The first part of the run time configuration file contains three types of item:
Macro definitions: These lines start with an upper case letter. See section 6.4 for details of macro processing.
Named list definitions: These lines start with one of the words ``domainlist'', ``hostlist'', ``addresslist'', or ``localpartlist''. Their use is described in section 10.5.
Main configuration settings: Each setting occupies one line of the file (including possible continuations). If any setting is preceded by the word ``hide'', the -bP option displays its value to admin users only (see section 6.5).
This chapter lists all the main configuration options, along with their types and default values, in alphabetical order.
This option causes Exim to send 8BITMIME in its response to an SMTP EHLO command, and to accept the BODY= parameter on MAIL commands. However, though Exim is 8-bit clean, it is not a protocol converter, and it takes no steps to do anything special with messages received by this route. Consequently, this option is turned off by default.
This option defines the ACL that is run when an SMTP AUTH command is received. See chapter 37 for further details.
This option defines the ACL that is run after an SMTP DATA command has been processed and the message itself has been received, but before the final acknowledgement is sent. See chapter 37 for further details.
This option defines the ACL that is run when an SMTP ETRN command is received. See chapter 37 for further details.
This option defines the ACL that is run when an SMTP EXPN command is received. See chapter 37 for further details.
This option defines the ACL that is run when an SMTP RCPT command is received. See chapter 37 for further details.
This option defines the ACL that is run when an SMTP VRFY command is received. See chapter 37 for further details.
If the current group or any of the supplementary groups of the caller is in this colon-separated list, the caller has admin privileges. If all your system programmers are in a specific group, for example, you can give them all Exim admin privileges by putting that group in admin_groups. However, this does not permit them to read Exim's spool files (whose group owner is the Exim gid). To permit this, you have to add individuals to the Exim group.
Exim's command line takes the standard Unix form of a sequence of options, each starting with a hyphen character, followed by a number of arguments. The options are compatible with the main options of Sendmail, and there are also some additional options, some of which are compatible with Smail 3. Certain combinations of options do not make sense, and provoke an error if used. The form of the arguments depends on which options are set.
If Exim is called under the name mailq, it behaves as if the option -bp were present before any other options. The -bp option requests a listing of the contents of the mail queue on the standard output. This feature is for compatibility with some systems that contain a command of that name in one of the standard libraries, symbolically linked to /usr/sbin/sendmail or /usr/lib/sendmail.
If Exim is called under the name rsmtp it behaves as if the option -bS were present before any other options, for compatibility with Smail. The -bS option is used for reading in a number of messages in batched SMTP format.
If Exim is called under the name rmail it behaves as if the -i and -oee options were present before any other options, for compatibility with Smail. The name rmail is used as an interface by some UUCP systems.
If Exim is called under the name runq it behaves as if the option -q were present before any other options, for compatibility with Smail. The -q option causes a single queue runner process to be started.
If Exim is called under the name newaliases it behaves as if the option -bi were present before any other options, for compatibility with Sendmail. This option is used for rebuilding Sendmail's alias file. Exim does not have the concept of a single alias file, but can be configured to run a given command if called with the -bi option.
Some Exim options are available only to trusted users and others are available only to admin users. In the description below, the phrases ``Exim user'' and ``Exim group'' mean the user and group defined by EXIM_USER and EXIM_GROUP in Local/Makefile or set by the exim_user and exim_group options. These do not necessarily have to use the name ``exim''.
The trusted users are root, the Exim user, any user listed in the trusted_users configuration option, and any user whose current group or any supplementary group is one of those listed in the trusted_groups configuration option. Note that the Exim group is not automatically trusted.
Trusted users are always permitted to use the -f option or a leading ``From '' line to specify the envelope sender of a message that is passed to Exim through the local interface (see the -bm and -f options below). See the untrusted_set_sender option for a way of permitting non-trusted users to set envelope senders. For a trusted user, there is never any check on the contents of the From: header line, and a Sender: line is never added. Furthermore, any existing Sender: line in incoming local (non-TCP/IP) messages is not removed.
Trusted users may also specify a host name, host address, interface address, protocol name, ident value, and authentication data when submitting a message locally. Thus, they are able to insert messages into Exim's queue locally that have the characteristics of messages received from a remote host. Untrusted users may in some circumstances use -f, but can never set the other values that are available to trusted users.
The admin users are root, the Exim user, and any user that is a member of the Exim group or of any group listed in the admin_groups configuration option. The current group does not have to be one of these groups.
Admin users are permitted to list the queue, and to carry out certain operations on messages, for example, to force delivery failures. It is also necessary to be an admin user in order to see the full information provided by the Exim monitor, and full debugging output.
By default, the use of the -M, -q, -R, and -S options to cause Exim to attempt delivery of messages on its queue is restricted to admin users. However, this restriction can be relaxed by setting the prod_requires_admin option false (that is, specifying no_prod_requires_admin).
Similarly, the use of the -bp option to list all the messages in the queue is restricted to admin users unless queue_list_requires_admin is set false.
Warning: If you configure your system so that admin users are able to edit Exim's configuration file, you are giving those users an easy way of getting root. There is further discussion of this issue at the start of chapter 6.
The command options are described in alphabetical order below.
This is a pseudo-option whose only purpose is to terminate the options and therefore to cause subsequent command line items to be treated as arguments rather than options, even if they begin with hyphens.
This option causes Exim to output a few sentences stating what it is. The same output is generated if the Exim binary is called with no options and no arguments.
This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8-bit clean; it ignores this option.
This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually the -bd option is combined with the -q<time> option, to specify that the daemon should also initiate periodic queue runs.
The -bd option can be used only by an admin user. If either of the -d (debugging) or -v (verifying) options are set, the daemon does not disconnect from the controlling terminal. When running this way, it can be stopped by pressing ctrl-C.
By default, Exim listens for incoming connections to the standard SMTP port on all the host's interfaces. The port can be varied by means of the daemon_smtp_port option. The daemon can also be restricted to specific interfaces by setting the local_interfaces option in the configuration file. This option is also able to specify a different port for each interface it lists, making it possible to listen on multiple ports. The -oX command line option can be used to override local_interfaces.
When a listening daemon is started without the use of -oX (that is, without overriding the normal configuration), it writes its process id to a file called exim-daemon.pid in Exim's spool directory. This location can be overridden by setting PID_FILE_PATH in Local/Makefile. The file is written while Exim is still running as root.
When -oX is used on the command line to start a listening daemon, the process id is not written to the normal pid file path. However, -oP can be used to specify a path on the command line if a pid file is required.
The SIGHUP signal can be used to cause the daemon to re-exec itself. This should be done whenever Exim's configuration file, or any file that is incorporated into it by means of the .include facility, is changed, and also whenever a new version of Exim is installed. It is not necessary to do this when other files that are referenced from the configuration (for example, alias files) are changed, because these are reread each time they are used.
This option has the same effect as -bd except that it never disconnects from the controlling terminal, even when no debugging is specified.
Run Exim in expansion testing mode. Exim discards its root privilege, to prevent ordinary users from using this mode to read otherwise inaccessible files. If no arguments are given, Exim runs interactively, prompting for lines of data. Long expressions can be split over several lines by using backslash continuations. As in Exim's run time configuration, whitespace at the start of continuation lines is ignored.
Each argument or data line is passed through the string expansion mechanism, and the result is output. Variable values from the configuration file (for example, $qualify_domain) are available, but no message-specific values (such as $domain) are set, because no message is being processed.
This option is the same as -bf except that it assumes that the filter being tested is a system filter. The additional commands that are available only in system filters are recognized.
This option runs Exim in filter testing mode; the file is the filter file to be tested, and a test message must be supplied on the standard input. If there are no message-dependent tests in the filter, an empty file can be supplied. If a system filter file is being tested, -bF should be used instead of -bf. If the test file does not begin with the special line
# Exim filter
it is taken to be a normal .forward file, and is tested for validity under that interpretation. The result of this command, provided no errors are detected, is a list of the actions that Exim would try to take if presented with the message for real. More details of filter testing are given in the separate document entitled Exim's interface to mail filtering.
When testing a filter file, the envelope sender can be set by the -f option, or by a ``From '' line at the start of the test message. Various parameters that would normally be taken from the envelope recipient address of the message can be set by means of additional command line options. These are:
| -bfd | <domain> | default is the qualify domain |
| -bfl | <local_part> | default is the logged in user |
| -bfp | <local_part_prefix> | default is null |
| -bfs | <local_part_suffix> | default is null |
The local part should always be set to the incoming address with any prefix or suffix stripped, because that is how it appears to the filter when a message is actually being delivered.
This option runs a fake SMTP session as if from the given IP address, using the standard input and output. The IP address may include a port number at the end, after a full stop. For example:
exim -bh 10.9.8.7.1234 exim -bh fe80::a00:20ff:fe86:a061.5678
Comments as to what is going on are written to the standard error file. These include lines beginning with ``LOG'' for anything that would have been logged. This facility is for testing configuration options for blocking hosts and/or senders and for checking on relaying control.
Warning: You cannot test features of the configuration that rely on ident (RFC 1413) callouts, because these are not done when testing using -bh.
Messages supplied during the testing session are discarded, and nothing is written to any of the real log files. There may be pauses when DNS (and other) lookups are taking place, and of course these may time out. The -oMi option can be used to specify a specific IP interface and port if this is important.
The exim_checkaccess utility is a ``packaged'' version of -bh whose output just states whether a given recipient address from a given host is acceptable or not. See section 45.7.
Sendmail interprets the -bi option as a request to rebuild its alias file. Exim does not have the concept of a single alias file, and so it cannot mimic this behaviour. However, calls to /usr/lib/sendmail with the -bi option tend to appear in various scripts such as NIS make files, so the option must be recognized.
If -bi is encountered, the command specified by the bi_command configuration option is run, under the uid and gid of the caller of Exim. If the -oA option is used, its value is passed to the command as an argument. The command set by bi_command may not contain arguments. The command can use the exim_dbmbuild utility, or some other means, to rebuild alias files if this is required. If the bi_command option is not set, calling Exim with -bi is a no-op.
This option runs an Exim receiving process that accepts an incoming, locally-generated message on the current input. The recipients are given as the command arguments (except when -t is also present - see below). Each argument can be a comma-separated list of RFC 2822 addresses. This is the default option for selecting the overall action of an Exim call; it is assumed if no other conflicting option is present.
If any addresses in the message are unqualified (have no domain), they are qualified by the values of the qualify_domain or qualify_recipient options, as appropriate. The -bnq option (see below) provides a way of suppressing this for special cases.
Policy checks on the contents of local messages can be enforced by means of the non-SMTP ACL. See chapter 37 for details. The return code is zero if the message is successfully accepted. Otherwise, the action is controlled by the -oex option setting - see below.
The format of the message must be as defined in RFC 2822, except that, for compatibility with Sendmail and Smail, a line in one of the forms
From sender Fri Jan 5 12:55 GMT 1997
From sender Fri, 5 Jan 97 12:55:01
(with the weekday optional, and possibly with additional text after the date)
is permitted to appear at the start of the message. There appears to be no
authoritative specification of the format of this line. Exim recognizes it by
matching against the regular expression defined by the uucp_from_pattern
option, which can be changed if necessary.
The specified sender is treated as if it were given as the argument to the
-f option, but if a -f option is also present, its argument is used in
preference to the address taken from the message. The caller of Exim must be a
trusted user for the sender of a message to be set in this way.
By default, Exim automatically qualifies unqualified addresses (those without domains) that appear in messages that are submitted locally (that is, not over TCP/IP). This qualification applies both to addresses in envelopes, and addresses in header lines. Sender addresses are qualified using qualify_domain, and recipient addresses using qualify_recipient (which defaults to the value of qualify_domain).
Sometimes, qualification is not wanted. For example, if -bS (batch SMTP) is being used to re-submit messages that originally came from remote hosts after content scanning, you probably do not want to qualify unqualified addresses in header lines. (Such lines will be present only if you have not enabled a header syntax check in the appropriate ACL.)
The -bnq option suppresses all qualification of unqualified addresses in messages that originate on the local host. When this is used, unqualified addresses in the envelope provoke errors (causing message rejection) and unqualified addresses in header lines are left alone.
If this option is given with no arguments, it causes the values of all Exim's main configuration options to be written to the standard output. The values of one or more specific options can be requested by giving their names as arguments, for example:
exim -bP qualify_domain hold_domains
However, any option setting that is preceded by the word ``hide'' in the configuration file is not shown in full, except to an admin user. For other users, the output is as in this example:
mysql_servers = <value not displayable>
If configure_file is given as an argument, the name of the run time configuration file is output. If a list of configuration files was supplied, the value that is output here is the name of the file that was actually used.
If log_file_path or pid_file_path are given, the names of the directories where log files and daemon pid files are written are output, respectively. If these values are unset, log files are written in a sub-directory of the spool directory called log, and the pid file is written directly into the spool directory.
If -bP is followed by a name preceded by +, for example,
exim -bP +local_domains
it searches for a matching named list of any type (domain, host, address, or local part) and outputs what it finds.
If one of the words router, transport, or authenticator is given, followed by the name of an appropriate driver instance, the option settings for that driver are output. For example:
exim -bP transport local_delivery
The generic driver options are output first, followed by the driver's private options. A list of the names of drivers of a particular type can be obtained by using one of the words router_list, transport_list, or authenticator_list, and a complete list of all drivers with their option settings can be obtained by using routers, transports, or authenticators.
This option requests a listing of the contents of the mail queue on the standard output. If the -bp option is followed by a list of message ids, just those messages are listed. By default, this option can be used only by an admin user. However, the queue_list_requires_admin option can be set false to allow any user to see the queue.
Each message on the queue is displayed as in the following example:
25m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
red.king@looking-glass.fict.example
<other addresses>
The first line contains the length of time the message has been on the queue (in this case 25 minutes), the size of the message (2.9K), the unique local identifier for the message, and the message sender, as contained in the envelope. For bounce messages, the sender address is empty, and appears as ``<>''. If the message was submitted locally by an untrusted user who overrode the default sender address, the user's login name is shown in parentheses before the sender address. If the message is frozen (attempts to deliver it are suspended) then the text ``*** frozen ***'' is displayed at the end of this line.
The recipients of the message (taken from the envelope, not the headers) are displayed on subsequent lines. Those addresses to which the message has already been delivered are marked with the letter D. If an original address gets expanded into several addresses via an alias or forward file, the original is displayed with a D only when deliveries for all of its child addresses are complete.
This option operates like -bp, but in addition it shows delivered addresses that were generated from the original top level address(es) in each message by alias or forwarding operations. These addresses are flagged with ``+D'' instead of just ``D''.
This option counts the number of messages on the queue, and writes the total to the standard output. It is restricted to admin users, unless queue_list_requires_admin is set false.
This option operates like -bp, but the output is not sorted into chronological order of message arrival. This can speed it up when there are lots of messages on the queue, and is particularly useful if the output is going to be post-processed in a way that doesn't need the sorting.
This option is a combination of -bpr and -bpa.
This option is a combination of -bpr and -bpu.
This option operates like -bp but shows only undelivered top-level addresses for each message displayed. Addresses generated by aliasing or forwarding are not shown, unless the message was deferred after processing by a router with the one_time option set.
This option is for testing retry rules, and it must be followed by up to three arguments. It causes Exim to look for a retry rule that matches the values and to write it to the standard output. For example:
exim -brt bach.comp.mus.example Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
See chapter 31 for a description of Exim's retry rules. The first argument, which is required, can be a complete address in the form local_part@domain, or it can be just a domain name. The second argument is an optional second domain name; if no retry rule is found for the first argument, the second is tried. This ties in with Exim's behaviour when looking for retry rules for remote hosts - if no rule is found that matches the host, one that matches the mail domain is sought. The final argument is the name of a specific delivery error, as used in setting up retry rules, for example ``quota_3d''.
This option is for testing address rewriting rules, and it must be followed by a single argument, consisting of either a local part without a domain, or a complete address with a fully qualified domain. Exim outputs how this address would be rewritten for each possible place it might appear. See chapter 30 for further details.
This option is used for batched SMTP input, which is an alternative interface for non-interactive local message submission. A number of messages can be submitted in a single run. However, despite its name, this is not really SMTP input. Exim reads each message's envelope from SMTP commands on the standard input, but generates no responses. If the caller is trusted, or untrusted_set_sender is set, the senders in the SMTP MAIL commands are believed; otherwise the sender is always the caller of Exim.
The message itself is read from the standard input, in SMTP format (leading dots doubled), terminated by a line containing just a single dot. An error is provoked if the terminating dot is missing. A further message may then follow.
As for other local message submissions, the contents of incoming batch SMTP messages can be checked using the non-SMTP ACL (see chapter 37). Unqualified addresses are automatically qualified using qualify_domain and qualify_recipient, as appropriate, unless the -bnq option is used.
Some other SMTP commands are recognized in the input. HELO and EHLO act as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP; QUIT quits, ignoring the rest of the standard input.
If any error is encountered, reports are written to the standard output and error streams, and Exim gives up immediately. The return code is 0 if no error was detected; it is 1 if one or more messages were accepted before the error was detected; otherwise it is 2.
More details of input using batched SMTP are given in section 42.12.
This option causes Exim to accept one or more messages by reading SMTP commands on the standard input, and producing SMTP replies on the standard output. SMTP policy controls, as defined in ACLs (see chapter 37) are applied.
Some user agents use this interface as a way of passing locally-generated messages to the MTA. In this usage, if the caller of Exim is trusted, or untrusted_set_sender is set, the senders of messages are taken from the SMTP MAIL commands. Otherwise the content of these commands is ignored and the sender is set up as the calling user. Unqualified addresses are automatically qualified using qualify_domain and qualify_recipient, as appropriate, unless the -bnq option is used.
The -bs option is also used to run Exim from inetd, as an alternative to using a listening daemon. Exim can distinguish the two cases by checking whether the standard input is a TCP/IP socket. When Exim is called from inetd, the source of the mail is assumed to be remote, and the comments above concerning senders and qualification do not apply. In this situation, Exim behaves in exactly the same way as it does when receiving a message via the listening daemon.
This option runs Exim in address testing mode, in which each argument is taken as an address to be tested for deliverability. The results are written to the standard output. If a test fails, and the caller is not an admin user, no details of the failure are output, because these might contain sensitive information such as usernames and passwords for database lookups.
If no arguments are given, Exim runs in an interactive manner, prompting with a right angle bracket for addresses to be tested. Each address is handled as if it were the recipient address of a message (compare the -bv option). It is passed to the routers and the result is written to the standard output. However, any router that has no_address_test set is bypassed. This can make -bt easier to use for genuine routing tests if your first router passes everything to a scanner program.
The return code is 2 if any address failed outright; it is 1 if no address failed outright but at least one could not be resolved for some reason. Return code 0 is given only when all addresses succeed.
Warning: -bt can only do relatively simple testing. If any of the routers in the configuration makes any tests on the sender address of a message, you can use the -f option to set an appropriate sender when running -bt tests. Without it, the sender is assumed to be the calling user at the default qualifying domain. However, if you have set up (for example) routers whose behaviour depends on the contents of an incoming message, you cannot test those conditions using -bt. The -N option provides a possible way of doing such tests.
This option causes Exim to write the current version number, compilation number, and compilation date of the exim binary to the standard output. It also lists the DBM library this is being used, the optional modules (such as specific lookup types), the drivers that are included in the binary, and the name of the run time configuration file that is in use.
This option runs Exim in address verification mode, in which each argument is taken as an address to be verified. During normal operation, verification happens mostly as a consequence processing a verify condition in an ACL (see chapter 37). If you want to test an entire ACL, see the -bh option.
If verification fails, and the caller is not an admin user, no details of the failure are output, because these might contain sensitive information such as usernames and passwords for database lookups.
If no arguments are given, Exim runs in an interactive manner, prompting with a right angle bracket for addresses to be verified. Verification differs from address testing (the -bt option) in that routers that have no_verify set are skipped, and if the address is accepted by a router that has fail_verify set, verification fails. The address is verified as a recipient if -bv is used; to test verification for a sender address, -bvs should be used.
If the -v option is not set, the output consists of a single line for each address, stating whether it was verified or not, and giving a reason in the latter case. Otherwise, more details are given of how the address has been handled, and in the case of address redirection, all the generated addresses are also considered. Without -v, generating more than one address by redirection causes verification to end sucessfully.
The return code is 2 if any address failed outright; it is 1 if no address failed outright but at least one could not be resolved for some reason. Return code 0 is given only when all addresses succeed.
If any of the routers in the configuration makes any tests on the sender address of a message, you should use the -f option to set an appropriate sender when running -bv tests. Without it, the sender is assumed to be the calling user at the default qualifying domain.
