <LI><A NAME="TOC74" HREF="FAQ.html#SEC74">Q0323</A>: I would like to forward all incoming email for a particular domain to
230 another machine via SMTP. Whereabouts would I configure that?
231 <LI><A NAME="TOC75" HREF="FAQ.html#SEC75">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
232 when MX records point to IP addresses?
233 <LI><A NAME="TOC76" HREF="FAQ.html#SEC76">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
234 to the relevant hosts, but all other mail to be sent to my ISP's mail
235 server? The local hosts are all DNS-registered and behave like normal
239 <A NAME="TOC77" HREF="FAQ.html#SEC77">4. DIRECTING</A>
241 <LI><A NAME="TOC78" HREF="FAQ.html#SEC78">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
242 aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
243 example, <B><B>postmaster@virt.dom.ain.</B></B>
244 <LI><A NAME="TOC79" HREF="FAQ.html#SEC79">Q0402</A>: How do I configure Exim to send all messages to a central server?
245 <LI><A NAME="TOC80" HREF="FAQ.html#SEC80">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
247 <LI><A NAME="TOC81" HREF="FAQ.html#SEC81">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
248 be handled specially?
249 <LI><A NAME="TOC82" HREF="FAQ.html#SEC82">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
250 qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
252 <LI><A NAME="TOC83" HREF="FAQ.html#SEC83">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
253 appends to the user's INBOX. How can I forbid this?
254 <LI><A NAME="TOC84" HREF="FAQ.html#SEC84">Q0407</A>: How can I arrange for a default value when using a query-style lookup
255 such as LDAP or NIS+ to handle aliases?
256 <LI><A NAME="TOC85" HREF="FAQ.html#SEC85">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
257 then mail to aliases which also match the local domain get delivered to
259 <LI><A NAME="TOC86" HREF="FAQ.html#SEC86">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
260 without root privilege, so Exim cannot access <B>~user/.forward.</B>
261 <LI><A NAME="TOC87" HREF="FAQ.html#SEC87">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
262 existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
263 <LI><A NAME="TOC88" HREF="FAQ.html#SEC88">Q0411</A>: How can I deliver mail into different directories for each virtual
264 domain, doing user lookups not against <B>/etc/passwd</B> but against
265 <B><B>/etc/passwd.domain</B>?</B>
266 <LI><A NAME="TOC89" HREF="FAQ.html#SEC89">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
267 to a single address for each domain.
268 <LI><A NAME="TOC90" HREF="FAQ.html#SEC90">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
269 <LI><A NAME="TOC91" HREF="FAQ.html#SEC91">Q0414</A>: What does the error message "error in forward file (filtering not
270 enabled): missing or malformed local part ..." mean?
271 <LI><A NAME="TOC92" HREF="FAQ.html#SEC92">Q0415</A>: Exim isn't recognizing certain forms of local address.
272 <LI><A NAME="TOC93" HREF="FAQ.html#SEC93">Q0416</A>: I have a domain for which some local parts must be delivered locally,
273 but the remainder are to be treated like any other remote addresses.
274 <LI><A NAME="TOC94" HREF="FAQ.html#SEC94">Q0417</A>: What I really need is the ability to obtain the result of a pipe
275 command so that I can filter externally and redirect internally. Is
277 <LI><A NAME="TOC95" HREF="FAQ.html#SEC95">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
278 checking the <TT>local_parts</TT> option. Why is this?
279 <LI><A NAME="TOC96" HREF="FAQ.html#SEC96">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
280 than 8 characters as long as the first 8 characters match one of the
282 <LI><A NAME="TOC97" HREF="FAQ.html#SEC97">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
283 (userforward director)"? I've looked through the documentation but can't
284 see anything to suggest that exim has to do anything other than read the
285 <B>.forward</B> file.
286 <LI><A NAME="TOC98" HREF="FAQ.html#SEC98">Q0421</A>: How can I arrange that messages larger than some limit are handled by
288 <LI><A NAME="TOC99" HREF="FAQ.html#SEC99">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
289 delivery of all messages to that user, which sometimes include the
290 user's own test messages. Can it be told to ignore the <B>.forward</B> file
291 and/or inform the user of the error?
292 <LI><A NAME="TOC100" HREF="FAQ.html#SEC100">Q0423</A>: I have some users on my system with upper case letters in their login
293 names, but these are not recognized.
294 <LI><A NAME="TOC101" HREF="FAQ.html#SEC101">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
295 in their login names, but incoming mail now has to use the correct case.
296 Can I relax this somehow?
297 <LI><A NAME="TOC102" HREF="FAQ.html#SEC102">Q0425</A>: I want to look up local users in an SQL database instead of looking in
299 <LI><A NAME="TOC103" HREF="FAQ.html#SEC103">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
300 of virtual domains and explicit aliases?
301 <LI><A NAME="TOC104" HREF="FAQ.html#SEC104">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
302 and effectively drop in exim in place of Sendmail ?
303 <LI><A NAME="TOC105" HREF="FAQ.html#SEC105">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
305 <LI><A NAME="TOC106" HREF="FAQ.html#SEC106">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
306 existing user would bounce back with a different message, based
307 on the name of non-existing user?
308 <LI><A NAME="TOC107" HREF="FAQ.html#SEC107">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
309 wondering if it worth leaving the actually list expansion to the
310 <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
311 transport? Is there any real difference in terms of facilities and/or
312 performance, and are the expansions basically the same code anyway?
313 <LI><A NAME="TOC108" HREF="FAQ.html#SEC108">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
314 automatically, so that people could just create a .<B>vacation.msg</B> file in
315 their home directory and not have to edit their <B>.forward</B> file?
316 <LI><A NAME="TOC109" HREF="FAQ.html#SEC109">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
317 local parts that the aliases generate. For example, if the alias file
319 <LI><A NAME="TOC110" HREF="FAQ.html#SEC110">Q0433</A>: I have some obsolete domains which people have been warned not to use
320 any more. How can I arrange to delete any mail that is sent to them?
321 <LI><A NAME="TOC111" HREF="FAQ.html#SEC111">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
322 gets delivered to <B><B>something@mydomain.com</B>?</B>
323 <LI><A NAME="TOC112" HREF="FAQ.html#SEC112">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
325 <LI><A NAME="TOC113" HREF="FAQ.html#SEC113">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
326 to share the same alias file? I have a number of such groups.
327 <LI><A NAME="TOC114" HREF="FAQ.html#SEC114">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
328 giving "Permission denied", but that file is world-readable!
331 <A NAME="TOC115" HREF="FAQ.html#SEC115">5. DELIVERY</A>
333 <LI><A NAME="TOC116" HREF="FAQ.html#SEC116">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
334 a uid for local delivery of..." mean?
335 <LI><A NAME="TOC117" HREF="FAQ.html#SEC117">Q0502</A>: Exim won't deliver to a host with no MX record.
336 <LI><A NAME="TOC118" HREF="FAQ.html#SEC118">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
337 system for a domain on a dial-up host?
338 <LI><A NAME="TOC119" HREF="FAQ.html#SEC119">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
339 also to generate a message to the envelope sender.
340 <LI><A NAME="TOC120" HREF="FAQ.html#SEC120">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
341 delivery. This seems to happen when it is about to contact a remote
342 host or when a delivery is deferred.
343 <LI><A NAME="TOC121" HREF="FAQ.html#SEC121">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
344 error for the <B>.forward</B> file, like this:
345 <LI><A NAME="TOC122" HREF="FAQ.html#SEC122">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
347 <LI><A NAME="TOC123" HREF="FAQ.html#SEC123">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
348 undeliverable, spammer senders) from clogging up the queue for days?
349 <LI><A NAME="TOC124" HREF="FAQ.html#SEC124">Q0509</A>: How can mails that are being routed through directors other than
350 localuser be delivered under the uid of the recipient?
351 <LI><A NAME="TOC125" HREF="FAQ.html#SEC125">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
352 ctrl-A characters that separate indvidual emails?
353 <LI><A NAME="TOC126" HREF="FAQ.html#SEC126">Q0511</A>: I have an ISDN connection and would like a way of running the queue
354 automatically when it is up.
355 <LI><A NAME="TOC127" HREF="FAQ.html#SEC127">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
356 that the mail bounces to the sender and is NOT stored in the mail queue?
357 <LI><A NAME="TOC128" HREF="FAQ.html#SEC128">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
358 <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
359 message bodies started to vanish.
360 <LI><A NAME="TOC129" HREF="FAQ.html#SEC129">Q0514</A>: What does the message "Unable to get root to set uid and gid
361 for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
362 <LI><A NAME="TOC130" HREF="FAQ.html#SEC130">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
363 is gone. Any idea how to get it back?
364 <LI><A NAME="TOC131" HREF="FAQ.html#SEC131">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
365 without logging any deliveries. What's going on?
366 <LI><A NAME="TOC132" HREF="FAQ.html#SEC132">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
367 sending options, then I get an error message from Exim... something
368 like "not supported". Can I activate delivery confirmations?
369 <LI><A NAME="TOC133" HREF="FAQ.html#SEC133">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
370 get delivered immediately; the remainder just sit on the queue until a
371 queue runner process finds them.
372 <LI><A NAME="TOC134" HREF="FAQ.html#SEC134">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
373 that they have no sender. The SMTP trace does indeed show that the
374 sender address is "<>". Why is the Sender on the bounce message empty?
375 <LI><A NAME="TOC135" HREF="FAQ.html#SEC135">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
376 mean? Why won't Exim try to deliver the message?
377 <LI><A NAME="TOC136" HREF="FAQ.html#SEC136">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
378 mail queued for that host, no matter what domain it's for, to be
379 dequeued. Why doesn't Exim support this?
380 <LI><A NAME="TOC137" HREF="FAQ.html#SEC137">Q0522</A>: If email has been deferred to a member on a local mailing list
381 (implemented through forward files), and one of our ETRN clients is on
382 this mailing list, the <B>-R</B> won't "flush" the mailing list message for
384 <LI><A NAME="TOC138" HREF="FAQ.html#SEC138">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
385 although there is a difference in capitalization of the local part of
387 <LI><A NAME="TOC139" HREF="FAQ.html#SEC139">Q0524</A>: How can I force the next retry time for a host to be now?
388 <LI><A NAME="TOC140" HREF="FAQ.html#SEC140">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
389 alias but it doesn't work.
390 <LI><A NAME="TOC141" HREF="FAQ.html#SEC141">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
392 <LI><A NAME="TOC142" HREF="FAQ.html#SEC142">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
393 <B>"sem@chat.ru</B> cannot be resolved at this time" Exim isn't using them.
394 <LI><A NAME="TOC143" HREF="FAQ.html#SEC143">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
395 These are forced down Exim's throat in one go. Exim spawns a lot of
396 kids, but is there some limit to the number of processes it creates?
397 <LI><A NAME="TOC144" HREF="FAQ.html#SEC144">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
398 exceeded' and removed <EM>all</EM> messages in the queue to this host - even
399 recent messages. How I can avoid this behaviour? I only want to remove
400 messages that have exceeded the maximum retry time.
401 <LI><A NAME="TOC145" HREF="FAQ.html#SEC145">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
402 <LI><A NAME="TOC146" HREF="FAQ.html#SEC146">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
403 the retry rules specify longer times after a while, because it is
404 writing a log entry every time, like this:
405 <LI><A NAME="TOC147" HREF="FAQ.html#SEC147">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
406 the system that it is sending all mail to is down.
407 <LI><A NAME="TOC148" HREF="FAQ.html#SEC148">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
408 No locks available", though the lock daemon is running on the NFS server
409 and other hosts are able to access it.
410 <LI><A NAME="TOC149" HREF="FAQ.html#SEC149">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
411 the error "retry time not reached for any host after a long failure
413 <LI><A NAME="TOC150" HREF="FAQ.html#SEC150">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
414 but there was a bounce to the sender, sending him the output of procmail.
415 How can I prevent this?
418 <A NAME="TOC151" HREF="FAQ.html#SEC151">6. UUCP</A>
420 <LI><A NAME="TOC152" HREF="FAQ.html#SEC152">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
421 get it to pass the messages on to UUCP?
422 <LI><A NAME="TOC153" HREF="FAQ.html#SEC153">Q0602</A>: How can I get Exim to handle "bang path" addresses?
423 <LI><A NAME="TOC154" HREF="FAQ.html#SEC154">Q0603</A>: We see something strange on our system in regards to mail comming in via
424 rmail from a UUCP link. The sender is being set to mailmaster instead of
425 the real sender, and a Sender: header is being added to the message.
428 <A NAME="TOC155" HREF="FAQ.html#SEC155">7. PERFORMANCE</A>
430 <LI><A NAME="TOC156" HREF="FAQ.html#SEC156">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
432 <LI><A NAME="TOC157" HREF="FAQ.html#SEC157">Q0702</A>: How well does Exim scale?
433 <LI><A NAME="TOC158" HREF="FAQ.html#SEC158">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
434 delivery to speed things up?
437 <A NAME="TOC159" HREF="FAQ.html#SEC159">8. POLICY CONTROLS</A>
439 <LI><A NAME="TOC160" HREF="FAQ.html#SEC160">Q0801</A>: How do I block unwanted messages from outside my host?
440 <LI><A NAME="TOC161" HREF="FAQ.html#SEC161">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
441 before deciding whether to deliver it or not?
442 <LI><A NAME="TOC162" HREF="FAQ.html#SEC162">Q0803</A>: How can I test that my spam blocks are working?
443 <LI><A NAME="TOC163" HREF="FAQ.html#SEC163">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
445 <LI><A NAME="TOC164" HREF="FAQ.html#SEC164">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
446 <LI><A NAME="TOC165" HREF="FAQ.html#SEC165">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
447 <LI><A NAME="TOC166" HREF="FAQ.html#SEC166">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
448 the remote machine is quite persistent, and keeps trying over and over.
449 <LI><A NAME="TOC167" HREF="FAQ.html#SEC167">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
450 is <>" in the reject log. Isn't <> a valid return path for error
452 <LI><A NAME="TOC168" HREF="FAQ.html#SEC168">Q0809</A>: Let's say that we want to run a mail server that does not care if you
453 have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
454 config file, Exim will always reject connections from such hosts. How
456 <LI><A NAME="TOC169" HREF="FAQ.html#SEC169">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
457 <LI><A NAME="TOC170" HREF="FAQ.html#SEC170">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
458 reject mail by matching regular expressions?
459 <LI><A NAME="TOC171" HREF="FAQ.html#SEC171">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
460 some uppercase letters in them seem to come through.
461 <LI><A NAME="TOC172" HREF="FAQ.html#SEC172">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
462 There doesn't seem to be an option for verification exceptions, so how
464 <LI><A NAME="TOC173" HREF="FAQ.html#SEC173">Q0814</A>: We are being plagued by forged mail coming from a number of different
465 hosts and sender addresses. The guy however leaves a fingerprint. The
466 first received line always contains 'Received: from baby'. What is the
467 best suggested way for eliminiating him from our systems?
468 <LI><A NAME="TOC174" HREF="FAQ.html#SEC174">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
470 <LI><A NAME="TOC175" HREF="FAQ.html#SEC175">Q0816</A>: How can I run customized verification checks on incoming addresses?
471 <LI><A NAME="TOC176" HREF="FAQ.html#SEC176">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
472 sender of "<>" ?
473 <LI><A NAME="TOC177" HREF="FAQ.html#SEC177">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
474 but with a user-defined message. I believe I have to use a director for
476 <LI><A NAME="TOC178" HREF="FAQ.html#SEC178">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
477 message for each such combination.
478 <LI><A NAME="TOC179" HREF="FAQ.html#SEC179">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
479 external email to the list - and if a match is found file the offending
480 message into a special location? Also is it possible to make exim only
481 filter parts of an incoming email - e.g. ignore large MIME attachments
482 for example and only process text/plain?
483 <LI><A NAME="TOC180" HREF="FAQ.html#SEC180">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
484 command, to check if a user has exceeded their email quota. If they have
485 I issue a temporary failure and a message - can I do this with Exim?
486 <LI><A NAME="TOC181" HREF="FAQ.html#SEC181">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
487 <LI><A NAME="TOC182" HREF="FAQ.html#SEC182">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
488 delivery. Can Exim do this?
489 <LI><A NAME="TOC183" HREF="FAQ.html#SEC183">Q0824</A>: How can I accomplish this: a message sent from any host must either be
490 sending to a domain in a list (a dbm file) or the sender's address
491 domain must be in the list.
492 <LI><A NAME="TOC184" HREF="FAQ.html#SEC184">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
493 tries sending to an arbitrary domain, Exim rejects it.
494 <LI><A NAME="TOC185" HREF="FAQ.html#SEC185">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
496 <LI><A NAME="TOC186" HREF="FAQ.html#SEC186">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
497 <LI><A NAME="TOC187" HREF="FAQ.html#SEC187">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
498 system filtering. What's wrong or what did I miss?
499 <LI><A NAME="TOC188" HREF="FAQ.html#SEC188">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
500 I do a string lookup if <B>$recipients</B> is a list of addresses?
501 <LI><A NAME="TOC189" HREF="FAQ.html#SEC189">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
502 <LI><A NAME="TOC190" HREF="FAQ.html#SEC190">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
503 sometimes after the MAIL command. What is the difference?
504 <LI><A NAME="TOC191" HREF="FAQ.html#SEC191">Q0832</A>: How can I get Exim to remove attachments from messages?
505 <LI><A NAME="TOC192" HREF="FAQ.html#SEC192">Q0833</A>: I ran a relay test against my host and it failed with an address
506 containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
507 broken? This is what the tester said:
510 <A NAME="TOC193" HREF="FAQ.html#SEC193">9. MAJORDOMO</A>
512 <LI><A NAME="TOC194" HREF="FAQ.html#SEC194">Q0901</A>: How do I set up Majordomo to work with Exim?
513 <LI><A NAME="TOC195" HREF="FAQ.html#SEC195">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
514 sender correctly in the messages it sends.
515 <LI><A NAME="TOC196" HREF="FAQ.html#SEC196">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
516 when I try to send it mail. The panic log entry reads:
517 <LI><A NAME="TOC197" HREF="FAQ.html#SEC197">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
518 when it is passed a message from Exim.
521 <A NAME="TOC198" HREF="FAQ.html#SEC198">10. REWRITING ADDRESSES</A>
523 <LI><A NAME="TOC199" HREF="FAQ.html#SEC199">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
524 <LI><A NAME="TOC200" HREF="FAQ.html#SEC200">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
525 outgoing mail, and yet the hostname is present when the mail gets
527 <LI><A NAME="TOC201" HREF="FAQ.html#SEC201">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
528 world, but not for messages that remain within the local intranet.
529 <LI><A NAME="TOC202" HREF="FAQ.html#SEC202">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
530 names, but if mail comes in for an upper case login name, it doesn't
532 <LI><A NAME="TOC203" HREF="FAQ.html#SEC203">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
533 <LI><A NAME="TOC204" HREF="FAQ.html#SEC204">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
534 contents are not being lowercased. Aren't domains supposed to be handled
536 <LI><A NAME="TOC205" HREF="FAQ.html#SEC205">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
540 <A NAME="TOC206" HREF="FAQ.html#SEC206">11. HEADERS</A>
542 <LI><A NAME="TOC207" HREF="FAQ.html#SEC207">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
543 a specific domain and the subject line.
544 <LI><A NAME="TOC208" HREF="FAQ.html#SEC208">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
546 <LI><A NAME="TOC209" HREF="FAQ.html#SEC209">Q1103</A>: How can I remove some part of the Received: header?
547 <LI><A NAME="TOC210" HREF="FAQ.html#SEC210">Q1104</A>: How I can insert the PGP header line using exim filters?
550 <A NAME="TOC211" HREF="FAQ.html#SEC211">12. FETCHMAIL</A>
552 <LI><A NAME="TOC212" HREF="FAQ.html#SEC212">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
553 recipient address <B><I>xxx</I>@localhost</B>".
554 <LI><A NAME="TOC213" HREF="FAQ.html#SEC213">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
555 set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
557 <LI><A NAME="TOC214" HREF="FAQ.html#SEC214">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
558 Exim, but will it work? Do I need to configure fetchmail any particular
559 way? As far as Exim knows, all mail is coming from 127.0.01. Will it
560 check the source address against RBL? Or will it check the From: header?
563 <A NAME="TOC215" HREF="FAQ.html#SEC215">13. PERL</A>
565 <LI><A NAME="TOC216" HREF="FAQ.html#SEC216">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
566 load library <B>'libperl.so'".</B>
567 <LI><A NAME="TOC217" HREF="FAQ.html#SEC217">Q1302</A>: Exim built with Perl support exits with several error messages of the
568 form "undefined reference to `PL_stack_sp'".
571 <A NAME="TOC218" HREF="FAQ.html#SEC218">14. DIAL-UP</A>
573 <LI><A NAME="TOC219" HREF="FAQ.html#SEC219">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
574 delivered when I'm not connected to the Internet?
575 <LI><A NAME="TOC220" HREF="FAQ.html#SEC220">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
576 that remote mail only goes out when I do a queue run. However, any email
577 I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
578 minutes saying 'retry time exceeded', and all addresses are affected.
579 <LI><A NAME="TOC221" HREF="FAQ.html#SEC221">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
580 system for a domain on a dial-up host?
581 <LI><A NAME="TOC222" HREF="FAQ.html#SEC222">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
582 force delivery of waiting mail when I dial in. How can I arrange for any
583 new messages that arrive while I'm connected to be delivered immediately?
586 <A NAME="TOC223" HREF="FAQ.html#SEC223">15. MODIFYING MESSAGE BODIES</A>
588 <LI><A NAME="TOC224" HREF="FAQ.html#SEC224">Q1501</A>: How can I add a disclaimer or an advertisement to a message?
589 <LI><A NAME="TOC225" HREF="FAQ.html#SEC225">Q1502</A>: How can I remove attachments from messages?
592 <A NAME="TOC226" HREF="FAQ.html#SEC226">20. MILLENNIUM</A>
594 <LI><A NAME="TOC227" HREF="FAQ.html#SEC227">Q2000</A>: Are there any Y2K issues with Exim?
597 <A NAME="TOC228" HREF="FAQ.html#SEC228">50. MISCELLANEOUS</A>
599 <LI><A NAME="TOC229" HREF="FAQ.html#SEC229">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
601 <LI><A NAME="TOC230" HREF="FAQ.html#SEC230">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
602 set of Exim administration functions? I don't want to put them all in
604 <LI><A NAME="TOC231" HREF="FAQ.html#SEC231">Q5003</A>: How can I test for a message's size being greater or less than a given
605 value in an expansion string?
606 <LI><A NAME="TOC232" HREF="FAQ.html#SEC232">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
607 want to "tail", and the number of tailing windows is getting to be a
609 <LI><A NAME="TOC233" HREF="FAQ.html#SEC233">Q5005</A>: I would like to have Exim log information written to syslog.
610 <LI><A NAME="TOC234" HREF="FAQ.html#SEC234">Q5006</A>: What does the error "Failed to create spool file" mean?
611 <LI><A NAME="TOC235" HREF="FAQ.html#SEC235">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
612 <LI><A NAME="TOC236" HREF="FAQ.html#SEC236">Q5008</A>: Exim's databases keep getting corrupted.
613 <LI><A NAME="TOC237" HREF="FAQ.html#SEC237">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
614 but I can't get it to have an envelope from of <>.
615 <LI><A NAME="TOC238" HREF="FAQ.html#SEC238">Q5010</A>: I see entries in the log that mention two different IP addresses for the
616 same connection. Why is this? For example:
617 <LI><A NAME="TOC239" HREF="FAQ.html#SEC239">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
619 <LI><A NAME="TOC240" HREF="FAQ.html#SEC240">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
620 delivered to their final destination with the Bcc: line still present.
621 <LI><A NAME="TOC241" HREF="FAQ.html#SEC241">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
622 printed page, the printer ejects a blank sheet. Is this something to do
623 with using "letter" rather than A4 paper?
624 <LI><A NAME="TOC242" HREF="FAQ.html#SEC242">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
625 in to collect their mail.
626 <LI><A NAME="TOC243" HREF="FAQ.html#SEC243">Q5015</A>: A short time after I start Exim I see a <defunct> process. What is
628 <LI><A NAME="TOC244" HREF="FAQ.html#SEC244">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
629 daemons: exim abandoned: unknown, malformed, or incomplete option
630 <B>-bz</B> sendmail". What does this mean?
631 <LI><A NAME="TOC245" HREF="FAQ.html#SEC245">Q5017</A>: I would like to restrict e-mail usage for some users to the local
632 machine, ideally on a group basis.
633 <LI><A NAME="TOC246" HREF="FAQ.html#SEC246">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
634 the SMTP port. Why is this?
635 <LI><A NAME="TOC247" HREF="FAQ.html#SEC247">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
637 <LI><A NAME="TOC248" HREF="FAQ.html#SEC248">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
638 to the addresses within the message, not to those on the command line.
639 <LI><A NAME="TOC249" HREF="FAQ.html#SEC249">Q5021</A>: If I set up, for example,
640 <TT>local_domains = *customer.com</TT>, then it matches
641 <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
642 <B>"noncustomer.com",</B> which is wrong. How can I get round this?
643 <LI><A NAME="TOC250" HREF="FAQ.html#SEC250">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
644 exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
645 treated as local. What is the best way to do this?
646 <LI><A NAME="TOC251" HREF="FAQ.html#SEC251">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
647 is a Sparc 5 running Solaris 2.6.
648 <LI><A NAME="TOC252" HREF="FAQ.html#SEC252">Q5024</A>: Is there a Windows NT version of Exim available?
649 <LI><A NAME="TOC253" HREF="FAQ.html#SEC253">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
650 Notification (MSN), or any other form of delivery acknowledgement?
651 <LI><A NAME="TOC254" HREF="FAQ.html#SEC254">Q5026</A>: What does "Exim" stand for?
652 <LI><A NAME="TOC255" HREF="FAQ.html#SEC255">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
653 received in one connection" mean?
654 <LI><A NAME="TOC256" HREF="FAQ.html#SEC256">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
655 amount of space on the spool for incoming SMTP messages that use the
656 SIZE option. Can I suppress this?
657 <LI><A NAME="TOC257" HREF="FAQ.html#SEC257">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
658 assuming that the "<>" indicates that the envelope did not contain any
660 <LI><A NAME="TOC258" HREF="FAQ.html#SEC258">Q5030</A>: I've received a message which does not have my address in the To:
661 line. It is a spam message with the same address in both the From: and
662 the To: headers. How can this happen, and why doesn't Exim reject it?
663 <LI><A NAME="TOC259" HREF="FAQ.html#SEC259">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
664 that is, it is handled without it ever hitting the disc?
665 <LI><A NAME="TOC260" HREF="FAQ.html#SEC260">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
666 on the fly, or do I need to restart Exim every time I make a change?
667 <LI><A NAME="TOC261" HREF="FAQ.html#SEC261">Q5033</A>: What are the main differences between using an Exim filter and using
669 <LI><A NAME="TOC262" HREF="FAQ.html#SEC262">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
670 those addresses generated from a top-level address that have not yet
672 <LI><A NAME="TOC263" HREF="FAQ.html#SEC263">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
673 relaying that they are being blocked with a "Too many connections"
675 <LI><A NAME="TOC264" HREF="FAQ.html#SEC264">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
676 error message: "Filter error: unavailable filtering command "fail" near
677 line 8 of filter file".
678 <LI><A NAME="TOC265" HREF="FAQ.html#SEC265">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
679 deliver it? I want to be in this state while moving some mailboxes.
680 <LI><A NAME="TOC266" HREF="FAQ.html#SEC266">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
682 <LI><A NAME="TOC267" HREF="FAQ.html#SEC267">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
684 <LI><A NAME="TOC268" HREF="FAQ.html#SEC268">Q5040</A>: What does "ridiculously long message header" in an error report mean?
685 <LI><A NAME="TOC269" HREF="FAQ.html#SEC269">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
689 <A NAME="TOC270" HREF="FAQ.html#SEC270">93. HP-UX</A>
691 <LI><A NAME="TOC271" HREF="FAQ.html#SEC271">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
692 put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
695 <A NAME="TOC272" HREF="FAQ.html#SEC272">94. BSDI</A>
697 <LI><A NAME="TOC273" HREF="FAQ.html#SEC273">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
698 <B>"./exim:</B> can't load library <B>'libperl.so'".</B>
701 <A NAME="TOC274" HREF="FAQ.html#SEC274">95. IRIX</A>
703 <LI><A NAME="TOC275" HREF="FAQ.html#SEC275">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
704 Exim doesn't seem to recognize them as local addresses.
705 <LI><A NAME="TOC276" HREF="FAQ.html#SEC276">Q9502</A>: The IP addresses for incoming calls are all being given as
709 <A NAME="TOC277" HREF="FAQ.html#SEC277">96. LINUX</A>
711 <LI><A NAME="TOC278" HREF="FAQ.html#SEC278">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
713 <LI><A NAME="TOC279" HREF="FAQ.html#SEC279">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
714 trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
715 <LI><A NAME="TOC280" HREF="FAQ.html#SEC280">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
716 my mail logs. Anyone worked out the logrotate config file that will
718 <LI><A NAME="TOC281" HREF="FAQ.html#SEC281">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
719 service terminated" on a RedHat 5.2 system, causing imap connections to
720 be refused. The imapd in use is Washington Uni vers 12.250. Could this
721 be anything to do with Exim?
722 <LI><A NAME="TOC282" HREF="FAQ.html#SEC282">Q9605</A>: I get the "too many open files" error especially when a lot of messages
723 land for majordomo at the same time.
724 <LI><A NAME="TOC283" HREF="FAQ.html#SEC283">Q9606</A>: I'm having a problem with an Exim RPM.
727 <A NAME="TOC284" HREF="FAQ.html#SEC284">97. SUN SYSTEMS</A>
729 <LI><A NAME="TOC285" HREF="FAQ.html#SEC285">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
730 <LI><A NAME="TOC286" HREF="FAQ.html#SEC286">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
732 <LI><A NAME="TOC287" HREF="FAQ.html#SEC287">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
733 more than 10 A records.
734 <LI><A NAME="TOC288" HREF="FAQ.html#SEC288">Q9704</A>: The menu in Eximon isn't working on my Sun system.
735 <LI><A NAME="TOC289" HREF="FAQ.html#SEC289">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
737 <LI><A NAME="TOC290" HREF="FAQ.html#SEC290">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
738 running DBM functions.
739 <LI><A NAME="TOC291" HREF="FAQ.html#SEC291">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
740 <LI><A NAME="TOC292" HREF="FAQ.html#SEC292">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
741 <LI><A NAME="TOC293" HREF="FAQ.html#SEC293">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
742 want to alter the <B>nsswitch.conf</B> file in Solaris 2.
745 <A NAME="TOC294" HREF="FAQ.html#SEC294">98. COOKBOOK</A>
747 <LI><A NAME="TOC295" HREF="FAQ.html#SEC295">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
748 <LI><A NAME="TOC296" HREF="FAQ.html#SEC296">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
749 from a restricted list of our local users?
750 <LI><A NAME="TOC297" HREF="FAQ.html#SEC297">Q9803</A>: How do I configure Exim to run with SmartList?
751 <LI><A NAME="TOC298" HREF="FAQ.html#SEC298">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
752 <LI><A NAME="TOC299" HREF="FAQ.html#SEC299">Q9805</A>: How do I configure Exim to handle local parts with extensions?
753 <LI><A NAME="TOC300" HREF="FAQ.html#SEC300">Q9806</A>: How do I configure Exim so that only a restricted list of users can
754 receive mail from external domains?
755 <LI><A NAME="TOC301" HREF="FAQ.html#SEC301">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
756 to mail to. How do I accomplish this?
757 <LI><A NAME="TOC302" HREF="FAQ.html#SEC302">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
758 a way to run the queue for that destination separately from the main
760 <LI><A NAME="TOC303" HREF="FAQ.html#SEC303">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
761 <LI><A NAME="TOC304" HREF="FAQ.html#SEC304">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
762 there a solution for this using an Exim filter?
763 <LI><A NAME="TOC305" HREF="FAQ.html#SEC305">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
764 user in a specific directory, using a "save" command in a system filter.
765 How can I arrange for Exim to write to these files under the correct
767 <LI><A NAME="TOC306" HREF="FAQ.html#SEC306">Q9812</A>: How can I keep an archive of all mail for some specific local email
769 <LI><A NAME="TOC307" HREF="FAQ.html#SEC307">Q9813</A>: How can I configure Exim to provide a vacation message when there are
770 no local users on my mail hub?
771 <LI><A NAME="TOC308" HREF="FAQ.html#SEC308">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
772 password and moving the home directory to another place. How can we
773 arrange to reject mail for users in this state?
774 <LI><A NAME="TOC309" HREF="FAQ.html#SEC309">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
775 strip all reply-to: headers present, substitute another one pointing to
776 "otheraddress" and forward a message to "realaddress".
777 <LI><A NAME="TOC310" HREF="FAQ.html#SEC310">Q9816</A>: How can I set up Exim to work with Listar?
778 <LI><A NAME="TOC311" HREF="FAQ.html#SEC311">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
779 users. For each user there may be a different monitoring address.
780 <LI><A NAME="TOC312" HREF="FAQ.html#SEC312">Q9818</A>: How can I add a disclaimer to the end of every message?
781 <LI><A NAME="TOC313" HREF="FAQ.html#SEC313">Q9819</A>: I would like to append a simple advertisement text to all outgoing
783 <LI><A NAME="TOC314" HREF="FAQ.html#SEC314">Q9820</A>: How can I configure Exim so that all mails adressed to
784 <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
785 <LI><A NAME="TOC315" HREF="FAQ.html#SEC315">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
787 <LI><A NAME="TOC316" HREF="FAQ.html#SEC316">Q9822</A>: How can I get Exim to work with mailman?
788 <LI><A NAME="TOC317" HREF="FAQ.html#SEC317">Q9823</A>: Is there any way to have messages sent to a specific local address
789 delayed by - say - 24 hours?
792 <A NAME="TOC318" HREF="FAQ.html#SEC318">99. LIST OF SAMPLE CONFIGURATIONS</A>
795 <BR><H2><A NAME="SEC1" HREF="FAQ.html#TOC1">0. DEBUGGING
798 <A NAME="SEC2" HREF="FAQ.html#TOC2">Q0001</A>: Exim is crashing. What is wrong?
802 A0001: Exim should never crash. The author is always keen to know about
803 crashes, so that they can be diagnosed and fixed. However, before you
804 start sending email, please check that you are running the latest
805 release of Exim, in case the problem has already been fixed. The
806 techniques described below can also be useful in trying to pin down
807 exactly which circumstances caused the crash and what Exim was trying to
808 do at the time. If the crash is reproducable (by a particular message,
809 say) keep a copy of that message. If there is a core file (in Exim's
810 spool directory), see if you can get any information from it.
814 One thing that has caused crashes in the past has been incorrectly
815 installed DB libraries. In particular, if you are running any version of
816 Berkeley db, it is best to set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B> before
817 building Exim. This then avoids the use of the "ndbm compatibility
818 interface" via the <B>ndbm.h</B> include file, which has been found to be
819 incorrect on some systems. If you have already built Exim, you can just
820 edit <B>Local/Makefile</B> and run <B>make</B> again to rebuild. Before restarting
821 Exim, delete any existing database files in the <B>spool/db</B> directory.
824 <A NAME="SEC3" HREF="FAQ.html#TOC3">Q0002</A>: Exim is not working. What is wrong?
828 A0002: Exactly how is it not working? Check the more specific questions in the
829 other sections of this FAQ. Some general techniques for debugging are:
833 1. Look for information in Exim's log files. These are in the "log"
834 directory in Exim's spool directory, unless you have configured a
835 different path for them. Serious operational problems are reported
840 2. If the problem involves the delivery of one or more messages, try
841 forcing a delivery with the <B>-d</B> option, to cause Exim to output
842 debugging information. For example:
846 exim -d -M 0z6CXU-0005RR-00</PRE>
848 On its own, <B>-d</B> produces a small amount of information. Following it
849 with a number increases the amount given: <B>-d9</B> gives the maximum
850 amount of general information; <B>-d10</B> gives in addition details of the
851 interpretation of filter files, and <B>-d11</B> or higher also turns on the
852 debugging option for DNS lookups. The output is written to the
853 standard error stream.
857 3. If the problem involves incoming SMTP mail, try using the <B>-bh</B> option
858 to simulate an incoming connection from a specific host, for example:
862 exim -bh 10.9.8.7</PRE>
864 This goes through the motions of an SMTP session, without actually
865 accepting a message. Information about various policy checks is
866 output. You will need to know how to pretend to be an SMTP client.
870 4. If the problem involves lack of recognition or incorrect handling
871 of local addresses, try using the <B>-bt</B> option with debugging turned
872 on, to see how Exim is handling the address. For example,
876 exim -d2 -bt z6abc</PRE>
878 will show you how it would handle the local part "z6abc". Increase
879 the debug level to <B>-d9</B> for more information.
882 <A NAME="SEC4" HREF="FAQ.html#TOC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
883 69 from command <I>xxx</I>" mean?
887 A0003: The most common meaning of exit code 69 is "unavailable", and this often
888 means that when Exim tried to exec the command <I>xxx</I>, it failed. One
889 cause of this might be incorrect permissions on the file containing the
893 <A NAME="SEC5" HREF="FAQ.html#TOC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
897 A0004: You can use an exim command with <B>-d</B> (or <B>-d2,</B> <B>-d3</B> ... <B>-d9)</B> to get it to
898 show you how it is processing addresses. You don't actually need to send
899 a message; use the <B>-bt</B> option like this:
903 exim -d2 -bt localpart@virtualhost</PRE>
905 This will show you which directors it is using. If the problem appears
906 to be with the expansion of an option setting, you can use the
907 <TT>debug_print</TT> option on a director (or router) to get Exim to output the
908 expanded string values as it goes along.
911 <A NAME="SEC6" HREF="FAQ.html#TOC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
912 receiving an SMTP message with a large number of recipients?
916 A0005: You are verifying recipients, and your configuration is one that does a
917 different lookup of some sort for each recipient. Exim keeps lookup
918 files open, in case there are several lookups in the same file. Versions
919 of Exim prior to 2.10 did not limit the number of open files used for
920 this purpose, and your operating system's maximum per process has been
921 reached. Exim is trying to log the failure to open a file, but cannot
922 open the log file, for the same reason. If upgrading Exim is not
923 immediately possible, you might be able to increase your operating
924 system's maximum number of open files per process.
927 <A NAME="SEC7" HREF="FAQ.html#TOC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
932 A0006: Have you remembered to set <TT>receiver_verify</TT>? It is not the default.
935 <A NAME="SEC8" HREF="FAQ.html#TOC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
940 A0007: You need to request "partial matching" by setting the search type to
941 "partial-dbm" in order for this to work.
944 <A NAME="SEC9" HREF="FAQ.html#TOC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
945 working. The expansion I'm using is:
949 ${lookup{${lc:$sender_address}}dbm{/the/file} ...</PRE>
951 A0008: As no sender address will ever be <B><B>*@domain.com</B></B> this will indeed have
952 no effect as it stands. You need to tell Exim if you want it to look for
953 defaults after the normal lookup has failed. In this case, change the
954 search type from "dbm" to "dbm*@". See the section on "Default values in
955 single-key lookups" in the chapter entitled "File and database lookups".
958 <A NAME="SEC10" HREF="FAQ.html#TOC10">Q0009</A>: Is there a way to print recognized local domains?
962 A0009: If you run "exim <B>-bP</B> <TT>local_domains</TT>" it will output the string that is
963 set, but it won't print the contents of any files that are referenced.
966 <A NAME="SEC11" HREF="FAQ.html#TOC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
967 message from my User Agent, it does not arrive at its destination.
971 A0010: Try sending a message directly to Exim by typing this:
976 <some message, could be empty>
979 If the message gets delivered to a remote host, but never arrives at its
980 final destination, then the problem is at the remote host. If, however,
981 the message gets through correctly, then the problem may be between your
982 User Agent and Exim. Try setting Exim's <TT>log_arguments</TT> option, to see
983 with which arguments the UA is calling Exim.
986 <A NAME="SEC12" HREF="FAQ.html#TOC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
987 delivery: too many connections (19, max 0)". What am I missing?
991 A0011: A current release of Exim. :-) The message you are getting is the wrong
992 message. What it should be saying is "too many messages received in one
993 SMTP connection" (see next question). This bug was fixed in release
997 <A NAME="SEC13" HREF="FAQ.html#TOC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
1002 A0012: An SMTP client may send any number of messages down a single SMTP
1003 connection to a server. Initially, an Exim server starts up a delivery
1004 process as soon as a message is received. However, in order not to start
1005 up too many processes when lots of messages are arriving (typically
1006 after a period of downtime), it stops doing immediate delivery after a
1007 certain number of messages have arrived down the same connection. The
1008 threshold is set by <TT>smtp_accept_queue_per_connection</TT>, and the default
1009 value is 10. On large systems, the value should be increased. If you are
1010 running a dial-in host and expecting to get all your mail down a single
1011 SMTP connection, then you can disable the limit altogether by setting
1015 <A NAME="SEC14" HREF="FAQ.html#TOC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
1016 messages. Is this a bug?
1020 A0013: No. It is deliberate. Exim inserts a "for" phrase only if the incoming
1021 message has precisely one recipient. If there is more than one
1022 recipient, nothing is inserted. The reason for this is that not all
1023 recipients appear in the To: or Cc: headers, and it is considered a
1024 breach of privacy to expose such recipients to the others. A common
1025 case is when a message has come from a mailing list.
1028 <A NAME="SEC15" HREF="FAQ.html#TOC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
1029 (or cdb) files, but Exim doesn't seem to be able to use them.
1033 A0014: Exim expects there to be a binary zero value on the end of each key used
1034 in a DBM file if you use the "dbm" lookup type, but not for the "dbmnz"
1035 lookup type or for the keys of a cdb file. Check that you haven't
1036 slipped up in this regard.
1039 <A NAME="SEC16" HREF="FAQ.html#TOC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
1040 able to access the DNS.
1044 A0015: Try running "exim <B>-d11</B> <B>-bt</B> <remote address>". The <B>-d11</B> will make it show
1045 the resolver queries it is building and the results of its DNS queries.
1046 If it appears unable to contact any nameservers, check the contents and
1047 permissions of <B><B>/etc/resolv.conf</B>.</B>
1050 <A NAME="SEC17" HREF="FAQ.html#TOC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
1051 end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
1052 attempts fail with "458 Already processing".
1056 A0016: Set <TT>no_smtp_etrn_serialize</TT>.
1059 <A NAME="SEC18" HREF="FAQ.html#TOC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
1060 transport driver "<B>aliasfile</B>" in line 92" mean?
1064 A0017: "<B>aliasfile</B>" is a director, not a transport. You have put a configuration
1065 for a director into the transports section of the configuration file.
1068 <A NAME="SEC19" HREF="FAQ.html#TOC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
1069 from one particular host, and yet the client host also claims to be
1070 timing out. This seems to affect only certain messages.
1074 A0018: (A) This problem has been seen with a network that was dropping all
1075 packets over a certain size, which mean that the first part of the SMTP
1076 transaction worked, but when the body of a large message started
1077 flowing, the main data bits never got through the network. See also
1079 <A HREF="FAQ.html#SEC22">Q0021</A>.
1083 (B) This can also happen if a machine has a broken TCP stack and won't
1084 reassemble fragmented datagrams.
1088 (C) A very few ISDN lines have been seen which failed when certain data
1089 patterns were sent through them, and replacing the routers at both end
1090 of the link did not fix things. One of them was triggered by more than 4
1091 X's in a row in the data.
1094 <A NAME="SEC20" HREF="FAQ.html#TOC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
1095 failed: address already in use" mean?
1099 A0019: You are trying to run an Exim daemon when there is one already running -
1100 or maybe some other MTA is running, or perhaps you have an SMTP line in
1101 <B><B>/etc/inetd.conf</B></B> which is causing <B>inetd</B> to listen on port 25.
1104 <A NAME="SEC21" HREF="FAQ.html#TOC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
1105 headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
1106 look all right to me. Is this a bug?
1110 A0020: No. Header lines such as From:, To:, <B>etc.,</B> which contain addresses, are
1111 structured, and have to be in a specific format which is defined in RFC
1112 822. Unquoted colons are not allowed in the "phrase" part of an email
1113 address (they are OK in other headers such as Subject:). The correct
1114 form for that header is
1118 To: "Work: Jim" <jims@email>, "Home: Bob" <bobs@email></PRE>
1120 You will sometimes see unquoted colons in To: and Cc: headers, but only
1121 in connection with name lists (called "groups"), for example:
1125 To: My friends: X <x@y.x>, Y <y@w.z>;,
1126 My enemies: A <a@b.c>, B <b@c.d>;</PRE>
1128 Each list must be terminated by a semicolon, as shown.
1131 <A NAME="SEC22" HREF="FAQ.html#TOC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
1132 server, it fails, giving the error "Remote end closed connection after
1133 data" or "Broken pipe" or a timeout. What's going on?
1137 A0021: "Broken pipe" is the error you get on some OS when the far end just
1138 drops the connection. The alternative is "connection reset by peer".
1142 (A) There are some firewalls that fall over on \0 characters in the
1143 mail. Have a look, e.g. with hexdump <B>-c</B> mymail | tail to see if your
1144 mail contains any binary zero characters.
1148 (B) There are broken SMTP servers around that just drop the connection
1149 after the data has been sent if they don't like the message for some
1150 reason (e.g. it is too big) instead of sending a 5xx error code. Have
1151 you tried sending a small message to the same address?
1155 (C) If the problem occurs right at the start of the mail, then it could
1156 be a network problem with mishandling of large packets. Many emails are
1157 small and thus appear to propagate correctly, but big emails will
1158 generate big IP datagrams.
1162 There have been problems when something in the middle of the network
1163 mishandles large packets due to IP tunnelling. In a tunnelled link, your
1164 IP datagrams gets wrapped in a larger datagram and sent over a network.
1165 This is how virtual private networks (VPNs), and some ISP's transit
1166 circuits work. Since the datagrams going over the tunnel require a
1167 larger packet size, the tunnel needs a bigger maximum transfer unit
1168 (MTU) in the network handling the tunnelled packets. However, MTUs
1169 are often fixed, so the tunnel will try to fragment the packets.
1173 If the systems outside the tunnel are using MTU path discovery, (most
1174 Sun Sparc Solaris machines do by default), and set the DF (don't
1175 fragment) bit because they don't send packets larger than their <EM>local</EM>
1176 MTU, then ICMP control messages will be sent by the routers at the
1177 ends of the tunnel to tell them to reduce their MTU, since the tunnel
1178 can't fragment the data, and has to throw it away. If this mechanism
1179 stops working, e.g. a firewall blocks ICMP, then your host never
1180 knows it has hit the maximum path MTU, but it has received no ACK on
1181 the packet either, so it continues to resend the same packet and the
1182 connection stalls, eventually timing out.
1186 You can test the link using pings of large packets and see what works:
1190 ping -s host 2048</PRE>
1192 Try reducing the MTU on the sending host:
1196 ifconfig le0 mtu 1300</PRE>
1198 Alternatively, you can reduce the size of the buffer Exim uses for SMTP
1199 output by putting something like
1203 DELIVER_OUT_BUFFER_SIZE=512</PRE>
1205 in your <B>Local/Makefile</B> and rebuilding Exim (the default is 8192).
1208 <A NAME="SEC23" HREF="FAQ.html#TOC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
1209 something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
1210 I see the appropriate "waiting for passed connections to get used"
1215 A0022: Recall that Exim does not keep separate queues for each domain, but
1216 operates in a distributed fashion. Messages get into its "waiting for
1217 host x" hints database only when a delivery has been tried, and has had
1218 a temporary error. Here are some possibilities:
1222 (1) The messages to <B>aol.com</B> got put in your queue, but no previous
1223 delivery attempt occured before you did the <B><B>-R.</B></B> This might have been
1224 because of your settings of <TT>queue_only_load</TT>, <TT>smtp_accept_queue</TT>, or any
1225 other option that caused no immediate delivery attempt on arrival. If
1226 this is the case, you can try using <B>-qqR</B> instead of <B><B>-R.</B></B>
1230 (2) You have set <TT>batch_max</TT> on the smtp transport, and that limit was
1231 reached. This would show as a sequence of n messages down one
1232 connection, then another n down a new connection, etc.
1236 (3) Exim tried to pass on the SMTP connection to another message, but
1237 that message was in the process of being delivered to <B>aol.com</B> by some
1238 other process (typically, a normal queue runner). This will break the
1239 sequence, though the other delivery should pass its connection on to
1240 other messages if there are any.
1244 (4) The folk at <B>aol.com</B> changed the MX records so the host names have
1245 changed - or a new host has been added. I don't know how likely this is.
1249 (5) Exim is not performing as it should in this regard, for some reason.
1250 Next time you have mail queued up for <B>aol.com,</B> try running
1254 exim_dumpdb /var/spool/exim wait-remote_smtp</PRE>
1256 to see if those messages are listed among those waiting for the relevant
1257 <B>aol.com</B> hosts.
1260 <A NAME="SEC24" HREF="FAQ.html#TOC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
1261 assumed not to exist" mean?
1265 A0023: A crash is occuring when Exim calls your DBM library in order to read a
1266 record from one of its hints files. This kind of problem can be related
1267 to incorrectly installed DBM libraries. If you are using Slackware 3.6,
1268 the problem is that libgdbm is incorrectly installed on that system, and
1269 you will need to re-install it from source.
1272 <A NAME="SEC25" HREF="FAQ.html#TOC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
1273 recognize references to headers such as <B><B>${h_to}.</B></B>
1277 A0024: The only valid syntax for header references is (for example) <B>$h_to:</B>
1278 because header names are permitted by RFC 822 to contain a very wide
1279 range of characters. A colon (or white space) is required as the
1283 <A NAME="SEC26" HREF="FAQ.html#TOC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
1284 host, and yet the remote host also claims to be timing out. This seems
1285 to affect only certain messages.
1290 <A HREF="FAQ.html#SEC19">Q0018</A>.
1293 <A NAME="SEC27" HREF="FAQ.html#TOC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
1294 request, the forked copy seems to go around in circles for a
1295 significant (up to 5 minutes, so far) amount of time before deciding to
1300 A0026: These kinds of delay are usually caused by some kind of network problem
1301 that affects outgoing calls made by Exim at the start of an incoming
1302 message. Configuration options that cause outgoing calls are:
1306 (1) <TT>rfc1413_query_hosts</TT> and <TT>rfc1413_query_timeout</TT> (for ident calls);
1307 firewalls sometimes block ident calls, which can lead to this
1312 (2) <TT>rbl_domains</TT> and <TT>rbl_hosts</TT>.
1316 (3) <TT>host_lookup</TT> and any other options that require the remote host's
1317 name to be looked up from its IP address.
1321 You can use the <B>-bh</B> option to get more information about what is
1322 happening at the start of a connection.
1325 <A NAME="SEC28" HREF="FAQ.html#TOC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
1326 This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
1327 problem started to occur at about 300 incoming connections.
1331 A0027: Some message delivery failed, and when Exim wanted to send a bounce
1332 message, it was unable to create a process in which to do so. Probably
1333 the limit on the maximum number of simultaneously active processes has
1334 been reached. Most OS have some means of increasing this limit, and in
1335 some operating systems there is also a limit per uid which can be
1339 <A NAME="SEC29" HREF="FAQ.html#TOC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
1340 by director" in a log line mean?
1344 A0028: Your system filter contains a "save" command, but you have not set
1345 <TT>message_filter_file_transport</TT>.
1348 <A NAME="SEC30" HREF="FAQ.html#TOC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
1349 address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
1350 configuration contains this:
1354 host_accept_relay = "lsearch;/etc/mail/relaydomains:192.168.96.0/24"</PRE>
1356 A0029: When checking <TT>host_accept_relay</TT>, the items are tested in left-to-right
1357 order. The first item in your list is a lookup on the incoming host's
1358 name, so Exim has to determine the name from the incoming IP address in
1359 order to perform the test. If it can't find the host name, it can't do
1360 the check, so it gives up. The solution is to put all explicit IP
1361 addresses first in the list. You would have discovered what was going
1362 on if you had run a test such as
1366 exim -bh 192.168.96.131</PRE>
1367 <A NAME="SEC31" HREF="FAQ.html#TOC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
1371 A0030: This probably means that Exim doesn't know its own path so it can't
1372 re-exec itself to do the first queue run. Check the output of
1376 exim -bP exim_path</PRE>
1377 <A NAME="SEC32" HREF="FAQ.html#TOC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
1378 with the banner, when connections to other ports respond instantly?
1383 <A HREF="FAQ.html#SEC27">Q0026</A>.
1386 <A NAME="SEC33" HREF="FAQ.html#TOC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
1387 expansion in it. This fails:
1391 command = "perl -T /usr/local/rt/bin/rtmux.pl \
1392 rt-mailgate helpdesk \
1393 ${if eq {$local_part}{rt} {correspond}{action}}"</PRE>
1395 A0032: You need some internal quoting in there. Exim expands each individual
1396 argument separately. Because you have (necessarily) got spaces in your
1397 <B>${if</B> item, you have to quote that argument. Try
1401 command = "perl -T /usr/local/rt/bin/rtmux.pl \
1402 rt-mailgate helpdesk \
1403 \"${if eq {$local_part}{rt} {correspond}{action}}\""</PRE>
1404 <A NAME="SEC34" HREF="FAQ.html#TOC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
1405 gives error code 69, with the comment "(could mean service or program
1410 A0033: If your alias entry looks like this:
1414 alias: |"/some/command some parameters"</PRE>
1416 change it to look like this:
1420 alias: "|/some/command some parameters"</PRE>
1421 <A NAME="SEC35" HREF="FAQ.html#TOC35">Q0034</A>: I'm having a problem with an Exim RPM.
1426 <A HREF="FAQ.html#SEC283">Q9606</A>.
1429 <A NAME="SEC36" HREF="FAQ.html#TOC36">Q0035</A>: What does the error "Spool file is locked" mean?
1433 A0035: This is not an error[*]. All it means is that when an Exim delivery
1434 process (probably started by a queue runner process) looked at a message
1435 in order to start delivering it, it found that another Exim process was
1436 already busy delivering it. On a busy system this is quite a common
1437 occurrence. If you set <TT>log_level</TT> less than 5, these messages are omitted
1442 [*] The only time when this message might indicate a problem is if it is
1443 repeated for the same message for a very long time - say more than a few
1444 hours. That would suggest that the process that is delivering the
1445 message has somehow got stuck.
1448 <BR><H2><A NAME="SEC37" HREF="FAQ.html#TOC37">1. BUILDING EXIM
1451 <A NAME="SEC38" HREF="FAQ.html#TOC38">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
1456 A0101: The problem is that libident assumes "struct timeval" refers to
1457 <TT>DST_NONE</TT>, and so it tries to avoid using this structure when <TT>DST_NONE</TT>
1458 isn't defined. Unfortunately it doesn't make this change everywhere it
1459 should, and so it blows up. The problem has been seen on NetBSD and
1460 some versions of the Linux C library. An easy, albeit not particularly
1461 neat, fix is to add <B><TT>-DDST_NONE</TT></B> to <TT>LIBIDENTCFLAGS</TT> for systems that are
1462 afflicted like this - there's not a lot else you can do without
1463 modifying libident. The value of <TT>DST_NONE</TT> is never used, so defining it
1464 to be empty should be harmless.
1467 <A NAME="SEC39" HREF="FAQ.html#TOC39">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
1475 (A) This means you (or the default configuration for your operating
1476 system) have configured Exim to use Berkeley DB version 1<B><EM>.xx</EM></B>
1477 and it has not been given access to the DB library (where <TT>dbopen</TT>
1478 should be found). You may need something like <TT>DBMLIB=-ldb</TT> in
1479 <B>Local/Makefile</B>. Berkeley DB is one of several alternative DBM
1480 libraries that Exim can make use of. For a discussion of DBM issues,
1481 see the file <B>doc/dbm.discuss.txt</B> in the Exim distribution.
1485 (B) You are running on a version of Linux which has a problem in its
1486 libraries. This effect isn't fully understood. It has been seen with
1487 the libraries used in Caldera OpenLinux Base 1.1.
1490 <A NAME="SEC40" HREF="FAQ.html#TOC40">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
1494 A0103: Have you set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B>? This causes Exim to use the
1495 native interface to the DBM library instead of the compatibility
1496 interface, which needs a header called <B>ndbm.h</B> that may not exist on your
1500 <A NAME="SEC41" HREF="FAQ.html#TOC41">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
1501 build Exim. (On some systems this error is "undefined reference to
1506 A0104: You should either remove the definition of USE_TCP_WRAPPERS or add
1507 <B>-lwrap</B> to your <TT>EXTRALIBS</TT> setting in <B>Local/Makefile</B>.
1510 <A NAME="SEC42" HREF="FAQ.html#TOC42">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
1511 spool is empty, or take any other special action?
1515 A0105: If you are changing to release 3.00 or later from a release prior to
1516 3.00, you will probably need to make changes to the runtime
1517 configuration file. See <B>README.UPDATING</B> for details. Otherwise, you
1518 do not need to take special action. New releases are made backwards
1519 compatible with old spool files and "hints" databases so that upgrading
1520 can be done on a running system. All that should be necessary is to
1521 install a new binary and then HUP the daemon if you are running one.
1524 <A NAME="SEC43" HREF="FAQ.html#TOC43">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
1528 A0106: You have set INFO_DIRECTORY in your <B>Local/Makefile</B>, and Exim is trying
1529 to install the Texinfo documentation, but cannot find the command called
1530 <B>install-info</B>. If you have a version of Texinfo prior to 3.9, you
1531 should upgrade. Otherwise, check your installation of Texinfo to see why
1532 the <B>install-info</B> command is not available.
1535 <A NAME="SEC44" HREF="FAQ.html#TOC44">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
1536 and so is failing to build.
1540 A0107: Run the command "scripts/os-type <B><B>-generic".</B></B> The output should be one of
1541 the known OS types, and should correspond to your operating system. You
1542 can see which OS are supported by obeying "ls OS/Makefile-*" and looking
1543 at the file name suffixes.
1547 If there is a discrepancy, it means that the script is failing to
1548 interpret the output from the "uname" command correctly, or that the
1549 output is wrong. Meanwhile, you can build Exim by obeying
1553 EXIM_OSTYPE=xxxx make</PRE>
1555 instead of just <B>make</B>, provided you are running a Bourne-compatible
1556 shell, or otherwise by setting EXIM_OSTYPE correctly in your
1557 environment. It is probably best to start again from a clean
1558 distribution, to avoid any wreckage left over from the failed attempt.
1561 <A NAME="SEC45" HREF="FAQ.html#TOC45">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
1562 <B>globals.c</B> module.
1566 A0108: You have set EXIM_UID = exim in your <B>Local/Makefile</B>. Unfortunately,
1567 named uids are not permitted here; you must give a numerical uid.
1568 However, in the runtime configure file names are permitted.
1571 <A NAME="SEC46" HREF="FAQ.html#TOC46">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
1576 A0109: This function should be present in all modern flavours of Unix. If you
1577 are using an older version, you should be able to get round the problem
1582 #define killpg(pgid,sig) kill(-(pgid),sig)</PRE>
1584 into the file called <B>OS/os.h<I>-xx</I>x,</B> where <I>xxx</I> identifies your operating
1585 system, and is the output of the command "scripts/os-type <B><B>-generic".</B></B>
1588 <A NAME="SEC47" HREF="FAQ.html#TOC47">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
1593 A0110: You must have specified <TT>LOOKUP_LDAP=yes</TT> in the configuration. Have you
1594 remembered to set <B>-lldap</B> somewhere (e.g. in LOOKUP_LIBS)? You need that
1595 in order to get the LDAP scanned when linking.
1598 <BR><H2><A NAME="SEC48" HREF="FAQ.html#TOC48">2. MAILBOX LOCKING
1601 <A NAME="SEC49" HREF="FAQ.html#TOC49">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
1602 post" when Exim tries to do a local delivery?
1606 A0201: Your configuration specifies that local mailboxes are all held in
1607 single directory, via configuration lines like these (taken from the
1608 default configuration):
1614 file = /var/mail/${local_part}</PRE>
1616 and the permissions on the directory probably look like this:
1620 drwxrwxr-x 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
1622 Using the default configuration, Exim runs as the local user when doing
1623 a local delivery, and it uses a lock file to prevent any other process
1624 from updating the mailbox while it is writing to it. With those
1625 permissions the delivery process, running as the user, is unable to
1626 create a lock file in the <B>/var/mail</B> directory. There are two solutions
1631 (A) Set the "write" and "sticky bit" permissions on the directory, so
1632 that it looks like this:
1636 drwxrwxrwt 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
1638 The "w" allows any user to create new files in the directory, but
1639 the "t" bit means that only the creator of a file is able to remove
1640 it. This is the same setting as is normally used with the <B>/tmp</B>
1645 (B) Arrange to run the <TT>local_delivery</TT> transport under a specific group
1646 by changing the configuration to read
1652 file = /var/mail/${local_part}
1655 The delivery process still runs under the user's uid, but with the
1656 group set to "mail". The group permission on the directory allows
1657 the process to create and remove the lock file.
