Regular expressions are available i
Exim 4.00 Specification chapter 11
Previous
Next
Contents
(Exim 4.00 Specification)
Many strings that are given in Exim's run time configuration are expanded
before use. Some of them are expanded every time they are used; others are
expanded only once.
When a string is being expanded it is copied verbatim from left to right except
when a dollar or backslash character is encountered. A dollar specifies the
start of a portion of the string which is interpreted and replaced as described
below in section 11.4 onwards.
An uninterpreted dollar can be included in an expanded string by putting a
backslash in front of it. A backslash can be used to prevent any special
character being treated specially in an expansion, including itself. If the
string appears in quotes in the configuration file, two backslashes are
required because the quotes themselves cause interpretation of backslashes when
the string is read in.
An entire portion of the string can specified as non-expandable by placing it
between two occurrences of \N. This is particularly useful for protecting
regular expressions, which often contain backslashes and dollar signs. For
example:
deny senders = \N^\d{8}[a-z]@some\.site\.example$\N
On encountering the first \N, the expander copies subsequent characters
without interpretation until it reaches the next \N or the end of the
string.
A backslash followed by one of the letters ``n'', ``r'', or ``t'' in an expanded
string is recognized as an escape sequence for the character newline, carriage
return, or tab, respectively. A backslash followed by up to three octal digits
is recognized as an octal encoding for a single character, and a backslash
followed by ``x'' and up to two hexadecimal digits is a hexadecimal encoding.
These escape sequences are also recognized in quoted strings when they are read
in. Their interpretation in expansions as well is useful for unquoted strings,
and for other cases such as looked-up strings that are then expanded.
Many expansions can be tested by calling Exim with the -be option. This takes
the command arguments, or lines from the standard input if there are no
arguments, runs them through the string expansion code, and writes the results
to the standard output. Variables based on configuration values are set up, but
since no message is being processed, variables such as $local_part have no
value. Nevertheless the -be option can be useful for checking out file and
database lookups, and the use of expansion operators such as substr and
hash.
Exim gives up its root privilege when it is called with the -be option, and
instead runs under the uid and gid it was called with, to prevent users from
using -be for reading files to which they normally do not have access.
The following items are recognized in expanded strings. White space may be used
between sub-items that are keywords or substrings enclosed in braces inside an
outer set of braces, to improve readability. Within braces, however, white
space is significant.
$<variable name> or ${�
Exim 4.00 Specification chapter 13
Previous
Next
Contents
(Exim 4.00 Specification)
The first part of the run time configuration file contains three types of item:
Macro definitions: These lines start with an upper case letter. See section
6.4 for details of macro processing.
Named list definitions: These lines start with one of the words ``domainlist'',
``hostlist'', ``addresslist'', or ``localpartlist''. Their use is described in
section 10.5.
Main configuration settings: Each setting occupies one line of the file
(including possible continuations). If any setting is preceded by the word
``hide'', the -bP option displays its value to admin users only (see section
6.5).
This chapter lists all the main configuration options, along with their types
and default values, in alphabetical order.
accept_8bitmime
Type: boolean
Default: false
This option causes Exim to send 8BITMIME in its response to an SMTP
EHLO command, and to accept the BODY= parameter on MAIL commands.
However, though Exim is 8-bit clean, it is not a protocol converter, and it
takes no steps to do anything special with messages received by this route.
Consequently, this option is turned off by default.
acl_smtp_auth
Type: string, expanded
Default: unset
This option defines the ACL that is run when an SMTP AUTH command is
received. See chapter 37 for further details.
acl_smtp_data
Type: string, expanded
Default: unset
This option defines the ACL that is run after an SMTP DATA command has been
processed and the message itself has been received, but before the final
acknowledgement is sent. See chapter 37 for further details.
acl_smtp_etrn
Type: string, expanded
Default: unset
This option defines the ACL that is run when an SMTP ETRN command is
received. See chapter 37 for further details.
acl_smtp_expn
Type: string, expanded
Default: unset
This option defines the ACL that is run when an SMTP EXPN command is
received. See chapter 37 for further details.
acl_smtp_rcpt
Type: string, expanded
Default: unset
This option defines the ACL that is run when an SMTP RCPT command is
received. See chapter 37 for further details.
acl_smtp_vrfy
Type: string, expanded
Default: unset
This option defines the ACL that is run when an SMTP VRFY command is
received. See chapter 37 for further details.
admin_groups
Type: string
Default: unset
If the current group or any of the supplementary groups of the caller is in
this colon-separated list, the caller has admin privileges. If all your system
programmers are in a specific group, for example, you can give them all Exim
admin privileges by putting that group in admin_groups. However, this does
not permit them to read Exim's spool files (whose group owner is the Exim gid).
To permit this, you have to add individuals to the Exim group.
allow_domain_literals
Type: boolean
Default: false
If this option is set, the RFC 2822 domain literal format is permitted in
email addresses. The option is not set by default, because the domain literal
format is not normally required these days, and few people know about it. It
has, however, been exploited by mail abusers.
allow_mx_to_ip
Type: boolean
Default: false
It appears that more and more DNS zone administrators are breaking the rules
and putting domain names that look like IP addresses on the right hand side of
MX records. Exim follows the rules and rejects this, giving an error message
that explains the mis-configuration. However, some other MTAs support this
practice, so to avoid ``Why can''t Exim do this?' complaints, allow_mx_to_ip
exists, in order to enable this heinous activity. It is not recommended, except
when you have no other choice.
auth_advertise_hosts
Type: host list, expanded
Default: *
If any server authentication mechanisms are configured, Exim advertises them in
response to an EHLO command only if the calling host matches this list.
Otherwise, Exim does not advertise AUTH, though it is always prepared to
accept it.
Certain mail clients (for example, Netscape) require the user to provide a name
and password for authentication if AUTH is advertised, even though it may
not be needed (the host may accept messages from hosts on its local LAN without
authentication, for example). The auth_advertise_hosts option can be used
to make these clients more friendly by excluding them from the set of hosts to
which Exim advertises AUTH.
auto_thaw
Type: time
Default: 0s
If this option is set to a time greater than zero, a queue runner will try a
new delivery attempt on any frozen message if this much time has passed since
it was frozen. This may result in the message being re-frozen if nothing has
changed since the last attempt. It is a way of saying ``keep on trying, even
though there are big problems''. See also timeout_frozen_after and
ignore_bounce_errors_after.
bi_command
Type: string
Default: unset
This option supplies the name of a command that is run when Exim is called with
the -bi option (see chapter 5). The string value is just the
command name, it is not a complete command line. If an argument is required, it
must come from the -oA command line option.
bounce_message_file
Type: string
Default: unset
This option defines a template file containing paragraphs of text to be used
for constructing bounce messages. Details of the file's contents are given in
chapter 40. See also warn_message_file.
bounce_message_text
Type: string
Default: unset
When this option is set, its contents are included in the default bounce
message immediately after ``This message was created automatically by mail
delivery software.'' It is not used if bounce_message_file is set.
bounce_return_message
Type: boolean
Default: true
If this option is set false, the original message is not included in bounce
messages generated by Exim. See also return_size_limit.
bounce_sender_authentication
Type: string
Default: unset
This option provides an authenticated sender address that is sent with any
bounce messages generated by Exim that are sent over an authenticated SMTP
connection. A typical setting might be:
bounce_sender_authentication = mailer-daemon@my.domain.example
which would cause bounce messages to be sent using the SMTP command:
MAIL FROM:<> AUTH=mailer-daemon@my.domain.example
The value of bounce_sender_authentication must always be a complete email
address.
check_log_inodes
Type: integer
Default: 0
See check_spool_space below.
check_log_space
Type: integer
Default: 0
See check_spool_space below.
check_spool_inodes
Type: integer
Default: 0
See check_spool_space below.
check_spool_space
Type: integer
Default: 0
The four check_... options allow for checking of disc resources before a
message is accepted: check_spool_space and check_spool_inodes check the
spool partition if either value is greater than zero, for example:
check_spool_space = 10M
check_spool_inodes = 100
The spool partition is the one which contains the directory defined by
SPOOL_DIRECTORY in Local/Makefile. It is used for holding messages in
transit.
check_log_space and check_log_inodes check the partition in which log
files are written if either is greater than zero. These should be set only if
log_file_path and spool_directory refer to different partitions.
