X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0cf7a94143a3ff40057ce90b0b23ece76046e188..dbbf21a75d225871cb7a44878ece42c5d79a1a2c:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index b2f9dccc0..aa3996505 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -2528,6 +2528,8 @@ use of Exim's filtering capabilities, you should make the document entitled If you are already running Exim on your host, building and installing a new version automatically makes it available to MUAs, or any other programs that call the MTA directly. However, if you are running an Exim daemon, you do need +.cindex restart "on HUP signal" +.cindex signal "HUP, to restart" to send it a HUP signal, to make it re-execute itself, and thereby pick up the new binary. You do not need to stop processing mail in order to install a new version of Exim. The install script does not modify an existing runtime @@ -2766,9 +2768,12 @@ used to specify a path on the command line if a pid file is required. The SIGHUP signal .cindex "SIGHUP" +.cindex restart "on HUP signal" +.cindex signal "HUP, to restart" .cindex "daemon" "restarting" .cindex signal "to reload configuration" .cindex daemon "reload configuration" +.cindex reload configuration can be used to cause the daemon to re-execute itself. This should be done whenever Exim's configuration file, or any file that is incorporated into it by means of the &%.include%& facility, is changed, and also whenever a new version @@ -9214,7 +9219,13 @@ dependent upon the option for which a value is sought; in this documentation, options for which string expansion is performed are marked with † after the data type. ACL rules always expand strings. A couple of expansion conditions do not expand some of the brace-delimited branches, for security -reasons. +reasons, +.new +.cindex "tainted data" expansion +.cindex expansion "tainted data" +and expansion of data deriving from the sender (&"tainted data"&) +is not permitted. +.wen @@ -12759,6 +12770,16 @@ or if not set, the value of &$qualify_domain$&. .cindex queues named The name of the spool queue in use; empty for the default queue. +.new +.vitem &$r_...$& +.vindex &$r_...$& +.cindex router variables +Values can be placed in these variables by the &%set%& option of a router. +They can be given any name that starts with &$r_$&. +The values persist for the address being handled through subsequent routers +and the eventual transport. +.wen + .vitem &$rcpt_count$& .vindex "&$rcpt_count$&" When a message is being received by SMTP, this variable contains the number of @@ -18078,6 +18099,10 @@ file = ${extract{mailbox}{$address_data}} This makes the configuration file less messy, and also reduces the number of lookups (though Exim does cache lookups). +.new +See also the &%set%& option below. +.wen + .vindex "&$sender_address_data$&" .vindex "&$address_data$&" The &%address_data%& facility is also useful as a means of passing information @@ -18859,11 +18884,24 @@ latter kind. This option controls whether the local part is used to form the key for retry hints for addresses that suffer temporary errors while being handled by this -router. The default value is true for any router that has &%check_local_user%& +.new +router. The default value is true for any router that has any of +&%check_local_user%&, +&%local_parts%&, +&%condition%&, +&%local_part_prefix%&, +&%local_part_suffix%&, +&%senders%& or +&%require_files%& +.wen set, and false otherwise. Note that this option does not apply to hints keys for transport delays; they are controlled by a generic transport option of the same name. +Failing to set this option when it is needed +(because a remote router handles only some of the local-parts for a domain) +can result in incorrect error messages being generated. + The setting of &%retry_use_local_part%& applies only to the router on which it appears. If the router generates child addresses, they are routed independently; this setting does not become attached to them. @@ -18992,6 +19030,32 @@ SMTP VRFY command is enabled, it must be used after MAIL if the sender address matters. +.new +.option set routers "string list" unset +.cindex router variables +This option may be used multiple times on a router; +because of this the list aspect is mostly irrelevant. +The list separator is a semicolon but can be changed in the +usual way. + +Each list-element given must be of the form $"name = value"$ +and the names used must start with the string &"r_"&. +Values containing a list-separator should have them doubled. +When a router runs, the strings are evaluated in order, +to create variables which are added to the set associated with +the address. +The variable is set with the expansion of the value. +The variables can be used by the router options +(not including any preconditions) +and by the transport. +Later definitions of a given named variable will override former ones. +Varible use is via the usual &$r_...$& syntax. + +This is similar to the &%address_data%& option, except that +many independent variables can be used, with choice of naming. +.wen + + .option translate_ip_address routers string&!! unset .cindex "IP address" "translating" .cindex "packet radio" @@ -28437,6 +28501,13 @@ transport provide the client with a certificate, which is passed to the server if it requests it. If the server is Exim, it will request a certificate only if &%tls_verify_hosts%& or &%tls_try_verify_hosts%& matches the client. +.new +Do not use a certificate which has the OCSP-must-staple extension, +for client use (they are usable for server use). +As TLS has no means for the client to staple before TLS 1.3 it will result +in failed connections. +.wen + If the &%tls_verify_certificates%& option is set on the &(smtp)& transport, it specifies a collection of expected server certificates. These may be @@ -39491,6 +39562,11 @@ was received from the client, this records the Distinguished Name from that certificate. .endlist +.new +Any of the above may have an extra hyphen prepended, to indicate the the +corresponding data is untrusted. +.wen + Following the options there is a list of those addresses to which the message is not to be delivered. This set of addresses is initialized from the command line when the &%-t%& option is used and &%extract_addresses_remove_arguments%& @@ -40260,7 +40336,11 @@ would relax host matching rules to a broader network range. .cindex SPF "lookup expansion" .cindex lookup spf A lookup expansion is also available. It takes an email -address as the key and an IP address as the database: +address as the key and an IP address +.new +(v4 or v6) +.wen +as the database: .code ${lookup {username@domain} spf {ip.ip.ip.ip}} @@ -40268,7 +40348,6 @@ address as the key and an IP address as the database: The lookup will return the same result strings as can appear in &$spf_result$& (pass,fail,softfail,neutral,none,err_perm,err_temp). -Currently, only IPv4 addresses are supported.