Sophie

Sophie

distrib > Fedora > 14 > x86_64 > by-pkgid > 3d4d9cc28af00be9852b4cb3055b122e > files > 120

exim-doc-4.69-4.fc12.noarch.rpm

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><style xmlns="" type="text/css">
div.added    { background-color: #ffff99; }
div.deleted  { text-decoration: line-through;
               background-color: #FF7F7F; }
div.changed  { background-color: #99ff99; }
div.off      {  }

span.added   { background-color: #ffff99; }
span.deleted { text-decoration: line-through;
               background-color: #FF7F7F; }
span.changed { background-color: #99ff99; }
span.off     {  }



pre.literallayout {
  background-color: #E8E8D0;
  padding-left: 0.5cm;
  padding-top:  5px;
  padding-bottom: 5px;
}

div[class=changed] pre.literallayout {
  background-color: #99ff99;
  padding-left: 0.5cm;
  padding-top:  5px;
  padding-bottom: 5px;
}

div.literallayout {
  background-color: #E8E8D0;
  padding-left: 0.5cm;
  padding-top:  5px;
  padding-bottom: 5px;
}

div[class=changed] div.literallayout {
  background-color: #99ff99;
  padding-left: 0.5cm;
  padding-top:  5px;
  padding-bottom: 5px;
}

</style><title>14. Main configuration</title><meta name="generator" content="DocBook XSL Stylesheets V1.72.0" /><link rel="start" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="up" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="prev" href="ch13.html" title="13. Starting the daemon and the use of network interfaces" /><link rel="next" href="ch15.html" title="15. Generic options for routers" /></head><body><div class="navheader">
<table width="100%" summary="Navigation header"><tr><td width="20%" align="left"><a accesskey="p" href="ch13.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ch15.html">Next</a></td></tr></table></div>
<div class="chapter" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h2 class="title"><a href="index.html#toc0162" id="CHAPmainconfig">14. Main configuration</a></h2></div>
</div>
</div>
<p>
<a id="IIDconfima" class="indexterm"></a>
<a id="IIDmaiconf" class="indexterm"></a>
The first part of the run time configuration file contains three types of item:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
Macro definitions: These lines start with an upper case letter. See section
<a href="ch06.html#SECTmacrodefs" title="6.4 Macros in the configuration file">6.4</a> for details of macro processing.
</p>
</li><li><p>
Named list definitions: These lines start with one of the words “<span class="quote">domainlist</span>”,
“<span class="quote">hostlist</span>”, “<span class="quote">addresslist</span>”, or “<span class="quote">localpartlist</span>”. Their use is described in
section <a href="ch10.html#SECTnamedlists" title="10.5 Named lists">10.5</a>.
</p>
</li><li><p>
Main configuration settings: Each setting occupies one line of the file
(with possible continuations). If any setting is preceded by the word
“<span class="quote">hide</span>”, the <span><strong class="option">-bP</strong></span> command line option displays its value to admin users
only. See section <a href="ch06.html#SECTcos" title="6.10 Common option syntax">6.10</a> for a description of the syntax of these option
settings.
</p>
</li></ul></div>
<p>
This chapter specifies all the main configuration options, along with their
types and default values. For ease of finding a particular option, they appear
in alphabetical order in section <a href="ch14.html#SECTalomo" title="14.23 Alphabetical list of main options">14.23</a> below. However, because there
are now so many options, they are first listed briefly in functional groups, as
an aid to finding the name of the option you are looking for. Some options are
listed in more than one group.
</p>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0163" id="SECID96">14.1 Miscellaneous</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bi_command</strong></span></td><td align="left">to run for <span><strong class="option">-bi</strong></span> command line option</td></tr><tr><td align="left"><span><strong class="option">disable_ipv6</strong></span></td><td align="left">do no IPv6 processing</td></tr><tr><td align="left"><span><strong class="option">keep_malformed</strong></span></td><td align="left">for broken files – should not happen</td></tr><tr><td align="left"><span><strong class="option">localhost_number</strong></span></td><td align="left">for unique message ids in clusters</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">message_body_newlines</strong></span></span></span></td><td align="left">retain newlines in <em class="varname">$message_body</em></td></tr><tr><td align="left"><span><strong class="option">message_body_visible</strong></span></td><td align="left">how much to show in <em class="varname">$message_body</em></td></tr><tr><td align="left"><span><strong class="option">mua_wrapper</strong></span></td><td align="left">run in “<span class="quote">MUA wrapper</span>” mode</td></tr><tr><td align="left"><span><strong class="option">print_topbitchars</strong></span></td><td align="left">top-bit characters are printing</td></tr><tr><td align="left"><span><strong class="option">timezone</strong></span></td><td align="left">force time zone</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0164" id="SECID97">14.2 Exim parameters</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">exim_group</strong></span></td><td align="left">override compiled-in value</td></tr><tr><td align="left"><span><strong class="option">exim_path</strong></span></td><td align="left">override compiled-in value</td></tr><tr><td align="left"><span><strong class="option">exim_user</strong></span></td><td align="left">override compiled-in value</td></tr><tr><td align="left"><span><strong class="option">primary_hostname</strong></span></td><td align="left">default from <em class="function">uname()</em></td></tr><tr><td align="left"><span><strong class="option">split_spool_directory</strong></span></td><td align="left">use multiple directories</td></tr><tr><td align="left"><span><strong class="option">spool_directory</strong></span></td><td align="left">override compiled-in value</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0165" id="SECID98">14.3 Privilege controls</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">admin_groups</strong></span></td><td align="left">groups that are Exim admin users</td></tr><tr><td align="left"><span><strong class="option">deliver_drop_privilege</strong></span></td><td align="left">drop root for delivery processes</td></tr><tr><td align="left"><span><strong class="option">local_from_check</strong></span></td><td align="left">insert <span class="emphasis"><em>Sender:</em></span> if necessary</td></tr><tr><td align="left"><span><strong class="option">local_from_prefix</strong></span></td><td align="left">for testing <span class="emphasis"><em>From:</em></span> for local sender</td></tr><tr><td align="left"><span><strong class="option">local_from_suffix</strong></span></td><td align="left">for testing <span class="emphasis"><em>From:</em></span> for local sender</td></tr><tr><td align="left"><span><strong class="option">local_sender_retain</strong></span></td><td align="left">keep <span class="emphasis"><em>Sender:</em></span> from untrusted user</td></tr><tr><td align="left"><span><strong class="option">never_users</strong></span></td><td align="left">do not run deliveries as these</td></tr><tr><td align="left"><span><strong class="option">prod_requires_admin</strong></span></td><td align="left">forced delivery requires admin user</td></tr><tr><td align="left"><span><strong class="option">queue_list_requires_admin</strong></span></td><td align="left">queue listing requires admin user</td></tr><tr><td align="left"><span><strong class="option">trusted_groups</strong></span></td><td align="left">groups that are trusted</td></tr><tr><td align="left"><span><strong class="option">trusted_users</strong></span></td><td align="left">users that are trusted</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0166" id="SECID99">14.4 Logging</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">hosts_connection_nolog</strong></span></td><td align="left">exemption from connect logging</td></tr><tr><td align="left"><span><strong class="option">log_file_path</strong></span></td><td align="left">override compiled-in value</td></tr><tr><td align="left"><span><strong class="option">log_selector</strong></span></td><td align="left">set/unset optional logging</td></tr><tr><td align="left"><span><strong class="option">log_timezone</strong></span></td><td align="left">add timezone to log lines</td></tr><tr><td align="left"><span><strong class="option">message_logs</strong></span></td><td align="left">create per-message logs</td></tr><tr><td align="left"><span><strong class="option">preserve_message_logs</strong></span></td><td align="left">after message completion</td></tr><tr><td align="left"><span><strong class="option">process_log_path</strong></span></td><td align="left">for SIGUSR1 and <span class="emphasis"><em>exiwhat</em></span></td></tr><tr><td align="left"><span><strong class="option">syslog_duplication</strong></span></td><td align="left">controls duplicate log lines on syslog</td></tr><tr><td align="left"><span><strong class="option">syslog_facility</strong></span></td><td align="left">set syslog “<span class="quote">facility</span>” field</td></tr><tr><td align="left"><span><strong class="option">syslog_processname</strong></span></td><td align="left">set syslog “<span class="quote">ident</span>” field</td></tr><tr><td align="left"><span><strong class="option">syslog_timestamp</strong></span></td><td align="left">timestamp syslog lines</td></tr><tr><td align="left"><span><strong class="option">write_rejectlog</strong></span></td><td align="left">control use of message log</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0167" id="SECID100">14.5 Frozen messages</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">auto_thaw</strong></span></td><td align="left">sets time for retrying frozen messages</td></tr><tr><td align="left"><span><strong class="option">freeze_tell</strong></span></td><td align="left">send message when freezing</td></tr><tr><td align="left"><span><strong class="option">move_frozen_messages</strong></span></td><td align="left">to another directory</td></tr><tr><td align="left"><span><strong class="option">timeout_frozen_after</strong></span></td><td align="left">keep frozen messages only so long</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0168" id="SECID101">14.6 Data lookups</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">ibase_servers</strong></span></span></span></td><td align="left">InterBase servers</td></tr><tr><td align="left"><span><strong class="option">ldap_default_servers</strong></span></td><td align="left">used if no server in query</td></tr><tr><td align="left"><span><strong class="option">ldap_version</strong></span></td><td align="left">set protocol version</td></tr><tr><td align="left"><span><strong class="option">lookup_open_max</strong></span></td><td align="left">lookup files held open</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">mysql_servers</strong></span></span></span></td><td align="left">default MySQL servers</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">oracle_servers</strong></span></span></span></td><td align="left">Oracle servers</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">pgsql_servers</strong></span></span></span></td><td align="left">default PostgreSQL servers</td></tr><tr><td align="left"><span><strong class="option">sqlite_lock_timeout</strong></span></td><td align="left">as it says</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0169" id="SECID102">14.7 Message ids</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_id_header_domain</strong></span></td><td align="left">used to build <span class="emphasis"><em>Message-ID:</em></span> header</td></tr><tr><td align="left"><span><strong class="option">message_id_header_text</strong></span></td><td align="left">ditto</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0170" id="SECID103">14.8 Embedded Perl Startup</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">perl_at_start</strong></span></td><td align="left">always start the interpreter</td></tr><tr><td align="left"><span><strong class="option">perl_startup</strong></span></td><td align="left">code to obey when starting Perl</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0171" id="SECID104">14.9 Daemon</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">daemon_smtp_ports</strong></span></td><td align="left">default ports</td></tr><tr><td align="left"><span><strong class="option">daemon_startup_retries</strong></span></td><td align="left">number of times to retry</td></tr><tr><td align="left"><span><strong class="option">daemon_startup_sleep</strong></span></td><td align="left">time to sleep between tries</td></tr><tr><td align="left"><span><strong class="option">extra_local_interfaces</strong></span></td><td align="left">not necessarily listened on</td></tr><tr><td align="left"><span><strong class="option">local_interfaces</strong></span></td><td align="left">on which to listen, with optional ports</td></tr><tr><td align="left"><span><strong class="option">pid_file_path</strong></span></td><td align="left">override compiled-in value</td></tr><tr><td align="left"><span><strong class="option">queue_run_max</strong></span></td><td align="left">maximum simultaneous queue runners</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0172" id="SECID105">14.10 Resource control</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_log_inodes</strong></span></td><td align="left">before accepting a message</td></tr><tr><td align="left"><span><strong class="option">check_log_space</strong></span></td><td align="left">before accepting a message</td></tr><tr><td align="left"><span><strong class="option">check_spool_inodes</strong></span></td><td align="left">before accepting a message</td></tr><tr><td align="left"><span><strong class="option">check_spool_space</strong></span></td><td align="left">before accepting a message</td></tr><tr><td align="left"><span><strong class="option">deliver_queue_load_max</strong></span></td><td align="left">no queue deliveries if load high</td></tr><tr><td align="left"><span><strong class="option">queue_only_load</strong></span></td><td align="left">queue incoming if load high</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">queue_only_load_latch</strong></span></span></span></td><td align="left">don’t re-evaluate load for each message</td></tr><tr><td align="left"><span><strong class="option">queue_run_max</strong></span></td><td align="left">maximum simultaneous queue runners</td></tr><tr><td align="left"><span><strong class="option">remote_max_parallel</strong></span></td><td align="left">parallel SMTP delivery per message</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max</strong></span></td><td align="left">simultaneous incoming connections</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail</strong></span></td><td align="left">non-mail commands</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail_hosts</strong></span></td><td align="left">hosts to which the limit applies</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_per_connection</strong></span></td><td align="left">messages per connection</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_per_host</strong></span></td><td align="left">connections from one host</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_queue</strong></span></td><td align="left">queue mail if more connections</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_queue_per_connection</strong></span></td><td align="left">queue if more messages per connection</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_reserve</strong></span></td><td align="left">only reserve hosts if more connections</td></tr><tr><td align="left"><span><strong class="option">smtp_check_spool_space</strong></span></td><td align="left">from SIZE on MAIL command</td></tr><tr><td align="left"><span><strong class="option">smtp_connect_backlog</strong></span></td><td align="left">passed to TCP/IP stack</td></tr><tr><td align="left"><span><strong class="option">smtp_load_reserve</strong></span></td><td align="left">SMTP from reserved hosts if load high</td></tr><tr><td align="left"><span><strong class="option">smtp_reserve_hosts</strong></span></td><td align="left">these are the reserve hosts</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0173" id="SECID106">14.11 Policy controls</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_not_smtp</strong></span></td><td align="left">ACL for non-SMTP messages</td></tr><tr><td align="left"><span><strong class="option">acl_not_smtp_mime</strong></span></td><td align="left">ACL for non-SMTP MIME parts</td></tr><tr><td align="left"><span><strong class="option">acl_not_smtp_start</strong></span></td><td align="left">ACL for start of non-SMTP message</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_auth</strong></span></td><td align="left">ACL for AUTH</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_connect</strong></span></td><td align="left">ACL for connection</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_data</strong></span></td><td align="left">ACL for DATA</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_etrn</strong></span></td><td align="left">ACL for ETRN</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_expn</strong></span></td><td align="left">ACL for EXPN</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_helo</strong></span></td><td align="left">ACL for EHLO or HELO</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_mail</strong></span></td><td align="left">ACL for MAIL</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_mailauth</strong></span></td><td align="left">ACL for AUTH on MAIL command</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_mime</strong></span></td><td align="left">ACL for MIME parts</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_predata</strong></span></td><td align="left">ACL for start of data</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_quit</strong></span></td><td align="left">ACL for QUIT</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_rcpt</strong></span></td><td align="left">ACL for RCPT</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_starttls</strong></span></td><td align="left">ACL for STARTTLS</td></tr><tr><td align="left"><span><strong class="option">acl_smtp_vrfy</strong></span></td><td align="left">ACL for VRFY</td></tr><tr><td align="left"><span><strong class="option">av_scanner</strong></span></td><td align="left">specify virus scanner</td></tr><tr><td align="left"><span><strong class="option">check_rfc2047_length</strong></span></td><td align="left">check length of RFC 2047 “<span class="quote">encoded words</span>”</td></tr><tr><td align="left"><span><strong class="option">dns_csa_search_limit</strong></span></td><td align="left">control CSA parent search depth</td></tr><tr><td align="left"><span><strong class="option">dns_csa_use_reverse</strong></span></td><td align="left">en/disable CSA IP reverse search</td></tr><tr><td align="left"><span><strong class="option">header_maxsize</strong></span></td><td align="left">total size of message header</td></tr><tr><td align="left"><span><strong class="option">header_line_maxsize</strong></span></td><td align="left">individual header line limit</td></tr><tr><td align="left"><span><strong class="option">helo_accept_junk_hosts</strong></span></td><td align="left">allow syntactic junk from these hosts</td></tr><tr><td align="left"><span><strong class="option">helo_allow_chars</strong></span></td><td align="left">allow illegal chars in HELO names</td></tr><tr><td align="left"><span><strong class="option">helo_lookup_domains</strong></span></td><td align="left">lookup hostname for these HELO names</td></tr><tr><td align="left"><span><strong class="option">helo_try_verify_hosts</strong></span></td><td align="left">HELO soft-checked for these hosts</td></tr><tr><td align="left"><span><strong class="option">helo_verify_hosts</strong></span></td><td align="left">HELO hard-checked for these hosts</td></tr><tr><td align="left"><span><strong class="option">host_lookup</strong></span></td><td align="left">host name looked up for these hosts</td></tr><tr><td align="left"><span><strong class="option">host_lookup_order</strong></span></td><td align="left">order of DNS and local name lookups</td></tr><tr><td align="left"><span><strong class="option">host_reject_connection</strong></span></td><td align="left">reject connection from these hosts</td></tr><tr><td align="left"><span><strong class="option">hosts_treat_as_local</strong></span></td><td align="left">useful in some cluster configurations</td></tr><tr><td align="left"><span><strong class="option">local_scan_timeout</strong></span></td><td align="left">timeout for <em class="function">local_scan()</em></td></tr><tr><td align="left"><span><strong class="option">message_size_limit</strong></span></td><td align="left">for all messages</td></tr><tr><td align="left"><span><strong class="option">percent_hack_domains</strong></span></td><td align="left">recognize %-hack for these domains</td></tr><tr><td align="left"><span><strong class="option">spamd_address</strong></span></td><td align="left">set interface to SpamAssassin</td></tr><tr><td align="left"><span><strong class="option">strict_acl_vars</strong></span></td><td align="left">object to unset ACL variables</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0174" id="SECID107">14.12 Callout cache</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_domain_negative_expire</strong></span></td><td align="left">timeout for negative domain cache item</td></tr><tr><td align="left"><span><strong class="option">callout_domain_positive_expire</strong></span></td><td align="left">timeout for positive domain cache item</td></tr><tr><td align="left"><span><strong class="option">callout_negative_expire</strong></span></td><td align="left">timeout for negative address cache item</td></tr><tr><td align="left"><span><strong class="option">callout_positive_expire</strong></span></td><td align="left">timeout for positive address cache item</td></tr><tr><td align="left"><span><strong class="option">callout_random_local_part</strong></span></td><td align="left">string to use for “<span class="quote">random</span>” testing</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0175" id="SECID108">14.13 TLS</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gnutls_require_kx</strong></span></td><td align="left">control GnuTLS key exchanges</td></tr><tr><td align="left"><span><strong class="option">gnutls_require_mac</strong></span></td><td align="left">control GnuTLS MAC algorithms</td></tr><tr><td align="left"><span><strong class="option">gnutls_require_protocols</strong></span></td><td align="left">control GnuTLS protocols</td></tr><tr><td align="left"><span><strong class="option">tls_advertise_hosts</strong></span></td><td align="left">advertise TLS to these hosts</td></tr><tr><td align="left"><span><strong class="option">tls_certificate</strong></span></td><td align="left">location of server certificate</td></tr><tr><td align="left"><span><strong class="option">tls_crl</strong></span></td><td align="left">certificate revocation list</td></tr><tr><td align="left"><span><strong class="option">tls_dhparam</strong></span></td><td align="left">DH parameters for server</td></tr><tr><td align="left"><span><strong class="option">tls_on_connect_ports</strong></span></td><td align="left">specify SSMTP (SMTPS) ports</td></tr><tr><td align="left"><span><strong class="option">tls_privatekey</strong></span></td><td align="left">location of server private key</td></tr><tr><td align="left"><span><strong class="option">tls_remember_esmtp</strong></span></td><td align="left">don’t reset after starting TLS</td></tr><tr><td align="left"><span><strong class="option">tls_require_ciphers</strong></span></td><td align="left">specify acceptable ciphers</td></tr><tr><td align="left"><span><strong class="option">tls_try_verify_hosts</strong></span></td><td align="left">try to verify client certificate</td></tr><tr><td align="left"><span><strong class="option">tls_verify_certificates</strong></span></td><td align="left">expected client certificates</td></tr><tr><td align="left"><span><strong class="option">tls_verify_hosts</strong></span></td><td align="left">insist on client certificate verify</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0176" id="SECID109">14.14 Local user handling</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">finduser_retries</strong></span></td><td align="left">useful in NIS environments</td></tr><tr><td align="left"><span><strong class="option">gecos_name</strong></span></td><td align="left">used when creating <span class="emphasis"><em>Sender:</em></span></td></tr><tr><td align="left"><span><strong class="option">gecos_pattern</strong></span></td><td align="left">ditto</td></tr><tr><td align="left"><span><strong class="option">max_username_length</strong></span></td><td align="left">for systems that truncate</td></tr><tr><td align="left"><span><strong class="option">unknown_login</strong></span></td><td align="left">used when no login name found</td></tr><tr><td align="left"><span><strong class="option">unknown_username</strong></span></td><td align="left">ditto</td></tr><tr><td align="left"><span><strong class="option">uucp_from_pattern</strong></span></td><td align="left">for recognizing “<span class="quote">From </span>” lines</td></tr><tr><td align="left"><span><strong class="option">uucp_from_sender</strong></span></td><td align="left">ditto</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0177" id="SECID110">14.15 All incoming messages (SMTP and non-SMTP)</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">header_maxsize</strong></span></td><td align="left">total size of message header</td></tr><tr><td align="left"><span><strong class="option">header_line_maxsize</strong></span></td><td align="left">individual header line limit</td></tr><tr><td align="left"><span><strong class="option">message_size_limit</strong></span></td><td align="left">applies to all messages</td></tr><tr><td align="left"><span><strong class="option">percent_hack_domains</strong></span></td><td align="left">recognize %-hack for these domains</td></tr><tr><td align="left"><span><strong class="option">received_header_text</strong></span></td><td align="left">expanded to make <span class="emphasis"><em>Received:</em></span></td></tr><tr><td align="left"><span><strong class="option">received_headers_max</strong></span></td><td align="left">for mail loop detection</td></tr><tr><td align="left"><span><strong class="option">recipients_max</strong></span></td><td align="left">limit per message</td></tr><tr><td align="left"><span><strong class="option">recipients_max_reject</strong></span></td><td align="left">permanently reject excess recipients</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0178" id="SECID111">14.16 Non-SMTP incoming messages</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">receive_timeout</strong></span></td><td align="left">for non-SMTP messages</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0179" id="SECID112">14.17 Incoming SMTP messages</a></h3></div>
</div>
</div>
<p>
See also the <span class="emphasis"><em>Policy controls</em></span> section above.
