Doc/Spec: section "Trust in configuration data"
[exim.git] / doc / doc-docbook / spec.xfpt
CommitLineData
9b371988
PH
1. /////////////////////////////////////////////////////////////////////////////
2. This is the primary source of the Exim Manual. It is an xfpt document that is
3. converted into DocBook XML for subsequent conversion into printing and online
4. formats. The markup used herein is "standard" xfpt markup, with some extras.
5. The markup is summarized in a file called Markup.txt.
595028e4
PH
6.
7. WARNING: When you use the .new macro, make sure it appears *before* any
8. adjacent index items; otherwise you get an empty "paragraph" which causes
9. unwanted vertical space.
9b371988
PH
10. /////////////////////////////////////////////////////////////////////////////
11
12.include stdflags
13.include stdmacs
9b371988
PH
14
15. /////////////////////////////////////////////////////////////////////////////
33393583 16. This outputs the standard DocBook boilerplate.
9b371988
PH
17. /////////////////////////////////////////////////////////////////////////////
18
33393583 19.docbook
3cb1b51e
PH
20
21. /////////////////////////////////////////////////////////////////////////////
22. These lines are processing instructions for the Simple DocBook Processor that
f89d2485
PH
23. Philip Hazel has developed as a less cumbersome way of making PostScript and
24. PDFs than using xmlto and fop. They will be ignored by all other XML
25. processors.
3cb1b51e
PH
26. /////////////////////////////////////////////////////////////////////////////
27
28.literal xml
29<?sdop
f89d2485
PH
30 foot_right_recto="&chaptertitle; (&chapternumber;)"
31 foot_right_verso="&chaptertitle; (&chapternumber;)"
3cb1b51e 32 toc_chapter_blanks="yes,yes"
595028e4 33 table_warn_overflow="overprint"
3cb1b51e
PH
34?>
35.literal off
9b371988 36
33393583
PH
37. /////////////////////////////////////////////////////////////////////////////
38. This generate the outermost <book> element that wraps then entire document.
39. /////////////////////////////////////////////////////////////////////////////
40
41.book
42
43. /////////////////////////////////////////////////////////////////////////////
2aee48d6 44. These definitions set some parameters and save some typing.
7d837ca7 45. Update the Copyright year (only) when changing content.
33393583
PH
46. /////////////////////////////////////////////////////////////////////////////
47
2341d632 48.set previousversion "4.80"
2aee48d6 49.include ./local_params
f89d2485 50
33393583 51.set ACL "access control lists (ACLs)"
f89d2485 52.set I "&nbsp;&nbsp;&nbsp;&nbsp;"
33393583 53
7d837ca7 54.macro copyyear
85b2d6f3 552013
7d837ca7 56.endmacro
9b371988
PH
57
58. /////////////////////////////////////////////////////////////////////////////
59. Additional xfpt markup used by this document, over and above the default
60. provided in the xfpt library.
61. /////////////////////////////////////////////////////////////////////////////
62
63. --- Override the &$ flag to automatically insert a $ with the variable name
64
65.flag &$ $& "<varname>$" "</varname>"
66
67. --- Short flags for daggers in option headings. They will always be inside
68. --- an italic string, but we want the daggers to be roman.
69
70.flag &!! "</emphasis>&dagger;<emphasis>"
71.flag &!? "</emphasis>&Dagger;<emphasis>"
72
73. --- A macro for an Exim option definition heading, generating a one-line
0a4e3112
PH
74. --- table with four columns. For cases when the option name is given with
75. --- a space, so that it can be split, a fifth argument is used for the
76. --- index entry.
9b371988
PH
77
78.macro option
0a4e3112
PH
79.arg 5
80.oindex "&%$5%&"
81.endarg
82.arg -5
3cb1b51e 83.oindex "&%$1%&"
0a4e3112 84.endarg
f89d2485 85.itable all 0 0 4 8* left 6* center 6* center 6* right
9b371988
PH
86.row "&%$1%&" "Use: &'$2'&" "Type: &'$3'&" "Default: &'$4'&"
87.endtable
88.endmacro
89
90. --- A macro for the common 2-column tables. The width of the first column
91. --- is suitable for the many tables at the start of the main options chapter;
92. --- the small number of other 2-column tables override it.
93
db9452a9 94.macro table2 196pt 254pt
9b371988
PH
95.itable none 0 0 2 $1 left $2 left
96.endmacro
97
f89d2485
PH
98. --- A macro that generates .row, but puts &I; at the start of the first
99. --- argument, thus indenting it. Assume a minimum of two arguments, and
100. --- allow up to four arguments, which is as many as we'll ever need.
101
102.macro irow
103.arg 4
104.row "&I;$1" "$2" "$3" "$4"
105.endarg
106.arg -4
107.arg 3
108.row "&I;$1" "$2" "$3"
109.endarg
110.arg -3
111.row "&I;$1" "$2"
112.endarg
113.endarg
114.endmacro
115
116. --- Macros for option, variable, and concept index entries. For a "range"
117. --- style of entry, use .scindex for the start and .ecindex for the end. The
118. --- first argument of .scindex and the only argument of .ecindex must be the
119. --- ID that ties them together.
9b371988
PH
120
121.macro cindex
122&<indexterm role="concept">&
123&<primary>&$1&</primary>&
124.arg 2
125&<secondary>&$2&</secondary>&
126.endarg
127&</indexterm>&
128.endmacro
129
4f578862
PH
130.macro scindex
131&<indexterm role="concept" id="$1" class="startofrange">&
132&<primary>&$2&</primary>&
133.arg 3
134&<secondary>&$3&</secondary>&
135.endarg
136&</indexterm>&
137.endmacro
138
139.macro ecindex
140&<indexterm role="concept" startref="$1" class="endofrange"/>&
141.endmacro
142
9b371988
PH
143.macro oindex
144&<indexterm role="option">&
145&<primary>&$1&</primary>&
146.arg 2
147&<secondary>&$2&</secondary>&
148.endarg
149&</indexterm>&
150.endmacro
151
f89d2485
PH
152.macro vindex
153&<indexterm role="variable">&
154&<primary>&$1&</primary>&
155.arg 2
156&<secondary>&$2&</secondary>&
157.endarg
158&</indexterm>&
159.endmacro
160
9b371988 161.macro index
f89d2485 162.echo "** Don't use .index; use .cindex or .oindex or .vindex"
9b371988
PH
163.endmacro
164. ////////////////////////////////////////////////////////////////////////////
165
166
167. ////////////////////////////////////////////////////////////////////////////
168. The <bookinfo> element is removed from the XML before processing for Ascii
169. output formats.
170. ////////////////////////////////////////////////////////////////////////////
171
172.literal xml
173<bookinfo>
174<title>Specification of the Exim Mail Transfer Agent</title>
175<titleabbrev>The Exim MTA</titleabbrev>
2aee48d6
JH
176<date>
177.fulldate
178</date>
7b4c60eb
NM
179<author><firstname>Exim</firstname><surname>Maintainers</surname></author>
180<authorinitials>EM</authorinitials>
9b371988 181<revhistory><revision>
99474a17 182.versiondatexml
7b4c60eb 183 <authorinitials>EM</authorinitials>
9b371988 184</revision></revhistory>
2aee48d6 185<copyright><year>
29343b08 186.copyyear
2aee48d6 187 </year><holder>University of Cambridge</holder></copyright>
9b371988
PH
188</bookinfo>
189.literal off
190
191
192. /////////////////////////////////////////////////////////////////////////////
193. This chunk of literal XML implements index entries of the form "x, see y" and
194. "x, see also y". However, the DocBook DTD doesn't allow <indexterm> entries
195. at the top level, so we have to put the .chapter directive first.
196. /////////////////////////////////////////////////////////////////////////////
197
f89d2485 198.chapter "Introduction" "CHID1"
9b371988
PH
199.literal xml
200
f89d2485 201<indexterm role="variable">
168e428f
PH
202 <primary>$1, $2, etc.</primary>
203 <see><emphasis>numerical variables</emphasis></see>
204</indexterm>
205<indexterm role="concept">
206 <primary>address</primary>
207 <secondary>rewriting</secondary>
208 <see><emphasis>rewriting</emphasis></see>
209</indexterm>
210<indexterm role="concept">
068aaea8
PH
211 <primary>Bounce Address Tag Validation</primary>
212 <see><emphasis>BATV</emphasis></see>
213</indexterm>
214<indexterm role="concept">
215 <primary>Client SMTP Authorization</primary>
216 <see><emphasis>CSA</emphasis></see>
217</indexterm>
218<indexterm role="concept">
168e428f
PH
219 <primary>CR character</primary>
220 <see><emphasis>carriage return</emphasis></see>
221</indexterm>
222<indexterm role="concept">
223 <primary>CRL</primary>
224 <see><emphasis>certificate revocation list</emphasis></see>
225</indexterm>
226<indexterm role="concept">
227 <primary>delivery</primary>
228 <secondary>failure report</secondary>
229 <see><emphasis>bounce message</emphasis></see>
230</indexterm>
231<indexterm role="concept">
232 <primary>dialup</primary>
233 <see><emphasis>intermittently connected hosts</emphasis></see>
234</indexterm>
235<indexterm role="concept">
236 <primary>exiscan</primary>
237 <see><emphasis>content scanning</emphasis></see>
238</indexterm>
239<indexterm role="concept">
240 <primary>failover</primary>
241 <see><emphasis>fallback</emphasis></see>
242</indexterm>
243<indexterm role="concept">
244 <primary>fallover</primary>
245 <see><emphasis>fallback</emphasis></see>
246</indexterm>
247<indexterm role="concept">
248 <primary>filter</primary>
249 <secondary>Sieve</secondary>
250 <see><emphasis>Sieve filter</emphasis></see>
251</indexterm>
252<indexterm role="concept">
253 <primary>ident</primary>
254 <see><emphasis>RFC 1413</emphasis></see>
255</indexterm>
256<indexterm role="concept">
257 <primary>LF character</primary>
258 <see><emphasis>linefeed</emphasis></see>
259</indexterm>
260<indexterm role="concept">
261 <primary>maximum</primary>
595028e4 262 <seealso><emphasis>limit</emphasis></seealso>
168e428f
PH
263</indexterm>
264<indexterm role="concept">
068aaea8
PH
265 <primary>monitor</primary>
266 <see><emphasis>Exim monitor</emphasis></see>
267</indexterm>
268<indexterm role="concept">
168e428f
PH
269 <primary>no_<emphasis>xxx</emphasis></primary>
270 <see>entry for xxx</see>
271</indexterm>
272<indexterm role="concept">
273 <primary>NUL</primary>
274 <see><emphasis>binary zero</emphasis></see>
275</indexterm>
276<indexterm role="concept">
277 <primary>passwd file</primary>
278 <see><emphasis>/etc/passwd</emphasis></see>
279</indexterm>
280<indexterm role="concept">
281 <primary>process id</primary>
282 <see><emphasis>pid</emphasis></see>
283</indexterm>
284<indexterm role="concept">
285 <primary>RBL</primary>
286 <see><emphasis>DNS list</emphasis></see>
287</indexterm>
288<indexterm role="concept">
289 <primary>redirection</primary>
290 <see><emphasis>address redirection</emphasis></see>
291</indexterm>
292<indexterm role="concept">
293 <primary>return path</primary>
294 <seealso><emphasis>envelope sender</emphasis></seealso>
295</indexterm>
296<indexterm role="concept">
297 <primary>scanning</primary>
298 <see><emphasis>content scanning</emphasis></see>
299</indexterm>
300<indexterm role="concept">
301 <primary>SSL</primary>
302 <see><emphasis>TLS</emphasis></see>
303</indexterm>
304<indexterm role="concept">
305 <primary>string</primary>
306 <secondary>expansion</secondary>
307 <see><emphasis>expansion</emphasis></see>
308</indexterm>
309<indexterm role="concept">
310 <primary>top bit</primary>
311 <see><emphasis>8-bit characters</emphasis></see>
312</indexterm>
313<indexterm role="concept">
314 <primary>variables</primary>
315 <see><emphasis>expansion, variables</emphasis></see>
316</indexterm>
317<indexterm role="concept">
318 <primary>zero, binary</primary>
319 <see><emphasis>binary zero</emphasis></see>
320</indexterm>
9b371988
PH
321
322.literal off
168e428f
PH
323
324
9b371988
PH
325. /////////////////////////////////////////////////////////////////////////////
326. This is the real start of the first chapter. See the comment above as to why
327. we can't have the .chapter line here.
328. chapter "Introduction"
329. /////////////////////////////////////////////////////////////////////////////
168e428f
PH
330
331Exim is a mail transfer agent (MTA) for hosts that are running Unix or
332Unix-like operating systems. It was designed on the assumption that it would be
333run on hosts that are permanently connected to the Internet. However, it can be
334used on intermittently connected hosts with suitable configuration adjustments.
335
336Configuration files currently exist for the following operating systems: AIX,
068aaea8
PH
337BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, Dragonfly, FreeBSD, GNU/Hurd,
338GNU/Linux, HI-OSF (Hitachi), HI-UX, HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD,
339OpenUNIX, QNX, SCO, SCO SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4,
340Tru64-Unix (formerly Digital UNIX, formerly DEC-OSF1), Ultrix, and Unixware.
341Some of these operating systems are no longer current and cannot easily be
342tested, so the configuration files may no longer work in practice.
168e428f
PH
343
344There are also configuration files for compiling Exim in the Cygwin environment
345that can be installed on systems running Windows. However, this document does
346not contain any information about running Exim in the Cygwin environment.
347
348The terms and conditions for the use and distribution of Exim are contained in
9b371988
PH
349the file &_NOTICE_&. Exim is distributed under the terms of the GNU General
350Public Licence, a copy of which may be found in the file &_LICENCE_&.
168e428f
PH
351
352The use, supply or promotion of Exim for the purpose of sending bulk,
353unsolicited electronic mail is incompatible with the basic aims of the program,
354which revolve around the free provision of a service that enhances the quality
355of personal communications. The author of Exim regards indiscriminate
356mass-mailing as an antisocial, irresponsible abuse of the Internet.
357
358Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
359experience of running and working on the Smail 3 code, I could never have
360contemplated starting to write a new MTA. Many of the ideas and user interfaces
361were originally taken from Smail 3, though the actual code of Exim is entirely
362new, and has developed far beyond the initial concept.
363
364Many people, both in Cambridge and around the world, have contributed to the
365development and the testing of Exim, and to porting it to various operating
366systems. I am grateful to them all. The distribution now contains a file called
9b371988 367&_ACKNOWLEDGMENTS_&, in which I have started recording the names of
168e428f
PH
368contributors.
369
370
f89d2485 371.section "Exim documentation" "SECID1"
800d5176 372. Keep this example change bar when updating the documentation!
b52ed2b3 373
800d5176 374.new
9b371988 375.cindex "documentation"
2aee48d6 376This edition of the Exim specification applies to version &version() of Exim.
9b371988 377Substantive changes from the &previousversion; edition are marked in some
168e428f
PH
378renditions of the document; this paragraph is so marked if the rendition is
379capable of showing a change indicator.
800d5176 380.wen
168e428f
PH
381
382This document is very much a reference manual; it is not a tutorial. The reader
383is expected to have some familiarity with the SMTP mail transfer protocol and
384with general Unix system administration. Although there are some discussions
385and examples in places, the information is mostly organized in a way that makes
386it easy to look up, rather than in a natural order for sequential reading.
387Furthermore, the manual aims to cover every aspect of Exim in detail, including
388a number of rarely-used, special-purpose features that are unlikely to be of
389very wide interest.
390
9b371988
PH
391.cindex "books about Exim"
392An &"easier"& discussion of Exim which provides more in-depth explanatory,
393introductory, and tutorial material can be found in a book entitled &'The Exim
595028e4 394SMTP Mail Server'& (second edition, 2007), published by UIT Cambridge
9b371988 395(&url(http://www.uit.co.uk/exim-book/)).
168e428f
PH
396
397This book also contains a chapter that gives a general introduction to SMTP and
398Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
399with the latest release of Exim. (Note that the earlier book about Exim,
400published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)
401
9b371988 402.cindex "Debian" "information sources"
068aaea8
PH
403If you are using a Debian distribution of Exim, you will find information about
404Debian-specific features in the file
f89d2485 405&_/usr/share/doc/exim4-base/README.Debian_&.
9b371988 406The command &(man update-exim.conf)& is another source of Debian-specific
068aaea8
PH
407information.
408
9b371988
PH
409.cindex "&_doc/NewStuff_&"
410.cindex "&_doc/ChangeLog_&"
411.cindex "change log"
168e428f
PH
412As the program develops, there may be features in newer versions that have not
413yet made it into this document, which is updated only when the most significant
414digit of the fractional part of the version number changes. Specifications of
415new features that are not yet in this manual are placed in the file
9b371988 416&_doc/NewStuff_& in the Exim distribution.
168e428f 417
9b371988 418Some features may be classified as &"experimental"&. These may change
168e428f
PH
419incompatibly while they are developing, or even be withdrawn. For this reason,
420they are not documented in this manual. Information about experimental features
9b371988 421can be found in the file &_doc/experimental.txt_&.
168e428f
PH
422
423All changes to the program (whether new features, bug fixes, or other kinds of
9b371988 424change) are noted briefly in the file called &_doc/ChangeLog_&.
168e428f 425
9b371988
PH
426.cindex "&_doc/spec.txt_&"
427This specification itself is available as an ASCII file in &_doc/spec.txt_& so
428that it can easily be searched with a text editor. Other files in the &_doc_&
168e428f
PH
429directory are:
430
9b371988
PH
431.table2 100pt
432.row &_OptionLists.txt_& "list of all options in alphabetical order"
433.row &_dbm.discuss.txt_& "discussion about DBM libraries"
434.row &_exim.8_& "a man page of Exim's command line options"
435.row &_experimental.txt_& "documentation of experimental features"
436.row &_filter.txt_& "specification of the filter language"
9b371988
PH
437.row &_Exim3.upgrade_& "upgrade notes from release 2 to release 3"
438.row &_Exim4.upgrade_& "upgrade notes from release 3 to release 4"
439.endtable
168e428f
PH
440
441The main specification and the specification of the filtering language are also
442available in other formats (HTML, PostScript, PDF, and Texinfo). Section
9b371988 443&<<SECTavail>>& below tells you how to get hold of these.
168e428f
PH
444
445
446
f89d2485 447.section "FTP and web sites" "SECID2"
9b371988
PH
448.cindex "web site"
449.cindex "FTP site"
068aaea8 450The primary site for Exim source distributions is currently the University of
9b371988
PH
451Cambridge's FTP site, whose contents are described in &'Where to find the Exim
452distribution'& below. In addition, there is a web site and an FTP site at
453&%exim.org%&. These are now also hosted at the University of Cambridge. The
454&%exim.org%& site was previously hosted for a number of years by Energis
455Squared, formerly Planet Online Ltd, whose support I gratefully acknowledge.
456
457.cindex "wiki"
458.cindex "FAQ"
168e428f 459As well as Exim distribution tar files, the Exim web site contains a number of
f89d2485 460differently formatted versions of the documentation. A recent addition to the
7d0ab55c 461online information is the Exim wiki (&url(http://wiki.exim.org)),
f89d2485
PH
462which contains what used to be a separate FAQ, as well as various other
463examples, tips, and know-how that have been contributed by Exim users.
464
465.cindex Bugzilla
7d0ab55c 466An Exim Bugzilla exists at &url(http://bugs.exim.org). You can use
f89d2485
PH
467this to report bugs, and also to add items to the wish list. Please search
468first to check that you are not duplicating a previous entry.
168e428f
PH
469
470
471
f89d2485 472.section "Mailing lists" "SECID3"
9b371988 473.cindex "mailing lists" "for Exim users"
f89d2485 474The following Exim mailing lists exist:
168e428f 475
9b371988 476.table2 140pt
d854d3a9 477.row &'exim-announce@exim.org'& "Moderated, low volume announcements list"
f89d2485
PH
478.row &'exim-users@exim.org'& "General discussion list"
479.row &'exim-dev@exim.org'& "Discussion of bugs, enhancements, etc."
d854d3a9 480.row &'exim-cvs@exim.org'& "Automated commit messages from the VCS"
9b371988 481.endtable
168e428f
PH
482
483You can subscribe to these lists, change your existing subscriptions, and view
9b371988
PH
484or search the archives via the mailing lists link on the Exim home page.
485.cindex "Debian" "mailing list for"
4f578862 486If you are using a Debian distribution of Exim, you may wish to subscribe to
db9452a9
PH
487the Debian-specific mailing list &'pkg-exim4-users@lists.alioth.debian.org'&
488via this web page:
489.display
490&url(http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users)
491.endd
492Please ask Debian-specific questions on this list and not on the general Exim
493lists.
9b371988 494
f89d2485 495.section "Exim training" "SECID4"
9b371988 496.cindex "training courses"
595028e4
PH
497Training courses in Cambridge (UK) used to be run annually by the author of
498Exim, before he retired. At the time of writing, there are no plans to run
499further Exim courses in Cambridge. However, if that changes, relevant
500information will be posted at &url(http://www-tus.csx.cam.ac.uk/courses/exim/).
168e428f 501
f89d2485 502.section "Bug reports" "SECID5"
9b371988
PH
503.cindex "bug reports"
504.cindex "reporting bugs"
7d0ab55c
TF
505Reports of obvious bugs can be emailed to &'bugs@exim.org'& or reported
506via the Bugzilla (&url(http://bugs.exim.org)). However, if you are unsure
595028e4
PH
507whether some behaviour is a bug or not, the best thing to do is to post a
508message to the &'exim-dev'& mailing list and have it discussed.
168e428f
PH
509
510
511
9b371988
PH
512.section "Where to find the Exim distribution" "SECTavail"
513.cindex "FTP site"
514.cindex "distribution" "ftp site"
168e428f 515The master ftp site for the Exim distribution is
9b371988
PH
516.display
517&*ftp://ftp.csx.cam.ac.uk/pub/software/email/exim*&
518.endd
168e428f 519This is mirrored by
9b371988
PH
520.display
521&*ftp://ftp.exim.org/pub/exim*&
522.endd
523The file references that follow are relative to the &_exim_& directories at
524these sites. There are now quite a number of independent mirror sites around
525the world. Those that I know about are listed in the file called &_Mirrors_&.
526
527Within the &_exim_& directory there are subdirectories called &_exim3_& (for
528previous Exim 3 distributions), &_exim4_& (for the latest Exim 4
529distributions), and &_Testing_& for testing versions. In the &_exim4_&
168e428f 530subdirectory, the current release can always be found in files called
9b371988
PH
531.display
532&_exim-n.nn.tar.gz_&
533&_exim-n.nn.tar.bz2_&
534.endd
535where &'n.nn'& is the highest such version number in the directory. The two
168e428f 536files contain identical data; the only difference is the type of compression.
9b371988 537The &_.bz2_& file is usually a lot smaller than the &_.gz_& file.
168e428f 538
9b371988
PH
539.cindex "distribution" "signing details"
540.cindex "distribution" "public key"
541.cindex "public key for signed distribution"
40167b05
PP
542The distributions will be PGP signed by an individual key of the Release
543Coordinator. This key will have a uid containing an email address in the
544&'exim.org'& domain and will have signatures from other people, including
545other Exim maintainers. We expect that the key will be in the "strong set" of
546PGP keys. There should be a trust path to that key from Nigel Metheringham's
547PGP key, a version of which can be found in the release directory in the file
548&_nigel-pubkey.asc_&. All keys used will be available in public keyserver pools,
549such as &'pool.sks-keyservers.net'&.
550
551At time of last update, releases were being made by Phil Pennock and signed with
552key &'0x403043153903637F'&, although that key is expected to be replaced in 2013.
553A trust path from Nigel's key to Phil's can be observed at
554&url(https://www.security.spodhuis.org/exim-trustpath).
85b2d6f3
TL
555
556.new
557Releases have also been authorized to be performed by Todd Lyons who signs with
558key &'0xC4F4F94804D29EBA'&. A direct trust path exists between previous RE Phil
559Pennock and Todd Lyons through a common associate.
40167b05
PP
560.wen
561
562The signatures for the tar bundles are in:
9b371988 563.display
210f147e
NM
564&_exim-n.nn.tar.gz.asc_&
565&_exim-n.nn.tar.bz2.asc_&
9b371988 566.endd
168e428f 567For each released version, the log of changes is made separately available in a
9b371988 568separate file in the directory &_ChangeLogs_& so that it is possible to
168e428f
PH
569find out what has changed without having to download the entire distribution.
570
9b371988 571.cindex "documentation" "available formats"
168e428f
PH
572The main distribution contains ASCII versions of this specification and other
573documentation; other formats of the documents are available in separate files
9b371988
PH
574inside the &_exim4_& directory of the FTP site:
575.display
576&_exim-html-n.nn.tar.gz_&
577&_exim-pdf-n.nn.tar.gz_&
578&_exim-postscript-n.nn.tar.gz_&
579&_exim-texinfo-n.nn.tar.gz_&
580.endd
581These tar files contain only the &_doc_& directory, not the complete
582distribution, and are also available in &_.bz2_& as well as &_.gz_& forms.
168e428f 583
168e428f 584
f89d2485 585.section "Limitations" "SECID6"
9b371988
PH
586.ilist
587.cindex "limitations of Exim"
588.cindex "bang paths" "not handled by Exim"
589Exim is designed for use as an Internet MTA, and therefore handles addresses in
590RFC 2822 domain format only. It cannot handle UUCP &"bang paths"&, though
591simple two-component bang paths can be converted by a straightforward rewriting
592configuration. This restriction does not prevent Exim from being interfaced to
593UUCP as a transport mechanism, provided that domain addresses are used.
594.next
595.cindex "domainless addresses"
596.cindex "address" "without domain"
168e428f
PH
597Exim insists that every address it handles has a domain attached. For incoming
598local messages, domainless addresses are automatically qualified with a
599configured domain value. Configuration options specify from which remote
600systems unqualified addresses are acceptable. These are then qualified on
601arrival.
9b371988
PH
602.next
603.cindex "transport" "external"
604.cindex "external transports"
605The only external transport mechanisms that are currently implemented are SMTP
606and LMTP over a TCP/IP network (including support for IPv6). However, a pipe
168e428f 607transport is available, and there are facilities for writing messages to files
9b371988
PH
608and pipes, optionally in &'batched SMTP'& format; these facilities can be used
609to send messages to other transport mechanisms such as UUCP, provided they can
610handle domain-style addresses. Batched SMTP input is also catered for.
611.next
612Exim is not designed for storing mail for dial-in hosts. When the volumes of
613such mail are large, it is better to get the messages &"delivered"& into files
168e428f
PH
614(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
615other means.
9b371988
PH
616.next
617Although Exim does have basic facilities for scanning incoming messages, these
168e428f
PH
618are not comprehensive enough to do full virus or spam scanning. Such operations
619are best carried out using additional specialized software packages. If you
620compile Exim with the content-scanning extension, straightforward interfaces to
621a number of common scanners are provided.
9b371988 622.endlist
168e428f
PH
623
624
f89d2485 625.section "Run time configuration" "SECID7"
168e428f
PH
626Exim's run time configuration is held in a single text file that is divided
627into a number of sections. The entries in this file consist of keywords and
628values, in the style of Smail 3 configuration files. A default configuration
629file which is suitable for simple online installations is provided in the
9b371988 630distribution, and is described in chapter &<<CHAPdefconfil>>& below.
168e428f
PH
631
632
f89d2485 633.section "Calling interface" "SECID8"
9b371988 634.cindex "Sendmail compatibility" "command line interface"
168e428f 635Like many MTAs, Exim has adopted the Sendmail command line interface so that it
9b371988
PH
636can be a straight replacement for &_/usr/lib/sendmail_& or
637&_/usr/sbin/sendmail_& when sending mail, but you do not need to know anything
168e428f
PH
638about Sendmail in order to run Exim. For actions other than sending messages,
639Sendmail-compatible options also exist, but those that produce output (for
9b371988 640example, &%-bp%&, which lists the messages on the queue) do so in Exim's own
168e428f 641format. There are also some additional options that are compatible with Smail
9b371988 6423, and some further options that are new to Exim. Chapter &<<CHAPcommandline>>&
168e428f
PH
643documents all Exim's command line options. This information is automatically
644made into the man page that forms part of the Exim distribution.
645
646Control of messages on the queue can be done via certain privileged command
9b371988
PH
647line options. There is also an optional monitor program called &'eximon'&,
648which displays current information in an X window, and which contains a menu
168e428f
PH
649interface to Exim's command line administration options.
650
651
652
f89d2485 653.section "Terminology" "SECID9"
9b371988
PH
654.cindex "terminology definitions"
655.cindex "body of message" "definition of"
656The &'body'& of a message is the actual data that the sender wants to transmit.
657It is the last part of a message, and is separated from the &'header'& (see
168e428f
PH
658below) by a blank line.
659
9b371988 660.cindex "bounce message" "definition of"
168e428f 661When a message cannot be delivered, it is normally returned to the sender in a
9b371988
PH
662delivery failure message or a &"non-delivery report"& (NDR). The term
663&'bounce'& is commonly used for this action, and the error reports are often
664called &'bounce messages'&. This is a convenient shorthand for &"delivery
665failure error report"&. Such messages have an empty sender address in the
666message's &'envelope'& (see below) to ensure that they cannot themselves give
667rise to further bounce messages.
668
669The term &'default'& appears frequently in this manual. It is used to qualify a
168e428f
PH
670value which is used in the absence of any setting in the configuration. It may
671also qualify an action which is taken unless a configuration setting specifies
672otherwise.
673
9b371988 674The term &'defer'& is used when the delivery of a message to a specific
168e428f 675destination cannot immediately take place for some reason (a remote host may be
9b371988 676down, or a user's local mailbox may be full). Such deliveries are &'deferred'&
168e428f
PH
677until a later time.
678
9b371988
PH
679The word &'domain'& is sometimes used to mean all but the first component of a
680host's name. It is &'not'& used in that sense here, where it normally refers to
681the part of an email address following the @ sign.
168e428f 682
f89d2485 683.cindex "envelope, definition of"
9b371988
PH
684.cindex "sender" "definition of"
685A message in transit has an associated &'envelope'&, as well as a header and a
168e428f
PH
686body. The envelope contains a sender address (to which bounce messages should
687be delivered), and any number of recipient addresses. References to the
688sender or the recipients of a message usually mean the addresses in the
689envelope. An MTA uses these addresses for delivery, and for returning bounce
690messages, not the addresses that appear in the header lines.
691
f89d2485 692.cindex "message" "header, definition of"
9b371988
PH
693.cindex "header section" "definition of"
694The &'header'& of a message is the first part of a message's text, consisting
695of a number of lines, each of which has a name such as &'From:'&, &'To:'&,
696&'Subject:'&, etc. Long header lines can be split over several text lines by
168e428f
PH
697indenting the continuations. The header is separated from the body by a blank
698line.
699
9b371988
PH
700.cindex "local part" "definition of"
701.cindex "domain" "definition of"
702The term &'local part'&, which is taken from RFC 2822, is used to refer to that
168e428f 703part of an email address that precedes the @ sign. The part that follows the
9b371988 704@ sign is called the &'domain'& or &'mail domain'&.
168e428f 705
9b371988 706.cindex "local delivery" "definition of"
f89d2485 707.cindex "remote delivery, definition of"
9b371988 708The terms &'local delivery'& and &'remote delivery'& are used to distinguish
168e428f 709delivery to a file or a pipe on the local host from delivery by SMTP over
068aaea8 710TCP/IP to another host. As far as Exim is concerned, all hosts other than the
9b371988 711host it is running on are &'remote'&.
168e428f 712
9b371988
PH
713.cindex "return path" "definition of"
714&'Return path'& is another name that is used for the sender address in a
168e428f
PH
715message's envelope.
716
9b371988
PH
717.cindex "queue" "definition of"
718The term &'queue'& is used to refer to the set of messages awaiting delivery,
168e428f
PH
719because this term is in widespread use in the context of MTAs. However, in
720Exim's case the reality is more like a pool than a queue, because there is
721normally no ordering of waiting messages.
722
9b371988
PH
723.cindex "queue runner" "definition of"
724The term &'queue runner'& is used to describe a process that scans the queue
168e428f 725and attempts to deliver those messages whose retry times have come. This term
9b371988 726is used by other MTAs, and also relates to the command &%runq%&, but in Exim
168e428f
PH
727the waiting messages are normally processed in an unpredictable order.
728
9b371988
PH
729.cindex "spool directory" "definition of"
730The term &'spool directory'& is used for a directory in which Exim keeps the
731messages on its queue &-- that is, those that it is in the process of
168e428f 732delivering. This should not be confused with the directory in which local
9b371988
PH
733mailboxes are stored, which is called a &"spool directory"& by some people. In
734the Exim documentation, &"spool"& is always used in the first sense.
168e428f
PH
735
736
737
738
739
740
9b371988
PH
741. ////////////////////////////////////////////////////////////////////////////
742. ////////////////////////////////////////////////////////////////////////////
168e428f 743
f89d2485 744.chapter "Incorporated code" "CHID2"
9b371988
PH
745.cindex "incorporated code"
746.cindex "regular expressions" "library"
747.cindex "PCRE"
1899bab2 748.cindex "OpenDMARC"
168e428f
PH
749A number of pieces of external code are included in the Exim distribution.
750
9b371988 751.ilist
210f147e
NM
752Regular expressions are supported in the main Exim program and in the
753Exim monitor using the freely-distributable PCRE library, copyright
40df1be3
TF
754&copy; University of Cambridge. The source to PCRE is no longer shipped with
755Exim, so you will need to use the version of PCRE shipped with your system,
756or obtain and install the full version of the library from
f89d2485 757&url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre).
9b371988 758.next
f89d2485 759.cindex "cdb" "acknowledgment"
168e428f
PH
760Support for the cdb (Constant DataBase) lookup method is provided by code
761contributed by Nigel Metheringham of (at the time he contributed it) Planet
9b371988
PH
762Online Ltd. The implementation is completely contained within the code of Exim.
763It does not link against an external cdb library. The code contains the
764following statements:
765
766.blockquote
767Copyright &copy; 1998 Nigel Metheringham, Planet Online Ltd
768
168e428f
PH
769This program is free software; you can redistribute it and/or modify it under
770the terms of the GNU General Public License as published by the Free Software
771Foundation; either version 2 of the License, or (at your option) any later
772version.
168e428f
PH
773This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
774the spec and sample code for cdb can be obtained from
f89d2485
PH
775&url(http://www.pobox.com/~djb/cdb.html). This implementation borrows
776some code from Dan Bernstein's implementation (which has no license
777restrictions applied to it).
9b371988
PH
778.endblockquote
779.next
780.cindex "SPA authentication"
781.cindex "Samba project"
782.cindex "Microsoft Secure Password Authentication"
783Client support for Microsoft's &'Secure Password Authentication'& is provided
168e428f
PH
784by code contributed by Marc Prud'hommeaux. Server support was contributed by
785Tom Kistner. This includes code taken from the Samba project, which is released
786under the Gnu GPL.
9b371988
PH
787.next
788.cindex "Cyrus"
789.cindex "&'pwcheck'& daemon"
790.cindex "&'pwauthd'& daemon"
791Support for calling the Cyrus &'pwcheck'& and &'saslauthd'& daemons is provided
168e428f
PH
792by code taken from the Cyrus-SASL library and adapted by Alexander S.
793Sabourenkov. The permission notice appears below, in accordance with the
794conditions expressed therein.
9b371988
PH
795
796.blockquote
797Copyright &copy; 2001 Carnegie Mellon University. All rights reserved.
798
168e428f
PH
799Redistribution and use in source and binary forms, with or without
800modification, are permitted provided that the following conditions
801are met:
168e428f 802
9b371988
PH
803.olist
804Redistributions of source code must retain the above copyright
805notice, this list of conditions and the following disclaimer.
806.next
807Redistributions in binary form must reproduce the above copyright
168e428f
PH
808notice, this list of conditions and the following disclaimer in
809the documentation and/or other materials provided with the
810distribution.
9b371988
PH
811.next
812The name &"Carnegie Mellon University"& must not be used to
168e428f
PH
813endorse or promote products derived from this software without
814prior written permission. For permission or any other legal
815details, please contact
9b371988 816.display
068aaea8
PH
817 Office of Technology Transfer
818 Carnegie Mellon University
819 5000 Forbes Avenue
820 Pittsburgh, PA 15213-3890
821 (412) 268-4387, fax: (412) 268-7395
822 tech-transfer@andrew.cmu.edu
9b371988
PH
823.endd
824.next
825Redistributions of any form whatsoever must retain the following
168e428f 826acknowledgment:
9b371988
PH
827
828&"This product includes software developed by Computing Services
829at Carnegie Mellon University (&url(http://www.cmu.edu/computing/)."&
830
168e428f
PH
831CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
832THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
833AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
834FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
835WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
836AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
837OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9b371988
PH
838.endlist
839.endblockquote
168e428f 840
9b371988 841.next
f89d2485 842.cindex "Exim monitor" "acknowledgment"
9b371988
PH
843.cindex "X-windows"
844.cindex "Athena"
168e428f
PH
845The Exim Monitor program, which is an X-Window application, includes
846modified versions of the Athena StripChart and TextPop widgets.
847This code is copyright by DEC and MIT, and their permission notice appears
848below, in accordance with the conditions expressed therein.
