+++ /dev/null
-<HTML>
-<HEAD>
-<TITLE>Exim FAQ</TITLE>
-</HEAD>
-<body bgcolor="#FFFFFF" text="#00005A">
-<H1>Exim FAQ</H1>
-<P>
-This is the FAQ for the Exim Mail Transfer Agent. Thanks to the many
-people who provided the original information. This file would be amazingly
-cluttered if I tried to list them all. Suggestions for corrections,
-improvements, and additions are welcome.
-
-</P>
-<P>
-This version of the FAQ applies to Exim 3.20 and later releases. The syntax of
-some of the options was altered and tidied up at release 3.00. Some of the
-examples quoted here will not work with earlier releases.
-
-</P>
-<P>
-References of the form Cnnn and Fnnn are to the sample configuration and filter
-files that can be found in the separately distributed directory called
-<B>config.samples.</B> The primary location is
-
-</P>
-<PRE>
- <A HREF="ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/config.samples.tar.gz">ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/config.samples.tar.gz</A>
- <A HREF="ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/config.samples.tar.bz2">ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/config.samples.tar.bz2</A></PRE>
-<P>
-There are brief descriptions of these files at the end of this document.
-
-</P>
-The FAQ is divided into the following sections:
-<A HREF="FAQ.html#TOC1">Debugging</A>,
-<A HREF="FAQ.html#TOC49">Building exim</A>,
-<A HREF="FAQ.html#TOC64">Mailbox locking</A>,
-<A HREF="FAQ.html#TOC67">Routing</A>,
-<A HREF="FAQ.html#TOC94">Directing</A>,
-<A HREF="FAQ.html#TOC141">Delivery</A>,
-<A HREF="FAQ.html#TOC182">UUCP</A>,
-<A HREF="FAQ.html#TOC186">Performance</A>,
-<A HREF="FAQ.html#TOC191">Policy controls</A>,
-<A HREF="FAQ.html#TOC232">Majordomo</A>,
-<A HREF="FAQ.html#TOC238">Rewriting addresses</A>,
-<A HREF="FAQ.html#TOC246">Headers</A>,
-<A HREF="FAQ.html#TOC252">Fetchmail</A>,
-<A HREF="FAQ.html#TOC256">Perl</A>,
-<A HREF="FAQ.html#TOC259">Dial-up</A>,
-<A HREF="FAQ.html#TOC264">Modifying message bodies</A>,
-<A HREF="FAQ.html#TOC267">Millennium</A>,
-<A HREF="FAQ.html#TOC269">Miscellaneous</A>,
-<A HREF="FAQ.html#TOC321">HP-UX</A>,
-<A HREF="FAQ.html#TOC323">BSDI</A>,
-<A HREF="FAQ.html#TOC325">IRIX</A>,
-<A HREF="FAQ.html#TOC328">Linux</A>,
-<A HREF="FAQ.html#TOC337">Sun systems</A>,
-<A HREF="FAQ.html#TOC347">Cookbook</A>, and
-<A HREF="FAQ.html#TOC372">List of sample configurations</A>.
-<P>
-Philip Hazel <B><B><ph10@cus.cam.ac.uk</B>></B><BR>
-Last update: 23-April-2001<BR>
-<BR>
-</P>
-<HR><BR>
-<A NAME="TOC1" HREF="FAQ.html#SEC1">0. DEBUGGING</A>
-<UL>
-<LI><A NAME="TOC2" HREF="FAQ.html#SEC2">Q0001</A>: Exim is crashing. What is wrong?
-<LI><A NAME="TOC3" HREF="FAQ.html#SEC3">Q0002</A>: Exim is not working. What is wrong? How can I check what it is doing?
-<LI><A NAME="TOC4" HREF="FAQ.html#SEC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
- 69 from command <I>xxx</I>" mean?
-<LI><A NAME="TOC5" HREF="FAQ.html#SEC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
-<LI><A NAME="TOC6" HREF="FAQ.html#SEC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
- receiving an SMTP message with a large number of recipients?
-<LI><A NAME="TOC7" HREF="FAQ.html#SEC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
- users at SMTP time?
-<LI><A NAME="TOC8" HREF="FAQ.html#SEC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
- getting recognized.
-<LI><A NAME="TOC9" HREF="FAQ.html#SEC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
- working. The expansion I'm using is:
-<LI><A NAME="TOC10" HREF="FAQ.html#SEC10">Q0009</A>: Is there a way to print recognized local domains?
-<LI><A NAME="TOC11" HREF="FAQ.html#SEC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
- message from my User Agent, it does not arrive at its destination.
-<LI><A NAME="TOC12" HREF="FAQ.html#SEC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
- delivery: too many connections (19, max 0)". What am I missing?
-<LI><A NAME="TOC13" HREF="FAQ.html#SEC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
- connection" mean?
-<LI><A NAME="TOC14" HREF="FAQ.html#SEC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
- messages. Is this a bug?
-<LI><A NAME="TOC15" HREF="FAQ.html#SEC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
- (or cdb) files, but Exim doesn't seem to be able to use them.
-<LI><A NAME="TOC16" HREF="FAQ.html#SEC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
- able to access the DNS.
-<LI><A NAME="TOC17" HREF="FAQ.html#SEC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
- end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
- attempts fail with "458 Already processing".
-<LI><A NAME="TOC18" HREF="FAQ.html#SEC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
- transport driver "<B>aliasfile</B>" in line 92" mean?
-<LI><A NAME="TOC19" HREF="FAQ.html#SEC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
- from one particular host, and yet the client host also claims to be
- timing out. This seems to affect only certain messages.
-<LI><A NAME="TOC20" HREF="FAQ.html#SEC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
- failed: address already in use" mean?
-<LI><A NAME="TOC21" HREF="FAQ.html#SEC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
- headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
- look all right to me. Is this a bug?
-<LI><A NAME="TOC22" HREF="FAQ.html#SEC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
- server, it fails, giving the error "Remote end closed connection after
- data" or "Broken pipe" or a timeout. What's going on?
-<LI><A NAME="TOC23" HREF="FAQ.html#SEC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
- something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
- I see the appropriate "waiting for passed connections to get used"
- messages.
-<LI><A NAME="TOC24" HREF="FAQ.html#SEC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
- assumed not to exist" mean?
-<LI><A NAME="TOC25" HREF="FAQ.html#SEC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
- recognize references to headers such as <B><B>${h_to}.</B></B>
-<LI><A NAME="TOC26" HREF="FAQ.html#SEC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
- host, and yet the remote host also claims to be timing out. This seems
- to affect only certain messages.
-<LI><A NAME="TOC27" HREF="FAQ.html#SEC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
- request, the forked copy seems to go around in circles for a
- significant (up to 5 minutes, so far) amount of time before deciding to
- accept the message.
-<LI><A NAME="TOC28" HREF="FAQ.html#SEC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
- This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
- problem started to occur at about 300 incoming connections.
-<LI><A NAME="TOC29" HREF="FAQ.html#SEC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
- by director" in a log line mean?
-<LI><A NAME="TOC30" HREF="FAQ.html#SEC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
- address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
- configuration contains this:
-<LI><A NAME="TOC31" HREF="FAQ.html#SEC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
-<LI><A NAME="TOC32" HREF="FAQ.html#SEC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
- with the banner, when connections to other ports respond instantly?
-<LI><A NAME="TOC33" HREF="FAQ.html#SEC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
- expansion in it. This fails:
-<LI><A NAME="TOC34" HREF="FAQ.html#SEC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
- gives error code 69, with the comment "(could mean service or program
- unavailable)".
-<LI><A NAME="TOC35" HREF="FAQ.html#SEC35">Q0034</A>: I'm having a problem with an Exim RPM.
-<LI><A NAME="TOC36" HREF="FAQ.html#SEC36">Q0035</A>: What does the error "Spool file is locked" mean?
-<LI><A NAME="TOC37" HREF="FAQ.html#SEC37">Q0036</A>: Exim is reporting IP addresses as 0.0.0.0 or 255.255.255.255 instead of
- their correct values. What's going on?
-<LI><A NAME="TOC38" HREF="FAQ.html#SEC38">Q0037</A>: I can't seem to figure out why PAM support doesn't work correctly.
-<LI><A NAME="TOC39" HREF="FAQ.html#SEC39">Q0038</A>: I'm trying to use a query-style lookup for hosts that are allowed to
- relay, but it is giving really weird errors.
-<LI><A NAME="TOC40" HREF="FAQ.html#SEC40">Q0039</A>: Exim is rejecting calls from hosts that have more than one IP address,
- for no apparent reason.
-<LI><A NAME="TOC41" HREF="FAQ.html#SEC41">Q0040</A>: Exim is failing to find the MySQL library, even though is it present
- within <B><B>$LD_LIBRARY_PATH.</B></B> I'm getting this error:
-<LI><A NAME="TOC42" HREF="FAQ.html#SEC42">Q0041</A>: I have a collection of Exim processes that have been around for days,
- and are apparently stuck while trying to deliver to remote hosts. This
- is causing the messages they are handling to get stuck.
-<LI><A NAME="TOC43" HREF="FAQ.html#SEC43">Q0042</A>: I have a message in the spool which couldn't be delivered because of a
- timeout from the remote smtp server. When I try to deliver this message
- in eximon, I get "Spool file is locked". How can I deliver the message?
-<LI><A NAME="TOC44" HREF="FAQ.html#SEC44">Q0043</A>: What does the error "lookup of host <B>"xx<EM>.xx</EM><EM>.xx</EM>"</B> failed in <I>yyy</I>y router"
- mean? Any suggestions to stop this these sort of errors from being
- frozen would be muchly appreciated.
-<LI><A NAME="TOC45" HREF="FAQ.html#SEC45">Q0044</A>: My filter isn't working. How can I test it?
-<LI><A NAME="TOC46" HREF="FAQ.html#SEC46">Q0045</A>: Exim works fine on one host, but when I copied the binary to another
- identical host, it stopped working (it could not resolve DNS names).
-<LI><A NAME="TOC47" HREF="FAQ.html#SEC47">Q0046</A>: Once in a while, a user will send a message and immediatly get a
- response back "No Transport Provider" If they choose "Send Again",
- sometimes it works, sometimes it doesn't.
-<LI><A NAME="TOC48" HREF="FAQ.html#SEC48">Q0047</A>: I set <TT>host_accept_relay</TT> to do a lookup in a file of IP addresses, but it
- doesn't work.
-</UL>
-
-<A NAME="TOC49" HREF="FAQ.html#SEC49">1. BUILDING EXIM</A>
-<UL>
-<LI><A NAME="TOC50" HREF="FAQ.html#SEC50">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
- library.
-<LI><A NAME="TOC51" HREF="FAQ.html#SEC51">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
-<LI><A NAME="TOC52" HREF="FAQ.html#SEC52">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
-<LI><A NAME="TOC53" HREF="FAQ.html#SEC53">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
- build Exim. (On some systems this error is "undefined reference to
- 'hosts_ctl'".)
-<LI><A NAME="TOC54" HREF="FAQ.html#SEC54">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
- spool is empty, or take any other special action?
-<LI><A NAME="TOC55" HREF="FAQ.html#SEC55">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
-<LI><A NAME="TOC56" HREF="FAQ.html#SEC56">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
- and so is failing to build.
-<LI><A NAME="TOC57" HREF="FAQ.html#SEC57">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
- <B>globals.c</B> module.
-<LI><A NAME="TOC58" HREF="FAQ.html#SEC58">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
- function.
-<LI><A NAME="TOC59" HREF="FAQ.html#SEC59">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
- Exim.
-<LI><A NAME="TOC60" HREF="FAQ.html#SEC60">Q0111</A>: I'm getting an unresolved symbol <TT>mysql_close</TT> when trying to build Exim.
-<LI><A NAME="TOC61" HREF="FAQ.html#SEC61">Q0112</A>: I'm trying to build Exim with PAM support. I have included <B>-lpam</B> in
- <TT>EXTRALIBS</TT>, but I'm still getting a linking error:
-<LI><A NAME="TOC62" HREF="FAQ.html#SEC62">Q0113</A>: I'm getting the error <B>"db.h:</B> No such file or directory" when I try to
- build Exim.
-<LI><A NAME="TOC63" HREF="FAQ.html#SEC63">Q0114</A>: I'm getting the error "/usr/bin/ld: cannot find <B>-ldb1"</B> when I try to
- build Exim.
-</UL>
-
-<A NAME="TOC64" HREF="FAQ.html#SEC64">2. MAILBOX LOCKING</A>
-<UL>
-<LI><A NAME="TOC65" HREF="FAQ.html#SEC65">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
- post" when Exim tries to do a local delivery?
-<LI><A NAME="TOC66" HREF="FAQ.html#SEC66">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
- over a network.
-</UL>
-
-<A NAME="TOC67" HREF="FAQ.html#SEC67">3. ROUTING</A>
-<UL>
-<LI><A NAME="TOC68" HREF="FAQ.html#SEC68">Q0301</A>: What do "lowest numbered MX record points to local host" and "remote
- host address is the local host" mean?
-<LI><A NAME="TOC69" HREF="FAQ.html#SEC69">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
-<LI><A NAME="TOC70" HREF="FAQ.html#SEC70">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
- if it cannot be immediately delivered by my host? I don't want to have
- queued mail waiting on my host.
-<LI><A NAME="TOC71" HREF="FAQ.html#SEC71">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
- be routed specially?
-<LI><A NAME="TOC72" HREF="FAQ.html#SEC72">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
- pop3 mail account? The customer doesn't want to add a list of specific
- local parts to the system.
-<LI><A NAME="TOC73" HREF="FAQ.html#SEC73">Q0306</A>: The <TT>route_list</TT> setting
- <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
- router does not work.
-<LI><A NAME="TOC74" HREF="FAQ.html#SEC74">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
- <TT>require_files</TT> option.
-<LI><A NAME="TOC75" HREF="FAQ.html#SEC75">Q0308</A>: I have a domain for which some local parts must be delivered locally,
- but the remainder are to be treated like any other remote addresses.
-<LI><A NAME="TOC76" HREF="FAQ.html#SEC76">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
- want it just to look up the hosts' A records. I tried using a negative
- entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
-<LI><A NAME="TOC77" HREF="FAQ.html#SEC77">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
- addressed to a domain whose MX points to the firewall, it is forwarded
- to the internal mail server, without having to have a list of all the
- domains involved?
-<LI><A NAME="TOC78" HREF="FAQ.html#SEC78">Q0311</A>: How can I arrange that messages larger than some limit are handled by
- a special router?
-<LI><A NAME="TOC79" HREF="FAQ.html#SEC79">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
- message?
-<LI><A NAME="TOC80" HREF="FAQ.html#SEC80">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
- send the messsage to the host defined by the A record?
-<LI><A NAME="TOC81" HREF="FAQ.html#SEC81">Q0314</A>: Can you specify a list of domains to explicitly reject?
-<LI><A NAME="TOC82" HREF="FAQ.html#SEC82">Q0315</A>: Is it possible to use a conditional expression for the host item in a
- <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
- doesn't work:
-<LI><A NAME="TOC83" HREF="FAQ.html#SEC83">Q0316</A>: I send all external mail to a smart host, but this means that bad
- addresses also get passed to the smart host. Can I avoid this?
-<LI><A NAME="TOC84" HREF="FAQ.html#SEC84">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
- mail only goes out when I do a queue run. However, any email I send with
- an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
- 'retry time exceeded', and all addresses are affected.
-<LI><A NAME="TOC85" HREF="FAQ.html#SEC85">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
- on the local host?
-<LI><A NAME="TOC86" HREF="FAQ.html#SEC86">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
- domains, and then pass them on to the next router?
-<LI><A NAME="TOC87" HREF="FAQ.html#SEC87">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
- like to know how to restrict mail which comes from that account to users
- on that host only.
-<LI><A NAME="TOC88" HREF="FAQ.html#SEC88">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
- valid sites are rejected with "unknown mail domain". This only happens a
- few times a day and there is no particular pattern to the sites it
- rejects. If I try to lookup the same domain a few minutes later then it
- is OK.
-<LI><A NAME="TOC89" HREF="FAQ.html#SEC89">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
-<LI><A NAME="TOC90" HREF="FAQ.html#SEC90">Q0323</A>: I would like to forward all incoming email for a particular domain to
- another machine via SMTP. Whereabouts would I configure that?
-<LI><A NAME="TOC91" HREF="FAQ.html#SEC91">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
- when MX records point to IP addresses?
-<LI><A NAME="TOC92" HREF="FAQ.html#SEC92">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
- to the relevant hosts, but all other mail to be sent to my ISP's mail
- server? The local hosts are all DNS-registered and behave like normal
- Internet hosts.
-<LI><A NAME="TOC93" HREF="FAQ.html#SEC93">Q0326</A>: What I'd like to do is have alternative smarthosts, where the one to be
- used is determined by which ISP I'm connected to.
-</UL>
-
-<A NAME="TOC94" HREF="FAQ.html#SEC94">4. DIRECTING</A>
-<UL>
-<LI><A NAME="TOC95" HREF="FAQ.html#SEC95">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
- aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
- example, <B><B>postmaster@virt.dom.ain.</B></B>
-<LI><A NAME="TOC96" HREF="FAQ.html#SEC96">Q0402</A>: How do I configure Exim to send all messages to a central server?
-<LI><A NAME="TOC97" HREF="FAQ.html#SEC97">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
- central server?
-<LI><A NAME="TOC98" HREF="FAQ.html#SEC98">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
- be handled specially?
-<LI><A NAME="TOC99" HREF="FAQ.html#SEC99">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
- qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
- each domain?
-<LI><A NAME="TOC100" HREF="FAQ.html#SEC100">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
- appends to the user's INBOX. How can I forbid this?
-<LI><A NAME="TOC101" HREF="FAQ.html#SEC101">Q0407</A>: How can I arrange for a default value when using a query-style lookup
- such as LDAP or NIS+ to handle aliases?
-<LI><A NAME="TOC102" HREF="FAQ.html#SEC102">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
- then mail to aliases which also match the local domain get delivered to
- the local domain.
-<LI><A NAME="TOC103" HREF="FAQ.html#SEC103">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
- without root privilege, so Exim cannot access <B>~user/.forward.</B>
-<LI><A NAME="TOC104" HREF="FAQ.html#SEC104">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
- existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
-<LI><A NAME="TOC105" HREF="FAQ.html#SEC105">Q0411</A>: How can I deliver mail into different directories for each virtual
- domain, doing user lookups not against <B>/etc/passwd</B> but against
- <B><B>/etc/passwd.domain</B>?</B>
-<LI><A NAME="TOC106" HREF="FAQ.html#SEC106">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
- to a single address for each domain.
-<LI><A NAME="TOC107" HREF="FAQ.html#SEC107">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
-<LI><A NAME="TOC108" HREF="FAQ.html#SEC108">Q0414</A>: What does the error message "error in forward file (filtering not
- enabled): missing or malformed local part ..." mean?
-<LI><A NAME="TOC109" HREF="FAQ.html#SEC109">Q0415</A>: Exim isn't recognizing certain forms of local address.
-<LI><A NAME="TOC110" HREF="FAQ.html#SEC110">Q0416</A>: I have a domain for which some local parts must be delivered locally,
- but the remainder are to be treated like any other remote addresses.
-<LI><A NAME="TOC111" HREF="FAQ.html#SEC111">Q0417</A>: What I really need is the ability to obtain the result of a pipe
- command so that I can filter externally and redirect internally. Is
- this possible?
-<LI><A NAME="TOC112" HREF="FAQ.html#SEC112">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
- checking the <TT>local_parts</TT> option. Why is this?
-<LI><A NAME="TOC113" HREF="FAQ.html#SEC113">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
- than 8 characters as long as the first 8 characters match one of the
- local usernames?
-<LI><A NAME="TOC114" HREF="FAQ.html#SEC114">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
- (userforward director)"? I've looked through the documentation but can't
- see anything to suggest that exim has to do anything other than read the
- <B>.forward</B> file.
-<LI><A NAME="TOC115" HREF="FAQ.html#SEC115">Q0421</A>: How can I arrange that messages larger than some limit are handled by
- a special director?
-<LI><A NAME="TOC116" HREF="FAQ.html#SEC116">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
- delivery of all messages to that user, which sometimes include the
- user's own test messages. Can it be told to ignore the <B>.forward</B> file
- and/or inform the user of the error?
-<LI><A NAME="TOC117" HREF="FAQ.html#SEC117">Q0423</A>: I have some users on my system with upper case letters in their login
- names, but these are not recognized.
-<LI><A NAME="TOC118" HREF="FAQ.html#SEC118">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
- in their login names, but incoming mail now has to use the correct case.
- Can I relax this somehow?
-<LI><A NAME="TOC119" HREF="FAQ.html#SEC119">Q0425</A>: I want to look up local users in an SQL database instead of looking in
- the passwd file.
-<LI><A NAME="TOC120" HREF="FAQ.html#SEC120">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
- of virtual domains and explicit aliases?
-<LI><A NAME="TOC121" HREF="FAQ.html#SEC121">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
- and effectively drop in exim in place of Sendmail ?
-<LI><A NAME="TOC122" HREF="FAQ.html#SEC122">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
- on the local host?
-<LI><A NAME="TOC123" HREF="FAQ.html#SEC123">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
- existing user would bounce back with a different message, based
- on the name of non-existing user?
-<LI><A NAME="TOC124" HREF="FAQ.html#SEC124">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
- wondering if it worth leaving the actually list expansion to the
- <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
- transport? Is there any real difference in terms of facilities and/or
- performance, and are the expansions basically the same code anyway?
-<LI><A NAME="TOC125" HREF="FAQ.html#SEC125">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
- automatically, so that people could just create a .<B>vacation.msg</B> file in
- their home directory and not have to edit their <B>.forward</B> file?
-<LI><A NAME="TOC126" HREF="FAQ.html#SEC126">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
- local parts that the aliases generate. For example, if the alias file
- is
-<LI><A NAME="TOC127" HREF="FAQ.html#SEC127">Q0433</A>: I have some obsolete domains which people have been warned not to use
- any more. How can I arrange to delete any mail that is sent to them?
-<LI><A NAME="TOC128" HREF="FAQ.html#SEC128">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
- gets delivered to <B><B>something@mydomain.com</B>?</B>
-<LI><A NAME="TOC129" HREF="FAQ.html#SEC129">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
- one of my directors:
-<LI><A NAME="TOC130" HREF="FAQ.html#SEC130">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
- to share the same alias file? I have a number of such groups.
-<LI><A NAME="TOC131" HREF="FAQ.html#SEC131">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
- giving "Permission denied", but that file is world-readable!
-<LI><A NAME="TOC132" HREF="FAQ.html#SEC132">Q0438</A>: Some of our users have no home directories; the field in the password
- file contains <B>/no/home/dir</B>. This causes the error "failed to stat
- <B>/no/home/dir</B> (No such file or directory)" when Exim tries to look for a
- <B>.forward</B> file, and the delivery is deferred.
-<LI><A NAME="TOC133" HREF="FAQ.html#SEC133">Q0439</A>: How can I disable Exim's de-duplication features? I want it to do two
- deliveries if two different aliases expand to the same address.
-<LI><A NAME="TOC134" HREF="FAQ.html#SEC134">Q0440</A>: I set up an <B>aliasfile</B> director using MySQL, but it doesn't use the new
- addresses. This it my director:
-<LI><A NAME="TOC135" HREF="FAQ.html#SEC135">Q0441</A>: I received a message with a Subject: line that contained a non-printing
- character (a carriage return). This messed up my filter file. Is there a
- way to get round it?
-<LI><A NAME="TOC136" HREF="FAQ.html#SEC136">Q0442</A>: My users' mailboxes are distributed between several servers according to
- the first letter of the user name. All the servers receive incoming mail
- at random. I would like to have the same configuration file for all the
- servers, which does local delivery for the mailboxes it holds, and sends
- other addresses to the correct other server. Is this possible?
-<LI><A NAME="TOC137" HREF="FAQ.html#SEC137">Q0443</A>: I want to search for '$' in the subject line, but I can't seem to get
- the syntax. The obvious choice, '\$' doesn't work. Any help?
-<LI><A NAME="TOC138" HREF="FAQ.html#SEC138">Q0444</A>: One of the things I want to set up is for <B>anything@onedomain</B> to forward
- to <B><B>anything@anotherdomain.</B></B> I tried adding <B>$local_part@anotherdomain</B> to
- my aliases but it did not expand - it sent it to that literal address.
-<LI><A NAME="TOC139" HREF="FAQ.html#SEC139">Q0445</A>: How can I have an address looked up in two different alias files, and
- delivered to all the addresses that are found?
-<LI><A NAME="TOC140" HREF="FAQ.html#SEC140">Q0446</A>: I've converted from Sendmail, and I notice that Exim doesn't make use
- of the "owner-" entries in my alias file to change the sender address in
- outgoing messages to a mailing list.
-</UL>
-
-<A NAME="TOC141" HREF="FAQ.html#SEC141">5. DELIVERY</A>
-<UL>
-<LI><A NAME="TOC142" HREF="FAQ.html#SEC142">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
- a uid for local delivery of..." mean?
-<LI><A NAME="TOC143" HREF="FAQ.html#SEC143">Q0502</A>: Exim won't deliver to a host with no MX record.
-<LI><A NAME="TOC144" HREF="FAQ.html#SEC144">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
- system for a domain on a dial-up host?
-<LI><A NAME="TOC145" HREF="FAQ.html#SEC145">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
- also to generate a message to the envelope sender.
-<LI><A NAME="TOC146" HREF="FAQ.html#SEC146">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
- delivery. This seems to happen when it is about to contact a remote
- host or when a delivery is deferred.
-<LI><A NAME="TOC147" HREF="FAQ.html#SEC147">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
- error for the <B>.forward</B> file, like this:
-<LI><A NAME="TOC148" HREF="FAQ.html#SEC148">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
- this?
-<LI><A NAME="TOC149" HREF="FAQ.html#SEC149">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
- undeliverable, spammer senders) from clogging up the queue for days?
-<LI><A NAME="TOC150" HREF="FAQ.html#SEC150">Q0509</A>: How can mails that are being routed through directors other than
- localuser be delivered under the uid of the recipient?
-<LI><A NAME="TOC151" HREF="FAQ.html#SEC151">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
- ctrl-A characters that separate indvidual emails?
-<LI><A NAME="TOC152" HREF="FAQ.html#SEC152">Q0511</A>: I have an ISDN connection and would like a way of running the queue
- automatically when it is up.
-<LI><A NAME="TOC153" HREF="FAQ.html#SEC153">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
- that the mail bounces to the sender and is NOT stored in the mail queue?
-<LI><A NAME="TOC154" HREF="FAQ.html#SEC154">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
- <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
- message bodies started to vanish.
-<LI><A NAME="TOC155" HREF="FAQ.html#SEC155">Q0514</A>: What does the message "Unable to get root to set uid and gid
- for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
-<LI><A NAME="TOC156" HREF="FAQ.html#SEC156">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
- is gone. Any idea how to get it back?
-<LI><A NAME="TOC157" HREF="FAQ.html#SEC157">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
- without logging any deliveries. What's going on?
-<LI><A NAME="TOC158" HREF="FAQ.html#SEC158">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
- sending options, then I get an error message from Exim... something
- like "not supported". Can I activate delivery confirmations?
-<LI><A NAME="TOC159" HREF="FAQ.html#SEC159">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
- get delivered immediately; the remainder just sit on the queue until a
- queue runner process finds them.
-<LI><A NAME="TOC160" HREF="FAQ.html#SEC160">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
- that they have no sender. The SMTP trace does indeed show that the
- sender address is "<>". Why is the Sender on the bounce message empty?
-<LI><A NAME="TOC161" HREF="FAQ.html#SEC161">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
- mean? Why won't Exim try to deliver the message?
-<LI><A NAME="TOC162" HREF="FAQ.html#SEC162">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
- mail queued for that host, no matter what domain it's for, to be
- dequeued. Why doesn't Exim support this?
-<LI><A NAME="TOC163" HREF="FAQ.html#SEC163">Q0522</A>: If email has been deferred to a member on a local mailing list
- (implemented through forward files), and one of our ETRN clients is on
- this mailing list, the <B>-R</B> won't "flush" the mailing list message for
- that client.
-<LI><A NAME="TOC164" HREF="FAQ.html#SEC164">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
- although there is a difference in capitalization of the local part of
- the address.
-<LI><A NAME="TOC165" HREF="FAQ.html#SEC165">Q0524</A>: How can I force the next retry time for a host to be now?
-<LI><A NAME="TOC166" HREF="FAQ.html#SEC166">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
- alias but it doesn't work.
-<LI><A NAME="TOC167" HREF="FAQ.html#SEC167">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
- messages?
-<LI><A NAME="TOC168" HREF="FAQ.html#SEC168">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
- <B><B>"sem@chat.ru</B></B> cannot be resolved at this time" Exim isn't using them.
-<LI><A NAME="TOC169" HREF="FAQ.html#SEC169">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
- These are forced down Exim's throat in one go. Exim spawns a lot of
- kids, but is there some limit to the number of processes it creates?
-<LI><A NAME="TOC170" HREF="FAQ.html#SEC170">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
- exceeded' and removed <EM>all</EM> messages in the queue to this host - even
- recent messages. How I can avoid this behaviour? I only want to remove
- messages that have exceeded the maximum retry time.
-<LI><A NAME="TOC171" HREF="FAQ.html#SEC171">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
-<LI><A NAME="TOC172" HREF="FAQ.html#SEC172">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
- the retry rules specify longer times after a while, because it is
- writing a log entry every time, like this:
-<LI><A NAME="TOC173" HREF="FAQ.html#SEC173">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
- the system that it is sending all mail to is down.
-<LI><A NAME="TOC174" HREF="FAQ.html#SEC174">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
- No locks available", though the lock daemon is running on the NFS server
- and other hosts are able to access it.
-<LI><A NAME="TOC175" HREF="FAQ.html#SEC175">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
- the error "retry time not reached for any host after a long failure
- period"?
-<LI><A NAME="TOC176" HREF="FAQ.html#SEC176">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
- but there was a bounce to the sender, sending him the output of procmail.
- How can I prevent this?
-<LI><A NAME="TOC177" HREF="FAQ.html#SEC177">Q0536</A>: Can I write an ordinary file when I running a perl script as a transport
- filter for <TT>remote_smtp</TT> and <TT>address_pipe</TT> transports?
-<LI><A NAME="TOC178" HREF="FAQ.html#SEC178">Q0537</A>: I have some mails on my queues that are sticking around longer than
- the retry time indicates they should. They are all getting frozen
- because some remote admin has set their MX record to 127.0.0.1.
-<LI><A NAME="TOC179" HREF="FAQ.html#SEC179">Q0538</A>: My <B>/var/spool/mail</B> has grown drastically. Is there any possibility of
- using two files in <B>exim.cfg</B> ?
-<LI><A NAME="TOC180" HREF="FAQ.html#SEC180">Q0539</A>: Sendmail has a program called smrsh that restricts what binaries
- can be run from sendmail aliases. Is there someting like this in Exim ?
-<LI><A NAME="TOC181" HREF="FAQ.html#SEC181">Q0540</A>: I wish to have large emails go out one at a time.
-</UL>
-
-<A NAME="TOC182" HREF="FAQ.html#SEC182">6. UUCP</A>
-<UL>
-<LI><A NAME="TOC183" HREF="FAQ.html#SEC183">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
- get it to pass the messages on to UUCP?
-<LI><A NAME="TOC184" HREF="FAQ.html#SEC184">Q0602</A>: How can I get Exim to handle "bang path" addresses?
-<LI><A NAME="TOC185" HREF="FAQ.html#SEC185">Q0603</A>: We see something strange on our system in regards to mail comming in via
- rmail from a UUCP link. The sender is being set to mailmaster instead of
- the real sender, and a Sender: header is being added to the message.
-</UL>
-
-<A NAME="TOC186" HREF="FAQ.html#SEC186">7. PERFORMANCE</A>
-<UL>
-<LI><A NAME="TOC187" HREF="FAQ.html#SEC187">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
- improve performance?
-<LI><A NAME="TOC188" HREF="FAQ.html#SEC188">Q0702</A>: How well does Exim scale?
-<LI><A NAME="TOC189" HREF="FAQ.html#SEC189">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
- delivery to speed things up?
-<LI><A NAME="TOC190" HREF="FAQ.html#SEC190">Q0704</A>: I just wondered if it might be helpful to put the hints database on a
- RAM disk during regular operation. Did anybody try that yet?
-</UL>
-
-<A NAME="TOC191" HREF="FAQ.html#SEC191">8. POLICY CONTROLS</A>
-<UL>
-<LI><A NAME="TOC192" HREF="FAQ.html#SEC192">Q0801</A>: How do I block unwanted messages from outside my host?
-<LI><A NAME="TOC193" HREF="FAQ.html#SEC193">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
- before deciding whether to deliver it or not?
-<LI><A NAME="TOC194" HREF="FAQ.html#SEC194">Q0803</A>: How can I test that my spam blocks are working?
-<LI><A NAME="TOC195" HREF="FAQ.html#SEC195">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
- Blocking List (RBL)?
-<LI><A NAME="TOC196" HREF="FAQ.html#SEC196">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
-<LI><A NAME="TOC197" HREF="FAQ.html#SEC197">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
-<LI><A NAME="TOC198" HREF="FAQ.html#SEC198">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
- the remote machine is quite persistent, and keeps trying over and over.
-<LI><A NAME="TOC199" HREF="FAQ.html#SEC199">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
- is <>" in the reject log. Isn't <> a valid return path for error
- messages?
-<LI><A NAME="TOC200" HREF="FAQ.html#SEC200">Q0809</A>: Let's say that we want to run a mail server that does not care if you
- have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
- config file, Exim will always reject connections from such hosts. How
- can this be avoided?
-<LI><A NAME="TOC201" HREF="FAQ.html#SEC201">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
-<LI><A NAME="TOC202" HREF="FAQ.html#SEC202">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
- reject mail by matching regular expressions?
-<LI><A NAME="TOC203" HREF="FAQ.html#SEC203">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
- some uppercase letters in them seem to come through.
-<LI><A NAME="TOC204" HREF="FAQ.html#SEC204">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
- There doesn't seem to be an option for verification exceptions, so how
- can I do this?
-<LI><A NAME="TOC205" HREF="FAQ.html#SEC205">Q0814</A>: We are being plagued by forged mail coming from a number of different
- hosts and sender addresses. The guy however leaves a fingerprint. The
- first received line always contains 'Received: from baby'. What is the
- best suggested way for eliminiating him from our systems?
-<LI><A NAME="TOC206" HREF="FAQ.html#SEC206">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
- matching hosts.
-<LI><A NAME="TOC207" HREF="FAQ.html#SEC207">Q0816</A>: How can I run customized verification checks on incoming addresses?
-<LI><A NAME="TOC208" HREF="FAQ.html#SEC208">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
- sender of "<>" ?
-<LI><A NAME="TOC209" HREF="FAQ.html#SEC209">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
- but with a user-defined message. I believe I have to use a director for
- this.
-<LI><A NAME="TOC210" HREF="FAQ.html#SEC210">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
- message for each such combination.
-<LI><A NAME="TOC211" HREF="FAQ.html#SEC211">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
- external email to the list - and if a match is found file the offending
- message into a special location? Also is it possible to make exim only
- filter parts of an incoming email - e.g. ignore large MIME attachments
- for example and only process text/plain?
-<LI><A NAME="TOC212" HREF="FAQ.html#SEC212">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
- command, to check if a user has exceeded their email quota. If they have
- I issue a temporary failure and a message - can I do this with Exim?
-<LI><A NAME="TOC213" HREF="FAQ.html#SEC213">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
-<LI><A NAME="TOC214" HREF="FAQ.html#SEC214">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
- delivery. Can Exim do this?
-<LI><A NAME="TOC215" HREF="FAQ.html#SEC215">Q0824</A>: How can I accomplish this: a message sent from any host must either be
- sending to a domain in a list (a dbm file) or the sender's address
- domain must be in the list.
-<LI><A NAME="TOC216" HREF="FAQ.html#SEC216">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
- tries sending to an arbitrary domain, Exim rejects it.
-<LI><A NAME="TOC217" HREF="FAQ.html#SEC217">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
- recipients.
-<LI><A NAME="TOC218" HREF="FAQ.html#SEC218">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
-<LI><A NAME="TOC219" HREF="FAQ.html#SEC219">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
- system filtering. What's wrong or what did I miss?
-<LI><A NAME="TOC220" HREF="FAQ.html#SEC220">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
- I do a string lookup if <B>$recipients</B> is a list of addresses?
-<LI><A NAME="TOC221" HREF="FAQ.html#SEC221">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
-<LI><A NAME="TOC222" HREF="FAQ.html#SEC222">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
- sometimes after the MAIL command. What is the difference?
-<LI><A NAME="TOC223" HREF="FAQ.html#SEC223">Q0832</A>: How can I get Exim to remove attachments from messages?
-<LI><A NAME="TOC224" HREF="FAQ.html#SEC224">Q0833</A>: I ran a relay test against my host and it failed with an address
- containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
- broken? This is what the tester said:
-<LI><A NAME="TOC225" HREF="FAQ.html#SEC225">Q0834</A>: How can I arrange for each user to have a file listing the only sender
- addresses from which she will accept mail? I want to do this so my
- family members don't get any spam (or other inappropriate mail).
-<LI><A NAME="TOC226" HREF="FAQ.html#SEC226">Q0835</A>: I have the POP-auth-before-relay support in, but I see that Exim still
- does an RBL lookup before checking the POP authorisation file. How can I
- prevent it doing an RBL check if the caller is authorized by virtue of a
- recent POP authentication?
-<LI><A NAME="TOC227" HREF="FAQ.html#SEC227">Q0836</A>: When using Nessus on a system that runs exim, a number of security
- issues are raised. Nessus complains that exim answers to EXPN and/or
- VRFY; sometimes it even complains that exim allows relaying.
-<LI><A NAME="TOC228" HREF="FAQ.html#SEC228">Q0837</A>: Could anyone points me to right rules to prevent sending/receiving
- messages to/for domains which have one MX to localhost or only have
- address 127.0.0.1 ?
-<LI><A NAME="TOC229" HREF="FAQ.html#SEC229">Q0838</A>: How can I lock out domains that do not have any MX records?
-<LI><A NAME="TOC230" HREF="FAQ.html#SEC230">Q0839</A>: I would like to have a per-user limit for the maximum size of messages
- that can be sent.
-<LI><A NAME="TOC231" HREF="FAQ.html#SEC231">Q0840</A>: I have set up a DBM (or cdb, or lsearch, or MySQL or whatever) file
- containing a list of IP addresses for the hosts I want to allow to
- relay, but when I set <TT>host_accept_relay</TT> to do a lookup on that data, it
- doesn't work.
-</UL>
-
-<A NAME="TOC232" HREF="FAQ.html#SEC232">9. MAJORDOMO</A>
-<UL>
-<LI><A NAME="TOC233" HREF="FAQ.html#SEC233">Q0901</A>: How do I set up Majordomo to work with Exim?
-<LI><A NAME="TOC234" HREF="FAQ.html#SEC234">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
- sender correctly in the messages it sends.
-<LI><A NAME="TOC235" HREF="FAQ.html#SEC235">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
- when I try to send it mail. The panic log entry reads:
-<LI><A NAME="TOC236" HREF="FAQ.html#SEC236">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
- when it is passed a message from Exim.
-<LI><A NAME="TOC237" HREF="FAQ.html#SEC237">Q0905</A>: Exim is complaining about an invalid command line when Majordomo tries
- to send it a message for delivery.
-</UL>
-
-<A NAME="TOC238" HREF="FAQ.html#SEC238">10. REWRITING ADDRESSES</A>
-<UL>
-<LI><A NAME="TOC239" HREF="FAQ.html#SEC239">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
-<LI><A NAME="TOC240" HREF="FAQ.html#SEC240">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
- outgoing mail, and yet the hostname is present when the mail gets
- delivered.
-<LI><A NAME="TOC241" HREF="FAQ.html#SEC241">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
- world, but not for messages that remain within the local intranet.
-<LI><A NAME="TOC242" HREF="FAQ.html#SEC242">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
- names, but if mail comes in for an upper case login name, it doesn't
- get rewritten.
-<LI><A NAME="TOC243" HREF="FAQ.html#SEC243">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
-<LI><A NAME="TOC244" HREF="FAQ.html#SEC244">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
- contents are not being lowercased. Aren't domains supposed to be handled
- caselessly?
-<LI><A NAME="TOC245" HREF="FAQ.html#SEC245">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
- recipient.
-</UL>
-
-<A NAME="TOC246" HREF="FAQ.html#SEC246">11. HEADERS</A>
-<UL>
-<LI><A NAME="TOC247" HREF="FAQ.html#SEC247">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
- a specific domain and the subject line.
-<LI><A NAME="TOC248" HREF="FAQ.html#SEC248">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
- outgoing mail?
-<LI><A NAME="TOC249" HREF="FAQ.html#SEC249">Q1103</A>: How can I remove some part of the Received: header?
-<LI><A NAME="TOC250" HREF="FAQ.html#SEC250">Q1104</A>: How I can insert the PGP header line using exim filters?
-<LI><A NAME="TOC251" HREF="FAQ.html#SEC251">Q1105</A>: I know I can use a system filter to replace certain headers in messages,
- but how can I add text to existing headers? I want to add [SPAM] to
- the subject line of messages that appear to be spam.
-</UL>
-
-<A NAME="TOC252" HREF="FAQ.html#SEC252">12. FETCHMAIL</A>
-<UL>
-<LI><A NAME="TOC253" HREF="FAQ.html#SEC253">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
- recipient address <B><I>xxx</I>@localhost</B>".
-<LI><A NAME="TOC254" HREF="FAQ.html#SEC254">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
- set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
- local part.
-<LI><A NAME="TOC255" HREF="FAQ.html#SEC255">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
- Exim, but will it work? Do I need to configure fetchmail any particular
- way? As far as Exim knows, all mail is coming from 127.0.01. Will it
- check the source address against RBL? Or will it check the From: header?
-</UL>
-
-<A NAME="TOC256" HREF="FAQ.html#SEC256">13. PERL</A>
-<UL>
-<LI><A NAME="TOC257" HREF="FAQ.html#SEC257">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
- load library <B>'libperl.so'".</B>
-<LI><A NAME="TOC258" HREF="FAQ.html#SEC258">Q1302</A>: Exim built with Perl support exits with several error messages of the
- form "undefined reference to `PL_stack_sp'".
-</UL>
-
-<A NAME="TOC259" HREF="FAQ.html#SEC259">14. DIAL-UP</A>
-<UL>
-<LI><A NAME="TOC260" HREF="FAQ.html#SEC260">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
- delivered when I'm not connected to the Internet?
-<LI><A NAME="TOC261" HREF="FAQ.html#SEC261">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
- that remote mail only goes out when I do a queue run. However, any email
- I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
- minutes saying 'retry time exceeded', and all addresses are affected.
-<LI><A NAME="TOC262" HREF="FAQ.html#SEC262">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
- system for a domain on a dial-up host?
-<LI><A NAME="TOC263" HREF="FAQ.html#SEC263">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
- force delivery of waiting mail when I dial in. How can I arrange for any
- new messages that arrive while I'm connected to be delivered immediately?
-</UL>
-
-<A NAME="TOC264" HREF="FAQ.html#SEC264">15. MODIFYING MESSAGE BODIES</A>
-<UL>
-<LI><A NAME="TOC265" HREF="FAQ.html#SEC265">Q1501</A>: How can I add a disclaimer or an advertisement to a message?
-<LI><A NAME="TOC266" HREF="FAQ.html#SEC266">Q1502</A>: How can I remove attachments from messages?
-</UL>
-
-<A NAME="TOC267" HREF="FAQ.html#SEC267">20. MILLENNIUM</A>
-<UL>
-<LI><A NAME="TOC268" HREF="FAQ.html#SEC268">Q2000</A>: Are there any Y2K issues with Exim?
-</UL>
-
-<A NAME="TOC269" HREF="FAQ.html#SEC269">50. MISCELLANEOUS</A>
-<UL>
-<LI><A NAME="TOC270" HREF="FAQ.html#SEC270">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
- argument" mean?
-<LI><A NAME="TOC271" HREF="FAQ.html#SEC271">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
- set of Exim administration functions? I don't want to put them all in
- the exim group.
-<LI><A NAME="TOC272" HREF="FAQ.html#SEC272">Q5003</A>: How can I test for a message's size being greater or less than a given
- value in an expansion string?
-<LI><A NAME="TOC273" HREF="FAQ.html#SEC273">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
- want to "tail", and the number of tailing windows is getting to be a
- nuisance.
-<LI><A NAME="TOC274" HREF="FAQ.html#SEC274">Q5005</A>: I would like to have Exim log information written to syslog.
-<LI><A NAME="TOC275" HREF="FAQ.html#SEC275">Q5006</A>: What does the error "Failed to create spool file" mean?
-<LI><A NAME="TOC276" HREF="FAQ.html#SEC276">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
-<LI><A NAME="TOC277" HREF="FAQ.html#SEC277">Q5008</A>: Exim's databases keep getting corrupted.
-<LI><A NAME="TOC278" HREF="FAQ.html#SEC278">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
- but I can't get it to have an envelope from of <>.
-<LI><A NAME="TOC279" HREF="FAQ.html#SEC279">Q5010</A>: I see entries in the log that mention two different IP addresses for the
- same connection. Why is this? For example:
-<LI><A NAME="TOC280" HREF="FAQ.html#SEC280">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
- # character?
-<LI><A NAME="TOC281" HREF="FAQ.html#SEC281">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
- delivered to their final destination with the Bcc: line still present.
-<LI><A NAME="TOC282" HREF="FAQ.html#SEC282">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
- printed page, the printer ejects a blank sheet. Is this something to do
- with using "letter" rather than A4 paper?
-<LI><A NAME="TOC283" HREF="FAQ.html#SEC283">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
- in to collect their mail.
-<LI><A NAME="TOC284" HREF="FAQ.html#SEC284">Q5015</A>: A short time after I start Exim I see a <defunct> zombie process. What
- is causing this?
-<LI><A NAME="TOC285" HREF="FAQ.html#SEC285">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
- daemons: exim abandoned: unknown, malformed, or incomplete option
- <B>-bz</B> sendmail". What does this mean?
-<LI><A NAME="TOC286" HREF="FAQ.html#SEC286">Q5017</A>: I would like to restrict e-mail usage for some users to the local
- machine, ideally on a group basis.
-<LI><A NAME="TOC287" HREF="FAQ.html#SEC287">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
- the SMTP port. Why is this?
-<LI><A NAME="TOC288" HREF="FAQ.html#SEC288">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
- documentation.
-<LI><A NAME="TOC289" HREF="FAQ.html#SEC289">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
- to the addresses within the message, not to those on the command line.
-<LI><A NAME="TOC290" HREF="FAQ.html#SEC290">Q5021</A>: If I set up, for example,
- <TT>local_domains = *customer.com</TT>, then it matches
- <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
- <B>"noncustomer.com",</B> which is wrong. How can I get round this?
-<LI><A NAME="TOC291" HREF="FAQ.html#SEC291">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
- exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
- treated as local. What is the best way to do this?
-<LI><A NAME="TOC292" HREF="FAQ.html#SEC292">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
- is a Sparc 5 running Solaris 2.6.
-<LI><A NAME="TOC293" HREF="FAQ.html#SEC293">Q5024</A>: Is there a Windows NT version of Exim available?
-<LI><A NAME="TOC294" HREF="FAQ.html#SEC294">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
- Notification (MSN), or any other form of delivery acknowledgement?
-<LI><A NAME="TOC295" HREF="FAQ.html#SEC295">Q5026</A>: What does "Exim" stand for?
-<LI><A NAME="TOC296" HREF="FAQ.html#SEC296">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
- received in one connection" mean?
-<LI><A NAME="TOC297" HREF="FAQ.html#SEC297">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
- amount of space on the spool for incoming SMTP messages that use the
- SIZE option. Can I suppress this?
-<LI><A NAME="TOC298" HREF="FAQ.html#SEC298">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
- assuming that the "<>" indicates that the envelope did not contain any
- "From" data?
-<LI><A NAME="TOC299" HREF="FAQ.html#SEC299">Q5030</A>: I've received a message which does not have my address in the To:
- line. It is a spam message with the same address in both the From: and
- the To: headers. How can this happen, and why doesn't Exim reject it?
-<LI><A NAME="TOC300" HREF="FAQ.html#SEC300">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
- that is, it is handled without it ever hitting the disc?
-<LI><A NAME="TOC301" HREF="FAQ.html#SEC301">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
- on the fly, or do I need to restart Exim every time I make a change?
-<LI><A NAME="TOC302" HREF="FAQ.html#SEC302">Q5033</A>: What are the main differences between using an Exim filter and using
- procmail?
-<LI><A NAME="TOC303" HREF="FAQ.html#SEC303">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
- those addresses generated from a top-level address that have not yet
- been delivered.
-<LI><A NAME="TOC304" HREF="FAQ.html#SEC304">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
- relaying that they are being blocked with a "Too many connections"
- error.
-<LI><A NAME="TOC305" HREF="FAQ.html#SEC305">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
- error message: "Filter error: unavailable filtering command "fail" near
- line 8 of filter file".
-<LI><A NAME="TOC306" HREF="FAQ.html#SEC306">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
- deliver it? I want to be in this state while moving some mailboxes.
-<LI><A NAME="TOC307" HREF="FAQ.html#SEC307">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
- sender" mean?
-<LI><A NAME="TOC308" HREF="FAQ.html#SEC308">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
- anything from it.
-<LI><A NAME="TOC309" HREF="FAQ.html#SEC309">Q5040</A>: What does "ridiculously long message header" in an error report mean?
-<LI><A NAME="TOC310" HREF="FAQ.html#SEC310">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
- else?
-<LI><A NAME="TOC311" HREF="FAQ.html#SEC311">Q5042</A>: I see that Exim doesn't support SSL. Can it be made to work with stunnel?
-<LI><A NAME="TOC312" HREF="FAQ.html#SEC312">Q5043</A>: Is there an easy way of removing all queued messages at once in a safe
- way?
-<LI><A NAME="TOC313" HREF="FAQ.html#SEC313">Q5044</A>: What is the best way to provide backup MX for clients?
-<LI><A NAME="TOC314" HREF="FAQ.html#SEC314">Q5045</A>: Why does Exim do "ident" callbacks by default? Isn't this just a waste
- of resources? I've been told this is an ancient way of authentication.
- Is it obsolete?
-<LI><A NAME="TOC315" HREF="FAQ.html#SEC315">Q5046</A>: I often have the problem that a message gets stuck in the mailq and I
- want it to be bounced to a certain address.
-<LI><A NAME="TOC316" HREF="FAQ.html#SEC316">Q5047</A>: What precautions should I take when editing <B>exim.conf?</B>
-<LI><A NAME="TOC317" HREF="FAQ.html#SEC317">Q5048</A>: Is exim able to use RFC 2645, On-demand Mail Relay (ODMR)?
-<LI><A NAME="TOC318" HREF="FAQ.html#SEC318">Q5049</A>: I want to send every bounced mail that is received by my server, as
- "headers-only" to the sysadmin. How can I do this?
-<LI><A NAME="TOC319" HREF="FAQ.html#SEC319">Q5050</A>: What POP3 daemon should I use with Exim? I want something with
- configurable authentication mechanisms.
-<LI><A NAME="TOC320" HREF="FAQ.html#SEC320">Q5051</A>: Is there any way I can send bounces to the postmaster, and nobody else?
- Basically, I want to recieve them, and I don't want the reply/from
- person to get them. If I think they need it I will forward it myself.
-</UL>
-
-<A NAME="TOC321" HREF="FAQ.html#SEC321">93. HP-UX</A>
-<UL>
-<LI><A NAME="TOC322" HREF="FAQ.html#SEC322">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
- put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
-</UL>
-
-<A NAME="TOC323" HREF="FAQ.html#SEC323">94. BSDI</A>
-<UL>
-<LI><A NAME="TOC324" HREF="FAQ.html#SEC324">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
-</UL>
-
-<A NAME="TOC325" HREF="FAQ.html#SEC325">95. IRIX</A>
-<UL>
-<LI><A NAME="TOC326" HREF="FAQ.html#SEC326">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
- Exim doesn't seem to recognize them as local addresses.
-<LI><A NAME="TOC327" HREF="FAQ.html#SEC327">Q9502</A>: The IP addresses for incoming calls are all being given as
- 255.255.255.255 or 0.0.0.0.
-</UL>
-
-<A NAME="TOC328" HREF="FAQ.html#SEC328">96. LINUX</A>
-<UL>
-<LI><A NAME="TOC329" HREF="FAQ.html#SEC329">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
- error message.
-<LI><A NAME="TOC330" HREF="FAQ.html#SEC330">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
- trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
-<LI><A NAME="TOC331" HREF="FAQ.html#SEC331">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
- my mail logs. Anyone worked out the logrotate config file that will
- do this?
-<LI><A NAME="TOC332" HREF="FAQ.html#SEC332">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
- service terminated" on a RedHat 5.2 system, causing imap connections to
- be refused. The imapd in use is Washington Uni vers 12.250. Could this
- be anything to do with Exim?
-<LI><A NAME="TOC333" HREF="FAQ.html#SEC333">Q9605</A>: I get the "too many open files" error especially when a lot of messages
- land for majordomo at the same time.
-<LI><A NAME="TOC334" HREF="FAQ.html#SEC334">Q9606</A>: I'm having a problem with an Exim RPM.
-<LI><A NAME="TOC335" HREF="FAQ.html#SEC335">Q9607</A>: I installed debian 2.2 linux on a small 325mb 486 laptop. When I try
- to test the Mail program, I get the following error: "Failed to open
- configuration file <B><B>/etc/exim.conf</B>".</B>
-<LI><A NAME="TOC336" HREF="FAQ.html#SEC336">Q9608</A>: I'm getting the error <B>"db.h:</B> No such file or directory" when I try to
- build Exim under RedHat 7.0.
-</UL>
-
-<A NAME="TOC337" HREF="FAQ.html#SEC337">97. SUN SYSTEMS</A>
-<UL>
-<LI><A NAME="TOC338" HREF="FAQ.html#SEC338">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
-<LI><A NAME="TOC339" HREF="FAQ.html#SEC339">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
- CDE <B>dtmail</B>?
-<LI><A NAME="TOC340" HREF="FAQ.html#SEC340">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
- more than 10 A records.
-<LI><A NAME="TOC341" HREF="FAQ.html#SEC341">Q9704</A>: The menu in Eximon isn't working on my Sun system.
-<LI><A NAME="TOC342" HREF="FAQ.html#SEC342">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
- over a network.
-<LI><A NAME="TOC343" HREF="FAQ.html#SEC343">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
- running DBM functions.
-<LI><A NAME="TOC344" HREF="FAQ.html#SEC344">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
-<LI><A NAME="TOC345" HREF="FAQ.html#SEC345">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
-<LI><A NAME="TOC346" HREF="FAQ.html#SEC346">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
- want to alter the <B>nsswitch.conf</B> file in Solaris 2.
-</UL>
-
-<A NAME="TOC347" HREF="FAQ.html#SEC347">98. COOKBOOK</A>
-<UL>
-<LI><A NAME="TOC348" HREF="FAQ.html#SEC348">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
-<LI><A NAME="TOC349" HREF="FAQ.html#SEC349">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
- from a restricted list of our local users?
-<LI><A NAME="TOC350" HREF="FAQ.html#SEC350">Q9803</A>: How do I configure Exim to run with SmartList?
-<LI><A NAME="TOC351" HREF="FAQ.html#SEC351">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
-<LI><A NAME="TOC352" HREF="FAQ.html#SEC352">Q9805</A>: How do I configure Exim to handle local parts with extensions?
-<LI><A NAME="TOC353" HREF="FAQ.html#SEC353">Q9806</A>: How do I configure Exim so that only a restricted list of users can
- receive mail from external domains?
-<LI><A NAME="TOC354" HREF="FAQ.html#SEC354">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
- to mail to. How do I accomplish this?
-<LI><A NAME="TOC355" HREF="FAQ.html#SEC355">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
- a way to run the queue for that destination separately from the main
- queue?
-<LI><A NAME="TOC356" HREF="FAQ.html#SEC356">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
-<LI><A NAME="TOC357" HREF="FAQ.html#SEC357">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
- there a solution for this using an Exim filter?
-<LI><A NAME="TOC358" HREF="FAQ.html#SEC358">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
- user in a specific directory, using a "save" command in a system filter.
- How can I arrange for Exim to write to these files under the correct
- UID/GID?
-<LI><A NAME="TOC359" HREF="FAQ.html#SEC359">Q9812</A>: How can I keep an archive of all mail for some specific local email
- addresses?
-<LI><A NAME="TOC360" HREF="FAQ.html#SEC360">Q9813</A>: How can I configure Exim to provide a vacation message when there are
- no local users on my mail hub?
-<LI><A NAME="TOC361" HREF="FAQ.html#SEC361">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
- password and moving the home directory to another place. How can we
- arrange to reject mail for users in this state?
-<LI><A NAME="TOC362" HREF="FAQ.html#SEC362">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
- strip all reply-to: headers present, substitute another one pointing to
- "otheraddress" and forward a message to "realaddress".
-<LI><A NAME="TOC363" HREF="FAQ.html#SEC363">Q9816</A>: How can I set up Exim to work with Listar?
-<LI><A NAME="TOC364" HREF="FAQ.html#SEC364">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
- users. For each user there may be a different monitoring address.
-<LI><A NAME="TOC365" HREF="FAQ.html#SEC365">Q9818</A>: How can I add a disclaimer to the end of every message?
-<LI><A NAME="TOC366" HREF="FAQ.html#SEC366">Q9819</A>: I would like to append a simple advertisement text to all outgoing
- and local mails.
-<LI><A NAME="TOC367" HREF="FAQ.html#SEC367">Q9820</A>: How can I configure Exim so that all mails adressed to
- <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
-<LI><A NAME="TOC368" HREF="FAQ.html#SEC368">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
- mail?
-<LI><A NAME="TOC369" HREF="FAQ.html#SEC369">Q9822</A>: How can I get Exim to work with mailman?
-<LI><A NAME="TOC370" HREF="FAQ.html#SEC370">Q9823</A>: Is there any way to have messages sent to a specific local address
- delayed by - say - 24 hours?
-<LI><A NAME="TOC371" HREF="FAQ.html#SEC371">Q9824</A>: I have a mailing list exploder on one host, and three other hosts where
- I want to do the actual deliveries from. How can I get Exim to split
- a message into groups of recipients between the three hosts?
-</UL>
-
-<A NAME="TOC372" HREF="FAQ.html#SEC372">99. LIST OF SAMPLE CONFIGURATIONS</A>
-<UL>
-</UL>
-<BR><H2><A NAME="SEC1" HREF="FAQ.html#TOC1">0. DEBUGGING
-
-</A></H2>
-<A NAME="SEC2" HREF="FAQ.html#TOC2">Q0001</A>: Exim is crashing. What is wrong?
-
-
-<P>
-A0001: Exim should never crash. The author is always keen to know about
- crashes, so that they can be diagnosed and fixed. However, before you
- start sending email, please check that you are running the latest
- release of Exim, in case the problem has already been fixed. The
- techniques described below can also be useful in trying to pin down
- exactly which circumstances caused the crash and what Exim was trying to
- do at the time. If the crash is reproducable (by a particular message,
- say) keep a copy of that message. If there is a core file (in Exim's
- spool directory), see if you can get any information from it.
-
-</P>
-<P>
- One thing that has caused crashes in the past has been incorrectly
- installed DB libraries. In particular, if you are running any version of
- Berkeley db, it is best to set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B> before
- building Exim. This then avoids the use of the "ndbm compatibility
- interface" via the <B>ndbm.h</B> include file, which has been found to be
- incorrect on some systems. If you have already built Exim, you can just
- edit <B>Local/Makefile</B> and run <B>make</B> again to rebuild. Before restarting
- Exim, delete any existing database files in the <B>spool/db</B> directory.
-
-</P>
-<A NAME="SEC3" HREF="FAQ.html#TOC3">Q0002</A>: Exim is not working. What is wrong? How can I check what it is doing?
-
-
-<P>
-A0002: Exactly how is it not working? Check the more specific questions in the
- other sections of this FAQ. Some general techniques for debugging are:
-
-</P>
-<P>
- 1. Look for information in Exim's log files. These are in the "log"
- directory in Exim's spool directory, unless you have configured a
- different path for them. Serious operational problems are reported
- in paniclog.
-
-</P>
-<P>
- 2. If the problem involves the delivery of one or more messages, try
- forcing a delivery with the <B>-d</B> option, to cause Exim to output
- debugging information. For example:
-
-</P>
-<PRE>
- exim -d -M 0z6CXU-0005RR-00</PRE>
-<P>
- On its own, <B>-d</B> produces a small amount of information. Following it
- with a number increases the amount given: <B>-d9</B> gives the maximum
- amount of general information; <B>-d10</B> gives in addition details of the
- interpretation of filter files, and <B>-d11</B> or higher also turns on the
- debugging option for DNS lookups. The output is written to the
- standard error stream.
-
-</P>
-<P>
- 3. If the problem involves incoming SMTP mail, try using the <B>-bh</B> option
- to simulate an incoming connection from a specific host, for example:
-
-</P>
-<PRE>
- exim -bh 10.9.8.7</PRE>
-<P>
- This goes through the motions of an SMTP session, without actually
- accepting a message. Information about various policy checks is
- output. You will need to know how to pretend to be an SMTP client.
-
-</P>
-<P>
- 4. If the problem involves lack of recognition or incorrect handling
- of local addresses, try using the <B>-bt</B> option with debugging turned
- on, to see how Exim is handling the address. For example,
-
-</P>
-<PRE>
- exim -d2 -bt z6abc</PRE>
-<P>
- will show you how it would handle the local part "z6abc". Increase
- the debug level to <B>-d9</B> for more information.
-
-</P>
-<A NAME="SEC4" HREF="FAQ.html#TOC4">Q0003</A>: What does the error "Child process of <TT>address_pipe</TT> transport returned
- 69 from command <I>xxx</I>" mean?
-
-
-<P>
-A0003: The most common meaning of exit code 69 is "unavailable", and this often
- means that when Exim tried to exec the command <I>xxx</I>, it failed. One
- cause of this might be incorrect permissions on the file containing the
- command. See also
- <A HREF="FAQ.html#SEC34">Q0033</A>.
-
-</P>
-<A NAME="SEC5" HREF="FAQ.html#TOC5">Q0004</A>: My virtual domain setup isn't working. How can I debug it?
-
-
-<P>
-A0004: You can use an exim command with <B>-d</B> (or <B>-d2,</B> <B>-d3</B> ... <B>-d9)</B> to get it to
- show you how it is processing addresses. You don't actually need to send
- a message; use the <B>-bt</B> option like this:
-
-</P>
-<PRE>
- exim -d2 -bt localpart@virtualhost</PRE>
-<P>
- This will show you which directors it is using. If the problem appears
- to be with the expansion of an option setting, you can use the
- <TT>debug_print</TT> option on a director (or router) to get Exim to output the
- expanded string values as it goes along.
-
-</P>
-<A NAME="SEC6" HREF="FAQ.html#TOC6">Q0005</A>: Why is Exim giving "421 Unexpected log failure, please try later" when
- receiving an SMTP message with a large number of recipients?
-
-
-<P>
-A0005: You are verifying recipients, and your configuration is one that does a
- different lookup of some sort for each recipient. Exim keeps lookup
- files open, in case there are several lookups in the same file. Versions
- of Exim prior to 2.10 did not limit the number of open files used for
- this purpose, and your operating system's maximum per process has been
- reached. Exim is trying to log the failure to open a file, but cannot
- open the log file, for the same reason. If upgrading Exim is not
- immediately possible, you might be able to increase your operating
- system's maximum number of open files per process.
-
-</P>
-<A NAME="SEC7" HREF="FAQ.html#TOC7">Q0006</A>: Why is Exim not rejecting incoming messages addressed to non-existent
- users at SMTP time?
-
-
-<P>
-A0006: Have you remembered to set <TT>receiver_verify</TT>? It is not the default.
-
-</P>
-<A NAME="SEC8" HREF="FAQ.html#TOC8">Q0007</A>: I've put an entry for <B>*.my.domain</B> in a DBM lookup file, but it isn't
- getting recognized.
-
-
-<P>
-A0007: You need to request "partial matching" by setting the search type to
- "partial-dbm" in order for this to work.
-
-</P>
-<A NAME="SEC9" HREF="FAQ.html#TOC9">Q0008</A>: I've put the entry <B><B>*@domain.com</B></B> in a lookup database, but it isn't
- working. The expansion I'm using is:
-
-
-<PRE>
- ${lookup{${lc:$sender_address}}dbm{/the/file} ...</PRE>
-<P>
-A0008: As no sender address will ever be <B><B>*@domain.com</B></B> this will indeed have
- no effect as it stands. You need to tell Exim if you want it to look for
- defaults after the normal lookup has failed. In this case, change the
- search type from "dbm" to "dbm*@". See the section on "Default values in
- single-key lookups" in the chapter entitled "File and database lookups".
-
-</P>
-<A NAME="SEC10" HREF="FAQ.html#TOC10">Q0009</A>: Is there a way to print recognized local domains?
-
-
-<P>
-A0009: If you run "exim <B>-bP</B> <TT>local_domains</TT>" it will output the string that is
- set, but it won't print the contents of any files that are referenced.
-
-</P>
-<A NAME="SEC11" HREF="FAQ.html#TOC11">Q0010</A>: If I run <B>"./exim</B> <B>-d9</B> <B>-bt</B> <B>user@domain</B>" all seems well, but when I send a
- message from my User Agent, it does not arrive at its destination.
-
-
-<P>
-A0010: Try sending a message directly to Exim by typing this:
-
-</P>
-<PRE>
- exim -d9 user@domain
- <some message, could be empty>
- .</PRE>
-<P>
- If the message gets delivered to a remote host, but never arrives at its
- final destination, then the problem is at the remote host. If, however,
- the message gets through correctly, then the problem may be between your
- User Agent and Exim. Try setting Exim's <TT>log_arguments</TT> option, to see
- with which arguments the UA is calling Exim.
-
-</P>
-<A NAME="SEC12" HREF="FAQ.html#TOC12">Q0011</A>: I am getting this message in mainlog every so often: "no immediate
- delivery: too many connections (19, max 0)". What am I missing?
-
-
-<P>
-A0011: A current release of Exim. :-) The message you are getting is the wrong
- message. What it should be saying is "too many messages received in one
- SMTP connection" (see next question). This bug was fixed in release
- 2.051.
-
-</P>
-<A NAME="SEC13" HREF="FAQ.html#TOC13">Q0012</A>: What does "no immediate delivery: too many messages received in one SMTP
- connection" mean?
-
-
-<P>
-A0012: An SMTP client may send any number of messages down a single SMTP
- connection to a server. Initially, an Exim server starts up a delivery
- process as soon as a message is received. However, in order not to start
- up too many processes when lots of messages are arriving (typically
- after a period of downtime), it stops doing immediate delivery after a
- certain number of messages have arrived down the same connection. The
- threshold is set by <TT>smtp_accept_queue_per_connection</TT>, and the default
- value is 10. On large systems, the value should be increased. If you are
- running a dial-in host and expecting to get all your mail down a single
- SMTP connection, then you can disable the limit altogether by setting
- the value to zero.
-
-</P>
-<A NAME="SEC14" HREF="FAQ.html#TOC14">Q0013</A>: Exim puts "for <address>" in the Received: headers of some, but not all,
- messages. Is this a bug?
-
-
-<P>
-A0013: No. It is deliberate. Exim inserts a "for" phrase only if the incoming
- message has precisely one recipient. If there is more than one
- recipient, nothing is inserted. The reason for this is that not all
- recipients appear in the To: or Cc: headers, and it is considered a
- breach of privacy to expose such recipients to the others. A common
- case is when a message has come from a mailing list.
-
-</P>
-<A NAME="SEC15" HREF="FAQ.html#TOC15">Q0014</A>: Instead of <TT>exim_dbmbuild</TT>, I'm using a homegrown program to build DBM
- (or cdb) files, but Exim doesn't seem to be able to use them.
-
-
-<P>
-A0014: Exim expects there to be a binary zero value on the end of each key used
- in a DBM file if you use the "dbm" lookup type, but not for the "dbmnz"
- lookup type or for the keys of a cdb file. Check that you haven't
- slipped up in this regard.
-
-</P>
-<A NAME="SEC16" HREF="FAQ.html#TOC16">Q0015</A>: Exim is unable to route to any remote domains. It doesn't seen to be
- able to access the DNS.
-
-
-<P>
-A0015: Try running "exim <B>-d11</B> <B>-bt</B> <remote address>". The <B>-d11</B> will make it show
- the resolver queries it is building and the results of its DNS queries.
- If it appears unable to contact any nameservers, check the contents and
- permissions of <B><B>/etc/resolv.conf</B>.</B>
-
-</P>
-<A NAME="SEC17" HREF="FAQ.html#TOC17">Q0016</A>: I'm using ETRN to run a script that checks things and doesn't always
- end up running "exim <B><B>-R".</B></B> However, after it has run once, subsequent
- attempts fail with "458 Already processing".
-
-
-<P>
-A0016: Set <TT>no_smtp_etrn_serialize</TT>.
-
-</P>
-<A NAME="SEC18" HREF="FAQ.html#TOC18">Q0017</A>: What does the error message "transport <TT>system_aliases</TT>: cannot find
- transport driver "<B>aliasfile</B>" in line 92" mean?
-
-
-<P>
-A0017: "<B>aliasfile</B>" is a director, not a transport. You have put a configuration
- for a director into the transports section of the configuration file.
-
-</P>
-<A NAME="SEC19" HREF="FAQ.html#TOC19">Q0018</A>: Exim is timing out after receiving and responding to the DATA command
- from one particular host, and yet the client host also claims to be
- timing out. This seems to affect only certain messages.
-
-
-<P>
-A0018: (A) This problem has been seen with a network that was dropping all
- packets over a certain size, which mean that the first part of the SMTP
- transaction worked, but when the body of a large message started
- flowing, the main data bits never got through the network. See also
-
- <A HREF="FAQ.html#SEC22">Q0021</A>.
-
-</P>
-<P>
- (B) This can also happen if a machine has a broken TCP stack and won't
- reassemble fragmented datagrams.
-
-</P>
-<P>
- (C) A very few ISDN lines have been seen which failed when certain data
- patterns were sent through them, and replacing the routers at both end
- of the link did not fix things. One of them was triggered by more than 4
- X's in a row in the data.
-
-</P>
-<A NAME="SEC20" HREF="FAQ.html#TOC20">Q0019</A>: What does the message "Socket bind() to port 25 for address (any)
- failed: address already in use" mean?
-
-
-<P>
-A0019: You are trying to run an Exim daemon when there is one already running -
- or maybe some other MTA is running, or perhaps you have an SMTP line in
- <B><B>/etc/inetd.conf</B></B> which is causing <B>inetd</B> to listen on port 25.
-
-</P>
-<A NAME="SEC21" HREF="FAQ.html#TOC21">Q0020</A>: I've set <TT>headers_check_syntax</TT>, but this causes Exim to complain about
- headers like "To: Work: Jim <B><jims@email</B>>, Home: Bob <B><bobs@email</B>>" which
- look all right to me. Is this a bug?
-
-
-<P>
-A0020: No. Header lines such as From:, To:, <B>etc.,</B> which contain addresses, are
- structured, and have to be in a specific format which is defined in RFC
- 822. Unquoted colons are not allowed in the "phrase" part of an email
- address (they are OK in other headers such as Subject:). The correct
- form for that header is
-
-</P>
-<PRE>
- To: "Work: Jim" <jims@email>, "Home: Bob" <bobs@email></PRE>
-<P>
- You will sometimes see unquoted colons in To: and Cc: headers, but only
- in connection with name lists (called "groups"), for example:
-
-</P>
-<PRE>
- To: My friends: X <x@y.x>, Y <y@w.z>;,
- My enemies: A <a@b.c>, B <b@c.d>;</PRE>
-<P>
- Each list must be terminated by a semicolon, as shown.
-
-</P>
-<A NAME="SEC22" HREF="FAQ.html#TOC22">Q0021</A>: Whenever Exim tries to deliver a specific message to a particular
- server, it fails, giving the error "Remote end closed connection after
- data" or "Broken pipe" or a timeout. What's going on?
-
-
-<P>
-A0021: "Broken pipe" is the error you get on some OS when the far end just
- drops the connection. The alternative is "connection reset by peer".
-
-</P>
-<P>
- (A) There are some firewalls that fall over on \0 characters in the
- mail. Have a look, e.g. with hexdump <B>-c</B> mymail | tail to see if your
- mail contains any binary zero characters.
-
-</P>
-<P>
- (B) There are broken SMTP servers around that just drop the connection
- after the data has been sent if they don't like the message for some
- reason (e.g. it is too big) instead of sending a 5xx error code. Have
- you tried sending a small message to the same address?
-
-</P>
-<P>
- It has been reported that some releases of Novell servers running NIMS
- are unable to handle lines longer than 1024 characters, and just close
- the connection. This is an example of this behaviour.
-
-</P>
-<P>
- (C) If the problem occurs right at the start of the mail, then it could
- be a network problem with mishandling of large packets. Many emails are
- small and thus appear to propagate correctly, but big emails will
- generate big IP datagrams.
-
-</P>
-<P>
- There have been problems when something in the middle of the network
- mishandles large packets due to IP tunnelling. In a tunnelled link, your
- IP datagrams gets wrapped in a larger datagram and sent over a network.
- This is how virtual private networks (VPNs), and some ISP transit
- circuits work. Since the datagrams going over the tunnel require a
- larger packet size, the tunnel needs a bigger maximum transfer unit
- (MTU) in the network handling the tunnelled packets. However, MTUs
- are often fixed, so the tunnel will try to fragment the packets.
-
-</P>
-<P>
- If the systems outside the tunnel are using MTU path discovery, (most
- Sun Sparc Solaris machines do by default), and set the DF (don't
- fragment) bit because they don't send packets larger than their <EM>local</EM>
- MTU, then ICMP control messages will be sent by the routers at the
- ends of the tunnel to tell them to reduce their MTU, since the tunnel
- can't fragment the data, and has to throw it away. If this mechanism
- stops working, e.g. a firewall blocks ICMP, then your host never
- knows it has hit the maximum path MTU, but it has received no ACK on
- the packet either, so it continues to resend the same packet and the
- connection stalls, eventually timing out.
-
-</P>
-<P>
- You can test the link using pings of large packets and see what works:
-
-</P>
-<PRE>
- ping -s host 2048</PRE>
-<P>
- Try reducing the MTU on the sending host:
-
-</P>
-<PRE>
- ifconfig le0 mtu 1300</PRE>
-<P>
- Alternatively, you can reduce the size of the buffer Exim uses for SMTP
- output by putting something like
-
-</P>
-<PRE>
- DELIVER_OUT_BUFFER_SIZE=512</PRE>
-<P>
- in your <B>Local/Makefile</B> and rebuilding Exim (the default is 8192).
-
-</P>
-<A NAME="SEC23" HREF="FAQ.html#TOC23">Q0022</A>: Why do messages not get delivered down the same connection when I do
- something like: exim <B>-v</B> <B>-R</B> <B>@aol.com</B> ? For other domains, I do this and
- I see the appropriate "waiting for passed connections to get used"
- messages.
-
-
-<P>
-A0022: Recall that Exim does not keep separate queues for each domain, but
- operates in a distributed fashion. Messages get into its "waiting for
- host x" hints database only when a delivery has been tried, and has had
- a temporary error. Here are some possibilities:
-
-</P>
-<P>
- (1) The messages to <B>aol.com</B> got put in your queue, but no previous
- delivery attempt occured before you did the <B><B>-R.</B></B> This might have been
- because of your settings of <TT>queue_only_load</TT>, <TT>smtp_accept_queue</TT>, or any
- other option that caused no immediate delivery attempt on arrival. If
- this is the case, you can try using <B>-qqR</B> instead of <B><B>-R.</B></B>
-
-</P>
-<P>
- (2) You have set <TT>batch_max</TT> on the smtp transport, and that limit was
- reached. This would show as a sequence of n messages down one
- connection, then another n down a new connection, etc.
-
-</P>
-<P>
- (3) Exim tried to pass on the SMTP connection to another message, but
- that message was in the process of being delivered to <B>aol.com</B> by some
- other process (typically, a normal queue runner). This will break the
- sequence, though the other delivery should pass its connection on to
- other messages if there are any.
-
-</P>
-<P>
- (4) The folk at <B>aol.com</B> changed the MX records so the host names have
- changed - or a new host has been added. I don't know how likely this is.
-
-</P>
-<P>
- (5) Exim is not performing as it should in this regard, for some reason.
- Next time you have mail queued up for <B>aol.com,</B> try running
-
-</P>
-<PRE>
- exim_dumpdb /var/spool/exim wait-remote_smtp</PRE>
-<P>
- to see if those messages are listed among those waiting for the relevant
- <B>aol.com</B> hosts.
-
-</P>
-<A NAME="SEC24" HREF="FAQ.html#TOC24">Q0023</A>: What does the error "SEGV while reading ... from dbm file: record
- assumed not to exist" mean?
-
-
-<P>
-A0023: A crash is occuring when Exim calls your DBM library in order to read a
- record from one of its hints files. This kind of problem can be related
- to incorrectly installed DBM libraries. If you are using Slackware 3.6,
- the problem is that libgdbm is incorrectly installed on that system, and
- you will need to re-install it from source.
-
-</P>
-<A NAME="SEC25" HREF="FAQ.html#TOC25">Q0024</A>: There seems to be a problem in the string expansion code: it doesn't
- recognize references to headers such as <B><B>${h_to}.</B></B>
-
-
-<P>
-A0024: The only valid syntax for header references is (for example) <B>$h_to:</B>
- because header names are permitted by RFC 822 to contain a very wide
- range of characters. A colon (or white space) is required as the
- terminator.
-
-</P>
-<A NAME="SEC26" HREF="FAQ.html#TOC26">Q0025</A>: Exim is timing out after sending the a message's data to one particular
- host, and yet the remote host also claims to be timing out. This seems
- to affect only certain messages.
-
-
-<P>
-A0025: See
- <A HREF="FAQ.html#SEC19">Q0018</A>.
-
-</P>
-<A NAME="SEC27" HREF="FAQ.html#TOC27">Q0026</A>: When the Exim daemon forks a copy of itself to handle an incoming SMTP
- request, the forked copy seems to go around in circles for a
- significant (up to 5 minutes, so far) amount of time before deciding to
- accept the message.
-
-
-<P>
-A0026: These kinds of delay are usually caused by some kind of network problem
- that affects outgoing calls made by Exim at the start of an incoming
- message. Configuration options that cause outgoing calls are:
-
-</P>
-<P>
- (1) <TT>rfc1413_query_hosts</TT> and <TT>rfc1413_query_timeout</TT> (for ident calls);
- firewalls sometimes block ident calls, which can lead to this
- problem.
-
-</P>
-<P>
- (2) <TT>rbl_domains</TT> and <TT>rbl_hosts</TT>.
-
-</P>
-<P>
- (3) <TT>host_lookup</TT> and any other options that require the remote host's
- name to be looked up from its IP address.
-
-</P>
-<P>
- (4) <TT>sender_verify_hosts_callback</TT> and <TT>sender_verify_callback_domains</TT>.
-
-</P>
-<P>
- You can use the <B>-bh</B> option to get more information about what is
- happening at the start of a connection.
-
-</P>
-<A NAME="SEC28" HREF="FAQ.html#TOC28">Q0027</A>: What does "failed to create child process to send failure message" mean?
- This is a busy mail server with <TT>smtp_accept_max</TT> set to 500, but this
- problem started to occur at about 300 incoming connections.
-
-
-<P>
-A0027: Some message delivery failed, and when Exim wanted to send a bounce
- message, it was unable to create a process in which to do so. Probably
- the limit on the maximum number of simultaneously active processes has
- been reached. Most OS have some means of increasing this limit, and in
- some operating systems there is also a limit per uid which can be
- varied.
-
-</P>
-<A NAME="SEC29" HREF="FAQ.html#TOC29">Q0028</A>: What does "<message filter> transporting defer (-1): No transport set
- by director" in a log line mean?
-
-
-<P>
-A0028: Your system filter contains a "save" command, but you have not set
- <TT>message_filter_file_transport</TT>.
-
-</P>
-<A NAME="SEC30" HREF="FAQ.html#TOC30">Q0029</A>: Why is Exim refusing to relay, saying "failed to find host name from IP
- address" when I have the sender's IP address in <TT>host_accept_relay</TT>? My
- configuration contains this:
-
-
-<PRE>
- host_accept_relay = "lsearch;/etc/mail/relaydomains:192.168.96.0/24"</PRE>
-<P>
-A0029: When checking <TT>host_accept_relay</TT>, the items are tested in left-to-right
- order. The first item in your list is a lookup on the incoming host's
- name, so Exim has to determine the name from the incoming IP address in
- order to perform the test. If it can't find the host name, it can't do
- the check, so it gives up. The solution is to put all explicit IP
- addresses first in the list. You would have discovered what was going
- on if you had run a test such as
-
-</P>
-<PRE>
- exim -bh 192.168.96.131</PRE>
-<A NAME="SEC31" HREF="FAQ.html#TOC31">Q0030</A>: When I run "exim <B>-bd</B> <B>-q10m"</B> I get "PANIC LOG: exec of exim <B>-q</B> failed".
-
-
-<P>
-A0030: This probably means that Exim doesn't know its own path so it can't
- re-exec itself to do the first queue run. Check the output of
-
-</P>
-<PRE>
- exim -bP exim_path</PRE>
-<A NAME="SEC32" HREF="FAQ.html#TOC32">Q0031</A>: Why do connections to my machine's SMTP port take a long time to respond
- with the banner, when connections to other ports respond instantly?
-
-
-<P>
-A0031: See
- <A HREF="FAQ.html#SEC27">Q0026</A>.
-
-</P>
-<A NAME="SEC33" HREF="FAQ.html#TOC33">Q0032</A>: I can't seem to get a pipe command to run when I include a <B>${if</B>
- expansion in it. This fails:
-
-
-<PRE>
- command = "perl -T /usr/local/rt/bin/rtmux.pl \
- rt-mailgate helpdesk \
- ${if eq {$local_part}{rt} {correspond}{action}}"</PRE>
-<P>
-A0032: You need some internal quoting in there. Exim expands each individual
- argument separately. Because you have (necessarily) got spaces in your
- <B>${if</B> item, you have to quote that argument. Try
-
-</P>
-<PRE>
- command = "perl -T /usr/local/rt/bin/rtmux.pl \
- rt-mailgate helpdesk \
- \"${if eq {$local_part}{rt} {correspond}{action}}\""</PRE>
-<A NAME="SEC34" HREF="FAQ.html#TOC34">Q0033</A>: I'm trying to get Exim to connect an alias to a pipe, but it always
- gives error code 69, with the comment "(could mean service or program
- unavailable)".
-
-
-<P>
-A0033: If your alias entry looks like this:
-
-</P>
-<PRE>
- alias: |"/some/command some parameters"</PRE>
-<P>
- change it to look like this:
-
-</P>
-<PRE>
- alias: "|/some/command some parameters"</PRE>
-<A NAME="SEC35" HREF="FAQ.html#TOC35">Q0034</A>: I'm having a problem with an Exim RPM.
-
-
-<P>
-A0034: See
- <A HREF="FAQ.html#SEC334">Q9606</A>.
-
-</P>
-<A NAME="SEC36" HREF="FAQ.html#TOC36">Q0035</A>: What does the error "Spool file is locked" mean?
-
-
-<P>
-A0035: This is not an error[*]. All it means is that when an Exim delivery
- process (probably started by a queue runner process) looked at a message
- in order to start delivering it, it found that another Exim process was
- already busy delivering it. On a busy system this is quite a common
- occurrence. If you set <TT>log_level</TT> less than 5, these messages are omitted
- from the log.
-
-</P>
-<P>
- [*] The only time when this message might indicate a problem is if it is
- repeated for the same message for a very long time - say more than a few
- hours. That would suggest that the process that is delivering the
- message has somehow got stuck.
-
-</P>
-<A NAME="SEC37" HREF="FAQ.html#TOC37">Q0036</A>: Exim is reporting IP addresses as 0.0.0.0 or 255.255.255.255 instead of
- their correct values. What's going on?
-
-
-<P>
-A0036: You are using a version of Exim built with gcc on an IRIX box.
- See
- <A HREF="FAQ.html#SEC327">Q9502</A>.
-
-</P>
-<A NAME="SEC38" HREF="FAQ.html#TOC38">Q0037</A>: I can't seem to figure out why PAM support doesn't work correctly.
-
-
-<P>
-A0037: There is a problem using PAM on Linux with shadow passwords when the
- calling program is not running as root. Exim is normally running as the
- Exim user when authenticating a remote host. I don't know of an easy
- resolution to this.
-
-</P>
-<A NAME="SEC39" HREF="FAQ.html#TOC39">Q0038</A>: I'm trying to use a query-style lookup for hosts that are allowed to
- relay, but it is giving really weird errors.
-
-
-<P>
-A0038: Does your query contain a colon character? Remember that
- <TT>host_accept_relay</TT> operates on a colon-separated list, so you need to
- double any colons in the query. This applies even if the query is
- defined as a macro.
-
-</P>
-<A NAME="SEC40" HREF="FAQ.html#TOC40">Q0039</A>: Exim is rejecting calls from hosts that have more than one IP address,
- for no apparent reason.
-
-
-<P>
-A0039: You are using Solaris 7 or earlier, and have "nis dns files" in
- <B><B>/etc/nsswitch.conf</B>.</B> Change this to "dns nis files" to avoid hitting Sun
- bug 1154236 (a bad interaction between NIS and the DNS).
-
-</P>
-<A NAME="SEC41" HREF="FAQ.html#TOC41">Q0040</A>: Exim is failing to find the MySQL library, even though is it present
- within <B><B>$LD_LIBRARY_PATH.</B></B> I'm getting this error:
-
-
-<PRE>
- /usr/local/bin/exim: fatal: libmysqlclient.so.6: open failed:
- No such file or directory</PRE>
-<P>
-A0040: Exim is suid, and LD_LIBRARY_PATH is ignored for suid binaries on a
- Solaris (and other?) systems. What you should be doing is adding
- <B>-R/local/lib/mysql</B> to the same place in the compilation that you added
- <B><B>-L/local/lib/mysql.</B></B> This lets the binary know where to look without
- needing a path variable.
-
-</P>
-<A NAME="SEC42" HREF="FAQ.html#TOC42">Q0041</A>: I have a collection of Exim processes that have been around for days,
- and are apparently stuck while trying to deliver to remote hosts. This
- is causing the messages they are handling to get stuck.
-
-
-<P>
-A0041: There appears to be a problem in the connect() function in some
- operating systems, such that it does not time out as it should. Setting
- <TT>connect_timeout</TT> in the smtp transport causes Exim to apply its own
- timeout, and this seems to overcome this problem. In Exim 3.15 the
- default was changed from zero (rely on system's timeout) to 5 minutes,
- which is the value recommended in the RFCs.
-
-</P>
-<A NAME="SEC43" HREF="FAQ.html#TOC43">Q0042</A>: I have a message in the spool which couldn't be delivered because of a
- timeout from the remote smtp server. When I try to deliver this message
- in eximon, I get "Spool file is locked". How can I deliver the message?
-
-
-<P>
-A0042: Find the Exim proccess that is stuck, and kill it. You may be able to
- use exiwhat to do this, but if it is stuck in connect() it may not
- respond, and you will have to identify it some other way. Now read
-
- <A HREF="FAQ.html#SEC42">Q0041</A> about why this might have happened.
-
-</P>
-<P>
- If you have a suitable debugger on your system, you may be able to find
- out more information before killing the process. For example, if you
- have gdb you can connect it to the process by running this command as
- root:
-
-</P>
-<PRE>
- gdb exim <process-id></PRE>
-<P>
- At the gdb prompt, give the "bt" (backtrace) command, to display the
- stack contents. This should tell you the name of the function in which
- the process is stuck. If this is connect(), then you do have the
- <A HREF="FAQ.html#SEC42">Q0041</A>
- problem.
-
-</P>
-<A NAME="SEC44" HREF="FAQ.html#TOC44">Q0043</A>: What does the error "lookup of host <B>"xx<EM>.xx</EM><EM>.xx</EM>"</B> failed in <I>yyy</I>y router"
- mean? Any suggestions to stop this these sort of errors from being
- frozen would be muchly appreciated.
-
-
-<P>
-A0043: You configured a <B>domainlist</B> router to send the message to <B>xx<EM>.xx</EM><EM>.xx</EM>.</B> When
- it tried to look up the IP address for that host, the lookup failed
- with a permanent error. As this is a manual routing, this is a
- considered to be a serious error which the postmaster needs to know
- about (maybe you have a typo in your file), and there is little point
- in keeping on trying. So it freezes the message.
