(1) Added $host_lookup_deferred.

[exim.git] / doc / doc-src / spec.src

. $Cambridge: exim/doc/doc-src/spec.src,v 1.3 2005/01/14 16:18:57 tom Exp $
.
.set version "4.50"
.set previousversion "4.40"
.set versionmonth "January"
.set versionyear "2005"
.set ACL "ACL"

. The last of those is to make ACL index entries easier to type. It is put
. up here so that it gets picked up by the HTML converter, which otherwise
. skips to the first chapter. A longer version is set below for use in the
. printed index.

.set sgcal true
.set html  false
.set texinfo false

.if !set style
.library "a4ps"
.linelength ~~sys.linelength + 0.2in
.set newlinelength ~~sys.linelength
.emphasis ~~sys.linelength + 0.1in
.pagedepth ~~sys.pagedepth - 0.2in
.bindfont 51 "atl/Times-Bold" 9
.bindfont 52 "atl/Times-Roman" 9
.bindfont 53 "atl/Times-Roman" 7
.bindfont 54 "atl/Courier" 9
.bindfont 55 "atl/Courier-Bold" ~~maintypesize
.bindfont 56 "atl/Times-Italic" 7
.bindfont 57 "atl/Times-Bold" 7
.bindfont 58 "atl/Symbol" 7
.set ssspaceb 1.50

.if ~~sgcal
. Used for the "small print" incorporated code stuff. Only rm, it, bf, sp are
. actually used at present.
.              rm  it  sl  bf  bi  ss  tt  sp  sc
.fontgroup 9 = 53  56   0  57   0   0   0  58   0
.fi
.fi

.if !~~sys.fancy
.fontgroup 9 = 0  0  0  0  0  0  0  0  0
.fi

.include "markup.sg"

.if ~~sys.fancy
.flag $smc{ "$push$g0$f54"
.flag $sm{  "$push$g0$f53"
.flag $smi{ "$push$g0$f56"
.flag $as{  "$push$g0$f52"
.flag $ab{  "$push$g0$f51"
.flag $cb{  "$push$g0$f55"
.
.else
.flag $smc{ "$push"
.flag $sm{  "$push"
.flag $smi{ "$push"
.flag $cb{  "$push"
.fi

.macro isunderscore "string"
.set string "~~1"
.set length length "~~1"
.undrec 1
.endm

.macro undrec "offset"
.if ~~1 > ~~length
.set underscore false
.else
.set sub "~~string"(1,~~1)
.if "~~sub" == "_"
.set underscore true
.else
.set next ~~1 + 1
.undrec ~~next
.fi
.fi
.endm

.macro testunderscore "string"
.isunderscore "~~1"
.newline
.endm

.macro tabs 6
.if ~~sys.fancy
.tabset ~~1em
.else
.set temp (~~1 * 5)/4
.tabset ~~temp em
.fi
.endm

.macro startoptions
.newline
.push
.if ~~sys.fancy
.indent 6em
.else
.indent 7em
.fi
.endm

.macro endoptions
.newline
.pop
.endm

.macro option "option" ""
.newpar
.index \-~~1-\ option
.tempindent 0
\-~~1-\~~2#$i
.nosep
.endm

.macro startitems
.newline
.push
.indent 3em
.endm

.macro enditems
.newline
.pop
.endm

.macro item "item" "6"
.newpar
.if ~~sys.leftonpage < ~~2ld
.newpage
.fi
.tempindent 0
\**~~1**\
.blank
.endm

.macro startconf
.newline
.push
.if ~~sys.fancy
.indent 2em
.tabset 9em
.else
.indent 4em
.tabset 13em
.fi
.endm

.macro endconf
.newline
.pop
.endm

.macro conf "option" "type" "default" "6"
.newpar
.if ~~sys.leftonpage < ~~4ld
.newpage
.fi
.testunderscore "~~1"
.if ~~underscore
.index \~~1\
.else
.index \~~1\ option
.fi
.tempindent 0
\**~~1**\ $c $rm{Type:} $it{~~2} $e $rm{Default:} $it{~~3}
.blank
.endm

.set contents true
.set figurenumber -1
.set displayindent 2em

.index @$1, @$2, etc. $it{see numerical variables}
.index address||rewriting $it{see rewriting}
.index CR character $it{see carriage return}
.index CRL $it{see certificate revocation list}
.index delivery||failure report $it{see bounce message}
.index dialup $it{see intermittently connected hosts}
.index exiscan $it{see content scanning}
.index failover $it{see fallback}
.index fallover $it{see fallback}
.index filter||Sieve $it{see Sieve filter}
.index ident $it{see RFC 1413}
.index LF character $it{see linefeed}
.index maximum $it{see limit}
.index NUL $it{see binary zero}
.index process id $it{see pid}
.index RBL $it{see DNS list}
.index redirection $it{see address redirection}
.index return path||$it{see also envelope sender}
.index scanning $it{see content scanning}
.index SSL $it{see TLS}
.index string||expansion $it{see expansion}
.index top bit $it{see 8-bit characters}
.index variables $it{see expansion, variables}
.index zero, binary $it{see binary zero}

. This is used for the printed index. See setting above for
. the HTML index value.

.set ACL "access control lists (ACLs)"

. ======================================================

.push
.disable filling
.justify centre
.nofoot
.space 8ld
$chead{University of Cambridge Computing Service}
.space 2ld
$chead{Specification of the Exim Mail Transfer Agent}
.space 3ld
by
.space 1ld
Philip Hazel
.space ~~sys.leftonpage - 15*~~sys.linedepth
.justify left
University Computing Service
New Museums Site
Pembroke Street
Cambridge CB2 3QH
United Kingdom
.blank
.tabs 6
$it{phone:} $t +44 1223 334600
$it{fax:}   $t +44 1223 334679
$it{email:} $t ph10 $it{at} cus.cam.ac.uk
.blank
Edition for Exim ~~version, ~~versionmonth ~~versionyear
.space 2ld
.if ~~sgcal
.fontgroup 1
.fi
$c$rm{Copyright (c) University of Cambridge ~~versionyear}


.if ~~sgcal
.fontgroup 0
.font 0
.fi

.pop
.newpage

. Blank verso for title page
.space 1ld
.newpage


. Set up for actual text pages
.page 1
. The first one to prevent a warning from sgfr
. set runningfoot "~~chapter"
.set runningfoot ""

.if ~~sys.fancy
.footdepth 2ld
.foot
.if "~~runningfoot" == ""
.set rhs ""
.else
.set rhs "~~runningfoot (~~chapter)"
.fi
.set lhs "Exim ~~version"
.linelength ~~newlinelength
$it{~~lhs}$c[~~sys.pagenumber]$e$it{~~rhs}
.endfoot
.fi




.
.
.
.
. ============================================================================
.chapter Introduction
.set runningfoot "introduction"

.if ~~sys.fancy
$c$bi{If I have seen further it is by standing on the shoulders of giants.}##(Isaac Newton)
.elif !~~html
$c"If I have seen further it is by standing on the shoulders of giants."
.newline
$e (Isaac Newton)
.else
\*If I have seen further it is by standing on the shoulders of giants.*\
(Isaac Newton).
.fi
.blank 4

Exim is a mail transfer agent (MTA) for hosts that are running Unix or
Unix-like operating systems. It was designed on the assumption that it would be
run on hosts that are permanently connected to the Internet. However, it can be
used on intermittently connected hosts with suitable configuration adjustments.

Configuration files currently exist for the following operating systems: AIX,
BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, FreeBSD, GNU/Hurd, GNU/Linux,
HI-OSF (Hitachi), HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD, QNX, SCO, SCO
SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4, Tru64-Unix (formerly
Digital UNIX, formerly DEC-OSF1), Ultrix, and Unixware. Some of these operating
systems are no longer current and cannot easily be tested, so the configuration
files may no longer work in practice.

There are also configuration files for compiling Exim in the Cygwin environment
that can be installed on systems running Windows. However, this document does
not contain any information about running Exim in the Cygwin environment.

The terms and conditions for the use and distribution of Exim are contained in
the file \(NOTICE)\. Exim is distributed under the terms of the GNU General
Public Licence, a copy of which may be found in the file \(LICENCE)\.

The use, supply or promotion of Exim for the purpose of sending bulk,
unsolicited electronic mail is incompatible with the basic aims of the program,
which revolve around the free provision of a service that enhances the quality
of personal communications. The author of Exim regards indiscriminate
mass-mailing as an antisocial, irresponsible abuse of the Internet.

Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
experience of running and working on the Smail 3 code, I could never have
contemplated starting to write a new MTA. Many of the ideas and user interfaces
were originally taken from Smail 3, though the actual code of Exim is entirely
new, and has developed far beyond the initial concept.

Many people, both in Cambridge and around the world, have contributed to the
development and the testing of Exim, and to porting it to various operating
systems. I am grateful to them all. The distribution now contains a file called
\(ACKNOWLEDGMENTS)\, in which I have started recording the names of
contributors.

.section Exim documentation
.index documentation
This edition of the Exim specification applies to version ~~version of Exim.
Substantive changes from the ~~previousversion edition are marked by bars in
the right-hand margin in the PostScript, PDF, and plain text versions of the
document, and by green text in the HTML version, as shown by this paragraph.
Changes are not marked in the Texinfo version, because Texinfo doesn't support
change bars. Minor corrections and rewordings are not marked.

This document is very much a reference manual; it is not a tutorial. The reader
is expected to have some familiarity with the SMTP mail transfer protocol and
with general Unix system administration. Although there are some discussions
and examples in places, the information is mostly organized in a way that makes
it easy to look up, rather than in a natural order for sequential reading.
Furthermore, the manual aims to cover every aspect of Exim in detail, including
a number of rarely-used, special-purpose features that are unlikely to be of
very wide interest.

.index books about Exim
An `easier' discussion of Exim which provides more in-depth explanatory,
introductory, and tutorial material can be found in a book entitled
.if ~~html
[(A HREF="http://www.uit.co.uk/exim-book/")]
$it{The Exim SMTP Mail Server},
[(/A)]
published by UIT Cambridge.
.else
$it{The Exim SMTP Mail Server}, published by UIT Cambridge
(\?http://www.uit.co.uk/exim-book/?\).
.fi

This book also contains a chapter that gives a general introduction to SMTP and
Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
with the latest release of Exim. (Note that the earlier book about Exim,
published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)

.index \(doc/NewStuff)\
.index \(doc/ChangeLog)\
.index change log
As the program develops, there may be features in newer versions that have not
yet made it into this document, which is updated only when the most significant
digit of the fractional part of the version number changes. However,
specifications of new features that are not yet in this manual are placed in
the file \(doc/NewStuff)\ in the Exim distribution. All changes to the program
(whether new features, bug fixes, or other kinds of change) are noted briefly
in the file called \(doc/ChangeLog)\.

.index \(doc/spec.txt)\
This specification itself is available as an ASCII file in \(doc/spec.txt)\ so
that it can easily be searched with a text editor. Other files in the \(doc)\
directory are:
.display rm
.tabs 18
\(OptionLists.txt)\   $t $rm{list of all options in alphabetical order}
\(dbm.discuss.txt)\   $t $rm{discussion about DBM libraries}
\(exim.8)\            $t $rm{a man page of Exim's command line options}
\(filter.txt)\        $t $rm{specification of the filter language}
\(pcrepattern.txt)\   $t $rm{specification of PCRE regular expressions}
\(pcretest.txt)\      $t $rm{specification of the PCRE testing program}
\(Exim3.upgrade)\     $t $rm{upgrade notes from release 2 to release 3}
\(Exim4.upgrade)\     $t $rm{upgrade notes from release 3 to release 4}
.endd
The main specification and the specification of the filtering language are also
available in other formats (HTML, PostScript, PDF, and Texinfo). Section
~~SECTavail below tells you how to get hold of these.


.section FTP and web sites, and mailing list
.index web site
.index FTP site
The primary distribution site for Exim is an FTP site, whose contents are
described in \*Where to find the Exim distribution*\ below. In addition,
there is a web site at \?http://www.exim.org?\ by courtesy of Energis Squared,
formerly Planet Online Ltd, who are situated in the UK. The site is mirrored in
a number of other countries; links to the mirrors are listed on the home page.
The web site contains the Exim distribution, and you can also find the
documentation and the
.index FAQ
.if ~~html
[(A HREF="FAQ.html")]
.fi
FAQ
.if ~~html
[(/A)]
.fi
online there, as well as other relevant material.

.index mailing lists||for Exim users
Energis Squared also provide resources for the following mailing lists:
.display rm
.tabs 28
$it{exim-users@@exim.org}          $t general discussion list
$it{exim-announce@@exim.org}       $t moderated, low volume announcements list
.endd
You can subscribe to these lists, change your existing subscriptions, and view
or search the archives via the
.if ~~html
[(A HREF="http://www.exim.org/maillist.html")]
.fi
mailing lists
.if ~~html
[(/A)]
.fi
link on the Exim home page. The $it{exim-users} mailing list is also forwarded
to \?http://www.egroups.com/list/exim-users?\, an archiving system with
searching capabilities.

.section Exim training
.index training courses
From time to time (approximately annually at the time of writing),
lecture-based training courses are run by the author of Exim in Cambridge, UK.
Details can be found on the web site
.if ~~html
[(A HREF="http://www-tus.csx.cam.ac.uk/courses/exim/")]
.fi
\?http://www-tus@.csx@.cam@.ac.uk/courses/exim/?\.
.if ~~html
[(/A)]
.fi

.section Bug reports
.index bug reports
.index reporting bugs
Reports of obvious bugs should be emailed to \*bugs@@exim.org*\. However, if
you are unsure whether some behaviour is a bug or not, the best thing to do is
to post a message to the $it{exim-users} mailing list and have it discussed.


.section Where to find the Exim distribution
.rset SECTavail "~~chapter.~~section"
.index FTP site
.index distribution||ftp site
The master ftp site for the Exim distribution is
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim?\
.endd
Within that directory there are subdirectories called \(exim3)\ (for previous
Exim 3 distributions), \(exim4)\ (for the latest Exim 4 distributions), and
\(Testing)\ for occasional testing versions. Those mirror sites that I know
about are listed in the file
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Mirrors?\
.endd
In the \(exim4)\ subdirectory, the current release can always be found in
files called
.display rm
\(exim-$it{n.nn}.tar.gz)\
\(exim-$it{n.nn}.tar.bz2)\
.endd
where $it{n.nn} is the highest such version number in the directory. The two
files contain identical data; the only difference is the type of compression.
The \(.bz2)\ file is usually a lot smaller than the \(.gz)\ file.
.index distribution||signing details
.index distribution||public key
.index public key for signed distribution
The distributions are signed with Philip Hazel's GPG key.
The corresponding public key is available from a number of keyservers, and
there is also a copy in the file:
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Public-Key?\
.endd
The signatures for the tar bundles are in:
.display rm
\(exim-$it{n.nn}.tar.gz.sig)\
\(exim-$it{n.nn}.tar.bz2.sig)\
.endd

When there is only a small amount of change from one release to the next, a
patch file may be provided, with a final component name of the form
.display rm
\(exim-patch-$it{n.nn}-$it{m.mm}.gz)\
.endd
For each released version, the log of changes is made separately available in
the directory
.display rm
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/ChangeLogs?\
.endd
so that it is possible to find out what has changed without having to download
the entire distribution.

.index documentation||available formats
The main distribution contains ASCII versions of this specification and other
documentation; other formats of the documents are available in separate files
inside the \(exim4)\ directory of the FTP site:
.display rm
\(exim-html-$it{n.nn}.tar.gz)\
\(exim-pdf-$it{n.nn}.tar.gz)\
\(exim-postscript-$it{n.nn}.tar.gz)\
\(exim-texinfo-$it{n.nn}.tar.gz)\
.endd
These tar files contain only the \(doc)\ directory, not the complete
distribution, and are also available in \(.bz2)\ as well as \(.gz)\ forms.

.index FAQ
The FAQ is available for downloading in two different formats from
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/FAQ.txt.gz?\
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/FAQ.html.tar.gz?\
.endd
The first of these is a single ASCII file that can be searched with a text
editor. The second is a directory of HTML files, normally accessed by starting
at \(index.html)\. The HTML version of the FAQ (which is also included in the
HTML documentation tarbundle) includes a keyword-in-context index, which is
often the most convenient way of finding your way around.

.section Wish list
.index wish list
A wish list is maintained, containing ideas for new features that have been
submitted. From time to time the file is exported to the ftp site:
.display rm
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/WishList?\
.endd
Items are removed from the list if they get implemented.


.section Contributed material
.index contributed material
At the ftp site, there is a directory called
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/Contrib/?\
.endd
which contains miscellaneous files contributed to the Exim community by Exim
users. There is also a collection of contributed configuration examples in
.display rm
.if ! ~~sys.fancy
.indent 0
.fi
\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/config.samples.tar.gz?\
.endd
These samples are referenced from the FAQ.