9b371988
PH
849
850.blockquote
168e428f
PH
851Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
852and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
9b371988 853
168e428f 854All Rights Reserved
9b371988 855
168e428f
PH
856Permission to use, copy, modify, and distribute this software and its
857documentation for any purpose and without fee is hereby granted,
858provided that the above copyright notice appear in all copies and that
859both that copyright notice and this permission notice appear in
860supporting documentation, and that the names of Digital or MIT not be
861used in advertising or publicity pertaining to distribution of the
862software without specific, written prior permission.
9b371988 863
168e428f
PH
864DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
865ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
866DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
867ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
868WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
869ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
870SOFTWARE.
9b371988 871.endblockquote
168e428f 872
9b371988 873.next
85b2d6f3 874.new
1899bab2
TL
875.cindex "opendmarc" "acknowledgment"
876The DMARC implementation uses the OpenDMARC library which is Copyrighted by
877The Trusted Domain Project. Portions of Exim source which use OpenDMARC
878derived code are indicated in the respective source files. The full OpenDMARC
879license is provided in the LICENSE.opendmarc file contained in the distributed
880source code.
85b2d6f3 881.wen
1899bab2
TL
882
883.next
9b371988 884Many people have contributed code fragments, some large, some small, that were
168e428f 885not covered by any specific licence requirements. It is assumed that the
f89d2485 886contributors are happy to see their code incorporated into Exim under the GPL.
9b371988 887.endlist
168e428f
PH
888
889
890
891
892
9b371988
PH
893. ////////////////////////////////////////////////////////////////////////////
894. ////////////////////////////////////////////////////////////////////////////
168e428f 895
f89d2485 896.chapter "How Exim receives and delivers mail" "CHID11" &&&
9b371988 897 "Receiving and delivering mail"
168e428f
PH
898
899
f89d2485 900.section "Overall philosophy" "SECID10"
9b371988 901.cindex "design philosophy"
168e428f
PH
902Exim is designed to work efficiently on systems that are permanently connected
903to the Internet and are handling a general mix of mail. In such circumstances,
904most messages can be delivered immediately. Consequently, Exim does not
905maintain independent queues of messages for specific domains or hosts, though
906it does try to send several messages in a single SMTP connection after a host
907has been down, and it also maintains per-host retry information.
908
909
f89d2485 910.section "Policy control" "SECID11"
9b371988 911.cindex "policy control" "overview"
168e428f
PH
912Policy controls are now an important feature of MTAs that are connected to the
913Internet. Perhaps their most important job is to stop MTAs being abused as
9b371988
PH
914&"open relays"& by misguided individuals who send out vast amounts of
915unsolicited junk, and want to disguise its source. Exim provides flexible
916facilities for specifying policy controls on incoming mail:
168e428f 917
9b371988
PH
918.ilist
919.cindex "&ACL;" "introduction"
168e428f 920Exim 4 (unlike previous versions of Exim) implements policy controls on
9b371988 921incoming mail by means of &'Access Control Lists'& (ACLs). Each list is a
168e428f
PH
922series of statements that may either grant or deny access. ACLs can be used at
923several places in the SMTP dialogue while receiving a message from a remote
9b371988
PH
924host. However, the most common places are after each RCPT command, and at the
925very end of the message. The sysadmin can specify conditions for accepting or
926rejecting individual recipients or the entire message, respectively, at these
927two points (see chapter &<<CHAPACL>>&). Denial of access results in an SMTP
168e428f 928error code.
9b371988
PH
929.next
930An ACL is also available for locally generated, non-SMTP messages. In this
168e428f 931case, the only available actions are to accept or deny the entire message.
9b371988
PH
932.next
933When Exim is compiled with the content-scanning extension, facilities are
168e428f
PH
934provided in the ACL mechanism for passing the message to external virus and/or
935spam scanning software. The result of such a scan is passed back to the ACL,
936which can then use it to decide what to do with the message.
9b371988
PH
937.next
938When a message has been received, either from a remote host or from the local
f89d2485 939host, but before the final acknowledgment has been sent, a locally supplied C
9b371988
PH
940function called &[local_scan()]& can be run to inspect the message and decide
941whether to accept it or not (see chapter &<<CHAPlocalscan>>&). If the message
942is accepted, the list of recipients can be modified by the function.
943.next
944Using the &[local_scan()]& mechanism is another way of calling external scanner
945software. The &%SA-Exim%& add-on package works this way. It does not require
946Exim to be compiled with the content-scanning extension.
947.next
948After a message has been accepted, a further checking mechanism is available in
949the form of the &'system filter'& (see chapter &<<CHAPsystemfilter>>&). This
950runs at the start of every delivery process.
951.endlist
952
953
954
f89d2485 955.section "User filters" "SECID12"
9b371988
PH
956.cindex "filter" "introduction"
957.cindex "Sieve filter"
168e428f 958In a conventional Exim configuration, users are able to run private filters by
9b371988
PH
959setting up appropriate &_.forward_& files in their home directories. See
960chapter &<<CHAPredirect>>& (about the &(redirect)& router) for the
961configuration needed to support this, and the separate document entitled
962&'Exim's interfaces to mail filtering'& for user details. Two different kinds
963of filtering are available:
964
965.ilist
966Sieve filters are written in the standard filtering language that is defined
168e428f 967by RFC 3028.
9b371988
PH
968.next
969Exim filters are written in a syntax that is unique to Exim, but which is more
168e428f 970powerful than Sieve, which it pre-dates.
9b371988 971.endlist
168e428f
PH
972
973User filters are run as part of the routing process, described below.
974
975
976
9b371988
PH
977.section "Message identification" "SECTmessiden"
978.cindex "message ids" "details of format"
979.cindex "format" "of message id"
980.cindex "id of message"
981.cindex "base62"
982.cindex "base36"
983.cindex "Darwin"
984.cindex "Cygwin"
985Every message handled by Exim is given a &'message id'& which is sixteen
168e428f 986characters long. It is divided into three parts, separated by hyphens, for
9b371988 987example &`16VDhn-0001bo-D3`&. Each part is a sequence of letters and digits,
168e428f
PH
988normally encoding numbers in base 62. However, in the Darwin operating
989system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
990(avoiding the use of lower case letters) is used instead, because the message
991id is used to construct file names, and the names of files in those systems are
068aaea8 992not always case-sensitive.
168e428f 993
9b371988 994.cindex "pid (process id)" "re-use of"
168e428f
PH
995The detail of the contents of the message id have changed as Exim has evolved.
996Earlier versions relied on the operating system not re-using a process id (pid)
997within one second. On modern operating systems, this assumption can no longer
998be made, so the algorithm had to be changed. To retain backward compatibility,
999the format of the message id was retained, which is why the following rules are
1000somewhat eccentric:
1001
9b371988
PH
1002.ilist
1003The first six characters of the message id are the time at which the message
168e428f
PH
1004started to be received, to a granularity of one second. That is, this field
1005contains the number of seconds since the start of the epoch (the normal Unix
1006way of representing the date and time of day).
9b371988
PH
1007.next
1008After the first hyphen, the next six characters are the id of the process that
168e428f 1009received the message.
9b371988
PH
1010.next
1011There are two different possibilities for the final two characters:
1012.olist
0a4e3112 1013.oindex "&%localhost_number%&"
9b371988 1014If &%localhost_number%& is not set, this value is the fractional part of the
168e428f
PH
1015time of reception, normally in units of 1/2000 of a second, but for systems
1016that must use base 36 instead of base 62 (because of case-insensitive file
1017systems), the units are 1/1000 of a second.
9b371988
PH
1018.next
1019If &%localhost_number%& is set, it is multiplied by 200 (100) and added to
168e428f
PH
1020the fractional part of the time, which in this case is in units of 1/200
1021(1/100) of a second.
9b371988
PH
1022.endlist
1023.endlist
168e428f
PH
1024
1025After a message has been received, Exim waits for the clock to tick at the
1026appropriate resolution before proceeding, so that if another message is
1027received by the same process, or by another process with the same (re-used)
1028pid, it is guaranteed that the time will be different. In most cases, the clock
1029will already have ticked while the message was being received.
1030
1031
f89d2485 1032.section "Receiving mail" "SECID13"
9b371988
PH
1033.cindex "receiving mail"
1034.cindex "message" "reception"
068aaea8
PH
1035The only way Exim can receive mail from another host is using SMTP over
1036TCP/IP, in which case the sender and recipient addresses are transferred using
168e428f
PH
1037SMTP commands. However, from a locally running process (such as a user's MUA),
1038there are several possibilities:
1039
9b371988
PH
1040.ilist
1041If the process runs Exim with the &%-bm%& option, the message is read
168e428f 1042non-interactively (usually via a pipe), with the recipients taken from the
9b371988
PH
1043command line, or from the body of the message if &%-t%& is also used.
1044.next
1045If the process runs Exim with the &%-bS%& option, the message is also read
168e428f
PH
1046non-interactively, but in this case the recipients are listed at the start of
1047the message in a series of SMTP RCPT commands, terminated by a DATA
9b371988 1048command. This is so-called &"batch SMTP"& format,
168e428f
PH
1049but it isn't really SMTP. The SMTP commands are just another way of passing
1050envelope addresses in a non-interactive submission.
9b371988
PH
1051.next
1052If the process runs Exim with the &%-bs%& option, the message is read
168e428f
PH
1053interactively, using the SMTP protocol. A two-way pipe is normally used for
1054passing data between the local process and the Exim process.
9b371988 1055This is &"real"& SMTP and is handled in the same way as SMTP over TCP/IP. For
168e428f 1056example, the ACLs for SMTP commands are used for this form of submission.
9b371988
PH
1057.next
1058A local process may also make a TCP/IP call to the host's loopback address
168e428f
PH
1059(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
1060does not treat the loopback address specially. It treats all such connections
1061in the same way as connections from other hosts.
9b371988 1062.endlist
168e428f
PH
1063
1064
f89d2485 1065.cindex "message sender, constructed by Exim"
9b371988 1066.cindex "sender" "constructed by Exim"
168e428f
PH
1067In the three cases that do not involve TCP/IP, the sender address is
1068constructed from the login name of the user that called Exim and a default
9b371988 1069qualification domain (which can be set by the &%qualify_domain%& configuration
168e428f
PH
1070option). For local or batch SMTP, a sender address that is passed using the
1071SMTP MAIL command is ignored. However, the system administrator may allow
9b371988 1072certain users (&"trusted users"&) to specify a different sender address
168e428f 1073unconditionally, or all users to specify certain forms of different sender
9b371988
PH
1074address. The &%-f%& option or the SMTP MAIL command is used to specify these
1075different addresses. See section &<<SECTtrustedadmin>>& for details of trusted
1076users, and the &%untrusted_set_sender%& option for a way of allowing untrusted
168e428f
PH
1077users to change sender addresses.
1078
1079Messages received by either of the non-interactive mechanisms are subject to
1080checking by the non-SMTP ACL, if one is defined. Messages received using SMTP
1081(either over TCP/IP, or interacting with a local process) can be checked by a
1082number of ACLs that operate at different times during the SMTP session. Either
1083individual recipients, or the entire message, can be rejected if local policy
9b371988
PH
1084requirements are not met. The &[local_scan()]& function (see chapter
1085&<<CHAPlocalscan>>&) is run for all incoming messages.
168e428f
PH
1086
1087Exim can be configured not to start a delivery process when a message is
1088received; this can be unconditional, or depend on the number of incoming SMTP
1089connections or the system load. In these situations, new messages wait on the
1090queue until a queue runner process picks them up. However, in standard
1091configurations under normal conditions, delivery is started as soon as a
1092message is received.
1093
1094
1095
1096
1097
f89d2485 1098.section "Handling an incoming message" "SECID14"
9b371988
PH
1099.cindex "spool directory" "files that hold a message"
1100.cindex "file" "how a message is held"
168e428f
PH
1101When Exim accepts a message, it writes two files in its spool directory. The
1102first contains the envelope information, the current status of the message, and
1103the header lines, and the second contains the body of the message. The names of
9b371988
PH
1104the two spool files consist of the message id, followed by &`-H`& for the
1105file containing the envelope and header, and &`-D`& for the data file.
168e428f 1106
9b371988 1107.cindex "spool directory" "&_input_& sub-directory"
168e428f 1108By default all these message files are held in a single directory called
9b371988 1109&_input_& inside the general Exim spool directory. Some operating systems do
c0712871 1110not perform very well if the number of files in a directory gets large; to
9b371988 1111improve performance in such cases, the &%split_spool_directory%& option can be
168e428f 1112used. This causes Exim to split up the input files into 62 sub-directories
db9452a9 1113whose names are single letters or digits. When this is done, the queue is
c0712871
PH
1114processed one sub-directory at a time instead of all at once, which can improve
1115overall performance even when there are not enough files in each directory to
db9452a9 1116affect file system performance.
168e428f
PH
1117
1118The envelope information consists of the address of the message's sender and
1119the addresses of the recipients. This information is entirely separate from
1120any addresses contained in the header lines. The status of the message includes
1121a list of recipients who have already received the message. The format of the
9b371988 1122first spool file is described in chapter &<<CHAPspool>>&.
168e428f 1123
9b371988 1124.cindex "rewriting" "addresses"
168e428f 1125Address rewriting that is specified in the rewrite section of the configuration
9b371988 1126(see chapter &<<CHAPrewrite>>&) is done once and for all on incoming addresses,
168e428f
PH
1127both in the header lines and the envelope, at the time the message is accepted.
1128If during the course of delivery additional addresses are generated (for
1129example, via aliasing), these new addresses are rewritten as soon as they are
1130generated. At the time a message is actually delivered (transported) further
1131rewriting can take place; because this is a transport option, it can be
1132different for different forms of delivery. It is also possible to specify the
1133addition or removal of certain header lines at the time the message is
9b371988
PH
1134delivered (see chapters &<<CHAProutergeneric>>& and
1135&<<CHAPtransportgeneric>>&).
168e428f
PH
1136
1137
1138
f89d2485 1139.section "Life of a message" "SECID15"
9b371988
PH
1140.cindex "message" "life of"
1141.cindex "message" "frozen"
168e428f
PH
1142A message remains in the spool directory until it is completely delivered to
1143its recipients or to an error address, or until it is deleted by an
1144administrator or by the user who originally created it. In cases when delivery
9b371988
PH
1145cannot proceed &-- for example, when a message can neither be delivered to its
1146recipients nor returned to its sender, the message is marked &"frozen"& on the
168e428f
PH
1147spool, and no more deliveries are attempted.
1148
9b371988
PH
1149.cindex "frozen messages" "thawing"
1150.cindex "message" "thawing frozen"
1151An administrator can &"thaw"& such messages when the problem has been
1152corrected, and can also freeze individual messages by hand if necessary. In
1153addition, an administrator can force a delivery error, causing a bounce message
1154to be sent.
1155
0a4e3112
PH
1156.oindex "&%timeout_frozen_after%&"
1157.oindex "&%ignore_bounce_errors_after%&"
9b371988
PH
1158There are options called &%ignore_bounce_errors_after%& and
1159&%timeout_frozen_after%&, which discard frozen messages after a certain time.
068aaea8 1160The first applies only to frozen bounces, the second to any frozen messages.
168e428f 1161
9b371988
PH
1162.cindex "message" "log file for"
1163.cindex "log" "file for each message"
168e428f 1164While Exim is working on a message, it writes information about each delivery
068aaea8 1165attempt to its main log file. This includes successful, unsuccessful, and
9b371988
PH
1166delayed deliveries for each recipient (see chapter &<<CHAPlog>>&). The log
1167lines are also written to a separate &'message log'& file for each message.
1168These logs are solely for the benefit of the administrator, and are normally
1169deleted along with the spool files when processing of a message is complete.
168e428f 1170The use of individual message logs can be disabled by setting
9b371988
PH
1171&%no_message_logs%&; this might give an improvement in performance on very busy
1172systems.
168e428f 1173
9b371988
PH
1174.cindex "journal file"
1175.cindex "file" "journal"
168e428f
PH
1176All the information Exim itself needs to set up a delivery is kept in the first
1177spool file, along with the header lines. When a successful delivery occurs, the
1178address is immediately written at the end of a journal file, whose name is the
9b371988
PH
1179message id followed by &`-J`&. At the end of a delivery run, if there are some
1180addresses left to be tried again later, the first spool file (the &`-H`& file)
168e428f
PH
1181is updated to indicate which these are, and the journal file is then deleted.
1182Updating the spool file is done by writing a new file and renaming it, to
1183minimize the possibility of data loss.
1184
1185Should the system or the program crash after a successful delivery but before
1186the spool file has been updated, the journal is left lying around. The next
1187time Exim attempts to deliver the message, it reads the journal file and
1188updates the spool file before proceeding. This minimizes the chances of double
1189deliveries caused by crashes.
1190
1191
1192
9b371988
PH
1193.section "Processing an address for delivery" "SECTprocaddress"
1194.cindex "drivers" "definition of"
1195.cindex "router" "definition of"
1196.cindex "transport" "definition of"
1197The main delivery processing elements of Exim are called &'routers'& and
1198&'transports'&, and collectively these are known as &'drivers'&. Code for a
168e428f
PH
1199number of them is provided in the source distribution, and compile-time options
1200specify which ones are included in the binary. Run time options specify which
1201ones are actually used for delivering messages.
1202
9b371988
PH
1203.cindex "drivers" "instance definition"
1204Each driver that is specified in the run time configuration is an &'instance'&
168e428f 1205of that particular driver type. Multiple instances are allowed; for example,
9b371988 1206you can set up several different &(smtp)& transports, each with different
168e428f
PH
1207option values that might specify different ports or different timeouts. Each
1208instance has its own identifying name. In what follows we will normally use the
1209instance name when discussing one particular instance (that is, one specific
1210configuration of the driver), and the generic driver name when discussing
1211the driver's features in general.
1212
9b371988 1213A &'router'& is a driver that operates on an address, either determining how
068aaea8 1214its delivery should happen, by assigning it to a specific transport, or
168e428f
PH
1215converting the address into one or more new addresses (for example, via an
1216alias file). A router may also explicitly choose to fail an address, causing it
1217to be bounced.
1218
9b371988
PH
1219A &'transport'& is a driver that transmits a copy of the message from Exim's
1220spool to some destination. There are two kinds of transport: for a &'local'&
168e428f 1221transport, the destination is a file or a pipe on the local host, whereas for a
9b371988 1222&'remote'& transport the destination is some other host. A message is passed
168e428f
PH
1223to a specific transport as a result of successful routing. If a message has
1224several recipients, it may be passed to a number of different transports.
1225
9b371988 1226.cindex "preconditions" "definition of"
168e428f
PH
1227An address is processed by passing it to each configured router instance in
1228turn, subject to certain preconditions, until a router accepts the address or
1229specifies that it should be bounced. We will describe this process in more
068aaea8
PH
1230detail shortly. First, as a simple example, we consider how each recipient
1231address in a message is processed in a small configuration of three routers.
