X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/cee5f132d1b81d3b8738944036eb02af418b54be..1bc460a64a0de0766d21f4f8660c6597bc410cbc:/doc/doc-txt/experimental-spec.txt?ds=inline diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index 45e7d1ba1..4836a7d51 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -771,208 +771,6 @@ b. Configure, somewhere before the DATA ACL, the control option to -Event Actions --------------------------------------------------------------- - -(Renamed from TPDA, Transport post-delivery actions) - -An arbitrary per-transport string can be expanded upon various transport events. -Additionally a main-section configuration option can be expanded on some -per-message events. -This feature may be used, for example, to write exim internal log information -(not available otherwise) into a database. - -In order to use the feature, you must compile with - -EXPERIMENTAL_EVENT=yes - -in your Local/Makefile - -and define one or both of -- the event_action option in the transport -- the event_action main option -to be expanded when the event fires. - -A new variable, $event_name, is set to the event type when the -expansion is done. The current list of events is: - - msg:complete after main per message - msg:delivery after transport per recipient - msg:rcpt:host:defer after transport per recipient per host - msg:rcpt:defer after transport per recipient - msg:host:defer after transport per attempt - msg:fail:delivery after main per recipient - msg:fail:internal after main per recipient - tcp:connect before transport per connection - tcp:close after transport per connection - tls:cert before both per certificate in verification chain - smtp:connect after transport per connection - -The expansion is called for all event types, and should use the $event_name -variable to decide when to act. The value of the variable is a colon-separated -list, defining a position in the tree of possible events; it may be used as -a list or just matched on as a whole. There will be no whitespace. - -New event types may be added in the future. - - -There is an auxilary variable, $event_data, for which the -content is event_dependent: - - msg:delivery smtp confirmation mssage - msg:rcpt:host:defer error string - msg:rcpt:defer error string - msg:host:defer error string - tls:cert verification chain depth - smtp:connect smtp banner - -The :defer events populate one extra variable, $event_defer_errno. - -The following variables are likely to be useful depending on the event type: - - router_name, transport_name - local_part, domain - host, host_address, host_port - tls_out_peercert - lookup_dnssec_authenticated, tls_out_dane - sending_ip_address, sending_port - message_exim_id, verify_mode - - -An example might look like: - -event_action = ${if eq {msg:delivery}{$event_name} \ -{${lookup pgsql {SELECT * FROM record_Delivery( \ - '${quote_pgsql:$sender_address_domain}',\ - '${quote_pgsql:${lc:$sender_address_local_part}}', \ - '${quote_pgsql:$domain}', \ - '${quote_pgsql:${lc:$local_part}}', \ - '${quote_pgsql:$host_address}', \ - '${quote_pgsql:${lc:$host}}', \ - '${quote_pgsql:$message_exim_id}')}} \ -} {}} - -The string is expanded when each of the supported events occur -and any side-effects of the expansion will happen. - -Note that for complex operations an ACL expansion can be used, -however due to the multiple contexts the Exim operates in -a) variables set in events raised from transports will not - be visible outside that transport call. -b) acl_m variables in a server context are lost on a new connection, - and after helo/ehlo/mail/starttls/rset commands -Using an ACL expansion with the logwrite modifier can be a -useful way of writing to the main log. - - - -The expansion of the event_action option should normally -return an empty string. Should it return anything else the -following will be forced: - - msg:delivery (ignored) - msg:host:defer (ignored) - msg:fail:delivery (ignored) - tcp:connect do not connect - tcp:close (ignored) - tls:cert refuse verification - smtp:connect close connection - -No other use is made of the result string. - -If transport proxying is used, the remote IP/port during a -tcp:connect event will be that of the proxy. - - -Known issues: -- the tls:cert event is only called for the cert chain elements - received over the wire, with GnuTLS. OpenSSL gives the entire - chain including those loaded locally. - - -Redis Lookup --------------------------------------------------------------- - -Redis is open source advanced key-value data store. This document -does not explain the fundamentals, you should read and understand how -it works by visiting the website at http://www.redis.io/. - -Redis lookup support is added via the hiredis library. Visit: - - https://github.com/redis/hiredis - -to obtain a copy, or find it in your operating systems package repository. -If building from source, this description assumes that headers will be in -/usr/local/include, and that the libraries are in /usr/local/lib. - -1. In order to build exim with Redis lookup support add - -EXPERIMENTAL_REDIS=yes - -to your Local/Makefile. (Re-)build/install exim. exim -d should show -Experimental_Redis in the line "Support for:". - -EXPERIMENTAL_REDIS=yes -LDFLAGS += -lhiredis -# CFLAGS += -I/usr/local/include -# LDFLAGS += -L/usr/local/lib - -The first line sets the feature to include the correct code, and -the second line says to link the hiredis libraries into the -exim binary. The commented out lines should be uncommented if you -built hiredis from source and installed in the default location. -Adjust the paths if you installed them elsewhere, but you do not -need to uncomment them if an rpm (or you) installed them in the -package controlled locations (/usr/include and /usr/lib). - - -2. Use the following global settings to configure Redis lookup support: - -Required: -redis_servers This option provides a list of Redis servers - and associated connection data, to be used in - conjunction with redis lookups. The option is - only available if Exim is configured with Redis - support. - -For example: - -redis_servers = 127.0.0.1/10/ - using database 10 with no password -redis_servers = 127.0.0.1//password - to make use of the default database of 0 with a password -redis_servers = 127.0.0.1// - for default database of 0 with no password - -3. Once you have the Redis servers defined you can then make use of the -experimental Redis lookup by specifying ${lookup redis{}} in a lookup query. - -4. Example usage: - -(Host List) -hostlist relay_from_ips = <\n ${lookup redis{SMEMBERS relay_from_ips}} - -Where relay_from_ips is a Redis set which contains entries such as "192.168.0.0/24" "10.0.0.0/8" and so on. -The result set is returned as -192.168.0.0/24 -10.0.0.0/8 -.. -. - -(Domain list) -domainlist virtual_domains = ${lookup redis {HGET $domain domain}} - -Where $domain is a hash which includes the key 'domain' and the value '$domain'. - -(Adding or updating an existing key) -set acl_c_spammer = ${if eq{${lookup redis{SPAMMER_SET}}}{OK}} - -Where SPAMMER_SET is a macro and it is defined as - -"SET SPAMMER " - -(Getting a value from Redis) - -set acl_c_spam_host = ${lookup redis{GET...}} - - DANE ------------------------------------------------------------ DNS-based Authentication of Named Entities, as applied @@ -1125,102 +923,6 @@ $tls_out_tlsa_usage (detailed above). -INTERNATIONAL ------------------------------------------------------------- -SMTPUTF8 -Internationalised mail name handling. -RFCs 6530, 6533, 5890 - -Compile with EXPERIMENTAL_INTERNATIONAL and libidn. - -New main config option smtputf8_advertise_hosts, default '*', -a host list. If this matches the sending host and -accept_8bitmime is true (the default) then the ESMTP option -SMTPUTF8 will be advertised. - -If the sender specifies the SMTPUTF8 option on a MAIL command -international handling for the message is enabled and -the expansion variable $message_smtputf8 will have value TRUE. - -The option allow_utf8_domains is set to true for this -message. All DNS lookups are converted to a-label form -whatever the setting of allow_utf8_domains. - -Both localparts and domain are maintained as the original -utf8 form internally; any matching or regex use will -require appropriate care. Filenames created, eg. by -the appendfile transport, will have utf8 name. - -Helo names sent by the smtp transport will have any utf8 -components expanded to a-label form. - -Any certificate name checks will be done using the a-label -form of the name. - -Log lines and Received-by: header lines will aquire a "utf8" -prefix on the protocol element, eg. utf8esmtp. - -New expansion operators: - ${utf8_domain_to_alabel:str} - ${utf8_domain_from_alabel:str} - ${utf8_localpart_to_alabel:str} - ${utf8_localpart_from_alabel:str} - -New "control = utf8_downconvert" ACL modifier, -sets a flag requiring that addresses are converted to -a-label form before smtp delivery, for use in a -Message Submission Agent context. Can also be -phrased as "control = utf8_downconvert/1" and is -mandatory. The flag defaults to zero and can be cleared -by "control = utf8_downconvert/0". The value "-1" -may also be used, to use a-label for only if the -destination host does not support SMTPUTF8. - -If mua_wrapper is set, the utf8_downconvert control -defaults to -1 (convert if needed). - - -There is no explicit support for VRFY and EXPN. -Configurations supporting these should inspect -$smtp_command_argument for an SMTPUTF8 argument. - -There is no support for LMTP on Unix sockets. -Using the "lmtp" protocol option on an smtp transport, -for LMTP over TCP, should work as expected. - -Known issues: - - DSN unitext handling is not present - - no provision for converting logging from or to UTF-8 - ----- -IMAP folder names - -New expansion operator: - -${imapfolder {} {} {}} - -The string is converted from the charset specified by the headers charset -command (in a filter file) or headers_charset global option, to the -modified UTF-7 encoding specified by RFC 2060, with the following -exception: All occurences of (which has to be a single character) -are replaced with periods ("."), and all periods and slashes that aren't - and are not in the string are BASE64 encoded. - -The third argument can be omitted, defaulting to an empty string. -The second argument can be omitted, defaulting to "/". - -This is the encoding used by Courier for Maildir names on disk, and followed -by many other IMAP servers. - - Example 1: ${imapfolder {Foo/Bar}} yields "Foo.Bar". - Example 2: ${imapfolder {Foo/Bar}{.}{/}} yields "Foo&AC8-Bar". - Example 3: ${imapfolder {Räksmörgås}} yields "R&AOQ-ksm&APY-rg&AOU-s". - -Note that the source charset setting is vital, and also that characters -must be representable in UTF-16. - - - DSN extra information --------------------- If compiled with EXPERIMENTAL_DSN_INFO extra information will be added