.section Limitations
.index limitations of Exim
.numberpars $.
Exim is designed for use as an Internet MTA, and therefore handles addresses
in RFC 2822 domain format only.
.index bang paths||not handled by Exim
It cannot handle UUCP `bang paths', though simple two-component bang paths can
be converted by a straightforward rewriting configuration. This restriction
does not prevent Exim from being interfaced to UUCP as a transport mechanism,
provided that domain addresses are used.
.nextp
.index domainless addresses
.index address||without domain
Exim insists that every address it handles has a domain attached. For incoming
local messages, domainless addresses are automatically qualified with a
configured domain value. Configuration options specify from which remote
systems unqualified addresses are acceptable. These are then qualified on
arrival.
.nextp
.index transport||external
.index external transports
The only external transport currently implemented is an SMTP transport over a
TCP/IP network (using sockets, including support for IPv6). However, a pipe
transport is available, and there are facilities for writing messages to files
and pipes, optionally in \*batched SMTP*\ format; these facilities can be used
to send messages to some other transport mechanism such as UUCP, provided it
can handle domain-style addresses. Batched SMTP input is also catered for.
.nextp
Exim is not designed for storing mail for dial-in hosts. When the volumes of
such mail are large, it is better to get the messages `delivered' into files
(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
other means.
.nextp
Although Exim does have some facilities for scanning incoming messages, these
are not comprehensive enough to do full virus or spam scanning. Such operations
are best carried out using additional specialized software packages.
.endp



.section Run time configuration
Exim's run time configuration is held in a single text file that is divided
into a number of sections. The entries in this file consist of keywords and
values, in the style of Smail 3 configuration files. A default configuration
file which is suitable for simple online installations is provided in the
distribution, and is described in chapter ~~CHAPdefconfil below.


.section Calling interface
.index Sendmail compatibility||command line interface
Like many MTAs, Exim has adopted the Sendmail command line interface so that it
can be a straight replacement for \(/usr/lib/sendmail)\ or
\(/usr/sbin/sendmail)\ when sending mail, but you do not need to know anything
about Sendmail in order to run Exim. For actions other than sending messages,
Sendmail-compatible options also exist, but those that produce output (for
example, \-bp-\, which lists the messages on the queue) do so in Exim's own
format. There are also some additional options that are compatible with Smail
3, and some further options that are new to Exim. Chapter ~~CHAPcommandline
documents all Exim's command line options. This information is automatically
made into the man page that forms part of the Exim distribution.

Control of messages on the queue can be done via certain privileged command
line options. There is also an optional monitor program called \*eximon*\, which
displays current information in an X window, and which contains a menu
interface to Exim's command line administration options.


.section Terminology
.index terminology definitions
.index body of message||definition of
The \*body*\ of a message is the actual data that the sender wants to transmit.
It is the last part of a message, and is separated from the \*header*\ (see
below) by a blank line.

.index bounce message||definition of
When a message cannot be delivered, it is normally returned to the sender in a
delivery failure message. The term \*bounce*\ is commonly used for this action,
and the error reports are often called \*bounce messages*\. This is a
convenient shorthand for `delivery failure error report'. Such messages have an
empty sender address in the message's \*envelope*\ (see below) to ensure that
they cannot themselves give rise to further bounce messages.

The term \*default*\ appears frequently in this manual. It is used to qualify a
value which is used in the absence of any setting in the configuration. It may
also qualify an action which is taken unless a configuration setting specifies
otherwise.

The term \*defer*\ is used when the delivery of a message to a specific
destination cannot immediately take place for some reason (a remote host may be
down, or a user's local mailbox may be full). Such deliveries are \*deferred*\
until a later time.

The word \*domain*\ is sometimes used to mean all but the first component of a
host's name. It is $it{not} used in that sense here, where it normally
refers to the part of an email address following the @@ sign.

.index envelope, definition of
.index sender||definition of
A message in transit has an associated \*envelope*\, as well as a header and a
body. The envelope contains a sender address (to which bounce messages should
be delivered), and any number of recipient addresses. References to the
sender or the recipients of a message usually mean the addresses in the
envelope. An MTA uses these addresses for delivery, and for returning bounce
messages, not the addresses that appear in the header lines.

.index message||header, definition of
.index header section||definition of
The \*header*\ of a message is the first part of a message's text, consisting
of a number of lines, each of which has a name such as ::From::, ::To::,
::Subject::, etc. Long header lines can be split over several text lines by
indenting the continuations. The header is separated from the body by a blank
line.

.index local part||definition of
.index domain||definition of
The term \*local part*\, which is taken from RFC 2822, is used to refer to that
part of an email address that precedes the @@ sign. The part that follows the
@@ sign is called the \*domain*\ or \*mail domain*\.

.index local delivery||definition of
.index remote delivery, definition of
The terms \*local delivery*\ and \*remote delivery*\ are used to distinguish
delivery to a file or a pipe on the local host from delivery by SMTP over
TCP/IP to a remote host.

.index return path||definition of
\*Return path*\ is another name that is used for the sender address in a
message's envelope.

.index queue||definition of
The term \*queue*\ is used to refer to the set of messages awaiting delivery,
because this term is in widespread use in the context of MTAs. However, in
Exim's case the reality is more like a pool than a queue, because there is
normally no ordering of waiting messages.

.index queue runner||definition of
The term \*queue runner*\ is used to describe a process that scans the queue
and attempts to deliver those messages whose retry times have come. This term
is used by other MTAs, and also relates to the command \runq\, but in Exim
the waiting messages are normally processed in an unpredictable order.

.index spool directory||definition of
The term \*spool directory*\ is used for a directory in which Exim keeps the
messages on its queue -- that is, those that it is in the process of
delivering. This should not be confused with the directory in which local
mailboxes are stored, which is called a `spool directory' by some people. In
the Exim documentation, `spool' is always used in the first sense.



.
.
.
.
. ============================================================================
.chapter Incorporated code
.set runningfoot "incorporated code"
.index incorporated code
.index regular expressions||library
.index PCRE
A number of pieces of external code are included in the Exim distribution.
.numberpars $.
Regular expressions are supported in the main Exim program and in the Exim
monitor using the freely-distributable PCRE library, copyright (c) 2003
University of Cambridge. The source is distributed in the directory
\(src/pcre)\. However, this is a cut-down version of PCRE. If you want to use
the PCRE library in other programs, you should obtain and install the full
version from \?ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre?\.

.space 1ld
.nextp
.index cdb||acknowledgement
Support for the cdb (Constant DataBase) lookup method is provided by code
contributed by Nigel Metheringham of Planet Online Ltd. which contains the
following statements:
.rule
.push
.if ~~sgcal
.fontgroup 9
.font 0
.fi
Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version.

This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
the spec and sample code for cdb can be obtained from
\?http://www.pobox.com/@~djb/cdb.html?\. This implementation borrows some code
from Dan Bernstein's implementation (which has no license restrictions applied
to it).
.newline
.pop
.rule
The implementation is completely contained within the code of Exim.
It does not link against an external cdb library.
.space 1ld
.nextp
.index SPA authentication
.index Samba project
.index Microsoft Secure Password Authentication
Client support for Microsoft's \*Secure Password Authentication*\ is provided
by code contributed by Marc Prud'hommeaux. Server support was contributed by
Tom Kistner. This includes code taken from the Samba project, which is released
under the Gnu GPL.

.space 1ld
.nextp
.index Cyrus
.index \*pwcheck*\ daemon
.index \*pwauthd*\ daemon
Support for calling the Cyrus \*pwcheck*\ and \*saslauthd*\ daemons is provided
by code taken from the Cyrus-SASL library and adapted by Alexander S.
Sabourenkov. The permission notice appears below, in accordance with the
conditions expressed therein.

.rule
.push
.if ~~sgcal
.fontgroup 9
.font 0
.fi
Copyright (c) 2001 Carnegie Mellon University.  All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

.if ~~sgcal
.cancelflag $npbracket
.flag $npbracket "" "."
.fi
.numberpars
Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
.nextp
Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
.nextp
The name `Carnegie Mellon University' must not be used to
endorse or promote products derived from this software without
prior written permission. For permission or any other legal
details, please contact
.display rm
Office of Technology Transfer
Carnegie Mellon University
5000 Forbes Avenue
Pittsburgh, PA  15213-3890
(412) 268-4387, fax: (412) 268-7395
tech-transfer@@andrew.cmu.edu
.endd
.nextp
Redistributions of any form whatsoever must retain the following
acknowledgment:
.newline
.push
.indent ~~sys.indent + 3em
.justify left
$it{This product includes software developed by Computing Services
at Carnegie Mellon University (\?http://www.cmu.edu/computing/?\).}
.newline
.pop
.endp
.if ~~sgcal
.cancelflag $npbracket
.flag $npbracket "(" ")"
.fi

CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.newline
.pop
.rule

.space 1ld
.nextp
.index monitor
.index X-windows
.index Athena
The Exim Monitor program, which is an X-Window application, includes
modified versions of the Athena StripChart and TextPop widgets.
This code is copyright by DEC and MIT, and their permission notice appears
below, in accordance with the conditions expressed therein.

.rule
.push
.if ~~sgcal
.fontgroup 9
.font 0
.fi
Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
.blank
$c All Rights Reserved
.blank
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted,
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in
supporting documentation, and that the names of Digital or MIT not be
used in advertising or publicity pertaining to distribution of the
software without specific, written prior permission.

DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
SOFTWARE.
.newline
.pop
.rule
.endp



.
.
.
.
. ============================================================================
.chapter How Exim receives and delivers mail
.set runningfoot "receiving & delivering mail"

.section Overall philosophy
.index design philosophy
Exim is designed to work efficiently on systems that are permanently connected
to the Internet and are handling a general mix of mail. In such circumstances,
most messages can be delivered immediately. Consequently, Exim does not
maintain independent queues of messages for specific domains or hosts, though
it does try to send several messages in a single SMTP connection after a host
has been down, and it also maintains per-host retry information.


.section Policy control
.index policy control||overview
Policy controls are now an important feature of MTAs that are connected to the
Internet. Perhaps their most important job is to stop MTAs being abused as
`open relays' by misguided individuals who send out vast amounts of unsolicited
junk, and want to disguise its source. Exim provides flexible facilities for
specifying policy controls on incoming mail:
.numberpars $.
.index ~~ACL||introduction
Exim 4 (unlike previous versions of Exim) implements policy controls on
incoming SMTP mail by means of \*Access Control Lists*\ (ACLs). Each list is a
series of statements that may either grant or deny access. ACLs can be used at
several places in the SMTP dialogue while receiving a message. However, the
most common places are after each \\RCPT\\ command, and at the very end of the
message. The sysadmin can specify conditions for accepting or rejecting
individual recipients or the entire message, respectively, at these two points
(see chapter ~~CHAPACL). Denial of access results in an SMTP error code.
.nextp
An ACL is also available for locally generated, non-SMTP messages. In this
case, the only available actions are to accept or deny the entire message.
.nextp
When a message has been received, either from a remote host or from the local
host, but before the final acknowledgement has been sent, a locally supplied C
function called \*local@_scan()*\ can be run to inspect the message and decide
whether to accept it or not (see chapter ~~CHAPlocalscan). If the message is
accepted, the list of recipients can be modified by the function.
.nextp
After a message has been accepted, a further checking mechanism is available in
the form of the $it{system filter} (see chapter ~~CHAPsystemfilter). This runs
at the start of every delivery process.
.endp

.section User filters
.index filter||introduction
.index Sieve filter
In a conventional Exim configuration, users are able to run private filters by
setting up appropriate \(.forward)\ files in their home directories. See
chapter ~~CHAPredirect (about the \%redirect%\ router) for the configuration
needed to support this, and the separate document entitled
.if ~~html
[(A HREF="filter_toc.html")]
.fi
\*Exim's interfaces to mail filtering*\
.if ~~html
[(/A)]
.fi
for user details. Two different kinds of filtering are available:
.numberpars $.
Sieve filters are written in the standard filtering language that is defined by
RFC 3028.
.nextp
Exim filters are written in a syntax that is unique to Exim, but which is more
powerful than Sieve, which it pre-dates.
.endp
User filters are run as part of the routing process, described below.


.section Message identification
.rset SECTmessiden "~~chapter.~~section"
.index message||ids, details of format
.index format||of message id
.index id of message
.index base62
.index base36
.index Darwin
.index Cygwin
Every message handled by Exim is given a \*message id*\ which is sixteen
characters long. It is divided into three parts, separated by hyphens, for
example \"16VDhn-0001bo-D3"\. Each part is a sequence of letters and digits,
normally encoding numbers in base 62. However, in the Darwin operating
system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
(avoiding the use of lower case letters) is used instead, because the message
id is used to construct file names, and the names of files in those systems are
not case-sensitive.

.index pid (process id)||re-use of
The detail of the contents of the message id have changed as Exim has evolved.
Earlier versions relied on the operating system not re-using a process id (pid)
within one second. On modern operating systems, this assumption can no longer
be made, so the algorithm had to be changed. To retain backward compatibility,
the format of the message id was retained, which is why the following rules are
somewhat eccentric:
.numberpars $.
The first six characters of the message id are the time at which the message
started to be received, to a granularity of one second. That is, this field
contains the number of seconds since the start of the epoch (the normal Unix
way of representing the date and time of day).
.nextp
After the first hyphen, the next six characters are the id of the process that
received the message.
.nextp
There are two different possibilities for the final two characters:
.numberpars alpha
.index \localhost@_number\
If \localhost@_number\ is not set, this value is the fractional part of the
time of reception, normally in units of 1/2000 of a second, but for systems
that must use base 36 instead of base 62 (because of case-insensitive file
systems), the units are 1/1000 of a second.
.nextp
If \localhost@_number\ is set, it is multiplied by 200 (100) and added to
the fractional part of the time, which in this case is in units of 1/200
(1/100) of a second.
.endp
.endp
After a message has been received, Exim waits for the clock to tick at the
appropriate resolution before proceeding, so that if another message is
received by the same process, or by another process with the same (re-used)
pid, it is guaranteed that the time will be different. In most cases, the clock
will already have ticked while the message was being received.

.section Receiving mail
.index receiving mail
.index message||reception
The only way Exim can receive mail from a remote host is using SMTP over
TCP/IP, in which case the sender and recipient addresses are tranferred using
SMTP commands. However, from a locally running process (such as a user's MUA),
there are several possibilities:
.numberpars $.
If the process runs Exim with the \-bm-\ option, the message is read
non-interactively (usually via a pipe), with the recipients taken from the
command line, or from the body of the message if \-t-\ is also used.
.nextp
If the process runs Exim with the \-bS-\ option, the message is also read
non-interactively, but in this case the recipients are listed at the start of
the message in a series of SMTP \\RCPT\\ commands, terminated by a \\DATA\\
command. This is so-called `batch SMTP' format,
but it isn't really SMTP. The SMTP commands are just another way of passing
envelope addresses in a non-interactive submission.
.nextp
If the process runs Exim with the \-bs-\ option, the message is read
interactively, using the SMTP protocol. A two-way pipe is normally used for
passing data between the local process and the Exim process.
This is `real' SMTP and is handled in the same way as SMTP over TCP/IP. For
example, the ACLs for SMTP commands are used for this form of submission.
.nextp
A local process may also make a TCP/IP call to the host's loopback address
(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
does not treat the loopback address specially. It treats all such connections
in the same way as connections from other hosts.
.endp

.index message||sender, constructed by Exim
.index sender||constructed by Exim
In the three cases that do not involve TCP/IP, the sender address is
constructed from the login name of the user that called Exim and a default
qualification domain (which can be set by the \qualify@_domain\ configuration
option). For local or batch SMTP, a sender address that is passed using the
SMTP \\MAIL\\ command is ignored. However, the system administrator may allow
certain users (`trusted users') to specify a different sender address
unconditionally, or all users to specify certain forms of different sender
address. The \-f-\ option or the SMTP \\MAIL\\ command is used to specify these
different addresses. See section ~~SECTtrustedadmin for details of trusted
users, and the \untrusted@_set@_sender\ option for a way of allowing untrusted
users to change sender addresses.

Messages received by either of the non-interactive mechanisms are subject to
checking by the non-SMTP ACL, if one is defined. Messages received using SMTP
(either over TCP/IP, or interacting with a local process) can be checked by a
number of ACLs that operate at different times during the SMTP session. Either
individual recipients, or the entire message, can be rejected if local policy
requirements are not met. The \*local@_scan()*\ function (see chapter
~~CHAPlocalscan) is run for all incoming messages.

Exim can be configured not to start a delivery process when a message is
received; this can be unconditional, or depend on the number of incoming SMTP
connections or the system load. In these situations, new messages wait on the
queue until a queue runner process picks them up. However, in standard
configurations under normal conditions, delivery is started as soon as a
message is received.




.section Handling an incoming message
.index spool directory||files that hold a message
.index file||how a message is held
When Exim accepts a message, it writes two files in its spool directory. The
first contains the envelope information, the current status of the message,
and the header lines, and the second contains the body of the message. The
names of the two spool files consist of the message id, followed by $tt{-H} for
the file containing the envelope and header, and $tt{-D} for the data file.

.index spool directory||\(input)\ sub-directory
By default all these message files are held in a single directory called
\(input)\ inside the general Exim spool directory. Some operating systems do
not perform very well if the number of files in a directory gets very large; to
improve performance in such cases, the \split@_spool@_directory\ option can be
used. This causes Exim to split up the input files into 62 sub-directories
whose names are single letters or digits.

The envelope information consists of the address of the message's sender and
the addresses of the recipients. This information is entirely separate from
any addresses contained in the header lines. The status of the message includes
a list of recipients who have already received the message. The format of the
first spool file is described in chapter ~~CHAPspool.

.index rewriting||addresses
Address rewriting that is specified in the rewrite section of the configuration
(see chapter ~~CHAPrewrite) is done once and for all on incoming addresses,
both in the header lines and the envelope, at the time the message is accepted.
If during the course of delivery additional addresses are generated (for
example, via aliasing), these new addresses are rewritten as soon as they are
generated. At the time a message is actually delivered (transported) further
rewriting can take place; because this is a transport option, it can be
different for different forms of delivery. It is also possible to specify the
addition or removal of certain header lines at the time the message is
delivered (see chapters ~~CHAProutergeneric and ~~CHAPtransportgeneric).


.section Life of a message
.index message||life of
.index message||frozen
A message remains in the spool directory until it is completely delivered to
its recipients or to an error address, or until it is deleted by an
administrator or by the user who originally created it. In cases when delivery
cannot proceed -- for example, when a message can neither be delivered to its
recipients nor returned to its sender, the message is marked `frozen' on the
spool, and no more deliveries are attempted.

.index frozen messages||thawing
.index message||thawing frozen
An administrator can `thaw' such messages when the problem has been corrected,
and can also freeze individual messages by hand if necessary. In addition, an
administrator can force a delivery error, causing a bounce message to be sent.

.index \auto@_thaw\
There is an option called \auto@_thaw\, which can be used to cause Exim to
retry frozen messages after a certain time. When this is set, no message will
remain on the queue for ever, because the delivery timeout will eventually be
reached. Delivery failure reports (bounce messages) that reach this timeout are
discarded.
.index \timeout@_frozen@_after\
There is also an option called \timeout@_frozen@_after\, which discards frozen
messages after a certain time.

.index message||log file for
.index log||file for each message
While Exim is working on a message, it writes information about each delivery
attempt to the main log file. This includes successful, unsuccessful, and
delayed deliveries for each recipient (see chapter ~~CHAPlog). The log lines
are also written to a separate $it{message log} file for each message. These
logs are solely for the benefit of the administrator, and are normally deleted
along with the spool files when processing of a message is complete.
The use of individual message logs can be disabled by setting
\no@_message@_logs\; this might give an improvement in performance on very
busy systems.

.index journal file
.index file||journal
All the information Exim itself needs to set up a delivery is kept in the first
spool file, along with the header lines. When a successful delivery occurs, the
address is immediately written at the end of a journal file, whose name is the
message id followed by $tt{-J}. At the end of a delivery run, if there are some
addresses left to be tried again later, the first spool file (the $tt{-H} file)
is updated to indicate which these are, and the journal file is then deleted.
Updating the spool file is done by writing a new file and renaming it, to
minimize the possibility of data loss.

Should the system or the program crash after a successful delivery but before
the spool file has been updated, the journal is left lying around. The next
time Exim attempts to deliver the message, it reads the journal file and
updates the spool file before proceeding. This minimizes the chances of double
deliveries caused by crashes.


.section Processing an address for delivery
.rset SECTprocaddress "~~chapter.~~section"
.index drivers||definition of
.index router||definition of
.index transport||definition of
The main delivery processing elements of Exim are called $it{routers} and
$it{transports}, and collectively these are known as $it{drivers}. Code for a
number of them is provided in the source distribution, and compile-time options
specify which ones are included in the binary. Run time options specify which
ones are actually used for delivering messages.

.index drivers||instance definition
Each driver that is specified in the run time configuration is an \*instance*\
of that particular driver type. Multiple instances are allowed; for example,
you can set up several different \%smtp%\ transports, each with different
option values that might specify different ports or different timeouts. Each
instance has its own identifying name. In what follows we will normally use the
instance name when discussing one particular instance (that is, one specific
configuration of the driver), and the generic driver name when discussing
the driver's features in general.

A $it{router} is a driver that operates on an address, either determining how
its delivery should happen, by routing it to a specific transport, or
converting the address into one or more new addresses (for example, via an
alias file). A router may also explicitly choose to fail an address, causing it
to be bounced.

A $it{transport} is a driver that transmits a copy of the message from Exim's
spool to some destination. There are two kinds of transport: for a $it{local}
transport, the destination is a file or a pipe on the local host, whereas for a
$it{remote} transport the destination is some other host. A message is passed
to a specific transport as a result of successful routing. If a message has
several recipients, it may be passed to a number of different transports.

.index preconditions||definition of
An address is processed by passing it to each configured router instance in
turn, subject to certain preconditions, until a router accepts the address or
specifies that it should be bounced. We will describe this process in more
detail shortly. As a simple example, the diagram below illustrates how each
recipient address in a message is processed in a small configuration of three
routers that are configured in various ways.

.if ~~sys.fancy
.figure "Routing an address" rm
.indent 0
.call aspic -sgcal -nv
centre ~~sys.linelength;
magnify 0.8;
boundingbox 30;
    ibox depth 14 "address";
B:  arrow down 44;
    textdepth 14;
A:  box width 100 "first router" "conditions ok?";
    arrow right "yes";
C:  box width 100 "run" "first router";
    arrow down "fail";
D:  ibox depth 20 "address bounces";

    arc clockwise from right of C "accept";
    arrow down 10;
    ibox "queue for" "transport";

    arrow down from A align bottom of D plus (0,-20) "no"(-6,20)/r;
E:  box width 100 "second router" "conditions ok?";
    arrow right "yes";
F:  box width 100 "run" "second router";
    line right 100 "redirect";
    line up align middle of B;
    arrow left to middle of B "new addresses";

    line down 20 from bottom left of F plus (30,0);
    arrow left align centre of E "decline";

    line down 20 from bottom right of F plus (-30,0);
    arrow right "fail";
    ibox width 64 "address" "bounces";

    arrow down 64 from E "no"(-6,20)/r;
G:  box width 100 "third router" "conditions ok?";
    arrow right "yes";
H:  box width 100 "run" "third router";
    arc clockwise from right of H "accept";
    arrow down 10;
    ibox "queue for" "transport";

    line down 20 from bottom of H;
    arrow left align centre of G "decline";
    arrow down 64 from G "no"(-6,20)/r;

    ibox "no more routers" "address bounces";
.endcall
.endfigure
.elif !~~html
.display asis

       address
          |
          |<------------- new addresses -----------------------------
          V                                                         |
  -----------------                -----------------                |
  | first router  |----- yes ----->|     run       |--- accept      |
  | conditions ok?|                | first router  |      |         |
  -----------------                -----------------      |         |
          |                                |              V         |
       no |                           fail |          queue for     |
          |                                V          transport     |
          |                         address bounces                 |
          |                                                         |
          V                                                         |
  -----------------                -----------------                |
  | second router |----- yes ----->|     run       |----redirect ----
  | conditions ok?|                | second router |
  -----------------                -----------------
          |                            |       |
       no |                            |       |
          |<-------- decline -----------       --- fail ---> address
          |                                                  bounces
          V
  -----------------                -----------------
  | third router  |----- yes ----->|     run       |--- accept
  | conditions ok?|                | third router  |      |
  -----------------                -----------------      |
          |                                |              V
       no |                                |          queue for
          |<-------- decline ---------------          transport
          |
          V
   no more routers
   address bounces
.endd
.else
[(img src="routing.gif" alt="Routing an address")][(br)]
.fi
To make this a more concrete example, we'll describe it in terms of some actual
routers, but remember, this is only an example. You can configure Exim's
routers in many different ways, and there may be any number of routers in a
configuration.

The first router that is specified in a configuration is often one that handles
addresses in domains that are not recognized specially by the local host. These
are typically addresses for arbitrary domains on the Internet. A precondition
is set up which looks for the special domains known to the host (for example,
its own domain name), and the router is run for addresses that do $it{not}
match. Typically, this is a router that looks up domains in the DNS in order to
find the hosts to which this address routes. If it succeeds, the address is
queued for a suitable SMTP transport; if it does not succeed, the router is
configured to fail the address.

The example pictured could be a configuration of this type. The second and
third routers can only be run for addresses for which the preconditions for
the first router are not met. If one of these preconditions checks the
domain, the second and third routers are run only for domains that are somehow
special to the local host.

The second router does redirection -- also known as aliasing and forwarding.
When it generates one or more new addresses from the original, each of them is
routed independently from the start. Otherwise, the router may cause an address
to fail, or it may simply decline to handle the address, in which case the
address is passed to the next router.

The final router in many configurations is one that checks to see if the
address belongs to a local mailbox. The precondition may involve a check to
see if the local part is the name of a login account, or it may look up the
local part in a file or a database. If its preconditions are not met, or if
the router declines, we have reached the end of the routers. When this happens,
the address is bounced.


.section Processing an address for verification
.index router||for verification
.index verifying||address, overview
As well as being used to decide how to deliver to an address, Exim's routers
are also used for \*address verification*\. Verification can be requested as
one of the checks to be performed in an ACL for incoming messages, on both
sender and recipient addresses, and it can be tested using the \-bv-\ and
\-bvs-\ command line options.

When an address is being verified, the routers are run in `verify mode'. This
does not affect the way the routers work, but it is a state that can be
detected. By this means, a router can be skipped or made to behave differently
when verifying. A common example is a configuration in which the first router
sends all messages to a message-scanning program, unless they have been
previously scanned. Thus, the first router accepts all addresses without any
checking, making it useless for verifying. Normally, the \no@_verify\ option
would be set for such a router, causing it to be skipped in verify mode.



.section Running an individual router
.rset SECTrunindrou "~~chapter.~~section"
.index router||running details
.index preconditions||checking
.index router||result of running
As explained in the example above, a number of preconditions are checked before
running a router. If any are not met, the router is skipped, and the address is
passed to the next router. When all the preconditions on a router $it{are} met,
the router is run. What happens next depends on the outcome, which is one of
the following:
.numberpars $.
\*accept*\: The router accepts the address, and either queues it for a
transport, or generates one or more `child' addresses. Processing the original
address ceases,
.index \unseen\ option
unless the \unseen\ option is set on the router. This option
can be used to set up multiple deliveries with different routing (for example,
for keeping archive copies of messages). When \unseen\ is set, the address is
passed to the next router. Normally, however, an \*accept*\ return marks the
end of routing.

.index case of local parts
.index address||duplicate, discarding
If child addresses are generated, Exim checks to see whether they are
duplicates of any existing recipient addresses. During this check, local parts
are treated as case-sensitive. Duplicate addresses are discarded. Each of the
remaining child addresses is then processed independently, starting with the
first router by default. It is possible to change this by setting the
\redirect@_router\ option to specify which router to start at for child
addresses. Unlike \pass@_router\ (see below) the router specified by
\redirect@_router\ may be anywhere in the router configuration.
.nextp
\*pass*\: The router recognizes the address, but cannot handle it itself. It
requests that the address be passed to another router. By default the address
is passed to the next router, but this can be changed by setting the
\pass@_router\ option. However, (unlike \redirect@_router\) the named router
must be below the current router (to avoid loops).
.nextp
\*decline*\: The router declines to accept the address because it does not
recognize it at all. By default, the address is passed to the next router, but
this can be prevented by setting the \no@_more\ option. When \no@_more\ is set,
all the remaining routers are skipped.
.nextp
\*fail*\: The router determines that the address should fail, and queues it for
the generation of a bounce message. There is no further processing of the
original address unless \unseen\ is set on the router.
.nextp
\*defer*\: The router cannot handle the address at the present time. (A database
may be offline, or a DNS lookup may have timed out.) No further processing of
the address happens in this delivery attempt. It is tried again next time the
message is considered for delivery.
.nextp
\*error*\: There is some error in the router (for example, a syntax error in
its configuration). The action is as for defer.
.endp
If an address reaches the end of the routers without having been accepted by
any of them, it is bounced as unrouteable.
The default error message in this situation is `unrouteable address', but you
can set your own message by making use of the \cannot@_route@_message\ option.
This can be set for any router; the value from the last router that `saw'
the address is used.

Sometimes while routing you want to fail a delivery when some conditions are
met but others are not, instead of passing the address on for further routing.
You can do this by having a second router that explicitly fails the delivery
when the relevant conditions are met. The \%redirect%\ router has a `fail'
facility for this purpose.



.section Router preconditions
.rset SECTrouprecon "~~chapter.~~section"
.index router||preconditions, order of processing
.index preconditions||order of processing
The preconditions that are tested for each router are listed below, in the
order in which they are tested. The individual configuration options are
described in more detail in chapter ~~CHAProutergeneric.
.numberpars $.
The \local@_part@_prefix\ and \local@_part@_suffix\ options can specify that
the local parts handled by the router may or must have certain prefixes and/or
suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
skipped. These conditions are tested first. When an affix is present, it is
removed from the local part before further processing, including the evaluation
of any other conditions.
.nextp
Routers can be designated for use only when not verifying an address, that is,
only when routing it for delivery (or testing its delivery routing). If the
\verify\ option is set false, the router is skipped when Exim is verifying an
address.
Setting the \verify\ option actually sets two options, \verify@_sender\ and
\verify@_recipient\, which independently control the use of the router for
sender and recipient verification. You can set these options directly if
you want a router to be used for only one type of verification.
.nextp
If the \address@_test\ option is set false, the router is skipped when Exim is
run with the \-bt-\ option to test an address routing. This can be helpful when
the first router sends all new messages to a scanner of some sort; it makes it
possible to use \-bt-\ to test subsequent delivery routing without having to
simulate the effect of the scanner.
.nextp
Routers can be designated for use only when verifying an address, as
opposed to routing it for delivery. The \verify@_only\ option controls this.
.nextp
Certain routers can be explicitly skipped when running the routers to check an
address given in the SMTP \\EXPN\\ command (see the \expn\ option).
.nextp
If the \domains\ option is set, the domain of the address must be in the set of
domains that it defines.
.nextp
If the \local@_parts\ option is set, the local part of the address must be in
the set of local parts that it defines. If \local@_part@_prefix\ or
\local@_part@_suffix\ is in use, the prefix or suffix is removed from the local
part before this check. If you want to do precondition tests on local parts
that include affixes, you can do so by using a \condition\ option (see below)
that uses the variables \$local@_part$\, \$local@_part@_prefix$\, and
\$local@_part@_suffix$\ as necessary.
.nextp
If the \check@_local@_user\ option is set, the local part must be the name of
an account on the local host.
If this check succeeds, the uid and gid of the local user are placed in
\$local@_user@_uid$\ and \$local@_user@_gid$\; these values can be used in the
remaining preconditions.
.nextp
If the \router@_home@_directory\ option is set, it is expanded at this point,
because it overrides the value of \$home$\. If this expansion were left till
later, the value of \$home$\ as set by \check@_local@_user\ would be used in
subsequent tests. Having two different values of \$home$\ in the same router
could lead to confusion.
.nextp
If the \senders\ option is set, the envelope sender address must be in the set
of addresses that it defines.
.nextp
If the \require@_files\ option is set, the existence or non-existence of
specified files is tested.
.nextp
.index customizing||precondition
If the \condition\ option is set, it is evaluated and tested. This option uses
an expanded string to allow you to set up your own custom preconditions.
Expanded strings are described in chapter ~~CHAPexpand.
.endp

Note that \require@_files\ comes near the end of the list, so you cannot use it
to check for the existence of a file in which to lookup up a domain, local
part, or sender. However, as these options are all expanded, you can use the
\exists\ expansion condition to make such tests within each condition. The
\require@_files\ option is intended for checking files that the router may be
going to use internally, or which are needed by a specific transport (for
example, \(.procmailrc)\).


.section Delivery in detail
.index delivery||in detail
When a message is to be delivered, the sequence of events is as follows:
.numberpars $.
If a system-wide filter file is specified, the message is passed to it. The
filter may add recipients to the message, replace the recipients, discard the
message, cause a new message to be generated, or cause the message delivery to
fail. The format of the system filter file is the same as for Exim user filter
files, described in the separate document entitled
.if ~~html
[(A HREF="filter.html")]
.fi
\*Exim's interfaces to mail filtering*\.
.if ~~html
[(/A)]
.fi
.index Sieve filter||not available for system filter
(\**Note**\: Sieve cannot be used for system filter files.)
Some additional features are available in system filters -- see chapter
~~CHAPsystemfilter for details. Note that a message is passed to the system
filter only once per delivery attempt, however many recipients it has. However,
if there are several delivery attempts because one or more addresses could not
be immediately delivered, the system filter is run each time. The filter
condition \first@_delivery\ can be used to detect the first run of the system
filter.
.nextp
Each recipient address is offered to each configured router in turn, subject to
its preconditions, until one is able to handle it. If no router can handle
the address, that is, if they all decline, the address is failed. Because
routers can be targeted at particular domains, several locally handled domains
can be processed entirely independently of each other.
.nextp
.index routing||loops in
.index loop||while routing
A router that accepts an address may set up a local or a remote transport for
it. However, the transport is not run at this time. Instead, the address is
placed on a list for the particular transport, to be run later. Alternatively,
the router may generate one or more new addresses (typically from alias,
forward, or filter files). New addresses are fed back into this process from
the top, but in order to avoid loops, a router ignores any address which has an
identically-named ancestor that was processed by itself.
.nextp
When all the routing has been done, addresses that have been successfully
handled are passed to their assigned transports. When local transports are
doing real local deliveries, they handle only one address at a time, but if a
local transport is being used as a pseudo-remote transport (for example, to
collect batched SMTP messages for transmission by some other means) multiple
addresses can be handled. Remote transports can always handle more than one
address at a time, but can be configured not to do so, or to restrict multiple
addresses to the same domain.
.nextp
Each local delivery to a file or a pipe runs in a separate process under a
non-privileged uid, and these deliveries are run one at a time. Remote
deliveries also run in separate processes, normally under a uid that is private
to Exim (`the Exim user'), but in this case, several remote deliveries can be
run in parallel. The maximum number of simultaneous remote deliveries for any
one message is set by the \remote@_max@_parallel\ option.
The order in which deliveries are done is not defined, except that all local
deliveries happen before any remote deliveries.
.nextp
.index queue runner
When it encounters a local delivery during a queue run, Exim checks its retry
database to see if there has been a previous temporary delivery failure for the
address before running the local transport. If there was a previous failure,
Exim does not attempt a new delivery until the retry time for the address is
reached. However, this happens only for delivery attempts that are part of a
queue run. Local deliveries are always attempted when delivery immediately
follows message reception, even if retry times are set for them. This makes for
better behaviour if one particular message is causing problems (for example,
causing quota overflow, or provoking an error in a filter file).
.nextp
.index delivery||retry in remote transports
Remote transports do their own retry handling, since an address may be
deliverable to one of a number of hosts, each of which may have a different
retry time. If there have been previous temporary failures and no host has
reached its retry time, no delivery is attempted, whether in a queue run or
not. See chapter ~~CHAPretry for details of retry strategies.
.nextp
If there were any permanent errors, a bounce message is returned to an
appropriate address (the sender in the common case), with details of the error
for each failing address. Exim can be configured to send copies of bounce
messages to other addresses.
.nextp
.index delivery||deferral
If one or more addresses suffered a temporary failure, the message is left on
the queue, to be tried again later. Delivery of these addresses is said to be
\*deferred*\.
.nextp
When all the recipient addresses have either been delivered or bounced,
handling of the message is complete. The spool files and message log are
deleted, though the message log can optionally be preserved if required.
.endp


.section Retry mechanism
.index delivery||retry mechanism
.index retry||description of mechanism
.index queue runner
Exim's mechanism for retrying messages that fail to get delivered at the first
attempt is the queue runner process. You must either run an Exim daemon that
uses the \-q-\ option with a time interval to start queue runners at regular
intervals, or use some other means (such as \*cron*\) to start them. If you do
not arrange for queue runners to be run, messages that fail temporarily at the
first attempt will remain on your queue for ever. A queue runner process works
it way through the queue, one message at a time, trying each delivery that has
passed its retry time.
You can run several queue runners at once.

