(1) Added $host_lookup_deferred.
[exim.git] / doc / doc-src / spec.src
CommitLineData
9cc891cb 1. $Cambridge: exim/doc/doc-src/spec.src,v 1.3 2005/01/14 16:18:57 tom Exp $
495ae4b0 2.
4964e932
PH
3.set version "4.50"
4.set previousversion "4.40"
5.set versionmonth "January"
6.set versionyear "2005"
495ae4b0
PH
7.set ACL "ACL"
8
9. The last of those is to make ACL index entries easier to type. It is put
10. up here so that it gets picked up by the HTML converter, which otherwise
11. skips to the first chapter. A longer version is set below for use in the
12. printed index.
13
14.set sgcal true
15.set html false
16.set texinfo false
17
18.if !set style
19.library "a4ps"
20.linelength ~~sys.linelength + 0.2in
21.set newlinelength ~~sys.linelength
22.emphasis ~~sys.linelength + 0.1in
23.pagedepth ~~sys.pagedepth - 0.2in
24.bindfont 51 "atl/Times-Bold" 9
25.bindfont 52 "atl/Times-Roman" 9
26.bindfont 53 "atl/Times-Roman" 7
27.bindfont 54 "atl/Courier" 9
28.bindfont 55 "atl/Courier-Bold" ~~maintypesize
29.bindfont 56 "atl/Times-Italic" 7
30.bindfont 57 "atl/Times-Bold" 7
31.bindfont 58 "atl/Symbol" 7
32.set ssspaceb 1.50
33
34.if ~~sgcal
35. Used for the "small print" incorporated code stuff. Only rm, it, bf, sp are
36. actually used at present.
37. rm it sl bf bi ss tt sp sc
38.fontgroup 9 = 53 56 0 57 0 0 0 58 0
39.fi
40.fi
41
42.if !~~sys.fancy
43.fontgroup 9 = 0 0 0 0 0 0 0 0 0
44.fi
45
46.include "markup.sg"
47
48.if ~~sys.fancy
49.flag $smc{ "$push$g0$f54"
50.flag $sm{ "$push$g0$f53"
51.flag $smi{ "$push$g0$f56"
52.flag $as{ "$push$g0$f52"
53.flag $ab{ "$push$g0$f51"
54.flag $cb{ "$push$g0$f55"
55.
56.else
57.flag $smc{ "$push"
58.flag $sm{ "$push"
59.flag $smi{ "$push"
60.flag $cb{ "$push"
61.fi
62
63.macro isunderscore "string"
64.set string "~~1"
65.set length length "~~1"
66.undrec 1
67.endm
68
69.macro undrec "offset"
70.if ~~1 > ~~length
71.set underscore false
72.else
73.set sub "~~string"(1,~~1)
74.if "~~sub" == "_"
75.set underscore true
76.else
77.set next ~~1 + 1
78.undrec ~~next
79.fi
80.fi
81.endm
82
83.macro testunderscore "string"
84.isunderscore "~~1"
85.newline
86.endm
87
88.macro tabs 6
89.if ~~sys.fancy
90.tabset ~~1em
91.else
92.set temp (~~1 * 5)/4
93.tabset ~~temp em
94.fi
95.endm
96
97.macro startoptions
98.newline
99.push
100.if ~~sys.fancy
101.indent 6em
102.else
103.indent 7em
104.fi
105.endm
106
107.macro endoptions
108.newline
109.pop
110.endm
111
112.macro option "option" ""
113.newpar
114.index \-~~1-\ option
115.tempindent 0
116\-~~1-\~~2#$i
117.nosep
118.endm
119
120.macro startitems
121.newline
122.push
123.indent 3em
124.endm
125
126.macro enditems
127.newline
128.pop
129.endm
130
131.macro item "item" "6"
132.newpar
133.if ~~sys.leftonpage < ~~2ld
134.newpage
135.fi
136.tempindent 0
137\**~~1**\
138.blank
139.endm
140
141.macro startconf
142.newline
143.push
144.if ~~sys.fancy
145.indent 2em
146.tabset 9em
147.else
148.indent 4em
149.tabset 13em
150.fi
151.endm
152
153.macro endconf
154.newline
155.pop
156.endm
157
158.macro conf "option" "type" "default" "6"
159.newpar
160.if ~~sys.leftonpage < ~~4ld
161.newpage
162.fi
163.testunderscore "~~1"
164.if ~~underscore
165.index \~~1\
166.else
167.index \~~1\ option
168.fi
169.tempindent 0
170\**~~1**\ $c $rm{Type:} $it{~~2} $e $rm{Default:} $it{~~3}
171.blank
172.endm
173
174.set contents true
175.set figurenumber -1
176.set displayindent 2em
177
178.index @$1, @$2, etc. $it{see numerical variables}
179.index address||rewriting $it{see rewriting}
180.index CR character $it{see carriage return}
181.index CRL $it{see certificate revocation list}
182.index delivery||failure report $it{see bounce message}
183.index dialup $it{see intermittently connected hosts}
4964e932 184.index exiscan $it{see content scanning}
495ae4b0
PH
185.index failover $it{see fallback}
186.index fallover $it{see fallback}
187.index filter||Sieve $it{see Sieve filter}
188.index ident $it{see RFC 1413}
189.index LF character $it{see linefeed}
190.index maximum $it{see limit}
191.index NUL $it{see binary zero}
192.index process id $it{see pid}
193.index RBL $it{see DNS list}
194.index redirection $it{see address redirection}
195.index return path||$it{see also envelope sender}
4964e932 196.index scanning $it{see content scanning}
495ae4b0
PH
197.index SSL $it{see TLS}
198.index string||expansion $it{see expansion}
199.index top bit $it{see 8-bit characters}
200.index variables $it{see expansion, variables}
201.index zero, binary $it{see binary zero}
202
203. This is used for the printed index. See setting above for
204. the HTML index value.
205
206.set ACL "access control lists (ACLs)"
207
208. ======================================================
209
210.push
211.disable filling
212.justify centre
213.nofoot
214.space 8ld
215$chead{University of Cambridge Computing Service}
216.space 2ld
217$chead{Specification of the Exim Mail Transfer Agent}
218.space 3ld
219by
220.space 1ld
221Philip Hazel
222.space ~~sys.leftonpage - 15*~~sys.linedepth
223.justify left
224University Computing Service
225New Museums Site
226Pembroke Street
227Cambridge CB2 3QH
228United Kingdom
229.blank
230.tabs 6
231$it{phone:} $t +44 1223 334600
232$it{fax:} $t +44 1223 334679
233$it{email:} $t ph10 $it{at} cus.cam.ac.uk
234.blank
235Edition for Exim ~~version, ~~versionmonth ~~versionyear
236.space 2ld
237.if ~~sgcal
238.fontgroup 1
239.fi
240$c$rm{Copyright (c) University of Cambridge ~~versionyear}
241
242
243.if ~~sgcal
244.fontgroup 0
245.font 0
246.fi
247
248.pop
249.newpage
250
251. Blank verso for title page
252.space 1ld
253.newpage
254
255
256. Set up for actual text pages
257.page 1
258. The first one to prevent a warning from sgfr
259. set runningfoot "~~chapter"
260.set runningfoot ""
261
262.if ~~sys.fancy
263.footdepth 2ld
264.foot
265.if "~~runningfoot" == ""
266.set rhs ""
267.else
268.set rhs "~~runningfoot (~~chapter)"
269.fi
270.set lhs "Exim ~~version"
271.linelength ~~newlinelength
272$it{~~lhs}$c[~~sys.pagenumber]$e$it{~~rhs}
273.endfoot
274.fi
275
276
277
278
279.
280.
281.
282.
283. ============================================================================
284.chapter Introduction
285.set runningfoot "introduction"
286
287.if ~~sys.fancy
288$c$bi{If I have seen further it is by standing on the shoulders of giants.}##(Isaac Newton)
289.elif !~~html
290$c"If I have seen further it is by standing on the shoulders of giants."
291.newline
292$e (Isaac Newton)
293.else
294\*If I have seen further it is by standing on the shoulders of giants.*\
295(Isaac Newton).
296.fi
297.blank 4
298
299Exim is a mail transfer agent (MTA) for hosts that are running Unix or
300Unix-like operating systems. It was designed on the assumption that it would be
301run on hosts that are permanently connected to the Internet. However, it can be
302used on intermittently connected hosts with suitable configuration adjustments.
303
304Configuration files currently exist for the following operating systems: AIX,
305BSD/OS (aka BSDI), Darwin (Mac OS X), DGUX, FreeBSD, GNU/Hurd, GNU/Linux,
306HI-OSF (Hitachi), HP-UX, IRIX, MIPS RISCOS, NetBSD, OpenBSD, QNX, SCO, SCO
307SVR4.2 (aka UNIX-SV), Solaris (aka SunOS5), SunOS4, Tru64-Unix (formerly
4964e932
PH
308Digital UNIX, formerly DEC-OSF1), Ultrix, and Unixware. Some of these operating
309systems are no longer current and cannot easily be tested, so the configuration
310files may no longer work in practice.
495ae4b0
PH
311
312There are also configuration files for compiling Exim in the Cygwin environment
313that can be installed on systems running Windows. However, this document does
314not contain any information about running Exim in the Cygwin environment.
315
316The terms and conditions for the use and distribution of Exim are contained in
317the file \(NOTICE)\. Exim is distributed under the terms of the GNU General
318Public Licence, a copy of which may be found in the file \(LICENCE)\.
319
320The use, supply or promotion of Exim for the purpose of sending bulk,
321unsolicited electronic mail is incompatible with the basic aims of the program,
322which revolve around the free provision of a service that enhances the quality
323of personal communications. The author of Exim regards indiscriminate
324mass-mailing as an antisocial, irresponsible abuse of the Internet.
325
326Exim owes a great deal to Smail 3 and its author, Ron Karr. Without the
327experience of running and working on the Smail 3 code, I could never have
328contemplated starting to write a new MTA. Many of the ideas and user interfaces
329were originally taken from Smail 3, though the actual code of Exim is entirely
330new, and has developed far beyond the initial concept.
331
332Many people, both in Cambridge and around the world, have contributed to the
333development and the testing of Exim, and to porting it to various operating
334systems. I am grateful to them all. The distribution now contains a file called
335\(ACKNOWLEDGMENTS)\, in which I have started recording the names of
336contributors.
337
338.section Exim documentation
339.index documentation
495ae4b0
PH
340This edition of the Exim specification applies to version ~~version of Exim.
341Substantive changes from the ~~previousversion edition are marked by bars in
342the right-hand margin in the PostScript, PDF, and plain text versions of the
343document, and by green text in the HTML version, as shown by this paragraph.
344Changes are not marked in the Texinfo version, because Texinfo doesn't support
345change bars. Minor corrections and rewordings are not marked.
495ae4b0
PH
346
347This document is very much a reference manual; it is not a tutorial. The reader
348is expected to have some familiarity with the SMTP mail transfer protocol and
349with general Unix system administration. Although there are some discussions
350and examples in places, the information is mostly organized in a way that makes
351it easy to look up, rather than in a natural order for sequential reading.
352Furthermore, the manual aims to cover every aspect of Exim in detail, including
353a number of rarely-used, special-purpose features that are unlikely to be of
354very wide interest.
355
356.index books about Exim
357An `easier' discussion of Exim which provides more in-depth explanatory,
358introductory, and tutorial material can be found in a book entitled
359.if ~~html
360[(A HREF="http://www.uit.co.uk/exim-book/")]
361$it{The Exim SMTP Mail Server},
362[(/A)]
4964e932 363published by UIT Cambridge.
495ae4b0
PH
364.else
365$it{The Exim SMTP Mail Server}, published by UIT Cambridge
366(\?http://www.uit.co.uk/exim-book/?\).
367.fi
368
369This book also contains a chapter that gives a general introduction to SMTP and
370Internet mail. Inevitably, however, the book is unlikely to be fully up-to-date
371with the latest release of Exim. (Note that the earlier book about Exim,
372published by O'Reilly, covers Exim 3, and many things have changed in Exim 4.)
373
374.index \(doc/NewStuff)\
375.index \(doc/ChangeLog)\
376.index change log
377As the program develops, there may be features in newer versions that have not
378yet made it into this document, which is updated only when the most significant
379digit of the fractional part of the version number changes. However,
380specifications of new features that are not yet in this manual are placed in
381the file \(doc/NewStuff)\ in the Exim distribution. All changes to the program
382(whether new features, bug fixes, or other kinds of change) are noted briefly
383in the file called \(doc/ChangeLog)\.
384
385.index \(doc/spec.txt)\
386This specification itself is available as an ASCII file in \(doc/spec.txt)\ so
387that it can easily be searched with a text editor. Other files in the \(doc)\
388directory are:
389.display rm
390.tabs 18
391\(OptionLists.txt)\ $t $rm{list of all options in alphabetical order}
392\(dbm.discuss.txt)\ $t $rm{discussion about DBM libraries}
393\(exim.8)\ $t $rm{a man page of Exim's command line options}
394\(filter.txt)\ $t $rm{specification of the filter language}
395\(pcrepattern.txt)\ $t $rm{specification of PCRE regular expressions}
396\(pcretest.txt)\ $t $rm{specification of the PCRE testing program}
397\(Exim3.upgrade)\ $t $rm{upgrade notes from release 2 to release 3}
398\(Exim4.upgrade)\ $t $rm{upgrade notes from release 3 to release 4}
399.endd
400The main specification and the specification of the filtering language are also
401available in other formats (HTML, PostScript, PDF, and Texinfo). Section
402~~SECTavail below tells you how to get hold of these.
403
404
405.section FTP and web sites, and mailing list
406.index web site
407.index FTP site
4964e932 408The primary distribution site for Exim is an FTP site, whose contents are
495ae4b0
PH
409described in \*Where to find the Exim distribution*\ below. In addition,
410there is a web site at \?http://www.exim.org?\ by courtesy of Energis Squared,
411formerly Planet Online Ltd, who are situated in the UK. The site is mirrored in
412a number of other countries; links to the mirrors are listed on the home page.
413The web site contains the Exim distribution, and you can also find the
414documentation and the
415.index FAQ
416.if ~~html
417[(A HREF="FAQ.html")]
418.fi
419FAQ
420.if ~~html
421[(/A)]
422.fi
423online there, as well as other relevant material.
424
425.index mailing lists||for Exim users
426Energis Squared also provide resources for the following mailing lists:
427.display rm
428.tabs 28
429$it{exim-users@@exim.org} $t general discussion list
430$it{exim-announce@@exim.org} $t moderated, low volume announcements list
431.endd
432You can subscribe to these lists, change your existing subscriptions, and view
433or search the archives via the
434.if ~~html
435[(A HREF="http://www.exim.org/maillist.html")]
436.fi
437mailing lists
438.if ~~html
439[(/A)]
440.fi
441link on the Exim home page. The $it{exim-users} mailing list is also forwarded
442to \?http://www.egroups.com/list/exim-users?\, an archiving system with
443searching capabilities.
444
445.section Exim training
446.index training courses
447From time to time (approximately annually at the time of writing),
448lecture-based training courses are run by the author of Exim in Cambridge, UK.
449Details can be found on the web site
450.if ~~html
451[(A HREF="http://www-tus.csx.cam.ac.uk/courses/exim/")]
452.fi
453\?http://www-tus@.csx@.cam@.ac.uk/courses/exim/?\.
454.if ~~html
455[(/A)]
456.fi
457
458.section Bug reports
459.index bug reports
460.index reporting bugs
461Reports of obvious bugs should be emailed to \*bugs@@exim.org*\. However, if
462you are unsure whether some behaviour is a bug or not, the best thing to do is
463to post a message to the $it{exim-users} mailing list and have it discussed.
464
465
466.section Where to find the Exim distribution
467.rset SECTavail "~~chapter.~~section"
468.index FTP site
469.index distribution||ftp site
470The master ftp site for the Exim distribution is
471.display rm
472.if ! ~~sys.fancy
473.indent 0
474.fi
475\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim?\
476.endd
477Within that directory there are subdirectories called \(exim3)\ (for previous
478Exim 3 distributions), \(exim4)\ (for the latest Exim 4 distributions), and
479\(Testing)\ for occasional testing versions. Those mirror sites that I know
480about are listed in the file
481.display rm
482.if ! ~~sys.fancy
483.indent 0
484.fi
485\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Mirrors?\
486.endd
487In the \(exim4)\ subdirectory, the current release can always be found in
488files called
489.display rm
490\(exim-$it{n.nn}.tar.gz)\
491\(exim-$it{n.nn}.tar.bz2)\
492.endd
493where $it{n.nn} is the highest such version number in the directory. The two
494files contain identical data; the only difference is the type of compression.
495The \(.bz2)\ file is usually a lot smaller than the \(.gz)\ file.
496.index distribution||signing details
497.index distribution||public key
498.index public key for signed distribution
499The distributions are signed with Philip Hazel's GPG key.
500The corresponding public key is available from a number of keyservers, and
501there is also a copy in the file:
502.display rm
503.if ! ~~sys.fancy
504.indent 0
505.fi
506\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Public-Key?\
507.endd
508The signatures for the tar bundles are in:
509.display rm
510\(exim-$it{n.nn}.tar.gz.sig)\
511\(exim-$it{n.nn}.tar.bz2.sig)\
512.endd
513
514When there is only a small amount of change from one release to the next, a
515patch file may be provided, with a final component name of the form
516.display rm
517\(exim-patch-$it{n.nn}-$it{m.mm}.gz)\
518.endd
519For each released version, the log of changes is made separately available in
520the directory
521.display rm
522\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/ChangeLogs?\
523.endd
524so that it is possible to find out what has changed without having to download
525the entire distribution.
526
527.index documentation||available formats
528The main distribution contains ASCII versions of this specification and other
529documentation; other formats of the documents are available in separate files
530inside the \(exim4)\ directory of the FTP site:
531.display rm
532\(exim-html-$it{n.nn}.tar.gz)\
533\(exim-pdf-$it{n.nn}.tar.gz)\
534\(exim-postscript-$it{n.nn}.tar.gz)\
535\(exim-texinfo-$it{n.nn}.tar.gz)\
536.endd
537These tar files contain only the \(doc)\ directory, not the complete
538distribution, and are also available in \(.bz2)\ as well as \(.gz)\ forms.
539
540.index FAQ
541The FAQ is available for downloading in two different formats from
542.display rm
543.if ! ~~sys.fancy
544.indent 0
545.fi
546\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/FAQ.txt.gz?\
547\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/FAQ.html.tar.gz?\
548.endd
549The first of these is a single ASCII file that can be searched with a text
550editor. The second is a directory of HTML files, normally accessed by starting
551at \(index.html)\. The HTML version of the FAQ (which is also included in the
552HTML documentation tarbundle) includes a keyword-in-context index, which is
553often the most convenient way of finding your way around.
554
555.section Wish list
556.index wish list
557A wish list is maintained, containing ideas for new features that have been
558submitted. From time to time the file is exported to the ftp site:
559.display rm
560\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/WishList?\
561.endd
562Items are removed from the list if they get implemented.
563
564
565.section Contributed material
566.index contributed material
567At the ftp site, there is a directory called
568.display rm
569.if ! ~~sys.fancy
570.indent 0
571.fi
572\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/Contrib/?\
573.endd
574which contains miscellaneous files contributed to the Exim community by Exim
575users. There is also a collection of contributed configuration examples in
576.display rm
577.if ! ~~sys.fancy
578.indent 0
579.fi
580\?ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim4/config.samples.tar.gz?\
581.endd
582These samples are referenced from the FAQ.
583
584
585.section Limitations
586.index limitations of Exim
587.numberpars $.
588Exim is designed for use as an Internet MTA, and therefore handles addresses
589in RFC 2822 domain format only.
590.index bang paths||not handled by Exim
591It cannot handle UUCP `bang paths', though simple two-component bang paths can
592be converted by a straightforward rewriting configuration. This restriction
593does not prevent Exim from being interfaced to UUCP as a transport mechanism,
594provided that domain addresses are used.
595.nextp
596.index domainless addresses
597.index address||without domain
598Exim insists that every address it handles has a domain attached. For incoming
599local messages, domainless addresses are automatically qualified with a
600configured domain value. Configuration options specify from which remote
601systems unqualified addresses are acceptable. These are then qualified on
602arrival.