</p>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">host_lookup</strong></span></td><td align="left">host name looked up for these hosts</td></tr><tr><td align="left"><span><strong class="option">host_lookup_order</strong></span></td><td align="left">order of DNS and local name lookups</td></tr><tr><td align="left"><span><strong class="option">recipient_unqualified_hosts</strong></span></td><td align="left">may send unqualified recipients</td></tr><tr><td align="left"><span><strong class="option">rfc1413_hosts</strong></span></td><td align="left">make ident calls to these hosts</td></tr><tr><td align="left"><span><strong class="option">rfc1413_query_timeout</strong></span></td><td align="left">zero disables ident calls</td></tr><tr><td align="left"><span><strong class="option">sender_unqualified_hosts</strong></span></td><td align="left">may send unqualified senders</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_keepalive</strong></span></td><td align="left">some TCP/IP magic</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max</strong></span></td><td align="left">simultaneous incoming connections</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail</strong></span></td><td align="left">non-mail commands</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail_hosts</strong></span></td><td align="left">hosts to which the limit applies</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_per_connection</strong></span></td><td align="left">messages per connection</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_max_per_host</strong></span></td><td align="left">connections from one host</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_queue</strong></span></td><td align="left">queue mail if more connections</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_queue_per_connection</strong></span></td><td align="left">queue if more messages per connection</td></tr><tr><td align="left"><span><strong class="option">smtp_accept_reserve</strong></span></td><td align="left">only reserve hosts if more connections</td></tr><tr><td align="left"><span><strong class="option">smtp_active_hostname</strong></span></td><td align="left">host name to use in messages</td></tr><tr><td align="left"><span><strong class="option">smtp_banner</strong></span></td><td align="left">text for welcome banner</td></tr><tr><td align="left"><span><strong class="option">smtp_check_spool_space</strong></span></td><td align="left">from SIZE on MAIL command</td></tr><tr><td align="left"><span><strong class="option">smtp_connect_backlog</strong></span></td><td align="left">passed to TCP/IP stack</td></tr><tr><td align="left"><span><strong class="option">smtp_enforce_sync</strong></span></td><td align="left">of SMTP command/responses</td></tr><tr><td align="left"><span><strong class="option">smtp_etrn_command</strong></span></td><td align="left">what to run for ETRN</td></tr><tr><td align="left"><span><strong class="option">smtp_etrn_serialize</strong></span></td><td align="left">only one at once</td></tr><tr><td align="left"><span><strong class="option">smtp_load_reserve</strong></span></td><td align="left">only reserve hosts if this load</td></tr><tr><td align="left"><span><strong class="option">smtp_max_unknown_commands</strong></span></td><td align="left">before dropping connection</td></tr><tr><td align="left"><span><strong class="option">smtp_ratelimit_hosts</strong></span></td><td align="left">apply ratelimiting to these hosts</td></tr><tr><td align="left"><span><strong class="option">smtp_ratelimit_mail</strong></span></td><td align="left">ratelimit for MAIL commands</td></tr><tr><td align="left"><span><strong class="option">smtp_ratelimit_rcpt</strong></span></td><td align="left">ratelimit for RCPT commands</td></tr><tr><td align="left"><span><strong class="option">smtp_receive_timeout</strong></span></td><td align="left">per command or data line</td></tr><tr><td align="left"><span><strong class="option">smtp_reserve_hosts</strong></span></td><td align="left">these are the reserve hosts</td></tr><tr><td align="left"><span><strong class="option">smtp_return_error_details</strong></span></td><td align="left">give detail on rejections</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0180" id="SECID113">14.18 SMTP extensions</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">accept_8bitmime</strong></span></td><td align="left">advertise 8BITMIME</td></tr><tr><td align="left"><span><strong class="option">auth_advertise_hosts</strong></span></td><td align="left">advertise AUTH to these hosts</td></tr><tr><td align="left"><span><strong class="option">ignore_fromline_hosts</strong></span></td><td align="left">allow “<span class="quote">From </span>” from these hosts</td></tr><tr><td align="left"><span><strong class="option">ignore_fromline_local</strong></span></td><td align="left">allow “<span class="quote">From </span>” from local SMTP</td></tr><tr><td align="left"><span><strong class="option">pipelining_advertise_hosts</strong></span></td><td align="left">advertise pipelining to these hosts</td></tr><tr><td align="left"><span><strong class="option">tls_advertise_hosts</strong></span></td><td align="left">advertise TLS to these hosts</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0181" id="SECID114">14.19 Processing messages</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">allow_domain_literals</strong></span></td><td align="left">recognize domain literal syntax</td></tr><tr><td align="left"><span><strong class="option">allow_mx_to_ip</strong></span></td><td align="left">allow MX to point to IP address</td></tr><tr><td align="left"><span><strong class="option">allow_utf8_domains</strong></span></td><td align="left">in addresses</td></tr><tr><td align="left"><span><strong class="option">check_rfc2047_length</strong></span></td><td align="left">check length of RFC 2047 “<span class="quote">encoded words</span>”</td></tr><tr><td align="left"><span><strong class="option">delivery_date_remove</strong></span></td><td align="left">from incoming messages</td></tr><tr><td align="left"><span><strong class="option">envelope_to_remove</strong></span></td><td align="left">from incoming messages</td></tr><tr><td align="left"><span><strong class="option">extract_addresses_remove_arguments</strong></span></td><td align="left">affects <span><strong class="option">-t</strong></span> processing</td></tr><tr><td align="left"><span><strong class="option">headers_charset</strong></span></td><td align="left">default for translations</td></tr><tr><td align="left"><span><strong class="option">qualify_domain</strong></span></td><td align="left">default for senders</td></tr><tr><td align="left"><span><strong class="option">qualify_recipient</strong></span></td><td align="left">default for recipients</td></tr><tr><td align="left"><span><strong class="option">return_path_remove</strong></span></td><td align="left">from incoming messages</td></tr><tr><td align="left"><span><strong class="option">strip_excess_angle_brackets</strong></span></td><td align="left">in addresses</td></tr><tr><td align="left"><span><strong class="option">strip_trailing_dot</strong></span></td><td align="left">at end of addresses</td></tr><tr><td align="left"><span><strong class="option">untrusted_set_sender</strong></span></td><td align="left">untrusted can set envelope sender</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0182" id="SECID115">14.20 System filter</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter</strong></span></td><td align="left">locate system filter</td></tr><tr><td align="left"><span><strong class="option">system_filter_directory_transport</strong></span></td><td align="left">transport for delivery to a directory</td></tr><tr><td align="left"><span><strong class="option">system_filter_file_transport</strong></span></td><td align="left">transport for delivery to a file</td></tr><tr><td align="left"><span><strong class="option">system_filter_group</strong></span></td><td align="left">group for filter running</td></tr><tr><td align="left"><span><strong class="option">system_filter_pipe_transport</strong></span></td><td align="left">transport for delivery to a pipe</td></tr><tr><td align="left"><span><strong class="option">system_filter_reply_transport</strong></span></td><td align="left">transport for autoreply delivery</td></tr><tr><td align="left"><span><strong class="option">system_filter_user</strong></span></td><td align="left">user for filter running</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0183" id="SECID116">14.21 Routing and delivery</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">disable_ipv6</strong></span></td><td align="left">do no IPv6 processing</td></tr><tr><td align="left"><span><strong class="option">dns_again_means_nonexist</strong></span></td><td align="left">for broken domains</td></tr><tr><td align="left"><span><strong class="option">dns_check_names_pattern</strong></span></td><td align="left">pre-DNS syntax check</td></tr><tr><td align="left"><span><strong class="option">dns_ipv4_lookup</strong></span></td><td align="left">only v4 lookup for these domains</td></tr><tr><td align="left"><span><strong class="option">dns_retrans</strong></span></td><td align="left">parameter for resolver</td></tr><tr><td align="left"><span><strong class="option">dns_retry</strong></span></td><td align="left">parameter for resolver</td></tr><tr><td align="left"><span><strong class="option">hold_domains</strong></span></td><td align="left">hold delivery for these domains</td></tr><tr><td align="left"><span><strong class="option">local_interfaces</strong></span></td><td align="left">for routing checks</td></tr><tr><td align="left"><span><strong class="option">queue_domains</strong></span></td><td align="left">no immediate delivery for these</td></tr><tr><td align="left"><span><strong class="option">queue_only</strong></span></td><td align="left">no immediate delivery at all</td></tr><tr><td align="left"><span><strong class="option">queue_only_file</strong></span></td><td align="left">no immediate delivery if file exists</td></tr><tr><td align="left"><span><strong class="option">queue_only_load</strong></span></td><td align="left">no immediate delivery if load is high</td></tr><tr><td align="left"><span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml"><span><strong class="option">queue_only_load_latch</strong></span></span></span></td><td align="left">don’t re-evaluate load for each message</td></tr><tr><td align="left"><span><strong class="option">queue_only_override</strong></span></td><td align="left">allow command line to override</td></tr><tr><td align="left"><span><strong class="option">queue_run_in_order</strong></span></td><td align="left">order of arrival</td></tr><tr><td align="left"><span><strong class="option">queue_run_max</strong></span></td><td align="left">of simultaneous queue runners</td></tr><tr><td align="left"><span><strong class="option">queue_smtp_domains</strong></span></td><td align="left">no immediate SMTP delivery for these</td></tr><tr><td align="left"><span><strong class="option">remote_max_parallel</strong></span></td><td align="left">parallel SMTP delivery per message</td></tr><tr><td align="left"><span><strong class="option">remote_sort_domains</strong></span></td><td align="left">order of remote deliveries</td></tr><tr><td align="left"><span><strong class="option">retry_data_expire</strong></span></td><td align="left">timeout for retry data</td></tr><tr><td align="left"><span><strong class="option">retry_interval_max</strong></span></td><td align="left">safety net for retry rules</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0184" id="SECID117">14.22 Bounce and warning messages</a></h3></div>
</div>
</div>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_message_file</strong></span></td><td align="left">content of bounce</td></tr><tr><td align="left"><span><strong class="option">bounce_message_text</strong></span></td><td align="left">content of bounce</td></tr><tr><td align="left"><span><strong class="option">bounce_return_body</strong></span></td><td align="left">include body if returning message</td></tr><tr><td align="left"><span><strong class="option">bounce_return_message</strong></span></td><td align="left">include original message in bounce</td></tr><tr><td align="left"><span><strong class="option">bounce_return_size_limit</strong></span></td><td align="left">limit on returned message</td></tr><tr><td align="left"><span><strong class="option">bounce_sender_authentication</strong></span></td><td align="left">send authenticated sender with bounce</td></tr><tr><td align="left"><span><strong class="option">dsn_from</strong></span></td><td align="left">set <span class="emphasis"><em>From:</em></span> contents in bounces</td></tr><tr><td align="left"><span><strong class="option">errors_copy</strong></span></td><td align="left">copy bounce messages</td></tr><tr><td align="left"><span><strong class="option">errors_reply_to</strong></span></td><td align="left"><span class="emphasis"><em>Reply-to:</em></span> in bounces</td></tr><tr><td align="left"><span><strong class="option">delay_warning</strong></span></td><td align="left">time schedule</td></tr><tr><td align="left"><span><strong class="option">delay_warning_condition</strong></span></td><td align="left">condition for warning messages</td></tr><tr><td align="left"><span><strong class="option">ignore_bounce_errors_after</strong></span></td><td align="left">discard undeliverable bounces</td></tr><tr><td align="left"><span><strong class="option">smtp_return_error_details</strong></span></td><td align="left">give detail on rejections</td></tr><tr><td align="left"><span><strong class="option">warn_message_file</strong></span></td><td align="left">content of warning message</td></tr></tbody></table></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0185" id="SECTalomo">14.23 Alphabetical list of main options</a></h3></div>
</div>
</div>
<p>
Those options that undergo string expansion before use are marked with
†.
</p>
<p>
<a id="id529393" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">accept_8bitmime</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id529464" class="indexterm"></a>
<a id="id529475" class="indexterm"></a>
This option causes Exim to send 8BITMIME in its response to an SMTP
EHLO command, and to accept the BODY= parameter on MAIL commands.
However, though Exim is 8-bit clean, it is not a protocol converter, and it
takes no steps to do anything special with messages received by this route.
Consequently, this option is turned off by default.
</p>
<p>
<a id="id529495" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_not_smtp</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id529580" class="indexterm"></a>
<a id="id529595" class="indexterm"></a>
This option defines the ACL that is run when a non-SMTP message has been
read and is on the point of being accepted. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for
further details.
</p>
<p>
<a id="id529621" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_not_smtp_mime</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option defines the ACL that is run for individual MIME parts of non-SMTP
messages. It operates in exactly the same way as <span><strong class="option">acl_smtp_mime</strong></span> operates for
SMTP messages.
</p>
<p>
<a id="id529716" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_not_smtp_start</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id529801" class="indexterm"></a>
<a id="id529816" class="indexterm"></a>
This option defines the ACL that is run before Exim starts reading a
non-SMTP message. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id529841" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_auth</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id529926" class="indexterm"></a>
<a id="id529941" class="indexterm"></a>
This option defines the ACL that is run when an SMTP AUTH command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id529966" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_connect</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530051" class="indexterm"></a>
This option defines the ACL that is run when an SMTP connection is received.
See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530077" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_data</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530161" class="indexterm"></a>
This option defines the ACL that is run after an SMTP DATA command has been
processed and the message itself has been received, but before the final
acknowledgment is sent. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530188" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_etrn</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530272" class="indexterm"></a>
This option defines the ACL that is run when an SMTP ETRN command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530297" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_expn</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530382" class="indexterm"></a>
This option defines the ACL that is run when an SMTP EXPN command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530407" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_helo</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530491" class="indexterm"></a>
<a id="id530506" class="indexterm"></a>
This option defines the ACL that is run when an SMTP EHLO or HELO
command is received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530531" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_mail</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530616" class="indexterm"></a>
This option defines the ACL that is run when an SMTP MAIL command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id530641" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_mailauth</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530726" class="indexterm"></a>
This option defines the ACL that is run when there is an AUTH parameter on
a MAIL command. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for details of ACLs, and chapter
<a href="ch33.html" title="33. SMTP authentication">33</a> for details of authentication.
</p>
<p>
<a id="id530758" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_mime</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id530842" class="indexterm"></a>
This option is available when Exim is built with the content-scanning
extension. It defines the ACL that is run for each MIME part in a message. See
section <a href="ch41.html#SECTscanmimepart" title="41.4 Scanning MIME parts">41.4</a> for details.
</p>
<p>
<a id="id530869" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_predata</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option defines the ACL that is run when an SMTP DATA command is
received, before the message itself is received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for
further details.
</p>
<p>
<a id="id530965" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_quit</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id531050" class="indexterm"></a>
This option defines the ACL that is run when an SMTP QUIT command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id531072" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_rcpt</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id531156" class="indexterm"></a>
This option defines the ACL that is run when an SMTP RCPT command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id531181" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_starttls</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id531266" class="indexterm"></a>
This option defines the ACL that is run when an SMTP STARTTLS command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id531288" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">acl_smtp_vrfy</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id531373" class="indexterm"></a>
This option defines the ACL that is run when an SMTP VRFY command is
received. See chapter <a href="ch40.html" title="40. Access control lists">40</a> for further details.
</p>
<p>
<a id="id531398" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">admin_groups</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id531482" class="indexterm"></a>
This option is expanded just once, at the start of Exim’s processing. If the
current group or any of the supplementary groups of an Exim caller is in this
colon-separated list, the caller has admin privileges. If all your system
programmers are in a specific group, for example, you can give them all Exim
admin privileges by putting that group in <span><strong class="option">admin_groups</strong></span>. However, this does
not permit them to read Exim’s spool files (whose group owner is the Exim gid).
To permit this, you have to add individuals to the Exim group.
</p>
<p>
<a id="id531509" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">allow_domain_literals</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id531592" class="indexterm"></a>
If this option is set, the RFC 2822 domain literal format is permitted in
email addresses. The option is not set by default, because the domain literal
format is not normally required these days, and few people know about it. It
has, however, been exploited by mail abusers.
</p>
<p>
Unfortunately, it seems that some DNS black list maintainers are using this
format to report black listing to postmasters. If you want to accept messages
addressed to your hosts by IP address, you need to set
<span><strong class="option">allow_domain_literals</strong></span> true, and also to add <code class="literal">@[]</code> to the list of local
domains (defined in the named domain list <span><strong class="option">local_domains</strong></span> in the default
configuration). This “<span class="quote">magic string</span>” matches the domain literal form of all
the local host’s IP addresses.
</p>
<p>
<a id="id531637" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">allow_mx_to_ip</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id531719" class="indexterm"></a>
It appears that more and more DNS zone administrators are breaking the rules
and putting domain names that look like IP addresses on the right hand side of
MX records. Exim follows the rules and rejects this, giving an error message
that explains the mis-configuration. However, some other MTAs support this
practice, so to avoid “<span class="quote">Why can’t Exim do this?</span>” complaints,
<span><strong class="option">allow_mx_to_ip</strong></span> exists, in order to enable this heinous activity. It is not
recommended, except when you have no other choice.
</p>
<p>
<a id="id531753" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">allow_utf8_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id531835" class="indexterm"></a>
<a id="id531850" class="indexterm"></a>
Lots of discussion is going on about internationalized domain names. One
camp is strongly in favour of just using UTF-8 characters, and it seems
that at least two other MTAs permit this. This option allows Exim users to
experiment if they wish.
</p>
<p>
If it is set true, Exim’s domain parsing function allows valid
UTF-8 multicharacters to appear in domain name components, in addition to
letters, digits, and hyphens. However, just setting this option is not
enough; if you want to look up these domain names in the DNS, you must also
adjust the value of <span><strong class="option">dns_check_names_pattern</strong></span> to match the extended form. A
suitable setting is:
</p>
<pre class="literallayout">dns_check_names_pattern = (?i)^(?&gt;(?(1)\.|())[a-z0-9\xc0-\xff]\
  (?&gt;[-a-z0-9\x80-\xff]*[a-z0-9\x80-\xbf])?)+$
</pre><p>
Alternatively, you can just disable this feature by setting
</p>
<pre class="literallayout">dns_check_names_pattern =
</pre><p>
That is, set the option to an empty string so that no check is done.
</p>
<p>
<a id="id531908" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">auth_advertise_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>*</em></span></td></tr></tbody></table></div>
<p>
<a id="id531993" class="indexterm"></a>
<a id="id532007" class="indexterm"></a>
If any server authentication mechanisms are configured, Exim advertises them in
response to an EHLO command only if the calling host matches this list.
Otherwise, Exim does not advertise AUTH.
Exim does not accept AUTH commands from clients to which it has not
advertised the availability of AUTH. The advertising of individual
authentication mechanisms can be controlled by the use of the
<span><strong class="option">server_advertise_condition</strong></span> generic authenticator option on the individual
authenticators. See chapter <a href="ch33.html" title="33. SMTP authentication">33</a> for further details.
</p>
<p>
Certain mail clients (for example, Netscape) require the user to provide a name
and password for authentication if AUTH is advertised, even though it may
not be needed (the host may accept messages from hosts on its local LAN without
authentication, for example). The <span><strong class="option">auth_advertise_hosts</strong></span> option can be used
to make these clients more friendly by excluding them from the set of hosts to
which Exim advertises AUTH.
</p>
<p>
<a id="id532056" class="indexterm"></a>
If you want to advertise the availability of AUTH only when the connection
is encrypted using TLS, you can make use of the fact that the value of this
option is expanded, with a setting like this:
</p>
<pre class="literallayout">auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
</pre><p>
<a id="id532086" class="indexterm"></a>
If <em class="varname">$tls_cipher</em> is empty, the session is not encrypted, and the result of
the expansion is empty, thus matching no hosts. Otherwise, the result of the
expansion is *, which matches all hosts.
</p>
<p>
<a id="id532108" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">auto_thaw</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>0s</em></span></td></tr></tbody></table></div>
<p>
<a id="id532190" class="indexterm"></a>
<a id="id532201" class="indexterm"></a>
If this option is set to a time greater than zero, a queue runner will try a
new delivery attempt on any frozen message, other than a bounce message, if
this much time has passed since it was frozen. This may result in the message
being re-frozen if nothing has changed since the last attempt. It is a way of
saying “<span class="quote">keep on trying, even though there are big problems</span>”.
</p>
<p>
<span class="bold"><strong>Note</strong></span>: This is an old option, which predates <span><strong class="option">timeout_frozen_after</strong></span> and
<span><strong class="option">ignore_bounce_errors_after</strong></span>. It is retained for compatibility, but it is not
thought to be very useful any more, and its use should probably be avoided.
</p>
<p>
<a id="id532245" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">av_scanner</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option is available if Exim is built with the content-scanning extension.
It specifies which anti-virus scanner to use. The default value is:
</p>
<pre class="literallayout">sophie:/var/run/sophie
</pre><p>
If the value of <span><strong class="option">av_scanner</strong></span> starts with dollar character, it is expanded
before use. See section <a href="ch41.html#SECTscanvirus" title="41.1 Scanning for viruses">41.1</a> for further details.
</p>
<p>
<a id="id532355" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bi_command</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id532437" class="indexterm"></a>
This option supplies the name of a command that is run when Exim is called with
the <span><strong class="option">-bi</strong></span> option (see chapter <a href="ch05.html" title="5. The Exim command line">5</a>). The string value is
just the command name, it is not a complete command line. If an argument is
required, it must come from the <span><strong class="option">-oA</strong></span> command line option.
</p>
<p>
<a id="id532469" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_message_file</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id532552" class="indexterm"></a>
<a id="id532566" class="indexterm"></a>
This option defines a template file containing paragraphs of text to be used
for constructing bounce messages.  Details of the file’s contents are given in
chapter <a href="ch46.html" title="46. Customizing bounce and warning messages">46</a>. See also <span><strong class="option">warn_message_file</strong></span>.
</p>
<p>
<a id="id532598" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_message_text</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
When this option is set, its contents are included in the default bounce
message immediately after “<span class="quote">This message was created automatically by mail
delivery software.</span>” It is not used if <span><strong class="option">bounce_message_file</strong></span> is set.
</p>
<p>
<a id="id532694" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_return_body</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id532777" class="indexterm"></a>
This option controls whether the body of an incoming message is included in a
bounce message when <span><strong class="option">bounce_return_message</strong></span> is true. The default setting
causes the entire message, both header and body, to be returned (subject to the
value of <span><strong class="option">bounce_return_size_limit</strong></span>). If this option is false, only the
message header is included. In the case of a non-SMTP message containing an
error that is detected during reception, only those header lines preceding the
point at which the error was detected are returned.
<a id="id532807" class="indexterm"></a>
</p>
<p>
<a id="id532825" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_return_message</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
If this option is set false, none of the original message is included in
bounce messages generated by Exim. See also <span><strong class="option">bounce_return_size_limit</strong></span> and
<span><strong class="option">bounce_return_body</strong></span>.
</p>
<p>
<a id="id532921" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_return_size_limit</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>100K</em></span></td></tr></tbody></table></div>
<p>
<a id="id533003" class="indexterm"></a>
<a id="id533018" class="indexterm"></a>
<a id="id533032" class="indexterm"></a>
This option sets a limit in bytes on the size of messages that are returned to
senders as part of bounce messages when <span><strong class="option">bounce_return_message</strong></span> is true. The
limit should be less than the value of the global <span><strong class="option">message_size_limit</strong></span> and of
any <span><strong class="option">message_size_limit</strong></span> settings on transports, to allow for the bounce text
that Exim generates. If this option is set to zero there is no limit.
</p>
<p>
When the body of any message that is to be included in a bounce message is
greater than the limit, it is truncated, and a comment pointing this out is
added at the top. The actual cutoff may be greater than the value given, owing
to the use of buffering for transferring the message in chunks (typically 8K in
size). The idea is to save bandwidth on those undeliverable 15-megabyte
messages.
</p>
<p>
<a id="id533070" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">bounce_sender_authentication</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id533153" class="indexterm"></a>
<a id="id533168" class="indexterm"></a>
<a id="id533182" class="indexterm"></a>
This option provides an authenticated sender address that is sent with any
bounce messages generated by Exim that are sent over an authenticated SMTP
connection. A typical setting might be:
</p>
<pre class="literallayout">bounce_sender_authentication = mailer-daemon@my.domain.example
</pre><p>
which would cause bounce messages to be sent using the SMTP command:
</p>
<pre class="literallayout">MAIL FROM:&lt;&gt; AUTH=mailer-daemon@my.domain.example
</pre><p>
The value of <span><strong class="option">bounce_sender_authentication</strong></span> must always be a complete email
address.
</p>
<p>
<a id="id533234" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_domain_negative_expire</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>3h</em></span></td></tr></tbody></table></div>
<p>
<a id="id533316" class="indexterm"></a>
<a id="id533331" class="indexterm"></a>
This option specifies the expiry time for negative callout cache data for a
domain. See section <a href="ch40.html#SECTcallver" title="40.41 Callout verification">40.41</a> for details of callout verification, and
section <a href="ch40.html#SECTcallvercache" title="40.43 Callout caching">40.43</a> for details of the caching.
</p>
<p>
<a id="id533365" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_domain_positive_expire</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>7d</em></span></td></tr></tbody></table></div>
<p>
This option specifies the expiry time for positive callout cache data for a
domain. See section <a href="ch40.html#SECTcallver" title="40.41 Callout verification">40.41</a> for details of callout verification, and
section <a href="ch40.html#SECTcallvercache" title="40.43 Callout caching">40.43</a> for details of the caching.
</p>
<p>
<a id="id533465" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_negative_expire</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>2h</em></span></td></tr></tbody></table></div>
<p>
This option specifies the expiry time for negative callout cache data for an
address. See section <a href="ch40.html#SECTcallver" title="40.41 Callout verification">40.41</a> for details of callout verification, and
section <a href="ch40.html#SECTcallvercache" title="40.43 Callout caching">40.43</a> for details of the caching.
</p>
<p>
<a id="id533565" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_positive_expire</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>24h</em></span></td></tr></tbody></table></div>
<p>
This option specifies the expiry time for positive callout cache data for an
address. See section <a href="ch40.html#SECTcallver" title="40.41 Callout verification">40.41</a> for details of callout verification, and
section <a href="ch40.html#SECTcallvercache" title="40.43 Callout caching">40.43</a> for details of the caching.
</p>
<p>
<a id="id533666" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">callout_random_local_part</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option defines the “<span class="quote">random</span>” local part that can be used as part of
callout verification. The default value is
</p>
<pre class="literallayout">$primary_host_name-$tod_epoch-testing
</pre><p>
See section <a href="ch40.html#CALLaddparcall" title="40.42 Additional parameters for callouts">40.42</a> for details of how this value is used.
</p>
<p>
<a id="id533778" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_log_inodes</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">check_spool_space</strong></span> below.
</p>
<p>
<a id="id533868" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_log_space</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">check_spool_space</strong></span> below.
</p>
<p>
<a id="id533957" class="indexterm"></a>
<a id="id533969" class="indexterm"></a>
<a id="id533984" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_rfc2047_length</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
RFC 2047 defines a way of encoding non-ASCII characters in headers using a
system of “<span class="quote">encoded words</span>”. The RFC specifies a maximum length for an encoded
word; strings to be encoded that exceed this length are supposed to use
multiple encoded words. By default, Exim does not recognize encoded words that
exceed the maximum length. However, it seems that some software, in violation
of the RFC, generates overlong encoded words. If <span><strong class="option">check_rfc2047_length</strong></span> is
set false, Exim recognizes encoded words of any length.
</p>
<p>
<a id="id534085" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_spool_inodes</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">check_spool_space</strong></span> below.
</p>
<p>
<a id="id534175" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">check_spool_space</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id534258" class="indexterm"></a>
<a id="id534269" class="indexterm"></a>
<a id="id534280" class="indexterm"></a>
The four <span><strong class="option">check_...</strong></span> options allow for checking of disk resources before a
message is accepted.
</p>
<p>
<a id="id534303" class="indexterm"></a>
<a id="id534315" class="indexterm"></a>
<a id="id534327" class="indexterm"></a>
<a id="id534339" class="indexterm"></a>
When any of these options are set, they apply to all incoming messages. If you
want to apply different checks to different kinds of message, you can do so by
testing the variables <em class="varname">$log_inodes</em>, <em class="varname">$log_space</em>, <em class="varname">$spool_inodes</em>, and
<em class="varname">$spool_space</em> in an ACL with appropriate additional conditions.
</p>
<p>
<span><strong class="option">check_spool_space</strong></span> and <span><strong class="option">check_spool_inodes</strong></span> check the spool partition if
either value is greater than zero, for example:
</p>
<pre class="literallayout">check_spool_space = 10M
check_spool_inodes = 100
</pre><p>
The spool partition is the one that contains the directory defined by
SPOOL_DIRECTORY in <em class="filename">Local/Makefile</em>. It is used for holding messages in
transit.
</p>
<p>
<span><strong class="option">check_log_space</strong></span> and <span><strong class="option">check_log_inodes</strong></span>  check the partition in which log
files are written if either is greater than zero. These should be set only if
<span><strong class="option">log_file_path</strong></span> and <span><strong class="option">spool_directory</strong></span> refer to different partitions.
</p>
<p>
If there is less space or fewer inodes than requested, Exim refuses to accept
incoming mail. In the case of SMTP input this is done by giving a 452 temporary
error response to the MAIL command. If ESMTP is in use and there was a
SIZE parameter on the MAIL command, its value is added to the
<span><strong class="option">check_spool_space</strong></span> value, and the check is performed even if
<span><strong class="option">check_spool_space</strong></span> is zero, unless <span><strong class="option">no_smtp_check_spool_space</strong></span> is set.
</p>
<p>
The values for <span><strong class="option">check_spool_space</strong></span> and <span><strong class="option">check_log_space</strong></span> are held as a
number of kilobytes. If a non-multiple of 1024 is specified, it is rounded up.
</p>
<p>
For non-SMTP input and for batched SMTP input, the test is done at start-up; on
failure a message is written to stderr and Exim exits with a non-zero code, as
it obviously cannot send an error message of any kind.
</p>
<p>
<a id="id534466" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">daemon_smtp_ports</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em><code class="literal">smtp</code></em></span></td></tr></tbody></table></div>
<p>
<a id="id534552" class="indexterm"></a>
<a id="id534566" class="indexterm"></a>
This option specifies one or more default SMTP ports on which the Exim daemon
listens. See chapter <a href="ch13.html" title="13. Starting the daemon and the use of network interfaces">13</a> for details of how it is used. For
backward compatibility, <span><strong class="option">daemon_smtp_port</strong></span> (singular) is a synonym.
</p>
<p>
<a id="id534597" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">daemon_startup_retries</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>9</em></span></td></tr></tbody></table></div>
<p>
<a id="id534679" class="indexterm"></a>
This option, along with <span><strong class="option">daemon_startup_sleep</strong></span>, controls the retrying done by
the daemon at startup when it cannot immediately bind a listening socket
(typically because the socket is already in use): <span><strong class="option">daemon_startup_retries</strong></span>
defines the number of retries after the first failure, and
<span><strong class="option">daemon_startup_sleep</strong></span> defines the length of time to wait between retries.
</p>
<p>
<a id="id534710" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">daemon_startup_sleep</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>30s</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">daemon_startup_retries</strong></span>.
</p>
<p>
<a id="id534800" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">delay_warning</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time list</em></span></td><td align="right">Default: <span class="emphasis"><em>24h</em></span></td></tr></tbody></table></div>
<p>
<a id="id534881" class="indexterm"></a>
<a id="id534893" class="indexterm"></a>
When a message is delayed, Exim sends a warning message to the sender at
intervals specified by this option. The data is a colon-separated list of times
after which to send warning messages. If the value of the option is an empty
string or a zero time, no warnings are sent. Up to 10 times may be given. If a
message has been on the queue for longer than the last time, the last interval
between the times is used to compute subsequent warning times. For example,
with
</p>
<pre class="literallayout">delay_warning = 4h:8h:24h
</pre><p>
the first message is sent after 4 hours, the second after 8 hours, and
the third one after 24 hours. After that, messages are sent every 16 hours,
because that is the interval between the last two times on the list. If you set
just one time, it specifies the repeat interval. For example, with:
</p>
<pre class="literallayout">delay_warning = 6h
</pre><p>
messages are repeated every six hours. To stop warnings after a given time, set
a very large time at the end of the list. For example:
</p>
<pre class="literallayout">delay_warning = 2h:12h:99d
</pre><p>
<a id="id534953" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">delay_warning_condition</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id535038" class="indexterm"></a>
The string is expanded at the time a warning message might be sent. If all the
deferred addresses have the same domain, it is set in <em class="varname">$domain</em> during the
expansion. Otherwise <em class="varname">$domain</em> is empty. If the result of the expansion is a
forced failure, an empty string, or a string matching any of “<span class="quote">0</span>”, “<span class="quote">no</span>” or
“<span class="quote">false</span>” (the comparison being done caselessly) then the warning message is
not sent. The default is:
</p>
<pre class="literallayout">delay_warning_condition = ${if or {\
  { !eq{$h_list-id:$h_list-post:$h_list-subscribe:}{} }\
  { match{$h_precedence:}{(?i)bulk|list|junk} }\
  { match{$h_auto-submitted:}{(?i)auto-generated|auto-replied} }\
  } {no}{yes}}
</pre><p>
This suppresses the sending of warnings for messages that contain <span class="emphasis"><em>List-ID:</em></span>,
<span class="emphasis"><em>List-Post:</em></span>, or <span class="emphasis"><em>List-Subscribe:</em></span> headers, or have “<span class="quote">bulk</span>”, “<span class="quote">list</span>” or
“<span class="quote">junk</span>” in a <span class="emphasis"><em>Precedence:</em></span> header, or have “<span class="quote">auto-generated</span>” or
“<span class="quote">auto-replied</span>” in an <span class="emphasis"><em>Auto-Submitted:</em></span> header.
</p>
<p>
<a id="id535130" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">deliver_drop_privilege</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id535213" class="indexterm"></a>
<a id="id535224" class="indexterm"></a>
If this option is set true, Exim drops its root privilege at the start of a
delivery process, and runs as the Exim user throughout. This severely restricts
the kinds of local delivery that are possible, but is viable in certain types
of configuration. There is a discussion about the use of root privilege in
chapter <a href="ch52.html" title="52. Security considerations">52</a>.
</p>
<p>
<a id="id535253" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">deliver_queue_load_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>fixed-point</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id535335" class="indexterm"></a>
<a id="id535346" class="indexterm"></a>
When this option is set, a queue run is abandoned if the system load average
becomes greater than the value of the option. The option has no effect on
ancient operating systems on which Exim cannot determine the load average.
See also <span><strong class="option">queue_only_load</strong></span> and <span><strong class="option">smtp_load_reserve</strong></span>.
</p>
<p>
<a id="id535375" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">delivery_date_remove</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id535458" class="indexterm"></a>
Exim’s transports have an option for adding a <span class="emphasis"><em>Delivery-date:</em></span> header to a
message when it is delivered, in exactly the same way as <span class="emphasis"><em>Return-path:</em></span> is
handled. <span class="emphasis"><em>Delivery-date:</em></span> records the actual time of delivery. Such headers
should not be present in incoming messages, and this option causes them to be
removed at the time the message is received, to avoid any problems that might
occur when a delivered message is subsequently sent on to some other recipient.
</p>
<p>
<a id="id535494" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">disable_fsync</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id535576" class="indexterm"></a>
This option is available only if Exim was built with the compile-time option
ENABLE_DISABLE_FSYNC. When this is not set, a reference to <span><strong class="option">disable_fsync</strong></span> in
a runtime configuration generates an “<span class="quote">unknown option</span>” error. You should not
build Exim with ENABLE_DISABLE_FSYNC or set <span><strong class="option">disable_fsync</strong></span> unless you
really, really, really understand what you are doing. <span class="emphasis"><em>No pre-compiled
distributions of Exim should ever make this option available.</em></span>
</p>
<p>
When <span><strong class="option">disable_fsync</strong></span> is set true, Exim no longer calls <em class="function">fsync()</em> to force
updated files’ data to be written to disc before continuing. Unexpected events
such as crashes and power outages may cause data to be lost or scrambled.
Here be Dragons. <span class="bold"><strong>Beware.</strong></span>
</p>
<p>
<a id="id535641" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">disable_ipv6</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id535723" class="indexterm"></a>
If this option is set true, even if the Exim binary has IPv6 support, no IPv6
activities take place. AAAA records are never looked up, and any IPv6 addresses
that are listed in <span><strong class="option">local_interfaces</strong></span>, data for the <span><strong class="option">manualroute</strong></span> router,
etc. are ignored. If IP literals are enabled, the <span><strong class="command">ipliteral</strong></span> router declines
to handle IPv6 literal addresses.
</p>
<p>
<a id="id535759" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_again_means_nonexist</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id535844" class="indexterm"></a>
DNS lookups give a “<span class="quote">try again</span>” response for the DNS errors
“<span class="quote">non-authoritative host not found</span>” and “<span class="quote">SERVERFAIL</span>”. This can cause Exim to
keep trying to deliver a message, or to give repeated temporary errors to
incoming mail. Sometimes the effect is caused by a badly set up name server and
may persist for a long time. If a domain which exhibits this problem matches
anything in <span><strong class="option">dns_again_means_nonexist</strong></span>, it is treated as if it did not exist.
This option should be used with care. You can make it apply to reverse lookups
by a setting such as this:
</p>
<pre class="literallayout">dns_again_means_nonexist = *.in-addr.arpa
</pre><p>
This option applies to all DNS lookups that Exim does. It also applies when the
<em class="function">gethostbyname()</em> or <em class="function">getipnodebyname()</em> functions give temporary errors,
since these are most likely to be caused by DNS lookup problems. The
<span><strong class="command">dnslookup</strong></span> router has some options of its own for controlling what happens
when lookups for MX or SRV records give temporary errors. These more specific
options are applied after this global option.
</p>
<p>
<a id="id535923" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_check_names_pattern</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id536005" class="indexterm"></a>
When this option is set to a non-empty string, it causes Exim to check domain
names for characters that are not allowed in host names before handing them to
the DNS resolver, because some resolvers give temporary errors for names that
contain unusual characters. If a domain name contains any unwanted characters,
a “<span class="quote">not found</span>” result is forced, and the resolver is not called. The check is
done by matching the domain name against a regular expression, which is the
value of this option. The default pattern is
</p>
<pre class="literallayout">dns_check_names_pattern = \
  (?i)^(?&gt;(?(1)\.|())[^\W_](?&gt;[a-z0-9/-]*[^\W_])?)+$
</pre><p>
which permits only letters, digits, slashes, and hyphens in components, but
they must start and end with a letter or digit. <span xmlns="" class="changed"><span xmlns="http://www.w3.org/1999/xhtml">Slashes</span></span> are not, in fact,
permitted in host names, but they are found in certain NS records (which can be
accessed in Exim by using a <span><strong class="option">dnsdb</strong></span> lookup). If you set
<span><strong class="option">allow_utf8_domains</strong></span>, you must modify this pattern, or set the option to an
empty string.
</p>
<p>
<a id="id536068" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_csa_search_limit</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>5</em></span></td></tr></tbody></table></div>
<p>
This option controls the depth of parental searching for CSA SRV records in the
DNS, as described in more detail in section <a href="ch40.html#SECTverifyCSA" title="40.46 Client SMTP authorization (CSA)">40.46</a>.
</p>
<p>
<a id="id536161" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_csa_use_reverse</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
This option controls whether or not an IP address, given as a CSA domain, is
reversed and looked up in the reverse DNS, as described in more detail in
section <a href="ch40.html#SECTverifyCSA" title="40.46 Client SMTP authorization (CSA)">40.46</a>.
</p>
<p>
<a id="id536256" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_ipv4_lookup</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id536340" class="indexterm"></a>
<a id="id536354" class="indexterm"></a>
When Exim is compiled with IPv6 support and <span><strong class="option">disable_ipv6</strong></span> is not set, it
looks for IPv6 address records (AAAA records) as well as IPv4 address records
(A records) when trying to find IP addresses for hosts, unless the host’s
domain matches this list.
</p>
<p>
This is a fudge to help with name servers that give big delays or otherwise do
not work for the AAAA record type. In due course, when the world’s name
servers have all been upgraded, there should be no need for this option.
</p>
<p>
<a id="id536394" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_retrans</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>0s</em></span></td></tr></tbody></table></div>
<p>
<a id="id536475" class="indexterm"></a>
The options <span><strong class="option">dns_retrans</strong></span> and <span><strong class="option">dns_retry</strong></span> can be used to set the
retransmission and retry parameters for DNS lookups. Values of zero (the
defaults) leave the system default settings unchanged. The first value is the
time between retries, and the second is the number of retries. It isn’t
totally clear exactly how these settings affect the total time a DNS lookup may
take. I haven’t found any documentation about timeouts on DNS lookups; these
parameter values are available in the external resolver interface structure,
but nowhere does it seem to describe how they are used or what you might want
to set in them.
</p>
<p>
<a id="id536500" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dns_retry</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">dns_retrans</strong></span> above.
</p>
<p>
<a id="id536589" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">drop_cr</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
This is an obsolete option that is now a no-op. It used to affect the way Exim
handled CR and LF characters in incoming messages. What happens now is
described in section <a href="ch44.html#SECTlineendings" title="44.2 Line endings">44.2</a>.
</p>
<p>
<a id="id536681" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">dsn_from</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id536765" class="indexterm"></a>
<a id="id536781" class="indexterm"></a>
This option can be used to vary the contents of <span class="emphasis"><em>From:</em></span> header lines in
bounces and other automatically generated messages (“<span class="quote">Delivery Status
Notifications</span>” – hence the name of the option). The default setting is:
</p>
<pre class="literallayout">dsn_from = Mail Delivery System &lt;Mailer-Daemon@$qualify_domain&gt;
</pre><p>
The value is expanded every time it is needed. If the expansion fails, a
panic is logged, and the default value is used.
</p>
<p>
<a id="id536827" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">envelope_to_remove</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id536909" class="indexterm"></a>
Exim’s transports have an option for adding an <span class="emphasis"><em>Envelope-to:</em></span> header to a
message when it is delivered, in exactly the same way as <span class="emphasis"><em>Return-path:</em></span> is
handled. <span class="emphasis"><em>Envelope-to:</em></span> records the original recipient address from the
messages’s envelope that caused the delivery to happen. Such headers should not
be present in incoming messages, and this option causes them to be removed at
the time the message is received, to avoid any problems that might occur when a
delivered message is subsequently sent on to some other recipient.
</p>
<p>
<a id="id536942" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">errors_copy</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id537026" class="indexterm"></a>
<a id="id537041" class="indexterm"></a>
Setting this option causes Exim to send bcc copies of bounce messages that it
generates to other addresses. <span class="bold"><strong>Note</strong></span>: This does not apply to bounce messages
coming from elsewhere. The value of the option is a colon-separated list of
items. Each item consists of a pattern, terminated by white space, followed by
a comma-separated list of email addresses. If a pattern contains spaces, it
must be enclosed in double quotes.
</p>
<p>
Each pattern is processed in the same way as a single item in an address list
(see section <a href="ch10.html#SECTaddresslist" title="10.19 Address lists">10.19</a>). When a pattern matches the recipient of
the bounce message, the message is copied to the addresses on the list. The
items are scanned in order, and once a matching one is found, no further items
are examined. For example:
</p>
<pre class="literallayout">errors_copy = spqr@mydomain   postmaster@mydomain.example :\
              rqps@mydomain   hostmaster@mydomain.example,\
                              postmaster@mydomain.example
</pre><p>
<a id="id537091" class="indexterm"></a>
<a id="id537103" class="indexterm"></a>
The address list is expanded before use. The expansion variables <em class="varname">$local_part</em>
and <em class="varname">$domain</em> are set from the original recipient of the error message, and if
there was any wildcard matching in the pattern, the expansion
<a id="id537126" class="indexterm"></a>
variables <em class="varname">$0</em>, <em class="varname">$1</em>, etc. are set in the normal way.
</p>
<p>
<a id="id537160" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">errors_reply_to</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id537242" class="indexterm"></a>
By default, Exim’s bounce and delivery warning messages contain the header line
</p>
<div class="literallayout">
<code class="literal">From: Mail Delivery System &lt;Mailer-Daemon@</code><span class="emphasis"><em>qualify-domain</em></span><code class="literal">&gt;</code><br />
</div>
<p>
<a id="id537286" class="indexterm"></a>
where <span class="emphasis"><em>qualify-domain</em></span> is the value of the <span><strong class="option">qualify_domain</strong></span> option.
A warning message that is generated by the <span><strong class="option">quota_warn_message</strong></span> option in an
<span><strong class="command">appendfile</strong></span> transport may contain its own <span class="emphasis"><em>From:</em></span> header line that
overrides the default.
</p>
<p>
Experience shows that people reply to bounce messages. If the
<span><strong class="option">errors_reply_to</strong></span> option is set, a <span class="emphasis"><em>Reply-To:</em></span> header is added to bounce
and warning messages. For example:
</p>
<pre class="literallayout">errors_reply_to = postmaster@my.domain.example
</pre><p>
The value of the option is not expanded. It must specify a valid RFC 2822
address. However, if a warning message that is generated by the
<span><strong class="option">quota_warn_message</strong></span> option in an <span><strong class="command">appendfile</strong></span> transport contain its
own <span class="emphasis"><em>Reply-To:</em></span> header line, the value of the <span><strong class="option">errors_reply_to</strong></span> option is
not used.
</p>
<p>
<a id="id537369" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">exim_group</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>compile-time configured</em></span></td></tr></tbody></table></div>
<p>
<a id="id537451" class="indexterm"></a>
<a id="id537466" class="indexterm"></a>
This option changes the gid under which Exim runs when it gives up root
privilege. The default value is compiled into the binary. The value of this
option is used only when <span><strong class="option">exim_user</strong></span> is also set. Unless it consists entirely
of digits, the string is looked up using <em class="function">getgrnam()</em>, and failure causes a
configuration error. See chapter <a href="ch52.html" title="52. Security considerations">52</a> for a discussion of
security issues.
</p>
<p>
<a id="id537501" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">exim_path</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id537583" class="indexterm"></a>
This option specifies the path name of the Exim binary, which is used when Exim
needs to re-exec itself. The default is set up to point to the file <span class="emphasis"><em>exim</em></span> in
the directory configured at compile time by the BIN_DIRECTORY setting. It
is necessary to change <span><strong class="option">exim_path</strong></span> if, exceptionally, Exim is run from some
other place.
<span class="bold"><strong>Warning</strong></span>: Do not use a macro to define the value of this option, because
you will break those Exim utilities that scan the configuration file to find
where the binary is. (They then use the <span><strong class="option">-bP</strong></span> option to extract option
settings such as the value of <span><strong class="option">spool_directory</strong></span>.)
</p>
<p>
<a id="id537626" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">exim_user</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>compile-time configured</em></span></td></tr></tbody></table></div>
<p>
<a id="id537709" class="indexterm"></a>
<a id="id537723" class="indexterm"></a>
This option changes the uid under which Exim runs when it gives up root
privilege. The default value is compiled into the binary. Ownership of the run
time configuration file and the use of the <span><strong class="option">-C</strong></span> and <span><strong class="option">-D</strong></span> command line
options is checked against the values in the binary, not what is set here.
</p>
<p>
Unless it consists entirely of digits, the string is looked up using
<em class="function">getpwnam()</em>, and failure causes a configuration error. If <span><strong class="option">exim_group</strong></span> is
not also supplied, the gid is taken from the result of <em class="function">getpwnam()</em> if it is
used. See chapter <a href="ch52.html" title="52. Security considerations">52</a> for a discussion of security issues.
</p>
<p>
<a id="id537777" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">extra_local_interfaces</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option defines network interfaces that are to be considered local when
routing, but which are not used for listening by the daemon. See section
<a href="ch13.html#SECTreclocipadd" title="13.8 Recognizing the local host">13.8</a> for details.
</p>
<p>
<a id="id537871" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">extract_addresses_remove_   arguments</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id537955" class="indexterm"></a>
<a id="id537967" class="indexterm"></a>
<a id="id537983" class="indexterm"></a>
According to some Sendmail documentation (Sun, IRIX, HP-UX), if any addresses
are present on the command line when the <span><strong class="option">-t</strong></span> option is used to build an
envelope from a message’s <span class="emphasis"><em>To:</em></span>, <span class="emphasis"><em>Cc:</em></span> and <span class="emphasis"><em>Bcc:</em></span> headers, the command
line addresses are removed from the recipients list. This is also how Smail
behaves. However, other Sendmail documentation (the O’Reilly book) states that
command line addresses are added to those obtained from the header lines. When
<span><strong class="option">extract_addresses_remove_arguments</strong></span> is true (the default), Exim subtracts
argument headers. If it is set false, Exim adds rather than removes argument
addresses.
</p>
<p>
<a id="id538034" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">finduser_retries</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id538117" class="indexterm"></a>
On systems running NIS or other schemes in which user and group information is
distributed from a remote system, there can be times when <em class="function">getpwnam()</em> and
related functions fail, even when given valid data, because things time out.
Unfortunately these failures cannot be distinguished from genuine “<span class="quote">not found</span>”
errors. If <span><strong class="option">finduser_retries</strong></span> is set greater than zero, Exim will try that
many extra times to find a user or a group, waiting for one second between
retries.
</p>
<p>
<a id="id538149" class="indexterm"></a>
You should not set this option greater than zero if your user information is in
a traditional <em class="filename">/etc/passwd</em> file, because it will cause Exim needlessly to
search the file multiple times for non-existent users, and also cause delay.
</p>
<p>
<a id="id538179" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">freeze_tell</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list, comma separated</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id538262" class="indexterm"></a>
On encountering certain errors, or when configured to do so in a system filter,
ACL, or special router, Exim freezes a message. This means that no further
delivery attempts take place until an administrator thaws the message, or the
<span><strong class="option">auto_thaw</strong></span>, <span><strong class="option">ignore_bounce_errors_after</strong></span>, or <span><strong class="option">timeout_frozen_after</strong></span>
feature cause it to be processed. If <span><strong class="option">freeze_tell</strong></span> is set, Exim generates a
warning message whenever it freezes something, unless the message it is
freezing is a locally-generated bounce message. (Without this exception there
is the possibility of looping.) The warning message is sent to the addresses
supplied as the comma-separated value of this option. If several of the
message’s addresses cause freezing, only a single message is sent. If the
freezing was automatic, the reason(s) for freezing can be found in the message
log. If you configure freezing in a filter or ACL, you must arrange for any
logging that you require.
</p>
<p>
<a id="id538299" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gecos_name</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id538384" class="indexterm"></a>
<a id="id538395" class="indexterm"></a>
Some operating systems, notably HP-UX, use the “<span class="quote">gecos</span>” field in the system
password file to hold other information in addition to users’ real names. Exim
looks up this field for use when it is creating <span class="emphasis"><em>Sender:</em></span> or <span class="emphasis"><em>From:</em></span>
headers. If either <span><strong class="option">gecos_pattern</strong></span> or <span><strong class="option">gecos_name</strong></span> are unset, the contents
of the field are used unchanged, except that, if an ampersand is encountered,
it is replaced by the user’s login name with the first character forced to
upper case, since this is a convention that is observed on many systems.
</p>
<p>
When these options are set, <span><strong class="option">gecos_pattern</strong></span> is treated as a regular
expression that is to be applied to the field (again with &amp; replaced by the
login name), and if it matches, <span><strong class="option">gecos_name</strong></span> is expanded and used as the
user’s name.
</p>
<p>
<a id="id538454" class="indexterm"></a>
Numeric variables such as <em class="varname">$1</em>, <em class="varname">$2</em>, etc. can be used in the expansion to
pick up sub-fields that were matched by the pattern. In HP-UX, where the user’s
name terminates at the first comma, the following can be used:
</p>
<pre class="literallayout">gecos_pattern = ([^,]*)
gecos_name = $1
</pre><p>
<a id="id538501" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gecos_pattern</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">gecos_name</strong></span> above.
</p>
<p>
<a id="id538590" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gnutls_require_kx</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option controls the key exchange mechanisms when GnuTLS is used in an Exim
server. For details, see section <a href="ch39.html#SECTreqciphgnu" title="39.5 Requiring specific ciphers or other parameters in GnuTLS">39.5</a>.
</p>
<p>
<a id="id538683" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gnutls_require_mac</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option controls the MAC algorithms when GnuTLS is used in an Exim
server. For details, see section <a href="ch39.html#SECTreqciphgnu" title="39.5 Requiring specific ciphers or other parameters in GnuTLS">39.5</a>.
</p>
<p>
<a id="id538776" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">gnutls_require_protocols</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option controls the protocols when GnuTLS is used in an Exim
server. For details, see section <a href="ch39.html#SECTreqciphgnu" title="39.5 Requiring specific ciphers or other parameters in GnuTLS">39.5</a>.
</p>
<p>
<a id="id538869" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">headers_charset</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option sets a default character set for translating from encoded MIME
“<span class="quote">words</span>” in header lines, when referenced by an <em class="varname">$h_xxx</em> expansion item. The
default is the value of HEADERS_CHARSET in <em class="filename">Local/Makefile</em>. The
ultimate default is ISO-8859-1. For more details see the description of header
insertions in section <a href="ch11.html#SECTexpansionitems" title="11.5 Expansion items">11.5</a>.
</p>
<p>
<a id="id538978" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">header_maxsize</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id539060" class="indexterm"></a>
<a id="id539075" class="indexterm"></a>
This option controls the overall maximum size of a message’s header
section. The default is the value of HEADER_MAXSIZE in
<em class="filename">Local/Makefile</em>; the default for that is 1M. Messages with larger header
sections are rejected.
</p>
<p>
<a id="id539108" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">header_line_maxsize</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id539190" class="indexterm"></a>
<a id="id539205" class="indexterm"></a>
This option limits the length of any individual header line in a message, after
all the continuations have been joined together. Messages with individual
header lines that are longer than the limit are rejected. The default value of
zero means “<span class="quote">no limit</span>”.
</p>
<p>
<a id="id539230" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">helo_accept_junk_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id539315" class="indexterm"></a>
<a id="id539330" class="indexterm"></a>
Exim checks the syntax of HELO and EHLO commands for incoming SMTP
mail, and gives an error response for invalid data. Unfortunately, there are
some SMTP clients that send syntactic junk. They can be accommodated by setting
this option. Note that this is a syntax check only. See <span><strong class="option">helo_verify_hosts</strong></span>
if you want to do semantic checking.
See also <span><strong class="option">helo_allow_chars</strong></span> for a way of extending the permitted character
set.
</p>
<p>
<a id="id539362" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">helo_allow_chars</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id539445" class="indexterm"></a>
<a id="id539459" class="indexterm"></a>
<a id="id539473" class="indexterm"></a>
This option can be set to a string of rogue characters that are permitted in
all EHLO and HELO names in addition to the standard letters, digits,
hyphens, and dots. If you really must allow underscores, you can set
</p>
<pre class="literallayout">helo_allow_chars = _
</pre><p>
Note that the value is one string, not a list.
</p>
<p>
<a id="id539504" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">helo_lookup_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em><code class="literal">@:@[]</code></em></span></td></tr></tbody></table></div>
<p>
<a id="id539592" class="indexterm"></a>
<a id="id539607" class="indexterm"></a>
If the domain given by a client in a HELO or EHLO command matches this
list, a reverse lookup is done in order to establish the host’s true name. The
default forces a lookup if the client host gives the server’s name or any of
its IP addresses (in brackets), something that broken clients have been seen to
do.
</p>
<p>
<a id="id539625" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">helo_try_verify_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id539710" class="indexterm"></a>
<a id="id539724" class="indexterm"></a>
By default, Exim just checks the syntax of HELO and EHLO commands (see
<span><strong class="option">helo_accept_junk_hosts</strong></span> and <span><strong class="option">helo_allow_chars</strong></span>). However, some sites like
to do more extensive checking of the data supplied by these commands. The ACL
condition <code class="literal">verify</code> <code class="literal">=</code> <code class="literal">helo</code> is provided to make this possible.
Formerly, it was necessary also to set this option (<span><strong class="option">helo_try_verify_hosts</strong></span>)
to force the check to occur. From release 4.53 onwards, this is no longer
necessary. If the check has not been done before <code class="literal">verify</code> <code class="literal">=</code> <code class="literal">helo</code> is
encountered, it is done at that time. Consequently, this option is obsolete.
Its specification is retained here for backwards compatibility.
</p>
<p>
When an EHLO or HELO command is received, if the calling host matches
<span><strong class="option">helo_try_verify_hosts</strong></span>, Exim checks that the host name given in the HELO or
EHLO command either:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
is an IP literal matching the calling address of the host, or
</p>
</li><li><p>
<a id="id539818" class="indexterm"></a>
<a id="id539832" class="indexterm"></a>
matches the host name that Exim obtains by doing a reverse lookup of the
calling host address, or
</p>
</li><li><p>
when looked up using <em class="function">gethostbyname()</em> (or <em class="function">getipnodebyname()</em> when
available) yields the calling host address.
</p>
</li></ul></div>
<p>
However, the EHLO or HELO command is not rejected if any of the checks
fail. Processing continues, but the result of the check is remembered, and can
be detected later in an ACL by the <code class="literal">verify</code> <code class="literal">=</code> <code class="literal">helo</code> condition.
</p>
<p>
<a id="id539893" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">helo_verify_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id539978" class="indexterm"></a>
<a id="id539993" class="indexterm"></a>
Like <span><strong class="option">helo_try_verify_hosts</strong></span>, this option is obsolete, and retained only for
backwards compatibility. For hosts that match this option, Exim checks the host
name given in the HELO or EHLO in the same way as for
<span><strong class="option">helo_try_verify_hosts</strong></span>. If the check fails, the HELO or EHLO command is
rejected with a 550 error, and entries are written to the main and reject logs.
If a MAIL command is received before EHLO or HELO, it is rejected with a 503
error.
</p>
<p>
<a id="id540025" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">hold_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id540110" class="indexterm"></a>
<a id="id540125" class="indexterm"></a>
This option allows mail for particular domains to be held on the queue
manually. The option is overridden if a message delivery is forced with the
<span><strong class="option">-M</strong></span>, <span><strong class="option">-qf</strong></span>, <span><strong class="option">-Rf</strong></span> or <span><strong class="option">-Sf</strong></span> options, and also while testing or
verifying addresses using <span><strong class="option">-bt</strong></span> or <span><strong class="option">-bv</strong></span>. Otherwise, if a domain matches an
item in <span><strong class="option">hold_domains</strong></span>, no routing or delivery for that address is done, and
it is deferred every time the message is looked at.
</p>
<p>
This option is intended as a temporary operational measure for delaying the
delivery of mail while some problem is being sorted out, or some new
configuration tested. If you just want to delay the processing of some
domains until a queue run occurs, you should use <span><strong class="option">queue_domains</strong></span> or
<span><strong class="option">queue_smtp_domains</strong></span>, not <span><strong class="option">hold_domains</strong></span>.
</p>
<p>
A setting of <span><strong class="option">hold_domains</strong></span> does not override Exim’s code for removing
messages from the queue if they have been there longer than the longest retry
time in any retry rule. If you want to hold messages for longer than the normal
retry times, insert a dummy retry rule with a long retry time.
</p>
<p>
<a id="id540197" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">host_lookup</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id540280" class="indexterm"></a>
Exim does not look up the name of a calling host from its IP address unless it
is required to compare against some host list, or the host matches
<span><strong class="option">helo_try_verify_hosts</strong></span> or <span><strong class="option">helo_verify_hosts</strong></span>, or the host matches this
option (which normally contains IP addresses rather than host names). The
default configuration file contains
</p>
<pre class="literallayout">host_lookup = *
</pre><p>
which causes a lookup to happen for all hosts. If the expense of these lookups
is felt to be too great, the setting can be changed or removed.
</p>
<p>
After a successful reverse lookup, Exim does a forward lookup on the name it
has obtained, to verify that it yields the IP address that it started with. If
this check fails, Exim behaves as if the name lookup failed.
</p>
<p>
<a id="id540332" class="indexterm"></a>
<a id="id540344" class="indexterm"></a>
After any kind of failure, the host name (in <em class="varname">$sender_host_name</em>) remains
unset, and <em class="varname">$host_lookup_failed</em> is set to the string “<span class="quote">1</span>”. See also
<span><strong class="option">dns_again_means_nonexist</strong></span>, <span><strong class="option">helo_lookup_domains</strong></span>, and <code class="literal">verify</code> <code class="literal">=</code>
<code class="literal">reverse_host_lookup</code> in ACLs.
</p>
<p>
<a id="id540397" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">host_lookup_order</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em><code class="literal">bydns:byaddr</code></em></span></td></tr></tbody></table></div>
<p>
This option specifies the order of different lookup methods when Exim is trying
to find a host name from an IP address. The default is to do a DNS lookup
first, and then to try a local lookup (using <em class="function">gethostbyaddr()</em> or equivalent)
if that fails. You can change the order of these lookups, or omit one entirely,
if you want.
</p>
<p>
<span class="bold"><strong>Warning</strong></span>: The “<span class="quote">byaddr</span>” method does not always yield aliases when there are
multiple PTR records in the DNS and the IP address is not listed in
<em class="filename">/etc/hosts</em>. Different operating systems give different results in this
case. That is why the default tries a DNS lookup first.
</p>
<p>
<a id="id540519" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">host_reject_connection</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id540604" class="indexterm"></a>
If this option is set, incoming SMTP calls from the hosts listed are rejected
as soon as the connection is made.
This option is obsolete, and retained only for backward compatibility, because
nowadays the ACL specified by <span><strong class="option">acl_smtp_connect</strong></span> can also reject incoming
connections immediately.
</p>
<p>
The ability to give an immediate rejection (either by this option or using an
ACL) is provided for use in unusual cases. Many hosts will just try again,
sometimes without much delay. Normally, it is better to use an ACL to reject
incoming messages at a later stage, such as after RCPT commands. See
chapter <a href="ch40.html" title="40. Access control lists">40</a>.
</p>
<p>
<a id="id540645" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">hosts_connection_nolog</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id540730" class="indexterm"></a>
This option defines a list of hosts for which connection logging does not
happen, even though the <span><strong class="option">smtp_connection</strong></span> log selector is set. For example,
you might want not to log SMTP connections from local processes, or from
127.0.0.1, or from your local LAN. This option is consulted in the main loop of
the daemon; you should therefore strive to restrict its value to a short inline
list of IP addresses and networks. To disable logging SMTP connections from
local processes, you must create a host list with an empty item. For example:
</p>
<pre class="literallayout">hosts_connection_nolog = :
</pre><p>
If the <span><strong class="option">smtp_connection</strong></span> log selector is not set, this option has no effect.
</p>
<p>
<a id="id540776" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">hosts_treat_as_local</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id540861" class="indexterm"></a>
<a id="id540876" class="indexterm"></a>
If this option is set, any host names that match the domain list are treated as
if they were the local host when Exim is scanning host lists obtained from MX
records
or other sources. Note that the value of this option is a domain list, not a
host list, because it is always used to check host names, not IP addresses.
</p>
<p>
This option also applies when Exim is matching the special items
<code class="literal">@mx_any</code>, <code class="literal">@mx_primary</code>, and <code class="literal">@mx_secondary</code> in a domain list (see
section <a href="ch10.html#SECTdomainlist" title="10.8 Domain lists">10.8</a>), and when checking the <span><strong class="option">hosts</strong></span> option in the
<span><strong class="command">smtp</strong></span> transport for the local host (see the <span><strong class="option">allow_localhost</strong></span> option in
that transport). See also <span><strong class="option">local_interfaces</strong></span>, <span><strong class="option">extra_local_interfaces</strong></span>, and
chapter <a href="ch13.html" title="13. Starting the daemon and the use of network interfaces">13</a>, which contains a discussion about local network
interfaces and recognizing the local host.
</p>
<p>
<a id="id540957" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ibase_servers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id541038" class="indexterm"></a>
This option provides a list of InterBase servers and associated connection data,
to be used in conjunction with <span><strong class="command">ibase</strong></span> lookups (see section <a href="ch09.html#SECID72" title="9.21 More about MySQL, PostgreSQL, Oracle, and InterBase">9.21</a>).
The option is available only if Exim has been built with InterBase support.
</p>
<p>
<a id="id541072" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ignore_bounce_errors_after</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>10w</em></span></td></tr></tbody></table></div>
<p>
<a id="id541154" class="indexterm"></a>
<a id="id541169" class="indexterm"></a>
This option affects the processing of bounce messages that cannot be delivered,
that is, those that suffer a permanent delivery failure. (Bounce messages that
suffer temporary delivery failures are of course retried in the usual way.)
</p>
<p>
After a permanent delivery failure, bounce messages are frozen,
because there is no sender to whom they can be returned. When a frozen bounce
message has been on the queue for more than the given time, it is unfrozen at
the next queue run, and a further delivery is attempted. If delivery fails
again, the bounce message is discarded. This makes it possible to keep failed
bounce messages around for a shorter time than the normal maximum retry time
for frozen messages. For example,
</p>
<pre class="literallayout">ignore_bounce_errors_after = 12h
</pre><p>
retries failed bounce message deliveries after 12 hours, discarding any further
failures. If the value of this option is set to a zero time period, bounce
failures are discarded immediately. Setting a very long time (as in the default
value) has the effect of disabling this option. For ways of automatically
dealing with other kinds of frozen message, see <span><strong class="option">auto_thaw</strong></span> and
<span><strong class="option">timeout_frozen_after</strong></span>.
</p>
<p>
<a id="id541224" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ignore_fromline_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id541309" class="indexterm"></a>
<a id="id541322" class="indexterm"></a>
Some broken SMTP clients insist on sending a UUCP-like “<span class="quote">From </span>” line before
the headers of a message. By default this is treated as the start of the
message’s body, which means that any following headers are not recognized as
such. Exim can be made to ignore it by setting <span><strong class="option">ignore_fromline_hosts</strong></span> to
match those hosts that insist on sending it. If the sender is actually a local
process rather than a remote host, and is using <span><strong class="option">-bs</strong></span> to inject the messages,
<span><strong class="option">ignore_fromline_local</strong></span> must be set to achieve this effect.
</p>
<p>
<a id="id541365" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ignore_fromline_local</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">ignore_fromline_hosts</strong></span> above.
</p>
<p>
<a id="id541455" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">keep_malformed</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>4d</em></span></td></tr></tbody></table></div>
<p>
This option specifies the length of time to keep messages whose spool files
have been corrupted in some way. This should, of course, never happen. At the
next attempt to deliver such a message, it gets removed. The incident is
logged.
</p>
<p>
<a id="id541815" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ldap_default_servers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id541897" class="indexterm"></a>
This option provides a list of LDAP servers which are tried in turn when an
LDAP query does not contain a server. See section <a href="ch09.html#SECTforldaque" title="9.14 Format of LDAP queries">9.14</a> for
details of LDAP queries. This option is available only when Exim has been built
with LDAP support.
</p>
<p>
<a id="id541922" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">ldap_version</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id542004" class="indexterm"></a>
This option can be used to force Exim to set a specific protocol version for
LDAP. If it option is unset, it is shown by the <span><strong class="option">-bP</strong></span> command line option as
-1. When this is the case, the default is 3 if LDAP_VERSION3 is defined in
the LDAP headers; otherwise it is 2. This option is available only when Exim
has been built with LDAP support.
</p>
<p>
<a id="id542030" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_from_check</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id542113" class="indexterm"></a>
<a id="id542130" class="indexterm"></a>
When a message is submitted locally (that is, not over a TCP/IP connection) by
an untrusted user, Exim removes any existing <span class="emphasis"><em>Sender:</em></span> header line, and
checks that the <span class="emphasis"><em>From:</em></span> header line matches the login of the calling user and
the domain specified by <span><strong class="option">qualify_domain</strong></span>.
