the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&.
All other connections are denied. The daemon name used by &'tcpwrappers'&
can be changed at build time by setting TCP_WRAPPERS_DAEMON_NAME in
-in &_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
+&_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
configure file. Consult the &'tcpwrappers'& documentation for
further details.
.oindex "&%-bm%&"
.cindex "local message reception"
This option runs an Exim receiving process that accepts an incoming,
-locally-generated message on the current input. The recipients are given as the
+locally-generated message on the standard input. The recipients are given as the
command arguments (except when &%-t%& is also present &-- see below). Each
argument can be a comma-separated list of RFC 2822 addresses. This is the
default option for selecting the overall action of an Exim call; it is assumed
Provided
this error message is successfully sent, the Exim receiving process
exits with a return code of zero. If not, the return code is 2 if the problem
-is that the original message has no recipients, or 1 any other error. This is
-the default &%-oe%&&'x'& option if Exim is called as &'rmail'&.
+is that the original message has no recipients, or 1 for any other error.
+This is the default &%-oe%&&'x'& option if Exim is called as &'rmail'&.
.vitem &%-oem%&
.oindex "&%-oem%&"
.vitem &%-Tqt%&&~<&'times'&>
.oindex "&%-Tqt%&"
-This an option that is exclusively for use by the Exim testing suite. It is not
+This is an option that is exclusively for use by the Exim testing suite. It is not
recognized when Exim is run normally. It allows for the setting up of explicit
&"queue times"& so that various warning/retry features can be tested.
surrounding the colons is ignored. For example:
.code
aol.com: spammer1 : spammer2 : ^[0-9]+$ :
-spammer3 : spammer4
+ spammer3 : spammer4
.endd
As in all colon-separated lists in Exim, a colon can be included in an item by
doubling.
The string is interpreted as a list and the number of items is returned.
-.vitem &*${listnamed:*&<&'name'&>&*}*&&~and&~&*${list_*&<&'type'&>&*name'&>&*}*&
+.vitem &*${listnamed:*&<&'name'&>&*}*&&~and&~&*${list_*&<&'type'&>&*name*&>&*}*&
.cindex "expansion" "named list"
.cindex "&%listnamed%& expansion item"
The name is interpreted as a named list and the content of the list is returned,
.endd
To specify listening on the default port on specific interfaces only:
.code
-local_interfaces = 192.168.34.67 : 192.168.34.67
+local_interfaces = 10.0.0.67 : 192.168.34.67
.endd
&*Warning*&: Such a setting excludes listening on the loopback interfaces.
.option transport_filter_timeout transports time 5m
.cindex "transport" "filter, timeout"
-When Exim is reading the output of a transport filter, it a applies a timeout
+When Exim is reading the output of a transport filter, it applies a timeout
that can be set by this option. Exceeding the timeout is normally treated as a
temporary delivery failure. However, if a transport filter is used with a
&(pipe)& transport, a timeout in the transport filter is treated in the same
.cindex "certificate" "self-signed"
You can create a self-signed certificate using the &'req'& command provided
with OpenSSL, like this:
+. ==== Do not shorten the duration here without reading and considering
+. ==== the text below. Please leave it at 9999 days.
.code
openssl req -x509 -newkey rsa:1024 -keyout file1 -out file2 \
-days 9999 -nodes
prompting for the passphrase. This is not helpful if you are going to use
this certificate and key in an MTA, where prompting is not possible.
+. ==== I expect to still be working 26 years from now. The less technical
+. ==== debt I create, in terms of storing up trouble for my later years, the
+. ==== happier I will be then. We really have reached the point where we
+. ==== should start, at the very least, provoking thought and making folks
+. ==== pause before proceeding, instead of leaving all the fixes until two
+. ==== years before 2^31 seconds after the 1970 Unix epoch.
+. ==== -pdp, 2012
+NB: we are now past the point where 9999 days takes us past the 32-bit Unix
+epoch. If your system uses unsigned time_t (most do) and is 32-bit, then
+the above command might produce a date in the past. Think carefully about
+the lifetime of the systems you're deploying, and either reduce the duration
+of the certificate or reconsider your platform deployment. (At time of
+writing, reducing the duration is the most likely choice, but the inexorable
+progression of time takes us steadily towards an era where this will not
+be a sensible resolution).
+
A self-signed certificate made in this way is sufficient for testing, and
may be adequate for all your requirements if you are mainly interested in
encrypting transfers, and not in secure identification.
warning is generated. The &%control%& modifier affects the way an incoming
message is handled.
-The positioning of the modifiers in an ACL statement important, because the
+The positioning of the modifiers in an ACL statement is important, because the
processing of a verb ceases as soon as its outcome is known. Only those
modifiers that have already been encountered will take effect. For example,
consider this use of the &%message%& modifier:
.vitem &*delay*&&~=&~<&'time'&>
.cindex "&%delay%& ACL modifier"
.oindex "&%-bh%&"
-This modifier may appear in any ACL. It causes Exim to wait for the time
-interval before proceeding. However, when testing Exim using the &%-bh%&
-option, the delay is not actually imposed (an appropriate message is output
-instead). The time is given in the usual Exim notation, and the delay happens
-as soon as the modifier is processed. In an SMTP session, pending output is
-flushed before the delay is imposed.
+This modifier may appear in any ACL except notquit. It causes Exim to wait for
+the time interval before proceeding. However, when testing Exim using the
+&%-bh%& option, the delay is not actually imposed (an appropriate message is
+output instead). The time is given in the usual Exim notation, and the delay
+happens as soon as the modifier is processed. In an SMTP session, pending
+output is flushed before the delay is imposed.
Like &%control%&, &%delay%& can be used with &%accept%& or &%deny%&, for
example:
.section "ACL conditions" "SECTaclconditions"
.cindex "&ACL;" "conditions; list of"
-Some of conditions listed in this section are available only when Exim is
+Some of the conditions listed in this section are available only when Exim is
compiled with the content-scanning extension. They are included here briefly
for completeness. More detailed descriptions can be found in the discussion on
content scanning in chapter &<<CHAPexiscan>>&.
If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is
false because 127.0.0.1 matches.
.next
-If &`!==`& or &`!=&&`& is used, the condition is true there is at least one
+If &`!==`& or &`!=&&`& is used, the condition is true if there is at least one
looked up IP address that does not match. Consider:
.code
dnslists = a.b.c!=&0.0.0.1
&`*sender_verify_fail `& sender verification failures
&`*size_reject `& rejection because too big
&`*skip_delivery `& delivery skipped in a queue run
-&` smtp_confirmation `& SMTP confirmation on => lines
+&`*smtp_confirmation `& SMTP confirmation on => lines
&` smtp_connection `& SMTP connections
&` smtp_incomplete_transaction`& incomplete SMTP transactions
&` smtp_no_mail `& session with no MAIL commands
git://git.exim.org / exim.git / blobdiff