1EXIM(8) System Manager's Manual EXIM(8)
2
6 exim - a Mail Transfer Agent
7
9 exim [options] arguments ...
10 mailq [options] arguments ...
11 rsmtp [options] arguments ...
12 rmail [options] arguments ...
13 runq [options] arguments ...
14 newaliases [options] arguments ...
15
17 Exim is a mail transfer agent (MTA) developed at the University of Cam‐
19 bridge. It is a large program with very many facilities. For a full
20 specification, see the reference manual. This man page contains only a
21 description of the command line options. It has been automatically gen‐
22 erated from the reference manual source, hopefully without too much
23 mangling.
24 Like other MTAs, Exim replaces Sendmail, and is normally called by user
26 agents (MUAs) using the path /usr/sbin/sendmail when they submit mes‐
27 sages for delivery (some operating systems use /usr/lib/sendmail). This
28 path is normally set up as a symbolic link to the Exim binary. It may
29 also be used by boot scripts to start the Exim daemon. Many of Exim's
30 command line options are compatible with Sendmail so that it can act as
31 a drop-in replacement.
32
34 If no options are present that require a specific action (such as
36 starting the daemon or a queue runner, testing an address, receiving a
37 message in a specific format, or listing the queue), and there are no
38 arguments on the command line, Exim outputs a brief message about
39 itself and exits.
40 However, if there is at least one command line argument, -bm (accept a
42 local message on the standard input, with the arguments specifying the
43 recipients) is assumed. Thus, for example, if Exim is installed in
44 /usr/sbin, you can send a message from the command line like this:
45 /usr/sbin/exim -i <recipient-address(es)>
47 <message content, including all the header lines>
48 CTRL-D
49 The -i option prevents a line containing just a dot from terminating
51 the message. Only an end-of-file (generated by typing CTRL-D if the
52 input is from a terminal) does so.
53
55 If an Exim binary is called using one of the names listed in this sec‐
57 tion (typically via a symbolic link), certain options are assumed.
58 mailq Behave as if the option -bp were present before any other
60 options. The -bp option requests a listing of the contents of
61 the mail queue on the standard output.
62 rsmtp Behaves as if the option -bS were present before any other
64 options, for compatibility with Smail. The -bS option is used
65 for reading in a number of messages in batched SMTP format.
66 rmail Behave as if the -i and -oee options were present before any
68 other options, for compatibility with Smail. The name rmail is
69 used as an interface by some UUCP systems. The -i option speci‐
70 fies that a dot on a line by itself does not terminate a
71 non-SMTP message; -oee requests that errors detected in non-SMTP
72 messages be reported by emailing the sender.
73 runq Behave as if the option -q were present before any other
75 options, for compatibility with Smail. The -q option causes a
76 single queue runner process to be started. It processes the
77 queue once, then exits.
78 newaliases
80 Behave as if the option -bi were present before any other
81 options, for compatibility with Sendmail. This option is used
82 for rebuilding Sendmail's alias file. Exim does not have the
83 concept of a single alias file, but can be configured to run a
84 specified command if called with the -bi option.
85
87 -- This is a pseudo-option whose only purpose is to terminate
89 the options and therefore to cause subsequent command line
90 items to be treated as arguments rather than options, even if
91 they begin with hyphens.
92 --help This option causes Exim to output a few sentences stating
94 what it is. The same output is generated if the Exim binary
95 is called with no options and no arguments.
96 --version This option is an alias for -bV and causes version informa‐
98 tion to be displayed.
99 -Ac -Am These options are used by Sendmail for selecting configu‐
101 ration files and are ignored by Exim.
102 -B<type> This is a Sendmail option for selecting 7 or 8 bit process‐
104 ing. Exim is 8-bit clean; it ignores this option.
105 -bd This option runs Exim as a daemon, awaiting incoming SMTP
107 connections. Usually the -bd option is combined with the
108 -q<time> option, to specify that the daemon should also ini‐
109 tiate periodic queue runs.
110 The -bd option can be used only by an admin user. If either
112 of the -d (debugging) or -v (verifying) options are set, the
113 daemon does not disconnect from the controlling terminal.
114 When running this way, it can be stopped by pressing ctrl-C.
115 By default, Exim listens for incoming connections to the
117 standard SMTP port on all the host's running interfaces. How‐
118 ever, it is possible to listen on other ports, on multiple
119 ports, and only on specific interfaces.
120 When a listening daemon is started without the use of -oX
122 (that is, without overriding the normal configuration), it
123 writes its process id to a file called exim-daemon.pid in
124 Exim's spool directory. This location can be overridden by
125 setting PID_FILE_PATH in Local/Makefile. The file is written
126 while Exim is still running as root.
127 When -oX is used on the command line to start a listening
129 daemon, the process id is not written to the normal pid file
130 path. However, -oP can be used to specify a path on the com‐
131 mand line if a pid file is required.
132 The SIGHUP signal can be used to cause the daemon to re-exe‐
134 cute itself. This should be done whenever Exim's configura‐
135 tion file, or any file that is incorporated into it by means
136 of the .include facility, is changed, and also whenever a new
137 version of Exim is installed. It is not necessary to do this
138 when other files that are referenced from the configuration
139 (for example, alias files) are changed, because these are
140 reread each time they are used.
141 -bdf This option has the same effect as -bd except that it never
143 disconnects from the controlling terminal, even when no
144 debugging is specified.
145 -be Run Exim in expansion testing mode. Exim discards its root
147 privilege, to prevent ordinary users from using this mode to
148 read otherwise inaccessible files. If no arguments are given,
149 Exim runs interactively, prompting for lines of data. Other‐
150 wise, it processes each argument in turn.
151 If Exim was built with USE_READLINE=yes in Local/Makefile, it
153 tries to load the libreadline library dynamically whenever
154 the -be option is used without command line arguments. If
155 successful, it uses the readline() function, which provides
156 extensive line-editing facilities, for reading the test data.
157 A line history is supported.
158 Long expansion expressions can be split over several lines by
160 using backslash continuations. As in Exim's runtime configu‐
161 ration, white space at the start of continuation lines is
162 ignored. Each argument or data line is passed through the
163 string expansion mechanism, and the result is output. Vari‐
164 able values from the configuration file (for example, $qual‐
165 ify_domain) are available, but no message-specific values
166 (such as $message_exim_id) are set, because no message is
167 being processed (but see -bem and -Mset).
168 Note: If you use this mechanism to test lookups, and you
170 change the data files or databases you are using, you must
171 exit and restart Exim before trying the same lookup again.
172 Otherwise, because each Exim process caches the results of
173 lookups, you will just get the same result as before.
174 Macro processing is done on lines before string-expansion:
176 new macros can be defined and macros will be expanded.
177 Because macros in the config file are often used for secrets,
178 those are only available to admin users.
179 -bem <filename>
181 This option operates like -be except that it must be followed
182 by the name of a file. For example:
183 exim -bem /tmp/testmessage
185 The file is read as a message (as if receiving a locally-sub‐
187 mitted non-SMTP message) before any of the test expansions
188 are done. Thus, message-specific variables such as $mes‐
189 sage_size and $header_from: are available. However, no
190 Received: header is added to the message. If the -t option is
191 set, recipients are read from the headers in the normal way,
192 and are shown in the $recipients variable. Note that recipi‐
193 ents cannot be given on the command line, because further
194 arguments are taken as strings to expand (just like -be).
195 -bF <filename>
197 This option is the same as -bf except that it assumes that
198 the filter being tested is a system filter. The additional
199 commands that are available only in system filters are recog‐
200 nized.
201 -bf <filename>
203 This option runs Exim in user filter testing mode; the file
204 is the filter file to be tested, and a test message must be
205 supplied on the standard input. If there are no mes‐
206 sage-dependent tests in the filter, an empty file can be sup‐
207 plied.
208 If you want to test a system filter file, use -bF instead of
210 -bf. You can use both -bF and -bf on the same command, in
211 order to test a system filter and a user filter in the same
212 run. For example:
213 exim -bF /system/filter -bf /user/filter </test/message
215 This is helpful when the system filter adds header lines or
217 sets filter variables that are used by the user filter.
218 If the test filter file does not begin with one of the spe‐
220 cial lines
221 # Exim filter
223 # Sieve filter
224 it is taken to be a normal .forward file, and is tested for
226 validity under that interpretation.
227 The result of an Exim command that uses -bf, provided no
229 errors are detected, is a list of the actions that Exim would
230 try to take if presented with the message for real. More
231 details of filter testing are given in the separate document
232 entitled Exim's interfaces to mail filtering.
233 When testing a filter file, the envelope sender can be set by
235 the -f option, or by a "From " line at the start of the test
236 message. Various parameters that would normally be taken from
237 the envelope recipient address of the message can be set by
238 means of additional command line options (see the next four
239 options).
240 -bfd <domain>
242 This sets the domain of the recipient address when a filter
243 file is being tested by means of the -bf option. The default
244 is the value of $qualify_domain.
245 -bfl <local part>
247 This sets the local part of the recipient address when a fil‐
248 ter file is being tested by means of the -bf option. The
249 default is the username of the process that calls Exim. A
250 local part should be specified with any prefix or suffix
251 stripped, because that is how it appears to the filter when a
252 message is actually being delivered.
