LDAP: Check for errors of TLS initialisation
[users/jgh/exim.git] / doc / doc-txt / OptionLists.txt
index 9bb1173d1ff8b42d83a2050ab661e7ea53af1c09..5313fd17c53d06be70e69410d56191d948185254 100644 (file)
@@ -1,5 +1,3 @@
-$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.14 2005/12/12 15:58:53 ph10 Exp $
-
 LISTS OF EXIM OPTIONS
 ---------------------
 
@@ -11,7 +9,7 @@ This file contains complete lists of four kinds of Exim option:
   4. Those that can appear in the build time configuration for the Exim monitor
      (Local/eximon.conf).
 
-This file was last updated for Exim release 4.60.
+This file was last updated for Exim release 4.72.
 
 
 1. RUN TIME OPTIONS
@@ -68,6 +66,7 @@ acl_smtp_rcpt                        string*         unset         main
 acl_smtp_starttls                    string*         unset         main              4.11
 acl_smtp_vrfy                        string*         unset         main              4.00
 address_data                         string*         unset         routers           4.00
+address_retry_include_sender         boolean         true          smtp              4.64
 address_test                         boolean         true          routers           4.14
 admin_groups                         string list     unset         main              3.02
 allow_domain_literals                boolean         false         main              4.00 replacing forbid_domain_literals
@@ -83,6 +82,7 @@ allow_symlink                        boolean         false         appendfile
 allow_utf8_domains                   boolean         false         main              4.14
 auth_advertise_hosts                 host list       "*"           main              4.00
 authenticated_sender                 string*         unset         smtp              4.14
+authenticated_sender_force           boolean         false         smtp              4.61
 authenticate_hosts                   host list       unset         smtp              3.13
 auto_thaw                            time            0s            main
 av_scanner                           string*         +             main              4.50 with content scan
@@ -124,6 +124,8 @@ check_spool_space                    integer         0             main
 check_string                         string          "From "       appendfile        3.03
                                                      unset         pipe              3.03
 check_srv                            string*         unset         dnslookup         4.31
+client_condition                     string*         unset         authenticators    4.68
+client_ignore_invalid_base64         boolean         false         plaintext         4.61
 client_name                          string*         +             cram_md5          3.10
 client_secret                        string*         unset         cram_md5          3.10
 client_send                          string*         unset         plaintext         3.10
@@ -155,7 +157,15 @@ deliver_drop_privilege               boolean         false         main
 deliver_queue_load_max               fixed-point     unset         main              1.70
 delivery_date_add                    boolean         false         transports
 delivery_date_remove                 boolean         true          main
+dkim_canon                           string*         unset         smtp              4.70
+dkim_domain                          string list*    unset         smtp              4.72
+dkim_private_key                     string*         unset         smtp              4.70
+dkim_selector                        string*         unset         smtp              4.70
+dkim_sign_headers                    string*         (RFC4871)     smtp              4.70
+dkim_strict                          string*         unset         smtp              4.70
+dkim_verify_signers                  string*         $dkim_signers main              4.70
 directory                            string*         unset         appendfile
+directory_file                       string*         +             appendfile
 directory_mode                       octal-integer   0700          appendfile
 directory_transport                  string*         unset         redirect          4.00
 disable_ipv6                         boolean         false         main              4.61
@@ -170,11 +180,13 @@ dns_qualify_single                   boolean         true          smtp
 dns_retrans                          time            0s            main              1.60
 dns_retry                            integer         0             main              1.60
 dns_search_parents                   boolean         false         smtp
+dns_use_edns0                        integer         -1            main              4.76
 domains                              domain list     unset         routers           4.00
 driver                               string          unset         authenticators
                                                      unset         routers           4.00
                                                      unset         transports
 drop_cr                              boolean         false         main              4.00 became a no-op in 4.21
+dsn_from                             string*         +             main              4.67
 envelope_to_add                      boolean         false         transports
 envelope_to_remove                   boolean         true          main
 environment                          string*         unset         pipe              2.95
@@ -202,6 +214,7 @@ file_format                          string          unset         appendfile
 file_must_exist                      boolean         false         appendfile
 file_optional                        boolean         false         autoreply
 file_transport                       string*         unset         redirect          4.00
+filter_prepend_home                  boolean         true          redirect          4.63
 final_timeout                        time            10m           smtp
 finduser_retries                     integer         0             main
 forbid_blackhole                     boolean         false         redirect          4.00
@@ -219,12 +232,21 @@ forbid_filter_run                    boolean         false         redirect
 forbid_include                       boolean         false         redirect          4.00
 forbid_pipe                          boolean         false         redirect          4.00
 forbid_sieve_filter                  boolean         false         redirect          4.44
+forbid_smtp_code                     boolean         false         redirect          4.63
 freeze_exec_fail                     boolean         false         pipe              1.89
+freeze_signal                        boolean         false         pipe              4.75
 freeze_tell                          boolean         false         main              4.00 replaces freeze_tell_mailmaster
 from                                 string*         unset         autoreply
 gecos_name                           string*         unset         main
 gecos_pattern                        string          unset         main
 gethostbyname                        boolean         false         smtp
+gnutls_compat_mode                   boolean         unset         main              4.70
+gnutls_require_kx                    string*         unset         main              4.67
+                                     string*         unset         smtp              4.67
+gnutls_require_mac                   string*         unset         main              4.67
+                                     string*         unset         smtp              4.67
+gnutls_require_protocols             string*         unset         main              4.67
+                                     string*         unset         smtp              4.67
 group                                string          +             routers           4.00
                                                      unset         transports        4.00 replaces local option in some transports
 header_line_maxsize                  integer         0 (unset)     main              4.14
@@ -246,6 +268,7 @@ helo_verify_hosts                    host list       unset         main
 hide_child_in_errmsg                                 false         redirect          4.00
 hold_domains                         domain list     unset         main              1.70
 home_directory                       string*         unset         transports        4.00 replaces individual options
+host_all_ignored                     string          "defer"       manualroute       4.67
 host_find_failed                     string          "freeze"      manualroute       4.00
 host_lookup                          host list       unset         main              3.00
 host_lookup_order                    string list  "bydns:byaddr"   main              4.30
@@ -253,6 +276,7 @@ host_reject_connection               host list       unset         main
 hosts                                string          unset         iplookup          4.00
                                      string list*    unset         smtp
 hosts_avoid_esmtp                    host list       unset         smtp              4.21
+hosts_avoid_pipelining               host list       unset         smtp              4.67
 hosts_avoid_tls                      host list       unset         smtp              3.20
 hosts_connection_nolog               host list       unset         main              4.43
 hosts_max_try                        integer         5             smtp              3.20
@@ -265,6 +289,7 @@ hosts_require_auth                   host list       unset         smtp
 hosts_require_tls                    host list       unset         smtp              3.20
 hosts_treat_as_local                 domain list     unset         main              1.95
