in fact some of them were inherited from earlier versions.
-----------------------------------------------------------------------------------------
-accept_8bitmime boolean false main 1.60
+accept_8bitmime boolean true main 1.60 changed to true in 4.80
acl_not_smtp string* unset main 4.11
acl_not_smtp_mime string* unset main 4.51 with content scan
acl_smtp_auth string* unset main 4.00
dns_retrans time 0s main 1.60
dns_retry integer 0 main 1.60
dns_search_parents boolean false smtp
+dns_use_dnssec integer -1 main 4.81
dns_use_edns0 integer -1 main 4.76
domains domain list unset routers 4.00
driver string unset authenticators
unset routers 4.00
unset transports
drop_cr boolean false main 4.00 became a no-op in 4.21
+dscp string unset smtp 4.81
dsn_from string* + main 4.67
envelope_to_add boolean false transports
envelope_to_remove boolean true main
gecos_pattern string unset main
gethostbyname boolean false smtp
gnutls_compat_mode boolean unset main 4.70
-gnutls_require_kx string* unset main 4.67
- string* unset smtp 4.67
-gnutls_require_mac string* unset main 4.67
- string* unset smtp 4.67
-gnutls_require_protocols string* unset main 4.67
- string* unset smtp 4.67
+gnutls_enable_pkcs11 boolean false main 4.81
+gnutls_require_kx string* unset main 4.67 deprecated, warns
+ string* unset smtp 4.67 deprecated, warns
+gnutls_require_mac string* unset main 4.67 deprecated, warns
+ string* unset smtp 4.67 deprecated, warns
+gnutls_require_protocols string* unset main 4.67 deprecated, warns
+ string* unset smtp 4.67 deprecated, warns
group string + routers 4.00
unset transports 4.00 replaces local option in some transports
header_line_maxsize integer 0 (unset) main 4.14
maildir_format boolean false appendfile 1.70
maildir_retries integer 10 appendfile 1.70
maildir_tag string* unset appendfile 1.92
-maildir_use_size_file boolean false appendfile 4.30
+maildir_use_size_file boolean* false appendfile 4.30 expanded in 4.77
maildirfolder_create_regex string unset appendfile 4.62
mailstore_format boolean false appendfile 2.00
mailstore_prefix string* unset appendfile 2.00
once_file_size integer 0 autoreply 3.20
once_repeat time 0s autoreply 2.95
one_time boolean false redirect 4.00
-openssl_options string "+dont_insert_empty_fragments" main 4.73
+openssl_options string +no_sslv2 main 4.73 default changed in 4.80
optional boolean false iplookup 4.00
oracle_servers string unset main 4.00
owners string list unset redirect 4.00
senders address list unset routers 4.00
serialize_hosts host list unset smtp 1.60
server_advertise_condition string* unset authenticators 4.14
+server_channelbinding bool false gsasl 4.80
server_condition string* unset authenticators 3.10 (plaintext) 4.64 (others)
-server_hostname string* "$primary_hostname" cyrus_sasl 4.43
+server_hostname string* "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.80 (others)
+server_keytab string* unset heimdal_gssapi 4.80
server_mail_auth_condition string* unset authenticators 3.22
-server_mech string public_name cyrus_sasl 4.43
+server_mech string public_name cyrus_sasl,gsasl 4.43 (cyrus-only) 4.80 (others)
+server_password string unset gsasl 4.80
server_prompts string* unset plaintext 3.10
-server_realm string unset cyrus_sasl 4.43
+server_realm string unset cyrus_sasl,gsasl 4.43 (cyrus-only) 4.80 (others)
+server_scram_iter string* unset gsasl 4.80
+server_scram_salt string* unset gsasl 4.80
server_secret string* unset cram_md5 3.10
-server_service string "smtp" cyrus_sasl 4.43
+server_service string "smtp" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.80 (others)
server_set_id string* unset authenticators 3.10
shadow_condition string* unset transports
shadow_transport string unset transports
tls_advertise_hosts host list * main 3.20
tls_certificate string* unset main 3.20
unset smtp 3.20
+tls_dh_max_bits integer 2236 main 4.80
+tls_dh_min_bits integer 1024 smtp 4.81
tls_dhparam string* unset main 3.20
tls_on_connect_ports string unset main 4.43
tls_privatekey string* unset main 3.20
tls_remember_emstp boolean false main 4.21
tls_require_ciphers string* unset smtp 4.00 replaces tls_verify_ciphers
string* unset main 4.33
+tls_sni string* unset main 4.80
tls_tempfail_tryclear boolean true smtp 4.05
tls_try_verify_hosts host list unset main 4.00
tls_verify_certificates string* unset main 3.20
-bh Test incoming SMTP call, omitting callouts
-bhc Test incoming SMTP call, with callouts
-bi * Run <command>bi_command</command>
+-bI:help Show list of accepted -bI:<tag> options
-bm Accept message on standard input
-bmalware + Invoke configured malware scanning against supplied filename
-bnq Don't qualify addresses in locally submitted messages
-bV Verify version number
-bv Test recipient address verification
-bvs Test sender address verification
+-bw + Inetd wait mode
-C + Use alternate configuration file
-D + Define macro for configuration file
-d + Turn on debugging output
3. BUILD TIME OPTIONS FOR EXIM
------------------------------
-The table below contains a complete list of options that can be set in
-Local/Makefile when building Exim. More information about individual options
-can be found in src/EDITME and OS/Makefile-Default.
+The table below contains a "mostly" complete list of options that can be
+set in Local/Makefile when building Exim. The only items not included are
+those whose names can be trivially derived from rules stated below.
+
+More information about individual options can be found in src/EDITME and
+OS/Makefile-Default.
The second column below gives the type of option:
actually want to modify a setting from the OS-specific file, there is nothing
to stop you overriding it in your Local/Makefile.
+When building Exim with dynamically loaded lookup support, for "LOOKUP_FOO",
+you can define "LOOKUP_FOO_INCLUDE" and "LOOKUP_FOO_LIBS", for includes and
+libraries specific only to that module. These rules are only used where the
+relevant lookup is a module. These options are not explicitly listed below.
+
+Variables with names endined `_PC' are used for pkg-config integration; setting
+the value to the name of a pkg-config package will cause Exim's build system to
+query the --cflags and --libs for the given name, when building anything
+dependent upon the component associated with the `_PC' variable. For lookups,
+if the lookup is dynamically loaded, then this *replaces* the use of the
+corresponding _INCLUDE and _LIBS options, which will be ignored. If the lookup
+is statically loaded into Exim, the results will be inserted into the
+"LOOKUP_INCLUDE" and "LOOKUP_LIBS" options. For authenticator, the results
+will be inserted into the "CFLAGS" and "AUTH_LIBS" options. These options are
+only listed below for the TLS implementation cases.
+
+
Option Type Description
------------------------------------------------------------------------------
AR system command to build a library
AUTH_CRAM_MD5 driver include cram_md5 authenticator
AUTH_CYRUS_SASL driver include Cyrus SASL authenticator
+AUTH_GSASL driver include GNU SASL authenticator
+AUTH_HEIMDAL_GSSAPI driver include Heimdal GSSAPI authenticator
+AUTH_LIBS system library linkage for authenticators
AUTH_PLAINTEXT driver include plaintext authenticator
AUTH_SPA driver include SPA (NTLM) authenticator
AUTH_VARS=3 optional* number of $auth variables
DELIVER_IN_BUFFER_SIZE optional*
DELIVER_OUT_BUFFER_SIZE optional*
DISABLE_DKIM optional disables DKIM support
+DISABLE_DNSSEC optional disables attempts to use DNSSEC
DISABLE_D_OPTION optional disables -D option
ERRNO_QUOTA optional* error code for system quota failures
EXICYCLOG_MAX optional number of old log files to keep
MSGLOG_DIRECTORY_MODE optional* mode for message log directory
MV_COMMAND system path to mv command
NO_SYMLINK optional install doesn't make 'exim" symlink
-PCRE_CFLAGS system compile flags for PCRE library
+PCRE_CONFIG system* use pcre-config for PCRE support
+PCRE_LIBS system* library for using PCRE
PERL_CC system* compiler for Perl interface code
PERL_CCOPTS system* flags for same
PERL_COMMAND system path to Perl
TRUSTED_CONFIG_LIST optional config files safe to retain privileges
USE_DB system** use native DB interface
USE_GNUTLS optional use GnuTLS instead of OpenSSL
+USE_GNUTLS_PC optional probably "gnutls"
+USE_OPENSSL_PC optional probably "openssl"
USE_READLINE optional try to load libreadline for -be
USE_TCP_WRAPPERS system link with tcpwrappers
USE_TDB optional use the tdb DB interface