1EXIM(8) System Manager's Manual EXIM(8)
2
6 exim - a Mail Transfer Agent
7
9 exim [options] arguments ...
10 mailq [options] arguments ...
11 rsmtp [options] arguments ...
12 rmail [options] arguments ...
13 runq [options] arguments ...
14 newaliases [options] arguments ...
15
17 Exim is a mail transfer agent (MTA) developed at the University of Cam‐
19 bridge. It is a large program with very many facilities. For a full
20 specification, see the reference manual. This man page contains only a
21 description of the command line options. It has been automatically gen‐
22 erated from the reference manual source, hopefully without too much
23 mangling.
24 Like other MTAs, Exim replaces Sendmail, and is normally called by user
26 agents (MUAs) using the path /usr/sbin/sendmail when they submit mes‐
27 sages for delivery (some operating systems use /usr/lib/sendmail). This
28 path is normally set up as a symbolic link to the Exim binary. It may
29 also be used by boot scripts to start the Exim daemon. Many of Exim's
30 command line options are compatible with Sendmail so that it can act as
31 a drop-in replacement.
32
34 If no options are present that require a specific action (such as
36 starting the daemon or a queue runner, testing an address, receiving a
37 message in a specific format, or listing the queue), and there are no
38 arguments on the command line, Exim outputs a brief message about
39 itself and exits.
40 However, if there is at least one command line argument, -bm (accept a
42 local message on the standard input, with the arguments specifying the
43 recipients) is assumed. Thus, for example, if Exim is installed in
44 /usr/sbin, you can send a message from the command line like this:
45 /usr/sbin/exim -i <recipient-address(es)>
47 <message content, including all the header lines>
48 CTRL-D
49 The -i option prevents a line containing just a dot from terminating
51 the message. Only an end-of-file (generated by typing CTRL-D if the
52 input is from a terminal) does so.
53
55 If an Exim binary is called using one of the names listed in this sec‐
57 tion (typically via a symbolic link), certain options are assumed.
58 mailq Behave as if the option -bp were present before any other
60 options. The -bp option requests a listing of the contents of
61 the mail queue on the standard output.
62 rsmtp Behaves as if the option -bS were present before any other
64 options, for compatibility with Smail. The -bS option is used
65 for reading in a number of messages in batched SMTP format.
66 rmail Behave as if the -i and -oee options were present before any
68 other options, for compatibility with Smail. The name rmail is
69 used as an interface by some UUCP systems. The -i option speci‐
70 fies that a dot on a line by itself does not terminate a
71 non-SMTP message; -oee requests that errors detected in non-SMTP
72 messages be reported by emailing the sender.
73 runq Behave as if the option -q were present before any other
75 options, for compatibility with Smail. The -q option causes a
76 single queue runner process to be started. It processes the
77 queue once, then exits.
78 newaliases
80 Behave as if the option -bi were present before any other
81 options, for compatibility with Sendmail. This option is used
82 for rebuilding Sendmail's alias file. Exim does not have the
83 concept of a single alias file, but can be configured to run a
84 specified command if called with the -bi option.
85
87 -- This is a pseudo-option whose only purpose is to terminate
89 the options and therefore to cause subsequent command line
90 items to be treated as arguments rather than options, even if
91 they begin with hyphens.
92 --help This option causes Exim to output a few sentences stating
94 what it is. The same output is generated if the Exim binary
95 is called with no options and no arguments.
96 --version This option is an alias for -bV and causes version informa‐
98 tion to be displayed.
99 -B<type> This is a Sendmail option for selecting 7 or 8 bit process‐
101 ing. Exim is 8-bit clean; it ignores this option.
102 -bd This option runs Exim as a daemon, awaiting incoming SMTP
104 connections. Usually the -bd option is combined with the
105 -q<time> option, to specify that the daemon should also ini‐
106 tiate periodic queue runs.
107 The -bd option can be used only by an admin user. If either
109 of the -d (debugging) or -v (verifying) options are set, the
110 daemon does not disconnect from the controlling terminal.
111 When running this way, it can be stopped by pressing ctrl-C.
112 By default, Exim listens for incoming connections to the
114 standard SMTP port on all the host's running interfaces. How‐
115 ever, it is possible to listen on other ports, on multiple
116 ports, and only on specific interfaces.
117 When a listening daemon is started without the use of -oX
119 (that is, without overriding the normal configuration), it
120 writes its process id to a file called exim-daemon.pid in
121 Exim's spool directory. This location can be overridden by
122 setting PID_FILE_PATH in Local/Makefile. The file is written
123 while Exim is still running as root.
124 When -oX is used on the command line to start a listening
126 daemon, the process id is not written to the normal pid file
127 path. However, -oP can be used to specify a path on the com‐
128 mand line if a pid file is required.
129 The SIGHUP signal can be used to cause the daemon to re-exe‐
131 cute itself. This should be done whenever Exim's configura‐
132 tion file, or any file that is incorporated into it by means
133 of the .include facility, is changed, and also whenever a new
134 version of Exim is installed. It is not necessary to do this
135 when other files that are referenced from the configuration
136 (for example, alias files) are changed, because these are
137 reread each time they are used.
138 -bdf This option has the same effect as -bd except that it never
140 disconnects from the controlling terminal, even when no
141 debugging is specified.
142 -be Run Exim in expansion testing mode. Exim discards its root
144 privilege, to prevent ordinary users from using this mode to
145 read otherwise inaccessible files. If no arguments are given,
146 Exim runs interactively, prompting for lines of data. Other‐
147 wise, it processes each argument in turn.
148 If Exim was built with USE_READLINE=yes in Local/Makefile, it
150 tries to load the libreadline library dynamically whenever
151 the -be option is used without command line arguments. If
152 successful, it uses the readline() function, which provides
153 extensive line-editing facilities, for reading the test data.
154 A line history is supported.
155 Long expansion expressions can be split over several lines by
157 using backslash continuations. As in Exim's run time configu‐
158 ration, white space at the start of continuation lines is
159 ignored. Each argument or data line is passed through the
160 string expansion mechanism, and the result is output. Vari‐
161 able values from the configuration file (for example, $qual‐
162 ify_domain) are available, but no message-specific values
163 (such as $sender_domain) are set, because no message is being
164 processed (but see -bem and -Mset).
165 Note: If you use this mechanism to test lookups, and you
167 change the data files or databases you are using, you must
168 exit and restart Exim before trying the same lookup again.
169 Otherwise, because each Exim process caches the results of
170 lookups, you will just get the same result as before.
171 -bem <filename>
173 This option operates like -be except that it must be followed
174 by the name of a file. For example:
175 exim -bem /tmp/testmessage
177 The file is read as a message (as if receiving a locally-sub‐
179 mitted non-SMTP message) before any of the test expansions
180 are done. Thus, message-specific variables such as $mes‐
181 sage_size and $header_from: are available. However, no
182 Received: header is added to the message. If the -t option is
183 set, recipients are read from the headers in the normal way,
184 and are shown in the $recipients variable. Note that recipi‐
185 ents cannot be given on the command line, because further
186 arguments are taken as strings to expand (just like -be).
187 -bF <filename>
189 This option is the same as -bf except that it assumes that
190 the filter being tested is a system filter. The additional
191 commands that are available only in system filters are recog‐
192 nized.
193 -bf <filename>
195 This option runs Exim in user filter testing mode; the file
196 is the filter file to be tested, and a test message must be
197 supplied on the standard input. If there are no mes‐
198 sage-dependent tests in the filter, an empty file can be sup‐
199 plied.
200 If you want to test a system filter file, use -bF instead of
202 -bf. You can use both -bF and -bf on the same command, in
203 order to test a system filter and a user filter in the same
204 run. For example:
205 exim -bF /system/filter -bf /user/filter </test/message
207 This is helpful when the system filter adds header lines or
209 sets filter variables that are used by the user filter.
210 If the test filter file does not begin with one of the spe‐
212 cial lines
213 # Exim filter
215 # Sieve filter
216 it is taken to be a normal .forward file, and is tested for
218 validity under that interpretation.
219 The result of an Exim command that uses -bf, provided no
221 errors are detected, is a list of the actions that Exim would
222 try to take if presented with the message for real. More
223 details of filter testing are given in the separate document
224 entitled Exim's interfaces to mail filtering.
225 When testing a filter file, the envelope sender can be set by
227 the -f option, or by a "From " line at the start of the test
228 message. Various parameters that would normally be taken from
229 the envelope recipient address of the message can be set by
230 means of additional command line options (see the next four
231 options).
232 -bfd <domain>
234 This sets the domain of the recipient address when a filter
235 file is being tested by means of the -bf option. The default
236 is the value of $qualify_domain.
237 -bfl <local part>
239 This sets the local part of the recipient address when a fil‐
240 ter file is being tested by means of the -bf option. The
241 default is the username of the process that calls Exim. A
242 local part should be specified with any prefix or suffix
243 stripped, because that is how it appears to the filter when a
244 message is actually being delivered.
245 -bfp <prefix>
247 This sets the prefix of the local part of the recipient
248 address when a filter file is being tested by means of the
249 -bf option. The default is an empty prefix.
250 -bfs <suffix>
252 This sets the suffix of the local part of the recipient
253 address when a filter file is being tested by means of the
254 -bf option. The default is an empty suffix.
255 -bh <IP address>
257 This option runs a fake SMTP session as if from the given IP
258 address, using the standard input and output. The IP address
259 may include a port number at the end, after a full stop. For
260 example:
261 exim -bh 10.9.8.7.1234
263 exim -bh fe80::a00:20ff:fe86:a061.5678
264 When an IPv6 address is given, it is converted into canonical
266 form. In the case of the second example above, the value of
267 $sender_host_address after conversion to the canonical form
268 is fe80:0000:0000:0a00:20ff:fe86:a061.5678.
269 Comments as to what is going on are written to the standard
271 error file. These include lines beginning with "LOG" for any‐
272 thing that would have been logged. This facility is provided
273 for testing configuration options for incoming messages, to
274 make sure they implement the required policy. For example,
275 you can test your relay controls using -bh.
276 Warning 1: You can test features of the configuration that
278 rely on ident (RFC 1413) information by using the -oMt
279 option. However, Exim cannot actually perform an ident call‐
280 out when testing using -bh because there is no incoming SMTP
281 connection.
282 Warning 2: Address verification callouts are also skipped
284 when testing using -bh. If you want these callouts to occur,
285 use -bhc instead.
286 Messages supplied during the testing session are discarded,
288 and nothing is written to any of the real log files. There
289 may be pauses when DNS (and other) lookups are taking place,
290 and of course these may time out. The -oMi option can be used
291 to specify a specific IP interface and port if this is impor‐
292 tant, and -oMaa and -oMai can be used to set parameters as if
293 the SMTP session were authenticated.
294 The exim_checkaccess utility is a "packaged" version of -bh
296 whose output just states whether a given recipient address
297 from a given host is acceptable or not.
298 Features such as authentication and encryption, where the
300 client input is not plain text, cannot easily be tested with
301 -bh. Instead, you should use a specialized SMTP test program
302 such as swaks.
303 -bhc <IP address>
305 This option operates in the same way as -bh, except that
306 address verification callouts are performed if required. This
307 includes consulting and updating the callout cache database.
308 -bi Sendmail interprets the -bi option as a request to rebuild
310 its alias file. Exim does not have the concept of a single
311 alias file, and so it cannot mimic this behaviour. However,
312 calls to /usr/lib/sendmail with the -bi option tend to appear
313 in various scripts such as NIS make files, so the option must
314 be recognized.
315 If -bi is encountered, the command specified by the bi_com‐
317 mand configuration option is run, under the uid and gid of
318 the caller of Exim. If the -oA option is used, its value is
319 passed to the command as an argument. The command set by
320 bi_command may not contain arguments. The command can use the
321 exim_dbmbuild utility, or some other means, to rebuild alias
322 files if this is required. If the bi_command option is not
323 set, calling Exim with -bi is a no-op.
324 -bm This option runs an Exim receiving process that accepts an
326 incoming, locally-generated message on the current input. The
327 recipients are given as the command arguments (except when -t
328 is also present - see below). Each argument can be a
329 comma-separated list of RFC 2822 addresses. This is the
330 default option for selecting the overall action of an Exim
331 call; it is assumed if no other conflicting option is
332 present.
333 If any addresses in the message are unqualified (have no
335 domain), they are qualified by the values of the qual‐
336 ify_domain or qualify_recipient options, as appropriate. The
337 -bnq option (see below) provides a way of suppressing this
338 for special cases.
339 Policy checks on the contents of local messages can be
341 enforced by means of the non-SMTP ACL.
342 The return code is zero if the message is successfully
344 accepted. Otherwise, the action is controlled by the -oex
345 option setting - see below.
346 The format of the message must be as defined in RFC 2822,
348 except that, for compatibility with Sendmail and Smail, a
349 line in one of the forms
350 From sender Fri Jan 5 12:55 GMT 1997
352 From sender Fri, 5 Jan 97 12:55:01
353 (with the weekday optional, and possibly with additional text
355 after the date) is permitted to appear at the start of the
356 message. There appears to be no authoritative specification
357 of the format of this line. Exim recognizes it by matching
358 against the regular expression defined by the uucp_from_pat‐
359 tern option, which can be changed if necessary.
360 The specified sender is treated as if it were given as the
362 argument to the -f option, but if a -f option is also
363 present, its argument is used in preference to the address
364 taken from the message. The caller of Exim must be a trusted
365 user for the sender of a message to be set in this way.
366 -bnq By default, Exim automatically qualifies unqualified
368 addresses (those without domains) that appear in messages
369 that are submitted locally (that is, not over TCP/IP). This
370 qualification applies both to addresses in envelopes, and
371 addresses in header lines. Sender addresses are qualified
372 using qualify_domain, and recipient addresses using qual‐
373 ify_recipient (which defaults to the value of qual‐
374 ify_domain).
375 Sometimes, qualification is not wanted. For example, if -bS
377 (batch SMTP) is being used to re-submit messages that origi‐
378 nally came from remote hosts after content scanning, you
379 probably do not want to qualify unqualified addresses in
380 header lines. (Such lines will be present only if you have
381 not enabled a header syntax check in the appropriate ACL.)
382 The -bnq option suppresses all qualification of unqualified
384 addresses in messages that originate on the local host. When
385 this is used, unqualified addresses in the envelope provoke
386 errors (causing message rejection) and unqualified addresses
387 in header lines are left alone.
388 -bP If this option is given with no arguments, it causes the val‐
390 ues of all Exim's main configuration options to be written to
391 the standard output. The values of one or more specific
392 options can be requested by giving their names as arguments,
393 for example:
394 exim -bP qualify_domain hold_domains
396 However, any option setting that is preceded by the word
398 "hide" in the configuration file is not shown in full, except
399 to an admin user. For other users, the output is as in this
400 example:
401 mysql_servers = <value not displayable>
403 If configure_file is given as an argument, the name of the
405 run time configuration file is output. If a list of configu‐
406 ration files was supplied, the value that is output here is
407 the name of the file that was actually used.
408 If log_file_path or pid_file_path are given, the names of the
410 directories where log files and daemon pid files are written
411 are output, respectively. If these values are unset, log
412 files are written in a sub-directory of the spool directory
413 called log, and the pid file is written directly into the
414 spool directory.
415 If -bP is followed by a name preceded by +, for example,
417 exim -bP +local_domains
419 it searches for a matching named list of any type (domain,
421 host, address, or local part) and outputs what it finds.
422 If one of the words router, transport, or authenticator is
424 given, followed by the name of an appropriate driver
425 instance, the option settings for that driver are output. For
426 example:
427 exim -bP transport local_delivery
429 The generic driver options are output first, followed by the
431 driver's private options. A list of the names of drivers of a
432 particular type can be obtained by using one of the words
433 router_list, transport_list, or authenticator_list, and a
434 complete list of all drivers with their option settings can
435 be obtained by using routers, transports, or authenticators.
436 If invoked by an admin user, then macro, macro_list and
438 macros are available, similarly to the drivers. Because
439 macros are sometimes used for storing passwords, this option
440 is restricted. The output format is one item per line.
441 -bp This option requests a listing of the contents of the mail
443 queue on the standard output. If the -bp option is followed
444 by a list of message ids, just those messages are listed. By
445 default, this option can be used only by an admin user. How‐
446 ever, the queue_list_requires_admin option can be set false
447 to allow any user to see the queue.
448 Each message on the queue is displayed as in the following
450 example:
451 25m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
453 red.king@looking-glass.fict.example
454 <other addresses>
455 The first line contains the length of time the message has
457 been on the queue (in this case 25 minutes), the size of the
458 message (2.9K), the unique local identifier for the message,
459 and the message sender, as contained in the envelope. For
460 bounce messages, the sender address is empty, and appears as
461 "<>". If the message was submitted locally by an untrusted
462 user who overrode the default sender address, the user's
463 login name is shown in parentheses before the sender address.
464 If the message is frozen (attempts to deliver it are sus‐
466 pended) then the text "*** frozen ***" is displayed at the
467 end of this line.
468 The recipients of the message (taken from the envelope, not
470 the headers) are displayed on subsequent lines. Those
471 addresses to which the message has already been delivered are
472 marked with the letter D. If an original address gets
473 expanded into several addresses via an alias or forward file,
474 the original is displayed with a D only when deliveries for
475 all of its child addresses are complete.
476 -bpa This option operates like -bp, but in addition it shows
478 delivered addresses that were generated from the original top
479 level address(es) in each message by alias or forwarding
480 operations. These addresses are flagged with "+D" instead of
481 just "D".
482 -bpc This option counts the number of messages on the queue, and
484 writes the total to the standard output. It is restricted to
485 admin users, unless queue_list_requires_admin is set false.
486 -bpr This option operates like -bp, but the output is not sorted
488 into chronological order of message arrival. This can speed
489 it up when there are lots of messages on the queue, and is
490 particularly useful if the output is going to be post-pro‐
491 cessed in a way that doesn't need the sorting.
492 -bpra This option is a combination of -bpr and -bpa.
494 -bpru This option is a combination of -bpr and -bpu.
496 -bpu This option operates like -bp but shows only undelivered
498 top-level addresses for each message displayed. Addresses
499 generated by aliasing or forwarding are not shown, unless the
500 message was deferred after processing by a router with the
501 one_time option set.
502 -brt This option is for testing retry rules, and it must be fol‐
504 lowed by up to three arguments. It causes Exim to look for a
505 retry rule that matches the values and to write it to the
506 standard output. For example:
507 exim -brt bach.comp.mus.example
509 Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
510 The first argument, which is required, can be a complete
512 address in the form local_part@domain, or it can be just a
513 domain name. If the second argument contains a dot, it is
514 interpreted as an optional second domain name; if no retry
515 rule is found for the first argument, the second is tried.
516 This ties in with Exim's behaviour when looking for retry
517 rules for remote hosts - if no rule is found that matches the
518 host, one that matches the mail domain is sought. Finally, an
519 argument that is the name of a specific delivery error, as
520 used in setting up retry rules, can be given. For example:
521 exim -brt haydn.comp.mus.example quota_3d
523 Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m
524 -brw This option is for testing address rewriting rules, and it
526 must be followed by a single argument, consisting of either a
527 local part without a domain, or a complete address with a
528 fully qualified domain. Exim outputs how this address would
529 be rewritten for each possible place it might appear.
530 -bS This option is used for batched SMTP input, which is an
532 alternative interface for non-interactive local message sub‐
533 mission. A number of messages can be submitted in a single
534 run. However, despite its name, this is not really SMTP
535 input. Exim reads each message's envelope from SMTP commands
536 on the standard input, but generates no responses. If the
537 caller is trusted, or untrusted_set_sender is set, the
538 senders in the SMTP MAIL commands are believed; otherwise the
539 sender is always the caller of Exim.
540 The message itself is read from the standard input, in SMTP
542 format (leading dots doubled), terminated by a line contain‐
543 ing just a single dot. An error is provoked if the terminat‐
544 ing dot is missing. A further message may then follow.
545 As for other local message submissions, the contents of
547 incoming batch SMTP messages can be checked using the
548 non-SMTP ACL. Unqualified addresses are automatically quali‐
549 fied using qualify_domain and qualify_recipient, as appropri‐
550 ate, unless the -bnq option is used.
551 Some other SMTP commands are recognized in the input. HELO
553 and EHLO act as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP;
554 QUIT quits, ignoring the rest of the standard input.
555 If any error is encountered, reports are written to the stan‐
557 dard output and error streams, and Exim gives up immediately.
558 The return code is 0 if no error was detected; it is 1 if one
559 or more messages were accepted before the error was detected;
560 otherwise it is 2.
561 -bs This option causes Exim to accept one or more messages by
564 reading SMTP commands on the standard input, and producing
565 SMTP replies on the standard output. SMTP policy controls, as
566 defined in ACLs are applied. Some user agents use this
567 interface as a way of passing locally-generated messages to
568 the MTA.
569 In this usage, if the caller of Exim is trusted, or
571 untrusted_set_sender is set, the senders of messages are
572 taken from the SMTP MAIL commands. Otherwise the content of
573 these commands is ignored and the sender is set up as the
574 calling user. Unqualified addresses are automatically quali‐
575 fied using qualify_domain and qualify_recipient, as appropri‐
576 ate, unless the -bnq option is used.
577 The -bs option is also used to run Exim from inetd, as an
579 alternative to using a listening daemon. Exim can distinguish
580 the two cases by checking whether the standard input is a
581 TCP/IP socket. When Exim is called from inetd, the source of
582 the mail is assumed to be remote, and the comments above con‐
583 cerning senders and qualification do not apply. In this situ‐
584 ation, Exim behaves in exactly the same way as it does when
585 receiving a message via the listening daemon.
586 -bmalware <filename>
588 This debugging option causes Exim to scan the given file,
589 using the malware scanning framework. The option of av_scan‐
590 ner influences this option, so if av_scanner's value is
591 dependent upon an expansion then the expansion should have
592 defaults which apply to this invocation. ACLs are not
593 invoked, so if av_scanner references an ACL variable then
594 that variable will never be populated and -bmalware will
595 fail.
596 Exim will have changed working directory before resolving the
598 filename, so using fully qualified pathnames is advisable.
599 Exim will be running as the Exim user when it tries to open
600 the file, rather than as the invoking user. This option
601 requires admin privileges.
602 The -bmalware option will not be extended to be more gener‐
604 ally useful, there are better tools for file-scanning. This
605 option exists to help administrators verify their Exim and AV
606 scanner configuration.
607 -bt This option runs Exim in address testing mode, in which each
609 argument is taken as a recipient address to be tested for
610 deliverability. The results are written to the standard out‐
611 put. If a test fails, and the caller is not an admin user, no
612 details of the failure are output, because these might con‐
613 tain sensitive information such as usernames and passwords
614 for database lookups.
615 If no arguments are given, Exim runs in an interactive man‐
617 ner, prompting with a right angle bracket for addresses to be
618 tested.
619 Unlike the -be test option, you cannot arrange for Exim to
621 use the readline() function, because it is running as root
622 and there are security issues.
623 Each address is handled as if it were the recipient address
625 of a message (compare the -bv option). It is passed to the
626 routers and the result is written to the standard output.
627 However, any router that has no_address_test set is bypassed.
628 This can make -bt easier to use for genuine routing tests if
629 your first router passes everything to a scanner program.
630 The return code is 2 if any address failed outright; it is 1
632 if no address failed outright but at least one could not be
633 resolved for some reason. Return code 0 is given only when
634 all addresses succeed.
635 Note: When actually delivering a message, Exim removes dupli‐
637 cate recipient addresses after routing is complete, so that
638 only one delivery takes place. This does not happen when
639 testing with -bt; the full results of routing are always
640 shown.
641 Warning: -bt can only do relatively simple testing. If any of
643 the routers in the configuration makes any tests on the
644 sender address of a message, you can use the -f option to set
645 an appropriate sender when running -bt tests. Without it, the
646 sender is assumed to be the calling user at the default qual‐
647 ifying domain. However, if you have set up (for example)
648 routers whose behaviour depends on the contents of an incom‐
649 ing message, you cannot test those conditions using -bt. The
650 -N option provides a possible way of doing such tests.
651 -bV This option causes Exim to write the current version number,
653 compilation number, and compilation date of the exim binary
654 to the standard output. It also lists the DBM library that
655 is being used, the optional modules (such as specific lookup
656 types), the drivers that are included in the binary, and the
657 name of the run time configuration file that is in use.
658 As part of its operation, -bV causes Exim to read and syntax
660 check its configuration file. However, this is a static check
661 only. It cannot check values that are to be expanded. For
662 example, although a misspelt ACL verb is detected, an error
663 in the verb's arguments is not. You cannot rely on -bV alone
664 to discover (for example) all the typos in the configuration;
665 some realistic testing is needed. The -bh and -N options pro‐
666 vide more dynamic testing facilities.
667 -bv This option runs Exim in address verification mode, in which
669 each argument is taken as a recipient address to be verified
670 by the routers. (This does not involve any verification call‐
671 outs). During normal operation, verification happens mostly
672 as a consequence processing a verify condition in an ACL. If
673 you want to test an entire ACL, possibly including callouts,
674 see the -bh and -bhc options.
675 If verification fails, and the caller is not an admin user,
677 no details of the failure are output, because these might
678 contain sensitive information such as usernames and passwords
679 for database lookups.
680 If no arguments are given, Exim runs in an interactive man‐
682 ner, prompting with a right angle bracket for addresses to be
683 verified.
684 Unlike the -be test option, you cannot arrange for Exim to
686 use the readline() function, because it is running as exim
687 and there are security issues.
688 Verification differs from address testing (the -bt option) in
690 that routers that have no_verify set are skipped, and if the
691 address is accepted by a router that has fail_verify set,
692 verification fails. The address is verified as a recipient if
693 -bv is used; to test verification for a sender address, -bvs
694 should be used.
695 If the -v option is not set, the output consists of a single
697 line for each address, stating whether it was verified or
698 not, and giving a reason in the latter case. Without -v, gen‐
699 erating more than one address by redirection causes verifica‐
700 tion to end successfully, without considering the generated
701 addresses. However, if just one address is generated, pro‐
702 cessing continues, and the generated address must verify suc‐
703 cessfully for the overall verification to succeed.
704 When -v is set, more details are given of how the address has
706 been handled, and in the case of address redirection, all the
707 generated addresses are also considered. Verification may
708 succeed for some and fail for others.
709 The return code is 2 if any address failed outright; it is 1
711 if no address failed outright but at least one could not be
712 resolved for some reason. Return code 0 is given only when
713 all addresses succeed.
714 If any of the routers in the configuration makes any tests on
716 the sender address of a message, you should use the -f option
717 to set an appropriate sender when running -bv tests. Without
718 it, the sender is assumed to be the calling user at the
719 default qualifying domain.
720 -bvs This option acts like -bv, but verifies the address as a
722 sender rather than a recipient address. This affects any
723 rewriting and qualification that might happen.
724 -C <filelist>
726 This option causes Exim to find the run time configuration
727 file from the given list instead of from the list specified
728 by the CONFIGURE_FILE compile-time setting. Usually, the list
729 will consist of just a single file name, but it can be a
730 colon-separated list of names. In this case, the first file
731 that exists is used. Failure to open an existing file stops
732 Exim from proceeding any further along the list, and an error
733 is generated.
734 When this option is used by a caller other than root, and the
736 list is different from the compiled-in list, Exim gives up
737 its root privilege immediately, and runs with the real and
738 effective uid and gid set to those of the caller. However,
739 if a TRUSTED_CONFIG_LIST file is defined in Local/Makefile,
740 that file contains a list of full pathnames, one per line,
741 for configuration files which are trusted. Root privilege is
742 retained for any configuration file so listed, as long as the
743 caller is the Exim user (or the user specified in the CONFIG‐
744 URE_OWNER option, if any), and as long as the configuration
745 file is not writeable by inappropriate users or groups.
746 Leaving TRUSTED_CONFIG_LIST unset precludes the possibility
748 of testing a configuration using -C right through message
749 reception and delivery, even if the caller is root. The
750 reception works, but by that time, Exim is running as the
751 Exim user, so when it re-executes to regain privilege for the
752 delivery, the use of -C causes privilege to be lost. However,
753 root can test reception and delivery using two separate com‐
754 mands (one to put a message on the queue, using -odq, and
755 another to do the delivery, using -M).
756 If ALT_CONFIG_PREFIX is defined in Local/Makefile, it speci‐
758 fies a prefix string with which any file named in a -C com‐
759 mand line option must start. In addition, the file name must
760 not contain the sequence /../. However, if the value of the
761 -C option is identical to the value of CONFIGURE_FILE in
762 Local/Makefile, Exim ignores -C and proceeds as usual. There
763 is no default setting for ALT_CONFIG_PREFIX; when it is
764 unset, any file name can be used with -C.
765 ALT_CONFIG_PREFIX can be used to confine alternative configu‐
767 ration files to a directory to which only root has access.
768 This prevents someone who has broken into the Exim account
769 from running a privileged Exim with an arbitrary configura‐
770 tion file.
771 The -C facility is useful for ensuring that configuration
773 files are syntactically correct, but cannot be used for test
774 deliveries, unless the caller is privileged, or unless it is
775 an exotic configuration that does not require privilege. No
776 check is made on the owner or group of the files specified by
777 this option.
778 -D<macro>=<value>
780 This option can be used to override macro definitions in the
781 configuration file. However, like -C, if it is used by an
782 unprivileged caller, it causes Exim to give up its root priv‐
783 ilege. If DISABLE_D_OPTION is defined in Local/Makefile, the
784 use of -D is completely disabled, and its use causes an imme‐
785 diate error exit.
786 If WHITELIST_D_MACROS is defined in Local/Makefile then it
788 should be a colon-separated list of macros which are consid‐
789 ered safe and, if -D only supplies macros from this list, and
790 the values are acceptable, then Exim will not give up root
791 privilege if the caller is root, the Exim run-time user, or
792 the CONFIGURE_OWNER, if set. This is a transition mechanism
793 and is expected to be removed in the future. Acceptable val‐
794 ues for the macros satisfy the regexp: ^[A-Za-z0-9_/.-]*$
795 The entire option (including equals sign if present) must all
797 be within one command line item. -D can be used to set the
798 value of a macro to the empty string, in which case the
799 equals sign is optional. These two commands are synonymous:
800 exim -DABC ...
802 exim -DABC= ...
803 To include spaces in a macro definition item, quotes must be
805 used. If you use quotes, spaces are permitted around the
806 macro name and the equals sign. For example:
807 exim '-D ABC = something' ...
809 -D may be repeated up to 10 times on a command line.
811 -d<debug options>
813 This option causes debugging information to be written to the
814 standard error stream. It is restricted to admin users
815 because debugging output may show database queries that con‐
816 tain password information. Also, the details of users' filter
817 files should be protected. If a non-admin user uses -d, Exim
818 writes an error message to the standard error stream and
819 exits with a non-zero return code.
820 When -d is used, -v is assumed. If -d is given on its own, a
822 lot of standard debugging data is output. This can be
823 reduced, or increased to include some more rarely needed
824 information, by directly following -d with a string made up
825 of names preceded by plus or minus characters. These add or
826 remove sets of debugging data, respectively. For example,
827 -d+filter adds filter debugging, whereas -d-all+filter
828 selects only filter debugging. Note that no spaces are
829 allowed in the debug setting. The available debugging cate‐
830 gories are:
831 acl ACL interpretation
833 auth authenticators
834 deliver general delivery logic
835 dns DNS lookups (see also resolver)
836 dnsbl DNS black list (aka RBL) code
837 exec arguments for execv() calls
838 expand detailed debugging for string expansions
839 filter filter handling
840 hints_lookup hints data lookups
841 host_lookup all types of name-to-IP address handling
842 ident ident lookup
843 interface lists of local interfaces
844 lists matching things in lists
845 load system load checks
846 local_scan can be used by local_scan()
847 lookup general lookup code and all lookups
848 memory memory handling
849 pid add pid to debug output lines
850 process_info setting info for the process log
851 queue_run queue runs
852 receive general message reception logic
853 resolver turn on the DNS resolver's debugging output
854 retry retry handling
855 rewrite address rewriting
856 route address routing
857 timestamp add timestamp to debug output lines
858 tls TLS logic
859 transport transports
860 uid changes of uid/gid and looking up uid/gid
861 verify address verification logic
862 all almost all of the above (see below), and
863 also -v
864 The all option excludes memory when used as +all, but
866 includes it for -all. The reason for this is that +all is
867 something that people tend to use when generating debug out‐
868 put for Exim maintainers. If +memory is included, an awful
869 lot of output that is very rarely of interest is generated,
870 so it now has to be explicitly requested. However, -all does
871 turn everything off.
872 The resolver option produces output only if the DNS resolver
874 was compiled with DEBUG enabled. This is not the case in some
875 operating systems. Also, unfortunately, debugging output from
876 the DNS resolver is written to stdout rather than stderr.
877 The default (-d with no argument) omits expand, filter,
879 interface, load, memory, pid, resolver, and timestamp. How‐
880 ever, the pid selector is forced when debugging is turned on
881 for a daemon, which then passes it on to any re-executed
882 Exims. Exim also automatically adds the pid to debug lines
883 when several remote deliveries are run in parallel.
884 The timestamp selector causes the current time to be inserted
886 at the start of all debug output lines. This can be useful
887 when trying to track down delays in processing.
888 If the debug_print option is set in any driver, it produces
890 output whenever any debugging is selected, or if -v is used.
891 -dd<debug options>
893 This option behaves exactly like -d except when used on a
894 command that starts a daemon process. In that case, debugging
895 is turned off for the subprocesses that the daemon creates.
896 Thus, it is useful for monitoring the behaviour of the daemon
897 without creating as much output as full debugging does.
898 -dropcr This is an obsolete option that is now a no-op. It used to
900 affect the way Exim handled CR and LF characters in incoming
901 messages.
902 -E This option specifies that an incoming message is a
904 locally-generated delivery failure report. It is used inter‐
905 nally by Exim when handling delivery failures and is not
906 intended for external use. Its only effect is to stop Exim
907 generating certain messages to the postmaster, as otherwise
908 message cascades could occur in some situations. As part of
909 the same option, a message id may follow the characters -E.
910 If it does, the log entry for the receipt of the new message
911 contains the id, following "R=", as a cross-reference.
912 -ex There are a number of Sendmail options starting with -oe
914 which seem to be called by various programs without the lead‐
915 ing o in the option. For example, the vacation program uses
916 -eq. Exim treats all options of the form -ex as synonymous
917 with the corresponding -oex options.
918 -F <string>
920 This option sets the sender's full name for use when a
921 locally-generated message is being accepted. In the absence
922 of this option, the user's gecos entry from the password data
923 is used. As users are generally permitted to alter their
924 gecos entries, no security considerations are involved. White
925 space between -F and the <string> is optional.
926 -f <address>
928 This option sets the address of the envelope sender of a
929 locally-generated message (also known as the return path).
930 The option can normally be used only by a trusted user, but
931 untrusted_set_sender can be set to allow untrusted users to
932 use it.
933 Processes running as root or the Exim user are always
935 trusted. Other trusted users are defined by the trusted_users
936 or trusted_groups options. In the absence of -f, or if the
937 caller is not trusted, the sender of a local message is set
938 to the caller's login name at the default qualify domain.
939 There is one exception to the restriction on the use of -f:
941 an empty sender can be specified by any user, trusted or not,
942 to create a message that can never provoke a bounce. An empty
943 sender can be specified either as an empty string, or as a
944 pair of angle brackets with nothing between them, as in these
945 examples of shell commands:
946 exim -f '<>' user@domain
948 exim -f "" user@domain
949 In addition, the use of -f is not restricted when testing a
951 filter file with -bf or when testing or verifying addresses
952 using the -bt or -bv options.
953 Allowing untrusted users to change the sender address does
955 not of itself make it possible to send anonymous mail. Exim
956 still checks that the From: header refers to the local user,
957 and if it does not, it adds a Sender: header, though this can
958 be overridden by setting no_local_from_check.
959 White space between -f and the <address> is optional (that
961 is, they can be given as two arguments or one combined argu‐
962 ment). The sender of a locally-generated message can also be
963 set (when permitted) by an initial "From " line in the mes‐
964 sage - see the description of -bm above - but if -f is also
965 present, it overrides "From ".
966 -G This is a Sendmail option which is ignored by Exim.
968 -h <number>
970 This option is accepted for compatibility with Sendmail, but
971 has no effect. (In Sendmail it overrides the "hop count"
972 obtained by counting Received: headers.)
973 -i This option, which has the same effect as -oi, specifies that
975 a dot on a line by itself should not terminate an incoming,
976 non-SMTP message. I can find no documentation for this option
977 in Solaris 2.4 Sendmail, but the mailx command in Solaris 2.4
978 uses it. See also -ti.
979 -M <message id> <message id> ...
981 This option requests Exim to run a delivery attempt on each
982 message in turn. If any of the messages are frozen, they are
983 automatically thawed before the delivery attempt. The set‐
984 tings of queue_domains, queue_smtp_domains, and hold_domains
985 are ignored.
986 Retry hints for any of the addresses are overridden - Exim
988 tries to deliver even if the normal retry time has not yet
989 been reached. This option requires the caller to be an admin
990 user. However, there is an option called prod_requires_admin
991 which can be set false to relax this restriction (and also
992 the same requirement for the -q, -R, and -S options).
993 The deliveries happen synchronously, that is, the original
995 Exim process does not terminate until all the delivery
996 attempts have finished. No output is produced unless there is
997 a serious error. If you want to see what is happening, use
998 the -v option as well, or inspect Exim's main log.
999 -Mar <message id> <address> <address> ...
1001 This option requests Exim to add the addresses to the list of
1002 recipients of the message ("ar" for "add recipients"). The
1003 first argument must be a message id, and the remaining ones
1004 must be email addresses. However, if the message is active
1005 (in the middle of a delivery attempt), it is not altered.
1006 This option can be used only by an admin user.
1007 -MC <transport> <hostname> <sequence number> <message id>
1009 This option is not intended for use by external callers. It
1010 is used internally by Exim to invoke another instance of
1011 itself to deliver a waiting message using an existing SMTP
1012 connection, which is passed as the standard input. This must
1013 be the final option, and the caller must be root or the Exim
1014 user in order to use it.
1015 -MCA This option is not intended for use by external callers. It
1017 is used internally by Exim in conjunction with the -MC
1018 option. It signifies that the connection to the remote host
1019 has been authenticated.
1020 -MCP This option is not intended for use by external callers. It
1022 is used internally by Exim in conjunction with the -MC
1023 option. It signifies that the server to which Exim is con‐
1024 nected supports pipelining.
1025 -MCQ <process id> <pipe fd>
1027 This option is not intended for use by external callers. It
1028 is used internally by Exim in conjunction with the -MC option
1029 when the original delivery was started by a queue runner. It
1030 passes on the process id of the queue runner, together with
1031 the file descriptor number of an open pipe. Closure of the
1032 pipe signals the final completion of the sequence of pro‐
1033 cesses that are passing messages through the same SMTP con‐
1034 nection.
1035 -MCS This option is not intended for use by external callers. It
1037 is used internally by Exim in conjunction with the -MC
1038 option, and passes on the fact that the SMTP SIZE option
1039 should be used on messages delivered down the existing con‐
1040 nection.
1041 -MCT This option is not intended for use by external callers. It
1043 is used internally by Exim in conjunction with the -MC
1044 option, and passes on the fact that the host to which Exim is
1045 connected supports TLS encryption.
1046 -Mc <message id> <message id> ...
1048 This option requests Exim to run a delivery attempt on each
1049 message in turn, but unlike the -M option, it does check for
1050 retry hints, and respects any that are found. This option is
1051 not very useful to external callers. It is provided mainly
1052 for internal use by Exim when it needs to re-invoke itself in
1053 order to regain root privilege for a delivery. However, -Mc
1054 can be useful when testing, in order to run a delivery that
1055 respects retry times and other options such as hold_domains
1056 that are overridden when -M is used. Such a delivery does not
1057 count as a queue run. If you want to run a specific delivery
1058 as if in a queue run, you should use -q with a message id
1059 argument. A distinction between queue run deliveries and
1060 other deliveries is made in one or two places.
1061 -Mes <message id> <address>
1063 This option requests Exim to change the sender address in the
1064 message to the given address, which must be a fully qualified
1065 address or "<>" ("es" for "edit sender"). There must be
1066 exactly two arguments. The first argument must be a message
1067 id, and the second one an email address. However, if the mes‐
1068 sage is active (in the middle of a delivery attempt), its
1069 status is not altered. This option can be used only by an
1070 admin user.
1071 -Mf <message id> <message id> ...
1073 This option requests Exim to mark each listed message as
1074 "frozen". This prevents any delivery attempts taking place
1075 until the message is "thawed", either manually or as a result
1076 of the auto_thaw configuration option. However, if any of
1077 the messages are active (in the middle of a delivery
1078 attempt), their status is not altered. This option can be
1079 used only by an admin user.
1080 -Mg <message id> <message id> ...
1082 This option requests Exim to give up trying to deliver the
1083 listed messages, including any that are frozen. However, if
1084 any of the messages are active, their status is not altered.
1085 For non-bounce messages, a delivery error message is sent to
1086 the sender, containing the text "cancelled by administrator".
1087 Bounce messages are just discarded. This option can be used
1088 only by an admin user.
1089 -Mmad <message id> <message id> ...
1091 This option requests Exim to mark all the recipient addresses
1092 in the messages as already delivered ("mad" for "mark all
1093 delivered"). However, if any message is active (in the middle
1094 of a delivery attempt), its status is not altered. This
1095 option can be used only by an admin user.
1096 -Mmd <message id> <address> <address> ...
1098 This option requests Exim to mark the given addresses as
1099 already delivered ("md" for "mark delivered"). The first
1100 argument must be a message id, and the remaining ones must be
1101 email addresses. These are matched to recipient addresses in
1102 the message in a case-sensitive manner. If the message is
1103 active (in the middle of a delivery attempt), its status is
1104 not altered. This option can be used only by an admin user.
1105 -Mrm <message id> <message id> ...
1107 This option requests Exim to remove the given messages from
1108 the queue. No bounce messages are sent; each message is sim‐
1109 ply forgotten. However, if any of the messages are active,
1110 their status is not altered. This option can be used only by
1111 an admin user or by the user who originally caused the mes‐
1112 sage to be placed on the queue.
1113 -Mset <message id>
1115 This option is useful only in conjunction with -be (that is,
1116 when testing string expansions). Exim loads the given message
1117 from its spool before doing the test expansions, thus setting
1118 message-specific variables such as $message_size and the
1119 header variables. The $recipients variable is made available.
1120 This feature is provided to make it easier to test expansions
1121 that make use of these variables. However, this option can be
1122 used only by an admin user. See also -bem.
1123 -Mt <message id> <message id> ...
1125 This option requests Exim to "thaw" any of the listed mes‐
1126 sages that are "frozen", so that delivery attempts can
1127 resume. However, if any of the messages are active, their
1128 status is not altered. This option can be used only by an
1129 admin user.
1130 -Mvb <message id>
1132 This option causes the contents of the message body (-D)
1133 spool file to be written to the standard output. This option
1134 can be used only by an admin user.
1135 -Mvc <message id>
1137 This option causes a copy of the complete message (header
1138 lines plus body) to be written to the standard output in RFC
1139 2822 format. This option can be used only by an admin user.
1140 -Mvh <message id>
1142 This option causes the contents of the message headers (-H)
1143 spool file to be written to the standard output. This option
1144 can be used only by an admin user.
1145 -Mvl <message id>
1147 This option causes the contents of the message log spool file
1148 to be written to the standard output. This option can be used
1149 only by an admin user.
1150 -m This is apparently a synonym for -om that is accepted by
1152 Sendmail, so Exim treats it that way too.
1153 -N This is a debugging option that inhibits delivery of a mes‐
1155 sage at the transport level. It implies -v. Exim goes through
1156 many of the motions of delivery - it just doesn't actually
1157 transport the message, but instead behaves as if it had suc‐
1158 cessfully done so. However, it does not make any updates to
1159 the retry database, and the log entries for deliveries are
1160 flagged with "*>" rather than "=>".
1161 Because -N discards any message to which it applies, only
1163 root or the Exim user are allowed to use it with -bd, -q, -R
1164 or -M. In other words, an ordinary user can use it only when
1165 supplying an incoming message to which it will apply.
1166 Although transportation never fails when -N is set, an
1167 address may be deferred because of a configuration problem on
1168 a transport, or a routing problem. Once -N has been used for
1169 a delivery attempt, it sticks to the message, and applies to
1170 any subsequent delivery attempts that may happen for that
1171 message.
1172 -n This option is interpreted by Sendmail to mean "no aliasing".
1174 It is ignored by Exim.
1175 -O <data> This option is interpreted by Sendmail to mean set option. It
1177 is ignored by Exim.
1178 -oA <file name>
1180 This option is used by Sendmail in conjunction with -bi to
1181 specify an alternative alias file name. Exim handles -bi dif‐
1182 ferently; see the description above.
1183 -oB <n> This is a debugging option which limits the maximum number of
1185 messages that can be delivered down one SMTP connection,
1186 overriding the value set in any smtp transport. If <n> is
1187 omitted, the limit is set to 1.
1188 -odb This option applies to all modes in which Exim accepts incom‐
1190 ing messages, including the listening daemon. It requests
1191 "background" delivery of such messages, which means that the
1192 accepting process automatically starts a delivery process for
1193 each message received, but does not wait for the delivery
1194 processes to finish.
1195 When all the messages have been received, the reception
1197 process exits, leaving the delivery processes to finish in
1198 their own time. The standard output and error streams are
1199 closed at the start of each delivery process. This is the
1200 default action if none of the -od options are present.
1201 If one of the queueing options in the configuration file
1203 (queue_only or queue_only_file, for example) is in effect,
1204 -odb overrides it if queue_only_override is set true, which
1205 is the default setting. If queue_only_override is set false,
1206 -odb has no effect.
1207 -odf This option requests "foreground" (synchronous) delivery when
1209 Exim has accepted a locally-generated message. (For the dae‐
1210 mon it is exactly the same as -odb.) A delivery process is
1211 automatically started to deliver the message, and Exim waits
1212 for it to complete before proceeding.
1213 The original Exim reception process does not finish until the
1215 delivery process for the final message has ended. The stan‐
1216 dard error stream is left open during deliveries.
1217 However, like -odb, this option has no effect if
1219 queue_only_override is false and one of the queueing options
1220 in the configuration file is in effect.
1221 If there is a temporary delivery error during foreground
1223 delivery, the message is left on the queue for later deliv‐
1224 ery, and the original reception process exits.
1225 -odi This option is synonymous with -odf. It is provided for com‐
1227 patibility with Sendmail.
1228 -odq This option applies to all modes in which Exim accepts incom‐
1230 ing messages, including the listening daemon. It specifies
1231 that the accepting process should not automatically start a
1232 delivery process for each message received. Messages are
1233 placed on the queue, and remain there until a subsequent
1234 queue runner process encounters them. There are several con‐
1235 figuration options (such as queue_only) that can be used to
1236 queue incoming messages under certain conditions. This option
1237 overrides all of them and also -odqs. It always forces queue‐
1238 ing.
1239 -odqs This option is a hybrid between -odb/-odi and -odq. However,
1241 like -odb and -odi, this option has no effect if
1242 queue_only_override is false and one of the queueing options
1243 in the configuration file is in effect.
1244 When -odqs does operate, a delivery process is started for
1246 each incoming message, in the background by default, but in
1247 the foreground if -odi is also present. The recipient
1248 addresses are routed, and local deliveries are done in the
1249 normal way. However, if any SMTP deliveries are required,
1250 they are not done at this time, so the message remains on the
1251 queue until a subsequent queue runner process encounters it.
1252 Because routing was done, Exim knows which messages are wait‐
1253 ing for which hosts, and so a number of messages for the same
1254 host can be sent in a single SMTP connection. The
1255 queue_smtp_domains configuration option has the same effect
1256 for specific domains. See also the -qq option.
1257 -oee If an error is detected while a non-SMTP message is being
1259 received (for example, a malformed address), the error is
1260 reported to the sender in a mail message.
1261 Provided this error message is successfully sent, the Exim
1263 receiving process exits with a return code of zero. If not,
1264 the return code is 2 if the problem is that the original mes‐
1265 sage has no recipients, or 1 any other error. This is the
1266 default -oex option if Exim is called as rmail.
1267 -oem This is the same as -oee, except that Exim always exits with
1269 a non-zero return code, whether or not the error message was
1270 successfully sent. This is the default -oex option, unless
1271 Exim is called as rmail.
1272 -oep If an error is detected while a non-SMTP message is being
1274 received, the error is reported by writing a message to the
1275 standard error file (stderr). The return code is 1 for all
1276 errors.
1277 -oeq This option is supported for compatibility with Sendmail, but
1279 has the same effect as -oep.
1280 -oew This option is supported for compatibility with Sendmail, but
1282 has the same effect as -oem.
1283 -oi This option, which has the same effect as -i, specifies that
1285 a dot on a line by itself should not terminate an incoming,
1286 non-SMTP message. Otherwise, a single dot does terminate,
1287 though Exim does no special processing for other lines that
1288 start with a dot. This option is set by default if Exim is
1289 called as rmail. See also -ti.
1290 -oitrue This option is treated as synonymous with -oi.
1292 -oMa <host address>
1294 A number of options starting with -oM can be used to set val‐
1295 ues associated with remote hosts on locally-submitted mes‐
1296 sages (that is, messages not received over TCP/IP). These
1297 options can be used by any caller in conjunction with the
1298 -bh, -be, -bf, -bF, -bt, or -bv testing options. In other
1299 circumstances, they are ignored unless the caller is trusted.
1300 The -oMa option sets the sender host address. This may
1302 include a port number at the end, after a full stop (period).
1303 For example:
1304 exim -bs -oMa 10.9.8.7.1234
1306 An alternative syntax is to enclose the IP address in square
1308 brackets, followed by a colon and the port number:
1309 exim -bs -oMa [10.9.8.7]:1234
1311 The IP address is placed in the $sender_host_address vari‐
1313 able, and the port, if present, in $sender_host_port. If both
1314 -oMa and -bh are present on the command line, the sender host
1315 IP address is taken from whichever one is last.
1316 -oMaa <name>
1318 See -oMa above for general remarks about the -oM options. The
1319 -oMaa option sets the value of $sender_host_authenticated
1320 (the authenticator name). This option can be used with -bh
1321 and -bs to set up an authenticated SMTP session without actu‐
1322 ally using the SMTP AUTH command.
1323 -oMai <string>
1325 See -oMa above for general remarks about the -oM options. The
1326 -oMai option sets the value of $authenticated_id (the id that
1327 was authenticated). This overrides the default value (the
1328 caller's login id, except with -bh, where there is no
1329 default) for messages from local sources.
1330 -oMas <address>
1332 See -oMa above for general remarks about the -oM options. The
1333 -oMas option sets the authenticated sender value in $authen‐
1334 ticated_sender. It overrides the sender address that is cre‐
1335 ated from the caller's login id for messages from local
1336 sources, except when -bh is used, when there is no default.
1337 For both -bh and -bs, an authenticated sender that is speci‐
1338 fied on a MAIL command overrides this value.
1339 -oMi <interface address>
1341 See -oMa above for general remarks about the -oM options. The
1342 -oMi option sets the IP interface address value. A port num‐
1343 ber may be included, using the same syntax as for -oMa. The
1344 interface address is placed in $received_ip_address and the
1345 port number, if present, in $received_port.
1346 -oMr <protocol name>
1348 See -oMa above for general remarks about the -oM options. The
1349 -oMr option sets the received protocol value that is stored
1350 in $received_protocol. However, it does not apply (and is
1351 ignored) when -bh or -bs is used. For -bh, the protocol is
1352 forced to one of the standard SMTP protocol names. For -bs,
1353 the protocol is always "local-" followed by one of those same
1354 names. For -bS (batched SMTP) however, the protocol can be
1355 set by -oMr.
1356 -oMs <host name>
1358 See -oMa above for general remarks about the -oM options. The
1359 -oMs option sets the sender host name in $sender_host_name.
1360 When this option is present, Exim does not attempt to look up
1361 a host name from an IP address; it uses the name it is given.
1362 -oMt <ident string>
1364 See -oMa above for general remarks about the -oM options. The
1365 -oMt option sets the sender ident value in $sender_ident. The
1366 default setting for local callers is the login id of the
1367 calling process, except when -bh is used, when there is no
1368 default.
1369 -om In Sendmail, this option means "me too", indicating that the
1371 sender of a message should receive a copy of the message if
1372 the sender appears in an alias expansion. Exim always does
1373 this, so the option does nothing.
1374 -oo This option is ignored. In Sendmail it specifies "old style
1376 headers", whatever that means.
1377 -oP <path>
1379 This option is useful only in conjunction with -bd or -q with
1380 a time value. The option specifies the file to which the
1381 process id of the daemon is written. When -oX is used with
1382 -bd, or when -q with a time is used without -bd, this is the
1383 only way of causing Exim to write a pid file, because in
1384 those cases, the normal pid file is not used.
1385 -or <time>
1387 This option sets a timeout value for incoming non-SMTP mes‐
1388 sages. If it is not set, Exim will wait forever for the stan‐
1389 dard input. The value can also be set by the receive_timeout
1390 option.
1391 -os <time>
1393 This option sets a timeout value for incoming SMTP messages.
1394 The timeout applies to each SMTP command and block of data.
1395 The value can also be set by the smtp_receive_timeout option;
1396 it defaults to 5 minutes.
1397 -ov This option has exactly the same effect as -v.
1399 -oX <number or string>
1401 This option is relevant only when the -bd (start listening
1402 daemon) option is also given. It controls which ports and
1403 interfaces the daemon uses. When -oX is used to start a dae‐
1404 mon, no pid file is written unless -oP is also present to
1405 specify a pid file name.
1406 -pd This option applies when an embedded Perl interpreter is
1408 linked with Exim. It overrides the setting of the
1409 perl_at_start option, forcing the starting of the interpreter
1410 to be delayed until it is needed.
1411 -ps This option applies when an embedded Perl interpreter is
1413 linked with Exim. It overrides the setting of the
1414 perl_at_start option, forcing the starting of the interpreter
1415 to occur as soon as Exim is started.
1416 -p<rval>:<sval>
1418 For compatibility with Sendmail, this option is equivalent to
1419 -oMr <rval> -oMs <sval>
1421 It sets the incoming protocol and host name (for trusted
1423 callers). The host name and its colon can be omitted when
1424 only the protocol is to be set. Note the Exim already has
1425 two private options, -pd and -ps, that refer to embedded
1426 Perl. It is therefore impossible to set a protocol value of p
1427 or s using this option (but that does not seem a real limita‐
1428 tion).
1429 -q This option is normally restricted to admin users. However,
1431 there is a configuration option called prod_requires_admin
1432 which can be set false to relax this restriction (and also
1433 the same requirement for the -M, -R, and -S options).
1434 The -q option starts one queue runner process. This scans the
1436 queue of waiting messages, and runs a delivery process for
1437 each one in turn. It waits for each delivery process to fin‐
1438 ish before starting the next one. A delivery process may not
1439 actually do any deliveries if the retry times for the
1440 addresses have not been reached. Use -qf (see below) if you
1441 want to override this.
1442 If the delivery process spawns other processes to deliver
1444 other messages down passed SMTP connections, the queue runner
1445 waits for these to finish before proceeding.
1446 When all the queued messages have been considered, the origi‐
1448 nal queue runner process terminates. In other words, a single
1449 pass is made over the waiting mail, one message at a time.
1450 Use -q with a time (see below) if you want this to be
1451 repeated periodically.
1452 Exim processes the waiting messages in an unpredictable
1454 order. It isn't very random, but it is likely to be different
1455 each time, which is all that matters. If one particular mes‐
1456 sage screws up a remote MTA, other messages to the same MTA
1457 have a chance of getting through if they get tried first.
1458 It is possible to cause the messages to be processed in lexi‐
1460 cal message id order, which is essentially the order in which
1461 they arrived, by setting the queue_run_in_order option, but
1462 this is not recommended for normal use.
1463 -q<qflags>
1465 The -q option may be followed by one or more flag letters
1466 that change its behaviour. They are all optional, but if more
1467 than one is present, they must appear in the correct order.
1468 Each flag is described in a separate item below.
1469 -qq... An option starting with -qq requests a two-stage queue run.
1471 In the first stage, the queue is scanned as if the
1472 queue_smtp_domains option matched every domain. Addresses are
1473 routed, local deliveries happen, but no remote transports are
1474 run.
1475 The hints database that remembers which messages are waiting
1477 for specific hosts is updated, as if delivery to those hosts
1478 had been deferred. After this is complete, a second, normal
1479 queue scan happens, with routing and delivery taking place as
1480 normal. Messages that are routed to the same host should
1481 mostly be delivered down a single SMTP connection because of
1482 the hints that were set up during the first queue scan. This
1483 option may be useful for hosts that are connected to the
1484 Internet intermittently.
1485 -q[q]i... If the i flag is present, the queue runner runs delivery pro‐
1487 cesses only for those messages that haven't previously been
1488 tried. (i stands for "initial delivery".) This can be helpful
1489 if you are putting messages on the queue using -odq and want
1490 a queue runner just to process the new messages.
1491 -q[q][i]f...
1493 If one f flag is present, a delivery attempt is forced for
1494 each non-frozen message, whereas without f only those
1495 non-frozen addresses that have passed their retry times are
1496 tried.
1497 -q[q][i]ff...
1499 If ff is present, a delivery attempt is forced for every mes‐
1500 sage, whether frozen or not.
1501 -q[q][i][f[f]]l
1503 The l (the letter "ell") flag specifies that only local
1504 deliveries are to be done. If a message requires any remote
1505 deliveries, it remains on the queue for later delivery.
1506 -q<qflags> <start id> <end id>
1508 When scanning the queue, Exim can be made to skip over mes‐
1509 sages whose ids are lexically less than a given value by fol‐
1510 lowing the -q option with a starting message id. For example:
1511 exim -q 0t5C6f-0000c8-00
1513 Messages that arrived earlier than 0t5C6f-0000c8-00 are not
1515 inspected. If a second message id is given, messages whose
1516 ids are lexically greater than it are also skipped. If the
1517 same id is given twice, for example,
1518 exim -q 0t5C6f-0000c8-00 0t5C6f-0000c8-00
1520 just one delivery process is started, for that message. This
1522 differs from -M in that retry data is respected, and it also
1523 differs from -Mc in that it counts as a delivery from a queue
1524 run. Note that the selection mechanism does not affect the
1525 order in which the messages are scanned. There are also other
1526 ways of selecting specific sets of messages for delivery in a
1527 queue run - see -R and -S.
1528 -q<qflags><time>
1530 When a time value is present, the -q option causes Exim to
1531 run as a daemon, starting a queue runner process at intervals
1532 specified by the given time value. This form of the -q option
1533 is commonly combined with the -bd option, in which case a
1534 single daemon process handles both functions. A common way of
1535 starting up a combined daemon at system boot time is to use a
1536 command such as
1537 /usr/exim/bin/exim -bd -q30m
1539 Such a daemon listens for incoming SMTP calls, and also
1541 starts a queue runner process every 30 minutes.
1542 When a daemon is started by -q with a time value, but without
1544 -bd, no pid file is written unless one is explicitly
1545 requested by the -oP option.
1546 -qR<rsflags> <string>
1548 This option is synonymous with -R. It is provided for Send‐
1549 mail compatibility.
1550 -qS<rsflags> <string>
1552 This option is synonymous with -S.
1553 -R<rsflags> <string>
1555 The <rsflags> may be empty, in which case the white space
1556 before the string is optional, unless the string is f, ff, r,
1557 rf, or rff, which are the possible values for <rsflags>.
1558 White space is required if <rsflags> is not empty.
1559 This option is similar to -q with no time value, that is, it
1561 causes Exim to perform a single queue run, except that, when
1562 scanning the messages on the queue, Exim processes only those
1563 that have at least one undelivered recipient address contain‐
1564 ing the given string, which is checked in a case-independent
1565 way. If the <rsflags> start with r, <string> is interpreted
1566 as a regular expression; otherwise it is a literal string.
1567 If you want to do periodic queue runs for messages with spe‐
1569 cific recipients, you can combine -R with -q and a time
1570 value. For example:
1571 exim -q25m -R @special.domain.example
1573 This example does a queue run for messages with recipients in
1575 the given domain every 25 minutes. Any additional flags that
1576 are specified with -q are applied to each queue run.
1577 Once a message is selected for delivery by this mechanism,
1579 all its addresses are processed. For the first selected mes‐
1580 sage, Exim overrides any retry information and forces a
1581 delivery attempt for each undelivered address. This means
1582 that if delivery of any address in the first message is suc‐
1583 cessful, any existing retry information is deleted, and so
1584 delivery attempts for that address in subsequently selected
1585 messages (which are processed without forcing) will run. How‐
1586 ever, if delivery of any address does not succeed, the retry
1587 information is updated, and in subsequently selected mes‐
1588 sages, the failing address will be skipped.
1589 If the <rsflags> contain f or ff, the delivery forcing
1591 applies to all selected messages, not just the first; frozen
1592 messages are included when ff is present.
1593 The -R option makes it straightforward to initiate delivery
1595 of all messages to a given domain after a host has been down
1596 for some time. When the SMTP command ETRN is accepted by its
1597 ACL, its default effect is to run Exim with the -R option,
1598 but it can be configured to run an arbitrary command instead.
1599 -r This is a documented (for Sendmail) obsolete alternative name
1601 for -f.
1602 -S<rsflags> <string>
1604 This option acts like -R except that it checks the string
1605 against each message's sender instead of against the recipi‐
1606 ents. If -R is also set, both conditions must be met for a
1607 message to be selected. If either of the options has f or ff
1608 in its flags, the associated action is taken.
1609 -Tqt <times>
1611 This an option that is exclusively for use by the Exim test‐
1612 ing suite. It is not recognized when Exim is run normally. It
1613 allows for the setting up of explicit "queue times" so that
1614 various warning/retry features can be tested.
1615 -t When Exim is receiving a locally-generated, non-SMTP message
1617 on its standard input, the -t option causes the recipients of
1618 the message to be obtained from the To:, Cc:, and Bcc: header
1619 lines in the message instead of from the command arguments.
1620 The addresses are extracted before any rewriting takes place
1621 and the Bcc: header line, if present, is then removed.
1622 If the command has any arguments, they specify addresses to
1624 which the message is not to be delivered. That is, the argu‐
1625 ment addresses are removed from the recipients list obtained
1626 from the headers. This is compatible with Smail 3 and in
1627 accordance with the documented behaviour of several versions
1628 of Sendmail, as described in man pages on a number of operat‐
1629 ing systems (e.g. Solaris 8, IRIX 6.5, HP-UX 11). However,
1630 some versions of Sendmail add argument addresses to those
1631 obtained from the headers, and the O'Reilly Sendmail book
1632 documents it that way. Exim can be made to add argument
1633 addresses instead of subtracting them by setting the option
1634 extract_addresses_remove_arguments false.
1635 If there are any Resent- header lines in the message, Exim
1637 extracts recipients from all Resent-To:, Resent-Cc:, and
1638 Resent-Bcc: header lines instead of from To:, Cc:, and Bcc:.
1639 This is for compatibility with Sendmail and other MTAs.
1640 (Prior to release 4.20, Exim gave an error if -t was used in
1641 conjunction with Resent- header lines.)
1642 RFC 2822 talks about different sets of Resent- header lines
1644 (for when a message is resent several times). The RFC also
1645 specifies that they should be added at the front of the mes‐
1646 sage, and separated by Received: lines. It is not at all
1647 clear how -t should operate in the present of multiple sets,
1648 nor indeed exactly what constitutes a "set". In practice, it
1649 seems that MUAs do not follow the RFC. The Resent- lines are
1650 often added at the end of the header, and if a message is
1651 resent more than once, it is common for the original set of
1652 Resent- headers to be renamed as X-Resent- when a new set is
1653 added. This removes any possible ambiguity.
1654 -ti This option is exactly equivalent to -t -i. It is provided
1656 for compatibility with Sendmail.
1657 -tls-on-connect
1659 This option is available when Exim is compiled with TLS sup‐
1660 port. It forces all incoming SMTP connections to behave as if
1661 the incoming port is listed in the tls_on_connect_ports
1662 option.
1663 -U Sendmail uses this option for "initial message submission",
1665 and its documentation states that in future releases, it may
1666 complain about syntactically invalid messages rather than
1667 fixing them when this flag is not set. Exim ignores this
1668 option.
1669 -v This option causes Exim to write information to the standard
1671 error stream, describing what it is doing. In particular, it
1672 shows the log lines for receiving and delivering a message,
1673 and if an SMTP connection is made, the SMTP dialogue is
1674 shown. Some of the log lines shown may not actually be writ‐
1675 ten to the log if the setting of log_selector discards them.
1676 Any relevant selectors are shown with each log line. If none
1677 are shown, the logging is unconditional.
1678 -x AIX uses -x for a private purpose ("mail from a local mail
1680 program has National Language Support extended characters in
1681 the body of the mail item"). It sets -x when calling the MTA
1682 from its mail command. Exim ignores this option.
1683
1686 The full Exim specification, the Exim book, and the Exim wiki.
1688 EXIM(8)