DMARC: default dmarc_tld_file to unset. Bug 2494
[exim.git] / doc / doc-docbook / spec.xfpt
CommitLineData
9b371988
PH
1. /////////////////////////////////////////////////////////////////////////////
2. This is the primary source of the Exim Manual. It is an xfpt document that is
20f0f788 3. converted into DocBook XML for subsequent conversion into printable and online
9b371988
PH
4. formats. The markup used herein is "standard" xfpt markup, with some extras.
5. The markup is summarized in a file called Markup.txt.
595028e4
PH
6.
7. WARNING: When you use the .new macro, make sure it appears *before* any
8. adjacent index items; otherwise you get an empty "paragraph" which causes
9. unwanted vertical space.
9b371988
PH
10. /////////////////////////////////////////////////////////////////////////////
11
12.include stdflags
13.include stdmacs
9b371988
PH
14
15. /////////////////////////////////////////////////////////////////////////////
33393583 16. This outputs the standard DocBook boilerplate.
9b371988
PH
17. /////////////////////////////////////////////////////////////////////////////
18
33393583 19.docbook
3cb1b51e
PH
20
21. /////////////////////////////////////////////////////////////////////////////
22. These lines are processing instructions for the Simple DocBook Processor that
f89d2485
PH
23. Philip Hazel has developed as a less cumbersome way of making PostScript and
24. PDFs than using xmlto and fop. They will be ignored by all other XML
25. processors.
3cb1b51e
PH
26. /////////////////////////////////////////////////////////////////////////////
27
28.literal xml
29<?sdop
f89d2485
PH
30 foot_right_recto="&chaptertitle; (&chapternumber;)"
31 foot_right_verso="&chaptertitle; (&chapternumber;)"
3cb1b51e 32 toc_chapter_blanks="yes,yes"
595028e4 33 table_warn_overflow="overprint"
3cb1b51e
PH
34?>
35.literal off
9b371988 36
33393583 37. /////////////////////////////////////////////////////////////////////////////
20f0f788 38. This generates the outermost <book> element that wraps the entire document.
33393583
PH
39. /////////////////////////////////////////////////////////////////////////////
40
41.book
42
43. /////////////////////////////////////////////////////////////////////////////
2aee48d6 44. These definitions set some parameters and save some typing.
7d837ca7 45. Update the Copyright year (only) when changing content.
33393583
PH
46. /////////////////////////////////////////////////////////////////////////////
47
a2ce7b0f 48.set previousversion "4.93"
2aee48d6 49.include ./local_params
f89d2485 50
33393583 51.set ACL "access control lists (ACLs)"
f89d2485 52.set I "&nbsp;&nbsp;&nbsp;&nbsp;"
33393583 53
7d837ca7 54.macro copyyear
a2ce7b0f 552019
7d837ca7 56.endmacro
9b371988
PH
57
58. /////////////////////////////////////////////////////////////////////////////
59. Additional xfpt markup used by this document, over and above the default
60. provided in the xfpt library.
61. /////////////////////////////////////////////////////////////////////////////
62
20f0f788 63. --- Override the &$ flag to automatically insert a $ with the variable name.
9b371988
PH
64
65.flag &$ $& "<varname>$" "</varname>"
66
67. --- Short flags for daggers in option headings. They will always be inside
20f0f788 68. --- an italic string, but we want the daggers to be in Roman.
9b371988
PH
69
70.flag &!! "</emphasis>&dagger;<emphasis>"
71.flag &!? "</emphasis>&Dagger;<emphasis>"
72
73. --- A macro for an Exim option definition heading, generating a one-line
0a4e3112
PH
74. --- table with four columns. For cases when the option name is given with
75. --- a space, so that it can be split, a fifth argument is used for the
76. --- index entry.
9b371988
PH
77
78.macro option
0a4e3112
PH
79.arg 5
80.oindex "&%$5%&"
81.endarg
82.arg -5
3cb1b51e 83.oindex "&%$1%&"
0a4e3112 84.endarg
f89d2485 85.itable all 0 0 4 8* left 6* center 6* center 6* right
9b371988
PH
86.row "&%$1%&" "Use: &'$2'&" "Type: &'$3'&" "Default: &'$4'&"
87.endtable
88.endmacro
89
90. --- A macro for the common 2-column tables. The width of the first column
91. --- is suitable for the many tables at the start of the main options chapter;
20f0f788 92. --- a small number of other 2-column tables override it.
9b371988 93
db9452a9 94.macro table2 196pt 254pt
9b371988
PH
95.itable none 0 0 2 $1 left $2 left
96.endmacro
97
f89d2485
PH
98. --- A macro that generates .row, but puts &I; at the start of the first
99. --- argument, thus indenting it. Assume a minimum of two arguments, and
100. --- allow up to four arguments, which is as many as we'll ever need.
101
102.macro irow
103.arg 4
104.row "&I;$1" "$2" "$3" "$4"
105.endarg
106.arg -4
107.arg 3
108.row "&I;$1" "$2" "$3"
109.endarg
110.arg -3
111.row "&I;$1" "$2"
112.endarg
113.endarg
114.endmacro
115
116. --- Macros for option, variable, and concept index entries. For a "range"
117. --- style of entry, use .scindex for the start and .ecindex for the end. The
118. --- first argument of .scindex and the only argument of .ecindex must be the
119. --- ID that ties them together.
9b371988
PH
120
121.macro cindex
122&<indexterm role="concept">&
123&<primary>&$1&</primary>&
124.arg 2
125&<secondary>&$2&</secondary>&
126.endarg
127&</indexterm>&
128.endmacro
129
4f578862
PH
130.macro scindex
131&<indexterm role="concept" id="$1" class="startofrange">&
132&<primary>&$2&</primary>&
133.arg 3
134&<secondary>&$3&</secondary>&
135.endarg
136&</indexterm>&
137.endmacro
138
139.macro ecindex
140&<indexterm role="concept" startref="$1" class="endofrange"/>&
141.endmacro
142
9b371988
PH
143.macro oindex
144&<indexterm role="option">&
145&<primary>&$1&</primary>&
146.arg 2
147&<secondary>&$2&</secondary>&
148.endarg
149&</indexterm>&
150.endmacro
151
f89d2485
PH
152.macro vindex
153&<indexterm role="variable">&
154&<primary>&$1&</primary>&
155.arg 2
156&<secondary>&$2&</secondary>&
157.endarg
158&</indexterm>&
159.endmacro
160
9b371988 161.macro index
f89d2485 162.echo "** Don't use .index; use .cindex or .oindex or .vindex"
9b371988
PH
163.endmacro
164. ////////////////////////////////////////////////////////////////////////////
165
166
167. ////////////////////////////////////////////////////////////////////////////
20f0f788 168. The <bookinfo> element is removed from the XML before processing for ASCII
9b371988
PH
169. output formats.
170. ////////////////////////////////////////////////////////////////////////////
171
172.literal xml
173<bookinfo>
174<title>Specification of the Exim Mail Transfer Agent</title>
175<titleabbrev>The Exim MTA</titleabbrev>
2aee48d6
JH
176<date>
177.fulldate
178</date>
7b4c60eb
NM
179<author><firstname>Exim</firstname><surname>Maintainers</surname></author>
180<authorinitials>EM</authorinitials>
9b371988 181<revhistory><revision>
99474a17 182.versiondatexml
7b4c60eb 183 <authorinitials>EM</authorinitials>
9b371988 184</revision></revhistory>
2aee48d6 185<copyright><year>
29343b08 186.copyyear
2aee48d6 187 </year><holder>University of Cambridge</holder></copyright>
9b371988
PH
188</bookinfo>
189.literal off
190
191
192. /////////////////////////////////////////////////////////////////////////////
193. This chunk of literal XML implements index entries of the form "x, see y" and
194. "x, see also y". However, the DocBook DTD doesn't allow <indexterm> entries
195. at the top level, so we have to put the .chapter directive first.
196. /////////////////////////////////////////////////////////////////////////////
197
f89d2485 198.chapter "Introduction" "CHID1"
9b371988
PH
199.literal xml
200
f89d2485 201<indexterm role="variable">
168e428f
PH
202 <primary>$1, $2, etc.</primary>
203 <see><emphasis>numerical variables</emphasis></see>
204</indexterm>
205<indexterm role="concept">
206 <primary>address</primary>
207 <secondary>rewriting</secondary>
208 <see><emphasis>rewriting</emphasis></see>
209</indexterm>
210<indexterm role="concept">
068aaea8
PH
211 <primary>Bounce Address Tag Validation</primary>
212 <see><emphasis>BATV</emphasis></see>
213</indexterm>
214<indexterm role="concept">
215 <primary>Client SMTP Authorization</primary>
216 <see><emphasis>CSA</emphasis></see>
217</indexterm>
218<indexterm role="concept">
168e428f
PH
219 <primary>CR character</primary>
220 <see><emphasis>carriage return</emphasis></see>
221</indexterm>
222<indexterm role="concept">
223 <primary>CRL</primary>
224 <see><emphasis>certificate revocation list</emphasis></see>
225</indexterm>
226<indexterm role="concept">
227 <primary>delivery</primary>
228 <secondary>failure report</secondary>
229 <see><emphasis>bounce message</emphasis></see>
230</indexterm>
231<indexterm role="concept">
232 <primary>dialup</primary>
233 <see><emphasis>intermittently connected hosts</emphasis></see>
234</indexterm>
235<indexterm role="concept">
236 <primary>exiscan</primary>
237 <see><emphasis>content scanning</emphasis></see>
238</indexterm>
239<indexterm role="concept">
240 <primary>failover</primary>
241 <see><emphasis>fallback</emphasis></see>
242</indexterm>
243<indexterm role="concept">
244 <primary>fallover</primary>
245 <see><emphasis>fallback</emphasis></see>
246</indexterm>
247<indexterm role="concept">
248 <primary>filter</primary>
249 <secondary>Sieve</secondary>
250 <see><emphasis>Sieve filter</emphasis></see>
251</indexterm>
252<indexterm role="concept">
253 <primary>ident</primary>
254 <see><emphasis>RFC 1413</emphasis></see>
255</indexterm>
256<indexterm role="concept">
257 <primary>LF character</primary>
258 <see><emphasis>linefeed</emphasis></see>
259</indexterm>
260<indexterm role="concept">
261 <primary>maximum</primary>
595028e4 262 <seealso><emphasis>limit</emphasis></seealso>
168e428f
PH
263</indexterm>
264<indexterm role="concept">
068aaea8
PH
265 <primary>monitor</primary>
266 <see><emphasis>Exim monitor</emphasis></see>
267</indexterm>
268<indexterm role="concept">
168e428f
PH
269 <primary>no_<emphasis>xxx</emphasis></primary>
270 <see>entry for xxx</see>
271</indexterm>
272<indexterm role="concept">
273 <primary>NUL</primary>
274 <see><emphasis>binary zero</emphasis></see>
275</indexterm>
276<indexterm role="concept">
277 <primary>passwd file</primary>
278 <see><emphasis>/etc/passwd</emphasis></see>
279</indexterm>
280<indexterm role="concept">
281 <primary>process id</primary>
282 <see><emphasis>pid</emphasis></see>
283</indexterm>
284<indexterm role="concept">
285 <primary>RBL</primary>
286 <see><emphasis>DNS list</emphasis></see>
287</indexterm>
288<indexterm role="concept">
289 <primary>redirection</primary>
290 <see><emphasis>address redirection</emphasis></see>
291</indexterm>
292<indexterm role="concept">
293 <primary>return path</primary>
294 <seealso><emphasis>envelope sender</emphasis></seealso>
295</indexterm>
296<indexterm role="concept">
297 <primary>scanning</primary>
298 <see><emphasis>content scanning</emphasis></see>
299</indexterm>
300<indexterm role="concept">
301 <primary>SSL</primary>
302 <see><emphasis>TLS</emphasis></see>
303</indexterm>
304<indexterm role="concept">
305 <primary>string</primary>
306 <secondary>expansion</secondary>
307 <see><emphasis>expansion</emphasis></see>
308</indexterm>
309<indexterm role="concept">
310 <primary>top bit</primary>
311 <see><emphasis>8-bit characters</emphasis></see>
312</indexterm>
313<indexterm role="concept">
314 <primary>variables</primary>
315 <see><emphasis>expansion, variables</emphasis></see>
316</indexterm>
317<indexterm role="concept">
318 <primary>zero, binary</primary>
319 <see><emphasis>binary zero</emphasis></see>
320</indexterm>
9b371988
PH
321
322.literal off
168e428f
PH
323
324
9b371988
PH
325. /////////////////////////////////////////////////////////////////////////////
326. This is the real start of the first chapter. See the comment above as to why
327. we can't have the .chapter line here.
328. chapter "Introduction"
329. /////////////////////////////////////////////////////////////////////////////
168e428f
PH
330
331Exim is a mail transfer agent (MTA) for hosts that are running Unix or
332Unix-like operating systems. It was designed on the assumption that it would be
333run on hosts that are permanently connected to the Internet. However, it can be
334used on intermittently connected hosts with suitable configuration adjustments.
335
336Configuration files currently exist for the following operating systems: AIX,
068aaea8
PH
337BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, Dragonfly, FreeBSD, GNU/Hurd,
338GNU/Linux, HI-OSF (Hitachi), HI-UX, HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD,
339OpenUNIX, QNX, SCO, SCO SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4,
20f0f788 340Tru64-Unix (formerly Digital UNIX, formerly DEC-OSF1), Ultrix, and UnixWare.
068aaea8
PH
341Some of these operating systems are no longer current and cannot easily be
342tested, so the configuration files may no longer work in practice.
168e428f
PH
343
344There are also configuration files for compiling Exim in the Cygwin environment
345that can be installed on systems running Windows. However, this document does
346not contain any information about running Exim in the Cygwin environment.
347
348The terms and conditions for the use and distribution of Exim are contained in
9b371988
PH
349the file &_NOTICE_&. Exim is distributed under the terms of the GNU General
350Public Licence, a copy of which may be found in the file &_LICENCE_&.
168e428f 351
20f0f788
HSHR
352The use, supply, or promotion of Exim for the purpose of sending bulk,
353unsolicited electronic mail is incompatible with the basic aims of Exim,
168e428f
PH
354which revolve around the free provision of a service that enhances the quality
355of personal communications. The author of Exim regards indiscriminate
356mass-mailing as an antisocial, irresponsible abuse of the Internet.
357
358Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
359experience of running and working on the Smail 3 code, I could never have
360contemplated starting to write a new MTA. Many of the ideas and user interfaces
361were originally taken from Smail 3, though the actual code of Exim is entirely
362new, and has developed far beyond the initial concept.
363
364Many people, both in Cambridge and around the world, have contributed to the
365development and the testing of Exim, and to porting it to various operating
366systems. I am grateful to them all. The distribution now contains a file called
9b371988 367&_ACKNOWLEDGMENTS_&, in which I have started recording the names of
168e428f
PH
368contributors.
369
370
f89d2485 371.section "Exim documentation" "SECID1"
800d5176 372. Keep this example change bar when updating the documentation!
b52ed2b3 373
0a54bc35 374.new
9b371988 375.cindex "documentation"
2aee48d6 376This edition of the Exim specification applies to version &version() of Exim.
9b371988 377Substantive changes from the &previousversion; edition are marked in some
20f0f788 378renditions of this document; this paragraph is so marked if the rendition is
168e428f 379capable of showing a change indicator.
0a54bc35 380.wen
168e428f
PH
381
382This document is very much a reference manual; it is not a tutorial. The reader
383is expected to have some familiarity with the SMTP mail transfer protocol and
384with general Unix system administration. Although there are some discussions
385and examples in places, the information is mostly organized in a way that makes
386it easy to look up, rather than in a natural order for sequential reading.
20f0f788 387Furthermore, this manual aims to cover every aspect of Exim in detail, including
168e428f
PH
388a number of rarely-used, special-purpose features that are unlikely to be of
389very wide interest.
390
9b371988
PH
391.cindex "books about Exim"
392An &"easier"& discussion of Exim which provides more in-depth explanatory,
393introductory, and tutorial material can be found in a book entitled &'The Exim
595028e4 394SMTP Mail Server'& (second edition, 2007), published by UIT Cambridge
07738d61 395(&url(https://www.uit.co.uk/exim-book/)).
168e428f 396
20f0f788 397The book also contains a chapter that gives a general introduction to SMTP and
168e428f
PH
398Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
399with the latest release of Exim. (Note that the earlier book about Exim,
400published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)
401
9b371988 402.cindex "Debian" "information sources"
068aaea8
PH
403If you are using a Debian distribution of Exim, you will find information about
404Debian-specific features in the file
f89d2485 405&_/usr/share/doc/exim4-base/README.Debian_&.
9b371988 406The command &(man update-exim.conf)& is another source of Debian-specific
068aaea8
PH
407information.
408
9b371988
PH
409.cindex "&_doc/NewStuff_&"
410.cindex "&_doc/ChangeLog_&"
411.cindex "change log"
20f0f788 412As Exim develops, there may be features in newer versions that have not
168e428f
PH
413yet made it into this document, which is updated only when the most significant
414digit of the fractional part of the version number changes. Specifications of
415new features that are not yet in this manual are placed in the file
9b371988 416&_doc/NewStuff_& in the Exim distribution.
168e428f 417
9b371988 418Some features may be classified as &"experimental"&. These may change
168e428f
PH
419incompatibly while they are developing, or even be withdrawn. For this reason,
420they are not documented in this manual. Information about experimental features
9b371988 421can be found in the file &_doc/experimental.txt_&.
168e428f 422
20f0f788 423All changes to Exim (whether new features, bug fixes, or other kinds of
9b371988 424change) are noted briefly in the file called &_doc/ChangeLog_&.
168e428f 425
9b371988
PH
426.cindex "&_doc/spec.txt_&"
427This specification itself is available as an ASCII file in &_doc/spec.txt_& so
428that it can easily be searched with a text editor. Other files in the &_doc_&
168e428f
PH
429directory are:
430
9b371988
PH
431.table2 100pt
432.row &_OptionLists.txt_& "list of all options in alphabetical order"
433.row &_dbm.discuss.txt_& "discussion about DBM libraries"
434.row &_exim.8_& "a man page of Exim's command line options"
435.row &_experimental.txt_& "documentation of experimental features"
436.row &_filter.txt_& "specification of the filter language"
9b371988
PH
437.row &_Exim3.upgrade_& "upgrade notes from release 2 to release 3"
438.row &_Exim4.upgrade_& "upgrade notes from release 3 to release 4"
2eec84ca 439.row &_openssl.txt_& "installing a current OpenSSL release"
9b371988 440.endtable
168e428f
PH
441
442The main specification and the specification of the filtering language are also
443available in other formats (HTML, PostScript, PDF, and Texinfo). Section
9b371988 444&<<SECTavail>>& below tells you how to get hold of these.
168e428f
PH
445
446
447
20f0f788
HSHR
448.section "FTP site and websites" "SECID2"
449.cindex "website"
9b371988 450.cindex "FTP site"
b6effdcc
PP
451The primary site for Exim source distributions is the &%exim.org%& FTP site,
452available over HTTPS, HTTP and FTP. These services, and the &%exim.org%&
453website, are hosted at the University of Cambridge.
9b371988
PH
454
455.cindex "wiki"
456.cindex "FAQ"
20f0f788 457As well as Exim distribution tar files, the Exim website contains a number of
f89d2485 458differently formatted versions of the documentation. A recent addition to the
07738d61 459online information is the Exim wiki (&url(https://wiki.exim.org)),
f89d2485
PH
460which contains what used to be a separate FAQ, as well as various other
461examples, tips, and know-how that have been contributed by Exim users.
b6effdcc
PP
462The wiki site should always redirect to the correct place, which is currently
463provided by GitHub, and is open to editing by anyone with a GitHub account.
f89d2485
PH
464
465.cindex Bugzilla
77c27011 466An Exim Bugzilla exists at &url(https://bugs.exim.org). You can use
f89d2485
PH
467this to report bugs, and also to add items to the wish list. Please search
468first to check that you are not duplicating a previous entry.
b6effdcc 469Please do not ask for configuration help in the bug-tracker.
168e428f
PH
470
471
f89d2485 472.section "Mailing lists" "SECID3"
9b371988 473.cindex "mailing lists" "for Exim users"
f89d2485 474The following Exim mailing lists exist:
168e428f 475
9b371988 476.table2 140pt
d854d3a9 477.row &'exim-announce@exim.org'& "Moderated, low volume announcements list"
f89d2485
PH
478.row &'exim-users@exim.org'& "General discussion list"
479.row &'exim-dev@exim.org'& "Discussion of bugs, enhancements, etc."
d854d3a9 480.row &'exim-cvs@exim.org'& "Automated commit messages from the VCS"
9b371988 481.endtable
168e428f
PH
482
483You can subscribe to these lists, change your existing subscriptions, and view
9b371988
PH
484or search the archives via the mailing lists link on the Exim home page.
485.cindex "Debian" "mailing list for"
4f578862 486If you are using a Debian distribution of Exim, you may wish to subscribe to
db9452a9
PH
487the Debian-specific mailing list &'pkg-exim4-users@lists.alioth.debian.org'&
488via this web page:
489.display
07738d61 490&url(https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-exim4-users)
db9452a9 491.endd
20f0f788 492Please ask Debian-specific questions on that list and not on the general Exim
db9452a9 493lists.
9b371988 494
f89d2485 495.section "Bug reports" "SECID5"
9b371988
PH
496.cindex "bug reports"
497.cindex "reporting bugs"
7d0ab55c 498Reports of obvious bugs can be emailed to &'bugs@exim.org'& or reported
77c27011 499via the Bugzilla (&url(https://bugs.exim.org)). However, if you are unsure
595028e4
PH
500whether some behaviour is a bug or not, the best thing to do is to post a
501message to the &'exim-dev'& mailing list and have it discussed.
168e428f
PH
502
503
504
9b371988
PH
505.section "Where to find the Exim distribution" "SECTavail"
506.cindex "FTP site"
b6effdcc 507.cindex "HTTPS download site"
20f0f788 508.cindex "distribution" "FTP site"
b6effdcc 509.cindex "distribution" "https site"
b6effdcc 510The master distribution site for the Exim distribution is
9b371988 511.display
6c6b39ba 512&url(https://downloads.exim.org/)
9b371988 513.endd
b6effdcc
PP
514The service is available over HTTPS, HTTP and FTP.
515We encourage people to migrate to HTTPS.
516
07738d61
PP
517The content served at &url(https://downloads.exim.org/) is identical to the
518content served at &url(https://ftp.exim.org/pub/exim) and
519&url(ftp://ftp.exim.org/pub/exim).
b6effdcc
PP
520
521If accessing via a hostname containing &'ftp'&, then the file references that
522follow are relative to the &_exim_& directories at these sites.
523If accessing via the hostname &'downloads'& then the subdirectories described
524here are top-level directories.
b6effdcc
PP
525
526There are now quite a number of independent mirror sites around
9b371988
PH
527the world. Those that I know about are listed in the file called &_Mirrors_&.
528
b6effdcc 529Within the top exim directory there are subdirectories called &_exim3_& (for
9b371988
PH
530previous Exim 3 distributions), &_exim4_& (for the latest Exim 4
531distributions), and &_Testing_& for testing versions. In the &_exim4_&
168e428f 532subdirectory, the current release can always be found in files called
9b371988 533.display
b6effdcc 534&_exim-n.nn.tar.xz_&
9b371988
PH
535&_exim-n.nn.tar.gz_&
536&_exim-n.nn.tar.bz2_&
537.endd
b6effdcc 538where &'n.nn'& is the highest such version number in the directory. The three
168e428f 539files contain identical data; the only difference is the type of compression.
b6effdcc
PP
540The &_.xz_& file is usually the smallest, while the &_.gz_& file is the
541most portable to old systems.
168e428f 542
9b371988
PH
543.cindex "distribution" "signing details"
544.cindex "distribution" "public key"
545.cindex "public key for signed distribution"
40167b05
PP
546The distributions will be PGP signed by an individual key of the Release
547Coordinator. This key will have a uid containing an email address in the
548&'exim.org'& domain and will have signatures from other people, including
549other Exim maintainers. We expect that the key will be in the "strong set" of
20f0f788
HSHR
550PGP keys. There should be a trust path to that key from the Exim Maintainer's
551PGP keys, a version of which can be found in the release directory in the file
552&_Exim-Maintainers-Keyring.asc_&. All keys used will be available in public keyserver pools,
40167b05
PP
553such as &'pool.sks-keyservers.net'&.
554
20f0f788 555At the time of the last update, releases were being made by Jeremy Harris and signed
b6effdcc
PP
556with key &'0xBCE58C8CE41F32DF'&. Other recent keys used for signing are those
557of Heiko Schlittermann, &'0x26101B62F69376CE'&,
558and of Phil Pennock, &'0x4D1E900E14C1CC04'&.
40167b05
PP
559
560The signatures for the tar bundles are in:
9b371988 561.display
b6effdcc 562&_exim-n.nn.tar.xz.asc_&
210f147e
NM
563&_exim-n.nn.tar.gz.asc_&
564&_exim-n.nn.tar.bz2.asc_&
9b371988 565.endd
20f0f788 566For each released version, the log of changes is made available in a
9b371988 567separate file in the directory &_ChangeLogs_& so that it is possible to
168e428f
PH
568find out what has changed without having to download the entire distribution.
569
9b371988 570.cindex "documentation" "available formats"
168e428f
PH
571The main distribution contains ASCII versions of this specification and other
572documentation; other formats of the documents are available in separate files
9b371988
PH
573inside the &_exim4_& directory of the FTP site:
574.display
575&_exim-html-n.nn.tar.gz_&
576&_exim-pdf-n.nn.tar.gz_&
577&_exim-postscript-n.nn.tar.gz_&
578&_exim-texinfo-n.nn.tar.gz_&
579.endd
580These tar files contain only the &_doc_& directory, not the complete
b6effdcc 581distribution, and are also available in &_.bz2_& and &_.xz_& forms.
168e428f 582
168e428f 583
f89d2485 584.section "Limitations" "SECID6"
9b371988
PH
585.ilist
586.cindex "limitations of Exim"
587.cindex "bang paths" "not handled by Exim"
588Exim is designed for use as an Internet MTA, and therefore handles addresses in
589RFC 2822 domain format only. It cannot handle UUCP &"bang paths"&, though
590simple two-component bang paths can be converted by a straightforward rewriting
591configuration. This restriction does not prevent Exim from being interfaced to
592UUCP as a transport mechanism, provided that domain addresses are used.
593.next
594.cindex "domainless addresses"
595.cindex "address" "without domain"
168e428f
PH
596Exim insists that every address it handles has a domain attached. For incoming
597local messages, domainless addresses are automatically qualified with a
598configured domain value. Configuration options specify from which remote
599systems unqualified addresses are acceptable. These are then qualified on
600arrival.
9b371988
PH
601.next
602.cindex "transport" "external"
603.cindex "external transports"
604The only external transport mechanisms that are currently implemented are SMTP
605and LMTP over a TCP/IP network (including support for IPv6). However, a pipe
168e428f 606transport is available, and there are facilities for writing messages to files
9b371988
PH
607and pipes, optionally in &'batched SMTP'& format; these facilities can be used
608to send messages to other transport mechanisms such as UUCP, provided they can
609handle domain-style addresses. Batched SMTP input is also catered for.
610.next
611Exim is not designed for storing mail for dial-in hosts. When the volumes of
612such mail are large, it is better to get the messages &"delivered"& into files
168e428f
PH
613(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
614other means.
9b371988
PH
615.next
616Although Exim does have basic facilities for scanning incoming messages, these
168e428f
PH
617are not comprehensive enough to do full virus or spam scanning. Such operations
618are best carried out using additional specialized software packages. If you
619compile Exim with the content-scanning extension, straightforward interfaces to
620a number of common scanners are provided.
9b371988 621.endlist
168e428f
PH
622
623
20f0f788
HSHR
624.section "Runtime configuration" "SECID7"
625Exim's runtime configuration is held in a single text file that is divided
168e428f
PH
626into a number of sections. The entries in this file consist of keywords and
627values, in the style of Smail 3 configuration files. A default configuration
628file which is suitable for simple online installations is provided in the
9b371988 629distribution, and is described in chapter &<<CHAPdefconfil>>& below.
168e428f
PH
630
631
f89d2485 632.section "Calling interface" "SECID8"
9b371988 633.cindex "Sendmail compatibility" "command line interface"
168e428f 634Like many MTAs, Exim has adopted the Sendmail command line interface so that it
9b371988
PH
635can be a straight replacement for &_/usr/lib/sendmail_& or
636&_/usr/sbin/sendmail_& when sending mail, but you do not need to know anything
168e428f
PH
637about Sendmail in order to run Exim. For actions other than sending messages,
638Sendmail-compatible options also exist, but those that produce output (for
20f0f788 639example, &%-bp%&, which lists the messages in the queue) do so in Exim's own
168e428f 640format. There are also some additional options that are compatible with Smail
9b371988 6413, and some further options that are new to Exim. Chapter &<<CHAPcommandline>>&
168e428f
PH
642documents all Exim's command line options. This information is automatically
643made into the man page that forms part of the Exim distribution.
644
20f0f788 645Control of messages in the queue can be done via certain privileged command
9b371988
PH
646line options. There is also an optional monitor program called &'eximon'&,
647which displays current information in an X window, and which contains a menu
168e428f
PH
648interface to Exim's command line administration options.
649
650
651
f89d2485 652.section "Terminology" "SECID9"
9b371988
PH
653.cindex "terminology definitions"
654.cindex "body of message" "definition of"
655The &'body'& of a message is the actual data that the sender wants to transmit.
20f0f788 656It is the last part of a message and is separated from the &'header'& (see
168e428f
PH
657below) by a blank line.
658
9b371988 659.cindex "bounce message" "definition of"
168e428f 660When a message cannot be delivered, it is normally returned to the sender in a
9b371988
PH
661delivery failure message or a &"non-delivery report"& (NDR). The term
662&'bounce'& is commonly used for this action, and the error reports are often
663called &'bounce messages'&. This is a convenient shorthand for &"delivery
664failure error report"&. Such messages have an empty sender address in the
665message's &'envelope'& (see below) to ensure that they cannot themselves give
666rise to further bounce messages.
667
668The term &'default'& appears frequently in this manual. It is used to qualify a
168e428f
PH
669value which is used in the absence of any setting in the configuration. It may
670also qualify an action which is taken unless a configuration setting specifies
671otherwise.
672
9b371988 673The term &'defer'& is used when the delivery of a message to a specific
168e428f 674destination cannot immediately take place for some reason (a remote host may be
9b371988 675down, or a user's local mailbox may be full). Such deliveries are &'deferred'&
168e428f
PH
676until a later time.
677
9b371988
PH
678The word &'domain'& is sometimes used to mean all but the first component of a
679host's name. It is &'not'& used in that sense here, where it normally refers to
680the part of an email address following the @ sign.
168e428f 681
f89d2485 682.cindex "envelope, definition of"
9b371988
PH
683.cindex "sender" "definition of"
684A message in transit has an associated &'envelope'&, as well as a header and a
168e428f
PH
685body. The envelope contains a sender address (to which bounce messages should
686be delivered), and any number of recipient addresses. References to the
687sender or the recipients of a message usually mean the addresses in the
688envelope. An MTA uses these addresses for delivery, and for returning bounce
689messages, not the addresses that appear in the header lines.
690
f89d2485 691.cindex "message" "header, definition of"
9b371988
PH
692.cindex "header section" "definition of"
693The &'header'& of a message is the first part of a message's text, consisting
694of a number of lines, each of which has a name such as &'From:'&, &'To:'&,
695&'Subject:'&, etc. Long header lines can be split over several text lines by
168e428f
PH
696indenting the continuations. The header is separated from the body by a blank
697line.
698
9b371988
PH
699.cindex "local part" "definition of"
700.cindex "domain" "definition of"
20f0f788 701The term &'local part'&, which is taken from RFC 2822, is used to refer to the
168e428f 702part of an email address that precedes the @ sign. The part that follows the
9b371988 703@ sign is called the &'domain'& or &'mail domain'&.
168e428f 704
9b371988 705.cindex "local delivery" "definition of"
f89d2485 706.cindex "remote delivery, definition of"
9b371988 707The terms &'local delivery'& and &'remote delivery'& are used to distinguish
168e428f 708delivery to a file or a pipe on the local host from delivery by SMTP over
068aaea8 709TCP/IP to another host. As far as Exim is concerned, all hosts other than the
9b371988 710host it is running on are &'remote'&.
168e428f 711
9b371988
PH
712.cindex "return path" "definition of"
713&'Return path'& is another name that is used for the sender address in a
168e428f
PH
714message's envelope.
715
9b371988 716.cindex "queue" "definition of"
20f0f788 717The term &'queue'& is used to refer to the set of messages awaiting delivery
168e428f 718because this term is in widespread use in the context of MTAs. However, in
20f0f788 719Exim's case, the reality is more like a pool than a queue, because there is
168e428f
PH
720normally no ordering of waiting messages.
721
9b371988
PH
722.cindex "queue runner" "definition of"
723The term &'queue runner'& is used to describe a process that scans the queue
168e428f 724and attempts to deliver those messages whose retry times have come. This term
20f0f788 725is used by other MTAs and also relates to the command &%runq%&, but in Exim
168e428f
PH
726the waiting messages are normally processed in an unpredictable order.
727
9b371988
PH
728.cindex "spool directory" "definition of"
729The term &'spool directory'& is used for a directory in which Exim keeps the
20f0f788 730messages in its queue &-- that is, those that it is in the process of
168e428f 731delivering. This should not be confused with the directory in which local
9b371988
PH
732mailboxes are stored, which is called a &"spool directory"& by some people. In
733the Exim documentation, &"spool"& is always used in the first sense.
168e428f
PH
734
735
736
737
738
739
9b371988
PH
740. ////////////////////////////////////////////////////////////////////////////
741. ////////////////////////////////////////////////////////////////////////////
168e428f 742
f89d2485 743.chapter "Incorporated code" "CHID2"
9b371988
PH
744.cindex "incorporated code"
745.cindex "regular expressions" "library"
746.cindex "PCRE"
1899bab2 747.cindex "OpenDMARC"
168e428f
PH
748A number of pieces of external code are included in the Exim distribution.
749
9b371988 750.ilist
210f147e
NM
751Regular expressions are supported in the main Exim program and in the
752Exim monitor using the freely-distributable PCRE library, copyright
40df1be3
TF
753&copy; University of Cambridge. The source to PCRE is no longer shipped with
754Exim, so you will need to use the version of PCRE shipped with your system,
755or obtain and install the full version of the library from
f89d2485 756&url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre).
9b371988 757.next
f89d2485 758.cindex "cdb" "acknowledgment"
168e428f
PH
759Support for the cdb (Constant DataBase) lookup method is provided by code
760contributed by Nigel Metheringham of (at the time he contributed it) Planet
9b371988
PH
761Online Ltd. The implementation is completely contained within the code of Exim.
762It does not link against an external cdb library. The code contains the
763following statements:
764
765.blockquote
766Copyright &copy; 1998 Nigel Metheringham, Planet Online Ltd
767
168e428f
PH
768This program is free software; you can redistribute it and/or modify it under
769the terms of the GNU General Public License as published by the Free Software
770Foundation; either version 2 of the License, or (at your option) any later
771version.
168e428f
PH
772This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
773the spec and sample code for cdb can be obtained from
07738d61 774&url(https://cr.yp.to/cdb.html). This implementation borrows
f89d2485
PH
775some code from Dan Bernstein's implementation (which has no license
776restrictions applied to it).
9b371988
PH
777.endblockquote
778.next
779.cindex "SPA authentication"
780.cindex "Samba project"
781.cindex "Microsoft Secure Password Authentication"
782Client support for Microsoft's &'Secure Password Authentication'& is provided
168e428f
PH
783by code contributed by Marc Prud'hommeaux. Server support was contributed by
784Tom Kistner. This includes code taken from the Samba project, which is released
785under the Gnu GPL.
9b371988
PH
786.next
787.cindex "Cyrus"
788.cindex "&'pwcheck'& daemon"
789.cindex "&'pwauthd'& daemon"
790Support for calling the Cyrus &'pwcheck'& and &'saslauthd'& daemons is provided
168e428f
PH
791by code taken from the Cyrus-SASL library and adapted by Alexander S.
792Sabourenkov. The permission notice appears below, in accordance with the
793conditions expressed therein.
9b371988
PH
794
795.blockquote
796Copyright &copy; 2001 Carnegie Mellon University. All rights reserved.
797
168e428f
PH
798Redistribution and use in source and binary forms, with or without
799modification, are permitted provided that the following conditions
800are met:
168e428f 801
9b371988
PH
802.olist
803Redistributions of source code must retain the above copyright
804notice, this list of conditions and the following disclaimer.
805.next
806Redistributions in binary form must reproduce the above copyright
168e428f
PH
807notice, this list of conditions and the following disclaimer in
808the documentation and/or other materials provided with the
809distribution.
