Fix taint hybrid-checking on BSD
[users/heiko/exim.git] / doc / doc-txt / OptionLists.txt
index 20aeff965819a3a1d85ebdd023265f38c2ba3c92..2978aed35f6297d94bd95739dbfcd6e9b2ae0304 100644 (file)
@@ -48,12 +48,14 @@ release 4.00, and so no router options are shown as earlier than 4.00, though
 in fact some of them were inherited from earlier versions.
 
 -----------------------------------------------------------------------------------------
-accept_8bitmime                      boolean         true          main              1.60 changed to true in 4.78
+accept_8bitmime                      boolean         true          main              1.60 changed to true in 4.80
 acl_not_smtp                         string*         unset         main              4.11
 acl_not_smtp_mime                    string*         unset         main              4.51 with content scan
 acl_smtp_auth                        string*         unset         main              4.00
 acl_smtp_connect                     string*         unset         main              4.11
 acl_smtp_data                        string*         unset         main              4.00
+acl_smtp_data_prdr                   string*         unset         main              4.82 with experimental_prdr, 4.83 unless disable_prdr
+acl_smtp_dkim                        string*         unset         main              4.70 unless disable_dkim
 acl_smtp_etrn                        string*         unset         main              4.00
 acl_smtp_expn                        string*         unset         main              4.00
 acl_smtp_helo                        string*         unset         main              4.20
@@ -80,6 +82,7 @@ allow_localhost                      boolean         false         smtp
 allow_mx_to_ip                       boolean         false         main              3.14
 allow_symlink                        boolean         false         appendfile
 allow_utf8_domains                   boolean         false         main              4.14
+arc_sign                            string*         unset         smtp              4.91 with Experimental_ARC
 auth_advertise_hosts                 host list       "*"           main              4.00
 authenticated_sender                 string*         unset         smtp              4.14
 authenticated_sender_force           boolean         false         smtp              4.61
@@ -124,17 +127,22 @@ check_spool_space                    integer         0             main
 check_string                         string          "From "       appendfile        3.03
                                                      unset         pipe              3.03
 check_srv                            string*         unset         dnslookup         4.31
+client_authz                         string*         unset         gsasl             4.94
 client_condition                     string*         unset         authenticators    4.68
 client_ignore_invalid_base64         boolean         false         plaintext         4.61
 client_name                          string*         +             cram_md5          3.10
+client_password                      string*         unset         gsasl             4.94
 client_secret                        string*         unset         cram_md5          3.10
 client_send                          string*         unset         plaintext         3.10
+                                                     unset         external (auth)   4.93
+client_username                      string*         unset         gsasl             4.94
 command                              string*         unset         lmtp              3.20
                                                      unset         pipe
                                                      unset         queryprogram      4.00
 command_group                        string          unset         queryprogram      4.00
 command_timeout                      time            5m            smtp
 command_user                         string          unset         queryprogram      4.00
+commandline_checks_require_admin     boolean         false         main              4.90
 condition                            string*         unset         routers           4.00
 connect_timeout                      time            0s            smtp              1.60
 connection_max_messages              integer         500           smtp              4.00 replaces batch_max
@@ -145,11 +153,13 @@ current_directory                    string          unset         transports
 daemon_smtp_ports                    string          unset         main              1.75  pluralised in 4.21
 daemon_startup_retries               int             9             main              4.52
 daemon_startup_sleep                 time            30s           main              4.52
+dane_require_tls_ciphers             string*         unset         smtp              4.91
 data                                 string          unset         redirect          4.00
 data_timeout                         time            5m            smtp
 debug_print                          string*         unset         authenticators    4.00
                                                      unset         routers           4.00
                                                      unset         transports        2.00
+debug_store                          boolean         false         main              4.90
 delay_after_cutoff                   boolean         true          smtp
 delay_warning                        time list       24h           main
 delay_warning_condition              string*         +             main              1.73
@@ -163,6 +173,10 @@ dkim_private_key                     string*         unset         smtp
 dkim_selector                        string*         unset         smtp              4.70
