X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/bd0fff00c496a0530f1320721816bbcd07d2c478..c8e2fc1e846d1c9bee207d162182fb770b9ae1bd:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 18cff9ed6..6b63062be 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -8791,12 +8791,12 @@ arguments are assigned to the variables &$acl_arg1$& to &$acl_arg9$& in order. Any unused are made empty. The variable &$acl_narg$& is set to the number of arguments. The named ACL (see chapter &<>&) is called and may use the variables; if another acl expansion is used the values -are overwritten. If the ACL sets +are restored after it returns. If the ACL sets a value using a "message =" modifier and returns accept or deny, the value becomes the result of the expansion. -If no message was set and the ACL returned accept or deny -the value is an empty string. -If the ACL returned defer the result is a forced-fail. Otherwise the expansion fails. +If no message is set and the ACL returns accept or deny +the expansion result is an empty string. +If the ACL returns defer the result is a forced-fail. Otherwise the expansion fails. .vitem "&*${dlfunc{*&<&'file'&>&*}{*&<&'function'&>&*}{*&<&'arg'&>&*}&&& @@ -9923,12 +9923,12 @@ dotted-nibble hexadecimal form. In both cases, this is the "natural" form for DNS. For example, .code ${reverse_ip:192.0.2.4} -${reverse_ip:2001:0db8:c42:9:1:abcd:192.0.2.3} +${reverse_ip:2001:0db8:c42:9:1:abcd:192.0.2.127} .endd returns .code 4.2.0.192 -3.0.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2 +f.7.2.0.0.0.0.c.d.c.b.a.1.0.0.0.9.0.0.0.2.4.c.0.8.b.d.0.1.0.0.2 .endd @@ -10107,7 +10107,7 @@ arguments are assigned to the variables &$acl_arg1$& to &$acl_arg9$& in order. Any unused are made empty. The variable &$acl_narg$& is set to the number of arguments. The named ACL (see chapter &<>&) is called and may use the variables; if another acl expansion is used the values -are overwritten. If the ACL sets +are restored after it returns. If the ACL sets a value using a "message =" modifier the variable $value becomes the result of the expansion, otherwise it is empty. If the ACL returns accept the condition is true; if deny, false. @@ -24072,6 +24072,12 @@ client_condition = ${if !eq{$tls_out_cipher}{}} .endd +.option client_set_id authenticators string&!! unset +When client authentication succeeds, this condition is expanded; the +result is used in the log lines for outbound messasges. +Typically it will be the user name used for authentication. + + .option driver authenticators string unset This option must always be set. It specifies which of the available authenticators is to be used. @@ -26143,6 +26149,9 @@ before or after the data) correctly &-- they keep the message on their queues and try again later, but that is their problem, though it does waste some of your resources. +The &%acl_smtp_data%& ACL is run after both the &%acl_smtp_dkim%& and +the &%acl_smtp_mime%& ACLs. + .section "The SMTP DKIM ACL" "SECTDKIMACL" The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support @@ -26152,13 +26161,17 @@ The ACL test specified by &%acl_smtp_dkim%& happens after a message has been received, and is executed for each DKIM signature found in a message. If not otherwise specified, the default action is to accept. -For details on the operation of DKIM, see chapter &<>&. +This ACL is evaluated before &%acl_smtp_mime%& and &%acl_smtp_data%&. + +For details on the operation of DKIM, see chapter &<>&. .section "The SMTP MIME ACL" "SECID194" The &%acl_smtp_mime%& option is available only when Exim is compiled with the content-scanning extension. For details, see chapter &<>&. +This ACL is evaluated after &%acl_smtp_dkim%& but before &%acl_smtp_data%&. + .section "The QUIT ACL" "SECTQUITACL" .cindex "QUIT, ACL for" @@ -27105,7 +27118,7 @@ contexts): .cindex "disable DKIM verify" .cindex "DKIM" "disable verify" This control turns off DKIM verification processing entirely. For details on -the operation and configuration of DKIM, see chapter &<>&. +the operation and configuration of DKIM, see chapter &<>&. .wen @@ -27518,8 +27531,10 @@ condition false. This means that further processing of the &%warn%& verb ceases, but processing of the ACL continues. If the argument is a named ACL, up to nine space-separated optional values -can be appended; they appear in $acl_arg1 to $acl_arg9, and $acl_narg is set -to the count of values. The name and values are expanded separately. +can be appended; they appear within the called ACL in $acl_arg1 to $acl_arg9, +and $acl_narg is set to the count of values. +Previous values of these variables are restored after the call returns. +The name and values are expanded separately. If the nested &%acl%& returns &"drop"& and the outer condition denies access, the connection is dropped. If it returns &"discard"&, the verb must be @@ -33634,6 +33649,11 @@ intermediate address(es) exist between the original and the final address, the last of these is given in parentheses after the final address. The R and T fields record the router and transport that were used to process the address. +If SMTP AUTH was used for the delivery there is an additional item A= +followed by the name of the authenticator that was used. +If an authenticated identification was set up by the authenticator's &%client_set_id%& +option, this is logged too, separated by a colon from the authenticator name. + If a shadow transport was run after a successful local delivery, the log line for the successful delivery has an item added on the end, of the form .display @@ -33747,7 +33767,7 @@ at the end of its processing. A summary of the field identifiers that are used in log lines is shown in the following table: .display -&`A `& authenticator name (and optional id) +&`A `& authenticator name (and optional id and sender) &`C `& SMTP confirmation on delivery &` `& command list for &"no mail in SMTP session"& &`CV `& certificate verification status @@ -33864,6 +33884,7 @@ selection marked by asterisks: &`*smtp_confirmation `& SMTP confirmation on => lines &` smtp_connection `& SMTP connections &` smtp_incomplete_transaction`& incomplete SMTP transactions +&` smtp_mailauth `& AUTH argument to MAIL commands &` smtp_no_mail `& session with no MAIL commands &` smtp_protocol_error `& SMTP protocol errors &` smtp_syntax_error `& SMTP syntax errors @@ -34132,6 +34153,11 @@ the last 20 are listed, preceded by &"..."&. However, with the default setting of 10 for &%smtp_accep_max_nonmail%&, the connection will in any case have been aborted before 20 non-mail commands are processed. .next +&%smtp_mailauth%&: A third subfield with the authenticated sender, +colon-separated, is appended to the A= item for a message arrival or delivery +log line, if an AUTH argument to the SMTP MAIL command (see &<>&) +was accepted or used. +.next .cindex "log" "SMTP protocol error" .cindex "SMTP" "logging protocol error" &%smtp_protocol_error%&: A log line is written for every SMTP protocol error @@ -35991,7 +36017,7 @@ unqualified domain &'foundation'&. . //////////////////////////////////////////////////////////////////////////// . //////////////////////////////////////////////////////////////////////////// -.chapter "Support for DKIM (DomainKeys Identified Mail)" "CHID12" &&& +.chapter "Support for DKIM (DomainKeys Identified Mail)" "CHAPdkim" &&& "DKIM Support" .cindex "DKIM"