253 -bfp <prefix>
255 This sets the prefix of the local part of the recipient
256 address when a filter file is being tested by means of the
257 -bf option. The default is an empty prefix.
258 -bfs <suffix>
260 This sets the suffix of the local part of the recipient
261 address when a filter file is being tested by means of the
262 -bf option. The default is an empty suffix.
263 -bh <IP address>
265 This option runs a fake SMTP session as if from the given IP
266 address, using the standard input and output. The IP address
267 may include a port number at the end, after a full stop. For
268 example:
269 exim -bh 10.9.8.7.1234
271 exim -bh fe80::a00:20ff:fe86:a061.5678
272 When an IPv6 address is given, it is converted into canonical
274 form. In the case of the second example above, the value of
275 $sender_host_address after conversion to the canonical form
276 is fe80:0000:0000:0a00:20ff:fe86:a061.5678.
277 Comments as to what is going on are written to the standard
279 error file. These include lines beginning with "LOG" for any‐
280 thing that would have been logged. This facility is provided
281 for testing configuration options for incoming messages, to
282 make sure they implement the required policy. For example,
283 you can test your relay controls using -bh.
284 Warning 1: You can test features of the configuration that
286 rely on ident (RFC 1413) information by using the -oMt
287 option. However, Exim cannot actually perform an ident call‐
288 out when testing using -bh because there is no incoming SMTP
289 connection.
290 Warning 2: Address verification callouts are also skipped
292 when testing using -bh. If you want these callouts to occur,
293 use -bhc instead.
294 Messages supplied during the testing session are discarded,
296 and nothing is written to any of the real log files. There
297 may be pauses when DNS (and other) lookups are taking place,
298 and of course these may time out. The -oMi option can be used
299 to specify a specific IP interface and port if this is impor‐
300 tant, and -oMaa and -oMai can be used to set parameters as if
301 the SMTP session were authenticated.
302 The exim_checkaccess utility is a "packaged" version of -bh
304 whose output just states whether a given recipient address
305 from a given host is acceptable or not.
306 Features such as authentication and encryption, where the
308 client input is not plain text, cannot easily be tested with
309 -bh. Instead, you should use a specialized SMTP test program
310 such as swaks.
311 -bhc <IP address>
313 This option operates in the same way as -bh, except that
314 address verification callouts are performed if required. This
315 includes consulting and updating the callout cache database.
316 -bi Sendmail interprets the -bi option as a request to rebuild
318 its alias file. Exim does not have the concept of a single
319 alias file, and so it cannot mimic this behaviour. However,
320 calls to /usr/lib/sendmail with the -bi option tend to appear
321 in various scripts such as NIS make files, so the option must
322 be recognized.
323 If -bi is encountered, the command specified by the bi_com‐
325 mand configuration option is run, under the uid and gid of
326 the caller of Exim. If the -oA option is used, its value is
327 passed to the command as an argument. The command set by
328 bi_command may not contain arguments. The command can use the
329 exim_dbmbuild utility, or some other means, to rebuild alias
330 files if this is required. If the bi_command option is not
331 set, calling Exim with -bi is a no-op.
332 -bI:help We shall provide various options starting -bI: for querying
334 Exim for information. The output of many of these will be
335 intended for machine consumption. This one is not. The
336 -bI:help option asks Exim for a synopsis of supported options
337 beginning -bI:. Use of any of these options shall cause Exim
338 to exit after producing the requested output.
339 -bI:dscp This option causes Exim to emit an alphabetically sorted list
341 of all recognised DSCP names.
342 -bI:sieve This option causes Exim to emit an alphabetically sorted list
344 of all supported Sieve protocol extensions on stdout, one per
345 line. This is anticipated to be useful for ManageSieve (RFC
346 5804) implementations, in providing that protocol's SIEVE
347 capability response line. As the precise list may depend
348 upon compile-time build options, which this option will adapt
349 to, this is the only way to guarantee a correct response.
350 -bm This option runs an Exim receiving process that accepts an
352 incoming, locally-generated message on the standard input.
353 The recipients are given as the command arguments (except
354 when -t is also present - see below). Each argument can be a
355 comma-separated list of RFC 2822 addresses. This is the
356 default option for selecting the overall action of an Exim
357 call; it is assumed if no other conflicting option is
358 present.
359 If any addresses in the message are unqualified (have no
361 domain), they are qualified by the values of the qual‐
362 ify_domain or qualify_recipient options, as appropriate. The
363 -bnq option (see below) provides a way of suppressing this
364 for special cases.
365 Policy checks on the contents of local messages can be
367 enforced by means of the non-SMTP ACL.
368 The return code is zero if the message is successfully
370 accepted. Otherwise, the action is controlled by the -oex
371 option setting - see below.
372 The format of the message must be as defined in RFC 2822,
374 except that, for compatibility with Sendmail and Smail, a
375 line in one of the forms
376 From sender Fri Jan 5 12:55 GMT 1997
378 From sender Fri, 5 Jan 97 12:55:01
379 (with the weekday optional, and possibly with additional text
381 after the date) is permitted to appear at the start of the
382 message. There appears to be no authoritative specification
383 of the format of this line. Exim recognizes it by matching
384 against the regular expression defined by the uucp_from_pat‐
385 tern option, which can be changed if necessary.
386 The specified sender is treated as if it were given as the
388 argument to the -f option, but if a -f option is also
389 present, its argument is used in preference to the address
390 taken from the message. The caller of Exim must be a trusted
391 user for the sender of a message to be set in this way.
392 -bmalware <filename>
394 This debugging option causes Exim to scan the given file or
395 directory (depending on the used scanner interface), using
396 the malware scanning framework. The option of av_scanner
397 influences this option, so if av_scanner's value is dependent
398 upon an expansion then the expansion should have defaults
399 which apply to this invocation. ACLs are not invoked, so if
400 av_scanner references an ACL variable then that variable will
401 never be populated and -bmalware will fail.
402 Exim will have changed working directory before resolving the
404 filename, so using fully qualified pathnames is advisable.
405 Exim will be running as the Exim user when it tries to open
406 the file, rather than as the invoking user. This option
407 requires admin privileges.
408 The -bmalware option will not be extended to be more gener‐
410 ally useful, there are better tools for file-scanning. This
411 option exists to help administrators verify their Exim and AV
412 scanner configuration.
413 -bnq By default, Exim automatically qualifies unqualified
415 addresses (those without domains) that appear in messages
416 that are submitted locally (that is, not over TCP/IP). This
417 qualification applies both to addresses in envelopes, and
418 addresses in header lines. Sender addresses are qualified
419 using qualify_domain, and recipient addresses using qual‐
420 ify_recipient (which defaults to the value of qual‐
421 ify_domain).
422 Sometimes, qualification is not wanted. For example, if -bS
424 (batch SMTP) is being used to re-submit messages that origi‐
425 nally came from remote hosts after content scanning, you
426 probably do not want to qualify unqualified addresses in
427 header lines. (Such lines will be present only if you have
428 not enabled a header syntax check in the appropriate ACL.)
429 The -bnq option suppresses all qualification of unqualified
431 addresses in messages that originate on the local host. When
432 this is used, unqualified addresses in the envelope provoke
433 errors (causing message rejection) and unqualified addresses
434 in header lines are left alone.
435 -bP If this option is given with no arguments, it causes the val‐
437 ues of all Exim's main configuration options to be written to
438 the standard output. The values of one or more specific
439 options can be requested by giving their names as arguments,
440 for example:
441 exim -bP qualify_domain hold_domains
443 However, any option setting that is preceded by the word
445 "hide" in the configuration file is not shown in full, except
446 to an admin user. For other users, the output is as in this
447 example:
448 mysql_servers = <value not displayable>
450 If config is given as an argument, the config is output, as
452 it was parsed, any include file resolved, any comment
453 removed.
454 If config_file is given as an argument, the name of the run‐
456 time configuration file is output. (configure_file works too,
457 for backward compatibility.) If a list of configuration
458 files was supplied, the value that is output here is the name
459 of the file that was actually used.
460 If the -n flag is given, then for most modes of -bP operation
462 the name will not be output.
463 If log_file_path or pid_file_path are given, the names of the
465 directories where log files and daemon pid files are written
466 are output, respectively. If these values are unset, log
467 files are written in a sub-directory of the spool directory
468 called log, and the pid file is written directly into the
469 spool directory.
470 If -bP is followed by a name preceded by +, for example,
472 exim -bP +local_domains
474 it searches for a matching named list of any type (domain,
476 host, address, or local part) and outputs what it finds.
477 If one of the words router, transport, or authenticator is
479 given, followed by the name of an appropriate driver
480 instance, the option settings for that driver are output. For
481 example:
482 exim -bP transport local_delivery
484 The generic driver options are output first, followed by the
486 driver's private options. A list of the names of drivers of a
487 particular type can be obtained by using one of the words
488 router_list, transport_list, or authenticator_list, and a
489 complete list of all drivers with their option settings can
490 be obtained by using routers, transports, or authenticators.
491 If environment is given as an argument, the set of environ‐
493 ment variables is output, line by line. Using the -n flag
494 suppresses the value of the variables.
