directory of this file is writable by the user
exim runs as.
-dmarc_forensic_sender The email address to use when sending a
+dmarc_forensic_sender Alternate email address to use when sending a
forensic report detailing alignment failures
if a sender domain's dmarc record specifies it
and you have configured Exim to send them.
- Default: do-not-reply@$default_hostname
+
+ If set, this is expanded and used for the
+ From: header line; the address is extracted
+ from it and used for the envelope from.
+ If not set, the From: header is expanded from
+ the dsn_from option, and <> is used for the
+ envelope from.
+
+ Default: unset.
3. By default, the DMARC processing will run for any remote,
The spool files can then be processed by external processes and then
requeued into exim spool directories for final delivery.
+However, note carefully the warnings in the main documentation on
+qpool file formats.
The motivation/inspiration for the transport is to allow external
processes to access email queued by exim and have access to all the
Differences from spec:
- we support upgrading the requirement for REQUIRETLS, including adding
- it from cold, withing an MTA. The spec only define the sourcing MUA
+ it from cold, within an MTA. The spec only define the sourcing MUA
as being able to source the requirement, and makes no mention of upgrade.
- No support is coded for the RequireTLS header (which can be used
- to annul DANE and/or STS policiy). [can this be done in ACL?]
+ to annul DANE and/or STS policiy). [this can _almost_ be done in
+ transport option expansions, but not quite: it requires tha DANE-present
+ but STARTTLS-failing targets fallback to cleartext, which current DANE
+ coding specifically blocks]
-Note that REQUIRETLS is only advertised once a TLS connection is acheived
+Note that REQUIRETLS is only advertised once a TLS connection is achieved
(in contrast to STARTTLS). If you want to check the advertising, do something
like "swaks -s 127.0.0.1 -tls -q HELO".