603.nextp
604.index transport||external
605.index external transports
606The only external transport currently implemented is an SMTP transport over a
607TCP/IP network (using sockets, including support for IPv6). However, a pipe
608transport is available, and there are facilities for writing messages to files
609and pipes, optionally in \*batched SMTP*\ format; these facilities can be used
610to send messages to some other transport mechanism such as UUCP, provided it
611can handle domain-style addresses. Batched SMTP input is also catered for.
612.nextp
613Exim is not designed for storing mail for dial-in hosts. When the volumes of
614such mail are large, it is better to get the messages `delivered' into files
615(that is, off Exim's queue) and subsequently passed on to the dial-in hosts by
616other means.
617.nextp
4964e932
PH
618Although Exim does have some facilities for scanning incoming messages, these
619are not comprehensive enough to do full virus or spam scanning. Such operations
495ae4b0
PH
620are best carried out using additional specialized software packages.
621.endp
622
623
624
625.section Run time configuration
626Exim's run time configuration is held in a single text file that is divided
627into a number of sections. The entries in this file consist of keywords and
628values, in the style of Smail 3 configuration files. A default configuration
629file which is suitable for simple online installations is provided in the
630distribution, and is described in chapter ~~CHAPdefconfil below.
631
632
633.section Calling interface
634.index Sendmail compatibility||command line interface
635Like many MTAs, Exim has adopted the Sendmail command line interface so that it
636can be a straight replacement for \(/usr/lib/sendmail)\ or
637\(/usr/sbin/sendmail)\ when sending mail, but you do not need to know anything
638about Sendmail in order to run Exim. For actions other than sending messages,
639Sendmail-compatible options also exist, but those that produce output (for
640example, \-bp-\, which lists the messages on the queue) do so in Exim's own
641format. There are also some additional options that are compatible with Smail
6423, and some further options that are new to Exim. Chapter ~~CHAPcommandline
643documents all Exim's command line options. This information is automatically
644made into the man page that forms part of the Exim distribution.
645
646Control of messages on the queue can be done via certain privileged command
647line options. There is also an optional monitor program called \*eximon*\, which
648displays current information in an X window, and which contains a menu
649interface to Exim's command line administration options.
650
651
652.section Terminology
653.index terminology definitions
654.index body of message||definition of
655The \*body*\ of a message is the actual data that the sender wants to transmit.
656It is the last part of a message, and is separated from the \*header*\ (see
657below) by a blank line.
658
659.index bounce message||definition of
660When a message cannot be delivered, it is normally returned to the sender in a
661delivery failure message. The term \*bounce*\ is commonly used for this action,
662and the error reports are often called \*bounce messages*\. This is a
663convenient shorthand for `delivery failure error report'. Such messages have an
664empty sender address in the message's \*envelope*\ (see below) to ensure that
665they cannot themselves give rise to further bounce messages.
666
667The term \*default*\ appears frequently in this manual. It is used to qualify a
668value which is used in the absence of any setting in the configuration. It may
669also qualify an action which is taken unless a configuration setting specifies
670otherwise.
671
672The term \*defer*\ is used when the delivery of a message to a specific
673destination cannot immediately take place for some reason (a remote host may be
674down, or a user's local mailbox may be full). Such deliveries are \*deferred*\
675until a later time.
676
677The word \*domain*\ is sometimes used to mean all but the first component of a
678host's name. It is $it{not} used in that sense here, where it normally
679refers to the part of an email address following the @@ sign.
680
681.index envelope, definition of
682.index sender||definition of
683A message in transit has an associated \*envelope*\, as well as a header and a
684body. The envelope contains a sender address (to which bounce messages should
685be delivered), and any number of recipient addresses. References to the
686sender or the recipients of a message usually mean the addresses in the
687envelope. An MTA uses these addresses for delivery, and for returning bounce
688messages, not the addresses that appear in the header lines.
689
690.index message||header, definition of
691.index header section||definition of
692The \*header*\ of a message is the first part of a message's text, consisting
693of a number of lines, each of which has a name such as ::From::, ::To::,
694::Subject::, etc. Long header lines can be split over several text lines by
695indenting the continuations. The header is separated from the body by a blank
696line.
697
698.index local part||definition of
699.index domain||definition of
700The term \*local part*\, which is taken from RFC 2822, is used to refer to that
701part of an email address that precedes the @@ sign. The part that follows the
702@@ sign is called the \*domain*\ or \*mail domain*\.
703
704.index local delivery||definition of
705.index remote delivery, definition of
706The terms \*local delivery*\ and \*remote delivery*\ are used to distinguish
707delivery to a file or a pipe on the local host from delivery by SMTP over
708TCP/IP to a remote host.
709
710.index return path||definition of
711\*Return path*\ is another name that is used for the sender address in a
712message's envelope.
713
714.index queue||definition of
715The term \*queue*\ is used to refer to the set of messages awaiting delivery,
716because this term is in widespread use in the context of MTAs. However, in
717Exim's case the reality is more like a pool than a queue, because there is
718normally no ordering of waiting messages.
719
720.index queue runner||definition of
721The term \*queue runner*\ is used to describe a process that scans the queue
722and attempts to deliver those messages whose retry times have come. This term
723is used by other MTAs, and also relates to the command \runq\, but in Exim
724the waiting messages are normally processed in an unpredictable order.
725
726.index spool directory||definition of
727The term \*spool directory*\ is used for a directory in which Exim keeps the
728messages on its queue -- that is, those that it is in the process of
729delivering. This should not be confused with the directory in which local
730mailboxes are stored, which is called a `spool directory' by some people. In
731the Exim documentation, `spool' is always used in the first sense.
732
733
734
735.
736.
737.
738.
739. ============================================================================
740.chapter Incorporated code
741.set runningfoot "incorporated code"
742.index incorporated code
743.index regular expressions||library
744.index PCRE
745A number of pieces of external code are included in the Exim distribution.
746.numberpars $.
747Regular expressions are supported in the main Exim program and in the Exim
748monitor using the freely-distributable PCRE library, copyright (c) 2003
749University of Cambridge. The source is distributed in the directory
750\(src/pcre)\. However, this is a cut-down version of PCRE. If you want to use
751the PCRE library in other programs, you should obtain and install the full
752version from \?ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre?\.
753
754.space 1ld
755.nextp
756.index cdb||acknowledgement
757Support for the cdb (Constant DataBase) lookup method is provided by code
758contributed by Nigel Metheringham of Planet Online Ltd. which contains the
759following statements:
760.rule
761.push
762.if ~~sgcal
763.fontgroup 9
764.font 0
765.fi
766Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd
767
768This program is free software; you can redistribute it and/or modify it under
769the terms of the GNU General Public License as published by the Free Software
770Foundation; either version 2 of the License, or (at your option) any later
771version.
772
773This code implements Dan Bernstein's Constant DataBase (cdb) spec. Information,
774the spec and sample code for cdb can be obtained from
775\?http://www.pobox.com/@~djb/cdb.html?\. This implementation borrows some code
776from Dan Bernstein's implementation (which has no license restrictions applied
777to it).
778.newline
779.pop
780.rule
781The implementation is completely contained within the code of Exim.
782It does not link against an external cdb library.
783.space 1ld
784.nextp
785.index SPA authentication
786.index Samba project
787.index Microsoft Secure Password Authentication
788Client support for Microsoft's \*Secure Password Authentication*\ is provided
4964e932 789by code contributed by Marc Prud'hommeaux. Server support was contributed by
495ae4b0
PH
790Tom Kistner. This includes code taken from the Samba project, which is released
791under the Gnu GPL.
792
793.space 1ld
794.nextp
795.index Cyrus
796.index \*pwcheck*\ daemon
797.index \*pwauthd*\ daemon
798Support for calling the Cyrus \*pwcheck*\ and \*saslauthd*\ daemons is provided
799by code taken from the Cyrus-SASL library and adapted by Alexander S.
800Sabourenkov. The permission notice appears below, in accordance with the
801conditions expressed therein.
802
803.rule
804.push
805.if ~~sgcal
806.fontgroup 9
807.font 0
808.fi
809Copyright (c) 2001 Carnegie Mellon University. All rights reserved.
810
811Redistribution and use in source and binary forms, with or without
812modification, are permitted provided that the following conditions
813are met:
814
815.if ~~sgcal
816.cancelflag $npbracket
817.flag $npbracket "" "."
818.fi
819.numberpars
820Redistributions of source code must retain the above copyright
821notice, this list of conditions and the following disclaimer.
822.nextp
823Redistributions in binary form must reproduce the above copyright
824notice, this list of conditions and the following disclaimer in
825the documentation and/or other materials provided with the
826distribution.
827.nextp
828The name `Carnegie Mellon University' must not be used to
829endorse or promote products derived from this software without
830prior written permission. For permission or any other legal
831details, please contact
832.display rm
833Office of Technology Transfer
834Carnegie Mellon University
8355000 Forbes Avenue
836Pittsburgh, PA 15213-3890
837(412) 268-4387, fax: (412) 268-7395
838tech-transfer@@andrew.cmu.edu
839.endd
840.nextp
841Redistributions of any form whatsoever must retain the following
842acknowledgment:
843.newline
844.push
845.indent ~~sys.indent + 3em
846.justify left
847$it{This product includes software developed by Computing Services
848at Carnegie Mellon University (\?http://www.cmu.edu/computing/?\).}
849.newline
850.pop
4964e932 851.endp
495ae4b0
PH
852.if ~~sgcal
853.cancelflag $npbracket
854.flag $npbracket "(" ")"
855.fi
856
857CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
858THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
859AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
860FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
861WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
862AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
863OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
864.newline
865.pop
866.rule
867
868.space 1ld
869.nextp
870.index monitor
871.index X-windows
872.index Athena
873The Exim Monitor program, which is an X-Window application, includes
874modified versions of the Athena StripChart and TextPop widgets.
875This code is copyright by DEC and MIT, and their permission notice appears
876below, in accordance with the conditions expressed therein.
877
878.rule
879.push
880.if ~~sgcal
881.fontgroup 9
882.font 0
883.fi
884Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts,
885and the Massachusetts Institute of Technology, Cambridge, Massachusetts.
886.blank
887$c All Rights Reserved
888.blank
889Permission to use, copy, modify, and distribute this software and its
890documentation for any purpose and without fee is hereby granted,
891provided that the above copyright notice appear in all copies and that
892both that copyright notice and this permission notice appear in
893supporting documentation, and that the names of Digital or MIT not be
894used in advertising or publicity pertaining to distribution of the
895software without specific, written prior permission.
896
897DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
898ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
899DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
900ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
901WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
902ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
903SOFTWARE.
904.newline
905.pop
906.rule
907.endp
908
909
910
911.
912.
913.
914.
915. ============================================================================
916.chapter How Exim receives and delivers mail
917.set runningfoot "receiving & delivering mail"
918
919.section Overall philosophy
920.index design philosophy
921Exim is designed to work efficiently on systems that are permanently connected
922to the Internet and are handling a general mix of mail. In such circumstances,
923most messages can be delivered immediately. Consequently, Exim does not
924maintain independent queues of messages for specific domains or hosts, though
925it does try to send several messages in a single SMTP connection after a host
926has been down, and it also maintains per-host retry information.
927
928
929.section Policy control
930.index policy control||overview
931Policy controls are now an important feature of MTAs that are connected to the
932Internet. Perhaps their most important job is to stop MTAs being abused as
933`open relays' by misguided individuals who send out vast amounts of unsolicited
934junk, and want to disguise its source. Exim provides flexible facilities for
935specifying policy controls on incoming mail:
936.numberpars $.
937.index ~~ACL||introduction
938Exim 4 (unlike previous versions of Exim) implements policy controls on
939incoming SMTP mail by means of \*Access Control Lists*\ (ACLs). Each list is a
940series of statements that may either grant or deny access. ACLs can be used at
941several places in the SMTP dialogue while receiving a message. However, the
942most common places are after each \\RCPT\\ command, and at the very end of the
943message. The sysadmin can specify conditions for accepting or rejecting
944individual recipients or the entire message, respectively, at these two points
945(see chapter ~~CHAPACL). Denial of access results in an SMTP error code.
946.nextp
4964e932 947An ACL is also available for locally generated, non-SMTP messages. In this
495ae4b0
PH
948case, the only available actions are to accept or deny the entire message.
949.nextp
950When a message has been received, either from a remote host or from the local
951host, but before the final acknowledgement has been sent, a locally supplied C
952function called \*local@_scan()*\ can be run to inspect the message and decide
953whether to accept it or not (see chapter ~~CHAPlocalscan). If the message is
954accepted, the list of recipients can be modified by the function.
955.nextp
956After a message has been accepted, a further checking mechanism is available in
957the form of the $it{system filter} (see chapter ~~CHAPsystemfilter). This runs
958at the start of every delivery process.
959.endp
960
961.section User filters
962.index filter||introduction
963.index Sieve filter
4964e932
PH
964In a conventional Exim configuration, users are able to run private filters by
965setting up appropriate \(.forward)\ files in their home directories. See
966chapter ~~CHAPredirect (about the \%redirect%\ router) for the configuration
967needed to support this, and the separate document entitled
495ae4b0
PH
968.if ~~html
969[(A HREF="filter_toc.html")]
970.fi
971\*Exim's interfaces to mail filtering*\
972.if ~~html
973[(/A)]
974.fi
975for user details. Two different kinds of filtering are available:
976.numberpars $.
4964e932 977Sieve filters are written in the standard filtering language that is defined by
495ae4b0
PH
978RFC 3028.
979.nextp
4964e932 980Exim filters are written in a syntax that is unique to Exim, but which is more
495ae4b0
PH
981powerful than Sieve, which it pre-dates.
982.endp
983User filters are run as part of the routing process, described below.
984
985
986.section Message identification
987.rset SECTmessiden "~~chapter.~~section"
988.index message||ids, details of format
989.index format||of message id
990.index id of message
991.index base62
992.index base36
993.index Darwin
994.index Cygwin
995Every message handled by Exim is given a \*message id*\ which is sixteen
996characters long. It is divided into three parts, separated by hyphens, for
997example \"16VDhn-0001bo-D3"\. Each part is a sequence of letters and digits,
998normally encoding numbers in base 62. However, in the Darwin operating
4964e932
PH
999system (Mac OS X) and when Exim is compiled to run under Cygwin, base 36
1000(avoiding the use of lower case letters) is used instead, because the message
495ae4b0
PH
1001id is used to construct file names, and the names of files in those systems are
1002not case-sensitive.
1003
1004.index pid (process id)||re-use of
1005The detail of the contents of the message id have changed as Exim has evolved.
1006Earlier versions relied on the operating system not re-using a process id (pid)
1007within one second. On modern operating systems, this assumption can no longer
4964e932
PH
1008be made, so the algorithm had to be changed. To retain backward compatibility,
1009the format of the message id was retained, which is why the following rules are
495ae4b0
PH
1010somewhat eccentric:
1011.numberpars $.
1012The first six characters of the message id are the time at which the message
1013started to be received, to a granularity of one second. That is, this field
1014contains the number of seconds since the start of the epoch (the normal Unix
1015way of representing the date and time of day).
1016.nextp
1017After the first hyphen, the next six characters are the id of the process that
1018received the message.
1019.nextp
1020There are two different possibilities for the final two characters:
1021.numberpars alpha
1022.index \localhost@_number\
1023If \localhost@_number\ is not set, this value is the fractional part of the
1024time of reception, normally in units of 1/2000 of a second, but for systems
1025that must use base 36 instead of base 62 (because of case-insensitive file
1026systems), the units are 1/1000 of a second.
1027.nextp
1028If \localhost@_number\ is set, it is multiplied by 200 (100) and added to
1029the fractional part of the time, which in this case is in units of 1/200
1030(1/100) of a second.
1031.endp
1032.endp
1033After a message has been received, Exim waits for the clock to tick at the
1034appropriate resolution before proceeding, so that if another message is
1035received by the same process, or by another process with the same (re-used)
1036pid, it is guaranteed that the time will be different. In most cases, the clock
1037will already have ticked while the message was being received.
1038
1039.section Receiving mail
1040.index receiving mail
1041.index message||reception
1042The only way Exim can receive mail from a remote host is using SMTP over
1043TCP/IP, in which case the sender and recipient addresses are tranferred using
1044SMTP commands. However, from a locally running process (such as a user's MUA),
1045there are several possibilities:
1046.numberpars $.
1047If the process runs Exim with the \-bm-\ option, the message is read
1048non-interactively (usually via a pipe), with the recipients taken from the
1049command line, or from the body of the message if \-t-\ is also used.
1050.nextp
1051If the process runs Exim with the \-bS-\ option, the message is also read
1052non-interactively, but in this case the recipients are listed at the start of
1053the message in a series of SMTP \\RCPT\\ commands, terminated by a \\DATA\\
1054command. This is so-called `batch SMTP' format,
1055but it isn't really SMTP. The SMTP commands are just another way of passing
1056envelope addresses in a non-interactive submission.
1057.nextp
1058If the process runs Exim with the \-bs-\ option, the message is read
1059interactively, using the SMTP protocol. A two-way pipe is normally used for
1060passing data between the local process and the Exim process.
1061This is `real' SMTP and is handled in the same way as SMTP over TCP/IP. For
1062example, the ACLs for SMTP commands are used for this form of submission.
1063.nextp
1064A local process may also make a TCP/IP call to the host's loopback address
1065(127.0.0.1) or any other of its IP addresses. When receiving messages, Exim
1066does not treat the loopback address specially. It treats all such connections
1067in the same way as connections from other hosts.
1068.endp
1069
1070.index message||sender, constructed by Exim
1071.index sender||constructed by Exim
1072In the three cases that do not involve TCP/IP, the sender address is
1073constructed from the login name of the user that called Exim and a default
1074qualification domain (which can be set by the \qualify@_domain\ configuration
1075option). For local or batch SMTP, a sender address that is passed using the
1076SMTP \\MAIL\\ command is ignored. However, the system administrator may allow
1077certain users (`trusted users') to specify a different sender address
1078unconditionally, or all users to specify certain forms of different sender
1079address. The \-f-\ option or the SMTP \\MAIL\\ command is used to specify these
1080different addresses. See section ~~SECTtrustedadmin for details of trusted
1081users, and the \untrusted@_set@_sender\ option for a way of allowing untrusted
1082users to change sender addresses.
1083
4964e932
PH
1084Messages received by either of the non-interactive mechanisms are subject to
1085checking by the non-SMTP ACL, if one is defined. Messages received using SMTP
1086(either over TCP/IP, or interacting with a local process) can be checked by a
1087number of ACLs that operate at different times during the SMTP session. Either
1088individual recipients, or the entire message, can be rejected if local policy
495ae4b0
PH
1089requirements are not met. The \*local@_scan()*\ function (see chapter
1090~~CHAPlocalscan) is run for all incoming messages.
1091
1092Exim can be configured not to start a delivery process when a message is
1093received; this can be unconditional, or depend on the number of incoming SMTP
1094connections or the system load. In these situations, new messages wait on the
1095queue until a queue runner process picks them up. However, in standard
1096configurations under normal conditions, delivery is started as soon as a
1097message is received.
1098
1099
1100
1101
1102.section Handling an incoming message
1103.index spool directory||files that hold a message
1104.index file||how a message is held
1105When Exim accepts a message, it writes two files in its spool directory. The
1106first contains the envelope information, the current status of the message,
1107and the header lines, and the second contains the body of the message. The
1108names of the two spool files consist of the message id, followed by $tt{-H} for
1109the file containing the envelope and header, and $tt{-D} for the data file.
1110
1111.index spool directory||\(input)\ sub-directory
1112By default all these message files are held in a single directory called
1113\(input)\ inside the general Exim spool directory. Some operating systems do
1114not perform very well if the number of files in a directory gets very large; to
1115improve performance in such cases, the \split@_spool@_directory\ option can be
1116used. This causes Exim to split up the input files into 62 sub-directories
1117whose names are single letters or digits.
1118
1119The envelope information consists of the address of the message's sender and
1120the addresses of the recipients. This information is entirely separate from
1121any addresses contained in the header lines. The status of the message includes
1122a list of recipients who have already received the message. The format of the
1123first spool file is described in chapter ~~CHAPspool.
1124
1125.index rewriting||addresses
1126Address rewriting that is specified in the rewrite section of the configuration
1127(see chapter ~~CHAPrewrite) is done once and for all on incoming addresses,
1128both in the header lines and the envelope, at the time the message is accepted.
1129If during the course of delivery additional addresses are generated (for
1130example, via aliasing), these new addresses are rewritten as soon as they are
1131generated. At the time a message is actually delivered (transported) further
1132rewriting can take place; because this is a transport option, it can be
1133different for different forms of delivery. It is also possible to specify the
1134addition or removal of certain header lines at the time the message is
1135delivered (see chapters ~~CHAProutergeneric and ~~CHAPtransportgeneric).
1136
1137
1138.section Life of a message
1139.index message||life of
1140.index message||frozen
1141A message remains in the spool directory until it is completely delivered to
1142its recipients or to an error address, or until it is deleted by an
1143administrator or by the user who originally created it. In cases when delivery
1144cannot proceed -- for example, when a message can neither be delivered to its
1145recipients nor returned to its sender, the message is marked `frozen' on the
1146spool, and no more deliveries are attempted.
1147
1148.index frozen messages||thawing
1149.index message||thawing frozen
1150An administrator can `thaw' such messages when the problem has been corrected,
1151and can also freeze individual messages by hand if necessary. In addition, an
1152administrator can force a delivery error, causing a bounce message to be sent.
1153
1154.index \auto@_thaw\
1155There is an option called \auto@_thaw\, which can be used to cause Exim to
1156retry frozen messages after a certain time. When this is set, no message will
1157remain on the queue for ever, because the delivery timeout will eventually be
1158reached. Delivery failure reports (bounce messages) that reach this timeout are
1159discarded.
1160.index \timeout@_frozen@_after\
1161There is also an option called \timeout@_frozen@_after\, which discards frozen
1162messages after a certain time.
1163
1164.index message||log file for
1165.index log||file for each message
1166While Exim is working on a message, it writes information about each delivery
1167attempt to the main log file. This includes successful, unsuccessful, and
1168delayed deliveries for each recipient (see chapter ~~CHAPlog). The log lines
1169are also written to a separate $it{message log} file for each message. These
1170logs are solely for the benefit of the administrator, and are normally deleted
1171along with the spool files when processing of a message is complete.
4964e932 1172The use of individual message logs can be disabled by setting
495ae4b0
PH
1173\no@_message@_logs\; this might give an improvement in performance on very
1174busy systems.
1175
1176.index journal file
1177.index file||journal
1178All the information Exim itself needs to set up a delivery is kept in the first
1179spool file, along with the header lines. When a successful delivery occurs, the
1180address is immediately written at the end of a journal file, whose name is the
1181message id followed by $tt{-J}. At the end of a delivery run, if there are some
1182addresses left to be tried again later, the first spool file (the $tt{-H} file)
1183is updated to indicate which these are, and the journal file is then deleted.
1184Updating the spool file is done by writing a new file and renaming it, to
1185minimize the possibility of data loss.
1186
1187Should the system or the program crash after a successful delivery but before
1188the spool file has been updated, the journal is left lying around. The next
1189time Exim attempts to deliver the message, it reads the journal file and
1190updates the spool file before proceeding. This minimizes the chances of double
1191deliveries caused by crashes.
1192
1193
1194.section Processing an address for delivery
1195.rset SECTprocaddress "~~chapter.~~section"
1196.index drivers||definition of
1197.index router||definition of
1198.index transport||definition of
1199The main delivery processing elements of Exim are called $it{routers} and
1200$it{transports}, and collectively these are known as $it{drivers}. Code for a
1201number of them is provided in the source distribution, and compile-time options
1202specify which ones are included in the binary. Run time options specify which
1203ones are actually used for delivering messages.
1204
1205.index drivers||instance definition
4964e932
PH
1206Each driver that is specified in the run time configuration is an \*instance*\
1207of that particular driver type. Multiple instances are allowed; for example,
1208you can set up several different \%smtp%\ transports, each with different
495ae4b0
PH
1209option values that might specify different ports or different timeouts. Each
1210instance has its own identifying name. In what follows we will normally use the
4964e932 1211instance name when discussing one particular instance (that is, one specific
495ae4b0
PH
1212configuration of the driver), and the generic driver name when discussing
1213the driver's features in general.
1214
1215A $it{router} is a driver that operates on an address, either determining how
1216its delivery should happen, by routing it to a specific transport, or
1217converting the address into one or more new addresses (for example, via an
1218alias file). A router may also explicitly choose to fail an address, causing it
1219to be bounced.
1220
1221A $it{transport} is a driver that transmits a copy of the message from Exim's
1222spool to some destination. There are two kinds of transport: for a $it{local}
1223transport, the destination is a file or a pipe on the local host, whereas for a
1224$it{remote} transport the destination is some other host. A message is passed
1225to a specific transport as a result of successful routing. If a message has
1226several recipients, it may be passed to a number of different transports.
1227
1228.index preconditions||definition of
1229An address is processed by passing it to each configured router instance in
1230turn, subject to certain preconditions, until a router accepts the address or
1231specifies that it should be bounced. We will describe this process in more
1232detail shortly. As a simple example, the diagram below illustrates how each
1233recipient address in a message is processed in a small configuration of three
1234routers that are configured in various ways.
1235
1236.if ~~sys.fancy
1237.figure "Routing an address" rm
1238.indent 0
4964e932 1239.call aspic -sgcal -nv
495ae4b0
PH
1240centre ~~sys.linelength;
1241magnify 0.8;
1242boundingbox 30;
1243 ibox depth 14 "address";
1244B: arrow down 44;
1245 textdepth 14;
1246A: box width 100 "first router" "conditions ok?";
1247 arrow right "yes";
1248C: box width 100 "run" "first router";
1249 arrow down "fail";
1250D: ibox depth 20 "address bounces";
1251
1252 arc clockwise from right of C "accept";
1253 arrow down 10;
1254 ibox "queue for" "transport";
1255
1256 arrow down from A align bottom of D plus (0,-20) "no"(-6,20)/r;
1257E: box width 100 "second router" "conditions ok?";
1258 arrow right "yes";
1259F: box width 100 "run" "second router";
1260 line right 100 "redirect";
1261 line up align middle of B;
1262 arrow left to middle of B "new addresses";
1263
1264 line down 20 from bottom left of F plus (30,0);
1265 arrow left align centre of E "decline";
1266
1267 line down 20 from bottom right of F plus (-30,0);
1268 arrow right "fail";
1269 ibox width 64 "address" "bounces";
1270
1271 arrow down 64 from E "no"(-6,20)/r;
1272G: box width 100 "third router" "conditions ok?";
1273 arrow right "yes";
1274H: box width 100 "run" "third router";
1275 arc clockwise from right of H "accept";
1276 arrow down 10;
1277 ibox "queue for" "transport";
1278
1279 line down 20 from bottom of H;
1280 arrow left align centre of G "decline";
1281 arrow down 64 from G "no"(-6,20)/r;
1282
1283 ibox "no more routers" "address bounces";
1284.endcall
1285.endfigure
1286.elif !~~html
1287.display asis
1288
1289 address
1290 |
1291 |<------------- new addresses -----------------------------
1292 V |
1293 ----------------- ----------------- |
1294 | first router |----- yes ----->| run |--- accept |
1295 | conditions ok?| | first router | | |
1296 ----------------- ----------------- | |
1297 | | V |
1298 no | fail | queue for |
1299 | V transport |
1300 | address bounces |
1301 | |
1302 V |
1303 ----------------- ----------------- |
1304 | second router |----- yes ----->| run |----redirect ----
1305 | conditions ok?| | second router |
1306 ----------------- -----------------
1307 | | |
1308 no | | |
1309 |<-------- decline ----------- --- fail ---> address
1310 | bounces
1311 V
1312 ----------------- -----------------
1313 | third router |----- yes ----->| run |--- accept
1314 | conditions ok?| | third router | |
1315 ----------------- ----------------- |
1316 | | V
1317 no | | queue for
1318 |<-------- decline --------------- transport
1319 |
1320 V
1321 no more routers
1322 address bounces
1323.endd
1324.else
1325[(img src="routing.gif" alt="Routing an address")][(br)]
1326.fi
1327To make this a more concrete example, we'll describe it in terms of some actual
1328routers, but remember, this is only an example. You can configure Exim's
1329routers in many different ways, and there may be any number of routers in a
1330configuration.
1331
1332The first router that is specified in a configuration is often one that handles
1333addresses in domains that are not recognized specially by the local host. These
1334are typically addresses for arbitrary domains on the Internet. A precondition
1335is set up which looks for the special domains known to the host (for example,
1336its own domain name), and the router is run for addresses that do $it{not}
1337match. Typically, this is a router that looks up domains in the DNS in order to
1338find the hosts to which this address routes. If it succeeds, the address is
1339queued for a suitable SMTP transport; if it does not succeed, the router is
1340configured to fail the address.
1341
1342The example pictured could be a configuration of this type. The second and
1343third routers can only be run for addresses for which the preconditions for
1344the first router are not met. If one of these preconditions checks the
1345domain, the second and third routers are run only for domains that are somehow
1346special to the local host.
1347
1348The second router does redirection -- also known as aliasing and forwarding.
1349When it generates one or more new addresses from the original, each of them is
1350routed independently from the start. Otherwise, the router may cause an address
4964e932 1351to fail, or it may simply decline to handle the address, in which case the
495ae4b0
PH
1352address is passed to the next router.
1353
1354The final router in many configurations is one that checks to see if the
1355address belongs to a local mailbox. The precondition may involve a check to
1356see if the local part is the name of a login account, or it may look up the
1357local part in a file or a database. If its preconditions are not met, or if
1358the router declines, we have reached the end of the routers. When this happens,
1359the address is bounced.
1360
1361
1362.section Processing an address for verification
1363.index router||for verification
1364.index verifying||address, overview
4964e932
PH
1365As well as being used to decide how to deliver to an address, Exim's routers
1366are also used for \*address verification*\. Verification can be requested as
1367one of the checks to be performed in an ACL for incoming messages, on both
1368sender and recipient addresses, and it can be tested using the \-bv-\ and
495ae4b0
PH
1369\-bvs-\ command line options.
1370
4964e932
PH
1371When an address is being verified, the routers are run in `verify mode'. This
1372does not affect the way the routers work, but it is a state that can be
495ae4b0
PH
1373detected. By this means, a router can be skipped or made to behave differently
1374when verifying. A common example is a configuration in which the first router
1375sends all messages to a message-scanning program, unless they have been
1376previously scanned. Thus, the first router accepts all addresses without any
4964e932 1377checking, making it useless for verifying. Normally, the \no@_verify\ option
495ae4b0
PH
1378would be set for such a router, causing it to be skipped in verify mode.
1379
1380
1381
1382.section Running an individual router
1383.rset SECTrunindrou "~~chapter.~~section"
1384.index router||running details
1385.index preconditions||checking
1386.index router||result of running
1387As explained in the example above, a number of preconditions are checked before
1388running a router. If any are not met, the router is skipped, and the address is
1389passed to the next router. When all the preconditions on a router $it{are} met,
1390the router is run. What happens next depends on the outcome, which is one of
1391the following:
1392.numberpars $.
1393\*accept*\: The router accepts the address, and either queues it for a
1394transport, or generates one or more `child' addresses. Processing the original
4964e932 1395address ceases,
495ae4b0
PH
1396.index \unseen\ option
1397unless the \unseen\ option is set on the router. This option
1398can be used to set up multiple deliveries with different routing (for example,
1399for keeping archive copies of messages). When \unseen\ is set, the address is
1400passed to the next router. Normally, however, an \*accept*\ return marks the
1401end of routing.
1402
1403.index case of local parts
1404.index address||duplicate, discarding
1405If child addresses are generated, Exim checks to see whether they are
1406duplicates of any existing recipient addresses. During this check, local parts
1407are treated as case-sensitive. Duplicate addresses are discarded. Each of the
1408remaining child addresses is then processed independently, starting with the
1409first router by default. It is possible to change this by setting the
1410\redirect@_router\ option to specify which router to start at for child
1411addresses. Unlike \pass@_router\ (see below) the router specified by
1412\redirect@_router\ may be anywhere in the router configuration.
1413.nextp
1414\*pass*\: The router recognizes the address, but cannot handle it itself. It
1415requests that the address be passed to another router. By default the address
1416is passed to the next router, but this can be changed by setting the
1417\pass@_router\ option. However, (unlike \redirect@_router\) the named router
1418must be below the current router (to avoid loops).
1419.nextp
1420\*decline*\: The router declines to accept the address because it does not
1421recognize it at all. By default, the address is passed to the next router, but
1422this can be prevented by setting the \no@_more\ option. When \no@_more\ is set,
1423all the remaining routers are skipped.
1424.nextp
1425\*fail*\: The router determines that the address should fail, and queues it for
1426the generation of a bounce message. There is no further processing of the
1427original address unless \unseen\ is set on the router.
1428.nextp
1429\*defer*\: The router cannot handle the address at the present time. (A database
1430may be offline, or a DNS lookup may have timed out.) No further processing of
1431the address happens in this delivery attempt. It is tried again next time the
1432message is considered for delivery.
1433.nextp
1434\*error*\: There is some error in the router (for example, a syntax error in
1435its configuration). The action is as for defer.
1436.endp
1437If an address reaches the end of the routers without having been accepted by
1438any of them, it is bounced as unrouteable.
4964e932
PH
1439The default error message in this situation is `unrouteable address', but you
1440can set your own message by making use of the \cannot@_route@_message\ option.
1441This can be set for any router; the value from the last router that `saw'
495ae4b0
PH
1442the address is used.
1443
1444Sometimes while routing you want to fail a delivery when some conditions are
1445met but others are not, instead of passing the address on for further routing.
1446You can do this by having a second router that explicitly fails the delivery
4964e932 1447when the relevant conditions are met. The \%redirect%\ router has a `fail'
495ae4b0
PH
1448facility for this purpose.
1449
1450
1451
1452.section Router preconditions
1453.rset SECTrouprecon "~~chapter.~~section"
1454.index router||preconditions, order of processing
1455.index preconditions||order of processing
1456The preconditions that are tested for each router are listed below, in the
1457order in which they are tested. The individual configuration options are
1458described in more detail in chapter ~~CHAProutergeneric.
1459.numberpars $.
1460The \local@_part@_prefix\ and \local@_part@_suffix\ options can specify that
1461the local parts handled by the router may or must have certain prefixes and/or
1462suffixes. If a mandatory affix (prefix or suffix) is not present, the router is
1463skipped. These conditions are tested first. When an affix is present, it is
1464removed from the local part before further processing, including the evaluation
1465of any other conditions.
1466.nextp
4964e932
PH
1467Routers can be designated for use only when not verifying an address, that is,
1468only when routing it for delivery (or testing its delivery routing). If the
1469\verify\ option is set false, the router is skipped when Exim is verifying an
495ae4b0 1470address.
4964e932
PH
1471Setting the \verify\ option actually sets two options, \verify@_sender\ and
1472\verify@_recipient\, which independently control the use of the router for
1473sender and recipient verification. You can set these options directly if
495ae4b0
PH
1474you want a router to be used for only one type of verification.
1475.nextp
4964e932
PH
1476If the \address@_test\ option is set false, the router is skipped when Exim is
1477run with the \-bt-\ option to test an address routing. This can be helpful when
1478the first router sends all new messages to a scanner of some sort; it makes it
495ae4b0
PH
1479possible to use \-bt-\ to test subsequent delivery routing without having to
1480simulate the effect of the scanner.
1481.nextp
1482Routers can be designated for use only when verifying an address, as
1483opposed to routing it for delivery. The \verify@_only\ option controls this.
1484.nextp
1485Certain routers can be explicitly skipped when running the routers to check an
1486address given in the SMTP \\EXPN\\ command (see the \expn\ option).
1487.nextp
1488If the \domains\ option is set, the domain of the address must be in the set of
1489domains that it defines.
1490.nextp
1491If the \local@_parts\ option is set, the local part of the address must be in
1492the set of local parts that it defines. If \local@_part@_prefix\ or
1493\local@_part@_suffix\ is in use, the prefix or suffix is removed from the local
1494part before this check. If you want to do precondition tests on local parts
1495that include affixes, you can do so by using a \condition\ option (see below)
1496that uses the variables \$local@_part$\, \$local@_part@_prefix$\, and
1497\$local@_part@_suffix$\ as necessary.
1498.nextp
1499If the \check@_local@_user\ option is set, the local part must be the name of
1500an account on the local host.
4964e932 1501If this check succeeds, the uid and gid of the local user are placed in
495ae4b0
PH
1502\$local@_user@_uid$\ and \$local@_user@_gid$\; these values can be used in the
1503remaining preconditions.
1504.nextp
1505If the \router@_home@_directory\ option is set, it is expanded at this point,
4964e932
PH
1506because it overrides the value of \$home$\. If this expansion were left till
1507later, the value of \$home$\ as set by \check@_local@_user\ would be used in
1508subsequent tests. Having two different values of \$home$\ in the same router
495ae4b0
PH
1509could lead to confusion.
1510.nextp
1511If the \senders\ option is set, the envelope sender address must be in the set
1512of addresses that it defines.
1513.nextp
1514If the \require@_files\ option is set, the existence or non-existence of
1515specified files is tested.
1516.nextp
1517.index customizing||precondition
1518If the \condition\ option is set, it is evaluated and tested. This option uses
1519an expanded string to allow you to set up your own custom preconditions.
1520Expanded strings are described in chapter ~~CHAPexpand.
1521.endp
1522
1523Note that \require@_files\ comes near the end of the list, so you cannot use it
1524to check for the existence of a file in which to lookup up a domain, local
1525part, or sender. However, as these options are all expanded, you can use the
1526\exists\ expansion condition to make such tests within each condition. The
1527\require@_files\ option is intended for checking files that the router may be
1528going to use internally, or which are needed by a specific transport (for
1529example, \(.procmailrc)\).
1530
1531
1532.section Delivery in detail
1533.index delivery||in detail
1534When a message is to be delivered, the sequence of events is as follows:
1535.numberpars $.
1536If a system-wide filter file is specified, the message is passed to it. The
1537filter may add recipients to the message, replace the recipients, discard the
1538message, cause a new message to be generated, or cause the message delivery to
1539fail. The format of the system filter file is the same as for Exim user filter
1540files, described in the separate document entitled
1541.if ~~html
1542[(A HREF="filter.html")]
1543.fi
1544\*Exim's interfaces to mail filtering*\.
1545.if ~~html
1546[(/A)]
1547.fi
1548.index Sieve filter||not available for system filter
1549(\**Note**\: Sieve cannot be used for system filter files.)
1550Some additional features are available in system filters -- see chapter
1551~~CHAPsystemfilter for details. Note that a message is passed to the system
1552filter only once per delivery attempt, however many recipients it has. However,
1553if there are several delivery attempts because one or more addresses could not
1554be immediately delivered, the system filter is run each time. The filter
1555condition \first@_delivery\ can be used to detect the first run of the system
1556filter.
1557.nextp
1558Each recipient address is offered to each configured router in turn, subject to
1559its preconditions, until one is able to handle it. If no router can handle
1560the address, that is, if they all decline, the address is failed. Because
1561routers can be targeted at particular domains, several locally handled domains
1562can be processed entirely independently of each other.
1563.nextp
1564.index routing||loops in
1565.index loop||while routing
1566A router that accepts an address may set up a local or a remote transport for
1567it. However, the transport is not run at this time. Instead, the address is
1568placed on a list for the particular transport, to be run later. Alternatively,
1569the router may generate one or more new addresses (typically from alias,
1570forward, or filter files). New addresses are fed back into this process from
1571the top, but in order to avoid loops, a router ignores any address which has an
1572identically-named ancestor that was processed by itself.
1573.nextp
1574When all the routing has been done, addresses that have been successfully
1575handled are passed to their assigned transports. When local transports are
1576doing real local deliveries, they handle only one address at a time, but if a
1577local transport is being used as a pseudo-remote transport (for example, to
1578collect batched SMTP messages for transmission by some other means) multiple
1579addresses can be handled. Remote transports can always handle more than one
1580address at a time, but can be configured not to do so, or to restrict multiple
1581addresses to the same domain.
1582.nextp
1583Each local delivery to a file or a pipe runs in a separate process under a
1584non-privileged uid, and these deliveries are run one at a time. Remote
1585deliveries also run in separate processes, normally under a uid that is private
1586to Exim (`the Exim user'), but in this case, several remote deliveries can be
1587run in parallel. The maximum number of simultaneous remote deliveries for any
1588one message is set by the \remote@_max@_parallel\ option.
