tidying
[exim.git] / src / src / globals.c
index 8e5a4dfe8e53353f30d263c5bbd0d9b4b1633348..844ff7bacdba65eedaf55916a52c05e87a6ba654 100644 (file)
@@ -2,7 +2,8 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2016 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 - 2021 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* All the global variables are defined together in this one module, so
@@ -16,26 +17,26 @@ data blocks and hence have the opt_public flag set. */
 
 optionlist optionlist_auths[] = {
   { "client_condition", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, client_condition)) },
+                 OPT_OFF(auth_instance, client_condition) },
   { "client_set_id", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, set_client_id)) },
+                 OPT_OFF(auth_instance, set_client_id) },
   { "driver",        opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, driver_name)) },
+                 OPT_OFF(auth_instance, driver_name) },
   { "public_name",   opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, public_name)) },
+                 OPT_OFF(auth_instance, public_name) },
   { "server_advertise_condition", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, advertise_condition))},
+                 OPT_OFF(auth_instance, advertise_condition)},
   { "server_condition", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, server_condition)) },
+                 OPT_OFF(auth_instance, server_condition) },
   { "server_debug_print", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, server_debug_string)) },
+                 OPT_OFF(auth_instance, server_debug_string) },
   { "server_mail_auth_condition", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, mail_auth_condition)) },
+                 OPT_OFF(auth_instance, mail_auth_condition) },
   { "server_set_id", opt_stringptr | opt_public,
-                 (void *)(offsetof(auth_instance, set_id)) }
+                 OPT_OFF(auth_instance, set_id) }
 };
 
-int     optionlist_auths_size = sizeof(optionlist_auths)/sizeof(optionlist);
+int     optionlist_auths_size = nelem(optionlist_auths);
 
 /* An empty host aliases list. */
 
@@ -49,6 +50,7 @@ duplicate them here... */
 uschar *opt_perl_startup       = NULL;
 BOOL    opt_perl_at_start      = FALSE;
 BOOL    opt_perl_started       = FALSE;
+BOOL    opt_perl_taintmode     = FALSE;
 #endif
 
 #ifdef EXPAND_DLFUNC
@@ -88,6 +90,7 @@ uschar *redis_servers          = NULL;
 #endif
 
 #ifdef LOOKUP_SQLITE
+uschar *sqlite_dbfile         = NULL;
 int     sqlite_lock_timeout    = 5;
 #endif
 
@@ -97,58 +100,31 @@ BOOL    move_frozen_messages   = FALSE;
 
 /* These variables are outside the #ifdef because it keeps the code less
 cluttered in several places (e.g. during logging) if we can always refer to
-them. Also, the tls_ variables are now always visible. */
+them. Also, the tls_ variables are now always visible.  Note that these are
+only used for smtp connections, not for service-daemon access. */
 
 tls_support tls_in = {
- -1,   /* tls_active */
- 0,    /* tls_bits */
- FALSE,/* tls_certificate_verified */
-#ifdef EXPERIMENTAL_DANE
- FALSE,/* dane_verified */
- 0,    /* tlsa_usage */
-#endif
- NULL, /* tls_cipher */
- FALSE,/* tls_on_connect */
- NULL, /* tls_on_connect_ports */
- NULL, /* tls_ourcert */
- NULL, /* tls_peercert */
- NULL, /* tls_peerdn */
- NULL, /* tls_sni */
- 0     /* tls_ocsp */
+ .active =             {.sock = -1}
+ /* all other elements zero */
 };
 tls_support tls_out = {
- -1,   /* tls_active */
- 0,    /* tls_bits */
- FALSE,/* tls_certificate_verified */
-#ifdef EXPERIMENTAL_DANE
- FALSE,/* dane_verified */
- 0,    /* tlsa_usage */
-#endif
- NULL, /* tls_cipher */
- FALSE,/* tls_on_connect */
- NULL, /* tls_on_connect_ports */
- NULL, /* tls_ourcert */
- NULL, /* tls_peercert */
- NULL, /* tls_peerdn */
- NULL, /* tls_sni */
- 0     /* tls_ocsp */
+ .active =             {.sock = -1},
+ /* all other elements zero */
 };
 
 uschar *dsn_envid              = NULL;
 int     dsn_ret                = 0;
-const pcre  *regex_DSN         = NULL;
-BOOL    smtp_use_dsn           = FALSE;
+const pcre2_code  *regex_DSN         = NULL;
 uschar *dsn_advertise_hosts    = NULL;
 
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
 BOOL    gnutls_compat_mode     = FALSE;
 BOOL    gnutls_allow_auto_pkcs11 = FALSE;
-uschar *gnutls_require_mac     = NULL;
-uschar *gnutls_require_kx      = NULL;
-uschar *gnutls_require_proto   = NULL;
+uschar *hosts_require_alpn     = NULL;
 uschar *openssl_options        = NULL;
-const pcre *regex_STARTTLS     = NULL;
+const pcre2_code *regex_STARTTLS     = NULL;
 uschar *tls_advertise_hosts    = US"*";
+uschar *tls_alpn              = US"smtp:esmtp";
 uschar *tls_certificate        = NULL;
 uschar *tls_crl                = NULL;
 /* This default matches NSS DH_MAX_P_BITS value at current time (2012), because
@@ -156,18 +132,22 @@ that's the interop problem which has been observed: GnuTLS suggesting a higher
 bit-count as "NORMAL" (2432) and Thunderbird dropping connection. */
 int     tls_dh_max_bits        = 2236;
 uschar *tls_dhparam            = NULL;
-uschar *tls_eccurve            = US"prime256v1";
+uschar *tls_eccurve            = US"auto";
 # ifndef DISABLE_OCSP
 uschar *tls_ocsp_file          = NULL;
 # endif
-BOOL    tls_offered            = FALSE;
 uschar *tls_privatekey         = NULL;
 BOOL    tls_remember_esmtp     = FALSE;
 uschar *tls_require_ciphers    = NULL;
+# ifndef DISABLE_TLS_RESUME
+uschar *tls_resumption_hosts   = NULL;
+# endif
 uschar *tls_try_verify_hosts   = NULL;
 uschar *tls_verify_certificates= US"system";
 uschar *tls_verify_hosts       = NULL;
-#else  /*!SUPPORT_TLS*/
+int     tls_watch_fd          = -1;
+time_t  tls_watch_trigger_time = (time_t)0;
+#else  /*DISABLE_TLS*/
 uschar *tls_advertise_hosts    = NULL;
 #endif
 
@@ -175,23 +155,30 @@ uschar *tls_advertise_hosts    = NULL;
 /* Per Recipient Data Response variables */
 BOOL    prdr_enable            = FALSE;
 BOOL    prdr_requested         = FALSE;
-const pcre *regex_PRDR         = NULL;
+const pcre2_code *regex_PRDR         = NULL;
 #endif
 
 #ifdef SUPPORT_I18N
-const pcre *regex_UTF8         = NULL;
+const pcre2_code *regex_UTF8         = NULL;
 #endif
 
 /* Input-reading functions for messages, so we can use special ones for
 incoming TCP/IP. The defaults use stdin. We never need these for any
 stand-alone tests. */
 
-#ifndef STAND_ALONE
-int (*receive_getc)(void)      = stdin_getc;
-int (*receive_ungetc)(int)     = stdin_ungetc;
-int (*receive_feof)(void)      = stdin_feof;
-int (*receive_ferror)(void)    = stdin_ferror;
-BOOL (*receive_smtp_buffered)(void) = NULL;   /* Only used for SMTP */
+#if !defined(STAND_ALONE) && !defined(MACRO_PREDEF)
+int    (*lwr_receive_getc)(unsigned)   = stdin_getc;
+uschar * (*lwr_receive_getbuf)(unsigned *) = NULL;
+int    (*lwr_receive_ungetc)(int)      = stdin_ungetc;
+BOOL   (*lwr_receive_hasc)(void)       = stdin_hasc;
+
+int    (*receive_getc)(unsigned)       = stdin_getc;
+uschar * (*receive_getbuf)(unsigned *)         = NULL;
+void   (*receive_get_cache)(unsigned)  = NULL;
+BOOL   (*receive_hasc)(void)           = stdin_hasc;
+int    (*receive_ungetc)(int)          = stdin_ungetc;
+int    (*receive_feof)(void)           = stdin_feof;
+int    (*receive_ferror)(void)         = stdin_ferror;
 #endif
 
 
@@ -221,7 +208,226 @@ const uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT] = {
 
 int address_expansions_count = sizeof(address_expansions)/sizeof(uschar **);
 
-/* General global variables */
+/******************************************************************************/
+/* General global variables.  Boolean flags are done as a group
+so that only one bit each is needed, packed, for all those we never
+need to take a pointer - and only a char for the rest.
+This means a struct, unfortunately since it clutters the sourcecode. */
+
+struct global_flags f =
+{
+       .acl_temp_details       = FALSE,
+       .active_local_from_check = FALSE,
+       .active_local_sender_retain = FALSE,
+       .address_test_mode      = FALSE,
+       .admin_user             = FALSE,
+       .allow_auth_unadvertised= FALSE,
+       .allow_unqualified_recipient = TRUE,    /* For local messages */
+       .allow_unqualified_sender = TRUE,       /* Reset for SMTP */
+       .authentication_local   = FALSE,
+
+       .background_daemon      = TRUE,
+       .bdat_readers_wanted    = FALSE,
+
+       .chunking_offered       = FALSE,
+       .config_changed         = FALSE,
+       .continue_more          = FALSE,
+
+       .daemon_listen          = FALSE,
+       .debug_daemon           = FALSE,
+       .deliver_firsttime      = FALSE,
+       .deliver_force          = FALSE,
+       .deliver_freeze         = FALSE,
+       .deliver_force_thaw     = FALSE,
+       .deliver_manual_thaw    = FALSE,
+       .deliver_selectstring_regex = FALSE,
+       .deliver_selectstring_sender_regex = FALSE,
+       .disable_callout_flush  = FALSE,
+       .disable_delay_flush    = FALSE,
+       .disable_logging        = FALSE,
+#ifndef DISABLE_DKIM
+       .dkim_disable_verify      = FALSE,
+       .dkim_init_done           = FALSE,
+#endif
+#ifdef SUPPORT_DMARC
+       .dmarc_has_been_checked  = FALSE,
+       .dmarc_disable_verify    = FALSE,
+       .dmarc_enable_forensic   = FALSE,
+#endif
+       .dont_deliver           = FALSE,
+       .dot_ends               = TRUE,
+
+       .enable_dollar_recipients = FALSE,
+       .expand_string_forcedfail = FALSE,
+
+       .filter_running         = FALSE,
+
+       .header_rewritten       = FALSE,
+       .helo_verified          = FALSE,
+       .helo_verify_failed     = FALSE,
+       .host_checking_callout  = FALSE,
+       .host_find_failed_syntax= FALSE,
+
+       .inetd_wait_mode        = FALSE,
+       .is_inetd               = FALSE,
+
+       .local_error_message    = FALSE,
+       .log_testing_mode       = FALSE,
+
+#ifdef WITH_CONTENT_SCAN
+       .no_mbox_unspool        = FALSE,
+#endif
+       .no_multiline_responses = FALSE,
+
+       .parse_allow_group      = FALSE,
+       .parse_found_group      = FALSE,
+       .pipelining_enable      = TRUE,
+#if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS)
+       .proxy_session_failed   = FALSE,
+#endif
+
+       .queue_2stage           = FALSE,
+       .queue_only_policy      = FALSE,
+       .queue_run_first_delivery = FALSE,
+       .queue_run_force        = FALSE,
+       .queue_run_local        = FALSE,
+       .queue_running          = FALSE,
+       .queue_smtp             = FALSE,
+
+       .really_exim            = TRUE,
+       .receive_call_bombout   = FALSE,
+       .recipients_discarded   = FALSE,
+       .running_in_test_harness = FALSE,
+
+       .search_find_defer      = FALSE,
+       .sender_address_forced  = FALSE,
+       .sender_host_notsocket  = FALSE,
+       .sender_host_unknown    = FALSE,
+       .sender_local           = FALSE,
+       .sender_name_forced     = FALSE,
+       .sender_set_untrusted   = FALSE,
+       .smtp_authenticated     = FALSE,
+#ifndef DISABLE_PIPE_CONNECT
+       .smtp_in_early_pipe_advertised = FALSE,
+       .smtp_in_early_pipe_no_auth = FALSE,
+       .smtp_in_early_pipe_used = FALSE,
+#endif
+       .smtp_in_pipelining_advertised = FALSE,
+       .smtp_in_pipelining_used = FALSE,
+       .smtp_in_quit           = FALSE,
+       .spool_file_wireformat  = FALSE,
+       .submission_mode        = FALSE,
+       .suppress_local_fixups  = FALSE,
+       .suppress_local_fixups_default = FALSE,
+       .synchronous_delivery   = FALSE,
+       .system_filtering       = FALSE,
+
+       .taint_check_slow       = FALSE,
+       .testsuite_delays       = TRUE,
+       .tcp_fastopen_ok        = FALSE,
+       .tcp_in_fastopen        = FALSE,
+       .tcp_in_fastopen_data   = FALSE,
+       .tcp_in_fastopen_logged = FALSE,
+       .tcp_out_fastopen_logged= FALSE,
+       .timestamps_utc         = FALSE,
+       .transport_filter_timed_out = FALSE,
+       .trusted_caller         = FALSE,
+       .trusted_config         = TRUE,
+};
+
+/******************************************************************************/
+/* These are the flags which are either variables or mainsection options,
+so an address is needed for access, or are exported to local_scan. */
+
+BOOL    accept_8bitmime        = TRUE; /* deliberately not RFC compliant */
+BOOL    allow_domain_literals  = FALSE;
+BOOL    allow_mx_to_ip         = FALSE;
+BOOL    allow_utf8_domains     = FALSE;
+BOOL    authentication_failed  = FALSE;
+
+BOOL    bounce_return_body     = TRUE;
+BOOL    bounce_return_message  = TRUE;
+BOOL    check_rfc2047_length   = TRUE;
+BOOL    commandline_checks_require_admin = FALSE;
+
+#ifdef EXPERIMENTAL_DCC
+BOOL    dcc_direct_add_header  = FALSE;
+#endif
+BOOL    debug_store            = FALSE;
+BOOL    delivery_date_remove   = TRUE;
+BOOL    deliver_drop_privilege = FALSE;
+#ifdef ENABLE_DISABLE_FSYNC
+BOOL    disable_fsync          = FALSE;
+#endif
+BOOL    disable_ipv6           = FALSE;
+BOOL    dns_csa_use_reverse    = TRUE;
+BOOL    drop_cr                = FALSE;         /* No longer used */
+
+BOOL    envelope_to_remove     = TRUE;
+BOOL    exim_gid_set           = TRUE;          /* This gid is always set */
+BOOL    exim_uid_set           = TRUE;          /* This uid is always set */
+BOOL    extract_addresses_remove_arguments = TRUE;
+
+BOOL    host_checking          = FALSE;
+BOOL    host_lookup_deferred   = FALSE;
+BOOL    host_lookup_failed     = FALSE;
+BOOL    ignore_fromline_local  = FALSE;
+
+BOOL    local_from_check       = TRUE;
+BOOL    local_sender_retain    = FALSE;
+BOOL    log_timezone           = FALSE;
+BOOL    message_body_newlines  = FALSE;
+BOOL    message_logs           = TRUE;
+#ifdef SUPPORT_I18N
+BOOL    message_smtputf8       = FALSE;
+#endif
+BOOL    mua_wrapper            = FALSE;
+
+BOOL    preserve_message_logs  = FALSE;
+BOOL    print_topbitchars      = FALSE;
+BOOL    prod_requires_admin    = TRUE;
+#if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS)
+BOOL    proxy_session          = FALSE;
+#endif
+
+#ifndef DISABLE_QUEUE_RAMP
+BOOL    queue_fast_ramp                = FALSE;
+#endif
+BOOL    queue_list_requires_admin = TRUE;
+BOOL    queue_only             = FALSE;
+BOOL    queue_only_load_latch  = TRUE;
+BOOL    queue_only_override    = TRUE;
+BOOL    queue_run_in_order     = FALSE;
+BOOL    recipients_max_reject  = FALSE;
+BOOL    return_path_remove     = TRUE;
+
+BOOL    smtp_batched_input     = FALSE;
+BOOL    sender_helo_dnssec     = FALSE;
+BOOL    sender_host_dnssec     = FALSE;
+BOOL    smtp_accept_keepalive  = TRUE;
+BOOL    smtp_check_spool_space = TRUE;
+BOOL    smtp_enforce_sync      = TRUE;
+BOOL    smtp_etrn_serialize    = TRUE;
+BOOL    smtp_input             = FALSE;
+BOOL    smtp_return_error_details = FALSE;
+#ifdef SUPPORT_SPF
+BOOL    spf_result_guessed     = FALSE;
+#endif
+BOOL    split_spool_directory  = FALSE;
+BOOL    spool_wireformat       = FALSE;
+BOOL    strict_acl_vars        = FALSE;
+BOOL    strip_excess_angle_brackets = FALSE;
+BOOL    strip_trailing_dot     = FALSE;
+BOOL    syslog_duplication     = TRUE;
+BOOL    syslog_pid             = TRUE;
+BOOL    syslog_timestamp       = TRUE;
+BOOL    system_filter_gid_set  = FALSE;
+BOOL    system_filter_uid_set  = FALSE;
+
+BOOL    tcp_nodelay            = TRUE;
+BOOL    write_rejectlog        = TRUE;
+
+/******************************************************************************/
 
 header_line *acl_added_headers = NULL;
 tree_node *acl_anchor          = NULL;
@@ -229,6 +435,8 @@ uschar *acl_arg[9]             = {NULL, NULL, NULL, NULL, NULL,
                                   NULL, NULL, NULL, NULL};
 int     acl_narg               = 0;
 
+int     acl_level             = 0;
+
 uschar *acl_not_smtp           = NULL;
 #ifdef WITH_CONTENT_SCAN
 uschar *acl_not_smtp_mime      = NULL;
@@ -259,7 +467,6 @@ uschar *acl_smtp_rcpt          = NULL;
 uschar *acl_smtp_starttls      = NULL;
 uschar *acl_smtp_vrfy          = NULL;
 
-BOOL    acl_temp_details       = FALSE;
 tree_node *acl_var_c           = NULL;
 tree_node *acl_var_m           = NULL;
 uschar *acl_verify_message     = NULL;
@@ -318,138 +525,138 @@ uschar *acl_wherecodes[]       = { US"550",     /* RCPT */
                                   US"0"        /* unknown; not relevant */
                                  };
 
-BOOL    active_local_from_check = FALSE;
-BOOL    active_local_sender_retain = FALSE;
-BOOL    accept_8bitmime        = TRUE; /* deliberately not RFC compliant */
 uschar *add_environment        = NULL;
 address_item  *addr_duplicate  = NULL;
 
 address_item address_defaults = {
-  NULL,                 /* next */
-  NULL,                 /* parent */
-  NULL,                 /* first */
-  NULL,                 /* dupof */
-  NULL,                 /* start_router */
-  NULL,                 /* router */
-  NULL,                 /* transport */
-  NULL,                 /* host_list */
-  NULL,                 /* host_used */
-  NULL,                 /* fallback_hosts */
-  NULL,                 /* reply */
-  NULL,                 /* retries */
-  NULL,                 /* address */
-  NULL,                 /* unique */
-  NULL,                 /* cc_local_part */
-  NULL,                 /* lc_local_part */
-  NULL,                 /* local_part */
-  NULL,                 /* prefix */
-  NULL,                 /* suffix */
-  NULL,                 /* domain */
-  NULL,                 /* address_retry_key */
-  NULL,                 /* domain_retry_key */
-  NULL,                 /* current_dir */
-  NULL,                 /* home_dir */
-  NULL,                 /* message */
-  NULL,                 /* user_message */
-  NULL,                 /* onetime_parent */
-  NULL,                 /* pipe_expandn */
-  NULL,                 /* return_filename */
-  NULL,                 /* self_hostname */
-  NULL,                 /* shadow_message */
-#ifdef SUPPORT_TLS
-  NULL,                 /* cipher */
-  NULL,                        /* ourcert */
-  NULL,                        /* peercert */
-  NULL,                 /* peerdn */
-  OCSP_NOT_REQ,         /* ocsp */
+  .next =              NULL,
+  .parent =            NULL,
+  .first =             NULL,
+  .dupof =             NULL,
+  .start_router =      NULL,
+  .router =            NULL,
+  .transport =         NULL,
+  .host_list =         NULL,
+  .host_used =         NULL,
+  .fallback_hosts =    NULL,
+  .reply =             NULL,
+  .retries =           NULL,
+  .address =           NULL,
+  .unique =            NULL,
+  .cc_local_part =     NULL,
+  .lc_local_part =     NULL,
+  .local_part =                NULL,
+  .prefix =            NULL,
+  .prefix_v =          NULL,
+  .suffix =            NULL,
+  .suffix_v =          NULL,
+  .domain =            NULL,
+  .address_retry_key = NULL,
+  .domain_retry_key =  NULL,
+  .current_dir =       NULL,
+  .home_dir =          NULL,
+  .message =           NULL,
+  .user_message =      NULL,
+  .onetime_parent =    NULL,
+  .pipe_expandn =      NULL,
+  .return_filename =   NULL,
+  .self_hostname =     NULL,
+  .shadow_message =    NULL,
+#ifndef DISABLE_TLS
+  .cipher =            NULL,
+  .ourcert =           NULL,
+  .peercert =          NULL,
+  .peerdn =            NULL,
+  .ocsp =              OCSP_NOT_REQ,
 #endif
 #ifdef EXPERIMENTAL_DSN_INFO
-  NULL,                        /* smtp_greeting */
-  NULL,                        /* helo_response */
-#endif
-  NULL,                        /* authenticator */
-  NULL,                        /* auth_id */
-  NULL,                        /* auth_sndr */
-  NULL,                 /* dsn_orcpt */
-  0,                    /* dsn_flags */
-  0,                    /* dsn_aware */
-  (uid_t)(-1),          /* uid */
-  (gid_t)(-1),          /* gid */
-  0,                    /* flags */
-  { 0 },                /* domain_cache - any larger array should be zeroed */
-  { 0 },                /* localpart_cache - ditto */
-  -1,                   /* mode */
-  0,                    /* more_errno */
-  ERRNO_UNKNOWNERROR,   /* basic_errno */
-  0,                    /* child_count */
-  -1,                   /* return_file */
-  SPECIAL_NONE,         /* special_action */
-  DEFER,                /* transport_return */
-  {                     /* fields that are propagated to children */
-    NULL,               /* address_data */
-    NULL,               /* domain_data */
-    NULL,               /* localpart_data */
-    NULL,               /* errors_address */
-    NULL,               /* extra_headers */
-    NULL,               /* remove_headers */
-#ifdef EXPERIMENTAL_SRS
-    NULL,               /* srs_sender */
+  .smtp_greeting =     NULL,
+  .helo_response =     NULL,
 #endif
+  .authenticator =     NULL,
+  .auth_id =           NULL,
+  .auth_sndr =         NULL,
+  .dsn_orcpt =         NULL,
+  .dsn_flags =         0,
+  .dsn_aware =         0,
+  .uid =               (uid_t)(-1),
+  .gid =               (gid_t)(-1),
+  .flags =             { 0 },
+  .domain_cache =      { 0 },                /* domain_cache - any larger array should be zeroed */
+  .localpart_cache =   { 0 },                /* localpart_cache - ditto */
+  .mode =              -1,
+  .more_errno =                0,
+  .delivery_time =     {.tv_sec = 0, .tv_usec = 0},
+  .basic_errno =       ERRNO_UNKNOWNERROR,
+  .child_count =       0,
+  .return_file =       -1,
+  .special_action =    SPECIAL_NONE,
+  .transport_return =  DEFER,
+  .prop = {                                    /* fields that are propagated to children */
+    .address_data =    NULL,
+    .domain_data =     NULL,
+    .localpart_data =  NULL,
+    .errors_address =  NULL,
+    .extra_headers =   NULL,
+    .remove_headers =  NULL,
+    .variables =       NULL,
+    .ignore_error =    FALSE,
 #ifdef SUPPORT_I18N
-    FALSE,             /* utf8 */
+    .utf8_msg =                FALSE,
+    .utf8_downcvt =    FALSE,
+    .utf8_downcvt_maybe = FALSE
 #endif
   }
 };
 
 uschar *address_file           = NULL;
 uschar *address_pipe           = NULL;
-BOOL    address_test_mode      = FALSE;
 tree_node *addresslist_anchor  = NULL;
 int     addresslist_count      = 0;
 gid_t  *admin_groups           = NULL;
-BOOL    admin_user             = FALSE;
-BOOL    allow_auth_unadvertised= FALSE;
-BOOL    allow_domain_literals  = FALSE;
-BOOL    allow_mx_to_ip         = FALSE;
-BOOL    allow_unqualified_recipient = TRUE;    /* For local messages */
-BOOL    allow_unqualified_sender = TRUE;       /* Reset for SMTP */
-BOOL    allow_utf8_domains     = FALSE;
+
+#ifdef EXPERIMENTAL_ARC
+struct arc_set *arc_received   = NULL;
+int     arc_received_instance  = 0;
+int     arc_oldest_pass                = 0;
+const uschar *arc_state                = NULL;
+const uschar *arc_state_reason = NULL;
+#endif
+
 uschar *authenticated_fail_id  = NULL;
 uschar *authenticated_id       = NULL;
 uschar *authenticated_sender   = NULL;
-BOOL    authentication_failed  = FALSE;
 auth_instance  *auths          = NULL;
 uschar *auth_advertise_hosts   = US"*";
 auth_instance auth_defaults    = {
-    NULL,                      /* chain pointer */
-    NULL,                      /* name */
-    NULL,                      /* info */
-    NULL,                      /* private options block pointer */
-    NULL,                      /* driver_name */
-    NULL,                      /* advertise_condition */
-    NULL,                      /* client_condition */
-    NULL,                      /* public_name */
-    NULL,                      /* set_id */
-    NULL,                      /* set_client_id */
-    NULL,                      /* server_mail_auth_condition */
-    NULL,                      /* server_debug_string */
-    NULL,                      /* server_condition */
-    FALSE,                     /* client */
-    FALSE,                     /* server */
-    FALSE                      /* advertised */
+    .next =            NULL,
+    .name =            NULL,
+    .info =            NULL,
+    .options_block =   NULL,
+    .driver_name =     NULL,
+    .advertise_condition = NULL,
+    .client_condition =        NULL,
+    .public_name =     NULL,
+    .set_id =          NULL,
+    .set_client_id =   NULL,
+    .mail_auth_condition = NULL,
+    .server_debug_string = NULL,
+    .server_condition =        NULL,
+    .client =          FALSE,
+    .server =          FALSE,
+    .advertised =      FALSE
 };
 
 uschar *auth_defer_msg         = US"reason not recorded";
 uschar *auth_defer_user_msg    = US"";
-uschar *auth_vars[AUTH_VARS];
+const uschar *auth_vars[AUTH_VARS];
+uschar *authenticator_name     = NULL;
 int     auto_thaw              = 0;
 #ifdef WITH_CONTENT_SCAN
-BOOL    av_failed              = FALSE;
+int     av_failed              = FALSE;        /* boolean but accessed as vtype_int*/
 uschar *av_scanner             = US"sophie:/var/run/sophie";  /* AV scanner */
 #endif
 
-BOOL    background_daemon      = TRUE;
-
 #if BASE_62 == 62
 uschar *base62_chars=
     US"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
@@ -469,18 +676,16 @@ int     bmi_deliver            = 1;
 int     bmi_run                = 0;
 uschar *bmi_verdicts           = NULL;
 #endif
+int     bsmtp_transaction_linecount = 0;
 int     body_8bitmime          = 0;
 int     body_linecount         = 0;
 int     body_zerocount         = 0;
 uschar *bounce_message_file    = NULL;
 uschar *bounce_message_text    = NULL;
 uschar *bounce_recipient       = NULL;
-BOOL    bounce_return_body     = TRUE;
 int     bounce_return_linesize_limit = 998;
-BOOL    bounce_return_message  = TRUE;
 int     bounce_return_size_limit = 100*1024;
 uschar *bounce_sender_authentication = NULL;
-int     bsmtp_transaction_linecount = 0;
 
 uschar *callout_address        = NULL;
 int     callout_cache_domain_positive_expire = 7*24*60*60;
@@ -489,22 +694,36 @@ int     callout_cache_positive_expire = 24*60*60;
 int     callout_cache_negative_expire = 2*60*60;
 uschar *callout_random_local_part = US"$primary_hostname-$tod_epoch-testing";
 uschar *check_dns_names_pattern= US"(?i)^(?>(?(1)\\.|())[^\\W](?>[a-z0-9/_-]*[^\\W])?)+(\\.?)$";
-int     check_log_inodes       = 0;
-int     check_log_space        = 0;
-BOOL    check_rfc2047_length   = TRUE;
-int     check_spool_inodes     = 0;
-int     check_spool_space      = 0;
-uschar *client_authenticator  = NULL;
-uschar *client_authenticated_id = NULL;
-uschar *client_authenticated_sender = NULL;
+int     check_log_inodes       = 100;
+int_eximarith_t check_log_space = 10*1024;     /* 10K Kbyte == 10MB */
+int     check_spool_inodes     = 100;
+int_eximarith_t check_spool_space = 10*1024;   /* 10K Kbyte == 10MB */
+
+uschar *chunking_advertise_hosts = US"*";
+unsigned chunking_datasize     = 0;
+unsigned chunking_data_left    = 0;
+chunking_state_t chunking_state= CHUNKING_NOT_OFFERED;
+const pcre2_code *regex_CHUNKING     = NULL;
+
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+const pcre2_code *regex_LIMITS        = NULL;
+#endif
+
+uschar *client_authenticator   = NULL;
+uschar *client_authenticated_id = NULL;
+uschar *client_authenticated_sender = NULL;
+#ifndef DISABLE_CLIENT_CMD_LOG
+gstring *client_cmd_log        = NULL;
+#endif
 int     clmacro_count          = 0;
 uschar *clmacros[MAX_CLMACROS];
-BOOL    config_changed         = FALSE;
 FILE   *config_file            = NULL;
-uschar *config_filename        = NULL;
+const uschar *config_filename  = NULL;
 int     config_lineno          = 0;
 #ifdef CONFIGURE_GROUP
 gid_t   config_gid             = CONFIGURE_GROUP;
+#else
+gid_t   config_gid             = 0;
 #endif
 uschar *config_main_filelist   = US CONFIGURE_FILE
                          "\0<-----------Space to patch configure_filename->";
@@ -513,43 +732,55 @@ uschar *config_main_directory  = NULL;
 
