.set I " "
.macro copyyear
-2016
+2017
.endmacro
. /////////////////////////////////////////////////////////////////////////////
.oindex "&%-MCG%&"
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the &%-MC%& option. It signifies that an
-alternate queue is used, named by the following option.
+alternate queue is used, named by the following argument.
+
+.vitem &%-MCK%&
+.oindex "&%-MCK%&"
+This option is not intended for use by external callers. It is used internally
+by Exim in conjunction with the &%-MC%& option. It signifies that an
+remote host supports the ESMTP &_CHUNKING_& extension.
.vitem &%-MCP%&
.oindex "&%-MCP%&"
&$proxy_local_port$& &&&
&$proxy_session$&
These variables are only available when built with Proxy Protocol
-or Socks5 support
+or SOCKS5 support.
For details see chapter &<<SECTproxyInbound>>&.
.vitem &$prdr_requested$&
If you have changed &%host_lookup_order%& so that &`bydns`& is not the first
mechanism in the list, then this variable will be false.
+.new
+This requires that your system resolver library support EDNS0 (and that
+DNSSEC flags exist in the system headers). If the resolver silently drops
+all EDNS0 options, then this will have no effect. OpenBSD's asr resolver
+is known to currently ignore EDNS0, documented in CAVEATS of asr_run(3).
+.wen
+
.vitem &$sender_host_name$&
.vindex "&$sender_host_name$&"
.option dns_use_edns0 main integer -1
.cindex "DNS" "resolver options"
.cindex "DNS" "EDNS0"
+.cindex "DNS" "OpenBSD
If this option is set to a non-negative number then Exim will initialise the
DNS resolver library to either use or not use EDNS0 extensions, overriding
the system default. A value of 0 coerces EDNS0 off, a value of 1 coerces EDNS0
If the resolver library does not support EDNS0 then this option has no effect.
+.new
+OpenBSD's asr resolver routines are known to ignore the EDNS0 option; this
+means that DNSSEC will not work with Exim on that platform either, unless Exim
+is linked against an alternative DNS client library.
+.wen
+
.option drop_cr main boolean false
This is an obsolete option that is now a no-op. It used to affect the way Exim
appropriate &%system_filter_..._transport%& option(s) must be set, to define
which transports are to be used. Details of this facility are given in chapter
&<<CHAPsystemfilter>>&.
+.new
+A forced expansion failure results in no filter operation.
+.wen
.option system_filter_directory_transport main string&!! unset
deliver the message unauthenticated.
.endlist
+.new
+Note that the hostlist test for whether to do authentication can be
+confused if name-IP lookups change between the time the peer is decided
+on and the transport running. For example, with a manualroute
+router given a host name, and DNS "round-robin" use by that name: if
+the local resolver cache times out between the router and the transport
+running, the transport may get an IP for the name for its authentication
+check which does not match the connection peer IP.
+No authentication will then be done, despite the names being identical.
+
+For such cases use a separate transport which always authenticates.
+.wen
+
.cindex "AUTH" "on MAIL command"
When Exim has authenticated itself to a remote server, it adds the AUTH
parameter to the MAIL commands it sends, if it has an authenticated sender for
remaining recipients. The &"discard"& return is not permitted for the
&%acl_smtp_predata%& ACL.
+.new
+If the ACL for VRFY returns &"accept"&, a recipient verify (without callout)
+is done on the address and the result determines the SMTP response.
+.wen
+
.cindex "&[local_scan()]& function" "when all recipients discarded"
The &[local_scan()]& function is always run, even if there are no remaining
Cutthrough delivery is not supported via transport-filters or when DKIM signing
of outgoing messages is done, because it sends data to the ultimate destination
before the entire message has been received from the source.
-It is not supported for messages received with the SMTP PRDR option in use.
+It is not supported for messages received with the SMTP PRDR
+.new
+or CHUNKING
+.wen
+options in use.
Should the ultimate destination system positively accept or reject the mail,
a corresponding indication is given to the source system and nothing is queued.
.cindex "&%verify%& ACL condition"
This is a variation of the previous option, in which a modified address is
verified as a sender.
+
+.new
+Note that '/' is legal in local-parts; if the address may have such
+(eg. is generated from the received message)
+they must be protected from the options parsing by doubling:
+.code
+verify = sender=${sg{${address:$h_sender:}}{/}{//}}
+.endd
+.wen
.endlist
&%proxy%&: The internal (closest to the system running Exim) IP address
of the proxy, tagged by PRX=, on the &"<="& line for a message accepted
on a proxied connection
-or the &"=>"& line for a message delivered on a proxied connection..
+or the &"=>"& line for a message delivered on a proxied connection.
See &<<SECTproxyInbound>>& for more information.
.next
.cindex "log" "incoming remote port"
.next
.vindex "&$body_linecount$&"
If you change the number of lines in the file, the value of
-&$body_linecount$&, which is stored in the -H file, will be incorrect. At
-present, this value is not used by Exim, but there is no guarantee that this
-will always be the case.
+&$body_linecount$&, which is stored in the -H file, will be incorrect and can
+cause incomplete transmission of messages or undeliverable messages.
.next
If the message is in MIME format, you must take care not to break it.
.next
Use of a proxy is enabled by setting the &%hosts_proxy%&
main configuration option to a hostlist; connections from these
hosts will use Proxy Protocol.
+Exim supports both version 1 and version 2 of the Proxy Protocol and
+automatically determines which version is in use.
+
+The Proxy Protocol header is the first data received on a TCP connection
+and is inserted before any TLS-on-connect handshake from the client; Exim
+negotiates TLS between Exim-as-server and the remote client, not between
+Exim and the proxy server.
The following expansion variables are usable
(&"internal"& and &"external"& here refer to the interfaces
To include this it must be built with SUPPORT_I18N and the libidn library.
Standards supported are RFCs 2060, 5890, 6530 and 6533.
+.new
+If Exim is built with SUPPORT_I18N_2008 (in addition to SUPPORT_I18N, not
+instead of it) then IDNA2008 is supported; this adds an extra library
+requirement, upon libidn2.
+.wen
+
.section "MTA operations" SECTi18nMTA
.cindex SMTPUTF8 "ESMTP option"
The main configuration option &%smtputf8_advertise_hosts%& specifies
git://git.exim.org / exim.git / blobdiff