.vindex "&$config_file$&"
The name of the main configuration file Exim is using.
+.vitem &$dkim_verify_status$& &&&
+Results of DKIM verification.
+For details see chapter &<<CHAPdkim>>&.
+
.vitem &$dkim_cur_signer$& &&&
- &$dkim_verify_status$& &&&
&$dkim_verify_reason$& &&&
&$dkim_domain$& &&&
&$dkim_identity$& &&&
&%certextract%& expansion item, &%md5%&, &%sha1%& or &%sha256%& operator,
or a &%def%& condition.
+.new
+&*Note*&: Under current versions of OpenSSL, when a list of more than one
+file is used for &%tls_certificate%&, this variable is not reliable.
+.wen
+
.vitem &$tls_in_peercert$&
.vindex "&$tls_in_peercert$&"
This variable refers to the certificate presented by the peer of an
is not required the &%tls_advertise_hosts%& option should be set empty.
-.option tls_certificate main string&!! unset
+.option tls_certificate main string list&!! unset
.cindex "TLS" "server certificate; location of"
.cindex "certificate" "server, location of"
-The value of this option is expanded, and must then be the absolute path to a
-file which contains the server's certificates. The server's private key is also
+.new
+The value of this option is expanded, and must then be a list of absolute paths to
+files which contains the server's certificates. Commonly only one file is
+needed.
+.wen
+The server's private key is also
assumed to be in this file if &%tls_privatekey%& is unset. See chapter
&<<CHAPTLS>>& for further details.
use when sending messages as a client, you must set the &%tls_certificate%&
option in the relevant &(smtp)& transport.
+.new
+&*Note*&: If you use filenames based on IP addresses, change the list
+separator in the usual way to avoid confusion under IPv6.
+
+&*Note*&: Under current versions of OpenSSL, when a list of more than one
+file is used, the &$tls_in_ourcert$& veriable is unreliable.
+
+&*Note*&: OCSP stapling is not usable when a list of more than one file is used.
+.wen
+
If the option contains &$tls_out_sni$& and Exim is built against OpenSSL, then
if the OpenSSL build supports TLS extensions and the TLS client sends the
Server Name Indication extension, then this option and others documented in
Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
+.new
+For GnuTLS 3.5.6 or later the expanded value of this option can be a list
+of files, to match a list given for the &%tls_certificate%& option.
+The ordering of the two lists must match.
+.wen
+
.option tls_on_connect_ports main "string list" unset
.cindex SSMTP
-.option tls_privatekey main string&!! unset
+.option tls_privatekey main string list&!! unset
.cindex "TLS" "server private key; location of"
-The value of this option is expanded, and must then be the absolute path to a
-file which contains the server's private key. If this option is unset, or if
+.new
+The value of this option is expanded, and must then be a list of absolute paths to
+files which contains the server's private keys.
+.wen
+If this option is unset, or if
the expansion is forced to fail, or the result is an empty string, the private
key is assumed to be in the same file as the server's certificates. See chapter
&<<CHAPTLS>>& for further details.
(If an API is found to let OpenSSL be configured in this way,
let the Exim Maintainers know and we'll likely use it).
.next
+.new
+With GnuTLS, if an explicit list is used for the &%tls_privatekey%& main option
+main option, it must be ordered to match the &%tls_certificate%& list.
+.wen
+.next
Some other recently added features may only be available in one or the other.
This should be documented with the feature. If the documentation does not
explicitly state that the feature is infeasible in the other TLS
{HIGH:!MD5:!SHA1}}
.endd
+.new
+This example will prefer ECDSA-authenticated ciphers over RSA ones:
+.code
+tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT
+.endd
+.wen
.section "Requiring specific ciphers or other parameters in GnuTLS" &&&
Further protection requires some further configuration at the server end.
-It is rumoured that all existing clients that support TLS/SSL use RSA
-encryption. To make this work you need to set, in the server,
+To make TLS work you need to set, in the server,
.code
tls_certificate = /some/file/name
tls_privatekey = /some/file/name
certificates that need to be sent to the client to enable it to authenticate
the server's certificate.
+.new
+For dual-stack (eg. RSA and ECDSA) configurations, these options can be
+colon-separated lists of file paths. Ciphers using given authentication
+algorithms require the presence of a suitable certificate to supply the
+public-key. The server selects among the certificates to present to the
+client depending on the selected cipher, hence the priority ordering for
+ciphers will affect which certificate is used.
+.wen
+
If you do not understand about certificates and keys, please try to find a
source of this background information, which is not Exim-specific. (There are a
few comments below in section &<<SECTcerandall>>&.)
item creates a signed address, and the &%prvscheck%& expansion item checks one.
The syntax of these expansion items is described in section
&<<SECTexpansionitems>>&.
+The validity period on signed addresses is seven days.
As an example, suppose the secret per-address keys are stored in an MySQL
database. A query to look up the key for an address could be defined as a macro
If a domain or identity is listed several times in the (expanded) value of
&%dkim_verify_signers%&, the ACL is only called once for that domain or identity.
+.new
+If multiple signatures match a domain (or identity), the ACL is called once
+for each matching signature.
+.wen
+
Inside the &%acl_smtp_dkim%&, the following expansion variables are
available (from most to least important):
&%dkim_verify_signers%& (see above).
.vitem &%$dkim_verify_status%&
-A string describing the general status of the signature. One of
+Within the DKIM ACL,
+a string describing the general status of the signature. One of
.ilist
&%none%&: There is no signature in the message for the current domain or
identity (as reflected by &%$dkim_cur_signer%&).
&%pass%&: The signature passed verification. It is valid.
.endlist
+.new
+This variable can be overwritten using an ACL 'set' modifier.
+This might, for instance, be done to enforce a policy restriction on
+hash-method or key-size:
+.code
+ warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
+ condition = ${if eq {$dkim_verify_status}{pass}}
+ logwrite = NOTE: forcing dkim verify fail (was pass)
+ set dkim_verify_status = fail
+ set dkim_verify_reason = hash too weak
+.endd
+
+After all the DKIM ACL runs have completed, the value becomes a
+colon-separated list of the values after each run.
+.wen
+
.vitem &%$dkim_verify_reason%&
A string giving a little bit more detail when &%$dkim_verify_status%& is either
"fail" or "invalid". One of
DKIM verification. It may of course also mean that the signature is forged.
.endlist
+.new
+This variable can be overwritten using an ACL 'set' modifier.
+.wen
+
.vitem &%$dkim_domain%&
The signing domain. IMPORTANT: This variable is only populated if there is
an actual signature in the message for the current domain or identity (as