.cindex "distribution" "signing details"
.cindex "distribution" "public key"
.cindex "public key for signed distribution"
-The distributions are currently signed with Nigel Metheringham's GPG key. The
-corresponding public key is available from a number of keyservers, and there is
-also a copy in the file &_nigel-pubkey.asc_&. The signatures for the tar bundles are
-in:
+.new
+The distributions will be PGP signed by an individual key of the Release
+Coordinator. This key will have a uid containing an email address in the
+&'exim.org'& domain and will have signatures from other people, including
+other Exim maintainers. We expect that the key will be in the "strong set" of
+PGP keys. There should be a trust path to that key from Nigel Metheringham's
+PGP key, a version of which can be found in the release directory in the file
+&_nigel-pubkey.asc_&. All keys used will be available in public keyserver pools,
+such as &'pool.sks-keyservers.net'&.
+
+At time of last update, releases were being made by Phil Pennock and signed with
+key &'0x403043153903637F'&, although that key is expected to be replaced in 2013.
+A trust path from Nigel's key to Phil's can be observed at
+&url(https://www.security.spodhuis.org/exim-trustpath).
+.wen
+
+The signatures for the tar bundles are in:
.display
&_exim-n.nn.tar.gz.asc_&
&_exim-n.nn.tar.bz2.asc_&
&%verify_recipient%&, which independently control the use of the router for
sender and recipient verification. You can set these options directly if
you want a router to be used for only one type of verification.
+Note that cutthrough delivery is classed as a recipient verification
+for this purpose.
.next
If the &%address_test%& option is set false, the router is skipped when Exim is
run with the &%-bt%& option to test an address routing. This can be helpful
.next
Routers can be designated for use only when verifying an address, as
opposed to routing it for delivery. The &%verify_only%& option controls this.
+Again, cutthrough delibery counts as a verification.
.next
Individual routers can be explicitly skipped when running the routers to
check an address given in the SMTP EXPN command (see the &%expn%& option).
The authorization code can be &"Y"& for yes, &"N"& for no, &"X"& for explicit
authorization required but absent, or &"?"& for unknown.
+.cindex "A+" "in &(dnsdb)& lookup"
+The pseudo-type A+ performs an A6 lookup (if configured) followed by an AAAA
+and then an A lookup. All results are returned; defer processing
+(see below) is handled separately for each lookup. Example:
+.code
+${lookup dnsdb {>; a+=$sender_helo_name}}
+.endd
+
.section "Multiple dnsdb lookups" "SECID67"
In the previous sections, &(dnsdb)& lookups for a single domain are described.
There are several types of pattern that require Exim to know the name of the
remote host. These are either wildcard patterns or lookups by name. (If a
complete hostname is given without any wildcarding, it is used to find an IP
-address to match against, as described in the section &<<SECThoslispatip>>&
+address to match against, as described in section &<<SECThoslispatip>>&
above.)
If the remote host name is not already known when Exim encounters one of these
operator.
If the query contains a reference to &$sender_host_name$&, Exim automatically
-looks up the host name if has not already done so. (See section
+looks up the host name if it has not already done so. (See section
&<<SECThoslispatnam>>& for comments on finding host names.)
Historical note: prior to release 4.30, Exim would always attempt to find a
surrounding the colons is ignored. For example:
.code
aol.com: spammer1 : spammer2 : ^[0-9]+$ :
- spammer3 : spammer4
+ spammer3 : spammer4
.endd
As in all colon-separated lists in Exim, a colon can be included in an item by
doubling.
Any unused are made empty. The variable &$acl_narg$& is set to the number of
arguments. The named ACL (see chapter &<<CHAPACL>>&) is called
and may use the variables; if another acl expansion is used the values
-are overwritten. If the ACL sets
+are restored after it returns. If the ACL sets
a value using a "message =" modifier and returns accept or deny, the value becomes
the result of the expansion.
-If no message was set and the ACL returned accept or deny
-the value is an empty string.
-If the ACL returned defer the result is a forced-fail. Otherwise the expansion fails.
+If no message is set and the ACL returns accept or deny
+the expansion result is an empty string.
+If the ACL returns defer the result is a forced-fail. Otherwise the expansion fails.
.vitem "&*${dlfunc{*&<&'file'&>&*}{*&<&'function'&>&*}{*&<&'arg'&>&*}&&&
for DNS. For example,
.code
${reverse_ip:192.0.2.4}
-${reverse_ip:2001:0db8:c42:9:1:abcd:192.0.2.3}
+${reverse_ip:2001:0db8:c42:9:1:abcd:192.0.2.127}
.endd
returns
.code
4.2.0.192
-3.0.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2
+f.7.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2
.endd
Any unused are made empty. The variable &$acl_narg$& is set to the number of
arguments. The named ACL (see chapter &<<CHAPACL>>&) is called
and may use the variables; if another acl expansion is used the values
-are overwritten. If the ACL sets
+are restored after it returns. If the ACL sets
a value using a "message =" modifier the variable $value becomes
the result of the expansion, otherwise it is empty.
If the ACL returns accept the condition is true; if deny, false.
be terminated by colon or white space, because it may contain a wide variety of
characters. Note also that braces must &'not'& be used.
+.vitem &$headers_added$&
+.vindex "&$headers_added$&"
+Within an ACL this variable contains the headers added so far by
+the ACL modifier add_header (section &<<SECTaddheadacl>>&).
+The headers are a newline-separated list.
+
.vitem &$home$&
.vindex "&$home$&"
When the &%check_local_user%& option is set for a router, the user's home
.section "TLS" "SECID108"
.table2
.row &%gnutls_compat_mode%& "use GnuTLS compatibility mode"
-.new
.row &%gnutls_enable_pkcs11%& "allow GnuTLS to autoload PKCS11 modules"
-.wen
.row &%openssl_options%& "adjust OpenSSL compatibility options"
.row &%tls_advertise_hosts%& "advertise TLS to these hosts"
.row &%tls_certificate%& "location of server certificate"
.row &%dns_ipv4_lookup%& "only v4 lookup for these domains"
.row &%dns_retrans%& "parameter for resolver"
.row &%dns_retry%& "parameter for resolver"
-.new
.row &%dns_use_dnssec%& "parameter for resolver"
-.wen
.row &%dns_use_edns0%& "parameter for resolver"
.row &%hold_domains%& "hold delivery for these domains"
.row &%local_interfaces%& "for routing checks"
.option accept_8bitmime main boolean true
.cindex "8BITMIME"
.cindex "8-bit characters"
+.cindex "log" "selectors"
+.cindex "log" "8BITMIME"
This option causes Exim to send 8BITMIME in its response to an SMTP
EHLO command, and to accept the BODY= parameter on MAIL commands.
However, though Exim is 8-bit clean, it is not a protocol converter, and it
&url(http://cr.yp.to/smtp/8bitmime.html)
.endd
+To log received 8BITMIME status use
+.code
+log_selector = +8bitmime
+.endd
+
.option acl_not_smtp main string&!! unset
.cindex "&ACL;" "for non-SMTP messages"
.cindex "non-SMTP messages" "ACLs for"
.cindex "EXPN" "with &%verify_only%&"
.oindex "&%-bv%&"
.cindex "router" "used only when verifying"
-If this option is set, the router is used only when verifying an address or
+If this option is set, the router is used only when verifying an address,
+delivering in cutthrough mode or
testing with the &%-bv%& option, not when actually doing a delivery, testing
with the &%-bt%& option, or running the SMTP EXPN command. It can be further
restricted to verifying only senders or recipients by means of
.option verify_recipient routers&!? boolean true
If this option is false, the router is skipped when verifying recipient
-addresses
+addresses,
+delivering in cutthrough mode
or testing recipient verification using &%-bv%&.
See section &<<SECTrouprecon>>& for a list of the order in which preconditions
are evaluated.
.endd
+.option client_set_id authenticators string&!! unset
+When client authentication succeeds, this condition is expanded; the
+result is used in the log lines for outbound messasges.
+Typically it will be the user name used for authentication.
+
+
.option driver authenticators string unset
This option must always be set. It specifies which of the available
authenticators is to be used.
and try again later, but that is their problem, though it does waste some of
your resources.
+The &%acl_smtp_data%& ACL is run after both the &%acl_smtp_dkim%& and
+the &%acl_smtp_mime%& ACLs.
+
.section "The SMTP DKIM ACL" "SECTDKIMACL"
The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support
received, and is executed for each DKIM signature found in a message. If not
otherwise specified, the default action is to accept.
-For details on the operation of DKIM, see chapter &<<CHID12>>&.
+This ACL is evaluated before &%acl_smtp_mime%& and &%acl_smtp_data%&.
+
+For details on the operation of DKIM, see chapter &<<CHAPdkim>>&.
.section "The SMTP MIME ACL" "SECID194"
The &%acl_smtp_mime%& option is available only when Exim is compiled with the
content-scanning extension. For details, see chapter &<<CHAPexiscan>>&.
+This ACL is evaluated after &%acl_smtp_dkim%& but before &%acl_smtp_data%&.
+
.section "The QUIT ACL" "SECTQUITACL"
.cindex "QUIT, ACL for"
.section "The not-QUIT ACL" "SECTNOTQUITACL"
.vindex &$acl_smtp_notquit$&
The not-QUIT ACL, specified by &%acl_smtp_notquit%&, is run in most cases when
-an SMTP session ends without sending QUIT. However, when Exim itself is is bad
+an SMTP session ends without sending QUIT. However, when Exim itself is in bad
trouble, such as being unable to write to its log files, this ACL is not run,
because it might try to do things (such as write to log files) that make the
situation even worse.
.new
.vitem &*control&~=&~cutthrough_delivery*&
.cindex "&ACL;" "cutthrough routing"
+.cindex "cutthrough" "requesting"
This option requests delivery be attempted while the item is being received.
It is usable in the RCPT ACL and valid only for single-recipient mails forwarded
from one SMTP connection to another. If a recipient-verify callout connection is
requested in the same ACL it is held open and used for the data, otherwise one is made
-after the ACL completes.
+after the ACL completes. Note that routers are used in verify mode.
Should the ultimate destination system positively accept or reject the mail,
a corresponding indication is given to the source system and nothing is queued.
.new
-.vitem &*control&~=&~dscp/*&<&'value'&>
-.cindex "&ACL;" "setting DSCP value"
-.cindex "DSCP" "inbound"
-This option causes the DSCP value associated with the socket for the inbound
-connection to be adjusted to a given value, given as one of a number of fixed
-strings or to numeric value.
-The &%-bI:dscp%& option may be used to ask Exim which names it knows of.
-Common values include &`throughput`&, &`mincost`&, and on newer systems
-&`ef`&, &`af41`&, etc. Numeric values may be in the range 0 to 0x3F.
-
-The outbound packets from Exim will be marked with this value in the header
-(for IPv4, the TOS field; for IPv6, the TCLASS field); there is no guarantee
-that these values will have any effect, not be stripped by networking
-equipment, or do much of anything without cooperation with your Network
-Engineer and those of all network operators between the source and destination.
-.wen
-
-
.vitem &*control&~=&~debug/*&<&'options'&>
.cindex "&ACL;" "enabling debug logging"
.cindex "debugging" "enabling from an ACL"
control = debug/opts=+expand+acl
control = debug/tag=.$message_exim_id/opts=+expand
.endd
+.wen
+
+
+.new
+.vitem &*control&~=&~dkim_disable_verify*&
+.cindex "disable DKIM verify"
+.cindex "DKIM" "disable verify"
+This control turns off DKIM verification processing entirely. For details on
+the operation and configuration of DKIM, see chapter &<<CHAPdkim>>&.
+.wen
+
+
+.new
+.vitem &*control&~=&~dscp/*&<&'value'&>
+.cindex "&ACL;" "setting DSCP value"
+.cindex "DSCP" "inbound"
+This option causes the DSCP value associated with the socket for the inbound
+connection to be adjusted to a given value, given as one of a number of fixed
+strings or to numeric value.
+The &%-bI:dscp%& option may be used to ask Exim which names it knows of.
+Common values include &`throughput`&, &`mincost`&, and on newer systems
+&`ef`&, &`af41`&, etc. Numeric values may be in the range 0 to 0x3F.
+
+The outbound packets from Exim will be marked with this value in the header
+(for IPv4, the TOS field; for IPv6, the TCLASS field); there is no guarantee
+that these values will have any effect, not be stripped by networking
+equipment, or do much of anything without cooperation with your Network
+Engineer and those of all network operators between the source and destination.
+.wen
.vitem &*control&~=&~enforce_sync*& &&&
any ACL verb, including &%deny%& (though this is potentially useful only in a
RCPT ACL).
-If the data for the &%add_header%& modifier contains one or more newlines that
+Leading and trailing newlines are removed from
+the data for the &%add_header%& modifier; if it then
+contains one or more newlines that
are not followed by a space or a tab, it is assumed to contain multiple header
lines. Each one is checked for valid syntax; &`X-ACL-Warn:`& is added to the
front of any line that is not a valid header line.
are included in the entry that is written to the reject log.
.cindex "header lines" "added; visibility of"
-Header lines are not visible in string expansions until they are added to the
+Header lines are not visible in string expansions
+of message headers
+until they are added to the
message. It follows that header lines defined in the MAIL, RCPT, and predata
ACLs are not visible until the DATA ACL and MIME ACLs are run. Similarly,
header lines that are added by the DATA or MIME ACLs are not visible in those
this, you can use ACL variables, as described in section
&<<SECTaclvariables>>&.
+The list of headers yet to be added is given by the &%$headers_added%& variable.
+
The &%add_header%& modifier acts immediately as it is encountered during the
processing of an ACL. Notice the difference between these two cases:
.display
ceases, but processing of the ACL continues.
If the argument is a named ACL, up to nine space-separated optional values
-can be appended; they appear in $acl_arg1 to $acl_arg9, and $acl_narg is set
-to the count of values. The name and values are expanded separately.
+can be appended; they appear within the called ACL in $acl_arg1 to $acl_arg9,
+and $acl_narg is set to the count of values.
+Previous values of these variables are restored after the call returns.
+The name and values are expanded separately.
If the nested &%acl%& returns &"drop"& and the outer condition denies access,
the connection is dropped. If it returns &"discard"&, the verb must be
.endd
-.vitem &*hosts&~=&~*&<&'&~host&~list'&>
+.vitem &*hosts&~=&~*&<&'host&~list'&>
.cindex "&%hosts%& ACL condition"
.cindex "host" "ACL checking"
.cindex "&ACL;" "testing the client host"
&`<=`& message arrival
&`=>`& normal message delivery
&`->`& additional address in same delivery
+&`>>`& cutthrough message delivery
&`*>`& delivery suppressed by &%-N%&
&`**`& delivery failed; address bounced
&`==`& delivery deferred; temporary problem
last of these is given in parentheses after the final address. The R and T
fields record the router and transport that were used to process the address.
+If SMTP AUTH was used for the delivery there is an additional item A=
+followed by the name of the authenticator that was used.
+If an authenticated identification was set up by the authenticator's &%client_set_id%&
+option, this is logged too, separated by a colon from the authenticator name.
+
If a shadow transport was run after a successful local delivery, the log line
for the successful delivery has an item added on the end, of the form
.display
down a single SMTP connection, an asterisk follows the IP address in the log
lines for the second and subsequent messages.
+.cindex "delivery" "cutthrough; logging"
+.cindex "cutthrough" "logging"
+When delivery is done in cutthrough mode it is flagged with &`>>`& and the log
+line precedes the reception line, since cutthrough waits for a possible
+rejection from the destination in case it can reject the sourced item.
+
The generation of a reply message by a filter file gets logged as a
&"delivery"& to the addressee, preceded by &">"&.
A summary of the field identifiers that are used in log lines is shown in
the following table:
.display
-&`A `& authenticator name (and optional id)
+&`A `& authenticator name (and optional id and sender)
&`C `& SMTP confirmation on delivery
&` `& command list for &"no mail in SMTP session"&
&`CV `& certificate verification status
The list of optional log items is in the following table, with the default
selection marked by asterisks:
.display
+&` 8bitmime `& received 8BITMIME status
&`*acl_warn_skipped `& skipped &%warn%& statement in ACL
&` address_rewrite `& address rewriting
&` all_parents `& all parents in => lines
&`*smtp_confirmation `& SMTP confirmation on => lines
&` smtp_connection `& SMTP connections
&` smtp_incomplete_transaction`& incomplete SMTP transactions
+&` smtp_mailauth `& AUTH argument to MAIL commands
&` smtp_no_mail `& session with no MAIL commands
&` smtp_protocol_error `& SMTP protocol errors
&` smtp_syntax_error `& SMTP syntax errors
More details on each of these items follows:
.ilist
+.cindex "8BITMIME"
+.cindex "log" "8BITMIME"
+&%8bitmime%&: This causes Exim to log any 8BITMIME status of received messages,
+which may help in tracking down interoperability issues with ancient MTAs
+that are not 8bit clean. This is added to the &"<="& line, tagged with
+&`M8S=`& and a value of &`0`&, &`7`& or &`8`&, corresponding to "not given",
+&`7BIT`& and &`8BITMIME`& respectively.
+.next
.cindex "&%warn%& ACL verb" "log when skipping"
&%acl_warn_skipped%&: When an ACL &%warn%& statement is skipped because one of
its conditions cannot be evaluated, a log line to this effect is written if
setting of 10 for &%smtp_accep_max_nonmail%&, the connection will in any case
have been aborted before 20 non-mail commands are processed.
.next
+&%smtp_mailauth%&: A third subfield with the authenticated sender,
+colon-separated, is appended to the A= item for a message arrival or delivery
+log line, if an AUTH argument to the SMTP MAIL command (see &<<SECTauthparamail>>&)
+was accepted or used.
+.next
.cindex "log" "SMTP protocol error"
.cindex "SMTP" "logging protocol error"
&%smtp_protocol_error%&: A log line is written for every SMTP protocol error
. ////////////////////////////////////////////////////////////////////////////
. ////////////////////////////////////////////////////////////////////////////
-.chapter "Support for DKIM (DomainKeys Identified Mail)" "CHID12" &&&
+.chapter "Support for DKIM (DomainKeys Identified Mail)" "CHAPdkim" &&&
"DKIM Support"
.cindex "DKIM"
.vitem &%dkim_status%&
ACL condition that checks a colon-separated list of possible DKIM verification
-results agains the actual result of verification. This is typically used
+results against the actual result of verification. This is typically used
to restrict an ACL verb to a list of verification outcomes, for example:
.code