From e90fcc54809db2591dc083f43ef54c6ec8c60847 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 18:16:13 +0200 Subject: Adding upstream version 4.96. Signed-off-by: Daniel Baumann --- doc/exim.8 | 1810 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1810 insertions(+) create mode 100644 doc/exim.8 (limited to 'doc/exim.8') diff --git a/doc/exim.8 b/doc/exim.8 new file mode 100644 index 0000000..4b41796 --- /dev/null +++ b/doc/exim.8 @@ -0,0 +1,1810 @@ +.TH EXIM 8 +.SH NAME +exim \- a Mail Transfer Agent +.SH SYNOPSIS +.nf +.B exim [options] arguments ... +.B mailq [options] arguments ... +.B rsmtp [options] arguments ... +.B rmail [options] arguments ... +.B runq [options] arguments ... +.B newaliases [options] arguments ... +.fi +. +.SH DESCRIPTION +.rs +.sp +Exim is a mail transfer agent (MTA) developed at the University of Cambridge. +It is a large program with very many facilities. For a full specification, see +the reference manual. This man page contains only a description of the command +line options. It has been automatically generated from the reference manual +source, hopefully without too much mangling. +.P +Like other MTAs, Exim replaces Sendmail, and is normally called by user agents +(MUAs) using the path \fI/usr/sbin/sendmail\fP when they submit messages for +delivery (some operating systems use \fI/usr/lib/sendmail\fP). This path is +normally set up as a symbolic link to the Exim binary. It may also be used by +boot scripts to start the Exim daemon. Many of Exim's command line options are +compatible with Sendmail so that it can act as a drop-in replacement. +. +.SH "DEFAULT ACTION" +.rs +.sp +If no options are present that require a specific action (such as starting the +daemon or a queue runner, testing an address, receiving a message in a specific +format, or listing the queue), and there are no arguments on the command line, +Exim outputs a brief message about itself and exits. +.sp +However, if there is at least one command line argument, \fB-bm\fR (accept a +local message on the standard input, with the arguments specifying the +recipients) is assumed. Thus, for example, if Exim is installed in +\fI/usr/sbin\fP, you can send a message from the command line like this: +.sp + /usr/sbin/exim -i + + CTRL-D +.sp +The \fB-i\fP option prevents a line containing just a dot from terminating +the message. Only an end-of-file (generated by typing CTRL-D if the input is +from a terminal) does so. +. +.SH "SETTING OPTIONS BY PROGRAM NAME" +.rs +.sp +If an Exim binary is called using one of the names listed in this section +(typically via a symbolic link), certain options are assumed. +.TP +\fBmailq\fR +Behave as if the option \fB\-bp\fP were present before any other options. +The \fB\-bp\fP option requests a listing of the contents of the mail queue +on the standard output. +.TP +\fBrsmtp\fR +Behaves as if the option \fB\-bS\fP were present before any other options, +for compatibility with Smail. The \fB\-bS\fP option is used for reading in a +number of messages in batched SMTP format. +.TP +\fBrmail\fR +Behave as if the \fB\-i\fP and \fB\-oee\fP options were present before +any other options, for compatibility with Smail. The name \fBrmail\fR is used +as an interface by some UUCP systems. The \fB\-i\fP option specifies that a +dot on a line by itself does not terminate a non\-SMTP message; \fB\-oee\fP +requests that errors detected in non\-SMTP messages be reported by emailing +the sender. +.TP +\fBrunq\fR +Behave as if the option \fB\-q\fP were present before any other options, for +compatibility with Smail. The \fB\-q\fP option causes a single queue runner +process to be started. It processes the queue once, then exits. +.TP +\fBnewaliases\fR +Behave as if the option \fB\-bi\fP were present before any other options, +for compatibility with Sendmail. This option is used for rebuilding Sendmail's +alias file. Exim does not have the concept of a single alias file, but can be +configured to run a specified command if called with the \fB\-bi\fP option. +. +.SH "OPTIONS" +.rs +.TP 10 +\fB\-\-\fP +This is a pseudo\-option whose only purpose is to terminate the options and +therefore to cause subsequent command line items to be treated as arguments +rather than options, even if they begin with hyphens. +.TP 10 +\fB\-\-help\fP +This option causes Exim to output a few sentences stating what it is. +The same output is generated if the Exim binary is called with no options and +no arguments. +.TP 10 +\fB\-\-version\fP +This option is an alias for \fB\-bV\fP and causes version information to be +displayed. +.TP 10 +\fB\-Ac\fP +\fB\-Am\fP +These options are used by Sendmail for selecting configuration files and are +ignored by Exim. +.TP 10 +\fB\-B\fP<\fItype\fP> +This is a Sendmail option for selecting 7 or 8 bit processing. Exim is 8\-bit +clean; it ignores this option. +.TP 10 +\fB\-bd\fP +This option runs Exim as a daemon, awaiting incoming SMTP connections. Usually +the \fB\-bd\fP option is combined with the \fB\-q\fP<\fItime\fP> option, to specify +that the daemon should also initiate periodic queue runs. +.sp +The \fB\-bd\fP option can be used only by an admin user. If either of the \fB\-d\fP +(debugging) or \fB\-v\fP (verifying) options are set, the daemon does not +disconnect from the controlling terminal. When running this way, it can be +stopped by pressing ctrl\-C. +.sp +By default, Exim listens for incoming connections to the standard SMTP port on +all the host's running interfaces. However, it is possible to listen on other +ports, on multiple ports, and only on specific interfaces. +.sp +When a listening daemon +is started without the use of \fB\-oX\fP (that is, without overriding the normal +configuration), it writes its process id to a file called exim\-daemon.pid +in Exim's spool directory. This location can be overridden by setting +PID_FILE_PATH in Local/Makefile. The file is written while Exim is still +running as root. +.sp +When \fB\-oX\fP is used on the command line to start a listening daemon, the +process id is not written to the normal pid file path. However, \fB\-oP\fP can be +used to specify a path on the command line if a pid file is required. +.sp +The SIGHUP signal +can be used to cause the daemon to re\-execute itself. This should be done +whenever Exim's configuration file, or any file that is incorporated into it by +means of the \fB.include\fP facility, is changed, and also whenever a new version +of Exim is installed. It is not necessary to do this when other files that are +referenced from the configuration (for example, alias files) are changed, +because these are reread each time they are used. +.TP 10 +\fB\-bdf\fP +This option has the same effect as \fB\-bd\fP except that it never disconnects +from the controlling terminal, even when no debugging is specified. +.TP 10 +\fB\-be\fP +Run Exim in expansion testing mode. Exim discards its root privilege, to +prevent ordinary users from using this mode to read otherwise inaccessible +files. If no arguments are given, Exim runs interactively, prompting for lines +of data. Otherwise, it processes each argument in turn. +.sp +If Exim was built with USE_READLINE=yes in Local/Makefile, it tries +to load the \fBlibreadline\fP library dynamically whenever the \fB\-be\fP option is +used without command line arguments. If successful, it uses the readline() +function, which provides extensive line\-editing facilities, for reading the +test data. A line history is supported. +.sp +Long expansion expressions can be split over several lines by using backslash +continuations. As in Exim's runtime configuration, white space at the start of +continuation lines is ignored. Each argument or data line is passed through the +string expansion mechanism, and the result is output. Variable values from the +configuration file (for example, \fI$qualify_domain\fP) are available, but no +message\-specific values (such as \fI$message_exim_id\fP) are set, because no message +is being processed (but see \fB\-bem\fP and \fB\-Mset\fP). +.sp +\fBNote\fP: If you use this mechanism to test lookups, and you change the data +files or databases you are using, you must exit and restart Exim before trying +the same lookup again. Otherwise, because each Exim process caches the results +of lookups, you will just get the same result as before. +.sp +Macro processing is done on lines before string\-expansion: new macros can be +defined and macros will be expanded. +Because macros in the config file are often used for secrets, those are only +available to admin users. +.TP 10 +\fB\-bem\fP <\fIfilename\fP> +This option operates like \fB\-be\fP except that it must be followed by the name +of a file. For example: +.sp + exim \-bem /tmp/testmessage +.sp +The file is read as a message (as if receiving a locally\-submitted non\-SMTP +message) before any of the test expansions are done. Thus, message\-specific +variables such as \fI$message_size\fP and \fI$header_from:\fP are available. However, +no \fIReceived:\fP header is added to the message. If the \fB\-t\fP option is set, +recipients are read from the headers in the normal way, and are shown in the +\fI$recipients\fP variable. Note that recipients cannot be given on the command +line, because further arguments are taken as strings to expand (just like +\fB\-be\fP). +.TP 10 +\fB\-bF\fP <\fIfilename\fP> +This option is the same as \fB\-bf\fP except that it assumes that the filter being +tested is a system filter. The additional commands that are available only in +system filters are recognized. +.TP 10 +\fB\-bf\fP <\fIfilename\fP> +This option runs Exim in user filter testing mode; the file is the filter file +to be tested, and a test message must be supplied on the standard input. If +there are no message\-dependent tests in the filter, an empty file can be +supplied. +.sp +If you want to test a system filter file, use \fB\-bF\fP instead of \fB\-bf\fP. You +can use both \fB\-bF\fP and \fB\-bf\fP on the same command, in order to test a system +filter and a user filter in the same run. For example: +.sp + exim \-bF /system/filter \-bf /user/filter +This sets the domain of the recipient address when a filter file is being +tested by means of the \fB\-bf\fP option. The default is the value of +\fI$qualify_domain\fP. +.TP 10 +\fB\-bfl\fP <\fIlocal part\fP> +This sets the local part of the recipient address when a filter file is being +tested by means of the \fB\-bf\fP option. The default is the username of the +process that calls Exim. A local part should be specified with any prefix or +suffix stripped, because that is how it appears to the filter when a message is +actually being delivered. +.TP 10 +\fB\-bfp\fP <\fIprefix\fP> +This sets the prefix of the local part of the recipient address when a filter +file is being tested by means of the \fB\-bf\fP option. The default is an empty +prefix. +.TP 10 +\fB\-bfs\fP <\fIsuffix\fP> +This sets the suffix of the local part of the recipient address when a filter +file is being tested by means of the \fB\-bf\fP option. The default is an empty +suffix. +.TP 10 +\fB\-bh\fP <\fIIP address\fP> +This option runs a fake SMTP session as if from the given IP address, using the +standard input and output. The IP address may include a port number at the end, +after a full stop. For example: +.sp + exim \-bh 10.9.8.7.1234 + exim \-bh fe80::a00:20ff:fe86:a061.5678 +.sp +When an IPv6 address is given, it is converted into canonical form. In the case +of the second example above, the value of \fI$sender_host_address\fP after +conversion to the canonical form is +fe80:0000:0000:0a00:20ff:fe86:a061.5678. +.sp +Comments as to what is going on are written to the standard error file. These +include lines beginning with "LOG" for anything that would have been logged. +This facility is provided for testing configuration options for incoming +messages, to make sure they implement the required policy. For example, you can +test your relay controls using \fB\-bh\fP. +.sp +\fBWarning 1\fP: +You can test features of the configuration that rely on ident (RFC 1413) +information by using the \fB\-oMt\fP option. However, Exim cannot actually perform +an ident callout when testing using \fB\-bh\fP because there is no incoming SMTP +connection. +.sp +\fBWarning 2\fP: Address verification callouts +are also skipped when testing using \fB\-bh\fP. If you want these callouts to +occur, use \fB\-bhc\fP instead. +.sp +Messages supplied during the testing session are discarded, and nothing is +written to any of the real log files. There may be pauses when DNS (and other) +lookups are taking place, and of course these may time out. The \fB\-oMi\fP option +can be used to specify a specific IP interface and port if this is important, +and \fB\-oMaa\fP and \fB\-oMai\fP can be used to set parameters as if the SMTP +session were authenticated. +.sp +The \fIexim_checkaccess\fP utility is a "packaged" version of \fB\-bh\fP whose +output just states whether a given recipient address from a given host is +acceptable or not. +.sp +Features such as authentication and encryption, where the client input is not +plain text, cannot easily be tested with \fB\-bh\fP. Instead, you should use a +specialized SMTP test program such as +\fBswaks\fP. +.TP 10 +\fB\-bhc\fP <\fIIP address\fP> +This option operates in the same way as \fB\-bh\fP, except that address +verification callouts are performed if required. This includes consulting and +updating the callout cache database. +.TP 10 +\fB\-bi\fP +Sendmail interprets the \fB\-bi\fP option as a request to rebuild its alias file. +Exim does not have the concept of a single alias file, and so it cannot mimic +this behaviour. However, calls to /usr/lib/sendmail with the \fB\-bi\fP option +tend to appear in various scripts such as NIS make files, so the option must be +recognized. +.sp +If \fB\-bi\fP is encountered, the command specified by the \fBbi_command\fP +configuration option is run, under the uid and gid of the caller of Exim. If +the \fB\-oA\fP option is used, its value is passed to the command as an argument. +The command set by \fBbi_command\fP may not contain arguments. The command can +use the \fIexim_dbmbuild\fP utility, or some other means, to rebuild alias files +if this is required. If the \fBbi_command\fP option is not set, calling Exim with +\fB\-bi\fP is a no\-op. +.TP 10 +\fB\-bI:help\fP +We shall provide various options starting \-bI: for querying Exim for +information. The output of many of these will be intended for machine +consumption. This one is not. The \fB\-bI:help\fP option asks Exim for a +synopsis of supported options beginning \-bI:. Use of any of these +options shall cause Exim to exit after producing the requested output. +.TP 10 +\fB\-bI:dscp\fP +This option causes Exim to emit an alphabetically sorted list of all +recognised DSCP names. +.TP 10 +\fB\-bI:sieve\fP +This option causes Exim to emit an alphabetically sorted list of all supported +Sieve protocol extensions on stdout, one per line. This is anticipated to be +useful for ManageSieve (RFC 5804) implementations, in providing that protocol's +SIEVE capability response line. As the precise list may depend upon +compile\-time build options, which this option will adapt to, this is the only +way to guarantee a correct response. +.TP 10 +\fB\-bm\fP +This option runs an Exim receiving process that accepts an incoming, +locally\-generated message on the standard input. The recipients are given as the +command arguments (except when \fB\-t\fP is also present \- see below). Each +argument can be a comma\-separated list of RFC 2822 addresses. This is the +default option for selecting the overall action of an Exim call; it is assumed +if no other conflicting option is present. +.sp +If any addresses in the message are unqualified (have no domain), they are +qualified by the values of the \fBqualify_domain\fP or \fBqualify_recipient\fP +options, as appropriate. The \fB\-bnq\fP option (see below) provides a way of +suppressing this for special cases. +.sp +Policy checks on the contents of local messages can be enforced by means of +the non\-SMTP ACL. +.sp +The return code is zero if the message is successfully accepted. Otherwise, the +action is controlled by the \fB\-oe\fP\fIx\fP option setting \- see below. +.sp +The format +of the message must be as defined in RFC 2822, except that, for +compatibility with Sendmail and Smail, a line in one of the forms +.sp + From sender Fri Jan 5 12:55 GMT 1997 + From sender Fri, 5 Jan 97 12:55:01 +.sp +(with the weekday optional, and possibly with additional text after the date) +is permitted to appear at the start of the message. There appears to be no +authoritative specification of the format of this line. Exim recognizes it by +matching against the regular expression defined by the \fBuucp_from_pattern\fP +option, which can be changed if necessary. +.sp +The specified sender is treated as if it were given as the argument to the +\fB\-f\fP option, but if a \fB\-f\fP option is also present, its argument is used in +preference to the address taken from the message. The caller of Exim must be a +trusted user for the sender of a message to be set in this way. +.TP 10 +\fB\-bmalware\fP <\fIfilename\fP> +This debugging option causes Exim to scan the given file or directory +(depending on the used scanner interface), +using the malware scanning framework. The option of \fBav_scanner\fP influences +this option, so if \fBav_scanner\fP's value is dependent upon an expansion then +the expansion should have defaults which apply to this invocation. ACLs are +not invoked, so if \fBav_scanner\fP references an ACL variable then that variable +will never be populated and \fB\-bmalware\fP will fail. +.sp +Exim will have changed working directory before resolving the filename, so +using fully qualified pathnames is advisable. Exim will be running as the Exim +user when it tries to open the file, rather than as the invoking user. +This option requires admin privileges. +.sp +The \fB\-bmalware\fP option will not be extended to be more generally useful, +there are better tools for file\-scanning. This option exists to help +administrators verify their Exim and AV scanner configuration. +.TP 10 +\fB\-bnq\fP +By default, Exim automatically qualifies unqualified addresses (those +without domains) that appear in messages that are submitted locally (that +is, not over TCP/IP). This qualification applies both to addresses in +envelopes, and addresses in header lines. Sender addresses are qualified using +\fBqualify_domain\fP, and recipient addresses using \fBqualify_recipient\fP (which +defaults to the value of \fBqualify_domain\fP). +.sp +Sometimes, qualification is not wanted. For example, if \fB\-bS\fP (batch SMTP) is +being used to re\-submit messages that originally came from remote hosts after +content scanning, you probably do not want to qualify unqualified addresses in +header lines. (Such lines will be present only if you have not enabled a header +syntax check in the appropriate ACL.) +.sp +The \fB\-bnq\fP option suppresses all qualification of unqualified addresses in +messages that originate on the local host. When this is used, unqualified +addresses in the envelope provoke errors (causing message rejection) and +unqualified addresses in header lines are left alone. +.TP 10 +\fB\-bP\fP +If this option is given with no arguments, it causes the values of all Exim's +main configuration options to be written to the standard output. The values +of one or more specific options