</p>
<p>
<span class="bold"><strong>Note</strong></span>: An unqualified address (no domain) in the <span class="emphasis"><em>From:</em></span> header in a
locally submitted message is automatically qualified by Exim, unless the
<span><strong class="option">-bnq</strong></span> command line option is used.
</p>
<p>
You can use <span><strong class="option">local_from_prefix</strong></span> and <span><strong class="option">local_from_suffix</strong></span> to permit affixes
on the local part. If the <span class="emphasis"><em>From:</em></span> header line does not match, Exim adds a
<span class="emphasis"><em>Sender:</em></span> header with an address constructed from the calling user’s login
and the default qualify domain.
</p>
<p>
If <span><strong class="option">local_from_check</strong></span> is set false, the <span class="emphasis"><em>From:</em></span> header check is disabled,
and no <span class="emphasis"><em>Sender:</em></span> header is ever added. If, in addition, you want to retain
<span class="emphasis"><em>Sender:</em></span> header lines supplied by untrusted users, you must also set
<span><strong class="option">local_sender_retain</strong></span> to be true.
</p>
<p>
<a id="id542231" class="indexterm"></a>
These options affect only the header lines in the message. The envelope sender
is still forced to be the login id at the qualify domain unless
<span><strong class="option">untrusted_set_sender</strong></span> permits the user to supply an envelope sender.
</p>
<p>
For messages received over TCP/IP, an ACL can specify “<span class="quote">submission mode</span>” to
request similar header line checking. See section <a href="ch44.html#SECTthesenhea" title="44.16 The Sender: header line">44.16</a>, which
has more details about <span class="emphasis"><em>Sender:</em></span> processing.
</p>
<p>
<a id="id542272" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_from_prefix</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
When Exim checks the <span class="emphasis"><em>From:</em></span> header line of locally submitted messages for
matching the login id (see <span><strong class="option">local_from_check</strong></span> above), it can be configured to
ignore certain prefixes and suffixes in the local part of the address. This is
done by setting <span><strong class="option">local_from_prefix</strong></span> and/or <span><strong class="option">local_from_suffix</strong></span> to
appropriate lists, in the same form as the <span><strong class="option">local_part_prefix</strong></span> and
<span><strong class="option">local_part_suffix</strong></span> router options (see chapter <a href="ch15.html" title="15. Generic options for routers">15</a>). For
example, if
</p>
<pre class="literallayout">local_from_prefix = *-
</pre><p>
is set, a <span class="emphasis"><em>From:</em></span> line containing
</p>
<pre class="literallayout">From: anything-user@your.domain.example
</pre><p>
will not cause a <span class="emphasis"><em>Sender:</em></span> header to be added if <span class="emphasis"><em>user@your.domain.example</em></span>
matches the actual sender address that is constructed from the login name and
qualify domain.
</p>
<p>
<a id="id542429" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_from_suffix</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">local_from_prefix</strong></span> above.
</p>
<p>
<a id="id542519" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_interfaces</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option controls which network interfaces are used by the daemon for
listening; they are also used to identify the local host when routing. Chapter
<a href="ch13.html" title="13. Starting the daemon and the use of network interfaces">13</a> contains a full description of this option and the related
options <span><strong class="option">daemon_smtp_ports</strong></span>, <span><strong class="option">extra_local_interfaces</strong></span>,
<span><strong class="option">hosts_treat_as_local</strong></span>, and <span><strong class="option">tls_on_connect_ports</strong></span>. The default value for
<span><strong class="option">local_interfaces</strong></span> is
</p>
<pre class="literallayout">local_interfaces = 0.0.0.0
</pre><p>
when Exim is built without IPv6 support; otherwise it is
</p>
<pre class="literallayout">local_interfaces = &lt;; ::0 ; 0.0.0.0
</pre><p>
<a id="id542655" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_scan_timeout</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>5m</em></span></td></tr></tbody></table></div>
<p>
<a id="id542737" class="indexterm"></a>
<a id="id542757" class="indexterm"></a>
This timeout applies to the <em class="function">local_scan()</em> function (see chapter
<a href="ch42.html" title="42. Adding a local scan function to Exim">42</a>). Zero means “<span class="quote">no timeout</span>”. If the timeout is exceeded,
the incoming message is rejected with a temporary error if it is an SMTP
message. For a non-SMTP message, the message is dropped and Exim ends with a
non-zero code. The incident is logged on the main and reject logs.
</p>
<p>
<a id="id542799" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">local_sender_retain</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id542882" class="indexterm"></a>
When a message is submitted locally (that is, not over a TCP/IP connection) by
an untrusted user, Exim removes any existing <span class="emphasis"><em>Sender:</em></span> header line. If you
do not want this to happen, you must set <span><strong class="option">local_sender_retain</strong></span>, and you must
also set <span><strong class="option">local_from_check</strong></span> to be false (Exim will complain if you do not).
See also the ACL modifier <code class="literal">control = suppress_local_fixups</code>. Section
<a href="ch44.html#SECTthesenhea" title="44.16 The Sender: header line">44.16</a> has more details about <span class="emphasis"><em>Sender:</em></span> processing.
</p>
<p>
<a id="id542934" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">localhost_number</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id543019" class="indexterm"></a>
<a id="id543034" class="indexterm"></a>
<a id="id543048" class="indexterm"></a>
Exim’s message ids are normally unique only within the local host. If
uniqueness among a set of hosts is required, each host must set a different
value for the <span><strong class="option">localhost_number</strong></span> option. The string is expanded immediately
after reading the configuration file (so that a number can be computed from the
host name, for example) and the result of the expansion must be a number in the
range 0–16 (or 0–10 on operating systems with case-insensitive file
systems). This is available in subsequent string expansions via the variable
<em class="varname">$localhost_number</em>. When <span><strong class="option">localhost_number is set</strong></span>, the final two
characters of the message id, instead of just being a fractional part of the
time, are computed from the time and the local host number as described in
section <a href="ch03.html#SECTmessiden" title="3.4 Message identification">3.4</a>.
</p>
<p>
<a id="id543097" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">log_file_path</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>set at compile time</em></span></td></tr></tbody></table></div>
<p>
<a id="id543181" class="indexterm"></a>
This option sets the path which is used to determine the names of Exim’s log
files, or indicates that logging is to be to syslog, or both. It is expanded
when Exim is entered, so it can, for example, contain a reference to the host
name. If no specific path is set for the log files at compile or run time, they
are written in a sub-directory called <em class="filename">log</em> in Exim’s spool directory.
Chapter <a href="ch49.html" title="49. Log files">49</a> contains further details about Exim’s logging, and
section <a href="ch49.html#SECTwhelogwri" title="49.1 Where the logs are written">49.1</a> describes how the contents of <span><strong class="option">log_file_path</strong></span> are
used. If this string is fixed at your installation (contains no expansion
variables) it is recommended that you do not set this option in the
configuration file, but instead supply the path using LOG_FILE_PATH in
<em class="filename">Local/Makefile</em> so that it is available to Exim for logging errors detected
early on – in particular, failure to read the configuration file.
</p>
<p>
<a id="id543236" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">log_selector</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id543318" class="indexterm"></a>
This option can be used to reduce or increase the number of things that Exim
writes to its log files. Its argument is made up of names preceded by plus or
minus characters. For example:
</p>
<pre class="literallayout">log_selector = +arguments -retry_defer
</pre><p>
A list of possible names and what they control is given in the chapter on
logging, in section <a href="ch49.html#SECTlogselector" title="49.15 Reducing or increasing what is logged">49.15</a>.
</p>
<p>
<a id="id543357" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">log_timezone</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id543438" class="indexterm"></a>
<a id="id543453" class="indexterm"></a>
<a id="id543465" class="indexterm"></a>
By default, the timestamps on log lines are in local time without the
timezone. This means that if your timezone changes twice a year, the timestamps
in log lines are ambiguous for an hour when the clocks go back. One way of
avoiding this problem is to set the timezone to UTC. An alternative is to set
<span><strong class="option">log_timezone</strong></span> true. This turns on the addition of the timezone offset to
timestamps in log lines. Turning on this option can add quite a lot to the size
of log files because each line is extended by 6 characters. Note that the
<em class="varname">$tod_log</em> variable contains the log timestamp without the zone, but there is
another variable called <em class="varname">$tod_zone</em> that contains just the timezone offset.
</p>
<p>
<a id="id543502" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">lookup_open_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>25</em></span></td></tr></tbody></table></div>
<p>
<a id="id543584" class="indexterm"></a>
<a id="id543595" class="indexterm"></a>
<a id="id543606" class="indexterm"></a>
<a id="id543621" class="indexterm"></a>
<a id="id543635" class="indexterm"></a>
This option limits the number of simultaneously open files for single-key
lookups that use regular files (that is, <span><strong class="command">lsearch</strong></span>, <span><strong class="command">dbm</strong></span>, and <span><strong class="command">cdb</strong></span>).
Exim normally keeps these files open during routing, because often the same
file is required several times. If the limit is reached, Exim closes the least
recently used file. Note that if you are using the <span class="emphasis"><em>ndbm</em></span> library, it
actually opens two files for each logical DBM database, though it still counts
as one for the purposes of <span><strong class="option">lookup_open_max</strong></span>. If you are getting “<span class="quote">too many
open files</span>” errors with NDBM, you need to reduce the value of
<span><strong class="option">lookup_open_max</strong></span>.
</p>
<p>
<a id="id543693" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">max_username_length</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id543776" class="indexterm"></a>
<a id="id543787" class="indexterm"></a>
<a id="id543801" class="indexterm"></a>
Some operating systems are broken in that they truncate long arguments to
<em class="function">getpwnam()</em> to eight characters, instead of returning “<span class="quote">no such user</span>”. If
this option is set greater than zero, any attempt to call <em class="function">getpwnam()</em> with
an argument that is longer behaves as if <em class="function">getpwnam()</em> failed.
</p>
<p>
<a id="id543844" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_body_newlines</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>bool</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id543926" class="indexterm"></a>
<a id="id543941" class="indexterm"></a>
<a id="id543956" class="indexterm"></a>
<a id="id543968" class="indexterm"></a>
By default, newlines in the message body are replaced by spaces when setting
the <em class="varname">$message_body</em> and <em class="varname">$message_body_end</em> expansion variables. If this
option is set true, this no longer happens.
</p>
<p>
<a id="id543994" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_body_visible</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>500</em></span></td></tr></tbody></table></div>
<p>
<a id="id544076" class="indexterm"></a>
<a id="id544090" class="indexterm"></a>
<a id="id544105" class="indexterm"></a>
<a id="id544117" class="indexterm"></a>
This option specifies how much of a message’s body is to be included in the
<em class="varname">$message_body</em> and <em class="varname">$message_body_end</em> expansion variables.
</p>
<p>
<a id="id544143" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_id_header_domain</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id544227" class="indexterm"></a>
If this option is set, the string is expanded and used as the right hand side
(domain) of the <span class="emphasis"><em>Message-ID:</em></span> header that Exim creates if a
locally-originated incoming message does not have one. “<span class="quote">Locally-originated</span>”
means “<span class="quote">not received over TCP/IP.</span>”
Otherwise, the primary host name is used.
Only letters, digits, dot and hyphen are accepted; any other characters are
replaced by hyphens. If the expansion is forced to fail, or if the result is an
empty string, the option is ignored.
</p>
<p>
<a id="id544262" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_id_header_text</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
If this variable is set, the string is expanded and used to augment the text of
the <span class="emphasis"><em>Message-id:</em></span> header that Exim creates if a locally-originated incoming
message does not have one. The text of this header is required by RFC 2822 to
take the form of an address. By default, Exim uses its internal message id as
the local part, and the primary host name as the domain. If this option is set,
it is expanded, and provided the expansion is not forced to fail, and does not
yield an empty string, the result is inserted into the header immediately
before the @, separated from the internal message id by a dot. Any characters
that are illegal in an address are automatically converted into hyphens. This
means that variables such as <em class="varname">$tod_log</em> can be used, because the spaces and
colons will become hyphens.
</p>
<p>
<a id="id544360" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_logs</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id544442" class="indexterm"></a>
<a id="id544457" class="indexterm"></a>
If this option is turned off, per-message log files are not created in the
<em class="filename">msglog</em> spool sub-directory. This reduces the amount of disk I/O required by
Exim, by reducing the number of files involved in handling a message from a
minimum of four (header spool file, body spool file, delivery journal, and
per-message log) to three. The other major I/O activity is Exim’s main log,
which is not affected by this option.
</p>
<p>
<a id="id544481" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">message_size_limit</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>50M</em></span></td></tr></tbody></table></div>
<p>
<a id="id544566" class="indexterm"></a>
<a id="id544580" class="indexterm"></a>
<a id="id544595" class="indexterm"></a>
This option limits the maximum size of message that Exim will process. The
value is expanded for each incoming connection so, for example, it can be made
to depend on the IP address of the remote host for messages arriving via
TCP/IP. After expansion, the value must be a sequence of decimal digits,
optionally followed by K or M.
</p>
<p>
<span class="bold"><strong>Note</strong></span>: This limit cannot be made to depend on a message’s sender or any
other properties of an individual message, because it has to be advertised in
the server’s response to EHLO. String expansion failure causes a temporary
error. A value of zero means no limit, but its use is not recommended. See also
<span><strong class="option">bounce_return_size_limit</strong></span>.
</p>
<p>
Incoming SMTP messages are failed with a 552 error if the limit is
exceeded; locally-generated messages either get a stderr message or a delivery
failure message to the sender, depending on the <span><strong class="option">-oe</strong></span> setting. Rejection of
an oversized message is logged in both the main and the reject logs. See also
the generic transport option <span><strong class="option">message_size_limit</strong></span>, which limits the size of
message that an individual transport can process.
</p>
<p>
<a id="id544657" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">move_frozen_messages</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id544740" class="indexterm"></a>
This option, which is available only if Exim has been built with the setting
</p>
<pre class="literallayout">SUPPORT_MOVE_FROZEN_MESSAGES=yes
</pre><p>
in <em class="filename">Local/Makefile</em>, causes frozen messages and their message logs to be
moved from the <em class="filename">input</em> and <em class="filename">msglog</em> directories on the spool to <em class="filename">Finput</em>
and <em class="filename">Fmsglog</em>, respectively. There is currently no support in Exim or the
standard utilities for handling such moved messages, and they do not show up in
lists generated by <span><strong class="option">-bp</strong></span> or by the Exim monitor.
</p>
<p>
<a id="id544808" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">mua_wrapper</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
Setting this option true causes Exim to run in a very restrictive mode in which
it passes messages synchronously to a smart host. Chapter <a href="ch48.html" title="48. Using Exim as a non-queueing client">48</a>
contains a full description of this facility.
</p>
<p>
<a id="id544900" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">mysql_servers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id544982" class="indexterm"></a>
This option provides a list of MySQL servers and associated connection data, to
be used in conjunction with <span><strong class="command">mysql</strong></span> lookups (see section <a href="ch09.html#SECID72" title="9.21 More about MySQL, PostgreSQL, Oracle, and InterBase">9.21</a>). The
option is available only if Exim has been built with MySQL support.
</p>
<p>
<a id="id545014" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">never_users</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option is expanded just once, at the start of Exim’s processing. Local
message deliveries are normally run in processes that are setuid to the
recipient, and remote deliveries are normally run under Exim’s own uid and gid.
It is usually desirable to prevent any deliveries from running as root, as a
safety precaution.
</p>
<p>
When Exim is built, an option called FIXED_NEVER_USERS can be set to a
list of users that must not be used for local deliveries. This list is fixed in
the binary and cannot be overridden by the configuration file. By default, it
contains just the single user name “<span class="quote">root</span>”. The <span><strong class="option">never_users</strong></span> runtime option
can be used to add more users to the fixed list.
</p>
<p>
If a message is to be delivered as one of the users on the fixed list or the
<span><strong class="option">never_users</strong></span> list, an error occurs, and delivery is deferred. A common
example is
</p>
<pre class="literallayout">never_users = root:daemon:bin
</pre><p>
Including root is redundant if it is also on the fixed list, but it does no
harm. This option overrides the <span><strong class="option">pipe_as_creator</strong></span> option of the <span><strong class="command">pipe</strong></span>
transport driver.
</p>
<p>
<a id="id545152" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">oracle_servers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id545234" class="indexterm"></a>
This option provides a list of Oracle servers and associated connection data,
to be used in conjunction with <span><strong class="command">oracle</strong></span> lookups (see section <a href="ch09.html#SECID72" title="9.21 More about MySQL, PostgreSQL, Oracle, and InterBase">9.21</a>).
The option is available only if Exim has been built with Oracle support.
</p>
<p>
<a id="id545265" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">percent_hack_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id545350" class="indexterm"></a>
<a id="id545362" class="indexterm"></a>
<a id="id545376" class="indexterm"></a>
The “<span class="quote">percent hack</span>” is the convention whereby a local part containing a
percent sign is re-interpreted as a new email address, with the percent
replaced by @. This is sometimes called “<span class="quote">source routing</span>”, though that term is
also applied to RFC 2822 addresses that begin with an @ character. If this
option is set, Exim implements the percent facility for those domains listed,
but no others. This happens before an incoming SMTP address is tested against
an ACL.
</p>
<p>
<span class="bold"><strong>Warning</strong></span>: The “<span class="quote">percent hack</span>” has often been abused by people who are
trying to get round relaying restrictions. For this reason, it is best avoided
if at all possible. Unfortunately, a number of less security-conscious MTAs
implement it unconditionally. If you are running Exim on a gateway host, and
routing mail through to internal MTAs without processing the local parts, it is
a good idea to reject recipient addresses with percent characters in their
local parts. Exim’s default configuration does this.
</p>
<p>
<a id="id545421" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">perl_at_start</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
This option is available only when Exim is built with an embedded Perl
interpreter. See chapter <a href="ch12.html" title="12. Embedded Perl">12</a> for details of its use.
</p>
<p>
<a id="id545514" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">perl_startup</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option is available only when Exim is built with an embedded Perl
interpreter. See chapter <a href="ch12.html" title="12. Embedded Perl">12</a> for details of its use.
</p>
<p>
<a id="id545608" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">pgsql_servers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id545689" class="indexterm"></a>
This option provides a list of PostgreSQL servers and associated connection
data, to be used in conjunction with <span><strong class="command">pgsql</strong></span> lookups (see section
<a href="ch09.html#SECID72" title="9.21 More about MySQL, PostgreSQL, Oracle, and InterBase">9.21</a>). The option is available only if Exim has been built with
PostgreSQL support.
</p>
<p>
<a id="id545723" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">pid_file_path</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>set at compile time</em></span></td></tr></tbody></table></div>
<p>
<a id="id545807" class="indexterm"></a>
<a id="id545822" class="indexterm"></a>
This option sets the name of the file to which the Exim daemon writes its
process id. The string is expanded, so it can contain, for example, references
to the host name:
</p>
<pre class="literallayout">pid_file_path = /var/log/$primary_hostname/exim.pid
</pre><p>
If no path is set, the pid is written to the file <em class="filename">exim-daemon.pid</em> in Exim’s
spool directory.
The value set by the option can be overridden by the <span><strong class="option">-oP</strong></span> command line
option. A pid file is not written if a “<span class="quote">non-standard</span>” daemon is run by means
of the <span><strong class="option">-oX</strong></span> option, unless a path is explicitly supplied by <span><strong class="option">-oP</strong></span>.
</p>
<p>
<a id="id545876" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">pipelining_advertise_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>*</em></span></td></tr></tbody></table></div>
<p>
<a id="id545961" class="indexterm"></a>
This option can be used to suppress the advertisement of the SMTP
PIPELINING extension to specific hosts. See also the <span class="bold"><strong>no_pipelining</strong></span>
control in section <a href="ch40.html#SECTcontrols" title="40.20 Use of the control modifier">40.20</a>. When PIPELINING is not advertised and
<span><strong class="option">smtp_enforce_sync</strong></span> is true, an Exim server enforces strict synchronization
for each SMTP command and response. When PIPELINING is advertised, Exim assumes
that clients will use it; “<span class="quote">out of order</span>” commands that are “<span class="quote">expected</span>” do
not count as protocol errors (see <span><strong class="option">smtp_max_synprot_errors</strong></span>).
</p>
<p>
<a id="id546013" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">preserve_message_logs</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id546095" class="indexterm"></a>
If this option is set, message log files are not deleted when messages are
completed. Instead, they are moved to a sub-directory of the spool directory
called <em class="filename">msglog.OLD</em>, where they remain available for statistical or debugging
purposes. This is a dangerous option to set on systems with any appreciable
volume of mail. Use with care!
</p>
<p>
<a id="id546124" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">primary_hostname</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id546207" class="indexterm"></a>
<a id="id546221" class="indexterm"></a>
<a id="id546236" class="indexterm"></a>
<a id="id546250" class="indexterm"></a>
This specifies the name of the current host. It is used in the default EHLO or
HELO command for outgoing SMTP messages (changeable via the <span><strong class="option">helo_data</strong></span>
option in the <span><strong class="command">smtp</strong></span> transport), and as the default for <span><strong class="option">qualify_domain</strong></span>.
The value is also used by default in some SMTP response messages from an Exim
server. This can be changed dynamically by setting <span><strong class="option">smtp_active_hostname</strong></span>.
</p>
<p>
If <span><strong class="option">primary_hostname</strong></span> is not set, Exim calls <em class="function">uname()</em> to find the host
name. If this fails, Exim panics and dies. If the name returned by <em class="function">uname()</em>
contains only one component, Exim passes it to <em class="function">gethostbyname()</em> (or
<em class="function">getipnodebyname()</em> when available) in order to obtain the fully qualified
version. The variable <em class="varname">$primary_hostname</em> contains the host name, whether set
explicitly by this option, or defaulted.
</p>
<p>
<a id="id546328" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">print_topbitchars</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id546410" class="indexterm"></a>
<a id="id546421" class="indexterm"></a>
By default, Exim considers only those characters whose codes lie in the range
32–126 to be printing characters. In a number of circumstances (for example,
when writing log entries) non-printing characters are converted into escape
sequences, primarily to avoid messing up the layout. If <span><strong class="option">print_topbitchars</strong></span>
is set, code values of 128 and above are also considered to be printing
characters.
</p>
<p>
This option also affects the header syntax checks performed by the
<span><strong class="command">autoreply</strong></span> transport, and whether Exim uses RFC 2047 encoding of
the user’s full name when constructing From: and Sender: addresses (as
described in section <a href="ch44.html#SECTconstr" title="44.18 Constructed addresses">44.18</a>). Setting this option can cause
Exim to generate eight bit message headers that do not conform to the
standards.