168e428f 1232
068aaea8 1233To make this a more concrete example, it is described in terms of some actual
168e428f
PH
1234routers, but remember, this is only an example. You can configure Exim's
1235routers in many different ways, and there may be any number of routers in a
1236configuration.
1237
1238The first router that is specified in a configuration is often one that handles
1239addresses in domains that are not recognized specially by the local host. These
1240are typically addresses for arbitrary domains on the Internet. A precondition
1241is set up which looks for the special domains known to the host (for example,
9b371988 1242its own domain name), and the router is run for addresses that do &'not'&
168e428f
PH
1243match. Typically, this is a router that looks up domains in the DNS in order to
1244find the hosts to which this address routes. If it succeeds, the address is
068aaea8 1245assigned to a suitable SMTP transport; if it does not succeed, the router is
168e428f
PH
1246configured to fail the address.
1247
068aaea8 1248The second router is reached only when the domain is recognized as one that
9b371988 1249&"belongs"& to the local host. This router does redirection &-- also known as
068aaea8
PH
1250aliasing and forwarding. When it generates one or more new addresses from the
1251original, each of them is routed independently from the start. Otherwise, the
1252router may cause an address to fail, or it may simply decline to handle the
1253address, in which case the address is passed to the next router.
168e428f
PH
1254
1255The final router in many configurations is one that checks to see if the
1256address belongs to a local mailbox. The precondition may involve a check to
1257see if the local part is the name of a login account, or it may look up the
1258local part in a file or a database. If its preconditions are not met, or if
1259the router declines, we have reached the end of the routers. When this happens,
1260the address is bounced.
1261
1262
1263
f89d2485 1264.section "Processing an address for verification" "SECID16"
9b371988
PH
1265.cindex "router" "for verification"
1266.cindex "verifying address" "overview"
168e428f 1267As well as being used to decide how to deliver to an address, Exim's routers
9b371988 1268are also used for &'address verification'&. Verification can be requested as
168e428f 1269one of the checks to be performed in an ACL for incoming messages, on both
9b371988
PH
1270sender and recipient addresses, and it can be tested using the &%-bv%& and
1271&%-bvs%& command line options.
168e428f 1272
9b371988 1273When an address is being verified, the routers are run in &"verify mode"&. This
168e428f
PH
1274does not affect the way the routers work, but it is a state that can be
1275detected. By this means, a router can be skipped or made to behave differently
1276when verifying. A common example is a configuration in which the first router
1277sends all messages to a message-scanning program, unless they have been
1278previously scanned. Thus, the first router accepts all addresses without any
9b371988 1279checking, making it useless for verifying. Normally, the &%no_verify%& option
168e428f
PH
1280would be set for such a router, causing it to be skipped in verify mode.
1281
1282
1283
1284
9b371988
PH
1285.section "Running an individual router" "SECTrunindrou"
1286.cindex "router" "running details"
1287.cindex "preconditions" "checking"
1288.cindex "router" "result of running"
168e428f
PH
1289As explained in the example above, a number of preconditions are checked before
1290running a router. If any are not met, the router is skipped, and the address is
9b371988 1291passed to the next router. When all the preconditions on a router &'are'& met,
168e428f
PH
1292the router is run. What happens next depends on the outcome, which is one of
1293the following:
1294
9b371988
PH
1295.ilist
1296&'accept'&: The router accepts the address, and either assigns it to a
1297transport, or generates one or more &"child"& addresses. Processing the
1298original address ceases,
0a4e3112 1299.oindex "&%unseen%&"
9b371988 1300unless the &%unseen%& option is set on the router. This option
168e428f 1301can be used to set up multiple deliveries with different routing (for example,
9b371988
PH
1302for keeping archive copies of messages). When &%unseen%& is set, the address is
1303passed to the next router. Normally, however, an &'accept'& return marks the
168e428f 1304end of routing.
9b371988 1305
068aaea8
PH
1306Any child addresses generated by the router are processed independently,
1307starting with the first router by default. It is possible to change this by
9b371988
PH
1308setting the &%redirect_router%& option to specify which router to start at for
1309child addresses. Unlike &%pass_router%& (see below) the router specified by
1310&%redirect_router%& may be anywhere in the router configuration.
1311.next
1312&'pass'&: The router recognizes the address, but cannot handle it itself. It
168e428f
PH
1313requests that the address be passed to another router. By default the address
1314is passed to the next router, but this can be changed by setting the
9b371988 1315&%pass_router%& option. However, (unlike &%redirect_router%&) the named router
168e428f 1316must be below the current router (to avoid loops).
9b371988
PH
1317.next
1318&'decline'&: The router declines to accept the address because it does not
168e428f 1319recognize it at all. By default, the address is passed to the next router, but
9b371988
PH
1320this can be prevented by setting the &%no_more%& option. When &%no_more%& is
1321set, all the remaining routers are skipped. In effect, &%no_more%& converts
1322&'decline'& into &'fail'&.
1323.next
1324&'fail'&: The router determines that the address should fail, and queues it for
168e428f 1325the generation of a bounce message. There is no further processing of the
9b371988
PH
1326original address unless &%unseen%& is set on the router.
1327.next
1328&'defer'&: The router cannot handle the address at the present time. (A
068aaea8
PH
1329database may be offline, or a DNS lookup may have timed out.) No further
1330processing of the address happens in this delivery attempt. It is tried again
1331next time the message is considered for delivery.
9b371988
PH
1332.next
1333&'error'&: There is some error in the router (for example, a syntax error in
168e428f 1334its configuration). The action is as for defer.
9b371988 1335.endlist
168e428f
PH
1336
1337If an address reaches the end of the routers without having been accepted by
068aaea8 1338any of them, it is bounced as unrouteable. The default error message in this
9b371988
PH
1339situation is &"unrouteable address"&, but you can set your own message by
1340making use of the &%cannot_route_message%& option. This can be set for any
1341router; the value from the last router that &"saw"& the address is used.
168e428f
PH
1342
1343Sometimes while routing you want to fail a delivery when some conditions are
1344met but others are not, instead of passing the address on for further routing.
1345You can do this by having a second router that explicitly fails the delivery
9b371988 1346when the relevant conditions are met. The &(redirect)& router has a &"fail"&
168e428f
PH
1347facility for this purpose.
1348
1349
f89d2485 1350.section "Duplicate addresses" "SECID17"
9b371988 1351.cindex "case of local parts"
f89d2485 1352.cindex "address duplicate, discarding"
db9452a9 1353.cindex "duplicate addresses"
068aaea8
PH
1354Once routing is complete, Exim scans the addresses that are assigned to local
1355and remote transports, and discards any duplicates that it finds. During this
3cb1b51e 1356check, local parts are treated as case-sensitive. This happens only when
db9452a9 1357actually delivering a message; when testing routers with &%-bt%&, all the
3cb1b51e 1358routed addresses are shown.
db9452a9 1359
068aaea8 1360
168e428f 1361
9b371988 1362.section "Router preconditions" "SECTrouprecon"
f89d2485 1363.cindex "router" "preconditions, order of processing"
9b371988 1364.cindex "preconditions" "order of processing"
168e428f
PH
1365The preconditions that are tested for each router are listed below, in the
1366order in which they are tested. The individual configuration options are
9b371988 1367described in more detail in chapter &<<CHAProutergeneric>>&.
168e428f 1368
9b371988
PH
1369.ilist
1370The &%local_part_prefix%& and &%local_part_suffix%& options can specify that
168e428f
PH
1371the local parts handled by the router may or must have certain prefixes and/or
1372suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
1373skipped. These conditions are tested first. When an affix is present, it is
1374removed from the local part before further processing, including the evaluation
1375of any other conditions.
9b371988
PH
1376.next
1377Routers can be designated for use only when not verifying an address, that is,
168e428f 1378only when routing it for delivery (or testing its delivery routing). If the
9b371988 1379&%verify%& option is set false, the router is skipped when Exim is verifying an
168e428f 1380address.
9b371988
PH
1381Setting the &%verify%& option actually sets two options, &%verify_sender%& and
1382&%verify_recipient%&, which independently control the use of the router for
168e428f
PH
1383sender and recipient verification. You can set these options directly if
1384you want a router to be used for only one type of verification.
85b2d6f3 1385.new "Note that cutthrough delivery is classed as a recipient verification for this purpose."
9b371988
PH
1386.next
1387If the &%address_test%& option is set false, the router is skipped when Exim is
1388run with the &%-bt%& option to test an address routing. This can be helpful
1389when the first router sends all new messages to a scanner of some sort; it
1390makes it possible to use &%-bt%& to test subsequent delivery routing without
1391having to simulate the effect of the scanner.
1392.next
1393Routers can be designated for use only when verifying an address, as
1394opposed to routing it for delivery. The &%verify_only%& option controls this.
85b2d6f3 1395.new "Again, cutthrough delivery counts as a verification."
9b371988
PH
1396.next
1397Individual routers can be explicitly skipped when running the routers to
1398check an address given in the SMTP EXPN command (see the &%expn%& option).
1399.next
1400If the &%domains%& option is set, the domain of the address must be in the set
068aaea8 1401of domains that it defines.
9b371988 1402.next
f89d2485
PH
1403.vindex "&$local_part_prefix$&"
1404.vindex "&$local_part$&"
1405.vindex "&$local_part_suffix$&"
9b371988
PH
1406If the &%local_parts%& option is set, the local part of the address must be in
1407the set of local parts that it defines. If &%local_part_prefix%& or
1408&%local_part_suffix%& is in use, the prefix or suffix is removed from the local
168e428f 1409part before this check. If you want to do precondition tests on local parts
9b371988
PH
1410that include affixes, you can do so by using a &%condition%& option (see below)
1411that uses the variables &$local_part$&, &$local_part_prefix$&, and
1412&$local_part_suffix$& as necessary.
1413.next
f89d2485
PH
1414.vindex "&$local_user_uid$&"
1415.vindex "&$local_user_gid$&"
1416.vindex "&$home$&"
9b371988 1417If the &%check_local_user%& option is set, the local part must be the name of
068aaea8 1418an account on the local host. If this check succeeds, the uid and gid of the
9b371988
PH
1419local user are placed in &$local_user_uid$& and &$local_user_gid$& and the
1420user's home directory is placed in &$home$&; these values can be used in the
1421remaining preconditions.
1422.next
1423If the &%router_home_directory%& option is set, it is expanded at this point,
1424because it overrides the value of &$home$&. If this expansion were left till
1425later, the value of &$home$& as set by &%check_local_user%& would be used in
1426subsequent tests. Having two different values of &$home$& in the same router
168e428f 1427could lead to confusion.
9b371988
PH
1428.next
1429If the &%senders%& option is set, the envelope sender address must be in the
1430set of addresses that it defines.
1431.next
1432If the &%require_files%& option is set, the existence or non-existence of
168e428f 1433specified files is tested.
9b371988
PH
1434.next
1435.cindex "customizing" "precondition"
1436If the &%condition%& option is set, it is evaluated and tested. This option
1437uses an expanded string to allow you to set up your own custom preconditions.
1438Expanded strings are described in chapter &<<CHAPexpand>>&.
1439.endlist
168e428f 1440
168e428f 1441
9b371988
PH
1442Note that &%require_files%& comes near the end of the list, so you cannot use
1443it to check for the existence of a file in which to lookup up a domain, local
168e428f 1444part, or sender. However, as these options are all expanded, you can use the
9b371988
PH
1445&%exists%& expansion condition to make such tests within each condition. The
1446&%require_files%& option is intended for checking files that the router may be
168e428f 1447going to use internally, or which are needed by a specific transport (for
9b371988 1448example, &_.procmailrc_&).
168e428f
PH
1449
1450
1451
f89d2485 1452.section "Delivery in detail" "SECID18"
9b371988 1453.cindex "delivery" "in detail"
168e428f
PH
1454When a message is to be delivered, the sequence of events is as follows:
1455
9b371988
PH
1456.ilist
1457If a system-wide filter file is specified, the message is passed to it. The
168e428f
PH
1458filter may add recipients to the message, replace the recipients, discard the
1459message, cause a new message to be generated, or cause the message delivery to
1460fail. The format of the system filter file is the same as for Exim user filter
9b371988
PH
1461files, described in the separate document entitled &'Exim's interfaces to mail
1462filtering'&.
1463.cindex "Sieve filter" "not available for system filter"
1464(&*Note*&: Sieve cannot be used for system filter files.)
1465
1466Some additional features are available in system filters &-- see chapter
1467&<<CHAPsystemfilter>>& for details. Note that a message is passed to the system
168e428f
PH
1468filter only once per delivery attempt, however many recipients it has. However,
1469if there are several delivery attempts because one or more addresses could not
1470be immediately delivered, the system filter is run each time. The filter
9b371988 1471condition &%first_delivery%& can be used to detect the first run of the system
168e428f 1472filter.
9b371988
PH
1473.next
1474Each recipient address is offered to each configured router in turn, subject to
1475its preconditions, until one is able to handle it. If no router can handle the
1476address, that is, if they all decline, the address is failed. Because routers
1477can be targeted at particular domains, several locally handled domains can be
1478processed entirely independently of each other.
1479.next
1480.cindex "routing" "loops in"
1481.cindex "loop" "while routing"
1482A router that accepts an address may assign it to a local or a remote
1483transport. However, the transport is not run at this time. Instead, the address
1484is placed on a list for the particular transport, which will be run later.
068aaea8
PH
1485Alternatively, the router may generate one or more new addresses (typically
1486from alias, forward, or filter files). New addresses are fed back into this
1487process from the top, but in order to avoid loops, a router ignores any address
1488which has an identically-named ancestor that was processed by itself.
9b371988
PH
1489.next
1490When all the routing has been done, addresses that have been successfully
168e428f
PH
1491handled are passed to their assigned transports. When local transports are
1492doing real local deliveries, they handle only one address at a time, but if a
1493local transport is being used as a pseudo-remote transport (for example, to
1494collect batched SMTP messages for transmission by some other means) multiple
1495addresses can be handled. Remote transports can always handle more than one
1496address at a time, but can be configured not to do so, or to restrict multiple
1497addresses to the same domain.
9b371988
PH
1498.next
1499Each local delivery to a file or a pipe runs in a separate process under a
168e428f
PH
1500non-privileged uid, and these deliveries are run one at a time. Remote
1501deliveries also run in separate processes, normally under a uid that is private
9b371988 1502to Exim (&"the Exim user"&), but in this case, several remote deliveries can be
168e428f 1503run in parallel. The maximum number of simultaneous remote deliveries for any
9b371988 1504one message is set by the &%remote_max_parallel%& option.
168e428f
PH
1505The order in which deliveries are done is not defined, except that all local
1506deliveries happen before any remote deliveries.
9b371988
PH
1507.next
1508.cindex "queue runner"
168e428f
PH
1509When it encounters a local delivery during a queue run, Exim checks its retry
1510database to see if there has been a previous temporary delivery failure for the
1511address before running the local transport. If there was a previous failure,
1512Exim does not attempt a new delivery until the retry time for the address is
1513reached. However, this happens only for delivery attempts that are part of a
1514queue run. Local deliveries are always attempted when delivery immediately
1515follows message reception, even if retry times are set for them. This makes for
1516better behaviour if one particular message is causing problems (for example,
1517causing quota overflow, or provoking an error in a filter file).
9b371988
PH
1518.next
1519.cindex "delivery" "retry in remote transports"
168e428f
PH
1520Remote transports do their own retry handling, since an address may be
1521deliverable to one of a number of hosts, each of which may have a different
1522retry time. If there have been previous temporary failures and no host has
1523reached its retry time, no delivery is attempted, whether in a queue run or
9b371988
PH
1524not. See chapter &<<CHAPretry>>& for details of retry strategies.
1525.next
1526If there were any permanent errors, a bounce message is returned to an
168e428f
PH
1527appropriate address (the sender in the common case), with details of the error
1528for each failing address. Exim can be configured to send copies of bounce
1529messages to other addresses.
9b371988
PH
1530.next
1531.cindex "delivery" "deferral"
168e428f
PH
1532If one or more addresses suffered a temporary failure, the message is left on
1533the queue, to be tried again later. Delivery of these addresses is said to be
9b371988
PH
1534&'deferred'&.
1535.next
1536When all the recipient addresses have either been delivered or bounced,
168e428f
PH
1537handling of the message is complete. The spool files and message log are
1538deleted, though the message log can optionally be preserved if required.
9b371988 1539.endlist
168e428f
PH
1540
1541
1542
1543
f89d2485 1544.section "Retry mechanism" "SECID19"
9b371988
PH
1545.cindex "delivery" "retry mechanism"
1546.cindex "retry" "description of mechanism"
1547.cindex "queue runner"
168e428f
PH
1548Exim's mechanism for retrying messages that fail to get delivered at the first
1549attempt is the queue runner process. You must either run an Exim daemon that
9b371988
PH
1550uses the &%-q%& option with a time interval to start queue runners at regular
1551intervals, or use some other means (such as &'cron'&) to start them. If you do
168e428f
PH
1552not arrange for queue runners to be run, messages that fail temporarily at the
1553first attempt will remain on your queue for ever. A queue runner process works
068aaea8 1554its way through the queue, one message at a time, trying each delivery that has
168e428f
PH
1555passed its retry time.
1556You can run several queue runners at once.
1557
1558Exim uses a set of configured rules to determine when next to retry the failing
9b371988
PH
1559address (see chapter &<<CHAPretry>>&). These rules also specify when Exim
1560should give up trying to deliver to the address, at which point it generates a
1561bounce message. If no retry rules are set for a particular host, address, and
1562error combination, no retries are attempted, and temporary errors are treated
1563as permanent.
168e428f
PH
1564
1565
1566
f89d2485 1567.section "Temporary delivery failure" "SECID20"
9b371988 1568.cindex "delivery" "temporary failure"
168e428f
PH
1569There are many reasons why a message may not be immediately deliverable to a
1570particular address. Failure to connect to a remote machine (because it, or the
1571connection to it, is down) is one of the most common. Temporary failures may be
1572detected during routing as well as during the transport stage of delivery.
1573Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
1574is on a file system where the user is over quota. Exim can be configured to
1575impose its own quotas on local mailboxes; where system quotas are set they will
1576also apply.
1577
1578If a host is unreachable for a period of time, a number of messages may be
1579waiting for it by the time it recovers, and sending them in a single SMTP
1580connection is clearly beneficial. Whenever a delivery to a remote host is
1581deferred,
9b371988 1582.cindex "hints database"
168e428f
PH
1583Exim makes a note in its hints database, and whenever a successful
1584SMTP delivery has happened, it looks to see if any other messages are waiting
1585for the same host. If any are found, they are sent over the same SMTP
1586connection, subject to a configuration limit as to the maximum number in any
1587one connection.
168e428f
PH
1588
1589
1590
f89d2485 1591.section "Permanent delivery failure" "SECID21"
9b371988
PH
1592.cindex "delivery" "permanent failure"
1593.cindex "bounce message" "when generated"
168e428f
PH
1594When a message cannot be delivered to some or all of its intended recipients, a
1595bounce message is generated. Temporary delivery failures turn into permanent
1596errors when their timeout expires. All the addresses that fail in a given
1597delivery attempt are listed in a single message. If the original message has
1598many recipients, it is possible for some addresses to fail in one delivery
1599attempt and others to fail subsequently, giving rise to more than one bounce
1600message. The wording of bounce messages can be customized by the administrator.
9b371988 1601See chapter &<<CHAPemsgcust>>& for details.
168e428f 1602
9b371988
PH
1603.cindex "&'X-Failed-Recipients:'& header line"
1604Bounce messages contain an &'X-Failed-Recipients:'& header line that lists the
168e428f
PH
1605failed addresses, for the benefit of programs that try to analyse such messages
1606automatically.
1607
9b371988 1608.cindex "bounce message" "recipient of"
168e428f
PH
1609A bounce message is normally sent to the sender of the original message, as
1610obtained from the message's envelope. For incoming SMTP messages, this is the
9b371988
PH
1611address given in the MAIL command. However, when an address is expanded via a
1612forward or alias file, an alternative address can be specified for delivery
1613failures of the generated addresses. For a mailing list expansion (see section
1614&<<SECTmailinglists>>&) it is common to direct bounce messages to the manager
1615of the list.
168e428f
PH
1616
1617
1618
f89d2485 1619.section "Failures to deliver bounce messages" "SECID22"
9b371988 1620.cindex "bounce message" "failure to deliver"
168e428f
PH
1621If a bounce message (either locally generated or received from a remote host)
1622itself suffers a permanent delivery failure, the message is left on the queue,
1623but it is frozen, awaiting the attention of an administrator. There are options
068aaea8 1624that can be used to make Exim discard such failed messages, or to keep them
9b371988
PH
1625for only a short time (see &%timeout_frozen_after%& and
1626&%ignore_bounce_errors_after%&).
168e428f
PH
1627
1628
1629
1630
1631
9b371988
PH
1632. ////////////////////////////////////////////////////////////////////////////
1633. ////////////////////////////////////////////////////////////////////////////
168e428f 1634
f89d2485 1635.chapter "Building and installing Exim" "CHID3"
4f578862 1636.scindex IIDbuex "building Exim"
168e428f 1637
f89d2485
PH
1638.section "Unpacking" "SECID23"
1639Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
168e428f 1640creates a directory with the name of the current release (for example,
2aee48d6 1641&_exim-&version()_&) into which the following files are placed:
9b371988
PH
1642
1643.table2 140pt
f89d2485
PH
1644.irow &_ACKNOWLEDGMENTS_& "contains some acknowledgments"
1645.irow &_CHANGES_& "contains a reference to where changes are &&&
1646 documented"
1647.irow &_LICENCE_& "the GNU General Public Licence"
1648.irow &_Makefile_& "top-level make file"
1649.irow &_NOTICE_& "conditions for the use of Exim"
1650.irow &_README_& "list of files, directories and simple build &&&
1651 instructions"
9b371988
PH
1652.endtable
1653
1654Other files whose names begin with &_README_& may also be present. The
168e428f
PH
1655following subdirectories are created:
1656
9b371988 1657.table2 140pt
f89d2485
PH
1658.irow &_Local_& "an empty directory for local configuration files"
1659.irow &_OS_& "OS-specific files"
1660.irow &_doc_& "documentation files"
1661.irow &_exim_monitor_& "source files for the Exim monitor"
1662.irow &_scripts_& "scripts used in the build process"
1663.irow &_src_& "remaining source files"
1664.irow &_util_& "independent utilities"
9b371988
PH
1665.endtable
1666
1667The main utility programs are contained in the &_src_& directory, and are built
1668with the Exim binary. The &_util_& directory contains a few optional scripts
168e428f
PH
1669that may be useful to some sites.
1670
1671
f89d2485 1672.section "Multiple machine architectures and operating systems" "SECID24"
9b371988 1673.cindex "building Exim" "multiple OS/architectures"
168e428f
PH
1674The building process for Exim is arranged to make it easy to build binaries for
1675a number of different architectures and operating systems from the same set of
9b371988
PH
1676source files. Compilation does not take place in the &_src_& directory.
1677Instead, a &'build directory'& is created for each architecture and operating
1678system.
1679.cindex "symbolic link" "to build directory"
168e428f 1680Symbolic links to the sources are installed in this directory, which is where
9b371988
PH
1681the actual building takes place. In most cases, Exim can discover the machine
1682architecture and operating system for itself, but the defaults can be
1683overridden if necessary.
168e428f 1684
168e428f 1685
8473d4ee 1686.section "PCRE library" "SECTpcre"
210f147e
NM
1687.cindex "PCRE library"
1688Exim no longer has an embedded PCRE library as the vast majority of
1689modern systems include PCRE as a system library, although you may need
1690to install the PCRE or PCRE development package for your operating
1691system. If your system has a normal PCRE installation the Exim build
1692process will need no further configuration. If the library or the
6a6084f8
PP
1693headers are in an unusual location you will need to either set the PCRE_LIBS
1694and INCLUDE directives appropriately,
1695or set PCRE_CONFIG=yes to use the installed &(pcre-config)& command.
1696If your operating system has no
210f147e
NM
1697PCRE support then you will need to obtain and build the current PCRE
1698from &url(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/).
6a6084f8 1699More information on PCRE is available at &url(http://www.pcre.org/).
210f147e 1700
9b371988
PH
1701.section "DBM libraries" "SECTdb"
1702.cindex "DBM libraries" "discussion of"
1703.cindex "hints database" "DBM files used for"
168e428f
PH
1704Even if you do not use any DBM files in your configuration, Exim still needs a
1705DBM library in order to operate, because it uses indexed files for its hints
1706databases. Unfortunately, there are a number of DBM libraries in existence, and
1707different operating systems often have different ones installed.
1708
9b371988 1709.cindex "Solaris" "DBM library for"
f89d2485
PH
1710.cindex "IRIX, DBM library for"
1711.cindex "BSD, DBM library for"
1712.cindex "Linux, DBM library for"
168e428f
PH
1713If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
1714Linux distribution, the DBM configuration should happen automatically, and you
1715may be able to ignore this section. Otherwise, you may have to learn more than
1716you would like about DBM libraries from what follows.
1717
9b371988 1718.cindex "&'ndbm'& DBM library"
168e428f 1719Licensed versions of Unix normally contain a library of DBM functions operating
9b371988 1720via the &'ndbm'& interface, and this is what Exim expects by default. Free
168e428f
PH
1721versions of Unix seem to vary in what they contain as standard. In particular,
1722some early versions of Linux have no default DBM library, and different
1723distributors have chosen to bundle different libraries with their packaged
f89d2485 1724versions. However, the more recent releases seem to have standardized on the
168e428f
PH
1725Berkeley DB library.
1726
1727Different DBM libraries have different conventions for naming the files they
9b371988 1728use. When a program opens a file called &_dbmfile_&, there are several
168e428f
PH
1729possibilities:
1730
9b371988
PH
1731.olist
1732A traditional &'ndbm'& implementation, such as that supplied as part of
1733Solaris, operates on two files called &_dbmfile.dir_& and &_dbmfile.pag_&.
1734.next
1735.cindex "&'gdbm'& DBM library"
1736The GNU library, &'gdbm'&, operates on a single file. If used via its &'ndbm'&
168e428f 1737compatibility interface it makes two different hard links to it with names
9b371988 1738&_dbmfile.dir_& and &_dbmfile.pag_&, but if used via its native interface, the
168e428f 1739file name is used unmodified.
9b371988
PH
1740.next
1741.cindex "Berkeley DB library"
1742The Berkeley DB package, if called via its &'ndbm'& compatibility interface,
1743operates on a single file called &_dbmfile.db_&, but otherwise looks to the
1744programmer exactly the same as the traditional &'ndbm'& implementation.
1745.next
1746If the Berkeley package is used in its native mode, it operates on a single
1747file called &_dbmfile_&; the programmer's interface is somewhat different to
1748the traditional &'ndbm'& interface.
1749.next
1750To complicate things further, there are several very different versions of the
168e428f 1751Berkeley DB package. Version 1.85 was stable for a very long time, releases
9b371988
PH
17522.&'x'& and 3.&'x'& were current for a while, but the latest versions are now
1753numbered 4.&'x'&. Maintenance of some of the earlier releases has ceased. All
168e428f 1754versions of Berkeley DB can be obtained from
9b371988
PH
1755&url(http://www.sleepycat.com/).
1756.next
1757.cindex "&'tdb'& DBM library"
1758Yet another DBM library, called &'tdb'&, is available from
1759&url(http://download.sourceforge.net/tdb). It has its own interface, and also
1760operates on a single file.
1761.endlist
1762
1763.cindex "USE_DB"
1764.cindex "DBM libraries" "configuration for building"
168e428f
PH
1765Exim and its utilities can be compiled to use any of these interfaces. In order
1766to use any version of the Berkeley DB package in native mode, you must set
1767USE_DB in an appropriate configuration file (typically
9b371988
PH
1768&_Local/Makefile_&). For example:
1769.code
1770USE_DB=yes
1771.endd
168e428f
PH
1772Similarly, for gdbm you set USE_GDBM, and for tdb you set USE_TDB. An
1773error is diagnosed if you set more than one of these.
1774
1775At the lowest level, the build-time configuration sets none of these options,
1776thereby assuming an interface of type (1). However, some operating system
1777configuration files (for example, those for the BSD operating systems and
1778Linux) assume type (4) by setting USE_DB as their default, and the
1779configuration files for Cygwin set USE_GDBM. Anything you set in
9b371988 1780&_Local/Makefile_&, however, overrides these system defaults.
168e428f
PH
1781
1782As well as setting USE_DB, USE_GDBM, or USE_TDB, it may also be
1783necessary to set DBMLIB, to cause inclusion of the appropriate library, as
1784in one of these lines:
9b371988
PH
1785.code
1786DBMLIB = -ldb
1787DBMLIB = -ltdb
1788.endd
168e428f
PH
1789Settings like that will work if the DBM library is installed in the standard
1790place. Sometimes it is not, and the library's header file may also not be in
1791the default path. You may need to set INCLUDE to specify where the header
1792file is, and to specify the path to the library more fully in DBMLIB, as in
1793this example:
9b371988
PH
1794.code
1795INCLUDE=-I/usr/local/include/db-4.1
1796DBMLIB=/usr/local/lib/db-4.1/libdb.a
1797.endd
168e428f 1798There is further detailed discussion about the various DBM libraries in the
9b371988 1799file &_doc/dbm.discuss.txt_& in the Exim distribution.
168e428f
PH
1800
1801
1802
f89d2485 1803.section "Pre-building configuration" "SECID25"
9b371988
PH
1804.cindex "building Exim" "pre-building configuration"
1805.cindex "configuration for building Exim"
1806.cindex "&_Local/Makefile_&"
1807.cindex "&_src/EDITME_&"
168e428f
PH
1808Before building Exim, a local configuration file that specifies options
1809independent of any operating system has to be created with the name
9b371988
PH
1810&_Local/Makefile_&. A template for this file is supplied as the file
1811&_src/EDITME_&, and it contains full descriptions of all the option settings
168e428f
PH
1812therein. These descriptions are therefore not repeated here. If you are
1813building Exim for the first time, the simplest thing to do is to copy
9b371988 1814&_src/EDITME_& to &_Local/Makefile_&, then read it and edit it appropriately.
168e428f
PH
1815
1816There are three settings that you must supply, because Exim will not build
1817without them. They are the location of the run time configuration file
1818(CONFIGURE_FILE), the directory in which Exim binaries will be installed
1819(BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and
1820maybe EXIM_GROUP as well). The value of CONFIGURE_FILE can in fact be
1821a colon-separated list of file names; Exim uses the first of them that exists.
1822
1823There are a few other parameters that can be specified either at build time or
1824at run time, to enable the same binary to be used on a number of different
1825machines. However, if the locations of Exim's spool directory and log file
1826directory (if not within the spool directory) are fixed, it is recommended that
9b371988 1827you specify them in &_Local/Makefile_& instead of at run time, so that errors
168e428f
PH
1828detected early in Exim's execution (such as a malformed configuration file) can
1829be logged.
1830
9b371988 1831.cindex "content scanning" "specifying at build time"
068aaea8 1832Exim's interfaces for calling virus and spam scanning software directly from
168e428f
PH
1833access control lists are not compiled by default. If you want to include these
1834facilities, you need to set
9b371988
PH
1835.code
1836WITH_CONTENT_SCAN=yes
1837.endd
1838in your &_Local/Makefile_&. For details of the facilities themselves, see
1839chapter &<<CHAPexiscan>>&.
168e428f
PH
1840
1841
9b371988 1842.cindex "&_Local/eximon.conf_&"
3cb1b51e 1843.cindex "&_exim_monitor/EDITME_&"
168e428f 1844If you are going to build the Exim monitor, a similar configuration process is
9b371988
PH
1845required. The file &_exim_monitor/EDITME_& must be edited appropriately for
1846your installation and saved under the name &_Local/eximon.conf_&. If you are
1847happy with the default settings described in &_exim_monitor/EDITME_&,
1848&_Local/eximon.conf_& can be empty, but it must exist.
168e428f
PH
1849
1850This is all the configuration that is needed in straightforward cases for known
1851operating systems. However, the building process is set up so that it is easy
1852to override options that are set by default or by operating-system-specific
1853configuration files, for example to change the name of the C compiler, which
9b371988
PH
1854defaults to &%gcc%&. See section &<<SECToverride>>& below for details of how to
1855do this.
168e428f
PH
1856
1857
1858
f89d2485 1859.section "Support for iconv()" "SECID26"
9b371988
PH
1860.cindex "&[iconv()]& support"
1861.cindex "RFC 2047"
168e428f
PH
1862The contents of header lines in messages may be encoded according to the rules
1863described RFC 2047. This makes it possible to transmit characters that are not
1864in the ASCII character set, and to label them as being in a particular
9b371988 1865character set. When Exim is inspecting header lines by means of the &%$h_%&
168e428f
PH
1866mechanism, it decodes them, and translates them into a specified character set
1867(default ISO-8859-1). The translation is possible only if the operating system
9b371988
PH
1868supports the &[iconv()]& function.
1869
1870However, some of the operating systems that supply &[iconv()]& do not support
1871very many conversions. The GNU &%libiconv%& library (available from
1872&url(http://www.gnu.org/software/libiconv/)) can be installed on such
1873systems to remedy this deficiency, as well as on systems that do not supply
1874&[iconv()]& at all. After installing &%libiconv%&, you should add
1875.code
1876HAVE_ICONV=yes
1877.endd
1878to your &_Local/Makefile_& and rebuild Exim.
1879
1880
1881
1882.section "Including TLS/SSL encryption support" "SECTinctlsssl"
1883.cindex "TLS" "including support for TLS"
1884.cindex "encryption" "including support for"
1885.cindex "SUPPORT_TLS"
1886.cindex "OpenSSL" "building Exim with"
1887.cindex "GnuTLS" "building Exim with"
168e428f
PH
1888Exim can be built to support encrypted SMTP connections, using the STARTTLS
1889command as per RFC 2487. It can also support legacy clients that expect to
1890start a TLS session immediately on connection to a non-standard port (see the
9b371988 1891&%tls_on_connect_ports%& runtime option and the &%-tls-on-connect%& command
168e428f
PH
1892line option).
1893
1894If you want to build Exim with TLS support, you must first install either the
1895OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
1896implementing SSL.
1897
1898If OpenSSL is installed, you should set
9b371988
PH
1899.code
1900SUPPORT_TLS=yes
1901TLS_LIBS=-lssl -lcrypto
1902.endd
1903in &_Local/Makefile_&. You may also need to specify the locations of the
168e428f 1904OpenSSL library and include files. For example:
9b371988
PH
1905.code
1906SUPPORT_TLS=yes
1907TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
1908TLS_INCLUDE=-I/usr/local/openssl/include/
1909.endd
7e6a8985
PP
1910.cindex "pkg-config" "OpenSSL"
1911If you have &'pkg-config'& available, then instead you can just use:
1912.code
1913SUPPORT_TLS=yes
1914USE_OPENSSL_PC=openssl
1915.endd
9b371988 1916.cindex "USE_GNUTLS"
168e428f 1917If GnuTLS is installed, you should set
9b371988
PH
1918.code
1919SUPPORT_TLS=yes
1920USE_GNUTLS=yes
1921TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
1922.endd
1923in &_Local/Makefile_&, and again you may need to specify the locations of the
168e428f 1924library and include files. For example:
9b371988
PH
1925.code
1926SUPPORT_TLS=yes
1927USE_GNUTLS=yes
1928TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
1929TLS_INCLUDE=-I/usr/gnu/include
1930.endd
7e6a8985
PP
1931.cindex "pkg-config" "GnuTLS"
1932If you have &'pkg-config'& available, then instead you can just use:
1933.code
1934SUPPORT_TLS=yes
1935USE_GNUTLS=yes
1936USE_GNUTLS_PC=gnutls
1937.endd
7e6a8985 1938
168e428f 1939You do not need to set TLS_INCLUDE if the relevant directory is already
9b371988
PH
1940specified in INCLUDE. Details of how to configure Exim to make use of TLS are
1941given in chapter &<<CHAPTLS>>&.
168e428f
PH
1942
1943
1944
1945
b52ed2b3
NM
1946.section "Use of tcpwrappers" "SECID27"
1947
f89d2485 1948.cindex "tcpwrappers, building Exim to support"
9b371988 1949.cindex "USE_TCP_WRAPPERS"
5dc43717
JJ
1950.cindex "TCP_WRAPPERS_DAEMON_NAME"
1951.cindex "tcp_wrappers_daemon_name"
9b371988
PH
1952Exim can be linked with the &'tcpwrappers'& library in order to check incoming
1953SMTP calls using the &'tcpwrappers'& control files. This may be a convenient
168e428f 1954alternative to Exim's own checking facilities for installations that are
9b371988
PH
1955already making use of &'tcpwrappers'& for other purposes. To do this, you
1956should set USE_TCP_WRAPPERS in &_Local/Makefile_&, arrange for the file
1957&_tcpd.h_& to be available at compile time, and also ensure that the library
1958&_libwrap.a_& is available at link time, typically by including &%-lwrap%& in
1959EXTRALIBS_EXIM. For example, if &'tcpwrappers'& is installed in &_/usr/local_&,
1960you might have
1961.code
1962USE_TCP_WRAPPERS=yes
1963CFLAGS=-O -I/usr/local/include
1964EXTRALIBS_EXIM=-L/usr/local/lib -lwrap
1965.endd
5dc43717
JJ
1966in &_Local/Makefile_&. The daemon name to use in the &'tcpwrappers'& control
1967files is &"exim"&. For example, the line
9b371988
PH
1968.code
1969exim : LOCAL 192.168.1. .friendly.domain.example
1970.endd
1971in your &_/etc/hosts.allow_& file allows connections from the local host, from
1972the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&.