495 If invoked by an admin user, then macro, macro_list and
497 macros are available, similarly to the drivers. Because
498 macros are sometimes used for storing passwords, this option
499 is restricted. The output format is one item per line. For
500 the "-bP macro <name>" form, if no such macro is found the
501 exit status will be nonzero.
502 -bp This option requests a listing of the contents of the mail
504 queue on the standard output. If the -bp option is followed
505 by a list of message ids, just those messages are listed. By
506 default, this option can be used only by an admin user. How‐
507 ever, the queue_list_requires_admin option can be set false
508 to allow any user to see the queue.
509 Each message in the queue is displayed as in the following
511 example:
512 25m 2.9K 0t5C6f-0000c8-00 <alice@wonderland.fict.example>
514 red.king@looking-glass.fict.example
515 <other addresses>
516 The first line contains the length of time the message has
518 been in the queue (in this case 25 minutes), the size of the
519 message (2.9K), the unique local identifier for the message,
520 and the message sender, as contained in the envelope. For
521 bounce messages, the sender address is empty, and appears as
522 "<>". If the message was submitted locally by an untrusted
523 user who overrode the default sender address, the user's
524 login name is shown in parentheses before the sender address.
525 If the message is frozen (attempts to deliver it are sus‐
527 pended) then the text "*** frozen ***" is displayed at the
528 end of this line.
529 The recipients of the message (taken from the envelope, not
531 the headers) are displayed on subsequent lines. Those
532 addresses to which the message has already been delivered are
533 marked with the letter D. If an original address gets
534 expanded into several addresses via an alias or forward file,
535 the original is displayed with a D only when deliveries for
536 all of its child addresses are complete.
537 -bpa This option operates like -bp, but in addition it shows
539 delivered addresses that were generated from the original top
540 level address(es) in each message by alias or forwarding
541 operations. These addresses are flagged with "+D" instead of
542 just "D".
543 -bpc This option counts the number of messages in the queue, and
545 writes the total to the standard output. It is restricted to
546 admin users, unless queue_list_requires_admin is set false.
547 -bpr This option operates like -bp, but the output is not sorted
549 into chronological order of message arrival. This can speed
550 it up when there are lots of messages in the queue, and is
551 particularly useful if the output is going to be post-pro‐
552 cessed in a way that doesn't need the sorting.
553 -bpra This option is a combination of -bpr and -bpa.
555 -bpru This option is a combination of -bpr and -bpu.
557 -bpu This option operates like -bp but shows only undelivered
559 top-level addresses for each message displayed. Addresses
560 generated by aliasing or forwarding are not shown, unless the
561 message was deferred after processing by a router with the
562 one_time option set.
563 -brt This option is for testing retry rules, and it must be fol‐
565 lowed by up to three arguments. It causes Exim to look for a
566 retry rule that matches the values and to write it to the
567 standard output. For example:
568 exim -brt bach.comp.mus.example
570 Retry rule: *.comp.mus.example F,2h,15m; F,4d,30m;
571 The first argument, which is required, can be a complete
573 address in the form local_part@domain, or it can be just a
574 domain name. If the second argument contains a dot, it is
575 interpreted as an optional second domain name; if no retry
576 rule is found for the first argument, the second is tried.
577 This ties in with Exim's behaviour when looking for retry
578 rules for remote hosts - if no rule is found that matches the
579 host, one that matches the mail domain is sought. Finally, an
580 argument that is the name of a specific delivery error, as
581 used in setting up retry rules, can be given. For example:
582 exim -brt haydn.comp.mus.example quota_3d
584 Retry rule: *@haydn.comp.mus.example quota_3d F,1h,15m
585 -brw This option is for testing address rewriting rules, and it
587 must be followed by a single argument, consisting of either a
588 local part without a domain, or a complete address with a
589 fully qualified domain. Exim outputs how this address would
590 be rewritten for each possible place it might appear.
591 -bS This option is used for batched SMTP input, which is an
593 alternative interface for non-interactive local message sub‐
594 mission. A number of messages can be submitted in a single
595 run. However, despite its name, this is not really SMTP
596 input. Exim reads each message's envelope from SMTP commands
597 on the standard input, but generates no responses. If the
598 caller is trusted, or untrusted_set_sender is set, the
599 senders in the SMTP MAIL commands are believed; otherwise the
600 sender is always the caller of Exim.
601 The message itself is read from the standard input, in SMTP
603 format (leading dots doubled), terminated by a line contain‐
604 ing just a single dot. An error is provoked if the terminat‐
605 ing dot is missing. A further message may then follow.
606 As for other local message submissions, the contents of
608 incoming batch SMTP messages can be checked using the
609 non-SMTP ACL. Unqualified addresses are automatically quali‐
610 fied using qualify_domain and qualify_recipient, as appropri‐
611 ate, unless the -bnq option is used.
612 Some other SMTP commands are recognized in the input. HELO
614 and EHLO act as RSET; VRFY, EXPN, ETRN, and HELP act as NOOP;
615 QUIT quits, ignoring the rest of the standard input.
616 If any error is encountered, reports are written to the stan‐
618 dard output and error streams, and Exim gives up immediately.
619 The return code is 0 if no error was detected; it is 1 if one
620 or more messages were accepted before the error was detected;
621 otherwise it is 2.
622 -bs This option causes Exim to accept one or more messages by
625 reading SMTP commands on the standard input, and producing
626 SMTP replies on the standard output. SMTP policy controls, as
627 defined in ACLs are applied. Some user agents use this
628 interface as a way of passing locally-generated messages to
629 the MTA.
630 In this usage, if the caller of Exim is trusted, or
632 untrusted_set_sender is set, the senders of messages are
633 taken from the SMTP MAIL commands. Otherwise the content of
634 these commands is ignored and the sender is set up as the
635 calling user. Unqualified addresses are automatically quali‐
636 fied using qualify_domain and qualify_recipient, as appropri‐
637 ate, unless the -bnq option is used.
638 The -bs option is also used to run Exim from inetd, as an
640 alternative to using a listening daemon. Exim can distinguish
641 the two cases by checking whether the standard input is a
642 TCP/IP socket. When Exim is called from inetd, the source of
643 the mail is assumed to be remote, and the comments above con‐
644 cerning senders and qualification do not apply. In this situ‐
645 ation, Exim behaves in exactly the same way as it does when
646 receiving a message via the listening daemon.
647 -bt This option runs Exim in address testing mode, in which each
649 argument is taken as a recipient address to be tested for
650 deliverability. The results are written to the standard out‐
651 put. If a test fails, and the caller is not an admin user, no
652 details of the failure are output, because these might con‐
653 tain sensitive information such as usernames and passwords
654 for database lookups.
655 If no arguments are given, Exim runs in an interactive man‐
657 ner, prompting with a right angle bracket for addresses to be
658 tested.
659 Unlike the -be test option, you cannot arrange for Exim to
661 use the readline() function, because it is running as root
662 and there are security issues.
663 Each address is handled as if it were the recipient address
665 of a message (compare the -bv option). It is passed to the
666 routers and the result is written to the standard output.
667 However, any router that has no_address_test set is bypassed.
668 This can make -bt easier to use for genuine routing tests if
669 your first router passes everything to a scanner program.
670 The return code is 2 if any address failed outright; it is 1
672 if no address failed outright but at least one could not be
673 resolved for some reason. Return code 0 is given only when
674 all addresses succeed.
675 Note: When actually delivering a message, Exim removes dupli‐
677 cate recipient addresses after routing is complete, so that
678 only one delivery takes place. This does not happen when
679 testing with -bt; the full results of routing are always
680 shown.
681 Warning: -bt can only do relatively simple testing. If any of
683 the routers in the configuration makes any tests on the
684 sender address of a message, you can use the -f option to set
685 an appropriate sender when running -bt tests. Without it, the
686 sender is assumed to be the calling user at the default qual‐
687 ifying domain. However, if you have set up (for example)
688 routers whose behaviour depends on the contents of an incom‐
689 ing message, you cannot test those conditions using -bt. The
690 -N option provides a possible way of doing such tests.
691 -bV This option causes Exim to write the current version number,
693 compilation number, and compilation date of the exim binary
694 to the standard output. It also lists the DBM library that
695 is being used, the optional modules (such as specific lookup
696 types), the drivers that are included in the binary, and the
697 name of the runtime configuration file that is in use.
698 As part of its operation, -bV causes Exim to read and syntax
700 check its configuration file. However, this is a static check
701 only. It cannot check values that are to be expanded. For
702 example, although a misspelt ACL verb is detected, an error
703 in the verb's arguments is not. You cannot rely on -bV alone
704 to discover (for example) all the typos in the configuration;
705 some realistic testing is needed. The -bh and -N options pro‐
706 vide more dynamic testing facilities.
707 -bv This option runs Exim in address verification mode, in which
709 each argument is taken as a recipient address to be verified
710 by the routers. (This does not involve any verification call‐
711 outs). During normal operation, verification happens mostly
712 as a consequence processing a verify condition in an ACL. If
713 you want to test an entire ACL, possibly including callouts,
714 see the -bh and -bhc options.
715 If verification fails, and the caller is not an admin user,
717 no details of the failure are output, because these might
718 contain sensitive information such as usernames and passwords
719 for database lookups.