9b371988
PH
810.next
811The name &"Carnegie Mellon University"& must not be used to
168e428f
PH
812endorse or promote products derived from this software without
813prior written permission. For permission or any other legal
814details, please contact
9b371988 815.display
068aaea8
PH
816 Office of Technology Transfer
817 Carnegie Mellon University
818 5000 Forbes Avenue
819 Pittsburgh, PA 15213-3890
820 (412) 268-4387, fax: (412) 268-7395
821 tech-transfer@andrew.cmu.edu
9b371988
PH
822.endd
823.next
824Redistributions of any form whatsoever must retain the following
168e428f 825acknowledgment:
9b371988
PH
826
827&"This product includes software developed by Computing Services
07738d61 828at Carnegie Mellon University (&url(https://www.cmu.edu/computing/)."&
9b371988 829
168e428f
PH
830CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
831THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
832AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
833FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
834WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
835AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
836OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9b371988
PH
837.endlist
838.endblockquote
168e428f 839
9b371988 840.next
f89d2485 841.cindex "Exim monitor" "acknowledgment"
9b371988
PH
842.cindex "X-windows"
843.cindex "Athena"
168e428f
PH
844The Exim Monitor program, which is an X-Window application, includes
845modified versions of the Athena StripChart and TextPop widgets.
846This code is copyright by DEC and MIT, and their permission notice appears
847below, in accordance with the conditions expressed therein.
9b371988
PH
848
849.blockquote
168e428f
PH
850Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
851and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
9b371988 852
168e428f 853All Rights Reserved
9b371988 854
168e428f
PH
855Permission to use, copy, modify, and distribute this software and its
856documentation for any purpose and without fee is hereby granted,
857provided that the above copyright notice appear in all copies and that
858both that copyright notice and this permission notice appear in
859supporting documentation, and that the names of Digital or MIT not be
860used in advertising or publicity pertaining to distribution of the
861software without specific, written prior permission.
9b371988 862
168e428f
PH
863DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
864ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
865DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
866ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
867WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
868ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
869SOFTWARE.
9b371988 870.endblockquote
168e428f 871
9b371988 872.next
1899bab2
TL
873.cindex "opendmarc" "acknowledgment"
874The DMARC implementation uses the OpenDMARC library which is Copyrighted by
875The Trusted Domain Project. Portions of Exim source which use OpenDMARC
876derived code are indicated in the respective source files. The full OpenDMARC
877license is provided in the LICENSE.opendmarc file contained in the distributed
878source code.
879
880.next
9b371988 881Many people have contributed code fragments, some large, some small, that were
20f0f788 882not covered by any specific license requirements. It is assumed that the
f89d2485 883contributors are happy to see their code incorporated into Exim under the GPL.
9b371988 884.endlist
168e428f
PH
885
886
887
888
889
9b371988
PH
890. ////////////////////////////////////////////////////////////////////////////
891. ////////////////////////////////////////////////////////////////////////////
168e428f 892
f89d2485 893.chapter "How Exim receives and delivers mail" "CHID11" &&&
9b371988 894 "Receiving and delivering mail"
168e428f
PH
895
896
f89d2485 897.section "Overall philosophy" "SECID10"
9b371988 898.cindex "design philosophy"
168e428f
PH
899Exim is designed to work efficiently on systems that are permanently connected
900to the Internet and are handling a general mix of mail. In such circumstances,
901most messages can be delivered immediately. Consequently, Exim does not
902maintain independent queues of messages for specific domains or hosts, though
903it does try to send several messages in a single SMTP connection after a host
904has been down, and it also maintains per-host retry information.
905
906
f89d2485 907.section "Policy control" "SECID11"
9b371988 908.cindex "policy control" "overview"
168e428f 909Policy controls are now an important feature of MTAs that are connected to the
20f0f788 910Internet. Perhaps their most important job is to stop MTAs from being abused as
9b371988 911&"open relays"& by misguided individuals who send out vast amounts of
20f0f788 912unsolicited junk and want to disguise its source. Exim provides flexible
9b371988 913facilities for specifying policy controls on incoming mail:
168e428f 914
9b371988
PH
915.ilist
916.cindex "&ACL;" "introduction"
168e428f 917Exim 4 (unlike previous versions of Exim) implements policy controls on
9b371988 918incoming mail by means of &'Access Control Lists'& (ACLs). Each list is a
168e428f
PH
919series of statements that may either grant or deny access. ACLs can be used at
920several places in the SMTP dialogue while receiving a message from a remote
9b371988
PH
921host. However, the most common places are after each RCPT command, and at the
922very end of the message. The sysadmin can specify conditions for accepting or
923rejecting individual recipients or the entire message, respectively, at these
924two points (see chapter &<<CHAPACL>>&). Denial of access results in an SMTP
168e428f 925error code.
9b371988
PH
926.next
927An ACL is also available for locally generated, non-SMTP messages. In this
168e428f 928case, the only available actions are to accept or deny the entire message.
9b371988
PH
929.next
930When Exim is compiled with the content-scanning extension, facilities are
168e428f
PH
931provided in the ACL mechanism for passing the message to external virus and/or
932spam scanning software. The result of such a scan is passed back to the ACL,
933which can then use it to decide what to do with the message.
9b371988
PH
934.next
935When a message has been received, either from a remote host or from the local
f89d2485 936host, but before the final acknowledgment has been sent, a locally supplied C
9b371988
PH
937function called &[local_scan()]& can be run to inspect the message and decide
938whether to accept it or not (see chapter &<<CHAPlocalscan>>&). If the message
939is accepted, the list of recipients can be modified by the function.
940.next
941Using the &[local_scan()]& mechanism is another way of calling external scanner
942software. The &%SA-Exim%& add-on package works this way. It does not require
943Exim to be compiled with the content-scanning extension.
944.next
945After a message has been accepted, a further checking mechanism is available in
946the form of the &'system filter'& (see chapter &<<CHAPsystemfilter>>&). This
947runs at the start of every delivery process.
948.endlist
949
950
951
f89d2485 952.section "User filters" "SECID12"
9b371988
PH
953.cindex "filter" "introduction"
954.cindex "Sieve filter"
168e428f 955In a conventional Exim configuration, users are able to run private filters by
9b371988
PH
956setting up appropriate &_.forward_& files in their home directories. See
957chapter &<<CHAPredirect>>& (about the &(redirect)& router) for the
958configuration needed to support this, and the separate document entitled
959&'Exim's interfaces to mail filtering'& for user details. Two different kinds
960of filtering are available:
961
962.ilist
963Sieve filters are written in the standard filtering language that is defined
168e428f 964by RFC 3028.
9b371988
PH
965.next
966Exim filters are written in a syntax that is unique to Exim, but which is more
168e428f 967powerful than Sieve, which it pre-dates.
9b371988 968.endlist
168e428f
PH
969
970User filters are run as part of the routing process, described below.
971
972
973
9b371988
PH
974.section "Message identification" "SECTmessiden"
975.cindex "message ids" "details of format"
976.cindex "format" "of message id"
977.cindex "id of message"
978.cindex "base62"
979.cindex "base36"
980.cindex "Darwin"
981.cindex "Cygwin"
982Every message handled by Exim is given a &'message id'& which is sixteen
168e428f 983characters long. It is divided into three parts, separated by hyphens, for
9b371988 984example &`16VDhn-0001bo-D3`&. Each part is a sequence of letters and digits,
168e428f
PH
985normally encoding numbers in base 62. However, in the Darwin operating
986system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
987(avoiding the use of lower case letters) is used instead, because the message
20f0f788 988id is used to construct filenames, and the names of files in those systems are
068aaea8 989not always case-sensitive.
168e428f 990
9b371988 991.cindex "pid (process id)" "re-use of"
168e428f
PH
992The detail of the contents of the message id have changed as Exim has evolved.
993Earlier versions relied on the operating system not re-using a process id (pid)
994within one second. On modern operating systems, this assumption can no longer
995be made, so the algorithm had to be changed. To retain backward compatibility,
996the format of the message id was retained, which is why the following rules are
997somewhat eccentric:
998
9b371988
PH
999.ilist
1000The first six characters of the message id are the time at which the message
168e428f
PH
1001started to be received, to a granularity of one second. That is, this field
1002contains the number of seconds since the start of the epoch (the normal Unix
1003way of representing the date and time of day).
9b371988
PH
1004.next
1005After the first hyphen, the next six characters are the id of the process that
168e428f 1006received the message.
9b371988
PH
1007.next
1008There are two different possibilities for the final two characters:
1009.olist
0a4e3112 1010.oindex "&%localhost_number%&"
9b371988 1011If &%localhost_number%& is not set, this value is the fractional part of the
168e428f
PH
1012time of reception, normally in units of 1/2000 of a second, but for systems
1013that must use base 36 instead of base 62 (because of case-insensitive file
1014systems), the units are 1/1000 of a second.
9b371988
PH
1015.next
1016If &%localhost_number%& is set, it is multiplied by 200 (100) and added to
168e428f
PH
1017the fractional part of the time, which in this case is in units of 1/200
1018(1/100) of a second.
9b371988
PH
1019.endlist
1020.endlist
168e428f
PH
1021
1022After a message has been received, Exim waits for the clock to tick at the
1023appropriate resolution before proceeding, so that if another message is
1024received by the same process, or by another process with the same (re-used)
1025pid, it is guaranteed that the time will be different. In most cases, the clock
1026will already have ticked while the message was being received.
1027
1028
f89d2485 1029.section "Receiving mail" "SECID13"
9b371988
PH
1030.cindex "receiving mail"
1031.cindex "message" "reception"
068aaea8
PH
1032The only way Exim can receive mail from another host is using SMTP over
1033TCP/IP, in which case the sender and recipient addresses are transferred using
168e428f
PH
1034SMTP commands. However, from a locally running process (such as a user's MUA),
1035there are several possibilities:
1036
9b371988
PH
1037.ilist
1038If the process runs Exim with the &%-bm%& option, the message is read
168e428f 1039non-interactively (usually via a pipe), with the recipients taken from the
9b371988
PH
1040command line, or from the body of the message if &%-t%& is also used.
1041.next
1042If the process runs Exim with the &%-bS%& option, the message is also read
168e428f
PH
1043non-interactively, but in this case the recipients are listed at the start of
1044the message in a series of SMTP RCPT commands, terminated by a DATA
20f0f788 1045command. This is called &"batch SMTP"& format,
168e428f
PH
1046but it isn't really SMTP. The SMTP commands are just another way of passing
1047envelope addresses in a non-interactive submission.
9b371988
PH
1048.next
1049If the process runs Exim with the &%-bs%& option, the message is read
168e428f
PH
1050interactively, using the SMTP protocol. A two-way pipe is normally used for
1051passing data between the local process and the Exim process.
9b371988 1052This is &"real"& SMTP and is handled in the same way as SMTP over TCP/IP. For
168e428f 1053example, the ACLs for SMTP commands are used for this form of submission.
9b371988
PH
1054.next
1055A local process may also make a TCP/IP call to the host's loopback address
168e428f
PH
1056(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
1057does not treat the loopback address specially. It treats all such connections
1058in the same way as connections from other hosts.
9b371988 1059.endlist
168e428f
PH
1060
1061
f89d2485 1062.cindex "message sender, constructed by Exim"
9b371988 1063.cindex "sender" "constructed by Exim"
168e428f
PH
1064In the three cases that do not involve TCP/IP, the sender address is
1065constructed from the login name of the user that called Exim and a default
9b371988 1066qualification domain (which can be set by the &%qualify_domain%& configuration
168e428f
PH
1067option). For local or batch SMTP, a sender address that is passed using the
1068SMTP MAIL command is ignored. However, the system administrator may allow
20f0f788 1069certain users (&"trusted users"&) to specify a different sender addresses
168e428f 1070unconditionally, or all users to specify certain forms of different sender
9b371988
PH
1071address. The &%-f%& option or the SMTP MAIL command is used to specify these
1072different addresses. See section &<<SECTtrustedadmin>>& for details of trusted
1073users, and the &%untrusted_set_sender%& option for a way of allowing untrusted
168e428f
PH
1074users to change sender addresses.
1075
1076Messages received by either of the non-interactive mechanisms are subject to
20f0f788
HSHR
1077checking by the non-SMTP ACL if one is defined. Messages received using SMTP
1078(either over TCP/IP or interacting with a local process) can be checked by a
168e428f 1079number of ACLs that operate at different times during the SMTP session. Either
20f0f788 1080individual recipients or the entire message can be rejected if local policy
9b371988
PH
1081requirements are not met. The &[local_scan()]& function (see chapter
1082&<<CHAPlocalscan>>&) is run for all incoming messages.
168e428f
PH
1083
1084Exim can be configured not to start a delivery process when a message is
1085received; this can be unconditional, or depend on the number of incoming SMTP
1086connections or the system load. In these situations, new messages wait on the
1087queue until a queue runner process picks them up. However, in standard
1088configurations under normal conditions, delivery is started as soon as a
1089message is received.
1090
1091
1092
1093
1094
f89d2485 1095.section "Handling an incoming message" "SECID14"
9b371988
PH
1096.cindex "spool directory" "files that hold a message"
1097.cindex "file" "how a message is held"
168e428f
PH
1098When Exim accepts a message, it writes two files in its spool directory. The
1099first contains the envelope information, the current status of the message, and
1100the header lines, and the second contains the body of the message. The names of
9b371988
PH
1101the two spool files consist of the message id, followed by &`-H`& for the
1102file containing the envelope and header, and &`-D`& for the data file.
168e428f 1103
9b371988 1104.cindex "spool directory" "&_input_& sub-directory"
20f0f788 1105By default, all these message files are held in a single directory called
9b371988 1106&_input_& inside the general Exim spool directory. Some operating systems do
c0712871 1107not perform very well if the number of files in a directory gets large; to
9b371988 1108improve performance in such cases, the &%split_spool_directory%& option can be
168e428f 1109used. This causes Exim to split up the input files into 62 sub-directories
db9452a9 1110whose names are single letters or digits. When this is done, the queue is
c0712871
PH
1111processed one sub-directory at a time instead of all at once, which can improve
1112overall performance even when there are not enough files in each directory to
db9452a9 1113affect file system performance.
168e428f
PH
1114
1115The envelope information consists of the address of the message's sender and
1116the addresses of the recipients. This information is entirely separate from
1117any addresses contained in the header lines. The status of the message includes
1118a list of recipients who have already received the message. The format of the
9b371988 1119first spool file is described in chapter &<<CHAPspool>>&.
168e428f 1120
9b371988 1121.cindex "rewriting" "addresses"
168e428f 1122Address rewriting that is specified in the rewrite section of the configuration
9b371988 1123(see chapter &<<CHAPrewrite>>&) is done once and for all on incoming addresses,
168e428f
PH
1124both in the header lines and the envelope, at the time the message is accepted.
1125If during the course of delivery additional addresses are generated (for
1126example, via aliasing), these new addresses are rewritten as soon as they are
1127generated. At the time a message is actually delivered (transported) further
1128rewriting can take place; because this is a transport option, it can be
1129different for different forms of delivery. It is also possible to specify the
1130addition or removal of certain header lines at the time the message is
9b371988
PH
1131delivered (see chapters &<<CHAProutergeneric>>& and
1132&<<CHAPtransportgeneric>>&).
168e428f
PH
1133
1134
1135
f89d2485 1136.section "Life of a message" "SECID15"
9b371988
PH
1137.cindex "message" "life of"
1138.cindex "message" "frozen"
168e428f
PH
1139A message remains in the spool directory until it is completely delivered to
1140its recipients or to an error address, or until it is deleted by an
1141administrator or by the user who originally created it. In cases when delivery
20f0f788 1142cannot proceed &-- for example when a message can neither be delivered to its
9b371988 1143recipients nor returned to its sender, the message is marked &"frozen"& on the
168e428f
PH
1144spool, and no more deliveries are attempted.
1145
9b371988
PH
1146.cindex "frozen messages" "thawing"
1147.cindex "message" "thawing frozen"
1148An administrator can &"thaw"& such messages when the problem has been
1149corrected, and can also freeze individual messages by hand if necessary. In
1150addition, an administrator can force a delivery error, causing a bounce message
1151to be sent.
1152
0a4e3112
PH
1153.oindex "&%timeout_frozen_after%&"
1154.oindex "&%ignore_bounce_errors_after%&"
9b371988
PH
1155There are options called &%ignore_bounce_errors_after%& and
1156&%timeout_frozen_after%&, which discard frozen messages after a certain time.
20f0f788 1157The first applies only to frozen bounces, the second to all frozen messages.
168e428f 1158
9b371988
PH
1159.cindex "message" "log file for"
1160.cindex "log" "file for each message"
168e428f 1161While Exim is working on a message, it writes information about each delivery
068aaea8 1162attempt to its main log file. This includes successful, unsuccessful, and
9b371988
PH
1163delayed deliveries for each recipient (see chapter &<<CHAPlog>>&). The log
1164lines are also written to a separate &'message log'& file for each message.
20f0f788 1165These logs are solely for the benefit of the administrator and are normally
9b371988 1166deleted along with the spool files when processing of a message is complete.
168e428f 1167The use of individual message logs can be disabled by setting
9b371988
PH
1168&%no_message_logs%&; this might give an improvement in performance on very busy
1169systems.
168e428f 1170
9b371988
PH
1171.cindex "journal file"
1172.cindex "file" "journal"
168e428f
PH
1173All the information Exim itself needs to set up a delivery is kept in the first
1174spool file, along with the header lines. When a successful delivery occurs, the
1175address is immediately written at the end of a journal file, whose name is the
9b371988
PH
1176message id followed by &`-J`&. At the end of a delivery run, if there are some
1177addresses left to be tried again later, the first spool file (the &`-H`& file)
168e428f
PH
1178is updated to indicate which these are, and the journal file is then deleted.
1179Updating the spool file is done by writing a new file and renaming it, to
1180minimize the possibility of data loss.
1181
20f0f788 1182Should the system or Exim crash after a successful delivery but before
168e428f
PH
1183the spool file has been updated, the journal is left lying around. The next
1184time Exim attempts to deliver the message, it reads the journal file and
1185updates the spool file before proceeding. This minimizes the chances of double
1186deliveries caused by crashes.
1187
1188
1189
9b371988
PH
1190.section "Processing an address for delivery" "SECTprocaddress"
1191.cindex "drivers" "definition of"
1192.cindex "router" "definition of"
1193.cindex "transport" "definition of"
1194The main delivery processing elements of Exim are called &'routers'& and
1195&'transports'&, and collectively these are known as &'drivers'&. Code for a
168e428f 1196number of them is provided in the source distribution, and compile-time options
20f0f788 1197specify which ones are included in the binary. Runtime options specify which
168e428f
PH
1198ones are actually used for delivering messages.
