&`F `& sender address (on delivery lines)
&`H `& host name and IP address
&`I `& local interface used
-&`id `& message id for incoming message
+&`id `& message id (from header) for incoming message
&`K `& CHUNKING extension used
&`L `& on &`<=`& and &`=>`& lines: PIPELINING extension used
&`M8S `& 8BITMIME status for incoming message
&` incoming_port `& remote port on <= lines
&`*lost_incoming_connection `& as it says (includes timeouts)
&` millisec `& millisecond timestamps and RT,QT,DT,D times
+&`*msg_id `& on <= lines, Message-ID: header value
+&` msg_id_created `& on <= lines, Message-ID: header value when one had to be added
&` outgoing_interface `& local interface on => lines
&` outgoing_port `& add remote port to => lines
&`*queue_run `& start and end queue runs
&%millisec%&: Timestamps have a period and three decimal places of finer granularity
appended to the seconds value.
.next
+.new
+.cindex "log" "message id"
+&%msg_id%&: The value of the Message-ID: header.
+.next
+&%msg_id_created%&: The value of the Message-ID: header, when one had to be created.
+This will be either because the message is a bounce, or was submitted locally
+(submission mode) without one.
+The field identifier will have an asterix appended: &"id*="&.
+.wen
+.next
.cindex "log" "outgoing interface"
.cindex "log" "local interface"
.cindex "log" "local address and port"
Signers SHOULD use RSA keys of at least 2048 bits.
.endd
-Support for EC keys is being developed under
-&url(https://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-crypto/).
+.new
+EC keys for DKIM are defined by RFC 8463.
+.wen
They are considerably smaller than RSA keys for equivalent protection.
As they are a recent development, users should consider dual-signing
(by setting a list of selectors, and an expansion for this option)
certtool --load_privkey=dkim_ed25519.private --pubkey_info --outder | tail -c +13 | base64
.endd
-Note that the format
-of Ed25519 keys in DNS has not yet been decided; this release supports
-both of the leading candidates at this time, a future release will
-probably drop support for whichever proposal loses.
+.new
+Exim also supports an alternate format
+of Ed25519 keys in DNS which was a candidate during development
+of the standard, but not adopted.
+A future release will probably drop that support.
+.wen
.option dkim_hash smtp string&!! sha256
Can be set to any one of the supported hash methods, which are: