X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/564960ff88ddf58b15acad60e3d5d06d84293c6a..97c83a31f1269ac154408a571b9207c6f3552fc9:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 105e2fc5d..2b445e328 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -10663,16 +10663,28 @@ expansion items. This item inserts &"raw"& header lines. It is described with the &%header%& expansion item in section &<>& above. -.vitem "&*${run{*&<&'command'&>&*&~*&<&'args'&>&*}{*&<&'string1'&>&*}&&& +.vitem "&*${run <&'options'&> {*&<&'command&~arg&~list'&>&*}{*&<&'string1'&>&*}&&& {*&<&'string2'&>&*}}*&" .cindex "expansion" "running a command" .cindex "&%run%& expansion item" -The command and its arguments are first expanded as one string. The string is -split apart into individual arguments by spaces, and then the command is run +This item runs an external command, as a subprocess. +.new +One option is supported after the word &'run'&, comma-separated. + +If the option &'preexpand'& is not used, +the command string is split into individual arguments by spaces +and then each argument is expanded. +Then the command is run in a separate process, but under the same uid and gid. As in other command executions from Exim, a shell is not used by default. If the command requires a shell, you must explicitly code it. +The command name may not be tainted, but the remaining arguments can be. +If the option &'preexpand'& is used, +.wen +the command and its arguments are first expanded as one string. The result is +split apart into individual arguments by spaces, and then the command is run +as above. Since the arguments are split by spaces, when there is a variable expansion which has an empty result, it will cause the situation that the argument will simply be omitted when the program is actually executed by Exim. If the @@ -10683,6 +10695,9 @@ in a string containing quotes, because it would interfere with the quotes around the command arguments. A possible guard against this is to wrap the variable in the &%sg%& operator to change any quote marks to some other character. +.new +Neither the command nor any argument may be tainted. +.wen The standard input for the command exists, but is empty. The standard output and standard error are set to the same file descriptor. @@ -25493,12 +25508,43 @@ servers or different local IP addresses. For example, if you want the string that is used for &%helo_data%& to be obtained by a DNS lookup of the outgoing interface address, you could use this: .code -helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}\ +helo_data = ${lookup dnsdb{ptr=$sending_ip_address} \ + {${listextract{1}{<\n $value}}} \ {$primary_hostname}} .endd The use of &%helo_data%& applies both to sending messages and when doing callouts. +.new +.option host_name_extract smtp "string list&!!" "see below" +.cindex "load balancer" "hosts behind" +.cindex TLS resumption +Some mail-accepting sites +(notably Microsoft) +operate many servers behind a network load-balancer. When this is done, +with separated TLS session caches, TLS session resuption becomes problematic. +It will only succeed when the same server happens to be selected by the +load-balancer, matching the session stored in the client's cache. + +Exim can pull out a server name, if there is one, from the response to the +client's SMTP EHLO command. +The default value of this option: +.code + ${if and { {match {$host} {.outlook.com\$}} \ + {match {$item} {\N^250-([\w.]+)\s\N}} \ + } {$1}} +.endd +suffices for one known case. +During the expansion of this option the &$item$& variable will have the +server's EHLO response. +The result of the option expansion is included in the key used to store and +retrieve the TLS session, for sessino resumption. + +Operators of high-load sites may wish to evaluate their logs for indications +of other destination sites operating load-balancers, and develop a suitable +expression for this option. +.wen + .option hosts smtp "string list&!!" unset Hosts are associated with an address by a router such as &(dnslookup)&, which finds the hosts by looking up the address domain in the DNS, or by @@ -25566,7 +25612,10 @@ so combines well with TCP Fast Open. See also the &%pipelining_connect_advertise_hosts%& main option. Note: -When the facility is used, the transport &%helo_data%& option +.new +When the facility is used, if the transport &%interface%& option is unset +the &%helo_data%& option +.wen will be expanded before the &$sending_ip_address$& variable is filled in. A check is made for the use of that variable, without the @@ -29842,8 +29891,10 @@ nothing more to it. Choosing a sensible value not derived insecurely is the only point of caution. The &$tls_out_sni$& variable will be set to this string for the lifetime of the client connection (including during authentication). +.new If DANE validated the connection attempt then the value of the &%tls_sni%& option -is forced to the domain part of the recipient address. +is forced to the name of the destination host, after any MX- or CNAME-following. +.wen Except during SMTP client sessions, if &$tls_in_sni$& is set then it is a string received from a client. @@ -39903,8 +39954,9 @@ The entire contents of a database are written to the standard output by the &'exim_dumpdb'& program, .new taking as arguments the spool and database names. -An option &'-z'& may be given to regest times in UTC; +An option &'-z'& may be given to request times in UTC; otherwise times are in the local timezone. +An option &'-k'& may be given to dump only the record keys. .wen For example, to dump the retry database: .code