If there is less space or fewer inodes than requested, Exim refuses to accept
incoming mail. In the case of SMTP input this is done by giving a 452 temporary
error response to the MAIL command. If ESMTP is in use and there was a
SIZE parameter on the MAIL command, its value is added to the
check_spool_space value, and the check is performed even if
check_spool_space is zero, unless no_smtp_check_spool_space is set.
For non-SMTP input and for batched SMTP input, the test is done at start-up; on
failure a message is written to stderr and Exim exits with a non-zero code, as
it obviously cannot send an error message of any kind.
daemon_smtp_port
Type: string
Default: unset
This option specifies the default SMTP port on which the Exim daemon listens.
It can either be given as a number, or as a service name. It can be overridden
by giving an explicit port number on an IP address in the local_interfaces
option, or by using -oX on the command line. If this option is not set, the
service name ``smtp'' is used.
delay_warning
Type: time list
Default: 24h
When a message is delayed, Exim sends a warning message to the sender at
intervals specified by this option. If it is set to a zero, no warnings are
sent. The data is a colon-separated list of times after which to send warning
messages. Up to 10 times may be given. If a message has been on the queue for
longer than the last time, the last interval between the times is used to
compute subsequent warning times. For example, with
delay_warning = 4h:8h:24h
the first message is sent after 4 hours, the second after 8 hours, and
subsequent ones every 16 hours thereafter. To stop warnings after a given time,
set a huge subsequent time.
delay_warning_condition
Type: string, expanded
Default: see below
The string is expanded at the time a warning message might be sent. If all the
deferred addresses have the same domain, it is set in $domain during the
expansion. Otherwise $domain is empty. If the result of the expansion is a
forced failure, an empty string, or a string matching any of ``0'', ``no'' or
``false'' (the comparison being done caselessly) then the warning message is not
sent. The default is
delay_warning_condition = \
${if match{$h_precedence:}{(?i)bulk|list|junk}{no}{yes}}
which suppresses the sending of warnings about messages that have ``bulk'',
``list'' or ``junk'' in a Precedence: header.
deliver_drop_privilege
Type: boolean
Default: false
If this option is set true, Exim drops its root privilege at the start of a
delivery process, and runs as the Exim user throughout. This severely restricts
the kinds of local delivery that are possible, but is viable in certain types
of configuration. There is a discussion about the use of root privilege in
chapter 47.
deliver_queue_load_max
Type: fixed-point
Default: unset
When this option is set, a queue run is abandoned if the system load average
becomes greater than the value of the option. The option has no effect on
ancient operating systems on which Exim cannot determine the load average.
See also queue_only_load and smtp_load_reserve.
delivery_date_remove
Type: boolean
Default: true
Exim's transports have an option for adding a Delivery-date: header to a
message when it is delivered - in exactly the same way as Return-path: is
handled. Delivery-date: records the actual time of delivery. Such headers
should not be present in incoming messages, and this option causes them to be
removed at the time the message is received, to avoid any problems that might
occur when a delivered message is subsequently sent on to some other recipient.
dns_again_means_nonexist
Type: domain list, expanded
Default: unset
DNS lookups give a ``try again'' response for the DNS errors ``non-authoritative
host not found'' and ``SERVERFAIL''. This can cause Exim to keep trying to
deliver a message, or to give repeated temporary errors to incoming mail.
