+
+. --- A macro for a "tainted" marker, done as a one-element table
+.macro tmark
+.itable none 0 0 1 10pt left
+.row &'Tainted'&
+.endtable
+.endmacro
+. --- A macro for a tainted variable, adding a taint-marker
+. --- and including the .vitem and .vindex
+.macro tvar
+.vitem $1
+.vindex $1
+.tmark
+.endmacro
+
. --- A macro that generates .row, but puts &I; at the start of the first
. --- argument, thus indenting it. Assume a minimum of two arguments, and
. --- allow up to four arguments, which is as many as we'll ever need.
. --- A macro that generates .row, but puts &I; at the start of the first
. --- argument, thus indenting it. Assume a minimum of two arguments, and
. --- allow up to four arguments, which is as many as we'll ever need.
a shell, you must explicitly code it.
The command name may not be tainted, but the remaining arguments can be.
a shell, you must explicitly code it.
The command name may not be tainted, but the remaining arguments can be.
If the option &'preexpand'& is used,
.wen
the command and its arguments are first expanded as one string. The result is
If the option &'preexpand'& is used,
.wen
the command and its arguments are first expanded as one string. The result is
.cindex "&%substr%& expansion item"
.cindex "substring extraction"
.cindex "expansion" "substring extraction"
The three strings are expanded; the first two must yield numbers. Call them
<&'n'&> and <&'m'&>. If you are using fixed values for these numbers, that is,
.cindex "&%substr%& expansion item"
.cindex "substring extraction"
.cindex "expansion" "substring extraction"
The three strings are expanded; the first two must yield numbers. Call them
<&'n'&> and <&'m'&>. If you are using fixed values for these numbers, that is,
.endd
The second number is optional (in both notations).
If it is absent in the simpler format, the preceding underscore must also be
.endd
The second number is optional (in both notations).
If it is absent in the simpler format, the preceding underscore must also be
This section contains an alphabetical list of all the expansion variables. Some
of them are available only when Exim is compiled with specific options such as
support for TLS or the content scanning extension.
This section contains an alphabetical list of all the expansion variables. Some
of them are available only when Exim is compiled with specific options such as
support for TLS or the content scanning extension.
+.new
+.cindex "tainted data"
+Variables marked as &'tainted'& are likely to carry data supplied by
+a potential attacker.
+Variables without such marking may also, depending on how their
+values are created.
+Such variables should not be further expanded,
+used as filenames
+or used as command-line arguments for external commands.
+.wen
precedes the expansion of the string. For example, the commands available in
Exim filter files include an &%if%& command with its own regular expression
matching condition.
precedes the expansion of the string. For example, the commands available in
Exim filter files include an &%if%& command with its own regular expression
matching condition.
.vitem "&$acl_arg1$&, &$acl_arg2$&, etc"
Within an acl condition, expansion condition or expansion item
.vitem "&$acl_arg1$&, &$acl_arg2$&, etc"
Within an acl condition, expansion condition or expansion item
.cindex "sender" "authenticated"
.cindex "authentication" "sender"
.cindex "AUTH" "on MAIL command"
.cindex "sender" "authenticated"
.cindex "authentication" "sender"
.cindex "AUTH" "on MAIL command"
When acting as a server, Exim takes note of the AUTH= parameter on an incoming
SMTP MAIL command if it believes the sender is sufficiently trusted, as
described in section &<<SECTauthparamail>>&. Unless the data is the string
When acting as a server, Exim takes note of the AUTH= parameter on an incoming
SMTP MAIL command if it believes the sender is sufficiently trusted, as
described in section &<<SECTauthparamail>>&. Unless the data is the string
looked up, the contents of any associated TXT record, and the value from the
main A record. See section &<<SECID204>>& for more details.
looked up, the contents of any associated TXT record, and the value from the
main A record. See section &<<SECID204>>& for more details.
When an address is being routed, or delivered on its own, this variable
contains the domain. Uppercase letters in the domain are converted into lower
case for &$domain$&.
When an address is being routed, or delivered on its own, this variable
contains the domain. Uppercase letters in the domain are converted into lower
case for &$domain$&.
This value may be overridden by the &%exim_version%& main config option.
.vitem &$header_$&<&'name'&>
This value may be overridden by the &%exim_version%& main config option.
.vitem &$header_$&<&'name'&>
This is not strictly an expansion variable. It is expansion syntax for
inserting the message header line with the given name. Note that the name must
be terminated by colon or white space, because it may contain a wide variety of
This is not strictly an expansion variable. It is expansion syntax for
inserting the message header line with the given name. Note that the name must
be terminated by colon or white space, because it may contain a wide variety of
.vitem &$host_lookup_deferred$&
.cindex "host name" "lookup, failure of"
.vindex "&$host_lookup_deferred$&"
.vitem &$host_lookup_deferred$&
.cindex "host name" "lookup, failure of"
.vindex "&$host_lookup_deferred$&"
is an integer. For example, if the load average is 0.21, the value of the
variable is 210. The value is recomputed every time the variable is referenced.
is an integer. For example, if the load average is 0.21, the value of the
variable is 210. The value is recomputed every time the variable is referenced.
When an address is being routed, or delivered on its own, this
variable contains the local part. When a number of addresses are being
delivered together (for example, multiple RCPT commands in an SMTP
When an address is being routed, or delivered on its own, this
variable contains the local part. When a number of addresses are being
delivered together (for example, multiple RCPT commands in an SMTP
.cindex "body of message" "expansion variable"
.cindex "message body" "in expansion"
.cindex "binary zero" "in message body"
.cindex "body of message" "expansion variable"
.cindex "message body" "in expansion"
.cindex "binary zero" "in message body"
.oindex "&%message_body_visible%&"
This variable contains the initial portion of a message's body while it is
being delivered, and is intended mainly for use in filter files. The maximum
.oindex "&%message_body_visible%&"
This variable contains the initial portion of a message's body while it is
being delivered, and is intended mainly for use in filter files. The maximum
this can be disabled by setting &%message_body_newlines%& to be true. Binary
zeros are always converted into spaces.
this can be disabled by setting &%message_body_newlines%& to be true. Binary
zeros are always converted into spaces.
This variable contains the final portion of a message's
body while it is being delivered. The format and maximum size are as for
&$message_body$&.
This variable contains the final portion of a message's
body while it is being delivered. The format and maximum size are as for
&$message_body$&.
This variable contains a concatenation of all the header lines when a message
is being processed, except for lines added by routers or transports. The header
lines are separated by newline characters. Their contents are decoded in the
same way as a header line that is inserted by &%bheader%&.
This variable contains a concatenation of all the header lines when a message
is being processed, except for lines added by routers or transports. The header
lines are separated by newline characters. Their contents are decoded in the
same way as a header line that is inserted by &%bheader%&.
This variable is like &$message_headers$& except that no processing of the
contents of header lines is done.
This variable is like &$message_headers$& except that no processing of the
contents of header lines is done.
These variables are counters that can be incremented by means
of the &%add%& command in filter files.
These variables are counters that can be incremented by means
of the &%add%& command in filter files.
When a top-level address is being processed for delivery, this contains the
same value as &$domain$&. However, if a &"child"& address (for example,
generated by an alias, forward, or filter file) is being processed, this
When a top-level address is being processed for delivery, this contains the
same value as &$domain$&. However, if a &"child"& address (for example,
generated by an alias, forward, or filter file) is being processed, this
filter, it is set up with an artificial &"parent"& address. This has the local
part &'system-filter'& and the default qualify domain.
filter, it is set up with an artificial &"parent"& address. This has the local
part &'system-filter'& and the default qualify domain.
When a top-level address is being processed for delivery, this contains the
same value as &$local_part$&, unless a prefix or suffix was removed from the
local part, because &$original_local_part$& always contains the full local
When a top-level address is being processed for delivery, this contains the
same value as &$local_part$&, unless a prefix or suffix was removed from the
local part, because &$original_local_part$& always contains the full local
This variable is similar to &$original_domain$& (see
above), except that it refers to the immediately preceding parent address.
This variable is similar to &$original_domain$& (see
above), except that it refers to the immediately preceding parent address.
This variable is similar to &$original_local_part$&
(see above), except that it refers to the immediately preceding parent address.
This variable is similar to &$original_local_part$&
(see above), except that it refers to the immediately preceding parent address.
(described under &%transport_filter%& in chapter &<<CHAPtransportgeneric>>&).
It cannot be used in general expansion strings, and provokes an &"unknown
variable"& error if encountered.
(described under &%transport_filter%& in chapter &<<CHAPtransportgeneric>>&).
It cannot be used in general expansion strings, and provokes an &"unknown
variable"& error if encountered.
If there is only a single recipient address in an incoming message, this
variable contains that address when the &'Received:'& header line is being
built. The value is copied after recipient rewriting has happened, but before
If there is only a single recipient address in an incoming message, this
variable contains that address when the &'Received:'& header line is being
built. The value is copied after recipient rewriting has happened, but before
The main use of this variable is expected to be to distinguish between
rejections of MAIL and rejections of RCPT.
The main use of this variable is expected to be to distinguish between
rejections of MAIL and rejections of RCPT.
This variable contains a list of envelope recipients for a message. A comma and
a space separate the addresses in the replacement text. However, the variable
is not generally available, to prevent exposure of Bcc recipients in
This variable contains a list of envelope recipients for a message. A comma and
a space separate the addresses in the replacement text. However, the variable
is not generally available, to prevent exposure of Bcc recipients in
When a &%regex%& or &%mime_regex%& ACL condition succeeds,
these variables contain the
captured substrings identified by the regular expression.
When a &%regex%& or &%mime_regex%& ACL condition succeeds,
these variables contain the
captured substrings identified by the regular expression.
When a message is being processed, this variable contains the contents of the
&'Reply-To:'& header line if one exists and it is not empty, or otherwise the
contents of the &'From:'& header line. Apart from the removal of leading
When a message is being processed, this variable contains the contents of the
&'Reply-To:'& header line if one exists and it is not empty, or otherwise the
contents of the &'From:'& header line. Apart from the removal of leading
happens, &$self_hostname$& is set to the name of the local host that the
original router encountered. In other circumstances its contents are null.
happens, &$self_hostname$& is set to the name of the local host that the
original router encountered. In other circumstances its contents are null.
When a message is being processed, this variable contains the sender's address
that was received in the message's envelope. The case of letters in the address
is retained, in both the local part and the domain. For bounce messages, the
When a message is being processed, this variable contains the sender's address
that was received in the message's envelope. The case of letters in the address
is retained, in both the local part and the domain. For bounce messages, the
after the end of the current ACL statement. If you want to preserve it for
longer, you can save it in an ACL variable.
after the end of the current ACL statement. If you want to preserve it for
longer, you can save it in an ACL variable.
When a message is received from a remote host that has issued a HELO or EHLO
command, the argument of that command is placed in this variable. It is also
set if HELO or EHLO is used when a message is received using SMTP locally via
When a message is received from a remote host that has issued a HELO or EHLO
command, the argument of that command is placed in this variable. It is also
set if HELO or EHLO is used when a message is received using SMTP locally via
When a message is received from a remote host, this variable contains the
host's name as obtained by looking up its IP address. For messages received by
other means, this variable is empty.
When a message is received from a remote host, this variable contains the
host's name as obtained by looking up its IP address. For messages received by
other means, this variable is empty.
&$smtp_active_hostname$& is saved with any message that is received, so its
value can be consulted during routing and delivery.
&$smtp_active_hostname$& is saved with any message that is received, so its
value can be consulted during routing and delivery.
During the processing of an incoming SMTP command, this variable contains the
entire command. This makes it possible to distinguish between HELO and EHLO in
the HELO ACL, and also to distinguish between commands such as these:
During the processing of an incoming SMTP command, this variable contains the
entire command. This makes it possible to distinguish between HELO and EHLO in
the HELO ACL, and also to distinguish between commands such as these:
rewriting, whereas the values in &$local_part$& and &$domain$& are taken from
the address after SMTP-time rewriting.
rewriting, whereas the values in &$local_part$& and &$domain$& are taken from
the address after SMTP-time rewriting.
While an ACL is running to check an SMTP command, this variable contains the
argument, that is, the text that follows the command name, with leading white
space removed. Following the introduction of &$smtp_command$&, this variable is
While an ACL is running to check an SMTP command, this variable contains the
argument, that is, the text that follows the command name, with leading white
space removed. Following the introduction of &$smtp_command$&, this variable is
The expansion variables &$host$& and &$host_address$& are available when the
transport is a remote one. They contain the name and IP address of the host to
which the message is being sent. For example:
The expansion variables &$host$& and &$host_address$& are available when the
transport is a remote one. They contain the name and IP address of the host to
which the message is being sent. For example:
the &%environment%& option can be used to add additional variables to this
environment. The environment for the &(pipe)& transport is not subject
to the &%add_environment%& and &%keep_environment%& main config options.
the &%environment%& option can be used to add additional variables to this
environment. The environment for the &(pipe)& transport is not subject
to the &%add_environment%& and &%keep_environment%& main config options.
.display
&`DOMAIN `& the domain of the address
&`HOME `& the home directory, if set
.display
&`DOMAIN `& the domain of the address
&`HOME `& the home directory, if set
Exim, and each argument is separately expanded, as described in section
&<<SECThowcommandrun>>& above.
Exim, and each argument is separately expanded, as described in section
&<<SECThowcommandrun>>& above.
.cindex "Cyrus"
The next example shows a transport and a router for a system where local
deliveries are handled by the Cyrus IMAP server.
.cindex "Cyrus"
The next example shows a transport and a router for a system where local
deliveries are handled by the Cyrus IMAP server.
transport = local_delivery_cyrus
.endd
Note the unsetting of &%message_prefix%& and &%message_suffix%&, and the use of
transport = local_delivery_cyrus
.endd
Note the unsetting of &%message_prefix%& and &%message_suffix%&, and the use of
-The parameters for the condition
-are an interval followed, slash-separated, by a list of options.
+The parameters for the condition are
+a possible minus sign,
+then an interval,
+then, slash-separated, a list of options.
The interval is taken as an offset before the current time,
and used for the test.
If the interval is preceded by a minus sign then the condition returns
The interval is taken as an offset before the current time,
and used for the test.
If the interval is preceded by a minus sign then the condition returns
If a &%write%& option is given then
a record create or update is always done.
An update is done if the test is for &"since"&.
If a &%write%& option is given then
a record create or update is always done.
An update is done if the test is for &"since"&.