1199
9b371988 1200.cindex "drivers" "instance definition"
20f0f788 1201Each driver that is specified in the runtime configuration is an &'instance'&
168e428f 1202of that particular driver type. Multiple instances are allowed; for example,
9b371988 1203you can set up several different &(smtp)& transports, each with different
168e428f
PH
1204option values that might specify different ports or different timeouts. Each
1205instance has its own identifying name. In what follows we will normally use the
1206instance name when discussing one particular instance (that is, one specific
1207configuration of the driver), and the generic driver name when discussing
1208the driver's features in general.
1209
9b371988 1210A &'router'& is a driver that operates on an address, either determining how
068aaea8 1211its delivery should happen, by assigning it to a specific transport, or
168e428f
PH
1212converting the address into one or more new addresses (for example, via an
1213alias file). A router may also explicitly choose to fail an address, causing it
1214to be bounced.
1215
9b371988
PH
1216A &'transport'& is a driver that transmits a copy of the message from Exim's
1217spool to some destination. There are two kinds of transport: for a &'local'&
168e428f 1218transport, the destination is a file or a pipe on the local host, whereas for a
9b371988 1219&'remote'& transport the destination is some other host. A message is passed
168e428f
PH
1220to a specific transport as a result of successful routing. If a message has
1221several recipients, it may be passed to a number of different transports.
1222
9b371988 1223.cindex "preconditions" "definition of"
168e428f
PH
1224An address is processed by passing it to each configured router instance in
1225turn, subject to certain preconditions, until a router accepts the address or
1226specifies that it should be bounced. We will describe this process in more
068aaea8
PH
1227detail shortly. First, as a simple example, we consider how each recipient
1228address in a message is processed in a small configuration of three routers.
168e428f 1229
068aaea8 1230To make this a more concrete example, it is described in terms of some actual
168e428f
PH
1231routers, but remember, this is only an example. You can configure Exim's
1232routers in many different ways, and there may be any number of routers in a
1233configuration.
1234
1235The first router that is specified in a configuration is often one that handles
20f0f788
HSHR
1236addresses in domains that are not recognized specifically by the local host.
1237Typically these are addresses for arbitrary domains on the Internet. A precondition
168e428f 1238is set up which looks for the special domains known to the host (for example,
9b371988 1239its own domain name), and the router is run for addresses that do &'not'&
168e428f
PH
1240match. Typically, this is a router that looks up domains in the DNS in order to
1241find the hosts to which this address routes. If it succeeds, the address is
068aaea8 1242assigned to a suitable SMTP transport; if it does not succeed, the router is
168e428f
PH
1243configured to fail the address.
1244
068aaea8 1245The second router is reached only when the domain is recognized as one that
9b371988 1246&"belongs"& to the local host. This router does redirection &-- also known as
068aaea8
PH
1247aliasing and forwarding. When it generates one or more new addresses from the
1248original, each of them is routed independently from the start. Otherwise, the
1249router may cause an address to fail, or it may simply decline to handle the
1250address, in which case the address is passed to the next router.
168e428f
PH
1251
1252The final router in many configurations is one that checks to see if the
1253address belongs to a local mailbox. The precondition may involve a check to
1254see if the local part is the name of a login account, or it may look up the
1255local part in a file or a database. If its preconditions are not met, or if
1256the router declines, we have reached the end of the routers. When this happens,
1257the address is bounced.
1258
1259
1260
f89d2485 1261.section "Processing an address for verification" "SECID16"
9b371988
PH
1262.cindex "router" "for verification"
1263.cindex "verifying address" "overview"
168e428f 1264As well as being used to decide how to deliver to an address, Exim's routers
9b371988 1265are also used for &'address verification'&. Verification can be requested as
168e428f 1266one of the checks to be performed in an ACL for incoming messages, on both
9b371988
PH
1267sender and recipient addresses, and it can be tested using the &%-bv%& and
1268&%-bvs%& command line options.
168e428f 1269
9b371988 1270When an address is being verified, the routers are run in &"verify mode"&. This
168e428f
PH
1271does not affect the way the routers work, but it is a state that can be
1272detected. By this means, a router can be skipped or made to behave differently
1273when verifying. A common example is a configuration in which the first router
20f0f788 1274sends all messages to a message-scanning program unless they have been
168e428f 1275previously scanned. Thus, the first router accepts all addresses without any
9b371988 1276checking, making it useless for verifying. Normally, the &%no_verify%& option
168e428f
PH
1277would be set for such a router, causing it to be skipped in verify mode.
1278
1279
1280
1281
9b371988
PH
1282.section "Running an individual router" "SECTrunindrou"
1283.cindex "router" "running details"
1284.cindex "preconditions" "checking"
1285.cindex "router" "result of running"
168e428f
PH
1286As explained in the example above, a number of preconditions are checked before
1287running a router. If any are not met, the router is skipped, and the address is
9b371988 1288passed to the next router. When all the preconditions on a router &'are'& met,
168e428f
PH
1289the router is run. What happens next depends on the outcome, which is one of
1290the following:
1291
9b371988
PH
1292.ilist
1293&'accept'&: The router accepts the address, and either assigns it to a
20f0f788
HSHR
1294transport or generates one or more &"child"& addresses. Processing the
1295original address ceases
0a4e3112 1296.oindex "&%unseen%&"
9b371988 1297unless the &%unseen%& option is set on the router. This option
168e428f 1298can be used to set up multiple deliveries with different routing (for example,
9b371988
PH
1299for keeping archive copies of messages). When &%unseen%& is set, the address is
1300passed to the next router. Normally, however, an &'accept'& return marks the
168e428f 1301end of routing.
9b371988 1302
068aaea8
PH
1303Any child addresses generated by the router are processed independently,
1304starting with the first router by default. It is possible to change this by
9b371988
PH
1305setting the &%redirect_router%& option to specify which router to start at for
1306child addresses. Unlike &%pass_router%& (see below) the router specified by
1307&%redirect_router%& may be anywhere in the router configuration.
1308.next
1309&'pass'&: The router recognizes the address, but cannot handle it itself. It
20f0f788 1310requests that the address be passed to another router. By default, the address
168e428f 1311is passed to the next router, but this can be changed by setting the
9b371988 1312&%pass_router%& option. However, (unlike &%redirect_router%&) the named router
168e428f 1313must be below the current router (to avoid loops).
9b371988
PH
1314.next
1315&'decline'&: The router declines to accept the address because it does not
168e428f 1316recognize it at all. By default, the address is passed to the next router, but
9b371988
PH
1317this can be prevented by setting the &%no_more%& option. When &%no_more%& is
1318set, all the remaining routers are skipped. In effect, &%no_more%& converts
1319&'decline'& into &'fail'&.
1320.next
1321&'fail'&: The router determines that the address should fail, and queues it for
168e428f 1322the generation of a bounce message. There is no further processing of the
9b371988
PH
1323original address unless &%unseen%& is set on the router.
1324.next
1325&'defer'&: The router cannot handle the address at the present time. (A
068aaea8
PH
1326database may be offline, or a DNS lookup may have timed out.) No further
1327processing of the address happens in this delivery attempt. It is tried again
1328next time the message is considered for delivery.
9b371988
PH
1329.next
1330&'error'&: There is some error in the router (for example, a syntax error in
168e428f 1331its configuration). The action is as for defer.
9b371988 1332.endlist
168e428f
PH
1333
1334If an address reaches the end of the routers without having been accepted by
068aaea8 1335any of them, it is bounced as unrouteable. The default error message in this
9b371988
PH
1336situation is &"unrouteable address"&, but you can set your own message by
1337making use of the &%cannot_route_message%& option. This can be set for any
1338router; the value from the last router that &"saw"& the address is used.
168e428f
PH
1339
1340Sometimes while routing you want to fail a delivery when some conditions are
1341met but others are not, instead of passing the address on for further routing.
1342You can do this by having a second router that explicitly fails the delivery
9b371988 1343when the relevant conditions are met. The &(redirect)& router has a &"fail"&
168e428f
PH
1344facility for this purpose.
1345
1346
f89d2485 1347.section "Duplicate addresses" "SECID17"
9b371988 1348.cindex "case of local parts"
f89d2485 1349.cindex "address duplicate, discarding"
db9452a9 1350.cindex "duplicate addresses"
068aaea8 1351Once routing is complete, Exim scans the addresses that are assigned to local
20f0f788
HSHR
1352and remote transports and discards any duplicates that it finds. During this
1353check, local parts are treated case-sensitively. This happens only when
db9452a9 1354actually delivering a message; when testing routers with &%-bt%&, all the
3cb1b51e 1355routed addresses are shown.
db9452a9 1356
068aaea8 1357
168e428f 1358
9b371988 1359.section "Router preconditions" "SECTrouprecon"
f89d2485 1360.cindex "router" "preconditions, order of processing"
9b371988 1361.cindex "preconditions" "order of processing"
168e428f
PH
1362The preconditions that are tested for each router are listed below, in the
1363order in which they are tested. The individual configuration options are
9b371988 1364described in more detail in chapter &<<CHAProutergeneric>>&.
168e428f 1365
9b371988 1366.ilist
2b8d6aff 1367.cindex affix "router precondition"
9b371988 1368The &%local_part_prefix%& and &%local_part_suffix%& options can specify that
168e428f
PH
1369the local parts handled by the router may or must have certain prefixes and/or
1370suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
1371skipped. These conditions are tested first. When an affix is present, it is
1372removed from the local part before further processing, including the evaluation
1373of any other conditions.
9b371988
PH
1374.next
1375Routers can be designated for use only when not verifying an address, that is,
168e428f 1376only when routing it for delivery (or testing its delivery routing). If the
9b371988 1377&%verify%& option is set false, the router is skipped when Exim is verifying an
168e428f 1378address.
9b371988
PH
1379Setting the &%verify%& option actually sets two options, &%verify_sender%& and
1380&%verify_recipient%&, which independently control the use of the router for
168e428f
PH
1381sender and recipient verification. You can set these options directly if
1382you want a router to be used for only one type of verification.
6ece2e77 1383Note that cutthrough delivery is classed as a recipient verification for this purpose.
9b371988
PH
1384.next
1385If the &%address_test%& option is set false, the router is skipped when Exim is
1386run with the &%-bt%& option to test an address routing. This can be helpful
1387when the first router sends all new messages to a scanner of some sort; it
1388makes it possible to use &%-bt%& to test subsequent delivery routing without
1389having to simulate the effect of the scanner.
1390.next
1391Routers can be designated for use only when verifying an address, as
1392opposed to routing it for delivery. The &%verify_only%& option controls this.
6ece2e77 1393Again, cutthrough delivery counts as a verification.
9b371988
PH
1394.next
1395Individual routers can be explicitly skipped when running the routers to
1396check an address given in the SMTP EXPN command (see the &%expn%& option).
1397.next
1398If the &%domains%& option is set, the domain of the address must be in the set
068aaea8 1399of domains that it defines.
9b371988 1400.next
f89d2485
PH
1401.vindex "&$local_part_prefix$&"
1402.vindex "&$local_part$&"
1403.vindex "&$local_part_suffix$&"
2b8d6aff 1404.cindex affix "router precondition"
9b371988
PH
1405If the &%local_parts%& option is set, the local part of the address must be in
1406the set of local parts that it defines. If &%local_part_prefix%& or
1407&%local_part_suffix%& is in use, the prefix or suffix is removed from the local
168e428f 1408part before this check. If you want to do precondition tests on local parts
9b371988
PH
1409that include affixes, you can do so by using a &%condition%& option (see below)
1410that uses the variables &$local_part$&, &$local_part_prefix$&, and
1411&$local_part_suffix$& as necessary.
1412.next
f89d2485
PH
1413.vindex "&$local_user_uid$&"
1414.vindex "&$local_user_gid$&"
1415.vindex "&$home$&"
9b371988 1416If the &%check_local_user%& option is set, the local part must be the name of
068aaea8 1417an account on the local host. If this check succeeds, the uid and gid of the
9b371988
PH
1418local user are placed in &$local_user_uid$& and &$local_user_gid$& and the
1419user's home directory is placed in &$home$&; these values can be used in the
1420remaining preconditions.
1421.next
1422If the &%router_home_directory%& option is set, it is expanded at this point,
1423because it overrides the value of &$home$&. If this expansion were left till
1424later, the value of &$home$& as set by &%check_local_user%& would be used in
1425subsequent tests. Having two different values of &$home$& in the same router
168e428f 1426could lead to confusion.
9b371988
PH
1427.next
1428If the &%senders%& option is set, the envelope sender address must be in the
1429set of addresses that it defines.
1430.next
1431If the &%require_files%& option is set, the existence or non-existence of
168e428f 1432specified files is tested.
9b371988
PH
1433.next
1434.cindex "customizing" "precondition"
1435If the &%condition%& option is set, it is evaluated and tested. This option
1436uses an expanded string to allow you to set up your own custom preconditions.
1437Expanded strings are described in chapter &<<CHAPexpand>>&.
1438.endlist
168e428f 1439
168e428f 1440
9b371988
PH
1441Note that &%require_files%& comes near the end of the list, so you cannot use
1442it to check for the existence of a file in which to lookup up a domain, local
168e428f 1443part, or sender. However, as these options are all expanded, you can use the
9b371988
PH
1444&%exists%& expansion condition to make such tests within each condition. The
1445&%require_files%& option is intended for checking files that the router may be
168e428f 1446going to use internally, or which are needed by a specific transport (for
9b371988 1447example, &_.procmailrc_&).
168e428f
PH
1448
1449
1450
f89d2485 1451.section "Delivery in detail" "SECID18"
9b371988 1452.cindex "delivery" "in detail"
168e428f
PH
1453When a message is to be delivered, the sequence of events is as follows:
1454
9b371988
PH
1455.ilist
1456If a system-wide filter file is specified, the message is passed to it. The
168e428f
PH
1457filter may add recipients to the message, replace the recipients, discard the
1458message, cause a new message to be generated, or cause the message delivery to
1459fail. The format of the system filter file is the same as for Exim user filter
9b371988
PH
1460files, described in the separate document entitled &'Exim's interfaces to mail
1461filtering'&.
1462.cindex "Sieve filter" "not available for system filter"
1463(&*Note*&: Sieve cannot be used for system filter files.)
1464
1465Some additional features are available in system filters &-- see chapter
1466&<<CHAPsystemfilter>>& for details. Note that a message is passed to the system
168e428f
PH
1467filter only once per delivery attempt, however many recipients it has. However,
1468if there are several delivery attempts because one or more addresses could not
1469be immediately delivered, the system filter is run each time. The filter
9b371988 1470condition &%first_delivery%& can be used to detect the first run of the system
168e428f 1471filter.
9b371988 1472.next
20f0f788 1473Each recipient address is offered to each configured router, in turn, subject to
9b371988
PH
1474its preconditions, until one is able to handle it. If no router can handle the
1475address, that is, if they all decline, the address is failed. Because routers
1476can be targeted at particular domains, several locally handled domains can be
1477processed entirely independently of each other.
1478.next
1479.cindex "routing" "loops in"
1480.cindex "loop" "while routing"
1481A router that accepts an address may assign it to a local or a remote
1482transport. However, the transport is not run at this time. Instead, the address
1483is placed on a list for the particular transport, which will be run later.
068aaea8
PH
1484Alternatively, the router may generate one or more new addresses (typically
1485from alias, forward, or filter files). New addresses are fed back into this
1486process from the top, but in order to avoid loops, a router ignores any address
1487which has an identically-named ancestor that was processed by itself.
9b371988
PH
1488.next
1489When all the routing has been done, addresses that have been successfully
168e428f
PH
1490handled are passed to their assigned transports. When local transports are
1491doing real local deliveries, they handle only one address at a time, but if a
1492local transport is being used as a pseudo-remote transport (for example, to
1493collect batched SMTP messages for transmission by some other means) multiple
1494addresses can be handled. Remote transports can always handle more than one
1495address at a time, but can be configured not to do so, or to restrict multiple
1496addresses to the same domain.
9b371988
PH
1497.next
1498Each local delivery to a file or a pipe runs in a separate process under a
168e428f
PH
1499non-privileged uid, and these deliveries are run one at a time. Remote
1500deliveries also run in separate processes, normally under a uid that is private
9b371988 1501to Exim (&"the Exim user"&), but in this case, several remote deliveries can be
168e428f 1502run in parallel. The maximum number of simultaneous remote deliveries for any
9b371988 1503one message is set by the &%remote_max_parallel%& option.
168e428f
PH
1504The order in which deliveries are done is not defined, except that all local
1505deliveries happen before any remote deliveries.
9b371988
PH
1506.next
1507.cindex "queue runner"
168e428f
PH
1508When it encounters a local delivery during a queue run, Exim checks its retry
1509database to see if there has been a previous temporary delivery failure for the
1510address before running the local transport. If there was a previous failure,
1511Exim does not attempt a new delivery until the retry time for the address is
1512reached. However, this happens only for delivery attempts that are part of a
1513queue run. Local deliveries are always attempted when delivery immediately
1514follows message reception, even if retry times are set for them. This makes for
1515better behaviour if one particular message is causing problems (for example,
1516causing quota overflow, or provoking an error in a filter file).
9b371988
PH
1517.next
1518.cindex "delivery" "retry in remote transports"
168e428f
PH
1519Remote transports do their own retry handling, since an address may be
1520deliverable to one of a number of hosts, each of which may have a different
1521retry time. If there have been previous temporary failures and no host has
1522reached its retry time, no delivery is attempted, whether in a queue run or
9b371988
PH
1523not. See chapter &<<CHAPretry>>& for details of retry strategies.
1524.next
1525If there were any permanent errors, a bounce message is returned to an
168e428f
PH
1526appropriate address (the sender in the common case), with details of the error
1527for each failing address. Exim can be configured to send copies of bounce
1528messages to other addresses.
9b371988
PH
1529.next
1530.cindex "delivery" "deferral"
168e428f
PH
1531If one or more addresses suffered a temporary failure, the message is left on
1532the queue, to be tried again later. Delivery of these addresses is said to be
9b371988
PH
1533&'deferred'&.
1534.next
1535When all the recipient addresses have either been delivered or bounced,
168e428f
PH
1536handling of the message is complete. The spool files and message log are
1537deleted, though the message log can optionally be preserved if required.
9b371988 1538.endlist
168e428f
PH
1539
1540
1541
1542
f89d2485 1543.section "Retry mechanism" "SECID19"
9b371988
PH
1544.cindex "delivery" "retry mechanism"
1545.cindex "retry" "description of mechanism"
1546.cindex "queue runner"
168e428f
PH
1547Exim's mechanism for retrying messages that fail to get delivered at the first
1548attempt is the queue runner process. You must either run an Exim daemon that
9b371988 1549uses the &%-q%& option with a time interval to start queue runners at regular
20f0f788 1550intervals or use some other means (such as &'cron'&) to start them. If you do
168e428f 1551not arrange for queue runners to be run, messages that fail temporarily at the
20f0f788 1552first attempt will remain in your queue forever. A queue runner process works
068aaea8 1553its way through the queue, one message at a time, trying each delivery that has
168e428f
PH
1554passed its retry time.
1555You can run several queue runners at once.
1556
1557Exim uses a set of configured rules to determine when next to retry the failing
9b371988
PH
1558address (see chapter &<<CHAPretry>>&). These rules also specify when Exim
1559should give up trying to deliver to the address, at which point it generates a
1560bounce message. If no retry rules are set for a particular host, address, and
1561error combination, no retries are attempted, and temporary errors are treated
1562as permanent.
168e428f
PH
1563
1564
1565
f89d2485 1566.section "Temporary delivery failure" "SECID20"
9b371988 1567.cindex "delivery" "temporary failure"
168e428f
PH
1568There are many reasons why a message may not be immediately deliverable to a
1569particular address. Failure to connect to a remote machine (because it, or the
1570connection to it, is down) is one of the most common. Temporary failures may be
1571detected during routing as well as during the transport stage of delivery.
1572Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
1573is on a file system where the user is over quota. Exim can be configured to
1574impose its own quotas on local mailboxes; where system quotas are set they will
1575also apply.
1576
1577If a host is unreachable for a period of time, a number of messages may be
1578waiting for it by the time it recovers, and sending them in a single SMTP
1579connection is clearly beneficial. Whenever a delivery to a remote host is
1580deferred,
fa41615d 1581.cindex "hints database" "deferred deliveries"
168e428f
PH
1582Exim makes a note in its hints database, and whenever a successful
1583SMTP delivery has happened, it looks to see if any other messages are waiting
1584for the same host. If any are found, they are sent over the same SMTP
1585connection, subject to a configuration limit as to the maximum number in any
1586one connection.
168e428f
PH
1587
1588
1589
f89d2485 1590.section "Permanent delivery failure" "SECID21"
9b371988
PH
1591.cindex "delivery" "permanent failure"
1592.cindex "bounce message" "when generated"
168e428f
PH
1593When a message cannot be delivered to some or all of its intended recipients, a
1594bounce message is generated. Temporary delivery failures turn into permanent
1595errors when their timeout expires. All the addresses that fail in a given
1596delivery attempt are listed in a single message. If the original message has
1597many recipients, it is possible for some addresses to fail in one delivery
1598attempt and others to fail subsequently, giving rise to more than one bounce
1599message. The wording of bounce messages can be customized by the administrator.
9b371988 1600See chapter &<<CHAPemsgcust>>& for details.
168e428f 1601
9b371988
PH
1602.cindex "&'X-Failed-Recipients:'& header line"
1603Bounce messages contain an &'X-Failed-Recipients:'& header line that lists the
168e428f
PH
1604failed addresses, for the benefit of programs that try to analyse such messages
1605automatically.
1606
9b371988 1607.cindex "bounce message" "recipient of"
168e428f
PH
1608A bounce message is normally sent to the sender of the original message, as
1609obtained from the message's envelope. For incoming SMTP messages, this is the
9b371988
PH
1610address given in the MAIL command. However, when an address is expanded via a
1611forward or alias file, an alternative address can be specified for delivery
1612failures of the generated addresses. For a mailing list expansion (see section
1613&<<SECTmailinglists>>&) it is common to direct bounce messages to the manager
1614of the list.
168e428f
PH
1615
1616
1617
f89d2485 1618.section "Failures to deliver bounce messages" "SECID22"
9b371988 1619.cindex "bounce message" "failure to deliver"
168e428f 1620If a bounce message (either locally generated or received from a remote host)
20f0f788 1621itself suffers a permanent delivery failure, the message is left in the queue,
168e428f 1622but it is frozen, awaiting the attention of an administrator. There are options
068aaea8 1623that can be used to make Exim discard such failed messages, or to keep them
9b371988
PH
1624for only a short time (see &%timeout_frozen_after%& and
1625&%ignore_bounce_errors_after%&).
168e428f
PH
1626
1627
1628
1629
1630
9b371988
PH
1631. ////////////////////////////////////////////////////////////////////////////
1632. ////////////////////////////////////////////////////////////////////////////
168e428f 1633
f89d2485 1634.chapter "Building and installing Exim" "CHID3"
4f578862 1635.scindex IIDbuex "building Exim"
168e428f 1636
f89d2485
PH
1637.section "Unpacking" "SECID23"
1638Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
168e428f 1639creates a directory with the name of the current release (for example,
2aee48d6 1640&_exim-&version()_&) into which the following files are placed:
9b371988
PH
1641
1642.table2 140pt
f89d2485
PH
1643.irow &_ACKNOWLEDGMENTS_& "contains some acknowledgments"
1644.irow &_CHANGES_& "contains a reference to where changes are &&&
1645 documented"
1646.irow &_LICENCE_& "the GNU General Public Licence"
1647.irow &_Makefile_& "top-level make file"
1648.irow &_NOTICE_& "conditions for the use of Exim"
1649.irow &_README_& "list of files, directories and simple build &&&
1650 instructions"
9b371988
PH
1651.endtable
1652
1653Other files whose names begin with &_README_& may also be present. The
168e428f
PH
1654following subdirectories are created:
1655
9b371988 1656.table2 140pt
f89d2485
PH
1657.irow &_Local_& "an empty directory for local configuration files"
1658.irow &_OS_& "OS-specific files"
1659.irow &_doc_& "documentation files"
1660.irow &_exim_monitor_& "source files for the Exim monitor"
1661.irow &_scripts_& "scripts used in the build process"
1662.irow &_src_& "remaining source files"
1663.irow &_util_& "independent utilities"
9b371988
PH
1664.endtable
1665
20f0f788 1666The main utility programs are contained in the &_src_& directory and are built
9b371988 1667with the Exim binary. The &_util_& directory contains a few optional scripts
168e428f
PH
1668that may be useful to some sites.
1669
1670
f89d2485 1671.section "Multiple machine architectures and operating systems" "SECID24"
9b371988 1672.cindex "building Exim" "multiple OS/architectures"
168e428f
PH
1673The building process for Exim is arranged to make it easy to build binaries for
1674a number of different architectures and operating systems from the same set of
9b371988
PH
1675source files. Compilation does not take place in the &_src_& directory.
1676Instead, a &'build directory'& is created for each architecture and operating
1677system.
1678.cindex "symbolic link" "to build directory"
168e428f 1679Symbolic links to the sources are installed in this directory, which is where
9b371988
PH
1680the actual building takes place. In most cases, Exim can discover the machine
1681architecture and operating system for itself, but the defaults can be
1682overridden if necessary.
f2ed27cf
JH
1683.cindex compiler requirements
1684.cindex compiler version
1685A C99-capable compiler will be required for the build.
168e428f 1686
168e428f 1687
8473d4ee 1688.section "PCRE library" "SECTpcre"
210f147e
NM
1689.cindex "PCRE library"
1690Exim no longer has an embedded PCRE library as the vast majority of
20f0f788
HSHR
1691modern systems include PCRE as a system library, although you may need to
1692install the PCRE package or the PCRE development package for your operating
210f147e
NM
1693system. If your system has a normal PCRE installation the Exim build
1694process will need no further configuration. If the library or the
6a6084f8
PP
1695headers are in an unusual location you will need to either set the PCRE_LIBS
1696and INCLUDE directives appropriately,
1697or set PCRE_CONFIG=yes to use the installed &(pcre-config)& command.
1698If your operating system has no
210f147e
NM
1699PCRE support then you will need to obtain and build the current PCRE
1700from &url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/).
07738d61 1701More information on PCRE is available at &url(https://www.pcre.org/).
210f147e 1702
9b371988
PH
1703.section "DBM libraries" "SECTdb"
1704.cindex "DBM libraries" "discussion of"
1705.cindex "hints database" "DBM files used for"
168e428f
PH
1706Even if you do not use any DBM files in your configuration, Exim still needs a
1707DBM library in order to operate, because it uses indexed files for its hints
1708databases. Unfortunately, there are a number of DBM libraries in existence, and
1709different operating systems often have different ones installed.
1710
9b371988 1711.cindex "Solaris" "DBM library for"
f89d2485
PH
1712.cindex "IRIX, DBM library for"
1713.cindex "BSD, DBM library for"
1714.cindex "Linux, DBM library for"
168e428f
PH
1715If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
1716Linux distribution, the DBM configuration should happen automatically, and you
1717may be able to ignore this section. Otherwise, you may have to learn more than
1718you would like about DBM libraries from what follows.
1719
9b371988 1720.cindex "&'ndbm'& DBM library"
168e428f 1721Licensed versions of Unix normally contain a library of DBM functions operating
9b371988 1722via the &'ndbm'& interface, and this is what Exim expects by default. Free
168e428f
PH
1723versions of Unix seem to vary in what they contain as standard. In particular,
1724some early versions of Linux have no default DBM library, and different
1725distributors have chosen to bundle different libraries with their packaged
f89d2485 1726versions. However, the more recent releases seem to have standardized on the
168e428f
PH
1727Berkeley DB library.
1728
1729Different DBM libraries have different conventions for naming the files they
9b371988 1730use. When a program opens a file called &_dbmfile_&, there are several
168e428f
PH
1731possibilities:
1732
9b371988
PH
1733.olist
1734A traditional &'ndbm'& implementation, such as that supplied as part of
1735Solaris, operates on two files called &_dbmfile.dir_& and &_dbmfile.pag_&.
1736.next
1737.cindex "&'gdbm'& DBM library"
1738The GNU library, &'gdbm'&, operates on a single file. If used via its &'ndbm'&
168e428f 1739compatibility interface it makes two different hard links to it with names
9b371988 1740&_dbmfile.dir_& and &_dbmfile.pag_&, but if used via its native interface, the
20f0f788 1741filename is used unmodified.
9b371988
PH
1742.next
1743.cindex "Berkeley DB library"
1744The Berkeley DB package, if called via its &'ndbm'& compatibility interface,
1745operates on a single file called &_dbmfile.db_&, but otherwise looks to the
1746programmer exactly the same as the traditional &'ndbm'& implementation.
1747.next
1748If the Berkeley package is used in its native mode, it operates on a single
1749file called &_dbmfile_&; the programmer's interface is somewhat different to
1750the traditional &'ndbm'& interface.
1751.next
1752To complicate things further, there are several very different versions of the
168e428f 1753Berkeley DB package. Version 1.85 was stable for a very long time, releases
07738d61
PP
17542.&'x'& and 3.&'x'& were current for a while, but the latest versions when Exim last revamped support were numbered 4.&'x'&.
1755Maintenance of some of the earlier releases has ceased. All versions of
1756Berkeley DB could be obtained from
1757&url(http://www.sleepycat.com/), which is now a redirect to their new owner's
1758page with far newer versions listed.
1759It is probably wise to plan to move your storage configurations away from
1760Berkeley DB format, as today there are smaller and simpler alternatives more
1761suited to Exim's usage model.
9b371988
PH
1762.next
1763.cindex "&'tdb'& DBM library"
1764Yet another DBM library, called &'tdb'&, is available from
07738d61 1765&url(https://sourceforge.net/projects/tdb/files/). It has its own interface, and also
9b371988
PH
1766operates on a single file.
1767.endlist
1768
1769.cindex "USE_DB"
1770.cindex "DBM libraries" "configuration for building"
168e428f
PH
1771Exim and its utilities can be compiled to use any of these interfaces. In order
1772to use any version of the Berkeley DB package in native mode, you must set
1773USE_DB in an appropriate configuration file (typically
9b371988
PH
1774&_Local/Makefile_&). For example:
1775.code
1776USE_DB=yes
1777.endd
168e428f
PH
1778Similarly, for gdbm you set USE_GDBM, and for tdb you set USE_TDB. An
1779error is diagnosed if you set more than one of these.
1780
1781At the lowest level, the build-time configuration sets none of these options,
1782thereby assuming an interface of type (1). However, some operating system
1783configuration files (for example, those for the BSD operating systems and
1784Linux) assume type (4) by setting USE_DB as their default, and the
1785configuration files for Cygwin set USE_GDBM. Anything you set in
9b371988 1786&_Local/Makefile_&, however, overrides these system defaults.
168e428f
PH
1787
1788As well as setting USE_DB, USE_GDBM, or USE_TDB, it may also be
1789necessary to set DBMLIB, to cause inclusion of the appropriate library, as
1790in one of these lines:
9b371988
PH
1791.code
1792DBMLIB = -ldb
1793DBMLIB = -ltdb
1794.endd
168e428f
PH
1795Settings like that will work if the DBM library is installed in the standard
1796place. Sometimes it is not, and the library's header file may also not be in
1797the default path. You may need to set INCLUDE to specify where the header
1798file is, and to specify the path to the library more fully in DBMLIB, as in
1799this example:
9b371988
PH
1800.code
1801INCLUDE=-I/usr/local/include/db-4.1
1802DBMLIB=/usr/local/lib/db-4.1/libdb.a
1803.endd
168e428f 1804There is further detailed discussion about the various DBM libraries in the
9b371988 1805file &_doc/dbm.discuss.txt_& in the Exim distribution.
168e428f
PH
1806
1807
1808
f89d2485 1809.section "Pre-building configuration" "SECID25"
9b371988
PH
1810.cindex "building Exim" "pre-building configuration"
1811.cindex "configuration for building Exim"
1812.cindex "&_Local/Makefile_&"
1813.cindex "&_src/EDITME_&"
168e428f
PH
1814Before building Exim, a local configuration file that specifies options
1815independent of any operating system has to be created with the name
9b371988
PH
1816&_Local/Makefile_&. A template for this file is supplied as the file
1817&_src/EDITME_&, and it contains full descriptions of all the option settings
168e428f
PH
1818therein. These descriptions are therefore not repeated here. If you are
1819building Exim for the first time, the simplest thing to do is to copy
9b371988 1820&_src/EDITME_& to &_Local/Makefile_&, then read it and edit it appropriately.
168e428f
PH
1821
1822There are three settings that you must supply, because Exim will not build
20f0f788 1823without them. They are the location of the runtime configuration file
168e428f
PH
1824(CONFIGURE_FILE), the directory in which Exim binaries will be installed
1825(BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and
1826maybe EXIM_GROUP as well). The value of CONFIGURE_FILE can in fact be
20f0f788 1827a colon-separated list of filenames; Exim uses the first of them that exists.
168e428f
PH
1828
1829There are a few other parameters that can be specified either at build time or
20f0f788 1830at runtime, to enable the same binary to be used on a number of different
168e428f
PH
1831machines. However, if the locations of Exim's spool directory and log file
1832directory (if not within the spool directory) are fixed, it is recommended that
20f0f788 1833you specify them in &_Local/Makefile_& instead of at runtime, so that errors
168e428f
PH
1834detected early in Exim's execution (such as a malformed configuration file) can
1835be logged.
1836
9b371988 1837.cindex "content scanning" "specifying at build time"
068aaea8 1838Exim's interfaces for calling virus and spam scanning software directly from
168e428f
PH
1839access control lists are not compiled by default. If you want to include these
1840facilities, you need to set
9b371988
PH
1841.code
1842WITH_CONTENT_SCAN=yes
1843.endd
1844in your &_Local/Makefile_&. For details of the facilities themselves, see
1845chapter &<<CHAPexiscan>>&.
168e428f
PH
1846
1847
9b371988 1848.cindex "&_Local/eximon.conf_&"
3cb1b51e 1849.cindex "&_exim_monitor/EDITME_&"
168e428f 1850If you are going to build the Exim monitor, a similar configuration process is
9b371988
PH
1851required. The file &_exim_monitor/EDITME_& must be edited appropriately for
1852your installation and saved under the name &_Local/eximon.conf_&. If you are
1853happy with the default settings described in &_exim_monitor/EDITME_&,
1854&_Local/eximon.conf_& can be empty, but it must exist.
168e428f
PH
1855
1856This is all the configuration that is needed in straightforward cases for known
1857operating systems. However, the building process is set up so that it is easy
1858to override options that are set by default or by operating-system-specific
20f0f788 1859configuration files, for example, to change the C compiler, which
9b371988
PH
1860defaults to &%gcc%&. See section &<<SECToverride>>& below for details of how to
1861do this.
168e428f
PH
1862
1863
1864
f89d2485 1865.section "Support for iconv()" "SECID26"
9b371988
PH
1866.cindex "&[iconv()]& support"
1867.cindex "RFC 2047"
168e428f
PH
1868The contents of header lines in messages may be encoded according to the rules
1869described RFC 2047. This makes it possible to transmit characters that are not
1870in the ASCII character set, and to label them as being in a particular
9b371988 1871character set. When Exim is inspecting header lines by means of the &%$h_%&
168e428f 1872mechanism, it decodes them, and translates them into a specified character set
1459a03d 1873(default is set at build time). The translation is possible only if the operating system
9b371988
PH
1874supports the &[iconv()]& function.
1875
1876However, some of the operating systems that supply &[iconv()]& do not support
1877very many conversions. The GNU &%libiconv%& library (available from
07738d61 1878&url(https://www.gnu.org/software/libiconv/)) can be installed on such
9b371988
PH
1879systems to remedy this deficiency, as well as on systems that do not supply
1880&[iconv()]& at all. After installing &%libiconv%&, you should add
1881.code
1882HAVE_ICONV=yes
1883.endd
1884to your &_Local/Makefile_& and rebuild Exim.
1885
1886
1887
1888.section "Including TLS/SSL encryption support" "SECTinctlsssl"
1889.cindex "TLS" "including support for TLS"
1890.cindex "encryption" "including support for"
9b371988
PH
1891.cindex "OpenSSL" "building Exim with"
1892.cindex "GnuTLS" "building Exim with"
e98566e5
JH
1893Exim is usually built to support encrypted SMTP connections, using the STARTTLS
1894command as per RFC 2487. It can also support clients that expect to
168e428f 1895start a TLS session immediately on connection to a non-standard port (see the
9b371988 1896&%tls_on_connect_ports%& runtime option and the &%-tls-on-connect%& command
168e428f
PH
1897line option).
