1EXIM(8) System Manager's Manual EXIM(8)
2
3
4
6 exim - a Mail Transfer Agent
7
9 exim [options] arguments ...
10 mailq [options] arguments ...
11 rsmtp [options] arguments ...
12 rmail [options] arguments ...
13 runq [options] arguments ...
14 newaliases [options] arguments ...
15
17
18 Exim is a mail transfer agent (MTA) developed at the University of Cam‐
19 bridge. It is a large program with very many facilities. For a full
20 specification, see the reference manual. This man page contains only a
21 description of the command line options. It has been automatically gen‐
22 erated from the reference manual source, hopefully without too much
23 mangling.
24
25 Like other MTAs, Exim replaces Sendmail, and is normally called by user
26 agents (MUAs) using the path /usr/sbin/sendmail when they submit mes‐
27 sages for delivery (some operating systems use /usr/lib/sendmail). This
28 path is normally set up as a symbolic link to the Exim binary. It may
29 also be used by boot scripts to start the Exim daemon. Many of Exim's
30 command line options are compatible with Sendmail so that it can act as
31 a drop-in replacement.
32
34
35 If no options are present that require a specific action (such as
36 starting the daemon or a queue runner, testing an address, receiving a
37 message in a specific format, or listing the queue), and there are no
38 arguments on the command line, Exim outputs a brief message about
39 itself and exits.
40
41 However, if there is at least one command line argument, -bm (accept a
42 local message on the standard input, with the arguments specifying the
43 recipients) is assumed. Thus, for example, if Exim is installed in
44 /usr/sbin, you can send a message from the command line like this:
45
46 /usr/sbin/exim -i <recipient-address(es)>
47 <message content, including all the header lines>
48 CTRL-D
49
50 The -i option prevents a line containing just a dot from terminating
51 the message. Only an end-of-file (generated by typing CTRL-D if the
52 input is from a terminal) does so.
53
55
56 If an Exim binary is called using one of the names listed in this sec‐
57 tion (typically via a symbolic link), certain options are assumed.
58
59 mailq Behave as if the option -bp were present before any other
60 options. The -bp option requests a listing of the contents of
61 the mail queue on the standard output.
62
63 rsmtp Behaves as if the option -bS were present before any other
64 options, for compatibility with Smail. The -bS option is used
65 for reading in a number of messages in batched SMTP format.
66
67 rmail Behave as if the -i and -oee options were present before any
68 other options, for compatibility with Smail. The name rmail is
69 used as an interface by some UUCP systems. The -i option speci‐
70 fies that a dot on a line by itself does not terminate a
71 non-SMTP message; -oee requests that errors detected in non-SMTP
72 messages be reported by emailing the sender.
73
74 runq Behave as if the option -q were present before any other
75 options, for compatibility with Smail. The -q option causes a
76 single queue runner process to be started. It processes the
77 queue once, then exits.
78
79 newaliases
80 Behave as if the option -bi were present before any other
81 options, for compatibility with Sendmail. This option is used
82 for rebuilding Sendmail's alias file. Exim does not have the
83 concept of a single alias file, but can be configured to run a
84 specified command if called with the -bi option.
85
87
88 -- This is a pseudo-option whose only purpose is to terminate
89 the options and therefore to cause subsequent command line
90 items to be treated as arguments rather than options, even if
91 they begin with hyphens.
92
93 --help This option causes Exim to output a few sentences stating
94 what it is. The same output is generated if the Exim binary
95 is called with no options and no arguments.
96
97 --version This option is an alias for -bV and causes version informa‐
98 tion to be displayed.
99
100 -Ac -Am These options are used by Sendmail for selecting configu‐
101 ration files and are ignored by Exim.
102
103 -B<type> This is a Sendmail option for selecting 7 or 8 bit process‐
104 ing. Exim is 8-bit clean; it ignores this option.
105
106 -bd This option runs Exim as a daemon, awaiting incoming SMTP
107 connections. Usually the -bd option is combined with the
108 -q<time> option, to specify that the daemon should also ini‐
109 tiate periodic queue runs.
110
111 The -bd option can be used only by an admin user. If either
112 of the -d (debugging) or -v (verifying) options are set, the
113 daemon does not disconnect from the controlling terminal.
114 When running this way, it can be stopped by pressing ctrl-C.
115
116 By default, Exim listens for incoming connections to the
117 standard SMTP port on all the host's running interfaces. How‐
118 ever, it is possible to listen on other ports, on multiple
119 ports, and only on specific interfaces.
120
121 When a listening daemon is started without the use of -oX
122 (that is, without overriding the normal configuration), it
123 writes its process id to a file called exim-daemon.pid in
124 Exim's spool directory. This location can be overridden by
125 setting PID_FILE_PATH in Local/Makefile. The file is written
126 while Exim is still running as root.
127
128 When -oX is used on the command line to start a listening
129 daemon, the process id is not written to the normal pid file
130 path. However, -oP can be used to specify a path on the com‐
131 mand line if a pid file is required.
132
133 The SIGHUP signal can be used to cause the daemon to re-exe‐
134 cute itself. This should be done whenever Exim's configura‐
135 tion file, or any file that is incorporated into it by means
136 of the .include facility, is changed, and also whenever a new
137 version of Exim is installed. It is not necessary to do this
138 when other files that are referenced from the configuration
139 (for example, alias files) are changed, because these are
140 reread each time they are used.
141
142 -bdf This option has the same effect as -bd except that it never
143 disconnects from the controlling terminal, even when no
144 debugging is specified.
145
146 -be Run Exim in expansion testing mode. Exim discards its root
147 privilege, to prevent ordinary users from using this mode to
148 read otherwise inaccessible files. If no arguments are given,
149 Exim runs interactively, prompting for lines of data. Other‐
150 wise, it processes each argument in turn.
151
152 If Exim was built with USE_READLINE=yes in Local/Makefile, it
153 tries to load the libreadline library dynamically whenever
154 the -be option is used without command line arguments. If
155 successful, it uses the readline() function, which provides
156 extensive line-editing facilities, for reading the test data.
157 A line history is supported.
158
159 Long expansion expressions can be split over several lines by
160 using backslash continuations. As in Exim's runtime configu‐
161 ration, white space at the start of continuation lines is
162 ignored. Each argument or data line is passed through the
163 string expansion mechanism, and the result is output. Vari‐
164 able values from the configuration file (for example, $qual‐
165 ify_domain) are available, but no message-specific values
166 (such as $message_exim_id) are set, because no message is
167 being processed (but see -bem and -Mset).
168
169 Note: If you use this mechanism to test lookups, and you
170 change the data files or databases you are using, you must
171 exit and restart Exim before trying the same lookup again.
172 Otherwise, because each Exim process caches the results of
173 lookups, you will just get the same result as before.
174
175 Macro processing is done on lines before string-expansion:
176 new macros can be defined and macros will be expanded.
177 Because macros in the config file are often used for secrets,
178 those are only available to admin users.
179
180 -bem <filename>
181 This option operates like -be except that it must be followed
182 by the name of a file. For example:
183
184 exim -bem /tmp/testmessage
185
186 The file is read as a message (as if receiving a locally-sub‐
187 mitted non-SMTP message) before any of the test expansions
188 are done. Thus, message-specific variables such as $mes‐
189 sage_size and $header_from: are available. However, no
190 Received: header is added to the message. If the -t option is
191 set, recipients are read from the headers in the normal way,
192 and are shown in the $recipients variable. Note that recipi‐
193 ents cannot be given on the command line, because further
194 arguments are taken as strings to expand (just like -be).
195
196 -bF <filename>
197 This option is the same as -bf except that it assumes that
198 the filter being tested is a system filter. The additional
199 commands that are available only in system filters are recog‐
200 nized.
201
202 -bf <filename>
203 This option runs Exim in user filter testing mode; the file
204 is the filter file to be tested, and a test message must be
205 supplied on the standard input. If there are no mes‐
206 sage-dependent tests in the filter, an empty file can be sup‐
207 plied.
208
209 If you want to test a system filter file, use -bF instead of
210 -bf. You can use both -bF and -bf on the same command, in
211 order to test a system filter and a user filter in the same
212 run. For example:
213
214 exim -bF /system/filter -bf /user/filter </test/message
215
216 This is helpful when the system filter adds header lines or
217 sets filter variables that are used by the user filter.
218
219 If the test filter file does not begin with one of the spe‐
220 cial lines
221
222 # Exim filter
223 # Sieve filter
224
225 it is taken to be a normal .forward file, and is tested for
226 validity under that interpretation.
227
228 The result of an Exim command that uses -bf, provided no
229 errors are detected, is a list of the actions that Exim would
230 try to take if presented with the message for real. More
231 details of filter testing are given in the separate document
232 entitled Exim's interfaces to mail filtering.
233
234 When testing a filter file, the envelope sender can be set by
235 the -f option, or by a "From " line at the start of the test
236 message. Various parameters that would normally be taken from
237 the envelope recipient address of the message can be set by
238 means of additional command line options (see the next four
239 options).
240
241 -bfd <domain>
242 This sets the domain of the recipient address when a filter
243 file is being tested by means of the -bf option. The default
244 is the value of $qualify_domain.
245
246 -bfl <local part>
247 This sets the local part of the recipient address when a fil‐
248 ter file is being tested by means of the -bf option. The
249 default is the username of the process that calls Exim. A
250 local part should be specified with any prefix or suffix
251 stripped, because that is how it appears to the filter when a
252 message is actually being delivered.