 dkim_sign_headers                    string*         (RFC4871)     smtp              4.70
 dkim_strict                          string*         unset         smtp              4.70
+dkim_timestamps                      integer*        unset         smtp              4.92
+dkim_verify_hashes                   string          sha256:sha512:sha1 main         4.93
+dkim_verify_keytypes                 string          ed25519:rsa        main         4.93
+dkim_verify_minimal                  boolean         false              main         4.93
 dkim_verify_signers                  string*         $dkim_signers main              4.70
 directory                            string*         unset         appendfile
 directory_file                       string*         +             appendfile
@@ -171,10 +185,16 @@ directory_transport                  string*         unset         redirect
 disable_ipv6                         boolean         false         main              4.61
 disable_logging                      boolean         false         routers           4.11
                                                      false         transports        4.11
+dmarc_forensic_sender                string          unset         main              4.82 if experimental_dmarc, 4.93 mainline
+dmarc_history_file                   string          unset         main              4.82 if experimental_dmarc, 4.93 mainline
+dmarc_tld_file                       string          unset         main              4.82 if experimental_dmarc, 4.93 mainline
 dns_again_means_nonexist             domain list     unset         main              1.89
 dns_check_names_pattern              string          +             main              2.11
+dns_cname_loops                      integer         0             main              4.92 Set to 9 for older behaviour
 dns_csa_search_limit                 integer         5             main              4.60
 dns_csa_use_reverse                  boolean         true          main              4.60
+dns_dnssec_ok                        integer         -1            main              4.82
+dns_dane_ok                          integer         -1            main              4.83
 dns_ipv4_lookup                      boolean         false         main              3.20
 dns_qualify_single                   boolean         true          smtp
 dns_retrans                          time            0s            main              1.60
@@ -186,6 +206,7 @@ driver                               string          unset         authenticator
                                                      unset         routers           4.00
                                                      unset         transports
 drop_cr                              boolean         false         main              4.00 became a no-op in 4.21
+dscp                                 string          unset         smtp              4.82
 dsn_from                             string*         +             main              4.67
 envelope_to_add                      boolean         false         transports
 envelope_to_remove                   boolean         true          main
@@ -198,6 +219,7 @@ escape_string                        string          ">From "      appendfile
 exim_group                           string          ++            main
 exim_path                            string          ++            main
 exim_user                            string          ++            main
+exim_version                         string          ++            main              4.93
 expn                                 boolean         true          routers
 extra_local_interfaces               string          unset         main              4.21
 extract_addresses_remove_arguments   boolean         true          main              1.92
@@ -233,6 +255,7 @@ forbid_include                       boolean         false         redirect
 forbid_pipe                          boolean         false         redirect          4.00
 forbid_sieve_filter                  boolean         false         redirect          4.44
 forbid_smtp_code                     boolean         false         redirect          4.63
+force_command                        boolean         false         pipe              4.82
 freeze_exec_fail                     boolean         false         pipe              1.89
 freeze_signal                        boolean         false         pipe              4.75
 freeze_tell                          boolean         false         main              4.00 replaces freeze_tell_mailmaster
@@ -240,13 +263,14 @@ from                                 string*         unset         autoreply
 gecos_name                           string*         unset         main
 gecos_pattern                        string          unset         main
 gethostbyname                        boolean         false         smtp
+gnutls_allow_auto_pkcs11             boolean         false         main              4.82
 gnutls_compat_mode                   boolean         unset         main              4.70
-gnutls_require_kx                    string*         unset         main              4.67
-                                     string*         unset         smtp              4.67
-gnutls_require_mac                   string*         unset         main              4.67
-                                     string*         unset         smtp              4.67
-gnutls_require_protocols             string*         unset         main              4.67
-                                     string*         unset         smtp              4.67
+gnutls_require_kx                    string*         unset         main              4.67 deprecated, warns
+                                     string*         unset         smtp              4.67 deprecated, warns