 hosts_try_auth                       host list       unset         smtp              4.00
+ibase_servers                        string          unset         main              4.23
 ignore_bounce_errors_after           time            0s            main              4.00
 ignore_eacces                        boolean         false         redirect          4.00
 ignore_enotdir                       boolean         false         redirect          4.00
@@ -311,7 +336,8 @@ mailbox_size                         string*         unset         appendfile
 maildir_format                       boolean         false         appendfile        1.70
 maildir_retries                      integer         10            appendfile        1.70
 maildir_tag                          string*         unset         appendfile        1.92
-maildir_use_size_file                boolean         false         appendfile        4.30
+maildir_use_size_file                boolean*        false         appendfile        4.30 expanded in 4.77
+maildirfolder_create_regex           string          unset         appendfile        4.62
 mailstore_format                     boolean         false         appendfile        2.00
 mailstore_prefix                     string*         unset         appendfile        2.00
 mailstore_suffix                     string*         unset         appendfile        2.00
@@ -320,13 +346,14 @@ max_output                           integer         20K           pipe
 max_rcpt                             integer         100           smtp              1.60
 max_user_name_length                 integer         0             main
 mbx_format                           boolean         false         appendfile        2.10
+message_body_newlines                boolean         false         main              4.68
 message_body_visible                 integer         500           main
 message_id_header_domain             string*         unset         main              4.11
 message_id_header_text               string*         unset         main
 message_logs                         boolean         true          main              4.10
 message_prefix                       string*         +             appendfile        4.00 replaces prefix
                                      string*         unset         pipe              4.00 replaces prefix
-message_size_limit                   integer         0             main
+message_size_limit                   integer         50M           main
                                                      0             transports        2.05
 message_suffix                       string*         +             appendfile        4.00 replaces suffix
                                      string*         unset         pipe              4.00 replaces suffix
@@ -346,6 +373,7 @@ once                                 string*         unset         autoreply
 once_file_size                       integer         0             autoreply         3.20
 once_repeat                          time            0s            autoreply         2.95
 one_time                             boolean         false         redirect          4.00
+openssl_options                      string "+dont_insert_empty_fragments" main      4.73
 optional                             boolean         false         iplookup          4.00
 oracle_servers                       string          unset         main              4.00
 owners                               string list     unset         redirect          4.00
@@ -356,6 +384,7 @@ path                                 string          "/usr/bin"    pipe
 percent_hack_domains                 domain list     unset         main
 perl_at_start                        boolean         false         main              2.10
 perl_startup                         string          unset         main              2.10
+permit_coredump                      boolean         false         pipe              4.73
 pgsql_servers                        string list     unset         main              3.14
 pid_file_path                        string          ++            main
 pipe_as_creator                      boolean         false         pipe
@@ -382,6 +411,7 @@ queue_list_requires_admin            boolean         true          main
 queue_only                           boolean         false         main
 queue_only_file                      string          unset         main              2.05
 queue_only_load                      fixed-point     unset         main
+queue_only_load_latch                boolean         true          main              4.68
 queue_only_override                  boolean         true          main              4.21
 queue_run_in_order                   boolean         false         main              1.70
 queue_run_max                        integer         5             main
@@ -425,7 +455,7 @@ return_size_limit                    integer         100K          main
 rewrite                              boolean         true          redirect          4.00
 rewrite_headers                      boolean         true          dnslookup         4.00
 rfc1413_hosts                        host list       *             main
-rfc1413_query_timeout                time            30s           main
+rfc1413_query_timeout                time            5s            main
 router_home_directory                string*         unset         routers           4.11
 route_data                           string*         unset         manualroute       4.00
 route_list                           string list     unset         manualroute       4.00
@@ -436,14 +466,19 @@ sender_unqualified_hosts             host list       unset         main
 senders                              address list    unset         routers           4.00
 serialize_hosts                      host list       unset         smtp              1.60
 server_advertise_condition           string*         unset         authenticators    4.14
-server_condition                     string*         unset         plaintext         3.10
-server_hostname                      string*   "$primary_hostname" cyrus_sasl        4.43
+server_channelbinding                bool            false         gsasl             4.78
+server_condition                     string*         unset         authenticators    3.10 (plaintext) 4.64 (others)
+server_hostname                      string*   "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.78 (others)
+server_keytab                        string*         unset         heimdal_gssapi    4.78
 server_mail_auth_condition           string*         unset         authenticators    3.22
-server_mech                          string          public_name   cyrus_sasl        4.43
+server_mech                          string          public_name   cyrus_sasl,gsasl  4.43 (cyrus-only) 4.78 (others)
+server_password                      string          unset         gsasl             4.78
 server_prompts                       string*         unset         plaintext         3.10
-server_realm                         string          unset         cyrus_sasl        4.43
+server_realm                         string          unset         cyrus_sasl,gsasl  4.43 (cyrus-only) 4.78 (others)
+server_scram_iter                    string*         unset         gsasl             4.78
+server_scram_salt                    string*         unset         gsasl             4.78
 server_secret                        string*         unset         cram_md5          3.10
-server_service                       string          "smtp"        cyrus_sasl        4.43
+server_service                       string          "smtp"  cyrus_sasl,gsasl,heimdal_gssapi  (cyrus-only) 4.78 (others)
 server_set_id                        string*         unset         authenticators    3.10
 shadow_condition                     string*         unset         transports
 shadow_transport                     string          unset         transports
@@ -475,10 +510,11 @@ smtp_receive_timeout                 time            5m            main
 smtp_reserve_hosts                   host list       unset         main
 smtp_return_error_details            boolean         false         main              4.11
 socket                               string*         unset         lmtp              4.11
-spamd_address                        string          +             main              4.50 with content scan
+spamd_address                        string*         +             main              4.50 with content scan
 split_spool_directory                boolean         false         main              1.70
 spool_directory                      string          ++            main
 sqlite_lock_timeout                  time            5s            main              4.53
+strict_acl_vars                      boolean         false         main              4.64
 srv_fail_domains                     domain list     unset         dnslookup         4.43
 strip_excess_angle_brackets          boolean         false         main
 strip_trailing_dot                   boolean         false         main
@@ -498,6 +534,7 @@ system_filter_reply_transport        string          unset         main
 system_filter_user                   string          unset         main              4.00 replacing message_filter
 tcp_nodelay                          boolean         true          main              4.23
                                                      true          smtp              4.23
+tcp_wrappers_daemon_name             string*         ++            main              4.73
 temp_errors                          string list     +             pipe              1.95
 text                                 string*         unset         autoreply
 timeout                              time            5m            lmtp              3.20
@@ -569,10 +606,12 @@ provide compatibility with Sendmail.
 
 --               Terminate options
 --help           Give a little help (not a lot)
+--version        Give version information (alias for -bV)
 -B             * Ignored
 -bd            + Start daemon
 -bdf           + Start daemon and run it in the foreground
 -be              Test string expansion
+-bem             Test string expansion, read test message first
 -bF              Test system filter file
 -bf              Test user filter file
 -bfd             Set domain for filter testing
@@ -583,6 +622,7 @@ provide compatibility with Sendmail.
 -bhc             Test incoming SMTP call, with callouts
 -bi            * Run <command>bi_command</command>
 -bm              Accept message on standard input
+-bmalware      + Invoke configured malware scanning against supplied filename
 -bnq             Don't qualify addresses in locally submitted messages
 -bP              Show configuration option settings
 -bp            + List the queue
@@ -627,8 +667,10 @@ provide compatibility with Sendmail.
 -Mmad          + Mark all recipients delivered
 -Mmd           + Mark one recipient delivered
 -Mrm           + Remove message(s) (no bounce)
+-Mset          + Load message's variables when testing with -be
 -Mt            + Thaw message(s)
 -Mvb           + View message body
+-Mvc           + View entire message in RFC 2822 format
 -Mvh           + View message header
 -Mvl           + View message log
 -m             * Ignored
@@ -700,9 +742,12 @@ provide compatibility with Sendmail.
 3. BUILD TIME OPTIONS FOR EXIM
 ------------------------------
 
