the operation and configuration of DKIM, see section &<<SECDKIM>>&.
+.vitem &*control&~=&~dmarc_disable_verify*&
+.cindex "disable DMARC verify"
+.cindex "DMARC" "disable verify"
+This control turns off DMARC verification processing entirely. For details on
+the operation and configuration of DMARC, see section &<<SECDMARC>>&.
+
+
.vitem &*control&~=&~dscp/*&<&'value'&>
.cindex "&ACL;" "setting DSCP value"
.cindex "DSCP" "inbound"
HAVE_LOCAL_SCAN=yes
LOCAL_SCAN_SOURCE=Local/local_scan.c
.endd
-for example. The function must be called &[local_scan()]&. It is called by
+for example. The function must be called &[local_scan()]&;
+.new
+the source file(s) for it should first #define LOCAL_SCAN
+and then #include "local_scan.h".
+.wen
+It is called by
Exim after it has received a message, when the success return code is about to
be sent. This is after all the ACLs have been run. The return code from your
function controls whether the message is actually accepted or not. There is a
arguments. It flushes the output stream, and returns a non-zero value if there
is an error.
-.vitem &*void&~*store_get(int)*&
+.new
+.vitem &*void&~*store_get(int,BOOL)*&
This function accesses Exim's internal store (memory) manager. It gets a new
-chunk of memory whose size is given by the argument. Exim bombs out if it ever
+chunk of memory whose size is given by the first argument.
+The second argument should be given as TRUE if the memory will be used for
+data possibly coming from an attacker (eg. the message content),
+FALSE if it is locally-sourced.
+Exim bombs out if it ever
runs out of memory. See the next section for a discussion of memory handling.
+.wen
-.vitem &*void&~*store_get_perm(int)*&
+.vitem &*void&~*store_get_perm(int,BOOL)*&
This function is like &'store_get()'&, but it always gets memory from the
permanent pool. See the next section for a discussion of memory handling.
from a link at &url(https://publicsuffix.org/list/, currently pointing
at https://publicsuffix.org/list/public_suffix_list.dat)
See also util/renew-opendmarc-tlds.sh script.
-The default for the option is /etc/exim/opendmarc.tlds.
+.new
+The default for the option is unset.
+If not set, DMARC processing is disabled.
+.wen
The &%dmarc_history_file%& option, if set
The name is placed in the variable &$event_name$& and the event action
expansion must check this, as it will be called for every possible event type.
+.new
The current list of events is:
+.wen
.display
&`dane:fail after transport `& per connection
&`msg:complete after main `& per message
+&`msg:defer after transport `& per message per delivery try
&`msg:delivery after transport `& per recipient
&`msg:rcpt:host:defer after transport `& per recipient per host
&`msg:rcpt:defer after transport `& per recipient
-&`msg:host:defer after transport `& per attempt
+&`msg:host:defer after transport `& per host per delivery try; host errors
&`msg:fail:delivery after transport `& per recipient
&`msg:fail:internal after main `& per recipient
&`tcp:connect before transport `& per connection
with the event type:
.display
&`dane:fail `& failure reason
+&`msg:defer `& error string
&`msg:delivery `& smtp confirmation message
&`msg:fail:internal `& failure reason
&`msg:fail:delivery `& smtp error message
+&`msg:host:defer `& error string
&`msg:rcpt:host:defer `& error string
&`msg:rcpt:defer `& error string
-&`msg:host:defer `& error string
&`tls:cert `& verification chain depth
&`smtp:connect `& smtp banner
&`smtp:ehlo `& smtp ehlo response