Exim Cheat Sheet
Input Mode Control |
|
| Starting a daemon process | Start listening process |
| Interactive SMTP reception | SMTP on stdin and stdout, from local process or via inetd # exim -bs |
| Batched SMTP | Batched SMTP from local process # exim -bS |
| Extracting recipients from header lines | Message on standard input, recipients from header lines # exim -t |
| Set SMTP timeout | Set SMTP timeout (overrides option smtp_receive_timeout) # exim -os |
Additional Message Data |
|
| sender address | supplies the senders address overriding the address computed from the users login name # exim -f angrycustomer@datadisk.co.uk compliants@datadisk.co.uk |
| Override the username | The gecos field is normally used to supply the username, but this can be overriden # exim -F 'The Boss' paul.valle@datadisk.co.uk |
| Changing the characteristics for a message | There are a number of options starting with -oM that change the characteristics of a message -oMa sets the field that contains the IP address of the remote host |
Immediate Delivery Control |
|
| request background delivery | The accepting process automatically starts a delivery for each message received # exim -odb |
| Wait until a delivery process has finished | Exim will create a new delivery process but will wait until it completes before proceeding # exim -odf |
| Place messages on the queue | Exim normally tries to deliver the message ASAP, but you can place the message on the queue first # exim -odq |
| Place SMTP on queues but deliver local ASAP | You can place SMTP messages on a queue but send local deliveries ASAP # exim -odqs |
Error Reporting |
|
| Report an error by sending a message | # exim -oem |
| Report an error by sending a message but different error code | # exim -oee |
| Report error by writing a message to the standard error stream | # exim -oep |
Queue Runner Processes |
|
| start a queue runner process | Queue runner processes are normally started periodically by the daemon but you can do it manually # exim -q |
| overriding retry times and freezing | Normally a queue runner process only unfrozen messages and addresses whose retry times have been reached but using the option below means all messages will be tried # exim -qff |
| Local deliveries only | Process all unfrozen messages, and does local deliveries but skips remote deliveries # exim -ql # only local deliveries |
Configuration Overrides |
|
| use specific configuration file | # exim -C /etc/exim/test_exim_config |
| Override defined macros | # exim -D LOG_SELECTOR=+filter ... Note: you can use upto 10 -D |
Watching Exim |
|
| Display number of messages on the queue | # exim -bpc |
| Display the complete queue | # exim -bp |
Message Control |
|
| Create a delivery process for specific message (basically deliver the message) | # exim -M 1G4K8N-0003uY-29 Note: the message will be delivered even if its frozen, retry time has been reached, etc |
| Freeze and thaw messages | # exim -Mf 1G4K8N-0003uY-29 # Freeze message # exim -Mt 1G4K8N-0003uY-29 # Thaw message |
| Abandon Messages | # exim -Mg 1G4K8N-0003uY-29 # give up and generate a bounce message # exim -Mrm 1G4K8N-0003uY-29 # give up but DO NOT generate a bounce message |
| Inspect a queued message | # exim -Mvb 1G4K8N-0003uY-29 # view message body # exim -Mvh 1G4K8N-0003uY-29 # view message header # exim -Mvl 1G4K8N-0003uY-29 # view message log |
| Modify a queued message | # exim -Mar 1G4K8N-0003uY-29 paul.valle@datadisk.co.uk # Add recipient # exim -Mes 1G4K8N-0003uY-29 paul.valle@datadisk.co.uk # Edit sender # exim -Mmad 1G4K8N-0003uY-29 # Mark all delivered # exim -Mmd 1G4K8N-0003uY-29 paul.valle@datadisk.co.uk # Mark delivered (just the address) |
Testing |
|
| Testing the config settings | You can obtain lots of information using this command (version, authenicators, lookups, etc) # exim -bV |
| Display specific options from the config file | # exim -bP router_list Other options: |
| Testing routing | You get back information on what router, transport was used, type of lookup, etc # exim -bt paul.valle@datadisk.co.uk |
| Verify an address | # exim -bv paul.valle@datadisk.co.uk Note: -bvs will only be different if option verify_sender and verify_recipient have been set |
| Start a fake SMTP connection | # exim -bh 192.168.0.25 # starts a interactive SMTP session |
| Testing retry rules | # exim -brt datadisk.co.uk Note: brush up on the syntax for the retry rules see delivery errors |
| Testing rewrite rules | # Rewrite rule sender: paul.valle@datadisk.co.uk ## changed because of the s flag Note: more information can be seen at Address Rewriting |
| Testing filter files | # exim -bf new-filter < test-message Note: more information can be seen at Message Filtering |
| Testing string expansion | # exim -be > ${lookup {root} lsearch{/etc/passwd}} x:0:1:Super User:/:/bin/sh > |
Debugging
| Debugging | Start a interactive debugging session # exim -d all+filter -f paul.valle@datadisk.co.uk complaints@datadisk.co.uk |
Debugging Selectors |
|
| acl | ACL interpretation |
| auth | Authenication |
| deliver | General delivery logic |
| dns | DNS lookups |
| dnsbl | DNS black list code |
| exec | Arguments for exec() |
| expand | Details of string expansion |
| filter | Filter handling |
| hints_lookup | Hints data lookup |
| host_lookup | All types of name-to-IP address handling |
| ident | ident lookups |
| interface | Lists of local interfaces |
| lists | Matching things in lists |
| load | System load checks |
| local_scan | Debugging in the local_scan() function |
| lookup | General lookup code and all lookups |
| memory | Memory handling |
| pid | Add pid to debug lines |
| process_info | Setting info for the process log |
| queue_run | Queue runs |
| receive | General message reception logic |
| resolver | The DNS resolver's debugging output |
| retry | Retry handling |
| rewrite | Address rewriting |
| route | Address routing |
| timestamp | Timestamp debug lines |
| tls | TLS logic |
| transport | Transports |
| uid | Change of uid/gid and looking up uid/gid |
| verify | Address verification |
| all | All of the above and also -v output |
Expansion Conditions
| !<condition> | negate the result |
| <symbolic operator> {<string1>}{<string2>} | = equal to == equal to > greater than >= greater than equal to < less than <= less than equal to |
| crypteq {<string1>}{<string2>} | The first string is encrypted and compared against the second, which must already be encrypted. |
| def:<variable name> | The condition is true if the variable is NOT a empty string |
| def:header_<header_name> def:h_<header_name> |
true if a message is being processed and the named header exists in the message |
| eq {<string1>}{<string2>} | true if both strings are identical |
| eqi {<string1>}{<string2>} | same as above both case-independent |
| exists {<filename>} | true if filename exists |
| first_delivery | true during the first delivery attempt |
| ge {<string1>}{<string2>} | true if the first resulting string is greater of equal to the second string |
| gei {<string1>}{<string2>} | same as above but case-independent |
| gt {<string1>}{<string2>} | true if the first resulting string is greater than the second string |
| gti {<string1>}{<string2>} | same as above but case-independent |
| isip {<string>} | true if the string is a IP address |
| isip4 | true if the string is a IPv4 address |
| isip6 | true if the string is a IPv6 address |
| ldapauth{<LDAP query>} | true if LDAP authenciates |
| le {<string1>}{<string2>} | true if the first resulting string is less than or equal to the second string |
| lei {<string1>}{<string2>} | same as above but case-independent |
| lt {<string1>}{<string2>} | true if the first resulting string is less than the second string |
| lti {<string1>}{<string2>} | same as above but case-independent |
| match {<string1>}{<string2>} | The second string is treated as a regular expression and applioed to the first, the condition is true if the match succeeds. |
| match_address {<string1>}{<string2>} | The first string must be an email address and the second must be an address list against which the first is matched |
| match_domain {<string1>}{<string2>} | The first string must be a domain and the second must be an domain list against which the first is matched |
| match_ip {<string1>}{<string2>} | The first string must be a IP address and the second must be an IP address list against which the first is matched |
| match_local_part {<string1>}{<string2>} | The first string must be a local part and the second must be an local part list against which the first is matched |
| pam {<string1>:<string2>:..} | Use PAM to authenciate the user |
| pwcheck{<user:password>} | Use Cyrus pwcheck daemon now has been replaced with saslauthd |
| queue_running | true during delivery attempts that are initiated by queue runner processes |
| radius{<authenication string>} | Use Radius to authenciate |
| saslauthd{<user>}{<password>}{<service>}{<realm>} | Use Cyrus (saslauthd) to authenicate |
Combining Conditions |
|
| and {{<cond1>}{<cond2>}...} | The statement is valuated from left to right, the condition is true if all the statements are true |
| or {{<cond1>}{<cond2>}...} | The statement is valuated from left to right, the condition is true if one of the statements are true |
Expansion Variables
| $0, $1, and so on | When a matches expansion condition succeeds, these variables contain the captured substrings identified by the regular expression during subsequent processing of the success string of the containing if expansion item. |
| $acl_c.. | The full-names are user defined, values are placed in these variables by the set modifer in an ACL, they persist throughout the lifetime of an SMTP connection. |
| $acl_m.. | These variables are the same as above but are reset after each message |
| $acl_verify_message | This variable contains the original failure message |
| $address_data | This variable is set by means of the address_data option routers |
| $address_file | The name of the .forward or aliases file if used. |
| $address_pipe | This holds the pipe command when the transport is running |
