OpenSSL: fix build on earlier library versions
[exim.git] / doc / doc-docbook / spec.xfpt
CommitLineData
9b371988
PH
1. /////////////////////////////////////////////////////////////////////////////
2. This is the primary source of the Exim Manual. It is an xfpt document that is
20f0f788 3. converted into DocBook XML for subsequent conversion into printable and online
9b371988
PH
4. formats. The markup used herein is "standard" xfpt markup, with some extras.
5. The markup is summarized in a file called Markup.txt.
595028e4
PH
6.
7. WARNING: When you use the .new macro, make sure it appears *before* any
8. adjacent index items; otherwise you get an empty "paragraph" which causes
9. unwanted vertical space.
9b371988
PH
10. /////////////////////////////////////////////////////////////////////////////
11
12.include stdflags
13.include stdmacs
9b371988
PH
14
15. /////////////////////////////////////////////////////////////////////////////
33393583 16. This outputs the standard DocBook boilerplate.
9b371988
PH
17. /////////////////////////////////////////////////////////////////////////////
18
33393583 19.docbook
3cb1b51e
PH
20
21. /////////////////////////////////////////////////////////////////////////////
22. These lines are processing instructions for the Simple DocBook Processor that
f89d2485
PH
23. Philip Hazel has developed as a less cumbersome way of making PostScript and
24. PDFs than using xmlto and fop. They will be ignored by all other XML
25. processors.
3cb1b51e
PH
26. /////////////////////////////////////////////////////////////////////////////
27
28.literal xml
29<?sdop
f89d2485
PH
30 foot_right_recto="&chaptertitle; (&chapternumber;)"
31 foot_right_verso="&chaptertitle; (&chapternumber;)"
3cb1b51e 32 toc_chapter_blanks="yes,yes"
595028e4 33 table_warn_overflow="overprint"
3cb1b51e
PH
34?>
35.literal off
9b371988 36
33393583 37. /////////////////////////////////////////////////////////////////////////////
20f0f788 38. This generates the outermost <book> element that wraps the entire document.
33393583
PH
39. /////////////////////////////////////////////////////////////////////////////
40
41.book
42
43. /////////////////////////////////////////////////////////////////////////////
2aee48d6 44. These definitions set some parameters and save some typing.
7d837ca7 45. Update the Copyright year (only) when changing content.
33393583
PH
46. /////////////////////////////////////////////////////////////////////////////
47
40ed89b3 48.set previousversion "4.92"
2aee48d6 49.include ./local_params
f89d2485 50
33393583 51.set ACL "access control lists (ACLs)"
f89d2485 52.set I "&nbsp;&nbsp;&nbsp;&nbsp;"
33393583 53
7d837ca7 54.macro copyyear
c45e9ca1 552018
7d837ca7 56.endmacro
9b371988
PH
57
58. /////////////////////////////////////////////////////////////////////////////
59. Additional xfpt markup used by this document, over and above the default
60. provided in the xfpt library.
61. /////////////////////////////////////////////////////////////////////////////
62
20f0f788 63. --- Override the &$ flag to automatically insert a $ with the variable name.
9b371988
PH
64
65.flag &$ $& "<varname>$" "</varname>"
66
67. --- Short flags for daggers in option headings. They will always be inside
20f0f788 68. --- an italic string, but we want the daggers to be in Roman.
9b371988
PH
69
70.flag &!! "</emphasis>&dagger;<emphasis>"
71.flag &!? "</emphasis>&Dagger;<emphasis>"
72
73. --- A macro for an Exim option definition heading, generating a one-line
0a4e3112
PH
74. --- table with four columns. For cases when the option name is given with
75. --- a space, so that it can be split, a fifth argument is used for the
76. --- index entry.
9b371988
PH
77
78.macro option
0a4e3112
PH
79.arg 5
80.oindex "&%$5%&"
81.endarg
82.arg -5
3cb1b51e 83.oindex "&%$1%&"
0a4e3112 84.endarg
f89d2485 85.itable all 0 0 4 8* left 6* center 6* center 6* right
9b371988
PH
86.row "&%$1%&" "Use: &'$2'&" "Type: &'$3'&" "Default: &'$4'&"
87.endtable
88.endmacro
89
90. --- A macro for the common 2-column tables. The width of the first column
91. --- is suitable for the many tables at the start of the main options chapter;
20f0f788 92. --- a small number of other 2-column tables override it.
9b371988 93
db9452a9 94.macro table2 196pt 254pt
9b371988
PH
95.itable none 0 0 2 $1 left $2 left
96.endmacro
97
f89d2485
PH
98. --- A macro that generates .row, but puts &I; at the start of the first
99. --- argument, thus indenting it. Assume a minimum of two arguments, and
100. --- allow up to four arguments, which is as many as we'll ever need.
101
102.macro irow
103.arg 4
104.row "&I;$1" "$2" "$3" "$4"
105.endarg
106.arg -4
107.arg 3
108.row "&I;$1" "$2" "$3"
109.endarg
110.arg -3
111.row "&I;$1" "$2"
112.endarg
113.endarg
114.endmacro
115
116. --- Macros for option, variable, and concept index entries. For a "range"
117. --- style of entry, use .scindex for the start and .ecindex for the end. The
118. --- first argument of .scindex and the only argument of .ecindex must be the
119. --- ID that ties them together.
9b371988
PH
120
121.macro cindex
122&<indexterm role="concept">&
123&<primary>&$1&</primary>&
124.arg 2
125&<secondary>&$2&</secondary>&
126.endarg
127&</indexterm>&
128.endmacro
129
4f578862
PH
130.macro scindex
131&<indexterm role="concept" id="$1" class="startofrange">&
132&<primary>&$2&</primary>&
133.arg 3
134&<secondary>&$3&</secondary>&
135.endarg
136&</indexterm>&
137.endmacro
138
139.macro ecindex
140&<indexterm role="concept" startref="$1" class="endofrange"/>&
141.endmacro
142
9b371988
PH
143.macro oindex
144&<indexterm role="option">&
145&<primary>&$1&</primary>&
146.arg 2
147&<secondary>&$2&</secondary>&
148.endarg
149&</indexterm>&
150.endmacro
151
f89d2485
PH
152.macro vindex
153&<indexterm role="variable">&
154&<primary>&$1&</primary>&
155.arg 2
156&<secondary>&$2&</secondary>&
157.endarg
158&</indexterm>&
159.endmacro
160
9b371988 161.macro index
f89d2485 162.echo "** Don't use .index; use .cindex or .oindex or .vindex"
9b371988
PH
163.endmacro
164. ////////////////////////////////////////////////////////////////////////////
165
166
167. ////////////////////////////////////////////////////////////////////////////
20f0f788 168. The <bookinfo> element is removed from the XML before processing for ASCII
9b371988
PH
169. output formats.
170. ////////////////////////////////////////////////////////////////////////////
171
172.literal xml
173<bookinfo>
174<title>Specification of the Exim Mail Transfer Agent</title>
175<titleabbrev>The Exim MTA</titleabbrev>
2aee48d6
JH
176<date>
177.fulldate
178</date>
7b4c60eb
NM
179<author><firstname>Exim</firstname><surname>Maintainers</surname></author>
180<authorinitials>EM</authorinitials>
9b371988 181<revhistory><revision>
99474a17 182.versiondatexml
7b4c60eb 183 <authorinitials>EM</authorinitials>
9b371988 184</revision></revhistory>
2aee48d6 185<copyright><year>
29343b08 186.copyyear
2aee48d6 187 </year><holder>University of Cambridge</holder></copyright>
9b371988
PH
188</bookinfo>
189.literal off
190
191
192. /////////////////////////////////////////////////////////////////////////////
193. This chunk of literal XML implements index entries of the form "x, see y" and
194. "x, see also y". However, the DocBook DTD doesn't allow <indexterm> entries
195. at the top level, so we have to put the .chapter directive first.
196. /////////////////////////////////////////////////////////////////////////////
197
f89d2485 198.chapter "Introduction" "CHID1"
9b371988
PH
199.literal xml
200
f89d2485 201<indexterm role="variable">
168e428f
PH
202 <primary>$1, $2, etc.</primary>
203 <see><emphasis>numerical variables</emphasis></see>
204</indexterm>
205<indexterm role="concept">
206 <primary>address</primary>
207 <secondary>rewriting</secondary>
208 <see><emphasis>rewriting</emphasis></see>
209</indexterm>
210<indexterm role="concept">
068aaea8
PH
211 <primary>Bounce Address Tag Validation</primary>
212 <see><emphasis>BATV</emphasis></see>
213</indexterm>
214<indexterm role="concept">
215 <primary>Client SMTP Authorization</primary>
216 <see><emphasis>CSA</emphasis></see>
217</indexterm>
218<indexterm role="concept">
168e428f
PH
219 <primary>CR character</primary>
220 <see><emphasis>carriage return</emphasis></see>
221</indexterm>
222<indexterm role="concept">
223 <primary>CRL</primary>
224 <see><emphasis>certificate revocation list</emphasis></see>
225</indexterm>
226<indexterm role="concept">
227 <primary>delivery</primary>
228 <secondary>failure report</secondary>
229 <see><emphasis>bounce message</emphasis></see>
230</indexterm>
231<indexterm role="concept">
232 <primary>dialup</primary>
233 <see><emphasis>intermittently connected hosts</emphasis></see>
234</indexterm>
235<indexterm role="concept">
236 <primary>exiscan</primary>
237 <see><emphasis>content scanning</emphasis></see>
238</indexterm>
239<indexterm role="concept">
240 <primary>failover</primary>
241 <see><emphasis>fallback</emphasis></see>
242</indexterm>
243<indexterm role="concept">
244 <primary>fallover</primary>
245 <see><emphasis>fallback</emphasis></see>
246</indexterm>
247<indexterm role="concept">
248 <primary>filter</primary>
249 <secondary>Sieve</secondary>
250 <see><emphasis>Sieve filter</emphasis></see>
251</indexterm>
252<indexterm role="concept">
253 <primary>ident</primary>
254 <see><emphasis>RFC 1413</emphasis></see>
255</indexterm>
256<indexterm role="concept">
257 <primary>LF character</primary>
258 <see><emphasis>linefeed</emphasis></see>
259</indexterm>
260<indexterm role="concept">
261 <primary>maximum</primary>
595028e4 262 <seealso><emphasis>limit</emphasis></seealso>
168e428f
PH
263</indexterm>
264<indexterm role="concept">
068aaea8
PH
265 <primary>monitor</primary>
266 <see><emphasis>Exim monitor</emphasis></see>
267</indexterm>
268<indexterm role="concept">
168e428f
PH
269 <primary>no_<emphasis>xxx</emphasis></primary>
270 <see>entry for xxx</see>
271</indexterm>
272<indexterm role="concept">
273 <primary>NUL</primary>
274 <see><emphasis>binary zero</emphasis></see>
275</indexterm>
276<indexterm role="concept">
277 <primary>passwd file</primary>
278 <see><emphasis>/etc/passwd</emphasis></see>
279</indexterm>
280<indexterm role="concept">
281 <primary>process id</primary>
282 <see><emphasis>pid</emphasis></see>
283</indexterm>
284<indexterm role="concept">
285 <primary>RBL</primary>
286 <see><emphasis>DNS list</emphasis></see>
287</indexterm>
288<indexterm role="concept">
289 <primary>redirection</primary>
290 <see><emphasis>address redirection</emphasis></see>
291</indexterm>
292<indexterm role="concept">
293 <primary>return path</primary>
294 <seealso><emphasis>envelope sender</emphasis></seealso>
295</indexterm>
296<indexterm role="concept">
297 <primary>scanning</primary>
298 <see><emphasis>content scanning</emphasis></see>
299</indexterm>
300<indexterm role="concept">
301 <primary>SSL</primary>
302 <see><emphasis>TLS</emphasis></see>
303</indexterm>
304<indexterm role="concept">
305 <primary>string</primary>
306 <secondary>expansion</secondary>
307 <see><emphasis>expansion</emphasis></see>
308</indexterm>
309<indexterm role="concept">
310 <primary>top bit</primary>
311 <see><emphasis>8-bit characters</emphasis></see>
312</indexterm>
313<indexterm role="concept">
314 <primary>variables</primary>
315 <see><emphasis>expansion, variables</emphasis></see>
316</indexterm>
317<indexterm role="concept">
318 <primary>zero, binary</primary>
319 <see><emphasis>binary zero</emphasis></see>
320</indexterm>
9b371988
PH
321
322.literal off
168e428f
PH
323
324
9b371988
PH
325. /////////////////////////////////////////////////////////////////////////////
326. This is the real start of the first chapter. See the comment above as to why
327. we can't have the .chapter line here.
328. chapter "Introduction"
329. /////////////////////////////////////////////////////////////////////////////
168e428f
PH
330
331Exim is a mail transfer agent (MTA) for hosts that are running Unix or
332Unix-like operating systems. It was designed on the assumption that it would be
333run on hosts that are permanently connected to the Internet. However, it can be
334used on intermittently connected hosts with suitable configuration adjustments.
335
336Configuration files currently exist for the following operating systems: AIX,
068aaea8
PH
337BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, Dragonfly, FreeBSD, GNU/Hurd,
338GNU/Linux, HI-OSF (Hitachi), HI-UX, HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD,
339OpenUNIX, QNX, SCO, SCO SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4,
20f0f788 340Tru64-Unix (formerly Digital UNIX, formerly DEC-OSF1), Ultrix, and UnixWare.
068aaea8
PH
341Some of these operating systems are no longer current and cannot easily be
342tested, so the configuration files may no longer work in practice.
168e428f
PH
343
344There are also configuration files for compiling Exim in the Cygwin environment
345that can be installed on systems running Windows. However, this document does
346not contain any information about running Exim in the Cygwin environment.
347
348The terms and conditions for the use and distribution of Exim are contained in
9b371988
PH
349the file &_NOTICE_&. Exim is distributed under the terms of the GNU General
350Public Licence, a copy of which may be found in the file &_LICENCE_&.
168e428f 351
20f0f788
HSHR
352The use, supply, or promotion of Exim for the purpose of sending bulk,
353unsolicited electronic mail is incompatible with the basic aims of Exim,
168e428f
PH
354which revolve around the free provision of a service that enhances the quality
355of personal communications. The author of Exim regards indiscriminate
356mass-mailing as an antisocial, irresponsible abuse of the Internet.
357
358Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
359experience of running and working on the Smail 3 code, I could never have
360contemplated starting to write a new MTA. Many of the ideas and user interfaces
361were originally taken from Smail 3, though the actual code of Exim is entirely
362new, and has developed far beyond the initial concept.
363
364Many people, both in Cambridge and around the world, have contributed to the
365development and the testing of Exim, and to porting it to various operating
366systems. I am grateful to them all. The distribution now contains a file called
9b371988 367&_ACKNOWLEDGMENTS_&, in which I have started recording the names of
168e428f
PH
368contributors.
369
370
f89d2485 371.section "Exim documentation" "SECID1"
800d5176 372. Keep this example change bar when updating the documentation!
b52ed2b3 373
9b371988 374.cindex "documentation"
2aee48d6 375This edition of the Exim specification applies to version &version() of Exim.
9b371988 376Substantive changes from the &previousversion; edition are marked in some
20f0f788 377renditions of this document; this paragraph is so marked if the rendition is
168e428f
PH
378capable of showing a change indicator.
379
380This document is very much a reference manual; it is not a tutorial. The reader
381is expected to have some familiarity with the SMTP mail transfer protocol and
382with general Unix system administration. Although there are some discussions
383and examples in places, the information is mostly organized in a way that makes
384it easy to look up, rather than in a natural order for sequential reading.
20f0f788 385Furthermore, this manual aims to cover every aspect of Exim in detail, including
168e428f
PH
386a number of rarely-used, special-purpose features that are unlikely to be of
387very wide interest.
388
9b371988
PH
389.cindex "books about Exim"
390An &"easier"& discussion of Exim which provides more in-depth explanatory,
391introductory, and tutorial material can be found in a book entitled &'The Exim
595028e4 392SMTP Mail Server'& (second edition, 2007), published by UIT Cambridge
07738d61 393(&url(https://www.uit.co.uk/exim-book/)).
168e428f 394
20f0f788 395The book also contains a chapter that gives a general introduction to SMTP and
168e428f
PH
396Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
397with the latest release of Exim. (Note that the earlier book about Exim,
398published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)
399
9b371988 400.cindex "Debian" "information sources"
068aaea8
PH
401If you are using a Debian distribution of Exim, you will find information about
402Debian-specific features in the file
f89d2485 403&_/usr/share/doc/exim4-base/README.Debian_&.
9b371988 404The command &(man update-exim.conf)& is another source of Debian-specific
068aaea8
PH
405information.
406
9b371988
PH
407.cindex "&_doc/NewStuff_&"
408.cindex "&_doc/ChangeLog_&"
409.cindex "change log"
20f0f788 410As Exim develops, there may be features in newer versions that have not
168e428f
PH
411yet made it into this document, which is updated only when the most significant
412digit of the fractional part of the version number changes. Specifications of
413new features that are not yet in this manual are placed in the file
9b371988 414&_doc/NewStuff_& in the Exim distribution.
168e428f 415
9b371988 416Some features may be classified as &"experimental"&. These may change
168e428f
PH
417incompatibly while they are developing, or even be withdrawn. For this reason,
418they are not documented in this manual. Information about experimental features
9b371988 419can be found in the file &_doc/experimental.txt_&.
168e428f 420
20f0f788 421All changes to Exim (whether new features, bug fixes, or other kinds of
9b371988 422change) are noted briefly in the file called &_doc/ChangeLog_&.
168e428f 423
9b371988
PH
424.cindex "&_doc/spec.txt_&"
425This specification itself is available as an ASCII file in &_doc/spec.txt_& so
426that it can easily be searched with a text editor. Other files in the &_doc_&
168e428f
PH
427directory are:
428
9b371988
PH
429.table2 100pt
430.row &_OptionLists.txt_& "list of all options in alphabetical order"
431.row &_dbm.discuss.txt_& "discussion about DBM libraries"
432.row &_exim.8_& "a man page of Exim's command line options"
433.row &_experimental.txt_& "documentation of experimental features"
434.row &_filter.txt_& "specification of the filter language"
9b371988
PH
435.row &_Exim3.upgrade_& "upgrade notes from release 2 to release 3"
436.row &_Exim4.upgrade_& "upgrade notes from release 3 to release 4"
2eec84ca 437.row &_openssl.txt_& "installing a current OpenSSL release"
9b371988 438.endtable
168e428f
PH
439
440The main specification and the specification of the filtering language are also
441available in other formats (HTML, PostScript, PDF, and Texinfo). Section
9b371988 442&<<SECTavail>>& below tells you how to get hold of these.
168e428f
PH
443
444
445
20f0f788
HSHR
446.section "FTP site and websites" "SECID2"
447.cindex "website"
9b371988 448.cindex "FTP site"
b6effdcc
PP
449The primary site for Exim source distributions is the &%exim.org%& FTP site,
450available over HTTPS, HTTP and FTP. These services, and the &%exim.org%&
451website, are hosted at the University of Cambridge.
9b371988
PH
452
453.cindex "wiki"
454.cindex "FAQ"
20f0f788 455As well as Exim distribution tar files, the Exim website contains a number of
f89d2485 456differently formatted versions of the documentation. A recent addition to the
07738d61 457online information is the Exim wiki (&url(https://wiki.exim.org)),
f89d2485
PH
458which contains what used to be a separate FAQ, as well as various other
459examples, tips, and know-how that have been contributed by Exim users.
b6effdcc
PP
460The wiki site should always redirect to the correct place, which is currently
461provided by GitHub, and is open to editing by anyone with a GitHub account.
f89d2485
PH
462
463.cindex Bugzilla
77c27011 464An Exim Bugzilla exists at &url(https://bugs.exim.org). You can use
f89d2485
PH
465this to report bugs, and also to add items to the wish list. Please search
466first to check that you are not duplicating a previous entry.
b6effdcc 467Please do not ask for configuration help in the bug-tracker.
168e428f
PH
468
469
f89d2485 470.section "Mailing lists" "SECID3"
9b371988 471.cindex "mailing lists" "for Exim users"
f89d2485 472The following Exim mailing lists exist:
168e428f 473
9b371988 474.table2 140pt
d854d3a9 475.row &'exim-announce@exim.org'& "Moderated, low volume announcements list"
f89d2485
PH
476.row &'exim-users@exim.org'& "General discussion list"
477.row &'exim-dev@exim.org'& "Discussion of bugs, enhancements, etc."
d854d3a9 478.row &'exim-cvs@exim.org'& "Automated commit messages from the VCS"
9b371988 479.endtable
168e428f
PH
480
481You can subscribe to these lists, change your existing subscriptions, and view
9b371988
PH
482or search the archives via the mailing lists link on the Exim home page.
483.cindex "Debian" "mailing list for"
4f578862 484If you are using a Debian distribution of Exim, you may wish to subscribe to
db9452a9
PH
485the Debian-specific mailing list &'pkg-exim4-users@lists.alioth.debian.org'&
486via this web page:
487.display
07738d61 488&url(https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-exim4-users)
db9452a9 489.endd
20f0f788 490Please ask Debian-specific questions on that list and not on the general Exim
db9452a9 491lists.
9b371988 492
f89d2485 493.section "Bug reports" "SECID5"
9b371988
PH
494.cindex "bug reports"
495.cindex "reporting bugs"
7d0ab55c 496Reports of obvious bugs can be emailed to &'bugs@exim.org'& or reported
77c27011 497via the Bugzilla (&url(https://bugs.exim.org)). However, if you are unsure
595028e4
PH
498whether some behaviour is a bug or not, the best thing to do is to post a
499message to the &'exim-dev'& mailing list and have it discussed.
168e428f
PH
500
501
502
9b371988
PH
503.section "Where to find the Exim distribution" "SECTavail"
504.cindex "FTP site"
b6effdcc 505.cindex "HTTPS download site"
20f0f788 506.cindex "distribution" "FTP site"
b6effdcc 507.cindex "distribution" "https site"
b6effdcc 508The master distribution site for the Exim distribution is
9b371988 509.display
6c6b39ba 510&url(https://downloads.exim.org/)
9b371988 511.endd
b6effdcc
PP
512The service is available over HTTPS, HTTP and FTP.
513We encourage people to migrate to HTTPS.
514
07738d61
PP
515The content served at &url(https://downloads.exim.org/) is identical to the
516content served at &url(https://ftp.exim.org/pub/exim) and
517&url(ftp://ftp.exim.org/pub/exim).
b6effdcc
PP
518
519If accessing via a hostname containing &'ftp'&, then the file references that
520follow are relative to the &_exim_& directories at these sites.
521If accessing via the hostname &'downloads'& then the subdirectories described
522here are top-level directories.
b6effdcc
PP
523
524There are now quite a number of independent mirror sites around
9b371988
PH
525the world. Those that I know about are listed in the file called &_Mirrors_&.
526
b6effdcc 527Within the top exim directory there are subdirectories called &_exim3_& (for
9b371988
PH
528previous Exim 3 distributions), &_exim4_& (for the latest Exim 4
529distributions), and &_Testing_& for testing versions. In the &_exim4_&
168e428f 530subdirectory, the current release can always be found in files called
9b371988 531.display
b6effdcc 532&_exim-n.nn.tar.xz_&
9b371988
PH
533&_exim-n.nn.tar.gz_&
534&_exim-n.nn.tar.bz2_&
535.endd
b6effdcc 536where &'n.nn'& is the highest such version number in the directory. The three
168e428f 537files contain identical data; the only difference is the type of compression.
b6effdcc
PP
538The &_.xz_& file is usually the smallest, while the &_.gz_& file is the
539most portable to old systems.
168e428f 540
9b371988
PH
541.cindex "distribution" "signing details"
542.cindex "distribution" "public key"
543.cindex "public key for signed distribution"
40167b05
PP
544The distributions will be PGP signed by an individual key of the Release
545Coordinator. This key will have a uid containing an email address in the
546&'exim.org'& domain and will have signatures from other people, including
547other Exim maintainers. We expect that the key will be in the "strong set" of
20f0f788
HSHR
548PGP keys. There should be a trust path to that key from the Exim Maintainer's
549PGP keys, a version of which can be found in the release directory in the file
550&_Exim-Maintainers-Keyring.asc_&. All keys used will be available in public keyserver pools,
40167b05
PP
551such as &'pool.sks-keyservers.net'&.
552
20f0f788 553At the time of the last update, releases were being made by Jeremy Harris and signed
b6effdcc
PP
554with key &'0xBCE58C8CE41F32DF'&. Other recent keys used for signing are those
555of Heiko Schlittermann, &'0x26101B62F69376CE'&,
556and of Phil Pennock, &'0x4D1E900E14C1CC04'&.
40167b05
PP
557
558The signatures for the tar bundles are in:
9b371988 559.display
b6effdcc 560&_exim-n.nn.tar.xz.asc_&
210f147e
NM
561&_exim-n.nn.tar.gz.asc_&
562&_exim-n.nn.tar.bz2.asc_&
9b371988 563.endd
20f0f788 564For each released version, the log of changes is made available in a
9b371988 565separate file in the directory &_ChangeLogs_& so that it is possible to
168e428f
PH
566find out what has changed without having to download the entire distribution.
567
9b371988 568.cindex "documentation" "available formats"
168e428f
PH
569The main distribution contains ASCII versions of this specification and other
570documentation; other formats of the documents are available in separate files
9b371988
PH
571inside the &_exim4_& directory of the FTP site:
572.display
573&_exim-html-n.nn.tar.gz_&
574&_exim-pdf-n.nn.tar.gz_&
575&_exim-postscript-n.nn.tar.gz_&
576&_exim-texinfo-n.nn.tar.gz_&
577.endd
578These tar files contain only the &_doc_& directory, not the complete
b6effdcc 579distribution, and are also available in &_.bz2_& and &_.xz_& forms.
168e428f 580
168e428f 581
f89d2485 582.section "Limitations" "SECID6"
9b371988
PH
583.ilist
584.cindex "limitations of Exim"
585.cindex "bang paths" "not handled by Exim"
586Exim is designed for use as an Internet MTA, and therefore handles addresses in
587RFC 2822 domain format only. It cannot handle UUCP &"bang paths"&, though
588simple two-component bang paths can be converted by a straightforward rewriting
589configuration. This restriction does not prevent Exim from being interfaced to
590UUCP as a transport mechanism, provided that domain addresses are used.
591.next
592.cindex "domainless addresses"
593.cindex "address" "without domain"
168e428f
PH
594Exim insists that every address it handles has a domain attached. For incoming
595local messages, domainless addresses are automatically qualified with a
596configured domain value. Configuration options specify from which remote
597systems unqualified addresses are acceptable. These are then qualified on
598arrival.
9b371988
PH
599.next
600.cindex "transport" "external"
601.cindex "external transports"
602The only external transport mechanisms that are currently implemented are SMTP
603and LMTP over a TCP/IP network (including support for IPv6). However, a pipe
168e428f 604transport is available, and there are facilities for writing messages to files
9b371988
PH
605and pipes, optionally in &'batched SMTP'& format; these facilities can be used
606to send messages to other transport mechanisms such as UUCP, provided they can
607handle domain-style addresses. Batched SMTP input is also catered for.
608.next
609Exim is not designed for storing mail for dial-in hosts. When the volumes of
610such mail are large, it is better to get the messages &"delivered"& into files
168e428f
PH
611(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
612other means.
9b371988
PH
613.next
614Although Exim does have basic facilities for scanning incoming messages, these
168e428f
PH
615are not comprehensive enough to do full virus or spam scanning. Such operations
616are best carried out using additional specialized software packages. If you
617compile Exim with the content-scanning extension, straightforward interfaces to
618a number of common scanners are provided.
9b371988 619.endlist
168e428f
PH
620
621
20f0f788
HSHR
622.section "Runtime configuration" "SECID7"
623Exim's runtime configuration is held in a single text file that is divided
168e428f
PH
624into a number of sections. The entries in this file consist of keywords and
625values, in the style of Smail 3 configuration files. A default configuration
626file which is suitable for simple online installations is provided in the
9b371988 627distribution, and is described in chapter &<<CHAPdefconfil>>& below.
168e428f
PH
628
629
f89d2485 630.section "Calling interface" "SECID8"
9b371988 631.cindex "Sendmail compatibility" "command line interface"
168e428f 632Like many MTAs, Exim has adopted the Sendmail command line interface so that it
9b371988
PH
633can be a straight replacement for &_/usr/lib/sendmail_& or
634&_/usr/sbin/sendmail_& when sending mail, but you do not need to know anything
168e428f
PH
635about Sendmail in order to run Exim. For actions other than sending messages,
636Sendmail-compatible options also exist, but those that produce output (for
20f0f788 637example, &%-bp%&, which lists the messages in the queue) do so in Exim's own
168e428f 638format. There are also some additional options that are compatible with Smail
9b371988 6393, and some further options that are new to Exim. Chapter &<<CHAPcommandline>>&
168e428f
PH
640documents all Exim's command line options. This information is automatically
641made into the man page that forms part of the Exim distribution.
642
20f0f788 643Control of messages in the queue can be done via certain privileged command
9b371988
PH
644line options. There is also an optional monitor program called &'eximon'&,
645which displays current information in an X window, and which contains a menu
168e428f
PH
646interface to Exim's command line administration options.
647
648
649
f89d2485 650.section "Terminology" "SECID9"
9b371988
PH
651.cindex "terminology definitions"
652.cindex "body of message" "definition of"
653The &'body'& of a message is the actual data that the sender wants to transmit.
20f0f788 654It is the last part of a message and is separated from the &'header'& (see
168e428f
PH
655below) by a blank line.
656
9b371988 657.cindex "bounce message" "definition of"
168e428f 658When a message cannot be delivered, it is normally returned to the sender in a
9b371988
PH
659delivery failure message or a &"non-delivery report"& (NDR). The term
660&'bounce'& is commonly used for this action, and the error reports are often
661called &'bounce messages'&. This is a convenient shorthand for &"delivery
662failure error report"&. Such messages have an empty sender address in the
663message's &'envelope'& (see below) to ensure that they cannot themselves give
664rise to further bounce messages.
665
666The term &'default'& appears frequently in this manual. It is used to qualify a
168e428f
PH
667value which is used in the absence of any setting in the configuration. It may
668also qualify an action which is taken unless a configuration setting specifies
669otherwise.
670
9b371988 671The term &'defer'& is used when the delivery of a message to a specific
168e428f 672destination cannot immediately take place for some reason (a remote host may be
9b371988 673down, or a user's local mailbox may be full). Such deliveries are &'deferred'&
168e428f
PH
674until a later time.
675
9b371988
PH
676The word &'domain'& is sometimes used to mean all but the first component of a
677host's name. It is &'not'& used in that sense here, where it normally refers to
678the part of an email address following the @ sign.
168e428f 679
f89d2485 680.cindex "envelope, definition of"
9b371988
PH
681.cindex "sender" "definition of"
682A message in transit has an associated &'envelope'&, as well as a header and a
168e428f
PH
683body. The envelope contains a sender address (to which bounce messages should
684be delivered), and any number of recipient addresses. References to the
685sender or the recipients of a message usually mean the addresses in the
686envelope. An MTA uses these addresses for delivery, and for returning bounce
687messages, not the addresses that appear in the header lines.
688
f89d2485 689.cindex "message" "header, definition of"
9b371988
PH
690.cindex "header section" "definition of"
691The &'header'& of a message is the first part of a message's text, consisting
692of a number of lines, each of which has a name such as &'From:'&, &'To:'&,
693&'Subject:'&, etc. Long header lines can be split over several text lines by
168e428f
PH
694indenting the continuations. The header is separated from the body by a blank
695line.
696
9b371988
PH
697.cindex "local part" "definition of"
698.cindex "domain" "definition of"
20f0f788 699The term &'local part'&, which is taken from RFC 2822, is used to refer to the
168e428f 700part of an email address that precedes the @ sign. The part that follows the
9b371988 701@ sign is called the &'domain'& or &'mail domain'&.
168e428f 702
9b371988 703.cindex "local delivery" "definition of"
f89d2485 704.cindex "remote delivery, definition of"
9b371988 705The terms &'local delivery'& and &'remote delivery'& are used to distinguish
168e428f 706delivery to a file or a pipe on the local host from delivery by SMTP over
068aaea8 707TCP/IP to another host. As far as Exim is concerned, all hosts other than the
9b371988 708host it is running on are &'remote'&.
168e428f 709
9b371988
PH
710.cindex "return path" "definition of"
711&'Return path'& is another name that is used for the sender address in a
168e428f
PH
712message's envelope.
713
9b371988 714.cindex "queue" "definition of"
20f0f788 715The term &'queue'& is used to refer to the set of messages awaiting delivery
168e428f 716because this term is in widespread use in the context of MTAs. However, in
20f0f788 717Exim's case, the reality is more like a pool than a queue, because there is
168e428f
PH
718normally no ordering of waiting messages.
719
9b371988
PH
720.cindex "queue runner" "definition of"
721The term &'queue runner'& is used to describe a process that scans the queue
168e428f 722and attempts to deliver those messages whose retry times have come. This term
20f0f788 723is used by other MTAs and also relates to the command &%runq%&, but in Exim
168e428f
PH
724the waiting messages are normally processed in an unpredictable order.
725
9b371988
PH
726.cindex "spool directory" "definition of"
727The term &'spool directory'& is used for a directory in which Exim keeps the
20f0f788 728messages in its queue &-- that is, those that it is in the process of
168e428f 729delivering. This should not be confused with the directory in which local
9b371988
PH
730mailboxes are stored, which is called a &"spool directory"& by some people. In
731the Exim documentation, &"spool"& is always used in the first sense.
168e428f
PH
732
733
734
735
736
737
9b371988
PH
738. ////////////////////////////////////////////////////////////////////////////
739. ////////////////////////////////////////////////////////////////////////////
168e428f 740
f89d2485 741.chapter "Incorporated code" "CHID2"
9b371988
PH
742.cindex "incorporated code"
743.cindex "regular expressions" "library"
744.cindex "PCRE"
1899bab2 745.cindex "OpenDMARC"
168e428f
PH
746A number of pieces of external code are included in the Exim distribution.
747
9b371988 748.ilist
210f147e
NM
749Regular expressions are supported in the main Exim program and in the
750Exim monitor using the freely-distributable PCRE library, copyright
40df1be3
TF
751&copy; University of Cambridge. The source to PCRE is no longer shipped with
752Exim, so you will need to use the version of PCRE shipped with your system,
753or obtain and install the full version of the library from
f89d2485 754&url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre).
9b371988 755.next
f89d2485 756.cindex "cdb" "acknowledgment"
168e428f
PH
757Support for the cdb (Constant DataBase) lookup method is provided by code
758contributed by Nigel Metheringham of (at the time he contributed it) Planet
9b371988
PH
759Online Ltd. The implementation is completely contained within the code of Exim.
760It does not link against an external cdb library. The code contains the
761following statements:
762
763.blockquote
764Copyright &copy; 1998 Nigel Metheringham, Planet Online Ltd
765
168e428f
PH
766This program is free software; you can redistribute it and/or modify it under
767the terms of the GNU General Public License as published by the Free Software
768Foundation; either version 2 of the License, or (at your option) any later
769version.
168e428f
PH
770This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
771the spec and sample code for cdb can be obtained from
07738d61 772&url(https://cr.yp.to/cdb.html). This implementation borrows
f89d2485
PH
773some code from Dan Bernstein's implementation (which has no license
774restrictions applied to it).
9b371988
PH
775.endblockquote
776.next
777.cindex "SPA authentication"
778.cindex "Samba project"
779.cindex "Microsoft Secure Password Authentication"
780Client support for Microsoft's &'Secure Password Authentication'& is provided
168e428f
PH
781by code contributed by Marc Prud'hommeaux. Server support was contributed by
782Tom Kistner. This includes code taken from the Samba project, which is released
783under the Gnu GPL.
9b371988
PH
784.next
785.cindex "Cyrus"
786.cindex "&'pwcheck'& daemon"
787.cindex "&'pwauthd'& daemon"
788Support for calling the Cyrus &'pwcheck'& and &'saslauthd'& daemons is provided
168e428f
PH
789by code taken from the Cyrus-SASL library and adapted by Alexander S.
790Sabourenkov. The permission notice appears below, in accordance with the
791conditions expressed therein.
9b371988
PH
792
793.blockquote
794Copyright &copy; 2001 Carnegie Mellon University. All rights reserved.
795
168e428f
PH
796Redistribution and use in source and binary forms, with or without
797modification, are permitted provided that the following conditions
798are met:
168e428f 799
9b371988
PH
800.olist
801Redistributions of source code must retain the above copyright
802notice, this list of conditions and the following disclaimer.
803.next
804Redistributions in binary form must reproduce the above copyright
168e428f
PH
805notice, this list of conditions and the following disclaimer in
806the documentation and/or other materials provided with the
807distribution.
9b371988
PH
808.next
809The name &"Carnegie Mellon University"& must not be used to
168e428f
PH
810endorse or promote products derived from this software without
811prior written permission. For permission or any other legal
812details, please contact
9b371988 813.display
068aaea8
PH
814 Office of Technology Transfer
815 Carnegie Mellon University
816 5000 Forbes Avenue
817 Pittsburgh, PA 15213-3890
818 (412) 268-4387, fax: (412) 268-7395
819 tech-transfer@andrew.cmu.edu
9b371988
PH
820.endd
821.next
822Redistributions of any form whatsoever must retain the following
168e428f 823acknowledgment:
9b371988
PH
824
825&"This product includes software developed by Computing Services
07738d61 826at Carnegie Mellon University (&url(https://www.cmu.edu/computing/)."&
9b371988 827
168e428f
PH
828CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
829THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
830AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
831FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
832WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
833AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
834OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9b371988
PH
835.endlist
836.endblockquote
168e428f 837
9b371988 838.next
f89d2485 839.cindex "Exim monitor" "acknowledgment"
9b371988
PH
840.cindex "X-windows"
841.cindex "Athena"
168e428f
PH
842The Exim Monitor program, which is an X-Window application, includes
843modified versions of the Athena StripChart and TextPop widgets.
844This code is copyright by DEC and MIT, and their permission notice appears
845below, in accordance with the conditions expressed therein.
9b371988
PH
846
847.blockquote
168e428f
PH
848Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
849and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
9b371988 850
168e428f 851All Rights Reserved
9b371988 852
168e428f
PH
853Permission to use, copy, modify, and distribute this software and its
854documentation for any purpose and without fee is hereby granted,
855provided that the above copyright notice appear in all copies and that
856both that copyright notice and this permission notice appear in
857supporting documentation, and that the names of Digital or MIT not be
858used in advertising or publicity pertaining to distribution of the
859software without specific, written prior permission.
9b371988 860
168e428f
PH
861DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
862ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
863DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
864ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
865WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
866ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
867SOFTWARE.
9b371988 868.endblockquote
168e428f 869
9b371988 870.next
1899bab2
TL
871.cindex "opendmarc" "acknowledgment"
872The DMARC implementation uses the OpenDMARC library which is Copyrighted by
873The Trusted Domain Project. Portions of Exim source which use OpenDMARC
874derived code are indicated in the respective source files. The full OpenDMARC
875license is provided in the LICENSE.opendmarc file contained in the distributed
876source code.
877
878.next
9b371988 879Many people have contributed code fragments, some large, some small, that were
20f0f788 880not covered by any specific license requirements. It is assumed that the
f89d2485 881contributors are happy to see their code incorporated into Exim under the GPL.
9b371988 882.endlist
168e428f
PH
883
884
885
886
887
9b371988
PH
888. ////////////////////////////////////////////////////////////////////////////
889. ////////////////////////////////////////////////////////////////////////////
168e428f 890
f89d2485 891.chapter "How Exim receives and delivers mail" "CHID11" &&&
9b371988 892 "Receiving and delivering mail"
168e428f
PH
893
894
f89d2485 895.section "Overall philosophy" "SECID10"
9b371988 896.cindex "design philosophy"
168e428f
PH
897Exim is designed to work efficiently on systems that are permanently connected
898to the Internet and are handling a general mix of mail. In such circumstances,
899most messages can be delivered immediately. Consequently, Exim does not
900maintain independent queues of messages for specific domains or hosts, though
901it does try to send several messages in a single SMTP connection after a host
902has been down, and it also maintains per-host retry information.
903
904
f89d2485 905.section "Policy control" "SECID11"
9b371988 906.cindex "policy control" "overview"
168e428f 907Policy controls are now an important feature of MTAs that are connected to the
20f0f788 908Internet. Perhaps their most important job is to stop MTAs from being abused as
9b371988 909&"open relays"& by misguided individuals who send out vast amounts of
20f0f788 910unsolicited junk and want to disguise its source. Exim provides flexible
9b371988 911facilities for specifying policy controls on incoming mail:
168e428f 912
9b371988
PH
913.ilist
914.cindex "&ACL;" "introduction"
168e428f 915Exim 4 (unlike previous versions of Exim) implements policy controls on
9b371988 916incoming mail by means of &'Access Control Lists'& (ACLs). Each list is a
168e428f
PH
917series of statements that may either grant or deny access. ACLs can be used at
918several places in the SMTP dialogue while receiving a message from a remote
9b371988
PH
919host. However, the most common places are after each RCPT command, and at the
920very end of the message. The sysadmin can specify conditions for accepting or
921rejecting individual recipients or the entire message, respectively, at these
922two points (see chapter &<<CHAPACL>>&). Denial of access results in an SMTP
168e428f 923error code.
9b371988
PH
924.next
925An ACL is also available for locally generated, non-SMTP messages. In this
168e428f 926case, the only available actions are to accept or deny the entire message.
9b371988
PH
927.next
928When Exim is compiled with the content-scanning extension, facilities are
168e428f
PH
929provided in the ACL mechanism for passing the message to external virus and/or
930spam scanning software. The result of such a scan is passed back to the ACL,
931which can then use it to decide what to do with the message.
9b371988
PH
932.next
933When a message has been received, either from a remote host or from the local
f89d2485 934host, but before the final acknowledgment has been sent, a locally supplied C
9b371988
PH
935function called &[local_scan()]& can be run to inspect the message and decide
936whether to accept it or not (see chapter &<<CHAPlocalscan>>&). If the message
937is accepted, the list of recipients can be modified by the function.
938.next
939Using the &[local_scan()]& mechanism is another way of calling external scanner
940software. The &%SA-Exim%& add-on package works this way. It does not require
941Exim to be compiled with the content-scanning extension.
942.next
943After a message has been accepted, a further checking mechanism is available in
944the form of the &'system filter'& (see chapter &<<CHAPsystemfilter>>&). This
945runs at the start of every delivery process.
946.endlist
947
948
949
f89d2485 950.section "User filters" "SECID12"
9b371988
PH
951.cindex "filter" "introduction"
952.cindex "Sieve filter"
168e428f 953In a conventional Exim configuration, users are able to run private filters by
9b371988
PH
954setting up appropriate &_.forward_& files in their home directories. See
955chapter &<<CHAPredirect>>& (about the &(redirect)& router) for the
956configuration needed to support this, and the separate document entitled
957&'Exim's interfaces to mail filtering'& for user details. Two different kinds
958of filtering are available:
959
960.ilist
961Sieve filters are written in the standard filtering language that is defined
168e428f 962by RFC 3028.
9b371988
PH
963.next
964Exim filters are written in a syntax that is unique to Exim, but which is more
168e428f 965powerful than Sieve, which it pre-dates.
9b371988 966.endlist
168e428f
PH
967
968User filters are run as part of the routing process, described below.
969
970
971
9b371988
PH
972.section "Message identification" "SECTmessiden"
973.cindex "message ids" "details of format"
974.cindex "format" "of message id"
975.cindex "id of message"
976.cindex "base62"
977.cindex "base36"
978.cindex "Darwin"
979.cindex "Cygwin"
980Every message handled by Exim is given a &'message id'& which is sixteen
168e428f 981characters long. It is divided into three parts, separated by hyphens, for
9b371988 982example &`16VDhn-0001bo-D3`&. Each part is a sequence of letters and digits,
168e428f
PH
983normally encoding numbers in base 62. However, in the Darwin operating
984system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
985(avoiding the use of lower case letters) is used instead, because the message
20f0f788 986id is used to construct filenames, and the names of files in those systems are
068aaea8 987not always case-sensitive.
168e428f 988
9b371988 989.cindex "pid (process id)" "re-use of"
168e428f
PH
990The detail of the contents of the message id have changed as Exim has evolved.
991Earlier versions relied on the operating system not re-using a process id (pid)
992within one second. On modern operating systems, this assumption can no longer
993be made, so the algorithm had to be changed. To retain backward compatibility,
994the format of the message id was retained, which is why the following rules are
995somewhat eccentric:
996
9b371988
PH
997.ilist
998The first six characters of the message id are the time at which the message
168e428f
PH
999started to be received, to a granularity of one second. That is, this field
1000contains the number of seconds since the start of the epoch (the normal Unix
1001way of representing the date and time of day).
9b371988
PH
1002.next
1003After the first hyphen, the next six characters are the id of the process that
168e428f 1004received the message.
9b371988
PH
1005.next
1006There are two different possibilities for the final two characters:
1007.olist
0a4e3112 1008.oindex "&%localhost_number%&"
9b371988 1009If &%localhost_number%& is not set, this value is the fractional part of the
168e428f
PH
1010time of reception, normally in units of 1/2000 of a second, but for systems
1011that must use base 36 instead of base 62 (because of case-insensitive file
1012systems), the units are 1/1000 of a second.
9b371988
PH
1013.next
1014If &%localhost_number%& is set, it is multiplied by 200 (100) and added to
168e428f
PH
1015the fractional part of the time, which in this case is in units of 1/200
1016(1/100) of a second.
9b371988
PH
1017.endlist
1018.endlist
168e428f
PH
1019
1020After a message has been received, Exim waits for the clock to tick at the
1021appropriate resolution before proceeding, so that if another message is
1022received by the same process, or by another process with the same (re-used)
1023pid, it is guaranteed that the time will be different. In most cases, the clock
1024will already have ticked while the message was being received.
1025
1026
f89d2485 1027.section "Receiving mail" "SECID13"
9b371988
PH
1028.cindex "receiving mail"
1029.cindex "message" "reception"
068aaea8
PH
1030The only way Exim can receive mail from another host is using SMTP over
1031TCP/IP, in which case the sender and recipient addresses are transferred using
168e428f
PH
1032SMTP commands. However, from a locally running process (such as a user's MUA),
1033there are several possibilities:
1034
9b371988
PH
1035.ilist
1036If the process runs Exim with the &%-bm%& option, the message is read
168e428f 1037non-interactively (usually via a pipe), with the recipients taken from the
9b371988
PH
1038command line, or from the body of the message if &%-t%& is also used.
1039.next
1040If the process runs Exim with the &%-bS%& option, the message is also read
168e428f
PH
1041non-interactively, but in this case the recipients are listed at the start of
1042the message in a series of SMTP RCPT commands, terminated by a DATA
20f0f788 1043command. This is called &"batch SMTP"& format,
168e428f
PH
1044but it isn't really SMTP. The SMTP commands are just another way of passing
1045envelope addresses in a non-interactive submission.
9b371988
PH
1046.next
1047If the process runs Exim with the &%-bs%& option, the message is read
168e428f
PH
1048interactively, using the SMTP protocol. A two-way pipe is normally used for
1049passing data between the local process and the Exim process.
9b371988 1050This is &"real"& SMTP and is handled in the same way as SMTP over TCP/IP. For
168e428f 1051example, the ACLs for SMTP commands are used for this form of submission.
9b371988
PH
1052.next
1053A local process may also make a TCP/IP call to the host's loopback address
168e428f
PH
1054(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
1055does not treat the loopback address specially. It treats all such connections
1056in the same way as connections from other hosts.
9b371988 1057.endlist
168e428f
PH
1058
1059
f89d2485 1060.cindex "message sender, constructed by Exim"
9b371988 1061.cindex "sender" "constructed by Exim"
168e428f
PH
1062In the three cases that do not involve TCP/IP, the sender address is
1063constructed from the login name of the user that called Exim and a default
9b371988 1064qualification domain (which can be set by the &%qualify_domain%& configuration
168e428f
PH
1065option). For local or batch SMTP, a sender address that is passed using the
1066SMTP MAIL command is ignored. However, the system administrator may allow
20f0f788 1067certain users (&"trusted users"&) to specify a different sender addresses
168e428f 1068unconditionally, or all users to specify certain forms of different sender
9b371988
PH
1069address. The &%-f%& option or the SMTP MAIL command is used to specify these
1070different addresses. See section &<<SECTtrustedadmin>>& for details of trusted
1071users, and the &%untrusted_set_sender%& option for a way of allowing untrusted
168e428f
PH
1072users to change sender addresses.
1073
1074Messages received by either of the non-interactive mechanisms are subject to
20f0f788
HSHR
1075checking by the non-SMTP ACL if one is defined. Messages received using SMTP
1076(either over TCP/IP or interacting with a local process) can be checked by a
168e428f 1077number of ACLs that operate at different times during the SMTP session. Either
20f0f788 1078individual recipients or the entire message can be rejected if local policy
9b371988
PH
1079requirements are not met. The &[local_scan()]& function (see chapter
1080&<<CHAPlocalscan>>&) is run for all incoming messages.
168e428f
PH
1081
1082Exim can be configured not to start a delivery process when a message is
1083received; this can be unconditional, or depend on the number of incoming SMTP
1084connections or the system load. In these situations, new messages wait on the
1085queue until a queue runner process picks them up. However, in standard
1086configurations under normal conditions, delivery is started as soon as a
1087message is received.
1088
1089
1090
1091
1092
f89d2485 1093.section "Handling an incoming message" "SECID14"
9b371988
PH
1094.cindex "spool directory" "files that hold a message"
1095.cindex "file" "how a message is held"
168e428f
PH
1096When Exim accepts a message, it writes two files in its spool directory. The
1097first contains the envelope information, the current status of the message, and
1098the header lines, and the second contains the body of the message. The names of
9b371988
PH
1099the two spool files consist of the message id, followed by &`-H`& for the
1100file containing the envelope and header, and &`-D`& for the data file.
168e428f 1101
9b371988 1102.cindex "spool directory" "&_input_& sub-directory"
20f0f788 1103By default, all these message files are held in a single directory called
9b371988 1104&_input_& inside the general Exim spool directory. Some operating systems do
c0712871 1105not perform very well if the number of files in a directory gets large; to
9b371988 1106improve performance in such cases, the &%split_spool_directory%& option can be
168e428f 1107used. This causes Exim to split up the input files into 62 sub-directories
db9452a9 1108whose names are single letters or digits. When this is done, the queue is
c0712871
PH
1109processed one sub-directory at a time instead of all at once, which can improve
1110overall performance even when there are not enough files in each directory to
db9452a9 1111affect file system performance.
168e428f
PH
1112
1113The envelope information consists of the address of the message's sender and
1114the addresses of the recipients. This information is entirely separate from
1115any addresses contained in the header lines. The status of the message includes
1116a list of recipients who have already received the message. The format of the
9b371988 1117first spool file is described in chapter &<<CHAPspool>>&.
168e428f 1118
9b371988 1119.cindex "rewriting" "addresses"
168e428f 1120Address rewriting that is specified in the rewrite section of the configuration
9b371988 1121(see chapter &<<CHAPrewrite>>&) is done once and for all on incoming addresses,
168e428f
PH
1122both in the header lines and the envelope, at the time the message is accepted.
1123If during the course of delivery additional addresses are generated (for
1124example, via aliasing), these new addresses are rewritten as soon as they are
1125generated. At the time a message is actually delivered (transported) further
1126rewriting can take place; because this is a transport option, it can be
1127different for different forms of delivery. It is also possible to specify the
1128addition or removal of certain header lines at the time the message is
9b371988
PH
1129delivered (see chapters &<<CHAProutergeneric>>& and
1130&<<CHAPtransportgeneric>>&).
168e428f
PH
1131
1132
1133
f89d2485 1134.section "Life of a message" "SECID15"
9b371988
PH
1135.cindex "message" "life of"
1136.cindex "message" "frozen"
168e428f
PH
1137A message remains in the spool directory until it is completely delivered to
1138its recipients or to an error address, or until it is deleted by an
1139administrator or by the user who originally created it. In cases when delivery
20f0f788 1140cannot proceed &-- for example when a message can neither be delivered to its
9b371988 1141recipients nor returned to its sender, the message is marked &"frozen"& on the
168e428f
PH
1142spool, and no more deliveries are attempted.
1143
9b371988
PH
1144.cindex "frozen messages" "thawing"
1145.cindex "message" "thawing frozen"
1146An administrator can &"thaw"& such messages when the problem has been
1147corrected, and can also freeze individual messages by hand if necessary. In
1148addition, an administrator can force a delivery error, causing a bounce message
1149to be sent.
1150
0a4e3112
PH
1151.oindex "&%timeout_frozen_after%&"
1152.oindex "&%ignore_bounce_errors_after%&"
9b371988
PH
1153There are options called &%ignore_bounce_errors_after%& and
1154&%timeout_frozen_after%&, which discard frozen messages after a certain time.
20f0f788 1155The first applies only to frozen bounces, the second to all frozen messages.
168e428f 1156
9b371988
PH
1157.cindex "message" "log file for"
1158.cindex "log" "file for each message"
168e428f 1159While Exim is working on a message, it writes information about each delivery
068aaea8 1160attempt to its main log file. This includes successful, unsuccessful, and
9b371988
PH
1161delayed deliveries for each recipient (see chapter &<<CHAPlog>>&). The log
1162lines are also written to a separate &'message log'& file for each message.
20f0f788 1163These logs are solely for the benefit of the administrator and are normally
9b371988 1164deleted along with the spool files when processing of a message is complete.
168e428f 1165The use of individual message logs can be disabled by setting
9b371988
PH
1166&%no_message_logs%&; this might give an improvement in performance on very busy
1167systems.
168e428f 1168
9b371988
PH
1169.cindex "journal file"
1170.cindex "file" "journal"
168e428f
PH
1171All the information Exim itself needs to set up a delivery is kept in the first
1172spool file, along with the header lines. When a successful delivery occurs, the
1173address is immediately written at the end of a journal file, whose name is the
9b371988
PH
1174message id followed by &`-J`&. At the end of a delivery run, if there are some
1175addresses left to be tried again later, the first spool file (the &`-H`& file)
168e428f
PH
1176is updated to indicate which these are, and the journal file is then deleted.
1177Updating the spool file is done by writing a new file and renaming it, to
1178minimize the possibility of data loss.
1179
20f0f788 1180Should the system or Exim crash after a successful delivery but before
168e428f
PH
1181the spool file has been updated, the journal is left lying around. The next
1182time Exim attempts to deliver the message, it reads the journal file and
1183updates the spool file before proceeding. This minimizes the chances of double
1184deliveries caused by crashes.
1185
1186
1187
9b371988
PH
1188.section "Processing an address for delivery" "SECTprocaddress"
1189.cindex "drivers" "definition of"
1190.cindex "router" "definition of"
1191.cindex "transport" "definition of"
1192The main delivery processing elements of Exim are called &'routers'& and
1193&'transports'&, and collectively these are known as &'drivers'&. Code for a
168e428f 1194number of them is provided in the source distribution, and compile-time options
20f0f788 1195specify which ones are included in the binary. Runtime options specify which
168e428f
PH
1196ones are actually used for delivering messages.