720 If no arguments are given, Exim runs in an interactive man‐
722 ner, prompting with a right angle bracket for addresses to be
723 verified.
724 Unlike the -be test option, you cannot arrange for Exim to
726 use the readline() function, because it is running as exim
727 and there are security issues.
728 Verification differs from address testing (the -bt option) in
730 that routers that have no_verify set are skipped, and if the
731 address is accepted by a router that has fail_verify set,
732 verification fails. The address is verified as a recipient if
733 -bv is used; to test verification for a sender address, -bvs
734 should be used.
735 If the -v option is not set, the output consists of a single
737 line for each address, stating whether it was verified or
738 not, and giving a reason in the latter case. Without -v, gen‐
739 erating more than one address by redirection causes verifica‐
740 tion to end successfully, without considering the generated
741 addresses. However, if just one address is generated, pro‐
742 cessing continues, and the generated address must verify suc‐
743 cessfully for the overall verification to succeed.
744 When -v is set, more details are given of how the address has
746 been handled, and in the case of address redirection, all the
747 generated addresses are also considered. Verification may
748 succeed for some and fail for others.
749 The return code is 2 if any address failed outright; it is 1
751 if no address failed outright but at least one could not be
752 resolved for some reason. Return code 0 is given only when
753 all addresses succeed.
754 If any of the routers in the configuration makes any tests on
756 the sender address of a message, you should use the -f option
757 to set an appropriate sender when running -bv tests. Without
758 it, the sender is assumed to be the calling user at the
759 default qualifying domain.
760 -bvs This option acts like -bv, but verifies the address as a
762 sender rather than a recipient address. This affects any
763 rewriting and qualification that might happen.
764 -bw This option runs Exim as a daemon, awaiting incoming SMTP
766 connections, similarly to the -bd option. All port specifi‐
767 cations on the command-line and in the configuration file are
768 ignored. Queue-running may not be specified.
769 In this mode, Exim expects to be passed a socket as fd 0
771 (stdin) which is listening for connections. This permits the
772 system to start up and have inetd (or equivalent) listen on
773 the SMTP ports, starting an Exim daemon for each port only
774 when the first connection is received.
775 If the option is given as -bw<time> then the time is a time‐
777 out, after which the daemon will exit, which should cause
778 inetd to listen once more.
779 -C <filelist>
781 This option causes Exim to find the runtime configuration
782 file from the given list instead of from the list specified
783 by the CONFIGURE_FILE compile-time setting. Usually, the list
784 will consist of just a single filename, but it can be a
785 colon-separated list of names. In this case, the first file
786 that exists is used. Failure to open an existing file stops
787 Exim from proceeding any further along the list, and an error
788 is generated.
789 When this option is used by a caller other than root, and the
791 list is different from the compiled-in list, Exim gives up
792 its root privilege immediately, and runs with the real and
793 effective uid and gid set to those of the caller. However,
794 if a TRUSTED_CONFIG_LIST file is defined in Local/Makefile,
795 that file contains a list of full pathnames, one per line,
796 for configuration files which are trusted. Root privilege is
797 retained for any configuration file so listed, as long as the
798 caller is the Exim user (or the user specified in the CONFIG‐
799 URE_OWNER option, if any), and as long as the configuration
800 file is not writeable by inappropriate users or groups.
801 Leaving TRUSTED_CONFIG_LIST unset precludes the possibility
803 of testing a configuration using -C right through message
804 reception and delivery, even if the caller is root. The
805 reception works, but by that time, Exim is running as the
806 Exim user, so when it re-executes to regain privilege for the
807 delivery, the use of -C causes privilege to be lost. However,
808 root can test reception and delivery using two separate com‐
809 mands (one to put a message in the queue, using -odq, and
810 another to do the delivery, using -M).
811 If ALT_CONFIG_PREFIX is defined in Local/Makefile, it speci‐
813 fies a prefix string with which any file named in a -C com‐
814 mand line option must start. In addition, the filename must
815 not contain the sequence /../. However, if the value of the
816 -C option is identical to the value of CONFIGURE_FILE in
817 Local/Makefile, Exim ignores -C and proceeds as usual. There
818 is no default setting for ALT_CONFIG_PREFIX; when it is
819 unset, any filename can be used with -C.
820 ALT_CONFIG_PREFIX can be used to confine alternative configu‐
822 ration files to a directory to which only root has access.
823 This prevents someone who has broken into the Exim account
824 from running a privileged Exim with an arbitrary configura‐
825 tion file.
826 The -C facility is useful for ensuring that configuration
828 files are syntactically correct, but cannot be used for test
829 deliveries, unless the caller is privileged, or unless it is
830 an exotic configuration that does not require privilege. No
831 check is made on the owner or group of the files specified by
832 this option.
833 -D<macro>=<value>
835 This option can be used to override macro definitions in the
836 configuration file. However, like -C, if it is used by an
837 unprivileged caller, it causes Exim to give up its root priv‐
838 ilege. If DISABLE_D_OPTION is defined in Local/Makefile, the
839 use of -D is completely disabled, and its use causes an imme‐
840 diate error exit.
841 If WHITELIST_D_MACROS is defined in Local/Makefile then it
843 should be a colon-separated list of macros which are consid‐
844 ered safe and, if -D only supplies macros from this list, and
845 the values are acceptable, then Exim will not give up root
846 privilege if the caller is root, the Exim run-time user, or
847 the CONFIGURE_OWNER, if set. This is a transition mechanism
848 and is expected to be removed in the future. Acceptable val‐
849 ues for the macros satisfy the regexp: ^[A-Za-z0-9_/.-]*$
850 The entire option (including equals sign if present) must all
852 be within one command line item. -D can be used to set the
853 value of a macro to the empty string, in which case the
854 equals sign is optional. These two commands are synonymous:
855 exim -DABC ...
857 exim -DABC= ...
858 To include spaces in a macro definition item, quotes must be
860 used. If you use quotes, spaces are permitted around the
861 macro name and the equals sign. For example:
862 exim '-D ABC = something' ...
864 -D may be repeated up to 10 times on a command line. Only
866 macro names up to 22 letters long can be set.
867 -d<debug options>
869 This option causes debugging information to be written to the
870 standard error stream. It is restricted to admin users
871 because debugging output may show database queries that con‐
872 tain password information. Also, the details of users' filter
873 files should be protected. If a non-admin user uses -d, Exim
874 writes an error message to the standard error stream and
875 exits with a non-zero return code.
876 When -d is used, -v is assumed. If -d is given on its own, a
878 lot of standard debugging data is output. This can be
879 reduced, or increased to include some more rarely needed
880 information, by directly following -d with a string made up
881 of names preceded by plus or minus characters. These add or
882 remove sets of debugging data, respectively. For example,
883 -d+filter adds filter debugging, whereas -d-all+filter
884 selects only filter debugging. Note that no spaces are
885 allowed in the debug setting. The available debugging cate‐
886 gories are:
887 acl ACL interpretation
889 auth authenticators
890 deliver general delivery logic
891 dns DNS lookups (see also resolver)
892 dnsbl DNS black list (aka RBL) code
893 exec arguments for execv() calls
894 expand detailed debugging for string expansions
895 filter filter handling
896 hints_lookup hints data lookups
897 host_lookup all types of name-to-IP address handling
898 ident ident lookup
899 interface lists of local interfaces
900 lists matching things in lists
901 load system load checks
902 local_scan can be used by local_scan()
903 lookup general lookup code and all lookups
904 memory memory handling
905 noutf8 modifier: avoid UTF-8 line-drawing
906 pid modifier: add pid to debug output lines
907 process_info setting info for the process log
908 queue_run queue runs
909 receive general message reception logic
910 resolver turn on the DNS resolver's debugging output
911 retry retry handling
912 rewrite address rewriting
913 route address routing
914 timestamp modifier: add timestamp to debug output
915 lines
916 tls TLS logic
917 transport transports
918 uid changes of uid/gid and looking up uid/gid
919 verify address verification logic
920 all almost all of the above (see below), and
921 also -v
922 The all option excludes memory when used as +all, but
924 includes it for -all. The reason for this is that +all is
925 something that people tend to use when generating debug out‐
926 put for Exim maintainers. If +memory is included, an awful
927 lot of output that is very rarely of interest is generated,
928 so it now has to be explicitly requested. However, -all does
929 turn everything off.
930 The resolver option produces output only if the DNS resolver
932 was compiled with DEBUG enabled. This is not the case in some
933 operating systems. Also, unfortunately, debugging output from
934 the DNS resolver is written to stdout rather than stderr.
935 The default (-d with no argument) omits expand, filter,
937 interface, load, memory, pid, resolver, and timestamp. How‐
938 ever, the pid selector is forced when debugging is turned on
939 for a daemon, which then passes it on to any re-executed
940 Exims. Exim also automatically adds the pid to debug lines
941 when several remote deliveries are run in parallel.
942 The timestamp selector causes the current time to be inserted
944 at the start of all debug output lines. This can be useful
945 when trying to track down delays in processing.
946 The noutf8 selector disables the use of UTF-8 line-drawing
948 characters to group related information. When disabled.
949 ascii-art is used instead. Using the +all option does not
950 set this modifier,
951 If the debug_print option is set in any driver, it produces
953 output whenever any debugging is selected, or if -v is used.
954 -dd<debug options>
956 This option behaves exactly like -d except when used on a
957 command that starts a daemon process. In that case, debugging
958 is turned off for the subprocesses that the daemon creates.
959 Thus, it is useful for monitoring the behaviour of the daemon
960 without creating as much output as full debugging does.
961 -dropcr This is an obsolete option that is now a no-op. It used to
963 affect the way Exim handled CR and LF characters in incoming
964 messages.
965 -E This option specifies that an incoming message is a
967 locally-generated delivery failure report. It is used inter‐
968 nally by Exim when handling delivery failures and is not
969 intended for external use. Its only effect is to stop Exim
970 generating certain messages to the postmaster, as otherwise
971 message cascades could occur in some situations. As part of
972 the same option, a message id may follow the characters -E.
973 If it does, the log entry for the receipt of the new message
974 contains the id, following "R=", as a cross-reference.
975 -ex There are a number of Sendmail options starting with -oe
977 which seem to be called by various programs without the lead‐
978 ing o in the option. For example, the vacation program uses
979 -eq. Exim treats all options of the form -ex as synonymous
980 with the corresponding -oex options.
981 -F <string>
983 This option sets the sender's full name for use when a
984 locally-generated message is being accepted. In the absence
985 of this option, the user's gecos entry from the password data
986 is used. As users are generally permitted to alter their
987 gecos entries, no security considerations are involved. White
988 space between -F and the <string> is optional.
989 -f <address>
991 This option sets the address of the envelope sender of a
992 locally-generated message (also known as the return path).
993 The option can normally be used only by a trusted user, but
994 untrusted_set_sender can be set to allow untrusted users to
995 use it.
996 Processes running as root or the Exim user are always
998 trusted. Other trusted users are defined by the trusted_users
999 or trusted_groups options. In the absence of -f, or if the
1000 caller is not trusted, the sender of a local message is set
1001 to the caller's login name at the default qualify domain.
1002 There is one exception to the restriction on the use of -f:
1004 an empty sender can be specified by any user, trusted or not,
1005 to create a message that can never provoke a bounce. An empty
1006 sender can be specified either as an empty string, or as a
1007 pair of angle brackets with nothing between them, as in these
1008 examples of shell commands:
1009 exim -f '<>' user@domain
1011 exim -f "" user@domain
1012 In addition, the use of -f is not restricted when testing a
1014 filter file with -bf or when testing or verifying addresses
1015 using the -bt or -bv options.
1016 Allowing untrusted users to change the sender address does
1018 not of itself make it possible to send anonymous mail. Exim
1019 still checks that the From: header refers to the local user,
1020 and if it does not, it adds a Sender: header, though this can
1021 be overridden by setting no_local_from_check.
1022 White space between -f and the <address> is optional (that
1024 is, they can be given as two arguments or one combined argu‐
1025 ment). The sender of a locally-generated message can also be
1026 set (when permitted) by an initial "From " line in the mes‐
1027 sage - see the description of -bm above - but if -f is also
1028 present, it overrides "From ".
1029 -G This option is equivalent to an ACL applying:
1031 control = suppress_local_fixups
1033 for every message received. Note that Sendmail will complain
1035 about such bad formatting, where Exim silently just does not
1036 fix it up. This may change in future.
1037 As this affects audit information, the caller must be a
1039 trusted user to use this option.
1040 -h <number>
1042 This option is accepted for compatibility with Sendmail, but
1043 has no effect. (In Sendmail it overrides the "hop count"
1044 obtained by counting Received: headers.)
1045 -i This option, which has the same effect as -oi, specifies that
1047 a dot on a line by itself should not terminate an incoming,
1048 non-SMTP message. I can find no documentation for this option
1049 in Solaris 2.4 Sendmail, but the mailx command in Solaris 2.4
1050 uses it. See also -ti.
1051 -L <tag> This option is equivalent to setting syslog_processname in
1053 the config file and setting log_file_path to syslog. Its use
1054 is restricted to administrators. The configuration file has
1055 to be read and parsed, to determine access rights, before
1056 this is set and takes effect, so early configuration file
1057 errors will not honour this flag.
1058 The tag should not be longer than 32 characters.
1060 -M <message id> <message id> ...
1062 This option requests Exim to run a delivery attempt on each
1063 message in turn. If any of the messages are frozen, they are
1064 automatically thawed before the delivery attempt. The set‐
1065 tings of queue_domains, queue_smtp_domains, and hold_domains
1066 are ignored.
1067 Retry hints for any of the addresses are overridden - Exim
1069 tries to deliver even if the normal retry time has not yet
1070 been reached. This option requires the caller to be an admin
1071 user. However, there is an option called prod_requires_admin
1072 which can be set false to relax this restriction (and also
1073 the same requirement for the -q, -R, and -S options).
1074 The deliveries happen synchronously, that is, the original
1076 Exim process does not terminate until all the delivery
1077 attempts have finished. No output is produced unless there is
1078 a serious error. If you want to see what is happening, use
1079 the -v option as well, or inspect Exim's main log.
1080 -Mar <message id> <address> <address> ...
1082 This option requests Exim to add the addresses to the list of
1083 recipients of the message ("ar" for "add recipients"). The
1084 first argument must be a message id, and the remaining ones
1085 must be email addresses. However, if the message is active
1086 (in the middle of a delivery attempt), it is not altered.
1087 This option can be used only by an admin user.
1088 -MC <transport> <hostname> <sequence number> <message id>
1090 This option is not intended for use by external callers. It
1091 is used internally by Exim to invoke another instance of
1092 itself to deliver a waiting message using an existing SMTP
1093 connection, which is passed as the standard input. This must
1094 be the final option, and the caller must be root or the Exim
1095 user in order to use it.
1096 -MCA This option is not intended for use by external callers. It
1098 is used internally by Exim in conjunction with the -MC
1099 option. It signifies that the connection to the remote host
1100 has been authenticated.
1101 -MCD This option is not intended for use by external callers. It
1103 is used internally by Exim in conjunction with the -MC
1104 option. It signifies that the remote host supports the ESMTP
1105 DSN extension.
1106 -MCd This option is not intended for use by external callers. It
1108 is used internally by Exim in conjunction with the -d option
1109 to pass on an information string on the purpose of the
1110 process.
1111 -MCG <queue name>
1113 This option is not intended for use by external callers. It
1114 is used internally by Exim in conjunction with the -MC
1115 option. It signifies that an alternate queue is used, named
1116 by the following argument.
1117 -MCK This option is not intended for use by external callers. It
1119 is used internally by Exim in conjunction with the -MC
1120 option. It signifies that a remote host supports the ESMTP
1121 CHUNKING extension.
1122 -MCP This option is not intended for use by external callers. It
1124 is used internally by Exim in conjunction with the -MC
1125 option. It signifies that the server to which Exim is con‐
1126 nected supports pipelining.
1127 -MCQ <process id> <pipe fd>
1129 This option is not intended for use by external callers. It
1130 is used internally by Exim in conjunction with the -MC option
1131 when the original delivery was started by a queue runner. It
1132 passes on the process id of the queue runner, together with
1133 the file descriptor number of an open pipe. Closure of the
1134 pipe signals the final completion of the sequence of pro‐
1135 cesses that are passing messages through the same SMTP con‐
1136 nection.
1137 -MCS This option is not intended for use by external callers. It
1139 is used internally by Exim in conjunction with the -MC
1140 option, and passes on the fact that the ESMTP SIZE option
1141 should be used on messages delivered down the existing con‐
1142 nection.
1143 -MCT This option is not intended for use by external callers. It
1145 is used internally by Exim in conjunction with the -MC
1146 option, and passes on the fact that the host to which Exim is
1147 connected supports TLS encryption.
1148 -MCt <IP address> <port> <cipher>
1150 This option is not intended for use by external callers. It
1151 is used internally by Exim in conjunction with the -MC
1152 option, and passes on the fact that the connection is being
1153 proxied by a parent process for handling TLS encryption. The
1154 arguments give the local address and port being proxied, and
1155 the TLS cipher.
1156 -Mc <message id> <message id> ...
1158 This option requests Exim to run a delivery attempt on each
1159 message, in turn, but unlike the -M option, it does check for
1160 retry hints, and respects any that are found. This option is
1161 not very useful to external callers. It is provided mainly
1162 for internal use by Exim when it needs to re-invoke itself in
1163 order to regain root privilege for a delivery. However, -Mc
1164 can be useful when testing, in order to run a delivery that
1165 respects retry times and other options such as hold_domains
1166 that are overridden when -M is used. Such a delivery does not
1167 count as a queue run. If you want to run a specific delivery
1168 as if in a queue run, you should use -q with a message id
1169 argument. A distinction between queue run deliveries and
1170 other deliveries is made in one or two places.
1171 -Mes <message id> <address>
1173 This option requests Exim to change the sender address in the
1174 message to the given address, which must be a fully qualified
1175 address or "<>" ("es" for "edit sender"). There must be
1176 exactly two arguments. The first argument must be a message
1177 id, and the second one an email address. However, if the mes‐
1178 sage is active (in the middle of a delivery attempt), its
1179 status is not altered. This option can be used only by an
1180 admin user.