</p>
<p>
<a id="id546473" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">process_log_path</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id546555" class="indexterm"></a>
<a id="id546566" class="indexterm"></a>
<a id="id546580" class="indexterm"></a>
This option sets the name of the file to which an Exim process writes its
“<span class="quote">process log</span>” when sent a USR1 signal. This is used by the <span class="emphasis"><em>exiwhat</em></span>
utility script. If this option is unset, the file called <em class="filename">exim-process.info</em>
in Exim’s spool directory is used. The ability to specify the name explicitly
can be useful in environments where two different Exims are running, using
different spool directories.
</p>
<p>
<a id="id546619" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">prod_requires_admin</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id546701" class="indexterm"></a>
<a id="id546713" class="indexterm"></a>
<a id="id546724" class="indexterm"></a>
The <span><strong class="option">-M</strong></span>, <span><strong class="option">-R</strong></span>, and <span><strong class="option">-q</strong></span> command-line options require the caller to be an
admin user unless <span><strong class="option">prod_requires_admin</strong></span> is set false. See also
<span><strong class="option">queue_list_requires_admin</strong></span>.
</p>
<p>
<a id="id546759" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">qualify_domain</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id546841" class="indexterm"></a>
<a id="id546856" class="indexterm"></a>
This option specifies the domain name that is added to any envelope sender
addresses that do not have a domain qualification. It also applies to
recipient addresses if <span><strong class="option">qualify_recipient</strong></span> is not set. Unqualified addresses
are accepted by default only for locally-generated messages. Qualification is
also applied to addresses in header lines such as <span class="emphasis"><em>From:</em></span> and <span class="emphasis"><em>To:</em></span> for
locally-generated messages, unless the <span><strong class="option">-bnq</strong></span> command line option is used.
</p>
<p>
Messages from external sources must always contain fully qualified addresses,
unless the sending host matches <span><strong class="option">sender_unqualified_hosts</strong></span> or
<span><strong class="option">recipient_unqualified_hosts</strong></span> (as appropriate), in which case incoming
addresses are qualified with <span><strong class="option">qualify_domain</strong></span> or <span><strong class="option">qualify_recipient</strong></span> as
necessary. Internally, Exim always works with fully qualified envelope
addresses. If <span><strong class="option">qualify_domain</strong></span> is not set, it defaults to the
<span><strong class="option">primary_hostname</strong></span> value.
</p>
<p>
<a id="id546926" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">qualify_recipient</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option allows you to specify a different domain for qualifying recipient
addresses to the one that is used for senders. See <span><strong class="option">qualify_domain</strong></span> above.
</p>
<p>
<a id="id547018" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id547102" class="indexterm"></a>
<a id="id547117" class="indexterm"></a>
<a id="id547129" class="indexterm"></a>
This option lists domains for which immediate delivery is not required.
A delivery process is started whenever a message is received, but only those
domains that do not match are processed. All other deliveries wait until the
next queue run. See also <span><strong class="option">hold_domains</strong></span> and <span><strong class="option">queue_smtp_domains</strong></span>.
</p>
<p>
<a id="id547158" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_list_requires_admin</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id547241" class="indexterm"></a>
The <span><strong class="option">-bp</strong></span> command-line option, which lists the messages that are on the
queue, requires the caller to be an admin user unless
<span><strong class="option">queue_list_requires_admin</strong></span> is set false. See also <span><strong class="option">prod_requires_admin</strong></span>.
</p>
<p>
<a id="id547269" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_only</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id547352" class="indexterm"></a>
<a id="id547363" class="indexterm"></a>
If <span><strong class="option">queue_only</strong></span> is set, a delivery process is not automatically started
whenever a message is received. Instead, the message waits on the queue for the
next queue run. Even if <span><strong class="option">queue_only</strong></span> is false, incoming messages may not get
delivered immediately when certain conditions (such as heavy load) occur.
</p>
<p>
The <span><strong class="option">-odq</strong></span> command line has the same effect as <span><strong class="option">queue_only</strong></span>. The <span><strong class="option">-odb</strong></span>
and <span><strong class="option">-odi</strong></span> command line options override <span><strong class="option">queue_only</strong></span> unless
<span><strong class="option">queue_only_override</strong></span> is set false. See also <span><strong class="option">queue_only_file</strong></span>,
<span><strong class="option">queue_only_load</strong></span>, and <span><strong class="option">smtp_accept_queue</strong></span>.
</p>
<p>
<a id="id547431" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_only_file</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id547513" class="indexterm"></a>
<a id="id547524" class="indexterm"></a>
This option can be set to a colon-separated list of absolute path names, each
one optionally preceded by “<span class="quote">smtp</span>”. When Exim is receiving a message,
it tests for the existence of each listed path using a call to <em class="function">stat()</em>. For
each path that exists, the corresponding queueing option is set.
For paths with no prefix, <span><strong class="option">queue_only</strong></span> is set; for paths prefixed by
“<span class="quote">smtp</span>”, <span><strong class="option">queue_smtp_domains</strong></span> is set to match all domains. So, for example,
</p>
<pre class="literallayout">queue_only_file = smtp/some/file
</pre><p>
causes Exim to behave as if <span><strong class="option">queue_smtp_domains</strong></span> were set to “<span class="quote">*</span>” whenever
<em class="filename">/some/file</em> exists.
</p>
<p>
<a id="id547594" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_only_load</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>fixed-point</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id547676" class="indexterm"></a>
<a id="id547687" class="indexterm"></a>
<a id="id547698" class="indexterm"></a>
If the system load average is higher than this value, incoming messages from
all sources are queued, and no automatic deliveries are started. If this
happens during local or remote SMTP input, all subsequent messages received on
the same SMTP connection are queued by default, whatever happens to the load in
the meantime, but this can be changed by setting <span><strong class="option">queue_only_load_latch</strong></span>
false.
</p>
<p>
Deliveries will subsequently be performed by queue runner processes. This
option has no effect on ancient operating systems on which Exim cannot
determine the load average. See also <span><strong class="option">deliver_queue_load_max</strong></span> and
<span><strong class="option">smtp_load_reserve</strong></span>.
</p>
<p>
<a id="id547741" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_only_load_latch</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id547823" class="indexterm"></a>
When this option is true (the default), once one message has been queued
because the load average is higher than the value set by <span><strong class="option">queue_only_load</strong></span>,
all subsequent messages received on the same SMTP connection are also queued.
This is a deliberate choice; even though the load average may fall below the
threshold, it doesn’t seem right to deliver later messages on the same
connection when not delivering earlier ones. However, there are special
circumstances such as very long-lived connections from scanning appliances
where this is not the best strategy. In such cases, <span><strong class="option">queue_only_load_latch</strong></span>
should be set false. This causes the value of the load average to be
re-evaluated for each message.
</p>
<p>
<a id="id547856" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_only_override</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id547938" class="indexterm"></a>
When this option is true, the <span><strong class="option">-od</strong></span><span class="emphasis"><em>x</em></span> command line options override the
setting of <span><strong class="option">queue_only</strong></span> or <span><strong class="option">queue_only_file</strong></span> in the configuration file. If
<span><strong class="option">queue_only_override</strong></span> is set false, the <span><strong class="option">-od</strong></span><span class="emphasis"><em>x</em></span> options cannot be used
to override; they are accepted, but ignored.
</p>
<p>
<a id="id547978" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_run_in_order</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id548061" class="indexterm"></a>
If this option is set, queue runs happen in order of message arrival instead of
in an arbitrary order. For this to happen, a complete list of the entire queue
must be set up before the deliveries start. When the queue is all held in a
single directory (the default), a single list is created for both the ordered
and the non-ordered cases. However, if <span><strong class="option">split_spool_directory</strong></span> is set, a
single list is not created when <span><strong class="option">queue_run_in_order</strong></span> is false. In this case,
the sub-directories are processed one at a time (in a random order), and this
avoids setting up one huge list for the whole queue. Thus, setting
<span><strong class="option">queue_run_in_order</strong></span> with <span><strong class="option">split_spool_directory</strong></span> may degrade performance
when the queue is large, because of the extra work in setting up the single,
large list. In most situations, <span><strong class="option">queue_run_in_order</strong></span> should not be set.
</p>
<p>
<a id="id548110" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_run_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>5</em></span></td></tr></tbody></table></div>
<p>
<a id="id548192" class="indexterm"></a>
This controls the maximum number of queue runner processes that an Exim daemon
can run simultaneously. This does not mean that it starts them all at once,
but rather that if the maximum number are still running when the time comes to
start another one, it refrains from starting another one. This can happen with
very large queues and/or very sluggish deliveries. This option does not,
however, interlock with other processes, so additional queue runners can be
started by other means, or by killing and restarting the daemon.
</p>
<p>
Setting this option to zero does not suppress queue runs; rather, it disables
the limit, allowing any number of simultaneous queue runner processes to be
run. If you do not want queue runs to occur, omit the <span><strong class="option">-q</strong></span><span class="emphasis"><em>xx</em></span> setting on
the daemon’s command line.
</p>
<p>
<a id="id548221" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">queue_smtp_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id548305" class="indexterm"></a>
<a id="id548317" class="indexterm"></a>
When this option is set, a delivery process is started whenever a message is
received, routing is performed, and local deliveries take place.
However, if any SMTP deliveries are required for domains that match
<span><strong class="option">queue_smtp_domains</strong></span>, they are not immediately delivered, but instead the
message waits on the queue for the next queue run. Since routing of the message
has taken place, Exim knows to which remote hosts it must be delivered, and so
when the queue run happens, multiple messages for the same host are delivered
over a single SMTP connection. The <span><strong class="option">-odqs</strong></span> command line option causes all
SMTP deliveries to be queued in this way, and is equivalent to setting
<span><strong class="option">queue_smtp_domains</strong></span> to “<span class="quote">*</span>”. See also <span><strong class="option">hold_domains</strong></span> and
<span><strong class="option">queue_domains</strong></span>.
</p>
<p>
<a id="id548368" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">receive_timeout</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>0s</em></span></td></tr></tbody></table></div>
<p>
<a id="id548449" class="indexterm"></a>
This option sets the timeout for accepting a non-SMTP message, that is, the
maximum time that Exim waits when reading a message on the standard input. If
the value is zero, it will wait for ever. This setting is overridden by the
<span><strong class="option">-or</strong></span> command line option. The timeout for incoming SMTP messages is
controlled by <span><strong class="option">smtp_receive_timeout</strong></span>.
</p>
<p>
<a id="id548480" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">received_header_text</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id548565" class="indexterm"></a>
<a id="id548581" class="indexterm"></a>
This string defines the contents of the <span class="emphasis"><em>Received:</em></span> message header that is
added to each message, except for the timestamp, which is automatically added
on at the end (preceded by a semicolon). The string is expanded each time it is
used. If the expansion yields an empty string, no <span class="emphasis"><em>Received:</em></span> header line is
added to the message. Otherwise, the string should start with the text
“<span class="quote">Received:</span>” and conform to the RFC 2822 specification for <span class="emphasis"><em>Received:</em></span>
header lines. The default setting is:
</p>
<pre class="literallayout">received_header_text = Received: \
  ${if def:sender_rcvhost {from $sender_rcvhost\n\t}\
  {${if def:sender_ident \
  {from ${quote_local_part:$sender_ident} }}\
  ${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}\
  by $primary_hostname \
  ${if def:received_protocol {with $received_protocol}} \
  ${if def:tls_cipher {($tls_cipher)\n\t}}\
  (Exim $version_number)\n\t\
  ${if def:sender_address \
  {(envelope-from &lt;$sender_address&gt;)\n\t}}\
  id $message_exim_id\
  ${if def:received_for {\n\tfor $received_for}}
</pre><p>
The reference to the TLS cipher is omitted when Exim is built without TLS
support. The use of conditional expansions ensures that this works for both
locally generated messages and messages received from remote hosts, giving
header lines such as the following:
</p>
<pre class="literallayout">Received: from scrooge.carol.example ([192.168.12.25] ident=root)
by marley.carol.example with esmtp (Exim 4.00)
(envelope-from &lt;bob@carol.example&gt;)
id 16IOWa-00019l-00
for chas@dickens.example; Tue, 25 Dec 2001 14:43:44 +0000
Received: by scrooge.carol.example with local (Exim 4.00)
id 16IOWW-000083-00; Tue, 25 Dec 2001 14:43:41 +0000
</pre><p>
Until the body of the message has been received, the timestamp is the time when
the message started to be received. Once the body has arrived, and all policy
checks have taken place, the timestamp is updated to the time at which the
message was accepted.
</p>
<p>
<a id="id548656" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">received_headers_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>30</em></span></td></tr></tbody></table></div>
<p>
<a id="id548738" class="indexterm"></a>
<a id="id548753" class="indexterm"></a>
<a id="id548764" class="indexterm"></a>
When a message is to be delivered, the number of <span class="emphasis"><em>Received:</em></span> headers is
counted, and if it is greater than this parameter, a mail loop is assumed to
have occurred, the delivery is abandoned, and an error message is generated.
This applies to both local and remote deliveries.
</p>
<p>
<a id="id548792" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">recipient_unqualified_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id548877" class="indexterm"></a>
<a id="id548889" class="indexterm"></a>
This option lists those hosts from which Exim is prepared to accept unqualified
recipient addresses in message envelopes. The addresses are made fully
qualified by the addition of the <span><strong class="option">qualify_recipient</strong></span> value. This option also
affects message header lines. Exim does not reject unqualified recipient
addresses in headers, but it qualifies them only if the message came from a
host that matches <span><strong class="option">recipient_unqualified_hosts</strong></span>,
or if the message was submitted locally (not using TCP/IP), and the <span><strong class="option">-bnq</strong></span>
option was not set.
</p>
<p>
<a id="id548926" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">recipients_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id549008" class="indexterm"></a>
<a id="id549022" class="indexterm"></a>
If this option is set greater than zero, it specifies the maximum number of
original recipients for any message. Additional recipients that are generated
by aliasing or forwarding do not count. SMTP messages get a 452 response for
all recipients over the limit; earlier recipients are delivered as normal.
Non-SMTP messages with too many recipients are failed, and no deliveries are
done.
</p>
<p>
<a id="id549047" class="indexterm"></a>
<span class="bold"><strong>Note</strong></span>: The RFCs specify that an SMTP server should accept at least 100
RCPT commands in a single message.
</p>
<p>
<a id="id549072" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">recipients_max_reject</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
If this option is set true, Exim rejects SMTP messages containing too many
recipients by giving 552 errors to the surplus RCPT commands, and a 554
error to the eventual DATA command. Otherwise (the default) it gives a 452
error to the surplus RCPT commands and accepts the message on behalf of the
initial set of recipients. The remote server should then re-send the message
for the remaining recipients at a later time.
</p>
<p>
<a id="id549165" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">remote_max_parallel</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>2</em></span></td></tr></tbody></table></div>
<p>
<a id="id549248" class="indexterm"></a>
This option controls parallel delivery of one message to a number of remote
hosts. If the value is less than 2, parallel delivery is disabled, and Exim
does all the remote deliveries for a message one by one. Otherwise, if a single
message has to be delivered to more than one remote host, or if several copies
have to be sent to the same remote host, up to <span><strong class="option">remote_max_parallel</strong></span>
deliveries are done simultaneously. If more than <span><strong class="option">remote_max_parallel</strong></span>
deliveries are required, the maximum number of processes are started, and as
each one finishes, another is begun. The order of starting processes is the
same as if sequential delivery were being done, and can be controlled by the
<span><strong class="option">remote_sort_domains</strong></span> option. If parallel delivery takes place while running
with debugging turned on, the debugging output from each delivery process is
tagged with its process id.
</p>
<p>
This option controls only the maximum number of parallel deliveries for one
message in one Exim delivery process. Because Exim has no central queue
manager, there is no way of controlling the total number of simultaneous
deliveries if the configuration allows a delivery attempt as soon as a message
is received.
</p>
<p>
<a id="id549299" class="indexterm"></a>
<a id="id549310" class="indexterm"></a>
If you want to control the total number of deliveries on the system, you
need to set the <span><strong class="option">queue_only</strong></span> option. This ensures that all incoming messages
are added to the queue without starting a delivery process. Then set up an Exim
daemon to start queue runner processes at appropriate intervals (probably
fairly often, for example, every minute), and limit the total number of queue
runners by setting the <span><strong class="option">queue_run_max</strong></span> parameter. Because each queue runner
delivers only one message at a time, the maximum number of deliveries that can
then take place at once is <span><strong class="option">queue_run_max</strong></span> multiplied by
<span><strong class="option">remote_max_parallel</strong></span>.
</p>
<p>
If it is purely remote deliveries you want to control, use
<span><strong class="option">queue_smtp_domains</strong></span> instead of <span><strong class="option">queue_only</strong></span>. This has the added benefit of
doing the SMTP routing before queueing, so that several messages for the same
host will eventually get delivered down the same connection.
</p>
<p>
<a id="id549367" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">remote_sort_domains</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>domain list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id549452" class="indexterm"></a>
<a id="id549463" class="indexterm"></a>
When there are a number of remote deliveries for a message, they are sorted by
domain into the order given by this list. For example,
</p>
<pre class="literallayout">remote_sort_domains = *.cam.ac.uk:*.uk
</pre><p>
would attempt to deliver to all addresses in the <span class="emphasis"><em>cam.ac.uk</em></span> domain first,
then to those in the <span><strong class="option">uk</strong></span> domain, then to any others.
</p>
<p>
<a id="id549501" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">retry_data_expire</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>7d</em></span></td></tr></tbody></table></div>
<p>
<a id="id549584" class="indexterm"></a>
This option sets a “<span class="quote">use before</span>” time on retry information in Exim’s hints
database. Any older retry data is ignored. This means that, for example, once a
host has not been tried for 7 days, Exim behaves as if it has no knowledge of
past failures.
</p>
<p>
<a id="id549608" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">retry_interval_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>24h</em></span></td></tr></tbody></table></div>
<p>
<a id="id549689" class="indexterm"></a>
<a id="id549704" class="indexterm"></a>
Chapter <a href="ch32.html" title="32. Retry configuration">32</a> describes Exim’s mechanisms for controlling the
intervals between delivery attempts for messages that cannot be delivered
straight away. This option sets an overall limit to the length of time between
retries. It cannot be set greater than 24 hours; any attempt to do so forces
the default value.
</p>
<p>
<a id="id549727" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">return_path_remove</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id549809" class="indexterm"></a>
RFC 2821, section 4.4, states that an SMTP server must insert a
<span class="emphasis"><em>Return-path:</em></span> header line into a message when it makes a “<span class="quote">final delivery</span>”.
The <span class="emphasis"><em>Return-path:</em></span> header preserves the sender address as received in the
MAIL command. This description implies that this header should not be present
in an incoming message. If <span><strong class="option">return_path_remove</strong></span> is true, any existing
<span class="emphasis"><em>Return-path:</em></span> headers are removed from messages at the time they are
received. Exim’s transports have options for adding <span class="emphasis"><em>Return-path:</em></span> headers at
the time of delivery. They are normally used only for final local deliveries.
</p>
<p>
<a id="id549861" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">return_size_limit</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>100K</em></span></td></tr></tbody></table></div>
<p>
This option is an obsolete synonym for <span><strong class="option">bounce_return_size_limit</strong></span>.
</p>
<p>
<a id="id549952" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">rfc1413_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>*</em></span></td></tr></tbody></table></div>
<p>
<a id="id550036" class="indexterm"></a>
<a id="id550047" class="indexterm"></a>
RFC 1413 identification calls are made to any client host which matches an item
in the list.
</p>
<p>
<a id="id550066" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">rfc1413_query_timeout</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>5s</em></span></td></tr></tbody></table></div>
<p>
<a id="id550149" class="indexterm"></a>
<a id="id550163" class="indexterm"></a>
This sets the timeout on RFC 1413 identification calls. If it is set to zero,
no RFC 1413 calls are ever made.
</p>
<p>
<a id="id550183" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">sender_unqualified_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id550268" class="indexterm"></a>
<a id="id550279" class="indexterm"></a>
This option lists those hosts from which Exim is prepared to accept unqualified
sender addresses. The addresses are made fully qualified by the addition of
<span><strong class="option">qualify_domain</strong></span>. This option also affects message header lines. Exim does
not reject unqualified addresses in headers that contain sender addresses, but
it qualifies them only if the message came from a host that matches
<span><strong class="option">sender_unqualified_hosts</strong></span>, or if the message was submitted locally (not
using TCP/IP), and the <span><strong class="option">-bnq</strong></span> option was not set.
</p>
<p>
<a id="id550314" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_keepalive</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id550397" class="indexterm"></a>
This option controls the setting of the SO_KEEPALIVE option on incoming
TCP/IP socket connections. When set, it causes the kernel to probe idle
connections periodically, by sending packets with “<span class="quote">old</span>” sequence numbers. The
other end of the connection should send an acknowledgment if the connection is
still okay or a reset if the connection has been aborted. The reason for doing
this is that it has the beneficial effect of freeing up certain types of
connection that can get stuck when the remote host is disconnected without
tidying up the TCP/IP call properly. The keepalive mechanism takes several
hours to detect unreachable hosts.
</p>
<p>
<a id="id550429" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_max</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>20</em></span></td></tr></tbody></table></div>
<p>
<a id="id550511" class="indexterm"></a>
<a id="id550526" class="indexterm"></a>
<a id="id550540" class="indexterm"></a>
This option specifies the maximum number of simultaneous incoming SMTP calls
that Exim will accept. It applies only to the listening daemon; there is no
control (in Exim) when incoming SMTP is being handled by <span class="emphasis"><em>inetd</em></span>. If the
value is set to zero, no limit is applied. However, it is required to be
non-zero if either <span><strong class="option">smtp_accept_max_per_host</strong></span> or <span><strong class="option">smtp_accept_queue</strong></span> is
set. See also <span><strong class="option">smtp_accept_reserve</strong></span> and <span><strong class="option">smtp_load_reserve</strong></span>.
</p>
<p>
A new SMTP connection is immediately rejected if the <span><strong class="option">smtp_accept_max</strong></span> limit
has been reached. If not, Exim first checks <span><strong class="option">smtp_accept_max_per_host</strong></span>. If
that limit has not been reached for the client host, <span><strong class="option">smtp_accept_reserve</strong></span>
and <span><strong class="option">smtp_load_reserve</strong></span> are then checked before accepting the connection.
</p>
<p>
<a id="id550602" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>10</em></span></td></tr></tbody></table></div>
<p>
<a id="id550685" class="indexterm"></a>
<a id="id550699" class="indexterm"></a>
Exim counts the number of “<span class="quote">non-mail</span>” commands in an SMTP session, and drops
the connection if there are too many. This option defines “<span class="quote">too many</span>”. The
check catches some denial-of-service attacks, repeated failing AUTHs, or a mad
client looping sending EHLO, for example. The check is applied only if the
client host matches <span><strong class="option">smtp_accept_max_nonmail_hosts</strong></span>.