1197
9b371988 1198.cindex "drivers" "instance definition"
20f0f788 1199Each driver that is specified in the runtime configuration is an &'instance'&
168e428f 1200of that particular driver type. Multiple instances are allowed; for example,
9b371988 1201you can set up several different &(smtp)& transports, each with different
168e428f
PH
1202option values that might specify different ports or different timeouts. Each
1203instance has its own identifying name. In what follows we will normally use the
1204instance name when discussing one particular instance (that is, one specific
1205configuration of the driver), and the generic driver name when discussing
1206the driver's features in general.
1207
9b371988 1208A &'router'& is a driver that operates on an address, either determining how
068aaea8 1209its delivery should happen, by assigning it to a specific transport, or
168e428f
PH
1210converting the address into one or more new addresses (for example, via an
1211alias file). A router may also explicitly choose to fail an address, causing it
1212to be bounced.
1213
9b371988
PH
1214A &'transport'& is a driver that transmits a copy of the message from Exim's
1215spool to some destination. There are two kinds of transport: for a &'local'&
168e428f 1216transport, the destination is a file or a pipe on the local host, whereas for a
9b371988 1217&'remote'& transport the destination is some other host. A message is passed
168e428f
PH
1218to a specific transport as a result of successful routing. If a message has
1219several recipients, it may be passed to a number of different transports.
1220
9b371988 1221.cindex "preconditions" "definition of"
168e428f
PH
1222An address is processed by passing it to each configured router instance in
1223turn, subject to certain preconditions, until a router accepts the address or
1224specifies that it should be bounced. We will describe this process in more
068aaea8
PH
1225detail shortly. First, as a simple example, we consider how each recipient
1226address in a message is processed in a small configuration of three routers.
168e428f 1227
068aaea8 1228To make this a more concrete example, it is described in terms of some actual
168e428f
PH
1229routers, but remember, this is only an example. You can configure Exim's
1230routers in many different ways, and there may be any number of routers in a
1231configuration.
1232
1233The first router that is specified in a configuration is often one that handles
20f0f788
HSHR
1234addresses in domains that are not recognized specifically by the local host.
1235Typically these are addresses for arbitrary domains on the Internet. A precondition
168e428f 1236is set up which looks for the special domains known to the host (for example,
9b371988 1237its own domain name), and the router is run for addresses that do &'not'&
168e428f
PH
1238match. Typically, this is a router that looks up domains in the DNS in order to
1239find the hosts to which this address routes. If it succeeds, the address is
068aaea8 1240assigned to a suitable SMTP transport; if it does not succeed, the router is
168e428f
PH
1241configured to fail the address.
1242
068aaea8 1243The second router is reached only when the domain is recognized as one that
9b371988 1244&"belongs"& to the local host. This router does redirection &-- also known as
068aaea8
PH
1245aliasing and forwarding. When it generates one or more new addresses from the
1246original, each of them is routed independently from the start. Otherwise, the
1247router may cause an address to fail, or it may simply decline to handle the
1248address, in which case the address is passed to the next router.
168e428f
PH
1249
1250The final router in many configurations is one that checks to see if the
1251address belongs to a local mailbox. The precondition may involve a check to
1252see if the local part is the name of a login account, or it may look up the
1253local part in a file or a database. If its preconditions are not met, or if
1254the router declines, we have reached the end of the routers. When this happens,
1255the address is bounced.
1256
1257
1258
f89d2485 1259.section "Processing an address for verification" "SECID16"
9b371988
PH
1260.cindex "router" "for verification"
1261.cindex "verifying address" "overview"
168e428f 1262As well as being used to decide how to deliver to an address, Exim's routers
9b371988 1263are also used for &'address verification'&. Verification can be requested as
168e428f 1264one of the checks to be performed in an ACL for incoming messages, on both
9b371988
PH
1265sender and recipient addresses, and it can be tested using the &%-bv%& and
1266&%-bvs%& command line options.
168e428f 1267
9b371988 1268When an address is being verified, the routers are run in &"verify mode"&. This
168e428f
PH
1269does not affect the way the routers work, but it is a state that can be
1270detected. By this means, a router can be skipped or made to behave differently
1271when verifying. A common example is a configuration in which the first router
20f0f788 1272sends all messages to a message-scanning program unless they have been
168e428f 1273previously scanned. Thus, the first router accepts all addresses without any
9b371988 1274checking, making it useless for verifying. Normally, the &%no_verify%& option
168e428f
PH
1275would be set for such a router, causing it to be skipped in verify mode.
1276
1277
1278
1279
9b371988
PH
1280.section "Running an individual router" "SECTrunindrou"
1281.cindex "router" "running details"
1282.cindex "preconditions" "checking"
1283.cindex "router" "result of running"
168e428f
PH
1284As explained in the example above, a number of preconditions are checked before
1285running a router. If any are not met, the router is skipped, and the address is
9b371988 1286passed to the next router. When all the preconditions on a router &'are'& met,
168e428f
PH
1287the router is run. What happens next depends on the outcome, which is one of
1288the following:
1289
9b371988
PH
1290.ilist
1291&'accept'&: The router accepts the address, and either assigns it to a
20f0f788
HSHR
1292transport or generates one or more &"child"& addresses. Processing the
1293original address ceases
0a4e3112 1294.oindex "&%unseen%&"
9b371988 1295unless the &%unseen%& option is set on the router. This option
168e428f 1296can be used to set up multiple deliveries with different routing (for example,
9b371988
PH
1297for keeping archive copies of messages). When &%unseen%& is set, the address is
1298passed to the next router. Normally, however, an &'accept'& return marks the
168e428f 1299end of routing.
9b371988 1300
068aaea8
PH
1301Any child addresses generated by the router are processed independently,
1302starting with the first router by default. It is possible to change this by
9b371988
PH
1303setting the &%redirect_router%& option to specify which router to start at for
1304child addresses. Unlike &%pass_router%& (see below) the router specified by
1305&%redirect_router%& may be anywhere in the router configuration.
1306.next
1307&'pass'&: The router recognizes the address, but cannot handle it itself. It
20f0f788 1308requests that the address be passed to another router. By default, the address
168e428f 1309is passed to the next router, but this can be changed by setting the
9b371988 1310&%pass_router%& option. However, (unlike &%redirect_router%&) the named router
168e428f 1311must be below the current router (to avoid loops).
9b371988
PH
1312.next
1313&'decline'&: The router declines to accept the address because it does not
168e428f 1314recognize it at all. By default, the address is passed to the next router, but
9b371988
PH
1315this can be prevented by setting the &%no_more%& option. When &%no_more%& is
1316set, all the remaining routers are skipped. In effect, &%no_more%& converts
1317&'decline'& into &'fail'&.
1318.next
1319&'fail'&: The router determines that the address should fail, and queues it for
168e428f 1320the generation of a bounce message. There is no further processing of the
9b371988
PH
1321original address unless &%unseen%& is set on the router.
1322.next
1323&'defer'&: The router cannot handle the address at the present time. (A
068aaea8
PH
1324database may be offline, or a DNS lookup may have timed out.) No further
1325processing of the address happens in this delivery attempt. It is tried again
1326next time the message is considered for delivery.
9b371988
PH
1327.next
1328&'error'&: There is some error in the router (for example, a syntax error in
168e428f 1329its configuration). The action is as for defer.
9b371988 1330.endlist
168e428f
PH
1331
1332If an address reaches the end of the routers without having been accepted by
068aaea8 1333any of them, it is bounced as unrouteable. The default error message in this
9b371988
PH
1334situation is &"unrouteable address"&, but you can set your own message by
1335making use of the &%cannot_route_message%& option. This can be set for any
1336router; the value from the last router that &"saw"& the address is used.
168e428f
PH
1337
1338Sometimes while routing you want to fail a delivery when some conditions are
1339met but others are not, instead of passing the address on for further routing.
1340You can do this by having a second router that explicitly fails the delivery
9b371988 1341when the relevant conditions are met. The &(redirect)& router has a &"fail"&
168e428f
PH
1342facility for this purpose.
1343
1344
f89d2485 1345.section "Duplicate addresses" "SECID17"
9b371988 1346.cindex "case of local parts"
f89d2485 1347.cindex "address duplicate, discarding"
db9452a9 1348.cindex "duplicate addresses"
068aaea8 1349Once routing is complete, Exim scans the addresses that are assigned to local
20f0f788
HSHR
1350and remote transports and discards any duplicates that it finds. During this
1351check, local parts are treated case-sensitively. This happens only when
db9452a9 1352actually delivering a message; when testing routers with &%-bt%&, all the
3cb1b51e 1353routed addresses are shown.
db9452a9 1354
068aaea8 1355
168e428f 1356
9b371988 1357.section "Router preconditions" "SECTrouprecon"
f89d2485 1358.cindex "router" "preconditions, order of processing"
9b371988 1359.cindex "preconditions" "order of processing"
168e428f
PH
1360The preconditions that are tested for each router are listed below, in the
1361order in which they are tested. The individual configuration options are
9b371988 1362described in more detail in chapter &<<CHAProutergeneric>>&.
168e428f 1363
9b371988 1364.ilist
2b8d6aff 1365.cindex affix "router precondition"
9b371988 1366The &%local_part_prefix%& and &%local_part_suffix%& options can specify that
168e428f
PH
1367the local parts handled by the router may or must have certain prefixes and/or
1368suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
1369skipped. These conditions are tested first. When an affix is present, it is
1370removed from the local part before further processing, including the evaluation
1371of any other conditions.
9b371988
PH
1372.next
1373Routers can be designated for use only when not verifying an address, that is,
168e428f 1374only when routing it for delivery (or testing its delivery routing). If the
9b371988 1375&%verify%& option is set false, the router is skipped when Exim is verifying an
168e428f 1376address.
9b371988
PH
1377Setting the &%verify%& option actually sets two options, &%verify_sender%& and
1378&%verify_recipient%&, which independently control the use of the router for
168e428f
PH
1379sender and recipient verification. You can set these options directly if
1380you want a router to be used for only one type of verification.
6ece2e77 1381Note that cutthrough delivery is classed as a recipient verification for this purpose.
9b371988
PH
1382.next
1383If the &%address_test%& option is set false, the router is skipped when Exim is
1384run with the &%-bt%& option to test an address routing. This can be helpful
1385when the first router sends all new messages to a scanner of some sort; it
1386makes it possible to use &%-bt%& to test subsequent delivery routing without
1387having to simulate the effect of the scanner.
1388.next
1389Routers can be designated for use only when verifying an address, as
1390opposed to routing it for delivery. The &%verify_only%& option controls this.
6ece2e77 1391Again, cutthrough delivery counts as a verification.
9b371988
PH
1392.next
1393Individual routers can be explicitly skipped when running the routers to
1394check an address given in the SMTP EXPN command (see the &%expn%& option).
1395.next
1396If the &%domains%& option is set, the domain of the address must be in the set
068aaea8 1397of domains that it defines.
9b371988 1398.next
f89d2485
PH
1399.vindex "&$local_part_prefix$&"
1400.vindex "&$local_part$&"
1401.vindex "&$local_part_suffix$&"
2b8d6aff 1402.cindex affix "router precondition"
9b371988
PH
1403If the &%local_parts%& option is set, the local part of the address must be in
1404the set of local parts that it defines. If &%local_part_prefix%& or
1405&%local_part_suffix%& is in use, the prefix or suffix is removed from the local
168e428f 1406part before this check. If you want to do precondition tests on local parts
9b371988
PH
1407that include affixes, you can do so by using a &%condition%& option (see below)
1408that uses the variables &$local_part$&, &$local_part_prefix$&, and
1409&$local_part_suffix$& as necessary.
1410.next
f89d2485
PH
1411.vindex "&$local_user_uid$&"
1412.vindex "&$local_user_gid$&"
1413.vindex "&$home$&"
9b371988 1414If the &%check_local_user%& option is set, the local part must be the name of
068aaea8 1415an account on the local host. If this check succeeds, the uid and gid of the
9b371988
PH
1416local user are placed in &$local_user_uid$& and &$local_user_gid$& and the
1417user's home directory is placed in &$home$&; these values can be used in the
1418remaining preconditions.
1419.next
1420If the &%router_home_directory%& option is set, it is expanded at this point,
1421because it overrides the value of &$home$&. If this expansion were left till
1422later, the value of &$home$& as set by &%check_local_user%& would be used in
1423subsequent tests. Having two different values of &$home$& in the same router
168e428f 1424could lead to confusion.
9b371988
PH
1425.next
1426If the &%senders%& option is set, the envelope sender address must be in the
1427set of addresses that it defines.
1428.next
1429If the &%require_files%& option is set, the existence or non-existence of
168e428f 1430specified files is tested.
9b371988
PH
1431.next
1432.cindex "customizing" "precondition"
1433If the &%condition%& option is set, it is evaluated and tested. This option
1434uses an expanded string to allow you to set up your own custom preconditions.
1435Expanded strings are described in chapter &<<CHAPexpand>>&.
1436.endlist
168e428f 1437
168e428f 1438
9b371988
PH
1439Note that &%require_files%& comes near the end of the list, so you cannot use
1440it to check for the existence of a file in which to lookup up a domain, local
168e428f 1441part, or sender. However, as these options are all expanded, you can use the
9b371988
PH
1442&%exists%& expansion condition to make such tests within each condition. The
1443&%require_files%& option is intended for checking files that the router may be
168e428f 1444going to use internally, or which are needed by a specific transport (for
9b371988 1445example, &_.procmailrc_&).
168e428f
PH
1446
1447
1448
f89d2485 1449.section "Delivery in detail" "SECID18"
9b371988 1450.cindex "delivery" "in detail"
168e428f
PH
1451When a message is to be delivered, the sequence of events is as follows:
1452
9b371988
PH
1453.ilist
1454If a system-wide filter file is specified, the message is passed to it. The
168e428f
PH
1455filter may add recipients to the message, replace the recipients, discard the
1456message, cause a new message to be generated, or cause the message delivery to
1457fail. The format of the system filter file is the same as for Exim user filter
9b371988
PH
1458files, described in the separate document entitled &'Exim's interfaces to mail
1459filtering'&.
1460.cindex "Sieve filter" "not available for system filter"
1461(&*Note*&: Sieve cannot be used for system filter files.)
1462
1463Some additional features are available in system filters &-- see chapter
1464&<<CHAPsystemfilter>>& for details. Note that a message is passed to the system
168e428f
PH
1465filter only once per delivery attempt, however many recipients it has. However,
1466if there are several delivery attempts because one or more addresses could not
1467be immediately delivered, the system filter is run each time. The filter
9b371988 1468condition &%first_delivery%& can be used to detect the first run of the system
168e428f 1469filter.
9b371988 1470.next
20f0f788 1471Each recipient address is offered to each configured router, in turn, subject to
9b371988
PH
1472its preconditions, until one is able to handle it. If no router can handle the
1473address, that is, if they all decline, the address is failed. Because routers
1474can be targeted at particular domains, several locally handled domains can be
1475processed entirely independently of each other.
1476.next
1477.cindex "routing" "loops in"
1478.cindex "loop" "while routing"
1479A router that accepts an address may assign it to a local or a remote
1480transport. However, the transport is not run at this time. Instead, the address
1481is placed on a list for the particular transport, which will be run later.
068aaea8
PH
1482Alternatively, the router may generate one or more new addresses (typically
1483from alias, forward, or filter files). New addresses are fed back into this
1484process from the top, but in order to avoid loops, a router ignores any address
1485which has an identically-named ancestor that was processed by itself.
9b371988
PH
1486.next
1487When all the routing has been done, addresses that have been successfully
168e428f
PH
1488handled are passed to their assigned transports. When local transports are
1489doing real local deliveries, they handle only one address at a time, but if a
1490local transport is being used as a pseudo-remote transport (for example, to
1491collect batched SMTP messages for transmission by some other means) multiple
1492addresses can be handled. Remote transports can always handle more than one
1493address at a time, but can be configured not to do so, or to restrict multiple
1494addresses to the same domain.
9b371988
PH
1495.next
1496Each local delivery to a file or a pipe runs in a separate process under a
168e428f
PH
1497non-privileged uid, and these deliveries are run one at a time. Remote
1498deliveries also run in separate processes, normally under a uid that is private
9b371988 1499to Exim (&"the Exim user"&), but in this case, several remote deliveries can be
168e428f 1500run in parallel. The maximum number of simultaneous remote deliveries for any
9b371988 1501one message is set by the &%remote_max_parallel%& option.
168e428f
PH
1502The order in which deliveries are done is not defined, except that all local
1503deliveries happen before any remote deliveries.
9b371988
PH
1504.next
1505.cindex "queue runner"
168e428f
PH
1506When it encounters a local delivery during a queue run, Exim checks its retry
1507database to see if there has been a previous temporary delivery failure for the
1508address before running the local transport. If there was a previous failure,
1509Exim does not attempt a new delivery until the retry time for the address is
1510reached. However, this happens only for delivery attempts that are part of a
1511queue run. Local deliveries are always attempted when delivery immediately
1512follows message reception, even if retry times are set for them. This makes for
1513better behaviour if one particular message is causing problems (for example,
1514causing quota overflow, or provoking an error in a filter file).
9b371988
PH
1515.next
1516.cindex "delivery" "retry in remote transports"
168e428f
PH
1517Remote transports do their own retry handling, since an address may be
1518deliverable to one of a number of hosts, each of which may have a different
1519retry time. If there have been previous temporary failures and no host has
1520reached its retry time, no delivery is attempted, whether in a queue run or
9b371988
PH
1521not. See chapter &<<CHAPretry>>& for details of retry strategies.
1522.next
1523If there were any permanent errors, a bounce message is returned to an
168e428f
PH
1524appropriate address (the sender in the common case), with details of the error
1525for each failing address. Exim can be configured to send copies of bounce
1526messages to other addresses.
9b371988
PH
1527.next
1528.cindex "delivery" "deferral"
168e428f
PH
1529If one or more addresses suffered a temporary failure, the message is left on
1530the queue, to be tried again later. Delivery of these addresses is said to be
9b371988
PH
1531&'deferred'&.
1532.next
1533When all the recipient addresses have either been delivered or bounced,
168e428f
PH
1534handling of the message is complete. The spool files and message log are
1535deleted, though the message log can optionally be preserved if required.
9b371988 1536.endlist
168e428f
PH
1537
1538
1539
1540
f89d2485 1541.section "Retry mechanism" "SECID19"
9b371988
PH
1542.cindex "delivery" "retry mechanism"
1543.cindex "retry" "description of mechanism"
1544.cindex "queue runner"
168e428f
PH
1545Exim's mechanism for retrying messages that fail to get delivered at the first
1546attempt is the queue runner process. You must either run an Exim daemon that
9b371988 1547uses the &%-q%& option with a time interval to start queue runners at regular
20f0f788 1548intervals or use some other means (such as &'cron'&) to start them. If you do
168e428f 1549not arrange for queue runners to be run, messages that fail temporarily at the
20f0f788 1550first attempt will remain in your queue forever. A queue runner process works
068aaea8 1551its way through the queue, one message at a time, trying each delivery that has
168e428f
PH
1552passed its retry time.
1553You can run several queue runners at once.
1554
1555Exim uses a set of configured rules to determine when next to retry the failing
9b371988
PH
1556address (see chapter &<<CHAPretry>>&). These rules also specify when Exim
1557should give up trying to deliver to the address, at which point it generates a
1558bounce message. If no retry rules are set for a particular host, address, and
1559error combination, no retries are attempted, and temporary errors are treated
1560as permanent.
168e428f
PH
1561
1562
1563
f89d2485 1564.section "Temporary delivery failure" "SECID20"
9b371988 1565.cindex "delivery" "temporary failure"
168e428f
PH
1566There are many reasons why a message may not be immediately deliverable to a
1567particular address. Failure to connect to a remote machine (because it, or the
1568connection to it, is down) is one of the most common. Temporary failures may be
1569detected during routing as well as during the transport stage of delivery.
1570Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
1571is on a file system where the user is over quota. Exim can be configured to
1572impose its own quotas on local mailboxes; where system quotas are set they will
1573also apply.
1574
1575If a host is unreachable for a period of time, a number of messages may be
1576waiting for it by the time it recovers, and sending them in a single SMTP
1577connection is clearly beneficial. Whenever a delivery to a remote host is
1578deferred,
fa41615d 1579.cindex "hints database" "deferred deliveries"
168e428f
PH
1580Exim makes a note in its hints database, and whenever a successful
1581SMTP delivery has happened, it looks to see if any other messages are waiting
1582for the same host. If any are found, they are sent over the same SMTP
1583connection, subject to a configuration limit as to the maximum number in any
1584one connection.
168e428f
PH
1585
1586
1587
f89d2485 1588.section "Permanent delivery failure" "SECID21"
9b371988
PH
1589.cindex "delivery" "permanent failure"
1590.cindex "bounce message" "when generated"
168e428f
PH
1591When a message cannot be delivered to some or all of its intended recipients, a
1592bounce message is generated. Temporary delivery failures turn into permanent
1593errors when their timeout expires. All the addresses that fail in a given
1594delivery attempt are listed in a single message. If the original message has
1595many recipients, it is possible for some addresses to fail in one delivery
1596attempt and others to fail subsequently, giving rise to more than one bounce
1597message. The wording of bounce messages can be customized by the administrator.
9b371988 1598See chapter &<<CHAPemsgcust>>& for details.
168e428f 1599
9b371988
PH
1600.cindex "&'X-Failed-Recipients:'& header line"
1601Bounce messages contain an &'X-Failed-Recipients:'& header line that lists the
168e428f
PH
1602failed addresses, for the benefit of programs that try to analyse such messages
1603automatically.
1604
9b371988 1605.cindex "bounce message" "recipient of"
168e428f
PH
1606A bounce message is normally sent to the sender of the original message, as
1607obtained from the message's envelope. For incoming SMTP messages, this is the
9b371988
PH
1608address given in the MAIL command. However, when an address is expanded via a
1609forward or alias file, an alternative address can be specified for delivery
1610failures of the generated addresses. For a mailing list expansion (see section
1611&<<SECTmailinglists>>&) it is common to direct bounce messages to the manager
1612of the list.
168e428f
PH
1613
1614
1615
f89d2485 1616.section "Failures to deliver bounce messages" "SECID22"
9b371988 1617.cindex "bounce message" "failure to deliver"
168e428f 1618If a bounce message (either locally generated or received from a remote host)
20f0f788 1619itself suffers a permanent delivery failure, the message is left in the queue,
168e428f 1620but it is frozen, awaiting the attention of an administrator. There are options
068aaea8 1621that can be used to make Exim discard such failed messages, or to keep them
9b371988
PH
1622for only a short time (see &%timeout_frozen_after%& and
1623&%ignore_bounce_errors_after%&).
168e428f
PH
1624
1625
1626
1627
1628
9b371988
PH
1629. ////////////////////////////////////////////////////////////////////////////
1630. ////////////////////////////////////////////////////////////////////////////
168e428f 1631
f89d2485 1632.chapter "Building and installing Exim" "CHID3"
4f578862 1633.scindex IIDbuex "building Exim"
168e428f 1634
f89d2485
PH
1635.section "Unpacking" "SECID23"
1636Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
168e428f 1637creates a directory with the name of the current release (for example,
2aee48d6 1638&_exim-&version()_&) into which the following files are placed:
9b371988
PH
1639
1640.table2 140pt
f89d2485
PH
1641.irow &_ACKNOWLEDGMENTS_& "contains some acknowledgments"
1642.irow &_CHANGES_& "contains a reference to where changes are &&&
1643 documented"
1644.irow &_LICENCE_& "the GNU General Public Licence"
1645.irow &_Makefile_& "top-level make file"
1646.irow &_NOTICE_& "conditions for the use of Exim"
1647.irow &_README_& "list of files, directories and simple build &&&
1648 instructions"
9b371988
PH
1649.endtable
1650
1651Other files whose names begin with &_README_& may also be present. The
168e428f
PH
1652following subdirectories are created:
1653
9b371988 1654.table2 140pt
f89d2485
PH
1655.irow &_Local_& "an empty directory for local configuration files"
1656.irow &_OS_& "OS-specific files"
1657.irow &_doc_& "documentation files"
1658.irow &_exim_monitor_& "source files for the Exim monitor"
1659.irow &_scripts_& "scripts used in the build process"
1660.irow &_src_& "remaining source files"
1661.irow &_util_& "independent utilities"
9b371988
PH
1662.endtable
1663
20f0f788 1664The main utility programs are contained in the &_src_& directory and are built
9b371988 1665with the Exim binary. The &_util_& directory contains a few optional scripts
168e428f
PH
1666that may be useful to some sites.
1667
1668
f89d2485 1669.section "Multiple machine architectures and operating systems" "SECID24"
9b371988 1670.cindex "building Exim" "multiple OS/architectures"
168e428f
PH
1671The building process for Exim is arranged to make it easy to build binaries for
1672a number of different architectures and operating systems from the same set of
9b371988
PH
1673source files. Compilation does not take place in the &_src_& directory.
1674Instead, a &'build directory'& is created for each architecture and operating
1675system.
1676.cindex "symbolic link" "to build directory"
168e428f 1677Symbolic links to the sources are installed in this directory, which is where
9b371988
PH
1678the actual building takes place. In most cases, Exim can discover the machine
1679architecture and operating system for itself, but the defaults can be
1680overridden if necessary.
f2ed27cf
JH
1681.cindex compiler requirements
1682.cindex compiler version
1683A C99-capable compiler will be required for the build.
168e428f 1684
168e428f 1685
8473d4ee 1686.section "PCRE library" "SECTpcre"
210f147e
NM
1687.cindex "PCRE library"
1688Exim no longer has an embedded PCRE library as the vast majority of
20f0f788
HSHR
1689modern systems include PCRE as a system library, although you may need to
1690install the PCRE package or the PCRE development package for your operating
210f147e
NM
1691system. If your system has a normal PCRE installation the Exim build
1692process will need no further configuration. If the library or the
6a6084f8
PP
1693headers are in an unusual location you will need to either set the PCRE_LIBS
1694and INCLUDE directives appropriately,
1695or set PCRE_CONFIG=yes to use the installed &(pcre-config)& command.
1696If your operating system has no
210f147e
NM
1697PCRE support then you will need to obtain and build the current PCRE
1698from &url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/).
07738d61 1699More information on PCRE is available at &url(https://www.pcre.org/).
210f147e 1700
9b371988
PH
1701.section "DBM libraries" "SECTdb"
1702.cindex "DBM libraries" "discussion of"
1703.cindex "hints database" "DBM files used for"
168e428f
PH
1704Even if you do not use any DBM files in your configuration, Exim still needs a
1705DBM library in order to operate, because it uses indexed files for its hints
1706databases. Unfortunately, there are a number of DBM libraries in existence, and
1707different operating systems often have different ones installed.
1708
9b371988 1709.cindex "Solaris" "DBM library for"
f89d2485
PH
1710.cindex "IRIX, DBM library for"
1711.cindex "BSD, DBM library for"
1712.cindex "Linux, DBM library for"
168e428f
PH
1713If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
1714Linux distribution, the DBM configuration should happen automatically, and you
1715may be able to ignore this section. Otherwise, you may have to learn more than
1716you would like about DBM libraries from what follows.
1717
9b371988 1718.cindex "&'ndbm'& DBM library"
168e428f 1719Licensed versions of Unix normally contain a library of DBM functions operating
9b371988 1720via the &'ndbm'& interface, and this is what Exim expects by default. Free
168e428f
PH
1721versions of Unix seem to vary in what they contain as standard. In particular,
1722some early versions of Linux have no default DBM library, and different
1723distributors have chosen to bundle different libraries with their packaged
f89d2485 1724versions. However, the more recent releases seem to have standardized on the
168e428f
PH
1725Berkeley DB library.
1726
1727Different DBM libraries have different conventions for naming the files they
9b371988 1728use. When a program opens a file called &_dbmfile_&, there are several
168e428f
PH
1729possibilities:
1730
9b371988
PH
1731.olist
1732A traditional &'ndbm'& implementation, such as that supplied as part of
1733Solaris, operates on two files called &_dbmfile.dir_& and &_dbmfile.pag_&.
1734.next
1735.cindex "&'gdbm'& DBM library"
1736The GNU library, &'gdbm'&, operates on a single file. If used via its &'ndbm'&
168e428f 1737compatibility interface it makes two different hard links to it with names
9b371988 1738&_dbmfile.dir_& and &_dbmfile.pag_&, but if used via its native interface, the
20f0f788 1739filename is used unmodified.
9b371988
PH
1740.next
1741.cindex "Berkeley DB library"
1742The Berkeley DB package, if called via its &'ndbm'& compatibility interface,
1743operates on a single file called &_dbmfile.db_&, but otherwise looks to the
1744programmer exactly the same as the traditional &'ndbm'& implementation.
1745.next
1746If the Berkeley package is used in its native mode, it operates on a single
1747file called &_dbmfile_&; the programmer's interface is somewhat different to
1748the traditional &'ndbm'& interface.
1749.next
1750To complicate things further, there are several very different versions of the
168e428f 1751Berkeley DB package. Version 1.85 was stable for a very long time, releases
07738d61
PP
17522.&'x'& and 3.&'x'& were current for a while, but the latest versions when Exim last revamped support were numbered 4.&'x'&.
1753Maintenance of some of the earlier releases has ceased. All versions of
1754Berkeley DB could be obtained from
1755&url(http://www.sleepycat.com/), which is now a redirect to their new owner's
1756page with far newer versions listed.
1757It is probably wise to plan to move your storage configurations away from
1758Berkeley DB format, as today there are smaller and simpler alternatives more
1759suited to Exim's usage model.
9b371988
PH
1760.next
1761.cindex "&'tdb'& DBM library"
1762Yet another DBM library, called &'tdb'&, is available from
07738d61 1763&url(https://sourceforge.net/projects/tdb/files/). It has its own interface, and also
9b371988
PH
1764operates on a single file.
1765.endlist
1766
1767.cindex "USE_DB"
1768.cindex "DBM libraries" "configuration for building"
168e428f
PH
1769Exim and its utilities can be compiled to use any of these interfaces. In order
1770to use any version of the Berkeley DB package in native mode, you must set
1771USE_DB in an appropriate configuration file (typically
9b371988
PH
1772&_Local/Makefile_&). For example:
1773.code
1774USE_DB=yes
1775.endd
168e428f
PH
1776Similarly, for gdbm you set USE_GDBM, and for tdb you set USE_TDB. An
1777error is diagnosed if you set more than one of these.
1778
1779At the lowest level, the build-time configuration sets none of these options,
1780thereby assuming an interface of type (1). However, some operating system
1781configuration files (for example, those for the BSD operating systems and
1782Linux) assume type (4) by setting USE_DB as their default, and the
1783configuration files for Cygwin set USE_GDBM. Anything you set in
9b371988 1784&_Local/Makefile_&, however, overrides these system defaults.
168e428f
PH
1785
1786As well as setting USE_DB, USE_GDBM, or USE_TDB, it may also be
1787necessary to set DBMLIB, to cause inclusion of the appropriate library, as
1788in one of these lines:
9b371988
PH
1789.code
1790DBMLIB = -ldb
1791DBMLIB = -ltdb
1792.endd
168e428f
PH
1793Settings like that will work if the DBM library is installed in the standard
1794place. Sometimes it is not, and the library's header file may also not be in
1795the default path. You may need to set INCLUDE to specify where the header
1796file is, and to specify the path to the library more fully in DBMLIB, as in
1797this example:
9b371988
PH
1798.code
1799INCLUDE=-I/usr/local/include/db-4.1
1800DBMLIB=/usr/local/lib/db-4.1/libdb.a
1801.endd
168e428f 1802There is further detailed discussion about the various DBM libraries in the
9b371988 1803file &_doc/dbm.discuss.txt_& in the Exim distribution.
168e428f
PH
1804
1805
1806
f89d2485 1807.section "Pre-building configuration" "SECID25"
9b371988
PH
1808.cindex "building Exim" "pre-building configuration"
1809.cindex "configuration for building Exim"
1810.cindex "&_Local/Makefile_&"
1811.cindex "&_src/EDITME_&"
168e428f
PH
1812Before building Exim, a local configuration file that specifies options
1813independent of any operating system has to be created with the name
9b371988
PH
1814&_Local/Makefile_&. A template for this file is supplied as the file
1815&_src/EDITME_&, and it contains full descriptions of all the option settings
168e428f
PH
1816therein. These descriptions are therefore not repeated here. If you are
1817building Exim for the first time, the simplest thing to do is to copy
9b371988 1818&_src/EDITME_& to &_Local/Makefile_&, then read it and edit it appropriately.
168e428f
PH
1819
1820There are three settings that you must supply, because Exim will not build
20f0f788 1821without them. They are the location of the runtime configuration file
168e428f
PH
1822(CONFIGURE_FILE), the directory in which Exim binaries will be installed
1823(BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and
1824maybe EXIM_GROUP as well). The value of CONFIGURE_FILE can in fact be
20f0f788 1825a colon-separated list of filenames; Exim uses the first of them that exists.
168e428f
PH
1826
1827There are a few other parameters that can be specified either at build time or
20f0f788 1828at runtime, to enable the same binary to be used on a number of different
168e428f
PH
1829machines. However, if the locations of Exim's spool directory and log file
1830directory (if not within the spool directory) are fixed, it is recommended that
20f0f788 1831you specify them in &_Local/Makefile_& instead of at runtime, so that errors
168e428f
PH
1832detected early in Exim's execution (such as a malformed configuration file) can
1833be logged.
1834
9b371988 1835.cindex "content scanning" "specifying at build time"
068aaea8 1836Exim's interfaces for calling virus and spam scanning software directly from
168e428f
PH
1837access control lists are not compiled by default. If you want to include these
1838facilities, you need to set
9b371988
PH
1839.code
1840WITH_CONTENT_SCAN=yes
1841.endd
1842in your &_Local/Makefile_&. For details of the facilities themselves, see
1843chapter &<<CHAPexiscan>>&.
168e428f
PH
1844
1845
9b371988 1846.cindex "&_Local/eximon.conf_&"
3cb1b51e 1847.cindex "&_exim_monitor/EDITME_&"
168e428f 1848If you are going to build the Exim monitor, a similar configuration process is
9b371988
PH
1849required. The file &_exim_monitor/EDITME_& must be edited appropriately for
1850your installation and saved under the name &_Local/eximon.conf_&. If you are
1851happy with the default settings described in &_exim_monitor/EDITME_&,
1852&_Local/eximon.conf_& can be empty, but it must exist.
168e428f
PH
1853
1854This is all the configuration that is needed in straightforward cases for known
1855operating systems. However, the building process is set up so that it is easy
1856to override options that are set by default or by operating-system-specific
20f0f788 1857configuration files, for example, to change the C compiler, which
9b371988
PH
1858defaults to &%gcc%&. See section &<<SECToverride>>& below for details of how to
1859do this.
168e428f
PH
1860
1861
1862
f89d2485 1863.section "Support for iconv()" "SECID26"
9b371988
PH
1864.cindex "&[iconv()]& support"
1865.cindex "RFC 2047"
168e428f
PH
1866The contents of header lines in messages may be encoded according to the rules
1867described RFC 2047. This makes it possible to transmit characters that are not
1868in the ASCII character set, and to label them as being in a particular
9b371988 1869character set. When Exim is inspecting header lines by means of the &%$h_%&
168e428f 1870mechanism, it decodes them, and translates them into a specified character set
1459a03d 1871(default is set at build time). The translation is possible only if the operating system
9b371988
PH
1872supports the &[iconv()]& function.
1873
1874However, some of the operating systems that supply &[iconv()]& do not support
1875very many conversions. The GNU &%libiconv%& library (available from
07738d61 1876&url(https://www.gnu.org/software/libiconv/)) can be installed on such
9b371988
PH
1877systems to remedy this deficiency, as well as on systems that do not supply
1878&[iconv()]& at all. After installing &%libiconv%&, you should add
1879.code
1880HAVE_ICONV=yes
1881.endd
1882to your &_Local/Makefile_& and rebuild Exim.
1883
1884
1885
1886.section "Including TLS/SSL encryption support" "SECTinctlsssl"
1887.cindex "TLS" "including support for TLS"
1888.cindex "encryption" "including support for"
1889.cindex "SUPPORT_TLS"
1890.cindex "OpenSSL" "building Exim with"
1891.cindex "GnuTLS" "building Exim with"
168e428f
PH
1892Exim can be built to support encrypted SMTP connections, using the STARTTLS
1893command as per RFC 2487. It can also support legacy clients that expect to
1894start a TLS session immediately on connection to a non-standard port (see the
9b371988 1895&%tls_on_connect_ports%& runtime option and the &%-tls-on-connect%& command
168e428f
PH
1896line option).
1897
1898If you want to build Exim with TLS support, you must first install either the
1899OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
1900implementing SSL.