Sometimes the effect is caused by a badly set up name server and may persist
for a long time. If a domain which exhibits this problem matches anything in
dns_again_means_nonexist, it is treated as if it did not exist. This
option should be used with care.
dns_check_names_pattern
Type: string
Default: see below
When this option is set to a non-empty string, it causes Exim to check domain
names for illegal characters before handing them to the DNS resolver, because
some resolvers give temporary errors for malformed names. If a domain name
contains any illegal characters, a ``not found'' result is forced, and the
resolver is not called. The check is done by matching the domain name against a
regular expression, which is the value of this option. The default pattern is
dns_check_names_pattern = \
(?i)^(?>(?(1)\.|())[^\W_](?>[a-z0-9-]*[^\W_])?)+$
which permits only letters, digits, and hyphens in components, but they may not
start or end with a hyphen.
dns_ipv4_lookup
Type: domain list, expanded
Default: unset
When Exim is compiled with IPv6 support, it looks for IPv6 address records
(AAAA and, if configured, A6) as well as IPv4 address records when trying to
find IP addresses for hosts, unless the host's domain matches this list.
This is a fudge to help with name servers that give big delays or otherwise do
not work for the new IPv6 record types. If Exim is handed an IPv6 address
record as a result of an MX lookup, it always recognizes it, and may as a
result make an outgoing IPv6 connection. All this option does is to make Exim
look only for IPv4-style A records when it needs to find an IP address for a
host name. In due course, when the world's name servers have all been upgraded,
there should be no need for this option.
dns_retrans
Type: time
Default: 0s
The options dns_retrans and dns_retry can be used to set the
retransmission and retry parameters for DNS lookups. Values of zero (the
defaults) leave the system default settings unchanged. The first value is the
time between retries, and the second is the number of retries. It isn't
totally clear exactly how these settings affect the total time a DNS lookup may
take. I haven't found any documentation about timeouts on DNS lookups; these
parameter values are available in the external resolver interface structure,
but nowhere does it seem to describe how they are used or what you might want
to set in them.
dns_retry
Type: integer
Default: 0
See dns_retrans above.
drop_cr
Type: boolean
Default: false
Setting drop_cr true affects non-SMTP messages that are submitted locally.
It causes every carriage return character that immediately precedes a linefeed
to be discarded. Other carriage returns are treated as data. This action can be
requested for individual messages by means of the -dropcr command line
option.
envelope_to_remove
Type: boolean
Default: true
Exim's transports have an option for adding an Envelope-to: header to a
message when it is delivered - in exactly the same way as Return-path: is
handled. Envelope-to: records the original recipient address from the
messages's envelope that caused the delivery to happen. Such headers should not
be present in incoming messages, and this option causes them to be removed at
the time the message is received, to avoid any problems that might occur when a
delivered message is subsequently sent on to some other recipient.
errors_copy
Type: string list, expanded
Default: unset
Setting this option causes Exim to send bcc copies of bounce messages that it
generates to other addresses. Note: this does not apply to bounce messages
coming from elsewhere. The value of the option is a colon-separated list of
items. Each item consists of a pattern, terminated by white space, followed by
a comma-separated list of email addresses. If a pattern contains spaces, it
must be enclosed in double quotes.
Each pattern is processed in the same way as a single item in an address list
(see section 10.12). When a pattern matches the recipient of the
bounce message, the message is copied to the addresses on the list. The items
are scanned in order, and once a matching one is found, no further items are
examined. For example:
errors_copy = spqr@mydomain postmaster@mydomain.example :\
rqps@mydomain hostmaster@mydomain.example,\
postmaster@mydomain.example
The address list is expanded before use. The expansion variables
$local_part and $domain are set from the original recipient of the error
message, and if there was any wildcard matching in the pattern, the expansion
variables $0, $1, etc. are set in the normal way.
errors_reply_to
Type: string
Default: unset
Exim's bounce messages contain the header line
From: Mail Delivery System <Mailer-Daemon@$qualify_domain>
(suitably expanded). Experience shows that a large number of people reply to
bounce messages. If the errors_reply_to option is set, a Reply-To: header
is added. The option must specify the complete header body.