1661 The choice between (A) and (B) is up to the administrator. If the
1662 second solution is used, users can empty their mailboxes by updating
1663 them, but cannot delete them.
1667 If your problem involves mail to root, see also
1668 <A HREF="FAQ.html#SEC122">Q0507</A>.
1671 <A NAME="SEC50" HREF="FAQ.html#TOC50">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
1677 <A HREF="FAQ.html#SEC289">A9705</A> in the Sun-specific section below.
1680 <BR><H2><A NAME="SEC51" HREF="FAQ.html#TOC51">3. ROUTING
1683 <A NAME="SEC52" HREF="FAQ.html#TOC52">Q0301</A>: What does "lowest numbered MX record points to local host" mean?
1687 A0301: It means exactly what it says. Exim has tried to route a domain that it
1688 thinks is not local, and when it looked it up in the DNS, the lowest
1689 numbered MX record pointed at the local host.
1693 (A) If the domain is meant to be handled as a local domain, then there
1694 is a problem with the setting of the <TT>local_domains</TT> configuration
1695 option. If you have not set this, then only the name of the local
1696 host is treated as a local domain. If, for example, your host is
1697 called <B>myhost.mydomain.com</B> and you want it to handle mail for the
1698 domain <B>mydomain.com</B> as well as for its own name, you must set
1702 local_domains = myhost.mydomain.com:mydomain.com</PRE>
1704 or, if you want to be more general, you could use
1708 local_domains = *.mydomain.com:mydomain.com</PRE>
1710 If you have a large number of individual local domains, you should
1711 investigate storing them in a file and setting <TT>local_domains</TT> to do a
1716 All the domains in <TT>local_domains</TT> are treated as synonymous by
1717 default. If you want to specify different handling for different
1718 domains, you can either use <TT>domains</TT> options, to restrict certain
1719 directors to certain domains, or use the <B>$domain</B> expansion variable
1720 in director options to vary the value according to the domain, for
1721 example, setting the name of an alias file to <B>/etc/aliases/$domain</B>.
1725 (B) If the domain is one for which the local host is providing a
1726 forwarding service (called "mail hubbing"), possibly as part of a
1727 firewall, then you need to set up a router to tell Exim where to
1728 send messages addressed to this domain, since the DNS directs them
1729 to the local host. The routers section of your configuration file
1730 should look something like this:
1736 transport = remote_smtp
1737 route_list = see discussion below</PRE>
1741 transport = remote_smtp</PRE>
1743 Note that the <B>domainlist</B> router must come first so that it can pick
1744 off a hubbed host before it gets to the <B>lookuphost</B> router. The
1745 contents of the <TT>route_list</TT> option depend on how many hosts you are
1746 hubbing for, and how their names are related to the domain name.
1747 Suppose the local host is a firewall, and all the domains in
1748 <B>*.foo.bar</B> have MX records pointing to it, and each domain
1749 corresponds to a host of the same name. Then the setting could be
1753 route_list = "*.foo.bar $domain byname"</PRE>
1755 If there isn't a convenient relationship between the domain names
1756 and the host names, then you either have to list each domain
1757 separately, or use a lookup expansion to look up the host from the
1758 domain, or put the routing information in a file and use the
1759 <TT>route_file</TT> option.
1763 (C) If neither (A) nor (B) is the case, then the lowest numbered MX
1764 record for the domain should not be pointing to your host. You
1765 should arrange to get the DNS mended.
1768 <A NAME="SEC53" HREF="FAQ.html#TOC53">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
1772 A0302: Replace the <B>lookuphost</B> router in the default configuration with the
1779 transport = remote_smtp
1780 route_list = "* gate.way.host byname"</PRE>
1782 This uses gethostbyname() to find the gateway's IP address. You could
1783 alternatively have "bydns" to do a DNS lookup with MX handling, in which
1784 case <B>"gate.way.host"</B> is really being treated as a mail domain name
1785 rather than a host name. If there are several hosts you can send to,
1786 you can specify them as a colon-separated list. See also
1787 <A HREF="FAQ.html#SEC76">Q0325</A> and
1788 <A HREF="FAQ.html#SEC79">Q0402</A>.
1791 <A NAME="SEC54" HREF="FAQ.html#TOC54">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
1792 if it cannot be immediately delivered by my host? I don't want to have
1793 queued mail waiting on my host.
1797 A0303: Add to the <TT>remote_smtp</TT> transport the following:
1801 fallback_hosts = central.server.name(s)</PRE>
1803 If there are several names, they must be separated by colons.
1806 <A NAME="SEC55" HREF="FAQ.html#TOC55">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
1807 be routed specially?
1812 <A HREF="FAQ.html#SEC81">A0404</A>.
1815 <A NAME="SEC56" HREF="FAQ.html#TOC56">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
1816 pop3 mail account? The customer doesn't want to add a list of specific
1817 local parts to the system.
1821 A0305: Set up a special transport that writes to the mailbox like this:
1833 The file will be written as the user "exim". Then arrange to route all
1834 mail for that domain to that transport, with a router like this:
1840 transport = special_transport
1841 route_list = "some.domain"</PRE>
1843 Alternatively, you could make <B>some.domain</B> a local domain, and use a
1844 <B>smartuser</B> director instead.
1847 <A NAME="SEC57" HREF="FAQ.html#TOC57">Q0306</A>: The <TT>route_list</TT> setting
1848 <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
1849 router does not work.
1853 A0306: The first thing in a <TT>route_list</TT> item is a single pattern, not a list of
1854 patterns. You need to write that as
1855 <TT>^(foo|bar)$ $domain byname</TT>.
1856 Alternatively, you could use several items and write
1860 route_list = "foo $domain byname; bar $domain byname"</PRE>
1862 Note the semicolon separator. This is because the second thing in each
1863 item <EM>can</EM> be a list - of hosts.
1866 <A NAME="SEC58" HREF="FAQ.html#TOC58">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
1867 <TT>require_files</TT> option.
1872 <A HREF="FAQ.html#SEC87">A0410</A> below.
1875 <A NAME="SEC59" HREF="FAQ.html#TOC59">Q0308</A>: I have a domain for which some local parts must be delivered locally,
1876 but the remainder are to be treated like any other remote addresses.
1880 A0308: The way to do this is not to include the domain in <TT>local_domains</TT>, so
1881 that addresses initially get passed to the routers. The first router
1882 should be definied like this:
1888 local_parts = whatever...
1889 domains = whatever...
1890 route_list = * localhost byname
1893 That will pick off those addresses with matching local parts and
1894 domains, and hand them to the directors, because of the <TT>self = local</TT>
1895 setting. Any other addresses will fall through to the other routers and
1896 be handled as normal remote addresses.
1899 <A NAME="SEC60" HREF="FAQ.html#TOC60">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
1900 want it just to look up the hosts' A records. I tried using a negative
1901 entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
1905 A0309: The <TT>mx_domains</TT> option specifies domains for which there <EM>must</EM> be an MX
1906 record (an A record isn't good enough). Consequently, a negative item in
1907 it doesn't do what you want - any domain matching is is not required to
1908 have an MX record, but it doesn't stop Exim from using MX records for
1909 any that do have them. You can achieve what you want using either a
1910 <B>lookuphost</B> or a <B>domainlist</B> router:
1914 (A) Using <B>lookuphost</B>:
1920 transport = remote_smtp
1921 domains = list:of:domains:you:want:to:do:this:for
1924 (B) Using <B>domainlist</B>:
1930 transport = remote_smtp
1931 domains = list:of:domains:you:want:to:do:this:for
1932 route_list = * * byname</PRE>
1934 If the list of domains is actually a lookup in a file, you can dispense
1935 with <TT>domains</TT> in the <B>domainlist</B> case, and put the lookup into the
1936 <TT>route_list</TT> option.
1939 <A NAME="SEC61" HREF="FAQ.html#TOC61">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
1940 addressed to a domain whose MX points to the firewall, it is forwarded
1941 to the internal mail server, without having to have a list of all the
1946 A0310: As your first router, have the standard <B>lookuphost</B> router from the
1947 default configuration, with the added options
1952 self = fail_soft</PRE>
1954 This will handle all domains whose lowest numbered MX records do <EM>not</EM>
1955 point to your host. Because of the <TT>no_more</TT> setting, if it encounters
1956 an unknown domain, routing will fail. However, if it hits a domain whose
1957 lowest numbered MX points to your host, the "self" option comes into
1958 play, and overrides <TT>no_more</TT>. The <TT>fail_soft</TT> setting causes it to pass
1959 the address on to the next router. (The default causes it to generate an
1964 As your second (and last) router, set up a <B>domainlist</B> router that sends
1965 everything to your internal mail server. That is, use an option of the
1970 route_list = * internal.server byname</PRE>
1971 <A NAME="SEC62" HREF="FAQ.html#TOC62">Q0311</A>: How can I arrange that messages larger than some limit are handled by
1976 A0311: If you are using Exim 2.10 or greater, you can use a <TT>condition</TT> option
1977 on the router of the form
1981 condition = ${if >{$message_size}{100K}{yes}{no}}</PRE>
1983 Earlier versions of Exim do not have numerical comparison operators,
1984 though you can use tricks like
1988 condition = ${if eq {${substr_5:$message_size}}{}{no}{yes}}</PRE>
1989 <A NAME="SEC63" HREF="FAQ.html#TOC63">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
1994 A0312: If a DNS lookup returns no MXs, Exim looks for an A record, in
1995 accordance with the rules that are defined in the RFCs. If you want to
1996 break the rules, you can set <TT>mx_domains</TT> in the <B>lookuphost</B> router, but
1997 you will cut yourself off from those sites (and there still seem to be
1998 plenty) who do not set up MX records.
2001 <A NAME="SEC64" HREF="FAQ.html#TOC64">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
2002 send the messsage to the host defined by the A record?
2006 A0313: The RFCs are quite clear on this. Only if it is known that there are no
2007 MX records is an MTA allowed to make use of the A record. When an MX
2008 lookup fails to complete, Exim does not know whether there are any MX
2009 records or not. There seem to be some nameservers (or some
2010 configurations of some nameservers) that give a "server fail" error when
2011 asked for a non-existent MX record. Exim uses standard resolver calls,
2012 which unfortunately do not distinguish between this case and a timeout,
2013 so all Exim can do is try again later.
2016 <A NAME="SEC65" HREF="FAQ.html#TOC65">Q0314</A>: Can you specify a list of domains to explicitly reject?
2020 A0314: Use a router like this:
2027 domains = list:of:domains:to:reject
2028 route_list = * localhost byname</PRE>
2029 <A NAME="SEC66" HREF="FAQ.html#TOC66">Q0315</A>: Is it possible to use a conditional expression for the host item in a
2030 <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
2035 route_list = "* ${if match{$header_from:}{.*\\.usa\\.net\\$} \
2036 {<smarthost1>}{<smarthost2>} bydns_a"</PRE>
2038 A0315: The problem is that the second item in the <TT>route_list</TT> contains white
2039 space, which means that it gets terminated prematurely. To avoid this,
2040 you must put the second item in quotes, and because the whole item is
2041 already in quotes, you have to escape them like this:
2045 route_list = "* \"${if match{$header_from:}{.*\\.usa\\.net\\$} \
2046 {<smarthost1>}{<smarthost2>}\" bydns_a"</PRE>
2047 <A NAME="SEC67" HREF="FAQ.html#TOC67">Q0316</A>: I send all external mail to a smart host, but this means that bad
2048 addresses also get passed to the smart host. Can I avoid this?
2052 A0316: If you are receiving the mail via SMTP, then you can use verification to
2053 weed out the bad addresses. Set <TT>no_verify</TT> on the router which sends
2054 everything to your smart host, and insert a new router with <TT>verify_only</TT>
2055 that does general routing using DNS lookups (e.g. the default <B>lookuphost</B>
2056 router), or any other verification you want. Then set <TT>receiver_verify</TT>
2057 so that addresses are accepted only if they verify successfully.
2060 <A NAME="SEC68" HREF="FAQ.html#TOC68">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
2061 mail only goes out when I do a queue run. However, any email I send with
2062 an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
2063 'retry time exceeded', and all addresses are affected.
2068 <A HREF="FAQ.html#SEC219">Q1401</A>.
2071 <A NAME="SEC69" HREF="FAQ.html#TOC69">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
2077 <A HREF="FAQ.html#SEC105">A0428</A>.
2080 <A NAME="SEC70" HREF="FAQ.html#TOC70">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
2081 domains, and then pass them on to the next router?
2085 A0319: If you have some list of domains that you want to qualify, you can do
2086 this using a <B>domainlist</B> router. For example,
2092 route_list = "*.a.b $domain.c.com"</PRE>
2094 adds <B>".c.com"</B> to any domain that matches <B>"*.a.b".</B> In the absence of any
2095 options in the route item, the new domain is passed to the next router.
2099 If you want to do this in conjunction with a <B>lookuphost</B> router, the
2100 <TT>widen_domains</TT> option of that router may be another way of achieving what
2104 <A NAME="SEC71" HREF="FAQ.html#TOC71">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
2105 like to know how to restrict mail which comes from that account to users
2110 A0320: Set up a router with <B><B>senders=nobody@your.domain</B></B> which routes all
2111 mail to a local transport that delivers it to <B>/dev/null</B> (or to a pipe
2112 that bounces with an error message, or whatever). That would catch all
2113 mail to non-local domains.
2116 <A NAME="SEC72" HREF="FAQ.html#TOC72">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
2117 valid sites are rejected with "unknown mail domain". This only happens a
2118 few times a day and there is no particular pattern to the sites it
2119 rejects. If I try to lookup the same domain a few minutes later then it
2124 A0321: (A) Have you linked Exim against the newest DNS resolver library that
2125 comes with Bind? If you are using SunOS4 that may be your problem, as
2126 the resolver that comes with that OS is known to be buggy and to give
2127 intermittent false negatives.
2131 (B) Effects like this are sometimes seen if a domain's nameservers get
2132 out of step with each other.
2135 <A NAME="SEC73" HREF="FAQ.html#TOC73">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
2139 A0322: Set <TT>pass_on_timeout</TT> on your <B>lookuphost</B> router, and add below it a
2140 <B>domainlist</B> router that routes everything to the relay.
2143 <A NAME="SEC74" HREF="FAQ.html#TOC74">Q0323</A>: I would like to forward all incoming email for a particular domain to
2144 another machine via SMTP. Whereabouts would I configure that?
2148 A0323: First, do not list the domain in <TT>local_domains</TT>. Instead, list it in
2149 <TT>relay_domains</TT>. Then, if the domain's lowest numbered MX record points to
2150 your host, set up a <B>domainlist</B> router before your normal <B>lookuphost</B>
2151 router, in order to route the domain to the specific host.
2154 <A NAME="SEC75" HREF="FAQ.html#TOC75">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
2155 when MX records point to IP addresses?
2159 A0324: MX records cannot point to IP addresses. They are defined to point to
2160 host names, so Exim always interprets them that way. (An IP address is a
2161 syntactically valid host name.) The DNS for the domain you are having
2162 problems with is misconfigured.
2165 <A NAME="SEC76" HREF="FAQ.html#TOC76">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
2166 to the relevant hosts, but all other mail to be sent to my ISP's mail
2167 server? The local hosts are all DNS-registered and behave like normal
2172 A0325: Set up a first router to pick off all the domains for your local
2173 network. There are several ways you might do this. For example
2179 transport = remote_smtp
2180 domains = lsearch;/etc/local_domains.list</PRE>
2182 This does a perfectly conventional DNS routing operation, but only for
2183 your local domains. Follow this with a "smarthost" router:
2189 transport = remote_smtp
2190 route_list = * mail.isp.net bydns_a</PRE>
2192 This sends anything else to the smart host.
2195 <BR><H2><A NAME="SEC77" HREF="FAQ.html#TOC77">4. DIRECTING
2198 <A NAME="SEC78" HREF="FAQ.html#TOC78">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
2199 aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
2200 example, <B><B>postmaster@virt.dom.ain.</B></B>
2204 A0401: Adding an asterisk to a search type causes Exim to look up "*" when the
2205 normal lookup fails. So if your director is something like this:
2211 domains = virt.dom.ain
2212 file = /usr/lib/aliases.virt
2213 search_type = lsearch
2216 you should change "lsearch" to "lsearch*", and put this in the alias
2221 *: postmaster@virt.dom.ain</PRE>
2223 This solution has the feature that if there are several unknown
2224 addresses in the same message, only one copy gets sent to the
2225 postmaster, because of Exim's normal de-duplication rules.
2229 You can get separate deliveries for each unknown address only if you can
2230 direct them to a specific transport, by using a <B>smartuser</B> director like
2237 domains = virt.dom.ain
2238 file = /usr/lib/aliases.virt
2239 search_type = lsearch</PRE>
2243 domains = virt.dom.ain
2244 transport = special_delivery
2245 new_address = postmaster@virt.dom.ain
2248 If an address in the virtual domain is not matched by the normal alias
2249 lookup, then it gets picked up by the <B>smartuser</B> and passed to the
2250 transport with a new address. There is no checking for duplicates, so
2251 if there is more than one address that passes through this mechanism,
2252 multiple copies get delivered. In order to distinguish them, the
2253 <TT>envelope_to_add</TT> option can be set on the transport, to cause the
2254 insertion of an Envelope-To: header containing the original recipient
2258 <A NAME="SEC79" HREF="FAQ.html#TOC79">Q0402</A>: How do I configure Exim to send all messages to a central server?
2262 A0402: This implies that you are not doing any local deliveries at all. Set
2266 local_domains =</PRE>
2268 in the configuration file. This specifies that there are no local
2269 domains (by default your host name is set up as a local domain). Then
2270 all addresses are non-local -
2271 <A HREF="FAQ.html#SEC53">A0302</A> tells you how to deal with them.
2274 <A NAME="SEC80" HREF="FAQ.html#TOC80">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
2279 A0403: At the end of the directors section of the configuration, insert the
2286 transport = unknown_transport</PRE>
2288 You should add <TT>no_verify</TT> to this if you are verifying addresses;
2289 without it, all local parts will verify as valid in the local domain.
2290 Then somewhere in the transports section of the configuration insert
2296 hosts = server.host.name</PRE>
2298 A colon-separated list of hosts may be given. They are tried in order.
2299 By default, the IP address of any host is found by looking in the DNS
2300 and doing MX processing (so really it is a domain list rather than a
2301 host list). If you don't want MX processing, set the "gethostbyname"
2308 hosts = server.host.name
2311 This calls the gethostbyname() function to find IP addresses. Depending
2312 on your operating system and configuration, this usually consults
2313 <B>/etc/hosts</B> and possibly other sources of information, as well as, or
2314 instead of, the DNS.
2318 If you want to change the recipient address when doing this, you can use
2319 the <TT>new_address</TT> option on the <B>smartuser</B> director. For example, if the
2320 address is <B><B>user@foo.bar.com</B></B> and the setting is
2324 new_address = $local_part@bar.com</PRE>
2326 The message is sent to the server with the envelope recipient changed to
2327 <B><B>user@bar.com.</B></B> However, this does not make any changes to the message's
2331 <A NAME="SEC81" HREF="FAQ.html#TOC81">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
2332 be handled specially?
2336 A0404: You can use the <TT>condition</TT> option on a director or router, with a
2341 condition = "${if and {eq {$sender_host_address}{}} \
2342 {eq {$sender_ident}{majordom}} {yes}{no}}"</PRE>
2344 This first tests for a locally-submitted message, by ensuring there is
2345 no sending host address, and then it checks the identity of the user
2346 that ran the submitting process.
2349 <A NAME="SEC82" HREF="FAQ.html#TOC82">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
2350 qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
2355 A0405: You can do it either way. If you use a single file, you must set
2356 <TT>include_domain</TT> on the <B>aliasfile</B> director. If you use a separate file
2357 for each domain you can use a single director with an option such as
2361 file = /etc/aliases/$domain</PRE>
2363 (as in C007), or you can have several different directors, each one with
2367 domains = domain1:domain2:...</PRE>
2369 so that each one processes certain domains only. That way you could have
2370 several domains sharing an alias file. All of this assumes that you want
2371 have different aliases for each domain. If all the domain names are in
2372 effect just synonyms, you don't need to do anything other than ensure
2373 they all match something in <TT>local_domains</TT>.
2376 <A NAME="SEC83" HREF="FAQ.html#TOC83">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
2377 appends to the user's INBOX. How can I forbid this?
2381 A0406: If you allow your users to run shells in pipes, you cannot control which
2382 commands they run or which files they write to. However, you should point
2383 out to them that writing to an INBOX by arbitrary commands is not
2384 interlocked with the MTA and MUAs, and is liable to mess up the contents
2389 If a user simply wants to choose a specific file for the delivery of
2390 messages, this can be done by putting a file name in a <B>.forward</B> file
2391 rather than using a pipe, or by using the "save" command in an Exim
2396 You can set <TT>forbid_pipe</TT> on the <B>forwardfile</B> director, but that will
2397 prevent them from running any pipe commands at all. Alternatively, you
2398 can restrict which commands they may run in their pipes by setting the
2399 <TT>allow_commands</TT> and/or <TT>restrict_to_path</TT> options in the <TT>address_pipe</TT>
2403 <A NAME="SEC84" HREF="FAQ.html#TOC84">Q0407</A>: How can I arrange for a default value when using a query-style lookup
2404 such as LDAP or NIS+ to handle aliases?
2408 A0407: Using the queries option for the <B>aliasfile</B> driver should do what you
2409 want. You can supply a second query which gets obeyed when the first
2410 query fails. For example,
2415 ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=$local_part@$domain)):\
2416 ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=default@$domain))"</PRE>
2417 <A NAME="SEC85" HREF="FAQ.html#TOC85">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
2418 then mail to aliases which also match the local domain get delivered to
2423 For example, if the alias file for <B>foobar.com</B> is
2427 foo: joe@some.place.com
2428 postmaster: foo</PRE>
2430 then mail sent to <B><B>postmaster@foobar.com</B></B> is not delivered to
2431 <B><B>joe@some.place.com</B></B> but instead goes to <B><B>foo@localdomain.com.</B></B>
2435 A0408: Set the <TT>qualify_preserve_domain</TT> option on the <B>aliasfile</B> director.
2438 <A NAME="SEC86" HREF="FAQ.html#TOC86">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
2439 without root privilege, so Exim cannot access <B>~user/.forward.</B>
2443 A0409: Set the seteuid option on the <B>forwardfile</B> director so that Exim
2444 "becomes" the user before trying to read the file. However, if your
2445 operating system does not support the seteuid() function, you cannot do
2446 this. In that circumstance, if you cannot persuade your users to make
2447 their <B>.forward</B> files world readable, you can set the <TT>ignore_eacces</TT>
2448 option, which causes Exim to ignore unreadable files.
2451 <A NAME="SEC87" HREF="FAQ.html#TOC87">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
2452 existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
2456 A0410: Exim is running under its own uid (or root if there isn't an Exim uid)
2457 when it checks <TT>require_files</TT>. You can cause it to change to a specific
2458 uid by putting an item not containing any / characters at the start of
2459 the <TT>require_files</TT> list. In this case you probably want a director along
2466 require_files = ${local_part}:${home}/.procmailrc
2467 transport = procmail_pipe</PRE>
2468 <A NAME="SEC88" HREF="FAQ.html#TOC88">Q0411</A>: How can I deliver mail into different directories for each virtual
2469 domain, doing user lookups not against <B>/etc/passwd</B> but against
2470 <B><B>/etc/passwd.domain</B>?</B>
2474 A0411: See configuration sample C009.
2477 <A NAME="SEC89" HREF="FAQ.html#TOC89">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
2478 to a single address for each domain.
2482 A0412: One way to to this is
2488 domains = lsearch;/etc/virtual
2489 new_address = ${lookup{$domain}lsearch{/etc/virtual}{$value}fail}</PRE>
2491 The <B>/etc/virtual</B> file contains a list of domains and the addresses to
2492 which their mail should be sent. For example:
2496 domain1: postmaster@some.where.else
2497 domain2: joe@xyz.plc
2500 If the number of domains is large, using a DBM or cdb file would be more
2504 <A NAME="SEC90" HREF="FAQ.html#TOC90">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
2508 A0413: The default configuration does not use NIS (many hosts don't run it).
2509 You should change the <TT>system_aliases</TT> director to
2516 search_type = nis</PRE>
2518 If you want to use <B>/etc/aliases</B> as well as NIS, put this director (with
2519 a different name) before or after the default one, depending on which
2520 data source you want to take precedence.
2523 <A NAME="SEC91" HREF="FAQ.html#TOC91">Q0414</A>: What does the error message "error in forward file (filtering not
2524 enabled): missing or malformed local part ..." mean?
2528 A0414: If you are trying to use an Exim filter, you have forgotten to enable
2529 the facility, which is disabled by default. In the <B>forwardfile</B> director
2530 (in the Exim configuration file) you need to set
2536 to allow a <B>.forward</B> file to be used as an Exim filter. If you are not
2537 trying to use an Exim filter, then you have put a malformed address in
2538 the <B>.forward</B> file.
2541 <A NAME="SEC92" HREF="FAQ.html#TOC92">Q0415</A>: Exim isn't recognizing certain forms of local address.
2545 A0415: (A) Try using the <B>-bt</B> option with debugging turned on, to see how Exim
2546 is handling the addresses. For example,
2550 exim -d2 -bt z6abc</PRE>
2552 will show you how it would handle the local part "z6abc". Increase the
2553 debug level to <B>-d9</B> for more information.
2557 (B) If the local user names contain capital letters, that is probably
2558 the cause of your problem. Setting up such user names is a bad idea.
2559 By default, everything is lowercased before the final delivery for the
2560 sake of alias matching and user name matching, because people who type
2561 email addresses often get the case wrong. You can stop this by setting
2565 locally_caseless = false</PRE>
2567 but then incoming addresses are recognized only in the correct case.
2569 <A HREF="FAQ.html#SEC101">Q0424</A> for a way round this.
2572 <A NAME="SEC93" HREF="FAQ.html#TOC93">Q0416</A>: I have a domain for which some local parts must be delivered locally,
2573 but the remainder are to be treated like any other remote addresses.
2578 <A HREF="FAQ.html#SEC59">A0308</A>.
2581 <A NAME="SEC94" HREF="FAQ.html#TOC94">Q0417</A>: What I really need is the ability to obtain the result of a pipe
2582 command so that I can filter externally and redirect internally. Is
2587 A0417: This is not possible. The result of a pipe command is not available to
2588 a filter, because it doesn't run any deliveries while filtering. It just
2589 sets up deliveries. They all happen later. If you want to run pipes
2590 and examine their results, you need to set up a single delivery to a
2591 delivery agent such as procmail which provides this kind of facility.
2594 <A NAME="SEC95" HREF="FAQ.html#TOC95">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
2595 checking the <TT>local_parts</TT> option. Why is this?
2599 A0418: The test on local parts and domains is done early on, and only if they
2600 match is supplementary processing such as prefix and suffix recognition
2601 done. There is a section of the manual called "Skipping directors" which
2602 gives details. If you want to ignore a prefix or suffix in the initial
2603 test of the local part, you can do so by replacing <TT>local_parts</TT> with a
2604 setting of the <TT>condition</TT> option. For example, suppose you wanted to
2605 look up the basic local part in a file, and run the director if it is
2610 condition = "${if lookup{\
2611 ${if match{$local_part}{^(.*)-request}{$1}{$local_part}}\
2612 }lsearch{/some/file}{yes}}"</PRE>
2614 The key that is looked up is the second line, which uses a regular
2615 expression to strip "-request" from the local part if it is present.
2618 <A NAME="SEC96" HREF="FAQ.html#TOC96">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
2619 than 8 characters as long as the first 8 characters match one of the
2624 A0419: The problem is in your operating system. Exim just calls the getpwnam()
2625 function to test a local part for being a local login name. It does not
2626 presume to guess the maximum length of user name for the underlying
2627 operating system. Many operating systems correctly reject names that are
2628 longer than the maximum length; yours is apparently deficient in this
2629 regard. To cope with such systems, Exim has an option called
2630 <TT>max_user_name_length</TT> which you can set to the maximum allowed length.
2633 <A NAME="SEC97" HREF="FAQ.html#TOC97">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
2634 (userforward director)"? I've looked through the documentation but can't
2635 see anything to suggest that exim has to do anything other than read the
2636 <B>.forward</B> file.
2640 A0420: For security, Exim checks for mode bits that shouldn't be set, by
2641 default 022. You can change this by setting the "modemask" option of the
2642 <B>forwardfile</B> director.
2645 <A NAME="SEC98" HREF="FAQ.html#TOC98">Q0421</A>: How can I arrange that messages larger than some limit are handled by
2651 <A HREF="FAQ.html#SEC62">A0311</A>.
2654 <A NAME="SEC99" HREF="FAQ.html#TOC99">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
2655 delivery of all messages to that user, which sometimes include the
2656 user's own test messages. Can it be told to ignore the <B>.forward</B> file
2657 and/or inform the user of the error?
2661 A0422: Setting <TT>skip_syntax_errors</TT> on the <B>forwardfile</B> director causes syntax
2662 errors to be skipped. When dealing with users' <B>.forward</B> files it is best
2663 to combine this with a setting of <TT>syntax_errors_to</TT> in order to send
2664 a message about the error to the user. However, to avoid an infinite
2665 cascade of messages, you have to be able to send to an address that
2666 bypasses <B>.forward</B> file processing. This can be done by including a
2667 director like this one
2673 transport = local_delivery
2674 prefix = real-</PRE>
2676 <EM>before</EM> the <B>forwardfile</B> director. This will do an ordinary local
2677 delivery without <B>.forward</B> processing, if the local part is prefixed by
2678 "real-". You can then set something like the following options on the
2679 <B>forwardfile</B> director:
2684 syntax_errors_to = real-$local_part@$domain
2685 syntax_errors_text = "\
2686 This is an automatically generated message. An error has been \
2687 found\nin your .forward file. Details of the error are reported \
2688 below. While\nthis error persists, messages addressed to you will \
2689 get delivered into\nyour normal mailbox and you will receive a \
2690 copy of this message for\neach one."</PRE>
2692 A final tidying setting to go with this is a rewriting rule that changes
2693 "real-username" into just "username" in the headers of the message:
2697 ^real-([^@]+)@your\.dom\.ain$ $1@your.dom.ain h</PRE>
2699 This means that users won't ever see the "real-" prefix, unless they
2700 look at the Envelope-To header.
2703 <A NAME="SEC100" HREF="FAQ.html#TOC100">Q0423</A>: I have some users on my system with upper case letters in their login
2704 names, but these are not recognized.
2709 <A HREF="FAQ.html#SEC101">A0424</A>.
2712 <A NAME="SEC101" HREF="FAQ.html#TOC101">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
2713 in their login names, but incoming mail now has to use the correct case.
2714 Can I relax this somehow?
2718 A0424: If you really have to live with caseful user names but want incoming
2719 local parts to be caseless, then you have to maintain a file, indexed by
2720 the lower case forms, that gives the correct case for each login, like
2731 and at the start of your directors, put one like this:
2737 new_address = "${lookup{${lc:$local_part}}lsearch{/the/file}\
2738 {$value@$domain}fail}"</PRE>
2740 For efficiency, you should also set the <TT>new_director</TT> option to cause
2741 processing of the changed address to begin at the next director. If you
2742 are otherwise using the default configuration, then the setting would be
2746 new_director = system_aliases</PRE>
2748 If there are lots of users, then a DBM or cdb file would be more
2749 efficient than lsearch. If you are handling several domains, then you
2750 will have to extend this configuration to cope appropriately.
2753 <A NAME="SEC102" HREF="FAQ.html#TOC102">Q0425</A>: I want to look up local users in an SQL database instead of looking in
2758 A0425: (A) From release 3.03, Exim contains support for calling MySQL.
2762 (B) If you can set up an LDAP interface to your SQL database, then this
2763 is relatively straightforward to do, since Exim contains LDAP support.
2764 Sample configuration C009 shows you how to lookup users in
2765 <B>/etc/passwd/whatever</B> instead of <B>/etc/passwd</B>. Modifying this to use LDAP
2766 instead of looking in a file would be easy.
2770 (C) If you can access SQL from Perl, you could use Exim's embedded Perl
2771 facility, but this is expensive in terms of resources used.
2775 You must consider what will happen if your database is down. All local
2776 mail delivery will be delayed until it comes up again. Whether this
2777 matters is of course something for you to decide. If the database is
2778 down a lot and it does matter, then consider some scheme of extracting
2779 a list of users from the database at regular intervals, and getting Exim
2780 to work off that. This is also likely to be more efficient.
2783 <A NAME="SEC103" HREF="FAQ.html#TOC103">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
2784 of virtual domains and explicit aliases?
2789 <A HREF="FAQ.html#SEC102">A0425</A>.
2792 <A NAME="SEC104" HREF="FAQ.html#TOC104">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
2793 and effectively drop in exim in place of Sendmail ?
2797 A0427: Yes, as long as your alias/forward files don't assume that pipes are
2798 going to run under a shell. If they do, you either have to change them,
2799 or configure Exim to use a shell (which it doesn't by default).
2802 <A NAME="SEC105" HREF="FAQ.html#TOC105">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
2807 A0428: This is the same question as
2808 <A HREF="FAQ.html#SEC79">Q0402</A>. The duplication is a bug in the FAQ.
2811 <A NAME="SEC106" HREF="FAQ.html#TOC106">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
2812 existing user would bounce back with a different message, based
2813 on the name of non-existing user?
2817 A0429: See the example in the section of the manual entitled "System-wide
2818 automatic processing".
2821 <A NAME="SEC107" HREF="FAQ.html#TOC107">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
2822 wondering if it worth leaving the actually list expansion to the
2823 <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
2824 transport? Is there any real difference in terms of facilities and/or
2825 performance, and are the expansions basically the same code anyway?
2829 A0430: The code that pulls out individual addresses from a list is the same in
2830 both cases, so it's really just a matter of which is the most convenient
2834 <A NAME="SEC108" HREF="FAQ.html#TOC108">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
2835 automatically, so that people could just create a .<B>vacation.msg</B> file in
2836 their home directory and not have to edit their <B>.forward</B> file?
2840 A0431: Add a new director like this, immediately before the normal localuser
2847 require_files = .vacation.msg
2848 transport = vacation_transport
2851 and a matching new transport like this:
2857 command = "/usr/ucb/vacation \"$local_part\""</PRE>
2859 However, some versions of <B>/usr/ucb/vacation</B> do not work properly unless
2860 the DBM file(s) it uses are created in advance - it won't create them
2861 itself. You also need a way of removing them when the vacation is over.
2865 Another possibility is to use a fixed filter file which is run whenever
2866 .<B>vacation.msg</B> exists, for example:
2871 driver = forwardfile
2873 require_files = $home/.vacation.msg
2874 file = /some/central/filter
2877 The filter file should use the "if personal" check before sending mail,
2878 to avoid generating automatic responses to mailing lists. If sending a
2879 message is all that it does, this doesn't count as a "significant"
2880 delivery, so the message goes on to be delivered as normal.
2884 Yet another possibility is to make use of Exim's autoreply transport.
2888 <A NAME="SEC109" HREF="FAQ.html#TOC109">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
2889 local parts that the aliases generate. For example, if the alias file
2894 luke.skywalker: luke
2898 then messages addressed to <B>luke.skywalker</B> end up at postmaster.
2902 A0432: (A) If you know for certain that no alias in your alias file ever
2903 generates another alias that is in the same file, then the most
2904 efficient solution is to put
2908 new_director = name-of-following-director</PRE>
2910 in your <B>aliasfile</B> director. This stops Exim from processing the
2911 generated names as aliases the second time.
2915 (B) If you can't give that guarantee, then you have to put dummy entries
2916 in the alias file for all your local parts, for example:
2922 (C) Another possibility is to put the <B>aliasfile</B> director for these
2923 aliases <EM>after</EM> the localuser director, so that local parts get picked
2924 off first. You will need to have two <B>aliasfile</B> directors if there are
2925 some local parts (e.g. root) which you do want to handle as aliases
2926 rather than local users.
2929 <A NAME="SEC110" HREF="FAQ.html#TOC110">Q0433</A>: I have some obsolete domains which people have been warned not to use
2930 any more. How can I arrange to delete any mail that is sent to them?
2934 A0433: If you are using release 3.10 or later, you can use a <B>smartuser</B> director
2940 domains = lsearch;/etc/exim/obsolete.domains
2941 new_address = :blackhole:</PRE>
2943 If you want to make any exceptions, for example, for mail to postmaster
2944 at those domains, you can add the line
2948 local_parts = !postmaster</PRE>
2950 If you are using an earlier release of Exim, you have to set up an alias
2951 file in order to use :blackhole:
2956 domains = lsearch;/etc/exim/obsolete.domains
2957 file = /blackhole/all
2958 search_type = lsearch*</PRE>
2960 with the file containing
2968 and possibly a postmaster alias if you want.
2971 <A NAME="SEC111" HREF="FAQ.html#TOC111">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
2972 gets delivered to <B><B>something@mydomain.com</B>?</B>
2976 A0434: Ensure that all the relevant domains are local, by setting
2980 local_domains = mydomain.com : *.mydomain.com</PRE>
2982 Then set up a <B>smartuser</B> director like this:
2988 new_address = "${if match{$domain}{^(.+)\\\\.mydomain.com\\$}\
2989 {$1@mydomain.com}fail}"</PRE>
2990 <A NAME="SEC112" HREF="FAQ.html#TOC112">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
2991 one of my directors:
2995 local_parts = ^0740\d{6}</PRE>
2997 A0435: The <TT>local_parts</TT> option is expanded before use, so that you can, for
2998 example, make it dependent on the domain. Therefore, you need to write
3002 local_parts = ^0740\\d{6}</PRE>
3004 so as to preserve the backslash.
3007 <A NAME="SEC113" HREF="FAQ.html#TOC113">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
3008 to share the same alias file? I have a number of such groups.
3012 A0436: For a single group you could just hardwire the file name into a director
3017 domains = *.example.com</PRE>
3019 set, to restrict it to the relevant domains. For a number of such groups
3020 you can create a file containing the domains, like this:
3024 *.example1.com example1.com
3025 *.example2.com example2.com
3028 Arrange that the domains are treated as local by setting
3032 local_domains = "partial-lsearch;/that/file"</PRE>
3034 Then create a director like this
3040 domains = partial-lsearch;/that/file
3041 file = /etc/aliases.d/$domain_data
3042 search_type = lsearch*</PRE>
3044 The variable <B>$domain_data</B> contains the data that was looked up when the
3045 <TT>domains</TT> option was matched, i.e. <B>"example1.com",</B> <B>"example2.com",</B> etc.
3049 <A NAME="SEC114" HREF="FAQ.html#TOC114">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
3050 giving "Permission denied", but that file is world-readable!
3054 A0437: Check the permissions on the superior directories.
3057 <BR><H2><A NAME="SEC115" HREF="FAQ.html#TOC115">5. DELIVERY
3060 <A NAME="SEC116" HREF="FAQ.html#TOC116">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
3061 a uid for local delivery of..." mean?
3065 A0501: Whenever Exim does a local delivery, it runs a process under a specific
3066 user and group id (uid and gid). For deliveries into mailboxes, and to
3067 pipes and files set up by <B>.forward</B>ing, it normally picks up the uid/gid
3068 of the receiving user. However, if an address is directed to a pipe or a
3069 file by some other means, such an entry in the system alias file of the
3074 majordomo: |/local/mail/majordomo ...</PRE>
3076 then Exim has to be told what uid/gid to use for the delivery. This can
3077 be done either on the director that handled the address, or on the
3078 transport that actually does the delivery. If a pipe is going to run a
3079 setuid program, then it doesn't matter what uid Exim starts it out with,
3080 and so the most straightforward thing is to put
3086 on either the director or the transport. A setting on the transport
3087 overrides a setting on the director, so if the same transport is being
3088 used with several directors, you should set the user on it only if you
3089 want the same uid to be used in all cases.
3093 In the default configuration, the transports used for file and pipe
3094 deliveries are the ones called <TT>address_file</TT> and <TT>address_pipe</TT>. You
3095 can specify different transports by setting, for example,
3099 pipe_transport = special_pipe_transport</PRE>
3101 on the <B>aliasfile</B> director. Then you can set up <TT>special_pipe_transport</TT>
3105 special_pipe_transport:
3109 which will be used only for pipe deliveries from that one director.
3110 What you put for the ???? is up to you, and depends on the particular
3114 <A NAME="SEC117" HREF="FAQ.html#TOC117">Q0502</A>: Exim won't deliver to a host with no MX record.
3118 A0502: (A) Are you sure there really is no MX record? Sometimes a typo results
3119 in a malformed MX record in the zone file, in which case some nameservers
3120 give a SERVFAIL error rather than NXDOMAIN. Exim has to treat this as
3121 a temporary error, so it can't go on to look for an A record. You can
3122 check for this state using one of the DNS interrogation commands, such
3127 (B) Is there a wildcard MX record for <EM>your</EM> domain? Is the
3128 <TT>search_parents</TT> option on in your <B>lookuphost</B> router? (Prior to Exim
3129 version 1.80 this was the default; it was changed because of this
3130 problem.) If the answer to both these questions is "yes", then that is
3131 the cause of the problem. When the DNS resolver fails to find the MX
3132 record, it tries adding on your domain if <TT>search_parents</TT> is true, and
3133 thereby finds your wildcard MX record. For example:
3137 . There is a wildcard MX record for <B>*.a.b.c.</B>
3141 . There is a host called <B>x.y.z</B> that has an A record and no MX record.
3145 . Somebody on a machine <B>m.a.b.c</B> domain tries to mail to <B><B>user@x.y.z.</B></B>
3149 . Exim calls the DNS to look for an MX record for <B>x.y.z.</B>
3153 . The DNS doesn't find any MX record. Because <TT>search_parents</TT> is true,
3154 it then tries searching the current host's parent domain, so it
3155 looks for <B>x.y.z.a.b.c</B> and picks up the wildcard MX record.
3159 Setting <TT>search_parents</TT> false makes this case work while retaining the
3160 wildcard MX record. However, anybody on the machine <B>m.a.b.c</B> who mails to
3161 <B><B>user@n.a</B></B> (expecting it to go to <B><B>user@n.a.b.c</B>)</B> now has a problem. The
3162 <TT>widen_domains</TT> option of the <B>lookuphost</B> router may be helpful in this
3166 <A NAME="SEC118" HREF="FAQ.html#TOC118">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
3167 system for a domain on a dial-up host?
3172 <A HREF="FAQ.html#SEC220">Q1402</A>.
3175 <A NAME="SEC119" HREF="FAQ.html#TOC119">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
3176 also to generate a message to the envelope sender.
3180 A0504: If the domain is a local one, you can do this with an "unseen" <B>smartuser</B>
3181 director and an autoreply transport, along the following lines:
3188 file = /usr/local/mail/warning.txt
3190 from = postmaster@your.domain
3191 to = $sender_address
3193 subject = "Re: Your mail to ${local_part}@${domain}"</PRE>
3198 domains = <domains you want to do this for>
3199 condition = ${if eq{$sender_address}{}{no}{yes}}
3200 transport = warning_t
3204 Note the use of the <TT>condition</TT> option to avoid attempting to send a
3205 message when there is no sender (that is, when the incoming message is a
3206 delivery error report). You can of course extend this to include other
3207 conditions. If you want to log the sending of messages, you can add
3211 log = /some/file</PRE>
3213 to the transport and also make use of the "once" option if you want to
3214 send only one message to each sender.
3217 <A NAME="SEC120" HREF="FAQ.html#TOC120">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
3218 delivery. This seems to happen when it is about to contact a remote
3219 host or when a delivery is deferred.
3223 A0505: This could be a problem with Exim's databases. Check that your DBM
3224 library is correctly installed. In particular, if you have installed a
3225 second DBM library onto a system that already had one, check that its
3226 version of <B>ndbm.h</B> is being seen first. For example, if the new version
3227 is in <B>/usr/local/include</B>, check that there isn't another version in
3228 <B>/usr/include</B>. If you are using Berkeley db, you can set <TT>USE_DB=yes</TT> in
3229 your <B>Local/Makefile</B> to avoid using <B>ndbm.h</B> altogether. This is
3230 particularly relevant for version 2 of Berkeley db, because no <B>ndbm.h</B>
3231 file is distributed with it.
3234 <A NAME="SEC121" HREF="FAQ.html#TOC121">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
3235 error for the <B>.forward</B> file, like this:
3239 1998-08-10 16:55:32 0z5y2W-0000B8-00 == xxxx@yyy.zzz <xxxx@yyy.zz>
3240 D=userforward defer (-1): failed to open /home/xxxx/.forward
3241 (userforward director): Permission denied (euid=1234 egid=101)</PRE>
3243 A0506: Have you remembered to make Exim setuid root?
3246 <A NAME="SEC122" HREF="FAQ.html#TOC122">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
3251 A0507: Most people set up root as an alias for the manager of the machine. If
3252 you haven't done this, Exim will attempt to deliver to root as if it
3253 were a normal user. This isn't really a good idea because the delivery
3254 process would run as root. Exim has a trigger guard in the option
3258 never_users = root</PRE>
3260 in the default configuration file. This prevents it from running as root
3261 when doing any local deliveries. If you really want to run local
3262 deliveries as root, remove this line, but it would be better to create
3263 an alias for root instead.
3266 <A NAME="SEC123" HREF="FAQ.html#TOC123">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
3267 undeliverable, spammer senders) from clogging up the queue for days?
3271 A0508: Set <TT>ignore_errmsg_errors</TT> to drop them immediately, or set <TT>ignore_errmsg_</TT>
3272 <TT>errors_after</TT> to specify a (short) time to keep them for. I use 12h so
3273 that I notice them, but they go away relatively quickly.
3276 <A NAME="SEC124" HREF="FAQ.html#TOC124">Q0509</A>: How can mails that are being routed through directors other than
3277 localuser be delivered under the uid of the recipient?
3282 <A HREF="FAQ.html#SEC116">A0501</A> contains background information on this. If you are using, say, an
3283 alias file to direct messages to specific mailboxes, then you can use
3284 the "user" option on either the <B>aliasfile</B> director or the appendfile
3285 transport to set the uid. What you put in the setting depends on how
3286 the required uid is to be found. It could be looked up in a file or
3287 computed somehow from the local part, for example.
3290 <A NAME="SEC125" HREF="FAQ.html#TOC125">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
3291 ctrl-A characters that separate indvidual emails?
3295 A0510: Set the suffix option in the appendfile transport. In fact, for MMDF
3296 mailboxes you need a prefix as well as a suffix to get it working right,
3297 so your transport should contain these settings:
3301 prefix = "\1\1\1\1\n"
3302 suffix = "\1\1\1\1\n"</PRE>
3304 Also, you need to change the <TT>check_string</TT> and <TT>escape_string</TT> settings so
3305 that the escaping happens for lines in the message that happen to begin
3306 with the MMDF prefix or suffix string, rather than "From" (the default):
3310 check_string = "\1\1\1\1\n"
3311 escape_string = "\1\1\1\1 \n"</PRE>
3313 Adding a space to the line is sufficient to prevent it being taken as a
3317 <A NAME="SEC126" HREF="FAQ.html#TOC126">Q0511</A>: I have an ISDN connection and would like a way of running the queue
3318 automatically when it is up.
3322 A0511: The following shell commands test for the interface being up and then
3327 ifconfig ppp0 | fgrep UP >/dev/null
3328 if [ $? -eq 0 ] ; then exim -q ; fi</PRE>
3330 You could put these commands into a script which runs them at regular
3331 intervals. You might want to use <B>-qq</B> instead of <B><B>-q.</B></B>
3335 With Linux, the script <B>/etc/ppp/ip-up</B> is run after a ISDN connection
3336 or a more general PPP connection has been established. If you are using
3337 Linux, you could put the call to exim in that script.
3340 <A NAME="SEC127" HREF="FAQ.html#TOC127">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
3341 that the mail bounces to the sender and is NOT stored in the mail queue?
3345 A0512: In the retry section of the configuration, put
3349 *@your.dom.ain quota</PRE>
3351 That is, provide no retry timings for over quota errors. They will then
3352 bounce immediately. Alternatively, you can set up retries for a short
3353 time only, or use something like this:
3357 *@your.dom.ain quota_7d
3358 *@your.dom.ain quota F,2h,15m; F,3d,1h</PRE>
3360 which bounces immediately if the user's mailbox hasn't been read for 7
3361 days, but otherwise tries for up to 3 days after the first quota
3365 <A NAME="SEC128" HREF="FAQ.html#TOC128">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
3366 <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
3367 message bodies started to vanish.
3371 A0513: You need to unset the prefix option (or change it so that its default
3372 \n terminator becomes \r\n). For example, the transport could be:
3378 command = "/usr/local/bin/tmail ${local_part}"
3380 current_directory = /
3384 The reason for this is as follows: tmail uses the line terminator on
3385 the first line it sees to determine whether lines are terminated by
3386 \r\n or \n. If the latter, it moans to stderr and changes subsequent
3387 \n terminators to \r\n. The default setting of the prefix option is
3388 "From ...\n", and this is unaffected by the <TT>use_crlf</TT> option. If you
3389 don't change this, tmail sees the first line terminated by \n and
3390 prepends \r to the \n terminator on all subsequent lines. However, if
3391 <TT>use_crlf</TT> is set, Exim makes all other lines \r\n terminated leading to
3392 doubled \r\r\n lines and corrupt mbx mailboxes.
3395 <A NAME="SEC129" HREF="FAQ.html#TOC129">Q0514</A>: What does the message "Unable to get root to set uid and gid
3396 for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
3400 A0514: Have you remembered to make Exim setuid root? It needs root privilege if
3401 it is to do any local deliveries, because it does them "as the user".
3404 <A NAME="SEC130" HREF="FAQ.html#TOC130">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
3405 is gone. Any idea how to get it back?
3409 A0515: Read paragraph 1 of the 1.92 information in <B>README.UPDATING.</B> Add
3410 <TT>envelope_to_add</TT> to your transports for your virtual domains. You may
3411 also want to set <TT>return_path_add</TT> and <TT>delivery_date_add</TT>.
3414 <A NAME="SEC131" HREF="FAQ.html#TOC131">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
3415 without logging any deliveries. What's going on?
3419 A0516: This is unlikely in current versions of Exim, because more logging
3420 has been added. In versions before 2.053, one scenario is that the
3421 message was addressed to some user who has set up an Exim filter
3422 containing the command "seen finish", which discards a message without
3423 doing any deliveries. (In current versions of Exim this is logged as
3424 "discarded".) More information can be obtained by setting
3428 log_received_recipients</PRE>
3430 so that next time you can see to whom it is addressed. Another
3431 possibility, prior to version 2.053, was that the message was injected
3432 using the <B>-t</B> option, but all the addresses in the message were also on
3433 the command line. See
3434 <A HREF="FAQ.html#SEC248">A5020</A> for more detail. Current versions of Exim
3435 generate a bounce message in this case.
3438 <A NAME="SEC132" HREF="FAQ.html#TOC132">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
3439 sending options, then I get an error message from Exim... something
3440 like "not supported". Can I activate delivery confirmations?
3444 A0517: Exim does not support any kind of delivery notification.
3448 (A) You can configure it to recognize headers such as
3449 "Return-receipt-to:" if you wish.
3453 (B) Some people want MSN (message status notification). Such services
3454 are implemented in MUAs, and don't impact on the MTA at all.
3458 (C) I investigated the RFCs which describe the DSN (delivery status
3459 notification) system, and there is even a bit of code in there (excluded
3460 by #ifdef) for handling some of the data. However, I was unable to
3461 specify any sensible way of actually doing anything with the data. There
3462 were comments on the mailing list at the time; many people, including
3463 me, conclude that DSN is in practice unworkable. The killer problem is
3464 with forwarding and aliasing. Do you propagate the DSN data with the
3465 generated addresses? Do you send back a "reached end of the DSN world"
3466 or "expanded" message? Do you do this differently for different kinds of
3467 aliasing/forwarding? For a user who has a <B>.forward</B> file with a single
3468 address in, this might seem easy - just propagate the data. But what if
3469 there are several forwardings? If you propagate the DSN data, the sender
3470 may get back several DSN messages - and should the sender really know
3471 about the detail of the receiver's forwarding arrangements? There isn't
3472 really any way to distinguish between a <B>.forward</B> file that is forwarding
3473 and one that is a mini mailing list. And so on, and so on. There are so
3474 many questions that don't have obvious answers.
3477 <A NAME="SEC133" HREF="FAQ.html#TOC133">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
3478 get delivered immediately; the remainder just sit on the queue until a
3479 queue runner process finds them.
3483 A0518: Your ISP is delivering all the messages in a single SMTP session. Exim
3484 limits the number of immediate delivery processes it will create as a
3485 result of a single SMTP connection, in order to avoid creating a zillion
3486 processes on systems that can have many incoming connections. In your
3487 situation, you should probably set <TT>smtp_accept_queue_per_connection</TT> to
3488 some number larger than 10.
3491 <A NAME="SEC134" HREF="FAQ.html#TOC134">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
3492 that they have no sender. The SMTP trace does indeed show that the
3493 sender address is "<>". Why is the Sender on the bounce message empty?
3497 A0519: Because the RFCs say it must be. Your ISP is at fault. Send them this
3498 extract from RFC 1123 section 5.3.3 ("Reliable Mail Receipt"):
3502 If there is a delivery failure after acceptance of a message,
3503 the receiver-SMTP MUST formulate and mail a notification
3504 message. This notification MUST be sent using a null ("<>")
3505 reverse path in the envelope; see Section 3.6 of RFC-821. The
3506 recipient of this notification SHOULD be the address from the
3507 envelope return path (or the Return-Path: line). However, if
3508 this address is null ("<>"), the receiver-SMTP MUST NOT send a
3509 notification. If the address is an explicit source route, it
3510 SHOULD be stripped down to its final hop.
3513 <A NAME="SEC135" HREF="FAQ.html#TOC135">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
3514 mean? Why won't Exim try to deliver the message?
3518 A0520: That is not an error. It means exactly what it says. A previous attempt
3519 to deliver to that address failed with a temporary error, and Exim
3520 computed the earliest time at which to try again. This can apply to
3521 local as well as to remote deliveries. For remote deliveries, each host
3522 (if there are several) has its own retry time.
3526 Some MTAs have a retrying schedule for each message. Exim does not work
3527 like this. Retry timing is normally host-based for remote domains and
3528 address-based for local domains. (There are some exceptions for certain
3529 kinds of remote failure - see "Errors in outgoing SMTP" in the manual.)
3533 If a new message arrives for a failing address and the retry time has
3534 not yet arrived, Exim will log "retry time not reached" and leave the
3535 message on the queue, without attempting delivery. Similarly, if a queue
3536 runner notices the message before the time to retry has arrived, it
3537 writes the same log entry. When the retry time has past, Exim attempts
3538 delivery at the next queue run. If you want to know when that will be,
3539 run the exinext utility on the address, for example:
3543 exinext user@some.domain</PRE>
3545 You can suppress these messages on the log by setting <TT>log_level</TT> to a
3546 value that is less than 5. You can force a delivery attempt on a
3547 specific message (overriding the retry time) by means of the <B>-M</B> option:
3551 exim -M 10hCET-0000Bf-00</PRE>
3553 If you want to do this for the entire queue, use the <B>-qf</B> option. See
3555 <A HREF="FAQ.html#SEC148">Q0533</A>.
3558 <A NAME="SEC136" HREF="FAQ.html#TOC136">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
3559 mail queued for that host, no matter what domain it's for, to be
3560 dequeued. Why doesn't Exim support this?
3564 A0521: Exim does not keep queues of mail for specific destinations. It just
3565 keeps one pool of undelivered messages. What is more, once you start a
3566 delivery of a message, it tries to deliver to <EM>all</EM> the addresses in the
3567 message, not just the one you may be interested in. (Of course, this
3568 doesn't usually do any harm.)
3572 The only way it could be done within Exim would be, for <EM>every</EM> message
3573 on the queue, to go through the motions of routing each undelivered
3574 address and see if that resulted in a delivery to the host of interest.
3575 This could be extremely expensive (e.g. 1,000 messages on the queue,
3576 only 1 for the given host).
3580 The bottom line is that Exim just wasn't designed for this kind of
3581 operation, that is, holding messages for intermittently connected hosts.
3582 The queueing arrangements are designed for handling delivery problems
3583 that are not expected to be common.
3587 A better way to do this is to implement the required queues separately.
3588 After all, keeping such mail on an "active" queue (where Exim will keep
3589 trying to deliver) is silly. If there is a lot of mail for these hosts,
3590 it also masks genuine delivery problems when you inspect the queue.
3594 Large ISPs who provide this kind of functionality do not usually leave
3595 waiting mail on the MTA's queue. Instead, they get it delivered into
3596 per-host directories, one message per file, in one of the special
3597 formats (BSMTP, maildir, or mailstore) and when an ETRN arrives, it
3598 kicks off some completely different program that establishes an SMTP
3599 connection to the host and shovels the waiting mail down it. That seems
3600 to me to be a much neater way of doing this. It means you can easily add
3601 additional functionality such as archiving or throwing away uncollected
3602 mail. One program that has this functionality is "ssmtp", which can be
3603 found in <B><A HREF="ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.">ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.</A></B>
3606 <A NAME="SEC137" HREF="FAQ.html#TOC137">Q0522</A>: If email has been deferred to a member on a local mailing list
3607 (implemented through forward files), and one of our ETRN clients is on
3608 this mailing list, the <B>-R</B> won't "flush" the mailing list message for
3613 A0522: That is because <B>-R</B> matches only original recipient addresses, not those
3614 produced as a result of expansion, because these are not (by default)
3615 preserved from delivery to delivery. You can get round this by setting
3616 <TT>one_time</TT> on the <B>forwardfile</B> director, but you are not allowed to have
3617 expansions to pipes or files on directors that have <TT>one_time</TT> set.
3618 Therefore, you will have to have a separate director for mailing lists
3619 (with <TT>one_time</TT> set) to the one used for normal forward files that might
3620 specify pipe or file deliveries. However, the problem will then still be
3621 present for any user who sets up a <B>.forward</B> file to redirect to any of
3622 the ETRN domains. See the last 3 paragraphs of
3623 <A HREF="FAQ.html#SEC136">A0521</A> for a discussion of
3624 an alternative approach.
3627 <A NAME="SEC138" HREF="FAQ.html#TOC138">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
3628 although there is a difference in capitalization of the local part of
3633 A0523: That is correct. The RFCs are explicit in stating that capitalization
3634 matters for local parts. For remote domains, Exim is not entitled to
3635 assume case independence of local parts. I know, it is utterly silly,
3636 and it causes a lot of grief, but that's what the rules say. Here is a
3637 quote from the draft of the forthcoming revision to RFC 821:
3641 ... a command verb, an argument value other than a mailbox
3642 local-part, and free form text MAY be encoded in upper case,
3643 lower case, or any mixture of upper and lower case with no impact
3644 on its meaning. This is NOT true of a mailbox local-part. The
3645 local-part of a mailbox MUST BE treated as case sensitive.
3646 Therefore, SMTP implementations MUST take care to preserve the
3647 case of mailbox local-parts. Mailbox domains are not case
3648 sensitive. However, exploiting the case sensitivity of mailbox
3649 local-parts impedes interoperability and is discouraged.
3652 <A NAME="SEC139" HREF="FAQ.html#TOC139">Q0524</A>: How can I force the next retry time for a host to be now?
3656 A0524: (A) You can force a particular message to be delivered with the <B>-M</B>
3657 command line option. If it succeeds, the retry data will get cleared. If
3658 the host is past the cutoff time, so that messages are bouncing
3659 immediately without trying a delivery, you can use <B>-odq</B> to put a message
3660 on the queue without a delivery attempt, and then use <B>-M</B> on it.
3664 (B) You can change the retry time with the <TT>exim_fixdb</TT> utility, but its
3665 interface is very clumsy.
3668 <A NAME="SEC140" HREF="FAQ.html#TOC140">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
3669 alias but it doesn't work.