1181 -Mf <message id> <message id> ...
1183 This option requests Exim to mark each listed message as
1184 "frozen". This prevents any delivery attempts taking place
1185 until the message is "thawed", either manually or as a result
1186 of the auto_thaw configuration option. However, if any of
1187 the messages are active (in the middle of a delivery
1188 attempt), their status is not altered. This option can be
1189 used only by an admin user.
1190 -Mg <message id> <message id> ...
1192 This option requests Exim to give up trying to deliver the
1193 listed messages, including any that are frozen. However, if
1194 any of the messages are active, their status is not altered.
1195 For non-bounce messages, a delivery error message is sent to
1196 the sender, containing the text "cancelled by administrator".
1197 Bounce messages are just discarded. This option can be used
1198 only by an admin user.
1199 -MG <queue name> <message id> <message id> ...
1201 This option requests that each listed message be moved from
1202 its current queue to the given named queue. The destination
1203 queue name argument is required, but can be an empty string
1204 to define the default queue. If the messages are not cur‐
1205 rently located in the default queue, a -qG<name> option will
1206 be required to define the source queue.
1207 -Mmad <message id> <message id> ...
1209 This option requests Exim to mark all the recipient addresses
1210 in the messages as already delivered ("mad" for "mark all
1211 delivered"). However, if any message is active (in the middle
1212 of a delivery attempt), its status is not altered. This
1213 option can be used only by an admin user.
1214 -Mmd <message id> <address> <address> ...
1216 This option requests Exim to mark the given addresses as
1217 already delivered ("md" for "mark delivered"). The first
1218 argument must be a message id, and the remaining ones must be
1219 email addresses. These are matched to recipient addresses in
1220 the message in a case-sensitive manner. If the message is
1221 active (in the middle of a delivery attempt), its status is
1222 not altered. This option can be used only by an admin user.
1223 -Mrm <message id> <message id> ...
1225 This option requests Exim to remove the given messages from
1226 the queue. No bounce messages are sent; each message is sim‐
1227 ply forgotten. However, if any of the messages are active,
1228 their status is not altered. This option can be used only by
1229 an admin user or by the user who originally caused the mes‐
1230 sage to be placed in the queue.
1231 -Mset <message id>
1233 This option is useful only in conjunction with -be (that is,
1234 when testing string expansions). Exim loads the given message
1235 from its spool before doing the test expansions, thus setting
1236 message-specific variables such as $message_size and the
1237 header variables. The $recipients variable is made available.
1238 This feature is provided to make it easier to test expansions
1239 that make use of these variables. However, this option can be
1240 used only by an admin user. See also -bem.
1241 -Mt <message id> <message id> ...
1243 This option requests Exim to "thaw" any of the listed mes‐
1244 sages that are "frozen", so that delivery attempts can
1245 resume. However, if any of the messages are active, their
1246 status is not altered. This option can be used only by an
1247 admin user.
1248 -Mvb <message id>
1250 This option causes the contents of the message body (-D)
1251 spool file to be written to the standard output. This option
1252 can be used only by an admin user.
1253 -Mvc <message id>
1255 This option causes a copy of the complete message (header
1256 lines plus body) to be written to the standard output in RFC
1257 2822 format. This option can be used only by an admin user.
1258 -Mvh <message id>
1260 This option causes the contents of the message headers (-H)
1261 spool file to be written to the standard output. This option
1262 can be used only by an admin user.
1263 -Mvl <message id>
1265 This option causes the contents of the message log spool file
1266 to be written to the standard output. This option can be used
1267 only by an admin user.
1268 -m This is apparently a synonym for -om that is accepted by
1270 Sendmail, so Exim treats it that way too.
1271 -N This is a debugging option that inhibits delivery of a mes‐
1273 sage at the transport level. It implies -v. Exim goes through
1274 many of the motions of delivery - it just doesn't actually
1275 transport the message, but instead behaves as if it had suc‐
1276 cessfully done so. However, it does not make any updates to
1277 the retry database, and the log entries for deliveries are
1278 flagged with "*>" rather than "=>".
1279 Because -N discards any message to which it applies, only
1281 root or the Exim user are allowed to use it with -bd, -q, -R
1282 or -M. In other words, an ordinary user can use it only when
1283 supplying an incoming message to which it will apply.
1284 Although transportation never fails when -N is set, an
1285 address may be deferred because of a configuration problem on
1286 a transport, or a routing problem. Once -N has been used for
1287 a delivery attempt, it sticks to the message, and applies to
1288 any subsequent delivery attempts that may happen for that
1289 message.
1290 -n This option is interpreted by Sendmail to mean "no aliasing".
1292 For normal modes of operation, it is ignored by Exim. When
1293 combined with -bP it makes the output more terse (suppresses
1294 option names, environment values and config pretty printing).
1295 -O <data> This option is interpreted by Sendmail to mean set option. It
1297 is ignored by Exim.
1298 -oA <file name>
1300 This option is used by Sendmail in conjunction with -bi to
1301 specify an alternative alias filename. Exim handles -bi dif‐
1302 ferently; see the description above.
1303 -oB <n> This is a debugging option which limits the maximum number of
1305 messages that can be delivered down one SMTP connection,
1306 overriding the value set in any smtp transport. If <n> is
1307 omitted, the limit is set to 1.
1308 -odb This option applies to all modes in which Exim accepts incom‐
1310 ing messages, including the listening daemon. It requests
1311 "background" delivery of such messages, which means that the
1312 accepting process automatically starts a delivery process for
1313 each message received, but does not wait for the delivery
1314 processes to finish.
1315 When all the messages have been received, the reception
1317 process exits, leaving the delivery processes to finish in
1318 their own time. The standard output and error streams are
1319 closed at the start of each delivery process. This is the
1320 default action if none of the -od options are present.
1321 If one of the queueing options in the configuration file
1323 (queue_only or queue_only_file, for example) is in effect,
1324 -odb overrides it if queue_only_override is set true, which
1325 is the default setting. If queue_only_override is set false,
1326 -odb has no effect.
1327 -odf This option requests "foreground" (synchronous) delivery when
1329 Exim has accepted a locally-generated message. (For the dae‐
1330 mon it is exactly the same as -odb.) A delivery process is
1331 automatically started to deliver the message, and Exim waits
1332 for it to complete before proceeding.
1333 The original Exim reception process does not finish until the
1335 delivery process for the final message has ended. The stan‐
1336 dard error stream is left open during deliveries.
1337 However, like -odb, this option has no effect if
1339 queue_only_override is false and one of the queueing options
1340 in the configuration file is in effect.
1341 If there is a temporary delivery error during foreground
1343 delivery, the message is left in the queue for later deliv‐
1344 ery, and the original reception process exits.
1345 -odi This option is synonymous with -odf. It is provided for com‐
1347 patibility with Sendmail.
1348 -odq This option applies to all modes in which Exim accepts incom‐
1350 ing messages, including the listening daemon. It specifies
1351 that the accepting process should not automatically start a
1352 delivery process for each message received. Messages are
1353 placed in the queue, and remain there until a subsequent
1354 queue runner process encounters them. There are several con‐
1355 figuration options (such as queue_only) that can be used to
1356 queue incoming messages under certain conditions. This option
1357 overrides all of them and also -odqs. It always forces queue‐
1358 ing.
1359 -odqs This option is a hybrid between -odb/-odi and -odq. However,
1361 like -odb and -odi, this option has no effect if
1362 queue_only_override is false and one of the queueing options
1363 in the configuration file is in effect.
1364 When -odqs does operate, a delivery process is started for
1366 each incoming message, in the background by default, but in
1367 the foreground if -odi is also present. The recipient
1368 addresses are routed, and local deliveries are done in the
1369 normal way. However, if any SMTP deliveries are required,
1370 they are not done at this time, so the message remains in the
1371 queue until a subsequent queue runner process encounters it.
1372 Because routing was done, Exim knows which messages are wait‐
1373 ing for which hosts, and so a number of messages for the same
1374 host can be sent in a single SMTP connection. The
1375 queue_smtp_domains configuration option has the same effect
1376 for specific domains. See also the -qq option.
1377 -oee If an error is detected while a non-SMTP message is being
1379 received (for example, a malformed address), the error is
1380 reported to the sender in a mail message.
1381 Provided this error message is successfully sent, the Exim
1383 receiving process exits with a return code of zero. If not,
1384 the return code is 2 if the problem is that the original mes‐
1385 sage has no recipients, or 1 for any other error. This is
1386 the default -oex option if Exim is called as rmail.
1387 -oem This is the same as -oee, except that Exim always exits with
1389 a non-zero return code, whether or not the error message was
1390 successfully sent. This is the default -oex option, unless
1391 Exim is called as rmail.
1392 -oep If an error is detected while a non-SMTP message is being
1394 received, the error is reported by writing a message to the
1395 standard error file (stderr). The return code is 1 for all
1396 errors.
1397 -oeq This option is supported for compatibility with Sendmail, but
1399 has the same effect as -oep.
1400 -oew This option is supported for compatibility with Sendmail, but
1402 has the same effect as -oem.
1403 -oi This option, which has the same effect as -i, specifies that
1405 a dot on a line by itself should not terminate an incoming,
1406 non-SMTP message. Otherwise, a single dot does terminate,
1407 though Exim does no special processing for other lines that
1408 start with a dot. This option is set by default if Exim is
1409 called as rmail. See also -ti.