-The table below contains a complete list of options that can be set in
-Local/Makefile when building Exim. More information about individual options
-can be found in src/EDITME and OS/Makefile-Default.
+The table below contains a "mostly" complete list of options that can be
+set in Local/Makefile when building Exim.  The only items not included are
+those whose names can be trivially derived from rules stated below.
+
+More information about individual options can be found in src/EDITME and
+OS/Makefile-Default.
 
 The second column below gives the type of option:
 
@@ -732,26 +777,45 @@ empty by default, and is provided for just this reason. Of course, if you do
 actually want to modify a setting from the OS-specific file, there is nothing
 to stop you overriding it in your Local/Makefile.
 
+When building Exim with dynamically loaded lookup support, for "LOOKUP_FOO",
+you can define "LOOKUP_FOO_INCLUDE" and "LOOKUP_FOO_LIBS", for includes and
+libraries specific only to that module.  These rules are only used where the
+relevant lookup is a module.  These options are not explicitly listed below.
+
+Variables with names endined `_PC' are used for pkg-config integration; setting
+the value to the name of a pkg-config package will cause Exim's build system to
+query the --cflags and --libs for the given name, when building anything
+dependent upon the component associated with the `_PC' variable.  For lookups,
+if the lookup is dynamically loaded, then this *replaces* the use of the
+corresponding _INCLUDE and _LIBS options, which will be ignored.  If the lookup
+is statically loaded into Exim, the results will be inserted into the
+"LOOKUP_INCLUDE" and "LOOKUP_LIBS" options.  For authenticator, the results
+will be inserted into the "CFLAGS" and "AUTH_LIBS" options.  These options are
+only listed below for the TLS implementation cases.
+
+
 Option                       Type         Description
 ------------------------------------------------------------------------------
 
-ACL_CVARS=20                 optional*    number of acl_c variables
-ACL_MVARS=20                 optional*    number of acl_m variables
 ALT_CONFIG_PREFIX            optional     restricts location of -C files
-ALT_CONFIG_ROOT_ONLY         optional*    privileged -C needs root (not exim)
 APPENDFILE_MODE              optional*
 APPENDFILE_DIRECTORY_MODE    optional*
 APPENDFILE_LOCKFILE_MODE     optional*
 AR                           system       command to build a library
 AUTH_CRAM_MD5                driver       include cram_md5 authenticator
 AUTH_CYRUS_SASL              driver       include Cyrus SASL authenticator
+AUTH_GSASL                   driver       include GNU SASL authenticator
+AUTH_HEIMDAL_GSSAPI          driver       include Heimdal GSSAPI authenticator
+AUTH_LIBS                    system       library linkage for authenticators
 AUTH_PLAINTEXT               driver       include plaintext authenticator
 AUTH_SPA                     driver       include SPA (NTLM) authenticator
+AUTH_VARS=3                  optional*    number of $auth variables
 BASENAME_COMMAND             system**     path to basename
 BASE_62=62                   optional*    not normally changed for Unix
 BIN_DIRECTORY                mandatory    Exim binary directory
 CC                           system**     C compiler
 CFLAGS                       system**     flags for C compiler
+CFLAGS_DYNAMIC               system**     extra flags needed for .so modules
 CHGRP_COMMAND                system**     path to chgrp
 CHOWN_COMMAND                system**     path to chown
 COMPRESS_COMMAND             system       path to a compress command
@@ -767,9 +831,10 @@ DB_DIRECTORY_MODE            optional*    mode for hints directory
 DB_LOCKFILE_MODE             optional*    mode for hints lock files
 DB_LOCK_TIMEOUT              optional*    timeout for hints lock files
 DB_MODE                      optional*    mode for hints files
-DEFAULT_CRYPT                optional     use crypt16() as default
+DEFAULT_CRYPT                optional     default crypt() function
 DELIVER_IN_BUFFER_SIZE       optional*
 DELIVER_OUT_BUFFER_SIZE      optional*
+DISABLE_DKIM                 optional     disables DKIM support
 DISABLE_D_OPTION             optional     disables -D option
 ERRNO_QUOTA                  optional*    error code for system quota failures
 EXICYCLOG_MAX                optional     number of old log files to keep
@@ -788,6 +853,7 @@ EXIWHAT_MULTIKILL_CMD        system**
 EXIWHAT_MULTIKILL_ARG        system**
 EXIWHAT_PS_ARG               system**     to list all processes
 EXIWHAT_PS_CMD               system**     path to ps command
+EXPAND_LISTMATCH_RHS         optional*    restore pre-4.77 match_*{}{} behaviour
 EXTRALIBS                    system       additional libraries
 EXTRALIBS_EXIM               system       additional libraries for Exim only
 EXTRALIBS_EXIMON             system       additional libraries for the monitor
@@ -823,6 +889,7 @@ LOOKUP_INCLUDE               lookup       include files for lookups
 LOOKUP_LDAP                  lookup       include ldap lookup
 LOOKUP_LIBS                  lookup       include libraries for lookups
 LOOKUP_LSEARCH               lookup       include all lsearch lookups
+LOOKUP_MODULE_DIR            optional*    where dynamic lookup modules live
 LOOKUP_MYSQL                 lookup       include mysql lookup
 LOOKUP_NIS                   lookup       include nis lookup
 LOOKUP_NISPLUS               lookup       include nisplus lookup
@@ -830,6 +897,8 @@ LOOKUP_ORACLE                lookup       include oracle lookup
 LOOKUP_PGSQL                 lookup       include pgsql lookup
 LOOKUP_TESTDB                lookup*
 LOOKUP_WHOSON                lookup       include whoson lookup
+LOOKUP_*_INCLUDE             optional*    include files for dynamic module
+LOOKUP_*_LIBS                optional*    libraries for dynamic module
 MAKE_SHELL                   optional*    shell to use for make
 MAX_FILTER_SIZE              optional*    max file size for filter files
 MAX_INCLUDE_SIZE             optional*    max file size for :include: files
@@ -873,6 +942,7 @@ SUPPORT_TRANSLATE_IP_ADDRESS optional*    support for address translation
 SYSLOG_LOG_PID               optional     add pid to syslog lines
 SYSLOG_LONG_LINES            optional     do not split long syslog lines
 SYSTEM_ALIASES_FILE          optional     defaults to /etc/aliases
+TCP_WRAPPERS_DAEMON_NAME     system*      daemon name used by tcpwrappers library
 TIMEZONE_DEFAULT             optional     default for timezone option
 TLS_INCLUDE                  optional     path to include files for TLS
 TLS_LIBS                     optional     additional libraries for TLS
@@ -882,11 +952,16 @@ TRANSPORT_AUTOREPLY          driver       include autoreply transport
 TRANSPORT_LMTP               driver       include lmtp transport
 TRANSPORT_PIPE               driver       include pipe transport
 TRANSPORT_SMTP               driver       include smtp transport
+TRUSTED_CONFIG_LIST          optional     config files safe to retain privileges
 USE_DB                       system**     use native DB interface
 USE_GNUTLS                   optional     use GnuTLS instead of OpenSSL
+USE_GNUTLS_PC                optional     probably "gnutls"
+USE_OPENSSL_PC               optional     probably "openssl"
 USE_READLINE                 optional     try to load libreadline for -be
 USE_TCP_WRAPPERS             system       link with tcpwrappers
 USE_TDB                      optional     use the tdb DB interface
+WHITELIST_D_MACROS           optional     -Dmacros safe to retain privileges with
+WITH_OLD_CLAMAV_STREAM       optional*    use ClamAV API from before ClamAV 0.95
 X11                          system**     X11 base directory
 X11_LD_LIB                   system**     X11 link library
 XINCLUDE                     system**     X11 include directory