3673 A0525: That is a shell command line. Exim does not run pipe commands under a
3674 shell by default (for added security - and it saves a process). You
3679 "|/bin/sh -c '/bin/grep Subject|/usr/bin/smbclient -M <netbiosname>'"</PRE>
3680 <A NAME="SEC141" HREF="FAQ.html#TOC141">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
3685 A0526: Actually, it adds a line starting with "From", because that is the
3686 default of the "prefix" option (/usr/ucb/vacation needs it, and that is
3687 the most common use of piping). If you don't want it, change the setting
3691 <A NAME="SEC142" HREF="FAQ.html#TOC142">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
3692 <B>"sem@chat.ru</B> cannot be resolved at this time" Exim isn't using them.
3696 A0527: <TT>fallback_hosts</TT> only works if an attempt at delivery to the original
3697 host(s) fails. In this case, Exim couldn't even resolve the domain
3698 <B>chat.ru</B> to discover what the original hosts were, so it never got as far
3699 as the transport. However, see
3700 <A HREF="FAQ.html#SEC73">Q0322</A> for a possible solution.
3703 <A NAME="SEC143" HREF="FAQ.html#TOC143">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
3704 These are forced down Exim's throat in one go. Exim spawns a lot of
3705 kids, but is there some limit to the number of processes it creates?
3709 A0528: Unless you have changed <TT>smtp_accept_queue_per_connection</TT> (introduced at
3710 release 2.03) it should only spawn that many processes per connection
3711 (default 10). Your ISP may be making many connections, of course. That
3712 is limited by <TT>smtp_accept_max</TT>.
3715 <A NAME="SEC144" HREF="FAQ.html#TOC144">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
3716 exceeded' and removed <EM>all</EM> messages in the queue to this host - even
3717 recent messages. How I can avoid this behaviour? I only want to remove
3718 messages that have exceeded the maximum retry time.
3722 A0529: Exim's retrying is host-based rather than message-based. The philosophy
3723 is that if a host has been down for a very long time, there is no point
3724 in keeping messages hanging around. However, you might like to check
3725 out <TT>delay_after_cutoff</TT> in the smtp transport. It doesn't do what you
3726 want, but it might help.
3729 <A NAME="SEC145" HREF="FAQ.html#TOC145">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
3733 A0530: You could include something like
3737 headers_remove = "content-length"
3738 headers_add = "Content-Length: $message_body_size"</PRE>
3740 to the appendfile transport. However, the use of Content-Length: can
3741 cause several problems, and is not recommended unless you really know
3742 what you are doing. There is a discussion of the problems in
3746 <B><A HREF="http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html">http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html</A></B>
3749 <A NAME="SEC146" HREF="FAQ.html#TOC146">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
3750 the retry rules specify longer times after a while, because it is
3751 writing a log entry every time, like this:
3755 1999-08-26 14:51:19 11IVsE-000MuP-00 == example@example.com T=smtp defer
3756 (-34): some host address lookups failed and retry time not reached for
3757 other hosts or connection limit reached</PRE>
3759 A0531: It is <EM>looking</EM> at the message every 10 minutes, but it isn't actually
3760 trying to deliver. It's looking up <B>example.com</B> in the DNS and finding
3765 example.com. MX 10 example-com.isp.example.com.
3766 example.com. MX 0 mail.example.com.
3767 mail.example.com. A 202.77.183.45
3768 A lookup for example-com.isp.example.com. yielded NXDOMAIN</PRE>
3770 The last line means that there is no address (A) record in the DNS for
3771 <B>example-com.isp.example.com.</B> That accounts for "some host address
3772 lookups failed", but the retry time for <B>mail.example.com</B> hasn't been
3773 reached, which accounts for "retry time not reached for other hosts".
3776 <A NAME="SEC147" HREF="FAQ.html#TOC147">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
3777 the system that it is sending all mail to is down.
3781 A0532: Add to the <TT>remote_smtp</TT> transport the following:
3785 fallback_hosts = failover.server.name(s)</PRE>
3787 If there are several names, they must be separated by colons.
3790 <A NAME="SEC148" HREF="FAQ.html#TOC148">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
3791 No locks available", though the lock daemon is running on the NFS server
3792 and other hosts are able to access it.
3796 A0533: Check that you have lockd running on the NFS <EM>client</EM>. This is not
3797 always running by default on some systems (Red Hat is believed to be one
3801 <A NAME="SEC149" HREF="FAQ.html#TOC149">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
3802 the error "retry time not reached for any host after a long failure
3807 A0534: This message means that all hosts to which the message could be sent
3808 have been failing for so long that the end of the retry period
3809 (typically 4 or 5 days) has been reached. In this situation, Exim still
3810 computes a next time to retry, but any messages that arrive in the
3811 meantime are bounced straight away. You can alter this behaviour by
3812 unsetting the <TT>delay_after_cutoff</TT> option on the smtp transport. Then Exim
3813 will try most messages for those hosts once before giving up.
3816 <A NAME="SEC150" HREF="FAQ.html#TOC150">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
3817 but there was a bounce to the sender, sending him the output of procmail.
3818 How can I prevent this?
3822 A0535: Exim's default configuration is set up like this:
3830 The <TT>return_output</TT> option requests that <EM>any</EM> output that the pipe
3831 produces be returned to the sender. That is the safest default. If you
3832 don't want this, you can either remove the option altogether, or change
3833 it to <TT>return_fail_output</TT>, to return output only if the command fails.
3834 Note that this will affect all pipes that users run, not just your
3835 procmail one. It might be better to arrange for procmail not to produce
3836 any output when it succeeds.
3839 <BR><H2><A NAME="SEC151" HREF="FAQ.html#TOC151">6. UUCP
3842 <A NAME="SEC152" HREF="FAQ.html#TOC152">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
3843 get it to pass the messages on to UUCP?
3847 A0601: There are several possibilities. One straightforward way is to set up
3848 a <B>domainlist</B> router which matches the UUCP domains and routes to a
3849 suitable transport. Sample configuration C003 is such a configuration,
3850 while C004 shows another way to do it, by defining the domains as local
3851 and using a <B>smartuser</B> director.
3855 If <EM>all</EM> the domains whose MX records point to the local host are either
3856 local domains or UUCP domains, you can do without the <B>domainlist</B> router
3857 altogether, by making use of the "self" option. This means that only the
3858 DNS has to be updated when a UUCP domain is added or removed.
3862 For example, this router routes to remote hosts over SMTP using a DNS
3863 lookup with default options, and fails for unknown domains (because of
3864 the <TT>no_more</TT> setting), but if the MX for a domain points at the local
3865 host, Exim continues on to the next router (self = <TT>fail_soft</TT> overrides
3874 self = fail_soft</PRE>
3876 The next router can just send everything to a suitable UUCP transport:
3882 transport = uux_transport
3883 route_list = "* $domain"</PRE>
3885 This assumes that the transport can determine the UUCP host name from
3889 <A NAME="SEC153" HREF="FAQ.html#TOC153">Q0602</A>: How can I get Exim to handle "bang path" addresses?
3893 A0602: In general, you can't (Exim is an Internet mailer and recognizes only
3894 RFC 822 addresses) but some restricted kinds of bang path can be dealt
3895 with by appropriate rewriting - but please note the warning below.
3899 Exim treats a bang path address as an unqualified local part, and so
3900 will qualify it with your domain. A rule such as
3904 ^([^!]+)!(.+)@your\.domain$ $2@$1</PRE>
3906 turns <B><B>a!b@your.domain</B></B> into <B><B>b@a.</B></B> You can also use a repeating rule to
3907 turn multi-component paths into the "percent hack" notation with a rule
3912 ^([^!]+)!([^@%]+)(.+)$ $2%$1$3 R</PRE>
3914 which turns <B>a!b@c</B> into <B>b%a@c</B> and <B>a!b!c@d</B> first into <B>b!c%a@d</B> and then,
3915 because of the R flag, into <B><B>c%b%a@d.</B></B> The R flag causes repetition up to
3920 See also sample configuration C002, which contains some more
3921 sophisticated rewriting rules.
3925 WARNING: If you install a general rewriting rule like the above, you are
3926 opening yourself up to the possibility of unwanted relaying. A host that
3927 is not permitted to relay through your system could send a message with
3928 an SMTP command line such as
3932 RCPT TO:<victim-host!victim-user@your.domain></PRE>
3934 and this would be accepted because it is addressed to your domain.
3935 However, the rewriting then converts the address, and the message does
3936 in fact get relayed. One way round this, if all your bang path messages
3937 are passed to Exim via SMTP, is to use the "S" rewriting flag. This
3938 applies a rewriting rule to incoming SMTP addresses as soon as they are
3939 received, before checking for qualification, relaying, etc. So a rule
3944 ^([^!]+)!(.+)$ $2@$1 S</PRE>
3946 rewrites simple two-component bang paths before the result is checked
3947 for relaying. However, this does not rewrite addresses in the headers of
3951 <A NAME="SEC154" HREF="FAQ.html#TOC154">Q0603</A>: We see something strange on our system in regards to mail comming in via
3952 rmail from a UUCP link. The sender is being set to mailmaster instead of
3953 the real sender, and a Sender: header is being added to the message.
3957 A0603: If mailmaster is the user that is running rmail, you need to include
3958 that user in the <TT>trusted_users</TT> configuration option. Only trusted users
3959 are permitted to specify senders when mail is passed to Exim via the
3963 <BR><H2><A NAME="SEC155" HREF="FAQ.html#TOC155">7. PERFORMANCE
3966 <A NAME="SEC156" HREF="FAQ.html#TOC156">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
3967 improve performance?
3971 A0701: There doesn't seem to be any significant performance hit using a flat
3972 queue on Solaris systems, so there is no need to do this for them. On
3973 the other hand, there is a known performance problem on Linux filing
3974 systems, where <TT>split_spool_directory</TT> can make a significant difference.
3975 ???? Other operating systems ????
3978 <A NAME="SEC157" HREF="FAQ.html#TOC157">Q0702</A>: How well does Exim scale?
3982 A0702: Although the author did not specifically set out to write a high-
3983 performance MTA, Exim does seem to be fairly efficient. The biggest
3984 server at the University of Cambridge (a large Sun box) goes over
3985 100,000 deliveries per day on busy days (it has over 20,000 users).
3986 There was a report of a mailing list exploder that sometimes handles
3987 over 100,000 deliveries a day on a big Linux box, the record being
3988 177,000 deliveries (791MB in total). Up to 13,000 deliveries an hour
3993 These are quotes from some Exim users:
3997 "... Canada's largest internet provider, uses Exim on all of our mail
3998 machines, and we're absolutely delighted with it. It brought life back
3999 into one of our machines plagued with backlogs and high load averages.
4000 Here's just an example of how much email our largest mail server
4001 (quad SS1000) is seeing ... " [230,911 deliveries in a day: 4,475MB]
4005 "... Exim has to ... do gethostbyname()s and RBL lookups on all of the
4006 incoming mail servers, and he runs from <B>inetd</B> (TCP Wrappers connected).
4007 All the same, it seems to me that he runs as fast as lightning on our
4008 SCO 5.0.4 box (1 Pentium 166) - far faster than MMDF which I (and many
4009 customers) had before."
4013 "On a PII 400 with 128M of RAM running Linux 2.2.5, I have achieved
4014 36656 messages per hour (outgoing unique messages and recipients). For
4015 about a 5 minute period, I was able to achieve an average of 30 messages
4016 per second (that would be 108000 m/hour)! We are using: (options that
4022 split_spool_directory
4025 remote_max_parallel 1</PRE>
4027 We have a cron job hat runs every five minutes that spawns 5 exim <B>-q</B> if
4028 there are less that 120 exim processes currently running. We found
4029 that by "manually" controlling the concurrency of exim <B>-q</B> processes
4030 contending for the spool for <TT>remote_smtp</TT> delivery that we gained
4031 considerable performance <B>--</B> 10000 m/hour."
4034 <A NAME="SEC158" HREF="FAQ.html#TOC158">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
4035 delivery to speed things up?
4039 A0703: Yes. You don't have to use the password file at all. See sample
4040 configuration C009 for some suggestions. (It shows lsearch lookups, but
4041 these could equally be DBM or cdb or NIS or LDAP lookups.)
4044 <BR><H2><A NAME="SEC159" HREF="FAQ.html#TOC159">8. POLICY CONTROLS
4047 <A NAME="SEC160" HREF="FAQ.html#TOC160">Q0801</A>: How do I block unwanted messages from outside my host?
4051 A0801: There are several different options that can be used to block incoming
4052 SMTP messages according to different criteria. The following are the
4057 (A) Set <TT>sender_verify</TT>; this causes rejection of any message whose
4058 envelope sender cannot be successfully routed. This is mainly a
4059 check on the existence of remote domains, though it the domain is a
4060 local one, the local part also gets checked. Unfortunately, error
4061 mesages do not have envelope sender addresses, so cannot be checked
4062 in this way. See the <TT>headers_sender_verify</TT> options for ways of
4063 checking header addresses.
4067 (B) If you want to block all mail from specific hosts or IP networks,
4068 set <TT>host_reject_recipients</TT>. The <TT>_recipients</TT> form of the option is
4069 more likely to prevent the remote hosts from keeping on trying. For
4074 host_reject_recipients = 209.12.111.0/24</PRE>
4076 If you have many such blocks, they can be put in a file which is
4077 named in the option. If you have a mixture of IP addresses and names
4078 in your list, it is best to put the addresses first, because they
4079 can be checked without the need for a DNS lookup.
4083 (C) If you want to block mail from specific envelope sender addresses,
4084 one convenient way is to organize a file of local parts indexed by
4085 domain names, for example
4089 x.y.z creditrepair:^betterlovelife[0-9]+$:...
4092 This would block <B><B>creditrepair@x.y.z</B>,</B> any local part starting with
4093 <B>betterlovelife</B> and ending with digits in the <B>x.y.z</B> domain, and
4094 all addresses in the <B>p.q.r</B> domain. You refer to the file in the Exim
4095 configuration as follows:
4099 sender_reject_recipients = @@lsearch*;/name/of/the/file</PRE>
4101 If the file is big, you can convert it into a DBM or cdb file and
4102 use a faster lookup method. The asterisk on the end of the search
4103 type causes a lookup for "*" if the domain is not found; that is, it
4104 permits a default list of local parts that are blocked at any
4105 domain that is not specifically listed. If you use this, you
4106 probably also want to end each local part list with ">*" (except
4107 those that consist of "*"). This causes Exim to check the default
4108 list of local parts if none of the specific ones for a domain are
4109 matched. So, the file above could become
4113 * yourfriend:a.friend:...
4114 x.y.z creditrepair:^betterlovelife[0-9]+$:>*
4117 If you are using an lsearch file, putting the * entry first saves a
4122 (D) If you want to allow mail to postmaster through the blocks, you can
4127 recipients_reject_except = postmaster@your.domain</PRE>
4129 This overrides any of the policy controls that cause rejection by
4133 <A NAME="SEC161" HREF="FAQ.html#TOC161">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
4134 before deciding whether to deliver it or not?
4138 A0802: This can be done by using a system filter. See the sample configuration
4142 <A NAME="SEC162" HREF="FAQ.html#TOC162">Q0803</A>: How can I test that my spam blocks are working?
4146 A0803: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
4147 given IP address. For example,
4151 exim -bh 192.203.178.39</PRE>
4153 In addition to the normal SMTP replies, it outputs commentary about
4154 which tests have succeeded or failed.
4157 <A NAME="SEC163" HREF="FAQ.html#TOC163">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
4158 Blocking List (RBL)?
4162 A0804: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
4163 given address. You need to know a blocked IP address with which to test.
4164 Such a testing address is kindly provided by Russell Nelson:
4168 linux.crynwr.com [192.203.178.39]</PRE>
4170 You can also send mail to <B><B>nelson@linux.crynwr.com</B></B> from the server
4171 whose RBL block you are testing. The robot that receives that email
4172 will attempt to send a piece of test email in reply. If your RBL block
4173 didn't work, you get a message to that effect. Regardless of whether the
4174 RBL block succeeds or not it emails you the results of the SMTP
4175 conversation from a host that is not on the RBL, so you can see how your
4176 server looks from the view of someone on the RBL.
4179 <A NAME="SEC164" HREF="FAQ.html#TOC164">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
4183 A0805: Exim's own control facilities can do all that <B>tcpwrappers</B> can do.
4184 However, if you are already using <B>tcpwrappers</B> for other things it might
4185 be convenient to include Exim controls in the same place.
4189 First of all, ensure that Exim is built to call the <B>tcpwrappers</B> library,
4190 by including <TT>USE_TCPWRAPPERS=yes</TT> in <B>Local/Makefile</B>. You also need to
4191 ensure that the header file <B>tcpd.h</B> is available at compile time, and the
4192 <B>libwrap.a</B> library is available at link time, typically by including it in
4193 <TT>EXTRALIBS</TT>. You may need to copy these two files from the <B>tcpwrappers</B>
4194 build directory to, for example, <B>/usr/local/include</B> and <B>/usr/local/lib</B>,
4195 respectively. Then you could reference them by
4199 CFLAGS=-I/usr/local/include
4200 EXTRALIBS=-L/usr/local/lib -lwrap</PRE>
4202 in <B>Local/Makefile</B>. There are two ways to make use of the functionality,
4203 depending on how you have <B>tcpwrappers</B> set up. If you have it set up to
4204 use only one file, you ought to have something like:
4208 /etc/hosts.allow:</PRE>
4210 exim : <client_list> : <allow_or_deny></PRE>
4216 exim : LOCAL 192.168.0. .friendly.domain special.host : ALLOW
4217 exim : ALL : DENY</PRE>
4219 This allows connections from local hosts (chiefly `localhost'), from
4220 the subnet 192.168.0.0/24, from all hosts in <B>*.friendly.domain,</B> and
4221 from a specific host called <B>special.host.</B> All other connections are
4222 denied. If you have <B>tcpwrappers</B> set up to use two files, use the
4227 /etc/hosts.allow:</PRE>
4229 exim : <client_list></PRE>
4231 /etc/hosts.deny:</PRE>
4233 exim : <client_list></PRE>
4235 Read the <TT>hosts_access(5)</TT> man page for more ways of specifying clients,
4236 including ports, <B>etc.,</B> and on logging connections.
4239 <A NAME="SEC165" HREF="FAQ.html#TOC165">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
4243 A0806: See <B><A HREF="http://cc.ysu.edu/~doug/exim-pop.tar.Z">http://cc.ysu.edu/~doug/exim-pop.tar.Z</A></B> which has some scripts for
4244 this, courtesy of Doug S <B><B><doug@cc.ysu.edu</B>>.</B>
4247 <A NAME="SEC166" HREF="FAQ.html#TOC166">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
4248 the remote machine is quite persistent, and keeps trying over and over.
4252 A0807: It is an unfortunate fact that a number of SMTP clients, in violation of
4253 the SMTP RFC, do not treat a permanent error code that is given after
4254 the MAIL FROM command or the DATA portion of the transaction as a
4255 permanent error. Consequently they keep resending the message. Failing
4256 checks on a message's headers (the <TT>headers_</TT>... options) necessarily
4257 result in an error code after the data has been received.
4260 <A NAME="SEC167" HREF="FAQ.html#TOC167">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
4261 is <>" in the reject log. Isn't <> a valid return path for error
4266 A0808: It is indeed valid. The complaint here is about the contents of the
4267 message's headers, not the return path. This message has been reworded
4268 in later versions of Exim. You must have set the <TT>headers_sender_verify</TT>
4269 option. Check the From:, Reply-to: and Sender: headers that were logged
4270 with the error. You can use Exim's <B>-bv</B> option to find out why
4271 verification of those addresses failed.
4274 <A NAME="SEC168" HREF="FAQ.html#TOC168">Q0809</A>: Let's say that we want to run a mail server that does not care if you
4275 have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
4276 config file, Exim will always reject connections from such hosts. How
4277 can this be avoided?
4281 A0809: This is true only if you have wild-carded host names in <TT>host_reject</TT>.
4282 For complete host names, Exim uses a DNS forward lookup to obtain an IP
4283 address to compare. If you are using wild cards of any sort, put
4284 <TT>+allow_unknown</TT> as an item in your host list, for example:
4288 host_reject = +allow_unknown : *.def.zz : *.stu.yy</PRE>
4290 This will allow any host without reverse DNS to bypass the checks. Note
4291 that it means that the owner of <B>abc.def.zz</B> (for example) can trivially
4292 get round your block simply by deleting the PTR record for <B>abc.def.zz.</B>
4293 If you use +warn_unknown instead of <TT>+allow_unknown</TT>, the action is the
4294 same, but every time the exception is invoked, it is logged.
4297 <A NAME="SEC169" HREF="FAQ.html#TOC169">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
4301 A0810: Check out the <TT>rbl_hosts</TT> option.
4304 <A NAME="SEC170" HREF="FAQ.html#TOC170">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
4305 reject mail by matching regular expressions?
4309 A0811: You must either put the regular expressions directly in the option
4310 setting, or in a file that is referenced by a plain file name, or use
4311 an @@ type of search. If the regular expressions match the domain as
4312 well as the local part, then the first two approaches are the only
4313 possible ones. For example:
4317 sender_reject_recipients = ^.*\.spam\.com$ : ^.*@[0-9]+\.com$</PRE>
4323 sender_reject_recipients = /some/file</PRE>
4325 Each line of the file is treated as if it were an entry in the list, and
4326 must begin with ^ if it is a regular expression. No keys are involved
4327 because this is not a lookup,
4331 If you are using version 2.10 or later, the first of those regular
4332 expressions can be rewritten to execute much more efficiently by
4333 using lookbehinds and once-only subpatterns:
4337 sender_reject_recipients = ^(?>.*$)(?<=\.spam\.com)</PRE>
4339 See the manual section entitled "Address lists" for a description of the
4340 @@ type of split domain/local part lookup. See also
4341 <A HREF="FAQ.html#SEC160">Q0801</A>.
4344 <A NAME="SEC171" HREF="FAQ.html#TOC171">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
4345 some uppercase letters in them seem to come through.
4349 A0812: This should no longer be the case from release 3.00 onwards. Although
4350 host and domain names are case-insensitive, the RFCs about mail specify
4351 that local parts are case sensitive. When earlier versions of Exim
4352 looked up a sender address in <TT>sender_reject_recipients</TT>, they did so
4353 using the caseful form, in order to be compliant with the mail RFCs.
4354 (In principle, <B>user@domain</B> and <B>USER@domain</B> might be different
4355 people. Silly, I know, but that's the rule. It has caused a lot of
4356 grief.) However, RFC 2305 (Anti-Spam Recommendations for SMTP MTAs)
4357 recommends that address checking in blocking lists should be done
4358 caselessly, so Exim now does this by default.
4361 <A NAME="SEC172" HREF="FAQ.html#TOC172">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
4362 There doesn't seem to be an option for verification exceptions, so how
4367 A0813: Set up a special director or router to ensure that those addresses do
4368 verify, using <TT>verify_only</TT> and <TT>verify_sender</TT> so that it is not used
4369 during delivery or recipient verification. For example, here is a router
4370 which verifies the address <B><B>root@somedomain.com</B>:</B>
4378 domains = some.domain.com
4380 route_list = *</PRE>
4381 <A NAME="SEC173" HREF="FAQ.html#TOC173">Q0814</A>: We are being plagued by forged mail coming from a number of different
4382 hosts and sender addresses. The guy however leaves a fingerprint. The
4383 first received line always contains 'Received: from baby'. What is the
4384 best suggested way for eliminiating him from our systems?
4388 A0814: You cannot, unfortunately, prevent the message from getting into your
4389 system, because the message has to be read before you can inspect the
4390 Received: header. The best you can do is to install a system filter
4391 which junks any message containing such a header. Thus the sender still
4392 wastes bandwidth and your resources in transporting the message to you,
4393 but you just throw it away. A simple system filter that does this is
4398 if $h_Received: contains "from baby" then seen finish endif</PRE>
4399 <A NAME="SEC174" HREF="FAQ.html#TOC174">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
4404 A0815: (A) Did you remember to HUP or restart the Exim daemon after changing
4405 the configuration? You can get information as to what options Exim
4406 is checking by using the <B>-bh</B> option to test how it would handle mail
4407 from a specific host.
4411 (B) Have you used any wild-card host names in <TT>host_accept_relay</TT>? <B>E.g:</B>
4415 host_accept_relay = *.aaa.bbb</PRE>
4417 If so, the problem may be that the relevant hosts do not have
4418 reverse DNS entries for their IP addresses. In order to match a wild
4419 card name, Exim has to look up the calling host's name from its IP
4420 address, and if it cannot do so, it takes a hard line by default.
4421 Exim processes lists from left to right, and so will attempt a
4422 reverse DNS lookup at the first wild-carded entry it reaches. If you
4423 have IP addresses in your list, it is best to put them first for
4424 this reason. Suppose you had
4428 host_accept_relay = *.x.y : 10.9.8.7</PRE>
4430 Then when the host 10.9.8.7 connects, a reverse lookup will still
4431 be done, because the first check is against <B>*.x.y.</B> If the lookup
4432 fails, relaying is rejected. However, if the list were in the
4433 opposite order, the IP check would succeed, and no DNS lookup would
4435 <A HREF="FAQ.html#SEC168">Q0809</A>.
4438 <A NAME="SEC175" HREF="FAQ.html#TOC175">Q0816</A>: How can I run customized verification checks on incoming addresses?
4442 A0816: If you can implement your checks in Perl, then you can use Exim's
4443 facility for running an embedded Perl interpreter. For example, if you
4444 want to run special checks on local addresses, you could install this as
4445 your first director:
4451 condition = ${perl{verify}{$local_part}{$domain}}
4454 If you want this to be the only means of verification, you can set
4455 <TT>no_verify</TT> on all the other directors. Otherwise, if this director fails
4456 to verify, the address gets passed on to those that follow.
4460 The <TT>verify_sender</TT> and <TT>verify_recipient</TT> options can be used to restrict
4461 the director to sender or recipient verification only, and if necessary
4462 you could have two different directors, one for senders and one for
4467 If the result of the expansion of <TT>condition</TT> is not "no", "false" or
4468 "0", then address verification succeeds, because the director itself
4469 matches any address. The expansion of <TT>condition</TT> causes the Perl
4470 subroutine called "verify" to be run, with two arguments, the local part
4471 and the domain. The subroutine must be provided in Perl code that is
4472 referenced by the <TT>perl_startup</TT> option. See the chapter on embedded Perl
4477 Remote addresses can be handled in a similar way by using a <B>domainlist</B>
4478 router that matches all domains. See also
4479 <A HREF="FAQ.html#SEC172">Q0813</A>.
4483 Starting up a Perl interpreter is not cheap. On a busy system you should
4484 first make sure that there isn't some way of using Exim's own facilities
4485 for doing what you want before going down this road.
4488 <A NAME="SEC176" HREF="FAQ.html#TOC176">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
4489 sender of "<>" ?
4493 A0817: Yes, it does, because the RBL check happens immediately on connection,
4494 before any commands are passed, and so therefore before it even knows
4495 that the envelope sender is "<>".
4498 <A NAME="SEC177" HREF="FAQ.html#TOC177">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
4499 but with a user-defined message. I believe I have to use a director for
4504 A0818: You can do this using the <TT>prohibition_message</TT> mechanism (see the section
4505 entitled "Customizing prohibition messages" in the manual). This avoids
4506 having to use a director, and therefore doesn't require you to let the
4507 message into your host at all. Use something like this:
4511 prohibition_message = "\
4512 ${if eq {$prohibition_reason}{sender_reject_recipients}\
4513 {${lookup{$sender_address}lsearch{/some/file}{$value}}}{}}"</PRE>
4515 This example looks up a message that is specific to the sender, but you
4516 can of course tailor the message any way you like. Vertical bar is
4517 treated as a line separator in prohibition texts.
4520 <A NAME="SEC178" HREF="FAQ.html#TOC178">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
4521 message for each such combination.
4525 A0819: That needs a special director, using the "senders" option to predicate
4526 it on the sender, and a file of recipients to fail for each sender.
4527 Something like this:
4533 senders = sender@domain.com : *@otherdomain.com
4534 file = /blocked/${lc:$sender_address}
4535 search_type = lsearch</PRE>
4537 with the files containing lines like
4541 recipient: :fail: message</PRE>
4543 If you are handling multiple local domains, you may want to set
4544 <TT>include_domain</TT> so you can specify fully qualified addresses in the
4545 files. If the files get big, an indexed search type such as DBM or cdb
4550 If you want to block an entire domain from a specific sender, you could
4557 senders = dislikedsender@wherever
4559 search_type = lsearch*</PRE>
4561 with the file containing
4565 *: :fail: message</PRE>
4567 The message text supplied after :fail: is restricted to a single line.
4568 If you want to send several paragraphs of message, instead of using
4569 :fail: you could use the <B>aliasfile</B> to pipe the message off so some
4570 script which generates a long message and then gives a non-zero return
4571 code so that the message gets returned to the sender.
4575 In all of these cases you are in trouble if the sender address is bad,
4576 because the bounce message you generate will get stuck.
4579 <A NAME="SEC179" HREF="FAQ.html#TOC179">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
4580 external email to the list - and if a match is found file the offending
4581 message into a special location? Also is it possible to make exim only
4582 filter parts of an incoming email - e.g. ignore large MIME attachments
4583 for example and only process text/plain?
4587 A0820: You can do some of this in a system filter. For example:
4591 if $message_body matches <...some complicated regex...> or
4592 $message_body matches <...some other regex...> or
4593 $header_from: matches <...regex...> or
4596 save /some/special/file
4599 or instead of "save" you could have "deliver" (to some address) or
4600 "pipe" (to some script).
4604 There isn't any mechanism for ignoring attachments, but <B>$message_body</B>
4605 only looks at the first n bytes of the body, where n defaults to 500 but
4610 A more expensive alternative would be to run a Perl subroutine using the
4611 embedded Perl mechanism. If you passed over the message id, the Perl
4612 code could read the message files on the spool and implement any
4613 algorithm it liked for deciding what should be done.
4616 <A NAME="SEC180" HREF="FAQ.html#TOC180">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
4617 command, to check if a user has exceeded their email quota. If they have
4618 I issue a temporary failure and a message - can I do this with Exim?
4622 A0821: This could be done by arranging for a quota check to happen during the
4623 verification of the address after RCPT, but without hacking Exim you
4624 would have to use the embedded Perl facility to get it to run a Perl
4625 script to do the test.
4629 If the reason you want to do this is to avoid having messages for over-
4630 quota users sitting on your spool for many days, there is an
4631 alternative. In Exim you can set up special retry rules for quota
4632 excession (what we use is "if mailbox not read for 7 days, bounce
4633 immediately, otherwise try every hour for one day, then bounce").
4636 <A NAME="SEC181" HREF="FAQ.html#TOC181">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
4640 A0822: If the messages in question are coming in via SMTP, you can turn on
4641 <TT>receiver_verify</TT> (if you haven't already) and arrange for these addresses
4642 not to verify. For example, if they are not in your local domains, you
4643 could use a router like this:
4647 verify_check_specials:
4650 ${if eq {$local_part@$domain}{account@host.domain}{yes}{no}}"
4653 route_list = *</PRE>
4655 where of course you can extend the <TT>condition</TT> setting to use regular
4656 expressions, file lookups, Perl calls, or anything else that is
4657 available. The failure of the verification causes an error return to the
4658 SMTP RCPT command, so the messages never get into your system. For
4659 addresses in your local domains you could use a <B>smartuser</B> director in a
4660 similar fashion, but you could also use an alias file with :fail:
4665 If you are receiving such messages from the local host, then they are
4666 already in the system, and have to be failed locally as part of the
4667 delivery process. The :fail: mechanism is the simplest for local
4668 addresses. For remote addresses, one possibility would be to use a
4669 router with a <TT>condition</TT> setting to send such messages to an autoreply
4670 transport that sends back an error message to the sender. See also
4672 <A HREF="FAQ.html#SEC185">Q0826</A>.
4675 <A NAME="SEC182" HREF="FAQ.html#TOC182">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
4676 delivery. Can Exim do this?
4680 A0823: One way of achieving this is to deliver all messages via a pipe to a
4681 checking program that resubmits them for delivery in some private way
4682 that can be checked (e.g. on a specific SMTP port, or IP address). One
4683 possibility is to use the "received protocol" field that can be set
4684 for locally submitted mail via the <B>-oMr</B> command line option. This
4685 director sends all messages that are not from the local host and whose
4686 received protocol is not "scanned-ok" to the <TT>virus_scan</TT> transport:
4692 transport = virus_scan
4693 condition = "${if or {{eq {$received_protocol}{scanned-ok}} \
4694 {eq {$sender_host_address}{127.0.0.1}}}\
4697 A similar router could be used if you want to scan messages for remote
4698 addresses. One problem is that this approach scans the message for each
4699 recipient, not just once per message.
4703 The <TT>virus_scan</TT> transport should be set up to pipe the message to a
4704 suitable checking program or script which runs as a trusted user. This
4705 can then re-submit the message to Exim, using <B>-oMr</B> to set the received
4706 protocol to "scanned-ok", and the <B>-f</B> option to set the correct envelope
4710 <A NAME="SEC183" HREF="FAQ.html#TOC183">Q0824</A>: How can I accomplish this: a message sent from any host must either be
4711 sending to a domain in a list (a dbm file) or the sender's address
4712 domain must be in the list.
4716 A0824: First of all, set
4720 relay_domains = dbm;/the/dbm/file</PRE>
4722 This allows relaying from any host, provided that the recipient address
4723 matches one of the domains in the list. Then set
4727 host_accept_relay = *
4728 sender_address_relay = dbm;/the/dbm/file</PRE>
4730 This allows relaying from any host (because of the *) to any arbitrary
4731 domain, provided that the sender's address matches a domain in the list.
4735 WARNING: This setting makes it possible for your host to be used as an
4736 open relay by those unscrupulous enough to forge sender addresses. Your
4737 host may end up on one of the open relay blocking lists as a result.
4740 <A NAME="SEC184" HREF="FAQ.html#TOC184">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
4741 tries sending to an arbitrary domain, Exim rejects it.
4745 A0825: The safest way to control relaying arbitrary domains is by host, not
4746 by sender address. If you are able to specify the hosts which your users
4747 use, then set <TT>host_accept_relay</TT> to match them. You can then remove the
4748 setting of <TT>sender_address_relay</TT>, unless you also want to limit relaying
4749 to specific senders.
4753 If you want to permit relaying from specific senders on arbitrary hosts,
4754 you can set <TT>relay_match_host_or_sender</TT>. This requires that only one of
4755 the host or sender address be recognized, instead of both of them.
4759 WARNING: This setting makes it possible for your host to be used as an
4760 open relay by those unscrupulous enough to forge sender addresses. Your
4761 host may end up on one of the open relay blocking lists as a result.
4764 <A NAME="SEC185" HREF="FAQ.html#TOC185">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
4769 A0826: You have misunderstood the option. A setting like that rejects <EM>all</EM> the
4770 recipients of an incoming message with that <EM>sender</EM>. To reject a
4771 specific recipient in your own domain you can set up an alias like this:
4775 reject-me: :fail: mail for reject-me is not acceptable</PRE>
4777 If you want to reject a recipient that is not in a local domain, one
4778 approach is to set up a router to send the address to your directors,
4779 and then use an alias file to generate a :fail: message as above.
4780 Alternatively, you can use the verification mechanism: see
4781 <A HREF="FAQ.html#SEC181">Q0822</A>.
4784 <A NAME="SEC186" HREF="FAQ.html#TOC186">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
4788 A0827: Denying RCPT TO addresses is the job of verifying. You can set up
4789 directors and routers that are run only when verifying and not when
4790 delivering. This gives you a great deal of flexibility. See
4791 <A HREF="FAQ.html#SEC181">Q0822</A>.
4794 <A NAME="SEC187" HREF="FAQ.html#TOC187">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
4795 system filtering. What's wrong or what did I miss?
4799 A0828: A message may have many recipients. The system filter is run just once
4800 at the start of a delivery attempt. Consequently, it does not make sense
4801 to set <B><B>$local_part.</B></B> Which recipient should it be set to? However, you
4802 can access all the recipients from a system filter via the variable
4803 called <B><B>$recipients.</B></B>
4806 <A NAME="SEC188" HREF="FAQ.html#TOC188">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
4807 I do a string lookup if <B>$recipients</B> is a list of addresses?
4811 A0829: Check out section 25 of the filter document ("Testing a list of
4812 addresses"). If that doesn't help, you may have to resort to calling an
4813 embedded Perl interpreter - but that is expensive.
4816 <A NAME="SEC189" HREF="FAQ.html#TOC189">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
4820 A0830: No, only to certain domains. Use a configuration like this:
4825 local_domains = rejected.domain : <other local domains></PRE>
4827 with the first director as
4833 domains = rejected.domain
4836 <A NAME="SEC190" HREF="FAQ.html#TOC190">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
4837 sometimes after the MAIL command. What is the difference?
4841 A0831: The first time Exim encounters a particular bad sender, it rejects the
4842 message after the data has been received, so that it can log the
4843 headers. If the same sender re-appears within 24 hours, Exim assumes
4844 that the remote host has (in violation of RFC 821) not interpreted the
4845 previous 550 error code correctly, so this time it rejects the MAIL
4846 command. Some hosts don't even managed to handle that, so if the same
4847 sender turns up for a third time within 24 hours, Exim accepts MAIL, but
4848 rejects every RCPT command instead.
4851 <A NAME="SEC191" HREF="FAQ.html#TOC191">Q0832</A>: How can I get Exim to remove attachments from messages?
4855 A0832: (A) The cleanest way is to check for the existence of a "Content-type"
4856 header line, and route messages containing it down a pipe to some
4857 other program that strips the attachments and re-submits the message
4858 to Exim. Alternatively, a transport filter can be used to do the
4859 job, as described in C028.
4863 (B) A somewhat more hairy way is to use embedded Perl from a system
4864 filter to truncate the message's data file directly, and then use
4865 the "headers remote" filter command to get rid of the associated
4869 <A NAME="SEC192" HREF="FAQ.html#TOC192">Q0833</A>: I ran a relay test against my host and it failed with an address
4870 containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
4871 broken? This is what the tester said:
4876 >>> RSET
4877 <<< 250 Reset OK
4878 >>> MAIL FROM:<spamtest@example.com>
4879 <<< 250 <spamtest@example.com> is syntactically correct
4880 >>> RCPT TO:<relaytest%mail-abuse.org@example.com>
4881 <<< 250 <relaytest%mail-abuse.org@example.com> is syntactically correct
4883 Uh oh, host appeared to accept a message for relay.
4884 The host may reject this message internally, however</PRE>
4886 A0833: This does not prove that your host is open for relaying. Notice the
4887 wording of the last two sentences: "appeared to accept" and "may reject
4888 internally". Assuming that your Exim configuration is correct, Exim will
4889 discover that the local part <B>"relaytest%mail-abuse.org"</B> is not valid on
4890 your host, and it will bounce the message.
4894 Why doesn't it reject the RCPT TO command? Answer: because you have not
4895 set <TT>receiver_verify</TT> in your configuration file, or you have excluded
4896 these particular sender or recipient domains from receiver verification.
4899 <BR><H2><A NAME="SEC193" HREF="FAQ.html#TOC193">9. MAJORDOMO
4902 <A NAME="SEC194" HREF="FAQ.html#TOC194">Q0901</A>: How do I set up Majordomo to work with Exim?
4906 A0901: Users have found several ways of setting up Exim for use with Majordomo.
4907 There's a web page at
4911 <A HREF="http://www.netmaster.ca/exim/majordomo.html">http://www.netmaster.ca/exim/majordomo.html</A></PRE>
4913 which shows one way to do it, and discusses some of the issues. The
4914 sample configuration C018 is another approach which automates a lot of
4915 the functions based on whether the files or directories exist. Only
4916 three aliases per list are needed.
4920 Somewhere in the Majordomo docs or FAQ it mentions using batchmail or
4921 other additional programs to improve the performance of large lists.
4922 They are not needed with Exim, and their use can actually make things
4923 worse. However, it's a good idea to set <TT>remote_max_parallel</TT> to a value
4924 greater than 1 in the Exim configuration.
4927 <A NAME="SEC195" HREF="FAQ.html#TOC195">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
4928 sender correctly in the messages it sends.
4932 A0902: Make sure you have got the quoting correct in the <B>$mailer</B> setting. For
4937 <B>$mailer</B> = "$sendmail_command <B>-oi</B> <B>-oee</B> <B><B>-f$sender\@lists.mydomain.de</B>";</B>
4941 is not correct. It needs three backslashes, not one, and the $ at the
4942 start of <B>$sender</B> has to be escaped with a backslash.
4945 <A NAME="SEC196" HREF="FAQ.html#TOC196">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
4946 when I try to send it mail. The panic log entry reads:
4950 1999-01-05 11:23:34 0zxZGY-0000vB-00 <TT>majordomo_aliases</TT> director:
4951 <B><B>/var/lib/majordomo/lists/lists.aliases</B></B> (lsearch lookup): wrong mode
4955 A0903: Check the mode of <B><B>/var/lib/majordomo/lists/lists.aliases</B></B> and compare it
4956 with the setting of the modemask option in the <TT>majordomo_aliases</TT>
4957 director. This option specifies bits which must not be set for the alias
4958 file, and it defaults to 022.
4961 <A NAME="SEC197" HREF="FAQ.html#TOC197">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
4962 when it is passed a message from Exim.
4966 A0904: A problem like this turned out to be the Perl version that came with
4967 RedHat 5.2. Rebuilding Perl 5.005x solved it.
4970 <BR><H2><A NAME="SEC198" HREF="FAQ.html#TOC198">10. REWRITING ADDRESSES
4973 <A NAME="SEC199" HREF="FAQ.html#TOC199">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
4977 A1001: If you set up a rewriting rule in the following form:
4981 *@*.your.domain $1@your.domain</PRE>
4983 then Exim will rewrite all addresses in the envelope and the headers,
4984 removing anything between "@" and <B>"your.domain".</B> This applies to all
4985 messages that Exim processes. If you want to rewrite sender addresses
4986 only, the the rule should be
4990 *@*.your.domain $1@your.domain Ffrs</PRE>
4992 This applies the rule only to the envelope "From" address and to the
4993 From:, Reply-to:, and Sender: headers.
4996 <A NAME="SEC200" HREF="FAQ.html#TOC200">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
4997 outgoing mail, and yet the hostname is present when the mail gets
5002 A1002: Check the DNS record for your domain. If the MX record points to a CNAME
5003 record instead of to an A record, MTAs are liable to rewrite addresses,
5004 changing your domain name to its "canonical" form, as obtained from the
5008 <A NAME="SEC201" HREF="FAQ.html#TOC201">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
5009 world, but not for messages that remain within the local intranet.
5013 A1003: Exim wasn't really designed to handle this kind of split world. Because
5014 it keeps only one copy of a message, and does all the rewriting at the
5015 time of reception, a standard configuration cannot handle this kind of
5016 rewriting in a message that has both internal and external recipients.
5020 However, what can be done is to split off a copy of the message to be
5021 sent to all external recipients, and do the rewriting on that. This can
5022 be achieved by running two differently-configured versions of Exim,
5023 either on a single host, or on two different hosts. If you have a
5024 gateway or firewall machine, that is the natural place to run the
5029 On a single machine, the following is one way of handling this:
5033 (1) Set up the normal configuration (in the configuration file whose
5034 name is screwed into the binary) such that it does local deliveries
5035 as required, but forwards a copy of the message for non-local
5036 recipients to a different incarnation of Exim via a private SMTP
5037 port. For example, use this transport and router:
5041 # Transport to send SMTP using port 26
5046 # Router to send everything the internal_smtp transport
5049 transport = internal_smtp
5050 route_list = * localhost byname
5053 This should be the only router. Because of the <TT>self = send</TT>
5054 setting, Exim will transport the messages, even though it knows it
5055 is going to the local host.
5059 (2) Set up a different configuration file for the rewriting version of
5060 Exim. This need do no local deliveries, so it needs no local
5061 domains or directors, and as it accepts mail only from the local
5062 host, there is no need for any spam-blocking or other policy
5063 controls. However, it does need to have its own spool area. The main
5064 part of the configuration could be like this:
5069 local_interfaces = 127.0.0.1
5070 host_reject = !127.0.0.1
5071 spool_directory = /var/spool/exim-external
5074 Note the use of a negated item for <TT>host_reject</TT>, causing rejection of
5075 SMTP calls from all but the local host.
5079 The directors section can be completely empty (apart from the line
5080 saying "end"), while the routers section should be as in a normal
5081 configuration, as it is going to control external delivery.
5085 The rule(s) for rewriting your internal addresses into external ones
5086 should be in this configuration. This is one example of what might
5092 ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}"</PRE>
5094 which looks up each local part in a per-host file to obtain the
5095 externally-visible address, including (in this example) the domain.
5099 (3) You have to arrange for a daemon to be listening on port 26, and to
5100 be using the alternate configuration file. It is necessary to do
5101 this as root so that Exim retains its privilege after reading a
5102 non-standard configuration. A command such as
5106 exim -C /etc/exim-configure2 -bd -oX 26</PRE>
5108 could be used in a suitable system start-up file. Alternatively you
5109 could set up <B>inetd</B> to run Exim with the <B>-C</B> option for incoming
5110 connections on port 26.
5114 The net result of all of this is that when a message has one or more
5115 external recipients, a copy of it is sent via port 26 to the second
5116 version of Exim, which rewrites any internal addresses and does the
5117 external deliveries. The cost of this is that the message has to be
5118 copied and spooled twice, and you have two different Exim queues to
5119 manage. Note that if the "external" Exim has to send a delivery failure
5120 message, it will use the rewritten sender address.
5123 <A NAME="SEC202" HREF="FAQ.html#TOC202">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
5124 names, but if mail comes in for an upper case login name, it doesn't
5129 *@my.domain ${lookup{$1}dbm{/usr/lib/exim/longforms}\
5130 {$value}fail}@my.domain bcfrtFT</PRE>
5132 The longforms database has entries of the form:
5136 ano23: A.N.Other</PRE>
5138 A1004: Replace <B>$1</B> in your rule by <B>${lc:$1}</B> to force the local part to lower
5139 case before it is used as a lookup key.
5142 <A NAME="SEC203" HREF="FAQ.html#TOC203">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
5146 A1005: It depends on what you mean by "fail a message" and what addresses you
5147 are rewriting. If you are rewriting recipient addresses for your local
5152 *@dom.ain ${lookup{$1}dbm{/wher/ever}{$value}{failaddr}} Ehq</PRE>
5154 and in your alias file put something like
5158 failaddr: :fail: Rewriting failed.</PRE>
5160 This fails a single recipient - others are processed independently.
5163 <A NAME="SEC204" HREF="FAQ.html#TOC204">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
5164 contents are not being lowercased. Aren't domains supposed to be handled
5169 A1006: The value of <B>$domain</B> is the actual domain that appears in the address.
5170 It could of course be lower cased, but I know that would cause some
5171 unhappiness, because some people have mixed-case domain names which look
5172 silly if the case is changed. Thus, one wants to preserve the case in
5177 *@*.TheRap.com <something>@$domain</PRE>
5179 (not the best example) because "therap" doesn't look like two words. I
5180 know it seems trivial, but it is important to some people - especially
5181 if by some unfortunate accident the lowercased word is something
5186 You can trivally force lower casing by means of the <B>${lc:</B> operator.
5187 Instead of "$domain" write "${lc:$domain}".
5190 <A NAME="SEC205" HREF="FAQ.html#TOC205">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
5195 A1007: In general, this is not possible, because a message may have more than
5196 one recipient and Exim keeps just a single copy of each message. You can
5197 do an incomplete job by using a regular expression match in a rewrite
5198 rule to test, for example, the contents of the To: header. This would
5199 work except in cases of multiple recipients. See also
5200 <A HREF="FAQ.html#SEC201">Q1003</A>.
5203 <BR><H2><A NAME="SEC206" HREF="FAQ.html#TOC206">11. HEADERS
5206 <A NAME="SEC207" HREF="FAQ.html#TOC207">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
5207 a specific domain and the subject line.
5211 A1101: To the <TT>remote_smtp</TT> transport, add something like
5215 headers_add = "${if and{\
5216 {eq{$domain}{spec.dom}}\
5217 {matches{$h_subject:}{whatever}}}\
5218 {Content-Type: text/html; charset=\"us-ascii\"} fail }"</PRE>
5220 This example shows a Content-Type header, but you can have anything you
5221 like, and multiple headers can be inserted by using \n to separate them.
5224 <A NAME="SEC208" HREF="FAQ.html#TOC208">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
5229 A1102: Only if you arrange for each such local part to receive its own private
5230 copy of the mail. See <TT>max_rcpt</TT> in the SMTP transport. Then you could use
5231 conditions in an expansion string to add or not add a header.
5234 <A NAME="SEC209" HREF="FAQ.html#TOC209">Q1103</A>: How can I remove some part of the Received: header?
5238 A1103: Set <TT>received_header_text</TT>.
5241 <A NAME="SEC210" HREF="FAQ.html#TOC210">Q1104</A>: How I can insert the PGP header line using exim filters?
5245 A1104: You can't insert headers in a user filter. A system filter can do so,
5246 but the inserted lines then are included for all recipients.
5249 <BR><H2><A NAME="SEC211" HREF="FAQ.html#TOC211">12. FETCHMAIL
5252 <A NAME="SEC212" HREF="FAQ.html#TOC212">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
5253 recipient address <B><I>xxx</I>@localhost</B>".
5257 A1201: Put "localhost" in a list of local domains, that is, add it to the
5258 <TT>local_domains</TT> option in your Exim configuration file.
5261 <A NAME="SEC213" HREF="FAQ.html#TOC213">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
5262 set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
5267 A1202: This was a fetchmail problem which has been fixed. Ideally, you should
5268 upgrade to the current fetchmail release. If you cannot do this, there
5269 is some Exim magic that might help. The 'S' rewriting flag allows
5270 rewriting of envelope addresses to be done as soon as they are received
5271 in the SMTP protocol, before any kind of checking or other processing is
5272 done. This is specifically provided for installations that have to cope
5273 with mangled addresses coming in over SMTP.
5276 <A NAME="SEC214" HREF="FAQ.html#TOC214">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
5277 Exim, but will it work? Do I need to configure fetchmail any particular
5278 way? As far as Exim knows, all mail is coming from 127.0.01. Will it
5279 check the source address against RBL? Or will it check the From: header?
5283 A1203: It will check 127.0.0.1 (not very useful). The point of the RBL is to
5284 keep messages from black-listed hosts out of your machine. If you are
5285 using fetchmail, you have got the messages into your machine before you
5286 approach Exim. That kind of defeats the purpose of the RBL. The right
5287 way to do this would be for the host from which you fetchmail to do the
5288 RBL checking and insert some kind of warning header for you to test, as
5289 Exim does if you run RBL checks in warning mode.
5292 <BR><H2><A NAME="SEC215" HREF="FAQ.html#TOC215">13. PERL
5295 <A NAME="SEC216" HREF="FAQ.html#TOC216">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
5296 load library <B>'libperl.so'".</B>
5300 A1301: If you are using BSDI, see
5301 <A HREF="FAQ.html#SEC273">Q9401</A>.
5304 <A NAME="SEC217" HREF="FAQ.html#TOC217">Q1302</A>: Exim built with Perl support exits with several error messages of the
5305 form "undefined reference to `PL_stack_sp'".
5309 A1302: This has been seen on FreeBSD systems that had two different versions of
5310 Perl installed, the older with an <B>a.out</B> library and the newer with an
5311 ELF library. Ensure that the older package is removed.
5314 <BR><H2><A NAME="SEC218" HREF="FAQ.html#TOC218">14. DIAL-UP
5317 <A NAME="SEC219" HREF="FAQ.html#TOC219">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
5318 delivered when I'm not connected to the Internet?
5322 A1401: Use the <TT>queue_remote_domains</TT> option to control which domains are held
5323 on the queue for later delivery. For example,
5327 queue_remote_domains = ! *.localnet</PRE>
5329 allows delivery to domains ending in .localnet, while queueing all the
5333 <A NAME="SEC220" HREF="FAQ.html#TOC220">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
5334 that remote mail only goes out when I do a queue run. However, any email
5335 I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
5336 minutes saying 'retry time exceeded', and all addresses are affected.
5340 A1402: (A) You should be using <TT>queue_remote_domains</TT> rather than <TT>queue_smtp_</TT>
5341 domains. With the latter, Exim is trying to route the addresses, which
5342 involves a DNS lookup. This is presumably timing out, causing a retry
5343 time to be set for the domain, and somehow a valid lookup never happened
5344 before the maximum retry time (default of 4 days) passed. Hence the
5345 bounce. The fact that it is <B>aol.com</B> is not relevant. You should probably
5346 also be using <B>-qq</B> to do your queue run rather than <B><B>-q.</B></B>
5350 (B) An alternative approach if you are sending all your outgoing mail to
5351 the same smart host is to use a single router like this:
5357 transport = remote_smtp
5358 route_list = "* smarthost.isp.net byname"</PRE>
5360 and put the address of the smart host in <B>/etc/hosts</B>, so that it can be
5361 found without the need of a DNS lookup. Then you can use <TT>queue_smtp_</TT>
5362 domains so that Exim does the routing for every message, but doesn't try
5363 to deliver it. See also
5364 <A HREF="FAQ.html#SEC221">Q1403</A>.
5367 <A NAME="SEC221" HREF="FAQ.html#TOC221">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
5368 system for a domain on a dial-up host?
5372 A1403: Exim isn't really designed for this, but... The lowest-numbered MX
5373 record for the domain should be pointing to your host. You should set a
5374 large retry time for that domain, so that Exim doesn't keep trying to
5375 deliver when the host is offline. When the host comes online, the
5376 waiting messages have to be kicked somehow. This can be done by calling
5377 Exim with the <B>-R</B> option, or via the SMTP ETRN command. This works
5378 provided the number of messages is low. If you are handling lots of
5379 mail, keeping messages waiting for their host to connect and those that
5380 are having delivery problems to remote hosts all in the same queue
5381 doesn't work so well. It is better in this case to get Exim to deliver
5382 the mail for the dial-in hosts into some local files which then get
5383 transmitted by other software when the host connects. See the manual
5384 chapter entitled "Intermittently connected hosts" and also
5385 <A HREF="FAQ.html#SEC242">Q5014</A> and
5387 <A HREF="FAQ.html#SEC136">Q0521</A>.
5390 <A NAME="SEC222" HREF="FAQ.html#TOC222">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
5391 force delivery of waiting mail when I dial in. How can I arrange for any
5392 new messages that arrive while I'm connected to be delivered immediately?
5396 A1404: (A) Instead of <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT>, use the
5397 <TT>queue_only_file</TT> option. This causes messages to be queued only if a
5398 particular file exists. The word "remote" or "smtp" before the file name
5399 controls which type of queueing is used. For example:
5403 queue_only_file = remote/etc/present/when/not/connected</PRE>
5405 Then, in the scripts which are run when you connect and disconnect,
5406 arrange to remove the file after connection, and create it just before
5411 (B) An alternative is to set <TT>hold_domains</TT> to point to a file lookup and
5412 switch that file appropriately.
5415 <BR><H2><A NAME="SEC223" HREF="FAQ.html#TOC223">15. MODIFYING MESSAGE BODIES
5418 <A NAME="SEC224" HREF="FAQ.html#TOC224">Q1501</A>: How can I add a disclaimer or an advertisement to a message?
5422 A1501: There are a number of technical and potential legal problems that arise
5423 in connection with message modification. Some of them are listed below.
5424 If, despite these considerations, you still want to modify messages, you
5425 can do so using Exim, but not directly in Exim itself. It is not the job
5426 of an MTA to modify messages, something that requires understanding of
5427 their content and format.
5431 Exim provides a hook in the form of a "transport filter" that lets you
5432 pass any outgoing message through a program or script of your choice. It
5433 is the job of this script to make any changes to the message that you
5434 require. By this means, you have full control over what changes are
5435 made, and Exim does not need to know anything about message bodies.
5436 However, using a transport filter requires additional resources, and may
5437 slow down mail delivery.
5441 You can use Exim's directors and routers to arrange for those messages
5442 that you want to modify to be delivered via a transport filter. For
5443 example, suppose you want to do this for messages from addresses in
5444 your domain that are being delivered to a remote host. Place the
5445 following router before the standard <B>lookuphost</B> router:
5451 transport = remote_smtp_filter
5452 condition = ${if eq {$sender_address_domain}{your.domain}{yes}{no}}</PRE>
5454 This routes the relevant addresses to a transport called
5455 <TT>remote_smtp_filter</TT>. Other addresses fall through to the normal router,
5456 and are routed to the standard <TT>remote_smtp</TT> transport. Another way to do
5457 this would be to use a single router, with an expanded string for the
5458 transport setting. The new transport is defined thus:
5464 transport_filter = /your/filter/command</PRE>
5466 The entire message is passed to your filter command on its standard
5467 input. It must write the modified version to the standard output, taking
5468 care not to break the RFC 822 syntax. The command is run as the Exim
5469 user, if one is defined; otherwise it is run as root.
5473 There are a number of potential problems in doing this kind of
5474 modification in an MTA. Many people believe that to attempt is it wrong,
5479 1. It breaks digital signatures, which are becoming legally binding
5480 in some countries (already in the UK, likely to be 1 October 2000 in
5485 2. It is likely to break MIME encoding, that is, it is likely to wreck
5486 attachments, unless great care is taken.
5490 3. It is illegal under German and Dutch law to change the body of
5491 a mail message in transit. It might potentially be illegal in
5492 the UK under European law. This consideration applies to ISPs and
5493 other "common carriers". It would presumably not apply in a corporate
5494 environment where modification was done only to messages originating
5495 from the employees, before they left the company's network. It might
5496 also not apply if the senders have explicitly given their consent
5497 (e.g. agreed to have advertisements added to their incoming mail).
5501 4. Since the delivered message body was produced by the MTA (not the
5502 originator, because it was modified), the MTA operator could
5503 potentially be sued for any content. This again applies to "common
5504 carrier" MTAs. It's interesting that adding a disclaimer of liability
5505 could be making you liable for the message, but this case seems
5506 more likely to involve adding advertisements than disclaimers. After
5507 all, no postal service in the world opens all the mail it carries to
5512 5. Some mail clients (old versions of MS outlook) crash if the message
5513 body of an incoming MIME message has been tampered with.
5517 An alternative approach to the disclaimer problem would be to insist
5518 that all relevant messages have the disclaimer appended by the MUA. The
5519 MTA should refuse to accept any that do not. Again, however, the MTA
5520 must understand the format of messages in order to do this. Simply
5521 checking for appropriate wording at the end of the body is not good
5522 enough. It would probably be necessary to run a Perl script from within
5523 an Exim system filter in order to adopt this approach.
5526 <A NAME="SEC225" HREF="FAQ.html#TOC225">Q1502</A>: How can I remove attachments from messages?
5530 A1502: The answer to this is essentially the same as for
5531 <A HREF="FAQ.html#SEC224">Q1501</A>.
5534 <BR><H2><A NAME="SEC226" HREF="FAQ.html#TOC226">20. MILLENNIUM
5537 <A NAME="SEC227" HREF="FAQ.html#TOC227">Q2000</A>: Are there any Y2K issues with Exim?
5541 A2000: The author of Exim believes that it is Y2K-compliant, as long as the
5542 underlying operating system and C library are. Exim does not parse dates
5543 or times at all. Internally, it makes some use of binary timestamps in
5544 Unix format (number of seconds since 1-Jan-1970) and uses C library
5545 services to convert these to printing forms (e.g. for logging). The
5546 printing forms all use 4-digit years. Some people have tried various
5547 tests. No problems have been reported, but details of what tests have
5548 been done are not available.
5551 <BR><H2><A NAME="SEC228" HREF="FAQ.html#TOC228">50. MISCELLANEOUS
5554 <A NAME="SEC229" HREF="FAQ.html#TOC229">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
5559 A5001: This is an error that occurs when Exim is trying to find out the all the
5560 IP addresses on all of the local host's interfaces. If you have lots of
5561 virtual interfaces, this can occur if there are more than around 250 of
5562 them. The solution is to set the option <TT>local_interfaces</TT> to list just
5563 those IP addresses that you want to use for making and receiving SMTP
5567 <A NAME="SEC230" HREF="FAQ.html#TOC230">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
5568 set of Exim administration functions? I don't want to put them all in
5573 A5002: See <B><A HREF="http://www.chiark.greenend.org.uk/~ian/userv/.">http://www.chiark.greenend.org.uk/~ian/userv/.</A></B> Using userv you can
5574 arrange (for example) for certain users to be able to invoke mailq or
5575 runq or other preset commands as exim (or any other user, as configured)
5576 with only userv configuration. If you want to check the particular Exim
5577 options available you can easily do it with shell or Perl scripts and
5578 userv configuration, and provided you know how to do argument
5579 `unparsing' properly in shell or Perl it will be secure.