253
254 -bfp <prefix>
255 This sets the prefix of the local part of the recipient
256 address when a filter file is being tested by means of the
257 -bf option. The default is an empty prefix.
258
259 -bfs <suffix>
260 This sets the suffix of the local part of the recipient
261 address when a filter file is being tested by means of the
262 -bf option. The default is an empty suffix.
263
264 -bh <IP address>
265 This option runs a fake SMTP session as if from the given IP
266 address, using the standard input and output. The IP address
267 may include a port number at the end, after a full stop. For
268 example:
269
270 exim -bh 10.9.8.7.1234
271 exim -bh fe80::a00:20ff:fe86:a061.5678
272
273 When an IPv6 address is given, it is converted into canonical
274 form. In the case of the second example above, the value of
275 $sender_host_address after conversion to the canonical form
276 is fe80:0000:0000:0a00:20ff:fe86:a061.5678.
277
278 Comments as to what is going on are written to the standard
279 error file. These include lines beginning with "LOG" for any‐
280 thing that would have been logged. This facility is provided
281 for testing configuration options for incoming messages, to
282 make sure they implement the required policy. For example,
283 you can test your relay controls using -bh.
284
285 Warning 1: You can test features of the configuration that
286 rely on ident (RFC 1413) information by using the -oMt
287 option. However, Exim cannot actually perform an ident call‐
288 out when testing using -bh because there is no incoming SMTP
289 connection.
290
291 Warning 2: Address verification callouts are also skipped
292 when testing using -bh. If you want these callouts to occur,
293 use -bhc instead.
294
295 Messages supplied during the testing session are discarded,
296 and nothing is written to any of the real log files. There
297 may be pauses when DNS (and other) lookups are taking place,
298 and of course these may time out. The -oMi option can be used
299 to specify a specific IP interface and port if this is impor‐
300 tant, and -oMaa and -oMai can be used to set parameters as if
301 the SMTP session were authenticated.
302
303 The exim_checkaccess utility is a "packaged" version of -bh
304 whose output just states whether a given recipient address
305 from a given host is acceptable or not.
306
307 Features such as authentication and encryption, where the
308 client input is not plain text, cannot easily be tested with
309 -bh. Instead, you should use a specialized SMTP test program
310 such as swaks.
311
312 -bhc <IP address>
313 This option operates in the same way as -bh, except that
314 address verification callouts are performed if required. This
315 includes consulting and updating the callout cache database.
316
317 -bi Sendmail interprets the -bi option as a request to rebuild
318 its alias file. Exim does not have the concept of a single
319 alias file, and so it cannot mimic this behaviour. However,
320 calls to /usr/lib/sendmail with the -bi option tend to appear
321 in various scripts such as NIS make files, so the option must
322 be recognized.
323
324 If -bi is encountered, the command specified by the bi_com‐
325 mand configuration option is run, under the uid and gid of
326 the caller of Exim. If the -oA option is used, its value is
327 passed to the command as an argument. The command set by
328 bi_command may not contain arguments. The command can use the
329 exim_dbmbuild utility, or some other means, to rebuild alias
330 files if this is required. If the bi_command option is not
331 set, calling Exim with -bi is a no-op.
332
333 -bI:help We shall provide various options starting -bI: for querying
334 Exim for information. The output of many of these will be
335 intended for machine consumption. This one is not. The
336 -bI:help option asks Exim for a synopsis of supported options
337 beginning -bI:. Use of any of these options shall cause Exim
338 to exit after producing the requested output.
339
340 -bI:dscp This option causes Exim to emit an alphabetically sorted list
341 of all recognised DSCP names.
342
343 -bI:sieve This option causes Exim to emit an alphabetically sorted list
344 of all supported Sieve protocol extensions on stdout, one per
345 line. This is anticipated to be useful for ManageSieve (RFC
346 5804) implementations, in providing that protocol's SIEVE
347 capability response line. As the precise list may depend
348 upon compile-time build options, which this option will adapt
349 to, this is the only way to guarantee a correct response.
350
351 -bm This option runs an Exim receiving process that accepts an
352 incoming, locally-generated message on the standard input.
353 The recipients are given as the command arguments (except
354 when -t is also present - see below). Each argument can be a
355 comma-separated list of RFC 2822 addresses. This is the
356 default option for selecting the overall action of an Exim
357 call; it is assumed if no other conflicting option is
358 present.
359
360 If any addresses in the message are unqualified (have no
361 domain), they are qualified by the values of the qual‐
362 ify_domain or qualify_recipient options, as appropriate. The
363 -bnq option (see below) provides a way of suppressing this
364 for special cases.
365
366 Policy checks on the contents of local messages can be
367 enforced by means of the non-SMTP ACL.
368
369 The return code is zero if the message is successfully
370 accepted. Otherwise, the action is controlled by the -oex
371 option setting - see below.
372
373 The format of the message must be as defined in RFC 2822,
374 except that, for compatibility with Sendmail and Smail, a
375 line in one of the forms
376
377 From sender Fri Jan 5 12:55 GMT 1997
378 From sender Fri, 5 Jan 97 12:55:01
379
380 (with the weekday optional, and possibly with additional text
381 after the date) is permitted to appear at the start of the
382 message. There appears to be no authoritative specification
383 of the format of this line. Exim recognizes it by matching
384 against the regular expression defined by the uucp_from_pat‐
385 tern option, which can be changed if necessary.
386
387 The specified sender is treated as if it were given as the
388 argument to the -f option, but if a -f option is also
389 present, its argument is used in preference to the address
390 taken from the message. The caller of Exim must be a trusted
391 user for the sender of a message to be set in this way.
392
393 -bmalware <filename>
394 This debugging option causes Exim to scan the given file or
395 directory (depending on the used scanner interface), using
396 the malware scanning framework. The option of av_scanner
397 influences this option, so if av_scanner's value is dependent
398 upon an expansion then the expansion should have defaults
399 which apply to this invocation. ACLs are not invoked, so if
400 av_scanner references an ACL variable then that variable will
401 never be populated and -bmalware will fail.
402
403 Exim will have changed working directory before resolving the
404 filename, so using fully qualified pathnames is advisable.
405 Exim will be running as the Exim user when it tries to open
406 the file, rather than as the invoking user. This option
407 requires admin privileges.
408
409 The -bmalware option will not be extended to be more gener‐
410 ally useful, there are better tools for file-scanning. This
411 option exists to help administrators verify their Exim and AV
412 scanner configuration.
413
414 -bnq By default, Exim automatically qualifies unqualified
415 addresses (those without domains) that appear in messages
416 that are submitted locally (that is, not over TCP/IP). This
417 qualification applies both to addresses in envelopes, and
418 addresses in header lines. Sender addresses are qualified
419 using qualify_domain, and recipient addresses using qual‐
420 ify_recipient (which defaults to the value of qual‐
421 ify_domain).
422
423 Sometimes, qualification is not wanted. For example, if -bS
424 (batch SMTP) is being used to re-submit messages that origi‐
425 nally came from remote hosts after content scanning, you
426 probably do not want to qualify unqualified addresses in
427 header lines. (Such lines will be present only if you have
428 not enabled a header syntax check in the appropriate ACL.)
429
430 The -bnq option suppresses all qualification of unqualified
431 addresses in messages that originate on the local host. When
432 this is used, unqualified addresses in the envelope provoke
433 errors (causing message rejection) and unqualified addresses
434 in header lines are left alone.
435
436 -bP If this option is given with no arguments, it causes the val‐
437 ues of all Exim's main configuration options to be written to
438 the standard output. The values of one or more specific
439 options can be requested by giving their names as arguments,
440 for example:
441
442 exim -bP qualify_domain hold_domains
443
444 However, any option setting that is preceded by the word
445 "hide" in the configuration file is not shown in full, except
446 to an admin user. For other users, the output is as in this
447 example:
448
449 mysql_servers = <value not displayable>
450
451 If config is given as an argument, the config is output, as
452 it was parsed, any include file resolved, any comment
453 removed.
454
455 If config_file is given as an argument, the name of the run‐
456 time configuration file is output. (configure_file works too,
457 for backward compatibility.) If a list of configuration
458 files was supplied, the value that is output here is the name
459 of the file that was actually used.
460
461 If the -n flag is given, then for most modes of -bP operation
462 the name will not be output.
463
464 If log_file_path or pid_file_path are given, the names of the
465 directories where log files and daemon pid files are written
466 are output, respectively. If these values are unset, log
467 files are written in a sub-directory of the spool directory
468 called log, and the pid file is written directly into the
469 spool directory.
470
471 If -bP is followed by a name preceded by +, for example,
472
473 exim -bP +local_domains
474
475 it searches for a matching named list of any type (domain,
476 host, address, or local part) and outputs what it finds.
477
478 If one of the words router, transport, or authenticator is
479 given, followed by the name of an appropriate driver
480 instance, the option settings for that driver are output. For
481 example:
482
483 exim -bP transport local_delivery
484
485 The generic driver options are output first, followed by the
486 driver's private options. A list of the names of drivers of a
487 particular type can be obtained by using one of the words
488 router_list, transport_list, or authenticator_list, and a
489 complete list of all drivers with their option settings can
490 be obtained by using routers, transports, or authenticators.
491
492 If environment is given as an argument, the set of environ‐
493 ment variables is output, line by line. Using the -n flag
494 suppresses the value of the variables.
495
496 If invoked by an admin user, then macro, macro_list and
497 macros are available, similarly to the drivers. Because
498 macros are sometimes used for storing passwords, this option
499 is restricted. The output format is one item per line. For
500 the "-bP macro <name>" form, if no such macro is found the
501 exit status will be nonzero.
502
503 -bp This option requests a listing of the contents of the mail
504 queue on the standard output. If the -bp option is followed
505 by a list of message ids, just those messages are listed. By
506 default, this option can be used only by an admin user. How‐
507 ever, the queue_list_requires_admin option can be set false
508 to allow any user to see the queue.
509
510 Each message in the queue is displayed as in the following
511 example:
512
513 25m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
514 red.king@looking-glass.fict.example
515 <other addresses>
516
517 The first line contains the length of time the message has
518 been in the queue (in this case 25 minutes), the size of the
519 message (2.9K), the unique local identifier for the message,
520 and the message sender, as contained in the envelope. For
521 bounce messages, the sender address is empty, and appears as
522 "<>". If the message was submitted locally by an untrusted
523 user who overrode the default sender address, the user's
524 login name is shown in parentheses before the sender address.
525
526 If the message is frozen (attempts to deliver it are sus‐
527 pended) then the text "*** frozen ***" is displayed at the
528 end of this line.
529
530 The recipients of the message (taken from the envelope, not
531 the headers) are displayed on subsequent lines. Those
532 addresses to which the message has already been delivered are
533 marked with the letter D. If an original address gets
534 expanded into several addresses via an alias or forward file,
535 the original is displayed with a D only when deliveries for
536 all of its child addresses are complete.
537
538 -bpa This option operates like -bp, but in addition it shows
539 delivered addresses that were generated from the original top
540 level address(es) in each message by alias or forwarding
541 operations. These addresses are flagged with "+D" instead of
542 just "D".
543
544 -bpc This option counts the number of messages in the queue, and
545 writes the total to the standard output. It is restricted to
546 admin users, unless queue_list_requires_admin is set false.
547
548 -bpr This option operates like -bp, but the output is not sorted
549 into chronological order of message arrival. This can speed
550 it up when there are lots of messages in the queue, and is
551 particularly useful if the output is going to be post-pro‐
552 cessed in a way that doesn't need the sorting.
553
554 -bpra This option is a combination of -bpr and -bpa.
555
556 -bpru This option is a combination of -bpr and -bpu.
557
558 -bpu This option operates like -bp but shows only undelivered
559 top-level addresses for each message displayed. Addresses
560 generated by aliasing or forwarding are not shown, unless the
561 message was deferred after processing by a router with the
562 one_time option set.
563
564 -brt This option is for testing retry rules, and it must be fol‐
565 lowed by up to three arguments. It causes Exim to look for a
566 retry rule that matches the values and to write it to the
567 standard output. For example:
568
569 exim -brt bach.comp.mus.example
570 Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
571
572 The first argument, which is required, can be a complete
573 address in the form local_part@domain, or it can be just a
574 domain name. If the second argument contains a dot, it is
575 interpreted as an optional second domain name; if no retry
576 rule is found for the first argument, the second is tried.
577 This ties in with Exim's behaviour when looking for retry
578 rules for remote hosts - if no rule is found that matches the
579 host, one that matches the mail domain is sought. Finally, an
580 argument that is the name of a specific delivery error, as
581 used in setting up retry rules, can be given. For example:
582
583 exim -brt haydn.comp.mus.example quota_3d
584 Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m
585
586 -brw This option is for testing address rewriting rules, and it
587 must be followed by a single argument, consisting of either a
588 local part without a domain, or a complete address with a
589 fully qualified domain. Exim outputs how this address would
590 be rewritten for each possible place it might appear.
591
592 -bS This option is used for batched SMTP input, which is an
593 alternative interface for non-interactive local message sub‐
594 mission. A number of messages can be submitted in a single
595 run. However, despite its name, this is not really SMTP
596 input. Exim reads each message's envelope from SMTP commands
597 on the standard input, but generates no responses. If the
598 caller is trusted, or untrusted_set_sender is set, the
599 senders in the SMTP MAIL commands are believed; otherwise the
600 sender is always the caller of Exim.
601
602 The message itself is read from the standard input, in SMTP
603 format (leading dots doubled), terminated by a line contain‐
604 ing just a single dot. An error is provoked if the terminat‐
605 ing dot is missing. A further message may then follow.
606
607 As for other local message submissions, the contents of
608 incoming batch SMTP messages can be checked using the
609 non-SMTP ACL. Unqualified addresses are automatically quali‐
610 fied using qualify_domain and qualify_recipient, as appropri‐
611 ate, unless the -bnq option is used.
612
613 Some other SMTP commands are recognized in the input. HELO
614 and EHLO act as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP;
615 QUIT quits, ignoring the rest of the standard input.
616
617 If any error is encountered, reports are written to the stan‐
618 dard output and error streams, and Exim gives up immediately.
619 The return code is 0 if no error was detected; it is 1 if one
620 or more messages were accepted before the error was detected;
621 otherwise it is 2.
622
623
624 -bs This option causes Exim to accept one or more messages by
625 reading SMTP commands on the standard input, and producing
626 SMTP replies on the standard output. SMTP policy controls, as
627 defined in ACLs are applied. Some user agents use this
628 interface as a way of passing locally-generated messages to
629 the MTA.
630
631 In this usage, if the caller of Exim is trusted, or
632 untrusted_set_sender is set, the senders of messages are
633 taken from the SMTP MAIL commands. Otherwise the content of
634 these commands is ignored and the sender is set up as the
635 calling user. Unqualified addresses are automatically quali‐
636 fied using qualify_domain and qualify_recipient, as appropri‐
637 ate, unless the -bnq option is used.
638
639 The -bs option is also used to run Exim from inetd, as an
640 alternative to using a listening daemon. Exim can distinguish
641 the two cases by checking whether the standard input is a
642 TCP/IP socket. When Exim is called from inetd, the source of
643 the mail is assumed to be remote, and the comments above con‐
644 cerning senders and qualification do not apply. In this situ‐
645 ation, Exim behaves in exactly the same way as it does when
646 receiving a message via the listening daemon.
647
648 -bt This option runs Exim in address testing mode, in which each
649 argument is taken as a recipient address to be tested for
650 deliverability. The results are written to the standard out‐
651 put. If a test fails, and the caller is not an admin user, no
652 details of the failure are output, because these might con‐
653 tain sensitive information such as usernames and passwords
654 for database lookups.
655
656 If no arguments are given, Exim runs in an interactive man‐
657 ner, prompting with a right angle bracket for addresses to be
658 tested.
659
660 Unlike the -be test option, you cannot arrange for Exim to
661 use the readline() function, because it is running as root
662 and there are security issues.
663
664 Each address is handled as if it were the recipient address
665 of a message (compare the -bv option). It is passed to the
666 routers and the result is written to the standard output.
667 However, any router that has no_address_test set is bypassed.
668 This can make -bt easier to use for genuine routing tests if
669 your first router passes everything to a scanner program.
670
671 The return code is 2 if any address failed outright; it is 1
672 if no address failed outright but at least one could not be
673 resolved for some reason. Return code 0 is given only when
674 all addresses succeed.
675
676 Note: When actually delivering a message, Exim removes dupli‐
677 cate recipient addresses after routing is complete, so that
678 only one delivery takes place. This does not happen when
679 testing with -bt; the full results of routing are always
680 shown.
681
682 Warning: -bt can only do relatively simple testing. If any of
683 the routers in the configuration makes any tests on the
684 sender address of a message, you can use the -f option to set
685 an appropriate sender when running -bt tests. Without it, the
686 sender is assumed to be the calling user at the default qual‐
687 ifying domain. However, if you have set up (for example)
688 routers whose behaviour depends on the contents of an incom‐
689 ing message, you cannot test those conditions using -bt. The
690 -N option provides a possible way of doing such tests.
691
692 -bV This option causes Exim to write the current version number,
693 compilation number, and compilation date of the exim binary
694 to the standard output. It also lists the DBM library that
695 is being used, the optional modules (such as specific lookup
696 types), the drivers that are included in the binary, and the
697 name of the runtime configuration file that is in use.
698
699 As part of its operation, -bV causes Exim to read and syntax
700 check its configuration file. However, this is a static check
701 only. It cannot check values that are to be expanded. For
702 example, although a misspelt ACL verb is detected, an error
703 in the verb's arguments is not. You cannot rely on -bV alone
704 to discover (for example) all the typos in the configuration;
705 some realistic testing is needed. The -bh and -N options pro‐
706 vide more dynamic testing facilities.
707
708 -bv This option runs Exim in address verification mode, in which
709 each argument is taken as a recipient address to be verified
710 by the routers. (This does not involve any verification call‐
711 outs). During normal operation, verification happens mostly
712 as a consequence processing a verify condition in an ACL. If
713 you want to test an entire ACL, possibly including callouts,
714 see the -bh and -bhc options.
715
716 If verification fails, and the caller is not an admin user,
717 no details of the failure are output, because these might
718 contain sensitive information such as usernames and passwords
719 for database lookups.
720
721 If no arguments are given, Exim runs in an interactive man‐
722 ner, prompting with a right angle bracket for addresses to be
723 verified.