exim_group
Type: string
Default: compile-time configured
This option changes the gid under which Exim runs when it gives up root
privilege. The default value is compiled into the binary. The value of this
option is used only when exim_user is also set. Unless it consists entirely
of digits, the string is looked up using getgrnam(), and failure causes a
configuration error. See chapter 47 for a discussion of security
issues.
exim_path
Type: string
Default: see below
This option specifies the path name of the Exim binary, which is used when Exim
needs to re-exec itself. The default is set up to point to the file exim in
the directory configured at compile time by the BIN_DIRECTORY setting. It
is necessary to change exim_path if Exim is run from some other place.
exim_user
Type: string
Default: compile-time configured
This option changes the uid under which Exim runs when it gives up root
privilege. The default value is compiled into the binary. Ownership of the run
time configuration file and the use of the -C and -D command line options
is checked against the values in the binary, not what is set here.
Unless it consists entirely of digits, the string is looked up using
getpwnam(), and failure causes a configuration error. If exim_group is
not also supplied, the gid is taken from the result of getpwnam() if it is
used. See chapter 47 for a discussion of security issues.
extract_addresses_remove_arguments
Type: boolean
Default: true
According to some Sendmail documentation (Sun, IRIX, HP-UX), if any addresses
are present on the command line when the -t option is used to build an
envelope from a message's To:, Cc: and Bcc: headers, the command line
addresses are removed from the recipients list. This is also how Smail behaves.
However, other Sendmail documentation (the O'Reilly book) states that command
line addresses are added to those obtained from the header lines. When
extract_addresses_remove_arguments is true (the default), Exim subtracts
argument headers. If it is set false, Exim adds rather than removes argument
addresses.
finduser_retries
Type: integer
Default: 0
On systems running NIS or other schemes in which user and group information is
distributed from a remote system, there can be times when getpwnam() and
related functions fail, even when given valid data, because things time out.
Unfortunately these failures cannot be distinguished from genuine ``not found''
errors. If finduser_retries is set greater than zero, Exim will try that
many extra times to find a user or a group, waiting for one second between
retries.
freeze_tell
Type: string
Default: unset
On encountering certain errors, or when configured to do so in a system filter,
Exim freezes a message. This means that no further delivery attempts take place
until an administrator (or the auto_thaw feature) thaws the message. If
freeze_tell is set, Exim generates a warning message whenever it freezes
something, unless the message it is freezing is a bounce message. (Without this
exception there is the possibility of looping.) The warning message is sent to
the addresses supplied as the comma-separated value of this option. If several
of the message's addresses cause freezing, only a single message is sent. The
reason(s) for freezing can be found in the message log.
gecos_name
Type: string, expanded
Default: unset
Some operating systems, notably HP-UX, use the ``gecos'' field in the system
password file to hold other information in addition to users' real names. Exim
looks up this field for use when it is creating Sender: or From: headers.
If either gecos_pattern or gecos_name are unset, the contents of the
field are used unchanged, except that, if an ampersand is encountered, it is
replaced by the user's login name with the first character forced to
upper case, since this is a convention that is observed on many systems.
When these options are set, gecos_pattern is treated as a regular expression
that is to be applied to the field (again with & replaced by the login name),
and if it matches, gecos_name is expanded and used as the user's name.
Numeric variables such as $1, $2, etc. can be used in the expansion to
pick up sub-fields that were matched by the pattern. In HP-UX, where the user's
name terminates at the first comma, the following can be used:
gecos_pattern = ([^,]*)
gecos_name = $1
gecos_pattern
Type: string
Default: unset
See gecos_name above.
helo_accept_junk_hosts
Type: host list, expanded
Default: unset
Exim checks the syntax of HELO and EHLO commands for incoming SMTP
mail, and gives an error response for invalid data. Unfortunately, there are
some SMTP clients that send syntactic junk. They can be accommodated by setting
this option. Note that this is a syntax check only. See helo_verify_hosts
if you want to do semantic checking.