5582 <A NAME="SEC231" HREF="FAQ.html#TOC231">Q5003</A>: How can I test for a message's size being greater or less than a given
5583 value in an expansion string?
5587 A5003: This isn't straightforward in versions of Exim prior to 2.10, because
5588 there were no arithmetic operators in expansion strings. In version
5589 2.10 or later you can write, straightforwardly,
5593 ${if > {$message_size}{10K} {yes} {no}}</PRE>
5595 In earlier versions, low cunning can be used to achieve certain
5596 kinds of test. For example, to test if the message size is less than
5597 or equal to 1000000:
5601 ${if eq{${expand:\$\{substr_-1000000_$message_size:x\}}} {} {yes} {no}}</PRE>
5602 <A NAME="SEC232" HREF="FAQ.html#TOC232">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
5603 want to "tail", and the number of tailing windows is getting to be a
5608 A5004: Look for a program called 'xtail' (despite its name, it's not an
5609 X-windows application). It allows you to do multiple tails, even of
5613 <A NAME="SEC233" HREF="FAQ.html#TOC233">Q5005</A>: I would like to have Exim log information written to syslog.
5617 A5005: Support for this is available from version 3.10 onwards.
5620 <A NAME="SEC234" HREF="FAQ.html#TOC234">Q5006</A>: What does the error "Failed to create spool file" mean?
5624 A5006: Exim has been unable to create a file in its spool area in which to
5625 store an incoming message. This is most likely to be either a
5626 permissions problem in the file hierarchy, or a problem with the uid
5627 under which Exim is running, though it could be something more drastic
5628 such as your disc being full. Check that you have defined the spool
5629 directory correctly by running
5633 exim -bP spool_directory</PRE>
5635 and examining the output. Check the mode of this directory. It should
5636 look like this, assuming you are running Exim as user `exim':
5640 drwxr-x--- 6 exim exim 512 Jul 16 12:29 /var/spool/exim</PRE>
5642 If there are any subdirectories already in existence, they should have
5643 the same permissions, owner, and group. Check also that you haven't got
5644 incorrect permissions on superior directories (for example, <B>/var/spool</B>).
5645 Check that you have set up the exim binary to be setuid root. It should
5650 -rwsr-xr-x 1 root xxx 502780 Jul 16 14:16 exim</PRE>
5652 Note that it is not just the owner that must be root, but also the third
5653 permission must be "s" rather than "x".
5656 <A NAME="SEC235" HREF="FAQ.html#TOC235">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
5660 A5007: This might be a problem with the db library. See
5661 <A HREF="FAQ.html#SEC120">Q0505</A>.
5664 <A NAME="SEC236" HREF="FAQ.html#TOC236">Q5008</A>: Exim's databases keep getting corrupted.
5669 <A HREF="FAQ.html#SEC120">Q0505</A>.
5672 <A NAME="SEC237" HREF="FAQ.html#TOC237">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
5673 but I can't get it to have an envelope from of <>.
5677 A5009: You haven't, by any chance, put "exim" in the list of <TT>never_users</TT>, have
5681 <A NAME="SEC238" HREF="FAQ.html#TOC238">Q5010</A>: I see entries in the log that mention two different IP addresses for the
5682 same connection. Why is this? For example:
5686 H=tip-mp8-ncs-13.stanford.edu ([36.173.0.189]) [36.173.0.156]</PRE>
5688 A5010: The actual IP address from which the call came is the final one.
5689 Whenever there's something in parentheses in a host name, it is what the
5690 host quoted as the domain part of an SMTP HELO or EHLO command. So in
5691 this case, the client, despite being 36.173.0.156, issued the command
5695 HELO [36.173.0.189]</PRE>
5697 when it sent your server the message. This is, of course, very
5701 <A NAME="SEC239" HREF="FAQ.html#TOC239">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
5706 A5011: Set the option
5710 smtp_etrn_command = /usr/lib/sendmail -R $domain</PRE>
5712 This causes Exim to run that command, with <B>$domain</B> replaced by the
5713 argument of ETRN. The default action of Exim is to require the # sign
5714 in order to be RFC-compliant, and to run the equivalent of
5718 smtp_etrn_command = /usr/lib/sendmail -R ${substr_1:$domain}</PRE>
5720 which uses the argument without the leading # as the value for the <B>-R</B>
5721 option. You aren't restricted to running Exim with the <B>-R</B> option, of
5722 course. You can specify any command you like, with any number of
5723 arguments. In particular, you can pass over the IP address of the caller
5724 via <B><B>$sender_host_address.</B></B> However, if you make use of expansion strings
5725 in the arguments, each one must be entirely contained in a single
5726 argument. For example, if you want to remove the first character of the
5727 ETRN argument when it is @ or #, you could use
5731 smtp_etrn_command = "/usr/lib/sendmail -R \
5732 \"${if match {$domain}{^[@#]}{${substr_1:$domain}}{$domain}}\""</PRE>
5734 The internal quotes are necessary because of the white space inside the
5739 If you use <TT>smtp_etrn_command</TT> to run something other than Exim with the
5740 <B>-R</B> option, you must disable <TT>smtp_etrn_serialize</TT>, because otherwise the
5741 serialization lock (which is set by default) never gets removed.
5744 <A NAME="SEC240" HREF="FAQ.html#TOC240">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
5745 delivered to their final destination with the Bcc: line still present.
5749 A5012: Exim removes Bcc lines only if you call it with the <B>-t</B> option (i.e.
5750 when it is acting partly as an MUA). It does not remove Bcc lines that
5751 are present in incoming SMTP mail or command-line mail that does not
5752 use <B><B>-t.</B></B> Indeed, it should not remove them. From RFC 822:
5756 5.3. BCC / RESENT-BCC
5760 This field contains the identity of additional recipients of the
5761 message. The contents of this field are not included in copies of the
5762 message sent to the primary and secondary recipients. Some systems may
5763 choose to include the text of the "Bcc" field only in the author(s)'s
5764 copy, while others may also include it in the text sent to all those
5765 indicated in the "Bcc" list.
5769 Only the initiating software (i.e. the MUA) can tell what to do with
5770 Bcc; any MTA software has to leave it alone.
5773 <A NAME="SEC241" HREF="FAQ.html#TOC241">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
5774 printed page, the printer ejects a blank sheet. Is this something to do
5775 with using "letter" rather than A4 paper?
5779 A5013: This seems to be an effect of using ghostview. Although the PostScript
5780 is generated for A4 pages, the size of the page images is such that they
5781 should fit on a letter page (they are shorter than would normally be
5782 used on A4 paper). If the PostScript file is sent directly to a
5783 PostScript printer, there is no problem. An alternative is to get hold
5784 of the "psutils" toolset, which is available from
5788 <A HREF="ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz">ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz</A></PRE>
5790 It contains utilities for extracting pages (which can be useful for
5791 double-sided printing) and for resizing pages. If you resize from A4 to
5792 letter the text shrinks a bit, but should then be printable via
5796 <A NAME="SEC242" HREF="FAQ.html#TOC242">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
5797 in to collect their mail.
5801 A5014: Exim isn't really designed for this kind of operation. The only way to
5802 do this would be to cause it to send those messages to a differently
5803 configured version of Exim with its own spool area. This could be done
5804 via a pipe or SMTP to a private port. The main Exim, listening on port
5805 25, would then be configured to run an appropriate command to prod one
5806 of the others when it received ETRN, by means of the <TT>etrn_command</TT> option.
5810 You could probably manage this with a single Exim binary and a number of
5811 different configuration files, passed to the special versions using the
5812 <B>-C</B> option. For this application they could all run as exim, since no
5813 root privilege would be needed.
5817 An alternative approach would be to get Exim to deliver mail for such
5818 hosts in batch SMTP format into some directory, and have the ETRN run
5819 something to pass such messages to the dialled-in host. See also
5820 <A HREF="FAQ.html#SEC118">Q0503</A>
5822 <A HREF="FAQ.html#SEC136">Q0521</A>.
5825 <A NAME="SEC243" HREF="FAQ.html#TOC243">Q5015</A>: A short time after I start Exim I see a <defunct> process. What is
5830 A5015: Your system must be lightly loaded as far as mail is concerned. The
5831 daemon sets off a queue runner process when it is started, but it only
5832 tidies up completed child processes when it wakes up for some other
5833 reason. When there's nothing much going on, you occasionally see
5834 <defunct> processes like this waiting to be dealt with. This is
5838 <A NAME="SEC244" HREF="FAQ.html#TOC244">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
5839 daemons: exim abandoned: unknown, malformed, or incomplete option
5840 <B>-bz</B> sendmail". What does this mean?
5844 A5016: <B>-bz</B> is a Sendmail option requesting it to create a "configuration freeze
5845 file". Exim has no such concept and so does not support the option. You
5846 probably have a line like
5850 /usr/lib/sendmail -bz</PRE>
5852 in some start-up script (e.g. <B><B>/etc/init.d/mail</B>)</B> immedately before
5856 /usr/lib/sendmail -bd -q15m</PRE>
5858 The first of these lines should be commented out.
5861 <A NAME="SEC245" HREF="FAQ.html#TOC245">Q5017</A>: I would like to restrict e-mail usage for some users to the local
5862 machine, ideally on a group basis.
5867 <A HREF="FAQ.html#SEC296">A9802</A>
5870 <A NAME="SEC246" HREF="FAQ.html#TOC246">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
5871 the SMTP port. Why is this?
5875 A5018: Something else is hanging onto port 25 and not releasing it. One place
5876 to look is <B><B>/etc/inetd.conf</B></B> in case for any reason an SMTP stream is
5880 <A NAME="SEC247" HREF="FAQ.html#TOC247">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
5885 A5019: As well as plain ASCII text, the Exim documentation is provided in two
5886 online forms - texinfo and HTML - which have a certain amount of built-
5887 in indexing for ease of finding your way around. There are no man pages
5888 because the author of Exim hasn't the time (or desire :-) to maintain
5889 yet another documentation format. Besides, it is hard to know how to
5890 split the Exim manual up.
5894 There is a contributed man page for a previous version of Exim in
5898 <B><A HREF="ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8">ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8</A></B>
5902 This was written by a previous maintainer of the Debian GNU/Linux Exim
5903 package. You can view a nicely formated version at:
5907 <B><A HREF="http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz">http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz</A></B>
5911 This contains some introductory text and the command line options only.
5914 <A NAME="SEC248" HREF="FAQ.html#TOC248">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
5915 to the addresses within the message, not to those on the command line.
5919 A5020: By default Exim operates according to the Sendmail documentation, and
5920 interprets addresses on the command line as addresses <EM>not</EM> to send to.
5925 extract_addresses_remove_arguments = false</PRE>
5927 to change this behaviour. There is some confusion in the Sendmail
5928 community about the interpretation of recipient addresses on the command
5929 line if the <B>-t</B> option is used.
5933 Here is an except from one version of the sendmail documentation
5937 <B>-t</B> Read message for recipients. To:, Cc:, and Bcc: lines will
5938 be scanned for recipient addresses. The Bcc: line will be
5939 deleted before transmission. Any addresses in the argument
5940 list will be suppressed, that is, they will not receive
5941 copies even if listed in the message header.
5945 Earlier versions of the sendmail documentation are ambiguous (unlike the
5946 snippet above). Apparently the code and documentation streams resolved
5947 the ambiguity differently.
5950 <A NAME="SEC249" HREF="FAQ.html#TOC249">Q5021</A>: If I set up, for example,
5951 <TT>local_domains = *customer.com</TT>, then it matches
5952 <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
5953 <B>"noncustomer.com",</B> which is wrong. How can I get round this?
5957 A5021: (A) You have to specify two entries in the list:
5961 local_domains = customer.com : *.customer.com</PRE>
5963 because * in a domain list matches any characters, including "." and
5964 including a null sequence.
5968 (B) Alternatively, you could use a regular expression:
5972 local_domains = ^(.+\.|)customer\.com$</PRE>
5974 but that probably will not be as efficient.
5978 (C) If you have lots of local domains, you could put them into a file to
5979 be searched (using lsearch, dbm, cdb, or whatever) and use a partial
5984 local_domains = partial-dbm;/list/of/domains</PRE>
5986 If the file contains the key <B>*.customer.com</B> then the desired effect is
5987 achieved, because partial lookups do operate on a component basis. See
5988 the section entitled "Partial matching in domain lists". It is a bit
5989 confusing that "*" is used in this context, because its meaning is not
5990 the same as when it appears directly in a domain list.
5993 <A NAME="SEC250" HREF="FAQ.html#TOC250">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
5994 exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
5995 treated as local. What is the best way to do this?
5999 A5022: (A) From release 3.00 onwards, you can put negative items in the
6000 <TT>local_domains</TT> setting, like this:
6004 local_domains = !foo.oyoy.org : !bar.oyoy.org : *.oyoy.org</PRE>
6006 If there are many exceptions, you can use a lookup instead of listing
6011 (B) Otherwise, you can use a regular expression:
6015 local_domains = ^.*(?<!^foo|^bar)\.oyoy\.org$</PRE>
6017 An alternative formulation that is more efficient in execution (because
6018 it doesn't backtrack for .* in cases that don't match) is
6022 local_domains = ^(?>.*$)(?<=\.oyoy\.org)(?<!^(foo|bar)\.oyoy\.org)</PRE>
6024 If you are using an earlier version of Exim in which the regular
6025 expression library does not have lookbehind support (versions prior to
6026 2.051, but after 1.735):
6030 local_domains = ^(?!(foo|bar)\.oyoy\.org$).+\.oyoy\.org$</PRE>
6032 If you are using a version of Exim that is earlier than 1.735, consider
6036 <A NAME="SEC251" HREF="FAQ.html#TOC251">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
6037 is a Sparc 5 running Solaris 2.6.
6041 A5023: The problem is that there are a number of build-time options, requiring
6042 the answer to questions like:
6046 . Which DBM library do you have? (On Solaris probably ndbm, but no easy
6047 default on some other systems.)
6051 . Which uid/gid do you want to use for Exim?
6055 . Where do you want the configuration file to be? (<EM>Many</EM> different
6056 answers, even on the same OS, depending on local policy.)
6060 . Ditto for the binaries.
6064 . Which optional bits of Exim do you want to include?
6068 ... and so on. One could impose a set of values, but I suspect they
6069 would probably please nobody.
6072 <A NAME="SEC252" HREF="FAQ.html#TOC252">Q5024</A>: Is there a Windows NT version of Exim available?
6076 A5024: A long time ago somebody took a copy of the Exim source with the aim of
6077 trying to port it to NT. However, I never heard anything more.
6080 <A NAME="SEC253" HREF="FAQ.html#TOC253">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
6081 Notification (MSN), or any other form of delivery acknowledgement?
6086 <A HREF="FAQ.html#SEC132">A0517</A>.
6089 <A NAME="SEC254" HREF="FAQ.html#TOC254">Q5026</A>: What does "Exim" stand for?
6093 A5026: Originally, it was "EXperimental Internet Mailer", which was the best I
6094 could come up with when I was starting out. At that point it <EM>was</EM>
6095 experimental - I wanted to see if the ideas I had for extending Smail's
6096 approach actually worked. Then somebody discovered about it and wanted
6097 to start using it, and told other people about it...
6100 <A NAME="SEC255" HREF="FAQ.html#TOC255">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
6101 received in one connection" mean?
6106 <A HREF="FAQ.html#SEC133">A0518</A>.
6109 <A NAME="SEC256" HREF="FAQ.html#TOC256">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
6110 amount of space on the spool for incoming SMTP messages that use the
6111 SIZE option. Can I suppress this?
6115 A5028: The RFC for the SIZE option says
6119 If the server currently lacks sufficient resources to accept a
6120 message of the indicated size, but may be able to accept the
6121 message at a later time, it responds with code "452
6122 insufficient system storage".
6126 and that is what Exim is trying to implement. This is entirely
6127 independent from <TT>check_spool_space</TT>, which says "don't accept any mail
6128 if there is less than so much space in the spool partition", though the
6129 code is optimised to do both checks at the same time if required.
6130 However, you can suppress the SIZE check if you want to, by unsetting
6131 <TT>smtp_check_spool_space</TT>.
6134 <A NAME="SEC257" HREF="FAQ.html#TOC257">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
6135 assuming that the "<>" indicates that the envelope did not contain any
6140 A5029: Yes. This indicates a delivery failure report (aka "bounce message").
6141 Here is what RFC 1123 has to say about this:
6145 "If there is a delivery failure after acceptance of a message,
6146 the receiver-SMTP MUST formulate and mail a notification
6147 message. This notification MUST be sent using a null ("<>")
6148 reverse path in the envelope; see Section 3.6 of RFC-821. The
6149 recipient of this notification SHOULD be the address from the
6150 envelope return path (or the Return-Path: line). However, if
6151 this address is null ("<>"), the receiver-SMTP MUST NOT send a
6152 notification. If the address is an explicit source route, it
6153 SHOULD be stripped down to its final hop."
6157 The reason for using empty sender addresses is to identify bounce
6158 messages so that they themselves do not cause further bounces. However,
6159 this has made life harder for those that want to check incoming mail for
6160 valid senders. It is a pity that some other mechanism (e.g. a keyword
6161 on the MAIL command) was not used instead, but it is far too late to
6166 Empty senders are also used for other kinds of report which should not
6167 themselves cause the generation of bounce messages. For example, Exim
6168 uses them when sending out warnings about delivery delays.
6171 <A NAME="SEC258" HREF="FAQ.html#TOC258">Q5030</A>: I've received a message which does not have my address in the To:
6172 line. It is a spam message with the same address in both the From: and
6173 the To: headers. How can this happen, and why doesn't Exim reject it?
6177 A5030: There is an important distinction between the "envelope" from and to and
6178 the "header" from and to. The former are sometimes called the "sender"
6179 and "recipient". An email message needs an "envelope" for the same
6180 reason that paper mail does - the envelope tells the delivery mechanism
6181 what to do with *this copy* of the message, whereas the To: header lists
6182 all the recipients, including those who have been sent different copies
6183 of the message because their mailbox is on some other host.
6187 An MTA such as Exim normally works entirely with the "envelope"
6188 addresses, not with those in the header lines. However, you can specify
6189 that it should do some checking of header addresses by setting a
6190 number of options whose names begin with <TT>headers_</TT>.
6194 Don't try to block mail where envelope from and the header from differ.
6195 There are common legitimate cases where this happens, for example,
6196 messages forwarded from mailing lists and delivery failure reports.
6199 <A NAME="SEC259" HREF="FAQ.html#TOC259">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
6200 that is, it is handled without it ever hitting the disc?
6204 A5031: It doesn't, and never will. Accepting and delivering a message are two
6205 entirely separate, independent processes, which communicate only by
6206 writing/reading the message on the disc.
6209 <A NAME="SEC260" HREF="FAQ.html#TOC260">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
6210 on the fly, or do I need to restart Exim every time I make a change?
6214 A5032: Exim re-reads the file every time it consults it, so if you are using a
6215 cdb or a DBM library that uses just a single file (i.e. NOT ndbm) then
6216 you can just build the new file with a temporary file name, and use "mv"
6217 to rename it into the correct place on the fly. If there are two files
6218 to rename, there is a window of time during which the DBM database is
6219 inconsistent. On lightly loaded systems this may not matter.
6222 <A NAME="SEC261" HREF="FAQ.html#TOC261">Q5033</A>: What are the main differences between using an Exim filter and using
6227 A5033: Exim filters and procmail provide different facilities. Exim filters run
6228 at directing time, before <EM>any</EM> deliveries are done. A filter is like a
6229 <B>".forward</B> file with conditions". One of the benefits is de-duplication.
6230 Another is that if you forward, you are forwarding the original message.
6234 However, this does mean that pipes etc. are not run at filtering time,
6235 nor can you change the headers, because the message may have other
6236 recipients and Exim keeps only a single set of headers.
6240 Procmail runs at delivery time. This is for one recipient only, and so
6241 it can change headers, run pipes and check the results, etc. However, if
6242 it wants to forward, it has to create a new message containing a copy
6243 of the original message.
6247 It's your choice as to which of these you use. You can of course use
6251 <A NAME="SEC262" HREF="FAQ.html#TOC262">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
6252 those addresses generated from a top-level address that have not yet
6257 A5034: Exim does not keep this information. It saves only the top-level
6258 addresses and the list of addresses that are finished with. At each
6259 delivery attempt, generated addresses are recomputed from scratch. This
6260 makes it possible to correct errors in <B>.forward</B> and alias files that are
6261 causing delivery delays. However, there is an option you can set on an
6262 <B>aliasfile</B> or <B>forwardfile</B> director that changes things. It is called
6263 <TT>one_time</TT>, and if it is set, the list of generated addresses gets added
6264 to the top-level list at the first delivery attempt, and is never
6265 regenerated. Because top-level address lists must be real email
6266 addresses, this option cannot be used if any of the generated addresses
6267 are pipes, files, or autoreplies.
6270 <A NAME="SEC263" HREF="FAQ.html#TOC263">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
6271 relaying that they are being blocked with a "Too many connections"
6276 A5035: See <TT>smtp_accept_max</TT> and related options such as <TT>smtp_accept_reserve</TT>.
6279 <A NAME="SEC264" HREF="FAQ.html#TOC264">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
6280 error message: "Filter error: unavailable filtering command "fail" near
6281 line 8 of filter file".
6285 A5036: Use the <B>-bF</B> option to test system filters. This gives you access to the
6286 freeze and fail actions.
6289 <A NAME="SEC265" HREF="FAQ.html#TOC265">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
6290 deliver it? I want to be in this state while moving some mailboxes.
6294 A5037: (1) Set <TT>queue_only</TT> in the Exim configuration. (2) Kill off your daemon,
6295 and restart it <EM>without</EM> the <B>-q</B> option (i.e. with just the <B>-bd</B> option),
6296 so that it does not spawn any queue runners. This stops all deliveries,
6297 remote as well as local. To stop just local deliveries, assuming that
6298 none of your routers are configured to send messages directly to a local
6299 transport, make this your first director:
6305 new_address = :defer:</PRE>
6307 When you are ready to go again, remove that director and do a <B>-qf</B> run to
6308 override the retry times. This solution works from release 3.10 onwards.
6309 In earlier releases an <B>aliasfile</B> director must be used because :defer:
6310 was not available for use in <B>smartuser</B>.
6313 <A NAME="SEC266" HREF="FAQ.html#TOC266">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
6318 A5038: See the section of the manual entitled "Sender verification". Exim has
6319 failed to verify a sender from the same host 3 times within a period of
6323 <A NAME="SEC267" HREF="FAQ.html#TOC267">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
6328 A5039: On some X implementations, if the numlock key is pressed (so that the
6329 numeric keypad is working) then the menu didn't work properly in
6330 versions of Eximon before Exim release 3.10. The problem is an
6331 infelicity in the particular implementation of X. A workaround was
6332 introduced at release 3.10, so this problem should no longer be
6336 <A NAME="SEC268" HREF="FAQ.html#TOC268">Q5040</A>: What does "ridiculously long message header" in an error report mean?
6340 A5040: There has to be some limit to the length of a message's header lines,
6341 because otherwise a malefactor could open an SMTP channel to your host,
6342 start a message, and then just send characters continuously until your
6343 machine ran out of memory. (Exim stores all the header lines in main
6344 memory). For this reason a limit is imposed on the total amount of
6345 memory that can be used for header lines. The default is 1MB, but this
6346 can be changed by setting HEADER_MAXSIZE in <B>Local/Makefile</B>. Exceeding
6347 the limit provokes the "ridiculous" error message.
6351 Prior to release 3.022 Exim used two separate limits, one on the length
6352 of an individual header line and one on the total number of header
6353 lines. A header line longer than 8192 used to provoke the error "Header
6354 line is ridiculously overlong". In subsequent releases there is no limit
6355 on individual header lines; only the total matters.
6358 <A NAME="SEC269" HREF="FAQ.html#TOC269">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
6363 A5041: Yes. Exim provides MTA functionality. That is, it delivers mail. POP is
6364 one of several ways of reading previously-delivered mail. Exim does not
6365 provide that functionality.
6368 <BR><H2><A NAME="SEC270" HREF="FAQ.html#TOC270">93. HP-UX
6371 <A NAME="SEC271" HREF="FAQ.html#TOC271">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
6372 put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
6376 (Bundled) cc: "buildconfig.c", line 54: error 1705: Function prototypes
6377 are an ANSI feature.</PRE>
6379 A9301: The bundled compiler is not an ANSI C compiler. You either have to get a
6380 copy of gcc from the HPUX Software Porting Archives or buy the ANSI cc
6381 from HP. The advice given by one user of HP systems on the Exim
6382 mailing list was as follows:
6386 "Personally, I wouldn't use anything but the ANSI C compiler. gcc
6387 works for compilation, but it doesn't know squat about PA-RISC chips
6388 past the 1.0 rev. Since then, HP has come out with PA-RISC 1.1, 2.0,
6389 and 2.1, each with better features. gcc will compile for them, but it
6390 doesn't produce anywhere near the optimization that HP's compiler
6395 I took the gcc road when we moved from FreeBSD to HP-UX because I was
6396 familiar with it. After 6 months, I had to go and re-port everything
6397 over when we realized that gcc wasn't going to do it for us long-term.
6398 If I could give advice to any new HP-UX admin: don't use gcc if you
6399 can afford the ANSI C compiler. Based on the cost of even the lowest
6400 HP workstation, that usually isn't a problem."
6403 <BR><H2><A NAME="SEC272" HREF="FAQ.html#TOC272">94. BSDI
6406 <A NAME="SEC273" HREF="FAQ.html#TOC273">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
6407 <B>"./exim:</B> can't load library <B>'libperl.so'".</B>
6411 A9401: You probably compiled perl5 yourself, without looking into
6415 /usr/src/contrib/perl5/perl5.004_02/hints/bsdos.sh</PRE>
6417 first. The problem is that the command
6421 perl5 -MExtUtils::Embed -e ldopts</PRE>
6423 doesn't give you sufficient flags to link something with libperl.
6424 Since 5.004_02 the <B>hints/bsdos.sh</B> file has changed to adapt to the
6425 changes between BSDI 3.1 and 4.0, but it is still not entirely right.
6429 The solution is, when you compile perl, change the "ccdlflags"
6430 variable in <B>config.sh</B> to:
6434 -rdynamic -Wl,-rpath,/usr/local/lib/perl5/5.00502/i386-bsdos/CORE</PRE>
6436 (or something similar). Alternatively, you can run ./Configure and
6437 answering the question "Any special flags to pass to cc to use dynamic
6438 loading?" with the above line. It is not known what <B>-rdynamic</B> means
6439 (it's not apparently documented in any man page), but that's what BSDI
6440 guys did to compile perl5 which comes with BSDI 4.0 distribution.
6443 <BR><H2><A NAME="SEC274" HREF="FAQ.html#TOC274">95. IRIX
6446 <A NAME="SEC275" HREF="FAQ.html#TOC275">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
6447 Exim doesn't seem to recognize them as local addresses.
6451 A9501: This problem was fixed in Exim release 2.03. If you are running an
6452 earlier version you should use the <TT>local_interfaces</TT> option to specify
6453 all your IP addresses explicitly.
6456 <A NAME="SEC276" HREF="FAQ.html#TOC276">Q9502</A>: The IP addresses for incoming calls are all being given as
6461 A9502: If you used the gcc compiler 2.8.x there is a known bug with the
6462 "gethost" function under Irix. SGI recommends using either their cc
6463 compiler in Irix 6.5, or a lesser version of the gnu compiler (2.6.x).
6467 Alternatively, there is an Inst-able port of exim for Irix at
6468 <B><A HREF="http://freeware.sgi.com">http://freeware.sgi.com</A>,</B> but it is not likely to be the latest release.
6471 <BR><H2><A NAME="SEC277" HREF="FAQ.html#TOC277">96. LINUX
6474 <A NAME="SEC278" HREF="FAQ.html#TOC278">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
6479 A9601: This has been seen in cases where Exim has been incorrectly built with
6480 a muddled combination of an <B>ndbm.h</B> include file and a non-matching
6485 Faults like this have also been seen on systems with faulty motherboards.
6486 You could try to compile the Linux kernel 10 times - if the compile
6487 process stops with signal 11, your hardware is to blame.
6490 <A NAME="SEC279" HREF="FAQ.html#TOC279">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
6491 trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
6495 A9602: You have several shells installed, which are setting conflicting values
6496 in the HOSTTYPE environment variable that is used to construct the name
6497 of the build directory. One way round this is to run this command:
6501 ln -s build-Linux-libc5-i386-linux build-Linux-libc5-i386</PRE>
6503 This problem should no longer be encountered in release 3.10 or later.
6504 Exim has been changed to get the host type from the "uname" command
6508 <A NAME="SEC280" HREF="FAQ.html#TOC280">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
6509 my mail logs. Anyone worked out the logrotate config file that will
6514 A9603: Here's one suggestion:
6518 /var/log/exim/main.log {
6519 create 644 exim exim
6525 The sleep is added to allow things to close the log file prior to
6526 compression. You also need similar entries for the panic log and the
6527 reject log, of course.
6530 <A NAME="SEC281" HREF="FAQ.html#TOC281">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
6531 service terminated" on a RedHat 5.2 system, causing imap connections to
6532 be refused. The imapd in use is Washington Uni vers 12.250. Could this
6533 be anything to do with Exim?
6537 A9604: No, it's nothing to do with Exim, but here's the answer anyway: there
6538 is a maximum connection rate for <B>inetd</B>. If connections come in faster
6539 than that, it thinks a caller is looping. The default setting on RedHat
6540 5.2 is 40 calls in any one minute before <B>inetd</B> thinks there's a problem
6541 and suspends further calls for 10 mins. This default setting is very
6542 conservative. You should probably increase it by a factor of 10 or 20.
6547 imap stream tcp nowait.400 root /usr/sbin/tcpd /usr/local/etc/imapd</PRE>
6549 The rate setting is the number following "nowait". This syntax seems to
6550 be specific to the Linux version of <B>inetd</B>. Other operating systems
6551 provide similar functionality, but in different ways.
6554 <A NAME="SEC282" HREF="FAQ.html#TOC282">Q9605</A>: I get the "too many open files" error especially when a lot of messages
6555 land for majordomo at the same time.
6559 A9605: The problem appears to be the number of open files the system can
6560 handle. This is changable by using the proc filesystem. To your
6561 <B><B>/etc/rc.d/rc.local</B></B> file append something like the following:
6565 # Now System is up, Modify kernel parameters for max open etc.</PRE>
6567 if [ -f /proc/sys/kernel/file-max ]; then
6568 echo 16384 >> /proc/sys/kernel/file-max
6570 if [ -f /proc/sys/kernel/inode-max ]; then
6571 echo 24576 >> /proc/sys/kernel/inode-max
6573 if [ -f /proc/sys/kernel/file-nr ]; then
6574 echo 2160 >> /proc/sys/kernel/file-nr
6577 By echoing the value you want for file-max to the file file-max <B>etc.,</B>
6578 you actually change the kernel parameters.
6581 <A NAME="SEC283" HREF="FAQ.html#TOC283">Q9606</A>: I'm having a problem with an Exim RPM.
6585 A9606: Normally the thing to do if you have a problem with an RPM package is
6586 to contact the person who built the package first, not the person who
6587 made the software that's in the package. You can usually find out who
6588 made a package using the following command:
6592 rpm --query --package --queryformat '%{PACKAGER}\n' <rpm-package-file></PRE>
6594 where <rpm-package-file> is the actual file, e.g. <B>`exim-3.03-2.i386.rpm'.</B>
6595 Or, if the package is installed on your system:
6599 rpm --query --queryformat '%{PACKAGER}\n' <package-name></PRE>
6601 where <package-name> is the name component of the package, e.g. `exim'.
6602 If the packager is unable or unwilling to help, only then should you
6603 contact the actual author or associated mailing list of the software.
6607 If you discover through the querying process that you can't tell who
6608 the person (or company or group) is who built the package, or that they
6609 no longer exist at the given address, then you should reconsider
6610 whether you want a package from an unknown source on your system.
6614 If you discover through the querying process that you yourself are the
6615 person who built the package, then you should either (a) contact the
6616 author or associated mailing list, or (b) reconsider whether you ought
6617 to be building and distributing RPM packages of software you don't
6622 Similar rules of thumb govern other binary package formats, including
6623 debs, tarballs, and POSIX packages.
6626 <BR><H2><A NAME="SEC284" HREF="FAQ.html#TOC284">97. SUN SYSTEMS
6629 <A NAME="SEC285" HREF="FAQ.html#TOC285">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
6633 A9701: Make sure you are liking with the GNU <B>ld</B> linker and not the system
6634 version of <B>ld</B>.
6637 <A NAME="SEC286" HREF="FAQ.html#TOC286">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
6642 A9702: CDE <B>dtmail</B> passes messages to Exim via the command line interface with
6643 lines terminated by CRLF, instead of the Unix convention of just LF. As
6644 Exim is an 8-bit clean program it treats the CR as just another data
6645 character. Exim has a command line option called <B>-dropcr</B> which causes
6646 it to ignore <EM>all</EM> CR characters in an incoming non-SMTP message. You
6647 should configure <B>dtmail</B> to add this option to the command it uses to
6648 call Exim (using the path <B>/usr/lib/sendmail</B>). However, it has been
6649 reported that it isn't possible to change this call from <B>dtmail</B> by any
6650 official means. An alternative approach is to replace <B>/usr/lib/sendmail</B>
6651 by a filtering script which removes the spurious CRs from the input
6652 before passing it to Exim.
6655 <A NAME="SEC287" HREF="FAQ.html#TOC287">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
6656 more than 10 A records.
6660 A9703: There are Sun library patches to fix this. It is not Exim's problem.
6661 For 4.13_U1 the patch is 101558<I>-xx</I>; for 4.1.3 the patch is 100891<I>-xx</I>.
6662 From the README: 1054748 ftp, ping dump core when connecting to a host
6663 with multiple DNS A records.
6667 An alternative is to build another resolver library - such as the ones
6668 that are part of the bind distribution - and explicitly link against
6672 <A NAME="SEC288" HREF="FAQ.html#TOC288">Q9704</A>: The menu in Eximon isn't working on my Sun system.
6676 A9704: With OpenWindows, if the numlock key is pressed (so that the numeric
6677 pad is working) then some menus don't work. This appears to be true for
6678 the console and (some) remote X-window servers. A workaround for this
6679 problem was introduced in the 3.10 Exim release, so it should no longer
6683 <A NAME="SEC289" HREF="FAQ.html#TOC289">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
6688 A9705: Under the "Expert" settings of mailtool is a option to turn on "Use
6689 network aware mail file locking". By default <B>dtmail</B> has this set, but
6690 mailtool doesn't. You should set it. The help info on <B>dtmail</B> has this
6695 "Mailer tries to prevent two different instances of itself from opening
6696 the same mail file at the same time through a technique that detects
6697 this access when both instances of Mailer and the file are all on the
6698 same machine. A network-aware mail file locking protocol is available
6699 that uses ToolTalk to coordinate instances of Mailer running from more
6700 than one machine, or mail files accessed over the network. Mailer can
6701 only change this option when first opening a mail file."
6705 If you are using the SunOS4 version of <B>mailtool</B>, this apparently
6706 doesn't work. The only thing which does seem to work it getting the user
6707 to hit the "done" button to make it release the lock.
6710 <A NAME="SEC290" HREF="FAQ.html#TOC290">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
6711 running DBM functions.
6715 A9706: The use of ndbm with gcc has caused problems on x86 Solaris systems.
6716 Try changing one or the other; using either db 1.85 with gcc, or Sun's
6717 WS compiler with ndbm, has fixed this in the past.
6720 <A NAME="SEC291" HREF="FAQ.html#TOC291">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
6724 A9707: Have you got <B>/usr/ucb</B> on your path? If so, it is probably picking up the
6725 wrong version of the <B>ps</B> command. The exiwhat script is built on
6726 Solaris to expect the normal Solaris version of <B>ps</B>.
6729 <A NAME="SEC292" HREF="FAQ.html#TOC292">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
6733 A9708: From qmail's FAQ: "There is a novice programming error in <B>dtcm</B>, known as
6734 ``failure to close the output side of the pipe in the <B>child.''</B> Sun has,
6735 at the time of this writing, not yet provided a patch."
6738 <A NAME="SEC293" HREF="FAQ.html#TOC293">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
6739 want to alter the <B>nsswitch.conf</B> file in Solaris 2.
6743 A9709: You need to rebuild Exim after fiddling with <B>OS/os.h-SunOS5:</B>
6747 #define gethostbyaddr res_gethostbyaddr
6748 #define gethostbyname res_gethostbyname
6749 #define endhostent res_endhostent
6750 #define endnetent res_endnetent
6751 #define gethostent res_gethostent
6752 #define getnetbyaddr res_getnetbyaddr
6753 #define getnetbyname res_getnetbyname
6754 #define getnetent res_getnetent
6755 #define sethostent res_sethostent
6756 #define setnetent res_setnetent</PRE>
6758 Exim uses gethostbyname and gethostbyaddr only, but may use others in
6759 the future. Note that <B>-lnsl</B> is still needed in the Makefile as it
6760 contains code used by the NIS lookup and also the <TT>inet_addr</TT> function
6764 <BR><H2><A NAME="SEC294" HREF="FAQ.html#TOC294">98. COOKBOOK
6767 <A NAME="SEC295" HREF="FAQ.html#TOC295">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
6771 A9801: (1) add <B>partial-lsearch;/etc/mail/tpc.domains</B> to <TT>local_domains</TT>;
6772 <B><B>/etc/mail/tpc.domains</B></B> is a text file with lines in this format:
6776 9.3.5.1.0.8.1.tpc.int.</PRE>
6778 This sample line indicates that we accept faxes destined for
6783 (2) Set up the following transport:
6789 command = "/usr/local/tpc/tpcmailer.pl ${local_part}@${domain} \
6791 pipe_as_creator</PRE>
6793 <B><B>/usr/local/tpc/tpcmailer.pl</B></B> is the mail processing script that can
6794 be obtained from the TPC distribution.
6798 (3) Set up the following director:
6805 domains = "partial-lsearch;/etc/mail/tpc.domains"</PRE>
6807 Of course, there are other things to do as well before your system is
6808 a functioning TPC server.
6811 <A NAME="SEC296" HREF="FAQ.html#TOC296">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
6812 from a restricted list of our local users?
6816 A9802: There are several possible ways that this can be done.
6820 (A) You can restrict the senders directly by putting a setting such as
6821 this one on all the drivers that route to the outside (usually this
6822 is just the final <B>lookuphost</B> router):
6826 senders = ":^[^@]+@(?!${rxquote:your.domain}\\$):\
6827 lsearch;/permitted/senders"</PRE>
6829 The first item in this list is empty, to match the empty sender.
6830 This is necessary because bounce messages have null senders. The
6831 second item is a regular expression that matches any address whose
6832 domain is <EM>not</EM> your domain. This caters for cases when mail from
6833 an external user has arrived for a local user who has forwarding
6834 set up to some outside address.
6838 If the first two items do not match (that is, the address is in your
6839 domain) the sender is looked up in a file of permitted senders; each
6840 item in the file must be a complete address, including the domain.
6841 If the sender is unacceptable, an "unrouteable mail domain" error
6842 will occur because the router won't run, and there are no more to
6847 (B) If your local users are in many domains, it may be easier to use a
6848 <TT>condition</TT> option to test the domain and local part independently,
6854 ${lookup{${domain:$sender_address}}lsearch{/domain/list}\
6856 ${lookup{${local_part:$sender_address}}lsearch\
6857 {/permitted/senders}{yes}{no}}\
6861 Obviously other means of testing the domain and local part could be
6862 substituted, for example, by having separate files of valid local
6863 parts for each local domain.
6867 (C) If your local users are logged in to your host, you could use a
6868 special group for those that are permitted to mail to the world.
6869 Assuming your groups are defined in <B>/etc/group</B> you could arrange to
6870 look up the group in that file and then check that the sender was in
6871 the group,using something along these lines:
6876 ${lookup{groupname}lsearch{/etc/group}\
6877 {${if match {$value}\
6878 {[:,]${rxquote:${local_part:$sender_address}}(,|\\\$)}\
6879 {yes}{no}}}{no}}"</PRE>
6881 This is checking the local part of the sender; a alternative might
6882 be to check <B><B>$sender_ident.</B></B> However, you should really also check
6883 that <B>$sender_host_address</B> is either unset or set to 127.0.0.1 or
6884 your IP address, so you check only locally-originated mail.
6888 A block like this does not prevent a logged in user from sending
6889 mail by telnetting to another host's SMTP port, or indeed from
6890 installing a private version of Exim to do the job for her.
6894 (D) On a gateway server that has no local users and so receives all the
6895 mail via SMTP from client hosts, you could use a rewriting rule to
6896 rewrite sender addresses in your local domain from a table of legal
6897 local parts, replacing any illegal addresses with an address such as
6898 <B><B>unknown@your.domain</B>.</B> If this is combined with <TT>sender_verify=true</TT>
6899 it causes messages from users that are not in the table to be
6900 refused, assuming that the gateway is capable of verifying the local
6901 part of <B><B>user@your.domain</B>.</B>
6904 <A NAME="SEC297" HREF="FAQ.html#TOC297">Q9803</A>: How do I configure Exim to run with SmartList?
6908 A9803: This is what was done for Exim's own mailing list, using SmartList/
6909 procmail 3.11pre7. It runs as its own user - trying to manage mailing
6910 lists under your own ID can be hard work. Smartlist is installed into
6911 <B>/var/spool/slist</B>, and there is an slist user defined. Each list appears
6912 as a directory under <B>/var/spool/slist</B> (as per usual for Smarlist).
6913 Exim is configured like this:
6917 # slist added to list of trusted users so it can
6918 # manipulate sender addresses</PRE>
6920 trusted_users = exim:slist</PRE>
6922 # in transports, a list transport is defined:</PRE>
6926 command = "/var/spool/slist/.bin/flist \
6927 ${local_part}${local_part_suffix}"
6928 current_directory = /var/spool/slist
6929 home_directory = /var/spool/slist
6933 # in directors a list director is defined:</PRE>
6939 local_parts = !.bin:!.etc
6940 require_files = /var/spool/slist/${local_part}/rc.init
6941 transport = list_transport</PRE>
6943 and thats it - no aliases, no special handling of out lists etc.
6944 What you do need is to ensure that choplist is used for distribution
6945 (that is, do not uncomment the <TT>alt_sendmail</TT> entry which is blank).
6949 A couple of other things are forced - for example since the list runs in
6950 its own domain the domain value is forced to <B>exim.org.</B>
6954 Then everything else is basic SmartList configuration - and that's
6955 moderately well documented. A confirmation stage on signup was added -
6956 now when you subscribe you are sent a confirmation which you must
6957 return before the system subscribes you (this prevents people
6958 subscribing their "friends" and makes sure that the addresses really do
6959 work). The confirm package is available at:
6963 <A HREF="ftp://ftp.fatfree.com/confirm-1.1.tar.gz">ftp://ftp.fatfree.com/confirm-1.1.tar.gz</A></PRE>
6965 and was written by Michelle Dick.
6968 <A NAME="SEC298" HREF="FAQ.html#TOC298">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
6975 <A NAME="SEC299" HREF="FAQ.html#TOC299">Q9805</A>: How do I configure Exim to handle local parts with extensions?
6982 <A NAME="SEC300" HREF="FAQ.html#TOC300">Q9806</A>: How do I configure Exim so that only a restricted list of users can
6983 receive mail from external domains?
6990 <A NAME="SEC301" HREF="FAQ.html#TOC301">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
6991 to mail to. How do I accomplish this?
6995 A9807: This is a transport:
7001 from = postmaster@mydomain.com
7002 to = $sender_address
7004 subject = "Re: Your mail to ${local_part}"
7005 text = "You are not allowed to mail to ${local_part}."</PRE>
7007 This is a director that should come before all the others:
7013 local_parts = someuser
7015 senders = !: !lsearch;/list/of/permitted/senders</PRE>
7017 Note that leading "!:" in senders. It allows the null sender <> to be
7018 valid (i.e. not to match this director). This is necessary, since bounce
7019 messages have null senders. All other permitted senders must be in the
7020 file as complete addresses, including a domain.
7023 <A NAME="SEC302" HREF="FAQ.html#TOC302">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
7024 a way to run the queue for that destination separately from the main
7029 A9808: No, because Exim does not have the concept of "the queue for that
7030 destination". It simply has a single pool of messages awaiting delivery
7031 (and some of them may have several destinations). The best approach to
7032 this is to arrange for all messages for the site to be saved somewhere
7033 other than the main spool, either on a separate dedicated MTA, or in
7034 BSMTP files. There is an example of the latter approach in C014.
7037 <A NAME="SEC303" HREF="FAQ.html#TOC303">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
7044 <A NAME="SEC304" HREF="FAQ.html#TOC304">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
7045 there a solution for this using an Exim filter?
7049 A9810: The following filter makes a copy of every message, except for delivery
7056 # Ignore error messages
7057 if error_message then finish endif</PRE>
7059 # Copy if this is the first delivery attempt
7060 if first_delivery then
7061 unseen deliver copy@your.domain errors_to postmaster@your.domain
7064 The keyword "unseen" stops this being a "significant delivery", so that
7065 the message goes on to be delivered as normal. The <TT>errors_to</TT> setting
7066 changes the envelope sender on the copy so that if there is a problem
7067 delivering it, the bounce message is sent to postmaster.
7071 You can add to the condition setting to select specific messages.
7072 To make a copy of outgoing messages only requires a definition
7073 of "outgoing". Because a message may have many recipients, simply
7074 testing for your own domain in both the From: and the To: headers is not
7075 enough. You can craft your own conditions, but here is one suggestion:
7079 if $h_from: contains your.domain and
7080 foranyaddress $h_to:,$h_cc:
7081 ($thisaddress does not contain your.domain)
7083 unseen deliver copy@your.domain errors_to postmaster@your.domain
7086 This takes copies of messages whose From: header contains <B>your.domain</B>
7087 and whose To: and Cc: headers contain at least one address that does not
7088 contain <B>your.domain.</B> See also
7089 <A HREF="FAQ.html#SEC311">Q9817</A>.
7092 <A NAME="SEC305" HREF="FAQ.html#TOC305">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
7093 user in a specific directory, using a "save" command in a system filter.
7094 How can I arrange for Exim to write to these files under the correct
7099 A9811: You need to set up a special transport and tell Exim to use it for
7100 file deliveries from the system filter. Add the following setting to
7105 message_filter_file_transport = copy_transport</PRE>
7107 Then define <TT>copy_transport</TT> like this
7115 user = ${local_part:$sender_address}</PRE>
7117 This assumes that you want to run the delivery under the uid associated
7118 with the local part of the sender address. Alternatively, you could just
7119 use <TT>user=exim</TT> and do all the writing under the same UID/GID.
7122 <A NAME="SEC306" HREF="FAQ.html#TOC306">Q9812</A>: How can I keep an archive of all mail for some specific local email
7127 A9812: You could use a system filter, along the lines of
7132 first_delivery and <tests for appropriate addresses>
7135 /mail/archive/${substr_0_10:$tod_log}
7138 That would create a new file for each day. However, in order to use
7139 this, you will need to set <TT>message_filter_file_transport</TT> to point to an
7140 appropriate transport which includes a setting of "user" to specify
7141 which uid to run the saving under, as is described in
7142 <A HREF="FAQ.html#SEC305">Q9811</A>.
7145 <A NAME="SEC307" HREF="FAQ.html#TOC307">Q9813</A>: How can I configure Exim to provide a vacation message when there are
7146 no local users on my mail hub?
7153 <A NAME="SEC308" HREF="FAQ.html#TOC308">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
7154 password and moving the home directory to another place. How can we
7155 arrange to reject mail for users in this state?
7159 A9814: Change the home directory pointer in the passwd file to something
7160 distinctive. For example, we use <B>/home/CANCELLED</B> for cancelled users.
7161 Then you can pick up such users with this director, which is placed
7162 immediately after <TT>system_aliases</TT>:
7168 transport = cancelleduser_pipe
7170 match_directory = /home/CANCELLED</PRE>
7172 This sends messages for cancelled users to the following special
7179 command = "/opt/exim/util/cancelleduser.sh"
7184 The script simply generates a message saying that the user is cancelled
7185 on its standard output. This gets returned to the original message
7186 sender in an error report.
7190 If you don't want to change the home directory in the passwd file,
7191 an alternative is to check for the non-existence of the home directory
7196 require_files = +!$home</PRE>
7198 instead of setting <TT>match_directory</TT>.
7201 <A NAME="SEC309" HREF="FAQ.html#TOC309">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
7202 strip all reply-to: headers present, substitute another one pointing to
7203 "otheraddress" and forward a message to "realaddress".
7207 A9815: Add this director:
7211 fakeaddress_director:
7213 domain = (if necessary to restrict the domain)
7214 local_parts = fakeaddress
7215 headers_remove = reply-to
7216 headers_add = reply-to: otheraddress
7217 new_address = realaddress</PRE>
7219 If there are several of these aliases then you could list them in a file
7220 along with the corresponding other addresses, and use lookups instead of
7221 the fixed values shown above.
7224 <A NAME="SEC310" HREF="FAQ.html#TOC310">Q9816</A>: How can I set up Exim to work with Listar?
7228 A9816: See <B><A HREF="http://www.cs.huji.ac.il/~vadik/listar-exim/.">http://www.cs.huji.ac.il/~vadik/listar-exim/.</A></B>
7231 <A NAME="SEC311" HREF="FAQ.html#TOC311">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
7232 users. For each user there may be a different monitoring address.
7236 A9817: You can adapt the filter solution given in
7237 <A HREF="FAQ.html#SEC304">Q9810</A> by adding a test for
7238 the relevant local parts. Create a file containing lines like this:
7242 user1@domain1: monitor1@monitor.domain1
7243 user2@domain2: monitor2@monitor.domain2</PRE>
7245 and then use the following command in a system filter:
7249 if ${lookup{$sender_address}lsearch{/some/file}{$value}{}} is not ""
7251 unseen deliver ${lookup{$sender_address}lsearch{/some/file}{$value}}
7252 errors_address = postmaster@your.domain
7254 if foranyaddress $recipients
7255 (${lookup{$thisaddress}lsearch{/some/file}{$value}{}} is not "")
7257 unseen deliver ${lookup{$thisaddress}lsearch{/some/file}{$value}}
7258 errors_address = postmaster@your.domain
7262 It is messy to have to repeat the lookups, but it won't be inefficient,
7263 because Exim caches the results of successful lookups.
7266 <A NAME="SEC312" HREF="FAQ.html#TOC312">Q9818</A>: How can I add a disclaimer to the end of every message?
7270 A9818: This isn't as easy as it appears. You cannot just add text to the bottom
7271 of messages because of the possibility of MIME attachments. In any case,
7272 it is not the job of an MTA to mess with the contents of messages. You
7273 can perhaps do things with Exim's transport filters if you really have
7274 to, but if the messages originate locally, it would be better to do
7275 what you want in the MUA (e.g. force all your local users to have it in
7279 <A NAME="SEC313" HREF="FAQ.html#TOC313">Q9819</A>: I would like to append a simple advertisement text to all outgoing
7285 <A HREF="FAQ.html#SEC312">Q9818</A>.
7288 <A NAME="SEC314" HREF="FAQ.html#TOC314">Q9820</A>: How can I configure Exim so that all mails adressed to
7289 <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
7293 A9820: There are several possibilities, depending on exactly how you are set
7294 up. Here is one approach: First, arrange that all the domains you are
7295 interested in are local domains, for example, by listing them in a file:
7299 local_domains = /list/of/domains</PRE>
7301 If there are lots of them, a DBM or cdb file should be used for a faster
7302 lookup. Assuming that "username" is set up as a user on your system, and
7303 you have a configuration that can handle <B><B>username@domain.net</B></B> in the
7304 normal way, all you have to do is to arrange to convert the recipient
7305 address by means of a <B>smartuser</B> director like this:
7311 domains = /list/of/domains
7312 new_address = ${if match{$domain}{^([^.]+)\\.domain\\.net\$}{$1}fail}@domain.net</PRE>
7314 This should be the first director.
7317 <A NAME="SEC315" HREF="FAQ.html#TOC315">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
7322 A9821: It only adds it if the From: header doesn't correspond to the user
7323 sending the message. You can't remove it in general (but this may be
7324 possible in a future release). However:
7328 (1) You can get it removed later, by putting
7332 headers_remove = Sender</PRE>
7334 on all your transports. This doesn't test for locally originated mail,
7335 but you could use a more complicated expansion string to make that test.
7340 headers_remove = ${if eq{$sender_host_address}{}{Sender}}</PRE>
7342 which removes it only if there is no sending host address.
7346 (2) If your <EM>real</EM> question "how do I submit mail from UUCP
7347 without it adding Sender:?" Then see
7348 <A HREF="FAQ.html#SEC154">Q0603</A>.
7351 <A NAME="SEC316" HREF="FAQ.html#TOC316">Q9822</A>: How can I get Exim to work with mailman?
7355 A9822: The Exim mailing list uses the configuration that is given in the "how
7356 to" information at <B><A HREF="http://www.exim.org/howto/mailman.html">http://www.exim.org/howto/mailman.html.</A></B>
7359 <A NAME="SEC317" HREF="FAQ.html#TOC317">Q9823</A>: Is there any way to have messages sent to a specific local address
7360 delayed by - say - 24 hours?
7364 A9823: Using Exim 3.10 or later, the answer is "yes". Set up a <B>smartuser</B>
7371 domains = the.domain
7372 local_parts = thelocalpart
7373 condition = ${if < ${$message_age}{86400}{yes}{no}}
7374 new_address = :defer: message not old enough</PRE>
7376 Of course, this will also have the effect of setting a retry time for
7377 the address. You may want to set a special retry rule for it.
7380 <BR><H2><A NAME="SEC318" HREF="FAQ.html#TOC318">99. LIST OF SAMPLE CONFIGURATIONS
7384 Each sample configuration is held in a separate file in the <B>config.samples</B>
7385 directory. Those with names of the form Cnnn are Exim configurations; those
7386 with names of the form Fnnn are filter file fragments.
7390 C001: "This config will support delivery across multiple systems using NIS to
7391 look up delivery addresses from the <B>mail.aliases</B> database."
7395 C002: "Although exim not intended for use in UUCP environment (it doesn't
7396 know anything about bang!path addresses), I'm successfully using it for
7397 delivering mail to UUCP clients."
7401 C003: "I've read down through
7402 <A HREF="FAQ.html#SEC152">Q0601</A> and your request for UUCP examples. Here's
7403 how I'm doing it." (This example uses routers.)
7407 C004: "Here's a BSMTP over UUCP [configuration] - the transport is Taylor/GNU
7408 UUCP - which takes the long option types." (This example uses
7413 C005: "I am using a virus scanner program that is invoked by a pipe, scans the
7414 mail and re-invokes Exim to do the delivery. The pipe is invoking a perl
7415 script that tries to unpack and MIME, zip and other archives and then
7416 applies the McAfee scanner on the results."
7420 C006: "This is how I have configured a PP-inspired vacationnote, there is
7421 (was?) such a feature in PP. The user makes a file "tripnote" in his/her
7422 home directory, the message is passed to the sender once with a short
7427 C007: "If I host a domain <B>foo.dom</B> on my machine as a virtual domain I expect
7428 it to be completely virtual and separate from other mail domains that
7429 end up on my machine."
7433 C008: "And of course it is possible to do a very interesting solution to
7434 this [virtual domains] using LDAP."
7438 C009: "These are suggested parts of a configuration for looking up users in
7439 <B><B>/etc/passwd.domain</B></B> rather than in <B>/etc/passwd</B> ..."
7443 C010: "One of our customers is looking for us to support addresses of the form
7444 <B><B>username+extension@domain.com</B>,</B> primarily for use with procmail."
7448 C011: "Thanks to Philip and others I now have my ISP style config built and
7449 therefore am posting the final configuration fragments to the list in
7450 case anyone else wants to do a similar thing."
7454 C012: "I've written a small chapter how-to configure Exim for use with UUCP
7455 (mostly condensed from the exim-user mailing list plus some
7456 experimenting) and would be glad if it could be included in the Exim
7461 C013: "I've take some tips from the FAQ about permitting only certain users
7462 to send to external mail and came up with my own for the receiving
7467 C014: "If I have a situation where a site I MX for has a known outage I stash
7468 all their mail into a directory in BSMTP format."
7472 C015: "This approach to virtual domains has helped me a great deal, and is so
7473 easy to maintain (add and modify as appropriate)."
7477 C016: "Herewith my configuration." (A complete configuration, including simple
7478 virtual domains, along the lines of C015).
7482 C017: "I have gotten the new VERP feature of Exim 2.054 working in test, along
7483 with some supporting programs to handle bounces that do come back."
7487 C018: "This Majordomo configuration removes a lot of the aliases, and
7488 automates a lot of the other functions based on whether the files or
7493 C019: "The following configuration file entries can be used to provide a
7494 'vacation'-style function for a mailhub which has no local users."
7498 C020: "I was asked for a copy of the programs we were using to mail
7503 C021: "Here is some sample code that might be useful for handling
7504 X-Failed-Recipients headers generated by Exim, with mailing lists."
7508 C022: "This is the Exim configuration file of a machine which delivers mail to
7509 several local domains where the mail is delivered locally, several hairy
7510 domains, handled as described below, and a half-virtual domain, which is
7511 first processed by its special alias file, then processed as other local
7512 domains (including the processing by the global alias file)."
7516 C023: A Perl script and instructions for hooking it into Exim in order to
7517 handle disposition-notification-to and return-receipt-to by using a
7518 shadow transport to send copies of delivered messages to the script.
7522 C024: "In case anybody wants to use a MySql database to store aliases this is
7523 how I managed to get my site working."
7527 C025: "As promised here is the way I got Exim to delver to Cyrus mailboxes if
7528 the user exists in the MySql database."
7532 C026: "The following configuration and program will allow messages going to
7533 AOL only, to be filtered thru a Perl script. This Perl script will
7534 convert any URL's to the HTML syntax. In addition, the transport will
7535 use VERP to send a unique envelope sender with each message."
7539 C027: "This is an FYI to demonstrate how to have exim work with SSL using the
7540 stunnel wrapper and its underlying OpenSSL libraries and toolkit."
7544 C028: "This Python script reads from stdin and writes to stdout. It strips all
7545 the MIME attachments from a mail message that are one of the mime types
7546 listed on the command line. Exim can use it in its configuration file,
7547 for example, as follows:"
7551 C029: "The standard way to connect one's MTA to a list manager seems to be to
7552 add a set of aliases for <EM>every</EM> list one creates. Once upon a time, I
7553 crufted a set of configs from Smail to work with majordomo, to
7554 automaticaly recognize the standard patterns, for all lists in
7555 existence...I have setup a set of transports and directors for Exim,
7556 which will do the same thing for mailman."
7560 C030: "I am currently configuring an exim for a site that will to mail
7561 hosting for several domains. I want the domain holders to have control
7562 over 'their' alias files, being able to create their own aliases.
7563 However, I don't want them to have postmaster, abuse and other role
7564 accounts under their control."
7568 C031: "These are config file snippets for handling certain remote addresses as
7569 local, and making only real external addresses visible to users."
7573 C032: "This is the Exim Nervous Mailbox Quota Suite. It does not impose
7574 hard quotas on users' mailboxes, but it makes a user nervous by
7575 putting all his mail in a secondary mailbox, inaccessible to the
7576 user, when he is over his quota. When the user clears his
7577 mailbox (i.<B>e.,</B> deletes mail to make his mailbox below the quota
7578 again), mail from his secondary mailbox is transferred back to
7579 his primary mailbox, in FIFO order."
7583 C033: "Here's our current automatic vacation recipe".
7587 C034: "This is a HOW-TO for setting up Exim to support SMTP authentication
7588 under different environments, including regular password files, PAM
7593 C035: "These configurations enable exim and hylafax <B>(www.hylafax.org)</B> work
7594 together, I mean sending fax by email <B><B>(user@123456.fax</B>)."</B>
7598 F001: "I thought that the rest of the list may be interested in reviewing our
7599 filter as a starting point for their own system message filter."
7603 F002: "... program which refused mail from unknown addresses until they mailed
7604 me promising not to spam me ... since I'd already thought through how
7605 to do it in Exim, and knew it'd be slightly easier than falling out of
7606 bed, I went ahead and did it."
7610 F003: "Here's four checks installed in our system wide filter that knock out
7611 a lot of otherwise hard to detect rubbish."
7615 F004: "This is an Exim filter snippet to change locally-generated Message-Id:
7616 and Resent-Message-Id: headers to world-unique values."
git://git.exim.org / exim-website.git / blob