4964e932 1589The order in which deliveries are done is not defined, except that all local
495ae4b0 1590deliveries happen before any remote deliveries.
495ae4b0
PH
1591.nextp
1592.index queue runner
1593When it encounters a local delivery during a queue run, Exim checks its retry
1594database to see if there has been a previous temporary delivery failure for the
1595address before running the local transport. If there was a previous failure,
1596Exim does not attempt a new delivery until the retry time for the address is
1597reached. However, this happens only for delivery attempts that are part of a
1598queue run. Local deliveries are always attempted when delivery immediately
1599follows message reception, even if retry times are set for them. This makes for
1600better behaviour if one particular message is causing problems (for example,
1601causing quota overflow, or provoking an error in a filter file).
1602.nextp
1603.index delivery||retry in remote transports
1604Remote transports do their own retry handling, since an address may be
1605deliverable to one of a number of hosts, each of which may have a different
1606retry time. If there have been previous temporary failures and no host has
1607reached its retry time, no delivery is attempted, whether in a queue run or
1608not. See chapter ~~CHAPretry for details of retry strategies.
1609.nextp
1610If there were any permanent errors, a bounce message is returned to an
1611appropriate address (the sender in the common case), with details of the error
1612for each failing address. Exim can be configured to send copies of bounce
1613messages to other addresses.
1614.nextp
1615.index delivery||deferral
1616If one or more addresses suffered a temporary failure, the message is left on
1617the queue, to be tried again later. Delivery of these addresses is said to be
1618\*deferred*\.
1619.nextp
1620When all the recipient addresses have either been delivered or bounced,
1621handling of the message is complete. The spool files and message log are
1622deleted, though the message log can optionally be preserved if required.
1623.endp
1624
1625
1626.section Retry mechanism
1627.index delivery||retry mechanism
1628.index retry||description of mechanism
1629.index queue runner
1630Exim's mechanism for retrying messages that fail to get delivered at the first
1631attempt is the queue runner process. You must either run an Exim daemon that
1632uses the \-q-\ option with a time interval to start queue runners at regular
1633intervals, or use some other means (such as \*cron*\) to start them. If you do
1634not arrange for queue runners to be run, messages that fail temporarily at the
1635first attempt will remain on your queue for ever. A queue runner process works
1636it way through the queue, one message at a time, trying each delivery that has
1637passed its retry time.
1638You can run several queue runners at once.
1639
1640Exim uses a set of configured rules to determine when next to retry the failing
1641address (see chapter ~~CHAPretry). These rules also specify when Exim should
1642give up trying to deliver to the address, at which point it generates a bounce
1643message. If no retry rules are set for a particular host, address, and error
1644combination, no retries are attempted, and temporary errors are treated as
1645permanent.
1646
1647
1648.section Temporary delivery failure
1649.index delivery||temporary failure
1650There are many reasons why a message may not be immediately deliverable to a
1651particular address. Failure to connect to a remote machine (because it, or the
1652connection to it, is down) is one of the most common. Temporary failures may be
1653detected during routing as well as during the transport stage of delivery.
1654Local deliveries may be delayed if NFS files are unavailable, or if a mailbox
1655is on a file system where the user is over quota. Exim can be configured to
1656impose its own quotas on local mailboxes; where system quotas are set they will
1657also apply.
1658
1659If a host is unreachable for a period of time, a number of messages may be
1660waiting for it by the time it recovers, and sending them in a single SMTP
1661connection is clearly beneficial. Whenever a delivery to a remote host is
4964e932 1662deferred,
495ae4b0
PH
1663.index hints database
1664Exim makes a note in its hints database, and whenever a successful
1665SMTP delivery has happened, it looks to see if any other messages are waiting
1666for the same host. If any are found, they are sent over the same SMTP
1667connection, subject to a configuration limit as to the maximum number in any
1668one connection.
1669
1670
1671
1672.section Permanent delivery failure
1673.index delivery||permanent failure
1674.index bounce message||when generated
1675When a message cannot be delivered to some or all of its intended recipients, a
1676bounce message is generated. Temporary delivery failures turn into permanent
1677errors when their timeout expires. All the addresses that fail in a given
1678delivery attempt are listed in a single message. If the original message has
1679many recipients, it is possible for some addresses to fail in one delivery
1680attempt and others to fail subsequently, giving rise to more than one bounce
1681message. The wording of bounce messages can be customized by the administrator.
1682See chapter ~~CHAPemsgcust for details.
1683
1684.index ::X-Failed-Recipients:: header line
1685Bounce messages contain an ::X-Failed-Recipients:: header line that lists the
1686failed addresses, for the benefit of programs that try to analyse such messages
1687automatically.
1688
1689.index bounce message||recipient of
1690A bounce message is normally sent to the sender of the original message, as
1691obtained from the message's envelope. For incoming SMTP messages, this is the
1692address given in the \\MAIL\\ command. However, when an address is
1693expanded via a forward or alias file, an alternative address can be specified
1694for delivery failures of the generated addresses. For a mailing list expansion
1695(see section ~~SECTmailinglists) it is common to direct bounce messages to the
1696manager of the list.
1697
1698
1699
1700.section Failures to deliver bounce messages
1701.index bounce message||failure to deliver
1702If a bounce message (either locally generated or received from a remote host)
1703itself suffers a permanent delivery failure, the message is left on the queue,
1704but it is frozen, awaiting the attention of an administrator. There are options
1705which can be used to make Exim discard such failed messages, or to keep them
1706for only a short time (see \timeout@_frozen@_after\ and
1707\ignore@_bounce@_errors@_after\).
1708
1709
1710
1711.
1712.
1713.
1714.
1715. ============================================================================
1716.chapter Building and installing Exim
1717.set runningfoot "building/installing"
1718
1719.index building Exim
1720.section Unpacking
1721Exim is distributed as a gzipped or bzipped tar file which, when upacked,
1722creates a directory with the name of the current release (for example,
1723\(exim-~~version)\) into which the following files are placed:
1724.display rm
1725.if !~~sys.fancy && ~~sgcal
1726.tabs 16
1727.else
4964e932 1728.tabs 22
495ae4b0
PH
1729.fi
1730\(ACKNOWLEDGMENTS)\ $t contains some acknowledgments
1731.newline
1732\(CHANGES)\ $t contains a reference to where changes are documented
1733\(LICENCE)\ $t the GNU General Public Licence
1734\(Makefile)\ $t top-level make file
1735\(NOTICE)\ $t conditions for the use of Exim
1736\(README)\ $t list of files, directories and simple build instructions
1737.endd
1738Other files whose names begin with \(README)\ may also be present. The
1739following subdirectories are created:
1740.display rm
1741.if !~~sys.fancy && ~~sgcal
1742.tabs 16
1743.else
1744.tabs 22
1745.fi
1746\(Local)\ $t an empty directory for local configuration files
1747\(OS)\ $t OS-specific files
1748\(doc)\ $t documentation files
1749\(exim@_monitor)\$t source files for the Exim monitor
1750\(scripts)\ $t scripts used in the build process
1751\(src)\ $t remaining source files
1752\(util)\ $t independent utilities
1753.endd
1754The main utility programs are contained in the \(src)\ directory, and are built
1755with the Exim binary. The \(util)\ directory contains a few optional scripts
1756that may be useful to some sites.
1757
1758.section Multiple machine architectures and operating systems
1759.index building Exim||multiple OS/architectures
1760The building process for Exim is arranged to make it easy to build binaries for
1761a number of different architectures and operating systems from the same set of
1762source files. Compilation does not take place in the \(src)\ directory. Instead,
1763a \*build directory*\ is created for each architecture and operating system.
1764.index symbolic link||to build directory
1765Symbolic links to the sources are installed in this directory, which is where
1766the actual building takes place.
1767
1768In most cases, Exim can discover the machine architecture and operating system
1769for itself, but the defaults can be overridden if necessary.
1770
1771.section DBM libraries
1772.rset SECTdb "~~chapter.~~section"
1773.index DBM||libraries, discussion of
1774.index hints database||DBM files used for
1775Even if you do not use any DBM files in your configuration, Exim still needs a
1776DBM library in order to operate, because it uses indexed files for its hints
1777databases. Unfortunately, there are a number of DBM libraries in existence, and
1778different operating systems often have different ones installed.
1779
1780.index Solaris||DBM library for
1781.index IRIX, DBM library for
1782.index BSD, DBM library for
1783.index Linux, DBM library for
1784If you are using Solaris, IRIX, one of the modern BSD systems, or a modern
1785Linux distribution, the DBM configuration should happen automatically, and you
1786may be able to ignore this section. Otherwise, you may have to learn more than
1787you would like about DBM libraries from what follows.
1788
1789.index \*ndbm*\ DBM library
1790Licensed versions of Unix normally contain a library of DBM functions operating
1791via the \*ndbm*\ interface, and this is what Exim expects by default. Free
1792versions of Unix seem to vary in what they contain as standard. In particular,
1793some early versions of Linux have no default DBM library, and different
1794distributors have chosen to bundle different libraries with their packaged
1795versions. However, the more recent releases seem to have standardised on the
1796Berkeley DB library.
1797
1798Different DBM libraries have different conventions for naming the files they
1799use. When a program opens a file called \(dbmfile)\, there are four
1800possibilities:
1801.numberpars
1802A traditional \*ndbm*\ implementation, such as that supplied as part of
1803Solaris, operates on two files called \(dbmfile.dir)\ and \(dbmfile.pag)\.
1804.nextp
1805.index \*gdbm*\ DBM library
1806The GNU library, \*gdbm*\, operates on a single file. If used via its \*ndbm*\
1807compatibility interface it makes two different hard links to it with names
1808\(dbmfile.dir)\ and \(dbmfile.pag)\, but if used via its native interface, the
1809file name is used unmodified.
1810.nextp
1811.index Berkeley DB library
1812The Berkeley DB package, if called via its \*ndbm*\ compatibility interface,
1813operates on a single file called \(dbmfile.db)\, but otherwise looks to the
1814programmer exactly the same as the traditional \*ndbm*\ implementation.
1815.nextp
1816If the Berkeley package is used in its native mode, it operates on a single
1817file called \(dbmfile)\; the programmer's interface is somewhat different to
1818the traditional \*ndbm*\ interface.
1819.nextp
1820To complicate things further, there are several very different versions of the
1821Berkeley DB package. Version 1.85 was stable for a very long time, releases
18222.$it{x} and 3.$it{x} were current for a while, but the latest versions are now
1823numbered 4.$it{x}. Maintenance of some of the earlier releases has ceased. All
1824versions of Berkeley DB can be obtained from
1825.display rm
1826\?http://www.sleepycat.com/?\
1827.endd
1828.nextp
1829.index \*tdb*\ DBM library
1830Yet another DBM library, called \*tdb*\, has become available from
1831.display rm
1832\?http://download.sourceforge.net/tdb?\
1833.endd
1834It has its own interface, and also operates on a single file.
1835.endp
1836.index \\USE@_DB\\
1837.index DBM||libraries, configuration for building
1838Exim and its utilities can be compiled to use any of these interfaces. In order
1839to use any version of the Berkeley DB package in native mode, you must set
1840\\USE@_DB\\ in an appropriate configuration file (typically
1841\(Local/Makefile)\). For example:
1842.display asis
1843USE_DB=yes
1844.endd
1845Similarly, for gdbm you set \\USE@_GDBM\\, and for tdb you set \\USE@_TDB\\. An
1846error is diagnosed if you set more than one of these.
1847
1848At the lowest level, the build-time configuration sets none of these options,
1849thereby assuming an interface of type (1). However, some operating system
1850configuration files (for example, those for the BSD operating systems and
1851Linux) assume type (4) by setting \\USE@_DB\\ as their default, and the
1852configuration files for Cygwin set \\USE@_GDBM\\. Anything you set in
1853\(Local/Makefile)\, however, overrides these system defaults.
1854
1855As well as setting \\USE@_DB\\, \\USE@_GDBM\\, or \\USE@_TDB\\, it may also be
1856necessary to set \\DBMLIB\\, to cause inclusion of the appropriate library, as
1857in one of these lines:
1858.display asis
1859DBMLIB = -ldb
1860DBMLIB = -ltdb
1861.endd
4964e932 1862Settings like that will work if the DBM library is installed in the standard
495ae4b0
PH
1863place. Sometimes it is not, and the library's header file may also not be in
1864the default path. You may need to set \\INCLUDE\\ to specify where the header
4964e932 1865file is, and to specify the path to the library more fully in \\DBMLIB\\, as in
495ae4b0
PH
1866this example:
1867.display asis
1868INCLUDE=-I/usr/local/include/db-4.1
1869DBMLIB=/usr/local/lib/db-4.1/libdb.a
1870.endd
1871
1872There is further detailed discussion about the various DBM libraries in the
1873file \(doc/dbm.discuss.txt)\ in the Exim distribution.
1874
1875
1876.section Pre-building configuration
1877.index building Exim||pre-building configuration
1878.index configuration for building Exim
1879.index \(Local/Makefile)\
1880.index \(src/EDITME)\
1881Before building Exim, a local configuration file that specifies options
1882independent of any operating system has to be created with the name
1883\(Local/Makefile)\. A template for this file is supplied as the file
1884\(src/EDITME)\, and it contains full descriptions of all the option settings
1885therein. These descriptions are therefore not repeated here. If you are
1886building Exim for the first time, the simplest thing to do is to copy
1887\(src/EDITME)\ to \(Local/Makefile)\, then read it and edit it appropriately.
1888
1889There are three settings that you must supply, because Exim will not build
1890without them. They are the location of the run time configuration file
1891(\\CONFIGURE@_FILE\\), the directory in which Exim binaries will be installed
1892(\\BIN@_DIRECTORY\\), and the identity of the Exim user (\\EXIM@_USER\\ and
1893maybe \\EXIM@_GROUP\\ as well). The value of \\CONFIGURE@_FILE\\ can in fact be
1894a colon-separated list of file names; Exim uses the first of them that exists.
1895
1896There are a few other parameters that can be specified either at build time or
1897at run time, to enable the same binary to be used on a number of different
1898machines. However, if the locations of Exim's spool directory and log file
1899directory (if not within the spool directory) are fixed, it is recommended that
1900you specify them in \(Local/Makefile)\ instead of at run time, so that errors
1901detected early in Exim's execution (such as a malformed configuration file) can
1902be logged.
1903
1904.index \(Local/eximon.conf)\
1905.index \(exim@_monitor/EDITME)\
1906If you are going to build the Exim monitor, a similar configuration process is
1907required. The file \(exim@_monitor/EDITME)\ must be edited appropriately for
1908your installation and saved under the name \(Local/eximon.conf)\. If you are
1909happy with the default settings described in \(exim@_monitor/EDITME)\,
1910\(Local/eximon.conf)\ can be empty, but it must exist.
1911
1912This is all the configuration that is needed in straightforward cases for known
1913operating systems. However, the building process is set up so that it is easy
1914to override options that are set by default or by operating-system-specific
1915configuration files, for example to change the name of the C compiler, which
1916defaults to \gcc\. See section ~~SECToverride below for details of how to do
1917this.
1918
1919
1920.section Support for iconv()
1921.index \*iconv()*\ support
4964e932
PH
1922The contents of header lines in messages may be encoded according to the rules
1923described RFC 2047. This makes it possible to transmit characters that are not
1924in the ASCII character set, and to label them as being in a particular
1925character set. When Exim is inspecting header lines by means of the \@$h@_\
1926mechanism, it decodes them, and translates them into a specified character set
495ae4b0
PH
1927(default ISO-8859-1). The translation is possible only if the operating system
1928supports the \*iconv()*\ function.
1929
1930However, some of the operating systems that supply \*iconv()*\ do not support
1931very many conversions. The GNU \libiconv\ library (available from
1932\?http:/@/www.gnu.org/software/libiconv/?\) can be installed on such systems to
1933remedy this deficiency, as well as on systems that do not supply \*iconv()*\ at
4964e932 1934all. After installing \libiconv\, you should add
495ae4b0 1935.display asis
4964e932
PH
1936HAVE_ICONV=yes
1937.endd
495ae4b0
PH
1938to your \(Local/Makefile)\ and rebuild Exim.
1939
1940
1941.section Including TLS/SSL encryption support
1942.rset SECTinctlsssl "~~chapter.~~section"
1943.index TLS||including support for TLS
1944.index encryption||including support for
1945.index \\SUPPORT@_TLS\\
1946.index OpenSSL||building Exim with
1947.index GnuTLS||building Exim with
1948Exim can be built to support encrypted SMTP connections, using the \\STARTTLS\\
4964e932
PH
1949command as per RFC 2487. It can also support legacy clients that expect to
1950start a TLS session immediately on connection to a non-standard port (see the
495ae4b0
PH
1951\-tls-on-connect-\ command line option).
1952
4964e932 1953If you want to build Exim with TLS support, you must first install either the
495ae4b0
PH
1954OpenSSL or GnuTLS library. There is no cryptographic code in Exim itself for
1955implementing SSL.
1956
1957If OpenSSL is installed, you should set
1958.display asis
1959SUPPORT_TLS=yes
1960TLS_LIBS=-lssl -lcrypto
1961.endd
1962in \(Local/Makefile)\. You may also need to specify the locations of the
1963OpenSSL library and include files. For example:
1964.display asis
1965SUPPORT_TLS=yes
1966TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
1967TLS_INCLUDE=-I/usr/local/openssl/include/
1968.endd
1969
1970If GnuTLS is installed, you should set
1971.index \\USE@_GNUTLS\\
1972.display asis
1973SUPPORT_TLS=yes
1974USE_GNUTLS=yes
1975TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
1976.endd
1977in \(Local/Makefile)\, and again you may need to specify the locations of the
1978library and include files. For example:
1979.display asis
1980SUPPORT_TLS=yes
4964e932 1981USE_GNUTLS=yes
495ae4b0
PH
1982TLS_LIBS=-L/usr/gnu/lib -lgnutls -ltasn1 -lgcrypt
1983TLS_INCLUDE=-I/usr/gnu/include
1984.endd
1985You do not need to set \\TLS@_INCLUDE\\ if the relevant directory is already
4964e932 1986specified in \\INCLUDE\\. Details of how to configure Exim to make use of TLS
495ae4b0
PH
1987are given in chapter ~~CHAPTLS.
1988
1989
1990
1991.section Use of tcpwrappers
1992.index tcpwrappers, building Exim to support
1993.index \\USE@_TCP@_WRAPPERS\\
1994Exim can be linked with the \*tcpwrappers*\ library in order to check incoming
1995SMTP calls using the \*tcpwrappers*\ control files. This may be a convenient
1996alternative to Exim's own checking facilities for installations that are
1997already making use of \*tcpwrappers*\ for other purposes. To do this, you should
1998set \\USE@_TCP@_WRAPPERS\\ in \(Local/Makefile)\, arrange for the file
1999\(tcpd.h)\ to be available at compile time, and also ensure that the library
2000\(libwrap.a)\ is available at link time, typically by including \-lwrap-\ in
2001\\EXTRALIBS@_EXIM\\. For example, if \*tcpwrappers*\ is installed in
2002\(/usr/local)\, you might have
2003.display
2004USE@_TCP@_WRAPPERS=yes
2005CFLAGS=-O -I/usr/local/include
2006.newline
2007EXTRALIBS@_EXIM=-L/usr/local/lib -lwrap
2008.endd
2009in \(Local/Makefile)\. The name to use in the \*tcpwrappers*\ control files is
2010`exim'. For example, the line
2011.display
2012exim : LOCAL 192.168.1. .friendly.domain.example
2013.endd
2014in your \(/etc/hosts.allow)\ file allows connections from the local host, from
2015the subnet 192.168.1.0/24, and from all hosts in \*friendly.domain.example*\.
2016All other connections are denied. Consult the \*tcpwrappers*\ documentation for
2017further details.
2018
2019
2020.section Including support for IPv6
2021.index IPv6||including support for
2022Exim contains code for use on systems that have IPv6 support. Setting
2023\\HAVE@_IPV6=YES\\ in \(Local/Makefile)\ causes the IPv6 code to be included;
2024it may also be necessary to set \\IPV6@_INCLUDE\\ and \\IPV6@_LIBS\\ on systems
2025where the IPv6 support is not fully integrated into the normal include and
2026library files.
