This document contains information about upgrading Exim to the last of the 3.xx releases. It is provided to help anybody who is upgrading to release 4.xx from a release that is earlier than 3.33. It goes back as far as release 2.12. If you are upgrading to release 4.xx from an even earlier release, it is probably best to start again from the default configuration. Upgrading from release 3.16 --------------------------- 1. The way LDAP returns values for multiple attributes has been changed to be the same as the NIS+ lookup. If you specify multiple attributes, they are returned as space-separated strings, quoted if necessary. e.g. ldap:///o=base?attr1,attr2?sub?(uid=fred) used to give: attr1=value one, attr2=value2 now gives: attr1="value one" attr2=value2 If you don't specify any attributes in the search, you now get them in the tagged format as well. e.g. ldap:///o=base??sub?(uid=fred) used to give: top, value one, value2 now gives: objectClass=top attr1="value one" attr2=value2 The reason for these changes is so that the results can be safely parsed - in fact, the existing ${extract{key}{val}} function does this nicely. This in turn allows a single LDAP query to be reused - one query can return the destination delivery address, the quota, and so forth. This is NOT a backwards compatible change, so there is a compile-time option to reverse it in the src/lookups/ldap.c module, for use in emergency. But it is not thought that the old behaviour was particularly useful as it stood, because a field that contained ',' or '=' would make the result unparseable. In the common case where you explicitly ask for a single attribute in your LDAP query, the behaviour is unchanged - the result is not quoted, and if there are multiple values they are comma-separated. 2. The hosts_max_try option in the smtp transport limits the number of IP addresses that will actually be tried during one delivery attempt. The default is 5. Previously, all available addresses were tried. 3. The extension of the "extract" expansion item has resulted in a change to the way Exim decides between the keyed form and the numeric form. If the first argument consists entirely of digits, the numeric form is assumed. This means that it is impossible to have keys that are digit strings, without manipulating the data first (e.g. by using ${sg} to add a letter to each key). Upgrading from release 3.15 --------------------------- 1. The handling of "freeze" and "fail" in system filter files has changed. Previously, any deliveries set up by a filter that ended with "freeze" or "fail" were discarded. This no longer happens; such deliveries are honoured. A consequence of this is that first_delivery becomes false after freezing in a system filter; previously it remained true until a real delivery attempt happened. Upgrading from release 3.13 --------------------------- 1. The handling of maildir_tag has been changed (see NewStuff). There are two small incompatibilities: (a) Exim now inserts a leading colon only if the string begins with an alphanumeric character. So if you were using a string starting with a special character, you will have to add the leading colon to it to remain compatible. (b) The expansion of maildir_tag now happens after the file has been written, and $message_size is updated to the correct file size before the expansion. The tag is not used on the temporary file (it was previously). 2. The handling of Exim's configuration has changed in two ways: (a) Any line may be continued by ending it with a backslash. Trailing white space after the backslash, and leading white space on continuation lines is ignored. This means that quotes are no longer needed just to make it possible to continue an option setting. The difference between quoted and non-quoted strings is that quoted strings are processed for internal backslashed items such as \n. The only possible incompatibility of this change is if any existing configuration has a non-quoted line ended in backslash, which seems a very remote possibility. (b) All lists, with the exception of log_file_path, can now use a different character to colon as the separator. This is specified by starting the list with <x where x is any punctuation character. For example: local_interfaces = <; 127.0.0.1 ; ::1 The new feature is provided to make life easier with IPv6 addresses. It is recommended that its use be confined to circumstances where it really is needed, and that colon be used in most cases. I don't believe this change is incompatible, because I don't think any list item can legitimately begin with a '<' character. 3. Previously, Exim took no action to ensure that the timestamps in its log files were "wall clock time". If the TZ environment variable was set when Exim was called, it could cause strange times to be logged. For the majority of operating systems, I have been able to fix this problem by deleting the entire environment. However, this doesn't work in some systems, and a macro called HANDS_OFF_ENVIRONMENT is defined in their OS/os.h files to suppress the action. These OS are: AIX, DGUX, HP-UX, IRIX, and SCO, and their behaviour should be unchanged from previous releases. On any other OS, if you find you are getting weird timestamps, it may be that your OS needs HANDS_OFF_ENVIRONMENT. 4. As a result of the change described in 3, there may be some cases where Exim runs an external program that previously got passed the environment, and now do not. This does *not* apply to the pipe transport, where the environment has always been set up specifically, as described in the manual. 5. The way in which Exim scans its queue when split_spool_directory is set has changed, but this shouldn't make any noticeable difference. See doc/NewStuff for details. Upgrading from release 3.03 --------------------------- The from_hack option in the appendfile and pipe transports has been replace by two string options, check_string and escape_string. If your configuration contains any references to from_hack they should be replaced. Exim continues to recognize from_hack as a transitional measure. If no_from_hack is specified in an appendfile transport, the two new options are forced to be unset. Otherwise the setting of from_hack is ignored. Upgrading from release 3.02 --------------------------- The exim_dbmbuild utility has been changed to write a warning to stderr on encountering a duplicate key, and to return a value of 1. Formerly, it ignored all but the last of a set of duplicates; now it ignores all but the first, to make dbm-searched files behave the same way as lsearch-searched files. However, there is an option -lastdup which makes it behave as before. The -nowarn option suppresses the individual warnings, but the number of duplicates is always listed on stdout at the end. Updating from a release prior to 3.00 ------------------------------------- Prior to release 3.00 a lot of options which contained lists of various kinds came in groups such as sender_accept, sender_reject, sender_reject_except. This style of configuration has been abolished. Instead, it is now possible to put negative entries in such lists, so that a single option is all that is required. In addition to this, net lists have been abolished, and instead, host lists can now contain items that specify networks as well as hosts. The names of some of these options have also been changed. As a result of these changes, most configuration files used for earlier versions of Exim need to be changed. The opportunity has therefore been taken to remove a number of other obsolete features and options. A Perl script is built in the file util/convert4r3 to assist in updating Exim configuration files. It reads a configuration file on the standard input, writes a modified file on the standard output, and writes comments about what it has done to the standard error file. It assumes that the input is a valid Exim configuration file. A typical call to the conversion script might be util/convert4r3 </opt/exim/configure >/opt/exim/configure.new The way the script merges an accept/reject/reject_except triple into a single accept option is to put the reject_except list first, followed by the reject list with every item negated, followed by the accept list. For example, if an old configuration file contains sender_host_accept_relay = *.c.d : e.f.g sender_host_reject_relay = *.b.c.d sender_host_reject_relay_except = a.b.c.d the new configuration will contain host_accept_relay = a.b.c.d : ! *.b.c.d : *.c.d : e.f.g The same ordering is used to merge a triple into a reject option, but this time the first and third sublists are negated. For example, if an old configuration file contains sender_host_accept = *.c.d : e.f.g sender_host_reject = *.b.c.d sender_host_reject_except = a.b.c.d the new configuration file will contain host_reject = ! a.b.c.d : *.b.c.d : ! *.c.d : ! e.f.g : * The output file should be checked before trying to use it. Each option change is preceded by an identifying comment. There are several specific things that you should look out for when checking: (1) If you are using macros to contain lists of items, and these have to be negated in the new world, convert4r3 won't get it right. For example, if the old configuration contains ACCEPTHOSTS = *.c.d : e.f.g sender_host_reject = ACCEPTHOSTS then the rewritten configuration will be ACCEPTHOSTS = *.c.d : e.f.g host_reject = !ACCEPTHOSTS but because this is just textual macro handling, that is equivalent to host_reject = !*.c.d : e.f.g which is not the correct translation, because the second item is not negated. There is unfortunately no easy way to use a macro to provide a list of things that are sometimes negated. (2) The conversion adds some settings of file_transport, pipe_transport, and reply_transport to aliasfile and forwardfile directors. This is done because the global implicit defaults for these options have been removed. The default configuration now contains explicit settings, so convert4r3 makes these additions to be compatible with that. If your aliasfile and forwardfile directors do not make use of the pipe, file, or autoreply facilities, you can remove these new settings. (3) If you are using +allow_unknown in a host list which also has an exception list, you may need to move +allow_unknown in the new configuration. For example, if the old configuration contains sender_host_reject = +allow_unknown : *.b.c sender_host_reject_except = *.a.b.c then the rewritten configuration will be host_reject = ! *.a.b.c : +allow_unknown : *.b.c Because the negated item contains a wild card, the reverse lookup for the host name will occur before +allow_unknown is encountered, and therefore +allow_unknown will have no effect. It should be moved to the start of the list. One way of upgrading Exim from a pre-3.00 release to a post-3.00 release is as follows: 1. Suppose your configuration file is called /opt/exim/configure, and you want to continue with this name after upgrading. The first thing to do is to make another copy of this file called, say, /opt/exim/configure.pre-3.00. 2. Rebuild your existing Exim to use the copy of the configuration file instead of the standard file. Install this version of Exim under a special name such as exim-2.12, and point a symbolic link called "exim" at it. Then HUP your daemon. You can check on the name of the configuration file by running exim -bP configure_file Ensure that everything is running smoothly. 3. Build the new release, configured to use the standard configuration file. 4. Use the convert4r3 utility to upgrade your configuration file for the new release. After running it, check the file by hand. 5. If any of the options that convert4r3 rewrote contained regular expressions that had backslashes in them, and were not previously in quotes, they will need modification if convert4r3 has put them into quotes. Either re-arrange the option to remove the quoting, or escape each backslash. For example, if you had sender_reject_recipients = ^\d{8}@ sender_reject_except = ^\d{8}@x.y.z convert4r3 will have combined the two settings into sender_reject_recipients = "! ^\d{8}@x.y.z : \ ^\d{8}@" This must be changed to sender_reject_recipients = ! ^\d{8}@x.y.z : ^\d{8}@ or sender_reject_recipients = "! ^\\d{8}@x.y.z : ^\\d{8}@" In the second case, the quoted string could of course still be split over several lines. 6. If your configuration refers to any external lists of networks, check them to ensure that all the masks are in the single-number form, because Exim no longer recognizes the dotted quad form of mask. For example, if an item in a netlist file is 131.111.8.0/255.255.255.0 you must change it to 131.111.8.0/24 Otherwise Exim will not recognize it as a masked IP address, and will treat it as a host name. The convert4r3 utility makes this conversion for networks that are mentioned inline in the configuration, but it does not handle referenced files. 7. Check the newly-built Exim as much as possible without installing; you can, for example, use a command such as ./exim -bV in the build directory to test that it successfully reads the new configuration file. You can also do tests using -bt and -bh. 8. Install the new release under a special name such as exim-3.00. 9. You can then easily change between the new and old releases simply by moving the symbolic link and HUPping your daemon. Details of syntax changes at 3.00 ================================= 1. A bare file name without a preceding search type may appear in a domain list; this causes each line of the file to be read and processed as if it were an item in the list, except that it cannot itself be a bare file name (that is, this facility cannot be used recursively). Wild cards and regular expressions may be used in the lines of the file just as in the main list. For example, if local_domains = /etc/local-domains then the file could contain lines like *.mydomain.com This is different to an lsearch file, which operates like any other lookup type and does an exact search for the key. If a # character appears anywhere in a line of the file, it and all following characters are ignored. Blank lines are also ignored. 2. Any item in a domain list (including a bare file name) can be preceded by an exclamation mark character, to indicate negation. White space after the ! is ignored. If the domain matches the rest of the item, it is *not* in the set of domains that the option is defining. If the end of the list is reached, the domain is accepted if the last item was a negative one, but not if it was a positive one. If ! precedes a bare file name, then all items in the file are negated, unless they are preceded by another exclamation mark. For example: relay_domains = !a.b.c : *.b.c sets up a.b.c as an exception to the more general item *.b.c, because lists are processed from left to right. If the domain that is being checked matches neither a.b.c nor *.b.c, then it is not accepted as a relay domain, because the last item in the list is a positive item. However, if the option were just relay_domains = !a.b.c then all domains other than a.b.c would be relay domains, because the last item in the list is a negative item. In effect, a list that ends with a negative item has ": *" appended to it. 3. Negation and bare file names are available as above in lists of local parts (e.g. in local_parts options) and complete addresses (address lists). For the special "@@" lookup form in address lists, negation also can be used in the list of local parts that is looked up for the domain. For example, with sender_reject_recipients = @@dbm;/etc/reject-by-domain the file could contain lines like this: baddomain.com: !postmaster : !hostmaster : * If a local part that actually begins with ! is required, it has to be specified using a regular expression. Because local parts may legitimately contain # characters, a comment in the file is recognized only if # is followed by white space or the end of the line. 4. Host lists may now contain network items, as in the former net list options, which have all been abolished. The only form of network masking is the /n variety. Negation and bare file names can appear in host lists, and there is a new type of item which allows masked network numbers to be used as keys in lookups, thus making it possible to used DBM files for faster checking when the list of networks is large. The complete list of types of item which can now appear in a host list is: . An item may be a bare file name; each line of the file may take the form of any of the items below, but it may not itself be another bare file name. If the file name is preceded by ! then all items in the file are negated, unless they are preceded by another exclamation mark. Comments in the file are introduced by # and blank lines are ignored. . If the entire item is "*" it matches any host. . If the item is in the form of an IP address, it is matched against the IP address of the incoming call. . If the item is in the form of an IP address followed by a slash and a mask length (e.g. 131.111.0.0/16) then it is matched against the IP address of the incoming call, subject to the mask. . If the item is of the form "net<number>-<search-type>;<search-data>", for example: net24-dbm;/networks.db then the IP address of the incoming call is masked using <number> as the mask length; a textual string is then constructed from the masked value, followed by the mask, and this is then used as the key for the lookup. For example, if the incoming IP address is 192.152.34.6 then the key that is looked up for the above example is "192.152.34.0/24". . If the entire item is "@" the primary host name is used as the the match item, and the following applies: . If the item is a plain domain name, then a forward DNS lookup is done on that name to find its IP address(es), and the result is compared with the IP address of the incoming call. The remaining items require the host name to be obtained by a reverse DNS lookup. If the lookup fails, Exim takes a hard line by default and access is not permitted. If the list is an "accept" list, Exim behaves as if the current host is not in the set defined by the list, whereas if it is a "reject" list, it behaves as if it is. To change this behaviour, the special item "+allow_unknown" may appear in the list (at top level - it is not recognized in an indirected file); if any subsequent items require a host name, and the reverse DNS lookup fails, Exim permits the access, that is, its behaviour is the opposite to the default. . If the item starts with "*" then the remainder of the item must match the end of the host name. For example, *.b.c matches all hosts whose names end in .b.c. This special simple form is provided because this is a very common requirement. Other kinds of wildcarding require the use of a regular expression. . If the item starts with "^" then it is taken to be a regular expression which is matched against the host name. For example, ^(a|b)\.c\.d$ matches either of the two hosts a.c.d or b.c.d. If the option string in which this occurs is given in quotes, then the backslash characters must be doubled, because they are significant in quoted strings. The following two settings are exactly equivalent: host_accept = ^(a|b)\.c\.d$ host_accept = "^(a|b)\\.c\\.d$" . If the item is of the form <search-type>;<filename or query>, for example dbm;/host/accept/list then the host name is looked up using the search type and file name or query (as appropriate). The actual data that is looked up is not used. 5. Early versions of Exim required commas and semicolons to terminate option settings in drivers. This hasn't been the case for quite some time. The code to handle them has now been removed. Details of option changes at 3.00 ================================= Main options ------------ * address_directory_transport, address_directory2_transport, address_file_transport, address_pipe_transport, and address_reply_transport have been abolished as obsolete. The aliasfile and forwardfile directors have been able for some time to set the transports they want to use for these special kinds of delivery; there seems little need for global defaults. The default configuration has been altered to add settings for file_transport and pipe_transport to the aliasfile and forwardfile directors, and to add reply_transport to forwardfile. * check_dns_names, a deprecated synonym for dns_check_names, has been abolished. * helo_accept_junk_nets is abolished; nets can now appear in helo_accept_junk_hosts. * helo_verify_except_hosts and helo_verify_except_nets have been abolished, and helo_verify has been changed from a boolean to a host list, listing those hosts for which HELO verification is required. * the obsolete option helo_verify_nets (a synonym for host_lookup_nets) has been abolished. Note that host_lookup_nets itself has been replaced by host_lookup. * hold_domains_except has been abolished. Use negated items in hold_domains. * host_lookup_nets has been replaced by host_lookup, which can contain hosts and nets. * ignore_fromline_nets has been replaced by ignore_fromline_hosts. * If message_filter is set and the filter generates any deliveries to files, pipes, or any autoreplies, then the appropriate message_filter_*_transport options must be set to define the transports, following the abolition of the global defaults (see above). * queue_remote and queue_remote_except have been abolished and replaced by queue_remote_domains, which lists those domains that should be queued. The effect of queue_remote=true is now obtained by queue_remote_domains=*. * queue_smtp and queue_smtp_except have been abolished and replaced by queue_smtp_domains, which lists those domains that should be queued after routing. The effect of queue_smtp=true is now obtained by queue_smtp_domains=*. * rbl_except_nets has been abolished and replaced by rbl_hosts, which can contain hosts and nets. This defaults to "*" and defines the set of hosts for which RBL checking is done. * receiver_unqualified_nets is abolished; nets can now appear in receiver_unqualified_hosts. * receiver_verify_except_hosts and receiver_verify_except_nets have been abolished and replaced by receiver_verify_hosts, which defaults to "*". This is used, however, only when receiver_verify is set - together with the other conditions (receiver_verify_addresses, receiver_verify_senders). * receiver_verify_senders_except has been abolished; the functionality is now available by using negation in receiver_verify_senders. * rfc1413_except_hosts and rfc1413_except_nets have been abolished, and replaced by rfc1413_hosts, which defaults to "*". * sender_accept, sender_accept_recipients and sender_reject_except have been abolished; the functionality is now available via sender_reject and sender_reject_recipients. * sender_host_accept, sender_net_accept, sender_host_reject, sender_net_reject, sender_host_reject_except, sender_net_reject_except, sender_host_reject_recipients and sender_net_reject_recipients have all been abolished, and replaced by the options host_reject and host_reject_recipients. * sender_host_accept_relay, sender_net_accept_relay, sender_host_reject_relay, sender_host_reject_relay_except, sender_net_reject_relay, and sender_net_reject_relay_except are abolished, and replaced by host_accept_relay. This defaults unset, and this means that all relaying is now by default locked out in the Exim binary. Previously, if no relaying options were set, relaying was permitted. * sender_unqualified_nets has been abolished; nets can now appear in sender_unqualified_hosts. * sender_verify_except_hosts and sender_verify_except_nets have been abolished and replaced by sender_verify_hosts, which defaults to "*". This is used, however, only when sender_verify is set (to make it similar to receiver_verify, even though there aren't at present any other conditions.) * sender_verify_log_details has been abolished. This was a little-used debugging option. * smtp_etrn_nets has been abolished; nets can now appear in smtp_etrn_hosts. * smtp_expn_nets has been abolished; nets can now appear in smtp_expn_hosts. * smtp_log_connections, a deprecated synonym for log_smtp_connections, has been abolished. * smtp_reserve_nets is abolished; nets can now appear in smtp_reserve_hosts. Generic director and router options ----------------------------------- * except_domains, except_local_parts, and except_senders have been abolished. Use negated items in domains, local_parts, and senders instead, for example, replace except_domains = a.b.c with domains = !a.b.c If you already have a domains setting, add any negative items to the front of it. The aliasfile director ---------------------- * The option "directory", an obsolete synonym for home_directory, has been abolished. The forwardfile director ------------------------ * The option "directory", an obsolete synonym for file_directory, has been abolished. * The option forbid_filter_log, an obsolete synonym for forbid_filter_logwrite, has been abolished. The localuser director ---------------------- * The option "directory", an obsolete synonym for match_directory, has been abolished. The lookuphost router --------------------- * mx_domains_except and its obsolete old name non_mx_domains have been abolished. Use negated items in mx_domains. The pipe transport ------------------ * The option "directory", an obsolete synonym for home_directory, has been abolished. The smtp transport ------------------ * mx_domains_except and its obsolete old name non_mx_domains have been abolished. Use negated items in mx_domains. * serialize_nets has been abolished; nets may now appear in serialize_hosts. Other items relevant to upgrading from Exim 2.12 ================================================ 1. RFC 2505 (Anti-Spam Recommendations for SMTP MTAs) recommends that the checking of addresses for spam blocks should be done entirely caselessly. Previously, although Exim retained the case of the local part, in accordance with the RFC 821 rule that local parts are case sensitive, some of the string comparisons were nevertheless done caselessly, but file lookups used the unmodified address. The way addresses are compared with options whose values are address lists has been changed. At the start of the comparison, both the local part and the domain are now forced to lower case, and any comparisons that are done with in-line strings are done caselessly. For example, sender_reject = A@b.c rejects both A@b.c and a@b.c. Any lookups that occur use lowercased strings as their keys. If the @@ lookup facility is used, the lookup is done on the lower cased domain name, but any subsequent string comparisons on local parts are done caselessly. To retain possibility of caseful matching, the pseudo-item "+caseful" can appear in an address list. It causes any subsequent items to do caseful matches on local parts. The domain, however, remains lower cased. 2. The handling of incoming batched SMTP has been re-worked so as to behave in a more useful way in cases of error: (i) The option sender_verify_batch now defaults false. (ii) EOF is no longer interpreted as end-of-message; the "." line must be present. (iii) Exim stops immediately in cases of error, writing information to stdout and stderr, and setting the return code to 1 if some messages have been accepted, and 2 otherwise. 3. The first message delivered by -R, and all messages delivered by -Rf and -qf are "forced" in the sense that retry information is over-ridden. Previously, Exim also forcibly thawed any of these messages that was frozen. This no longer happens. Additional options -Rff and -qff have been implemented to force thawing as well as delivery. 4. When recipients are being rejected because the sending host is in an RBL list, Exim used just to show the RBL text, if any, as part of the rejection response. Now, if prohibition_message is set, it expands that string instead, with the RBL message available in $rbl_text, and $prohibition_reason set to "rbl_reject". 5. When a trusted caller passed a message to Exim, it used to check the From: header against the caller's login (even though the caller was trusted) unless the -f option had been used to supply a different sender. This has been changed so that From: is never checked if the caller is trusted. Philip Hazel May 1999