helo_lookup_domains
Type: domain list, expanded
Default: @:@[]
If the domain given by a client in a HELO or EHLO command matches this
list, a reverse lookup is done in order to establish the host's true name. The
default forces a lookup if the client host gives the server's name or any of
its IP addresses (in brackets), something that broken clients have been seen to
do.
helo_try_verify_hosts
Type: host list, expanded
Default: unset
See helo_verify_hosts below.
helo_verify_hosts
Type: host list, expanded
Default: unset
The RFCs mandate that a server must not reject a message because it doesn't
like the HELO or EHLO command. By default, Exim just checks the syntax
of these commands (see helo_accept_junk_hosts above). However, some sites
like to be stricter. If helo_verify_hosts or helo_try_verify_hosts is
set, Exim refuses to accept messages from hosts that match either of them,
unless a HELO or EHLO command is received before the MAIL command.
Otherwise, MAIL commands are rejected with a 550 error. Furthermore, Exim
checks that the host name given in the HELO or EHLO command either:
is an IP literal matching the calling address of the host (the RFCs
specifically allow this), or
-
matches the host name that Exim obtains by doing a reverse lookup of the
calling host address, or
when looked up using gethostbyname() yields the calling host address.
The difference between helo_verify_hosts and helo_try_verify_hosts is
in what happens if these conditions are not met. For hosts that match the
former option, the HELO or EHLO command is rejected with a 550 error,
and entries are written to the main and reject logs. For the latter option,
processing continues. This state can be detected in an ACL, allowing it to be
used to accept or reject addresses in conjunction with other options.
hold_domains
Type: domain list, expanded
Default: unset
This option allows mail for particular domains to be held on the queue
manually. The option is overridden if a message delivery is forced with the
-M, -qf, -Rf or -Sf options, and also while testing or verifying
addresses using -bt or -bv. Otherwise, if a domain matches an item in
hold_domains, no routing or delivery for that address is done, and it is
deferred every time the message is looked at.
This option is intended as a temporary operational measure for delaying the
delivery of mail while some problem is being sorted out, or some new
configuration tested. If you just want to delay the processing of some
domains until a queue run occurs, you should use queue_domains or
queue_smtp_domains, not hold_domains.
A setting of hold_domains does not override Exim's code for removing
messages from the queue if they have been there longer than the longest retry
time in any retry rule. If you want to hold messages for longer than the normal
retry times, insert a dummy retry rule with a long retry time.
host_lookup
Type: host list, expanded
Default: unset
Exim does not look up the name of a calling host from its IP address unless it
is required to compare against some host list, or helo_verify_hosts is set,
or the address matches this option (which normally contains IP addresses rather
than host names). The default configuration file contains
host_lookup = *
which causes a lookup to happen for all hosts. If the expense of these lookups
is felt to be too great, the setting can be changed or removed. See also
helo_lookup_domains.
host_reject_connection
Type: host list, expanded
Default: unset
If this option is set, incoming SMTP calls from the hosts listed are rejected
as soon as the connection is made. This option is provided for use in unusual
cases. Many host will just try again. Normally, it is better to use an ACL to
reject incoming messages at a later stage, such as after RCPT commands. See
chapter 37.
hosts_treat_as_local
Type: domain list, expanded
Default: unset
If this option is set, any host names that match the domain list are treated as
if they were the local host when Exim is scanning host lists obtained from MX
records. This option also applies when Exim is matching the special items
@mx_any, @mx_primary, and @mx_secondary in a domain list (see
section 10.6), and when checking the host option in the smtp
transport for the local host (see the allow_localhost option in that
transport).
ignore_bounce_errors_after
Type: time
Default: 10w
This option affects the processing of bounce messages that cannot be delivered.
