X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/068dd2dd54300807b28149c15fad7598ea054ec0..14ca5d2ac6c3536fe189435269a302ef14e972cf:/doc/doc-docbook/spec.xfpt?ds=inline diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index d2a5499e8..32d57d027 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -2528,6 +2528,8 @@ use of Exim's filtering capabilities, you should make the document entitled If you are already running Exim on your host, building and installing a new version automatically makes it available to MUAs, or any other programs that call the MTA directly. However, if you are running an Exim daemon, you do need +.cindex restart "on HUP signal" +.cindex signal "HUP, to restart" to send it a HUP signal, to make it re-execute itself, and thereby pick up the new binary. You do not need to stop processing mail in order to install a new version of Exim. The install script does not modify an existing runtime @@ -2626,6 +2628,7 @@ supplementary group is one of those listed in the &%trusted_groups%& configuration option. Note that the Exim group is not automatically trusted. .cindex '&"From"& line' +.cindex "envelope from" .cindex "envelope sender" Trusted users are always permitted to use the &%-f%& option or a leading &"From&~"& line to specify the envelope sender of a message that is passed to @@ -2765,9 +2768,12 @@ used to specify a path on the command line if a pid file is required. The SIGHUP signal .cindex "SIGHUP" +.cindex restart "on HUP signal" +.cindex signal "HUP, to restart" .cindex "daemon" "restarting" .cindex signal "to reload configuration" .cindex daemon "reload configuration" +.cindex reload configuration can be used to cause the daemon to re-execute itself. This should be done whenever Exim's configuration file, or any file that is incorporated into it by means of the &%.include%& facility, is changed, and also whenever a new version @@ -2877,6 +2883,7 @@ separate document entitled &'Exim's interfaces to mail filtering'&. When testing a filter file, .cindex "&""From""& line" +.cindex "envelope from" .cindex "envelope sender" .oindex "&%-f%&" "for filter testing" the envelope sender can be set by the &%-f%& option, @@ -3717,6 +3724,7 @@ between &%-F%& and the <&'string'&> is optional. .cindex "sender" "address" .cindex "address" "sender" .cindex "trusted users" +.cindex "envelope from" .cindex "envelope sender" .cindex "user" "trusted" This option sets the address of the envelope sender of a locally-generated @@ -9211,7 +9219,13 @@ dependent upon the option for which a value is sought; in this documentation, options for which string expansion is performed are marked with † after the data type. ACL rules always expand strings. A couple of expansion conditions do not expand some of the brace-delimited branches, for security -reasons. +reasons, +.new +.cindex "tainted data" expansion +.cindex expansion "tainted data" +and expansion of data deriving from the sender (&"tainted data"&) +is not permitted. +.wen @@ -12756,6 +12770,16 @@ or if not set, the value of &$qualify_domain$&. .cindex queues named The name of the spool queue in use; empty for the default queue. +.new +.vitem &$r_...$& +.vindex &$r_...$& +.cindex router variables +Values can be placed in these variables by the &%set%& option of a router. +They can be given any name that starts with &$r_$&. +The values persist for the address being handled through subsequent routers +and the eventual transport. +.wen + .vitem &$rcpt_count$& .vindex "&$rcpt_count$&" When a message is being received by SMTP, this variable contains the number of @@ -15893,6 +15917,7 @@ and no &'Sender:'& header is ever added. If, in addition, you want to retain &'Sender:'& header lines supplied by untrusted users, you must also set &%local_sender_retain%& to be true. +.cindex "envelope from" .cindex "envelope sender" These options affect only the header lines in the message. The envelope sender is still forced to be the login id at the qualify domain unless @@ -17923,6 +17948,7 @@ See &%unknown_login%&. .cindex "sender" "setting by untrusted user" .cindex "untrusted user setting sender" .cindex "user" "untrusted setting sender" +.cindex "envelope from" .cindex "envelope sender" When an untrusted user submits a message to Exim using the standard input, Exim normally creates an envelope sender address from the user's login and the @@ -18073,6 +18099,10 @@ file = ${extract{mailbox}{$address_data}} This makes the configuration file less messy, and also reduces the number of lookups (though Exim does cache lookups). +.new +See also the &%set%& option below. +.wen + .vindex "&$sender_address_data$&" .vindex "&$address_data$&" The &%address_data%& facility is also useful as a means of passing information @@ -18325,6 +18355,7 @@ Not effective on redirect routers. .option errors_to routers string&!! unset +.cindex "envelope from" .cindex "envelope sender" .cindex "router" "changing address for errors" If a router successfully handles an address, it may assign the address to a @@ -18986,6 +19017,32 @@ SMTP VRFY command is enabled, it must be used after MAIL if the sender address matters. +.new +.option set routers "string list" unset +.cindex router variables +This option may be used multiple times on a router; +because of this the list aspect is mostly irrelevant. +The list separator is a semicolon but can be changed in the +usual way. + +Each list-element given must be of the form $"name = value"$ +and the names used must start with the string &"r_"&. +Values containing a list-separator should have them doubled. +When a router runs, the strings are evaluated in order, +to create variables which are added to the set associated with +the address. +The variable is set with the expansion of the value. +The variables can be used by the router options +(not including any preconditions) +and by the transport. +Later definitions of a given named variable will override former ones. +Varible use is via the usual &$r_...$& syntax. + +This is similar to the &%address_data%& option, except that +many independent variables can be used, with choice of naming. +.wen + + .option translate_ip_address routers string&!! unset .cindex "IP address" "translating" .cindex "packet radio" @@ -21771,6 +21828,7 @@ on a remote transport in the current implementation. .option return_path transports string&!! unset .cindex "envelope sender" +.cindex "envelope from" .cindex "transport" "return path; changing" .cindex "return path" "changing in transport" If this option is set, the string is expanded at transport time and replaces @@ -22817,6 +22875,7 @@ percentage. .option use_bsmtp appendfile boolean false +.cindex "envelope from" .cindex "envelope sender" If this option is set true, &(appendfile)& writes messages in &"batch SMTP"& format, with the envelope sender and recipient(s) included as SMTP commands. If @@ -25312,6 +25371,7 @@ When an address is being routed, either for delivery or for verification, rewriting is applied immediately to child addresses that are generated by redirection, unless &%no_rewrite%& is set on the router. +.cindex "envelope from" .cindex "envelope sender" "rewriting at transport time" .cindex "rewriting" "at transport time" .cindex "header lines" "rewriting at transport time" @@ -28428,6 +28488,13 @@ transport provide the client with a certificate, which is passed to the server if it requests it. If the server is Exim, it will request a certificate only if &%tls_verify_hosts%& or &%tls_try_verify_hosts%& matches the client. +.new +Do not use a certificate which has the OCSP-must-staple extension, +for client use (they are usable for server use). +As TLS has no means for the client to staple before TLS 1.3 it will result +in failed connections. +.wen + If the &%tls_verify_certificates%& option is set on the &(smtp)& transport, it specifies a collection of expected server certificates. These may be @@ -34415,6 +34482,7 @@ headers remove "Old-Subject" .section "Setting an errors address in a system filter" "SECID217" +.cindex "envelope from" .cindex "envelope sender" In a system filter, if a &%deliver%& command is followed by .code @@ -34648,6 +34716,7 @@ other words, such qualification is also controlled by .cindex "sender" "address" .oindex "&%uucp_from_pattern%&" .oindex "&%uucp_from_sender%&" +.cindex "envelope from" .cindex "envelope sender" .cindex "Sendmail compatibility" "&""From""& line" Messages that have come from UUCP (and some other applications) often begin @@ -36096,6 +36165,7 @@ the address, giving a suitable error message. .section "Variable Envelope Return Paths (VERP)" "SECTverp" .cindex "VERP" .cindex "Variable Envelope Return Paths" +.cindex "envelope from" .cindex "envelope sender" Variable Envelope Return Paths &-- see &url(https://cr.yp.to/proto/verp.txt) &-- are a way of helping mailing list administrators discover which subscription @@ -39479,6 +39549,11 @@ was received from the client, this records the Distinguished Name from that certificate. .endlist +.new +Any of the above may have an extra hyphen prepended, to indicate the the +corresponding data is untrusted. +.wen + Following the options there is a list of those addresses to which the message is not to be delivered. This set of addresses is initialized from the command line when the &%-t%& option is used and &%extract_addresses_remove_arguments%&