This option acts like -bv, but verifies the address as a sender rather
than a recipient address. This affects any rewriting and qualification that
might happen.
This option causes Exim to find the run time configuration file from the given list instead of from the list specified by the CONFIGURE_FILE compile-time setting. Usually, the list will consist of just a single file name, but it can be a colon-separated list of names. In this case, the first file that exists is used. Failure to open an existing file stops Exim from proceeding any further along the list, and an error is generated.
When this option is used by a caller other than root or the Exim user, and the list is different from the compiled-in list, Exim gives up its root privilege immediately, and runs with the real and effective uid and gid set to those of the caller.
The facility is useful for ensuring that configuration files are syntactically correct, but cannot be used for test deliveries, unless the caller is privileged, or unless it is an exotic configuration that does not require privilege. No check is made on the owner or group of the files specified by this option.
This option can be used to override macro definitions in the configuration file
(see section 6.4). However, like -C, if it is used by an
unprivileged caller, it causes Exim to give up its root privilege.
The entire option (including equals sign if present) must all be within one
command line item. -D can be used to set the value of a macro to the empty
string, in which case the equals sign is optional. These two commands are
synonymous:
exim -DABC ...
exim -DABC= ...
To include spaces in a macro definition item, quotes must be used. If you use quotes, spaces are permitted around the macro name and the equals sign. For example:
exim '-D ABC = something' ...
-D may be repeated up to 10 times on a command line.
This option causes debugging information to be written to the standard error stream. It is restricted to admin users because debugging output may show database queries that contain password information. Also, the details of users' filter files should be protected. When -d is used, -v is assumed. If -d is given on its own, a lot of standard debugging data is output. This can be reduced, or increased to include some more rarely needed information, by following -d with a string made up of names preceded by plus or minus characters. These add or remove sets of debugging data, respectively. For example, -d+filter adds filter debugging, whereas -d-all+filter selects only filter debugging. The available debugging categories are:
| acl | ACL interpretation |
| auth | authenticators |
| deliver | general delivery logic |
| dns | DNS lookups (see also resolver) |
| dnsbl | DNS black list (aka RBL) code |
| exec | arguments for execv() calls |
| expand | detailed debugging for string expansions |
| filter | filter handling |
| hints_lookup | hints data lookups |
| host_lookup | all types of name-to-IP address handling |
| ident | ident lookup |
| interface | lists of local interfaces |
| lists | matching things in lists |
| load | system load checks |
| local_scan | $rm{can be used by local_scan() (see chapter 38)*\ |
| lookup | general lookup code and all lookups |
| memory | memory handling |
| pid | add pid to debug output lines |
| process_info | setting info for the process log |
| queue_run | queue runs |
| receive | general message reception logic |
| resolver | turn on the DNS resolver's debugging output |
| retry | retry handling |
| rewrite | address rewriting |
| route | address routing |
| timestamp | add timestamp to debug output lines |
| tls | TLS logic |
| transport | transports |
| uid | changes of uid/gid and looking up uid/gid |
| verify | address verification logic |
| all | all of the above, and also -v |
Unfortunately, debugging output from the DNS resolver is written to stdout rather than stderr.
The default (-d with no argument) omits expand, filter, interface, load, memory, pid, resolver, and timestamp. However, the pid selector is forced when debugging is turned on for a daemon, which then passes it on to any re-executed Exims. Exim also automatically adds the pid to debug lines when several remote deliveries are run in parallel.
The timestamp selector causes the current time to be inserted at the start of all debug output lines. This can be useful when trying to track down delays in processing.
If the debug_print option is set in any driver, it produces output whenever any debugging is selected, or if -v is used.
The RFCs that define Internet mail apply only to messages in transit between hosts. They specify that lines of text should be terminated by the two-character sequence CR, LF. When a message is within a host system, the software that processes it may use any method it likes for terminating lines. The natural assumption is to use the host's normal convention. Most software on Unix-like systems uses a single LF character, which is the Unix standard.
When a non-SMTP message is passed to Exim via its command line, LF termination is assumed. Any CR characters in the message, wherever they appear, are treated as data characters.
Unfortunately, not all software writers take the same view. At least one MUA (dtmail) terminates each line with CR, LF, and the Cyrus message store behaves in the same way. There is also some UUCP software which does this. To support these callers, Exim has the -dropcr option, which causes it to discard a CR character if it immediately precedes an LF. Any other CR characters are treated as data. For example, a sequence such as CR, CR, LF is treated as one data CR, followed by the end of the line. The drop_cr configuration file option can be used to force -dropcr for all non-SMTP input.
This option specifies that an incoming message is a locally-generated delivery failure report. It is used internally by Exim when handling delivery failures and is not intended for external use. Its only effect is to stop Exim generating certain messages to the postmaster, as otherwise message cascades could occur in some situations. As part of the same option, a message id may follow the characters -E. If it does, the log entry for the receipt of the new message contains the id, following ``R='', as a cross-reference.
There are a number of Sendmail options starting with -oe which seem to be called by various programs without the leading o in the option. For example, the vacation program uses -eq. Exim treats all options of the form -ex as synonymous with the corresponding -oex options.
This option sets the sender's full name for use when a locally-generated message is being accepted. In the absence of this option, the user's gecos entry from the password data is used. As users are generally permitted to alter their gecos entries, no security considerations are involved. White space between -F and the <string> is optional.
This option sets the address of the envelope sender of a locally-generated message (also known as the return path). The option can normally be used only by a trusted user, but untrusted_set_sender can be set to allow untrusted users to use it. In the absence of -f, or if the caller is not allowed to use it, the sender of a local message is set to the caller's login name at the default qualify domain.
There is one exception to the restriction on the use of -f: an empty sender
can be specified by any user, to create a message that can never provoke a
bounce. An empty sender can be specified either as an empty string, or as a
pair of angle brackets with nothing between them, as in these examples of shell
commands:
exim -f '<>' user@domain
exim -f "" user@domain
In addition, the use of -f is not restricted when testing a filter file with -bf or when testing or verifying addresses using the -bt or -bv options.
Allowing untrusted users to change the sender address does not of itself make it possible to send anonymous mail. Exim still checks that the From: header refers to the local user, and if it does not, it adds a Sender: header, though this can be overridden by setting no_local_from_check.
White space between -f and the <address> is optional (that is, they can be given as two arguments or one combined argument). The sender of a locally-generated message can also be set (when permitted) by an initial ``From '' line in the message - see the description of -bm above - but if -f is also present, it overrides ``From''.
This is a Sendmail option which is ignored by Exim.
This option is accepted for compatibility with Sendmail, but has no effect. (In Sendmail it overrides the ``hop count'' obtained by counting Received: headers.)
This option, which has the same effect as -oi, specifies that a dot on a line by itself should not terminate an incoming, non-SMTP message. I can find no documentation for this option in Solaris 2.4 Sendmail, but the mailx command in Solaris 2.4 uses it.
This option requests Exim to run a delivery attempt on each message in turn. If
any of the messages are frozen, they are automatically thawed before the
delivery attempt. The settings of queue_domains, queue&
6. The Exim run time configuration file
Exim uses a single run time configuration file that is read whenever an Exim binary is executed. Note that in normal operation, this happens frequently, because Exim is designed to operate in a distributed manner, without central control.
The name of the configuration file is compiled into the binary for security reasons, and is specified by the CONFIGURE_FILE compilation option. In most configurations, this specifies a single file. However, it is permitted to give a colon-separated list of file names, in which case Exim uses the first existing file in the list.
The run time configuration file must be owned by root or by the user that is specified at compile time by the EXIM_USER option, and it must not be world-writeable or group-writeable, unless its group is the one specified at compile time by the EXIM_GROUP option.
Warning: In a conventional configuration, where the Exim binary is setuid to root, anybody who is able to edit the run time configuration file has an easy way to run commands as root. If you make your mail administrators members of the Exim group, but do not trust them with root, make sure that the run time configuration is not group writeable.
A default configuration file, which will work correctly in simple situations, is provided in the file src/configure.default. If CONFIGURE_FILE defines just one file name, the installation process copies the default configuration to a new file of that name if it did not previously exist. If CONFIGURE_FILE is a list, no default is automatically installed. Chapter 7 is a ``walk-through'' discussion of the default configuration.
If a syntax error is detected whi