2027
2028IPv6 is still changing rapidly. Two different types of DNS record for handling
2029IPv6 addresses have been defined. AAAA records are already in use, and are
2030currently seen as the `mainstream', but another record type called A6 is being
2031argued about. Its status is currently `experimental'. Exim has support for A6
2032records, but this is included only if you set \\SUPPORT@_A6=YES\\ in
2033\(Local/Makefile)\.
2034
2035
2036.section The building process
2037.index build directory
2038Once \(Local/Makefile)\ (and \(Local/eximon.conf)\, if required) have been
2039created, run \*make*\ at the top level. It determines the architecture and
2040operating system types, and creates a build directory if one does not exist.
2041For example, on a Sun system running Solaris 8, the directory
2042\(build-SunOS5-5.8-sparc)\ is created.
2043.index symbolic link||to source files
2044Symbolic links to relevant source files are installed in the build directory.
2045
4964e932 2046\**Warning**\: The \-j-\ (parallel) flag must not be used with \*make*\; the
495ae4b0 2047building process fails if it is set.
495ae4b0
PH
2048
2049If this is the first time \*make*\ has been run, it calls a script that builds
2050a make file inside the build directory, using the configuration files from the
2051\(Local)\ directory. The new make file is then passed to another instance of
2052\*make*\. This does the real work, building a number of utility scripts, and
2053then compiling and linking the binaries for the Exim monitor (if configured), a
2054number of utility programs, and finally Exim itself. The command \*make
2055makefile*\ can be used to force a rebuild of the make file in the build
2056directory, should this ever be necessary.
2057
2058If you have problems building Exim, check for any comments there may be in the
2059\(README)\ file concerning your operating system, and also take a look at the
2060.if ~~html
2061[(A HREF="FAQ.html")]
2062.fi
2063FAQ,
2064.if ~~html
2065[(/A)]
2066.fi
2067where some common problems are covered.
2068
2069
2070
2071.section Overriding build-time options for Exim
2072.index build-time options, overriding
2073.rset SECToverride "~~chapter.~~section"
2074The main make file that is created at the beginning of the building process
2075consists of the concatenation of a number of files which set configuration
2076values, followed by a fixed set of \*make*\ instructions. If a value is set
2077more than once, the last setting overrides any previous ones. This provides a
2078convenient way of overriding defaults. The files that are concatenated are, in
2079order:
2080.display rm
2081\(OS/Makefile-Default)\
2082\(OS/Makefile-)\<<ostype>>
2083\(Local/Makefile)\
2084\(Local/Makefile-)\<<ostype>>
2085\(Local/Makefile-)\<<archtype>>
2086\(Local/Makefile-)\<<ostype>>-<<archtype>>
2087\(OS/Makefile-Base)\
2088.endd
2089.index \(Local/Makefile)\
2090where <<ostype>> is the operating system type and <<archtype>> is the
2091.index building Exim||operating system type
2092.index building Exim||architecture type
2093architecture type. \(Local/Makefile)\ is required to exist, and the building
2094process fails if it is absent. The other three \(Local)\ files are optional,
2095and are often not needed.
2096
2097The values used for <<ostype>> and <<archtype>> are obtained from scripts
2098called \(scripts/os-type)\ and \(scripts/arch-type)\ respectively. If either of
2099the environment variables \\EXIM@_OSTYPE\\ or \\EXIM@_ARCHTYPE\\ is set, their
2100values are used, thereby providing a means of forcing particular settings.
2101Otherwise, the scripts try to get values from the \uname\ command. If this
2102fails, the shell variables \\OSTYPE\\ and \\ARCHTYPE\\ are inspected. A number
2103of $it{ad hoc} transformations are then applied, to produce the standard names
2104that Exim expects. You can run these scripts directly from the shell in order
2105to find out what values are being used on your system.
2106
2107
2108\(OS/Makefile-Default)\ contains comments about the variables that are set
2109therein. Some (but not all) are mentioned below. If there is something that
2110needs changing, review the contents of this file and the contents of the make
2111file for your operating system (\(OS/Makefile-<<ostype>>)\) to see what the
2112default values are.
2113
2114
2115.index building Exim||overriding default settings
2116If you need to change any of the values that are set in \(OS/Makefile-Default)\
4964e932 2117or in \(OS/Makefile-<<ostype>>)\, or to add any new definitions, you do not
495ae4b0
PH
2118need to change the original files. Instead, you should make the changes by
2119putting the new values in an appropriate \(Local)\ file. For example,
2120.index Tru64-Unix build-time settings
2121when building Exim in many releases of the Tru64-Unix (formerly Digital UNIX,
2122formerly DEC-OSF1) operating system, it is necessary to specify that the C
4964e932 2123compiler is called \*cc*\ rather than \*gcc*\. Also, the compiler must be
495ae4b0 2124called with the option \-std1-\, to make it recognize some of the features of
4964e932 2125Standard C that Exim uses. (Most other compilers recognize Standard C by
495ae4b0
PH
2126default.) To do this, you should create a file called \(Local/Makefile-OSF1)\
2127containing the lines
2128.display
2129CC=cc
2130CFLAGS=-std1
2131.endd
4964e932 2132If you are compiling for just one operating system, it may be easier to put
495ae4b0
PH
2133these lines directly into \(Local/Makefile)\.
2134
2135Keeping all your local configuration settings separate from the distributed
2136files makes it easy to transfer them to new versions of Exim simply by copying
2137the contents of the \(Local)\ directory.
2138
2139
2140.index NIS lookup type||including support for
2141.index NIS@+ lookup type||including support for
2142.index LDAP||including support for
2143.index lookup||inclusion in binary
2144Exim contains support for doing LDAP, NIS, NIS+, and other kinds of file
2145lookup, but not all systems have these components installed, so the default is
2146not to include the relevant code in the binary. All the different kinds of file
2147and database lookup that Exim supports are implemented as separate code modules
2148which are included only if the relevant compile-time options are set. In the
2149case of LDAP, NIS, and NIS+, the settings for \(Local/Makefile)\ are:
2150.display asis
2151LOOKUP_LDAP=yes
2152LOOKUP_NIS=yes
2153LOOKUP_NISPLUS=yes
2154.endd
2155and similar settings apply to the other lookup types. They are all listed in
2156\(src/EDITME)\. In most cases the relevant include files and interface
2157libraries need to be installed before compiling Exim.
2158.index cdb||including support for
2159However, in the case of cdb, which is included in the binary only if
2160.display asis
2161LOOKUP_CDB=yes
2162.endd
2163is set, the code is entirely contained within Exim, and no external include
2164files or libraries are required. When a lookup type is not included in the
2165binary, attempts to configure Exim to use it cause run time configuration
2166errors.
2167
2168.index Perl||including support for
2169Exim can be linked with an embedded Perl interpreter, allowing Perl
2170subroutines to be called during string expansion. To enable this facility,
2171.display asis
2172EXIM_PERL=perl.o
2173.endd
2174must be defined in \(Local/Makefile)\. Details of this facility are given in
2175chapter ~~CHAPperl.
2176
2177.index X11 libraries, location of
2178The location of the X11 libraries is something that varies a lot between
2179operating systems, and of course there are different versions of X11 to cope
2180with. Exim itself makes no use of X11, but if you are compiling the Exim
2181monitor, the X11 libraries must be available.
2182The following three variables are set in \(OS/Makefile-Default)\:
2183.display asis
2184X11=/usr/X11R6
2185XINCLUDE=-I$(X11)/include
2186XLFLAGS=-L$(X11)/lib
2187.endd
2188These are overridden in some of the operating-system configuration files. For
2189example, in \(OS/Makefile-SunOS5)\ there is
2190.display asis
2191X11=/usr/openwin
2192XINCLUDE=-I$(X11)/include
2193XLFLAGS=-L$(X11)/lib -R$(X11)/lib
2194.endd
2195If you need to override the default setting for your operating system, place a
2196definition of all three of these variables into your
2197\(Local/Makefile-<<ostype>>)\ file.
2198
2199.index \\EXTRALIBS\\
2200If you need to add any extra libraries to the link steps, these can be put in a
2201variable called \\EXTRALIBS\\, which appears in all the link commands, but by
2202default is not defined. In contrast, \\EXTRALIBS@_EXIM\\ is used only on the
2203command for linking the main Exim binary, and not for any associated utilities.
2204.index DBM||libraries, configuration for building
2205There is also \\DBMLIB\\, which appears in the link commands for binaries that
2206use DBM functions (see also section ~~SECTdb). Finally, there is
2207\\EXTRALIBS@_EXIMON\\, which appears only in the link step for the Exim monitor
2208binary, and which can be used, for example, to include additional X11
2209libraries.
2210
2211.index configuration file||editing
2212The make file copes with rebuilding Exim correctly if any of the configuration
2213files are edited. However, if an optional configuration file is deleted, it is
2214necessary to touch the associated non-optional file (that is, \(Local/Makefile)\
2215or \(Local/eximon.conf)\) before rebuilding.
2216
2217.section OS-specific header files
2218.index \(os.h)\
2219.index building Exim||OS-specific C header files
2220The \(OS)\ directory contains a number of files with names of the form
2221\(os.h-<<ostype>>)\. These are system-specific C header files that should not
2222normally need to be changed. There is a list of macro settings that are
2223recognized in the file \(OS/os.configuring)\, which should be consulted if you
2224are porting Exim to a new operating system.
2225
2226
2227.section Overriding build-time options for the monitor
2228.index building Eximon||overriding default options
2229A similar process is used for overriding things when building the Exim monitor,
2230where the files that are involved are
2231.display rm
2232\(OS/eximon.conf-Default)\
2233\(OS/eximon.conf-)\<<ostype>>
2234\(Local/eximon.conf)\
2235\(Local/eximon.conf-)\<<ostype>>
2236\(Local/eximon.conf-)\<<archtype>>
2237\(Local/eximon.conf-)\<<ostype>>-<<archtype>>
2238.endd
2239.index \(Local/eximon.conf)\
2240As with Exim itself, the final three files need not exist, and in this case the
2241\(OS/eximon.conf-<<ostype>>)\ file is also optional. The default values in
2242\(OS/eximon.conf-Default)\ can be overridden dynamically by setting environment
2243variables of the same name, preceded by \\EXIMON@_\\. For example, setting
2244\\EXIMON@_LOG@_DEPTH\\ in the environment overrides the value of
2245\\LOG@_DEPTH\\ at run time.
2246
2247
2248
2249.section Installing Exim binaries and scripts
2250.index installing Exim
2251.index \\BIN@_DIRECTORY\\
2252The command \*make install*\ runs the \*exim@_install*\ script with no
2253arguments. The script copies binaries and utility scripts into the directory
2254whose name is specified by the \\BIN@_DIRECTORY\\ setting in
4964e932 2255\(Local/Makefile)\.
495ae4b0
PH
2256
2257Exim's run time configuration file is named by the \\CONFIGURE@_FILE\\ setting
2258.index \\CONFIGURE@_FILE\\
2259in \(Local/Makefile)\. If this names a single file, and the file does not
2260exist, the default configuration file \(src/configure.default)\ is copied there
2261by the installation script. If a run time configuration file already exists, it
2262is left alone. If \\CONFIGURE@_FILE\\ is a colon-separated list, naming several
2263alternative files, no default is installed.
2264
2265.index system aliases file
2266.index \(/etc/aliases)\
2267One change is made to the default configuration file when it is installed: the
2268default configuration contains a router that references a system aliases file.
2269The path to this file is set to the value specified by
2270\\SYSTEM@_ALIASES@_FILE\\ in \(Local/Makefile)\ (\(/etc/aliases)\ by default).
2271If the system aliases file does not exist, the installation script creates it,
2272and outputs a comment to the user.
2273
2274The created file contains no aliases, but it does contain comments about the
2275aliases a site should normally have. Mail aliases have traditionally been
2276kept in \(/etc/aliases)\. However, some operating systems are now using
2277\(/etc/mail/aliases)\. You should check if yours is one of these, and change
2278Exim's configuration if necessary.
2279
2280The default configuration uses the local host's name as the only local domain,
2281and is set up to do local deliveries into the shared directory \(/var/mail)\,
2282running as the local user. System aliases and \(.forward)\ files in users' home
2283directories are supported, but no NIS or NIS+ support is configured. Domains
2284other than the name of the local host are routed using the DNS, with delivery
2285over SMTP.
2286
2287The install script copies files only if they are newer than the files they are
2288going to replace. The Exim binary is required to be owned by root and have the
2289\*setuid*\ bit set,
2290.index setuid||installing Exim with
2291for normal configurations. Therefore, you must run \*make install*\ as root so
2292that it can set up the Exim binary in this way. However, in some special
2293situations (for example, if a host is doing no local deliveries) it may be
2294possible to run Exim without making the binary setuid root (see chapter
2295~~CHAPsecurity for details).
2296
2297It is possible to install Exim for special purposes (such as building a binary
2298distribution) in a private part of the file system. You can do this by a
2299command such as
2300.display asis
2301make DESTDIR=/some/directory/ install
2302.endd
4964e932
PH
2303This has the effect of pre-pending the specified directory to all the file
2304paths, except the name of the system aliases file that appears in the default
495ae4b0 2305configuration. (If a default alias file is created, its name \*is*\ modified.)
4964e932 2306For backwards compatibility, \\ROOT\\ is used if \\DESTDIR\\ is not set,
495ae4b0
PH
2307but this usage is deprecated.
2308
2309.index installing Exim||what is not installed
2310Running \*make install*\ does not copy the Exim 4 conversion script
2311\*convert4r4*\, or the \*pcretest*\ test program. You will probably run the
2312first of these only once (if you are upgrading from Exim 3), and the second
2313isn't really part of Exim. None of the documentation files in the \(doc)\
2314directory are copied, except for the info files when you have set
2315\\INFO@_DIRECTORY\\, as described in section ~~SECTinsinfdoc below.
2316
2317For the utility programs, old versions are renamed by adding the suffix \(.O)\
2318to their names. The Exim binary itself, however, is handled differently. It is
2319installed under a name that includes the version number and the compile number,
2320for example \(exim-~~version-1)\. The script then arranges for a symbolic link
2321called \(exim)\ to point to the binary. If you are updating a previous version
2322of Exim, the script takes care to ensure that the name \(exim)\ is never absent
2323from the directory (as seen by other processes).
2324
2325.index installing Exim||testing the script
2326If you want to see what the \*make install*\ will do before running it for
2327real, you can pass the \-n-\ option to the installation script by this command:
2328.display asis
2329make INSTALL_ARG=-n install
2330.endd
2331The contents of the variable \\INSTALL@_ARG\\ are passed to the installation
2332script. You do not need to be root to run this test. Alternatively, you can run
2333the installation script directly, but this must be from within the build
2334directory. For example, from the top-level Exim directory you could use this
2335command:
2336.display
2337(cd build-SunOS5-5.5.1-sparc; ../scripts/exim@_install -n)
2338.endd
2339
2340.index installing Exim||install script options
2341There are two other options that can be supplied to the installation script.
2342.numberpars $.
2343\-no@_chown-\ bypasses the call to change the owner of the installed binary
2344to root, and the call to make it a setuid binary.
2345.nextp
2346\-no@_symlink-\ bypasses the setting up of the symbolic link \(exim)\ to the
2347installed binary.
2348.endp
2349\\INSTALL@_ARG\\ can be used to pass these options to the script. For example:
2350.display asis
2351make INSTALL_ARG=-no_symlink install
2352.endd
2353
4964e932
PH
2354The installation script can also be given arguments specifying which files are
2355to be copied. For example, to install just the Exim binary, and nothing else,
495ae4b0
PH
2356without creating the symbolic link, you could use:
2357.display asis
2358make INSTALL_ARG='-no_symlink exim' install
2359.endd
2360
2361
2362.section Installing info documentation
2363.rset SECTinsinfdoc "~~chapter.~~section"
2364.index installing Exim||\*info*\ documentation
2365Not all systems use the GNU \*info*\ system for documentation, and for this
2366reason, the Texinfo source of Exim's documentation is not included in the main
2367distribution. Instead it is available separately from the ftp site (see section
2368~~SECTavail).
2369
2370If you have defined \\INFO@_DIRECTORY\\ in \(Local/Makefile)\ and the Texinfo
2371source of the documentation is found in the source tree, running \*make
2372install*\ automatically builds the info files and installs them.
2373
2374
2375.section Setting up the spool directory
2376.index spool directory||creating
2377When it starts up, Exim tries to create its spool directory if it does not
2378exist. The Exim uid and gid are used for the owner and group of the spool
2379directory. Sub-directories are automatically created in the spool directory as
2380necessary.
2381
2382
2383
2384.section Testing
2385.index testing||installation
2386Having installed Exim, you can check that the run time configuration file is
2387syntactically valid by running the following command, which assumes that the
2388Exim binary directory is within your \\PATH\\ environment variable:
2389.display
2390exim -bV
2391.endd
2392If there are any errors in the configuration file, Exim outputs error messages.
2393Otherwise it outputs the version number and build date,
4964e932 2394the DBM library that is being used, and information about which drivers and
495ae4b0
PH
2395other optional code modules are included in the binary.
2396Some simple routing tests can be done by using the address testing option. For
2397example,
2398.display
2399exim -bt <<local username>>
2400.endd
2401should verify that it recognizes a local mailbox, and
2402.display
2403exim -bt <<remote address>>
2404.endd
2405a remote one. Then try getting it to deliver mail, both locally and remotely.
2406This can be done by passing messages directly to Exim, without going through a
2407user agent. For example:
2408.display
2409exim -v postmaster@@your.domain.example
2410From: user@@your.domain.example
2411To: postmaster@@your.domain.example
2412Subject: Testing Exim
2413
2414This is a test message.
2415^D
2416.endd
2417The \-v-\ option causes Exim to output some verification of what it is doing.
2418In this case you should see copies of three log lines, one for the message's
2419arrival, one for its delivery, and one containing `Completed'.
2420
2421.index delivery||problems with
2422If you encounter problems, look at Exim's log files (\*mainlog*\ and
2423\*paniclog*\) to see if there is any relevant information there. Another source
2424of information is running Exim with debugging turned on, by specifying the
2425\-d-\ option. If a message is stuck on Exim's spool, you can force a delivery
2426with debugging turned on by a command of the form
2427.display
2428exim -d -M <<message-id>>
2429.endd
2430You must be root or an `admin user' in order to do this. The \-d-\ option
2431produces rather a lot of output, but you can cut this down to specific areas.
2432For example, if you use \-d-all+route-\ only the debugging information relevant
2433to routing is included. (See the \-d-\ option in chapter ~~CHAPcommandline for
2434more details.)
2435
2436.index `sticky' bit
2437.index lock files
2438One specific problem that has shown up on some sites is the inability to do
2439local deliveries into a shared mailbox directory, because it does not have the
2440`sticky bit' set on it. By default, Exim tries to create a lock file before
2441writing to a mailbox file, and if it cannot create the lock file, the delivery
2442is deferred. You can get round this either by setting the `sticky bit' on the
2443directory, or by setting a specific group for local deliveries and allowing
2444that group to create files in the directory (see the comments above the
2445\%local@_delivery%\ transport in the default configuration file). Another
2446approach is to configure Exim not to use lock files, but just to rely on
2447\*fcntl()*\ locking instead. However, you should do this only if all user
2448agents also use \*fcntl()*\ locking. For further discussion of locking issues,
2449see chapter ~~CHAPappendfile.
2450
2451One thing that cannot be tested on a system that is already running an MTA is
2452the receipt of incoming SMTP mail on the standard SMTP port. However, the
2453\-oX-\ option can be used to run an Exim daemon that listens on some other
2454port, or \*inetd*\ can be used to do this. The \-bh-\ option and the
2455\*exim@_checkaccess*\ utility can be used to check out policy controls on
2456incoming SMTP mail.
2457
2458Testing a new version on a system that is already running Exim can most easily
2459be done by building a binary with a different \\CONFIGURE@_FILE\\ setting. From
2460within the run time configuration, all other file and directory names
2461that Exim uses can be altered, in order to keep it entirely clear of the
2462production version.
2463
2464.section Replacing another MTA with Exim
2465.index replacing another MTA
2466Building and installing Exim for the first time does not of itself put it in
2467general use. The name by which the system's MTA is called by mail user agents
2468is either \(/usr/sbin/sendmail)\, or \(/usr/lib/sendmail)\ (depending on the
2469operating system), and it is necessary to make this name point to the \*exim*\
2470binary in order to get the user agents to pass messages to Exim. This is
2471normally done by renaming any existing file and making \(/usr/sbin/sendmail)\
2472or \(/usr/lib/sendmail)\
2473.index symbolic link||to \*exim*\ binary
2474a symbolic link to the \*exim*\ binary. It is a good idea to remove any setuid
2475privilege and executable status from the old MTA. It is then necessary to stop
2476and restart the mailer daemon, if one is running.
2477
2478.index FreeBSD, MTA indirection
2479.index \(/etc/mail/mailer.conf)\
2480Some operating systems have introduced alternative ways of switching MTAs. For
2481example, if you are running FreeBSD, you need to edit the file
2482\(/etc/mail/mailer.conf)\ instead of setting up a symbolic link as just
2483described. A typical example of the contents of this file for running Exim is
2484as follows:
2485.display asis
2486sendmail /usr/exim/bin/exim
2487send-mail /usr/exim/bin/exim
2488mailq /usr/exim/bin/exim -bp
2489newaliases /usr/bin/true
2490.endd
2491
2492Once you have set up the symbolic link, or edited \(/etc/mail/mailer.conf)\,
2493your Exim installation is `live'. Check it by sending a message from your
2494favourite user agent.
2495
2496You should consider what to tell your users about the change of MTA. Exim may
2497have different capabilities to what was previously running, and there are
2498various operational differences such as the text of messages produced by
2499command line options and in bounce messages. If you allow your users to make
2500use of Exim's filtering capabilities, you should make the document entitled
2501.if ~~html
2502[(A HREF="filter.html")]
2503.fi
2504\*Exim's interface to mail filtering*\
2505.if ~~html
2506[(/A)]
2507.fi
2508available to them.
2509
2510
2511.section Upgrading Exim
2512.index upgrading Exim
2513If you are already running Exim on your host, building and installing a new
2514version automatically makes it available to MUAs, or any other programs that
2515call the MTA directly. However, if you are running an Exim daemon, you do need
2516to send it a HUP signal, to make it re-exec itself, and thereby pick up the new
2517binary. You do not need to stop processing mail in order to install a new
2518version of Exim.
2519
2520
2521.section Stopping the Exim daemon on Solaris
2522.index Solaris||stopping Exim on
2523The standard command for stopping the mailer daemon on Solaris is
2524.display
2525/etc/init.d/sendmail stop
2526.endd
2527If \(/usr/lib/sendmail)\ has been turned into a symbolic link, this script
2528fails to stop Exim because it uses the command \*ps -e*\ and greps the output
2529for the text `sendmail'; this is not present because the actual program name
2530(that is, `exim') is given by the \*ps*\ command with these options. A solution
2531is to replace the line that finds the process id with something like
2532.display asis
2533pid=`cat /var/spool/exim/exim-daemon.pid`
2534.endd
2535to obtain the daemon's pid directly from the file that Exim saves it in.
2536
4964e932
PH
2537Note, however, that stopping the daemon does not `stop Exim'. Messages can
2538still be received from local processes, and if automatic delivery is configured
495ae4b0
PH
2539(the normal case), deliveries will still occur.
2540
2541
2542.
2543.
2544.
2545.
2546. ============================================================================
2547.chapter The Exim command line
2548.set runningfoot "command line"
2549.rset CHAPcommandline ~~chapter
2550.index command line||options
2551.index options||command line
2552
2553Exim's command line takes the standard Unix form of a sequence of options,
2554each starting with a hyphen character, followed by a number of arguments. The
2555options are compatible with the main options of Sendmail, and there are also
2556some additional options, some of which are compatible with Smail 3. Certain
2557combinations of options do not make sense, and provoke an error if used.
2558The form of the arguments depends on which options are set.
2559
2560.section Setting options by program name
2561.index \*mailq*\
2562If Exim is called under the name \*mailq*\, it behaves as if the option \-bp-\
4964e932
PH
2563were present before any other options.
2564The \-bp-\ option requests a listing of the contents of the mail queue on the
495ae4b0
PH
2565standard output.
2566This feature is for compatibility with some systems that contain a command of
2567that name in one of the standard libraries, symbolically linked to
2568\(/usr/sbin/sendmail)\ or \(/usr/lib/sendmail)\.
2569
2570.index \*rsmtp*\
2571If Exim is called under the name \*rsmtp*\ it behaves as if the option \-bS-\
2572were present before any other options, for compatibility with Smail. The \-bS-\
2573option is used for reading in a number of messages in batched SMTP format.
2574
2575.index \*rmail*\
2576If Exim is called under the name \*rmail*\ it behaves as if the \-i-\ and
2577\-oee-\ options were present before any other options, for compatibility with
2578Smail. The name \*rmail*\ is used as an interface by some UUCP systems.
2579
2580.index \*runq*\
2581.index queue runner
2582If Exim is called under the name \*runq*\ it behaves as if the option \-q-\ were
2583present before any other options, for compatibility with Smail. The \-q-\
2584option causes a single queue runner process to be started.
2585
2586.index \*newaliases*\
2587.index alias file||building
2588.index Sendmail compatibility||calling Exim as \*newaliases*\
2589If Exim is called under the name \*newaliases*\ it behaves as if the option
2590\-bi-\ were present before any other options, for compatibility with Sendmail.
2591This option is used for rebuilding Sendmail's alias file. Exim does not have
2592the concept of a single alias file, but can be configured to run a given
2593command if called with the \-bi-\ option.
2594
2595.section Trusted and admin users
2596.rset SECTtrustedadmin "~~chapter.~~section"
2597Some Exim options are available only to \*trusted users*\ and others are
2598available only to \*admin users*\. In the description below, the phrases `Exim
2599user' and `Exim group' mean the user and group defined by \\EXIM@_USER\\ and
2600\\EXIM@_GROUP\\ in \(Local/Makefile)\ or set by the \exim@_user\ and
2601\exim@_group\ options. These do not necessarily have to use the name `exim'.
2602
2603.numberpars $.
2604.index trusted user||definition of
2605.index user||trusted, definition of
2606The trusted users are root, the Exim user, any user listed in the
2607\trusted@_users\ configuration option, and any user whose current group or any
2608supplementary group is one of those listed in the \trusted@_groups\
2609configuration option. Note that the Exim group is not automatically trusted.
2610
2611.index `From' line
2612.index envelope sender
2613Trusted users are always permitted to use the \-f-\ option or a leading `From '
2614line to specify the envelope sender of a message that is passed to Exim through
2615the local interface (see the \-bm-\ and \-f-\ options below). See the
2616\untrusted@_set@_sender\ option for a way of permitting non-trusted users to
2617set envelope senders.
2618.index ::From:: header line
2619.index ::Sender:: header line
2620For a trusted user, there is never any check on the contents of the ::From::
2621header line, and a ::Sender:: line is never added. Furthermore, any existing
2622::Sender:: line in incoming local (non-TCP/IP) messages is not removed.
2623
2624Trusted users may also specify a host name, host address, interface address,
2625protocol name, ident value, and authentication data when submitting a message
2626locally. Thus, they are able to insert messages into Exim's queue locally that
2627have the characteristics of messages received from a remote host. Untrusted
2628users may in some circumstances use \-f-\, but can never set the other values
2629that are available to trusted users.
2630.nextp
2631.index user||admin, definition of
2632.index admin user||definition of
2633The admin users are root, the Exim user, and any user that is a member of the
2634Exim group or of any group listed in the \admin@_groups\ configuration option.
2635The current group does not have to be one of these groups.
2636
2637Admin users are permitted to list the queue, and to carry out certain
2638operations on messages, for example, to force delivery failures. It is also
2639necessary to be an admin user in order to see the full information provided by
2640the Exim monitor, and full debugging output.
2641
2642By default, the use of the \-M-\, \-q-\, \-R-\, and \-S-\ options to cause Exim
2643to attempt delivery of messages on its queue is restricted to admin users.
2644However, this restriction can be relaxed by setting the \prod@_requires@_admin\
2645option false (that is, specifying \no@_prod@_requires@_admin\).
2646
2647Similarly, the use of the \-bp-\ option to list all the messages in the queue
2648is restricted to admin users unless \queue@_list@_requires@_admin\ is set
2649false.
2650.endp
2651
4964e932
PH
2652\**Warning**\: If you configure your system so that admin users are able to
2653edit Exim's configuration file, you are giving those users an easy way of
2654getting root. There is further discussion of this issue at the start of chapter
495ae4b0
PH
2655~~CHAPconf.
2656
2657
2658
2659.section Command line options
2660The command options are described in alphabetical order below.
2661
2662.startoptions
2663
2664.option @-
2665.index options||command line, terminating
2666This is a pseudo-option whose only purpose is to terminate the options and
2667therefore to cause subsequent command line items to be treated as arguments
2668rather than options, even if they begin with hyphens.
2669
2670.option -help
2671This option causes Exim to output a few sentences stating what it is.
4964e932 2672The same output is generated if the Exim binary is called with no options and
495ae4b0
PH
2673no arguments.
2674
2675.option B <<type>>
2676.index 8-bit characters
2677.index Sendmail compatibility||8-bit characters
2678This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit
2679clean; it ignores this option.
2680
2681.option bd
2682.index daemon
2683.index SMTP listener
2684.index queue runner
2685This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually
2686the \-bd-\ option is combined with the \-q-\<<time>> option, to specify that
2687the daemon should also initiate periodic queue runs.
2688
2689The \-bd-\ option can be used only by an admin user. If either of the \-d-\
2690(debugging) or \-v-\ (verifying) options are set, the daemon does not
2691disconnect from the controlling terminal. When running this way, it can be
2692stopped by pressing ctrl-C.
2693
2694By default, Exim listens for incoming connections to the standard SMTP port on
2695all the host's running interfaces. However, it is possible to listen on other
2696ports, on multiple ports, and only on specific interfaces. Chapter
2697~~CHAPinterfaces contains a description of the options that control this.
2698
2699.index daemon||process id (pid)
2700.index pid (process id)||of daemon
2701When a listening daemon is started without the use of \-oX-\ (that is, without
2702overriding the normal configuration), it writes its process id to a file called
2703\(exim-daemon.pid)\ in Exim's spool directory. This location can be overridden
2704by setting \\PID@_FILE@_PATH\\ in \(Local/Makefile)\. The file is written while
2705Exim is still running as root.
2706
2707When \-oX-\ is used on the command line to start a listening daemon, the
2708process id is not written to the normal pid file path. However, \-oP-\ can be
2709used to specify a path on the command line if a pid file is required.
2710
2711.index \\SIGHUP\\
2712The \\SIGHUP\\ signal can be used to cause the daemon to re-exec itself. This
2713should be done whenever Exim's configuration file, or any file that is
4964e932 2714incorporated into it by means of the \.include\ facility, is changed, and also
495ae4b0
PH
2715whenever a new version of Exim is installed. It is not necessary to do this
2716when other files that are referenced from the configuration (for example, alias
2717files) are changed, because these are reread each time they are used.
2718
2719.option bdf
2720This option has the same effect as \-bd-\ except that it never disconnects from
2721the controlling terminal, even when no debugging is specified.
2722
2723.option be
2724.index testing||string expansion
2725.index expansion||testing
2726Run Exim in expansion testing mode. Exim discards its root privilege, to
2727prevent ordinary users from using this mode to read otherwise inaccessible
2728files. If no arguments are given, Exim runs interactively, prompting for lines
2729of data. Long expressions can be split over several lines by using backslash
4964e932 2730continuations.
495ae4b0
PH
2731As in Exim's run time configuration, whitespace at the start of continuation
2732lines is ignored.
2733
2734Each argument or data line is passed through the string expansion mechanism,
2735and the result is output. Variable values from the configuration file (for
2736example, \$qualify@_domain$\) are available, but no message-specific values
2737(such as \$domain$\) are set, because no message is being processed.
2738
2739.option bF #<<filename>>
2740.index system filter||testing
2741.index testing||system filter
2742This option is the same as \-bf-\ except that it assumes that the filter being
2743tested is a system filter. The additional commands that are available only in
2744system filters are recognized.
2745
2746.option bf #<<filename>>
2747.index filter||testing
2748.index testing||filter file
2749.index forward file||testing
2750.index testing||forward file
2751.index Sieve filter||testing
2752This option runs Exim in filter testing mode; the file is the filter file to be
2753tested, and a test message must be supplied on the standard input. If there are
2754no message-dependent tests in the filter, an empty file can be supplied. If a
2755system filter file is being tested, \-bF-\ should be used instead of \-bf-\. If
4964e932 2756the test file does not begin with
495ae4b0
PH
2757one of the special lines
2758.display asis
2759# Exim filter
2760# Sieve filter
2761.endd
2762it is taken to be a normal \(.forward)\ file, and is tested for validity under
4964e932 2763that interpretation. See sections ~~SECTitenonfilred to ~~SECTspecitredli for a
495ae4b0
PH
2764description of the possible contents of non-filter redirection lists.
2765
2766The result of an Exim command that uses \-bf-\, provided no errors are
2767detected, is a list of the actions that Exim would try to take if presented
2768with the message for real. More details of filter testing are given in the
2769separate document entitled \*Exim's interfaces to mail filtering*\.
2770
2771.index `From' line
2772.index envelope sender
2773.index \-f-\ option||for filter testing
2774When testing a filter file, the envelope sender can be set by the \-f-\ option,
2775or by a `From ' line at the start of the test message. Various parameters that
2776would normally be taken from the envelope recipient address of the message can
2777be set by means of additional command line options. These are:
2778.display rm
2779.if ~~sys.fancy
2780.tabset 12em 16em
2781.else
2782.tabset 15em 20em
2783.fi
2784. The odd alignment here gets it lined up in the man page.
2785\-bfd-\ $t <<domain>> $t $rm{default is the qualify domain}
2786\-bfl-\ $t <<local@_part>> $t $rm{default is the logged in user}
2787\-bfp-\ $t <<local@_part@_prefix>> $t $rm{default is null}
2788\-bfs-\ $t <<local@_part@_suffix>> $t $rm{default is null}
2789.endd
2790The local part should always be set to the incoming address with any prefix or
2791suffix stripped, because that is how it appears to the filter when a message is
2792actually being delivered.
2793
2794.option bh #<<IP address>>
2795.index testing||incoming SMTP
2796.index SMTP||testing incoming
2797.index testing||relay control
2798.index relaying||testing configuration
2799.index policy control||testing
2800.index debugging||\-bh-\ option
2801This option runs a fake SMTP session as if from the given IP address, using the
2802standard input and output. The IP address may include a port number at the end,
2803after a full stop. For example:
2804.display asis
2805exim -bh 10.9.8.7.1234
2806exim -bh fe80::a00:20ff:fe86:a061.5678
2807.endd
2808Comments as to what is going on are written to the standard error file. These
2809include lines beginning with `LOG' for anything that would have been logged.
4964e932
PH
2810This facility is provided for testing configuration options for incoming
2811messages, to make sure they implement the required policy. For example, you can
495ae4b0
PH
2812test your relay controls using \-bh-\.
2813
2814.index RFC 1413
2815\**Warning 1**\: You cannot test features of the configuration that rely on
2816ident (RFC 1413) callouts. These cannot be done when testing using
2817\-bh-\ because there is no incoming SMTP connection.
2818
2819\**Warning 2**\: Address verification callouts (see section ~~SECTcallver) are
4964e932 2820also skipped when testing using \-bh-\. If you want these callouts to occur,
495ae4b0
PH
2821use \-bhc-\ instead.
2822
2823Messages supplied during the testing session are discarded, and nothing is
2824written to any of the real log files. There may be pauses when DNS (and other)
2825lookups are taking place, and of course these may time out. The \-oMi-\ option
2826can be used to specify a specific IP interface and port if this is important.
2827
2828The \*exim@_checkaccess*\ utility is a `packaged' version of \-bh-\ whose
2829output just states whether a given recipient address from a given host is
2830acceptable or not. See section ~~SECTcheckaccess.
2831
2832.option bhc #<<IP address>>
4964e932
PH
2833This option operates in the same way as \-bh-\, except that address
2834verification callouts are performed if required. This includes consulting and
2835updating the callout cache database.
495ae4b0
PH
2836
2837.option bi
2838.index alias file||building
2839.index building alias file
2840.index Sendmail compatibility||\-bi-\ option
2841Sendmail interprets the \-bi-\ option as a request to rebuild its alias file.
2842Exim does not have the concept of a single alias file, and so it cannot mimic
2843this behaviour. However, calls to \(/usr/lib/sendmail)\ with the \-bi-\ option
2844tend to appear in various scripts such as NIS make files, so the option must be
2845recognized.
2846
2847If \-bi-\ is encountered, the command specified by the \bi@_command\
2848configuration option is run, under the uid and gid of the caller of Exim. If
2849the \-oA-\ option is used, its value is passed to the command as an argument.
2850The command set by \bi@_command\ may not contain arguments. The command can use
2851the \*exim@_dbmbuild*\ utility, or some other means, to rebuild alias files if
2852this is required. If the \bi@_command\ option is not set, calling Exim with
2853\-bi-\ is a no-op.
2854
2855.option bm
2856.index local message reception
2857This option runs an Exim receiving process that accepts an incoming,
2858locally-generated message on the current input. The recipients are given as the
2859command arguments (except when \-t-\ is also present -- see below). Each
2860argument can be a comma-separated list of RFC 2822 addresses. This is the
2861default option for selecting the overall action of an Exim call; it is assumed
2862if no other conflicting option is present.
2863
2864If any addresses in the message are unqualified (have no domain), they are
2865qualified by the values of the \qualify@_domain\ or \qualify@_recipient\
2866options, as appropriate. The \-bnq-\ option (see below) provides a way of
2867suppressing this for special cases.
2868
4964e932 2869Policy checks on the contents of local messages can be enforced by means of the
495ae4b0
PH
2870non-SMTP ACL. See chapter ~~CHAPACL for details.
2871.index return code||for \-bm-\
2872The return code is zero if the message is successfully accepted. Otherwise, the
2873action is controlled by the \-oe$it{x}-\ option setting -- see below.
2874
2875.index message||format
2876.index format||message
2877.index `From' line
2878.index UUCP||`From' line
2879.index Sendmail compatibility||`From' line
2880The format of the message must be as defined in RFC 2822, except that, for
2881compatibility with Sendmail and Smail, a line in one of the forms
2882.display
2883From sender Fri Jan 5 12:55 GMT 1997
2884From sender Fri, 5 Jan 97 12:55:01
2885.endd
2886(with the weekday optional, and possibly with additional text after the date)
2887is permitted to appear at the start of the message. There appears to be no
2888authoritative specification of the format of this line. Exim recognizes it by
2889matching against the regular expression defined by the \uucp@_from@_pattern\
4964e932 2890option, which can be changed if necessary.
495ae4b0
PH
2891.index \-f-\ option||overriding `From' line
2892The specified sender is treated as if it were given as the argument to the
2893\-f-\ option, but if a \-f-\ option is also present, its argument is used in
2894preference to the address taken from the message. The caller of Exim must be a
2895trusted user for the sender of a message to be set in this way.
2896
2897.option bnq
2898.index address||qualification, suppressing
2899By default, Exim automatically qualifies unqualified addresses (those
2900without domains) that appear in messages that are submitted locally (that
2901is, not over TCP/IP). This qualification applies both to addresses in
4964e932
PH
2902envelopes, and addresses in header lines. Sender addresses are qualified using
2903\qualify@_domain\, and recipient addresses using \qualify@_recipient\ (which
495ae4b0
PH
2904defaults to the value of \qualify@_domain\).
2905
2906Sometimes, qualification is not wanted. For example, if \-bS-\ (batch SMTP) is
2907being used to re-submit messages that originally came from remote hosts after
2908content scanning, you probably do not want to qualify unqualified addresses in
2909header lines. (Such lines will be present only if you have not enabled a header
2910syntax check in the appropriate ACL.)
2911
2912The \-bnq-\ option suppresses all qualification of unqualified addresses in
2913messages that originate on the local host. When this is used, unqualified
2914addresses in the envelope provoke errors (causing message rejection) and
2915unqualified addresses in header lines are left alone.
2916
2917
2918.option bP
2919.index configuration options, extracting
2920.index options||configuration, extracting
2921If this option is given with no arguments, it causes the values of all Exim's
2922main configuration options to be written to the standard output. The values
2923of one or more specific options can be requested by giving their names as
2924arguments, for example:
2925.display
2926exim -bP qualify@_domain hold@_domains
2927.endd
2928However, any option setting that is preceded by the word `hide' in the
2929configuration file is not shown in full, except to an admin user. For other
2930users, the output is as in this example:
2931.display asis
2932mysql_servers = <value not displayable>
2933.endd
2934If \configure@_file\ is given as an argument, the name of the run time
2935configuration file is output.