+gnutls_require_mac                   string*         unset         main              4.67 deprecated, warns
+                                     string*         unset         smtp              4.67 deprecated, warns
+gnutls_require_protocols             string*         unset         main              4.67 deprecated, warns
+                                     string*         unset         smtp              4.67 deprecated, warns
 group                                string          +             routers           4.00
                                                      unset         transports        4.00 replaces local option in some transports
 header_line_maxsize                  integer         0 (unset)     main              4.14
@@ -282,13 +306,20 @@ hosts_connection_nolog               host list       unset         main
 hosts_max_try                        integer         5             smtp              3.20
 hosts_max_try_hardlimit              integer         50            smtp              4.50
 hosts_nopass_tls                     host list       unset         smtp              4.00
+hosts_noproxy_tls                    host list       "*"           smtp              4.90
 hosts_override                       boolean         false         smtp              2.11
+hosts_pipe_connect                  host_list       unset         smtp              4.93 if experimental_pipe_connect
 hosts_randomize                      boolean         false         manualroute       4.00
                                                      false         smtp              3.14
 hosts_require_auth                   host list       unset         smtp              4.00
+hosts_require_dane                   host list       unset         smtp              4.91 (4.85 experimental)
+hosts_require_ocsp                   host list       unset         smtp              4.82 if experimental_ocsp
 hosts_require_tls                    host list       unset         smtp              3.20
 hosts_treat_as_local                 domain list     unset         main              1.95
 hosts_try_auth                       host list       unset         smtp              4.00
+hosts_try_dane                       host list       unset         smtp              4.91 (4.85 experimental)
+hosts_try_fastopen                   host list       unset         smtp              4.88
+hosts_try_prdr                       host list       unset         smtp              4.82 if experimental_prdr
 ibase_servers                        string          unset         main              4.23
 ignore_bounce_errors_after           time            0s            main              4.00
 ignore_eacces                        boolean         false         redirect          4.00
@@ -373,7 +404,7 @@ once                                 string*         unset         autoreply
 once_file_size                       integer         0             autoreply         3.20
 once_repeat                          time            0s            autoreply         2.95
 one_time                             boolean         false         redirect          4.00
-openssl_options                      string          unset         main              4.73 default to unset in 4.78
+openssl_options                      string          +no_sslv2     main              4.73 default changed in 4.80
 optional                             boolean         false         iplookup          4.00
 oracle_servers                       string          unset         main              4.00
 owners                               string list     unset         redirect          4.00
@@ -390,9 +421,11 @@ pid_file_path                        string          ++            main
 pipe_as_creator                      boolean         false         pipe
 pipe_transport                       string*         unset         redirect          4.00
 pipelining_advertise_hosts           host list       "*"           main              4.14
+pipelining__connect_advertise_hosts  host list       "*"           main              4.92 if experimental_pipe_connect
 port                                 integer         0             iplookup          4.00
                                      string          "smtp"        smtp
 preserve_message_logs                boolean         false         main
+prdr_enable                          boolean         false         main              4.82 if experimental_prdr
 primary_hostname                     string          +             main
 print_topbitchars                    boolean         false         main              1.89
 process_log_path                     string          unset         main              4.21
@@ -466,20 +499,26 @@ sender_unqualified_hosts             host list       unset         main
 senders                              address list    unset         routers           4.00
 serialize_hosts                      host list       unset         smtp              1.60
 server_advertise_condition           string*         unset         authenticators    4.14
-server_channelbinding                bool            false         gsasl             4.78
+server_channelbinding                bool            false         gsasl             4.80
 server_condition                     string*         unset         authenticators    3.10 (plaintext) 4.64 (others)
-server_hostname                      string*   "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.78 (others)
-server_keytab                        string*         unset         heimdal_gssapi    4.78
+server_hostname                      string*   "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.80 (others)
+server_keytab                        string*         unset         heimdal_gssapi    4.80
 server_mail_auth_condition           string*         unset         authenticators    3.22
-server_mech                          string          public_name   cyrus_sasl,gsasl  4.43 (cyrus-only) 4.78 (others)