1901
1902If OpenSSL is installed, you should set
9b371988
PH
1903.code
1904SUPPORT_TLS=yes
1905TLS_LIBS=-lssl -lcrypto
1906.endd
1907in &_Local/Makefile_&. You may also need to specify the locations of the
168e428f 1908OpenSSL library and include files. For example:
9b371988
PH
1909.code
1910SUPPORT_TLS=yes
1911TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
1912TLS_INCLUDE=-I/usr/local/openssl/include/
1913.endd
7e6a8985
PP
1914.cindex "pkg-config" "OpenSSL"
1915If you have &'pkg-config'& available, then instead you can just use:
1916.code
1917SUPPORT_TLS=yes
1918USE_OPENSSL_PC=openssl
1919.endd
9b371988 1920.cindex "USE_GNUTLS"
168e428f 1921If GnuTLS is installed, you should set
9b371988
PH
1922.code
1923SUPPORT_TLS=yes
1924USE_GNUTLS=yes
1925TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
1926.endd
1927in &_Local/Makefile_&, and again you may need to specify the locations of the
168e428f 1928library and include files. For example:
9b371988
PH
1929.code
1930SUPPORT_TLS=yes
1931USE_GNUTLS=yes
1932TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
1933TLS_INCLUDE=-I/usr/gnu/include
1934.endd
7e6a8985
PP
1935.cindex "pkg-config" "GnuTLS"
1936If you have &'pkg-config'& available, then instead you can just use:
1937.code
1938SUPPORT_TLS=yes
1939USE_GNUTLS=yes
1940USE_GNUTLS_PC=gnutls
1941.endd
7e6a8985 1942
168e428f 1943You do not need to set TLS_INCLUDE if the relevant directory is already
9b371988
PH
1944specified in INCLUDE. Details of how to configure Exim to make use of TLS are
1945given in chapter &<<CHAPTLS>>&.
168e428f
PH
1946
1947
1948
1949
b52ed2b3
NM
1950.section "Use of tcpwrappers" "SECID27"
1951
f89d2485 1952.cindex "tcpwrappers, building Exim to support"
9b371988 1953.cindex "USE_TCP_WRAPPERS"
5dc43717
JJ
1954.cindex "TCP_WRAPPERS_DAEMON_NAME"
1955.cindex "tcp_wrappers_daemon_name"
9b371988
PH
1956Exim can be linked with the &'tcpwrappers'& library in order to check incoming
1957SMTP calls using the &'tcpwrappers'& control files. This may be a convenient
168e428f 1958alternative to Exim's own checking facilities for installations that are
9b371988
PH
1959already making use of &'tcpwrappers'& for other purposes. To do this, you
1960should set USE_TCP_WRAPPERS in &_Local/Makefile_&, arrange for the file
1961&_tcpd.h_& to be available at compile time, and also ensure that the library
1962&_libwrap.a_& is available at link time, typically by including &%-lwrap%& in
1963EXTRALIBS_EXIM. For example, if &'tcpwrappers'& is installed in &_/usr/local_&,
1964you might have
1965.code
1966USE_TCP_WRAPPERS=yes
1967CFLAGS=-O -I/usr/local/include
1968EXTRALIBS_EXIM=-L/usr/local/lib -lwrap
1969.endd
5dc43717
JJ
1970in &_Local/Makefile_&. The daemon name to use in the &'tcpwrappers'& control
1971files is &"exim"&. For example, the line
9b371988
PH
1972.code
1973exim : LOCAL 192.168.1. .friendly.domain.example
1974.endd
1975in your &_/etc/hosts.allow_& file allows connections from the local host, from
1976the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&.
5dc43717
JJ
1977All other connections are denied. The daemon name used by &'tcpwrappers'&
1978can be changed at build time by setting TCP_WRAPPERS_DAEMON_NAME in
a543079f 1979&_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
5dc43717 1980configure file. Consult the &'tcpwrappers'& documentation for
168e428f 1981further details.
168e428f
PH
1982
1983
f89d2485 1984.section "Including support for IPv6" "SECID28"
9b371988 1985.cindex "IPv6" "including support for"
168e428f 1986Exim contains code for use on systems that have IPv6 support. Setting
9b371988 1987&`HAVE_IPV6=YES`& in &_Local/Makefile_& causes the IPv6 code to be included;
168e428f
PH
1988it may also be necessary to set IPV6_INCLUDE and IPV6_LIBS on systems
1989where the IPv6 support is not fully integrated into the normal include and
1990library files.
1991
1992Two different types of DNS record for handling IPv6 addresses have been
f89d2485 1993defined. AAAA records (analogous to A records for IPv4) are in use, and are
168e428f
PH
1994currently seen as the mainstream. Another record type called A6 was proposed
1995as better than AAAA because it had more flexibility. However, it was felt to be
badb25a9 1996over-complex, and its status was reduced to &"experimental"&.
badb25a9 1997Exim used to
cc00f4af
JH
1998have a compile option for including A6 record support but this has now been
1999withdrawn.
168e428f
PH
2000
2001
2002
0a349494
PP
2003.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
2004.cindex "lookup modules"
2005.cindex "dynamic modules"
2006.cindex ".so building"
2007On some platforms, Exim supports not compiling all lookup types directly into
2008the main binary, instead putting some into external modules which can be loaded
2009on demand.
2010This permits packagers to build Exim with support for lookups with extensive
2011library dependencies without requiring all users to install all of those
2012dependencies.
2013Most, but not all, lookup types can be built this way.
2014
2015Set &`LOOKUP_MODULE_DIR`& to the directory into which the modules will be
2016installed; Exim will only load modules from that directory, as a security
2017measure. You will need to set &`CFLAGS_DYNAMIC`& if not already defined
2018for your OS; see &_OS/Makefile-Linux_& for an example.
2019Some other requirements for adjusting &`EXTRALIBS`& may also be necessary,
2020see &_src/EDITME_& for details.
2021
2022Then, for each module to be loaded dynamically, define the relevant
2023&`LOOKUP_`&<&'lookup_type'&> flags to have the value "2" instead of "yes".
2024For example, this will build in lsearch but load sqlite and mysql support
2025on demand:
2026.code
2027LOOKUP_LSEARCH=yes
2028LOOKUP_SQLITE=2
2029LOOKUP_MYSQL=2
2030.endd
5d758a46 2031
0a349494 2032
f89d2485 2033.section "The building process" "SECID29"
9b371988
PH
2034.cindex "build directory"
2035Once &_Local/Makefile_& (and &_Local/eximon.conf_&, if required) have been
2036created, run &'make'& at the top level. It determines the architecture and
168e428f
PH
2037operating system types, and creates a build directory if one does not exist.
2038For example, on a Sun system running Solaris 8, the directory
9b371988
PH
2039&_build-SunOS5-5.8-sparc_& is created.
2040.cindex "symbolic link" "to source files"
168e428f
PH
2041Symbolic links to relevant source files are installed in the build directory.
2042
9b371988 2043If this is the first time &'make'& has been run, it calls a script that builds
168e428f 2044a make file inside the build directory, using the configuration files from the
9b371988
PH
2045&_Local_& directory. The new make file is then passed to another instance of
2046&'make'&. This does the real work, building a number of utility scripts, and
168e428f 2047then compiling and linking the binaries for the Exim monitor (if configured), a
9b371988
PH
2048number of utility programs, and finally Exim itself. The command &`make
2049makefile`& can be used to force a rebuild of the make file in the build
168e428f
PH
2050directory, should this ever be necessary.
2051
2052If you have problems building Exim, check for any comments there may be in the
9b371988 2053&_README_& file concerning your operating system, and also take a look at the
168e428f
PH
2054FAQ, where some common problems are covered.
2055
2056
2057
f89d2485 2058.section 'Output from &"make"&' "SECID283"
9b371988 2059The output produced by the &'make'& process for compile lines is often very
068aaea8
PH
2060unreadable, because these lines can be very long. For this reason, the normal
2061output is suppressed by default, and instead output similar to that which
2062appears when compiling the 2.6 Linux kernel is generated: just a short line for
2063each module that is being compiled or linked. However, it is still possible to
9b371988
PH
2064get the full output, by calling &'make'& like this:
2065.code
2066FULLECHO='' make -e
2067.endd
2068The value of FULLECHO defaults to &"@"&, the flag character that suppresses
2069command reflection in &'make'&. When you ask for the full output, it is
3cb1b51e 2070given in addition to the short output.
068aaea8
PH
2071
2072
2073
9b371988 2074.section "Overriding build-time options for Exim" "SECToverride"
f89d2485 2075.cindex "build-time options, overriding"
168e428f
PH
2076The main make file that is created at the beginning of the building process
2077consists of the concatenation of a number of files which set configuration
9b371988 2078values, followed by a fixed set of &'make'& instructions. If a value is set
168e428f
PH
2079more than once, the last setting overrides any previous ones. This provides a
2080convenient way of overriding defaults. The files that are concatenated are, in
2081order:
9b371988
PH
2082.display
2083&_OS/Makefile-Default_&
2084&_OS/Makefile-_&<&'ostype'&>
2085&_Local/Makefile_&
2086&_Local/Makefile-_&<&'ostype'&>
2087&_Local/Makefile-_&<&'archtype'&>
2088&_Local/Makefile-_&<&'ostype'&>-<&'archtype'&>
2089&_OS/Makefile-Base_&
2090.endd
2091.cindex "&_Local/Makefile_&"
2092.cindex "building Exim" "operating system type"
2093.cindex "building Exim" "architecture type"
2094where <&'ostype'&> is the operating system type and <&'archtype'&> is the
2095architecture type. &_Local/Makefile_& is required to exist, and the building
2096process fails if it is absent. The other three &_Local_& files are optional,
168e428f
PH
2097and are often not needed.
2098
9b371988
PH
2099The values used for <&'ostype'&> and <&'archtype'&> are obtained from scripts
2100called &_scripts/os-type_& and &_scripts/arch-type_& respectively. If either of
168e428f
PH
2101the environment variables EXIM_OSTYPE or EXIM_ARCHTYPE is set, their
2102values are used, thereby providing a means of forcing particular settings.
9b371988 2103Otherwise, the scripts try to get values from the &%uname%& command. If this
168e428f 2104fails, the shell variables OSTYPE and ARCHTYPE are inspected. A number
9b371988 2105of &'ad hoc'& transformations are then applied, to produce the standard names
168e428f
PH
2106that Exim expects. You can run these scripts directly from the shell in order
2107to find out what values are being used on your system.
2108
2109
9b371988 2110&_OS/Makefile-Default_& contains comments about the variables that are set
168e428f
PH
2111therein. Some (but not all) are mentioned below. If there is something that
2112needs changing, review the contents of this file and the contents of the make
9b371988 2113file for your operating system (&_OS/Makefile-<ostype>_&) to see what the
168e428f
PH
2114default values are.
2115
2116
9b371988
PH
2117.cindex "building Exim" "overriding default settings"
2118If you need to change any of the values that are set in &_OS/Makefile-Default_&
2119or in &_OS/Makefile-<ostype>_&, or to add any new definitions, you do not
168e428f 2120need to change the original files. Instead, you should make the changes by
9b371988
PH
2121putting the new values in an appropriate &_Local_& file. For example,
2122.cindex "Tru64-Unix build-time settings"
168e428f
PH
2123when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
2124formerly DEC-OSF1) operating system, it is necessary to specify that the C
9b371988
PH
2125compiler is called &'cc'& rather than &'gcc'&. Also, the compiler must be
2126called with the option &%-std1%&, to make it recognize some of the features of
168e428f 2127Standard C that Exim uses. (Most other compilers recognize Standard C by
9b371988 2128default.) To do this, you should create a file called &_Local/Makefile-OSF1_&
168e428f 2129containing the lines
9b371988
PH
2130.code
2131CC=cc
2132CFLAGS=-std1
2133.endd
168e428f 2134If you are compiling for just one operating system, it may be easier to put
9b371988 2135these lines directly into &_Local/Makefile_&.
168e428f
PH
2136
2137Keeping all your local configuration settings separate from the distributed
2138files makes it easy to transfer them to new versions of Exim simply by copying
9b371988 2139the contents of the &_Local_& directory.
168e428f
PH
2140
2141
9b371988
PH
2142.cindex "NIS lookup type" "including support for"
2143.cindex "NIS+ lookup type" "including support for"
2144.cindex "LDAP" "including support for"
2145.cindex "lookup" "inclusion in binary"
168e428f
PH
2146Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
2147lookup, but not all systems have these components installed, so the default is
2148not to include the relevant code in the binary. All the different kinds of file
2149and database lookup that Exim supports are implemented as separate code modules
2150which are included only if the relevant compile-time options are set. In the
9b371988
PH
2151case of LDAP, NIS, and NIS+, the settings for &_Local/Makefile_& are:
2152.code
2153LOOKUP_LDAP=yes
2154LOOKUP_NIS=yes
2155LOOKUP_NISPLUS=yes
2156.endd
168e428f 2157and similar settings apply to the other lookup types. They are all listed in
9b371988 2158&_src/EDITME_&. In many cases the relevant include files and interface
168e428f 2159libraries need to be installed before compiling Exim.
9b371988 2160.cindex "cdb" "including support for"
068aaea8
PH
2161However, there are some optional lookup types (such as cdb) for which
2162the code is entirely contained within Exim, and no external include
168e428f 2163files or libraries are required. When a lookup type is not included in the
20f0f788 2164binary, attempts to configure Exim to use it cause runtime configuration
168e428f
PH
2165errors.
2166
7e6a8985
PP
2167.cindex "pkg-config" "lookups"
2168.cindex "pkg-config" "authenticators"
252e0c7b
PP
2169Many systems now use a tool called &'pkg-config'& to encapsulate information
2170about how to compile against a library; Exim has some initial support for
2171being able to use pkg-config for lookups and authenticators. For any given
2172makefile variable which starts &`LOOKUP_`& or &`AUTH_`&, you can add a new
2173variable with the &`_PC`& suffix in the name and assign as the value the
2174name of the package to be queried. The results of querying via the
2175&'pkg-config'& command will be added to the appropriate Makefile variables
2176with &`+=`& directives, so your version of &'make'& will need to support that
2177syntax. For instance:
2178.code
2179LOOKUP_SQLITE=yes
2180LOOKUP_SQLITE_PC=sqlite3
2181AUTH_GSASL=yes
2182AUTH_GSASL_PC=libgsasl
2183AUTH_HEIMDAL_GSSAPI=yes
2184AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi
2185.endd
252e0c7b 2186
9b371988 2187.cindex "Perl" "including support for"
168e428f
PH
2188Exim can be linked with an embedded Perl interpreter, allowing Perl
2189subroutines to be called during string expansion. To enable this facility,
9b371988
PH
2190.code
2191EXIM_PERL=perl.o
2192.endd
2193must be defined in &_Local/Makefile_&. Details of this facility are given in
2194chapter &<<CHAPperl>>&.
168e428f 2195
f89d2485 2196.cindex "X11 libraries, location of"
168e428f 2197The location of the X11 libraries is something that varies a lot between
068aaea8 2198operating systems, and there may be different versions of X11 to cope
168e428f
PH
2199with. Exim itself makes no use of X11, but if you are compiling the Exim
2200monitor, the X11 libraries must be available.
9b371988
PH
2201The following three variables are set in &_OS/Makefile-Default_&:
2202.code
2203X11=/usr/X11R6
2204XINCLUDE=-I$(X11)/include
2205XLFLAGS=-L$(X11)/lib
2206.endd
168e428f 2207These are overridden in some of the operating-system configuration files. For
9b371988
PH
2208example, in &_OS/Makefile-SunOS5_& there is
2209.code
2210X11=/usr/openwin
2211XINCLUDE=-I$(X11)/include
2212XLFLAGS=-L$(X11)/lib -R$(X11)/lib
2213.endd
168e428f
PH
2214If you need to override the default setting for your operating system, place a
2215definition of all three of these variables into your
9b371988 2216&_Local/Makefile-<ostype>_& file.
168e428f 2217
9b371988 2218.cindex "EXTRALIBS"
168e428f
PH
2219If you need to add any extra libraries to the link steps, these can be put in a
2220variable called EXTRALIBS, which appears in all the link commands, but by
2221default is not defined. In contrast, EXTRALIBS_EXIM is used only on the
2222command for linking the main Exim binary, and not for any associated utilities.
2223
9b371988 2224.cindex "DBM libraries" "configuration for building"
168e428f 2225There is also DBMLIB, which appears in the link commands for binaries that
9b371988 2226use DBM functions (see also section &<<SECTdb>>&). Finally, there is
168e428f
PH
2227EXTRALIBS_EXIMON, which appears only in the link step for the Exim monitor
2228binary, and which can be used, for example, to include additional X11
2229libraries.
2230
9b371988 2231.cindex "configuration file" "editing"
168e428f
PH
2232The make file copes with rebuilding Exim correctly if any of the configuration
2233files are edited. However, if an optional configuration file is deleted, it is
9b371988
PH
2234necessary to touch the associated non-optional file (that is,
2235&_Local/Makefile_& or &_Local/eximon.conf_&) before rebuilding.
168e428f
PH
2236
2237
f89d2485 2238.section "OS-specific header files" "SECID30"
9b371988
PH
2239.cindex "&_os.h_&"
2240.cindex "building Exim" "OS-specific C header files"
2241The &_OS_& directory contains a number of files with names of the form
2242&_os.h-<ostype>_&. These are system-specific C header files that should not
168e428f 2243normally need to be changed. There is a list of macro settings that are
9b371988 2244recognized in the file &_OS/os.configuring_&, which should be consulted if you
168e428f
PH
2245are porting Exim to a new operating system.
2246
2247
2248
f89d2485
PH
2249.section "Overriding build-time options for the monitor" "SECID31"
2250.cindex "building Eximon"
168e428f
PH
2251A similar process is used for overriding things when building the Exim monitor,
2252where the files that are involved are
9b371988
PH
2253.display
2254&_OS/eximon.conf-Default_&
2255&_OS/eximon.conf-_&<&'ostype'&>
2256&_Local/eximon.conf_&
2257&_Local/eximon.conf-_&<&'ostype'&>
2258&_Local/eximon.conf-_&<&'archtype'&>
2259&_Local/eximon.conf-_&<&'ostype'&>-<&'archtype'&>
2260.endd
2261.cindex "&_Local/eximon.conf_&"
168e428f 2262As with Exim itself, the final three files need not exist, and in this case the
9b371988
PH
2263&_OS/eximon.conf-<ostype>_& file is also optional. The default values in
2264&_OS/eximon.conf-Default_& can be overridden dynamically by setting environment
168e428f
PH
2265variables of the same name, preceded by EXIMON_. For example, setting
2266EXIMON_LOG_DEPTH in the environment overrides the value of
20f0f788 2267LOG_DEPTH at runtime.
4f578862 2268.ecindex IIDbuex
168e428f
PH
2269
2270
f89d2485 2271.section "Installing Exim binaries and scripts" "SECID32"
9b371988
PH
2272.cindex "installing Exim"
2273.cindex "BIN_DIRECTORY"
2274The command &`make install`& runs the &(exim_install)& script with no
2275arguments. The script copies binaries and utility scripts into the directory
2276whose name is specified by the BIN_DIRECTORY setting in &_Local/Makefile_&.
2277.cindex "setuid" "installing Exim with"
068aaea8
PH
2278The install script copies files only if they are newer than the files they are
2279going to replace. The Exim binary is required to be owned by root and have the
9b371988
PH
2280&'setuid'& bit set, for normal configurations. Therefore, you must run &`make
2281install`& as root so that it can set up the Exim binary in this way. However, in
068aaea8
PH
2282some special situations (for example, if a host is doing no local deliveries)
2283it may be possible to run Exim without making the binary setuid root (see
9b371988 2284chapter &<<CHAPsecurity>>& for details).
168e428f 2285
9b371988 2286.cindex "CONFIGURE_FILE"
20f0f788 2287Exim's runtime configuration file is named by the CONFIGURE_FILE setting
9b371988
PH
2288in &_Local/Makefile_&. If this names a single file, and the file does not
2289exist, the default configuration file &_src/configure.default_& is copied there
20f0f788 2290by the installation script. If a runtime configuration file already exists, it
168e428f
PH
2291is left alone. If CONFIGURE_FILE is a colon-separated list, naming several
2292alternative files, no default is installed.
2293
9b371988
PH
2294.cindex "system aliases file"
2295.cindex "&_/etc/aliases_&"
168e428f
PH
2296One change is made to the default configuration file when it is installed: the
2297default configuration contains a router that references a system aliases file.
2298The path to this file is set to the value specified by
9b371988 2299SYSTEM_ALIASES_FILE in &_Local/Makefile_& (&_/etc/aliases_& by default).
168e428f
PH
2300If the system aliases file does not exist, the installation script creates it,
2301and outputs a comment to the user.
2302
2303The created file contains no aliases, but it does contain comments about the
2304aliases a site should normally have. Mail aliases have traditionally been
9b371988
PH
2305kept in &_/etc/aliases_&. However, some operating systems are now using
2306&_/etc/mail/aliases_&. You should check if yours is one of these, and change
168e428f
PH
2307Exim's configuration if necessary.
2308
2309The default configuration uses the local host's name as the only local domain,
9b371988
PH
2310and is set up to do local deliveries into the shared directory &_/var/mail_&,
2311running as the local user. System aliases and &_.forward_& files in users' home
168e428f
PH
2312directories are supported, but no NIS or NIS+ support is configured. Domains
2313other than the name of the local host are routed using the DNS, with delivery
2314over SMTP.
2315
168e428f
PH
2316It is possible to install Exim for special purposes (such as building a binary
2317distribution) in a private part of the file system. You can do this by a
2318command such as
9b371988
PH
2319.code
2320make DESTDIR=/some/directory/ install
2321.endd
168e428f
PH
2322This has the effect of pre-pending the specified directory to all the file
2323paths, except the name of the system aliases file that appears in the default
9b371988 2324configuration. (If a default alias file is created, its name &'is'& modified.)
168e428f
PH
2325For backwards compatibility, ROOT is used if DESTDIR is not set,
2326but this usage is deprecated.
2327
9b371988
PH
2328.cindex "installing Exim" "what is not installed"
2329Running &'make install'& does not copy the Exim 4 conversion script
40df1be3
TF
2330&'convert4r4'&. You will probably run this only once if you are
2331upgrading from Exim 3. None of the documentation files in the &_doc_&
168e428f 2332directory are copied, except for the info files when you have set
9b371988 2333INFO_DIRECTORY, as described in section &<<SECTinsinfdoc>>& below.
168e428f 2334
9b371988 2335For the utility programs, old versions are renamed by adding the suffix &_.O_&
168e428f
PH
2336to their names. The Exim binary itself, however, is handled differently. It is
2337installed under a name that includes the version number and the compile number,
20f0f788 2338for example, &_exim-&version()-1_&. The script then arranges for a symbolic link
9b371988
PH
2339called &_exim_& to point to the binary. If you are updating a previous version
2340of Exim, the script takes care to ensure that the name &_exim_& is never absent
168e428f
PH
2341from the directory (as seen by other processes).
2342
9b371988
PH
2343.cindex "installing Exim" "testing the script"
2344If you want to see what the &'make install'& will do before running it for
2345real, you can pass the &%-n%& option to the installation script by this
2346command:
2347.code
2348make INSTALL_ARG=-n install
2349.endd
168e428f
PH
2350The contents of the variable INSTALL_ARG are passed to the installation
2351script. You do not need to be root to run this test. Alternatively, you can run
2352the installation script directly, but this must be from within the build
2353directory. For example, from the top-level Exim directory you could use this
2354command:
9b371988
PH
2355.code
2356(cd build-SunOS5-5.5.1-sparc; ../scripts/exim_install -n)
2357.endd
2358.cindex "installing Exim" "install script options"
168e428f
PH
2359There are two other options that can be supplied to the installation script.
2360
9b371988
PH
2361.ilist
2362&%-no_chown%& bypasses the call to change the owner of the installed binary
168e428f 2363to root, and the call to make it a setuid binary.
9b371988
PH
2364.next
2365&%-no_symlink%& bypasses the setting up of the symbolic link &_exim_& to the
168e428f 2366installed binary.
9b371988 2367.endlist
168e428f
PH
2368
2369INSTALL_ARG can be used to pass these options to the script. For example:
9b371988
PH
2370.code
2371make INSTALL_ARG=-no_symlink install
2372.endd
168e428f
PH
2373The installation script can also be given arguments specifying which files are
2374to be copied. For example, to install just the Exim binary, and nothing else,
2375without creating the symbolic link, you could use:
9b371988
PH
2376.code
2377make INSTALL_ARG='-no_symlink exim' install
2378.endd
168e428f
PH
2379
2380
2381
9b371988
PH
2382.section "Installing info documentation" "SECTinsinfdoc"
2383.cindex "installing Exim" "&'info'& documentation"
2384Not all systems use the GNU &'info'& system for documentation, and for this
168e428f 2385reason, the Texinfo source of Exim's documentation is not included in the main
20f0f788 2386distribution. Instead it is available separately from the FTP site (see section
9b371988 2387&<<SECTavail>>&).
168e428f 2388
9b371988
PH
2389If you have defined INFO_DIRECTORY in &_Local/Makefile_& and the Texinfo
2390source of the documentation is found in the source tree, running &`make
2391install`& automatically builds the info files and installs them.
168e428f
PH
2392
2393
2394
f89d2485 2395.section "Setting up the spool directory" "SECID33"
9b371988 2396.cindex "spool directory" "creating"
168e428f
PH
2397When it starts up, Exim tries to create its spool directory if it does not
2398exist. The Exim uid and gid are used for the owner and group of the spool
2399directory. Sub-directories are automatically created in the spool directory as
2400necessary.
2401
2402
2403
2404
f89d2485 2405.section "Testing" "SECID34"
9b371988 2406.cindex "testing" "installation"
20f0f788 2407Having installed Exim, you can check that the runtime configuration file is
168e428f
PH
2408syntactically valid by running the following command, which assumes that the
2409Exim binary directory is within your PATH environment variable:
9b371988
PH
2410.code
2411exim -bV
2412.endd
168e428f
PH
2413If there are any errors in the configuration file, Exim outputs error messages.
2414Otherwise it outputs the version number and build date,
2415the DBM library that is being used, and information about which drivers and
2416other optional code modules are included in the binary.
2417Some simple routing tests can be done by using the address testing option. For
2418example,
9b371988
PH
2419.display
2420&`exim -bt`& <&'local username'&>
2421.endd
168e428f 2422should verify that it recognizes a local mailbox, and
9b371988
PH
2423.display
2424&`exim -bt`& <&'remote address'&>
2425.endd
168e428f
PH
2426a remote one. Then try getting it to deliver mail, both locally and remotely.
2427This can be done by passing messages directly to Exim, without going through a
2428user agent. For example:
9b371988 2429.code
068aaea8
PH
2430exim -v postmaster@your.domain.example
2431From: user@your.domain.example
2432To: postmaster@your.domain.example
2433Subject: Testing Exim
168e428f 2434
068aaea8
PH
2435This is a test message.
2436^D
9b371988
PH
2437.endd
2438The &%-v%& option causes Exim to output some verification of what it is doing.
168e428f 2439In this case you should see copies of three log lines, one for the message's
9b371988 2440arrival, one for its delivery, and one containing &"Completed"&.
168e428f 2441
9b371988
PH
2442.cindex "delivery" "problems with"
2443If you encounter problems, look at Exim's log files (&'mainlog'& and
2444&'paniclog'&) to see if there is any relevant information there. Another source
168e428f 2445of information is running Exim with debugging turned on, by specifying the
9b371988 2446&%-d%& option. If a message is stuck on Exim's spool, you can force a delivery
168e428f 2447with debugging turned on by a command of the form
9b371988
PH
2448.display
2449&`exim -d -M`& <&'exim-message-id'&>
2450.endd
2451You must be root or an &"admin user"& in order to do this. The &%-d%& option
168e428f 2452produces rather a lot of output, but you can cut this down to specific areas.
9b371988
PH
2453For example, if you use &%-d-all+route%& only the debugging information
2454relevant to routing is included. (See the &%-d%& option in chapter
2455&<<CHAPcommandline>>& for more details.)
168e428f 2456
9b371988
PH
2457.cindex '&"sticky"& bit'
2458.cindex "lock files"
168e428f
PH
2459One specific problem that has shown up on some sites is the inability to do
2460local deliveries into a shared mailbox directory, because it does not have the
9b371988 2461&"sticky bit"& set on it. By default, Exim tries to create a lock file before
168e428f 2462writing to a mailbox file, and if it cannot create the lock file, the delivery
9b371988 2463is deferred. You can get round this either by setting the &"sticky bit"& on the
168e428f
PH
2464directory, or by setting a specific group for local deliveries and allowing
2465that group to create files in the directory (see the comments above the
9b371988 2466&(local_delivery)& transport in the default configuration file). Another
168e428f 2467approach is to configure Exim not to use lock files, but just to rely on
9b371988
PH
2468&[fcntl()]& locking instead. However, you should do this only if all user
2469agents also use &[fcntl()]& locking. For further discussion of locking issues,
2470see chapter &<<CHAPappendfile>>&.
168e428f
PH
2471
2472One thing that cannot be tested on a system that is already running an MTA is
2473the receipt of incoming SMTP mail on the standard SMTP port. However, the
9b371988
PH
2474&%-oX%& option can be used to run an Exim daemon that listens on some other
2475port, or &'inetd'& can be used to do this. The &%-bh%& option and the
2476&'exim_checkaccess'& utility can be used to check out policy controls on
168e428f
PH
2477incoming SMTP mail.
2478
2479Testing a new version on a system that is already running Exim can most easily
2480be done by building a binary with a different CONFIGURE_FILE setting. From
20f0f788 2481within the runtime configuration, all other file and directory names
168e428f
PH
2482that Exim uses can be altered, in order to keep it entirely clear of the
2483production version.
2484
2485
f89d2485 2486.section "Replacing another MTA with Exim" "SECID35"
9b371988 2487.cindex "replacing another MTA"
168e428f
PH
2488Building and installing Exim for the first time does not of itself put it in
2489general use. The name by which the system's MTA is called by mail user agents
9b371988
PH
2490is either &_/usr/sbin/sendmail_&, or &_/usr/lib/sendmail_& (depending on the
2491operating system), and it is necessary to make this name point to the &'exim'&
168e428f 2492binary in order to get the user agents to pass messages to Exim. This is
9b371988
PH
2493normally done by renaming any existing file and making &_/usr/sbin/sendmail_&
2494or &_/usr/lib/sendmail_&
2495.cindex "symbolic link" "to &'exim'& binary"
2496a symbolic link to the &'exim'& binary. It is a good idea to remove any setuid
168e428f
PH
2497privilege and executable status from the old MTA. It is then necessary to stop
2498and restart the mailer daemon, if one is running.
2499
f89d2485 2500.cindex "FreeBSD, MTA indirection"
9b371988 2501.cindex "&_/etc/mail/mailer.conf_&"
168e428f
PH
2502Some operating systems have introduced alternative ways of switching MTAs. For
2503example, if you are running FreeBSD, you need to edit the file
9b371988 2504&_/etc/mail/mailer.conf_& instead of setting up a symbolic link as just
168e428f
PH
2505described. A typical example of the contents of this file for running Exim is
2506as follows:
9b371988
PH
2507.code
2508sendmail /usr/exim/bin/exim
2509send-mail /usr/exim/bin/exim
2510mailq /usr/exim/bin/exim -bp
2511newaliases /usr/bin/true
2512.endd
2513Once you have set up the symbolic link, or edited &_/etc/mail/mailer.conf_&,
2514your Exim installation is &"live"&. Check it by sending a message from your
168e428f
PH
2515favourite user agent.
2516
2517You should consider what to tell your users about the change of MTA. Exim may
2518have different capabilities to what was previously running, and there are
2519various operational differences such as the text of messages produced by
2520command line options and in bounce messages. If you allow your users to make
2521use of Exim's filtering capabilities, you should make the document entitled
9b371988 2522&'Exim's interface to mail filtering'& available to them.
168e428f
PH
2523
2524
2525
f89d2485 2526.section "Upgrading Exim" "SECID36"
9b371988 2527.cindex "upgrading Exim"
168e428f
PH
2528If you are already running Exim on your host, building and installing a new
2529version automatically makes it available to MUAs, or any other programs that
2530call the MTA directly. However, if you are running an Exim daemon, you do need
49692970
JH
2531.cindex restart "on HUP signal"
2532.cindex signal "HUP, to restart"
9b371988
PH
2533to send it a HUP signal, to make it re-execute itself, and thereby pick up the
2534new binary. You do not need to stop processing mail in order to install a new
068aaea8
PH
2535version of Exim. The install script does not modify an existing runtime
2536configuration file.
2537
168e428f
PH
2538
2539
2540
f89d2485 2541.section "Stopping the Exim daemon on Solaris" "SECID37"
9b371988 2542.cindex "Solaris" "stopping Exim on"
168e428f 2543The standard command for stopping the mailer daemon on Solaris is
9b371988
PH
2544.code
2545/etc/init.d/sendmail stop
2546.endd
2547If &_/usr/lib/sendmail_& has been turned into a symbolic link, this script
2548fails to stop Exim because it uses the command &'ps -e'& and greps the output
2549for the text &"sendmail"&; this is not present because the actual program name
2550(that is, &"exim"&) is given by the &'ps'& command with these options. A
2551solution is to replace the line that finds the process id with something like
2552.code
2553pid=`cat /var/spool/exim/exim-daemon.pid`
2554.endd
168e428f
PH
2555to obtain the daemon's pid directly from the file that Exim saves it in.
2556
9b371988 2557Note, however, that stopping the daemon does not &"stop Exim"&. Messages can
168e428f
PH
2558still be received from local processes, and if automatic delivery is configured
2559(the normal case), deliveries will still occur.
2560
2561
2562
2563
9b371988
PH
2564. ////////////////////////////////////////////////////////////////////////////
2565. ////////////////////////////////////////////////////////////////////////////
168e428f 2566
9b371988 2567.chapter "The Exim command line" "CHAPcommandline"
4f578862
PH
2568.scindex IIDclo1 "command line" "options"
2569.scindex IIDclo2 "options" "command line"
168e428f
PH
2570Exim's command line takes the standard Unix form of a sequence of options,
2571each starting with a hyphen character, followed by a number of arguments. The
2572options are compatible with the main options of Sendmail, and there are also
2573some additional options, some of which are compatible with Smail 3. Certain
2574combinations of options do not make sense, and provoke an error if used.
2575The form of the arguments depends on which options are set.
2576
2577
f89d2485 2578.section "Setting options by program name" "SECID38"
9b371988
PH
2579.cindex "&'mailq'&"
2580If Exim is called under the name &'mailq'&, it behaves as if the option &%-bp%&
168e428f 2581were present before any other options.
9b371988 2582The &%-bp%& option requests a listing of the contents of the mail queue on the
168e428f
PH
2583standard output.
2584This feature is for compatibility with some systems that contain a command of
2585that name in one of the standard libraries, symbolically linked to
9b371988
PH
2586&_/usr/sbin/sendmail_& or &_/usr/lib/sendmail_&.
2587
2588.cindex "&'rsmtp'&"
2589If Exim is called under the name &'rsmtp'& it behaves as if the option &%-bS%&
2590were present before any other options, for compatibility with Smail. The
2591&%-bS%& option is used for reading in a number of messages in batched SMTP
2592format.
2593
2594.cindex "&'rmail'&"
2595If Exim is called under the name &'rmail'& it behaves as if the &%-i%& and
2596&%-oee%& options were present before any other options, for compatibility with
2597Smail. The name &'rmail'& is used as an interface by some UUCP systems.
2598
2599.cindex "&'runq'&"
2600.cindex "queue runner"
2601If Exim is called under the name &'runq'& it behaves as if the option &%-q%&
2602were present before any other options, for compatibility with Smail. The &%-q%&
168e428f
PH
2603option causes a single queue runner process to be started.
2604
9b371988
PH
2605.cindex "&'newaliases'&"
2606.cindex "alias file" "building"
2607.cindex "Sendmail compatibility" "calling Exim as &'newaliases'&"
2608If Exim is called under the name &'newaliases'& it behaves as if the option
2609&%-bi%& were present before any other options, for compatibility with Sendmail.
168e428f
PH
2610This option is used for rebuilding Sendmail's alias file. Exim does not have
2611the concept of a single alias file, but can be configured to run a given
9b371988 2612command if called with the &%-bi%& option.
168e428f
PH
2613
2614
9b371988
PH
2615.section "Trusted and admin users" "SECTtrustedadmin"
2616Some Exim options are available only to &'trusted users'& and others are
2617available only to &'admin users'&. In the description below, the phrases &"Exim
2618user"& and &"Exim group"& mean the user and group defined by EXIM_USER and
2619EXIM_GROUP in &_Local/Makefile_& or set by the &%exim_user%& and
2620&%exim_group%& options. These do not necessarily have to use the name &"exim"&.
168e428f 2621
9b371988 2622.ilist
f89d2485 2623.cindex "trusted users" "definition of"
9b371988 2624.cindex "user" "trusted definition of"
168e428f 2625The trusted users are root, the Exim user, any user listed in the
9b371988
PH
2626&%trusted_users%& configuration option, and any user whose current group or any
2627supplementary group is one of those listed in the &%trusted_groups%&
168e428f 2628configuration option. Note that the Exim group is not automatically trusted.