Exim uses a set of configured rules to determine when next to retry the failing
address (see chapter ~~CHAPretry). These rules also specify when Exim should
give up trying to deliver to the address, at which point it generates a bounce
message. If no retry rules are set for a particular host, address, and error
combination, no retries are attempted, and temporary errors are treated as
permanent.


.section Temporary delivery failure
.index delivery||temporary failure
There are many reasons why a message may not be immediately deliverable to a
particular address. Failure to connect to a remote machine (because it, or the
connection to it, is down) is one of the most common. Temporary failures may be
detected during routing as well as during the transport stage of delivery.
Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
is on a file system where the user is over quota. Exim can be configured to
impose its own quotas on local mailboxes; where system quotas are set they will
also apply.

If a host is unreachable for a period of time, a number of messages may be
waiting for it by the time it recovers, and sending them in a single SMTP
connection is clearly beneficial. Whenever a delivery to a remote host is
deferred,
.index hints database
Exim makes a note in its hints database, and whenever a successful
SMTP delivery has happened, it looks to see if any other messages are waiting
for the same host. If any are found, they are sent over the same SMTP
connection, subject to a configuration limit as to the maximum number in any
one connection.



.section Permanent delivery failure
.index delivery||permanent failure
.index bounce message||when generated
When a message cannot be delivered to some or all of its intended recipients, a
bounce message is generated. Temporary delivery failures turn into permanent
errors when their timeout expires. All the addresses that fail in a given
delivery attempt are listed in a single message. If the original message has
many recipients, it is possible for some addresses to fail in one delivery
attempt and others to fail subsequently, giving rise to more than one bounce
message. The wording of bounce messages can be customized by the administrator.
See chapter ~~CHAPemsgcust for details.

.index ::X-Failed-Recipients:: header line
Bounce messages contain an ::X-Failed-Recipients:: header line that lists the
failed addresses, for the benefit of programs that try to analyse such messages
automatically.

.index bounce message||recipient of
A bounce message is normally sent to the sender of the original message, as
obtained from the message's envelope. For incoming SMTP messages, this is the
address given in the \\MAIL\\ command. However, when an address is
expanded via a forward or alias file, an alternative address can be specified
for delivery failures of the generated addresses. For a mailing list expansion
(see section ~~SECTmailinglists) it is common to direct bounce messages to the
manager of the list.



.section Failures to deliver bounce messages
.index bounce message||failure to deliver
If a bounce message (either locally generated or received from a remote host)
itself suffers a permanent delivery failure, the message is left on the queue,
but it is frozen, awaiting the attention of an administrator. There are options
which can be used to make Exim discard such failed messages, or to keep them
for only a short time (see \timeout@_frozen@_after\ and
\ignore@_bounce@_errors@_after\).



.
.
.
.
. ============================================================================
.chapter Building and installing Exim
.set runningfoot "building/installing"

.index building Exim
.section Unpacking
Exim is distributed as a gzipped or bzipped tar file which, when upacked,
creates a directory with the name of the current release (for example,
\(exim-~~version)\) into which the following files are placed:
.display rm
.if !~~sys.fancy && ~~sgcal
.tabs 16
.else
.tabs 22
.fi
\(ACKNOWLEDGMENTS)\ $t contains some acknowledgments
.newline
\(CHANGES)\      $t contains a reference to where changes are documented
\(LICENCE)\      $t the GNU General Public Licence
\(Makefile)\     $t top-level make file
\(NOTICE)\       $t conditions for the use of Exim
\(README)\       $t list of files, directories and simple build instructions
.endd
Other files whose names begin with \(README)\ may also be present. The
following subdirectories are created:
.display rm
.if !~~sys.fancy && ~~sgcal
.tabs 16
.else
.tabs 22
.fi
\(Local)\        $t an empty directory for local configuration files
\(OS)\           $t OS-specific files
\(doc)\          $t documentation files
\(exim@_monitor)\$t source files for the Exim monitor
\(scripts)\      $t scripts used in the build process
\(src)\          $t remaining source files
\(util)\         $t independent utilities
.endd
The main utility programs are contained in the \(src)\ directory, and are built
with the Exim binary. The \(util)\ directory contains a few optional scripts
that may be useful to some sites.

.section Multiple machine architectures and operating systems
.index building Exim||multiple OS/architectures
The building process for Exim is arranged to make it easy to build binaries for
a number of different architectures and operating systems from the same set of
source files. Compilation does not take place in the \(src)\ directory. Instead,
a \*build directory*\ is created for each architecture and operating system.
.index symbolic link||to build directory
Symbolic links to the sources are installed in this directory, which is where
the actual building takes place.

In most cases, Exim can discover the machine architecture and operating system
for itself, but the defaults can be overridden if necessary.

.section DBM libraries
.rset SECTdb "~~chapter.~~section"
.index DBM||libraries, discussion of
.index hints database||DBM files used for
Even if you do not use any DBM files in your configuration, Exim still needs a
DBM library in order to operate, because it uses indexed files for its hints
databases. Unfortunately, there are a number of DBM libraries in existence, and
different operating systems often have different ones installed.

.index Solaris||DBM library for
.index IRIX, DBM library for
.index BSD, DBM library for
.index Linux, DBM library for
If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
Linux distribution, the DBM configuration should happen automatically, and you
may be able to ignore this section. Otherwise, you may have to learn more than
you would like about DBM libraries from what follows.

.index \*ndbm*\ DBM library
Licensed versions of Unix normally contain a library of DBM functions operating
via the \*ndbm*\ interface, and this is what Exim expects by default. Free
versions of Unix seem to vary in what they contain as standard. In particular,
some early versions of Linux have no default DBM library, and different
distributors have chosen to bundle different libraries with their packaged
versions. However, the more recent releases seem to have standardised on the
Berkeley DB library.

Different DBM libraries have different conventions for naming the files they
use. When a program opens a file called \(dbmfile)\, there are four
possibilities:
.numberpars
A traditional \*ndbm*\ implementation, such as that supplied as part of
Solaris, operates on two files called \(dbmfile.dir)\ and \(dbmfile.pag)\.
.nextp
.index \*gdbm*\ DBM library
The GNU library, \*gdbm*\, operates on a single file. If used via its \*ndbm*\
compatibility interface it makes two different hard links to it with names
\(dbmfile.dir)\ and \(dbmfile.pag)\, but if used via its native interface, the
file name is used unmodified.
.nextp
.index Berkeley DB library
The Berkeley DB package, if called via its \*ndbm*\ compatibility interface,
operates on a single file called \(dbmfile.db)\, but otherwise looks to the
programmer exactly the same as the traditional \*ndbm*\ implementation.
.nextp
If the Berkeley package is used in its native mode, it operates on a single
file called \(dbmfile)\; the programmer's interface is somewhat different to
the traditional \*ndbm*\ interface.
.nextp
To complicate things further, there are several very different versions of the
Berkeley DB package. Version 1.85 was stable for a very long time, releases
2.$it{x} and 3.$it{x} were current for a while, but the latest versions are now
numbered 4.$it{x}. Maintenance of some of the earlier releases has ceased. All
versions of Berkeley DB can be obtained from
.display rm
\?http://www.sleepycat.com/?\
.endd
.nextp
.index \*tdb*\ DBM library
Yet another DBM library, called \*tdb*\, has become available from
.display rm
\?http://download.sourceforge.net/tdb?\
.endd
It has its own interface, and also operates on a single file.
.endp
.index \\USE@_DB\\
.index DBM||libraries, configuration for building
Exim and its utilities can be compiled to use any of these interfaces. In order
to use any version of the Berkeley DB package in native mode, you must set
\\USE@_DB\\ in an appropriate configuration file (typically
\(Local/Makefile)\). For example:
.display asis
USE_DB=yes
.endd
Similarly, for gdbm you set \\USE@_GDBM\\, and for tdb you set \\USE@_TDB\\. An
error is diagnosed if you set more than one of these.

At the lowest level, the build-time configuration sets none of these options,
thereby assuming an interface of type (1). However, some operating system
configuration files (for example, those for the BSD operating systems and
Linux) assume type (4) by setting \\USE@_DB\\ as their default, and the
configuration files for Cygwin set \\USE@_GDBM\\. Anything you set in
\(Local/Makefile)\, however, overrides these system defaults.

As well as setting \\USE@_DB\\, \\USE@_GDBM\\, or \\USE@_TDB\\, it may also be
necessary to set \\DBMLIB\\, to cause inclusion of the appropriate library, as
in one of these lines:
.display asis
DBMLIB = -ldb
DBMLIB = -ltdb
.endd
Settings like that will work if the DBM library is installed in the standard
place. Sometimes it is not, and the library's header file may also not be in
the default path. You may need to set \\INCLUDE\\ to specify where the header
file is, and to specify the path to the library more fully in \\DBMLIB\\, as in
this example:
.display asis
INCLUDE=-I/usr/local/include/db-4.1
DBMLIB=/usr/local/lib/db-4.1/libdb.a
.endd

There is further detailed discussion about the various DBM libraries in the
file \(doc/dbm.discuss.txt)\ in the Exim distribution.


.section Pre-building configuration
.index building Exim||pre-building configuration
.index configuration for building Exim
.index \(Local/Makefile)\
.index \(src/EDITME)\
Before building Exim, a local configuration file that specifies options
independent of any operating system has to be created with the name
\(Local/Makefile)\. A template for this file is supplied as the file
\(src/EDITME)\, and it contains full descriptions of all the option settings
therein. These descriptions are therefore not repeated here. If you are
building Exim for the first time, the simplest thing to do is to copy
\(src/EDITME)\ to \(Local/Makefile)\, then read it and edit it appropriately.

There are three settings that you must supply, because Exim will not build
without them. They are the location of the run time configuration file
(\\CONFIGURE@_FILE\\), the directory in which Exim binaries will be installed
(\\BIN@_DIRECTORY\\), and the identity of the Exim user (\\EXIM@_USER\\ and
maybe \\EXIM@_GROUP\\ as well). The value of \\CONFIGURE@_FILE\\ can in fact be
a colon-separated list of file names; Exim uses the first of them that exists.

There are a few other parameters that can be specified either at build time or
at run time, to enable the same binary to be used on a number of different
machines. However, if the locations of Exim's spool directory and log file
directory (if not within the spool directory) are fixed, it is recommended that
you specify them in \(Local/Makefile)\ instead of at run time, so that errors
detected early in Exim's execution (such as a malformed configuration file) can
be logged.

.index \(Local/eximon.conf)\
.index \(exim@_monitor/EDITME)\
If you are going to build the Exim monitor, a similar configuration process is
required. The file \(exim@_monitor/EDITME)\ must be edited appropriately for
your installation and saved under the name \(Local/eximon.conf)\. If you are
happy with the default settings described in \(exim@_monitor/EDITME)\,
\(Local/eximon.conf)\ can be empty, but it must exist.

This is all the configuration that is needed in straightforward cases for known
operating systems. However, the building process is set up so that it is easy
to override options that are set by default or by operating-system-specific
configuration files, for example to change the name of the C compiler, which
defaults to \gcc\. See section ~~SECToverride below for details of how to do
this.


.section Support for iconv()
.index \*iconv()*\ support
The contents of header lines in messages may be encoded according to the rules
described RFC 2047. This makes it possible to transmit characters that are not
in the ASCII character set, and to label them as being in a particular
character set. When Exim is inspecting header lines by means of the \@$h@_\
mechanism, it decodes them, and translates them into a specified character set
(default ISO-8859-1). The translation is possible only if the operating system
supports the \*iconv()*\ function.

However, some of the operating systems that supply \*iconv()*\ do not support
very many conversions. The GNU \libiconv\ library (available from
\?http:/@/www.gnu.org/software/libiconv/?\) can be installed on such systems to
remedy this deficiency, as well as on systems that do not supply \*iconv()*\ at
all. After installing \libiconv\, you should add
.display asis
HAVE_ICONV=yes
.endd
to your \(Local/Makefile)\ and rebuild Exim.


.section Including TLS/SSL encryption support
.rset SECTinctlsssl "~~chapter.~~section"
.index TLS||including support for TLS
.index encryption||including support for
.index \\SUPPORT@_TLS\\
.index OpenSSL||building Exim with
.index GnuTLS||building Exim with
Exim can be built to support encrypted SMTP connections, using the \\STARTTLS\\
command as per RFC 2487. It can also support legacy clients that expect to
start a TLS session immediately on connection to a non-standard port (see the
\-tls-on-connect-\ command line option).

If you want to build Exim with TLS support, you must first install either the
OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
implementing SSL.

If OpenSSL is installed, you should set
.display asis
SUPPORT_TLS=yes
TLS_LIBS=-lssl -lcrypto
.endd
in \(Local/Makefile)\. You may also need to specify the locations of the
OpenSSL library and include files. For example:
.display asis
SUPPORT_TLS=yes
TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
TLS_INCLUDE=-I/usr/local/openssl/include/
.endd

If GnuTLS is installed, you should set
.index \\USE@_GNUTLS\\
.display asis
SUPPORT_TLS=yes
USE_GNUTLS=yes
TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
.endd
in \(Local/Makefile)\, and again you may need to specify the locations of the
library and include files. For example:
.display asis
SUPPORT_TLS=yes
USE_GNUTLS=yes
TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
TLS_INCLUDE=-I/usr/gnu/include
.endd
You do not need to set \\TLS@_INCLUDE\\ if the relevant directory is already
specified in \\INCLUDE\\. Details of how to configure Exim to make use of TLS
are given in chapter ~~CHAPTLS.



.section Use of tcpwrappers
.index tcpwrappers, building Exim to support
.index \\USE@_TCP@_WRAPPERS\\
Exim can be linked with the \*tcpwrappers*\ library in order to check incoming
SMTP calls using the \*tcpwrappers*\ control files. This may be a convenient
alternative to Exim's own checking facilities for installations that are
already making use of \*tcpwrappers*\ for other purposes. To do this, you should
set \\USE@_TCP@_WRAPPERS\\ in \(Local/Makefile)\, arrange for the file
\(tcpd.h)\ to be available at compile time, and also ensure that the library
\(libwrap.a)\ is available at link time, typically by including \-lwrap-\ in
\\EXTRALIBS@_EXIM\\. For example, if \*tcpwrappers*\ is installed in
\(/usr/local)\, you might have
.display
USE@_TCP@_WRAPPERS=yes
CFLAGS=-O -I/usr/local/include
.newline
EXTRALIBS@_EXIM=-L/usr/local/lib -lwrap
.endd
in \(Local/Makefile)\. The name to use in the \*tcpwrappers*\ control files is
`exim'. For example, the line
.display
exim : LOCAL  192.168.1.  .friendly.domain.example
.endd
in your \(/etc/hosts.allow)\ file allows connections from the local host, from
the subnet 192.168.1.0/24, and from all hosts in \*friendly.domain.example*\.
All other connections are denied. Consult the \*tcpwrappers*\ documentation for
further details.


.section Including support for IPv6
.index IPv6||including support for
Exim contains code for use on systems that have IPv6 support. Setting
\\HAVE@_IPV6=YES\\ in \(Local/Makefile)\ causes the IPv6 code to be included;
it may also be necessary to set \\IPV6@_INCLUDE\\ and \\IPV6@_LIBS\\ on systems
where the IPv6 support is not fully integrated into the normal include and
library files.

IPv6 is still changing rapidly. Two different types of DNS record for handling
IPv6 addresses have been defined. AAAA records are already in use, and are
currently seen as the `mainstream', but another record type called A6 is being
argued about. Its status is currently `experimental'. Exim has support for A6
records, but this is included only if you set \\SUPPORT@_A6=YES\\ in
\(Local/Makefile)\.