</p>
<p>
When a new message is expected, one occurrence of RSET is not counted. This
allows a client to send one RSET between messages (this is not necessary,
but some clients do it). Exim also allows one uncounted occurrence of HELO
or EHLO, and one occurrence of STARTTLS between messages. After
starting up a TLS session, another EHLO is expected, and so it too is not
counted. The first occurrence of AUTH in a connection, or immediately
following STARTTLS is not counted. Otherwise, all commands other than
MAIL, RCPT, DATA, and QUIT are counted.
</p>
<p>
<a id="id550737" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_max_nonmail_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>*</em></span></td></tr></tbody></table></div>
<p>
You can control which hosts are subject to the <span><strong class="option">smtp_accept_max_nonmail</strong></span>
check by setting this option. The default value makes it apply to all hosts. By
changing the value, you can exclude any badly-behaved hosts that you have to
live with.
</p>
<p>
<a id="id550832" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_max_per_   connection</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>1000</em></span></td></tr></tbody></table></div>
<p>
<a id="id550916" class="indexterm"></a>
<a id="id550930" class="indexterm"></a>
The value of this option limits the number of MAIL commands that Exim is
prepared to accept over a single SMTP connection, whether or not each command
results in the transfer of a message. After the limit is reached, a 421
response is given to subsequent MAIL commands. This limit is a safety
precaution against a client that goes mad (incidents of this type have been
seen).
</p>
<p>
<a id="id550954" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_max_per_host</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id551039" class="indexterm"></a>
<a id="id551054" class="indexterm"></a>
This option restricts the number of simultaneous IP connections from a single
host (strictly, from a single IP address) to the Exim daemon. The option is
expanded, to enable different limits to be applied to different hosts by
reference to <em class="varname">$sender_host_address</em>. Once the limit is reached, additional
connection attempts from the same host are rejected with error code 421. This
is entirely independent of <span><strong class="option">smtp_accept_reserve</strong></span>. The option’s default value
of zero imposes no limit. If this option is set greater than zero, it is
required that <span><strong class="option">smtp_accept_max</strong></span> be non-zero.
</p>
<p>
<span class="bold"><strong>Warning</strong></span>: When setting this option you should not use any expansion
constructions that take an appreciable amount of time. The expansion and test
happen in the main daemon loop, in order to reject additional connections
without forking additional processes (otherwise a denial-of-service attack
could cause a vast number or processes to be created). While the daemon is
doing this processing, it cannot accept any other incoming connections.
</p>
<p>
<a id="id551111" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_queue</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id551193" class="indexterm"></a>
<a id="id551208" class="indexterm"></a>
<a id="id551219" class="indexterm"></a>
If the number of simultaneous incoming SMTP connections being handled via the
listening daemon exceeds this value, messages received by SMTP are just placed
on the queue; no delivery processes are started automatically. The count is
fixed at the start of an SMTP connection. It cannot be updated in the
subprocess that receives messages, and so the queueing or not queueing applies
to all messages received in the same connection.
</p>
<p>
A value of zero implies no limit, and clearly any non-zero value is useful only
if it is less than the <span><strong class="option">smtp_accept_max</strong></span> value (unless that is zero). See
also <span><strong class="option">queue_only</strong></span>, <span><strong class="option">queue_only_load</strong></span>, <span><strong class="option">queue_smtp_domains</strong></span>, and the
various <span><strong class="option">-od</strong></span><span class="emphasis"><em>x</em></span> command line options.
</p>
<p>
<a id="id551271" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_queue_per_   connection</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>10</em></span></td></tr></tbody></table></div>
<p>
<a id="id551354" class="indexterm"></a>
<a id="id551365" class="indexterm"></a>
This option limits the number of delivery processes that Exim starts
automatically when receiving messages via SMTP, whether via the daemon or by
the use of <span><strong class="option">-bs</strong></span> or <span><strong class="option">-bS</strong></span>. If the value of the option is greater than zero,
and the number of messages received in a single SMTP session exceeds this
number, subsequent messages are placed on the queue, but no delivery processes
are started. This helps to limit the number of Exim processes when a server
restarts after downtime and there is a lot of mail waiting for it on other
systems. On large systems, the default should probably be increased, and on
dial-in client systems it should probably be set to zero (that is, disabled).
</p>
<p>
<a id="id551392" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_accept_reserve</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>0</em></span></td></tr></tbody></table></div>
<p>
<a id="id551475" class="indexterm"></a>
<a id="id551489" class="indexterm"></a>
When <span><strong class="option">smtp_accept_max</strong></span> is set greater than zero, this option specifies a
number of SMTP connections that are reserved for connections from the hosts
that are specified in <span><strong class="option">smtp_reserve_hosts</strong></span>. The value set in
<span><strong class="option">smtp_accept_max</strong></span> includes this reserve pool. The specified hosts are not
restricted to this number of connections; the option specifies a minimum number
of connection slots for them, not a maximum. It is a guarantee that this group
of hosts can always get at least <span><strong class="option">smtp_accept_reserve</strong></span> connections. However,
the limit specified by <span><strong class="option">smtp_accept_max_per_host</strong></span> is still applied to each
individual host.
</p>
<p>
For example, if <span><strong class="option">smtp_accept_max</strong></span> is set to 50 and <span><strong class="option">smtp_accept_reserve</strong></span> is
set to 5, once there are 45 active connections (from any hosts), new
connections are accepted only from hosts listed in <span><strong class="option">smtp_reserve_hosts</strong></span>,
provided the other criteria for acceptance are met.
</p>
<p>
<a id="id551553" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_active_hostname</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id551638" class="indexterm"></a>
<a id="id551653" class="indexterm"></a>
<a id="id551667" class="indexterm"></a>
This option is provided for multi-homed servers that want to masquerade as
several different hosts. At the start of an incoming SMTP connection, its value
is expanded and used instead of the value of <em class="varname">$primary_hostname</em> in SMTP
responses. For example, it is used as domain name in the response to an
incoming HELO or EHLO command.
</p>
<p>
<a id="id551692" class="indexterm"></a>
The active hostname is placed in the <em class="varname">$smtp_active_hostname</em> variable, which
is saved with any messages that are received. It is therefore available for use
in routers and transports when the message is later delivered.
</p>
<p>
If this option is unset, or if its expansion is forced to fail, or if the
expansion results in an empty string, the value of <em class="varname">$primary_hostname</em> is
used. Other expansion failures cause a message to be written to the main and
panic logs, and the SMTP command receives a temporary error. Typically, the
value of <span><strong class="option">smtp_active_hostname</strong></span> depends on the incoming interface address.
For example:
</p>
<pre class="literallayout">smtp_active_hostname = ${if eq{$received_ip_address}{10.0.0.1}\
  {cox.mydomain}{box.mydomain}}
</pre><p>
Although <em class="varname">$smtp_active_hostname</em> is primarily concerned with incoming
messages, it is also used as the default for HELO commands in callout
verification if there is no remote transport from which to obtain a
<span><strong class="option">helo_data</strong></span> value.
</p>
<p>
<a id="id551755" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_banner</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id551840" class="indexterm"></a>
<a id="id551854" class="indexterm"></a>
<a id="id551865" class="indexterm"></a>
<a id="id551876" class="indexterm"></a>
This string, which is expanded every time it is used, is output as the initial
positive response to an SMTP connection. The default setting is:
</p>
<pre class="literallayout">smtp_banner = $smtp_active_hostname ESMTP Exim \
  $version_number $tod_full
</pre><p>
Failure to expand the string causes a panic error. If you want to create a
multiline response to the initial SMTP connection, use “<span class="quote">\n</span>” in the string at
appropriate points, but not at the end. Note that the 220 code is not included
in this string. Exim adds it automatically (several times in the case of a
multiline response).
</p>
<p>
<a id="id551918" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_check_spool_space</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id552000" class="indexterm"></a>
<a id="id552012" class="indexterm"></a>
<a id="id552023" class="indexterm"></a>
When this option is set, if an incoming SMTP session encounters the SIZE
option on a MAIL command, it checks that there is enough space in the
spool directory’s partition to accept a message of that size, while still
leaving free the amount specified by <span><strong class="option">check_spool_space</strong></span> (even if that value
is zero). If there isn’t enough space, a temporary error code is returned.
</p>
<p>
<a id="id552058" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_connect_backlog</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>20</em></span></td></tr></tbody></table></div>
<p>
<a id="id552139" class="indexterm"></a>
<a id="id552150" class="indexterm"></a>
<a id="id552165" class="indexterm"></a>
This option specifies a maximum number of waiting SMTP connections. Exim passes
this value to the TCP/IP system when it sets up its listener. Once this number
of connections are waiting for the daemon’s attention, subsequent connection
attempts are refused at the TCP/IP level. At least, that is what the manuals
say; in some circumstances such connection attempts have been observed to time
out instead. For large systems it is probably a good idea to increase the
value (to 50, say). It also gives some protection against denial-of-service
attacks by SYN flooding.
</p>
<p>
<a id="id552181" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_enforce_sync</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id552264" class="indexterm"></a>
<a id="id552278" class="indexterm"></a>
The SMTP protocol specification requires the client to wait for a response from
the server at certain points in the dialogue. Without PIPELINING these
synchronization points are after every command; with PIPELINING they are
fewer, but they still exist.
</p>
<p>
Some spamming sites send out a complete set of SMTP commands without waiting
for any response. Exim protects against this by rejecting a message if the
client has sent further input when it should not have. The error response “<span class="quote">554
SMTP synchronization error</span>” is sent, and the connection is dropped. Testing
for this error cannot be perfect because of transmission delays (unexpected
input may be on its way but not yet received when Exim checks). However, it
does detect many instances.
</p>
<p>
The check can be globally disabled by setting <span><strong class="option">smtp_enforce_sync</strong></span> false.
If you want to disable the check selectively (for example, only for certain
hosts), you can do so by an appropriate use of a <span><strong class="option">control</strong></span> modifier in an ACL
(see section <a href="ch40.html#SECTcontrols" title="40.20 Use of the control modifier">40.20</a>). See also <span><strong class="option">pipelining_advertise_hosts</strong></span>.
</p>
<p>
<a id="id552333" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_etrn_command</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id552417" class="indexterm"></a>
<a id="id552432" class="indexterm"></a>
If this option is set, the given command is run whenever an SMTP ETRN
command is received from a host that is permitted to issue such commands (see
chapter <a href="ch40.html" title="40. Access control lists">40</a>). The string is split up into separate arguments which
are independently expanded. The expansion variable <em class="varname">$domain</em> is set to the
argument of the ETRN command, and no syntax checking is done on it. For
example:
</p>
<pre class="literallayout">smtp_etrn_command = /etc/etrn_command $domain \
                    $sender_host_address
</pre><p>
A new process is created to run the command, but Exim does not wait for it to
complete. Consequently, its status cannot be checked. If the command cannot be
run, a line is written to the panic log, but the ETRN caller still receives
a 250 success response. Exim is normally running under its own uid when
receiving SMTP, so it is not possible for it to change the uid before running
the command.
</p>
<p>
<a id="id552481" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_etrn_serialize</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id552564" class="indexterm"></a>
When this option is set, it prevents the simultaneous execution of more than
one identical command as a result of ETRN in an SMTP connection. See
section <a href="ch45.html#SECTETRN" title="45.8 The ETRN command">45.8</a> for details.
</p>
<p>
<a id="id552590" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_load_reserve</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>fixed-point</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id552673" class="indexterm"></a>
If the system load average ever gets higher than this, incoming SMTP calls are
accepted only from those hosts that match an entry in <span><strong class="option">smtp_reserve_hosts</strong></span>.
If <span><strong class="option">smtp_reserve_hosts</strong></span> is not set, no incoming SMTP calls are accepted when
the load is over the limit. The option has no effect on ancient operating
systems on which Exim cannot determine the load average. See also
<span><strong class="option">deliver_queue_load_max</strong></span> and <span><strong class="option">queue_only_load</strong></span>.
</p>
<p>
<a id="id552708" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_max_synprot_errors</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>3</em></span></td></tr></tbody></table></div>
<p>
<a id="id552790" class="indexterm"></a>
<a id="id552805" class="indexterm"></a>
Exim rejects SMTP commands that contain syntax or protocol errors. In
particular, a syntactically invalid email address, as in this command:
</p>
<pre class="literallayout">RCPT TO:&lt;abc xyz@a.b.c&gt;
</pre><p>
causes immediate rejection of the command, before any other tests are done.
(The ACL cannot be run if there is no valid address to set up for it.) An
example of a protocol error is receiving RCPT before MAIL. If there are
too many syntax or protocol errors in one SMTP session, the connection is
dropped. The limit is set by this option.
</p>
<p>
<a id="id552838" class="indexterm"></a>
When the PIPELINING extension to SMTP is in use, some protocol errors are
“<span class="quote">expected</span>”, for instance, a RCPT command after a rejected MAIL command.
Exim assumes that PIPELINING will be used if it advertises it (see
<span><strong class="option">pipelining_advertise_hosts</strong></span>), and in this situation, “<span class="quote">expected</span>” errors do
not count towards the limit.
</p>
<p>
<a id="id552871" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_max_unknown_commands</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>integer</em></span></td><td align="right">Default: <span class="emphasis"><em>3</em></span></td></tr></tbody></table></div>
<p>
<a id="id552953" class="indexterm"></a>
<a id="id552968" class="indexterm"></a>
If there are too many unrecognized commands in an incoming SMTP session, an
Exim server drops the connection. This is a defence against some kinds of abuse
that subvert web
clients
into making connections to SMTP ports; in these circumstances, a number of
non-SMTP command lines are sent first.
</p>
<p>
<a id="id552991" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_ratelimit_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id553076" class="indexterm"></a>
<a id="id553090" class="indexterm"></a>
<a id="id553105" class="indexterm"></a>
Some sites find it helpful to be able to limit the rate at which certain hosts
can send them messages, and the rate at which an individual message can specify
recipients.
</p>
<p>
Exim has two rate-limiting facilities. This section describes the older
facility, which can limit rates within a single connection. The newer
<span><strong class="option">ratelimit</strong></span> ACL condition can limit rates across all connections. See section
<a href="ch40.html#SECTratelimiting" title="40.35 Rate limiting incoming messages">40.35</a> for details of the newer facility.
</p>
<p>
When a host matches <span><strong class="option">smtp_ratelimit_hosts</strong></span>, the values of
<span><strong class="option">smtp_ratelimit_mail</strong></span> and <span><strong class="option">smtp_ratelimit_rcpt</strong></span> are used to control the
rate of acceptance of MAIL and RCPT commands in a single SMTP session,
respectively. Each option, if set, must contain a set of four comma-separated
values:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
A threshold, before which there is no rate limiting.
</p>
</li><li><p>
An initial time delay. Unlike other times in Exim, numbers with decimal
fractional parts are allowed here.
</p>
</li><li><p>
A factor by which to increase the delay each time.
</p>
</li><li><p>
A maximum value for the delay. This should normally be less than 5 minutes,
because after that time, the client is liable to timeout the SMTP command.
</p>
</li></ul></div>
<p>
For example, these settings have been used successfully at the site which
first suggested this feature, for controlling mail from their customers:
</p>
<pre class="literallayout">smtp_ratelimit_mail = 2,0.5s,1.05,4m
smtp_ratelimit_rcpt = 4,0.25s,1.015,4m
</pre><p>
The first setting specifies delays that are applied to MAIL commands after
two have been received over a single connection. The initial delay is 0.5
seconds, increasing by a factor of 1.05 each time. The second setting applies
delays to RCPT commands when more than four occur in a single message.
</p>
<p>
<a id="id553220" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_ratelimit_mail</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">smtp_ratelimit_hosts</strong></span> above.
</p>
<p>
<a id="id553310" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_ratelimit_rcpt</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">smtp_ratelimit_hosts</strong></span> above.
</p>
<p>
<a id="id553400" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_receive_timeout</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>5m</em></span></td></tr></tbody></table></div>
<p>
<a id="id553482" class="indexterm"></a>
<a id="id553497" class="indexterm"></a>
This sets a timeout value for SMTP reception. It applies to all forms of SMTP
input, including batch SMTP. If a line of input (either an SMTP command or a
data line) is not received within this time, the SMTP connection is dropped and
the message is abandoned.
A line is written to the log containing one of the following messages:
</p>
<pre class="literallayout">SMTP command timeout on connection from...
SMTP data timeout on connection from...
</pre><p>
The former means that Exim was expecting to read an SMTP command; the latter
means that it was in the DATA phase, reading the contents of a message.
</p>
<p>
<a id="id553535" class="indexterm"></a>
The value set by this option can be overridden by the
<span><strong class="option">-os</strong></span> command-line option. A setting of zero time disables the timeout, but
this should never be used for SMTP over TCP/IP. (It can be useful in some cases
of local input using <span><strong class="option">-bs</strong></span> or <span><strong class="option">-bS</strong></span>.) For non-SMTP input, the reception
timeout is controlled by <span><strong class="option">receive_timeout</strong></span> and <span><strong class="option">-or</strong></span>.
</p>
<p>
<a id="id553572" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_reserve_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option defines hosts for which SMTP connections are reserved; see
<span><strong class="option">smtp_accept_reserve</strong></span> and <span><strong class="option">smtp_load_reserve</strong></span> above.
</p>
<p>
<a id="id553669" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">smtp_return_error_details</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id553752" class="indexterm"></a>
<a id="id553767" class="indexterm"></a>
In the default state, Exim uses bland messages such as
“<span class="quote">Administrative prohibition</span>” when it rejects SMTP commands for policy
reasons. Many sysadmins like this because it gives away little information
to spammers. However, some other sysadmins who are applying strict checking
policies want to give out much fuller information about failures. Setting
<span><strong class="option">smtp_return_error_details</strong></span> true causes Exim to be more forthcoming. For
example, instead of “<span class="quote">Administrative prohibition</span>”, it might give:
</p>
<pre class="literallayout">550-Rejected after DATA: '&gt;' missing at end of address:
550 failing address in "From" header is: &lt;user@dom.ain
</pre><p>
<a id="id553816" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">spamd_address</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
This option is available when Exim is compiled with the content-scanning
extension. It specifies how Exim connects to SpamAssassin’s <span><strong class="option">spamd</strong></span> daemon.
The default value is
</p>
<pre class="literallayout">127.0.0.1 783
</pre><p>
See section <a href="ch41.html#SECTscanspamass" title="41.2 Scanning with SpamAssassin">41.2</a> for more details.
</p>
<p>
<a id="id553927" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">split_spool_directory</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id554009" class="indexterm"></a>
<a id="id554020" class="indexterm"></a>
<a id="id554034" class="indexterm"></a>
If this option is set, it causes Exim to split its input directory into 62
subdirectories, each with a single alphanumeric character as its name. The
sixth character of the message id is used to allocate messages to
subdirectories; this is the least significant base-62 digit of the time of
arrival of the message.
</p>
<p>
Splitting up the spool in this way may provide better performance on systems
where there are long mail queues, by reducing the number of files in any one
directory. The msglog directory is also split up in a similar way to the input
directory; however, if <span><strong class="option">preserve_message_logs</strong></span> is set, all old msglog files
are still placed in the single directory <em class="filename">msglog.OLD</em>.
</p>
<p>
It is not necessary to take any special action for existing messages when
changing <span><strong class="option">split_spool_directory</strong></span>. Exim notices messages that are in the
“<span class="quote">wrong</span>” place, and continues to process them. If the option is turned off
after a period of being on, the subdirectories will eventually empty and be
automatically deleted.
</p>
<p>
When <span><strong class="option">split_spool_directory</strong></span> is set, the behaviour of queue runner processes
changes. Instead of creating a list of all messages in the queue, and then
trying to deliver each one in turn, it constructs a list of those in one
sub-directory and tries to deliver them, before moving on to the next
sub-directory. The sub-directories are processed in a random order. This
spreads out the scanning of the input directories, and uses less memory. It is
particularly beneficial when there are lots of messages on the queue. However,
if <span><strong class="option">queue_run_in_order</strong></span> is set, none of this new processing happens. The
entire queue has to be scanned and sorted before any deliveries can start.
</p>
<p>
<a id="id554101" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">spool_directory</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>set at compile time</em></span></td></tr></tbody></table></div>
<p>
<a id="id554186" class="indexterm"></a>
This defines the directory in which Exim keeps its spool, that is, the messages
it is waiting to deliver. The default value is taken from the compile-time
configuration setting, if there is one. If not, this option must be set. The
string is expanded, so it can contain, for example, a reference to
<em class="varname">$primary_hostname</em>.
</p>
<p>
If the spool directory name is fixed on your installation, it is recommended
that you set it at build time rather than from this option, particularly if the
log files are being written to the spool directory (see <span><strong class="option">log_file_path</strong></span>).
Otherwise log files cannot be used for errors that are detected early on, such
as failures in the configuration file.
</p>
<p>
By using this option to override the compiled-in path, it is possible to run
tests of Exim without using the standard spool.
</p>
<p>
<a id="id554230" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">sqlite_lock_timeout</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>5s</em></span></td></tr></tbody></table></div>
<p>
<a id="id554313" class="indexterm"></a>
This option controls the timeout that the <span><strong class="command">sqlite</strong></span> lookup uses when trying to
access an SQLite database. See section <a href="ch09.html#SECTsqlite" title="9.25 More about SQLite">9.25</a> for more details.
</p>
<p>
<a id="id554344" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">strict_acl_vars</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id554426" class="indexterm"></a>
This option controls what happens if a syntactically valid but undefined ACL
variable is referenced. If it is false (the default), an empty string
is substituted; if it is true, an error is generated. See section
<a href="ch40.html#SECTaclvariables" title="40.17 ACL variables">40.17</a> for details of ACL variables.
</p>
<p>
<a id="id554456" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">strip_excess_angle_brackets</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id554538" class="indexterm"></a>
If this option is set, redundant pairs of angle brackets round “<span class="quote">route-addr</span>”
items in addresses are stripped. For example, <span class="emphasis"><em>&lt;&lt;xxx@a.b.c.d&gt;&gt;</em></span> is
treated as <span class="emphasis"><em>&lt;xxx@a.b.c.d&gt;</em></span>. If this is in the envelope and the message is
passed on to another MTA, the excess angle brackets are not passed on. If this
option is not set, multiple pairs of angle brackets cause a syntax error.
</p>
<p>
<a id="id554570" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">strip_trailing_dot</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id554653" class="indexterm"></a>
<a id="id554664" class="indexterm"></a>
If this option is set, a trailing dot at the end of a domain in an address is
ignored. If this is in the envelope and the message is passed on to another
MTA, the dot is not passed on. If this option is not set, a dot at the end of a
domain causes a syntax error.
However, addresses in header lines are checked only when an ACL requests header
syntax checking.
</p>
<p>
<a id="id554688" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">syslog_duplication</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id554770" class="indexterm"></a>
When Exim is logging to syslog, it writes the log lines for its three
separate logs at different syslog priorities so that they can in principle
be separated on the logging hosts. Some installations do not require this
separation, and in those cases, the duplication of certain log lines is a
nuisance. If <span><strong class="option">syslog_duplication</strong></span> is set false, only one copy of any
particular log line is written to syslog. For lines that normally go to
both the main log and the reject log, the reject log version (possibly
containing message header lines) is written, at LOG_NOTICE priority.
Lines that normally go to both the main and the panic log are written at
the LOG_ALERT priority.
</p>
<p>
<a id="id554803" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">syslog_facility</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id554885" class="indexterm"></a>
This option sets the syslog “<span class="quote">facility</span>” name, used when Exim is logging to
syslog. The value must be one of the strings “<span class="quote">mail</span>”, “<span class="quote">user</span>”, “<span class="quote">news</span>”,
“<span class="quote">uucp</span>”, “<span class="quote">daemon</span>”, or “<span class="quote">local<span class="emphasis"><em>x</em></span></span>” where <span class="emphasis"><em>x</em></span> is a digit between 0 and 7.
If this option is unset, “<span class="quote">mail</span>” is used. See chapter <a href="ch49.html" title="49. Log files">49</a> for
details of Exim’s logging.
</p>
<p>
<a id="id554948" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">syslog_processname</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em><code class="literal">exim</code></em></span></td></tr></tbody></table></div>
<p>
<a id="id555033" class="indexterm"></a>
This option sets the syslog “<span class="quote">ident</span>” name, used when Exim is logging to
syslog. The value must be no longer than 32 characters. See chapter
<a href="ch49.html" title="49. Log files">49</a> for details of Exim’s logging.
</p>
<p>
<a id="id555063" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">syslog_timestamp</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id555145" class="indexterm"></a>
If <span><strong class="option">syslog_timestamp</strong></span> is set false, the timestamps on Exim’s log lines are
omitted when these lines are sent to syslog. See chapter <a href="ch49.html" title="49. Log files">49</a> for
details of Exim’s logging.
</p>
<p>
<a id="id555179" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555263" class="indexterm"></a>
<a id="id555278" class="indexterm"></a>
<a id="id555292" class="indexterm"></a>
This option specifies an Exim filter file that is applied to all messages at
the start of each delivery attempt, before any routing is done. System filters
must be Exim filters; they cannot be Sieve filters. If the system filter
generates any deliveries to files or pipes, or any new mail messages, the
appropriate <span><strong class="option">system_filter_..._transport</strong></span> option(s) must be set, to define
which transports are to be used. Details of this facility are given in chapter
<a href="ch43.html" title="43. System-wide message filtering">43</a>.
</p>
<p>
<a id="id555327" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_directory_transport</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555413" class="indexterm"></a>
This sets the name of the transport driver that is to be used when the
<span><strong class="option">save</strong></span> command in a system message filter specifies a path ending in “<span class="quote">/</span>”,
implying delivery of each message into a separate file in some directory.
During the delivery, the variable <em class="varname">$address_file</em> contains the path name.
</p>
<p>
<a id="id555442" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_file_transport</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555527" class="indexterm"></a>
This sets the name of the transport driver that is to be used when the <span><strong class="option">save</strong></span>
command in a system message filter specifies a path not ending in “<span class="quote">/</span>”. During
the delivery, the variable <em class="varname">$address_file</em> contains the path name.
</p>
<p>
<a id="id555559" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_group</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555642" class="indexterm"></a>
This option is used only when <span><strong class="option">system_filter_user</strong></span> is also set. It sets the
gid under which the system filter is run, overriding any gid that is associated
with the user. The value may be numerical or symbolic.
</p>
<p>
<a id="id555667" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_pipe_transport</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555752" class="indexterm"></a>
<a id="id555771" class="indexterm"></a>
This specifies the transport driver that is to be used when a <span><strong class="option">pipe</strong></span> command
is used in a system filter. During the delivery, the variable <em class="varname">$address_pipe</em>
contains the pipe command.
</p>
<p>
<a id="id555796" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_reply_transport</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555881" class="indexterm"></a>
This specifies the transport driver that is to be used when a <span><strong class="option">mail</strong></span> command
is used in a system filter.
</p>
<p>
<a id="id555909" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">system_filter_user</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id555992" class="indexterm"></a>
If this option is not set, the system filter is run in the main Exim delivery
process, as root. When the option is set, the system filter runs in a separate
process, as the given user. Unless the string consists entirely of digits, it
is looked up in the password data. Failure to find the named user causes a
configuration error. The gid is either taken from the password data, or
specified by <span><strong class="option">system_filter_group</strong></span>. When the uid is specified numerically,
<span><strong class="option">system_filter_group</strong></span> is required to be set.
</p>
<p>
If the system filter generates any pipe, file, or reply deliveries, the uid
under which the filter is run is used when transporting them, unless a
transport option overrides. Normally you should set <span><strong class="option">system_filter_user</strong></span> if
your system filter generates these kinds of delivery.
</p>
<p>
<a id="id556036" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tcp_nodelay</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id556118" class="indexterm"></a>
<a id="id556133" class="indexterm"></a>
<a id="id556144" class="indexterm"></a>
If this option is set false, it stops the Exim daemon setting the
TCP_NODELAY option on its listening sockets. Setting TCP_NODELAY
turns off the “<span class="quote">Nagle algorithm</span>”, which is a way of improving network
performance in interactive (character-by-character) situations. Turning it off
should improve Exim’s performance a bit, so that is what happens by default.
However, it appears that some broken clients cannot cope, and time out. Hence
this option. It affects only those sockets that are set up for listening by the
daemon. Sockets created by the smtp transport for delivering mail always set
TCP_NODELAY.
</p>
<p>
<a id="id556167" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">timeout_frozen_after</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>time</em></span></td><td align="right">Default: <span class="emphasis"><em>0s</em></span></td></tr></tbody></table></div>
<p>
<a id="id556249" class="indexterm"></a>
<a id="id556264" class="indexterm"></a>
If <span><strong class="option">timeout_frozen_after</strong></span> is set to a time greater than zero, a frozen
message of any kind that has been on the queue for longer than the given time
is automatically cancelled at the next queue run. If the frozen message is a
bounce message, it is just discarded; otherwise, a bounce is sent to the
sender, in a similar manner to cancellation by the <span><strong class="option">-Mg</strong></span> command line option.
If you want to timeout frozen bounce messages earlier than other kinds of
frozen message, see <span><strong class="option">ignore_bounce_errors_after</strong></span>.
</p>
<p>
<span class="bold"><strong>Note:</strong></span> the default value of zero means no timeouts; with this setting,
frozen messages remain on the queue forever (except for any frozen bounce
messages that are released by <span><strong class="option">ignore_bounce_errors_after</strong></span>).
</p>
<p>
<a id="id556316" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">timezone</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id556398" class="indexterm"></a>
The value of <span><strong class="option">timezone</strong></span> is used to set the environment variable TZ while
running Exim (if it is different on entry). This ensures that all timestamps
created by Exim are in the required timezone. If you want all your timestamps
to be in UTC (aka GMT) you should set
</p>
<pre class="literallayout">timezone = UTC
</pre><p>
The default value is taken from TIMEZONE_DEFAULT in <em class="filename">Local/Makefile</em>,
or, if that is not set, from the value of the TZ environment variable when Exim
is built. If <span><strong class="option">timezone</strong></span> is set to the empty string, either at build or run
time, any existing TZ variable is removed from the environment when Exim
runs. This is appropriate behaviour for obtaining wall-clock time on some, but
unfortunately not all, operating systems.
</p>
<p>
<a id="id556447" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_advertise_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id556532" class="indexterm"></a>
<a id="id556546" class="indexterm"></a>
<a id="id556561" class="indexterm"></a>
When Exim is built with support for TLS encrypted connections, the availability
of the STARTTLS command to set up an encrypted session is advertised in
response to EHLO only to those client hosts that match this option. See
chapter <a href="ch39.html" title="39. Encrypted SMTP connections using TLS/SSL">39</a> for details of Exim’s support for TLS.
</p>
<p>
<a id="id556587" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_certificate</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id556672" class="indexterm"></a>
<a id="id556685" class="indexterm"></a>
The value of this option is expanded, and must then be the absolute path to a
file which contains the server’s certificates. The server’s private key is also
assumed to be in this file if <span><strong class="option">tls_privatekey</strong></span> is unset. See chapter
<a href="ch39.html" title="39. Encrypted SMTP connections using TLS/SSL">39</a> for further details.
</p>
<p>
<span class="bold"><strong>Note</strong></span>: The certificates defined by this option are used only when Exim is
receiving incoming messages as a server. If you want to supply certificates for
use when sending messages as a client, you must set the <span><strong class="option">tls_certificate</strong></span>
option in the relevant <span><strong class="command">smtp</strong></span> transport.
</p>
<p>
<a id="id556739" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_crl</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id556824" class="indexterm"></a>
<a id="id556838" class="indexterm"></a>
This option specifies a certificate revocation list. The expanded value must
be the name of a file that contains a CRL in PEM format.
</p>
<p>
<a id="id556859" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_dhparam</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id556943" class="indexterm"></a>
The value of this option is expanded, and must then be the absolute path to
a file which contains the server’s DH parameter values.
This is used only for OpenSSL. When Exim is linked with GnuTLS, this option is
ignored. See section <a href="ch39.html#SECTopenvsgnu" title="39.2 OpenSSL vs GnuTLS">39.2</a> for further details.
</p>
<p>
<a id="id556968" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_on_connect_ports</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
This option specifies a list of incoming SSMTP (aka SMTPS) ports that should
operate the obsolete SSMTP (SMTPS) protocol, where a TLS session is immediately
set up without waiting for the client to issue a STARTTLS command. For
further details, see section <a href="ch13.html#SECTsupobssmt" title="13.4 Support for the obsolete SSMTP (or SMTPS) protocol">13.4</a>.
</p>
<p>
<a id="id557064" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_privatekey</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557148" class="indexterm"></a>
The value of this option is expanded, and must then be the absolute path to a
file which contains the server’s private key. If this option is unset, or if
the expansion is forced to fail, or the result is an empty string, the private
key is assumed to be in the same file as the server’s certificates. See chapter
<a href="ch39.html" title="39. Encrypted SMTP connections using TLS/SSL">39</a> for further details.
</p>
<p>
<a id="id557172" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_remember_esmtp</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>false</em></span></td></tr></tbody></table></div>
<p>
<a id="id557254" class="indexterm"></a>
<a id="id557268" class="indexterm"></a>
If this option is set true, Exim violates the RFCs by remembering that it is in
“<span class="quote">esmtp</span>” state after successfully negotiating a TLS session. This provides
support for broken clients that fail to send a new EHLO after starting a
TLS session.
</p>
<p>
<a id="id557293" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_require_ciphers</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557378" class="indexterm"></a>
<a id="id557393" class="indexterm"></a>
This option controls which ciphers can be used for incoming TLS connections.
The <span><strong class="command">smtp</strong></span> transport has an option of the same name for controlling outgoing
connections. This option is expanded for each connection, so can be varied for
different clients if required. The value of this option must be a list of
permitted cipher suites. The OpenSSL and GnuTLS libraries handle cipher control
in somewhat different ways. If GnuTLS is being used, the client controls the
preference order of the available ciphers. Details are given in sections
<a href="ch39.html#SECTreqciphssl" title="39.4 Requiring specific ciphers in OpenSSL">39.4</a> and <a href="ch39.html#SECTreqciphgnu" title="39.5 Requiring specific ciphers or other parameters in GnuTLS">39.5</a>.
</p>
<p>
<a id="id557438" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_try_verify_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557522" class="indexterm"></a>
<a id="id557537" class="indexterm"></a>
See <span><strong class="option">tls_verify_hosts</strong></span> below.
</p>
<p>
<a id="id557559" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_verify_certificates</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557644" class="indexterm"></a>
<a id="id557658" class="indexterm"></a>
The value of this option is expanded, and must then be the absolute path to
a file containing permitted certificates for clients that
match <span><strong class="option">tls_verify_hosts</strong></span> or <span><strong class="option">tls_try_verify_hosts</strong></span>. Alternatively, if you
are using OpenSSL, you can set <span><strong class="option">tls_verify_certificates</strong></span> to the name of a
directory containing certificate files. This does not work with GnuTLS; the
option must be set to the name of a single file if you are using GnuTLS.
</p>
<p>
<a id="id557694" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">tls_verify_hosts</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>host list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557779" class="indexterm"></a>
<a id="id557794" class="indexterm"></a>
This option, along with <span><strong class="option">tls_try_verify_hosts</strong></span>, controls the checking of
certificates from clients. The expected certificates are defined by
<span><strong class="option">tls_verify_certificates</strong></span>, which must be set. A configuration error occurs if
either <span><strong class="option">tls_verify_hosts</strong></span> or <span><strong class="option">tls_try_verify_hosts</strong></span> is set and
<span><strong class="option">tls_verify_certificates</strong></span> is not set.
</p>
<p>
Any client that matches <span><strong class="option">tls_verify_hosts</strong></span> is constrained by
<span><strong class="option">tls_verify_certificates</strong></span>. When the client initiates a TLS session, it must
present one of the listed certificates. If it does not, the connection is
aborted. <span class="bold"><strong>Warning</strong></span>: Including a host in <span><strong class="option">tls_verify_hosts</strong></span> does not require
the host to use TLS. It can still send SMTP commands through unencrypted
connections. Forcing a client to use TLS has to be done separately using an
ACL to reject inappropriate commands when the connection is not encrypted.
</p>
<p>
A weaker form of checking is provided by <span><strong class="option">tls_try_verify_hosts</strong></span>. If a client
matches this option (but not <span><strong class="option">tls_verify_hosts</strong></span>), Exim requests a
certificate and checks it against <span><strong class="option">tls_verify_certificates</strong></span>, but does not
abort the connection if there is no certificate or if it does not match. This
state can be detected in an ACL, which makes it possible to implement policies
such as “<span class="quote">accept for relay only if a verified certificate has been received,
but accept for local delivery if encrypted, even without a verified
certificate</span>”.
</p>
<p>
Client hosts that match neither of these lists are not asked to present
certificates.
</p>
<p>
<a id="id557893" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">trusted_groups</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id557978" class="indexterm"></a>
<a id="id557989" class="indexterm"></a>
This option is expanded just once, at the start of Exim’s processing. If this
option is set, any process that is running in one of the listed groups, or
which has one of them as a supplementary group, is trusted. The groups can be
specified numerically or by name. See section <a href="ch05.html#SECTtrustedadmin" title="5.2 Trusted and admin users">5.2</a> for
details of what trusted callers are permitted to do. If neither
<span><strong class="option">trusted_groups</strong></span> nor <span><strong class="option">trusted_users</strong></span> is set, only root and the Exim user
are trusted.
</p>
<p>
<a id="id558022" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">trusted_users</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id558107" class="indexterm"></a>
<a id="id558118" class="indexterm"></a>
This option is expanded just once, at the start of Exim’s processing. If this
option is set, any process that is running as one of the listed users is
trusted. The users can be specified numerically or by name. See section
<a href="ch05.html#SECTtrustedadmin" title="5.2 Trusted and admin users">5.2</a> for details of what trusted callers are permitted to do.
If neither <span><strong class="option">trusted_groups</strong></span> nor <span><strong class="option">trusted_users</strong></span> is set, only root and the
Exim user are trusted.
</p>
<p>
<a id="id558151" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">unknown_login</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id558236" class="indexterm"></a>
<a id="id558250" class="indexterm"></a>
This is a specialized feature for use in unusual configurations. By default, if
the uid of the caller of Exim cannot be looked up using <em class="function">getpwuid()</em>, Exim
gives up. The <span><strong class="option">unknown_login</strong></span> option can be used to set a login name to be
used in this circumstance. It is expanded, so values like <span><strong class="option">user$caller_uid</strong></span>
can be set. When <span><strong class="option">unknown_login</strong></span> is used, the value of <span><strong class="option">unknown_username</strong></span>
is used for the user’s real name (gecos field), unless this has been set by the
<span><strong class="option">-F</strong></span> option.
</p>
<p>
<a id="id558298" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">unknown_username</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">unknown_login</strong></span>.
</p>
<p>
<a id="id558387" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">untrusted_set_sender</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>address list</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id558472" class="indexterm"></a>
<a id="id558483" class="indexterm"></a>
<a id="id558498" class="indexterm"></a>
<a id="id558509" class="indexterm"></a>
<a id="id558524" class="indexterm"></a>
When an untrusted user submits a message to Exim using the standard input, Exim
normally creates an envelope sender address from the user’s login and the
default qualification domain. Data from the <span><strong class="option">-f</strong></span> option (for setting envelope
senders on non-SMTP messages) or the SMTP MAIL command (if <span><strong class="option">-bs</strong></span> or <span><strong class="option">-bS</strong></span>
is used) is ignored.
</p>
<p>
However, untrusted users are permitted to set an empty envelope sender address,
to declare that a message should never generate any bounces. For example:
</p>
<pre class="literallayout">exim -f '&lt;&gt;' user@domain.example
</pre><p>
<a id="id558571" class="indexterm"></a>
The <span><strong class="option">untrusted_set_sender</strong></span> option allows you to permit untrusted users to set
other envelope sender addresses in a controlled way. When it is set, untrusted
users are allowed to set envelope sender addresses that match any of the
patterns in the list. Like all address lists, the string is expanded. The
identity of the user is in <em class="varname">$sender_ident</em>, so you can, for example, restrict
users to setting senders that start with their login ids
followed by a hyphen
by a setting like this:
</p>
<pre class="literallayout">untrusted_set_sender = ^$sender_ident-
</pre><p>
If you want to allow untrusted users to set envelope sender addresses without
restriction, you can use
</p>
<pre class="literallayout">untrusted_set_sender = *
</pre><p>
The <span><strong class="option">untrusted_set_sender</strong></span> option applies to all forms of local input, but
only to the setting of the envelope sender. It does not permit untrusted users
to use the other options which trusted user can use to override message
parameters. Furthermore, it does not stop Exim from removing an existing
<span class="emphasis"><em>Sender:</em></span> header in the message, or from adding a <span class="emphasis"><em>Sender:</em></span> header if
necessary. See <span><strong class="option">local_sender_retain</strong></span> and <span><strong class="option">local_from_check</strong></span> for ways of
overriding these actions. The handling of the <span class="emphasis"><em>Sender:</em></span> header is also
described in section <a href="ch44.html#SECTthesenhea" title="44.16 The Sender: header line">44.16</a>.
</p>
<p>
The log line for a message’s arrival shows the envelope sender following
“<span class="quote">&lt;=</span>”. For local messages, the user’s login always follows, after “<span class="quote">U=</span>”. In
<span><strong class="option">-bp</strong></span> displays, and in the Exim monitor, if an untrusted user sets an
envelope sender address, the user’s login is shown in parentheses after the
sender address.
</p>
<p>
<a id="id558684" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">uucp_from_pattern</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>see below</em></span></td></tr></tbody></table></div>
<p>
<a id="id558766" class="indexterm"></a>
<a id="id558780" class="indexterm"></a>
Some applications that pass messages to an MTA via a command line interface use
an initial line starting with “<span class="quote">From </span>” to pass the envelope sender. In
particular, this is used by UUCP software. Exim recognizes such a line by means
of a regular expression that is set in <span><strong class="option">uucp_from_pattern</strong></span>. When the pattern
matches, the sender address is constructed by expanding the contents of
<span><strong class="option">uucp_from_sender</strong></span>, provided that the caller of Exim is a trusted user. The
default pattern recognizes lines in the following two forms:
</p>
<pre class="literallayout">From ph10 Fri Jan  5 12:35 GMT 1996
From ph10 Fri, 7 Jan 97 14:00:00 GMT
</pre><p>
The pattern can be seen by running
</p>
<pre class="literallayout">exim -bP uucp_from_pattern
</pre><p>
It checks only up to the hours and minutes, and allows for a 2-digit or 4-digit
year in the second case. The first word after “<span class="quote">From </span>” is matched in the
regular expression by a parenthesized subpattern. The default value for
<span><strong class="option">uucp_from_sender</strong></span> is “<span class="quote">$1</span>”, which therefore just uses this first word
(“<span class="quote">ph10</span>” in the example above) as the message’s sender. See also
<span><strong class="option">ignore_fromline_hosts</strong></span>.
</p>
<p>
<a id="id558866" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">uucp_from_sender</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span>†<span class="emphasis"><em></em></span></td><td align="right">Default: <span class="emphasis"><em><code class="literal">$1</code></em></span></td></tr></tbody></table></div>
<p>
See <span><strong class="option">uucp_from_pattern</strong></span> above.
</p>
<p>
<a id="id558960" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">warn_message_file</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>string</em></span></td><td align="right">Default: <span class="emphasis"><em>unset</em></span></td></tr></tbody></table></div>
<p>
<a id="id559314" class="indexterm"></a>
<a id="id559329" class="indexterm"></a>
This option defines a template file containing paragraphs of text to be used
for constructing the warning message which is sent by Exim when a message has
been on the queue for a specified amount of time, as specified by
<span><strong class="option">delay_warning</strong></span>. Details of the file’s contents are given in chapter
<a href="ch46.html" title="46. Customizing bounce and warning messages">46</a>. See also <span><strong class="option">bounce_message_file</strong></span>.
</p>
<p>
<a id="id559366" class="indexterm"></a>
</p>
<div class="informaltable">
<table border="1"><colgroup><col align="left" /><col align="center" /><col align="center" /><col align="right" /></colgroup><tbody><tr><td align="left"><span><strong class="option">write_rejectlog</strong></span></td><td align="center">Use: <span class="emphasis"><em>main</em></span></td><td align="center">Type: <span class="emphasis"><em>boolean</em></span></td><td align="right">Default: <span class="emphasis"><em>true</em></span></td></tr></tbody></table></div>
<p>
<a id="id559448" class="indexterm"></a>
If this option is set false, Exim no longer writes anything to the reject log.
See chapter <a href="ch49.html" title="49. Log files">49</a> for details of what Exim writes to its logs.
<a id="id559470" class="indexterm"></a>
<a id="id559482" class="indexterm"></a>
</p>
</div>
</div>
<div class="navfooter">
<table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ch13.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="ch15.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div>
</body></html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional