X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/e3e959c9f04cda38741f78725411f0a4f0bc970e..31d22c319b73be63a4919405e465781fbccc72f7:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index ba70f6438..6e8cf206e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -45,7 +45,7 @@ . Update the Copyright year (only) when changing content. . ///////////////////////////////////////////////////////////////////////////// -.set previousversion "4.95" +.set previousversion "4.96" .include ./local_params .set ACL "access control lists (ACLs)" @@ -98,20 +98,33 @@ .endmacro +. --- A macro for a plain variable, including the .vitem and .vindex +.macro var +.vitem $1 +.vindex $1 +.endmacro + . --- A macro for a "tainted" marker, done as a one-element table .macro tmark .itable none 0 0 1 10pt left .row &'Tainted'& .endtable .endmacro + . --- A macro for a tainted variable, adding a taint-marker -. --- and including the .vitem and .vindex .macro tvar -.vitem $1 -.vindex $1 +.var $1 .tmark .endmacro +. --- A macro for a cmdline option, including a .oindex +. --- 1st arg is the option name, undecorated (we do that here). +. --- 2nd arg, optional, text (decorated as needed) to be appended to the name +.macro cmdopt +.vitem &%$1%&$=2+&~$2+ +.oindex &%$1%& +.endmacro + . --- A macro that generates .row, but puts &I; at the start of the first . --- argument, thus indenting it. Assume a minimum of two arguments, and . --- allow up to four arguments, which is as many as we'll ever need. @@ -134,6 +147,8 @@ . --- style of entry, use .scindex for the start and .ecindex for the end. The . --- first argument of .scindex and the only argument of .ecindex must be the . --- ID that ties them together. +. --- The index entry points to the most-recent chapter head, section or subsection +. --- head, or list-item. .macro cindex && @@ -166,6 +181,9 @@ && .endmacro +. --- The index entry points to the most-recent chapter head, section or subsection +. --- head, or varlist item. + .macro vindex && &&$1&& @@ -214,142 +232,63 @@ . ///////////////////////////////////////////////////////////////////////////// -. This chunk of literal XML implements index entries of the form "x, see y" and -. "x, see also y". However, the DocBook DTD doesn't allow entries +. These implement index entries of the form "x, see y" and "x, see also y". +. However, the DocBook DTD doesn't allow entries . at the top level, so we have to put the .chapter directive first. - -. These do not turn up in the HTML output, unfortunately. The PDF does get them. . ///////////////////////////////////////////////////////////////////////////// .chapter "Introduction" "CHID1" -.literal xml - - $1, $2, etc. - numerical variables - - - address - rewriting - rewriting - - - Bounce Address Tag Validation - BATV - - - Client SMTP Authorization - CSA - - - CR character - carriage return - - - CRL - certificate revocation list - - - delivery - failure report - bounce message - - - dialup - intermittently connected hosts - - - exiscan - content scanning - - - failover - fallback - - - fallover - fallback - - - filter - Sieve - Sieve filter - - - ident - RFC 1413 - - - LF character - linefeed - - - maximum - limit - - - monitor - Exim monitor - - - no_xxx - entry for xxx - - - NUL - binary zero - - - passwd file - /etc/passwd - - - process id - pid - - - RBL - DNS list - - - redirection - address redirection - - - return path - envelope sender - - - scanning - content scanning - - - SSL - TLS - - - string - expansion - expansion - - - top bit - 8-bit characters - - - variables - expansion, variables - - - zero, binary - binary zero - - - headers - header lines +.macro seeother +.literal xml + + $3 +.arg 5 + $5 +.endarg + <$1>$4 - .literal off +.endmacro + +. NB: for the 4-arg variant the ordering is awkward +.macro see +.seeother see "$1" "$2" "$3" "$4" +.endmacro +.macro seealso +.seeother seealso "$1" "$2" "$3" "$4" +.endmacro + +.see variable "$1, $2, etc." "numerical variables" +.see concept address rewriting rewriting +.see concept "Bounce Address Tag Validation" BATV +.see concept "Client SMTP Authorization" CSA +.see concept "CR character" "carriage return" +.see concept CRL "certificate revocation list" +.seealso concept de-tainting "tainted data" +.see concept delivery "bounce message" "failure report" +.see concept dialup "intermittently connected hosts" +.see concept exiscan "content scanning" +.see concept fallover fallback +.see concept filter "Sieve filter" Sieve +.see concept headers "header lines" +.see concept ident "RFC 1413" +.see concept "LF character" "linefeed" +.seealso concept maximum limit +.see concept monitor "Exim monitor" +.see concept "no_xxx" "entry for xxx" +.see concept NUL "binary zero" +.see concept "passwd file" "/etc/passwd" +.see concept "process id" pid +.see concept RBL "DNS list" +.see concept redirection "address redirection" +.see concept "return path" "envelope sender" +.see concept scanning "content scanning" +.see concept SSL TLS +.see concept string expansion expansion +.see concept "top bit" "8-bit characters" +.see concept variables "expansion, variables" +.see concept "zero, binary" "binary zero" . ///////////////////////////////////////////////////////////////////////////// @@ -1393,7 +1332,7 @@ The preconditions that are tested for each router are listed below, in the order in which they are tested. The individual configuration options are described in more detail in chapter &<>&. -.ilist +.olist .cindex affix "router precondition" The &%local_part_prefix%& and &%local_part_suffix%& options can specify that the local parts handled by the router may or must have certain prefixes and/or @@ -1520,7 +1459,7 @@ example, &_.procmailrc_&). .cindex "delivery" "in detail" When a message is to be delivered, the sequence of events is as follows: -.ilist +.olist If a system-wide filter file is specified, the message is passed to it. The filter may add recipients to the message, replace the recipients, discard the message, cause a new message to be generated, or cause the message delivery to @@ -1631,7 +1570,7 @@ as permanent. -.section "Temporary delivery failure" "SECID20" +.subsection "Temporary delivery failure" SECID20 .cindex "delivery" "temporary failure" There are many reasons why a message may not be immediately deliverable to a particular address. Failure to connect to a remote machine (because it, or the @@ -1655,7 +1594,7 @@ one connection. -.section "Permanent delivery failure" "SECID21" +.subsection "Permanent delivery failure" SECID21 .cindex "delivery" "permanent failure" .cindex "bounce message" "when generated" When a message cannot be delivered to some or all of its intended recipients, a @@ -1683,7 +1622,7 @@ of the list. -.section "Failures to deliver bounce messages" "SECID22" +.subsection "Failures to deliver bounce messages" SECID22 .cindex "bounce message" "failure to deliver" If a bounce message (either locally generated or received from a remote host) itself suffers a permanent delivery failure, the message is left in the queue, @@ -1820,11 +1759,9 @@ the traditional &'ndbm'& interface. To complicate things further, there are several very different versions of the Berkeley DB package. Version 1.85 was stable for a very long time, releases 2.&'x'& and 3.&'x'& were current for a while, -.new but the latest versions when Exim last revamped support were numbered 5.&'x'&. Maintenance of some of the earlier releases has ceased, and Exim no longer supports versions before 3.&'x'&. -.wen All versions of Berkeley DB could be obtained from &url(http://www.sleepycat.com/), which is now a redirect to their new owner's page with far newer versions listed. @@ -1849,9 +1786,7 @@ USE_DB=yes .endd Similarly, for gdbm you set USE_GDBM, and for tdb you set USE_TDB. An error is diagnosed if you set more than one of these. -.new You can set USE_NDBM if needed to override an operating system default. -.wen At the lowest level, the build-time configuration sets none of these options, thereby assuming an interface of type (1). However, some operating system @@ -1868,9 +1803,7 @@ DBMLIB = -ldb DBMLIB = -ltdb DBMLIB = -lgdbm -lgdbm_compat .endd -.new The last of those was for a Linux having GDBM provide emulated NDBM facilities. -.wen Settings like that will work if the DBM library is installed in the standard place. Sometimes it is not, and the library's header file may also not be in the default path. You may need to set INCLUDE to specify where the header @@ -2802,21 +2735,18 @@ outputs a brief message about itself and exits. .vlist -.vitem &%--%& -.oindex "--" +.cmdopt "--" "--" .cindex "options" "command line; terminating" This is a pseudo-option whose only purpose is to terminate the options and therefore to cause subsequent command line items to be treated as arguments rather than options, even if they begin with hyphens. -.vitem &%--help%& -.oindex "&%--help%&" +.cmdopt --help This option causes Exim to output a few sentences stating what it is. The same output is generated if the Exim binary is called with no options and no arguments. -.vitem &%--version%& -.oindex "&%--version%&" +.cmdopt --version This option is an alias for &%-bV%& and causes version information to be displayed. @@ -2827,15 +2757,14 @@ displayed. These options are used by Sendmail for selecting configuration files and are ignored by Exim. -.vitem &%-B%&<&'type'&> +.cmdopt -B <&'type'&> .oindex "&%-B%&" .cindex "8-bit characters" .cindex "Sendmail compatibility" "8-bit characters" This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit clean; it ignores this option. -.vitem &%-bd%& -.oindex "&%-bd%&" +.cmdopt -bd .cindex "daemon" .cindex "SMTP" "listener" .cindex "queue runner" @@ -2881,13 +2810,11 @@ of Exim is installed. It is not necessary to do this when other files that are referenced from the configuration (for example, alias files) are changed, because these are reread each time they are used. -.vitem &%-bdf%& -.oindex "&%-bdf%&" +.cmdopt -bdf This option has the same effect as &%-bd%& except that it never disconnects from the controlling terminal, even when no debugging is specified. -.vitem &%-be%& -.oindex "&%-be%&" +.cmdopt -be .cindex "testing" "string expansion" .cindex "expansion" "testing" Run Exim in expansion testing mode. Exim discards its root privilege, to @@ -2919,8 +2846,13 @@ defined and macros will be expanded. Because macros in the config file are often used for secrets, those are only available to admin users. -.vitem &%-bem%&&~<&'filename'&> -.oindex "&%-bem%&" +.new +The word &"set"& at the start of a line, followed by a single space, +is recognised specially as defining a value for a variable. +The syntax is otherwise the same as the ACL modifier &"set ="&. +.wen + +.cmdopt -bem <&'filename'&> .cindex "testing" "string expansion" .cindex "expansion" "testing" This option operates like &%-be%& except that it must be followed by the name @@ -2937,16 +2869,14 @@ recipients are read from the headers in the normal way, and are shown in the line, because further arguments are taken as strings to expand (just like &%-be%&). -.vitem &%-bF%&&~<&'filename'&> -.oindex "&%-bF%&" +.cmdopt -bF <&'filename'&> .cindex "system filter" "testing" .cindex "testing" "system filter" This option is the same as &%-bf%& except that it assumes that the filter being tested is a system filter. The additional commands that are available only in system filters are recognized. -.vitem &%-bf%&&~<&'filename'&> -.oindex "&%-bf%&" +.cmdopt -bf <&'filename'&> .cindex "filter" "testing" .cindex "testing" "filter file" .cindex "forward file" "testing" @@ -2992,37 +2922,32 @@ that would normally be taken from the envelope recipient address of the message can be set by means of additional command line options (see the next four options). -.vitem &%-bfd%&&~<&'domain'&> -.oindex "&%-bfd%&" +.cmdopt -bfd <&'domain'&> .vindex "&$qualify_domain$&" This sets the domain of the recipient address when a filter file is being tested by means of the &%-bf%& option. The default is the value of &$qualify_domain$&. -.vitem &%-bfl%&&~<&'local&~part'&> -.oindex "&%-bfl%&" +.cmdopt -bfl <&'local&~part'&> This sets the local part of the recipient address when a filter file is being tested by means of the &%-bf%& option. The default is the username of the process that calls Exim. A local part should be specified with any prefix or suffix stripped, because that is how it appears to the filter when a message is actually being delivered. -.vitem &%-bfp%&&~<&'prefix'&> -.oindex "&%-bfp%&" +.cmdopt -bfp <&'prefix'&> .cindex affix "filter testing" This sets the prefix of the local part of the recipient address when a filter file is being tested by means of the &%-bf%& option. The default is an empty prefix. -.vitem &%-bfs%&&~<&'suffix'&> -.oindex "&%-bfs%&" +.cmdopt -bfs <&'suffix'&> .cindex affix "filter testing" This sets the suffix of the local part of the recipient address when a filter file is being tested by means of the &%-bf%& option. The default is an empty suffix. -.vitem &%-bh%&&~<&'IP&~address'&> -.oindex "&%-bh%&" +.cmdopt -bh <&'IP&~address'&> .cindex "testing" "incoming SMTP" .cindex "SMTP" "testing incoming" .cindex "testing" "relay control" @@ -3074,14 +2999,12 @@ plain text, cannot easily be tested with &%-bh%&. Instead, you should use a specialized SMTP test program such as &url(https://www.jetmore.org/john/code/swaks/,swaks). -.vitem &%-bhc%&&~<&'IP&~address'&> -.oindex "&%-bhc%&" +.cmdopt -bhc <&'IP&~address'&> This option operates in the same way as &%-bh%&, except that address verification callouts are performed if required. This includes consulting and updating the callout cache database. -.vitem &%-bi%& -.oindex "&%-bi%&" +.cmdopt -bi .cindex "alias file" "building" .cindex "building alias file" .cindex "Sendmail compatibility" "&%-bi%& option" @@ -3100,8 +3023,7 @@ if this is required. If the &%bi_command%& option is not set, calling Exim with &%-bi%& is a no-op. . // Keep :help first, then the rest in alphabetical order -.vitem &%-bI:help%& -.oindex "&%-bI:help%&" +.cmdopt -bI:help .cindex "querying exim information" We shall provide various options starting &`-bI:`& for querying Exim for information. The output of many of these will be intended for machine @@ -3109,14 +3031,12 @@ consumption. This one is not. The &%-bI:help%& option asks Exim for a synopsis of supported options beginning &`-bI:`&. Use of any of these options shall cause Exim to exit after producing the requested output. -.vitem &%-bI:dscp%& -.oindex "&%-bI:dscp%&" +.cmdopt -bI:dscp .cindex "DSCP" "values" This option causes Exim to emit an alphabetically sorted list of all recognised DSCP names. -.vitem &%-bI:sieve%& -.oindex "&%-bI:sieve%&" +.cmdopt -bI:sieve .cindex "Sieve filter" "capabilities" This option causes Exim to emit an alphabetically sorted list of all supported Sieve