From 4bec300304fbfa4a6881b15145437ddaef530acd Mon Sep 17 00:00:00 2001 From: nigel Date: Mon, 22 May 2000 19:54:39 +0000 Subject: [PATCH 1/1] Initial revision --- .cvsignore | 3 + ChangeLog.html | 223 + FAQ.html | 7490 ++++++++++++++++++++++++++++++++ NewStuff.html | 115 + branding/branding.html | 15 + changelogs/ChangeLog-2.10.html | 417 ++ changelogs/ChangeLog-2.11.html | 112 + changelogs/ChangeLog-2.12.html | 61 + changelogs/ChangeLog-3.00.html | 297 ++ changelogs/ChangeLog-3.01.html | 27 + changelogs/ChangeLog-3.10.html | 660 +++ config.samples/C001 | 377 ++ config.samples/C002 | 67 + config.samples/C003 | 62 + config.samples/C004 | 55 + config.samples/C005 | 85 + config.samples/C006 | 40 + config.samples/C007 | 27 + config.samples/C008 | 147 + config.samples/C009 | 44 + config.samples/C010 | 119 + config.samples/C011 | 135 + config.samples/C012 | 89 + config.samples/C013 | 59 + config.samples/C014 | 53 + config.samples/C015 | 68 + config.samples/C016 | 264 ++ config.samples/C017 | 290 ++ config.samples/C018 | 148 + config.samples/C019 | 72 + config.samples/C020 | 270 ++ config.samples/C021 | 303 ++ config.samples/C022 | 12 + config.samples/C022.tar | Bin 0 -> 40960 bytes config.samples/C023 | 86 + config.samples/C024 | 24 + config.samples/C025 | 39 + config.samples/C026 | 104 + config.samples/C027 | 91 + config.samples/C028 | 102 + config.samples/C029 | 78 + config.samples/C030 | 55 + config.samples/C031 | 84 + config.samples/C032 | 15 + config.samples/C032.tar | Bin 0 -> 30720 bytes config.samples/C033 | 49 + config.samples/C034 | 199 + config.samples/F001 | 35 + config.samples/F002 | 98 + config.samples/F003 | 97 + config.samples/F004 | 71 + config.samples/README | 11 + credits.html | 78 + docs.html | 132 + home.html | 41 + howto/mailman.html | 192 + howto/old_rbl.html | 67 + howto/rbl.html | 91 + howto/relay.html | 71 + howto_mirror.html | 63 + images/dragonlogo.jpg | Bin 0 -> 6150 bytes images/esatnet.png | Bin 0 -> 2347 bytes images/exim.png | Bin 0 -> 634 bytes images/eximX.png | Bin 0 -> 35346 bytes images/eximXs.png | Bin 0 -> 3689 bytes images/invisible.xbm | 4 + images/mailman-large.jpg | Bin 0 -> 6150 bytes images/mailman.jpg | Bin 0 -> 2022 bytes images/marker.png | Bin 0 -> 452 bytes images/planico.png | Bin 0 -> 1266 bytes images/shore150.png | Bin 0 -> 2416 bytes index.html | 54 + intro.html | 236 + maillist.html | 34 + mirrors.html | 349 ++ overview.html | 972 +++++ robots.txt | 4 + statconf.txt | 2 + toc.html | 165 + toc_frame.html | 18 + version.html | 40 + y2k.html | 36 + 82 files changed, 16093 insertions(+) create mode 100644 .cvsignore create mode 100644 ChangeLog.html create mode 100644 FAQ.html create mode 100644 NewStuff.html create mode 100644 branding/branding.html create mode 100644 changelogs/ChangeLog-2.10.html create mode 100644 changelogs/ChangeLog-2.11.html create mode 100644 changelogs/ChangeLog-2.12.html create mode 100644 changelogs/ChangeLog-3.00.html create mode 100644 changelogs/ChangeLog-3.01.html create mode 100644 changelogs/ChangeLog-3.10.html create mode 100644 config.samples/C001 create mode 100644 config.samples/C002 create mode 100644 config.samples/C003 create mode 100644 config.samples/C004 create mode 100644 config.samples/C005 create mode 100644 config.samples/C006 create mode 100644 config.samples/C007 create mode 100644 config.samples/C008 create mode 100644 config.samples/C009 create mode 100644 config.samples/C010 create mode 100644 config.samples/C011 create mode 100644 config.samples/C012 create mode 100644 config.samples/C013 create mode 100644 config.samples/C014 create mode 100644 config.samples/C015 create mode 100644 config.samples/C016 create mode 100644 config.samples/C017 create mode 100644 config.samples/C018 create mode 100644 config.samples/C019 create mode 100644 config.samples/C020 create mode 100644 config.samples/C021 create mode 100644 config.samples/C022 create mode 100644 config.samples/C022.tar create mode 100644 config.samples/C023 create mode 100644 config.samples/C024 create mode 100644 config.samples/C025 create mode 100644 config.samples/C026 create mode 100644 config.samples/C027 create mode 100644 config.samples/C028 create mode 100644 config.samples/C029 create mode 100644 config.samples/C030 create mode 100644 config.samples/C031 create mode 100644 config.samples/C032 create mode 100644 config.samples/C032.tar create mode 100644 config.samples/C033 create mode 100644 config.samples/C034 create mode 100644 config.samples/F001 create mode 100644 config.samples/F002 create mode 100644 config.samples/F003 create mode 100644 config.samples/F004 create mode 100644 config.samples/README create mode 100644 credits.html create mode 100644 docs.html create mode 100644 home.html create mode 100644 howto/mailman.html create mode 100644 howto/old_rbl.html create mode 100644 howto/rbl.html create mode 100644 howto/relay.html create mode 100644 howto_mirror.html create mode 100644 images/dragonlogo.jpg create mode 100644 images/esatnet.png create mode 100644 images/exim.png create mode 100644 images/eximX.png create mode 100644 images/eximXs.png create mode 100644 images/invisible.xbm create mode 100644 images/mailman-large.jpg create mode 100644 images/mailman.jpg create mode 100644 images/marker.png create mode 100644 images/planico.png create mode 100644 images/shore150.png create mode 100644 index.html create mode 100644 intro.html create mode 100644 maillist.html create mode 100644 mirrors.html create mode 100644 overview.html create mode 100644 robots.txt create mode 100644 statconf.txt create mode 100644 toc.html create mode 100644 toc_frame.html create mode 100644 version.html create mode 100644 y2k.html diff --git a/.cvsignore b/.cvsignore new file mode 100644 index 0000000..ecae4b8 --- /dev/null +++ b/.cvsignore @@ -0,0 +1,3 @@ +.mirror +ftp +exim-html-* diff --git a/ChangeLog.html b/ChangeLog.html new file mode 100644 index 0000000..eaecd19 --- /dev/null +++ b/ChangeLog.html @@ -0,0 +1,223 @@ + + + + exim Web Pages ChangeLog + + + + +

exim Web Pages ChangeLog

+

Changes to these pages are detailed in reverse chronological + order

+ +
+

Sunday January 9th, 2000

+ + +
+

Sunday November 28th, 1999

+ + +
+

Sunday November 14th, 1999

+ + +

Sunday October 10th, 1999

+ + +
+

Sunday July 11th, 1999

+ + +
+

Thursday June 24th, 1999

+ + +
+

Wednesday June 2nd, 1999

+ + +
+

Tuesday May 25th, 1999

+ + +
+

Monday May 24th, 1999

+ + +
+

Sunday May 16th, 1999

+ + +
+

Thursday February 18th, 1999

+ + +
+

Tuesday November 3rd, 1998

+ + +
+

Monday July 13th, 1998

+ + +
+

Thursday April 2nd, 1998

+ + +
+

Tuesday March 31st, 1998

+ + +
+

Tuesday December 8th, 1997

+ + +
+

Monday October 27th, 1997

+ + +
+

Wednesday September 10th, 1997

+ + +
+

Tuesday September 2nd, 1997

+ + +
+

Thursday August 28th, 1997

+ + +
+

Tuesday August 26th, 1997

+ + +
+

Monday August 25th, 1997

+ + +
+

Friday April 18th, 1997

+ + +
+

Thursday April 17th, 1997

+ + +
+

Wednesday Feb 16th, 1997

+ + +
+

Thursday Feb 13th, 1997

+ + +
+

Monday Jan 20th, 1997

+ + +
+

Monday Jan 13th, 1997

+ + +
+
Nigel Metheringham
+ +

$Id: ChangeLog.html,v 1.13 2000/04/09 22:02:32 nigel Exp $

+ + diff --git a/FAQ.html b/FAQ.html new file mode 100644 index 0000000..d107171 --- /dev/null +++ b/FAQ.html @@ -0,0 +1,7490 @@ + + +Exim FAQ + + +

Exim FAQ

+

+This is the FAQ for the Exim Mail Transfer Agent. Thanks to the many +people who provided the original information. This file would be amazingly +cluttered if I tried to list them all. Suggestions for corrections, +improvements, and additions are welcome. + +

+

+This version of the FAQ applies to Exim 3.10 and later releases. The syntax of +some of the options was altered and tidied up at release 3.00. Some of the +examples quoted here will not work with earlier releases. + +

+

+References of the form Cnnn and Fnnn are to the sample configuration and filter +files that can be found in the separately distributed directory called +config.samples. The primary location is + +

+
+   ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/config.samples.tar.gz
+

+There are brief descriptions of these files at the end of this document. + +

+The FAQ is divided into the following sections: +Debugging, +Building exim, +Mailbox locking, +Routing, +Directing, +Delivery, +UUCP, +Performance, +Policy controls, +Majordomo, +Rewriting, +Headers, +Fetchmail, +Perl, +Dial-up, +Millennium, +Miscellaneous, +HP-UX, +BSDI, +IRIX, +Linux, +Sun systems, +Cookbook, and +List of sample configurations. +

+Philip Hazel <ph10@cus.cam.ac.uk>
+Last updated: 15-December-1999 + +

+

+0. DEBUGGING + + +1. BUILDING EXIM + + +2. MAILBOX LOCKING + + +3. ROUTING + + +4. DIRECTING + + +5. DELIVERY + + +6. UUCP + + +7. PERFORMANCE + + +8. POLICY CONTROLS + + +9. MAJORDOMO + + +10. REWRITING + + +11. HEADERS + + +12. FETCHMAIL + + +13. PERL + + +14. DIAL-UP + + +20. MILLENNIUM + + +50. MISCELLANEOUS + + +93. HP-UX + + +94. BSDI + + +95. IRIX + + +96. LINUX + + +97. SUN SYSTEMS + + +98. COOKBOOK + + +99. LIST OF SAMPLE CONFIGURATIONS + +

0. DEBUGGING + +

+Q0001: Exim is crashing. What is wrong? + + +

+A0001: Exim should never crash. The author is always keen to know about + crashes, so that they can be diagnosed and fixed. However, before you + start sending email, please check that you are running the latest + release of Exim, in case the problem has already been fixed. The + techniques described below can also be useful in trying to pin down + exactly which circumstances caused the crash and what Exim was trying to + do at the time. If the crash is reproducable (by a particular message, + say) keep a copy of that message. If there is a core file (in Exim's + spool directory), see if you can get any information from it. + +

+

+ One thing that has caused crashes in the past has been incorrectly + installed DB libraries. In particular, if you are running any version of + Berkeley db, it is best to set USE_DB=yes in Local/Makefile before + building Exim. This then avoids the use of the "ndbm compatibility + interface" via the ndbm.h include file, which has been found to be + incorrect on some systems. If you have already built Exim, you can just + edit Local/Makefile and run make again to rebuild. Before restarting + Exim, delete any existing database files in the spool/db directory. + +

+Q0002: Exim is not working. What is wrong? + + +

+A0002: Exactly how is it not working? Check the more specific questions in the + other sections of this FAQ. Some general techniques for debugging are: + +

+

+ 1. Look for information in Exim's log files. These are in the "log" + directory in Exim's spool directory, unless you have configured a + different path for them. Serious operational problems are reported + in paniclog. + +

+

+ 2. If the problem involves the delivery of one or more messages, try + forcing a delivery with the -d option, to cause Exim to output + debugging information. For example: + +

+
+            exim -d -M 0z6CXU-0005RR-00
+

+ On its own, -d produces a small amount of information. Following it + with a number increases the amount given: -d9 gives the maximum + amount of general information; -d10 gives in addition details of the + interpretation of filter files, and -d11 or higher also turns on the + debugging option for DNS lookups. The output is written to the + standard error stream. + +

+

+ 3. If the problem involves incoming SMTP mail, try using the -bh option + to simulate an incoming connection from a specific host, for example: + +

+
+            exim -bh 10.9.8.7
+

+ This goes through the motions of an SMTP session, without actually + accepting a message. Information about various policy checks is + output. You will need to know how to pretend to be an SMTP client. + +

+

+ 4. If the problem involves lack of recognition or incorrect handling + of local addresses, try using the -bt option with debugging turned + on, to see how Exim is handling the address. For example, + +

+
+            exim -d2 -bt z6abc
+

+ will show you how it would handle the local part "z6abc". Increase + the debug level to -d9 for more information. + +

+Q0003: What does the error "Child process of address_pipe transport returned + 69 from command xxx" mean? + + +

+A0003: The most common meaning of exit code 69 is "unavailable", and this often + means that when Exim tried to exec the command xxx, it failed. One + cause of this might be incorrect permissions on the file containing the + command. + +

+Q0004: My virtual domain setup isn't working. How can I debug it? + + +

+A0004: You can use an exim command with -d (or -d2, -d3 ... -d9) to get it to + show you how it is processing addresses. You don't actually need to send + a message; use the -bt option like this: + +

+
+         exim -d2 -bt localpart@virtualhost
+

+ This will show you which directors it is using. If the problem appears + to be with the expansion of an option setting, you can use the + debug_print option on a director (or router) to get Exim to output the + expanded string values as it goes along. + +

+Q0005: Why is Exim giving "421 Unexpected log failure, please try later" when + receiving an SMTP message with a large number of recipients? + + +

+A0005: You are verifying recipients, and your configuration is one that does a + different lookup of some sort for each recipient. Exim keeps lookup + files open, in case there are several lookups in the same file. Versions + of Exim prior to 2.10 did not limit the number of open files used for + this purpose, and your operating system's maximum per process has been + reached. Exim is trying to log the failure to open a file, but cannot + open the log file, for the same reason. If upgrading Exim is not + immediately possible, you might be able to increase your operating + system's maximum number of open files per process. + +

+Q0006: Why is Exim not rejecting incoming messages addressed to non-existent + users at SMTP time? + + +

+A0006: Have you remembered to set receiver_verify? It is not the default. + +

+Q0007: I've put an entry for *.my.domain in a DBM lookup file, but it isn't + getting recognized. + + +

+A0007: You need to request "partial matching" by setting the search type to + "partial-dbm" in order for this to work. + +

+Q0008: I've put the entry *@domain.com in a lookup database, but it isn't + working. The expansion I'm using is: + + +
+         ${lookup{${lc:$sender_address}}dbm{/the/file} ...
+

+A0008: As no sender address will ever be *@domain.com this will indeed have + no effect as it stands. You need to tell Exim if you want it to look for + defaults after the normal lookup has failed. In this case, change the + search type from "dbm" to "dbm*@". See the section on "Default values in + single-key lookups" in the chapter entitled "File and database lookups". + +

+Q0009: Is there a way to print recognized local domains? + + +

+A0009: If you run "exim -bP local_domains" it will output the string that is + set, but it won't print the contents of any files that are referenced. + +

+Q0010: If I run "./exim -d9 -bt user@domain" all seems well, but when I send a + message from my User Agent, it does not arrive at its destination. + + +

+A0010: Try sending a message directly to Exim by typing this: + +

+
+         exim -d9 user@domain
+         <some message, could be empty>
+         .
+

+ If the message gets delivered to a remote host, but never arrives at its + final destination, then the problem is at the remote host. If, however, + the message gets through correctly, then the problem may be between your + User Agent and Exim. Try setting Exim's log_arguments option, to see + with which arguments the UA is calling Exim. + +

+Q0011: I am getting this message in mainlog every so often: "no immediate + delivery: too many connections (19, max 0)". What am I missing? + + +

+A0011: A current release of Exim. :-) The message you are getting is the wrong + message. What it should be saying is "too many messages received in one + SMTP connection" (see next question). This bug was fixed in release + 2.051. + +

+Q0012: What does "no immediate delivery: too many messages received in one SMTP + connection" mean? + + +

+A0012: An SMTP client may send any number of messages down a single SMTP + connection to a server. Initially, an Exim server starts up a delivery + process as soon as a message is received. However, in order not to start + up too many processes when lots of messages are arriving (typically + after a period of downtime), it stops doing immediate delivery after a + certain number of messages have arrived down the same connection. The + threshold is set by smtp_accept_queue_per_connection, and the default + value is 10. On large systems, the value should be increased. If you are + running a dial-in host and expecting to get all your mail down a single + SMTP connection, then you can disable the limit altogether by setting + the value to zero. + +

+Q0013: Exim puts "for <address>" in the Received: headers of some, but not all, + messages. Is this a bug? + + +

+A0013: No. It is deliberate. Exim inserts a "for" phrase only if the incoming + message has precisely one recipient. If there is more than one + recipient, nothing is inserted. The reason for this is that not all + recipients appear in the To: or Cc: headers, and it is considered a + breach of privacy to expose such recipients to the others. A common + case is when a message has come from a mailing list. + +

+Q0014: Instead of exim_dbmbuild, I'm using a homegrown program to build DBM + (or cdb) files, but Exim doesn't seem to be able to use them. + + +

+A0014: Exim expects there to be a binary zero value on the end of each key used + in a DBM file if you use the "dbm" lookup type, but not for the "dbmnz" + lookup type or for the keys of a cdb file. Check that you haven't + slipped up in this regard. + +

+Q0015: Exim is unable to route to any remote domains. It doesn't seen to be + able to access the DNS. + + +

+A0015: Try running "exim -d11 -bt <remote address>". The -d11 will make it show + the resolver queries it is building and the results of its DNS queries. + If it appears unable to contact any nameservers, check the contents and + permissions of /etc/resolv.conf. + +

+Q0016: I'm using ETRN to run a script that checks things and doesn't always + end up running "exim -R". However, after it has run once, subsequent + attempts fail with "458 Already processing". + + +

+A0016: Set no_smtp_etrn_serialize. + +

+Q0017: What does the error message "transport system_aliases: cannot find + transport driver "aliasfile" in line 92" mean? + + +

+A0017: "aliasfile" is a director, not a transport. You have put a configuration + for a director into the transports section of the configuration file. + +

+Q0018: Exim is timing out after receiving and responding to the DATA command + from one particular host, and yet the client host also claims to be + timing out. This seems to affect only certain messages. + + +

+A0018: (A) This problem has been seen with a network that was dropping all + packets over a certain size, which mean that the first part of the SMTP + transaction worked, but when the body of a large message started + flowing, the main data bits never got through the network. See also + + Q0021. + +

+

+ (B) This can also happen if a machine has a broken TCP stack and won't + reassemble fragmented datagrams. + +

+

+ (C) A very few ISDN lines have been seen which failed when certain data + patterns were sent through them, and replacing the routers at both end + of the link did not fix things. One of them was triggered by more than 4 + X's in a row in the data. + +

+Q0019: What does the message "Socket bind() to port 25 for address (any) + failed: address already in use" mean? + + +

+A0019: You are trying to run an Exim daemon when there is one already running - + or maybe some other MTA is running, or perhaps you have an SMTP line in + /etc/inetd.conf which is causing inetd to listen on port 25. + +

+Q0020: I've set headers_check_syntax, but this causes Exim to complain about + headers like "To: Work: Jim <jims@email>, Home: Bob <bobs@email>" which + look all right to me. Is this a bug? + + +

+A0020: No. Header lines such as From:, To:, etc., which contain addresses, are + structured, and have to be in a specific format which is defined in RFC + 822. Unquoted colons are not allowed in the "phrase" part of an email + address (they are OK in other headers such as Subject:). The correct + form for that header is + +

+
+         To: "Work: Jim" <jims@email>, "Home: Bob" <bobs@email>
+

+ You will sometimes see unquoted colons in To: and Cc: headers, but only + in connection with name lists (called "groups"), for example: + +

+
+         To: My friends: X <x@y.x>, Y <y@w.z>;,
+             My enemies: A <a@b.c>, B <b@c.d>;
+

+ Each list must be terminated by a semicolon, as shown. + +

+Q0021: Whenever Exim tries to deliver a specific message to a particular + server, it fails, giving the error "Remote end closed connection after + data" or "Broken pipe" or a timeout. What's going on? + + +

+A0021: "Broken pipe" is the error you get on some OS when the far end just + drops the connection. The alternative is "connection reset by peer". + +

+

+ (A) There are some firewalls that fall over on \0 characters in the + mail. Have a look, e.g. with hexdump -c mymail | tail to see if your + mail contains any binary zero characters. + +

+

+ (B) There are broken SMTP servers around that just drop the connection + after the data has been sent if they don't like the message for some + reason (e.g. it is too big) instead of sending a 5xx error code. Have + you tried sending a small message to the same address? + +

+

+ (C) If the problem occurs right at the start of the mail, then it could + be a network problem with mishandling of large packets. Many emails are + small and thus appear to propagate correctly, but big emails will + generate big IP datagrams. + +

+

+ There have been problems when something in the middle of the network + mishandles large packets due to IP tunnelling. In a tunnelled link, your + IP datagrams gets wrapped in a larger datagram and sent over a network. + This is how virtual private networks (VPNs), and some ISP's transit + circuits work. Since the datagrams going over the tunnel require a + larger packet size, the tunnel needs a bigger maximum transfer unit + (MTU) in the network handling the tunnelled packets. However, MTUs + are often fixed, so the tunnel will try to fragment the packets. + +

+

+ If the systems outside the tunnel are using MTU path discovery, (most + Sun Sparc Solaris machines do by default), and set the DF (don't + fragment) bit because they don't send packets larger than their local + MTU, then ICMP control messages will be sent by the routers at the + ends of the tunnel to tell them to reduce their MTU, since the tunnel + can't fragment the data, and has to throw it away. If this mechanism + stops working, e.g. a firewall blocks ICMP, then your host never + knows it has hit the maximum path MTU, but it has received no ACK on + the packet either, so it continues to resend the same packet and the + connection stalls, eventually timing out. + +

+

+ You can test the link using pings of large packets and see what works: + +

+
+   	 ping -s host 2048
+

+ Try reducing the MTU on the sending host: + +

+
+   	 ifconfig le0 mtu 1300
+

+ Alternatively, you can reduce the size of the buffer Exim uses for SMTP + output by putting something like + +

+
+         DELIVER_OUT_BUFFER_SIZE=512
+

+ in your Local/Makefile and rebuilding Exim (the default is 8192). + +

+Q0022: Why do messages not get delivered down the same connection when I do + something like: exim -v -R @aol.com ? For other domains, I do this and + I see the appropriate "waiting for passed connections to get used" + messages. + + +

+A0022: Recall that Exim does not keep separate queues for each domain, but + operates in a distributed fashion. Messages get into its "waiting for + host x" hints database only when a delivery has been tried, and has had + a temporary error. Here are some possibilities: + +

+

+ (1) The messages to aol.com got put in your queue, but no previous + delivery attempt occured before you did the -R. This might have been + because of your settings of queue_only_load, smtp_accept_queue, or any + other option that caused no immediate delivery attempt on arrival. If + this is the case, you can try using -qqR instead of -R. + +

+

+ (2) You have set batch_max on the smtp transport, and that limit was + reached. This would show as a sequence of n messages down one + connection, then another n down a new connection, etc. + +

+

+ (3) Exim tried to pass on the SMTP connection to another message, but + that message was in the process of being delivered to aol.com by some + other process (typically, a normal queue runner). This will break the + sequence, though the other delivery should pass its connection on to + other messages if there are any. + +

+

+ (4) The folk at aol.com changed the MX records so the host names have + changed - or a new host has been added. I don't know how likely this is. + +

+

+ (5) Exim is not performing as it should in this regard, for some reason. + Next time you have mail queued up for aol.com, try running + +

+
+         exim_dumpdb /var/spool/exim wait-remote_smtp
+

+ to see if those messages are listed among those waiting for the relevant + aol.com hosts. + +

+Q0023: What does the error "SEGV while reading ... from dbm file: record + assumed not to exist" mean? + + +

+A0023: A crash is occuring when Exim calls your DBM library in order to read a + record from one of its hints files. This kind of problem can be related + to incorrectly installed DBM libraries. If you are using Slackware 3.6, + the problem is that libgdbm is incorrectly installed on that system, and + you will need to re-install it from source. + +

+Q0024: There seems to be a problem in the string expansion code: it doesn't + recognize references to headers such as ${h_to}. + + +

+A0024: The only valid syntax for header references is (for example) $h_to: + because header names are permitted by RFC 822 to contain a very wide + range of characters. A colon (or white space) is required as the + terminator. + +

+Q0025: Exim is timing out after sending the a message's data to one particular + host, and yet the remote host also claims to be timing out. This seems + to affect only certain messages. + + +

+A0025: See + Q0018. + +

+Q0026: When the Exim daemon forks a copy of itself to handle an incoming SMTP + request, the forked copy seems to go around in circles for a + significant (up to 5 minutes, so far) amount of time before deciding to + accept the message. + + +

+A0026: These kinds of delay are usually caused by some kind of network problem + that affects outgoing calls made by Exim at the start of an incoming + message. Configuration options that cause outgoing calls are: + +

+

+ (1) rfc1413_query_hosts and rfc1413_query_timeout (for ident calls); + firewalls sometimes block ident calls, which can lead to this + problem. + +

+

+ (2) rbl_domains and rbl_hosts. + +

+

+ (3) host_lookup and any other options that require the remote host's + name to be looked up from its IP address. + +

+

+ You can use the -bh option to get more information about what is + happening at the start of a connection. + +

+Q0027: What does "failed to create child process to send failure message" mean? + This is a busy mail server with smtp_accept_max set to 500, but this + problem started to occur at about 300 incoming connections. + + +

+A0027: Some message delivery failed, and when Exim wanted to send a bounce + message, it was unable to create a process in which to do so. Probably + the limit on the maximum number of simultaneously active processes has + been reached. Most OS have some means of increasing this limit, and in + some operating systems there is also a limit per uid which can be + varied. + +

+Q0028: What does "<message filter> transporting defer (-1): No transport set + by director" in a log line mean? + + +

+A0028: Your system filter contains a "save" command, but you have not set + message_filter_file_transport. + +

+Q0029: Why is Exim refusing to relay, saying "failed to find host name from IP + address" when I have the sender's IP address in host_accept_relay? My + configuration contains this: + + +
+         host_accept_relay = "lsearch;/etc/mail/relaydomains:192.168.96.0/24"
+

+A0029: When checking host_accept_relay, the items are tested in left-to-right + order. The first item in your list is a lookup on the incoming host's + name, so Exim has to determine the name from the incoming IP address in + order to perform the test. If it can't find the host name, it can't do + the check, so it gives up. The solution is to put all explicit IP + addresses first in the list. You would have discovered what was going + on if you had run a test such as + +

+
+         exim -bh 192.168.96.131
+Q0030: When I run "exim -bd -q10m" I get "PANIC LOG: exec of exim -q failed". + + +

+A0030: This probably means that Exim doesn't know its own path so it can't + re-exec itself to do the first queue run. Check the output of + +

+
+         exim -bP exim_path
+Q0031: Why do connections to my machine's SMTP port take a long time to respond + with the banner, when connections to other ports respond instantly? + + +

+A0031: See + Q0026. + +

+Q0032: I can't seem to get a pipe command to run when I include a ${if + expansion in it. This fails: + + +
+         command = "perl -T /usr/local/rt/bin/rtmux.pl \
+                      rt-mailgate helpdesk \
+                      ${if eq {$local_part}{rt} {correspond}{action}}"
+

+A0032: You need some internal quoting in there. Exim expands each individual + argument separately. Because you have (necessarily) got spaces in your + ${if item, you have to quote that argument. Try + +

+
+         command = "perl -T /usr/local/rt/bin/rtmux.pl \
+                      rt-mailgate helpdesk \
+                      \"${if eq {$local_part}{rt} {correspond}{action}}\""
+Q0033: I'm trying to get Exim to connect an alias to a pipe, but it always + gives error code 69, with the comment "(could mean service or program + unavailable)". + + +

+A0033: If your alias entry looks like this: + +

+
+         alias:  |"/some/command some parameters"
+

+ change it to look like this: + +

+
+         alias:  "|/some/command some parameters"
+Q0034: I'm having a problem with an Exim RPM. + + +

+A0034: See + Q9606. + +

+Q0035: What does the error "Spool file is locked" mean? + + +

+A0035: This is not an error[*]. All it means is that when an Exim delivery + process (probably started by a queue runner process) looked at a message + in order to start delivering it, it found that another Exim process was + already busy delivering it. On a busy system this is quite a common + occurrence. If you set log_level less than 5, these messages are omitted + from the log. + +

+

+ [*] The only time when this message might indicate a problem is if it is + repeated for the same message for a very long time - say more than a few + hours. That would suggest that the process that is delivering the + message has somehow got stuck. + +

+

1. BUILDING EXIM + +

+Q0101: I get the error "conflicting types" when Exim is building the libident + library. + + +

+A0101: The problem is that libident assumes "struct timeval" refers to + DST_NONE, and so it tries to avoid using this structure when DST_NONE + isn't defined. Unfortunately it doesn't make this change everywhere it + should, and so it blows up. The problem has been seen on NetBSD and + some versions of the Linux C library. An easy, albeit not particularly + neat, fix is to add -DDST_NONE to LIBIDENTCFLAGS for systems that are + afflicted like this - there's not a lot else you can do without + modifying libident. The value of DST_NONE is never used, so defining it + to be empty should be harmless. + +

+Q0102: When I ran make I got the error "undefined reference to dbopen". + + +

+A0102: Either: + +

+

+ (A) This means you (or the default configuration for your operating + system) have configured Exim to use Berkeley DB version 1.xx + and it has not been given access to the DB library (where dbopen + should be found). You may need something like DBMLIB=-ldb in + Local/Makefile. Berkeley DB is one of several alternative DBM + libraries that Exim can make use of. For a discussion of DBM issues, + see the file doc/dbm.discuss.txt in the Exim distribution. + +

+

+ (B) You are running on a version of Linux which has a problem in its + libraries. This effect isn't fully understood. It has been seen with + the libraries used in Caldera OpenLinux Base 1.1. + +

+Q0103: I can't get Exim to compile with Berkeley DB version 2.x. + + +

+A0103: Have you set USE_DB=yes in Local/Makefile? This causes Exim to use the + native interface to the DBM library instead of the compatibility + interface, which needs a header called ndbm.h that may not exist on your + system. + +

+Q0104: I'm getting an "undefined symbol" error for hosts_ctl when I try to + build Exim. (On some systems this error is "undefined reference to + 'hosts_ctl'".) + + +

+A0104: You should either remove the definition of USE_TCP_WRAPPERS or add + -lwrap to your EXTRALIBS setting in Local/Makefile. + +

+Q0105: I'm about to upgrade to a new Exim release. Do I need to ensure the + spool is empty, or take any other special action? + + +

+A0105: If you are changing to release 3.00 or later from a release prior to + 3.00, you will probably need to make changes to the runtime + configuration file. See README.UPDATING for details. Otherwise, you + do not need to take special action. New releases are made backwards + compatible with old spool files and "hints" databases so that upgrading + can be done on a running system. All that should be necessary is to + install a new binary and then HUP the daemon if you are running one. + +

+Q0106: What does the error "install-info: command not found" mean? + + +

+A0106: You have set INFO_DIRECTORY in your Local/Makefile, and Exim is trying + to install the Texinfo documentation, but cannot find the command called + install-info. If you have a version of Texinfo prior to 3.9, you + should upgrade. Otherwise, check your installation of Texinfo to see why + the install-info command is not available. + +

+Q0107: Exim doesn't seem to be recognizing my operating system type correctly, + and so is failing to build. + + +

+A0107: Run the command "scripts/os-type -generic". The output should be one of + the known OS types, and should correspond to your operating system. You + can see which OS are supported by obeying "ls OS/Makefile-*" and looking + at the file name suffixes. + +

+

+ If there is a discrepancy, it means that the script is failing to + interpret the output from the "uname" command correctly, or that the + output is wrong. Meanwhile, you can build Exim by obeying + +

+
+         EXIM_OSTYPE=xxxx make
+

+ instead of just make, provided you are running a Bourne-compatible + shell, or otherwise by setting EXIM_OSTYPE correctly in your + environment. It is probably best to start again from a clean + distribution, to avoid any wreckage left over from the failed attempt. + +

+Q0108: I am getting an error "`exim' undeclared here" when I compile, in the + globals.c module. + + +

+A0108: You have set EXIM_UID = exim in your Local/Makefile. Unfortunately, + named uids are not permitted here; you must give a numerical uid. + However, in the runtime configure file names are permitted. + +

+Q0109: Exim fails to build, complaining about the absence of the "killpg" + function. + + +

+A0109: This function should be present in all modern flavours of Unix. If you + are using an older version, you should be able to get round the problem + by inserting + +

+
+         #define killpg(pgid,sig)   kill(-(pgid),sig)
+

+ into the file called OS/os.h-xxx, where xxx identifies your operating + system, and is the output of the command "scripts/os-type -generic". + +

+Q0110: I'm getting an unresolved symbol ldap_is_ldap_url when trying to build + Exim. + + +

+A0110: You must have specified LOOKUP_LDAP=yes in the configuration. Have you + remembered to set -lldap somewhere (e.g. in LOOKUP_LIBS)? You need that + in order to get the LDAP scanned when linking. + +

+

2. MAILBOX LOCKING + +

+Q0201: Why do I get the error "Permission denied: creating lock file hitching + post" when Exim tries to do a local delivery? + + +

+A0201: Your configuration specifies that local mailboxes are all held in + single directory, via configuration lines like these (taken from the + default configuration): + +

+
+         local_delivery:
+           driver = appendfile
+           file = /var/mail/${local_part}
+

+ and the permissions on the directory probably look like this: + +

+
+         drwxrwxr-x   3 root     mail         512 Jul  9 13:48 /var/mail/
+

+ Using the default configuration, Exim runs as the local user when doing + a local delivery, and it uses a lock file to prevent any other process + from updating the mailbox while it is writing to it. With those + permissions the delivery process, running as the user, is unable to + create a lock file in the /var/mail directory. There are two solutions + to this problem: + +

+

+ (A) Set the "write" and "sticky bit" permissions on the directory, so + that it looks like this: + +

+
+             drwxrwxrwt   3 root     mail         512 Jul  9 13:48 /var/mail/
+

+ The "w" allows any user to create new files in the directory, but + the "t" bit means that only the creator of a file is able to remove + it. This is the same setting as is normally used with the /tmp + directory. + +

+

+ (B) Arrange to run the local_delivery transport under a specific group + by changing the configuration to read + +

+
+             local_delivery:
+               driver = appendfile
+               file = /var/mail/${local_part}
+               group = mail
+

+ The delivery process still runs under the user's uid, but with the + group set to "mail". The group permission on the directory allows + the process to create and remove the lock file. + +

+

+ The choice between (A) and (B) is up to the administrator. If the + second solution is used, users can empty their mailboxes by updating + them, but cannot delete them. + +

+

+ If your problem involves mail to root, see also + Q0507. + +

+Q0202: I am experiencing mailbox locking problems with Sun's mailtool used + over a network. + + +

+A0202: See + A9705 in the Sun-specific section below. + +

+

3. ROUTING + +

+Q0301: What does "lowest numbered MX record points to local host" mean? + + +

+A0301: It means exactly what it says. Exim has tried to route a domain that it + thinks is not local, and when it looked it up in the DNS, the lowest + numbered MX record pointed at the local host. + +

+

+ (A) If the domain is meant to be handled as a local domain, then there + is a problem with the setting of the local_domains configuration + option. If you have not set this, then only the name of the local + host is treated as a local domain. If, for example, your host is + called myhost.mydomain.com and you want it to handle mail for the + domain mydomain.com as well as for its own name, you must set + +

+
+             local_domains = myhost.mydomain.com:mydomain.com
+

+ or, if you want to be more general, you could use + +

+
+             local_domains = *.mydomain.com:mydomain.com
+

+ If you have a large number of individual local domains, you should + investigate storing them in a file and setting local_domains to do a + lookup. + +

+

+ All the domains in local_domains are treated as synonymous by + default. If you want to specify different handling for different + domains, you can either use domains options, to restrict certain + directors to certain domains, or use the $domain expansion variable + in director options to vary the value according to the domain, for + example, setting the name of an alias file to /etc/aliases/$domain. + +

+

+ (B) If the domain is one for which the local host is providing a + forwarding service (called "mail hubbing"), possibly as part of a + firewall, then you need to set up a router to tell Exim where to + send messages addressed to this domain, since the DNS directs them + to the local host. The routers section of your configuration file + should look something like this: + +

+
+             hubbed_hosts:
+               driver = domainlist
+               transport = remote_smtp
+               route_list = see discussion below
+
+             other_hosts:
+               driver = lookuphost
+               transport = remote_smtp
+

+ Note that the domainlist router must come first so that it can pick + off a hubbed host before it gets to the lookuphost router. The + contents of the route_list option depend on how many hosts you are + hubbing for, and how their names are related to the domain name. + Suppose the local host is a firewall, and all the domains in + *.foo.bar have MX records pointing to it, and each domain + corresponds to a host of the same name. Then the setting could be + +

+
+             route_list = "*.foo.bar $domain byname"
+

+ If there isn't a convenient relationship between the domain names + and the host names, then you either have to list each domain + separately, or use a lookup expansion to look up the host from the + domain, or put the routing information in a file and use the + route_file option. + +

+

+ (C) If neither (A) nor (B) is the case, then the lowest numbered MX + record for the domain should not be pointing to your host. You + should arrange to get the DNS mended. + +

+Q0302: How do I configure Exim to send all non-local mail to a gateway host? + + +

+A0302: Replace the lookuphost router in the default configuration with the + following: + +

+
+         send_to_gateway:
+           driver = domainlist
+           transport = remote_smtp
+           route_list = "* gate.way.host byname"
+

+ This uses gethostbyname() to find the gateway's IP address. You could + alternatively have "bydns" to do a DNS lookup with MX handling, in which + case "gate.way.host" is really being treated as a mail domain name + rather than a host name. If there are several hosts you can send to, + you can specify them as a colon-separated list. See also + Q0325 and + Q0402. + +

+Q0303: How do I configure Exim to send all non-local mail to a central server + if it cannot be immediately delivered by my host? I don't want to have + queued mail waiting on my host. + + +

+A0303: Add to the remote_smtp transport the following: + +

+
+         fallback_hosts = central.server.name(s)
+

+ If there are several names, they must be separated by colons. + +

+Q0304: How can I arrange for messages submitted by (for example) Majordomo to + be routed specially? + + +

+A0304: See + A0404. + +

+Q0305: How do I arrange for all incoming email for *@some.domain to go into one + pop3 mail account? The customer doesn't want to add a list of specific + local parts to the system. + + +

+A0305: Set up a special transport that writes to the mailbox like this: + +

+
+         special_transport:
+           driver = appendfile
+           file = /pop/mailbox
+           envelope_to_add
+           return_path_add
+           delivery_date_add
+           user = exim
+

+ The file will be written as the user "exim". Then arrange to route all + mail for that domain to that transport, with a router like this: + +

+
+         special_router:
+           driver = domainlist
+           transport = special_transport
+           route_list = "some.domain"
+

+ Alternatively, you could make some.domain a local domain, and use a + smartuser director instead. + +

+Q0306: The route_list setting + ^foo$:^bar$ $domain byname in a domainlist + router does not work. + + +

+A0306: The first thing in a route_list item is a single pattern, not a list of + patterns. You need to write that as + ^(foo|bar)$ $domain byname. + Alternatively, you could use several items and write + +

+
+         route_list = "foo $domain byname; bar $domain byname"
+

+ Note the semicolon separator. This is because the second thing in each + item can be a list - of hosts. + +

+Q0307: I'm getting "permission denied" when Exim attempts to check a + require_files option. + + +

+A0307: See + A0410 below. + +

+Q0308: I have a domain for which some local parts must be delivered locally, + but the remainder are to be treated like any other remote addresses. + + +

+A0308: The way to do this is not to include the domain in local_domains, so + that addresses initially get passed to the routers. The first router + should be definied like this: + +

+
+         special_local:
+           driver = domainlist
+           local_parts = whatever...
+           domains = whatever...
+           route_list = * localhost byname
+           self = local
+

+ That will pick off those addresses with matching local parts and + domains, and hand them to the directors, because of the self = local + setting. Any other addresses will fall through to the other routers and + be handled as normal remote addresses. + +

+Q0309: For certain domains, I don't want Exim to use MX records. Instead, I + want it just to look up the hosts' A records. I tried using a negative + entry in mx_domains in the smtp router, but it didn't work. + + +

+A0309: The mx_domains option specifies domains for which there must be an MX + record (an A record isn't good enough). Consequently, a negative item in + it doesn't do what you want - any domain matching is is not required to + have an MX record, but it doesn't stop Exim from using MX records for + any that do have them. You can achieve what you want using either a + lookuphost or a domainlist router: + +

+

+ (A) Using lookuphost: + +

+
+         special_domains:
+           driver = lookuphost
+           transport = remote_smtp
+           domains = list:of:domains:you:want:to:do:this:for
+           gethostbyname
+

+ (B) Using domainlist: + +

+
+         special_domains:
+           driver = domainlist
+           transport = remote_smtp
+           domains = list:of:domains:you:want:to:do:this:for
+           route_list = * * byname
+

+ If the list of domains is actually a lookup in a file, you can dispense + with domains in the domainlist case, and put the lookup into the + route_list option. + +

+Q0310: How can I configure Exim on a firewall machine so that if mail arrives + addressed to a domain whose MX points to the firewall, it is forwarded + to the internal mail server, without having to have a list of all the + domains involved? + + +

+A0310: As your first router, have the standard lookuphost router from the + default configuration, with the added options + +

+
+         no_more
+         self = fail_soft
+

+ This will handle all domains whose lowest numbered MX records do not + point to your host. Because of the no_more setting, if it encounters + an unknown domain, routing will fail. However, if it hits a domain whose + lowest numbered MX points to your host, the "self" option comes into + play, and overrides no_more. The fail_soft setting causes it to pass + the address on to the next router. (The default causes it to generate an + error.) + +

+

+ As your second (and last) router, set up a domainlist router that sends + everything to your internal mail server. That is, use an option of the + form + +

+
+         route_list = * internal.server byname
+Q0311: How can I arrange that messages larger than some limit are handled by + a special router? + + +

+A0311: If you are using Exim 2.10 or greater, you can use a condition option + on the router of the form + +

+
+         condition = ${if >{$message_size}{100K}{yes}{no}}
+

+ Earlier versions of Exim do not have numerical comparison operators, + though you can use tricks like + +

+
+         condition = ${if eq {${substr_5:$message_size}}{}{no}{yes}}
+Q0312: If a DNS lookup returns no MX records why doesn't Exim just bin the + message? + + +

+A0312: If a DNS lookup returns no MXs, Exim looks for an A record, in + accordance with the rules that are defined in the RFCs. If you want to + break the rules, you can set mx_domains in the lookuphost router, but + you will cut yourself off from those sites (and there still seem to be + plenty) who do not set up MX records. + +

+Q0313: When a DNS lookup for MX records fails to complete, why doesn't Exim + send the messsage to the host defined by the A record? + + +

+A0313: The RFCs are quite clear on this. Only if it is known that there are no + MX records is an MTA allowed to make use of the A record. When an MX + lookup fails to complete, Exim does not know whether there are any MX + records or not. There seem to be some nameservers (or some + configurations of some nameservers) that give a "server fail" error when + asked for a non-existent MX record. Exim uses standard resolver calls, + which unfortunately do not distinguish between this case and a timeout, + so all Exim can do is try again later. + +

+Q0314: Can you specify a list of domains to explicitly reject? + + +

+A0314: Use a router like this: + +

+
+         reject_domains:
+           driver = domainlist
+           self = fail_hard
+           domains = list:of:domains:to:reject
+           route_list = * localhost byname
+Q0315: Is it possible to use a conditional expression for the host item in a + route_list for the domainlist router? I tried the following, but it + doesn't work: + + +
+         route_list = "* ${if match{$header_from:}{.*\\.usa\\.net\\$} \
+                       {<smarthost1>}{<smarthost2>} bydns_a"
+

+A0315: The problem is that the second item in the route_list contains white + space, which means that it gets terminated prematurely. To avoid this, + you must put the second item in quotes, and because the whole item is + already in quotes, you have to escape them like this: + +

+
+         route_list = "* \"${if match{$header_from:}{.*\\.usa\\.net\\$} \
+                       {<smarthost1>}{<smarthost2>}\" bydns_a"
+Q0316: I send all external mail to a smart host, but this means that bad + addresses also get passed to the smart host. Can I avoid this? + + +

+A0316: If you are receiving the mail via SMTP, then you can use verification to + weed out the bad addresses. Set no_verify on the router which sends + everything to your smart host, and insert a new router with verify_only + that does general routing using DNS lookups (e.g. the default lookuphost + router), or any other verification you want. Then set receiver_verify + so that addresses are accepted only if they verify successfully. + +

+Q0317: I have a dial-up machine, and I use the queue_smtp option so that remote + mail only goes out when I do a queue run. However, any email I send with + an address <anything>@aol.com is returned within about 15 mins saying + 'retry time exceeded', and all addresses are affected. + + +

+A0317: See + Q1401. + +

+Q0318: How can I route mail for user X@local to a smarthost if X doesn't exist + on the local host? + + +

+A0318: See + A0428. + +

+Q0319: How can I arrange to do my own qualification of non-fully-qualified + domains, and then pass them on to the next router? + + +

+A0319: If you have some list of domains that you want to qualify, you can do + this using a domainlist router. For example, + +

+
+         qualify:
+           driver = domainlist
+           route_list = "*.a.b  $domain.c.com"
+

+ adds ".c.com" to any domain that matches "*.a.b". In the absence of any + options in the route item, the new domain is passed to the next router. + +

+

+ If you want to do this in conjunction with a lookuphost router, the + widen_domains option of that router may be another way of achieving what + you want. + +

+Q0320: Every system has a "nobody" account under which httpd etc run. I would + like to know how to restrict mail which comes from that account to users + on that host only. + + +

+A0320: Set up a router with senders=nobody@your.domain which routes all + mail to a local transport that delivers it to /dev/null (or to a pipe + that bounces with an error message, or whatever). That would catch all + mail to non-local domains. + +

+Q0321: I have a really annoying intermittent problem where attempts to mail to + valid sites are rejected with "unknown mail domain". This only happens a + few times a day and there is no particular pattern to the sites it + rejects. If I try to lookup the same domain a few minutes later then it + is OK. + + +

+A0321: (A) Have you linked Exim against the newest DNS resolver library that + comes with Bind? If you are using SunOS4 that may be your problem, as + the resolver that comes with that OS is known to be buggy and to give + intermittent false negatives. + +

+

+ (B) Effects like this are sometimes seen if a domain's nameservers get + out of step with each other. + +

+Q0322: I'd like route all mail with unresolved addresses to a relay machine. + + +

+A0322: Set pass_on_timeout on your lookuphost router, and add below it a + domainlist router that routes everything to the relay. + +

+Q0323: I would like to forward all incoming email for a particular domain to + another machine via SMTP. Whereabouts would I configure that? + + +

+A0323: First, do not list the domain in local_domains. Instead, list it in + relay_domains. Then, if the domain's lowest numbered MX record points to + your host, set up a domainlist router before your normal lookuphost + router, in order to route the domain to the specific host. + +

+Q0324: Why does Exim say "all relevant MX records point to non-existent hosts" + when MX records point to IP addresses? + + +

+A0324: MX records cannot point to IP addresses. They are defined to point to + host names, so Exim always interprets them that way. (An IP address is a + syntactically valid host name.) The DNS for the domain you are having + problems with is misconfigured. + +

+Q0325: How can I arrange for mail on my local network to be delivered directly + to the relevant hosts, but all other mail to be sent to my ISP's mail + server? The local hosts are all DNS-registered and behave like normal + Internet hosts. + + +

+A0325: Set up a first router to pick off all the domains for your local + network. There are several ways you might do this. For example + +

+
+         local:
+           driver = lookuphost
+           transport = remote_smtp
+           domains = lsearch;/etc/local_domains.list
+

+ This does a perfectly conventional DNS routing operation, but only for + your local domains. Follow this with a "smarthost" router: + +

+
+         internet:
+           driver = domainlist
+           transport = remote_smtp
+           route_list = * mail.isp.net bydns_a
+

+ This sends anything else to the smart host. + +

+

4. DIRECTING + +

+Q0401: I need to have any mail for virt.dom.ain that doesn't match one of the + aliases in /usr/lib/aliases.virt delivered to a particular address, for + example, postmaster@virt.dom.ain. + + +

+A0401: Adding an asterisk to a search type causes Exim to look up "*" when the + normal lookup fails. So if your director is something like this: + +

+
+         virtual:
+           driver = aliasfile
+           domains = virt.dom.ain
+           file = /usr/lib/aliases.virt
+           search_type = lsearch
+           no_more
+

+ you should change "lsearch" to "lsearch*", and put this in the alias + file: + +

+
+         *: postmaster@virt.dom.ain
+

+ This solution has the feature that if there are several unknown + addresses in the same message, only one copy gets sent to the + postmaster, because of Exim's normal de-duplication rules. + +

+

+ You can get separate deliveries for each unknown address only if you can + direct them to a specific transport, by using a smartuser director like + this: + +

+
+         virtual:
+           driver = aliasfile
+           domains = virt.dom.ain
+           file = /usr/lib/aliases.virt
+           search_type = lsearch
+
+         default_virtual:
+           driver = smartuser
+           domains = virt.dom.ain
+           transport = special_delivery
+           new_address = postmaster@virt.dom.ain
+           no_more
+

+ If an address in the virtual domain is not matched by the normal alias + lookup, then it gets picked up by the smartuser and passed to the + transport with a new address. There is no checking for duplicates, so + if there is more than one address that passes through this mechanism, + multiple copies get delivered. In order to distinguish them, the + envelope_to_add option can be set on the transport, to cause the + insertion of an Envelope-To: header containing the original recipient + address. + +

+Q0402: How do I configure Exim to send all messages to a central server? + + +

+A0402: This implies that you are not doing any local deliveries at all. Set + +

+
+         local_domains =
+

+ in the configuration file. This specifies that there are no local + domains (by default your host name is set up as a local domain). Then + all addresses are non-local - + A0302 tells you how to deal with them. + +

+Q0403: How do I configure Exim to send messages for unknown local users to a + central server? + + +

+A0403: At the end of the directors section of the configuration, insert the + following director: + +

+
+         unknown:
+           driver = smartuser
+           transport = unknown_transport
+

+ You should add no_verify to this if you are verifying addresses; + without it, all local parts will verify as valid in the local domain. + Then somewhere in the transports section of the configuration insert + +

+
+         unknown_transport:
+           driver = smtp
+           hosts = server.host.name
+

+ A colon-separated list of hosts may be given. They are tried in order. + By default, the IP address of any host is found by looking in the DNS + and doing MX processing (so really it is a domain list rather than a + host list). If you don't want MX processing, set the "gethostbyname" + option: + +

+
+         unknown_transport:
+           driver = smtp
+           hosts = server.host.name
+           gethostbyname
+

+ This calls the gethostbyname() function to find IP addresses. Depending + on your operating system and configuration, this usually consults + /etc/hosts and possibly other sources of information, as well as, or + instead of, the DNS. + +

+

+ If you want to change the recipient address when doing this, you can use + the new_address option on the smartuser director. For example, if the + address is user@foo.bar.com and the setting is + +

+
+           new_address = $local_part@bar.com
+

+ The message is sent to the server with the envelope recipient changed to + user@bar.com. However, this does not make any changes to the message's + headers. + +

+Q0404: How can I arrange for messages submitted by (for example) Majordomo to + be handled specially? + + +

+A0404: You can use the condition option on a director or router, with a + setting such as + +

+
+         condition = "${if and {eq {$sender_host_address}{}} \
+                     {eq {$sender_ident}{majordom}} {yes}{no}}"
+

+ This first tests for a locally-submitted message, by ensuring there is + no sending host address, and then it checks the identity of the user + that ran the submitting process. + +

+Q0405: On a host that accepts mail for several domains, do I have to use fully + qualified names in /etc/aliases or do I have to set up an alias file for + each domain? + + +

+A0405: You can do it either way. If you use a single file, you must set + include_domains on the aliasfile director. If you use a separate file + for each domain you can use a single director with an option such as + +

+
+         file = /etc/aliases/$domain
+

+ (as in C007), or you can have several different directors, each one with + +

+
+         domains = domain1:domain2:...
+

+ so that each one processes certain domains only. That way you could have + several domains sharing an alias file. All of this assumes that you want + have different aliases for each domain. If all the domain names are in + effect just synonyms, you don't need to do anything other than ensure + they all match something in local_domains. + +

+Q0406: Some of my users are using the .forward to pipe to a shell command which + appends to the user's INBOX. How can I forbid this? + + +

+A0406: If you allow your users to run shells in pipes, you cannot control which + commands they run or which files they write to. However, you should point + out to them that writing to an INBOX by arbitrary commands is not + interlocked with the MTA and MUAs, and is liable to mess up the contents + of the file. + +

+

+ If a user simply wants to choose a specific file for the delivery of + messages, this can be done by putting a file name in a .forward file + rather than using a pipe, or by using the "save" command in an Exim + filter file. + +

+

+ You can set forbid_pipe on the forwardfile director, but that will + prevent them from running any pipe commands at all. Alternatively, you + can restrict which commands they may run in their pipes by setting the + allow_commands and/or restrict_to_path options in the address_pipe + transport. + +

+Q0407: How can I arrange for a default value when using a query-style lookup + such as LDAP or NIS+ to handle aliases? + + +

+A0407: Using the queries option for the aliasfile driver should do what you + want. You can supply a second query which gets obeyed when the first + query fails. For example, + +

+
+       queries = "\
+         ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=$local_part@$domain)):\
+         ldap:://x.y.z/l=yvr?aliasaddress?sub?(&(mail=default@$domain))"
+Q0408: If I don't fully qualify the addresses in a virtual domain's alias file + then mail to aliases which also match the local domain get delivered to + the local domain. + + +

+ For example, if the alias file for foobar.com is + +

+
+         foo: joe@some.place.com
+         postmaster: foo
+

+ then mail sent to postmaster@foobar.com is not delivered to + joe@some.place.com but instead goes to foo@localdomain.com. + +

+

+A0408: Set the qualify_preserve_domain option on the aliasfile director. + +

+Q0409: We've got users who chmod their home to 750, and home is NFS-mounted + without root privilege, so Exim cannot access ~user/.forward. + + +

+A0409: Set the seteuid option on the forwardfile director so that Exim + "becomes" the user before trying to read the file. However, if your + operating system does not support the seteuid() function, you cannot do + this. In that circumstance, if you cannot persuade your users to make + their .forward files world readable, you can set the ignore_eacces + option, which causes Exim to ignore unreadable files. + +

+Q0410: I'm getting "permission denied" when Exim tries to check a for the + existence of a user's .procmailrc file using require_files. + + +

+A0410: Exim is running under its own uid (or root if there isn't an Exim uid) + when it checks require_files. You can cause it to change to a specific + uid by putting an item not containing any / characters at the start of + the require_files list. In this case you probably want a director along + these lines: + +

+
+         procmail:
+           driver = localuser
+           require_files = ${local_part}:${home}/.procmailrc
+           transport = procmail_pipe
+Q0411: How can I deliver mail into different directories for each virtual + domain, doing user lookups not against /etc/passwd but against + /etc/passwd.domain? + + +

+A0411: See configuration sample C009. + +

+Q0412: I want mail for any local part at certain virtual domains to go + to a single address for each domain. + + +

+A0412: One way to to this is + +

+
+         virtual:
+           driver = smartuser
+           domains = lsearch;/etc/virtual
+           new_address = ${lookup{$domain}lsearch{/etc/virtual}{$value}fail}
+

+ The /etc/virtual file contains a list of domains and the addresses to + which their mail should be sent. For example: + +

+
+          domain1:  postmaster@some.where.else
+          domain2:  joe@xyz.plc
+          etc.
+

+ If the number of domains is large, using a DBM or cdb file would be more + efficient. + +

+Q0413: How can I make Exim look in the alias NIS map instead of /etc/aliases? + + +

+A0413: The default configuration does not use NIS (many hosts don't run it). + You should change the system_aliases director to + +

+
+         system_aliases:
+           driver = aliasfile
+           file = mail.aliases
+           search_type = nis
+

+ If you want to use /etc/aliases as well as NIS, put this director (with + a different name) before or after the default one, depending on which + data source you want to take precedence. + +

+Q0414: What does the error message "error in forward file (filtering not + enabled): missing or malformed local part ..." mean? + + +

+A0414: If you are trying to use an Exim filter, you have forgotten to enable + the facility, which is disabled by default. In the forwardfile director + (in the Exim configuration file) you need to set + +

+
+         filter = true
+

+ to allow a .forward file to be used as an Exim filter. If you are not + trying to use an Exim filter, then you have put a malformed address in + the .forward file. + +

+Q0415: Exim isn't recognizing certain forms of local address. + + +

+A0415: (A) Try using the -bt option with debugging turned on, to see how Exim + is handling the addresses. For example, + +

+
+         exim -d2 -bt z6abc
+

+ will show you how it would handle the local part "z6abc". Increase the + debug level to -d9 for more information. + +

+

+ (B) If the local user names contain capital letters, that is probably + the cause of your problem. Setting up such user names is a bad idea. + By default, everything is lowercased before the final delivery for the + sake of alias matching and user name matching, because people who type + email addresses often get the case wrong. You can stop this by setting + +

+
+         locally_caseless = false
+

+ but then incoming addresses are recognized only in the correct case. + See also + Q0424 for a way round this. + +

+Q0416: I have a domain for which some local parts must be delivered locally, + but the remainder are to be treated like any other remote addresses. + + +

+A0416: See + A0308. + +

+Q0417: What I really need is the ability to obtain the result of a pipe + command so that I can filter externally and redirect internally. Is + this possible? + + +

+A0417: This is not possible. The result of a pipe command is not available to + a filter, because it doesn't run any deliveries while filtering. It just + sets up deliveries. They all happen later. If you want to run pipes + and examine their results, you need to set up a single delivery to a + delivery agent such as procmail which provides this kind of facility. + +

+Q0418: When I set a suffix on one of my directors, it doesn't get stripped when + checking the local_parts option. Why is this? + + +

+A0418: The test on local parts and domains is done early on, and only if they + match is supplementary processing such as prefix and suffix recognition + done. There is a section of the manual called "Skipping directors" which + gives details. If you want to ignore a prefix or suffix in the initial + test of the local part, you can do so by replacing local_parts with a + setting of the condition option. For example, suppose you wanted to + look up the basic local part in a file, and run the director if it is + found: + +

+
+         condition = "${if lookup{\
+           ${if match{$local_part}{^(.*)-request}{$1}{$local_part}}\
+           }lsearch{/some/file}{yes}}"
+

+ The key that is looked up is the second line, which uses a regular + expression to strip "-request" from the local part if it is present. + +

+Q0419: Why will Exim deliver a message locally to any username that is longer + than 8 characters as long as the first 8 characters match one of the + local usernames? + + +

+A0419: The problem is in your operating system. Exim just calls the getpwnam() + function to test a local part for being a local login name. It does not + presume to guess the maximum length of user name for the underlying + operating system. Many operating systems correctly reject names that are + longer than the maximum length; yours is apparently deficient in this + regard. To cope with such systems, Exim has an option called + max_user_name_length which you can set to the maximum allowed length. + +

+Q0420: Why am I seeing the error "bad mode (100664) for /home/test/.forward + (userforward director)"? I've looked through the documentation but can't + see anything to suggest that exim has to do anything other than read the + .forward file. + + +

+A0420: For security, Exim checks for mode bits that shouldn't be set, by + default 022. You can change this by setting the "modemask" option of the + forwardfile director. + +

+Q0421: How can I arrange that messages larger than some limit are handled by + a special director? + + +

+A0421: See + A0311. + +

+Q0422: When a user's .forward file is syntactially invalid, Exim defers + delivery of all messages to that user, which sometimes include the + user's own test messages. Can it be told to ignore the .forward file + and/or inform the user of the error? + + +

+A0422: Setting skip_syntax_errors on the forwardfile director causes syntax + errors to be skipped. When dealing with users' .forward files it is best + to combine this with a setting of syntax_errors_to in order to send + a message about the error to the user. However, to avoid an infinite + cascade of messages, you have to be able to send to an address that + bypasses .forward file processing. This can be done by including a + director like this one + +

+
+         real_localuser:
+           driver = localuser
+           transport = local_delivery
+           prefix = real-
+

+ before the forwardfile director. This will do an ordinary local + delivery without .forward processing, if the local part is prefixed by + "real-". You can then set something like the following options on the + forwardfile director: + +

+
+         skip_syntax_errors
+         syntax_errors_to = real-$local_part@$domain
+         syntax_errors_text = "\
+           This is an automatically generated message. An error has been \
+           found\nin your .forward file. Details of the error are reported \
+           below. While\nthis error persists, messages addressed to you will \
+           get delivered into\nyour normal mailbox and you will receive a \
+           copy of this message for\neach one."
+

+ A final tidying setting to go with this is a rewriting rule that changes + "real-username" into just "username" in the headers of the message: + +

+
+         ^real-([^@]+)@your\.dom\.ain$    $1@your.dom.ain   h
+

+ This means that users won't ever see the "real-" prefix, unless they + look at the Envelope-To header. + +

+Q0423: I have some users on my system with upper case letters in their login + names, but these are not recognized. + + +

+A0423: See + A0424. + +

+Q0424: I have unset locally_caseless because my users have upper case letters + in their login names, but incoming mail now has to use the correct case. + Can I relax this somehow? + + +

+A0424: If you really have to live with caseful user names but want incoming + local parts to be caseless, then you have to maintain a file, indexed by + the lower case forms, that gives the correct case for each login, like + this: + +

+
+         admin:    Admin
+         steven:   Steven
+         mcdonald: McDonald
+         lamanch:  LaManche
+         ...
+

+ and at the start of your directors, put one like this: + +

+
+         set_case_director:
+           driver = smartuser
+           new_address = "${lookup{${lc:$local_part}}lsearch{/the/file}\
+                          {$value@$domain}fail}"
+

+ For efficiency, you should also set the new_director option to cause + processing of the changed address to begin at the next director. If you + are otherwise using the default configuration, then the setting would be + +

+
+         new_director = system_aliases
+

+ If there are lots of users, then a DBM or cdb file would be more + efficient than lsearch. If you are handling several domains, then you + will have to extend this configuration to cope appropriately. + +

+Q0425: I want to look up local users in an SQL database instead of looking in + the passwd file. + + +

+A0425: (A) From release 3.03, Exim contains support for calling MySQL. + +

+

+ (B) If you can set up an LDAP interface to your SQL database, then this + is relatively straightforward to do, since Exim contains LDAP support. + Sample configuration C009 shows you how to lookup users in + /etc/passwd/whatever instead of /etc/passwd. Modifying this to use LDAP + instead of looking in a file would be easy. + +

+

+ (C) If you can access SQL from Perl, you could use Exim's embedded Perl + facility, but this is expensive in terms of resources used. + +

+

+ You must consider what will happen if your database is down. All local + mail delivery will be delayed until it comes up again. Whether this + matters is of course something for you to decide. If the database is + down a lot and it does matter, then consider some scheme of extracting + a list of users from the database at regular intervals, and getting Exim + to work off that. This is also likely to be more efficient. + +

+Q0426: Is it possible for Exim to use a SQL database like MySQL for its lists + of virtual domains and explicit aliases? + + +

+A0426: See + A0425. + +

+Q0427: Can I use my existing alias files and forward files as well as procmail + and effectively drop in exim in place of Sendmail ? + + +

+A0427: Yes, as long as your alias/forward files don't assume that pipes are + going to run under a shell. If they do, you either have to change them, + or configure Exim to use a shell (which it doesn't by default). + +

+Q0428: How can I route mail for user X@local to a smarthost if X doesn't exist + on the local host? + + +

+A0428: This is the same question as + Q0402. The duplication is a bug in the FAQ. + +

+Q0429: What is quickest way to set up Exim so any message sent to a non- + existing user would bounce back with a different message, based + on the name of non-existing user? + + +

+A0429: See the example in the section of the manual entitled "System-wide + automatic processing". + +

+Q0430: I am building some largish mailing lists with Majordomo, and was + wondering if it worth leaving the actually list expansion to the + aliasfile :include: mechanism or should I consider using the forwardfile + transport? Is there any real difference in terms of facilities and/or + performance, and are the expansions basically the same code anyway? + + +

+A0430: The code that pulls out individual addresses from a list is the same in + both cases, so it's really just a matter of which is the most convenient + for you. + +

+Q0431: What do I need to do to make Exim handle /usr/ucb/vacation processing + automatically, so that people could just create a .vacation.msg file in + their home directory and not have to edit their .forward file? + + +

+A0431: Add a new director like this, immediately before the normal localuser + director: + +

+
+         vacation:
+           driver = localuser
+           require_files = .vacation.msg
+           transport = vacation_transport
+           unseen
+

+ and a matching new transport like this: + +

+
+         vacation_transport:
+           driver = pipe
+           command = "/usr/ucb/vacation \"$local_part\""
+

+ However, some versions of /usr/ucb/vacation do not work properly unless + the DBM file(s) it uses are created in advance - it won't create them + itself. You also need a way of removing them when the vacation is over. + +

+

+ Another possibility is to use a fixed filter file which is run whenever + .vacation.msg exists, for example: + +

+
+         vacation:
+           driver = forwardfile
+           check_localuser
+           require_files = $home/.vacation.msg
+           file = /some/central/filter
+           filter
+

+ The filter file should use the "if personal" check before sending mail, + to avoid generating automatic responses to mailing lists. If sending a + message is all that it does, this doesn't count as a "significant" + delivery, so the message goes on to be delivered as normal. + +

+

+ Yet another possibility is to make use of Exim's autoreply transport. + See C033. + +

+Q0432: I want to use a default entry in my alias file, but it picks up the + local parts that the aliases generate. For example, if the alias file + is + + +
+         luke.skywalker: luke
+         ls: luke
+         *: postmaster
+

+ then messages addressed to luke.skywalker end up at postmaster. + +

+

+A0432: (A) If you know for certain that no alias in your alias file ever + generates another alias that is in the same file, then the most + efficient solution is to put + +

+
+         new_director = name-of-following-director
+

+ in your aliasfile director. This stops Exim from processing the + generated names as aliases the second time. + +

+

+ (B) If you can't give that guarantee, then you have to put dummy entries + in the alias file for all your local parts, for example: + +

+
+         luke: luke
+

+ (C) Another possibility is to put the aliasfile director for these + aliases after the localuser director, so that local parts get picked + off first. You will need to have two aliasfile directors if there are + some local parts (e.g. root) which you do want to handle as aliases + rather than local users. + +

+Q0433: I have some obsolete domains which people have been warned not to use + any more. How can I arrange to delete any mail that is sent to them? + + +

+A0433: If you are using release 3.10 or later, you can use a smartuser director + like this: + +

+
+         obsolete:
+         domains = lsearch;/etc/exim/obsolete.domains
+         new_address = :blackhole:
+

+ If you want to make any exceptions, for example, for mail to postmaster + at those domains, you can add the line + +

+
+         local_parts = !postmaster
+

+ If you are using an earlier release of Exim, you have to set up an alias + file in order to use :blackhole: + +

+
+         obsolete:
+         domains = lsearch;/etc/exim/obsolete.domains
+         file = /blackhole/all
+         search_type = lsearch*
+

+ with the file containing + +

+

+ *: :blackhole: + +

+

+ and possibly a postmaster alias if you want. + +

+Q0434: How can I arrange that mail addressed to anything@something.mydomain.com + gets delivered to something@mydomain.com? + + +

+A0434: Ensure that all the relevant domains are local, by setting + +

+
+         local_domains = mydomain.com : *.mydomain.com
+

+ Then set up a smartuser director like this: + +

+
+         user_from_domain:
+           driver = smartuser
+           new_address = "${if match{$domain}{^(.+)\\\\.mydomain.com\\$}\
+             {$1@mydomain.com}fail}"
+Q0435: I can't get a regular expression to work in this local_parts option on + one of my directors: + + +
+         local_parts = ^0740\d{6}
+

+A0435: The local_parts option is expanded before use, so that you can, for + example, make it dependent on the domain. Therefore, you need to write + +

+
+         local_parts = ^0740\\d{6}
+

+ so as to preserve the backslash. + +

+Q0436: How can I arrange for all addresses in a group of domains *.example.com + to share the same alias file? I have a number of such groups. + + +

+A0436: For a single group you could just hardwire the file name into a director + that had + +

+
+         domains = *.example.com
+

+ set, to restrict it to the relevant domains. For a number of such groups + you can create a file containing the domains, like this: + +

+
+         *.example1.com    example1.com
+         *.example2.com    example2.com
+         ...
+

+ Arrange that the domains are treated as local by setting + +

+
+         local_domains = "partial-lsearch;/that/file"
+

+ Then create a director like this + +

+
+         domain_aliases:
+           driver = aliasfile
+           domains = partial-lsearch;/that/file
+           file = /etc/aliases.d/$domain_data
+           search_type = lsearch*
+

+ The variable $domain_data contains the data that was looked up when the + domains option was matched, i.e. "example1.com", "example2.com", etc. + in this case. + +

+Q0437: When Exim tries to read /usr/lib/majordomo/lists/lists.aliases it is + giving "Permission denied", but that file is world-readable! + + +

+A0437: Check the permissions on the superior directories. + +

+

5. DELIVERY + +

+Q0501: What does the error "Neither the xxx director nor the yyy transport set + a uid for local delivery of..." mean? + + +

+A0501: Whenever Exim does a local delivery, it runs a process under a specific + user and group id (uid and gid). For deliveries into mailboxes, and to + pipes and files set up by .forwarding, it normally picks up the uid/gid + of the receiving user. However, if an address is directed to a pipe or a + file by some other means, such an entry in the system alias file of the + form + +

+
+         majordomo: |/local/mail/majordomo ...
+

+ then Exim has to be told what uid/gid to use for the delivery. This can + be done either on the director that handled the address, or on the + transport that actually does the delivery. If a pipe is going to run a + setuid program, then it doesn't matter what uid Exim starts it out with, + and so the most straightforward thing is to put + +

+
+         user = exim
+

+ on either the director or the transport. A setting on the transport + overrides a setting on the director, so if the same transport is being + used with several directors, you should set the user on it only if you + want the same uid to be used in all cases. + +

+

+ In the default configuration, the transports used for file and pipe + deliveries are the ones called address_file and address_pipe. You + can specify different transports by setting, for example, + +

+
+         pipe_transport = special_pipe_transport
+

+ on the aliasfile director. Then you can set up special_pipe_transport + +

+
+         special_pipe_transport:
+           driver = pipe
+           user = ????
+

+ which will be used only for pipe deliveries from that one director. + What you put for the ???? is up to you, and depends on the particular + circumstances. + +

+Q0502: Exim won't deliver to a host with no MX record. + + +

+A0502: (A) Are you sure there really is no MX record? Sometimes a typo results + in a malformed MX record in the zone file, in which case some nameservers + give a SERVFAIL error rather than NXDOMAIN. Exim has to treat this as + a temporary error, so it can't go on to look for an A record. You can + check for this state using one of the DNS interrogation commands, such + as "dig". + +

+

+ (B) Is there a wildcard MX record for your domain? Is the + search_parents option on in your lookuphost router? (Prior to Exim + version 1.80 this was the default; it was changed because of this + problem.) If the answer to both these questions is "yes", then that is + the cause of the problem. When the DNS resolver fails to find the MX + record, it tries adding on your domain if search_parents is true, and + thereby finds your wildcard MX record. For example: + +

+

+ . There is a wildcard MX record for *.a.b.c. + +

+

+ . There is a host called x.y.z that has an A record and no MX record. + +

+

+ . Somebody on a machine m.a.b.c domain tries to mail to user@x.y.z. + +

+

+ . Exim calls the DNS to look for an MX record for x.y.z. + +

+

+ . The DNS doesn't find any MX record. Because search_parents is true, + it then tries searching the current host's parent domain, so it + looks for x.y.z.a.b.c and picks up the wildcard MX record. + +

+

+ Setting search_parents false makes this case work while retaining the + wildcard MX record. However, anybody on the machine m.a.b.c who mails to + user@n.a (expecting it to go to user@n.a.b.c) now has a problem. The + widen_domains option of the lookuphost router may be helpful in this + circumstance. + +

+Q0503: How should Exim be configured when it is acting as a temporary storage + system for a domain on a dial-up host? + + +

+A0503: See + Q1402. + +

+Q0504: I would like to deliver mail addressed to a given domain normally, but + also to generate a message to the envelope sender. + + +

+A0504: If the domain is a local one, you can do this with an "unseen" smartuser + director and an autoreply transport, along the following lines: + +

+
+         # Transport
+         warning_t:
+           driver        = autoreply
+           file          = /usr/local/mail/warning.txt
+           file_expand
+           from          = postmaster@your.domain
+           to            = $sender_address
+           user          = exim
+           subject       = "Re: Your mail to ${local_part}@${domain}"
+
+         # Director
+         auto_warning_d:
+           driver        = smartuser
+           domains       = <domains you want to do this for>
+           condition     = ${if eq{$sender_address}{}{no}{yes}}
+           transport     = warning_t
+           no_verify
+           unseen
+

+ Note the use of the condition option to avoid attempting to send a + message when there is no sender (that is, when the incoming message is a + delivery error report). You can of course extend this to include other + conditions. If you want to log the sending of messages, you can add + +

+
+         log = /some/file
+

+ to the transport and also make use of the "once" option if you want to + send only one message to each sender. + +

+Q0505: Exim keeps crashing with segmentation errors (signal 11 or 139) during + delivery. This seems to happen when it is about to contact a remote + host or when a delivery is deferred. + + +

+A0505: This could be a problem with Exim's databases. Check that your DBM + library is correctly installed. In particular, if you have installed a + second DBM library onto a system that already had one, check that its + version of ndbm.h is being seen first. For example, if the new version + is in /usr/local/include, check that there isn't another version in + /usr/include. If you are using Berkeley db, you can set USE_DB=yes in + your Local/Makefile to avoid using ndbm.h altogether. This is + particularly relevant for version 2 of Berkeley db, because no ndbm.h + file is distributed with it. + +

+Q0506: Whenever Exim tries to do a local delivery, it gives a permission denied + error for the .forward file, like this: + + +
+         1998-08-10 16:55:32 0z5y2W-0000B8-00 == xxxx@yyy.zzz <xxxx@yyy.zz>
+           D=userforward defer (-1): failed to open /home/xxxx/.forward
+           (userforward director): Permission denied (euid=1234 egid=101)
+

+A0506: Have you remembered to make Exim setuid root? + +

+Q0507: I have installed Exim, but now I can't mail to root any more. Why is + this? + + +

+A0507: Most people set up root as an alias for the manager of the machine. If + you haven't done this, Exim will attempt to deliver to root as if it + were a normal user. This isn't really a good idea because the delivery + process would run as root. Exim has a trigger guard in the option + +

+
+         never_users = root
+

+ in the default configuration file. This prevents it from running as root + when doing any local deliveries. If you really want to run local + deliveries as root, remove this line, but it would be better to create + an alias for root instead. + +

+Q0508: How can I stop undeliverable bounce messages (e.g. to routeable, but + undeliverable, spammer senders) from clogging up the queue for days? + + +

+A0508: Set ignore_errmsg_errors to drop them immediately, or set ignore_errmsg_ + errors_after to specify a (short) time to keep them for. I use 12h so + that I notice them, but they go away relatively quickly. + +

+Q0509: How can mails that are being routed through directors other than + localuser be delivered under the uid of the recipient? + + +

+A0509: + A0501 contains background information on this. If you are using, say, an + alias file to direct messages to specific mailboxes, then you can use + the "user" option on either the aliasfile director or the appendfile + transport to set the uid. What you put in the setting depends on how + the required uid is to be found. It could be looked up in a file or + computed somehow from the local part, for example. + +

+Q0510: I want to use MMDF-style mailboxes. How can I get Exim to append the + ctrl-A characters that separate indvidual emails? + + +

+A0510: Set the suffix option in the appendfile transport. In fact, for MMDF + mailboxes you need a prefix as well as a suffix to get it working right, + so your transport should contain these settings: + +

+
+         prefix = "\1\1\1\1\n"
+         suffix = "\1\1\1\1\n"
+

+ Also, you need to change the check_string and escape_string settings so + that the escaping happens for lines in the message that happen to begin + with the MMDF prefix or suffix string, rather than "From" (the default): + +

+
+         check_string  = "\1\1\1\1\n"
+         escape_string = "\1\1\1\1 \n"
+

+ Adding a space to the line is sufficient to prevent it being taken as a + separator. + +

+Q0511: I have an ISDN connection and would like a way of running the queue + automatically when it is up. + + +

+A0511: The following shell commands test for the interface being up and then + run the queue: + +

+
+         ifconfig ppp0 | fgrep UP >/dev/null
+         if [ $? -eq 0 ] ; then exim -q ; fi
+

+ You could put these commands into a script which runs them at regular + intervals. You might want to use -qq instead of -q. + +

+

+ With Linux, the script /etc/ppp/ip-up is run after a ISDN connection + or a more general PPP connection has been established. If you are using + Linux, you could put the call to exim in that script. + +

+Q0512: If a user's mailbox is over quota, is there a way for me to set it up so + that the mail bounces to the sender and is NOT stored in the mail queue? + + +

+A0512: In the retry section of the configuration, put + +

+
+         *@your.dom.ain        quota
+

+ That is, provide no retry timings for over quota errors. They will then + bounce immediately. Alternatively, you can set up retries for a short + time only, or use something like this: + +

+
+         *@your.dom.ain        quota_7d
+         *@your.dom.ain        quota       F,2h,15m; F,3d,1h
+

+ which bounces immediately if the user's mailbox hasn't been read for 7 + days, but otherwise tries for up to 3 days after the first quota + failure. + +

+Q0513: I'm using tmail to do local deliveries, but when I turned on the + use_crlf option on the pipe transport (tmail prefers \r\n terminations) + message bodies started to vanish. + + +

+A0513: You need to unset the prefix option (or change it so that its default + \n terminator becomes \r\n). For example, the transport could be: + +

+
+         local_delivery_mbx:
+	   driver = pipe
+	   command = "/usr/local/bin/tmail ${local_part}"
+	   user = exim
+	   current_directory = /
+           use_crlf
+           prefix =
+

+ The reason for this is as follows: tmail uses the line terminator on + the first line it sees to determine whether lines are terminated by + \r\n or \n. If the latter, it moans to stderr and changes subsequent + \n terminators to \r\n. The default setting of the prefix option is + "From ...\n", and this is unaffected by the use_crlf option. If you + don't change this, tmail sees the first line terminated by \n and + prepends \r to the \n terminator on all subsequent lines. However, if + use_crlf is set, Exim makes all other lines \r\n terminated leading to + doubled \r\r\n lines and corrupt mbx mailboxes. + +

+Q0514: What does the message "Unable to get root to set uid and gid + for local delivery to xxx: uid=yyy euid=zzz" mean? + + +

+A0514: Have you remembered to make Exim setuid root? It needs root privilege if + it is to do any local deliveries, because it does them "as the user". + +

+Q0515: I upgraded to 2.04 and now my Envelope-To: header for my virtual domains + is gone. Any idea how to get it back? + + +

+A0515: Read paragraph 1 of the 1.92 information in README.UPDATING. Add + envelope_to_add to your transports for your virtual domains. You may + also want to set return_path_add and delivery_date_add. + +

+Q0516: The Exim log records the arrival of a message, and then "Completed", + without logging any deliveries. What's going on? + + +

+A0516: This is unlikely in current versions of Exim, because more logging + has been added. In versions before 2.053, one scenario is that the + message was addressed to some user who has set up an Exim filter + containing the command "seen finish", which discards a message without + doing any deliveries. (In current versions of Exim this is logged as + "discarded".) More information can be obtained by setting + +

+
+         log_received_recipients
+

+ so that next time you can see to whom it is addressed. Another + possibility, prior to version 2.053, was that the message was injected + using the -t option, but all the addresses in the message were also on + the command line. See + A5020 for more detail. Current versions of Exim + generate a bounce message in this case. + +

+Q0517: When I activate "return receipt" for example in Netscape Mailbox + sending options, then I get an error message from Exim... something + like "not supported". Can I activate delivery confirmations? + + +

+A0517: Exim does not support any kind of delivery notification. + +

+

+ (A) You can configure it to recognize headers such as + "Return-receipt-to:" if you wish. + +

+

+ (B) Some people want MSN (message status notification). Such services + are implemented in MUAs, and don't impact on the MTA at all. + +

+

+ (C) I investigated the RFCs which describe the DSN (delivery status + notification) system, and there is even a bit of code in there (excluded + by #ifdef) for handling some of the data. However, I was unable to + specify any sensible way of actually doing anything with the data. There + were comments on the mailing list at the time; many people, including + me, conclude that DSN is in practice unworkable. The killer problem is + with forwarding and aliasing. Do you propagate the DSN data with the + generated addresses? Do you send back a "reached end of the DSN world" + or "expanded" message? Do you do this differently for different kinds of + aliasing/forwarding? For a user who has a .forward file with a single + address in, this might seem easy - just propagate the data. But what if + there are several forwardings? If you propagate the DSN data, the sender + may get back several DSN messages - and should the sender really know + about the detail of the receiver's forwarding arrangements? There isn't + really any way to distinguish between a .forward file that is forwarding + and one that is a mini mailing list. And so on, and so on. There are so + many questions that don't have obvious answers. + +

+Q0518: When I dial up to collect mail from my ISP, only the first 10 messages + get delivered immediately; the remainder just sit on the queue until a + queue runner process finds them. + + +

+A0518: Your ISP is delivering all the messages in a single SMTP session. Exim + limits the number of immediate delivery processes it will create as a + result of a single SMTP connection, in order to avoid creating a zillion + processes on systems that can have many incoming connections. In your + situation, you should probably set smtp_accept_queue_per_connection to + some number larger than 10. + +

+Q0519: My ISP's mail server is rejecting bounce messages from Exim, complaining + that they have no sender. The SMTP trace does indeed show that the + sender address is "<>". Why is the Sender on the bounce message empty? + + +

+A0519: Because the RFCs say it must be. Your ISP is at fault. Send them this + extract from RFC 1123 section 5.3.3 ("Reliable Mail Receipt"): + +

+

+ If there is a delivery failure after acceptance of a message, + the receiver-SMTP MUST formulate and mail a notification + message. This notification MUST be sent using a null ("<>") + reverse path in the envelope; see Section 3.6 of RFC-821. The + recipient of this notification SHOULD be the address from the + envelope return path (or the Return-Path: line). However, if + this address is null ("<>"), the receiver-SMTP MUST NOT send a + notification. If the address is an explicit source route, it + SHOULD be stripped down to its final hop. + +

+Q0520: What does the message "retry time not reached [for any host]" on the log + mean? Why won't Exim try to deliver the message? + + +

+A0520: That is not an error. It means exactly what it says. A previous attempt + to deliver to that address failed with a temporary error, and Exim + computed the earliest time at which to try again. This can apply to + local as well as to remote deliveries. For remote deliveries, each host + (if there are several) has its own retry time. + +

+

+ Some MTAs have a retrying schedule for each message. Exim does not work + like this. Retry timing is normally host-based for remote domains and + address-based for local domains. (There are some exceptions for certain + kinds of remote failure - see "Errors in outgoing SMTP" in the manual.) + +

+

+ If a new message arrives for a failing address and the retry time has + not yet arrived, Exim will log "retry time not reached" and leave the + message on the queue, without attempting delivery. Similarly, if a queue + runner notices the message before the time to retry has arrived, it + writes the same log entry. When the retry time has past, Exim attempts + delivery at the next queue run. If you want to know when that will be, + run the exinext utility on the address, for example: + +

+
+         exinext user@some.domain
+

+ You can suppress these messages on the log by setting log_level to a + value that is less than 5. You can force a delivery attempt on a + specific message (overriding the retry time) by means of the -M option: + +

+
+         exim -M 10hCET-0000Bf-00
+

+ If you want to do this for the entire queue, use the -qf option. See + also + Q0533. + +

+Q0521: RFC 1985 specifies that the SMTP command "ETRN host.domain" causes all + mail queued for that host, no matter what domain it's for, to be + dequeued. Why doesn't Exim support this? + + +

+A0521: Exim does not keep queues of mail for specific destinations. It just + keeps one pool of undelivered messages. What is more, once you start a + delivery of a message, it tries to deliver to all the addresses in the + message, not just the one you may be interested in. (Of course, this + doesn't usually do any harm.) + +

+

+ The only way it could be done within Exim would be, for every message + on the queue, to go through the motions of routing each undelivered + address and see if that resulted in a delivery to the host of interest. + This could be extremely expensive (e.g. 1,000 messages on the queue, + only 1 for the given host). + +

+

+ The bottom line is that Exim just wasn't designed for this kind of + operation, that is, holding messages for intermittently connected hosts. + The queueing arrangements are designed for handling delivery problems + that are not expected to be common. + +

+

+ A better way to do this is to implement the required queues separately. + After all, keeping such mail on an "active" queue (where Exim will keep + trying to deliver) is silly. If there is a lot of mail for these hosts, + it also masks genuine delivery problems when you inspect the queue. + +

+

+ Large ISPs who provide this kind of functionality do not usually leave + waiting mail on the MTA's queue. Instead, they get it delivered into + per-host directories, one message per file, in one of the special + formats (BSMTP, maildir, or mailstore) and when an ETRN arrives, it + kicks off some completely different program that establishes an SMTP + connection to the host and shovels the waiting mail down it. That seems + to me to be a much neater way of doing this. It means you can easily add + additional functionality such as archiving or throwing away uncollected + mail. One program that has this functionality is "ssmtp", which can be + found in ftp://metalab.unc.edu/pub/Linux/system/mail/mta/. + +

+Q0522: If email has been deferred to a member on a local mailing list + (implemented through forward files), and one of our ETRN clients is on + this mailing list, the -R won't "flush" the mailing list message for + that client. + + +

+A0522: That is because -R matches only original recipient addresses, not those + produced as a result of expansion, because these are not (by default) + preserved from delivery to delivery. You can get round this by setting + one_time on the forwardfile director, but you are not allowed to have + expansions to pipes or files on directors that have one_time set. + Therefore, you will have to have a separate director for mailing lists + (with one_time set) to the one used for normal forward files that might + specify pipe or file deliveries. However, the problem will then still be + present for any user who sets up a .forward file to redirect to any of + the ETRN domains. See the last 3 paragraphs of + A0521 for a discussion of + an alternative approach. + +

+Q0523: Exim seems to be sending the same message twice, according to the log, + although there is a difference in capitalization of the local part of + the address. + + +

+A0523: That is correct. The RFCs are explicit in stating that capitalization + matters for local parts. For remote domains, Exim is not entitled to + assume case independence of local parts. I know, it is utterly silly, + and it causes a lot of grief, but that's what the rules say. Here is a + quote from the draft of the forthcoming revision to RFC 821: + +

+

+ ... a command verb, an argument value other than a mailbox + local-part, and free form text MAY be encoded in upper case, + lower case, or any mixture of upper and lower case with no impact + on its meaning. This is NOT true of a mailbox local-part. The + local-part of a mailbox MUST BE treated as case sensitive. + Therefore, SMTP implementations MUST take care to preserve the + case of mailbox local-parts. Mailbox domains are not case + sensitive. However, exploiting the case sensitivity of mailbox + local-parts impedes interoperability and is discouraged. + +

+Q0524: How can I force the next retry time for a host to be now? + + +

+A0524: (A) You can force a particular message to be delivered with the -M + command line option. If it succeeds, the retry data will get cleared. If + the host is past the cutoff time, so that messages are bouncing + immediately without trying a delivery, you can use -odq to put a message + on the queue without a delivery attempt, and then use -M on it. + +

+

+ (B) You can change the retry time with the exim_fixdb utility, but its + interface is very clumsy. + +

+Q0525: I set up "|/bin/grep Subject|/usr/bin/smbclient -M <netbiosname>" as an + alias but it doesn't work. + + +

+A0525: That is a shell command line. Exim does not run pipe commands under a + shell by default (for added security - and it saves a process). You + need something like + +

+
+         "|/bin/sh -c '/bin/grep Subject|/usr/bin/smbclient -M <netbiosname>'"
+Q0526: Why does the pipe transport add a line starting with ">From" to + messages? + + +

+A0526: Actually, it adds a line starting with "From", because that is the + default of the "prefix" option (/usr/ucb/vacation needs it, and that is + the most common use of piping). If you don't want it, change the setting + of "prefix". + +

+Q0527: I have set fallback_hosts on my smtp transport, but after the error + "sem@chat.ru cannot be resolved at this time" Exim isn't using them. + + +

+A0527: fallback_hosts only works if an attempt at delivery to the original + host(s) fails. In this case, Exim couldn't even resolve the domain + chat.ru to discover what the original hosts were, so it never got as far + as the transport. However, see + Q0322 for a possible solution. + +

+Q0528: After the holidays my ISP has always hundreds of e-mails waiting for me. + These are forced down Exim's throat in one go. Exim spawns a lot of + kids, but is there some limit to the number of processes it creates? + + +

+A0528: Unless you have changed smtp_accept_queue_per_connection (introduced at + release 2.03) it should only spawn that many processes per connection + (default 10). Your ISP may be making many connections, of course. That + is limited by smtp_accept_max. + +

+Q0529: When a message in the queue got to 12h old, Exim wrote 'retry timeout + exceeded' and removed all messages in the queue to this host - even + recent messages. How I can avoid this behaviour? I only want to remove + messages that have exceeded the maximum retry time. + + +

+A0529: Exim's retrying is host-based rather than message-based. The philosophy + is that if a host has been down for a very long time, there is no point + in keeping messages hanging around. However, you might like to check + out delay_after_cutoff in the smtp transport. It doesn't do what you + want, but it might help. + +

+Q0530: Can Exim add a Content-Length: header to messages it delivers? + + +

+A0530: You could include something like + +

+
+         headers_remove = "content-length"
+         headers_add = "Content-Length: $message_body_size"
+

+ to the appendfile transport. However, the use of Content-Length: can + cause several problems, and is not recommended unless you really know + what you are doing. There is a discussion of the problems in + +

+

+ http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html + +

+Q0531: Exim seems to be trying to deliver a message every 10 minutes, though + the retry rules specify longer times after a while, because it is + writing a log entry every time, like this: + + +
+       1999-08-26 14:51:19 11IVsE-000MuP-00 == example@example.com T=smtp defer
+       (-34): some host address lookups failed and retry time not reached for
+       other hosts or connection limit reached
+

+A0531: It is looking at the message every 10 minutes, but it isn't actually + trying to deliver. It's looking up example.com in the DNS and finding + this information: + +

+
+         example.com.                MX 10 example-com.isp.example.com.
+         example.com.                MX  0 mail.example.com.
+         mail.example.com.           A  202.77.183.45
+         A lookup for example-com.isp.example.com. yielded NXDOMAIN
+

+ The last line means that there is no address (A) record in the DNS for + example-com.isp.example.com. That accounts for "some host address + lookups failed", but the retry time for mail.example.com hasn't been + reached, which accounts for "retry time not reached for other hosts". + +

+Q0532: I am trying to set exim up to have a automatic failover if it sees that + the system that it is sending all mail to is down. + + +

+A0532: Add to the remote_smtp transport the following: + +

+
+         fallback_hosts = failover.server.name(s)
+

+ If there are several names, they must be separated by colons. + +

+Q0533: I can't get Exim to deliver over NFS. I get the error "fcntl() failed: + No locks available", though the lock daemon is running on the NFS server + and other hosts are able to access it. + + +

+A0533: Check that you have lockd running on the NFS client. This is not + always running by default on some systems (Red Hat is believed to be one + such system). + +

+Q0534: Why does Exim bounce messages without even attempting delivery, giving + the error "retry time not reached for any host after a long failure + period"? + + +

+A0534: This message means that all hosts to which the message could be sent + have been failing for so long that the end of the retry period + (typically 4 or 5 days) has been reached. In this situation, Exim still + computes a next time to retry, but any messages that arrive in the + meantime are bounced straight away. You can alter this behaviour by + unsetting the delay_after_cutoff option on the smtp transport. Then Exim + will try most messages for those hosts once before giving up. + +

+Q0535: My .forward file is "|/usr/bin/procmail -f-" and mail gets delivered, + but there was a bounce to the sender, sending him the output of procmail. + How can I prevent this? + + +

+A0535: Exim's default configuration is set up like this: + +

+
+         address_pipe:
+           driver = pipe
+           return_output
+

+ The return_output option requests that any output that the pipe + produces be returned to the sender. That is the safest default. If you + don't want this, you can either remove the option altogether, or change + it to return_fail_output, to return output only if the command fails. + Note that this will affect all pipes that users run, not just your + procmail one. It might be better to arrange for procmail not to produce + any output when it succeeds. + +

+

6. UUCP + +

+Q0601: The MX records for some UUCP domains point to my local host. How do I + get it to pass the messages on to UUCP? + + +

+A0601: There are several possibilities. One straightforward way is to set up + a domainlist router which matches the UUCP domains and routes to a + suitable transport. Sample configuration C003 is such a configuration, + while C004 shows another way to do it, by defining the domains as local + and using a smartuser director. + +

+

+ If all the domains whose MX records point to the local host are either + local domains or UUCP domains, you can do without the domainlist router + altogether, by making use of the "self" option. This means that only the + DNS has to be updated when a UUCP domain is added or removed. + +

+

+ For example, this router routes to remote hosts over SMTP using a DNS + lookup with default options, and fails for unknown domains (because of + the no_more setting), but if the MX for a domain points at the local + host, Exim continues on to the next router (self = fail_soft overrides + no_more). + +

+
+         lookuphost:
+           driver = lookuphost
+           transport = smtp
+           no_more
+           self = fail_soft
+

+ The next router can just send everything to a suitable UUCP transport: + +

+
+         uucp:
+           driver = domainlist
+           transport = uux_transport
+           route_list = "* $domain"
+

+ This assumes that the transport can determine the UUCP host name from + the domain name. + +

+Q0602: How can I get Exim to handle "bang path" addresses? + + +

+A0602: In general, you can't (Exim is an Internet mailer and recognizes only + RFC 822 addresses) but some restricted kinds of bang path can be dealt + with by appropriate rewriting - but please note the warning below. + +

+

+ Exim treats a bang path address as an unqualified local part, and so + will qualify it with your domain. A rule such as + +

+
+         ^([^!]+)!(.+)@your\.domain$   $2@$1
+

+ turns a!b@your.domain into b@a. You can also use a repeating rule to + turn multi-component paths into the "percent hack" notation with a rule + such as + +

+
+         ^([^!]+)!([^@%]+)(.+)$   $2%$1$3   R
+

+ which turns a!b@c into b%a@c and a!b!c@d first into b!c%a@d and then, + because of the R flag, into c%b%a@d. The R flag causes repetition up to + 10 times. + +

+

+ See also sample configuration C002, which contains some more + sophisticated rewriting rules. + +

+

+ WARNING: If you install a general rewriting rule like the above, you are + opening yourself up to the possibility of unwanted relaying. A host that + is not permitted to relay through your system could send a message with + an SMTP command line such as + +

+
+         RCPT TO:<victim-host!victim-user@your.domain>
+

+ and this would be accepted because it is addressed to your domain. + However, the rewriting then converts the address, and the message does + in fact get relayed. One way round this, if all your bang path messages + are passed to Exim via SMTP, is to use the "S" rewriting flag. This + applies a rewriting rule to incoming SMTP addresses as soon as they are + received, before checking for qualification, relaying, etc. So a rule + such as + +

+
+         ^([^!]+)!(.+)$  $2@$1  S
+

+ rewrites simple two-component bang paths before the result is checked + for relaying. However, this does not rewrite addresses in the headers of + the message. + +

+Q0603: We see something strange on our system in regards to mail comming in via + rmail from a UUCP link. The sender is being set to mailmaster instead of + the real sender, and a Sender: header is being added to the message. + + +

+A0603: If mailmaster is the user that is running rmail, you need to include + that user in the trusted_users configuration option. Only trusted users + are permitted to specify senders when mail is passed to Exim via the + command line. + +

+

7. PERFORMANCE + +

+Q0701: I'm running a large mail server. Should I set split_spool_directory to + improve performance? + + +

+A0701: There doesn't seem to be any significant performance hit using a flat + queue on Solaris systems, so there is no need to do this for them. On + the other hand, there is a known performance problem on Linux filing + systems, where split_spool_directory can make a significant difference. + ???? Other operating systems ???? + +

+Q0702: How well does Exim scale? + + +

+A0702: Although the author did not specifically set out to write a high- + performance MTA, Exim does seem to be fairly efficient. The biggest + server at the University of Cambridge (a large Sun box) goes over + 100,000 deliveries per day on busy days (it has over 20,000 users). + There was a report of a mailing list exploder that sometimes handles + over 100,000 deliveries a day on a big Linux box, the record being + 177,000 deliveries (791MB in total). Up to 13,000 deliveries an hour + have been reported. + +

+

+ These are quotes from some Exim users: + +

+

+ "... Canada's largest internet provider, uses Exim on all of our mail + machines, and we're absolutely delighted with it. It brought life back + into one of our machines plagued with backlogs and high load averages. + Here's just an example of how much email our largest mail server + (quad SS1000) is seeing ... " [230,911 deliveries in a day: 4,475MB] + +

+

+ "... Exim has to ... do gethostbyname()s and RBL lookups on all of the + incoming mail servers, and he runs from inetd (TCP Wrappers connected). + All the same, it seems to me that he runs as fast as lightning on our + SCO 5.0.4 box (1 Pentium 166) - far faster than MMDF which I (and many + customers) had before." + +

+

+ "On a PII 400 with 128M of RAM running Linux 2.2.5, I have achieved + 36656 messages per hour (outgoing unique messages and recipients). For + about a 5 minute period, I was able to achieve an average of 30 messages + per second (that would be 108000 m/hour)! We are using: (options that + make a difference): + +

+
+         queue_only
+         split_spool_directory
+         auto_thaw 60s
+         max_queue_run 1
+         remote_max_parallel 1
+

+ We have a cron job hat runs every five minutes that spawns 5 exim -q if + there are less that 120 exim processes currently running. We found + that by "manually" controlling the concurrency of exim -q processes + contending for the spool for remote_smtp delivery that we gained + considerable performance -- 10000 m/hour." + +

+Q0703: We have a large password file. Can Exim use alternative lookups during + delivery to speed things up? + + +

+A0703: Yes. You don't have to use the password file at all. See sample + configuration C009 for some suggestions. (It shows lsearch lookups, but + these could equally be DBM or cdb or NIS or LDAP lookups.) + +

+

8. POLICY CONTROLS + +

+Q0801: How do I block unwanted messages from outside my host? + + +

+A0801: There are several different options that can be used to block incoming + SMTP messages according to different criteria. The following are the + most commonly used: + +

+

+ (A) Set sender_verify; this causes rejection of any message whose + envelope sender cannot be successfully routed. This is mainly a + check on the existence of remote domains, though it the domain is a + local one, the local part also gets checked. Unfortunately, error + mesages do not have envelope sender addresses, so cannot be checked + in this way. See the headers_sender_verify options for ways of + checking header addresses. + +

+

+ (B) If you want to block all mail from specific hosts or IP networks, + set host_reject_recipients. The _recipients form of the option is + more likely to prevent the remote hosts from keeping on trying. For + example: + +

+
+             host_reject_recipients = 209.12.111.0/24
+

+ If you have many such blocks, they can be put in a file which is + named in the option. If you have a mixture of IP addresses and names + in your list, it is best to put the addresses first, because they + can be checked without the need for a DNS lookup. + +

+

+ (C) If you want to block mail from specific envelope sender addresses, + one convenient way is to organize a file of local parts indexed by + domain names, for example + +

+
+             x.y.z     creditrepair:^betterlovelife[0-9]+$:...
+             p.q.r     *
+

+ This would block creditrepair@x.y.z, any local part starting with + betterlovelife and ending with digits in the x.y.z domain, and + all addresses in the p.q.r domain. You refer to the file in the Exim + configuration as follows: + +

+
+             sender_reject_recipients = @@lsearch*;/name/of/the/file
+

+ If the file is big, you can convert it into a DBM or cdb file and + use a faster lookup method. The asterisk on the end of the search + type causes a lookup for "*" if the domain is not found; that is, it + permits a default list of local parts that are blocked at any + domain that is not specifically listed. If you use this, you + probably also want to end each local part list with ">*" (except + those that consist of "*"). This causes Exim to check the default + list of local parts if none of the specific ones for a domain are + matched. So, the file above could become + +

+
+             *         yourfriend:a.friend:...
+             x.y.z     creditrepair:^betterlovelife[0-9]+$:>*
+             p.q.r     *
+

+ If you are using an lsearch file, putting the * entry first saves a + bit of processing. + +

+

+ (D) If you want to allow mail to postmaster through the blocks, you can + set + +

+
+             recipients_reject_except = postmaster@your.domain
+

+ This overrides any of the policy controls that cause rejection by + recipient. + +

+Q0802: I don't want to block spam entirely; how can I inspect each message + before deciding whether to deliver it or not? + + +

+A0802: This can be done by using a system filter. See the sample configuration + F003. + +

+Q0803: How can I test that my spam blocks are working? + + +

+A0803: The -bh option allows you to run a testing SMTP session as if from a + given IP address. For example, + +

+
+         exim -bh 192.203.178.39
+

+ In addition to the normal SMTP replies, it outputs commentary about + which tests have succeeded or failed. + +

+Q0804: How can I test that Exim is correctly configured to use the Realtime + Blocking List (RBL)? + + +

+A0804: The -bh option allows you to run a testing SMTP session as if from a + given address. You need to know a blocked IP address with which to test. + Such a testing address is kindly provided by Russell Nelson: + +

+
+         linux.crynwr.com [192.203.178.39]
+

+ You can also send mail to nelson@linux.crynwr.com from the server + whose RBL block you are testing. The robot that receives that email + will attempt to send a piece of test email in reply. If your RBL block + didn't work, you get a message to that effect. Regardless of whether the + RBL block succeeds or not it emails you the results of the SMTP + conversation from a host that is not on the RBL, so you can see how your + server looks from the view of someone on the RBL. + +

+Q0805: How can I use tcpwrappers in conjunction with Exim? + + +

+A0805: Exim's own control facilities can do all that tcpwrappers can do. + However, if you are already using tcpwrappers for other things it might + be convenient to include Exim controls in the same place. + +

+

+ First of all, ensure that Exim is built to call the tcpwrappers library, + by including USE_TCPWRAPPERS=yes in Local/Makefile. You also need to + ensure that the header file tcpd.h is available at compile time, and the + libwrap.a library is available at link time, typically by including it in + EXTRALIBS. You may need to copy these two files from the tcpwrappers + build directory to, for example, /usr/local/include and /usr/local/lib, + respectively. Then you could reference them by + +

+
+         CFLAGS=-I/usr/local/include
+         EXTRALIBS=-L/usr/local/lib -lwrap
+

+ in Local/Makefile. There are two ways to make use of the functionality, + depending on how you have tcpwrappers set up. If you have it set up to + use only one file, you ought to have something like: + +

+
+         /etc/hosts.allow:
+
+             exim : <client_list>  : <allow_or_deny>
+

+ For example: + +

+
+             exim : LOCAL  192.168.0.  .friendly.domain  special.host : ALLOW
+             exim : ALL                                               : DENY
+

+ This allows connections from local hosts (chiefly `localhost'), from + the subnet 192.168.0.0/24, from all hosts in *.friendly.domain, and + from a specific host called special.host. All other connections are + denied. If you have tcpwrappers set up to use two files, use the + following: + +

+
+         /etc/hosts.allow:
+
+             exim    : <client_list>
+
+         /etc/hosts.deny:
+
+             exim    : <client_list>
+

+ Read the hosts_access(5) man page for more ways of specifying clients, + including ports, etc., and on logging connections. + +

+Q0806: How can I get POP-auth-before-relay support in Exim? + + +

+A0806: See http://cc.ysu.edu/~doug/exim-pop.tar.Z which has some scripts for + this, courtesy of Doug S <doug@cc.ysu.edu>. + +

+Q0807: I have one or two cases where my machine correctly rejects messages, but + the remote machine is quite persistent, and keeps trying over and over. + + +

+A0807: It is an unfortunate fact that a number of SMTP clients, in violation of + the SMTP RFC, do not treat a permanent error code that is given after + the MAIL FROM command or the DATA portion of the transaction as a + permanent error. Consequently they keep resending the message. Failing + checks on a message's headers (the headers_... options) necessarily + result in an error code after the data has been received. + +

+Q0808: I am seeing the error "no valid sender in message headers: return path + is <>" in the reject log. Isn't <> a valid return path for error + messages? + + +

+A0808: It is indeed valid. The complaint here is about the contents of the + message's headers, not the return path. This message has been reworded + in later versions of Exim. You must have set the headers_sender_verify + option. Check the From:, Reply-to: and Sender: headers that were logged + with the error. You can use Exim's -bv option to find out why + verification of those addresses failed. + +

+Q0809: Let's say that we want to run a mail server that does not care if you + have proper reverse DNS. If you include host_reject lines in your + config file, Exim will always reject connections from such hosts. How + can this be avoided? + + +

+A0809: This is true only if you have wild-carded host names in host_reject. + For complete host names, Exim uses a DNS forward lookup to obtain an IP + address to compare. If you are using wild cards of any sort, put + +allow_unknown as an item in your host list, for example: + +

+
+         host_reject = +allow_unknown : *.def.zz : *.stu.yy
+

+ This will allow any host without reverse DNS to bypass the checks. Note + that it means that the owner of abc.def.zz (for example) can trivially + get round your block simply by deleting the PTR record for abc.def.zz. + If you use +warn_unknown instead of +allow_unknown, the action is the + same, but every time the exception is invoked, it is logged. + +

+Q0810: Is there a way to prevent lookups in the RBL for local hosts? + + +

+A0810: Check out the rbl_hosts option. + +

+Q0811: How can I set up the sender_reject option in my config file so I can + reject mail by matching regular expressions? + + +

+A0811: You must either put the regular expressions directly in the option + setting, or in a file that is referenced by a plain file name, or use + an @@ type of search. If the regular expressions match the domain as + well as the local part, then the first two approaches are the only + possible ones. For example: + +

+
+         sender_reject_recipients = ^.*\.spam\.com$ : ^.*@[0-9]+\.com$
+

+ or + +

+
+         sender_reject_recipients = /some/file
+

+ Each line of the file is treated as if it were an entry in the list, and + must begin with ^ if it is a regular expression. No keys are involved + because this is not a lookup, + +

+

+ If you are using version 2.10 or later, the first of those regular + expressions can be rewritten to execute much more efficiently by + using lookbehinds and once-only subpatterns: + +

+
+         sender_reject_recipients = ^(?>.*$)(?<=\.spam\.com)
+

+ See the manual section entitled "Address lists" for a description of the + @@ type of split domain/local part lookup. See also + Q0801. + +

+Q0812: Normally sender_reject_recipients works fine, but addresses that have + some uppercase letters in them seem to come through. + + +

+A0812: This should no longer be the case from release 3.00 onwards. Although + host and domain names are case-insensitive, the RFCs about mail specify + that local parts are case sensitive. When earlier versions of Exim + looked up a sender address in sender_reject_recipients, they did so + using the caseful form, in order to be compliant with the mail RFCs. + (In principle, user@domain and USER@domain might be different + people. Silly, I know, but that's the rule. It has caused a lot of + grief.) However, RFC 2305 (Anti-Spam Recommendations for SMTP MTAs) + recommends that address checking in blocking lists should be done + caselessly, so Exim now does this by default. + +

+Q0813: I want to accept some sender addresses, even though they do not verify. + There doesn't seem to be an option for verification exceptions, so how + can I do this? + + +

+A0813: Set up a special director or router to ensure that those addresses do + verify, using verify_only and verify_sender so that it is not used + during delivery or recipient verification. For example, here is a router + which verifies the address root@somedomain.com: + +

+
+         verify_exceptions:
+           driver = domainlist
+           verify_only
+           verify_sender
+           domains = some.domain.com
+           local_parts = root
+           route_list = *
+Q0814: We are being plagued by forged mail coming from a number of different + hosts and sender addresses. The guy however leaves a fingerprint. The + first received line always contains 'Received: from baby'. What is the + best suggested way for eliminiating him from our systems? + + +

+A0814: You cannot, unfortunately, prevent the message from getting into your + system, because the message has to be read before you can inspect the + Received: header. The best you can do is to install a system filter + which junks any message containing such a header. Thus the sender still + wastes bandwidth and your resources in transporting the message to you, + but you just throw it away. A simple system filter that does this is + +

+
+         # Exim filter
+         if $h_Received: contains "from baby" then seen finish endif
+Q0815: I have set host_accept_relay, but my host still refuses to relay from + matching hosts. + + +

+A0815: (A) Did you remember to HUP or restart the Exim daemon after changing + the configuration? You can get information as to what options Exim + is checking by using the -bh option to test how it would handle mail + from a specific host. + +

+

+ (B) Have you used any wild-card host names in host_accept_relay? E.g: + +

+
+             host_accept_relay = *.aaa.bbb
+

+ If so, the problem may be that the relevant hosts do not have + reverse DNS entries for their IP addresses. In order to match a wild + card name, Exim has to look up the calling host's name from its IP + address, and if it cannot do so, it takes a hard line by default. + Exim processes lists from left to right, and so will attempt a + reverse DNS lookup at the first wild-carded entry it reaches. If you + have IP addresses in your list, it is best to put them first for + this reason. Suppose you had + +

+
+             host_accept_relay = *.x.y : 10.9.8.7
+

+ Then when the host 10.9.8.7 connects, a reverse lookup will still + be done, because the first check is against *.x.y. If the lookup + fails, relaying is rejected. However, if the list were in the + opposite order, the IP check would succeed, and no DNS lookup would + be done. See also + Q0809. + +

+Q0816: How can I run customized verification checks on incoming addresses? + + +

+A0816: If you can implement your checks in Perl, then you can use Exim's + facility for running an embedded Perl interpreter. For example, if you + want to run special checks on local addresses, you could install this as + your first director: + +

+
+         private_verify:
+           driver = smartuser
+           condition = ${perl{verify}{$local_part}{$domain}}
+           verify_only
+

+ If you want this to be the only means of verification, you can set + no_verify on all the other directors. Otherwise, if this director fails + to verify, the address gets passed on to those that follow. + +

+

+ The verify_sender and verify_recipient options can be used to restrict + the director to sender or recipient verification only, and if necessary + you could have two different directors, one for senders and one for + recipients. + +

+

+ If the result of the expansion of condition is not "no", "false" or + "0", then address verification succeeds, because the director itself + matches any address. The expansion of condition causes the Perl + subroutine called "verify" to be run, with two arguments, the local part + and the domain. The subroutine must be provided in Perl code that is + referenced by the perl_startup option. See the chapter on embedded Perl + for details. + +

+

+ Remote addresses can be handled in a similar way by using a domainlist + router that matches all domains. See also + Q0813. + +

+

+ Starting up a Perl interpreter is not cheap. On a busy system you should + first make sure that there isn't some way of using Exim's own facilities + for doing what you want before going down this road. + +

+Q0817: Does Exim apply RBL checks to error messages, those with an envelope + sender of "<>" ? + + +

+A0817: Yes, it does, because the RBL check happens immediately on connection, + before any commands are passed, and so therefore before it even knows + that the envelope sender is "<>". + +

+Q0818: I want to be able to set up a list, similar to sender_reject_recipients, + but with a user-defined message. I believe I have to use a director for + this. + + +

+A0818: You can do this using the prohibition_message mechanism (see the section + entitled "Customizing prohibition messages" in the manual). This avoids + having to use a director, and therefore doesn't require you to let the + message into your host at all. Use something like this: + +

+
+         prohibition_message = "\
+           ${if eq {$prohibition_reason}{sender_reject_recipients}\
+           {${lookup{$sender_address}lsearch{/some/file}{$value}}}{}}"
+

+ This example looks up a message that is specific to the sender, but you + can of course tailor the message any way you like. Vertical bar is + treated as a line separator in prohibition texts. + +

+Q0819: I want to reject certain sender-recipient combinations, with a specific + message for each such combination. + + +

+A0819: That needs a special director, using the "senders" option to predicate + it on the sender, and a file of recipients to fail for each sender. + Something like this: + +

+
+         forced_fail:
+           driver = aliasfile
+           senders = sender@domain.com : *@otherdomain.com
+           file = /blocked/${lc:$sender_address}
+           search_type = lsearch
+

+ with the files containing lines like + +

+
+         recipient:  :fail:  message
+

+ If you are handling multiple local domains, you may want to set + include_domain so you can specify fully qualified addresses in the + files. If the files get big, an indexed search type such as DBM or cdb + should be used. + +

+

+ If you want to block an entire domain from a specific sender, you could + use this director: + +

+
+         domain_block:
+           driver = aliasfile
+           senders = dislikedsender@wherever
+           file = /fail/all
+           search_type = lsearch*
+

+ with the file containing + +

+
+         *:   :fail:   message
+

+ The message text supplied after :fail: is restricted to a single line. + If you want to send several paragraphs of message, instead of using + :fail: you could use the aliasfile to pipe the message off so some + script which generates a long message and then gives a non-zero return + code so that the message gets returned to the sender. + +

+

+ In all of these cases you are in trouble if the sender address is bad, + because the bounce message you generate will get stuck. + +

+Q0820: Will Exim allow me to create a file of regexs and match incoming + external email to the list - and if a match is found file the offending + message into a special location? Also is it possible to make exim only + filter parts of an incoming email - e.g. ignore large MIME attachments + for example and only process text/plain? + + +

+A0820: You can do some of this in a system filter. For example: + +

+
+         if $message_body matches <...some complicated regex...> or
+            $message_body matches <...some other regex...> or
+            $header_from: matches <...regex...> or
+            etc.
+         then
+           save /some/special/file
+         endif
+

+ or instead of "save" you could have "deliver" (to some address) or + "pipe" (to some script). + +

+

+ There isn't any mechanism for ignoring attachments, but $message_body + only looks at the first n bytes of the body, where n defaults to 500 but + can be changed. + +

+

+ A more expensive alternative would be to run a Perl subroutine using the + embedded Perl mechanism. If you passed over the message id, the Perl + code could read the message files on the spool and implement any + algorithm it liked for deciding what should be done. + +

+Q0821: I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT + command, to check if a user has exceeded their email quota. If they have + I issue a temporary failure and a message - can I do this with Exim? + + +

+A0821: This could be done by arranging for a quota check to happen during the + verification of the address after RCPT, but without hacking Exim you + would have to use the embedded Perl facility to get it to run a Perl + script to do the test. + +

+

+ If the reason you want to do this is to avoid having messages for over- + quota users sitting on your spool for many days, there is an + alternative. In Exim you can set up special retry rules for quota + excession (what we use is "if mailbox not read for 7 days, bounce + immediately, otherwise try every hour for one day, then bounce"). + +

+Q0822: I'm looking for a rule to reject special unknown recipients. + + +

+A0822: If the messages in question are coming in via SMTP, you can turn on + receiver_verify (if you haven't already) and arrange for these addresses + not to verify. For example, if they are not in your local domains, you + could use a router like this: + +

+
+         verify_check_specials:
+           driver = domainlist
+           condition = "\
+             ${if eq {$local_part@$domain}{account@host.domain}{yes}{no}}"
+           verify_only
+           fail_verify
+           route_list = *
+

+ where of course you can extend the condition setting to use regular + expressions, file lookups, Perl calls, or anything else that is + available. The failure of the verification causes an error return to the + SMTP RCPT command, so the messages never get into your system. For + addresses in your local domains you could use a smartuser director in a + similar fashion, but you could also use an alias file with :fail: + entries. + +

+

+ If you are receiving such messages from the local host, then they are + already in the system, and have to be failed locally as part of the + delivery process. The :fail: mechanism is the simplest for local + addresses. For remote addresses, one possibility would be to use a + router with a condition setting to send such messages to an autoreply + transport that sends back an error message to the sender. See also + + Q0826. + +

+Q0823: I'd like to pass all messages through a virus-scanning system before + delivery. Can Exim do this? + + +

+A0823: One way of achieving this is to deliver all messages via a pipe to a + checking program that resubmits them for delivery in some private way + that can be checked (e.g. on a specific SMTP port, or IP address). One + possibility is to use the "received protocol" field that can be set + for locally submitted mail via the -oMr command line option. This + director sends all messages that are not from the local host and whose + received protocol is not "scanned-ok" to the virus_scan transport: + +

+
+         vircheck:
+           driver = smartuser
+           transport = virus_scan
+           condition = "${if or {{eq {$received_protocol}{scanned-ok}} \
+                                 {eq {$sender_host_address}{127.0.0.1}}}\
+                                 {0}{1}}"
+

+ A similar router could be used if you want to scan messages for remote + addresses. One problem is that this approach scans the message for each + recipient, not just once per message. + +

+

+ The virus_scan transport should be set up to pipe the message to a + suitable checking program or script which runs as a trusted user. This + can then re-submit the message to Exim, using -oMr to set the received + protocol to "scanned-ok", and the -f option to set the correct envelope + sender address. + +

+Q0824: How can I accomplish this: a message sent from any host must either be + sending to a domain in a list (a dbm file) or the sender's address + domain must be in the list. + + +

+A0824: First of all, set + +

+
+         relay_domains = dbm;/the/dbm/file
+

+ This allows relaying from any host, provided that the recipient address + matches one of the domains in the list. Then set + +

+
+         host_accept_relay = *
+         sender_address_relay = dbm;/the/dbm/file
+

+ This allows relaying from any host (because of the *) to any arbitrary + domain, provided that the sender's address matches a domain in the list. + +

+

+ WARNING: This setting makes it possible for your host to be used as an + open relay by those unscrupulous enough to forge sender addresses. Your + host may end up on one of the open relay blocking lists as a result. + +

+Q0825: I've set relay_domains and sender_address_relay, but if user@mydomain + tries sending to an arbitrary domain, Exim rejects it. + + +

+A0825: The safest way to control relaying arbitrary domains is by host, not + by sender address. If you are able to specify the hosts which your users + use, then set host_accept_relay to match them. You can then remove the + setting of sender_address_relay, unless you also want to limit relaying + to specific senders. + +

+

+ If you want to permit relaying from specific senders on arbitrary hosts, + you can set relay_match_host_or_sender. This requires that only one of + the host or sender address be recognized, instead of both of them. + +

+

+ WARNING: This setting makes it possible for your host to be used as an + open relay by those unscrupulous enough to forge sender addresses. Your + host may end up on one of the open relay blocking lists as a result. + +

+Q0826: I set sender_reject_recipients, but Exim is not rejecting those + recipients. + + +

+A0826: You have misunderstood the option. A setting like that rejects all the + recipients of an incoming message with that sender. To reject a + specific recipient in your own domain you can set up an alias like this: + +

+
+         reject-me:  :fail: mail for reject-me is not acceptable
+

+ If you want to reject a recipient that is not in a local domain, one + approach is to set up a router to send the address to your directors, + and then use an alias file to generate a :fail: message as above. + Alternatively, you can use the verification mechanism: see + Q0822. + +

+Q0827: I can't find an option to deny "RCPT TO:" addresses. + + +

+A0827: Denying RCPT TO addresses is the job of verifying. You can set up + directors and routers that are run only when verifying and not when + delivering. This gives you a great deal of flexibility. See + Q0822. + +

+Q0828: My problem is that Exim replaces $local_part with an empty string in the + system filtering. What's wrong or what did I miss? + + +

+A0828: A message may have many recipients. The system filter is run just once + at the start of a delivery attempt. Consequently, it does not make sense + to set $local_part. Which recipient should it be set to? However, you + can access all the recipients from a system filter via the variable + called $recipients. + +

+Q0829: Using $recipients in a system filter gives me another problem: how can + I do a string lookup if $recipients is a list of addresses? + + +

+A0829: Check out section 25 of the filter document ("Testing a list of + addresses"). If that doesn't help, you may have to resort to calling an + embedded Perl interpreter - but that is expensive. + +

+Q0830: Is there a way to configure Exim to reject mail to a certain local host? + + +

+A0830: No, only to certain domains. Use a configuration like this: + +

+
+         receiver_verify
+         local_domains = rejected.domain : <other local domains>
+

+ with the first director as + +

+
+         reject_domains:
+           driver = smartuser
+           domains = rejected.domain
+           verify_only
+           fail_verify
+Q0831: Exim sometimes rejects messages with bad senders after the DATA and + sometimes after the MAIL command. What is the difference? + + +

+A0831: The first time Exim encounters a particular bad sender, it rejects the + message after the data has been received, so that it can log the + headers. If the same sender re-appears within 24 hours, Exim assumes + that the remote host has (in violation of RFC 821) not interpreted the + previous 550 error code correctly, so this time it rejects the MAIL + command. Some hosts don't even managed to handle that, so if the same + sender turns up for a third time within 24 hours, Exim accepts MAIL, but + rejects every RCPT command instead. + +

+Q0832: How can I get Exim to remove attachments from messages? + + +

+A0832: (A) The cleanest way is to check for the existence of a "Content-type" + header line, and route messages containing it down a pipe to some + other program that strips the attachments and re-submits the message + to Exim. Alternatively, a transport filter can be used to do the + job, as described in C028. + +

+

+ (B) A somewhat more hairy way is to use embedded Perl from a system + filter to truncate the message's data file directly, and then use + the "headers remote" filter command to get rid of the associated + headers. + +

+Q0833: I ran a relay test against my host and it failed with an address + containing a %, though I don't have percent_hack_domains set. Is Exim + broken? This is what the tester said: + + +
+         Relay test 6
+         >>> RSET
+         <<< 250 Reset OK
+         >>> MAIL FROM:<spamtest@example.com>
+         <<< 250 <spamtest@example.com> is syntactically correct
+         >>> RCPT TO:<relaytest%mail-abuse.org@example.com>
+         <<< 250 <relaytest%mail-abuse.org@example.com> is syntactically correct
+         Relay test result
+         Uh oh, host appeared to accept a message for relay.
+         The host may reject this message internally, however
+

+A0833: This does not prove that your host is open for relaying. Notice the + wording of the last two sentences: "appeared to accept" and "may reject + internally". Assuming that your Exim configuration is correct, Exim will + discover that the local part "relaytest%mail-abuse.org" is not valid on + your host, and it will bounce the message. + +

+

+ Why doesn't it reject the RCPT TO command? Answer: because you have not + set receiver_verify in your configuration file, or you have excluded + these particular sender or recipient domains from receiver verification. + +

+

9. MAJORDOMO + +

+Q0901: How do I set up Majordomo to work with Exim? + + +

+A0901: Users have found several ways of setting up Exim for use with Majordomo. + There's a web page at + +

+
+         http://www.netmaster.ca/exim/majordomo.html
+

+ which shows one way to do it, and discusses some of the issues. The + sample configuration C018 is another approach which automates a lot of + the functions based on whether the files or directories exist. Only + three aliases per list are needed. + +

+

+ Somewhere in the Majordomo docs or FAQ it mentions using batchmail or + other additional programs to improve the performance of large lists. + They are not needed with Exim, and their use can actually make things + worse. However, it's a good idea to set remote_max_parallel to a value + greater than 1 in the Exim configuration. + +

+Q0902: I have set $mailer in majordomo.cf, but it still isn't setting the + sender correctly in the messages it sends. + + +

+A0902: Make sure you have got the quoting correct in the $mailer setting. For + example, + +

+

+ $mailer = "$sendmail_command -oi -oee -f$sender\@lists.mydomain.de"; + +

+

+ is not correct. It needs three backslashes, not one, and the $ at the + start of $sender has to be escaped with a backslash. + +

+Q0903: I'm trying to set up majordomo, but I'm getting a "wrong mode" error + when I try to send it mail. The panic log entry reads: + + +

+ 1999-01-05 11:23:34 0zxZGY-0000vB-00 majordomo_aliases director: + /var/lib/majordomo/lists/lists.aliases (lsearch lookup): wrong mode + +

+

+A0903: Check the mode of /var/lib/majordomo/lists/lists.aliases and compare it + with the setting of the modemask option in the majordomo_aliases + director. This option specifies bits which must not be set for the alias + file, and it defaults to 022. + +

+Q0904: I'm getting return code 9 from /home/majordomo/majordomo-1.94.4/wrapper + when it is passed a message from Exim. + + +

+A0904: A problem like this turned out to be the Perl version that came with + RedHat 5.2. Rebuilding Perl 5.005x solved it. + +

+

10. REWRITING + +

+Q1001: How can I get Exim to strip the hostname from the sender's address? + + +

+A1001: If you set up a rewriting rule in the following form: + +

+
+          *@*.your.domain  $1@your.domain
+

+ then Exim will rewrite all addresses in the envelope and the headers, + removing anything between "@" and "your.domain". This applies to all + messages that Exim processes. If you want to rewrite sender addresses + only, the the rule should be + +

+
+          *@*.your.domain  $1@your.domain  Ffrs
+

+ This applies the rule only to the envelope "From" address and to the + From:, Reply-to:, and Sender: headers. + +

+Q1002: I have Exim configured to remove the hostname portion of the domain on + outgoing mail, and yet the hostname is present when the mail gets + delivered. + + +

+A1002: Check the DNS record for your domain. If the MX record points to a CNAME + record instead of to an A record, MTAs are liable to rewrite addresses, + changing your domain name to its "canonical" form, as obtained from the + CNAME record. + +

+Q1003: I want to rewrite local addresses in mail that goes to the outside + world, but not for messages that remain within the local intranet. + + +

+A1003: Exim wasn't really designed to handle this kind of split world. Because + it keeps only one copy of a message, and does all the rewriting at the + time of reception, a standard configuration cannot handle this kind of + rewriting in a message that has both internal and external recipients. + +

+

+ However, what can be done is to split off a copy of the message to be + sent to all external recipients, and do the rewriting on that. This can + be achieved by running two differently-configured versions of Exim, + either on a single host, or on two different hosts. If you have a + gateway or firewall machine, that is the natural place to run the + rewriting version. + +

+

+ On a single machine, the following is one way of handling this: + +

+

+ (1) Set up the normal configuration (in the configuration file whose + name is screwed into the binary) such that it does local deliveries + as required, but forwards a copy of the message for non-local + recipients to a different incarnation of Exim via a private SMTP + port. For example, use this transport and router: + +

+
+             # Transport to send SMTP using port 26
+             internal_smtp:
+               driver = smtp
+               service = 26
+
+             # Router to send everything the internal_smtp transport
+             pass_remotes:
+               driver = domainlist
+               transport = internal_smtp
+               route_list = * localhost byname
+               self = send
+

+ This should be the only router. Because of the self = send + setting, Exim will transport the messages, even though it knows it + is going to the local host. + +

+

+ (2) Set up a different configuration file for the rewriting version of + Exim. This need do no local deliveries, so it needs no local + domains or directors, and as it accepts mail only from the local + host, there is no need for any spam-blocking or other policy + controls. However, it does need to have its own spool area. The main + part of the configuration could be like this: + +

+
+             local_domains =
+             local_interfaces = 127.0.0.1
+             host_reject = !127.0.0.1
+             spool_directory = /var/spool/exim-external
+             end
+

+ Note the use of a negated item for host_reject, causing rejection of + SMTP calls from all but the local host. + +

+

+ The directors section can be completely empty (apart from the line + saying "end"), while the routers section should be as in a normal + configuration, as it is going to control external delivery. + +

+

+ The rule(s) for rewriting your internal addresses into external ones + should be in this configuration. This is one example of what might + be done: + +

+
+           *@*.your.domain  "\
+              ${lookup{$1}cdb{/etc/$2/mail.handles.cdb}{$value}fail}"
+

+ which looks up each local part in a per-host file to obtain the + externally-visible address, including (in this example) the domain. + +

+

+ (3) You have to arrange for a daemon to be listening on port 26, and to + be using the alternate configuration file. It is necessary to do + this as root so that Exim retains its privilege after reading a + non-standard configuration. A command such as + +

+
+             exim -C /etc/exim-configure2 -bd -oX 26
+

+ could be used in a suitable system start-up file. Alternatively you + could set up inetd to run Exim with the -C option for incoming + connections on port 26. + +

+

+ The net result of all of this is that when a message has one or more + external recipients, a copy of it is sent via port 26 to the second + version of Exim, which rewrites any internal addresses and does the + external deliveries. The cost of this is that the message has to be + copied and spooled twice, and you have two different Exim queues to + manage. Note that if the "external" Exim has to send a delivery failure + message, it will use the rewritten sender address. + +

+Q1004: I'm using this rewriting rule to change login names into "friendly" + names, but if mail comes in for an upper case login name, it doesn't + get rewritten. + + +
+   	 *@my.domain	 ${lookup{$1}dbm{/usr/lib/exim/longforms}\
+			 {$value}fail}@my.domain bcfrtFT
+

+ The longforms database has entries of the form: + +

+
+         ano23: A.N.Other
+

+A1004: Replace $1 in your rule by ${lc:$1} to force the local part to lower + case before it is used as a lookup key. + +

+Q1005: Is it possible to completely fail a message if the rewrite rules fail? + + +

+A1005: It depends on what you mean by "fail a message" and what addresses you + are rewriting. If you are rewriting recipient addresses for your local + domain, you can do: + +

+
+   	 *@dom.ain  ${lookup{$1}dbm{/wher/ever}{$value}{failaddr}}  Ehq
+

+ and in your alias file put something like + +

+
+   	 failaddr:   :fail: Rewriting failed.
+

+ This fails a single recipient - others are processed independently. + +

+Q1006: I'm using $domain as the key for a lookup in a rewriting rule, but its + contents are not being lowercased. Aren't domains supposed to be handled + caselessly? + + +

+A1006: The value of $domain is the actual domain that appears in the address. + It could of course be lower cased, but I know that would cause some + unhappiness, because some people have mixed-case domain names which look + silly if the case is changed. Thus, one wants to preserve the case in + rewrites such as + +

+
+         *@*.TheRap.com   <something>@$domain
+

+ (not the best example) because "therap" doesn't look like two words. I + know it seems trivial, but it is important to some people - especially + if by some unfortunate accident the lowercased word is something + indecent. + +

+

+ You can trivally force lower casing by means of the ${lc: operator. + Instead of "$domain" write "${lc:$domain}". + +

+Q1007: I want to rewrite local sender addresses depending on the domain of the + recipient. + + +

+A1007: In general, this is not possible, because a message may have more than + one recipient and Exim keeps just a single copy of each message. You can + do an incomplete job by using a regular expression match in a rewrite + rule to test, for example, the contents of the To: header. This would + work except in cases of multiple recipients. See also + Q1003. + +

+

11. HEADERS + +

+Q1101: I would like add some custom headers to selected outgoing mail based on + a specific domain and the subject line. + + +

+A1101: To the remote_smtp transport, add something like + +

+
+         headers_add = "${if and{\
+                       {eq{$domain}{spec.dom}}\
+                       {matches{$h_subject:}{whatever}}}\
+                       {Content-Type: text/html; charset=\"us-ascii\"} fail }"
+

+ This example shows a Content-Type header, but you can have anything you + like, and multiple headers can be inserted by using \n to separate them. + +

+Q1102: Is it possible to have Exim add a header to only certain local_parts of + outgoing mail? + + +

+A1102: Only if you arrange for each such local part to receive its own private + copy of the mail. See max_rcpt in the SMTP transport. Then you could use + conditions in an expansion string to add or not add a header. + +

+Q1103: How can I remove some part of the Received: header? + + +

+A1103: Set received_header_text. + +

+Q1104: How I can insert the PGP header line using exim filters? + + +

+A1104: You can't insert headers in a user filter. A system filter can do so, + but the inserted lines then are included for all recipients. + +

+

12. FETCHMAIL + +

+Q1201: When I run fetchmail, I get the error "SMTP listener doesn't like + recipient address xxx@localhost". + + +

+A1201: Put "localhost" in a list of local domains, that is, add it to the + local_domains option in your Exim configuration file. + +

+Q1202: Fetchmail is passing on bounce messages to Exim with the sender address + set to <@some.domain> which causes Exim to complain, because there is no + local part. + + +

+A1202: This was a fetchmail problem which has been fixed. Ideally, you should + upgrade to the current fetchmail release. If you cannot do this, there + is some Exim magic that might help. The 'S' rewriting flag allows + rewriting of envelope addresses to be done as soon as they are received + in the SMTP protocol, before any kind of checking or other processing is + done. This is specifically provided for installations that have to cope + with mangled addresses coming in over SMTP. + +

+Q1203: I'm currently using Exim with fetchmail and I'd like to use the RBL on + Exim, but will it work? Do I need to configure fetchmail any particular + way? As far as Exim knows, all mail is coming from 127.0.01. Will it + check the source address against RBL? Or will it check the From: header? + + +

+A1203: It will check 127.0.0.1 (not very useful). The point of the RBL is to + keep messages from black-listed hosts out of your machine. If you are + using fetchmail, you have got the messages into your machine before you + approach Exim. That kind of defeats the purpose of the RBL. The right + way to do this would be for the host from which you fetchmail to do the + RBL checking and insert some kind of warning header for you to test, as + Exim does if you run RBL checks in warning mode. + +

+

13. PERL + +

+Q1301: Exim built with Perl support exits with the error message "./exim: can't + load library 'libperl.so'". + + +

+A1301: If you are using BSDI, see + Q9401. + +

+Q1302: Exim built with Perl support exits with several error messages of the + form "undefined reference to `PL_stack_sp'". + + +

+A1302: This has been seen on FreeBSD systems that had two different versions of + Perl installed, the older with an a.out library and the newer with an + ELF library. Ensure that the older package is removed. + +

+

14. DIAL-UP + +

+Q1401: How can I arrange for mail to other hosts on my local network to be + delivered when I'm not connected to the Internet? + + +

+A1401: Use the queue_remote_domains option to control which domains are held + on the queue for later delivery. For example, + +

+
+         queue_remote_domains = ! *.localnet
+

+ allows delivery to domains ending in .localnet, while queueing all the + others. + +

+Q1402: I have a dial-up machine, and I use the queue_smtp_domains option so + that remote mail only goes out when I do a queue run. However, any email + I send with an address <anything>@aol.com is returned within about 15 + minutes saying 'retry time exceeded', and all addresses are affected. + + +

+A1402: (A) You should be using queue_remote_domains rather than queue_smtp_ + domains. With the latter, Exim is trying to route the addresses, which + involves a DNS lookup. This is presumably timing out, causing a retry + time to be set for the domain, and somehow a valid lookup never happened + before the maximum retry time (default of 4 days) passed. Hence the + bounce. The fact that it is aol.com is not relevant. You should probably + also be using -qq to do your queue run rather than -q. + +

+

+ (B) An alternative approach if you are sending all your outgoing mail to + the same smart host is to use a single router like this: + +

+
+   	 route_append:
+	 driver = domainlist
+	 transport = remote_smtp
+	 route_list = "* smarthost.isp.net byname"
+

+ and put the address of the smart host in /etc/hosts, so that it can be + found without the need of a DNS lookup. Then you can use queue_smtp_ + domains so that Exim does the routing for every message, but doesn't try + to deliver it. See also + Q1403. + +

+Q1403: How should Exim be configured when it is acting as a temporary storage + system for a domain on a dial-up host? + + +

+A1403: Exim isn't really designed for this, but... The lowest-numbered MX + record for the domain should be pointing to your host. You should set a + large retry time for that domain, so that Exim doesn't keep trying to + deliver when the host is offline. When the host comes online, the + waiting messages have to be kicked somehow. This can be done by calling + Exim with the -R option, or via the SMTP ETRN command. This works + provided the number of messages is low. If you are handling lots of + mail, keeping messages waiting for their host to connect and those that + are having delivery problems to remote hosts all in the same queue + doesn't work so well. It is better in this case to get Exim to deliver + the mail for the dial-in hosts into some local files which then get + transmitted by other software when the host connects. See the manual + chapter entitled "Intermittently connected hosts" and also + Q5014 and + + Q0521. + +

+Q1404: I have queue_remote_domains or queue_smtp_domains set, and use -qf to + force delivery of waiting mail when I dial in. How can I arrange for any + new messages that arrive while I'm connected to be delivered immediately? + + +

+A1404: (A) Instead of queue_remote_domains or queue_smtp_domains, use the + queue_only_file option. This causes messages to be queued only if a + particular file exists. The word "remote" or "smtp" before the file name + controls which type of queueing is used. For example: + +

+
+         queue_only_file = remote/etc/present/when/not/connected
+

+ Then, in the scripts which are run when you connect and disconnect, + arrange to remove the file after connection, and create it just before + disconnection. + +

+

+ (B) An alternative is to set hold_domains to point to a file lookup and + switch that file appropriately. + +

+

20. MILLENNIUM + +

+Q2000: Are there any Y2K issues with Exim? + + +

+A2000: The author of Exim believes that it is Y2K-compliant, as long as the + underlying operating system and C library are. Exim does not parse dates + or times at all. Internally, it makes some use of binary timestamps in + Unix format (number of seconds since 1-Jan-1970) and uses C library + services to convert these to printing forms (e.g. for logging). The + printing forms all use 4-digit years. Some people have tried various + tests. No problems have been reported, but details of what tests have + been done are not available. + +

+

50. MISCELLANEOUS + +

+Q5001: What does the error "Unable to get interface configuration: 22 Invalid + argument" mean? + + +

+A5001: This is an error that occurs when Exim is trying to find out the all the + IP addresses on all of the local host's interfaces. If you have lots of + virtual interfaces, this can occur if there are more than around 250 of + them. The solution is to set the option local_interfaces to list just + those IP addresses that you want to use for making and receiving SMTP + connections. + +

+Q5002: How can I arrange to allow a limited set of users to perform a limited + set of Exim administration functions? I don't want to put them all in + the exim group. + + +

+A5002: See http://www.chiark.greenend.org.uk/~ian/userv/. Using userv you can + arrange (for example) for certain users to be able to invoke mailq or + runq or other preset commands as exim (or any other user, as configured) + with only userv configuration. If you want to check the particular Exim + options available you can easily do it with shell or Perl scripts and + userv configuration, and provided you know how to do argument + `unparsing' properly in shell or Perl it will be secure. + +

+Q5003: How can I test for a message's size being greater or less than a given + value in an expansion string? + + +

+A5003: This isn't straightforward in versions of Exim prior to 2.10, because + there were no arithmetic operators in expansion strings. In version + 2.10 or later you can write, straightforwardly, + +

+
+         ${if > {$message_size}{10K} {yes} {no}}
+

+ In earlier versions, low cunning can be used to achieve certain + kinds of test. For example, to test if the message size is less than + or equal to 1000000: + +

+
+       ${if eq{${expand:\$\{substr_-1000000_$message_size:x\}}} {} {yes} {no}}
+Q5004: I want to "tail" the Exim log, but I have a number of other logs I also + want to "tail", and the number of tailing windows is getting to be a + nuisance. + + +

+A5004: Look for a program called 'xtail' (despite its name, it's not an + X-windows application). It allows you to do multiple tails, even of + entire directories. + +

+Q5005: I would like to have Exim log information written to syslog. + + +

+A5005: Support for this is available from version 3.10 onwards. + +

+Q5006: What does the error "Failed to create spool file" mean? + + +

+A5006: Exim has been unable to create a file in its spool area in which to + store an incoming message. This is most likely to be either a + permissions problem in the file hierarchy, or a problem with the uid + under which Exim is running, though it could be something more drastic + such as your disc being full. Check that you have defined the spool + directory correctly by running + +

+
+         exim -bP spool_directory
+

+ and examining the output. Check the mode of this directory. It should + look like this, assuming you are running Exim as user `exim': + +

+
+         drwxr-x---   6 exim  exim      512 Jul 16 12:29 /var/spool/exim
+

+ If there are any subdirectories already in existence, they should have + the same permissions, owner, and group. Check also that you haven't got + incorrect permissions on superior directories (for example, /var/spool). + Check that you have set up the exim binary to be setuid root. It should + look like this: + +

+
+         -rwsr-xr-x   1 root     xxx       502780 Jul 16 14:16 exim
+

+ Note that it is not just the owner that must be root, but also the third + permission must be "s" rather than "x". + +

+Q5007: Exim keeps crashing with segmentation errors (signal 11 or 139). + + +

+A5007: This might be a problem with the db library. See + Q0505. + +

+Q5008: Exim's databases keep getting corrupted. + + +

+A5008: See + Q0505. + +

+Q5009: I've been using an autoreply director to try and mimic a bounce message, + but I can't get it to have an envelope from of <>. + + +

+A5009: You haven't, by any chance, put "exim" in the list of never_users, have + you? + +

+Q5010: I see entries in the log that mention two different IP addresses for the + same connection. Why is this? For example: + + +
+         H=tip-mp8-ncs-13.stanford.edu ([36.173.0.189]) [36.173.0.156]
+

+A5010: The actual IP address from which the call came is the final one. + Whenever there's something in parentheses in a host name, it is what the + host quoted as the domain part of an SMTP HELO or EHLO command. So in + this case, the client, despite being 36.173.0.156, issued the command + +

+
+         HELO [36.173.0.189]
+

+ when it sent your server the message. This is, of course, very + misleading. + +

+Q5011: How can I persuade Exim to accept ETRN commands without the leading + # character? + + +

+A5011: Set the option + +

+
+         smtp_etrn_command = /usr/lib/sendmail -R $domain
+

+ This causes Exim to run that command, with $domain replaced by the + argument of ETRN. The default action of Exim is to require the # sign + in order to be RFC-compliant, and to run the equivalent of + +

+
+         smtp_etrn_command = /usr/lib/sendmail -R ${substr_1:$domain}
+

+ which uses the argument without the leading # as the value for the -R + option. You aren't restricted to running Exim with the -R option, of + course. You can specify any command you like, with any number of + arguments. In particular, you can pass over the IP address of the caller + via $sender_host_address. However, if you make use of expansion strings + in the arguments, each one must be entirely contained in a single + argument. For example, if you want to remove the first character of the + ETRN argument when it is @ or #, you could use + +

+
+         smtp_etrn_command = "/usr/lib/sendmail -R \
+           \"${if match {$domain}{^[@#]}{${substr_1:$domain}}{$domain}}\""
+

+ The internal quotes are necessary because of the white space inside the + expansion string. + +

+

+ If you use smtp_etrn_command to run something other than Exim with the + -R option, you must disable smtp_etrn_serialize, because otherwise the + serialization lock (which is set by default) never gets removed. + +

+Q5012: I've recently noticed that emails I send with a Bcc: line are being + delivered to their final destination with the Bcc: line still present. + + +

+A5012: Exim removes Bcc lines only if you call it with the -t option (i.e. + when it is acting partly as an MUA). It does not remove Bcc lines that + are present in incoming SMTP mail or command-line mail that does not + use -t. Indeed, it should not remove them. From RFC 822: + +

+

+ 5.3. BCC / RESENT-BCC + +

+

+ This field contains the identity of additional recipients of the + message. The contents of this field are not included in copies of the + message sent to the primary and secondary recipients. Some systems may + choose to include the text of the "Bcc" field only in the author(s)'s + copy, while others may also include it in the text sent to all those + indicated in the "Bcc" list. + +

+

+ Only the initiating software (i.e. the MUA) can tell what to do with + Bcc; any MTA software has to leave it alone. + +

+Q5013: I used gv v3.5.8 (ghostview) to try printing spec.ps. After every + printed page, the printer ejects a blank sheet. Is this something to do + with using "letter" rather than A4 paper? + + +

+A5013: This seems to be an effect of using ghostview. Although the PostScript + is generated for A4 pages, the size of the page images is such that they + should fit on a letter page (they are shorter than would normally be + used on A4 paper). If the PostScript file is sent directly to a + PostScript printer, there is no problem. An alternative is to get hold + of the "psutils" toolset, which is available from + +

+
+         ftp://ftp.dcs.ed.ac.uk/pub/psutils/psutils.tar.gz
+

+ It contains utilities for extracting pages (which can be useful for + double-sided printing) and for resizing pages. If you resize from A4 to + letter the text shrinks a bit, but should then be printable via + ghostview. + +

+Q5014: I would like to have a separate queue per domain for hosts which dial + in to collect their mail. + + +

+A5014: Exim isn't really designed for this kind of operation. The only way to + do this would be to cause it to send those messages to a differently + configured version of Exim with its own spool area. This could be done + via a pipe or SMTP to a private port. The main Exim, listening on port + 25, would then be configured to run an appropriate command to prod one + of the others when it received ETRN, by means of the etrn_command option. + +

+

+ You could probably manage this with a single Exim binary and a number of + different configuration files, passed to the special versions using the + -C option. For this application they could all run as exim, since no + root privilege would be needed. + +

+

+ An alternative approach would be to get Exim to deliver mail for such + hosts in batch SMTP format into some directory, and have the ETRN run + something to pass such messages to the dialled-in host. See also + Q0503 + and + Q0521. + +

+Q5015: A short time after I start Exim I see a <defunct> process. What is + causing this? + + +

+A5015: Your system must be lightly loaded as far as mail is concerned. The + daemon sets off a queue runner process when it is started, but it only + tidies up completed child processes when it wakes up for some other + reason. When there's nothing much going on, you occasionally see + <defunct> processes like this waiting to be dealt with. This is + perfectly normal. + +

+Q5016: On a reboot, or a restart of the mail system, I see the message "Mailer + daemons: exim abandoned: unknown, malformed, or incomplete option + -bz sendmail". What does this mean? + + +

+A5016: -bz is a Sendmail option requesting it to create a "configuration freeze + file". Exim has no such concept and so does not support the option. You + probably have a line like + +

+
+         /usr/lib/sendmail -bz
+

+ in some start-up script (e.g. /etc/init.d/mail) immedately before + +

+
+         /usr/lib/sendmail -bd -q15m
+

+ The first of these lines should be commented out. + +

+Q5017: I would like to restrict e-mail usage for some users to the local + machine, ideally on a group basis. + + +

+A5017: See + A9802 + +

+Q5018: Whenever exim restarts it takes up to 3-5 minutes to start responding on + the SMTP port. Why is this? + + +

+A5018: Something else is hanging onto port 25 and not releasing it. One place + to look is /etc/inetd.conf in case for any reason an SMTP stream is + configured there. + +

+Q5019: Why aren't there any man pages for Exim? I don't always carry my printed + documentation. + + +

+A5019: As well as plain ASCII text, the Exim documentation is provided in two + online forms - texinfo and HTML - which have a certain amount of built- + in indexing for ease of finding your way around. There are no man pages + because the author of Exim hasn't the time (or desire :-) to maintain + yet another documentation format. Besides, it is hard to know how to + split the Exim manual up. + +

+

+ There is a contributed man page for a previous version of Exim in + +

+

+ ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/Contrib/doc/exim.8 + +

+

+ This was written by a previous maintainer of the Debian GNU/Linux Exim + package. You can view a nicely formated version at: + +

+

+ http://dwww.jimpick.com/cgi-bin/dwww?type=man&location=/usr/man/man8/exim.8.gz + +

+

+ This contains some introductory text and the command line options only. + +

+Q5020: When I send a message using the -t command line option, Exim sends only + to the addresses within the message, not to those on the command line. + + +

+A5020: By default Exim operates according to the Sendmail documentation, and + interprets addresses on the command line as addresses not to send to. + You can set + +

+
+         extract_addresses_remove_arguments = false
+

+ to change this behaviour. There is some confusion in the Sendmail + community about the interpretation of recipient addresses on the command + line if the -t option is used. + +

+

+ Here is an except from one version of the sendmail documentation + +

+

+ -t Read message for recipients. To:, Cc:, and Bcc: lines will + be scanned for recipient addresses. The Bcc: line will be + deleted before transmission. Any addresses in the argument + list will be suppressed, that is, they will not receive + copies even if listed in the message header. + +

+

+ Earlier versions of the sendmail documentation are ambiguous (unlike the + snippet above). Apparently the code and documentation streams resolved + the ambiguity differently. + +

+Q5021: If I set up, for example, + local_domains = *customer.com, then it matches + "customer.com" and "abc.customer.com" as required, but it also matches + "noncustomer.com", which is wrong. How can I get round this? + + +

+A5021: (A) You have to specify two entries in the list: + +

+
+         local_domains = customer.com : *.customer.com
+

+ because * in a domain list matches any characters, including "." and + including a null sequence. + +

+

+ (B) Alternatively, you could use a regular expression: + +

+
+          local_domains = ^(.+\.|)customer\.com$
+

+ but that probably will not be as efficient. + +

+

+ (C) If you have lots of local domains, you could put them into a file to + be searched (using lsearch, dbm, cdb, or whatever) and use a partial + search such as + +

+
+         local_domains = partial-dbm;/list/of/domains
+

+ If the file contains the key *.customer.com then the desired effect is + achieved, because partial lookups do operate on a component basis. See + the section entitled "Partial matching in domain lists". It is a bit + confusing that "*" is used in this context, because its meaning is not + the same as when it appears directly in a domain list. + +

+Q5022: I want to match all local domains of the form *.oyoy.org but want a few + exceptions. For instance I don't want foo.oyoy.org or bar.oyoy.org to be + treated as local. What is the best way to do this? + + +

+A5022: (A) From release 3.00 onwards, you can put negative items in the + local_domains setting, like this: + +

+
+         local_domains = !foo.oyoy.org : !bar.oyoy.org : *.oyoy.org
+

+ If there are many exceptions, you can use a lookup instead of listing + them all inline. + +

+

+ (B) Otherwise, you can use a regular expression: + +

+
+         local_domains = ^.*(?<!^foo|^bar)\.oyoy\.org$
+

+ An alternative formulation that is more efficient in execution (because + it doesn't backtrack for .* in cases that don't match) is + +

+
+         local_domains = ^(?>.*$)(?<=\.oyoy\.org)(?<!^(foo|bar)\.oyoy\.org)
+

+ If you are using an earlier version of Exim in which the regular + expression library does not have lookbehind support (versions prior to + 2.051, but after 1.735): + +

+
+         local_domains = ^(?!(foo|bar)\.oyoy\.org$).+\.oyoy\.org$
+

+ If you are using a version of Exim that is earlier than 1.735, consider + upgrading! + +

+Q5023: I can't seem to find a pre-built version of Exim anywhere. The machine + is a Sparc 5 running Solaris 2.6. + + +

+A5023: The problem is that there are a number of build-time options, requiring + the answer to questions like: + +

+

+ . Which DBM library do you have? (On Solaris probably ndbm, but no easy + default on some other systems.) + +

+

+ . Which uid/gid do you want to use for Exim? + +

+

+ . Where do you want the configuration file to be? (Many different + answers, even on the same OS, depending on local policy.) + +

+

+ . Ditto for the binaries. + +

+

+ . Which optional bits of Exim do you want to include? + +

+

+ ... and so on. One could impose a set of values, but I suspect they + would probably please nobody. + +

+Q5024: Is there a Windows NT version of Exim available? + + +

+A5024: A long time ago somebody took a copy of the Exim source with the aim of + trying to port it to NT. However, I never heard anything more. + +

+Q5025: Does Exim support Delivery Status Notificaion (DSN), Message Status + Notification (MSN), or any other form of delivery acknowledgement? + + +

+A5025: See + A0517. + +

+Q5026: What does "Exim" stand for? + + +

+A5026: Originally, it was "EXperimental Internet Mailer", which was the best I + could come up with when I was starting out. At that point it was + experimental - I wanted to see if the ideas I had for extending Smail's + approach actually worked. Then somebody discovered about it and wanted + to start using it, and told other people about it... + +

+Q5027: What does the log message "no immediate delivery: more than 10 messages + received in one connection" mean? + + +

+A5027: See + A0518. + +

+Q5028: Although I haven't set check_spool_space, Exim is still checking the + amount of space on the spool for incoming SMTP messages that use the + SIZE option. Can I suppress this? + + +

+A5028: The RFC for the SIZE option says + +

+

+ If the server currently lacks sufficient resources to accept a + message of the indicated size, but may be able to accept the + message at a later time, it responds with code "452 + insufficient system storage". + +

+

+ and that is what Exim is trying to implement. This is entirely + independent from check_spool_space, which says "don't accept any mail + if there is less than so much space in the spool partition", though the + code is optimised to do both checks at the same time if required. + However, you can suppress the SIZE check if you want to, by unsetting + smtp_check_spool_space. + +

+Q5029: I just noticed log entries that start off "<= <>". Am I correct in + assuming that the "<>" indicates that the envelope did not contain any + "From" data? + + +

+A5029: Yes. This indicates a delivery failure report (aka "bounce message"). + Here is what RFC 1123 has to say about this: + +

+

+ "If there is a delivery failure after acceptance of a message, + the receiver-SMTP MUST formulate and mail a notification + message. This notification MUST be sent using a null ("<>") + reverse path in the envelope; see Section 3.6 of RFC-821. The + recipient of this notification SHOULD be the address from the + envelope return path (or the Return-Path: line). However, if + this address is null ("<>"), the receiver-SMTP MUST NOT send a + notification. If the address is an explicit source route, it + SHOULD be stripped down to its final hop." + +

+

+ The reason for using empty sender addresses is to identify bounce + messages so that they themselves do not cause further bounces. However, + this has made life harder for those that want to check incoming mail for + valid senders. It is a pity that some other mechanism (e.g. a keyword + on the MAIL command) was not used instead, but it is far too late to + change now. + +

+

+ Empty senders are also used for other kinds of report which should not + themselves cause the generation of bounce messages. For example, Exim + uses them when sending out warnings about delivery delays. + +

+Q5030: I've received a message which does not have my address in the To: + line. It is a spam message with the same address in both the From: and + the To: headers. How can this happen, and why doesn't Exim reject it? + + +

+A5030: There is an important distinction between the "envelope" from and to and + the "header" from and to. The former are sometimes called the "sender" + and "recipient". An email message needs an "envelope" for the same + reason that paper mail does - the envelope tells the delivery mechanism + what to do with *this copy* of the message, whereas the To: header lists + all the recipients, including those who have been sent different copies + of the message because their mailbox is on some other host. + +

+

+ An MTA such as Exim normally works entirely with the "envelope" + addresses, not with those in the header lines. However, you can specify + that it should do some checking of header addresses by setting a + number of options whose names begin with headers_. + +

+

+ Don't try to block mail where envelope from and the header from differ. + There are common legitimate cases where this happens, for example, + messages forwarded from mailing lists and delivery failure reports. + +

+Q5031: Can (or will) Exim ever handle a message delivery purely in memory, + that is, it is handled without it ever hitting the disc? + + +

+A5031: It doesn't, and never will. Accepting and delivering a message are two + entirely separate, independent processes, which communicate only by + writing/reading the message on the disc. + +

+Q5032: If I am using dbm files for data that Exim reads, can I rebuild them + on the fly, or do I need to restart Exim every time I make a change? + + +

+A5032: Exim re-reads the file every time it consults it, so if you are using a + cdb or a DBM library that uses just a single file (i.e. NOT ndbm) then + you can just build the new file with a temporary file name, and use "mv" + to rename it into the correct place on the fly. If there are two files + to rename, there is a window of time during which the DBM database is + inconsistent. On lightly loaded systems this may not matter. + +

+Q5033: What are the main differences between using an Exim filter and using + procmail? + + +

+A5033: Exim filters and procmail provide different facilities. Exim filters run + at directing time, before any deliveries are done. A filter is like a + ".forward file with conditions". One of the benefits is de-duplication. + Another is that if you forward, you are forwarding the original message. + +

+

+ However, this does mean that pipes etc. are not run at filtering time, + nor can you change the headers, because the message may have other + recipients and Exim keeps only a single set of headers. + +

+

+ Procmail runs at delivery time. This is for one recipient only, and so + it can change headers, run pipes and check the results, etc. However, if + it wants to forward, it has to create a new message containing a copy + of the original message. + +

+

+ It's your choice as to which of these you use. You can of course use + both. + +

+Q5034: I need an option that is the opposite of -bpa, that is, a listing of + those addresses generated from a top-level address that have not yet + been delivered. + + +

+A5034: Exim does not keep this information. It saves only the top-level + addresses and the list of addresses that are finished with. At each + delivery attempt, generated addresses are recomputed from scratch. This + makes it possible to correct errors in .forward and alias files that are + causing delivery delays. However, there is an option you can set on an + aliasfile or forwardfile director that changes things. It is called + one_time, and if it is set, the list of generated addresses gets added + to the top-level list at the first delivery attempt, and is never + regenerated. Because top-level address lists must be real email + addresses, this option cannot be used if any of the generated addresses + are pipes, files, or autoreplies. + +

+Q5035: I am getting complaints from a customer who uses my EXIM server for + relaying that they are being blocked with a "Too many connections" + error. + + +

+A5035: See smtp_accept_max and related options such as smtp_accept_reserve. + +

+Q5036: When I try "exim -bf" to test a system filter, I received the following + error message: "Filter error: unavailable filtering command "fail" near + line 8 of filter file". + + +

+A5036: Use the -bF option to test system filters. This gives you access to the + freeze and fail actions. + +

+Q5037: How can I make Exim receive incoming mail, queue it, but NOT attempt to + deliver it? I want to be in this state while moving some mailboxes. + + +

+A5037: (1) Set queue_only in the Exim configuration. (2) Kill off your daemon, + and restart it without the -q option (i.e. with just the -bd option), + so that it does not spawn any queue runners. This stops all deliveries, + remote as well as local. To stop just local deliveries, assuming that + none of your routers are configured to send messages directly to a local + transport, make this your first director: + +

+
+         defer_all:
+           driver = smartuser
+           new_address = :defer:
+

+ When you are ready to go again, remove that director and do a -qf run to + override the retry times. This solution works from release 3.10 onwards. + In earlier releases an aliasfile director must be used because :defer: + was not available for use in smartuser. + +

+Q5038: What does the rejection message "reject all recipients: 3 times bad + sender" mean? + + +

+A5038: See the section of the manual entitled "Sender verification". Exim has + failed to verify a sender from the same host 3 times within a period of + 24 hours. + +

+Q5039: The menu in Eximon isn't working. It displays, but I can't select + anything from it. + + +

+A5039: On some X implementations, if the numlock key is pressed (so that the + numeric keypad is working) then the menu didn't work properly in + versions of Eximon before Exim release 3.10. The problem is an + infelicity in the particular implementation of X. A workaround was + introduced at release 3.10, so this problem should no longer be + encountered. + +

+Q5040: What does "ridiculously long message header" in an error report mean? + + +

+A5040: There has to be some limit to the length of a message's header lines, + because otherwise a malefactor could open an SMTP channel to your host, + start a message, and then just send characters continuously until your + machine ran out of memory. (Exim stores all the header lines in main + memory). For this reason a limit is imposed on the total amount of + memory that can be used for header lines. The default is 1MB, but this + can be changed by setting HEADER_MAXSIZE in Local/Makefile. Exceeding + the limit provokes the "ridiculous" error message. + +

+

+ Prior to release 3.022 Exim used two separate limits, one on the length + of an individual header line and one on the total number of header + lines. A header line longer than 8192 used to provoke the error "Header + line is ridiculously overlong". In subsequent releases there is no limit + on individual header lines; only the total matters. + +

+Q5041: What does Exim use for POP as a default? Do I have to install anything + else? + + +

+A5041: Yes. Exim provides MTA functionality. That is, it delivers mail. POP is + one of several ways of reading previously-delivered mail. Exim does not + provide that functionality. + +

+

93. HP-UX + +

+Q9301: I'm trying to compile on an HP machine and I don't have gcc there. So I + put CC=cc in the Local/Makefile, but I got this error: + + +
+       (Bundled) cc: "buildconfig.c", line 54: error 1705: Function prototypes
+         are an ANSI feature.
+

+A9301: The bundled compiler is not an ANSI C compiler. You either have to get a + copy of gcc from the HPUX Software Porting Archives or buy the ANSI cc + from HP. The advice given by one user of HP systems on the Exim + mailing list was as follows: + +

+

+ "Personally, I wouldn't use anything but the ANSI C compiler. gcc + works for compilation, but it doesn't know squat about PA-RISC chips + past the 1.0 rev. Since then, HP has come out with PA-RISC 1.1, 2.0, + and 2.1, each with better features. gcc will compile for them, but it + doesn't produce anywhere near the optimization that HP's compiler + does. + +

+

+ I took the gcc road when we moved from FreeBSD to HP-UX because I was + familiar with it. After 6 months, I had to go and re-port everything + over when we realized that gcc wasn't going to do it for us long-term. + If I could give advice to any new HP-UX admin: don't use gcc if you + can afford the ANSI C compiler. Based on the cost of even the lowest + HP workstation, that usually isn't a problem." + +

+

94. BSDI + +

+Q9401: On BSDI 4.0, Exim built with Perl support exits with the error message + "./exim: can't load library 'libperl.so'". + + +

+A9401: You probably compiled perl5 yourself, without looking into + +

+
+         /usr/src/contrib/perl5/perl5.004_02/hints/bsdos.sh
+

+ first. The problem is that the command + +

+
+         perl5 -MExtUtils::Embed -e ldopts
+

+ doesn't give you sufficient flags to link something with libperl. + Since 5.004_02 the hints/bsdos.sh file has changed to adapt to the + changes between BSDI 3.1 and 4.0, but it is still not entirely right. + +

+

+ The solution is, when you compile perl, change the "ccdlflags" + variable in config.sh to: + +

+
+         -rdynamic -Wl,-rpath,/usr/local/lib/perl5/5.00502/i386-bsdos/CORE
+

+ (or something similar). Alternatively, you can run ./Configure and + answering the question "Any special flags to pass to cc to use dynamic + loading?" with the above line. It is not known what -rdynamic means + (it's not apparently documented in any man page), but that's what BSDI + guys did to compile perl5 which comes with BSDI 4.0 distribution. + +

+

95. IRIX + +

+Q9501: I'm running IRIX 6.2 with a number of alias IP addresses set up, but + Exim doesn't seem to recognize them as local addresses. + + +

+A9501: This problem was fixed in Exim release 2.03. If you are running an + earlier version you should use the local_interfaces option to specify + all your IP addresses explicitly. + +

+Q9502: The IP addresses for incoming calls are all being given as + 255.255.255.255. + + +

+A9502: If you used the gcc compiler 2.8.x there is a known bug with the + "gethost" function under Irix. SGI recommends using either their cc + compiler in Irix 6.5, or a lesser version of the gnu compiler (2.6.x). + +

+

+ Alternatively, there is an Inst-able port of exim for Irix at + http://freeware.sgi.com, but it is not likely to be the latest release. + +

+

96. LINUX + +

+Q9601: Exim is mysteriously crashing, usually when forking to send a delivery + error message. + + +

+A9601: This has been seen in cases where Exim has been incorrectly built with + a muddled combination of an ndbm.h include file and a non-matching + DBM library. + +

+

+ Faults like this have also been seen on systems with faulty motherboards. + You could try to compile the Linux kernel 10 times - if the compile + process stops with signal 11, your hardware is to blame. + +

+Q9602: Exim has created a directory called build-Linux-libc5-i386 but is + trying to reference build-Linux-libc5-i386-linux while building. + + +

+A9602: You have several shells installed, which are setting conflicting values + in the HOSTTYPE environment variable that is used to construct the name + of the build directory. One way round this is to run this command: + +

+
+         ln -s build-Linux-libc5-i386-linux build-Linux-libc5-i386
+

+ This problem should no longer be encountered in release 3.10 or later. + Exim has been changed to get the host type from the "uname" command + preferentially. + +

+Q9603: I want to use logrotate which is standard with RH5.2 Linux to rotate + my mail logs. Anyone worked out the logrotate config file that will + do this? + + +

+A9603: Here's one suggestion: + +

+
+         /var/log/exim/main.log {
+             create 644 exim exim
+             rotate 4
+             compress
+             delaycompress
+         }
+

+ The sleep is added to allow things to close the log file prior to + compression. You also need similar entries for the panic log and the + reject log, of course. + +

+Q9604: I'm seeing the message "inetd[334]: imap/tcp server failing (looping), + service terminated" on a RedHat 5.2 system, causing imap connections to + be refused. The imapd in use is Washington Uni vers 12.250. Could this + be anything to do with Exim? + + +

+A9604: No, it's nothing to do with Exim, but here's the answer anyway: there + is a maximum connection rate for inetd. If connections come in faster + than that, it thinks a caller is looping. The default setting on RedHat + 5.2 is 40 calls in any one minute before inetd thinks there's a problem + and suspends further calls for 10 mins. This default setting is very + conservative. You should probably increase it by a factor of 10 or 20. + For example: + +

+
+         imap stream tcp nowait.400 root /usr/sbin/tcpd /usr/local/etc/imapd
+

+ The rate setting is the number following "nowait". This syntax seems to + be specific to the Linux version of inetd. Other operating systems + provide similar functionality, but in different ways. + +

+Q9605: I get the "too many open files" error especially when a lot of messages + land for majordomo at the same time. + + +

+A9605: The problem appears to be the number of open files the system can + handle. This is changable by using the proc filesystem. To your + /etc/rc.d/rc.local file append something like the following: + +

+
+         # Now System is up, Modify kernel parameters for max open etc.
+
+         if [ -f /proc/sys/kernel/file-max ]; then
+		 echo 16384 >> /proc/sys/kernel/file-max
+         fi
+         if [ -f /proc/sys/kernel/inode-max ]; then
+		 echo 24576 >> /proc/sys/kernel/inode-max
+         fi
+         if [ -f /proc/sys/kernel/file-nr ]; then
+		 echo 2160 >> /proc/sys/kernel/file-nr
+         fi
+

+ By echoing the value you want for file-max to the file file-max etc., + you actually change the kernel parameters. + +

+Q9606: I'm having a problem with an Exim RPM. + + +

+A9606: Normally the thing to do if you have a problem with an RPM package is + to contact the person who built the package first, not the person who + made the software that's in the package. You can usually find out who + made a package using the following command: + +

+
+         rpm --query --package --queryformat '%{PACKAGER}\n' <rpm-package-file>
+

+ where <rpm-package-file> is the actual file, e.g. `exim-3.03-2.i386.rpm'. + Or, if the package is installed on your system: + +

+
+         rpm --query --queryformat '%{PACKAGER}\n' <package-name>
+

+ where <package-name> is the name component of the package, e.g. `exim'. + If the packager is unable or unwilling to help, only then should you + contact the actual author or associated mailing list of the software. + +

+

+ If you discover through the querying process that you can't tell who + the person (or company or group) is who built the package, or that they + no longer exist at the given address, then you should reconsider + whether you want a package from an unknown source on your system. + +

+

+ If you discover through the querying process that you yourself are the + person who built the package, then you should either (a) contact the + author or associated mailing list, or (b) reconsider whether you ought + to be building and distributing RPM packages of software you don't + understand. + +

+

+ Similar rules of thumb govern other binary package formats, including + debs, tarballs, and POSIX packages. + +

+

97. SUN SYSTEMS + +

+Q9701: Exim builds fine with gcc on SunOS 4 but crashes inside sscanf(). + + +

+A9701: Make sure you are liking with the GNU ld linker and not the system + version of ld. + +

+Q9702: How can I get rid of spurious ^M characters in messages sent from + CDE dtmail? + + +

+A9702: CDE dtmail passes messages to Exim via the command line interface with + lines terminated by CRLF, instead of the Unix convention of just LF. As + Exim is an 8-bit clean program it treats the CR as just another data + character. Exim has a command line option called -dropcr which causes + it to ignore all CR characters in an incoming non-SMTP message. You + should configure dtmail to add this option to the command it uses to + call Exim (using the path /usr/lib/sendmail). However, it has been + reported that it isn't possible to change this call from dtmail by any + official means. An alternative approach is to replace /usr/lib/sendmail + by a filtering script which removes the spurious CRs from the input + before passing it to Exim. + +

+Q9703: On SunOS 4 Exim crashes when looking up domains in the DNS that have + more than 10 A records. + + +

+A9703: There are Sun library patches to fix this. It is not Exim's problem. + For 4.13_U1 the patch is 101558-xx; for 4.1.3 the patch is 100891-xx. + From the README: 1054748 ftp, ping dump core when connecting to a host + with multiple DNS A records. + +

+

+ An alternative is to build another resolver library - such as the ones + that are part of the bind distribution - and explicitly link against + those. + +

+Q9704: The menu in Eximon isn't working on my Sun system. + + +

+A9704: With OpenWindows, if the numlock key is pressed (so that the numeric + pad is working) then some menus don't work. This appears to be true for + the console and (some) remote X-window servers. A workaround for this + problem was introduced in the 3.10 Exim release, so it should no longer + be encountered. + +

+Q9705: I am experiencing mailbox locking problems with Sun's mailtool used + over a network. + + +

+A9705: Under the "Expert" settings of mailtool is a option to turn on "Use + network aware mail file locking". By default dtmail has this set, but + mailtool doesn't. You should set it. The help info on dtmail has this + to say about it: + +

+

+ "Mailer tries to prevent two different instances of itself from opening + the same mail file at the same time through a technique that detects + this access when both instances of Mailer and the file are all on the + same machine. A network-aware mail file locking protocol is available + that uses ToolTalk to coordinate instances of Mailer running from more + than one machine, or mail files accessed over the network. Mailer can + only change this option when first opening a mail file." + +

+

+ If you are using the SunOS4 version of mailtool, this apparently + doesn't work. The only thing which does seem to work it getting the user + to hit the "done" button to make it release the lock. + +

+Q9706: Exim has been crashing on my Solaris x86 system, apparently while + running DBM functions. + + +

+A9706: The use of ndbm with gcc has caused problems on x86 Solaris systems. + Try changing one or the other; using either db 1.85 with gcc, or Sun's + WS compiler with ndbm, has fixed this in the past. + +

+Q9707: The exiwhat utility isn't working for me on a Solaris 2 system. + + +

+A9707: Have you got /usr/ucb on your path? If so, it is probably picking up the + wrong version of the ps command. The exiwhat script is built on + Solaris to expect the normal Solaris version of ps. + +

+Q9708: How do I stop Sun's dtcm from hanging? + + +

+A9708: From qmail's FAQ: "There is a novice programming error in dtcm, known as + ``failure to close the output side of the pipe in the child.'' Sun has, + at the time of this writing, not yet provided a patch." + +

+Q9709: I want Exim to use only the resolver (i.e. ignore /etc/hosts), but don't + want to alter the nsswitch.conf file in Solaris 2. + + +

+A9709: You need to rebuild Exim after fiddling with OS/os.h-SunOS5: + +

+
+       #define gethostbyaddr res_gethostbyaddr
+       #define gethostbyname res_gethostbyname
+       #define endhostent res_endhostent
+       #define endnetent res_endnetent
+       #define gethostent res_gethostent
+       #define getnetbyaddr res_getnetbyaddr
+       #define getnetbyname res_getnetbyname
+       #define getnetent res_getnetent
+       #define sethostent res_sethostent
+       #define setnetent res_setnetent
+

+ Exim uses gethostbyname and gethostbyaddr only, but may use others in + the future. Note that -lnsl is still needed in the Makefile as it + contains code used by the NIS lookup and also the inet_addr function + that Exim uses. + +

+

98. COOKBOOK + +

+Q9801: How do I configure Exim as part of TPC (http://www.tpc.int)? + + +

+A9801: (1) add partial-lsearch;/etc/mail/tpc.domains to local_domains; + /etc/mail/tpc.domains is a text file with lines in this format: + +

+
+             9.3.5.1.0.8.1.tpc.int.
+

+ This sample line indicates that we accept faxes destined for + 1(801)539-*. + +

+

+ (2) Set up the following transport: + +

+
+             tpc:
+               driver = pipe
+               command = "/usr/local/tpc/tpcmailer.pl ${local_part}@${domain} \
+                  ${sender_address}"
+               pipe_as_creator
+

+ /usr/local/tpc/tpcmailer.pl is the mail processing script that can + be obtained from the TPC distribution. + +

+

+ (3) Set up the following director: + +

+
+             tpc_director:
+               driver = smartuser
+               transport = tpc
+               domains = "partial-lsearch;/etc/mail/tpc.domains"
+

+ Of course, there are other things to do as well before your system is + a functioning TPC server. + +

+Q9802: How do I configure Exim so that it sends mail to the outside world only + from a restricted list of our local users? + + +

+A9802: There are several possible ways that this can be done. + +

+

+ (A) You can restrict the senders directly by putting a setting such as + this one on all the drivers that route to the outside (usually this + is just the final lookuphost router): + +

+
+             senders = ":^[^@]+@(?!${rxquote:your.domain}\\$):\
+                       lsearch;/permitted/senders"
+

+ The first item in this list is empty, to match the empty sender. + This is necessary because bounce messages have null senders. The + second item is a regular expression that matches any address whose + domain is not your domain. This caters for cases when mail from + an external user has arrived for a local user who has forwarding + set up to some outside address. + +

+

+ If the first two items do not match (that is, the address is in your + domain) the sender is looked up in a file of permitted senders; each + item in the file must be a complete address, including the domain. + If the sender is unacceptable, an "unrouteable mail domain" error + will occur because the router won't run, and there are no more to + try. + +

+

+ (B) If your local users are in many domains, it may be easier to use a + condition option to test the domain and local part independently, + along these lines: + +

+
+             condition = "\
+               ${lookup{${domain:$sender_address}}lsearch{/domain/list}\
+               {\
+                 ${lookup{${local_part:$sender_address}}lsearch\
+                 {/permitted/senders}{yes}{no}}\
+               }\
+               {yes}}"
+

+ Obviously other means of testing the domain and local part could be + substituted, for example, by having separate files of valid local + parts for each local domain. + +

+

+ (C) If your local users are logged in to your host, you could use a + special group for those that are permitted to mail to the world. + Assuming your groups are defined in /etc/group you could arrange to + look up the group in that file and then check that the sender was in + the group,using something along these lines: + +

+
+             condition = "\
+               ${lookup{groupname}lsearch{/etc/group}\
+               {${if match {$value}\
+               {[:,]${rxquote:${local_part:$sender_address}}(,|\\\$)}\
+               {yes}{no}}}{no}}"
+

+ This is checking the local part of the sender; a alternative might + be to check $sender_ident. However, you should really also check + that $sender_host_address is either unset or set to 127.0.0.1 or + your IP address, so you check only locally-originated mail. + +

+

+ A block like this does not prevent a logged in user from sending + mail by telnetting to another host's SMTP port, or indeed from + installing a private version of Exim to do the job for her. + +

+

+ (D) On a gateway server that has no local users and so receives all the + mail via SMTP from client hosts, you could use a rewriting rule to + rewrite sender addresses in your local domain from a table of legal + local parts, replacing any illegal addresses with an address such as + unknown@your.domain. If this is combined with sender_verify=true + it causes messages from users that are not in the table to be + refused, assuming that the gateway is capable of verifying the local + part of user@your.domain. + +

+Q9803: How do I configure Exim to run with SmartList? + + +

+A9803: This is what was done for Exim's own mailing list, using SmartList/ + procmail 3.11pre7. It runs as its own user - trying to manage mailing + lists under your own ID can be hard work. Smartlist is installed into + /var/spool/slist, and there is an slist user defined. Each list appears + as a directory under /var/spool/slist (as per usual for Smarlist). + Exim is configured like this: + +

+
+         # slist added to list of trusted users so it can
+         # manipulate sender addresses
+
+         trusted_users = exim:slist
+
+         # in transports, a list transport is defined:
+
+         list_transport:
+           driver = pipe
+           command = "/var/spool/slist/.bin/flist \
+                     ${local_part}${local_part_suffix}"
+           current_directory = /var/spool/slist
+           home_directory = /var/spool/slist
+           user = slist
+           group = slist
+
+         # in directors a list director is defined:
+
+         list_director:
+           driver = smartuser
+           suffix = -request
+           suffix_optional
+           local_parts = !.bin:!.etc
+           require_files = /var/spool/slist/${local_part}/rc.init
+           transport = list_transport
+

+ and thats it - no aliases, no special handling of out lists etc. + What you do need is to ensure that choplist is used for distribution + (that is, do not uncomment the alt_sendmail entry which is blank). + +

+

+ A couple of other things are forced - for example since the list runs in + its own domain the domain value is forced to exim.org. + +

+

+ Then everything else is basic SmartList configuration - and that's + moderately well documented. A confirmation stage on signup was added - + now when you subscribe you are sent a confirmation which you must + return before the system subscribes you (this prevents people + subscribing their "friends" and makes sure that the addresses really do + work). The confirm package is available at: + +

+
+          ftp://ftp.fatfree.com/confirm-1.1.tar.gz
+

+ and was written by Michelle Dick. + +

+Q9804: How do I configure Exim to minic PP's "tripnote" facility? + + +

+A9804: See C005. + +

+Q9805: How do I configure Exim to handle local parts with extensions? + + +

+A9805: See C010. + +

+Q9806: How do I configure Exim so that only a restricted list of users can + receive mail from external domains? + + +

+A9806: See C013. + +

+Q9807: I have someuser@mydomain.com that I only want certain users to be able + to mail to. How do I accomplish this? + + +

+A9807: This is a transport: + +

+
+         bounce:
+           driver  = autoreply
+           from    = postmaster@mydomain.com
+           to      = $sender_address
+           user    = exim
+           subject = "Re: Your mail to ${local_part}"
+           text    = "You are not allowed to mail to ${local_part}."
+

+ This is a director that should come before all the others: + +

+
+         special_user:
+           driver = smartuser
+           local_parts = someuser
+           transport = bounce
+           senders = !: !lsearch;/list/of/permitted/senders
+

+ Note that leading "!:" in senders. It allows the null sender <> to be + valid (i.e. not to match this director). This is necessary, since bounce + messages have null senders. All other permitted senders must be in the + file as complete addresses, including a domain. + +

+Q9808: A site for which I provide secondary MX is down for some time. Is there + a way to run the queue for that destination separately from the main + queue? + + +

+A9808: No, because Exim does not have the concept of "the queue for that + destination". It simply has a single pool of messages awaiting delivery + (and some of them may have several destinations). The best approach to + this is to arrange for all messages for the site to be saved somewhere + other than the main spool, either on a separate dedicated MTA, or in + BSMTP files. There is an example of the latter approach in C014. + +

+Q9809: How do I implement VERP (Variable Envelope Return Paths) in Exim? + + +

+A9809: See C017. + +

+Q9810: I'd like to make a copy of all outgoing messages to a local mailbox. Is + there a solution for this using an Exim filter? + + +

+A9810: The following filter makes a copy of every message, except for delivery + failure reports: + +

+
+         # Exim filter
+
+         # Ignore error messages
+         if error_message then finish endif
+
+         # Copy if this is the first delivery attempt
+         if first_delivery then
+           unseen deliver copy@your.domain errors_to postmaster@your.domain
+         endif
+

+ The keyword "unseen" stops this being a "significant delivery", so that + the message goes on to be delivered as normal. The errors_to setting + changes the envelope sender on the copy so that if there is a problem + delivering it, the bounce message is sent to postmaster. + +

+

+ You can add to the condition setting to select specific messages. + To make a copy of outgoing messages only requires a definition + of "outgoing". Because a message may have many recipients, simply + testing for your own domain in both the From: and the To: headers is not + enough. You can craft your own conditions, but here is one suggestion: + +

+
+         if $h_from: contains your.domain and
+             foranyaddress $h_to:,$h_cc:
+               ($thisaddress does not contain your.domain)
+         then
+           unseen deliver copy@your.domain errors_to postmaster@your.domain
+         endif
+

+ This takes copies of messages whose From: header contains your.domain + and whose To: and Cc: headers contain at least one address that does not + contain your.domain. See also + Q9817. + +

+Q9811: I want to make a copy of outgoing messages to a specific file for each + user in a specific directory, using a "save" command in a system filter. + How can I arrange for Exim to write to these files under the correct + UID/GID? + + +

+A9811: You need to set up a special transport and tell Exim to use it for + file deliveries from the system filter. Add the following setting to + your configuration: + +

+
+         message_filter_file_transport = copy_transport
+

+ Then define copy_transport like this + +

+
+         copy_transport:
+           driver = appendfile
+           delivery_date_add
+           envelope_to_add
+           user = ${local_part:$sender_address}
+

+ This assumes that you want to run the delivery under the uid associated + with the local part of the sender address. Alternatively, you could just + use user=exim and do all the writing under the same UID/GID. + +

+Q9812: How can I keep an archive of all mail for some specific local email + addresses? + + +

+A9812: You could use a system filter, along the lines of + +

+
+         if
+           first_delivery and <tests for appropriate addresses>
+         then
+           unseen save
+             /mail/archive/${substr_0_10:$tod_log}
+         endif
+

+ That would create a new file for each day. However, in order to use + this, you will need to set message_filter_file_transport to point to an + appropriate transport which includes a setting of "user" to specify + which uid to run the saving under, as is described in + Q9811. + +

+Q9813: How can I configure Exim to provide a vacation message when there are + no local users on my mail hub? + + +

+A9813: See C019. + +

+Q9814: We want to be able to temporarily lock out a user by disabling the + password and moving the home directory to another place. How can we + arrange to reject mail for users in this state? + + +

+A9814: Change the home directory pointer in the passwd file to something + distinctive. For example, we use /home/CANCELLED for cancelled users. + Then you can pick up such users with this director, which is placed + immediately after system_aliases: + +

+
+         cancelled_users:
+           driver = localuser
+           transport = cancelleduser_pipe
+           fail_verify
+           match_directory = /home/CANCELLED
+

+ This sends messages for cancelled users to the following special + transport: + +

+
+         cancelleduser_pipe:
+           driver = pipe
+           command = "/opt/exim/util/cancelleduser.sh"
+           ignore_status
+           return_output
+           user = nobody
+

+ The script simply generates a message saying that the user is cancelled + on its standard output. This gets returned to the original message + sender in an error report. + +

+

+ If you don't want to change the home directory in the passwd file, + an alternative is to check for the non-existence of the home directory + with + +

+
+         require_files = +!$home
+

+ instead of setting match_directory. + +

+Q9815: I need an alias, say "fakeaddress" that should receive a message, + strip all reply-to: headers present, substitute another one pointing to + "otheraddress" and forward a message to "realaddress". + + +

+A9815: Add this director: + +

+
+         fakeaddress_director:
+           driver = smartuser
+           domain = (if necessary to restrict the domain)
+           local_parts = fakeaddress
+           headers_remove = reply-to
+           headers_add = reply-to: otheraddress
+           new_address = realaddress
+

+ If there are several of these aliases then you could list them in a file + along with the corresponding other addresses, and use lookups instead of + the fixed values shown above. + +

+Q9816: How can I set up Exim to work with Listar? + + +

+A9816: See http://www.cs.huji.ac.il/~vadik/listar-exim/. + +

+Q9817: I need to take copies of all incoming and outgoing mail for certain + users. For each user there may be a different monitoring address. + + +

+A9817: You can adapt the filter solution given in + Q9810 by adding a test for + the relevant local parts. Create a file containing lines like this: + +

+
+         user1@domain1:   monitor1@monitor.domain1
+         user2@domain2:   monitor2@monitor.domain2
+

+ and then use the following command in a system filter: + +

+
+         if ${lookup{$sender_address}lsearch{/some/file}{$value}{}} is not ""
+         then
+           unseen deliver ${lookup{$sender_address}lsearch{/some/file}{$value}}
+             errors_address = postmaster@your.domain
+         else
+           if foranyaddress $recipients
+             (${lookup{$thisaddress}lsearch{/some/file}{$value}{}} is not "")
+           then
+             unseen deliver ${lookup{$thisaddress}lsearch{/some/file}{$value}}
+               errors_address = postmaster@your.domain
+           endif
+         endif
+

+ It is messy to have to repeat the lookups, but it won't be inefficient, + because Exim caches the results of successful lookups. + +

+Q9818: How can I add a disclaimer to the end of every message? + + +

+A9818: This isn't as easy as it appears. You cannot just add text to the bottom + of messages because of the possibility of MIME attachments. In any case, + it is not the job of an MTA to mess with the contents of messages. You + can perhaps do things with Exim's transport filters if you really have + to, but if the messages originate locally, it would be better to do + what you want in the MUA (e.g. force all your local users to have it in + their .sig files). + +

+Q9819: I would like to append a simple advertisement text to all outgoing + and local mails. + + +

+A9819: See + Q9818. + +

+Q9820: How can I configure Exim so that all mails adressed to + something@username.domain.net get delivered to /var/spool/mail/username? + + +

+A9820: There are several possibilities, depending on exactly how you are set + up. Here is one approach: First, arrange that all the domains you are + interested in are local domains, for example, by listing them in a file: + +

+
+         local_domains = /list/of/domains
+

+ If there are lots of them, a DBM or cdb file should be used for a faster + lookup. Assuming that "username" is set up as a user on your system, and + you have a configuration that can handle username@domain.net in the + normal way, all you have to do is to arrange to convert the recipient + address by means of a smartuser director like this: + +

+
+         user_in_domain:
+           driver = smartuser
+           domains = /list/of/domains
+           new_address = ${if match{$domain}{^([^.]+)\\.domain\\.net\$}{$1}fail}@domain.net
+

+ This should be the first director. + +

+Q9821: How do I get exim not to add a Sender: header to locally originated + mail? + + +

+A9821: It only adds it if the From: header doesn't correspond to the user + sending the message. You can't remove it in general (but this may be + possible in a future release). However: + +

+

+ (1) You can get it removed later, by putting + +

+
+         headers_remove = Sender
+

+ on all your transports. This doesn't test for locally originated mail, + but you could use a more complicated expansion string to make that test. + For example + +

+
+         headers_remove = ${if eq{$sender_host_address}{}{Sender}}
+

+ which removes it only if there is no sending host address. + +

+

+ (2) If your real question "how do I submit mail from UUCP + without it adding Sender:?" Then see + Q0603. + +

+Q9822: How can I get Exim to work with mailman? + + +

+A9822: The Exim mailing list uses the configuration that is given in the "how + to" information at http://www.exim.org/howto/mailman.html. + +

+Q9823: Is there any way to have messages sent to a specific local address + delayed by - say - 24 hours? + + +

+A9823: Using Exim 3.10 or later, the answer is "yes". Set up a smartuser + director like this: + +

+
+         delay:
+           driver = smartuser
+           domains = the.domain
+           local_parts = thelocalpart
+           condition = ${if < ${$message_age}{86400}{yes}{no}}
+           new_address = :defer: message not old enough
+

+ Of course, this will also have the effect of setting a retry time for + the address. You may want to set a special retry rule for it. + +

+

99. LIST OF SAMPLE CONFIGURATIONS + +

+

+Each sample configuration is held in a separate file in the config.samples +directory. Those with names of the form Cnnn are Exim configurations; those +with names of the form Fnnn are filter file fragments. + +

+

+C001: "This config will support delivery across multiple systems using NIS to + look up delivery addresses from the mail.aliases database." + +

+

+C002: "Although exim not intended for use in UUCP environment (it doesn't + know anything about bang!path addresses), I'm successfully using it for + delivering mail to UUCP clients." + +

+

+C003: "I've read down through + Q0601 and your request for UUCP examples. Here's + how I'm doing it." (This example uses routers.) + +

+

+C004: "Here's a BSMTP over UUCP [configuration] - the transport is Taylor/GNU + UUCP - which takes the long option types." (This example uses + directors.) + +

+

+C005: "I am using a virus scanner program that is invoked by a pipe, scans the + mail and re-invokes Exim to do the delivery. The pipe is invoking a perl + script that tries to unpack and MIME, zip and other archives and then + applies the McAfee scanner on the results." + +

+

+C006: "This is how I have configured a PP-inspired vacationnote, there is + (was?) such a feature in PP. The user makes a file "tripnote" in his/her + home directory, the message is passed to the sender once with a short + leading text." + +

+

+C007: "If I host a domain foo.dom on my machine as a virtual domain I expect + it to be completely virtual and separate from other mail domains that + end up on my machine." + +

+

+C008: "And of course it is possible to do a very interesting solution to + this [virtual domains] using LDAP." + +

+

+C009: "These are suggested parts of a configuration for looking up users in + /etc/passwd.domain rather than in /etc/passwd ..." + +

+

+C010: "One of our customers is looking for us to support addresses of the form + username+extension@domain.com, primarily for use with procmail." + +

+

+C011: "Thanks to Philip and others I now have my ISP style config built and + therefore am posting the final configuration fragments to the list in + case anyone else wants to do a similar thing." + +

+

+C012: "I've written a small chapter how-to configure Exim for use with UUCP + (mostly condensed from the exim-user mailing list plus some + experimenting) and would be glad if it could be included in the Exim + documentation." + +

+

+C013: "I've take some tips from the FAQ about permitting only certain users + to send to external mail and came up with my own for the receiving + part." + +

+

+C014: "If I have a situation where a site I MX for has a known outage I stash + all their mail into a directory in BSMTP format." + +

+

+C015: "This approach to virtual domains has helped me a great deal, and is so + easy to maintain (add and modify as appropriate)." + +

+

+C016: "Herewith my configuration." (A complete configuration, including simple + virtual domains, along the lines of C015). + +

+

+C017: "I have gotten the new VERP feature of Exim 2.054 working in test, along + with some supporting programs to handle bounces that do come back." + +

+

+C018: "This Majordomo configuration removes a lot of the aliases, and + automates a lot of the other functions based on whether the files or + directories exist." + +

+

+C019: "The following configuration file entries can be used to provide a + 'vacation'-style function for a mailhub which has no local users." + +

+

+C020: "I was asked for a copy of the programs we were using to mail + everybody." + +

+

+C021: "Here is some sample code that might be useful for handling + X-Failed-Recipients headers generated by Exim, with mailing lists." + +

+

+C022: "This is the Exim configuration file of a machine which delivers mail to + several local domains where the mail is delivered locally, several hairy + domains, handled as described below, and a half-virtual domain, which is + first processed by its special alias file, then processed as other local + domains (including the processing by the global alias file)." + +

+

+C023: A Perl script and instructions for hooking it into Exim in order to + handle disposition-notification-to and return-receipt-to by using a + shadow transport to send copies of delivered messages to the script. + +

+

+C024: "In case anybody wants to use a MySql database to store aliases this is + how I managed to get my site working." + +

+

+C025: "As promised here is the way I got Exim to delver to Cyrus mailboxes if + the user exists in the MySql database." + +

+

+C026: "The following configuration and program will allow messages going to + AOL only, to be filtered thru a Perl script. This Perl script will + convert any URL's to the HTML syntax. In addition, the transport will + use VERP to send a unique envelope sender with each message." + +

+

+C027: "This is an FYI to demonstrate how to have exim work with SSL using the + stunnel wrapper and its underlying OpenSSL libraries and toolkit." + +

+

+C028: "This Python script reads from stdin and writes to stdout. It strips all + the MIME attachments from a mail message that are one of the mime types + listed on the command line. Exim can use it in its configuration file, + for example, as follows:" + +

+

+C029: "The standard way to connect one's MTA to a list manager seems to be to + add a set of aliases for every list one creates. Once upon a time, I + crufted a set of configs from Smail to work with majordomo, to + automaticaly recognize the standard patterns, for all lists in + existence...I have setup a set of transports and directors for Exim, + which will do the same thing for mailman." + +

+

+C030: "I am currently configuring an exim for a site that will to mail + hosting for several domains. I want the domain holders to have control + over 'their' alias files, being able to create their own aliases. + However, I don't want them to have postmaster, abuse and other role + accounts under their control." + +

+

+C031: "These are config file snippets for handling certain remote addresses as + local, and making only real external addresses visible to users." + +

+

+C032: "This is the Exim Nervous Mailbox Quota Suite. It does not impose + hard quotas on users' mailboxes, but it makes a user nervous by + putting all his mail in a secondary mailbox, inaccessible to the + user, when he is over his quota. When the user clears his + mailbox (i.e., deletes mail to make his mailbox below the quota + again), mail from his secondary mailbox is transferred back to + his primary mailbox, in FIFO order." + +

+

+C033: "Here's our current automatic vacation recipe". + +

+

+C034: "This is a HOW-TO for setting up Exim to support SMTP authentication + under different environments, including regular password files, PAM + and NIS." + +

+

+F001: "I thought that the rest of the list may be interested in reviewing our + filter as a starting point for their own system message filter." + +

+

+F002: "... program which refused mail from unknown addresses until they mailed + me promising not to spam me ... since I'd already thought through how + to do it in Exim, and knew it'd be slightly easier than falling out of + bed, I went ahead and did it." + +

+

+F003: "Here's four checks installed in our system wide filter that knock out + a lot of otherwise hard to detect rubbish." + +

+

+F004: "This is an Exim filter snippet to change locally-generated Message-Id: + and Resent-Message-Id: headers to world-unique values." + +

+
+ + + diff --git a/NewStuff.html b/NewStuff.html new file mode 100644 index 0000000..46e1bb9 --- /dev/null +++ b/NewStuff.html @@ -0,0 +1,115 @@ + + + + New Features in Exim + + + +

New Features in Exim

+ +

This file contains descriptions of new features that have been + added to Exim, but have not yet made it into the main manual + (which is most conveniently updated when there is a relatively + large batch of changes). The ChangeLog file contains a brief + listing of all changes, including bug fixes.

+ +

When the manual is up-to-date with the code and there have been + a lot of recent changes, the more important ones may be listed + here for convenient reference. Otherwise this file will contain + just these two introductory paragraphs.

+ + +

Version 1.90: Short list of some of the new things

+
    +
  1. New expansion operators ${local_part:}, ${domain:}, and +${hash__:} and the "extract" operator has been extended to a new +form: ${extract {number} {separators} {string}}. + +
  2. There's a new testing option -bh which must be followed by an IP address. +This runs a fake SMTP session as if from that IP address, using stdin and +stdout. Additional comments as to what is going on are written to stderr. These +include lines beginning with "LOG" for anything that would have been logged. +This facility is for testing configuration options for blocking hosts and/or +senders and for checking on relaying control. + +
  3. If there is only a single recipient address in an incoming message, then +when the Received: header line is being built, the expansion variable +$received_for is set to contain that address. Otherwise that variable is always +empty. The default setting of received_header_text has been changed to include +the use of this new variable when set. + +
  4. The filtering facilities now include 10 variables with names n0 - n9. These +start out at zero and can be incremented by the "add" command. After the system +filter has run, a copy of the variables is taken, and made available in user +filters as the expansions $sn0 - $sn9. Thus a system filter can, for example, +do "scoring" which users' filters can make use of. + +
  5. The freeze and fail filter commands can now be followed by the word "text" +and a string giving an error message. + +
  6. The amount of disc space available is checked whenever SIZE is received on +a MAIL FROM command. + +
  7. There is a facility for looping through a list of addresses in mail +filters. It uses a new "foranyaddress" condition. + +
  8. A facility for local "shadow transports" has been added. This is somewhat +experimental and may change in future. + +
  9. There is a new defaulting option that can be used with single-key search +types. If the type name is followed by "*@" (e.g. lsearch*@) then, if the +initial lookup fails and the key contains an @ character, a second lookup is +done with everything before the last @ replaced by *. + +
  10. Directors and routers now have generic options headers_add and +headers_remove. + +
  11. If an SMTP greeting line contains ESMTP, Exim now sends EHLO instead of +HELO, and if it is told the SIZE parameter is supported, it adds SIZE=xxx to +each MAIL FROM command. + +
  12. Customization of error messages generated by Exim is now supported. + +
  13. Delivery failure messages now contain an X-Failed-Recipients header, +listing all failed addresses, for the benefit of programs that try to analyse +such messages automatically. + +
  14. If /dev/null is generated by an aliasfile or forwardfile, arrange to skip +its delivery at top level, thus avoiding the need for a uid/gid on the +transport. + +
  15. When a delivery is not part of a queue run (typically an immediate delivery +on receipt of a message), the directors are always run for local addresses, and +local deliveries are always attempted, even if retry times are set for them. + +
  16. The smtp_etrn_serialize option (default TRUE) prevents the simultaneous +execution of more than one queue run for the same argument string as a result +of an ETRN command. + +
  17. The "errors_to" option is now a generic option that is available for all +directors and routers, instead of just aliasfile and forwardfile. + +
  18. For sendmail compatibility, if an incoming, non-smtp message has a From: +header containing just the unqualified login id of the calling user, stick it +in angle brackets, with the gecos field in front. + +
  19. There's a new variable called sender_rcvhost, for use in Received headers, +to allow them easily to be strictly compatible with RFC 822. The default header +now uses it. + +
  20. The domainlist router has a option called host_find_failed, which tells it +what to do if a host which it tries to look up does not exist. + +
  21. Several new rewrite flags have been added. + +
  22. Alias files can now contain the items :defer: and :fail:. + +
  23. Support for LDAP. +
+

End

+
+
Nigel Metheringham
+ +

$Id: NewStuff.html,v 1.2 2000/04/09 22:02:32 nigel Exp $

+ + diff --git a/branding/branding.html b/branding/branding.html new file mode 100644 index 0000000..5a98e55 --- /dev/null +++ b/branding/branding.html @@ -0,0 +1,15 @@ + + + + Provider Branding + + + + +
+ + +
+ + + diff --git a/changelogs/ChangeLog-2.10.html b/changelogs/ChangeLog-2.10.html new file mode 100644 index 0000000..febf349 --- /dev/null +++ b/changelogs/ChangeLog-2.10.html @@ -0,0 +1,417 @@ +Version 2.10 +------------ + +1. The log message for a skipped syntax error in a filter file needed tidying. + +2. After a "foranyaddress" condition succeeds in a filter file, the value of +$thisaddress is available in the commands. It holds whatever what the last +value tested. + +3. Another adjustment to the FreeBSD makefile to make it work in ports and +non-ports environments. + +4. scripts/Configure-Makefile was testing for PERL_COMMAND in the local +configuration without anchoring the check to the start of a line. + +5. Give the error "no local part" instead of "missing colon in route" for +addresses like <@abcd>. + +6. Nested ${lookup} and ${if} items in expanded strings were not working +correctly if "fail" was present in one of the internal items. + +7. A macro expansion at the start of a continuation line of a string was +getting ignored. + +8. Escapes such as \n are now handled conventionally in string expansions. + +9. Added numeric comparisons to string expansions. + +10. Changed the space checking to use the f_bavail field returned by the +stat(v)fs function instead of f_bfree, thus testing non-superuser space only. +Also, for those OS which have it, changed from f_ffree to f_favail for checking +the number of inodes. + +11. Errors in expanding the name of a perl function or its arguments were not +being passed back correctly. + +12. The count of lines in a message (which is used for computing the value for +the SIZE option on outgoing messages) was not being correctly set for incoming +non-local SMTP mail. + +13. If no_smtp_check_spool_space is set, Exim refrains from checking that there +is enough space in the spool partition when it receives a SIZE setting on an +incoming message. + +14. Added message_size_limit_count_recipients. + +15. Implemented quota_warn_threshold in appendfile. + +16. Running exim with -q but without -bd could cause it to crash. + +17. In the delivery log line, don't print the original address in <> if the +only difference from the original address is in the case of the domain(s). + +18. Removed the "debug" transport as I haven't used it for years and it is +simply clutter. + +19. Write a log line when a message is abandoned because of a ridiculously long +header line. + +20. If an error is detected while receiving a batch SMTP message (using -bS) +the error message that is sent now contains information about the sender and +recipients, and a copy of the headers, when such information has been read +before the error was detected. + +21. If errors_to was set in forwardfile, and a headers_add option used +$local_part or any other address-specific expansion, the expansion went wrong. +(The verification of the errors_to address was clobbering the values.) This +could have applied to other directors and routers too. + +22. The smtp_log_connections option should really be called +log_smtp_connections to fit in with other naming. Added the "correct" name as +a synonym, and hide the old one in displays. + +23. If daemon_smtp_service was set to a named service on a machine with a byte +order different to network byte order, Exim listened on the wrong port. This +might have been introduced by change 12 of 2.03. + +24. helo_verify wasn't working in the case where the helo argument was a valid +(but incorrect) host name. + +25. Missing information in log for failures from multiple remote hosts. + +26. If a malformed response to an SMTP command contained newlines, they were +written verbatim to the log. They are now converted to \n (and other +non-printing characters are also escaped). + + +Version 2.054 +------------- + +1. Insert missing fflush() if starting an SMTP session is rejected. + +2. In the default configuration, changed the retry specification to + + * * F,2h,15m; G,16h,1h,1.5; F,4d,8h + +The difference is that after trying every 15 minutes for 2 hours, it next tries +one hour later rather than two hours later. + +3. Remove the definition of os_strsignal from the FreeBSD os.h, as it seems it +doesn't have it (ditto BSDI) and also from OpenBSD, just in case. My assumption +that it's on all BSD systems (based on NetBSD) is clearly false. + +4. Updated exim_tidydb so that with the -f flag, it checks for the continued +presence of a message that has a message-specific retry record. + +5. Fix exiqsumm so that it correctly recognizes domain literals in recipient +addresses. + +6. The install script should now install the Texinfo documentation if +INFO_DIRECTORY is defined, and the source is available. + +7. If a screwed-up host sent an SMTP response that contained LF characters, +they got left as LFs when included in the retry database. This could mess up +the format of the output from exim_dumpdb. They are now converted into \n. + +8. Multiline responses from a remote host are better formatted when -d is set +for the smtp transport. + +9. Fixed a very low-probability file descriptor leak in eximon; if a -J file +existed and reading the -H file failed, the -J file didn't get closed. + +10. Added to the FreeBSD makefile, on Sheldon Hearn's recommendation: + +.if ${PORTOBJFORMAT} == "elf" +XLFLAGS+=-Wl,-rpath,${X11BASE}/lib +.endif + +It allows eximon to be built on FreeBSD ELF systems. + +11. Fixed bug in libident/support.c causing crashes on malformed ident data. +Also fixed another typo bug in libident. + +12. If headers_sender_verify was set and there was a syntax error in a header, +the error message just said "no valid sender". Now it gives details of the +syntax error. + +13. If the expansion of headers_add for pipe and smtp transports failed, the +reason for the failure was not included in the error message (it was for +appendfile). + +14. Added the "check_local_user" magic to {current,home}_directory in +forwardfile. + +15. Changed the way the Makefile works when embedding Perl. The user need now +specify only EXIM_PERL=perl.o. The Makefile builder sets default values for the +other parameters at the top of the file, using the setting of PERL_COMMAND to +run Perl, when EXIM_PERL is set. + +16. When an alias lookup defers because no addresses generated, include the +syntax error message in the message. + +17. In the forwardfile director, the skip_syntax_errors option now applies to +filter files as well as to conventional .forward files. Added +syntax_errors_text option to forwardfile and aliasfile. + +18. Fixed potential segfault crash in MBX delivery (while computing the +timestamp). + +19. Added $parent_domain, $parent_local_part, $address_file, $address_pipe. + +20. The router and director options "domains", "local_parts", "senders", and +their matching "except_" partners are now expanded. + +21. The -bp option wasn't reading messages' -J files, and so wasn't marking +addresses "delivered" as early as it could. + +22. Added the queue_only_file option. + +23. The autoreply transport now has a reply_to option, and the "mail" command +in filters supports "from" and "reply-to" keywords. + +24. Pedantic message correction: "all its recipients" => "all of its +recipients". + +25. Added default definition of EX_CONFIG for systems that don't have it. + +26. Set no_expn on the forwardfile director in the default configuration. + +27. Skip logwrite in filter files when run as a result of EXPN. + +28. Allow leading dots in local parts. Exim is already extended to allow null +components inside or at the end of local parts (e.g. a..b.@xyz) so it doesn't +seem worth making this extension specifically configurable. + +29. Added rbl_log_rcpt_count and rbl_log_headers. + +30. The setting of KEEPALIVE on an incoming socket was not being bypassed when +-bh was in use, leading to a warning message. + +31. There was a long-standing problem with queue runners when a delivery that +was started by a queue runner passed on one or more TCP/IP connections to +another process. The problem was that the queue runner did not know this, and +went on to start more deliveries. If there were a large number of messages +queued for one host, this could cause too many delivery processes to be +running. The queue runner process is now told about additional descendent +processes, and it waits for them all to finish before moving on to the next +message. + + + +Version 2.053 +------------- + +1. Reword message for not-found driver to emphasize which kind of driver. + +2. Give pid and ppid in message about process creation failure. + +3. If addresses on the command line for a -t message cause all included +addresses to get deleted, give a special "no recipients" error, mentioning the +cause. (Previously the message just never got delivered to anybody.) + +4. If a user's filter file has "seen finish" with no significant deliveries, +write a log line of the form "=> discarded
D=director" to indicate +what has happened. + +5. Added match_directory to forwardfile. + +6. If match_directory was set on localuser, and it was an expanded string, and +the resulting pattern was a regular expression, and more than one address was +processed by this director such that the expansions gave differing patterns, +then things went wrong because the first pattern was used every time owing to +caching of the compiled regular expression. + +7. When doing a 2-stage queue run (using the -qq option) a message about +queue_smtp was written to each individual message log (though suppressed on the +main log). + +8. If the log level is set less than 5, messages about retry time not reached +are no longer written to individual message logs. + +9. If the replacement string for a rewrite rule is "*" then addresses matching +the patterns and the flags are not rewritten, and no further rules are tried. + +10. Added -bpr, -bpru, -bpra which are like the versions without the 'r', but +display the list in random order. + +11. Added log_smtp_syntax_errors. + +12. Added ${uc:} operator. + +13. Added ignore_fromline_nets and ignore_fromline_local. + +14. After SMTP transport errors such as "connection reset by peer" the text of +the error appeared twice in the log line. + +15. Added :unknown: for use in alias files. + +16. Give full search_type in debugging info for aliasfile. + +17. Added generic transport option message_size_limit. + +18. Added quota_filecount to appendfile, to apply when delivering into a +directory. + +19. When delivering into a directory and quota was exceeded, the "time since +last read" field, which applies to individual mailboxes, was getting set to to +junk values, and could cause a retry record to time out prematurely. + +20. Show sender address in debugging output. + +21. Allow non-trusted users to use -f when running -bt or -bv. + +22. If a transport returns PANIC, Exim used to panic log and die. Now it just +panic logs - so other addresses do get processed. + +23. In aliasfile and forwardfile, the *_transport options can now be expanded +strings. If the result isn't a named transport, the address gets deferred, and +the message gets frozen. + +24. Expanded transport names on directors and routers are now checked only if +the driver handles the address. + +25. Bug introduced in new SMTP temporary problem handling meant that the +wait-smtp database wasn't always updated when it should have been. + +26. Added support for MBX mailboxes (a) the format and (b) the locking. +Upgraded exim_lock. + +27. Added body_only and headers_only generic transport options. + + +Version 2.052 +------------- + +1. Added return_path generic option to the transports. This can re-expand the +return path at transport time and do things like sticking in the recipient's +address (i.e. it makes VERP support possible). + +2. If, during a remote parallel delivery in a subprocess, an SMTP error +response had a humongously long text associated with it, Exim crashed. + +3. When there are no deferred addresses, convert any message-specific retry +record updates into deletes. This does some useful tidying in cases when one +host produces such an error and a subsequent one succeeds or fails hard. + +4. If retry_include_ip_address was set false in an SMTP transport, then the +retrying was not searching for a rule keyed on the domain in addition to a rule +keyed on the host. + +5. Added "rewrite" option to smartuser, cf aliasfile and forwardfile. + +6. When verifying or testing an address, if both a director and router are set, +show both in the output, as is done on log lines for deliveries. + +7. Implemented lookup_open_max for controlling the maximum number of cached +lookup opens for lookup types that use real files. + + +Version 2.051 +------------- + +1. Added bsdi4.0 as an os-type, equivalent to BSDI. + +2. Removed definition of DN_EXPAND_ARG4_TYPE as u_char * for IRIX 6.5, as that +release of IRIX is now compatible with most other OS so the default is OK. + +3. The exiwhat script no longer uses "cut" to fish the process numbers out of +"ps" output because it doesn't work on all systems. (IRIX 6.5 has longer pids.) +It now uses awk instead, to get the first field, whatever length it is. + +4. Installed PCRE version 2.01 (Perl 5.005 compatible). + +5. Revamped the way the working makefile in the build directory is created. +This also involved some modification to some of the files in the scripts +directory. At the top level one still runs "make" on its own, but this no +longer involves a nested call to "make" in order to create the lower-level +makefile (which is now called Makefile with a capital M). If run from within +the build directory, it is no longer capable of re-building itself. Further +revampings were done to ensure that the behaviour is the same on IRIX as on +other systems with regard to rebuilding. The "make" program on IRIX behaves +differently in regard to targets that are forced but don't actually rebuild the +file of that name. + +6. The source has been tidied in places as a result of a -fullwarn run on the +IRIX 6.5 compiler. In Exim itself, one set of warnings, in store.c, remains; I +haven't been able to find a way to write the code so that it doesn't generate +them. In the Exim monitor, there are warnings for the modified StripChart and +TextPop modules taken from the Athena widgets. + +7. LFLAGS has been set to -Wl,-LD_MSG:off=85 for IRIX 6.5. This suppresses the +warning about StripChart and TextPop overriding those in the Xaw library when +linking eximon.bin. + +8. Unwanted \n at end of log message for too many message in one connection +removed. + +9. Log entries for queued messages on a single SMTP connection other than the +first such message were incorrectly given as if the queueing was for too many +SMTP connections, instead of for too many messages or load average too high. + +10. Changed the OS/Makefile-FreeBSD setting to X11=$(X11BASE) instead of +X11=/usr/X11. + +11. Improved the output for host testing with the -bh option; more detail of +the order of testing accept/reject lists etc. is now given. + +12. The pipe transport now gives the signal name in the log message when its +child is ended by signal. For Solaris 2, BSD-derived systems, and Linux, the +strsignal() function is called. For the rest, there is a built-in function that +covers the most important signals. + +13. The pipe transport now attempts to give a possible explanation when its +child is ended by a non-zero exit code. As these aren't standardised, it has to +use the uncertain phrase "could mean". + +14. Helo_accept_junk_hosts wasn't allowing the junk to start with [. + +15. Remove trailing spaces from Local/Makefile when building Makefile, as +they can cause trouble in some of the sed commands for building scripts. + +16. A new test for options settings threw up two obscure ones that were out of +alphabetical order in the source. Also some poorly worded configuration error +messages. + +17. The domainlist router wasn't accepting the route_queries option if +route_list wasn't set, complaining "either route_list or route_file or +route_query required". + +18. The queryprogram router had options called "user" and "group" which +conflicted with the generic options of the same name (which got invented +later, for 1.929). The options for queryprogram have been renamed +"command_user" and "command_group". + +19. When the -t option was set, Exim was barfing at header lines like + + To: Recipient list not shown:; + +and complaining about "empty address", even if there were valid addresses in +the Cc or Bcc headers. + +20. The second part of change 10 for 2.05 was a disaster in the case of +temporary errors after MAIL FROM, DATA, and ".", because it meant that one +dodgy message could hold up other mail for the recipients involved. Backed it +out. However, the action after RCPT TO is OK, and remains. + +21. If a listening daemon was run without a -q option to start queue-runners, +it could occasionally crash when a message-accepting process ended. + +22. Added smtp_accept_max_per_host. Required smtp_accept_max to be set if this +or smtp_accept_queue is set. + +23. Added keepalive options for incoming and outgoing SMTP. + +24. Reworded the message that is output at the end of filter testing, as it was +confusing to users. (It wasn't clear that 'delivered is false' meant that the +message would be delivered normally.) + +25. Bug in handling exceedingly long configuration lines fixed. + +26. Added Malcolm Beattie's patch for calling Perl from string expansion. + +27. A new approach to handling temporary errors in the smtp transport. Details +documented in NewStuff. + +28. Bug in exiqsumm showed up under Perl 5.005; the sorting wasn't working +correctly. diff --git a/changelogs/ChangeLog-2.11.html b/changelogs/ChangeLog-2.11.html new file mode 100644 index 0000000..3cce25d --- /dev/null +++ b/changelogs/ChangeLog-2.11.html @@ -0,0 +1,112 @@ +Version 2.11 +------------ + +1. Adjustment of code for catching over-long multi-line SMTP responses to +do a better job in the case of packets not ending in \r\n. + +2. Ignore any user-supplied whitespace (in particular, newlines) at the end of +smtp_banner; previously it was starting a continuation response, and then never +completing it, as there was nothing left. + +3. Eximstats: computed incorrect total size of local deliveries. + +4. If NO_SYSEXITS is set, don't make assumptions about the existence of exit +definitions in the strexits() function in os.c. + +5. Tweak DGUX os.h file for strsignal and add HAVE_MMAP. + +6. If a bounce message was constructed without any directing/routing having +occurred, Exim crashed. This could be provoked by -Mg, or if routing/directing +was deferred until the message retry time was exceeded. The bounce message +could be sent multiple times in the latter case, and did not contain a copy of +the original. + +7. Don't insist on a transport for the domainlist router if verify_only is set. + +8. The count of lines in messages read from stdin with the -i option (ended +only by EOF) was not getting set correctly. + +9. When calling itself to send an error or a warning message, Exim wasn't +setting the -oi option, thus causing truncation of any enclosed text such as a +copy of the incoming message or the output of a pipe if it contained a line +with only a full stop in it. + +10. Added dns_check_names_pattern to provide control over the syntax check. + +11. If a DNS MX lookup fails the syntax check, don't go on to look for an A +record; and if called from lookuphost, don't go on to try widening the name. + +12. Add the identity of the RBL domain to the log when in RBL warning mode, +and also to the messages output during -bh testing. + +13. Do not stop scanning the list of RBL domains when one matches in warning +mode; ensure that X-RBL-Warning headers are added for all that match. + +14. When testing with -bh, output a reminder after the final 250 after "." that +this is not for real. + +15. Added max_username_length. + +16. The log phrase "Error while handling error message" has been made more +accurate by changing it to "Error while reading a message with no usable sender +address", and a reference to the generating message added if there is one. + +17. If -oee was set and the sender of a malformed incoming message was <>, so +that no error message could be sent, the return code was zero rather than 1 +(i.e. it wasn't noticing it hadn't sent an error message). + +18. If a non-SMTP message contains no recipients and error reporting is by mail +and no error message can be sent, the return code from Exim is now 2 instead of +1. This is so it can detect this case in the autoreply transport. + +19. If the autoreply transport detects return code 2 for the message it has +submitted (no recipients) it no longer defers delivery. This means that +autoreplies to $sender_address when that is <> just get ignored (but there is +an entry on the log for the error). + +20. Improved the error message that is given when an alias file or route list +file has the wrong mode, since this seems to confuse people. + +21. Treat disconnection after end of data as a message error rather than a host +error. + +22. Expanded the "file has wrong uid/gid" message to include the uids or gids +which don't match. + +23. Installed PCRE 2.02 (minor tidies). + +24. If a system filter discarded a message (by "seen finish" or similar) then +the log said "original recipients ignored", but had no => line. Now it contains +"=> discarded (message_filter)" instead, to be like the logging that happens +when a user filter discards a message. + +25. Exinext was not displaying routing delays for specific addresses if the +domain successfully routed to a remote host. These can now exist in these +circumstances after temporary recipient-specific errors. Likewise it was not +capable of picking out message-specific retry data when given a message id. + +26. Pipe delivery timeouts were not working if the writes to the pipe got +blocked (they only worked while waiting for the process to complete after doing +all the writing). Furthermore, after a timeout Exim just killed the process it +had created; if that process created further subprocesses they got left +running. It now makes the created process a process group leader, and kills the +whole process group, which will catch simple cases that don't themselves start +new process groups. Also, after detecting a timeout and killing the subprocess, +the third process that was reading from the output pipe didn't always die +immediately. The reading process is now forcibly killed along with the timed +out process group. + +27. If a queryprogram process timed out, Exim wasn't killing it. It now kills +the whole process group, as for pipes (see 26 above). + +28. If a pipe produced output, any error message was omitted from the bounce +message (this was to avoid "output message generated"), but this omitted +information about timeouts. The error information is now included except for +DEFER and OK returns. + +29. Added "hosts_override" to the smtp transport. + +30. Fixed two code infelicities in mailstore format delivery: (a) after opening +RDONLY, a stream of type "w+" was made (this fails on Linux), and the call to +fdopen() was not checked for errors; (b) the fd was closed directly, instead of +the stream. diff --git a/changelogs/ChangeLog-2.12.html b/changelogs/ChangeLog-2.12.html new file mode 100644 index 0000000..e72337e --- /dev/null +++ b/changelogs/ChangeLog-2.12.html @@ -0,0 +1,61 @@ +Version 2.12 +------------ + +1. Adjusted scripts/os-type to cope with IRIX 6.5.2m which annoyingly has to be +treated as a different OS. + +2. Removed #define SYSCTL_IP_INTERFACES from OS/os.h-IRIX, because this feature +is only in IRIX versions greater than or equal to 6.2. + +3. Removed the optimization for copying routing from one address to another +with the same domain. This should have been cut out as soon as the possibility +of using $local_part in router configurations was recognized. Also, using +"unseen" on a router causes problems as well. + +4. The use of "unseen" on a router or director was not working properly if +there was a deferment of delivery. Whichever of the unseen/real deliveries +deferred did not get tried again because Exim thought it had delivered the +original address. + +5. Error message when remote closed connection had spurious ": NULL" on the end +of it. + +6. Eximon: if a message had no undelivered addresses, Eximon was omitting it +from its queue listing. + +7. The name of a driver was not being macro-expanded. + +8. Remove the old "expiring address" code from smartuser, as it hasn't been +compiled for a long time, and was throwing up comments in Y2K testing. + +9. Added USE_DB=yes to the FreeBSD Makefile, since all versions come with +Berkeley DB. + +10. Added /usr/include/mit in the XINCLUDE for Ultrix, since some versions need +it. + +11. Modified the arch-type script to call uname -m if uname -p returns +"unknown", which apparently happens on some Linux systems. + +12. If a forward file contained an unterminated quote or comment, it caused the +address not to be terminated at the end of the line, thus swallowing subsequent +lines. + +13. Split the HP-UX configuration files into HP-UX-9 for release 9 and HP-UX +for the current release, which is more POSIX compliant. This has been tested on +release 11.00. Anybody using release 10 may have to fiddle with them. + +14. Changed tests on __hpux in the libident library to tests on hpux. This +picks out the pre-POSIX releases of HP-UX where different argument types are +required for select(). In the current release, hpux is, quite correctly, not +defined (__hpux is defined). + +15. Fiddled with the dummy functions in various places to stop the picky HP-UX +ANSI compiler from complaining that they were infinite loops. + +16. Fixed problem which occurred when a source-routed address was routed to the +local host. It should get rewritten with the first host stripped off; this was +screwing up the original address, causing problems with (a) logging and (b) the +contents of the header file if the delivery was deferred. + +17. Added qualify_single and search_parents options to domainlist router. diff --git a/changelogs/ChangeLog-3.00.html b/changelogs/ChangeLog-3.00.html new file mode 100644 index 0000000..93faa7e --- /dev/null +++ b/changelogs/ChangeLog-3.00.html @@ -0,0 +1,297 @@ + + + + exim changelogs - Version 3.00 (previous main release 2.12) + + + +

Exim changelog for Version 3.00 (previous main release 2.12)

+ +

Version 3.00

+ +
    +
  1. + The documentation has been brought up-to-date for release + 3.00. +
  2. +
  3. + The -oMr option is documented as working for non-SMTP and + batch SMTP input. It was being ignored for batch SMTP. This + has been fixed. +
  4. +
  5. + Add #define DN_EXPAND_ARG4_TYPE u_char * to OS/os.h-SCO + because it seems that it is one of the operating systems that + defines the fourth argument of dn_expand this way. +
  6. +
+ + +

Version 2.954

+ +
    +
  1. + Log reception of the SMTP "debug" command. +
  2. +
  3. + Bug introduced by 2.950/15: Exim was incorrectly assuming a + dropped SMTP call if the message's data contained a byte with + the value 255. (Signed character problem in the private + "getc()" code. Sigh.) +
  4. +
+ + +

Version 2.953

+ +
    +
  1. + Typo in filter.c fixed; some compilers didn't like it, while + others were happy. +
  2. + Make "fail_soft" for the "self" and host_find_failed domainlist + options override a generic setting of no_more. +
  3. + Set $self_hostname when self=fail_soft in a router. +
  4. + Added /warn and /reject to rbl_domains. +
  5. + Reject messages with too many headers instead of just silently + pushing the rest into the body. +
  6. + Recoded handling of multiple headers in expansion to be + (hopefully) more efficient in store usage. +
  7. + Restrict the amount of store used by a $h_ expansion to 64K (to + catch lunatic messages with a zillion To: headers). +
  8. + Add the operator "escape" to string expansions: it escapes all + non-printing characters in its argument. +
  9. + Make HEADER_MAXHEADERS into a config.h macro to match + HEADER_MAXLENGTH so it can be changed easily. +
  10. + If Exim reads EOF on an incoming SMTP connection, it assumes a + broken connection, but neverthless writes an error response. This + was erroneously using a 554 error code instead of 421. +
  11. + The private "getc()" code for TCP/IP inputs had the feof and + ferror tests the wrong way round (but it shouldn't have mattered + much). +
  12. + Blank lines were getting written to the log after some "no + immediate delivery" messages. +
  13. + Increase the maximum length of RBL TXT record data that Exim reads + from 127 to 511. +
  14. + Include IP address in RBL rejection message. +
  15. + To aid in debugging "unexpected disconnection" errors, if the + result of read() is negative, the errno message is now added to + the logged error. +
  16. +
+ +

Version 2.952

+ +
    +
  1. + White space was not being ignored after a search type ending in + "*" or "@*" in a lookup expression in an expansion. +
  2. + If the smtp waiting database failed to open, the error message + wasn't printing out the interpretation of the value of errno. +
  3. + The negative item "!@" was not being correctly handled in a host + list. +
  4. + Changed the expansion of $tod_full so that the day number is + always given as two digits (to match the times, and it helps for + regression testing). +
  5. +
+ +

Version 2.951

+ +
    +
  1. + Installed PCRE 2.05 (anchoring bug fix). +
  2. + Retrying was not timing out properly when a message suffered a + temporary address error. This could result in retrying every queue + run after the time when it should have bounced. +
  3. + Implemented once_repeat option for the autoreply transport, and a + corresponding "once_repeat" option for the mail and vacation + commands in mail filters. The vacation command now defaults + once_repeat to 7 days. +
  4. + Added $message_body_size. +
  5. +
+ +

Version 2.950

+ +
    +
  1. + Big, INCOMPATIBLE re-arrangement of the handling of + domain/host/net/address lists by adding negation and reducing the + number of options. +
  2. + Remove a number of obsolete features; another INCOMPATIBLE change. +
      +
    1. + Obsolete options - see README.UPDATING. +
    2. + No longer allow for pre-0.57 spool files without their names + at the top. +
    3. + No longer cater for spool files that don't have a -body_linecount + setting. This came in at 1.91, but affects only SIZE for + smtp output, so older spool files might still work. +
    4. + No longer ignore commas and semicolons for driver options. +
    5. +
    +
  3. + Installed PCRE 2.04 - bug fixes and tidies. +
  4. + + The API of DB 2 changed at release 2.5.x by adding an + additional option field to the function for starting a + cursor. Fixed dbfn.h to cope with both styles - luckily the + version number is defined by macros. +
  5. + The LDAP library in Solaris 7 has yet another way of handling + errors from the search functions - different from either UMich + LDAP or the Netscape LDAP SDK. (A pity, since everything else + appears to be source-compatible.) It does not seem to be + possible to detect the differences automatically. There was a + previous fudge to distinguish UMich and Netscape, but I + haven't found out how to extend it. Anyway, it gets messier + and messier. Instead, there is now a configuration option + LDAP_LIB_TYPE which the builder of Exim must set. (If not, the + current heuristic still applies.) +
  6. + Some tidies in the smtp transport; some error status + information might have got lost when debugging was turned on + (failing to preserve errno). +
  7. + Host names used as part of keys in the retry database were not + getting lower cased; consequently if a host appeared in two + differently-cased forms (e.g. in MX records, or in a + domainlist rule), separate retry records were being created. +
  8. + Improve wording of some expansion errors. +
  9. + Exim now takes note of the list of alias host names when it + uses gethostbyaddr() to look up a host name. Host checks for + relaying etc. now check against the alias list as well as + against the primary name. +
  10. + In the smtp transport, Exim was relying on errno remaining + zero after a valid read() call, though one shouldn't really + look at its value except in cases of error. It was getting set + on at least one OS. +
  11. + Because "service" is not what people expect, add "port" as a + synonym to all the relevant options. +
  12. + The -bh option wasn't giving any commentary on the testing of + the sender address (or any other address testing). +
  13. + + Lower case local parts as well as domains when doing tests of + address lists, but allow for exception with +caseful. +
  14. + + Make scripts/os-type recognize "sunos4*" instead of just + "sunos4". +
  15. + + When reading from an incoming SMTP call, Exim was always + flushing the output after every command. This causes an + unnecessary number of TCP/IP packets to be used when the + remote client is using pipelining. Instead of using the + standard C library functions (getc() etc.) in this case, Exim + now reads directly from the socket, and flushes the output + only when it needs to refill its input buffer. + +16. Re-vamp of the handling of incoming batch SMTP, as suggested by Ian +Jackson: (i) sender_verify_batch defaults false. (ii) Always give up entirely +on encountering any error while receiving, writing to stdout/stderr and setting +a return code. (iii) EOF is now an error. + +17. Make -R[f] and -qf skip frozen messages by default, and implement -Rff +etc to force thawing. + +18. Log ETRN from hosts that are not in the permitted list. + +19. The use of log_level to cut out "retry time not reached" from the message +log file now applies only to second and subsequent delivery attempts. This +means that during the first attempt, something gets written to the file for all +addresses, both toplevel ones and generated ones. + +20. Added START_SMALL to monitor build-time configuration to start up with +small sized window. + +21. Added $interface_address to hold the incoming interface address, and -oMi +to force it. + +22. Cast uids and gids to long int when [s]printf-ing them. + +23. Typo in source: if an alias file used :fail: for an address that was being +verified, a 450 rather than a 550 error was given. + +24. Log (main and reject logs) when a VRFY or EXPN command is rejected on +policy grounds. Also log (on main log) when an accepted VRFY command fails to +verify the address - this is already done for failing verification of RCPT. + +25. For RBL rejections, if prohibition_message is set, use it, with the RBL +text in $rbl_text. Otherwise show the text as before. + +26. Implemented $message_body_end. In the process, fixed a possible bug +involved with $message_body - the data was being put into non-permanent store, +so if the variable was used more than once, there could have been problems. + +27. If the pattern in a route_list item in the domainlist router is a lookup, +the data looked up is now available as $value in the hostlist item. + +28. Added the "environment" option to the pipe transport. + +29. If -odi is set (synchronous delivery), pass it on to any re-execs or other +calls of Exim (e.g. to send error messages). This helps with automatic testing. + +30. The converter to Texinfo format was turning @sc{xxx} into actual capital +letters in section headings, but not in menu items that refer to them. The +latest version of Texinfo picks this up. Menu items are now also capitalized. + +31. The change that forces euid=uid when Exim is called by root broke the +special processing when CONFIGURE_FILE_USE_EUID is set. This has been fixed. + +32. If an LDAP lookup found an entry, but it had no attributes, it was +returning junk. Now it behaves as if the entry was not found. + +33. During a -qq run, delay warnings were being sent after the first pass. + +34. Access to headers in expansion strings is documented only via the syntax +$h_name: or $header_name: but *not* using {}. For example, ${h_to} is not +documented as legal; by accident it used to work, but ${h_to:} did not because +it was taken as an invalid abbreviation for ${hash_to:}. The "accident" has +been undone. + +35. Patch to scripts/os-type to cater for Unixware 7 and 7.1. + +36. Changed SCO_SV configuration (for SCO 5) using Tony Earnshaw's information. + +37. Created a Unixware7 configuration using James FitzGibbon's information. + +**** +
  16. +
+
+
$Id: ChangeLog-3.00.html,v 1.2 1999/05/25 20:46:06 nigel Exp $
+ + + diff --git a/changelogs/ChangeLog-3.01.html b/changelogs/ChangeLog-3.01.html new file mode 100644 index 0000000..729cfe1 --- /dev/null +++ b/changelogs/ChangeLog-3.01.html @@ -0,0 +1,27 @@ + + + + exim changelogs - Version 3.01 + + + +

Exim changelog for Version 3.01

+ +
    +
  1. + Exim wasn't always handling (i.e. ignoring) white space + following an exclamation mark introducing a negative item in a + domain, host, or address list. +
  2. +
  3. + Exim was failing to compile under SunOS4 because on that OS + getc, ungetc, feof, and ferror are defined only as macros and + not as assignable functions (which Exim now needs). A suitable + lash-up has been provided for this operating system. +
  4. +
+
+
$Id: ChangeLog-3.01.html,v 1.2 1999/05/25 20:46:06 nigel Exp $
+ + + diff --git a/changelogs/ChangeLog-3.10.html b/changelogs/ChangeLog-3.10.html new file mode 100644 index 0000000..a992b8c --- /dev/null +++ b/changelogs/ChangeLog-3.10.html @@ -0,0 +1,660 @@ + + + + exim changelogs - Version 3.10 + + + +

Exim changelog for Version 3.10 - last non-testing release was 3.03

+ +

New Features and user visible changes

+ +
    + +
  1. The option log_queue_run_level specifies the log level for the +messages "Start queue run" and "End queue run". The default is 0.
  2. + +
  3. Addition of forbid_lookup, forbid_existstest and forbid_perl to +the forwardfile director.
  4. + +
  5. All directors except smartuser had current_directory and +home_directory options, to set values used at transport time. These +options have now been made generic, so now apply to all +directors.
  6. + +
  7. If SUPPORT_MOVE_FROZEN_MESSAGES is set at compile time, the new +option move_frozen_messages causes frozen messages and their message +logs to be moved from the input and msglog directories on the spool to +Finput and Fmsglog. There is currently no support in Exim or the +standard utilities for handling such moved messages and they won't +show up in lists generated by -bp or eximon.
  8. + +
  9. If no transport is specified for a smartuser director, the +new_address field may now specify a comma-separated list of new +addresses, and :blackhole:, :defer: and :fail: can also be used +there. In otherwords, new_address is like a line from an alias file +(except that :include: is not supported).
  10. + +
  11. The exigrep utility now automatically zcats any log file whose +name ends in COMPRESS_SUFFIX, using ZCAT_COMMAND, as defined in +Local/Makefile.
  12. + +
  13. The expansion condition first_delivery is true for the first +delivery attempt on a message; queue_running is true when a delivery +attempt is caused by a queue runner.
  14. + +
  15. When log_refused_recipients is set, each log line now has a reason +for refusal such as "(RBL)" or "(sender_reject_recipients)".
  16. + +
  17. The magic string "+warn_unknown" behaves like "+allow_unknown", +but it writes a log line every time it lets through a host whose name +can't be looked up.
  18. + +
  19. If EXIMON_LOG_FILE_PATH is set in the environment when eximon +starts up, it overrides the configuration setting. This makes it +possible to have eximon tailing log data that is written to syslog, +provided that MAIL.INFO messages are routed to a separate file.
  20. + +
  21. Policy rejections of recipients can now be overridden for certain +senders by setting recipients_reject_except_senders.
  22. + +
  23. When all deferred addresses have the same domain, it is set in +$domain during the expansion of delay_warning_condition. For pipes, +files, or autoreplies, this is the domain of the parent.
  24. + +
  25. -Rr (and -Rrf, -Rrff) treat the string as a regular +expression.
  26. + +
  27. Added -S (with all variations), which works like -R except that it +checks the message's sender instead of the undelivered recipients. If +both -R and -S are given, both conditions must be satisfied.
  28. + +
  29. The new expansion variable $message_age contains the length of +time since the message was received as a number of seconds.
  30. + +
  31. The syntax of LDAP queries has been extended to allow the passing +of more information than is available in the LDAP URL. An LDAP query +may now consist of a URL preceded by any number of "name=value" +settings, separated by spaces. If a value contains spaces it must be +enclosed in double quotes, and when double quotes are used, backslash +is interpreted in the usual way inside them. The following names are +recognized: +
    +
    USER
    set the DN for authenticating the LDAP bind
    +
    PASS
    set the password
    +
    SIZE
    set the limit for the number of entries returned
    +
    TIME
    set the maximum waiting time for a query
    +
    +
  32. + +
  33. Callers whose gid is Exim's gid are now automatically trusted +(only the uid was looked at previously).
  34. + +
  35. There's a new option called admin_groups. If the current or any of +the supplementary groups of the caller is in this list, the caller has +admin user privileges.
  36. + +
  37. There is now support for PAM (Pluggable Authentication Modules), a +facility which is available in the latest releases of Solaris and in +some GNU/Linux distributions (see + http://ftp.at.kernel.org/pub/linux/libs/pam/).
  38. + +
  39. The file that the exiwhat mechanism uses for process status +information is no longer bundled with the log files. Instead, +"exim-process.info" in the spool directory is used.
  40. + +
  41. Exim can now be configured to log to syslog as well as or instead +of to local log files.
  42. + +
  43. There's a new expansion operator called "mask" which converts an +IP address to binary, masks off the least significant bits, and +converts the result back to text, with mask appended. For example: +${mask:10.111.131.206/28} returns the string +"10.111.131.192/28".
  44. + +
  45. There exist some rare networking situations (for example, packet +radio) where it is helpful to be able to translate IP addresses +generated by normal routing mechanisms into other IP addresses, thus +performing a kind of manual IP routing. This should be done only if +the normal IP routing of the TCP/IP stack is inadequate or +broken. Exim now has this capability.
  46. + +
  47. A new option called retry_data_expire (default 7d) specifies that +retry data older than this should be ignored. This means that if, for +example, a host hasn't been tried for 7 days, Exim will behave as if +it had no knowledge of past failures.
  48. + +
  49. To help with formulating lookup queries, there is a new expansion +operator + +${quote_:} + +which quotes the characters of the string in a lookup-specific way. For +example, the safest way to write a NIS+ query is + +[name="${quote_nisplus:$local_part}"] +
  50. + +
  51. The from_hack option in the appendfile and pipe transports has +been replaced by two string options, check_string and +escape_string. When set, the start of each line is tested for matching +check_string, and if it does, those characters are replaced by the +contents of escape_string.
  52. + +
  53. The appendfile transport has a new option called file_format, +defaulting unset. If set, it requests the transport to check the +format of an existing file before adding to it.
  54. + +
  55. There is a new expansion condition called crypteq, which is +automatically available if Exim is built to support any authentication +mechanisms. Otherwise, it is necessary to define SUPPORT_CRYPTEQ to +get it included in the binary. The crypteq condition has two +arguments. The first is encrypted and compared against the second, +which is already encrypted. Two encryption types are currently +supported: +
      +
    • md5 first computes the MD5 digest of the string, and + then expresses this as printable characters by means of the + base64 encoding.
    • + +
    • crypt calls the crypt() function as used for encrypting + login passwords.
    • + + +
    • There is now support for the AUTH extension to SMTP (RFC 2554), +both as a client and as a server.
    • + +
    • The -bv option now runs interactively, like -bt, if no addresses +are given on the command line.
    • + +
    • There is a new option called -be which is for testing string +expansion. If no arguments are given it runs interactively. It simply +does a string expansion on arguments (or data lines) and outputs the +result.
    • + +
    • The GNU/Hurd operating system is now supported.
    • + +
    • If quota is specified on an appendfile transport, then +quota_warn_threshold may optionally be specified as a percentage.
    • + +
    • There's an alternative hashing function for expanded strings, +called "nhash" for "numeric hash". An item of the form +${nhash_:string} produces a number in the range 0-n, while an item +of the form ${nhash__:string} produces two numbers, separated by +a '/', in the ranges 0-n and 0-m respectively, using a div/mod +hash.
    • + +
    • The expansion variable $host_lookup_failed contains "1" if there +has been an attempt to look up the sending host's name from its IP +address, and this has failed to find the name. Otherwise +$host_lookup_failed contains "0".
    • + +
    • The exim_dbmbuild utility now warns if it encounters a duplicate +key. By default, only the first of a set of duplicates is used - this +is a change from the previous state, but it does make it compatible +with lsearch lookups. There is an option -lastdup which causes it to +use the last instead, which is compatible with what it did +before. There is also an option -nowarn, which stops it listing +duplicate keys to stderr. If any duplicates are encountered, the +return code is 1. For other errors, where it doesn't actually make a +new file, the return code is 2.
    • + +
    • There is a new option called ldap_default_servers which can be +used to supply a colon-separated list of replicated LDAP servers. If +an LDAP lookup has no server mentioned in the URL, that is, the URL +begins "ldap:///...", and ldap_default_servers is set, then the query +is passed to each of the listed servers in turn.
    • + +
    • There is now a variant of the dbm lookup type called dbmnz, which +does not include a trailing binary zero in the keystring that is +looked up.
    • + +
    • Support for MYSQL is now available when LOOKUP_MYSQL is +defined.
    • + +
    • In a system filter file (but not in a user filter) a "deliver" +command may now be followed by "errors_to " in order to +change the envelope sender (and hence the error reporting) for that +delivery.
    • + +
    • The number can now be omitted from host list net searches, in +which case the IP address is looked up without masking and without any +additional text. For example, if an item in a host list is +net-lsearch;/some/file and the calling host has IP address 10.9.8.7 +then the key that is used in the lookup is "10.9.8.7".
    • + +
    • When IPv6 addresses are used in net lookups, the separator between +the components is "." rather than the conventional ":" because colon +is the key terminator in lsearch files. The full, unabbreviated IPv6 +address is always used.
    • + +

      Changelogs

      + +

      Version 3.10

      +
      +
      +1. Exim was crashing when lookup_open_max was exceeded if the type of file
      +being closed was different to the type of file being opened.
      +
      +2. Some further tidies of the os-type and arch-type scripts.
      +
      +3. ENOSPC is not treated in the same way as a quota error for the purposes of
      +retrying.
      +
      +4. The revised exigrep (3.091/26) had "gz" and "Z" built in. Change it to check
      +for COMPRESS_SUFFIX.
      +
      +5. If a reverse lookup done within a message failed because the name looked up
      +had no matching forward lookup, the error text for this got obliterated at the
      +end of the message, and so if it was needed for a subsequent message on the
      +same SMTP connection, junk got logged.
      +
      +
      +Version 3.093
      +-------------
      +
      +1. The -bP option wasn't recognizing "authenticator xxx". It was recognizing
      +"auths" and "auth_list", but this abbreviation seems unexpected, so changed
      +those to use the full word.
      +
      +2. Removed a now (since 2.12/3) useless optimization in the code for checking
      +whether two addresses have the same list of hosts.
      +
      +3. After some calls to execv() the failure code wasn't being output.
      +
      +4. Increased field widths in eximstats, as the numbers can be quite big on busy
      +systems.
      +
      +5. Arrange for X-RBL-Warning: headers to be inserted when recipients are
      +allowed through by an exception list from an RBL domain that is set to reject.
      +
      +6. Tidied error messages from -brw. Also, if an SMTP rewrite happens and the
      +source address isn't syntactically valid, just skip the other rewrites. Skip
      +them in any case if there are no rules with non-S flags. If there are no rules
      +at all, say so.
      +
      +7. Reworded "no valid sender in message headers" error message, because it has
      +confused people. Tidied some related messages as well.
      +
      +8. Added USE_DB=yes to the OpenBSD configuration.
      +
      +9. Ignore check_log_space if log_file_path just contains "syslog".
      +
      +10. Add closelog() to the function that closes all log files. The important
      +case of this is the call just before the daemon closes all file descriptors,
      +because otherwise it is closing the syslog one behind the system's back.
      +
      +11. Two "frozen" messages were getting written to the message log in some
      +circumstances.
      +
      +12. Bug in 3.091/23 (fixing an earlier bug) caused a crash if a list of MX
      +records with some identical host names came in a specific order (so it only
      +showed now and again).
      +
      +13. In the arch-type script, when uname -p gives something containing spaces,
      +try uname -m. (Previously it did this only for "" or "unknown".)
      +
      +14. Recognize i686 in scripts/arch-type.
      +
      +15. Re-organize the os-type and arch-type scripts so that $OSTYPE and $ARCHTYPE
      +are now tried after uname rather than before, as many shells set silly values
      +in them. Manual overrides are now provided by EXIM_OSTYPE and EXIM_ARCHTYPE.
      +
      +
      +Version 3.092
      +-------------
      +
      +1. Serious bug caused by 1-character typo: In very long messages, characters
      +could occasionally be lost (e.g. 3 lost in a 1.5M file). This bug was
      +introduced in the changes made for 3.033, so it was never in a main release.
      +
      +
      +Version 3.091
      +-------------
      +
      +1. Exim was not reporting the actual error if there was an I/O error while
      +reading a message or writing the spool file during message reception. Nor was
      +it logging anything.
      +
      +2. Some reorganization and tidying up of code for handling errors while writing
      +the spool header file.
      +
      +3. When showing log messages for debugging, display the DIE flag when set.
      +
      +4. Add logging of SMTP AUTH information to the "message received" log line.
      +
      +5. Added forbid_lookup, forbid_existstest, forbid_perl to forwardfile (later
      +changed to better names forbid_filter_lookup etc.).
      +
      +6. create_file = belowhome in appendfile could be defeated by the use of /../
      +in the name. Sigh. I'm not devious enough... Symbolic links could also defeat
      +it. These are now checked for by means of realpath(), which all the Unixes I've
      +checked do have. Also, Exim was creating any necessary directories before
      +checking create_file. It now creates directories only if it is permitted to
      +create the file.
      +
      +7. Add more code to ldap to remember when a bind was done and with what
      +credentials so that it doesn't repeat the bind for a subsequent lookup with the
      +same credentials.
      +
      +8. If create_directory was set on appendfile and the directory creation failed
      +for some reason, the error was not reported, so it appeared as if
      +create_directory had been ignored.
      +
      +9. All directors except smartuser had current_directory and home_directory
      +options, to set values used at transport time. These options have now been made
      +generic, so now apply to all directors.
      +
      +10. If a local delivery failed and created message longer than 256 characters,
      +it got truncated when logged.
      +
      +11. Change "all" to "one or more" in bounce and delay messages.
      +
      +12. The convert43t conversion utility didn't work for driver names containing
      +capital letters.
      +
      +13. Change autoreply and other generated messages to use "Reply-To" instead of
      +"Reply-to" because that's the "suggested" form in RFC 822.
      +
      +14. Pulled some common code out of aliasfile and forwardfile and made it into a
      +separate function which they each call.
      +
      +15. The function for writing the -H file tried to create the directory if it
      +didn't exist, but it always will, because the -H file isn't written until the
      +-D file has been successfully written. So we can save a bit of code (which in
      +fact was buggy because it didn't support sub-directories).
      +
      +16. Added move_frozen_messages, but only if SUPPORT_MOVE_FROZEN_MESSAGES
      +is defined. There is no current support for handling such messages.
      +
      +17. If queue_smtp or queue_remote got set via queue_only_file for an incoming
      +SMTP message received by the daemon, the flag was not being passed on to the
      +delivery process.
      +
      +18. An explanation to the long-standing problem of eximon menus not working
      +when num-lock is set has been received, and a workaround implemented.
      +
      +19. Address rewrites that happened during delivery (typically on new addresses
      +from forward or filter files) were causing an X-rewrote-address dummy header to
      +be added to the message each time it happened. This could get embarrassing if
      +retrying went on for a long time.
      +
      +20. Only write "children all complete" to the msglog file if the address has no
      +parent address with the same original address. Otherwise (e.g. in cases where
      +xxx is aliased to xxx and other things, and the new xxx gets further aliased by
      +another director) it can be confusing.
      +
      +21. After successful directing, the debugging line showed the transport field
      +from the original address, which could be misleading if copied address had been
      +queued (e.g. by smartuser). As the general queuing function now outputs this
      +info, remove it at top level.
      +
      +22. Smartuser was showing the old rather than the new address in its debugging
      +output.
      +
      +23. If a broken MX list contained the same host more than once, Exim was coded
      +to keep only the lowest precedence, but if it saw a lower value after a higher
      +one, and had seen precedences between the two values, it screwed up the
      +sorting.
      +
      +24. The revision of RFC 822 increases the encouragement for collapsing source
      +routed addresses from the MAY of RFC 1123 to SHOULD. I have therefore cut out
      +all the source route handling code, with the exception of parsing and
      +collapsing. The option collapse_source_routes now has no effect - they are
      +always collapsed. This has made it possible to make some tidies in various
      +places.
      +
      +25. Rewrote the smartuser director - if no transport is specified, the
      +new_address option may now specify a list of addresses, and it may also specify
      +:blackhole:, :defer:, or :fail:.
      +
      +26. Upgraded exigrep so that it automatically zcats compressed file.
      +
      +27. Added expansion conditions first_delivery and queue_running.
      +
      +28. When log_refused_recipients is set, give a reason in each log line.
      +
      +29. Implemented +warn_unknown.
      +
      +30. Allow EXIMON_LOG_FILE_PATH to override in eximon - useful when syslog is in
      +use.
      +
      +31. -Mg was not forcing a thaw of frozen messages (an unwanted side effect of
      +change 17 in version 2.950).
      +
      +32. -M and other delivery forcers (e.g. -qf) were not overriding
      +queue_remote_domains and queue_smtp_domains.
      +
      +33. Added recipients_reject_except_senders.
      +
      +34. When all deferred addresses have the same domain, it is set in $domain
      +during the expansion of delay_warning_condition. For pipes, files, or
      +autoreplies, this is the domain of the parent.
      +
      +35. Changed the default configuration file to lock out domain literal support.
      +This is strictly contrary to the RFCs, but people don't understand about it and
      +it has been abused by spammers seeking open relays.
      +
      +36. -Rr (and -Rrf, -Rrff) treat the string as a regular expression.
      +
      +37. Added -S, which works like -R except that it checks the message's sender.
      +
      +38. Added $message_age.
      +
      +39. Make Exim ignore -n (no aliasing), and make -oitrue the same as -oi.
      +
      +40. Typo in ldap code could cause junk to appear in the error message if a
      +search call failed (which it normally doesn't).
      +
      +41. Source tidies to get rid of compiler warnings for possibly uninitialized
      +variables.
      +
      +
      +Version 3.040
      +-------------
      +
      +1. Added additional parameters to LDAP lookups.
      +
      +
      +Version 3.039
      +-------------
      +
      +1. Callers who have exim's gid as the current gid are now trusted.
      +
      +2. Added new option admin_groups.
      +
      +3. There was a bug in store handling for expansions involving very large
      +strings, e.g. if message_body_size was set large and was the subject of a
      +"match" filter condition. The symptom was a bus error.
      +
      +4. Exim wouldn't build if LOG_FILE_PATH was set to any of the new syslog
      +variations.
      +
      +5. A couple more compile-time tweaks for netBSD (default USE_DB=yes and look
      +for chown in /usr/sbin).
      +
      +
      +Version 3.038
      +-------------
      +
      +1. Added support for PAM authentication.
      +
      +
      +Version 3.037
      +-------------
      +
      +1. When forwardfile defers because it doesn't like the file's permissions,
      +include the offending bits in the error message.
      +
      +2. General tidy of error messages from directors to remove duplicated
      +information. (e.g. director names, because they are also shown in the D= item
      +of log lines).
      +
      +3. Pulled some general outgoing SMTP code out of transports/smtp.c and put it
      +in functions in smtp_out.c. This is also used by client authenticator code; the
      +interface is now cleaner.
      +
      +4. Added log_queue_run_level.
      +
      +5. When a message with very long headers was rejected, and the reflection of
      +the headers to the rejectlog filled up the log buffer, the terminating
      +separator line got lost, and the entry didn't necessarily end with \n. It now
      +always puts in the separator, and adds "*** truncated ***" if something has
      +been chopped off.
      +
      +6. Updated eximon to cope with cases when syslog is being used. If only syslog
      +is being used, eximon cannot tail a log - omit that part of its window.
      +
      +7. Updated exicyclog to cope with cases when syslog is being used. If only
      +syslog is being used, exicyclog can't cycle anything.
      +
      +8. Fixed bug in base64 decoding function that was messing up CRAM-MD5
      +authentication for certain lengths of user name.
      +
      +
      +Version 3.036
      +-------------
      +
      +1. Moved the logging of a message's freezing to just before the -H file is
      +updated, to minimize cases when the logging happens but the file doesn't get
      +updated (an incident was observed when a system was being shut down).
      +
      +2. Ignore SIGTERM during the tidying-up phase at the end of a delivery, to
      +minimize the chances of things being half done.
      +
      +3. Don't bother doing an RBL lookup if the host has already matched
      +host_reject_recipients.
      +
      +4. Added "sort | uniq" into the exiwhat script, to cut out duplicates, which
      +sometimes happen in "ps" output.
      +
      +5. Changed the file exiwhat uses to spool/exim-process.info instead of a log
      +file. This is so that it will continue to work when syslog logging is used.
      +
      +6. Added support for syslog, configured in log_file_path.
      +
      +
      +Version 3.035
      +-------------
      +
      +1. The debug_print option wasn't working for the smtp transport.
      +
      +2. The responses to AUTH commands weren't being copied to debug output.
      +
      +3. Changed the condition handling in the plaintext authenticator to allow for
      +forced DEFER returns ("", "0", "no", "false" => FAIL, "1"; "yes", "true" => OK;
      +anything else defers, text is message).
      +
      +4. Added ${mask:} expansion operator.
      +
      +5. Added translate_ip_address.
      +
      +
      +Version 3.034
      +-------------
      +
      +1. When a header syntax check failed, a humungously long address that was too
      +much for string_sprintf to fit in the error message caused a panic exit. This
      +could happen, for example, if a double quote was omitted in a very long list of
      +addresses in a header. It now reflects just the first 1K of the address. Put a
      +similar limit on sender addresses in verify failed messages.
      +
      +
      +Version 3.033
      +-------------
      +
      +1. Arrange for crypt.h to be included only on those OS that have it (Solaris,
      +IRIX 6, modern Linux), and for -lcrypt to be set up for those OS that need it
      +(FreeBSD, NetBSD, modern Linux).
      +
      +2. Made MAXINTERFACES changeable in Local/Makefile.
      +
      +3. When sending a delay warning message, quote the top-level original address
      +only, saying "an address generated from" if the actual problem is with a child.
      +
      +4. Set a default for delay_warning_condition to skip precedence bulk/list/junk.
      +
      +5. Allow for spaces around colons in temp_errors setting in smtp transport.
      +
      +6. The "personal" test in filter files now checks for "list" and "junk" as well
      +as "bulk" in the Precedence: header.
      +
      +7. Added retry_data_expire.
      +
      +8. If a key in a partial match was very long (longer than the buffer for
      +string_sprintf()), Exim couldn't handle it.
      +
      +9. Added expansion operator ${quote_xxx:} where xxx is a search type. Each
      +search type has its own (optional) quoting function. Added suitable functions
      +for NIS+, LDAP, and MYSQL.
      +
      +10. Internal revision of the way the "From hack" and SMTP dot escaping is done
      +in preparation for extending appendfile. They are now unified, and are
      +therefore mutually exclusive.
      +
      +11. The "From hack" was failing if the string "From " happened to be split
      +between two buffers when transporting the message.
      +
      +12. If a non-SMTP message that was being read without -oi ended with "\n."
      +(no following NL) then the "." got lost.
      +
      +13. Ensure that all non-SMTP messages have a final NL at input time, instead of
      +testing at delivery time. This simplifies the delivery code.
      +
      +14. Replaced from_hack in appendfile and pipe by check_string and escape_string.
      +
      +15. Added file_format to appendfile.
      +
      +
      +Version 3.032
      +-------------
      +
      +1. If remove_headers contained a "fail" expansion, it caused a crash.
      +
      +2. The generic headers_remove option in transports is now expanded. (Seems to
      +have been an oversight.)
      +
      +3. Changed $host_authenticated to $sender_host_authenticated (oversight).
      +
      +4. Added server_set_id generic option to authenticators and $authenticated_id
      +for accessing it.
      +
      +
      +Version 3.031
      +-------------
      +
      +1. Removed unnecessary #ifdefs from lookups which don't have private header
      +files.
      +
      +2. Added crypteq as a new expansion condition.
      +
      +3. Make it recognise "netbsd" as equivalent to "NetBSD".
      +
      +4. Updated the FSF's address in LICENCE and NOTICE files.
      +
      +5. Code tidies for SMTP input to remove repetition of real and debugging
      +output by using a subroutine.
      +
      +6. Added support for AUTH.
      +
      +7. Source tidies of a lot of unnecessarily complicated calls to
      +string_nextinlist().
      +
      +8. Source tidies in lookup handling.
      +
      +9. Set XLFLAGS empty for IRIX6 as it doesn't seem to need anything.
      +
      +10. Typo in code for decoding quota_
      + +
      +
      $Id: ChangeLog-3.10.html,v 1.3 1999/11/28 21:00:42 nigel Exp $
      + + + diff --git a/config.samples/C001 b/config.samples/C001 new file mode 100644 index 0000000..0adb15d --- /dev/null +++ b/config.samples/C001 @@ -0,0 +1,377 @@ +Date: Thu, 4 Dec 1997 14:16:22 -0800 +From: Stuart Lynne + +This config will support delivery across multiple systems using +NIS to lookup delivery addresses from the mail.aliases database. + +It seems to be working fairly well. I'm including a sample mail.aliases +file. It shows a setup for four different domains. With mail being +delivered to three different systems. + +Mail is delivered to two different types of mailboxes. If you alias +mail to user@machine then it gets delivered to mailbox in /var/mail +as normal. If you alias to user%virtual.domain@machine then it +gets delivered to /var/mail/virtual.domain/user. + +Each of the domains you want to handle should have MX records like: + + IN MX 10 virtual0.fireplug.net + IN MX 10 virtual1.fireplug.net + IN MX 20 relay.fireplug.net + +The two virtualN systems are the ones to use the included config. + + +###################################################################### +# Runtime configuration file for Exim # +###################################################################### + + +# This is a default configuration file which will operate correctly in +# uncomplicated installations. Please see the manual for a complete list +# of all the runtime configuration options. + + +# This file is divided into several parts, all but the last of which are +# terminated by a line containing the word "end". The parts must appear +# in the correct order, and all must be present (even if some of them are +# in fact empty). Blank lines, and lines starting with # are ignored. + + + +###################################################################### +# MAIN CONFIGURATION SETTINGS # +###################################################################### + +# Specify your host's canonical name here. If this option is not set, the +# uname() function is called to obtain the name. +# primary_hostname = + +# Specify the domain you want to be added to all unqualified addresses +# here. If this option is not set, the primary_hostname value is used. +# qualify_domain = + +# If you want unqualified recipient addresses to be qualified with a different +# domain to unqualified sender addresses, specify the recipient domain here. +# If this option is not set, the qualify_domain value is used. +# qualify_recipient = + +# Specify your local domains as a colon-separated list here. If this option +# is not set, the qualify_recipient value is used as the only local domain. +# If you do not want to do any local deliveries, uncomment the following line, +# but do not supply any data for it. +# local_domains = + +# No local deliveries will ever be run under the uids of these users. +never_users = root + +# If you want Exim to support the "percent hack" for all your local domains, +# uncomment the following line. This is the feature by which mail addressed +# to x%y@z (where z is one of your local domains) is locally rerouted to +# x@y and sent on. Otherwise x%y is treated as an ordinary local part. +# percent_hack_domains=* + +# If you are running Exim under its own uid (recommended), then you should +# set up that uid as a trusted user by de-commenting the following and +# changing the name if necessary. + +trusted_users = uucp + +# required to allow customer domains mx'd to here to use us +relay_domains_include_local_mx + +spool_directory = /var/spool/exim +log_file_path = "/var/log/exim/%slog" + + +# rbl configuration +prohibition_message = contact postmaster@fireplug.net for further info +recipients_reject_except = postmaster@fireplug.net +rbl_domains = "rbl.maps.vix.com.:rbl.fireplug.net." + +end + + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +################################### +# 1. These transports are used for local delivery to user mailboxes. + +procmail_pipe: + driver = pipe + from_hack + command = "/usr/bin/procmail -t -o -d ${local_part}" + +mbox_delivery: + driver = appendfile + #maildir_format + #create_directory + file = /var/mail/${domain}/${local_part} + user = mail + group = mail +# mode = 0660 + +################################### +# 2. This transport is used for delivering messages over SMTP connections. +smtp: + driver = smtp + +################################### +# 3. this is for forwarding uucp mail +uux_domain: + driver = pipe + command = "/usr/bin/uux - -r ${domain}!rmail ${local_part}@${domain}" + pipe_as_creator + return_output + +################################### +# 4. Misc transports used internally + +# This transport is used for handling pipe addresses generated by alias +# or .forward files. It has a conventional name, since it is not actually +# mentioned elsewhere in this configuration file. +address_pipe: + driver = pipe + ignore_status + return_output + +# This transport is used for handling file addresses generated by alias +# or .forward files. It has a conventional name, since it is not actually +# mentioned elsewhere in this configuration file. +address_file: + driver = appendfile + +# This transport is used for handling autoreplies generated by the filtering +# option of the forwardfile director. It has a conventional name, since it +# is not actually mentioned elsewhere in this configuration file. +address_reply: + driver = autoreply + +end + + +###################################################################### +# DIRECTORS CONFIGURATION # +###################################################################### + +################################# +# 1. Check for domains aliased to virtual*.fireplug.net + +# if local mx was to virtual.fireplug.net, lookup in NIS mail.aliases, eventually ldap +# partial0 requires fixed exim, allows for per domain wildcard +virtual_fireplug_net: + condition = "${if match{$self_hostname}{virtual..fireplug.net}{$domain}}" + driver = aliasfile + search_type = partial0-nis* + file = mail.aliases + expand + include_domain + +################################# +# 2. Check for domains aliased to uucp.fireplug.net + +# if local mx was to uucp.fireplug.net then forward via uux_domain transport +uucp_fireplug_net: + condition = "${if match{$self_hostname}{uucp.fireplug.net}{$domain}}" + driver = smartuser + transport = uux_domain + + +################################# +# 3. Conventional mail processing, may not be required for fireplug + +system_aliases: + domains = @ + driver = aliasfile + file = /var/etc/aliases + search_type = lsearch + +userforward: + domains = @ + no_verify + driver = forwardfile + file = .forward + +################################# +# 4. Deliver local mailboxes + +local_mbox: + condition = "${if match{$local_part}{.*%.*}{$domain}}" + driver = smartuser + transport = mbox_delivery + new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}" + +# This director matches local user mailboxes. +procmail: + domains = @ + driver = localuser + transport = procmail_pipe + +end + + + +###################################################################### +# ROUTERS CONFIGURATION # +###################################################################### + +################################# +# 1. Check to see if we can get rid of it by sending it to someone lese +# +# This router routes to remote hosts over SMTP using a DNS lookup with default options. +# +# The self option tells exim to continue looking at additional +# routers if the MX for a domain points at the local host. + +lookuphost: + driver = lookuphost + self = fail_soft + transport = smtp + +################################# +# 2. Special cases here - keep to a bare minimum +# +# if domain is nwnet.org && primary_hostname is nero.fireplug.net +nwnet_org: + condition = "${if match{$primary_hostname}{nero.fireplug.net}{$domain}}" + domains = "nwnet.org" + driver = domainlist + transport = smtp + route_list = "* nwnet.nwnet.org" + +# +# End of Special cases here - keep to a bare minimum + +################################# +# 3. We have something that seems to be MX'd to here +# +# by default, anything that is a local MX will get matched here +# This must be set to something reasonable. +# +# Currently we punt to local director's for further processing +self: + driver = lookuphost + self = local + transport = smtp + +################################# +# 4. IP literal - required by RFC's + +# This router routes to remote hosts over SMTP by explicit IP address +# given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs +# require this facility, which is why it is enabled by default in Exim. +literal: + driver = ipliteral + transport = smtp + +end + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### + +# This single retry rule applies to all domains and all errors. It specifies +# retries every 15 minutes for 2 hours, then increasing retry intervals, +# starting at 2 hours and increasing each time by a factor of 1.5, up to 16 +# hours, then retries every 8 hours until 4 days have passed since the first +# failed delivery. + +# Domain Error Retries +# ------ ----- ------- + +* * F,2h,15m; G,16h,2h,1.5; F,4d,8h + +end + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### + +# There are no rewriting specifications in this default configuration file. + +# End of Exim configuration file + + +Sample mail.aliases file: +------------------------- + +# Record Description: /etc/alias record +# Record Explanation: aliasname alias +# Record Example: postmaster user@mydomain.com +# +# +# Wildcard record is entered as: *@domain alias +# +# Special expansion values: +# +# @xxx replace with original localpart +# :FAIL: message will fail as if user did not exist +# :DEFER: message will be held in mail spool +# :DROP: message will be silently dropped +# + + +# System Aliases +# +abuse root +postmaster root + +# Wildcard Aliases +# +* FAIL +*@fireplug.net FAIL +*@galarie.bc.ca $local_part@galarie.com +*@galarie.com FAIL +*@poste.com FAIL + +# Abuse Aliases +# +abuse root +abuse@fireplug.net sl@fireplug.net +abuse@galarie.bc.ca abuse +abuse@galarie.com abuse +abuse@poste.com abuse + +# Postmaster Aliases +# +postmaster root +postmaster@fireplug.net sl@fireplug.net +postmaster@galarie.bc.ca postmaster +postmaster@galarie.com postmaster +postmaster@poste.com postmaster + +# Domain based aliases +# + +# fireplug.net +# +bobe@fireplug.net bobe@webtide.com +info@fireplug.net richard@fireplug.net, sl@fireplug.net +jsavage@fireplug.net jsavage%fireplug.net@wilt.fireplug.net +ken@fireplug.net ken%fireplug.net@wilt.fireplug.net +lsavage@fireplug.net lsavage%fireplug.net@wilt.fireplug.net +msavage@fireplug.net msavage%fireplug.net@wilt.fireplug.net +richard@fireplug.net richard%fireplug.net@nero.fireplug.net +rshand@fireplug.net rshand%fireplug.net@wilt.fireplug.net +sales@fireplug.net richard@fireplug.net +sl@fireplug.net sl@poste.com +ted@fireplug.net ted@nero.fireplug.net +webmaster@fireplug.net richard@fireplug.net +wsavage@fireplug.net wsavage%fireplug.net@wilt.fireplug.net + +# galarie.com +# +galarie@galarie.com galarie%galarie.com@wilt.fireplug.net +test@galarie.com test%galarie.com@wilt.fireplug.net + +# poste.com +# +cl@poste.com cl@whiskey.poste.com +donna@poste.com donna@whiskey.poste.com +rl@poste.com rl@whiskey.poste.com +sl@poste.com sl@nero.fireplug.net diff --git a/config.samples/C002 b/config.samples/C002 new file mode 100644 index 0000000..8564f95 --- /dev/null +++ b/config.samples/C002 @@ -0,0 +1,67 @@ +Date: Wed, 14 Jan 1998 15:07:22 +0200 +From: Vladimir Litovka + + Although exim not intended for use in UUCP environment (it doesn't know +anything about bang!path addresses), I'm successfully using it for delivering +mail to UUCP clients. For this purposes I'm using two rewrite rules: + +#--------------------- REWRITE CONFIGURATION ------------------------# + +# system!system.domain.net!user +^([^!]+)!((\w+)(\.\w+)+)!(.*)@your\.domain \ + "${if eq {$1}{$3}{$5@$2}{$2!$5@$1}}" Tbcrtq + +# system*!user +^([^!]+)!(.*)@your\.domain $2@$1 Tbcrtq + +#--------------------------------------------------------------------# + +The first rule check + if destination address in form: + uuname!system.some.domain!user + and + uuname == system + it rewrites address to user@system.some.domain + else it rewrites it to system.some.domain!user@uuname + and QUIT. + +The second rule check + if destination address in form: + uuname1!uuname2!FQDN!...!uunameN!user + it rewrites it to + uuname2!FQDN!...!uunameN!user@uuname1 + and QUIT. + +For successfully delivering mail to uucp domain you must create such +transport: + +#-------------------------------------------------------------------# +uux: + driver = pipe; + command = "/usr/bin/uux - -r $host!rmail ($local_part@$domain)", + path = "/usr/local/bin:/usr/bin:/bin", + return_fail_output, + user = uucp, +#-------------------------------------------------------------------# + +and such router: + +#-------------------------------------------------------------------# +force_uucp: + driver = domainlist; + route_file = /etc/exim/maps/force.uucp, + search_type = partial-lsearch, +#-------------------------------------------------------------------# + +and use something similar to this force.uucp: + +# Domain Relay Options +# ------ ----- ------- +system1 system1 uux +system1.domain system1 uux +# +system2 system2 uux +system2.domain system2 uux + +(!) Note, that you need unqualified names (system1, system2) because +second rewrite rule don't do qualification (it known nothing about this). diff --git a/config.samples/C003 b/config.samples/C003 new file mode 100644 index 0000000..6b314ee --- /dev/null +++ b/config.samples/C003 @@ -0,0 +1,62 @@ +Date: Thu, 23 Jul 1998 01:02:29 -0500 (CDT) +From: "Steven A. Reisman" + +I've read down through Q0601 and your request for UUCP examples. +Here's how I'm doing it: + + # route via UUCP + + uucp_routing_rmail: + transport = uucp_rmail + driver = domainlist + route_file = /etc/exim/uucp_rmail + search_type = dbm + + uucp_routing_rsmtp: + transport = uucp_rsmtp + driver = domainlist + route_file = /etc/exim/uucp_rsmtp + search_type = dbm + + + # This transport delivers via UUCP-rmail + + uucp_rmail: + driver = pipe + user = nobody + command = "/usr/bin/uux --stdin --nouucico --requestor \ + '${if eq {$sender_address}{}{mailer-daemon}{$sender_address}}' \ + $host!rmail $pipe_addresses" + return_fail_output=true + no_retry_use_local_part + + + # This transport delivers via UUCP-rsmtp + + uucp_rsmtp: + driver = pipe + batch = domain + bsmtp = domain + user = nobody + command = "/usr/bin/uux --stdin --nouucico --requestor \ + '${if eq {$sender_address}{}{mailer-daemon}{$sender_address}}' \ + $host!rsmtp" + prefix = "" + suffix = "" + return_fail_output=true + no_retry_use_local_part + + +Files /etc/exim/uucp_rmail and /etc/exim/uucp_rsmtp are of the form: + + domain1.com: alpha + domain2.com: beta + domain3.com: gamma + +where alpha, beta, and gamma are UUCP neighbors. + + +For example, our mail server, hermes, uses UUCP to transport email to my +laptop, ulysses. Ulysses can poll hermes on TCP port 520 from anywhere +on the net. This is independent of ulysses's IP address, and there's +no messing with SMTP/ETRN. diff --git a/config.samples/C004 b/config.samples/C004 new file mode 100644 index 0000000..20378e9 --- /dev/null +++ b/config.samples/C004 @@ -0,0 +1,55 @@ +From: Nigel Metheringham +Date: Tue, 21 Jul 1998 13:41:42 +0100 + +Here's a BSMTP over UUCP - the transport is Taylor/GNU UUCP - which takes +the long option types. The requestor bit needs a fudge for bounce mail to +be handled correctly - a null requestor causes the uux client to write an +invalid request file. The UUCP sys file is set to map their domain to the +appropriate machine to call. + +#===================================================================== +# +# uucp transport +# ~~~~~~~~~~~~~~ +# + +uucp: + driver = pipe + batch = domain + bsmtp = domain + command = "/usr/bin/uux --stdin --nouucico --requestor \ + '${if eq{$sender_address}{}{mailer-daemon}{$sender_address}}' \ + $domain!rsmtp" + log_output + prefix = "" + suffix = "" + no_retry_use_local_part + return_fail_output + user = exim + +#### +#### and the related director (note that all these domains are handled as +#### local by exim). +#### +uucp_router: + domains = UUCP_DOMAINS + driver = smartuser + transport = uucp + no_panic_expansion_fail + new_address = "${quote:$local_part}@$domain" + + +#### +#### and at the top of the config are:- +#### +EXICONF_DIR = /var/exim +UUCP_DOMDB = EXICONF_DIR/main/uucp_domains.cdb +UUCP_DOMAINS = cdb;UUCP_DOMDB + +local_domains = ....:UUCP_DOMAINS:... + +######################################### + +uucp_domains.dat -> uucp_domains.cdb +Contains list of destination dbs in a standard exim form (ie one per line +to be fed to exim_dbmbuild) diff --git a/config.samples/C005 b/config.samples/C005 new file mode 100644 index 0000000..bc8af28 --- /dev/null +++ b/config.samples/C005 @@ -0,0 +1,85 @@ +From: Marc.Haber-lists@gmx.de (Marc Haber) +Date: Sat, 01 Aug 1998 13:05:12 GMT + +I am using a virus scanner program that is invoked by a pipe, scans the mail +and re-invokes Exim to do the delivery. The pipe is invoking a perl script that +tries to unpack and MIME, zip and other archives and then applies the McAfee +scanner on the results. + +The Exim configuration to handle this was created by Sven Paulus +. The relevant bits are shown below. The virus scanner scans +the mail and re-delivers it with + + exim -oMr scanned-ok + +to stop the mail from being scanned a second time. There was a bug in Exim +prior to release 2.00 that stopped this working. + + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### +# ORDER DOES NOT MATTER # +# Only one appropriate transport is called for each delivery. # +###################################################################### + +virscan: + driver = pipe + bsmtp = all + batch_max = 32767 + bsmtp_helo = true + command = "/usr/local/virscan/bin/scanmail \ + $sender_host_address /var/log/exim_virscan 1" + current_directory = "/tmp" + from_hack = false + freeze_exec_fail = false + group = virscan + ignore_status = false + log_defer_output = false + log_fail_output = false + log_output = true + prefix = + return_output = false + return_path_add = false + timeout = 6h + umask = 022 + use_shell = false + user = virscan + + +###################################################################### +# DIRECTORS CONFIGURATION # +# Specifies how local addresses are handled # +###################################################################### +# ORDER DOES MATTER # +# A local address is passed to each in turn until it is accepted. # +###################################################################### + +# Follows system_aliases and userforward directors, but precedes localuser. + +vircheck: + condition = "${if or {{eq {$received_protocol}{no-attachment}} \ + {eq {$received_protocol}{local-not-scanned}} \ + {eq {$received_protocol}{scanned-ok}} \ + {match {$sender_host_address}{^192\.168\.10\.}}} \ + {0}{1}}" + driver = localuser + transport = virscan + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how remote addresses are handled # +###################################################################### +# ORDER DOES MATTER # +# A remote address is passed to each in turn until it is accepted. # +###################################################################### + +# The first router routes everything to the scanner unless the message +# has previously been scanned. + +vircheck: + condition = "${if eq {$received_protocol}{scanned-ok} {0}{1}}" + driver = domainlist + route_list = "*" + transport = virscan diff --git a/config.samples/C006 b/config.samples/C006 new file mode 100644 index 0000000..02c78c0 --- /dev/null +++ b/config.samples/C006 @@ -0,0 +1,40 @@ +From: Kind@edb.uib.no +Date: Sun, 2 Aug 1998 15:24:05 +0200 + +This is how I have configured a PP-inspired vacationnote, there is (was?) +such a feature in PP. The user makes a file "tripnote" in his/her +homedirectory, the message is passed to the sender once with a short +leading text. + +############ +# TRANSPORT +vacation_reply: + driver = autoreply + file = ${home}/tripnote + file_expand + log = ${home}/tripnote.log + once = ${home}/tripnote.db + from = vacation@yourdomain.org + to = $sender_address + subject = "Re: $h_subject" + text = "\ + Dear $h_from\n\n\ + This is an automatic reply. Feel free to send additional\n\ + mail, as only this one notice will be generated. The following\n\ + is a prerecorded message, sent for ${local_part}@yourdomain.org:\n\ + ====================================================\n\n\ + " + +# DIRECTOR +user_vacation: + driver = localuser + require_files = ${local_part}:${home}/tripnote + no_verify + except_senders = "^.*-request@.*:^owner-.*@.*:^postmaster@.*:\ + ^listmaster@.*:^mailer-daemon@.*" + transport = vacation_reply + unseen + +localuser: + driver = localuser + transport = local_delivery diff --git a/config.samples/C007 b/config.samples/C007 new file mode 100644 index 0000000..42c852b --- /dev/null +++ b/config.samples/C007 @@ -0,0 +1,27 @@ +Date: Thu, 6 Aug 1998 16:01:25 -0400 +From: Peter Radcliffe + +If I host a domain foo.dom on my machine as a virtual domain I expect it +to be completely virtual and seperate from other mail domains that end +up on my machine. pir@foo.dom may or may not be me ... + +I have separate aliasfiles per domain (because its faster and more +suitable to my application) and use: + +# I move this config between different db implementations that either do +# or don't expect the .db extension. +DBEXT = .db +#DBEXT = + +local_domains = "....:dbm;/usr/local/etc/exim/dbm/virtualDBEXT:..." + +As the first director: + +# deal with virtual domains. +virtual: + driver = aliasfile + domains = dbm;/usr/local/etc/exim/dbm/virtualDBEXT + no_more + rewrite = false + file = /usr/local/etc/exim/domains/${lc:${length_1:${domain}}/${domain}}DBEXT + search_type = dbm* diff --git a/config.samples/C008 b/config.samples/C008 new file mode 100644 index 0000000..7be8cd0 --- /dev/null +++ b/config.samples/C008 @@ -0,0 +1,147 @@ +Date: Thu, 6 Aug 1998 16:51:07 -0700 +From: Stuart Lynne + +And of course it is possible to do a very interesting solution to +this [virtual domains] using LDAP. + +Selected portions of my configuration using LDAP: + + # Routers entries + + # ensure we don't attempt delivery unless MX points to this host + lookuphost: + driver = lookuphost + self = fail_soft + transport = smtp + + # punt to director if MX points to this host + self: + driver = lookuphost + self = local + transport = smtp + + # Director entries + + # lookup virtual users in directory IFF MX matches "virtual..fireplug.net" + virtual_fireplug_net_aliasfile_ldap: + condition = "${if match{$self_hostname}{virtual..fireplug.net}{$domain}}" + driver = aliasfile + search_type = ldap + expand + errors_to = sl@whiskey.poste.com + queries = "ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=$local_part@$domain)(ou=accounts)):\ + ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=\\\\2a@$domain)(ou=accounts))" + + # specify vacation processing IFF prefix of address is "vacation-" + vacation_prefix: + condition = "${if match{$local_part}{.*%.*}{$domain}}" + driver = smartuser + prefix = "vacation-" + transport = vacation_delivery + new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}" + + # specify delivery to pop mailbox IFF prefix of address is "pop-" + pop_prefix: + condition = "${if match{$local_part}{.*%.*}{$domain}}" + prefix = "pop-" + driver = smartuser + transport = pop_delivery + new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}" + + # specify delivery to imap mailbox IFF prefix of address is "imap-" + imap_prefix: + condition = "${if match{$local_part}{.*%.*}{$domain}}" + prefix = "imap-" + driver = smartuser + transport = imap_delivery + new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}" + + + # Transport entries + + # perform delivery to pop mailbox + pop_delivery: + driver = appendfile + #create_directory + from_hack + file = /var/mail/${domain}/${lc:$local_part} + user = mail + group = mail + + # perform delivery to imap mailbox + imap_delivery: + driver = appendfile + no_from_hack + prefix = "" + suffix = "" + maildir_format + create_directory + directory = "/var/imap/${domain}/${length_2:${lc:$local_part}}/${lc:$local_part}/INBOX" + user = mail + group = mail + + # perform vacation processing + vacation_delivery: + driver = autoreply + file = /etc/exim/vacation-msg.txt + file_optional + user = mail + group = mail + to = $sender_address + subject = "Autoreply: Vacation message for ${local_part}@${domain}" + headers = "Mime-Version: 1.0\nContent-Type: multipart/mixed; boundary=\"m1Stw9KgbdL9/HM9\"" + text = "--m1Stw9KgbdL9/HM9\nContent-Type: text/plain; charset=us-ascii\n\ + Content-Disposition: attachment; filename=\"${local_part}@${domain} vacation message\"\n\ + \n\n${expand:${lookup ldap\ + {ldap://src.fireplug.net/?mailAutoReplyText?sub?(&(mail=${local_part}@${domain})(ou=accounts))}{$value}{}}}\n\ + \n--\n${local_part}@${domain}\n\n" + log = "/var/mail/${domain}/${local_part}_vlog" + once = "/var/mail/${domain}/${local_part}_vdb" + + +To use this we have LDAP entries for each user that look something like: + + bjectclass: top + objectclass: account + objectclass: mailRecipient + objectclass: fireMessagingUser + objectclass: person + objectclass: organizationalPerson + objectclass: inetorgPerson + objectclass: fireNewsAccess + uid: richard@big-cats.com + mail: richard@big-cats.com + mailforwardingaddress: richard@poste.com + mailforwardingaddress: vacation-richard%fireplug.net@popserver.fireplug.net + mailforwardingaddress: richard%fireplug.net@popserver.fireplug.net + userpassword: abcedfg + cn: richard + sn: richard + mailautoreplytext: I'm on vacation + +The exim ldap lookup simply finds the entry based on the mail attribute +and returns the mailforwardingaddress attribute value. + +This can take several forms and is multi-valued. For example: + + richard@poste.com + deliver somewhere else, in this case to another + address on another server + + pop-richard%big-cats.com@popserver.fireplug.net + deliver into pop mailbox in virtual host directory + for big-cats.com on server popserver.fireplug.net + + vacation-richard%big-cats.com@popserver.fireplug.net + perform vacation processing for user + +This setup has the interesting property that we can setup multiple +mailbox servers with identical configuration files that will all +deliver mail to mailboxes they are told to deliver to or will forward +to the correct server for the mailbox. All of the interesting +information about where to deliver mail for a user is in the LDAP +server database. + +In other words, not only can a single host act as a server for +multiple virtual domains, but all of the virtual domains can have +mailboxes spread across a number of physical servers. diff --git a/config.samples/C009 b/config.samples/C009 new file mode 100644 index 0000000..836b26c --- /dev/null +++ b/config.samples/C009 @@ -0,0 +1,44 @@ +Date: 6 Oct 1998 +From: Philip Hazel + +These are suggested parts of a configuration for looking up users in +/etc/passwd.domain rather than in /etc/passwd, with a separate alias file for +each domain as well. Delivery takes place into a mailbox within a per-domain +directory, though a different transport could of course be substituted. The +delivery process is run as user exim, group mail. The list of domains is kept +in /etc/customer/domains. + +# Transport: Place this in the "transports" section of the configuration. + +virtual_localdelivery: + driver = appendfile + file = /var/spool/mail/${domain}/${local_part} + user = exim + group = mail + mode = 660 + +# Directors: Place these two directors in the "directors" section of the +# configuration. DO NOT put them immediately after the transport driver +# just defined - that's the wrong part of the configuration file. + +# This director handles aliases. Because it has no transport setting, it +# just expands local parts that it recognizes into new addresses. + +virtual_alias: + driver = aliasfile + domains = lsearch;/etc/customer/domains + file = /etc/customer/${domain}.aliases + search_type = lsearch + qualify_preserve_domain + +# This director checks local parts. It *does* have a transport setting, so +# if it finds a local part in the file, the message is directed to that +# transport. The data following the local part in the file is not used. + +virtual_localuser: + driver = aliasfile + transport = virtual_localdelivery + domains = lsearch;/etc/customer/domains + file = /etc/passwd.$domain + search_type = lsearch + no_more diff --git a/config.samples/C010 b/config.samples/C010 new file mode 100644 index 0000000..a53407e --- /dev/null +++ b/config.samples/C010 @@ -0,0 +1,119 @@ +Date: Tue, 22 Sep 1998 23:21:58 -0400 +From: Peter Radcliffe + +Philip Hazel probably said: +> On Fri, 18 Sep 1998, Tabor J. Wells wrote: +> > One of our customers is looking for us to support addresses of the form +> > username+extension@domain.com, primarily for use with procmail. + +> Look up the "prefix" and "suffix" options of directors. A smartuser +> director with options along the lines of +> +> suffix = +extension +> new_address = some kind of lookup to get the rewrite, and then +> manipulation involving the use of $local_part_suffix +> to put the extension back. Depending on your lookup, +> could be messy... + +Thats what I was doing before I saw this ;) +If this isn't clear and you want an explanation, ask ... + +Note to Tabor: I added qualify_preserve_domain to the virtual director. +This is not what you have now and will break things, you'll have to remove +it and alter the virtual suffix as it says. + +# macros + +EBASE = /usr/local/etc/exim +DSUFFIX = - +# DSUFFIX = + +DBEXT = .db +#DBEXT = + +## transports + +# delivery by procmail, local users with .procmailrc files only +procmail_pipe: + driver = pipe + delivery_date_add = true + envelope_to_add = true + return_path_add = true + path = "/usr/local/bin:/usr/bin" + command = "procmail -a ${substr_1:${local_part_suffix}} -d ${local_part}" + from_hack + user = ${local_part} + + +## directors + +# deal with virtual domains - just for virtual domains, look them up +virtual: + driver = aliasfile + domains = dbm;EBASE/dbm/virtualDBEXT + file = EBASE/domains/${lc:${length_1:${domain}}/${domain}}DBEXT + search_type = dbm* + forbid_file + forbid_pipe + qualify_preserve_domain + + +# if the virtual domain has no postmaster or root alias, throw them at +# the default domain +virtualpostmaster: + driver = smartuser + domains = dbm;EBASE/dbm/virtualDBEXT + local_parts = "postmaster:root" + new_address = ${local_part}@${qualify_recipient} + + +# and if there is a -something suffix, send it to the right place +virtualsuffix: + driver = smartuser + domains = dbm;EBASE/dbm/virtualDBEXT + no_more + suffix = DSUFFIX* +# if you want this to not do qualify_preserve_domain replace ' {$domain} ' +# with ' {$qualify_recipient} ' in the 7th line. + new_address = "\ + ${lookup{$local_part} dbm \ + {EBASE/domains/${lc:${length_1:${domain}}/${domain}}DBEXT} \ + {\ + ${if !match {$value}{^:(defer|fail|blackhole|include):} \ + {${local_part:$value}${local_part_suffix}@\ + ${if eq {${domain:$value}} {} {$domain} {${domain:$value}}}}\ + fail}\ + }\ + fail}" + +. +. +. + +userforward: + driver = forwardfile + no_verify + check_ancestor + file = .forward${local_part_suffix} + filter + suffix = DSUFFIX* + suffix_optional + + +# Use procmail only if a ~/.procmailrc file exists, and procmail exists. +# If sending to a username-suffix and $HOME/.forward-suffix exists, +# its valid. +procmail: + driver = localuser + transport = procmail_pipe + require_files = "${local_part}:${home}/.procmailrc:+/usr/local/bin/procmail" + suffix = DSUFFIX* + suffix_optional + +# I realised that this might pass things to procmail when you have a .forward +# file and expect it not to happen (if .forward and .procmailrc exist user-foo +# will still get passed to procmail). +# To stop this you can change the above to use: + + require_files = "${local_part}:${home}/.procmailrc:+/usr/local/bin/procmail\ + :!${home}/.forward" + diff --git a/config.samples/C011 b/config.samples/C011 new file mode 100644 index 0000000..eb6eafa --- /dev/null +++ b/config.samples/C011 @@ -0,0 +1,135 @@ +Date: Thu, 26 Nov 1998 09:39:52 +0000 +From: David M Walker + +Thanks to Philip and others I now have my ISP style config built and +therefore am posting the final configuration fragments to the list in +case anyone else wants to do a similar thing + +###################################################################### + +# This configuration fragment is for use with an ISP type solution +# Each client has their own directory that contains their own +# editable passwd, alias etc type files. Furthemore if they create +# a local user then that user can also have a a .forward file and/or +# a .autoreply file. +# +# Files and Directories +# Password file for a domain +# /clients/${domain}/etc/passwd +# Alias file for a domain +# /clients/${domain}/etc/aliases +# Directory where users mail for a domain is stored +# /clients/${domain}/mail/ +# Location of file with a list of domains +# /clients/utils/data/domains + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +# This transport is used for local delivery to user mailboxes. + +virtual_localdelivery: + driver = appendfile + file = /clients/${domain}/mail/${local_part} + user = ${lookup{$local_part}lsearch{/etc/passwd}{$value}{exim}} + group = mail + mode = 0660 + +# This transport is used to handly autoreplys + +auto_transport: + driver = autoreply + from = $local_part@$domain + to = $sender_address + subject = "Reply re: $header_subject:" + file = +"${extract{5}{:}{${expand:${lookup{$local_part}lsearch{/clients/${domain}/etc/passwd}{$value}}}}}/.autoreply" + user = exim + +# This transport is used for handling pipe addresses generated by alias +# or .forward files. + +address_pipe: + driver = pipe + return_output + +# This transport is used for handling file addresses generated by alias +# or .forward files. + +address_file: + driver = appendfile + +# This transport is used for handling file addresses generated by alias +# or .forward files if the path ends in "/". + +address_directory: + driver = appendfile + no_from_hack + prefix = "" + suffix = "" + +# This transport is used for handling autoreplies generated by the +filtering +# option of the forwardfile director. + +address_reply: + driver = autoreply + +# This transport is used for delivering messages over SMTP connections. + +remote_smtp: + driver = smtp + command_timeout = 1m, + connect_timeout = 10s + +end + +###################################################################### +# DIRECTORS CONFIGURATION # +###################################################################### + +# Handles .autoreply files + +auto_director: + driver = smartuser + transport = auto_transport + require_files = +root:${extract{5}{:}{${expand:${lookup{$local_part}lsearch{/clients/${domain}/etc/passwd}{$value}}}}}/.autoreply + condition = ${if eq{$sender_address}{}{no}{yes}} + unseen + +# Handles any .forward files + +userforward: + driver = forwardfile + check_local_user = false + #file_directory = +"${extract{5}{:}{${expand:${lookup{$local_part}lsearch{/clients/${domain}/etc/passwd}{$value}}}}}" + #file = .forward + file = +"${extract{5}{:}{${expand:${lookup{$local_part}lsearch{/clients/${domain}/etc/passwd}{$value}}}}}/.forward" + user = root + no_verify + check_ancestor + filter + +# This director matches local user mailboxes. + +virtual_localuser: + driver = aliasfile + transport = virtual_localdelivery + domains = lsearch;/clients/utils/data/domains + file = /clients/${domain}/etc/passwd + search_type = lsearch + +# This director matches anything in the aliases + +virtual_alias: + driver = aliasfile + domains = lsearch;/clients/utils/data/domains + file = /clients/${domain}/etc/aliases + search_type = lsearch* + qualify_preserve_domain + +end diff --git a/config.samples/C012 b/config.samples/C012 new file mode 100644 index 0000000..70c9cfb --- /dev/null +++ b/config.samples/C012 @@ -0,0 +1,89 @@ +Date: Thu, 05 Nov 1998 00:19:46 +0100 +From: David Frey + +I've written a small chapter how-to configure exim for use with UUCP +(mostly condensed from the exim-user mailing list plus some experimenting) +and would be glad if it could be included in the exim documentation. + +--------------------------------------------------------------------------8<--- +\input texinfo @c -*- texinfo -*- +@c $Id: C012,v 1.2 2000/01/09 21:33:19 nigel Exp $ + +@c %** start of header +@setfilename exim-uucp.info +@settitle Exim and @sc{uucp} +@c %** end of header + +@iftex +@afourpaper +@end iftex + +@section Exim and @sc{uucp} + +Configuring exim for use with @sc{uucp} is a bit of manual work, since exim +wasn't written with @sc{uucp} in mind. + +This guide assumes that you use @emph{Internet-addressing} --- i.e. both +sides use Taylor-@sc{uucp} --- or 1-level deep Bang-paths (the Bang-Path level +has to be finite to make address-rewriting feasible). What you have to do is +the following: + +@enumerate +@item +add a new transports definition +@item +add a new router +@end enumerate + +@subsection Transports + +The @emph{transports} does the work: it passes the mail to @sc{uucp}. +This is the place to do bang-path-conversions and similar things +(when using Taylor-@sc{uucp}, as my provider does, the Internet-address +is simply passed to rmail). + +@example +uucp_pipe: + driver = pipe + batch = all + command = "uux - -a\"$sender_address\" -r $host\!rmail $pipe_addresses" + delivery_date_add = true + pipe_as_creator + restrict_to_path + path = "/usr/bin:/bin" + return_output +@end example + +If you wanted to use bang-paths, you'd use something as (untested): +@example +@dots{} + command = "uux - -a$sender_address -r $host\!rmail ($domain\!$local_part)" +@dots{} +@end example + +@subsection Router + +The @emph{router} tells exim that a @sc{uucp}-route is available: + +@example +uucp: + driver = domainlist + transport = uucp_pipe + route_list = "* neighbor byname" +@end example + +@var{neighbor} is the upstream @sc{uucp}-neighbor; all outgoing traffic +is routed over there (leaf node configuration). + +@subsection Other + +In order to omit the @code{Sender: uucp} line, add @var{uucp} to the +trusted users: + +@example +trusted_users = mail:uucp +trusted_groups = uucp +@end example + +@bye +--------------------------------------------------------------------------8<--- diff --git a/config.samples/C013 b/config.samples/C013 new file mode 100644 index 0000000..7f9facb --- /dev/null +++ b/config.samples/C013 @@ -0,0 +1,59 @@ +Date: Mon, 26 Oct 1998 15:14:04 -0500 +From: Mario Dupuis + +I've take some tips from the FAQ about permitting only certain users +to send to external mail and came up with my own for the receiving part. + +[I have modified this to cope with the case of a null sender. PH] + +# +# Transports +# +reject_remote_user: + driver = autoreply + file = /etc/exim/err_messages/reject_remote_user.txt + file_expand + user = exim + group = exim + from = postmaster@${domain} + to = $sender_address + subject = "Re: Your mail to ${local_part}@${domain}" + +# +# Directors +# +localuser: + driver = localuser + transport = local_delivery + condition = "${if eq{$sender_address}{}{yes}\ + {${lookup{$sender_address_domain}lsearch{/exim/perm/domains}{yes}}}}" + +localuser_from_external: + driver = localuser + transport = local_delivery + condition ="${lookup{$local_part}lsearch{/exim/permitted/receivers}{yes}}" + +localuser_from_external_bounce: + driver = smartuser + transport = reject_remote_user + no_verify + unseen + +# +# Routers +# +internal_delivery: + driver = domainlist + route_list = "*our_domain.com $domain bydns_mx;\ + *our_friend.com $domain bydns_mx;\ + transport = remote_smtp + +external_delivery: + driver = domainlist + route_list = "* internet-gateway.com bydns_a" + transport = remote_smtp + require_files = /etc/exim/permitted/senders + senders = ":\ + ^[^@]+@(?!${rxquote:our_domain.com}\\$):\ + lsearch;/etc/exim/permitted/senders" + diff --git a/config.samples/C014 b/config.samples/C014 new file mode 100644 index 0000000..585d5b4 --- /dev/null +++ b/config.samples/C014 @@ -0,0 +1,53 @@ +From: Nigel Metheringham +Date: Wed, 23 Dec 1998 09:30:11 +0000 + +If I have a situation where a site I MX for has a known outage I stash all +their mail into a directory in BSMTP format. This is how I do it - +another way would be to use a router rather than a director to do this.... + + EXICONF_DIR = /var/exim + HELD_DOMDB = EXICONF_DIR/held_domains.cdb + HELD_DOMAINS = cdb;HELD_DOMDB + LOCAL_DOMAINS = ...:HELD_DOMAINS:... + local_domains = LOCAL_DOMAINS + + # + # held_domain transport + # ~~~~~~~~~~~~~~~~~~~~~ + # + # This is a transport used to stash held mail into. + # Its basically a BSMTP maildir setup. + + held_domain: + driver = appendfile + directory = /var/spool/mail/held_domains/${lc:$domain} + maildir_format + user = exim + group = exim + mode = 0640 + create_directory + bsmtp = domain + prefix = "" + suffix = "" + no_from_hack + +.... + + # + # held_domains director + # ~~~~~~~~~~~~~~~~~~~~~ + # + # Handles domains that are broken in some way so we hold mail + # for them in a bsmtp mail queue + # + held_domains: + domains = "HELD_DOMAINS" + driver = smartuser + transport = held_domain + +When the outage is over I then knock the entry out of the held domains +cdb, and then cat all the BSMTP files into exim -bS (probably with a few +extra options to make it route and queue them). + +This keeps our queues manageable and prevents piles of extra delay messages +being sent out. diff --git a/config.samples/C015 b/config.samples/C015 new file mode 100644 index 0000000..80fbcc9 --- /dev/null +++ b/config.samples/C015 @@ -0,0 +1,68 @@ +From: Andromeda +Date: Sun, 15 Nov 1998 23:24:05 +0200 + +This approach to virtual domains has helped me a great deal, and is so easy +to maintain (add and modify as appropriate): + +Under the main configuration settings (in your configure file): + +local_domains = "domain1.com:mydomain.com:\ + lsearch;/usr/exim/aliases/domains" + +Under transports: + +local_delivery: + driver = appendfile + file = /var/spool/mail/${local_part} + +Under the directors settings: + +system_aliases: + except_domains = "lsearch;/usr/exim/aliases/domains" + driver = aliasfile + file = /etc/aliases + search_type = lsearch + +userforward: + except_domains = "lsearch;/usr/exim/aliases/domains" + no_verify + driver = forwardfile + file = .forward + +localuser: + except_domains = "lsearch;/usr/exim/aliases/domains" + driver = localuser + transport = local_delivery + +virtual: + domains = "lsearch;/usr/exim/aliases/domains" + driver = aliasfile + no_more + file = /usr/exim/aliases/$domain-aliases + search_type = lsearch + +Voila. Done. This requires the following files from you: + +1. domains (contains the domains that you do virtual hosting for. Its format is +as follows: + +domain1.com +domain2.com +. +. +etc. + +2. domain1.com-aliases (contains the addresses in domain1.com that you want +to redirect). The format is as follows: + +bob: bob@ibm.net +adam: adam@otherdomain.com +. +. +etc. + +/usr/exim/aliases/ is my directory where I store those files to make it +easier for administration. + +This way it works just fine, and mail to non-existent aliases gets bounced. +You can check whether selecting *: allows you to do a catch-all. diff --git a/config.samples/C016 b/config.samples/C016 new file mode 100644 index 0000000..ae3c182 --- /dev/null +++ b/config.samples/C016 @@ -0,0 +1,264 @@ +From: Andromeda +Date: Sun, 15 Nov 1998 23:24:10 +0200 + +Herewith my configuration: + +###################################################################### +# Runtime configuration file for Exim # +###################################################################### + + +# This is a default configuration file which will operate correctly in +# uncomplicated installations. Please see the manual for a complete list +# of all the runtime configuration options. + + +# This file is divided into several parts, all but the last of which are +# terminated by a line containing the word "end". The parts must appear +# in the correct order, and all must be present (even if some of them are +# in fact empty). Blank lines, and lines starting with # are ignored. + +deliver_load_max = 5.0 +return_size_limit = 10k +auto_thaw = 2h +message_filter_user = exim +exim_user = exim +exim_path = /usr/exim/bin/exim + +# Let's fix this gecos thing -- Siviwe (28/06/97) +gecos_pattern="([^,]*)" +gecos_name=$1 + +# implement complete sender and recipient verification, including fixups. + +sender_verify +sender_verify_reject +sender_verify_fixup +receiver_verify + +# allow IP addresses to connect + +log_ip_options +no_refuse_ip_options + +# implement some anti-spam (RBL) - Andromeda 27/02/98 + +rbl_domains = rbl.maps.vix.com +rbl_reject_recipients + +# implement virtual domain mail relay - Andromeda 6/10/98 + +sender_address_relay = "partial-lsearch;/usr/exim/local/localdomains" + +# implement customised SMTP welcome banner - Andromeda 10/11/98 + +smtp_banner = "Welcome! This system does not accept Unsolicited \ + Commercial Email and will\nblacklist offenders through RBL and our \ + internal list. Have a nice day!\n\n${primary_hostname} ESMTP Exim \ + ${version_number} ${tod_full}" + +# implement sender blacklisting using rejection lists - Andromeda 11/11/98 +# also implement a feedback mechanism for un-blacklisting + +sender_reject_recipients = "@@lsearch;/usr/exim/local/blacklist" +recipients_reject_except = "@@lsearch;/usr/exim/local/blacklist-except" + +sender_host_reject_recipients = "+allow_unknown: \ + lsearch;/usr/exim/local/hosts-blacklist" + +# future implementations for specific spamming hosts and nets +# +#sender_host_reject_except = "/usr/exim/local/hosts-except" +#sender_net_reject_except = /usr/exim/local/nets-except +# + +# implement customised SMTP error rejection messages + +prohibition_message = +"$prohibition_reason|${lookup{$prohibition_reason}lsearch\ + {/usr/exim/reject.messages}{$value}}" + +###################################################################### +# MAIN CONFIGURATION SETTINGS # +###################################################################### + +# Specify your host's canonical name here. If this option is not set, the +# uname() function is called to obtain the name. + +# primary_hostname = + +# Specify the domain you want to be added to all unqualified addresses +# here. If this option is not set, the primary_hostname value is used. +qualify_domain = eons.net + +# If you want unqualified recipient addresses to be qualified with a different +# domain to unqualified sender addresses, specify the recipient domain here. +# If this option is not set, the qualify_domain value is used. + +# qualify_recipient = + +# Specify your local domains as a colon-separated list here. If this option +# is not set, the qualify_recipient value is used as the only local domain. +# If you do not want to do any local deliveries, uncomment the following line, +# but do not supply any data for it. + +local_domains = "eons.net:fusion.eons.net:mail.eons.net:\ + lsearch;/usr/exim/aliases/domains" + +# No local deliveries will ever be run under the uids of these users. + +#never_users = root + +# If you are running Exim under its own uid (recommended), then you should +# set up that uid as a trusted user by de-commenting the following and +# changing the name if necessary. + +trusted_users = exim:majordom + +end + + + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +# This transport is used for local delivery to user mailboxes. + +local_delivery: + driver = appendfile; + file = /var/spool/mail/${local_part} + +# This transport is used for handling pipe addresses generated by alias +# or .forward files. It has a conventional name, since it is not actually +# mentioned elsewhere in this configuration file. + +address_pipe: + driver = pipe; + ignore_status, + user = majordom, + return_output + +# This transport is used for handling file addresses generated by alias +# or .forward files. It has a conventional name, since it is not actually +# mentioned elsewhere in this configuration file. + +address_file: + driver = appendfile; + user = majordom + +# This transport is used for handling autoreplies generated by the filtering +# option of the forwardfile director. It has a conventional name, since it +# is not actually mentioned elsewhere in this configuration file. + +address_reply: + driver = autoreply + +# This transport is used for delivering messages over SMTP connections. + +smtp: + driver = smtp; + +end + + + +###################################################################### +# DIRECTORS CONFIGURATION # +###################################################################### + +# This director handles aliasing using a traditional /etc/aliases file. + +system_aliases: + except_domains = "lsearch;/usr/exim/aliases/domains" + driver = aliasfile; + file = /etc/aliases, + search_type = lsearch + +# This director handles forwarding using traditional .forward files. +# If you want it also to allow mail filtering when a forward file +# starts with the string "# Exim filter", uncomment the "filter" option. +# Note the except_domains part - needed for the virtual hosts... + +userforward: + except_domains = "lsearch;/usr/exim/aliases/domains" + no_verify, + driver = forwardfile; + file = .forward, +# filter + +# This director matches local user mailboxes. + +localuser: + except_domains = "lsearch;/usr/exim/aliases/domains" + driver = localuser, + transport = local_delivery; + +# This director matches local virtual hosts + +virtual: + domains = "lsearch;/usr/exim/aliases/domains", + driver = aliasfile, + no_more; + file = /usr/exim/aliases/$domain-aliases, + search_type = lsearch + +end + + + +###################################################################### +# ROUTERS CONFIGURATION # +###################################################################### + +#route_append: +# driver = domainlist, +# transport = smtp; +# + +# This router routes to remote hosts over SMTP using a DNS lookup with +# default options. + +lookuphost: + driver = lookuphost, + transport = smtp; + +# This router routes to remote hosts over SMTP by explicit IP address, +# given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs +# require this facility, which is why it is enabled by default in Exim. +# If you want to lock it out, set forbid_domain_literals in the main +# configuration section above. + +literal: + driver = ipliteral, + transport = smtp; + +end + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### + +# This single retry rule applies to all domains and all errors. It specifies +# retries every 2 minutes for 2 hours, then increasing retry intervals, +# starting at 2 hours and increasing each time by a factor of 1.5, up to 16 +# hours, then retries every 8 hours until 4 days have passed since the first +# failed delivery. + +# Domain Error Retries +# ------ ----- ------- + +* * F,2h,2m; G,16h,2h,1.5; F,4d,8h + +end + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +# + +# End of Andromeda Exim configuration file diff --git a/config.samples/C017 b/config.samples/C017 new file mode 100644 index 0000000..5760c8e --- /dev/null +++ b/config.samples/C017 @@ -0,0 +1,290 @@ +Date: Tue, 8 Dec 1998 13:00:00 -0600 +From: mark david mcCreary + +I have gotten the new VERP feature of Exim 2.054 working in test, along +with some supporting programs to handle bounces that do come back. The +routines are included below. + +The idea is that each message sent out will have a unique envelope sender, +and all SMTP engines should return bounces to the machine that sent it, +based on the envelope information. + +The envelope sender is unique in that it contains the mailing list that +sent the message, as will as the email address of the recipient. Any +message sent back to that address should always be a bounce, and thus there +is no need to decipher the body of the message for clues as to which email +address bounced. + +The supporting procmail and perl program simply read the email address, and +compose a standard <550> SMTP error message to send to the mailing list. +The mailing list (at least Smartlist) will then remove addresses that +bounce more than x times. + +I would guess with some fancy regexp parsing and Exim filters to place a +<550> joe@aol.com in the body, the Procmail and Perl routines could be +replaced, and the <550> error message generated from within Exim, and then +sent to the appropriate mailing list. + +Please let me know if you figure out how to do that. + + +Part 1 - Exim configuration (needs Exim 2.054 or better) + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +## This transport is called for all mailed sent to bounce-* +# The comeback procmail will parse it, and create a bounce message +# to the correct list + +bounce_pipe: + driver = pipe; + command = "/usr/bin/procmail -d comeback", + envelope_to_add, + user = exim + + +# This transport is used for delivering messages over SMTP connections. +# One message at a time, so that the address may be placed in the To: line +# Kludge up a message id, so that receiving hosts do not consolidate on same +# message id + +smtp: + headers_remove = +"To:Message-Id:Resent-To:Resent-Date:Resent-From:Resent-Message-Id:Resent-Bcc", +add_headers = "To: $local_part@$domain\n\ + Message-Id: +", + return_path = "${if match {$return_path}{^(.+?)-request@.*\\$}\ + {bounce-$1=$local_part=$domain@$primary_hostname}fail}", + driver = smtp; + max_rcpt = 1 +end + + + +###################################################################### +# DIRECTORS CONFIGURATION # +###################################################################### + + +# any mail prefixed with bounce- is probably a bounce message +# from the owner-hack delivery method + +bounce: + driver = smartuser, + prefix = bounce-; + transport = bounce_pipe + + + +Part 2 - Procmail Routine - Needs Procmail 3.11pre7 + +# The mail-list.com front-end for Smartlist Mailing Lists +# +# Copyright (c) 1998 Internet Tools, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Comeback Bounce Error Routine +# +# This routine is used when bounced message come back from the owner-hack +# method of delivery. That is, each envelope sender is unique, containing +# the list name and email address in the envelope. +# +# Reads email message bounced back and creates and sends +# bounce message back to appropriate list +# +# Calls Perl program comeback.pl to accomplish the bulk of the work + +PATH=.:/home/ftp/discuss/.bin:/bin:/usr/bin:/usr/local/bin:/usr/sbin:$PATH +SHELL=/bin/sh + +VERBOSE=yes +LOGABSTRACT=all +LOGFILE=$HOME/procmailog +COMSAT=no +test=test # /usr/bin/test +mkdir=mkdir # /bin/mkdir + +DOMAIN=mail-list.com # the common domain for all the lists +SUBDOMAIN=`hostname` # the fully qualified hostname + +$test -d backup || $mkdir backup +$test -d bounces || $mkdir bounces + +# save a copy of all incoming files to an existing directory called backup +# +:0 c +backup + +# detect mail loop +# save in folder for debugging purposes +# terminate + +:0 +* $^(X-(Unsubscribe:|Diagnostic:)) +bounces + +# weighted scoring to determine if it's a from a mailer_daemon +# The E flag executes only if the preceding receipe did not +# + +#:0 h +#* -100^0 ^FROM_DAEMON +#* 1^0 +#{ } + +#:0 Eh +#bounces + +SENDER = `formail -rtzx To:` +SUBJECT = `formail -zxSubject:` +TODAY = `date "+%Y-%m-%d %T"` + + +:0 hwic: log.lock +| echo -e $TODAY "\t" $SENDER "\t" $SUBJECT >> log-comeback + + +# throw away all messages that are warnings, or notices of receipt + +:0 h +* ^Subject: \ + (Message status - opened| \ + .*warning| \ + .*temporarily unable to deliver| \ + .*Undelivered mail in mailqueue|.*Waiting mail|mail warning) +/dev/null + + +# filter the email message +# throw away the body, all information is in the headers + +:0 fbi +| /bin/true + +# filter the email message +# remove bounce- prefix from envelope-to header +# move into from header + +:0 fh +* ^Envelope-to: bounce-\/.* +| formail -I"To: $MATCH" + + +# filter the email message +# set up the headers for the perl program + +:0 fh +| formail -I"Subject: Bounce from comeback" \ + -I"Envelope-to:" \ + -I"From: mailer-daemon@[127.0.0.1]" + +# +# pass email message to perl program +# which will send out a bounce message to the correct list, from the bouncing +# email address +# + +:0 w +| comeback.pl + + +Part 3 - Perl Program - needs Perl 5.004 with Perl Modules for Internet mail + +#!/usr/bin/perl -w +# +# The mail-list.com front-end for Smartlist Mailing Lists +# +# Copyright (c) 1998 Internet Tools, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# +# This program will generate bounce messages, and send them to the +# appropriate list-request address. +# +# This program is invoked by a Procmail recipe. The body of the email +# message came back from the owner-hack delivery, and can be ignored. +# +# Exim will stick the envelope address in a special header - Envelope-to: +# +# This program will parse out the offending list and email address from +# that Envelope-To address. Then create a bounce message and send it. +# +# This program uses the Perl Module Mail::Internet to send each message. + +use Mail::Internet; + +chop(my $Date = `date "+%Y-%m-%d %T"`); + +my $bounce_body = ' 550 '; # 550 is SMTP error code for user unknown +open(LOG,">>/tmp/comeback.log") || die(" Could not open comeback.log $!"); + +$ENV{'SMTPHOSTS'} = '[127.0.0.1]'; + +my $mesg = new Mail::Internet \*STDIN; + +# look at mail headers, and grab the data + +my $from = $mesg->head->get('From'); chop($from); +my $to = $mesg->head->get('To'); chop($to); +my $subject = $mesg->head->get('Subject'); chop($subject); + +my @tokens = split(/@/, $to); +my @parts = split(/=/, $tokens[0], 2); +my $long_to = $parts[0]; +my $bad_address = $parts[1]; + +$bad_address =~ s/=/@/; # replace = sign with @ symbol + +$to = $long_to . "-request\@[127.0.0.1]"; + +# make the body of the message a simple bounce message that smartlist can +handle + +my $message_body = $bounce_body . "<" . $bad_address . ">" . "\n"; + +my $new_mesg = new Mail::Internet( + [ ], + 'Body' => [$message_body] + ); + +# this is who the mail is directed to via SMTP; + +$ENV{MAILADDRESS} = $from; + +# these are the addresses placed in the header block of the message. + +$new_mesg->head()->add('From', $from); +$new_mesg->head()->add('To', $to); +$new_mesg->head()->add('Subject', $subject); + +# $new_mesg->print_header(\*LOG); +# $new_mesg->print_body(\*LOG); + +print LOG "$Date\t$to\t$bad_address\n"; + +my @recips = $new_mesg->smtpsend; + +unless (@recips > 0) { + print LOG "Failed to deliver ($from,$to,$message_body) \n"; + } + + +Please send comments or suggestions for improvements to mdm@internet-tools.com + +mark david mcCreary +Internet Tools, Inc. 1436 West Gray #438 +mdm@internet-tools.com Houston, Texas 77019 +http://www.internet-tools.com 713.627.9600 diff --git a/config.samples/C018 b/config.samples/C018 new file mode 100644 index 0000000..17bb2c8 --- /dev/null +++ b/config.samples/C018 @@ -0,0 +1,148 @@ +Date: Mon, 17 May 1999 22:34:10 -0700 +From: Thomas Robinson + +This configuration removes a lot of the aliases, and automates a +lot of the other functions based on whether the files / +directories exist. Only three aliases per list are needed: + +-approval +-owner +owner- + +# Lots of stuff snipped . . . + +trusted_users = mail:majordomo + +end + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +# More stuff snipped . . . + +# This transport is used for processing *-request addresses +# through Majordomo +majordomo: + driver = pipe + user = majordomo + command = "/usr/local/mail/majordomo/wrapper majordomo -l ${local_part}" + return_fail_output = true + + +# This transport is used for processing messages through the +# majordomo resend mechanism +resend: + driver = pipe + user = majordomo + command = "/usr/local/mail/majordomo/wrapper resend -l ${local_part} ${local_part}" + return_fail_output = true + + +# This transport handles creation of digests for majordomo. +digestify: + driver = pipe + user = majordomo + command = "/usr/local/mail/majordomo/wrapper digest -r -C -l ${local_part}-digest ${local_part}-digest" + return_fail_output = true + + +# This transport handles the archive function +archivate: + driver = pipe + user = majordomo + command = "/usr/local/mail/majordomo/wrapper archive2.pl -f /usr/local/mail/lists/${local_part}.archive/${local_part} -M -a" + return_fail_output = true + +end + + + +###################################################################### +# DIRECTORS CONFIGURATION # +# Specifies how local addresses are handled # +###################################################################### +# ORDER DOES MATTER # +# A local address is passed to each in turn until it is accepted. # +###################################################################### + +# Local addresses are those with a domain that matches some item +# in the "local_domains" setting above, or those which are passed +# back from the routers because of a "self=local" setting (not +# used in this configuration). + + +# This director handles list processing of *-request addresses. +# Note that if there is no file, the message will NOT get passed +# to majordomo. + +listrequest: + driver = smartuser + suffix = -request + require_files = +/usr/local/mail/lists/${local_part}.config + transport = majordomo + + +# This director handles list processing when sending through the +# majordomo RESEND mechanism. If there is no file, the message +# will NOT get passed to majordomo. + +listresend: + driver = smartuser + suffix = -digest + suffix_optional = true + require_files = +/usr/local/mail/lists/${local_part}${local_part_suffix}.config + transport = resend + except_senders = owner-${local_part}@marsh.cts.com:majordomo:owner-${local_part}-digest@marsh.cts.com + + +# This director handles creation of the archive files for a list. + +archives: + driver = smartuser + suffix = -digest + suffix_optional = true + require_files = +/usr/local/mail/lists/${local_part}.archive:!+/usr/local/mail/lists/${local_part}-digest.config + transport = archivate + unseen = true + + +# This director handles the list-digest processing. + +digests: + driver = smartuser + require_files = +/usr/local/mail/lists/${local_part}-digest.config + transport = digestify + unseen = true + + +# This director handles list processing. + +listout: + driver = forwardfile + require_files = +/usr/local/mail/lists/${local_part}.config + file = /usr/local/mail/lists/${local_part} + modemask = 2 + user = majordomo + no_check_local_user + forbid_pipe + forbid_file + one_time + skip_syntax_errors + errors_to = owner-${local_part} + + +# This director handles aliasing using a traditional /etc/aliases +# file. If any of your aliases expand to pipes or files, you +# will need to set up a user and a group for these deliveries to +# run under. You can do this by uncommenting the "user" option +# below (changing the user name as appropriate) and adding a +# "group" option if necessary. + +system_aliases: + driver = aliasfile + file = /etc/aliases + search_type = lsearch + user = mail + +# The rest of the file goes here . . . diff --git a/config.samples/C019 b/config.samples/C019 new file mode 100644 index 0000000..d4757f2 --- /dev/null +++ b/config.samples/C019 @@ -0,0 +1,72 @@ +From: John Horne +Date: 20 May 1999 + +The following configuration file entries can be used to provide a 'vacation'- +style function for a mailhub which has no local users. (In our case the mail is +sent from the mailhub to users on file servers.) + +The procedure is that the user's local part is added to a lookup file. A +directory is then created for the user to store a log file and a list of +sites which have received a reply already (this avoids a sender receiving +numerous vacation messages). + +When a message for a vacation user is received a director lookups up the +users local part address. If found then a transport is invoked which sends +either a user supplied message or a default message back to the sender. +The default message is held in '/usr/local/exim/messages/vacation'; it simply +states that the user is away (word this to your own needs!). + +When the user returns to your site simply remove them from the lookup file, +and delete the directory created for them. + +Note: The following changes were provided by Richard Gilbert of the + University of Sheffield (R.Gilbert@sheffield.ac.uk) - + The file lookup could be a simple text file: + local_parts = lsearch;/usr/local/exim/vacation-users + + The lookup file may not be necessary since the 'require_files' option + is present. + + The condition statement could be further extended: + condition = "${if \ + and{{or{{match{$header_to:}{(?i)${local_part}@shef(field)?\\.ac\\.uk}} \ + {match{$header_cc:}{(?i)${local_part}@shef(field)?\\.ac\\.uk}}}} \ + {!eq{$sender_address}{}} \ + {!match{$message_precedence}{(?i)bulk|junk|list}}}{yes}{no}}" + + The following exceptions could be included: + except_senders = "^.*-request@:^owner-:^postmaster@:^.*daemon@:\ + ^.*server@:^root@:^${local_part}@shef(field)?\\.ac\\.uk" + +--------------------------------------------------------------------- +The director and transport entries to use are: + +Add to the transport section: + +vacation_user: + driver = autoreply; + subject = "${if def:h_Subject: {Re: $h_Subject:} {I am on vacation}}" + file = "${if exists {/usr/local/exim/vacation/$local_part/msg} \ + {/usr/local/exim/vacation/$local_part/msg} \ + {/usr/local/exim/messages/vacation}}" + log = /usr/local/exim/vacation/${local_part}/log + once = /usr/local/exim/vacation/${local_part}/once + to = $reply_address + from = $local_part + user = exim + + +Add to the top of the director section: + +vacation: + unseen + no_expn + no_verify + condition = "${if or {{match {$h_precedence:} {(?i)junk|bulk|list}} \ + {eq {$sender_address} {}}} {no} {yes}}" + local_parts = cdb;/usr/local/exim/tables/vacation-users.cdb + require_files = /usr/local/exim/tables/vacation/$local_part/ + transport = vacation_user + driver = smartuser; + errors_to = postmaster@plymouth.ac.uk + diff --git a/config.samples/C020 b/config.samples/C020 new file mode 100644 index 0000000..6c033d0 --- /dev/null +++ b/config.samples/C020 @@ -0,0 +1,270 @@ +From: "Rick Williams" +Date: Wed, 12 May 1999 09:16:02 +0100 + +I was asked for a copy of the programs we were using to mail +everybody and as they are not too big I hope you don't mind me +posting them here. There are two programs emailrequest.pl and +post_all.pl, they both require Mail.pm which I understand is +generally available. + +These programs have been completely re-written from scratch by +one of our programmers and work . The usual disclaimers +apply. + +emailrequest.pl generates a list of all current users from the +password list sorted on company, surname and firstname, this is +very useful for us here because our staff constantly changes. The +other, post_all.pl takes a message and sends it on to all users in +the password list as a BCC, there are certain filters in the program +to miss out non-human users. + +You will need some settings in your aliases file to call these +programs (although rather obvious). The first setting is needed. + +### Alias File ### +discard: :blackhole: + +#email list request +email: "|/where/you/put/it/emailrequest.pl" + +#mail to everyone +everyone: "|/where/you/put/it/post_all.pl" + +#If you want to send a mass message to one part of your org only +#and it is defined in the company setting in the password file +#then use +company: "|/where/you/put/it/post_all.pl \"Company Section\"" + + +--Message-Boundary-12668 +Content-description: Text from file 'emailrequest.pl' + +#!/usr/bin/perl +# +# +# Internal EMail List Generator +# +# Version 2.0 +# +# William F. McCaw 1999 +# +# +# Returns an email containing a sorted list of all valid users on the +# system, grouped according to company. +# +# For this program to work properly, the following conditions must be met +# for all valid email recipients... +# +# * Their UID must be between 1000 and 60000 (inclusive). +# * Their Name must be defined. +# * Their Name must not start with a lower case 'x'. +# * Their Name must not be 'nobody'. +# * Their must be of the following format... +# +# "Forename Surname, Company" +# +# Note... The ", Company" must be present. +# Forename is assumed to be the first word. +# Surname is assumed to be everything else. +# + + +# +# Read the message from standard input +# +$MsgSender = ''; +# Extract the required details from the message's header +while ( defined($Line = ) && ($Line =~ /^[^\r\n]/) ) + { + $Line =~ s/[\r\n]//gs; + if ( $Line =~ /^Return-Path:\s*<([^>]+)>/i ) # First choice for sender + { $MsgSender = $1; } + if ( $Line =~ /^From:\s*(.*)/i && !$MsgSender ) # May be no return path + { $MsgSender = $1; } + } +# Ensure we have a sender's address +exit(0) if ( !$MsgSender ); + +# +# Read the contents of the system's password file +# +open(PASS, '/etc/passwd') || exit(0); +@Users = ; +close(PASS); + +# +# Extract the details of all valid users from the password file and batch +# them according to the company name associated with them. +# +%Companies = (); +foreach $User ( @Users ) + { +# Separate the current user's details and determine whether to include them +# within the generated email list + ( $EMail, $Password, $UID, $GID, $Name, $Home, $Shell ) = split(/:/, $User); + next if ( !defined($UID) || ($UID < 1000) || ($UID > 60000) || + !defined($Name) || ($Name =~ /^x/) || ($Name eq 'nobody') ); +# Ensure the name field contains a company name + next if ( !($Name =~ /^(.*?)\s*\,\s*(.*?)$/) ); + $Name = $1; + $Company = $2; +# Get the reference to the members array for this company, creating the +# company entry as and when required + if ( exists($Companies{uc($Company)}) ) + { $Members = $Companies{uc($Company)}->[1]; } + else + { + $Members = []; + $Companies{uc($Company)} = [ $Company, $Members ]; + } +# Massage the user's name into the required "Surname, Forename" format + if ( $Name =~ /^\s*([^\s]+)\s+(.+)$/ ) + { $Name = "$2, $1"; } +# Append the user to the list for the current company + push(@$Members, [ $Name, $EMail ]); + } + +# +# Generate the email back to the original sender containing the full list +# +open(MAIL, "|/usr/bin/exim -t"); +# +# Output the message headers and leading message body text +print(MAIL "From: $MsgSender\n", + "To: $MsgSender\n", + "Subject: Requested EMail List\n\n", + "Internal EMail addresses as of: ", scalar(localtime()), "\n"); +# +# Output the sorted list of companies, and within that, output the sorted +# list of individuals within that company +foreach $Company ( sort(keys(%Companies)) ) + { + $Company = $Companies{$Company}; + print(MAIL "\n", + $Company->[0], "\n", + ('~' x (length($Company->[0]) + 1)), "\n"); + foreach $Member ( sort({ uc($a->[0]) cmp uc($b->[0]) } @{$Company->[1]}) ) + { printf(MAIL " %-34s %s\n", $Member->[0], $Member->[1]); } + } +# +# Output the trailing message footer +print(MAIL "\n", + "Remember to received an updated email list, just send a blank message to\n", + "email\@charlesworth.com and you should get a reply within 30 seconds.\n\n", + "For more information or any queries contact sysadmin\@charlesworth.com\n\n"); +close(MAIL); + + +# +# End of File +# + +--Message-Boundary-12668 +Content-description: Text from file 'post_all.pl' + +#!/usr/bin/perl +# +# +# "Everyone" EMail Exploder +# +# Version 2.0 +# +# William F. McCaw 1999 +# +# +# Sends body of message supplied on STDIN to all valid users listed within +# the computer's /etc/passwd file. +# +# * Original headers, apart from the sender and subject are discarded. +# * Recipients are batched with up to 60 per email. +# * Recipients are specified via 'Bcc:'. +# + +# +# Function Prototypes +# +sub SendMessage(); + + +# +# Determine the target company for sending out the email to +# +$TargetCompany = (( defined($ARGV[0]) ) ? $ARGV[0] : ''); + +# +# Read the message from standard input +# +$MsgSender = ''; +$MsgSubject = ''; +# Extract the required details from the message's header +while ( defined($Line = ) && ($Line =~ /^[^\r\n]/) ) + { + $Line =~ s/[\r\n]//gs; + if ( $Line =~ /^Return-Path:\s*<([^>]+)>/i ) # First choice for sender + { $MsgSender = $1; } + if ( $Line =~ /^From:\s*(.*)/i && !$MsgSender ) # May be no return path + { $MsgSender = $1; } + elsif ( $Line =~ /^Subject:\s*(.+)/i ) # Preserve the subject + { $MsgSubject = $1; } + } +# If we are missing certain information then provide some defaults +$MsgSubject = '*** Unknown Subject ***' if ( !$MsgSubject ); +# Read in the message body and signature +@MsgBody = ; + +# +# Read the contents of the system's password file +# +open(PASS, '/etc/passwd') || exit(0); +@Users = ; +close(PASS); + +# +# Send the message to all the users within the password file +# +@MsgRecipients = (); +foreach $User ( @Users ) + { +# Split the current users's details and determine whether to send the +# message to them or not + ( $EMail, $Password, $UID, $GID, $Name, $Home, $Shell ) = split(/:/, $User); + next if ( !defined($UID) || ($UID < 1000) || ($UID > 60000) || + !defined($Name) || ($Name =~ /^x/) || ($Name eq 'nobody') ); + next if ( $TargetCompany && !($Name =~ /\,\s*$TargetCompany/io) ); +# If we have already reached the recipient limit for this message then +# dispatch it and reset the recipient list ready for the next message + if ( scalar(@MsgRecipients) == 60 ) + { + SendMessage(); + @MsgRecipients = (); + } +# Append the current email address to the recipient list + push(@MsgRecipients, $EMail); + } +# +# Ensure the folk at the end of the user list receive the message +if ( scalar(@MsgRecipients) ) + { SendMessage(); } + + + +# +# +# Routine to send the specified message +# +sub SendMessage() + { + open(MAIL, "|/usr/bin/exim -t"); + print(MAIL "From: $MsgSender\n") if ( $MsgSender ); + print(MAIL "To: Everyone \n", + "Subject: TO EVERYONE: $MsgSubject\n", + "Bcc: ", join(", ", @MsgRecipients), "\n\n", + @MsgBody, + "\n"); + close(MAIL); + } + + +# +# End of File +# diff --git a/config.samples/C021 b/config.samples/C021 new file mode 100644 index 0000000..dd3d24c --- /dev/null +++ b/config.samples/C021 @@ -0,0 +1,303 @@ +Date: Thu, 13 May 1999 12:17:03 -0500 +From: mark david mcCreary + +Here is some sample code that might be useful for handling +X-Failed-Recipients headers generated by Exim, with mailing lists. + +It will generate one bounce message for each bad address. The message +will be sent back to the mailing list that generated it. + +It consists of some procmail routines to decipher which list generated +the error, with a Perl program to parse and generate the email message +for each email address in the X-Failed-Recipients: header. + +You need Procmail 3.13 or better + +You need Perl 5.004 plus the Internet::Mail Perl Module. +Or you can call your MTA directly from Perl, if you do not have +Internet::Mail Perl Module. + + +Step 1) Procmail recipe that gets called with bounces that Exim generates. + +# The mail-list.com front-end for Smartlist Mailing Lists +# +# Copyright (c) 1999 Internet Tools, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# +# X-Failed Routine +# +# This code may be useful for deciphering error messages +# for mailing lists. +# +# This routine will receive error messages generated by Exim +# Those messages will have a special header, called +# +# X-Failed-Recipients: +# +# Up to 50 email addresses can be listed on each header. +# There can be multiple X-Failed-Recipients: headers. +# +# This procmail procedure will determine the list name +# +# For example, if mailing list message was sent from +# +# elvis-admin@domain.com +# +# Then elvis would be the name of the list. +# +# Once the list name is determined based on the contents of the message, +# a perl program is called to parse the email addresess. +# +# In addition, a bounce error message is sent back to the mailing list, +# so it can be removed from the list. +# +# +# + +PATH=.:/home/ftp/.bin:/bin:/usr/bin:/usr/local/bin:/usr/sbin:$PATH +SHELL=/bin/sh + +#VERBOSE=yes +#LOGABSTRACT=all +VERBOSE=no +LOGABSTRACT=all +LOGFILE=$HOME/procmailog +COMSAT=no +test=test # /usr/bin/test +mkdir=mkdir # /bin/mkdir + +DOMAIN=domain.com # the common domain for all the lists +SUBDOMAIN=`hostname` # the fully qualified hostname + +SUFFIX=-admin + +# detect mail loop +# save in folder for debugging purposes +# terminate + +# strip Reply-to and Sender addresses, as many people screw these up +# Then the formail -rtzx will try to grab that address + +:0 fh +| formail -I "Reply-To:" -I "Sender:" + +# log requestor email To: From: address + +SENDER = `formail -rtzx To:` +SUBJECT = `formail -zxSubject:` +FROM = `formail -zxFrom:` +TODAY = `date "+%Y-%m-%d %T"` + +# Figure out the listname being subscribed to +# Considered to be the base part, followed by -admin@domain-name.com +# +# +# If address does not end in -on, or otherwise cannot be determined, send to +# dummy-request for handling +# + +BASELIST=dummy + +# locate addresses within <> symbols first + +:0 +* ^Envelope-to:.*[<]\/[^ ,@]+ +{ + STRING = $MATCH + TERM = $SUFFIX + INCLUDERC = /home/ftp/.etc/rc.rm_term + BASELIST = $STRING +} + +# otherwise, if no match above, just look for @ symbol to grab email address + +:0 E +* ^Envelope-to: \/[^ ,@]+ +{ + STRING = $MATCH + TERM = $SUFFIX + INCLUDERC = /home/ftp/.etc/rc.rm_term + BASELIST = $STRING +} + +# Exim generates bounce back messages with X-Failed-Recipients Headers +# If this email message is one of those, then process by a special +# perl program, which will generate a bounce message for each failed +# email address. + + +:0 h +* ^From:.*Mailer-Daemon@.*.domain.com +* ^X-Failed-Recipients: +| xfailed.pl $BASELIST-admin@[127.0.0.1] + + + + +Step 2) Procmail Sub routine to recurvisely parse email address + by Philip Guenther. + + Place in /home/ftp or tweak script for where you place it. + +# +# Copyright (c) 1997 Philip Guenther +# +# +# 3/05/97 Philip Guenther +# +# Remove a terminating string $TERM from $STRING, returning it in +# STRING. $TERM *must* start with a '-', as that's what this +# routine splits up STRING on. "found" is a temporary variable that +# must be empty on entry. The script will clear it on exit, so things +# should be fine as long as you don't use it yourself. + +# Append the next 'word' in STRING to $found + +# 10/15/97 mdm make result lower case for file name matchups +# + + +:0 +* STRING ?? $ ^^$\found\/${found+-}[^-]* +{ found = "$found$MATCH" } +:0 E +{ + # This cannot happen unless found was set on entry! + LOG = "*** WARNING *** +variable 'found' was set to $found on entry to $_ +one of the uses must be renamed for rm_term.rc to work! +" + # Help me, help me! + :0: + $DEFAULT +} + +# Are we done? +:0 +* ! STRING ?? $ ^^$\found$TERM^^ +{ + # Nope + INCLUDERC = $_ +} +:0 E +{ + # Return the match, and clear our temporary. + STRING = `echo $found | tr 'A-Z' 'a-z'` + found +} + + + + +Step 3) Sample Perl Code to parse X-Failed-Recipients: headers, and + send email message containing bounce error code. + +#!/usr/bin/perl -w +# +# The mail-list.com front-end for Smartlist Mailing Lists +# +# Copyright (c) 1999 Internet Tools, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# +# When Exim is unable to deliver a message, it generates a bounceback +# with X-Failed_Recipients header(s). +# +# Each bad address is listed in these header(s). +# +# This program will generate bounce messages, and send them to the +# appropriate list-admin address. +# +# This program is invoked by a Procmail recipe, with the list-request +# address in the first and only argument. +# +# This program uses the Perl Module Mail::Internet to send each message. +# +# +# + +($list_address) = @ARGV; + +use Mail::Internet; + +chop(my $Date = `date "+%Y-%m-%d %T"`); + +my $bounce_body = ' 550 '; # 550 is SMTP error code for user unknown +open(LOG,">>/tmp/xfailed.log") || die(" Could not open xfailed.log $!"); + +$ENV{'SMTPHOSTS'} = 'localhost'; + +my $mesg = new Mail::Internet \*STDIN; + +# look at mail headers, and grab the data + +my $from = $mesg->head->get('From'); chop($from); + +# can be more than 1 X-Failed_Recipients header, so put into array + +my @xfail = $mesg->head->get('X-Failed-Recipients'); + +$xfail = "@xfail"; # stick array of headers into scalar +chop($xfail); # remove final newline + +# turn any newlines from middle of multiple X-Failed-Recipients into commas + +$xfail =~ s/\n/,/g; + +my @tokens = split(/,\s/, $xfail); # put email address, minus commas into array + +my $email_addr; +foreach $email_addr (@tokens) { + + unless ($email_addr =~ m/\@/) { + next; + } + + unless ($list_address =~ m/\@/) { + next; + } + + # make the body of the message a simple bounce message that smartlist can handle + + my $message_body = $bounce_body . "<" . $email_addr . ">" . "\n"; + + my $new_mesg = new Mail::Internet( + [ ], + 'Body' => [$message_body] + ); + + # this is who the mail is directed to via SMTP; + + $ENV{MAILADDRESS} = $from; + + # these are the addresses placed in the header block of the message. + + $new_mesg->head()->add('From', $from); + $new_mesg->head()->add('To', $list_address); + $new_mesg->head()->add('Subject', 'bounce from xfailed'); + +# $new_mesg->print_header(\*LOG); +# $new_mesg->print_body(\*LOG); + + print LOG "$Date\t$list_address\t$email_addr\n"; + + my @recips = $new_mesg->smtpsend; + + unless (@recips > 0) { + print LOG "Failed to deliver ($from,$list_address,$email_addr) \n"; + next; + } + +} + +exit; diff --git a/config.samples/C022 b/config.samples/C022 new file mode 100644 index 0000000..18f6064 --- /dev/null +++ b/config.samples/C022 @@ -0,0 +1,12 @@ +Date: Tue, 14 Sep 1999 00:58:56 +0200 +From: Vadim Vygonets + +This is the Exim configuration file of a machine which delivers mail to several +local domains, where the mail is delivered locally, several hairy domains, +handled as described below, and a half-virtual domain, which is first processed +by its special alias file, then processed as other local domains (including the +processing by the global alias file). + +This contribution consists of a number of files that are in the tar archive +C022.tar, which unpacks into a directory called "hairy". See the README file +therein for an explanation of the configuration. diff --git a/config.samples/C022.tar b/config.samples/C022.tar new file mode 100644 index 0000000000000000000000000000000000000000..534c97e71199a03afddf24ebe178dc112a17dcda GIT binary patch literal 40960 zcmeI5dwbhPc8Bw?@F`H)-IZO5x=V>tZzbPiwZ7z$lufsL;RBMOgcV7!1SwhZTUdC_vvC&f4!G2|%E#~&N-@+?hzAG_iI=XYn~|7trQbhFdR zDE%yxSQ9t5wyyKtf8N~L+~qst|Hkh6)~5KsX)^Iyu(<~G3+Mm6x%@=;;u}9llfgLa zr*V+2WSr%LxSRFTxSNmSXK%CqwP)@{b3x`_6oJplSysgSm&Bd4n@oD+S%_SoW$m;0 zGVAr?e3*`svCtij()PG_6=ws$Oa|?|KkQ{~zUy!aYtif3REkFYeJ@RlG%nIK9-pOg zKN(Dtp3N=+4v(b(>}ACmKzTRjNxN?}lQQ{G1S+^A0oP;@w^GJy_a+@1I8Fd^la>u8 znvT*q;s1<(758)g0>;2yN?}4i0D|tan*rky6@dnZk#VJyw^xf{+HQ>Bj>8wmr4BO~ zWvz)ZFcC?Iy~L<lE+(1;)RlEJy*rRe}rC>F6?+E^G~X5+K?o)J7d z9UvK<1|*u7n$1vpuhB2xJUMt7KYjN6@b%%z;hWdT*EGHIaehjV&W|SOZ7*-b<4)d( zO$efiO;FKMdO1S2Vs16=%_3y(yr_E{s#(70Bkoj0;xyoc8GhAaKF{QR&{ zyCOsLBI$KkF0#>By6;DgUL3r9-u&a?(Mj{^V_>gdB%@W7puc*?-MYDYhZ|p#lO?^C zPOJZI^>H@_Ub+Mh!Uu=1n@&yYt)_a0S5m!jLo_kHgqxXcC$82T68c_&T@oCd?-}~oHOL|J%fCV&A|Wy z4nPwPyz~ITgSOdHZULVjkTFhqOLoOZ)_o}IJ#0eOPexZwO~J5!WEL(=Pgpvx3y=6R z!F&J-{F9E19)HW{Oa{{_@CA0JNDH7l5*!R>-5~Vw8=!+X>f{&|O~xBPOijGFzZkdA zk`d-8m67Y_yMo<4n>$Q3Tfi|r&WlF>c}KW(IM7oB@HGEa#ND39ZE z9E`Kv57x{-zZfrN4Sd<(&B&ter;tt5d0+r*(*atF9q0v^jrfOI#BeUD-A;${^7xo5 zb4%Wo7>`B;GXtEDCK~av_xeN&X@*~ER><6ZCyo`%gLGWH_X2^lHE}UE0SM+0a`dzD zEb>Ed`NepY_H)ctfgHEx5pT#CfT~hvgCzsDrM$(h`h3Hm#|}?_{YO$)>UA5Je=Va(sHZ_M5-&< zo(|=oHi-q;4Kmb;aBV&{64WL<9iXmQrqy*nVsTG9@8yG)BE_m&SRga%)u@gVI8OE7 z%d7a*FXOQ?C~%qAG&+6|%te^R6v^5|VlWbsOj@hBnv{rjo!rPGvj9F&o(l>Q{mp4l zVwDUw4`5Vl5;Duglg-jVu%Sk_qr=bN=M8%!s>+M2t z(Pq!9swR4wAtLgf+AU|yO)R}T>k-B%mOcDFXwR~E0oJ9xy$N6uY)AWlUSD5tRQ~_h zMH4w0PO_FD20*$l2pA710LHR_fz!>Ug22A8&{{$3VvQh+083i=h4X5)ubMu`F(23T zFbgBg>ynM7sJdKDVZ6K?i4-`?fJlTUSqGnG@iIx7W~%59pCz3&ZdTQn=oyJh#$ySU zR}S)vQ%Nv>ZEy<7`E0U<#4r>lG>io_MzeVi@>brt!k3X6rb)*u0?KQzbx5`&youi5Q_9NzHpLcV;BX<95U<>v?(TJ%qCfq z)c9;dGKmC|C@D)!#`y?s7>Gkn$AU+(z!*bM#3guBjhlo<;sB1)UPAN*k{B0>`7%^h z0xU})f;q#bZ+uAKA^fTh#ErfJRr1I&gNH1oRk zv6hV?K1jqQM3FFPIxTHFq#rrl^abj@uh?zoP}70NXQO;_dM4N|M0G>A(~*UNg2cQ= z=(o6qz&n8eKfVpi?wF z>g$`%G^{n&R@ZmzK|c{0R#^S&KjT)?KA#MQ+$m#S!ZR3Z+3I;l4yqW#J~_kSkye@u z7Q)#`R@zF$h>8J1H3o$c&sy>i8?7`0qw~vBD9}~lII`a)BGBq^YziS(D-dB-p`4Xq zTr1efCyy0{FFql;ALSH-x+S9)Z9b~1FsiB;s&BZ!i3^hG;3ZnA(DXjVN*N#{mkTV^ zfw?^;5$@%=5l@=dlYHl>&MBZU< z=248e=zptgrst1Kjazm#9pNP7p(&?>3kWr|9L1#~nkUx$S|T8ylt^SUNCFa+wiNJ( z6r`0?+Mp(5$-c5&1cZVL6TmnP$`~l*L{3|QR*gQV0qjzlOuz$kVx(ybz-#(=gQCC# zGdL@1C_yMGrQ8WUFf8+K6k$AXW(n@8M+-IyW3Ft6i-~LL#Oxb2dTs=f%!W`JDuls8 zWS|faQi})31?-D|Jfp@GdZLDER?r;+`n2*%jUgt^=h9Xa9y3SO)-{cwF6!Y-*2 zW1+wUgory$Q9M)SU4}B@CY%zyqcrJR75OnV!n&NsFBNhx9X+Ow=zKF|Pn`yd@iLxh zGET*0!Yew8=MuKF@p!nmy4p{MMdKoSOI@eGI%@S+Z9v(zQ>^lUfbJfNq7R0`guB^@ zp{)q$RNahIKRNe>%TfAw2<%*$$qsG|IL6mY{!J^fn$)$`V?1RL;OnyirlokdiXM2A zE&~U7S43lex=gl>Mm$6znn}ZY`x-ycnY00G&ww(*xfehE;U&WYNtH}y0&O}fIAO|5 zMQ~NbH%E_;h2iu@^mTv;$v+oYVBB}rS%6_ubH=TZrG1vR&z-JgpJBI+54SNXtzK#O zi3?i2Ms=#U-mur1)SuWhl!`_^YU!U-shLYo3mmi9(M;betB)TM8WiI`RbB$%hbDPd z2OZ3HkU!CNk?5eUoahWbIX58tWe(e!o#5a=ycRkmO>$Wh9MPo=#AGbuZkmi)X_K*V z=C>ZE0}G{o`_EVVKgCNdI&$Yv;)NL$UvH|7ZdDJvLU=bykzWavImx&CilvBSH4Acm zSEIko5Jd(M)bR*xoW9^E@H*7HsWiF)q(R0uPl%=nQQ@B><7*-S#f&6UQW(aIqE^=Q ze?$0b@w2e?fMRt}K4OeGNg?Z$Ju(l3ZK%*s2wk6QRdP!0BZ|5R(@$xW@TS)k(Hu7o z#M7*3Csg9QT-J0#l?xI}@w{zh!vFdQ3hbj1wkZIX9dgC-CSUZ6Q~kz zz>1q4Vs0PkyBI+trZ1M##%be$h28sEtKY!O0#^C%uo<3)axM)1J{>8Hh>O+b#>3TB zl9aZJ#|qkt)xRzM`ESdAefXg9@c!!k_0xIstg64(|2aM%sdAg!)>|a-~@%GheMo#I+7YFjaDWm8BrcF8Q5Z>12ZjTxLSf0 z3BX{|vz0=( zu}RC7gO1isVV*6Ydee;tGLyqwJVy!(Mo{>rr*o@H+-H8SbCn_Ug>mkyjK9?a>3F7Dd7yBwrTV<2}H`g`?ZTT8Pi>e zh^L4r#w{kO-{yYi) z)F~ws>~>0f$#nr1gFy_F0gda$ z3=`I0ZE@D(2&H})7&3@4^?qk_T(yFQh51GnFRfTor=+Wvg#|k+o;YQ)q8u!+QXY#9 zeV?Slt82x5*%ym~Ew5Mg2nY(h%VwG|XJyzfY(b0xX}y5=-onDlA1G@~-tM=OpLBsrm|7^CevrD_X<%uoT&0n=z|F~dhDML; zEg7ZfU6iX;rSRQ-_vHJ^WACm#_Wm!?LL67G-nVtEhDYlC`$aG)=tgRvHOE&t&POqA zCJ(t7Dm2!8G`dKAddD}G#y67z@gqix3z~?M86OfqDs8`?p^W>?@6GC$Ch-P)$oz_| zg)uKCv{$@EHJrw4!Z1(yccuGf8L?@RZ7L>qoL#XQ5$p_3Winu7g*+wWoKTCVGB&;J z9HVc%-CJ0Icy*rMiyMuGlU^c4B*eg$^5GUiO6gc>(bP~56a>Vs1|cD;?xf{-2e znyA(zmA?_{KpfUc6}jd^E4Jh2K)NPptjcHJ;N1K}SJj$YF=w5Mh_tVcgNWkt;uSjakJRzofoRjQN>kc!@z6cKe2sv_*D$il+A zpQ}|oQV}MvRet90-%IZtOp-$zY0usA{{D3Erkm3K{dbNc;TC&X@tY~_opQ@ZtdwMZ zkJe1P^(*a~;VswVk~kVxM@c7BwhSw(Gc%5;~zVhknYE+Nz*X z!+mKr&=TRwk|1zY(RGv5b4l#dExA8Oj#MVWy z7-CYFb}rePdAP#}tU456w7xrCnWRZTD0OU27hi9vm9Vld>MVJr2+8{VG^JK;jL8D7 zx}FsfaoKw5nx@%+MGWPNyLE{WmjK0=-5u@{P9~Oc|SWnqXJR( z)hNG$=F=1lgX@wjG0bKxhE?hAYBw%0LDO7O{Z=(ID5T{TwV0_5zmGroy}SnHixO|jq42b>qzc#+F44O zbpq?Jdyy3?C-A!-;RJbhJs56nsg`b;nwE72)eL|WJWp7Qk_Yu6Q^?lZ6Lu6>0iKmr z$yw!s)_0Y^`<#G~rrt-=R(upv=h3&F{A_j zs`K4Fh}5}1W{0qT1ff0CRp<+zH|%HLVBc^DZ8BrCc?BOn9{Svjm_thD{InTaX^pFp z`r@9h)@Wom>na159EVIULJ9SaPr&9kDI6TV`GIQvr9U=r+mHrxe2*8B4PG2Jjw#%vo;hL5x+1BN2YT|~pRgIsI z7||0phuvd%yGo-bh@G-dfXS1=Tyz09F$qRUdkZ|3FmC<$&x66BQThL0odG|3{zPuW zuVvsL5D#_+u}V26QgWFqmoCpldU=a^awS6lhtJB)9>U zR@U*gfwD<6Ac_r=E36e{c+9n01)loZ)rg)!8k_S+Y5v>Too6RUfBKZ=%lTFsA)86M zD%1ps6vkP7*XAU}%vKh5@llygTlB0hDqEvwIfMR9>zJqXVFE!wgnp{w>?&U0j%hAq zJp#zm>+_utW*zh`LdsF)|-Qr00zdrkoO6^C_empundG?92JGUA+#5_t@+-^EE=ZXvoRj=3UqDUPL zD}Vi$2TP5I5B_Z*!`wdmi{EGW7aFkmyLW$KS`=7UwWeBi8C`Z-@2zrkqsp>zv#Meh zm4#cX12wBy3r!KwiEn|{AlH+RbTS?OceMz=Ra^7fcF1yY;E41|L~dE zQ3G4!Kf6<@v^RWxvoT68Yxn-r49QWp%~cF5``r(B_4ZGwBCrHv075; z9uE1XE2!%+l|_B>?6Ou?;rv8M3^r~+@ZZ_#2bRtRAnMYl)4>v{tFVX>AgkoMOopm# zJsa#r3m#Xk{$qXI+FG>murc#`wAqNCSeJEWDglx3L|Ed&AeNp zdlxNO-EYBu?Yo*qLmT^|XzLTkuXub|#WIvNeGoc}!Xd5~3G~?`9Vj1m*!WtkZehvM zs`<)YN%7cg;L69guT_Q5I9;(Dd~r*(*S10ktie|Nim9Il#G-T4v6~XOLkG|*dI*+k zv)tgBL$?N&UMuop?VVeWEb33x=(S+^cH2&TpnWtn61lZfTM`sNGGVvx*$6RAa}F?I z!rDox#r9|ciRB~^mQ>q-vf{qc#wOdR^;2#CQM7IShAM!05YvT=>eCcz{Lu}8h=F{L zn2uT|f_|afmx!*hVoBA3&`!Zx1LXG$_=cCQIRSB$J}_xIPt#$LGDmV4p)E9R%0Apj zM}|8YLxlprXEhYpjq27FVJHf>Gd0GBm1~lG!5|y7^+{FTtm(qI1{Z1zHqnC5=Z(2D z*3N^TAPP~mqn*31FF|_`HB0DC#lv97r#WVXikGf?8^QjC!j@J{YACaiQ7XC>*4o6b zev(i%Gjv@yl6HGcC6t3?dhGR2*ltXgtHlvMhi2CbZ&EfwyR~R7r}z<#pDs;yx*uzc zx#@;Gxq|yzT0y`#DyR1S7*^NwD9DDg1)dFxI-07SL*UU33Y#LRcL`l^jY_*8G>EU* z#3VH;jbb2p#W3kRAsD`@*o-jC8EEOg)k!g0HJeUA z*>cBw$$mAdU$!P$uM^20>P~f==^)|LNnZLH%5=8MK`XkWbje_`F#kKa6h;Tn4z zt-Q-Qhy_`c2}i`4hgKFYue-~52$c>k-+yl9wD`3?teV*ljt z;wPLMO2toxi>e$?+TT2S^I9+_m2do|Xq-39_RRe1!{2y|HS?*DLCil0a^h^@EQpg2 zqd55xJm~fB6S@Tl@sYE|QLw*`SpE~_nth$;4^PR9{wq0;YUNJ|&1aswc2yT=E6m;1 ze zX4C5K>OUL>>iX{-eI>(~%Y1Lq|ILjpbl&uTb8Tx&?}=F7-rXT4oXhC90Qti8pA+|E zS8bz4r!GQPW>sJ0G!-3Ypabc-g}naP{t$tD&q{zhvxTi#`k6yBQm8mgPuwx-RRP#H zM}~b+Zb^duPUD;-A(vxXDC4g;HlpfUidn%G(}ERUr!Y)+07t0YiyzY}*Y@W=_}=@1 z&M{RISd@76!|@3PT((p3X~5YpD)_RJ(Mjl>WvP2Qh+sX}$zm!&Si>7tk^>s_^Y$6V z2=*O%jBbDGBxA3gJrRbvHqH+{y6xW5ipc?gs;;_s9B5Muql6FFk$VGTqYAIWWDPA( zklHgwC~}6{#iYeL4SuCI@j1xQk7;Y}BE`&&Gh=!FxTq!QF=;gi!$5Zf-bvTIQ?nRsow1`cLtVIPVbuwsZLO% zW31Ix{4~8_1N|$u*XfWi*LlssB9+sn=VWq{LVYPtQuup5#_@4J%FfLy&I!ww0D`Ce z-sb>D4)fxSkojP%LvXaK_|Pwko)7X%hx|NjdOzO;asJ)U&a*~0yURpx31WWv*Y)_% z$~5y1|Gv5<{@d8x4Ef*Y+WIcNfW&`0o74e+`LsU$$-DUPF8=e5YtP$sX~A9i=ZW$~ zgnuDgaX#JnPe|wEmbru}FUqjT`}leI$!W}06W!@$&gA=F570R6lIEMFH^+I4O|;%Q zb&XuO8a}v;&C}y9aJbD8&hY=0HQL*r{Z&)ch{Hh z|DE^0*6m;K*Qa8kEbA2}j23@VE85cN5Wc<>p#IRW1{98Ano_5``+KeYNjev zhSzjf`(^1Sc4wamxOLMqkbjc1S?yLkKwCSXS?D&o_ATl>8``|-67QrshP`BWL;+vS=0UtdI_x`9RI}6*Xu1u<)MglhV;5_|AYRDZXA_YJ)wy9kzUuIHYey6u(Z2J(*bJ}3|+#Z zCF#>9YS5~@4>P3jNynmIGFG3X+f?FO6zdbzPDqfTvZ?MD?eDNZYS*Sa6!sR}-@0$c z)#y1@_wspbd|aN<67B9V0&!NcItInw$X>Twp<58lrrwCs)WHk(&LED}DYJ~wxNhQ& zX7TnZe^>QyCz*aco$}yzSI`PKh2(dbSVHVGqS|H?zs0~>%oqFzw#85&)Qhq9uQ&<6 zdP_xy1B>0PD`BVOwZAYGZsCWtMD95?l$Ni9;p{rMg~x3pVFI=-h8)3u?+cw3o2|q1 z<}Q)wgyk2#HK}sgr=8AJ>BvXND;rB7E#|I#{Z{1nWK6{y3}5g{Obn92U9n?BOCh)k zJOa48$!}c&z)KFQ)C(KTuFT-CJ3z{j$~FyLW^L_qneuPH98rgaa(byzq{7bIZn z1etV9#q=$@vAvkeolPwUl^aRy@E6&k->*FUeR*7^DJW}ddascK8?22U_6L{fY&A%$ z^Q`qYI!v{WzQ+96%V7$GSPle{4%~5aH;4Y0hqi0Mjy>{LQ3qn!OaC}cuV;VB{$D_~ z7)BL|+zhW1?l=M)TCdW#ybwe$&%j5?YOyPZ5Lm(`6m@Fsw-nO}Dsvpsh;{Bm5n7UE?mMM_;G0QSv8+F3YAG=wL zOze))x~|?CEwK=SdObmXI}fpovZ%^|h=GU=a}g4eSLg=t} zM<15{Ulh}BGUPS90l1I=`ZuaZp}pVEm=W)7X1u`&4(LeW(%5oRzDxST&LBh=POzJB zOWph046wBRAYMA=g>!5Tvu!@Sxsd~x z)}|!YdwvlPcOb3XPw@B2;5^f&EY|BK6AW4+FVytXI71t}%1Ox-N!*=V^Diozo|363 ztHm)$yj)O%27{*ZU78aM2W{7%j^Xh%r^TFc%mmoGjIRX|f&5`VTwq`ncEjm~Y0ud< z@80op<1IKyiESA0=k{27{Tpq0GT~qKFXs77dDbVL|FN^Xu|+4~_J-wuv;=K^wf&j! zse%2%^S>JZSEny#s?q3Ieo+3utNmQ==lbup%?w(r=}kF{}1Awt!$leGH;7kA$7RL1uyg!bW>3%V=#e, 1999/10/18 +# +# Use it in such way: +# 1. Add such entry in transports section: +# +# rrc: +# driver = pipe; +# command = "/usr/local/sbin/rrc.pl \ +# ${original_local_part}@${original_domain}" +# path = "/usr/sbin" +# user = mail +# prefix = +# suffix = +# +# 2. Add shadow_transport in local delivery entry (or entries) +# +# local_delivery: +# ... +# shadow_transport = rrc +# +# 3. Enjoy :-) + +$who = $ARGV[0]; +die "Must be executed from Exim\n" unless ($who); + +while () { + chomp $_; + last if ($_ eq ''); # Empty row - the end of headers + if ( /^\s+/ ) { + if ($header) { + $headers{$header} .= " " . $_ ; } + else { + next; } + } + else { + ($header, $content) = split (/: +/, $_, 2); + $headers{lc($header)} = $content; + } + } + +if ( !($to = $headers{'disposition-notification-to'}) ) { + $to = $headers{'return-receipt-to'}; + } + +if ($too = $to) { # If there are delivery notification request(s) + + # Strip GECOS from RRC header + if ($too !~ s/^.*?<([-=+\.\w\@]+)>.*$/$1/g) { + $too =~ s/^([-=+\.\w\@]+)\s+\(.*?\).*$/$1/g; + } + + # Check is RRC header valid + if ($too !~ /^[-=+\w\.]+\@(\w[-\w]*\.)+[a-z]{2,4}$/io) { + $mailto = $headers{'from'}; + $x_to = "X-Invalid-DSN-To: $to"; + } + else { + $mailto = $to; } + + open MAIL, "| sendmail -t"; + print MAIL <<_EOM_; +To: $mailto +Subject: Delivery notification +$x_to\n +Your message + + From: $headers{'from'} + To: $who + Subject: $headers{'subject'} + Date: $headers{'date'} + Message-ID: $headers{'message-id'} + +was successfully delivered. I hope that recipient of your message will +read it and answer you as soon as possible. + +-- +Yours sincerely, + Mailer-Daemon of Sovam Teleport Ukraine. +_EOM_ + + close MAIL; + } +exit 0; diff --git a/config.samples/C024 b/config.samples/C024 new file mode 100644 index 0000000..1902e2d --- /dev/null +++ b/config.samples/C024 @@ -0,0 +1,24 @@ +From: Patrick Boutilier +Date: Thu, 23 Sep 1999 17:35:28 +0000 + +In case anybody wants to use a MySql database to store aliases this is +how I managed to get my site working. + +1. I added this line to the main section of +/usr/local/exim/conf/configure (where is the mysql password +for the exim user) + +mysql_servers = localhost/school/exim/ + + +2. I then added these lines to the Directors section after the +system_aliases director. + +mysql_system_aliases: + driver = aliasfile + file_transport = address_file + pipe_transport = address_pipe + search_type = mysql + query = "select userid from user where aliasid='$local_part'" + user = exim + diff --git a/config.samples/C025 b/config.samples/C025 new file mode 100644 index 0000000..aa7964f --- /dev/null +++ b/config.samples/C025 @@ -0,0 +1,39 @@ +Date: Mon, 04 Oct 1999 11:55:46 -0300 +From: Patrick Boutilier + +As promised here is the way I got Exim to delver to Cyrus mailboxes if +the user exists in the MySql database. + + +# This transport is for Cyrus + +local_delivery_cyrus: + driver = pipe + command = "/usr/cyrus/bin/deliver -m ${substr_1:${local_part_suffix}} +-- ${local_part}" + user = cyrus + group = mail + return_output + log_output + prefix = + suffix = + + +# This director checks if the alias is valid + +mysql_system_aliases: + driver = aliasfile + search_type = mysql + query = "select userid from user where aliasid='$local_part'" + + + +# This director matches local Cyrus mailboxes + +local_user_cyrus: + driver = aliasfile + search_type = mysql + query = "select userid from user where userid='$local_part'" + transport = local_delivery_cyrus + + diff --git a/config.samples/C026 b/config.samples/C026 new file mode 100644 index 0000000..1271c8e --- /dev/null +++ b/config.samples/C026 @@ -0,0 +1,104 @@ +Date: Tue, 12 Oct 1999 13:07:25 -0500 +From: mark david mcCreary + +Most modern email readers will now show any URL's in the body of an +email message as a clickable link. AOL also does this, but needs the +URL to be in the HTML syntax. + +The following configuration and program will allow messages going to +AOL only, to be filtered thru a Perl script. This Perl script will +convert any URL's to the HTML syntax. + +In addition, the transport will use VERP to send a unique envelope +sender with each message. + +It is useful for mailing lists. + + + +###################################################################### +# TRANPORTS CONFIGURATION # +###################################################################### + +# This transport is used for delivering messages AOL messages one at a time +# It will put their email address in the To: line +# It will create a custom sender envelope address that will allow bounces +# to be easier to track. +# + +aol_smtp: + headers_remove = +"To:Message-Id:Resent-To:Resent-Date:Resent-From:Resent-Message-Id:Resent-Bcc", +add_headers = "To: $local_part@$domain\n\ + Message-Id: +", + transport_filter = "/usr/local/bin/aol_transport_filter.pl", + return_path = "${if match {$return_path}{^(.+?)-request@.*\\$}\ + {bounce-$1=$local_part=$domain@$primary_hostname}fail}", + driver = smtp; + max_rcpt = 1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +###################################################################### + +filter_msg_aol_domains: + self = defer, + driver = lookuphost, + transport = aol_smtp, + domains = "aol.com" + + + + + + + + +###################################################################### +# /usr/local/bin/aol_transport_filter.pl +###################################################################### + +#!/usr/bin/perl -w +# +# This program will tweak the body of all email messages going to +# America On Line (AOL). +# +# It will change a plain text URL clause to an HTML version +# since that is how the AOL email reader works. +# +# For example, +# +# http://commerce.internet-tools.com becomes +# +# http://commerce.internet-tools.com +# +# or also with the https, mailto, and ftp prefix +# +# + + +$/ = ""; # set paragraph mode +chomp($headers = ); # read a paragraph, remove trailing newlines +$/ = "\n"; # unset paragraph mode + +printf(STDOUT "%s\n\n", $headers); + +while () + { + +s%\b((mailto:|((http(s?)|ftp)://)).*?)(?=(\s|:\s|\.\s|;\s|,\s|\?\s|!\s))%$1%ig; + print(STDOUT $_); + } + +exit; + + + + diff --git a/config.samples/C027 b/config.samples/C027 new file mode 100644 index 0000000..7c4ad7c --- /dev/null +++ b/config.samples/C027 @@ -0,0 +1,91 @@ +From: "Paul Makepeace" +Date: Sat, 16 Oct 1999 02:03:04 -0500 + +Quickstart: do everything following the # signs as root + +This is an FYI to demonstrate how to have exim work with SSL using the +stunnel wrapper and its underlying OpenSSL libraries and toolkit. It's +intended as a recipe; there are plenty of explanations about the underlying +technology (start at http://mike.daewoo.com.pl/computer/stunnel/ ) but little +up-to-date cookbook info (that I could find) and the manpages left me +guessing. + +My goal was not to compile anything. This unfortunately required me moving to +Debian 2.2, the unstable branch that contained these new packages. This note +is thus Debian-oriented but not -specific. + +Stunnel requires a X.509 certificate to operate and comes with one by default +in the Debian stunnel package. For my purposes though it was useless since +Outlook Express (and I'm sure many others) check the Common Name matched the +hostname it's connecting too. + +The certificate generation can be done in this four step process in lieu of +obtaining a signed one from Thawte or Verisign (not sure why one would do +that in this instance): + +Generate RSA key: + +## mkdir -p /etc/ssl/certs +# cd /etc/ssl/certs +# cat > README < this-email; # :-) + +# openssl genrsa 1024 > exim.rsa + +Generate Diffie-Hellman parameters: + +# openssl gendh -rand /dev/urandom > exim.dh + +Generate certificate using the RSA key without a passphrase (explained in +docs): + +# openssl req -new -x509 -nodes -key exim.rsa -out exim.x509 + +The important point here is to enter the hostname into the Common Name field +as it's entered into the mail client. Without this the mail client may +question you for every connection about this mismatch. The data to this and +other questions can be set up in /usr/local/openssl/openssl.cnf . The fields +can be given defaults by adding _default to the attribute name (examples +already in there). + +At this point create the stunnel-ready file by stringing those three +together: + +# cat exim.rsa exim.pem exim.x509 exim.dh > exim.pem + +Run exim in daemon mode under stunnel on the ssmtp port (and imapd to +complete the story): + +(suitably hack /etc/init.d/* as follows:) + +# cp exim.pem imapd.pem +# chmod 600 exim.pem imapd.pem +# chown mail exim.pem +# stunnel -d 465 -l /usr/sbin/exim -p exim.pem -- exim -bs +# stunnel -d 993 -l /usr/sbin/imapd -p imapd.pem -- imapd + +The name given after the -- on the command line is the name the service is +run as so using say exim-ssl would, since stunnel can use libwrap (of TCP +Wrappers fame), allow a separately configured access policy in +/etc/hosts.(allow|deny) + +To run exim in inetd mode (not recommended apparently because of the +connection cost) requires a adding 127.0.0.1 to the host_accept_relay +directive in /etc/exim.conf since stunnel invokes it through the loopback +interface. I suspect this actually would defeat the point of this directive +in practice if spammers ever figured out how to connect to an SSL MTA thus +configured... + +The magic line in /etc/inetd.conf is (as a single line): + +ssmtp stream tcp nowait mail /usr/sbin/stunnel exim -l /usr/sbin/exim -p +/etc/ssl/certs/exim.pem -- exim -bs + +...with in /etc/services: + +ssmtp 465/tcp # SMTP over SSL + + +Corrections & improvements appreciated! + +Enjoy, +Paul diff --git a/config.samples/C028 b/config.samples/C028 new file mode 100644 index 0000000..c2b92c1 --- /dev/null +++ b/config.samples/C028 @@ -0,0 +1,102 @@ +Date: Fri, 5 Nov 1999 02:30:38 +0200 (SAST) +From: Paul Sheer + +there is an FAQ question on this, but no examples. + +works with python 1.5.1 + +enjoy + +-paul + + +#!/usr/bin/python + +# Usage: +# exim-filter-mime.py ... +# +# Example: +# exim-filter-mime.py audio image/jpg video +# +# This script reads from stdin and writes to stdout. +# It strips all the mime attachments from a mail message +# that are one of the mime types listed on the command line +# +# Exim can use it in its configuration file, for example, as follows: +# +# remote_smtp: +# driver = smtp +# . +# . +# . +# transport_filter = /etc/exim-filter-mime.py audio video image +# + +# The attachment is replaced with the following: +def cheeky_response (part): + print "[File `%s' of type `%s' is meant to go here]" % (part.getheader('Content-Description'), part.gettype ()) + print + print "This host is restricted from transmitting %s files and" % (part.getmaintype (),) + print "hence this attachment was stripped from the mail message." + print + +import sys +import mimetools + +message = mimetools.Message (sys.stdin, 0) + +# Print out the header: +for l in message.headers: + sys.stdout.write (l) +print + +# Not a multipart message, so just dump the whole thing: +if message.getmaintype () != "multipart": + l = " " + while l: + l = message.fp.readline () + sys.stdout.write (l) + sys.exit (0) + +# Mime boundaries: +boundary = "--" + message.getparam ("boundary") + "\n" +lastboundary = "--" + message.getparam ("boundary") + "--\n" + +l = " " +while l and l != boundary and l != lastboundary: + l = message.fp.readline () + sys.stdout.write (l) + +while l and l != lastboundary: + part = mimetools.Message (message.fp, 0) + if part.getmaintype () in sys.argv[1:] or part.gettype () in sys.argv[1:]: +# If it is of a type on the command-line, do not write the header or body, +# just skip over till the next boundary... + l = " " + while l and l != boundary and l != lastboundary: + l = part.fp.readline () +# ... and then give a cheeky replacement: + print "Content-Type: TEXT/plain; charset=us-ascii" + print + cheeky_response (part) +# write the boundary: + sys.stdout.write (l) + else: +# if it is anything else (like text/plain, application/octet-stream etc. +# then write the header... + p = "" + for p in part.headers: + sys.stdout.write (p) + print +# ... and then write the body + l = " " + while l and l != boundary and l != lastboundary: + l = part.fp.readline () + sys.stdout.write (l) + +l = " " +while l: + l = message.fp.readline () + sys.stdout.write (l) + + diff --git a/config.samples/C029 b/config.samples/C029 new file mode 100644 index 0000000..e77e752 --- /dev/null +++ b/config.samples/C029 @@ -0,0 +1,78 @@ +Date: Thu, 11 Nov 1999 16:20:13 -0500 (EST) +From: "Dave C." + +1. The standard way to connect one's MTA to mailman (and for Majordomo +as well) seems to be to add a set of aliases for *every* list one +creates. Once upon a time, I crufted a set of configs from Smail to +work with majordomo, to automaticaly recognize the standard patterns, +for all lists in existance. I have long since switched to Exim, and +have recently installed Mailman to test on my personal workstation in +preparation for installing it on our main system. To get to the point, +I have setup a set of transports and directors for Exim, which will do +the same thing. + + +########################################################## + +# +# Transports: +# + +mailman_post: + driver=pipe + command = "/home/mailman/mail/wrapper post ${local_part}" + user = exim + group = mail + +mailman_owner: + driver=pipe + command = "/home/mailman/mail/wrapper mailowner ${local_part}" + user = exim + group = mail + +mailman_request: + driver=pipe + command = "/home/mailman/mail/wrapper mailcmd ${local_part}" + user = exim + group = mail + +########################################################## + +# +# Directors: +# + +mailman_post: + domains=lists.whateverdomains.com + driver=smartuser + condition=${if exists{/home/mailman/lists/${local_part}} {yes}{no}} + transport=mailman_post + +mailman_request: + domains=lists.whateverdomains.com + driver=smartuser + suffix=-request + condition=${if exists{/home/mailman/lists/${local_part}} {yes}{no}} + transport=mailman_request + +mailman_owner1: + domains=lists.whateverdomains.com + driver=smartuser + prefix=owner- + condition=${if exists{/home/mailman/lists/${local_part}} {yes}{no}} + transport=mailman_owner + +mailman_owner2: + domains=lists.whateverdomains.com + driver=smartuser + suffix=-owner + condition=${if exists{/home/mailman/lists/${local_part}} {yes}{no}} + transport=mailman_owner + +mailman_owner3: + domains=lists.whateverdomains.com + driver=smartuser + suffix=-admin + condition=${if exists{/home/mailman/lists/${local_part}} {yes}{no}} + transport=mailman_owner + diff --git a/config.samples/C030 b/config.samples/C030 new file mode 100644 index 0000000..5fb2faf --- /dev/null +++ b/config.samples/C030 @@ -0,0 +1,55 @@ +From: Marc.Haber-lists@gmx.de (Marc Haber) +Date: Fri, 12 Nov 1999 10:52:21 GMT + +I am currently configuring an exim for a site that will to mail +hosting for several domains. I want the domain holders to have control +over "their" alias files, being able to create their own aliases. +However, I don't want them to have postmaster, abuse and other role +accounts under their control. + +Here are my directors: + +local_roleaccount_aliases: + driver = aliasfile + include_domain = yes + file = /etc/roleaccount_aliases + search_type = lsearch + +global_roleaccount_aliases: + driver = aliasfile + include_domain = no + file = /etc/roleaccount_aliases + search_type = lsearch + +domain_aliases: + driver = aliasfile + requrie_files = /etc/domain_aliases/$domain + file = /etc/domain_aliases/$domain + search_type = lsearch + +That way, I can have /etc/roleaccount_aliases say + +abuse@some_hosted_domain: them@their_address.example.com +abuse: me@my_address.example.com + +If an address is mentioned in /etc/roleaccount_aliases, specifications +done in a domain alias file are ignored, e-mail to role accounts that +are not explicitly stated with domain in /etc/roleaccount_aliases goes +to me, and I can have role accounts for domains that I trust aliased +to their own administration. + +Please note, however, that I use /etc/roleaccount_aliases as aliasfile +in two directors. One of them has include_domain = yes and the other +has include_domain = no. I believe this is the only way to have fully +qualified addresses _and_ unqualified "catch-all-domains" addresses in +a single alias file (having abuse@* with include_domain=yes doesn't +catch any addresses). + +I don't know how exotic this setup is, but I believe it does what I +want. If other users need something like that, too, I think it would +be good to have a new option to the aliasfile director that makes that +director catch qualified and unqualified addresses. + +If the FAQ maintainer finds it useful, I agree to have the setup +mentioned above put into the FAQ as a recipe. + diff --git a/config.samples/C031 b/config.samples/C031 new file mode 100644 index 0000000..dcdb27d --- /dev/null +++ b/config.samples/C031 @@ -0,0 +1,84 @@ +Date: Tue, 23 Nov 1999 02:49:32 +0200 +From: Vadim Vygonets + +Something Hans Matzen and I did. + +# These are config file snippets for handling certain remote +# addresses as local, and making only real external addresses +# visible to users. + + +# Copyright (c) 1999 +# Hans Matzen , +# Vadim Vygonets . All rights reserved. + +################################################################# +# These are config file snippets for handling certain remote +# addresses as local, and making only real external addresses +# visible to users. +# +# First, adjust values of the following definitions, which will +# be used in configuration snippets below: + +EXIM_DIR = /var/exim +LOCAL_DOM = home.dom +LOCAL_NET = 192.168.0.0/16 +SMART_HOST = cc.huji.ac.il + + +# The scheme is to use global addresses everywhere, which is done +# by rewriting envelope sender and all headers, using a dbm file +# EXIM_DIR/in2ex, which maps internal local parts to external +# e-mail addresses using entries like: +# user: someone@remote.dom +# +# To do this, it good to hide hostnames in all envelope and +# header addresses first, using this rewriting rule: + +*@*.LOCAL_DOM $1@LOCAL_DOM Eh + +# Then, rewrite envelope sender and all headers to external +# addresses with this rule: + +*@LOCAL_DOM ${lookup{${lc:$1}}dbm{EXIM_DIR/in2ex}{$value}fail} Fh + + +# This means that envelope recipients must be somehow rewritten +# back to local addresses, which is done in one of the two +# proposed ways (you choose). +# +# One way to do it is by rewriting, using a dbm file +# EXIM_DIR/ex2in, which maps external e-mail addresses to +# internal local parts using entries like: +# someone@remote.dom: user +# +# This is done with the rewriting rule: +# +# *@* ${lookup{${lc:$0}}dbm{EXIM_DIR/ex2in}{$value@LOCAL_DOM}fail} T + + +# The preferred way to do it is by treating certain e-mail +# addresses on remote domains as local, using route_list and self +# options to the domainlist routers, looking up e-mail addresses +# in dbm file EXIM_DIR/ex2in and throwing values away. This is +# an example of such router. It should probably the only router +# in the configuration. + +smart_route: + driver = domainlist + transport = remote_smtp + route_list = "* ${lookup{$local_part@$domain}dbm\ + {EXIM_DIR/ex2in}{@}{SMART_HOST}} bydns_a" + self = local + + +# Then, IF local parts of some of your users are different in +# their internal and external addresses, it's nice to have the +# internal_adjust smartuser director to rewrite the address. It +# should probably be the first director. + +internal_adjust: + driver = smartuser + new_address = "${lookup{${lc:$local_part@$domain}}dbm{EXIM_DIR/ex2in}\ + {$value@LOCAL_DOM}fail}" + diff --git a/config.samples/C032 b/config.samples/C032 new file mode 100644 index 0000000..18939d0 --- /dev/null +++ b/config.samples/C032 @@ -0,0 +1,15 @@ +Date: Wed, 24 Nov 1999 03:06:19 +0200 +From: Vadim Vygonets + +Exim Nervous Mailbox Quota Suite version 1999-11-08 + +This is the Exim Nervous Mailbox Quota Suite. It does not impose +hard quotas on users' mailboxes, but it makes a user nervous by +putting all his mail in a secondary mailbox, inaccessible to the +user, when he is over his quota. When the user clears his +mailbox (i.e., deletes mail to make his mailbox below the quota +again), mail from his secondary mailbox is transferred back to +his primary mailbox, in FIFO order. + +The files that make up this configuration sample are contained +in C032.tar. diff --git a/config.samples/C032.tar b/config.samples/C032.tar new file mode 100644 index 0000000000000000000000000000000000000000..1cf958fe6959ef5cb7aa124931631530cfde8c8b GIT binary patch literal 30720 zcmeHPYf~FX*3MVvSF|w|AOT&td2PoILdaOPAQ4H}ajiGW!> zj(@%>Jt&p;_O{DAJA7W=Dwnpt+5Ku5WdM)E$PRGiwcU5$W}fFi-ds7(Aph`x|8FOe zf3a1o9G=v^0!gKEskFDVbBp}T+q+v2ME+Z)z4F!$^`pF9+S&T1^c8TK0r@wVe+}|i z4JWwv$Dum0-NCv4PW?oGpxR?Ma@4gGgs$(Y^23J@H_PSC(myOqeW$AaXcD-WSCLxl zt;{nV zf9>}1A-b|7{LcZL!N9+9y-U^ey}rv$A)#>J(1{-LbGeX1EmZzRj8o6=Vb2hNT4b=do5=?rmkT;DJ_|Y5K?$8OyBegY)2oB6}Bt`^u z_Qzn@*TIDn0c1l}-|vlwju#2TNkb9x@bNxSLpyQ;*B*o^<3(UZD=TUtZo2@rgE+B| z?>&3ykU!H31RkcZMGWL6c&OFJ4@7w2_0XQEbBFo^Vf)JQ`gjL`0Z|$H&|}S`C{%sm z2rX0>c%fwz`WMj+G{8_uoS|GQ963Fz7Ph+7xqwRLY4r+e6R{$9p4Z!|-F()0S!vZ2 zKA*OlFY1T2Lv`>h!F2+H4Cn zl6F{cSC1?8liDFHyWYUTs`jGR=&1Jd%JFfYQ~;Zz^q>YTD+k8{PL2YlhxJyi+965l zrz&^{1dlgV`?OZA^F!_D8u(CYz1kp80JdHG=?shTlB6D1PAW&Wwp#lLXCRpBS*vzJ zoWYCs*+IKg@0@jN>ZsW~Y!ei~w`;8z^=hsCSRFShglFokUE9DRor)X}DBu`gW9`9N zyDq$|H#)Ue>+G~sZ#LEm=y~%cm;+=h*nKE`ZZ<@^kWaJqig3vf5yOUh`Miebkat6K ztwOG}p(oW2p=DO$RA^2oL#%4lj*ja`wMMl@oSFpmvfi$(t4ga5{Ei5fdiApMN@#@A z;B+h_W%^@Ag~4t}Rn?!V%Ha!uIgA%W7ut2BH_c~+)IO^|H{35+)^}g}V_9Hht9f`< zB^xcPLvzP}^bjA5R8+}G^?fI#=T+`-3>P-y7?I&lIz(HA4t+U;lYzE@=XS5>z&D%^;Ea9onmiGK z>k6I&L;wOpMIfLAD`5SS??@q+s@}k{gOCd>16QrN1*fn9$2D*wASoySI#Et=V%R=+ z5ZeTjfVS*Q1gP~5y+Pa^DVV`q7#!GMc;N&A9OJp&dkgF>E{5wH=15e}>d%_+tnj0E zBl1eSeRd*t)3z)G-&g)v1!GSOe4A3U5o`wtIM>c#!jLeu2kNX*|5=5TFmi@K1EI15 zw?A-)kO92?*t@YkrU0Q6ja|^hG{U94B^rm4+Sp-;P)6;tkxD3$ab7_rGob6YDbw=_ zJW>6md(>*4ovO8QIEG$KxVMK7IPMMe=~c#^Hx$z4W zz#oB}jqK+#@W-Rf0iX*}5=xDb>Z>fac~qfaZtqGB5RPFlqD`)VH7W!mAxtO`SV$2w z>}qO&?gkW(Dn9T*MAs}5q9SU=$PXg24f!E7jtjvfhH6o=E&`|5jjoW~UHJo~T)tL+ z(zFJ4FJ$^*n8l-G z+pJ$eOsm?XM8O!@+yvSQQpcbb`K!(w!wc04m~*aa3fE;6xOa^KJwk zv%zfb^(^rx9=PD^Rh!qYPfPW^?-5yA`=V2YzCVPY6K5`zU{}u`qj<1j2FVHCWN#u; zEq!RLh?t7&TUzaswTZ%NZc$s~vl8`H(T!ujh3kX5SXWRs1Od^j5R`}mVD=w|_N9~` z#EANlas&`77f5a`>JN~D2H1W2+SovhF{D^&o$sd37XDoO2nGWhD_oooY&n8dBIgbj zQ-rR1S56NE5VO$zUCb|oWzI{JH29qhOH^0l4Hp|RYRn9*d<+xTjo~I`v6avhvnN!) zvi5-`n{q=C(_+FIuxQ8@hT6BiOT#YV`nlhqplXBR_3_g2P$g{o7n@-6HEJYfM-hV# zv>`<5P9GzB5=%R$RWN}hW~K~|l@}g3j6eac+&~e&QKG;O8G+ZQtCqt|2=9uX%8J;V zh(#vQ^@7`U4MNE?k|)ja`4T;7873;H(F87*bxSw~55-HZ+3Q+>bFvCiPtEnU^L6Gg zJy<6SAn~MWu@c*t=7Wjx@W+U$zxwCkV+VRM|D~=i2@;`L%D8ZRfojM_?Pp1eEj1AI z$k(URPcu-m)Y3@74eq%V>vA(@we0+ZF#Y^;Q zhG_FOEX_J-33CqO>_nslYxfbqLTiQ-T7Gzqa2m5LR$}0l%jS%*5)?&h#yi9hO>Sr^ z+l*EwsU(Ocp)<#MnXC@UQ-mO#S(j`FTGQ@CNsfu6MwjU`G|~*5;V7Db`E|`?ga@z@ z3L7Hqxfj`Uk^qErLf|maOn}!-yca*tJH=$j@OzS}gzlvWAyTp6M5J^OJ>6utH;Qw} zIM<;LZ`Df#z%o0&`E*SiW^ehzgLoM}oxbYNGF`Bx<7=KCbAJs8mn~mFhng z@=rPs7K_j7M`ta04JjVipee|rYjJV{t8jFVAyH6RLKUzBa9Z<46^z-$u6}~!b_=SFtdZ&!yT`;cWPnr1 zFl^sL(2^<;v3!8W5t3bb28Se$2YhmdYfS94sxzh*-(5aAJ(o>)ktO1hm1Yl&orBu2{8=n#4@HeTqju~XkkTs zW}1rv(FbG(oHugB=g>2Qt*r0c&JfW9-82@uSo@Cx{O&{@`G}~F4itb+^9lG67{Da( zWEFAEMtLxpfX9f?vVtTDE~9YLL;c`i;?2|!PgT$kMSmAnpxJmQM%6s%RO$`3M%V>` zan;%#g?3FFeTNOzs-2?4!nX%!M{V>&I#rN*!rEl$JhF0aZuNs)9_?SF?Oj0M`)R?N zxn}rpec+_`Ke6%MIjSGN|0(T0*xpO;fA)A!RNmg(!m~TaWDdZ;`TfuRFa5FZ!%t`G z*(LpR-}+L(_bq@vb%KG~HFqA?X{~kKJ*YR9o~YtD42qJq7tz}(!tV}txq&vyUYOJ` zNe+v;6~30218~~s6Lit6lS=*gp!sw6r?Y0K0)RWEhkFDdUQQ|jrmqsNtR#M69fOH} zAWfk733eWuJ_HIKsf6Iz(EiZHG1`bGp$zrrcC}SM?R3%fCNXg1MOtD}N2ZX7Di5lA6FGH%==c#d93FqVxq(luyh-(tFCdbNLAC zBY)hx+CVb^X%-^;&09QcpbXM2QT9d!mTqd-!6a5pcq{!G-9H4A5rCNlu0dJQ_q?yr zaAwe*UKaUiFypj!UT#8pi4@9qRF1s-BWq}PkAz%&(6xPnhb|StnntaLd$2AEC3CV{ zz<@9P5%Q(ViaQCC3+db_uAfj#jC`bA@Jn~%lsc8x5pME8PMkZX`C2|RO>u&WK&O`m9dKYTb zx}Q86+3(cmjb&l?Ben8}A@IFrVJ(s!d4kRF@s3EpSAVL@-`$aVO10L*Lj^1?T>frZ zyuR?TX)_qA&EO&f4n!dZ{I0-XR=$h(XdZ3W5Vd3raYD`o_aE8$5hBjz$Zau&W?=w%lgdUX7$n!x%QvP?`iI#wInvL zzBhp_ZIy!KGrIEV7X6v#=jT(Cgh8Pt`D+f{@=oGox>WwWZEYG3(+%mfIlE%P%JTS+ zIqRlmDvPI{m>o+$%yLl+V)i-AB2y4PN^Q*;-!zwn6O0WhUHoefrZEv8qbOd7&^@&j zf6swBMeVKhqYO*zM=(x#pW>Z9n{&>m)0wdWft~p~kw%uoS`OJK8Ecq&oC=0+FC&@6 z3;tz?k{Efy^5n@JX2c>&7BeZDv+mP`v-CqkWlV^AI`wECL%8%4%Fxt>7iU$Ste;ad zeeNTv|Ma})ocYi4*48d&J~97U-r2%J0@zaqAg50~!3z9*X_lz>BUhaJ)4^0#o86vv zu9Z4>^&Mo8g3fK&V0`BgLqLa33^Q@8>!i}bSkYWm@DSL@tEPwC9}}0#9-%RZPBup% z#6z$N$V(10p1>P;$3~|&?tG&QCt&V`$1G{&l6UH8)YAIuU)N#r$?PghnN3F}buAj( z6CieBqt^>a=qAgBp}B$@d$_fgGKBLSQk&y9%1Blw8Z^P_OO?R+ZH#I>1Q@JE@n6L)z#@_mgu4dQc%GmIjVJK))Q<-?#zNtR^dg0`7u5mQ)&y zp0dC+0xnXBGrFE=*1Em%zzzUNcfef_lPj2dz-~Q#F^wn2S%6#5AF|p4|9qKXh%bdO ze{cgx_&-Px>B{9_A1Z)0<*X2fqk%&}=?%YbkKC~94-7R1I_FGAIRIz&K31pcx%*i5 zJ3Re{y5_v=Nf`>=qBa0da<`7V1{s8c_~I*A4q0NHCs7%FF(0?9^#u@!5(y{wub9(S zeU5Pk>Io%*W;N?`JmoJu({7AmcYnXQ@`v6{F}&waEul%b4?F4FeNJ9D9&Yvgk<*QQ z^91v~V~nzcM!8;lSaHznnPMp;h1(Xl$LGIdHs%p$s`P9PEDc}?NGvrz9b&V` z5l(@gB9EOUGdoa$tXAWK-VDnY3=r6f8AyzJlFw@I)6_Nz~(BGpD;v%5otM5Ol=<0 zQ-gLgw;-qR?qOY-SVD(<8O6qi*i#3;^qd~{B68q< z)aiEt2>Pg-tOgP6Pw2wkDfV1mfh{@B>gFf9rc9JN3BOK+5Pgy)8IR@$4F-0mFlK3* z6Bl!*&RAE>yaZ#d8L=RQb2%|k1I%!n5d_9P5o16r$KvR`s8|?J)`M}HLlV8=+{K!+ zEHW`JQRx}Rs5M-E>+i&1G)XIw=n$d6#1l`6cZt~NFg#v2#psU*`!sHX`!S5q4fTc> z4Ezw%a>qwNzUn5?nejly4C@BC5=Taeb;$xmX|9+n{OOEAGq{_|^T|gUEJ`8MDXHRS zbls>r&46lfPiFoX7cTLOw*IOOQfB6~B0)@T_2teE znF;JQp4y9d$nURSjp39`LH6Nd%v58QY4m9TBV4^`rzN!)ZcCV1n%o3636^lMc?9nV ztGhFzU~b18>CSNy4i499GSO#a8k32o_8~F@1QCccz^L1hm!&XRz**KtrB{c`OyBgk zBF>@sX8KE@%493$WoVY~62$Xp0E7v5896$4FaWH_$ZfS8I)jTRazqMxjrUPlB3HJ$ z%E?|cbDqZJV@a)`b;OJZ&5613EFba1oGFVzzz}bli;Ap#Bx9B@7Xk-EzbPD2vzv8W zQ{GCpF(|+ne8|FMH-%-qv~%CVndI@xSba<}27q+p+_eX;9dZ-C5l;+(jMm&4!_TetU@L~v)Tckd_X@E9rz?t zrvZHh@2%@6{T&*7iv``KoXh6)QwLv9oATq*R>8$2e(1YfwU;e?-Eevh6pap?s>T_R zc=6q|mi|I(bFt+UIFRZ8ixHG|KER*5iL%Pq3|DFK_v|u)oD)HeOCdwnV zobah=7A>#;>%qU(4@#3Slyo@0Gh3@#E49XpKUO&-v-%!%gNvCvQSuOzE9w+qazl#_ z->kB9%wJoUaUeA4|4gRT+%`z@)azNiaMqx@QSSfZIX@krZPo{B_>3_QI%n-~hQMhQtzc8g@=B7PA+)yQ^ zC#~8QcXe4kE%u%3qBkB4EWzvpD*Pp{=Gi}yxV!A{qxs*~Hgi5b|54s5!55UuyF2AY z{`Vzv{nWkr{BMON@)DA@6^yyQ_*d!QNZ?G*StodLJ_xOqwaoC6`h0EpoN|!L>JQay*=1e(F1A>US z5U+a!_TGTeWBM;4?u_4M2MHzV-kAJ#27DVkLCO_`F;CZ7H`z?F#i{mfc!GG!>YhFV z44%6IBnVw{sAgTgf%C>5&Uu@mFQ+Lp?^6xY)qrq6t9EK7RqXkCm%N{=d6te)iK>ws zM(6SxmaG&cG76Crm`YK^m>hkJ7?byN#W+o7BJx{cCGY2x`C(#WzNZLHTky>LL@pRc zPYff&hge#l>LM5G793b`V8MX}2NoPyaA3iK1qT)!Sa4v$fdvN^99VE*!GQ$_793b` vV8MX}2NoPyaA3iK1qT)!Sa4v$fdvN^99VE*!GQ$_793b`V8Ma^N)G%VXz9rS literal 0 HcmV?d00001 diff --git a/config.samples/C033 b/config.samples/C033 new file mode 100644 index 0000000..525e82b --- /dev/null +++ b/config.samples/C033 @@ -0,0 +1,49 @@ +Date: Mon, 29 Nov 1999 15:30:27 +0000 (GMT) +From: Ken Bailey + +>i am still watching for a very conservative vacation recipe. + +Anyway, here's our current one - + +###################################################################### +## autoreply/vacation transport +uservacation: + driver = autoreply + user = ${local_part} + once = ${home}/vacation-once + file = ${home}/vacation.txt + log = ${home}/vacation.log + return_message = true + text = "\ + ------ ------\n\n\ + This message was automatically generated by email software\n\ + The delivery of your message has not been affected.\n\n\ + ------ ------\n\n" + to = "${sender_address}" + subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {I am on vacation}}" +## + +###################################################################### +## This director handles the automatic return of a vacation message +## vacation director....## + +uservacation: + driver = localuser + transport = uservacation + require_files = ${home}/vacation.txt + # do not reply to errors or lists + senders = "! ^.*-request@.*:\ + ! ^owner-.*@.*:\ + ! ^postmaster@.*:\ + ! ^listmaster@.*:\ + ! ^mailer-daemon@.*" + # do not reply to errors and bounces or lists + condition = "${if or {{match {$h_precedence:} {(?i)junk|bulk|list}} \ + {eq {$sender_address} {}}} {no} {yes}}" + # carry on checking regardless of the outcome of this director... + unseen + no_expn + no_verify + user = ${local_part} +###################################################################### + diff --git a/config.samples/C034 b/config.samples/C034 new file mode 100644 index 0000000..4ef6ecf --- /dev/null +++ b/config.samples/C034 @@ -0,0 +1,199 @@ +From: Mark Morley +Date: Sat, 11 Dec 1999 10:45:38 -0800 (PST) + +This is a HOW-TO for setting up Exim to support SMTP authentication under +different environments, including regular password files, PAM and NIS. + +The goal is to allow local users to relay without requiring authentication, +and disallow relaying by remote users UNLESS they authenticate. If a user +authenticates then their username is included in the log file entries so +they can't abuse your server without incurring your wrath. + +The first thing you need to do is make sure you enabled the right things in +the Local/Makefile before compiling. You will need the following line: + + AUTH_PLAINTEXT=yes + +And possibly this line: + + AUTH_CRAM_MD5=yes + +If your server uses PAM then you will also need this line: + + SUPPORT_PAM=yes + +Next you need to edit your configure file. To achieve our goals we need +to set three entries: + + host_accept_relay should list those hosts that are allowed to relay + without needing to authenticate. This is normally a list of your + local IP numbers. + + host_auth_accept_relay should list those hosts that are allowed to + relay so long as they authenticate first. We just set this to "*" + to allow authentication from anywhere. + + If there are any hosts that you REQUIRE authentication from, even if + they are listed in host_accept_relay, then list them in the auth_hosts + setting. In my case I only have one IP listed, and that's the one I'm + using to test authentication with (ie: my personal static IP number). + +Next comes the potentially tricky part. You need to edit the AUTH section +of the configure file (it's the section right after REWRITE). You need to +create an entry for each authentication method you wish to support. + +The first authentication method we'll create is called AUTH PLAIN. It is +the method used by Netscape Messenger for example. With the PLAIN method +the client sends a command like this: + + AUTH PLAIN AHVzZXJuYW1lAHBhc3N3b3Jk + +That third item there is actually three strings, separated by nul characters, +and then base64 encoded. The first string is not used here. The second +string will be the username, and the third string will be the password. + +The entry for AUTH PLAIN will look something like this: + +plain: + driver = plaintext + public_name = PLAIN + server_condition = ???? + server_set_id = $2 + +The tricky bit is deciding what the server_condition should be, and that +depends on whether you are using PAM, NIS, plain password files, etc. The +server_condition string will be expanded, and if the result is "1" then +authentication is successful - if it's "0" then authentication failed. + +At the point where the string is expanded, the username is stored in $2 +and the password in $3, so we just need to perform whatever lookups and +comparisons are necessary to validate the user. + +For example, here's a server_condition that works for a specific user +named "bloggs" with the password "freddy": + + server_condition = "${if and{ {eq{$2}{bloggs}} {eq{$3}{freddy}} } {1}{0}}" + +But a single hardcoded example isn't all that useful (unless you only want +a specific user to be able to authenticate). Here's one that works with a +non-shadowed NIS based password file: + + server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}} \ + {crypteq{$3}{${extract{2}{:} \ + {${lookup{$2}nis{passwd.byname}{$value}{*:*}}}}}}}{1}{0}}" + +That's a tad more complicated! At the heart of it it performs an NIS lookup +on the "passwd.byname" map using $2 (the username) as the key. If the +lookup is successful then we get a typical passwd file entry, otherwise +we get the bogus entry "*:*". From the result it extracts the second field +using a colon as the delimiter. This results in either the user's encrypted +password or "*". It then encrypts $3 (the plaintext password) and compares +that against the extracted value. It also checks both $2 and $3 to ensure +that neither is a null string. If the whole condition is true then it +resolves to "1", otherwise it resolves to "0". + +If your server uses a shadow passwd file with NIS, then you simply need to +change the map from "passwd.byname" to "passwd.adjunct.byname" or whatever +name your system uses. + +If your mail server uses a traditional passwd file, you could probably do +something like this (untested): + + server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}} \ + {crypteq{$3}{${extract{2}{:} \ + {${lookup{$2}lsearch{/etc/passwd}{$value}{*:*}}}}}}}{1}{0}}" + +If you use shadow passwords you could change the "/etc/passwd" to +"/etc/shadow" or "/etc/security/passwd.adjunct", etc. + +If your mail server uses PAM, then the condition is much simpler: + + server_condition = "${if pam{$2:$3}{1}{0}}" + +Since Exim has built-in PAM support you don't need such a complicated +string expansion. + +So now we want to add a second authentication method. This one is called +AUTH LOGIN and is used by Outlook Express, among others. This is similar +to the PLAIN method, except that the client expects the server to prompt +it for the username and password one at a time. + +Here's the basic entry: + +login: + driver = plaintext + public_name = LOGIN + server_prompts = "Username:: : Password::" + server_condition = ???? + server_set_id = $1 + +The primary difference from the PLAIN method is the server_prompts setting, +which is a colon-separated list of prompts to issue to the client. According +to the AUTH LOGIN specification, there should be two prompts and they should +always be "User Name" and "Password". But Microsoft is never content to +leave things be and this will only work with Outlook Express if you use +"Username:" and "Password:". The double "::" is needed to escape the +trailing colons. + +After the prompts are issued and the client has submitted it's responses, +the username will be stored in $1 and the password in $2. You can use the +same server condition that you used for the PLAIN method, just change the +$2's to $1's, and the $3's to $2's. + +Both the PLAIN and LOGIN methods transfer unencrypted copies of the username +and password over the 'net. This is not the most secure way of doing things +(although the fact that it's base64 encoded makes it a bit more secure than +the way the same data is sent for a standard POP session). So there is a +third method you may want to support called CRAM-MD5. This is the method +used by Eudora for example. + +CRAM-MD5 never sends the password at all. The server issues a challenge, +which the client encrypts using the user's password, and returns to the +server. The server performs the same encryption. If the two strings +match then the client must have used the same password and therefore it's +safe to authenticate them. + +The problem with CRAM-MD5 is that in order for it to work, the server must +have an UNENCRYPTED copy of the user's password. With most typical servers +this isn't possible, since the passwords in a UNIX passwd file are normally +one-way encrypted. + +So unless you are willing to maintain a separate database of plaintext +username/password pairs for those users who want to use CRAM-MD5, it's +of little value. + +In our case we use Qualcomm's POP server software which allows Eudora +users to send email via the POP server itself (via the POP XMIT command), +so SMTP authentication isn't really needed for them anyway. + +So that's that. Whether it's via SMTP authentication or POP XMIT, the +majority of our users can now relay through our mail server regardless +of where they are connecting from. + +Now there is one problem, in my opinion, with this whole setup. Certain +email clients (eg: Netscape Messenger) will notice that your server now +accepts authentication, and will assume that it's required. That means +that even users on your local network will suddenly have to enter their +password whenever they send a message. + +While this works, it causes a lot of confusion for people who have never +had to do that before. To my way of thinking it would be better to hide +the fact that authentication is supported when the client is connecting +from a local IP number. + +To do this you must make a simple modification to the Exim source code. +On line 1943 of src/smtp_in.c (Exim 3.12) you will find the following +condition: + + if (auths != NULL) + +Change it to this: + + if (auths != NULL && (host_must_authenticate || + !verify_check_host(&host_accept_relay, FALSE))) + +And recompile. Your server will now only advertise the AUTH capability +to clients that are required to authenticate (ie: they are listed in +the auth_hosts setting) or those that are NOT listed in host_accept_relay. + +mark@islandnet.com diff --git a/config.samples/F001 b/config.samples/F001 new file mode 100644 index 0000000..fd21954 --- /dev/null +++ b/config.samples/F001 @@ -0,0 +1,35 @@ +From: Ephraim Silverberg +Date: Tue, 17 Feb 1998 12:55:55 +0200 + +We're using Exim 1.82 and have written a message filter to intercept spam +messages that RBL doesn't catch. Since we have met with reasonable success +since installing (and refining) the filter -- 566 genuine spam messages +intercepted during a time period where there were 67 RBL rejections -- I +thought that the rest of the list may be interested in reviewing our filter +as a starting point for their own system message filter. + +There are a number of caveats, however: + +1. The suspected spam is not automatically rejected as RBL hosts are, but + is saved to a folder that should be read/writable by the mail + administrators. The reason for this is that the filter catches also + some legitimate mail and these messages should be bounced to their + originally intended recipient(s) (ala X-Envelope-To:) and the filter + refined and/or the databases (described below) updated. + +2. My filter traps blank/non-existent To: lines as well as To: lines + contained in From: lines, but firsts exempts the following categories + from this check: mailing lists, local mail, mail originating in the + country (e.g. in our case *.il) and mail coming from autosupport servers. + +Beyond implicit checks, it uses four DBM databases: two that exempt the +message from any spam (beyond RBL) checks (software servers and strange mailing +lists need to be here) -- one based on $sender_address and the other on +$header_to: lines -- and, conversely, two databases for known spammers that +have valid mail headers that aren't caught by implicit checks. All entries +in these databases are lowercase so that we don't need two lines for +'friend@public.com' and 'Friend@Public.com'. + +The sample filter package is at ftp://ftp.cs.huji.ac.il/pub/exim/spam_filter/ + +Comments and suggestions are welcome. diff --git a/config.samples/F002 b/config.samples/F002 new file mode 100644 index 0000000..dc97351 --- /dev/null +++ b/config.samples/F002 @@ -0,0 +1,98 @@ +Date: Tue, 03 Mar 1998 15:45:24 -0500 +From: Dan Birchall + +History: + +In early 1997, I wrote a little PERL program which refused +mail from unknown addresses until they mailed me promising +not to spam me. (This ran on my account as an end-user +solution.) It was very effective, but didn't scale well. + +Recently, I'd been thinking of adding some similar +functionality to my Exim filter file. Someone on another +list mentioned that they were going to work on doing the +same in their Sendmail config, and since I'd already +thought through how to do it in Exim, and knew it'd be +slightly easier than falling out of bed, I went ahead and +did it. I mentioned having done it, and Piete bugged me +to send it here too. :) + +Structure: + +There are two (optionally three) flat files involved, plus +a system-wide filter file and one (optionally two) shell +script(s). + +The first flat file contains a list of recipient e-mail +addresses handled by my server, with parameters stating +whether they do or do not wish to be afforded some degree +of protection from spam through various filters. An +excerpt: + +djb@16straight.com: spam=no +djb@mule.16straight.com: spam=no untrusted=no +djb@scream.org: spam=no relay=no untrusted=no + +Various filters in my filter file read this, and based +on the values of certain parameters, will take certain +measures to prevent spam from reaching an address. This +particular filter works on the "untrusted" parameter. + +The second flat file contains a list of IP addresses for +hosts that the server has been instructed to trust. (At +this point, this is a system-wide list; if a host is +trusted, it's trusted for all addresses. It should be +fairly similar to arrange for some sort of user-specific +list, but I haven't had the need.) An excerpt: + +206.214.98.16: good=yes +205.180.57.68: good=yes +204.249.49.75: good=yes + +The filter is as follows: + +if +${lookup{$recipients:untrusted}lsearch{/usr/exim/lists/shield}{$value}} +is "no" +and +${lookup{$sender_host_address:good}lsearch{/usr/exim/lists/good_hosts}{$value}} +is "" +then freeze endif + +Basically, if $recipients is found in the first file, with +an "untrusted=no" parameter, and the sending host's IP +address is *not* in the second file, or does not have a +"good=yes" parameter next to it, the message is frozen. + +I then come along as root and run this script, with the +Exim message ID as the only argument: + +echo -n `grep host_address /usr/exim/spool/input/$1-H |cut -f2 -d" "` >> +/usr/exim/lists/good_hosts +echo ": good=yes" >> /usr/exim/lists/good_hosts +sendmail -M $1 + +This adds the sending host's IP to the good_hosts file and +forces delivery of the message. + +Options: + +The other optional file is a blacklist; the other optional +script puts the sending host's IP in *that* file and deletes +the message. + +This is just yet another fun little way to play with spam. +(Looks like meat, tastes like play-doh... or is it the +other way around?) + +Bugs: + +Yes, there are weaknesses. Specifically: + +* multi-address $recipients will probably get by this +* scalability is always a concern +* large ISP's that generate lots of mail _and_ spam... + +This is near the top of my filter file, though, and +there are several other filters below it to catch any +stuff it might miss. diff --git a/config.samples/F003 b/config.samples/F003 new file mode 100644 index 0000000..b9f097a --- /dev/null +++ b/config.samples/F003 @@ -0,0 +1,97 @@ +Date: Sat, 4 Apr 1998 07:23:39 +0200 (GMT+0200) +From: "F. Jacot Guillarmod" + +Here's four checks installed in our system wide filter that knock out +a lot of otherwise hard to detect rubbish - and would handle the above +example. The most interesting one is the hotmail.com "validity check". + +# =========================================================================== +# authenticated sender, but not from pegasus +#------------------------------------------- +elif "$h_comments" contains "authenticated sender" and + "$h_x-mailer" does not contain "pegasus" then + + log "$tod_log $message_id SPAMAUTHS: sender=$sender_address \ + subject=$header_subject: recipients_count=$recipients_count \ + recipients=$recipients" + save /usr/local/lib/mail/spam + +# claims to be from hotmail.com +#------------------------------ +elif "$h_from" contains "hotmail.com" and + "${if !def:header_x-originating-ip {nospam}}" is nospam then + + log "$tod_log $message_id SPAMHOTMAIL: sender=$sender_address \ + subject=$header_subject: recipients_count=$recipients_count \ + recipients=$recipients" + save /usr/local/lib/mail/spam + +# claims to be from juno.com +#------------------------------ +elif "$h_from" contains "juno.com" and + "${if def:header_x-mailer {juno} {spam}}" is spam then + + log "$tod_log $message_id SPAMJUNO: sender=$sender_address \ + subject=$header_subject: recipients_count=$recipients_count \ + recipients=$recipients" + save /usr/local/lib/mail/spam + +# spam X-UIDL header found +# ------------------------ +elif "${if def:header_x-uidl {spam}}" is spam then + + log "$tod_log $message_id SPAM-X-UIDL: sender=$sender_address \ + subject=$header_subject: recipients_count=$recipients_count \ + recipients=$recipients" + save /usr/local/lib/mail/spam +# =========================================================================== + + +The following rule seems to work (but I don't use it): + +# either To: is contained in From: or there is no To: line +# -------------------------------------------------------- +elif $h_from contains $h_to then + + log "$tod_log $message_id SPAM-TOEQFRM: sender=$sender_address \ + subject=$header_subject: recipients_count=$recipients_count \ + recipients=$recipients" + save /usr/local/lib/mail/spam +# -------------------------------------------------------- + + + +Here's parts of my personal .forward file - I'm relying on the system wide exim +configs to zap spam, and only do the old fashioned stuff to whatever gets +through: + +#========================================================================== +# Exim filter <<== do not edit or remove this line + +if error_message then finish endif + +logfile $home/eximfilter.log + +# Mail from support system +if $header_subject contains "[Help #" +then + save $home/Mail/in.support + +# Mail from squid mailing list to local newsgroup +elif $header_subject contains "squid-users-digest" +then + deliver "" + +# Mail from exim-users mailing list to local newsgroup +elif $return_path contains "exim-users-request" +then + deliver "" + +# Stuff to be thrown away +if $header_subject contains "Warning From uucp" +then + seen finish +endif + +#========================================================================== + diff --git a/config.samples/F004 b/config.samples/F004 new file mode 100644 index 0000000..655df14 --- /dev/null +++ b/config.samples/F004 @@ -0,0 +1,71 @@ +Date: Tue, 23 Nov 1999 02:49:32 +0200 +From: Vadim Vygonets + +This is an Exim filter snippet to change locally-generated +Message-Id: and Resent-Message-Id: headers to world-unique values. + + +# Exim filter + +# Copyright (c) 1999 +# Hans Matzen , +# Vadim Vygonets . All rights reserved. + +################################################################# +# Change locally-generated Message-Id: and Resent-Message-Id: +# headers to world-unique values. + +# Notes: +# Change every occurence of "home.dom" to your home domain. +# Change every occurence of "uniqie.remote.dom" to some unique value. + +# Unique values, as Vadik explained in his message to exim-users, +# can be chosen in different ways: + +### The ideal way is to choose "hostnames" in existing domains whose +### admins you know, and you will be sure that no hostname ending +### with ".nonexistant.friendly.dom" will ever appear on this planet, +### not even on someone else's message IDs. + +### Another ideas include putting after your hostname things like: +### .972.2.6412694.phone +### .29.32.columbia.street.jerusalem.96583.israel.addr +### .1122.3576.3847.1446.visa.01.2002.expiration.date.vadim.vygonets.name.credit.card + +# This snippet provides to schemes to do such rewriting. The +# first scheme is to have mapping from local hostnames to unique +# "Message-Id domains". The second scheme is to use one unique +# "Message-Id domain", inserting the original "domain" into the +# "local-part" of the new Message-Id header. + +# Precaution +headers remove "X-Vygo-Net-Temporary-Message-Id" + +# Change Message-Id: +if "${if def:h_Message-Id: {yes}}" is yes and + ${lc:${domain:$h_Message-Id:}} is "home.dom" or + ${lc:${domain:$h_Message-Id:}} ends ".home.dom" then +# This is if you want to have a file mapping each hostname to a unique +# Message-Id domain part, or, if it fails, preserves the original domain part: +# headers add "X-Vygo-Net-Temporary-Message-Id: <${local_part:$h_Message-Id:}@${lookup{${domain:$h_Message-Id:}}lsearch{/var/exim/msgid-hosts}{$value}{${domain:$h_Message-Id:}}}>\n" +# This rewrites Message-Id as : + headers add "X-Vygo-Net-Temporary-Message-Id: <${local_part:$h_Message-Id:}.${domain:$h_Message-Id:}@unique.remote.dom>\n" + headers remove "Message-Id" + headers add "Message-Id: $h_X-Vygo-Net-Temporary-Message-Id:" + headers remove "X-Vygo-Net-Temporary-Message-Id" +endif + +# Change Resent-Message-Id: +if "${if def:h_Resent-Message-Id: {yes}}" is yes and + ${lc:${domain:$h_Resent-Message-Id:}} is "home.dom" or + ${lc:${domain:$h_Resent-Message-Id:}} ends ".home.dom" then +# This is if you want to have a file mapping each hostname to a unique +# Message-Id domain part, or, if it fails, preserves the original domain part: +# headers add "X-Vygo-Net-Temporary-Message-Id: <${local_part:$h_Resent-Message-Id:}@${lookup{${domain:$h_Resent-Message-Id:}}lsearch{/var/exim/msgid-hosts}{$value}{${domain:$h_Resent-Message-Id:}}}>\n" +# This rewrites Message-Id as : + headers add "X-Vygo-Net-Temporary-Message-Id: <${local_part:$h_Resent-Message-Id:}.${domain:$h_Resent-Message-Id:}@unique.remote.dom>\n" + headers remove "Resent-Message-Id" + headers add "Resent-Message-Id: $h_X-Vygo-Net-Temporary-Message-Id:" + headers remove "X-Vygo-Net-Temporary-Message-Id" +endif + diff --git a/config.samples/README b/config.samples/README new file mode 100644 index 0000000..4f56627 --- /dev/null +++ b/config.samples/README @@ -0,0 +1,11 @@ +Exim Sample Configurations +-------------------------- + +The files in this directory have been contributed by Exim users. I have not +tested them in any way. If you want to ask questions about how they work, +please approach the original contributor, not me! + +Files in the series C001, C002, ... are exim configuration samples. Those in +the series F001, F002, ... are filter file samples. + +Philip Hazel diff --git a/credits.html b/credits.html new file mode 100644 index 0000000..ad94fe9 --- /dev/null +++ b/credits.html @@ -0,0 +1,78 @@ + + + + exim website credits + + + +

      exim website credits

      + +

      A number of people and organisations have contributed to this + web site. If I have missed you out, my apologies and please + contact me so that I can add you to this list.

      + +
      + +
      + + Nigel Metheringham + +
      +
      + (yes, thats me) built the web site and I attempt to keep it up + to date. +
      +
      + + Jean-François Poirier + + of the + Hors Limites + urban collective +
      +
      + provided the large logo and the impetus to get the web site sorted. +
      +
      + + Planet Online + +
      +
      + provided the UK + web site, the domain name registration and various other + resources for the exim community. Planet also now use exim + for their main mail systems, and are transitioning all mail + systems over to exim. +
      +
      +
      + + Shore.Net + +
      +
      + provides a US + mirror of the web site. Shore.Net is a large regional ISP + in the Northeastern US, and uses exim for the majority of + their mail traffic. +
      +
      +
      + + Esat Net + +
      +
      + provides an Irish mirror of the web site. Esat Net is + Ireland's longest serving ISP and uses Exim on all it's core + SMTP servers.
      +
      +
      +
      +
      Nigel Metheringham
      + +

      $Id: credits.html,v 1.4 2000/04/09 22:02:32 nigel Exp $

      + + diff --git a/docs.html b/docs.html new file mode 100644 index 0000000..387b129 --- /dev/null +++ b/docs.html @@ -0,0 +1,132 @@ + + + + Documentation for exim + + + +

      Documentation for exim

      + +

      Exim has a set of documentation released with it. A text file + of the main documentation is released as part of the exim tar + archive. Additionally postscript and texinfo forms of the + documentation are also available in separate tar archives on the + ftp sites.

      + +

      There are 3 main sets of documentation for exim, all of which + are also available below in html form (generated from the texinfo + version - this is lacking information such as change bars etc - + the master set of documentation is always the postscript form).

      + +
      + +
      + + + Exim Overview + +
      +
      A summary overview of the capabilities of exim
      + +
      + + + The Exim Specification + +
      + +
      The master documentation for exim containing all required + detail to install, configure and use exim. Changes to the documentation (normally + reflecting changes to the functionality of exim, are now shown + in a green font like this segment.Documentation has + now been updated to version 3.10
      + + +
      + + + The Exim Filter Specification + +
      +
      Additional information on the exim filter language.
      + +
      +

      HOWTO Documentation

      + +

      Frequently Asked Questions - FAQ

      +

      The exim FAQ is now available.

      + +

      Copies of Documentation

      + +

      Copies of the main exim documentation in HTML format as used on + this site in a compressed tar file are available from the main + ftp site and mirrors (see file exim-html-*).

      + +

      FAQs and other Documentation

      +

      A number of FAQs are in preparation and will be made available shortly. + Please contact me if you have material to contribute.

      + +

      Old Documentation

      +

      Old versions of documentation are still on-line:-

      + + + + + + + + + + + + + + + + + + + + + +
      Version 3.0x + + specification document + + filter + + overview +
      Version 2.1x + + specification document + + filter + + overview +
      Version 2.0x + + specification document + + filter + + overview +
      Version 1.9x + + specification document + + filter + + overview +
      + +
      +
      Nigel Metheringham
      + +

      $Id: docs.html,v 1.4 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/home.html b/home.html new file mode 100644 index 0000000..d27bae7 --- /dev/null +++ b/home.html @@ -0,0 +1,41 @@ + + + + Basic Exim Home Page Stuff + + + + +
      + [big logo] +
      +

      The Exim Home Page

      + +

      Exim is a message transfer agent (MTA) developed at the + University of Cambridge for use on Unix systems connected to the + Internet. It is freely available under the terms of the GNU + General Public Licence. In style it is similar to Smail + 3, but its facilities are more extensive, and in particular it + has some defences against mail bombs and unsolicited junk mail in + the form of options for refusing messages from particular hosts, + networks, or senders. It can be installed in place of sendmail, + although the configuration of exim is quite different to that of + sendmail.

      + +

      An expanded introduction is available.

      + +

      New Things

      +
        +
      • + Exim Version 3.13 is available - see the availibility pages to get hold of a + copy. +
      • +
      + +
      +
      Nigel Metheringham
      + +
      $Id: home.html,v 1.10 2000/04/09 22:02:33 nigel Exp $
      + + diff --git a/howto/mailman.html b/howto/mailman.html new file mode 100644 index 0000000..9b375e0 --- /dev/null +++ b/howto/mailman.html @@ -0,0 +1,192 @@ + + + + HOWTO - Using exim and mailman together + + + +

      HOWTO - Using exim and mailman together

      + +

      Mailman is a list manager with web front end and built in + archiving functions. Details can be found at http://www.list.org/

      + +

      Mailman configuration

      + +

      There is no mailman configuration needed other than the + standard options detailed in the mailman install documentation. + The exim configuration is transparent to mailman. The uid/gid + settings for mailman must match those in the config fragments + given below.

      + +

      Exim configuration

      + +

      The exim configuration is built so that a list created within + mailman automagically appears to exim without the need for + additional alias files etc to be changed.

      + +

      The drawback of this configuration is that it will work poorly + on systems supporting lists in several different mail domains - + for that matter mailman itself has poor support for this right + now. This may change in the future

      + +

      The configuration file segments included are to be built on top + of an already functional exim configuration, which accepts mail + for the domain which the list resides in (ie that domain is + already in local_domains - should this domain be separate + from the others handled by this exim, then add the list domain to + local_domains, add a domains=my.list.domain + option to each of the directors and you may wish to exclude that + domain from the other directors.

      + +

      Your exim configuration also needs a working alias + configuration, with entries (within the list domain) for + mailman, mailman-request and + mailman-admin (plus any other global contact addresses + for the list master.

      + +

      There are 3 config file sections below which need pasting into + the appropriate parts of the main exim config file. The first one + may also need tailoring to your mailman configuration

      + +

      Main config file section

      +
      +## Top section of config file - macro definitions
      +## Tailor these to fit your installation
      +## pretty much everything else should just fit...
      +##
      +# home dir for mailman
      +MAILMAN_HOME=/home/mailman
      +# wrapper script for mailman
      +MAILMAN_WRAP=MAILMAN_HOME/mail/wrapper
      +# user and group for mailman
      +MAILMAN_UID=exim
      +MAILMAN_GID=exim
      +
      +

      Transports config file section

      +
      +## Transports section
      +##
      +## Three transports for list mail, request mail and admin mail
      +## respectively
      +## Mailman is installed in MAILMAN_HOME
      +## Mailman is configured to be invoked as user exim
      +list_transport:
      +           driver = pipe
      +           command = MAILMAN_WRAP post ${lc:$local_part}
      +           current_directory = MAILMAN_HOME
      +           home_directory = MAILMAN_HOME
      +           user = MAILMAN_UID
      +           group = MAILMAN_GID
      +
      +list_request_transport:
      +           driver = pipe
      +           command = MAILMAN_WRAP mailcmd ${lc:$local_part}
      +           current_directory = MAILMAN_HOME
      +           home_directory = MAILMAN_HOME
      +           user = MAILMAN_UID
      +           group = MAILMAN_GID
      +
      +list_admin_transport:
      +           driver = pipe
      +           command = MAILMAN_WRAP mailowner ${lc:$local_part}
      +           current_directory = MAILMAN_HOME
      +           home_directory = MAILMAN_HOME
      +           user = MAILMAN_UID
      +           group = MAILMAN_GID
      +
      +### end of transports section fragment
      +
      +

      Directors config file section

      +
      +## Directors section [this deals with local addresses]
      +## 
      +## First 2 directors rewrite list-owner or owner-list to list-admin
      +## This is only done if the list exists.
      +## List existence checks are done by seeing if the file
      +## MAILMAN_HOME/lists//config.db
      +## exists.  
      +
      +list_owner_director:
      +   driver = smartuser
      +   require_files = MAILMAN_HOME/lists/${lc:$local_part}/config.db
      +   suffix = "-owner"
      +   new_address = "${lc:$local_part}-admin@${domain}"
      +
      +owner_list_director:
      +   driver = smartuser
      +   require_files = MAILMAN_HOME/lists/${lc:$local_part}/config.db
      +   prefix = "owner-"
      +   new_address = "${lc:$local_part}-admin@${domain}"
      +
      +##
      +## Next 3 directors direct admin, request and list mail to the appropriate
      +## transport.  List existence is checked as above.
      +
      +list_admin_director:
      +   driver = smartuser
      +   suffix = -admin
      +   require_files = MAILMAN_HOME/lists/${lc:$local_part}/config.db
      +   transport = list_admin_transport
      +
      +list_request_director:
      +   driver = smartuser
      +   suffix = -request
      +   require_files = MAILMAN_HOME/lists/${lc:$local_part}/config.db
      +   transport = list_request_transport
      +
      +list_director:
      +   driver = smartuser
      +   require_files = MAILMAN_HOME/lists/${lc:$local_part}/config.db
      +   transport = list_transport
      +
      +## End of directors fragment
      +## End of config files bits
      +
      + +

      Exim should be configured to allow reasonable volume - ie no +setting max_recipients down to a silly value, and with normal +degrees of security - ie allowing relaying from 127.0.0.1 +(thats vital), but pretty much nothing else. Parallel deliveries and +other tweaks can also be used. Delay warning messages should be +switched off or configured to only happen for non-list mail - unless +you like receiving tons of mail when a host is down.

      + +

      Problems

      +
        + +
      • Mailman's detection of exim bounces needs improving - it really + should make use of the extra header information that exim provides. + It also should recognise and deal with or ignore delay warning + messages.
      • + +
      • List existence is checked on whether there is a config.db file + for a list. If you delete lists by foul means, be aware of + this.
      • +
      + +

      Other Tweaks

      + +

      One solution passed to me for handling virtual domains was - + Since I use mailman in a virtual domain configuration with a + separate installation for each virtual domain, I did a slight + modification like this:

      + +
      +## transport configurations
      +
      +command = "/virtual/${domain}/mailman/mail/wrapper post ${lc:$local_part}"
      +current_directory = /virtual/${domain}/mailman
      +home_directory = /virtual/${domain}/mailman
      +
      +## and in the director part:
      +
      +require_files = /virtual/${domain}/mailman/lists/${lc:$local_part}/config.db
      +
      +
      + +
      +
      Nigel Metheringham
      + +

      $Id: mailman.html,v 1.6 2000/04/09 22:02:34 nigel Exp $

      + + diff --git a/howto/old_rbl.html b/howto/old_rbl.html new file mode 100644 index 0000000..abaf3d5 --- /dev/null +++ b/howto/old_rbl.html @@ -0,0 +1,67 @@ + + + + HOWTO - Using the RBL + + + +

      HOWTO - Using the RBL

      + +

      The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole + List) is a means of identifying hosts that have been associated + with the sending of spam mail. A full description of the + service and the technology and ethics behind it can be found at + http://maps.vix.com/rbl/ + along with more general mail policy information at + http://maps.vix.com/.

      + +

      Exim can use the MAPS RBL and/or any other similarly defined + service (ie you could make your own additional maps as well). + To use exim for this you need to be running version 1.80 or + later.

      + +

      This documentation is for versions of exim before version 3.00, + which are now considered obsolete. The current information can be + found in the most recent version of this + howto.

      + +

      RBL Configuration Options

      + +

      These are fully detailed in the Exim Specification Document. The specific + section on RBL is here and the rbl directives + are documented starting here

      + +

      The 2 standard RBL configurations are:-

      +
        + +
      1. Use RBL to add a X-RBL-Warning: header which can be + used by users for filtering +
        +rbl_domains = rbl.maps.vix.com
        +no_rbl_reject_recipients
        +rbl_warn_header
        +
        + +
      2. +
      3. Use the RBL to reject mail from barred machines +
        +rbl_domains = rbl.maps.vix.com
        +rbl_reject_recipients
        +
        +
      4. +
      +

      In both cases machines can be explicitly removed from RBL + control by adding their network addresses to the + rbl_except_nets list.

      + +

      The information to do more complicated manipulations can be + found in the specification document and is outside the scope of + this note.

      +
      +
      Nigel Metheringham
      + +

      $Id: old_rbl.html,v 1.3 2000/04/09 22:02:34 nigel Exp $

      + + diff --git a/howto/rbl.html b/howto/rbl.html new file mode 100644 index 0000000..379ef30 --- /dev/null +++ b/howto/rbl.html @@ -0,0 +1,91 @@ + + + + HOWTO - Using the RBL + + + +

      HOWTO - Using the RBL

      + +

      The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole + List) is a means of identifying hosts that have been associated + with the sending of spam mail. A full description of the service + and the technology and ethics behind it can be found at http://maps.vix.com/rbl/ + along with more general mail policy information at http://maps.vix.com/.

      + +

      In the few years since MAPS started operating, other similar + services although with different aims, procedures and + reliabilities have been introduced - MAPS itself has a number of + these (ie MAPS/DUL which maintains lists of dial up modems), the + other major source is ORBS, + which is a more proactive relay blocking service

      + +

      Exim can use the MAPS RBL and/or any other similarly defined + service (ie you could make your own additional maps as well). To + use exim for this you need to be running version 1.80 or later, + the configuration example in this document are specifically for + version 3.00 and later - the old version of this document, + covering older versions of exim can be found here.

      + +

      Exim RBL Support

      + +

      Exim has supported RBL from version 1.80, although the + flexibility was increased (with a related change configuration + options) on the release of Exim 3.00

      + +

      The exim RBL support allows one or more RBL systems to be + checked and messages from hosts within each RBL to be either + rejected or marked by the addition of an extra header + X-RBL-Warning:. It is also possible to have a limited + number of recipients bypass the RBL reject functions completely, + thus allowing postmaster (for example) to receive mail even from + an RBL blocked site.

      + + +

      RBL Configuration Options

      + +

      These are fully detailed in the Exim + Specification Document. The specific section on RBL is here and + the rbl directives are documented starting here

      + +

      A typical configuration would be a mail system which rejects + mail from machines that appear within the MAPS RBL list, and also + checks hosts in the ORBS lists but only marking each message has + coming via an RBLed host rather than rejecting them. Additionally + all mail to the local postmaster always gets through, even if the + host is in the MAPS RBL list. You also have a local private set + of IPs which relay out through this mail server on net + 192.168.0.0/24 - these cannot be contacted from outside your + organisation so RBL is not an issue.

      + +

      The configuration fragment (in the main part of the exim + configuration file) to do this is:-

      + +
      +# reject messages whose sending host is in MAPS/RBL
      +# add warning to messages whose sending host is in ORBS
      +rbl_domains = rbl.maps.vix.com/reject : relays.orbs.org/warn
      +# check all hosts other than those on internal network
      +rbl_hosts = !192.168.0.0/24:0.0.0.0/24
      +# but allow mail to postmaster@my.dom.ain even from rejected host
      +recipients_reject_except = postmaster@my.dom.ain
      +# change some logging actions (collect more data)
      +rbl_log_headers 	# log headers of accepted RBLed messages
      +rbl_log_rcpt_count	# log recipient info of accepted RBLed messages
      +    
      + +

      The information to do more complicated manipulations can be + found in the specification document and is outside the scope of + this note.

      +
      +
      Nigel Metheringham
      + +

      $Id: rbl.html,v 1.3 2000/04/09 22:02:34 nigel Exp $

      + + diff --git a/howto/relay.html b/howto/relay.html new file mode 100644 index 0000000..f07ec65 --- /dev/null +++ b/howto/relay.html @@ -0,0 +1,71 @@ + + + + HOWTO - Preventing Relaying + + + +

      HOWTO - Preventing Relaying

      + +

      Many people want to get a free ride from your system by using + it for relaying their mail. This can be due to them being + corrupt and wishing to let you take the rap for relaying their + junk, or them being lazy and unable to make their own systems + work. In any case this is a theft of service and needs to be + stopped.

      + +

      Relay Configuration Options

      + +

      These are fully detailed in the Exim Specification Document. The specific + section on relaying is here

      + +
        +
      1. Firstly you need to specify the local mail domains as + tightly as possible. local_domains should only cover + domains that really are local - this is relevant since exim + allows any sender to mail to these domains (since you have + told exim those domains are local you are not actually + relaying by sending to them.
      2. + +
      3. Any domains that are not finally handled by the local exim, + but can legitmately be relayed through (ie domains you act as + backup MX for) should be specified in the + relay_domains, although a short cut for doing this is + setting relay_domains_include_local_mx which can be + used to abuse your mail server by adding MXes pointing at you, + but raises the bar so much higher than it is normally good + enough.
      4. + +
      5. You probably want to be able to relay out from local + machines on the same network - be careful here since any open + machine on your network could be used to do unauthorised + relaying. The control of hosts that can relay is done with the + host_accept_relay + option.
      6. + +
      + +

      The standard settings for a workstation, allowing relaying + through the loopback (since packages such as MH post mail this + way), would be:-

      +
      +relay_domains =
      +no_relay_domains_include_local_mx
      +no_relay_match_host_or_sender
      +host_accept_relay = 127.0.0.1/8
      +
      +

      this is actually the default settings other than that for + host_accept_relay.

      + +

      The information to do more complicated manipulations can be + found in the specification document and is outside the scope of + this note.

      +
      +
      Nigel Metheringham
      + +

      $Id: relay.html,v 1.3 2000/04/09 22:02:34 nigel Exp $

      + + diff --git a/howto_mirror.html b/howto_mirror.html new file mode 100644 index 0000000..56742d1 --- /dev/null +++ b/howto_mirror.html @@ -0,0 +1,63 @@ + + + + Building an exim website mirror + + + +

      Mirroring the Exim web site

      + +

      Mirroring the content

      + +

      All of the exim web site content is available through rsync, + and this is the recommended means for mirroring the web site + content. A document describing rsync + mirroring has been produced by Sunsite Denmark, and this + gives good general information on rsync in general, where to + obtain the software, as well as rsync for mirroring.

      + +

      The rsync URL is + rsync://ftp.exim.org/www

      + +

      However the more normal means to quote the rsync path is + ftp.exim.org::www

      + +

      The rsync path for the ftp area is + ftp.exim.org::ftp

      + +

      Configuring your httpd

      + +

      Your httpd obviously needs to see the mirrored content. There + are also some other tweaks - Apache aliases - which are needed. + The paths that need aliasing are currently only the /ftp> + path which either needs pointing to your ftp mirror, or + redirecting to a reasonable mirror of the exim ftp site.

      + +

      If and when the mailing list archives are put on line, these + may also need handling in a special way.

      + +

      Branding your site

      + +

      In some small recognition of the ISPs and other organisations + who donate the web site space, bandwidth and management, the web + site has a brandable component - specifically the bottom left + hand pane of the main window points to the + branding/branding.html file. By aliasing this path you + can tailor this to put a sponsors logo in place.

      + +

      Tell people about it

      + +

      Assuming this is a public mirror then contact me about it and I + will add a link from the main site. I can also get a + www.country.exim.org link added to the DNS for + you. You may also wish to send one message to the mailing list + about this.

      + +
      +
      Nigel Metheringham
      + +

      $Id: howto_mirror.html,v 1.4 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/images/dragonlogo.jpg b/images/dragonlogo.jpg new file mode 100644 index 0000000000000000000000000000000000000000..e184f3c6e57bda0860e3ac40948f22e95234aaa3 GIT binary patch literal 6150 zcmbW5Wl$STxbH)eU@cN;fg*uGu>vKy7q=IJyObiuEw~nFvC`ns1_)LN!QG`maY=Cr zP>M@SahJn;&YgQ_?x%Ckf9Khmoqc9!f4lo(|Igj*-7{R19=Xj0|-2^dMGVb`Z-8Fg-no2ZH@L1al$l^f-2}{f+1j|)* zQtOQEvkJWN3@0Lf@|1>_j_o-+2Pc=Hkg$lTn7F)xqLQ+Ts+z8zzJZ~Uv5B>ft=(ID z2S=Efw~w!%e?Y|h50O#PF|kR>DXD4cpT8jT^1l`oqKeSP)it$s^$m?p&0XE!dwTo& z2L{I{Ca0!nX6NRAt*oxCZ)|RD?;IQ+9iN<@onKu3%Y_5L{V%Nh{=dNfKQ4-Ut_OH{ zxOl*Sxo{r%-UluP9zHWa0i~=q(8}X63nYw?N-iB(&@yi+(J4Izw>WB$x&;v)v-NX8XTmdMG|!g$WAvyrs;q)0oX)-iae zPgfD9IPJI0$Zs3yhB&WJf9VCjteIUWE+@;QsVBkjD|m8lS3_dgp&t>y#b>b+FLhwG z$iR?L)H;+dq^?M1L<*Dq#FJ``X-KdwFZ5AihfbzU>}0U7I4y5Zj8SX%P^2!Nto+q@NG-u~Ju;2)%O0K4%-C=H8v20jYBk>SGDq>T+%nY@!s zUT-8c#IvzZ#He+LKa1wu8#kP!ws1=<`}NID=X=C4=6vcSk;RZ!$B_$fe73t9L_wub zax;fMr0K6FFUHC+0ugc)U>OPpD>0Z1uGqwKew1j*`xFNmI*U~4qlzyz>Mb7O?-o=1 z?(C@~fL$>7$7hCo`;(;bIPI@i2$#y&C$u<~0{y)n$JdKIs9BfeDWh^~EeW;L{^7xq zxaHR;tS4Le(*8#AC1V@aZVj60q3h=elwr00r?|2hff|acQGVpoN<_)*#dF*2;a5FG zF|_+ike4~gmFhzH#;*3*{9J{O;L+KTppn(L-eo1JNJV|&22~fgLvvc``M)o!z(7EJ zTO@G%TOX>7UF?yli3WFDaL~{6^lMzZV5mA`k!}^H48BlfZ3s&1^}~mqPZ`w)ljuC; zY4w}`E|NAviwE}Z37aa{v(68N`g+UyP!}EX1?;stB*O8O-RC0`!+TM8STMVbyA|#uc*?S|C*0MyAgH zwFoEqy$*?h3u8Asb&C<=x3gRAh4TEQ@`jzd(Z}jFoUMR~6l-d)xUHEIgP^30`nI5t zS{4qKWtCCuN3(rTSe%o@Bl?)&T;BselqR%xy{-Z~zfGV5Y%*v{%*dRQ#02pN()EZh zuyqeOV;JcZLJa!Q^o&_h$C=oHoF8xM>LUpft!1m1gT5YQ&0=JxqZ?+u9ds-m_fGEs z5jXznyu3MeS`&j+;qH)tDeZEH_X&Kttn^G7xu~DpK9`B{f1cd|d^7Q#z5CAfsrL(0 za^Jx%GsVl$^4k7T@!LrtTLi*ohl z!e&Wz#uT+TVUfFVeBUd7n+A-4=Mww_$pe{ZKz!5^vn5ry9)zjh#T|EXHW@cnIh1~vWOPnj+ zn^RnqXC+&)5Zeh3O)q0@mThWHS_w=SU7@xR_Ly0Sn3y;yZtkfYX0n-l-M#SbRSJIJ zXMW5o_Mpi3<3`okQ@TXG%#LN5!{DHidCsc->fZ7;8oSuZU$X}K-duw;jNk2Q_PnH| zw_f@I7PERD2_Wkv9G{^5To`SQ>m%p;XqndZi?e9+Qq>F`w?-;|{PDszAhCW+AJnQa zx|y4oh62)6p-w@*i!y0&A|M|Ag7lf#-|HLh#&X7`MZWb(D=rdN=Q*#{C}7y+KAH4M zs-hFeRsap>l``k_jLT@cVXI$lh45UMgW7xN#LP1q;Dv!@l&d#Uom2E*UWO?aJmxh| zKN(EX{p073O4gn@#;Opj)^)WXvuR3OG;N8|fG>2f#Yhu&pK_gJ*ImuHDs%)Uwxj}& zR0o>!rZ^_LH6$!8%|~N*4wrhFgg5kKB|j`ILL61>;49Q=>}1bKOCG&9l&aX&nc@*_ zT$}wVAVBjG;E@3Pwu*Ox4tjo6jySE!D|xkPuLbC2zue5;FQfV?)l8q%%@(Ea_Sfgo zw_(kZx4>>lfaE=vkU;+C2W;k0NUH6-h}MfAD%A>e-JJcBD~&f|a>l!dZjW(m6NUk| zFVOwV!7$TXdZP*1dZVM-r&qI>pJLlR92x_uFF@j@l|>*K$hoi+QtE zA+VW3{T;xb7td7Q^-si7Q^!-*Bq)kYgEdqjqFPR(Xh2KpH`8EoVa{gPwD2Ywcp(_6 zDPoOxxhi_0x>~i8jCK&zd#UD?t1Y$E5r4s8^HghL?=ah^J90TL#A_ndo=@>hBeWK& zV0_X1_QFtRd5*l{il0Qz2=@ z($ij8teb94Q*-1flkkcxy?-yXjI-&zX>k6qB|Gg;EOkbOXtJ^~*dx-*)@pm#n8J}4 zVZMC~wB1HAi~|E8E8rNlTZP40@0IVB~2}A4Q2;{RC38!RTBH zM$V#~Kh%9!0e&{FRN-k|j<>i2WP$cKimTmjC*{7ctv_12cENOPacrj6%KJI0>3l3o z%`icYWhpAcI3nj&N$}@U$+Oe6^;5r7@&2(@TuzmV26<%5$xfM1gi{@w&i-2_YA3gzm1Eo4FF;GSb8 z^p}ar*SmDLr%rt2f_cXOaMCO?YL4nHUwY&IL<9};|C4RYHD!}_nZ-ceGrzQiJr7ZF zbuGNI?OBf20E_e!qu+@21Kz%KytGvHc#=fxVtb}j7C6lIZnp^ z9=469#SZKbVc4U}EH>;Ax*f2ZC+wS2812|3P8(_F#<&6IxL04FhiJiOb`1)=vSCO) zv$vv_zdDwGJ7^oh7NDoQ=XsfbDdnCBfGmiUKd|SD3Rb2grvKO=w;9PYtOsf<@Zu^Z zmQ?z6n^d~JO4H%X#wLP>kSFO5UJl>vE&@1(oK(}j zC>3l|=S6zin8Zng$3s7M$lO*>R^&noh8Vq0xz9ZfTtxcaalb8D0AI{0^0s=qZe&x(~6NSJIb8A}?PQ#Nd%y zcQmXfn_74&SwH>U{u+>qk=cw57NMzBG6&VPS1YATI60#5&Ki$H`DeAK3K&q>zS`iaK507&55JpiXgzP*VNz);c zl3{dr?2DS#o93NLV4=bTl)>}!DI#vT3yag~vQmpToIX!lOEy^c6{r>FyZ8vEaq0Uf z!FPV5F>@wMj`OMOJBwx}pJwB#>2cz$^ulHzKs_DR^_wSxbk_&R)u|4C6;kY*)(4BN z9$pJ7H72Xp&p+nMZe9)-I1hHLZHCv+8Xb=`?Obf1>&I*%=i`dc8Te)zKF{1wi*h! z?px62OxX6t55yfHt%vu|*SLx$kPVsJXp(`$Let2IXyfy8WPEj1Rz+(=($*P;Y2{G+ z24L@#XVYf=E6^>n?qOj%YX~=grFSGJ!aF46BTgT^&y9xnm^o8IaO_U z${c#eAwO4yRcb$VpJs6)dxUw=BR(WqOy$f|GkNgCV|S?*9#N!T=$xz_T>8byTTURs zQy_U1irO@n0z>lB?1+J$9&%sPen|$c{iU{Byvj_>THkNw7o_yB9I8a6srEhtBG3P3 z+UU2rX+9O#6X7qMGY~QqyQKt(UAz;eu8>AK0p6I^FR938l9>$O0p5QqXQP$s7Yf37~f9*rg- z#1UqUYWLsBc!+GrLk5q%Q68vz*LjAySV5}|4$$i5pu{wF4PCF!#KngX@SdAf{vG<3 z{(3&Z3$!W~MU6Z|jC{slc~mkJ5$-9Gyp2Ro1!_#?Oy?q)c#;(H+2q9C1v)P$HgwKZ zKM{>P7EiJNNSA*zFI2x$km^%Ekw7ST_33%M zTdPk0zMNnIo+U$iuxrjhUYl302}Y*+d$t4wuge!2XMD)YU1X^deewOB(d*2|@RSJk zYGZ{GfFY%SlL2_6SKyuFI(1MD7K z@k(J#CL_*O)%=mnGOPX$$GSmX1XgcjW5f4^Q##R#<(~>y!q1?DJu#Pjl2KUVuCB7J z8;^8z^>QvCd+X@FLnVNA^0)2jG!Eu^rNc=Uq$=7G zUg7EDwN2~McB_bSKD#D>{*terbl=F(YF{@eFBu60vDS!3vR)E%xe$XHlSv>S{FOfs z5&+mQwbhu2`N;q3V=wE&(DrHb$))8sv0gOBZ#+@73?4HDy2w7WNSR~xbsu2708;8u z#&XkiQpX*t75UsljZd#xO4C*BTAiF_g=S4`br6>Za|ft6F08!;C-zf_%C&{_iQ&?U zfxI`G9XSI<77;ft7Pq4^9wS+N2CW(ml%#Ht|@M?a?u^Mi9rZjATttU zrcZbV;a^Y}OL)r|5$Ai&FSj-Sz9i(1-%~h=Kore!zem`7 zS?P4ZSCdb9Yb{*;t*Z+s02_nFvPr|V0m&D%&yJ-!&rm~jBaeG8=DY7*Zd(r~%2j!u zQFSFDp_DwcXzP(UV<^*R@)^S=L!zZ|c+|Y9e?B@dx1lL=M{2*(YQa}`OW9hlj!BAF zM{eTgGp{f<+-Lv^d5|0*vUpzhY#*R zg+yeg7iwWwiB_Gv3#1;MxY$Xf1Z1DxoQcyr%7+$DwxyqxeL`@HOZ251Q*`YL<;x}w z^ndF1bza?gI8iZVxHvAz`@1;5g#R10>cXIwhl6xp5`Z-Uu%iLf)!?nG;HmDujUgKF z>FlQk!rfsLDB8R$gKX{Q*zv9>e#WOww!M1-Nae+|Gse2Q!dc!dd*+8tF$;Z@_w^6s zhSA^k;;T$0%81a%CcI0wmH!qm831`{_g`{ij=XpOt+1)=k+c)DHk6->bU4-$oS&j! zKr*Hc`ZQL4>C=&`TKsV^(7F3(Is+Kv`i7ffvD_?@O-Xx(F$W%!Gozv5rAok{AC*g6 zdcm{b!VqerYf#4MCSCa0uR=+QvVXKxT4zc7ja0S3h1M@ph><2Ayqh>9G?unYclhA$QG;!O)ELv0h@T#j(f4fU$VcD3XW0G3`uap9j P5q2LcZAA$5Ztgz-lcmb3 literal 0 HcmV?d00001 diff --git a/images/esatnet.png b/images/esatnet.png new file mode 100644 index 0000000000000000000000000000000000000000..2d397b6e3e930fe6cc5577a2f16010fd627afed6 GIT binary patch literal 2347 zcmV+`3Dow9P)en950F@X3e5G$!$&M@4@~?+JfnSXP!=fU5 zm(!n@4}Cg!=Ftgf5N7iN5uqw;rgi<$r*tPCop8AkPzufzD8(=>@Mbx4V;=g{zKcgE zT&OjObkeHI(4Q7^z_uM6UF~UK0>KYmkbC#{V z%PWB^m<>ZBy)#U(Y&dYz!U>?0l^E)Vf?%S+!Rscj$&lL5ay>641 z33sxlQh?c)StHnWqCs0G|Cp0jX(!7;;r{My%&AhyH@UINhvp=EoFM3tZq&QO6`l+x z#BSV4E5r~?^3?$Z8AaVnPd)Db7^HbX-LYFt7t_5oZzuF+yNhy?!i_(T;g%uBLzHDn zc~$MCO2=HXNX`cCn?;Iz%}EO9x!(O65D0(o?LEf=N1>i|Q{B>#|IxqS z@qPj)DO_|pxVPKazlaW|%g)fG@-)Hw+5Hao6F5oXde6dp)%Sd#>-}oRbwUP(IUeKLT9Ujb9G|#udbM7;?|7DzHta2LxDpN8p z##CP`iVp?KQ)sQIsv6Jr2%q*KxcNw|HAPX*Jzrp)Ja%-7q!w3DVO{r>Us)omvZ1R*oRyfUP| zd%WP2a0l4xacUJWlxxCFVLu=ljOg`xcRu9$rPyGS_IgCvg0>%y#*0#Ijj&YoBpxnqrJWuOb=77?LDG zMD|SC=<8ql6*&NTT|gxSLC}`bu|`rsDTP@r`0#z7s;UqXg2+dz%`x&% zhXd0Og|)(6$F^|B7#zphOAEu0q9}ky$i=LC;Y(8zJ`XWpOM9vOJ151-`NbvgUDx+OpgxI z^SU7WYu-93d7k6@KE@b&yjtw<#qFX@_nDlxM-h)u<5n4*^I^KjCxXIjA=!6O8ed=xh*FxoQM#; z=uw)k0P|^v=Xr<-#u(x_W;U7cIT^L*we6f5Co5cQ_JBce(9P4DIF8X;GkG^bL=Mg- zv^~zX&uhF1YlWN5X4G|K+DcQBWf}2*Vtn66DTSm$nx??UonMn>8N=ZafZoeqo3>5Z z4;ZZK*W>1|)|$a!(3JnYDQ{(u6p>}ST|LZZj9I2>y7WA63ACF&*X_2Q4lI*5$x=j? zLF6xi5GfmP)DRERL7Pm}T-NSq726tg5PQZ}57s6lu;ypX;SkYB_j4 zSPotfnzkP3+8o=g8xGus>t0hhmUpy{2y$qd)zfg`IMQyileS3_R#BBs#qRG;a2dAh z%2s~Y{Iw}cq1NrKBQ_Q;bF`|*wY@-^um5Z>gwizciLC!_vwkzHo8Po{UA^5lw##kL z)yZl>zfD+W02H9d4pN(YtvJ0E29&7g6C2mq*=(2*I^j<~neWFcQ&}U3xrJ!kcGIwH z^){^YcJl>-%Ybn*-nP&CD2PT;$HTM*YlJJWDtfc<#_yGQo=-k1a2%K9^_Xf>QzS*l z4yszw5BpRTLp3%OZ_AEA$?GwTR|{e{CLb3RNkRN-c=(W7h~6JwlJ$^S@r;uzp`Q)N z7W12h^L>hb&hS%0`XNQcko+;mn7UaTE+Au}#^5FnC~zE?JT6EUFvvx=`n}DY z&JK!kIANAK$ZBd^6x3yPvuU==F99qOPK+R>9KL`8uIEry^}c}HzWxsWc@O`5Gp$od zNiC=OQPD$KA)M>Dgi((y>zYbcD+byn`Lm|-T*Au=z5XJ?G0{}>>Rn!^4AWuPk%7+5 zq0ZFic!uLW&n_zoSR$N*CJ7U&x}>bGnQGZKSweH65A?#kE{NS2cj!@>5_P5-T=Xfg zD*QJdVhlBccjhvQC#W-xckU661NN{`G_XWC0AKk;mjlMt=EE_fg`!eao@REbTF|SIFhcR8kr`FV$ChyV2yC=*WlJGO#9hj6)QYm&3p^d z&lc@I(EbKM84%s>o3BxmzmvY+-)_%yJ)-9kgNv1C`Xt;FKLTqaCr^AI{{WySZqTz} Ru!;Zx002ovPDHLkV1k_!hjjn| literal 0 HcmV?d00001 diff --git a/images/exim.png b/images/exim.png new file mode 100644 index 0000000000000000000000000000000000000000..292db34eee7289e0088be79a514a8515c93cb30b GIT binary patch literal 634 zcmV-=0)_pFP)d@>6iT7}k*e#TJNZx=Bc?HB&Wn!Q^s?-5@$RngLg9N+* z6{cLEngxxO(|IH5#C&*an>K4xW-}wP60n9Lm3g5s zIiH^E29}#Oi8;+uwV|?(BO49h3iC#a*v1c*c|*E(X?lMKrP8 zY(g-|O84KnEh|s|9W3`+hcM-}4i9D z3qwSGShmA@lENg}>!%-^ta!pAA%~-=3sb8j$x;E=8t=l=r@;dU?3j0BauoL%k1oUGob)UAFF!EhX~zlep!7vB83 USeMxz%m4rY07*qoM6N<$f;1r-3jhEB literal 0 HcmV?d00001 diff --git a/images/eximX.png b/images/eximX.png new file mode 100644 index 0000000000000000000000000000000000000000..9e1e15ad2b071bd3d71f59439dd0268a36b0c1a0 GIT binary patch literal 35346 zcmV)8K*qm`P)0JZ40001xP)t-s2mk;G z00;;O2oMMe5C{+#5Dpj!02l}n7!Vj8001Ef03#3%Cm0DS2mmf26fhVDF%SSU2mm<{ z067={LJ$B#7ywET07@7DN+AGD8vsr&3Q{2eS|I>qApm130B9=!YcT+8KM8U%0CzM1 zdpQ7vIRJ)30h2`lmsJOxN&ucr0KH}a|NsBje+1y5E$_x!;WG5`0000MbVXQnQ*UN; zcVTj60B31tGH`BZATlm8E-^mZY6buRAOJ~3K~#90?0t!1;@GY&*i6mn*tjs5fEfZL zA?g4ByQj4zZ5uLFRd=7h!@EvRNfAfL+M2c0y8h193jb)ezI)xxt9wJcdQtSvcj8#il zy~eAfD4wMGV!hoTwq>48hP_@dFW2(T+s(QxPM6cV=dYIg#GP)ImD|J9eqAoo1mq9% zV!c_*r;Fpu>+@<9T_e7_9d$b0ZjzSO@#*lm$mhvSUOq|7O|>nHG&#P$T~=|_ZYw47 z>P~l*m7C+!alJ^>WCG?Si)yo3FS7Lc?QJ*hbmZ1;+`BC=9`v(fy+6pk(=iLL>Tuky(}ygZOoo$uQ3~DjH~ZsZU&>2`czJDEZkFlg{cSapJ4dayKOMf$>2z~AR^UQ9pUcCMSFabFxA)6v zU{vd?+pRd}&8uo7a*_%^N|Ax}a*@Btt@{Je(GGHg2L#gB`*l7~vq`#MgV*xvxA&J( zpB#y58N|!+MmMFrI(?XzkL&eP#O(0?zUuewE!MAYN0GdIRIGP$t;%Y*+sK<-%dN+Q zL3pvBhUm(>k2br@Zg<^XF8Hp^;_aLz;9qoi(%LO>vDo9)yVX%%f00+0*(4bWDN+0O z)se8V- zq;ckj65-tb>FIFB^>W@X@YPZhdg#%JGd+*@8PM^RpVdVYR>d3t$$dD;}oWFjxl zGQ3Ya4fg6zR|whc_i}H!-h}MUBAHF{Jj)Bdyzy$0@vfY$&3=10KfgZ7={g_QMUo`> zVo?-wcRddN>UJz=YmMV0@AB~W=i5tF3bT`36v{HsM_oRCfAXC{GKabmraV2pyuH6d z)KhtNSu6^9NW%stLdXoSew5>LI`1#<@0WbNF64lwa`RG18OC~w_1>b}K({dEu-(4C zzwJgsaV`v>FV{sO-03&yzKY%iPek*T%RSC{EMJi0IhT9O;hRl{c%1c<7u`F_ib8(w z@v@qVP>PZ$@_bo}vdgmBxOF2{SJA_*D5^gnW+0}>l3AM0($?LpKVI_9J^7Kt*?8Q# zlh|*+?e6biyMF7{;YYN7!2%lX!ThzNZ@!2BBgQL9vlQk}xHaV0V);%nesUap)8>m| z>ExB7A-9`No(%tJMeVpJ#xE~m{Whyvt8Fiay6h#e0{cU?F4GjZ9LaZz=!%J29#5xg z9L{e$j>VWQaL~8%fHROTQde$Z78Z-k>+5M{#w-%u*YA!Jy!cp&RZZ2F6>BKw#Y6S{ z_PU$OtJ-QO<(T*7aNy2sm@+X=Vx87|nD0yk@pano&`|1&2mMhFGbw62$!I2%e7V`f z9$(Z-c6bKbu#$rgUc5izbkFl-JRGL^a{c(2Cu$_S_F~*Q?hZx+Xpp_Q0>Z>(IC;SF zSuf^dBQH~VG2bEX+>X1Vuk)%pZmV_vAdg2*N|rCTVo>Fvtp?B_c5uZOn29_d_hPL@ z$t3Vkgmd{3W(*p>-Kt-VS5HC4S}aWhTZ*e(z(CTPwoHKt>1M;Ks)W<?0KF0OnN8V=C8TBQGw+;+^!yky2r9l&~7sRGx5-SC@2h=F0_d-0j5eb}gd8 zYuLiXtni1hZN1Ll-?9<;))amS2yR``+Q|ibS8YV&BvjOQ_KVMPw6AdI-R{CyuTLUX zu%xb08fKs~$oKpGYPAtt2V*C8TFm>5O1*vaV!XOrZpF}TkNc;S*t-3CDPGAe842(1 zj2GB9%h#L3lNclzndc{YJ|crNnBC6pi}41tat-rxetmgfj8?kre?J z1N!uIetCa?g{wH3q=gu{JRgrbqU>usG)oJ4@#9`t_aw*TTy55Jbmfa;h2+*9J>66u z5!H-Xp`+YcsCb(e>tznnF3P1i&XaDZ6)aploIwZ4tM~hjc$=49vVgSW7A5@oQCyp> zwkRx7N}CFv{aIASKn$Gtl(|?``L296>o#88ieg3$V&67r(QVgOPkz>7UM>qb+}Whp z6eQ985q{O5CxrwY2suPI%!W5o_vzJYnRV-3fBs_omV3YOm#*J4gn#+Y@_zKf-!yW6 z;|Dk0h~98Aks~J_rd;x*XBqxEn@kc3-tK=!O9P-5bvFL~^3G8-oQxq4I2$6CWl>V= ziWDVdyo(kB4LKxmljQk}kl_bUhFu9kE zi34EH$B1Qn%%$fIk&bA;$7R(A&16au|JJ_)Dw&JV~c$ioyyErrQTJ)Vp7q!bSjgm+?a zS=j7uw*3T?4+(>LYXp9Kn1LT~nk1S}ac|-8=2347gD^k6zKdPkJ^axnlZE1T)VdAa zTjuV@9b+~8M@noC0T80$K~f~-l83jH_p(^OzW<3}tdASVh)kmor~AqPSWY-OG8)it z!}G%tO!4?0=HviQbh*su3sD#uD3%+Kx&yF6rLFz(&XBxzJiS^UUbM4uk-nQI-j5R;+ZWFYG;Y)s$?=7 zPX{FXM(l3yjCcqheW#yhuvy61$o-y>iLvWhywv?>$!vmXS7=x;M48>>#~sZOYPoMW zqfM$rOCuSi_kEVXUq!EpP1qngD3(iZD+YeXTlY1px;um6zC11cu2>E@d3)FvW|__} zFRxE$=u4p(+@S7zpjk+f9uj5``pmOAuUq#d3!D4144F!tXW1egFU&ixT~!H8@(Y)qd!U#b5_);M-Xs$ z+CM#mWKqUAB*?Xk4Ulw(XX5{f`A{EXY}%7p7QqHo#}w345pPE`)a#|87V8dGj!WvDnUvn-XEkb zg;~e@gL@|@5^2HlFmBx?Rh4M*bYY;uL8xOfEKv1Dd3bq!dx5ti7J@H=!>#KWwl~voP;QH? zO;M_oT;wxWHd`7i#WCV59%Xq;@^(Z8^tuwlcE$dEI4S(yQ<~u?=S#ZYTgH;Ovl0zA zI6}0^pO07<7EsjCY*p<_O_$u<+2S^NXJh22h2WB!dB0`NGlv_*JB#-2AvzWoi7r}F zDdQ@u!|7P9%31G5SP`d#7HBru;v5-K0nM-%CK9m{wUXI+pK~pZ;31xhtuhD zI-NGzEWYud#s7!P6~mtB`;-`VBOx1YG}7WJA7Kv%9IM~5?AB07F~xtw;Z z@u+E9MO^5U3(5W7ETzU5iedcZ&Pyc8($oUj9#Z^s4d_Ak8e!IAd%D06kvmJ=-Kwb; z)6#Bh_#=8Ah7Hcq)6+@syg<54)UKSIUNh{51uKzKPUqF>6%jq6STWnJ;EuK!9Mk{o zb_b}2AwU(Miy<2gMjdqzhY9nATkseL96wdOca7+$BVlPXSHNUJr(?MSa-%wkFL2x= zw9d1vd1v?{bQr4bhX0$EyUVM_$J3ZzOk@mcS*DtI?vEzMXLuRNoa9LC>8~VL~0E!ZTQFisJD6LXuZg z28B`EZ>`*5L?r>E@I#Ik^BadJ4Z4v8%amsP@t`iB#EJ!PTpnLE3o%7NfjdVb4X&{( zgC4o@C@a+2muri&Ey^!r4nngKNN<#kWx**VPRQkxkjyBk&B(i1Zt&<;GbiGdAC5;l zo%AH~ltlM%N*9YIj){n*ko<6yI3b^r)9@#Vg95VQv=2s1K~>`IAM6pr#Y!hkB{82T zCtRas5$APHa;Ia#ce_z`W?D%eAgW9f%qz`^*gWu_tM(9XJgBGoxYoPswyN z5H?*G(Fp}N5W0@06e~1XkmyCKcg{5>Lp57c=2oj|d4wdbE|%=E+({I-?-~=@7NO{!$M8W#*HPUSJl-jt ze2Jyzus32D|lJca{H_Mo5#SAPqols*WpFeK1}3#LMOE%NFGB%eXD zmCcx~tGNM-+{|lCnMT?jsx1;!DTE`L&vUx>8@(y~{35qJ($tvIj-p23?FIm8jhL*S z;?`)VfjV2t1AIWR!|WGTGYkrnfg*IyWslb6yK+l+3PYCYtx1i`!_lDI zv1DtzzF}QH1JxoQcIynK<5EjIS@s~BsKklhY&YONuY%#$ZX{gpx|XZOxlzSynJ(=p zL&}OtQ66sObM@)bV$bJuv;#3*ei6awsw_wCMi)cl&YCUu>=gKcLQ_7UQ~Ar8#%&*w zty{{ol*5vHx{iqr9_#3fteU!4fz|Tv%hhVVT8YBO4=6odw`Q@pEZ+VUk()9>Kqc4y z=+`x#;Y}uRy+WN;>$t1Uu9AO&8{+jrJYGoh3?#b&ynbGC9w@=eJ7t@tzS z62TL#ks}O0<;)Jt1DB0*ULrIbvx0nm$y@;iNOA#Ul-fIxbv05ZbvcM9ICzD`hx$w z{7IVeA$)$W3JC|slZUaU7~}8rqR~~KVW%%1Z6$X;YQhzNJmIGp&0=8Du$0T4CnI}? z?Jwjx+}XI%Pf9U_qDv_kkGmamug;AXPWpmXvB|`eUNqZZ-z1n%#^m=_(@pt`uZfUJWu;P#yUOpUJs#il`2ZJ{G{YOqm{^c|kEYZf@u%F- z@VnC)qFoxU?qkJdJcaG~Np36;^66M1e#!LCbL1*gME0|UlK1(YSzLL%TEA-#q*g=t)SnfPZBDC-wj2T;o z?wf{{7wo0#_Qj<|`?9cNOO-)(JRRt_ygnZfEbj5n4=GYN1^RB}AtqXjjoKe*R-d4Y zHWf{p!|C6%RC9iQI>Wtqe|ur2lc@>N45zeQFgufrP>V8+;`TkCSs#qMtne4hb!nvu zs3VXJX8ig7dZr^;I5+5d2&-A4KnbA}T%}vDAnFWy6Y316U06TBy|sVR~lll z_MOv_Uh>w$=wZKh4_Y@jj^h4Un-;WyP_e;4uE(>MCU!@9F<`Vh)xu}-@q`@rt*wCBbr6r4rWXTpc1v2If#ZQSy~coiNiDMqL|*g<3{U>rjkTU6Q#3b&#=Po zEK$@jWfQKNS60E-mR>`|IPCT!dxj0!fM_tXmZ+~FJD9R#-=W<3or#xzcY+9?y;$n~ z7A)L|`;nuSc+_jx!w*eP_n4dHGiR?1Z@XNqk1y6h(AEwdXwP|?!$+q?FIaE`(Y^R1 zpIfL{_bi{A6?$(bz4w3OtNBGcY)I%Nd}%1i{KFDnz$Qxkvf`X#j4E4*7z&$ zYdp!cN>j2>qfBRdH>vZkpVok`cJJ$_3I7&ae3_kIXhoC876fOF63}0$6tq|aLbh6; z$V4yr2eYKnNcGoi1TD0S%a6cQVP2D-yr|9pU|Q{9J95+E?Q_*1m{^g z&oFB;=Px!AWDLEnfOtoAi;d4wEm~?%f|%h~)Y1?9*Wj;^98rT0wOb%j+m)iLscAUwCDgMLYCDbYood397AwDF)3LIsPiiZOAZb zp7Dnus)nnQvBp_0z2LaE#y~C67Fi1E=>?iOxQWn#o#-M(iPnty-VrwDsPkG)8X^bz z63<{YolX%1x2``Qti5X5lHDM1FkCPaowbDF55#UX*g|`YI!oAKz;Cg*A;_mgANqhkG>*L9**$93!)jJn0^KceP|rNm6NA*N+LgRlb89-HgZ|otRz}KWrxY=o*E5 z`)4HMe^JeIlDpda!lI9m%!0Z#QXP-*&>uCKE3!PFqityBnq%nIvFlAh33s_ zI-ZU^VE8N-s&yZTADhf$BuqpOA%S2syQekZ1CmeZ4X6LV)b6HC>$6Ro`I}BD>im4m zdI&bkSuNj_Q!JFr+A1q2z0)6zMx&vg^MwXh`#`dAd5?;o1U(t_bv9>_MYP7y zbh_8@*(kUOoqr-*TXfRlTV0_i>82vdLh&29yo0jq$J&~W>q<69O~KHUr**2j@;|_U zA_HEk3$pp?Xf#(_C}c!{Di&<~38FCzeFqxQ$+w$MB;gzXUNmVxRMqiBir+x>3wi7{ z?Ko0KL!8^LJd9*YMbwFHtU&}rt`T}6s7?L+9hK2Xa(P{v93x|izS&u#G`qeVdJhi^ zi52^hO;z9t>7c|~C_b}&0z|)vScpC8kF-7JuFBU&?&Q9`ortN?eGTHb&nOK7(TOd(@Kst;05UNJ8uG=G;Ur6s8TVNm+ zeXTDdZx*x0#ikgmuW79xveNcOc&*y?AsaY@Y@kw_!6?qDfabOK`B>VS;~$AmtWHcc zCTtCWIaw^dugDI8Xmfp|)y|{>G-IS?YGTnf$%s|?vfU_f+4^F%GrJQiuN+O0Q<&t| z@`Y2sXEj|&#@K--yr@^ub4KzRdDo{eW%36UVly|K&%ufp9g)`<{=uRG&g$xJA9Cg~AcIc71H6{Ft zksRw2K?U0Ap0d4yHk({#!4bkis|^f|l&N8DkSw$eg|mU z@Em_5kNbU_YC(0MEp8;NL9q))eFj-ESFI6PEpLCSnw9oI$Q1*KGq}<2zzimP!ZHea z!O_+6pdCdyN2W@76%L>pQO*;H!l+I!FHZ3bEXYW!BON<>5se>G_@9x?BD{4(28%MN zuc=U7tf-h(X|R)D6y4*Rle{7sq8%O{bOOz~FGL?N7sa}K3}a2fvtP=$6vr3m@!Jce zVkG7^C}i-s)3#iA(uy$UX9-vgPUV`-XN;_YSVl#Yd_wJiCYFVav5q;Nz*W3wK&}nAp4Xa8O z=&sDmU;I!N`=Dp-A%!l0iC$nP#C-Wju^`OLLpyVtHBXP{n#ZIVJvA;DamSi=>QcsM ziD1U7SMRh5@?4+5DSB9REKv!@(`K$64RH8_hYqC!;o`bvgOb<|p2$T`V6Y8&P;ixE(HbJpO7dduu{fj$ zvADKjiwQxoiS@$s<&EVzD2r7t@xW-%WHQAQ#3C_s7yR9p%1Jfb$DGyuhK9x|M8of% zB$wu;)AFV|UaAx?*EV$gsM&+QnW`lr5b`GNi(t3^ckzXP_~VF{$S~l)s2-VYUm- z!c@<%f#Ow;R+?@%=(i}=9>13MH+)FK+-HmUXT-Rw!$7cuu&UpX4m4M&r-0h(d~Pje zq&%_NBYJH%z{*e$oAEcD1tpH2h=5!PtCN5bFjcH|HfQthm<&$$O?ZP(K+;_B%jUzo;rEV^@H8)Kj=>-DO(RGGl=tS481Wj53Eak2bbud z_!u8A{mzbRxk1;bu89%D{z7)2YW(`d9@M8N?e4Ve`F!RKS;g+0g=WDQ+9ERJ*dOC@ z6hlKNsfB)YjXpB^Taw$BL^4tCvolQ#5eSwKY>Cw7UL~IM`8uSJ(uZLdpeyxoU|x&f zNXpEz1h@%UE%KaL>#N!BzM2(Jdj76pP%T?_u{&fMv(RLfwg8@73fQvu9H@LD)z8mt z8f81`b_2xDdFr*=6gg>OvL^Kax9JVLgAP4Wg3Yw9QFKSsch-+nRyMT-Cv=!{#8D}( zG;V!5o$T=g?DO?Snfv@qa0ty0zM{$VNe7#9W(+j%l@RF@ZAn6UI?ITk(X=X_*lK?) z?|gn)a2wEFM35ObYrmUz|FI31l0drI@=UUypS512C<{VAk#|ZRTTBw|v=f3u37lvV z=(slP-PeRs>>B!4NY>cZV1-zsnk8BnW(AN;M)RLF%c>BYT%4_3^G3W0Ih{`ij>DkK zl1Xfa7Un9r1&YLJCW>P=r99g)v~3?I z`RSnW7;o$(e$t#Hdq(rjNLC;YvN*46+gUb3um8w&9WDi5_zq{~hURu)vX~IoE!9yc zL<0>rG+f}aQY`ubCCz6NjfP@T7ZNKzTGBtIMw8!~;Ge_YKmciYA9*s<(T73kUuLD` z7fGh6ChB6RKT#0n1rHzLJMahX#@T7MzvN4=%3~1=`3%;5uT7KCamwV0Cd&<#gp=7e zqCK9d3$4Z*6`uC>yQz&Pi*>xG!?p<);UUSE3^bb2HGEQ%F=}8GKRv%%C4rx+N!Ktt zW4e)k1v7ZLU+DfV)WH)&$aegG&F5=#o$w$0ghjn$9_~PO9@H8`G{>y+j9mulGf?57b^YV1;DJ z_w?BMqM(Fp%@WfA+UjJ>lku4+PgL-WCn+#`a6WmN9$e<}Q(@Lx6~Pr3h4#`=I&{h! zR)y)KhzZa}arFz2wC&CXNd{6(#)$y~Be3EwNmf5YSgVqJb|(M%CrN%mj+B`iWLJkk0c z=v7<2HejCZ;b7%fbC1wPaJEFZQv7l{i3+b+2nL&TSIgAPn!R1Gt$nA+NHvii#%$v5 zbACX5y6;F%?;uRdgW3S9qA>ic+F(gY<3RC zp_FMj0*B}UCYzd`jW2kFsEFpJ9>a_^eDwQR{o(4}0$*@hNBZ%4Z|-B|Lt{6q->K3N zu{hZQ6fsdI^Yjr5QDWE`&uoc_V9nppjn5C1=DBusdZa+P;P%mH7bwJNZh&2zBaibaDOEr4O#DimJ~Cxow}Ij>bgIGI;PVB9oV>MI8)y6I%mHiutkw| z_M>V2M#Q;7x8MYgyt83Xr%LJ!!Iy%eRgSu$jAM>oD5>i9{5OIvwWd)O0V zv*HNT6XM!J9kG!!C&=aI$UHL&$dUS0SL@y$&X|8=@xd?cdxeTy7lq-8;mBkJuFk2O zXR{AI(Le8y4vok4KeXxC8k6-a{2V>L!|^y8ckgcjHYZkdB~KRxTN%AqRSye?LFd{) z!+>Qr{s08^?@T-(x31EaAZv)IIwwV$Ua2Nu%mQSTWO;z1HAIj$W=45n}dc>|aZIpAr0DI#=S&?XgN$jQ;F;&}i8Es;~dQepbYI?=vCV zk{{ovi0;1Of7tbZB>xN7|55y(zkWt>ILH4AHNSFwPsz;?+VvlTnEad9ug%Rx&B3|< z;<3Lke=?jH$Jpd(3%3JB4JYWoi16noXLQQ?IV`f1L2o2NP{(4grs%&~RSMyja#1Q~wm3bXd); zkxjq}bqV zHWbp}yXn5KDE3*^Nt4+8{zAx8Xt6*um_98RuDruqe7FICYwtUMSdL#x^sBHGyC>DE4tSOO5q<_Wl`OnD}%#_}RRA5dm?z zAnE#LW6np432j~Tn2Tb7?C8Xn+TIq13d_YJYfh`WU2HJ{&;l2SR;a+OY)y(Dk6AKS z>T$*K2&s-~xASd}*)7GIV2Pu8zBVLukZM?lNyz4W9}4fdqOs+@JbcTnS2~s>WAP{SuUMTKHBRjj%?n1PzaO$ic39iE+ zjoW7RyVpcZVKb_^*MF0&ELWS|ZoR@9zTQ`3stt;*1D}Z$BntzNO*brxFkY*PWE-#5 z*_UjlYPqJkrLw7~*YqO?2a4RfCYglwnps+`*43^$ZYm7dVsE0K;7>Gz@|RDcMRILU zb(|PW0Hajr3Ncj3#OB5dx*V=e{6P7orNJ4ijrpRk=G7D1PBcno`2oYgN1&!`fNhu! zyGn8UD~fe)j^hM6S=-Zwq|_SHIniXPO-^J~It_xH*POhMKeX2Rk3fRju}{pG^D zQSVNH&YuA}2ZL6M7G0s0s$fQ_)oOn>FYW>ZDUNzR3mn6e>0B0&q`Z2%4WmUm*if+d zm!%Gs3y|Cb#X|3BY=ewVI&D^`9tdW_yQ)sR^X2k%P!TnTiF+fDO>Ri_AIJRvEGEyWgzCp1JpqRL2IPLzw7?c-vv=EQYZ zkFQS2X$c5(1CKR(Yr$9+7`Q%PIKPa}u2Z!VibvhJt>v5hru+8Q2DfzHg~b~=HDog9 zn-;~=>Ggum-X|ND+@P0|;#rt$7mE9Ftji(fB=D@6W~_&pea2m`16j;Af>$t^dEHSQ zwXAx2+nd_*qN!pJ6P6w`;@zPteX?j-6MQ;79iR3DIw0B>{h=(#anDA?vAb(Fnbq^w zYeO0c2hX5hk(?ERZFrf2v8#5|X*OWJ>FQmcO&)8V$(qO_*3&xueh-~*)*VuEkavG1 z*5IkZV}*~?smU639JAIvp*WPI8+ONwC!`qt`f{+>d!hJZ4LmQz%v?=J-6&LhTMd&z zRjh47-W39&=y&C;Pf$kzmvz)rYmX>A3XhfIMG+$1IE}h$^=%x_`dHXeXoJhzKuFXPq1nck zJ=%hQNk|GGFBb(~`9wQLCjq$zsOTiA4#&%jO#*X1929q>j`jk5Xy7yRTu)o`gA|Vv zgF|EgjUyc>lSPo(TLYIqQ>jp=erUtiR;}{sa4r@=i!J8k)(Y1T@a2c(A>Zsdj>zU6 z9KD?mw0CTTq-~y6O|ioHYfDzFoqAopwELtmi1tH0gMUOL4vWrn7F{xHR|yGstnxKH zlr;2ID%B_ls;L8$ACd{nYoyplmu;dwVwYq)tfqDLGSs5=a2^v67{kBHWS5Ff!0IE# zTWba){)O(GNoFP$P0)Zu*XgW7F@9^a!+CBqY8#B;zZf#ZtClbciyTL~bbxC+ZghnW zb+tp&8)j26%-*$GbOVq>WAD)vvi?|9;pX(z8L4Vn!~8gxi_}+LxOLv^EQUo~NdXqW zyu4YfpRstzw!Mxj1x7Osf5N_MO}*@HBA0QgcC*!!Hp#RVFSRFd=1RLG4Q48#l0L(~;n23I1VsTKhP;_{xz?mW( z%xvmD96_U)lDwtYxAA>hOdE($94N)c;uk%4qk5v2Eank&4aYqRI?U1z!<_@7q7W^B z&Q}d2q0PPOZfdimW;F~+f=RxmN5Mc}$h*2`xt# z)$v?|GCZrI7W!O9JWS40O`r^o z#oh~(DI~+1s6JZ^2tdbJ@@u<4xl3W^4g`nUiAYC)ThRxbrwI5pR)^|~5hvh?)lpb; zuQlnZvcTC>;BZ^^my*_5Eff!_c5D*efK#6uf3uweEpUXKd8;Xg*M=1lfoLDYXkC4h zy`{e9HS+m48tJ}bq7bZOX00GFd)}kx^WYfVWV;f&X$*U9q8n-c2;QczEi!Mj0sbOF zp(qmG00Wt@<(kgpjt$8+bcHsRal=JqBYR!4SjYB+$!y|STO_Srh1$)%E*5i#kLB)_ z6e?Nug(bqgIjXEZWbFcnCV$xM2^T<2hF5Lb88tcFvBkO3wV{uRMRYYZBGVRBEtt#V z7~?p19#bm7;-~$A;eS8{VE?v`jMM4}k z-8P$L6F++1KxUvbMzL?C5+OPoPRDz|LK$GsiO&(mk%K-pqY&q}MW*yXlwuX)5n&i8 z6_o*t9JHTMd%3ayQcs^H|5A+QO@gzjXf(N>1dUHgvCs@mAD0P5$Qh^@JK#)Y*da|^ zEvLAx_~Y%)EjmD-6i>0Hs)>YxzG!u86eb|i3HA`APQ2;ZI`dK+*Kmpr>d9HG^QrWU z`AByhx{I(P~FbZqdpeY&? z>yTt%`luA|_1rz}X{t*DK~fV2wUDKWcl+C^%N2&Gq+~J5Bah1?{bCaeDhfIjj+VYx7hA0PE;E)`wIPLPVowgG*@V^hj?tXE6& zK=DuV71i;ci@=T=I&u5BB9IBa4-jSAUnWizDQ8hGwTrg4)Yt+i-?H{rYpyuk8P<$0 zsMhgf6XUyTnNrNR5ZRQvxtuo$7l3Tps0qmYDDN;7}gW=vnto@Ed}a{Mt1x# z-wn^D#!ONc|4_&zXKfc<6Y5h}%_J~o^Mu(HS_yy#XY8WcN>2%$05 zP7~>{Ru}o2OV*BbEUN0!U@Ke-pf4WOip*^w!E?pPQ(%~ygAdx*JwKg;^$-^Sz&utr zm^;9>#PzxRjK^NjQ_Miam+5zIV9Tby=a9SoXrqOKS1HOi(uH}NzLyC)K08ctZK}!eRq)=qtR-t%jnQme{i2*53uK|7NvLduvx5jr; zr>(K4^>bZehfm|Z+UIl}Eq)Yhg;=W$hgAs9G|-d36HYE+L!M)l5ocB_*oI#$6m!ja zbqSM*&pUO2`hnh#=Z3>H)>i|wHXp7&XRJK#b^^j0CE0LIx5i?EATiF!GWcr`jOyz8 zs9jdE!Jre>Vb(z0J3%J8bb$i8MaR^H2F+jdn9#ogF*o+?(4awbzEQluYNIDev7Hi2 zZayT2NcFh!E&&l^O%$+tN2dt=I%M&m2Ceo$DRxL4;_az;eiVs2iml#Y5v&Qu;MP`` z9C@oY2J4pB@R2$>4<4hWODrlLxkq)0b)-_OcEMC zru5DmBxgrc6z?L%g~D(IO@TDG;Ze1lt3AJ#3i7$-7{979e9xt#NIDQ!!SsrR@tJmx z=zN$@1#{l5j&4R zr}uLnYfGQHafWMn<9zb)mAl3wSY0}+pZhym?GR((Yt?EUdP3G^exdb1$iK}-(;8!_ zt5Ts4mulkoz`h(&#$fA0V9fxktRxElgjPWi zPKpZ=3P{BB5xeVW4&#Jdcb#IZ>wop|zoFO+iNhm-5BdlvYb08By1v)J0k7%mS`o5t zcU}K^y8}&e49msl_3ib1tjYp8TLY|P{;K2KvD>cQKIigx z6jPW9|K?0Kp(v_Ke*7Uo88$e1yM;=!wc&rKotm9;?NwPX`4z~YW zP@;ig--zLzBBZxJ%m54sprK0xFLDPNzCbE2kMgDW%e%tWy$75vgvmny-cyDe|EJjJuWU<3puw zh`F})f#gwGlFo8Zz%bc01i4W#wjnPz3NG5j75~d=3~%k!NGBZ>nCY zgTGlWwKZKAqmG4SgHW^85teVee$|)$t#-rzM}{c_IA7vLCb_U!DLxz;R=SpDu>Mpd zFB--0FCNuPWj}3hHDSOQPH(V86&Cj+7WFUi_^NKT;nfWY3phf70VT+Tk-RdZ;Sz5j zmFB0@4Y_;{8}&gSOGWz93hS8t0=8(oAGW+RrTP1ioa$1m8L<>mzt6SYEQo9s;POD& zSOnNe|7+`1LDWDr%@ypgI4p1-D8*q)1@tkwFO?3+qM zcZl_=Z2jLq+Jb|9;GPu{1V-=1`ypL`dR3MGqalaAlg!3h+fnr7@SLZUp|zf^ zOK0hc7ABp6Q$cu3vN<(q*#Xrkew^oye}`fNTWkA5rA~juHcW=ekGhpeTTc~$k@8E( zQzJQGULIIqT`oKepxBG3rlTJtQ6SE#(d@{DTHyU8cK(LJ?REfZWdo|tq!f;!X8p(~ z_Ut_!n&7MobxB0S=Q9CM09`<$zqde%M4o`X`Hp0Q6>U026wsZiFk&9QmhEBqRUW&^ zix`D~;1P#fv}W{ZEz~C``pK~ul~AId0!#Gy^_AeETHV#rF7A1PV*!!_vWaUr_VPwb z@<%5BOdq#{su-Y!nzIW_ZyGvioBAopK!9j{b{J9g>AnCDaBEXrOn5oPx*uw0V{dH4 zLW_m<=S87?q+O2lF9O%_t3+vP{)K5r>oTx91w5l|1I> zSP9Sm(X(m`>r5r!9p#vSW9X@6XMf9xLnl*Ly|&iXXK zP_YJ;V(mH=CO0$#CzJHF3CTe1IbPPLhqI=c`v|^ppny=hR>pf9K>~ zuh-BU2`NskUwdul14iR$c$Nws3WA?ssV2gvw`bKOCKcM@!p_M=Wm!m`5&8&Vg_G&% zhQ$`|{SuG)!dBh2*VTS+#Th1EC@~g6u_LoWCX{HLxCUyk+C`xDDxzh8Bct5|40Wnr z#%wa3S~xP$!x>P~_fix-6Y4SE)iK?^_Y$%CR0k?^4(MRFGFf?nxT zlgty{8~mUH1MuKLv7%2UV+)|HFC_k$1o#SD!RGct+6{9Hh8n8vH#V#HL>@botSMu{ zaB{+fpU@F~L_R3A&nk;`cHE%d&`vp?&CFO^;pvm@5nu6GyIR_zeuL>Z1Hfga_u$Pe zhKuYZI|8naq`W95IeR9#iAufri6a)K0ZstBxbj)%NiFZ(v=YOwNJZqBZNmU$RvO_uBpmGRDQ$;MyY*d{^Ak5>tgW;#IeTV(>6~!3M zX%Gz6ro(~Yu?|e{ZJLY%9FUv|*?RzDwqp1`!?V*uHW0qG*WO_H7*Rtal*iN;Zbm%U z88&qMjAGTsb<_96+&0_lhK`V}`W5GJ@|4>Eaz4Ml7>8fZj*5)!1@n~6_O?%YZs@#u z4c>so21>9q`9qfTOF3?9y~$b(4J^AT!yqz!A#;TTDEZj{dtVgY`^65P?rbd$VAvW_ zA8eWQ++^6MDO1mOnwzXk_kIPEydA6u!DJmm-3nhyadoJHr`^wl^1Ybx@N-vHPH~Oa z3mz|gNwq?AW<gk=#@< zc>EHk4|Ed%w?z12&d{8k0$vy+^n~^<@<8!e-HSTi8MT@f>MtnPA}?YOKn`?i|Fb+m z7N9rf@sX{vF3IX>(oseW5K9L{Q0EHZ&6XVi^w<36U$*dO)J3W1&lV?{9r1!0 zQ!PJ1)z_L$ti=QXzobMb35e4=2Ea7(Q|%(tbJxWM4)^|gVU}=3G!UkZg9Uj=ZKDn) zSyX+#q_QCDdo~*lhuvhPPT+C+lsyxaW2 zpAPrFul5f1&W8VncAGc)doiD8pw!$FF&>ZNzN$AEveviQ&21ZV;Wmpwcj%D%P4r{> zLR%)i*;5af*g|MsD6FkvFXxj8F-+b{TTIhnLO7*USO;~<<)bdf94Z-)hduGYVvSE5 z?$Box`-Hj}kUn+**rN1>En29x#hw`eG<<6)q6V*_DlVr}z$b9+_VB<>Cl3n7&QgOe z0RWSg-U7f?6ZE!pyRj8=qHisT(aZw6!x!axOzH+lm1Cdzb`*oNwevfo{;?Eux7}1> zJVzZ1wkl`d;tAM|Md2!rvt6k3b-Su8v`F2mCu8p~PP1_B8+;0Lv((<%xqCFZQ2TMR zMB$^w9!4<<-c(%G7`D55>mdkEbXWxavV;X&l(xMf_ZT(q#a(L>`PtGCpclY^FcFm4 z2yxxJPm;sZ0un3|{J4K4pgzR--B`ThD4_wl`;b7I+7uCz(by!pR0U@{A~L0THWu|3 z_qZFP-H1az;EiJ4IC)`b!4ozB5QyXHuz&K|DzF$E09H%gGg2Db zk&W=$;FC7(QJC=r3$-Ow$lO(?KtFMqm;Rc^wrd?wNOXb>6(WqFD35Jr!7+%%)BdSO z(|}DAjjE)qO$%5(VbBdXNRoFDb z3MGaOJ`X83(!AL``nm!l0WiWpoX*}?to`w;-2fgAD1mZh2fgxGr}wg47r2(XM44it zu@jk0Bz>ZM{v>K@n;)bU&kUe~%y626AnRx^D@~7E%Gz z;y~|ubFi_Lx3@rX-!dJ3&22zO2T;>_2*qGW2()FJEPx6)o{5ITS_mGzpR6mm0#wd0 zfsEqJ$7pQ$V9N$JQykE^!ebw#VK4MmD7Kvtwx%G>=eIk}F;HYnA+SWbFxUkV3s(7t z3bBP5v2W%0YRf{}gtkKRUn!n1g1S(luvO*Wp1C>NjNqFOD@_L`S}L@Lfs)mTnAC4& z?G33P1mA4}kg5sbpL(rc)QW#Xaocbahe~o{t@5reG}KdAItPvtlT|e-zECJSCR>vl z<|0kgIt7&FKdh0KTOo?zBLnpSNU7ZsfdqdZHL(#(aS>~9(`IbCacDUu7`k>{9qSQu zTVnx?)u`tPw0hul6PxdUFg>xb6_V_{P8x9k+=5a zoL9Tk>D7^!C=#7^0}wJ$tO=_HmYdt{0I&t_BCACktyXV58&AfB<@=dFb|zny&%mw$ zK<|X4XO3rKyk_GB7uFDa>GJYI_%K~;a@E+ta9xKi)?j$nSUk^dG|Nz@@D}Eto`rs! zfy+Yi9lqN)7bin{x*8<*B_~NLCNvAMj_T(uArvCVXLe~~Q;1D|p_bC?1r{shh*E4P z86yM>+c}guz1l7UtStz|_2;@G{5Mvq072L6djw=k5U&)>k^qBSBG^E$%4#)+M1(he z4NTT;8$4i(g^j*($Lw<9qm(E{Wws?GBQW0tEN(*n{jZ+qGA(bSA4;4 zFE(P7>Fi3Mj;GV^m2+QaS51%;$HLTnTVdT6o`y9&;sp|*DvKaD(0+fBVqo{QTK9nC zH<-qHyyC7x6b^gQ^!_<E@eUGZ}$ogO}xU6AJMyjX$LrXQ#!m#L?a( zgrx<8Cr%hm3=AE=IwK}u?~8QGzjjfi z2-_=%vCA`SsD`~^FpLw{cCY~Ha~$)3m0~B`(Z^Ni_$4Hd1In6QUjVQF`xN^R4*2Nw z#HsjOwwnh=w)dGt@EiYKIzRsW2IW-y5tJm}!k6FiZ<6=j6$p=7y)Ty^@rC~)Q9rqA ztMo05{(mEi?fTi$l>dGd|LpodivRQ1|2&HS=UxBD`%D6dLKU1xL&`* znUB3*5_`t2kEy)>javLS-cl>9)obien0$8WSMmR0VZqSQvi0|H5|TmT5^;yViU0R; z{FmQE%PTMd^~VG*ST?rwo(+G^CN@?z^JQ54U=|JE;RBD_0ulb#mmW5riEY=4{#UU1 z7vF)W@+gjAm$5l%T!xo!l~G;7VL1Zi%z8f+ z=33_4U;fgMR&@Id|HWk^fThJCV2hAo{JX`kU0cy0{^n=@qdX2AhTL+@vR=pT)!VH3 zF~u`RhV$!whtU z&0mpx3x4ramP-7?U)~u^yWI5gH;>Y|fEQ zwnCevQ8j0SH;ZFl4blAuHG_LWFNd(kYSb+ojqb5TY6ZBaeXtv0Kd*%xBWW zFIHQ7%KBDJ#LiAPj%;nlr=!sS43GI_8+v#$wyDLsW5WI-#C(IXx%TxJtm>AF^3%&Z z6m(OLZW!@3d{7rX(-($Yz<+R7o^3V|Uo6Me=MR{M8EZZ|`-g%RD$?wS;mu9&*VeX+ zViHQJ&UNie>JqC{{?M*Q?@0Mi@VG@x|sCUcbmR8f-TJf|)FQUgHxyi2@TB`OOXQ@_CSyGQ7M})R#^Nwf}Cr&Yosv2zo(%;DOCH~1-=bbtZIFy3d43prgeY8Jf(G; z>qyGNfX203q{h14YMagt_^mBM%EESoSy0J;G?)zE83bKvo1jB+teYXv#2g&A zSvLX;`-hGt-SIuwLBX_GZ_3T8sy4g*?zmfRRzrVDUIAcBfu^QDQe%IBjsR&Odan&Bf{TVu7Z2IV`nrCO6@Jf!b7>;+jy z0}6O-it&EKMYXPI9%m7(`(>IrLiFZ^H?_Dij<0m&A+fHMd3uzUcF?s$?9-~m>v zvH*$~2Cjy2*x?)5(%RqVu`Y3Hag7W*O(V6u*4Gs4Ruy=#YEK}$Y3({JntPnRsd~G$ z6&<=lf)fsGtu+xYa_4c%EzXn4c<9bWBM59U;lawgS}E)<)ee&ko=H~Jvbu1I> zKU{2A!XLEDc~KEq@vu7qMDKLE?2Z^B0}3%QE{mDSa!hA3(lOlY_1A>i+#>wa9<9i5 zE4URRI635T*Rd^K-PwO&}?Fr9HVqhhj*A<33dvSbqEI0lRRBEqBIs5=^Gna==i2+;qy zzPs2Dy=g4gZCHWkmR$vr5;E2Y?u!=Yo}VwzFP9hPviz|-0g|zVULKEy%V-ASf}=K< zi2t0=#$#K7+>Y!IF2somwi#r(4=&dch}k>F#yWp#T;6yOII*$_V{=?*%lV&DXcvqLnh-%os=_HE0^Kh z^r4db?hvQ$GvWbLU6jPNQA!Be_jt1;x~VAmob?Zhgeuh%I{)u`m@k3L6>$Rd)oeP( zq+?7OB#YY(o$(C{t2q+Hi?ltK4!YkIV@&w_T`(DNZw|(Y^+C#FT}hzlz7-s@ujROHF%+HrsO@V{ zV}c3A`l|8jF4^$L8Eq_FMLNbZE1!E9@|V+`;a1kz@H0qlv|MsrAL@4PA_}!)~I|Ff8X4){L#DV+7VgiaC$VO@2X^Kjm@TK2+@OLlOVE zZyGF)JN+IJ-Uir|J!&M~7_csM2tf6*t_3{$OfrY}bQ*43Gud`xQ&S+eo$F3wlVs=d zP1S{qXh%cOPB@GbaWBexO2r0(Ho$YZ;W8h?(pGM8oODlpWABsbVKu}h?~x1He#+V^2?21D{}YY6CStp zQMBsqGI3-ZeH>$oi@jm;MqskSoEVQY7h`#wket2g<0g}jiZoU8SOYw!@e#=Auhe?# zXN{HXwHWhD-N16o{)L_0t}F}-6!AL%AoklT9G;+wbyu{mY?8Z_n>E4@EMb0i9+SVi zRh%rw+H2T5+mp#t?(SFHj9+w(>SWKYJ~mlzxgw7VLZ|x)Vn_VPhOI#t3)Hz188BIi zrV=T~wjNmpS-pybdv5$&1(`f972pJV5Sm8xgjc0zmdmq6)y-?HhA>FBsbo_Yi$^z;+pFtl zpeTaTyEJ%=_3g2*o|C`YihHa`6fHtawSA_ibt}i$hB_vbJJc1iiL!|?HuQkUeK5J( z7fGJzu%hvJQL99=dWRcrp*#+{Lf6J>aK`{dqiHSbX(o9%xsl_cZ(sL>v2UfNN^bsi zmE5)aa6YR^myt76I6nwq2vk~#GKR&wJc}Fg=5SMQt|(j?gT=n#SU0#sl-qG|!*ua# z>l5#ybq!8M6c%~M?T+p;iEBybmaPFd)a%D+)Cl#s+}H(q%N?TR@v)(jb;GkdtxGdJ zHi_+tev{G8kha=Bnik#jIPzpr%K^vQ`j|Rls+b@rlLO6Z4Xjq-JutbS`r_I@#<3?BRzy$Bw9)u6N2}n7hE<8x{+Xb$xqS zNoX2F0|-+S5w(D3FYdv4nKz~gx3B){h=2YIWivF0)ODJ-6)%3T|gWdU^@WH~VoPh5tBreJ+sb0$<*8-qKtl=U`v zZDA@qtY4Mqv#2naetLd(DSiw3*d1edZCJU|51YDu39kkbjnsvf8?T=6yp2J)JtV5* zJccpBfios^zbRrp@E9D%8up3KOEVYTaG$6x_Qqqy#69et$xz6;hBXgihr;yIhLYLp zCeMt=td2C5a;=P$G-Ut6Npkmwi;w-0+R$)DdzTPBBN3nCaHA+1Qv70TO;m~p{o5V9 zkuKQ8?^t=prP85vez!@utyl|@E};utR`;#e@?4RP9|N5X{{pa>qrt?oGEFAeS`iX_ zw2x*KvaBVU2~A}dlT1k1&#a}zx7yE|y>NlYhVN^e`RbFzJ(Tn@=pZ-O6Xt$ORFc;k z-??AhDO6sVN2xg-q##|JA-p!nH#<-M*D$OT0xM?5V==SkLxLb&bnpFM#7u-E1@>A5@TMYyl&WXZK>P6)#I+ zD~5pm{Kri|!`j;FOs1*T0w{(^vaa^j#g`8p4pK~y0=shhWI*54riCJ8QS5SgRhy^I zMI#O|9=jy#awpTs>Lb^Y2-bH{miye$BOD%(%b6E6$9NEPcfE1 zr-SL(tsbF6HX+|VvBVe@J^*7e(X zz`$MeqvW*@6={2>xw|roE{`n5>HKo3S^ORpMU%y}cpc(iyAVeT@ZavlUe3@0lDTfJ zd;j?Af=$cV;Blv+k-MsqJ0iJU5jG%$`D;2D&ouc)WwC1VSXU%bijVw6-8V~wi6CdS zm8TqQ6oyo%;x>W5vx&8nlfQp7EMCwr+z{=3U#gLrfNR#5%AlOscaxM*#+OTA@w@T( zmc;-GRypp}>R5BW3?f3wC<-~^PjW&*cSOw`vZ>>^PFwT=xjyLFQaY&Q0WowT$q6wA z8;NoRw2C3hMeuaq4(?jikUo^G8{nxq+X<+CSbM^ruOPw`<*_A@A8N$)fNfV7{U43V zrv8C?w`9J}e3xQ(+#!O#1Qx%$rqBh8D#Z`b#RI-^wMiaI>y}NI$VhjkH7a{|`q;cW z&F8nnw`q2%5liz2*{X(GWyr7TDD&i3=@z}>esT>5j_NCGA4`o*ReP*iEnmpjSknfa zWq{IzCi|v)oUrC)8_%`R!(eFZ^qX$uek6F%(kfeA$ScQWvpa}m{8CHt`+Kl=b&kSN z+xy*4zYg+ZC!qVil;qzjHsZ&Wb<388(dG$=V{%&49h2cz8_`K7>{gzNYy3D)rBk?b-I>gMto#(GjGxEGzFQv$M7TTRphoyN0>az0jIhyoyF7@75(F*?yuNa ztm*CRZWgRfb90}lqfE<}=9<0N{fmr892S1^;Oq?uceIwo5F~hKDDG)i^O0T*7IN9L zC~69Zccv)b8&dpYQv3q}v;-dmRmOFUr;38f|rq zTi6!MAj#-CS9P&2tBuOA%P}fXng=7sv;GcDrW~hUXnN3KWX>g2)_SRn;1o{VqVAN> z!c?&ipQPSRvsim>NOvh{pVrcmf%TDWj(gD*4HhepJ)5ba$B6OPfZ8}X#`FQAj#e>L zr&`01=ZHVi6@F>nLhGlkkVjVZ@u(rm{Z2zu*mk9weqbR5N*8M|*j2-)O>=d2?MOex^kL03ZNKL_t(& zp$T78$PW`$5^5k5bB*gug1yDs+D9KXU!gW{X|RIoiEmEFkduFRoLc~;yD}z+k-;^W zt)Y!Ie(tm*FM+sk%r?Vs^zrrTnGAlky@JY6rcS?cZEWXOA)C?Db>vfq)2ofCu-)K6`9Gh-0b%dHI&913q69FpmA$m1 zX1lG-zAhE1kKlJD9Ai}!?{5tjo4uRmeI zjdXclLnkxE*Y5^>QELm%0!?j?!M1XpfcWm{aMVwp=43@4o-6lR{>ZgR4J7r4P~HHK zi_$@pHF0FZJGZ7>4?Nb|LbtRwukr@K89$#Cb@Dy%fb?!z`4cDSG&>Y;LsgF6)Hl39l%^-VWZNFpwO-mw2 z?jYMAYR{r{c+gzovL8$*kdxZyt}A`g+LNfeyG3r7A*G4_qtZBj!)01MD{dt@LTH!b z_l6X|D2u1uP67sN0_;W`ceLgox9jBmHFB@5{n4km;jt%&ZtAD)$ok$QPjQmRou)n> z1zA?_LYTZZv!??J_-*A7G-d6r*;}ELmy}}>WSY4LVC!oE$x5Mx^_(~w=bRtx#$}dm zvHqcMgykicbC|;nmEkzDtbAQyYJK4re<8>GN)Y6>FPCmdu94%K z%M3(n@8VW3uNYFBBv&+g?y^~6Kz=N2gL8w&8owbD(YP8e$K24T=QcuBSiNI&GY5i% zys97VDPFo_4lG9S2_nyb? zS|MMx@)QymdUKCOaB>ENPD7G!_^j$;y$TH_yZyl$h80HF-gQ+ceY8NzxsOL1wL#J%=xjyH*Me!WKVL2%S$w%1 zcdMmHabGn>Umc2O8YtHMgsnj{b7yk=S(4&gU2!#8=E@CE!qHc0aG5pKet&SMF5L9N zy~vAA!-Z20>(EW<9^0Z8;xw%@?obsHhKK{_5r>UV6`mi)~YdUTs&95Ex`lw+N-Gq>&A@v+Z%+*aqJ-L!mE z7;TSqJgV;8Gx^5!d2bYxL(1mRx9J@vY@t+5p`#CZdb^MFA*J1ulh0hwa_!|h)LDER zMdNaZ1xyfgyQmxCFcf){Pwrcyvwz27=W^kaOhLBxGu?4y!wPU0sE<_- z6Kn{IgIfU;YU8=C!r8bc4?O1L!NV^#%Z)DPt{8?M3+C!r#!LFx7p^}x++G#aJ-vYh#UB0C}&{uwyGUBf`e!Z!g^R5eJrk?Ey&X)hIP*bhwRj%F5-DSD-c}BI(t7y;@ZmK;CVH&8wY!vf%EQ~Fw{S+cYGOe zK+2lWO}LLAOUqySO3?6MKw0_3+&zoA%SXv*Jfu4ATG^w~*ruK_1uCu^uA1Yd{{WBc zq_ZaQD9Y|H$KDTD>*Ya{%grp&$R@jVn5$gv^aG9R`VW3iwy$>1aN&Q+KXxlVh0O}E zRr0U(CSc|?v@)X(?XK7~d=NP!d2zf^6q=J4bC(H=O;rr2DZpVbLqij5=W3m!h;GyI z{{)Y3U*}r6Wm!**@!hx>mc9QV%j{7mlPjvy6`86qb-Qq_?zmllrmqsI-|ed1ZsXsu z;g>eM%KNPzLnnQmLM4k&FSQg~sg`ZG9uJnjxvk)@-ttBQfufZ3npOpdJqwyxi`JX_rQ*vb8m@YosMlw`$gX^L{c zbJrK(h3iQ!Jl>H7fo&J%@a2ZltLyu9C%ala zY;n>Ov=#VIST`?z43LW+pev@TD?&4B|HgTXybi4DgU?(J1otGmJYZgnRg z&OUo2VvG_k7OU5_O0MELg8Y19%lAik;N!FX2@pR&ZjZ-skIU}jv+}$;L3?M!Kbw^q zsTdXJvk)0?(kjj2u-mL2&3!n5vzhXclj?NI*Ie~>%gq`XFP5v-^BGLZ@dop~zcGIdM-k9nJsGNI)4`xa z$OWJQEH2&gLwM=++A$6wKki=v@Mg0#Eq0qY8gVHN7zaD9hl87IcNqAQFY|rJ%vl^` zYw1s7oML9?ly1rSo|&eJQrhPbFRlM?&hjakg<}RFj1?+gQFE7S|7YrDKpiNWx#JEUb5F}%-B}Q<0Q@EDT?}>@Ixa@khXT_e5lmtDP`@ z1M%uv53_t+X5sPjdAEF=x2=>1jKSAgNJMLC7!L_@HwMZPWWGSwTX*aH`?|y-9MEU;VJ{^qD59Wb?hVR%OLw5G#DDV4Y6>dL- zcX~C1yd+Dsm&+L$fJr1h!4|87Oy;NIi1{9m4$fD1--6sBgTgPluYNnm$9$T|CzY*n zo6iP#F4CnHgF_9YSs-;X=E6-5@V(#i)XoDoAZXrY{p1InP_`S;P8eG*GRJh*oU0({ z=UKsttCf^suf*K|60>SFtcC-63!Qqrxwr80=0)6x{$PFn?_lgR7?@Q?@!}#YUBHYl z`J(IggA)ud*(I09%v0C|+!jM{5n#`pnM;JUE&P3PzwncgQE&{6&yKq2DzK^lct1$>eYAq^;w@>=AHtYq429x~e9!EP0kXa8 zjw(CvZ1!!XJyUzP_5Fp-eT3NFmgHl@IGiz&KCHGYyXns^TJRf?-5ozJQRwtp`gz>U zhO2Olx$!=t(77=qR)bLmLyiX@Bjw9z%dEY5ZS&&e;C%t(Y%WgRdvFye%hlIpyXbbi zeS>(06_I4dJ~F%JjF$N67e0J%Q}$Xa2hA_PbPbYJa1`elud;V`;E@!B6SA~ta5aIS zcAQyqMShGLKDinV#;gx18&PVV!V7NXdAb*?^nVCr;VfppNQ25srzXMK7ctJEx*4~a zj?kV{0PVp?zt_Hs!*F(?1s$L7Ts^E7GJ3ojLn^Lk!#Rtu{T9qzjah^EPCNkCh?=+T zn~LFVoVg1?4U$ikh!iL*PS(UwwB$}qMm|E|{dJ5le7q$qz;(*A!A@H76$pn~ROnGf z2+%z|JpegE9I)FwiIwcpsau5d`iZW4vt7Z20r3GSJCV6S2G@2-lfh&C@aPmIGj{X> z+;hqcfFq=-$5P{h_7r1_@NV!e_zSCEoS1TM$(Pv~M0pSiCj+Q2dIFxrU=%vZYSLr#S412t*8VyJ*L|{cb0i_d8x2vXMmI zM>5m?XMU&7o@mFk1}V2(Bd8$9K2N@Y@=Z#tuQ^?qW`-=fDAlIWVC)~l_#zupj&0OV zCyy&gpk>sjj&bBhvGJ)jAbuizSj55ZX?R;BtdoV~X4_@~U3!XbeB12}Xd!O@ygi{< z*5IwrvrIL+iMav;xf;h1PURtHB*9 z5d+F9*C0L}lMYk!QNM@W7%O<;BV~dXmTqH#m#Q3uV#`?QV8z?8vdq6zlG?L^? zw3m&s&~Xh@MnvH^d_0UnTvj8BWw&0HoK z_Z!C61o2ufAQ7q)Uj75!ub~-`-tQdG!#=wXcD;np9kzRc%t;v=Am;#wS+1}1-AcT{ z=%7F-M|GVl7U3#mBnc>A-8jY$az6f6$}2NH`0Io3tMM^w^%-kRz9wnWdx+Y^*A{-e zjOOP-4*3bfAwYO%fbL|9!kdsD4(EU#Ucy_tUc#kMILHh6idJhTjYeS{ap>s~X0v6A zkkyil7}dk7_7+rx`1)*+vs83p`9YjO`Ry1xZwrMOIAia=xQlXyLEKOaXOhtqKT4kE ziRQYKDR1Fb_wG9AY2P3UNMB!!Z5uZO*gk9ADTh5w8T^kAzKxgWk09gJh{8cM%O+aT zRAd8&94ny@Fx$+<&8bsPD92%XQ63-vN-6T|HKD@$)9g^^3|b)Yg`>E2dK7KUNuI^^ zZ(y-Ii37l`nmGgQJpd)7j%fJQA)u+h2y&9>zP!*UlR^&cL6P>+x#KYC48}=gr=|8q zMF}IPC66WLL49=->ld`;tVmSSDP!}?BiY}JG4(|9`Y{*yVzC0wxFN@PGj%HSsBPf| z3qcH*YZxEQ+3xmk#I#dkEQAlIR_#Qu;R_B3IxIzBE_^>)%w~ypC@%g1PGbSC8v8k; zlCW{sHiJ5xddx>oE!hc>OKv#D-iWJI{yvQPc-oVU`+LbB8z*N-{>j^W+onyKIX3aN zeY%AZ4&$)>-resZ`d-@bOL7bc{p%JkWxwZ0yc6@k>?M-{j|?`2Hp4g(AvWNsmEen! z6`4^tZpWmrjUA|)LEP_Dl}HDl#)sgN(;V{e!}yq%s>!}kl5x+y@l{Cg9OCihuJtu> zIb)B{HUv3k$cGGM`iU0^9mtRmFmpnDFo0h(i1Ceb$Xtmq@_8}|P?&G@EmGsyIC(XO zicF2PPn64~uVn}ge{nNN@kMUQis77d?5`@yUyI#*ZM`7GRys~Qs3E`WR~Ax$da2DP zTOoL0CcG8dX|m*l1re}S!}`T9Ae@f3=pvjn9_{?_$*mxEjNvPsOq!fe*>0M|LCjCk zlFg`_Ix1qD8)2ZF)i16X%*tVjL$8o$)l&Mvt#SH-xu`tq`_kZ@pNE_|e1R5&L%lx%QF$dQ8q` zQZCn35@sb2WzFJ6mRMh3CV!C+*K0iMU6j9;OKZM@S@g*sj`4e&KngO$xVp5 z5G)JGHkiR>!7rVKKnB9}7iOv;ygTFC2E_4Vt%G@<6pG|2YG>%I(_RED*D+N=j#8)% zl9NHDk;CgjUWkj)MI9~s125S0x}%2Cm(i(K9Oy5Ni!BRpYxVgkp}f!bjq38f(PFsXcwF{)I-+C z^2PPw#3@IgtdvibyzeH}U%`m^IudiZsVcqITj&*!Ly7(l<$nZM8gJZ>1Z!wjZl(iT|^&3bGIol6c zZ>ge0VwSCBaG2F)4mnSpfwK8xqalJNACQ&^U}C)AO3X78kBcmx4NGeY&j#-O|U3@*e8TNR8ENREh#i%Fdz?f^#sOVF&xxvI@h{D6GOBR-H**!J z7&B~}aFe5*M~-+LdsuT`Ea{S6#4tq`ytatP(qG|GUZVZJzIx1ovk*-Xi&(sPY)4)T z@}O~j>MBSk5Xs|EO(AReB+U_Jm-SY^RbIFs#H_lTMlYP#G?MeaG33w9c)Rkc4`DfD z{bku@)Mn>PHFh}*m(SLr_W&+aZ8$GXqa{nGPeF!RZ{4gJ;3b7dyAC+;P&eLeY^)&8 z!-Bm+?DOu9^9y#YlCtcTtjH6`In%0#2gy578o0kq=Uzr=QT#F&`8dYT7>WK;!3DB1 z_CBoL@1nhpivYCFtF3Kkq0D|0LEa^hWA1S{L)#!uWY8W}92gq|JTm*% zb$yPqRW8K+G?^x3n@Q_{lS;LXmfWb%N3vc^_O7x~d!J6085b9CS@S+)$Q_@GWuYRq zq7hO+I8eQhrX{tK^5_TW%6)(-FJ#HeK`c*`A;0RJORm`BhP4$izMo|u2fB)#`HGb~ zAb#XY59C%DpF;f2RanV%C_dDH?p-ur>$*^Rv+rwYvGvHVkQ8k%W&Nuu)pN81w zEmQ|8W38>9l&7uXKWSY_cILd=3!Hfm;6Enugw=(1sV|q3XcUUwQ>^zQT8fHt-S!)_ZR8bQmcBLaAV)2R!NA1S5EG7J8@@1b{6pf@enbTn~p; z+%xOal&><6%;{uh)aS9qhcPZ8EZz$j zt&*VnHi3NbZ0|*h@|xcGlvfb-w%4u97&-KE>7-_yu9!$9wT`g`OPrvAa>~wGJ0+_K zh&@|id(a7{{kYc@9JB6Y8A^U9xau&9QfA@|@PVPZn;_YU)+j1UsnMvK#A5+4N zsdViF-6=jcqAk;nvgoJ1!_x4yrHgA}$h2aIc~A{U!yzb#2Hk8tIkukCjMl~9IP-E! zS$PV3ySge%6O&+bX+n`wl-%O*mxI<`nPXlM&U$@M1VN zpWHVZ21)^3Mrr_0$*5?0R!aViKgO}C(W{G$S)uIqyl^;X(8&W^tc{Mc`XEnE{_jFV zJ}<;6paW_bc8Az^orT6^M)+wcCyWof$F*ae$v~->M@E-CK1M&d2(g@nPV3Z-CN&L1 z3rK6jRS@HC(ycd44+NR_G~?$(?u~zDhHRbE=k?R0dt;iU2ggq13AKQ;a>XrmBO?jJ z%rQnRM6c}eaSM+DjO%7Ng1flxTX4~hB~Gu_A3dG^h0e`in=z}#$GGvYG0om(&(1qn z)V6^NCLccfo3l+kGO}Rtjf1Znjt*|(D8LpKdO;k_9G)Tz+m{vg$>kG$cvjT3phQE88SKV+=hyW5W}+L{ZO{gy)NS5|Z{BJ!h@lQH+JLI*s}vNqkCux>ig)3N5^N!F3V_ z7r~5s5#-2Uh!B~XUhXVDy3!ysR)5KkQnO+-p}B-rqcjf@ps6c*$HkY&c}n$==snOO zqoYSxA;J3Sn(2)9NkQ<(nHfJn2Z%SjC73sDOdnf$5#wBeS01@$6QpL@?G^*zC~inF zz|@{v+42;oj7$$sqgBn`rULBT>vsdjB~UIesqrR;$m1Jo$dB5w^MPmMZRJ(j6~vqu z8_SHniI-^ip?o>liU*Pq#K$73=WL<3MIOSNI-u+A&IYfNFj%Ddc>NBwl+9{07fWQ$ z3L-MSTYBW0im4X0MfzX&$k-UcjZvGQds9Vk#t#RS6~9>`8!XvS?p^hIj`2lGLp;~} zB*w8gpZcVw*>TrAMc*SML=`HwwDH8A`?Ti6{4p!Osdp-w?_iD?-t^`&nxLj2xrG2i z<|+(ht63P23KqqdZF>QH34``RJ#Wt|UPaS1?s>6;6O_^tBT2kjU{P;qs)LvI{X=x%?6i9GXkV-_l0 zzx71dz*!qnd^3N%ls|?Y3*j9@3pMf0&Ud@yjdL^p0S@O9000QK9@PyajToNkN^PNgW@(#ufVzj#%HE>&oa&E*{fg4wSYgpUC*DFK% zrTMqGjPv!_jfbT&5Hn+Y;2tW*RZOPFW5@U|JF`8_6V-9>8ksxNg%hLwb^zaiSCUBu~Dm^fil#HzKzN3sT#7#>%kp4^TtBUn_+#| z#s$i8g~nB7G_&1aNN`IWOl9foI8l7;^B8O5Sk6KZ-Rs&}XYD(Ay|HBBTam%1sKQwO z9|<#}w`C@{fKv|;ZzzMq9;m6W?V~r2aw$I?;?=$B2-fJi5EupIckN8YG`eKhJFclk zB*`b6P97uahi|)^k;6K&!s#)mo>7HaG9)cRVz0zSFpDD#1@ zdWt8S#$_C(PGdP+t#!IBWS}QwA6|*<~Y#8VT|a5 z{vrJ}d5Y&BlEb{Yw@PDO`NRxQDlOQkk>pxiHN%QJ36~LOF>_9(2;#JDxs za;UfpHSG68Xc0^qAb0qt=<6KhPx)gGuUzzu(7Qyf%>!eM?N)J!Iu~Hws4Mhxr-V?qdj@!O)+?pJOS= zAhzS~=Ej;3rG+=%tR34};DkR0yF}U-OU^-qSYxLVhqK7F%VyK)bo}K&geM&5OqLuV z=!SgHEEzR7!}u4}79YX*LQw^G6bN#s2auB~M=P#l8kPBq$9V3kKg}g{+O0EjEAq0z zjQL}56}z3JiGN6OG|TYJ8Qz#T-OXv!E0ZE{dK&_Hz%$985Wi+%*)4kHyVJ zM0w#=PA64xgzq4J6D(+M^ke~JPx5}mci)pQ4xYlE?|^czj6aIEl(eNZ_AQWGFQvqz z(0G<90p%r5=6fjGwNpuP#d46QW+#Y`K`b&HnY#!u2xCL#m(0_j>gR#=mz~!hK<@Q> z{;N6Ao><3VIV&SO%5cF_^f2fb?ji1AL`KZHG*^*HY-=rnCcH9$ud#&K!E34$e-w&) zdx?#57>%dSiZ!S+4f{?$jTPk7r;hNF9mhsdYYi$}$s*ue0pozOJ;!Cy>lE7d`db+1 z-$P4wV~$9l3_Ve}21)-cLwcUO=W|zKnoQxu+nD4iwi`L+_N-un7HlT0cpYbO0pCUE z)lcD$4r4fo$yAyojF=mUp|ao9TGrCK_6}8!ROFwSTgO1$n14`yvn<4X^3d8MRS&^M z4>ACehVu)xO%!-Y&MSLr|#HoqQ zE|~B!RuFCQ$%@)VdbR=aNSk2eC|K5dYNC@)00(>tFLj-G)Jfy08BfN}DB>SXNR(rd z1*o3F%`CYnj>UVE^k3#-;ncWZtR22y@~lTzUdFT0@}mm1D^#&Kj3d}*`8B^^f;Drq zNtC4|M1}=lcjDY0+3W(qX2^wu3?`xG*|iDuKKVP3*ZmW9RU!rtN>T;Y`H$&uIC zY!LSN)$Ure@B8`v4E)hVx4L1lc73j*h9mfhg_odBG*s2F8ip%8F#+MXuSNb=Fk^s>lW)`?)|!Z) zDB1H5rd0Z6ip+t+b}~t$g<~CtS|dw5S`)eATNRQkL>Cp}iXLsacu#xmZ)1FEgfo)h|#u%5=&VmRvpM zg8~a*{%qH^?sC1jk)8!FgC-qzt?l_TLt@o3PKFT>mY+Dj>neT=#!1Ja_#9FD`GXWE zfBVIU?|*L*V~b&*-ngnN$Adu_2iV$4{A8oC%t^zwv097&Ss04F_2emP&|O$D*Br7r z;@(+p;+@~@pKKR%ZT7^8HQRX*9tPN6&B`Vh4P^YhS z)O`TLe+b*e_aZt+2g z|5+IORWPjMDNyJz#xdOM;$0c;yAHmYygdc>EcE;XUPC+~A*-{QO}tqOU4?M16v7|; zasEfHB3d}3AH_huj?QT}eX9}_9^VjX+J7Gi_p82T93KYw_`ihl=_R~7@txoGl3TaP zzFYL*;k#uDEkDgK|3`j<|F)~h{YnNttQxg~j^$NdOSQi8=>J~%g;@KTyA{9dSgiil z$Ncwt@5;>ka~}BoVg9}T|LbG%*AvuU;hUaRM$(zJK87!0000Pw}O0D4Q0000MbVXQnQ*UN;cVTj60B31t zGH`BZATlm8E-^mZY6buR4X#Nvdtzu7Ua$uytV4aM7T^e=-uV_XSgh|6Sh z^TF*HarZJUR>5s4Wx+~@ciD`~x(=Op{HF7~OSX50ashW!>{8&}=N^VN+Yse$yX@?J z^TT+{whzX1&uol+!VGTvHsF?Nym6Tmwr9FD z&O=(bEok73d4{o+(7~p#a|*+2#fJoIjWa_jqwjj#g<~*1))9=sH+nPVw~u zu=|Laxeqg!vb{14zOJ6j)km;{$D=|GQ}W*9tB2Gx;^P%pNw%Z6)l;9%n2<(_yw(|z zDfYpMgRverFqZN4>O=4z-tMh&&FA~tru)s_toNH@ZQJLMi;o)fd^qUsem>e7>q8pG z!NRrouJ40SF7r`#jSZ=kA^KZm0=6@xb#ZxPu$rbzWf?*T`~XXZnMTa=$UOL{>#V)` zu|&VZCq_aC7Zx0Y4>#MTIjQCGXyYRX`=u_xCut7rYif)Hj{2mGsp~=<2E_gPH2Ua6 zX$R+eE89!2`E&}z9KId8Gz=lplM+ENFHvAkYT%=#3gHySq1`pBq3K(!2;n4*6;-G;m0d_saO+1-2$ zDZ*&=(dEj{T1M0!^E4KXOgqE%@4w>fXRKirdA9+606>b<=|$~Y{L5?lyZGLH)KJBv`xTnQz>$ALaUph9Oz-R`#Qu?zwN zpUmru^rD9ux$o?_g$9K~QV+EZ8-*0*e45LMXzIeUzFv#tUQLG4b2WkC_6oNLM=BO# z65c>a`%?z~%~Fb6HC#^_CK6VLl(mdx>@WBkGOOa4{NBV670N|%GPi>oO$m5!7{(YW z(=!E7$ZGs;xk3rn02!noRh+T6geVZ4r+z0NRV&x+B8Nr>MCVZt$ALBoso!Oq7Wy3d z0jUZGsd=8KX~OR^!`u)pBICF>b<+_>IZrAz)9eK+X4ngnKc}_0r+*qL1>ZtibPdaO zDKmdiEtkAZumuv(+Naw!x(K~RNK%1cN9svt7Ssvxwy%cRu0kpk=wHc5UM~m@zJtF+ z$~nn`Q%Ia8ku=s4uRx3sYc>9z(s`-a%%N z?TJz^2*K#lTWMkx>N~ZD3T*`P6jG$62vFZAaW$ckSjbK*c0bbHApJWp+d~Eo1e#pS z4-vhH3ql2KmBDu@A9-?aaua^*#n0NC@1tmhK1_31vt6CL+)MfHN) zxD*RJLoW=7hONq=d_e{hs2`*bW0ZnIQ0oUe z8bXCJl@O@Xs%b9BbVvurfXMh8FDo$!9|zwfG-{iMDw=cV$uAVvAQo1scF<9v@ktjc zGik(aiesMUfxQ*2Tdb?L$`ll$bydr1ty#@8 zCXpE;vs1g4lwvFrPZ&vuyw_A}EVib131l@th7by2`dW%fjHFS}-)XL!V*-c_5^jb% zy}~FC_x8S&{83AOCyfHMFLHCqr%T0ml-aWChCkXSn9?2W+r#qL>I;y|-Q|*t7c4E#A7%4bFg>d+&+0`+1Ytr)93RUJoWP)7Aef3mP=Rrm{ zYWHSSMI=B5HuG$9?5OVA9Ti5(RRv-KEIW?0?%;pRJVIrThs-K@P8mddM1xSFi;N}X ztF2r6JtBu}5PPEx_NRXRmKhG2N)hl~u)&VaKA{_vBe;u9M|D(&W36=iNQwX%wlfF? znSw4dw$h3sKO)mgyX;tngp35ziUWt!2lqf6mI3JleS0SrX24M)_DFlb$b52hzq3uj zt=iT~yKU`FND@AbQQV3N=ZlE2IZyhRY-D3}+&NrfSIh@;aNp$Z*X;A-0-?FzA675$ zefO0M`}M}xND2*x$^So{`Pb_kXESae3()@?)_tdy97Xqk0=?p7au`w7*L+qE)CWz| z2f+_C@Ok+IBTr)Mwh}-7`-@^-xH(Wb9*X0IVI2eBAk38QA3&rp9PtQx2ZO7tgUa3U zNsAw`g8O_;rFsmKc{EgUM2D#CNahqyDp9*Xfuv92?_<|j_md=-`;b_I=UJezqjO~4 zu)B;;>5!X@bRh`JtX-VMDvIfZINhWdJE3X3mV|R`V@tR9fv%LRc8m%qXub8wZ4y|pnx4K40;`s>42d^Z_W!f4h|fL z;Yz2-Z-rQgt=-KgIH?xiL^5{3EKJs8y^2GH%waewGfo<-#c5gG3Xk}wt4N}WOomzp5@F&}VfywkS}TV(THxyuf@G0t zFE~IFVkRgG)>LaZ_^1-95t#X*Ad7%uMDb+5{XC} z@F$E+G5K=Dc=W9wD#@YQT!)Szy^m%)FrZ283Nh7CYvuUz0`tzla5m{em#CvkJVj?n zp{pnz(;1IvZgRk>-62*O23m7i&DB!3!Z zqY6Bm!)iPyJ=^yWzN2nBk@(gF9U?DFp31ak@j~8Si+se!0mIHxpj+qJ#dmdh{B~gp zzj&48Y`fz;2R-}CGD(#e&kpnY%CF_MVtNBMa7yW2k6{c=|M9$(u>9Ws8D~3FNk)C0 zpmbp41q%vi$Fx_7LvJOZNIfEuJCN!z3uJZRRsFqb;&)tPFMb_3h4mFke}S5A?_W6E*^8b*jzkW7 z)kEE54kd~nZ*|i3PO8k8K3CKIq0b59Iyn)V_qT?J8t_WhMoE{xF{pD=P)5#S@q8=u zdoIa`cihqbOC60@HJxgv>XiA!*@xvy{M|L`wjVgB)f}u)*%fQH#Bz1XPMzqSS&DgQ z>nji$$Uw3Ye&441fpc2zK^q+7>OLB;%MK%hbTs?X&pQ8%H6^8$ zH3=OlHE+IgWOSD}5FF{?Q6^a#OAj3Ksz20u9&Pi$S&kf47;wQ^nKdb5wObmhLaNc@ zd4$}bIIgpPp9XdqIrAx{9O_Jc&&sCn2D-|DbP^Kt^^!>c6-U$i8%Qb11tx*D_VPv` z$V&)01(FcuX}27ocpd|29OOUZ;3o5_T268HYZ#X+d*bjXDbpRJtRAW}?D#SQ0dkiV z`fNY)M^5L3)>?fhv$Fv?kJPb4n;PdE{h|_6258WL)6)q#Xog0u`SbjM$57<0yxM!C zCl1QnB6@h4dcJqvJ{!+E?>Bj?q`pr=eRT8-I~n)Q^jF>4BYcyU^w*!?kPS_3BZIT@ zZk_oU5&9W_-QD@_vKy7q=IJyObiuEw~nFvC`ns1_)LN!QG`maY=Cr zP>M@SahJn;&YgQ_?x%Ckf9Khmoqc9!f4lo(|Igj*-7{R19=Xj0|-2^dMGVb`Z-8Fg-no2ZH@L1al$l^f-2}{f+1j|)* zQtOQEvkJWN3@0Lf@|1>_j_o-+2Pc=Hkg$lTn7F)xqLQ+Ts+z8zzJZ~Uv5B>ft=(ID z2S=Efw~w!%e?Y|h50O#PF|kR>DXD4cpT8jT^1l`oqKeSP)it$s^$m?p&0XE!dwTo& z2L{I{Ca0!nX6NRAt*oxCZ)|RD?;IQ+9iN<@onKu3%Y_5L{V%Nh{=dNfKQ4-Ut_OH{ zxOl*Sxo{r%-UluP9zHWa0i~=q(8}X63nYw?N-iB(&@yi+(J4Izw>WB$x&;v)v-NX8XTmdMG|!g$WAvyrs;q)0oX)-iae zPgfD9IPJI0$Zs3yhB&WJf9VCjteIUWE+@;QsVBkjD|m8lS3_dgp&t>y#b>b+FLhwG z$iR?L)H;+dq^?M1L<*Dq#FJ``X-KdwFZ5AihfbzU>}0U7I4y5Zj8SX%P^2!Nto+q@NG-u~Ju;2)%O0K4%-C=H8v20jYBk>SGDq>T+%nY@!s zUT-8c#IvzZ#He+LKa1wu8#kP!ws1=<`}NID=X=C4=6vcSk;RZ!$B_$fe73t9L_wub zax;fMr0K6FFUHC+0ugc)U>OPpD>0Z1uGqwKew1j*`xFNmI*U~4qlzyz>Mb7O?-o=1 z?(C@~fL$>7$7hCo`;(;bIPI@i2$#y&C$u<~0{y)n$JdKIs9BfeDWh^~EeW;L{^7xq zxaHR;tS4Le(*8#AC1V@aZVj60q3h=elwr00r?|2hff|acQGVpoN<_)*#dF*2;a5FG zF|_+ike4~gmFhzH#;*3*{9J{O;L+KTppn(L-eo1JNJV|&22~fgLvvc``M)o!z(7EJ zTO@G%TOX>7UF?yli3WFDaL~{6^lMzZV5mA`k!}^H48BlfZ3s&1^}~mqPZ`w)ljuC; zY4w}`E|NAviwE}Z37aa{v(68N`g+UyP!}EX1?;stB*O8O-RC0`!+TM8STMVbyA|#uc*?S|C*0MyAgH zwFoEqy$*?h3u8Asb&C<=x3gRAh4TEQ@`jzd(Z}jFoUMR~6l-d)xUHEIgP^30`nI5t zS{4qKWtCCuN3(rTSe%o@Bl?)&T;BselqR%xy{-Z~zfGV5Y%*v{%*dRQ#02pN()EZh zuyqeOV;JcZLJa!Q^o&_h$C=oHoF8xM>LUpft!1m1gT5YQ&0=JxqZ?+u9ds-m_fGEs z5jXznyu3MeS`&j+;qH)tDeZEH_X&Kttn^G7xu~DpK9`B{f1cd|d^7Q#z5CAfsrL(0 za^Jx%GsVl$^4k7T@!LrtTLi*ohl z!e&Wz#uT+TVUfFVeBUd7n+A-4=Mww_$pe{ZKz!5^vn5ry9)zjh#T|EXHW@cnIh1~vWOPnj+ zn^RnqXC+&)5Zeh3O)q0@mThWHS_w=SU7@xR_Ly0Sn3y;yZtkfYX0n-l-M#SbRSJIJ zXMW5o_Mpi3<3`okQ@TXG%#LN5!{DHidCsc->fZ7;8oSuZU$X}K-duw;jNk2Q_PnH| zw_f@I7PERD2_Wkv9G{^5To`SQ>m%p;XqndZi?e9+Qq>F`w?-;|{PDszAhCW+AJnQa zx|y4oh62)6p-w@*i!y0&A|M|Ag7lf#-|HLh#&X7`MZWb(D=rdN=Q*#{C}7y+KAH4M zs-hFeRsap>l``k_jLT@cVXI$lh45UMgW7xN#LP1q;Dv!@l&d#Uom2E*UWO?aJmxh| zKN(EX{p073O4gn@#;Opj)^)WXvuR3OG;N8|fG>2f#Yhu&pK_gJ*ImuHDs%)Uwxj}& zR0o>!rZ^_LH6$!8%|~N*4wrhFgg5kKB|j`ILL61>;49Q=>}1bKOCG&9l&aX&nc@*_ zT$}wVAVBjG;E@3Pwu*Ox4tjo6jySE!D|xkPuLbC2zue5;FQfV?)l8q%%@(Ea_Sfgo zw_(kZx4>>lfaE=vkU;+C2W;k0NUH6-h}MfAD%A>e-JJcBD~&f|a>l!dZjW(m6NUk| zFVOwV!7$TXdZP*1dZVM-r&qI>pJLlR92x_uFF@j@l|>*K$hoi+QtE zA+VW3{T;xb7td7Q^-si7Q^!-*Bq)kYgEdqjqFPR(Xh2KpH`8EoVa{gPwD2Ywcp(_6 zDPoOxxhi_0x>~i8jCK&zd#UD?t1Y$E5r4s8^HghL?=ah^J90TL#A_ndo=@>hBeWK& zV0_X1_QFtRd5*l{il0Qz2=@ z($ij8teb94Q*-1flkkcxy?-yXjI-&zX>k6qB|Gg;EOkbOXtJ^~*dx-*)@pm#n8J}4 zVZMC~wB1HAi~|E8E8rNlTZP40@0IVB~2}A4Q2;{RC38!RTBH zM$V#~Kh%9!0e&{FRN-k|j<>i2WP$cKimTmjC*{7ctv_12cENOPacrj6%KJI0>3l3o z%`icYWhpAcI3nj&N$}@U$+Oe6^;5r7@&2(@TuzmV26<%5$xfM1gi{@w&i-2_YA3gzm1Eo4FF;GSb8 z^p}ar*SmDLr%rt2f_cXOaMCO?YL4nHUwY&IL<9};|C4RYHD!}_nZ-ceGrzQiJr7ZF zbuGNI?OBf20E_e!qu+@21Kz%KytGvHc#=fxVtb}j7C6lIZnp^ z9=469#SZKbVc4U}EH>;Ax*f2ZC+wS2812|3P8(_F#<&6IxL04FhiJiOb`1)=vSCO) zv$vv_zdDwGJ7^oh7NDoQ=XsfbDdnCBfGmiUKd|SD3Rb2grvKO=w;9PYtOsf<@Zu^Z zmQ?z6n^d~JO4H%X#wLP>kSFO5UJl>vE&@1(oK(}j zC>3l|=S6zin8Zng$3s7M$lO*>R^&noh8Vq0xz9ZfTtxcaalb8D0AI{0^0s=qZe&x(~6NSJIb8A}?PQ#Nd%y zcQmXfn_74&SwH>U{u+>qk=cw57NMzBG6&VPS1YATI60#5&Ki$H`DeAK3K&q>zS`iaK507&55JpiXgzP*VNz);c zl3{dr?2DS#o93NLV4=bTl)>}!DI#vT3yag~vQmpToIX!lOEy^c6{r>FyZ8vEaq0Uf z!FPV5F>@wMj`OMOJBwx}pJwB#>2cz$^ulHzKs_DR^_wSxbk_&R)u|4C6;kY*)(4BN z9$pJ7H72Xp&p+nMZe9)-I1hHLZHCv+8Xb=`?Obf1>&I*%=i`dc8Te)zKF{1wi*h! z?px62OxX6t55yfHt%vu|*SLx$kPVsJXp(`$Let2IXyfy8WPEj1Rz+(=($*P;Y2{G+ z24L@#XVYf=E6^>n?qOj%YX~=grFSGJ!aF46BTgT^&y9xnm^o8IaO_U z${c#eAwO4yRcb$VpJs6)dxUw=BR(WqOy$f|GkNgCV|S?*9#N!T=$xz_T>8byTTURs zQy_U1irO@n0z>lB?1+J$9&%sPen|$c{iU{Byvj_>THkNw7o_yB9I8a6srEhtBG3P3 z+UU2rX+9O#6X7qMGY~QqyQKt(UAz;eu8>AK0p6I^FR938l9>$O0p5QqXQP$s7Yf37~f9*rg- z#1UqUYWLsBc!+GrLk5q%Q68vz*LjAySV5}|4$$i5pu{wF4PCF!#KngX@SdAf{vG<3 z{(3&Z3$!W~MU6Z|jC{slc~mkJ5$-9Gyp2Ro1!_#?Oy?q)c#;(H+2q9C1v)P$HgwKZ zKM{>P7EiJNNSA*zFI2x$km^%Ekw7ST_33%M zTdPk0zMNnIo+U$iuxrjhUYl302}Y*+d$t4wuge!2XMD)YU1X^deewOB(d*2|@RSJk zYGZ{GfFY%SlL2_6SKyuFI(1MD7K z@k(J#CL_*O)%=mnGOPX$$GSmX1XgcjW5f4^Q##R#<(~>y!q1?DJu#Pjl2KUVuCB7J z8;^8z^>QvCd+X@FLnVNA^0)2jG!Eu^rNc=Uq$=7G zUg7EDwN2~McB_bSKD#D>{*terbl=F(YF{@eFBu60vDS!3vR)E%xe$XHlSv>S{FOfs z5&+mQwbhu2`N;q3V=wE&(DrHb$))8sv0gOBZ#+@73?4HDy2w7WNSR~xbsu2708;8u z#&XkiQpX*t75UsljZd#xO4C*BTAiF_g=S4`br6>Za|ft6F08!;C-zf_%C&{_iQ&?U zfxI`G9XSI<77;ft7Pq4^9wS+N2CW(ml%#Ht|@M?a?u^Mi9rZjATttU zrcZbV;a^Y}OL)r|5$Ai&FSj-Sz9i(1-%~h=Kore!zem`7 zS?P4ZSCdb9Yb{*;t*Z+s02_nFvPr|V0m&D%&yJ-!&rm~jBaeG8=DY7*Zd(r~%2j!u zQFSFDp_DwcXzP(UV<^*R@)^S=L!zZ|c+|Y9e?B@dx1lL=M{2*(YQa}`OW9hlj!BAF zM{eTgGp{f<+-Lv^d5|0*vUpzhY#*R zg+yeg7iwWwiB_Gv3#1;MxY$Xf1Z1DxoQcyr%7+$DwxyqxeL`@HOZ251Q*`YL<;x}w z^ndF1bza?gI8iZVxHvAz`@1;5g#R10>cXIwhl6xp5`Z-Uu%iLf)!?nG;HmDujUgKF z>FlQk!rfsLDB8R$gKX{Q*zv9>e#WOww!M1-Nae+|Gse2Q!dc!dd*+8tF$;Z@_w^6s zhSA^k;;T$0%81a%CcI0wmH!qm831`{_g`{ij=XpOt+1)=k+c)DHk6->bU4-$oS&j! zKr*Hc`ZQL4>C=&`TKsV^(7F3(Is+Kv`i7ffvD_?@O-Xx(F$W%!Gozv5rAok{AC*g6 zdcm{b!VqerYf#4MCSCa0uR=+QvVXKxT4zc7ja0S3h1M@ph><2Ayqh>9G?unYclhA$QG;!O)ELv0h@T#j(f4fU$VcD3XW0G3`uap9j P5q2LcZAA$5Ztgz-lcmb3 literal 0 HcmV?d00001 diff --git a/images/mailman.jpg b/images/mailman.jpg new file mode 100644 index 0000000000000000000000000000000000000000..94a4c01122ab6d85cbbab57f540bda2af1be62cb GIT binary patch literal 2022 zcmbW!cTm%58VB%SNJ0{d5So+#p$Y6kfFwwVrMCs7MLRV z2m>erAv9eCK~y|xQbp+^RoV&&xww0CH*(C&JIi%gZMrBrG5zEh#G_Er~**6*0Q`2C(h3=j+H~nVgKi_e+Q6oKmiB?gX94&BnXTIvAY0S&I>?6e+KwxKwMx5 zlp6*|@bGd98U+C^5E#q_0Yjk>2&X!ha}Gd|P$4-jQ*L2rB25002=;nb30%Rfu0zzN ze?t-HOa2wXBX(R|LQ?63vWn_Ycp*R8EUq$kZ7|yd*4-y$%;K%POhsKq%l`Hbi~N{XAld_-UoDKWKl-{yW&O z|Cj7vuz$P80X{H@^Lbz-U;_Mc{3%UnDwNS`I-Lzc?hRR=t@jZqY?T;S(0k#CDJKNb z#%_Y-=yNgx^8@wU@yMR45ADs#@=;JaHIWADF@tFr=G?1|>dvO0ZN}v8#&68AfeB~U zVP9kC{VT87fWBKx8!ID*amqT~I}ha^92y%XZ59mwEuec|NbFz~2H~R&R6flx8B2tg zq`QXChh6}`HMri}tv6GV-%fb&D$#c@u-T_@x#aQV4>s|$hfa!_RjPNSzf@j%RF-)x zj+nJK>@nNI9G0h>BjOc%<_~{UJ?|ks$^#3Dd>Go0FQMMnbVp7`s>pcuaW4yF?W1!n zHm+fP4r7t~gs|-sKk}wupOHljU@EoJ&s%B+*NMVbwgh7Y+axQL5^46aB4(4lIGn&e zbCs8K3Al+7)R2NbRT6J5(mhV~9KzB%ZtA0|4&nP0`vPwsw;*k5yjOg2(sZ@AWq53bc&%&a)EYdJ**u>GB>`42i z-)Yra$1^{HJZWECZ06l_0X@)dHS1bcKLxjEftW|(;D|EArjc^1ecWqsnv)ZwZqts(hIKGTn|QKy<9mm+gwyFDHo!Ae^M)z5d$$g46_snKcx4VH+(Dd- zUiI#1XNFWKmV7o(bqm6?h#n&=)51!o9o;cIl||IX=31F&bq-_$lg;=AN{l6|@#`-U zRYkX(jH7q_A@_Y4yKAI^oX)<7(q;mhh7Wa{#2gO5oBPrloe&LV$uC=fxPd)lG0s0uHnQ>yCZ)dAIb*lrek12KW9k+lW~~|$iF+5(sb7pw^H>(oEdCj8S*ABZ1PBEh`jxa5wmSGt%1oL zX9M$bHzJdo?^>LDf{&=nPxrRnBgYjD)nFchx_VLlvkU%!-4BFCxyc4aTQmwiryzWRaN})8=T@8loixT8m`2&D+O(}Q zj5y5sXyCZvSvc4X{=Prlj&TmYs(lADby-;)rl$)l4|!J>#i}?x);Fd4@m!nV3)KBs z(N^+L;EHkKzLq#QXD?6GMe-S~B~rNTWD;!JHFC*Pq-)}8l1ga`L~ADP==;SF&7#Lg zLv_Rs45>zr{gxutDK4}znl(f-)lvw}1_FMrR4L6X43A)NI{cQakbe1AN(6D@5TU#t YH&Le5t5752rjdNl-Q>C~A)Y<<59;84=>Px# literal 0 HcmV?d00001 diff --git a/images/marker.png b/images/marker.png new file mode 100644 index 0000000000000000000000000000000000000000..16ee0ce23cbb2dc4f9deb31c15b7f9ee3430093a GIT binary patch literal 452 zcmeAS@N?(olHy`uVBq!ia0vp^d_XM7!OXzGxK=RM8pt^u;1lBd9|-PUyH^cT0R%0E z0{`!w`+n`%^J=gEEner64Zmk=zE4*Co~&4HC;(J&El6UDC5Qn8QHmV@-#`Dpb;|#> zE$`i0t|$5b6p-`&Kfm_<*isPV z`}_az@BLpJ^?z^i|Nq}@!{r=+qKqX$e!&b5&u*jvIbtQQ5hcO-X(i=}MX3zwnQ2A^ zdFcv9dPaJNcDJ(FfGT=DT^vIy<|HRDFe$Tf1T+SedGT;8Se$uCA^pJ70|(fI6NR_4 z1m3Y()%3~X)+LW-|0#^z2BOTtzsi^tKHsRg8rst!B^f#;!qwr`QWq1816(<|8($tv znm5mAz14KlmgK`L6Y|%sTXp0(%d<_|tGHKaNq*=&(LDF1!b-Ihr`Sto=!L9bI&;gK dDJ)^>i00d4+L_t(| zoOP66Y|~W~$8TncWBoI?5ZWjP2yqe7CL&8brLfI<}mi%aC5kHGZmVbiujuJR&y^JYM$tB8sE11Ch6i-i>zh14W4pQM~kO zWs_y00t^}YN%Q+U#s^EFquCE3bXm}_LfS>c?ls>UAX*fG8>mAQNMx9pXSj&!41kQ!tFa0|2IC8tWK+j)E%F{Tcj{F4*n;Oe=H-0- znR)j(VZ+JKJA2CBFDBWFa|q3;ZoqTRT)^g1Qz{VJ#Agx|f1}h=;LR8&D-60m=Ds5+ zOac{RY@IH@o_ipsB&lXgi?@P~)*ca>+HK}ety~9lRMf8Zd2Y@2>NZ~6bz`E+J(})! z$5(b1T~<{&Ix~oqgYN!{eNY4`llXFW=L#Z(e(C{P)@Z;hFAVb>3>b4*tsR zZLTXw4Ox}iLO>Qq#NK4FST8q8V%SuhN)qa{I#di3R&;>jAz(8?P;7Nj8OYrj~+(BOWP$AFZcRVmuGFXWzFZAczOZ9p6( zSJH0XHJ|TTI7(7T385G%KW~YGggrxL_-&4dq{StANe4m11R@^Fmr8fFVY||TqG1E~ z3x8BK3W`BzDfFkDsHxc?YrPU7UGk1&dD|l>VbmZ)4@0L(3VumT!5U{p? zDa?QLx$bj2USO%DGyU_sBNuj_@9(SaPWgtMpPKLKv2}fpG05u_T%-^4y$va#YzY^3x8tK)-<`+-YrHxj-FpMaY6$AnK zrPG!mkF5+)hQc5`x`gRk6P_S)8RLrT^A9i`J6!NKBC6)-f0?%Fi-kH^E^aP*qW|>v c|6$A7zoNbJK%P<=PXGV_07*qoM6N<$f}L7f`v3p{ literal 0 HcmV?d00001 diff --git a/images/shore150.png b/images/shore150.png new file mode 100644 index 0000000000000000000000000000000000000000..1a152b3617570288e71ff4892723b2eb8bdb73da GIT binary patch literal 2416 zcmW-idpwlcAIG2AN<#D#tr*5?8&PhNO2{>n&LCm_2X=QR9Wo6tl zB0DOxvo0}78kcxn$|#m6tezc}Vac=8@4Q~;b>6SfIiJrt-|s&s!^g{ARar+F0032w z<1PgGnkS#TloSDAgJh}65dai6_;~udq9_VMkW3~+Bw|#Cpoj#O2vLZKia9cfClRty zh>M8Ws8|jhRKkPhj6ev)lc&iCDuW>*Qw~Bt6G3299w9@hY#PX9PLQk)l9fO*Kq3HS5&)861VQ9)LQx3}!!nszB7tC7 zg2*pML=uS@hJ_F$_X;HvJ_PZ^Vy;NU6^l6{5nCu^^7(9$h$$2@_(`d#F29`?2(r7!W)SWb% zItZ#$sY)OS5C{N?1dz!92s*Jj77Qkq_N_oAkP48<1P&L^;j%?yDv!?8WcrciDaler>>P(qWJjmW(+zC^|q!)y@@@*ok6@+2rzgzzOO50Y^qlp~f&5LBKf zhEe2Oh+Iec5DLMlNP@x$DsM6D-uS)zgjS4eKnyYRa?G{h=t}@4^s?p85flT<{g(SJ z?8m}30l;P@50_)U*EwAOY^u(%#>9ZA-S6U1NkiqGU6je@*R!_ayQ3bJrdu2jN^xv* z3<@?%>6~4l9?i=g`)E{nb@9-P5w%(E72Jy*6K^*Mtlb%Rf+zKqQm(2%8tRpB^Y zu&M?mnJ(i@zB9z%OiE7Z2{Tx4a6FnY>N1q{@(Ct!a8fZ4X;4B9_Xj2S zh;I7Y7dhr=d3^5i+21z*gz3~8v?XoDDz98R;H6WsF|WMVXm?wd`IKd$TF5viMyGEc zh_N=04_dwQcL9DRdYK^9@?`e?>F0qp#snaD;1%b0HV&C7p`EwAFYmBWkX{cWLcUkH zUG0`XK;RnM4()xb9pfD5Lk=+*@l#U%E2juJw9yScy6_dhRsp^Q++G}vS z!E0_SQ@l9$yT*M-&Gf{CXl*H&oY{ZwIbMl^5oU$((cKzlpK_8~`wUg5ZJTWVWvLeo zE}iOO9gA4tuaisz2S~^bO!DB4XXY5qPmQlC6G@u{L+cfRPZvj?(vkJTM#}jTTl)H% zck-T}R>va~qb?XOzdYD`Z$w6aHa2}OiifdYvdWjeykZmHevmW1!5g$Go^m0Rr^s_{ z{`WMCb@~qcLqyDHP^ZR1)75L(wZKwsk}FI%HR*LoyRBeVk89e@T#QZ3gnWM7qSkb= z|DcVF?*#PW)F|!z;VYrtW(8T#J@%WqY%j(CA~p0;)^@eUx;VrcSJZ30dnYiBO3BWN z?@Z%o@2wuj#T(^WACsQ!KUt(~8Wg_uFxN>Y&SIxHB?y$S`Qzk(%E?Hk;gV z>CVwPY*I81zJ*KJffI{U{p^1?Q8?&HO!c}nl56j)rcbyMPv;CcVbl(u{4mQ|0g z#%#BJcrLfdEk9Si)+;|h#5T~L_9`MJPHpS5m*#mXzlgnq zLzAZN6d+}xgDpXFZc?^1`0j~hK}&{jnlPi}Q~g>FwY zRoCFWFOo^{(k zg&IEG7g08rsVjJ7=a86{uk7fyQg+%@+dpKWSv0LH9RN()%!|)noVJ`|8+g*om%9n~ zd&6>c9~5Nv=q>DnOwahb%~1ora<1C@`W?yHt!YnCu;we#2(?lsICt@%D*N=XORwFk z2J|0<2A?JludEi@M=D?(XF`67xIzRf!e6heP|9&t<~-uzy4P!GH=G>BABl73VSXI1 zj4ZBD4Za#0VNn=BB6+4_i^|fs-V`-`&=}jx%~LUX@`~v`x>4ywB>9$s;7gx#LE(%K zssG~^PTMV@?$JYS17C{ZLG03*(SIL(?6eG7s+<#G&rJTB5w-WhTN7!m?dQiu zO!uwv=PIWT_*{aAA}iE}-M|>V#|xyueqyuwoOfSI%aL0S8n!2COKpOVk+@Ks2Wb38kt)$$O19;I6OV0TPxP=){v8EXi|Ht8qK|7rHKdtk+x3_XlMg=p^oMrsqE zxfid2#9AGUEjr3g9SVIsPRYCU{o5i;qic^>*2Xt= z{eH@$MvjfgS=U*6hW#8*=cgv9>sDl}({Xy1=26iO^`4ZDpx$$=-~|k>T{vU)%&aR~ zab~buKh6OeL-c|c&>OEbzgknrSyqoeD}Cvqq|WQ;HPheNc?$mW9{#%0fEIhvx3y7b V^|$#f-If2EfQPG>OPy0t@_&+};wJzA literal 0 HcmV?d00001 diff --git a/index.html b/index.html new file mode 100644 index 0000000..66606b9 --- /dev/null +++ b/index.html @@ -0,0 +1,54 @@ + + + + exim Internet Mailer + + + + + + + + <body bgcolor="#FFFFBF" text="#00005A" link="#000060" alink="#E8700D" vlink="#003050"> + <img src="images/eximXs.png" alt="small logo"> + <br> + <h1>exim Internet Mailer - Table of Contents</h1> + <p>Your browser does not support frames. The content of + this site should all be accessible, although not as + prettily, with a non-frames browser. Please let me + know if there are problems.</p> + <ul> + <li> + <A HREF="intro.html"><b>Home Page</b></a> + </li> + <li> + <A HREF="intro.html"><b>Introduction</b></a> + </li> + <li> + <A HREF="exim-html-2.00/doc/html/oview.html"><b>Overview Documentation</b></a> + </li> + <li> + <A HREF="version.html"><b>Current Version</b></a> + </li> + <li> + <A HREF="mirrors.html"><b>Availability</b></a> + </li> + <li> + <A HREF="maillist.html"><b>Mailing Lists about exim</b></a> + </li> + <li> + <A HREF="docs.html"><b>Documentation and FAQs</b></a> + </li> + <li> + <A HREF="credits.html"><b>Website Credits</b></a> + </li> + <li> + <A HREF="ChangeLog.html"><b>Website Changes</b></a> + </li> + </ul> + <br> + <h6>$Id: index.html,v 1.2 1999/11/14 20:27:57 nigel Exp $</h6> +<!-- Created: Mon Aug 25 13:12:18 BST 1997 --> + </body> + + diff --git a/intro.html b/intro.html new file mode 100644 index 0000000..a5c4540 --- /dev/null +++ b/intro.html @@ -0,0 +1,236 @@ + + + + Introduction to exim + + + + +
      + [big logo] +
      +

      Introduction to exim

      + +

      Exim is a message transfer agent (MTA) developed at the + University of Cambridge for use on Unix systems connected to the + Internet. It is freely available under the terms of the GNU + General Public Licence. In style it is similar to Smail + 3, but its facilities are more extensive, and in particular it + has some defences against mail bombs and unsolicited junk mail in + the form of options for refusing messages from particular hosts, + networks, or senders.

      + +

      The major features are summarised below. There is also an + overview which expands on these features. Exim has an extensive + set of documentation included in the exim specification, + additionally there are documents on the filtering functionality + and other documentation is being made available on this web site. + The full overview is also + available.

      + +

      Basic Features

      +
        +
      • + Many configuration options can be given as expansion strings, + and as these can include file lookups, much of Exim's + operation can be made table-driven if desired. For example, + it is possible to do local delivery on a machine on which the + users do not have accounts. +
      • + +
      • + Regular expressions are available in a number of configuration + parameters. +
      • + +
      • + Domain lists can include file lookups, making it possible to + support a large number of local domains. +
      • + +
      • + The maximum size of message can be specified. +
      • + +
      • + Exim can handle a number of independent local domains on the + same machine; each domain can have its own alias files, + etc. These are commonly called virtual domains. +
      • + +
      • + Exim contains an optional built-in mail filtering + facility. This enables users to set up their own mail + filtering in a straightforward manner without the need to run + an external program. There can also be a system filter file + that applies to all messages. +
      • + +
      • + Periodic warnings are automatically sent to messages' senders + when delivery is delayed -- the time between warnings is + configurable. +
      • + +
      • + A queue run can be manually started to deliver just a + particular portion of the queue, or those messages with a + recipient whose address contains a given string. +
      • + +
      • + Exim can be configured to run as root all the time, except + when performing local deliveries, which it always does in a + separate process under an appropriate uid and + gid. Alternatively, it can be configured to run as root only + when needed; in particular, it need not run as root when + receiving incoming messages or when sending out messages over + SMTP. +
      • + +
      +

      Incoming SMTP

      +
        +
      • + SMTP calls from specific machines, optionally from specific + idents, can be locked out, and incoming SMTP messages from + specific senders can also be locked out. +
      • + +
      • + Messages on the queue can be `frozen' and `thawed' by the + administrator. +
      • + +
      +

      Outgoing SMTP

      +
        +
      • + Exim can perform multiple deliveries down the same SMTP + channel after deliveries to a host have been delayed. +
      • + +
      • + Exim can be configured to do local deliveries immediately but + to leave remote deliveries until the message is picked up by a + queue-runner process. This increases the likelihood of + multiple messages being sent down a single SMTP connection. +
      • + +
      • + When copies of a message have to be delivered to more than one + remote host, up to a configured maximum number of remote + deliveries can be done in parallel. +
      • + +
      +

      Local Deliveries

      +
        +
      • + Exim stats a user's home directory before looking for a + `.forward' file, in order to detect the case of a + missing NFS mount. +
      • + +
      • + There is support for multiple user mailboxes controlled by + prefixes or suffixes on the user name, either via the + filter mechanism or through multiple + `.forward' files. +
      • + +
      +

      Monitoring and Performance Tools

      +
        +
      • + The Exim Monitor is an optional extra; it displays information + about Exim's processing in an X window, and an administrator + can perform a number of control actions from the window + interface. +
      • + +
      • + There are a set of tools for summarising the queue, determining + what each exim process is currently doing, examining the + deliveries hints databases, and summarising the log files into + a concise report on activity. +
      • + +
      +

      SPAM/UCE/UBE Limitation Features

      +
        +
      • + Senders can be blocked using a variety of methods, including + the ability to apply a set of username or regular expression + patterns to incoming mail from particular (or all) domains. +
      • + +
      • + All addresses can be checked for validity during the SMTP + transaction thus allowing the elimination of mail from + non-existent domains. +
      • + +
      • + Relaying can be tightly controlled based on sending host, + network or sending/recipient domains. +
      • + +
      • + If all else fails the system filter can be used to deal with + messages based on arbitrary conditions that you can program in + (for example block mail with a particular X-Mailer: + header. +
      • +
      +

      Limitations

      +
        +
      • + Exim is written in ANSI C. This should not be much of a + limitation these days. However, to help with systems that + lack a true ANSI C library, Exim avoids making any use of the + value returned by the `sprintf()' function, which is + one of the main incompatibilities. It has its own version of + `strerror()' for use with SunOS4 and any other + system that lacks this function, and a macro can be defined to + turn `memmove()' into `bcopy()' if + necessary. +
      • + +
      • + Exim uses file names that are longer than 14 characters. +
      • + +
      • + Exim is intended for use as an Internet mailer, and therefore + handles addresses in RFC 822 domain format only. It cannot + handle bang paths, though simple two-component bang + paths can be converted by a straightforward rewriting + configuration. +
      • + +
      • + Exim insists that every address it handles has a domain + attached. For incoming local messages, domainless addresses + are automatically qualified with a configured domain + value. Configuration options specify from which remote systems + unqualified addresses are acceptable. +
      • + +
      • + The only external transport currently implemented is an SMTP + transport over a TCP/IP network (using sockets), suitable for + machines on the Internet. However, a pipe transport is + available, and there are facilities for writing messages to + files in `batched SMTP' format; this can be used to send + messages to some other transport mechanism. Batched SMTP input + is also catered for. +
      • + +
      +
      +
      Nigel Metheringham
      + +

      $Id: intro.html,v 1.4 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/maillist.html b/maillist.html new file mode 100644 index 0000000..b7b443d --- /dev/null +++ b/maillist.html @@ -0,0 +1,34 @@ + + + + Mailing lists for exim + + + +

      Mailing lists for exim

      + +

      There are two mailing lists for users of Exim. Signing up for + these is via a web form. The two lists are:-

      +
      +
      exim-announce
      +
      which is a low volume moderated list consisting of + anouncements only of things of interest to exim users + (typically new releases). There is an archive of messages + since July 1999.
      +
      exim-users
      +
      which is a discussion list about exim covering use and + development of the software. This also has an archive dating + back to 1996. Please have the courtesy to check the list + before posting basic queries.
      +
      +

      There is also an indexed archive at + + http://www.egroups.com/list/exim-users/

      +
      +
      Nigel Metheringham
      + +

      $Id: maillist.html,v 1.4 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/mirrors.html b/mirrors.html new file mode 100644 index 0000000..93846c5 --- /dev/null +++ b/mirrors.html @@ -0,0 +1,349 @@ + + + + Availability of exim + + + +

      Availability of exim

      + +

      Exim is available from a number of FTP sites. It may also be + supplied on some GNU CDs or with other software distributions.

      + +

      The current mirror sites are:-

      +

      Primary Site

      +
      +
      + + + ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/ + + +
      +
      which is in Cambridge, England.
      +
      +
      +

      Mirrors

      + +
      +

      Austria

      +
      +
      + + + http://gd.tuwien.ac.at/infosys/mail/exim/ + +
      +
      + + + ftp://gd.tuwien.ac.at/infosys/mail/exim/ + +
      +
      Updated daily
      +
      +

      Canada

      +
      +
      + + + http://mirror.direct.ca/exim + +
      +
      + + + ftp://mirror.direct.ca/pub/exim + +
      +
      Multiple updates daily
      +
      +

      Denmark

      +
      +
      + + + http://sunsite.auc.dk/pub/mail/exim/ + +
      +
      + + + ftp://sunsite.auc.dk/pub/mail/exim/ + +
      +
      +

      FINLAND

      +
      +
      + + + http://linja.net/exim/ + +
      +
      + + + ftp://ftp.linja.net/pub/mirrors/exim/ + +
      +
      +

      Germany

      +
      +
      + + + ftp://ftp.fu-berlin.de/unix/mail/exim/ + +
      +
      Updated twice a day
      +
      + + + ftp://ftp.tin.org/pub/mail/exim + +
      +
      Updated four times a day
      +
      + + + ftp://ftp.gigabell.net/pub/exim + +
      +
      +

      Greece

      +
      +
      + + + http://sunsite.ics.forth.gr/sunsite/net_tools/exim + +
      +
      + + + ftp://sunsite.ics.forth.gr/sunsite/net_tools/exim + +
      +
      +

      Ireland

      +
      +
      + + + http://ftp.esat.net/pub/networking/mail/mta/exim/ + +
      +
      + + + ftp://ftp.esat.net/pub/networking/mail/mta/exim/ + +
      +
      Mirrored twice daily
      +
      +

      Japan

      +
      +
      + + + ftp://nagoya.linux.or.jp/mirror/exim/ + +
      +
      Mirrored nightly at ~6:30 am JST
      +
      +

      Netherlands

      +
      +
      + + + http://exim.quiddity.nl/ + +
      +
      + + + ftp://ftp.quiddity.nl/pub/linux/exim + +
      +
      rsync'ed every 6 hours
      +
      + + + ftp://ftp.nl.uu.net/pub/unix/mail/exim/ + +
      +
      +

      Norway

      +
      +
      + + + ftp://sunsite.uio.no/mail/exim/ + +
      +
      + + + http://www.no.exim.org/ + +
      +
      rsync'ed twice daily (at 08 and 18 local time)
      +
      +

      Poland

      +
      +
      + + + http://sunsite.icm.edu.pl/pub/unix/mail/exim/ + +
      +
      + + + ftp://sunsite.icm.edu.pl/pub/unix/mail/exim/ + +
      +
      +

      South Africa

      +
      +
      + + + ftp://ftp.is.co.za/networking/mail/mta/exim/ + +
      +
      + Mirrored nightly at 03:40 GMT +
      +
      +

      Switzerland

      +
      +
      + + + ftp://sunsite.cnlab-switch.ch/mirror/exim/ + +
      +
      + Updated daily. +
      +
      +

      Taiwan

      +
      +
      + + + http://www.tw.exim.org + +
      +
      + Updated daily. +
      +
      +

      UK Mirrors

      +
      + +
      + + + http://www.exim.org/ftp/ + +
      +
      + + ftp://ftp.exim.org/pub/exim/ + +
      +
      + + rsync://ftp.exim.org/ftp + + +
      +
      Good international bandwidth. + Updated 4 times daily. Rsync is available of ftp and www areas + as "ftp.exim.org::ftp" and "ftp.exim.org::www" respectively.
      +
      + + + ftp://sunsite.doc.ic.ac.uk/packages/exim/ + +
      +
      + + + http://sunsite.doc.ic.ac.uk/packages/exim/ + +
      +
      + and also via http, gopher, FSP, telnet, NFS, Lanmanger over IP... +
      +
      + + + ftp://ftp.demon.co.uk/pub/mirrors/exim/ + +
      +
      + Mirrored nightly around 2am. +
      +
      + + + ftp://ftp.fido.net/pub/mirrors/exim + +
      +
      + + \\ftp.fido.net\public\mirrors\exim + (samba export) +
      +
      + Mirrored nightly +
      +
      +

      USA

      +
      +
      + + + ftp://ftp.quite.net/pub/exim/ + +
      +
      + Mirrored nightly at 2:11a.m. PST +
      +
      + + + http://www.us.exim.org/ftp/ + +
      +
      + Updated twice per day. +
      +
      +
      +
      Nigel Metheringham
      + +

      $Id: mirrors.html,v 1.10 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/overview.html b/overview.html new file mode 100644 index 0000000..e3fbefc --- /dev/null +++ b/overview.html @@ -0,0 +1,972 @@ + + + +EXIM OVERVIEW + + + +

      EXIM OVERVIEW

      + + +

      +Date: 29 November 1996 + +

      +Exim is a mail transport agent (MTA) developed at the University of Cambridge +for use on Unix systems connected to the Internet. It is freely available +under the terms of the GNU General Public Licence. In style it is similar to +Smail 3, but its facilities are more extensive, and in particular it has some +defences against mail bombs and unsolicited junk mail, in the form of options +for refusing messages from particular hosts, networks, or senders. + +

      +Exim is in production use on a number of sites that move tens of thousands of +messages per day. This document contains an overview description of the way +Exim works, with a certain amount of simplification to keep it fairly short. +Please address any enquiries about Exim to Philip Hazel: + +

      +Email: <ph10@cus.cam.ac.uk>
      +Phone: +44 1223 334714
      +Fax: +44 1223 334679 + +

      +University of Cambridge
      +Computer Laboratory
      +Pembroke Street
      +Cambridge CB2 3QG
      +United Kingdom + +

      +This document is copyright (c) University of Cambridge 1996, but copying +permission is granted to all. +


      + + +

      + "If I have seen further it is by standing on the shoulders of giants." +
      + (Isaac Newton) +


      + + +

      Background

      + +

      +Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the +experience of running and working on the Smail 3 code, I could never have +contemplated starting to write a new mailer. Many of the ideas and user +interfaces are taken from Smail 3, though the actual code of Exim is entirely +new. + +

      +My intention was to write a mailer that had more functionality than Smail 3, +but which retained the simple lightweight approach, as this seemed to me to be +all that was needed for systems directly connected to the Internet, where most +messages are delivered almost immediately. + + +

      2. Availability

      + +

      +The current distribution of Exim is available from + +

      +ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/exim-n.nn.tar.gz + +

      +where n.nn is the version number. The distribution contains an ASCII copy of +the documentation; other formats are available from + +

      +ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/exim-postscript-n.nn.tar.gz +ftp://ftp.cus.cam.ac.uk/pub/software/programs/exim/exim-texinfo-n.nn.tar.gz + +

      +The following operating systems are currently supported: AIX, BSDI, FreeBSD, +HP-UX, IRIX, Linux, NetBSD, DEC OSF1 (aka Digital UNIX), SCO, SunOS4, SunOS5, +and Ultrix. + + +

      3. Limitations

      + +

      +For the benefit of those reading this overview to see whether Exim is of +interest to them, its limitations are listed first. + +

        +
      • Exim is written in ANSI C. This should not be much of a limitation these + days. However, to help with systems that lack a true ANSI C library, Exim + avoids making any use of the value returned by the sprintf() function, + which is one of the main incompatibilities. It has its own version of + strerror() for use with SunOS4 and any other system that lacks this + function, and a macro can be defined to turn memmove() into bcopy() if + necessary. + +
      • Exim uses file names that are longer than 14 characters. + +
      • Exim is intended for use as an Internet mailer, and therefore handles + addresses in RFC 822 domain format only. It cannot handle 'bang paths', + though simple two-component bang paths can be converted by a straightforward + rewriting configuration. + +
      • Exim insists that every address it handles has a domain attached. For + incoming local messages, domainless addresses are automatically qualified + with a configured domain value. Configuration options specify from which + remote systems unqualified addresses are acceptable. + +
      • The only external transport currently implemented is an SMTP transport + over a TCP/IP network (using sockets), suitable for machines on the + Internet. However, a pipe transport is available, and there are facilities + for writing messages to files in 'batched SMTP' format; this can be + used to send messages to some other transport mechanism. Batched SMTP + input is also catered for. +
      + + +

      4. Main features

      + +

      +Exim follows the same general approach of decentralised control that Smail 3 +does. There is no central process doing overall management of mail delivery. +However, unlike Smail, the independent delivery processes share data in the +form of 'hints', which makes delivery more efficient in some cases. The hints +are kept in a number of DBM files. If any of these files are lost, the only +effect is to change the pattern of delivery attempts and retries. + +

      +Here is a summary of Exim's main features. More details are given in the +sections which follow. + +

        +
      • Many configuration options can be given as expansion strings, and as + these can include file lookups, much of Exim's operation can be made + table-driven if desired. For example, it is possible to do local delivery + on a machine on which the users do not have accounts. + +
      • Regular expressions are available in a number of configuration + parameters. + +
      • Domain lists can include file lookups, making it possible to support a + large number of local domains. + +
      • Exim has flexible retry algorithms, applicable to mail routing as well as + to delivery. + +
      • Exim contains header and envelope rewriting facilities. + +
      • Unqualified addresses are accepted only from specified hosts or networks. + +
      • Exim can perform multiple deliveries down the same SMTP channel after + deliveries to a host have been delayed. + +
      • Exim can be configured to do local deliveries immediately but to leave + remote deliveries until the message is picked up by a queue-runner + process. This increases the likelihood of multiple messages being sent + down a single SMTP connection. + +
      • When copies of a message have to be delivered to more than one remote + host, up to a configured maximum number of remote deliveries can be done + in parallel. + +
      • Exim supports optional checking of incoming return path (sender) and + receiver addresses as they are received by SMTP. + +
      • SMTP calls from specific machines, optionally from specific idents, can + be locked out, and incoming SMTP messages from specific senders can also + be locked out. + +
      • It is possible to control which hosts may use the Exim host as a relay + for onward transmission of mail; the control can be made to depend on the + address domain. + +
      • Messages on the queue can be 'frozen' and 'thawed' by the administrator. + +
      • The maximum size of message can be specified. + +
      • Exim can handle a number of independent local domains on the same + machine; each domain can have its own alias files, etc. These are + commonly called "virtual domains". + +
      • Exim stats a user's home directory before looking for a .forward file, in + order to detect the case of a missing NFS mount. + +
      • Exim contains an optional built-in mail filtering facility. This enables + users to set up their own mail filtering in a straightforward manner + without the need to run an external program. There can also be a system + filter file that applies to all messages. + +
      • There is support for multiple user mailboxes controlled by prefixes or + suffixes on the user name, either via the filter mechanism or through + multiple .forward files. + +
      • Periodic warnings are automatically sent to messages' senders when + delivery is delayed - the time between warnings is configurable. + +
      • A queue run can be manually started to deliver just a particular portion + of the queue, or those messages with a recipient whose address contains a + given string. + +
      • Exim can be configured to run as root all the time, except when + performing local deliveries, which it always does in a separate process + under an appropriate uid and gid. Alternatively, it can be configured to + run as root only when needed; in particular, it need not run as root when + receiving incoming messages or when sending out messages over SMTP. + +
      • I have tried to make the wording of delivery failure messages clearer and + simpler, for the benefit of those less-experienced people who are now + using email. + +
      • The Exim Monitor is an optional extra; it displays information about + Exim's processing in an X window, and an administrator can perform a + number of control actions from the window interface. +
      + + +

      5. Performance

      + +

      +Although I did not specifically set out to write a high-performance MTA, Exim +does seem to be fairly efficient. The busiest site I know of is an ISP that +handles over 40,000 messages a day on a Sun Ultra box. Our central mail +service machine in Cambridge (a SPARCstation-20) handles over 30,000 messages +on a typical day, the volume being around 130 megabytes on the day I looked. +The largest number of messages delivered in any one hour was 2753. + +

      +A system of a different character is sunsite.doc.ic.ac.uk, a SPARCserver 1000 +system with 8 cpus, which is unusual in that virtually all mail deliveries are +remote and relatively large, because it is a data archive that can deliver +copies of its holdings via an email interface. On a fairly busy day 14,014 +messages were received from 231 different hosts and 12,534 deliveries were +made to 468 different hosts. The total amount of outgoing mail was 431 +megabytes. The largest number of deliveries in any one hour was 787. + + +

      6. Interface

      + +

      +Like many MTAs, Exim has adopted the Sendmail interface so that it can be a +straight replacement for /usr/lib/sendmail. All the relevant Sendmail options +are implemented. There are also some additional options that are compatible +with Smail 3, and some further options that are new to Exim. + +

      +The runtime configuration interface is a single file which is divided into a +number of sections. The entries in this file consist of keywords and values, +in the style of Smail 3 configuration files. + +

      +Control of messages on the queue can be done via certain privileged command +line options. There is also an optional monitor program called eximon, which +displays current information in an X window and contains interfaces to the +command line options. + + +

      7. Method of operation

      + +

      +When Exim receives a message, it writes two files in its spool directory. The +first contains the envelope information, the current status of the message, +and the headers, while the second contains the body of the message. The status +of the message includes a complete list of recipients and a list of those that +have already received the message. The header file gets updated during the +course of delivery if necessary. + +

      +A message remains in the spool directory until it is completely delivered to +its recipients or to an error address, or until it is deleted by an +administrator or by the user who originally created it. In cases when delivery +cannot proceed - for example, when a message can neither be delivered to its +recipients nor returned to its sender, the message is marked 'frozen' on the +spool, and no more deliveries are attempted. The administrator can thaw such +messages when the problem has been corrected, and can also freeze individual +messages by hand if necessary. + +

      +As delivery proceeds, Exim writes timestamped information about each address +to a per-message log file; this includes any delivery error messages. This log +is solely for the benefit of the administrator. All the information Exim +itself needs for delivery is kept in the header spool file. The message log +file is deleted with the spool files. If a message is delayed for more than a +configured time, a warning message is sent to the sender. This is repeated +whenever the same time elapses again without delivery being complete. + +

      +The main delivery processing elements of Exim are called directors, routers, +and transports. Code for a number of these is provided, and compile-time +options specify which ones are actually included in the binary. Directors +handle addresses that include one of the local domains, routers handle remote +addresses, and transports do actual deliveries. + +

      +When a message is to be delivered, the sequence of events is roughly as +follows: + +

        +
      • If there is a system filter file, it is obeyed. This can check on the + contents of the message and its headers, and cause delivery to be + abandoned or directed to alternative or additional addresses. + +
      • Each address is parsed and a check is made to see if it is local or not, + by comparing the domain with the list of local domains, which can be + wildcarded, or even held in a file if there are a large number of them. + +
      • If an address is local, it is passed to each configured director in turn + until one is able to handle it. If none can, the address is failed. + Directors can be targeted at particular local domains, so several local + domains can be processed independently of each other. + +
      • A director that accepts an address may set up a local or a remote + transport for it, or it may generate one or more new addresses (typically + from alias or forward files). New addresses are fed back into this + process from the top, but in order to avoid loops, a director will ignore + any address which has an identically-named ancestor that was processed by + itself. + +
      • If an address is not local, it is passed to each router in turn until one + is able to handle it. If none can, the address is failed. + +
      • A router that accepts an address may set up a transport for it, or may + pass an altered address to subsequent routers, or it may discover that + the address is a local address after all. This typically happens when an + partial domain name is used and (for example) the DNS lookup is + configured to try to extend such names. In this case, the address is + passed back to the directors. + +
      • Routers normally set up remote transports for messages that are to be + delivered to other machines. However, a router can pass a message to a + local transport, and by this means messages can be routed to other + transport mechanisms. + +
      • When all the directing and routing is done, addresses that have been + successfully handled are passed to their assigned transports. Local + transports handle only one address at a time, but remote ones can handle + more than one. Each local transport runs in a separate process under a + non-privileged uid. + +
      • If there were any errors, a message is returned to an appropriate address + (the sender in the common case). + +
      • If one or more addresses suffered a temporary failure, the message is + left on the queue, to be tried again later. Otherwise the spool files and + message log are deleted. +
      + + +

      8. Mail filtering

      + +

      +Exim can be configured to allow users to set up filter files as an alternative +to the traditional .forward files. A filter file can test various characteristics +of a message, including the contents of the headers and the start of +the body, and direct delivery to specified addresses, files, or pipes +according to what it finds. The system-wide filter file uses the same control +syntax. + + +

      9. Directors

      + +

      +The existing directors are listed below. I use the RFC 822 term local-part to +mean that portion of an address that comes before the @ character. + +

        +
      • aliasfile: This director handles local-part expansion via a traditional + alias file. The name of the file is obtained by string expansion, and may + therefore depend on the local-part or the domain. Generated pipe and file + addresses can be (independently) locked out. + +
      +

      + The aliasfile director can also be used to test a list of local parts and + direct any messages for them to a specific transport. In this case the + data associated with the local part in the file is not used for address + expansion, but is available for other purposes. For example, files + containing records of the form + +

      + foo: uid=1234 gid=5678 mailbox=/home_1/foo/inbox + +

      + could be used on a system that did local deliveries without consulting + its passwd file. The aliasfile director could use the file to verify that + the local part was valid, and then the appendfile transport could use it + to get a uid, gid, and mailbox for the delivery. + +

        +
      • forwardfile: This director handles local-part expansion via a traditional + forward file or, if so configured, by a user's filter file. The name of + the file is obtained by string expansion, and may therefore depend on the + local-part or the domain, though if it is not an absolute path it is + automatically assumed to be in the home directory of the user whose login + name is the local-part. Mailing lists can be handled by file names of the + form + +
      +

      + /some/list/directory/${local_part} + +

      + and it is possible to specify an error address for each list that depends + on the list name. Generated pipe and file addresses can be (independently) + locked out. + +

        +
      • localuser: This director matches the local-part of an address to a user + of the machine. It can also be configured to do a pattern match on the + user's home directory name. This makes it possible to partition the set + of local users according to their home directories. + +
      • smartuser: This director matches any local-part. It can be used to pass + messages for unknown users to a script that generates a helpful error + message, or it can be used to send such messages to another host, + optionally changing the envelope address in the process. + +
      +

      +The configuration file determines which directors are actually used, and in +which order. It is possible to use the same director more than once, with +different options. + +

      +The addresses a director handles can be constrained in the following ways: + +

        +
      • A specific set of local domains may be specified, in which case the + director is called only for addresses that contain one of those domains. + +
      • A specific set of local parts may be specified, in which case the + director is called only for addresses that contain one of those local + parts. This could be used, for example, to handle 'postmaster' independently + of the particular local domain. + +
      • A director may be configured to handle local-parts that start with a + certain prefix and/or end with a certain suffix. For example, a director + can be set up to handle local-parts of the form xxxx-request only. + +
      • A flag controls whether a director is called when an address is being + verified, as opposed to being directed for delivery. + +
      +

      +In addition, certain files can be required to exist or not exist for a given +director to be run. + + +

      10. Routers

      + +

      +The existing routers are: + +

        +
      • domainlist: This director searches a list of domains for the one it is + trying to route. The list may either be a string in the configuration + file, possibly including wild cards or regular expressions, or it may be + in a file, or both may be provided. In the case of a file, keys of the + form *.foo.bar.com can be used for simple wildcarding. + +
      +

      + If the domain is found, its entry can either specify a single replacement + domain name that is passed on to subsequent routers, or it can specify a + list of domain names that are looked up by this router. The lookup can be + done by the gethostbyname function, or by DNS lookup, and in the latter + case it is configurable whether MX or A records or both are used. As well + as providing explicit routing for certain domains, the domainlist router + can be used to set up gateways for partial domains (e.g. for *.uucp) and + it can also be used as a 'smarthost' router by using the all-inclusive + wild card. + +

        +
      • lookuphost: This router looks up domain names either by calling the + gethostbyname function, or by using the DNS. In the latter case, it can + be configured to use the DNS resolver options for qualifying singlecomponent + names and for searching parent domains. It is also possible to + specify explicit text strings for widening domains that are not found + initially. It is possible to insist on the presence of MX records for + certain sets of domains. A configuration option controls whether the + message's headers are rewritten when a domain name is changed. + +
      • queryprogram: This router passes the address to a script that runs in a + separate process under an unprivileged uid and gid. The script returns a + line of text specifying whether it matched the domain or not. If it did + match, it may specify a transport name, or it may specify that the + transport specified for the router is used. The script may also send back + a new domain name to replace the current one, and specify a method of + looking this name up (gethostbyname, DNS, or pass to next router). + +
      +

      +The configuration file determines which routers are actually used, and in +which order. It is possible to use the same router more than once, with +different options. + +

      +Like directors, routers can be constrained to handle only certain domains or +certain local parts (though I haven't seen a good use for that yet). If a +router times out, either the delivery can be deferred, or the address can be +passed on to the next router. + +

      +A flag controls whether a router is called when an address is being verified, +as opposed to being routed for delivery. + + +

      11. Transports

      + +

      +Local and remote transports are handled differently. A local transport is +always run in a separate process with an appropriate real uid and gid. Their +values can be specified in the transport's configuration, or passed over from +the director that handled the address. The existing transports are: + +

        +
      • appendfile: This local transport appends the message to a file whose name + is specified as a string containing variable expansions. The current + local-part can be inserted via the expansion mechanism, and file names + such as + +
      +

      + /home/${local_part}/inbox
      + /var/mail/${local_part} + +

      + are typical examples. However, it is possible to look up each individual + user's inbox name in a file, should that be required. + +

      + Exclusive access to the file is ensured by using the traditional mailbox + locking strategy of creating a lock file. The lock creation process uses + a 'hitching post' algorithm (similar to that used by Pine) which is + robust when the mailbox file is NFS-mounted. The file is also locked + using the lockf function. + +

      + Options on this transport allow for the insertion of a prefix line (e.g. + 'From xxx...') and suffix line, special processing of message lines + starting with 'From', and the addition of Return-path, Delivery-date, and + Envelope-to headers. If the mailbox file is not a regular file, or does + not have the correct owner, group, or permissions, no delivery takes + place; the address is deferred and the postmaster is informed, except + that, if the file's permissions are greater than those required, Exim + reduces the permissions and carries on. There are additional checks to + reduce the possibility of security exposures caused by race conditions. + +

        +
      • pipe: This local transport passes the message via a pipe to a specified + command (program or script) which is run in a separate process under a + given uid and gid. Various parameters of the message are passed as + environment variables, and there are the same options as for appendfile + for controlling the form of the message. + +
      +

      + The returned status of the command may be used to determine success or + failure, or it can be ignored. A configuration option specifies whether + any standard output generated by the transport is to be returned to the + sender. If this is set and output is actually generated, the delivery is + deemed to have failed, whatever the returned status of the command. The + maximum amount of output generated by the command can be controlled, and + a timeout may be set for it. + +

        +
      • smtp: This remote transport delivers a message using SMTP over TCP/IP. + All addresses in the message that route to the same set of hosts, and + have the same errors address (return path), are normally sent in a single + transaction. An explicit list of hosts can be set for the transport, or a + host list may be attached to an address by one of the routers. If all the + hosts are temporarily unable to accept the message, it is delivered to + one of a list of fallback hosts, if configured. +
      + + +

      12. Exim logs

      + +

      +Exim write four different log files: + +

        +
      • The main log records the arrival of each message and the result of each + delivery attempt in a single line in each case. The format is as compact + as possible, in an attempt to keep down the size of log files. A number + of other events are also recorded on the main log. + +
      • The reject log records information from messages that are rejected + because their return paths are invalid (a configurable option). The + headers are written to this log, following a copy of the one-line message + that is also written to the main log. Other types of message rejection + also cause writing to this log. + +
      • The panic log is written when Exim suffers a disaster and has to bomb + out. + +
      • On systems that support signal handlers that restart a system call on + exit, Exim reacts to a USR1 signal by writing a line describing its + current activity to the process log. This makes it possible to find out + what each exim process on a machine is currently doing. + +
      +

      +A utility script for renaming and compressing the main and reject logs each +night is provided. There are also scripts for extracting statistics from log +files and for searching log files for the entries for messages that match a +given pattern. For example, one can pull out all entries relating to messages +for a given local part. + + +

      13. Exim databases

      + +

      +Exim maintains a number of databases in DBM files to help it perform efficient +mail delivery. In effect, the files contain hints, and if they are lost it is +not a disaster - Exim's performance just suffers a bit. The three databases +currently used are: + +

        +
      • retry: This contains information about each failing remote host and + temporary failing local delivery - when the first failure was detected, + when the delivery (or directing or routing) was last tried, and when it + should next be tried. More details about retry algorithms are given + below. + +
      • wait-smtp: This contains information about messages that are waiting for + particular hosts after an SMTP delivery failure (see the next section). + +
      • reject: This contains information about SMTP message rejections (see + below). + +
      +

      +There is a utility program that lists the contents of one of these databases, +and another that allows manual modifications to be applied in some cases. +Database records are timestamped, and there is a utility that removes records +that are older than a given period, and also cleans up wait-smtp records +containing references to messages that no longer exist. Running this daily or +weekly should be sufficient to keep the files reasonably tidy. + + +

      14. SMTP batching

      + +

      +When an SMTP delivery attempt fails, causing the message to be deferred till +later, Exim updates a DBM database that contains records keyed by host name +plus IP address. Each record holds a list of messages that are waiting for +that host and address. + +

      +When an SMTP delivery succeeds, Exim consults the database to see if there are +any other messages waiting for the same host and address. If it finds any, it +creates a new Exim process and passes it the open SMTP channel and a message +identification. The new process then delivers the waiting message down the +existing channel and may in turn cause the creation of yet another process. +Any other waiting addresses in the message are skipped. The maximum number of +messages sent down one connection is configurable. + +

      +This scheme achieves some SMTP efficiency when a number of messages have been +queued up for a given host, without the overhead of a heavyweight queueing +apparatus. + + +

      15. Retries

      + +

      +When a message cannot immediately be directed, routed, or delivered, it +remains on the queue and another delivery attempt occurs at a later time. +While failures to deliver to remote hosts are the most common cause of this, +it is also possible for a message to be deferred as a result of temporary +local delivery failure, or following directing or routing. A local delivery +can fail if the user is over quota, while directing can be delayed if a user's +home directory is not available (e.g. missing NFS mount), and therefore the +existence of a .forward file cannot be tested. Routing can be delayed by DNS +timeouts. + +

      +Exim can be given a set of rules which specify how often to retry deferred +addresses, and when to give up. These rules apply to directing and routing as +well as to transporting, and are keyed by (wildcarded) domain name or, for +local users, by local-part and domain name, either of which can be wildcarded. + +

      +Each rule is actually a sequential list of subrules, which are applied +successively as time passes. At present there are two kinds of subrule: fixed +interval, and geometrically increasing interval. For example, it is possible +to specify a rule such as 'retry every 15 minutes for 2 hours; then increase +the interval between retries by a factor of 1.5 each time until 8 hours have +passed; then retry every 8 hours until 4 days have passed; then give up'. The +times are measured from when the address first failed, so, for example, if a +host has been down for 2 days, new messages will immediately go on to the +8-hour retry schedule. + +

      +Exim does not have an elaborate series of alarm clocks to cause retries to +happen exactly on schedule. A queue-runner process is started periodically, to +attempt delivery, one by one, of messages containing addresses that have +passed their next retry time. If such an address fails again, a new retry time +is computed, and so subsequent messages queued for the same address get +skipped. The queue is not processed sequentially, but in a 'random' order, to +prevent one rogue message that causes a problem blocking other messages to the +same destination for ever. + +

      +When the maximum time for retrying has passed, pending addresses are failed. +However, a next try time is still computed from the final subrule. Until that +time is reached, any new messages for the address are immediately failed. When +the next try time is passed, one further delivery attempt is made; if this +fails, a new next try time is computed, and so on. + +

      +The increasing number of small computers on the Internet has caused there to +be a lot of messages addressed to hosts that are never going to listen. The +retry logic described above should reduce the amount of wasted time spent on +trying to deliver such messages. However, some administrators are unhappy +about this rather draconian approach, which can cause an address to be failed +without any deliveries being attempted. Exim can alternatively be configured +always to try at least once those hosts whose last failure was before the +arrival of the message. This option increases the number of attempts to +deliver to dead hosts. + +

      +Retry rules can be predicated on particular errors as well as on domain names, +and for domains that are looked up in the DNS, further discrimination on +whether MX records were used or not is also possible. Thus it is possible to +treat 'connection refused' and 'connection timed out' differently, or to +distinguish between 'connection refused and there was only an A record' and +'connection refused from a host pointed to by an MX record'. + +

      +When a local delivery fails because a user is over quota, the retry rule can +be predicated on the length of time since the mailbox was last read. For +example, if the mailbox has been recently read, the delivery can be retried +for a while; otherwise it can be failed quickly. + + +

      16. Header rewriting

      + +

      +There are those who argue that header rewriting is a totally Bad Thing; there +are others who swear they cannot live without it. Exim provides the facility - +you do not have to use it! + +

      +Exim can be configured to rewrite the address portions of headers when a +message is received. For debugging purposes, the original headers are retained +in the spool file, but are not, of course, transported with the message. +Rewriting rules can be targeted at individual headers and the envelope fields; +it is possible, for example, just to rewrite the 'From' header and no others. + +

      +Rewriting rules are keyed by local-part and domain, either of which can be +wildcarded, and the replacement text is a general expansion string which can +contain file lookups. This makes it possible to replace login names by +'friendly' names in outgoing addresses via a DBM lookup, for example. The +other most common rewriting requirement of replacing *.foo.bar with foo.bar is +also easily handled. + +

      +Headers are also automatically rewritten by Exim in two cases: + +

        +
      • If a locally-generated message contains addresses without domains, a + configured qualifying domain is added to each of them. It is also + possible to specify which remote systems are permitted to send messages + containing unqualified addresses. These too get qualified on reception. + +
      • Routing of a domain may reveal that is was only a partial domain, in + which case the headers are rewritten to contain the full domain. For + example, as a result of routing, an address such as xxx@foo may turn into + xxx@foo.bar.ac.uk. + + +

        17. Host verification

        + +
      +

      +Exim can be configured to accept incoming SMTP calls from certain hosts only, +or it can be configured to reject calls from certain hosts. In both cases, the +test may include an RFC 1413 identification check. A system that gets all its +mail via a central hub might want to lock out the rest of the world, while a +number of systems under one management might want to exchange mail only via +the standard mailer, and hence reject mail from all but certain specified ids +within the group. + +

      +When a host fails the acceptance test, Exim can either give an error code +immediately on connection, or allow the connection to proceed and then give +error codes to all the message's recipients. The latter approach is useful +when using the mechanism to reject unsolicited junk mail and mail bombs, +because it normally prevents the sender from trying again with the same +message. + + +

      18. SMTP port reservation

      + +

      +The maximum number of simultaneous incoming SMTP calls can be set, and in +addition, a number of them can be reserved for particular hosts or particular +IP networks. It is also possible to specify a system load value above which +only calls from the reserved hosts are accepted. + + +

      19. Control of relaying

      + +

      +A host is said to act as a relay if it accepts an incoming message from an +external host and delivers it to an external host. Unscrupulous persons have +been known to use unsuspecting hosts as relays in an attempt to disguise the +origin of messages. An Exim host can be configured to accept mail from any +host for onward transmission to a specified set of domains only, and to accept +mail only from a specified list of hosts or networks for onward transmission +to any domain. + + +

      20. Sender verification

      + +

      +The return path of a message (also known as the 'envelope sender') is used +when Exim has to return an error message. If this is a bad address, the error +message cannot be delivered, and the postmaster has to sort things out. + +

      +Sender verification (a configurable option that applies to SMTP input) is +intended to pass this work to a foreign postmaster, by refusing to accept the +message in the first place. There is an exception list which can specify +certain hosts (with optional RFC 1413 identifications) that are allowed to +bypass the check. + +

      +There are two main causes of bad return paths: misconfigured mailers (gateways +in particular), and users fooling around with mail. Sadly, the latter are +rather common in educational institutions. Sender verification catches both of +them. It operates by passing the sender address through the directors and +routers in verification mode; if this fails, the message is not accepted. + +

      +The first thing foreign postmasters ask when they learn about a rejected +message is 'What were the headers?'. For this reason, and also to collect +evidence in cases of mail forgery, Exim does not initially reject a message +after the MAIL FROM command in the SMTP session. It reads the message, so as +to be able to write the headers to the rejection log, and then gives a hard +error response to the sending host. + +

      +Unfortunately, several mailers believe that any error response after the data +for a message has been sent indicates a temporary error. Consequently, such +mailers will continue to try to send a message that has been rejected as +described above. To prevent this, whenever a message is rejected, Exim records +the time, bad address, and host in a DBM database. If the same host sends the +same bad address within 24 hours, it is rejected immediately at the MAIL FROM +command. + +

      +Sadly, even this doesn't stop some mailers from repeatedly trying to send the +message. As a last resort, if the same host sends the same bad address for a +third time in 24 hours, the MAIL FROM command is accepted, but all subsequent +RCPT TO commands are rejected. If this does not stop a remote mailer then it +is badly broken. + +

      +If the attempt to verify the sender address cannot be completed (typically +because of a DNS timeout) Exim gives temporary error code to the MAIL FROM +command, which should cause the remote mailer to try again later. However, it +is possible to configure Exim to accept the message in these circumstances. + +

      +Many messages with bad return paths in fact contain perfectly valid 'From' or +'Reply-to' headers. For administrators that want a quieter life, there is a +configuration option which causes Exim to check these headers if the return +path is bad, and if a good address is found, to use it to replace the return +path. The old value is retained in an X- header. + + +

      21. Sender lock out

      + +

      +More and more unsolicited junk mail is being seen on the Internet. It is +sometimes useful to be able to reject messages (from any host) with particular +sender addresses in the envelope. Exim can be configured to reject messages +whose sender addresses match certain patterns, either by failing the MAIL FROM +command, or (because some mailers take no notice of that) by failing all RCPT +TO commands. + + +

      22. Receiver verification

      + +

      +Exim can be configured so that it checks the addresses given in incoming SMTP +RCPT TO commands as they are received. A failing address can be immediately +rejected, or it can be logged and accepted. If verification cannot be +completed (typically because of a DNS timeout) either a temporary error code +can be given, or the address can be logged and accepted. + + +

      23. The 'percent hack'

      + +

      +The so-called 'percent hack' is the feature of mailers whereby a local-part +containing a percent sign gets interpreted as an entire new address, with the +percent replaced by @. This is used for explicit mail routing and sometimes +for testing. In Exim, it is possible to configure which local domains, if any, +allow the 'percent hack'. + + +

      24. Security

      + +

      +Exim is written as a single binary that has to run setuid to root. I did start +off trying to write it as a number of different modules, but soon came to the +conclusion that, for this type of mailer, it was not worth it, because the +functions don't decompose cleanly. For example, if you want to verify +addresses while receiving mail you need all the directing and routing +apparatus to be available. + +

      +Exim runs each local delivery in a separate process which is setuid to the +relevant local user. In addition, it can be configured to run under a given +non-root uid (and gid) for much of the rest of the time. In particular, it +need not be root while sending or receiving SMTP mail. On systems that do not +have the seteuid function, it uses setuid to give up root, which requires it +to re-invoke itself in order to regain the privilege when it needs to deliver +a message. On systems that do have seteuid, it can be configured to use that +function instead, thereby saving some resources. + +

      +Exim can be configured to use seteuid (on systems that have it) when reading a +.forward file in a user's home directory. This is necessary when home +directories are NFS mounted without root privilege, unless .forward files are +required to be world readable. + +

      +Exim checks the permissions and owners of files to which messages are to be +appended, and refuses to proceed with the delivery if things are not right. + +

      +Delivery of messages to pipes or files is supported only as a result of +expanding an address via an alias or a forward file, provided this is +permitted by the configuration. Externally generated local addresses cannot +specify files or pipes - no special action is taken for addresses starting +with the file or pipe characters, so they will usually fail. + +

      +Use of the VRFY function in SMTP connections is controlled by a configuration +option. The EXPN and DEBUG functions are not supported at all. + + +

      25. The Exim Monitor

      + +

      +A program for monitoring Exim and displaying information in an X window is +provided. This can be configured to show stripcharts of incoming and outgoing +mail in various categories. It also shows a 'tail' of the main log file, and +information about messages on the queue. + +

      +There is a menu of operations that can be performed by suitably privileged +users. Messages can be frozen, thawed, deleted, caused to be delivered, +modified, or returned to their senders from this interface. + + + + diff --git a/robots.txt b/robots.txt new file mode 100644 index 0000000..3d44a13 --- /dev/null +++ b/robots.txt @@ -0,0 +1,4 @@ +# $Id: robots.txt,v 1.2 2000/01/09 21:33:19 nigel Exp $ +User-agent: * +Disallow: /mailman/ +Disallow: /ftp/ diff --git a/statconf.txt b/statconf.txt new file mode 100644 index 0000000..857ea80 --- /dev/null +++ b/statconf.txt @@ -0,0 +1,2 @@ +stats-are mailed +send-mail-to Nigel.Metheringham@ThePLAnet.net diff --git a/toc.html b/toc.html new file mode 100644 index 0000000..3baed1e --- /dev/null +++ b/toc.html @@ -0,0 +1,165 @@ + + + + exim Table of Contents + + + + + [logo] +
      + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      + + Home + +
      + + Introduction + +
      + + Overview Documentation + +
      + + Current Version + +
      + + Availability + +
      + + Mailing Lists about exim + +
      + + Documentation and FAQs + +
      + + Website Credits + +
      + + Website Changes + +
      + + Y2K Information + +

      + + Master + Exim Site (UK) + +
      + + Canada + +
      + + Ireland + +
      + + Norway + +
      + + Russia + +
      + + South Africa + +
      + + US + Mirror + +
      + + Making a Mirror + +
      +
      +

      $Id: toc.html,v 1.8 1999/11/14 20:27:57 nigel Exp $
      + + + diff --git a/toc_frame.html b/toc_frame.html new file mode 100644 index 0000000..26b385f --- /dev/null +++ b/toc_frame.html @@ -0,0 +1,18 @@ + + + + TOC Frame + + + + + + + <body> +<!-- Created: Tue Nov 3 17:22:59 GMT 1998 --> +<!-- hhmts start --> +Last modified: Tue Nov 3 17:49:17 GMT 1998 +<!-- hhmts end --> + </body> + + diff --git a/version.html b/version.html new file mode 100644 index 0000000..e102625 --- /dev/null +++ b/version.html @@ -0,0 +1,40 @@ + + + + Versions of exim + + + +

      Versions of exim

      + +

      The latest release is 3.13. This is an incremental + upgrade with some new features, however old 3.0x configuration + files should be fully compatible. Upgrading from previous + releases is worth doing, particularly since a denial-of-service + hole has been fixed over 3.0x and lower versions.

      + +

      The previous release is 3.03. This was a major upgrade + over the 2.1x series, and some features of the configuration file + are not backward compatible - although there is a conversion + utility. Earlier version 3.0x users should upgrade, + although the bug fixes are relatively minor.

      + +

      The last 2.x release version was 2.12. This is a bugfix + release over earlier 2.1x releases. Upgrade from 2.0x releases is + not imperative.

      + +

      There were a number of early beta versions of exim with version + numbers less than 1.0. These should now be avoided. + Versions earlier than 2.0x should also be upgraded.

      + +

      There may be beta versions with available from the ftp sites in + the Testing directory. Many people are using these without + problems, but they are not recommended unless you are willing to + work with beta software.

      + +
      +
      Nigel Metheringham
      + +

      $Id: version.html,v 1.7 2000/04/09 22:02:33 nigel Exp $

      + + diff --git a/y2k.html b/y2k.html new file mode 100644 index 0000000..c3d5e86 --- /dev/null +++ b/y2k.html @@ -0,0 +1,36 @@ + + + + Exim Y2K Information + + + +

      Exim Y2K Information

      + +

      The author of Exim believes that it is Y2K-compliant, as long + as the underlying operating system and C library are. Exim does + not parse dates or times at all. Internally, it makes some use of + binary timestamps in Unix format (number of seconds since + 1-Jan-1970) and uses C library services to convert these to + printing forms (e.g. for logging). The printing forms all use + 4-digit years.

      + +

      It should be noted that exim, in common with all GNU + licensed software, does not come with any form of warrenty - + see the NOTICE and LICENSE files within the distribution. If + you need a full Y2K audit performing, then the source is + available for this to be done.

      + +

      Newsflash

      +

      January 2000 - its still working, no problem reports :-)

      + + +
      +
      Nigel Metheringham
      + + +Last modified: Sun Jan 9 21:56:56 GMT 2000 + +

      $Id: y2k.html,v 1.5 2000/04/09 22:02:33 nigel Exp $

      + + -- 2.30.2