Specification of the Exim Mail Transfer Agent
Copyright ©
2021
The Exim Maintainers
Revision 4.95 - 28 Sep 2021
Expand/Collapse all Chapters
- 1. Introduction
- 2. Incorporated code
-
3. How Exim receives and delivers mail
- 1. Overall philosophy
- 2. Policy control
- 3. User filters
- 4. Message identification
- 5. Receiving mail
- 6. Handling an incoming message
- 7. Life of a message
- 8. Processing an address for delivery
- 9. Processing an address for verification
- 10. Running an individual router
- 11. Duplicate addresses
- 12. Router preconditions
- 13. Delivery in detail
- 14. Retry mechanism
- 15. Temporary delivery failure
- 16. Permanent delivery failure
- 17. Failures to deliver bounce messages
-
4. Building and installing Exim
- 1. Unpacking
- 2. Multiple machine architectures and operating systems
- 3. PCRE library
- 4. DBM libraries
- 5. Pre-building configuration
- 6. Support for iconv()
- 7. Including TLS/SSL encryption support
- 8. Use of tcpwrappers
- 9. Including support for IPv6
- 10. Dynamically loaded lookup module support
- 11. The building process
- 12. Output from “make”
- 13. Overriding build-time options for Exim
- 14. OS-specific header files
- 15. Overriding build-time options for the monitor
- 16. Installing Exim binaries and scripts
- 17. Installing info documentation
- 18. Setting up the spool directory
- 19. Testing
- 20. Replacing another MTA with Exim
- 21. Upgrading Exim
- 22. Stopping the Exim daemon on Solaris
- 5. The Exim command line
-
6. The Exim runtime configuration file
- 1. Using a different configuration file
- 2. Configuration file format
- 3. File inclusions in the configuration file
- 4. Macros in the configuration file
- 5. Macro substitution
- 6. Redefining macros
- 7. Overriding macro values
- 8. Example of macro usage
- 9. Builtin macros
- 10. Conditional skips in the configuration file
- 11. Common option syntax
- 12. Boolean options
- 13. Integer values
- 14. Octal integer values
- 15. Fixed point numbers
- 16. Time intervals
- 17. String values
- 18. Expanded strings
- 19. User and group names
- 20. List construction
- 21. Changing list separators
- 22. Empty items in lists
- 23. Format of driver configurations
- 7. The default configuration file
- 8. Regular expressions
-
9. File and database lookups
- 1. Examples of different lookup syntax
- 2. Lookup types
- 3. Single-key lookup types
- 4. Query-style lookup types
- 5. Temporary errors in lookups
- 6. Default values in single-key lookups
- 7. Partial matching in single-key lookups
- 8. Lookup caching
- 9. Quoting lookup data
- 10. More about dnsdb
- 11. Dnsdb lookup modifiers
- 12. Pseudo dnsdb record types
- 13. Multiple dnsdb lookups
- 14. More about LDAP
- 15. Format of LDAP queries
- 16. LDAP quoting
- 17. LDAP connections
- 18. LDAP authentication and control information
- 19. Format of data returned by LDAP
- 20. More about NIS+
- 21. SQL lookups
- 22. More about MySQL, PostgreSQL, Oracle, InterBase, and Redis
- 23. Specifying the server in the query
- 24. Special MySQL features
- 25. Special PostgreSQL features
- 26. More about SQLite
- 27. More about Redis
-
10. Domain, host, address, and local part lists
- 1. Expansion of lists
- 2. Negated items in lists
- 3. File names in lists
- 4. An lsearch file is not an out-of-line list
- 5. Results of list checking
- 6. Named lists
- 7. Named lists compared with macros
- 8. Named list caching
- 9. Domain lists
- 10. Host lists
- 11. Special host list patterns
- 12. Host list patterns that match by IP address
- 13. Host list patterns for single-key lookups by host address
- 14. Host list patterns that match by host name
- 15. Behaviour when an IP address or name cannot be found
- 16. Mixing wildcarded host names and addresses in host lists
- 17. Temporary DNS errors when looking up host information
- 18. Host list patterns for single-key lookups by host name
- 19. Host list patterns for query-style lookups
- 20. Address lists
- 21. Case of letters in address lists
- 22. Local part lists
- 11. String expansions
- 12. Embedded Perl
-
13. Starting the daemon and the use of network interfaces
- 1. Starting a listening daemon
- 2. Special IP listening addresses
- 3. Overriding local_interfaces and daemon_smtp_ports
- 4. Support for the submissions (aka SSMTP or SMTPS) protocol
- 5. IPv6 address scopes
- 6. Disabling IPv6
- 7. Examples of starting a listening daemon
- 8. Recognizing the local host
- 9. Delivering to a remote host
-
14. Main configuration
- 1. Miscellaneous
- 2. Exim parameters
- 3. Privilege controls
- 4. Logging
- 5. Frozen messages
- 6. Data lookups
- 7. Message ids
- 8. Embedded Perl Startup
- 9. Daemon
- 10. Resource control
- 11. Policy controls
- 12. Callout cache
- 13. TLS
- 14. Local user handling
- 15. All incoming messages (SMTP and non-SMTP)
- 16. Non-SMTP incoming messages
- 17. Incoming SMTP messages
- 18. SMTP extensions
- 19. Processing messages
- 20. System filter
- 21. Routing and delivery
- 22. Bounce and warning messages
- 23. Alphabetical list of main options
- 15. Generic options for routers
- 16. The accept router
- 17. The dnslookup router
- 18. The ipliteral router
- 19. The iplookup router
- 20. The manualroute router
- 21. The queryprogram router
-
22. The redirect router
- 1. Redirection data
- 2. Forward files and address verification
- 3. Interpreting redirection data
- 4. Items in a non-filter redirection list
- 5. Redirecting to a local mailbox
- 6. Special items in redirection lists
- 7. Duplicate addresses
- 8. Repeated redirection expansion
- 9. Errors in redirection lists
- 10. Private options for the redirect router
- 23. Environment for running local transports
- 24. Generic options for transports
- 25. Address batching in local transports
- 26. The appendfile transport
- 27. The autoreply transport
- 28. The lmtp transport
- 29. The pipe transport
- 30. The smtp transport
-
31. Address rewriting
- 1. Explicitly configured address rewriting
- 2. When does rewriting happen?
- 3. Testing the rewriting rules that apply on input
- 4. Rewriting rules
- 5. Rewriting patterns
- 6. Rewriting replacements
- 7. Rewriting flags
- 8. Flags specifying which headers and envelope addresses to rewrite
- 9. The SMTP-time rewriting flag
- 10. Flags controlling the rewriting process
- 11. Rewriting examples
-
32. Retry configuration
- 1. Changing retry rules
- 2. Format of retry rules
- 3. Choosing which retry rule to use for address errors
- 4. Choosing which retry rule to use for host and message errors
- 5. Retry rules for specific errors
- 6. Retry rules for specified senders
- 7. Retry parameters
- 8. Retry rule examples
- 9. Timeout of retry data
- 10. Long-term failures
- 11. Deliveries that work intermittently
- 33. SMTP authentication
- 34. The plaintext authenticator
- 35. The cram_md5 authenticator
- 36. The cyrus_sasl authenticator
- 37. The dovecot authenticator
- 38. The gsasl authenticator
- 39. The heimdal_gssapi authenticator
- 40. The spa authenticator
- 41. The external authenticator
- 42. The tls authenticator
-
43. Encrypted SMTP connections using TLS/SSL
- 1. Support for the “submissions” (aka “ssmtp” and “smtps”) protocol
- 2. OpenSSL vs GnuTLS
- 3. GnuTLS parameter computation
- 4. Requiring specific ciphers in OpenSSL
- 5. Requiring specific ciphers or other parameters in GnuTLS
- 6. Configuring an Exim server to use TLS
- 7. Requesting and verifying client certificates
- 8. Revoked certificates
- 9. Caching of static server configuration items
- 10. Configuring an Exim client to use TLS
- 11. Caching of static client configuration items
- 12. Use of TLS Server Name Indication
- 13. Multiple messages on the same encrypted TCP/IP connection
- 14. Certificates and all that
- 15. Certificate chains
- 16. Self-signed certificates
- 17. TLS Resumption
- 18. DANE
-
44. Access control lists
- 1. Testing ACLs
- 2. Specifying when ACLs are used
- 3. The non-SMTP ACLs
- 4. The SMTP connect ACL
- 5. The EHLO/HELO ACL
- 6. The DATA ACLs
- 7. The SMTP DKIM ACL
- 8. The SMTP MIME ACL
- 9. The SMTP PRDR ACL
- 10. The QUIT ACL
- 11. The not-QUIT ACL
- 12. Finding an ACL to use
- 13. ACL return codes
- 14. Unset ACL options
- 15. Data for message ACLs
- 16. Data for non-message ACLs
- 17. Format of an ACL
- 18. ACL verbs
- 19. ACL variables
- 20. Condition and modifier processing
- 21. ACL modifiers
- 22. Use of the control modifier
- 23. Summary of message fixup control
- 24. Adding header lines in ACLs
- 25. Removing header lines in ACLs
- 26. ACL conditions
- 27. Using DNS lists
- 28. Specifying the IP address for a DNS list lookup
- 29. DNS lists keyed on domain names
- 30. Multiple explicit keys for a DNS list
- 31. Data returned by DNS lists
- 32. Variables set from DNS lists
- 33. Additional matching conditions for DNS lists
- 34. Negated DNS matching conditions
- 35. Handling multiple DNS records from a DNS list
- 36. Detailed information from merged DNS lists
- 37. DNS lists and IPv6
- 38. Rate limiting incoming messages
- 39. Ratelimit options for what is being measured
- 40. Ratelimit update modes
- 41. Ratelimit options for handling fast clients
- 42. Limiting the rate of different events
- 43. Using rate limiting
- 44. Address verification
- 45. Callout verification
- 46. Additional parameters for callouts
- 47. Callout caching
- 48. Quota caching
- 49. Sender address verification reporting
- 50. Redirection while verifying
- 51. Client SMTP authorization (CSA)
- 52. Bounce address tag validation
- 53. Using an ACL to control relaying
- 54. Checking a relay configuration
- 45. Content scanning at ACL time
- 46. Adding a local scan function to Exim
-
47. System-wide message filtering
- 1. Specifying a system filter
- 2. Testing a system filter
- 3. Contents of a system filter
- 4. Additional variable for system filters
- 5. Defer, freeze, and fail commands for system filters
- 6. Adding and removing headers in a system filter
- 7. Setting an errors address in a system filter
- 8. Per-address filtering
-
48. Message processing
- 1. Submission mode for non-local messages
- 2. Line endings
- 3. Unqualified addresses
- 4. The UUCP From line
- 5. Resent- header lines
- 6. The Auto-Submitted: header line
- 7. The Bcc: header line
- 8. The Date: header line
- 9. The Delivery-date: header line
- 10. The Envelope-to: header line
- 11. The From: header line
- 12. The Message-ID: header line
- 13. The Received: header line
- 14. The References: header line
- 15. The Return-path: header line
- 16. The Sender: header line
- 17. Adding and removing header lines in routers and transports
- 18. Constructed addresses
- 19. Case of local parts
- 20. Dots in local parts
- 21. Rewriting addresses
-
49. SMTP processing
- 1. Outgoing SMTP and LMTP over TCP/IP
- 2. Errors in outgoing SMTP
- 3. Incoming SMTP messages over TCP/IP
- 4. Unrecognized SMTP commands
- 5. Syntax and protocol errors in SMTP commands
- 6. Use of non-mail SMTP commands
- 7. The VRFY and EXPN commands
- 8. The ETRN command
- 9. Incoming local SMTP
- 10. Outgoing batched SMTP
- 11. Incoming batched SMTP
- 50. Customizing bounce and warning messages
-
51. Some common configuration settings
- 1. Sending mail to a smart host
- 2. Using Exim to handle mailing lists
- 3. Syntax errors in mailing lists
- 4. Re-expansion of mailing lists
- 5. Closed mailing lists
- 6. Variable Envelope Return Paths (VERP)
- 7. Virtual domains
- 8. Multiple user mailboxes
- 9. Simplified vacation processing
- 10. Taking copies of mail
- 11. Intermittently connected hosts
- 12. Exim on the upstream server host
- 13. Exim on the intermittently connected client host
- 52. Using Exim as a non-queueing client
-
53. Log files
- 1. Where the logs are written
- 2. Logging to local files that are periodically “cycled”
- 3. Datestamped log files
- 4. Logging to syslog
- 5. Log line flags
- 6. Logging message reception
- 7. Logging deliveries
- 8. Discarded deliveries
- 9. Deferred deliveries
- 10. Delivery failures
- 11. Fake deliveries
- 12. Completion
- 13. Summary of Fields in Log Lines
- 14. Other log entries
- 15. Reducing or increasing what is logged
- 16. Message log
-
54. Exim utilities
- 1. Finding out what Exim processes are doing (exiwhat)
- 2. Selective queue listing (exiqgrep)
- 3. Summarizing the queue (exiqsumm)
- 4. Extracting specific information from the log (exigrep)
- 5. Selecting messages by various criteria (exipick)
- 6. Cycling log files (exicyclog)
- 7. Mail statistics (eximstats)
- 8. Checking access policy (exim_checkaccess)
- 9. Making DBM files (exim_dbmbuild)
- 10. Finding individual retry times (exinext)
- 11. Hints database maintenance
- 12. exim_dumpdb
- 13. exim_tidydb
- 14. exim_fixdb
- 15. Mailbox maintenance (exim_lock)
- 55. The Exim monitor
-
56. Security considerations
- 1. Building a more “hardened” Exim
- 2. Root privilege
- 3. Running Exim without privilege
- 4. Delivering to local files
- 5. Running local commands
- 6. Trust in configuration data
- 7. IPv4 source routing
- 8. The VRFY, EXPN, and ETRN commands in SMTP
- 9. Privileged users
- 10. Spool files
- 11. Use of argv[0]
- 12. Use of %f formatting
- 13. Embedded Exim path
- 14. Dynamic module directory
- 15. Use of sprintf()
- 16. Use of debug_printf() and log_write()
- 17. Use of strcat() and strcpy()
- 57. Format of spool files
- 58. DKIM, SPF, SRS and DMARC
-
59. Proxies
- 1. Inbound proxies
- 2. Outbound proxies
- 3. Logging
-
60. Internationalisation
- 1. MTA operations
- 2. MDA operations
- 61. Events
- 62. Adding new drivers or lookup types
- 63. Concept Index
- 64. Option Index
- 65. Variable Index