X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/54c90be16587ca315041c964e251f07fc2bcf0e9..2a1b36b3082412c6723ec29c1fc1ef02589bd3b3:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 78d5b0b18..d370cbc3f 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -2938,6 +2938,7 @@ if this is required. If the &%bi_command%& option is not set, calling Exim with &%-bi%& is a no-op. .new +. // Keep :help first, then the rest in alphabetical order .vitem &%-bI:help%& .oindex "&%-bI:help%&" .cindex "querying exim information" @@ -2947,6 +2948,12 @@ consumption. This one is not. The &%-bI:help%& option asks Exim for a synopsis of supported options beginning &`-bI:`&. Use of any of these options shall cause Exim to exit after producing the requested output. +.vitem &%-bI:dscp%& +.oindex "&%-bI:dscp%&" +.cindex "DSCP" "values" +This option causes Exim to emit an alphabetically sorted list of all +recognised DSCP names. + .vitem &%-bI:sieve%& .oindex "&%-bI:sieve%&" .cindex "Sieve filter" "capabilities" @@ -11687,6 +11694,31 @@ driver that successfully authenticated the client from which the message was received. It is empty if there was no successful authentication. See also &$authenticated_id$&. +.new +.vitem &$sender_host_dnssec$& +.vindex "&$sender_host_dnssec$&" +If &$sender_host_name$& has been populated (by reference, &%hosts_lookup%& or +otherwise) then this boolean will have been set true if, and only if, the +resolver library states that the reverse DNS was authenticated data. At all +other times, this variable is false. + +It is likely that you will need to coerce DNSSEC support on in the resolver +library, by setting: +.code +dns_use_dnssec = 1 +.endd + +Exim does not perform DNSSEC validation itself, instead leaving that to a +validating resolver (eg, unbound, or bind with suitable configuration). + +Exim does not (currently) check to see if the forward DNS was also secured +with DNSSEC, only the reverse DNS. + +If you have changed &%host_lookup_order%& so that &`bydns`& is not the first +mechanism in the list, then this variable will be false. +.wen + + .vitem &$sender_host_name$& .vindex "&$sender_host_name$&" When a message is received from a remote host, this variable contains the @@ -12836,6 +12868,9 @@ See also the &'Policy controls'& section above. .row &%dns_ipv4_lookup%& "only v4 lookup for these domains" .row &%dns_retrans%& "parameter for resolver" .row &%dns_retry%& "parameter for resolver" +.new +.row &%dns_use_dnssec%& "parameter for resolver" +.wen .row &%dns_use_edns0%& "parameter for resolver" .row &%hold_domains%& "hold delivery for these domains" .row &%local_interfaces%& "for routing checks" @@ -13476,6 +13511,18 @@ to set in them. See &%dns_retrans%& above. +.new +.option dns_use_dnssec main integer -1 +.cindex "DNS" "resolver options" +.cindex "DNS" "DNSSEC" +If this option is set to a non-negative number then Exim will initialise the +DNS resolver library to either use or not use DNSSEC, overriding the system +default. A value of 0 coerces DNSSEC off, a value of 1 coerces DNSSEC on. + +If the resolver library does not support DNSSEC then this option has no effect. +.wen + + .option dns_use_edns0 main integer -1 .cindex "DNS" "resolver options" .cindex "DNS" "EDNS0" @@ -22054,6 +22101,23 @@ See the &%search_parents%& option in chapter &<>& for more details. +.new +.option dscp smtp string&!! unset +.cindex "DCSP" +.cindex "DiffServ" +This option causes the DSCP value associated with a socket to be set to one +of a number of fixed strings or to numeric value. +The &%-bI:dscp%& option may be used to ask Exim which names it knows of. +Common values include &`throughput`&, &`mincost`&, and on newer systems +&`ef`&, &`af41`&, etc. Numeric values may be in the range 0 to 0x3F. + +The outbound packets from Exim will be marked with this value in the header +(for IPv4, the TOS field; for IPv6, the TCLASS field); there is no guarantee +that these packets will have any effect, not be stripped by networking +equipment, or do much of anything without cooperation with your Network +Engineer and those of all network operators between the source and destination. +.wen + .option fallback_hosts smtp "string list" unset .cindex "fallback" "hosts specified on transport"