-
-</P>
-<P>
- 1. Don't set up routes to non-existent hosts.
-
-</P>
-<P>
- 2. If you must set up routes to non-existent hosts, and don't want
- freezing, set the <TT>host_find_failed</TT> option on the router to do something
- other than freeze.
-
-</P>
-<A NAME="SEC45" HREF="FAQ.html#TOC45">Q0044</A>: My filter isn't working. How can I test it?
-
-
-<P>
-A0044: Use the <B>-bf</B> option (-bF for a system filter) to test the basic operation
- of your filter. If you also turn on debugging at level 10 (-d10) it will
- output information as the filter runs.
-
-</P>
-<A NAME="SEC46" HREF="FAQ.html#TOC46">Q0045</A>: Exim works fine on one host, but when I copied the binary to another
- identical host, it stopped working (it could not resolve DNS names).
-
-
-<P>
-A0045: Is the new host running exactly the same operating system? Most
- importantly, are the versions of the dynamically loaded libraries
- (files with names like <B>libsocket.so.1)</B> the same on both systems? If not,
- that is probably the cause of the problem. Either arrange for the
- libraries to be the same, or rebuild Exim from source on the new host.
-
-</P>
-<A NAME="SEC47" HREF="FAQ.html#TOC47">Q0046</A>: Once in a while, a user will send a message and immediatly get a
- response back "No Transport Provider" If they choose "Send Again",
- sometimes it works, sometimes it doesn't.
-
-
-<P>
-A0046: This problem has been seen on Debian Linux 2.1 systems. The best advice
- seems to be to upgrade your server to a later Debian release and a later
- Exim release, and maybe also upgrade the hardware.
-
-</P>
-<A NAME="SEC48" HREF="FAQ.html#TOC48">Q0047</A>: I set <TT>host_accept_relay</TT> to do a lookup in a file of IP addresses, but it
- doesn't work.
-
-
-<P>
-A0047: Did you remember to put `net-' at the start of the the search type? If
- you set something like this:
-
-</P>
-<PRE>
- host_accept_relay = lsearch;/some/file</PRE>
-<P>
- it searches the file for the host <EM>name</EM>. You need to set
-
-</P>
-<PRE>
- host_accept_relay = net-lsearch;/some/file</PRE>
-<P>
- to make it use the IP address as the key to the lookup.
-
-</P>
-<BR><H2><A NAME="SEC49" HREF="FAQ.html#TOC49">1. BUILDING EXIM
-
-</A></H2>
-<A NAME="SEC50" HREF="FAQ.html#TOC50">Q0101</A>: I get the error "conflicting types" when Exim is building the libident
- library.
-
-
-<P>
-A0101: The problem is that libident assumes "struct timeval" refers to
- <TT>DST_NONE</TT>, and so it tries to avoid using this structure when <TT>DST_NONE</TT>
- isn't defined. Unfortunately it doesn't make this change everywhere it
- should, and so it blows up. The problem has been seen on NetBSD and
- some versions of the Linux C library. An easy, albeit not particularly
- neat, fix is to add <B><TT>-DDST_NONE</TT></B> to <TT>LIBIDENTCFLAGS</TT> for systems that are
- afflicted like this - there's not a lot else you can do without
- modifying libident. The value of <TT>DST_NONE</TT> is never used, so defining it
- to be empty should be harmless.
-
-</P>
-<A NAME="SEC51" HREF="FAQ.html#TOC51">Q0102</A>: When I ran <B>make</B> I got the error "undefined reference to <TT>dbopen</TT>".
-
-
-<P>
-A0102: Either:
-
-</P>
-<P>
- (A) This means you (or the default configuration for your operating
- system) have configured Exim to use Berkeley DB version 1<B><EM>.xx</EM></B>
- and it has not been given access to the DB library (where <TT>dbopen</TT>
- should be found). You may need something like <TT>DBMLIB=-ldb</TT> in
- <B>Local/Makefile</B>. Berkeley DB is one of several alternative DBM
- libraries that Exim can make use of. For a discussion of DBM issues,
- see the file <B>doc/dbm.discuss.txt</B> in the Exim distribution.
-
-</P>
-<P>
- (B) You are running on a version of Linux which has a problem in its
- libraries. This effect isn't fully understood. It has been seen with
- the libraries used in Caldera OpenLinux Base 1.1.
-
-</P>
-<A NAME="SEC52" HREF="FAQ.html#TOC52">Q0103</A>: I can't get Exim to compile with Berkeley DB version 2.x.
-
-
-<P>
-A0103: Have you set <TT>USE_DB=yes</TT> in <B>Local/Makefile</B>? This causes Exim to use the
- native interface to the DBM library instead of the compatibility
- interface, which needs a header called <B>ndbm.h</B> that may not exist on your
- system.
-
-</P>
-<A NAME="SEC53" HREF="FAQ.html#TOC53">Q0104</A>: I'm getting an "undefined symbol" error for <TT>hosts_ctl</TT> when I try to
- build Exim. (On some systems this error is "undefined reference to
- 'hosts_ctl'".)
-
-
-<P>
-A0104: You should either remove the definition of USE_TCP_WRAPPERS or add
- <B>-lwrap</B> to your <TT>EXTRALIBS</TT> setting in <B>Local/Makefile</B>.
-
-</P>
-<A NAME="SEC54" HREF="FAQ.html#TOC54">Q0105</A>: I'm about to upgrade to a new Exim release. Do I need to ensure the
- spool is empty, or take any other special action?
-
-
-<P>
-A0105: If you are changing to release 3.00 or later from a release prior to
- 3.00, you will probably need to make changes to the runtime
- configuration file. See <B>README.UPDATING</B> for details. Otherwise, you
- do not need to take special action. New releases are made backwards
- compatible with old spool files and "hints" databases so that upgrading
- can be done on a running system. All that should be necessary is to
- install a new binary and then HUP the daemon if you are running one.
-
-</P>
-<A NAME="SEC55" HREF="FAQ.html#TOC55">Q0106</A>: What does the error "<B>install-info</B>: command not found" mean?
-
-
-<P>
-A0106: You have set INFO_DIRECTORY in your <B>Local/Makefile</B>, and Exim is trying
- to install the Texinfo documentation, but cannot find the command called
- <B>install-info</B>. If you have a version of Texinfo prior to 3.9, you
- should upgrade. Otherwise, check your installation of Texinfo to see why
- the <B>install-info</B> command is not available.
-
-</P>
-<A NAME="SEC56" HREF="FAQ.html#TOC56">Q0107</A>: Exim doesn't seem to be recognizing my operating system type correctly,
- and so is failing to build.
-
-
-<P>
-A0107: Run the command "scripts/os-type <B><B>-generic".</B></B> The output should be one of
- the known OS types, and should correspond to your operating system. You
- can see which OS are supported by obeying "ls OS/Makefile-*" and looking
- at the file name suffixes.
-
-</P>
-<P>
- If there is a discrepancy, it means that the script is failing to
- interpret the output from the "uname" command correctly, or that the
- output is wrong. Meanwhile, you can build Exim by obeying
-
-</P>
-<PRE>
- EXIM_OSTYPE=xxxx make</PRE>
-<P>
- instead of just <B>make</B>, provided you are running a Bourne-compatible
- shell, or otherwise by setting EXIM_OSTYPE correctly in your
- environment. It is probably best to start again from a clean
- distribution, to avoid any wreckage left over from the failed attempt.
-
-</P>
-<A NAME="SEC57" HREF="FAQ.html#TOC57">Q0108</A>: I am getting an error "`exim' undeclared here" when I compile, in the
- <B>globals.c</B> module.
-
-
-<P>
-A0108: You have set EXIM_UID = exim in your <B>Local/Makefile</B>. Unfortunately,
- named uids are not permitted here; you must give a numerical uid.
- However, in the runtime configure file names are permitted.
-
-</P>
-<A NAME="SEC58" HREF="FAQ.html#TOC58">Q0109</A>: Exim fails to build, complaining about the absence of the "killpg"
- function.
-
-
-<P>
-A0109: This function should be present in all modern flavours of Unix. If you
- are using an older version, you should be able to get round the problem
- by inserting
-
-</P>
-<PRE>
- #define killpg(pgid,sig) kill(-(pgid),sig)</PRE>
-<P>
- into the file called <B>OS/os.h<I>-xx</I>x,</B> where <I>xxx</I> identifies your operating
- system, and is the output of the command "scripts/os-type <B><B>-generic".</B></B>
-
-</P>
-<A NAME="SEC59" HREF="FAQ.html#TOC59">Q0110</A>: I'm getting an unresolved symbol <TT>ldap_is_ldap_url</TT> when trying to build
- Exim.
-
-
-<P>
-A0110: You must have specified <TT>LOOKUP_LDAP=yes</TT> in the configuration. Have you
- remembered to set <B>-lldap</B> somewhere (e.g. in LOOKUP_LIBS)? You need that
- in order to get the LDAP library scanned when linking.
-
-</P>
-<A NAME="SEC60" HREF="FAQ.html#TOC60">Q0111</A>: I'm getting an unresolved symbol <TT>mysql_close</TT> when trying to build Exim.
-
-
-<P>
-A0111: You must have specified <TT>LOOKUP_MYSQL=yes</TT> in the configuration. Have you
- remembered to set <B>-lmysqlclient</B> somewhere (e.g. in LOOKUP_LIBS)? You
- need that in order to get the MySQL library scanned when linking.
-
-</P>
-<A NAME="SEC61" HREF="FAQ.html#TOC61">Q0112</A>: I'm trying to build Exim with PAM support. I have included <B>-lpam</B> in
- <TT>EXTRALIBS</TT>, but I'm still getting a linking error:
-
-
-<PRE>
- /lib/libpam.so: undefined reference to `dlerror'
- /lib/libpam.so: undefined reference to `dlclose'
- /lib/libpam.so: undefined reference to `dlopen'
- /lib/libpam.so: undefined reference to `dlsym'</PRE>
-<P>
-A0112: Add <B>-ldl</B> to <TT>EXTRALIBS</TT>. In some systems these dynamic loading functions
- are in their own library.
-
-</P>
-<A NAME="SEC62" HREF="FAQ.html#TOC62">Q0113</A>: I'm getting the error <B>"db.h:</B> No such file or directory" when I try to
- build Exim.
-
-
-<P>
-A0113: This problem has been seen with RedHat 7.0, but could also happen in
- other environments. If your system is using the DB3 DBM library, you
- need to install the DB3 development package in order to build Exim.
- The package is called something like <B>db3-devel-3.1.14-16.i386.rpm</B> for
- Linux systems, but you should check which version of DB3 you have
- installed.
-
-</P>
-<A NAME="SEC63" HREF="FAQ.html#TOC63">Q0114</A>: I'm getting the error "/usr/bin/ld: cannot find <B>-ldb1"</B> when I try to
- build Exim.
-
-
-<P>
-A0114: This is probably the same problem as
- <A HREF="FAQ.html#SEC62">Q0113</A>.
-
-</P>
-<BR><H2><A NAME="SEC64" HREF="FAQ.html#TOC64">2. MAILBOX LOCKING
-
-</A></H2>
-<A NAME="SEC65" HREF="FAQ.html#TOC65">Q0201</A>: Why do I get the error "Permission denied: creating lock file hitching
- post" when Exim tries to do a local delivery?
-
-
-<P>
-A0201: Your configuration specifies that local mailboxes are all held in
- single directory, via configuration lines like these (taken from the
- default configuration):
-
-</P>
-<PRE>
- local_delivery:
- driver = appendfile
- file = /var/mail/$local_part</PRE>
-<P>
- and the permissions on the directory probably look like this:
-
-</P>
-<PRE>
- drwxrwxr-x 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
-<P>
- Using the default configuration, Exim runs as the local user when doing
- a local delivery, and it uses a lock file to prevent any other process
- from updating the mailbox while it is writing to it. With those
- permissions the delivery process, running as the user, is unable to
- create a lock file in the <B>/var/mail</B> directory. There are two solutions
- to this problem:
-
-</P>
-<P>
- (A) Set the "write" and "sticky bit" permissions on the directory, so
- that it looks like this:
-
-</P>
-<PRE>
- drwxrwxrwt 3 root mail 512 Jul 9 13:48 /var/mail/</PRE>
-<P>
- The "w" allows any user to create new files in the directory, but
- the "t" bit means that only the creator of a file is able to remove
- it. This is the same setting as is normally used with the <B>/tmp</B>
- directory.
-
-</P>
-<P>
- (B) Arrange to run the <TT>local_delivery</TT> transport under a specific group
- by changing the configuration to read
-
-</P>
-<PRE>
- local_delivery:
- driver = appendfile
- file = /var/mail/${local_part}
- group = mail</PRE>
-<P>
- The delivery process still runs under the user's uid, but with the
- group set to "mail". The group permission on the directory allows
- the process to create and remove the lock file.
-
-</P>
-<P>
- The choice between (A) and (B) is up to the administrator. If the
- second solution is used, users can empty their mailboxes by updating
- them, but cannot delete them.
-
-</P>
-<P>
- If your problem involves mail to root, see also
- <A HREF="FAQ.html#SEC148">Q0507</A>.
-
-</P>
-<A NAME="SEC66" HREF="FAQ.html#TOC66">Q0202</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
- over a network.
-
-
-<P>
-A0202: See
- <A HREF="FAQ.html#SEC342">A9705</A> in the Sun-specific section below.
-
-</P>
-<BR><H2><A NAME="SEC67" HREF="FAQ.html#TOC67">3. ROUTING
-
-</A></H2>
-<A NAME="SEC68" HREF="FAQ.html#TOC68">Q0301</A>: What do "lowest numbered MX record points to local host" and "remote
- host address is the local host" mean?
-
-
-<P>
-A0301: They mean exactly what they say. Exim has tried to route a domain that
- it thinks is not local, and when it looked it up in the DNS, either the
- lowest numbered MX record pointed at the local host, or there were no
- MX records, and the address record for the domain pointed to an IP
- address that belongs to the local host.
-
-</P>
-<P>
- (A) If the domain is meant to be handled as a local domain, then there
- is a problem with the setting of the <TT>local_domains</TT> configuration
- option. If you have not set this, then only the name of the local
- host is treated as a local domain. If, for example, your host is
- called <B>myhost.mydomain.com</B> and you want it to handle mail for the
- domain <B>mydomain.com</B> as well as for its own name, you must set
-
-</P>
-<PRE>
- local_domains = myhost.mydomain.com:mydomain.com</PRE>
-<P>
- or, if you want to be more general, you could use
-
-</P>
-<PRE>
- local_domains = *.mydomain.com:mydomain.com</PRE>
-<P>
- If you have a large number of individual local domains, you should
- investigate storing them in a file and setting <TT>local_domains</TT> to do a
- lookup.
-
-</P>
-<P>
- All the domains in <TT>local_domains</TT> are treated as synonymous by
- default. If you want to specify different handling for different
- domains, you can either use <TT>domains</TT> options, to restrict certain
- directors to certain domains, or use the <B>$domain</B> expansion variable
- in director options to vary the value according to the domain, for
- example, setting the name of an alias file to <B>/etc/aliases/$domain</B>.
-
-</P>
-<P>
- (B) If the domain is one for which the local host is providing a
- forwarding service (called "mail hubbing"), possibly as part of a
- firewall, then you need to set up a router to tell Exim where to
- send messages addressed to this domain, since the DNS directs them
- to the local host. The routers section of your configuration file
- should look something like this:
-
-</P>
-<PRE>
- hubbed_hosts:
- driver = domainlist
- transport = remote_smtp
- route_list = see discussion below</PRE>
-<PRE>
- other_hosts:
- driver = lookuphost
- transport = remote_smtp</PRE>
-<P>
- Note that the <B>domainlist</B> router must come first so that it can pick
- off a hubbed host before it gets to the <B>lookuphost</B> router. The
- contents of the <TT>route_list</TT> option depend on how many hosts you are
- hubbing for, and how their names are related to the domain name.
- Suppose the local host is a firewall, and all the domains in
- <B>*.foo.bar</B> have MX records pointing to it, and each domain
- corresponds to a host of the same name. Then the setting could be
-
-</P>
-<PRE>
- route_list = "*.foo.bar $domain byname"</PRE>
-<P>
- If there isn't a convenient relationship between the domain names
- and the host names, then you either have to list each domain
- separately, or use a lookup expansion to look up the host from the
- domain, or put the routing information in a file and use the
- <TT>route_file</TT> option.
-
-</P>
-<P>
- (C) If neither (A) nor (B) is the case, then the lowest numbered MX
- record or the address record for the domain should not be pointing
- to your host. You should arrange to get the DNS mended.
-
-</P>
-<P>
- There has been a rash of instances of domains being deliberately set
- up with MX records pointing to "localhost", which causes this
- behaviour. By default, Exim defers delivery and freezes the message.
- You can change what Exim does by setting the generic "self" option
- on the router, for example, to make it bounce such domains. If you
- are running a release later than 3.16, you can use the option
- called <TT>ignore_target_hosts</TT> instead, to get it to pretend such hosts
- do not exist.
-
-</P>
-<A NAME="SEC69" HREF="FAQ.html#TOC69">Q0302</A>: How do I configure Exim to send all non-local mail to a gateway host?
-
-
-<P>
-A0302: Replace the <B>lookuphost</B> router in the default configuration with the
- following:
-
-</P>
-<PRE>
- send_to_gateway:
- driver = domainlist
- transport = remote_smtp
- route_list = * gate.way.host byname</PRE>
-<P>
- This uses gethostbyname() to find the gateway's IP address. You could
- alternatively have "bydns" to do a DNS lookup with MX handling, in which
- case <B>"gate.way.host"</B> is really being treated as a mail domain name
- rather than a host name. If there are several hosts you can send to,
- you can specify them as a colon-separated list. See also
- <A HREF="FAQ.html#SEC92">Q0325</A> and
- <A HREF="FAQ.html#SEC96">Q0402</A>.
-
-</P>
-<A NAME="SEC70" HREF="FAQ.html#TOC70">Q0303</A>: How do I configure Exim to send all non-local mail to a central server
- if it cannot be immediately delivered by my host? I don't want to have
- queued mail waiting on my host.
-
-
-<P>
-A0303: Add to the <TT>remote_smtp</TT> transport the following:
-
-</P>
-<PRE>
- fallback_hosts = central.server.name(s)</PRE>
-<P>
- If there are several names, they must be separated by colons.
-
-</P>
-<A NAME="SEC71" HREF="FAQ.html#TOC71">Q0304</A>: How can I arrange for messages submitted by (for example) Majordomo to
- be routed specially?
-
-
-<P>
-A0304: See
- <A HREF="FAQ.html#SEC98">A0404</A>.
-
-</P>
-<A NAME="SEC72" HREF="FAQ.html#TOC72">Q0305</A>: How do I arrange for all incoming email for <B><B>*@some.domain</B></B> to go into one
- pop3 mail account? The customer doesn't want to add a list of specific
- local parts to the system.
-
-
-<P>
-A0305: Set up a special transport that writes to the mailbox like this:
-
-</P>
-<PRE>
- special_transport:
- driver = appendfile
- file = /pop/mailbox
- envelope_to_add
- return_path_add
- delivery_date_add
- user = exim</PRE>
-<P>
- The file will be written as the user "exim". Then arrange to route all
- mail for that domain to that transport, with a router like this:
-
-</P>
-<PRE>
- special_router:
- driver = domainlist
- transport = special_transport
- route_list = some.domain</PRE>
-<P>
- Alternatively, you could make <B>some.domain</B> a local domain, and use a
- <B>smartuser</B> director instead.
-
-</P>
-<A NAME="SEC73" HREF="FAQ.html#TOC73">Q0306</A>: The <TT>route_list</TT> setting
- <TT>^foo$:^bar$ $domain byname</TT> in a <B>domainlist</B>
- router does not work.
-
-
-<P>
-A0306: The first thing in a <TT>route_list</TT> item is a single pattern, not a list of
- patterns. You need to write that as
- <TT>^(foo|bar)$ $domain byname</TT>.
- Alternatively, you could use several items and write
-
-</P>
-<PRE>
- route_list = "foo $domain byname; bar $domain byname"</PRE>
-<P>
- Note the semicolon separator. This is because the second thing in each
- item <EM>can</EM> be a list - of hosts.
-
-</P>
-<A NAME="SEC74" HREF="FAQ.html#TOC74">Q0307</A>: I'm getting "permission denied" when Exim attempts to check a
- <TT>require_files</TT> option.
-
-
-<P>
-A0307: See
- <A HREF="FAQ.html#SEC104">A0410</A> below.
-
-</P>
-<A NAME="SEC75" HREF="FAQ.html#TOC75">Q0308</A>: I have a domain for which some local parts must be delivered locally,
- but the remainder are to be treated like any other remote addresses.
-
-
-<P>
-A0308: The way to do this is not to include the domain in <TT>local_domains</TT>, so
- that addresses initially get passed to the routers. The first router
- should be definied like this:
-
-</P>
-<PRE>
- special_local:
- driver = domainlist
- local_parts = whatever...
- domains = whatever...
- route_list = * localhost byname
- self = local</PRE>
-<P>
- That will pick off those addresses with matching local parts and
- domains, and hand them to the directors, because of the <TT>self = local</TT>
- setting. Any other addresses will fall through to the other routers and
- be handled as normal remote addresses.
-
-</P>
-<A NAME="SEC76" HREF="FAQ.html#TOC76">Q0309</A>: For certain domains, I don't want Exim to use MX records. Instead, I
- want it just to look up the hosts' A records. I tried using a negative
- entry in <TT>mx_domains</TT> in the smtp router, but it didn't work.
-
-
-<P>
-A0309: The <TT>mx_domains</TT> option specifies domains for which there <EM>must</EM> be an MX
- record (an A record isn't good enough). Consequently, a negative item in
- it doesn't do what you want - any domain matching is is not required to
- have an MX record, but it doesn't stop Exim from using MX records for
- any that do have them. You can achieve what you want using either a
- <B>lookuphost</B> or a <B>domainlist</B> router:
-
-</P>
-<P>
- (A) Using <B>lookuphost</B>:
-
-</P>
-<PRE>
- special_domains:
- driver = lookuphost
- transport = remote_smtp
- domains = list:of:domains:you:want:to:do:this:for
- gethostbyname</PRE>
-<P>
- (B) Using <B>domainlist</B>:
-
-</P>
-<PRE>
- special_domains:
- driver = domainlist
- transport = remote_smtp
- domains = list:of:domains:you:want:to:do:this:for
- route_list = * * byname</PRE>
-<P>
- If the list of domains is actually a lookup in a file, you can dispense
- with <TT>domains</TT> in the <B>domainlist</B> case, and put the lookup into the
- <TT>route_list</TT> option.
-
-</P>
-<A NAME="SEC77" HREF="FAQ.html#TOC77">Q0310</A>: How can I configure Exim on a firewall machine so that if mail arrives
- addressed to a domain whose MX points to the firewall, it is forwarded
- to the internal mail server, without having to have a list of all the
- domains involved?
-
-
-<P>
-A0310: As your first router, have the standard <B>lookuphost</B> router from the
- default configuration, with the added options
-
-</P>
-<PRE>
- no_more
- self = pass</PRE>
-<P>
- This will handle all domains whose lowest numbered MX records do <EM>not</EM>
- point to your host. Because of the <TT>no_more</TT> setting, if it encounters
- an unknown domain, routing will fail. However, if it hits a domain whose
- lowest numbered MX points to your host, the "self" option comes into
- play, and overrides <TT>no_more</TT>. The "pass" setting causes it to pass
- the address on to the next router. (The default causes it to generate an
- error.)
-
-</P>
-<P>
- As your second (and last) router, set up a <B>domainlist</B> router that sends
- everything to your internal mail server. That is, use an option of the
- form
-
-</P>
-<PRE>
- route_list = * internal.server byname</PRE>
-<A NAME="SEC78" HREF="FAQ.html#TOC78">Q0311</A>: How can I arrange that messages larger than some limit are handled by
- a special router?
-
-
-<P>
-A0311: If you are using Exim 2.10 or greater, you can use a <TT>condition</TT> option
- on the router of the form
-
-</P>
-<PRE>
- condition = ${if >{$message_size}{100K}{yes}{no}}</PRE>
-<P>
- Earlier versions of Exim do not have numerical comparison operators,
- though you can use tricks like
-
-</P>
-<PRE>
- condition = ${if eq {${substr_5:$message_size}}{}{no}{yes}}</PRE>
-<A NAME="SEC79" HREF="FAQ.html#TOC79">Q0312</A>: If a DNS lookup returns no MX records why doesn't Exim just bin the
- message?
-
-
-<P>
-A0312: If a DNS lookup returns no MXs, Exim looks for an A record, in
- accordance with the rules that are defined in the RFCs. If you want to
- break the rules, you can set <TT>mx_domains</TT> in the <B>lookuphost</B> router, but
- you will cut yourself off from those sites (and there still seem to be
- plenty) who do not set up MX records.
-
-</P>
-<A NAME="SEC80" HREF="FAQ.html#TOC80">Q0313</A>: When a DNS lookup for MX records fails to complete, why doesn't Exim
- send the messsage to the host defined by the A record?
-
-
-<P>
-A0313: The RFCs are quite clear on this. Only if it is known that there are no
- MX records is an MTA allowed to make use of the A record. When an MX
- lookup fails to complete, Exim does not know whether there are any MX
- records or not. There seem to be some nameservers (or some
- configurations of some nameservers) that give a "server fail" error when
- asked for a non-existent MX record. Exim uses standard resolver calls,
- which unfortunately do not distinguish between this case and a timeout,
- so all Exim can do is try again later.
-
-</P>
-<A NAME="SEC81" HREF="FAQ.html#TOC81">Q0314</A>: Can you specify a list of domains to explicitly reject?
-
-
-<P>
-A0314: Use a router like this:
-
-</P>
-<PRE>
- reject_domains:
- driver = domainlist
- self = fail_hard
- domains = list:of:domains:to:reject
- route_list = * localhost byname</PRE>
-<A NAME="SEC82" HREF="FAQ.html#TOC82">Q0315</A>: Is it possible to use a conditional expression for the host item in a
- <TT>route_list</TT> for the <B>domainlist</B> router? I tried the following, but it
- doesn't work:
-
-
-<PRE>
- route_list = * ${if match{$header_from:}{.*\\.usa\\.net\\$} \
- {<smarthost1>}{<smarthost2>} bydns_a</PRE>
-<P>
-A0315: The problem is that the second item in the <TT>route_list</TT> contains white
- space, which means that it gets terminated prematurely. To avoid this,
- you must put the second item in quotes:
-
-</P>
-<PRE>
- route_list = * "${if match{$header_from:}{.*\\.usa\\.net\\$} \
- {<smarthost1>}{<smarthost2>}}" bydns_a</PRE>
-<A NAME="SEC83" HREF="FAQ.html#TOC83">Q0316</A>: I send all external mail to a smart host, but this means that bad
- addresses also get passed to the smart host. Can I avoid this?
-
-
-<P>
-A0316: If you are receiving the mail via SMTP, then you can use verification to
- weed out the bad addresses. Set <TT>no_verify</TT> on the router which sends
- everything to your smart host, and insert a new router with <TT>verify_only</TT>
- that does general routing using DNS lookups (e.g. the default <B>lookuphost</B>
- router), or any other verification you want. Then set <TT>receiver_verify</TT>
- so that addresses are accepted only if they verify successfully.
-
-</P>
-<A NAME="SEC84" HREF="FAQ.html#TOC84">Q0317</A>: I have a dial-up machine, and I use the <TT>queue_smtp</TT> option so that remote
- mail only goes out when I do a queue run. However, any email I send with
- an address <B><B><anything>@aol.com</B></B> is returned within about 15 mins saying
- 'retry time exceeded', and all addresses are affected.
-
-
-<P>
-A0317: See
- <A HREF="FAQ.html#SEC260">Q1401</A>.
-
-</P>
-<A NAME="SEC85" HREF="FAQ.html#TOC85">Q0318</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
- on the local host?
-
-
-<P>
-A0318: See
- <A HREF="FAQ.html#SEC122">A0428</A>.
-
-</P>
-<A NAME="SEC86" HREF="FAQ.html#TOC86">Q0319</A>: How can I arrange to do my own qualification of non-fully-qualified
- domains, and then pass them on to the next router?
-
-
-<P>
-A0319: If you have some list of domains that you want to qualify, you can do
- this using a <B>domainlist</B> router. For example,
-
-</P>
-<PRE>
- qualify:
- driver = domainlist
- route_list = *.a.b $domain.c.com</PRE>
-<P>
- adds <B>".c.com"</B> to any domain that matches <B>"*.a.b".</B> In the absence of any
- options in the route item, the new domain is passed to the next router.
-
-</P>
-<P>
- If you want to do this in conjunction with a <B>lookuphost</B> router, the
- <TT>widen_domains</TT> option of that router may be another way of achieving what
- you want.
-
-</P>
-<A NAME="SEC87" HREF="FAQ.html#TOC87">Q0320</A>: Every system has a "nobody" account under which httpd etc run. I would
- like to know how to restrict mail which comes from that account to users
- on that host only.
-
-
-<P>
-A0320: Set up a router with <B><B>senders=nobody@your.domain</B></B> which routes all
- mail to a local transport that delivers it to <B>/dev/null</B> (or to a pipe
- that bounces with an error message, or whatever). That would catch all
- mail to non-local domains.
-
-</P>
-<A NAME="SEC88" HREF="FAQ.html#TOC88">Q0321</A>: I have a really annoying intermittent problem where attempts to mail to
- valid sites are rejected with "unknown mail domain". This only happens a
- few times a day and there is no particular pattern to the sites it
- rejects. If I try to lookup the same domain a few minutes later then it
- is OK.
-
-
-<P>
-A0321: (A) Have you linked Exim against the newest DNS resolver library that
- comes with Bind? If you are using SunOS4 that may be your problem, as
- the resolver that comes with that OS is known to be buggy and to give
- intermittent false negatives.
-
-</P>
-<P>
- (B) Effects like this are sometimes seen if a domain's nameservers get
- out of step with each other.
-
-</P>
-<A NAME="SEC89" HREF="FAQ.html#TOC89">Q0322</A>: I'd like route all mail with unresolved addresses to a relay machine.
-
-
-<P>
-A0322: Set <TT>pass_on_timeout</TT> on your <B>lookuphost</B> router, and add below it a
- <B>domainlist</B> router that routes everything to the relay.
-
-</P>
-<A NAME="SEC90" HREF="FAQ.html#TOC90">Q0323</A>: I would like to forward all incoming email for a particular domain to
- another machine via SMTP. Whereabouts would I configure that?
-
-
-<P>
-A0323: First, do not list the domain in <TT>local_domains</TT>. Instead, list it in
- <TT>relay_domains</TT>. Then, if the domain's lowest numbered MX record points to
- your host, set up a <B>domainlist</B> router before your normal <B>lookuphost</B>
- router, in order to route the domain to the specific host.
-
-</P>
-<A NAME="SEC91" HREF="FAQ.html#TOC91">Q0324</A>: Why does Exim say "all relevant MX records point to non-existent hosts"
- when MX records point to IP addresses?
-
-
-<P>
-A0324: MX records cannot point to IP addresses. They are defined to point to
- host names, so Exim always interprets them that way. (An IP address is a
- syntactically valid host name.) The DNS for the domain you are having
- problems with is misconfigured.
-
-</P>
-<P>
- However, it appears that more and more DNS zones are breaking the rules
- and putting IP addresses on the RHS of MX records. Exim follows the
- rules and rejects this, but other MTAs do support it, so <TT>allow_mx_to_ip</TT>
- was regretfully added at release 3.14 to permit this heinous activity.
-
-</P>
-<A NAME="SEC92" HREF="FAQ.html#TOC92">Q0325</A>: How can I arrange for mail on my local network to be delivered directly
- to the relevant hosts, but all other mail to be sent to my ISP's mail
- server? The local hosts are all DNS-registered and behave like normal
- Internet hosts.
-
-
-<P>
-A0325: Set up a first router to pick off all the domains for your local
- network. There are several ways you might do this. For example
-
-</P>
-<PRE>
- local:
- driver = lookuphost
- transport = remote_smtp
- domains = lsearch;/etc/local_domains.list</PRE>
-<P>
- This does a perfectly conventional DNS routing operation, but only for
- your local domains. Follow this with a "smarthost" router:
-
-</P>
-<PRE>
- internet:
- driver = domainlist
- transport = remote_smtp
- route_list = * mail.isp.net bydns_a</PRE>
-<P>
- This sends anything else to the smart host.
-
-</P>
-<A NAME="SEC93" HREF="FAQ.html#TOC93">Q0326</A>: What I'd like to do is have alternative smarthosts, where the one to be
- used is determined by which ISP I'm connected to.
-
-
-<P>
-A0326: The simplest way to do this is to use a lookup in a <B>domainlist</B> router.
- For example:
-
-</P>
-<PRE>
- smarthost:
- driver = domainlist
- transport = remote_smtp
- route_list = * ${lookup{smart}lsearch{/etc/smarthost}{$value}} byname</PRE>
-<P>
- where you arrange for the name (or IP address) of the relevant smart
- host to be placed in <B>/etc/smarthost</B> when you connect, in the form
-
-</P>
-<PRE>
- smart: smart.host.name.or.ip</PRE>
-<P>
- By keeping the data out of the main configuration file, you avoid having
- to HUP the daemon when it changes.
-
-</P>
-<BR><H2><A NAME="SEC94" HREF="FAQ.html#TOC94">4. DIRECTING
-
-</A></H2>
-<A NAME="SEC95" HREF="FAQ.html#TOC95">Q0401</A>: I need to have any mail for <B>virt.dom.ain</B> that <EM>doesn't</EM> match one of the
- aliases in <B><B>/usr/lib/aliases.virt</B></B> delivered to a particular address, for
- example, <B><B>postmaster@virt.dom.ain.</B></B>
-
-
-<P>
-A0401: Adding an asterisk to a search type causes Exim to look up "*" when the
- normal lookup fails. So if your director is something like this:
-
-</P>
-<PRE>
- virtual:
- driver = aliasfile
- domains = virt.dom.ain
- file = /usr/lib/aliases.virt
- search_type = lsearch
- no_more</PRE>
-<P>
- you should change "lsearch" to "lsearch*", and put this in the alias
- file:
-
-</P>
-<PRE>
- *: postmaster@virt.dom.ain</PRE>
-<P>
- This solution has the feature that if there are several unknown
- addresses in the same message, only one copy gets sent to the
- postmaster, because of Exim's normal de-duplication rules.
-
-</P>
-<P>
- You can get separate deliveries for each unknown address only if you can
- direct them to a specific transport, by using a <B>smartuser</B> director like
- this:
-
-</P>
-<PRE>
- virtual:
- driver = aliasfile
- domains = virt.dom.ain
- file = /usr/lib/aliases.virt
- search_type = lsearch</PRE>
-<PRE>
- default_virtual:
- driver = smartuser
- domains = virt.dom.ain
- transport = special_delivery
- new_address = postmaster@virt.dom.ain
- no_more</PRE>
-<P>
- If an address in the virtual domain is not matched by the normal alias
- lookup, then it gets picked up by the <B>smartuser</B> and passed to the
- transport with a new address. There is no checking for duplicates, so
- if there is more than one address that passes through this mechanism,
- multiple copies get delivered. In order to distinguish them, the
- <TT>envelope_to_add</TT> option can be set on the transport, to cause the
- insertion of an Envelope-To: header containing the original recipient
- address.
-
-</P>
-<A NAME="SEC96" HREF="FAQ.html#TOC96">Q0402</A>: How do I configure Exim to send all messages to a central server?
-
-
-<P>
-A0402: This implies that you are not doing any local deliveries at all. Set
-
-</P>
-<PRE>
- local_domains =</PRE>
-<P>
- in the configuration file. This specifies that there are no local
- domains (by default your host name is set up as a local domain). Then
- all addresses are non-local -
- <A HREF="FAQ.html#SEC69">A0302</A> tells you how to deal with them.
-
-</P>
-<A NAME="SEC97" HREF="FAQ.html#TOC97">Q0403</A>: How do I configure Exim to send messages for unknown local users to a
- central server?
-
-
-<P>
-A0403: At the end of the directors section of the configuration, insert the
- following director:
-
-</P>
-<PRE>
- unknown:
- driver = smartuser
- transport = unknown_transport</PRE>
-<P>
- You should add <TT>no_verify</TT> to this if you are verifying addresses;
- without it, all local parts will verify as valid in the local domain.
- Then somewhere in the transports section of the configuration insert
-
-</P>
-<PRE>
- unknown_transport:
- driver = smtp
- hosts = server.host.name</PRE>
-<P>
- A colon-separated list of hosts may be given. They are tried in order.
- By default, the IP address of any host is found by looking in the DNS
- and doing MX processing (so really it is a domain list rather than a
- host list). If you don't want MX processing, set the "gethostbyname"
- option:
-
-</P>
-<PRE>
- unknown_transport:
- driver = smtp
- hosts = server.host.name
- gethostbyname</PRE>
-<P>
- This calls the gethostbyname() function to find IP addresses. Depending
- on your operating system and configuration, this usually consults
- <B>/etc/hosts</B> and possibly other sources of information, as well as, or
- instead of, the DNS.
-
-</P>
-<P>
- If you want to change the recipient address when doing this, you can use
- the <TT>new_address</TT> option on the <B>smartuser</B> director. For example, if the
- address is <B><B>user@foo.bar.com</B></B> and the setting is
-
-</P>
-<PRE>
- new_address = $local_part@bar.com</PRE>
-<P>
- The message is sent to the server with the envelope recipient changed to
- <B><B>user@bar.com.</B></B> However, this does not make any changes to the message's
- headers.
-
-</P>
-<A NAME="SEC98" HREF="FAQ.html#TOC98">Q0404</A>: How can I arrange for messages submitted by (for example) Majordomo to
- be handled specially?
-
-
-<P>
-A0404: You can use the <TT>condition</TT> option on a director or router, with a
- setting such as
-
-</P>
-<PRE>
- condition = ${if and {{eq {$sender_host_address}{}} \
- {eq {$sender_ident}{majordom}}} {yes}{no}}</PRE>
-<P>
- This first tests for a locally-submitted message, by ensuring there is
- no sending host address, and then it checks the identity of the user
- that ran the submitting process.
-
-</P>
-<A NAME="SEC99" HREF="FAQ.html#TOC99">Q0405</A>: On a host that accepts mail for several domains, do I have to use fully
- qualified names in <B>/etc/aliases</B> or do I have to set up an alias file for
- each domain?
-
-
-<P>
-A0405: You can do it either way. If you use a single file, you must set
- <TT>include_domain</TT> on the <B>aliasfile</B> director. If you use a separate file
- for each domain you can use a single director with an option such as
-
-</P>
-<PRE>
- file = /etc/aliases/$domain</PRE>
-<P>
- (as in C007), or you can have several different directors, each one with
-
-</P>
-<PRE>
- domains = domain1:domain2:...</PRE>
-<P>
- so that each one processes certain domains only. That way you could have
- several domains sharing an alias file. All of this assumes that you want
- have different aliases for each domain. If all the domain names are in
- effect just synonyms, you don't need to do anything other than ensure
- they all match something in <TT>local_domains</TT>.
-
-</P>
-<A NAME="SEC100" HREF="FAQ.html#TOC100">Q0406</A>: Some of my users are using the <B>.forward</B> to pipe to a shell command which
- appends to the user's INBOX. How can I forbid this?
-
-
-<P>
-A0406: If you allow your users to run shells in pipes, you cannot control which
- commands they run or which files they write to. However, you should point
- out to them that writing to an INBOX by arbitrary commands is not
- interlocked with the MTA and MUAs, and is liable to mess up the contents
- of the file.
-
-</P>
-<P>
- If a user simply wants to choose a specific file for the delivery of
- messages, this can be done by putting a file name in a <B>.forward</B> file
- rather than using a pipe, or by using the "save" command in an Exim
- filter file.
-
-</P>
-<P>
- You can set <TT>forbid_pipe</TT> on the <B>forwardfile</B> director, but that will
- prevent them from running any pipe commands at all. Alternatively, you
- can restrict which commands they may run in their pipes by setting the
- <TT>allow_commands</TT> and/or <TT>restrict_to_path</TT> options in the <TT>address_pipe</TT>
- transport.
-
-</P>
-<A NAME="SEC101" HREF="FAQ.html#TOC101">Q0407</A>: How can I arrange for a default value when using a query-style lookup
- such as LDAP or NIS+ to handle aliases?
-
-
-<P>
-A0407: Using the queries option for the <B>aliasfile</B> driver should do what you
- want. You can supply a second query which gets obeyed when the first
- query fails. For example,
-
-</P>
-<PRE>
- queries = "\
- ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=$local_part@$domain)):\
- ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=default@$domain))"</PRE>
-<A NAME="SEC102" HREF="FAQ.html#TOC102">Q0408</A>: If I don't fully qualify the addresses in a virtual domain's alias file
- then mail to aliases which also match the local domain get delivered to
- the local domain.
-
-
-<P>
- For example, if the alias file for <B>foobar.com</B> is
-
-</P>
-<PRE>
- foo: joe@some.place.com
- postmaster: foo</PRE>
-<P>
- then mail sent to <B><B>postmaster@foobar.com</B></B> is not delivered to
- <B><B>joe@some.place.com</B></B> but instead goes to <B><B>foo@localdomain.com.</B></B>
-
-</P>
-<P>
-A0408: Set the <TT>qualify_preserve_domain</TT> option on the <B>aliasfile</B> director.
-
-</P>
-<A NAME="SEC103" HREF="FAQ.html#TOC103">Q0409</A>: We've got users who chmod their home to 750, and home is NFS-mounted
- without root privilege, so Exim cannot access <B>~user/.forward.</B>
-
-
-<P>
-A0409: Set the seteuid option on the <B>forwardfile</B> director so that Exim
- "becomes" the user before trying to read the file. However, if your
- operating system does not support the seteuid() function, you cannot do
- this. In that circumstance, if you cannot persuade your users to make
- their <B>.forward</B> files world readable, you can set the <TT>ignore_eacces</TT>
- option, which causes Exim to ignore unreadable files.
-
-</P>
-<A NAME="SEC104" HREF="FAQ.html#TOC104">Q0410</A>: I'm getting "permission denied" when Exim tries to check a for the
- existence of a user's <B>.procmailrc</B> file using <TT>require_files</TT>.
-
-
-<P>
-A0410: Exim is running under its own uid (or root if there isn't an Exim uid)
- when it checks <TT>require_files</TT>. You can cause it to change to a specific
- uid by putting an item not containing any / characters at the start of
- the <TT>require_files</TT> list. In this case you probably want a director along
- these lines:
-
-</P>
-<PRE>
- procmail:
- driver = localuser
- require_files = $local_part:$home/.procmailrc
- transport = procmail_pipe</PRE>
-<A NAME="SEC105" HREF="FAQ.html#TOC105">Q0411</A>: How can I deliver mail into different directories for each virtual
- domain, doing user lookups not against <B>/etc/passwd</B> but against
- <B><B>/etc/passwd.domain</B>?</B>
-
-
-<P>
-A0411: See configuration sample C009.
-
-</P>
-<A NAME="SEC106" HREF="FAQ.html#TOC106">Q0412</A>: I want mail for <EM>any</EM> local part at certain virtual domains to go
- to a single address for each domain.
-
-
-<P>
-A0412: One way to to this is
-
-</P>
-<PRE>
- virtual:
- driver = smartuser
- domains = lsearch;/etc/virtual
- new_address = ${lookup{$domain}lsearch{/etc/virtual}{$value}fail}</PRE>
-<P>
- The <B>/etc/virtual</B> file contains a list of domains and the addresses to
- which their mail should be sent. For example:
-
-</P>
-<PRE>
- domain1: postmaster@some.where.else
- domain2: joe@xyz.plc
- etc.</PRE>
-<P>
- If the number of domains is large, using a DBM or cdb file would be more
- efficient.
-
-</P>
-<A NAME="SEC107" HREF="FAQ.html#TOC107">Q0413</A>: How can I make Exim look in the alias NIS map instead of <B>/etc/aliases</B>?
-
-
-<P>
-A0413: The default configuration does not use NIS (many hosts don't run it).
- You should change the <TT>system_aliases</TT> director to
-
-</P>
-<PRE>
- system_aliases:
- driver = aliasfile
- file = mail.aliases
- search_type = nis</PRE>
-<P>
- If you want to use <B>/etc/aliases</B> as well as NIS, put this director (with
- a different name) before or after the default one, depending on which
- data source you want to take precedence.
-
-</P>
-<A NAME="SEC108" HREF="FAQ.html#TOC108">Q0414</A>: What does the error message "error in forward file (filtering not
- enabled): missing or malformed local part ..." mean?
-
-
-<P>
-A0414: If you are trying to use an Exim filter, you have forgotten to enable
- the facility, which is disabled by default. In the <B>forwardfile</B> director
- (in the Exim configuration file) you need to set
-
-</P>
-<PRE>
- filter = true</PRE>
-<P>
- to allow a <B>.forward</B> file to be used as an Exim filter. If you are not
- trying to use an Exim filter, then you have put a malformed address in
- the <B>.forward</B> file.
-
-</P>
-<A NAME="SEC109" HREF="FAQ.html#TOC109">Q0415</A>: Exim isn't recognizing certain forms of local address.
-
-
-<P>
-A0415: (A) Try using the <B>-bt</B> option with debugging turned on, to see how Exim
- is handling the addresses. For example,
-
-</P>
-<PRE>
- exim -d2 -bt z6abc</PRE>
-<P>
- will show you how it would handle the local part "z6abc". Increase the
- debug level to <B>-d9</B> for more information.
-
-</P>
-<P>
- (B) If the local user names contain capital letters, that is probably
- the cause of your problem. Setting up such user names is a bad idea.
- By default, everything is lowercased before the final delivery for the
- sake of alias matching and user name matching, because people who type
- email addresses often get the case wrong. You can stop this by setting
-
-</P>
-<PRE>
- locally_caseless = false</PRE>
-<P>
- but then incoming addresses are recognized only in the correct case.
- See
- <A HREF="FAQ.html#SEC118">Q0424</A> for a way round this.
-
-</P>
-<A NAME="SEC110" HREF="FAQ.html#TOC110">Q0416</A>: I have a domain for which some local parts must be delivered locally,
- but the remainder are to be treated like any other remote addresses.
-
-
-<P>
-A0416: See
- <A HREF="FAQ.html#SEC75">A0308</A>.
-
-</P>
-<A NAME="SEC111" HREF="FAQ.html#TOC111">Q0417</A>: What I really need is the ability to obtain the result of a pipe
- command so that I can filter externally and redirect internally. Is
- this possible?
-
-
-<P>
-A0417: This is not possible. The result of a pipe command is not available to
- a filter, because it doesn't run any deliveries while filtering. It just
- sets up deliveries. They all happen later. If you want to run pipes
- and examine their results, you need to set up a single delivery to a
- delivery agent such as procmail which provides this kind of facility.
-
-</P>
-<A NAME="SEC112" HREF="FAQ.html#TOC112">Q0418</A>: When I set a suffix on one of my directors, it doesn't get stripped when
- checking the <TT>local_parts</TT> option. Why is this?
-
-
-<P>
-A0418: The test on local parts and domains is done early on, and only if they
- match is supplementary processing such as prefix and suffix recognition
- done. There is a section of the manual called "Skipping directors" which
- gives details. If you want to ignore a prefix or suffix in the initial
- test of the local part, you can do so by replacing <TT>local_parts</TT> with a
- setting of the <TT>condition</TT> option. For example, suppose you wanted to
- look up the basic local part in a file, and run the director if it is
- found:
-
-</P>
-<PRE>
- condition = ${if lookup{\
- ${if match{$local_part}{^(.*)-request}{$1}{$local_part}}\
- }lsearch{/some/file}{yes}}</PRE>
-<P>
- The key that is looked up is the second line, which uses a regular
- expression to strip "-request" from the local part if it is present.
-
-</P>
-<A NAME="SEC113" HREF="FAQ.html#TOC113">Q0419</A>: Why will Exim deliver a message locally to any username that is longer
- than 8 characters as long as the first 8 characters match one of the
- local usernames?
-
-
-<P>
-A0419: The problem is in your operating system. Exim just calls the getpwnam()
- function to test a local part for being a local login name. It does not
- presume to guess the maximum length of user name for the underlying
- operating system. Many operating systems correctly reject names that are
- longer than the maximum length; yours is apparently deficient in this
- regard. To cope with such systems, Exim has an option called
- <TT>max_user_name_length</TT> which you can set to the maximum allowed length.
-
-</P>
-<A NAME="SEC114" HREF="FAQ.html#TOC114">Q0420</A>: Why am I seeing the error "bad mode (100664) for <B><B>/home/test/.forward</B></B>
- (userforward director)"? I've looked through the documentation but can't
- see anything to suggest that exim has to do anything other than read the
- <B>.forward</B> file.
-
-
-<P>
-A0420: For security, Exim checks for mode bits that shouldn't be set, by
- default 022. You can change this by setting the "modemask" option of the
- <B>forwardfile</B> director.
-
-</P>
-<A NAME="SEC115" HREF="FAQ.html#TOC115">Q0421</A>: How can I arrange that messages larger than some limit are handled by
- a special director?
-
-
-<P>
-A0421: See
- <A HREF="FAQ.html#SEC78">A0311</A>.
-
-</P>
-<A NAME="SEC116" HREF="FAQ.html#TOC116">Q0422</A>: When a user's <B>.forward</B> file is syntactially invalid, Exim defers
- delivery of all messages to that user, which sometimes include the
- user's own test messages. Can it be told to ignore the <B>.forward</B> file
- and/or inform the user of the error?
-
-
-<P>
-A0422: Setting <TT>skip_syntax_errors</TT> on the <B>forwardfile</B> director causes syntax
- errors to be skipped. When dealing with users' <B>.forward</B> files it is best
- to combine this with a setting of <TT>syntax_errors_to</TT> in order to send
- a message about the error to the user. However, to avoid an infinite
- cascade of messages, you have to be able to send to an address that
- bypasses <B>.forward</B> file processing. This can be done by including a
- director like this one
-
-</P>
-<PRE>
- real_localuser:
- driver = localuser
- transport = local_delivery
- prefix = real-</PRE>
-<P>
- <EM>before</EM> the <B>forwardfile</B> director. This will do an ordinary local
- delivery without <B>.forward</B> processing, if the local part is prefixed by
- "real-". You can then set something like the following options on the
- <B>forwardfile</B> director:
-
-</P>
-<PRE>
- skip_syntax_errors
- syntax_errors_to = real-$local_part@$domain
- syntax_errors_text = "\
- This is an automatically generated message. An error has been \
- found\nin your .forward file. Details of the error are reported \
- below. While\nthis error persists, messages addressed to you will \
- get delivered into\nyour normal mailbox and you will receive a \
- copy of this message for\neach one."</PRE>
-<P>
- A final tidying setting to go with this is a rewriting rule that changes
- "real-username" into just "username" in the headers of the message:
-
-</P>
-<PRE>
- ^real-([^@]+)@your\.dom\.ain$ $1@your.dom.ain h</PRE>
-<P>
- This means that users won't ever see the "real-" prefix, unless they
- look at the Envelope-To header.
-
-</P>
-<A NAME="SEC117" HREF="FAQ.html#TOC117">Q0423</A>: I have some users on my system with upper case letters in their login
- names, but these are not recognized.
-
-
-<P>
-A0423: See
- <A HREF="FAQ.html#SEC118">A0424</A>.
-
-</P>
-<A NAME="SEC118" HREF="FAQ.html#TOC118">Q0424</A>: I have unset <TT>locally_caseless</TT> because my users have upper case letters
- in their login names, but incoming mail now has to use the correct case.
- Can I relax this somehow?
-
-
-<P>
-A0424: If you really have to live with caseful user names but want incoming
- local parts to be caseless, then you have to maintain a file, indexed by
- the lower case forms, that gives the correct case for each login, like
- this:
-
-</P>
-<PRE>
- admin: Admin
- steven: Steven
- mcdonald: McDonald
- lamanch: LaManche
- ...</PRE>
-<P>
- and at the start of your directors, put one like this:
-
-</P>
-<PRE>
- set_case_director:
- driver = smartuser
- new_address = ${lookup{${lc:$local_part}}lsearch{/the/file}\
- {$value@$domain}fail}</PRE>
-<P>
- For efficiency, you should also set the <TT>new_director</TT> option to cause
- processing of the changed address to begin at the next director. If you
- are otherwise using the default configuration, then the setting would be
-
-</P>
-<PRE>
- new_director = system_aliases</PRE>
-<P>
- If there are lots of users, then a DBM or cdb file would be more
- efficient than lsearch. If you are handling several domains, then you
- will have to extend this configuration to cope appropriately.
-
-</P>
-<A NAME="SEC119" HREF="FAQ.html#TOC119">Q0425</A>: I want to look up local users in an SQL database instead of looking in
- the passwd file.
-
-
-<P>
-A0425: From release 3.03, Exim contains support for calling MySQL, and from
- release 3.14 there is support for PostgreSQL.
-
-</P>
-<P>
- You must consider what will happen if your database is down. All local
- mail delivery will be delayed until it comes up again. Whether this
- matters is of course something for you to decide. If the database is
- down a lot and it does matter, then consider some scheme of extracting
- a list of users from the database at regular intervals, and getting Exim
- to work off that. This is also likely to be more efficient.
-
-</P>
-<A NAME="SEC120" HREF="FAQ.html#TOC120">Q0426</A>: Is it possible for Exim to use a SQL database like MySQL for its lists
- of virtual domains and explicit aliases?
-
-
-<P>
-A0426: See
- <A HREF="FAQ.html#SEC119">A0425</A>.
-
-</P>
-<A NAME="SEC121" HREF="FAQ.html#TOC121">Q0427</A>: Can I use my existing alias files and forward files as well as procmail
- and effectively drop in exim in place of Sendmail ?
-
-
-<P>
-A0427: Yes, as long as your alias/forward files don't assume that pipes are
- going to run under a shell. If they do, you either have to change them,
- or configure Exim to use a shell (which it doesn't by default).
-
-</P>
-<A NAME="SEC122" HREF="FAQ.html#TOC122">Q0428</A>: How can I route mail for user <B>X@local</B> to a smarthost if X doesn't exist
- on the local host?
-
-
-<P>
-A0428: This is the same question as
- <A HREF="FAQ.html#SEC96">Q0402</A>. The duplication is a bug in the FAQ.
-
-</P>
-<A NAME="SEC123" HREF="FAQ.html#TOC123">Q0429</A>: What is quickest way to set up Exim so any message sent to a non-
- existing user would bounce back with a different message, based
- on the name of non-existing user?
-
-
-<P>
-A0429: See the example in the section of the manual entitled "System-wide
- automatic processing".
-
-</P>
-<A NAME="SEC124" HREF="FAQ.html#TOC124">Q0430</A>: I am building some largish mailing lists with Majordomo, and was
- wondering if it worth leaving the actually list expansion to the
- <B>aliasfile</B> :include: mechanism or should I consider using the <B>forwardfile</B>
- transport? Is there any real difference in terms of facilities and/or
- performance, and are the expansions basically the same code anyway?
-
-
-<P>
-A0430: The code that pulls out individual addresses from a list is the same in
- both cases, so it's really just a matter of which is the most convenient
- for you.
-
-</P>
-<A NAME="SEC125" HREF="FAQ.html#TOC125">Q0431</A>: What do I need to do to make Exim handle <B>/usr/ucb/vacation</B> processing
- automatically, so that people could just create a .<B>vacation.msg</B> file in
- their home directory and not have to edit their <B>.forward</B> file?
-
-
-<P>
-A0431: Add a new director like this, immediately before the normal localuser
- director:
-
-</P>
-<PRE>
- vacation:
- driver = localuser
- require_files = .vacation.msg
- transport = vacation_transport
- unseen</PRE>
-<P>
- and a matching new transport like this:
-
-</P>
-<PRE>
- vacation_transport:
- driver = pipe
- command = "/usr/ucb/vacation \"$local_part\""</PRE>
-<P>
- However, some versions of <B>/usr/ucb/vacation</B> do not work properly unless
- the DBM file(s) it uses are created in advance - it won't create them
- itself. You also need a way of removing them when the vacation is over.
-
-</P>
-<P>
- Another possibility is to use a fixed filter file which is run whenever
- .<B>vacation.msg</B> exists, for example:
-
-</P>
-<PRE>
- vacation:
- driver = forwardfile
- check_localuser
- require_files = $home/.vacation.msg
- file = /some/central/filter
- filter</PRE>
-<P>
- The filter file should use the "if personal" check before sending mail,
- to avoid generating automatic responses to mailing lists. If sending a
- message is all that it does, this doesn't count as a "significant"
- delivery, so the message goes on to be delivered as normal.
-
-</P>
-<P>
- Yet another possibility is to make use of Exim's autoreply transport.
- See C033.
-
-</P>
-<A NAME="SEC126" HREF="FAQ.html#TOC126">Q0432</A>: I want to use a default entry in my alias file, but it picks up the
- local parts that the aliases generate. For example, if the alias file
- is
-
-
-<PRE>
- luke.skywalker: luke
- ls: luke
- *: postmaster</PRE>
-<P>
- then messages addressed to <B>luke.skywalker</B> end up at postmaster.
-
-</P>
-<P>
-A0432: (A) If you know for certain that no alias in your alias file ever
- generates another alias that is in the same file, then the most
- efficient solution is to put
-
-</P>
-<PRE>
- new_director = name-of-following-director</PRE>
-<P>
- in your <B>aliasfile</B> director. This stops Exim from processing the
- generated names as aliases the second time.
-
-</P>
-<P>
- (B) If you can't give that guarantee, then you have to put dummy entries
- in the alias file for all your local parts, for example:
-
-</P>
-<PRE>
- luke: luke</PRE>
-<P>
- (C) Another possibility is to put the <B>aliasfile</B> director for these
- aliases <EM>after</EM> the localuser director, so that local parts get picked
- off first. You will need to have two <B>aliasfile</B> directors if there are
- some local parts (e.g. root) which you do want to handle as aliases
- rather than local users.
-
-</P>
-<A NAME="SEC127" HREF="FAQ.html#TOC127">Q0433</A>: I have some obsolete domains which people have been warned not to use
- any more. How can I arrange to delete any mail that is sent to them?
-
-
-<P>
-A0433: If you are using release 3.10 or later, you can use a <B>smartuser</B> director
- like this:
-
-</P>
-<PRE>
- obsolete:
- domains = lsearch;/etc/exim/obsolete.domains
- new_address = :blackhole:</PRE>
-<P>
- If you want to make any exceptions, for example, for mail to postmaster
- at those domains, you can add the line
-
-</P>
-<PRE>
- local_parts = !postmaster</PRE>
-<P>
- If you are using an earlier release of Exim, you have to set up an alias
- file in order to use :blackhole:
-
-</P>
-<PRE>
- obsolete:
- domains = lsearch;/etc/exim/obsolete.domains
- file = /blackhole/all
- search_type = lsearch*</PRE>
-<P>
- with the file containing
-
-</P>
-<PRE>
- *: :blackhole:</PRE>
-<P>
- and possibly a postmaster alias if you want.
-
-</P>
-<A NAME="SEC128" HREF="FAQ.html#TOC128">Q0434</A>: How can I arrange that mail addressed to <B><B>anything@something.mydomain.com</B></B>
- gets delivered to <B><B>something@mydomain.com</B>?</B>
-
-
-<P>
-A0434: Ensure that all the relevant domains are local, by setting
-
-</P>
-<PRE>
- local_domains = mydomain.com : *.mydomain.com</PRE>
-<P>
- Then set up a <B>smartuser</B> director like this:
-
-</P>
-<PRE>
- user_from_domain:
- driver = smartuser
- new_address = ${if match{$domain}{^(.+)\\.mydomain.com\$}\
- {$1@mydomain.com}fail}</PRE>
-<A NAME="SEC129" HREF="FAQ.html#TOC129">Q0435</A>: I can't get a regular expression to work in this <TT>local_parts</TT> option on
- one of my directors:
-
-
-<PRE>
- local_parts = ^0740\d{6}</PRE>
-<P>
-A0435: The <TT>local_parts</TT> option is expanded before use, so that you can, for
- example, make it dependent on the domain. Therefore, you need to write
-
-</P>
-<PRE>
- local_parts = ^0740\\d{6}</PRE>
-<P>
- so as to preserve the backslash.
-
-</P>
-<A NAME="SEC130" HREF="FAQ.html#TOC130">Q0436</A>: How can I arrange for all addresses in a group of domains <B>*.example.com</B>
- to share the same alias file? I have a number of such groups.
-
-
-<P>
-A0436: For a single group you could just hardwire the file name into a director
- that had
-
-</P>
-<PRE>
- domains = *.example.com</PRE>
-<P>
- set, to restrict it to the relevant domains. For a number of such groups
- you can create a file containing the domains, like this:
-
-</P>
-<PRE>
- *.example1.com example1.com
- *.example2.com example2.com
- ...</PRE>
-<P>
- Arrange that the domains are treated as local by setting
-
-</P>
-<PRE>
- local_domains = partial-lsearch;/that/file</PRE>
-<P>
- Then create a director like this
-
-</P>
-<PRE>
- domain_aliases:
- driver = aliasfile
- domains = partial-lsearch;/that/file
- file = /etc/aliases.d/$domain_data
- search_type = lsearch*</PRE>
-<P>
- The variable <B>$domain_data</B> contains the data that was looked up when the
- <TT>domains</TT> option was matched, i.e. <B>"example1.com",</B> <B>"example2.com",</B> etc.
- in this case.
-
-</P>
-<A NAME="SEC131" HREF="FAQ.html#TOC131">Q0437</A>: When Exim tries to read <B><B>/usr/lib/majordomo/lists/lists.aliases</B></B> it is
- giving "Permission denied", but that file is world-readable!
-
-
-<P>
-A0437: Check the permissions on the superior directories.
-
-</P>
-<A NAME="SEC132" HREF="FAQ.html#TOC132">Q0438</A>: Some of our users have no home directories; the field in the password
- file contains <B>/no/home/dir</B>. This causes the error "failed to stat
- <B>/no/home/dir</B> (No such file or directory)" when Exim tries to look for a
- <B>.forward</B> file, and the delivery is deferred.
-
-
-<P>
-A0438: With the default configuration, you are asking Exim to check for a
- <B>.forward</B> file in the user's home directory. It looks up the home
- directory and tries to stat() it before looking for <B>.forward</B>. This is so
- that it can will notice a missing NFS home directory, and not treat it
- as if the <B>.forward</B> file did not exist. This stat() is failing when the
- home directory doesn't exist. What you should do is pick off these
- special cases before looking for <B>.forward</B> files for normal users. Place
- the following director before the userforward director:
-
-</P>
-<PRE>
- no_home_directory_users:
- driver = localuser
- transport = local_delivery
- match_directory = /no/home/dir
- current_directory = /</PRE>
-<A NAME="SEC133" HREF="FAQ.html#TOC133">Q0439</A>: How can I disable Exim's de-duplication features? I want it to do two
- deliveries if two different aliases expand to the same address.
-
-
-<P>
-A0439: This is not possible. Duplication has other ramifications other than
- just (in)convenience. Consider:
-
-</P>
-<P>
- . Message is addressed to A and to B.
-
-</P>
-<P>
- . Both A and B are aliased to C.
-
-</P>
-<P>
- . Without de-duplication, two deliveries to C are scheduled.
-
-</P>
-<P>
- . One delivery happens, Exim records that it has delivered the message
- to C.
-
-</P>
-<P>
- . The next delivery fails (C's mailbox is over quota, say).
-
-</P>
-<P>
- Next time round, Exim wants to know if it has already delivered to C or
- not, before scheduling a new delivery. Has it? Obviously, if duplicate
- deliveries are supported, it has to remember not only that it has
- delivered to C but also the "history" of how that delivery happened - in
- effect an ancestry list back to the original envelope address. This it
- does not do, and changing it to work in that way would be a lot of work
- and a big upheaval.
-
-</P>
-<P>
- The best way to get duplicate deliveries if you want them is not to use
- <B>aliasfile</B>, but to use <B>smartuser</B> with a transport, e.g.
-
-</P>
-<PRE>
- alias_with_duplicates:
- driver = smartuser
- transport = local_delivery_for_duplicates
- new_address = ${lookup {$local_part} lsearch ..... etc</PRE>
-<P>
- This goes straight to the transport without generating a new address
- that is considered for de-duplication or re-aliasing. In effect, it is
- just re-writing the address on the way to the transport. You will need
- to specify the user under which to run the delivery, either on the
- transport or on the director.
-
-</P>
-<A NAME="SEC134" HREF="FAQ.html#TOC134">Q0440</A>: I set up an <B>aliasfile</B> director using MySQL, but it doesn't use the new
- addresses. This it my director:
-
-
-<PRE>
- mysql_system_aliases:
- driver = aliasfile
- search_type = mysql
- query = "select userid from domain_table where \
- aliasid='$local_part' and domain='$domain'"
- transport = local_delivery</PRE>
-<P>
-A0440: The setting of "transport" is your problem. Aliasfile operates entirely
- differently if you give it a transport. It just verifies the incoming
- address by doing the query, then sends it to the transport. Take away
- the transport setting, and it will do normal aliasing, that is, turn one
- address into another which is independently processed.
-
-</P>
-<A NAME="SEC135" HREF="FAQ.html#TOC135">Q0441</A>: I received a message with a Subject: line that contained a non-printing
- character (a carriage return). This messed up my filter file. Is there a
- way to get round it?
-
-
-<P>
-A0441: Instead of <B>$h_subject:</B> use <B>${escape:$h_subject:}</B>
-
-</P>
-<A NAME="SEC136" HREF="FAQ.html#TOC136">Q0442</A>: My users' mailboxes are distributed between several servers according to
- the first letter of the user name. All the servers receive incoming mail
- at random. I would like to have the same configuration file for all the
- servers, which does local delivery for the mailboxes it holds, and sends
- other addresses to the correct other server. Is this possible?
-
-
-<P>
-A0442: It is easiest if you arrange for all the users to have password entries
- on all the servers. This means that non-existent users can be detected
- at the first server they reach. Set up a file containing a mapping from
- the first letter of the user names to the servers where their mailboxes
- are held. For example:
-
-</P>
-<PRE>
- a: server1
- b: server1
- c: server2
- ...</PRE>
-<P>
- Replace the normal localuser director with these two directors:
-
-</P>
-<PRE>
- localuser:
- driver = localuser
- transport = local_delivery
- condition = ${if eq{$primary_hostname}\
- {${lookup {${substr_0_1:$local_part}}\
- lsearch{/etc/mapfile} {$value}}}{yes}{no}}</PRE>
-<PRE>
- check_remote:
- driver = localuser
- transport = send_to_correct_host</PRE>
-<P>
- The first director succeeds only if the local part is a local user whose
- mailbox is listed as being on the current host. The second server runs
- for all other local users, directing the addresses to this transport:
-
-</P>
-<PRE>
- send_to_correct_host:
- driver = smtp
- hosts = ${lookup {${substr_0_1:$local_part}}lsearch{/etc/mapfile}\
- {$value}}</PRE>
-<P>
- Local parts that are not the names of local users are declined by both
- directors, and so they fail.
-
-</P>
-<A NAME="SEC137" HREF="FAQ.html#TOC137">Q0443</A>: I want to search for '$' in the subject line, but I can't seem to get
- the syntax. The obvious choice, '\$' doesn't work. Any help?
-
-
-<P>
-A0443: Try one of these:
-
-</P>
-<PRE>
- if $h_subject: contains \$ then ...
- if $h_subject: contains "\\$" then ...</PRE>
-<A NAME="SEC138" HREF="FAQ.html#TOC138">Q0444</A>: One of the things I want to set up is for <B>anything@onedomain</B> to forward
- to <B><B>anything@anotherdomain.</B></B> I tried adding <B>$local_part@anotherdomain</B> to
- my aliases but it did not expand - it sent it to that literal address.
-
-
-<P>
-A0444: If you want to do it that way, you can make it expand by setting
- the "expand" option on the <B>aliasfile</B> director. Another approach is to
- use a <B>smartuser</B> director like this:
-
-</P>
-<PRE>
- forwarddomain:
- driver = smartuser
- domains = onedomain
- new_address = $local_part@anotherdomain</PRE>
-<P>
- <TT>new_address</TT> can, of course, be more complicated, involving lookups etc.
- if you have lots of different cases.
-
-</P>
-<A NAME="SEC139" HREF="FAQ.html#TOC139">Q0445</A>: How can I have an address looked up in two different alias files, and
- delivered to all the addresses that are found?
-
-
-<P>
-A0445: It is tempting to use the "unseen" option for this (see
- <A HREF="FAQ.html#SEC145">Q0504</A> for an
- example of the use of "unseen"). You would have two directors, the first
- of which has "unseen" set, so that the address is always passed on to
- the next director, even if the first one accepts it.
-
-</P>
-<P>
- However, there is a problem with this approach. If an address is found
- in the first director (with unseen set) but not in the second one, it
- will get delivered but will also (under most normal setups) generate an
- "unknown user" bounce as well.
-
-</P>
-<P>
- If you want an incoming address to be "properly" delivered to
- two different "child" addresses (or lists), "unseen" is not really the
- right way to do it. You don't really need two different directors. You
- can use a <B>smartuser</B> director with an option something like this:
-
-</P>
-<PRE>
- new_address = ${lookup{$local_part}lsearch{/etc/aliases1}\
- {$value${lookup{$local_part}lsearch{/etc/aliases2}{,$value}}}\
- {${lookup{$local_part}lsearch{/etc/aliases2}{$value}fail}}}\</PRE>
-<P>
- If the first lookup succeeds, the result is its data, followed by the
- data from the second lookup, if any, separated by a comma. If the first
- lookup fails, the result is the data from the third lookup (which also
- looks in the second file), but if this also fails, the entire expansion
- is forced to fail, thereby causing the director to decline.
-
-</P>
-<A NAME="SEC140" HREF="FAQ.html#TOC140">Q0446</A>: I've converted from Sendmail, and I notice that Exim doesn't make use
- of the "owner-" entries in my alias file to change the sender address in
- outgoing messages to a mailing list.
-
-
-<P>
-A0446: If you have an alias file with entries like this:
-
-</P>
-<PRE>
- somelist: a@b, c@d, ...
- owner-somelist: postmaster</PRE>
-<P>
- Sendmail assumes that the second entry specifies a new sender address
- for the first. Exim does not make this assumption. However, you can make
- it take the same action, by adding
-
-</P>
-<PRE>
- errors_to = owner-$local_part@whatever.domain</PRE>
-<P>
- to the configuration for your <B>aliasfile</B> director. This is fail-safe,
- because Exim verifies a new sender address before using it. Thus, the
- change of sender address occurs only when the owner entry exists.
-
-</P>
-<BR><H2><A NAME="SEC141" HREF="FAQ.html#TOC141">5. DELIVERY
-
-</A></H2>
-<A NAME="SEC142" HREF="FAQ.html#TOC142">Q0501</A>: What does the error "Neither the <I>xxx</I> director nor the <I>yyy</I> transport set
- a uid for local delivery of..." mean?
-
-
-<P>
-A0501: Whenever Exim does a local delivery, it runs a process under a specific
- user and group id (uid and gid). For deliveries into mailboxes, and to
- pipes and files set up by <B>.forward</B>ing, it normally picks up the uid/gid
- of the receiving user. However, if an address is directed to a pipe or a
- file by some other means, such an entry in the system alias file of the
- form
-
-</P>
-<PRE>
- majordomo: |/local/mail/majordomo ...</PRE>
-<P>
- then Exim has to be told what uid/gid to use for the delivery. This can
- be done either on the director that handled the address, or on the
- transport that actually does the delivery. If a pipe is going to run a
- setuid program, then it doesn't matter what uid Exim starts it out with,
- and so the most straightforward thing is to put
-
-</P>
-<PRE>
- user = exim</PRE>
-<P>
- on either the director or the transport. A setting on the transport
- overrides a setting on the director, so if the same transport is being
- used with several directors, you should set the user on it only if you
- want the same uid to be used in all cases.
-
-</P>
-<P>
- In the default configuration, the transports used for file and pipe
- deliveries are the ones called <TT>address_file</TT> and <TT>address_pipe</TT>. You
- can specify different transports by setting, for example,
-
-</P>
-<PRE>
- pipe_transport = special_pipe_transport</PRE>
-<P>
- on the <B>aliasfile</B> director. Then you can set up <TT>special_pipe_transport</TT>
-
-</P>
-<PRE>
- special_pipe_transport:
- driver = pipe
- user = ????</PRE>
-<P>
- which will be used only for pipe deliveries from that one director.
- What you put for the ???? is up to you, and depends on the particular
- circumstances.
-
-</P>
-<A NAME="SEC143" HREF="FAQ.html#TOC143">Q0502</A>: Exim won't deliver to a host with no MX record.
-
-
-<P>
-A0502: (A) Are you sure there really is no MX record? Sometimes a typo results
- in a malformed MX record in the zone file, in which case some nameservers
- give a SERVFAIL error rather than NXDOMAIN. Exim has to treat this as
- a temporary error, so it can't go on to look for an A record. You can
- check for this state using one of the DNS interrogation commands, such
- as "nslookup", "host", or "dig".
-
-</P>
-<P>
- (B) Is there a wildcard MX record for <EM>your</EM> domain? Is the
- <TT>search_parents</TT> option on in your <B>lookuphost</B> router? (Prior to Exim
- version 1.80 this was the default; it was changed because of this
- problem.) If the answer to both these questions is "yes", then that is
- the cause of the problem. When the DNS resolver fails to find the MX
- record, it tries adding on your domain if <TT>search_parents</TT> is true, and
- thereby finds your wildcard MX record. For example:
-
-</P>
-<P>
- . There is a wildcard MX record for <B>*.a.b.c.</B>
-
-</P>
-<P>
- . There is a host called <B>x.y.z</B> that has an A record and no MX record.
-
-</P>
-<P>
- . Somebody on a machine <B>m.a.b.c</B> domain tries to mail to <B><B>user@x.y.z.</B></B>
-
-</P>
-<P>
- . Exim calls the DNS to look for an MX record for <B>x.y.z.</B>
-
-</P>
-<P>
- . The DNS doesn't find any MX record. Because <TT>search_parents</TT> is true,
- it then tries searching the current host's parent domain, so it
- looks for <B>x.y.z.a.b.c</B> and picks up the wildcard MX record.
-
-</P>
-<P>
- Setting <TT>search_parents</TT> false makes this case work while retaining the
- wildcard MX record. However, anybody on the machine <B>m.a.b.c</B> who mails to
- <B><B>user@n.a</B></B> (expecting it to go to <B><B>user@n.a.b.c</B>)</B> now has a problem. The
- <TT>widen_domains</TT> option of the <B>lookuphost</B> router may be helpful in this
- circumstance.
-
-</P>
-<A NAME="SEC144" HREF="FAQ.html#TOC144">Q0503</A>: How should Exim be configured when it is acting as a temporary storage
- system for a domain on a dial-up host?
-
-
-<P>
-A0503: See
- <A HREF="FAQ.html#SEC262">Q1403</A>,
- <A HREF="FAQ.html#SEC162">Q0521</A>, and
- <A HREF="FAQ.html#SEC283">Q5014</A>.
-
-</P>
-<A NAME="SEC145" HREF="FAQ.html#TOC145">Q0504</A>: I would like to deliver mail addressed to a given domain normally, but
- also to generate a message to the envelope sender.
-
-
-<P>
-A0504: If the domain is a local one, you can do this with an "unseen" <B>smartuser</B>
- director and an autoreply transport, along the following lines:
-
-</P>
-<PRE>
- # Transport
- warning_t:
- driver = autoreply
- file = /usr/local/mail/warning.txt
- file_expand
- from = postmaster@your.domain
- to = $sender_address
- user = exim
- subject = Re: Your mail to $local_part@$domain</PRE>
-<PRE>
- # Director
- auto_warning_d:
- driver = smartuser
- domains = <domains you want to do this for>
- condition = ${if eq{$sender_address}{}{no}{yes}}
- transport = warning_t
- no_verify
- unseen</PRE>
-<P>
- Note the use of the <TT>condition</TT> option to avoid attempting to send a
- message when there is no sender (that is, when the incoming message is a
- delivery error report). You can of course extend this to include other
- conditions. If you want to log the sending of messages, you can add
-
-</P>
-<PRE>
- log = /some/file</PRE>
-<P>
- to the transport and also make use of the "once" option if you want to
- send only one message to each sender.
-
-</P>
-<A NAME="SEC146" HREF="FAQ.html#TOC146">Q0505</A>: Exim keeps crashing with segmentation errors (signal 11 or 139) during
- delivery. This seems to happen when it is about to contact a remote
- host or when a delivery is deferred.
-
-
-<P>
-A0505: This could be a problem with Exim's databases. Check that your DBM
- library is correctly installed. In particular, if you have installed a
- second DBM library onto a system that already had one, check that its
- version of <B>ndbm.h</B> is being seen first. For example, if the new version
- is in <B>/usr/local/include</B>, check that there isn't another version in
- <B>/usr/include</B>. If you are using Berkeley db, you can set <TT>USE_DB=yes</TT> in
- your <B>Local/Makefile</B> to avoid using <B>ndbm.h</B> altogether. This is
- particularly relevant for version 2 of Berkeley db, because no <B>ndbm.h</B>
- file is distributed with it.
-
-</P>
-<A NAME="SEC147" HREF="FAQ.html#TOC147">Q0506</A>: Whenever Exim tries to do a local delivery, it gives a permission denied
- error for the <B>.forward</B> file, like this:
-
-
-<PRE>
- 1998-08-10 16:55:32 0z5y2W-0000B8-00 == xxxx@yyy.zzz <xxxx@yyy.zz>
- D=userforward defer (-1): failed to open /home/xxxx/.forward
- (userforward director): Permission denied (euid=1234 egid=101)</PRE>
-<P>
-A0506: Have you remembered to make Exim setuid root?
-
-</P>
-<A NAME="SEC148" HREF="FAQ.html#TOC148">Q0507</A>: I have installed Exim, but now I can't mail to root any more. Why is
- this?
-
-
-<P>
-A0507: Most people set up root as an alias for the manager of the machine. If
- you haven't done this, Exim will attempt to deliver to root as if it
- were a normal user. This isn't really a good idea because the delivery
- process would run as root. Exim has a trigger guard in the option
-
-</P>
-<PRE>
- never_users = root</PRE>
-<P>
- in the default configuration file. This prevents it from running as root
- when doing any local deliveries. If you really want to run local
- deliveries as root, remove this line, but it would be better to create
- an alias for root instead.
-
-</P>
-<A NAME="SEC149" HREF="FAQ.html#TOC149">Q0508</A>: How can I stop undeliverable bounce messages (e.g. to routeable, but
- undeliverable, spammer senders) from clogging up the queue for days?
-
-
-<P>
-A0508: Set <TT>ignore_errmsg_errors</TT> to drop them immediately, or set <TT>ignore_errmsg_</TT>
- <TT>errors_after</TT> to specify a (short) time to keep them for. I use 12h so
- that I notice them, but they go away relatively quickly.
-
-</P>
-<A NAME="SEC150" HREF="FAQ.html#TOC150">Q0509</A>: How can mails that are being routed through directors other than
- localuser be delivered under the uid of the recipient?
-
-
-<P>
-A0509:
- <A HREF="FAQ.html#SEC142">A0501</A> contains background information on this. If you are using, say, an
- alias file to direct messages to specific mailboxes, then you can use
- the "user" option on either the <B>aliasfile</B> director or the appendfile
- transport to set the uid. What you put in the setting depends on how
- the required uid is to be found. It could be looked up in a file or
- computed somehow from the local part, for example.
-
-</P>
-<A NAME="SEC151" HREF="FAQ.html#TOC151">Q0510</A>: I want to use MMDF-style mailboxes. How can I get Exim to append the
- ctrl-A characters that separate indvidual emails?
-
-
-<P>
-A0510: Set the suffix option in the appendfile transport. In fact, for MMDF
- mailboxes you need a prefix as well as a suffix to get it working right,
- so your transport should contain these settings:
-
-</P>
-<PRE>
- prefix = "\1\1\1\1\n"
- suffix = "\1\1\1\1\n"</PRE>
-<P>
- Also, you need to change the <TT>check_string</TT> and <TT>escape_string</TT> settings so
- that the escaping happens for lines in the message that happen to begin
- with the MMDF prefix or suffix string, rather than "From" (the default):
-
-</P>
-<PRE>
- check_string = "\1\1\1\1\n"
- escape_string = "\1\1\1\1 \n"</PRE>
-<P>
- Adding a space to the line is sufficient to prevent it being taken as a
- separator.
-
-</P>
-<A NAME="SEC152" HREF="FAQ.html#TOC152">Q0511</A>: I have an ISDN connection and would like a way of running the queue
- automatically when it is up.
-
-
-<P>
-A0511: The following shell commands test for the interface being up and then
- run the queue:
-
-</P>
-<PRE>
- ifconfig ppp0 | fgrep UP >/dev/null
- if [ $? -eq 0 ] ; then exim -q ; fi</PRE>
-<P>
- You could put these commands into a script which runs them at regular
- intervals. You might want to use <B>-qq</B> instead of <B><B>-q.</B></B>
-
-</P>
-<P>
- With Linux, the script <B>/etc/ppp/ip-up</B> is run after a ISDN connection
- or a more general PPP connection has been established. If you are using
- Linux, you could put the call to exim in that script.
-
-</P>
-<A NAME="SEC153" HREF="FAQ.html#TOC153">Q0512</A>: If a user's mailbox is over quota, is there a way for me to set it up so
- that the mail bounces to the sender and is NOT stored in the mail queue?
-
-
-<P>
-A0512: In the retry section of the configuration, put
-
-</P>
-<PRE>
- *@your.dom.ain quota</PRE>
-<P>
- That is, provide no retry timings for over quota errors. They will then
- bounce immediately. Alternatively, you can set up retries for a short
- time only, or use something like this:
-
-</P>
-<PRE>
- *@your.dom.ain quota_7d
- *@your.dom.ain quota F,2h,15m; F,3d,1h</PRE>
-<P>
- which bounces immediately if the user's mailbox hasn't been read for 7
- days, but otherwise tries for up to 3 days after the first quota
- failure.
-
-</P>
-<A NAME="SEC154" HREF="FAQ.html#TOC154">Q0513</A>: I'm using tmail to do local deliveries, but when I turned on the
- <TT>use_crlf</TT> option on the pipe transport (tmail prefers \r\n terminations)
- message bodies started to vanish.
-
-
-<P>
-A0513: You need to unset the prefix option, or change it so that its default
- \n terminator becomes \r\n. For example, the transport could be:
-
-</P>
-<PRE>
- local_delivery_mbx:
- driver = pipe
- command = /usr/local/bin/tmail $local_part
- user = exim
- current_directory = /
- use_crlf
- prefix =</PRE>
-<P>
- The reason for this is as follows: tmail uses the line terminator on
- the first line it sees to determine whether lines are terminated by
- \r\n or \n. If the latter, it moans to stderr and changes subsequent
- \n terminators to \r\n. The default setting of the prefix option is
- "From ...\n", and this is unaffected by the <TT>use_crlf</TT> option. If you
- don't change this, tmail sees the first line terminated by \n and
- prepends \r to the \n terminator on all subsequent lines. However, if
- <TT>use_crlf</TT> is set, Exim makes all other lines \r\n terminated leading to
- doubled \r\r\n lines and corrupt mbx mailboxes.
-
-</P>
-<A NAME="SEC155" HREF="FAQ.html#TOC155">Q0514</A>: What does the message "Unable to get root to set uid and gid
- for local delivery to <I>xxx</I>: uid=<I>yyy</I> euid=<I>zzz</I>" mean?
-
-
-<P>
-A0514: Have you remembered to make Exim setuid root? It needs root privilege if
- it is to do any local deliveries, because it does them "as the user".
-
-</P>
-<A NAME="SEC156" HREF="FAQ.html#TOC156">Q0515</A>: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains
- is gone. Any idea how to get it back?
-
-
-<P>
-A0515: Read paragraph 1 of the 1.92 information in <B>README.UPDATING.</B> Add
- <TT>envelope_to_add</TT> to your transports for your virtual domains. You may
- also want to set <TT>return_path_add</TT> and <TT>delivery_date_add</TT>.
-
-</P>
-<A NAME="SEC157" HREF="FAQ.html#TOC157">Q0516</A>: The Exim log records the arrival of a message, and then "Completed",
- without logging any deliveries. What's going on?
-
-
-<P>
-A0516: This is unlikely in current versions of Exim, because more logging
- has been added. In versions before 2.053, one scenario is that the
- message was addressed to some user who has set up an Exim filter
- containing the command "seen finish", which discards a message without
- doing any deliveries. (In current versions of Exim this is logged as
- "discarded".) More information can be obtained by setting
-
-</P>
-<PRE>
- log_received_recipients</PRE>
-<P>
- so that next time you can see to whom it is addressed. Another
- possibility, prior to version 2.053, was that the message was injected
- using the <B>-t</B> option, but all the addresses in the message were also on
- the command line. See
- <A HREF="FAQ.html#SEC289">A5020</A> for more detail. Current versions of Exim
- generate a bounce message in this case.
-
-</P>
-<A NAME="SEC158" HREF="FAQ.html#TOC158">Q0517</A>: When I activate "return receipt" for example in Netscape Mailbox
- sending options, then I get an error message from Exim... something
- like "not supported". Can I activate delivery confirmations?
-
-
-<P>
-A0517: Exim does not support any kind of delivery notification.
-
-</P>
-<P>
- (A) You can configure it to recognize headers such as
- "Return-receipt-to:" if you wish.
-
-</P>
-<P>
- (B) Some people want MSN (message status notification). Such services
- are implemented in MUAs, and don't impact on the MTA at all.
-
-</P>
-<P>
- (C) I investigated the RFCs which describe the DSN (delivery status
- notification) system, and there is even a bit of code in there (excluded
- by #ifdef) for handling some of the data. However, I was unable to
- specify any sensible way of actually doing anything with the data. There
- were comments on the mailing list at the time; many people, including
- me, conclude that DSN is in practice unworkable. The killer problem is
- with forwarding and aliasing. Do you propagate the DSN data with the
- generated addresses? Do you send back a "reached end of the DSN world"
- or "expanded" message? Do you do this differently for different kinds of
- aliasing/forwarding? For a user who has a <B>.forward</B> file with a single
- address in, this might seem easy - just propagate the data. But what if
- there are several forwardings? If you propagate the DSN data, the sender
- may get back several DSN messages - and should the sender really know
- about the detail of the receiver's forwarding arrangements? There isn't
- really any way to distinguish between a <B>.forward</B> file that is forwarding
- and one that is a mini mailing list. And so on, and so on. There are so
- many questions that don't have obvious answers.
-
-</P>
-<A NAME="SEC159" HREF="FAQ.html#TOC159">Q0518</A>: When I dial up to collect mail from my ISP, only the first 10 messages
- get delivered immediately; the remainder just sit on the queue until a
- queue runner process finds them.
-
-
-<P>
-A0518: Your ISP is delivering all the messages in a single SMTP session. Exim
- limits the number of immediate delivery processes it will create as a
- result of a single SMTP connection, in order to avoid creating a zillion
- processes on systems that can have many incoming connections. In your
- situation, you should probably set <TT>smtp_accept_queue_per_connection</TT> to
- some number larger than 10.
-
-</P>
-<A NAME="SEC160" HREF="FAQ.html#TOC160">Q0519</A>: My ISP's mail server is rejecting bounce messages from Exim, complaining
- that they have no sender. The SMTP trace does indeed show that the
- sender address is "<>". Why is the Sender on the bounce message empty?
-
-
-<P>
-A0519: Because the RFCs say it must be. Your ISP is at fault. Send them this
- extract from RFC 1123 section 5.3.3 ("Reliable Mail Receipt"):
-
-</P>
-<P>
- If there is a delivery failure after acceptance of a message,
- the receiver-SMTP MUST formulate and mail a notification
- message. This notification MUST be sent using a null ("<>")
- reverse path in the envelope; see Section 3.6 of RFC-821. The
- recipient of this notification SHOULD be the address from the
- envelope return path (or the Return-Path: line). However, if
- this address is null ("<>"), the receiver-SMTP MUST NOT send a
- notification. If the address is an explicit source route, it
- SHOULD be stripped down to its final hop.
-
-</P>
-<A NAME="SEC161" HREF="FAQ.html#TOC161">Q0520</A>: What does the message "retry time not reached [for any host]" on the log
- mean? Why won't Exim try to deliver the message?
-
-
-<P>
-A0520: That is not an error. It means exactly what it says. A previous attempt
- to deliver to that address failed with a temporary error, and Exim
- computed the earliest time at which to try again. This can apply to
- local as well as to remote deliveries. For remote deliveries, each host
- (if there are several) has its own retry time.
-
-</P>
-<P>
- If you are running on a dial-up host, the rest of this answer probably
- does not apply to you. Go and read
- <A HREF="FAQ.html#SEC263">Q1404</A> instead. If your host is
- permanently online, read on...
-
-</P>
-<P>
- Some MTAs have a retrying schedule for each message. Exim does not work
- like this. Retry timing is normally host-based for remote domains and
- address-based for local domains. (There are some exceptions for certain
- kinds of remote failure - see "Errors in outgoing SMTP" in the manual.)
-
-</P>
-<P>
- If a new message arrives for a failing address and the retry time has
- not yet arrived, Exim will log "retry time not reached" and leave the
- message on the queue, without attempting delivery. Similarly, if a queue
- runner notices the message before the time to retry has arrived, it
- writes the same log entry. When the retry time has past, Exim attempts
- delivery at the next queue run. If you want to know when that will be,
- run the exinext utility on the address, for example:
-
-</P>
-<PRE>
- exinext user@some.domain</PRE>
-<P>
- You can suppress these messages on the log by setting <TT>log_level</TT> to a
- value that is less than 5. You can force a delivery attempt on a
- specific message (overriding the retry time) by means of the <B>-M</B> option:
-
-</P>
-<PRE>
- exim -M 10hCET-0000Bf-00</PRE>
-<P>
- If you want to do this for the entire queue, use the <B>-qf</B> option. See
- also
- <A HREF="FAQ.html#SEC174">Q0533</A>.
-
-</P>
-<A NAME="SEC162" HREF="FAQ.html#TOC162">Q0521</A>: RFC 1985 specifies that the SMTP command "ETRN <B>host.domain"</B> causes all
- mail queued for that host, no matter what domain it's for, to be
- dequeued. Why doesn't Exim support this?
-
-
-<P>
-A0521: Exim does not keep queues of mail for specific destinations. It just
- keeps one pool of undelivered messages. What is more, once you start a
- delivery of a message, it tries to deliver to <EM>all</EM> the addresses in the
- message, not just the one you may be interested in. (Of course, this
- doesn't usually do any harm.)
-
-</P>
-<P>
- The only way it could be done within Exim would be, for <EM>every</EM> message
- on the queue, to go through the motions of routing each undelivered
- address and see if that resulted in a delivery to the host of interest.
- This could be extremely expensive (e.g. 1,000 messages on the queue,
- only 1 for the given host).
-
-</P>
-<P>
- The bottom line is that Exim just wasn't designed for this kind of
- operation, that is, holding messages for intermittently connected hosts.
- The queueing arrangements are designed for handling delivery problems
- that are not expected to be common.
-
-</P>
-<P>
- A better way to do this is to implement the required queues separately.
- After all, keeping such mail on an "active" queue (where Exim will keep
- trying to deliver) is silly. If there is a lot of mail for these hosts,
- it also masks genuine delivery problems when you inspect the queue.
-
-</P>
-<P>
- Large ISPs who provide this kind of functionality do not usually leave
- waiting mail on the MTA's queue. Instead, they get it delivered into
- per-host directories, one message per file, in one of the special
- formats (BSMTP, maildir, or mailstore) and when an ETRN arrives, it
- kicks off some completely different program that establishes an SMTP
- connection to the host and shovels the waiting mail down it. That seems
- to me to be a much neater way of doing this. It means you can easily add
- additional functionality such as archiving or throwing away uncollected
- mail.
-
-</P>
-<P>
- One program that has this functionality is "ssmtp", which can be
- found in <B><A HREF="ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.">ftp://metalab.unc.edu/pub/Linux/system/mail/mta/.</A></B>
- Alternatively, sample configuration C037 demonstrates an elegant way of
- using Exim itself to deliver the saved messages when the client issues
- an ETRN.
-
-</P>
-<A NAME="SEC163" HREF="FAQ.html#TOC163">Q0522</A>: If email has been deferred to a member on a local mailing list
- (implemented through forward files), and one of our ETRN clients is on
- this mailing list, the <B>-R</B> won't "flush" the mailing list message for
- that client.
-
-
-<P>
-A0522: That is because <B>-R</B> matches only original recipient addresses, not those
- produced as a result of expansion, because these are not (by default)
- preserved from delivery to delivery. You can get round this by setting
- <TT>one_time</TT> on the <B>forwardfile</B> director, but you are not allowed to have
- expansions to pipes or files on directors that have <TT>one_time</TT> set.
- Therefore, you will have to have a separate director for mailing lists
- (with <TT>one_time</TT> set) to the one used for normal forward files that might
- specify pipe or file deliveries. However, the problem will then still be
- present for any user who sets up a <B>.forward</B> file to redirect to any of
- the ETRN domains. See the last 3 paragraphs of
- <A HREF="FAQ.html#SEC162">A0521</A> for a discussion of
- an alternative approach.
-
-</P>
-<A NAME="SEC164" HREF="FAQ.html#TOC164">Q0523</A>: Exim seems to be sending the same message twice, according to the log,
- although there is a difference in capitalization of the local part of
- the address.
-
-
-<P>
-A0523: That is correct. The RFCs are explicit in stating that capitalization
- matters for local parts. For remote domains, Exim is not entitled to
- assume case independence of local parts. I know, it is utterly silly,
- and it causes a lot of grief, but that's what the rules say. Here is a
- quote from the draft of the forthcoming revision to RFC 821:
-
-</P>
-<P>
- ... a command verb, an argument value other than a mailbox
- local-part, and free form text MAY be encoded in upper case,
- lower case, or any mixture of upper and lower case with no impact
- on its meaning. This is NOT true of a mailbox local-part. The
- local-part of a mailbox MUST BE treated as case sensitive.
- Therefore, SMTP implementations MUST take care to preserve the
- case of mailbox local-parts. Mailbox domains are not case
- sensitive. However, exploiting the case sensitivity of mailbox
- local-parts impedes interoperability and is discouraged.
-
-</P>
-<A NAME="SEC165" HREF="FAQ.html#TOC165">Q0524</A>: How can I force the next retry time for a host to be now?
-
-
-<P>
-A0524: (A) You can force a particular message to be delivered with the <B>-M</B>
- command line option. If it succeeds, the retry data will get cleared. If
- the host is past the cutoff time, so that messages are bouncing
- immediately without trying a delivery, you can use <B>-odq</B> to put a message
- on the queue without a delivery attempt, and then use <B>-M</B> on it.
-
-</P>
-<P>
- (B) You can change the retry time with the <TT>exim_fixdb</TT> utility, but its
- interface is very clumsy.
-
-</P>
-<A NAME="SEC166" HREF="FAQ.html#TOC166">Q0525</A>: I set up "|/bin/grep Subject|/usr/bin/smbclient <B>-M</B> <netbiosname>" as an
- alias but it doesn't work.
-
-
-<P>
-A0525: That is a shell command line. Exim does not run pipe commands under a
- shell by default (for added security - and it saves a process). You
- need something like
-
-</P>
-<PRE>
- "|/bin/sh -c '/bin/grep Subject|/usr/bin/smbclient -M <netbiosname>'"</PRE>
-<A NAME="SEC167" HREF="FAQ.html#TOC167">Q0526</A>: Why does the pipe transport add a line starting with ">From" to
- messages?
-
-
-<P>
-A0526: Actually, it adds a line starting with "From", because that is the
- default of the "prefix" option (/usr/ucb/vacation needs it, and that is
- the most common use of piping). If you don't want it, change the setting
- of "prefix".
-
-</P>
-<A NAME="SEC168" HREF="FAQ.html#TOC168">Q0527</A>: I have set <TT>fallback_hosts</TT> on my smtp transport, but after the error
- <B><B>"sem@chat.ru</B></B> cannot be resolved at this time" Exim isn't using them.
-
-
-<P>
-A0527: <TT>fallback_hosts</TT> only works if an attempt at delivery to the original
- host(s) fails. In this case, Exim couldn't even resolve the domain
- <B>chat.ru</B> to discover what the original hosts were, so it never got as far
- as the transport. However, see
- <A HREF="FAQ.html#SEC89">Q0322</A> for a possible solution.
-
-</P>
-<A NAME="SEC169" HREF="FAQ.html#TOC169">Q0528</A>: After the holidays my ISP has always hundreds of e-mails waiting for me.
- These are forced down Exim's throat in one go. Exim spawns a lot of
- kids, but is there some limit to the number of processes it creates?
-
-
-<P>
-A0528: Unless you have changed <TT>smtp_accept_queue_per_connection</TT> (introduced at
- release 2.03) it should only spawn that many processes per connection
- (default 10). Your ISP may be making many connections, of course. That
- is limited by <TT>smtp_accept_max</TT>.
-
-</P>
-<A NAME="SEC170" HREF="FAQ.html#TOC170">Q0529</A>: When a message in the queue got to 12h old, Exim wrote 'retry timeout
- exceeded' and removed <EM>all</EM> messages in the queue to this host - even
- recent messages. How I can avoid this behaviour? I only want to remove
- messages that have exceeded the maximum retry time.
-
-
-<P>
-A0529: Exim's retrying is host-based rather than message-based. The philosophy
- is that if a host has been down for a very long time, there is no point
- in keeping messages hanging around. However, you might like to check
- out <TT>delay_after_cutoff</TT> in the smtp transport. It doesn't do what you
- want, but it might help.
-
-</P>
-<A NAME="SEC171" HREF="FAQ.html#TOC171">Q0530</A>: Can Exim add a Content-Length: header to messages it delivers?
-
-
-<P>
-A0530: You could include something like
-
-</P>
-<PRE>
- headers_remove = "content-length"
- headers_add = "Content-Length: $message_body_size"</PRE>
-<P>
- to the appendfile transport. However, the use of Content-Length: can
- cause several problems, and is not recommended unless you really know
- what you are doing. There is a discussion of the problems in
-
-</P>
-<P>
- <B><A HREF="http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html">http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html</A></B>
-
-</P>
-<A NAME="SEC172" HREF="FAQ.html#TOC172">Q0531</A>: Exim seems to be trying to deliver a message every 10 minutes, though
- the retry rules specify longer times after a while, because it is
- writing a log entry every time, like this:
-
-
-<PRE>
- 1999-08-26 14:51:19 11IVsE-000MuP-00 == example@example.com T=smtp defer
- (-34): some host address lookups failed and retry time not reached for
- other hosts or connection limit reached</PRE>
-<P>
-A0531: It is <EM>looking</EM> at the message every 10 minutes, but it isn't actually
- trying to deliver. It's looking up <B>example.com</B> in the DNS and finding
- this information:
-
-</P>
-<PRE>
- example.com. MX 10 example-com.isp.example.com.
- example.com. MX 0 mail.example.com.
- mail.example.com. A 202.77.183.45
- A lookup for example-com.isp.example.com. yielded NXDOMAIN</PRE>
-<P>
- The last line means that there is no address (A) record in the DNS for
- <B>example-com.isp.example.com.</B> That accounts for "some host address
- lookups failed", but the retry time for <B>mail.example.com</B> hasn't been
- reached, which accounts for "retry time not reached for other hosts".
-
-</P>
-<A NAME="SEC173" HREF="FAQ.html#TOC173">Q0532</A>: I am trying to set exim up to have a automatic failover if it sees that
- the system that it is sending all mail to is down.
-
-
-<P>
-A0532: Add to the <TT>remote_smtp</TT> transport the following:
-
-</P>
-<PRE>
- fallback_hosts = failover.server.name(s)</PRE>
-<P>
- If there are several names, they must be separated by colons.
-
-</P>
-<A NAME="SEC174" HREF="FAQ.html#TOC174">Q0533</A>: I can't get Exim to deliver over NFS. I get the error "fcntl() failed:
- No locks available", though the lock daemon is running on the NFS server
- and other hosts are able to access it.
-
-
-<P>
-A0533: Check that you have lockd running on the NFS <EM>client</EM>. This is not
- always running by default on some systems (Red Hat is believed to be one
- such system).
-
-</P>
-<A NAME="SEC175" HREF="FAQ.html#TOC175">Q0534</A>: Why does Exim bounce messages without even attempting delivery, giving
- the error "retry time not reached for any host after a long failure
- period"?
-
-
-<P>
-A0534: This message means that all hosts to which the message could be sent
- have been failing for so long that the end of the retry period
- (typically 4 or 5 days) has been reached. In this situation, Exim still
- computes a next time to retry, but any messages that arrive in the
- meantime are bounced straight away. You can alter this behaviour by
- unsetting the <TT>delay_after_cutoff</TT> option on the smtp transport. Then Exim
- will try most messages for those hosts once before giving up.
-
-</P>
-<A NAME="SEC176" HREF="FAQ.html#TOC176">Q0535</A>: My <B>.forward</B> file is "|/usr/bin/procmail <B>-f-"</B> and mail gets delivered,
- but there was a bounce to the sender, sending him the output of procmail.
- How can I prevent this?
-
-
-<P>
-A0535: Exim's default configuration is set up like this:
-
-</P>
-<PRE>
- address_pipe:
- driver = pipe
- return_output</PRE>
-<P>
- The <TT>return_output</TT> option requests that <EM>any</EM> output that the pipe
- produces be returned to the sender. That is the safest default. If you
- don't want this, you can either remove the option altogether, or change
- it to <TT>return_fail_output</TT>, to return output only if the command fails.
- Note that this will affect all pipes that users run, not just your
- procmail one. It might be better to arrange for procmail not to produce
- any output when it succeeds.
-
-</P>
-<A NAME="SEC177" HREF="FAQ.html#TOC177">Q0536</A>: Can I write an ordinary file when I running a perl script as a transport
- filter for <TT>remote_smtp</TT> and <TT>address_pipe</TT> transports?
-
-
-<P>
-A0536: Yes, provided the file is writeable by the Exim user. However, if two
- messages are being delivered at once, their data will get mixed up in
- the file unless you implement your own locking scheme. If all you want
- to do is to take a copy of the message, another approach that avoids
- the locking problem is to use a system filter to set up an "unseen"
- delivery to a file. If you only want the message's headers, you can
- set <TT>message_filter_file_transport</TT> to point to a special appendfile
- transport that has <TT>headers_only</TT> set.
-
-</P>
-<A NAME="SEC178" HREF="FAQ.html#TOC178">Q0537</A>: I have some mails on my queues that are sticking around longer than
- the retry time indicates they should. They are all getting frozen
- because some remote admin has set their MX record to 127.0.0.1.
-
-
-<P>
-A0537: The admin in question is an idiot. Exim will always freeze such messages
- because they are apparently routed to the local host. There are two
- router options that can help you deal with them.
-
-</P>
-<P>
- (1) Set
-
-</P>
-<PRE>
- self = fail</PRE>
-<P>
- on the router which handles the domain - in a simple configuration this
- will be the <B>lookuphost</B> router. This will cause the relevant addresses to
- bounce, instead of freezing the message.
-
-</P>
-<P>
- (2) If you are running Exim 3.20 or later, you can set
-
-</P>
-<PRE>
- ignore_target_hosts = 127.0.0.1</PRE>
-<P>
- on the router instead. This causes Exim to completely ignore any hosts
- with that IP address.
-
-</P>
-<A NAME="SEC179" HREF="FAQ.html#TOC179">Q0538</A>: My <B>/var/spool/mail</B> has grown drastically. Is there any possibility of
- using two files in <B>exim.cfg</B> ?
-
-
-<P>
-A0538: You can use an expansion string to split mailboxes between two
- directories. For example,
-
-</P>
-<PRE>
- file = /var/spool/mail${nhash_2:$local_part}/$local_part</PRE>
-<P>
- which does a hash on the local part, producing either 0 or 1, thereby
- using mail0 or mail1. But remember, the MUAs that read these mailboxes
- also have to know where they are.
-
-</P>
-<A NAME="SEC180" HREF="FAQ.html#TOC180">Q0539</A>: Sendmail has a program called smrsh that restricts what binaries
- can be run from sendmail aliases. Is there someting like this in Exim ?
-
-
-<P>
-A0539: Check out the <TT>allow_commands</TT> option in the pipe transport.
-
-</P>
-<A NAME="SEC181" HREF="FAQ.html#TOC181">Q0540</A>: I wish to have large emails go out one at a time.
-
-
-<P>
-A0540: One possibility is to set up a router that defers all large messages,
- except in queue runs. Since queue runners deliver just one
- message at a time, if you limited the number of simultaneous queue
- runners to 1, you would get the effect you wanted. A suitable router
- might be
-
-</P>
-<PRE>
- defer_if_large_unless_queue_run:
- driver = domainlist
- self = defer
- condition = ${if or{{queue_running}{<{$message_size}{200K}}}{no}{yes}}
- route_list = * 127.0.0.1 byname</PRE>
-<P>
- Of course, this would always delay any large message until the next
- queue runner, but if you run them fairly regularly, this shouldn't be a
- huge problem. (May even be desirable!)
-
-</P>
-<BR><H2><A NAME="SEC182" HREF="FAQ.html#TOC182">6. UUCP
-
-</A></H2>
-<A NAME="SEC183" HREF="FAQ.html#TOC183">Q0601</A>: The MX records for some UUCP domains point to my local host. How do I
- get it to pass the messages on to UUCP?
-
-
-<P>
-A0601: There are several possibilities. One straightforward way is to set up
- a <B>domainlist</B> router which matches the UUCP domains and routes to a
- suitable transport. Sample configuration C003 is such a configuration,
- while C004 shows another way to do it, by defining the domains as local
- and using a <B>smartuser</B> director.
-
-</P>
-<P>
- If <EM>all</EM> the domains whose MX records point to the local host are either
- local domains or UUCP domains, you can do without the <B>domainlist</B> router
- altogether, by making use of the "self" option. This means that only the
- DNS has to be updated when a UUCP domain is added or removed.
-
-</P>
-<P>
- For example, this router routes to remote hosts over SMTP using a DNS
- lookup with default options, and fails for unknown domains (because of
- the <TT>no_more</TT> setting), but if the MX for a domain points at the local
- host, Exim continues on to the next router (self = <TT>fail_soft</TT> overrides
- <TT>no_more)</TT>.
-
-</P>
-<PRE>
- lookuphost:
- driver = lookuphost
- transport = smtp
- no_more
- self = fail_soft</PRE>
-<P>
- The next router can just send everything to a suitable UUCP transport:
-
-</P>
-<PRE>
- uucp:
- driver = domainlist
- transport = uux_transport
- route_list = "* $domain"</PRE>
-<P>
- This assumes that the transport can determine the UUCP host name from
- the domain name.
-
-</P>
-<A NAME="SEC184" HREF="FAQ.html#TOC184">Q0602</A>: How can I get Exim to handle "bang path" addresses?
-
-
-<P>
-A0602: In general, you can't (Exim is an Internet mailer and recognizes only
- RFC 822 addresses) but some restricted kinds of bang path can be dealt
- with by appropriate rewriting - but please note the warning below.
-
-</P>
-<P>
- Exim treats a bang path address as an unqualified local part, and so
- will qualify it with your domain. A rule such as
-
-</P>
-<PRE>
- ^([^!]+)!(.+)@your\.domain$ $2@$1</PRE>
-<P>
- turns <B><B>a!b@your.domain</B></B> into <B><B>b@a.</B></B> You can also use a repeating rule to
- turn multi-component paths into the "percent hack" notation with a rule
- such as
-
-</P>
-<PRE>
- ^([^!]+)!([^@%]+)(.+)$ $2%$1$3 R</PRE>
-<P>
- which turns <B>a!b@c</B> into <B>b%a@c</B> and <B>a!b!c@d</B> first into <B>b!c%a@d</B> and then,
- because of the R flag, into <B><B>c%b%a@d.</B></B> The R flag causes repetition up to
- 10 times.
-
-</P>
-<P>
- See also sample configuration C002, which contains some more
- sophisticated rewriting rules.
-
-</P>
-<P>
- WARNING: If you install a general rewriting rule like the above, you are
- opening yourself up to the possibility of unwanted relaying. A host that
- is not permitted to relay through your system could send a message with
- an SMTP command line such as
-
-</P>
-<PRE>
- RCPT TO:<victim-host!victim-user@your.domain></PRE>
-<P>
- and this would be accepted because it is addressed to your domain.
- However, the rewriting then converts the address, and the message does
- in fact get relayed. One way round this, if all your bang path messages
- are passed to Exim via SMTP, is to use the "S" rewriting flag. This
- applies a rewriting rule to incoming SMTP addresses as soon as they are
- received, before checking for qualification, relaying, etc. So a rule
- such as
-
-</P>
-<PRE>
- ^([^!]+)!(.+)$ $2@$1 S</PRE>
-<P>
- rewrites simple two-component bang paths before the result is checked
- for relaying. However, this does not rewrite addresses in the headers of
- the message.
-
-</P>
-<A NAME="SEC185" HREF="FAQ.html#TOC185">Q0603</A>: We see something strange on our system in regards to mail comming in via
- rmail from a UUCP link. The sender is being set to mailmaster instead of
- the real sender, and a Sender: header is being added to the message.
-
-
-<P>
-A0603: If mailmaster is the user that is running rmail, you need to include
- that user in the <TT>trusted_users</TT> configuration option. Only trusted users
- are permitted to specify senders when mail is passed to Exim via the
- command line.
-
-</P>
-<BR><H2><A NAME="SEC186" HREF="FAQ.html#TOC186">7. PERFORMANCE
-
-</A></H2>
-<A NAME="SEC187" HREF="FAQ.html#TOC187">Q0701</A>: I'm running a large mail server. Should I set <TT>split_spool_directory</TT> to
- improve performance?
-
-
-<P>
-A0701: There doesn't seem to be any significant performance hit using a flat
- queue on Solaris systems, so there is no need to do this for them. On
- the other hand, there is a known performance problem on Linux filing
- systems, where <TT>split_spool_directory</TT> can make a significant difference.
- ???? Other operating systems ????
-
-</P>
-<A NAME="SEC188" HREF="FAQ.html#TOC188">Q0702</A>: How well does Exim scale?
-
-
-<P>
-A0702: Although the author did not specifically set out to write a high-
- performance MTA, Exim does seem to be fairly efficient. The biggest
- server at the University of Cambridge (a large Sun box) goes over
- 100,000 deliveries per day on busy days (it has over 20,000 users).
- There was a report of a mailing list exploder that sometimes handles
- over 100,000 deliveries a day on a big Linux box, the record being
- 177,000 deliveries (791MB in total). Up to 13,000 deliveries an hour
- have been reported.
-
-</P>
-<P>
- These are quotes from some Exim users:
-
-</P>
-<P>
- "... Canada's largest internet provider, uses Exim on all of our mail
- machines, and we're absolutely delighted with it. It brought life back
- into one of our machines plagued with backlogs and high load averages.
- Here's just an example of how much email our largest mail server
- (quad SS1000) is seeing ... " [230,911 deliveries in a day: 4,475MB]
-
-</P>
-<P>
- "... Exim has to ... do gethostbyname()s and RBL lookups on all of the
- incoming mail servers, and he runs from <B>inetd</B> (TCP Wrappers connected).
- All the same, it seems to me that he runs as fast as lightning on our
- SCO 5.0.4 box (1 Pentium 166) - far faster than MMDF which I (and many
- customers) had before."
-
-</P>
-<P>
- "On a PII 400 with 128M of RAM running Linux 2.2.5, I have achieved
- 36656 messages per hour (outgoing unique messages and recipients). For
- about a 5 minute period, I was able to achieve an average of 30 messages
- per second (that would be 108000 m/hour)! We are using: (options that
- make a difference):
-
-</P>
-<PRE>
- queue_only
- split_spool_directory
- auto_thaw 60s
- max_queue_run 1
- remote_max_parallel 1</PRE>
-<P>
- We have a cron job hat runs every five minutes that spawns 5 exim <B>-q</B> if
- there are less that 120 exim processes currently running. We found
- that by "manually" controlling the concurrency of exim <B>-q</B> processes
- contending for the spool for <TT>remote_smtp</TT> delivery that we gained
- considerable performance <B>--</B> 10000 m/hour."
-
-</P>
-<A NAME="SEC189" HREF="FAQ.html#TOC189">Q0703</A>: We have a large password file. Can Exim use alternative lookups during
- delivery to speed things up?
-
-
-<P>
-A0703: Yes. You don't have to use the password file at all. See sample
- configuration C009 for some suggestions. (It shows lsearch lookups, but
- these could equally be DBM or cdb or NIS or LDAP lookups.)
-
-</P>
-<P>
- If you are using FreeBSD, this problem should not arise, because it
- automatically uses an indexed password file. In some other operating
- systems you can arrange for this to happen too. On Linux, for example,
- all you need to do is
-
-</P>
-<PRE>
- # cd /var/db
- # make</PRE>
-<P>
- and put "db" before "files" in any <B><B>/etc/nsswitch.conf</B></B> lines you want to
- use db for.
-
-</P>
-<A NAME="SEC190" HREF="FAQ.html#TOC190">Q0704</A>: I just wondered if it might be helpful to put the hints database on a
- RAM disk during regular operation. Did anybody try that yet?
-
-
-<P>
-A0704: A user reported thus: I have found that this works GREAT under Solaris.
- Make a RAM disk partition and keep everything in the "db" directory on
- it. However, when I try the same thing on Linux, I don't see the same
- boost. I think that Linux's file buffer cache works about the same.
- Plus, this leave more room for processes to run.
-
-</P>
-<BR><H2><A NAME="SEC191" HREF="FAQ.html#TOC191">8. POLICY CONTROLS
-
-</A></H2>
-<A NAME="SEC192" HREF="FAQ.html#TOC192">Q0801</A>: How do I block unwanted messages from outside my host?
-
-
-<P>
-A0801: There are several different options that can be used to block incoming
- SMTP messages according to different criteria. The following are the
- most commonly used:
-
-</P>
-<P>
- (A) Set <TT>sender_verify</TT>; this causes rejection of any message whose
- envelope sender cannot be successfully routed. This is mainly a
- check on the existence of remote domains, though it the domain is a
- local one, the local part also gets checked. Unfortunately, error
- mesages do not have envelope sender addresses, so cannot be checked
- in this way. See the <TT>headers_sender_verify</TT> options for ways of
- checking header addresses.
-
-</P>
-<P>
- (B) If you want to block all mail from specific hosts or IP networks,
- set <TT>host_reject_recipients</TT>. The <TT>_recipients</TT> form of the option is
- more likely to prevent the remote hosts from keeping on trying. For
- example:
-
-</P>
-<PRE>
- host_reject_recipients = 209.12.111.0/24</PRE>
-<P>
- If you have many such blocks, they can be put in a file which is
- named in the option. If you have a mixture of IP addresses and names
- in your list, it is best to put the addresses first, because they
- can be checked without the need for a DNS lookup.
-
-</P>
-<P>
- (C) If you want to block mail from specific envelope sender addresses,
- one convenient way is to organize a file of local parts indexed by
- domain names, for example
-
-</P>
-<PRE>
- x.y.z creditrepair:^betterlovelife[0-9]+$:...
- p.q.r *</PRE>
-<P>
- This would block <B><B>creditrepair@x.y.z</B>,</B> any local part starting with
- <B>betterlovelife</B> and ending with digits in the <B>x.y.z</B> domain, and
- all addresses in the <B>p.q.r</B> domain. You refer to the file in the Exim
- configuration as follows:
-
-</P>
-<PRE>
- sender_reject_recipients = @@lsearch*;/name/of/the/file</PRE>
-<P>
- If the file is big, you can convert it into a DBM or cdb file and
- use a faster lookup method. The asterisk on the end of the search
- type causes a lookup for "*" if the domain is not found; that is, it
- permits a default list of local parts that are blocked at any
- domain that is not specifically listed. If you use this, you
- probably also want to end each local part list with ">*" (except
- those that consist of "*"). This causes Exim to check the default
- list of local parts if none of the specific ones for a domain are
- matched. So, the file above could become
-
-</P>
-<PRE>
- * yourfriend:a.friend:...
- x.y.z creditrepair:^betterlovelife[0-9]+$:>*
- p.q.r *</PRE>
-<P>
- If you are using an lsearch file, putting the * entry first saves a
- bit of processing.
-
-</P>
-<P>
- (D) If you want to allow mail to postmaster through the blocks, you can
- set
-
-</P>
-<PRE>
- recipients_reject_except = postmaster@your.domain</PRE>
-<P>
- This overrides any of the policy controls that cause rejection by
- recipient.
-
-</P>
-<A NAME="SEC193" HREF="FAQ.html#TOC193">Q0802</A>: I don't want to block spam entirely; how can I inspect each message
- before deciding whether to deliver it or not?
-
-
-<P>
-A0802: This can be done by using a system filter. See the sample configuration
- F003.
-
-</P>
-<A NAME="SEC194" HREF="FAQ.html#TOC194">Q0803</A>: How can I test that my spam blocks are working?
-
-
-<P>
-A0803: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
- given IP address. For example,
-
-</P>
-<PRE>
- exim -bh 192.203.178.39</PRE>
-<P>
- In addition to the normal SMTP replies, it outputs commentary about
- which tests have succeeded or failed.
-
-</P>
-<A NAME="SEC195" HREF="FAQ.html#TOC195">Q0804</A>: How can I test that Exim is correctly configured to use the Realtime
- Blocking List (RBL)?
-
-
-<P>
-A0804: The <B>-bh</B> option allows you to run a testing SMTP session as if from a
- given address. You need to know a blocked IP address with which to test.
- Such a testing address is kindly provided by Russell Nelson:
-
-</P>
-<PRE>
- linux.crynwr.com [192.203.178.39]</PRE>
-<P>
- You can also send mail to <B><B>nelson@linux.crynwr.com</B></B> from the server
- whose RBL block you are testing. The robot that receives that email
- will attempt to send a piece of test email in reply. If your RBL block
- didn't work, you get a message to that effect. Regardless of whether the
- RBL block succeeds or not it emails you the results of the SMTP
- conversation from a host that is not on the RBL, so you can see how your
- server looks from the view of someone on the RBL.
-
-</P>
-<A NAME="SEC196" HREF="FAQ.html#TOC196">Q0805</A>: How can I use <B>tcpwrappers</B> in conjunction with Exim?
-
-
-<P>
-A0805: Exim's own control facilities can do all that <B>tcpwrappers</B> can do.
- However, if you are already using <B>tcpwrappers</B> for other things it might
- be convenient to include Exim controls in the same place.
-
-</P>
-<P>
- First of all, ensure that Exim is built to call the <B>tcpwrappers</B> library,
- by including <TT>USE_TCPWRAPPERS=yes</TT> in <B>Local/Makefile</B>. You also need to
- ensure that the header file <B>tcpd.h</B> is available at compile time, and the
- <B>libwrap.a</B> library is available at link time, typically by including it in
- <TT>EXTRALIBS</TT>. You may need to copy these two files from the <B>tcpwrappers</B>
- build directory to, for example, <B>/usr/local/include</B> and <B>/usr/local/lib</B>,
- respectively. Then you could reference them by
-
-</P>
-<PRE>
- CFLAGS=-I/usr/local/include
- EXTRALIBS=-L/usr/local/lib -lwrap</PRE>
-<P>
- in <B>Local/Makefile</B>. There are two ways to make use of the functionality,
- depending on how you have <B>tcpwrappers</B> set up. If you have it set up to
- use only one file, you ought to have something like:
-
-</P>
-<PRE>
- /etc/hosts.allow:</PRE>
-<PRE>
- exim : <client_list> : <allow_or_deny></PRE>
-<P>
- For example:
-
-</P>
-<PRE>
- exim : LOCAL 192.168.0. .friendly.domain special.host : ALLOW
- exim : ALL : DENY</PRE>
-<P>
- This allows connections from local hosts (chiefly `localhost'), from
- the subnet 192.168.0.0/24, from all hosts in <B>*.friendly.domain,</B> and
- from a specific host called <B>special.host.</B> All other connections are
- denied. If you have <B>tcpwrappers</B> set up to use two files, use the
- following:
-
-</P>
-<PRE>
- /etc/hosts.allow:</PRE>
-<PRE>
- exim : <client_list></PRE>
-<PRE>
- /etc/hosts.deny:</PRE>
-<PRE>
- exim : <client_list></PRE>
-<P>
- Read the <TT>hosts_access(5)</TT> man page for more ways of specifying clients,
- including ports, <B>etc.,</B> and on logging connections.
-
-</P>
-<A NAME="SEC197" HREF="FAQ.html#TOC197">Q0806</A>: How can I get POP-auth-before-relay support in Exim?
-
-
-<P>
-A0806: See <B><A HREF="http://cc.ysu.edu/~doug/exim-pop.tar.Z">http://cc.ysu.edu/~doug/exim-pop.tar.Z</A></B> which has some scripts for
- this, courtesy of Doug S <B><B><doug@cc.ysu.edu</B>>.</B> See also
- <A HREF="FAQ.html#SEC226">Q0835</A>.
-
-</P>
-<A NAME="SEC198" HREF="FAQ.html#TOC198">Q0807</A>: I have one or two cases where my machine correctly rejects messages, but
- the remote machine is quite persistent, and keeps trying over and over.
-
-
-<P>
-A0807: It is an unfortunate fact that a number of SMTP clients, in violation of
- the SMTP RFC, do not treat a permanent error code that is given after
- the MAIL FROM command or the DATA portion of the transaction as a
- permanent error. Consequently they keep resending the message. Failing
- checks on a message's headers (the <TT>headers_</TT>... options) necessarily
- result in an error code after the data has been received.
-
-</P>
-<A NAME="SEC199" HREF="FAQ.html#TOC199">Q0808</A>: I am seeing the error "no valid sender in message headers: return path
- is <>" in the reject log. Isn't <> a valid return path for error
- messages?
-
-
-<P>
-A0808: It is indeed valid. The complaint here is about the contents of the
- message's headers, not the return path. This message has been reworded
- in later versions of Exim. You must have set the <TT>headers_sender_verify</TT>
- option. Check the From:, Reply-to: and Sender: headers that were logged
- with the error. You can use Exim's <B>-bv</B> option to find out why
- verification of those addresses failed.
-
-</P>
-<A NAME="SEC200" HREF="FAQ.html#TOC200">Q0809</A>: Let's say that we want to run a mail server that does not care if you
- have proper reverse DNS. If you include <TT>host_reject</TT> lines in your
- config file, Exim will always reject connections from such hosts. How
- can this be avoided?
-
-
-<P>
-A0809: This is true only if you have wild-carded host names in <TT>host_reject</TT>.
- For complete host names, Exim uses a DNS forward lookup to obtain an IP
- address to compare. If you are using wild cards of any sort, put
- <TT>+allow_unknown</TT> as an item in your host list, for example:
-
-</P>
-<PRE>
- host_reject = +allow_unknown : *.def.zz : *.stu.yy</PRE>
-<P>
- This will allow any host without reverse DNS to bypass the checks. Note
- that it means that the owner of <B>abc.def.zz</B> (for example) can trivially
- get round your block simply by deleting the PTR record for <B>abc.def.zz.</B>
- If you use +warn_unknown instead of <TT>+allow_unknown</TT>, the action is the
- same, but every time the exception is invoked, it is logged.
-
-</P>
-<A NAME="SEC201" HREF="FAQ.html#TOC201">Q0810</A>: Is there a way to prevent lookups in the RBL for local hosts?
-
-
-<P>
-A0810: Check out the <TT>rbl_hosts</TT> option.
-
-</P>
-<A NAME="SEC202" HREF="FAQ.html#TOC202">Q0811</A>: How can I set up the <TT>sender_reject</TT> option in my config file so I can
- reject mail by matching regular expressions?
-
-
-<P>
-A0811: You must either put the regular expressions directly in the option
- setting, or in a file that is referenced by a plain file name, or use
- an @@ type of search. If the regular expressions match the domain as
- well as the local part, then the first two approaches are the only
- possible ones. For example:
-
-</P>
-<PRE>
- sender_reject_recipients = ^.*\.spam\.com$ : ^.*@[0-9]+\.com$</PRE>
-<P>
- or
-
-</P>
-<PRE>
- sender_reject_recipients = /some/file</PRE>
-<P>
- Each line of the file is treated as if it were an entry in the list, and
- must begin with ^ if it is a regular expression. No keys are involved
- because this is not a lookup,
-
-</P>
-<P>
- If you are using version 2.10 or later, the first of those regular
- expressions can be rewritten to execute much more efficiently by
- using lookbehinds and once-only subpatterns:
-
-</P>
-<PRE>
- sender_reject_recipients = ^(?>.*$)(?<=\.spam\.com)</PRE>
-<P>
- See the manual section entitled "Address lists" for a description of the
- @@ type of split domain/local part lookup. See also
- <A HREF="FAQ.html#SEC192">Q0801</A>.
-
-</P>
-<A NAME="SEC203" HREF="FAQ.html#TOC203">Q0812</A>: Normally <TT>sender_reject_recipients</TT> works fine, but addresses that have
- some uppercase letters in them seem to come through.
-
-
-<P>
-A0812: This should no longer be the case from release 3.00 onwards. Although
- host and domain names are case-insensitive, the RFCs about mail specify
- that local parts are case sensitive. When earlier versions of Exim
- looked up a sender address in <TT>sender_reject_recipients</TT>, they did so
- using the caseful form, in order to be compliant with the mail RFCs.
- (In principle, <B>user@domain</B> and <B>USER@domain</B> might be different
- people. Silly, I know, but that's the rule. It has caused a lot of
- grief.) However, RFC 2305 (Anti-Spam Recommendations for SMTP MTAs)
- recommends that address checking in blocking lists should be done
- caselessly, so Exim now does this by default.
-
-</P>
-<A NAME="SEC204" HREF="FAQ.html#TOC204">Q0813</A>: I want to accept some sender addresses, even though they do not verify.
- There doesn't seem to be an option for verification exceptions, so how
- can I do this?
-
-
-<P>
-A0813: Set up a special director or router to ensure that those addresses do
- verify, using <TT>verify_only</TT> and <TT>verify_sender</TT> so that it is not used
- during delivery or recipient verification. For example, here is a router
- which verifies the address <B><B>root@somedomain.com</B>:</B>
-
-</P>
-<PRE>
- verify_exceptions:
- driver = domainlist
- verify_only
- verify_sender
- domains = some.domain.com
- local_parts = root
- route_list = *</PRE>
-<A NAME="SEC205" HREF="FAQ.html#TOC205">Q0814</A>: We are being plagued by forged mail coming from a number of different
- hosts and sender addresses. The guy however leaves a fingerprint. The
- first received line always contains 'Received: from baby'. What is the
- best suggested way for eliminiating him from our systems?
-
-
-<P>
-A0814: You cannot, unfortunately, prevent the message from getting into your
- system, because the message has to be read before you can inspect the
- Received: header. The best you can do is to install a system filter
- which junks any message containing such a header. Thus the sender still
- wastes bandwidth and your resources in transporting the message to you,
- but you just throw it away. A simple system filter that does this is
-
-</P>
-<PRE>
- # Exim filter
- if $h_Received: contains "from baby" then seen finish endif</PRE>
-<A NAME="SEC206" HREF="FAQ.html#TOC206">Q0815</A>: I have set <TT>host_accept_relay</TT>, but my host still refuses to relay from
- matching hosts.
-
-
-<P>
-A0815: (A) Did you remember to HUP or restart the Exim daemon after changing
- the configuration? You can get information as to what options Exim
- is checking by using the <B>-bh</B> option to test how it would handle mail
- from a specific host.
-
-</P>
-<P>
- (B) Have you used any wild-card host names in <TT>host_accept_relay</TT>? <B>E.g:</B>
-
-</P>
-<PRE>
- host_accept_relay = *.aaa.bbb</PRE>
-<P>
- If so, the problem may be that the relevant hosts do not have
- reverse DNS entries for their IP addresses. In order to match a wild
- card name, Exim has to look up the calling host's name from its IP
- address, and if it cannot do so, it takes a hard line by default.
- Exim processes lists from left to right, and so will attempt a
- reverse DNS lookup at the first wild-carded entry it reaches. If you
- have IP addresses in your list, it is best to put them first for
- this reason. Suppose you had
-
-</P>
-<PRE>
- host_accept_relay = *.x.y : 10.9.8.7</PRE>
-<P>
- Then when the host 10.9.8.7 connects, a reverse lookup will still
- be done, because the first check is against <B>*.x.y.</B> If the lookup
- fails, relaying is rejected. However, if the list were in the
- opposite order, the IP check would succeed, and no DNS lookup would
- be done. See also
- <A HREF="FAQ.html#SEC200">Q0809</A>.
-
-</P>
-<A NAME="SEC207" HREF="FAQ.html#TOC207">Q0816</A>: How can I run customized verification checks on incoming addresses?
-
-
-<P>
-A0816: If you can implement your checks in Perl, then you can use Exim's
- facility for running an embedded Perl interpreter. For example, if you
- want to run special checks on local addresses, you could install this as
- your first director:
-
-</P>
-<PRE>
- private_verify:
- driver = smartuser
- condition = ${perl{verify}{$local_part}{$domain}}
- verify_only</PRE>
-<P>
- If you want this to be the only means of verification, you can set
- <TT>no_verify</TT> on all the other directors. Otherwise, if this director fails
- to verify, the address gets passed on to those that follow.
-
-</P>
-<P>
- The <TT>verify_sender</TT> and <TT>verify_recipient</TT> options can be used to restrict
- the director to sender or recipient verification only, and if necessary
- you could have two different directors, one for senders and one for
- recipients.
-
-</P>
-<P>
- If the result of the expansion of <TT>condition</TT> is not "no", "false" or
- "0", then address verification succeeds, because the director itself
- matches any address. The expansion of <TT>condition</TT> causes the Perl
- subroutine called "verify" to be run, with two arguments, the local part
- and the domain. The subroutine must be provided in Perl code that is
- referenced by the <TT>perl_startup</TT> option. See the chapter on embedded Perl
- for details.
-
-</P>
-<P>
- Remote addresses can be handled in a similar way by using a <B>domainlist</B>
- router that matches all domains. See also
- <A HREF="FAQ.html#SEC204">Q0813</A>.
-
-</P>
-<P>
- Starting up a Perl interpreter is not cheap. On a busy system you should
- first make sure that there isn't some way of using Exim's own facilities
- for doing what you want before going down this road.
-
-</P>
-<A NAME="SEC208" HREF="FAQ.html#TOC208">Q0817</A>: Does Exim apply RBL checks to error messages, those with an envelope
- sender of "<>" ?
-
-
-<P>
-A0817: Yes, it does, because the RBL check happens immediately on connection,
- before any commands are passed, and so therefore before it even knows
- that the envelope sender is "<>".
-
-</P>
-<A NAME="SEC209" HREF="FAQ.html#TOC209">Q0818</A>: I want to be able to set up a list, similar to <TT>sender_reject_recipients</TT>,
- but with a user-defined message. I believe I have to use a director for
- this.
-
-
-<P>
-A0818: You can do this using the <TT>prohibition_message</TT> mechanism (see the section
- entitled "Customizing prohibition messages" in the manual). This avoids
- having to use a director, and therefore doesn't require you to let the
- message into your host at all. Use something like this:
-
-</P>
-<PRE>
- prohibition_message = "\
- ${if eq {$prohibition_reason}{sender_reject_recipients}\
- {${lookup{$sender_address}lsearch{/some/file}{$value}}}{}}"</PRE>
-<P>
- This example looks up a message that is specific to the sender, but you
- can of course tailor the message any way you like. Vertical bar is
- treated as a line separator in prohibition texts.
-
-</P>
-<A NAME="SEC210" HREF="FAQ.html#TOC210">Q0819</A>: I want to reject certain sender-recipient combinations, with a specific
- message for each such combination.
-
-
-<P>
-A0819: That needs a special director, using the "senders" option to predicate
- it on the sender, and a file of recipients to fail for each sender.
- Something like this:
-
-</P>
-<PRE>
- forced_fail:
- driver = aliasfile
- senders = sender@domain.com : *@otherdomain.com
- file = /blocked/${lc:$sender_address}
- search_type = lsearch</PRE>
-<P>
- with the files containing lines like
-
-</P>
-<PRE>
- recipient: :fail: message</PRE>
-<P>
- If you are handling multiple local domains, you may want to set
- <TT>include_domain</TT> so you can specify fully qualified addresses in the
- files. If the files get big, an indexed search type such as DBM or cdb
- should be used.
-
-</P>
-<P>
- If you want to block an entire domain from a specific sender, you could
- use this director:
-
-</P>
-<PRE>
- domain_block:
- driver = aliasfile
- senders = dislikedsender@wherever
- file = /fail/all
- search_type = lsearch*</PRE>
-<P>
- with the file containing
-
-</P>
-<PRE>
- *: :fail: message</PRE>
-<P>
- The message text supplied after :fail: is restricted to a single line.
- If you want to send several paragraphs of message, instead of using
- :fail: you could use the <B>aliasfile</B> to pipe the message off so some
- script which generates a long message and then gives a non-zero return
- code so that the message gets returned to the sender.
-
-</P>
-<P>
- In all of these cases you are in trouble if the sender address is bad,
- because the bounce message you generate will get stuck.
-
-</P>
-<A NAME="SEC211" HREF="FAQ.html#TOC211">Q0820</A>: Will Exim allow me to create a file of regexs and match incoming
- external email to the list - and if a match is found file the offending
- message into a special location? Also is it possible to make exim only
- filter parts of an incoming email - e.g. ignore large MIME attachments
- for example and only process text/plain?
-
-
-<P>
-A0820: You can do some of this in a system filter. For example:
-
-</P>
-<PRE>
- if $message_body matches <...some complicated regex...> or
- $message_body matches <...some other regex...> or
- $header_from: matches <...regex...> or
- etc.
- then
- save /some/special/file
- endif</PRE>
-<P>
- or instead of "save" you could have "deliver" (to some address) or
- "pipe" (to some script).
-
-</P>
-<P>
- There isn't any mechanism for ignoring attachments, but <B>$message_body</B>
- only looks at the first n bytes of the body, where n defaults to 500 but
- can be changed.
-
-</P>
-<P>
- A more expensive alternative would be to run a Perl subroutine using the
- embedded Perl mechanism. If you passed over the message id, the Perl
- code could read the message files on the spool and implement any
- algorithm it liked for deciding what should be done.
-
-</P>
-<A NAME="SEC212" HREF="FAQ.html#TOC212">Q0821</A>: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
- command, to check if a user has exceeded their email quota. If they have
- I issue a temporary failure and a message - can I do this with Exim?
-
-
-<P>
-A0821: This could be done by arranging for a quota check to happen during the
- verification of the address after RCPT, but without hacking Exim you
- would have to use the embedded Perl facility to get it to run a Perl
- script to do the test.
-
-</P>
-<P>
- If the reason you want to do this is to avoid having messages for over-
- quota users sitting on your spool for many days, there is an
- alternative. In Exim you can set up special retry rules for quota
- excession (what we use is "if mailbox not read for 7 days, bounce
- immediately, otherwise try every hour for one day, then bounce").
-
-</P>
-<A NAME="SEC213" HREF="FAQ.html#TOC213">Q0822</A>: I'm looking for a rule to reject special unknown recipients.
-
-
-<P>
-A0822: If the messages in question are coming in via SMTP, you can turn on
- <TT>receiver_verify</TT> (if you haven't already) and arrange for these addresses
- not to verify. For example, if they are not in your local domains, you
- could use a router like this:
-
-</P>
-<PRE>
- verify_check_specials:
- driver = domainlist
- condition = "\
- ${if eq {$local_part@$domain}{account@host.domain}{yes}{no}}"
- verify_only
- fail_verify
- route_list = *</PRE>
-<P>
- where of course you can extend the <TT>condition</TT> setting to use regular
- expressions, file lookups, Perl calls, or anything else that is
- available. The failure of the verification causes an error return to the
- SMTP RCPT command, so the messages never get into your system. For
- addresses in your local domains you could use a <B>smartuser</B> director in a
- similar fashion, but you could also use an alias file with :fail:
- entries.
-
-</P>
-<P>
- If you are receiving such messages from the local host, then they are
- already in the system, and have to be failed locally as part of the
- delivery process. The :fail: mechanism is the simplest for local
- addresses. For remote addresses, one possibility would be to use a
- router with a <TT>condition</TT> setting to send such messages to an autoreply
- transport that sends back an error message to the sender. See also
-
- <A HREF="FAQ.html#SEC217">Q0826</A>.
-
-</P>
-<A NAME="SEC214" HREF="FAQ.html#TOC214">Q0823</A>: I'd like to pass all messages through a virus-scanning system before
- delivery. Can Exim do this?
-
-
-<P>
-A0823: One way of achieving this is to deliver all messages via a pipe to a
- checking program that resubmits them for delivery in some private way
- that can be checked (e.g. on a specific SMTP port, or IP address). One
- possibility is to use the "received protocol" field that can be set
- for locally submitted mail via the <B>-oMr</B> command line option. This
- director sends all messages that are not from the local host and whose
- received protocol is not "scanned-ok" to the <TT>virus_scan</TT> transport:
-
-</P>
-<PRE>
- vircheck:
- driver = smartuser
- transport = virus_scan
- condition = "${if or {{eq {$received_protocol}{scanned-ok}} \
- {eq {$sender_host_address}{127.0.0.1}}}\
- {0}{1}}"</PRE>
-<P>
- A similar router could be used if you want to scan messages for remote
- addresses. One problem is that this approach scans the message for each
- recipient, not just once per message.
-
-</P>
-<P>
- The <TT>virus_scan</TT> transport should be set up to pipe the message to a
- suitable checking program or script which runs as a trusted user. This
- can then re-submit the message to Exim, using <B>-oMr</B> to set the received
- protocol to "scanned-ok", and the <B>-f</B> option to set the correct envelope
- sender address. WARNING: If you forget to make the resubmitting process
- run as a trusted user, the received protocol does not get set, and you
- are likely to generate a loop.
-
-</P>
-<A NAME="SEC215" HREF="FAQ.html#TOC215">Q0824</A>: How can I accomplish this: a message sent from any host must either be
- sending to a domain in a list (a dbm file) or the sender's address
- domain must be in the list.
-
-
-<P>
-A0824: First of all, set
-
-</P>
-<PRE>
- relay_domains = dbm;/the/dbm/file</PRE>
-<P>
- This allows relaying from any host, provided that the recipient address
- matches one of the domains in the list. Then set
-
-</P>
-<PRE>
- host_accept_relay = *
- sender_address_relay = dbm;/the/dbm/file</PRE>
-<P>
- This allows relaying from any host (because of the *) to any arbitrary
- domain, provided that the sender's address matches a domain in the list.
-
-</P>
-<P>
- WARNING: This setting makes it possible for your host to be used as an
- open relay by those unscrupulous enough to forge sender addresses. Your
- host may end up on one of the open relay blocking lists as a result.
-
-</P>
-<A NAME="SEC216" HREF="FAQ.html#TOC216">Q0825</A>: I've set <TT>relay_domains</TT> and <TT>sender_address_relay</TT>, but if <B>user@mydomain</B>
- tries sending to an arbitrary domain, Exim rejects it.
-
-
-<P>
-A0825: The safest way to control relaying arbitrary domains is by host, not
- by sender address. If you are able to specify the hosts which your users
- use, then set <TT>host_accept_relay</TT> to match them. You can then remove the
- setting of <TT>sender_address_relay</TT>, unless you also want to limit relaying
- to specific senders.
-
-</P>
-<P>
- If you want to permit relaying from specific senders on arbitrary hosts,
- you can set <TT>relay_match_host_or_sender</TT>. This requires that only one of
- the host or sender address be recognized, instead of both of them.
-
-</P>
-<P>
- WARNING: This setting makes it possible for your host to be used as an
- open relay by those unscrupulous enough to forge sender addresses. Your
- host may end up on one of the open relay blocking lists as a result.
-
-</P>
-<A NAME="SEC217" HREF="FAQ.html#TOC217">Q0826</A>: I set <TT>sender_reject_recipients</TT>, but Exim is not rejecting those
- recipients.
-
-
-<P>
-A0826: You have misunderstood the option. A setting like that rejects <EM>all</EM> the
- recipients of an incoming message with that <EM>sender</EM>. To reject a
- specific recipient in your own domain you can set up an alias like this:
-
-</P>
-<PRE>
- reject-me: :fail: mail for reject-me is not acceptable</PRE>
-<P>
- If you want to reject a recipient that is not in a local domain, one
- approach is to set up a router to send the address to your directors,
- and then use an alias file to generate a :fail: message as above.
- Alternatively, you can use the verification mechanism: see
- <A HREF="FAQ.html#SEC213">Q0822</A>.
-
-</P>
-<A NAME="SEC218" HREF="FAQ.html#TOC218">Q0827</A>: I can't find an option to deny "RCPT TO:" addresses.
-
-
-<P>
-A0827: Denying RCPT TO addresses is the job of verifying. You can set up
- directors and routers that are run only when verifying and not when
- delivering. This gives you a great deal of flexibility. See
- <A HREF="FAQ.html#SEC213">Q0822</A>.
-
-</P>
-<A NAME="SEC219" HREF="FAQ.html#TOC219">Q0828</A>: My problem is that Exim replaces <B>$local_part</B> with an empty string in the
- system filtering. What's wrong or what did I miss?
-
-
-<P>
-A0828: A message may have many recipients. The system filter is run just once
- at the start of a delivery attempt. Consequently, it does not make sense
- to set <B><B>$local_part.</B></B> Which recipient should it be set to? However, you
- can access all the recipients from a system filter via the variable
- called <B><B>$recipients.</B></B>
-
-</P>
-<A NAME="SEC220" HREF="FAQ.html#TOC220">Q0829</A>: Using <B>$recipients</B> in a system filter gives me another problem: how can
- I do a string lookup if <B>$recipients</B> is a list of addresses?
-
-
-<P>
-A0829: Check out section 25 of the filter document ("Testing a list of
- addresses"). If that doesn't help, you may have to resort to calling an
- embedded Perl interpreter - but that is expensive.
-
-</P>
-<A NAME="SEC221" HREF="FAQ.html#TOC221">Q0830</A>: Is there a way to configure Exim to reject mail to a certain local host?
-
-
-<P>
-A0830: No, only to certain domains. Use a configuration like this:
-
-</P>
-<PRE>
- receiver_verify
- local_domains = rejected.domain : <other local domains></PRE>
-<P>
- with the first director as
-
-</P>
-<PRE>
- reject_domains:
- driver = smartuser
- domains = rejected.domain
- verify_only
- fail_verify</PRE>
-<A NAME="SEC222" HREF="FAQ.html#TOC222">Q0831</A>: Exim sometimes rejects messages with bad senders after the DATA and
- sometimes after the MAIL command. What is the difference?
-
-
-<P>
-A0831: The first time Exim encounters a particular bad sender, it rejects the
- message after the data has been received, so that it can log the
- headers. If the same sender re-appears within 24 hours, Exim assumes
- that the remote host has (in violation of RFC 821) not interpreted the
- previous 550 error code correctly, so this time it rejects the MAIL
- command. Some hosts don't even managed to handle that, so if the same
- sender turns up for a third time within 24 hours, Exim accepts MAIL, but
- rejects every RCPT command instead.
-
-</P>
-<A NAME="SEC223" HREF="FAQ.html#TOC223">Q0832</A>: How can I get Exim to remove attachments from messages?
-
-
-<P>
-A0832: (A) The cleanest way is to check for the existence of a "Content-type"
- header line, and route messages containing it down a pipe to some
- other program that strips the attachments and re-submits the message
- to Exim. Alternatively, a transport filter can be used to do the
- job, as described in C028.
-
-</P>
-<P>
- (B) A somewhat more hairy way is to use embedded Perl from a system
- filter to truncate the message's data file directly, and then use
- the "headers remote" filter command to get rid of the associated
- headers.
-
-</P>
-<A NAME="SEC224" HREF="FAQ.html#TOC224">Q0833</A>: I ran a relay test against my host and it failed with an address
- containing a %, though I don't have <TT>percent_hack_domains</TT> set. Is Exim
- broken? This is what the tester said:
-
-
-<PRE>
- Relay test 6
- >>> RSET
- <<< 250 Reset OK
- >>> MAIL FROM:<spamtest@example.com>
- <<< 250 <spamtest@example.com> is syntactically correct
- >>> RCPT TO:<relaytest%mail-abuse.org@example.com>
- <<< 250 <relaytest%mail-abuse.org@example.com> is syntactically correct
- Relay test result
- Uh oh, host appeared to accept a message for relay.
- The host may reject this message internally, however</PRE>
-<P>
-A0833: This does not prove that your host is open for relaying. Notice the
- wording of the last two sentences: "appeared to accept" and "may reject
- internally". Assuming that your Exim configuration is correct, Exim will
- discover that the local part <B>"relaytest%mail-abuse.org"</B> is not valid on
- your host, and it will bounce the message.
-
-</P>
-<P>
- Why doesn't it reject the RCPT TO command? Answer: because you have not
- set <TT>receiver_verify</TT> in your configuration file, or you have excluded
- these particular sender or recipient domains from receiver verification.
-
-</P>
-<A NAME="SEC225" HREF="FAQ.html#TOC225">Q0834</A>: How can I arrange for each user to have a file listing the only sender
- addresses from which she will accept mail? I want to do this so my
- family members don't get any spam (or other inappropriate mail).
-
-
-<P>
-A0834: Arrange for each user you want to control to have a file called
- .acceptlist, ignoring for the moment how this gets maintained. Then,
- turn on <TT>receiver_verify</TT> and make the following your first director:
-
-</P>
-<PRE>
- verify_known_sender:
- driver = smartuser
- require_files = /home/$local_part/.acceptlist
- senders = ! /home/$local_part/.acceptlist
- new_address = :fail: Sender unknown</PRE>
-<P>
- That will stop such messages even getting into your host. (Replace
- <B>/home/$local_part</B> with whatever the correct path to your user's home
- directories is.) As written above, the accept list is interpolated into
- the senders list and can contain wild cards. If there are no wild cards
- and the lists get very long, it would be more efficient to convert them
- into some indexed format, e.g. cdb and use a cdb lookup.
-
-</P>
-<P>
- One problem with this is that it will block bounce messages, which have
- empty senders. You can get round this, by changing the "senders" line to
-
-</P>
-<PRE>
- senders = ! : ! /home/$local_part/.acceptlist</PRE>
-<P>
- However, this will, of course, let in spam that has a null sender. Since
- the "senders" option is expanded, you could perhaps include something
- that tested a message without a sender for being a plausible bounce
- message before including the null sender in the list. Another approach
- would be to use a <TT>condition</TT> option to do various tests, including
- looking up <B>$sender_address</B> in <B><B>/home/$local_part/.acceptlist</B>.</B>
-
-</P>
-<A NAME="SEC226" HREF="FAQ.html#TOC226">Q0835</A>: I have the POP-auth-before-relay support in, but I see that Exim still
- does an RBL lookup before checking the POP authorisation file. How can I
- prevent it doing an RBL check if the caller is authorized by virtue of a
- recent POP authentication?
-
-
-<P>
-A0835: If the file containing a list of recent POP-authenticated hosts is
- <B>/usr/local/etc/exim/popauth</B>, say, set
-
-</P>
-<PRE>
- rbl_hosts = !/usr/local/etc/exim/popauth</PRE>
-<P>
- so that hosts in the list are exempted from RBL checking.
-
-</P>
-<A NAME="SEC227" HREF="FAQ.html#TOC227">Q0836</A>: When using Nessus on a system that runs exim, a number of security
- issues are raised. Nessus complains that exim answers to EXPN and/or
- VRFY; sometimes it even complains that exim allows relaying.
-
-
-<P>
-A0836: Exim supports EXPN only if you permit it to do so by setting
- <TT>smtp_expn_hosts</TT>. Likewise, it supports to VRFY only if you set
- <TT>smtp_verify</TT>. Without these settings, its responses are
-
-</P>
-<PRE>
- 550 EXPN not available
- 252 VRFY not available</PRE>
-<P>
- Maybe the use of 252 is the "problem". It is recommended that this be
- done (by those that discuss these things) because there are stupid
- clients that attempt VRFY before sending a message.
-
-</P>
-<A NAME="SEC228" HREF="FAQ.html#TOC228">Q0837</A>: Could anyone points me to right rules to prevent sending/receiving
- messages to/for domains which have one MX to localhost or only have
- address 127.0.0.1 ?
-
-
-<P>
-A0837: You need to turn on <TT>sender_verify</TT>. With the default configuration, this
- will result in a temporary verification failure for these domains. You
- can make this into a permanent failure by adding
-
-</P>
-<PRE>
- self = fail</PRE>
-<P>
- to your <B>lookuphost</B> router. The default action on encountering a routing
- to the local host is to defer, and freeze the message if it is a
- delivery address. Making this change applies to any routing to the local
- host, not just to 127.0.0.1.
-
-</P>
-<P>
- If you are running Exim release 3.16 or later, an alternative approach
- is to set <TT>ignore_target_hosts</TT> = 127.0.0.1 on the relevant routers.
-
-</P>
-<A NAME="SEC229" HREF="FAQ.html#TOC229">Q0838</A>: How can I lock out domains that do not have any MX records?
-
-
-<P>
-A0838: You can do this by means of the <TT>mx_domains</TT> option, but you should NOT do
- this for Internet domains in general. There are still a large number of
- legitimate domains that do not have MX records.
-
-</P>
-<A NAME="SEC230" HREF="FAQ.html#TOC230">Q0839</A>: I would like to have a per-user limit for the maximum size of messages
- that can be sent.
-
-
-<P>
-A0839: The simplest way to do this is to put something in a system filter along
- these lines:
-
-</P>
-<PRE>
- if $message_size is above
- "${lookup{$sender_address}lsearch{/some/file}{$value}{10M}}"
- then
- fail "Message is larger than $sender_address is allowed to send"
- endif</PRE>
-<A NAME="SEC231" HREF="FAQ.html#TOC231">Q0840</A>: I have set up a DBM (or cdb, or lsearch, or MySQL or whatever) file
- containing a list of IP addresses for the hosts I want to allow to
- relay, but when I set <TT>host_accept_relay</TT> to do a lookup on that data, it
- doesn't work.
-
-
-<P>
-A0840: If you include any kind of lookup in a host list, it will by default
- search on the host <EM>name</EM>, not on the IP address. What you want is
- something like
-
-</P>
-<PRE>
- host_accept_relay = net-dbm;/some/file</PRE>
-<P>
- The prefix net- makes it look up the IP address instead of the name. You
- can also look up IP networks by using entries like
-
-</P>
-<PRE>
- host_accept_relay = net24-dbm;/some/file</PRE>
-<P>
- For a host with IP address 192.168.45.23 this would do the lookup using
- the key "192.168.45.0/24".
-
-</P>
-<BR><H2><A NAME="SEC232" HREF="FAQ.html#TOC232">9. MAJORDOMO
-
-</A></H2>
-<A NAME="SEC233" HREF="FAQ.html#TOC233">Q0901</A>: How do I set up Majordomo to work with Exim?
-
-
-<P>
-A0901: Users have found several ways of setting up Exim for use with Majordomo.
- There's a web page at
-
-</P>
-<PRE>
- <A HREF="http://www.netmaster.ca/exim/majordomo.html">http://www.netmaster.ca/exim/majordomo.html</A></PRE>
-<P>
- which shows one way to do it, and discusses some of the issues. The
- sample configuration C018 is another approach which automates a lot of
- the functions based on whether the files or directories exist. Only
- three aliases per list are needed.
-
-</P>
-<P>
- Somewhere in the Majordomo docs or FAQ it mentions using batchmail or
- other additional programs to improve the performance of large lists.
- They are not needed with Exim, and their use can actually make things
- worse. However, it's a good idea to set <TT>remote_max_parallel</TT> to a value
- greater than 1 in the Exim configuration.
-
-</P>
-<A NAME="SEC234" HREF="FAQ.html#TOC234">Q0902</A>: I have set <B>$mailer</B> in <B>majordomo.cf,</B> but it still isn't setting the
- sender correctly in the messages it sends.
-
-
-<P>
-A0902: Make sure you have got the quoting correct in the <B>$mailer</B> setting. For
- example,
-
-</P>
-<PRE>
- $mailer = "$sendmail_command -oi -oee -f$sender\@lists.mydomain.de";</PRE>
-<P>
- is not correct. It needs three backslashes, not one, and the $ at the
- start of <B>$sender</B> has to be escaped with a backslash.
-
-</P>
-<A NAME="SEC235" HREF="FAQ.html#TOC235">Q0903</A>: I'm trying to set up majordomo, but I'm getting a "wrong mode" error
- when I try to send it mail. The panic log entry reads:
-
-
-<PRE>
- 1999-01-05 11:23:34 0zxZGY-0000vB-00 majordomo_aliases director:
- /var/lib/majordomo/lists/lists.aliases (lsearch lookup): wrong mode</PRE>
-<P>
-A0903: Check the mode of <B><B>/var/lib/majordomo/lists/lists.aliases</B></B> and compare it
- with the setting of the modemask option in the <TT>majordomo_aliases</TT>
- director. This option specifies bits which must not be set for the alias
- file, and it defaults to 022.
-
-</P>
-<A NAME="SEC236" HREF="FAQ.html#TOC236">Q0904</A>: I'm getting return code 9 from <B><B>/home/majordomo/majordomo-1.94.4/wrapper</B></B>
- when it is passed a message from Exim.
-
-
-<P>
-A0904: A problem like this turned out to be the Perl version that came with
- RedHat 5.2. Rebuilding Perl 5.005x solved it.
-
-</P>
-<A NAME="SEC237" HREF="FAQ.html#TOC237">Q0905</A>: Exim is complaining about an invalid command line when Majordomo tries
- to send it a message for delivery.
-
-
-<P>
-A0905: Take a look at your <B>majordomo.cf</B> file, It should have something that
- looks like
-
-</P>
-<PRE>
- $sendmail_command = "/usr/lib/sendmail";</PRE>
-<P>
- and another line like
-
-</P>
-<PRE>
- $mailer = "$sendmail_command -oi -oee -f\$sender";</PRE>
-<P>
- If you have modified resend (one of the majordomo programs) to use
- <B>$sendmail_command</B> instead of <B>$mailer</B> you will be calling Exim with no
- command line arguments.
-
-</P>
-<BR><H2><A NAME="SEC238" HREF="FAQ.html#TOC238">10. REWRITING ADDRESSES
-
-</A></H2>
-<A NAME="SEC239" HREF="FAQ.html#TOC239">Q1001</A>: How can I get Exim to strip the hostname from the sender's address?
-
-
-<P>
-A1001: If you set up a rewriting rule in the following form:
-
-</P>
-<PRE>
- *@*.your.domain $1@your.domain</PRE>
-<P>
- then Exim will rewrite all addresses in the envelope and the headers,
- removing anything between "@" and <B>"your.domain".</B> This applies to all
- messages that Exim processes. If you want to rewrite sender addresses
- only, the the rule should be
-
-</P>
-<PRE>
- *@*.your.domain $1@your.domain Ffrs</PRE>
-<P>
- This applies the rule only to the envelope "From" address and to the
- From:, Reply-to:, and Sender: headers.
-
-</P>
-<A NAME="SEC240" HREF="FAQ.html#TOC240">Q1002</A>: I have Exim configured to remove the hostname portion of the domain on
- outgoing mail, and yet the hostname is present when the mail gets
- delivered.
-
-
-<P>
-A1002: Check the DNS record for your domain. If the MX record points to a CNAME
- record instead of to an A record, MTAs are liable to rewrite addresses,
- changing your domain name to its "canonical" form, as obtained from the
- CNAME record.
-
-</P>
-<A NAME="SEC241" HREF="FAQ.html#TOC241">Q1003</A>: I want to rewrite local addresses in mail that goes to the outside
- world, but not for messages that remain within the local intranet.
-
-
-<P>
-A1003: Exim wasn't really designed to handle this kind of split world, and
- doing this is not entirely straightforward.
-
-</P>
-<P>
- (A) If you are running version 3.20 or later, you can use the
- <TT>headers_rewrite</TT> option on a transport. This will apply to just those
- copies of a message that pass through the transport. The <TT>return_path</TT>
- option can similarly be used to rewrite the sender address, but there is
- no way of rewriting recipient addresses at transport time. However, as
- these are by definition remote addresses, you probably don't want to
- rewrite them.
-
-</P>
-<P>
- You have to set up the configuration so that it uses different SMTP
- transports for internal and external mail. Typically this would be done
- by setting the <TT>domains</TT> option on a router for handling your internal
- domains. However, if all domains are routed in the same way (for
- example, using a DNS lookup), another approach is to use a string
- expansion for the transport name. For example:
-
-</P>
-<PRE>
- lookuphost:
- driver = lookuphost
- transport = ${if match{$domain}{\\.my\\.domain\$}{int_smtp}{ext_smtp}}</PRE>
-<P>
- This example uses the <TT>int_smtp</TT> transport for domains ending in
- .<B>my.domain,</B> and <TT>ext_smtp</TT> for everything else. The <TT>ext_smtp</TT> transport
- could be something like this:
-
-</P>
-<PRE>
- ext_smtp:
- driver = smtp
- headers_rewrite = *@*.my.domain \
- ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}
- return_path = \
- ${if match{$return_path}{^([^@]+)@(.*)\\.my\\.domain\$}\
- {\
- ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}\
- }\
- fail}</PRE>
-<P>
- This example uses a separate file of local-to-external address
- translations for each domain. This is not the only possibility, of
- course. The <TT>headers_rewrite</TT> and <TT>return_path</TT> options apply the same
- rewriting to the header lines and the envelope sender address,
- respectively.
-
-</P>
-<P>
- (B) If you are running a version of Exim that is earlier than 3.20,
- doing this kind of rewriting is very much more difficult. Until the
- <TT>headers_rewrite</TT> option was added, all header rewriting was done at the
- time a message was received. A standard configuration cannot handle
- rewriting that is specific to certain recipients only.
-
-</P>
-<P>
- The simplest thing to do is to upgrade to the latest current Exim
- release. For those that cannot do that, this old information from the
- <B>pre-3.20</B> FAQ is retained:
-
-</P>
-<P>
- The trick is to split off a copy of the message to be sent to all
- external recipients, and do the rewriting on that. This can be achieved
- by running two differently-configured versions of Exim, either on a
- single host, or on two different hosts. If you have a gateway or
- firewall machine, that is the natural place to run the rewriting
- version.
-
-</P>
-<P>
- On a single machine, the following is one way of handling this:
-
-</P>
-<P>
- (1) Set up the normal configuration (in the configuration file whose
- name is screwed into the binary) such that it does local deliveries
- as required, but forwards a copy of the message for non-local
- recipients to a different incarnation of Exim via a private SMTP
- port. For example, use this transport and router:
-
-</P>
-<PRE>
- # Transport to send SMTP using port 26
- internal_smtp:
- driver = smtp
- service = 26</PRE>
-<PRE>
- # Router to send everything the internal_smtp transport
- pass_remotes:
- driver = domainlist
- transport = internal_smtp
- route_list = * localhost byname
- self = send</PRE>
-<P>
- This should be the only router. Because of the <TT>self = send</TT>
- setting, Exim will transport the messages, even though it knows it
- is going to the local host.
-
-</P>
-<P>
- (2) Set up a different configuration file for the rewriting version of
- Exim. This need do no local deliveries, so it needs no local
- domains or directors, and as it accepts mail only from the local
- host, there is no need for any spam-blocking or other policy
- controls. However, it does need to have its own spool area. The main
- part of the configuration could be like this:
-
-</P>
-<PRE>
- local_domains =
- local_interfaces = 127.0.0.1
- host_reject = !127.0.0.1
- spool_directory = /var/spool/exim-external
- end</PRE>
-<P>
- Note the use of a negated item for <TT>host_reject</TT>, causing rejection of
- SMTP calls from all but the local host.
-
-</P>
-<P>
- The directors section can be completely empty (apart from the line
- saying "end"), while the routers section should be as in a normal
- configuration, as it is going to control external delivery.
-
-</P>
-<P>
- The rule(s) for rewriting your internal addresses into external ones
- should be in this configuration. This is one example of what might
- be done:
-
-</P>
-<PRE>
- *@*.your.domain "\
- ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}"</PRE>
-<P>
- which looks up each local part in a per-host file to obtain the
- externally-visible address, including (in this example) the domain.
-
-</P>
-<P>
- (3) You have to arrange for a daemon to be listening on port 26, and to
- be using the alternate configuration file. It is necessary to do
- this as root so that Exim retains its privilege after reading a
- non-standard configuration. A command such as
-
-</P>
-<PRE>
- exim -C /etc/exim-configure2 -bd -oX 26</PRE>
-<P>
- could be used in a suitable system start-up file. Alternatively you
- could set up <B>inetd</B> to run Exim with the <B>-C</B> option for incoming
- connections on port 26.
-
-</P>
-<P>
- The net result of all of this is that when a message has one or more
- external recipients, a copy of it is sent via port 26 to the second
- version of Exim, which rewrites any internal addresses and does the
- external deliveries. The cost of this is that the message has to be
- copied and spooled twice, and you have two different Exim queues to
- manage. Note that if the "external" Exim has to send a delivery failure
- message, it will use the rewritten sender address.
-
-</P>
-<A NAME="SEC242" HREF="FAQ.html#TOC242">Q1004</A>: I'm using this rewriting rule to change login names into "friendly"
- names, but if mail comes in for an upper case login name, it doesn't
- get rewritten.
-
-
-<PRE>
- *@my.domain ${lookup{$1}dbm{/usr/lib/exim/longforms}\
- {$value}fail}@my.domain bcfrtFT</PRE>
-<P>
- The longforms database has entries of the form:
-
-</P>
-<PRE>
- ano23: A.N.Other</PRE>
-<P>
-A1004: Replace <B>$1</B> in your rule by <B>${lc:$1}</B> to force the local part to lower
- case before it is used as a lookup key.
-
-</P>
-<A NAME="SEC243" HREF="FAQ.html#TOC243">Q1005</A>: Is it possible to completely fail a message if the rewrite rules fail?
-
-
-<P>
-A1005: It depends on what you mean by "fail a message" and what addresses you
- are rewriting. If you are rewriting recipient addresses for your local
- domain, you can do:
-
-</P>
-<PRE>
- *@dom.ain ${lookup{$1}dbm{/wher/ever}{$value}{failaddr}} Ehq</PRE>
-<P>
- and in your alias file put something like
-
-</P>
-<PRE>
- failaddr: :fail: Rewriting failed.</PRE>
-<P>
- This fails a single recipient - others are processed independently.
-
-</P>
-<A NAME="SEC244" HREF="FAQ.html#TOC244">Q1006</A>: I'm using <B>$domain</B> as the key for a lookup in a rewriting rule, but its
- contents are not being lowercased. Aren't domains supposed to be handled
- caselessly?
-
-
-<P>
-A1006: The value of <B>$domain</B> is the actual domain that appears in the address.
- It could of course be lower cased, but I know that would cause some
- unhappiness, because some people have mixed-case domain names which look
- silly if the case is changed. Thus, one wants to preserve the case in
- rewrites such as
-
-</P>
-<PRE>
- *@*.TheRap.com <something>@$domain</PRE>
-<P>
- (not the best example) because "therap" doesn't look like two words. I
- know it seems trivial, but it is important to some people - especially
- if by some unfortunate accident the lowercased word is something
- indecent.
-
-</P>
-<P>
- You can trivally force lower casing by means of the <B>${lc:</B> operator.
- Instead of "$domain" write "${lc:$domain}".
-
-</P>
-<A NAME="SEC245" HREF="FAQ.html#TOC245">Q1007</A>: I want to rewrite local sender addresses depending on the domain of the
- recipient.
-
-
-<P>
-A1007: In general, this is not possible, because a message may have more than
- one recipient and Exim keeps just a single copy of each message. It may
- also deliver one copy of a message with several recipient addresses.
- You can do an incomplete job by using a regular expression match in a
- rewrite rule to test, for example, the contents of the To: header. This
- would work except in cases of multiple recipients. See also
- <A HREF="FAQ.html#SEC241">Q1003</A>.
-
-</P>
-<BR><H2><A NAME="SEC246" HREF="FAQ.html#TOC246">11. HEADERS
-
-</A></H2>
-<A NAME="SEC247" HREF="FAQ.html#TOC247">Q1101</A>: I would like add some custom headers to selected outgoing mail based on
- a specific domain and the subject line.
-
-
-<P>
-A1101: To the <TT>remote_smtp</TT> transport, add something like
-
-</P>
-<PRE>
- headers_add = "${if and{\
- {eq{$domain}{spec.dom}}\
- {matches{$h_subject:}{whatever}}}\
- {Content-Type: text/html; charset=\"us-ascii\"} fail }"</PRE>
-<P>
- This example shows a Content-Type header, but you can have anything you
- like, and multiple headers can be inserted by using \n to separate them.
-
-</P>
-<A NAME="SEC248" HREF="FAQ.html#TOC248">Q1102</A>: Is it possible to have Exim add a header to only certain <TT>local_parts</TT> of
- outgoing mail?
-
-
-<P>
-A1102: Only if you arrange for each such local part to receive its own private
- copy of the mail. See <TT>max_rcpt</TT> in the SMTP transport. Then you could use
- conditions in an expansion string to add or not add a header.
-
-</P>
-<A NAME="SEC249" HREF="FAQ.html#TOC249">Q1103</A>: How can I remove some part of the Received: header?
-
-
-<P>
-A1103: Set <TT>received_header_text</TT>.
-
-</P>
-<A NAME="SEC250" HREF="FAQ.html#TOC250">Q1104</A>: How I can insert the PGP header line using exim filters?
-
-
-<P>
-A1104: You can't insert headers in a user filter. A system filter can do so,
- but the inserted lines then are included for all recipients.
-
-</P>
-<A NAME="SEC251" HREF="FAQ.html#TOC251">Q1105</A>: I know I can use a system filter to replace certain headers in messages,
- but how can I add text to existing headers? I want to add [SPAM] to
- the subject line of messages that appear to be spam.
-
-
-<P>
-A1105: You can only do this in a round about way, using filter commands like
- this:
-
-</P>
-<PRE>
- headers add "New-Subject: SPAM: $h_subject:"
- headers remove subject
- neaders add "Subject: $h_new-subject:"
- headers remove new-subject</PRE>
-<P>
- This trick works only in system filters, where the commands are obeyed
- in order, and affect the master list of headers that apply to the whole
- message. You cannot do this with the <TT>headers_add</TT> and <TT>headers_remove</TT>
- options on drivers.
-
-</P>
-<BR><H2><A NAME="SEC252" HREF="FAQ.html#TOC252">12. FETCHMAIL
-
-</A></H2>
-<A NAME="SEC253" HREF="FAQ.html#TOC253">Q1201</A>: When I run fetchmail, I get the error "SMTP listener doesn't like
- recipient address <B><I>xxx</I>@localhost</B>".
-
-
-<P>
-A1201: Put "localhost" in a list of local domains, that is, add it to the
- <TT>local_domains</TT> option in your Exim configuration file.
-
-</P>
-<A NAME="SEC254" HREF="FAQ.html#TOC254">Q1202</A>: Fetchmail is passing on bounce messages to Exim with the sender address
- set to <B><B><@some.domain</B>></B> which causes Exim to complain, because there is no
- local part.
-
-
-<P>
-A1202: This was a fetchmail problem which has been fixed. Ideally, you should
- upgrade to the current fetchmail release. If you cannot do this, there
- is some Exim magic that might help. The 'S' rewriting flag allows
- rewriting of envelope addresses to be done as soon as they are received
- in the SMTP protocol, before any kind of checking or other processing is
- done. This is specifically provided for installations that have to cope
- with mangled addresses coming in over SMTP.
-
-</P>
-<A NAME="SEC255" HREF="FAQ.html#TOC255">Q1203</A>: I'm currently using Exim with fetchmail and I'd like to use the RBL on
- Exim, but will it work? Do I need to configure fetchmail any particular
- way? As far as Exim knows, all mail is coming from 127.0.01. Will it
- check the source address against RBL? Or will it check the From: header?
-
-
-<P>
-A1203: It will check 127.0.0.1 (not very useful). The point of the RBL is to
- keep messages from black-listed hosts out of your machine. If you are
- using fetchmail, you have got the messages into your machine before you
- approach Exim. That kind of defeats the purpose of the RBL. The right
- way to do this would be for the host from which you fetchmail to do the
- RBL checking and insert some kind of warning header for you to test, as
- Exim does if you run RBL checks in warning mode.
-
-</P>
-<BR><H2><A NAME="SEC256" HREF="FAQ.html#TOC256">13. PERL
-
-</A></H2>
-<A NAME="SEC257" HREF="FAQ.html#TOC257">Q1301</A>: Exim built with Perl support exits with the error message <B>"./exim:</B> can't
- load library <B>'libperl.so'".</B>
-
-
-<P>
-A1301: If you are using BSDI, see
- <A HREF="FAQ.html#SEC324">Q9401</A>.
-
-</P>
-<A NAME="SEC258" HREF="FAQ.html#TOC258">Q1302</A>: Exim built with Perl support exits with several error messages of the
- form "undefined reference to `PL_stack_sp'".
-
-
-<P>
-A1302: This has been seen on FreeBSD systems that had two different versions of
- Perl installed, the older with an <B>a.out</B> library and the newer with an
- ELF library. Ensure that the older package is removed.
-
-</P>
-<BR><H2><A NAME="SEC259" HREF="FAQ.html#TOC259">14. DIAL-UP
-
-</A></H2>
-<A NAME="SEC260" HREF="FAQ.html#TOC260">Q1401</A>: How can I arrange for mail to other hosts on my local network to be
- delivered when I'm not connected to the Internet?
-
-
-<P>
-A1401: Use the <TT>queue_remote_domains</TT> option to control which domains are held
- on the queue for later delivery. For example,
-
-</P>
-<PRE>
- queue_remote_domains = ! *.localnet</PRE>
-<P>
- allows delivery to domains ending in .localnet, while queueing all the
- others.
-
-</P>
-<A NAME="SEC261" HREF="FAQ.html#TOC261">Q1402</A>: I have a dial-up machine, and I use the <TT>queue_smtp_domains</TT> option so
- that remote mail only goes out when I do a queue run. However, any email
- I send with an address <B><B><anything>@aol.com</B></B> is returned within about 15
- minutes saying 'retry time exceeded', and all addresses are affected.
-
-
-<P>
-A1402: (A) You should be using <TT>queue_remote_domains</TT> rather than <TT>queue_smtp_</TT>
- domains. With the latter, Exim is trying to route the addresses, which
- involves a DNS lookup. This is presumably timing out, causing a retry
- time to be set for the domain, and somehow a valid lookup never happened
- before the maximum retry time (default of 4 days) passed. Hence the
- bounce. The fact that it is <B>aol.com</B> is not relevant. You should probably
- also be using <B>-qq</B> to do your queue run rather than <B><B>-q.</B></B>
-
-</P>
-<P>
- (B) An alternative approach if you are sending all your outgoing mail to
- the same smart host is to use a single router like this:
-
-</P>
-<PRE>
- route_append:
- driver = domainlist
- transport = remote_smtp
- route_list = "* smarthost.isp.net byname"</PRE>
-<P>
- and put the address of the smart host in <B>/etc/hosts</B>, so that it can be
- found without the need of a DNS lookup. Then you can use <TT>queue_smtp_</TT>
- domains so that Exim does the routing for every message, but doesn't try
- to deliver it. See also
- <A HREF="FAQ.html#SEC262">Q1403</A>.
-
-</P>
-<A NAME="SEC262" HREF="FAQ.html#TOC262">Q1403</A>: How should Exim be configured when it is acting as a temporary storage
- system for a domain on a dial-up host?
-
-
-<P>
-A1403: Exim isn't really designed for this, but... The lowest-numbered MX
- record for the domain should be pointing to your host. You should set a
- large retry time for that domain, so that Exim doesn't keep trying to
- deliver when the host is offline. When the host comes online, the
- waiting messages have to be kicked somehow. This can be done by calling
- Exim with the <B>-R</B> option, or via the SMTP ETRN command. This works
- provided the number of messages is low. If you are handling lots of
- mail, keeping messages waiting for their host to connect and those that
- are having delivery problems to remote hosts all in the same queue
- doesn't work so well. It is better in this case to get Exim to deliver
- the mail for the dial-in hosts into some local files which then get
- transmitted by other software when the host connects. See the manual
- chapter entitled "Intermittently connected hosts" and also
- <A HREF="FAQ.html#SEC283">Q5014</A> and
-
- <A HREF="FAQ.html#SEC162">Q0521</A>.
-
-</P>
-<A NAME="SEC263" HREF="FAQ.html#TOC263">Q1404</A>: I have <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT> set, and use <B>-qf</B> to
- force delivery of waiting mail when I dial in. How can I arrange for any
- new messages that arrive while I'm connected to be delivered immediately?
-
-
-<P>
-A1404: (A) Instead of <TT>queue_remote_domains</TT> or <TT>queue_smtp_domains</TT>, use the
- <TT>queue_only_file</TT> option. This causes messages to be queued only if a
- particular file exists. The word "remote" or "smtp" before the file name
- controls which type of queueing is used. For example:
-
-</P>
-<PRE>
- queue_only_file = remote/etc/present/when/not/connected</PRE>
-<P>
- Then, in the scripts which are run when you connect and disconnect,
- arrange to remove the file after connection, and create it just before
- disconnection.
-
-</P>
-<P>
- (B) An alternative is to set <TT>hold_domains</TT> to point to a file lookup and
- switch that file appropriately.
-
-</P>
-<BR><H2><A NAME="SEC264" HREF="FAQ.html#TOC264">15. MODIFYING MESSAGE BODIES
-
-</A></H2>
-<A NAME="SEC265" HREF="FAQ.html#TOC265">Q1501</A>: How can I add a disclaimer or an advertisement to a message?
-
-
-<P>
-A1501: There are a number of technical and potential legal problems that arise
- in connection with message modification. Some of them are listed below.
- If, despite these considerations, you still want to modify messages, you
- can do so using Exim, but not directly in Exim itself. It is not the job
- of an MTA to modify messages, something that requires understanding of
- their content and format.
-
-</P>
-<P>
- Exim provides a hook in the form of a "transport filter" that lets you
- pass any outgoing message through a program or script of your choice. It
- is the job of this script to make any changes to the message that you
- require. By this means, you have full control over what changes are
- made, and Exim does not need to know anything about message bodies.
- However, using a transport filter requires additional resources, and may
- slow down mail delivery.
-
-</P>
-<P>
- You can use Exim's directors and routers to arrange for those messages
- that you want to modify to be delivered via a transport filter. For
- example, suppose you want to do this for messages from addresses in
- your domain that are being delivered to a remote host. Place the
- following router before the standard <B>lookuphost</B> router:
-
-</P>
-<PRE>
- filter_remote:
- driver = lookuphost
- transport = remote_smtp_filter
- condition = ${if eq {$sender_address_domain}{your.domain}{yes}{no}}</PRE>
-<P>
- This routes the relevant addresses to a transport called
- <TT>remote_smtp_filter</TT>. Other addresses fall through to the normal router,
- and are routed to the standard <TT>remote_smtp</TT> transport. Another way to do
- this would be to use a single router, with an expanded string for the
- transport setting. The new transport is defined thus:
-
-</P>
-<PRE>
- remote_smtp_filter:
- driver = smtp
- transport_filter = /your/filter/command</PRE>
-<P>
- The entire message is passed to your filter command on its standard
- input. It must write the modified version to the standard output, taking
- care not to break the RFC 822 syntax. The command is run as the Exim
- user, if one is defined; otherwise it is run as root.
-
-</P>
-<P>
- There are a number of potential problems in doing this kind of
- modification in an MTA. Many people believe that to attempt is it wrong,
- because:
-
-</P>
-<P>
- 1. It breaks digital signatures, which are becoming legally binding
- in some countries (already in the UK, likely to be 1 October 2000 in
- the USA). It may well also break encryption.
-
-</P>
-<P>
- 2. It is likely to break MIME encoding, that is, it is likely to wreck
- attachments, unless great care is taken. And what about the case of a
- message containing only binary MIME parts?
-
-</P>
-<P>
- 3. It is illegal under German and Dutch law to change the body of
- a mail message in transit. It might potentially be illegal in
- the UK under European law. This consideration applies to ISPs and
- other "common carriers". It would presumably not apply in a corporate
- environment where modification was done only to messages originating
- from the employees, before they left the company's network. It might
- also not apply if the senders have explicitly given their consent
- (e.g. agreed to have advertisements added to their incoming mail).
-
-</P>
-<P>
- 4. Since the delivered message body was produced by the MTA (not the
- originator, because it was modified), the MTA operator could
- potentially be sued for any content. This again applies to "common
- carrier" MTAs. It's interesting that adding a disclaimer of liability
- could be making you liable for the message, but this case seems
- more likely to involve adding advertisements than disclaimers. After
- all, no postal service in the world opens all the mail it carries to
- add disclaimers.
-
-</P>
-<P>
- 5. Some mail clients (old versions of MS outlook) crash if the message
- body of an incoming MIME message has been tampered with.
-
-</P>
-<P>
- There are also potential problems that could arise if a scheme to add
- disclaimers goes wrong for some messages:
-
-</P>
-<P>
- 1. False negatives: "Ah, this guy usually says he does not represent
- their views, but in this message he doesn't have the disclaimer".