| $auth1-$auth3 | These variables are used in SMTP authenicators |
| $authenicated_id | May preserve some of the authication information in the variable |
| $authenicated_sender | uses the SMTP MAIL command to populate this variable |
| $authenicated_failed | set to 1 if the authenication succeeds. |
| $body_linecount | Holds the number of lines in the body of a message |
| $body_zerocount | Holds the number of binary zeros in the body of a message |
| $bounce_recipient | set to the recipient address of a bounced message while Exim is creating it. |
| $bounce_return_size_limit | contains the value set in the bounce_return_size_limit option |
| $caller_gid | holds the GID under which the process that called Exim was running |
| $caller_uid | holds the UID under which the process that called Exim was running |
| $compile_date | holds the date that Exim was compiled |
| $compile_number | holds the count that Exim has been compiled |
| $dnslist_domain | holds the domain that is blacklisted by a DNS blacklist, this variable is then used in the rejection messages. |
| $dnslist_text | if the domain is on a DNS blacklist the contents of any associated TXT record are placed in this variable. |
| $dnslist_value | if the domain is on a DNS blacklist the IP address from the resource record are placed in this variable. |
| $domain | When an address is being routed or delivered this variable conatins the domain. |
| $domain_data | This variable is used when a router has a domains condition, if a domain is matched then it is placed in this variable, the router will then use this variable for the remaining router options |
| $exim_gid | the GID of Exim |
| $exim_path | the path of the Exim binary |
| $home | when the check_local_user option (routers) is used, the users home directory is placed in this variable, the transport may use this option. |
| $host | if a router sets up a list of hosts when it accepts an address and assigns it to a transport, this variable contains the first host on that list. |
| $host_address | the IP address of $host |
| $host_data | If a hosts condition in an ACL is satisfied by means of a lookup, the result of the lookup is made available in this variable. |
| $host_lookup_deferred | contains a 1 if there is a DNS problem i.e timeout |
| $host_lookup_failed | contains a 1 if DNS cannot resolve the hostname from its IP address |
| $inode | used when expanding the directory_file option, it contains the inode number of the temporary file that is about to be renamed. |
| $ldap_dn | conatins the last entry in the most recently successful LDAP lookup. |
| $load_average | contains the system load average |
| $local_part | this contains the local part of the address |
| $local_part_data | If a local_parts condition in an ACL is satisfied by means of a lookup, the result of the lookup is made available in this variable. |
| $local_part_prefix | this contains a specific prefix that has been removed from the local_part |
| $local_part_suffix | this variable contains the specific suffix for the local part |
| $local_scan_data | contains the text returned by the local_scan() function when a message is received |
| $local_user_gid | set to the GID when the check_local_user router precondition succeeds |
| $local_user_uid | set to the UID when the check_local_user router precondition succeeds |
| $localhost_number | contains the value of the localhost_number option |
| $log_inodes | contains the number of free inodes in the disk partition where Exim's log files are kept |
| $log_space | contains the amount of free space in the disk partition where Exim's log files are kept |
| $malware_name | this variable is available when Exim is compiled with the content-scanning extension, it is set to the name of the Virus that was found when the ACL malware condition is true. |
| $message_age | contains the number of seconds since the message was received. |
| $message_body | contains the initial portion of a message's body while it is being delivered |
| $message_body_end | contains the final portion of a message's body while it is being delivered |
| $message_body_size | contains the size of the body's size in bytes |
| $message_headers | contains a concatenation of all the header lines when a message is being processed |
| $message_exim_id $message_id |
contains the unique message ID that is generated and used by Exim to identify the message |
| $message_linecount | conatins the total number of lines in the header and body of the message |
| $message_size | contains the size of the message in bytes |
| $mime_xxx | a number of variables whose names start with $mime are set during MIME ACL |
| $n0 to $n9 | are counters that can be incremented by the add command in filters |
| $original_domain | this contains the original address when using .forward files, alias, filters |
| $original_local_part | this is the same as above but contains the local part |
| $originator_gid | this is the value of $caller_gid that was set when the message was received |