724
725 Unlike the -be test option, you cannot arrange for Exim to
726 use the readline() function, because it is running as exim
727 and there are security issues.
728
729 Verification differs from address testing (the -bt option) in
730 that routers that have no_verify set are skipped, and if the
731 address is accepted by a router that has fail_verify set,
732 verification fails. The address is verified as a recipient if
733 -bv is used; to test verification for a sender address, -bvs
734 should be used.
735
736 If the -v option is not set, the output consists of a single
737 line for each address, stating whether it was verified or
738 not, and giving a reason in the latter case. Without -v, gen‐
739 erating more than one address by redirection causes verifica‐
740 tion to end successfully, without considering the generated
741 addresses. However, if just one address is generated, pro‐
742 cessing continues, and the generated address must verify suc‐
743 cessfully for the overall verification to succeed.
744
745 When -v is set, more details are given of how the address has
746 been handled, and in the case of address redirection, all the
747 generated addresses are also considered. Verification may
748 succeed for some and fail for others.
749
750 The return code is 2 if any address failed outright; it is 1
751 if no address failed outright but at least one could not be
752 resolved for some reason. Return code 0 is given only when
753 all addresses succeed.
754
755 If any of the routers in the configuration makes any tests on
756 the sender address of a message, you should use the -f option
757 to set an appropriate sender when running -bv tests. Without
758 it, the sender is assumed to be the calling user at the
759 default qualifying domain.
760
761 -bvs This option acts like -bv, but verifies the address as a
762 sender rather than a recipient address. This affects any
763 rewriting and qualification that might happen.
764
765 -bw This option runs Exim as a daemon, awaiting incoming SMTP
766 connections, similarly to the -bd option. All port specifi‐
767 cations on the command-line and in the configuration file are
768 ignored. Queue-running may not be specified.
769
770 In this mode, Exim expects to be passed a socket as fd 0
771 (stdin) which is listening for connections. This permits the
772 system to start up and have inetd (or equivalent) listen on
773 the SMTP ports, starting an Exim daemon for each port only
774 when the first connection is received.
775
776 If the option is given as -bw<time> then the time is a time‐
777 out, after which the daemon will exit, which should cause
778 inetd to listen once more.
779
780 -C <filelist>
781 This option causes Exim to find the runtime configuration
782 file from the given list instead of from the list specified
783 by the CONFIGURE_FILE compile-time setting. Usually, the list
784 will consist of just a single filename, but it can be a
785 colon-separated list of names. In this case, the first file
786 that exists is used. Failure to open an existing file stops
787 Exim from proceeding any further along the list, and an error
788 is generated.
789
790 When this option is used by a caller other than root, and the
791 list is different from the compiled-in list, Exim gives up
792 its root privilege immediately, and runs with the real and
793 effective uid and gid set to those of the caller. However,
794 if a TRUSTED_CONFIG_LIST file is defined in Local/Makefile,
795 that file contains a list of full pathnames, one per line,
796 for configuration files which are trusted. Root privilege is
797 retained for any configuration file so listed, as long as the
798 caller is the Exim user (or the user specified in the CONFIG‐
799 URE_OWNER option, if any), and as long as the configuration
800 file is not writeable by inappropriate users or groups.
801
802 Leaving TRUSTED_CONFIG_LIST unset precludes the possibility
803 of testing a configuration using -C right through message
804 reception and delivery, even if the caller is root. The
805 reception works, but by that time, Exim is running as the
806 Exim user, so when it re-executes to regain privilege for the
807 delivery, the use of -C causes privilege to be lost. However,
808 root can test reception and delivery using two separate com‐
809 mands (one to put a message in the queue, using -odq, and
810 another to do the delivery, using -M).
811
812 If ALT_CONFIG_PREFIX is defined in Local/Makefile, it speci‐
813 fies a prefix string with which any file named in a -C com‐
814 mand line option must start. In addition, the filename must
815 not contain the sequence /../. However, if the value of the
816 -C option is identical to the value of CONFIGURE_FILE in
817 Local/Makefile, Exim ignores -C and proceeds as usual. There
818 is no default setting for ALT_CONFIG_PREFIX; when it is
819 unset, any filename can be used with -C.
820
821 ALT_CONFIG_PREFIX can be used to confine alternative configu‐
822 ration files to a directory to which only root has access.
823 This prevents someone who has broken into the Exim account
824 from running a privileged Exim with an arbitrary configura‐
825 tion file.
826
827 The -C facility is useful for ensuring that configuration
828 files are syntactically correct, but cannot be used for test
829 deliveries, unless the caller is privileged, or unless it is
830 an exotic configuration that does not require privilege. No
831 check is made on the owner or group of the files specified by
832 this option.
833
834 -D<macro>=<value>
835 This option can be used to override macro definitions in the
836 configuration file. However, like -C, if it is used by an
837 unprivileged caller, it causes Exim to give up its root priv‐
838 ilege. If DISABLE_D_OPTION is defined in Local/Makefile, the
839 use of -D is completely disabled, and its use causes an imme‐
840 diate error exit.
841
842 If WHITELIST_D_MACROS is defined in Local/Makefile then it
843 should be a colon-separated list of macros which are consid‐
844 ered safe and, if -D only supplies macros from this list, and
845 the values are acceptable, then Exim will not give up root
846 privilege if the caller is root, the Exim run-time user, or
847 the CONFIGURE_OWNER, if set. This is a transition mechanism
848 and is expected to be removed in the future. Acceptable val‐
849 ues for the macros satisfy the regexp: ^[A-Za-z0-9_/.-]*$
850
851 The entire option (including equals sign if present) must all
852 be within one command line item. -D can be used to set the
853 value of a macro to the empty string, in which case the
854 equals sign is optional. These two commands are synonymous:
855
856 exim -DABC ...
857 exim -DABC= ...
858
859 To include spaces in a macro definition item, quotes must be
860 used. If you use quotes, spaces are permitted around the
861 macro name and the equals sign. For example:
862
863 exim '-D ABC = something' ...
864
865 -D may be repeated up to 10 times on a command line. Only
866 macro names up to 22 letters long can be set.
867
868 -d<debug options>
869 This option causes debugging information to be written to the
870 standard error stream. It is restricted to admin users
871 because debugging output may show database queries that con‐
872 tain password information. Also, the details of users' filter
873 files should be protected. If a non-admin user uses -d, Exim
874 writes an error message to the standard error stream and
875 exits with a non-zero return code.
876
877 When -d is used, -v is assumed. If -d is given on its own, a
878 lot of standard debugging data is output. This can be
879 reduced, or increased to include some more rarely needed
880 information, by directly following -d with a string made up
881 of names preceded by plus or minus characters. These add or
882 remove sets of debugging data, respectively. For example,
883 -d+filter adds filter debugging, whereas -d-all+filter
884 selects only filter debugging. Note that no spaces are
885 allowed in the debug setting. The available debugging cate‐
886 gories are:
887
888 acl ACL interpretation
889 auth authenticators
890 deliver general delivery logic
891 dns DNS lookups (see also resolver)
892 dnsbl DNS black list (aka RBL) code
893 exec arguments for execv() calls
894 expand detailed debugging for string expansions
895 filter filter handling
896 hints_lookup hints data lookups
897 host_lookup all types of name-to-IP address handling
898 ident ident lookup
899 interface lists of local interfaces
900 lists matching things in lists
901 load system load checks
902 local_scan can be used by local_scan()
903 lookup general lookup code and all lookups
904 memory memory handling
905 noutf8 modifier: avoid UTF-8 line-drawing
906 pid modifier: add pid to debug output lines
907 process_info setting info for the process log
908 queue_run queue runs
909 receive general message reception logic
910 resolver turn on the DNS resolver's debugging output
911 retry retry handling
912 rewrite address rewriting
913 route address routing
914 timestamp modifier: add timestamp to debug output
915 lines
916 tls TLS logic
917 transport transports
918 uid changes of uid/gid and looking up uid/gid
919 verify address verification logic
920 all almost all of the above (see below), and
921 also -v
922
923 The all option excludes memory when used as +all, but
924 includes it for -all. The reason for this is that +all is
925 something that people tend to use when generating debug out‐
926 put for Exim maintainers. If +memory is included, an awful
927 lot of output that is very rarely of interest is generated,
928 so it now has to be explicitly requested. However, -all does
929 turn everything off.
930
931 The resolver option produces output only if the DNS resolver
932 was compiled with DEBUG enabled. This is not the case in some
933 operating systems. Also, unfortunately, debugging output from
934 the DNS resolver is written to stdout rather than stderr.
935
936 The default (-d with no argument) omits expand, filter,
937 interface, load, memory, pid, resolver, and timestamp. How‐
938 ever, the pid selector is forced when debugging is turned on
939 for a daemon, which then passes it on to any re-executed
940 Exims. Exim also automatically adds the pid to debug lines
941 when several remote deliveries are run in parallel.
942
943 The timestamp selector causes the current time to be inserted
944 at the start of all debug output lines. This can be useful
945 when trying to track down delays in processing.
946
947 The noutf8 selector disables the use of UTF-8 line-drawing
948 characters to group related information. When disabled.
949 ascii-art is used instead. Using the +all option does not
950 set this modifier,
951
952 If the debug_print option is set in any driver, it produces
953 output whenever any debugging is selected, or if -v is used.
954
955 -dd<debug options>
956 This option behaves exactly like -d except when used on a
957 command that starts a daemon process. In that case, debugging
958 is turned off for the subprocesses that the daemon creates.
959 Thus, it is useful for monitoring the behaviour of the daemon
960 without creating as much output as full debugging does.
961
962 -dropcr This is an obsolete option that is now a no-op. It used to
963 affect the way Exim handled CR and LF characters in incoming
964 messages.
965
966 -E This option specifies that an incoming message is a
967 locally-generated delivery failure report. It is used inter‐
968 nally by Exim when handling delivery failures and is not
969 intended for external use. Its only effect is to stop Exim
970 generating certain messages to the postmaster, as otherwise
971 message cascades could occur in some situations. As part of
972 the same option, a message id may follow the characters -E.
973 If it does, the log entry for the receipt of the new message
974 contains the id, following "R=", as a cross-reference.
975
976 -ex There are a number of Sendmail options starting with -oe
977 which seem to be called by various programs without the lead‐
978 ing o in the option. For example, the vacation program uses
979 -eq. Exim treats all options of the form -ex as synonymous
980 with the corresponding -oex options.
981
982 -F <string>
983 This option sets the sender's full name for use when a
984 locally-generated message is being accepted. In the absence
985 of this option, the user's gecos entry from the password data
986 is used. As users are generally permitted to alter their
987 gecos entries, no security considerations are involved. White
988 space between -F and the <string> is optional.
989
990 -f <address>
991 This option sets the address of the envelope sender of a
992 locally-generated message (also known as the return path).
993 The option can normally be used only by a trusted user, but
994 untrusted_set_sender can be set to allow untrusted users to
995 use it.
996
997 Processes running as root or the Exim user are always
998 trusted. Other trusted users are defined by the trusted_users
999 or trusted_groups options. In the absence of -f, or if the
1000 caller is not trusted, the sender of a local message is set
1001 to the caller's login name at the default qualify domain.
1002
1003 There is one exception to the restriction on the use of -f:
1004 an empty sender can be specified by any user, trusted or not,
1005 to create a message that can never provoke a bounce. An empty
1006 sender can be specified either as an empty string, or as a
1007 pair of angle brackets with nothing between them, as in these
1008 examples of shell commands:
1009
1010 exim -f '<>' user@domain
1011 exim -f "" user@domain
1012
1013 In addition, the use of -f is not restricted when testing a
1014 filter file with -bf or when testing or verifying addresses
1015 using the -bt or -bv options.
1016
1017 Allowing untrusted users to change the sender address does
1018 not of itself make it possible to send anonymous mail. Exim
1019 still checks that the From: header refers to the local user,
1020 and if it does not, it adds a Sender: header, though this can
1021 be overridden by setting no_local_from_check.
1022
1023 White space between -f and the <address> is optional (that
1024 is, they can be given as two arguments or one combined argu‐
1025 ment). The sender of a locally-generated message can also be
1026 set (when permitted) by an initial "From " line in the mes‐
1027 sage - see the description of -bm above - but if -f is also
1028 present, it overrides "From ".
1029
1030 -G This option is equivalent to an ACL applying:
1031
1032 control = suppress_local_fixups
1033
1034 for every message received. Note that Sendmail will complain
1035 about such bad formatting, where Exim silently just does not
1036 fix it up. This may change in future.
1037
1038 As this affects audit information, the caller must be a
1039 trusted user to use this option.
1040
1041 -h <number>
1042 This option is accepted for compatibility with Sendmail, but
1043 has no effect. (In Sendmail it overrides the "hop count"
1044 obtained by counting Received: headers.)
1045
1046 -i This option, which has the same effect as -oi, specifies that
1047 a dot on a line by itself should not terminate an incoming,
1048 non-SMTP message. I can find no documentation for this option
1049 in Solaris 2.4 Sendmail, but the mailx command in Solaris 2.4
1050 uses it. See also -ti.
1051
1052 -L <tag> This option is equivalent to setting syslog_processname in
1053 the config file and setting log_file_path to syslog. Its use
1054 is restricted to administrators. The configuration file has
1055 to be read and parsed, to determine access rights, before
1056 this is set and takes effect, so early configuration file
1057 errors will not honour this flag.
1058
1059 The tag should not be longer than 32 characters.
1060
1061 -M <message id> <message id> ...
1062 This option requests Exim to run a delivery attempt on each
1063 message in turn. If any of the messages are frozen, they are
1064 automatically thawed before the delivery attempt. The set‐
1065 tings of queue_domains, queue_smtp_domains, and hold_domains
1066 are ignored.
1067
1068 Retry hints for any of the addresses are overridden - Exim
1069 tries to deliver even if the normal retry time has not yet
1070 been reached. This option requires the caller to be an admin
1071 user. However, there is an option called prod_requires_admin
1072 which can be set false to relax this restriction (and also
1073 the same requirement for the -q, -R, and -S options).
1074
1075 The deliveries happen synchronously, that is, the original
1076 Exim process does not terminate until all the delivery
1077 attempts have finished. No output is produced unless there is
1078 a serious error. If you want to see what is happening, use
1079 the -v option as well, or inspect Exim's main log.
1080
1081 -Mar <message id> <address> <address> ...
1082 This option requests Exim to add the addresses to the list of
1083 recipients of the message ("ar" for "add recipients"). The
1084 first argument must be a message id, and the remaining ones
1085 must be email addresses. However, if the message is active
1086 (in the middle of a delivery attempt), it is not altered.
1087 This option can be used only by an admin user.
1088
1089 -MC <transport> <hostname> <sequence number> <message id>
1090 This option is not intended for use by external callers. It
1091 is used internally by Exim to invoke another instance of
1092 itself to deliver a waiting message using an existing SMTP
1093 connection, which is passed as the standard input. This must
1094 be the final option, and the caller must be root or the Exim
1095 user in order to use it.
1096
1097 -MCA This option is not intended for use by external callers. It
1098 is used internally by Exim in conjunction with the -MC
1099 option. It signifies that the connection to the remote host
1100 has been authenticated.
1101
1102 -MCD This option is not intended for use by external callers. It
1103 is used internally by Exim in conjunction with the -MC
1104 option. It signifies that the remote host supports the ESMTP
1105 DSN extension.
1106
1107 -MCG <queue name>
1108 This option is not intended for use by external callers. It
1109 is used internally by Exim in conjunction with the -MC
1110 option. It signifies that an alternate queue is used, named
1111 by the following argument.
1112
1113 -MCK This option is not intended for use by external callers. It
1114 is used internally by Exim in conjunction with the -MC
1115 option. It signifies that a remote host supports the ESMTP
1116 CHUNKING extension.
1117
1118 -MCP This option is not intended for use by external callers. It
1119 is used internally by Exim in conjunction with the -MC
1120 option. It signifies that the server to which Exim is con‐
1121 nected supports pipelining.
1122
1123 -MCQ <process id> <pipe fd>
1124 This option is not intended for use by external callers. It
1125 is used internally by Exim in conjunction with the -MC option
1126 when the original delivery was started by a queue runner. It
1127 passes on the process id of the queue runner, together with
1128 the file descriptor number of an open pipe. Closure of the
1129 pipe signals the final completion of the sequence of pro‐
1130 cesses that are passing messages through the same SMTP con‐
1131 nection.
1132
1133 -MCS This option is not intended for use by external callers. It
1134 is used internally by Exim in conjunction with the -MC
1135 option, and passes on the fact that the SMTP SIZE option
1136 should be used on messages delivered down the existing con‐
1137 nection.
1138
1139 -MCT This option is not intended for use by external callers. It
1140 is used internally by Exim in conjunction with the -MC
1141 option, and passes on the fact that the host to which Exim is
1142 connected supports TLS encryption.
1143
1144 -MCt <IP address> <port> <cipher>
1145 This option is not intended for use by external callers. It
1146 is used internally by Exim in conjunction with the -MC
1147 option, and passes on the fact that the connection is being
1148 proxied by a parent process for handling TLS encryption. The
1149 arguments give the local address and port being proxied, and
1150 the TLS cipher.
1151
1152 -Mc <message id> <message id> ...
1153 This option requests Exim to run a delivery attempt on each
1154 message, in turn, but unlike the -M option, it does check for
1155 retry hints, and respects any that are found. This option is
1156 not very useful to external callers. It is provided mainly
1157 for internal use by Exim when it needs to re-invoke itself in
1158 order to regain root privilege for a delivery. However, -Mc
1159 can be useful when testing, in order to run a delivery that
1160 respects retry times and other options such as hold_domains
1161 that are overridden when -M is used. Such a delivery does not
1162 count as a queue run. If you want to run a specific delivery
1163 as if in a queue run, you should use -q with a message id
1164 argument. A distinction between queue run deliveries and
1165 other deliveries is made in one or two places.
1166
1167 -Mes <message id> <address>
1168 This option requests Exim to change the sender address in the
1169 message to the given address, which must be a fully qualified
1170 address or "<>" ("es" for "edit sender"). There must be
1171 exactly two arguments. The first argument must be a message
1172 id, and the second one an email address. However, if the mes‐
1173 sage is active (in the middle of a delivery attempt), its
1174 status is not altered. This option can be used only by an
1175 admin user.
1176
1177 -Mf <message id> <message id> ...
1178 This option requests Exim to mark each listed message as
1179 "frozen". This prevents any delivery attempts taking place
1180 until the message is "thawed", either manually or as a result
1181 of the auto_thaw configuration option. However, if any of
1182 the messages are active (in the middle of a delivery
1183 attempt), their status is not altered. This option can be
1184 used only by an admin user.
1185
1186 -Mg <message id> <message id> ...
1187 This option requests Exim to give up trying to deliver the
1188 listed messages, including any that are frozen. However, if
1189 any of the messages are active, their status is not altered.
1190 For non-bounce messages, a delivery error message is sent to
1191 the sender, containing the text "cancelled by administrator".
1192 Bounce messages are just discarded. This option can be used
1193 only by an admin user.
1194
1195 -MG <queue name> <message id> <message id> ...
1196 This option requests that each listed message be moved from
1197 its current queue to the given named queue. The destination
1198 queue name argument is required, but can be an empty string
1199 to define the default queue. If the messages are not cur‐
1200 rently located in the default queue, a -qG<name> option will
1201 be required to define the source queue.
1202
1203 -Mmad <message id> <message id> ...
1204 This option requests Exim to mark all the recipient addresses
1205 in the messages as already delivered ("mad" for "mark all
1206 delivered"). However, if any message is active (in the middle
1207 of a delivery attempt), its status is not altered. This
1208 option can be used only by an admin user.
1209
1210 -Mmd <message id> <address> <address> ...
1211 This option requests Exim to mark the given addresses as
1212 already delivered ("md" for "mark delivered"). The first
1213 argument must be a message id, and the remaining ones must be
1214 email addresses. These are matched to recipient addresses in
1215 the message in a case-sensitive manner. If the message is
1216 active (in the middle of a delivery attempt), its status is
1217 not altered. This option can be used only by an admin user.
1218
1219 -Mrm <message id> <message id> ...
1220 This option requests Exim to remove the given messages from
1221 the queue. No bounce messages are sent; each message is sim‐
1222 ply forgotten. However, if any of the messages are active,
1223 their status is not altered. This option can be used only by
1224 an admin user or by the user who originally caused the mes‐
1225 sage to be placed in the queue.
1226
1227 -Mset <message id>
1228 This option is useful only in conjunction with -be (that is,
1229 when testing string expansions). Exim loads the given message
1230 from its spool before doing the test expansions, thus setting
1231 message-specific variables such as $message_size and the
1232 header variables. The $recipients variable is made available.
1233 This feature is provided to make it easier to test expansions
1234 that make use of these variables. However, this option can be
1235 used only by an admin user. See also -bem.
1236
1237 -Mt <message id> <message id> ...
1238 This option requests Exim to "thaw" any of the listed mes‐
1239 sages that are "frozen", so that delivery attempts can
1240 resume. However, if any of the messages are active, their
1241 status is not altered. This option can be used only by an
1242 admin user.
1243
1244 -Mvb <message id>
1245 This option causes the contents of the message body (-D)
1246 spool file to be written to the standard output. This option
1247 can be used only by an admin user.
1248
1249 -Mvc <message id>
1250 This option causes a copy of the complete message (header
1251 lines plus body) to be written to the standard output in RFC
1252 2822 format. This option can be used only by an admin user.
1253
1254 -Mvh <message id>
1255 This option causes the contents of the message headers (-H)
1256 spool file to be written to the standard output. This option
1257 can be used only by an admin user.
1258
1259 -Mvl <message id>
1260 This option causes the contents of the message log spool file
1261 to be written to the standard output. This option can be used
1262 only by an admin user.
1263
1264 -m This is apparently a synonym for -om that is accepted by
1265 Sendmail, so Exim treats it that way too.
1266
1267 -N This is a debugging option that inhibits delivery of a mes‐
1268 sage at the transport level. It implies -v. Exim goes through
1269 many of the motions of delivery - it just doesn't actually
1270 transport the message, but instead behaves as if it had suc‐
1271 cessfully done so. However, it does not make any updates to
1272 the retry database, and the log entries for deliveries are
1273 flagged with "*>" rather than "=>".
1274
1275 Because -N discards any message to which it applies, only
1276 root or the Exim user are allowed to use it with -bd, -q, -R
1277 or -M. In other words, an ordinary user can use it only when
1278 supplying an incoming message to which it will apply.
1279 Although transportation never fails when -N is set, an
1280 address may be deferred because of a configuration problem on
1281 a transport, or a routing problem. Once -N has been used for
1282 a delivery attempt, it sticks to the message, and applies to
1283 any subsequent delivery attempts that may happen for that
1284 message.
1285
1286 -n This option is interpreted by Sendmail to mean "no aliasing".
1287 For normal modes of operation, it is ignored by Exim. When
1288 combined with -bP it makes the output more terse (suppresses
1289 option names, environment values and config pretty printing).
1290
1291 -O <data> This option is interpreted by Sendmail to mean set option. It
1292 is ignored by Exim.
1293
1294 -oA <file name>
1295 This option is used by Sendmail in conjunction with -bi to
1296 specify an alternative alias filename. Exim handles -bi dif‐
1297 ferently; see the description above.
1298
1299 -oB <n> This is a debugging option which limits the maximum number of
1300 messages that can be delivered down one SMTP connection,
1301 overriding the value set in any smtp transport. If <n> is
1302 omitted, the limit is set to 1.
1303
1304 -odb This option applies to all modes in which Exim accepts incom‐
1305 ing messages, including the listening daemon. It requests
1306 "background" delivery of such messages, which means that the
1307 accepting process automatically starts a delivery process for
1308 each message received, but does not wait for the delivery
1309 processes to finish.
1310
1311 When all the messages have been received, the reception
1312 process exits, leaving the delivery processes to finish in
1313 their own time. The standard output and error streams are
1314 closed at the start of each delivery process. This is the
1315 default action if none of the -od options are present.
1316
1317 If one of the queueing options in the configuration file
1318 (queue_only or queue_only_file, for example) is in effect,
1319 -odb overrides it if queue_only_override is set true, which
1320 is the default setting. If queue_only_override is set false,
1321 -odb has no effect.
1322
1323 -odf This option requests "foreground" (synchronous) delivery when
1324 Exim has accepted a locally-generated message. (For the dae‐
1325 mon it is exactly the same as -odb.) A delivery process is
1326 automatically started to deliver the message, and Exim waits
1327 for it to complete before proceeding.
1328
1329 The original Exim reception process does not finish until the
1330 delivery process for the final message has ended. The stan‐
1331 dard error stream is left open during deliveries.
1332
1333 However, like -odb, this option has no effect if
1334 queue_only_override is false and one of the queueing options
1335 in the configuration file is in effect.
1336
1337 If there is a temporary delivery error during foreground
1338 delivery, the message is left in the queue for later deliv‐
1339 ery, and the original reception process exits.
1340
1341 -odi This option is synonymous with -odf. It is provided for com‐
1342 patibility with Sendmail.
1343
1344 -odq This option applies to all modes in which Exim accepts incom‐
1345 ing messages, including the listening daemon. It specifies
1346 that the accepting process should not automatically start a
1347 delivery process for each message received. Messages are
1348 placed in the queue, and remain there until a subsequent
1349 queue runner process encounters them. There are several con‐
1350 figuration options (such as queue_only) that can be used to
1351 queue incoming messages under certain conditions. This option
1352 overrides all of them and also -odqs. It always forces queue‐
1353 ing.
1354
1355 -odqs This option is a hybrid between -odb/-odi and -odq. However,
1356 like -odb and -odi, this option has no effect if
1357 queue_only_override is false and one of the queueing options
1358 in the configuration file is in effect.
1359
1360 When -odqs does operate, a delivery process is started for
1361 each incoming message, in the background by default, but in
1362 the foreground if -odi is also present. The recipient
1363 addresses are routed, and local deliveries are done in the
1364 normal way. However, if any SMTP deliveries are required,
1365 they are not done at this time, so the message remains in the
1366 queue until a subsequent queue runner process encounters it.
1367 Because routing was done, Exim knows which messages are wait‐
1368 ing for which hosts, and so a number of messages for the same
1369 host can be sent in a single SMTP connection. The
1370 queue_smtp_domains configuration option has the same effect
1371 for specific domains. See also the -qq option.
1372
1373 -oee If an error is detected while a non-SMTP message is being
1374 received (for example, a malformed address), the error is
1375 reported to the sender in a mail message.
1376
1377 Provided this error message is successfully sent, the Exim
1378 receiving process exits with a return code of zero. If not,
1379 the return code is 2 if the problem is that the original mes‐
1380 sage has no recipients, or 1 for any other error. This is
1381 the default -oex option if Exim is called as rmail.
1382
1383 -oem This is the same as -oee, except that Exim always exits with
1384 a non-zero return code, whether or not the error message was
1385 successfully sent. This is the default -oex option, unless
1386 Exim is called as rmail.
1387
1388 -oep If an error is detected while a non-SMTP message is being
1389 received, the error is reported by writing a message to the
1390 standard error file (stderr). The return code is 1 for all
1391 errors.
1392
1393 -oeq This option is supported for compatibility with Sendmail, but
1394 has the same effect as -oep.
1395
1396 -oew This option is supported for compatibility with Sendmail, but
1397 has the same effect as -oem.
1398
1399 -oi This option, which has the same effect as -i, specifies that
1400 a dot on a line by itself should not terminate an incoming,
1401 non-SMTP message. Otherwise, a single dot does terminate,
1402 though Exim does no special processing for other lines that
1403 start with a dot. This option is set by default if Exim is
1404 called as rmail. See also -ti.