After an initial failure, such messages are frozen, because there is no sender
to whom they can be returned. When a frozen bounce message has been on the
queue for more than the given time, it is unfrozen at the next queue run, and a
further delivery is attempted. If delivery fails again, the bounce message is
discarded. This makes it possible to keep failed bounce messages around for a
shorter time than the normal maximum retry time for frozen messages. For
example,
ignore_bounce_errors_after = 12h
retries failed bounce message deliveries after 12 hours, discarding any further
failures. If the value of this option is set to a zero time period, bounce
failures are discarded immediately. Setting a very long time (as in the default
value) has the effect of disabling this option. For ways of automatically
dealing with other kinds of frozen message, see auto_thaw and
timeout_frozen_after.
ignore_fromline_hosts
Type: host list, expanded
Default: unset
Some broken SMTP clients insist on sending a UUCP-like ``From'' line before the
headers of a message. By default this is treated as the start of the message's
body, which means that any following headers are not recognized as such. Exim
can be made to ignore it by setting ignore_fromline_hosts to match those
hosts that insist on sending it. If the sender is actually a local process
rather than a remote host, and is using -bs to inject the messages,
ignore_fromline_local must be set to achieve this effect.
ignore_fromline_local
Type: boolean
Default: false
See ignore_fromline_hosts above.
keep_malformed
Type: time
Default: 4d
This option specifies the length of time to keep messages whose spool files
have been corrupted in some way. This should, of course, never happen. At the
next attempt to deliver such a message, it gets removed. The incident is
logged.
ldap_default_servers
Type: string list
Default: unset
This option provides a list of LDAP servers which are tried in turn when an
LDAP query does not contain a server. See section 9.10 for details
of LDAP queries. This option is available only when Exim has been built with
LDAP support.
local_from_check
Type: boolean
Default: true
When a message is submitted locally (that is, not over a TCP/IP connection) by
an untrusted user, Exim removes any existing Sender: header line, and checks
that the From: header line matches the login of the calling user. You can
use local_from_prefix and local_from_suffix to permit affixes on the
local part. If the From: header line does not match, Exim adds a Sender:
header with an address constructed from the calling user's login and the
default qualify domain.
If local_from_check is set false, the From: header check is disabled,
and no Sender: header is ever added. If, in addition, you want to retain
Sender: header lines supplied by untrusted users, you must also set
local_sender_retain to be true.
These options affect only the header lines in the message. The envelope sender
is still forced to be the login id at the qualify domain unless
untrusted_set_sender permits the user to supply an envelope sender.
Section 43.12 has more details about Sender: processing.
local_from_prefix
Type: string
Default: unset
When Exim checks the From: header line of locally submitted messages for
matching the login id (see local_from_check above), it can be configured to
ignore certain prefixes and suffixes in the local part of the address. This is
done by setting local_from_prefix and/or local_from_suffix to
appropriate lists, in the same form as the local_part_prefix and
local_part_suffix router options (see chapter 14). For
example, if
local_from_prefix = *-
is set, a From: line containing
From: anything-user@your.domain.example
will not cause a Sender: header to be added if user@your.domain.example
matches the actual sender address that is constructed from the login name and
qualify domain.
local_from_suffix
Type: string
Default: unset
See local_from_prefix above.
local_interfaces
Type: string list
Default: unset
The string must contain a list of IP addresses, in dotted-quad format for IPv4
addresses, or in colon-separated format for IPv6 addresses. It is usually
easier to change the list separator character instead of doubling all the
colons in IPv6 addresses. For example:
local_interfaces = <; 127.0.0.1 ; \
192.168.23.65 ; \
::1 ; \
3ffe:ffff:836f::fe86:a061
A port number can be specified along with each IP address. Two different
formats are recognized:
The port is added onto the address with a dot separator, for example,
local_interfaces = <; 192.168.23.65.1234 ; \
3ffe:ffff:836f::fe86:a061.1234
The IP address is enclosed in square brackets, and the port is added with a
colon separator, for example,
local_interfaces = <; [192.168.23.65]:1234 ; \
[3ffe:ffff:836f::fe86:a061]:1234
This list of IP addresses is used for two different purposes: