Apply John Jetmore's patch to allow tls-on-connect and STARTTLS to be
[exim.git] / doc / doc-docbook / spec.xfpt
<
CommitLineData
5abeaa6e 1. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.12 2006/07/31 14:19:31 ph10 Exp $
9b371988
PH
2.
3. /////////////////////////////////////////////////////////////////////////////
4. This is the primary source of the Exim Manual. It is an xfpt document that is
5. converted into DocBook XML for subsequent conversion into printing and online
6. formats. The markup used herein is "standard" xfpt markup, with some extras.
7. The markup is summarized in a file called Markup.txt.
8. /////////////////////////////////////////////////////////////////////////////
9
10.include stdflags
11.include stdmacs
12.docbook
13.book
14
15. /////////////////////////////////////////////////////////////////////////////
16. These definitions set some parameters and save some typing. Remember that
17. the <bookinfo> element must also be updated for each new edition.
18. /////////////////////////////////////////////////////////////////////////////
19
20.set ACL "access control lists (ACLs)"
db9452a9
PH
21.set previousversion "4.62"
22.set version "4.63"
9b371988
PH
23
24
25. /////////////////////////////////////////////////////////////////////////////
26. Additional xfpt markup used by this document, over and above the default
27. provided in the xfpt library.
28. /////////////////////////////////////////////////////////////////////////////
29
30. --- Override the &$ flag to automatically insert a $ with the variable name
31
32.flag &$ $& "<varname>$" "</varname>"
33
34. --- Short flags for daggers in option headings. They will always be inside
35. --- an italic string, but we want the daggers to be roman.
36
37.flag &!! "</emphasis>&dagger;<emphasis>"
38.flag &!? "</emphasis>&Dagger;<emphasis>"
39
40. --- A macro for an Exim option definition heading, generating a one-line
41. --- table with four columns.
42
43.macro option
44.oindex "$1"
45.itable all 0 0 4 8* left 5* center 5* center 6* right
46.row "&%$1%&" "Use: &'$2'&" "Type: &'$3'&" "Default: &'$4'&"
47.endtable
48.endmacro
49
50. --- A macro for the common 2-column tables. The width of the first column
51. --- is suitable for the many tables at the start of the main options chapter;
52. --- the small number of other 2-column tables override it.
53
db9452a9 54.macro table2 196pt 254pt
9b371988
PH
55.itable none 0 0 2 $1 left $2 left
56.endmacro
57
4f578862
PH
58. --- Macros for the concept and option index entries. For a "range" style of
59. --- entry, use .scindex for the start and .ecindex for the end. The first
60. --- argument of .scindex and the only argument of .ecindex must be the ID
61. --- that ties them together.
9b371988
PH
62
63.macro cindex
64&<indexterm role="concept">&
65&<primary>&$1&</primary>&
66.arg 2
67&<secondary>&$2&</secondary>&
68.endarg
69&</indexterm>&
70.endmacro
71
4f578862
PH
72.macro scindex
73&<indexterm role="concept" id="$1" class="startofrange">&
74&<primary>&$2&</primary>&
75.arg 3
76&<secondary>&$3&</secondary>&
77.endarg
78&</indexterm>&
79.endmacro
80
81.macro ecindex
82&<indexterm role="concept" startref="$1" class="endofrange"/>&
83.endmacro
84
9b371988
PH
85.macro oindex
86&<indexterm role="option">&
87&<primary>&$1&</primary>&
88.arg 2
89&<secondary>&$2&</secondary>&
90.endarg
91&</indexterm>&
92.endmacro
93
94.macro index
95.echo "** Don't use .index; use .cindex or .oindex"
96.endmacro
97. ////////////////////////////////////////////////////////////////////////////
98
99
100. ////////////////////////////////////////////////////////////////////////////
101. The <bookinfo> element is removed from the XML before processing for Ascii
102. output formats.
103. ////////////////////////////////////////////////////////////////////////////
104
105.literal xml
106<bookinfo>
107<title>Specification of the Exim Mail Transfer Agent</title>
108<titleabbrev>The Exim MTA</titleabbrev>
db9452a9 109<date>27 July 2006</date>
9b371988
PH
110<author><firstname>Philip</firstname><surname>Hazel</surname></author>
111<authorinitials>PH</authorinitials>
112<affiliation><orgname>University of Cambridge Computing Service</orgname></affiliation>
113<address>New Museums Site, Pembroke Street, Cambridge CB2 3QH, England</address>
114<revhistory><revision>
db9452a9
PH
115 <revnumber>4.63</revnumber>
116 <date>27 July 2006</date>
9b371988
PH
117 <authorinitials>PH</authorinitials>
118</revision></revhistory>
119<copyright><year>2006</year><holder>University of Cambridge</holder></copyright>
120</bookinfo>
121.literal off
122
123
124. /////////////////////////////////////////////////////////////////////////////
125. This chunk of literal XML implements index entries of the form "x, see y" and
126. "x, see also y". However, the DocBook DTD doesn't allow <indexterm> entries
127. at the top level, so we have to put the .chapter directive first.
128. /////////////////////////////////////////////////////////////////////////////
129
130.chapter "Introduction"
131.literal xml
132
168e428f
PH
133<indexterm role="concept">
134 <primary>$1, $2, etc.</primary>
135 <see><emphasis>numerical variables</emphasis></see>
136</indexterm>
137<indexterm role="concept">
138 <primary>address</primary>
139 <secondary>rewriting</secondary>
140 <see><emphasis>rewriting</emphasis></see>
141</indexterm>
142<indexterm role="concept">
068aaea8
PH
143 <primary>Bounce Address Tag Validation</primary>
144 <see><emphasis>BATV</emphasis></see>
145</indexterm>
146<indexterm role="concept">
147 <primary>Client SMTP Authorization</primary>
148 <see><emphasis>CSA</emphasis></see>
149</indexterm>
150<indexterm role="concept">
168e428f
PH
151 <primary>CR character</primary>
152 <see><emphasis>carriage return</emphasis></see>
153</indexterm>
154<indexterm role="concept">
155 <primary>CRL</primary>
156 <see><emphasis>certificate revocation list</emphasis></see>
157</indexterm>
158<indexterm role="concept">
159 <primary>delivery</primary>
160 <secondary>failure report</secondary>
161 <see><emphasis>bounce message</emphasis></see>
162</indexterm>
163<indexterm role="concept">
164 <primary>dialup</primary>
165 <see><emphasis>intermittently connected hosts</emphasis></see>
166</indexterm>
167<indexterm role="concept">
168 <primary>exiscan</primary>
169 <see><emphasis>content scanning</emphasis></see>
170</indexterm>
171<indexterm role="concept">
172 <primary>failover</primary>
173 <see><emphasis>fallback</emphasis></see>
174</indexterm>
175<indexterm role="concept">
176 <primary>fallover</primary>
177 <see><emphasis>fallback</emphasis></see>
178</indexterm>
179<indexterm role="concept">
180 <primary>filter</primary>
181 <secondary>Sieve</secondary>
182 <see><emphasis>Sieve filter</emphasis></see>
183</indexterm>
184<indexterm role="concept">
185 <primary>ident</primary>
186 <see><emphasis>RFC 1413</emphasis></see>
187</indexterm>
188<indexterm role="concept">
189 <primary>LF character</primary>
190 <see><emphasis>linefeed</emphasis></see>
191</indexterm>
192<indexterm role="concept">
193 <primary>maximum</primary>
194 <see><emphasis>limit</emphasis></see>
195</indexterm>
196<indexterm role="concept">
068aaea8
PH
197 <primary>monitor</primary>
198 <see><emphasis>Exim monitor</emphasis></see>
199</indexterm>
200<indexterm role="concept">
168e428f
PH
201 <primary>no_<emphasis>xxx</emphasis></primary>
202 <see>entry for xxx</see>
203</indexterm>
204<indexterm role="concept">
205 <primary>NUL</primary>
206 <see><emphasis>binary zero</emphasis></see>
207</indexterm>
208<indexterm role="concept">
209 <primary>passwd file</primary>
210 <see><emphasis>/etc/passwd</emphasis></see>
211</indexterm>
212<indexterm role="concept">
213 <primary>process id</primary>
214 <see><emphasis>pid</emphasis></see>
215</indexterm>
216<indexterm role="concept">
217 <primary>RBL</primary>
218 <see><emphasis>DNS list</emphasis></see>
219</indexterm>
220<indexterm role="concept">
221 <primary>redirection</primary>
222 <see><emphasis>address redirection</emphasis></see>
223</indexterm>
224<indexterm role="concept">
225 <primary>return path</primary>
226 <seealso><emphasis>envelope sender</emphasis></seealso>
227</indexterm>
228<indexterm role="concept">
229 <primary>scanning</primary>
230 <see><emphasis>content scanning</emphasis></see>
231</indexterm>
232<indexterm role="concept">
233 <primary>SSL</primary>
234 <see><emphasis>TLS</emphasis></see>
235</indexterm>
236<indexterm role="concept">
237 <primary>string</primary>
238 <secondary>expansion</secondary>
239 <see><emphasis>expansion</emphasis></see>
240</indexterm>
241<indexterm role="concept">
242 <primary>top bit</primary>
243 <see><emphasis>8-bit characters</emphasis></see>
244</indexterm>
245<indexterm role="concept">
246 <primary>variables</primary>
247 <see><emphasis>expansion, variables</emphasis></see>
248</indexterm>
249<indexterm role="concept">
250 <primary>zero, binary</primary>
251 <see><emphasis>binary zero</emphasis></see>
252</indexterm>
9b371988
PH
253
254.literal off
168e428f
PH
255
256
9b371988
PH
257. /////////////////////////////////////////////////////////////////////////////
258. This is the real start of the first chapter. See the comment above as to why
259. we can't have the .chapter line here.
260. chapter "Introduction"
261. /////////////////////////////////////////////////////////////////////////////
168e428f
PH
262
263Exim is a mail transfer agent (MTA) for hosts that are running Unix or
264Unix-like operating systems. It was designed on the assumption that it would be
265run on hosts that are permanently connected to the Internet. However, it can be
266used on intermittently connected hosts with suitable configuration adjustments.
267
268Configuration files currently exist for the following operating systems: AIX,
068aaea8
PH
269BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, Dragonfly, FreeBSD, GNU/Hurd,
270GNU/Linux, HI-OSF (Hitachi), HI-UX, HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD,
271OpenUNIX, QNX, SCO, SCO SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4,
272Tru64-Unix (formerly Digital UNIX, formerly DEC-OSF1), Ultrix, and Unixware.
273Some of these operating systems are no longer current and cannot easily be
274tested, so the configuration files may no longer work in practice.
168e428f
PH
275
276There are also configuration files for compiling Exim in the Cygwin environment
277that can be installed on systems running Windows. However, this document does
278not contain any information about running Exim in the Cygwin environment.
279
280The terms and conditions for the use and distribution of Exim are contained in
9b371988
PH
281the file &_NOTICE_&. Exim is distributed under the terms of the GNU General
282Public Licence, a copy of which may be found in the file &_LICENCE_&.
168e428f
PH
283
284The use, supply or promotion of Exim for the purpose of sending bulk,
285unsolicited electronic mail is incompatible with the basic aims of the program,
286which revolve around the free provision of a service that enhances the quality
287of personal communications. The author of Exim regards indiscriminate
288mass-mailing as an antisocial, irresponsible abuse of the Internet.
289
290Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
291experience of running and working on the Smail 3 code, I could never have
292contemplated starting to write a new MTA. Many of the ideas and user interfaces
293were originally taken from Smail 3, though the actual code of Exim is entirely
294new, and has developed far beyond the initial concept.
295
296Many people, both in Cambridge and around the world, have contributed to the
297development and the testing of Exim, and to porting it to various operating
298systems. I am grateful to them all. The distribution now contains a file called
9b371988 299&_ACKNOWLEDGMENTS_&, in which I have started recording the names of
168e428f
PH
300contributors.
301
302
9b371988
PH
303.section "Exim documentation"
304.new
305.cindex "documentation"
306This edition of the Exim specification applies to version &version; of Exim.
307Substantive changes from the &previousversion; edition are marked in some
168e428f
PH
308renditions of the document; this paragraph is so marked if the rendition is
309capable of showing a change indicator.
9b371988 310.wen
168e428f
PH
311
312This document is very much a reference manual; it is not a tutorial. The reader
313is expected to have some familiarity with the SMTP mail transfer protocol and
314with general Unix system administration. Although there are some discussions
315and examples in places, the information is mostly organized in a way that makes
316it easy to look up, rather than in a natural order for sequential reading.
317Furthermore, the manual aims to cover every aspect of Exim in detail, including
318a number of rarely-used, special-purpose features that are unlikely to be of
319very wide interest.
320
9b371988
PH
321.cindex "books about Exim"
322An &"easier"& discussion of Exim which provides more in-depth explanatory,
323introductory, and tutorial material can be found in a book entitled &'The Exim
324SMTP Mail Server'&, published by UIT Cambridge
325(&url(http://www.uit.co.uk/exim-book/)).
168e428f
PH
326
327This book also contains a chapter that gives a general introduction to SMTP and
328Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
329with the latest release of Exim. (Note that the earlier book about Exim,
330published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)
331
9b371988 332.cindex "Debian" "information sources"
068aaea8
PH
333If you are using a Debian distribution of Exim, you will find information about
334Debian-specific features in the file
9b371988
PH
335.display
336&_/usr/share/doc/exim4-base/README.Debian_&
337.endd
338The command &(man update-exim.conf)& is another source of Debian-specific
068aaea8
PH
339information.
340
9b371988
PH
341.cindex "&_doc/NewStuff_&"
342.cindex "&_doc/ChangeLog_&"
343.cindex "change log"
168e428f
PH
344As the program develops, there may be features in newer versions that have not
345yet made it into this document, which is updated only when the most significant
346digit of the fractional part of the version number changes. Specifications of
347new features that are not yet in this manual are placed in the file
9b371988 348&_doc/NewStuff_& in the Exim distribution.
168e428f 349
9b371988 350Some features may be classified as &"experimental"&. These may change
168e428f
PH
351incompatibly while they are developing, or even be withdrawn. For this reason,
352they are not documented in this manual. Information about experimental features
9b371988 353can be found in the file &_doc/experimental.txt_&.
168e428f
PH
354
355All changes to the program (whether new features, bug fixes, or other kinds of
9b371988 356change) are noted briefly in the file called &_doc/ChangeLog_&.
168e428f 357
9b371988
PH
358.cindex "&_doc/spec.txt_&"
359This specification itself is available as an ASCII file in &_doc/spec.txt_& so
360that it can easily be searched with a text editor. Other files in the &_doc_&
168e428f
PH
361directory are:
362
9b371988
PH
363.table2 100pt
364.row &_OptionLists.txt_& "list of all options in alphabetical order"
365.row &_dbm.discuss.txt_& "discussion about DBM libraries"
366.row &_exim.8_& "a man page of Exim's command line options"
367.row &_experimental.txt_& "documentation of experimental features"
368.row &_filter.txt_& "specification of the filter language"
369.row &_pcrepattern.txt_& "specification of PCRE regular expressions"
370.row &_pcretest.txt_& "specification of the PCRE testing program"
371.row &_Exim3.upgrade_& "upgrade notes from release 2 to release 3"
372.row &_Exim4.upgrade_& "upgrade notes from release 3 to release 4"
373.endtable
168e428f
PH
374
375The main specification and the specification of the filtering language are also
376available in other formats (HTML, PostScript, PDF, and Texinfo). Section
9b371988 377&<<SECTavail>>& below tells you how to get hold of these.
168e428f
PH
378
379
380
9b371988
PH
381.section "FTP and web sites"
382.cindex "web site"
383.cindex "FTP site"
068aaea8 384The primary site for Exim source distributions is currently the University of
9b371988
PH
385Cambridge's FTP site, whose contents are described in &'Where to find the Exim
386distribution'& below. In addition, there is a web site and an FTP site at
387&%exim.org%&. These are now also hosted at the University of Cambridge. The
388&%exim.org%& site was previously hosted for a number of years by Energis
389Squared, formerly Planet Online Ltd, whose support I gratefully acknowledge.
390
391.cindex "wiki"
392.cindex "FAQ"
168e428f 393As well as Exim distribution tar files, the Exim web site contains a number of
9b371988
PH
394differently formatted versions of the documentation, including the FAQ in both
395text and HTML formats. The HTML version comes with a keyword-in-context index.
396A recent addition to the online information is the Exim wiki
397(&url(http://www.exim.org/eximwiki/)). We hope that this will make it easier
398for Exim users to contribute examples, tips, and know-how for the benefit of
399others.
168e428f
PH
400
401
402
9b371988
PH
403.section "Mailing lists"
404.cindex "mailing lists" "for Exim users"
168e428f
PH
405The following are the three main Exim mailing lists:
406
9b371988
PH
407.table2 140pt
408.row &'exim-users@exim.org'& "general discussion list"
409.row &'exim-dev@exim.org'& "discussion of bugs, enhancements, etc."
410.row &'exim-announce@exim.org'& "moderated, low volume announcements list"
411.endtable
168e428f 412
db9452a9 413.new
168e428f 414You can subscribe to these lists, change your existing subscriptions, and view
9b371988
PH
415or search the archives via the mailing lists link on the Exim home page.
416.cindex "Debian" "mailing list for"
4f578862 417If you are using a Debian distribution of Exim, you may wish to subscribe to
db9452a9
PH
418the Debian-specific mailing list &'pkg-exim4-users@lists.alioth.debian.org'&
419via this web page:
420.display
421&url(http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users)
422.endd
423Please ask Debian-specific questions on this list and not on the general Exim
424lists.
425.wen
9b371988
PH
426
427.section "Exim training"
428.cindex "training courses"
068aaea8 429From time to time (approximately annually at the time of writing), training
9b371988
PH
430courses are run by the author of Exim in Cambridge, UK. Details of any
431forthcoming courses can be found on the web site
432&url(http://www-tus.csx.cam.ac.uk/courses/exim/).
168e428f
PH
433
434
9b371988
PH
435.section "Bug reports"
436.cindex "bug reports"
437.cindex "reporting bugs"
438Reports of obvious bugs should be emailed to &'bugs@exim.org'&. However, if you
439are unsure whether some behaviour is a bug or not, the best thing to do is to
440post a message to the &'exim-dev'& mailing list and have it discussed.
168e428f
PH
441
442
443
9b371988
PH
444.section "Where to find the Exim distribution" "SECTavail"
445.cindex "FTP site"
446.cindex "distribution" "ftp site"
168e428f 447The master ftp site for the Exim distribution is
9b371988
PH
448.display
449&*ftp://ftp.csx.cam.ac.uk/pub/software/email/exim*&
450.endd
168e428f 451This is mirrored by
9b371988
PH
452.display
453&*ftp://ftp.exim.org/pub/exim*&
454.endd
455The file references that follow are relative to the &_exim_& directories at
456these sites. There are now quite a number of independent mirror sites around
457the world. Those that I know about are listed in the file called &_Mirrors_&.
458
459Within the &_exim_& directory there are subdirectories called &_exim3_& (for
460previous Exim 3 distributions), &_exim4_& (for the latest Exim 4
461distributions), and &_Testing_& for testing versions. In the &_exim4_&
168e428f 462subdirectory, the current release can always be found in files called
9b371988
PH
463.display
464&_exim-n.nn.tar.gz_&
465&_exim-n.nn.tar.bz2_&
466.endd
467where &'n.nn'& is the highest such version number in the directory. The two
168e428f 468files contain identical data; the only difference is the type of compression.
9b371988 469The &_.bz2_& file is usually a lot smaller than the &_.gz_& file.
168e428f 470
9b371988
PH
471.cindex "distribution" "signing details"
472.cindex "distribution" "public key"
473.cindex "public key for signed distribution"
168e428f
PH
474The distributions are currently signed with Philip Hazel's GPG key. The
475corresponding public key is available from a number of keyservers, and there is
9b371988 476also a copy in the file &_Public-Key_&. The signatures for the tar bundles are
168e428f 477in:
9b371988
PH
478.display
479&_exim-n.nn.tar.gz.sig_&
480&_exim-n.nn.tar.bz2.sig_&
481.endd
168e428f 482For each released version, the log of changes is made separately available in a
9b371988 483separate file in the directory &_ChangeLogs_& so that it is possible to
168e428f
PH
484find out what has changed without having to download the entire distribution.
485
9b371988 486.cindex "documentation" "available formats"
168e428f
PH
487The main distribution contains ASCII versions of this specification and other
488documentation; other formats of the documents are available in separate files
9b371988
PH
489inside the &_exim4_& directory of the FTP site:
490.display
491&_exim-html-n.nn.tar.gz_&
492&_exim-pdf-n.nn.tar.gz_&
493&_exim-postscript-n.nn.tar.gz_&
494&_exim-texinfo-n.nn.tar.gz_&
495.endd
496These tar files contain only the &_doc_& directory, not the complete
497distribution, and are also available in &_.bz2_& as well as &_.gz_& forms.
498.cindex "FAQ"
168e428f 499The FAQ is available for downloading in two different formats in these files:
9b371988
PH
500.display
501&_exim4/FAQ.txt.gz_&
502&_exim4/FAQ.html.tar.gz_&
503.endd
168e428f
PH
504The first of these is a single ASCII file that can be searched with a text
505editor. The second is a directory of HTML files, normally accessed by starting
9b371988 506at &_index.html_&. The HTML version of the FAQ (which is also included in the
168e428f
PH
507HTML documentation tarbundle) includes a keyword-in-context index, which is
508often the most convenient way of finding your way around.
509
510
9b371988
PH
511.section "Wish list"
512.cindex "wish list"
db9452a9 513.new
168e428f 514A wish list is maintained, containing ideas for new features that have been
db9452a9
PH
515submitted. This used to be a single file that from time to time was exported to
516the ftp site into the file &_exim4/WishList_&. However, it has now been
517imported into Exim's Bugzilla data.
518.wen
168e428f
PH
519
520
9b371988
PH
521.section "Contributed material"
522.cindex "contributed material"
523At the ftp site, there is a directory called &_Contrib_& that contains
168e428f
PH
524miscellaneous files contributed to the Exim community by Exim users. There is
525also a collection of contributed configuration examples in
9b371988
PH
526&_exim4/config.samples.tar.gz_&. These samples are referenced from the FAQ.
527
528
529
530.section "Limitations"
531.ilist
532.cindex "limitations of Exim"
533.cindex "bang paths" "not handled by Exim"
534Exim is designed for use as an Internet MTA, and therefore handles addresses in
535RFC 2822 domain format only. It cannot handle UUCP &"bang paths"&, though
536simple two-component bang paths can be converted by a straightforward rewriting
537configuration. This restriction does not prevent Exim from being interfaced to
538UUCP as a transport mechanism, provided that domain addresses are used.
539.next
540.cindex "domainless addresses"
541.cindex "address" "without domain"
168e428f
PH
542Exim insists that every address it handles has a domain attached. For incoming
543local messages, domainless addresses are automatically qualified with a
544configured domain value. Configuration options specify from which remote
545systems unqualified addresses are acceptable. These are then qualified on
546arrival.
9b371988
PH
547.next
548.cindex "transport" "external"
549.cindex "external transports"
550The only external transport mechanisms that are currently implemented are SMTP
551and LMTP over a TCP/IP network (including support for IPv6). However, a pipe
168e428f 552transport is available, and there are facilities for writing messages to files
9b371988
PH
553and pipes, optionally in &'batched SMTP'& format; these facilities can be used
554to send messages to other transport mechanisms such as UUCP, provided they can
555handle domain-style addresses. Batched SMTP input is also catered for.
556.next
557Exim is not designed for storing mail for dial-in hosts. When the volumes of
558such mail are large, it is better to get the messages &"delivered"& into files
168e428f
PH
559(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
560other means.
9b371988
PH
561.next
562Although Exim does have basic facilities for scanning incoming messages, these
168e428f
PH
563are not comprehensive enough to do full virus or spam scanning. Such operations
564are best carried out using additional specialized software packages. If you
565compile Exim with the content-scanning extension, straightforward interfaces to
566a number of common scanners are provided.
9b371988 567.endlist
168e428f
PH
568
569
9b371988 570.section "Run time configuration"
168e428f
PH
571Exim's run time configuration is held in a single text file that is divided
572into a number of sections. The entries in this file consist of keywords and
573values, in the style of Smail 3 configuration files. A default configuration
574file which is suitable for simple online installations is provided in the
9b371988 575distribution, and is described in chapter &<<CHAPdefconfil>>& below.
168e428f
PH
576
577
9b371988
PH
578.section "Calling interface"
579.cindex "Sendmail compatibility" "command line interface"
168e428f 580Like many MTAs, Exim has adopted the Sendmail command line interface so that it
9b371988
PH
581can be a straight replacement for &_/usr/lib/sendmail_& or
582&_/usr/sbin/sendmail_& when sending mail, but you do not need to know anything
168e428f
PH
583about Sendmail in order to run Exim. For actions other than sending messages,
584Sendmail-compatible options also exist, but those that produce output (for
9b371988 585example, &%-bp%&, which lists the messages on the queue) do so in Exim's own
168e428f 586format. There are also some additional options that are compatible with Smail
9b371988 5873, and some further options that are new to Exim. Chapter &<<CHAPcommandline>>&
168e428f
PH
588documents all Exim's command line options. This information is automatically
589made into the man page that forms part of the Exim distribution.
590
591Control of messages on the queue can be done via certain privileged command
9b371988
PH
592line options. There is also an optional monitor program called &'eximon'&,
593which displays current information in an X window, and which contains a menu
168e428f
PH
594interface to Exim's command line administration options.
595
596
597
9b371988
PH
598.section "Terminology"
599.cindex "terminology definitions"
600.cindex "body of message" "definition of"
601The &'body'& of a message is the actual data that the sender wants to transmit.
602It is the last part of a message, and is separated from the &'header'& (see
168e428f
PH
603below) by a blank line.
604
9b371988 605.cindex "bounce message" "definition of"
168e428f 606When a message cannot be delivered, it is normally returned to the sender in a
9b371988
PH
607delivery failure message or a &"non-delivery report"& (NDR). The term
608&'bounce'& is commonly used for this action, and the error reports are often
609called &'bounce messages'&. This is a convenient shorthand for &"delivery
610failure error report"&. Such messages have an empty sender address in the
611message's &'envelope'& (see below) to ensure that they cannot themselves give
612rise to further bounce messages.
613
614The term &'default'& appears frequently in this manual. It is used to qualify a
168e428f
PH
615value which is used in the absence of any setting in the configuration. It may
616also qualify an action which is taken unless a configuration setting specifies
617otherwise.
618
9b371988 619The term &'defer'& is used when the delivery of a message to a specific
168e428f 620destination cannot immediately take place for some reason (a remote host may be
9b371988 621down, or a user's local mailbox may be full). Such deliveries are &'deferred'&
168e428f
PH
622until a later time.
623
9b371988
PH
624The word &'domain'& is sometimes used to mean all but the first component of a
625host's name. It is &'not'& used in that sense here, where it normally refers to
626the part of an email address following the @ sign.
168e428f 627
9b371988
PH
628.cindex "envelope" "definition of"
629.cindex "sender" "definition of"
630A message in transit has an associated &'envelope'&, as well as a header and a
168e428f
PH
631body. The envelope contains a sender address (to which bounce messages should
632be delivered), and any number of recipient addresses. References to the
633sender or the recipients of a message usually mean the addresses in the
634envelope. An MTA uses these addresses for delivery, and for returning bounce
635messages, not the addresses that appear in the header lines.
636
9b371988
PH
637.cindex "message header" "definition of"
638.cindex "header section" "definition of"
639The &'header'& of a message is the first part of a message's text, consisting
640of a number of lines, each of which has a name such as &'From:'&, &'To:'&,
641&'Subject:'&, etc. Long header lines can be split over several text lines by
168e428f
PH
642indenting the continuations. The header is separated from the body by a blank
643line.
644
9b371988
PH
645.cindex "local part" "definition of"
646.cindex "domain" "definition of"
647The term &'local part'&, which is taken from RFC 2822, is used to refer to that
168e428f 648part of an email address that precedes the @ sign. The part that follows the
9b371988 649@ sign is called the &'domain'& or &'mail domain'&.
168e428f 650
9b371988
PH
651.cindex "local delivery" "definition of"
652.cindex "remote delivery" "definition of"
653The terms &'local delivery'& and &'remote delivery'& are used to distinguish
168e428f 654delivery to a file or a pipe on the local host from delivery by SMTP over
068aaea8 655TCP/IP to another host. As far as Exim is concerned, all hosts other than the
9b371988 656host it is running on are &'remote'&.
168e428f 657
9b371988
PH
658.cindex "return path" "definition of"
659&'Return path'& is another name that is used for the sender address in a
168e428f
PH
660message's envelope.
661
9b371988
PH
662.cindex "queue" "definition of"
663The term &'queue'& is used to refer to the set of messages awaiting delivery,
168e428f
PH
664because this term is in widespread use in the context of MTAs. However, in
665Exim's case the reality is more like a pool than a queue, because there is
666normally no ordering of waiting messages.
667
9b371988
PH
668.cindex "queue runner" "definition of"
669The term &'queue runner'& is used to describe a process that scans the queue
168e428f 670and attempts to deliver those messages whose retry times have come. This term
9b371988 671is used by other MTAs, and also relates to the command &%runq%&, but in Exim
168e428f
PH
672the waiting messages are normally processed in an unpredictable order.
673
9b371988
PH
674.cindex "spool directory" "definition of"
675The term &'spool directory'& is used for a directory in which Exim keeps the
676messages on its queue &-- that is, those that it is in the process of
168e428f 677delivering. This should not be confused with the directory in which local
9b371988
PH
678mailboxes are stored, which is called a &"spool directory"& by some people. In
679the Exim documentation, &"spool"& is always used in the first sense.
168e428f
PH
680
681
682
683
684
685
9b371988
PH
686. ////////////////////////////////////////////////////////////////////////////
687. ////////////////////////////////////////////////////////////////////////////
168e428f 688
9b371988
PH
689.chapter "Incorporated code"
690.cindex "incorporated code"
691.cindex "regular expressions" "library"
692.cindex "PCRE"
168e428f
PH
693A number of pieces of external code are included in the Exim distribution.
694
9b371988
PH
695.ilist
696Regular expressions are supported in the main Exim program and in the Exim
697monitor using the freely-distributable PCRE library, copyright &copy;
698University of Cambridge. The source is distributed in the directory
699&_src/pcre_&. However, this is a cut-down version of PCRE. If you want to use
700the PCRE library in other programs, you should obtain and install the full
4f578862 701version from &url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre).
9b371988
PH
702.next
703.cindex "cdb" "acknowledgement"
168e428f
PH
704Support for the cdb (Constant DataBase) lookup method is provided by code
705contributed by Nigel Metheringham of (at the time he contributed it) Planet
9b371988
PH
706Online Ltd. The implementation is completely contained within the code of Exim.
707It does not link against an external cdb library. The code contains the
708following statements:
709
710.blockquote
711Copyright &copy; 1998 Nigel Metheringham, Planet Online Ltd
712
168e428f
PH
713This program is free software; you can redistribute it and/or modify it under
714the terms of the GNU General Public License as published by the Free Software
715Foundation; either version 2 of the License, or (at your option) any later
716version.
9b371988 717
168e428f
PH
718This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
719the spec and sample code for cdb can be obtained from
9b371988
PH
720&url(http://www.pobox.com/~djb/cdb.html). This implementation borrows some
721code from Dan Bernstein's implementation (which has no license restrictions
722applied to it).
723.endblockquote
724.next
725.cindex "SPA authentication"
726.cindex "Samba project"
727.cindex "Microsoft Secure Password Authentication"
728Client support for Microsoft's &'Secure Password Authentication'& is provided
168e428f
PH
729by code contributed by Marc Prud'hommeaux. Server support was contributed by
730Tom Kistner. This includes code taken from the Samba project, which is released
731under the Gnu GPL.
9b371988
PH
732.next
733.cindex "Cyrus"
734.cindex "&'pwcheck'& daemon"
735.cindex "&'pwauthd'& daemon"
736Support for calling the Cyrus &'pwcheck'& and &'saslauthd'& daemons is provided
168e428f
PH
737by code taken from the Cyrus-SASL library and adapted by Alexander S.
738Sabourenkov. The permission notice appears below, in accordance with the
739conditions expressed therein.
9b371988
PH
740
741.blockquote
742Copyright &copy; 2001 Carnegie Mellon University. All rights reserved.
743
168e428f
PH
744Redistribution and use in source and binary forms, with or without
745modification, are permitted provided that the following conditions
746are met:
168e428f 747
9b371988
PH
748.olist
749Redistributions of source code must retain the above copyright
750notice, this list of conditions and the following disclaimer.
751.next
752Redistributions in binary form must reproduce the above copyright
168e428f
PH
753notice, this list of conditions and the following disclaimer in
754the documentation and/or other materials provided with the
755distribution.
9b371988
PH
756.next
757The name &"Carnegie Mellon University"& must not be used to
168e428f
PH
758endorse or promote products derived from this software without
759prior written permission. For permission or any other legal
760details, please contact
9b371988 761.display
068aaea8
PH
762 Office of Technology Transfer
763 Carnegie Mellon University
764 5000 Forbes Avenue
765 Pittsburgh, PA 15213-3890
766 (412) 268-4387, fax: (412) 268-7395
767 tech-transfer@andrew.cmu.edu
9b371988
PH
768.endd
769.next
770Redistributions of any form whatsoever must retain the following
168e428f 771acknowledgment:
9b371988
PH
772
773&"This product includes software developed by Computing Services
774at Carnegie Mellon University (&url(http://www.cmu.edu/computing/)."&
775
168e428f
PH
776CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
777THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
778AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
779FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
780WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
781AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
782OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9b371988
PH
783.endlist
784.endblockquote
168e428f 785
9b371988
PH
786.next
787.cindex "Exim monitor" "acknowledgement"
788.cindex "X-windows"
789.cindex "Athena"
168e428f
PH
790The Exim Monitor program, which is an X-Window application, includes
791modified versions of the Athena StripChart and TextPop widgets.
792This code is copyright by DEC and MIT, and their permission notice appears
793below, in accordance with the conditions expressed therein.
9b371988
PH
794
795.blockquote
168e428f
PH
796Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
797and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
9b371988 798
168e428f 799All Rights Reserved
9b371988 800
168e428f
PH
801Permission to use, copy, modify, and distribute this software and its
802documentation for any purpose and without fee is hereby granted,
803provided that the above copyright notice appear in all copies and that
804both that copyright notice and this permission notice appear in
805supporting documentation, and that the names of Digital or MIT not be
806used in advertising or publicity pertaining to distribution of the
807software without specific, written prior permission.
9b371988 808
168e428f
PH
809DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
810ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
811DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
812ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
813WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
814ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
815SOFTWARE.
9b371988 816.endblockquote
168e428f 817
9b371988
PH
818.next
819Many people have contributed code fragments, some large, some small, that were
168e428f
PH
820not covered by any specific licence requirements. It is assumed that the
821contributors are happy to see their code incoporated into Exim under the GPL.
9b371988 822.endlist
168e428f
PH
823
824
825
826
827
9b371988
PH
828. ////////////////////////////////////////////////////////////////////////////
829. ////////////////////////////////////////////////////////////////////////////
168e428f 830
9b371988
PH
831.chapter "How Exim receives and delivers mail" "" &&&
832 "Receiving and delivering mail"
168e428f
PH
833
834
9b371988
PH
835.section "Overall philosophy"
836.cindex "design philosophy"
168e428f
PH
837Exim is designed to work efficiently on systems that are permanently connected
838to the Internet and are handling a general mix of mail. In such circumstances,
839most messages can be delivered immediately. Consequently, Exim does not
840maintain independent queues of messages for specific domains or hosts, though
841it does try to send several messages in a single SMTP connection after a host
842has been down, and it also maintains per-host retry information.
843
844
9b371988
PH
845.section "Policy control"
846.cindex "policy control" "overview"
168e428f
PH
847Policy controls are now an important feature of MTAs that are connected to the
848Internet. Perhaps their most important job is to stop MTAs being abused as
9b371988
PH
849&"open relays"& by misguided individuals who send out vast amounts of
850unsolicited junk, and want to disguise its source. Exim provides flexible
851facilities for specifying policy controls on incoming mail:
168e428f 852
9b371988
PH
853.ilist
854.cindex "&ACL;" "introduction"
168e428f 855Exim 4 (unlike previous versions of Exim) implements policy controls on
9b371988 856incoming mail by means of &'Access Control Lists'& (ACLs). Each list is a
168e428f
PH
857series of statements that may either grant or deny access. ACLs can be used at
858several places in the SMTP dialogue while receiving a message from a remote
9b371988
PH
859host. However, the most common places are after each RCPT command, and at the
860very end of the message. The sysadmin can specify conditions for accepting or
861rejecting individual recipients or the entire message, respectively, at these
862two points (see chapter &<<CHAPACL>>&). Denial of access results in an SMTP
168e428f 863error code.
9b371988
PH
864.next
865An ACL is also available for locally generated, non-SMTP messages. In this
168e428f 866case, the only available actions are to accept or deny the entire message.
9b371988
PH
867.next
868When Exim is compiled with the content-scanning extension, facilities are
168e428f
PH
869provided in the ACL mechanism for passing the message to external virus and/or
870spam scanning software. The result of such a scan is passed back to the ACL,
871which can then use it to decide what to do with the message.
9b371988
PH
872.next
873When a message has been received, either from a remote host or from the local
168e428f 874host, but before the final acknowledgement has been sent, a locally supplied C
9b371988
PH
875function called &[local_scan()]& can be run to inspect the message and decide
876whether to accept it or not (see chapter &<<CHAPlocalscan>>&). If the message
877is accepted, the list of recipients can be modified by the function.
878.next
879Using the &[local_scan()]& mechanism is another way of calling external scanner
880software. The &%SA-Exim%& add-on package works this way. It does not require
881Exim to be compiled with the content-scanning extension.
882.next
883After a message has been accepted, a further checking mechanism is available in
884the form of the &'system filter'& (see chapter &<<CHAPsystemfilter>>&). This
885runs at the start of every delivery process.
886.endlist
887
888
889
890.section "User filters"
891.cindex "filter" "introduction"
892.cindex "Sieve filter"
168e428f 893In a conventional Exim configuration, users are able to run private filters by
9b371988
PH
894setting up appropriate &_.forward_& files in their home directories. See
895chapter &<<CHAPredirect>>& (about the &(redirect)& router) for the
896configuration needed to support this, and the separate document entitled
897&'Exim's interfaces to mail filtering'& for user details. Two different kinds
898of filtering are available:
899
900.ilist
901Sieve filters are written in the standard filtering language that is defined
168e428f 902by RFC 3028.
9b371988
PH
903.next
904Exim filters are written in a syntax that is unique to Exim, but which is more
168e428f 905powerful than Sieve, which it pre-dates.
9b371988 906.endlist
168e428f
PH
907
908User filters are run as part of the routing process, described below.
909
910
911
9b371988
PH
912.section "Message identification" "SECTmessiden"
913.cindex "message ids" "details of format"
914.cindex "format" "of message id"
915.cindex "id of message"
916.cindex "base62"
917.cindex "base36"
918.cindex "Darwin"
919.cindex "Cygwin"
920Every message handled by Exim is given a &'message id'& which is sixteen
168e428f 921characters long. It is divided into three parts, separated by hyphens, for
9b371988 922example &`16VDhn-0001bo-D3`&. Each part is a sequence of letters and digits,
168e428f
PH
923normally encoding numbers in base 62. However, in the Darwin operating
924system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
925(avoiding the use of lower case letters) is used instead, because the message
926id is used to construct file names, and the names of files in those systems are
068aaea8 927not always case-sensitive.
168e428f 928
9b371988 929.cindex "pid (process id)" "re-use of"
168e428f
PH
930The detail of the contents of the message id have changed as Exim has evolved.
931Earlier versions relied on the operating system not re-using a process id (pid)
932within one second. On modern operating systems, this assumption can no longer
933be made, so the algorithm had to be changed. To retain backward compatibility,
934the format of the message id was retained, which is why the following rules are
935somewhat eccentric:
936
9b371988
PH
937.ilist
938The first six characters of the message id are the time at which the message
168e428f
PH
939started to be received, to a granularity of one second. That is, this field
940contains the number of seconds since the start of the epoch (the normal Unix
941way of representing the date and time of day).
9b371988
PH
942.next
943After the first hyphen, the next six characters are the id of the process that
168e428f 944received the message.
9b371988
PH
945.next
946There are two different possibilities for the final two characters:
947.olist
948.cindex "&%localhost_number%&"
949If &%localhost_number%& is not set, this value is the fractional part of the
168e428f
PH
950time of reception, normally in units of 1/2000 of a second, but for systems
951that must use base 36 instead of base 62 (because of case-insensitive file
952systems), the units are 1/1000 of a second.
9b371988
PH
953.next
954If &%localhost_number%& is set, it is multiplied by 200 (100) and added to
168e428f
PH
955the fractional part of the time, which in this case is in units of 1/200
956(1/100) of a second.
9b371988
PH
957.endlist
958.endlist
168e428f
PH
959
960After a message has been received, Exim waits for the clock to tick at the
961appropriate resolution before proceeding, so that if another message is
962received by the same process, or by another process with the same (re-used)
963pid, it is guaranteed that the time will be different. In most cases, the clock
964will already have ticked while the message was being received.
965
966
9b371988
PH
967.section "Receiving mail"
968.cindex "receiving mail"
969.cindex "message" "reception"
068aaea8
PH
970The only way Exim can receive mail from another host is using SMTP over
971TCP/IP, in which case the sender and recipient addresses are transferred using
168e428f
PH
972SMTP commands. However, from a locally running process (such as a user's MUA),
973there are several possibilities:
974
9b371988
PH
975.ilist
976If the process runs Exim with the &%-bm%& option, the message is read
168e428f 977non-interactively (usually via a pipe), with the recipients taken from the
9b371988
PH
978command line, or from the body of the message if &%-t%& is also used.
979.next
980If the process runs Exim with the &%-bS%& option, the message is also read
168e428f
PH
981non-interactively, but in this case the recipients are listed at the start of
982the message in a series of SMTP RCPT commands, terminated by a DATA
9b371988 983command. This is so-called &"batch SMTP"& format,
168e428f
PH
984but it isn't really SMTP. The SMTP commands are just another way of passing
985envelope addresses in a non-interactive submission.
9b371988
PH
986.next
987If the process runs Exim with the &%-bs%& option, the message is read
168e428f
PH
988interactively, using the SMTP protocol. A two-way pipe is normally used for
989passing data between the local process and the Exim process.
9b371988 990This is &"real"& SMTP and is handled in the same way as SMTP over TCP/IP. For
168e428f 991example, the ACLs for SMTP commands are used for this form of submission.
9b371988
PH
992.next
993A local process may also make a TCP/IP call to the host's loopback address
168e428f
PH
994(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
995does not treat the loopback address specially. It treats all such connections
996in the same way as connections from other hosts.
9b371988 997.endlist
168e428f
PH
998
999
9b371988
PH
1000.cindex "message sender" "constructed by Exim"
1001.cindex "sender" "constructed by Exim"
168e428f
PH
1002In the three cases that do not involve TCP/IP, the sender address is
1003constructed from the login name of the user that called Exim and a default
9b371988 1004qualification domain (which can be set by the &%qualify_domain%& configuration
168e428f
PH
1005option). For local or batch SMTP, a sender address that is passed using the
1006SMTP MAIL command is ignored. However, the system administrator may allow
9b371988 1007certain users (&"trusted users"&) to specify a different sender address
168e428f 1008unconditionally, or all users to specify certain forms of different sender
9b371988
PH
1009address. The &%-f%& option or the SMTP MAIL command is used to specify these
1010different addresses. See section &<<SECTtrustedadmin>>& for details of trusted
1011users, and the &%untrusted_set_sender%& option for a way of allowing untrusted
168e428f
PH
1012users to change sender addresses.
1013
1014Messages received by either of the non-interactive mechanisms are subject to
1015checking by the non-SMTP ACL, if one is defined. Messages received using SMTP
1016(either over TCP/IP, or interacting with a local process) can be checked by a
1017number of ACLs that operate at different times during the SMTP session. Either
1018individual recipients, or the entire message, can be rejected if local policy
9b371988
PH
1019requirements are not met. The &[local_scan()]& function (see chapter
1020&<<CHAPlocalscan>>&) is run for all incoming messages.
168e428f
PH
1021
1022Exim can be configured not to start a delivery process when a message is
1023received; this can be unconditional, or depend on the number of incoming SMTP
1024connections or the system load. In these situations, new messages wait on the
1025queue until a queue runner process picks them up. However, in standard
1026configurations under normal conditions, delivery is started as soon as a
1027message is received.
1028
1029
1030
1031
1032
9b371988
PH
1033.section "Handling an incoming message"
1034.cindex "spool directory" "files that hold a message"
1035.cindex "file" "how a message is held"
168e428f
PH
1036When Exim accepts a message, it writes two files in its spool directory. The
1037first contains the envelope information, the current status of the message, and
1038the header lines, and the second contains the body of the message. The names of
9b371988
PH
1039the two spool files consist of the message id, followed by &`-H`& for the
1040file containing the envelope and header, and &`-D`& for the data file.
168e428f 1041
9b371988 1042.cindex "spool directory" "&_input_& sub-directory"
168e428f 1043By default all these message files are held in a single directory called
9b371988 1044&_input_& inside the general Exim spool directory. Some operating systems do
c0712871 1045not perform very well if the number of files in a directory gets large; to
9b371988 1046improve performance in such cases, the &%split_spool_directory%& option can be
168e428f 1047used. This causes Exim to split up the input files into 62 sub-directories
db9452a9 1048whose names are single letters or digits. When this is done, the queue is
c0712871
PH
1049processed one sub-directory at a time instead of all at once, which can improve
1050overall performance even when there are not enough files in each directory to
db9452a9 1051affect file system performance.
168e428f
PH
1052
1053The envelope information consists of the address of the message's sender and
1054the addresses of the recipients. This information is entirely separate from
1055any addresses contained in the header lines. The status of the message includes
1056a list of recipients who have already received the message. The format of the
9b371988 1057first spool file is described in chapter &<<CHAPspool>>&.
168e428f 1058
9b371988 1059.cindex "rewriting" "addresses"
168e428f 1060Address rewriting that is specified in the rewrite section of the configuration
9b371988 1061(see chapter &<<CHAPrewrite>>&) is done once and for all on incoming addresses,
168e428f
PH
1062both in the header lines and the envelope, at the time the message is accepted.
1063If during the course of delivery additional addresses are generated (for
1064example, via aliasing), these new addresses are rewritten as soon as they are
1065generated. At the time a message is actually delivered (transported) further
1066rewriting can take place; because this is a transport option, it can be
1067different for different forms of delivery. It is also possible to specify the
1068addition or removal of certain header lines at the time the message is
9b371988
PH
1069delivered (see chapters &<<CHAProutergeneric>>& and
1070&<<CHAPtransportgeneric>>&).
168e428f
PH
1071
1072
1073
9b371988
PH
1074.section "Life of a message"
1075.cindex "message" "life of"
1076.cindex "message" "frozen"
168e428f
PH
1077A message remains in the spool directory until it is completely delivered to
1078its recipients or to an error address, or until it is deleted by an
1079administrator or by the user who originally created it. In cases when delivery
9b371988
PH
1080cannot proceed &-- for example, when a message can neither be delivered to its
1081recipients nor returned to its sender, the message is marked &"frozen"& on the
168e428f
PH
1082spool, and no more deliveries are attempted.
1083
9b371988
PH
1084.cindex "frozen messages" "thawing"
1085.cindex "message" "thawing frozen"
1086An administrator can &"thaw"& such messages when the problem has been
1087corrected, and can also freeze individual messages by hand if necessary. In
1088addition, an administrator can force a delivery error, causing a bounce message
1089to be sent.
1090
9b371988
PH
1091.cindex "&%timeout_frozen_after%&"
1092.cindex "&%ignore_bounce_errors_after%&"
1093There are options called &%ignore_bounce_errors_after%& and
1094&%timeout_frozen_after%&, which discard frozen messages after a certain time.
068aaea8 1095The first applies only to frozen bounces, the second to any frozen messages.
168e428f 1096
9b371988
PH
1097.cindex "message" "log file for"
1098.cindex "log" "file for each message"
168e428f 1099While Exim is working on a message, it writes information about each delivery
068aaea8 1100attempt to its main log file. This includes successful, unsuccessful, and
9b371988
PH
1101delayed deliveries for each recipient (see chapter &<<CHAPlog>>&). The log
1102lines are also written to a separate &'message log'& file for each message.
1103These logs are solely for the benefit of the administrator, and are normally
1104deleted along with the spool files when processing of a message is complete.
168e428f 1105The use of individual message logs can be disabled by setting
9b371988
PH
1106&%no_message_logs%&; this might give an improvement in performance on very busy
1107systems.
168e428f 1108
9b371988
PH
1109.cindex "journal file"
1110.cindex "file" "journal"
168e428f
PH
1111All the information Exim itself needs to set up a delivery is kept in the first
1112spool file, along with the header lines. When a successful delivery occurs, the
1113address is immediately written at the end of a journal file, whose name is the
9b371988
PH
1114message id followed by &`-J`&. At the end of a delivery run, if there are some
1115addresses left to be tried again later, the first spool file (the &`-H`& file)
168e428f
PH
1116is updated to indicate which these are, and the journal file is then deleted.
1117Updating the spool file is done by writing a new file and renaming it, to
1118minimize the possibility of data loss.
1119
1120Should the system or the program crash after a successful delivery but before
1121the spool file has been updated, the journal is left lying around. The next
1122time Exim attempts to deliver the message, it reads the journal file and
1123updates the spool file before proceeding. This minimizes the chances of double
1124deliveries caused by crashes.
1125
1126
1127
9b371988
PH
1128.section "Processing an address for delivery" "SECTprocaddress"
1129.cindex "drivers" "definition of"
1130.cindex "router" "definition of"
1131.cindex "transport" "definition of"
1132The main delivery processing elements of Exim are called &'routers'& and
1133&'transports'&, and collectively these are known as &'drivers'&. Code for a
168e428f
PH
1134number of them is provided in the source distribution, and compile-time options
1135specify which ones are included in the binary. Run time options specify which
1136ones are actually used for delivering messages.
1137
9b371988
PH
1138.cindex "drivers" "instance definition"
1139Each driver that is specified in the run time configuration is an &'instance'&
168e428f 1140of that particular driver type. Multiple instances are allowed; for example,
9b371988 1141you can set up several different &(smtp)& transports, each with different
168e428f
PH
1142option values that might specify different ports or different timeouts. Each
1143instance has its own identifying name. In what follows we will normally use the
1144instance name when discussing one particular instance (that is, one specific
1145configuration of the driver), and the generic driver name when discussing
1146the driver's features in general.
1147
9b371988 1148A &'router'& is a driver that operates on an address, either determining how
068aaea8 1149its delivery should happen, by assigning it to a specific transport, or
168e428f
PH
1150converting the address into one or more new addresses (for example, via an
1151alias file). A router may also explicitly choose to fail an address, causing it
1152to be bounced.
1153
9b371988
PH
1154A &'transport'& is a driver that transmits a copy of the message from Exim's
1155spool to some destination. There are two kinds of transport: for a &'local'&
168e428f 1156transport, the destination is a file or a pipe on the local host, whereas for a
9b371988 1157&'remote'& transport the destination is some other host. A message is passed
168e428f
PH
1158to a specific transport as a result of successful routing. If a message has
1159several recipients, it may be passed to a number of different transports.
1160
9b371988 1161.cindex "preconditions" "definition of"
168e428f
PH
1162An address is processed by passing it to each configured router instance in
1163turn, subject to certain preconditions, until a router accepts the address or
1164specifies that it should be bounced. We will describe this process in more
068aaea8
PH
1165detail shortly. First, as a simple example, we consider how each recipient
1166address in a message is processed in a small configuration of three routers.
168e428f 1167
068aaea8 1168To make this a more concrete example, it is described in terms of some actual
168e428f
PH
1169routers, but remember, this is only an example. You can configure Exim's
1170routers in many different ways, and there may be any number of routers in a
1171configuration.
1172
1173The first router that is specified in a configuration is often one that handles
1174addresses in domains that are not recognized specially by the local host. These
1175are typically addresses for arbitrary domains on the Internet. A precondition
1176is set up which looks for the special domains known to the host (for example,
9b371988 1177its own domain name), and the router is run for addresses that do &'not'&
168e428f
PH
1178match. Typically, this is a router that looks up domains in the DNS in order to
1179find the hosts to which this address routes. If it succeeds, the address is
068aaea8 1180assigned to a suitable SMTP transport; if it does not succeed, the router is
168e428f
PH
1181configured to fail the address.
1182
068aaea8 1183The second router is reached only when the domain is recognized as one that
9b371988 1184&"belongs"& to the local host. This router does redirection &-- also known as
068aaea8
PH
1185aliasing and forwarding. When it generates one or more new addresses from the
1186original, each of them is routed independently from the start. Otherwise, the
1187router may cause an address to fail, or it may simply decline to handle the
1188address, in which case the address is passed to the next router.
168e428f
PH
1189
1190The final router in many configurations is one that checks to see if the
1191address belongs to a local mailbox. The precondition may involve a check to
1192see if the local part is the name of a login account, or it may look up the
1193local part in a file or a database. If its preconditions are not met, or if
1194the router declines, we have reached the end of the routers. When this happens,
1195the address is bounced.
1196
1197
1198
9b371988
PH
1199.section "Processing an address for verification"
1200.cindex "router" "for verification"
1201.cindex "verifying address" "overview"
168e428f 1202As well as being used to decide how to deliver to an address, Exim's routers
9b371988 1203are also used for &'address verification'&. Verification can be requested as
168e428f 1204one of the checks to be performed in an ACL for incoming messages, on both
9b371988
PH
1205sender and recipient addresses, and it can be tested using the &%-bv%& and
1206&%-bvs%& command line options.
168e428f 1207
9b371988 1208When an address is being verified, the routers are run in &"verify mode"&. This
168e428f
PH
1209does not affect the way the routers work, but it is a state that can be
1210detected. By this means, a router can be skipped or made to behave differently
1211when verifying. A common example is a configuration in which the first router
1212sends all messages to a message-scanning program, unless they have been
1213previously scanned. Thus, the first router accepts all addresses without any
9b371988 1214checking, making it useless for verifying. Normally, the &%no_verify%& option
168e428f
PH
1215would be set for such a router, causing it to be skipped in verify mode.
1216
1217
1218
1219
9b371988
PH
1220.section "Running an individual router" "SECTrunindrou"
1221.cindex "router" "running details"
1222.cindex "preconditions" "checking"
1223.cindex "router" "result of running"
168e428f
PH
1224As explained in the example above, a number of preconditions are checked before
1225running a router. If any are not met, the router is skipped, and the address is
9b371988 1226passed to the next router. When all the preconditions on a router &'are'& met,
168e428f
PH
1227the router is run. What happens next depends on the outcome, which is one of
1228the following:
1229
9b371988
PH
1230.ilist
1231&'accept'&: The router accepts the address, and either assigns it to a
1232transport, or generates one or more &"child"& addresses. Processing the
1233original address ceases,
1234.cindex "&%unseen%& option"
1235unless the &%unseen%& option is set on the router. This option
168e428f 1236can be used to set up multiple deliveries with different routing (for example,
9b371988
PH
1237for keeping archive copies of messages). When &%unseen%& is set, the address is
1238passed to the next router. Normally, however, an &'accept'& return marks the
168e428f 1239end of routing.
9b371988 1240
068aaea8
PH
1241Any child addresses generated by the router are processed independently,
1242starting with the first router by default. It is possible to change this by
9b371988
PH
1243setting the &%redirect_router%& option to specify which router to start at for
1244child addresses. Unlike &%pass_router%& (see below) the router specified by
1245&%redirect_router%& may be anywhere in the router configuration.
1246.next
1247&'pass'&: The router recognizes the address, but cannot handle it itself. It
168e428f
PH
1248requests that the address be passed to another router. By default the address
1249is passed to the next router, but this can be changed by setting the
9b371988 1250&%pass_router%& option. However, (unlike &%redirect_router%&) the named router
168e428f 1251must be below the current router (to avoid loops).
9b371988
PH
1252.next
1253&'decline'&: The router declines to accept the address because it does not
168e428f 1254recognize it at all. By default, the address is passed to the next router, but
9b371988
PH
1255this can be prevented by setting the &%no_more%& option. When &%no_more%& is
1256set, all the remaining routers are skipped. In effect, &%no_more%& converts
1257&'decline'& into &'fail'&.
1258.next
1259&'fail'&: The router determines that the address should fail, and queues it for
168e428f 1260the generation of a bounce message. There is no further processing of the
9b371988
PH
1261original address unless &%unseen%& is set on the router.
1262.next
1263&'defer'&: The router cannot handle the address at the present time. (A
068aaea8
PH
1264database may be offline, or a DNS lookup may have timed out.) No further
1265processing of the address happens in this delivery attempt. It is tried again
1266next time the message is considered for delivery.
9b371988
PH
1267.next
1268&'error'&: There is some error in the router (for example, a syntax error in
168e428f 1269its configuration). The action is as for defer.
9b371988 1270.endlist
168e428f
PH
1271
1272If an address reaches the end of the routers without having been accepted by
068aaea8 1273any of them, it is bounced as unrouteable. The default error message in this
9b371988
PH
1274situation is &"unrouteable address"&, but you can set your own message by
1275making use of the &%cannot_route_message%& option. This can be set for any
1276router; the value from the last router that &"saw"& the address is used.
168e428f
PH
1277
1278Sometimes while routing you want to fail a delivery when some conditions are
1279met but others are not, instead of passing the address on for further routing.
1280You can do this by having a second router that explicitly fails the delivery
9b371988 1281when the relevant conditions are met. The &(redirect)& router has a &"fail"&
168e428f
PH
1282facility for this purpose.
1283
1284
9b371988 1285.section "Duplicate addresses"
9b371988
PH
1286.cindex "case of local parts"
1287.cindex "address duplicate" "discarding"
db9452a9 1288.cindex "duplicate addresses"
068aaea8
PH
1289Once routing is complete, Exim scans the addresses that are assigned to local
1290and remote transports, and discards any duplicates that it finds. During this
db9452a9
PH
1291check, local parts are treated as case-sensitive. &new("This happens only when
1292actually delivering a message; when testing routers with &%-bt%&, all the
1293routed addresses are shown.")
1294
068aaea8 1295
168e428f 1296
9b371988
PH
1297.section "Router preconditions" "SECTrouprecon"
1298.cindex "router preconditions" "order of processing"
1299.cindex "preconditions" "order of processing"
168e428f
PH
1300The preconditions that are tested for each router are listed below, in the
1301order in which they are tested. The individual configuration options are
9b371988 1302described in more detail in chapter &<<CHAProutergeneric>>&.
168e428f 1303
9b371988
PH
1304.ilist
1305The &%local_part_prefix%& and &%local_part_suffix%& options can specify that
168e428f
PH
1306the local parts handled by the router may or must have certain prefixes and/or
1307suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
1308skipped. These conditions are tested first. When an affix is present, it is
1309removed from the local part before further processing, including the evaluation
1310of any other conditions.
9b371988
PH
1311.next
1312Routers can be designated for use only when not verifying an address, that is,
168e428f 1313only when routing it for delivery (or testing its delivery routing). If the
9b371988 1314&%verify%& option is set false, the router is skipped when Exim is verifying an
168e428f 1315address.
9b371988
PH
1316Setting the &%verify%& option actually sets two options, &%verify_sender%& and
1317&%verify_recipient%&, which independently control the use of the router for
168e428f
PH
1318sender and recipient verification. You can set these options directly if
1319you want a router to be used for only one type of verification.
9b371988
PH
1320.next
1321If the &%address_test%& option is set false, the router is skipped when Exim is
1322run with the &%-bt%& option to test an address routing. This can be helpful
1323when the first router sends all new messages to a scanner of some sort; it
1324makes it possible to use &%-bt%& to test subsequent delivery routing without
1325having to simulate the effect of the scanner.
1326.next
1327Routers can be designated for use only when verifying an address, as
1328opposed to routing it for delivery. The &%verify_only%& option controls this.
1329.next
1330Individual routers can be explicitly skipped when running the routers to
1331check an address given in the SMTP EXPN command (see the &%expn%& option).
1332.next
1333If the &%domains%& option is set, the domain of the address must be in the set
068aaea8 1334of domains that it defines.
9b371988
PH
1335.next
1336.cindex "&$local_part_prefix$&"
1337.cindex "&$local_part$&"
1338.cindex "&$local_part_suffix$&"
1339If the &%local_parts%& option is set, the local part of the address must be in
1340the set of local parts that it defines. If &%local_part_prefix%& or
1341&%local_part_suffix%& is in use, the prefix or suffix is removed from the local
168e428f 1342part before this check. If you want to do precondition tests on local parts
9b371988
PH
1343that include affixes, you can do so by using a &%condition%& option (see below)
1344that uses the variables &$local_part$&, &$local_part_prefix$&, and
1345&$local_part_suffix$& as necessary.
1346.next
1347.cindex "&$local_user_uid$&"
1348.cindex "&$local_user_gid$&"
1349.cindex "&$home$&"
1350If the &%check_local_user%& option is set, the local part must be the name of
068aaea8 1351an account on the local host. If this check succeeds, the uid and gid of the
9b371988
PH
1352local user are placed in &$local_user_uid$& and &$local_user_gid$& and the
1353user's home directory is placed in &$home$&; these values can be used in the
1354remaining preconditions.
1355.next
1356If the &%router_home_directory%& option is set, it is expanded at this point,
1357because it overrides the value of &$home$&. If this expansion were left till
1358later, the value of &$home$& as set by &%check_local_user%& would be used in
1359subsequent tests. Having two different values of &$home$& in the same router
168e428f 1360could lead to confusion.
9b371988
PH
1361.next
1362If the &%senders%& option is set, the envelope sender address must be in the
1363set of addresses that it defines.
1364.next
1365If the &%require_files%& option is set, the existence or non-existence of
168e428f 1366specified files is tested.
9b371988
PH
1367.next
1368.cindex "customizing" "precondition"
1369If the &%condition%& option is set, it is evaluated and tested. This option
1370uses an expanded string to allow you to set up your own custom preconditions.
1371Expanded strings are described in chapter &<<CHAPexpand>>&.
1372.endlist
168e428f 1373
168e428f 1374
9b371988
PH
1375Note that &%require_files%& comes near the end of the list, so you cannot use
1376it to check for the existence of a file in which to lookup up a domain, local
168e428f 1377part, or sender. However, as these options are all expanded, you can use the
9b371988
PH
1378&%exists%& expansion condition to make such tests within each condition. The
1379&%require_files%& option is intended for checking files that the router may be
168e428f 1380going to use internally, or which are needed by a specific transport (for
9b371988 1381example, &_.procmailrc_&).
168e428f
PH
1382
1383
1384
9b371988
PH
1385.section "Delivery in detail"
1386.cindex "delivery" "in detail"
168e428f
PH
1387When a message is to be delivered, the sequence of events is as follows:
1388
9b371988
PH
1389.ilist
1390If a system-wide filter file is specified, the message is passed to it. The
168e428f
PH
1391filter may add recipients to the message, replace the recipients, discard the
1392message, cause a new message to be generated, or cause the message delivery to
1393fail. The format of the system filter file is the same as for Exim user filter
9b371988
PH
1394files, described in the separate document entitled &'Exim's interfaces to mail
1395filtering'&.
1396.cindex "Sieve filter" "not available for system filter"
1397(&*Note*&: Sieve cannot be used for system filter files.)
1398
1399Some additional features are available in system filters &-- see chapter
1400&<<CHAPsystemfilter>>& for details. Note that a message is passed to the system
168e428f
PH
1401filter only once per delivery attempt, however many recipients it has. However,
1402if there are several delivery attempts because one or more addresses could not
1403be immediately delivered, the system filter is run each time. The filter
9b371988 1404condition &%first_delivery%& can be used to detect the first run of the system
168e428f 1405filter.
9b371988
PH
1406.next
1407Each recipient address is offered to each configured router in turn, subject to
1408its preconditions, until one is able to handle it. If no router can handle the
1409address, that is, if they all decline, the address is failed. Because routers
1410can be targeted at particular domains, several locally handled domains can be
1411processed entirely independently of each other.
1412.next
1413.cindex "routing" "loops in"
1414.cindex "loop" "while routing"
1415A router that accepts an address may assign it to a local or a remote
1416transport. However, the transport is not run at this time. Instead, the address
1417is placed on a list for the particular transport, which will be run later.
068aaea8
PH
1418Alternatively, the router may generate one or more new addresses (typically
1419from alias, forward, or filter files). New addresses are fed back into this
1420process from the top, but in order to avoid loops, a router ignores any address
1421which has an identically-named ancestor that was processed by itself.
9b371988
PH
1422.next
1423When all the routing has been done, addresses that have been successfully
168e428f
PH
1424handled are passed to their assigned transports. When local transports are
1425doing real local deliveries, they handle only one address at a time, but if a
1426local transport is being used as a pseudo-remote transport (for example, to
1427collect batched SMTP messages for transmission by some other means) multiple
1428addresses can be handled. Remote transports can always handle more than one
1429address at a time, but can be configured not to do so, or to restrict multiple
1430addresses to the same domain.
9b371988
PH
1431.next
1432Each local delivery to a file or a pipe runs in a separate process under a
168e428f
PH
1433non-privileged uid, and these deliveries are run one at a time. Remote
1434deliveries also run in separate processes, normally under a uid that is private
9b371988 1435to Exim (&"the Exim user"&), but in this case, several remote deliveries can be
168e428f 1436run in parallel. The maximum number of simultaneous remote deliveries for any
9b371988 1437one message is set by the &%remote_max_parallel%& option.
168e428f
PH
1438The order in which deliveries are done is not defined, except that all local
1439deliveries happen before any remote deliveries.
9b371988
PH
1440.next
1441.cindex "queue runner"
168e428f
PH
1442When it encounters a local delivery during a queue run, Exim checks its retry
1443database to see if there has been a previous temporary delivery failure for the
1444address before running the local transport. If there was a previous failure,
1445Exim does not attempt a new delivery until the retry time for the address is
1446reached. However, this happens only for delivery attempts that are part of a
1447queue run. Local deliveries are always attempted when delivery immediately
1448follows message reception, even if retry times are set for them. This makes for
1449better behaviour if one particular message is causing problems (for example,
1450causing quota overflow, or provoking an error in a filter file).
9b371988
PH
1451.next
1452.cindex "delivery" "retry in remote transports"
168e428f
PH
1453Remote transports do their own retry handling, since an address may be
1454deliverable to one of a number of hosts, each of which may have a different
1455retry time. If there have been previous temporary failures and no host has
1456reached its retry time, no delivery is attempted, whether in a queue run or
9b371988
PH
1457not. See chapter &<<CHAPretry>>& for details of retry strategies.
1458.next
1459If there were any permanent errors, a bounce message is returned to an
168e428f
PH
1460appropriate address (the sender in the common case), with details of the error
1461for each failing address. Exim can be configured to send copies of bounce
1462messages to other addresses.
9b371988
PH
1463.next
1464.cindex "delivery" "deferral"
168e428f
PH
1465If one or more addresses suffered a temporary failure, the message is left on
1466the queue, to be tried again later. Delivery of these addresses is said to be
9b371988
PH
1467&'deferred'&.
1468.next
1469When all the recipient addresses have either been delivered or bounced,
168e428f
PH
1470handling of the message is complete. The spool files and message log are
1471deleted, though the message log can optionally be preserved if required.
9b371988 1472.endlist
168e428f
PH
1473
1474
1475
1476
9b371988
PH
1477.section "Retry mechanism"
1478.cindex "delivery" "retry mechanism"
1479.cindex "retry" "description of mechanism"
1480.cindex "queue runner"
168e428f
PH
1481Exim's mechanism for retrying messages that fail to get delivered at the first
1482attempt is the queue runner process. You must either run an Exim daemon that
9b371988
PH
1483uses the &%-q%& option with a time interval to start queue runners at regular
1484intervals, or use some other means (such as &'cron'&) to start them. If you do
168e428f
PH
1485not arrange for queue runners to be run, messages that fail temporarily at the
1486first attempt will remain on your queue for ever. A queue runner process works
068aaea8 1487its way through the queue, one message at a time, trying each delivery that has
168e428f
PH
1488passed its retry time.
1489You can run several queue runners at once.
1490
1491Exim uses a set of configured rules to determine when next to retry the failing
9b371988
PH
1492address (see chapter &<<CHAPretry>>&). These rules also specify when Exim
1493should give up trying to deliver to the address, at which point it generates a
1494bounce message. If no retry rules are set for a particular host, address, and
1495error combination, no retries are attempted, and temporary errors are treated
1496as permanent.
168e428f
PH
1497
1498
1499
9b371988
PH
1500.section "Temporary delivery failure"
1501.cindex "delivery" "temporary failure"
168e428f
PH
1502There are many reasons why a message may not be immediately deliverable to a
1503particular address. Failure to connect to a remote machine (because it, or the
1504connection to it, is down) is one of the most common. Temporary failures may be
1505detected during routing as well as during the transport stage of delivery.
1506Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
1507is on a file system where the user is over quota. Exim can be configured to
1508impose its own quotas on local mailboxes; where system quotas are set they will
1509also apply.
1510
1511If a host is unreachable for a period of time, a number of messages may be
1512waiting for it by the time it recovers, and sending them in a single SMTP
1513connection is clearly beneficial. Whenever a delivery to a remote host is
1514deferred,
1515
9b371988 1516.cindex "hints database"
168e428f
PH
1517Exim makes a note in its hints database, and whenever a successful
1518SMTP delivery has happened, it looks to see if any other messages are waiting
1519for the same host. If any are found, they are sent over the same SMTP
1520connection, subject to a configuration limit as to the maximum number in any
1521one connection.
1522
1523
1524
1525
9b371988
PH
1526.section "Permanent delivery failure"
1527.cindex "delivery" "permanent failure"
1528.cindex "bounce message" "when generated"
168e428f
PH
1529When a message cannot be delivered to some or all of its intended recipients, a
1530bounce message is generated. Temporary delivery failures turn into permanent
1531errors when their timeout expires. All the addresses that fail in a given
1532delivery attempt are listed in a single message. If the original message has
1533many recipients, it is possible for some addresses to fail in one delivery
1534attempt and others to fail subsequently, giving rise to more than one bounce
1535message. The wording of bounce messages can be customized by the administrator.
9b371988 1536See chapter &<<CHAPemsgcust>>& for details.
168e428f 1537
9b371988
PH
1538.cindex "&'X-Failed-Recipients:'& header line"
1539Bounce messages contain an &'X-Failed-Recipients:'& header line that lists the
168e428f
PH
1540failed addresses, for the benefit of programs that try to analyse such messages
1541automatically.
1542
9b371988 1543.cindex "bounce message" "recipient of"
168e428f
PH
1544A bounce message is normally sent to the sender of the original message, as
1545obtained from the message's envelope. For incoming SMTP messages, this is the
9b371988
PH
1546address given in the MAIL command. However, when an address is expanded via a
1547forward or alias file, an alternative address can be specified for delivery
1548failures of the generated addresses. For a mailing list expansion (see section
1549&<<SECTmailinglists>>&) it is common to direct bounce messages to the manager
1550of the list.
168e428f
PH
1551
1552
1553
9b371988
PH
1554.section "Failures to deliver bounce messages"
1555.cindex "bounce message" "failure to deliver"
168e428f
PH
1556If a bounce message (either locally generated or received from a remote host)
1557itself suffers a permanent delivery failure, the message is left on the queue,
1558but it is frozen, awaiting the attention of an administrator. There are options
068aaea8 1559that can be used to make Exim discard such failed messages, or to keep them
9b371988
PH
1560for only a short time (see &%timeout_frozen_after%& and
1561&%ignore_bounce_errors_after%&).
168e428f
PH
1562
1563
1564
1565
1566
9b371988
PH
1567. ////////////////////////////////////////////////////////////////////////////
1568. ////////////////////////////////////////////////////////////////////////////
168e428f 1569
9b371988 1570.chapter "Building and installing Exim"
4f578862 1571.scindex IIDbuex "building Exim"
168e428f 1572
9b371988 1573.section "Unpacking"
168e428f
PH
1574Exim is distributed as a gzipped or bzipped tar file which, when upacked,
1575creates a directory with the name of the current release (for example,
9b371988
PH
1576&_exim-&version;_&) into which the following files are placed:
1577
1578.table2 140pt
1579.row &_ACKNOWLEDGMENTS_& "contains some acknowledgments"
1580.row &_CHANGES_& "contains a reference to where changes are documented"
1581.row &_LICENCE_& "the GNU General Public Licence"
1582.row &_Makefile_& "top-level make file"
1583.row &_NOTICE_& "conditions for the use of Exim"
1584.row &_README_& "list of files, directories and simple build &&&
1585 instructions"
1586.endtable
1587
1588Other files whose names begin with &_README_& may also be present. The
168e428f
PH
1589following subdirectories are created:
1590
9b371988
PH
1591.table2 140pt
1592.row &_Local_& "an empty directory for local configuration files"
1593.row &_OS_& "OS-specific files"
1594.row &_doc_& "documentation files"
1595.row &_exim_monitor_& "source files for the Exim monitor"
1596.row &_scripts_& "scripts used in the build process"
1597.row &_src_& "remaining source files"
1598.row &_util_& "independent utilities"
1599.endtable
1600
1601The main utility programs are contained in the &_src_& directory, and are built
1602with the Exim binary. The &_util_& directory contains a few optional scripts
168e428f
PH
1603that may be useful to some sites.
1604
1605
9b371988
PH
1606.section "Multiple machine architectures and operating systems"
1607.cindex "building Exim" "multiple OS/architectures"
168e428f
PH
1608The building process for Exim is arranged to make it easy to build binaries for
1609a number of different architectures and operating systems from the same set of
9b371988
PH
1610source files. Compilation does not take place in the &_src_& directory.
1611Instead, a &'build directory'& is created for each architecture and operating
1612system.
1613.cindex "symbolic link" "to build directory"
168e428f 1614Symbolic links to the sources are installed in this directory, which is where
9b371988
PH
1615the actual building takes place. In most cases, Exim can discover the machine
1616architecture and operating system for itself, but the defaults can be
1617overridden if necessary.
168e428f 1618
168e428f 1619
9b371988
PH
1620.section "DBM libraries" "SECTdb"
1621.cindex "DBM libraries" "discussion of"
1622.cindex "hints database" "DBM files used for"
168e428f
PH
1623Even if you do not use any DBM files in your configuration, Exim still needs a
1624DBM library in order to operate, because it uses indexed files for its hints
1625databases. Unfortunately, there are a number of DBM libraries in existence, and
1626different operating systems often have different ones installed.
1627
9b371988
PH
1628.cindex "Solaris" "DBM library for"
1629.cindex "IRIX" "DBM library for"
1630.cindex "BSD" "DBM library for"
1631.cindex "Linux" "DBM library for"
168e428f
PH
1632If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
1633Linux distribution, the DBM configuration should happen automatically, and you
1634may be able to ignore this section. Otherwise, you may have to learn more than
1635you would like about DBM libraries from what follows.
1636
9b371988 1637.cindex "&'ndbm'& DBM library"
168e428f 1638Licensed versions of Unix normally contain a library of DBM functions operating
9b371988 1639via the &'ndbm'& interface, and this is what Exim expects by default. Free
168e428f
PH
1640versions of Unix seem to vary in what they contain as standard. In particular,
1641some early versions of Linux have no default DBM library, and different
1642distributors have chosen to bundle different libraries with their packaged
1643versions. However, the more recent releases seem to have standardised on the
1644Berkeley DB library.
1645
1646Different DBM libraries have different conventions for naming the files they
9b371988 1647use. When a program opens a file called &_dbmfile_&, there are several
168e428f
PH
1648possibilities:
1649
9b371988
PH
1650.olist
1651A traditional &'ndbm'& implementation, such as that supplied as part of
1652Solaris, operates on two files called &_dbmfile.dir_& and &_dbmfile.pag_&.
1653.next
1654.cindex "&'gdbm'& DBM library"
1655The GNU library, &'gdbm'&, operates on a single file. If used via its &'ndbm'&
168e428f 1656compatibility interface it makes two different hard links to it with names
9b371988 1657&_dbmfile.dir_& and &_dbmfile.pag_&, but if used via its native interface, the
168e428f 1658file name is used unmodified.
9b371988
PH
1659.next
1660.cindex "Berkeley DB library"
1661The Berkeley DB package, if called via its &'ndbm'& compatibility interface,
1662operates on a single file called &_dbmfile.db_&, but otherwise looks to the
1663programmer exactly the same as the traditional &'ndbm'& implementation.
1664.next
1665If the Berkeley package is used in its native mode, it operates on a single
1666file called &_dbmfile_&; the programmer's interface is somewhat different to
1667the traditional &'ndbm'& interface.
1668.next
1669To complicate things further, there are several very different versions of the
168e428f 1670Berkeley DB package. Version 1.85 was stable for a very long time, releases
9b371988
PH
16712.&'x'& and 3.&'x'& were current for a while, but the latest versions are now
1672numbered 4.&'x'&. Maintenance of some of the earlier releases has ceased. All
168e428f 1673versions of Berkeley DB can be obtained from
9b371988
PH
1674&url(http://www.sleepycat.com/).
1675.next
1676.cindex "&'tdb'& DBM library"
1677Yet another DBM library, called &'tdb'&, is available from
1678&url(http://download.sourceforge.net/tdb). It has its own interface, and also
1679operates on a single file.
1680.endlist
1681
1682.cindex "USE_DB"
1683.cindex "DBM libraries" "configuration for building"
168e428f
PH
1684Exim and its utilities can be compiled to use any of these interfaces. In order
1685to use any version of the Berkeley DB package in native mode, you must set
1686USE_DB in an appropriate configuration file (typically
9b371988
PH
1687&_Local/Makefile_&). For example:
1688.code
1689USE_DB=yes
1690.endd
168e428f
PH
1691Similarly, for gdbm you set USE_GDBM, and for tdb you set USE_TDB. An
1692error is diagnosed if you set more than one of these.
1693
1694At the lowest level, the build-time configuration sets none of these options,
1695thereby assuming an interface of type (1). However, some operating system
1696configuration files (for example, those for the BSD operating systems and
1697Linux) assume type (4) by setting USE_DB as their default, and the
1698configuration files for Cygwin set USE_GDBM. Anything you set in
9b371988 1699&_Local/Makefile_&, however, overrides these system defaults.
168e428f
PH
1700
1701As well as setting USE_DB, USE_GDBM, or USE_TDB, it may also be
1702necessary to set DBMLIB, to cause inclusion of the appropriate library, as
1703in one of these lines:
9b371988
PH
1704.code
1705DBMLIB = -ldb
1706DBMLIB = -ltdb
1707.endd
168e428f
PH
1708Settings like that will work if the DBM library is installed in the standard
1709place. Sometimes it is not, and the library's header file may also not be in
1710the default path. You may need to set INCLUDE to specify where the header
1711file is, and to specify the path to the library more fully in DBMLIB, as in
1712this example:
9b371988
PH
1713.code
1714INCLUDE=-I/usr/local/include/db-4.1
1715DBMLIB=/usr/local/lib/db-4.1/libdb.a
1716.endd
168e428f 1717There is further detailed discussion about the various DBM libraries in the
9b371988 1718file &_doc/dbm.discuss.txt_& in the Exim distribution.
168e428f
PH
1719
1720
1721
9b371988
PH
1722.section "Pre-building configuration"
1723.cindex "building Exim" "pre-building configuration"
1724.cindex "configuration for building Exim"
1725.cindex "&_Local/Makefile_&"
1726.cindex "&_src/EDITME_&"
168e428f
PH
1727Before building Exim, a local configuration file that specifies options
1728independent of any operating system has to be created with the name
9b371988
PH
1729&_Local/Makefile_&. A template for this file is supplied as the file
1730&_src/EDITME_&, and it contains full descriptions of all the option settings
168e428f
PH
1731therein. These descriptions are therefore not repeated here. If you are
1732building Exim for the first time, the simplest thing to do is to copy
9b371988 1733&_src/EDITME_& to &_Local/Makefile_&, then read it and edit it appropriately.
168e428f
PH
1734
1735There are three settings that you must supply, because Exim will not build
1736without them. They are the location of the run time configuration file
1737(CONFIGURE_FILE), the directory in which Exim binaries will be installed
1738(BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and
1739maybe EXIM_GROUP as well). The value of CONFIGURE_FILE can in fact be
1740a colon-separated list of file names; Exim uses the first of them that exists.
1741
1742There are a few other parameters that can be specified either at build time or
1743at run time, to enable the same binary to be used on a number of different
1744machines. However, if the locations of Exim's spool directory and log file
1745directory (if not within the spool directory) are fixed, it is recommended that
9b371988 1746you specify them in &_Local/Makefile_& instead of at run time, so that errors
168e428f
PH
1747detected early in Exim's execution (such as a malformed configuration file) can
1748be logged.
1749
9b371988 1750.cindex "content scanning" "specifying at build time"
068aaea8 1751Exim's interfaces for calling virus and spam scanning software directly from
168e428f
PH
1752access control lists are not compiled by default. If you want to include these
1753facilities, you need to set
9b371988
PH
1754.code
1755WITH_CONTENT_SCAN=yes
1756.endd
1757in your &_Local/Makefile_&. For details of the facilities themselves, see
1758chapter &<<CHAPexiscan>>&.
168e428f
PH
1759
1760
9b371988
PH
1761.cindex "&_Local/eximon.conf_&"
1762.cindex "_exim_monitor/EDITME_"
168e428f 1763If you are going to build the Exim monitor, a similar configuration process is
9b371988
PH
1764required. The file &_exim_monitor/EDITME_& must be edited appropriately for
1765your installation and saved under the name &_Local/eximon.conf_&. If you are
1766happy with the default settings described in &_exim_monitor/EDITME_&,
1767&_Local/eximon.conf_& can be empty, but it must exist.
168e428f
PH
1768
1769This is all the configuration that is needed in straightforward cases for known
1770operating systems. However, the building process is set up so that it is easy
1771to override options that are set by default or by operating-system-specific
1772configuration files, for example to change the name of the C compiler, which
9b371988
PH
1773defaults to &%gcc%&. See section &<<SECToverride>>& below for details of how to
1774do this.
168e428f
PH
1775
1776
1777
9b371988
PH
1778.section "Support for iconv()"
1779.cindex "&[iconv()]& support"
1780.cindex "RFC 2047"
168e428f
PH
1781The contents of header lines in messages may be encoded according to the rules
1782described RFC 2047. This makes it possible to transmit characters that are not
1783in the ASCII character set, and to label them as being in a particular
9b371988 1784character set. When Exim is inspecting header lines by means of the &%$h_%&
168e428f
PH
1785mechanism, it decodes them, and translates them into a specified character set
1786(default ISO-8859-1). The translation is possible only if the operating system
9b371988
PH
1787supports the &[iconv()]& function.
1788
1789However, some of the operating systems that supply &[iconv()]& do not support
1790very many conversions. The GNU &%libiconv%& library (available from
1791&url(http://www.gnu.org/software/libiconv/)) can be installed on such
1792systems to remedy this deficiency, as well as on systems that do not supply
1793&[iconv()]& at all. After installing &%libiconv%&, you should add
1794.code
1795HAVE_ICONV=yes
1796.endd
1797to your &_Local/Makefile_& and rebuild Exim.
1798
1799
1800
1801.section "Including TLS/SSL encryption support" "SECTinctlsssl"
1802.cindex "TLS" "including support for TLS"
1803.cindex "encryption" "including support for"
1804.cindex "SUPPORT_TLS"
1805.cindex "OpenSSL" "building Exim with"
1806.cindex "GnuTLS" "building Exim with"
168e428f
PH
1807Exim can be built to support encrypted SMTP connections, using the STARTTLS
1808command as per RFC 2487. It can also support legacy clients that expect to
1809start a TLS session immediately on connection to a non-standard port (see the
9b371988 1810&%tls_on_connect_ports%& runtime option and the &%-tls-on-connect%& command
168e428f
PH
1811line option).
1812
1813If you want to build Exim with TLS support, you must first install either the
1814OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
1815implementing SSL.
1816
1817If OpenSSL is installed, you should set
9b371988
PH
1818.code
1819SUPPORT_TLS=yes
1820TLS_LIBS=-lssl -lcrypto
1821.endd
1822in &_Local/Makefile_&. You may also need to specify the locations of the
168e428f 1823OpenSSL library and include files. For example:
9b371988
PH
1824.code
1825SUPPORT_TLS=yes
1826TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
1827TLS_INCLUDE=-I/usr/local/openssl/include/
1828.endd
1829.cindex "USE_GNUTLS"
168e428f 1830If GnuTLS is installed, you should set
9b371988
PH
1831.code
1832SUPPORT_TLS=yes
1833USE_GNUTLS=yes
1834TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
1835.endd
1836in &_Local/Makefile_&, and again you may need to specify the locations of the
168e428f 1837library and include files. For example:
9b371988
PH
1838.code
1839SUPPORT_TLS=yes
1840USE_GNUTLS=yes
1841TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
1842TLS_INCLUDE=-I/usr/gnu/include
1843.endd
168e428f 1844You do not need to set TLS_INCLUDE if the relevant directory is already
9b371988
PH
1845specified in INCLUDE. Details of how to configure Exim to make use of TLS are
1846given in chapter &<<CHAPTLS>>&.
168e428f
PH
1847
1848
1849
1850
9b371988
PH
1851.section "Use of tcpwrappers"
1852.cindex "tcpwrappers" "building Exim to support"
1853.cindex "USE_TCP_WRAPPERS"
1854Exim can be linked with the &'tcpwrappers'& library in order to check incoming
1855SMTP calls using the &'tcpwrappers'& control files. This may be a convenient
168e428f 1856alternative to Exim's own checking facilities for installations that are
9b371988
PH
1857already making use of &'tcpwrappers'& for other purposes. To do this, you
1858should set USE_TCP_WRAPPERS in &_Local/Makefile_&, arrange for the file
1859&_tcpd.h_& to be available at compile time, and also ensure that the library
1860&_libwrap.a_& is available at link time, typically by including &%-lwrap%& in
1861EXTRALIBS_EXIM. For example, if &'tcpwrappers'& is installed in &_/usr/local_&,
1862you might have
1863.code
1864USE_TCP_WRAPPERS=yes
1865CFLAGS=-O -I/usr/local/include
1866EXTRALIBS_EXIM=-L/usr/local/lib -lwrap
1867.endd
1868in &_Local/Makefile_&. The name to use in the &'tcpwrappers'& control files is
1869&"exim"&. For example, the line
1870.code
1871exim : LOCAL 192.168.1. .friendly.domain.example
1872.endd
1873in your &_/etc/hosts.allow_& file allows connections from the local host, from
1874the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&.
1875All other connections are denied. Consult the &'tcpwrappers'& documentation for
168e428f
PH
1876further details.
1877
1878
1879
9b371988
PH
1880.section "Including support for IPv6"
1881.cindex "IPv6" "including support for"
168e428f 1882Exim contains code for use on systems that have IPv6 support. Setting
9b371988 1883&`HAVE_IPV6=YES`& in &_Local/Makefile_& causes the IPv6 code to be included;
168e428f
PH
1884it may also be necessary to set IPV6_INCLUDE and IPV6_LIBS on systems
1885where the IPv6 support is not fully integrated into the normal include and
1886library files.
1887
1888Two different types of DNS record for handling IPv6 addresses have been
1889defined. AAAA records (analagous to A records for IPv4) are in use, and are
1890currently seen as the mainstream. Another record type called A6 was proposed
1891as better than AAAA because it had more flexibility. However, it was felt to be
9b371988 1892over-complex, and its status was reduced to &"experimental"&. It is not known
168e428f 1893if anyone is actually using A6 records. Exim has support for A6 records, but
9b371988 1894this is included only if you set &`SUPPORT_A6=YES`& in &_Local/Makefile_&. The
168e428f
PH
1895support has not been tested for some time.
1896
1897
1898
9b371988
PH
1899.section "The building process"
1900.cindex "build directory"
1901Once &_Local/Makefile_& (and &_Local/eximon.conf_&, if required) have been
1902created, run &'make'& at the top level. It determines the architecture and
168e428f
PH
1903operating system types, and creates a build directory if one does not exist.
1904For example, on a Sun system running Solaris 8, the directory
9b371988
PH
1905&_build-SunOS5-5.8-sparc_& is created.
1906.cindex "symbolic link" "to source files"
168e428f
PH
1907Symbolic links to relevant source files are installed in the build directory.
1908
9b371988 1909&*Warning*&: The &%-j%& (parallel) flag must not be used with &'make'&; the
168e428f
PH
1910building process fails if it is set.
1911
9b371988 1912If this is the first time &'make'& has been run, it calls a script that builds
168e428f 1913a make file inside the build directory, using the configuration files from the
9b371988
PH
1914&_Local_& directory. The new make file is then passed to another instance of
1915&'make'&. This does the real work, building a number of utility scripts, and
168e428f 1916then compiling and linking the binaries for the Exim monitor (if configured), a
9b371988
PH
1917number of utility programs, and finally Exim itself. The command &`make
1918makefile`& can be used to force a rebuild of the make file in the build
168e428f
PH
1919directory, should this ever be necessary.
1920
1921If you have problems building Exim, check for any comments there may be in the
9b371988 1922&_README_& file concerning your operating system, and also take a look at the
168e428f
PH
1923FAQ, where some common problems are covered.
1924
1925
1926
9b371988 1927.section 'Output from &"make"&'
9b371988 1928The output produced by the &'make'& process for compile lines is often very
068aaea8
PH
1929unreadable, because these lines can be very long. For this reason, the normal
1930output is suppressed by default, and instead output similar to that which
1931appears when compiling the 2.6 Linux kernel is generated: just a short line for
1932each module that is being compiled or linked. However, it is still possible to
9b371988
PH
1933get the full output, by calling &'make'& like this:
1934.code
1935FULLECHO='' make -e
1936.endd
1937The value of FULLECHO defaults to &"@"&, the flag character that suppresses
1938command reflection in &'make'&. When you ask for the full output, it is
068aaea8
PH
1939given in addition to the the short output.
1940
1941
1942
9b371988
PH
1943.section "Overriding build-time options for Exim" "SECToverride"
1944.cindex "build-time options" "overriding"
168e428f
PH
1945The main make file that is created at the beginning of the building process
1946consists of the concatenation of a number of files which set configuration
9b371988 1947values, followed by a fixed set of &'make'& instructions. If a value is set
168e428f
PH
1948more than once, the last setting overrides any previous ones. This provides a
1949convenient way of overriding defaults. The files that are concatenated are, in
1950order:
9b371988
PH
1951.display
1952&_OS/Makefile-Default_&
1953&_OS/Makefile-_&<&'ostype'&>
1954&_Local/Makefile_&
1955&_Local/Makefile-_&<&'ostype'&>
1956&_Local/Makefile-_&<&'archtype'&>
1957&_Local/Makefile-_&<&'ostype'&>-<&'archtype'&>
1958&_OS/Makefile-Base_&
1959.endd
1960.cindex "&_Local/Makefile_&"
1961.cindex "building Exim" "operating system type"
1962.cindex "building Exim" "architecture type"
1963where <&'ostype'&> is the operating system type and <&'archtype'&> is the
1964architecture type. &_Local/Makefile_& is required to exist, and the building
1965process fails if it is absent. The other three &_Local_& files are optional,
168e428f
PH
1966and are often not needed.
1967
9b371988
PH
1968The values used for <&'ostype'&> and <&'archtype'&> are obtained from scripts
1969called &_scripts/os-type_& and &_scripts/arch-type_& respectively. If either of
168e428f
PH
1970the environment variables EXIM_OSTYPE or EXIM_ARCHTYPE is set, their
1971values are used, thereby providing a means of forcing particular settings.
9b371988 1972Otherwise, the scripts try to get values from the &%uname%& command. If this
168e428f 1973fails, the shell variables OSTYPE and ARCHTYPE are inspected. A number
9b371988 1974of &'ad hoc'& transformations are then applied, to produce the standard names
168e428f
PH
1975that Exim expects. You can run these scripts directly from the shell in order
1976to find out what values are being used on your system.
1977
1978
9b371988 1979&_OS/Makefile-Default_& contains comments about the variables that are set
168e428f
PH
1980therein. Some (but not all) are mentioned below. If there is something that
1981needs changing, review the contents of this file and the contents of the make
9b371988 1982file for your operating system (&_OS/Makefile-<ostype>_&) to see what the
168e428f
PH
1983default values are.
1984
1985
9b371988
PH
1986.cindex "building Exim" "overriding default settings"
1987If you need to change any of the values that are set in &_OS/Makefile-Default_&
1988or in &_OS/Makefile-<ostype>_&, or to add any new definitions, you do not
168e428f 1989need to change the original files. Instead, you should make the changes by
9b371988
PH
1990putting the new values in an appropriate &_Local_& file. For example,
1991.cindex "Tru64-Unix build-time settings"
168e428f
PH
1992when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
1993formerly DEC-OSF1) operating system, it is necessary to specify that the C
9b371988
PH
1994compiler is called &'cc'& rather than &'gcc'&. Also, the compiler must be
1995called with the option &%-std1%&, to make it recognize some of the features of
168e428f 1996Standard C that Exim uses. (Most other compilers recognize Standard C by
9b371988 1997default.) To do this, you should create a file called &_Local/Makefile-OSF1_&
168e428f 1998containing the lines
9b371988
PH
1999.code
2000CC=cc
2001CFLAGS=-std1
2002.endd
168e428f 2003If you are compiling for just one operating system, it may be easier to put
9b371988 2004these lines directly into &_Local/Makefile_&.