5dc43717
JJ
1973All other connections are denied. The daemon name used by &'tcpwrappers'&
1974can be changed at build time by setting TCP_WRAPPERS_DAEMON_NAME in
a543079f 1975&_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the
5dc43717 1976configure file. Consult the &'tcpwrappers'& documentation for
168e428f 1977further details.
168e428f
PH
1978
1979
f89d2485 1980.section "Including support for IPv6" "SECID28"
9b371988 1981.cindex "IPv6" "including support for"
168e428f 1982Exim contains code for use on systems that have IPv6 support. Setting
9b371988 1983&`HAVE_IPV6=YES`& in &_Local/Makefile_& causes the IPv6 code to be included;
168e428f
PH
1984it may also be necessary to set IPV6_INCLUDE and IPV6_LIBS on systems
1985where the IPv6 support is not fully integrated into the normal include and
1986library files.
1987
1988Two different types of DNS record for handling IPv6 addresses have been
f89d2485 1989defined. AAAA records (analogous to A records for IPv4) are in use, and are
168e428f
PH
1990currently seen as the mainstream. Another record type called A6 was proposed
1991as better than AAAA because it had more flexibility. However, it was felt to be
9b371988 1992over-complex, and its status was reduced to &"experimental"&. It is not known
168e428f 1993if anyone is actually using A6 records. Exim has support for A6 records, but
9b371988 1994this is included only if you set &`SUPPORT_A6=YES`& in &_Local/Makefile_&. The
168e428f
PH
1995support has not been tested for some time.
1996
1997
1998
0a349494
PP
1999.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
2000.cindex "lookup modules"
2001.cindex "dynamic modules"
2002.cindex ".so building"
2003On some platforms, Exim supports not compiling all lookup types directly into
2004the main binary, instead putting some into external modules which can be loaded
2005on demand.
2006This permits packagers to build Exim with support for lookups with extensive
2007library dependencies without requiring all users to install all of those
2008dependencies.
2009Most, but not all, lookup types can be built this way.
2010
2011Set &`LOOKUP_MODULE_DIR`& to the directory into which the modules will be
2012installed; Exim will only load modules from that directory, as a security
2013measure. You will need to set &`CFLAGS_DYNAMIC`& if not already defined
2014for your OS; see &_OS/Makefile-Linux_& for an example.
2015Some other requirements for adjusting &`EXTRALIBS`& may also be necessary,
2016see &_src/EDITME_& for details.
2017
2018Then, for each module to be loaded dynamically, define the relevant
2019&`LOOKUP_`&<&'lookup_type'&> flags to have the value "2" instead of "yes".
2020For example, this will build in lsearch but load sqlite and mysql support
2021on demand:
2022.code
2023LOOKUP_LSEARCH=yes
2024LOOKUP_SQLITE=2
2025LOOKUP_MYSQL=2
2026.endd
5d758a46 2027
0a349494 2028
f89d2485 2029.section "The building process" "SECID29"
9b371988
PH
2030.cindex "build directory"
2031Once &_Local/Makefile_& (and &_Local/eximon.conf_&, if required) have been
2032created, run &'make'& at the top level. It determines the architecture and
168e428f
PH
2033operating system types, and creates a build directory if one does not exist.
2034For example, on a Sun system running Solaris 8, the directory
9b371988
PH
2035&_build-SunOS5-5.8-sparc_& is created.
2036.cindex "symbolic link" "to source files"
168e428f
PH
2037Symbolic links to relevant source files are installed in the build directory.
2038
9b371988 2039&*Warning*&: The &%-j%& (parallel) flag must not be used with &'make'&; the
168e428f
PH
2040building process fails if it is set.
2041
9b371988 2042If this is the first time &'make'& has been run, it calls a script that builds
168e428f 2043a make file inside the build directory, using the configuration files from the
9b371988
PH
2044&_Local_& directory. The new make file is then passed to another instance of
2045&'make'&. This does the real work, building a number of utility scripts, and
168e428f 2046then compiling and linking the binaries for the Exim monitor (if configured), a
9b371988
PH
2047number of utility programs, and finally Exim itself. The command &`make
2048makefile`& can be used to force a rebuild of the make file in the build
168e428f
PH
2049directory, should this ever be necessary.
2050
2051If you have problems building Exim, check for any comments there may be in the
9b371988 2052&_README_& file concerning your operating system, and also take a look at the
168e428f
PH
2053FAQ, where some common problems are covered.
2054
2055
2056
f89d2485 2057.section 'Output from &"make"&' "SECID283"
9b371988 2058The output produced by the &'make'& process for compile lines is often very
068aaea8
PH
2059unreadable, because these lines can be very long. For this reason, the normal
2060output is suppressed by default, and instead output similar to that which
2061appears when compiling the 2.6 Linux kernel is generated: just a short line for
2062each module that is being compiled or linked. However, it is still possible to
9b371988
PH
2063get the full output, by calling &'make'& like this:
2064.code
2065FULLECHO='' make -e
2066.endd
2067The value of FULLECHO defaults to &"@"&, the flag character that suppresses
2068command reflection in &'make'&. When you ask for the full output, it is
3cb1b51e 2069given in addition to the short output.
068aaea8
PH
2070
2071
2072
9b371988 2073.section "Overriding build-time options for Exim" "SECToverride"
f89d2485 2074.cindex "build-time options, overriding"
168e428f
PH
2075The main make file that is created at the beginning of the building process
2076consists of the concatenation of a number of files which set configuration
9b371988 2077values, followed by a fixed set of &'make'& instructions. If a value is set
168e428f
PH
2078more than once, the last setting overrides any previous ones. This provides a
2079convenient way of overriding defaults. The files that are concatenated are, in
2080order:
9b371988
PH
2081.display
2082&_OS/Makefile-Default_&
2083&_OS/Makefile-_&<&'ostype'&>
2084&_Local/Makefile_&
2085&_Local/Makefile-_&<&'ostype'&>
2086&_Local/Makefile-_&<&'archtype'&>
2087&_Local/Makefile-_&<&'ostype'&>-<&'archtype'&>
2088&_OS/Makefile-Base_&
2089.endd
2090.cindex "&_Local/Makefile_&"
2091.cindex "building Exim" "operating system type"
2092.cindex "building Exim" "architecture type"
2093where <&'ostype'&> is the operating system type and <&'archtype'&> is the
2094architecture type. &_Local/Makefile_& is required to exist, and the building
2095process fails if it is absent. The other three &_Local_& files are optional,
168e428f
PH
2096and are often not needed.
2097
9b371988
PH
2098The values used for <&'ostype'&> and <&'archtype'&> are obtained from scripts
2099called &_scripts/os-type_& and &_scripts/arch-type_& respectively. If either of
168e428f
PH
2100the environment variables EXIM_OSTYPE or EXIM_ARCHTYPE is set, their
2101values are used, thereby providing a means of forcing particular settings.
9b371988 2102Otherwise, the scripts try to get values from the &%uname%& command. If this
168e428f 2103fails, the shell variables OSTYPE and ARCHTYPE are inspected. A number
9b371988 2104of &'ad hoc'& transformations are then applied, to produce the standard names
168e428f
PH
2105that Exim expects. You can run these scripts directly from the shell in order
2106to find out what values are being used on your system.
2107
2108
9b371988 2109&_OS/Makefile-Default_& contains comments about the variables that are set
168e428f
PH
2110therein. Some (but not all) are mentioned below. If there is something that
2111needs changing, review the contents of this file and the contents of the make
9b371988 2112file for your operating system (&_OS/Makefile-<ostype>_&) to see what the
168e428f
PH
2113default values are.
2114
2115
9b371988
PH
2116.cindex "building Exim" "overriding default settings"
2117If you need to change any of the values that are set in &_OS/Makefile-Default_&
2118or in &_OS/Makefile-<ostype>_&, or to add any new definitions, you do not
168e428f 2119need to change the original files. Instead, you should make the changes by
9b371988
PH
2120putting the new values in an appropriate &_Local_& file. For example,
2121.cindex "Tru64-Unix build-time settings"
168e428f
PH
2122when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
2123formerly DEC-OSF1) operating system, it is necessary to specify that the C
9b371988
PH
2124compiler is called &'cc'& rather than &'gcc'&. Also, the compiler must be
2125called with the option &%-std1%&, to make it recognize some of the features of
168e428f 2126Standard C that Exim uses. (Most other compilers recognize Standard C by
9b371988 2127default.) To do this, you should create a file called &_Local/Makefile-OSF1_&
168e428f 2128containing the lines
9b371988
PH
2129.code
2130CC=cc
2131CFLAGS=-std1
2132.endd
168e428f 2133If you are compiling for just one operating system, it may be easier to put
9b371988 2134these lines directly into &_Local/Makefile_&.
168e428f
PH
2135
2136Keeping all your local configuration settings separate from the distributed
2137files makes it easy to transfer them to new versions of Exim simply by copying
9b371988 2138the contents of the &_Local_& directory.
168e428f
PH
2139
2140
9b371988
PH
2141.cindex "NIS lookup type" "including support for"
2142.cindex "NIS+ lookup type" "including support for"
2143.cindex "LDAP" "including support for"
2144.cindex "lookup" "inclusion in binary"
168e428f
PH
2145Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
2146lookup, but not all systems have these components installed, so the default is
2147not to include the relevant code in the binary. All the different kinds of file
2148and database lookup that Exim supports are implemented as separate code modules
2149which are included only if the relevant compile-time options are set. In the
9b371988
PH
2150case of LDAP, NIS, and NIS+, the settings for &_Local/Makefile_& are:
2151.code
2152LOOKUP_LDAP=yes
2153LOOKUP_NIS=yes
2154LOOKUP_NISPLUS=yes
2155.endd
168e428f 2156and similar settings apply to the other lookup types. They are all listed in
9b371988 2157&_src/EDITME_&. In many cases the relevant include files and interface
168e428f 2158libraries need to be installed before compiling Exim.
9b371988 2159.cindex "cdb" "including support for"
068aaea8
PH
2160However, there are some optional lookup types (such as cdb) for which
2161the code is entirely contained within Exim, and no external include
168e428f
PH
2162files or libraries are required. When a lookup type is not included in the
2163binary, attempts to configure Exim to use it cause run time configuration
2164errors.
2165
7e6a8985
PP
2166.cindex "pkg-config" "lookups"
2167.cindex "pkg-config" "authenticators"
252e0c7b
PP
2168Many systems now use a tool called &'pkg-config'& to encapsulate information
2169about how to compile against a library; Exim has some initial support for
2170being able to use pkg-config for lookups and authenticators. For any given
2171makefile variable which starts &`LOOKUP_`& or &`AUTH_`&, you can add a new
2172variable with the &`_PC`& suffix in the name and assign as the value the
2173name of the package to be queried. The results of querying via the
2174&'pkg-config'& command will be added to the appropriate Makefile variables
2175with &`+=`& directives, so your version of &'make'& will need to support that
2176syntax. For instance:
2177.code
2178LOOKUP_SQLITE=yes
2179LOOKUP_SQLITE_PC=sqlite3
2180AUTH_GSASL=yes
2181AUTH_GSASL_PC=libgsasl
2182AUTH_HEIMDAL_GSSAPI=yes
2183AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi
2184.endd
252e0c7b 2185
9b371988 2186.cindex "Perl" "including support for"
168e428f
PH
2187Exim can be linked with an embedded Perl interpreter, allowing Perl
2188subroutines to be called during string expansion. To enable this facility,
9b371988
PH
2189.code
2190EXIM_PERL=perl.o
2191.endd
2192must be defined in &_Local/Makefile_&. Details of this facility are given in
2193chapter &<<CHAPperl>>&.
168e428f 2194
f89d2485 2195.cindex "X11 libraries, location of"
168e428f 2196The location of the X11 libraries is something that varies a lot between
068aaea8 2197operating systems, and there may be different versions of X11 to cope
168e428f
PH
2198with. Exim itself makes no use of X11, but if you are compiling the Exim
2199monitor, the X11 libraries must be available.
9b371988
PH
2200The following three variables are set in &_OS/Makefile-Default_&:
2201.code
2202X11=/usr/X11R6
2203XINCLUDE=-I$(X11)/include
2204XLFLAGS=-L$(X11)/lib
2205.endd
168e428f 2206These are overridden in some of the operating-system configuration files. For
9b371988
PH
2207example, in &_OS/Makefile-SunOS5_& there is
2208.code
2209X11=/usr/openwin
2210XINCLUDE=-I$(X11)/include
2211XLFLAGS=-L$(X11)/lib -R$(X11)/lib
2212.endd
168e428f
PH
2213If you need to override the default setting for your operating system, place a
2214definition of all three of these variables into your
9b371988 2215&_Local/Makefile-<ostype>_& file.
168e428f 2216
9b371988 2217.cindex "EXTRALIBS"
168e428f
PH
2218If you need to add any extra libraries to the link steps, these can be put in a
2219variable called EXTRALIBS, which appears in all the link commands, but by
2220default is not defined. In contrast, EXTRALIBS_EXIM is used only on the
2221command for linking the main Exim binary, and not for any associated utilities.
2222
9b371988 2223.cindex "DBM libraries" "configuration for building"
168e428f 2224There is also DBMLIB, which appears in the link commands for binaries that
9b371988 2225use DBM functions (see also section &<<SECTdb>>&). Finally, there is
168e428f
PH
2226EXTRALIBS_EXIMON, which appears only in the link step for the Exim monitor
2227binary, and which can be used, for example, to include additional X11
2228libraries.
2229
9b371988 2230.cindex "configuration file" "editing"
168e428f
PH
2231The make file copes with rebuilding Exim correctly if any of the configuration
2232files are edited. However, if an optional configuration file is deleted, it is
9b371988
PH
2233necessary to touch the associated non-optional file (that is,
2234&_Local/Makefile_& or &_Local/eximon.conf_&) before rebuilding.
168e428f
PH
2235
2236
f89d2485 2237.section "OS-specific header files" "SECID30"
9b371988
PH
2238.cindex "&_os.h_&"
2239.cindex "building Exim" "OS-specific C header files"
2240The &_OS_& directory contains a number of files with names of the form
2241&_os.h-<ostype>_&. These are system-specific C header files that should not
168e428f 2242normally need to be changed. There is a list of macro settings that are
9b371988 2243recognized in the file &_OS/os.configuring_&, which should be consulted if you
168e428f
PH
2244are porting Exim to a new operating system.
2245
2246
2247
f89d2485
PH
2248.section "Overriding build-time options for the monitor" "SECID31"
2249.cindex "building Eximon"
168e428f
PH
2250A similar process is used for overriding things when building the Exim monitor,
2251where the files that are involved are
9b371988
PH
2252.display
2253&_OS/eximon.conf-Default_&
2254&_OS/eximon.conf-_&<&'ostype'&>
2255&_Local/eximon.conf_&
2256&_Local/eximon.conf-_&<&'ostype'&>
2257&_Local/eximon.conf-_&<&'archtype'&>
2258&_Local/eximon.conf-_&<&'ostype'&>-<&'archtype'&>
2259.endd
2260.cindex "&_Local/eximon.conf_&"
168e428f 2261As with Exim itself, the final three files need not exist, and in this case the
9b371988
PH
2262&_OS/eximon.conf-<ostype>_& file is also optional. The default values in
2263&_OS/eximon.conf-Default_& can be overridden dynamically by setting environment
168e428f
PH
2264variables of the same name, preceded by EXIMON_. For example, setting
2265EXIMON_LOG_DEPTH in the environment overrides the value of
2266LOG_DEPTH at run time.
4f578862 2267.ecindex IIDbuex
168e428f
PH
2268
2269
f89d2485 2270.section "Installing Exim binaries and scripts" "SECID32"
9b371988
PH
2271.cindex "installing Exim"
2272.cindex "BIN_DIRECTORY"
2273The command &`make install`& runs the &(exim_install)& script with no
2274arguments. The script copies binaries and utility scripts into the directory
2275whose name is specified by the BIN_DIRECTORY setting in &_Local/Makefile_&.
2276.cindex "setuid" "installing Exim with"
068aaea8
PH
2277The install script copies files only if they are newer than the files they are
2278going to replace. The Exim binary is required to be owned by root and have the
9b371988
PH
2279&'setuid'& bit set, for normal configurations. Therefore, you must run &`make
2280install`& as root so that it can set up the Exim binary in this way. However, in
068aaea8
PH
2281some special situations (for example, if a host is doing no local deliveries)
2282it may be possible to run Exim without making the binary setuid root (see
9b371988 2283chapter &<<CHAPsecurity>>& for details).
168e428f 2284
9b371988 2285.cindex "CONFIGURE_FILE"
168e428f 2286Exim's run time configuration file is named by the CONFIGURE_FILE setting
9b371988
PH
2287in &_Local/Makefile_&. If this names a single file, and the file does not
2288exist, the default configuration file &_src/configure.default_& is copied there
168e428f
PH
2289by the installation script. If a run time configuration file already exists, it
2290is left alone. If CONFIGURE_FILE is a colon-separated list, naming several
2291alternative files, no default is installed.
2292
9b371988
PH
2293.cindex "system aliases file"
2294.cindex "&_/etc/aliases_&"
168e428f
PH
2295One change is made to the default configuration file when it is installed: the
2296default configuration contains a router that references a system aliases file.
2297The path to this file is set to the value specified by
9b371988 2298SYSTEM_ALIASES_FILE in &_Local/Makefile_& (&_/etc/aliases_& by default).
168e428f
PH
2299If the system aliases file does not exist, the installation script creates it,
2300and outputs a comment to the user.
2301
2302The created file contains no aliases, but it does contain comments about the
2303aliases a site should normally have. Mail aliases have traditionally been
9b371988
PH
2304kept in &_/etc/aliases_&. However, some operating systems are now using
2305&_/etc/mail/aliases_&. You should check if yours is one of these, and change
168e428f
PH
2306Exim's configuration if necessary.
2307
2308The default configuration uses the local host's name as the only local domain,
9b371988
PH
2309and is set up to do local deliveries into the shared directory &_/var/mail_&,
2310running as the local user. System aliases and &_.forward_& files in users' home
168e428f
PH
2311directories are supported, but no NIS or NIS+ support is configured. Domains
2312other than the name of the local host are routed using the DNS, with delivery
2313over SMTP.
2314
168e428f
PH
2315It is possible to install Exim for special purposes (such as building a binary
2316distribution) in a private part of the file system. You can do this by a
2317command such as
9b371988
PH
2318.code
2319make DESTDIR=/some/directory/ install
2320.endd
168e428f
PH
2321This has the effect of pre-pending the specified directory to all the file
2322paths, except the name of the system aliases file that appears in the default
9b371988 2323configuration. (If a default alias file is created, its name &'is'& modified.)