1405
1406 -oitrue This option is treated as synonymous with -oi.
1407
1408 -oMa <host address>
1409 A number of options starting with -oM can be used to set val‐
1410 ues associated with remote hosts on locally-submitted mes‐
1411 sages (that is, messages not received over TCP/IP). These
1412 options can be used by any caller in conjunction with the
1413 -bh, -be, -bf, -bF, -bt, or -bv testing options. In other
1414 circumstances, they are ignored unless the caller is trusted.
1415
1416 The -oMa option sets the sender host address. This may
1417 include a port number at the end, after a full stop (period).
1418 For example:
1419
1420 exim -bs -oMa 10.9.8.7.1234
1421
1422 An alternative syntax is to enclose the IP address in square
1423 brackets, followed by a colon and the port number:
1424
1425 exim -bs -oMa [10.9.8.7]:1234
1426
1427 The IP address is placed in the $sender_host_address vari‐
1428 able, and the port, if present, in $sender_host_port. If both
1429 -oMa and -bh are present on the command line, the sender host
1430 IP address is taken from whichever one is last.
1431
1432 -oMaa <name>
1433 See -oMa above for general remarks about the -oM options. The
1434 -oMaa option sets the value of $sender_host_authenticated
1435 (the authenticator name). This option can be used with -bh
1436 and -bs to set up an authenticated SMTP session without actu‐
1437 ally using the SMTP AUTH command.
1438
1439 -oMai <string>
1440 See -oMa above for general remarks about the -oM options. The
1441 -oMai option sets the value of $authenticated_id (the id that
1442 was authenticated). This overrides the default value (the
1443 caller's login id, except with -bh, where there is no
1444 default) for messages from local sources.
1445
1446 -oMas <address>
1447 See -oMa above for general remarks about the -oM options. The
1448 -oMas option sets the authenticated sender value in $authen‐
1449 ticated_sender. It overrides the sender address that is cre‐
1450 ated from the caller's login id for messages from local
1451 sources, except when -bh is used, when there is no default.
1452 For both -bh and -bs, an authenticated sender that is speci‐
1453 fied on a MAIL command overrides this value.
1454
1455 -oMi <interface address>
1456 See -oMa above for general remarks about the -oM options. The
1457 -oMi option sets the IP interface address value. A port num‐
1458 ber may be included, using the same syntax as for -oMa. The
1459 interface address is placed in $received_ip_address and the
1460 port number, if present, in $received_port.
1461
1462 -oMm <message reference>
1463 See -oMa above for general remarks about the -oM options. The
1464 -oMm option sets the message reference, e.g. message-id, and
1465 is logged during delivery. This is useful when some kind of
1466 audit trail is required to tie messages together. The format
1467 of the message reference is checked and will abort if the
1468 format is invalid. The option will only be accepted if exim
1469 is running in trusted mode, not as any regular user.
1470
1471 The best example of a message reference is when Exim sends a
1472 bounce message. The message reference is the message-id of
1473 the original message for which Exim is sending the bounce.
1474
1475 -oMr <protocol name>
1476 See -oMa above for general remarks about the -oM options. The
1477 -oMr option sets the received protocol value that is stored
1478 in $received_protocol. However, it does not apply (and is
1479 ignored) when -bh or -bs is used. For -bh, the protocol is
1480 forced to one of the standard SMTP protocol names. For -bs,
1481 the protocol is always "local-" followed by one of those same
1482 names. For -bS (batched SMTP) however, the protocol can be
1483 set by -oMr. Repeated use of this option is not supported.
1484
1485 -oMs <host name>
1486 See -oMa above for general remarks about the -oM options. The
1487 -oMs option sets the sender host name in $sender_host_name.
1488 When this option is present, Exim does not attempt to look up
1489 a host name from an IP address; it uses the name it is given.
1490
1491 -oMt <ident string>
1492 See -oMa above for general remarks about the -oM options. The
1493 -oMt option sets the sender ident value in $sender_ident. The
1494 default setting for local callers is the login id of the
1495 calling process, except when -bh is used, when there is no
1496 default.
1497
1498 -om In Sendmail, this option means "me too", indicating that the
1499 sender of a message should receive a copy of the message if
1500 the sender appears in an alias expansion. Exim always does
1501 this, so the option does nothing.
1502
1503 -oo This option is ignored. In Sendmail it specifies "old style
1504 headers", whatever that means.
1505
1506 -oP <path>
1507 This option is useful only in conjunction with -bd or -q with
1508 a time value. The option specifies the file to which the
1509 process id of the daemon is written. When -oX is used with
1510 -bd, or when -q with a time is used without -bd, this is the
1511 only way of causing Exim to write a pid file, because in
1512 those cases, the normal pid file is not used.
1513
1514 -or <time>
1515 This option sets a timeout value for incoming non-SMTP mes‐
1516 sages. If it is not set, Exim will wait forever for the stan‐
1517 dard input. The value can also be set by the receive_timeout
1518 option.
1519
1520 -os <time>
1521 This option sets a timeout value for incoming SMTP messages.
1522 The timeout applies to each SMTP command and block of data.
1523 The value can also be set by the smtp_receive_timeout option;
1524 it defaults to 5 minutes.
1525
1526 -ov This option has exactly the same effect as -v.
1527
1528 -oX <number or string>
1529 This option is relevant only when the -bd (start listening
1530 daemon) option is also given. It controls which ports and
1531 interfaces the daemon uses. When -oX is used to start a dae‐
1532 mon, no pid file is written unless -oP is also present to
1533 specify a pid filename.
1534
1535 -pd This option applies when an embedded Perl interpreter is
1536 linked with Exim. It overrides the setting of the
1537 perl_at_start option, forcing the starting of the interpreter
1538 to be delayed until it is needed.
1539
1540 -ps This option applies when an embedded Perl interpreter is
1541 linked with Exim. It overrides the setting of the
1542 perl_at_start option, forcing the starting of the interpreter
1543 to occur as soon as Exim is started.
1544
1545 -p<rval>:<sval>
1546 For compatibility with Sendmail, this option is equivalent to
1547
1548 -oMr <rval> -oMs <sval>
1549
1550 It sets the incoming protocol and host name (for trusted
1551 callers). The host name and its colon can be omitted when
1552 only the protocol is to be set. Note the Exim already has
1553 two private options, -pd and -ps, that refer to embedded
1554 Perl. It is therefore impossible to set a protocol value of d
1555 or s using this option (but that does not seem a real limita‐
1556 tion). Repeated use of this option is not supported.
1557
1558 -q This option is normally restricted to admin users. However,
1559 there is a configuration option called prod_requires_admin
1560 which can be set false to relax this restriction (and also
1561 the same requirement for the -M, -R, and -S options).
1562
1563 If other commandline options do not specify an action, the -q
1564 option starts one queue runner process. This scans the queue
1565 of waiting messages, and runs a delivery process for each one
1566 in turn. It waits for each delivery process to finish before
1567 starting the next one. A delivery process may not actually do
1568 any deliveries if the retry times for the addresses have not
1569 been reached. Use -qf (see below) if you want to override
1570 this.
1571
1572 If the delivery process spawns other processes to deliver
1573 other messages down passed SMTP connections, the queue runner
1574 waits for these to finish before proceeding.
1575
1576 When all the queued messages have been considered, the origi‐
1577 nal queue runner process terminates. In other words, a single
1578 pass is made over the waiting mail, one message at a time.
1579 Use -q with a time (see below) if you want this to be
1580 repeated periodically.
1581
1582 Exim processes the waiting messages in an unpredictable
1583 order. It isn't very random, but it is likely to be different
1584 each time, which is all that matters. If one particular mes‐
1585 sage screws up a remote MTA, other messages to the same MTA
1586 have a chance of getting through if they get tried first.
1587
1588 It is possible to cause the messages to be processed in lexi‐
1589 cal message id order, which is essentially the order in which
1590 they arrived, by setting the queue_run_in_order option, but
1591 this is not recommended for normal use.
1592
1593 -q<qflags>
1594 The -q option may be followed by one or more flag letters
1595 that change its behaviour. They are all optional, but if more
1596 than one is present, they must appear in the correct order.
1597 Each flag is described in a separate item below.
1598
1599 -qq... An option starting with -qq requests a two-stage queue run.
1600 In the first stage, the queue is scanned as if the
1601 queue_smtp_domains option matched every domain. Addresses are
1602 routed, local deliveries happen, but no remote transports are
1603 run.
1604
1605 The hints database that remembers which messages are waiting
1606 for specific hosts is updated, as if delivery to those hosts
1607 had been deferred. After this is complete, a second, normal
1608 queue scan happens, with routing and delivery taking place as
1609 normal. Messages that are routed to the same host should
1610 mostly be delivered down a single SMTP connection because of
1611 the hints that were set up during the first queue scan. This
1612 option may be useful for hosts that are connected to the
1613 Internet intermittently.
1614
1615 -q[q]i... If the i flag is present, the queue runner runs delivery pro‐
1616 cesses only for those messages that haven't previously been
1617 tried. (i stands for "initial delivery".) This can be helpful
1618 if you are putting messages in the queue using -odq and want
1619 a queue runner just to process the new messages.
1620
1621 -q[q][i]f...
1622 If one f flag is present, a delivery attempt is forced for
1623 each non-frozen message, whereas without f only those
1624 non-frozen addresses that have passed their retry times are
1625 tried.