-
-</P>
-<P>
- 2. False positives: "This official announcement does not represent our
- views, oh no".
-
-</P>
-<P>
- An alternative approach to the disclaimer problem would be to insist
- that all relevant messages have the disclaimer appended by the MUA. The
- MTA should refuse to accept any that do not. Again, however, the MTA
- must understand the format of messages in order to do this. Simply
- checking for appropriate wording at the end of the body is not good
- enough. It would probably be necessary to run a Perl script from within
- an Exim system filter in order to adopt this approach.
-
-</P>
-<P>
- Finally, it's a trivial matter to add customized headers of the sort:
-
-</P>
-<PRE>
- X-Disclaimer: This is a standard disclaimer that says that the views
- X-Disclaimer: contained within this message are somebody elses.</PRE>
-<P>
- which is a much easier alternative to modifying message bodies.
-
-</P>
-<A NAME="SEC266" HREF="FAQ.html#TOC266">Q1502</A>: How can I remove attachments from messages?
-
-
-<P>
-A1502: The answer to this is essentially the same as for
- <A HREF="FAQ.html#SEC265">Q1501</A>.
-
-</P>
-<BR><H2><A NAME="SEC267" HREF="FAQ.html#TOC267">20. MILLENNIUM
-
-</A></H2>
-<A NAME="SEC268" HREF="FAQ.html#TOC268">Q2000</A>: Are there any Y2K issues with Exim?
-
-
-<P>
-A2000: The author of Exim believes that it is Y2K-compliant, as long as the
- underlying operating system and C library are. Exim does not parse dates
- or times at all. Internally, it makes some use of binary timestamps in
- Unix format (number of seconds since 1-Jan-1970) and uses C library
- services to convert these to printing forms (e.g. for logging). The
- printing forms all use 4-digit years. Some people have tried various
- tests. No problems have been reported, but details of what tests have
- been done are not available.
-
-</P>
-<P>
- Well, it's now August 2000, and no Y2K problems have been reported, so
- it looks like I was right.
-
-</P>
-<BR><H2><A NAME="SEC269" HREF="FAQ.html#TOC269">50. MISCELLANEOUS
-
-</A></H2>
-<A NAME="SEC270" HREF="FAQ.html#TOC270">Q5001</A>: What does the error "Unable to get interface configuration: 22 Invalid
- argument" mean?
-
-
-<P>
-A5001: This is an error that occurs when Exim is trying to find out the all the
- IP addresses on all of the local host's interfaces. If you have lots of
- virtual interfaces, this can occur if there are more than around 250 of
- them. The solution is to set the option <TT>local_interfaces</TT> to list just
- those IP addresses that you want to use for making and receiving SMTP
- connections.
-
-</P>
-<A NAME="SEC271" HREF="FAQ.html#TOC271">Q5002</A>: How can I arrange to allow a limited set of users to perform a limited
- set of Exim administration functions? I don't want to put them all in
- the exim group.
-
-
-<P>
-A5002: See <B><A HREF="http://www.chiark.greenend.org.uk/~ian/userv/.">http://www.chiark.greenend.org.uk/~ian/userv/.</A></B> Using userv you can
- arrange (for example) for certain users to be able to invoke mailq or
- runq or other preset commands as exim (or any other user, as configured)
- with only userv configuration. If you want to check the particular Exim
- options available you can easily do it with shell or Perl scripts and
- userv configuration, and provided you know how to do argument
- `unparsing' properly in shell or Perl it will be secure.
-
-</P>
-<A NAME="SEC272" HREF="FAQ.html#TOC272">Q5003</A>: How can I test for a message's size being greater or less than a given
- value in an expansion string?
-
-
-<P>
-A5003: This isn't straightforward in versions of Exim prior to 2.10, because
- there were no arithmetic operators in expansion strings. In version
- 2.10 or later you can write, straightforwardly,
-
-</P>
-<PRE>
- ${if > {$message_size}{10K} {yes} {no}}</PRE>
-<P>
- In earlier versions, low cunning can be used to achieve certain
- kinds of test. For example, to test if the message size is less than
- or equal to 1000000:
-
-</P>
-<PRE>
- ${if eq{${expand:\$\{substr_-1000000_$message_size:x\}}} {} {yes} {no}}</PRE>
-<A NAME="SEC273" HREF="FAQ.html#TOC273">Q5004</A>: I want to "tail" the Exim log, but I have a number of other logs I also
- want to "tail", and the number of tailing windows is getting to be a
- nuisance.
-
-
-<P>
-A5004: Look for a program called 'xtail' (despite its name, it's not an
- X-windows application). It allows you to do multiple tails, even of
- entire directories.
-
-</P>
-<A NAME="SEC274" HREF="FAQ.html#TOC274">Q5005</A>: I would like to have Exim log information written to syslog.
-
-
-<P>
-A5005: Support for this is available from version 3.10 onwards.
-
-</P>
-<A NAME="SEC275" HREF="FAQ.html#TOC275">Q5006</A>: What does the error "Failed to create spool file" mean?
-
-
-<P>
-A5006: Exim has been unable to create a file in its spool area in which to
- store an incoming message. This is most likely to be either a
- permissions problem in the file hierarchy, or a problem with the uid
- under which Exim is running, though it could be something more drastic
- such as your disc being full. Check that you have defined the spool
- directory correctly by running
-
-</P>
-<PRE>
- exim -bP spool_directory</PRE>
-<P>
- and examining the output. Check the mode of this directory. It should
- look like this, assuming you are running Exim as user `exim':
-
-</P>
-<PRE>
- drwxr-x--- 6 exim exim 512 Jul 16 12:29 /var/spool/exim</PRE>
-<P>
- If there are any subdirectories already in existence, they should have
- the same permissions, owner, and group. Check also that you haven't got
- incorrect permissions on superior directories (for example, <B>/var/spool</B>).
- Check that you have set up the exim binary to be setuid root. It should
- look like this:
-
-</P>
-<PRE>
- -rwsr-xr-x 1 root xxx 502780 Jul 16 14:16 exim</PRE>
-<P>
- Note that it is not just the owner that must be root, but also the third
- permission must be "s" rather than "x".
-
-</P>
-<A NAME="SEC276" HREF="FAQ.html#TOC276">Q5007</A>: Exim keeps crashing with segmentation errors (signal 11 or 139).
-
-
-<P>
-A5007: This might be a problem with the db library. See
- <A HREF="FAQ.html#SEC146">Q0505</A>.
-
-</P>
-<A NAME="SEC277" HREF="FAQ.html#TOC277">Q5008</A>: Exim's databases keep getting corrupted.
-
-
-<P>
-A5008: See
- <A HREF="FAQ.html#SEC146">Q0505</A>.
-
-</P>
-<A NAME="SEC278" HREF="FAQ.html#TOC278">Q5009</A>: I've been using an autoreply director to try and mimic a bounce message,
- but I can't get it to have an envelope from of <>.
-
-
-<P>
-A5009: You haven't, by any chance, put "exim" in the list of <TT>never_users</TT>, have
- you?
-
-</P>
-<A NAME="SEC279" HREF="FAQ.html#TOC279">Q5010</A>: I see entries in the log that mention two different IP addresses for the
- same connection. Why is this? For example:
-
-
-<PRE>
- H=tip-mp8-ncs-13.stanford.edu ([36.173.0.189]) [36.173.0.156]</PRE>
-<P>
-A5010: The actual IP address from which the call came is the final one.
- Whenever there's something in parentheses in a host name, it is what the
- host quoted as the domain part of an SMTP HELO or EHLO command. So in
- this case, the client, despite being 36.173.0.156, issued the command
-
-</P>
-<PRE>
- HELO [36.173.0.189]</PRE>
-<P>
- when it sent your server the message. This is, of course, very
- misleading.
-
-</P>
-<A NAME="SEC280" HREF="FAQ.html#TOC280">Q5011</A>: How can I persuade Exim to accept ETRN commands without the leading
- # character?
-
-
-<P>
-A5011: Set the option
-
-</P>
-<PRE>
- smtp_etrn_command = /usr/lib/sendmail -R $domain</PRE>
-<P>
- This causes Exim to run that command, with <B>$domain</B> replaced by the
- argument of ETRN. The default action of Exim is to require the # sign
- in order to be RFC-compliant, and to run the equivalent of
-
-</P>
-<PRE>
- smtp_etrn_command = /usr/lib/sendmail -R ${substr_1:$domain}</PRE>
-<P>
- which uses the argument without the leading # as the value for the <B>-R</B>
- option. You aren't restricted to running Exim with the <B>-R</B> option, of
- course. You can specify any command you like, with any number of
- arguments. In particular, you can pass over the IP address of the caller
- via <B><B>$sender_host_address.</B></B> However, if you make use of expansion strings
- in the arguments, each one must be entirely contained in a single
- argument. For example, if you want to remove the first character of the
- ETRN argument when it is @ or #, you could use
-
-</P>
-<PRE>
- smtp_etrn_command = "/usr/lib/sendmail -R \
- \"${if match {$domain}{^[@#]}{${substr_1:$domain}}{$domain}}\""</PRE>
-<P>
- The internal quotes are necessary because of the white space inside the
- expansion string.
-
-</P>
-<P>
- If you use <TT>smtp_etrn_command</TT> to run something other than Exim with the
- <B>-R</B> option, you must disable <TT>smtp_etrn_serialize</TT>, because otherwise the
- serialization lock (which is set by default) never gets removed.
-
-</P>
-<A NAME="SEC281" HREF="FAQ.html#TOC281">Q5012</A>: I've recently noticed that emails I send with a Bcc: line are being
- delivered to their final destination with the Bcc: line still present.
-
-
-<P>
-A5012: Exim removes Bcc lines only if you call it with the <B>-t</B> option (i.e.
- when it is acting partly as an MUA). It does not remove Bcc lines that
- are present in incoming SMTP mail or command-line mail that does not
- use <B><B>-t.</B></B> Indeed, it should not remove them. From RFC 822:
-
-</P>
-<P>
- 5.3. BCC / RESENT-BCC
-
-</P>
-<P>
- This field contains the identity of additional recipients of the
- message. The contents of this field are not included in copies of the
- message sent to the primary and secondary recipients. Some systems may
- choose to include the text of the "Bcc" field only in the author(s)'s
- copy, while others may also include it in the text sent to all those
- indicated in the "Bcc" list.
-
-</P>
-<P>
- Only the initiating software (i.e. the MUA) can tell what to do with
- Bcc; any MTA software has to leave it alone.
-
-</P>
-<A NAME="SEC282" HREF="FAQ.html#TOC282">Q5013</A>: I used gv <B>v3.5.8</B> (ghostview) to try printing <B>spec.ps.</B> After every
- printed page, the printer ejects a blank sheet. Is this something to do
- with using "letter" rather than A4 paper?
-
-
-<P>
-A5013: This seems to be an effect of using ghostview. Although the PostScript
- is generated for A4 pages, the size of the page images is such that they
- should fit on a letter page (they are shorter than would normally be
- used on A4 paper). If the PostScript file is sent directly to a
- PostScript printer, there is no problem. An alternative is to get hold
- of the "psutils" toolset, which is available from
-
-</P>
-<PRE>
- <A HREF="ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz">ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz</A></PRE>
-<P>
- It contains utilities for extracting pages (which can be useful for
- double-sided printing) and for resizing pages. If you resize from A4 to
- letter the text shrinks a bit, but should then be printable via
- ghostview.
-
-</P>
-<A NAME="SEC283" HREF="FAQ.html#TOC283">Q5014</A>: I would like to have a separate queue per domain for hosts which dial
- in to collect their mail.
-
-
-<P>
-A5014: Exim isn't really designed for this kind of operation. The only way to
- do this would be to cause it to send those messages to a differently
- configured version of Exim with its own spool area. This could be done
- via a pipe or SMTP to a private port. The main Exim, listening on port
- 25, would then be configured to run an appropriate command to prod one
- of the others when it received ETRN, by means of the <TT>etrn_command</TT> option.
-
-</P>
-<P>
- You could probably manage this with a single Exim binary and a number of
- different configuration files, passed to the special versions using the
- <B>-C</B> option. For this application they could all run as exim, since no
- root privilege would be needed.
-
-</P>
-<P>
- An alternative approach id to get Exim to deliver mail for such hosts
- in batch SMTP format into some directory, and have the ETRN run
- something to pass such messages to the dialled-in host. See also
- <A HREF="FAQ.html#SEC144">Q0503</A>
- and
- <A HREF="FAQ.html#SEC162">Q0521</A>.
-
-</P>
-<A NAME="SEC284" HREF="FAQ.html#TOC284">Q5015</A>: A short time after I start Exim I see a <defunct> zombie process. What
- is causing this?
-
-
-<P>
-A5015: Your system must be lightly loaded as far as mail is concerned. The
- daemon sets off a queue runner process when it is started, but it only
- tidies up completed child processes when it wakes up for some other
- reason. When there's nothing much going on, you occasionally see
- <defunct> processes like this waiting to be dealt with. This is
- perfectly normal.
-
-</P>
-<A NAME="SEC285" HREF="FAQ.html#TOC285">Q5016</A>: On a reboot, or a restart of the mail system, I see the message "Mailer
- daemons: exim abandoned: unknown, malformed, or incomplete option
- <B>-bz</B> sendmail". What does this mean?
-
-
-<P>
-A5016: <B>-bz</B> is a Sendmail option requesting it to create a "configuration freeze
- file". Exim has no such concept and so does not support the option. You
- probably have a line like
-
-</P>
-<PRE>
- /usr/lib/sendmail -bz</PRE>
-<P>
- in some start-up script (e.g. <B><B>/etc/init.d/mail</B>)</B> immedately before
-
-</P>
-<PRE>
- /usr/lib/sendmail -bd -q15m</PRE>
-<P>
- The first of these lines should be commented out.
-
-</P>
-<A NAME="SEC286" HREF="FAQ.html#TOC286">Q5017</A>: I would like to restrict e-mail usage for some users to the local
- machine, ideally on a group basis.
-
-
-<P>
-A5017: See
- <A HREF="FAQ.html#SEC349">A9802</A>
-
-</P>
-<A NAME="SEC287" HREF="FAQ.html#TOC287">Q5018</A>: Whenever exim restarts it takes up to 3-5 minutes to start responding on
- the SMTP port. Why is this?
-
-
-<P>
-A5018: Something else is hanging onto port 25 and not releasing it. One place
- to look is <B><B>/etc/inetd.conf</B></B> in case for any reason an SMTP stream is
- configured there.
-
-</P>
-<A NAME="SEC288" HREF="FAQ.html#TOC288">Q5019</A>: Why aren't there any man pages for Exim? I don't always carry my printed
- documentation.
-
-
-<P>
-A5019: As well as plain ASCII text, the Exim documentation is provided in two
- online forms - texinfo and HTML - which have a certain amount of built-
- in indexing for ease of finding your way around. There are no man pages
- because the author of Exim hasn't the time (or desire :-) to maintain
- yet another documentation format. Besides, it is hard to know how to
- split the Exim manual up.
-
-</P>
-<P>
- There is a contributed man page for a previous version of Exim in
-
-</P>
-<P>
- <B><A HREF="ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8">ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8</A></B>
-
-</P>
-<P>
- This was written by a previous maintainer of the Debian GNU/Linux Exim
- package. You can view a nicely formated version at:
-
-</P>
-<P>
- <B><A HREF="http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz">http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz</A></B>
-
-</P>
-<P>
- This contains some introductory text and the command line options only.
-
-</P>
-<A NAME="SEC289" HREF="FAQ.html#TOC289">Q5020</A>: When I send a message using the <B>-t</B> command line option, Exim sends only
- to the addresses within the message, not to those on the command line.
-
-
-<P>
-A5020: By default Exim operates according to the Sendmail documentation, and
- interprets addresses on the command line as addresses <EM>not</EM> to send to.
- You can set
-
-</P>
-<PRE>
- extract_addresses_remove_arguments = false</PRE>
-<P>
- to change this behaviour. There is some confusion in the Sendmail
- community about the interpretation of recipient addresses on the command
- line if the <B>-t</B> option is used.
-
-</P>
-<P>
- Here is an except from one version of the sendmail documentation
-
-</P>
-<P>
- <B>-t</B> Read message for recipients. To:, Cc:, and Bcc: lines will
- be scanned for recipient addresses. The Bcc: line will be
- deleted before transmission. Any addresses in the argument
- list will be suppressed, that is, they will not receive
- copies even if listed in the message header.
-
-</P>
-<P>
- Earlier versions of the sendmail documentation are ambiguous (unlike the
- snippet above). Apparently the code and documentation streams resolved
- the ambiguity differently.
-
-</P>
-<A NAME="SEC290" HREF="FAQ.html#TOC290">Q5021</A>: If I set up, for example,
- <TT>local_domains = *customer.com</TT>, then it matches
- <B>"customer.com"</B> and <B>"abc.customer.com"</B> as required, but it also matches
- <B>"noncustomer.com",</B> which is wrong. How can I get round this?
-
-
-<P>
-A5021: (A) You have to specify two entries in the list:
-
-</P>
-<PRE>
- local_domains = customer.com : *.customer.com</PRE>
-<P>
- because * in a domain list matches any characters, including "." and
- including a null sequence.
-
-</P>
-<P>
- (B) Alternatively, you could use a regular expression:
-
-</P>
-<PRE>
- local_domains = ^(.+\.|)customer\.com$</PRE>
-<P>
- but that probably will not be as efficient.
-
-</P>
-<P>
- (C) If you have lots of local domains, you could put them into a file to
- be searched (using lsearch, dbm, cdb, or whatever) and use a partial
- search such as
-
-</P>
-<PRE>
- local_domains = partial-dbm;/list/of/domains</PRE>
-<P>
- If the file contains the key <B>*.customer.com</B> then the desired effect is
- achieved, because partial lookups do operate on a component basis. See
- the section entitled "Partial matching in domain lists". It is a bit
- confusing that "*" is used in this context, because its meaning is not
- the same as when it appears directly in a domain list.
-
-</P>
-<A NAME="SEC291" HREF="FAQ.html#TOC291">Q5022</A>: I want to match all local domains of the form <B>*.oyoy.org</B> but want a few
- exceptions. For instance I don't want <B>foo.oyoy.org</B> or <B>bar.oyoy.org</B> to be
- treated as local. What is the best way to do this?
-
-
-<P>
-A5022: (A) From release 3.00 onwards, you can put negative items in the
- <TT>local_domains</TT> setting, like this:
-
-</P>
-<PRE>
- local_domains = !foo.oyoy.org : !bar.oyoy.org : *.oyoy.org</PRE>
-<P>
- If there are many exceptions, you can use a lookup instead of listing
- them all inline.
-
-</P>
-<P>
- (B) Otherwise, you can use a regular expression:
-
-</P>
-<PRE>
- local_domains = ^.*(?<!^foo|^bar)\.oyoy\.org$</PRE>
-<P>
- An alternative formulation that is more efficient in execution (because
- it doesn't backtrack for .* in cases that don't match) is
-
-</P>
-<PRE>
- local_domains = ^(?>.*$)(?<=\.oyoy\.org)(?<!^(foo|bar)\.oyoy\.org)</PRE>
-<P>
- If you are using an earlier version of Exim in which the regular
- expression library does not have lookbehind support (versions prior to
- 2.051, but after 1.735):
-
-</P>
-<PRE>
- local_domains = ^(?!(foo|bar)\.oyoy\.org$).+\.oyoy\.org$</PRE>
-<P>
- If you are using a version of Exim that is earlier than 1.735, consider
- upgrading!
-
-</P>
-<A NAME="SEC292" HREF="FAQ.html#TOC292">Q5023</A>: I can't seem to find a pre-built version of Exim anywhere. The machine
- is a Sparc 5 running Solaris 2.6.
-
-
-<P>
-A5023: The problem is that there are a number of build-time options, requiring
- the answer to questions like:
-
-</P>
-<P>
- . Which DBM library do you have? (On Solaris probably ndbm, but no easy
- default on some other systems.)
-
-</P>
-<P>
- . Which uid/gid do you want to use for Exim?
-
-</P>
-<P>
- . Where do you want the configuration file to be? (<EM>Many</EM> different
- answers, even on the same OS, depending on local policy.)
-
-</P>
-<P>
- . Ditto for the binaries.
-
-</P>
-<P>
- . Which optional bits of Exim do you want to include?
-
-</P>
-<P>
- ... and so on. One could impose a set of values, but I suspect they
- would probably please nobody.
-
-</P>
-<A NAME="SEC293" HREF="FAQ.html#TOC293">Q5024</A>: Is there a Windows NT version of Exim available?
-
-
-<P>
-A5024: A long time ago somebody took a copy of the Exim source with the aim of
- trying to port it to NT. However, I never heard anything more.
-
-</P>
-<A NAME="SEC294" HREF="FAQ.html#TOC294">Q5025</A>: Does Exim support Delivery Status Notificaion (DSN), Message Status
- Notification (MSN), or any other form of delivery acknowledgement?
-
-
-<P>
-A5025: See
- <A HREF="FAQ.html#SEC158">A0517</A>.
-
-</P>
-<A NAME="SEC295" HREF="FAQ.html#TOC295">Q5026</A>: What does "Exim" stand for?
-
-
-<P>
-A5026: Originally, it was "EXperimental Internet Mailer", which was the best I
- could come up with when I was starting out. At that point it <EM>was</EM>
- experimental - I wanted to see if the ideas I had for extending Smail's
- approach actually worked. Then somebody discovered about it and wanted
- to start using it, and told other people about it...
-
-</P>
-<A NAME="SEC296" HREF="FAQ.html#TOC296">Q5027</A>: What does the log message "no immediate delivery: more than 10 messages
- received in one connection" mean?
-
-
-<P>
-A5027: See
- <A HREF="FAQ.html#SEC159">A0518</A>.
-
-</P>
-<A NAME="SEC297" HREF="FAQ.html#TOC297">Q5028</A>: Although I haven't set <TT>check_spool_space</TT>, Exim is still checking the
- amount of space on the spool for incoming SMTP messages that use the
- SIZE option. Can I suppress this?
-
-
-<P>
-A5028: The RFC for the SIZE option says
-
-</P>
-<P>
- If the server currently lacks sufficient resources to accept a
- message of the indicated size, but may be able to accept the
- message at a later time, it responds with code "452
- insufficient system storage".
-
-</P>
-<P>
- and that is what Exim is trying to implement. This is entirely
- independent from <TT>check_spool_space</TT>, which says "don't accept any mail
- if there is less than so much space in the spool partition", though the
- code is optimised to do both checks at the same time if required.
- However, you can suppress the SIZE check if you want to, by unsetting
- <TT>smtp_check_spool_space</TT>.
-
-</P>
-<A NAME="SEC298" HREF="FAQ.html#TOC298">Q5029</A>: I just noticed log entries that start off "<= <>". Am I correct in
- assuming that the "<>" indicates that the envelope did not contain any
- "From" data?
-
-
-<P>
-A5029: Yes. This indicates a delivery failure report (aka "bounce message").
- Here is what RFC 1123 has to say about this:
-
-</P>
-<P>
- "If there is a delivery failure after acceptance of a message,
- the receiver-SMTP MUST formulate and mail a notification
- message. This notification MUST be sent using a null ("<>")
- reverse path in the envelope; see Section 3.6 of RFC-821. The
- recipient of this notification SHOULD be the address from the
- envelope return path (or the Return-Path: line). However, if
- this address is null ("<>"), the receiver-SMTP MUST NOT send a
- notification. If the address is an explicit source route, it
- SHOULD be stripped down to its final hop."
-
-</P>
-<P>
- The reason for using empty sender addresses is to identify bounce
- messages so that they themselves do not cause further bounces. However,
- this has made life harder for those that want to check incoming mail for
- valid senders. It is a pity that some other mechanism (e.g. a keyword
- on the MAIL command) was not used instead, but it is far too late to
- change now.
-
-</P>
-<P>
- Empty senders are also used for other kinds of report which should not
- themselves cause the generation of bounce messages. For example, Exim
- uses them when sending out warnings about delivery delays.
-
-</P>
-<A NAME="SEC299" HREF="FAQ.html#TOC299">Q5030</A>: I've received a message which does not have my address in the To:
- line. It is a spam message with the same address in both the From: and
- the To: headers. How can this happen, and why doesn't Exim reject it?
-
-
-<P>
-A5030: There is an important distinction between the "envelope" from and to and
- the "header" from and to. The former are sometimes called the "sender"
- and "recipient". An email message needs an "envelope" for the same
- reason that paper mail does - the envelope tells the delivery mechanism
- what to do with *this copy* of the message, whereas the To: header lists
- all the recipients, including those who have been sent different copies
- of the message because their mailbox is on some other host.
-
-</P>
-<P>
- An MTA such as Exim normally works entirely with the "envelope"
- addresses, not with those in the header lines. However, you can specify
- that it should do some checking of header addresses by setting a
- number of options whose names begin with <TT>headers_</TT>.
-
-</P>
-<P>
- Don't try to block mail where envelope from and the header from differ.
- There are common legitimate cases where this happens, for example,
- messages forwarded from mailing lists and delivery failure reports.
-
-</P>
-<A NAME="SEC300" HREF="FAQ.html#TOC300">Q5031</A>: Can (or will) Exim ever handle a message delivery purely in memory,
- that is, it is handled without it ever hitting the disc?
-
-
-<P>
-A5031: It doesn't, and never will. Accepting and delivering a message are two
- entirely separate, independent processes, which communicate only by
- writing/reading the message on the disc.
-
-</P>
-<A NAME="SEC301" HREF="FAQ.html#TOC301">Q5032</A>: If I am using dbm files for data that Exim reads, can I rebuild them
- on the fly, or do I need to restart Exim every time I make a change?
-
-
-<P>
-A5032: Exim re-reads the file every time it consults it, so if you are using a
- cdb or a DBM library that uses just a single file (i.e. NOT ndbm) then
- you can just build the new file with a temporary file name, and use "mv"
- to rename it into the correct place on the fly. If there are two files
- to rename, there is a window of time during which the DBM database is
- inconsistent. On lightly loaded systems this may not matter.
-
-</P>
-<A NAME="SEC302" HREF="FAQ.html#TOC302">Q5033</A>: What are the main differences between using an Exim filter and using
- procmail?
-
-
-<P>
-A5033: Exim filters and procmail provide different facilities. Exim filters run
- at directing time, before <EM>any</EM> deliveries are done. A filter is like a
- <B>".forward</B> file with conditions". One of the benefits is de-duplication.
- Another is that if you forward, you are forwarding the original message.
-
-</P>
-<P>
- However, this does mean that pipes etc. are not run at filtering time,
- nor can you change the headers, because the message may have other
- recipients and Exim keeps only a single set of headers.
-
-</P>
-<P>
- Procmail runs at delivery time. This is for one recipient only, and so
- it can change headers, run pipes and check the results, etc. However, if
- it wants to forward, it has to create a new message containing a copy
- of the original message.
-
-</P>
-<P>
- It's your choice as to which of these you use. You can of course use
- both.
-
-</P>
-<A NAME="SEC303" HREF="FAQ.html#TOC303">Q5034</A>: I need an option that is the opposite of <B>-bpa,</B> that is, a listing of
- those addresses generated from a top-level address that have not yet
- been delivered.
-
-
-<P>
-A5034: Exim does not keep this information. It saves only the top-level
- addresses and the list of addresses that are finished with. At each
- delivery attempt, generated addresses are recomputed from scratch. This
- makes it possible to correct errors in <B>.forward</B> and alias files that are
- causing delivery delays. However, there is an option you can set on an
- <B>aliasfile</B> or <B>forwardfile</B> director that changes things. It is called
- <TT>one_time</TT>, and if it is set, the list of generated addresses gets added
- to the top-level list at the first delivery attempt, and is never
- regenerated. Because top-level address lists must be real email
- addresses, this option cannot be used if any of the generated addresses
- are pipes, files, or autoreplies.
-
-</P>
-<A NAME="SEC304" HREF="FAQ.html#TOC304">Q5035</A>: I am getting complaints from a customer who uses my EXIM server for
- relaying that they are being blocked with a "Too many connections"
- error.
-
-
-<P>
-A5035: See <TT>smtp_accept_max</TT> and related options such as <TT>smtp_accept_reserve</TT>.
-
-</P>
-<A NAME="SEC305" HREF="FAQ.html#TOC305">Q5036</A>: When I try "exim <B>-bf"</B> to test a system filter, I received the following
- error message: "Filter error: unavailable filtering command "fail" near
- line 8 of filter file".
-
-
-<P>
-A5036: Use the <B>-bF</B> option to test system filters. This gives you access to the
- freeze and fail actions.
-
-</P>
-<A NAME="SEC306" HREF="FAQ.html#TOC306">Q5037</A>: How can I make Exim receive incoming mail, queue it, but NOT attempt to
- deliver it? I want to be in this state while moving some mailboxes.
-
-
-<P>
-A5037: (1) Set <TT>queue_only</TT> in the Exim configuration. (2) Kill off your daemon,
- and restart it <EM>without</EM> the <B>-q</B> option (i.e. with just the <B>-bd</B> option),
- so that it does not spawn any queue runners. This stops all deliveries,
- remote as well as local. To stop just local deliveries, assuming that
- none of your routers are configured to send messages directly to a local
- transport, make this your first director:
-
-</P>
-<PRE>
- defer_all:
- driver = smartuser
- new_address = :defer:</PRE>
-<P>
- When you are ready to go again, remove that director and do a <B>-qf</B> run to
- override the retry times. This solution works from release 3.10 onwards.
- In earlier releases an <B>aliasfile</B> director must be used because :defer:
- was not available for use in <B>smartuser</B>.
-
-</P>
-<A NAME="SEC307" HREF="FAQ.html#TOC307">Q5038</A>: What does the rejection message "reject all recipients: 3 times bad
- sender" mean?
-
-
-<P>
-A5038: See the section of the manual entitled "Sender verification". Exim has
- failed to verify a sender from the same host 3 times within a period of
- 24 hours.
-
-</P>
-<A NAME="SEC308" HREF="FAQ.html#TOC308">Q5039</A>: The menu in Eximon isn't working. It displays, but I can't select
- anything from it.
-
-
-<P>
-A5039: On some X implementations, if the numlock key is pressed (so that the
- numeric keypad is working) then the menu didn't work properly in
- versions of Eximon before Exim release 3.10. The problem is an
- infelicity in the particular implementation of X. A workaround was
- introduced at release 3.10, so this problem should no longer be
- encountered.
-
-</P>
-<A NAME="SEC309" HREF="FAQ.html#TOC309">Q5040</A>: What does "ridiculously long message header" in an error report mean?
-
-
-<P>
-A5040: There has to be some limit to the length of a message's header lines,
- because otherwise a malefactor could open an SMTP channel to your host,
- start a message, and then just send characters continuously until your
- machine ran out of memory. (Exim stores all the header lines in main
- memory). For this reason a limit is imposed on the total amount of
- memory that can be used for header lines. The default is 1MB, but this
- can be changed by setting HEADER_MAXSIZE in <B>Local/Makefile</B>. Exceeding
- the limit provokes the "ridiculous" error message.
-
-</P>
-<P>
- Prior to release 3.022 Exim used two separate limits, one on the length
- of an individual header line and one on the total number of header
- lines. A header line longer than 8192 used to provoke the error "Header
- line is ridiculously overlong". In subsequent releases there is no limit
- on individual header lines; only the total header size matters.
-
-</P>
-<A NAME="SEC310" HREF="FAQ.html#TOC310">Q5041</A>: What does Exim use for POP as a default? Do I have to install anything
- else?
-
-
-<P>
-A5041: Yes. Exim provides MTA functionality. That is, it delivers mail. POP is
- one of several ways of reading previously-delivered mail. Exim does not
- provide that functionality.
-
-</P>
-<A NAME="SEC311" HREF="FAQ.html#TOC311">Q5042</A>: I see that Exim doesn't support SSL. Can it be made to work with stunnel?
-
-
-<P>
-A5042: From release 3.20, Exim does support SSL/TLS, by making use of the
- OpenSSL library.
-
-</P>
-<P>
- The problem with using stunnel is that all your SSL connections look
- like they come from 127.0.0.1 - none of your IP based policies will
- have any effect. This means that you are basically an open relay,
- anyone who connects to your server via SSL can relay through you,
- whether they are local or not (and who knows, spammers may someday
- evolve brains enough to try using SSL ports).
-
-</P>
-<P>
- One solution to this is to force all SSL connections to authenticate
- before relaying. This is how one user has done this:
-
-</P>
-<P>
- First make sure you are set up to do SMTP AUTH properly (see the sample
- configuration C034). Then add MUSTAUTH to the <TT>auth_hosts</TT> line in your
- configure file. If you don't already have a list of IPs there, it will
- look like this:
-
-</P>
-<PRE>
- auth_hosts = MUSTAUTH</PRE>
-<P>
- If you have some IPs you want to authenticate, add them like this:
-
-</P>
-<PRE>
- auth_hosts = MUSTAUTH:10.1.1.1:10.1.1.2</PRE>
-<P>
- Then invoke stunnel like this:
-
-</P>
-<PRE>
- /usr/local/sbin/stunnel -d 465 -l /usr/exim/bin/exim \
- -p /usr/local/ssl/certs/exim.pem -- exim -bs -DMUSTAUTH=127.0.0.1</PRE>
-<P>
- Whenever an SSL connection is established, Exim is invoked with the
- macro MUSTAUTH defined as 127.0.0.1, which forces that one particular
- instance to authenticate, without disrupting normal 127.0.0.1 operations
- via non-SSL sessions.
-
-</P>
-<A NAME="SEC312" HREF="FAQ.html#TOC312">Q5043</A>: Is there an easy way of removing all queued messages at once in a safe
- way?
-
-
-<P>
-A5043: Try this command:
-
-</P>
-<PRE>
- exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | sh</PRE>
-<A NAME="SEC313" HREF="FAQ.html#TOC313">Q5044</A>: What is the best way to provide backup MX for clients?
-
-
-<P>
-A5044: If the clients are always online, all you need to do is to have MX
- records for their domains pointing to your host, with suitable
- preference values, and ensure that their domains are listed in
- <TT>relay_domains</TT>. If the clients are not always online, see
- <A HREF="FAQ.html#SEC262">Q1403</A>.
-
-</P>
-<A NAME="SEC314" HREF="FAQ.html#TOC314">Q5045</A>: Why does Exim do "ident" callbacks by default? Isn't this just a waste
- of resources? I've been told this is an ancient way of authentication.
- Is it obsolete?
-
-
-<P>
-A5045: This is a common mistake, at least partially resulting from the
- incorrect naming of the protocol when it was first published.
- The service on port 113 is an identification service, which allows a
- target host to record information identifying the user responsible for
- making a connection to it. The information may not be intelligible to
- the recording host - it could, for example, be encrypted so that only
- someone on the calling host can make sense of it. It is useful for
- providing additional information in an audit trail.
-
-</P>
-<P>
- The data should not be used for authentication in any form except
- on a closed secure network between cooperating hosts (probably not
- even then). The information from the source host is only as reliable
- as the host itself - if it's not under your control then you have to
- treat the information as opaque data that can be used by the sysadmin
- of the source system to trace back connection data - and some ident
- implementations send out opaque cookies or DES encrypted information.
- Ident is hugely useful at times - especially for checking back on
- connections from multiuser machines (as opposed to one-person desktop
- boxes).
-
-</P>
-<P>
- You can stop Exim making ident calls by adding
-
-</P>
-<PRE>
- rfc1413_query_timeout = 0s</PRE>
-<P>
- to its configuration, but it is better to leave it active (reducing the
- timeout if it is causing problems) - it costs very little, and in cases
- of mail forgery from a multiuser system can track the sinner concerned
- very quickly.
-
-</P>
-<A NAME="SEC315" HREF="FAQ.html#TOC315">Q5046</A>: I often have the problem that a message gets stuck in the mailq and I
- want it to be bounced to a certain address.
-
-
-<P>
-A5046: You can do this using a combination of four command line options, like
- this:
-
-</P>
-<PRE>
- exim -Mf 14Fdlq-0003kM-00
- exim -Mmad 14Fdlq-0003kM-00
- exim -Mar 14Fdlq-0003kM-00 new@ddress
- exim -M 14Fdlq-0003kM-00</PRE>
-<P>
- The first command freezes the message so that a queue runner won't start
- to deliver it while you are changing things. The second command marks
- all existing recipients as delivered. The third command adds a new
- recipient, and the fourth command forces a delivery of the message,
- which will cause it to be delivered to the new address, and then
- deleted.
-
-</P>
-<A NAME="SEC316" HREF="FAQ.html#TOC316">Q5047</A>: What precautions should I take when editing <B>exim.conf?</B>
-
-
-<P>
-A5047: Edit <B>exim.conf</B> to <B>exim.conf.new.</B> Then run
-
-</P>
-<PRE>
- exim -bV -C exim.conf.new</PRE>
-<P>
- That will check for syntax errors without disturbing your running
- configuration. If you are paranoid enough, <EM>as</EM> <EM>root</EM> run
-
-</P>
-<PRE>
- exim -C exim.conf.new <some address>
- <some message>
- .</PRE>
-<P>
- and see if it delivers it. Carry on testing until happy. When happy,
-
-</P>
-<PRE>
- mv exim.conf.new exim.conf
- kill -HUP `cat /var/spool/exim/exim-daemon.pid`</PRE>
-<P>
- Then check the Exim log to be sure the daemon restarted OK. Watch the
- log for a bit to see that mail is flowing.
-
-</P>
-<A NAME="SEC317" HREF="FAQ.html#TOC317">Q5048</A>: Is exim able to use RFC 2645, On-demand Mail Relay (ODMR)?
-
-
-<P>
-A5048: No.
-
-</P>
-<A NAME="SEC318" HREF="FAQ.html#TOC318">Q5049</A>: I want to send every bounced mail that is received by my server, as
- "headers-only" to the sysadmin. How can I do this?
-
-
-<P>
-A5049: 1. Set up a transport with <TT>headers_only</TT> to do the delivery.
-
-</P>
-<P>
- 2. Set up a <B>smartuser</B> director that directs messages to a special local
- alias (e.g. "sysadmin-header") to that transport.
-
-</P>
-<P>
- 3. Set up a system filter file, containing something like
-
-</P>
-<PRE>
- if first_delivery and error_message then
- unseen deliver sysadmin-header@your.domain
- endif</PRE>
-<A NAME="SEC319" HREF="FAQ.html#TOC319">Q5050</A>: What POP3 daemon should I use with Exim? I want something with
- configurable authentication mechanisms.
-
-
-<P>
-A5050: Qmail-pop has a checkpasswd part that can be hacked to add whatever
- authentication you want. There is also Solid POP which has a lot of
- Exim support in it (e.g. nhash). There is also Cyrus, which is
- self-contained, so you don't have to worry about ownership of mailboxes
- and also it can be poked into authenticating from just about anything.
- However, in general, YMMV, and really what suits one user may not suit
- another. There is a mailing list at <B><B>pop-imap@exim.org</B></B> for the discussion
- of POP/IMAP issues. More information can be found in its archives.
-
-</P>
-<A NAME="SEC320" HREF="FAQ.html#TOC320">Q5051</A>: Is there any way I can send bounces to the postmaster, and nobody else?
- Basically, I want to recieve them, and I don't want the reply/from
- person to get them. If I think they need it I will forward it myself.
-
-
-<P>
-A5051: Put <TT>errors_to=postmaster</TT> on every router and director.
-
-</P>
-<BR><H2><A NAME="SEC321" HREF="FAQ.html#TOC321">93. HP-UX
-
-</A></H2>
-<A NAME="SEC322" HREF="FAQ.html#TOC322">Q9301</A>: I'm trying to compile on an HP machine and I don't have gcc there. So I
- put <TT>CC=cc</TT> in the <B>Local/Makefile</B>, but I got this error:
-
-
-<PRE>
- (Bundled) cc: "buildconfig.c", line 54: error 1705: Function prototypes
- are an ANSI feature.</PRE>
-<P>
-A9301: The bundled compiler is not an ANSI C compiler. You either have to get a
- copy of gcc from the HPUX Software Porting Archives or buy the ANSI cc
- from HP. The advice given by one user of HP systems on the Exim
- mailing list was as follows:
-
-</P>
-<P>
- "Personally, I wouldn't use anything but the ANSI C compiler. gcc
- works for compilation, but it doesn't know squat about PA-RISC chips
- past the 1.0 rev. Since then, HP has come out with PA-RISC 1.1, 2.0,
- and 2.1, each with better features. gcc will compile for them, but it
- doesn't produce anywhere near the optimization that HP's compiler
- does.
-
-</P>
-<P>
- I took the gcc road when we moved from FreeBSD to HP-UX because I was
- familiar with it. After 6 months, I had to go and re-port everything
- over when we realized that gcc wasn't going to do it for us long-term.
- If I could give advice to any new HP-UX admin: don't use gcc if you
- can afford the ANSI C compiler. Based on the cost of even the lowest
- HP workstation, that usually isn't a problem."
-
-</P>
-<BR><H2><A NAME="SEC323" HREF="FAQ.html#TOC323">94. BSDI
-
-</A></H2>
-<A NAME="SEC324" HREF="FAQ.html#TOC324">Q9401</A>: On BSDI 4.0, Exim built with Perl support exits with the error message
-
-
-<PRE>
- ./exim: can't load library 'libperl.so'</PRE>
-<P>
-A9401: You probably compiled perl5 yourself, without looking into
-
-</P>
-<PRE>
- /usr/src/contrib/perl5/perl5.004_02/hints/bsdos.sh</PRE>
-<P>
- first. The problem is that the command
-
-</P>
-<PRE>
- perl5 -MExtUtils::Embed -e ldopts</PRE>
-<P>
- doesn't give you sufficient flags to link something with libperl.
- Since 5.004_02 the <B>hints/bsdos.sh</B> file has changed to adapt to the
- changes between BSDI 3.1 and 4.0, but it is still not entirely right.
-
-</P>
-<P>
- The solution is, when you compile perl, change the "ccdlflags"
- variable in <B>config.sh</B> to:
-
-</P>
-<PRE>
- -rdynamic -Wl,-rpath,/usr/local/lib/perl5/5.00502/i386-bsdos/CORE</PRE>
-<P>
- (or something similar). Alternatively, you can run ./Configure and
- answering the question "Any special flags to pass to cc to use dynamic
- loading?" with the above line. It is not known what <B>-rdynamic</B> means
- (it's not apparently documented in any man page), but that's what BSDI
- guys did to compile perl5 which comes with BSDI 4.0 distribution.
-
-</P>
-<BR><H2><A NAME="SEC325" HREF="FAQ.html#TOC325">95. IRIX
-
-</A></H2>
-<A NAME="SEC326" HREF="FAQ.html#TOC326">Q9501</A>: I'm running IRIX 6.2 with a number of alias IP addresses set up, but
- Exim doesn't seem to recognize them as local addresses.
-
-
-<P>
-A9501: This problem was fixed in Exim release 2.03. If you are running an
- earlier version you should use the <TT>local_interfaces</TT> option to specify
- all your IP addresses explicitly.
-
-</P>
-<A NAME="SEC327" HREF="FAQ.html#TOC327">Q9502</A>: The IP addresses for incoming calls are all being given as
- 255.255.255.255 or 0.0.0.0.
-
-
-<P>
-A9502: From release 3.21, Exim contains a workaround that should fix this
- problem. If you are using an earlier release, read on...
-
-</P>
-<P>
- If you used the gcc compiler 2.8.x or a version in the 2.95 series,
- there is a known bug with the "gethost" function under Irix. SGI
- recommends using either their cc compiler in Irix 6.5, or a lesser
- version of the gnu compiler. Version 2.7.2.3 is known to work.
- Alternatively, there is an Inst-able port of Exim for Irix at
- <B><A HREF="http://freeware.sgi.com">http://freeware.sgi.com</A>,</B> but it is not likely to be the latest release.
- There is further information about this problem, which is described as a
- "classic gcc structure-in-a-register bug" at this URL:
-
-</P>
-<P>
- <B><A HREF="http://www.ccp14.ac.uk/ccp14admin/apache13/apache255error.html">http://www.ccp14.ac.uk/ccp14admin/apache13/apache255error.html</A></B>
-
-</P>
-<P>
- This is a summary that I was sent:
-
-</P>
-<P>
- "Gcc does not correctly pass/return structures which are smaller than
- 16 bytes and which are not 8 bytes. The problem is very involved and
- difficult to fix. It affects a number of other targets also, but irix6
- is affected the most, because it is a 64 bit target, and 4 byte
- structures are common. The exact problem is that structures are being
- padded at the wrong end, e.g. a 4 byte structure is loaded into the
- lower 4 bytes of the register when it should be loaded into the upper
- 4 bytes of the register."