9b371988
PH
2629
2630.cindex '&"From"& line'
0cf7a941 2631.cindex "envelope from"
9b371988
PH
2632.cindex "envelope sender"
2633Trusted users are always permitted to use the &%-f%& option or a leading
2634&"From&~"& line to specify the envelope sender of a message that is passed to
2635Exim through the local interface (see the &%-bm%& and &%-f%& options below).
2636See the &%untrusted_set_sender%& option for a way of permitting non-trusted
2637users to set envelope senders.
2638
2639.cindex "&'From:'& header line"
2640.cindex "&'Sender:'& header line"
1e4519cc
JH
2641.cindex "header lines" "From:"
2642.cindex "header lines" "Sender:"
9b371988
PH
2643For a trusted user, there is never any check on the contents of the &'From:'&
2644header line, and a &'Sender:'& line is never added. Furthermore, any existing
2645&'Sender:'& line in incoming local (non-TCP/IP) messages is not removed.
2646
168e428f
PH
2647Trusted users may also specify a host name, host address, interface address,
2648protocol name, ident value, and authentication data when submitting a message
2649locally. Thus, they are able to insert messages into Exim's queue locally that
2650have the characteristics of messages received from a remote host. Untrusted
9b371988 2651users may in some circumstances use &%-f%&, but can never set the other values
168e428f 2652that are available to trusted users.
9b371988
PH
2653.next
2654.cindex "user" "admin definition of"
2655.cindex "admin user" "definition of"
168e428f 2656The admin users are root, the Exim user, and any user that is a member of the
9b371988 2657Exim group or of any group listed in the &%admin_groups%& configuration option.
168e428f 2658The current group does not have to be one of these groups.
9b371988 2659
168e428f
PH
2660Admin users are permitted to list the queue, and to carry out certain
2661operations on messages, for example, to force delivery failures. It is also
2662necessary to be an admin user in order to see the full information provided by
2663the Exim monitor, and full debugging output.
9b371988
PH
2664
2665By default, the use of the &%-M%&, &%-q%&, &%-R%&, and &%-S%& options to cause
2666Exim to attempt delivery of messages on its queue is restricted to admin users.
2667However, this restriction can be relaxed by setting the &%prod_requires_admin%&
2668option false (that is, specifying &%no_prod_requires_admin%&).
2669
2670Similarly, the use of the &%-bp%& option to list all the messages in the queue
2671is restricted to admin users unless &%queue_list_requires_admin%& is set
168e428f 2672false.
9b371988 2673.endlist
168e428f
PH
2674
2675
9b371988 2676&*Warning*&: If you configure your system so that admin users are able to
168e428f
PH
2677edit Exim's configuration file, you are giving those users an easy way of
2678getting root. There is further discussion of this issue at the start of chapter
9b371988 2679&<<CHAPconf>>&.
168e428f
PH
2680
2681
2682
2683
f89d2485 2684.section "Command line options" "SECID39"
db9452a9
PH
2685Exim's command line options are described in alphabetical order below. If none
2686of the options that specifies a specific action (such as starting the daemon or
2687a queue runner, or testing an address, or receiving a message in a specific
2688format, or listing the queue) are present, and there is at least one argument
2689on the command line, &%-bm%& (accept a local message on the standard input,
2690with the arguments specifying the recipients) is assumed. Otherwise, Exim
2691outputs a brief message about itself and exits.
168e428f 2692
9b371988
PH
2693. ////////////////////////////////////////////////////////////////////////////
2694. Insert a stylized XML comment here, to identify the start of the command line
2695. options. This is for the benefit of the Perl script that automatically
2696. creates a man page for the options.
2697. ////////////////////////////////////////////////////////////////////////////
168e428f 2698
9b371988 2699.literal xml
168e428f 2700<!-- === Start of command line options === -->
9b371988 2701.literal off
168e428f
PH
2702
2703
9b371988
PH
2704.vlist
2705.vitem &%--%&
2706.oindex "--"
2707.cindex "options" "command line; terminating"
168e428f
PH
2708This is a pseudo-option whose only purpose is to terminate the options and
2709therefore to cause subsequent command line items to be treated as arguments
2710rather than options, even if they begin with hyphens.
2711
9b371988
PH
2712.vitem &%--help%&
2713.oindex "&%--help%&"
168e428f
PH
2714This option causes Exim to output a few sentences stating what it is.
2715The same output is generated if the Exim binary is called with no options and
2716no arguments.
2717
4b2241d2
PP
2718.vitem &%--version%&
2719.oindex "&%--version%&"
2720This option is an alias for &%-bV%& and causes version information to be
2721displayed.
2722
a3fb9793
PP
2723.vitem &%-Ac%& &&&
2724 &%-Am%&
2725.oindex "&%-Ac%&"
2726.oindex "&%-Am%&"
2727These options are used by Sendmail for selecting configuration files and are
2728ignored by Exim.
a3fb9793 2729
9b371988
PH
2730.vitem &%-B%&<&'type'&>
2731.oindex "&%-B%&"
2732.cindex "8-bit characters"
2733.cindex "Sendmail compatibility" "8-bit characters"
168e428f
PH
2734This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
2735clean; it ignores this option.
2736
9b371988
PH
2737.vitem &%-bd%&
2738.oindex "&%-bd%&"
2739.cindex "daemon"
f89d2485 2740.cindex "SMTP" "listener"
9b371988 2741.cindex "queue runner"
168e428f 2742This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
9b371988
PH
2743the &%-bd%& option is combined with the &%-q%&<&'time'&> option, to specify
2744that the daemon should also initiate periodic queue runs.
2745
2746The &%-bd%& option can be used only by an admin user. If either of the &%-d%&
2747(debugging) or &%-v%& (verifying) options are set, the daemon does not
168e428f
PH
2748disconnect from the controlling terminal. When running this way, it can be
2749stopped by pressing ctrl-C.
9b371988 2750
168e428f
PH
2751By default, Exim listens for incoming connections to the standard SMTP port on
2752all the host's running interfaces. However, it is possible to listen on other
2753ports, on multiple ports, and only on specific interfaces. Chapter
9b371988
PH
2754&<<CHAPinterfaces>>& contains a description of the options that control this.
2755
168e428f 2756When a listening daemon
9b371988
PH
2757.cindex "daemon" "process id (pid)"
2758.cindex "pid (process id)" "of daemon"
2759is started without the use of &%-oX%& (that is, without overriding the normal
2760configuration), it writes its process id to a file called &_exim-daemon.pid_&
2761in Exim's spool directory. This location can be overridden by setting
2762PID_FILE_PATH in &_Local/Makefile_&. The file is written while Exim is still
168e428f 2763running as root.
9b371988
PH
2764
2765When &%-oX%& is used on the command line to start a listening daemon, the
2766process id is not written to the normal pid file path. However, &%-oP%& can be
168e428f 2767used to specify a path on the command line if a pid file is required.
9b371988 2768
168e428f 2769The SIGHUP signal
9b371988 2770.cindex "SIGHUP"
49692970
JH
2771.cindex restart "on HUP signal"
2772.cindex signal "HUP, to restart"
3cb1b51e 2773.cindex "daemon" "restarting"
6ce06eea
JH
2774.cindex signal "to reload configuration"
2775.cindex daemon "reload configuration"
49692970 2776.cindex reload configuration
3cb1b51e
PH
2777can be used to cause the daemon to re-execute itself. This should be done
2778whenever Exim's configuration file, or any file that is incorporated into it by
2779means of the &%.include%& facility, is changed, and also whenever a new version
2780of Exim is installed. It is not necessary to do this when other files that are
9b371988
PH
2781referenced from the configuration (for example, alias files) are changed,
2782because these are reread each time they are used.
2783
2784.vitem &%-bdf%&
2785.oindex "&%-bdf%&"
2786This option has the same effect as &%-bd%& except that it never disconnects
2787from the controlling terminal, even when no debugging is specified.
2788
2789.vitem &%-be%&
2790.oindex "&%-be%&"
2791.cindex "testing" "string expansion"
2792.cindex "expansion" "testing"
168e428f
PH
2793Run Exim in expansion testing mode. Exim discards its root privilege, to
2794prevent ordinary users from using this mode to read otherwise inaccessible
2795files. If no arguments are given, Exim runs interactively, prompting for lines
4f578862 2796of data. Otherwise, it processes each argument in turn.
9b371988
PH
2797
2798If Exim was built with USE_READLINE=yes in &_Local/Makefile_&, it tries
2799to load the &%libreadline%& library dynamically whenever the &%-be%& option is
2800used without command line arguments. If successful, it uses the &[readline()]&
168e428f
PH
2801function, which provides extensive line-editing facilities, for reading the
2802test data. A line history is supported.
9b371988 2803
168e428f 2804Long expansion expressions can be split over several lines by using backslash
20f0f788 2805continuations. As in Exim's runtime configuration, white space at the start of
168e428f
PH
2806continuation lines is ignored. Each argument or data line is passed through the
2807string expansion mechanism, and the result is output. Variable values from the
9b371988 2808configuration file (for example, &$qualify_domain$&) are available, but no
374dc194 2809message-specific values (such as &$message_exim_id$&) are set, because no message
f89d2485 2810is being processed (but see &%-bem%& and &%-Mset%&).
168e428f 2811
9b371988
PH
2812&*Note*&: If you use this mechanism to test lookups, and you change the data
2813files or databases you are using, you must exit and restart Exim before trying
2814the same lookup again. Otherwise, because each Exim process caches the results
2815of lookups, you will just get the same result as before.
9b371988 2816
9650d98a
JH
2817Macro processing is done on lines before string-expansion: new macros can be
2818defined and macros will be expanded.
2819Because macros in the config file are often used for secrets, those are only
2820available to admin users.
9650d98a 2821
3cb1b51e
PH
2822.vitem &%-bem%&&~<&'filename'&>
2823.oindex "&%-bem%&"
2824.cindex "testing" "string expansion"
2825.cindex "expansion" "testing"
2826This option operates like &%-be%& except that it must be followed by the name
2827of a file. For example:
2828.code
2829exim -bem /tmp/testmessage
2830.endd
2831The file is read as a message (as if receiving a locally-submitted non-SMTP
2832message) before any of the test expansions are done. Thus, message-specific
2833variables such as &$message_size$& and &$header_from:$& are available. However,
2834no &'Received:'& header is added to the message. If the &%-t%& option is set,
2835recipients are read from the headers in the normal way, and are shown in the
2836&$recipients$& variable. Note that recipients cannot be given on the command
2837line, because further arguments are taken as strings to expand (just like
2838&%-be%&).
3cb1b51e 2839
9b371988
PH
2840.vitem &%-bF%&&~<&'filename'&>
2841.oindex "&%-bF%&"
2842.cindex "system filter" "testing"
2843.cindex "testing" "system filter"
2844This option is the same as &%-bf%& except that it assumes that the filter being
168e428f
PH
2845tested is a system filter. The additional commands that are available only in
2846system filters are recognized.
2847
9b371988
PH
2848.vitem &%-bf%&&~<&'filename'&>
2849.oindex "&%-bf%&"
2850.cindex "filter" "testing"
2851.cindex "testing" "filter file"
2852.cindex "forward file" "testing"
2853.cindex "testing" "forward file"
2854.cindex "Sieve filter" "testing"
168e428f
PH
2855This option runs Exim in user filter testing mode; the file is the filter file
2856to be tested, and a test message must be supplied on the standard input. If
2857there are no message-dependent tests in the filter, an empty file can be
2858supplied.
168e428f 2859
9b371988
PH
2860If you want to test a system filter file, use &%-bF%& instead of &%-bf%&. You
2861can use both &%-bF%& and &%-bf%& on the same command, in order to test a system
2862filter and a user filter in the same run. For example:
2863.code
2864exim -bF /system/filter -bf /user/filter </test/message
2865.endd
168e428f
PH
2866This is helpful when the system filter adds header lines or sets filter
2867variables that are used by the user filter.
168e428f 2868
9b371988
PH
2869If the test filter file does not begin with one of the special lines
2870.code
2871# Exim filter
2872# Sieve filter
2873.endd
2874it is taken to be a normal &_.forward_& file, and is tested for validity under
2875that interpretation. See sections &<<SECTitenonfilred>>& to
2876&<<SECTspecitredli>>& for a description of the possible contents of non-filter
2877redirection lists.
2878
2879The result of an Exim command that uses &%-bf%&, provided no errors are
168e428f
PH
2880detected, is a list of the actions that Exim would try to take if presented
2881with the message for real. More details of filter testing are given in the
9b371988
PH
2882separate document entitled &'Exim's interfaces to mail filtering'&.
2883
168e428f 2884When testing a filter file,
9b371988 2885.cindex "&""From""& line"
0cf7a941 2886.cindex "envelope from"
9b371988 2887.cindex "envelope sender"
f89d2485 2888.oindex "&%-f%&" "for filter testing"
9b371988
PH
2889the envelope sender can be set by the &%-f%& option,
2890or by a &"From&~"& line at the start of the test message. Various parameters
2891that would normally be taken from the envelope recipient address of the message
2892can be set by means of additional command line options (see the next four
2893options).
2894
2895.vitem &%-bfd%&&~<&'domain'&>
2896.oindex "&%-bfd%&"
f89d2485 2897.vindex "&$qualify_domain$&"
168e428f 2898This sets the domain of the recipient address when a filter file is being
9b371988
PH
2899tested by means of the &%-bf%& option. The default is the value of
2900&$qualify_domain$&.
168e428f 2901
9b371988
PH
2902.vitem &%-bfl%&&~<&'local&~part'&>
2903.oindex "&%-bfl%&"
168e428f 2904This sets the local part of the recipient address when a filter file is being
9b371988 2905tested by means of the &%-bf%& option. The default is the username of the
168e428f
PH
2906process that calls Exim. A local part should be specified with any prefix or
2907suffix stripped, because that is how it appears to the filter when a message is
2908actually being delivered.
2909
9b371988
PH
2910.vitem &%-bfp%&&~<&'prefix'&>
2911.oindex "&%-bfp%&"
2b8d6aff 2912.cindex affix "filter testing"
168e428f 2913This sets the prefix of the local part of the recipient address when a filter
9b371988 2914file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2915prefix.
2916
9b371988
PH
2917.vitem &%-bfs%&&~<&'suffix'&>
2918.oindex "&%-bfs%&"
2b8d6aff 2919.cindex affix "filter testing"
168e428f 2920This sets the suffix of the local part of the recipient address when a filter
9b371988 2921file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2922suffix.
2923
9b371988
PH
2924.vitem &%-bh%&&~<&'IP&~address'&>
2925.oindex "&%-bh%&"
2926.cindex "testing" "incoming SMTP"
2927.cindex "SMTP" "testing incoming"
2928.cindex "testing" "relay control"
2929.cindex "relaying" "testing configuration"
2930.cindex "policy control" "testing"
2931.cindex "debugging" "&%-bh%& option"
168e428f
PH
2932This option runs a fake SMTP session as if from the given IP address, using the
2933standard input and output. The IP address may include a port number at the end,
2934after a full stop. For example:
9b371988
PH
2935.code
2936exim -bh 10.9.8.7.1234
2937exim -bh fe80::a00:20ff:fe86:a061.5678
2938.endd
168e428f 2939When an IPv6 address is given, it is converted into canonical form. In the case
9b371988
PH
2940of the second example above, the value of &$sender_host_address$& after
2941conversion to the canonical form is
2942&`fe80:0000:0000:0a00:20ff:fe86:a061.5678`&.
2943
168e428f 2944Comments as to what is going on are written to the standard error file. These
9b371988 2945include lines beginning with &"LOG"& for anything that would have been logged.
168e428f
PH
2946This facility is provided for testing configuration options for incoming
2947messages, to make sure they implement the required policy. For example, you can
9b371988
PH
2948test your relay controls using &%-bh%&.
2949
2950&*Warning 1*&:
2951.cindex "RFC 1413"
db9452a9
PH
2952You can test features of the configuration that rely on ident (RFC 1413)
2953information by using the &%-oMt%& option. However, Exim cannot actually perform
2954an ident callout when testing using &%-bh%& because there is no incoming SMTP
2955connection.
9b371988
PH
2956
2957&*Warning 2*&: Address verification callouts (see section &<<SECTcallver>>&)
2958are also skipped when testing using &%-bh%&. If you want these callouts to
2959occur, use &%-bhc%& instead.
2960
168e428f
PH
2961Messages supplied during the testing session are discarded, and nothing is
2962written to any of the real log files. There may be pauses when DNS (and other)
9b371988 2963lookups are taking place, and of course these may time out. The &%-oMi%& option
db9452a9
PH
2964can be used to specify a specific IP interface and port if this is important,
2965and &%-oMaa%& and &%-oMai%& can be used to set parameters as if the SMTP
2966session were authenticated.
9b371988
PH
2967
2968The &'exim_checkaccess'& utility is a &"packaged"& version of &%-bh%& whose
168e428f 2969output just states whether a given recipient address from a given host is
9b371988 2970acceptable or not. See section &<<SECTcheckaccess>>&.
168e428f 2971
3cb1b51e 2972Features such as authentication and encryption, where the client input is not
f89d2485
PH
2973plain text, cannot easily be tested with &%-bh%&. Instead, you should use a
2974specialized SMTP test program such as
07738d61 2975&url(https://www.jetmore.org/john/code/swaks/,swaks).
3cb1b51e 2976
9b371988
PH
2977.vitem &%-bhc%&&~<&'IP&~address'&>
2978.oindex "&%-bhc%&"
2979This option operates in the same way as &%-bh%&, except that address
168e428f
PH
2980verification callouts are performed if required. This includes consulting and
2981updating the callout cache database.
2982
9b371988
PH
2983.vitem &%-bi%&
2984.oindex "&%-bi%&"
2985.cindex "alias file" "building"
2986.cindex "building alias file"
2987.cindex "Sendmail compatibility" "&%-bi%& option"
2988Sendmail interprets the &%-bi%& option as a request to rebuild its alias file.
168e428f 2989Exim does not have the concept of a single alias file, and so it cannot mimic
9b371988 2990this behaviour. However, calls to &_/usr/lib/sendmail_& with the &%-bi%& option
168e428f
PH
2991tend to appear in various scripts such as NIS make files, so the option must be
2992recognized.
9b371988
PH
2993
2994If &%-bi%& is encountered, the command specified by the &%bi_command%&
168e428f 2995configuration option is run, under the uid and gid of the caller of Exim. If
9b371988
PH
2996the &%-oA%& option is used, its value is passed to the command as an argument.
2997The command set by &%bi_command%& may not contain arguments. The command can