can be requested by giving their names as +arguments, for example: +.sp + exim \-bP qualify_domain hold_domains +.sp +However, any option setting that is preceded by the word "hide" in the +configuration file is not shown in full, except to an admin user. For other +users, the output is as in this example: +.sp + mysql_servers = +.sp +If \fBconfig\fP is given as an argument, the config is +output, as it was parsed, any include file resolved, any comment removed. +.sp +If \fBconfig_file\fP is given as an argument, the name of the runtime +configuration file is output. (\fBconfigure_file\fP works too, for +backward compatibility.) +If a list of configuration files was supplied, the value that is output here +is the name of the file that was actually used. +.sp +If the \fB\-n\fP flag is given, then for most modes of \fB\-bP\fP operation the +name will not be output. +.sp +If \fBlog_file_path\fP or \fBpid_file_path\fP are given, the names of the +directories where log files and daemon pid files are written are output, +respectively. If these values are unset, log files are written in a +sub\-directory of the spool directory called \fBlog\fP, and the pid file is +written directly into the spool directory. +.sp +If \fB\-bP\fP is followed by a name preceded by +, for example, +.sp + exim \-bP +local_domains +.sp +it searches for a matching named list of any type (domain, host, address, or +local part) and outputs what it finds. +.sp +If one of the words \fBrouter\fP, \fBtransport\fP, or \fBauthenticator\fP is given, +followed by the name of an appropriate driver instance, the option settings for +that driver are output. For example: +.sp + exim \-bP transport local_delivery +.sp +The generic driver options are output first, followed by the driver's private +options. A list of the names of drivers of a particular type can be obtained by +using one of the words \fBrouter_list\fP, \fBtransport_list\fP, or +\fBauthenticator_list\fP, and a complete list of all drivers with their option +settings can be obtained by using \fBrouters\fP, \fBtransports\fP, or +\fBauthenticators\fP. +.sp +If \fBenvironment\fP is given as an argument, the set of environment +variables is output, line by line. Using the \fB\-n\fP flag suppresses the value of the +variables. +.sp +If invoked by an admin user, then \fBmacro\fP, \fBmacro_list\fP and \fBmacros\fP +are available, similarly to the drivers. Because macros are sometimes used +for storing passwords, this option is restricted. +The output format is one item per line. +For the "\-bP macro " form, if no such macro is found +the exit status will be nonzero. +.TP 10 +\fB\-bp\fP +This option requests a listing of the contents of the mail queue on the +standard output. If the \fB\-bp\fP option is followed by a list of message ids, +just those messages are listed. By default, this option can be used only by an +admin user. However, the \fBqueue_list_requires_admin\fP option can be set false +to allow any user to see the queue. +.sp +Each message in the queue is displayed as in the following example: +.sp + 25m 2.9K 0t5C6f\-0000c8\-00 + red.king@looking\-glass.fict.example + +.sp +The first line contains the length of time the message has been in the queue +(in this case 25 minutes), the size of the message (2.9K), the unique local +identifier for the message, and the message sender, as contained in the +envelope. For bounce messages, the sender address is empty, and appears as +"<>". If the message was submitted locally by an untrusted user who overrode +the default sender address, the user's login name is shown in parentheses +before the sender address. +.sp +If the message is frozen (attempts to deliver it are suspended) then the text +"*** frozen ***" is displayed at the end of this line. +.sp +The recipients of the message (taken from the envelope, not the headers) are +displayed on subsequent lines. Those addresses to which the message has already +been delivered are marked with the letter D. If an original address gets +expanded into several addresses via an alias or forward file, the original is +displayed with a D only when deliveries for all of its child addresses are +complete. +.TP 10 +\fB\-bpa\fP +This option operates like \fB\-bp\fP, but in addition it shows delivered addresses +that were generated from the original top level address(es) in each message by +alias or forwarding operations. These addresses are flagged with "+D" instead +of just "D". +.TP 10 +\fB\-bpc\fP +This option counts the number of messages in the queue, and writes the total +to the standard output. It is restricted to admin users, unless +\fBqueue_list_requires_admin\fP is set false. +.TP 10 +\fB\-bpr\fP +This option operates like \fB\-bp\fP, but the output is not sorted into +chronological order of message arrival. This can speed it up when there are +lots of messages in the queue, and is particularly useful if the output is +going to be post\-processed in a way that doesn't need the sorting. +.TP 10 +\fB\-bpra\fP +This option is a combination of \fB\-bpr\fP and \fB\-bpa\fP. +.TP 10 +\fB\-bpru\fP +This option is a combination of \fB\-bpr\fP and \fB\-bpu\fP. +.TP 10 +\fB\-bpu\fP +This option operates like \fB\-bp\fP but shows only undelivered top\-level +addresses for each message displayed. Addresses generated by aliasing or +forwarding are not shown, unless the message was deferred after processing by a +router with the \fBone_time\fP option set. +.TP 10 +\fB\-brt\fP +This option is for testing retry rules, and it must be followed by up to three +arguments. It causes Exim to look for a retry rule that matches the values +and to write it to the standard output. For example: +.sp + exim \-brt bach.comp.mus.example + Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m; +.sp + The first +argument, which is required, can be a complete address in the form +\fIlocal_part@domain\fP, or it can be just a domain name. If the second argument +contains a dot, it is interpreted as an optional second domain name; if no +retry rule is found for the first argument, the second is tried. This ties in +with Exim's behaviour when looking for retry rules for remote hosts \- if no +rule is found that matches the host, one that matches the mail domain is +sought. Finally, an argument that is the name of a specific delivery error, as +used in setting up retry rules, can be given. For example: +.sp + exim \-brt haydn.comp.mus.example quota_3d + Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m +.TP 10 +\fB\-brw\fP +This option is for testing address rewriting rules, and it must be followed by +a single argument, consisting of either a local part without a domain, or a +complete address with a fully qualified domain. Exim outputs how this address +would be rewritten for each possible place it might appear. +.TP 10 +\fB\-bS\fP +This option is used for batched SMTP input, which is an alternative interface +for non\-interactive local message submission. A number of messages can be +submitted in a single run. However, despite its name, this is not really SMTP +input. Exim reads each message's envelope from SMTP commands on the standard +input, but generates no responses. If the caller is trusted, or +\fBuntrusted_set_sender\fP is set, the senders in the SMTP MAIL commands are +believed; otherwise the sender is always the caller of Exim. +.sp +The message itself is read from the standard input, in SMTP format (leading +dots doubled), terminated by a line containing just a single dot. An error is +provoked if the terminating dot is missing. A further message may then follow. +.sp +As for other local message submissions, the contents of incoming batch SMTP +messages can be checked using the non\-SMTP ACL. +Unqualified addresses are automatically qualified using \fBqualify_domain\fP and +\fBqualify_recipient\fP, as appropriate, unless the \fB\-bnq\fP option is used. +.sp +Some other SMTP commands are recognized in the input. HELO and EHLO act +as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP; +QUIT quits, ignoring the rest of the standard input. +.sp +If any error is encountered, reports are written to the standard output and +error streams, and Exim gives up immediately. The return code is 0 if no error +was detected; it is 1 if one or more messages were accepted before the error +was detected; otherwise it is 2. +.sp +.TP 10 +\fB\-bs\fP +This option causes Exim to accept one or more messages by reading SMTP commands +on the standard input, and producing SMTP replies on the standard output. SMTP +policy controls, as defined in ACLs are applied. +Some user agents use this interface as a way of passing locally\-generated +messages to the MTA. +.sp +In +this usage, if the caller of Exim is trusted, or \fBuntrusted_set_sender\fP is +set, the senders of messages are taken from the SMTP MAIL commands. +Otherwise the content of these commands is ignored and the sender is set up as +the calling user. Unqualified addresses are automatically qualified using +\fBqualify_domain\fP and \fBqualify_recipient\fP, as appropriate, unless the +\fB\-bnq\fP option is used. +.sp +The +\fB\-bs\fP option is also used to run Exim from \fIinetd\fP, as an alternative to +using a listening daemon. Exim can distinguish the two cases by checking +whether the standard input is a TCP/IP socket. When Exim is called from +\fIinetd\fP, the source of the mail is assumed to be remote, and the comments +above concerning senders and qualification do not apply. In this situation, +Exim behaves in exactly the same way as it does when receiving a message via +the listening daemon. +.TP 10 +\fB\-bt\fP +This option runs Exim in address testing mode, in which each argument is taken +as a recipient address to be tested for deliverability. The results are +written to the standard output. If a test fails, and the caller is not an admin +user, no details of the failure are output, because these might contain +sensitive information such as usernames and passwords for database lookups. +.sp +If no arguments are given, Exim runs in an interactive manner, prompting with a +right angle bracket for addresses to be tested. +.sp +Unlike the \fB\-be\fP test option, you cannot arrange for Exim to use the +readline() function, because it is running as \fIroot\fP and there are +security issues. +.sp +Each address is handled as if it were the recipient address of a message +(compare the \fB\-bv\fP option). It is passed to the routers and the result is +written to the standard output. However, any router that has +\fBno_address_test\fP set is bypassed. This can make \fB\-bt\fP easier to use for +genuine routing tests if your first router passes everything to a scanner +program. +.sp +The return code is 2 if any address failed outright; it is 1 if no address +failed outright but at least one could not be resolved for some reason. Return +code 0 is given only when all addresses succeed. +.sp +\fBNote\fP: When actually delivering a message, Exim removes duplicate recipient +addresses after routing is complete, so that only one delivery takes place. +This does not happen when testing with \fB\-bt\fP; the full results of routing are +always shown. +.sp +\fBWarning\fP: \fB\-bt\fP can only do relatively simple testing. If any of the +routers in the configuration makes any tests on the sender address of a +message, +you can use the \fB\-f\fP option to set an appropriate sender when running +\fB\-bt\fP tests. Without it, the sender is assumed to be the calling user at the +default qualifying domain. However, if you have set up (for example) routers +whose behaviour depends on the contents of an incoming message, you cannot test +those conditions using \fB\-bt\fP. The \fB\-N\fP option provides a possible way of +doing such tests. +.TP 10 +\fB\-bV\fP +This option causes Exim to write the current version number, compilation +number, and compilation date of the \fIexim\fP binary to the standard output. +It also lists the DBM library that is being used, the optional modules (such as +specific lookup types), the drivers that are included in the binary, and the +name of the runtime configuration file that is in use. +.sp +As part of its operation, \fB\-bV\fP causes Exim to read and syntax check its +configuration file. However, this is a static check only. It cannot check +values that are to be expanded. For example, although a misspelt ACL verb is +detected, an error in the verb's arguments is not. You cannot rely on \fB\-bV\fP +alone to discover (for example) all the typos in the configuration; some +realistic testing is needed. The \fB\-bh\fP and \fB\-N\fP options provide more +dynamic testing facilities. +.TP 10 +\fB\-bv\fP +This option runs Exim in address verification mode, in which each argument is +taken as a recipient address to be verified by the routers. (This does +not involve any verification callouts). During normal operation, verification +happens mostly as a consequence processing a \fBverify\fP condition in an ACL. If you want to test an entire ACL, possibly +including callouts, see the \fB\-bh\fP and \fB\-bhc\fP options. +.sp +If verification fails, and the caller is not an admin user, no details of the +failure are output, because these might contain sensitive information such as +usernames and passwords for database lookups. +.sp +If no arguments are given, Exim runs in an interactive manner, prompting with a +right angle bracket for addresses to be verified. +.sp +Unlike the \fB\-be\fP test option, you cannot arrange for Exim to use the +readline() function, because it is running as \fIexim\fP and there are +security issues. +.sp +Verification differs from address testing (the \fB\-bt\fP option) in that routers +that have \fBno_verify\fP set are skipped, and if the address is accepted by a +router that has \fBfail_verify\fP set, verification fails. The address is +verified as a recipient if \fB\-bv\fP is used; to test verification for a sender +address, \fB\-bvs\fP should be used. +.sp +If the \fB\-v\fP option is not set, the output consists of a single line for each +address, stating whether it was verified or not, and giving a reason in the +latter case. Without \fB\-v\fP, generating more than one address by redirection +causes verification to end successfully, without considering the generated +addresses. However, if just one address is generated, processing continues, +and the generated address must verify successfully for the overall verification +to succeed. +.sp +When \fB\-v\fP is set, more details are given of how the address has been handled, +and in the case of address redirection, all the generated addresses are also +considered. Verification may succeed for some and fail for others. +.sp +The +return code is 2 if any address failed outright; it is 1 if no address +failed outright but at least one could not be resolved for some reason. Return +code 0 is given only when all addresses succeed. +.sp +If any of the routers in the configuration makes any tests on the sender +address of a message, you should use the \fB\-f\fP option to set an appropriate +sender when running \fB\-bv\fP tests. Without it, the sender is assumed to be the +calling user at the default qualifying domain. +.TP 10 +\fB\-bvs\fP +This option acts like \fB\-bv\fP, but verifies the address as a sender rather +than a recipient address. This affects any rewriting and qualification that +might happen. +.TP 10 +\fB\-bw\fP +This option runs Exim as a daemon, awaiting incoming SMTP connections, +similarly to the \fB\-bd\fP option. All port specifications on the command\-line +and in the configuration file are ignored. Queue\-running may not be specified. +.sp +In this mode, Exim expects to be passed a socket as fd 0 (stdin) which is +listening for connections. This permits the system to start up and have +inetd (or equivalent) listen on the SMTP ports, starting an Exim daemon for +each port only when the first connection is received. +.sp +If the option is given as \fB\-bw\fP<\fItime\fP> then the time is a timeout, after +which the daemon will exit, which should cause inetd to listen once more. +.TP 10 +\fB\-C\fP <\fIfilelist\fP> +This option causes Exim to find the runtime configuration file from the given +list instead of from the list specified by the CONFIGURE_FILE +compile\-time setting. Usually, the list will consist of just a single filename, +but it can be a colon\-separated list of names. In this case, the first +file that exists is used. Failure to open an existing file stops Exim from +proceeding any further along the list, and an error is generated. +.sp +When this option is used by a caller other than root, and the list is different +from the compiled\-in list, Exim gives up its root privilege immediately, and +runs with the real and effective uid and gid set to those of the caller. +However, if a TRUSTED_CONFIG_LIST file is defined in Local/Makefile, that +file contains a list of full pathnames, one per line, for configuration files +which are trusted. Root privilege is retained for any configuration file so +listed, as long as the caller is the Exim user (or the user specified in the +CONFIGURE_OWNER option, if any), and as long as the configuration file is +not writeable by inappropriate users or groups. +.sp +Leaving TRUSTED_CONFIG_LIST unset precludes the possibility of testing a +configuration using \fB\-C\fP right through message reception and delivery, +even if the caller is root. The reception works, but by that time, Exim is +running as the Exim user, so when it re\-executes to regain privilege for the +delivery, the use of \fB\-C\fP causes privilege to be lost. However, root can +test reception and delivery using two separate commands (one to put a message +in the queue, using \fB\-odq\fP, and another to do the delivery, using \fB\-M\fP). +.sp +If ALT_CONFIG_PREFIX is defined in Local/Makefile, it specifies a +prefix string with which any file named in a \fB\-C\fP command line option +must start. In addition, the filename must not contain the sequence /../. +However, if the value of the \fB\-C\fP option is identical to the value of +CONFIGURE_FILE in Local/Makefile, Exim ignores \fB\-C\fP and proceeds as +usual. There is no default setting for ALT_CONFIG_PREFIX; when it is +unset, any filename can be used with \fB\-C\fP. +.sp +ALT_CONFIG_PREFIX can be used to confine alternative configuration files +to a directory to which only root has access. This prevents someone who has +broken into the Exim account from running a privileged Exim with an arbitrary +configuration file. +.sp +The \fB\-C\fP facility is useful for ensuring that configuration files are +syntactically correct, but cannot be used for test deliveries, unless the +caller is privileged, or unless it is an exotic configuration that does not +require privilege. No check is made on the owner or group of the files +specified by this option. +.TP 10 +\fB\-D\fP<\fImacro\fP>=<\fIvalue\fP> +This option can be used to override macro definitions in the configuration file. However, like \fB\-C\fP, if it is used by an +unprivileged caller, it causes Exim to give up its root privilege. +If DISABLE_D_OPTION is defined in Local/Makefile, the use of \fB\-D\fP is +completely disabled, and its use causes an immediate error exit. +.sp +If WHITELIST_D_MACROS is defined in Local/Makefile then it should be a +colon\-separated list of macros which are considered safe and, if \fB\-D\fP only +supplies macros from this list, and the values are acceptable, then Exim will +not give up root privilege if the caller is root, the Exim run\-time user, or +the CONFIGURE_OWNER, if set. This is a transition mechanism and is expected +to be removed in the future. Acceptable values for the macros satisfy the +regexp: ^[A\-Za\-z0\-9_/.\-]*$ +.sp +The entire option (including equals sign if present) must all be within one +command line item. \fB\-D\fP can be used to set the value of a macro to the empty +string, in which case the equals sign is optional. These two commands are +synonymous: +.sp + exim \-DABC ... + exim \-DABC= ... +.sp +To include spaces in a macro definition item, quotes must be used. If you use +quotes, spaces are permitted around the macro name and the equals sign. For +example: +.sp + exim '\-D ABC = something' ... +.sp +\fB\-D\fP may be repeated up to 10 times on a command line. +Only macro names up to 22 letters long can be set. +.TP 10 +\fB\-d\fP<\fIdebug options\fP> +This option causes debugging information to be written to the standard +error stream. It is restricted to admin users because debugging output may show +database queries that contain password information. Also, the details of users' +filter files should be protected. If a non\-admin user uses \fB\-d\fP, Exim +writes an error message to the standard error stream and exits with a non\-zero +return code. +.sp +When \fB\-d\fP is used, \fB\-v\fP is assumed. If \fB\-d\fP is given on its own, a lot of +standard debugging data is output. This can be reduced, or increased to include +some more rarely needed information, by directly following \fB\-d\fP with a string +made up of names preceded by plus or minus characters. These add or remove sets +of debugging data, respectively. For example, \fB\-d+filter\fP adds filter +debugging, whereas \fB\-d\-all+filter\fP selects only filter debugging. Note that +no spaces are allowed in the debug setting. The available debugging categories +are: + acl +ACL interpretation + auth +authenticators + deliver +general delivery logic + dns +DNS lookups (see also resolver) + dnsbl +DNS black list (aka RBL) code + exec +arguments for execv() calls + expand +detailed debugging for string expansions + filter +filter handling + hints_lookup +hints data lookups + host_lookup +all types of name\-to\-IP address handling + ident +ident lookup + interface +lists of local interfaces + lists +matching things in lists + load +system load checks + local_scan +can be used by local_scan() + lookup +general lookup code and all lookups + memory +memory handling + noutf8 +modifier: avoid UTF\-8 line\-drawing + pid +modifier: add pid to debug output lines + process_info +setting info for the process log + queue_run +queue runs + receive +general message reception logic + resolver +turn on the DNS resolver's debugging output + retry +retry handling + rewrite +address rewriting" + route +address routing + timestamp +modifier: add timestamp to debug output lines + tls +TLS logic + transport +transports + uid +changes of uid/gid and looking up uid/gid + verify +address verification logic + all +almost all of the above (see below), and also \fB\-v\fP +.sp +The all option excludes memory when used as +all, but includes it +for \-all. The reason for this is that +all is something that people +tend to use when generating debug output for Exim maintainers. If +memory +is included, an awful lot of output that is very rarely of interest is +generated, so it now has to be explicitly requested. However, \-all does +turn everything off. +.sp +The resolver option produces output only if the DNS resolver was compiled +with DEBUG enabled. This is not the case in some operating systems. Also, +unfortunately, debugging output from the DNS resolver is written to stdout +rather than stderr. +.sp +The default (\fB\-d\fP with no argument) omits expand, filter, +interface, load, memory, pid, resolver, and timestamp. +However, the pid selector is forced when debugging is turned on for a +daemon, which then passes it on to any re\-executed Exims. Exim also +automatically adds the pid to debug lines when several remote deliveries are +run in parallel. +.sp +The timestamp selector causes the current time to be inserted at the start +of all debug output lines. This can be useful when trying to track down delays +in processing. +.sp +The noutf8 selector disables the use of +UTF\-8 line\-drawing characters to group related information. +When disabled. ascii\-art is used instead. +Using the +all option does not set this modifier, +.sp +If the \fBdebug_print\fP option is set in any driver, it produces output whenever +any debugging is selected, or if \fB\-v\fP is used. +.TP 10 +\fB\-dd\fP<\fIdebug options\fP> +This option behaves exactly like \fB\-d\fP except when used on a command that +starts a daemon process. In that case, debugging is turned off for the +subprocesses that the daemon creates. Thus, it is useful for monitoring the +behaviour of the daemon without creating as much output as full debugging does. +.TP 10 +\fB\-dropcr\fP +This is an obsolete option that is now a no\-op. It used to affect the way Exim +handled CR and LF characters in incoming messages. +.TP 10 +\fB\-E\fP +This option specifies that an incoming message is a locally\-generated delivery +failure report. It is used internally by Exim when handling delivery failures +and is not intended for external use. Its only effect is to stop Exim +generating certain messages to the postmaster, as otherwise message cascades +could occur in some situations. As part of the same option, a message id may +follow the characters \fB\-E\fP. If it does, the log entry for the receipt of the +new message contains the id, following "R=", as a cross\-reference. +.TP 10 +\fB\-e\fP\fIx\fP +There are a number of Sendmail options starting with \fB\-oe\fP which seem to be +called by various programs without the leading \fBo\fP in the option. For +example, the \fBvacation\fP program uses \fB\-eq\fP. Exim treats all options of the +form \fB\-e\fP\fIx\fP as synonymous with the corresponding \fB\-oe\fP\fIx\fP options. +.TP 10 +\fB\-F\fP <\fIstring\fP> +This option sets the sender's full name for use when a locally\-generated +message is being accepted. In the absence of this option, the user's \fIgecos\fP +entry from the password data is used. As users are generally permitted to alter +their \fIgecos\fP entries, no security considerations are involved. White space +between \fB\-F\fP and the <\fIstring\fP> is optional. +.TP 10 +\fB\-f\fP <\fIaddress\fP> +This option sets the address of the envelope sender of a locally\-generated +message (also known as the return path). The option can normally be used only +by a trusted user, but \fBuntrusted_set_sender\fP can be set to allow untrusted +users to use it. +.sp +Processes running as root or the Exim user are always trusted. Other +trusted users are defined by the \fBtrusted_users\fP or \fBtrusted_groups\fP +options. In the absence of \fB\-f\fP, or if the caller is not trusted, the sender +of a local message is set to the caller's login name at the default qualify +domain. +.sp +There is one exception to the restriction on the use of \fB\-f\fP: an empty sender +can be specified by any user, trusted or not, to create a message that can +never provoke a bounce. An empty sender can be specified either as an empty +string, or as a pair of angle brackets with nothing between them, as in these +examples of shell commands: +.sp + exim \-f '<>' user@domain + exim \-f "" user@domain +.sp +In addition, the use of \fB\-f\fP is not restricted when testing a filter file +with \fB\-bf\fP or when testing or verifying addresses using the \fB\-bt\fP or +\fB\-bv\fP options. +.sp +Allowing untrusted users to change the sender address does not of itself make +it possible to send anonymous mail. Exim still checks that the \fIFrom:\fP header +refers to the local user, and if it does not, it adds a \fISender:\fP header, +though this can be overridden by setting \fBno_local_from_check\fP. +.sp +White +space between \fB\-f\fP and the <\fIaddress\fP> is optional (that is, they can be +given as two arguments or one combined argument). The sender of a +locally\-generated message can also be set (when permitted) by an initial +"From " line in the message \- see the description of \fB\-bm\fP above \- but +if \fB\-f\fP is also present, it overrides "From ". +.TP 10 +\fB\-G\fP +This option is equivalent to an ACL applying: +.sp + control = suppress_local_fixups +.sp +for every message received. Note that Sendmail will complain about such +bad formatting, where Exim silently just does not fix it up. This may change +in future. +.sp +As this affects audit information, the caller must be a trusted user to use +this option. +.TP 10 +\fB\-h\fP <\fInumber\fP> +This option is accepted for compatibility with Sendmail, but has no effect. (In +Sendmail it overrides the "hop count" obtained by counting \fIReceived:\fP +headers.) +.TP 10 +\fB\-i\fP +This option, which has the same effect as \fB\-oi\fP, specifies that a dot on a +line by itself should not terminate an incoming, non\-SMTP message. +Solaris 2.4 (SunOS 5.4) Sendmail has a similar \fB\-i\fP processing option +\fBhttps://docs.oracle.com/cd/E19457\-01/801\-6680\-1M/801\-6680\-1M.pdf\fP, +p. 1M\-529), and therefore a \fB\-oi\fP command line option, which both are used +by its \fImailx\fP command. +.TP 10 +\fB\-L\fP <\fItag\fP> +This option is equivalent to setting \fBsyslog_processname\fP in the config +file and setting \fBlog_file_path\fP to syslog. +Its use is restricted to administrators. The configuration file has to be +read and parsed, to determine access rights, before this is set and takes +effect, so early configuration file errors will not honour this flag. +.sp +The tag should not be longer than 32 characters. +.TP 10 +\fB\-M\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to run a delivery attempt on each message in turn. If +any of the messages are frozen, they are automatically thawed before the +delivery attempt. The settings of \fBqueue_domains\fP, \fBqueue_smtp_domains\fP, +and \fBhold_domains\fP are ignored. +.sp +Retry +hints for any of the addresses are overridden \- Exim tries to deliver even if +the normal retry time has not yet been reached. This option requires the caller +to be an admin user. However, there is an option called \fBprod_requires_admin\fP +which can be set false to relax this restriction (and also the same requirement +for the \fB\-q\fP, \fB\-R\fP, and \fB\-S\fP options). +.sp +The deliveries happen synchronously, that is, the original Exim process does +not terminate until all the delivery attempts have finished. No output is +produced unless there is a serious error. If you want to see what is happening, +use the \fB\-v\fP option as well, or inspect Exim's main log. +.TP 10 +\fB\-Mar\fP <\fImessage id\fP> <\fIaddress\fP> <\fIaddress\fP> ... +This option requests Exim to add the addresses to the list of recipients of the +message ("ar" for "add recipients"). The first argument must be a message +id, and the remaining ones must be email addresses. However, if the message is +active (in the middle of a delivery attempt), it is not altered. This option +can be used only by an admin user. +.TP 10 +\fB\-MC\fP <\fItransport\fP> <\fIhostname\fP> <\fIhost IP\fP> <\fIsequence number\fP> <\fImessage id\fP> +This option is not intended for use by external callers. It is used internally +by Exim to invoke another instance of itself to deliver a waiting message using +an existing SMTP connection, which is passed as the standard input. This must be the final option, and the caller +must be root or the Exim user in order to use it. +.TP 10 +\fB\-MCA\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that the +connection to the remote host has been authenticated. +.TP 10 +\fB\-MCD\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that the +remote host supports the ESMTP DSN extension. +.TP 10 +\fB\-MCd\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-d\fP option +to pass on an information string on the purpose of the process. +.TP 10 +\fB\-MCG\fP <\fIqueue name\fP> +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that an +alternate queue is used, named by the following argument. +.TP 10 +\fB\-MCK\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that a +remote host supports the ESMTP CHUNKING extension. +.TP 10 +\fB\-MCL\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that the server to +which Exim is connected advertised limits on numbers of mails, recipients or +recipient domains. +The limits are given by the following three arguments. +.TP 10 +\fB\-MCP\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that the server to +which Exim is connected supports pipelining. +.TP 10 +\fB\-MCp\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option. It signifies that the connection +t a remote server is via a SOCKS proxy, using addresses and ports given by +the following four arguments. +.TP 10 +\fB\-MCQ\fP <\fIprocess id\fP> <\fIpipe fd\fP> +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option when the original delivery was +started by a queue runner. It passes on the process id of the queue runner, +together with the file descriptor number of an open pipe. Closure of the pipe +signals the final completion of the sequence of processes that are passing +messages through the same SMTP connection. +.TP 10 +\fB\-MCq\fP <\fIrecipient address\fP> <\fIsize\fP> +This option is not intended for use by external callers. It is used internally +by Exim to implement quota checking for local users. +.TP 10 +\fB\-MCS\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option, and passes on the fact that the +ESMTP SIZE option should be used on messages delivered down the existing +connection. +.TP 10 +\fB\-MCT\fP +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option, and passes on the fact that the +host to which Exim is connected supports TLS encryption. +.TP 10 +\fB\-MCr\fP <\fISNI\fP> +\fB\-MCs\fP <\fISNI\fP> +These options are not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MCt\fP option, and passes on the fact that +a TLS Server Name Indication was sent as part of the channel establishment. +The argument gives the SNI string. +The "r" variant indicates a DANE\-verified connection. +.TP 10 +\fB\-MCt\fP <\fIIP address\fP> <\fIport\fP> <\fIcipher\fP> +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the \fB\-MC\fP option, and passes on the fact that the +connection is being proxied by a parent process for handling TLS encryption. +The arguments give the local address and port being proxied, and the TLS cipher. +.TP 10 +\fB\-Mc\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to run a delivery attempt on each message, in turn, +but unlike the \fB\-M\fP option, it does check for retry hints, and respects any +that are found. This option is not very useful to external callers. It is +provided mainly for internal use by Exim when it needs to re\-invoke itself in +order to regain root privilege for a delivery. +However, \fB\-Mc\fP can be useful when testing, in order to run a delivery that +respects retry times and other options such as \fBhold_domains\fP that are +overridden when \fB\-M\fP is used. Such a delivery does not count as a queue run. +If you want to run a specific delivery as if in a queue run, you should use +\fB\-q\fP with a message id argument. A distinction between queue run deliveries +and other deliveries is made in one or two places. +.TP 10 +\fB\-Mes\fP <\fImessage id\fP> <\fIaddress\fP> +This option requests Exim to change the sender address in the message to the +given address, which must be a fully qualified address or "<>" ("es" for +"edit sender"). There must be exactly two arguments. The first argument must +be a message id, and the second one an email address. However, if the message +is active (in the middle of a delivery attempt), its status is not altered. +This option can be used only by an admin user. +.TP 10 +\fB\-Mf\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to mark each listed message as "frozen". This +prevents any delivery attempts taking place until the message is "thawed", +either manually or as a result of the \fBauto_thaw\fP configuration option. +However, if any of the messages are active (in the middle of a delivery +attempt), their status is not altered. This option can be used only by an admin +user. +.TP 10 +\fB\-Mg\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to give up trying to deliver the listed messages, +including any that are frozen. However, if any of the messages are active, +their status is not altered. For non\-bounce messages, a delivery error message +is sent to the sender, containing the text "cancelled by administrator". +Bounce messages are just discarded. This option can be used only by an admin +user. +.TP 10 +\fB\-MG\fP <\fIqueue name\fP> <\fImessage id\fP> <\fImessage id\fP> ... +This option requests that each listed message be moved from its current +queue to the given named queue. +The destination queue name argument is required, but can be an empty +string to define the default queue. +If the messages are not currently located in the default queue, +a \fB\-qG\fP option will be required to define the source queue. +.TP 10 +\fB\-Mmad\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to mark all the recipient addresses in the messages +as already delivered ("mad" for "mark all delivered"). However, if any +message is active (in the middle of a delivery attempt), its status is not +altered. This option can be used only by an admin user. +.TP 10 +\fB\-Mmd\fP <\fImessage id\fP> <\fIaddress\fP> <\fIaddress\fP> ... +This option requests Exim to mark the given addresses as already delivered +("md" for "mark delivered"). The first argument must be a message id, and +the remaining ones must be email addresses. These are matched to recipient +addresses in the message in a case\-sensitive manner. If the message is active +(in the middle of a delivery attempt), its status is not altered. This option +can be used only by an admin user. +.TP 10 +\fB\-Mrm\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to remove the given messages from the queue. No +bounce messages are sent; each message is simply forgotten. However, if any of +the messages are active, their status is not altered. This option can be used +only by an admin user or by the user who originally caused the message to be +placed in the queue. +.TP 10 +\fB\-Mset\fP <\fImessage id\fP> +This option is useful only in conjunction with \fB\-be\fP (that is, when testing +string expansions). Exim loads the given message from its spool before doing +the test expansions, thus setting message\-specific variables such as +\fI$message_size\fP and the header variables. The \fI$recipients\fP variable is made +available. This feature is provided to make it easier to test expansions that +make use of these variables. However, this option can be used only by an admin +user. See also \fB\-bem\fP. +.TP 10 +\fB\-Mt\fP <\fImessage id\fP> <\fImessage id\fP> ... +This option requests Exim to "thaw" any of the listed messages that are +"frozen", so that delivery attempts can resume. However, if any of the +messages are active, their status is not altered. This option can be used only +by an admin user. +.TP 10 +\fB\-Mvb\fP <\fImessage id\fP> +This option causes the contents of the message body (\-D) spool file to be +written to the standard output. This option can be used only by an admin user. +.TP 10 +\fB\-Mvc\fP <\fImessage id\fP> +This option causes a copy of the complete message (header lines plus body) to +be written to the standard output in RFC 2822 format. This option can be used +only by an admin user. +.TP 10 +\fB\-Mvh\fP <\fImessage id\fP> +This option causes the contents of the message headers (\-H) spool file to be +written to the standard output. This option can be used only by an admin user. +.TP 10 +\fB\-Mvl\fP <\fImessage id\fP> +This option causes the contents of the message log spool file to be written to +the standard output. This option can be used only by an admin user. +.TP 10 +\fB\-m\fP +This is a synonym for \fB\-om\fP that is accepted by Sendmail +(\fBhttps://docs.oracle.com/cd/E19457\-01/801\-6680\-1M/801\-6680\-1M.pdf\fP +p. 1M\-258), so Exim treats it that way too. +.TP 10 +\fB\-N\fP +This is a debugging option that inhibits delivery of a message at the transport +level. It implies \fB\-v\fP. Exim goes through many of the motions of delivery \- +it just doesn't actually transport the message, but instead behaves as if it +had successfully done so. However, it does not make any updates to the retry +database, and the log entries for deliveries are flagged with "*>" rather +than "=>". +.sp +Because \fB\-N\fP discards any message to which it applies, only root or the Exim +user are allowed to use it with \fB\-bd\fP, \fB\-q\fP, \fB\-R\fP or \fB\-M\fP. In other +words, an ordinary user can use it only when supplying an incoming message to +which it will apply. Although transportation never fails when \fB\-N\fP is set, an +address may be deferred because of a configuration problem on a transport, or a +routing problem. Once \fB\-N\fP has been used for a delivery attempt, it sticks to +the message, and applies to any subsequent delivery attempts that may happen +for that message. +.TP 10 +\fB\-n\fP +This option is interpreted by Sendmail to mean "no aliasing". +For normal modes of operation, it is ignored by Exim. +When combined with \fB\-bP\fP it makes the output more terse (suppresses +option names, environment values and config pretty printing). +.TP 10 +\fB\-O\fP <\fIdata\fP> +This option is interpreted by Sendmail to mean set option. It is ignored by +Exim. +.TP 10 +\fB\-oA\fP <\fIfile name\fP> +This option is used by Sendmail in conjunction with \fB\-bi\fP to specify an +alternative alias filename. Exim handles \fB\-bi\fP differently; see the +description above. +.TP 10 +\fB\-oB\fP <\fIn\fP> +This is a debugging option which limits the maximum number of messages that can +be delivered down one SMTP connection, overriding the value set in any smtp +transport. If <\fIn\fP> is omitted, the limit is set to 1. +.TP 10 +\fB\-odb\fP +This option applies to all modes in which Exim accepts incoming messages, +including the listening daemon. It requests "background" delivery of such +messages, which means that the accepting process automatically starts a +delivery process for each message received, but does not wait for the delivery +processes to finish. +.sp +When all the messages have been received, the reception process exits, +leaving the delivery processes to finish in their own time. The standard output +and error streams are closed at the start of each delivery process. +This is the default action if none of the \fB\-od\fP options are present. +.sp +If one of the queueing options in the configuration file +(\fBqueue_only\fP or \fBqueue_only_file\fP, for example) is in effect, \fB\-odb\fP +overrides it if \fBqueue_only_override\fP is set true, which is the default +setting. If \fBqueue_only_override\fP is set false, \fB\-odb\fP has no effect. +.TP 10 +\fB\-odf\fP +This option requests "foreground" (synchronous) delivery when Exim has +accepted a locally\-generated message. (For the daemon it is exactly the same as +\fB\-odb\fP.) A delivery process is automatically started to deliver the message, +and Exim waits for it to complete before proceeding. +.sp +The original Exim reception process does not finish until the delivery +process for the final message has ended. The standard error stream is left open +during deliveries. +.sp +However, like \fB\-odb\fP, this option has no effect if \fBqueue_only_override\fP is +false and one of the queueing options in the configuration file is in effect. +.sp +If there is a temporary delivery error during foreground delivery, the +message is left in the queue for later delivery, and the original reception +process exits. +.TP 10 +\fB\-odi\fP +This option is synonymous with \fB\-odf\fP. It is provided for compatibility with +Sendmail. +.TP 10 +\fB\-odq\fP +This option applies to all modes in which Exim accepts incoming messages, +including the listening daemon. It specifies that the accepting process should +not automatically start a delivery process for each message received. Messages +are placed in the queue, and remain there until a subsequent queue runner +process encounters them. There are several configuration options (such as +\fBqueue_only\fP) that can be used to queue incoming messages under certain +conditions. This option overrides all of them and also \fB\-odqs\fP. It always +forces queueing. +.TP 10 +\fB\-odqs\fP +This option is a hybrid between \fB\-odb\fP/\fB\-odi\fP and \fB\-odq\fP. +However, like \fB\-odb\fP and \fB\-odi\fP, this option has no effect if +\fBqueue_only_override\fP is false and one of the queueing options in the +configuration file is in effect. +.sp +When \fB\-odqs\fP does operate, a delivery process is started for each incoming +message, in the background by default, but in the foreground if \fB\-odi\fP is +also present. The recipient addresses are routed, and local deliveries are done +in the normal way. However, if any SMTP deliveries are required, they are not +done at this time, so the message remains in the queue until a subsequent queue +runner process encounters it. Because routing was done, Exim knows which +messages are waiting for which hosts, and so a number of messages for the same +host can be sent in a single SMTP connection. The \fBqueue_smtp_domains\fP +configuration option has the same effect for specific domains. See also the +\fB\-qq\fP option. +.TP 10 +\fB\-oee\fP +If an error is detected while a non\-SMTP message is being received (for +example, a malformed address), the error is reported to the sender in a mail +message. +.sp +Provided +this error message is successfully sent, the Exim receiving process +exits with a return code of zero. If not, the return code is 2 if the problem +is that the original message has no recipients, or 1 for any other error. +This is the default \fB\-oe\fP\fIx\fP option if Exim is called as \fIrmail\fP. +.TP 10 +\fB\-oem\fP +This is the same as \fB\-oee\fP, except that Exim always exits with a non\-zero +return code, whether or not the error message was successfully sent. +This is the default \fB\-oe\fP\fIx\fP option, unless Exim is called as \fIrmail\fP. +.TP 10 +\fB\-oep\fP +If an error is detected while a non\-SMTP message is being received, the +error is reported by writing a message to the standard error file (stderr). +The return code is 1 for all errors. +.TP 10 +\fB\-oeq\fP +This option is supported for compatibility with Sendmail, but has the same +effect as \fB\-oep\fP. +.TP 10 +\fB\-oew\fP +This option is supported for compatibility with Sendmail, but has the same +effect as \fB\-oem\fP. +.TP 10 +\fB\-oi\fP +This option, which has the same effect as \fB\-i\fP, specifies that a dot on a +line by itself should not terminate an incoming, non\-SMTP message. Otherwise, a +single dot does terminate, though Exim does no special processing for other +lines that start with a dot. This option is set by default if Exim is called as +\fIrmail\fP. See also \fB\-ti\fP. +.TP 10 +\fB\-oitrue\fP +This option is treated as synonymous with \fB\-oi\fP. +.TP 10 +\fB\-oMa\fP <\fIhost address\fP> +A number of options starting with \fB\-oM\fP can be used to set values associated +with remote hosts on locally\-submitted messages (that is, messages not received +over TCP/IP). These options can be used by any caller in conjunction with the +\fB\-bh\fP, \fB\-be\fP, \fB\-bf\fP, \fB\-bF\fP, \fB\-bt\fP, or \fB\-bv\fP testing options. In +other circumstances, they are ignored unless the caller is trusted. +.sp +The \fB\-oMa\fP option sets the sender host address. This may include a port +number at the end, after a full stop (period). For example: +.sp + exim \-bs \-oMa 10.9.8.7.1234 +.sp +An alternative syntax is to enclose the IP address in square brackets, +followed by a colon and the port number: +.sp + exim \-bs \-oMa [10.9.8.7]:1234 +.sp +The IP address is placed in the \fI$sender_host_address\fP variable, and the +port, if present, in \fI$sender_host_port\fP. If both \fB\-oMa\fP and \fB\-bh\fP +are present on the command line, the sender host IP address is taken from +whichever one is last. +.TP 10 +\fB\-oMaa\fP <\fIname\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMaa\fP +option sets the value of \fI$sender_host_authenticated\fP (the authenticator +name). +This option can be used with \fB\-bh\fP and \fB\-bs\fP to set up an +authenticated SMTP session without actually using the SMTP AUTH command. +.TP 10 +\fB\-oMai\fP <\fIstring\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMai\fP +option sets the value of \fI$authenticated_id\fP (the id that was authenticated). +This overrides the default value (the caller's login id, except with \fB\-bh\fP, +where there is no default) for messages from local sources. +.TP 10 +\fB\-oMas\fP <\fIaddress\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMas\fP +option sets the authenticated sender value in \fI$authenticated_sender\fP. It +overrides the sender address that is created from the caller's login id for +messages from local sources, except when \fB\-bh\fP is used, when there is no +default. For both \fB\-bh\fP and \fB\-bs\fP, an authenticated sender that is +specified on a MAIL command overrides this value. +.TP 10 +\fB\-oMi\fP <\fIinterface address\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMi\fP +option sets the IP interface address value. A port number may be included, +using the same syntax as for \fB\-oMa\fP. The interface address is placed in +\fI$received_ip_address\fP and the port number, if present, in \fI$received_port\fP. +.TP 10 +\fB\-oMm\fP <\fImessage reference\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMm\fP +option sets the message reference, e.g. message\-id, and is logged during +delivery. This is useful when some kind of audit trail is required to tie +messages together. The format of the message reference is checked and will +abort if the format is invalid. The option will only be accepted if exim is +running in trusted mode, not as any regular user. +.sp +The best example of a message reference is when Exim sends a bounce message. +The message reference is the message\-id of the original message for which Exim +is sending the bounce. +.TP 10 +\fB\-oMr\fP <\fIprotocol name\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMr\fP +option sets the received protocol value that is stored in +\fI$received_protocol\fP. However, it does not apply (and is ignored) when \fB\-bh\fP +or \fB\-bs\fP is used. For \fB\-bh\fP, the protocol is forced to one of the standard +SMTP protocol names. For \fB\-bs\fP, the protocol is always "local\-" followed by +one of those same names. For \fB\-bS\fP (batched SMTP) however, the protocol can +be set by \fB\-oMr\fP. Repeated use of this option is not supported. +.TP 10 +\fB\-oMs\fP <\fIhost name\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMs\fP +option sets the sender host name in \fI$sender_host_name\fP. When this option is +present, Exim does not attempt to look up a host name from an IP address; it +uses the name it is given. +.TP 10 +\fB\-oMt\fP <\fIident string\fP> +See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMt\fP +option sets the sender ident value in \fI$sender_ident\fP. The default setting for +local callers is the login id of the calling process, except when \fB\-bh\fP is +used, when there is no default. +.TP 10 +\fB\-om\fP +In Sendmail, this option means "me too", indicating that the sender of a +message should receive a copy of the message if the sender appears in an alias +expansion. Exim always does this, so the option does nothing. +.TP 10 +\fB\-oo\fP +This option is ignored. In Sendmail it specifies "old style headers", +whatever that means. +.TP 10 +\fB\-oP\fP <\fIpath\fP> +This option is useful only in conjunction with \fB\-bd\fP or \fB\-q\fP with a time +value. The option specifies the file to which the process id of the daemon is +written. When \fB\-oX\fP is used with \fB\-bd\fP, or when \fB\-q\fP with a time is used +without \fB\-bd\fP, this is the only way of causing Exim to write a pid file, +because in those cases, the normal pid file is not used. +.TP 10 +\fB\-oPX\fP +This option is not intended for general use. +The daemon uses it when terminating due to a SIGTEM, possibly in +combination with \fB\-oP\fP <\fIpath\fP>. +It causes the pid file to be removed. +.TP 10 +\fB\-or\fP <\fItime\fP> +This option sets a timeout value for incoming non\-SMTP messages. If it is not +set, Exim will wait forever for the standard input. The value can also be set +by the \fBreceive_timeout\fP option. +.TP 10 +\fB\-os\fP <\fItime\fP> +This option sets a timeout value for incoming SMTP messages. The timeout +applies to each SMTP command and block of data. The value can also be set by +the \fBsmtp_receive_timeout\fP option; it defaults to 5 minutes. +.TP 10 +\fB\-ov\fP +This option has exactly the same effect as \fB\-v\fP. +.TP 10 +\fB\-oX\fP <\fInumber or string\fP> +This option is relevant only when the \fB\-bd\fP (start listening daemon) option +is also given. It controls which ports and interfaces the daemon uses. When \fB\-oX\fP is used to start a daemon, no pid +file is written unless \fB\-oP\fP is also present to specify a pid filename. +.TP 10 +\fB\-oY\fP +This option controls the creation of an inter\-process communications endpoint +by the Exim daemon. +It is only relevant when the \fB\-bd\fP (start listening daemon) option is also +given. +Normally the daemon creates this socket, unless a \fB\-oX\fP and \fBno\fP \fB\-oP\fP +option is also present. +If this option is given then the socket will not be created. This could be +required if the system is running multiple daemons. +.sp +The socket is currently used for +.sp +fast ramp\-up of queue runner processes +.sp +obtaining a current queue size +.TP 10 +\fB\-pd\fP +This option applies when an embedded Perl interpreter is linked with Exim. It overrides the setting of the \fBperl_at_start\fP +option, forcing the starting of the interpreter to be delayed until it is +needed. +.TP 10 +\fB\-ps\fP +This option applies when an embedded Perl interpreter is linked with Exim. It overrides the setting of the \fBperl_at_start\fP +option, forcing the starting of the interpreter to occur as soon as Exim is +started. +.TP 10 +\fB\-p\fP<\fIrval\fP>:<\fIsval\fP> +For compatibility with Sendmail, this option is equivalent to +.sp + \-oMr <\fIrval\fP> \-oMs <\fIsval\fP> +.sp +It sets the incoming protocol and host name (for trusted callers). The +host name and its colon can be omitted when only the protocol is to be set. +Note the Exim already has two private options, \fB\-pd\fP and \fB\-ps\fP, that refer +to embedded Perl. It is therefore impossible to set a protocol value of d +or s using this option (but that does not seem a real limitation). +Repeated use of this option is not supported. +.TP 10 +\fB\-q\fP +This option is normally restricted to admin users. However, there is a +configuration option called \fBprod_requires_admin\fP which can be set false to +relax this restriction (and also the same requirement for the \fB\-M\fP, \fB\-R\fP, +and \fB\-S\fP options). +.sp +If other commandline options do not specify an action, +the \fB\-q\fP option starts one queue runner process. This scans the queue of +waiting messages, and runs a delivery process for each one in turn. It waits +for each delivery process to finish before starting the next one. A delivery +process may not actually do any deliveries if the retry times for the addresses +have not been reached. Use \fB\-qf\fP (see below) if you want to override this. +.sp +If +the delivery process spawns other processes to deliver other messages down +passed SMTP connections, the queue runner waits for these to finish before +proceeding. +.sp +When all the queued messages have been considered, the original queue runner +process terminates. In other words, a single pass is made over the waiting +mail, one message at a time. Use \fB\-q\fP with a time (see below) if you want +this to be repeated periodically. +.sp +Exim processes the waiting messages in an unpredictable order. It isn't very +random, but it is likely to be different each time, which is all that matters. +If one particular message screws up a remote MTA, other messages to the same +MTA have a chance of getting through if they get tried first. +.sp +It is possible to cause the messages to be processed in lexical message id +order, which is essentially the order in which they arrived, by setting the +\fBqueue_run_in_order\fP option, but this is not recommended for normal use. +.TP 10 +\fB\-q\fP<\fIqflags\fP> +The \fB\-q\fP option may be followed by one or more flag letters that change its +behaviour. They are all optional, but if more than one is present, they must +appear in the correct order. Each flag is described in a separate item below. +.TP 10 +\fB\-qq...\fP +An option starting with \fB\-qq\fP requests a two\-stage queue run. In the first +stage, the queue is scanned as if the \fBqueue_smtp_domains\fP option matched +every domain. Addresses are routed, local deliveries happen, but no remote +transports are run. +.sp +Performance will be best if the \fBqueue_run_in_order\fP option is false. +If that is so and the \fBqueue_fast_ramp\fP option is true then +in the first phase of the run, +once a threshold number of messages are routed for a given host, +a delivery process is forked in parallel with the rest of the scan. +.sp +The hints database that remembers which messages are waiting for specific hosts +is updated, as if delivery to those hosts had been deferred. After this is +complete, a second, normal queue scan happens, with routing and delivery taking +place as normal. Messages that are routed to the same host should mostly be +delivered down a single SMTP +connection because of the hints that were set up during the first queue scan. +This option may be useful for hosts that are connected to the Internet +intermittently. +.TP 10 +\fB\-q[q]i...\fP +If the \fIi\fP flag is present, the queue runner runs delivery processes only for +those messages that haven't previously been tried. (\fIi\fP stands for "initial +delivery".) This can be helpful if you are putting messages in the queue using +\fB\-odq\fP and want a queue runner just to process the new messages. +.TP 10 +\fB\-q[q][i]f...\fP +If one \fIf\fP flag is present, a delivery attempt is forced for each non\-frozen +message, whereas without \fIf\fP only those non\-frozen addresses that have passed +their retry times are tried. +.TP 10 +\fB\-q[q][i]ff...\fP +If \fIff\fP is present, a delivery attempt is forced for every message, whether +frozen or not. +.TP 10 +\fB\-q[q][i][f[f]]l\fP +The \fIl\fP (the letter "ell") flag specifies that only local deliveries are to +be done. If a message requires any remote deliveries, it remains in the queue +for later delivery. +.TP 10 +\fB\-q[q][i][f[f]][l][G[/