1EXIM(8) System Manager's Manual EXIM(8)
2
6 exim - a Mail Transfer Agent
7
9 exim [options] arguments ...
10 mailq [options] arguments ...
11 rsmtp [options] arguments ...
12 rmail [options] arguments ...
13 runq [options] arguments ...
14 newaliases [options] arguments ...
15
17 Exim is a mail transfer agent (MTA) developed at the University of Cam‐
19 bridge. It is a large program with very many facilities. For a full
20 specification, see the reference manual. This man page contains only a
21 description of the command line options. It has been automatically gen‐
22 erated from the reference manual source, hopefully without too much
23 mangling.
24 Like other MTAs, Exim replaces Sendmail, and is normally called by user
26 agents (MUAs) using the path /usr/sbin/sendmail when they submit mes‐
27 sages for delivery (some operating systems use /usr/lib/sendmail). This
28 path is normally set up as a symbolic link to the Exim binary. It may
29 also be used by boot scripts to start the Exim daemon. Many of Exim's
30 command line options are compatible with Sendmail so that it can act as
31 a drop-in replacement.
32
34 If no options are present that require a specific action (such as
36 starting the daemon or a queue runner, testing an address, receiving a
37 message in a specific format, or listing the queue), and there are no
38 arguments on the command line, Exim outputs a brief message about
39 itself and exits.
40 However, if there is at least one command line argument, -bm (accept a
42 local message on the standard input, with the arguments specifying the
43 recipients) is assumed. Thus, for example, if Exim is installed in
44 /usr/sbin, you can send a message from the command line like this:
45 /usr/sbin/exim -i <recipient-address(es)>
47 <message content, including all the header lines>
48 CTRL-D
49 The -i option prevents a line containing just a dot from terminating
51 the message. Only an end-of-file (generated by typing CTRL-D if the
52 input is from a terminal) does so.
53
55 If an Exim binary is called using one of the names listed in this sec‐
57 tion (typically via a symbolic link), certain options are assumed.
58 mailq Behave as if the option -bp were present before any other
60 options. The -bp option requests a listing of the contents of
61 the mail queue on the standard output.
62 rsmtp Behaves as if the option -bS were present before any other
64 options, for compatibility with Smail. The -bS option is used
65 for reading in a number of messages in batched SMTP format.
66 rmail Behave as if the -i and -oee options were present before any
68 other options, for compatibility with Smail. The name rmail is
69 used as an interface by some UUCP systems. The -i option speci‐
70 fies that a dot on a line by itself does not terminate a
71 non-SMTP message; -oee requests that errors detected in non-SMTP
72 messages be reported by emailing the sender.
73 runq Behave as if the option -q were present before any other
75 options, for compatibility with Smail. The -q option causes a
76 single queue runner process to be started. It processes the
77 queue once, then exits.
78 newaliases
80 Behave as if the option -bi were present before any other
81 options, for compatibility with Sendmail. This option is used
82 for rebuilding Sendmail's alias file. Exim does not have the
83 concept of a single alias file, but can be configured to run a
84 specified command if called with the -bi option.
85
87 -- This is a pseudo-option whose only purpose is to terminate
89 the options and therefore to cause subsequent command line
90 items to be treated as arguments rather than options, even if
91 they begin with hyphens.
92 --help This option causes Exim to output a few sentences stating
94 what it is. The same output is generated if the Exim binary
95 is called with no options and no arguments.
96 --version This option is an alias for -bV and causes version informa‐
98 tion to be displayed.
99 -Ac -Am These options are used by Sendmail for selecting configu‐
101 ration files and are ignored by Exim.
102 -B<type> This is a Sendmail option for selecting 7 or 8 bit process‐
104 ing. Exim is 8-bit clean; it ignores this option.
105 -bd This option runs Exim as a daemon, awaiting incoming SMTP
107 connections. Usually the -bd option is combined with the
108 -q<time> option, to specify that the daemon should also ini‐
109 tiate periodic queue runs.
110 The -bd option can be used only by an admin user. If either
112 of the -d (debugging) or -v (verifying) options are set, the
113 daemon does not disconnect from the controlling terminal.
114 When running this way, it can be stopped by pressing ctrl-C.
115 By default, Exim listens for incoming connections to the
117 standard SMTP port on all the host's running interfaces. How‐
118 ever, it is possible to listen on other ports, on multiple
119 ports, and only on specific interfaces.
120 When a listening daemon is started without the use of -oX
122 (that is, without overriding the normal configuration), it
123 writes its process id to a file called exim-daemon.pid in
124 Exim's spool directory. This location can be overridden by
125 setting PID_FILE_PATH in Local/Makefile. The file is written
126 while Exim is still running as root.
127 When -oX is used on the command line to start a listening
129 daemon, the process id is not written to the normal pid file
130 path. However, -oP can be used to specify a path on the com‐
131 mand line if a pid file is required.
132 The SIGHUP signal can be used to cause the daemon to re-exe‐
134 cute itself. This should be done whenever Exim's configura‐
135 tion file, or any file that is incorporated into it by means
136 of the .include facility, is changed, and also whenever a new
137 version of Exim is installed. It is not necessary to do this
138 when other files that are referenced from the configuration
139 (for example, alias files) are changed, because these are
140 reread each time they are used.
141 -bdf This option has the same effect as -bd except that it never
143 disconnects from the controlling terminal, even when no
144 debugging is specified.
145 -be Run Exim in expansion testing mode. Exim discards its root
147 privilege, to prevent ordinary users from using this mode to
148 read otherwise inaccessible files. If no arguments are given,
149 Exim runs interactively, prompting for lines of data. Other‐
150 wise, it processes each argument in turn.
151 If Exim was built with USE_READLINE=yes in Local/Makefile, it
153 tries to load the libreadline library dynamically whenever
154 the -be option is used without command line arguments. If
155 successful, it uses the readline() function, which provides
156 extensive line-editing facilities, for reading the test data.
157 A line history is supported.
158 Long expansion expressions can be split over several lines by
160 using backslash continuations. As in Exim's runtime configu‐
161 ration, white space at the start of continuation lines is
162 ignored. Each argument or data line is passed through the
163 string expansion mechanism, and the result is output. Vari‐
164 able values from the configuration file (for example, $qual‐
165 ify_domain) are available, but no message-specific values
166 (such as $message_exim_id) are set, because no message is
167 being processed (but see -bem and -Mset).
168 Note: If you use this mechanism to test lookups, and you
170 change the data files or databases you are using, you must
171 exit and restart Exim before trying the same lookup again.
172 Otherwise, because each Exim process caches the results of
173 lookups, you will just get the same result as before.
174 Macro processing is done on lines before string-expansion:
176 new macros can be defined and macros will be expanded.
177 Because macros in the config file are often used for secrets,
178 those are only available to admin users.
179 -bem <filename>
181 This option operates like -be except that it must be followed
182 by the name of a file. For example:
183 exim -bem /tmp/testmessage
185 The file is read as a message (as if receiving a locally-sub‐
187 mitted non-SMTP message) before any of the test expansions
188 are done. Thus, message-specific variables such as $mes‐
189 sage_size and $header_from: are available. However, no
190 Received: header is added to the message. If the -t option is
191 set, recipients are read from the headers in the normal way,
192 and are shown in the $recipients variable. Note that recipi‐
193 ents cannot be given on the command line, because further
194 arguments are taken as strings to expand (just like -be).
195 -bF <filename>
197 This option is the same as -bf except that it assumes that
198 the filter being tested is a system filter. The additional
199 commands that are available only in system filters are recog‐
200 nized.
201 -bf <filename>
203 This option runs Exim in user filter testing mode; the file
204 is the filter file to be tested, and a test message must be
205 supplied on the standard input. If there are no mes‐
206 sage-dependent tests in the filter, an empty file can be sup‐
207 plied.
208 If you want to test a system filter file, use -bF instead of
210 -bf. You can use both -bF and -bf on the same command, in
211 order to test a system filter and a user filter in the same
212 run. For example:
213 exim -bF /system/filter -bf /user/filter </test/message
215 This is helpful when the system filter adds header lines or
217 sets filter variables that are used by the user filter.
218 If the test filter file does not begin with one of the spe‐
220 cial lines
221 # Exim filter
223 # Sieve filter
224 it is taken to be a normal .forward file, and is tested for
226 validity under that interpretation.
227 The result of an Exim command that uses -bf, provided no
229 errors are detected, is a list of the actions that Exim would
230 try to take if presented with the message for real. More
231 details of filter testing are given in the separate document
232 entitled Exim's interfaces to mail filtering.
233 When testing a filter file, the envelope sender can be set by
235 the -f option, or by a "From " line at the start of the test
236 message. Various parameters that would normally be taken from
237 the envelope recipient address of the message can be set by
238 means of additional command line options (see the next four
239 options).
240 -bfd <domain>
242 This sets the domain of the recipient address when a filter
243 file is being tested by means of the -bf option. The default
244 is the value of $qualify_domain.
245 -bfl <local part>
247 This sets the local part of the recipient address when a fil‐
248 ter file is being tested by means of the -bf option. The
249 default is the username of the process that calls Exim. A
250 local part should be specified with any prefix or suffix
251 stripped, because that is how it appears to the filter when a
252 message is actually being delivered.
253 -bfp <prefix>
255 This sets the prefix of the local part of the recipient
256 address when a filter file is being tested by means of the
257 -bf option. The default is an empty prefix.
258 -bfs <suffix>
260 This sets the suffix of the local part of the recipient
261 address when a filter file is being tested by means of the
262 -bf option. The default is an empty suffix.
263 -bh <IP address>
265 This option runs a fake SMTP session as if from the given IP
266 address, using the standard input and output. The IP address
267 may include a port number at the end, after a full stop. For
268 example:
269 exim -bh 10.9.8.7.1234
271 exim -bh fe80::a00:20ff:fe86:a061.5678
272 When an IPv6 address is given, it is converted into canonical
274 form. In the case of the second example above, the value of
275 $sender_host_address after conversion to the canonical form
276 is fe80:0000:0000:0a00:20ff:fe86:a061.5678.
277 Comments as to what is going on are written to the standard
279 error file. These include lines beginning with "LOG" for any‐
280 thing that would have been logged. This facility is provided
281 for testing configuration options for incoming messages, to
282 make sure they implement the required policy. For example,
283 you can test your relay controls using -bh.
284 Warning 1: You can test features of the configuration that
286 rely on ident (RFC 1413) information by using the -oMt
287 option. However, Exim cannot actually perform an ident call‐
288 out when testing using -bh because there is no incoming SMTP
289 connection.
290 Warning 2: Address verification callouts are also skipped
292 when testing using -bh. If you want these callouts to occur,
293 use -bhc instead.
294 Messages supplied during the testing session are discarded,
296 and nothing is written to any of the real log files. There
297 may be pauses when DNS (and other) lookups are taking place,
298 and of course these may time out. The -oMi option can be used
299 to specify a specific IP interface and port if this is impor‐
300 tant, and -oMaa and -oMai can be used to set parameters as if
301 the SMTP session were authenticated.
302 The exim_checkaccess utility is a "packaged" version of -bh
304 whose output just states whether a given recipient address
305 from a given host is acceptable or not.
306 Features such as authentication and encryption, where the
308 client input is not plain text, cannot easily be tested with
309 -bh. Instead, you should use a specialized SMTP test program
310 such as swaks.
311 -bhc <IP address>
313 This option operates in the same way as -bh, except that
314 address verification callouts are performed if required. This
315 includes consulting and updating the callout cache database.
316 -bi Sendmail interprets the -bi option as a request to rebuild
318 its alias file. Exim does not have the concept of a single
319 alias file, and so it cannot mimic this behaviour. However,
320 calls to /usr/lib/sendmail with the -bi option tend to appear
321 in various scripts such as NIS make files, so the option must
322 be recognized.
323 If -bi is encountered, the command specified by the bi_com‐
325 mand configuration option is run, under the uid and gid of
326 the caller of Exim. If the -oA option is used, its value is
327 passed to the command as an argument. The command set by
328 bi_command may not contain arguments. The command can use the
329 exim_dbmbuild utility, or some other means, to rebuild alias
330 files if this is required. If the bi_command option is not
331 set, calling Exim with -bi is a no-op.
332 -bI:help We shall provide various options starting -bI: for querying
334 Exim for information. The output of many of these will be
335 intended for machine consumption. This one is not. The
336 -bI:help option asks Exim for a synopsis of supported options
337 beginning -bI:. Use of any of these options shall cause Exim
338 to exit after producing the requested output.
339 -bI:dscp This option causes Exim to emit an alphabetically sorted list
341 of all recognised DSCP names.
342 -bI:sieve This option causes Exim to emit an alphabetically sorted list
344 of all supported Sieve protocol extensions on stdout, one per
345 line. This is anticipated to be useful for ManageSieve (RFC
346 5804) implementations, in providing that protocol's SIEVE
347 capability response line. As the precise list may depend
348 upon compile-time build options, which this option will adapt
349 to, this is the only way to guarantee a correct response.
350 -bm This option runs an Exim receiving process that accepts an
352 incoming, locally-generated message on the standard input.
353 The recipients are given as the command arguments (except
354 when -t is also present - see below). Each argument can be a
355 comma-separated list of RFC 2822 addresses. This is the
356 default option for selecting the overall action of an Exim
357 call; it is assumed if no other conflicting option is
358 present.
359 If any addresses in the message are unqualified (have no
361 domain), they are qualified by the values of the qual‐
362 ify_domain or qualify_recipient options, as appropriate. The
363 -bnq option (see below) provides a way of suppressing this
364 for special cases.
365 Policy checks on the contents of local messages can be
367 enforced by means of the non-SMTP ACL.
368 The return code is zero if the message is successfully
370 accepted. Otherwise, the action is controlled by the -oex
371 option setting - see below.
372 The format of the message must be as defined in RFC 2822,
374 except that, for compatibility with Sendmail and Smail, a
375 line in one of the forms
376 From sender Fri Jan 5 12:55 GMT 1997
378 From sender Fri, 5 Jan 97 12:55:01
379 (with the weekday optional, and possibly with additional text
381 after the date) is permitted to appear at the start of the
382 message. There appears to be no authoritative specification
383 of the format of this line. Exim recognizes it by matching
384 against the regular expression defined by the uucp_from_pat‐
385 tern option, which can be changed if necessary.
386 The specified sender is treated as if it were given as the
388 argument to the -f option, but if a -f option is also
389 present, its argument is used in preference to the address
390 taken from the message. The caller of Exim must be a trusted
391 user for the sender of a message to be set in this way.
392 -bmalware <filename>
394 This debugging option causes Exim to scan the given file or
395 directory (depending on the used scanner interface), using
396 the malware scanning framework. The option of av_scanner
397 influences this option, so if av_scanner's value is dependent
398 upon an expansion then the expansion should have defaults
399 which apply to this invocation. ACLs are not invoked, so if
400 av_scanner references an ACL variable then that variable will
401 never be populated and -bmalware will fail.
402 Exim will have changed working directory before resolving the
404 filename, so using fully qualified pathnames is advisable.
405 Exim will be running as the Exim user when it tries to open
406 the file, rather than as the invoking user. This option
407 requires admin privileges.
408 The -bmalware option will not be extended to be more gener‐
410 ally useful, there are better tools for file-scanning. This
411 option exists to help administrators verify their Exim and AV
412 scanner configuration.
413 -bnq By default, Exim automatically qualifies unqualified
415 addresses (those without domains) that appear in messages
416 that are submitted locally (that is, not over TCP/IP). This
417 qualification applies both to addresses in envelopes, and
418 addresses in header lines. Sender addresses are qualified
419 using qualify_domain, and recipient addresses using qual‐
420 ify_recipient (which defaults to the value of qual‐
421 ify_domain).
422 Sometimes, qualification is not wanted. For example, if -bS
424 (batch SMTP) is being used to re-submit messages that origi‐
425 nally came from remote hosts after content scanning, you
426 probably do not want to qualify unqualified addresses in
427 header lines. (Such lines will be present only if you have
428 not enabled a header syntax check in the appropriate ACL.)
429 The -bnq option suppresses all qualification of unqualified
431 addresses in messages that originate on the local host. When
432 this is used, unqualified addresses in the envelope provoke
433 errors (causing message rejection) and unqualified addresses
434 in header lines are left alone.
435 -bP If this option is given with no arguments, it causes the val‐
437 ues of all Exim's main configuration options to be written to
438 the standard output. The values of one or more specific
439 options can be requested by giving their names as arguments,
440 for example:
441 exim -bP qualify_domain hold_domains
443 However, any option setting that is preceded by the word
445 "hide" in the configuration file is not shown in full, except
446 to an admin user. For other users, the output is as in this
447 example:
448 mysql_servers = <value not displayable>
450 If config is given as an argument, the config is output, as
452 it was parsed, any include file resolved, any comment
453 removed.
454 If config_file is given as an argument, the name of the run‐
456 time configuration file is output. (configure_file works too,
457 for backward compatibility.) If a list of configuration
458 files was supplied, the value that is output here is the name
459 of the file that was actually used.
460 If the -n flag is given, then for most modes of -bP operation
462 the name will not be output.
463 If log_file_path or pid_file_path are given, the names of the
465 directories where log files and daemon pid files are written
466 are output, respectively. If these values are unset, log
467 files are written in a sub-directory of the spool directory
468 called log, and the pid file is written directly into the
469 spool directory.
470 If -bP is followed by a name preceded by +, for example,
472 exim -bP +local_domains
474 it searches for a matching named list of any type (domain,
476 host, address, or local part) and outputs what it finds.
477 If one of the words router, transport, or authenticator is
479 given, followed by the name of an appropriate driver
480 instance, the option settings for that driver are output. For
481 example:
482 exim -bP transport local_delivery
484 The generic driver options are output first, followed by the
486 driver's private options. A list of the names of drivers of a
487 particular type can be obtained by using one of the words
488 router_list, transport_list, or authenticator_list, and a
489 complete list of all drivers with their option settings can
490 be obtained by using routers, transports, or authenticators.
491 If environment is given as an argument, the set of environ‐
493 ment variables is output, line by line. Using the -n flag
494 suppresses the value of the variables.
495 If invoked by an admin user, then macro, macro_list and
497 macros are available, similarly to the drivers. Because
498 macros are sometimes used for storing passwords, this option
499 is restricted. The output format is one item per line. For
500 the "-bP macro <name>" form, if no such macro is found the
501 exit status will be nonzero.
502 -bp This option requests a listing of the contents of the mail
504 queue on the standard output. If the -bp option is followed
505 by a list of message ids, just those messages are listed. By
506 default, this option can be used only by an admin user. How‐
507 ever, the queue_list_requires_admin option can be set false
508 to allow any user to see the queue.
509 Each message in the queue is displayed as in the following
511 example:
512 25m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
514 red.king@looking-glass.fict.example
515 <other addresses>
516 The first line contains the length of time the message has
518 been in the queue (in this case 25 minutes), the size of the
519 message (2.9K), the unique local identifier for the message,
520 and the message sender, as contained in the envelope. For
521 bounce messages, the sender address is empty, and appears as
522 "<>". If the message was submitted locally by an untrusted
523 user who overrode the default sender address, the user's
524 login name is shown in parentheses before the sender address.
525 If the message is frozen (attempts to deliver it are sus‐
527 pended) then the text "*** frozen ***" is displayed at the
528 end of this line.
529 The recipients of the message (taken from the envelope, not
531 the headers) are displayed on subsequent lines. Those
532 addresses to which the message has already been delivered are
533 marked with the letter D. If an original address gets
534 expanded into several addresses via an alias or forward file,
535 the original is displayed with a D only when deliveries for
536 all of its child addresses are complete.
537 -bpa This option operates like -bp, but in addition it shows
539 delivered addresses that were generated from the original top
540 level address(es) in each message by alias or forwarding
541 operations. These addresses are flagged with "+D" instead of
542 just "D".
543 -bpc This option counts the number of messages in the queue, and
545 writes the total to the standard output. It is restricted to
546 admin users, unless queue_list_requires_admin is set false.
547 -bpr This option operates like -bp, but the output is not sorted
549 into chronological order of message arrival. This can speed
550 it up when there are lots of messages in the queue, and is
551 particularly useful if the output is going to be post-pro‐
552 cessed in a way that doesn't need the sorting.
553 -bpra This option is a combination of -bpr and -bpa.
555 -bpru This option is a combination of -bpr and -bpu.
557 -bpu This option operates like -bp but shows only undelivered
559 top-level addresses for each message displayed. Addresses
560 generated by aliasing or forwarding are not shown, unless the
561 message was deferred after processing by a router with the
562 one_time option set.
563 -brt This option is for testing retry rules, and it must be fol‐
565 lowed by up to three arguments. It causes Exim to look for a
566 retry rule that matches the values and to write it to the
567 standard output. For example:
568 exim -brt bach.comp.mus.example
570 Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
571 The first argument, which is required, can be a complete
573 address in the form local_part@domain, or it can be just a
574 domain name. If the second argument contains a dot, it is
575 interpreted as an optional second domain name; if no retry
576 rule is found for the first argument, the second is tried.
577 This ties in with Exim's behaviour when looking for retry
578 rules for remote hosts - if no rule is found that matches the
579 host, one that matches the mail domain is sought. Finally, an
580 argument that is the name of a specific delivery error, as
581 used in setting up retry rules, can be given. For example:
582 exim -brt haydn.comp.mus.example quota_3d
584 Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m
585 -brw This option is for testing address rewriting rules, and it
587 must be followed by a single argument, consisting of either a
588 local part without a domain, or a complete address with a
589 fully qualified domain. Exim outputs how this address would
590 be rewritten for each possible place it might appear.
591 -bS This option is used for batched SMTP input, which is an
593 alternative interface for non-interactive local message sub‐
594 mission. A number of messages can be submitted in a single
595 run. However, despite its name, this is not really SMTP
596 input. Exim reads each message's envelope from SMTP commands
597 on the standard input, but generates no responses. If the
598 caller is trusted, or untrusted_set_sender is set, the
599 senders in the SMTP MAIL commands are believed; otherwise the
600 sender is always the caller of Exim.
601 The message itself is read from the standard input, in SMTP
603 format (leading dots doubled), terminated by a line contain‐
604 ing just a single dot. An error is provoked if the terminat‐
605 ing dot is missing. A further message may then follow.
606 As for other local message submissions, the contents of
608 incoming batch SMTP messages can be checked using the
609 non-SMTP ACL. Unqualified addresses are automatically quali‐
610 fied using qualify_domain and qualify_recipient, as appropri‐
611 ate, unless the -bnq option is used.
612 Some other SMTP commands are recognized in the input. HELO
614 and EHLO act as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP;
615 QUIT quits, ignoring the rest of the standard input.
616 If any error is encountered, reports are written to the stan‐
618 dard output and error streams, and Exim gives up immediately.
619 The return code is 0 if no error was detected; it is 1 if one
620 or more messages were accepted before the error was detected;
621 otherwise it is 2.
622 -bs This option causes Exim to accept one or more messages by
625 reading SMTP commands on the standard input, and producing
626 SMTP replies on the standard output. SMTP policy controls, as
627 defined in ACLs are applied. Some user agents use this
628 interface as a way of passing locally-generated messages to
629 the MTA.
630 In this usage, if the caller of Exim is trusted, or
632 untrusted_set_sender is set, the senders of messages are
633 taken from the SMTP MAIL commands. Otherwise the content of
634 these commands is ignored and the sender is set up as the
635 calling user. Unqualified addresses are automatically quali‐
636 fied using qualify_domain and qualify_recipient, as appropri‐
637 ate, unless the -bnq option is used.
638 The -bs option is also used to run Exim from inetd, as an
640 alternative to using a listening daemon. Exim can distinguish
641 the two cases by checking whether the standard input is a
642 TCP/IP socket. When Exim is called from inetd, the source of
643 the mail is assumed to be remote, and the comments above con‐
644 cerning senders and qualification do not apply. In this situ‐
645 ation, Exim behaves in exactly the same way as it does when
646 receiving a message via the listening daemon.
647 -bt This option runs Exim in address testing mode, in which each
649 argument is taken as a recipient address to be tested for
650 deliverability. The results are written to the standard out‐
651 put. If a test fails, and the caller is not an admin user, no
652 details of the failure are output, because these might con‐
653 tain sensitive information such as usernames and passwords
654 for database lookups.
655 If no arguments are given, Exim runs in an interactive man‐
657 ner, prompting with a right angle bracket for addresses to be
658 tested.
659 Unlike the -be test option, you cannot arrange for Exim to
661 use the readline() function, because it is running as root
662 and there are security issues.
663 Each address is handled as if it were the recipient address
665 of a message (compare the -bv option). It is passed to the
666 routers and the result is written to the standard output.
667 However, any router that has no_address_test set is bypassed.
668 This can make -bt easier to use for genuine routing tests if
669 your first router passes everything to a scanner program.
670 The return code is 2 if any address failed outright; it is 1
672 if no address failed outright but at least one could not be
673 resolved for some reason. Return code 0 is given only when
674 all addresses succeed.
675 Note: When actually delivering a message, Exim removes dupli‐
677 cate recipient addresses after routing is complete, so that
678 only one delivery takes place. This does not happen when
679 testing with -bt; the full results of routing are always
680 shown.
681 Warning: -bt can only do relatively simple testing. If any of
683 the routers in the configuration makes any tests on the
684 sender address of a message, you can use the -f option to set
685 an appropriate sender when running -bt tests. Without it, the
686 sender is assumed to be the calling user at the default qual‐
687 ifying domain. However, if you have set up (for example)
688 routers whose behaviour depends on the contents of an incom‐
689 ing message, you cannot test those conditions using -bt. The
690 -N option provides a possible way of doing such tests.
691 -bV This option causes Exim to write the current version number,
693 compilation number, and compilation date of the exim binary
694 to the standard output. It also lists the DBM library that
695 is being used, the optional modules (such as specific lookup
696 types), the drivers that are included in the binary, and the
697 name of the runtime configuration file that is in use.
698 As part of its operation, -bV causes Exim to read and syntax
700 check its configuration file. However, this is a static check
701 only. It cannot check values that are to be expanded. For
702 example, although a misspelt ACL verb is detected, an error
703 in the verb's arguments is not. You cannot rely on -bV alone
704 to discover (for example) all the typos in the configuration;
705 some realistic testing is needed. The -bh and -N options pro‐
706 vide more dynamic testing facilities.
707 -bv This option runs Exim in address verification mode, in which
709 each argument is taken as a recipient address to be verified
710 by the routers. (This does not involve any verification call‐
711 outs). During normal operation, verification happens mostly
712 as a consequence processing a verify condition in an ACL. If
713 you want to test an entire ACL, possibly including callouts,
714 see the -bh and -bhc options.
715 If verification fails, and the caller is not an admin user,
717 no details of the failure are output, because these might
718 contain sensitive information such as usernames and passwords
719 for database lookups.
720 If no arguments are given, Exim runs in an interactive man‐
722 ner, prompting with a right angle bracket for addresses to be
723 verified.
724 Unlike the -be test option, you cannot arrange for Exim to
726 use the readline() function, because it is running as exim
727 and there are security issues.
728 Verification differs from address testing (the -bt option) in
730 that routers that have no_verify set are skipped, and if the
731 address is accepted by a router that has fail_verify set,
732 verification fails. The address is verified as a recipient if
733 -bv is used; to test verification for a sender address, -bvs
734 should be used.
735 If the -v option is not set, the output consists of a single
737 line for each address, stating whether it was verified or
738 not, and giving a reason in the latter case. Without -v, gen‐
739 erating more than one address by redirection causes verifica‐
740 tion to end successfully, without considering the generated
741 addresses. However, if just one address is generated, pro‐
742 cessing continues, and the generated address must verify suc‐
743 cessfully for the overall verification to succeed.
744 When -v is set, more details are given of how the address has
746 been handled, and in the case of address redirection, all the
747 generated addresses are also considered. Verification may
748 succeed for some and fail for others.
749 The return code is 2 if any address failed outright; it is 1
751 if no address failed outright but at least one could not be
752 resolved for some reason. Return code 0 is given only when
753 all addresses succeed.
754 If any of the routers in the configuration makes any tests on
756 the sender address of a message, you should use the -f option
757 to set an appropriate sender when running -bv tests. Without
758 it, the sender is assumed to be the calling user at the
759 default qualifying domain.
760 -bvs This option acts like -bv, but verifies the address as a
762 sender rather than a recipient address. This affects any
763 rewriting and qualification that might happen.
764 -bw This option runs Exim as a daemon, awaiting incoming SMTP
766 connections, similarly to the -bd option. All port specifi‐
767 cations on the command-line and in the configuration file are
768 ignored. Queue-running may not be specified.
769 In this mode, Exim expects to be passed a socket as fd 0
771 (stdin) which is listening for connections. This permits the
772 system to start up and have inetd (or equivalent) listen on
773 the SMTP ports, starting an Exim daemon for each port only
774 when the first connection is received.
775 If the option is given as -bw<time> then the time is a time‐
777 out, after which the daemon will exit, which should cause
778 inetd to listen once more.
779 -C <filelist>
781 This option causes Exim to find the runtime configuration
782 file from the given list instead of from the list specified
783 by the CONFIGURE_FILE compile-time setting. Usually, the list
784 will consist of just a single filename, but it can be a
785 colon-separated list of names. In this case, the first file
786 that exists is used. Failure to open an existing file stops
787 Exim from proceeding any further along the list, and an error
788 is generated.
789 When this option is used by a caller other than root, and the
791 list is different from the compiled-in list, Exim gives up
792 its root privilege immediately, and runs with the real and
793 effective uid and gid set to those of the caller. However,
794 if a TRUSTED_CONFIG_LIST file is defined in Local/Makefile,
795 that file contains a list of full pathnames, one per line,
796 for configuration files which are trusted. Root privilege is
797 retained for any configuration file so listed, as long as the
798 caller is the Exim user (or the user specified in the CONFIG‐
799 URE_OWNER option, if any), and as long as the configuration
800 file is not writeable by inappropriate users or groups.
801 Leaving TRUSTED_CONFIG_LIST unset precludes the possibility
803 of testing a configuration using -C right through message
804 reception and delivery, even if the caller is root. The
805 reception works, but by that time, Exim is running as the
806 Exim user, so when it re-executes to regain privilege for the
807 delivery, the use of -C causes privilege to be lost. However,
808 root can test reception and delivery using two separate com‐
809 mands (one to put a message in the queue, using -odq, and
810 another to do the delivery, using -M).
811 If ALT_CONFIG_PREFIX is defined in Local/Makefile, it speci‐
813 fies a prefix string with which any file named in a -C com‐
814 mand line option must start. In addition, the filename must
815 not contain the sequence /../. However, if the value of the
816 -C option is identical to the value of CONFIGURE_FILE in
817 Local/Makefile, Exim ignores -C and proceeds as usual. There
818 is no default setting for ALT_CONFIG_PREFIX; when it is
819 unset, any filename can be used with -C.
820 ALT_CONFIG_PREFIX can be used to confine alternative configu‐
822 ration files to a directory to which only root has access.
823 This prevents someone who has broken into the Exim account
824 from running a privileged Exim with an arbitrary configura‐
825 tion file.
826 The -C facility is useful for ensuring that configuration
828 files are syntactically correct, but cannot be used for test
829 deliveries, unless the caller is privileged, or unless it is
830 an exotic configuration that does not require privilege. No
831 check is made on the owner or group of the files specified by
832 this option.
833 -D<macro>=<value>
835 This option can be used to override macro definitions in the
836 configuration file. However, like -C, if it is used by an
837 unprivileged caller, it causes Exim to give up its root priv‐
838 ilege. If DISABLE_D_OPTION is defined in Local/Makefile, the
839 use of -D is completely disabled, and its use causes an imme‐
840 diate error exit.
841 If WHITELIST_D_MACROS is defined in Local/Makefile then it
843 should be a colon-separated list of macros which are consid‐
844 ered safe and, if -D only supplies macros from this list, and
845 the values are acceptable, then Exim will not give up root
846 privilege if the caller is root, the Exim run-time user, or
847 the CONFIGURE_OWNER, if set. This is a transition mechanism
848 and is expected to be removed in the future. Acceptable val‐
849 ues for the macros satisfy the regexp: ^[A-Za-z0-9_/.-]*$
850 The entire option (including equals sign if present) must all
852 be within one command line item. -D can be used to set the
853 value of a macro to the empty string, in which case the
854 equals sign is optional. These two commands are synonymous:
855 exim -DABC ...
857 exim -DABC= ...
858 To include spaces in a macro definition item, quotes must be
860 used. If you use quotes, spaces are permitted around the
861 macro name and the equals sign. For example:
862 exim '-D ABC = something' ...
864 -D may be repeated up to 10 times on a command line. Only
866 macro names up to 22 letters long can be set.
867 -d<debug options>
869 This option causes debugging information to be written to the
870 standard error stream. It is restricted to admin users
871 because debugging output may show database queries that con‐
872 tain password information. Also, the details of users' filter
873 files should be protected. If a non-admin user uses -d, Exim
874 writes an error message to the standard error stream and
875 exits with a non-zero return code.
876 When -d is used, -v is assumed. If -d is given on its own, a
878 lot of standard debugging data is output. This can be
879 reduced, or increased to include some more rarely needed
880 information, by directly following -d with a string made up
881 of names preceded by plus or minus characters. These add or
882 remove sets of debugging data, respectively. For example,
883 -d+filter adds filter debugging, whereas -d-all+filter
884 selects only filter debugging. Note that no spaces are
885 allowed in the debug setting. The available debugging cate‐
886 gories are:
887 acl ACL interpretation
889 auth authenticators
890 deliver general delivery logic
891 dns DNS lookups (see also resolver)
892 dnsbl DNS black list (aka RBL) code
893 exec arguments for execv() calls
894 expand detailed debugging for string expansions
895 filter filter handling
896 hints_lookup hints data lookups
897 host_lookup all types of name-to-IP address handling
898 ident ident lookup
899 interface lists of local interfaces
900 lists matching things in lists
901 load system load checks
902 local_scan can be used by local_scan()
903 lookup general lookup code and all lookups
904 memory memory handling
905 noutf8 modifier: avoid UTF-8 line-drawing
906 pid modifier: add pid to debug output lines
907 process_info setting info for the process log
908 queue_run queue runs
909 receive general message reception logic
910 resolver turn on the DNS resolver's debugging output
911 retry retry handling
912 rewrite address rewriting
913 route address routing
914 timestamp modifier: add timestamp to debug output
915 lines
916 tls TLS logic
917 transport transports
918 uid changes of uid/gid and looking up uid/gid
919 verify address verification logic
920 all almost all of the above (see below), and
921 also -v
922 The all option excludes memory when used as +all, but
924 includes it for -all. The reason for this is that +all is
925 something that people tend to use when generating debug out‐
926 put for Exim maintainers. If +memory is included, an awful
927 lot of output that is very rarely of interest is generated,
928 so it now has to be explicitly requested. However, -all does
929 turn everything off.
930 The resolver option produces output only if the DNS resolver
932 was compiled with DEBUG enabled. This is not the case in some
933 operating systems. Also, unfortunately, debugging output from
934 the DNS resolver is written to stdout rather than stderr.
935 The default (-d with no argument) omits expand, filter,
937 interface, load, memory, pid, resolver, and timestamp. How‐
938 ever, the pid selector is forced when debugging is turned on
939 for a daemon, which then passes it on to any re-executed
940 Exims. Exim also automatically adds the pid to debug lines
941 when several remote deliveries are run in parallel.
942 The timestamp selector causes the current time to be inserted
944 at the start of all debug output lines. This can be useful
945 when trying to track down delays in processing. The noutf8
946 selector disables the use of UTF-8 line-drawing characters to
947 group related information. When disabled. ascii-art is used
948 instead. Using the +all option does not set this modifier,
949 If the debug_print option is set in any driver, it produces
951 output whenever any debugging is selected, or if -v is used.
952 -dd<debug options>
954 This option behaves exactly like -d except when used on a
955 command that starts a daemon process. In that case, debugging
956 is turned off for the subprocesses that the daemon creates.
957 Thus, it is useful for monitoring the behaviour of the daemon
958 without creating as much output as full debugging does.
959 -dropcr This is an obsolete option that is now a no-op. It used to
961 affect the way Exim handled CR and LF characters in incoming
962 messages.
963 -E This option specifies that an incoming message is a
965 locally-generated delivery failure report. It is used inter‐
966 nally by Exim when handling delivery failures and is not
967 intended for external use. Its only effect is to stop Exim
968 generating certain messages to the postmaster, as otherwise
969 message cascades could occur in some situations. As part of
970 the same option, a message id may follow the characters -E.
971 If it does, the log entry for the receipt of the new message
972 contains the id, following "R=", as a cross-reference.
973 -ex There are a number of Sendmail options starting with -oe
975 which seem to be called by various programs without the lead‐
976 ing o in the option. For example, the vacation program uses
977 -eq. Exim treats all options of the form -ex as synonymous
978 with the corresponding -oex options.
979 -F <string>
981 This option sets the sender's full name for use when a
982 locally-generated message is being accepted. In the absence
983 of this option, the user's gecos entry from the password data
984 is used. As users are generally permitted to alter their
985 gecos entries, no security considerations are involved. White
986 space between -F and the <string> is optional.
987 -f <address>
989 This option sets the address of the envelope sender of a
990 locally-generated message (also known as the return path).
991 The option can normally be used only by a trusted user, but
992 untrusted_set_sender can be set to allow untrusted users to
993 use it.
994 Processes running as root or the Exim user are always
996 trusted. Other trusted users are defined by the trusted_users
997 or trusted_groups options. In the absence of -f, or if the
998 caller is not trusted, the sender of a local message is set
999 to the caller's login name at the default qualify domain.
1000 There is one exception to the restriction on the use of -f:
1002 an empty sender can be specified by any user, trusted or not,
1003 to create a message that can never provoke a bounce. An empty
1004 sender can be specified either as an empty string, or as a
1005 pair of angle brackets with nothing between them, as in these
1006 examples of shell commands:
1007 exim -f '<>' user@domain
1009 exim -f "" user@domain
1010 In addition, the use of -f is not restricted when testing a
1012 filter file with -bf or when testing or verifying addresses
1013 using the -bt or -bv options.
1014 Allowing untrusted users to change the sender address does
1016 not of itself make it possible to send anonymous mail. Exim
1017 still checks that the From: header refers to the local user,
1018 and if it does not, it adds a Sender: header, though this can
1019 be overridden by setting no_local_from_check.
1020 White space between -f and the <address> is optional (that
1022 is, they can be given as two arguments or one combined argu‐
1023 ment). The sender of a locally-generated message can also be
1024 set (when permitted) by an initial "From " line in the mes‐
1025 sage - see the description of -bm above - but if -f is also
1026 present, it overrides "From ".
1027 -G This option is equivalent to an ACL applying:
1029 control = suppress_local_fixups
1031 for every message received. Note that Sendmail will complain
1033 about such bad formatting, where Exim silently just does not
1034 fix it up. This may change in future.
1035 As this affects audit information, the caller must be a
1037 trusted user to use this option.
1038 -h <number>
1040 This option is accepted for compatibility with Sendmail, but
1041 has no effect. (In Sendmail it overrides the "hop count"
1042 obtained by counting Received: headers.)
1043 -i This option, which has the same effect as -oi, specifies that
1045 a dot on a line by itself should not terminate an incoming,
1046 non-SMTP message. I can find no documentation for this option
1047 in Solaris 2.4 Sendmail, but the mailx command in Solaris 2.4
1048 uses it. See also -ti.
1049 -L <tag> This option is equivalent to setting syslog_processname in
1051 the config file and setting log_file_path to syslog. Its use
1052 is restricted to administrators. The configuration file has
1053 to be read and parsed, to determine access rights, before
1054 this is set and takes effect, so early configuration file
1055 errors will not honour this flag.
1056 The tag should not be longer than 32 characters.
1058 -M <message id> <message id> ...
1060 This option requests Exim to run a delivery attempt on each
1061 message in turn. If any of the messages are frozen, they are
1062 automatically thawed before the delivery attempt. The set‐
1063 tings of queue_domains, queue_smtp_domains, and hold_domains
1064 are ignored.
1065 Retry hints for any of the addresses are overridden - Exim
1067 tries to deliver even if the normal retry time has not yet
1068 been reached. This option requires the caller to be an admin
1069 user. However, there is an option called prod_requires_admin
1070 which can be set false to relax this restriction (and also
1071 the same requirement for the -q, -R, and -S options).
1072 The deliveries happen synchronously, that is, the original
1074 Exim process does not terminate until all the delivery
1075 attempts have finished. No output is produced unless there is
1076 a serious error. If you want to see what is happening, use
1077 the -v option as well, or inspect Exim's main log.
1078 -Mar <message id> <address> <address> ...
1080 This option requests Exim to add the addresses to the list of
1081 recipients of the message ("ar" for "add recipients"). The
1082 first argument must be a message id, and the remaining ones
1083 must be email addresses. However, if the message is active
1084 (in the middle of a delivery attempt), it is not altered.
1085 This option can be used only by an admin user.
1086 -MC <transport> <hostname> <sequence number> <message id>
1088 This option is not intended for use by external callers. It
1089 is used internally by Exim to invoke another instance of
1090 itself to deliver a waiting message using an existing SMTP
1091 connection, which is passed as the standard input. This must
1092 be the final option, and the caller must be root or the Exim
1093 user in order to use it.
1094 -MCA This option is not intended for use by external callers. It
1096 is used internally by Exim in conjunction with the -MC
1097 option. It signifies that the connection to the remote host
1098 has been authenticated.
1099 -MCD This option is not intended for use by external callers. It
1101 is used internally by Exim in conjunction with the -MC
1102 option. It signifies that the remote host supports the ESMTP
1103 DSN extension.
1104 -MCG <queue name>
1106 This option is not intended for use by external callers. It
1107 is used internally by Exim in conjunction with the -MC
1108 option. It signifies that an alternate queue is used, named
1109 by the following argument.
1110 -MCK This option is not intended for use by external callers. It
1112 is used internally by Exim in conjunction with the -MC
1113 option. It signifies that a remote host supports the ESMTP
1114 CHUNKING extension.
1115 -MCP This option is not intended for use by external callers. It
1117 is used internally by Exim in conjunction with the -MC
1118 option. It signifies that the server to which Exim is con‐
1119 nected supports pipelining.
1120 -MCQ <process id> <pipe fd>
1122 This option is not intended for use by external callers. It
1123 is used internally by Exim in conjunction with the -MC option
1124 when the original delivery was started by a queue runner. It
1125 passes on the process id of the queue runner, together with
1126 the file descriptor number of an open pipe. Closure of the
1127 pipe signals the final completion of the sequence of pro‐
1128 cesses that are passing messages through the same SMTP con‐
1129 nection.
1130 -MCS This option is not intended for use by external callers. It
1132 is used internally by Exim in conjunction with the -MC
1133 option, and passes on the fact that the SMTP SIZE option
1134 should be used on messages delivered down the existing con‐
1135 nection.
1136 -MCT This option is not intended for use by external callers. It
1138 is used internally by Exim in conjunction with the -MC
1139 option, and passes on the fact that the host to which Exim is
1140 connected supports TLS encryption.
1141 -MCt <IP address> <port> <cipher>
1143 This option is not intended for use by external callers. It
1144 is used internally by Exim in conjunction with the -MC
1145 option, and passes on the fact that the connection is being
1146 proxied by a parent process for handling TLS encryption. The
1147 arguments give the local address and port being proxied, and
1148 the TLS cipher.
1149 -Mc <message id> <message id> ...
1151 This option requests Exim to run a delivery attempt on each
1152 message, in turn, but unlike the -M option, it does check for
1153 retry hints, and respects any that are found. This option is
1154 not very useful to external callers. It is provided mainly
1155 for internal use by Exim when it needs to re-invoke itself in
1156 order to regain root privilege for a delivery. However, -Mc
1157 can be useful when testing, in order to run a delivery that
1158 respects retry times and other options such as hold_domains
1159 that are overridden when -M is used. Such a delivery does not
1160 count as a queue run. If you want to run a specific delivery
1161 as if in a queue run, you should use -q with a message id
1162 argument. A distinction between queue run deliveries and
1163 other deliveries is made in one or two places.
1164 -Mes <message id> <address>
1166 This option requests Exim to change the sender address in the
1167 message to the given address, which must be a fully qualified
1168 address or "<>" ("es" for "edit sender"). There must be
1169 exactly two arguments. The first argument must be a message
1170 id, and the second one an email address. However, if the mes‐
1171 sage is active (in the middle of a delivery attempt), its
1172 status is not altered. This option can be used only by an
1173 admin user.
1174 -Mf <message id> <message id> ...
1176 This option requests Exim to mark each listed message as
1177 "frozen". This prevents any delivery attempts taking place
1178 until the message is "thawed", either manually or as a result
1179 of the auto_thaw configuration option. However, if any of
1180 the messages are active (in the middle of a delivery
1181 attempt), their status is not altered. This option can be
1182 used only by an admin user.
1183 -Mg <message id> <message id> ...
1185 This option requests Exim to give up trying to deliver the
1186 listed messages, including any that are frozen. However, if
1187 any of the messages are active, their status is not altered.
1188 For non-bounce messages, a delivery error message is sent to
1189 the sender, containing the text "cancelled by administrator".
1190 Bounce messages are just discarded. This option can be used
1191 only by an admin user.
1192 -Mmad <message id> <message id> ...
1194 This option requests Exim to mark all the recipient addresses
1195 in the messages as already delivered ("mad" for "mark all
1196 delivered"). However, if any message is active (in the middle
1197 of a delivery attempt), its status is not altered. This
1198 option can be used only by an admin user.
1199 -Mmd <message id> <address> <address> ...
1201 This option requests Exim to mark the given addresses as
1202 already delivered ("md" for "mark delivered"). The first
1203 argument must be a message id, and the remaining ones must be
1204 email addresses. These are matched to recipient addresses in
1205 the message in a case-sensitive manner. If the message is
1206 active (in the middle of a delivery attempt), its status is
1207 not altered. This option can be used only by an admin user.
1208 -Mrm <message id> <message id> ...
1210 This option requests Exim to remove the given messages from
1211 the queue. No bounce messages are sent; each message is sim‐
1212 ply forgotten. However, if any of the messages are active,
1213 their status is not altered. This option can be used only by
1214 an admin user or by the user who originally caused the mes‐
1215 sage to be placed in the queue.
1216 -Mset <message id>
1218 This option is useful only in conjunction with -be (that is,
1219 when testing string expansions). Exim loads the given message
1220 from its spool before doing the test expansions, thus setting
1221 message-specific variables such as $message_size and the
1222 header variables. The $recipients variable is made available.
1223 This feature is provided to make it easier to test expansions
1224 that make use of these variables. However, this option can be
1225 used only by an admin user. See also -bem.
1226 -Mt <message id> <message id> ...
1228 This option requests Exim to "thaw" any of the listed mes‐
1229 sages that are "frozen", so that delivery attempts can
1230 resume. However, if any of the messages are active, their
1231 status is not altered. This option can be used only by an
1232 admin user.
1233 -Mvb <message id>
1235 This option causes the contents of the message body (-D)
1236 spool file to be written to the standard output. This option
1237 can be used only by an admin user.
1238 -Mvc <message id>
1240 This option causes a copy of the complete message (header
1241 lines plus body) to be written to the standard output in RFC
1242 2822 format. This option can be used only by an admin user.
1243 -Mvh <message id>
1245 This option causes the contents of the message headers (-H)
1246 spool file to be written to the standard output. This option
1247 can be used only by an admin user.
1248 -Mvl <message id>
1250 This option causes the contents of the message log spool file
1251 to be written to the standard output. This option can be used
1252 only by an admin user.
1253 -m This is apparently a synonym for -om that is accepted by
1255 Sendmail, so Exim treats it that way too.
1256 -N This is a debugging option that inhibits delivery of a mes‐
1258 sage at the transport level. It implies -v. Exim goes through
1259 many of the motions of delivery - it just doesn't actually
1260 transport the message, but instead behaves as if it had suc‐
1261 cessfully done so. However, it does not make any updates to
1262 the retry database, and the log entries for deliveries are
1263 flagged with "*>" rather than "=>".
1264 Because -N discards any message to which it applies, only
1266 root or the Exim user are allowed to use it with -bd, -q, -R
1267 or -M. In other words, an ordinary user can use it only when
1268 supplying an incoming message to which it will apply.
1269 Although transportation never fails when -N is set, an
1270 address may be deferred because of a configuration problem on
1271 a transport, or a routing problem. Once -N has been used for
1272 a delivery attempt, it sticks to the message, and applies to
1273 any subsequent delivery attempts that may happen for that
1274 message.
1275 -n This option is interpreted by Sendmail to mean "no aliasing".
1277 For normal modes of operation, it is ignored by Exim. When
1278 combined with -bP it makes the output more terse (suppresses
1279 option names, environment values and config pretty printing).
1280 -O <data> This option is interpreted by Sendmail to mean set option. It
1282 is ignored by Exim.
1283 -oA <file name>
1285 This option is used by Sendmail in conjunction with -bi to
1286 specify an alternative alias filename. Exim handles -bi dif‐
1287 ferently; see the description above.
1288 -oB <n> This is a debugging option which limits the maximum number of
1290 messages that can be delivered down one SMTP connection,
1291 overriding the value set in any smtp transport. If <n> is
1292 omitted, the limit is set to 1.
1293 -odb This option applies to all modes in which Exim accepts incom‐
1295 ing messages, including the listening daemon. It requests
1296 "background" delivery of such messages, which means that the
1297 accepting process automatically starts a delivery process for
1298 each message received, but does not wait for the delivery
1299 processes to finish.
1300 When all the messages have been received, the reception
1302 process exits, leaving the delivery processes to finish in
1303 their own time. The standard output and error streams are
1304 closed at the start of each delivery process. This is the
1305 default action if none of the -od options are present.
1306 If one of the queueing options in the configuration file
1308 (queue_only or queue_only_file, for example) is in effect,
1309 -odb overrides it if queue_only_override is set true, which
1310 is the default setting. If queue_only_override is set false,
1311 -odb has no effect.
1312 -odf This option requests "foreground" (synchronous) delivery when
1314 Exim has accepted a locally-generated message. (For the dae‐
1315 mon it is exactly the same as -odb.) A delivery process is
1316 automatically started to deliver the message, and Exim waits
1317 for it to complete before proceeding.
1318 The original Exim reception process does not finish until the
1320 delivery process for the final message has ended. The stan‐
1321 dard error stream is left open during deliveries.
1322 However, like -odb, this option has no effect if
1324 queue_only_override is false and one of the queueing options
1325 in the configuration file is in effect.
1326 If there is a temporary delivery error during foreground
1328 delivery, the message is left in the queue for later deliv‐
1329 ery, and the original reception process exits.
1330 -odi This option is synonymous with -odf. It is provided for com‐
1332 patibility with Sendmail.
1333 -odq This option applies to all modes in which Exim accepts incom‐
1335 ing messages, including the listening daemon. It specifies
1336 that the accepting process should not automatically start a
1337 delivery process for each message received. Messages are
1338 placed in the queue, and remain there until a subsequent
1339 queue runner process encounters them. There are several con‐
1340 figuration options (such as queue_only) that can be used to
1341 queue incoming messages under certain conditions. This option
1342 overrides all of them and also -odqs. It always forces queue‐
1343 ing.
1344 -odqs This option is a hybrid between -odb/-odi and -odq. However,
1346 like -odb and -odi, this option has no effect if
1347 queue_only_override is false and one of the queueing options
1348 in the configuration file is in effect.
1349 When -odqs does operate, a delivery process is started for
1351 each incoming message, in the background by default, but in
1352 the foreground if -odi is also present. The recipient
1353 addresses are routed, and local deliveries are done in the
1354 normal way. However, if any SMTP deliveries are required,
1355 they are not done at this time, so the message remains in the
1356 queue until a subsequent queue runner process encounters it.
1357 Because routing was done, Exim knows which messages are wait‐
1358 ing for which hosts, and so a number of messages for the same
1359 host can be sent in a single SMTP connection. The
1360 queue_smtp_domains configuration option has the same effect
1361 for specific domains. See also the -qq option.
1362 -oee If an error is detected while a non-SMTP message is being
1364 received (for example, a malformed address), the error is
1365 reported to the sender in a mail message.
1366 Provided this error message is successfully sent, the Exim
1368 receiving process exits with a return code of zero. If not,
1369 the return code is 2 if the problem is that the original mes‐
1370 sage has no recipients, or 1 for any other error. This is
1371 the default -oex option if Exim is called as rmail.
1372 -oem This is the same as -oee, except that Exim always exits with
1374 a non-zero return code, whether or not the error message was
1375 successfully sent. This is the default -oex option, unless
1376 Exim is called as rmail.
1377 -oep If an error is detected while a non-SMTP message is being
1379 received, the error is reported by writing a message to the
1380 standard error file (stderr). The return code is 1 for all
1381 errors.
1382 -oeq This option is supported for compatibility with Sendmail, but
1384 has the same effect as -oep.
1385 -oew This option is supported for compatibility with Sendmail, but
1387 has the same effect as -oem.
1388 -oi This option, which has the same effect as -i, specifies that
1390 a dot on a line by itself should not terminate an incoming,
1391 non-SMTP message. Otherwise, a single dot does terminate,
1392 though Exim does no special processing for other lines that
1393 start with a dot. This option is set by default if Exim is
1394 called as rmail. See also -ti.
1395 -oitrue This option is treated as synonymous with -oi.
1397 -oMa <host address>
1399 A number of options starting with -oM can be used to set val‐
1400 ues associated with remote hosts on locally-submitted mes‐
1401 sages (that is, messages not received over TCP/IP). These
1402 options can be used by any caller in conjunction with the
1403 -bh, -be, -bf, -bF, -bt, or -bv testing options. In other
1404 circumstances, they are ignored unless the caller is trusted.
1405 The -oMa option sets the sender host address. This may
1407 include a port number at the end, after a full stop (period).
1408 For example:
1409 exim -bs -oMa 10.9.8.7.1234
1411 An alternative syntax is to enclose the IP address in square
1413 brackets, followed by a colon and the port number:
1414 exim -bs -oMa [10.9.8.7]:1234
1416 The IP address is placed in the $sender_host_address vari‐
1418 able, and the port, if present, in $sender_host_port. If both
1419 -oMa and -bh are present on the command line, the sender host
1420 IP address is taken from whichever one is last.
1421 -oMaa <name>
1423 See -oMa above for general remarks about the -oM options. The
1424 -oMaa option sets the value of $sender_host_authenticated
1425 (the authenticator name). This option can be used with -bh
1426 and -bs to set up an authenticated SMTP session without actu‐
1427 ally using the SMTP AUTH command.
1428 -oMai <string>
1430 See -oMa above for general remarks about the -oM options. The
1431 -oMai option sets the value of $authenticated_id (the id that
1432 was authenticated). This overrides the default value (the
1433 caller's login id, except with -bh, where there is no
1434 default) for messages from local sources.
1435 -oMas <address>
1437 See -oMa above for general remarks about the -oM options. The
1438 -oMas option sets the authenticated sender value in $authen‐
1439 ticated_sender. It overrides the sender address that is cre‐
1440 ated from the caller's login id for messages from local
1441 sources, except when -bh is used, when there is no default.
1442 For both -bh and -bs, an authenticated sender that is speci‐
1443 fied on a MAIL command overrides this value.
1444 -oMi <interface address>
1446 See -oMa above for general remarks about the -oM options. The
1447 -oMi option sets the IP interface address value. A port num‐
1448 ber may be included, using the same syntax as for -oMa. The
1449 interface address is placed in $received_ip_address and the
1450 port number, if present, in $received_port.
1451 -oMm <message reference>
1453 See -oMa above for general remarks about the -oM options. The
1454 -oMm option sets the message reference, e.g. message-id, and
1455 is logged during delivery. This is useful when some kind of
1456 audit trail is required to tie messages together. The format
1457 of the message reference is checked and will abort if the
1458 format is invalid. The option will only be accepted if exim
1459 is running in trusted mode, not as any regular user.
1460 The best example of a message reference is when Exim sends a
1462 bounce message. The message reference is the message-id of
1463 the original message for which Exim is sending the bounce.
1464 -oMr <protocol name>
1466 See -oMa above for general remarks about the -oM options. The
1467 -oMr option sets the received protocol value that is stored
1468 in $received_protocol. However, it does not apply (and is
1469 ignored) when -bh or -bs is used. For -bh, the protocol is
1470 forced to one of the standard SMTP protocol names. For -bs,
1471 the protocol is always "local-" followed by one of those same
1472 names. For -bS (batched SMTP) however, the protocol can be
1473 set by -oMr. Repeated use of this option is not supported.
1474 -oMs <host name>
1476 See -oMa above for general remarks about the -oM options. The
1477 -oMs option sets the sender host name in $sender_host_name.
1478 When this option is present, Exim does not attempt to look up
1479 a host name from an IP address; it uses the name it is given.
1480 -oMt <ident string>
1482 See -oMa above for general remarks about the -oM options. The
1483 -oMt option sets the sender ident value in $sender_ident. The
1484 default setting for local callers is the login id of the
1485 calling process, except when -bh is used, when there is no
1486 default.
1487 -om In Sendmail, this option means "me too", indicating that the
1489 sender of a message should receive a copy of the message if
1490 the sender appears in an alias expansion. Exim always does
1491 this, so the option does nothing.
1492 -oo This option is ignored. In Sendmail it specifies "old style
1494 headers", whatever that means.
1495 -oP <path>
1497 This option is useful only in conjunction with -bd or -q with
1498 a time value. The option specifies the file to which the
1499 process id of the daemon is written. When -oX is used with
1500 -bd, or when -q with a time is used without -bd, this is the
1501 only way of causing Exim to write a pid file, because in
1502 those cases, the normal pid file is not used.
1503 -or <time>
1505 This option sets a timeout value for incoming non-SMTP mes‐
1506 sages. If it is not set, Exim will wait forever for the stan‐
1507 dard input. The value can also be set by the receive_timeout
1508 option.
1509 -os <time>
1511 This option sets a timeout value for incoming SMTP messages.
1512 The timeout applies to each SMTP command and block of data.
1513 The value can also be set by the smtp_receive_timeout option;
1514 it defaults to 5 minutes.
1515 -ov This option has exactly the same effect as -v.
1517 -oX <number or string>
1519 This option is relevant only when the -bd (start listening
1520 daemon) option is also given. It controls which ports and
1521 interfaces the daemon uses. When -oX is used to start a dae‐
1522 mon, no pid file is written unless -oP is also present to
1523 specify a pid filename.
1524 -pd This option applies when an embedded Perl interpreter is
1526 linked with Exim. It overrides the setting of the
1527 perl_at_start option, forcing the starting of the interpreter
1528 to be delayed until it is needed.
1529 -ps This option applies when an embedded Perl interpreter is
1531 linked with Exim. It overrides the setting of the
1532 perl_at_start option, forcing the starting of the interpreter
1533 to occur as soon as Exim is started.
1534 -p<rval>:<sval>
1536 For compatibility with Sendmail, this option is equivalent to
1537 -oMr <rval> -oMs <sval>
1539 It sets the incoming protocol and host name (for trusted
1541 callers). The host name and its colon can be omitted when
1542 only the protocol is to be set. Note the Exim already has
1543 two private options, -pd and -ps, that refer to embedded
1544 Perl. It is therefore impossible to set a protocol value of d
1545 or s using this option (but that does not seem a real limita‐
1546 tion). Repeated use of this option is not supported.
1547 -q This option is normally restricted to admin users. However,
1549 there is a configuration option called prod_requires_admin
1550 which can be set false to relax this restriction (and also
1551 the same requirement for the -M, -R, and -S options).
1552 If other commandline options do not specify an action, the -q
1554 option starts one queue runner process. This scans the queue
1555 of waiting messages, and runs a delivery process for each one
1556 in turn. It waits for each delivery process to finish before
1557 starting the next one. A delivery process may not actually do
1558 any deliveries if the retry times for the addresses have not
1559 been reached. Use -qf (see below) if you want to override
1560 this.
1561 If the delivery process spawns other processes to deliver
1563 other messages down passed SMTP connections, the queue runner
1564 waits for these to finish before proceeding.
1565 When all the queued messages have been considered, the origi‐
1567 nal queue runner process terminates. In other words, a single
1568 pass is made over the waiting mail, one message at a time.
1569 Use -q with a time (see below) if you want this to be
1570 repeated periodically.
1571 Exim processes the waiting messages in an unpredictable
1573 order. It isn't very random, but it is likely to be different
1574 each time, which is all that matters. If one particular mes‐
1575 sage screws up a remote MTA, other messages to the same MTA
1576 have a chance of getting through if they get tried first.
1577 It is possible to cause the messages to be processed in lexi‐
1579 cal message id order, which is essentially the order in which
1580 they arrived, by setting the queue_run_in_order option, but
1581 this is not recommended for normal use.
1582 -q<qflags>
1584 The -q option may be followed by one or more flag letters
1585 that change its behaviour. They are all optional, but if more
1586 than one is present, they must appear in the correct order.
1587 Each flag is described in a separate item below.
1588 -qq... An option starting with -qq requests a two-stage queue run.
1590 In the first stage, the queue is scanned as if the
1591 queue_smtp_domains option matched every domain. Addresses are
1592 routed, local deliveries happen, but no remote transports are
1593 run.
1594 The hints database that remembers which messages are waiting
1596 for specific hosts is updated, as if delivery to those hosts
1597 had been deferred. After this is complete, a second, normal
1598 queue scan happens, with routing and delivery taking place as
1599 normal. Messages that are routed to the same host should
1600 mostly be delivered down a single SMTP connection because of
1601 the hints that were set up during the first queue scan. This
1602 option may be useful for hosts that are connected to the
1603 Internet intermittently.
1604 -q[q]i... If the i flag is present, the queue runner runs delivery pro‐
1606 cesses only for those messages that haven't previously been
1607 tried. (i stands for "initial delivery".) This can be helpful
1608 if you are putting messages in the queue using -odq and want
1609 a queue runner just to process the new messages.
1610 -q[q][i]f...
1612 If one f flag is present, a delivery attempt is forced for
1613 each non-frozen message, whereas without f only those
1614 non-frozen addresses that have passed their retry times are
1615 tried.
1616 -q[q][i]ff...
1618 If ff is present, a delivery attempt is forced for every mes‐
1619 sage, whether frozen or not.
1620 -q[q][i][f[f]]l
1622 The l (the letter "ell") flag specifies that only local
1623 deliveries are to be done. If a message requires any remote
1624 deliveries, it remains in the queue for later delivery.
1625 -q[q][i][f[f]][l][G<name>[/<time>]]]
1627 If the G flag and a name is present, the queue runner oper‐
1628 ates on the queue with the given name rather than the default
1629 queue. The name should not contain a / character. For a
1630 periodic queue run (see below) append to the name a slash and
1631 a time value.
1632 If other commandline options specify an action, a -qG<name>
1634 option will specify a queue to operate on. For example:
1635 exim -bp -qGquarantine
1637 mailq -qGquarantine
1638 exim -qGoffpeak -Rf @special.domain.example
1639 -q<qflags> <start id> <end id>
1641 When scanning the queue, Exim can be made to skip over mes‐
1642 sages whose ids are lexically less than a given value by fol‐
1643 lowing the -q option with a starting message id. For example:
1644 exim -q 0t5C6f-0000c8-00
1646 Messages that arrived earlier than 0t5C6f-0000c8-00 are not
1648 inspected. If a second message id is given, messages whose
1649 ids are lexically greater than it are also skipped. If the
1650 same id is given twice, for example,
1651 exim -q 0t5C6f-0000c8-00 0t5C6f-0000c8-00
1653 just one delivery process is started, for that message. This
1655 differs from -M in that retry data is respected, and it also
1656 differs from -Mc in that it counts as a delivery from a queue
1657 run. Note that the selection mechanism does not affect the
1658 order in which the messages are scanned. There are also other
1659 ways of selecting specific sets of messages for delivery in a
1660 queue run - see -R and -S.
1661 -q<qflags><time>
1663 When a time value is present, the -q option causes Exim to
1664 run as a daemon, starting a queue runner process at intervals
1665 specified by the given time value. This form of the -q option
1666 is commonly combined with the -bd option, in which case a
1667 single daemon process handles both functions. A common way of
1668 starting up a combined daemon at system boot time is to use a
1669 command such as
1670 /usr/exim/bin/exim -bd -q30m
1672 Such a daemon listens for incoming SMTP calls, and also
1674 starts a queue runner process every 30 minutes.
1675 When a daemon is started by -q with a time value, but without
1677 -bd, no pid file is written unless one is explicitly
1678 requested by the -oP option.
1679 -qR<rsflags> <string>
1681 This option is synonymous with -R. It is provided for Send‐
1682 mail compatibility.
1683 -qS<rsflags> <string>
1685 This option is synonymous with -S.
1686 -R<rsflags> <string>
1688 The <rsflags> may be empty, in which case the white space
1689 before the string is optional, unless the string is f, ff, r,
1690 rf, or rff, which are the possible values for <rsflags>.
1691 White space is required if <rsflags> is not empty.
1692 This option is similar to -q with no time value, that is, it
1694 causes Exim to perform a single queue run, except that, when
1695 scanning the messages on the queue, Exim processes only those
1696 that have at least one undelivered recipient address contain‐
1697 ing the given string, which is checked in a case-independent
1698 way. If the <rsflags> start with r, <string> is interpreted
1699 as a regular expression; otherwise it is a literal string.
1700 If you want to do periodic queue runs for messages with spe‐
1702 cific recipients, you can combine -R with -q and a time
1703 value. For example:
1704 exim -q25m -R @special.domain.example
1706 This example does a queue run for messages with recipients in
1708 the given domain every 25 minutes. Any additional flags that
1709 are specified with -q are applied to each queue run.
1710 Once a message is selected for delivery by this mechanism,
1712 all its addresses are processed. For the first selected mes‐
1713 sage, Exim overrides any retry information and forces a
1714 delivery attempt for each undelivered address. This means
1715 that if delivery of any address in the first message is suc‐
1716 cessful, any existing retry information is deleted, and so
1717 delivery attempts for that address in subsequently selected
1718 messages (which are processed without forcing) will run. How‐
1719 ever, if delivery of any address does not succeed, the retry
1720 information is updated, and in subsequently selected mes‐
1721 sages, the failing address will be skipped.
1722 If the <rsflags> contain f or ff, the delivery forcing
1724 applies to all selected messages, not just the first; frozen
1725 messages are included when ff is present.
1726 The -R option makes it straightforward to initiate delivery
1728 of all messages to a given domain after a host has been down
1729 for some time. When the SMTP command ETRN is accepted by its
1730 ACL, its default effect is to run Exim with the -R option,
1731 but it can be configured to run an arbitrary command instead.
1732 -r This is a documented (for Sendmail) obsolete alternative name
1734 for -f.
1735 -S<rsflags> <string>
1737 This option acts like -R except that it checks the string
1738 against each message's sender instead of against the recipi‐
1739 ents. If -R is also set, both conditions must be met for a
1740 message to be selected. If either of the options has f or ff
1741 in its flags, the associated action is taken.
1742 -Tqt <times>
1744 This is an option that is exclusively for use by the Exim
1745 testing suite. It is not recognized when Exim is run nor‐
1746 mally. It allows for the setting up of explicit "queue times"
1747 so that various warning/retry features can be tested.
1748 -t When Exim is receiving a locally-generated, non-SMTP message
1750 on its standard input, the -t option causes the recipients of
1751 the message to be obtained from the To:, Cc:, and Bcc: header
1752 lines in the message instead of from the command arguments.
1753 The addresses are extracted before any rewriting takes place
1754 and the Bcc: header line, if present, is then removed.
1755 If the command has any arguments, they specify addresses to
1757 which the message is not to be delivered. That is, the argu‐
1758 ment addresses are removed from the recipients list obtained
1759 from the headers. This is compatible with Smail 3 and in
1760 accordance with the documented behaviour of several versions
1761 of Sendmail, as described in man pages on a number of operat‐
1762 ing systems (e.g. Solaris 8, IRIX 6.5, HP-UX 11). However,
1763 some versions of Sendmail add argument addresses to those
1764 obtained from the headers, and the O'Reilly Sendmail book
1765 documents it that way. Exim can be made to add argument
1766 addresses instead of subtracting them by setting the option
1767 extract_addresses_remove_arguments false.
1768 If there are any Resent- header lines in the message, Exim
1770 extracts recipients from all Resent-To:, Resent-Cc:, and
1771 Resent-Bcc: header lines instead of from To:, Cc:, and Bcc:.
1772 This is for compatibility with Sendmail and other MTAs.
1773 (Prior to release 4.20, Exim gave an error if -t was used in
1774 conjunction with Resent- header lines.)
1775 RFC 2822 talks about different sets of Resent- header lines
1777 (for when a message is resent several times). The RFC also
1778 specifies that they should be added at the front of the mes‐
1779 sage, and separated by Received: lines. It is not at all
1780 clear how -t should operate in the present of multiple sets,
1781 nor indeed exactly what constitutes a "set". In practice, it
1782 seems that MUAs do not follow the RFC. The Resent- lines are
1783 often added at the end of the header, and if a message is
1784 resent more than once, it is common for the original set of
1785 Resent- headers to be renamed as X-Resent- when a new set is
1786 added. This removes any possible ambiguity.
1787 -ti This option is exactly equivalent to -t -i. It is provided
1789 for compatibility with Sendmail.
1790 -tls-on-connect
1792 This option is available when Exim is compiled with TLS sup‐
1793 port. It forces all incoming SMTP connections to behave as if
1794 the incoming port is listed in the tls_on_connect_ports
1795 option.
1796 -U Sendmail uses this option for "initial message submission",
1798 and its documentation states that in future releases, it may
1799 complain about syntactically invalid messages rather than
1800 fixing them when this flag is not set. Exim ignores this
1801 option.
1802 -v This option causes Exim to write information to the standard
1804 error stream, describing what it is doing. In particular, it
1805 shows the log lines for receiving and delivering a message,
1806 and if an SMTP connection is made, the SMTP dialogue is
1807 shown. Some of the log lines shown may not actually be writ‐
1808 ten to the log if the setting of log_selector discards them.
1809 Any relevant selectors are shown with each log line. If none
1810 are shown, the logging is unconditional.
1811 -x AIX uses -x for a private purpose ("mail from a local mail
1813 program has National Language Support extended characters in
1814 the body of the mail item"). It sets -x when calling the MTA
1815 from its mail command. Exim ignores this option.
1816 -X <logfile>
1818 This option is interpreted by Sendmail to cause debug infor‐
1819 mation to be sent to the named file. It is ignored by Exim.
1820 -z <log-line>
1822 This option writes its argument to Exim's logfile. Use is
1823 restricted to administrators; the intent is for operational
1824 notes. Quotes should be used to maintain a multi-word item
1825 as a single argument, under most shells.
1826
1829 The full Exim specification, the Exim book, and the Exim wiki.
1831 EXIM(8)