-server_password                      string          unset         gsasl             4.78
+server_mech                          string          public_name   cyrus_sasl,gsasl  4.43 (cyrus-only) 4.80 (others)
+server_password                      string          unset         gsasl             4.80
+server_param1                       string*         unset         tls (auth)        4.86
+server_param2                       string*         unset         tls (auth)        4.86
+server_param3                       string*         unset         tls (auth)        4.86
+server_param2                       string*         unset         tls (auth)        4.86 (tls-only) 4.93 (external)
+server_param3                       string*         unset         tls (auth)        4.86 (tls-only) 4.93 (external)
 server_prompts                       string*         unset         plaintext         3.10
-server_realm                         string          unset         cyrus_sasl,gsasl  4.43 (cyrus-only) 4.78 (others)
-server_scram_iter                    string*         unset         gsasl             4.78
-server_scram_salt                    string*         unset         gsasl             4.78
+server_realm                         string          unset         cyrus_sasl,gsasl  4.43 (cyrus-only) 4.80 (others)
+server_scram_iter                    string*         unset         gsasl             4.80
+server_scram_salt                    string*         unset         gsasl             4.80
 server_secret                        string*         unset         cram_md5          3.10
-server_service                       string          "smtp"  cyrus_sasl,gsasl,heimdal_gssapi  (cyrus-only) 4.78 (others)
+server_service                       string          "smtp"  cyrus_sasl,gsasl,heimdal_gssapi  (cyrus-only) 4.80 (others)
 server_set_id                        string*         unset         authenticators    3.10
+set                                 string*         unset         routers           4.93
 shadow_condition                     string*         unset         transports
 shadow_transport                     string          unset         transports
 size_addition                        integer         1024          smtp              1.91
@@ -513,6 +552,7 @@ socket                               string*         unset         lmtp
 spamd_address                        string*         +             main              4.50 with content scan
 split_spool_directory                boolean         false         main              1.70
 spool_directory                      string          ++            main
+spool_wireformat                     boolean         false         main              4.90
 sqlite_lock_timeout                  time            5s            main              4.53
 strict_acl_vars                      boolean         false         main              4.64
 srv_fail_domains                     domain list     unset         dnslookup         4.43
@@ -545,16 +585,20 @@ timeout_defer                        boolean         false         pipe
 timeout_frozen_after                 time            0s            main              3.20
 timezone                             string          +             main              3.15
 tls_advertise_hosts                  host list       *             main              3.20
+tls_advertise_requiretls             host list       *             main              4.92 if experimental_requiretls
 tls_certificate                      string*         unset         main              3.20
                                                      unset         smtp              3.20
+tls_dh_max_bits                      integer         2236          main              4.80
+tls_dh_min_bits                      integer         1024          smtp              4.82
 tls_dhparam                          string*         unset         main              3.20
+tls_ocsp_file                        string*         unset         main              4.80 if experimental_ocsp
 tls_on_connect_ports                 string          unset         main              4.43
 tls_privatekey                       string*         unset         main              3.20
                                                      unset         smtp              3.20
 tls_remember_emstp                   boolean         false         main              4.21
 tls_require_ciphers                  string*         unset         smtp              4.00 replaces tls_verify_ciphers
                                      string*         unset         main              4.33
-tls_sni                              string*         unset         main              4.78
+tls_sni                              string*         unset         main              4.80
 tls_tempfail_tryclear                boolean         true          smtp              4.05
 tls_try_verify_hosts                 host list       unset         main              4.00
 tls_verify_certificates              string*         unset         main              3.20
@@ -585,6 +629,7 @@ use_mbx_lock                         boolean         +             appendfile
 use_shell                            boolean         false         pipe              1.70
 user                                 string          +             routers           4.00
                                                      unset         transports        4.00 replaces individual options
+utf8_downconvert                     integer         unset         smtp              4.92 if SUPPORT_I18N
 uucp_from_pattern                    string          +             main              1.75
 uucp_from_sender                     string*         "$1"          main              1.75
 verify                               boolean         true          routers           4.00
@@ -622,6 +667,7 @@ provide compatibility with Sendmail.