1626
1627 -q[q][i]ff...
1628 If ff is present, a delivery attempt is forced for every mes‐
1629 sage, whether frozen or not.
1630
1631 -q[q][i][f[f]]l
1632 The l (the letter "ell") flag specifies that only local
1633 deliveries are to be done. If a message requires any remote
1634 deliveries, it remains in the queue for later delivery.
1635
1636 -q[q][i][f[f]][l][G<name>[/<time>]]]
1637 If the G flag and a name is present, the queue runner oper‐
1638 ates on the queue with the given name rather than the default
1639 queue. The name should not contain a / character. For a
1640 periodic queue run (see below) append to the name a slash and
1641 a time value.
1642
1643 If other commandline options specify an action, a -qG<name>
1644 option will specify a queue to operate on. For example:
1645
1646 exim -bp -qGquarantine
1647 mailq -qGquarantine
1648 exim -qGoffpeak -Rf @special.domain.example
1649
1650 -q<qflags> <start id> <end id>
1651 When scanning the queue, Exim can be made to skip over mes‐
1652 sages whose ids are lexically less than a given value by fol‐
1653 lowing the -q option with a starting message id. For example:
1654
1655 exim -q 0t5C6f-0000c8-00
1656
1657 Messages that arrived earlier than 0t5C6f-0000c8-00 are not
1658 inspected. If a second message id is given, messages whose
1659 ids are lexically greater than it are also skipped. If the
1660 same id is given twice, for example,
1661
1662 exim -q 0t5C6f-0000c8-00 0t5C6f-0000c8-00
1663
1664 just one delivery process is started, for that message. This
1665 differs from -M in that retry data is respected, and it also
1666 differs from -Mc in that it counts as a delivery from a queue
1667 run. Note that the selection mechanism does not affect the
1668 order in which the messages are scanned. There are also other
1669 ways of selecting specific sets of messages for delivery in a
1670 queue run - see -R and -S.
1671
1672 -q<qflags><time>
1673 When a time value is present, the -q option causes Exim to
1674 run as a daemon, starting a queue runner process at intervals
1675 specified by the given time value. This form of the -q option
1676 is commonly combined with the -bd option, in which case a
1677 single daemon process handles both functions. A common way of
1678 starting up a combined daemon at system boot time is to use a
1679 command such as
1680
1681 /usr/exim/bin/exim -bd -q30m
1682
1683 Such a daemon listens for incoming SMTP calls, and also
1684 starts a queue runner process every 30 minutes.
1685
1686 When a daemon is started by -q with a time value, but without
1687 -bd, no pid file is written unless one is explicitly
1688 requested by the -oP option.
1689
1690 -qR<rsflags> <string>
1691 This option is synonymous with -R. It is provided for Send‐
1692 mail compatibility.
1693
1694 -qS<rsflags> <string>
1695 This option is synonymous with -S.
1696
1697 -R<rsflags> <string>
1698 The <rsflags> may be empty, in which case the white space
1699 before the string is optional, unless the string is f, ff, r,
1700 rf, or rff, which are the possible values for <rsflags>.
1701 White space is required if <rsflags> is not empty.
1702
1703 This option is similar to -q with no time value, that is, it
1704 causes Exim to perform a single queue run, except that, when
1705 scanning the messages on the queue, Exim processes only those
1706 that have at least one undelivered recipient address contain‐
1707 ing the given string, which is checked in a case-independent
1708 way. If the <rsflags> start with r, <string> is interpreted
1709 as a regular expression; otherwise it is a literal string.
1710
1711 If you want to do periodic queue runs for messages with spe‐
1712 cific recipients, you can combine -R with -q and a time
1713 value. For example:
1714
1715 exim -q25m -R @special.domain.example
1716
1717 This example does a queue run for messages with recipients in
1718 the given domain every 25 minutes. Any additional flags that
1719 are specified with -q are applied to each queue run.
1720
1721 Once a message is selected for delivery by this mechanism,
1722 all its addresses are processed. For the first selected mes‐
1723 sage, Exim overrides any retry information and forces a
1724 delivery attempt for each undelivered address. This means
1725 that if delivery of any address in the first message is suc‐
1726 cessful, any existing retry information is deleted, and so
1727 delivery attempts for that address in subsequently selected
1728 messages (which are processed without forcing) will run. How‐
1729 ever, if delivery of any address does not succeed, the retry
1730 information is updated, and in subsequently selected mes‐
1731 sages, the failing address will be skipped.
1732
1733 If the <rsflags> contain f or ff, the delivery forcing
1734 applies to all selected messages, not just the first; frozen
1735 messages are included when ff is present.
1736
1737 The -R option makes it straightforward to initiate delivery
1738 of all messages to a given domain after a host has been down
1739 for some time. When the SMTP command ETRN is accepted by its
1740 ACL, its default effect is to run Exim with the -R option,
1741 but it can be configured to run an arbitrary command instead.
1742
1743 -r This is a documented (for Sendmail) obsolete alternative name
1744 for -f.
1745
1746 -S<rsflags> <string>
1747 This option acts like -R except that it checks the string
1748 against each message's sender instead of against the recipi‐
1749 ents. If -R is also set, both conditions must be met for a
1750 message to be selected. If either of the options has f or ff
1751 in its flags, the associated action is taken.
1752
1753 -Tqt <times>
1754 This is an option that is exclusively for use by the Exim
1755 testing suite. It is not recognized when Exim is run nor‐
1756 mally. It allows for the setting up of explicit "queue times"
1757 so that various warning/retry features can be tested.
1758
1759 -t When Exim is receiving a locally-generated, non-SMTP message
1760 on its standard input, the -t option causes the recipients of
1761 the message to be obtained from the To:, Cc:, and Bcc: header
1762 lines in the message instead of from the command arguments.
1763 The addresses are extracted before any rewriting takes place
1764 and the Bcc: header line, if present, is then removed.
1765
1766 If the command has any arguments, they specify addresses to
1767 which the message is not to be delivered. That is, the argu‐
1768 ment addresses are removed from the recipients list obtained
1769 from the headers. This is compatible with Smail 3 and in
1770 accordance with the documented behaviour of several versions
1771 of Sendmail, as described in man pages on a number of operat‐
1772 ing systems (e.g. Solaris 8, IRIX 6.5, HP-UX 11). However,
1773 some versions of Sendmail add argument addresses to those
1774 obtained from the headers, and the O'Reilly Sendmail book
1775 documents it that way. Exim can be made to add argument
1776 addresses instead of subtracting them by setting the option
1777 extract_addresses_remove_arguments false.
1778
1779 If there are any Resent- header lines in the message, Exim
1780 extracts recipients from all Resent-To:, Resent-Cc:, and
1781 Resent-Bcc: header lines instead of from To:, Cc:, and Bcc:.
1782 This is for compatibility with Sendmail and other MTAs.
1783 (Prior to release 4.20, Exim gave an error if -t was used in
1784 conjunction with Resent- header lines.)
1785
1786 RFC 2822 talks about different sets of Resent- header lines
1787 (for when a message is resent several times). The RFC also
1788 specifies that they should be added at the front of the mes‐
1789 sage, and separated by Received: lines. It is not at all
1790 clear how -t should operate in the present of multiple sets,
1791 nor indeed exactly what constitutes a "set". In practice, it
1792 seems that MUAs do not follow the RFC. The Resent- lines are
1793 often added at the end of the header, and if a message is
1794 resent more than once, it is common for the original set of
1795 Resent- headers to be renamed as X-Resent- when a new set is
1796 added. This removes any possible ambiguity.
1797
1798 -ti This option is exactly equivalent to -t -i. It is provided
1799 for compatibility with Sendmail.
1800
1801 -tls-on-connect
1802 This option is available when Exim is compiled with TLS sup‐
1803 port. It forces all incoming SMTP connections to behave as if
1804 the incoming port is listed in the tls_on_connect_ports
1805 option.
1806
1807 -U Sendmail uses this option for "initial message submission",
1808 and its documentation states that in future releases, it may
1809 complain about syntactically invalid messages rather than
1810 fixing them when this flag is not set. Exim ignores this
1811 option.
1812
1813 -v This option causes Exim to write information to the standard
1814 error stream, describing what it is doing. In particular, it
1815 shows the log lines for receiving and delivering a message,
1816 and if an SMTP connection is made, the SMTP dialogue is
1817 shown. Some of the log lines shown may not actually be writ‐
1818 ten to the log if the setting of log_selector discards them.
1819 Any relevant selectors are shown with each log line. If none
1820 are shown, the logging is unconditional.
1821
1822 -x AIX uses -x for a private purpose ("mail from a local mail
1823 program has National Language Support extended characters in
1824 the body of the mail item"). It sets -x when calling the MTA
1825 from its mail command. Exim ignores this option.
1826
1827 -X <logfile>
1828 This option is interpreted by Sendmail to cause debug infor‐
1829 mation to be sent to the named file. It is ignored by Exim.
1830
1831 -z <log-line>
1832 This option writes its argument to Exim's logfile. Use is
1833 restricted to administrators; the intent is for operational
1834 notes. Quotes should be used to maintain a multi-word item
1835 as a single argument, under most shells.
1836
1837
1839
1840 The full Exim specification, the Exim book, and the Exim wiki.
1841
1842
1843
1844 EXIM(8)