.section The building process
.index build directory
Once \(Local/Makefile)\ (and \(Local/eximon.conf)\, if required) have been
created, run \*make*\ at the top level. It determines the architecture and
operating system types, and creates a build directory if one does not exist.
For example, on a Sun system running Solaris 8, the directory
\(build-SunOS5-5.8-sparc)\ is created.
.index symbolic link||to source files
Symbolic links to relevant source files are installed in the build directory.

\**Warning**\: The \-j-\ (parallel) flag must not be used with \*make*\; the
building process fails if it is set.

If this is the first time \*make*\ has been run, it calls a script that builds
a make file inside the build directory, using the configuration files from the
\(Local)\ directory. The new make file is then passed to another instance of
\*make*\. This does the real work, building a number of utility scripts, and
then compiling and linking the binaries for the Exim monitor (if configured), a
number of utility programs, and finally Exim itself. The command \*make
makefile*\ can be used to force a rebuild of the make file in the build
directory, should this ever be necessary.

If you have problems building Exim, check for any comments there may be in the
\(README)\ file concerning your operating system, and also take a look at the
.if ~~html
[(A HREF="FAQ.html")]
.fi
FAQ,
.if ~~html
[(/A)]
.fi
where some common problems are covered.



.section Overriding build-time options for Exim
.index build-time options, overriding
.rset SECToverride "~~chapter.~~section"
The main make file that is created at the beginning of the building process
consists of the concatenation of a number of files which set configuration
values, followed by a fixed set of \*make*\ instructions. If a value is set
more than once, the last setting overrides any previous ones. This provides a
convenient way of overriding defaults. The files that are concatenated are, in
order:
.display rm
\(OS/Makefile-Default)\
\(OS/Makefile-)\<<ostype>>
\(Local/Makefile)\
\(Local/Makefile-)\<<ostype>>
\(Local/Makefile-)\<<archtype>>
\(Local/Makefile-)\<<ostype>>-<<archtype>>
\(OS/Makefile-Base)\
.endd
.index \(Local/Makefile)\
where <<ostype>> is the operating system type and <<archtype>> is the
.index building Exim||operating system type
.index building Exim||architecture type
architecture type. \(Local/Makefile)\ is required to exist, and the building
process fails if it is absent. The other three \(Local)\ files are optional,
and are often not needed.

The values used for <<ostype>> and <<archtype>> are obtained from scripts
called \(scripts/os-type)\ and \(scripts/arch-type)\ respectively. If either of
the environment variables \\EXIM@_OSTYPE\\ or \\EXIM@_ARCHTYPE\\ is set, their
values are used, thereby providing a means of forcing particular settings.
Otherwise, the scripts try to get values from the \uname\ command. If this
fails, the shell variables \\OSTYPE\\ and \\ARCHTYPE\\ are inspected. A number
of $it{ad hoc} transformations are then applied, to produce the standard names
that Exim expects. You can run these scripts directly from the shell in order
to find out what values are being used on your system.


\(OS/Makefile-Default)\ contains comments about the variables that are set
therein. Some (but not all) are mentioned below. If there is something that
needs changing, review the contents of this file and the contents of the make
file for your operating system (\(OS/Makefile-<<ostype>>)\) to see what the
default values are.


.index building Exim||overriding default settings
If you need to change any of the values that are set in \(OS/Makefile-Default)\
or in \(OS/Makefile-<<ostype>>)\, or to add any new definitions, you do not
need to change the original files. Instead, you should make the changes by
putting the new values in an appropriate \(Local)\ file. For example,
.index Tru64-Unix build-time settings
when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
formerly DEC-OSF1) operating system, it is necessary to specify that the C
compiler is called \*cc*\ rather than \*gcc*\. Also, the compiler must be
called with the option \-std1-\, to make it recognize some of the features of
Standard C that Exim uses. (Most other compilers recognize Standard C by
default.) To do this, you should create a file called \(Local/Makefile-OSF1)\
containing the lines
.display
CC=cc
CFLAGS=-std1
.endd
If you are compiling for just one operating system, it may be easier to put
these lines directly into \(Local/Makefile)\.

Keeping all your local configuration settings separate from the distributed
files makes it easy to transfer them to new versions of Exim simply by copying
the contents of the \(Local)\ directory.


.index NIS lookup type||including support for
.index NIS@+ lookup type||including support for
.index LDAP||including support for
.index lookup||inclusion in binary
Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
lookup, but not all systems have these components installed, so the default is
not to include the relevant code in the binary. All the different kinds of file
and database lookup that Exim supports are implemented as separate code modules
which are included only if the relevant compile-time options are set. In the
case of LDAP, NIS, and NIS+, the settings for \(Local/Makefile)\ are:
.display asis
LOOKUP_LDAP=yes
LOOKUP_NIS=yes
LOOKUP_NISPLUS=yes
.endd
and similar settings apply to the other lookup types. They are all listed in
\(src/EDITME)\. In most cases the relevant include files and interface
libraries need to be installed before compiling Exim.
.index cdb||including support for
However, in the case of cdb, which is included in the binary only if
.display asis
LOOKUP_CDB=yes
.endd
is set, the code is entirely contained within Exim, and no external include
files or libraries are required. When a lookup type is not included in the
binary, attempts to configure Exim to use it cause run time configuration
errors.

.index Perl||including support for
Exim can be linked with an embedded Perl interpreter, allowing Perl
subroutines to be called during string expansion. To enable this facility,
.display asis
EXIM_PERL=perl.o
.endd
must be defined in \(Local/Makefile)\. Details of this facility are given in
chapter ~~CHAPperl.

.index X11 libraries, location of
The location of the X11 libraries is something that varies a lot between
operating systems, and of course there are different versions of X11 to cope
with. Exim itself makes no use of X11, but if you are compiling the Exim
monitor, the X11 libraries must be available.
The following three variables are set in \(OS/Makefile-Default)\:
.display asis
X11=/usr/X11R6
XINCLUDE=-I$(X11)/include
XLFLAGS=-L$(X11)/lib
.endd
These are overridden in some of the operating-system configuration files. For
example, in \(OS/Makefile-SunOS5)\ there is
.display asis
X11=/usr/openwin
XINCLUDE=-I$(X11)/include
XLFLAGS=-L$(X11)/lib -R$(X11)/lib
.endd
If you need to override the default setting for your operating system, place a
definition of all three of these variables into your
\(Local/Makefile-<<ostype>>)\ file.

.index \\EXTRALIBS\\
If you need to add any extra libraries to the link steps, these can be put in a
variable called \\EXTRALIBS\\, which appears in all the link commands, but by
default is not defined. In contrast, \\EXTRALIBS@_EXIM\\ is used only on the
command for linking the main Exim binary, and not for any associated utilities.
.index DBM||libraries, configuration for building
There is also \\DBMLIB\\, which appears in the link commands for binaries that
use DBM functions (see also section ~~SECTdb). Finally, there is
\\EXTRALIBS@_EXIMON\\, which appears only in the link step for the Exim monitor
binary, and which can be used, for example, to include additional X11
libraries.

.index configuration file||editing
The make file copes with rebuilding Exim correctly if any of the configuration
files are edited. However, if an optional configuration file is deleted, it is
necessary to touch the associated non-optional file (that is, \(Local/Makefile)\
or \(Local/eximon.conf)\) before rebuilding.

.section OS-specific header files
.index \(os.h)\
.index building Exim||OS-specific C header files
The \(OS)\ directory contains a number of files with names of the form
\(os.h-<<ostype>>)\. These are system-specific C header files that should not
normally need to be changed. There is a list of macro settings that are
recognized in the file \(OS/os.configuring)\, which should be consulted if you
are porting Exim to a new operating system.


.section Overriding build-time options for the monitor
.index building Eximon||overriding default options
A similar process is used for overriding things when building the Exim monitor,
where the files that are involved are
.display rm
\(OS/eximon.conf-Default)\
\(OS/eximon.conf-)\<<ostype>>
\(Local/eximon.conf)\
\(Local/eximon.conf-)\<<ostype>>
\(Local/eximon.conf-)\<<archtype>>
\(Local/eximon.conf-)\<<ostype>>-<<archtype>>
.endd
.index \(Local/eximon.conf)\
As with Exim itself, the final three files need not exist, and in this case the
\(OS/eximon.conf-<<ostype>>)\ file is also optional. The default values in
\(OS/eximon.conf-Default)\ can be overridden dynamically by setting environment
variables of the same name, preceded by \\EXIMON@_\\. For example, setting
\\EXIMON@_LOG@_DEPTH\\ in the environment overrides the value of
\\LOG@_DEPTH\\ at run time.



.section Installing Exim binaries and scripts
.index installing Exim
.index \\BIN@_DIRECTORY\\
The command \*make install*\ runs the \*exim@_install*\ script with no
arguments. The script copies binaries and utility scripts into the directory
whose name is specified by the \\BIN@_DIRECTORY\\ setting in
\(Local/Makefile)\.

Exim's run time configuration file is named by the \\CONFIGURE@_FILE\\ setting
.index \\CONFIGURE@_FILE\\
in \(Local/Makefile)\. If this names a single file, and the file does not
exist, the default configuration file \(src/configure.default)\ is copied there
by the installation script. If a run time configuration file already exists, it
is left alone. If \\CONFIGURE@_FILE\\ is a colon-separated list, naming several
alternative files, no default is installed.

.index system aliases file
.index \(/etc/aliases)\
One change is made to the default configuration file when it is installed: the
default configuration contains a router that references a system aliases file.
The path to this file is set to the value specified by
\\SYSTEM@_ALIASES@_FILE\\ in \(Local/Makefile)\ (\(/etc/aliases)\ by default).
If the system aliases file does not exist, the installation script creates it,
and outputs a comment to the user.

The created file contains no aliases, but it does contain comments about the
aliases a site should normally have. Mail aliases have traditionally been
kept in \(/etc/aliases)\. However, some operating systems are now using
\(/etc/mail/aliases)\. You should check if yours is one of these, and change
Exim's configuration if necessary.

The default configuration uses the local host's name as the only local domain,
and is set up to do local deliveries into the shared directory \(/var/mail)\,
running as the local user. System aliases and \(.forward)\ files in users' home
directories are supported, but no NIS or NIS+ support is configured. Domains
other than the name of the local host are routed using the DNS, with delivery
over SMTP.

The install script copies files only if they are newer than the files they are
going to replace. The Exim binary is required to be owned by root and have the
\*setuid*\ bit set,
.index setuid||installing Exim with
for normal configurations. Therefore, you must run \*make install*\ as root so
that it can set up the Exim binary in this way. However, in some special
situations (for example, if a host is doing no local deliveries) it may be
possible to run Exim without making the binary setuid root (see chapter
~~CHAPsecurity for details).

It is possible to install Exim for special purposes (such as building a binary
distribution) in a private part of the file system. You can do this by a
command such as
.display asis
make DESTDIR=/some/directory/ install
.endd
This has the effect of pre-pending the specified directory to all the file
paths, except the name of the system aliases file that appears in the default
configuration. (If a default alias file is created, its name \*is*\ modified.)
For backwards compatibility, \\ROOT\\ is used if \\DESTDIR\\ is not set,
but this usage is deprecated.

.index installing Exim||what is not installed
Running \*make install*\ does not copy the Exim 4 conversion script
\*convert4r4*\, or the \*pcretest*\ test program. You will probably run the
first of these only once (if you are upgrading from Exim 3), and the second
isn't really part of Exim. None of the documentation files in the \(doc)\
directory are copied, except for the info files when you have set
\\INFO@_DIRECTORY\\, as described in section ~~SECTinsinfdoc below.

For the utility programs, old versions are renamed by adding the suffix \(.O)\
to their names. The Exim binary itself, however, is handled differently. It is
installed under a name that includes the version number and the compile number,
for example \(exim-~~version-1)\. The script then arranges for a symbolic link
called \(exim)\ to point to the binary. If you are updating a previous version
of Exim, the script takes care to ensure that the name \(exim)\ is never absent
from the directory (as seen by other processes).

.index installing Exim||testing the script
If you want to see what the \*make install*\ will do before running it for
real, you can pass the \-n-\ option to the installation script by this command:
.display asis
make INSTALL_ARG=-n install
.endd
The contents of the variable \\INSTALL@_ARG\\ are passed to the installation
script. You do not need to be root to run this test. Alternatively, you can run
the installation script directly, but this must be from within the build
directory. For example, from the top-level Exim directory you could use this
command:
.display
(cd build-SunOS5-5.5.1-sparc; ../scripts/exim@_install -n)
.endd

.index installing Exim||install script options
There are two other options that can be supplied to the installation script.
.numberpars $.
\-no@_chown-\ bypasses the call to change the owner of the installed binary
to root, and the call to make it a setuid binary.
.nextp
\-no@_symlink-\ bypasses the setting up of the symbolic link \(exim)\ to the
installed binary.
.endp
\\INSTALL@_ARG\\ can be used to pass these options to the script. For example:
.display asis
make INSTALL_ARG=-no_symlink install
.endd

The installation script can also be given arguments specifying which files are
to be copied. For example, to install just the Exim binary, and nothing else,
without creating the symbolic link, you could use:
.display asis
make INSTALL_ARG='-no_symlink exim' install
.endd


.section Installing info documentation
.rset SECTinsinfdoc "~~chapter.~~section"
.index installing Exim||\*info*\ documentation
Not all systems use the GNU \*info*\ system for documentation, and for this
reason, the Texinfo source of Exim's documentation is not included in the main
distribution. Instead it is available separately from the ftp site (see section
~~SECTavail).

If you have defined \\INFO@_DIRECTORY\\ in \(Local/Makefile)\ and the Texinfo
source of the documentation is found in the source tree, running \*make
install*\ automatically builds the info files and installs them.


.section Setting up the spool directory
.index spool directory||creating
When it starts up, Exim tries to create its spool directory if it does not
exist. The Exim uid and gid are used for the owner and group of the spool
directory. Sub-directories are automatically created in the spool directory as
necessary.



.section Testing
.index testing||installation
Having installed Exim, you can check that the run time configuration file is
syntactically valid by running the following command, which assumes that the
Exim binary directory is within your \\PATH\\ environment variable:
.display
exim -bV
.endd
If there are any errors in the configuration file, Exim outputs error messages.
Otherwise it outputs the version number and build date,
the DBM library that is being used, and information about which drivers and
other optional code modules are included in the binary.
Some simple routing tests can be done by using the address testing option. For
example,
.display
exim -bt <<local username>>
.endd
should verify that it recognizes a local mailbox, and
.display
exim -bt <<remote address>>
.endd
a remote one. Then try getting it to deliver mail, both locally and remotely.
This can be done by passing messages directly to Exim, without going through a
user agent. For example:
.display
exim -v postmaster@@your.domain.example
From: user@@your.domain.example
To: postmaster@@your.domain.example
Subject: Testing Exim

This is a test message.
^D
.endd
The \-v-\ option causes Exim to output some verification of what it is doing.
In this case you should see copies of three log lines, one for the message's
arrival, one for its delivery, and one containing `Completed'.

.index delivery||problems with
If you encounter problems, look at Exim's log files (\*mainlog*\ and
\*paniclog*\) to see if there is any relevant information there. Another source
of information is running Exim with debugging turned on, by specifying the
\-d-\ option. If a message is stuck on Exim's spool, you can force a delivery
with debugging turned on by a command of the form
.display
exim -d -M <<message-id>>
.endd
You must be root or an `admin user' in order to do this. The \-d-\ option
produces rather a lot of output, but you can cut this down to specific areas.
For example, if you use \-d-all+route-\ only the debugging information relevant
to routing is included. (See the \-d-\ option in chapter ~~CHAPcommandline for
more details.)

.index `sticky' bit
.index lock files
One specific problem that has shown up on some sites is the inability to do
local deliveries into a shared mailbox directory, because it does not have the
`sticky bit' set on it. By default, Exim tries to create a lock file before
writing to a mailbox file, and if it cannot create the lock file, the delivery
is deferred. You can get round this either by setting the `sticky bit' on the
directory, or by setting a specific group for local deliveries and allowing
that group to create files in the directory (see the comments above the
\%local@_delivery%\ transport in the default configuration file). Another
approach is to configure Exim not to use lock files, but just to rely on
\*fcntl()*\ locking instead. However, you should do this only if all user
agents also use \*fcntl()*\ locking. For further discussion of locking issues,
see chapter ~~CHAPappendfile.

One thing that cannot be tested on a system that is already running an MTA is
the receipt of incoming SMTP mail on the standard SMTP port. However, the
\-oX-\ option can be used to run an Exim daemon that listens on some other
port, or \*inetd*\ can be used to do this. The \-bh-\ option and the
\*exim@_checkaccess*\ utility can be used to check out policy controls on
incoming SMTP mail.

Testing a new version on a system that is already running Exim can most easily
be done by building a binary with a different \\CONFIGURE@_FILE\\ setting. From
within the run time configuration, all other file and directory names
that Exim uses can be altered, in order to keep it entirely clear of the
production version.

