Stripped all .new/.wen except the exemplar. 4.75 was a stabilisation
release, reset the accumulation of "this is new".
. the <bookinfo> element must also be updated for each new edition.
. /////////////////////////////////////////////////////////////////////////////
. the <bookinfo> element must also be updated for each new edition.
. /////////////////////////////////////////////////////////////////////////////
-.set previousversion "4.72"
+.set previousversion "4.75"
.set version "4.75"
.set ACL "access control lists (ACLs)"
.set version "4.75"
.set ACL "access control lists (ACLs)"
impose its own quotas on local mailboxes; where system quotas are set they will
also apply.
impose its own quotas on local mailboxes; where system quotas are set they will
also apply.
If a host is unreachable for a period of time, a number of messages may be
waiting for it by the time it recovers, and sending them in a single SMTP
connection is clearly beneficial. Whenever a delivery to a remote host is
If a host is unreachable for a period of time, a number of messages may be
waiting for it by the time it recovers, and sending them in a single SMTP
connection is clearly beneficial. Whenever a delivery to a remote host is
for the same host. If any are found, they are sent over the same SMTP
connection, subject to a configuration limit as to the maximum number in any
one connection.
for the same host. If any are found, they are sent over the same SMTP
connection, subject to a configuration limit as to the maximum number in any
one connection.
.section "Use of tcpwrappers" "SECID27"
.cindex "tcpwrappers, building Exim to support"
.section "Use of tcpwrappers" "SECID27"
.cindex "tcpwrappers, building Exim to support"
in &_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
configure file. Consult the &'tcpwrappers'& documentation for
further details.
in &_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
configure file. Consult the &'tcpwrappers'& documentation for
further details.
.section "Including support for IPv6" "SECID28"
.section "Including support for IPv6" "SECID28"
.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
.cindex "lookup modules"
.cindex "dynamic modules"
.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
.cindex "lookup modules"
.cindex "dynamic modules"
LOOKUP_SQLITE=2
LOOKUP_MYSQL=2
.endd
LOOKUP_SQLITE=2
LOOKUP_MYSQL=2
.endd
.section "The building process" "SECID29"
.cindex "build directory"
.section "The building process" "SECID29"
.cindex "build directory"
The same output is generated if the Exim binary is called with no options and
no arguments.
The same output is generated if the Exim binary is called with no options and
no arguments.
.vitem &%--version%&
.oindex "&%--version%&"
This option is an alias for &%-bV%& and causes version information to be
displayed.
.vitem &%--version%&
.oindex "&%--version%&"
This option is an alias for &%-bV%& and causes version information to be
displayed.
.vitem &%-B%&<&'type'&>
.oindex "&%-B%&"
.vitem &%-B%&<&'type'&>
.oindex "&%-B%&"
Exim behaves in exactly the same way as it does when receiving a message via
the listening daemon.
Exim behaves in exactly the same way as it does when receiving a message via
the listening daemon.
.vitem &%-bmalware%&&~<&'filename'&>
.oindex "&%-bmalware%&"
.cindex "testing", "malware"
.vitem &%-bmalware%&&~<&'filename'&>
.oindex "&%-bmalware%&"
.cindex "testing", "malware"
The &%-bmalware%& option will not be extended to be more generally useful,
there are better tools for file-scanning. This option exists to help
administrators verify their Exim and AV scanner configuration.
The &%-bmalware%& option will not be extended to be more generally useful,
there are better tools for file-scanning. This option exists to help
administrators verify their Exim and AV scanner configuration.
.vitem &%-bt%&
.oindex "&%-bt%&"
.vitem &%-bt%&
.oindex "&%-bt%&"
those conditions using &%-bt%&. The &%-N%& option provides a possible way of
doing such tests.
those conditions using &%-bt%&. The &%-N%& option provides a possible way of
doing such tests.
.vitem &%-bV%&
.oindex "&%-bV%&"
.cindex "version number of Exim"
.vitem &%-bV%&
.oindex "&%-bV%&"
.cindex "version number of Exim"
It also lists the DBM library that is being used, the optional modules (such as
specific lookup types), the drivers that are included in the binary, and the
name of the run time configuration file that is in use.
It also lists the DBM library that is being used, the optional modules (such as
specific lookup types), the drivers that are included in the binary, and the
name of the run time configuration file that is in use.
As part of its operation, &%-bV%& causes Exim to read and syntax check its
configuration file. However, this is a static check only. It cannot check
values that are to be expanded. For example, although a misspelt ACL verb is
As part of its operation, &%-bV%& causes Exim to read and syntax check its
configuration file. However, this is a static check only. It cannot check
values that are to be expanded. For example, although a misspelt ACL verb is
file that exists is used. Failure to open an existing file stops Exim from
proceeding any further along the list, and an error is generated.
file that exists is used. Failure to open an existing file stops Exim from
proceeding any further along the list, and an error is generated.
When this option is used by a caller other than root, and the list is different
from the compiled-in list, Exim gives up its root privilege immediately, and
runs with the real and effective uid and gid set to those of the caller.
When this option is used by a caller other than root, and the list is different
from the compiled-in list, Exim gives up its root privilege immediately, and
runs with the real and effective uid and gid set to those of the caller.
delivery, the use of &%-C%& causes privilege to be lost. However, root can
test reception and delivery using two separate commands (one to put a message
on the queue, using &%-odq%&, and another to do the delivery, using &%-M%&).
delivery, the use of &%-C%& causes privilege to be lost. However, root can
test reception and delivery using two separate commands (one to put a message
on the queue, using &%-odq%&, and another to do the delivery, using &%-M%&).
If ALT_CONFIG_PREFIX is defined &_in Local/Makefile_&, it specifies a
prefix string with which any file named in a &%-C%& command line option
must start. In addition, the file name must not contain the sequence &`/../`&.
If ALT_CONFIG_PREFIX is defined &_in Local/Makefile_&, it specifies a
prefix string with which any file named in a &%-C%& command line option
must start. In addition, the file name must not contain the sequence &`/../`&.
If DISABLE_D_OPTION is defined in &_Local/Makefile_&, the use of &%-D%& is
completely disabled, and its use causes an immediate error exit.
If DISABLE_D_OPTION is defined in &_Local/Makefile_&, the use of &%-D%& is
completely disabled, and its use causes an immediate error exit.
If WHITELIST_D_MACROS is defined in &_Local/Makefile_& then it should be a
colon-separated list of macros which are considered safe and, if &%-D%& only
supplies macros from this list, and the values are acceptable, then Exim will
If WHITELIST_D_MACROS is defined in &_Local/Makefile_& then it should be a
colon-separated list of macros which are considered safe and, if &%-D%& only
supplies macros from this list, and the values are acceptable, then Exim will
the CONFIGURE_OWNER, if set. This is a transition mechanism and is expected
to be removed in the future. Acceptable values for the macros satisfy the
regexp: &`^[A-Za-z0-9_/.-]*$`&
the CONFIGURE_OWNER, if set. This is a transition mechanism and is expected
to be removed in the future. Acceptable values for the macros satisfy the
regexp: &`^[A-Za-z0-9_/.-]*$`&
The entire option (including equals sign if present) must all be within one
command line item. &%-D%& can be used to set the value of a macro to the empty
string, in which case the equals sign is optional. These two commands are
The entire option (including equals sign if present) must all be within one
command line item. &%-D%& can be used to set the value of a macro to the empty
string, in which case the equals sign is optional. These two commands are
This option causes the contents of the message body (-D) spool file to be
written to the standard output. This option can be used only by an admin user.
This option causes the contents of the message body (-D) spool file to be
written to the standard output. This option can be used only by an admin user.
.vitem &%-Mvc%&&~<&'message&~id'&>
.oindex "&%-Mvc%&"
.cindex "message" "listing in RFC 2822 format"
.vitem &%-Mvc%&&~<&'message&~id'&>
.oindex "&%-Mvc%&"
.cindex "message" "listing in RFC 2822 format"
This option causes a copy of the complete message (header lines plus body) to
be written to the standard output in RFC 2822 format. This option can be used
only by an admin user.
This option causes a copy of the complete message (header lines plus body) to
be written to the standard output in RFC 2822 format. This option can be used
only by an admin user.
.vitem &%-Mvh%&&~<&'message&~id'&>
.oindex "&%-Mvh%&"
.cindex "listing" "message headers"
.vitem &%-Mvh%&&~<&'message&~id'&>
.oindex "&%-Mvh%&"
.cindex "listing" "message headers"
give a colon-separated list of file names, in which case Exim uses the first
existing file in the list.
give a colon-separated list of file names, in which case Exim uses the first
existing file in the list.
.cindex "EXIM_USER"
.cindex "EXIM_GROUP"
.cindex "CONFIGURE_OWNER"
.cindex "EXIM_USER"
.cindex "EXIM_GROUP"
.cindex "CONFIGURE_OWNER"
be writeable by the Exim user and/or group. That has been changed in Exim 4.73
since it offered a simple privilege escalation for any attacker who managed to
compromise the Exim user account.
be writeable by the Exim user and/or group. That has been changed in Exim 4.73
since it offered a simple privilege escalation for any attacker who managed to
compromise the Exim user account.
A default configuration file, which will work correctly in simple situations,
is provided in the file &_src/configure.default_&. If CONFIGURE_FILE
defines just one file name, the installation process copies the default
A default configuration file, which will work correctly in simple situations,
is provided in the file &_src/configure.default_&. If CONFIGURE_FILE
defines just one file name, the installation process copies the default
.section "Using a different configuration file" "SECID40"
.cindex "configuration file" "alternate"
A one-off alternate configuration can be specified by the &%-C%& command line
.section "Using a different configuration file" "SECID40"
.cindex "configuration file" "alternate"
A one-off alternate configuration can be specified by the &%-C%& command line
can test reception and delivery using two separate commands (one to put a
message on the queue, using &%-odq%&, and another to do the delivery, using
&%-M%&).
can test reception and delivery using two separate commands (one to put a
message on the queue, using &%-odq%&, and another to do the delivery, using
&%-M%&).
If ALT_CONFIG_PREFIX is defined &_in Local/Makefile_&, it specifies a
prefix string with which any file named in a &%-C%& command line option must
start. In addition, the file name must not contain the sequence &"&`/../`&"&.
If ALT_CONFIG_PREFIX is defined &_in Local/Makefile_&, it specifies a
prefix string with which any file named in a &%-C%& command line option must
start. In addition, the file name must not contain the sequence &"&`/../`&"&.
If DISABLE_D_OPTION is defined in &_Local/Makefile_&, the use of &%-D%& is
completely disabled, and its use causes an immediate error exit.
If DISABLE_D_OPTION is defined in &_Local/Makefile_&, the use of &%-D%& is
completely disabled, and its use causes an immediate error exit.
The WHITELIST_D_MACROS option in &_Local/Makefile_& permits the binary builder
to declare certain macro names trusted, such that root privilege will not
necessarily be discarded.
The WHITELIST_D_MACROS option in &_Local/Makefile_& permits the binary builder
to declare certain macro names trusted, such that root privilege will not
necessarily be discarded.
is root, the Exim run-time user, or the CONFIGURE_OWNER, if set. This is a
transition mechanism and is expected to be removed in the future. Acceptable
values for the macros satisfy the regexp: &`^[A-Za-z0-9_/.-]*$`&
is root, the Exim run-time user, or the CONFIGURE_OWNER, if set. This is a
transition mechanism and is expected to be removed in the future. Acceptable
values for the macros satisfy the regexp: &`^[A-Za-z0-9_/.-]*$`&
Some sites may wish to use the same Exim binary on different machines that
share a file system, but to use different configuration files on each machine.
Some sites may wish to use the same Exim binary on different machines that
share a file system, but to use different configuration files on each machine.
secure (encrypted) LDAP connections. The second of these ensures that an
encrypted TLS connection is used.
secure (encrypted) LDAP connections. The second of these ensures that an
encrypted TLS connection is used.
With sufficiently modern LDAP libraries, Exim supports forcing TLS over regular
LDAP connections, rather than the SSL-on-connect &`ldaps`&.
See the &%ldap_start_tls%& option.
With sufficiently modern LDAP libraries, Exim supports forcing TLS over regular
LDAP connections, rather than the SSL-on-connect &`ldaps`&.
See the &%ldap_start_tls%& option.
.section "LDAP quoting" "SECID68"
.section "LDAP quoting" "SECID68"
.vitem &*${reverse_ip:*&<&'ipaddr'&>&*}*&
.cindex "expansion" "IP address"
This operator reverses an IP address; for IPv4 addresses, the result is in
.vitem &*${reverse_ip:*&<&'ipaddr'&>&*}*&
.cindex "expansion" "IP address"
This operator reverses an IP address; for IPv4 addresses, the result is in
.code
4.2.0.192 and 3.0.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2
.endd
.code
4.2.0.192 and 3.0.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2
.endd
.vitem &*${rfc2047:*&<&'string'&>&*}*&
.vitem &*${rfc2047:*&<&'string'&>&*}*&
.vitem &*bool&~{*&<&'string'&>&*}*&
.cindex "expansion" "boolean parsing"
.cindex "&%bool%& expansion condition"
.vitem &*bool&~{*&<&'string'&>&*}*&
.cindex "expansion" "boolean parsing"
.cindex "&%bool%& expansion condition"
.code
${if bool{$acl_m_privileged_sender} ...
.endd
.code
${if bool{$acl_m_privileged_sender} ...
.endd
.vitem &*bool_lax&~{*&<&'string'&>&*}*&
.cindex "expansion" "boolean parsing"
.cindex "&%bool_lax%& expansion condition"
.vitem &*bool_lax&~{*&<&'string'&>&*}*&
.cindex "expansion" "boolean parsing"
.cindex "&%bool_lax%& expansion condition"
true. Leading and trailing whitespace is ignored.
Note that where &"bool{00}"& is false, &"bool_lax{00}"& is true.
true. Leading and trailing whitespace is ignored.
Note that where &"bool{00}"& is false, &"bool_lax{00}"& is true.
.vitem &*crypteq&~{*&<&'string1'&>&*}{*&<&'string2'&>&*}*&
.cindex "expansion" "encrypted comparison"
.cindex "encrypted strings, comparing"
.vitem &*crypteq&~{*&<&'string1'&>&*}{*&<&'string2'&>&*}*&
.cindex "expansion" "encrypted comparison"
.cindex "encrypted strings, comparing"
lines that are added by ACLs. The blank line that separates the message header
from the body is not counted.
lines that are added by ACLs. The blank line that separates the message header
from the body is not counted.
As with the special case of &$message_size$&, during the expansion of the
appendfile transport's maildir_tag option in maildir format, the value of
&$message_linecount$& is the precise size of the number of newlines in the
file that has been written (minus one for the blank line between the
header and the body).
As with the special case of &$message_size$&, during the expansion of the
appendfile transport's maildir_tag option in maildir format, the value of
&$message_linecount$& is the precise size of the number of newlines in the
file that has been written (minus one for the blank line between the
header and the body).
Here is an example of the use of this variable in a DATA ACL:
.code
Here is an example of the use of this variable in a DATA ACL:
.code
&%ignore_bounce_errors_after%&. It is retained for compatibility, but it is not
thought to be very useful any more, and its use should probably be avoided.
&%ignore_bounce_errors_after%&. It is retained for compatibility, but it is not
thought to be very useful any more, and its use should probably be avoided.
.option av_scanner main string "see below"
This option is available if Exim is built with the content-scanning extension.
It specifies which anti-virus scanner to use. The default value is:
.option av_scanner main string "see below"
This option is available if Exim is built with the content-scanning extension.
It specifies which anti-virus scanner to use. The default value is:
.endd
If the value of &%av_scanner%& starts with a dollar character, it is expanded
before use. See section &<<SECTscanvirus>>& for further details.
.endd
If the value of &%av_scanner%& starts with a dollar character, it is expanded
before use. See section &<<SECTscanvirus>>& for further details.
.option bi_command main string unset
.option bi_command main string unset
.option ldap_ca_cert_dir main string unset
.cindex "LDAP", "TLS CA certificate directory"
This option indicates which directory contains CA certificates for verifying
.option ldap_ca_cert_dir main string unset
.cindex "LDAP", "TLS CA certificate directory"
This option indicates which directory contains CA certificates for verifying
While Exim does not provide a default value, your SSL library may.
Analogous to &%tls_verify_certificates%& but as a client-side option for LDAP
and constrained to be a directory.
While Exim does not provide a default value, your SSL library may.
Analogous to &%tls_verify_certificates%& but as a client-side option for LDAP
and constrained to be a directory.
.option ldap_ca_cert_file main string unset
.cindex "LDAP", "TLS CA certificate file"
This option indicates which file contains CA certificates for verifying
.option ldap_ca_cert_file main string unset
.cindex "LDAP", "TLS CA certificate file"
This option indicates which file contains CA certificates for verifying
While Exim does not provide a default value, your SSL library may.
Analogous to &%tls_verify_certificates%& but as a client-side option for LDAP
and constrained to be a file.
While Exim does not provide a default value, your SSL library may.
Analogous to &%tls_verify_certificates%& but as a client-side option for LDAP
and constrained to be a file.
.option ldap_cert_file main string unset
.cindex "LDAP" "TLS client certificate file"
This option indicates which file contains an TLS client certificate which
Exim should present to the LDAP server during TLS negotiation.
Should be used together with &%ldap_cert_key%&.
.option ldap_cert_file main string unset
.cindex "LDAP" "TLS client certificate file"
This option indicates which file contains an TLS client certificate which
Exim should present to the LDAP server during TLS negotiation.
Should be used together with &%ldap_cert_key%&.
.option ldap_cert_key main string unset
.cindex "LDAP" "TLS client key file"
This option indicates which file contains the secret/private key to use
to prove identity to the LDAP server during TLS negotiation.
Should be used together with &%ldap_cert_file%&, which contains the
identity to be proven.
.option ldap_cert_key main string unset
.cindex "LDAP" "TLS client key file"
This option indicates which file contains the secret/private key to use
to prove identity to the LDAP server during TLS negotiation.
Should be used together with &%ldap_cert_file%&, which contains the
identity to be proven.
.option ldap_cipher_suite main string unset
.cindex "LDAP" "TLS cipher suite"
This controls the TLS cipher-suite negotiation during TLS negotiation with
the LDAP server. See &<<SECTreqciphssl>>& for more details of the format of
cipher-suite options with OpenSSL (as used by LDAP client libraries).
.option ldap_cipher_suite main string unset
.cindex "LDAP" "TLS cipher suite"
This controls the TLS cipher-suite negotiation during TLS negotiation with
the LDAP server. See &<<SECTreqciphssl>>& for more details of the format of
cipher-suite options with OpenSSL (as used by LDAP client libraries).
.option ldap_default_servers main "string list" unset
.option ldap_default_servers main "string list" unset
.option ldap_require_cert main string unset.
.cindex "LDAP" "policy for LDAP server TLS cert presentation"
This should be one of the values "hard", "demand", "allow", "try" or "never".
.option ldap_require_cert main string unset.
.cindex "LDAP" "policy for LDAP server TLS cert presentation"
This should be one of the values "hard", "demand", "allow", "try" or "never".
See the entry "TLS_REQCERT" in your system man page for ldap.conf(5).
Although Exim does not set a default, the LDAP library probably defaults
to hard/demand.
See the entry "TLS_REQCERT" in your system man page for ldap.conf(5).
Although Exim does not set a default, the LDAP library probably defaults
to hard/demand.
.option ldap_start_tls main boolean false
.cindex "LDAP" "whether or not to negotiate TLS"
If set, Exim will attempt to negotiate TLS with the LDAP server when
.option ldap_start_tls main boolean false
.cindex "LDAP" "whether or not to negotiate TLS"
If set, Exim will attempt to negotiate TLS with the LDAP server when
of SSL-on-connect.
In the event of failure to negotiate TLS, the action taken is controlled
by &%ldap_require_cert%&.
of SSL-on-connect.
In the event of failure to negotiate TLS, the action taken is controlled
by &%ldap_require_cert%&.
.option ldap_version main integer unset
.option ldap_version main integer unset
the generic transport option &%message_size_limit%&, which limits the size of
message that an individual transport can process.
the generic transport option &%message_size_limit%&, which limits the size of
message that an individual transport can process.
If you use a virus-scanner and set this option to to a value larger than the
maximum size that your virus-scanner is configured to support, you may get
failures triggered by large mails. The right size to configure for the
If you use a virus-scanner and set this option to to a value larger than the
maximum size that your virus-scanner is configured to support, you may get
failures triggered by large mails. The right size to configure for the
probably safest to just set it to a little larger than this value. Eg, with a
default Exim message size of 50M and a default ClamAV StreamMaxLength of 10M,
some problems may result.
probably safest to just set it to a little larger than this value. Eg, with a
default Exim message size of 50M and a default ClamAV StreamMaxLength of 10M,
some problems may result.
.option move_frozen_messages main boolean false
.option move_frozen_messages main boolean false
.option openssl_options main "string list" +dont_insert_empty_fragments
.cindex "OpenSSL "compatibility options"
This option allows an administrator to adjust the SSL options applied
.option openssl_options main "string list" +dont_insert_empty_fragments
.cindex "OpenSSL "compatibility options"
This option allows an administrator to adjust the SSL options applied
.code
openssl_options = -all +microsoft_big_sslv3_buffer
.endd
.code
openssl_options = -all +microsoft_big_sslv3_buffer
.endd
.option oracle_servers main "string list" unset
.option oracle_servers main "string list" unset
This specifies the transport driver that is to be used when a &%mail%& command
is used in a system filter.
This specifies the transport driver that is to be used when a &%mail%& command
is used in a system filter.
.option system_filter_user main string unset
.cindex "uid (user id)" "system filter"
If this option is set to root, the system filter is run in the main Exim
.option system_filter_user main string unset
.cindex "uid (user id)" "system filter"
If this option is set to root, the system filter is run in the main Exim
If the system filter generates any pipe, file, or reply deliveries, the uid
under which the filter is run is used when transporting them, unless a
transport option overrides.
If the system filter generates any pipe, file, or reply deliveries, the uid
under which the filter is run is used when transporting them, unless a
transport option overrides.
.option tcp_nodelay main boolean true
.option tcp_nodelay main boolean true
directory containing certificate files. This does not work with GnuTLS; the
option must be set to the name of a single file if you are using GnuTLS.
directory containing certificate files. This does not work with GnuTLS; the
option must be set to the name of a single file if you are using GnuTLS.
These certificates should be for the certificate authorities trusted, rather
than the public cert of individual clients. With both OpenSSL and GnuTLS, if
the value is a file then the certificates are sent by Exim as a server to
connecting clients, defining the list of accepted certificate authorities.
Thus the values defined should be considered public data. To avoid this,
use OpenSSL with a directory.
These certificates should be for the certificate authorities trusted, rather
than the public cert of individual clients. With both OpenSSL and GnuTLS, if
the value is a file then the certificates are sent by Exim as a server to
connecting clients, defining the list of accepted certificate authorities.
Thus the values defined should be considered public data. To avoid this,
use OpenSSL with a directory.
.option tls_verify_hosts main "host list&!!" unset
.cindex "TLS" "client certificate verification"
.option tls_verify_hosts main "host list&!!" unset
.cindex "TLS" "client certificate verification"
If the result is any other value, the router is run (as this is the last
precondition to be evaluated, all the other preconditions must be true).
If the result is any other value, the router is run (as this is the last
precondition to be evaluated, all the other preconditions must be true).
This option is unique in that multiple &%condition%& options may be present.
All &%condition%& options must succeed.
This option is unique in that multiple &%condition%& options may be present.
All &%condition%& options must succeed.
The &%condition%& option provides a means of applying custom conditions to the
running of routers. Note that in the case of a simple conditional expansion,
the default expansion values are exactly what is wanted. For example:
The &%condition%& option provides a means of applying custom conditions to the
running of routers. Note that in the case of a simple conditional expansion,
the default expansion values are exactly what is wanted. For example:
If the expansion fails (other than forced failure) delivery is deferred. Some
of the other precondition options are common special cases that could in fact
be specified using &%condition%&.
If the expansion fails (other than forced failure) delivery is deferred. Some
of the other precondition options are common special cases that could in fact
be specified using &%condition%&.
.option debug_print routers string&!! unset
.option debug_print routers string&!! unset
name to the point where the test &[stat()]& call fails with ENAMETOOLONG,
the tag is dropped and the maildir file is created with no tag.
name to the point where the test &[stat()]& call fails with ENAMETOOLONG,
the tag is dropped and the maildir file is created with no tag.
.vindex "&$message_size$&"
Tags can be used to encode the size of files in their names; see
&%quota_size_regex%& above for an example. The expansion of &%maildir_tag%&
.vindex "&$message_size$&"
Tags can be used to encode the size of files in their names; see
&%quota_size_regex%& above for an example. The expansion of &%maildir_tag%&
It is advisable to also set &%quota_size_regex%& when setting &%maildir_tag%&
as this allows Exim to extract the size from your tag, instead of having to
&[stat()]& each message file.
It is advisable to also set &%quota_size_regex%& when setting &%maildir_tag%&
as this allows Exim to extract the size from your tag, instead of having to
&[stat()]& each message file.
.section "Using a maildirsize file" "SECID136"
.section "Using a maildirsize file" "SECID136"
frozen, whatever the setting of &%ignore_status%&.
frozen, whatever the setting of &%ignore_status%&.
.option freeze_signal pipe boolean false
.cindex "signal exit"
.cindex "&(pipe)& transport", "signal exit"
Normally if the process run by a command in a pipe transport exits on a signal,
a bounce message is sent. If &%freeze_signal%& is set, the message will be
frozen in Exim's queue instead.
.option freeze_signal pipe boolean false
.cindex "signal exit"
.cindex "&(pipe)& transport", "signal exit"
Normally if the process run by a command in a pipe transport exits on a signal,
a bounce message is sent. If &%freeze_signal%& is set, the message will be
frozen in Exim's queue instead.
.option ignore_status pipe boolean false
.option ignore_status pipe boolean false
apply to a command specified as a transport filter.
apply to a command specified as a transport filter.
.option permit_coredump pipe boolean false
Normally Exim inhibits core-dumps during delivery. If you have a need to get
a core-dump of a pipe command, enable this command. This enables core-dumps
.option permit_coredump pipe boolean false
Normally Exim inhibits core-dumps during delivery. If you have a need to get
a core-dump of a pipe command, enable this command. This enables core-dumps
resource consumption can be quite high. Note also that Exim is typically
installed as a setuid binary and most operating systems will inhibit coredumps
of these by default, so further OS-specific action may be required.
resource consumption can be quite high. Note also that Exim is typically
installed as a setuid binary and most operating systems will inhibit coredumps
of these by default, so further OS-specific action may be required.
.option pipe_as_creator pipe boolean false
.option pipe_as_creator pipe boolean false
if the client does not supply it (as is the case for LOGIN clients), the prompt
strings are used to obtain two data items.
if the client does not supply it (as is the case for LOGIN clients), the prompt
strings are used to obtain two data items.
Some clients are very particular about the precise text of the prompts. For
example, Outlook Express is reported to recognize only &"Username:"& and
&"Password:"&. Here is an example of a LOGIN authenticator that uses those
Some clients are very particular about the precise text of the prompts. For
example, Outlook Express is reported to recognize only &"Username:"& and
&"Password:"&. Here is an example of a LOGIN authenticator that uses those
correct one to use for the password, because quoting is needed only to make
the password conform to the Exim syntax. At the LDAP level, the password is an
uninterpreted string.
correct one to use for the password, because quoting is needed only to make
the password conform to the Exim syntax. At the LDAP level, the password is an
uninterpreted string.
.section "Support for different kinds of authentication" "SECID174"
A number of string expansion features are provided for the purpose of
.section "Support for different kinds of authentication" "SECID174"
A number of string expansion features are provided for the purpose of
.section "The SMTP DKIM ACL" "SECTDKIMACL"
The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support
enabled (which is the default).
.section "The SMTP DKIM ACL" "SECTDKIMACL"
The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support
enabled (which is the default).
otherwise specified, the default action is to accept.
For details on the operation of DKIM, see chapter &<<CHID12>>&.
otherwise specified, the default action is to accept.
For details on the operation of DKIM, see chapter &<<CHID12>>&.
.section "The SMTP MIME ACL" "SECID194"
.section "The SMTP MIME ACL" "SECID194"
Notice that we put back the lower cased version afterwards, assuming that
is what is wanted for subsequent tests.
Notice that we put back the lower cased version afterwards, assuming that
is what is wanted for subsequent tests.
.vitem &*control&~=&~debug/*&<&'options'&>
.cindex "&ACL;" "enabling debug logging"
.cindex "debugging" "enabling from an ACL"
.vitem &*control&~=&~debug/*&<&'options'&>
.cindex "&ACL;" "enabling debug logging"
.cindex "debugging" "enabling from an ACL"
control = debug/opts=+expand+acl
control = debug/tag=.$message_exim_id/opts=+expand
.endd
control = debug/opts=+expand+acl
control = debug/tag=.$message_exim_id/opts=+expand
.endd
.vitem &*control&~=&~enforce_sync*& &&&
&*control&~=&~no_enforce_sync*&
.vitem &*control&~=&~enforce_sync*& &&&
&*control&~=&~no_enforce_sync*&
specialized interfaces for &"daemon"& type virus scanners, which are resident
in memory and thus are much faster.
specialized interfaces for &"daemon"& type virus scanners, which are resident
in memory and thus are much faster.
.oindex "&%av_scanner%&"
You can set the &%av_scanner%& option in first part of the Exim configuration
file to specify which scanner to use, together with any additional options that
.oindex "&%av_scanner%&"
You can set the &%av_scanner%& option in first part of the Exim configuration
file to specify which scanner to use, together with any additional options that
.endd
If the value of &%av_scanner%& starts with a dollar character, it is expanded
before use. The following scanner types are supported in this release:
.endd
If the value of &%av_scanner%& starts with a dollar character, it is expanded
before use. The following scanner types are supported in this release:
.vlist
.vitem &%aveserver%&
.cindex "virus scanners" "Kaspersky"
.vlist
.vitem &%aveserver%&
.cindex "virus scanners" "Kaspersky"
av_scanner = aveserver:/var/run/aveserver
.endd
av_scanner = aveserver:/var/run/aveserver
.endd
.vitem &%clamd%&
.cindex "virus scanners" "clamd"
This daemon-type scanner is GPL and free. You can get it at
.vitem &%clamd%&
.cindex "virus scanners" "clamd"
This daemon-type scanner is GPL and free. You can get it at
you be running a version of ClamAV prior to 0.95.
If the option is unset, the default is &_/tmp/clamd_&. Thanks to David Saez for
contributing the code for this scanner.
you be running a version of ClamAV prior to 0.95.
If the option is unset, the default is &_/tmp/clamd_&. Thanks to David Saez for
contributing the code for this scanner.
.vitem &%cmdline%&
.cindex "virus scanners" "command line interface"
This is the keyword for the generic command line scanner interface. It can be
.vitem &%cmdline%&
.cindex "virus scanners" "command line interface"
This is the keyword for the generic command line scanner interface. It can be
use the &%demime%& condition (see section &<<SECTdemimecond>>&) before the
&%malware%& condition.
use the &%demime%& condition (see section &<<SECTdemimecond>>&) before the
&%malware%& condition.
Beware the interaction of Exim's &%message_size_limit%& with any size limits
imposed by your anti-virus scanner.
Beware the interaction of Exim's &%message_size_limit%& with any size limits
imposed by your anti-virus scanner.
Here is a very simple scanning example:
.code
Here is a very simple scanning example:
.code
&%spam%& condition for its side effects (see the variables below), you can make
it always return &"true"& by appending &`:true`& to the username.
&%spam%& condition for its side effects (see the variables below), you can make
it always return &"true"& by appending &`:true`& to the username.
.cindex "spam scanning" "returned variables"
When the &%spam%& condition is run, it sets up a number of expansion
variables. These variables are saved with the received message, thus they are
available for use at delivery time.
.cindex "spam scanning" "returned variables"
When the &%spam%& condition is run, it sets up a number of expansion
variables. These variables are saved with the received message, thus they are
available for use at delivery time.
.vlist
.vitem &$spam_score$&
The spam score of the message, for example &"3.4"& or &"30.5"&. This is useful
for inclusion in log or reject messages.
.vlist
.vitem &$spam_score$&
The spam score of the message, for example &"3.4"& or &"30.5"&. This is useful
for inclusion in log or reject messages.
.vitem &$spam_score_int$&
The spam score of the message, multiplied by ten, as an integer value. For
example &"34"& or &"305"&. It may appear to disagree with &$spam_score$&
because &$spam_score$& is rounded and &$spam_score_int$& is truncated.
The integer value is useful for numeric comparisons in conditions.
.vitem &$spam_score_int$&
The spam score of the message, multiplied by ten, as an integer value. For
example &"34"& or &"305"&. It may appear to disagree with &$spam_score$&
because &$spam_score$& is rounded and &$spam_score_int$& is truncated.
The integer value is useful for numeric comparisons in conditions.
.vitem &$spam_bar$&
A string consisting of a number of &"+"& or &"-"& characters, representing the
.vitem &$spam_bar$&
A string consisting of a number of &"+"& or &"-"& characters, representing the
and EHLO act as RSET; VRFY, EXPN, ETRN and HELP, act
as NOOP; QUIT quits.
and EHLO act as RSET; VRFY, EXPN, ETRN and HELP, act
as NOOP; QUIT quits.
Minimal policy checking is done for BSMTP input. Only the non-SMTP
ACL is run in the same way as for non-SMTP local input.
Minimal policy checking is done for BSMTP input. Only the non-SMTP
ACL is run in the same way as for non-SMTP local input.
If an error is detected while reading a message, including a missing &"."& at
the end, Exim gives up immediately. It writes details of the error to the
standard output in a stylized way that the calling program should be able to
If an error is detected while reading a message, including a missing &"."& at
the end, Exim gives up immediately. It writes details of the error to the
standard output in a stylized way that the calling program should be able to
If you do not specify anything at build time or run time, that is where the
logs are written.
If you do not specify anything at build time or run time, that is where the
logs are written.
A log file path may also contain &`%D`& or &`%M`& if datestamped log file names
are in use &-- see section &<<SECTdatlogfil>>& below.
A log file path may also contain &`%D`& or &`%M`& if datestamped log file names
are in use &-- see section &<<SECTdatlogfil>>& below.
Here are some examples of possible settings:
.display
Here are some examples of possible settings:
.display
.section "Datestamped log files" "SECTdatlogfil"
.cindex "log" "datestamped files"
Instead of cycling the main and reject log files by renaming them
.section "Datestamped log files" "SECTdatlogfil"
.cindex "log" "datestamped files"
Instead of cycling the main and reject log files by renaming them
/var/spool/exim/log/paniclog
/var/log/exim/panic
.endd
/var/spool/exim/log/paniclog
/var/log/exim/panic
.endd
.section "Logging to syslog" "SECID249"
.section "Logging to syslog" "SECID249"
&_Local/Makefile_&, Exim ignores &%-C%& and proceeds as usual.) There is no
default setting for &%ALT_CONFIG_PREFIX%&.
&_Local/Makefile_&, Exim ignores &%-C%& and proceeds as usual.) There is no
default setting for &%ALT_CONFIG_PREFIX%&.
If the permitted configuration files are confined to a directory to
which only root has access, this guards against someone who has broken
into the Exim account from running a privileged Exim with an arbitrary
If the permitted configuration files are confined to a directory to
which only root has access, this guards against someone who has broken
into the Exim account from running a privileged Exim with an arbitrary
to the list. The default setting is &"root"&; this prevents a non-root user who
is permitted to modify the runtime file from using Exim as a way to get root.
.endlist
to the list. The default setting is &"root"&; this prevents a non-root user who
is permitted to modify the runtime file from using Exim as a way to get root.
.endlist
After a new Exim process has interpreted its command line options, it changes
uid and gid in the following cases:
After a new Exim process has interpreted its command line options, it changes
uid and gid in the following cases:
.ilist
.oindex "&%-C%&"
.oindex "&%-D%&"
.ilist
.oindex "&%-C%&"
.oindex "&%-D%&"
For a daemon, queue runner, delivery, or address testing process, the uid
remains as root at this stage, but the gid is changed to the Exim group.
.endlist
For a daemon, queue runner, delivery, or address testing process, the uid
remains as root at this stage, but the gid is changed to the Exim group.
.endlist
The processes that initially retain root privilege behave as follows:
.ilist
The processes that initially retain root privilege behave as follows:
.ilist
.section "Dynamic module directory" "SECTdynmoddir"
Any dynamically loadable modules must be installed into the directory
defined in &`LOOKUP_MODULE_DIR`& in &_Local/Makefile_& for Exim to permit
loading it.
.section "Dynamic module directory" "SECTdynmoddir"
Any dynamically loadable modules must be installed into the directory
defined in &`LOOKUP_MODULE_DIR`& in &_Local/Makefile_& for Exim to permit
loading it.
.section "Use of sprintf()" "SECID279"
.section "Use of sprintf()" "SECID279"
Since version 4.70, DKIM support is compiled into Exim by default. It can be
disabled by setting DISABLE_DKIM=yes in Local/Makefile.
Since version 4.70, DKIM support is compiled into Exim by default. It can be
disabled by setting DISABLE_DKIM=yes in Local/Makefile.
Exim's DKIM implementation allows to
.olist
Sign outgoing messages: This function is implemented in the SMTP transport.
Exim's DKIM implementation allows to
.olist
Sign outgoing messages: This function is implemented in the SMTP transport.
ACL (acl_smtp_dkim), which can be called several times per message, with
different signature contexts.
.endlist
ACL (acl_smtp_dkim), which can be called several times per message, with
different signature contexts.
.endlist
In typical Exim style, the verification implementation does not include any
default "policy". Instead it enables you to build your own policy using
Exim's standard controls.
In typical Exim style, the verification implementation does not include any
default "policy". Instead it enables you to build your own policy using
Exim's standard controls.
Signing is implemented by setting private options on the SMTP transport.
These options take (expandable) strings as arguments.
Signing is implemented by setting private options on the SMTP transport.
These options take (expandable) strings as arguments.
.option dkim_domain smtp string&!! unset
MANDATORY:
The domain you want to sign with. The result of this expanded
.option dkim_domain smtp string&!! unset
MANDATORY:
The domain you want to sign with. The result of this expanded
list of header names. Headers with these names will be included in the message
signature. When unspecified, the header names recommended in RFC4871 will be
used.
list of header names. Headers with these names will be included in the message
signature. When unspecified, the header names recommended in RFC4871 will be
used.
.section "Verifying DKIM signatures in incoming mail" "SECID514"
.cindex "DKIM" "verification"
.section "Verifying DKIM signatures in incoming mail" "SECID514"
.cindex "DKIM" "verification"
&%dkim_verify_signers%&, and a global expansion variable
&%$dkim_signers%& exist.
&%dkim_verify_signers%&, and a global expansion variable
&%$dkim_signers%& exist.
The global option &%dkim_verify_signers%& can be set to a colon-separated
list of DKIM domains or identities for which the ACL &%acl_smtp_dkim%& is
called. It is expanded when the message has been received. At this point,
The global option &%dkim_verify_signers%& can be set to a colon-separated
list of DKIM domains or identities for which the ACL &%acl_smtp_dkim%& is
called. It is expanded when the message has been received. At this point,
.code
dkim_verify_signers = $sender_address_domain:$dkim_signers
.endd
.code
dkim_verify_signers = $sender_address_domain:$dkim_signers
.endd
If a domain or identity is listed several times in the (expanded) value of
&%dkim_verify_signers%&, the ACL is only called once for that domain or identity.
If a domain or identity is listed several times in the (expanded) value of
&%dkim_verify_signers%&, the ACL is only called once for that domain or identity.
Inside the &%acl_smtp_dkim%&, the following expansion variables are
available (from most to least important):
Inside the &%acl_smtp_dkim%&, the following expansion variables are
available (from most to least important):
.vlist
.vitem &%$dkim_cur_signer%&
The signer that is being evaluated in this ACL run. This can be a domain or
.vlist
.vitem &%$dkim_cur_signer%&
The signer that is being evaluated in this ACL run. This can be a domain or
.vitem &%$dkim_key_notes%&
Notes from the key record (tag n=).
.endlist
.vitem &%$dkim_key_notes%&
Notes from the key record (tag n=).
.endlist
In addition, two ACL conditions are provided:
In addition, two ACL conditions are provided:
.vlist
.vitem &%dkim_signers%&
ACL condition that checks a colon-separated list of domains or identities
for a match against the domain or identity that the ACL is currently verifying
(reflected by &%$dkim_cur_signer%&). This is typically used to restrict an ACL
verb to a group of domains or identities. For example:
.vlist
.vitem &%dkim_signers%&
ACL condition that checks a colon-separated list of domains or identities
for a match against the domain or identity that the ACL is currently verifying
(reflected by &%$dkim_cur_signer%&). This is typically used to restrict an ACL
verb to a group of domains or identities. For example:
.code
# Warn when message apparently from GMail has no signature at all
warn log_message = GMail sender without DKIM signature
.code
# Warn when message apparently from GMail has no signature at all
warn log_message = GMail sender without DKIM signature