168e428f
PH
2324For backwards compatibility, ROOT is used if DESTDIR is not set,
2325but this usage is deprecated.
2326
9b371988
PH
2327.cindex "installing Exim" "what is not installed"
2328Running &'make install'& does not copy the Exim 4 conversion script
40df1be3
TF
2329&'convert4r4'&. You will probably run this only once if you are
2330upgrading from Exim 3. None of the documentation files in the &_doc_&
168e428f 2331directory are copied, except for the info files when you have set
9b371988 2332INFO_DIRECTORY, as described in section &<<SECTinsinfdoc>>& below.
168e428f 2333
9b371988 2334For the utility programs, old versions are renamed by adding the suffix &_.O_&
168e428f
PH
2335to their names. The Exim binary itself, however, is handled differently. It is
2336installed under a name that includes the version number and the compile number,
2aee48d6 2337for example &_exim-&version()-1_&. The script then arranges for a symbolic link
9b371988
PH
2338called &_exim_& to point to the binary. If you are updating a previous version
2339of Exim, the script takes care to ensure that the name &_exim_& is never absent
168e428f
PH
2340from the directory (as seen by other processes).
2341
9b371988
PH
2342.cindex "installing Exim" "testing the script"
2343If you want to see what the &'make install'& will do before running it for
2344real, you can pass the &%-n%& option to the installation script by this
2345command:
2346.code
2347make INSTALL_ARG=-n install
2348.endd
168e428f
PH
2349The contents of the variable INSTALL_ARG are passed to the installation
2350script. You do not need to be root to run this test. Alternatively, you can run
2351the installation script directly, but this must be from within the build
2352directory. For example, from the top-level Exim directory you could use this
2353command:
9b371988
PH
2354.code
2355(cd build-SunOS5-5.5.1-sparc; ../scripts/exim_install -n)
2356.endd
2357.cindex "installing Exim" "install script options"
168e428f
PH
2358There are two other options that can be supplied to the installation script.
2359
9b371988
PH
2360.ilist
2361&%-no_chown%& bypasses the call to change the owner of the installed binary
168e428f 2362to root, and the call to make it a setuid binary.
9b371988
PH
2363.next
2364&%-no_symlink%& bypasses the setting up of the symbolic link &_exim_& to the
168e428f 2365installed binary.
9b371988 2366.endlist
168e428f
PH
2367
2368INSTALL_ARG can be used to pass these options to the script. For example:
9b371988
PH
2369.code
2370make INSTALL_ARG=-no_symlink install
2371.endd
168e428f
PH
2372The installation script can also be given arguments specifying which files are
2373to be copied. For example, to install just the Exim binary, and nothing else,
2374without creating the symbolic link, you could use:
9b371988
PH
2375.code
2376make INSTALL_ARG='-no_symlink exim' install
2377.endd
168e428f
PH
2378
2379
2380
9b371988
PH
2381.section "Installing info documentation" "SECTinsinfdoc"
2382.cindex "installing Exim" "&'info'& documentation"
2383Not all systems use the GNU &'info'& system for documentation, and for this
168e428f
PH
2384reason, the Texinfo source of Exim's documentation is not included in the main
2385distribution. Instead it is available separately from the ftp site (see section
9b371988 2386&<<SECTavail>>&).
168e428f 2387
9b371988
PH
2388If you have defined INFO_DIRECTORY in &_Local/Makefile_& and the Texinfo
2389source of the documentation is found in the source tree, running &`make
2390install`& automatically builds the info files and installs them.
168e428f
PH
2391
2392
2393
f89d2485 2394.section "Setting up the spool directory" "SECID33"
9b371988 2395.cindex "spool directory" "creating"
168e428f
PH
2396When it starts up, Exim tries to create its spool directory if it does not
2397exist. The Exim uid and gid are used for the owner and group of the spool
2398directory. Sub-directories are automatically created in the spool directory as
2399necessary.
2400
2401
2402
2403
f89d2485 2404.section "Testing" "SECID34"
9b371988 2405.cindex "testing" "installation"
168e428f
PH
2406Having installed Exim, you can check that the run time configuration file is
2407syntactically valid by running the following command, which assumes that the
2408Exim binary directory is within your PATH environment variable:
9b371988
PH
2409.code
2410exim -bV
2411.endd
168e428f
PH
2412If there are any errors in the configuration file, Exim outputs error messages.
2413Otherwise it outputs the version number and build date,
2414the DBM library that is being used, and information about which drivers and
2415other optional code modules are included in the binary.
2416Some simple routing tests can be done by using the address testing option. For
2417example,
9b371988
PH
2418.display
2419&`exim -bt`& <&'local username'&>
2420.endd
168e428f 2421should verify that it recognizes a local mailbox, and
9b371988
PH
2422.display
2423&`exim -bt`& <&'remote address'&>
2424.endd
168e428f
PH
2425a remote one. Then try getting it to deliver mail, both locally and remotely.
2426This can be done by passing messages directly to Exim, without going through a
2427user agent. For example:
9b371988 2428.code
068aaea8
PH
2429exim -v postmaster@your.domain.example
2430From: user@your.domain.example
2431To: postmaster@your.domain.example
2432Subject: Testing Exim
168e428f 2433
068aaea8
PH
2434This is a test message.
2435^D
9b371988
PH
2436.endd
2437The &%-v%& option causes Exim to output some verification of what it is doing.
168e428f 2438In this case you should see copies of three log lines, one for the message's
9b371988 2439arrival, one for its delivery, and one containing &"Completed"&.
168e428f 2440
9b371988
PH
2441.cindex "delivery" "problems with"
2442If you encounter problems, look at Exim's log files (&'mainlog'& and
2443&'paniclog'&) to see if there is any relevant information there. Another source
168e428f 2444of information is running Exim with debugging turned on, by specifying the
9b371988 2445&%-d%& option. If a message is stuck on Exim's spool, you can force a delivery
168e428f 2446with debugging turned on by a command of the form
9b371988
PH
2447.display
2448&`exim -d -M`& <&'exim-message-id'&>
2449.endd
2450You must be root or an &"admin user"& in order to do this. The &%-d%& option
168e428f 2451produces rather a lot of output, but you can cut this down to specific areas.
9b371988
PH
2452For example, if you use &%-d-all+route%& only the debugging information
2453relevant to routing is included. (See the &%-d%& option in chapter
2454&<<CHAPcommandline>>& for more details.)
168e428f 2455
9b371988
PH
2456.cindex '&"sticky"& bit'
2457.cindex "lock files"
168e428f
PH
2458One specific problem that has shown up on some sites is the inability to do
2459local deliveries into a shared mailbox directory, because it does not have the
9b371988 2460&"sticky bit"& set on it. By default, Exim tries to create a lock file before
168e428f 2461writing to a mailbox file, and if it cannot create the lock file, the delivery
9b371988 2462is deferred. You can get round this either by setting the &"sticky bit"& on the
168e428f
PH
2463directory, or by setting a specific group for local deliveries and allowing
2464that group to create files in the directory (see the comments above the
9b371988 2465&(local_delivery)& transport in the default configuration file). Another
168e428f 2466approach is to configure Exim not to use lock files, but just to rely on
9b371988
PH
2467&[fcntl()]& locking instead. However, you should do this only if all user
2468agents also use &[fcntl()]& locking. For further discussion of locking issues,
2469see chapter &<<CHAPappendfile>>&.
168e428f
PH
2470
2471One thing that cannot be tested on a system that is already running an MTA is
2472the receipt of incoming SMTP mail on the standard SMTP port. However, the
9b371988
PH
2473&%-oX%& option can be used to run an Exim daemon that listens on some other
2474port, or &'inetd'& can be used to do this. The &%-bh%& option and the
2475&'exim_checkaccess'& utility can be used to check out policy controls on
168e428f
PH
2476incoming SMTP mail.
2477
2478Testing a new version on a system that is already running Exim can most easily
2479be done by building a binary with a different CONFIGURE_FILE setting. From
2480within the run time configuration, all other file and directory names
2481that Exim uses can be altered, in order to keep it entirely clear of the
2482production version.
2483
2484
f89d2485 2485.section "Replacing another MTA with Exim" "SECID35"
9b371988 2486.cindex "replacing another MTA"
168e428f
PH
2487Building and installing Exim for the first time does not of itself put it in
2488general use. The name by which the system's MTA is called by mail user agents
9b371988
PH
2489is either &_/usr/sbin/sendmail_&, or &_/usr/lib/sendmail_& (depending on the
2490operating system), and it is necessary to make this name point to the &'exim'&
168e428f 2491binary in order to get the user agents to pass messages to Exim. This is
9b371988
PH
2492normally done by renaming any existing file and making &_/usr/sbin/sendmail_&
2493or &_/usr/lib/sendmail_&
2494.cindex "symbolic link" "to &'exim'& binary"
2495a symbolic link to the &'exim'& binary. It is a good idea to remove any setuid
168e428f
PH
2496privilege and executable status from the old MTA. It is then necessary to stop
2497and restart the mailer daemon, if one is running.
2498
f89d2485 2499.cindex "FreeBSD, MTA indirection"
9b371988 2500.cindex "&_/etc/mail/mailer.conf_&"
168e428f
PH
2501Some operating systems have introduced alternative ways of switching MTAs. For
2502example, if you are running FreeBSD, you need to edit the file
9b371988 2503&_/etc/mail/mailer.conf_& instead of setting up a symbolic link as just
168e428f
PH
2504described. A typical example of the contents of this file for running Exim is
2505as follows:
9b371988
PH
2506.code
2507sendmail /usr/exim/bin/exim
2508send-mail /usr/exim/bin/exim
2509mailq /usr/exim/bin/exim -bp
2510newaliases /usr/bin/true
2511.endd
2512Once you have set up the symbolic link, or edited &_/etc/mail/mailer.conf_&,
2513your Exim installation is &"live"&. Check it by sending a message from your
168e428f
PH
2514favourite user agent.
2515
2516You should consider what to tell your users about the change of MTA. Exim may
2517have different capabilities to what was previously running, and there are
2518various operational differences such as the text of messages produced by
2519command line options and in bounce messages. If you allow your users to make
2520use of Exim's filtering capabilities, you should make the document entitled
9b371988 2521&'Exim's interface to mail filtering'& available to them.
168e428f
PH
2522
2523
2524
f89d2485 2525.section "Upgrading Exim" "SECID36"
9b371988 2526.cindex "upgrading Exim"
168e428f
PH
2527If you are already running Exim on your host, building and installing a new
2528version automatically makes it available to MUAs, or any other programs that
2529call the MTA directly. However, if you are running an Exim daemon, you do need
9b371988
PH
2530to send it a HUP signal, to make it re-execute itself, and thereby pick up the
2531new binary. You do not need to stop processing mail in order to install a new
068aaea8
PH
2532version of Exim. The install script does not modify an existing runtime
2533configuration file.
2534
168e428f
PH
2535
2536
2537
f89d2485 2538.section "Stopping the Exim daemon on Solaris" "SECID37"
9b371988 2539.cindex "Solaris" "stopping Exim on"
168e428f 2540The standard command for stopping the mailer daemon on Solaris is
9b371988
PH
2541.code
2542/etc/init.d/sendmail stop
2543.endd
2544If &_/usr/lib/sendmail_& has been turned into a symbolic link, this script
2545fails to stop Exim because it uses the command &'ps -e'& and greps the output
2546for the text &"sendmail"&; this is not present because the actual program name
2547(that is, &"exim"&) is given by the &'ps'& command with these options. A
2548solution is to replace the line that finds the process id with something like
2549.code
2550pid=`cat /var/spool/exim/exim-daemon.pid`
2551.endd
168e428f
PH
2552to obtain the daemon's pid directly from the file that Exim saves it in.
2553
9b371988 2554Note, however, that stopping the daemon does not &"stop Exim"&. Messages can
168e428f
PH
2555still be received from local processes, and if automatic delivery is configured
2556(the normal case), deliveries will still occur.
2557
2558
2559
2560
9b371988
PH
2561. ////////////////////////////////////////////////////////////////////////////
2562. ////////////////////////////////////////////////////////////////////////////
168e428f 2563
9b371988 2564.chapter "The Exim command line" "CHAPcommandline"
4f578862
PH
2565.scindex IIDclo1 "command line" "options"
2566.scindex IIDclo2 "options" "command line"
168e428f
PH
2567Exim's command line takes the standard Unix form of a sequence of options,
2568each starting with a hyphen character, followed by a number of arguments. The
2569options are compatible with the main options of Sendmail, and there are also
2570some additional options, some of which are compatible with Smail 3. Certain
2571combinations of options do not make sense, and provoke an error if used.
2572The form of the arguments depends on which options are set.
2573
2574
f89d2485 2575.section "Setting options by program name" "SECID38"
9b371988
PH
2576.cindex "&'mailq'&"
2577If Exim is called under the name &'mailq'&, it behaves as if the option &%-bp%&
168e428f 2578were present before any other options.
9b371988 2579The &%-bp%& option requests a listing of the contents of the mail queue on the
168e428f
PH
2580standard output.
2581This feature is for compatibility with some systems that contain a command of
2582that name in one of the standard libraries, symbolically linked to
9b371988
PH
2583&_/usr/sbin/sendmail_& or &_/usr/lib/sendmail_&.
2584
2585.cindex "&'rsmtp'&"
2586If Exim is called under the name &'rsmtp'& it behaves as if the option &%-bS%&
2587were present before any other options, for compatibility with Smail. The
2588&%-bS%& option is used for reading in a number of messages in batched SMTP
2589format.
2590
2591.cindex "&'rmail'&"
2592If Exim is called under the name &'rmail'& it behaves as if the &%-i%& and
2593&%-oee%& options were present before any other options, for compatibility with
2594Smail. The name &'rmail'& is used as an interface by some UUCP systems.
2595
2596.cindex "&'runq'&"
2597.cindex "queue runner"
2598If Exim is called under the name &'runq'& it behaves as if the option &%-q%&
2599were present before any other options, for compatibility with Smail. The &%-q%&
168e428f
PH
2600option causes a single queue runner process to be started.
2601
9b371988
PH
2602.cindex "&'newaliases'&"
2603.cindex "alias file" "building"
2604.cindex "Sendmail compatibility" "calling Exim as &'newaliases'&"
2605If Exim is called under the name &'newaliases'& it behaves as if the option
2606&%-bi%& were present before any other options, for compatibility with Sendmail.
168e428f
PH
2607This option is used for rebuilding Sendmail's alias file. Exim does not have
2608the concept of a single alias file, but can be configured to run a given
9b371988 2609command if called with the &%-bi%& option.
168e428f
PH
2610
2611
9b371988
PH
2612.section "Trusted and admin users" "SECTtrustedadmin"
2613Some Exim options are available only to &'trusted users'& and others are
2614available only to &'admin users'&. In the description below, the phrases &"Exim
2615user"& and &"Exim group"& mean the user and group defined by EXIM_USER and
2616EXIM_GROUP in &_Local/Makefile_& or set by the &%exim_user%& and
2617&%exim_group%& options. These do not necessarily have to use the name &"exim"&.
168e428f 2618
9b371988 2619.ilist
f89d2485 2620.cindex "trusted users" "definition of"
9b371988 2621.cindex "user" "trusted definition of"
168e428f 2622The trusted users are root, the Exim user, any user listed in the
9b371988
PH
2623&%trusted_users%& configuration option, and any user whose current group or any
2624supplementary group is one of those listed in the &%trusted_groups%&
168e428f 2625configuration option. Note that the Exim group is not automatically trusted.
9b371988
PH
2626
2627.cindex '&"From"& line'
2628.cindex "envelope sender"
2629Trusted users are always permitted to use the &%-f%& option or a leading
2630&"From&~"& line to specify the envelope sender of a message that is passed to
2631Exim through the local interface (see the &%-bm%& and &%-f%& options below).
2632See the &%untrusted_set_sender%& option for a way of permitting non-trusted
2633users to set envelope senders.
2634
2635.cindex "&'From:'& header line"
2636.cindex "&'Sender:'& header line"
2637For a trusted user, there is never any check on the contents of the &'From:'&
2638header line, and a &'Sender:'& line is never added. Furthermore, any existing
2639&'Sender:'& line in incoming local (non-TCP/IP) messages is not removed.
2640
168e428f
PH
2641Trusted users may also specify a host name, host address, interface address,
2642protocol name, ident value, and authentication data when submitting a message
2643locally. Thus, they are able to insert messages into Exim's queue locally that
2644have the characteristics of messages received from a remote host. Untrusted
9b371988 2645users may in some circumstances use &%-f%&, but can never set the other values
168e428f 2646that are available to trusted users.
9b371988
PH
2647.next
2648.cindex "user" "admin definition of"
2649.cindex "admin user" "definition of"
168e428f 2650The admin users are root, the Exim user, and any user that is a member of the
9b371988 2651Exim group or of any group listed in the &%admin_groups%& configuration option.
168e428f 2652The current group does not have to be one of these groups.
9b371988 2653
168e428f
PH
2654Admin users are permitted to list the queue, and to carry out certain
2655operations on messages, for example, to force delivery failures. It is also
2656necessary to be an admin user in order to see the full information provided by
2657the Exim monitor, and full debugging output.
9b371988
PH
2658
2659By default, the use of the &%-M%&, &%-q%&, &%-R%&, and &%-S%& options to cause
2660Exim to attempt delivery of messages on its queue is restricted to admin users.
2661However, this restriction can be relaxed by setting the &%prod_requires_admin%&
2662option false (that is, specifying &%no_prod_requires_admin%&).
2663
2664Similarly, the use of the &%-bp%& option to list all the messages in the queue
2665is restricted to admin users unless &%queue_list_requires_admin%& is set
168e428f 2666false.
9b371988 2667.endlist
168e428f
PH
2668
2669
9b371988 2670&*Warning*&: If you configure your system so that admin users are able to
168e428f
PH
2671edit Exim's configuration file, you are giving those users an easy way of
2672getting root. There is further discussion of this issue at the start of chapter
9b371988 2673&<<CHAPconf>>&.
168e428f
PH
2674
2675
2676
2677
f89d2485 2678.section "Command line options" "SECID39"
db9452a9
PH
2679Exim's command line options are described in alphabetical order below. If none
2680of the options that specifies a specific action (such as starting the daemon or
2681a queue runner, or testing an address, or receiving a message in a specific
2682format, or listing the queue) are present, and there is at least one argument
2683on the command line, &%-bm%& (accept a local message on the standard input,
2684with the arguments specifying the recipients) is assumed. Otherwise, Exim
2685outputs a brief message about itself and exits.
168e428f 2686
9b371988
PH
2687. ////////////////////////////////////////////////////////////////////////////
2688. Insert a stylized XML comment here, to identify the start of the command line
2689. options. This is for the benefit of the Perl script that automatically
2690. creates a man page for the options.
2691. ////////////////////////////////////////////////////////////////////////////
168e428f 2692
9b371988 2693.literal xml
168e428f 2694<!-- === Start of command line options === -->
9b371988 2695.literal off
168e428f
PH
2696
2697
9b371988
PH
2698.vlist
2699.vitem &%--%&
2700.oindex "--"
2701.cindex "options" "command line; terminating"
168e428f
PH
2702This is a pseudo-option whose only purpose is to terminate the options and
2703therefore to cause subsequent command line items to be treated as arguments
2704rather than options, even if they begin with hyphens.
2705
9b371988
PH
2706.vitem &%--help%&
2707.oindex "&%--help%&"
168e428f
PH
2708This option causes Exim to output a few sentences stating what it is.
2709The same output is generated if the Exim binary is called with no options and
2710no arguments.
2711
4b2241d2
PP
2712.vitem &%--version%&
2713.oindex "&%--version%&"
2714This option is an alias for &%-bV%& and causes version information to be
2715displayed.
2716
a3fb9793
PP
2717.new
2718.vitem &%-Ac%& &&&
2719 &%-Am%&
2720.oindex "&%-Ac%&"
2721.oindex "&%-Am%&"
2722These options are used by Sendmail for selecting configuration files and are
2723ignored by Exim.
2724.wen
2725
9b371988
PH
2726.vitem &%-B%&<&'type'&>
2727.oindex "&%-B%&"
2728.cindex "8-bit characters"
2729.cindex "Sendmail compatibility" "8-bit characters"
168e428f
PH
2730This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
2731clean; it ignores this option.
2732
9b371988
PH
2733.vitem &%-bd%&
2734.oindex "&%-bd%&"
2735.cindex "daemon"
f89d2485 2736.cindex "SMTP" "listener"
9b371988 2737.cindex "queue runner"
168e428f 2738This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
9b371988
PH
2739the &%-bd%& option is combined with the &%-q%&<&'time'&> option, to specify
2740that the daemon should also initiate periodic queue runs.
2741
2742The &%-bd%& option can be used only by an admin user. If either of the &%-d%&
2743(debugging) or &%-v%& (verifying) options are set, the daemon does not
168e428f
PH
2744disconnect from the controlling terminal. When running this way, it can be
2745stopped by pressing ctrl-C.
9b371988 2746
168e428f
PH
2747By default, Exim listens for incoming connections to the standard SMTP port on
2748all the host's running interfaces. However, it is possible to listen on other
2749ports, on multiple ports, and only on specific interfaces. Chapter
9b371988
PH
2750&<<CHAPinterfaces>>& contains a description of the options that control this.
2751
168e428f 2752When a listening daemon
9b371988
PH
2753.cindex "daemon" "process id (pid)"
2754.cindex "pid (process id)" "of daemon"
2755is started without the use of &%-oX%& (that is, without overriding the normal
2756configuration), it writes its process id to a file called &_exim-daemon.pid_&
2757in Exim's spool directory. This location can be overridden by setting
2758PID_FILE_PATH in &_Local/Makefile_&. The file is written while Exim is still
168e428f 2759running as root.
9b371988
PH
2760
2761When &%-oX%& is used on the command line to start a listening daemon, the
2762process id is not written to the normal pid file path. However, &%-oP%& can be
168e428f 2763used to specify a path on the command line if a pid file is required.
9b371988 2764
168e428f 2765The SIGHUP signal
9b371988 2766.cindex "SIGHUP"
3cb1b51e
PH
2767.cindex "daemon" "restarting"
2768can be used to cause the daemon to re-execute itself. This should be done
2769whenever Exim's configuration file, or any file that is incorporated into it by
2770means of the &%.include%& facility, is changed, and also whenever a new version
2771of Exim is installed. It is not necessary to do this when other files that are
9b371988
PH
2772referenced from the configuration (for example, alias files) are changed,
2773because these are reread each time they are used.
2774
2775.vitem &%-bdf%&
2776.oindex "&%-bdf%&"
2777This option has the same effect as &%-bd%& except that it never disconnects
2778from the controlling terminal, even when no debugging is specified.
2779
2780.vitem &%-be%&
2781.oindex "&%-be%&"
2782.cindex "testing" "string expansion"
2783.cindex "expansion" "testing"
168e428f
PH
2784Run Exim in expansion testing mode. Exim discards its root privilege, to
2785prevent ordinary users from using this mode to read otherwise inaccessible
2786files. If no arguments are given, Exim runs interactively, prompting for lines
4f578862 2787of data. Otherwise, it processes each argument in turn.
9b371988
PH
2788
2789If Exim was built with USE_READLINE=yes in &_Local/Makefile_&, it tries
2790to load the &%libreadline%& library dynamically whenever the &%-be%& option is
2791used without command line arguments. If successful, it uses the &[readline()]&
168e428f
PH
2792function, which provides extensive line-editing facilities, for reading the
2793test data. A line history is supported.
9b371988 2794
168e428f 2795Long expansion expressions can be split over several lines by using backslash
068aaea8 2796continuations. As in Exim's run time configuration, white space at the start of
168e428f
PH
2797continuation lines is ignored. Each argument or data line is passed through the
2798string expansion mechanism, and the result is output. Variable values from the
9b371988 2799configuration file (for example, &$qualify_domain$&) are available, but no
3cb1b51e 2800message-specific values (such as &$sender_domain$&) are set, because no message
f89d2485 2801is being processed (but see &%-bem%& and &%-Mset%&).
168e428f 2802
9b371988
PH
2803&*Note*&: If you use this mechanism to test lookups, and you change the data
2804files or databases you are using, you must exit and restart Exim before trying
2805the same lookup again. Otherwise, because each Exim process caches the results
2806of lookups, you will just get the same result as before.
9b371988 2807
3cb1b51e
PH
2808.vitem &%-bem%&&~<&'filename'&>
2809.oindex "&%-bem%&"
2810.cindex "testing" "string expansion"
2811.cindex "expansion" "testing"
2812This option operates like &%-be%& except that it must be followed by the name
2813of a file. For example:
2814.code
2815exim -bem /tmp/testmessage
2816.endd
2817The file is read as a message (as if receiving a locally-submitted non-SMTP
2818message) before any of the test expansions are done. Thus, message-specific
2819variables such as &$message_size$& and &$header_from:$& are available. However,
2820no &'Received:'& header is added to the message. If the &%-t%& option is set,
2821recipients are read from the headers in the normal way, and are shown in the
2822&$recipients$& variable. Note that recipients cannot be given on the command
2823line, because further arguments are taken as strings to expand (just like
2824&%-be%&).
3cb1b51e 2825
9b371988
PH
2826.vitem &%-bF%&&~<&'filename'&>
2827.oindex "&%-bF%&"
2828.cindex "system filter" "testing"
2829.cindex "testing" "system filter"
2830This option is the same as &%-bf%& except that it assumes that the filter being
168e428f
PH
2831tested is a system filter. The additional commands that are available only in
2832system filters are recognized.
2833
9b371988
PH
2834.vitem &%-bf%&&~<&'filename'&>
2835.oindex "&%-bf%&"
2836.cindex "filter" "testing"
2837.cindex "testing" "filter file"
2838.cindex "forward file" "testing"
2839.cindex "testing" "forward file"
2840.cindex "Sieve filter" "testing"
168e428f
PH
2841This option runs Exim in user filter testing mode; the file is the filter file
2842to be tested, and a test message must be supplied on the standard input. If
2843there are no message-dependent tests in the filter, an empty file can be
2844supplied.
168e428f 2845
9b371988
PH
2846If you want to test a system filter file, use &%-bF%& instead of &%-bf%&. You
2847can use both &%-bF%& and &%-bf%& on the same command, in order to test a system
2848filter and a user filter in the same run. For example:
2849.code
2850exim -bF /system/filter -bf /user/filter </test/message
2851.endd
168e428f
PH
2852This is helpful when the system filter adds header lines or sets filter
2853variables that are used by the user filter.
168e428f 2854
9b371988
PH
2855If the test filter file does not begin with one of the special lines
2856.code
2857# Exim filter
2858# Sieve filter
2859.endd
2860it is taken to be a normal &_.forward_& file, and is tested for validity under
2861that interpretation. See sections &<<SECTitenonfilred>>& to
2862&<<SECTspecitredli>>& for a description of the possible contents of non-filter
2863redirection lists.
2864
2865The result of an Exim command that uses &%-bf%&, provided no errors are
168e428f
PH
2866detected, is a list of the actions that Exim would try to take if presented
2867with the message for real. More details of filter testing are given in the
9b371988
PH
2868separate document entitled &'Exim's interfaces to mail filtering'&.
2869
168e428f 2870When testing a filter file,
9b371988
PH
2871.cindex "&""From""& line"
2872.cindex "envelope sender"
f89d2485 2873.oindex "&%-f%&" "for filter testing"
9b371988
PH
2874the envelope sender can be set by the &%-f%& option,
2875or by a &"From&~"& line at the start of the test message. Various parameters
2876that would normally be taken from the envelope recipient address of the message
2877can be set by means of additional command line options (see the next four
2878options).
2879
2880.vitem &%-bfd%&&~<&'domain'&>
2881.oindex "&%-bfd%&"
f89d2485 2882.vindex "&$qualify_domain$&"
168e428f 2883This sets the domain of the recipient address when a filter file is being
9b371988
PH
2884tested by means of the &%-bf%& option. The default is the value of
2885&$qualify_domain$&.
168e428f 2886
9b371988
PH
2887.vitem &%-bfl%&&~<&'local&~part'&>
2888.oindex "&%-bfl%&"
168e428f 2889This sets the local part of the recipient address when a filter file is being
9b371988 2890tested by means of the &%-bf%& option. The default is the username of the
168e428f
PH
2891process that calls Exim. A local part should be specified with any prefix or
2892suffix stripped, because that is how it appears to the filter when a message is
2893actually being delivered.
2894
9b371988
PH
2895.vitem &%-bfp%&&~<&'prefix'&>
2896.oindex "&%-bfp%&"
168e428f 2897This sets the prefix of the local part of the recipient address when a filter
9b371988 2898file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2899prefix.
2900
9b371988
PH
2901.vitem &%-bfs%&&~<&'suffix'&>
2902.oindex "&%-bfs%&"
168e428f 2903This sets the suffix of the local part of the recipient address when a filter
9b371988 2904file is being tested by means of the &%-bf%& option. The default is an empty
168e428f
PH
2905suffix.
2906
9b371988
PH
2907.vitem &%-bh%&&~<&'IP&~address'&>
2908.oindex "&%-bh%&"
2909.cindex "testing" "incoming SMTP"
2910.cindex "SMTP" "testing incoming"
2911.cindex "testing" "relay control"
2912.cindex "relaying" "testing configuration"
2913.cindex "policy control" "testing"
2914.cindex "debugging" "&%-bh%& option"
168e428f
PH
2915This option runs a fake SMTP session as if from the given IP address, using the
2916standard input and output. The IP address may include a port number at the end,
2917after a full stop. For example:
9b371988
PH
2918.code
2919exim -bh 10.9.8.7.1234
2920exim -bh fe80::a00:20ff:fe86:a061.5678
2921.endd
168e428f 2922When an IPv6 address is given, it is converted into canonical form. In the case
9b371988
PH
2923of the second example above, the value of &$sender_host_address$& after
2924conversion to the canonical form is
2925&`fe80:0000:0000:0a00:20ff:fe86:a061.5678`&.
2926
168e428f 2927Comments as to what is going on are written to the standard error file. These
9b371988 2928include lines beginning with &"LOG"& for anything that would have been logged.
168e428f
PH
2929This facility is provided for testing configuration options for incoming
2930messages, to make sure they implement the required policy. For example, you can
9b371988
PH
2931test your relay controls using &%-bh%&.
2932
2933&*Warning 1*&:
2934.cindex "RFC 1413"
db9452a9
PH
2935You can test features of the configuration that rely on ident (RFC 1413)
2936information by using the &%-oMt%& option. However, Exim cannot actually perform
2937an ident callout when testing using &%-bh%& because there is no incoming SMTP
2938connection.
9b371988
PH
2939
2940&*Warning 2*&: Address verification callouts (see section &<<SECTcallver>>&)
2941are also skipped when testing using &%-bh%&. If you want these callouts to
2942occur, use &%-bhc%& instead.
2943
168e428f
PH
2944Messages supplied during the testing session are discarded, and nothing is
2945written to any of the real log files. There may be pauses when DNS (and other)
9b371988 2946lookups are taking place, and of course these may time out. The &%-oMi%& option
db9452a9
PH
2947can be used to specify a specific IP interface and port if this is important,
2948and &%-oMaa%& and &%-oMai%& can be used to set parameters as if the SMTP
2949session were authenticated.
9b371988
PH
2950
2951The &'exim_checkaccess'& utility is a &"packaged"& version of &%-bh%& whose
168e428f 2952output just states whether a given recipient address from a given host is
9b371988 2953acceptable or not. See section &<<SECTcheckaccess>>&.
168e428f 2954
3cb1b51e 2955Features such as authentication and encryption, where the client input is not
f89d2485
PH
2956plain text, cannot easily be tested with &%-bh%&. Instead, you should use a
2957specialized SMTP test program such as
3cb1b51e 2958&url(http://jetmore.org/john/code/#swaks,swaks).
3cb1b51e 2959
9b371988
PH
2960.vitem &%-bhc%&&~<&'IP&~address'&>
2961.oindex "&%-bhc%&"
2962This option operates in the same way as &%-bh%&, except that address
168e428f
PH
2963verification callouts are performed if required. This includes consulting and
2964updating the callout cache database.
2965
9b371988
PH
2966.vitem &%-bi%&
2967.oindex "&%-bi%&"
2968.cindex "alias file" "building"
2969.cindex "building alias file"
2970.cindex "Sendmail compatibility" "&%-bi%& option"
2971Sendmail interprets the &%-bi%& option as a request to rebuild its alias file.
168e428f 2972Exim does not have the concept of a single alias file, and so it cannot mimic
9b371988 2973this behaviour. However, calls to &_/usr/lib/sendmail_& with the &%-bi%& option
168e428f
PH
2974tend to appear in various scripts such as NIS make files, so the option must be
2975recognized.
9b371988
PH
2976
2977If &%-bi%& is encountered, the command specified by the &%bi_command%&
168e428f 2978configuration option is run, under the uid and gid of the caller of Exim. If
9b371988
PH
2979the &%-oA%& option is used, its value is passed to the command as an argument.
2980The command set by &%bi_command%& may not contain arguments. The command can
2981use the &'exim_dbmbuild'& utility, or some other means, to rebuild alias files
2982if this is required. If the &%bi_command%& option is not set, calling Exim with
2983&%-bi%& is a no-op.
2984
12f69989 2985.new
36a3ae5f 2986. // Keep :help first, then the rest in alphabetical order
98a90c36
PP
2987.vitem &%-bI:help%&
2988.oindex "&%-bI:help%&"
2989.cindex "querying exim information"
2990We shall provide various options starting &`-bI:`& for querying Exim for
2991information. The output of many of these will be intended for machine
2992consumption. This one is not. The &%-bI:help%& option asks Exim for a
2993synopsis of supported options beginning &`-bI:`&. Use of any of these
2994options shall cause Exim to exit after producing the requested output.
2995
36a3ae5f
PP
2996.vitem &%-bI:dscp%&
2997.oindex "&%-bI:dscp%&"
2998.cindex "DSCP" "values"
2999This option causes Exim to emit an alphabetically sorted list of all
3000recognised DSCP names.
3001
98a90c36
PP
3002.vitem &%-bI:sieve%&
3003.oindex "&%-bI:sieve%&"
3004.cindex "Sieve filter" "capabilities"
3005This option causes Exim to emit an alphabetically sorted list of all supported
3006Sieve protocol extensions on stdout, one per line. This is anticipated to be
3007useful for ManageSieve (RFC 5804) implementations, in providing that protocol's
3008&`SIEVE`& capability response line. As the precise list may depend upon
3009compile-time build options, which this option will adapt to, this is the only
3010way to guarantee a correct response.
12f69989 3011.wen
98a90c36 3012
9b371988
PH
3013.vitem &%-bm%&
3014.oindex "&%-bm%&"
3015.cindex "local message reception"
168e428f 3016This option runs an Exim receiving process that accepts an incoming,
a543079f 3017locally-generated message on the standard input. The recipients are given as the
9b371988 3018command arguments (except when &%-t%& is also present &-- see below). Each
168e428f
PH
3019argument can be a comma-separated list of RFC 2822 addresses. This is the
3020default option for selecting the overall action of an Exim call; it is assumed
3021if no other conflicting option is present.
9b371988 3022
168e428f 3023If any addresses in the message are unqualified (have no domain), they are
9b371988
PH
3024qualified by the values of the &%qualify_domain%& or &%qualify_recipient%&
3025options, as appropriate. The &%-bnq%& option (see below) provides a way of
168e428f 3026suppressing this for special cases.
9b371988 3027
168e428f 3028Policy checks on the contents of local messages can be enforced by means of
9b371988
PH
3029the non-SMTP ACL. See chapter &<<CHAPACL>>& for details.
3030
3031.cindex "return code" "for &%-bm%&"
3032The return code is zero if the message is successfully accepted. Otherwise, the
3033action is controlled by the &%-oe%&&'x'& option setting &-- see below.
3034
168e428f 3035The format
9b371988
PH
3036.cindex "message" "format"
3037.cindex "format" "message"
3038.cindex "&""From""& line"
3039.cindex "UUCP" "&""From""& line"
3040.cindex "Sendmail compatibility" "&""From""& line"
168e428f
PH
3041of the message must be as defined in RFC 2822, except that, for
3042compatibility with Sendmail and Smail, a line in one of the forms
9b371988
PH
3043.code
3044From sender Fri Jan 5 12:55 GMT 1997
3045From sender Fri, 5 Jan 97 12:55:01
3046.endd
168e428f
PH
3047(with the weekday optional, and possibly with additional text after the date)
3048is permitted to appear at the start of the message. There appears to be no
3049authoritative specification of the format of this line. Exim recognizes it by
9b371988 3050matching against the regular expression defined by the &%uucp_from_pattern%&
168e428f 3051option, which can be changed if necessary.
9b371988 3052
f89d2485
PH
3053.oindex "&%-f%&" "overriding &""From""& line"
3054The specified sender is treated as if it were given as the argument to the
9b371988 3055&%-f%& option, but if a &%-f%& option is also present, its argument is used in
168e428f
PH
3056preference to the address taken from the message. The caller of Exim must be a
3057trusted user for the sender of a message to be set in this way.
3058
5b257915
PP
3059.vitem &%-bmalware%&&~<&'filename'&>
3060.oindex "&%-bmalware%&"
3061.cindex "testing", "malware"
3062.cindex "malware scan test