4964e932 2936If a list of configuration files was supplied, the value that is output here
495ae4b0
PH
2937is the name of the file that was actually used.
2938
2939.index daemon||process id (pid)
2940.index pid (process id)||of daemon
2941If \log__file__path\ or \pid@_file@_path\ are given, the names of the
2942directories where log files and daemon pid files are written are output,
2943respectively. If these values are unset, log files are written in a
2944sub-directory of the spool directory called \log\, and the pid file is written
2945directly into the spool directory.
2946
2947If \-bP-\ is followed by a name preceded by \"+"\, for example,
2948.display asis
2949exim -bP +local_domains
2950.endd
2951it searches for a matching named list of any type (domain, host, address, or
2952local part) and outputs what it finds.
2953
2954.index options||router, extracting
2955.index options||transport, extracting
2956If one of the words \router\, \transport\, or \authenticator\ is given,
2957followed by the name of an appropriate driver instance, the option settings for
2958that driver are output. For example:
2959.display
2960exim -bP transport local@_delivery
2961.endd
2962The generic driver options are output first, followed by the driver's private
2963options. A list of the names of drivers of a particular type can be obtained by
2964using one of the words \router@_list\, \transport@_list\, or
2965\authenticator@_list\, and a complete list of all drivers with their option
2966settings can be obtained by using \routers\, \transports\, or \authenticators\.
2967
2968
2969.option bp
2970.index queue||listing messages on
2971.index listing||messages on the queue
2972This option requests a listing of the contents of the mail queue on the
2973standard output. If the \-bp-\ option is followed by a list of message ids,
2974just those messages are listed. By default, this option can be used only by an
2975admin user. However, the \queue__list__requires__admin\ option can be set false
2976to allow any user to see the queue.
2977
2978Each message on the queue is displayed as in the following example:
2979.display
298025m 2.9K 0t5C6f-0000c8-00 <alice@@wonderland.fict.example>
2981 red.king@@looking-glass.fict.example
2982 <<other addresses>>
2983.endd
2984.index message||size in queue listing
2985.index size||of message
2986The first line contains the length of time the message has been on the queue
2987(in this case 25 minutes), the size of the message (2.9K), the unique local
2988identifier for the message, and the message sender, as contained in the
2989envelope. For bounce messages, the sender address is empty, and appears as
2990`<>'. If the message was submitted locally by an untrusted user who overrode
2991the default sender address, the user's login name is shown in parentheses
2992before the sender address.
2993.index frozen messages||in queue listing
2994If the message is frozen (attempts to deliver it are suspended) then the text
2995`$*$$*$$*$ frozen $*$$*$$*$' is displayed at the end of this line.
2996
2997The recipients of the message (taken from the envelope, not the headers) are
2998displayed on subsequent lines. Those addresses to which the message has already
2999been delivered are marked with the letter D. If an original address gets
3000expanded into several addresses via an alias or forward file, the original is
3001displayed with a D only when deliveries for all of its child addresses are
3002complete.
3003
3004
3005.option bpa
3006This option operates like \-bp-\, but in addition it shows delivered addresses
3007that were generated from the original top level address(es) in each message by
3008alias or forwarding operations. These addresses are flagged with `+D' instead
3009of just `D'.
3010
3011
3012.option bpc
3013.index queue||count of messages on
3014This option counts the number of messages on the queue, and writes the total
3015to the standard output. It is restricted to admin users, unless
3016\queue__list__requires__admin\ is set false.
3017
3018
3019.option bpr
3020This option operates like \-bp-\, but the output is not sorted into
3021chronological order of message arrival. This can speed it up when there are
3022lots of messages on the queue, and is particularly useful if the output is
3023going to be post-processed in a way that doesn't need the sorting.
3024
3025.option bpra
3026This option is a combination of \-bpr-\ and \-bpa-\.
3027
3028.option bpru
3029This option is a combination of \-bpr-\ and \-bpu-\.
3030
3031
3032.option bpu
3033This option operates like \-bp-\ but shows only undelivered top-level addresses
3034for each message displayed. Addresses generated by aliasing or forwarding are
3035not shown, unless the message was deferred after processing by a router with
3036the \one@_time\ option set.
3037
3038
3039.option brt
3040.index testing||retry configuration
3041.index retry||configuration testing
3042This option is for testing retry rules, and it must be followed by up to three
3043arguments. It causes Exim to look for a retry rule that matches the values
3044and to write it to the standard output. For example:
3045.display asis
3046exim -brt bach.comp.mus.example
3047Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
3048.endd
3049See chapter ~~CHAPretry for a description of Exim's retry rules. The first
3050argument, which is required, can be a complete address in the form
3051\*local@_part@@domain*\, or it can be just a domain name. The second argument is
3052an optional second domain name; if no retry rule is found for the first
3053argument, the second is tried. This ties in with Exim's behaviour when looking
3054for retry rules for remote hosts -- if no rule is found that matches the host,
3055one that matches the mail domain is sought. The final argument is the name of a
3056specific delivery error, as used in setting up retry rules, for example
3057`quota@_3d'.
3058
3059.option brw
3060.index testing||rewriting
3061.index rewriting||testing
3062This option is for testing address rewriting rules, and it must be followed by
3063a single argument, consisting of either a local part without a domain, or a
3064complete address with a fully qualified domain. Exim outputs how this address
3065would be rewritten for each possible place it might appear. See chapter
3066~~CHAPrewrite for further details.
3067
3068.option bS
3069.index SMTP||batched incoming
3070.index batched SMTP input
3071This option is used for batched SMTP input, which is an alternative interface
3072for non-interactive local message submission. A number of messages can be
3073submitted in a single run. However, despite its name, this is not really SMTP
3074input. Exim reads each message's envelope from SMTP commands on the standard
3075input, but generates no responses. If the caller is trusted, or
3076\untrusted@_set@_sender\ is set, the senders in the SMTP \\MAIL\\ commands are
3077believed; otherwise the sender is always the caller of Exim.
3078
3079The message itself is read from the standard input, in SMTP format (leading
3080dots doubled), terminated by a line containing just a single dot. An error is
3081provoked if the terminating dot is missing. A further message may then follow.
3082
3083As for other local message submissions, the contents of incoming batch SMTP
3084messages can be checked using the non-SMTP ACL (see chapter ~~CHAPACL).
3085Unqualified addresses are automatically qualified using \qualify@_domain\ and
3086\qualify@_recipient\, as appropriate, unless the \-bnq-\ option is used.
3087
3088Some other SMTP commands are recognized in the input. \\HELO\\ and \\EHLO\\ act
3089as \\RSET\\; \\VRFY\\, \\EXPN\\, \\ETRN\\, and \\HELP\\ act as \\NOOP\\;
3090\\QUIT\\ quits, ignoring the rest of the standard input.
3091
3092If any error is encountered, reports are written to the standard output and
3093error streams, and Exim gives up immediately.
3094.index return code||for \-bS-\
3095The return code is 0 if no error was detected; it is 1 if one or more messages
3096were accepted before the error was detected; otherwise it is 2.
3097
3098More details of input using batched SMTP are given in section
3099~~SECTincomingbatchedSMTP.
3100
3101.option bs
3102.index SMTP||local input
3103.index local SMTP input
3104This option causes Exim to accept one or more messages by reading SMTP commands
3105on the standard input, and producing SMTP replies on the standard output. SMTP
4964e932 3106policy controls, as defined in ACLs (see chapter ~~CHAPACL) are applied.
495ae4b0
PH
3107
3108Some user agents use this interface as a way of passing locally-generated
3109messages to the MTA.
3110.index sender||source of
3111In this usage, if the caller of Exim is trusted, or \untrusted@_set@_sender\ is
3112set, the senders of messages are taken from the SMTP \\MAIL\\ commands.
3113Otherwise the content of these commands is ignored and the sender is set up as
3114the calling user. Unqualified addresses are automatically qualified using
3115\qualify@_domain\ and \qualify@_recipient\, as appropriate, unless the \-bnq-\
3116option is used.
3117
3118.index inetd
3119The \-bs-\ option is also used to run Exim from \*inetd*\, as an alternative to
3120using a listening daemon. Exim can distinguish the two cases by checking
4964e932
PH
3121whether the standard input is a TCP/IP socket. When Exim is called from
3122\*inetd*\, the source of the mail is assumed to be remote, and the comments
3123above concerning senders and qualification do not apply. In this situation,
3124Exim behaves in exactly the same way as it does when receiving a message via
495ae4b0
PH
3125the listening daemon.
3126
3127.option bt
3128.index testing||addresses
3129.index address||testing
3130This option runs Exim in address testing mode, in which each argument is taken
3131as an address to be tested for deliverability. The results are written to the
4964e932
PH
3132standard output.
3133If a test fails, and the caller is not an admin user, no details of the
3134failure are output, because these might contain sensitive information such as
495ae4b0
PH
3135usernames and passwords for database lookups.
3136
3137If no arguments are given, Exim runs in an interactive manner, prompting with a
3138right angle bracket for addresses to be tested. Each address is handled as if
3139it were the recipient address of a message (compare the \-bv-\ option). It is
3140passed to the routers and the result is written to the standard output.
4964e932 3141However, any router that has \no@_address@_test\ set is bypassed. This can
495ae4b0
PH
3142make \-bt-\ easier to use for genuine routing tests if your first router passes
3143everything to a scanner program.
3144
3145.index return code||for \-bt-\
3146The return code is 2 if any address failed outright; it is 1 if no address
3147failed outright but at least one could not be resolved for some reason. Return
3148code 0 is given only when all addresses succeed.
3149
3150\**Warning**\: \-bt-\ can only do relatively simple testing. If any of the
3151routers in the configuration makes any tests on the sender address of a
4964e932 3152message,
495ae4b0
PH
3153.index \-f-\ option||for address testing
3154you can use the \-f-\ option to set an appropriate sender when running
3155\-bt-\ tests. Without it, the sender is assumed to be the calling user at the
3156default qualifying domain. However, if you have set up (for example) routers
3157whose behaviour depends on the contents of an incoming message, you cannot test
3158those conditions using \-bt-\. The \-N-\ option provides a possible way of
3159doing such tests.
3160
3161.option bV
3162.index version number of Exim, verifying
3163This option causes Exim to write the current version number, compilation
3164number, and compilation date of the \*exim*\ binary to the standard output.
3165It also lists the DBM library this is being used, the optional modules (such as
3166specific lookup types), the drivers that are included in the binary, and the
3167name of the run time configuration file that is in use.
3168
3169.option bv
3170.index verifying||address, using \-bv-\
3171.index address||verification
3172This option runs Exim in address verification mode, in which each argument is
3173taken as an address to be verified. During normal operation, verification
3174happens mostly as a consequence processing a \verify\ condition in an ACL (see
3175chapter ~~CHAPACL). If you want to test an entire ACL, see the \-bh-\ option.
3176
3177If verification fails, and the caller is not an admin user, no details of the
3178failure are output, because these might contain sensitive information such as
3179usernames and passwords for database lookups.
3180
3181If no arguments are given, Exim runs in an interactive manner, prompting with a
3182right angle bracket for addresses to be verified. Verification differs from
3183address testing (the \-bt-\ option) in that routers that have \no@_verify\ set
3184are skipped, and if the address is accepted by a router that has \fail@_verify\
3185set, verification fails. The address is verified as a recipient if \-bv-\ is
3186used; to test verification for a sender address, \-bvs-\ should be used.
3187
3188If the \-v-\ option is not set, the output consists of a single line for each
3189address, stating whether it was verified or not, and giving a reason in the
3190latter case. Otherwise, more details are given of how the address has been
3191handled, and in the case of address redirection, all the generated addresses
3192are also considered. Without \-v-\, generating more than one address by
3193redirection causes verification to end sucessfully.
3194
3195.index return code||for \-bv-\
3196The return code is 2 if any address failed outright; it is 1 if no address
3197failed outright but at least one could not be resolved for some reason. Return
3198code 0 is given only when all addresses succeed.
3199
3200If any of the routers in the configuration makes any tests on the sender
3201address of a message, you should use the \-f-\ option to set an appropriate
3202sender when running \-bv-\ tests. Without it, the sender is assumed to be the
3203calling user at the default qualifying domain.
3204
3205.option bvs
3206This option acts like \-bv-\, but verifies the address as a sender rather
3207than a recipient address. This affects any rewriting and qualification that
3208might happen.
3209
3210.option C #<<filelist>>
3211.index configuration file||alternate
3212.index \\CONFIGURE@_FILE\\
3213.index alternate configuration file
3214This option causes Exim to find the run time configuration file from the given
3215list instead of from the list specified by the \\CONFIGURE@_FILE\\
3216compile-time setting. Usually, the list will consist of just a single file
3217name, but it can be a colon-separated list of names. In this case, the first
3218file that exists is used. Failure to open an existing file stops Exim from
3219proceeding any further along the list, and an error is generated.
3220
3221When this option is used by a caller other than root or the Exim user,
3222and the list is different from the compiled-in list, Exim gives up
3223its root privilege immediately, and runs with the real and effective uid and
3224gid set to those of the caller.
3225However, if \\ALT@_CONFIG@_ROOT@_ONLY\\ is defined in \(Local/Makefile)\, root
3226privilege is retained for \-C-\ only if the caller of Exim is root.
3227This option is not set by default.
3228
3229Setting \\ALT@_CONFIG@_ROOT@_ONLY\\ locks out the possibility of testing a
3230configuration using \-C-\ right through message reception and delivery, even if
3231the caller is root. The reception works, but by that time, Exim is running as
3232the Exim user, so when it re-execs to regain privilege for the delivery, the
3233use of \-C-\ causes privilege to be lost. However, root can test reception and
4964e932 3234delivery using two separate commands (one to put a message on the queue, using
495ae4b0
PH
3235\-odq-\, and another to do the delivery, using \-M-\).
3236
3237If \\ALT@_CONFIG@_PREFIX\\ is defined \(in Local/Makefile)\, it specifies a
3238prefix string with which any file named in a \-C-\ command line option
3239must start. In addition, the file name must not contain the sequence \"/../"\.
3240However, if the value of the \-C-\ option is identical to the value of
3241\\CONFIGURE@_FILE\\ in \(Local/Makefile)\, Exim ignores \-C-\ and proceeds as
4964e932 3242usual. There is no default setting for \\ALT@_CONFIG@_PREFIX\\; when it is
495ae4b0
PH
3243unset, any file name can be used with \-C-\.
3244
3245\\ALT@_CONFIG@_PREFIX\\ can be used to confine alternative configuration files
3246to a directory to which only root has access. This prevents someone who has
3247broken into the Exim account from running a privileged Exim with an arbitrary
3248configuration file.
3249
3250The \-C-\ facility is useful for ensuring that configuration files are
3251syntactically correct, but cannot be used for test deliveries, unless the
3252caller is privileged, or unless it is an exotic configuration that does not
3253require privilege. No check is made on the owner or group of the files
3254specified by this option.
3255
3256.option D <<macro>>=<<value>>
3257.index macro||setting on command line
3258This option can be used to override macro definitions in the configuration file
3259(see section ~~SECTmacrodefs). However, like \-C-\, if it is used by an
4964e932 3260unprivileged caller, it causes Exim to give up its root privilege.
495ae4b0
PH
3261If \\DISABLE@_D@_OPTION\\ is defined in \(Local/Makefile)\, the use of \-D-\ is
3262completely disabled, and its use causes an immediate error exit.
3263
3264The entire option (including equals sign if present) must all be within one
4964e932
PH
3265command line item. \-D-\ can be used to set the value of a macro to the empty
3266string, in which case the equals sign is optional. These two commands are
495ae4b0
PH
3267synonymous:
3268.display asis
3269exim -DABC ...
3270exim -DABC= ...
3271.endd
4964e932
PH
3272To include spaces in a macro definition item, quotes must be used. If you use
3273quotes, spaces are permitted around the macro name and the equals sign. For
495ae4b0
PH
3274example:
3275.display asis
3276exim '-D ABC = something' ...
3277.endd
3278\-D-\ may be repeated up to 10 times on a command line.
3279
3280.option d <<debug options>>
3281.index debugging||list of selectors
3282.index debugging||\-d-\ option
3283This option causes debugging information to be written to the standard
3284error stream. It is restricted to admin users because debugging output may show
3285database queries that contain password information. Also, the details of users'
3286filter files should be protected. When \-d-\ is used, \-v-\ is assumed. If
3287\-d-\ is given on its own, a lot of standard debugging data is output. This can
3288be reduced, or increased to include some more rarely needed information, by
3289following \-d-\ with a string made up of names preceded by plus or minus
3290characters. These add or remove sets of debugging data, respectively. For
3291example, \-d+filter-\ adds filter debugging, whereas \-d-all+filter-\ selects
3292only filter debugging. The available debugging categories are:
3293.display flow
3294.tabs 21
3295.
3296. The odd formatting of the lines below is deliberate. It does not affect the
3297. SGCAL output, but by putting in the space it keeps things aligned in the man
3298. page that is automatically generated from this text.
3299.
3300acl $t $rm{ACL interpretation}
3301auth $t $rm{authenticators}
3302deliver $t $rm{general delivery logic}
3303dns $t $rm{DNS lookups (see also resolver)}
3304dnsbl $t $rm{DNS black list (aka RBL) code}
3305exec $t $rm{arguments for \execv@(@)\ calls}
3306expand $t $rm{detailed debugging for string expansions}
3307filter $t $rm{filter handling}
3308hints@_lookup $t $rm{hints data lookups}
3309host@_lookup $t $rm{all types of name-to-IP address handling}
3310ident $t $rm{ident lookup}
3311interface $t $rm{lists of local interfaces}
3312lists $t $rm{matching things in lists}
3313load $t $rm{system load checks}
4964e932 3314local@_scan $t $rm{can be used by \*local@_scan()*\ (see chapter ~~CHAPlocalscan)}
495ae4b0
PH
3315lookup $t $rm{general lookup code and all lookups}
3316memory $t $rm{memory handling}
3317pid $t $rm{add pid to debug output lines}
3318process@_info $t $rm{setting info for the process log}
3319queue@_run $t $rm{queue runs}
3320receive $t $rm{general message reception logic}
3321resolver $t $rm{turn on the DNS resolver's debugging output}
3322retry $t $rm{retry handling}
3323rewrite $t $rm{address rewriting}
3324route $t $rm{address routing}
3325timestamp $t $rm{add timestamp to debug output lines}
3326tls $t $rm{TLS logic}
3327transport $t $rm{transports}
3328uid $t $rm{changes of uid/gid and looking up uid/gid}
3329verify $t $rm{address verification logic}
3330
3331all $t $rm{all of the above, and also \-v-\}
3332.endd
495ae4b0
PH
3333.index resolver, debugging output
3334.index DNS||resolver, debugging output
4964e932 3335The \"resolver"\ option produces output only if the DNS resolver was compiled
495ae4b0
PH
3336with \\DEBUG\\ enabled. This is not the case in some operating systems. Also,
3337unfortunately, debugging output from the DNS resolver is written to stdout
3338rather than stderr.
495ae4b0
PH
3339
3340The default (\-d-\ with no argument) omits \"expand"\, \"filter"\,
3341\"interface"\, \"load"\, \"memory"\, \"pid"\, \"resolver"\, and \"timestamp"\.
3342However, the \"pid"\ selector is forced when debugging is turned on for a
3343daemon, which then passes it on to any re-executed Exims. Exim also
3344automatically adds the pid to debug lines when several remote deliveries are
3345run in parallel.
3346
3347The \"timestamp"\ selector causes the current time to be inserted at the start
3348of all debug output lines. This can be useful when trying to track down delays
3349in processing.
3350
3351If the \debug@_print\ option is set in any driver, it produces output whenever
3352any debugging is selected, or if \-v-\ is used.
3353
3354.option dropcr
4964e932
PH
3355This is an obsolete option that is now a no-op. It used to affect the way Exim
3356handled CR and LF characters in incoming messages. What happens now is
495ae4b0
PH
3357described in section ~~SECTlineendings.
3358
3359
3360.option E
3361.index bounce message||generating
3362This option specifies that an incoming message is a locally-generated delivery
3363failure report. It is used internally by Exim when handling delivery failures
3364and is not intended for external use. Its only effect is to stop Exim
3365generating certain messages to the postmaster, as otherwise message cascades
3366could occur in some situations. As part of the same option, a message id may
3367follow the characters \-E-\. If it does, the log entry for the receipt of the
3368new message contains the id, following `R=', as a cross-reference.
3369
3370.option e$it{x}
3371There are a number of Sendmail options starting with \-oe-\ which seem to be
3372called by various programs without the leading \o\ in the option. For example,
3373the \vacation\ program uses \-eq-\. Exim treats all options of the form
3374\-e$it{x}-\ as synonymous with the corresponding \-oe$it{x}-\ options.
3375
3376.option F #<<string>>
3377.index sender||name
3378.index name||of sender
3379This option sets the sender's full name for use when a locally-generated
3380message is being accepted. In the absence of this option, the user's \*gecos*\
3381entry from the password data is used. As users are generally permitted to alter
3382their \*gecos*\ entries, no security considerations are involved. White space
3383between \-F-\ and the <<string>> is optional.
3384
3385.option f #<<address>>
3386.index sender||address
3387.index address||sender
3388.index trusted user
3389.index envelope sender
3390.index user||trusted
3391This option sets the address of the envelope sender of a locally-generated
3392message (also known as the return path). The option can normally be used only
3393by a trusted user, but \untrusted@_set@_sender\ can be set to allow untrusted
3394users to use it. In the absence of \-f-\, or if the caller is not allowed to
3395use it, the sender of a local message is set to the caller's login name at the
3396default qualify domain.
3397
4964e932 3398There is one exception to the restriction on the use of \-f-\: an empty sender
495ae4b0
PH
3399can be specified by any user, to create a message that can never provoke a
3400bounce. An empty sender can be specified either as an empty string, or as a
4964e932 3401pair of angle brackets with nothing between them, as in these examples of shell
495ae4b0
PH
3402commands:
3403.display asis
3404exim -f '<>' user@domain
3405exim -f "" user@domain
3406.endd
3407In addition, the use of \-f-\ is not restricted when testing a filter file with
3408\-bf-\ or when testing or verifying addresses using the \-bt-\ or \-bv-\
3409options.
3410
3411Allowing untrusted users to change the sender address does not of itself make
3412it possible to send anonymous mail. Exim still checks that the ::From:: header
3413refers to the local user, and if it does not, it adds a ::Sender:: header,
3414though this can be overridden by setting \no@_local@_from@_check\.
3415
3416.index `From' line
3417White space between \-f-\ and the <<address>> is optional
3418(that is, they can be given as two arguments or one combined argument).
3419The sender of a locally-generated message can also be set (when permitted) by
3420an initial `From ' line in the message -- see the description of \-bm-\ above
3421-- but if \-f-\ is also present, it overrides `From'.
3422
3423.option G
3424.index Sendmail compatibility||\-G-\ option ignored
3425This is a Sendmail option which is ignored by Exim.
3426
3427.option h #<<number>>
3428.index Sendmail compatibility||\-h-\ option ignored
3429This option is accepted for compatibility with Sendmail, but has no effect. (In
3430Sendmail it overrides the `hop count' obtained by counting ::Received::
3431headers.)
3432
3433.option i
3434.index Solaris||\*mail*\ command
3435.index dot||in incoming, non-SMTP message
3436This option, which has the same effect as \-oi-\, specifies that a dot on a
3437line by itself should not terminate an incoming, non-SMTP message. I can find
3438no documentation for this option in Solaris 2.4 Sendmail, but the \*mailx*\
3439command in Solaris 2.4 uses it. See also \-ti-\.
3440
3441.option M #<<message id>>#<<message id>> ...
3442.index forcing delivery
3443.index delivery||forcing attempt
3444.index frozen messages||forcing delivery
3445This option requests Exim to run a delivery attempt on each message in turn. If
3446any of the messages are frozen, they are automatically thawed before the
3447delivery attempt. The settings of \queue@_domains\, \queue@_smtp@_domains\, and
4964e932 3448\hold@_domains\ are ignored.
495ae4b0
PH
3449.index hints database||overriding retry hints
3450Retry hints for any of the addresses are
3451overridden -- Exim tries to deliver even if the normal retry time has not yet
3452been reached. This option requires the caller to be an admin user. However,
3453there is an option called \prod@_requires@_admin\ which can be set false to
3454relax this restriction (and also the same requirement for the \-q-\, \-R-\, and
3455\-S-\ options).
3456
3457
3458.option Mar #<<message id>>#<<address>>#<<address>> ...
3459.index message||adding recipients
3460.index recipient||adding
3461This option requests Exim to add the addresses to the list of recipients of the
3462message (`ar' for `add recipients'). The first argument must be a message id,
3463and the remaining ones must be email addresses. However, if the message is
3464active (in the middle of a delivery attempt), it is not altered. This option
3465can be used only by an admin user.
3466
3467.index SMTP||passed connection
3468.index SMTP||multiple deliveries
3469.index multiple SMTP deliveries
3470.option MC #<<transport>>#<<hostname>>#<<sequence number>>#<<message id>>
3471This option is not intended for use by external callers. It is used internally
3472by Exim to invoke another instance of itself to deliver a waiting message using
3473an existing SMTP connection, which is passed as the standard input. Details are
3474given in chapter ~~CHAPSMTP. This must be the final option, and the caller must
3475be root or the Exim user in order to use it.
3476
3477.option MCA
3478This option is not intended for use by external callers. It is used internally
3479by Exim in conjunction with the \-MC-\ option. It signifies that the connection
3480to the remote host has been authenticated.
3481
3482.option MCP
4964e932
PH
3483This option is not intended for use by external callers. It is used internally
3484by Exim in conjunction with the \-MC-\ option. It signifies that the server to
495ae4b0
PH
3485which Exim is connected supports pipelining.
3486
3487.option MCQ #<<process id>> <<pipe fd>>
3488This option is not intended for use by external callers. It is used internally
3489by Exim in conjunction with the \-MC-\ option when the original delivery was
3490started by a queue runner. It passes on the process id of the queue runner,
3491together with the file descriptor number of an open pipe. Closure of the pipe
3492signals the final completion of the sequence of processes that are passing
3493messages through the same SMTP connection.
3494
3495.option MCS
3496This option is not intended for use by external callers. It is used internally
3497by Exim in conjunction with the \-MC-\ option, and passes on the fact that the
3498SMTP \\SIZE\\ option should be used on messages delivered down the existing
3499connection.
3500
3501.option MCT
3502This option is not intended for use by external callers. It is used internally
3503by Exim in conjunction with the \-MC-\ option, and passes on the fact that the
3504host to which Exim is connected supports TLS encryption.
3505
3506.option Mc #<<message id>>#<<message id>> ...
3507.index hints database||not overridden by \-Mc-\
3508.index delivery||manually started, not forced
3509This option requests Exim to run a delivery attempt on each message in turn,
3510but unlike the \-M-\ option, it does check for retry hints, and respects any
3511that are found. This option is not very useful to external callers. It is
3512provided mainly for internal use by Exim when it needs to re-invoke itself in
3513order to regain root privilege for a delivery (see chapter ~~CHAPsecurity).
3514However, \-Mc-\ can be useful when testing, in order to run a delivery that
3515respects retry times and other options such as \hold@_domains\ that are
3516overridden when \-M-\ is used. Such a delivery does not count as a queue run.
3517If you want to run a specific delivery as if in a queue run, you should use
3518\-q-\ with a message id argument. A distinction between queue run deliveries
3519and other deliveries is made in one or two places.
3520
3521.option Mes #<<message id>>#<<address>>
3522.index message||changing sender
3523.index sender||changing
3524This option requests Exim to change the sender address in the message to the
3525given address, which must be a fully qualified address or `<>' (`es' for `edit
3526sender'). There must be exactly two arguments. The first argument must be a
3527message id, and the second one an email address. However, if the message is
3528active (in the middle of a delivery attempt), its status is not altered. This
3529option can be used only by an admin user.
3530
3531.option Mf #<<message id>>#<<message id>> ...
3532.index freezing messages
3533.index message||manually freezing
3534This option requests Exim to mark each listed message as `frozen'. This
3535prevents any delivery attempts taking place until the message is `thawed',
3536either manually or as a result of the \auto@_thaw\ configuration option.
3537However, if any of the messages are active (in the middle of a delivery
3538attempt), their status is not altered. This option can be used only by an admin
3539user.
3540
3541.option Mg #<<message id>>#<<message id>> ...
3542.index giving up on messages
3543.index message||abandoning delivery attempts
3544.index delivery||abandoning further attempts
3545This option requests Exim to give up trying to deliver the listed messages,
3546including any that are frozen. However, if any of the messages are active,
4964e932 3547their status is not altered.
495ae4b0
PH
3548For non-bounce messages, a delivery error message is sent to the sender,
3549containing the text `cancelled by administrator'. Bounce messages are just
3550discarded.
3551This option can be used only by an admin user.
3552
3553.option Mmad #<<message id>>#<<message id>> ...
3554.index delivery||cancelling all
3555This option requests Exim to mark all the recipient addresses in the messages
3556as already delivered (`mad' for `mark all delivered'). However, if any message
3557is active (in the middle of a delivery attempt), its status is not altered.
3558This option can be used only by an admin user.
3559
3560.option Mmd #<<message id>>#<<address>>#<<address>> ...
3561.index delivery||cancelling by address
3562.index recipient||removing
3563.index removing recipients
3564This option requests Exim to mark the given addresses as already delivered
3565(`md' for `mark delivered'). The first argument must be a message id, and the
3566remaining ones must be email addresses. These are matched to recipient
3567addresses in the message in a case-sensitive manner. If the message is active
3568(in the middle of a delivery attempt), its status is not altered. This option
3569can be used only by an admin user.
3570
3571.option Mrm #<<message id>>#<<message id>> ...
3572.index removing messages
3573.index abandoning mail
3574.index message||manually discarding
3575This option requests Exim to remove the given messages from the queue. No
3576bounce messages are sent; each message is simply forgotten. However, if any of
3577the messages are active, their status is not altered. This option can be used
3578only by an admin user or by the user who originally caused the message to be
3579placed on the queue.
3580
3581.option Mt #<<message id>>#<<message id>> ...
3582.index thawing messages
3583.index unfreezing messages
3584.index frozen messages||thawing
3585.index message||thawing frozen
3586This option requests Exim to `thaw' any of the listed messages that are
3587`frozen', so that delivery attempts can resume. However, if any of the messages
3588are active, their status is not altered. This option can be used only by an
3589admin user.
3590
3591.option Mvb #<<message id>>
3592.index listing||message body
3593.index message||listing body of
3594This option causes the contents of the message body (-D) spool file to be
3595written to the standard output. This option can be used only by an admin user.
3596
3597.option Mvh #<<message id>>
3598.index listing||message headers
3599.index header lines||listing
3600.index message||listing header lines
3601This option causes the contents of the message headers (-H) spool file to be
3602written to the standard output. This option can be used only by an admin user.
3603
3604.option Mvl #<<message id>>
3605.index listing||message log
3606.index message||listing message log
3607This option causes the contents of the message log spool file to be written to
3608the standard output. This option can be used only by an admin user.
3609
3610.option m
3611This is apparently a synonym for \-om-\ that is accepted by Sendmail, so Exim
3612treats it that way too.
3613
3614.option N
3615.index debugging||\-N-\ option
3616.index debugging||suppressing delivery
3617This is a debugging option that inhibits delivery of a message at the transport
3618level. It implies \-v-\. Exim goes through many of the motions of delivery --
3619it just doesn't actually transport the message, but instead behaves as if it
3620had successfully done so. However, it does not make any updates to the retry
3621database, and the log entries for deliveries are flagged with `$*$>' rather
3622than `=>'.
3623
3624Because \-N-\ discards any message to which it applies, only root or the Exim
3625user are allowed to use it with \-bd-\, \-q-\, \-R-\ or \-M-\. In other words,
3626an ordinary user can use it only when supplying an incoming message to which it
3627will apply. Although transportation never fails when \-N-\ is set, an address
3628may be deferred because of a configuration problem on a transport, or a routing
3629problem. Once \-N-\ has been used for a delivery attempt, it sticks to the
3630message, and applies to any subsequent delivery attempts that may happen for
3631that message.
3632
3633.option n
3634.index Sendmail compatibility||\-n-\ option ignored
3635This option is interpreted by Sendmail to mean `no aliasing'. It is ignored by
3636Exim.
3637
3638.option O #<<data>>
4964e932 3639This option is interpreted by Sendmail to mean `set option`. It is ignored by
495ae4b0
PH
3640Exim.
3641
3642.option oA #<<file name>>
3643.index Sendmail compatibility||\-oA-\ option
3644This option is used by Sendmail in conjunction with \-bi-\ to specify an
3645alternative alias file name. Exim handles \-bi-\ differently; see the
3646description above.
3647
3648.index SMTP||passed connection
3649.option oB #<<n>>
3650.index SMTP||multiple deliveries
3651.index multiple SMTP deliveries
3652This is a debugging option which limits the maximum number of messages that can
3653be delivered down one SMTP connection, overriding the value set in any \%smtp%\
3654transport. If <<n>> is omitted, the limit is set to 1.
3655
3656.option odb
3657.index background delivery
3658.index delivery||in the background
3659This option applies to all modes in which Exim accepts incoming messages,
3660including the listening daemon. It requests `background' delivery of such
3661messages, which means that the accepting process automatically starts delivery
3662process for each message received, but does not wait for the delivery process
3663to complete. This is the default action if none of the \-od-\ options are
4964e932 3664present.
495ae4b0
PH
3665
3666If one of the queueing options in the configuration file
3667(\queue@_only\ or \queue@_only@_file\, for example) is in effect, \-odb-\
3668overrides it if \queue@_only@_override\ is set true, which is the default
3669setting. If \queue@_only@_override\ is set false, \-odb-\ has no effect.
3670
3671.option odf
3672.index foreground delivery
3673.index delivery||in the foreground
3674This option requests `foreground' (synchronous) delivery when Exim has accepted
3675a locally-generated message. (For the daemon it is exactly the same as
3676\-odb-\.) A delivery process is automatically started to deliver the
3677message, and Exim waits for it to complete before proceeding.
4964e932 3678However, like \-odb-\, this option has no effect if \queue@_only@_override\ is
495ae4b0
PH
3679false and one of the queueing options in the configuration file is in effect.
3680
3681.option odi
3682This option is synonymous with \-odf-\. It is provided for compatibility with
3683Sendmail.
3684
3685.option odq
3686.index non-immediate delivery
3687.index delivery||suppressing immediate
3688.index queueing incoming messages
3689This option applies to all modes in which Exim accepts incoming messages,
3690including the listening daemon. It specifies that the accepting process should
3691not automatically start a delivery process for each message received. Messages
3692are placed on the queue, and remain there until a subsequent queue runner
3693process encounters them.
3694There are several configuration options (such as \queue@_only\) that can be
3695used to queue incoming messages under certain conditions. This option overrides
3696all of them and also \-odqs-\. It always forces queueing.
3697
3698.option odqs
3699.index SMTP||delaying delivery
4964e932 3700This option is a hybrid between \-odb-\/\-odi-\ and \-odq-\.
495ae4b0
PH
3701However, like \-odb-\ and \-odi-\, this option has no effect if
3702\queue@_only@_override\ is false and one of the queueing options in the
3703configuration file is in effect.
3704
3705When \-odqs-\ does operate, a delivery process is started for each incoming
3706message, in the background by default, but in the foreground if \-odi-\ is also
3707present.
3708The recipient addresses are routed, and local deliveries are done in the normal
3709way. However, if any SMTP deliveries are required, they are not done at this
3710time, so the message remains on the queue until a subsequent queue runner
3711process encounters it. Because routing was done, Exim knows which messages are
3712waiting for which hosts, and so a number of messages for the same host can be
3713sent in a single SMTP connection. The \queue@_smtp@_domains\ configuration
3714option has the same effect for specific domains. See also the \-qq-\ option.
3715
3716.option oee
3717.index error||reporting
3718If an error is detected while a non-SMTP message is being received (for
3719example, a malformed address), the error is reported to the sender in a mail
3720message.
3721.index return code||for \-oee-\
3722Provided this error message is successfully sent, the Exim receiving process
3723exits with a return code of zero. If not, the return code is 2 if the problem
3724is that the original message has no recipients, or 1 any other error. This is
3725the default \-oe$it{x}-\ option if Exim is called as \*rmail*\.
3726
3727.option oem
3728.index error||reporting
3729.index return code||for \-oem-\
3730This is the same as \-oee-\, except that Exim always exits with a non-zero
3731return code, whether or not the error message was successfully sent.
3732This is the default \-oe$it{x}-\ option, unless Exim is called as \*rmail*\.
3733
3734.option oep
3735.index error||reporting
3736If an error is detected while a non-SMTP message is being received, the
3737error is reported by writing a message to the standard error file (stderr).
3738.index return code||for \-oep-\
3739The return code is 1 for all errors.
3740
3741.option oeq
3742.index error||reporting
3743This option is supported for compatibility with Sendmail, but has the same
3744effect as \-oep-\.
3745
3746.option oew
3747.index error||reporting
3748This option is supported for compatibility with Sendmail, but has the same
3749effect as \-oem-\.
3750
3751.option oi
3752.index dot||in incoming, non-SMTP message
3753This option, which has the same effect as \-i-\, specifies that a dot on a line
3754by itself should not terminate an incoming, non-SMTP message.
4964e932 3755Otherwise, a single dot does terminate, though Exim does no special processing
495ae4b0 3756for other lines that start with a dot.
495ae4b0
PH
3757This option is set by default if Exim is called as \*rmail*\. See also \-ti-\.
3758
3759.option oitrue
3760This option is treated as synonymous with \-oi-\.
3761
3762.option oMa #<<host address>>
3763.index sender||host address, specifying for local message
3764A number of options starting with \-oM-\ can be used to set values associated
3765with remote hosts on locally-submitted messages (that is, messages not received
3766over TCP/IP). These options can be used by any caller in conjunction with the
4964e932 3767\-bh-\,
495ae4b0
PH
3768\-be-\,
3769\-bf-\, \-bF-\, \-bt-\, or \-bv-\ testing options. In other circumstances, they
3770are ignored unless the caller is trusted.
3771
3772The \-oMa-\ option sets the sender host address. This may include a port number
3773at the end, after a full stop (period). For example:
3774.display asis
3775exim -bs -oMa 10.9.8.7.1234
3776.endd
3777An alternative syntax is to enclose the IP address in square brackets, followed
3778by a colon and the port number:
3779.display asis
3780exim -bs -oMa [10.9.8.7]:1234
3781.endd
3782The IP address is placed in the \$sender@_host@_address$\ variable, and the
3783port, if present, in \$sender@_host@_port$\.
3784
3785.option oMaa #<<name>>
3786.index authentication||name, specifying for local message
3787See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMaa-\
3788option sets the value of \$sender@_host@_authenticated$\ (the authenticator
3789name). See chapter ~~CHAPSMTPAUTH for a discussion of SMTP authentication.
3790
3791.option oMai #<<string>>
3792.index authentication||id, specifying for local message
3793See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMai-\
4964e932 3794option sets the
495ae4b0
PH
3795value of \$authenticated@_id$\ (the id that was authenticated).
3796This overrides the default value (the caller's login id) for messages from
3797local sources. See chapter ~~CHAPSMTPAUTH for a discussion of authenticated
3798ids.
3799
3800.option oMas #<<address>>
3801.index authentication||sender, specifying for local message
3802See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMas-\
3803option sets the authenticated sender value
4964e932 3804in \$authenticated@_sender$\.
495ae4b0
PH
3805It overrides the sender address that is created from the caller's login id for
3806messages from local sources. See chapter ~~CHAPSMTPAUTH for a discussion of
3807authenticated senders.
3808
3809.option oMi #<<interface address>>
3810.index interface||address, specifying for local message
3811See \-oMa-\ above for general remarks about the \-oM-\ options. The \-oMi-\
3812option sets the IP interface address value. A port number may be included,
3813using the same syntax as for \-oMa-\.
4964e932 3814The interface address is placed in \$interface@_address$\ and the port number,
495ae4b0
PH
3815if present, in \$interface@_port$\.
3816
3817.option oMr #<<protocol name>>
3818.index protocol||incoming, specifying for local message