 #ifdef CONFIGURE_OWNER
 uid_t   config_uid             = CONFIGURE_OWNER;
+#else
+uid_t   config_uid             = 0;
 #endif
 
 int     connection_max_messages= -1;
+uschar *continue_proxy_cipher  = NULL;
+BOOL    continue_proxy_dane    = FALSE;
+uschar *continue_proxy_sni     = NULL;
 uschar *continue_hostname      = NULL;
 uschar *continue_host_address  = NULL;
-BOOL    continue_more          = FALSE;
 int     continue_sequence      = 1;
 uschar *continue_transport     = NULL;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+unsigned continue_limit_mail   = 0;
+unsigned continue_limit_rcpt   = 0;
+unsigned continue_limit_rcptdom= 0;
+#endif
 
 uschar *csa_status             = NULL;
 cut_t   cutthrough = {
-  FALSE,                               /* delivery: when to attempt */
-  -1,                                  /* fd: open connection */
-  0,                                   /* nrcpt: number of addresses */
+  .callout_hold_only = FALSE,                          /* verify-only: normal delivery */
+  .delivery =          FALSE,                          /* when to attempt */
+  .defer_pass =                FALSE,                          /* on defer: spool locally */
+  .is_tls =            FALSE,                          /* not a TLS conn yet */
+  .cctx =              {.sock = -1},                   /* open connection */
+  .nrcpt =             0,                              /* number of addresses */
 };
 
-BOOL    daemon_listen          = FALSE;
+int    daemon_notifier_fd     = -1;
 uschar *daemon_smtp_port       = US"smtp";
 int     daemon_startup_retries = 9;
 int     daemon_startup_sleep   = 30;
 
 #ifdef EXPERIMENTAL_DCC
-BOOL    dcc_direct_add_header  = FALSE;
 uschar *dcc_header             = NULL;
 uschar *dcc_result             = NULL;
 uschar *dccifd_address         = US"/usr/local/dcc/var/dccifd";
 uschar *dccifd_options         = US"header";
 #endif
 
-BOOL    debug_daemon           = FALSE;
 int     debug_fd               = -1;
 FILE   *debug_file             = NULL;
 int     debug_notall[]         = {
   Di_memory,
+  Di_noutf8,
   -1
 };
-bit_table debug_options[]      = { /* must be in alphabetical order */
+bit_table debug_options[]      = { /* must be in alphabetical order and use
+                                only the enum values from macro.h */
   BIT_TABLE(D, acl),
   BIT_TABLE(D, all),
   BIT_TABLE(D, auth),
@@ -568,6 +799,7 @@ bit_table debug_options[]      = { /* must be in alphabetical order */
   BIT_TABLE(D, local_scan),
   BIT_TABLE(D, lookup),
   BIT_TABLE(D, memory),
+  BIT_TABLE(D, noutf8),
   BIT_TABLE(D, pid),
   BIT_TABLE(D, process_info),
   BIT_TABLE(D, queue_run),
@@ -583,8 +815,10 @@ bit_table debug_options[]      = { /* must be in alphabetical order */
   BIT_TABLE(D, verify),
 };
 int     debug_options_count    = nelem(debug_options);
-
+unsigned debug_pretrigger_bsize= 0;
+uschar * debug_pretrigger_buf  = NULL;
 unsigned int debug_selector    = 0;
+
 int     delay_warning[DELAY_WARNING_SIZE] = { DELAY_WARNING_SIZE, 1, 24*60*60 };
 uschar *delay_warning_condition=
   US"${if or {"
@@ -592,17 +826,12 @@ uschar *delay_warning_condition=
             "{ match{$h_precedence:}{(?i)bulk|list|junk} }"
             "{ match{$h_auto-submitted:}{(?i)auto-generated|auto-replied} }"
             "} {no}{yes}}";
-BOOL    delivery_date_remove   = TRUE;
 uschar *deliver_address_data   = NULL;
 int     deliver_datafile       = -1;
 const uschar *deliver_domain   = NULL;
 uschar *deliver_domain_data    = NULL;
 const uschar *deliver_domain_orig = NULL;
 const uschar *deliver_domain_parent = NULL;
-BOOL    deliver_drop_privilege = FALSE;
-BOOL    deliver_firsttime      = FALSE;
-BOOL    deliver_force          = FALSE;
-BOOL    deliver_freeze         = FALSE;
 time_t  deliver_frozen_at      = 0;
 uschar *deliver_home           = NULL;
 const uschar *deliver_host     = NULL;
@@ -615,37 +844,33 @@ uschar *deliver_localpart_data = NULL;
 uschar *deliver_localpart_orig = NULL;
 uschar *deliver_localpart_parent = NULL;
 uschar *deliver_localpart_prefix = NULL;
+uschar *deliver_localpart_prefix_v = NULL;
 uschar *deliver_localpart_suffix = NULL;
-BOOL    deliver_force_thaw     = FALSE;
-BOOL    deliver_manual_thaw    = FALSE;
+uschar *deliver_localpart_suffix_v = NULL;
 uschar *deliver_out_buffer     = NULL;
 int     deliver_queue_load_max = -1;
 address_item  *deliver_recipients = NULL;
 uschar *deliver_selectstring   = NULL;
-BOOL    deliver_selectstring_regex = FALSE;
 uschar *deliver_selectstring_sender = NULL;
-BOOL    deliver_selectstring_sender_regex = FALSE;
-BOOL    disable_callout_flush  = FALSE;
-BOOL    disable_delay_flush    = FALSE;
-#ifdef ENABLE_DISABLE_FSYNC
-BOOL    disable_fsync          = FALSE;
-#endif
-BOOL    disable_ipv6           = FALSE;
-BOOL    disable_logging        = FALSE;
 
 #ifndef DISABLE_DKIM
-BOOL    dkim_collect_input       = FALSE;
+unsigned dkim_collect_input      = 0;
 uschar *dkim_cur_signer          = NULL;
-BOOL    dkim_disable_verify      = FALSE;
 int     dkim_key_length          = 0;
+void   *dkim_signatures                 = NULL;
 uschar *dkim_signers             = NULL;
 uschar *dkim_signing_domain      = NULL;
 uschar *dkim_signing_selector    = NULL;
+uschar *dkim_verify_hashes       = US"sha256:sha512";
+uschar *dkim_verify_keytypes     = US"ed25519:rsa";
+uschar *dkim_verify_min_keysizes = US"rsa=1024 ed25519=250";
+BOOL   dkim_verify_minimal      = FALSE;
+uschar *dkim_verify_overall      = NULL;
 uschar *dkim_verify_signers      = US"$dkim_signers";
+uschar *dkim_verify_status      = NULL;
+uschar *dkim_verify_reason      = NULL;
 #endif
-#ifdef EXPERIMENTAL_DMARC
-BOOL    dmarc_has_been_checked  = FALSE;
-uschar *dmarc_ar_header         = NULL;
+#ifdef SUPPORT_DMARC
 uschar *dmarc_domain_policy     = NULL;
 uschar *dmarc_forensic_sender   = NULL;
 uschar *dmarc_history_file      = NULL;
@@ -653,14 +878,12 @@ uschar *dmarc_status            = NULL;
 uschar *dmarc_status_text       = NULL;
 uschar *dmarc_tld_file          = NULL;
 uschar *dmarc_used_domain       = NULL;
-BOOL    dmarc_disable_verify    = FALSE;
-BOOL    dmarc_enable_forensic   = FALSE;
 #endif
 
 uschar *dns_again_means_nonexist = NULL;
 int     dns_csa_search_limit   = 5;
-BOOL    dns_csa_use_reverse    = TRUE;
-#ifdef EXPERIMENTAL_DANE
+int    dns_cname_loops        = 1;
+#ifdef SUPPORT_DANE
 int     dns_dane_ok            = -1;
 #endif
 uschar *dns_ipv4_lookup        = NULL;
@@ -675,13 +898,11 @@ uschar *dnslist_text           = NULL;
 uschar *dnslist_value          = NULL;
 tree_node *domainlist_anchor   = NULL;
 int     domainlist_count       = 0;
-BOOL    dont_deliver           = FALSE;
-BOOL    dot_ends               = TRUE;
-BOOL    drop_cr                = FALSE;         /* No longer used */
+const uschar *driver_srcfile   = NULL;
+int     driver_srcline        = 0;
 uschar *dsn_from               = US DEFAULT_DSN_FROM;
+unsigned int dtrigger_selector = 0;
 
-BOOL    enable_dollar_recipients = FALSE;
-BOOL    envelope_to_remove     = TRUE;
 int     errno_quota            = ERRNO_QUOTA;
 uschar *errors_copy            = NULL;
 int     error_handling         = ERRORS_SENDER;
@@ -689,25 +910,22 @@ uschar *errors_reply_to        = NULL;
 int     errors_sender_rc       = EXIT_FAILURE;
 #ifndef DISABLE_EVENT
 uschar *event_action             = NULL;       /* expansion for delivery events */
-uschar *event_data               = NULL;       /* auxilary data variable for event */
+uschar *event_data               = NULL;       /* auxiliary data variable for event */
 int     event_defer_errno        = 0;
 const uschar *event_name         = NULL;       /* event name variable */
 #endif
 
 
 gid_t   exim_gid               = EXIM_GID;
-BOOL    exim_gid_set           = TRUE;          /* This gid is always set */
 uschar *exim_path              = US BIN_DIRECTORY "/exim"
                         "\0<---------------Space to patch exim_path->";
 uid_t   exim_uid               = EXIM_UID;
-BOOL    exim_uid_set           = TRUE;          /* This uid is always set */
+int     expand_level          = 0;             /* Nesting depth, indent for debug */
 int     expand_forbid          = 0;
 int     expand_nlength[EXPAND_MAXN+1];
 int     expand_nmax            = -1;
-uschar *expand_nstring[EXPAND_MAXN+1];
-BOOL    expand_string_forcedfail = FALSE;
+const uschar *expand_nstring[EXPAND_MAXN+1];
 uschar *expand_string_message;
-BOOL    extract_addresses_remove_arguments = TRUE;
 uschar *extra_local_interfaces = NULL;
 
 int     fake_response          = OK;
@@ -716,7 +934,6 @@ uschar *fake_response_text     = US"Your message has been rejected but is "
                                    "legitimate message, it may still be "
                                    "delivered to the target recipient(s).";
 int     filter_n[FILTER_VARIABLE_COUNT];
-BOOL    filter_running         = FALSE;
 int     filter_sn[FILTER_VARIABLE_COUNT];
 int     filter_test            = FTEST_NONE;
 uschar *filter_test_sfile      = NULL;
@@ -732,7 +949,11 @@ uschar *gecos_name             = NULL;
 uschar *gecos_pattern          = NULL;
 rewrite_rule  *global_rewrite_rules = NULL;
 
-uschar *headers_charset        = US HEADERS_CHARSET;
+volatile sig_atomic_t had_command_timeout = 0;
+volatile sig_atomic_t had_command_sigterm = 0;
+volatile sig_atomic_t had_data_timeout    = 0;
+volatile sig_atomic_t had_data_sigint     = 0;
+const uschar *headers_charset  = US HEADERS_CHARSET;
 int     header_insert_maxlen   = 64 * 1024;
 header_line  *header_last      = NULL;
 header_line  *header_list      = NULL;
@@ -740,40 +961,33 @@ int     header_maxsize         = HEADER_MAXSIZE;
 int     header_line_maxsize    = 0;
 
 header_name header_names[] = {
-  { US"bcc",            3, TRUE,  htype_bcc },
-  { US"cc",             2, TRUE,  htype_cc },
-  { US"date",           4, TRUE,  htype_date },
-  { US"delivery-date", 13, FALSE, htype_delivery_date },
-  { US"envelope-to",   11, FALSE, htype_envelope_to },
-  { US"from",           4, TRUE,  htype_from },
-  { US"message-id",    10, TRUE,  htype_id },
-  { US"received",       8, FALSE, htype_received },
-  { US"reply-to",       8, FALSE, htype_reply_to },
-  { US"return-path",   11, FALSE, htype_return_path },
-  { US"sender",         6, TRUE,  htype_sender },
-  { US"subject",        7, FALSE, htype_subject },
-  { US"to",             2, TRUE,  htype_to }
+  /* name              len     allow_resent    htype */
+  { US"bcc",            3,     TRUE,           htype_bcc },
+  { US"cc",             2,     TRUE,           htype_cc },
+  { US"date",           4,     TRUE,           htype_date },
+  { US"delivery-date", 13,     FALSE,          htype_delivery_date },
+  { US"envelope-to",   11,     FALSE,          htype_envelope_to },
+  { US"from",           4,     TRUE,           htype_from },
+  { US"message-id",    10,     TRUE,           htype_id },
+  { US"received",       8,     FALSE,          htype_received },
+  { US"reply-to",       8,     FALSE,          htype_reply_to },
+  { US"return-path",   11,     FALSE,          htype_return_path },
+  { US"sender",         6,     TRUE,           htype_sender },
+  { US"subject",        7,     FALSE,          htype_subject },
+  { US"to",             2,     TRUE,           htype_to }
 };
 
-int header_names_size          = sizeof(header_names)/sizeof(header_name);
+int header_names_size          = nelem(header_names);
 
-BOOL    header_rewritten       = FALSE;
 uschar *helo_accept_junk_hosts = NULL;
 uschar *helo_allow_chars       = US"";
 uschar *helo_lookup_domains    = US"@ : @[]";
 uschar *helo_try_verify_hosts  = NULL;
-BOOL    helo_verified          = FALSE;
-BOOL    helo_verify_failed     = FALSE;
 uschar *helo_verify_hosts      = NULL;
 const uschar *hex_digits       = CUS"0123456789abcdef";
 uschar *hold_domains           = NULL;
-BOOL    host_checking          = FALSE;
-BOOL    host_checking_callout  = FALSE;
 uschar *host_data              = NULL;
-BOOL    host_find_failed_syntax= FALSE;
 uschar *host_lookup            = NULL;
-BOOL    host_lookup_deferred   = FALSE;
-BOOL    host_lookup_failed     = FALSE;
 uschar *host_lookup_order      = US"bydns:byaddr";
 uschar *host_lookup_msg        = US"";
 int     host_number            = 0;
@@ -782,17 +996,15 @@ uschar *host_reject_connection = NULL;
 tree_node *hostlist_anchor     = NULL;
 int     hostlist_count         = 0;
 uschar *hosts_treat_as_local   = NULL;
+uschar *hosts_require_helo     = US"*";
 uschar *hosts_connection_nolog = NULL;
 
 int     ignore_bounce_errors_after = 10*7*24*60*60;  /* 10 weeks */
-BOOL    ignore_fromline_local  = FALSE;
 uschar *ignore_fromline_hosts  = NULL;
-BOOL    inetd_wait_mode        = FALSE;
 int     inetd_wait_timeout     = -1;
 uschar *initial_cwd            = NULL;
 uschar *interface_address      = NULL;
 int     interface_port         = -1;
-BOOL    is_inetd               = FALSE;
 uschar *iterate_item           = NULL;
 
 int     journal_fd             = -1;
@@ -802,9 +1014,10 @@ uschar *keep_environment       = NULL;
 int     keep_malformed         = 4*24*60*60;    /* 4 days */
 
 uschar *eldap_dn               = NULL;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+uschar *limits_advertise_hosts = US"*";
+#endif
 int     load_average           = -2;
-BOOL    local_error_message    = FALSE;
-BOOL    local_from_check       = TRUE;
 uschar *local_from_prefix      = NULL;
 uschar *local_from_suffix      = NULL;
 
@@ -814,9 +1027,10 @@ uschar *local_interfaces       = US"<; ::0 ; 0.0.0.0";
 uschar *local_interfaces       = US"0.0.0.0";
 #endif
 
+#ifdef HAVE_LOCAL_SCAN
 uschar *local_scan_data        = NULL;
 int     local_scan_timeout     = 5*60;
-BOOL    local_sender_retain    = FALSE;
+#endif
 gid_t   local_user_gid         = (gid_t)(-1);
 uid_t   local_user_uid         = (uid_t)(-1);
 
@@ -828,12 +1042,15 @@ int     log_default[]          = { /* for initializing log_selector */
   Li_acl_warn_skipped,
   Li_connection_reject,
   Li_delay_delivery,
+  Li_dkim,
   Li_dnslist_defer,
   Li_etrn,
   Li_host_lookup_failed,
   Li_lost_incoming_connection,
   Li_outgoing_interface, /* see d_log_interface in deliver.c */
+  Li_msg_id,
   Li_queue_run,
+  Li_queue_time_exclusive,
   Li_rejected_header,
   Li_retry_defer,
   Li_sender_verify_fail,
@@ -851,7 +1068,8 @@ uschar *log_file_path          = US LOG_FILE_PATH
 int     log_notall[]           = {
   -1
 };
-bit_table log_options[]        = { /* must be in alphabetical order */
+bit_table log_options[]        = { /* must be in alphabetical order,
+                               with definitions from enum logbit. */
   BIT_TABLE(L, 8bitmime),
   BIT_TABLE(L, acl_warn_skipped),
   BIT_TABLE(L, address_rewrite),
@@ -862,22 +1080,34 @@ bit_table log_options[]        = { /* must be in alphabetical order */
   BIT_TABLE(L, delay_delivery),
   BIT_TABLE(L, deliver_time),
   BIT_TABLE(L, delivery_size),
+#ifndef DISABLE_DKIM
+  BIT_TABLE(L, dkim),
+  BIT_TABLE(L, dkim_verbose),
+#endif
   BIT_TABLE(L, dnslist_defer),
+  BIT_TABLE(L, dnssec),
   BIT_TABLE(L, etrn),
   BIT_TABLE(L, host_lookup_failed),
   BIT_TABLE(L, ident_timeout),
   BIT_TABLE(L, incoming_interface),
   BIT_TABLE(L, incoming_port),
   BIT_TABLE(L, lost_incoming_connection),
+  BIT_TABLE(L, millisec),
+  BIT_TABLE(L, msg_id),
+  BIT_TABLE(L, msg_id_created),
   BIT_TABLE(L, outgoing_interface),
   BIT_TABLE(L, outgoing_port),
   BIT_TABLE(L, pid),
-#if defined(SUPPORT_PROXY) || defined (SUPPORT_SOCKS)
+  BIT_TABLE(L, pipelining),
+  BIT_TABLE(L, protocol_detail),
+#if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS)
   BIT_TABLE(L, proxy),
 #endif
   BIT_TABLE(L, queue_run),
   BIT_TABLE(L, queue_time),
+  BIT_TABLE(L, queue_time_exclusive),
   BIT_TABLE(L, queue_time_overall),
+  BIT_TABLE(L, receive_time),
   BIT_TABLE(L, received_recipients),
   BIT_TABLE(L, received_sender),
   BIT_TABLE(L, rejected_header),
@@ -899,6 +1129,7 @@ bit_table log_options[]        = { /* must be in alphabetical order */
   BIT_TABLE(L, tls_certificate_verified),
   BIT_TABLE(L, tls_cipher),
   BIT_TABLE(L, tls_peerdn),
+  BIT_TABLE(L, tls_resumption),
   BIT_TABLE(L, tls_sni),
   BIT_TABLE(L, unknown_in_list),
 };
@@ -908,14 +1139,12 @@ int     log_reject_target      = 0;
 unsigned int log_selector[log_selector_size]; /* initialized in main() */
 uschar *log_selector_string    = NULL;
 FILE   *log_stderr             = NULL;
-BOOL    log_testing_mode       = FALSE;
-BOOL    log_timezone           = FALSE;
 uschar *login_sender_address   = NULL;
 uschar *lookup_dnssec_authenticated = NULL;
 int     lookup_open_max        = 25;
 uschar *lookup_value           = NULL;
 
-macro_item  *macros            = NULL;
+macro_item *macros_user        = NULL;
 uschar *mailstore_basename     = NULL;
 #ifdef WITH_CONTENT_SCAN
 uschar *malware_name           = NULL;  /* Virus Name */
@@ -925,7 +1154,6 @@ int     max_username_length    = 0;
 int     message_age            = 0;
 uschar *message_body           = NULL;
 uschar *message_body_end       = NULL;
-BOOL    message_body_newlines  = FALSE;
 int     message_body_size      = 0;
 int     message_body_visible   = 500;
 int     message_ended          = END_NOTSTARTED;
@@ -933,15 +1161,12 @@ uschar *message_headers        = NULL;
 uschar *message_id;
 uschar *message_id_domain      = NULL;
 uschar *message_id_text        = NULL;
-struct timeval message_id_tv   = { 0, 0 };
 uschar  message_id_option[MESSAGE_ID_LENGTH + 3];
 uschar *message_id_external;
 int     message_linecount      = 0;
-BOOL    message_logs           = TRUE;
 int     message_size           = 0;
 uschar *message_size_limit     = US"50M";
 #ifdef SUPPORT_I18N
-BOOL    message_smtputf8       = FALSE;
 int     message_utf8_downconvert = 0;  /* -1 ifneeded; 0 never; 1 always */
 #endif
 uschar  message_subdir[2]      = { 0, 0 };
@@ -967,13 +1192,11 @@ int     mime_is_rfc822         = 0;
 int     mime_part_count        = -1;
 #endif
 
-BOOL    mua_wrapper            = FALSE;
-
 uid_t  *never_users            = NULL;
-#ifdef WITH_CONTENT_SCAN
-BOOL    no_mbox_unspool        = FALSE;
-#endif
-BOOL    no_multiline_responses = FALSE;
+uschar *notifier_socket        = US"$spool_directory/" NOTIFIER_SOCKET_NAME ;
+
+const int on                   = 1;    /* for setsockopt */
+const int off                  = 0;
 
 uid_t   original_euid;
 gid_t   originator_gid;
@@ -983,29 +1206,30 @@ uid_t   originator_uid;
 uschar *override_local_interfaces = NULL;
 uschar *override_pid_file_path = NULL;
 
-BOOL    parse_allow_group      = FALSE;
-BOOL    parse_found_group      = FALSE;
+pcre2_general_context * pcre_gen_ctx = NULL;
+pcre2_compile_context * pcre_cmp_ctx = NULL;
+pcre2_match_context * pcre_mtc_ctx = NULL;
+
 uschar *percent_hack_domains   = NULL;
 uschar *pid_file_path          = US PID_FILE_PATH
                            "\0<--------------Space to patch pid_file_path->";
-BOOL    pipelining_enable      = TRUE;
+#ifndef DISABLE_PIPE_CONNECT
+uschar *pipe_connect_advertise_hosts = US"*";
+#endif
 uschar *pipelining_advertise_hosts = US"*";
-BOOL    preserve_message_logs  = FALSE;
 uschar *primary_hostname       = NULL;
-BOOL    print_topbitchars      = FALSE;
-uschar  process_info[PROCESS_INFO_SIZE];
+uschar *process_info;
 int     process_info_len       = 0;
 uschar *process_log_path       = NULL;
-BOOL    prod_requires_admin    = TRUE;
+const uschar *process_purpose  = US"fresh-exec";
 
 #if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS)
-uschar *hosts_proxy            = US"";
-uschar *proxy_external_address = US"";
+uschar *hosts_proxy            = NULL;
+uschar *proxy_external_address = NULL;
 int     proxy_external_port    = 0;
-uschar *proxy_local_address    = US"";
+uschar *proxy_local_address    = NULL;
 int     proxy_local_port       = 0;
-BOOL    proxy_session          = FALSE;
-BOOL    proxy_session_failed   = FALSE;
+int     proxy_protocol_timeout = 3;
 #endif
 
 uschar *prvscheck_address      = NULL;
@@ -1015,28 +1239,20 @@ uschar *prvscheck_result       = NULL;
 
 const uschar *qualify_domain_recipient = NULL;
 uschar *qualify_domain_sender  = NULL;
-BOOL    queue_2stage           = FALSE;
 uschar *queue_domains          = NULL;
 int     queue_interval         = -1;
-BOOL    queue_list_requires_admin = TRUE;
-BOOL    queue_only             = FALSE;
+uschar *queue_name             = US"";
+uschar *queue_name_dest        = NULL;
 uschar *queue_only_file        = NULL;
 int     queue_only_load        = -1;
-BOOL    queue_only_load_latch  = TRUE;
-BOOL    queue_only_override    = TRUE;
-BOOL    queue_only_policy      = FALSE;
-BOOL    queue_run_first_delivery = FALSE;
-BOOL    queue_run_force        = FALSE;
-BOOL    queue_run_in_order     = FALSE;
-BOOL    queue_run_local        = FALSE;
-int     queue_run_max          = 5;
+uschar *queue_run_max          = US"5";
 pid_t   queue_run_pid          = (pid_t)0;
 int     queue_run_pipe         = -1;
-BOOL    queue_running          = FALSE;
-BOOL    queue_smtp             = FALSE;
+unsigned queue_size            = 0;
+time_t  queue_size_next        = 0;
 uschar *queue_smtp_domains     = NULL;
 
-unsigned int random_seed       = 0;
+uint32_t random_seed          = 0;
 tree_node *ratelimiters_cmd    = NULL;
 tree_node *ratelimiters_conn   = NULL;
 tree_node *ratelimiters_mail   = NULL;
@@ -1050,8 +1266,6 @@ int     rcpt_fail_count        = 0;
 int     rcpt_defer_count       = 0;
 gid_t   real_gid;
 uid_t   real_uid;
-BOOL    really_exim            = TRUE;
-BOOL    receive_call_bombout   = FALSE;
 int     receive_linecount      = 0;
 int     receive_messagecount   = 0;
 int     receive_timeout        = 0;
@@ -1064,13 +1278,14 @@ date  will be automatically added on the end. */
 uschar *received_header_text   = US
      "Received: "
      "${if def:sender_rcvhost {from $sender_rcvhost\n\t}"
-     "{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}"
-     "${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}"
+       "{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}"
+         "${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}"
      "by $primary_hostname "
-     "${if def:received_protocol {with $received_protocol}} "
-     #ifdef SUPPORT_TLS
-     "${if def:tls_cipher {($tls_cipher)\n\t}}"
-     #endif
+     "${if def:received_protocol {with $received_protocol }}"
+#ifndef DISABLE_TLS
+     "${if def:tls_in_ver        { ($tls_in_ver)}}"
+     "${if def:tls_in_cipher_std { tls $tls_in_cipher_std\n\t}}"
+#endif
      "(Exim $version_number)\n\t"
      "${if def:sender_address {(envelope-from <$sender_address>)\n\t}}"
      "id $message_exim_id"
@@ -1079,27 +1294,29 @@ uschar *received_header_text   = US
 
 int     received_headers_max   = 30;
 uschar *received_protocol      = NULL;
-int     received_time          = 0;
+struct timeval received_time   = { 0, 0 };
+struct timeval received_time_complete = { 0, 0 };
 uschar *recipient_data         = NULL;
 uschar *recipient_unqualified_hosts = NULL;
 uschar *recipient_verify_failure = NULL;
 int     recipients_count       = 0;
-BOOL    recipients_discarded   = FALSE;
 recipient_item  *recipients_list = NULL;
 int     recipients_list_max    = 0;
-int     recipients_max         = 0;
-BOOL    recipients_max_reject  = FALSE;
-const pcre *regex_AUTH         = NULL;
-const pcre *regex_check_dns_names = NULL;
-const pcre *regex_From         = NULL;
-const pcre *regex_IGNOREQUOTA  = NULL;
-const pcre *regex_PIPELINING   = NULL;
-const pcre *regex_SIZE         = NULL;
-const pcre *regex_ismsgid      = NULL;
-const pcre *regex_smtp_code    = NULL;
-uschar *regex_vars[REGEX_VARS];
+int     recipients_max         = 50000;
+const pcre2_code *regex_AUTH         = NULL;
+const pcre2_code *regex_check_dns_names = NULL;
+const pcre2_code *regex_From         = NULL;
+const pcre2_code *regex_IGNOREQUOTA  = NULL;
+const pcre2_code *regex_PIPELINING   = NULL;
+const pcre2_code *regex_SIZE         = NULL;
+#ifndef DISABLE_PIPE_CONNECT
+const pcre2_code *regex_EARLY_PIPE   = NULL;
+#endif
+const pcre2_code *regex_ismsgid      = NULL;
+const pcre2_code *regex_smtp_code    = NULL;
+const uschar *regex_vars[REGEX_VARS];
 #ifdef WHITELIST_D_MACROS
-const pcre *regex_whitelisted_macro = NULL;
+const pcre2_code *regex_whitelisted_macro = NULL;
 #endif
 #ifdef WITH_CONTENT_SCAN
 uschar *regex_match_string     = NULL;
@@ -1112,99 +1329,98 @@ int     retry_interval_max     = 24*60*60;
 int     retry_maximum_timeout  = 0;        /* set from retry config */
 retry_config  *retries         = NULL;
 uschar *return_path            = NULL;
-BOOL    return_path_remove     = TRUE;
 int     rewrite_existflags     = 0;
 uschar *rfc1413_hosts          = US"@[]";
 int     rfc1413_query_timeout  = 0;
-/* BOOL    rfc821_domains         = FALSE;  <<< on the way out */
 uid_t   root_gid               = ROOT_GID;
 uid_t   root_uid               = ROOT_UID;
 
 router_instance  *routers  = NULL;
 router_instance  router_defaults = {
-    NULL,                      /* chain pointer */
-    NULL,                      /* name */
-    NULL,                      /* info */
-    NULL,                      /* private options block pointer */
-    NULL,                      /* driver name */
+    .next =                    NULL,
+    .name =                    NULL,
+    .info =                    NULL,
+    .options_block =           NULL,
+    .driver_name =             NULL,
 
-    NULL,                      /* address_data */
+    .address_data =            NULL,
 #ifdef EXPERIMENTAL_BRIGHTMAIL
-    NULL,                      /* bmi_rule */
-#endif
-    NULL,                      /* cannot_route_message */
-    NULL,                      /* condition */
-    NULL,                      /* current_directory */
-    NULL,                      /* debug_string */
-    NULL,                      /* domains */
-    NULL,                      /* errors_to */
-    NULL,                      /* expand_gid */
-    NULL,                      /* expand_uid */
-    NULL,                      /* expand_more */
-    NULL,                      /* expand_unseen */
-    NULL,                      /* extra_headers */
-    NULL,                      /* fallback_hosts */
-    NULL,                      /* home_directory */
-    NULL,                      /* ignore_target_hosts */
-    NULL,                      /* local_parts */
-    NULL,                      /* pass_router_name */
-    NULL,                      /* prefix */
-    NULL,                      /* redirect_router_name */
-    NULL,                      /* remove_headers */
-    NULL,                      /* require_files */
-    NULL,                      /* router_home_directory */
-    US"freeze",                /* self */
-    NULL,                      /* senders */
-    NULL,                      /* suffix */
-    NULL,                      /* translate_ip_address */
-    NULL,                      /* transport_name */
-
-    TRUE,                      /* address_test */
+    .bmi_rule =                        NULL,
+#endif
+    .cannot_route_message =    NULL,
+    .condition =               NULL,
+    .current_directory =       NULL,
+    .debug_string =            NULL,
+    .domains =                 NULL,
+    .errors_to =               NULL,
+    .expand_gid =              NULL,
+    .expand_uid =              NULL,
+    .expand_more =             NULL,
+    .expand_unseen =           NULL,
+    .extra_headers =           NULL,
+    .fallback_hosts =          NULL,
+    .home_directory =          NULL,
+    .ignore_target_hosts =     NULL,
+    .local_parts =             NULL,
+    .pass_router_name =                NULL,
+    .prefix =                  NULL,
+    .redirect_router_name =    NULL,
+    .remove_headers =          NULL,
+    .require_files =           NULL,
+    .router_home_directory =   NULL,
+    .self =                    US"freeze",
+    .senders =                 NULL,
+    .suffix =                  NULL,
+    .translate_ip_address =    NULL,
+    .transport_name =          NULL,
+
+    .address_test =            TRUE,
 #ifdef EXPERIMENTAL_BRIGHTMAIL
-    FALSE,                     /* bmi_deliver_alternate */
-    FALSE,                     /* bmi_deliver_default */
-    FALSE,                     /* bmi_dont_deliver */
-#endif
-    TRUE,                      /* expn */
-    FALSE,                     /* caseful_local_part */
-    FALSE,                     /* check_local_user */
-    FALSE,                     /* disable_logging */
-    FALSE,                     /* fail_verify_recipient */
-    FALSE,                     /* fail_verify_sender */
-    FALSE,                     /* gid_set */
-    FALSE,                     /* initgroups */
-    TRUE_UNSET,                /* log_as_local */
-    TRUE,                      /* more */
-    FALSE,                     /* pass_on_timeout */
-    FALSE,                     /* prefix_optional */
-    TRUE,                      /* repeat_use */
-    TRUE_UNSET,                /* retry_use_local_part - fudge "unset" */
-    FALSE,                     /* same_domain_copy_routing */
-    FALSE,                     /* self_rewrite */
-    FALSE,                     /* suffix_optional */
-    FALSE,                     /* verify_only */
-    TRUE,                      /* verify_recipient */
-    TRUE,                      /* verify_sender */
-    FALSE,                     /* uid_set */
-    FALSE,                     /* unseen */
-    FALSE,                     /* dsn_lasthop */
-
-    self_freeze,               /* self_code */
-    (uid_t)(-1),               /* uid */
-    (gid_t)(-1),               /* gid */
-
-    NULL,                      /* fallback_hostlist */
-    NULL,                      /* transport instance */
-    NULL,                      /* pass_router */
-    NULL,                      /* redirect_router */
-
-    { NULL, NULL },            /* dnssec_domains {require,request} */
+    .bmi_deliver_alternate =   FALSE,
+    .bmi_deliver_default =     FALSE,
+    .bmi_dont_deliver =                FALSE,
+#endif
+    .expn =                    TRUE,
+    .caseful_local_part =      FALSE,
+    .check_local_user =                FALSE,
+    .disable_logging =         FALSE,
+    .fail_verify_recipient =   FALSE,
+    .fail_verify_sender =      FALSE,
+    .gid_set =                 FALSE,
+    .initgroups =              FALSE,
+    .log_as_local =            TRUE_UNSET,
+    .more =                    TRUE,
+    .pass_on_timeout =         FALSE,
+    .prefix_optional =         FALSE,
+    .repeat_use =              TRUE,
+    .retry_use_local_part =    TRUE_UNSET,
+    .same_domain_copy_routing =        FALSE,
+    .self_rewrite =            FALSE,
+    .set =                     NULL,
+    .suffix_optional =         FALSE,
+    .verify_only =             FALSE,
+    .verify_recipient =                TRUE,
+    .verify_sender =           TRUE,
+    .uid_set =                 FALSE,
+    .unseen =                  FALSE,
+    .dsn_lasthop =             FALSE,
+
+    .self_code =               self_freeze,
+    .uid =                     (uid_t)(-1),
+    .gid =                     (gid_t)(-1),
+
+    .fallback_hostlist =       NULL,
+    .transport =               NULL,
+    .pass_router =             NULL,
+    .redirect_router =         NULL,
+
+    .dnssec =                   { .request= US"*", .require=NULL },
 };
 
 uschar *router_name            = NULL;
+tree_node *router_var         = NULL;
 
 ip_address_item *running_interfaces = NULL;
-BOOL    running_in_test_harness = FALSE;
 
 /* This is a weird one. The following string gets patched in the binary by the
 script that sets up a copy of Exim for running in the test harness. It seems
@@ -1219,82 +1435,72 @@ uschar *running_status         = US">>>running<<<" "\0EXTRA";
 int     runrc                  = 0;
 
 uschar *search_error_message   = NULL;
-BOOL    search_find_defer      = FALSE;
 uschar *self_hostname          = NULL;
 uschar *sender_address         = NULL;
 unsigned int sender_address_cache[(MAX_NAMED_LIST * 2)/32];
 uschar *sender_address_data    = NULL;
-BOOL    sender_address_forced  = FALSE;
 uschar *sender_address_unrewritten = NULL;
 uschar *sender_data            = NULL;
 unsigned int sender_domain_cache[(MAX_NAMED_LIST * 2)/32];
 uschar *sender_fullhost        = NULL;
-BOOL    sender_helo_dnssec     = FALSE;
 uschar *sender_helo_name       = NULL;
 uschar **sender_host_aliases   = &no_aliases;
 uschar *sender_host_address    = NULL;
 uschar *sender_host_authenticated = NULL;
+uschar *sender_host_auth_pubname  = NULL;
 unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32];
-BOOL    sender_host_dnssec     = FALSE;
 uschar *sender_host_name       = NULL;
 int     sender_host_port       = 0;
-BOOL    sender_host_notsocket  = FALSE;
-BOOL    sender_host_unknown    = FALSE;
 uschar *sender_ident           = NULL;
-BOOL    sender_local           = FALSE;
-BOOL    sender_name_forced     = FALSE;
 uschar *sender_rate            = NULL;
 uschar *sender_rate_limit      = NULL;
 uschar *sender_rate_period     = NULL;
 uschar *sender_rcvhost         = NULL;
-BOOL    sender_set_untrusted   = FALSE;
 uschar *sender_unqualified_hosts = NULL;
 uschar *sender_verify_failure = NULL;
 address_item *sender_verified_list  = NULL;
 address_item *sender_verified_failed = NULL;
 int     sender_verified_rc     = -1;
-BOOL    sender_verified_responded = FALSE;
 uschar *sending_ip_address     = NULL;
 int     sending_port           = -1;
 SIGNAL_BOOL sigalrm_seen       = FALSE;
+const uschar *sigalarm_setter  = NULL;
 uschar **sighup_argv           = NULL;
 int     slow_lookup_log        = 0;    /* millisecs, zero disables */
 int     smtp_accept_count      = 0;
-BOOL    smtp_accept_keepalive  = TRUE;
 int     smtp_accept_max        = 20;
 int     smtp_accept_max_nonmail= 10;
 uschar *smtp_accept_max_nonmail_hosts = US"*";
-int     smtp_accept_max_per_connection = 1000;
+uschar *smtp_accept_max_per_connection = US"1000";
 uschar *smtp_accept_max_per_host = NULL;
 int     smtp_accept_queue      = 0;
 int     smtp_accept_queue_per_connection = 10;
 int     smtp_accept_reserve    = 0;
 uschar *smtp_active_hostname   = NULL;
-BOOL    smtp_authenticated     = FALSE;
+int    smtp_backlog_monitor   = 0;
 uschar *smtp_banner            = US"$smtp_active_hostname ESMTP "
                              "Exim $version_number $tod_full"
                              "\0<---------------Space to patch smtp_banner->";
-BOOL    smtp_batched_input     = FALSE;
-BOOL    smtp_check_spool_space = TRUE;
 int     smtp_ch_index          = 0;
 uschar *smtp_cmd_argument      = NULL;
 uschar *smtp_cmd_buffer        = NULL;
-time_t  smtp_connection_start  = 0;
+struct timeval smtp_connection_start  = {0,0};
 uschar  smtp_connection_had[SMTP_HBUFF_SIZE];
 int     smtp_connect_backlog   = 20;
 double  smtp_delay_mail        = 0.0;
 double  smtp_delay_rcpt        = 0.0;
-BOOL    smtp_enforce_sync      = TRUE;
 FILE   *smtp_in                = NULL;
-BOOL    smtp_input             = FALSE;
+int     smtp_listen_backlog    = 0;
 int     smtp_load_reserve      = -1;
 int     smtp_mailcmd_count     = 0;
+int     smtp_mailcmd_max       = -1;
 FILE   *smtp_out               = NULL;
 uschar *smtp_etrn_command      = NULL;
-BOOL    smtp_etrn_serialize    = TRUE;
 int     smtp_max_synprot_errors= 3;
 int     smtp_max_unknown_commands = 3;
 uschar *smtp_notquit_reason    = NULL;
+unsigned smtp_peer_options     = 0;
+unsigned smtp_peer_options_wrap= 0;
 uschar *smtp_ratelimit_hosts   = NULL;
 uschar *smtp_ratelimit_mail    = NULL;
 uschar *smtp_ratelimit_rcpt    = NULL;
@@ -1302,7 +1508,6 @@ uschar *smtp_read_error        = US"";
 int     smtp_receive_timeout   = 5*60;
 uschar *smtp_receive_timeout_s = NULL;
 uschar *smtp_reserve_hosts     = NULL;
-BOOL    smtp_return_error_details = FALSE;
 int     smtp_rlm_base          = 0;
 double  smtp_rlm_factor        = 0.0;
 int     smtp_rlm_limit         = 0;
@@ -1311,8 +1516,6 @@ int     smtp_rlr_base          = 0;
 double  smtp_rlr_factor        = 0.0;
 int     smtp_rlr_limit         = 0;
 int     smtp_rlr_threshold     = INT_MAX;
-BOOL    smtp_use_pipelining    = FALSE;
-BOOL    smtp_use_size          = FALSE;
 #ifdef SUPPORT_I18N
 uschar *smtputf8_advertise_hosts = US"*";      /* overridden under test-harness */
 #endif
@@ -1325,48 +1528,31 @@ uschar *spam_action            = NULL;
 uschar *spam_score             = NULL;
 uschar *spam_score_int         = NULL;
 #endif
-#ifdef EXPERIMENTAL_SPF
+#ifdef SUPPORT_SPF
 uschar *spf_guess              = US"v=spf1 a/24 mx/24 ptr ?all";
 uschar *spf_header_comment     = NULL;
 uschar *spf_received           = NULL;
 uschar *spf_result             = NULL;
 uschar *spf_smtp_comment       = NULL;
+uschar *spf_smtp_comment_template
+                    /* Used to be: "Please%_see%_http://www.open-spf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}" */
+                               = US"Please%_see%_http://www.open-spf.org/Why";
+
 #endif
 
-BOOL    split_spool_directory  = FALSE;
+FILE   *spool_data_file               = NULL;
 uschar *spool_directory        = US SPOOL_DIRECTORY
                            "\0<--------------Space to patch spool_directory->";
-#ifdef EXPERIMENTAL_SRS
-uschar *srs_config             = NULL;
-uschar *srs_db_address         = NULL;
-uschar *srs_db_key             = NULL;
-int     srs_hashlength         = 6;
-int     srs_hashmin            = -1;
-int     srs_maxage             = 31;
-uschar *srs_orig_recipient     = NULL;
-uschar *srs_orig_sender        = NULL;
+#ifdef SUPPORT_SRS
 uschar *srs_recipient          = NULL;
-uschar *srs_secrets            = NULL;
-uschar *srs_status             = NULL;
-BOOL    srs_usehash            = TRUE;
-BOOL    srs_usetimestamp       = TRUE;
 #endif
-BOOL    strict_acl_vars        = FALSE;
 int     string_datestamp_offset= -1;
 int     string_datestamp_length= 0;
 int     string_datestamp_type  = -1;
-BOOL    strip_excess_angle_brackets = FALSE;
-BOOL    strip_trailing_dot     = FALSE;
-uschar *submission_domain      = NULL;
-BOOL    submission_mode        = FALSE;
-uschar *submission_name        = NULL;
-BOOL    suppress_local_fixups  = FALSE;
-BOOL    suppress_local_fixups_default = FALSE;
-BOOL    synchronous_delivery   = FALSE;
-BOOL    syslog_duplication     = TRUE;
+const uschar *submission_domain = NULL;
+const uschar *submission_name  = NULL;
 int     syslog_facility        = LOG_MAIL;
 uschar *syslog_processname     = US"exim";
-BOOL    syslog_timestamp       = TRUE;
 uschar *system_filter          = NULL;
 
 uschar *system_filter_directory_transport = NULL;
@@ -1375,77 +1561,33 @@ uschar *system_filter_pipe_transport = NULL;
 uschar *system_filter_reply_transport = NULL;
 
 gid_t   system_filter_gid      = 0;
-BOOL    system_filter_gid_set  = FALSE;
 uid_t   system_filter_uid      = (uid_t)-1;
-BOOL    system_filter_uid_set  = FALSE;
-BOOL    system_filtering       = FALSE;
 
-BOOL    tcp_nodelay            = TRUE;
+blob   tcp_fastopen_nodata    = { .data = NULL, .len = 0 };
+tfo_state_t tcp_out_fastopen   = TFO_NOT_USED;
 #ifdef USE_TCP_WRAPPERS
 uschar *tcp_wrappers_daemon_name = US TCP_WRAPPERS_DAEMON_NAME;
 #endif
 int     test_harness_load_avg  = 0;
 int     thismessage_size_limit = 0;
 int     timeout_frozen_after   = 0;
-BOOL    timestamps_utc         = FALSE;
+#ifdef MEASURE_TIMING
+struct timeval timestamp_startup;
+#endif
 
 transport_instance  *transports = NULL;
 
 transport_instance  transport_defaults = {
-    NULL,                     /* chain pointer */
-    NULL,                     /* name */
-    NULL,                     /* info */
-    NULL,                     /* private options block pointer */
-    NULL,                     /* driver name */
-    NULL,                     /* setup entry point */
-    1,                        /* batch_max */
-    NULL,                     /* batch_id */
-    NULL,                     /* home_dir */
-    NULL,                     /* current_dir */
-    NULL,                     /* expand-multi-domain */
-    TRUE,                     /* multi-domain */
-    FALSE,                    /* overrides_hosts */
-    100,                      /* max_addresses */
-    500,                      /* connection_max_messages */
-    FALSE,                    /* deliver_as_creator */
-    FALSE,                    /* disable_logging */
-    FALSE,                    /* initgroups */
-    FALSE,                    /* uid_set */
-    FALSE,                    /* gid_set */
-    (uid_t)(-1),              /* uid */
-    (gid_t)(-1),              /* gid */
-    NULL,                     /* expand_uid */
-    NULL,                     /* expand_gid */
-    NULL,                     /* warn_message */
-    NULL,                     /* shadow */
-    NULL,                     /* shadow_condition */
-    NULL,                     /* filter_command */
-    NULL,                     /* add_headers */
-    NULL,                     /* remove_headers */
-    NULL,                     /* return_path */
-    NULL,                     /* debug_string */
-    NULL,                     /* max_parallel */
-    NULL,                     /* message_size_limit */
-    NULL,                     /* headers_rewrite */
-    NULL,                     /* rewrite_rules */
-    0,                        /* rewrite_existflags */
-    300,                      /* filter_timeout */
-    FALSE,                    /* body_only */
-    FALSE,                    /* delivery_date_add */
-    FALSE,                    /* envelope_to_add */
-    FALSE,                    /* headers_only */
-    FALSE,                    /* rcpt_include_affixes */
-    FALSE,                    /* return_path_add */
-    FALSE,                    /* return_output */
-    FALSE,                    /* return_fail_output */
-    FALSE,                    /* log_output */
-    FALSE,                    /* log_fail_output */
-    FALSE,                    /* log_defer_output */
-    TRUE_UNSET                /* retry_use_local_part: BOOL, but set neither
-                                 1 nor 0 so can detect unset */
-#ifndef DISABLE_EVENT
-   ,NULL                     /* event_action */
-#endif
+    /* All non-mentioned elements zero/NULL/FALSE */
+    .batch_max =               1,
+    .multi_domain =            TRUE,
+    .max_addresses =           100,
+    .connection_max_messages = 500,
+    .uid =                     (uid_t)(-1),
+    .gid =                     (gid_t)(-1),
+    .filter_timeout =          300,
+    .retry_use_local_part =    TRUE_UNSET,     /* retry_use_local_part: BOOL, but set neither
+                                                1 nor 0 so can detect unset */
 };
 
 int     transport_count;
@@ -1453,7 +1595,6 @@ uschar *transport_name          = NULL;
 int     transport_newlines;
 const uschar **transport_filter_argv  = NULL;
 int     transport_filter_timeout;
-BOOL    transport_filter_timed_out = FALSE;
 int     transport_write_timeout= 0;
 
 tree_node  *tree_dns_fails     = NULL;
@@ -1461,8 +1602,6 @@ tree_node  *tree_duplicates    = NULL;
 tree_node  *tree_nonrecipients = NULL;
 tree_node  *tree_unusable      = NULL;
 
-BOOL    trusted_caller         = FALSE;
-BOOL    trusted_config         = TRUE;
 gid_t  *trusted_groups         = NULL;
 uid_t  *trusted_users          = NULL;
 uschar *timezone_string        = US TIMEZONE_DEFAULT;
@@ -1498,8 +1637,8 @@ uschar *uucp_from_sender       = US"$1";
 
 uschar *verify_mode           = NULL;
 uschar *version_copyright      =
- US"Copyright (c) University of Cambridge, 1995 - 2016\n"
-   "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2016";
+ US"Copyright (c) University of Cambridge, 1995 - 2018\n"
+   "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2020";
 uschar *version_date           = US"?";
 uschar *version_cnumber        = US"????";
 uschar *version_string         = US"?";
@@ -1508,7 +1647,6 @@ uschar *warn_message_file      = NULL;
 int     warning_count          = 0;
 uschar *warnmsg_delay          = NULL;
 uschar *warnmsg_recipients     = NULL;
-BOOL    write_rejectlog        = TRUE;
 
 
 /*  End of globals.c */