 -bh              Test incoming SMTP call, omitting callouts
 -bhc             Test incoming SMTP call, with callouts
 -bi            * Run <command>bi_command</command>
+-bI:help         Show list of accepted -bI:<tag> options
 -bm              Accept message on standard input
 -bmalware      + Invoke configured malware scanning against supplied filename
 -bnq             Don't qualify addresses in locally submitted messages
@@ -641,6 +687,7 @@ provide compatibility with Sendmail.
 -bV              Verify version number
 -bv              Test recipient address verification
 -bvs             Test sender address verification
+-bw            + Inetd wait mode
 -C             + Use alternate configuration file
 -D             + Define macro for configuration file
 -d             + Turn on debugging output
@@ -697,6 +744,7 @@ provide compatibility with Sendmail.
 -oMai          # Supply authenticated id
 -oMas          # Supply authenticated sender
 -oMi           # Supply interface address
+-oMm           # Supply message reference
 -oMr           # Supply protocol name
 -oMs           # Supply host name
 -oMt           # Supply ident string
@@ -836,6 +884,7 @@ DEFAULT_CRYPT                optional     default crypt() function
 DELIVER_IN_BUFFER_SIZE       optional*
 DELIVER_OUT_BUFFER_SIZE      optional*
 DISABLE_DKIM                 optional     disables DKIM support
+DISABLE_DNSSEC               optional     disables attempts to use DNSSEC
 DISABLE_D_OPTION             optional     disables -D option
 ERRNO_QUOTA                  optional*    error code for system quota failures
 EXICYCLOG_MAX                optional     number of old log files to keep
@@ -849,7 +898,7 @@ EXIM_MONITOR                 optional     set to eximon.bin to compile
 EXIM_PERL                    optional
 EXIM_USER                    mandatory    user to use for Exim
 EXIWHAT_EGREP_ARG            system**     to find Exim processes from ps
-EXIWHAT_KILL_SIGNAL          system**     -SIGUSER1 or numerical equivalent
+EXIWHAT_KILL_SIGNAL          system**     -SIGUSR1 or numerical equivalent
 EXIWHAT_MULTIKILL_CMD        system**
 EXIWHAT_MULTIKILL_ARG        system**
 EXIWHAT_PS_ARG               system**     to list all processes
@@ -909,7 +958,8 @@ MAX_INTERFACES               system       maximum network interfaces
 MSGLOG_DIRECTORY_MODE        optional*    mode for message log directory
 MV_COMMAND                   system       path to mv command
 NO_SYMLINK                   optional     install doesn't make 'exim" symlink
-PCRE_CFLAGS                  system       compile flags for PCRE library
+PCRE_CONFIG                  system*      use pcre-config for PCRE support
+PCRE_LIBS                    system*      library for using PCRE
 PERL_CC                      system*      compiler for Perl interface code
 PERL_CCOPTS                  system*      flags for same
 PERL_COMMAND                 system       path to Perl
@@ -947,7 +997,7 @@ TCP_WRAPPERS_DAEMON_NAME     system*      daemon name used by tcpwrappers librar
 TIMEZONE_DEFAULT             optional     default for timezone option
 TLS_INCLUDE                  optional     path to include files for TLS
 TLS_LIBS                     optional     additional libraries for TLS
-TMPDIR                       system       value for TMPDIR environment variable
+EXIM_TMPDIR                  system       value for TMPDIR environment variable
 TRANSPORT_APPENDFILE         driver       include appendfile transport
 TRANSPORT_AUTOREPLY          driver       include autoreply transport
 TRANSPORT_LMTP               driver       include lmtp transport