contains two IP addresses, the IPv4 address 127.0.0.1 and the IPv6 address ::1.
&*Note*&: Although leading and trailing white space is ignored in individual
-list items, it is not ignored when parsing the list. The space after the first
-colon in the example above is necessary. If it were not there, the list would
+list items, it is not ignored when parsing the list. The spaces around the first
+colon in the example above are necessary. If they were not there, the list would
be interpreted as the two items 127.0.0.1:: and 1.
.section "Changing list separators" "SECTlistsepchange"
# request with your smarthost provider to get things fixed:
hosts_require_tls = *
tls_verify_hosts = *
- # As long as tls_verify_hosts is enabled, this won't matter, but if you
- # have to comment it out then this will at least log whether you succeed
- # or not:
+ # As long as tls_verify_hosts is enabled, this this will have no effect,
+ # but if you have to comment it out then this will at least log whether
+ # you succeed or not:
tls_try_verify_hosts = *
#
# The SNI name should match the name which we'll expect to verify;
.section "Miscellaneous" "SECID96"
.table2
+.row &%add_environment%& "environment variables"
.row &%bi_command%& "to run for &%-bi%& command line option"
.row &%debug_store%& "do extra internal checks"
.row &%disable_ipv6%& "do no IPv6 processing"
+.row &%keep_environment%& "environment variables"
.row &%keep_malformed%& "for broken files &-- should not happen"
.row &%localhost_number%& "for unique message ids in clusters"
.row &%message_body_newlines%& "retain newlines in &$message_body$&"
. searchable. NM changed this occurrence for bug 1197 to no longer allow
. the option name to split.
-.option "smtp_accept_max_per_connection" main integer 1000 &&&
+.option "smtp_accept_max_per_connection" main integer&!! 1000 &&&
smtp_accept_max_per_connection
.cindex "SMTP" "limiting incoming message count"
.cindex "limit" "messages per SMTP connection"
response is given to subsequent MAIL commands. This limit is a safety
precaution against a client that goes mad (incidents of this type have been
seen).
+.new
+The option is expanded after the HELO or EHLO is received
+and may depend on values available at that time.
+An empty or zero value after expansion removes the limit.
+.wen
.option smtp_accept_max_per_host main string&!! unset
A &'realm'& is a text string, typically a domain name, presented by a server
to a client to help it select an account and credentials to use. In some
-mechanisms, the client and server probably agree on the realm, but clients
+mechanisms, the client and server provably agree on the realm, but clients
typically can not treat the realm as secure data to be blindly trusted.
.section "Certificate chains" "SECID186"
-The file named by &%tls_certificate%& may contain more than one
+A file named by &%tls_certificate%& may contain more than one
certificate. This is useful in the case where the certificate that is being
sent is validated by an intermediate certificate which the other end does
not have. Multiple certificates must be in the correct order in the file.
.section "DKIM (DomainKeys Identified Mail)" SECDKIM
.cindex "DKIM"
-DKIM is a mechanism by which messages sent by some entity can be probably
+DKIM is a mechanism by which messages sent by some entity can be provably
linked to a domain which that entity controls. It permits reputation to
be tracked on a per-domain basis, rather than merely upon source IP address.
DKIM is documented in RFC 6376.
If the option is empty after expansion, DKIM signing is not done for this domain,
and no error will result even if &%dkim_strict%& is set.
+.new
+To do, for example, dual-signing with RSA and EC keys
+this could be be used:
+.code
+dkim_selector = ec_sel : rsa_sel
+dkim_private_key = KEYS_DIR/$dkim_selector
+.endd
+.wen
+
.option dkim_private_key smtp string&!! unset
This sets the private key to use.
You can use the &%$dkim_domain%& and