<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><style xmlns="" type="text/css">
div.added { background-color: #ffff99; }
div.deleted { text-decoration: line-through;
background-color: #FF7F7F; }
div.changed { background-color: #99ff99; }
div.off { }
span.added { background-color: #ffff99; }
span.deleted { text-decoration: line-through;
background-color: #FF7F7F; }
span.changed { background-color: #99ff99; }
span.off { }
pre.literallayout {
background-color: #E8E8D0;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div[class=changed] pre.literallayout {
background-color: #99ff99;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div.literallayout {
background-color: #E8E8D0;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div[class=changed] div.literallayout {
background-color: #99ff99;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
</style><title>50. Exim utilities</title><meta name="generator" content="DocBook XSL Stylesheets V1.72.0" /><link rel="start" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="up" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="prev" href="ch49.html" title="49. Log files" /><link rel="next" href="ch51.html" title="51. The Exim monitor" /></head><body><div class="navheader">
<table width="100%" summary="Navigation header"><tr><td width="20%" align="left"><a accesskey="p" href="ch49.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ch51.html">Next</a></td></tr></table></div>
<div class="chapter" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h2 class="title"><a href="index.html#toc0452" id="CHAPutils">50. Exim utilities</a></h2></div>
</div>
</div>
<p>
<a id="IIDutils" class="indexterm"></a>
A number of utility scripts and programs are supplied with Exim and are
described in this chapter. There is also the Exim Monitor, which is covered in
the next chapter. The utilities described here are:
</p>
<div class="informaltable">
<table border="0"><colgroup><col align="left" /><col align="left" /><col align="left" /></colgroup><tbody><tr><td align="left"> <a href="ch50.html#SECTfinoutwha" title="50.1 Finding out what Exim processes are doing (exiwhat)">50.1</a></td><td align="left"><span class="emphasis"><em>exiwhat</em></span></td><td align="left">list what Exim processes are doing</td></tr><tr><td align="left"> <a href="ch50.html#SECTgreptheque" title="50.2 Selective queue listing (exiqgrep)">50.2</a></td><td align="left"><span class="emphasis"><em>exiqgrep</em></span></td><td align="left">grep the queue</td></tr><tr><td align="left"> <a href="ch50.html#SECTsumtheque" title="50.3 Summarizing the queue (exiqsumm)">50.3</a></td><td align="left"><span class="emphasis"><em>exiqsumm</em></span></td><td align="left">summarize the queue</td></tr><tr><td align="left"> <a href="ch50.html#SECTextspeinf" title="50.4 Extracting specific information from the log (exigrep)">50.4</a></td><td align="left"><span class="emphasis"><em>exigrep</em></span></td><td align="left">search the main log</td></tr><tr><td align="left"> <a href="ch50.html#SECTexipick" title="50.5 Selecting messages by various criteria (exipick)">50.5</a></td><td align="left"><span class="emphasis"><em>exipick</em></span></td><td align="left">select messages on various criteria</td></tr><tr><td align="left"> <a href="ch50.html#SECTcyclogfil" title="50.6 Cycling log files (exicyclog)">50.6</a></td><td align="left"><span class="emphasis"><em>exicyclog</em></span></td><td align="left">cycle (rotate) log files</td></tr><tr><td align="left"> <a href="ch50.html#SECTmailstat" title="50.7 Mail statistics (eximstats)">50.7</a></td><td align="left"><span class="emphasis"><em>eximstats</em></span></td><td align="left">extract statistics from the log</td></tr><tr><td align="left"> <a href="ch50.html#SECTcheckaccess" title="50.8 Checking access policy (exim_checkaccess)">50.8</a></td><td align="left"><span class="emphasis"><em>exim_checkaccess</em></span></td><td align="left">check address acceptance from given IP</td></tr><tr><td align="left"> <a href="ch50.html#SECTdbmbuild" title="50.9 Making DBM files (exim_dbmbuild)">50.9</a></td><td align="left"><span class="emphasis"><em>exim_dbmbuild</em></span></td><td align="left">build a DBM file</td></tr><tr><td align="left"> <a href="ch50.html#SECTfinindret" title="50.10 Finding individual retry times (exinext)">50.10</a></td><td align="left"><span class="emphasis"><em>exinext</em></span></td><td align="left">extract retry information</td></tr><tr><td align="left"> <a href="ch50.html#SECThindatmai" title="50.11 Hints database maintenance">50.11</a></td><td align="left"><span class="emphasis"><em>exim_dumpdb</em></span></td><td align="left">dump a hints database</td></tr><tr><td align="left"> <a href="ch50.html#SECThindatmai" title="50.11 Hints database maintenance">50.11</a></td><td align="left"><span class="emphasis"><em>exim_tidydb</em></span></td><td align="left">clean up a hints database</td></tr><tr><td align="left"> <a href="ch50.html#SECThindatmai" title="50.11 Hints database maintenance">50.11</a></td><td align="left"><span class="emphasis"><em>exim_fixdb</em></span></td><td align="left">patch a hints database</td></tr><tr><td align="left"> <a href="ch50.html#SECTmailboxmaint" title="50.15 Mailbox maintenance (exim_lock)">50.15</a></td><td align="left"><span class="emphasis"><em>exim_lock</em></span></td><td align="left">lock a mailbox file</td></tr></tbody></table></div>
<p>
Another utility that might be of use to sites with many MTAs is Tom Kistner’s
<span class="emphasis"><em>exilog</em></span>. It provides log visualizations across multiple Exim servers. See
<span class="bold"><strong><a href="http://duncanthrax.net/exilog/" target="_top">http://duncanthrax.net/exilog/</a></strong></span> for details.
</p>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0453" id="SECTfinoutwha">50.1 Finding out what Exim processes are doing (exiwhat)</a></h3></div>
</div>
</div>
<p>
<a id="id653637" class="indexterm"></a>
<a id="id653649" class="indexterm"></a>
<a id="id653660" class="indexterm"></a>
On operating systems that can restart a system call after receiving a signal
(most modern OS), an Exim process responds to the SIGUSR1 signal by writing
a line describing what it is doing to the file <em class="filename">exim-process.info</em> in the
Exim spool directory. The <span class="emphasis"><em>exiwhat</em></span> script sends the signal to all Exim
processes it can find, having first emptied the file. It then waits for one
second to allow the Exim processes to react before displaying the results. In
order to run <span class="emphasis"><em>exiwhat</em></span> successfully you have to have sufficient privilege to
send the signal to the Exim processes, so it is normally run as root.
</p>
<p>
<span class="bold"><strong>Warning</strong></span>: This is not an efficient process. It is intended for occasional
use by system administrators. It is not sensible, for example, to set up a
script that sends SIGUSR1 signals to Exim processes at short intervals.
</p>
<p>
Unfortunately, the <span class="emphasis"><em>ps</em></span> command that <span class="emphasis"><em>exiwhat</em></span> uses to find Exim processes
varies in different operating systems. Not only are different options used,
but the format of the output is different. For this reason, there are some
system configuration options that configure exactly how <span class="emphasis"><em>exiwhat</em></span> works. If
it doesn’t seem to be working for you, check the following compile-time
options:
</p>
<div class="literallayout">
<code class="literal">EXIWHAT_PS_CMD </code> the command for running <span class="emphasis"><em>ps</em></span><br />
<code class="literal">EXIWHAT_PS_ARG </code> the argument for <span class="emphasis"><em>ps</em></span><br />
<code class="literal">EXIWHAT_EGREP_ARG </code> the argument for <span class="emphasis"><em>egrep</em></span> to select from <span class="emphasis"><em>ps</em></span> output<br />
<code class="literal">EXIWHAT_KILL_ARG </code> the argument for the <span class="emphasis"><em>kill</em></span> command<br />
</div>
<p>
An example of typical output from <span class="emphasis"><em>exiwhat</em></span> is
</p>
<pre class="literallayout">164 daemon: -q1h, listening on port 25
10483 running queue: waiting for 0tAycK-0002ij-00 (10492)
10492 delivering 0tAycK-0002ij-00 to mail.ref.example
[10.19.42.42] (editor@ref.example)
10592 handling incoming call from [192.168.243.242]
10628 accepting a local non-SMTP message
</pre><p>
The first number in the output line is the process number. The third line has
been split here, in order to fit it on the page.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0454" id="SECTgreptheque">50.2 Selective queue listing (exiqgrep)</a></h3></div>
</div>
</div>
<p>
<a id="id653818" class="indexterm"></a>
<a id="id653830" class="indexterm"></a>
This utility is a Perl script contributed by Matt Hubbard. It runs
</p>
<pre class="literallayout">exim -bpu
</pre><p>
to obtain a queue listing with undelivered recipients only, and then greps the
output to select messages that match given criteria. The following selection
options are available:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>-f</strong></span> <<span class="emphasis"><em>regex</em></span>></span></dt><dd><p>
Match the sender address. The field that is tested is enclosed in angle
brackets, so you can test for bounce messages with
</p>
<pre class="literallayout">exiqgrep -f '^<>$'
</pre></dd><dt><span class="term"><span class="bold"><strong>-r</strong></span> <<span class="emphasis"><em>regex</em></span>></span></dt><dd><p>
Match a recipient address. The field that is tested is not enclosed in angle
brackets.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-s</strong></span> <<span class="emphasis"><em>regex</em></span>></span></dt><dd><p>
Match against the size field.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-y</strong></span> <<span class="emphasis"><em>seconds</em></span>></span></dt><dd><p>
Match messages that are younger than the given time.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-o</strong></span> <<span class="emphasis"><em>seconds</em></span>></span></dt><dd><p>
Match messages that are older than the given time.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-z</strong></span></span></dt><dd><p>
Match only frozen messages.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-x</strong></span></span></dt><dd><p>
Match only non-frozen messages.
</p>
</dd></dl></div>
<p>
The following options control the format of the output:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>-c</strong></span></span></dt><dd><p>
Display only the count of matching messages.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-l</strong></span></span></dt><dd><p>
Long format – display the full message information as output by Exim. This is
the default.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-i</strong></span></span></dt><dd><p>
Display message ids only.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-b</strong></span></span></dt><dd><p>
Brief format – one line per message.
</p>
</dd><dt><span class="term"><span class="bold"><strong>-R</strong></span></span></dt><dd><p>
Display messages in reverse order.