168e428f
PH
2005
2006Keeping all your local configuration settings separate from the distributed
2007files makes it easy to transfer them to new versions of Exim simply by copying
9b371988 2008the contents of the &_Local_& directory.
168e428f
PH
2009
2010
9b371988
PH
2011.cindex "NIS lookup type" "including support for"
2012.cindex "NIS+ lookup type" "including support for"
2013.cindex "LDAP" "including support for"
2014.cindex "lookup" "inclusion in binary"
168e428f
PH
2015Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
2016lookup, but not all systems have these components installed, so the default is
2017not to include the relevant code in the binary. All the different kinds of file
2018and database lookup that Exim supports are implemented as separate code modules
2019which are included only if the relevant compile-time options are set. In the
9b371988
PH
2020case of LDAP, NIS, and NIS+, the settings for &_Local/Makefile_& are:
2021.code
2022LOOKUP_LDAP=yes
2023LOOKUP_NIS=yes
2024LOOKUP_NISPLUS=yes
2025.endd
168e428f 2026and similar settings apply to the other lookup types. They are all listed in
9b371988 2027&_src/EDITME_&. In many cases the relevant include files and interface
168e428f 2028libraries need to be installed before compiling Exim.
9b371988 2029.cindex "cdb" "including support for"
068aaea8
PH
2030However, there are some optional lookup types (such as cdb) for which
2031the code is entirely contained within Exim, and no external include
168e428f
PH
2032files or libraries are required. When a lookup type is not included in the
2033binary, attempts to configure Exim to use it cause run time configuration
2034errors.
2035
9b371988 2036.cindex "Perl" "including support for"
168e428f
PH
2037Exim can be linked with an embedded Perl interpreter, allowing Perl
2038subroutines to be called during string expansion. To enable this facility,
9b371988
PH
2039.code
2040EXIM_PERL=perl.o
2041.endd
2042must be defined in &_Local/Makefile_&. Details of this facility are given in
2043chapter &<<CHAPperl>>&.
168e428f 2044
9b371988 2045.cindex "X11 libraries" "location of"
168e428f 2046The location of the X11 libraries is something that varies a lot between
068aaea8 2047operating systems, and there may be different versions of X11 to cope
168e428f
PH
2048with. Exim itself makes no use of X11, but if you are compiling the Exim
2049monitor, the X11 libraries must be available.
9b371988
PH
2050The following three variables are set in &_OS/Makefile-Default_&:
2051.code
2052X11=/usr/X11R6
2053XINCLUDE=-I$(X11)/include
2054XLFLAGS=-L$(X11)/lib
2055.endd
168e428f 2056These are overridden in some of the operating-system configuration files. For
9b371988
PH
2057example, in &_OS/Makefile-SunOS5_& there is
2058.code
2059X11=/usr/openwin
2060XINCLUDE=-I$(X11)/include
2061XLFLAGS=-L$(X11)/lib -R$(X11)/lib
2062.endd
168e428f
PH
2063If you need to override the default setting for your operating system, place a
2064definition of all three of these variables into your
9b371988 2065&_Local/Makefile-<ostype>_& file.
168e428f 2066
9b371988 2067.cindex "EXTRALIBS"
168e428f
PH
2068If you need to add any extra libraries to the link steps, these can be put in a
2069variable called EXTRALIBS, which appears in all the link commands, but by
2070default is not defined. In contrast, EXTRALIBS_EXIM is used only on the
2071command for linking the main Exim binary, and not for any associated utilities.
2072
9b371988 2073.cindex "DBM libraries" "configuration for building"
168e428f 2074There is also DBMLIB, which appears in the link commands for binaries that
9b371988 2075use DBM functions (see also section &<<SECTdb>>&). Finally, there is
168e428f
PH
2076EXTRALIBS_EXIMON, which appears only in the link step for the Exim monitor
2077binary, and which can be used, for example, to include additional X11
2078libraries.
2079
9b371988 2080.cindex "configuration file" "editing"
168e428f
PH
2081The make file copes with rebuilding Exim correctly if any of the configuration
2082files are edited. However, if an optional configuration file is deleted, it is
9b371988
PH
2083necessary to touch the associated non-optional file (that is,
2084&_Local/Makefile_& or &_Local/eximon.conf_&) before rebuilding.
168e428f
PH
2085
2086
9b371988
PH
2087.section "OS-specific header files"
2088.cindex "&_os.h_&"
2089.cindex "building Exim" "OS-specific C header files"
2090The &_OS_& directory contains a number of files with names of the form
2091&_os.h-<ostype>_&. These are system-specific C header files that should not
168e428f 2092normally need to be changed. There is a list of macro settings that are
9b371988 2093recognized in the file &_OS/os.configuring_&, which should be consulted if you
168e428f
PH
2094are porting Exim to a new operating system.
2095
2096
2097
9b371988
PH
2098.section "Overriding build-time options for the monitor"
2099.cindex "building Eximon" "overriding default options"
168e428f
PH
2100A similar process is used for overriding things when building the Exim monitor,
2101where the files that are involved are
9b371988
PH
2102.display
2103&_OS/eximon.conf-Default_&
2104&_OS/eximon.conf-_&<&'ostype'&>
2105&_Local/eximon.conf_&
2106&_Local/eximon.conf-_&<&'ostype'&>
2107&_Local/eximon.conf-_&<&'archtype'&>
2108&_Local/eximon.conf-_&<&'ostype'&>-<&'archtype'&>
2109.endd
2110.cindex "&_Local/eximon.conf_&"
168e428f 2111As with Exim itself, the final three files need not exist, and in this case the
9b371988
PH
2112&_OS/eximon.conf-<ostype>_& file is also optional. The default values in
2113&_OS/eximon.conf-Default_& can be overridden dynamically by setting environment
168e428f
PH
2114variables of the same name, preceded by EXIMON_. For example, setting
2115EXIMON_LOG_DEPTH in the environment overrides the value of
2116LOG_DEPTH at run time.
4f578862 2117.ecindex IIDbuex
168e428f
PH
2118
2119
9b371988
PH
2120.section "Installing Exim binaries and scripts"
2121.cindex "installing Exim"
2122.cindex "BIN_DIRECTORY"
2123The command &`make install`& runs the &(exim_install)& script with no
2124arguments. The script copies binaries and utility scripts into the directory
2125whose name is specified by the BIN_DIRECTORY setting in &_Local/Makefile_&.
2126.cindex "setuid" "installing Exim with"
068aaea8
PH
2127The install script copies files only if they are newer than the files they are
2128going to replace. The Exim binary is required to be owned by root and have the
9b371988
PH
2129&'setuid'& bit set, for normal configurations. Therefore, you must run &`make
2130install`& as root so that it can set up the Exim binary in this way. However, in
068aaea8
PH
2131some special situations (for example, if a host is doing no local deliveries)
2132it may be possible to run Exim without making the binary setuid root (see
9b371988 2133chapter &<<CHAPsecurity>>& for details).
168e428f 2134
9b371988 2135.cindex "CONFIGURE_FILE"
168e428f 2136Exim's run time configuration file is named by the CONFIGURE_FILE setting
9b371988
PH
2137in &_Local/Makefile_&. If this names a single file, and the file does not
2138exist, the default configuration file &_src/configure.default_& is copied there
168e428f
PH
2139by the installation script. If a run time configuration file already exists, it
2140is left alone. If CONFIGURE_FILE is a colon-separated list, naming several
2141alternative files, no default is installed.
2142
9b371988
PH
2143.cindex "system aliases file"
2144.cindex "&_/etc/aliases_&"
168e428f
PH
2145One change is made to the default configuration file when it is installed: the
2146default configuration contains a router that references a system aliases file.
2147The path to this file is set to the value specified by
9b371988 2148SYSTEM_ALIASES_FILE in &_Local/Makefile_& (&_/etc/aliases_& by default).
168e428f
PH
2149If the system aliases file does not exist, the installation script creates it,
2150and outputs a comment to the user.
2151
2152The created file contains no aliases, but it does contain comments about the
2153aliases a site should normally have. Mail aliases have traditionally been
9b371988
PH
2154kept in &_/etc/aliases_&. However, some operating systems are now using
2155&_/etc/mail/aliases_&. You should check if yours is one of these, and change
168e428f
PH
2156Exim's configuration if necessary.
2157
2158The default configuration uses the local host's name as the only local domain,
9b371988
PH
2159and is set up to do local deliveries into the shared directory &_/var/mail_&,
2160running as the local user. System aliases and &_.forward_& files in users' home
168e428f
PH
2161directories are supported, but no NIS or NIS+ support is configured. Domains
2162other than the name of the local host are routed using the DNS, with delivery
2163over SMTP.
2164
168e428f
PH
2165It is possible to install Exim for special purposes (such as building a binary
2166distribution) in a private part of the file system. You can do this by a
2167command such as
9b371988
PH
2168.code
2169make DESTDIR=/some/directory/ install
2170.endd
168e428f
PH
2171This has the effect of pre-pending the specified directory to all the file
2172paths, except the name of the system aliases file that appears in the default
9b371988 2173configuration. (If a default alias file is created, its name &'is'& modified.)
168e428f
PH
2174For backwards compatibility, ROOT is used if DESTDIR is not set,
2175but this usage is deprecated.
2176
9b371988
PH
2177.cindex "installing Exim" "what is not installed"
2178Running &'make install'& does not copy the Exim 4 conversion script
2179&'convert4r4'&, or the &'pcretest'& test program. You will probably run the
168e428f 2180first of these only once (if you are upgrading from Exim 3), and the second
9b371988 2181isn't really part of Exim. None of the documentation files in the &_doc_&
168e428f 2182directory are copied, except for the info files when you have set
9b371988 2183INFO_DIRECTORY, as described in section &<<SECTinsinfdoc>>& below.
168e428f 2184
9b371988 2185For the utility programs, old versions are renamed by adding the suffix &_.O_&
168e428f
PH
2186to their names. The Exim binary itself, however, is handled differently. It is
2187installed under a name that includes the version number and the compile number,
9b371988
PH
2188for example &_exim-&version;-1_&. The script then arranges for a symbolic link
2189called &_exim_& to point to the binary. If you are updating a previous version
2190of Exim, the script takes care to ensure that the name &_exim_& is never absent
168e428f
PH
2191from the directory (as seen by other processes).
2192
9b371988
PH
2193.cindex "installing Exim" "testing the script"
2194If you want to see what the &'make install'& will do before running it for
2195real, you can pass the &%-n%& option to the installation script by this
2196command:
2197.code
2198make INSTALL_ARG=-n install
2199.endd
168e428f
PH
2200The contents of the variable INSTALL_ARG are passed to the installation
2201script. You do not need to be root to run this test. Alternatively, you can run
2202the installation script directly, but this must be from within the build
2203directory. For example, from the top-level Exim directory you could use this
2204command:
9b371988
PH
2205.code
2206(cd build-SunOS5-5.5.1-sparc; ../scripts/exim_install -n)
2207.endd
2208.cindex "installing Exim" "install script options"
168e428f
PH
2209There are two other options that can be supplied to the installation script.
2210
9b371988
PH
2211.ilist
2212&%-no_chown%& bypasses the call to change the owner of the installed binary
168e428f 2213to root, and the call to make it a setuid binary.
9b371988
PH
2214.next
2215&%-no_symlink%& bypasses the setting up of the symbolic link &_exim_& to the
168e428f 2216installed binary.
9b371988 2217.endlist
168e428f
PH
2218
2219INSTALL_ARG can be used to pass these options to the script. For example:
9b371988
PH
2220.code
2221make INSTALL_ARG=-no_symlink install
2222.endd
168e428f
PH
2223The installation script can also be given arguments specifying which files are
2224to be copied. For example, to install just the Exim binary, and nothing else,
2225without creating the symbolic link, you could use:
9b371988
PH
2226.code
2227make INSTALL_ARG='-no_symlink exim' install
2228.endd
168e428f
PH
2229
2230
2231
9b371988
PH
2232.section "Installing info documentation" "SECTinsinfdoc"
2233.cindex "installing Exim" "&'info'& documentation"
2234Not all systems use the GNU &'info'& system for documentation, and for this
168e428f
PH
2235reason, the Texinfo source of Exim's documentation is not included in the main
2236distribution. Instead it is available separately from the ftp site (see section
9b371988 2237&<<SECTavail>>&).
168e428f 2238
9b371988
PH
2239If you have defined INFO_DIRECTORY in &_Local/Makefile_& and the Texinfo
2240source of the documentation is found in the source tree, running &`make
2241install`& automatically builds the info files and installs them.
168e428f
PH
2242
2243
2244
9b371988
PH
2245.section "Setting up the spool directory"
2246.cindex "spool directory" "creating"
168e428f
PH
2247When it starts up, Exim tries to create its spool directory if it does not
2248exist. The Exim uid and gid are used for the owner and group of the spool
2249directory. Sub-directories are automatically created in the spool directory as
2250necessary.
2251
2252
2253
2254
9b371988
PH
2255.section "Testing"
2256.cindex "testing" "installation"
168e428f
PH
2257Having installed Exim, you can check that the run time configuration file is
2258syntactically valid by running the following command, which assumes that the
2259Exim binary directory is within your PATH environment variable:
9b371988
PH
2260.code
2261exim -bV
2262.endd
168e428f
PH
2263If there are any errors in the configuration file, Exim outputs error messages.
2264Otherwise it outputs the version number and build date,
2265the DBM library that is being used, and information about which drivers and
2266other optional code modules are included in the binary.
2267Some simple routing tests can be done by using the address testing option. For
2268example,
9b371988
PH
2269.display
2270&`exim -bt`& <&'local username'&>
2271.endd
168e428f 2272should verify that it recognizes a local mailbox, and
9b371988
PH
2273.display
2274&`exim -bt`& <&'remote address'&>
2275.endd
168e428f
PH
2276a remote one. Then try getting it to deliver mail, both locally and remotely.
2277This can be done by passing messages directly to Exim, without going through a
2278user agent. For example:
9b371988 2279.code
068aaea8
PH
2280exim -v postmaster@your.domain.example
2281From: user@your.domain.example
2282To: postmaster@your.domain.example
2283Subject: Testing Exim
168e428f 2284
068aaea8
PH
2285This is a test message.
2286^D
9b371988
PH
2287.endd
2288The &%-v%& option causes Exim to output some verification of what it is doing.
168e428f 2289In this case you should see copies of three log lines, one for the message's
9b371988 2290arrival, one for its delivery, and one containing &"Completed"&.
168e428f 2291
9b371988
PH
2292.cindex "delivery" "problems with"
2293If you encounter problems, look at Exim's log files (&'mainlog'& and
2294&'paniclog'&) to see if there is any relevant information there. Another source
168e428f 2295of information is running Exim with debugging turned on, by specifying the
9b371988 2296&%-d%& option. If a message is stuck on Exim's spool, you can force a delivery
168e428f 2297with debugging turned on by a command of the form
9b371988
PH
2298.display
2299&`exim -d -M`& <&'exim-message-id'&>
2300.endd
2301You must be root or an &"admin user"& in order to do this. The &%-d%& option
168e428f 2302produces rather a lot of output, but you can cut this down to specific areas.
9b371988
PH
2303For example, if you use &%-d-all+route%& only the debugging information
2304relevant to routing is included. (See the &%-d%& option in chapter
2305&<<CHAPcommandline>>& for more details.)
168e428f 2306
9b371988
PH
2307.cindex '&"sticky"& bit'
2308.cindex "lock files"
168e428f
PH
2309One specific problem that has shown up on some sites is the inability to do
2310local deliveries into a shared mailbox directory, because it does not have the
9b371988 2311&"sticky bit"& set on it. By default, Exim tries to create a lock file before
168e428f 2312writing to a mailbox file, and if it cannot create the lock file, the delivery
9b371988 2313is deferred. You can get round this either by setting the &"sticky bit"& on the
168e428f
PH
2314directory, or by setting a specific group for local deliveries and allowing
2315that group to create files in the directory (see the comments above the
9b371988 2316&(local_delivery)& transport in the default configuration file). Another
168e428f 2317approach is to configure Exim not to use lock files, but just to rely on
9b371988
PH
2318&[fcntl()]& locking instead. However, you should do this only if all user
2319agents also use &[fcntl()]& locking. For further discussion of locking issues,
2320see chapter &<<CHAPappendfile>>&.
168e428f
PH
2321
2322One thing that cannot be tested on a system that is already running an MTA is
2323the receipt of incoming SMTP mail on the standard SMTP port. However, the
9b371988
PH
2324&%-oX%& option can be used to run an Exim daemon that listens on some other
2325port, or &'inetd'& can be used to do this. The &%-bh%& option and the
2326&'exim_checkaccess'& utility can be used to check out policy controls on
168e428f
PH
2327incoming SMTP mail.
2328
2329Testing a new version on a system that is already running Exim can most easily
2330be done by building a binary with a different CONFIGURE_FILE setting. From
2331within the run time configuration, all other file and directory names
2332that Exim uses can be altered, in order to keep it entirely clear of the
2333production version.
2334
2335
9b371988
PH
2336.section "Replacing another MTA with Exim"
2337.cindex "replacing another MTA"
168e428f
PH
2338Building and installing Exim for the first time does not of itself put it in
2339general use. The name by which the system's MTA is called by mail user agents
9b371988
PH
2340is either &_/usr/sbin/sendmail_&, or &_/usr/lib/sendmail_& (depending on the
2341operating system), and it is necessary to make this name point to the &'exim'&
168e428f 2342binary in order to get the user agents to pass messages to Exim. This is
9b371988
PH
2343normally done by renaming any existing file and making &_/usr/sbin/sendmail_&
2344or &_/usr/lib/sendmail_&
2345.cindex "symbolic link" "to &'exim'& binary"
2346a symbolic link to the &'exim'& binary. It is a good idea to remove any setuid
168e428f
PH
2347privilege and executable status from the old MTA. It is then necessary to stop
2348and restart the mailer daemon, if one is running.
2349
9b371988
PH
2350.cindex "FreeBSD" "MTA indirection"
2351.cindex "&_/etc/mail/mailer.conf_&"
168e428f
PH
2352Some operating systems have introduced alternative ways of switching MTAs. For
2353example, if you are running FreeBSD, you need to edit the file
9b371988 2354&_/etc/mail/mailer.conf_& instead of setting up a symbolic link as just
168e428f
PH
2355described. A typical example of the contents of this file for running Exim is
2356as follows:
9b371988
PH
2357.code
2358sendmail /usr/exim/bin/exim
2359send-mail /usr/exim/bin/exim
2360mailq /usr/exim/bin/exim -bp
2361newaliases /usr/bin/true
2362.endd
2363Once you have set up the symbolic link, or edited &_/etc/mail/mailer.conf_&,
2364your Exim installation is &"live"&. Check it by sending a message from your
168e428f
PH
2365favourite user agent.
2366
2367You should consider what to tell your users about the change of MTA. Exim may
2368have different capabilities to what was previously running, and there are
2369various operational differences such as the text of messages produced by
2370command line options and in bounce messages. If you allow your users to make
2371use of Exim's filtering capabilities, you should make the document entitled
9b371988 2372&'Exim's interface to mail filtering'& available to them.
168e428f
PH
2373
2374
2375
9b371988
PH
2376.section "Upgrading Exim"
2377.cindex "upgrading Exim"
168e428f
PH
2378If you are already running Exim on your host, building and installing a new
2379version automatically makes it available to MUAs, or any other programs that
2380call the MTA directly. However, if you are running an Exim daemon, you do need
9b371988
PH
2381to send it a HUP signal, to make it re-execute itself, and thereby pick up the
2382new binary. You do not need to stop processing mail in order to install a new
068aaea8
PH
2383version of Exim. The install script does not modify an existing runtime
2384configuration file.
2385
168e428f
PH
2386
2387
2388
9b371988
PH
2389.section "Stopping the Exim daemon on Solaris"
2390.cindex "Solaris" "stopping Exim on"
168e428f 2391The standard command for stopping the mailer daemon on Solaris is
9b371988
PH
2392.code
2393/etc/init.d/sendmail stop
2394.endd
2395If &_/usr/lib/sendmail_& has been turned into a symbolic link, this script
2396fails to stop Exim because it uses the command &'ps -e'& and greps the output
2397for the text &"sendmail"&; this is not present because the actual program name
2398(that is, &"exim"&) is given by the &'ps'& command with these options. A
2399solution is to replace the line that finds the process id with something like
2400.code
2401pid=`cat /var/spool/exim/exim-daemon.pid`
2402.endd
168e428f
PH
2403to obtain the daemon's pid directly from the file that Exim saves it in.
2404
9b371988 2405Note, however, that stopping the daemon does not &"stop Exim"&. Messages can
168e428f
PH
2406still be received from local processes, and if automatic delivery is configured
2407(the normal case), deliveries will still occur.
2408
2409
2410
2411
9b371988
PH
2412. ////////////////////////////////////////////////////////////////////////////
2413. ////////////////////////////////////////////////////////////////////////////
168e428f 2414
9b371988 2415.chapter "The Exim command line" "CHAPcommandline"
4f578862
PH
2416.scindex IIDclo1 "command line" "options"
2417.scindex IIDclo2 "options" "command line"
168e428f
PH
2418Exim's command line takes the standard Unix form of a sequence of options,
2419each starting with a hyphen character, followed by a number of arguments. The
2420options are compatible with the main options of Sendmail, and there are also
2421some additional options, some of which are compatible with Smail 3. Certain
2422combinations of options do not make sense, and provoke an error if used.
2423The form of the arguments depends on which options are set.
2424
2425
9b371988
PH
2426.section "Setting options by program name"
2427.cindex "&'mailq'&"
2428If Exim is called under the name &'mailq'&, it behaves as if the option &%-bp%&
168e428f 2429were present before any other options.
9b371988 2430The &%-bp%& option requests a listing of the contents of the mail queue on the
168e428f
PH
2431standard output.
2432This feature is for compatibility with some systems that contain a command of
2433that name in one of the standard libraries, symbolically linked to
9b371988
PH
2434&_/usr/sbin/sendmail_& or &_/usr/lib/sendmail_&.
2435
2436.cindex "&'rsmtp'&"
2437If Exim is called under the name &'rsmtp'& it behaves as if the option &%-bS%&
2438were present before any other options, for compatibility with Smail. The
2439&%-bS%& option is used for reading in a number of messages in batched SMTP
2440format.
2441
2442.cindex "&'rmail'&"
2443If Exim is called under the name &'rmail'& it behaves as if the &%-i%& and
2444&%-oee%& options were present before any other options, for compatibility with
2445Smail. The name &'rmail'& is used as an interface by some UUCP systems.
2446
2447.cindex "&'runq'&"
2448.cindex "queue runner"
2449If Exim is called under the name &'runq'& it behaves as if the option &%-q%&
2450were present before any other options, for compatibility with Smail. The &%-q%&
168e428f
PH
2451option causes a single queue runner process to be started.
2452
9b371988
PH
2453.cindex "&'newaliases'&"
2454.cindex "alias file" "building"
2455.cindex "Sendmail compatibility" "calling Exim as &'newaliases'&"
2456If Exim is called under the name &'newaliases'& it behaves as if the option
2457&%-bi%& were present before any other options, for compatibility with Sendmail.
168e428f
PH
2458This option is used for rebuilding Sendmail's alias file. Exim does not have
2459the concept of a single alias file, but can be configured to run a given
9b371988 2460command if called with the &%-bi%& option.
168e428f
PH
2461
2462
9b371988
PH
2463.section "Trusted and admin users" "SECTtrustedadmin"
2464Some Exim options are available only to &'trusted users'& and others are
2465available only to &'admin users'&. In the description below, the phrases &"Exim
2466user"& and &"Exim group"& mean the user and group defined by EXIM_USER and
2467EXIM_GROUP in &_Local/Makefile_& or set by the &%exim_user%& and
2468&%exim_group%& options. These do not necessarily have to use the name &"exim"&.
168e428f 2469
9b371988
PH
2470.ilist
2471.cindex "trusted user" "definition of"
2472.cindex "user" "trusted definition of"
168e428f 2473The trusted users are root, the Exim user, any user listed in the
9b371988
PH
2474&%trusted_users%& configuration option, and any user whose current group or any
2475supplementary group is one of those listed in the &%trusted_groups%&
168e428f 2476configuration option. Note that the Exim group is not automatically trusted.
9b371988
PH
2477
2478.cindex '&"From"& line'
2479.cindex "envelope sender"
2480Trusted users are always permitted to use the &%-f%& option or a leading
2481&"From&~"& line to specify the envelope sender of a message that is passed to
2482Exim through the local interface (see the &%-bm%& and &%-f%& options below).
2483See the &%untrusted_set_sender%& option for a way of permitting non-trusted
2484users to set envelope senders.
2485
2486.cindex "&'From:'& header line"
2487.cindex "&'Sender:'& header line"
2488For a trusted user, there is never any check on the contents of the &'From:'&
2489header line, and a &'Sender:'& line is never added. Furthermore, any existing
2490&'Sender:'& line in incoming local (non-TCP/IP) messages is not removed.
2491
168e428f
PH
2492Trusted users may also specify a host name, host address, interface address,
2493protocol name, ident value, and authentication data when submitting a message
2494locally. Thus, they are able to insert messages into Exim's queue locally that
2495have the characteristics of messages received from a remote host. Untrusted
9b371988 2496users may in some circumstances use &%-f%&, but can never set the other values
168e428f 2497that are available to trusted users.
9b371988
PH
2498.next
2499.cindex "user" "admin definition of"
2500.cindex "admin user" "definition of"
168e428f 2501The admin users are root, the Exim user, and any user that is a member of the
9b371988 2502Exim group or of any group listed in the &%admin_groups%& configuration option.
168e428f 2503The current group does not have to be one of these groups.
9b371988 2504
168e428f
PH
2505Admin users are permitted to list the queue, and to carry out certain
2506operations on messages, for example, to force delivery failures. It is also
2507necessary to be an admin user in order to see the full information provided by
2508the Exim monitor, and full debugging output.
9b371988
PH
2509
2510By default, the use of the &%-M%&, &%-q%&, &%-R%&, and &%-S%& options to cause
2511Exim to attempt delivery of messages on its queue is restricted to admin users.
2512However, this restriction can be relaxed by setting the &%prod_requires_admin%&
2513option false (that is, specifying &%no_prod_requires_admin%&).
2514
2515Similarly, the use of the &%-bp%& option to list all the messages in the queue
2516is restricted to admin users unless &%queue_list_requires_admin%& is set
168e428f 2517false.
9b371988 2518.endlist
168e428f
PH
2519
2520
9b371988 2521&*Warning*&: If you configure your system so that admin users are able to
168e428f
PH
2522edit Exim's configuration file, you are giving those users an easy way of
2523getting root. There is further discussion of this issue at the start of chapter
9b371988 2524&<<CHAPconf>>&.
168e428f
PH
2525
2526
2527
2528
9b371988 2529.section "Command line options"
db9452a9
PH
2530.new
2531Exim's command line options are described in alphabetical order below. If none
2532of the options that specifies a specific action (such as starting the daemon or
2533a queue runner, or testing an address, or receiving a message in a specific
2534format, or listing the queue) are present, and there is at least one argument
2535on the command line, &%-bm%& (accept a local message on the standard input,
2536with the arguments specifying the recipients) is assumed. Otherwise, Exim
2537outputs a brief message about itself and exits.
2538.wen
168e428f 2539
9b371988
PH
2540. ////////////////////////////////////////////////////////////////////////////
2541. Insert a stylized XML comment here, to identify the start of the command line
2542. options. This is for the benefit of the Perl script that automatically
2543. creates a man page for the options.
2544. ////////////////////////////////////////////////////////////////////////////
168e428f 2545
9b371988 2546.literal xml
168e428f 2547<!-- === Start of command line options === -->
9b371988 2548.literal off
168e428f
PH
2549
2550
9b371988
PH
2551.vlist
2552.vitem &%--%&
2553.oindex "--"
2554.cindex "options" "command line; terminating"
168e428f
PH
2555This is a pseudo-option whose only purpose is to terminate the options and
2556therefore to cause subsequent command line items to be treated as arguments
2557rather than options, even if they begin with hyphens.
2558
9b371988
PH
2559.vitem &%--help%&
2560.oindex "&%--help%&"
168e428f
PH
2561This option causes Exim to output a few sentences stating what it is.
2562The same output is generated if the Exim binary is called with no options and
2563no arguments.
2564
9b371988
PH
2565.vitem &%-B%&<&'type'&>
2566.oindex "&%-B%&"
2567.cindex "8-bit characters"
2568.cindex "Sendmail compatibility" "8-bit characters"
168e428f
PH
2569This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
2570clean; it ignores this option.
2571
9b371988
PH
2572.vitem &%-bd%&
2573.oindex "&%-bd%&"
2574.cindex "daemon"
2575.cindex "SMTP listener"
2576.cindex "queue runner"
168e428f 2577This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
9b371988
PH
2578the &%-bd%& option is combined with the &%-q%&<&'time'&> option, to specify
2579that the daemon should also initiate periodic queue runs.
2580
2581The &%-bd%& option can be used only by an admin user. If either of the &%-d%&
2582(debugging) or &%-v%& (verifying) options are set, the daemon does not
168e428f
PH
2583disconnect from the controlling terminal. When running this way, it can be
2584stopped by pressing ctrl-C.
9b371988 2585
168e428f
PH
2586By default, Exim listens for incoming connections to the standard SMTP port on
2587all the host's running interfaces. However, it is possible to listen on other
2588ports, on multiple ports, and only on specific interfaces. Chapter
9b371988
PH
2589&<<CHAPinterfaces>>& contains a description of the options that control this.
2590
168e428f 2591When a listening daemon
9b371988
PH
2592.cindex "daemon" "process id (pid)"
2593.cindex "pid (process id)" "of daemon"
2594is started without the use of &%-oX%& (that is, without overriding the normal
2595configuration), it writes its process id to a file called &_exim-daemon.pid_&
2596in Exim's spool directory. This location can be overridden by setting
2597PID_FILE_PATH in &_Local/Makefile_&. The file is written while Exim is still
168e428f 2598running as root.
9b371988
PH
2599
2600When &%-oX%& is used on the command line to start a listening daemon, the
2601process id is not written to the normal pid file path. However, &%-oP%& can be
168e428f 2602used to specify a path on the command line if a pid file is required.
9b371988 2603
168e428f 2604The SIGHUP signal
9b371988 2605.cindex "SIGHUP"
168e428f
PH
2606can be used to cause the daemon to re-exec itself. This should be done whenever
2607Exim's configuration file, or any file that is incorporated into it by means of
9b371988
PH
2608the &%.include%& facility, is changed, and also whenever a new version of Exim
2609is installed. It is not necessary to do this when other files that are
2610referenced from the configuration (for example, alias files) are changed,
2611because these are reread each time they are used.
2612
2613.vitem &%-bdf%&
2614.oindex "&%-bdf%&"
2615This option has the same effect as &%-bd%& except that it never disconnects
2616from the controlling terminal, even when no debugging is specified.
2617
2618.vitem &%-be%&
2619.oindex "&%-be%&"
2620.cindex "testing" "string expansion"
2621.cindex "expansion" "testing"
168e428f
PH
2622Run Exim in expansion testing mode. Exim discards its root privilege, to
2623prevent ordinary users from using this mode to read otherwise inaccessible
2624files. If no arguments are given, Exim runs interactively, prompting for lines
4f578862 2625of data. Otherwise, it processes each argument in turn.
9b371988
PH
2626
2627If Exim was built with USE_READLINE=yes in &_Local/Makefile_&, it tries
2628to load the &%libreadline%& library dynamically whenever the &%-be%& option is
2629used without command line arguments. If successful, it uses the &[readline()]&
168e428f
PH
2630function, which provides extensive line-editing facilities, for reading the
2631test data. A line history is supported.
9b371988 2632
168e428f 2633Long expansion expressions can be split over several lines by using backslash
068aaea8 2634continuations. As in Exim's run time configuration, white space at the start of
168e428f
PH
2635continuation lines is ignored. Each argument or data line is passed through the
2636string expansion mechanism, and the result is output. Variable values from the
9b371988
PH
2637configuration file (for example, &$qualify_domain$&) are available, but no
2638message-specific values (such as &$domain$&) are set, because no message is
168e428f
PH
2639being processed.
2640
9b371988
PH
2641&*Note*&: If you use this mechanism to test lookups, and you change the data
2642files or databases you are using, you must exit and restart Exim before trying
2643the same lookup again. Otherwise, because each Exim process caches the results
2644of lookups, you will just get the same result as before.
9b371988
PH
2645
2646.vitem &%-bF%&&~<&'filename'&>
2647.oindex "&%-bF%&"
2648.cindex "system filter" "testing"
2649.cindex "testing" "system filter"
2650This option is the same as &%-bf%& except that it assumes that the filter being
168e428f
PH
2651tested is a system filter. The additional commands that are available only in
2652system filters are recognized.
2653
9b371988
PH
2654.vitem &%-bf%&&~<&'filename'&>
2655.oindex "&%-bf%&"
2656.cindex "filter" "testing"
2657.cindex "testing" "filter file"
2658.cindex "forward file" "testing"
2659.cindex "testing" "forward file"
2660.cindex "Sieve filter" "testing"
168e428f
PH
2661This option runs Exim in user filter testing mode; the file is the filter file
2662to be tested, and a test message must be supplied on the standard input. If
2663there are no message-dependent tests in the filter, an empty file can be
2664supplied.
168e428f 2665
9b371988
PH
2666If you want to test a system filter file, use &%-bF%& instead of &%-bf%&. You
2667can use both &%-bF%& and &%-bf%& on the same command, in order to test a system
2668filter and a user filter in the same run. For example:
2669.code
2670exim -bF /system/filter -bf /user/filter </test/message
2671.endd
168e428f
PH
2672This is helpful when the system filter adds header lines or sets filter
2673variables that are used by the user filter.
168e428f 2674
9b371988
PH
2675If the test filter file does not begin with one of the special lines
2676.code
2677# Exim filter
2678# Sieve filter
2679.endd
2680it is taken to be a normal &_.forward_& file, and is tested for validity under
2681that interpretation. See sections &<<SECTitenonfilred>>& to
2682&<<SECTspecitredli>>& for a description of the possible contents of non-filter
2683redirection lists.
2684
2685The result of an Exim command that uses &%-bf%&, provided no errors are
168e428f
PH
2686detected, is a list of the actions that Exim would try to take if presented
2687with the message for real. More details of filter testing are given in the
9b371988
PH
2688separate document entitled &'Exim's interfaces to mail filtering'&.
2689
168e428f 2690When testing a filter file,
9b371988
PH
2691.cindex "&""From""& line"
2692.cindex "envelope sender"
2693.cindex "&%-f%& option" "for filter testing"
2694the envelope sender can be set by the &%-f%& option,
2695or by a &"From&~"& line at the start of the test message. Various parameters
2696that would normally be taken from the envelope recipient address of the message
2697can be set by means of additional command line options (see the next four
2698options).
2699
2700.vitem &%-bfd%&&~<&'domain'&>
2701.oindex "&%-bfd%&"
2702.cindex "&$qualify_domain$&"
168e428f 2703This sets the domain of the recipient address when a filter file is being
9b371988
PH
2704tested by means of the &%-bf%& option. The default is the value of
2705&$qualify_domain$&.
168e428f 2706
9b371988
PH
2707.vitem &%-bfl%&&~<&'local&~part'&>
2708.oindex "&%-bfl%&"
168e428f 2709This sets the local part of the recipient address when a filter file is being
9b371988 2710tested by means of the &%-bf%& option. The default is the username of the
168e428f
PH
2711process that calls Exim. A local part should be specified with any prefix or
2712suffix stripped, because that is how it appears to the filter when a message is
2713actually being delivered.
2714
9b371988
PH
2715.vitem &%-bfp%&&~<&'prefix'&>
2716.oindex "&%-bfp%&"
168e428f 2717This sets the prefix of the local part of the recipient address when a filter
9b371988 2718file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2719prefix.
2720
9b371988
PH
2721.vitem &%-bfs%&&~<&'suffix'&>
2722.oindex "&%-bfs%&"
168e428f 2723This sets the suffix of the local part of the recipient address when a filter
9b371988 2724file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2725suffix.
2726
9b371988
PH
2727.vitem &%-bh%&&~<&'IP&~address'&>
2728.oindex "&%-bh%&"
2729.cindex "testing" "incoming SMTP"
2730.cindex "SMTP" "testing incoming"
2731.cindex "testing" "relay control"
2732.cindex "relaying" "testing configuration"
2733.cindex "policy control" "testing"
2734.cindex "debugging" "&%-bh%& option"
168e428f
PH
2735This option runs a fake SMTP session as if from the given IP address, using the
2736standard input and output. The IP address may include a port number at the end,
2737after a full stop. For example:
9b371988
PH
2738.code
2739exim -bh 10.9.8.7.1234
2740exim -bh fe80::a00:20ff:fe86:a061.5678
2741.endd
168e428f 2742When an IPv6 address is given, it is converted into canonical form. In the case
9b371988
PH
2743of the second example above, the value of &$sender_host_address$& after
2744conversion to the canonical form is
2745&`fe80:0000:0000:0a00:20ff:fe86:a061.5678`&.
2746
168e428f 2747Comments as to what is going on are written to the standard error file. These
9b371988 2748include lines beginning with &"LOG"& for anything that would have been logged.
168e428f
PH
2749This facility is provided for testing configuration options for incoming
2750messages, to make sure they implement the required policy. For example, you can
9b371988
PH
2751test your relay controls using &%-bh%&.
2752
2753&*Warning 1*&:
2754.cindex "RFC 1413"
db9452a9
PH
2755.new
2756You can test features of the configuration that rely on ident (RFC 1413)
2757information by using the &%-oMt%& option. However, Exim cannot actually perform
2758an ident callout when testing using &%-bh%& because there is no incoming SMTP
2759connection.
2760.wen
9b371988
PH
2761
2762&*Warning 2*&: Address verification callouts (see section &<<SECTcallver>>&)
2763are also skipped when testing using &%-bh%&. If you want these callouts to
2764occur, use &%-bhc%& instead.
2765
db9452a9 2766.new
168e428f
PH
2767Messages supplied during the testing session are discarded, and nothing is
2768written to any of the real log files. There may be pauses when DNS (and other)
9b371988 2769lookups are taking place, and of course these may time out. The &%-oMi%& option
db9452a9
PH
2770can be used to specify a specific IP interface and port if this is important,
2771and &%-oMaa%& and &%-oMai%& can be used to set parameters as if the SMTP
2772session were authenticated.
2773.wen
9b371988
PH
2774
2775The &'exim_checkaccess'& utility is a &"packaged"& version of &%-bh%& whose
168e428f 2776output just states whether a given recipient address from a given host is
9b371988 2777acceptable or not. See section &<<SECTcheckaccess>>&.
168e428f 2778
9b371988
PH
2779.vitem &%-bhc%&&~<&'IP&~address'&>
2780.oindex "&%-bhc%&"
2781This option operates in the same way as &%-bh%&, except that address
168e428f
PH
2782verification callouts are performed if required. This includes consulting and
2783updating the callout cache database.
2784
9b371988
PH
2785.vitem &%-bi%&
2786.oindex "&%-bi%&"
2787.cindex "alias file" "building"
2788.cindex "building alias file"
2789.cindex "Sendmail compatibility" "&%-bi%& option"
2790Sendmail interprets the &%-bi%& option as a request to rebuild its alias file.
168e428f 2791Exim does not have the concept of a single alias file, and so it cannot mimic
9b371988 2792this behaviour. However, calls to &_/usr/lib/sendmail_& with the &%-bi%& option
168e428f
PH
2793tend to appear in various scripts such as NIS make files, so the option must be
2794recognized.
9b371988
PH
2795
2796If &%-bi%& is encountered, the command specified by the &%bi_command%&
168e428f 2797configuration option is run, under the uid and gid of the caller of Exim. If
9b371988
PH
2798the &%-oA%& option is used, its value is passed to the command as an argument.
2799The command set by &%bi_command%& may not contain arguments. The command can
2800use the &'exim_dbmbuild'& utility, or some other means, to rebuild alias files
2801if this is required. If the &%bi_command%& option is not set, calling Exim with
2802&%-bi%& is a no-op.
2803
2804.vitem &%-bm%&
2805.oindex "&%-bm%&"
2806.cindex "local message reception"
168e428f
PH
2807This option runs an Exim receiving process that accepts an incoming,
2808locally-generated message on the current input. The recipients are given as the
9b371988 2809command arguments (except when &%-t%& is also present &-- see below). Each
168e428f
PH
2810argument can be a comma-separated list of RFC 2822 addresses. This is the
2811default option for selecting the overall action of an Exim call; it is assumed
2812if no other conflicting option is present.
9b371988 2813
168e428f 2814If any addresses in the message are unqualified (have no domain), they are
9b371988
PH
2815qualified by the values of the &%qualify_domain%& or &%qualify_recipient%&
2816options, as appropriate. The &%-bnq%& option (see below) provides a way of
168e428f 2817suppressing this for special cases.
9b371988 2818
168e428f 2819Policy checks on the contents of local messages can be enforced by means of
9b371988
PH
2820the non-SMTP ACL. See chapter &<<CHAPACL>>& for details.
2821
2822.cindex "return code" "for &%-bm%&"
2823The return code is zero if the message is successfully accepted. Otherwise, the
2824action is controlled by the &%-oe%&&'x'& option setting &-- see below.
2825
168e428f 2826The format
9b371988
PH
2827.cindex "message" "format"
2828.cindex "format" "message"
2829.cindex "&""From""& line"
2830.cindex "UUCP" "&""From""& line"
2831.cindex "Sendmail compatibility" "&""From""& line"
168e428f
PH
2832of the message must be as defined in RFC 2822, except that, for
2833compatibility with Sendmail and Smail, a line in one of the forms
9b371988
PH
2834.code
2835From sender Fri Jan 5 12:55 GMT 1997
2836From sender Fri, 5 Jan 97 12:55:01
2837.endd
168e428f
PH
2838(with the weekday optional, and possibly with additional text after the date)
2839is permitted to appear at the start of the message. There appears to be no
2840authoritative specification of the format of this line. Exim recognizes it by
9b371988 2841matching against the regular expression defined by the &%uucp_from_pattern%&
168e428f 2842option, which can be changed if necessary.
9b371988 2843
168e428f 2844The
9b371988 2845.cindex "&%-f%& option" "overriding &""From""& line"
168e428f 2846specified sender is treated as if it were given as the argument to the
9b371988 2847&%-f%& option, but if a &%-f%& option is also present, its argument is used in
168e428f
PH
2848preference to the address taken from the message. The caller of Exim must be a
2849trusted user for the sender of a message to be set in this way.
2850
9b371988
PH
2851.vitem &%-bnq%&
2852.oindex "&%-bnq%&"
2853.cindex "address qualification" "suppressing"
168e428f
PH
2854By default, Exim automatically qualifies unqualified addresses (those
2855without domains) that appear in messages that are submitted locally (that
2856is, not over TCP/IP). This qualification applies both to addresses in
2857envelopes, and addresses in header lines. Sender addresses are qualified using
9b371988
PH
2858&%qualify_domain%&, and recipient addresses using &%qualify_recipient%& (which
2859defaults to the value of &%qualify_domain%&).
2860
2861Sometimes, qualification is not wanted. For example, if &%-bS%& (batch SMTP) is
168e428f
PH
2862being used to re-submit messages that originally came from remote hosts after
2863content scanning, you probably do not want to qualify unqualified addresses in
2864header lines. (Such lines will be present only if you have not enabled a header
2865syntax check in the appropriate ACL.)
9b371988
PH
2866
2867The &%-bnq%& option suppresses all qualification of unqualified addresses in
168e428f
PH
2868messages that originate on the local host. When this is used, unqualified
2869addresses in the envelope provoke errors (causing message rejection) and
2870unqualified addresses in header lines are left alone.
2871
2872
9b371988
PH
2873.vitem &%-bP%&
2874.oindex "&%-bP%&"
2875.cindex "configuration options" "extracting"
2876.cindex "options" "configuration &-- extracting"
168e428f
PH
2877If this option is given with no arguments, it causes the values of all Exim's
2878main configuration options to be written to the standard output. The values
2879of one or more specific options can be requested by giving their names as
2880arguments, for example:
9b371988
PH
2881.code
2882exim -bP qualify_domain hold_domains
2883.endd
2884However, any option setting that is preceded by the word &"hide"& in the
168e428f
PH
2885configuration file is not shown in full, except to an admin user. For other
2886users, the output is as in this example:
9b371988
PH
2887.code
2888mysql_servers = <value not displayable>
2889.endd
2890If &%configure_file%& is given as an argument, the name of the run time
168e428f
PH
2891configuration file is output.
2892If a list of configuration files was supplied, the value that is output here
2893is the name of the file that was actually used.
168e428f 2894
9b371988
PH
2895.cindex "daemon" "process id (pid)"
2896.cindex "pid (process id)" "of daemon"
2897If &%log_file_path%& or &%pid_file_path%& are given, the names of the
2898directories where log files and daemon pid files are written are output,
2899respectively. If these values are unset, log files are written in a
2900sub-directory of the spool directory called &%log%&, and the pid file is
2901written directly into the spool directory.
2902
2903If &%-bP%& is followed by a name preceded by &`+`&, for example,
2904.code
2905exim -bP +local_domains
2906.endd
168e428f
PH
2907it searches for a matching named list of any type (domain, host, address, or
2908local part) and outputs what it finds.
9b371988
PH
2909
2910.cindex "options" "router &-- extracting"
2911.cindex "options" "transport &-- extracting"
2912If one of the words &%router%&, &%transport%&, or &%authenticator%& is given,
168e428f
PH
2913followed by the name of an appropriate driver instance, the option settings for
2914that driver are output. For example:
9b371988
PH
2915.code
2916exim -bP transport local_delivery
2917.endd
168e428f
PH
2918The generic driver options are output first, followed by the driver's private
2919options. A list of the names of drivers of a particular type can be obtained by
9b371988
PH
2920using one of the words &%router_list%&, &%transport_list%&, or
2921&%authenticator_list%&, and a complete list of all drivers with their option
2922settings can be obtained by using &%routers%&, &%transports%&, or
2923&%authenticators%&.
168e428f
PH
2924
2925
9b371988
PH
2926.vitem &%-bp%&
2927.oindex "&%-bp%&"
2928.cindex "queue" "listing messages on"
2929.cindex "listing" "messages on the queue"
168e428f 2930This option requests a listing of the contents of the mail queue on the
9b371988 2931standard output. If the &%-bp%& option is followed by a list of message ids,
168e428f 2932just those messages are listed. By default, this option can be used only by an
9b371988 2933admin user. However, the &%queue_list_requires_admin%& option can be set false
168e428f 2934to allow any user to see the queue.
168e428f 2935
9b371988
PH
2936Each message on the queue is displayed as in the following example:
2937.code
293825m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
2939 red.king@looking-glass.fict.example
2940 <other addresses>
2941.endd
2942.cindex "message" "size in queue listing"
2943.cindex "size" "of message"
2944The first line contains the length of time the message has been on the queue
168e428f
PH
2945(in this case 25 minutes), the size of the message (2.9K), the unique local
2946identifier for the message, and the message sender, as contained in the
2947envelope. For bounce messages, the sender address is empty, and appears as
9b371988 2948&"<>"&. If the message was submitted locally by an untrusted user who overrode
168e428f
PH
2949the default sender address, the user's login name is shown in parentheses
2950before the sender address.
9b371988
PH
2951
2952.cindex "frozen messages" "in queue listing"
2953If the message is frozen (attempts to deliver it are suspended) then the text
2954&"*** frozen ***"& is displayed at the end of this line.
2955
168e428f
PH
2956The recipients of the message (taken from the envelope, not the headers) are
2957displayed on subsequent lines. Those addresses to which the message has already
2958been delivered are marked with the letter D. If an original address gets
2959expanded into several addresses via an alias or forward file, the original is
2960displayed with a D only when deliveries for all of its child addresses are
2961complete.
2962
2963
9b371988
PH
2964.vitem &%-bpa%&
2965.oindex "&%-bpa%&"
2966This option operates like &%-bp%&, but in addition it shows delivered addresses
168e428f 2967that were generated from the original top level address(es) in each message by
9b371988
PH
2968alias or forwarding operations. These addresses are flagged with &"+D"& instead
2969of just &"D"&.
168e428f
PH
2970
2971
9b371988
PH
2972.vitem &%-bpc%&
2973.oindex "&%-bpc%&"
2974.cindex "queue" "count of messages on"
168e428f
PH
2975This option counts the number of messages on the queue, and writes the total
2976to the standard output. It is restricted to admin users, unless
9b371988 2977&%queue_list_requires_admin%& is set false.
168e428f
PH
2978
2979
9b371988
PH
2980.vitem &%-bpr%&
2981.oindex "&%-bpr%&"
2982This option operates like &%-bp%&, but the output is not sorted into
168e428f
PH
2983chronological order of message arrival. This can speed it up when there are
2984lots of messages on the queue, and is particularly useful if the output is
2985going to be post-processed in a way that doesn't need the sorting.
2986
9b371988
PH
2987.vitem &%-bpra%&
2988.oindex "&%-bpra%&"
2989This option is a combination of &%-bpr%& and &%-bpa%&.
168e428f 2990
9b371988
PH
2991.vitem &%-bpru%&
2992.oindex "&%-bpru%&"
2993This option is a combination of &%-bpr%& and &%-bpu%&.
168e428f
PH
2994
2995
9b371988
PH
2996.vitem &%-bpu%&
2997.oindex "&%-bpu%&"
2998This option operates like &%-bp%& but shows only undelivered top-level
2999addresses for each message displayed. Addresses generated by aliasing or
3000forwarding are not shown, unless the message was deferred after processing by a
3001router with the &%one_time%& option set.
168e428f
PH
3002
3003
9b371988
PH
3004.vitem &%-brt%&
3005.oindex "&%-brt%&"
3006.cindex "testing" "retry configuration"
3007.cindex "retry" "configuration testing"
168e428f
PH
3008This option is for testing retry rules, and it must be followed by up to three
3009arguments. It causes Exim to look for a retry rule that matches the values
3010and to write it to the standard output. For example:
9b371988
PH
3011.code
3012exim -brt bach.comp.mus.example
3013Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
3014.endd
3015See chapter &<<CHAPretry>>& for a description of Exim's retry rules. The first
168e428f 3016argument, which is required, can be a complete address in the form
4f578862
PH
3017&'local_part@domain'&, or it can be just a domain name. If the second argument
3018contains a dot, it is interpreted as an optional second domain name; if no
3019retry rule is found for the first argument, the second is tried. This ties in
3020with Exim's behaviour when looking for retry rules for remote hosts &-- if no
3021rule is found that matches the host, one that matches the mail domain is
3022sought. Finally, an argument that is the name of a specific delivery error, as
3023used in setting up retry rules, can be given. For example:
3024.code
3025exim -brt haydn.comp.mus.example quota_3d
3026Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m
3027.endd
168e428f 3028
9b371988
PH
3029.vitem &%-brw%&
3030.oindex "&%-brw%&"
3031.cindex "testing" "rewriting"
3032.cindex "rewriting" "testing"
168e428f
PH
3033This option is for testing address rewriting rules, and it must be followed by
3034a single argument, consisting of either a local part without a domain, or a
3035complete address with a fully qualified domain. Exim outputs how this address
3036would be rewritten for each possible place it might appear. See chapter
9b371988 3037&<<CHAPrewrite>>& for further details.
168e428f 3038
9b371988
PH
3039.vitem &%-bS%&
3040.oindex "&%-bS%&"
3041.cindex "SMTP" "batched incoming"
3042.cindex "batched SMTP input"
168e428f
PH
3043This option is used for batched SMTP input, which is an alternative interface
3044for non-interactive local message submission. A number of messages can be
3045submitted in a single run. However, despite its name, this is not really SMTP
3046input. Exim reads each message's envelope from SMTP commands on the standard
3047input, but generates no responses. If the caller is trusted, or
9b371988 3048&%untrusted_set_sender%& is set, the senders in the SMTP MAIL commands are
168e428f 3049believed; otherwise the sender is always the caller of Exim.
9b371988 3050
168e428f
PH
3051The message itself is read from the standard input, in SMTP format (leading
3052dots doubled), terminated by a line containing just a single dot. An error is
3053provoked if the terminating dot is missing. A further message may then follow.
9b371988 3054
168e428f 3055As for other local message submissions, the contents of incoming batch SMTP
9b371988
PH
3056messages can be checked using the non-SMTP ACL (see chapter &<<CHAPACL>>&).
3057Unqualified addresses are automatically qualified using &%qualify_domain%& and
3058&%qualify_recipient%&, as appropriate, unless the &%-bnq%& option is used.
3059
168e428f
PH
3060Some other SMTP commands are recognized in the input. HELO and EHLO act
3061as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP;
3062QUIT quits, ignoring the rest of the standard input.
9b371988
PH
3063
3064.cindex "return code" "for &%-bS%&"
168e428f
PH
3065If any error is encountered, reports are written to the standard output and
3066error streams, and Exim gives up immediately. The return code is 0 if no error
3067was detected; it is 1 if one or more messages were accepted before the error
3068was detected; otherwise it is 2.
9b371988 3069
168e428f 3070More details of input using batched SMTP are given in section
9b371988 3071&<<SECTincomingbatchedSMTP>>&.
168e428f 3072
9b371988
PH
3073.vitem &%-bs%&
3074.oindex "&%-bs%&"
3075.cindex "SMTP" "local input"
3076.cindex "local SMTP input"
168e428f
PH
3077This option causes Exim to accept one or more messages by reading SMTP commands
3078on the standard input, and producing SMTP replies on the standard output. SMTP
9b371988 3079policy controls, as defined in ACLs (see chapter &<<CHAPACL>>&) are applied.
168e428f
PH
3080Some user agents use this interface as a way of passing locally-generated
3081messages to the MTA.
9b371988 3082
168e428f 3083In
9b371988
PH
3084.cindex "sender" "source of"
3085this usage, if the caller of Exim is trusted, or &%untrusted_set_sender%& is
168e428f
PH
3086set, the senders of messages are taken from the SMTP MAIL commands.
3087Otherwise the content of these commands is ignored and the sender is set up as
3088the calling user. Unqualified addresses are automatically qualified using
9b371988
PH
3089&%qualify_domain%& and &%qualify_recipient%&, as appropriate, unless the
3090&%-bnq%& option is used.
3091
3092.cindex "inetd"
168e428f 3093The
9b371988
PH
3094&%-bs%& option is also used to run Exim from &'inetd'&, as an alternative to
3095using a listening daemon. Exim can distinguish the two cases by checking
3096whether the standard input is a TCP/IP socket. When Exim is called from
3097&'inetd'&, the source of the mail is assumed to be remote, and the comments
3098above concerning senders and qualification do not apply. In this situation,
3099Exim behaves in exactly the same way as it does when receiving a message via
3100the listening daemon.
3101
3102.vitem &%-bt%&
3103.oindex "&%-bt%&"
3104.cindex "testing" "addresses"
3105.cindex "address" "testing"
168e428f
PH
3106This option runs Exim in address testing mode, in which each argument is taken
3107as an address to be tested for deliverability. The results are written to the
3108standard output. If a test fails, and the caller is not an admin user, no
3109details of the failure are output, because these might contain sensitive
3110information such as usernames and passwords for database lookups.
9b371988 3111
168e428f
PH
3112If no arguments are given, Exim runs in an interactive manner, prompting with a
3113right angle bracket for addresses to be tested.
9b371988
PH
3114
3115Unlike the &%-be%& test option, you cannot arrange for Exim to use the
3116&[readline()]& function, because it is running as &'root'& and there are
168e428f 3117security issues.
9b371988 3118
168e428f 3119Each address is handled as if it were the recipient address of a message
9b371988 3120(compare the &%-bv%& option). It is passed to the routers and the result is