1410 -oitrue This option is treated as synonymous with -oi.
1412 -oMa <host address>
1414 A number of options starting with -oM can be used to set val‐
1415 ues associated with remote hosts on locally-submitted mes‐
1416 sages (that is, messages not received over TCP/IP). These
1417 options can be used by any caller in conjunction with the
1418 -bh, -be, -bf, -bF, -bt, or -bv testing options. In other
1419 circumstances, they are ignored unless the caller is trusted.
1420 The -oMa option sets the sender host address. This may
1422 include a port number at the end, after a full stop (period).
1423 For example:
1424 exim -bs -oMa 10.9.8.7.1234
1426 An alternative syntax is to enclose the IP address in square
1428 brackets, followed by a colon and the port number:
1429 exim -bs -oMa [10.9.8.7]:1234
1431 The IP address is placed in the $sender_host_address vari‐
1433 able, and the port, if present, in $sender_host_port. If both
1434 -oMa and -bh are present on the command line, the sender host
1435 IP address is taken from whichever one is last.
1436 -oMaa <name>
1438 See -oMa above for general remarks about the -oM options. The
1439 -oMaa option sets the value of $sender_host_authenticated
1440 (the authenticator name). This option can be used with -bh
1441 and -bs to set up an authenticated SMTP session without actu‐
1442 ally using the SMTP AUTH command.
1443 -oMai <string>
1445 See -oMa above for general remarks about the -oM options. The
1446 -oMai option sets the value of $authenticated_id (the id that
1447 was authenticated). This overrides the default value (the
1448 caller's login id, except with -bh, where there is no
1449 default) for messages from local sources.
1450 -oMas <address>
1452 See -oMa above for general remarks about the -oM options. The
1453 -oMas option sets the authenticated sender value in $authen‐
1454 ticated_sender. It overrides the sender address that is cre‐
1455 ated from the caller's login id for messages from local
1456 sources, except when -bh is used, when there is no default.
1457 For both -bh and -bs, an authenticated sender that is speci‐
1458 fied on a MAIL command overrides this value.
1459 -oMi <interface address>
1461 See -oMa above for general remarks about the -oM options. The
1462 -oMi option sets the IP interface address value. A port num‐
1463 ber may be included, using the same syntax as for -oMa. The
1464 interface address is placed in $received_ip_address and the
1465 port number, if present, in $received_port.
1466 -oMm <message reference>
1468 See -oMa above for general remarks about the -oM options. The
1469 -oMm option sets the message reference, e.g. message-id, and
1470 is logged during delivery. This is useful when some kind of
1471 audit trail is required to tie messages together. The format
1472 of the message reference is checked and will abort if the
1473 format is invalid. The option will only be accepted if exim
1474 is running in trusted mode, not as any regular user.
1475 The best example of a message reference is when Exim sends a
1477 bounce message. The message reference is the message-id of
1478 the original message for which Exim is sending the bounce.
1479 -oMr <protocol name>
1481 See -oMa above for general remarks about the -oM options. The
1482 -oMr option sets the received protocol value that is stored
1483 in $received_protocol. However, it does not apply (and is
1484 ignored) when -bh or -bs is used. For -bh, the protocol is
1485 forced to one of the standard SMTP protocol names. For -bs,
1486 the protocol is always "local-" followed by one of those same
1487 names. For -bS (batched SMTP) however, the protocol can be
1488 set by -oMr. Repeated use of this option is not supported.
1489 -oMs <host name>
1491 See -oMa above for general remarks about the -oM options. The
1492 -oMs option sets the sender host name in $sender_host_name.
1493 When this option is present, Exim does not attempt to look up
1494 a host name from an IP address; it uses the name it is given.
1495 -oMt <ident string>
1497 See -oMa above for general remarks about the -oM options. The
1498 -oMt option sets the sender ident value in $sender_ident. The
1499 default setting for local callers is the login id of the
1500 calling process, except when -bh is used, when there is no
1501 default.
1502 -om In Sendmail, this option means "me too", indicating that the
1504 sender of a message should receive a copy of the message if
1505 the sender appears in an alias expansion. Exim always does
1506 this, so the option does nothing.
1507 -oo This option is ignored. In Sendmail it specifies "old style
1509 headers", whatever that means.
1510 -oP <path>
1512 This option is useful only in conjunction with -bd or -q with
1513 a time value. The option specifies the file to which the
1514 process id of the daemon is written. When -oX is used with
1515 -bd, or when -q with a time is used without -bd, this is the
1516 only way of causing Exim to write a pid file, because in
1517 those cases, the normal pid file is not used.
1518 -oPX This option is not intended for general use. The daemon uses
1520 it when terminating due to a SIGTEM, possibly in combination
1521 with -oP <path>. It causes the pid file to be removed.
1522 -or <time>
1524 This option sets a timeout value for incoming non-SMTP mes‐
1525 sages. If it is not set, Exim will wait forever for the stan‐
1526 dard input. The value can also be set by the receive_timeout
1527 option.
1528 -os <time>
1530 This option sets a timeout value for incoming SMTP messages.
1531 The timeout applies to each SMTP command and block of data.
1532 The value can also be set by the smtp_receive_timeout option;
1533 it defaults to 5 minutes.
1534 -ov This option has exactly the same effect as -v.
1536 -oX <number or string>
1538 This option is relevant only when the -bd (start listening
1539 daemon) option is also given. It controls which ports and
1540 interfaces the daemon uses. When -oX is used to start a dae‐
1541 mon, no pid file is written unless -oP is also present to
1542 specify a pid filename.
1543 -pd This option applies when an embedded Perl interpreter is
1545 linked with Exim. It overrides the setting of the
1546 perl_at_start option, forcing the starting of the interpreter
1547 to be delayed until it is needed.
1548 -ps This option applies when an embedded Perl interpreter is
1550 linked with Exim. It overrides the setting of the
1551 perl_at_start option, forcing the starting of the interpreter
1552 to occur as soon as Exim is started.
1553 -p<rval>:<sval>
1555 For compatibility with Sendmail, this option is equivalent to
1556 -oMr <rval> -oMs <sval>
1558 It sets the incoming protocol and host name (for trusted
1560 callers). The host name and its colon can be omitted when
1561 only the protocol is to be set. Note the Exim already has
1562 two private options, -pd and -ps, that refer to embedded
1563 Perl. It is therefore impossible to set a protocol value of d
1564 or s using this option (but that does not seem a real limita‐
1565 tion). Repeated use of this option is not supported.
1566 -q This option is normally restricted to admin users. However,
1568 there is a configuration option called prod_requires_admin
1569 which can be set false to relax this restriction (and also
1570 the same requirement for the -M, -R, and -S options).
1571 If other commandline options do not specify an action, the -q
1573 option starts one queue runner process. This scans the queue
1574 of waiting messages, and runs a delivery process for each one
1575 in turn. It waits for each delivery process to finish before
1576 starting the next one. A delivery process may not actually do
1577 any deliveries if the retry times for the addresses have not
1578 been reached. Use -qf (see below) if you want to override
1579 this.
1580 If the delivery process spawns other processes to deliver
1582 other messages down passed SMTP connections, the queue runner
1583 waits for these to finish before proceeding.
1584 When all the queued messages have been considered, the origi‐
1586 nal queue runner process terminates. In other words, a single
1587 pass is made over the waiting mail, one message at a time.
1588 Use -q with a time (see below) if you want this to be
1589 repeated periodically.
1590 Exim processes the waiting messages in an unpredictable
1592 order. It isn't very random, but it is likely to be different
1593 each time, which is all that matters. If one particular mes‐
1594 sage screws up a remote MTA, other messages to the same MTA
1595 have a chance of getting through if they get tried first.
1596 It is possible to cause the messages to be processed in lexi‐
1598 cal message id order, which is essentially the order in which
1599 they arrived, by setting the queue_run_in_order option, but
1600 this is not recommended for normal use.
1601 -q<qflags>
1603 The -q option may be followed by one or more flag letters
1604 that change its behaviour. They are all optional, but if more
1605 than one is present, they must appear in the correct order.
1606 Each flag is described in a separate item below.
1607 -qq... An option starting with -qq requests a two-stage queue run.
1609 In the first stage, the queue is scanned as if the
1610 queue_smtp_domains option matched every domain. Addresses are
1611 routed, local deliveries happen, but no remote transports are
1612 run. Performance will be best if the queue_run_in_order
1613 option is false.
1614 The hints database that remembers which messages are waiting
1616 for specific hosts is updated, as if delivery to those hosts
1617 had been deferred. After this is complete, a second, normal
1618 queue scan happens, with routing and delivery taking place as
1619 normal. Messages that are routed to the same host should
1620 mostly be delivered down a single SMTP connection because of
1621 the hints that were set up during the first queue scan. This
1622 option may be useful for hosts that are connected to the
1623 Internet intermittently.
1624 -q[q]i... If the i flag is present, the queue runner runs delivery pro‐
1626 cesses only for those messages that haven't previously been
1627 tried. (i stands for "initial delivery".) This can be helpful
1628 if you are putting messages in the queue using -odq and want
1629 a queue runner just to process the new messages.
1630 -q[q][i]f...
1632 If one f flag is present, a delivery attempt is forced for
1633 each non-frozen message, whereas without f only those
1634 non-frozen addresses that have passed their retry times are
1635 tried.
1636 -q[q][i]ff...
1638 If ff is present, a delivery attempt is forced for every mes‐
1639 sage, whether frozen or not.
1640 -q[q][i][f[f]]l
1642 The l (the letter "ell") flag specifies that only local
1643 deliveries are to be done. If a message requires any remote
1644 deliveries, it remains in the queue for later delivery.
1645 -q[q][i][f[f]][l][G<name>[/<time>]]]
1647 If the G flag and a name is present, the queue runner oper‐
1648 ates on the queue with the given name rather than the default
1649 queue. The name should not contain a / character. For a
1650 periodic queue run (see below) append to the name a slash and
1651 a time value.
1652 If other commandline options specify an action, a -qG<name>
1654 option will specify a queue to operate on. For example:
1655 exim -bp -qGquarantine
1657 mailq -qGquarantine
1658 exim -qGoffpeak -Rf @special.domain.example
1659 -q<qflags> <start id> <end id>
1661 When scanning the queue, Exim can be made to skip over mes‐
1662 sages whose ids are lexically less than a given value by fol‐
1663 lowing the -q option with a starting message id. For example:
1664 exim -q 0t5C6f-0000c8-00
1666 Messages that arrived earlier than 0t5C6f-0000c8-00 are not
1668 inspected. If a second message id is given, messages whose
1669 ids are lexically greater than it are also skipped. If the
1670 same id is given twice, for example,
1671 exim -q 0t5C6f-0000c8-00 0t5C6f-0000c8-00
1673 just one delivery process is started, for that message. This
1675 differs from -M in that retry data is respected, and it also
1676 differs from -Mc in that it counts as a delivery from a queue
1677 run. Note that the selection mechanism does not affect the
1678 order in which the messages are scanned. There are also other
1679 ways of selecting specific sets of messages for delivery in a
1680 queue run - see -R and -S.
1681 -q<qflags><time>
1683 When a time value is present, the -q option causes Exim to
1684 run as a daemon, starting a queue runner process at intervals
1685 specified by the given time value. This form of the -q option
1686 is commonly combined with the -bd option, in which case a
1687 single daemon process handles both functions. A common way of
1688 starting up a combined daemon at system boot time is to use a
1689 command such as
1690 /usr/exim/bin/exim -bd -q30m
1692 Such a daemon listens for incoming SMTP calls, and also
1694 starts a queue runner process every 30 minutes.
1695 When a daemon is started by -q with a time value, but without
1697 -bd, no pid file is written unless one is explicitly
1698 requested by the -oP option.
1699 -qR<rsflags> <string>
1701 This option is synonymous with -R. It is provided for Send‐
1702 mail compatibility.
1703 -qS<rsflags> <string>
1705 This option is synonymous with -S.
1706 -R<rsflags> <string>
1708 The <rsflags> may be empty, in which case the white space
1709 before the string is optional, unless the string is f, ff, r,
1710 rf, or rff, which are the possible values for <rsflags>.
1711 White space is required if <rsflags> is not empty.
1712 This option is similar to -q with no time value, that is, it
1714 causes Exim to perform a single queue run, except that, when
1715 scanning the messages on the queue, Exim processes only those
1716 that have at least one undelivered recipient address contain‐
1717 ing the given string, which is checked in a case-independent
1718 way. If the <rsflags> start with r, <string> is interpreted
1719 as a regular expression; otherwise it is a literal string.
1720 If you want to do periodic queue runs for messages with spe‐
1722 cific recipients, you can combine -R with -q and a time
1723 value. For example:
1724 exim -q25m -R @special.domain.example
1726 This example does a queue run for messages with recipients in
1728 the given domain every 25 minutes. Any additional flags that
1729 are specified with -q are applied to each queue run.
1730 Once a message is selected for delivery by this mechanism,
1732 all its addresses are processed. For the first selected mes‐
1733 sage, Exim overrides any retry information and forces a
1734 delivery attempt for each undelivered address. This means
1735 that if delivery of any address in the first message is suc‐
1736 cessful, any existing retry information is deleted, and so
1737 delivery attempts for that address in subsequently selected
1738 messages (which are processed without forcing) will run. How‐
1739 ever, if delivery of any address does not succeed, the retry
1740 information is updated, and in subsequently selected mes‐
1741 sages, the failing address will be skipped.
1742 If the <rsflags> contain f or ff, the delivery forcing
1744 applies to all selected messages, not just the first; frozen
1745 messages are included when ff is present.
1746 The -R option makes it straightforward to initiate delivery
1748 of all messages to a given domain after a host has been down
1749 for some time. When the SMTP command ETRN is accepted by its
1750 ACL, its default effect is to run Exim with the -R option,
1751 but it can be configured to run an arbitrary command instead.
1752 -r This is a documented (for Sendmail) obsolete alternative name
1754 for -f.
1755 -S<rsflags> <string>
1757 This option acts like -R except that it checks the string
1758 against each message's sender instead of against the recipi‐
1759 ents. If -R is also set, both conditions must be met for a
1760 message to be selected. If either of the options has f or ff
1761 in its flags, the associated action is taken.
1762 -Tqt <times>
1764 This is an option that is exclusively for use by the Exim
1765 testing suite. It is not recognized when Exim is run nor‐
1766 mally. It allows for the setting up of explicit "queue times"
1767 so that various warning/retry features can be tested.
1768 -t When Exim is receiving a locally-generated, non-SMTP message
1770 on its standard input, the -t option causes the recipients of
1771 the message to be obtained from the To:, Cc:, and Bcc: header
1772 lines in the message instead of from the command arguments.
1773 The addresses are extracted before any rewriting takes place
1774 and the Bcc: header line, if present, is then removed.
1775 If the command has any arguments, they specify addresses to
1777 which the message is not to be delivered. That is, the argu‐
1778 ment addresses are removed from the recipients list obtained
1779 from the headers. This is compatible with Smail 3 and in
1780 accordance with the documented behaviour of several versions
1781 of Sendmail, as described in man pages on a number of operat‐
1782 ing systems (e.g. Solaris 8, IRIX 6.5, HP-UX 11). However,
1783 some versions of Sendmail add argument addresses to those
1784 obtained from the headers, and the O'Reilly Sendmail book
1785 documents it that way. Exim can be made to add argument
1786 addresses instead of subtracting them by setting the option
1787 extract_addresses_remove_arguments false.
1788 If there are any Resent- header lines in the message, Exim
1790 extracts recipients from all Resent-To:, Resent-Cc:, and
1791 Resent-Bcc: header lines instead of from To:, Cc:, and Bcc:.
1792 This is for compatibility with Sendmail and other MTAs.
1793 (Prior to release 4.20, Exim gave an error if -t was used in
1794 conjunction with Resent- header lines.)
1795 RFC 2822 talks about different sets of Resent- header lines
1797 (for when a message is resent several times). The RFC also
1798 specifies that they should be added at the front of the mes‐
1799 sage, and separated by Received: lines. It is not at all
1800 clear how -t should operate in the present of multiple sets,
1801 nor indeed exactly what constitutes a "set". In practice, it
1802 seems that MUAs do not follow the RFC. The Resent- lines are
1803 often added at the end of the header, and if a message is
1804 resent more than once, it is common for the original set of
1805 Resent- headers to be renamed as X-Resent- when a new set is
1806 added. This removes any possible ambiguity.
1807 -ti This option is exactly equivalent to -t -i. It is provided
1809 for compatibility with Sendmail.
1810 -tls-on-connect
1812 This option is available when Exim is compiled with TLS sup‐
1813 port. It forces all incoming SMTP connections to behave as if
1814 the incoming port is listed in the tls_on_connect_ports
1815 option.
1816 -U Sendmail uses this option for "initial message submission",
1818 and its documentation states that in future releases, it may
1819 complain about syntactically invalid messages rather than
1820 fixing them when this flag is not set. Exim ignores this
1821 option.
1822 -v This option causes Exim to write information to the standard
1824 error stream, describing what it is doing. In particular, it
1825 shows the log lines for receiving and delivering a message,
1826 and if an SMTP connection is made, the SMTP dialogue is
1827 shown. Some of the log lines shown may not actually be writ‐
1828 ten to the log if the setting of log_selector discards them.
1829 Any relevant selectors are shown with each log line. If none
1830 are shown, the logging is unconditional.
1831 -x AIX uses -x for a private purpose ("mail from a local mail
1833 program has National Language Support extended characters in
1834 the body of the mail item"). It sets -x when calling the MTA
1835 from its mail command. Exim ignores this option.
1836 -X <logfile>
1838 This option is interpreted by Sendmail to cause debug infor‐
1839 mation to be sent to the named file. It is ignored by Exim.
1840 -z <log-line>
1842 This option writes its argument to Exim's logfile. Use is
1843 restricted to administrators; the intent is for operational
1844 notes. Quotes should be used to maintain a multi-word item
1845 as a single argument, under most shells.
1846
1849 The full Exim specification, the Exim book, and the Exim wiki.
1851 EXIM(8)