</p>
</dd></dl></div>
<p>
There is one more option, <span><strong class="option">-h</strong></span>, which outputs a list of options.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0455" id="SECTsumtheque">50.3 Summarizing the queue (exiqsumm)</a></h3></div>
</div>
</div>
<p>
<a id="id654117" class="indexterm"></a>
<a id="id654129" class="indexterm"></a>
The <span class="emphasis"><em>exiqsumm</em></span> utility is a Perl script which reads the output of <code class="literal">exim
-bp</code> and produces a summary of the messages on the queue. Thus, you use it by
running a command such as
</p>
<pre class="literallayout">exim -bp | exiqsumm
</pre><p>
The output consists of one line for each domain that has messages waiting for
it, as in the following example:
</p>
<pre class="literallayout">3 2322 74m 66m msn.com.example
</pre><p>
Each line lists the number of pending deliveries for a domain, their total
volume, and the length of time that the oldest and the newest messages have
been waiting. Note that the number of pending deliveries is greater than the
number of messages when messages have more than one recipient.
</p>
<p>
A summary line is output at the end. By default the output is sorted on the
domain name, but <span class="emphasis"><em>exiqsumm</em></span> has the options <span><strong class="option">-a</strong></span> and <span><strong class="option">-c</strong></span>, which cause
the output to be sorted by oldest message and by count of messages,
respectively. There are also three options that split the messages for each
domain into two or more subcounts: <span><strong class="option">-b</strong></span> separates bounce messages, <span><strong class="option">-f</strong></span>
separates frozen messages, and <span><strong class="option">-s</strong></span> separates messages according to their
sender.
</p>
<p>
The output of <span class="emphasis"><em>exim -bp</em></span> contains the original addresses in the message, so
this also applies to the output from <span class="emphasis"><em>exiqsumm</em></span>. No domains from addresses
generated by aliasing or forwarding are included (unless the <span><strong class="option">one_time</strong></span>
option of the <span><strong class="command">redirect</strong></span> router has been used to convert them into “<span class="quote">top
level</span>” addresses).
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0456" id="SECTextspeinf">50.4 Extracting specific information from the log (exigrep)</a></h3></div>
</div>
</div>
<p>
<a id="id654257" class="indexterm"></a>
<a id="id654269" class="indexterm"></a>
The <span class="emphasis"><em>exigrep</em></span> utility is a Perl script that searches one or more main log
files for entries that match a given pattern. When it finds a match, it
extracts all the log entries for the relevant message, not just those that
match the pattern. Thus, <span class="emphasis"><em>exigrep</em></span> can extract complete log entries for a
given message, or all mail for a given user, or for a given host, for example.
The input files can be in Exim log format or syslog format.
If a matching log line is not associated with a specific message, it is
included in <span class="emphasis"><em>exigrep</em></span>’s output without any additional lines. The usage is:
</p>
<div class="literallayout">
<code class="literal">exigrep [-t<</code><span class="emphasis"><em>n</em></span><code class="literal">>] [-I] [-l] [-v] <</code><span class="emphasis"><em>pattern</em></span><code class="literal">> [<</code><span class="emphasis"><em>log file</em></span><code class="literal">>] ...</code><br />
</div>
<p>
If no log file names are given on the command line, the standard input is read.
</p>
<p>
The <span><strong class="option">-t</strong></span> argument specifies a number of seconds. It adds an additional
condition for message selection. Messages that are complete are shown only if
they spent more than <<span class="emphasis"><em>n</em></span>> seconds on the queue.
</p>
<p>
By default, <span class="emphasis"><em>exigrep</em></span> does case-insensitive matching. The <span><strong class="option">-I</strong></span> option
makes it case-sensitive. This may give a performance improvement when searching
large log files. Without <span><strong class="option">-I</strong></span>, the Perl pattern matches use Perl’s <code class="literal">/i</code>
option; with <span><strong class="option">-I</strong></span> they do not. In both cases it is possible to change the
case sensitivity within the pattern by using <code class="literal">(?i)</code> or <code class="literal">(?-i)</code>.
</p>
<p>
The <span><strong class="option">-l</strong></span> option means “<span class="quote">literal</span>”, that is, treat all characters in the
pattern as standing for themselves. Otherwise the pattern must be a Perl
regular expression.
</p>
<p>
The <span><strong class="option">-v</strong></span> option inverts the matching condition. That is, a line is selected
if it does <span class="emphasis"><em>not</em></span> match the pattern.
</p>
<p>
If the location of a <span class="emphasis"><em>zcat</em></span> command is known from the definition of
ZCAT_COMMAND in <em class="filename">Local/Makefile</em>, <span class="emphasis"><em>exigrep</em></span> automatically passes any file
whose name ends in COMPRESS_SUFFIX through <span class="emphasis"><em>zcat</em></span> as it searches it.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0457" id="SECTexipick">50.5 Selecting messages by various criteria (exipick)</a></h3></div>
</div>
</div>
<p>
<a id="id654461" class="indexterm"></a>
John Jetmore’s <span class="emphasis"><em>exipick</em></span> utility is included in the Exim distribution. It
lists messages from the queue according to a variety of criteria. For details
of <span class="emphasis"><em>exipick</em></span>’s facilities, visit the web page at
<span class="bold"><strong><a href="http://www.exim.org/eximwiki/ToolExipickManPage" target="_top">http://www.exim.org/eximwiki/ToolExipickManPage</a></strong></span> or run <span class="emphasis"><em>exipick</em></span> with
the <span><strong class="option">--help</strong></span> option.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0458" id="SECTcyclogfil">50.6 Cycling log files (exicyclog)</a></h3></div>
</div>
</div>
<p>
<a id="id654516" class="indexterm"></a>
<a id="id654530" class="indexterm"></a>
<a id="id654541" class="indexterm"></a>
The <span class="emphasis"><em>exicyclog</em></span> script can be used to cycle (rotate) <span class="emphasis"><em>mainlog</em></span> and
<span class="emphasis"><em>rejectlog</em></span> files. This is not necessary if only syslog is being used, or if
you are using log files with datestamps in their names (see section
<a href="ch49.html#SECTdatlogfil" title="49.3 Datestamped log files">49.3</a>). Some operating systems have their own standard mechanisms
for log cycling, and these can be used instead of <span class="emphasis"><em>exicyclog</em></span> if preferred.
There are two command line options for <span class="emphasis"><em>exicyclog</em></span>:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
<span><strong class="option">-k</strong></span> <<span class="emphasis"><em>count</em></span>> specifies the number of log files to keep, overriding the
default that is set when Exim is built. The default default is 10.
</p>
</li><li><p>
<span><strong class="option">-l</strong></span> <<span class="emphasis"><em>path</em></span>> specifies the log file path, in the same format as Exim’s
<span><strong class="option">log_file_path</strong></span> option (for example, <code class="literal">/var/log/exim_%slog</code>), again
overriding the script’s default, which is to find the setting from Exim’s
configuration.
</p>
</li></ul></div>
<p>
Each time <span class="emphasis"><em>exicyclog</em></span> is run the file names get “<span class="quote">shuffled down</span>” by one. If
the main log file name is <em class="filename">mainlog</em> (the default) then when <span class="emphasis"><em>exicyclog</em></span> is
run <em class="filename">mainlog</em> becomes <em class="filename">mainlog.01</em>, the previous <em class="filename">mainlog.01</em> becomes
<em class="filename">mainlog.02</em> and so on, up to the limit that is set in the script or by the
<span><strong class="option">-k</strong></span> option. Log files whose numbers exceed the limit are discarded. Reject
logs are handled similarly.
</p>
<p>
If the limit is greater than 99, the script uses 3-digit numbers such as
<em class="filename">mainlog.001</em>, <em class="filename">mainlog.002</em>, etc. If you change from a number less than 99
to one that is greater, or <span class="emphasis"><em>vice versa</em></span>, you will have to fix the names of
any existing log files.
</p>
<p>
If no <em class="filename">mainlog</em> file exists, the script does nothing. Files that “<span class="quote">drop off</span>”
the end are deleted. All files with numbers greater than 01 are compressed,
using a compression command which is configured by the COMPRESS_COMMAND
setting in <em class="filename">Local/Makefile</em>. It is usual to run <span class="emphasis"><em>exicyclog</em></span> daily from a
root <span><strong class="option">crontab</strong></span> entry of the form
</p>
<pre class="literallayout">1 0 * * * su exim -c /usr/exim/bin/exicyclog
</pre><p>
assuming you have used the name “<span class="quote">exim</span>” for the Exim user. You can run
<span class="emphasis"><em>exicyclog</em></span> as root if you wish, but there is no need.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0459" id="SECTmailstat">50.7 Mail statistics (eximstats)</a></h3></div>
</div>
</div>
<p>
<a id="id654770" class="indexterm"></a>
<a id="id654781" class="indexterm"></a>
A Perl script called <span class="emphasis"><em>eximstats</em></span> is provided for extracting statistical
information from log files. The output is either plain text, or HTML.
Exim log files are also supported by the <span class="emphasis"><em>Lire</em></span> system produced by the
LogReport Foundation <span class="bold"><strong><a href="http://www.logreport.org" target="_top">http://www.logreport.org</a></strong></span>.
</p>
<p>
The <span class="emphasis"><em>eximstats</em></span> script has been hacked about quite a bit over time. The
latest version is the result of some extensive revision by Steve Campbell. A
lot of information is given by default, but there are options for suppressing
various parts of it. Following any options, the arguments to the script are a
list of files, which should be main log files. For example:
</p>
<pre class="literallayout">eximstats -nr /var/spool/exim/log/mainlog.01
</pre><p>
By default, <span class="emphasis"><em>eximstats</em></span> extracts information about the number and volume of
messages received from or delivered to various hosts. The information is sorted
both by message count and by volume, and the top fifty hosts in each category
are listed on the standard output. Similar information, based on email
addresses or domains instead of hosts can be requested by means of various
options. For messages delivered and received locally, similar statistics are
also produced per user.
</p>
<p>
The output also includes total counts and statistics about delivery errors, and
histograms showing the number of messages received and deliveries made in each
hour of the day. A delivery with more than one address in its envelope (for
example, an SMTP transaction with more than one RCPT command) is counted
as a single delivery by <span class="emphasis"><em>eximstats</em></span>.
</p>
<p>
Though normally more deliveries than receipts are reported (as messages may
have multiple recipients), it is possible for <span class="emphasis"><em>eximstats</em></span> to report more
messages received than delivered, even though the queue is empty at the start
and end of the period in question. If an incoming message contains no valid
recipients, no deliveries are recorded for it. A bounce message is handled as
an entirely separate message.
</p>
<p>
<span class="emphasis"><em>eximstats</em></span> always outputs a grand total summary giving the volume and number
of messages received and deliveries made, and the number of hosts involved in
each case. It also outputs the number of messages that were delayed (that is,
not completely delivered at the first attempt), and the number that had at
least one address that failed.
</p>
<p>
The remainder of the output is in sections that can be independently disabled
or modified by various options. It consists of a summary of deliveries by
transport, histograms of messages received and delivered per time interval
(default per hour), information about the time messages spent on the queue,
a list of relayed messages, lists of the top fifty sending hosts, local
senders, destination hosts, and destination local users by count and by volume,
and a list of delivery errors that occurred.
</p>
<p>
The relay information lists messages that were actually relayed, that is, they
came from a remote host and were directly delivered to some other remote host,
without being processed (for example, for aliasing or forwarding) locally.
</p>
<p>
There are quite a few options for <span class="emphasis"><em>eximstats</em></span> to control exactly what it
outputs. These are documented in the Perl script itself, and can be extracted
by running the command <span><strong class="command">perldoc</strong></span> on the script. For example:
</p>
<pre class="literallayout">perldoc /usr/exim/bin/eximstats
</pre></div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0460" id="SECTcheckaccess">50.8 Checking access policy (exim_checkaccess)</a></h3></div>
</div>
</div>
<p>
<a id="id654936" class="indexterm"></a>
<a id="id654948" class="indexterm"></a>
<a id="id654962" class="indexterm"></a>
The <span><strong class="option">-bh</strong></span> command line argument allows you to run a fake SMTP session with
debugging output, in order to check what Exim is doing when it is applying
policy controls to incoming SMTP mail. However, not everybody is sufficiently
familiar with the SMTP protocol to be able to make full use of <span><strong class="option">-bh</strong></span>, and
sometimes you just want to answer the question “<span class="quote">Does this address have
access?</span>” without bothering with any further details.
</p>
<p>
The <span class="emphasis"><em>exim_checkaccess</em></span> utility is a “<span class="quote">packaged</span>” version of <span><strong class="option">-bh</strong></span>. It takes
two arguments, an IP address and an email address:
</p>
<pre class="literallayout">exim_checkaccess 10.9.8.7 A.User@a.domain.example
</pre><p>
The utility runs a call to Exim with the <span><strong class="option">-bh</strong></span> option, to test whether the
given email address would be accepted in a RCPT command in a TCP/IP
connection from the host with the given IP address. The output of the utility
is either the word “<span class="quote">accepted</span>”, or the SMTP error response, for example:
</p>
<pre class="literallayout">Rejected:
550 Relay not permitted
</pre><p>
When running this test, the utility uses <code class="literal"><></code> as the envelope sender address
for the MAIL command, but you can change this by providing additional
options. These are passed directly to the Exim command. For example, to specify
that the test is to be run with the sender address <span class="emphasis"><em>himself@there.example</em></span>
you can use:
</p>
<pre class="literallayout">exim_checkaccess 10.9.8.7 A.User@a.domain.example \
-f himself@there.example
</pre><p>
Note that these additional Exim command line items must be given after the two
mandatory arguments.
</p>
<p>
Because the <span><strong class="option">exim_checkaccess</strong></span> uses <span><strong class="option">-bh</strong></span>, it does not perform callouts
while running its checks. You can run checks that include callouts by using
<span><strong class="option">-bhc</strong></span>, but this is not yet available in a “<span class="quote">packaged</span>” form.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0461" id="SECTdbmbuild">50.9 Making DBM files (exim_dbmbuild)</a></h3></div>
</div>
</div>
<p>
<a id="id655104" class="indexterm"></a>
<a id="id655118" class="indexterm"></a>
<a id="id655129" class="indexterm"></a>
<a id="id655141" class="indexterm"></a>
<a id="id655152" class="indexterm"></a>
The <span class="emphasis"><em>exim_dbmbuild</em></span> program reads an input file containing keys and data in
the format used by the <span><strong class="command">lsearch</strong></span> lookup (see section
<a href="ch09.html#SECTsinglekeylookups" title="9.3 Single-key lookup types">9.3</a>). It writes a DBM file using the lower-cased alias
names as keys and the remainder of the information as data. The lower-casing
can be prevented by calling the program with the <span><strong class="option">-nolc</strong></span> option.
</p>
<p>
A terminating zero is included as part of the key string. This is expected by
the <span><strong class="command">dbm</strong></span> lookup type. However, if the option <span><strong class="option">-nozero</strong></span> is given,
<span class="emphasis"><em>exim_dbmbuild</em></span> creates files without terminating zeroes in either the key
strings or the data strings. The <span><strong class="command">dbmnz</strong></span> lookup type can be used with such
files.
</p>
<p>
The program requires two arguments: the name of the input file (which can be a
single hyphen to indicate the standard input), and the name of the output file.
It creates the output under a temporary name, and then renames it if all went
well.
</p>
<p>
<a id="id655229" class="indexterm"></a>
If the native DB interface is in use (USE_DB is set in a compile-time
configuration file – this is common in free versions of Unix) the two file
names must be different, because in this mode the Berkeley DB functions create
a single output file using exactly the name given. For example,
</p>
<pre class="literallayout">exim_dbmbuild /etc/aliases /etc/aliases.db
</pre><p>
reads the system alias file and creates a DBM version of it in
<em class="filename">/etc/aliases.db</em>.
</p>
<p>
In systems that use the <span class="emphasis"><em>ndbm</em></span> routines (mostly proprietary versions of
Unix), two files are used, with the suffixes <em class="filename">.dir</em> and <em class="filename">.pag</em>. In this
environment, the suffixes are added to the second argument of
<span class="emphasis"><em>exim_dbmbuild</em></span>, so it can be the same as the first. This is also the case
when the Berkeley functions are used in compatibility mode (though this is not
recommended), because in that case it adds a <em class="filename">.db</em> suffix to the file name.
</p>
<p>
If a duplicate key is encountered, the program outputs a warning, and when it
finishes, its return code is 1 rather than zero, unless the <span><strong class="option">-noduperr</strong></span>
option is used. By default, only the first of a set of duplicates is used –
this makes it compatible with <span><strong class="command">lsearch</strong></span> lookups. There is an option
<span><strong class="option">-lastdup</strong></span> which causes it to use the data for the last duplicate instead.
There is also an option <span><strong class="option">-nowarn</strong></span>, which stops it listing duplicate keys to
<span><strong class="option">stderr</strong></span>. For other errors, where it doesn’t actually make a new file, the
return code is 2.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0462" id="SECTfinindret">50.10 Finding individual retry times (exinext)</a></h3></div>
</div>
</div>
<p>
<a id="id655346" class="indexterm"></a>
<a id="id655360" class="indexterm"></a>
A utility called <span class="emphasis"><em>exinext</em></span> (mostly a Perl script) provides the ability to
fish specific information out of the retry database. Given a mail domain (or a
complete address), it looks up the hosts for that domain, and outputs any retry
information for the hosts or for the domain. At present, the retry information
is obtained by running <span class="emphasis"><em>exim_dumpdb</em></span> (see below) and post-processing the
output. For example:
</p>
<pre class="literallayout">$ exinext piglet@milne.fict.example
kanga.milne.example:192.168.8.1 error 146: Connection refused
first failed: 21-Feb-1996 14:57:34
last tried: 21-Feb-1996 14:57:34
next try at: 21-Feb-1996 15:02:34
roo.milne.example:192.168.8.3 error 146: Connection refused
first failed: 20-Jan-1996 13:12:08
last tried: 21-Feb-1996 11:42:03
next try at: 21-Feb-1996 19:42:03
past final cutoff time
</pre><p>
You can also give <span class="emphasis"><em>exinext</em></span> a local part, without a domain, and it
will give any retry information for that local part in your default domain.
A message id can be used to obtain retry information pertaining to a specific
message. This exists only when an attempt to deliver a message to a remote host
suffers a message-specific error (see section <a href="ch45.html#SECToutSMTPerr" title="45.2 Errors in outgoing SMTP">45.2</a>).
<span class="emphasis"><em>exinext</em></span> is not particularly efficient, but then it is not expected to be
run very often.
</p>
<p>
The <span class="emphasis"><em>exinext</em></span> utility calls Exim to find out information such as the location
of the spool directory. The utility has <span><strong class="option">-C</strong></span> and <span><strong class="option">-D</strong></span> options, which are
passed on to the <span class="emphasis"><em>exim</em></span> commands. The first specifies an alternate Exim
configuration file, and the second sets macros for use within the configuration
file. These features are mainly to help in testing, but might also be useful in
environments where more than one configuration file is in use.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0463" id="SECThindatmai">50.11 Hints database maintenance</a></h3></div>
</div>
</div>
<p>
<a id="id655462" class="indexterm"></a>
<a id="id655476" class="indexterm"></a>
Three utility programs are provided for maintaining the DBM files that Exim
uses to contain its delivery hint information. Each program requires two
arguments. The first specifies the name of Exim’s spool directory, and the
second is the name of the database it is to operate on. These are as follows:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
<span class="emphasis"><em>retry</em></span>: the database of retry information
</p>
</li><li><p>
<span class="emphasis"><em>wait-</em></span><<span class="emphasis"><em>transport name</em></span>>: databases of information about messages waiting
for remote hosts
</p>
</li><li><p>
<span class="emphasis"><em>callout</em></span>: the callout cache
</p>
</li><li><p>
<span class="emphasis"><em>ratelimit</em></span>: the data for implementing the ratelimit ACL condition
</p>
</li><li><p>
<span class="emphasis"><em>misc</em></span>: other hints data
</p>
</li></ul></div>
<p>
The <span class="emphasis"><em>misc</em></span> database is used for
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
Serializing ETRN runs (when <span><strong class="option">smtp_etrn_serialize</strong></span> is set)
</p>
</li><li><p>
Serializing delivery to a specific host (when <span><strong class="option">serialize_hosts</strong></span> is set in an
<span><strong class="command">smtp</strong></span> transport)
</p>
</li></ul></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0464" id="SECID261">50.12 exim_dumpdb</a></h3></div>
</div>
</div>
<p>
<a id="id655608" class="indexterm"></a>
The entire contents of a database are written to the standard output by the
<span class="emphasis"><em>exim_dumpdb</em></span> program, which has no options or arguments other than the
spool and database names. For example, to dump the retry database:
</p>
<pre class="literallayout">exim_dumpdb /var/spool/exim retry
</pre><p>
Two lines of output are produced for each entry:
</p>
<pre class="literallayout">T:mail.ref.example:192.168.242.242 146 77 Connection refused
31-Oct-1995 12:00:12 02-Nov-1995 12:21:39 02-Nov-1995 20:21:39 *
</pre><p>
The first item on the first line is the key of the record. It starts with one
of the letters R, or T, depending on whether it refers to a routing or
transport retry. For a local delivery, the next part is the local address; for
a remote delivery it is the name of the remote host, followed by its failing IP
address (unless <span><strong class="option">retry_include_ip_address</strong></span> is set false on the <span><strong class="command">smtp</strong></span>
transport). If the remote port is not the standard one (port 25), it is added
to the IP address. Then there follows an error code, an additional error code,
and a textual description of the error.
