If the &%domains%& option is set, the domain of the address must be in the set
of domains that it defines.
.cindex "tainted data" "de-tainting"
-.cindex "de-tainting" "using router domains option"
+.cindex de-tainting "using router domains option"
+.cindex de-tainting &$domains$&
A match verifies the variable &$domain$& (which carries tainted data)
and assigns an untainted value to the &$domain_data$& variable.
Such an untainted value is often needed in the transport.
If the &%local_parts%& option is set, the local part of the address must be in
the set of local parts that it defines.
A match verifies the variable &$local_part$& (which carries tainted data)
+.cindex de-tainting &$local_parts$&
and assigns an untainted value to the &$local_part_data$& variable.
Such an untainted value is often needed in the transport.
For specifics of the matching operation and the resulting untainted value,
.options dmarc_forensic_sender main string&!! unset &&&
- dmarc_history_file main string unset &&&
- dmarc_tld_file main string unset
+ dmarc_history_file main string&!! unset &&&
+ dmarc_tld_file main string&!! unset
.cindex DMARC "main section options"
These options control DMARC processing.
See section &<<SECDMARC>>& for details.
.option domains routers&!? "domain list&!!" unset
.cindex "router" "restricting to specific domains"
.vindex "&$domain_data$&"
-If this option is set, the router is skipped unless the current domain matches
-the list.
+If this option is set,
+the argument is first expanded to give a list.
+The router is skipped unless the current domain matches the list.
The data returned by the list check
is placed in &$domain_data$& for use in string
expansions of the driver's private options and in the transport.
+If the result of expansion is empty or a forced-fail,
+the router is skipped.
+
See section &<<SECTrouprecon>>& for
a list of the order in which preconditions are evaluated.
.option local_parts routers&!? "local part list&!!" unset
.cindex "router" "restricting to specific local parts"
.cindex "local part" "checking in router"
+If this option is set, the argument is first expanded to give a list.
The router is run only if the local part of the address matches the list.
+If the result of expansion is empty or a forced-fail,
+the router is skipped.
+
See section &<<SECTrouprecon>>& for a list of the order in which preconditions
are evaluated, and
section &<<SECTlocparlis>>& for a discussion of local part lists. Because the
local_parts = dbm;/usr/local/specials/$domain_data
.endd
.vindex "&$local_part_data$&"
-the data returned by the list check
+The data returned by the list check
for the local part is placed in the variable &$local_part_data$& for use in
expansions of the router's private options or in the transport.
You might use this option, for
.vitem &*control&~=&~cutthrough_delivery/*&<&'options'&>
.cindex "&ACL;" "cutthrough routing"
.cindex "cutthrough" "requesting"
-This option requests delivery be attempted while the item is being received.
+This control requests delivery be attempted while the item is being received.
-The option is usable in the RCPT ACL.
+The control is usable in the RCPT ACL.
If enabled for a message received via smtp and routed to an smtp transport,
and only one transport, interface, destination host and port combination
is used for all recipients of the message,
then the delivery connection is made while the receiving connection is open
and data is copied from one to the other.
-An attempt to set this option for any recipient but the first
+An attempt to set this control for any recipient but the first
for a mail will be quietly ignored.
If a recipient-verify callout
(with use_sender)
Cutthrough delivery is not supported via transport-filters or when DKIM signing
of outgoing messages is done, because it sends data to the ultimate destination
before the entire message has been received from the source.
-It is not supported for messages received with the SMTP PRDR
-or CHUNKING
-options in use.
+It is not supported for messages received with the SMTP PRDR or CHUNKING
+modes in use.
Should the ultimate destination system positively accept or reject the mail,
a corresponding indication is given to the source system and nothing is queued.
the delivery log lines are tagged with ">>" rather than "=>" and appear
before the acceptance "<=" line.
-If there is a temporary error the item is queued for later delivery in the
-usual fashion.
-This behaviour can be adjusted by appending the option &*defer=*&<&'value'&>
-to the control; the default value is &"spool"& and the alternate value
-&"pass"& copies an SMTP defer response from the target back to the initiator
-and does not queue the message.
-Note that this is independent of any recipient verify conditions in the ACL.
-
Delivery in this mode avoids the generation of a bounce mail to a
(possibly faked)
sender when the destination system is doing content-scan based rejection.
+.new
+Options for this control may be appended, separated by slash (&"/"&)
+characters.
+There are two possible options,
+both taking a value string prefixed by an equals (&"="&) character.
+
+The &*defer*& option controls the result of a temporary error
+of the cutthrough delivery.
+The default value &"spool"& queues the message in the normal way
+for later processing.
+A value of &"pass"& copies an SMTP defer response back to the initiator
+and does not queue the message.
+Note that this is independent of any recipient verify conditions in the ACL.
+
+The &*sender*& option controls the envelope-from used for the
+outbound connection.
+The default value of &"orig"& uses the address given for envelope-from
+in the inbound (originating) connection.
+A value of &"transport"& permits the transport used for the outbound
+connection to modify the envelope-from, via its &*return_path*& option.
+.wen
+
.vitem &*control&~=&~debug/*&<&'options'&>
.cindex "&ACL;" "enabling debug logging"
from a link at &url(https://publicsuffix.org/list/public_suffix_list.dat).
See also the util/renew-opendmarc-tlds.sh script.
The default for the option is unset.
-If not set, DMARC processing is disabled.
+.new
+It is expanded before use.
+If not set (or empty after expansion), DMARC processing is disabled.
+.wen
-The &%dmarc_history_file%& option, if set
+The &%dmarc_history_file%& option
.oindex &%dmarc_history_file%&
defines the location of a file to log results
of dmarc verification on inbound emails. The
reports, and expire the data. Make sure the
directory of this file is writable by the user
exim runs as.
-The default is unset.
+The default for the option is unset.
+.new
+It is expanded before use.
+If not set (or empty after expansion), no history is written.
+.wen
The &%dmarc_forensic_sender%& option
.oindex &%dmarc_forensic_sender%&
git://git.exim.org / exim.git / blobdiff