.section Replacing another MTA with Exim
.index replacing another MTA
Building and installing Exim for the first time does not of itself put it in
general use. The name by which the system's MTA is called by mail user agents
is either \(/usr/sbin/sendmail)\, or \(/usr/lib/sendmail)\ (depending on the
operating system), and it is necessary to make this name point to the \*exim*\
binary in order to get the user agents to pass messages to Exim. This is
normally done by renaming any existing file and making \(/usr/sbin/sendmail)\
or \(/usr/lib/sendmail)\
.index symbolic link||to \*exim*\ binary
a symbolic link to the \*exim*\ binary. It is a good idea to remove any setuid
privilege and executable status from the old MTA. It is then necessary to stop
and restart the mailer daemon, if one is running.

.index FreeBSD, MTA indirection
.index \(/etc/mail/mailer.conf)\
Some operating systems have introduced alternative ways of switching MTAs. For
example, if you are running FreeBSD, you need to edit the file
\(/etc/mail/mailer.conf)\ instead of setting up a symbolic link as just
described. A typical example of the contents of this file for running Exim is
as follows:
.display asis
sendmail            /usr/exim/bin/exim
send-mail           /usr/exim/bin/exim
mailq               /usr/exim/bin/exim -bp
newaliases          /usr/bin/true
.endd

Once you have set up the symbolic link, or edited \(/etc/mail/mailer.conf)\,
your Exim installation is `live'. Check it by sending a message from your
favourite user agent.

You should consider what to tell your users about the change of MTA. Exim may
have different capabilities to what was previously running, and there are
various operational differences such as the text of messages produced by
command line options and in bounce messages. If you allow your users to make
use of Exim's filtering capabilities, you should make the document entitled
.if ~~html
[(A HREF="filter.html")]
.fi
\*Exim's interface to mail filtering*\
.if ~~html
[(/A)]
.fi
available to them.


.section Upgrading Exim
.index upgrading Exim
If you are already running Exim on your host, building and installing a new
version automatically makes it available to MUAs, or any other programs that
call the MTA directly. However, if you are running an Exim daemon, you do need
to send it a HUP signal, to make it re-exec itself, and thereby pick up the new
binary. You do not need to stop processing mail in order to install a new
version of Exim.


.section Stopping the Exim daemon on Solaris
.index Solaris||stopping Exim on
The standard command for stopping the mailer daemon on Solaris is
.display
/etc/init.d/sendmail stop
.endd
If \(/usr/lib/sendmail)\ has been turned into a symbolic link, this script
fails to stop Exim because it uses the command \*ps -e*\ and greps the output
for the text `sendmail'; this is not present because the actual program name
(that is, `exim') is given by the \*ps*\ command with these options. A solution
is to replace the line that finds the process id with something like
.display asis
pid=`cat /var/spool/exim/exim-daemon.pid`
.endd
to obtain the daemon's pid directly from the file that Exim saves it in.

Note, however, that stopping the daemon does not `stop Exim'. Messages can
still be received from local processes, and if automatic delivery is configured
(the normal case), deliveries will still occur.


.
.
.
.
. ============================================================================
.chapter The Exim command line
.set runningfoot "command line"
.rset CHAPcommandline ~~chapter
.index command line||options
.index options||command line

Exim's command line takes the standard Unix form of a sequence of options,
each starting with a hyphen character, followed by a number of arguments. The
options are compatible with the main options of Sendmail, and there are also
some additional options, some of which are compatible with Smail 3. Certain
combinations of options do not make sense, and provoke an error if used.
The form of the arguments depends on which options are set.

.section Setting options by program name
.index \*mailq*\
If Exim is called under the name \*mailq*\, it behaves as if the option \-bp-\
were present before any other options.
The \-bp-\ option requests a listing of the contents of the mail queue on the
standard output.
This feature is for compatibility with some systems that contain a command of
that name in one of the standard libraries, symbolically linked to
\(/usr/sbin/sendmail)\ or \(/usr/lib/sendmail)\.

.index \*rsmtp*\
If Exim is called under the name \*rsmtp*\ it behaves as if the option \-bS-\
were present before any other options, for compatibility with Smail. The \-bS-\
option is used for reading in a number of messages in batched SMTP format.

.index \*rmail*\
If Exim is called under the name \*rmail*\ it behaves as if the \-i-\ and
\-oee-\ options were present before any other options, for compatibility with
Smail. The name \*rmail*\ is used as an interface by some UUCP systems.

.index \*runq*\
.index queue runner
If Exim is called under the name \*runq*\ it behaves as if the option \-q-\ were
present before any other options, for compatibility with Smail. The \-q-\
option causes a single queue runner process to be started.

.index \*newaliases*\
.index alias file||building
.index Sendmail compatibility||calling Exim as \*newaliases*\
If Exim is called under the name \*newaliases*\ it behaves as if the option
\-bi-\ were present before any other options, for compatibility with Sendmail.
This option is used for rebuilding Sendmail's alias file. Exim does not have
the concept of a single alias file, but can be configured to run a given
command if called with the \-bi-\ option.

.section Trusted and admin users
.rset SECTtrustedadmin "~~chapter.~~section"
Some Exim options are available only to \*trusted users*\ and others are
available only to \*admin users*\. In the description below, the phrases `Exim
user' and `Exim group' mean the user and group defined by \\EXIM@_USER\\ and
\\EXIM@_GROUP\\ in \(Local/Makefile)\ or set by the \exim@_user\ and
\exim@_group\ options. These do not necessarily have to use the name `exim'.

.numberpars $.
.index trusted user||definition of
.index user||trusted, definition of
The trusted users are root, the Exim user, any user listed in the
\trusted@_users\ configuration option, and any user whose current group or any
supplementary group is one of those listed in the \trusted@_groups\
configuration option. Note that the Exim group is not automatically trusted.

.index `From' line
.index envelope sender
Trusted users are always permitted to use the \-f-\ option or a leading `From '
line to specify the envelope sender of a message that is passed to Exim through
the local interface (see the \-bm-\ and \-f-\ options below). See the
\untrusted@_set@_sender\ option for a way of permitting non-trusted users to
set envelope senders.
.index ::From:: header line
.index ::Sender:: header line
For a trusted user, there is never any check on the contents of the ::From::
header line, and a ::Sender:: line is never added. Furthermore, any existing
::Sender:: line in incoming local (non-TCP/IP) messages is not removed.

Trusted users may also specify a host name, host address, interface address,
protocol name, ident value, and authentication data when submitting a message
locally. Thus, they are able to insert messages into Exim's queue locally that
have the characteristics of messages received from a remote host. Untrusted
users may in some circumstances use \-f-\, but can never set the other values
that are available to trusted users.
.nextp
.index user||admin, definition of
.index admin user||definition of
The admin users are root, the Exim user, and any user that is a member of the
Exim group or of any group listed in the \admin@_groups\ configuration option.
The current group does not have to be one of these groups.

Admin users are permitted to list the queue, and to carry out certain
operations on messages, for example, to force delivery failures. It is also
necessary to be an admin user in order to see the full information provided by
the Exim monitor, and full debugging output.

By default, the use of the \-M-\, \-q-\, \-R-\, and \-S-\ options to cause Exim
to attempt delivery of messages on its queue is restricted to admin users.
However, this restriction can be relaxed by setting the \prod@_requires@_admin\
option false (that is, specifying \no@_prod@_requires@_admin\).

Similarly, the use of the \-bp-\ option to list all the messages in the queue
is restricted to admin users unless \queue@_list@_requires@_admin\ is set
false.
.endp

\**Warning**\: If you configure your system so that admin users are able to
edit Exim's configuration file, you are giving those users an easy way of
getting root. There is further discussion of this issue at the start of chapter
~~CHAPconf.



.section Command line options
The command options are described in alphabetical order below.

.startoptions

.option @-
.index options||command line, terminating
This is a pseudo-option whose only purpose is to terminate the options and
therefore to cause subsequent command line items to be treated as arguments
rather than options, even if they begin with hyphens.

.option -help
This option causes Exim to output a few sentences stating what it is.
The same output is generated if the Exim binary is called with no options and
no arguments.

.option B <<type>>
.index 8-bit characters
.index Sendmail compatibility||8-bit characters
This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
clean; it ignores this option.

.option bd
.index daemon
.index SMTP listener
.index queue runner
This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
the \-bd-\ option is combined with the \-q-\<<time>> option, to specify that
the daemon should also initiate periodic queue runs.

The \-bd-\ option can be used only by an admin user. If either of the \-d-\
(debugging) or \-v-\ (verifying) options are set, the daemon does not
disconnect from the controlling terminal. When running this way, it can be
stopped by pressing ctrl-C.

By default, Exim listens for incoming connections to the standard SMTP port on
all the host's running interfaces. However, it is possible to listen on other
ports, on multiple ports, and only on specific interfaces. Chapter
~~CHAPinterfaces contains a description of the options that control this.

.index daemon||process id (pid)
.index pid (process id)||of daemon
When a listening daemon is started without the use of \-oX-\ (that is, without
overriding the normal configuration), it writes its process id to a file called
\(exim-daemon.pid)\ in Exim's spool directory. This location can be overridden
by setting \\PID@_FILE@_PATH\\ in \(Local/Makefile)\. The file is written while
Exim is still running as root.

When \-oX-\ is used on the command line to start a listening daemon, the
process id is not written to the normal pid file path. However, \-oP-\ can be
used to specify a path on the command line if a pid file is required.

.index \\SIGHUP\\
The \\SIGHUP\\ signal can be used to cause the daemon to re-exec itself. This
should be done whenever Exim's configuration file, or any file that is
incorporated into it by means of the \.include\ facility, is changed, and also
whenever a new version of Exim is installed. It is not necessary to do this
when other files that are referenced from the configuration (for example, alias
files) are changed, because these are reread each time they are used.

.option bdf
This option has the same effect as \-bd-\ except that it never disconnects from
the controlling terminal, even when no debugging is specified.

.option be
.index testing||string expansion
.index expansion||testing
Run Exim in expansion testing mode. Exim discards its root privilege, to
prevent ordinary users from using this mode to read otherwise inaccessible
files. If no arguments are given, Exim runs interactively, prompting for lines
of data. Long expressions can be split over several lines by using backslash
continuations.
As in Exim's run time configuration, whitespace at the start of continuation
lines is ignored.

Each argument or data line is passed through the string expansion mechanism,
and the result is output. Variable values from the configuration file (for
example, \$qualify@_domain$\) are available, but no message-specific values
(such as \$domain$\) are set, because no message is being processed.

.option bF #<<filename>>
.index system filter||testing
.index testing||system filter
This option is the same as \-bf-\ except that it assumes that the filter being
tested is a system filter. The additional commands that are available only in
system filters are recognized.

.option bf #<<filename>>
.index filter||testing
.index testing||filter file
.index forward file||testing
.index testing||forward file
.index Sieve filter||testing
This option runs Exim in filter testing mode; the file is the filter file to be
tested, and a test message must be supplied on the standard input. If there are
no message-dependent tests in the filter, an empty file can be supplied. If a
system filter file is being tested, \-bF-\ should be used instead of \-bf-\. If
the test file does not begin with
one of the special lines
.display asis
# Exim filter
# Sieve filter
.endd
it is taken to be a normal \(.forward)\ file, and is tested for validity under
that interpretation. See sections ~~SECTitenonfilred to ~~SECTspecitredli for a
description of the possible contents of non-filter redirection lists.

The result of an Exim command that uses \-bf-\, provided no errors are
detected, is a list of the actions that Exim would try to take if presented
with the message for real. More details of filter testing are given in the
separate document entitled \*Exim's interfaces to mail filtering*\.

.index `From' line
.index envelope sender
.index \-f-\ option||for filter testing
When testing a filter file, the envelope sender can be set by the \-f-\ option,
or by a `From ' line at the start of the test message. Various parameters that
would normally be taken from the envelope recipient address of the message can
be set by means of additional command line options. These are:
.display rm
.if ~~sys.fancy
.tabset 12em 16em
.else
.tabset 15em 20em
.fi
. The odd alignment here gets it lined up in the man page.
\-bfd-\ $t <<domain>>            $t $rm{default is the qualify domain}
\-bfl-\ $t <<local@_part>>        $t $rm{default is the logged in user}
\-bfp-\ $t <<local@_part@_prefix>> $t $rm{default is null}
\-bfs-\ $t <<local@_part@_suffix>> $t $rm{default is null}
.endd
The local part should always be set to the incoming address with any prefix or
suffix stripped, because that is how it appears to the filter when a message is
actually being delivered.

.option bh #<<IP address>>
.index testing||incoming SMTP
.index SMTP||testing incoming
.index testing||relay control
.index relaying||testing configuration
.index policy control||testing
.index debugging||\-bh-\ option
This option runs a fake SMTP session as if from the given IP address, using the
standard input and output. The IP address may include a port number at the end,
after a full stop. For example:
.display asis
exim -bh 10.9.8.7.1234
exim -bh fe80::a00:20ff:fe86:a061.5678
.endd
Comments as to what is going on are written to the standard error file. These
include lines beginning with `LOG' for anything that would have been logged.
This facility is provided for testing configuration options for incoming
messages, to make sure they implement the required policy. For example, you can
test your relay controls using \-bh-\.

.index RFC 1413
\**Warning 1**\: You cannot test features of the configuration that rely on
ident (RFC 1413) callouts. These cannot be done when testing using
\-bh-\ because there is no incoming SMTP connection.

\**Warning 2**\: Address verification callouts (see section ~~SECTcallver) are
also skipped when testing using \-bh-\. If you want these callouts to occur,
use \-bhc-\ instead.

Messages supplied during the testing session are discarded, and nothing is
written to any of the real log files. There may be pauses when DNS (and other)
lookups are taking place, and of course these may time out. The \-oMi-\ option
can be used to specify a specific IP interface and port if this is important.

The \*exim@_checkaccess*\ utility is a `packaged' version of \-bh-\ whose
output just states whether a given recipient address from a given host is
acceptable or not. See section ~~SECTcheckaccess.

.option bhc #<<IP address>>
This option operates in the same way as \-bh-\, except that address
verification callouts are performed if required. This includes consulting and
updating the callout cache database.

.option bi
.index alias file||building
.index building alias file
.index Sendmail compatibility||\-bi-\ option
Sendmail interprets the \-bi-\ option as a request to rebuild its alias file.
Exim does not have the concept of a single alias file, and so it cannot mimic
this behaviour. However, calls to \(/usr/lib/sendmail)\ with the \-bi-\ option
tend to appear in various scripts such as NIS make files, so the option must be
recognized.

If \-bi-\ is encountered, the command specified by the \bi@_command\
configuration option is run, under the uid and gid of the caller of Exim. If
the \-oA-\ option is used, its value is passed to the command as an argument.
The command set by \bi@_command\ may not contain arguments. The command can use
the \*exim@_dbmbuild*\ utility, or some other means, to rebuild alias files if
this is required. If the \bi@_command\ option is not set, calling Exim with
\-bi-\ is a no-op.

.option bm
.index local message reception
This option runs an Exim receiving process that accepts an incoming,
locally-generated message on the current input. The recipients are given as the
command arguments (except when \-t-\ is also present -- see below). Each
argument can be a comma-separated list of RFC 2822 addresses. This is the
default option for selecting the overall action of an Exim call; it is assumed
if no other conflicting option is present.

If any addresses in the message are unqualified (have no domain), they are
qualified by the values of the \qualify@_domain\ or \qualify@_recipient\
options, as appropriate. The \-bnq-\ option (see below) provides a way of
suppressing this for special cases.

Policy checks on the contents of local messages can be enforced by means of the
non-SMTP ACL. See chapter ~~CHAPACL for details.
.index return code||for \-bm-\
The return code is zero if the message is successfully accepted. Otherwise, the
action is controlled by the \-oe$it{x}-\ option setting -- see below.

.index message||format
.index format||message
.index `From' line
.index UUCP||`From' line
.index Sendmail compatibility||`From' line
The format of the message must be as defined in RFC 2822, except that, for
compatibility with Sendmail and Smail, a line in one of the forms
.display
From sender Fri Jan  5 12:55 GMT 1997
From sender Fri, 5 Jan 97 12:55:01
.endd
(with the weekday optional, and possibly with additional text after the date)
is permitted to appear at the start of the message. There appears to be no
authoritative specification of the format of this line. Exim recognizes it by
matching against the regular expression defined by the \uucp@_from@_pattern\
option, which can be changed if necessary.
.index \-f-\ option||overriding `From' line
The specified sender is treated as if it were given as the argument to the
\-f-\ option, but if a \-f-\ option is also present, its argument is used in
preference to the address taken from the message. The caller of Exim must be a
trusted user for the sender of a message to be set in this way.

.option bnq
.index address||qualification, suppressing
By default, Exim automatically qualifies unqualified addresses (those
without domains) that appear in messages that are submitted locally (that
is, not over TCP/IP). This qualification applies both to addresses in
envelopes, and addresses in header lines. Sender addresses are qualified using
\qualify@_domain\, and recipient addresses using \qualify@_recipient\ (which
defaults to the value of \qualify@_domain\).

Sometimes, qualification is not wanted. For example, if \-bS-\ (batch SMTP) is
being used to re-submit messages that originally came from remote hosts after
content scanning, you probably do not want to qualify unqualified addresses in
header lines. (Such lines will be present only if you have not enabled a header
syntax check in the appropriate ACL.)

The \-bnq-\ option suppresses all qualification of unqualified addresses in
messages that originate on the local host. When this is used, unqualified
addresses in the envelope provoke errors (causing message rejection) and
unqualified addresses in header lines are left alone.


.option bP
.index configuration options, extracting
.index options||configuration, extracting
If this option is given with no arguments, it causes the values of all Exim's
main configuration options to be written to the standard output. The values
of one or more specific options can be requested by giving their names as
arguments, for example:
.display
exim -bP qualify@_domain hold@_domains
.endd
However, any option setting that is preceded by the word `hide' in the
configuration file is not shown in full, except to an admin user. For other
users, the output is as in this example:
.display asis
mysql_servers = <value not displayable>
.endd
If \configure@_file\ is given as an argument, the name of the run time
configuration file is output.
If a list of configuration files was supplied, the value that is output here
is the name of the file that was actually used.

.index daemon||process id (pid)
.index pid (process id)||of daemon
If \log__file__path\ or \pid@_file@_path\ are given, the names of the
directories where log files and daemon pid files are written are output,
respectively. If these values are unset, log files are written in a
sub-directory of the spool directory called \log\, and the pid file is written
directly into the spool directory.

If \-bP-\ is followed by a name preceded by \"+"\, for example,
.display asis
exim -bP +local_domains
.endd
it searches for a matching named list of any type (domain, host, address, or
local part) and outputs what it finds.

.index options||router, extracting
.index options||transport, extracting
If one of the words \router\, \transport\, or \authenticator\ is given,
followed by the name of an appropriate driver instance, the option settings for
that driver are output. For example:
.display
exim -bP transport local@_delivery
.endd
The generic driver options are output first, followed by the driver's private
options. A list of the names of drivers of a particular type can be obtained by
using one of the words \router@_list\, \transport@_list\, or
\authenticator@_list\, and a complete list of all drivers with their option
settings can be obtained by using \routers\, \transports\, or \authenticators\.


.option bp
.index queue||listing messages on
.index listing||messages on the queue
This option requests a listing of the contents of the mail queue on the
standard output. If the \-bp-\ option is followed by a list of message ids,
just those messages are listed. By default, this option can be used only by an
admin user. However, the \queue__list__requires__admin\ option can be set false
to allow any user to see the queue.

Each message on the queue is displayed as in the following example:
.display
25m  2.9K 0t5C6f-0000c8-00 <alice@@wonderland.fict.example>
          red.king@@looking-glass.fict.example
          <<other addresses>>
.endd
.index message||size in queue listing
.index size||of message
The first line contains the length of time the message has been on the queue
(in this case 25 minutes), the size of the message (2.9K), the unique local
identifier for the message, and the message sender, as contained in the
envelope. For bounce messages, the sender address is empty, and appears as
`<>'. If the message was submitted locally by an untrusted user who overrode
the default sender address, the user's login name is shown in parentheses
before the sender address.
.index frozen messages||in queue listing
If the message is frozen (attempts to deliver it are suspended) then the text
`$*$$*$$*$ frozen $*$$*$$*$' is displayed at the end of this line.

The recipients of the message (taken from the envelope, not the headers) are
displayed on subsequent lines. Those addresses to which the message has already
been delivered are marked with the letter D. If an original address gets
expanded into several addresses via an alias or forward file, the original is
displayed with a D only when deliveries for all of its child addresses are
complete.


.option bpa
This option operates like \-bp-\, but in addition it shows delivered addresses
that were generated from the original top level address(es) in each message by
alias or forwarding operations. These addresses are flagged with `+D' instead
of just `D'.


.option bpc
.index queue||count of messages on
This option counts the number of messages on the queue, and writes the total
to the standard output. It is restricted to admin users, unless
\queue__list__requires__admin\ is set false.


.option bpr
This option operates like \-bp-\, but the output is not sorted into
chronological order of message arrival. This can speed it up when there are
lots of messages on the queue, and is particularly useful if the output is
going to be post-processed in a way that doesn't need the sorting.

.option bpra
This option is a combination of \-bpr-\ and \-bpa-\.

.option bpru
This option is a combination of \-bpr-\ and \-bpu-\.


.option bpu
This option operates like \-bp-\ but shows only undelivered top-level addresses
for each message displayed. Addresses generated by aliasing or forwarding are
not shown, unless the message was deferred after processing by a router with
the \one@_time\ option set.


.option brt
.index testing||retry configuration
.index retry||configuration testing
This option is for testing retry rules, and it must be followed by up to three
arguments. It causes Exim to look for a retry rule that matches the values
and to write it to the standard output. For example:
.display asis
exim -brt bach.comp.mus.example
Retry rule: *.comp.mus.example  F,2h,15m; F,4d,30m;
.endd
See chapter ~~CHAPretry for a description of Exim's retry rules. The first
argument, which is required, can be a complete address in the form
\*local@_part@@domain*\, or it can be just a domain name. The second argument is
an optional second domain name; if no retry rule is found for the first
argument, the second is tried. This ties in with Exim's behaviour when looking
for retry rules for remote hosts -- if no rule is found that matches the host,
one that matches the mail domain is sought. The final argument is the name of a
specific delivery error, as used in setting up retry rules, for example
`quota@_3d'.

.option brw
.index testing||rewriting
.index rewriting||testing
This option is for testing address rewriting rules, and it must be followed by
a single argument, consisting of either a local part without a domain, or a
complete address with a fully qualified domain. Exim outputs how this address
would be rewritten for each possible place it might appear. See chapter
~~CHAPrewrite for further details.

.option bS
.index SMTP||batched incoming
.index batched SMTP input
This option is used for batched SMTP input, which is an alternative interface
for non-interactive local message submission. A number of messages can be
submitted in a single run. However, despite its name, this is not really SMTP
input. Exim reads each message's envelope from SMTP commands on the standard
input, but generates no responses. If the caller is trusted, or
\untrusted@_set@_sender\ is set, the senders in the SMTP \\MAIL\\ commands are
believed; otherwise the sender is always the caller of Exim.

The message itself is read from the standard input, in SMTP format (leading
dots doubled), terminated by a line containing just a single dot. An error is
provoked if the terminating dot is missing. A further message may then follow.

As for other local message submissions, the contents of incoming batch SMTP
messages can be checked using the non-SMTP ACL (see chapter ~~CHAPACL).
Unqualified addresses are automatically qualified using \qualify@_domain\ and
\qualify@_recipient\, as appropriate, unless the \-bnq-\ option is used.

Some other SMTP commands are recognized in the input. \\HELO\\ and \\EHLO\\ act
as \\RSET\\; \\VRFY\\, \\EXPN\\, \\ETRN\\, and \\HELP\\ act as \\NOOP\\;
\\QUIT\\ quits, ignoring the rest of the standard input.

If any error is encountered, reports are written to the standard output and
error streams, and Exim gives up immediately.
.index return code||for \-bS-\
The return code is 0 if no error was detected; it is 1 if one or more messages
were accepted before the error was detected; otherwise it is 2.

More details of input using batched SMTP are given in section
~~SECTincomingbatchedSMTP.

.option bs
.index SMTP||local input
.index local SMTP input
This option causes Exim to accept one or more messages by reading SMTP commands
on the standard input, and producing SMTP replies on the standard output. SMTP
policy controls, as defined in ACLs (see chapter ~~CHAPACL) are applied.

Some user agents use this interface as a way of passing locally-generated
messages to the MTA.
.index sender||source of
In this usage, if the caller of Exim is trusted, or \untrusted@_set@_sender\ is
set, the senders of messages are taken from the SMTP \\MAIL\\ commands.
Otherwise the content of these commands is ignored and the sender is set up as
the calling user. Unqualified addresses are automatically qualified using
\qualify@_domain\ and \qualify@_recipient\, as appropriate, unless the \-bnq-\
option is used.

.index inetd
The \-bs-\ option is also used to run Exim from \*inetd*\, as an alternative to
using a listening daemon. Exim can distinguish the two cases by checking
whether the standard input is a TCP/IP socket. When Exim is called from
\*inetd*\, the source of the mail is assumed to be remote, and the comments
above concerning senders and qualification do not apply. In this situation,
Exim behaves in exactly the same way as it does when receiving a message via
the listening daemon.

.option bt
.index testing||addresses
.index address||testing
This option runs Exim in address testing mode, in which each argument is taken
as an address to be tested for deliverability. The results are written to the
standard output.
If a test fails, and the caller is not an admin user, no details of the
failure are output, because these might contain sensitive information such as
usernames and passwords for database lookups.

If no arguments are given, Exim runs in an interactive manner, prompting with a
right angle bracket for addresses to be tested. Each address is handled as if
it were the recipient address of a message (compare the \-bv-\ option). It is
passed to the routers and the result is written to the standard output.
However, any router that has \no@_address@_test\ set is bypassed. This can
make \-bt-\ easier to use for genuine routing tests if your first router passes
everything to a scanner program.

.index return code||for \-bt-\
The return code is 2 if any address failed outright; it is 1 if no address
failed outright but at least one could not be resolved for some reason. Return
code 0 is given only when all addresses succeed.

\**Warning**\: \-bt-\ can only do relatively simple testing. If any of the
routers in the configuration makes any tests on the sender address of a
message,
.index \-f-\ option||for address testing
you can use the \-f-\ option to set an appropriate sender when running
\-bt-\ tests. Without it, the sender is assumed to be the calling user at the
default qualifying domain. However, if you have set up (for example) routers
whose behaviour depends on the contents of an incoming message, you cannot test
those conditions using \-bt-\. The \-N-\ option provides a possible way of
doing such tests.

.option bV
.index version number of Exim, verifying
This option causes Exim to write the current version number, compilation
number, and compilation date of the \*exim*\ binary to the standard output.
It also lists the DBM library this is being used, the optional modules (such as
specific lookup types), the drivers that are included in the binary, and the
name of the run time configuration file that is in use.

.option bv
.index verifying||address, using \-bv-\
.index address||verification
This option runs Exim in address verification mode, in which each argument is
taken as an address to be verified. During normal operation, verification
happens mostly as a consequence processing a \verify\ condition in an ACL (see
chapter ~~CHAPACL). If you want to test an entire ACL, see the \-bh-\ option.

If verification fails, and the caller is not an admin user, no details of the
failure are output, because these might contain sensitive information such as
usernames and passwords for database lookups.

If no arguments are given, Exim runs in an interactive manner, prompting with a
right angle bracket for addresses to be verified. Verification differs from
address testing (the \-bt-\ option) in that routers that have \no@_verify\ set
are skipped, and if the address is accepted by a router that has \fail@_verify\
set, verification fails. The address is verified as a recipient if \-bv-\ is
used; to test verification for a sender address, \-bvs-\ should be used.

If the \-v-\ option is not set, the output consists of a single line for each
address, stating whether it was verified or not, and giving a reason in the
latter case. Otherwise, more details are given of how the address has been
handled, and in the case of address redirection, all the generated addresses
are also considered. Without \-v-\, generating more than one address by
redirection causes verification to end sucessfully.

.index return code||for \-bv-\
The return code is 2 if any address failed outright; it is 1 if no address
failed outright but at least one could not be resolved for some reason. Return
code 0 is given only when all addresses succeed.

If any of the routers in the configuration makes any tests on the sender
address of a message, you should use the \-f-\ option to set an appropriate
sender when running \-bv-\ tests. Without it, the sender is assumed to be the
calling user at the default qualifying domain.

.option bvs
This option acts like \-bv-\, but verifies the address as a sender rather
than a recipient address. This affects any rewriting and qualification that
might happen.

.option C #<<filelist>>
.index configuration file||alternate
.index \\CONFIGURE@_FILE\\
.index alternate configuration file
This option causes Exim to find the run time configuration file from the given
list instead of from the list specified by the \\CONFIGURE@_FILE\\
compile-time setting. Usually, the list will consist of just a single file
name, but it can be a colon-separated list of names. In this case, the first
file that exists is used. Failure to open an existing file stops Exim from
proceeding any further along the list, and an error is generated.

When this option is used by a caller other than root or the Exim user,
and the list is different from the compiled-in list, Exim gives up
its root privilege immediately, and runs with the real and effective uid and
gid set to those of the caller.
However, if \\ALT@_CONFIG@_ROOT@_ONLY\\ is defined in \(Local/Makefile)\, root
privilege is retained for \-C-\ only if the caller of Exim is root.
This option is not set by default.

Setting \\ALT@_CONFIG@_ROOT@_ONLY\\ locks out the possibility of testing a
configuration using \-C-\ right through message reception and delivery, even if
the caller is root. The reception works, but by that time, Exim is running as
the Exim user, so when it re-execs to regain privilege for the delivery, the
use of \-C-\ causes privilege to be lost. However, root can test reception and
delivery using two separate commands (one to put a message on the queue, using
\-odq-\, and another to do the delivery, using \-M-\).

If \\ALT@_CONFIG@_PREFIX\\ is defined \(in Local/Makefile)\, it specifies a
prefix string with which any file named in a \-C-\ command line option
must start. In addition, the file name must not contain the sequence \"/../"\.
However, if the value of the \-C-\ option is identical to the value of
\\CONFIGURE@_FILE\\ in \(Local/Makefile)\, Exim ignores \-C-\ and proceeds as
usual. There is no default setting for \\ALT@_CONFIG@_PREFIX\\; when it is
unset, any file name can be used with \-C-\.

\\ALT@_CONFIG@_PREFIX\\ can be used to confine alternative configuration files
to a directory to which only root has access. This prevents someone who has
broken into the Exim account from running a privileged Exim with an arbitrary
configuration file.

The \-C-\ facility is useful for ensuring that configuration files are
syntactically correct, but cannot be used for test deliveries, unless the
caller is privileged, or unless it is an exotic configuration that does not
require privilege. No check is made on the owner or group of the files
specified by this option.

.option D <<macro>>=<<value>>
.index macro||setting on command line
This option can be used to override macro definitions in the configuration file
(see section ~~SECTmacrodefs). However, like \-C-\, if it is used by an
unprivileged caller, it causes Exim to give up its root privilege.
If \\DISABLE@_D@_OPTION\\ is defined in \(Local/Makefile)\, the use of \-D-\ is
completely disabled, and its use causes an immediate error exit.

The entire option (including equals sign if present) must all be within one
command line item. \-D-\ can be used to set the value of a macro to the empty
string, in which case the equals sign is optional. These two commands are
synonymous:
.display asis
exim -DABC  ...
exim -DABC= ...
.endd
To include spaces in a macro definition item, quotes must be used. If you use
quotes, spaces are permitted around the macro name and the equals sign. For
example:
.display asis
exim '-D ABC = something' ...
.endd
\-D-\ may be repeated up to 10 times on a command line.

.option d <<debug options>>
.index debugging||list of selectors
.index debugging||\-d-\ option
This option causes debugging information to be written to the standard
error stream. It is restricted to admin users because debugging output may show
database queries that contain password information. Also, the details of users'
filter files should be protected. When \-d-\ is used, \-v-\ is assumed. If
\-d-\ is given on its own, a lot of standard debugging data is output. This can
be reduced, or increased to include some more rarely needed information, by
following \-d-\ with a string made up of names preceded by plus or minus
characters. These add or remove sets of debugging data, respectively. For
example, \-d+filter-\ adds filter debugging, whereas \-d-all+filter-\ selects
only filter debugging. The available debugging categories are:
.display flow
.tabs 21
.
. The odd formatting of the lines below is deliberate. It does not affect the
. SGCAL output, but by putting in the space it keeps things aligned in the man
. page that is automatically generated from this text.
.
acl           $t $rm{ACL interpretation}
auth          $t $rm{authenticators}
deliver       $t $rm{general delivery logic}
dns           $t $rm{DNS lookups (see also resolver)}
dnsbl         $t $rm{DNS black list (aka RBL) code}
exec          $t $rm{arguments for \execv@(@)\ calls}
expand        $t $rm{detailed debugging for string expansions}
filter        $t $rm{filter handling}
hints@_lookup  $t $rm{hints data lookups}
host@_lookup   $t $rm{all types of name-to-IP address handling}
ident         $t $rm{ident lookup}
interface     $t $rm{lists of local interfaces}
lists         $t $rm{matching things in lists}
load          $t $rm{system load checks}
local@_scan    $t $rm{can be used by \*local@_scan()*\ (see chapter ~~CHAPlocalscan)}
lookup        $t $rm{general lookup code and all lookups}
memory        $t $rm{memory handling}
pid           $t $rm{add pid to debug output lines}
process@_info  $t $rm{setting info for the process log}
queue@_run     $t $rm{queue runs}
receive       $t $rm{general message reception logic}
resolver      $t $rm{turn on the DNS resolver's debugging output}
retry         $t $rm{retry handling}
rewrite       $t $rm{address rewriting}
route         $t $rm{address routing}
timestamp     $t $rm{add timestamp to debug output lines}
tls           $t $rm{TLS logic}
transport     $t $rm{transports}
uid           $t $rm{changes of uid/gid and looking up uid/gid}
verify        $t $rm{address verification logic}

all           $t $rm{all of the above, and also \-v-\}
.endd
.index resolver, debugging output
.index DNS||resolver, debugging output
The \"resolver"\ option produces output only if the DNS resolver was compiled
with \\DEBUG\\ enabled. This is not the case in some operating systems. Also,
unfortunately, debugging output from the DNS resolver is written to stdout
rather than stderr.

The default (\-d-\ with no argument) omits \"expand"\, \"filter"\,
\"interface"\, \"load"\, \"memory"\, \"pid"\, \"resolver"\, and \"timestamp"\.
However, the \"pid"\ selector is forced when debugging is turned on for a
daemon, which then passes it on to any re-executed Exims. Exim also
automatically adds the pid to debug lines when several remote deliveries are
run in parallel.

The \"timestamp"\ selector causes the current time to be inserted at the start
of all debug output lines. This can be useful when trying to track down delays
in processing.

If the \debug@_print\ option is set in any driver, it produces output whenever
any debugging is selected, or if \-v-\ is used.

.option dropcr
This is an obsolete option that is now a no-op. It used to affect the way Exim
handled CR and LF characters in incoming messages. What happens now is
described in section ~~SECTlineendings.


.option E
.index bounce message||generating
This option specifies that an incoming message is a locally-generated delivery
failure report. It is used internally by Exim when handling delivery failures
and is not intended for external use. Its only effect is to stop Exim
generating certain messages to the postmaster, as otherwise message cascades
could occur in some situations. As part of the same option, a message id may
follow the characters \-E-\. If it does, the log entry for the receipt of the
new message contains the id, following `R=', as a cross-reference.

.option e$it{x}
There are a number of Sendmail options starting with \-oe-\ which seem to be
called by various programs without the leading \o\ in the option. For example,
the \vacation\ program uses \-eq-\. Exim treats all options of the form
\-e$it{x}-\ as synonymous with the corresponding \-oe$it{x}-\ options.

.option F #<<string>>
.index sender||name
.index name||of sender
This option sets the sender's full name for use when a locally-generated
message is being accepted. In the absence of this option, the user's \*gecos*\
entry from the password data is used. As users are generally permitted to alter
their \*gecos*\ entries, no security considerations are involved. White space
between \-F-\ and the <<string>> is optional.

.option f #<<address>>
.index sender||address
.index address||sender
.index trusted user
.index envelope sender
.index user||trusted
This option sets the address of the envelope sender of a locally-generated
message (also known as the return path). The option can normally be used only
by a trusted user, but \untrusted@_set@_sender\ can be set to allow untrusted
users to use it. In the absence of \-f-\, or if the caller is not allowed to
use it, the sender of a local message is set to the caller's login name at the
default qualify domain.

There is one exception to the restriction on the use of \-f-\: an empty sender
can be specified by any user, to create a message that can never provoke a
bounce. An empty sender can be specified either as an empty string, or as a
pair of angle brackets with nothing between them, as in these examples of shell
commands:
.display asis
exim -f '<>' user@domain
exim -f "" user@domain
.endd
In addition, the use of \-f-\ is not restricted when testing a filter file with
\-bf-\ or when testing or verifying addresses using the \-bt-\ or \-bv-\
options.

Allowing untrusted users to change the sender address does not of itself make
it possible to send anonymous mail. Exim still checks that the ::From:: header
refers to the local user, and if it does not, it adds a ::Sender:: header,
though this can be overridden by setting \no@_local@_from@_check\.

.index `From' line
White space between \-f-\ and the <<address>> is optional
(that is, they can be given as two arguments or one combined argument).
The sender of a locally-generated message can also be set (when permitted) by
an initial `From ' line in the message -- see the description of \-bm-\ above
-- but if \-f-\ is also present, it overrides `From'.

.option G
.index Sendmail compatibility||\-G-\ option ignored
This is a Sendmail option which is ignored by Exim.

.option h #<<number>>
.index Sendmail compatibility||\-h-\ option ignored
This option is accepted for compatibility with Sendmail, but has no effect. (In
Sendmail it overrides the `hop count' obtained by counting ::Received::
headers.)

.option i
.index Solaris||\*mail*\ command
.index dot||in incoming, non-SMTP message
This option, which has the same effect as \-oi-\, specifies that a dot on a
line by itself should not terminate an incoming, non-SMTP message. I can find
no documentation for this option in Solaris 2.4 Sendmail, but the \*mailx*\
command in Solaris 2.4 uses it. See also \-ti-\.

.option M #<<message id>>#<<message id>> ...
.index forcing delivery
.index delivery||forcing attempt
.index frozen messages||forcing delivery
This option requests Exim to run a delivery attempt on each message in turn. If
any of the messages are frozen, they are automatically thawed before the
delivery attempt. The settings of \queue@_domains\, \queue@_smtp@_domains\, and
\hold@_domains\ are ignored.
.index hints database||overriding retry hints
Retry hints for any of the addresses are
overridden -- Exim tries to deliver even if the normal retry time has not yet
been reached. This option requires the caller to be an admin user. However,
there is an option called \prod@_requires@_admin\ which can be set false to
relax this restriction (and also the same requirement for the \-q-\, \-R-\, and
\-S-\ options).


.option Mar #<<message id>>#<<address>>#<<address>> ...
.index message||adding recipients
.index recipient||adding
This option requests Exim to add the addresses to the list of recipients of the
message (`ar' for `add recipients'). The first argument must be a message id,
and the remaining ones must be email addresses. However, if the message is
active (in the middle of a delivery attempt), it is not altered. This option
can be used only by an admin user.

.index SMTP||passed connection
.index SMTP||multiple deliveries
.index multiple SMTP deliveries
.option MC #<<transport>>#<<hostname>>#<<sequence number>>#<<message id>>
This option is not intended for use by external callers. It is used internally
by Exim to invoke another instance of itself to deliver a waiting message using
an existing SMTP connection, which is passed as the standard input. Details are
given in chapter ~~CHAPSMTP. This must be the final option, and the caller must
be root or the Exim user in order to use it.

.option MCA
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the \-MC-\ option. It signifies that the connection
to the remote host has been authenticated.

.option MCP
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the \-MC-\ option. It signifies that the server to
which Exim is connected supports pipelining.

.option MCQ #<<process id>> <<pipe fd>>
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the \-MC-\ option when the original delivery was
started by a queue runner. It passes on the process id of the queue runner,
together with the file descriptor number of an open pipe. Closure of the pipe
signals the final completion of the sequence of processes that are passing
messages through the same SMTP connection.

.option MCS
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the \-MC-\ option, and passes on the fact that the
SMTP \\SIZE\\ option should be used on messages delivered down the existing
connection.

.option MCT
This option is not intended for use by external callers. It is used internally
by Exim in conjunction with the \-MC-\ option, and passes on the fact that the
host to which Exim is connected supports TLS encryption.

.option Mc #<<message id>>#<<message id>> ...
.index hints database||not overridden by \-Mc-\
.index delivery||manually started, not forced
This option requests Exim to run a delivery attempt on each message in turn,
but unlike the \-M-\ option, it does check for retry hints, and respects any
that are found. This option is not very useful to external callers. It is
provided mainly for internal use by Exim when it needs to re-invoke itself in
order to regain root privilege for a delivery (see chapter ~~CHAPsecurity).
However, \-Mc-\ can be useful when testing, in order to run a delivery that
respects retry times and other options such as \hold@_domains\ that are
overridden when \-M-\ is used. Such a delivery does not count as a queue run.
If you want to run a specific delivery as if in a queue run, you should use
\-q-\ with a message id argument. A distinction between queue run deliveries
and other deliveries is made in one or two places.

.option Mes #<<message id>>#<<address>>
.index message||changing sender
.index sender||changing
This option requests Exim to change the sender address in the message to the
given address, which must be a fully qualified address or `<>' (`es' for `edit
sender'). There must be exactly two arguments. The first argument must be a
message id, and the second one an email address. However, if the message is
active (in the middle of a delivery attempt), its status is not altered. This
option can be used only by an admin user.

.option Mf #<<message id>>#<<message id>> ...
.index freezing messages
.index message||manually freezing
This option requests Exim to mark each listed message as `frozen'. This
prevents any delivery attempts taking place until the message is `thawed',
either manually or as a result of the \auto@_thaw\ configuration option.
However, if any of the messages are active (in the middle of a delivery
attempt), their status is not altered. This option can be used only by an admin
user.

.option Mg #<<message id>>#<<message id>> ...
.index giving up on messages
.index message||abandoning delivery attempts
.index delivery||abandoning further attempts
This option requests Exim to give up trying to deliver the listed messages,
including any that are frozen. However, if any of the messages are active,
their status is not altered.
For non-bounce messages, a delivery error message is sent to the sender,
containing the text `cancelled by administrator'. Bounce messages are just
discarded.
This option can be used only by an admin user.

.option Mmad #<<message id>>#<<message id>> ...
.index delivery||cancelling all
This option requests Exim to mark all the recipient addresses in the messages
as already delivered (`mad' for `mark all delivered'). However, if any message
is active (in the middle of a delivery attempt), its status is not altered.
This option can be used only by an admin user.

.option Mmd #<<message id>>#<<address>>#<<address>> ...
.index delivery||cancelling by address
.index recipient||removing
.index removing recipients
This option requests Exim to mark the given addresses as already delivered
(`md' for `mark delivered'). The first argument must be a message id, and the
remaining ones must be email addresses. These are matched to recipient
addresses in the message in a case-sensitive manner. If the message is active
(in the middle of a delivery attempt), its status is not altered. This option
can be used only by an admin user.

.option Mrm #<<message id>>#<<message id>> ...
.index removing messages
.index abandoning mail
.index message||manually discarding
This option requests Exim to remove the given messages from the queue. No
bounce messages are sent; each message is simply forgotten. However, if any of
the messages are active, their status is not altered. This option can be used
only by an admin user or by the user who originally caused the message to be
placed on the queue.

.option Mt #<<message id>>#<<message id>> ...
.index thawing messages
.index unfreezing messages
.index frozen messages||thawing
.index message||thawing frozen
This option requests Exim to `thaw' any of the listed messages that are
`frozen', so that delivery attempts can resume. However, if any of the messages
are active, their status is not altered. This option can be used only by an
admin user.

.option Mvb #<<message id>>
.index listing||message body
.index message||listing body of
This option causes the contents of the message body (-D) spool file to be
written to the standard output. This option can be used only by an admin user.

.option Mvh #<<message id>>
.index listing||message headers
.index header lines||listing
.index message||listing header lines
This option causes the contents of the message headers (-H) spool file to be
written to the standard output. This option can be used only by an admin user.

.option Mvl #<<message id>>
.index listing||message log
.index message||listing message log
This option causes the contents of the message log spool file to be written to
the standard output. This option can be used only by an admin user.

.option m
This is apparently a synonym for \-om-\ that is accepted by Sendmail, so Exim
treats it that way too.

.option N
.index debugging||\-N-\ option
.index debugging||suppressing delivery
This is a debugging option that inhibits delivery of a message at the transport
level. It implies \-v-\. Exim goes through many of the motions of delivery --
it just doesn't actually transport the message, but instead behaves as if it
had successfully done so. However, it does not make any updates to the retry
database, and the log entries for deliveries are flagged with `$*$>' rather
than `=>'.

Because \-N-\ discards any message to which it applies, only root or the Exim
user are allowed to use it with \-bd-\, \-q-\, \-R-\ or \-M-\. In other words,
an ordinary user can use it only when supplying an incoming message to which it
will apply. Although transportation never fails when \-N-\ is set, an address
may be deferred because of a configuration problem on a transport, or a routing
problem. Once \-N-\ has been used for a delivery attempt, it sticks to the
message, and applies to any subsequent delivery attempts that may happen for
that message.

.option n
.index Sendmail compatibility||\-n-\ option ignored
This option is interpreted by Sendmail to mean `no aliasing'. It is ignored by
Exim.

.option O #<<data>>
This option is interpreted by Sendmail to mean `set option`. It is ignored by
Exim.

.option oA #<<file name>>
.index Sendmail compatibility||\-oA-\ option
This option is used by Sendmail in conjunction with \-bi-\ to specify an
alternative alias file name. Exim handles \-bi-\ differently; see the
description above.

.index SMTP||passed connection
.option oB #<<n>>
.index SMTP||multiple deliveries
.index multiple SMTP deliveries
This is a debugging option which limits the maximum number of messages that can
be delivered down one SMTP connection, overriding the value set in any \%smtp%\
transport. If <<n>> is omitted, the limit is set to 1.

.option odb
.index background delivery
.index delivery||in the background
This option applies to all modes in which Exim accepts incoming messages,
including the listening daemon. It requests `background' delivery of such
messages, which means that the accepting process automatically starts delivery
process for each message received, but does not wait for the delivery process
to complete. This is the default action if none of the \-od-\ options are
present.

If one of the queueing options in the configuration file
(\queue@_only\ or \queue@_only@_file\, for example) is in effect, \-odb-\
overrides it if \queue@_only@_override\ is set true, which is the default
setting. If \queue@_only@_override\ is set false, \-odb-\ has no effect.

.option odf
.index foreground delivery
.index delivery||in the foreground
This option requests `foreground' (synchronous) delivery when Exim has accepted
a locally-generated message. (For the daemon it is exactly the same as
\-odb-\.) A delivery process is automatically started to deliver the
message, and Exim waits for it to complete before proceeding.
However, like \-odb-\, this option has no effect if \queue@_only@_override\ is
false and one of the queueing options in the configuration file is in effect.

.option odi
This option is synonymous with \-odf-\. It is provided for compatibility with
Sendmail.

.option odq
.index non-immediate delivery
.index delivery||suppressing immediate
.index queueing incoming messages
This option applies to all modes in which Exim accepts incoming messages,
including the listening daemon. It specifies that the accepting process should
not automatically start a delivery process for each message received. Messages
are placed on the queue, and remain there until a subsequent queue runner
process encounters them.
There are several configuration options (such as \queue@_only\) that can be
used to queue incoming messages under certain conditions. This option overrides
all of them and also \-odqs-\. It always forces queueing.

.option odqs
.index SMTP||delaying delivery
This option is a hybrid between \-odb-\/\-odi-\ and \-odq-\.
However, like \-odb-\ and \-odi-\, this option has no effect if
\queue@_only@_override\ is false and one of the queueing options in the
configuration file is in effect.

When \-odqs-\ does operate, a delivery process is started for each incoming
message, in the background by default, but in the foreground if \-odi-\ is also
present.
The recipient addresses are routed, and local deliveries are done in the normal
way. However, if any SMTP deliveries are required, they are not done at this
time, so the message remains on the queue until a subsequent queue runner
process encounters it. Because routing was done, Exim knows which messages are
waiting for which hosts, and so a number of messages for the same host can be
sent in a single SMTP connection. The \queue@_smtp@_domains\ configuration
option has the same effect for specific domains. See also the \-qq-\ option.

.option oee
.index error||reporting
If an error is detected while a non-SMTP message is being received (for
example, a malformed address), the error is reported to the sender in a mail
message.
.index return code||for \-oee-\
Provided this error message is successfully sent, the Exim receiving process
exits with a return code of zero. If not, the return code is 2 if the problem
is that the original message has no recipients, or 1 any other error. This is
the default \-oe$it{x}-\ option if Exim is called as \*rmail*\.

.option oem
.index error||reporting
.index return code||for \-oem-\
This is the same as \-oee-\, except that Exim always exits with a non-zero
return code, whether or not the error message was successfully sent.
This is the default \-oe$it{x}-\ option, unless Exim is called as \*rmail*\.

.option oep
.index error||reporting
If an error is detected while a non-SMTP message is being received, the
error is reported by writing a message to the standard error file (stderr).
.index return code||for \-oep-\
The return code is 1 for all errors.

.option oeq
.index error||reporting
This option is supported for compatibility with Sendmail, but has the same
effect as \-oep-\.

.option oew
.index error||reporting
This option is supported for compatibility with Sendmail, but has the same
effect as \-oem-\.

.option oi
.index dot||in incoming, non-SMTP message
This option, which has the same effect as \-i-\, specifies that a dot on a line
by itself should not terminate an incoming, non-SMTP message.
Otherwise, a single dot does terminate, though Exim does no special processing
for other lines that start with a dot.
This option is set by default if Exim is called as \*rmail*\. See also \-ti-\.

.option oitrue
This option is treated as synonymous with \-oi-\.

.option oMa #<<host address>>
.index sender||host address, specifying for local message
A number of options starting with \-oM-\ can be used to set values associated
with remote hosts on locally-submitted messages (that is, messages not received
over TCP/IP). These options can be used by any caller in conjunction with the
\-bh-\,
\-be-\,
\-bf-\, \-bF-\, \-bt-\, or \-bv-\ testing options. In other circumstances, they
are ignored unless the caller is trusted.

The \-oMa-\ option sets the sender host address. This may include a port number
at the end, after a full stop (period). For example:
.display asis
exim -bs -oMa 10.9.8.7.1234
.endd
An alternative syntax is to enclose the IP address in square brackets, followed
by a colon and the port number:
.display asis
exim -bs -oMa [10.9.8.7]:1234
.endd
The IP address is placed in the \$sender@_host@_address$\ variable, and the
port, if present, in \$sender@_host@_port$\.

.option oMaa #<<name>>
.index authentication||name, specifying for local message
See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMaa-\
option sets the value of \$sender@_host@_authenticated$\ (the authenticator
name). See chapter ~~CHAPSMTPAUTH for a discussion of SMTP authentication.

.option oMai #<<string>>
.index authentication||id, specifying for local message
See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMai-\
option sets the
value of \$authenticated@_id$\ (the id that was authenticated).
This overrides the default value (the caller's login id) for messages from
local sources. See chapter ~~CHAPSMTPAUTH for a discussion of authenticated
ids.

.option oMas #<<address>>
.index authentication||sender, specifying for local message
See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMas-\
option sets the authenticated sender value
in \$authenticated@_sender$\.
It overrides the sender address that is created from the caller's login id for
messages from local sources. See chapter ~~CHAPSMTPAUTH for a discussion of
authenticated senders.

.option oMi #<<interface address>>
.index interface||address, specifying for local message
See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMi-\
option sets the IP interface address value. A port number may be included,
using the same syntax as for \-oMa-\.
The interface address is placed in \$interface@_address$\ and the port number,
if present, in \$interface@_port$\.