</p>
<p>
The three times on the second line are the time of first failure, the time of
the last delivery attempt, and the computed time for the next attempt. The line
ends with an asterisk if the cutoff time for the last retry rule has been
exceeded.
</p>
<p>
Each output line from <span class="emphasis"><em>exim_dumpdb</em></span> for the <span class="emphasis"><em>wait-xxx</em></span> databases
consists of a host name followed by a list of ids for messages that are or were
waiting to be delivered to that host. If there are a very large number for any
one host, continuation records, with a sequence number added to the host name,
may be seen. The data in these records is often out of date, because a message
may be routed to several alternative hosts, and Exim makes no effort to keep
cross-references.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0465" id="SECID262">50.13 exim_tidydb</a></h3></div>
</div>
</div>
<p>
<a id="id655710" class="indexterm"></a>
The <span class="emphasis"><em>exim_tidydb</em></span> utility program is used to tidy up the contents of a hints
database. If run with no options, it removes all records that are more than 30
days old. The age is calculated from the date and time that the record was last
updated. Note that, in the case of the retry database, it is <span class="emphasis"><em>not</em></span> the time
since the first delivery failure. Information about a host that has been down
for more than 30 days will remain in the database, provided that the record is
updated sufficiently often.
</p>
<p>
The cutoff date can be altered by means of the <span><strong class="option">-t</strong></span> option, which must be
followed by a time. For example, to remove all records older than a week from
the retry database:
</p>
<pre class="literallayout">exim_tidydb -t 7d /var/spool/exim retry
</pre><p>
Both the <span class="emphasis"><em>wait-xxx</em></span> and <span class="emphasis"><em>retry</em></span> databases contain items that involve
message ids. In the former these appear as data in records keyed by host –
they were messages that were waiting for that host – and in the latter they
are the keys for retry information for messages that have suffered certain
types of error. When <span class="emphasis"><em>exim_tidydb</em></span> is run, a check is made to ensure that
message ids in database records are those of messages that are still on the
queue. Message ids for messages that no longer exist are removed from
<span class="emphasis"><em>wait-xxx</em></span> records, and if this leaves any records empty, they are deleted.
For the <span class="emphasis"><em>retry</em></span> database, records whose keys are non-existent message ids are
removed. The <span class="emphasis"><em>exim_tidydb</em></span> utility outputs comments on the standard output
whenever it removes information from the database.
</p>
<p>
Certain records are automatically removed by Exim when they are no longer
needed, but others are not. For example, if all the MX hosts for a domain are
down, a retry record is created for each one. If the primary MX host comes back
first, its record is removed when Exim successfully delivers to it, but the
records for the others remain because Exim has not tried to use those hosts.
</p>
<p>
It is important, therefore, to run <span class="emphasis"><em>exim_tidydb</em></span> periodically on all the
hints databases. You should do this at a quiet time of day, because it requires
a database to be locked (and therefore inaccessible to Exim) while it does its
work. Removing records from a DBM file does not normally make the file smaller,
but all the common DBM libraries are able to re-use the space that is released.
After an initial phase of increasing in size, the databases normally reach a
point at which they no longer get any bigger, as long as they are regularly
tidied.
</p>
<p>
<span class="bold"><strong>Warning</strong></span>: If you never run <span class="emphasis"><em>exim_tidydb</em></span>, the space used by the hints
databases is likely to keep on increasing.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0466" id="SECID263">50.14 exim_fixdb</a></h3></div>
</div>
</div>
<p>
<a id="id655838" class="indexterm"></a>
The <span class="emphasis"><em>exim_fixdb</em></span> program is a utility for interactively modifying databases.
Its main use is for testing Exim, but it might also be occasionally useful for
getting round problems in a live system. It has no options, and its interface
is somewhat crude. On entry, it prompts for input with a right angle-bracket. A
key of a database record can then be entered, and the data for that record is
displayed.
</p>
<p>
If “<span class="quote">d</span>” is typed at the next prompt, the entire record is deleted. For all
except the <span class="emphasis"><em>retry</em></span> database, that is the only operation that can be carried
out. For the <span class="emphasis"><em>retry</em></span> database, each field is output preceded by a number, and
data for individual fields can be changed by typing the field number followed
by new data, for example:
</p>
<pre class="literallayout">> 4 951102:1000
</pre><p>
resets the time of the next delivery attempt. Time values are given as a
sequence of digit pairs for year, month, day, hour, and minute. Colons can be
used as optional separators.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0467" id="SECTmailboxmaint">50.15 Mailbox maintenance (exim_lock)</a></h3></div>
</div>
</div>
<p>
<a id="id655908" class="indexterm"></a>
<a id="id655922" class="indexterm"></a>
<a id="id655934" class="indexterm"></a>
The <span class="emphasis"><em>exim_lock</em></span> utility locks a mailbox file using the same algorithm as
Exim. For a discussion of locking issues, see section <a href="ch26.html#SECTopappend" title="26.3 Operational details for appending">26.3</a>.
<span class="emphasis"><em>Exim_lock</em></span> can be used to prevent any modification of a mailbox by Exim or
a user agent while investigating a problem. The utility requires the name of
the file as its first argument. If the locking is successful, the second
argument is run as a command (using C’s <em class="function">system()</em> function); if there is no
second argument, the value of the SHELL environment variable is used; if this
is unset or empty, <em class="filename">/bin/sh</em> is run. When the command finishes, the mailbox
is unlocked and the utility ends. The following options are available:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span><strong class="option">-fcntl</strong></span></span></dt><dd><p>
Use <em class="function">fcntl()</em> locking on the open mailbox.
</p>
</dd><dt><span class="term"><span><strong class="option">-flock</strong></span></span></dt><dd><p>
Use <em class="function">flock()</em> locking on the open mailbox, provided the operating system
supports it.
</p>
</dd><dt><span class="term"><span><strong class="option">-interval</strong></span></span></dt><dd><p>
This must be followed by a number, which is a number of seconds; it sets the
interval to sleep between retries (default 3).
</p>
</dd><dt><span class="term"><span><strong class="option">-lockfile</strong></span></span></dt><dd><p>
Create a lock file before opening the mailbox.
</p>
</dd><dt><span class="term"><span><strong class="option">-mbx</strong></span></span></dt><dd><p>
Lock the mailbox using MBX rules.
</p>
</dd><dt><span class="term"><span><strong class="option">-q</strong></span></span></dt><dd><p>
Suppress verification output.
</p>
</dd><dt><span class="term"><span><strong class="option">-retries</strong></span></span></dt><dd><p>
This must be followed by a number; it sets the number of times to try to get
the lock (default 10).
</p>
</dd><dt><span class="term"><span><strong class="option">-restore_time</strong></span></span></dt><dd><p>
This option causes <span><strong class="option">exim_lock</strong></span> to restore the modified and read times to the
locked file before exiting. This allows you to access a locked mailbox (for
example, to take a backup copy) without disturbing the times that the user
subsequently sees.
</p>
</dd><dt><span class="term"><span><strong class="option">-timeout</strong></span></span></dt><dd><p>
This must be followed by a number, which is a number of seconds; it sets a
timeout to be used with a blocking <em class="function">fcntl()</em> lock. If it is not set (the
default), a non-blocking call is used.
</p>
</dd><dt><span class="term"><span><strong class="option">-v</strong></span></span></dt><dd><p>
Generate verbose output.
</p>
</dd></dl></div>
<p>
If none of <span><strong class="option">-fcntl</strong></span>, <span><strong class="option">-flock</strong></span>, <span><strong class="option">-lockfile</strong></span> or <span><strong class="option">-mbx</strong></span> are given, the
default is to create a lock file and also to use <em class="function">fcntl()</em> locking on the
mailbox, which is the same as Exim’s default. The use of <span><strong class="option">-flock</strong></span> or
<span><strong class="option">-fcntl</strong></span> requires that the file be writeable; the use of <span><strong class="option">-lockfile</strong></span>
requires that the directory containing the file be writeable. Locking by lock
file does not last for ever; Exim assumes that a lock file is expired if it is
more than 30 minutes old.
</p>
<p>
The <span><strong class="option">-mbx</strong></span> option can be used with either or both of <span><strong class="option">-fcntl</strong></span> or
<span><strong class="option">-flock</strong></span>. It assumes <span><strong class="option">-fcntl</strong></span> by default. MBX locking causes a shared lock
to be taken out on the open mailbox, and an exclusive lock on the file
<em class="filename">/tmp/.n.m</em> where <span class="emphasis"><em>n</em></span> and <span class="emphasis"><em>m</em></span> are the device number and inode
number of the mailbox file. When the locking is released, if an exclusive lock
can be obtained for the mailbox, the file in <em class="filename">/tmp</em> is deleted.
</p>
<p>
The default output contains verification of the locking that takes place. The
<span><strong class="option">-v</strong></span> option causes some additional information to be given. The <span><strong class="option">-q</strong></span> option
suppresses all output except error messages.
</p>
<p>
A command such as
</p>
<pre class="literallayout">exim_lock /var/spool/mail/spqr
</pre><p>
runs an interactive shell while the file is locked, whereas
</p>
<div class="literallayout">
<code class="literal">exim_lock -q /var/spool/mail/spqr <<End</code><br />
<<span class="emphasis"><em>some commands</em></span>><br />
<code class="literal">End</code><br />
</div>
<p>
runs a specific non-interactive sequence of commands while the file is locked,
suppressing all verification output. A single command can be run by a command
such as
</p>
<pre class="literallayout">exim_lock -q /var/spool/mail/spqr \
"cp /var/spool/mail/spqr /some/where"
</pre><p>
Note that if a command is supplied, it must be entirely contained within the
second argument – hence the quotes.
<a id="id655308" class="indexterm"></a>
</p>
</div>
</div>
<div class="navfooter">
<table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ch49.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="ch51.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div>
</body></html>