protocol extensions on stdout, one per line. This is anticipated to be @@ -3125,8 +3045,7 @@ useful for ManageSieve (RFC 5804) implementations, in providing that protocol's compile-time build options, which this option will adapt to, this is the only way to guarantee a correct response. -.vitem &%-bm%& -.oindex "&%-bm%&" +.cmdopt -bm .cindex "local message reception" This option runs an Exim receiving process that accepts an incoming, locally-generated message on the standard input. The recipients are given as the @@ -3171,8 +3090,7 @@ The specified sender is treated as if it were given as the argument to the preference to the address taken from the message. The caller of Exim must be a trusted user for the sender of a message to be set in this way. -.vitem &%-bmalware%&&~<&'filename'&> -.oindex "&%-bmalware%&" +.cmdopt -bmalware <&'filename'&> .cindex "testing", "malware" .cindex "malware scan test" This debugging option causes Exim to scan the given file or directory @@ -3192,8 +3110,7 @@ The &%-bmalware%& option will not be extended to be more generally useful, there are better tools for file-scanning. This option exists to help administrators verify their Exim and AV scanner configuration. -.vitem &%-bnq%& -.oindex "&%-bnq%&" +.cmdopt -bnq .cindex "address qualification, suppressing" By default, Exim automatically qualifies unqualified addresses (those without domains) that appear in messages that are submitted locally (that @@ -3214,8 +3131,7 @@ addresses in the envelope provoke errors (causing message rejection) and unqualified addresses in header lines are left alone. -.vitem &%-bP%& -.oindex "&%-bP%&" +.cmdopt -bP .cindex "configuration options" "extracting" .cindex "options" "configuration &-- extracting" If this option is given with no arguments, it causes the values of all Exim's @@ -3291,8 +3207,7 @@ The output format is one item per line. For the "-bP macro " form, if no such macro is found the exit status will be nonzero. -.vitem &%-bp%& -.oindex "&%-bp%&" +.cmdopt -bp .cindex "queue" "listing messages in" .cindex "listing" "messages in the queue" This option requests a listing of the contents of the mail queue on the @@ -3329,48 +3244,41 @@ displayed with a D only when deliveries for all of its child addresses are complete. -.vitem &%-bpa%& -.oindex "&%-bpa%&" +.cmdopt -bpa This option operates like &%-bp%&, but in addition it shows delivered addresses that were generated from the original top level address(es) in each message by alias or forwarding operations. These addresses are flagged with &"+D"& instead of just &"D"&. -.vitem &%-bpc%& -.oindex "&%-bpc%&" +.cmdopt -bpc .cindex "queue" "count of messages on" This option counts the number of messages in the queue, and writes the total to the standard output. It is restricted to admin users, unless &%queue_list_requires_admin%& is set false. -.vitem &%-bpr%& -.oindex "&%-bpr%&" +.cmdopt -bpr This option operates like &%-bp%&, but the output is not sorted into chronological order of message arrival. This can speed it up when there are lots of messages in the queue, and is particularly useful if the output is going to be post-processed in a way that doesn't need the sorting. -.vitem &%-bpra%& -.oindex "&%-bpra%&" +.cmdopt -bpra This option is a combination of &%-bpr%& and &%-bpa%&. -.vitem &%-bpru%& -.oindex "&%-bpru%&" +.cmdopt -bpru This option is a combination of &%-bpr%& and &%-bpu%&. -.vitem &%-bpu%& -.oindex "&%-bpu%&" +.cmdopt -bpu This option operates like &%-bp%& but shows only undelivered top-level addresses for each message displayed. Addresses generated by aliasing or forwarding are not shown, unless the message was deferred after processing by a router with the &%one_time%& option set. -.vitem &%-brt%& -.oindex "&%-brt%&" +.cmdopt -brt .cindex "testing" "retry configuration" .cindex "retry" "configuration testing" This option is for testing retry rules, and it must be followed by up to three @@ -3394,8 +3302,7 @@ exim -brt haydn.comp.mus.example quota_3d Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m .endd -.vitem &%-brw%& -.oindex "&%-brw%&" +.cmdopt -brw .cindex "testing" "rewriting" .cindex "rewriting" "testing" This option is for testing address rewriting rules, and it must be followed by @@ -3404,8 +3311,7 @@ complete address with a fully qualified domain. Exim outputs how this address would be rewritten for each possible place it might appear. See chapter &<>& for further details. -.vitem &%-bS%& -.oindex "&%-bS%&" +.cmdopt -bS .cindex "SMTP" "batched incoming" .cindex "batched SMTP input" This option is used for batched SMTP input, which is an alternative interface @@ -3438,8 +3344,7 @@ was detected; otherwise it is 2. More details of input using batched SMTP are given in section &<>&. -.vitem &%-bs%& -.oindex "&%-bs%&" +.cmdopt -bs .cindex "SMTP" "local input" .cindex "local SMTP input" This option causes Exim to accept one or more messages by reading SMTP commands @@ -3467,8 +3372,7 @@ above concerning senders and qualification do not apply. In this situation, Exim behaves in exactly the same way as it does when receiving a message via the listening daemon. -.vitem &%-bt%& -.oindex "&%-bt%&" +.cmdopt -bt .cindex "testing" "addresses" .cindex "address" "testing" This option runs Exim in address testing mode, in which each argument is taken @@ -3513,8 +3417,7 @@ whose behaviour depends on the contents of an incoming message, you cannot test those conditions using &%-bt%&. The &%-N%& option provides a possible way of doing such tests. -.vitem &%-bV%& -.oindex "&%-bV%&" +.cmdopt -bV .cindex "version number of Exim" This option causes Exim to write the current version number, compilation number, and compilation date of the &'exim'& binary to the standard output. @@ -3530,8 +3433,7 @@ alone to discover (for example) all the typos in the configuration; some realistic testing is needed. The &%-bh%& and &%-N%& options provide more dynamic testing facilities. -.vitem &%-bv%& -.oindex "&%-bv%&" +.cmdopt -bv .cindex "verifying address" "using &%-bv%&" .cindex "address" "verification" This option runs Exim in address verification mode, in which each argument is @@ -3581,14 +3483,12 @@ address of a message, you should use the &%-f%& option to set an appropriate sender when running &%-bv%& tests. Without it, the sender is assumed to be the calling user at the default qualifying domain. -.vitem &%-bvs%& -.oindex "&%-bvs%&" +.cmdopt -bvs This option acts like &%-bv%&, but verifies the address as a sender rather than a recipient address. This affects any rewriting and qualification that might happen. -.vitem &%-bw%& -.oindex "&%-bw%&" +.cmdopt -bw .cindex "daemon" .cindex "inetd" .cindex "inetd" "wait mode" @@ -3604,8 +3504,7 @@ each port only when the first connection is received. If the option is given as &%-bw%&<&'time'&> then the time is a timeout, after which the daemon will exit, which should cause inetd to listen once more. -.vitem &%-C%&&~<&'filelist'&> -.oindex "&%-C%&" +.cmdopt -C <&'filelist'&> .cindex "configuration file" "alternate" .cindex "CONFIGURE_FILE" .cindex "alternate configuration file" @@ -3708,7 +3607,7 @@ of debugging data, respectively. For example, &%-d+filter%& adds filter debugging, whereas &%-d-all+filter%& selects only filter debugging. Note that no spaces are allowed in the debug setting. The available debugging categories are: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 20* left 80* left .irow acl "ACL interpretation" .irow auth "authenticators" .irow deliver "general delivery logic" @@ -3785,14 +3684,12 @@ starts a daemon process. In that case, debugging is turned off for the subprocesses that the daemon creates. Thus, it is useful for monitoring the behaviour of the daemon without creating as much output as full debugging does. -.vitem &%-dropcr%& -.oindex "&%-dropcr%&" +.cmdopt -dropcr This is an obsolete option that is now a no-op. It used to affect the way Exim handled CR and LF characters in incoming messages. What happens now is described in section &<>&. -.vitem &%-E%& -.oindex "&%-E%&" +.cmdopt -E .cindex "bounce message" "generating" This option specifies that an incoming message is a locally-generated delivery failure report. It is used internally by Exim when handling delivery failures @@ -3809,8 +3706,7 @@ called by various programs without the leading &%o%& in the option. For example, the &%vacation%& program uses &%-eq%&. Exim treats all options of the form &%-e%&&'x'& as synonymous with the corresponding &%-oe%&&'x'& options. -.vitem &%-F%&&~<&'string'&> -.oindex "&%-F%&" +.cmdopt -F <&'string'&> .cindex "sender" "name" .cindex "name" "of sender" This option sets the sender's full name for use when a locally-generated @@ -3819,8 +3715,7 @@ entry from the password data is used. As users are generally permitted to alter their &'gecos'& entries, no security considerations are involved. White space between &%-F%& and the <&'string'&> is optional. -.vitem &%-f%&&~<&'address'&> -.oindex "&%-f%&" +.cmdopt -f <&'address'&> .cindex "sender" "address" .cindex "address" "sender" .cindex "trusted users" @@ -3864,8 +3759,7 @@ locally-generated message can also be set (when permitted) by an initial &"From&~"& line in the message &-- see the description of &%-bm%& above &-- but if &%-f%& is also present, it overrides &"From&~"&. -.vitem &%-G%& -.oindex "&%-G%&" +.cmdopt -G .cindex "submission fixups, suppressing (command-line)" This option is equivalent to an ACL applying: .code @@ -3878,15 +3772,13 @@ in future. As this affects audit information, the caller must be a trusted user to use this option. -.vitem &%-h%&&~<&'number'&> -.oindex "&%-h%&" +.cmdopt -h <&'number'&> .cindex "Sendmail compatibility" "&%-h%& option ignored" This option is accepted for compatibility with Sendmail, but has no effect. (In Sendmail it overrides the &"hop count"& obtained by counting &'Received:'& headers.) -.vitem &%-i%& -.oindex "&%-i%&" +.cmdopt -i .cindex "Solaris" "&'mail'& command" .cindex "dot" "in incoming non-SMTP message" This option, which has the same effect as &%-oi%&, specifies that a dot on a @@ -3896,8 +3788,7 @@ Solaris 2.4 (SunOS 5.4) Sendmail has a similar &%-i%& processing option p. 1M-529), and therefore a &%-oi%& command line option, which both are used by its &'mailx'& command. -.vitem &%-L%&&~<&'tag'&> -.oindex "&%-L%&" +.cmdopt -L <&'tag'&> .cindex "syslog" "process name; set with flag" This option is equivalent to setting &%syslog_processname%& in the config file and setting &%log_file_path%& to &`syslog`&. @@ -3907,8 +3798,7 @@ effect, so early configuration file errors will not honour this flag. The tag should not be longer than 32 characters. -.vitem &%-M%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-M%&" +.cmdopt -M <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "forcing delivery" .cindex "delivery" "forcing attempt" .cindex "frozen messages" "forcing delivery" @@ -3930,8 +3820,7 @@ not terminate until all the delivery attempts have finished. No output is produced unless there is a serious error. If you want to see what is happening, use the &%-v%& option as well, or inspect Exim's main log. -.vitem &%-Mar%&&~<&'message&~id'&>&~<&'address'&>&~<&'address'&>&~... -.oindex "&%-Mar%&" +.cmdopt -Mar <&'message&~id'&>&~<&'address'&>&~<&'address'&>&~... .cindex "message" "adding recipients" .cindex "recipient" "adding" This option requests Exim to add the addresses to the list of recipients of the @@ -3954,59 +3843,50 @@ an existing SMTP connection, which is passed as the standard input. Details are given in chapter &<>&. This must be the final option, and the caller must be root or the Exim user in order to use it. -.vitem &%-MCA%& -.oindex "&%-MCA%&" +.cmdopt -MCA This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the connection to the remote host has been authenticated. -.vitem &%-MCD%& -.oindex "&%-MCD%&" +.cmdopt -MCD This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the remote host supports the ESMTP &_DSN_& extension. -.vitem &%-MCd%& -.oindex "&%-MCd%&" +.cmdopt -MCd This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-d%& option to pass on an information string on the purpose of the process. -.vitem &%-MCG%&&~<&'queue&~name'&> -.oindex "&%-MCG%&" +.cmdopt -MCG <&'queue&~name'&> This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that an alternate queue is used, named by the following argument. -.vitem &%-MCK%& -.oindex "&%-MCK%&" +.cmdopt -MCK This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that a remote host supports the ESMTP &_CHUNKING_& extension. -.vitem &%-MCL%& -.oindex "&%-MCL%&" +.cmdopt -MCL This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the server to which Exim is connected advertised limits on numbers of mails, recipients or recipient domains. The limits are given by the following three arguments. -.vitem &%-MCP%& -.oindex "&%-MCP%&" +.cmdopt -MCP This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the server to which Exim is connected supports pipelining. -.vitem &%-MCp%& -.oindex "&%-MCp%&" +.cmdopt -MCp This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the connection t a remote server is via a SOCKS proxy, using addresses and ports given by the following four arguments. -.vitem &%-MCQ%&&~<&'process&~id'&>&~<&'pipe&~fd'&> -.oindex "&%-MCQ%&" +.cmdopt -MCQ <&'process&~id'&>&~<&'pipe&~fd'&> This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option when the original delivery was started by a queue runner. It passes on the process id of the queue runner, @@ -4014,20 +3894,17 @@ together with the file descriptor number of an open pipe. Closure of the pipe signals the final completion of the sequence of processes that are passing messages through the same SMTP connection. -.vitem &%-MCq%&&~<&'recipient&~address'&>&~<&'size'&> -.oindex "&%-MCq%&" +.cmdopt -MCq <&'recipient&~address'&>&~<&'size'&> This option is not intended for use by external callers. It is used internally by Exim to implement quota checking for local users. -.vitem &%-MCS%& -.oindex "&%-MCS%&" +.cmdopt -MCS This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option, and passes on the fact that the ESMTP SIZE option should be used on messages delivered down the existing connection. -.vitem &%-MCT%& -.oindex "&%-MCT%&" +.cmdopt -MCT This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option, and passes on the fact that the host to which Exim is connected supports TLS encryption. @@ -4042,15 +3919,13 @@ a TLS Server Name Indication was sent as part of the channel establishment. The argument gives the SNI string. The "r" variant indicates a DANE-verified connection. -.vitem &%-MCt%&&~<&'IP&~address'&>&~<&'port'&>&~<&'cipher'&> -.oindex "&%-MCt%&" +.cmdopt -MCt <&'IP&~address'&>&~<&'port'&>&~<&'cipher'&> This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option, and passes on the fact that the connection is being proxied by a parent process for handling TLS encryption. The arguments give the local address and port being proxied, and the TLS cipher. -.vitem &%-Mc%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mc%&" +.cmdopt -Mc <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "hints database" "not overridden by &%-Mc%&" .cindex "delivery" "manually started &-- not forced" This option requests Exim to run a delivery attempt on each message, in turn, @@ -4065,8 +3940,7 @@ If you want to run a specific delivery as if in a queue run, you should use &%-q%& with a message id argument. A distinction between queue run deliveries and other deliveries is made in one or two places. -.vitem &%-Mes%&&~<&'message&~id'&>&~<&'address'&> -.oindex "&%-Mes%&" +.cmdopt -Mes <&'message&~id'&>&~<&'address'&> .cindex "message" "changing sender" .cindex "sender" "changing" This option requests Exim to change the sender address in the message to the @@ -4076,8 +3950,7 @@ be a message id, and the second one an email address. However, if the message is active (in the middle of a delivery attempt), its status is not altered. This option can be used only by an admin user. -.vitem &%-Mf%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mf%&" +.cmdopt -Mf <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "freezing messages" .cindex "message" "manually freezing" This option requests Exim to mark each listed message as &"frozen"&. This @@ -4087,8 +3960,7 @@ However, if any of the messages are active (in the middle of a delivery attempt), their status is not altered. This option can be used only by an admin user. -.vitem &%-Mg%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mg%&" +.cmdopt -Mg <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "giving up on messages" .cindex "message" "abandoning delivery attempts" .cindex "delivery" "abandoning further attempts" @@ -4099,8 +3971,7 @@ is sent to the sender, containing the text &"cancelled by administrator"&. Bounce messages are just discarded. This option can be used only by an admin user. -.vitem &%-MG%&&~<&'queue&~name'&>&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-MG%&" +.cmdopt -MG <&'queue&~name'&>&~<&'message&~id'&>&~<&'message&~id'&>&~... .cindex queue named .cindex "named queues" "moving messages" .cindex "queue" "moving messages" @@ -4111,16 +3982,14 @@ string to define the default queue. If the messages are not currently located in the default queue, a &%-qG%& option will be required to define the source queue. -.vitem &%-Mmad%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mmad%&" +.cmdopt -Mmad <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "delivery" "cancelling all" This option requests Exim to mark all the recipient addresses in the messages as already delivered (&"mad"& for &"mark all delivered"&). However, if any message is active (in the middle of a delivery attempt), its status is not altered. This option can be used only by an admin user. -.vitem &%-Mmd%&&~<&'message&~id'&>&~<&'address'&>&~<&'address'&>&~... -.oindex "&%-Mmd%&" +.cmdopt -Mmd <&'message&~id'&>&~<&'address'&>&~<&'address'&>&~... .cindex "delivery" "cancelling by address" .cindex "recipient" "removing" .cindex "removing recipients" @@ -4131,8 +4000,7 @@ addresses in the message in a case-sensitive manner. If the message is active (in the middle of a delivery attempt), its status is not altered. This option can be used only by an admin user. -.vitem &%-Mrm%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mrm%&" +.cmdopt -Mrm <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "removing messages" .cindex "abandoning mail" .cindex "message" "manually discarding" @@ -4151,8 +4019,7 @@ placed in the queue. . a bounce message. . .wen -.vitem &%-Mset%&&~<&'message&~id'&> -.oindex "&%-Mset%&" +.cmdopt -Mset <&'message&~id'&> .cindex "testing" "string expansion" .cindex "expansion" "testing" This option is useful only in conjunction with &%-be%& (that is, when testing @@ -4163,8 +4030,7 @@ available. This feature is provided to make it easier to test expansions that make use of these variables. However, this option can be used only by an admin user. See also &%-bem%&. -.vitem &%-Mt%&&~<&'message&~id'&>&~<&'message&~id'&>&~... -.oindex "&%-Mt%&" +.cmdopt -Mt <&'message&~id'&>&~<&'message&~id'&>&~... .cindex "thawing messages" .cindex "unfreezing messages" .cindex "frozen messages" "thawing" @@ -4174,44 +4040,38 @@ This option requests Exim to &"thaw"& any of the listed messages that are messages are active, their status is not altered. This option can be used only by an admin user. -.vitem &%-Mvb%&&~<&'message&~id'&> -.oindex "&%-Mvb%&" +.cmdopt -Mvb <&'message&~id'&> .cindex "listing" "message body" .cindex "message" "listing body of" This option causes the contents of the message body (-D) spool file to be written to the standard output. This option can be used only by an admin user. -.vitem &%-Mvc%&&~<&'message&~id'&> -.oindex "&%-Mvc%&" +.cmdopt -Mvc <&'message&~id'&> .cindex "message" "listing in RFC 2822 format" .cindex "listing" "message in RFC 2822 format" This option causes a copy of the complete message (header lines plus body) to be written to the standard output in RFC 2822 format. This option can be used only by an admin user. -.vitem &%-Mvh%&&~<&'message&~id'&> -.oindex "&%-Mvh%&" +.cmdopt -Mvh <&'message&~id'&> .cindex "listing" "message headers" .cindex "header lines" "listing" .cindex "message" "listing header lines" This option causes the contents of the message headers (-H) spool file to be written to the standard output. This option can be used only by an admin user. -.vitem &%-Mvl%&&~<&'message&~id'&> -.oindex "&%-Mvl%&" +.cmdopt -Mvl <&'message&~id'&> .cindex "listing" "message log" .cindex "message" "listing message log" This option causes the contents of the message log spool file to be written to the standard output. This option can be used only by an admin user. -.vitem &%-m%& -.oindex "&%-m%&" +.cmdopt -m This is a synonym for &%-om%& that is accepted by Sendmail (&url(https://docs.oracle.com/cd/E19457-01/801-6680-1M/801-6680-1M.pdf) p. 1M-258), so Exim treats it that way too. -.vitem &%-N%& -.oindex "&%-N%&" +.cmdopt -N .cindex "debugging" "&%-N%& option" .cindex "debugging" "suppressing delivery" This is a debugging option that inhibits delivery of a message at the transport @@ -4230,27 +4090,23 @@ routing problem. Once &%-N%& has been used for a delivery attempt, it sticks to the message, and applies to any subsequent delivery attempts that may happen for that message. -.vitem &%-n%& -.oindex "&%-n%&" +.cmdopt -n This option is interpreted by Sendmail to mean &"no aliasing"&. For normal modes of operation, it is ignored by Exim. When combined with &%-bP%& it makes the output more terse (suppresses option names, environment values and config pretty printing). -.vitem &%-O%&&~<&'data'&> -.oindex "&%-O%&" +.cmdopt -O <&'data'&> This option is interpreted by Sendmail to mean &`set option`&. It is ignored by Exim. -.vitem &%-oA%&&~<&'file&~name'&> -.oindex "&%-oA%&" +.cmdopt -oA <&'file&~name'&> .cindex "Sendmail compatibility" "&%-oA%& option" This option is used by Sendmail in conjunction with &%-bi%& to specify an alternative alias filename. Exim handles &%-bi%& differently; see the description above. -.vitem &%-oB%&&~<&'n'&> -.oindex "&%-oB%&" +.cmdopt -oB <&'n'&> .cindex "SMTP" "passed connection" .cindex "SMTP" "multiple deliveries" .cindex "multiple SMTP deliveries" @@ -4258,8 +4114,7 @@ This is a debugging option which limits the maximum number of messages that can be delivered down one SMTP connection, overriding the value set in any &(smtp)& transport. If <&'n'&> is omitted, the limit is set to 1. -.vitem &%-odb%& -.oindex "&%-odb%&" +.cmdopt -odb .cindex "background delivery" .cindex "delivery" "in the background" This option applies to all modes in which Exim accepts incoming messages, @@ -4278,8 +4133,7 @@ If one of the queueing options in the configuration file overrides it if &%queue_only_override%& is set true, which is the default setting. If &%queue_only_override%& is set false, &%-odb%& has no effect. -.vitem &%-odf%& -.oindex "&%-odf%&" +.cmdopt -odf .cindex "foreground delivery" .cindex "delivery" "in the foreground" This option requests &"foreground"& (synchronous) delivery when Exim has @@ -4300,13 +4154,11 @@ process exits. See chapter &<>& for a way of setting up a restricted configuration that never queues messages. -.vitem &%-odi%& -.oindex "&%-odi%&" +.cmdopt -odi This option is synonymous with &%-odf%&. It is provided for compatibility with Sendmail. -.vitem &%-odq%& -.oindex "&%-odq%&" +.cmdopt -odq .cindex "non-immediate delivery" .cindex "delivery" "suppressing immediate" .cindex "queueing incoming messages" @@ -4319,8 +4171,7 @@ process encounters them. There are several configuration options (such as conditions. This option overrides all of them and also &%-odqs%&. It always forces queueing. -.vitem &%-odqs%& -.oindex "&%-odqs%&" +.cmdopt -odqs .cindex "SMTP" "delaying delivery" .cindex "first pass routing" This option is a hybrid between &%-odb%&/&%-odi%& and &%-odq%&. @@ -4339,8 +4190,7 @@ host can be sent in a single SMTP connection. The &%queue_smtp_domains%& configuration option has the same effect for specific domains. See also the &%-qq%& option. -.vitem &%-oee%& -.oindex "&%-oee%&" +.cmdopt -oee .cindex "error" "reporting" If an error is detected while a non-SMTP message is being received (for example, a malformed address), the error is reported to the sender in a mail @@ -4353,36 +4203,31 @@ exits with a return code of zero. If not, the return code is 2 if the problem is that the original message has no recipients, or 1 for any other error. This is the default &%-oe%&&'x'& option if Exim is called as &'rmail'&. -.vitem &%-oem%& -.oindex "&%-oem%&" +.cmdopt -oem .cindex "error" "reporting" .cindex "return code" "for &%-oem%&" This is the same as &%-oee%&, except that Exim always exits with a non-zero return code, whether or not the error message was successfully sent. This is the default &%-oe%&&'x'& option, unless Exim is called as &'rmail'&. -.vitem &%-oep%& -.oindex "&%-oep%&" +.cmdopt -oep .cindex "error" "reporting" If an error is detected while a non-SMTP message is being received, the error is reported by writing a message to the standard error file (stderr). .cindex "return code" "for &%-oep%&" The return code is 1 for all errors. -.vitem &%-oeq%& -.oindex "&%-oeq%&" +.cmdopt -oeq .cindex "error" "reporting" This option is supported for compatibility with Sendmail, but has the same effect as &%-oep%&. -.vitem &%-oew%& -.oindex "&%-oew%&" +.cmdopt -oew .cindex "error" "reporting" This option is supported for compatibility with Sendmail, but has the same effect as &%-oem%&. -.vitem &%-oi%& -.oindex "&%-oi%&" +.cmdopt -oi .cindex "dot" "in incoming non-SMTP message" This option, which has the same effect as &%-i%&, specifies that a dot on a line by itself should not terminate an incoming, non-SMTP message. Otherwise, a @@ -4390,12 +4235,10 @@ single dot does terminate, though Exim does no special processing for other lines that start with a dot. This option is set by default if Exim is called as &'rmail'&. See also &%-ti%&. -.vitem &%-oitrue%& -.oindex "&%-oitrue%&" +.cmdopt -oitrue This option is treated as synonymous with &%-oi%&. -.vitem &%-oMa%&&~<&'host&~address'&> -.oindex "&%-oMa%&" +.cmdopt -oMa <&'host&~address'&> .cindex "sender" "host address, specifying for local message" A number of options starting with &%-oM%& can be used to set values associated with remote hosts on locally-submitted messages (that is, messages not received @@ -4418,8 +4261,7 @@ port, if present, in &$sender_host_port$&. If both &%-oMa%& and &%-bh%& are present on the command line, the sender host IP address is taken from whichever one is last. -.vitem &%-oMaa%&&~<&'name'&> -.oindex "&%-oMaa%&" +.cmdopt -oMaa <&'name'&> .cindex "authentication" "name, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMaa%& option sets the value of &$sender_host_authenticated$& (the authenticator @@ -4427,8 +4269,7 @@ name). See chapter &<>& for a discussion of SMTP authentication. This option can be used with &%-bh%& and &%-bs%& to set up an authenticated SMTP session without actually using the SMTP AUTH command. -.vitem &%-oMai%&&~<&'string'&> -.oindex "&%-oMai%&" +.cmdopt -oMai <&'string'&> .cindex "authentication" "id, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMai%& option sets the value of &$authenticated_id$& (the id that was authenticated). @@ -4436,8 +4277,7 @@ This overrides the default value (the caller's login id, except with &%-bh%&, where there is no default) for messages from local sources. See chapter &<>& for a discussion of authenticated ids. -.vitem &%-oMas%&&~<&'address'&> -.oindex "&%-oMas%&" +.cmdopt -oMas <&'address'&> .cindex "authentication" "sender, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMas%& option sets the authenticated sender value in &$authenticated_sender$&. It @@ -4447,16 +4287,14 @@ default. For both &%-bh%& and &%-bs%&, an authenticated sender that is specified on a MAIL command overrides this value. See chapter &<>& for a discussion of authenticated senders. -.vitem &%-oMi%&&~<&'interface&~address'&> -.oindex "&%-oMi%&" +.cmdopt -oMi <&'interface&~address'&> .cindex "interface" "address, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMi%& option sets the IP interface address value. A port number may be included, using the same syntax as for &%-oMa%&. The interface address is placed in &$received_ip_address$& and the port number, if present, in &$received_port$&. -.vitem &%-oMm%&&~<&'message&~reference'&> -.oindex "&%-oMm%&" +.cmdopt -oMm <&'message&~reference'&> .cindex "message reference" "message reference, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMm%& option sets the message reference, e.g. message-id, and is logged during @@ -4469,8 +4307,7 @@ The best example of a message reference is when Exim sends a bounce message. The message reference is the message-id of the original message for which Exim is sending the bounce. -.vitem &%-oMr%&&~<&'protocol&~name'&> -.oindex "&%-oMr%&" +.cmdopt -oMr <&'protocol&~name'&> .cindex "protocol, specifying for local message" .vindex "&$received_protocol$&" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMr%& @@ -4482,37 +4319,32 @@ SMTP protocol names (see the description of &$received_protocol$& in section one of those same names. For &%-bS%& (batched SMTP) however, the protocol can be set by &%-oMr%&. Repeated use of this option is not supported. -.vitem &%-oMs%&&~<&'host&~name'&> -.oindex "&%-oMs%&" +.cmdopt -oMs <&'host&~name'&> .cindex "sender" "host name, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMs%& option sets the sender host name in &$sender_host_name$&. When this option is present, Exim does not attempt to look up a host name from an IP address; it uses the name it is given. -.vitem &%-oMt%&&~<&'ident&~string'&> -.oindex "&%-oMt%&" +.cmdopt -oMt <&'ident&~string'&> .cindex "sender" "ident string, specifying for local message" See &%-oMa%& above for general remarks about the &%-oM%& options. The &%-oMt%& option sets the sender ident value in &$sender_ident$&. The default setting for local callers is the login id of the calling process, except when &%-bh%& is used, when there is no default. -.vitem &%-om%& -.oindex "&%-om%&" +.cmdopt -om .cindex "Sendmail compatibility" "&%-om%& option ignored" In Sendmail, this option means &"me too"&, indicating that the sender of a message should receive a copy of the message if the sender appears in an alias expansion. Exim always does this, so the option does nothing. -.vitem &%-oo%& -.oindex "&%-oo%&" +.cmdopt -oo .cindex "Sendmail compatibility" "&%-oo%& option ignored" This option is ignored. In Sendmail it specifies &"old style headers"&, whatever that means. -.vitem &%-oP%&&~<&'path'&> -.oindex "&%-oP%&" +.cmdopt -oP <&'path'&> .cindex "pid (process id)" "of daemon" .cindex "daemon" "process id (pid)" This option is useful only in conjunction with &%-bd%& or &%-q%& with a time @@ -4521,8 +4353,7 @@ written. When &%-oX%& is used with &%-bd%&, or when &%-q%& with a time is used without &%-bd%&, this is the only way of causing Exim to write a pid file, because in those cases, the normal pid file is not used. -.vitem &%-oPX%& -.oindex "&%-oPX%&" +.cmdopt -oPX .cindex "pid (process id)" "of daemon" .cindex "daemon" "process id (pid)" This option is not intended for general use. @@ -4530,16 +4361,14 @@ The daemon uses it when terminating due to a SIGTEM, possibly in combination with &%-oP%&&~<&'path'&>. It causes the pid file to be removed. -.vitem &%-or%&&~<&'time'&> -.oindex "&%-or%&" +.cmdopt -or <&'time'&> .cindex "timeout" "for non-SMTP input" This option sets a timeout value for incoming non-SMTP messages. If it is not set, Exim will wait forever for the standard input. The value can also be set by the &%receive_timeout%& option. The format used for specifying times is described in section &<>&. -.vitem &%-os%&&~<&'time'&> -.oindex "&%-os%&" +.cmdopt -os <&'time'&> .cindex "timeout" "for SMTP input" .cindex "SMTP" "input timeout" This option sets a timeout value for incoming SMTP messages. The timeout @@ -4547,12 +4376,10 @@ applies to each SMTP command and block of data. The value can also be set by the &%smtp_receive_timeout%& option; it defaults to 5 minutes. The format used for specifying times is described in section &<>&. -.vitem &%-ov%& -.oindex "&%-ov%&" +.cmdopt -ov This option has exactly the same effect as &%-v%&. -.vitem &%-oX%&&~<&'number&~or&~string'&> -.oindex "&%-oX%&" +.cmdopt -oX <&'number&~or&~string'&> .cindex "TCP/IP" "setting listening ports" .cindex "TCP/IP" "setting listening interfaces" .cindex "port" "receiving TCP/IP" @@ -4562,8 +4389,7 @@ of the syntax, and how it interacts with configuration file options, are given in chapter &<>&. When &%-oX%& is used to start a daemon, no pid file is written unless &%-oP%& is also present to specify a pid filename. -.vitem &%-oY%& -.oindex &%-oY%& +.cmdopt -oY .cindex "daemon notifier socket" This option controls the creation of an inter-process communications endpoint by the Exim daemon. @@ -4581,16 +4407,14 @@ fast ramp-up of queue runner processes obtaining a current queue size .endlist -.vitem &%-pd%& -.oindex "&%-pd%&" +.cmdopt -pd .cindex "Perl" "starting the interpreter" This option applies when an embedded Perl interpreter is linked with Exim (see chapter &<>&). It overrides the setting of the &%perl_at_start%& option, forcing the starting of the interpreter to be delayed until it is needed. -.vitem &%-ps%& -.oindex "&%-ps%&" +.cmdopt -ps .cindex "Perl" "starting the interpreter" This option applies when an embedded Perl interpreter is linked with Exim (see chapter &<>&). It overrides the setting of the &%perl_at_start%& @@ -4610,8 +4434,7 @@ to embedded Perl. It is therefore impossible to set a protocol value of &`d`& or &`s`& using this option (but that does not seem a real limitation). Repeated use of this option is not supported. -.vitem &%-q%& -.oindex "&%-q%&" +.cmdopt -q .cindex "queue runner" "starting manually" This option is normally restricted to admin users. However, there is a configuration option called &%prod_requires_admin%& which can be set false to @@ -4827,8 +4650,7 @@ command ETRN is accepted by its ACL (see chapter &<>&), its default effect is to run Exim with the &%-R%& option, but it can be configured to run an arbitrary command instead. -.vitem &%-r%& -.oindex "&%-r%&" +.cmdopt -r This is a documented (for Sendmail) obsolete alternative name for &%-f%&. .vitem &%-S%&<&'rsflags'&>&~<&'string'&> @@ -4840,14 +4662,12 @@ message's sender instead of against the recipients. If &%-R%& is also set, both conditions must be met for a message to be selected. If either of the options has &'f'& or &'ff'& in its flags, the associated action is taken. -.vitem &%-Tqt%&&~<&'times'&> -.oindex "&%-Tqt%&" +.cmdopt -Tqt <&'times'&> This is an option that is exclusively for use by the Exim testing suite. It is not recognized when Exim is run normally. It allows for the setting up of explicit &"queue times"& so that various warning/retry features can be tested. -.vitem &%-t%& -.oindex "&%-t%&" +.cmdopt -t .cindex "recipient" "extracting from header lines" .chindex Bcc: .chindex Cc: @@ -4887,13 +4707,11 @@ are often added at the end of the header, and if a message is resent more than once, it is common for the original set of &%Resent-%& headers to be renamed as &%X-Resent-%& when a new set is added. This removes any possible ambiguity. -.vitem &%-ti%& -.oindex "&%-ti%&" +.cmdopt -ti This option is exactly equivalent to &%-t%& &%-i%&. It is provided for compatibility with Sendmail. -.vitem &%-tls-on-connect%& -.oindex "&%-tls-on-connect%&" +.cmdopt -tls-on-connect .cindex "TLS" "use without STARTTLS" .cindex "TLS" "automatic start" This option is available when Exim is compiled with TLS support. It forces all @@ -4902,16 +4720,14 @@ incoming SMTP connections to behave as if the incoming port is listed in the &<>& for further details. -.vitem &%-U%& -.oindex "&%-U%&" +.cmdopt -U .cindex "Sendmail compatibility" "&%-U%& option ignored" Sendmail uses this option for &"initial message submission"&, and its documentation states that in future releases, it may complain about syntactically invalid messages rather than fixing them when this flag is not set. Exim ignores this option. -.vitem &%-v%& -.oindex "&%-v%&" +.cmdopt -v This option causes Exim to write information to the standard error stream, describing what it is doing. In particular, it shows the log lines for receiving and delivering a message, and if an SMTP connection is made, the SMTP @@ -4920,20 +4736,17 @@ the log if the setting of &%log_selector%& discards them. Any relevant selectors are shown with each log line. If none are shown, the logging is unconditional. -.vitem &%-x%& -.oindex "&%-x%&" +.cmdopt -x AIX uses &%-x%& for a private purpose (&"mail from a local mail program has National Language Support extended characters in the body of the mail item"&). It sets &%-x%& when calling the MTA from its &%mail%& command. Exim ignores this option. -.vitem &%-X%&&~<&'logfile'&> -.oindex "&%-X%&" +.cmdopt -X <&'logfile'&> This option is interpreted by Sendmail to cause debug information to be sent to the named file. It is ignored by Exim. -.vitem &%-z%&&~<&'log-line'&> -.oindex "&%-z%&" +.cmdopt -z <&'log-line'&> This option writes its argument to Exim's logfile. Use is restricted to administrators; the intent is for operational notes. Quotes should be used to maintain a multi-word item as a single argument, @@ -6774,9 +6587,7 @@ domains = ${lookup{$sender_host_address}lsearch{/some/file}} domains = lsearch;/some/file .endd The first uses a string expansion, the result of which must be a domain list. -.new The key for an expansion-style lookup must be given explicitly. -.wen No strings have been specified for a successful or a failing lookup; the defaults in this case are the looked-up data and an empty string, respectively. The expansion takes place before the string is processed as a list, and the @@ -6802,11 +6613,9 @@ domain2: Any data that follows the keys is not relevant when checking that the domain matches the list item. -.new The key for a list-style lookup is implicit, from the lookup context, if the lookup is a single-key type (see below). For query-style lookup types the key must be given explicitly. -.wen It is possible, though no doubt confusing, to use both kinds of lookup at once. Consider a file containing lines like this: @@ -6857,11 +6666,9 @@ The &'query-style'& type accepts a generalized database query. No particular key value is assumed by Exim for query-style lookups. You can use whichever Exim variables you need to construct the database query. .cindex "tainted data" "quoting for lookups" -.new If tainted data is used in the query then it should be quuted by using the &*${quote_*&<&'lookup-type'&>&*:*&<&'string'&>&*}*& expansion operator appropriate for the lookup. -.wen .endlist The code for each lookup type is in a separate source file that is included in @@ -7579,7 +7386,7 @@ specified. ${lookup dnsdb{>:,; soa=a.b.example.com}} .endd -.section "Dnsdb lookup modifiers" "SECTdnsdb_mod" +.subsection "Dnsdb lookup modifiers" SECTdnsdb_mod .cindex "dnsdb modifiers" .cindex "modifiers" "dnsdb" .cindex "options" "dnsdb" @@ -7637,7 +7444,7 @@ The cache entry lifetime is limited to the smallest time-to-live (TTL) value of the set of returned DNS records. -.section "Pseudo dnsdb record types" "SECID66" +.subsection "Pseudo dnsdb record types" SECID66 .cindex "MX record" "in &(dnsdb)& lookup" By default, both the preference value and the host name are returned for each MX record, separated by a space. If you want only host names, you can use @@ -7693,7 +7500,7 @@ ${lookup dnsdb {>; a+=$sender_helo_name}} .endd -.section "Multiple dnsdb lookups" "SECID67" +.subsection "Multiple dnsdb lookups" SECID67 In the previous sections, &(dnsdb)& lookups for a single domain are described. However, you can specify a list of domains or IP addresses in a single &(dnsdb)& lookup. The list is specified in the normal Exim way, with colon as @@ -7758,7 +7565,7 @@ the data returned by a successful lookup is described in the next section. First we explain how LDAP queries are coded. -.section "Format of LDAP queries" "SECTforldaque" +.subsection "Format of LDAP queries" SECTforldaque .cindex "LDAP" "query format" An LDAP query takes the form of a URL as defined in RFC 2255. For example, in the configuration of a &(redirect)& router one might have this setting: @@ -7787,7 +7594,7 @@ methods become optional, only taking effect if not specifically set in &_exim.conf_&. -.section "LDAP quoting" "SECID68" +.subsection "LDAP quoting" SECID68 .cindex "LDAP" "quoting" Two levels of quoting are required in LDAP queries, the first for LDAP itself and the second because the LDAP query is represented as a URL. Furthermore, @@ -7844,7 +7651,7 @@ There are some further comments about quoting in the section on LDAP authentication below. -.section "LDAP connections" "SECID69" +.subsection "LDAP connections" SECID69 .cindex "LDAP" "connections" The connection to an LDAP server may either be over TCP/IP, or, when OpenLDAP is in use, via a Unix domain socket. The example given above does not specify @@ -7918,7 +7725,7 @@ Using &`ldapi`& with no host or path in the query, and no setting of -.section "LDAP authentication and control information" "SECID70" +.subsection "LDAP authentication and control information" SECID70 .cindex "LDAP" "authentication" The LDAP URL syntax provides no way of passing authentication and other control information to the server. To make this possible, the URL in an LDAP query may @@ -7926,7 +7733,7 @@ be preceded by any number of <&'name'&>=<&'value'&> settings, separated by spaces. If a value contains spaces it must be enclosed in double quotes, and when double quotes are used, backslash is interpreted in the usual way inside them. The following names are recognized: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 20* left 80* left .irow DEREFERENCE "set the dereferencing parameter" .irow NETTIME "set a timeout for a network operation" .irow USER "set the DN, for authenticating the LDAP bind" @@ -8012,7 +7819,7 @@ SMTP authentication. See the &%ldapauth%& expansion string condition in chapter -.section "Format of data returned by LDAP" "SECID71" +.subsection "Format of data returned by LDAP" SECID71 .cindex "LDAP" "returned data formats" The &(ldapdn)& lookup type returns the Distinguished Name from a single entry as a sequence of values, for example @@ -8146,7 +7953,7 @@ If the result of the query yields more than one row, it is all concatenated, with a newline between the data for each row. -.section "More about MySQL, PostgreSQL, Oracle, InterBase, and Redis" "SECID72" +.subsection "More about MySQL, PostgreSQL, Oracle, InterBase, and Redis" SECID72 .cindex "MySQL" "lookup type" .cindex "PostgreSQL lookup type" .cindex "lookup" "MySQL" @@ -8216,7 +8023,7 @@ itself are escaped with backslashes. The &%quote_redis%& expansion operator escapes whitespace and backslash characters with a backslash. -.section "Specifying the server in the query" "SECTspeserque" +.subsection "Specifying the server in the query" SECTspeserque For MySQL, PostgreSQL and Redis lookups (but not currently for Oracle and InterBase), it is possible to specify a list of servers with an individual query. This is done by appending a comma-separated option to the query type: @@ -8266,7 +8073,7 @@ arguments in the query, for explicit expansion. &*Note*&: server specifications in list-style lookups are still problematic. -.section "Special MySQL features" "SECID73" +.subsection "Special MySQL features" SECID73 For MySQL, an empty host name or the use of &"localhost"& in &%mysql_servers%& causes a connection to the server on the local host by means of a Unix domain socket. An alternate socket can be specified in parentheses. @@ -8291,7 +8098,7 @@ anything (for example, setting a field to the value it already has), the result is zero because no rows are affected. -.section "Special PostgreSQL features" "SECID74" +.subsection "Special PostgreSQL features" SECID74 PostgreSQL lookups can also use Unix domain socket connections to the database. This is usually faster and costs less CPU time than a TCP/IP connection. However it can be used only if the mail server runs on the same machine as the @@ -8308,7 +8115,7 @@ If a PostgreSQL query is issued that does not request any data (an insert, update, or delete command), the result of the lookup is the number of rows affected. -.section "More about SQLite" "SECTsqlite" +.subsection "More about SQLite" SECTsqlite .cindex "lookup" "SQLite" .cindex "sqlite lookup type" SQLite is different to the other SQL lookups because a filename is required in @@ -8359,7 +8166,7 @@ waits for the lock to be released. In Exim, the default timeout is set to 5 seconds, but it can be changed by means of the &%sqlite_lock_timeout%& option. -.section "More about Redis" "SECTredis" +.subsection "More about Redis" SECTredis .cindex "lookup" "Redis" .cindex "redis lookup type" Redis is a non-SQL database. Commands are simple get and set. @@ -8408,6 +8215,34 @@ domain, host, address and local part lists. +.section "Results of list checking" SECTlistresults +The primary result of doing a list check is a truth value. +In some contexts additional information is stored +about the list element that matched: +.vlist +.vitem hosts +A &%hosts%& ACL condition +will store a result in the &$host_data$& variable. +.vitem local_parts +A &%local_parts%& router option or &%local_parts%& ACL condition +will store a result in the &$local_part_data$& variable. +.vitem domains +A &%domains%& router option or &%domains%& ACL condition +will store a result in the &$domain_data$& variable. +.vitem senders +A &%senders%& router option or &%senders%& ACL condition +will store a result in the &$sender_data$& variable. +.vitem recipients +A &%recipients%& ACL condition +will store a result in the &$recipient_data$& variable. +.endlist + +The detail of the additional information depends on the +type of match and is given below as the &*value*& information. + + + + .section "Expansion of lists" "SECTlistexpand" .cindex "expansion" "of lists" Each list is expanded as a single string before it is used. @@ -8443,7 +8278,7 @@ senders based on the receiving domain. -.section "Negated items in lists" "SECID76" +.subsection "Negated items in lists" SECID76 .cindex "list" "negation" .cindex "negation" "in lists" Items in a list may be positive or negative. Negative items are indicated by a @@ -8476,7 +8311,7 @@ item. -.section "File names in lists" "SECTfilnamlis" +.subsection "File names in lists" SECTfilnamlis .cindex "list" "filename in" If an item in a domain, host, address, or local part list is an absolute filename (beginning with a slash character), each line of the file is read and @@ -8518,7 +8353,7 @@ any domain matching &`*.b.c`& is not. -.section "An lsearch file is not an out-of-line list" "SECID77" +.subsection "An lsearch file is not an out-of-line list" SECID77 As will be described in the sections that follow, lookups can be used in lists to provide indexed methods of checking list membership. There has been some confusion about the way &(lsearch)& lookups work in lists. Because @@ -8535,35 +8370,7 @@ in the previous section. You could also use the &(wildlsearch)& or -.section "Results of list checking" SECTlistresults -The primary result of doing a list check is a truth value. -In some contexts additional information is stored -about the list element that matched: -.vlist -.vitem hosts -A &%hosts%& ACL condition -will store a result in the &$host_data$& variable. -.vitem local_parts -A &%local_parts%& router option or &%local_parts%& ACL condition -will store a result in the &$local_part_data$& variable. -.vitem domains -A &%domains%& router option or &%domains%& ACL condition -will store a result in the &$domain_data$& variable. -.vitem senders -A &%senders%& router option or &%senders%& ACL condition -will store a result in the &$sender_data$& variable. -.vitem recipients -A &%recipients%& ACL condition -will store a result in the &$recipient_data$& variable. -.endlist - -The detail of the additional information depends on the -type of match and is given below as the &*value*& information. - - - - -.section "Named lists" "SECTnamedlists" +.subsection "Named lists" SECTnamedlists .cindex "named lists" .cindex "list" "named" A list of domains, hosts, email addresses, or local parts can be given a name @@ -8652,7 +8459,7 @@ hosts. The default configuration is set up like this. -.section "Named lists compared with macros" "SECID78" +.subsection "Named lists compared with macros" SECID78 .cindex "list" "named compared with macro" .cindex "macro" "compared with named list" At first sight, named lists might seem to be no different from macros in the @@ -8678,7 +8485,7 @@ auth_advertise_hosts = !host1 : !host2 .endd -.section "Named list caching" "SECID79" +.subsection "Named list caching" SECID79 .cindex "list" "caching of named" .cindex "caching" "named lists" While processing a message, Exim caches the result of checking a named list if @@ -8953,7 +8760,7 @@ You need to be particularly careful with this when single-key lookups are involved, to ensure that the right value is being used as the key. -.section "Special host list patterns" "SECID80" +.subsection "Special host list patterns" SECID80 .cindex "empty item in hosts list" .cindex "host list" "empty string in" If a host list item is the empty string, it matches only when no remote host is @@ -8967,7 +8774,7 @@ the IP address nor the name is actually inspected. -.section "Host list patterns that match by IP address" "SECThoslispatip" +.subsection "Host list patterns that match by IP address" SECThoslispatip .cindex "host list" "matching IP addresses" If an IPv4 host calls an IPv6 host and the call is accepted on an IPv6 socket, the incoming address actually appears in the IPv6 host as @@ -9070,8 +8877,8 @@ list. -.section "Host list patterns for single-key lookups by host address" &&& - "SECThoslispatsikey" +.subsection "Host list patterns for single-key lookups by host address" &&& + SECThoslispatsikey .cindex "host list" "lookup of IP address" When a host is to be identified by a single-key lookup of its complete IP address, the pattern takes this form: @@ -9130,7 +8937,7 @@ case the IP address is used on its own. -.section "Host list patterns that match by host name" "SECThoslispatnam" +.subsection "Host list patterns that match by host name" SECThoslispatnam .cindex "host" "lookup failures" .cindex "unknown host name" .cindex "host list" "matching host name" @@ -9205,7 +9012,7 @@ required. -.section "Behaviour when an IP address or name cannot be found" "SECTbehipnot" +.subsection "Behaviour when an IP address or name cannot be found" SECTbehipnot .cindex "host" "lookup failures, permanent" While processing a host list, Exim may need to look up an IP address from a name (see section &<>&), or it may need to look up a host name @@ -9251,8 +9058,8 @@ Both &`+include_unknown`& and &`+ignore_unknown`& may appear in the same list. The effect of each one lasts until the next, or until the end of the list. -.section "Mixing wildcarded host names and addresses in host lists" &&& - "SECTmixwilhos" +.subsection "Mixing wildcarded host names and addresses in host lists" &&& + SECTmixwilhos .cindex "host list" "mixing names and addresses in" This section explains the host/ip processing logic with the same concepts @@ -9288,8 +9095,8 @@ this section. .endlist -.section "Temporary DNS errors when looking up host information" &&& - "SECTtemdnserr" +.subsection "Temporary DNS errors when looking up host information" &&& + SECTtemdnserr .cindex "host" "lookup failures, temporary" .cindex "&`+include_defer`&" .cindex "&`+ignore_defer`&" @@ -9302,8 +9109,8 @@ host lists such as whitelists. -.section "Host list patterns for single-key lookups by host name" &&& - "SECThoslispatnamsk" +.subsection "Host list patterns for single-key lookups by host name" &&& + SECThoslispatnamsk .cindex "unknown host name" .cindex "host list" "matching host name" If a pattern is of the form @@ -9327,7 +9134,7 @@ lookup, both using the same file. -.section "Host list patterns for query-style lookups" "SECID81" +.subsection "Host list patterns for query-style lookups" SECID81 If a pattern is of the form .display <&'query-style-search-type'&>;<&'query'&> @@ -9559,7 +9366,7 @@ example it is a named domain list. -.section "Case of letters in address lists" "SECTcasletadd" +.subsection "Case of letters in address lists" SECTcasletadd .cindex "case of local parts" .cindex "address list" "case forcing" .cindex "case forcing in address lists" @@ -9706,6 +9513,17 @@ value. Nevertheless the &%-be%& option can be useful for checking out file and database lookups, and the use of expansion operators such as &%sg%&, &%substr%& and &%nhash%&. +.new +When reading lines from the standard input, +macros can be defined and ACL variables can be set. +For example: +.code +MY_MACRO = foo +set acl_m_myvar = bar +.endd +Such macros and variables can then be used in later input lines. +.wen + Exim gives up its root privilege when it is called with the &%-be%& option, and instead runs under the uid and gid it was called with, to prevent users from using &%-be%& for reading files to which they do not have access. @@ -10687,7 +10505,6 @@ expansion item in section &<>& above. .cindex "expansion" "running a command" .cindex "&%run%& expansion item" This item runs an external command, as a subprocess. -.new One option is supported after the word &'run'&, comma-separated. If the option &'preexpand'& is not used, @@ -10704,7 +10521,6 @@ potential attacker; a careful assessment for security vulnerabilities should be done. If the option &'preexpand'& is used, -.wen the command and its arguments are first expanded as one string. The result is split apart into individual arguments by spaces, and then the command is run as above. @@ -10718,9 +10534,7 @@ in a string containing quotes, because it would interfere with the quotes around the command arguments. A possible guard against this is to wrap the variable in the &%sg%& operator to change any quote marks to some other character. -.new Neither the command nor any argument may be tainted. -.wen The standard input for the command exists, but is empty. The standard output and standard error are set to the same file descriptor. @@ -11286,9 +11100,7 @@ returns the string &"10.111.131.192/28"&. Since this operation is expected to be mostly used for looking up masked addresses in files, the -.new normal -.wen result for an IPv6 address uses dots to separate components instead of colons, because colon terminates a key string in lsearch files. So, for example, @@ -11299,10 +11111,8 @@ returns the string .code 3ffe.ffff.836f.0a00.000a.0800.2000.0000/99 .endd -.new If the optional form &*mask_n*& is used, IPv6 address result are instead returned in normailsed form, using colons and with zero-compression. -.wen Letters in IPv6 addresses are always output in lower case. @@ -11634,7 +11444,7 @@ condition. .cindex "expansion" "numeric comparison" There are a number of symbolic operators for doing numeric comparisons. They are: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 10* left 90* left .irow "= " "equal" .irow "== " "equal" .irow "> " "greater" @@ -11940,7 +11750,6 @@ ${if inlisti{Needle}{fOo:NeeDLE:bAr}} ${if forany{fOo:NeeDLE:bAr}{eqi{$item}{Needle}}} .endd -.new The variable &$value$& will be set for a successful match and can be used in the success clause of an &%if%& expansion item using the condition. .cindex "tainted data" "de-tainting" @@ -11951,7 +11760,6 @@ ${if inlist {$h_mycode:} {0 : 1 : 42} {$value}} .endd can be used for de-tainting. Any previous &$value$& is restored after the if. -.wen .vitem &*isip&~{*&<&'string'&>&*}*& &&& @@ -12150,7 +11958,6 @@ item can be used, as in all address lists, to cause subsequent items to have their local parts matched casefully. Domains are always matched caselessly. -.new The variable &$value$& will be set for a successful match and can be used in the success clause of an &%if%& expansion item using the condition. .cindex "tainted data" "de-tainting" @@ -12161,7 +11968,6 @@ ${if match_local_part {$local_part} {alice : bill : charlotte : dave} {$value}} .endd can be used for de-tainting. Any previous &$value$& is restored after the if. -.wen Note that <&'string2'&> is not itself subject to string expansion, unless Exim was built with the EXPAND_LISTMATCH_RHS option. @@ -12358,7 +12164,6 @@ parsed but not evaluated. This section contains an alphabetical list of all the expansion variables. Some of them are available only when Exim is compiled with specific options such as support for TLS or the content scanning extension. -.new .cindex "tainted data" Variables marked as &'tainted'& are likely to carry data supplied by a potential attacker. @@ -12367,7 +12172,6 @@ values are created. Such variables should not be further expanded, used as filenames or used as command-line arguments for external commands. -.wen .vlist .vitem "&$0$&, &$1$&, etc" @@ -12382,9 +12186,7 @@ variables may also be set externally by some other matching process which precedes the expansion of the string. For example, the commands available in Exim filter files include an &%if%& command with its own regular expression matching condition. -.new If the subject string was tainted then any captured substring will also be. -.wen .vitem "&$acl_arg1$&, &$acl_arg2$&, etc" Within an acl condition, expansion condition or expansion item @@ -13290,11 +13092,9 @@ This is not an expansion variable, but is mentioned here because the string (described under &%transport_filter%& in chapter &<>&). It cannot be used in general expansion strings, and provokes an &"unknown variable"& error if encountered. -.new &*Note*&: This value permits data supplied by a potential attacker to be used in the command for a &(pipe)& transport. Such configurations should be carefully assessed for security vulnerbilities. -.wen .vitem &$primary_hostname$& .vindex "&$primary_hostname$&" @@ -13513,9 +13313,7 @@ This variable is set to contain the matching regular expression after a When a &%regex%& or &%mime_regex%& ACL condition succeeds, these variables contain the captured substrings identified by the regular expression. -.new If the subject string was tainted then so will any captured substring. -.wen .tvar &$reply_address$& @@ -18582,7 +18380,6 @@ of the later IKE values, which led into RFC7919 providing new fixed constants At this point, all of the "ike" values should be considered obsolete; they are still in Exim to avoid breaking unusual configurations, but are candidates for removal the next time we have backwards-incompatible changes. -.new Two of them in particular (&`ike1`& and &`ike22`&) are called out by RFC 8247 as MUST NOT use for IPSEC, and two more (&`ike23`& and &`ike24`&) as SHOULD NOT. @@ -18590,7 +18387,6 @@ Because of this, Exim regards them as deprecated; if either of the first pair are used, warnings will be logged in the paniclog, and if any are used then warnings will be logged in the mainlog. All four will be removed in a future Exim release. -.wen The TLS protocol does not negotiate an acceptable size for this; clients tend to hard-drop connections if what is offered by the server is unacceptable, @@ -24777,11 +24573,9 @@ This list is a compromise for maximum compatibility with other MTAs. Note that the &%environment%& option can be used to add additional variables to this environment. The environment for the &(pipe)& transport is not subject to the &%add_environment%& and &%keep_environment%& main config options. -.new &*Note*&: Using enviroment variables loses track of tainted data. Writers of &(pipe)& transport commands should be wary of data supplied by potential attackers. -.wen .display &`DOMAIN `& the domain of the address &`HOME `& the home directory, if set @@ -24873,10 +24667,8 @@ the &%path%& option below). The command is split up into separate arguments by Exim, and each argument is separately expanded, as described in section &<>& above. -.new .cindex "tainted data" No part of the resulting command may be tainted. -.wen .option environment pipe string&!! unset @@ -25585,7 +25377,6 @@ helo_data = ${lookup dnsdb{ptr=$sending_ip_address} \ The use of &%helo_data%& applies both to sending messages and when doing callouts. -.new .option host_name_extract smtp "string list&!!" "see below" .cindex "load balancer" "hosts behind" .cindex TLS resumption @@ -25615,7 +25406,6 @@ of other destination sites operating load-balancers, and develop a suitable expression for this option. The smtp:ehlo event and the &$tls_out_resumption$& variable will be useful for such work. -.wen .option hosts smtp "string list&!!" unset Hosts are associated with an address by a router such as &(dnslookup)&, which @@ -25684,10 +25474,8 @@ so combines well with TCP Fast Open. See also the &%pipelining_connect_advertise_hosts%& main option. Note: -.new When the facility is used, if the transport &%interface%& option is unset the &%helo_data%& option -.wen will be expanded before the &$sending_ip_address$& variable is filled in. A check is made for the use of that variable, without the @@ -26443,7 +26231,7 @@ message's processing. .vindex "&$sender_address$&" At the start of an ACL for MAIL, the sender address may have been rewritten -by a special SMTP-time rewrite rule (see section &<>&), but no +by a special SMTP-time rewrite rule (see section &<>&), but no ordinary rewrite rules have yet been applied. If, however, the sender address is verified in the ACL, it is rewritten before verification, and remains rewritten thereafter. The subsequent value of &$sender_address$& is the @@ -26650,7 +26438,7 @@ entry written to the panic log. -.section "Rewriting flags" "SECID153" +.subsection "Rewriting flags" "SSECID153" There are three different kinds of flag that may appear on rewriting rules: .ilist @@ -26667,11 +26455,11 @@ E, F, T, and S are not permitted. -.section "Flags specifying which headers and envelope addresses to rewrite" &&& - "SECID154" -.cindex "rewriting" "flags" +.subsection "Flags specifying which headers and envelope addresses to rewrite" &&& + "SSECID154" +.cindex rewriting flags If none of the following flag letters, nor the &"S"& flag (see section -&<>&) are present, a main rewriting rule applies to all headers +&<>&) are present, a main rewriting rule applies to all headers and to both the sender and recipient fields of the envelope, whereas a transport-time rewriting rule just applies to all headers. Otherwise, the rewriting rule is skipped unless the relevant addresses are being processed. @@ -26695,10 +26483,10 @@ You should be particularly careful about rewriting &'Sender:'& headers, and restrict this to special known cases in your own domains. -.section "The SMTP-time rewriting flag" "SECTrewriteS" -.cindex "SMTP" "rewriting malformed addresses" -.cindex "RCPT" "rewriting argument of" -.cindex "MAIL" "rewriting argument of" +.subsection "The SMTP-time rewriting flag" SSECTrewriteS +.cindex SMTP "rewriting malformed addresses" +.cindex RCPT "rewriting argument of" +.cindex MAIL "rewriting argument of" The rewrite flag &"S"& specifies a rewrite of incoming envelope addresses at SMTP time, as soon as an address is received in a MAIL or RCPT command, and before any other processing; even before syntax checking. The pattern is @@ -26715,7 +26503,7 @@ expansion of the replacement string. The result of rewriting replaces the original address in the MAIL or RCPT command. -.section "Flags controlling the rewriting process" "SECID155" +.subsection "Flags controlling the rewriting process" SSECID155 There are four flags which control the way the rewriting process works. These take effect only when a rule is invoked, that is, when the address is of the correct type (matches the flags) and matches the pattern: @@ -27395,7 +27183,7 @@ it is enforced. .cindex "ESMTP extensions" AUTH Very briefly, the way SMTP authentication works is as follows: -.ilist +.olist The server advertises a number of authentication &'mechanisms'& in response to the client's EHLO command. .next @@ -27751,7 +27539,18 @@ no successful authentication. Successful authentication sets up information used by the &%authresults%& expansion item. - +.new +.cindex authentication "failure event, server" +If an authenticator is run and does not succeed, +an event (see &<>&) of type "auth:fail" is raised. +While the event is being processed the variables +&$sender_host_authenticated$& (with the authenticator name) +and &$authenticated_fail_id$& (as set by the authenticator &%server_set_id%& option) +will be valid. +If the event is serviced and a string is returned then the string will be logged +instead of the default log line. +See <> for details on events. +.wen .section "Testing server authentication" "SECID169" @@ -27829,6 +27628,19 @@ If the result of the authentication attempt is a temporary error or a timeout, Exim abandons trying to send the message to the host for the moment. It will try again later. If there are any backup hosts available, they are tried in the usual way. + +.new +.next +.cindex authentication "failure event, client" +If the response to authentication is a permanent error (5&'xx'& code), +an event (see &<>&) of type "auth:fail" is raised. +While the event is being processed the variable +&$sender_host_authenticated$& (with the authenticator name) +will be valid. +If the event is serviced and a string is returned then the string will be logged. +See <> for details on events. +.wen + .next If the response to authentication is a permanent error (5&'xx'& code), Exim carries on searching the list of authenticators and tries another one if @@ -29563,7 +29375,7 @@ For outgoing SMTP deliveries, &$tls_out_cipher$& is used and logged (again depending on the &%tls_cipher%& log selector). -.section "Requesting and verifying client certificates" "SECID183" +.subsection "Requesting and verifying client certificates" SECID183 .cindex "certificate" "verification of client" .cindex "TLS" "client certificate verification" If you want an Exim server to request a certificate when negotiating a TLS @@ -29869,7 +29681,7 @@ outgoing connection. -.section "Caching of static client configuration items" "SECTclientTLScache" +.subsection "Caching of static client configuration items" SECTclientTLScache .cindex certificate caching .cindex privatekey caching .cindex crl caching @@ -29958,10 +29770,8 @@ nothing more to it. Choosing a sensible value not derived insecurely is the only point of caution. The &$tls_out_sni$& variable will be set to this string for the lifetime of the client connection (including during authentication). -.new If DANE validated the connection attempt then the value of the &%tls_sni%& option is forced to the name of the destination host, after any MX- or CNAME-following. -.wen Except during SMTP client sessions, if &$tls_in_sni$& is set then it is a string received from a client. @@ -30102,7 +29912,7 @@ Ivan is the author of the popular TLS testing tools at &url(https://www.ssllabs.com/). -.section "Certificate chains" "SECID186" +.subsection "Certificate chains" SECID186 A file named by &%tls_certificate%& may contain more than one certificate. This is useful in the case where the certificate that is being sent is validated by an intermediate certificate which the other end does @@ -30123,7 +29933,7 @@ diagnostics in such a case can be frustratingly vague. -.section "Self-signed certificates" "SECID187" +.subsection "Self-signed certificates" SECID187 .cindex "certificate" "self-signed" You can create a self-signed certificate using the &'req'& command provided with OpenSSL, like this: @@ -30572,7 +30382,7 @@ trying to deliver the message. It is therefore recommended that you do as much testing as possible at RCPT time. -.section "The non-SMTP ACLs" "SECID190" +.subsection "The non-SMTP ACLs" SECID190 .cindex "non-SMTP messages" "ACLs for" The non-SMTP ACLs apply to all non-interactive incoming messages, that is, they apply to batched SMTP as well as to non-SMTP messages. (Batched SMTP is not @@ -30606,7 +30416,7 @@ kind of rejection is treated as permanent, because there is no way of sending a temporary error for these kinds of message. -.section "The SMTP connect ACL" "SECID191" +.subsection "The SMTP connect ACL" SECID191 .cindex "SMTP" "connection, ACL for" .oindex &%smtp_banner%& The ACL test specified by &%acl_smtp_connect%& happens at the start of an SMTP @@ -30616,13 +30426,11 @@ accepted by an &%accept%& verb that has a &%message%& modifier, the contents of the message override the banner message that is otherwise specified by the &%smtp_banner%& option. -.new For tls-on-connect connections, the ACL is run after the TLS connection is accepted (however, &%host_reject_connection%& is tested before). -.wen -.section "The EHLO/HELO ACL" "SECID192" +.subsection "The EHLO/HELO ACL" SECID192 .cindex "EHLO" "ACL for" .cindex "HELO" "ACL for" The ACL test specified by &%acl_smtp_helo%& happens when the client issues an @@ -30643,7 +30451,7 @@ affect the EHLO options that are listed on the second and subsequent lines of an EHLO response. -.section "The DATA ACLs" "SECID193" +.subsection "The DATA ACLs" SECID193 .cindex "DATA" "ACLs for" Two ACLs are associated with the DATA command, because it is two-stage command, with two responses being sent to the client. @@ -30682,7 +30490,7 @@ the &%acl_smtp_data_prdr%&, the &%acl_smtp_dkim%& and the &%acl_smtp_mime%& ACLs. -.section "The SMTP DKIM ACL" "SECTDKIMACL" +.subsection "The SMTP DKIM ACL" SECTDKIMACL The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support enabled (which is the default). @@ -30695,14 +30503,14 @@ This ACL is evaluated before &%acl_smtp_mime%& and &%acl_smtp_data%&. For details on the operation of DKIM, see section &<>&. -.section "The SMTP MIME ACL" "SECID194" +.subsection "The SMTP MIME ACL" SECID194 The &%acl_smtp_mime%& option is available only when Exim is compiled with the content-scanning extension. For details, see chapter &<>&. This ACL is evaluated after &%acl_smtp_dkim%& but before &%acl_smtp_data%&. -.section "The SMTP PRDR ACL" "SECTPRDRACL" +.subsection "The SMTP PRDR ACL" SECTPRDRACL .cindex "PRDR" "ACL for" .oindex "&%prdr_enable%&" The &%acl_smtp_data_prdr%& ACL is available only when Exim is compiled @@ -30736,7 +30544,7 @@ This ACL is evaluated after &%acl_smtp_dkim%& but before &%acl_smtp_data%&. If the ACL is not defined, processing completes as if the feature was not requested by the client. -.section "The QUIT ACL" "SECTQUITACL" +.subsection "The QUIT ACL" SECTQUITACL .cindex "QUIT, ACL for" The ACL for the SMTP QUIT command is anomalous, in that the outcome of the ACL does not affect the response code to QUIT, which is always 221. Thus, the ACL @@ -30763,7 +30571,7 @@ client are given temporary error responses until QUIT is received or the connection is closed. In these special cases, the QUIT ACL does not run. -.section "The not-QUIT ACL" "SECTNOTQUITACL" +.subsection "The not-QUIT ACL" SECTNOTQUITACL .vindex &$acl_smtp_notquit$& The not-QUIT ACL, specified by &%acl_smtp_notquit%&, is run in most cases when an SMTP session ends without sending QUIT. However, when Exim itself is in bad @@ -31739,14 +31547,12 @@ This control turns on debug logging, almost as though Exim had been invoked with &`-d`&, with the output going to a new logfile in the usual logs directory, by default called &'debuglog'&. -.new Logging set up by the control will be maintained across spool residency. Options are a slash-separated list. If an option takes an argument, the option name and argument are separated by an equals character. Several options are supported: -.wen .display tag=<&'suffix'&> The filename can be adjusted with thise option. The argument, which may access any variables already defined, @@ -32304,7 +32110,7 @@ different variants of this condition to describe briefly here. See sections .cindex "domain" "ACL checking" .cindex "&ACL;" "testing a recipient domain" .vindex "&$domain_data$&" -This condition is relevant only after a RCPT command. It checks that the domain +This condition is relevant only in a RCPT ACL. It checks that the domain of the recipient address is in the domain list. If percent-hack processing is enabled, it is done before this test is done. If the check succeeds with a lookup, the result of the lookup is placed in &$domain_data$& until the next @@ -32372,7 +32178,7 @@ which gives a custom error message for each denied host. .cindex "local part" "ACL checking" .cindex "&ACL;" "testing a local part" .vindex "&$local_part_data$&" -This condition is relevant only after a RCPT command. It checks that the local +This condition is relevant only in a RCPT ACL. It checks that the local part of the recipient address is in the list. If percent-hack processing is enabled, it is done before this test. If the check succeeds with a lookup, the result of the lookup is placed in &$local_part_data$&, which remains set until @@ -32406,7 +32212,7 @@ messages. Details are given in section &<>&. .cindex "&%recipients%& ACL condition" .cindex "recipient" "ACL checking" .cindex "&ACL;" "testing a recipient" -This condition is relevant only after a RCPT command. It checks the entire +This condition is relevant only in a RCPT ACL. It checks the entire recipient address against a list of recipients. .vitem &*regex&~=&~*&<&'list&~of&~regular&~expressions'&> @@ -32417,13 +32223,11 @@ content-scanning extension, and is available only in the DATA, MIME, and non-SMTP ACLs. It causes the incoming message to be scanned for a match with any of the regular expressions. For details, see chapter &<>&. -.new .vitem &*seen&~=&~*&<&'parameters'&> -.cindex "&%sseen%& ACL condition" +.cindex "&%seen%& ACL condition" This condition can be used to test if a situation has been previously met, for example for greylisting. Details are given in section &<>&. -.wen .vitem &*sender_domains&~=&~*&<&'domain&~list'&> .cindex "&%sender_domains%& ACL condition" @@ -32683,7 +32487,7 @@ This is usually the required action when &%dnslists%& is used with &%deny%& (which is the most common usage), because it prevents a DNS failure from blocking mail. However, you can change this behaviour by putting one of the following special items in the list: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 25* left 75* left .irow "+include_unknown" "behave as if the item is on the list" .irow "+exclude_unknown" "behave as if the item is not on the list (default)" .irow "+defer_unknown " "give a temporary error" @@ -32717,7 +32521,7 @@ or free for small deployments. An overview can be found at -.section "Specifying the IP address for a DNS list lookup" "SECID201" +.subsection "Specifying the IP address for a DNS list lookup" SECID201 .cindex "DNS list" "keyed by explicit IP address" By default, the IP address that is used in a DNS list lookup is the IP address of the calling host. However, you can specify another IP address by listing it @@ -32733,7 +32537,7 @@ MX hosts or nameservers of an email sender address. For an example, see section -.section "DNS lists keyed on domain names" "SECID202" +.subsection "DNS lists keyed on domain names" SECID202 .cindex "DNS list" "keyed by domain name" There are some lists that are keyed on domain names rather than inverted IP addresses (see, e.g., the &'domain based zones'& link at @@ -32763,7 +32567,7 @@ name. The whole condition is true if either of the DNS lookups succeeds. -.section "Multiple explicit keys for a DNS list" "SECTmulkeyfor" +.subsection "Multiple explicit keys for a DNS list" SECTmulkeyfor .cindex "DNS list" "multiple keys for" The syntax described above for looking up explicitly-defined values (either names or IP addresses) in a DNS blacklist is a simplification. After the domain @@ -32830,13 +32634,13 @@ The key that was used for a successful DNS list lookup is put into the variable -.section "Data returned by DNS lists" "SECID203" +.subsection "Data returned by DNS lists" SECID203 .cindex "DNS list" "data returned from" DNS lists are constructed using address records in the DNS. The original RBL just used the address 127.0.0.1 on the right hand side of each record, but the RBL+ list and some other lists use a number of values with different meanings. The values used on the RBL+ list are: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 20* left 80* left .irow 127.1.0.1 "RBL" .irow 127.1.0.2 "DUL" .irow 127.1.0.3 "DUL and RBL" @@ -32855,7 +32659,7 @@ may start returning other addresses. Because of this, Exim now ignores returned values outside the 127/8 region. -.section "Variables set from DNS lists" "SECID204" +.subsection "Variables set from DNS lists" SECID204 .cindex "expansion" "variables, set from DNS list" .cindex "DNS list" "variables set from" .vindex "&$dnslist_domain$&" @@ -32901,7 +32705,7 @@ deny hosts = !+local_networks -.section "Additional matching conditions for DNS lists" "SECTaddmatcon" +.subsection "Additional matching conditions for DNS lists" SECTaddmatcon .cindex "DNS list" "matching specific returned data" You can add an equals sign and an IP address after a &%dnslists%& domain name in order to restrict its action to DNS records with a matching right hand side. @@ -32947,7 +32751,7 @@ an odd number. -.section "Negated DNS matching conditions" "SECID205" +.subsection "Negated DNS matching conditions" SECID205 You can supply a negative list of IP addresses as part of a &%dnslists%& condition. Whereas .code @@ -33001,7 +32805,7 @@ deny dnslists = zen.spamhaus.org!&0.255.255.0 -.section "Handling multiple DNS records from a DNS list" "SECThanmuldnsrec" +.subsection "Handling multiple DNS records from a DNS list" SECThanmuldnsrec A DNS lookup for a &%dnslists%& condition may return more than one DNS record, thereby providing more than one IP address. When an item in a &%dnslists%& list is followed by &`=`& or &`&&`& and a list of IP addresses, in order to restrict @@ -33065,7 +32869,7 @@ between &`=`& and &`==`& and between &`&&`& and &`=&&`&. -.section "Detailed information from merged DNS lists" "SECTmordetinf" +.subsection "Detailed information from merged DNS lists" SECTmordetinf .cindex "DNS list" "information from merged" When the facility for restricting the matching IP values in a DNS list is used, the text from the TXT record that is set in &$dnslist_text$& may not reflect @@ -33114,7 +32918,7 @@ done. Only if there is a match is one of the more specific lists consulted. -.section "DNS lists and IPv6" "SECTmorednslistslast" +.subsection "DNS lists and IPv6" SECTmorednslistslast .cindex "IPv6" "DNS black lists" .cindex "DNS list" "IPv6 usage" If Exim is asked to do a dnslist lookup for an IPv6 address, it inverts it @@ -33148,9 +32952,8 @@ address you should specify alternate list separators for both the outer .endd -.new .section "Previously seen user and hosts" "SECTseen" -.cindex "&%sseen%& ACL condition" +.cindex "&%seen%& ACL condition" .cindex greylisting The &%seen%& ACL condition can be used to test whether a situation has been previously met. @@ -33201,7 +33004,6 @@ An explicit interval can be set using a Note that &"seen"& should be added to the list of hints databases for maintenance if this ACL condition is used. -.wen .section "Rate limiting incoming messages" "SECTratelimiting" @@ -33272,7 +33074,7 @@ behaviour. The lookup key is not affected by changes to the update mode and the &%count=%& option. -.section "Ratelimit options for what is being measured" "ratoptmea" +.subsection "Ratelimit options for what is being measured" ratoptmea .cindex "rate limiting" "per_* options" The &%per_conn%& option limits the client's connection rate. It is not normally used in the &%acl_not_smtp%&, &%acl_not_smtp_mime%&, or @@ -33319,7 +33121,7 @@ other than &%acl_smtp_rcpt%&). The count does not have to be an integer. The &%unique=%& option is described in section &<>& below. -.section "Ratelimit update modes" "ratoptupd" +.subsection "Ratelimit update modes" ratoptupd .cindex "rate limiting" "reading data without updating" You can specify one of three options with the &%ratelimit%& condition to control when its database is updated. This section describes the &%readonly%& @@ -33360,7 +33162,7 @@ update mode defaults to &%readonly%& and you cannot specify the &%strict%& or next section) so you must specify the &%readonly%& option explicitly. -.section "Ratelimit options for handling fast clients" "ratoptfast" +.subsection "Ratelimit options for handling fast clients" ratoptfast .cindex "rate limiting" "strict and leaky modes" If a client's average rate is greater than the maximum, the rate limiting engine can react in two possible ways, depending on the presence of the @@ -33391,7 +33193,7 @@ attempt to send mail can be calculated with this formula: .endd -.section "Limiting the rate of different events" "ratoptuniq" +.subsection "Limiting the rate of different events" ratoptuniq .cindex "rate limiting" "counting unique events" The &%ratelimit%& &%unique=%& option controls a mechanism for counting the rate of different events. For example, the &%per_addr%& option uses this @@ -33429,7 +33231,7 @@ are logged incorrectly; any countermeasures you configure will be as effective as intended. -.section "Using rate limiting" "useratlim" +.subsection "Using rate limiting" useratlim Exim's other ACL facilities are used to define what counter-measures are taken when the rate limit is exceeded. This might be anything from logging a warning (for example, while measuring existing sending rates in order to define @@ -33646,19 +33448,17 @@ output before performing a callout in an ACL, to avoid unexpected timeouts in clients when the SMTP PIPELINING extension is in use. The flushing can be disabled by using a &%control%& modifier to set &%no_callout_flush%&. -.new .cindex "tainted data" "de-tainting" -.cindex "de-tainting" "using receipient verify" +.cindex "de-tainting" "using recipient verify" A recipient callout which gets a 2&'xx'& code will assign untainted values to the &$domain_data$& and &$local_part_data$& variables, corresponding to the domain and local parts of the recipient address. -.wen -.section "Additional parameters for callouts" "CALLaddparcall" +.subsection "Additional parameters for callouts" CALLaddparcall .cindex "callout" "additional parameters for" The &%callout%& option can be followed by an equals sign and a number of optional parameters, separated by commas. For example: @@ -33846,7 +33646,7 @@ actual callouts are performed than when an empty sender or postmaster is used. -.section "Callout caching" "SECTcallvercache" +.subsection "Callout caching" SECTcallvercache .cindex "hints database" "callout cache" .cindex "callout" "cache, description of" .cindex "caching" "callout" @@ -35481,10 +35281,8 @@ discussed below. .vitem &*header_line&~*header_last*& A pointer to the last of the header lines. -.new .vitem &*const&~uschar&~*headers_charset*& The value of the &%headers_charset%& configuration option. -.wen .vitem &*BOOL&~host_checking*& This variable is TRUE during a host checking session that is initiated by the @@ -35768,7 +35566,7 @@ added zero byte is not included in the returned count. .vitem &*int&~lss_match_domain(uschar&~*domain,&~uschar&~*list)*& This function checks for a match in a domain list. Domains are always matched caselessly. The return value is one of the following: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 15* left 85* left .irow &`OK`& "match succeeded" .irow &`FAIL`& "match failed" .irow &`DEFER`& "match deferred" @@ -36503,7 +36301,8 @@ incoming SMTP message from a source that is not permitted to send them. -.section "Resent- header lines" "SECID220" +.section "Header lines" +.subsection "Resent- header lines" SECID220 .chindex Resent- RFC 2822 makes provision for sets of header lines starting with the string &`Resent-`& to be added to a message when it is resent by the original @@ -36544,14 +36343,14 @@ The logic for adding &'Sender:'& is duplicated for &'Resent-Sender:'& when any -.section "The Auto-Submitted: header line" "SECID221" +.subsection Auto-Submitted: SECID221 Whenever Exim generates an autoreply, a bounce, or a delay warning message, it includes the header line: .code Auto-Submitted: auto-replied .endd -.section "The Bcc: header line" "SECID222" +.subsection Bcc: SECID222 .cindex "&'Bcc:'& header line" If Exim is called with the &%-t%& option, to take recipient addresses from a message's header, it removes any &'Bcc:'& header line that may exist (after @@ -36559,13 +36358,13 @@ extracting its addresses). If &%-t%& is not present on the command line, any existing &'Bcc:'& is not removed. -.section "The Date: header line" "SECID223" +.subsection Date: SECID223 .cindex Date: If a locally-generated or submission-mode message has no &'Date:'& header line, Exim adds one, using the current date and time, unless the &%suppress_local_fixups%& control has been specified. -.section "The Delivery-date: header line" "SECID224" +.subsection Delivery-date: SECID224 .cindex "&'Delivery-date:'& header line" .oindex "&%delivery_date_remove%&" &'Delivery-date:'& header lines are not part of the standard RFC 2822 header @@ -36576,7 +36375,7 @@ set (the default), Exim removes &'Delivery-date:'& header lines from incoming messages. -.section "The Envelope-to: header line" "SECID225" +.subsection Envelope-to: SECID225 .chindex Envelope-to: .oindex "&%envelope_to_remove%&" &'Envelope-to:'& header lines are not part of the standard RFC 2822 header set. @@ -36587,7 +36386,7 @@ messages in transit. If the &%envelope_to_remove%& configuration option is set messages. -.section "The From: header line" "SECTthefrohea" +.subsection From: SECTthefrohea .chindex From: .cindex "Sendmail compatibility" "&""From""& line" .cindex "message" "submission" @@ -36630,7 +36429,7 @@ user, this is replaced by an address containing the user's login name and full name as described in section &<>&. -.section "The Message-ID: header line" "SECID226" +.subsection Message-ID: SECID226 .chindex Message-ID: .cindex "message" "submission" .oindex "&%message_id_header_text%&" @@ -36645,7 +36444,7 @@ in this header line by setting the &%message_id_header_text%& and/or &%message_id_header_domain%& options. -.section "The Received: header line" "SECID227" +.subsection Received: SECID227 .chindex Received: A &'Received:'& header line is added at the start of every message. The contents are defined by the &%received_header_text%& configuration option, and @@ -36661,7 +36460,7 @@ changed to the time of acceptance, which is (apart from a small delay while the -H spool file is written) the earliest time at which delivery could start. -.section "The References: header line" "SECID228" +.subsection References: SECID228 .chindex References: Messages created by the &(autoreply)& transport include a &'References:'& header line. This is constructed according to the rules that are described in @@ -36675,7 +36474,7 @@ incoming message. If there are more than 12, the first one and then the final -.section "The Return-path: header line" "SECID229" +.subsection Return-path: SECID229 .chindex Return-path: .oindex "&%return_path_remove%&" &'Return-path:'& header lines are defined as something an MTA may insert when @@ -36686,7 +36485,7 @@ default), Exim removes &'Return-path:'& header lines from incoming messages. -.section "The Sender: header line" "SECTthesenhea" +.subsection Sender: SECTthesenhea .cindex "&'Sender:'& header line" .cindex "message" "submission" .chindex Sender: @@ -37091,7 +36890,7 @@ square bracket of the IP address. -.section "Errors in outgoing SMTP" "SECToutSMTPerr" +.subsection "Errors in outgoing SMTP" SECToutSMTPerr .cindex "error" "in outgoing SMTP" .cindex "SMTP" "errors in outgoing" .cindex "host" "error" @@ -37326,7 +37125,7 @@ however, available with &'inetd'&. Exim can be configured to verify addresses in incoming SMTP commands as they are received. See chapter &<>& for details. It can also be configured to rewrite addresses at this time &-- before any syntax checking is done. See -section &<>&. +section &<>&. Exim can also be configured to limit the rate at which a client host submits MAIL and RCPT commands in a single SMTP session. See the @@ -37334,7 +37133,7 @@ MAIL and RCPT commands in a single SMTP session. See the -.section "Unrecognized SMTP commands" "SECID234" +.subsection "Unrecognized SMTP commands" SECID234 .cindex "SMTP" "unrecognized commands" If Exim receives more than &%smtp_max_unknown_commands%& unrecognized SMTP commands during a single SMTP connection, it drops the connection after sending @@ -37344,7 +37143,7 @@ abuse that subvert web servers into making connections to SMTP ports; in these circumstances, a number of non-SMTP lines are sent first. -.section "Syntax and protocol errors in SMTP commands" "SECID235" +.subsection "Syntax and protocol errors in SMTP commands" SECID235 .cindex "SMTP" "syntax errors" .cindex "SMTP" "protocol errors" A syntax error is detected if an SMTP command is recognized, but there is @@ -37358,7 +37157,7 @@ broken clients that loop sending bad commands (yes, it has been seen). -.section "Use of non-mail SMTP commands" "SECID236" +.subsection "Use of non-mail SMTP commands" SECID236 .cindex "SMTP" "non-mail commands" The &"non-mail"& SMTP commands are those other than MAIL, RCPT, and DATA. Exim counts such commands, and drops the connection if there are too @@ -37387,7 +37186,7 @@ specific badly-behaved hosts that you have to live with. -.section "The VRFY and EXPN commands" "SECID237" +.subsection "The VRFY and EXPN commands" SECID237 When Exim receives a VRFY or EXPN command on a TCP/IP connection, it runs the ACL specified by &%acl_smtp_vrfy%& or &%acl_smtp_expn%& (as appropriate) in order to decide whether the command should be accepted or not. @@ -37408,12 +37207,12 @@ EXPN is treated as an &"address test"& (similar to the &%-bt%& option) rather than a verification (the &%-bv%& option). If an unqualified local part is given as the argument to EXPN, it is qualified with &%qualify_domain%&. Rejections of VRFY and EXPN commands are logged on the main and reject logs, and -VRFY verification failures are logged on the main log for consistency with +VRFY verification failures are logged in the main log for consistency with RCPT failures. -.section "The ETRN command" "SECTETRN" +.subsection "The ETRN command" SECTETRN .cindex "ETRN" "processing" .cindex "ESMTP extensions" ETRN RFC 1985 describes an ESMTP command called ETRN that is designed to @@ -38665,7 +38464,7 @@ One line is written to the main log for each message received, and for each successful, unsuccessful, and delayed delivery. These lines can readily be picked out by the distinctive two-character flags that immediately follow the timestamp. The flags are: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 10* left 90* left .irow &%<=%& "message arrival" .irow &%(=%& "message fakereject" .irow &%=>%& "normal message delivery" @@ -38993,7 +38792,7 @@ log_selector = +arguments -retry_defer .endd The list of optional log items is in the following table, with the default selection marked by asterisks: -.itable none 0 0 3 1pt left 10pt center 1pt left +.itable none 0 0 3 2.8in left 10pt center 3in left .irow &`8bitmime`&   "received 8BITMIME status" .irow &`acl_warn_skipped`& * "skipped &%warn%& statement in ACL" .irow &`address_rewrite`&   "address rewriting" @@ -39548,7 +39347,7 @@ but the format of the output is different. For this reason, there are some system configuration options that configure exactly how &'exiwhat'& works. If it doesn't seem to be working for you, check the following compile-time options: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 30* left 70* left .irow &`EXIWHAT_PS_CMD`& "the command for running &'ps'&" .irow &`EXIWHAT_PS_ARG`& "the argument for &'ps'&" .irow &`EXIWHAT_EGREP_ARG`& "the argument for &'egrep'& to select from &'ps'& output" @@ -39648,9 +39447,7 @@ overriding the built-in one. .endlist There is one more option, &%-h%&, which outputs a list of options. -.new At least one selection option, or either the &*-c*& or &*-h*& option, must be given. -.wen @@ -40033,12 +39830,10 @@ in a transport) .cindex "&'exim_dumpdb'&" The entire contents of a database are written to the standard output by the &'exim_dumpdb'& program, -.new taking as arguments the spool and database names. An option &'-z'& may be given to request times in UTC; otherwise times are in the local timezone. An option &'-k'& may be given to dump only the record keys. -.wen For example, to dump the retry database: .code exim_dumpdb /var/spool/exim retry @@ -40143,11 +39938,9 @@ resets the time of the next delivery attempt. Time values are given as a sequence of digit pairs for year, month, day, hour, and minute. Colons can be used as optional separators. -.new Both displayed and input times are in the local timezone by default. If an option &'-z'& is used on the command line, displayed times are in UTC. -.wen @@ -41170,7 +40963,6 @@ was received, in the conventional Unix form &-- the number of seconds since the start of the epoch. The second number is a count of the number of messages warning of delayed delivery that have been sent to the sender. -.new There follow a number of lines starting with a hyphen. These contain variables, can appear in any order, and are omitted when not relevant. @@ -41181,7 +40973,6 @@ If there is a value in parentheses, the data is quoted for a lookup. The following word specifies a variable, and the remainder of the item depends on the variable. -.wen .vlist .vitem "&%-acl%&&~<&'number'&>&~<&'length'&>" @@ -41500,8 +41291,8 @@ where you accept mail from relay sources (internal hosts or authenticated senders). -.section "Signing outgoing messages" "SECDKIMSIGN" -.cindex "DKIM" "signing" +.subsection "Signing outgoing messages" SECDKIMSIGN +.cindex DKIM signing For signing to be usable you must have published a DKIM record in DNS. Note that RFC 8301 (which does not cover EC keys) says: @@ -41526,6 +41317,7 @@ The domain(s) you want to sign with. After expansion, this can be a list. Each element in turn, lowercased, +.vindex "&$dkim_domain$&" is put into the &%$dkim_domain%& expansion variable while expanding the remaining signing options. If it is empty after expansion, DKIM signing is not done, @@ -41535,6 +41327,7 @@ and no error will result even if &%dkim_strict%& is set. This sets the key selector string. After expansion, which can use &$dkim_domain$&, this can be a list. Each element in turn is put in the expansion +.vindex "&$dkim_selector$&" variable &%$dkim_selector%& which may be used in the &%dkim_private_key%& option along with &%$dkim_domain%&. If the option is empty after expansion, DKIM signing is not done for this domain, @@ -41682,8 +41475,8 @@ both creation (t=) and expiry (x=) tags will be included. RFC 6376 lists these tags as RECOMMENDED. -.section "Verifying DKIM signatures in incoming mail" "SECDKIMVFY" -.cindex "DKIM" "verification" +.subsection "Verifying DKIM signatures in incoming mail" SECDKIMVFY +.cindex DKIM verification Verification of DKIM signatures in SMTP incoming email is done for all messages for which an ACL control &%dkim_disable_verify%& has not been set. @@ -42152,7 +41945,7 @@ The lookup will return the same result strings as can appear in -.section "SRS (Sender Rewriting Scheme)" SECTSRS +.subsection "SRS (Sender Rewriting Scheme)" SECTSRS .cindex SRS "sender rewriting scheme" SRS can be used to modify sender addresses when forwarding so that @@ -42188,6 +41981,7 @@ There is no need to periodically change this key; a timestamp is also encoded. The second argument should be given as the envelope sender address before this encoding operation. +If this value is empty the the expansion result will be empty. The third argument should be the recipient domain of the message when it arrived at this system. .endlist @@ -42273,7 +42067,8 @@ This description assumes that headers will be in /usr/local/include, and that the libraries are in /usr/local/lib. -. subsection +.subsection Configuration SSECDMARCCONFIG +.cindex DMARC configuration There are three main-configuration options: .cindex DMARC "configuration options" @@ -42314,9 +42109,9 @@ If not set (the default), the From: header is expanded from the dsn_from option, and <> is used for the envelope from. -. I wish we had subsections... - +.subsection Controls SSECDMARCCONTROLS .cindex DMARC controls + By default, the DMARC processing will run for any remote, non-authenticated user. It makes sense to only verify DMARC status of messages coming from remote, untrusted sources. You can @@ -42347,7 +42142,8 @@ send them.) There are no options to either control. Both must appear before the DATA acl. -. subsection +.subsection ACL SSECDMARCACL +.cindex DMARC "ACL condition" DMARC checks cam be run on incoming SMTP messages by using the &"dmarc_status"& ACL condition in the DATA ACL. You are required to @@ -42361,7 +42157,7 @@ The &"dmarc_status"& condition takes a list of strings on its right-hand side. These strings describe recommended action based on the DMARC check. To understand what the policy recommendations mean, refer to the DMARC website above. Valid strings are: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 20* left 80* left .irow &'accept'& "The DMARC check passed and the library recommends accepting the email" .irow &'reject'& "The DMARC check failed and the library recommends rejecting the email" .irow &'quarantine'& "The DMARC check failed and the library recommends keeping it for further inspection" @@ -42415,7 +42211,8 @@ are "none", "reject" and "quarantine". It is blank when there is any error, including no DMARC record. .endlist -. subsection +.subsection Logging SSECDMARCLOGGING +.cindex DMARC logging By default, Exim's DMARC configuration is intended to be non-intrusive and conservative. To facilitate this, Exim will not @@ -42442,7 +42239,8 @@ Configure, somewhere before the DATA ACL, the control option to enable sending DMARC forensic reports .endlist -. subsection +.subsection Example SSECDMARCEXAMPLE +.cindex DMARC example Example usage: .code @@ -42536,7 +42334,7 @@ within &%proxy_protocol_timeout%&, which defaults to 3s. The following expansion variables are usable (&"internal"& and &"external"& here refer to the interfaces of the proxy): -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 30* left 70* left .irow $proxy_external_address "IP of host being proxied or IP of remote interface of proxy" .irow $proxy_external_port "Port of host being proxied or Port on remote interface of proxy" .irow $proxy_local_address "IP of proxy server inbound or IP of local interface of proxy" @@ -42589,7 +42387,7 @@ is an IP address and any subsequent elements are options. Options are a string =. The list of options is in the following table: -.itable none 0 0 2 1pt left 1pt left +.itable none 0 0 2 10* left 90* left .irow &'auth'& "authentication method" .irow &'name'& "authentication username" .irow &'pass'& "authentication password" @@ -42713,7 +42511,7 @@ This is usually for use in a Message Submission Agent context, but could be used for any message. If a value is appended it may be: -.itable none 0 0 2 1pt right 1pt left +.itable none 0 0 2 5* right 95* left .irow &`1`& "mandatory downconversion" .irow &`0`& "no downconversion" .irow &`-1`& "if SMTPUTF8 not supported by destination host" @@ -42817,26 +42615,25 @@ Events have names which correspond to the point in process at which they fire. The name is placed in the variable &$event_name$& and the event action expansion must check this, as it will be called for every possible event type. -.new The current list of events is: -.itable all 0 0 4 1pt left 1pt center 1pt center 1pt left -.irow dane:fail after transport "per connection" -.irow msg:complete after main "per message" -.irow msg:defer after transport "per message per delivery try" -.irow msg:delivery after transport "per recipient" -.irow msg:rcpt:host:defer after transport "per recipient per host" -.irow msg:rcpt:defer after transport "per recipient" -.irow msg:host:defer after transport "per host per delivery try; host errors" -.irow msg:fail:delivery after transport "per recipient" -.irow msg:fail:internal after main "per recipient" -.irow tcp:connect before transport "per connection" -.irow tcp:close after transport "per connection" -.irow tls:cert before both "per certificate in verification chain" -.irow tls:fail:connect after main "per connection" -.irow smtp:connect after transport "per connection" -.irow smtp:ehlo after transport "per connection" +.itable all 0 0 4 25* left 10* center 15* center 50* left +.row auth:fail after both "per driver per authentication attempt" +.row dane:fail after transport "per connection" +.row msg:complete after main "per message" +.row msg:defer after transport "per message per delivery try" +.row msg:delivery after transport "per recipient" +.row msg:rcpt:host:defer after transport "per recipient per host" +.row msg:rcpt:defer after transport "per recipient" +.row msg:host:defer after transport "per host per delivery try; host errors" +.row msg:fail:delivery after transport "per recipient" +.row msg:fail:internal after main "per recipient" +.row tcp:connect before transport "per connection" +.row tcp:close after transport "per connection" +.row tls:cert before both "per certificate in verification chain" +.row tls:fail:connect after main "per connection" +.row smtp:connect after transport "per connection" +.row smtp:ehlo after transport "per connection" .endtable -.wen New event types may be added in future. The event name is a colon-separated list, defining the type of @@ -42852,19 +42649,20 @@ should define the event action. An additional variable, &$event_data$&, is filled with information varying with the event type: -.itable all 0 0 2 1pt left 1pt left -.irow dane:fail "failure reason" -.irow msg:defer "error string" -.irow msg:delivery "smtp confirmation message" -.irow msg:fail:internal "failure reason" -.irow msg:fail:delivery "smtp error message" -.irow msg:host:defer "error string" -.irow msg:rcpt:host:defer "error string" -.irow msg:rcpt:defer "error string" -.irow tls:cert "verification chain depth" -.irow tls:fail:connect "error string" -.irow smtp:connect "smtp banner" -.irow smtp:ehlo "smtp ehlo response" +.itable all 0 0 2 20* left 80* left +.row auth:fail "smtp response" +.row dane:fail "failure reason" +.row msg:defer "error string" +.row msg:delivery "smtp confirmation message" +.row msg:fail:internal "failure reason" +.row msg:fail:delivery "smtp error message" +.row msg:host:defer "error string" +.row msg:rcpt:host:defer "error string" +.row msg:rcpt:defer "error string" +.row tls:cert "verification chain depth" +.row tls:fail:connect "error string" +.row smtp:connect "smtp banner" +.row smtp:ehlo "smtp ehlo response" .endtable The :defer events populate one extra variable: &$event_defer_errno$&. @@ -42885,10 +42683,11 @@ a useful way of writing to the main log. The expansion of the event_action option should normally return an empty string. Should it return anything else the following will be forced: -.itable all 0 0 2 1pt left 1pt left -.irow tcp:connect "do not connect" -.irow tls:cert "refuse verification" -.irow smtp:connect "close connection" +.itable all 0 0 2 20* left 80* left +.row auth:fail "log information to write" +.row tcp:connect "do not connect" +.row tls:cert "refuse verification" +.row smtp:connect "close connection" .endtable All other message types ignore the result string, and no other use is made of it.