1898
1899If you want to build Exim with TLS support, you must first install either the
1900OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
1901implementing SSL.
1902
e98566e5
JH
1903If you do not want TLS support you should set
1904.code
1905DISABLE_TLS=yes
1906.endd
1907in &_Local/Makefile_&.
e98566e5 1908
168e428f 1909If OpenSSL is installed, you should set
9b371988 1910.code
e98566e5 1911USE_OPENSL=yes
9b371988
PH
1912TLS_LIBS=-lssl -lcrypto
1913.endd
1914in &_Local/Makefile_&. You may also need to specify the locations of the
168e428f 1915OpenSSL library and include files. For example:
9b371988 1916.code
0a54bc35 1917USE_OPENSSL=yes
9b371988
PH
1918TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
1919TLS_INCLUDE=-I/usr/local/openssl/include/
1920.endd
7e6a8985
PP
1921.cindex "pkg-config" "OpenSSL"
1922If you have &'pkg-config'& available, then instead you can just use:
1923.code
0a54bc35 1924USE_OPENSSL=yes
7e6a8985
PP
1925USE_OPENSSL_PC=openssl
1926.endd
9b371988 1927.cindex "USE_GNUTLS"
168e428f 1928If GnuTLS is installed, you should set
9b371988 1929.code
9b371988
PH
1930USE_GNUTLS=yes
1931TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
1932.endd
1933in &_Local/Makefile_&, and again you may need to specify the locations of the
168e428f 1934library and include files. For example:
9b371988 1935.code
9b371988
PH
1936USE_GNUTLS=yes
1937TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
1938TLS_INCLUDE=-I/usr/gnu/include
1939.endd
7e6a8985
PP
1940.cindex "pkg-config" "GnuTLS"
1941If you have &'pkg-config'& available, then instead you can just use:
1942.code
7e6a8985
PP
1943USE_GNUTLS=yes
1944USE_GNUTLS_PC=gnutls
1945.endd
7e6a8985 1946
168e428f 1947You do not need to set TLS_INCLUDE if the relevant directory is already
9b371988
PH
1948specified in INCLUDE. Details of how to configure Exim to make use of TLS are
1949given in chapter &<<CHAPTLS>>&.
168e428f
PH
1950
1951
1952
1953
b52ed2b3
NM
1954.section "Use of tcpwrappers" "SECID27"
1955
f89d2485 1956.cindex "tcpwrappers, building Exim to support"
9b371988 1957.cindex "USE_TCP_WRAPPERS"
5dc43717
JJ
1958.cindex "TCP_WRAPPERS_DAEMON_NAME"
1959.cindex "tcp_wrappers_daemon_name"
9b371988
PH
1960Exim can be linked with the &'tcpwrappers'& library in order to check incoming
1961SMTP calls using the &'tcpwrappers'& control files. This may be a convenient
168e428f 1962alternative to Exim's own checking facilities for installations that are
9b371988
PH
1963already making use of &'tcpwrappers'& for other purposes. To do this, you
1964should set USE_TCP_WRAPPERS in &_Local/Makefile_&, arrange for the file
1965&_tcpd.h_& to be available at compile time, and also ensure that the library
1966&_libwrap.a_& is available at link time, typically by including &%-lwrap%& in
1967EXTRALIBS_EXIM. For example, if &'tcpwrappers'& is installed in &_/usr/local_&,
1968you might have
1969.code
1970USE_TCP_WRAPPERS=yes
1971CFLAGS=-O -I/usr/local/include
1972EXTRALIBS_EXIM=-L/usr/local/lib -lwrap
1973.endd
5dc43717
JJ
1974in &_Local/Makefile_&. The daemon name to use in the &'tcpwrappers'& control
1975files is &"exim"&. For example, the line
9b371988
PH
1976.code
1977exim : LOCAL 192.168.1. .friendly.domain.example
1978.endd
1979in your &_/etc/hosts.allow_& file allows connections from the local host, from
1980the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&.
5dc43717
JJ
1981All other connections are denied. The daemon name used by &'tcpwrappers'&
1982can be changed at build time by setting TCP_WRAPPERS_DAEMON_NAME in
a543079f 1983&_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
5dc43717 1984configure file. Consult the &'tcpwrappers'& documentation for
168e428f 1985further details.
168e428f
PH
1986
1987
f89d2485 1988.section "Including support for IPv6" "SECID28"
9b371988 1989.cindex "IPv6" "including support for"
168e428f 1990Exim contains code for use on systems that have IPv6 support. Setting
9b371988 1991&`HAVE_IPV6=YES`& in &_Local/Makefile_& causes the IPv6 code to be included;
168e428f
PH
1992it may also be necessary to set IPV6_INCLUDE and IPV6_LIBS on systems
1993where the IPv6 support is not fully integrated into the normal include and
1994library files.
1995
1996Two different types of DNS record for handling IPv6 addresses have been
f89d2485 1997defined. AAAA records (analogous to A records for IPv4) are in use, and are
168e428f
PH
1998currently seen as the mainstream. Another record type called A6 was proposed
1999as better than AAAA because it had more flexibility. However, it was felt to be
badb25a9 2000over-complex, and its status was reduced to &"experimental"&.
badb25a9 2001Exim used to
cc00f4af
JH
2002have a compile option for including A6 record support but this has now been
2003withdrawn.
168e428f
PH
2004
2005
2006
0a349494
PP
2007.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
2008.cindex "lookup modules"
2009.cindex "dynamic modules"
2010.cindex ".so building"
2011On some platforms, Exim supports not compiling all lookup types directly into
2012the main binary, instead putting some into external modules which can be loaded
2013on demand.
2014This permits packagers to build Exim with support for lookups with extensive
2015library dependencies without requiring all users to install all of those
2016dependencies.
2017Most, but not all, lookup types can be built this way.
2018
2019Set &`LOOKUP_MODULE_DIR`& to the directory into which the modules will be
2020installed; Exim will only load modules from that directory, as a security
2021measure. You will need to set &`CFLAGS_DYNAMIC`& if not already defined
2022for your OS; see &_OS/Makefile-Linux_& for an example.
2023Some other requirements for adjusting &`EXTRALIBS`& may also be necessary,
2024see &_src/EDITME_& for details.
2025
2026Then, for each module to be loaded dynamically, define the relevant
2027&`LOOKUP_`&<&'lookup_type'&> flags to have the value "2" instead of "yes".
2028For example, this will build in lsearch but load sqlite and mysql support
2029on demand:
2030.code
2031LOOKUP_LSEARCH=yes
2032LOOKUP_SQLITE=2
2033LOOKUP_MYSQL=2
2034.endd
5d758a46 2035
0a349494 2036
f89d2485 2037.section "The building process" "SECID29"
9b371988
PH
2038.cindex "build directory"
2039Once &_Local/Makefile_& (and &_Local/eximon.conf_&, if required) have been
2040created, run &'make'& at the top level. It determines the architecture and
168e428f
PH
2041operating system types, and creates a build directory if one does not exist.
2042For example, on a Sun system running Solaris 8, the directory
9b371988
PH
2043&_build-SunOS5-5.8-sparc_& is created.
2044.cindex "symbolic link" "to source files"
168e428f
PH
2045Symbolic links to relevant source files are installed in the build directory.
2046
9b371988 2047If this is the first time &'make'& has been run, it calls a script that builds
168e428f 2048a make file inside the build directory, using the configuration files from the
9b371988
PH
2049&_Local_& directory. The new make file is then passed to another instance of
2050&'make'&. This does the real work, building a number of utility scripts, and
168e428f 2051then compiling and linking the binaries for the Exim monitor (if configured), a
9b371988
PH
2052number of utility programs, and finally Exim itself. The command &`make
2053makefile`& can be used to force a rebuild of the make file in the build
168e428f
PH
2054directory, should this ever be necessary.
2055
2056If you have problems building Exim, check for any comments there may be in the
9b371988 2057&_README_& file concerning your operating system, and also take a look at the
168e428f
PH
2058FAQ, where some common problems are covered.
2059
2060
2061
f89d2485 2062.section 'Output from &"make"&' "SECID283"
9b371988 2063The output produced by the &'make'& process for compile lines is often very
068aaea8
PH
2064unreadable, because these lines can be very long. For this reason, the normal
2065output is suppressed by default, and instead output similar to that which
2066appears when compiling the 2.6 Linux kernel is generated: just a short line for
2067each module that is being compiled or linked. However, it is still possible to
9b371988
PH
2068get the full output, by calling &'make'& like this:
2069.code
2070FULLECHO='' make -e
2071.endd
2072The value of FULLECHO defaults to &"@"&, the flag character that suppresses
2073command reflection in &'make'&. When you ask for the full output, it is
3cb1b51e 2074given in addition to the short output.
068aaea8
PH
2075
2076
2077
9b371988 2078.section "Overriding build-time options for Exim" "SECToverride"
f89d2485 2079.cindex "build-time options, overriding"
168e428f
PH
2080The main make file that is created at the beginning of the building process
2081consists of the concatenation of a number of files which set configuration
9b371988 2082values, followed by a fixed set of &'make'& instructions. If a value is set
168e428f
PH
2083more than once, the last setting overrides any previous ones. This provides a
2084convenient way of overriding defaults. The files that are concatenated are, in
2085order:
9b371988
PH
2086.display
2087&_OS/Makefile-Default_&
2088&_OS/Makefile-_&<&'ostype'&>
2089&_Local/Makefile_&
2090&_Local/Makefile-_&<&'ostype'&>
2091&_Local/Makefile-_&<&'archtype'&>
2092&_Local/Makefile-_&<&'ostype'&>-<&'archtype'&>
2093&_OS/Makefile-Base_&
2094.endd
2095.cindex "&_Local/Makefile_&"
2096.cindex "building Exim" "operating system type"
2097.cindex "building Exim" "architecture type"
2098where <&'ostype'&> is the operating system type and <&'archtype'&> is the
2099architecture type. &_Local/Makefile_& is required to exist, and the building
2100process fails if it is absent. The other three &_Local_& files are optional,
168e428f
PH
2101and are often not needed.
2102
9b371988
PH
2103The values used for <&'ostype'&> and <&'archtype'&> are obtained from scripts
2104called &_scripts/os-type_& and &_scripts/arch-type_& respectively. If either of
168e428f
PH
2105the environment variables EXIM_OSTYPE or EXIM_ARCHTYPE is set, their
2106values are used, thereby providing a means of forcing particular settings.
9b371988 2107Otherwise, the scripts try to get values from the &%uname%& command. If this
168e428f 2108fails, the shell variables OSTYPE and ARCHTYPE are inspected. A number
9b371988 2109of &'ad hoc'& transformations are then applied, to produce the standard names
168e428f
PH
2110that Exim expects. You can run these scripts directly from the shell in order
2111to find out what values are being used on your system.
2112
2113
9b371988 2114&_OS/Makefile-Default_& contains comments about the variables that are set
168e428f
PH
2115therein. Some (but not all) are mentioned below. If there is something that
2116needs changing, review the contents of this file and the contents of the make
9b371988 2117file for your operating system (&_OS/Makefile-<ostype>_&) to see what the
168e428f
PH
2118default values are.
2119
2120
9b371988
PH
2121.cindex "building Exim" "overriding default settings"
2122If you need to change any of the values that are set in &_OS/Makefile-Default_&
2123or in &_OS/Makefile-<ostype>_&, or to add any new definitions, you do not
168e428f 2124need to change the original files. Instead, you should make the changes by
9b371988
PH
2125putting the new values in an appropriate &_Local_& file. For example,
2126.cindex "Tru64-Unix build-time settings"
168e428f
PH
2127when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
2128formerly DEC-OSF1) operating system, it is necessary to specify that the C
9b371988
PH
2129compiler is called &'cc'& rather than &'gcc'&. Also, the compiler must be
2130called with the option &%-std1%&, to make it recognize some of the features of
168e428f 2131Standard C that Exim uses. (Most other compilers recognize Standard C by
9b371988 2132default.) To do this, you should create a file called &_Local/Makefile-OSF1_&
168e428f 2133containing the lines
9b371988
PH
2134.code
2135CC=cc
2136CFLAGS=-std1
2137.endd
168e428f 2138If you are compiling for just one operating system, it may be easier to put
9b371988 2139these lines directly into &_Local/Makefile_&.
168e428f
PH
2140
2141Keeping all your local configuration settings separate from the distributed
2142files makes it easy to transfer them to new versions of Exim simply by copying
9b371988 2143the contents of the &_Local_& directory.
168e428f
PH
2144
2145
9b371988
PH
2146.cindex "NIS lookup type" "including support for"
2147.cindex "NIS+ lookup type" "including support for"
2148.cindex "LDAP" "including support for"
2149.cindex "lookup" "inclusion in binary"
168e428f
PH
2150Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
2151lookup, but not all systems have these components installed, so the default is
2152not to include the relevant code in the binary. All the different kinds of file
2153and database lookup that Exim supports are implemented as separate code modules
2154which are included only if the relevant compile-time options are set. In the
9b371988
PH
2155case of LDAP, NIS, and NIS+, the settings for &_Local/Makefile_& are:
2156.code
2157LOOKUP_LDAP=yes
2158LOOKUP_NIS=yes
2159LOOKUP_NISPLUS=yes
2160.endd
168e428f 2161and similar settings apply to the other lookup types. They are all listed in
9b371988 2162&_src/EDITME_&. In many cases the relevant include files and interface
168e428f 2163libraries need to be installed before compiling Exim.
9b371988 2164.cindex "cdb" "including support for"
068aaea8
PH
2165However, there are some optional lookup types (such as cdb) for which
2166the code is entirely contained within Exim, and no external include
168e428f 2167files or libraries are required. When a lookup type is not included in the
20f0f788 2168binary, attempts to configure Exim to use it cause runtime configuration
168e428f
PH
2169errors.
2170
7e6a8985
PP
2171.cindex "pkg-config" "lookups"
2172.cindex "pkg-config" "authenticators"
252e0c7b
PP
2173Many systems now use a tool called &'pkg-config'& to encapsulate information
2174about how to compile against a library; Exim has some initial support for
2175being able to use pkg-config for lookups and authenticators. For any given
2176makefile variable which starts &`LOOKUP_`& or &`AUTH_`&, you can add a new
2177variable with the &`_PC`& suffix in the name and assign as the value the
2178name of the package to be queried. The results of querying via the
2179&'pkg-config'& command will be added to the appropriate Makefile variables
2180with &`+=`& directives, so your version of &'make'& will need to support that
2181syntax. For instance:
2182.code
2183LOOKUP_SQLITE=yes
2184LOOKUP_SQLITE_PC=sqlite3
2185AUTH_GSASL=yes
2186AUTH_GSASL_PC=libgsasl
2187AUTH_HEIMDAL_GSSAPI=yes
2188AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi
2189.endd
252e0c7b 2190
9b371988 2191.cindex "Perl" "including support for"
168e428f
PH
2192Exim can be linked with an embedded Perl interpreter, allowing Perl
2193subroutines to be called during string expansion. To enable this facility,
9b371988
PH
2194.code
2195EXIM_PERL=perl.o
2196.endd
2197must be defined in &_Local/Makefile_&. Details of this facility are given in
2198chapter &<<CHAPperl>>&.
168e428f 2199
f89d2485 2200.cindex "X11 libraries, location of"
168e428f 2201The location of the X11 libraries is something that varies a lot between
068aaea8 2202operating systems, and there may be different versions of X11 to cope
168e428f
PH
2203with. Exim itself makes no use of X11, but if you are compiling the Exim
2204monitor, the X11 libraries must be available.
9b371988
PH
2205The following three variables are set in &_OS/Makefile-Default_&:
2206.code
2207X11=/usr/X11R6
2208XINCLUDE=-I$(X11)/include
2209XLFLAGS=-L$(X11)/lib
2210.endd
168e428f 2211These are overridden in some of the operating-system configuration files. For
9b371988
PH
2212example, in &_OS/Makefile-SunOS5_& there is
2213.code
2214X11=/usr/openwin
2215XINCLUDE=-I$(X11)/include
2216XLFLAGS=-L$(X11)/lib -R$(X11)/lib
2217.endd
168e428f
PH
2218If you need to override the default setting for your operating system, place a
2219definition of all three of these variables into your
9b371988 2220&_Local/Makefile-<ostype>_& file.
168e428f 2221
9b371988 2222.cindex "EXTRALIBS"
168e428f
PH
2223If you need to add any extra libraries to the link steps, these can be put in a
2224variable called EXTRALIBS, which appears in all the link commands, but by
2225default is not defined. In contrast, EXTRALIBS_EXIM is used only on the
2226command for linking the main Exim binary, and not for any associated utilities.
2227
9b371988 2228.cindex "DBM libraries" "configuration for building"
168e428f 2229There is also DBMLIB, which appears in the link commands for binaries that
9b371988 2230use DBM functions (see also section &<<SECTdb>>&). Finally, there is
168e428f
PH
2231EXTRALIBS_EXIMON, which appears only in the link step for the Exim monitor
2232binary, and which can be used, for example, to include additional X11
2233libraries.
2234
9b371988 2235.cindex "configuration file" "editing"
168e428f
PH
2236The make file copes with rebuilding Exim correctly if any of the configuration
2237files are edited. However, if an optional configuration file is deleted, it is
9b371988
PH
2238necessary to touch the associated non-optional file (that is,
2239&_Local/Makefile_& or &_Local/eximon.conf_&) before rebuilding.
168e428f
PH
2240
2241
f89d2485 2242.section "OS-specific header files" "SECID30"
9b371988
PH
2243.cindex "&_os.h_&"
2244.cindex "building Exim" "OS-specific C header files"
2245The &_OS_& directory contains a number of files with names of the form
2246&_os.h-<ostype>_&. These are system-specific C header files that should not
168e428f 2247normally need to be changed. There is a list of macro settings that are
9b371988 2248recognized in the file &_OS/os.configuring_&, which should be consulted if you
168e428f
PH
2249are porting Exim to a new operating system.
2250
2251
2252
f89d2485
PH
2253.section "Overriding build-time options for the monitor" "SECID31"
2254.cindex "building Eximon"
168e428f
PH
2255A similar process is used for overriding things when building the Exim monitor,
2256where the files that are involved are
9b371988
PH
2257.display
2258&_OS/eximon.conf-Default_&
2259&_OS/eximon.conf-_&<&'ostype'&>
2260&_Local/eximon.conf_&
2261&_Local/eximon.conf-_&<&'ostype'&>
2262&_Local/eximon.conf-_&<&'archtype'&>
2263&_Local/eximon.conf-_&<&'ostype'&>-<&'archtype'&>
2264.endd
2265.cindex "&_Local/eximon.conf_&"
168e428f 2266As with Exim itself, the final three files need not exist, and in this case the
9b371988
PH
2267&_OS/eximon.conf-<ostype>_& file is also optional. The default values in
2268&_OS/eximon.conf-Default_& can be overridden dynamically by setting environment
168e428f
PH
2269variables of the same name, preceded by EXIMON_. For example, setting
2270EXIMON_LOG_DEPTH in the environment overrides the value of
20f0f788 2271LOG_DEPTH at runtime.
4f578862 2272.ecindex IIDbuex
168e428f
PH
2273
2274
f89d2485 2275.section "Installing Exim binaries and scripts" "SECID32"
9b371988
PH
2276.cindex "installing Exim"
2277.cindex "BIN_DIRECTORY"
2278The command &`make install`& runs the &(exim_install)& script with no
2279arguments. The script copies binaries and utility scripts into the directory
2280whose name is specified by the BIN_DIRECTORY setting in &_Local/Makefile_&.
2281.cindex "setuid" "installing Exim with"
068aaea8
PH
2282The install script copies files only if they are newer than the files they are
2283going to replace. The Exim binary is required to be owned by root and have the
9b371988
PH
2284&'setuid'& bit set, for normal configurations. Therefore, you must run &`make
2285install`& as root so that it can set up the Exim binary in this way. However, in
068aaea8
PH
2286some special situations (for example, if a host is doing no local deliveries)
2287it may be possible to run Exim without making the binary setuid root (see
9b371988 2288chapter &<<CHAPsecurity>>& for details).
168e428f 2289
9b371988 2290.cindex "CONFIGURE_FILE"
20f0f788 2291Exim's runtime configuration file is named by the CONFIGURE_FILE setting
9b371988
PH
2292in &_Local/Makefile_&. If this names a single file, and the file does not
2293exist, the default configuration file &_src/configure.default_& is copied there
20f0f788 2294by the installation script. If a runtime configuration file already exists, it
168e428f
PH
2295is left alone. If CONFIGURE_FILE is a colon-separated list, naming several
2296alternative files, no default is installed.
2297
9b371988
PH
2298.cindex "system aliases file"
2299.cindex "&_/etc/aliases_&"
168e428f
PH
2300One change is made to the default configuration file when it is installed: the
2301default configuration contains a router that references a system aliases file.
2302The path to this file is set to the value specified by
9b371988 2303SYSTEM_ALIASES_FILE in &_Local/Makefile_& (&_/etc/aliases_& by default).
168e428f
PH
2304If the system aliases file does not exist, the installation script creates it,
2305and outputs a comment to the user.
2306
2307The created file contains no aliases, but it does contain comments about the
2308aliases a site should normally have. Mail aliases have traditionally been
9b371988
PH
2309kept in &_/etc/aliases_&. However, some operating systems are now using
2310&_/etc/mail/aliases_&. You should check if yours is one of these, and change
168e428f
PH
2311Exim's configuration if necessary.
2312
2313The default configuration uses the local host's name as the only local domain,
9b371988
PH
2314and is set up to do local deliveries into the shared directory &_/var/mail_&,
2315running as the local user. System aliases and &_.forward_& files in users' home
168e428f
PH
2316directories are supported, but no NIS or NIS+ support is configured. Domains
2317other than the name of the local host are routed using the DNS, with delivery
2318over SMTP.
2319
168e428f
PH
2320It is possible to install Exim for special purposes (such as building a binary
2321distribution) in a private part of the file system. You can do this by a
2322command such as
9b371988
PH
2323.code
2324make DESTDIR=/some/directory/ install
2325.endd
168e428f
PH
2326This has the effect of pre-pending the specified directory to all the file
2327paths, except the name of the system aliases file that appears in the default
9b371988 2328configuration. (If a default alias file is created, its name &'is'& modified.)
168e428f
PH
2329For backwards compatibility, ROOT is used if DESTDIR is not set,
2330but this usage is deprecated.
2331
9b371988
PH
2332.cindex "installing Exim" "what is not installed"
2333Running &'make install'& does not copy the Exim 4 conversion script
40df1be3
TF
2334&'convert4r4'&. You will probably run this only once if you are
2335upgrading from Exim 3. None of the documentation files in the &_doc_&
168e428f 2336directory are copied, except for the info files when you have set
9b371988 2337INFO_DIRECTORY, as described in section &<<SECTinsinfdoc>>& below.
168e428f 2338
9b371988 2339For the utility programs, old versions are renamed by adding the suffix &_.O_&
168e428f
PH
2340to their names. The Exim binary itself, however, is handled differently. It is
2341installed under a name that includes the version number and the compile number,
20f0f788 2342for example, &_exim-&version()-1_&. The script then arranges for a symbolic link
9b371988
PH
2343called &_exim_& to point to the binary. If you are updating a previous version
2344of Exim, the script takes care to ensure that the name &_exim_& is never absent
168e428f
PH
2345from the directory (as seen by other processes).
2346
9b371988
PH
2347.cindex "installing Exim" "testing the script"
2348If you want to see what the &'make install'& will do before running it for
2349real, you can pass the &%-n%& option to the installation script by this
2350command:
2351.code
2352make INSTALL_ARG=-n install
2353.endd
168e428f
PH
2354The contents of the variable INSTALL_ARG are passed to the installation
2355script. You do not need to be root to run this test. Alternatively, you can run
2356the installation script directly, but this must be from within the build
2357directory. For example, from the top-level Exim directory you could use this
2358command:
9b371988
PH
2359.code
2360(cd build-SunOS5-5.5.1-sparc; ../scripts/exim_install -n)
2361.endd
2362.cindex "installing Exim" "install script options"
168e428f
PH
2363There are two other options that can be supplied to the installation script.
2364
9b371988
PH
2365.ilist
2366&%-no_chown%& bypasses the call to change the owner of the installed binary
168e428f 2367to root, and the call to make it a setuid binary.
9b371988
PH
2368.next
2369&%-no_symlink%& bypasses the setting up of the symbolic link &_exim_& to the
168e428f 2370installed binary.
9b371988 2371.endlist
168e428f
PH
2372
2373INSTALL_ARG can be used to pass these options to the script. For example:
9b371988
PH
2374.code
2375make INSTALL_ARG=-no_symlink install
2376.endd
168e428f
PH
2377The installation script can also be given arguments specifying which files are
2378to be copied. For example, to install just the Exim binary, and nothing else,
2379without creating the symbolic link, you could use:
9b371988
PH
2380.code
2381make INSTALL_ARG='-no_symlink exim' install
2382.endd
168e428f
PH
2383
2384
2385
9b371988
PH
2386.section "Installing info documentation" "SECTinsinfdoc"
2387.cindex "installing Exim" "&'info'& documentation"
2388Not all systems use the GNU &'info'& system for documentation, and for this
168e428f 2389reason, the Texinfo source of Exim's documentation is not included in the main
20f0f788 2390distribution. Instead it is available separately from the FTP site (see section
9b371988 2391&<<SECTavail>>&).
168e428f 2392
9b371988
PH
2393If you have defined INFO_DIRECTORY in &_Local/Makefile_& and the Texinfo
2394source of the documentation is found in the source tree, running &`make
2395install`& automatically builds the info files and installs them.
168e428f
PH
2396
2397
2398
f89d2485 2399.section "Setting up the spool directory" "SECID33"
9b371988 2400.cindex "spool directory" "creating"
168e428f
PH
2401When it starts up, Exim tries to create its spool directory if it does not
2402exist. The Exim uid and gid are used for the owner and group of the spool
2403directory. Sub-directories are automatically created in the spool directory as
2404necessary.
2405
2406
2407
2408
f89d2485 2409.section "Testing" "SECID34"
9b371988 2410.cindex "testing" "installation"
20f0f788 2411Having installed Exim, you can check that the runtime configuration file is
168e428f
PH
2412syntactically valid by running the following command, which assumes that the
2413Exim binary directory is within your PATH environment variable:
9b371988
PH
2414.code
2415exim -bV
2416.endd
168e428f
PH
2417If there are any errors in the configuration file, Exim outputs error messages.
2418Otherwise it outputs the version number and build date,
2419the DBM library that is being used, and information about which drivers and
2420other optional code modules are included in the binary.
2421Some simple routing tests can be done by using the address testing option. For
2422example,
9b371988
PH
2423.display
2424&`exim -bt`& <&'local username'&>
2425.endd
168e428f 2426should verify that it recognizes a local mailbox, and
9b371988
PH
2427.display
2428&`exim -bt`& <&'remote address'&>
2429.endd
168e428f
PH
2430a remote one. Then try getting it to deliver mail, both locally and remotely.
2431This can be done by passing messages directly to Exim, without going through a
2432user agent. For example:
9b371988 2433.code
068aaea8
PH
2434exim -v postmaster@your.domain.example
2435From: user@your.domain.example
2436To: postmaster@your.domain.example
2437Subject: Testing Exim
168e428f 2438
068aaea8
PH
2439This is a test message.
2440^D
9b371988
PH
2441.endd
2442The &%-v%& option causes Exim to output some verification of what it is doing.
168e428f 2443In this case you should see copies of three log lines, one for the message's
9b371988 2444arrival, one for its delivery, and one containing &"Completed"&.
168e428f 2445
9b371988
PH
2446.cindex "delivery" "problems with"
2447If you encounter problems, look at Exim's log files (&'mainlog'& and
2448&'paniclog'&) to see if there is any relevant information there. Another source
168e428f 2449of information is running Exim with debugging turned on, by specifying the
9b371988 2450&%-d%& option. If a message is stuck on Exim's spool, you can force a delivery
168e428f 2451with debugging turned on by a command of the form
9b371988
PH
2452.display
2453&`exim -d -M`& <&'exim-message-id'&>
2454.endd
2455You must be root or an &"admin user"& in order to do this. The &%-d%& option
168e428f 2456produces rather a lot of output, but you can cut this down to specific areas.
9b371988
PH
2457For example, if you use &%-d-all+route%& only the debugging information
2458relevant to routing is included. (See the &%-d%& option in chapter
2459&<<CHAPcommandline>>& for more details.)
168e428f 2460
9b371988
PH
2461.cindex '&"sticky"& bit'
2462.cindex "lock files"
168e428f
PH
2463One specific problem that has shown up on some sites is the inability to do
2464local deliveries into a shared mailbox directory, because it does not have the
9b371988 2465&"sticky bit"& set on it. By default, Exim tries to create a lock file before
168e428f 2466writing to a mailbox file, and if it cannot create the lock file, the delivery
9b371988 2467is deferred. You can get round this either by setting the &"sticky bit"& on the
168e428f
PH
2468directory, or by setting a specific group for local deliveries and allowing
2469that group to create files in the directory (see the comments above the
9b371988 2470&(local_delivery)& transport in the default configuration file). Another
168e428f 2471approach is to configure Exim not to use lock files, but just to rely on
9b371988
PH
2472&[fcntl()]& locking instead. However, you should do this only if all user
2473agents also use &[fcntl()]& locking. For further discussion of locking issues,
2474see chapter &<<CHAPappendfile>>&.
168e428f
PH
2475
2476One thing that cannot be tested on a system that is already running an MTA is
2477the receipt of incoming SMTP mail on the standard SMTP port. However, the
9b371988
PH
2478&%-oX%& option can be used to run an Exim daemon that listens on some other
2479port, or &'inetd'& can be used to do this. The &%-bh%& option and the
2480&'exim_checkaccess'& utility can be used to check out policy controls on
168e428f
PH
2481incoming SMTP mail.
2482
2483Testing a new version on a system that is already running Exim can most easily
2484be done by building a binary with a different CONFIGURE_FILE setting. From
20f0f788 2485within the runtime configuration, all other file and directory names
168e428f
PH
2486that Exim uses can be altered, in order to keep it entirely clear of the
2487production version.
2488
2489
f89d2485 2490.section "Replacing another MTA with Exim" "SECID35"
9b371988 2491.cindex "replacing another MTA"
168e428f
PH
2492Building and installing Exim for the first time does not of itself put it in
2493general use. The name by which the system's MTA is called by mail user agents
9b371988
PH
2494is either &_/usr/sbin/sendmail_&, or &_/usr/lib/sendmail_& (depending on the
2495operating system), and it is necessary to make this name point to the &'exim'&
168e428f 2496binary in order to get the user agents to pass messages to Exim. This is
9b371988
PH
2497normally done by renaming any existing file and making &_/usr/sbin/sendmail_&
2498or &_/usr/lib/sendmail_&
2499.cindex "symbolic link" "to &'exim'& binary"
2500a symbolic link to the &'exim'& binary. It is a good idea to remove any setuid
168e428f
PH
2501privilege and executable status from the old MTA. It is then necessary to stop
2502and restart the mailer daemon, if one is running.
2503
f89d2485 2504.cindex "FreeBSD, MTA indirection"
9b371988 2505.cindex "&_/etc/mail/mailer.conf_&"
168e428f
PH
2506Some operating systems have introduced alternative ways of switching MTAs. For
2507example, if you are running FreeBSD, you need to edit the file
9b371988 2508&_/etc/mail/mailer.conf_& instead of setting up a symbolic link as just
168e428f
PH
2509described. A typical example of the contents of this file for running Exim is
2510as follows:
9b371988
PH
2511.code
2512sendmail /usr/exim/bin/exim
2513send-mail /usr/exim/bin/exim
2514mailq /usr/exim/bin/exim -bp
2515newaliases /usr/bin/true
2516.endd
2517Once you have set up the symbolic link, or edited &_/etc/mail/mailer.conf_&,
2518your Exim installation is &"live"&. Check it by sending a message from your
168e428f
PH
2519favourite user agent.
2520
2521You should consider what to tell your users about the change of MTA. Exim may
2522have different capabilities to what was previously running, and there are
2523various operational differences such as the text of messages produced by
2524command line options and in bounce messages. If you allow your users to make
2525use of Exim's filtering capabilities, you should make the document entitled
9b371988 2526&'Exim's interface to mail filtering'& available to them.
168e428f
PH
2527
2528
2529
f89d2485 2530.section "Upgrading Exim" "SECID36"
9b371988 2531.cindex "upgrading Exim"
168e428f
PH
2532If you are already running Exim on your host, building and installing a new
2533version automatically makes it available to MUAs, or any other programs that
2534call the MTA directly. However, if you are running an Exim daemon, you do need
49692970
JH
2535.cindex restart "on HUP signal"
2536.cindex signal "HUP, to restart"
9b371988
PH
2537to send it a HUP signal, to make it re-execute itself, and thereby pick up the
2538new binary. You do not need to stop processing mail in order to install a new
068aaea8
PH
2539version of Exim. The install script does not modify an existing runtime
2540configuration file.
2541
168e428f
PH
2542
2543
2544
f89d2485 2545.section "Stopping the Exim daemon on Solaris" "SECID37"
9b371988 2546.cindex "Solaris" "stopping Exim on"
168e428f 2547The standard command for stopping the mailer daemon on Solaris is
9b371988
PH
2548.code
2549/etc/init.d/sendmail stop
2550.endd
2551If &_/usr/lib/sendmail_& has been turned into a symbolic link, this script
2552fails to stop Exim because it uses the command &'ps -e'& and greps the output
2553for the text &"sendmail"&; this is not present because the actual program name
2554(that is, &"exim"&) is given by the &'ps'& command with these options. A
2555solution is to replace the line that finds the process id with something like
2556.code
2557pid=`cat /var/spool/exim/exim-daemon.pid`
2558.endd
168e428f
PH
2559to obtain the daemon's pid directly from the file that Exim saves it in.
2560
9b371988 2561Note, however, that stopping the daemon does not &"stop Exim"&. Messages can
168e428f
PH
2562still be received from local processes, and if automatic delivery is configured
2563(the normal case), deliveries will still occur.
2564
2565
2566
2567
9b371988
PH
2568. ////////////////////////////////////////////////////////////////////////////
2569. ////////////////////////////////////////////////////////////////////////////
168e428f 2570
9b371988 2571.chapter "The Exim command line" "CHAPcommandline"
4f578862
PH
2572.scindex IIDclo1 "command line" "options"
2573.scindex IIDclo2 "options" "command line"
168e428f
PH
2574Exim's command line takes the standard Unix form of a sequence of options,
2575each starting with a hyphen character, followed by a number of arguments. The
2576options are compatible with the main options of Sendmail, and there are also
2577some additional options, some of which are compatible with Smail 3. Certain
2578combinations of options do not make sense, and provoke an error if used.
2579The form of the arguments depends on which options are set.
2580
2581
f89d2485 2582.section "Setting options by program name" "SECID38"
9b371988
PH
2583.cindex "&'mailq'&"
2584If Exim is called under the name &'mailq'&, it behaves as if the option &%-bp%&
168e428f 2585were present before any other options.
9b371988 2586The &%-bp%& option requests a listing of the contents of the mail queue on the
168e428f
PH
2587standard output.
2588This feature is for compatibility with some systems that contain a command of
2589that name in one of the standard libraries, symbolically linked to
9b371988
PH
2590&_/usr/sbin/sendmail_& or &_/usr/lib/sendmail_&.
2591
2592.cindex "&'rsmtp'&"
2593If Exim is called under the name &'rsmtp'& it behaves as if the option &%-bS%&
2594were present before any other options, for compatibility with Smail. The
2595&%-bS%& option is used for reading in a number of messages in batched SMTP
2596format.
2597
2598.cindex "&'rmail'&"
2599If Exim is called under the name &'rmail'& it behaves as if the &%-i%& and
2600&%-oee%& options were present before any other options, for compatibility with
2601Smail. The name &'rmail'& is used as an interface by some UUCP systems.
2602
2603.cindex "&'runq'&"
2604.cindex "queue runner"
2605If Exim is called under the name &'runq'& it behaves as if the option &%-q%&
2606were present before any other options, for compatibility with Smail. The &%-q%&
168e428f
PH
2607option causes a single queue runner process to be started.
2608
9b371988
PH
2609.cindex "&'newaliases'&"
2610.cindex "alias file" "building"
2611.cindex "Sendmail compatibility" "calling Exim as &'newaliases'&"
2612If Exim is called under the name &'newaliases'& it behaves as if the option
2613&%-bi%& were present before any other options, for compatibility with Sendmail.
168e428f
PH
2614This option is used for rebuilding Sendmail's alias file. Exim does not have
2615the concept of a single alias file, but can be configured to run a given
9b371988 2616command if called with the &%-bi%& option.
168e428f
PH
2617
2618
9b371988
PH
2619.section "Trusted and admin users" "SECTtrustedadmin"
2620Some Exim options are available only to &'trusted users'& and others are
2621available only to &'admin users'&. In the description below, the phrases &"Exim
2622user"& and &"Exim group"& mean the user and group defined by EXIM_USER and
2623EXIM_GROUP in &_Local/Makefile_& or set by the &%exim_user%& and
2624&%exim_group%& options. These do not necessarily have to use the name &"exim"&.
168e428f 2625
9b371988 2626.ilist
f89d2485 2627.cindex "trusted users" "definition of"
9b371988 2628.cindex "user" "trusted definition of"
168e428f 2629The trusted users are root, the Exim user, any user listed in the
9b371988
PH
2630&%trusted_users%& configuration option, and any user whose current group or any
2631supplementary group is one of those listed in the &%trusted_groups%&
168e428f 2632configuration option. Note that the Exim group is not automatically trusted.
9b371988
PH
2633
2634.cindex '&"From"& line'
0cf7a941 2635.cindex "envelope from"
9b371988
PH
2636.cindex "envelope sender"
2637Trusted users are always permitted to use the &%-f%& option or a leading
2638&"From&~"& line to specify the envelope sender of a message that is passed to
2639Exim through the local interface (see the &%-bm%& and &%-f%& options below).
2640See the &%untrusted_set_sender%& option for a way of permitting non-trusted
2641users to set envelope senders.
2642
2643.cindex "&'From:'& header line"
2644.cindex "&'Sender:'& header line"
1e4519cc
JH
2645.cindex "header lines" "From:"
2646.cindex "header lines" "Sender:"
9b371988
PH
2647For a trusted user, there is never any check on the contents of the &'From:'&
2648header line, and a &'Sender:'& line is never added. Furthermore, any existing
2649&'Sender:'& line in incoming local (non-TCP/IP) messages is not removed.
2650
168e428f
PH
2651Trusted users may also specify a host name, host address, interface address,
2652protocol name, ident value, and authentication data when submitting a message
2653locally. Thus, they are able to insert messages into Exim's queue locally that
2654have the characteristics of messages received from a remote host. Untrusted
9b371988 2655users may in some circumstances use &%-f%&, but can never set the other values
168e428f 2656that are available to trusted users.
9b371988
PH
2657.next
2658.cindex "user" "admin definition of"
2659.cindex "admin user" "definition of"
168e428f 2660The admin users are root, the Exim user, and any user that is a member of the
9b371988 2661Exim group or of any group listed in the &%admin_groups%& configuration option.
168e428f 2662The current group does not have to be one of these groups.
9b371988 2663
168e428f
PH
2664Admin users are permitted to list the queue, and to carry out certain
2665operations on messages, for example, to force delivery failures. It is also
2666necessary to be an admin user in order to see the full information provided by
2667the Exim monitor, and full debugging output.
9b371988
PH
2668
2669By default, the use of the &%-M%&, &%-q%&, &%-R%&, and &%-S%& options to cause
2670Exim to attempt delivery of messages on its queue is restricted to admin users.
2671However, this restriction can be relaxed by setting the &%prod_requires_admin%&
2672option false (that is, specifying &%no_prod_requires_admin%&).
2673
2674Similarly, the use of the &%-bp%& option to list all the messages in the queue
2675is restricted to admin users unless &%queue_list_requires_admin%& is set
168e428f 2676false.
9b371988 2677.endlist
168e428f
PH
2678
2679
9b371988 2680&*Warning*&: If you configure your system so that admin users are able to
168e428f
PH
2681edit Exim's configuration file, you are giving those users an easy way of
2682getting root. There is further discussion of this issue at the start of chapter
9b371988 2683&<<CHAPconf>>&.
168e428f
PH
2684
2685
2686
2687
f89d2485 2688.section "Command line options" "SECID39"
db9452a9
PH
2689Exim's command line options are described in alphabetical order below. If none
2690of the options that specifies a specific action (such as starting the daemon or
2691a queue runner, or testing an address, or receiving a message in a specific
2692format, or listing the queue) are present, and there is at least one argument
2693on the command line, &%-bm%& (accept a local message on the standard input,
2694with the arguments specifying the recipients) is assumed. Otherwise, Exim
2695outputs a brief message about itself and exits.
168e428f 2696
9b371988
PH
2697. ////////////////////////////////////////////////////////////////////////////
2698. Insert a stylized XML comment here, to identify the start of the command line
2699. options. This is for the benefit of the Perl script that automatically
2700. creates a man page for the options.
2701. ////////////////////////////////////////////////////////////////////////////
168e428f 2702
9b371988 2703.literal xml
168e428f 2704<!-- === Start of command line options === -->
9b371988 2705.literal off
168e428f
PH
2706
2707
9b371988
PH
2708.vlist
2709.vitem &%--%&
2710.oindex "--"
2711.cindex "options" "command line; terminating"
168e428f
PH
2712This is a pseudo-option whose only purpose is to terminate the options and
2713therefore to cause subsequent command line items to be treated as arguments
2714rather than options, even if they begin with hyphens.
2715
9b371988
PH
2716.vitem &%--help%&
2717.oindex "&%--help%&"
168e428f
PH
2718This option causes Exim to output a few sentences stating what it is.
2719The same output is generated if the Exim binary is called with no options and
2720no arguments.
2721
4b2241d2
PP
2722.vitem &%--version%&
2723.oindex "&%--version%&"
2724This option is an alias for &%-bV%& and causes version information to be
2725displayed.
2726
a3fb9793
PP
2727.vitem &%-Ac%& &&&
2728 &%-Am%&
2729.oindex "&%-Ac%&"
2730.oindex "&%-Am%&"
2731These options are used by Sendmail for selecting configuration files and are
2732ignored by Exim.
a3fb9793 2733
9b371988
PH
2734.vitem &%-B%&<&'type'&>
2735.oindex "&%-B%&"
2736.cindex "8-bit characters"
2737.cindex "Sendmail compatibility" "8-bit characters"
168e428f
PH
2738This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
2739clean; it ignores this option.
2740
9b371988
PH
2741.vitem &%-bd%&
2742.oindex "&%-bd%&"
2743.cindex "daemon"
f89d2485 2744.cindex "SMTP" "listener"
9b371988 2745.cindex "queue runner"
168e428f 2746This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
9b371988
PH
2747the &%-bd%& option is combined with the &%-q%&<&'time'&> option, to specify
2748that the daemon should also initiate periodic queue runs.
2749
2750The &%-bd%& option can be used only by an admin user. If either of the &%-d%&
2751(debugging) or &%-v%& (verifying) options are set, the daemon does not
168e428f
PH
2752disconnect from the controlling terminal. When running this way, it can be
2753stopped by pressing ctrl-C.
9b371988 2754
168e428f
PH
2755By default, Exim listens for incoming connections to the standard SMTP port on
2756all the host's running interfaces. However, it is possible to listen on other
2757ports, on multiple ports, and only on specific interfaces. Chapter
9b371988
PH
2758&<<CHAPinterfaces>>& contains a description of the options that control this.
2759
168e428f 2760When a listening daemon
9b371988
PH
2761.cindex "daemon" "process id (pid)"
2762.cindex "pid (process id)" "of daemon"
2763is started without the use of &%-oX%& (that is, without overriding the normal
2764configuration), it writes its process id to a file called &_exim-daemon.pid_&
2765in Exim's spool directory. This location can be overridden by setting
2766PID_FILE_PATH in &_Local/Makefile_&. The file is written while Exim is still
168e428f 2767running as root.
9b371988
PH
2768
2769When &%-oX%& is used on the command line to start a listening daemon, the
2770process id is not written to the normal pid file path. However, &%-oP%& can be
168e428f 2771used to specify a path on the command line if a pid file is required.
9b371988 2772
168e428f 2773The SIGHUP signal
9b371988 2774.cindex "SIGHUP"
49692970
JH
2775.cindex restart "on HUP signal"
2776.cindex signal "HUP, to restart"
3cb1b51e 2777.cindex "daemon" "restarting"
6ce06eea
JH
2778.cindex signal "to reload configuration"
2779.cindex daemon "reload configuration"
49692970 2780.cindex reload configuration
3cb1b51e
PH
2781can be used to cause the daemon to re-execute itself. This should be done
2782whenever Exim's configuration file, or any file that is incorporated into it by
2783means of the &%.include%& facility, is changed, and also whenever a new version
2784of Exim is installed. It is not necessary to do this when other files that are
9b371988
PH
2785referenced from the configuration (for example, alias files) are changed,
2786because these are reread each time they are used.
2787
2788.vitem &%-bdf%&
2789.oindex "&%-bdf%&"
2790This option has the same effect as &%-bd%& except that it never disconnects
2791from the controlling terminal, even when no debugging is specified.
2792
2793.vitem &%-be%&
2794.oindex "&%-be%&"
2795.cindex "testing" "string expansion"
2796.cindex "expansion" "testing"
168e428f
PH
2797Run Exim in expansion testing mode. Exim discards its root privilege, to
2798prevent ordinary users from using this mode to read otherwise inaccessible
2799files. If no arguments are given, Exim runs interactively, prompting for lines
4f578862 2800of data. Otherwise, it processes each argument in turn.
9b371988
PH
2801
2802If Exim was built with USE_READLINE=yes in &_Local/Makefile_&, it tries
2803to load the &%libreadline%& library dynamically whenever the &%-be%& option is
2804used without command line arguments. If successful, it uses the &[readline()]&
168e428f
PH
2805function, which provides extensive line-editing facilities, for reading the
2806test data. A line history is supported.
9b371988 2807
168e428f 2808Long expansion expressions can be split over several lines by using backslash
20f0f788 2809continuations. As in Exim's runtime configuration, white space at the start of
168e428f
PH
2810continuation lines is ignored. Each argument or data line is passed through the
2811string expansion mechanism, and the result is output. Variable values from the
9b371988 2812configuration file (for example, &$qualify_domain$&) are available, but no
374dc194 2813message-specific values (such as &$message_exim_id$&) are set, because no message
f89d2485 2814is being processed (but see &%-bem%& and &%-Mset%&).
168e428f 2815
9b371988
PH
2816&*Note*&: If you use this mechanism to test lookups, and you change the data
2817files or databases you are using, you must exit and restart Exim before trying
2818the same lookup again. Otherwise, because each Exim process caches the results
2819of lookups, you will just get the same result as before.
9b371988 2820
9650d98a
JH
2821Macro processing is done on lines before string-expansion: new macros can be
2822defined and macros will be expanded.
2823Because macros in the config file are often used for secrets, those are only
2824available to admin users.
9650d98a 2825
3cb1b51e
PH
2826.vitem &%-bem%&&~<&'filename'&>
2827.oindex "&%-bem%&"
2828.cindex "testing" "string expansion"
2829.cindex "expansion" "testing"
2830This option operates like &%-be%& except that it must be followed by the name
2831of a file. For example:
2832.code
2833exim -bem /tmp/testmessage
2834.endd
2835The file is read as a message (as if receiving a locally-submitted non-SMTP
2836message) before any of the test expansions are done. Thus, message-specific
2837variables such as &$message_size$& and &$header_from:$& are available. However,
2838no &'Received:'& header is added to the message. If the &%-t%& option is set,
2839recipients are read from the headers in the normal way, and are shown in the
2840&$recipients$& variable. Note that recipients cannot be given on the command
2841line, because further arguments are taken as strings to expand (just like
2842&%-be%&).
3cb1b51e 2843
9b371988
PH
2844.vitem &%-bF%&&~<&'filename'&>
2845.oindex "&%-bF%&"
2846.cindex "system filter" "testing"
2847.cindex "testing" "system filter"
2848This option is the same as &%-bf%& except that it assumes that the filter being
168e428f
PH
2849tested is a system filter. The additional commands that are available only in
2850system filters are recognized.
2851
9b371988
PH
2852.vitem &%-bf%&&~<&'filename'&>
2853.oindex "&%-bf%&"
2854.cindex "filter" "testing"
2855.cindex "testing" "filter file"
2856.cindex "forward file" "testing"
2857.cindex "testing" "forward file"
2858.cindex "Sieve filter" "testing"
168e428f
PH
2859This option runs Exim in user filter testing mode; the file is the filter file
2860to be tested, and a test message must be supplied on the standard input. If
2861there are no message-dependent tests in the filter, an empty file can be
2862supplied.
168e428f 2863
9b371988
PH
2864If you want to test a system filter file, use &%-bF%& instead of &%-bf%&. You
2865can use both &%-bF%& and &%-bf%& on the same command, in order to test a system
2866filter and a user filter in the same run. For example:
2867.code
2868exim -bF /system/filter -bf /user/filter </test/message
2869.endd
168e428f
PH
2870This is helpful when the system filter adds header lines or sets filter
2871variables that are used by the user filter.
168e428f 2872
9b371988
PH
2873If the test filter file does not begin with one of the special lines
2874.code
2875# Exim filter
2876# Sieve filter
2877.endd
2878it is taken to be a normal &_.forward_& file, and is tested for validity under
2879that interpretation. See sections &<<SECTitenonfilred>>& to
2880&<<SECTspecitredli>>& for a description of the possible contents of non-filter
2881redirection lists.
2882
2883The result of an Exim command that uses &%-bf%&, provided no errors are
168e428f
PH
2884detected, is a list of the actions that Exim would try to take if presented
2885with the message for real. More details of filter testing are given in the
9b371988
PH
2886separate document entitled &'Exim's interfaces to mail filtering'&.
2887
168e428f 2888When testing a filter file,
9b371988 2889.cindex "&""From""& line"
0cf7a941 2890.cindex "envelope from"
9b371988 2891.cindex "envelope sender"
f89d2485 2892.oindex "&%-f%&" "for filter testing"
9b371988
PH
2893the envelope sender can be set by the &%-f%& option,
2894or by a &"From&~"& line at the start of the test message. Various parameters
2895that would normally be taken from the envelope recipient address of the message
2896can be set by means of additional command line options (see the next four
2897options).
2898
2899.vitem &%-bfd%&&~<&'domain'&>
2900.oindex "&%-bfd%&"
f89d2485 2901.vindex "&$qualify_domain$&"
168e428f 2902This sets the domain of the recipient address when a filter file is being
9b371988
PH
2903tested by means of the &%-bf%& option. The default is the value of
2904&$qualify_domain$&.
168e428f 2905
9b371988
PH
2906.vitem &%-bfl%&&~<&'local&~part'&>
2907.oindex "&%-bfl%&"
168e428f 2908This sets the local part of the recipient address when a filter file is being
9b371988 2909tested by means of the &%-bf%& option. The default is the username of the
168e428f
PH
2910process that calls Exim. A local part should be specified with any prefix or
2911suffix stripped, because that is how it appears to the filter when a message is
2912actually being delivered.
2913
9b371988
PH
2914.vitem &%-bfp%&&~<&'prefix'&>
2915.oindex "&%-bfp%&"
2b8d6aff 2916.cindex affix "filter testing"
168e428f 2917This sets the prefix of the local part of the recipient address when a filter
9b371988 2918file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2919prefix.
2920
9b371988
PH
2921.vitem &%-bfs%&&~<&'suffix'&>
2922.oindex "&%-bfs%&"
2b8d6aff 2923.cindex affix "filter testing"
168e428f 2924This sets the suffix of the local part of the recipient address when a filter
9b371988 2925file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2926suffix.
2927
9b371988
PH
2928.vitem &%-bh%&&~<&'IP&~address'&>
2929.oindex "&%-bh%&"
2930.cindex "testing" "incoming SMTP"
2931.cindex "SMTP" "testing incoming"
2932.cindex "testing" "relay control"
2933.cindex "relaying" "testing configuration"
2934.cindex "policy control" "testing"
2935.cindex "debugging" "&%-bh%& option"
168e428f
PH
2936This option runs a fake SMTP session as if from the given IP address, using the
2937standard input and output. The IP address may include a port number at the end,
2938after a full stop. For example:
9b371988
PH
2939.code
2940exim -bh 10.9.8.7.1234
2941exim -bh fe80::a00:20ff:fe86:a061.5678
2942.endd
168e428f 2943When an IPv6 address is given, it is converted into canonical form. In the case
9b371988
PH
2944of the second example above, the value of &$sender_host_address$& after
2945conversion to the canonical form is
2946&`fe80:0000:0000:0a00:20ff:fe86:a061.5678`&.
2947
168e428f 2948Comments as to what is going on are written to the standard error file. These
9b371988 2949include lines beginning with &"LOG"& for anything that would have been logged.
168e428f
PH
2950This facility is provided for testing configuration options for incoming
2951messages, to make sure they implement the required policy. For example, you can
9b371988
PH
2952test your relay controls using &%-bh%&.
2953
2954&*Warning 1*&:
2955.cindex "RFC 1413"
db9452a9
PH
2956You can test features of the configuration that rely on ident (RFC 1413)
2957information by using the &%-oMt%& option. However, Exim cannot actually perform
2958an ident callout when testing using &%-bh%& because there is no incoming SMTP
2959connection.
9b371988
PH
2960
2961&*Warning 2*&: Address verification callouts (see section &<<SECTcallver>>&)
2962are also skipped when testing using &%-bh%&. If you want these callouts to
2963occur, use &%-bhc%& instead.
2964
168e428f
PH
2965Messages supplied during the testing session are discarded, and nothing is
2966written to any of the real log files. There may be pauses when DNS (and other)
9b371988 2967lookups are taking place, and of course these may time out. The &%-oMi%& option
db9452a9
PH
2968can be used to specify a specific IP interface and port if this is important,
2969and &%-oMaa%& and &%-oMai%& can be used to set parameters as if the SMTP
2970session were authenticated.
9b371988
PH
2971
2972The &'exim_checkaccess'& utility is a &"packaged"& version of &%-bh%& whose
168e428f 2973output just states whether a given recipient address from a given host is
9b371988 2974acceptable or not. See section &<<SECTcheckaccess>>&.
168e428f 2975
3cb1b51e 2976Features such as authentication and encryption, where the client input is not
f89d2485
PH
2977plain text, cannot easily be tested with &%-bh%&. Instead, you should use a
2978specialized SMTP test program such as
07738d61 2979&url(https://www.jetmore.org/john/code/swaks/,swaks).
3cb1b51e 2980
9b371988
PH
2981.vitem &%-bhc%&&~<&'IP&~address'&>
2982.oindex "&%-bhc%&"
2983This option operates in the same way as &%-bh%&, except that address
168e428f
PH
2984verification callouts are performed if required. This includes consulting and
2985updating the callout cache database.
2986
9b371988
PH
2987.vitem &%-bi%&
2988.oindex "&%-bi%&"
2989.cindex "alias file" "building"
2990.cindex "building alias file"
2991.cindex "Sendmail compatibility" "&%-b