. /////////////////////////////////////////////////////////////////////////////
-. This chunk of literal XML implements index entries of the form "x, see y" and
-. "x, see also y". However, the DocBook DTD doesn't allow <indexterm> entries
+. These implement index entries of the form "x, see y" and "x, see also y".
+. However, the DocBook DTD doesn't allow <indexterm> entries
. at the top level, so we have to put the .chapter directive first.
-
-. These do not turn up in the HTML output, unfortunately. The PDF does get them.
. /////////////////////////////////////////////////////////////////////////////
.chapter "Introduction" "CHID1"
-.literal xml
-<indexterm role="variable">
- <primary>$1, $2, etc.</primary>
- <see><emphasis>numerical variables</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>address</primary>
- <secondary>rewriting</secondary>
- <see><emphasis>rewriting</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>Bounce Address Tag Validation</primary>
- <see><emphasis>BATV</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>Client SMTP Authorization</primary>
- <see><emphasis>CSA</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>CR character</primary>
- <see><emphasis>carriage return</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>CRL</primary>
- <see><emphasis>certificate revocation list</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>delivery</primary>
- <secondary>failure report</secondary>
- <see><emphasis>bounce message</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>dialup</primary>
- <see><emphasis>intermittently connected hosts</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>exiscan</primary>
- <see><emphasis>content scanning</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>failover</primary>
- <see><emphasis>fallback</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>fallover</primary>
- <see><emphasis>fallback</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>filter</primary>
- <secondary>Sieve</secondary>
- <see><emphasis>Sieve filter</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>ident</primary>
- <see><emphasis>RFC 1413</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>LF character</primary>
- <see><emphasis>linefeed</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>maximum</primary>
- <seealso><emphasis>limit</emphasis></seealso>
-</indexterm>
-<indexterm role="concept">
- <primary>monitor</primary>
- <see><emphasis>Exim monitor</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>no_<emphasis>xxx</emphasis></primary>
- <see>entry for xxx</see>
-</indexterm>
-<indexterm role="concept">
- <primary>NUL</primary>
- <see><emphasis>binary zero</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>passwd file</primary>
- <see><emphasis>/etc/passwd</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>process id</primary>
- <see><emphasis>pid</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>RBL</primary>
- <see><emphasis>DNS list</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>redirection</primary>
- <see><emphasis>address redirection</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>return path</primary>
- <seealso><emphasis>envelope sender</emphasis></seealso>
-</indexterm>
-<indexterm role="concept">
- <primary>scanning</primary>
- <see><emphasis>content scanning</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>SSL</primary>
- <see><emphasis>TLS</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>string</primary>
- <secondary>expansion</secondary>
- <see><emphasis>expansion</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>top bit</primary>
- <see><emphasis>8-bit characters</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>variables</primary>
- <see><emphasis>expansion, variables</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>zero, binary</primary>
- <see><emphasis>binary zero</emphasis></see>
-</indexterm>
-<indexterm role="concept">
- <primary>headers</primary>
- <see><emphasis>header lines</emphasis></see>
+.macro seeother
+.literal xml
+<indexterm role="$2">
+ <primary>$3</primary>
+.arg 5
+ <secondary>$5</secondary>
+.endarg
+ <$1><emphasis>$4</emphasis></$1>
</indexterm>
-
.literal off
+.endmacro
+
+. NB: for the 4-arg variant the ordering is awkward
+.macro see
+.seeother see "$1" "$2" "$3" "$4"
+.endmacro
+.macro seealso
+.seeother seealso "$1" "$2" "$3" "$4"
+.endmacro
+
+.see variable "<emphasis>$1</emphasis>, <emphasis>$2</emphasis>, etc." "numerical variables"
+.see concept address rewriting rewriting
+.see concept "Bounce Address Tag Validation" BATV
+.see concept "Client SMTP Authorization" CSA
+.see concept "CR character" "carriage return"
+.see concept CRL "certificate revocation list"
+.seealso concept de-tainting "tainted data"
+.see concept delivery "bounce message" "failure report"
+.see concept dialup "intermittently connected hosts"
+.see concept exiscan "content scanning"
+.see concept fallover fallback
+.see concept filter "Sieve filter" Sieve
+.see concept headers "header lines"
+.see concept ident "RFC 1413"
+.see concept "LF character" "linefeed"
+.seealso concept maximum limit
+.see concept monitor "Exim monitor"
+.see concept "no_<emphasis>xxx</emphasis>" "entry for xxx"
+.see concept NUL "binary zero"
+.see concept "passwd file" "/etc/passwd"
+.see concept "process id" pid
+.see concept RBL "DNS list"
+.see concept redirection "address redirection"
+.see concept "return path" "envelope sender"
+.see concept scanning "content scanning"
+.see concept SSL TLS
+.see concept string expansion expansion
+.see concept "top bit" "8-bit characters"
+.see concept variables "expansion, variables"
+.see concept "zero, binary" "binary zero"
. /////////////////////////////////////////////////////////////////////////////
debugging, whereas &%-d-all+filter%& selects only filter debugging. Note that
no spaces are allowed in the debug setting. The available debugging categories
are:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 20* left 80* left
.irow acl "ACL interpretation"
.irow auth "authenticators"
.irow deliver "general delivery logic"
spaces. If a value contains spaces it must be enclosed in double quotes, and
when double quotes are used, backslash is interpreted in the usual way inside
them. The following names are recognized:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 20* left 80* left
.irow DEREFERENCE "set the dereferencing parameter"
.irow NETTIME "set a timeout for a network operation"
.irow USER "set the DN, for authenticating the LDAP bind"
.cindex "expansion" "numeric comparison"
There are a number of symbolic operators for doing numeric comparisons. They
are:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 10* left 90* left
.irow "= " "equal"
.irow "== " "equal"
.irow "> " "greater"
.cindex "domain" "ACL checking"
.cindex "&ACL;" "testing a recipient domain"
.vindex "&$domain_data$&"
-This condition is relevant only after a RCPT command. It checks that the domain
+This condition is relevant only in a RCPT ACL. It checks that the domain
of the recipient address is in the domain list. If percent-hack processing is
enabled, it is done before this test is done. If the check succeeds with a
lookup, the result of the lookup is placed in &$domain_data$& until the next
.cindex "local part" "ACL checking"
.cindex "&ACL;" "testing a local part"
.vindex "&$local_part_data$&"
-This condition is relevant only after a RCPT command. It checks that the local
+This condition is relevant only in a RCPT ACL. It checks that the local
part of the recipient address is in the list. If percent-hack processing is
enabled, it is done before this test. If the check succeeds with a lookup, the
result of the lookup is placed in &$local_part_data$&, which remains set until
.cindex "&%recipients%& ACL condition"
.cindex "recipient" "ACL checking"
.cindex "&ACL;" "testing a recipient"
-This condition is relevant only after a RCPT command. It checks the entire
+This condition is relevant only in a RCPT ACL. It checks the entire
recipient address against a list of recipients.
.vitem &*regex&~=&~*&<&'list&~of&~regular&~expressions'&>
any of the regular expressions. For details, see chapter &<<CHAPexiscan>>&.
.vitem &*seen&~=&~*&<&'parameters'&>
-.cindex "&%sseen%& ACL condition"
+.cindex "&%seen%& ACL condition"
This condition can be used to test if a situation has been previously met,
for example for greylisting.
Details are given in section &<<SECTseen>>&.
(which is the most common usage), because it prevents a DNS failure from
blocking mail. However, you can change this behaviour by putting one of the
following special items in the list:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 25* left 75* left
.irow "+include_unknown" "behave as if the item is on the list"
.irow "+exclude_unknown" "behave as if the item is not on the list (default)"
.irow "+defer_unknown " "give a temporary error"
just used the address 127.0.0.1 on the right hand side of each record, but the
RBL+ list and some other lists use a number of values with different meanings.
The values used on the RBL+ list are:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 20* left 80* left
.irow 127.1.0.1 "RBL"
.irow 127.1.0.2 "DUL"
.irow 127.1.0.3 "DUL and RBL"
.section "Previously seen user and hosts" "SECTseen"
-.cindex "&%sseen%& ACL condition"
+.cindex "&%een%& ACL condition"
.cindex greylisting
The &%seen%& ACL condition can be used to test whether a
situation has been previously met.
disabled by using a &%control%& modifier to set &%no_callout_flush%&.
.cindex "tainted data" "de-tainting"
-.cindex "de-tainting" "using receipient verify"
+.cindex "de-tainting" "using recipient verify"
A recipient callout which gets a 2&'xx'& code
will assign untainted values to the
&$domain_data$& and &$local_part_data$& variables,
.vitem &*int&~lss_match_domain(uschar&~*domain,&~uschar&~*list)*&
This function checks for a match in a domain list. Domains are always
matched caselessly. The return value is one of the following:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 15* left 85* left
.irow &`OK`& "match succeeded"
.irow &`FAIL`& "match failed"
.irow &`DEFER`& "match deferred"
successful, unsuccessful, and delayed delivery. These lines can readily be
picked out by the distinctive two-character flags that immediately follow the
timestamp. The flags are:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 10* left 90* left
.irow &%<=%& "message arrival"
.irow &%(=%& "message fakereject"
.irow &%=>%& "normal message delivery"
.endd
The list of optional log items is in the following table, with the default
selection marked by asterisks:
-.itable none 0 0 3 1pt left 10pt center 1pt left
+.itable none 0 0 3 2.8in left 10pt center 3in left
.irow &`8bitmime`& "received 8BITMIME status"
.irow &`acl_warn_skipped`& * "skipped &%warn%& statement in ACL"
.irow &`address_rewrite`& "address rewriting"
system configuration options that configure exactly how &'exiwhat'& works. If
it doesn't seem to be working for you, check the following compile-time
options:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 30* left 70* left
.irow &`EXIWHAT_PS_CMD`& "the command for running &'ps'&"
.irow &`EXIWHAT_PS_ARG`& "the argument for &'ps'&"
.irow &`EXIWHAT_EGREP_ARG`& "the argument for &'egrep'& to select from &'ps'& output"
right-hand side. These strings describe recommended action based
on the DMARC check. To understand what the policy recommendations
mean, refer to the DMARC website above. Valid strings are:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 20* left 80* left
.irow &'accept'& "The DMARC check passed and the library recommends accepting the email"
.irow &'reject'& "The DMARC check failed and the library recommends rejecting the email"
.irow &'quarantine'& "The DMARC check failed and the library recommends keeping it for further inspection"
The following expansion variables are usable
(&"internal"& and &"external"& here refer to the interfaces
of the proxy):
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 30* left 70* left
.irow $proxy_external_address "IP of host being proxied or IP of remote interface of proxy"
.irow $proxy_external_port "Port of host being proxied or Port on remote interface of proxy"
.irow $proxy_local_address "IP of proxy server inbound or IP of local interface of proxy"
Options are a string <name>=<value>.
The list of options is in the following table:
-.itable none 0 0 2 1pt left 1pt left
+.itable none 0 0 2 10* left 90* left
.irow &'auth'& "authentication method"
.irow &'name'& "authentication username"
.irow &'pass'& "authentication password"
but could be used for any message.
If a value is appended it may be:
-.itable none 0 0 2 1pt right 1pt left
+.itable none 0 0 2 5* right 95* left
.irow &`1`& "mandatory downconversion"
.irow &`0`& "no downconversion"
.irow &`-1`& "if SMTPUTF8 not supported by destination host"
expansion must check this, as it will be called for every possible event type.
The current list of events is:
-.itable all 0 0 4 1pt left 1pt center 1pt center 1pt left
-.irow dane:fail after transport "per connection"
-.irow msg:complete after main "per message"
-.irow msg:defer after transport "per message per delivery try"
-.irow msg:delivery after transport "per recipient"
-.irow msg:rcpt:host:defer after transport "per recipient per host"
-.irow msg:rcpt:defer after transport "per recipient"
-.irow msg:host:defer after transport "per host per delivery try; host errors"
-.irow msg:fail:delivery after transport "per recipient"
-.irow msg:fail:internal after main "per recipient"
-.irow tcp:connect before transport "per connection"
-.irow tcp:close after transport "per connection"
-.irow tls:cert before both "per certificate in verification chain"
-.irow tls:fail:connect after main "per connection"
-.irow smtp:connect after transport "per connection"
-.irow smtp:ehlo after transport "per connection"
+.itable all 0 0 4 25* left 10* center 15* center 50* left
+.row dane:fail after transport "per connection"
+.row msg:complete after main "per message"
+.row msg:defer after transport "per message per delivery try"
+.row msg:delivery after transport "per recipient"
+.row msg:rcpt:host:defer after transport "per recipient per host"
+.row msg:rcpt:defer after transport "per recipient"
+.row msg:host:defer after transport "per host per delivery try; host errors"
+.row msg:fail:delivery after transport "per recipient"
+.row msg:fail:internal after main "per recipient"
+.row tcp:connect before transport "per connection"
+.row tcp:close after transport "per connection"
+.row tls:cert before both "per certificate in verification chain"
+.row tls:fail:connect after main "per connection"
+.row smtp:connect after transport "per connection"
+.row smtp:ehlo after transport "per connection"
.endtable
New event types may be added in future.
An additional variable, &$event_data$&, is filled with information varying
with the event type:
-.itable all 0 0 2 1pt left 1pt left
-.irow dane:fail "failure reason"
-.irow msg:defer "error string"
-.irow msg:delivery "smtp confirmation message"
-.irow msg:fail:internal "failure reason"
-.irow msg:fail:delivery "smtp error message"
-.irow msg:host:defer "error string"
-.irow msg:rcpt:host:defer "error string"
-.irow msg:rcpt:defer "error string"
-.irow tls:cert "verification chain depth"
-.irow tls:fail:connect "error string"
-.irow smtp:connect "smtp banner"
-.irow smtp:ehlo "smtp ehlo response"
+.itable all 0 0 2 20* left 80* left
+.row dane:fail "failure reason"
+.row msg:defer "error string"
+.row msg:delivery "smtp confirmation message"
+.row msg:fail:internal "failure reason"
+.row msg:fail:delivery "smtp error message"
+.row msg:host:defer "error string"
+.row msg:rcpt:host:defer "error string"
+.row msg:rcpt:defer "error string"
+.row tls:cert "verification chain depth"
+.row tls:fail:connect "error string"
+.row smtp:connect "smtp banner"
+.row smtp:ehlo "smtp ehlo response"
.endtable
The :defer events populate one extra variable: &$event_defer_errno$&.
The expansion of the event_action option should normally
return an empty string. Should it return anything else the
following will be forced:
-.itable all 0 0 2 1pt left 1pt left
-.irow tcp:connect "do not connect"
-.irow tls:cert "refuse verification"
-.irow smtp:connect "close connection"
+.itable all 0 0 2 20* left 80* left
+.row tcp:connect "do not connect"
+.row tls:cert "refuse verification"
+.row smtp:connect "close connection"
.endtable
All other message types ignore the result string, and
no other use is made of it.
git://git.exim.org / exim.git / blobdiff