-
-</P>
-<BR><H2><A NAME="SEC328" HREF="FAQ.html#TOC328">96. LINUX
-
-</A></H2>
-<A NAME="SEC329" HREF="FAQ.html#TOC329">Q9601</A>: Exim is mysteriously crashing, usually when forking to send a delivery
- error message.
-
-
-<P>
-A9601: This has been seen in cases where Exim has been incorrectly built with
- a muddled combination of an <B>ndbm.h</B> include file and a non-matching
- DBM library.
-
-</P>
-<P>
- Faults like this have also been seen on systems with faulty motherboards.
- You could try to compile the Linux kernel 10 times - if the compile
- process stops with signal 11, your hardware is to blame.
-
-</P>
-<A NAME="SEC330" HREF="FAQ.html#TOC330">Q9602</A>: Exim has created a directory called <B>build-Linux-libc5-i386</B> but is
- trying to reference <B>build-Linux-libc5-i386-linux</B> while building.
-
-
-<P>
-A9602: You have several shells installed, which are setting conflicting values
- in the HOSTTYPE environment variable that is used to construct the name
- of the build directory. One way round this is to run this command:
-
-</P>
-<PRE>
- ln -s build-Linux-libc5-i386-linux build-Linux-libc5-i386</PRE>
-<P>
- This problem should no longer be encountered in release 3.10 or later.
- Exim has been changed to get the host type from the "uname" command
- preferentially.
-
-</P>
-<A NAME="SEC331" HREF="FAQ.html#TOC331">Q9603</A>: I want to use logrotate which is standard with <B>RH5.2</B> Linux to rotate
- my mail logs. Anyone worked out the logrotate config file that will
- do this?
-
-
-<P>
-A9603: Here's one suggestion:
-
-</P>
-<PRE>
- /var/log/exim/main.log {
- create 644 exim exim
- rotate 4
- compress
- delaycompress
- }</PRE>
-<P>
- The sleep is added to allow things to close the log file prior to
- compression. You also need similar entries for the panic log and the
- reject log, of course.
-
-</P>
-<A NAME="SEC332" HREF="FAQ.html#TOC332">Q9604</A>: I'm seeing the message "<B>inetd</B>[334]: imap/tcp server failing (looping),
- service terminated" on a RedHat 5.2 system, causing imap connections to
- be refused. The imapd in use is Washington Uni vers 12.250. Could this
- be anything to do with Exim?
-
-
-<P>
-A9604: No, it's nothing to do with Exim, but here's the answer anyway: there
- is a maximum connection rate for <B>inetd</B>. If connections come in faster
- than that, it thinks a caller is looping. The default setting on RedHat
- 5.2 is 40 calls in any one minute before <B>inetd</B> thinks there's a problem
- and suspends further calls for 10 mins. This default setting is very
- conservative. You should probably increase it by a factor of 10 or 20.
- For example:
-
-</P>
-<PRE>
- imap stream tcp nowait.400 root /usr/sbin/tcpd /usr/local/etc/imapd</PRE>
-<P>
- The rate setting is the number following "nowait". This syntax seems to
- be specific to the Linux version of <B>inetd</B>. Other operating systems
- provide similar functionality, but in different ways.
-
-</P>
-<A NAME="SEC333" HREF="FAQ.html#TOC333">Q9605</A>: I get the "too many open files" error especially when a lot of messages
- land for majordomo at the same time.
-
-
-<P>
-A9605: The problem appears to be the number of open files the system can
- handle. This is changable by using the proc filesystem. To your
- <B><B>/etc/rc.d/rc.local</B></B> file append something like the following:
-
-</P>
-<PRE>
- # Now System is up, Modify kernel parameters for max open etc.</PRE>
-<PRE>
- if [ -f /proc/sys/kernel/file-max ]; then
- echo 16384 >> /proc/sys/kernel/file-max
- fi
- if [ -f /proc/sys/kernel/inode-max ]; then
- echo 24576 >> /proc/sys/kernel/inode-max
- fi
- if [ -f /proc/sys/kernel/file-nr ]; then
- echo 2160 >> /proc/sys/kernel/file-nr
- fi</PRE>
-<P>
- By echoing the value you want for file-max to the file file-max <B>etc.,</B>
- you actually change the kernel parameters.
-
-</P>
-<A NAME="SEC334" HREF="FAQ.html#TOC334">Q9606</A>: I'm having a problem with an Exim RPM.
-
-
-<P>
-A9606: Normally the thing to do if you have a problem with an RPM package is
- to contact the person who built the package first, not the person who
- made the software that's in the package. You can usually find out who
- made a package using the following command:
-
-</P>
-<PRE>
- rpm --query --package --queryformat '%{PACKAGER}\n' <rpm-package-file></PRE>
-<P>
- where <rpm-package-file> is the actual file, e.g. <B>`exim-3.03-2.i386.rpm'.</B>
- Or, if the package is installed on your system:
-
-</P>
-<PRE>
- rpm --query --queryformat '%{PACKAGER}\n' <package-name></PRE>
-<P>
- where <package-name> is the name component of the package, e.g. `exim'.
- If the packager is unable or unwilling to help, only then should you
- contact the actual author or associated mailing list of the software.
-
-</P>
-<P>
- If you discover through the querying process that you can't tell who
- the person (or company or group) is who built the package, or that they
- no longer exist at the given address, then you should reconsider
- whether you want a package from an unknown source on your system.
-
-</P>
-<P>
- If you discover through the querying process that you yourself are the
- person who built the package, then you should either (a) contact the
- author or associated mailing list, or (b) reconsider whether you ought
- to be building and distributing RPM packages of software you don't
- understand.
-
-</P>
-<P>
- Similar rules of thumb govern other binary package formats, including
- debs, tarballs, and POSIX packages.
-
-</P>
-<A NAME="SEC335" HREF="FAQ.html#TOC335">Q9607</A>: I installed debian 2.2 linux on a small 325mb 486 laptop. When I try
- to test the Mail program, I get the following error: "Failed to open
- configuration file <B><B>/etc/exim.conf</B>".</B>
-
-
-<P>
-A9607: The Debian installation should have given you <B>/usr/sbin/eximconfig</B>,
- which asks you some questions and then sets up the configuration file
- in <B><B>/etc/exim.conf</B>.</B> Try running that (you'll probably need root) and see
- how it goes. In any case you get a thoroughly commented conf file at
- the end, which will give you a sample from which to work if you need
- further modification.
-
-</P>
-<P>
- The exim docs in the Debian package are in <B>/usr/doc/exim</B> and the full
- reference manual is <B>spec.txt.gz</B>
-
-</P>
-<A NAME="SEC336" HREF="FAQ.html#TOC336">Q9608</A>: I'm getting the error <B>"db.h:</B> No such file or directory" when I try to
- build Exim under RedHat 7.0.
-
-
-<P>
-A9608: See
- <A HREF="FAQ.html#SEC62">Q0113</A>.
-
-</P>
-<BR><H2><A NAME="SEC337" HREF="FAQ.html#TOC337">97. SUN SYSTEMS
-
-</A></H2>
-<A NAME="SEC338" HREF="FAQ.html#TOC338">Q9701</A>: Exim builds fine with gcc on SunOS 4 but crashes inside <B>sscanf()</B>.
-
-
-<P>
-A9701: Make sure you are liking with the GNU <B>ld</B> linker and not the system
- version of <B>ld</B>.
-
-</P>
-<A NAME="SEC339" HREF="FAQ.html#TOC339">Q9702</A>: How can I get rid of spurious ^M characters in messages sent from
- CDE <B>dtmail</B>?
-
-
-<P>
-A9702: CDE <B>dtmail</B> passes messages to Exim via the command line interface with
- lines terminated by CRLF, instead of the Unix convention of just LF. As
- Exim is an 8-bit clean program it treats the CR as just another data
- character. Exim has a command line option called <B>-dropcr</B> which causes
- it to ignore <EM>all</EM> CR characters in an incoming non-SMTP message. You
- should configure <B>dtmail</B> to add this option to the command it uses to
- call Exim (using the path <B>/usr/lib/sendmail</B>). However, it has been
- reported that it isn't possible to change this call from <B>dtmail</B> by any
- official means. An alternative approach is to replace <B>/usr/lib/sendmail</B>
- by a filtering script which removes the spurious CRs from the input
- before passing it to Exim.
-
-</P>
-<A NAME="SEC340" HREF="FAQ.html#TOC340">Q9703</A>: On SunOS 4 Exim crashes when looking up domains in the DNS that have
- more than 10 A records.
-
-
-<P>
-A9703: There are Sun library patches to fix this. It is not Exim's problem.
- For 4.13_U1 the patch is 101558<I>-xx</I>; for 4.1.3 the patch is 100891<I>-xx</I>.
- From the README: 1054748 ftp, ping dump core when connecting to a host
- with multiple DNS A records.
-
-</P>
-<P>
- An alternative is to build another resolver library - such as the ones
- that are part of the bind distribution - and explicitly link against
- those.
-
-</P>
-<A NAME="SEC341" HREF="FAQ.html#TOC341">Q9704</A>: The menu in Eximon isn't working on my Sun system.
-
-
-<P>
-A9704: With OpenWindows, if the numlock key is pressed (so that the numeric
- pad is working) then some menus don't work. This appears to be true for
- the console and (some) remote X-window servers. A workaround for this
- problem was introduced in the 3.10 Exim release, so it should no longer
- be encountered.
-
-</P>
-<A NAME="SEC342" HREF="FAQ.html#TOC342">Q9705</A>: I am experiencing mailbox locking problems with Sun's <B>mailtool</B> used
- over a network.
-
-
-<P>
-A9705: Under the "Expert" settings of mailtool is a option to turn on "Use
- network aware mail file locking". By default <B>dtmail</B> has this set, but
- mailtool doesn't. You should set it. The help info on <B>dtmail</B> has this
- to say about it:
-
-</P>
-<P>
- "Mailer tries to prevent two different instances of itself from opening
- the same mail file at the same time through a technique that detects
- this access when both instances of Mailer and the file are all on the
- same machine. A network-aware mail file locking protocol is available
- that uses ToolTalk to coordinate instances of Mailer running from more
- than one machine, or mail files accessed over the network. Mailer can
- only change this option when first opening a mail file."
-
-</P>
-<P>
- If you are using the SunOS4 version of <B>mailtool</B>, this apparently
- doesn't work. The only thing which does seem to work it getting the user
- to hit the "done" button to make it release the lock.
-
-</P>
-<A NAME="SEC343" HREF="FAQ.html#TOC343">Q9706</A>: Exim has been crashing on my Solaris x86 system, apparently while
- running DBM functions.
-
-
-<P>
-A9706: The use of ndbm with gcc has caused problems on x86 Solaris systems.
- Try changing one or the other; using either db 1.85 with gcc, or Sun's
- WS compiler with ndbm, has fixed this in the past.
-
-</P>
-<A NAME="SEC344" HREF="FAQ.html#TOC344">Q9707</A>: The exiwhat utility isn't working for me on a Solaris 2 system.
-
-
-<P>
-A9707: Have you got <B>/usr/ucb</B> on your path? If so, it is probably picking up the
- wrong version of the <B>ps</B> command. The exiwhat script is built on
- Solaris to expect the normal Solaris version of <B>ps</B>.
-
-</P>
-<A NAME="SEC345" HREF="FAQ.html#TOC345">Q9708</A>: How do I stop Sun's <B>dtcm</B> from hanging?
-
-
-<P>
-A9708: From qmail's FAQ: "There is a novice programming error in <B>dtcm</B>, known as
- ``failure to close the output side of the pipe in the <B>child.''</B> Sun has,
- at the time of this writing, not yet provided a patch."
-
-</P>
-<A NAME="SEC346" HREF="FAQ.html#TOC346">Q9709</A>: I want Exim to use only the resolver (i.e. ignore <B>/etc/hosts</B>), but don't
- want to alter the <B>nsswitch.conf</B> file in Solaris 2.
-
-
-<P>
-A9709: You need to rebuild Exim after fiddling with <B>OS/os.h-SunOS5:</B>
-
-</P>
-<PRE>
- #define gethostbyaddr res_gethostbyaddr
- #define gethostbyname res_gethostbyname
- #define endhostent res_endhostent
- #define endnetent res_endnetent
- #define gethostent res_gethostent
- #define getnetbyaddr res_getnetbyaddr
- #define getnetbyname res_getnetbyname
- #define getnetent res_getnetent
- #define sethostent res_sethostent
- #define setnetent res_setnetent</PRE>
-<P>
- Exim uses gethostbyname and gethostbyaddr only, but may use others in
- the future. Note that <B>-lnsl</B> is still needed in the Makefile as it
- contains code used by the NIS lookup and also the <TT>inet_addr</TT> function
- that Exim uses.
-
-</P>
-<BR><H2><A NAME="SEC347" HREF="FAQ.html#TOC347">98. COOKBOOK
-
-</A></H2>
-<A NAME="SEC348" HREF="FAQ.html#TOC348">Q9801</A>: How do I configure Exim as part of TPC <B>(<A HREF="http://www.tpc.int">http://www.tpc.int</A>)?</B>
-
-
-<P>
-A9801: (1) add <B>partial-lsearch;/etc/mail/tpc.domains</B> to <TT>local_domains</TT>;
- <B><B>/etc/mail/tpc.domains</B></B> is a text file with lines in this format:
-
-</P>
-<PRE>
- 9.3.5.1.0.8.1.tpc.int.</PRE>
-<P>
- This sample line indicates that we accept faxes destined for
- 1(801)539-*.
-
-</P>
-<P>
- (2) Set up the following transport:
-
-</P>
-<PRE>
- tpc:
- driver = pipe
- command = /usr/local/tpc/tpcmailer.pl ${local_part}@${domain} \
- ${sender_address}
- pipe_as_creator</PRE>
-<P>
- <B><B>/usr/local/tpc/tpcmailer.pl</B></B> is the mail processing script that can
- be obtained from the TPC distribution.
-
-</P>
-<P>
- (3) Set up the following director:
-
-</P>
-<PRE>
- tpc_director:
- driver = smartuser
- transport = tpc
- domains = partial-lsearch;/etc/mail/tpc.domains</PRE>
-<P>
- Of course, there are other things to do as well before your system is
- a functioning TPC server.
-
-</P>
-<A NAME="SEC349" HREF="FAQ.html#TOC349">Q9802</A>: How do I configure Exim so that it sends mail to the outside world only
- from a restricted list of our local users?
-
-
-<P>
-A9802: There are several possible ways that this can be done.
-
-</P>
-<P>
- (A) You can restrict the senders directly by putting a setting such as
- this one on all the drivers that route to the outside (usually this
- is just the final <B>lookuphost</B> router):
-
-</P>
-<PRE>
- senders = :^[^@]+@(?!${rxquote:your.domain}\$):\
- lsearch;/permitted/senders</PRE>
-<P>
- The first item in this list is empty, to match the empty sender.
- This is necessary because bounce messages have null senders. The
- second item is a regular expression that matches any address whose
- domain is <EM>not</EM> your domain. This caters for cases when mail from
- an external user has arrived for a local user who has forwarding
- set up to some outside address.
-
-</P>
-<P>
- If the first two items do not match (that is, the address is in your
- domain) the sender is looked up in a file of permitted senders; each
- item in the file must be a complete address, including the domain.
- If the sender is unacceptable, an "unrouteable mail domain" error
- will occur because the router won't run, and there are no more to
- try.
-
-</P>
-<P>
- (B) If your local users are in many domains, it may be easier to use a
- <TT>condition</TT> option to test the domain and local part independently,
- along these lines:
-
-</P>
-<PRE>
- condition = \
- ${lookup{${domain:$sender_address}}lsearch{/domain/list}\
- {\
- ${lookup{${local_part:$sender_address}}lsearch\
- {/permitted/senders}{yes}{no}}\
- }\
- {yes}}</PRE>
-<P>
- Obviously other means of testing the domain and local part could be
- substituted, for example, by having separate files of valid local
- parts for each local domain.
-
-</P>
-<P>
- (C) If your local users are logged in to your host, you could use a
- special group for those that are permitted to mail to the world.
- Assuming your groups are defined in <B>/etc/group</B> you could arrange to
- look up the group in that file and then check that the sender was in
- the group,using something along these lines:
-
-</P>
-<PRE>
- condition = \
- ${lookup{groupname}lsearch{/etc/group}\
- {${if match {$value}\
- {[:,]${rxquote:${local_part:$sender_address}}(,|\$)}\
- {yes}{no}}}{no}}</PRE>
-<P>
- This is checking the local part of the sender; a alternative might
- be to check <B><B>$sender_ident.</B></B> However, you should really also check
- that <B>$sender_host_address</B> is either unset or set to 127.0.0.1 or
- your IP address, so you check only locally-originated mail.
-
-</P>
-<P>
- A block like this does not prevent a logged in user from sending
- mail by telnetting to another host's SMTP port, or indeed from
- installing a private version of Exim to do the job for her.
-
-</P>
-<P>
- (D) On a gateway server that has no local users and so receives all the
- mail via SMTP from client hosts, you could use a rewriting rule to
- rewrite sender addresses in your local domain from a table of legal
- local parts, replacing any illegal addresses with an address such as
- <B><B>unknown@your.domain</B>.</B> If this is combined with <TT>sender_verify=true</TT>
- it causes messages from users that are not in the table to be
- refused, assuming that the gateway is capable of verifying the local
- part of <B><B>user@your.domain</B>.</B>
-
-</P>
-<A NAME="SEC350" HREF="FAQ.html#TOC350">Q9803</A>: How do I configure Exim to run with SmartList?
-
-
-<P>
-A9803: This is what was done for Exim's own mailing list, using SmartList/
- procmail 3.11pre7. It runs as its own user - trying to manage mailing
- lists under your own ID can be hard work. Smartlist is installed into
- <B>/var/spool/slist</B>, and there is an slist user defined. Each list appears
- as a directory under <B>/var/spool/slist</B> (as per usual for Smarlist).
- Exim is configured like this:
-
-</P>
-<PRE>
- # slist added to list of trusted users so it can
- # manipulate sender addresses</PRE>
-<PRE>
- trusted_users = exim:slist</PRE>
-<PRE>
- # in transports, a list transport is defined:</PRE>
-<PRE>
- list_transport:
- driver = pipe
- command = /var/spool/slist/.bin/flist \
- ${local_part}${local_part_suffix}
- current_directory = /var/spool/slist
- home_directory = /var/spool/slist
- user = slist
- group = slist</PRE>
-<PRE>
- # in directors a list director is defined:</PRE>
-<PRE>
- list_director:
- driver = smartuser
- suffix = -request
- suffix_optional
- local_parts = !.bin:!.etc
- require_files = /var/spool/slist/${local_part}/rc.init
- transport = list_transport</PRE>
-<P>
- and thats it - no aliases, no special handling of out lists etc.
- What you do need is to ensure that choplist is used for distribution
- (that is, do not uncomment the <TT>alt_sendmail</TT> entry which is blank).
-
-</P>
-<P>
- A couple of other things are forced - for example since the list runs in
- its own domain the domain value is forced to <B>exim.org.</B>
-
-</P>
-<P>
- Then everything else is basic SmartList configuration - and that's
- moderately well documented. A confirmation stage on signup was added -
- now when you subscribe you are sent a confirmation which you must
- return before the system subscribes you (this prevents people
- subscribing their "friends" and makes sure that the addresses really do
- work). The confirm package is available at:
-
-</P>
-<PRE>
- <A HREF="ftp://ftp.fatfree.com/confirm-1.1.tar.gz">ftp://ftp.fatfree.com/confirm-1.1.tar.gz</A></PRE>
-<P>
- and was written by Michelle Dick.
-
-</P>
-<A NAME="SEC351" HREF="FAQ.html#TOC351">Q9804</A>: How do I configure Exim to minic PP's "tripnote" facility?
-
-
-<P>
-A9804: See C006.
-
-</P>
-<A NAME="SEC352" HREF="FAQ.html#TOC352">Q9805</A>: How do I configure Exim to handle local parts with extensions?
-
-
-<P>
-A9805: See C010.
-
-</P>
-<A NAME="SEC353" HREF="FAQ.html#TOC353">Q9806</A>: How do I configure Exim so that only a restricted list of users can
- receive mail from external domains?
-
-
-<P>
-A9806: See C013.
-
-</P>
-<A NAME="SEC354" HREF="FAQ.html#TOC354">Q9807</A>: I have <B><B>someuser@mydomain.com</B></B> that I only want certain users to be able
- to mail to. How do I accomplish this?
-
-
-<P>
-A9807: This is a transport:
-
-</P>
-<PRE>
- bounce:
- driver = autoreply
- from = postmaster@mydomain.com
- to = $sender_address
- user = exim
- subject = "Re: Your mail to ${local_part}"
- text = "You are not allowed to mail to ${local_part}."</PRE>
-<P>
- This is a director that should come before all the others:
-
-</P>
-<PRE>
- special_user:
- driver = smartuser
- local_parts = someuser
- transport = bounce
- senders = !: !lsearch;/list/of/permitted/senders</PRE>
-<P>
- Note that leading "!:" in senders. It allows the null sender <> to be
- valid (i.e. not to match this director). This is necessary, since bounce
- messages have null senders. All other permitted senders must be in the
- file as complete addresses, including a domain.
-
-</P>
-<A NAME="SEC355" HREF="FAQ.html#TOC355">Q9808</A>: A site for which I provide secondary MX is down for some time. Is there
- a way to run the queue for that destination separately from the main
- queue?
-
-
-<P>
-A9808: No, because Exim does not have the concept of "the queue for that
- destination". It simply has a single pool of messages awaiting delivery
- (and some of them may have several destinations). The best approach to
- this is to arrange for all messages for the site to be saved somewhere
- other than the main spool, either on a separate dedicated MTA, or in
- BSMTP files. There is an example of the latter approach in C014.
-
-</P>
-<A NAME="SEC356" HREF="FAQ.html#TOC356">Q9809</A>: How do I implement VERP (Variable Envelope Return Paths) in Exim?
-
-
-<P>
-A9809: See C017.
-
-</P>
-<A NAME="SEC357" HREF="FAQ.html#TOC357">Q9810</A>: I'd like to make a copy of all outgoing messages to a local mailbox. Is
- there a solution for this using an Exim filter?
-
-
-<P>
-A9810: The following filter makes a copy of every message, except for delivery
- failure reports:
-
-</P>
-<PRE>
- # Exim filter</PRE>
-<PRE>
- # Ignore error messages
- if error_message then finish endif</PRE>
-<PRE>
- # Copy if this is the first delivery attempt
- if first_delivery then
- unseen deliver copy@your.domain errors_to postmaster@your.domain
- endif</PRE>
-<P>
- The keyword "unseen" stops this being a "significant delivery", so that
- the message goes on to be delivered as normal. The <TT>errors_to</TT> setting
- changes the envelope sender on the copy so that if there is a problem
- delivering it, the bounce message is sent to postmaster.
-
-</P>
-<P>
- You can add to the condition setting to select specific messages.
- To make a copy of outgoing messages only requires a definition
- of "outgoing". Because a message may have many recipients, simply
- testing for your own domain in both the From: and the To: headers is not
- enough. You can craft your own conditions, but here is one suggestion:
-
-</P>
-<PRE>
- if $h_from: contains your.domain and
- foranyaddress $h_to:,$h_cc:
- ($thisaddress does not contain your.domain)
- then
- unseen deliver copy@your.domain errors_to postmaster@your.domain
- endif</PRE>
-<P>
- This takes copies of messages whose From: header contains <B>your.domain</B>
- and whose To: and Cc: headers contain at least one address that does not
- contain <B>your.domain.</B> See also
- <A HREF="FAQ.html#SEC364">Q9817</A>.
-
-</P>
-<A NAME="SEC358" HREF="FAQ.html#TOC358">Q9811</A>: I want to make a copy of outgoing messages to a specific file for each
- user in a specific directory, using a "save" command in a system filter.
- How can I arrange for Exim to write to these files under the correct
- UID/GID?
-
-
-<P>
-A9811: You need to set up a special transport and tell Exim to use it for
- file deliveries from the system filter. Add the following setting to
- your configuration:
-
-</P>
-<PRE>
- message_filter_file_transport = copy_transport</PRE>
-<P>
- Then define <TT>copy_transport</TT> like this
-
-</P>
-<PRE>
- copy_transport:
- driver = appendfile
- delivery_date_add
- envelope_to_add
- user = ${local_part:$sender_address}</PRE>
-<P>
- This assumes that you want to run the delivery under the uid associated
- with the local part of the sender address. Alternatively, you could just
- use <TT>user=exim</TT> and do all the writing under the same UID/GID.
-
-</P>
-<A NAME="SEC359" HREF="FAQ.html#TOC359">Q9812</A>: How can I keep an archive of all mail for some specific local email
- addresses?
-
-
-<P>
-A9812: You could use a system filter, along the lines of
-
-</P>
-<PRE>
- if
- first_delivery and <tests for appropriate addresses>
- then
- unseen save
- /mail/archive/${substr_0_10:$tod_log}
- endif</PRE>
-<P>
- That would create a new file for each day. However, in order to use
- this, you will need to set <TT>message_filter_file_transport</TT> to point to an
- appropriate transport which includes a setting of "user" to specify
- which uid to run the saving under, as is described in
- <A HREF="FAQ.html#SEC358">Q9811</A>.
-
-</P>
-<A NAME="SEC360" HREF="FAQ.html#TOC360">Q9813</A>: How can I configure Exim to provide a vacation message when there are
- no local users on my mail hub?
-
-
-<P>
-A9813: See C019.
-
-</P>
-<A NAME="SEC361" HREF="FAQ.html#TOC361">Q9814</A>: We want to be able to temporarily lock out a user by disabling the
- password and moving the home directory to another place. How can we
- arrange to reject mail for users in this state?
-
-
-<P>
-A9814: Change the home directory pointer in the passwd file to something
- distinctive. For example, we use <B>/home/CANCELLED</B> for cancelled users.
- Then you can pick up such users with this director, which is placed
- immediately after <TT>system_aliases</TT>:
-
-</P>
-<PRE>
- cancelled_users:
- driver = localuser
- transport = cancelleduser_pipe
- fail_verify
- match_directory = /home/CANCELLED</PRE>
-<P>
- This sends messages for cancelled users to the following special
- transport:
-
-</P>
-<PRE>
- cancelleduser_pipe:
- driver = pipe
- command = "/opt/exim/util/cancelleduser.sh"
- ignore_status
- return_output
- user = nobody</PRE>
-<P>
- The script simply generates a message saying that the user is cancelled
- on its standard output. This gets returned to the original message
- sender in an error report.
-
-</P>
-<P>
- If you don't want to change the home directory in the passwd file,
- an alternative is to check for the non-existence of the home directory
- with
-
-</P>
-<PRE>
- require_files = +!$home</PRE>
-<P>
- instead of setting <TT>match_directory</TT>.
-
-</P>
-<A NAME="SEC362" HREF="FAQ.html#TOC362">Q9815</A>: I need an alias, say "fakeaddress" that should receive a message,
- strip all reply-to: headers present, substitute another one pointing to
- "otheraddress" and forward a message to "realaddress".
-
-
-<P>
-A9815: Add this director:
-
-</P>
-<PRE>
- fakeaddress_director:
- driver = smartuser
- domain = (if necessary to restrict the domain)
- local_parts = fakeaddress
- headers_remove = reply-to
- headers_add = reply-to: otheraddress
- new_address = realaddress</PRE>
-<P>
- If there are several of these aliases then you could list them in a file
- along with the corresponding other addresses, and use lookups instead of
- the fixed values shown above.
-
-</P>
-<A NAME="SEC363" HREF="FAQ.html#TOC363">Q9816</A>: How can I set up Exim to work with Listar?
-
-
-<P>
-A9816: See <B><A HREF="http://www.cs.huji.ac.il/~vadik/listar-exim/.">http://www.cs.huji.ac.il/~vadik/listar-exim/.</A></B>
-
-</P>
-<A NAME="SEC364" HREF="FAQ.html#TOC364">Q9817</A>: I need to take copies of all incoming and outgoing mail for certain
- users. For each user there may be a different monitoring address.
-
-
-<P>
-A9817: You can adapt the filter solution given in
- <A HREF="FAQ.html#SEC357">Q9810</A> by adding a test for
- the relevant local parts. Create a file containing lines like this:
-
-</P>
-<PRE>
- user1@domain1: monitor1@monitor.domain1
- user2@domain2: monitor2@monitor.domain2</PRE>
-<P>
- and then use the following command in a system filter:
-
-</P>
-<PRE>
- if ${lookup{$sender_address}lsearch{/some/file}{$value}{}} is not ""
- then
- unseen deliver ${lookup{$sender_address}lsearch{/some/file}{$value}}
- errors_address = postmaster@your.domain
- else
- if foranyaddress $recipients
- (${lookup{$thisaddress}lsearch{/some/file}{$value}{}} is not "")
- then
- unseen deliver ${lookup{$thisaddress}lsearch{/some/file}{$value}}
- errors_address = postmaster@your.domain
- endif
- endif</PRE>
-<P>
- It is messy to have to repeat the lookups, but it won't be inefficient,
- because Exim caches the results of successful lookups.
-
-</P>
-<A NAME="SEC365" HREF="FAQ.html#TOC365">Q9818</A>: How can I add a disclaimer to the end of every message?
-
-
-<P>
-A9818: See
- <A HREF="FAQ.html#SEC265">Q1501</A>.
-
-</P>
-<A NAME="SEC366" HREF="FAQ.html#TOC366">Q9819</A>: I would like to append a simple advertisement text to all outgoing
- and local mails.
-
-
-<P>
-A9819: See
- <A HREF="FAQ.html#SEC265">Q1501</A>.
-
-</P>
-<A NAME="SEC367" HREF="FAQ.html#TOC367">Q9820</A>: How can I configure Exim so that all mails adressed to
- <B><B>something@username.domain.net</B></B> get delivered to <B>/var/spool/mail/username</B>?
-
-
-<P>
-A9820: There are several possibilities, depending on exactly how you are set
- up. Here is one approach: First, arrange that all the domains you are
- interested in are local domains, for example, by listing them in a file:
-
-</P>
-<PRE>
- local_domains = /list/of/domains</PRE>
-<P>
- If there are lots of them, a DBM or cdb file should be used for a faster
- lookup. Assuming that "username" is set up as a user on your system, and
- you have a configuration that can handle <B><B>username@domain.net</B></B> in the
- normal way, all you have to do is to arrange to convert the recipient
- address by means of a <B>smartuser</B> director like this:
-
-</P>
-<PRE>
- user_in_domain:
- driver = smartuser
- domains = /list/of/domains
- new_address = ${if match{$domain}{^([^.]+)\\.domain\\.net\$}{$1}fail}@domain.net</PRE>
-<P>
- This should be the first director.
-
-</P>
-<A NAME="SEC368" HREF="FAQ.html#TOC368">Q9821</A>: How do I get exim not to add a Sender: header to locally originated
- mail?
-
-
-<P>
-A9821: It only adds it if the From: header doesn't correspond to the user
- sending the message. From release 3.14 onwards, you can suppress this
- by setting <TT>no_local_from_check</TT>. Alternatively,
-
-</P>
-<P>
- (1) You can get it removed later, by putting
-
-</P>
-<PRE>
- headers_remove = Sender</PRE>
-<P>
- on all your transports. This doesn't test for locally originated mail,
- but you could use a more complicated expansion string to make that test.
- For example
-
-</P>
-<PRE>
- headers_remove = ${if eq{$sender_host_address}{}{Sender}}</PRE>
-<P>
- which removes it only if there is no sending host address.
-
-</P>
-<P>
- (2) If your <EM>real</EM> question "how do I submit mail from UUCP
- without it adding Sender:?" Then see
- <A HREF="FAQ.html#SEC185">Q0603</A>.
-
-</P>
-<A NAME="SEC369" HREF="FAQ.html#TOC369">Q9822</A>: How can I get Exim to work with mailman?
-
-
-<P>
-A9822: The configuration in <B><A HREF="http://www.exim.org/howto/mailman.html">http://www.exim.org/howto/mailman.html</A></B> was used for
- the Exim mailing list before it switched to SmartList.
-
-</P>
-<A NAME="SEC370" HREF="FAQ.html#TOC370">Q9823</A>: Is there any way to have messages sent to a specific local address
- delayed by - say - 24 hours?
-
-
-<P>
-A9823: Using Exim 3.10 or later, the answer is "yes". Set up a <B>smartuser</B>
- director like this:
-
-</P>
-<PRE>
- delay:
- driver = smartuser
- domains = the.domain
- local_parts = thelocalpart
- condition = ${if < ${$message_age}{86400}{yes}{no}}
- new_address = :defer: message not old enough</PRE>
-<P>
- Of course, this will also have the effect of setting a retry time for
- the address. You may want to set a special retry rule for it.
-
-</P>
-<A NAME="SEC371" HREF="FAQ.html#TOC371">Q9824</A>: I have a mailing list exploder on one host, and three other hosts where
- I want to do the actual deliveries from. How can I get Exim to split
- a message into groups of recipients between the three hosts?
-
-
-<P>
-A9824: Splitting into groups of recipients can be done by setting <TT>max_rcpt</TT> in
- the SMTP transport. Persuading Exim to spread the groups between three
- hosts is a little harder. Suppose you have 300 addresses, and <TT>max_rcpt</TT>
- is set to 100. One approach is to try <TT>hosts_randomize</TT> in a <B>domainlist</B>
- router, like this:
-
-</P>
-<PRE>
- split:
- driver = domainlist
- transport = remote_smtp
- hosts_randomize
- route_list = * hostA:hostB:hostC byname</PRE>
-<P>
- Unfortunately, this doesn't work quite as you might expect. There are
- six different permutations of the host list, and so if the randomizing
- works perfectly, Exim will end up with
-
-</P>
-<PRE>
- 50 addresses routed to hostA:hostB:hostC
- 50 addresses routed to hostA:hostC:hostB
- 50 addresses routed to hostB:hostC:hostA
- 50 addresses routed to hostB:hostA:hostC
- 50 addresses routed to hostC:hostA:hostB
- 50 addresses routed to hostC:hostB:hostA</PRE>
-<P>
- Although a total of 100 addresses have hostA as their first host, Exim
- will still send them in two separate SMTP calls, because it can only
- batch up addresses that have identical host lists. If hostA is down, it
- will send 50 of these to host B and 50 to host C. It will aways send six
- copies of the message.
-
-</P>
-<P>
- With only three hosts, this isn't a major problem, but if the number of
- hosts increases, it becomes more serious. If there are four delivery
- hosts, there are 24 different permuations, and with five hosts there are
- 120, so 120 messages are sent. When the hosts are not all of the same
- power, you might want to use a list like
-
-</P>
-<PRE>
- hostA:hostA:hostA:hostB:hostB:hostC</PRE>
-<P>
- to send more to hostA, and this makes the situation worse. There is,
- however, a way to solve this. Instead of putting the host list on the
- router, put it on the transport. The router just contains one host:
-
-</P>
-<PRE>
- split:
- driver = domainlist
- transport = special_smtp
- route_list = * hostA byname</PRE>
-<P>
- and the transport has the full list, set to override the router's host:
-
-</P>
-<PRE>
- special_smtp:
- driver = smtp
- hosts = hostA:hostA:hostA:hostB:hostB:hostC
- hosts_override
- hosts_randomize
- max_rcpt = 100</PRE>
-<P>
- Now all 300 addresses are routed to the same host, so they are sent to
- the transport 100 at a time. The transport overrides the router's host
- with its own list, which it randomizes each time. (This works only for
- releases of Exim after 3.16 - up to and including that release, there is
- a bug that prevents it re-randomizing for each group.) See also C040.
-
-</P>
-<BR><H2><A NAME="SEC372" HREF="FAQ.html#TOC372">99. LIST OF SAMPLE CONFIGURATIONS
-
-</A></H2>
-<P>
-Each sample configuration is held in a separate file in the <B>config.samples</B>
-directory. Those with names of the form Cnnn are Exim configurations; those
-with names of the form Fnnn are filter file fragments.
-
-</P>
-<P>
-C001: "This config will support delivery across multiple systems using NIS to
- look up delivery addresses from the <B>mail.aliases</B> database."
-
-</P>
-<P>
-C002: "Although exim not intended for use in UUCP environment (it doesn't
- know anything about bang!path addresses), I'm successfully using it for
- delivering mail to UUCP clients."
-
-</P>
-<P>
-C003: "I've read down through
- <A HREF="FAQ.html#SEC183">Q0601</A> and your request for UUCP examples. Here's
- how I'm doing it." (This example uses routers.)
-
-</P>
-<P>
-C004: "Here's a BSMTP over UUCP [configuration] - the transport is Taylor/GNU
- UUCP - which takes the long option types." (This example uses
- directors.)
-
-</P>
-<P>
-C005: "I am using a virus scanner program that is invoked by a pipe, scans the
- mail and re-invokes Exim to do the delivery. The pipe is invoking a perl
- script that tries to unpack and MIME, zip and other archives and then
- applies the McAfee scanner on the results."
-
-</P>
-<P>
-C006: "This is how I have configured a PP-inspired vacationnote, there is
- (was?) such a feature in PP. The user makes a file "tripnote" in his/her
- home directory, the message is passed to the sender once with a short
- leading text."
-
-</P>
-<P>
-C007: "If I host a domain <B>foo.dom</B> on my machine as a virtual domain I expect
- it to be completely virtual and separate from other mail domains that
- end up on my machine."
-
-</P>
-<P>
-C008: "And of course it is possible to do a very interesting solution to
- this [virtual domains] using LDAP."
-
-</P>
-<P>
-C009: "These are suggested parts of a configuration for looking up users in
- <B><B>/etc/passwd.domain</B></B> rather than in <B>/etc/passwd</B> ..."
-
-</P>
-<P>
-C010: "One of our customers is looking for us to support addresses of the form
- <B><B>username+extension@domain.com</B>,</B> primarily for use with procmail."
-
-</P>
-<P>
-C011: "Thanks to Philip and others I now have my ISP style config built and
- therefore am posting the final configuration fragments to the list in
- case anyone else wants to do a similar thing."
-
-</P>
-<P>
-C012: "I've written a small chapter how-to configure Exim for use with UUCP
- (mostly condensed from the exim-user mailing list plus some
- experimenting) and would be glad if it could be included in the Exim
- documentation."
-
-</P>
-<P>
-C013: "I've take some tips from the FAQ about permitting only certain users
- to send to external mail and came up with my own for the receiving
- part."
-
-</P>
-<P>
-C014: "If I have a situation where a site I MX for has a known outage I stash
- all their mail into a directory in BSMTP format."
-
-</P>
-<P>
-C015: "This approach to virtual domains has helped me a great deal, and is so
- easy to maintain (add and modify as appropriate)."
-
-</P>
-<P>
-C016: "Herewith my configuration." (A complete configuration, including simple
- virtual domains, along the lines of C015).
-
-</P>
-<P>
-C017: "I have gotten the new VERP feature of Exim 2.054 working in test, along
- with some supporting programs to handle bounces that do come back."
-
-</P>
-<P>
-C018: "This Majordomo configuration removes a lot of the aliases, and
- automates a lot of the other functions based on whether the files or
- directories exist."
-
-</P>
-<P>
-C019: "The following configuration file entries can be used to provide a
- 'vacation'-style function for a mailhub which has no local users."
-
-</P>
-<P>
-C020: "I was asked for a copy of the programs we were using to mail
- everybody."
-
-</P>
-<P>
-C021: "Here is some sample code that might be useful for handling
- X-Failed-Recipients headers generated by Exim, with mailing lists."
-
-</P>
-<P>
-C022: "This is the Exim configuration file of a machine which delivers mail to
- several local domains where the mail is delivered locally, several hairy
- domains, handled as described below, and a half-virtual domain, which is
- first processed by its special alias file, then processed as other local
- domains (including the processing by the global alias file)."
-
-</P>
-<P>
-C023: A Perl script and instructions for hooking it into Exim in order to
- handle disposition-notification-to and return-receipt-to by using a
- shadow transport to send copies of delivered messages to the script.
-
-</P>
-<P>
-C024: "In case anybody wants to use a MySql database to store aliases this is
- how I managed to get my site working."
-
-</P>
-<P>
-C025: "As promised here is the way I got Exim to delver to Cyrus mailboxes if
- the user exists in the MySql database."
-
-</P>
-<P>
-C026: "The following configuration and program will allow messages going to
- AOL only, to be filtered thru a Perl script. This Perl script will
- convert any URL's to the HTML syntax. In addition, the transport will
- use VERP to send a unique envelope sender with each message."
-
-</P>
-<P>
-C027: "This is an FYI to demonstrate how to have exim work with SSL using the
- stunnel wrapper and its underlying OpenSSL libraries and toolkit."
-
-</P>
-<P>
-C028: "This Python script reads from stdin and writes to stdout. It strips all
- the MIME attachments from a mail message that are one of the mime types
- listed on the command line. Exim can use it in its configuration file,
- for example, as follows:"
-
-</P>
-<P>
-C029: "The standard way to connect one's MTA to a list manager seems to be to
- add a set of aliases for <EM>every</EM> list one creates. Once upon a time, I
- crufted a set of configs from Smail to work with majordomo, to
- automaticaly recognize the standard patterns, for all lists in
- existence...I have setup a set of transports and directors for Exim,
- which will do the same thing for mailman."
-
-</P>
-<P>
-C030: "I am currently configuring an exim for a site that will to mail
- hosting for several domains. I want the domain holders to have control
- over 'their' alias files, being able to create their own aliases.
- However, I don't want them to have postmaster, abuse and other role
- accounts under their control."
-
-</P>
-<P>
-C031: "These are config file snippets for handling certain remote addresses as
- local, and making only real external addresses visible to users."
-
-</P>
-<P>
-C032: "This is the Exim Nervous Mailbox Quota Suite. It does not impose
- hard quotas on users' mailboxes, but it makes a user nervous by
- putting all his mail in a secondary mailbox, inaccessible to the
- user, when he is over his quota. When the user clears his
- mailbox (i.<B>e.,</B> deletes mail to make his mailbox below the quota
- again), mail from his secondary mailbox is transferred back to
- his primary mailbox, in FIFO order."
-
-</P>
-<P>
-C033: "Here's our current automatic vacation recipe".
-
-</P>
-<P>
-C034: "This is a HOW-TO for setting up Exim to support SMTP authentication
- under different environments, including regular password files, PAM
- and NIS."
-
-</P>
-<P>
-C035: "These configurations enable exim and hylafax <B>(www.hylafax.org)</B> work
- together, I mean sending fax by email <B><B>(user@123456.fax</B>)."</B>
-
-</P>
-<P>
-C036: "My aim was to have an LDAP-driven system for mail delivery."
-
-</P>
-<P>
-C037: An elegant way of using ETRN, which does immediate delivery if the host
- is online, but saves mail in a BSMTP file after some time on the queue.
- ETRN then re-injects the mail.
-
-</P>
-<P>
-C038: Amavis virus scanning: "Here ya go. This is the config we use... this
- box is our main MX host then relays it to our real server for delivery."
-
-</P>
-<P>
-C039: "For reference, this is how I got PAM authentication from a standard
- UNIX password database with Eudora 4.3 clients to work on a Debian 2.2
- (Intel) system. This configuration assumes that you are using standard
- UNIX crypt passwords; pam-pwdfile is NOT compatible with MD5 encrypted
- passwords."
-
-</P>
-<P>
-C040: "Exim 3.20 has a feature that allows a large mailing of a single message
- to be sent to many different relays. This is useful for mailing lists,
- as it allows the message to be relayed to multiple machines, in groups
- of 100 addresses, for final delivery."
-
-</P>
-<P>
-C041: "Attached you will find a plain text file where I explain how to set up
- mailman to use virtual environment (single setup for many domains)."
-
-</P>
-<P>
-F001: "I thought that the rest of the list may be interested in reviewing our
- filter as a starting point for their own system message filter."
-
-</P>
-<P>
-F002: "... program which refused mail from unknown addresses until they mailed
- me promising not to spam me ... since I'd already thought through how
- to do it in Exim, and knew it'd be slightly easier than falling out of
- bed, I went ahead and did it."
-
-</P>
-<P>
-F003: "Here's four checks installed in our system wide filter that knock out
- a lot of otherwise hard to detect rubbish."
-
-</P>
-<P>
-F004: "This is an Exim filter snippet to change locally-generated Message-Id:
- and Resent-Message-Id: headers to world-unique values."
-
-</P>
-<HR>
-
-</BODY>
-</HTML>
git://git.exim.org / exim-website.git / commitdiff