| $originator_uid | this is the value of $caller_uid that was set when the message was received |
| $parent_domain | conatins the domain of the immediately preceding parent address, used when using .forward files, aliasing, etc |
| $parent_local_part | this is the same as above but contains the local part |
| $pid | the current process ID |
| $pipe_address | used by the pipe transport and transport filters, you cannot expanded this variable, provokes a "unknown variable" |
| $primary_hostname | holds the value set in the config file or the value determined by running the uname() function |
| $prvscheck_xxx | used when using the prvscheck expansion option |
| $qualify_domain | holds the value set of this option in the config file |
| $qualify_recipient | holds the value set of this option in the config file |
| $rcpt_count | contains the number of SMTP RCPT commands received |
| $rcpt_defer_count | contains the number of SMTP RCPT commands received that have been rejected by a temporary response |
| $rcpt_fail_count | contains the number of SMTP RCPT commands received that have been rejected by a permanent response |
| $received_count | conatins the number of Received: header lines |
| $received_for | if there is only one recipient address this this variable contains that address |
| $received_ip_address | contains the local IP address that received this message |
| $received_port | contains the local port that received this message |
| $received_protocol | contains the protocol that received this message |
| $received_time | contains the date and time when the message was received |
| $recipient_data | contains the data from the lookup when using ACL recipients condition |
| $recipient_verify_failure | this contains the information when it fails in a ACL |
| $recipients | contains a list of envelope recipients for a message |
| $recipients_count | contains the number of envelope recipients that came with the message |
| $reply_address | contains the Reply-To: header field |
| $return_path | contains the return path, normally has the same as the $sender_address |
| $return_size_limit | contains the value in return_size_limit option |
| $runrc | contains the return code from a command that is run by the run expansion item |
| $self_hostname | is set to the name of the local host that the original router encountered |
| $sender_address | contains th senders address that was contained in the message's envelope |
| $sender_address_data | if $address_data is set when the routers are called from an ACL to verify a sender address, the final value preserved in $sender_address_data to distingushed it from data from a recipient address. |
| $sender_address_domain | holds the domain portion of $sender_address |
| $sender_address_local_part | holds the domain portion of $sender_local_part |
| $sender_data | If a senders condition in an ACL is satisfied by means of a lookup or in a senders router option , the result of the lookup is made available in this variable. |
| $sender_fullhost | contains the IP address and hostname in a single string, which always ends with the IP address in square brackets |
| $sender_helo_name | contains the first arguement from the SMTP HELO or EHLO command |
| $sender_host_address | contains the clients IP address |
| $sender_host_authenicated | conatins the name of the authenicated driver that successfully authenicated the client from which the message was received. |
| $sender_host_name | contains the host name as obtained by looking up its IP address |
| $sender_host_port | contains the port number that was used on the remote host |
| $sender_ident | contains the identification received in response to an RFC 1413 request |
| $sender_rate_xxx | a number of variables that are set as part of the ratelimit ACL condition |
| $sender_rcvhost | used specifically in Received: header lines |
| $sender_verify_failure | contains information about the failure of an ACL |
| $smtp_active_hostname | contains the value of the active hostname, as specified by the smtp_active_hostname option |
| $smtp_command | contains the entire SMTP command |
| $smtp_command_argument | conatins the SMTP command arguments |
| $sn0 to $sn9 | these variables are copies of values of the $n0 to $n9 accumulators that were current at the end of the system filter |
| $spam_xx | variables whose name start with $spam are available when exim is compiled with the content-scanning extension and the spam ACL condition is used |
| $spool_directory | holds the name of Exim's spool directory |
| $spool_inodes | contains the number of free inodes in the disk partition where Exim's spool files are kept |
| $spool_space | contains the amount of free space in the disk partition where Exim's spool files are kept |
| $thisaddress | is only set during the processing of the foranyaddress command in an Exim filter |
| $tls_certificate_verified | is set to 1 if the TLS certificate has been verified |
| $tls_cipher | set to the name of the cipher used in a TLS connection |
| $tls_peerdn | set to the value of the ditinguished name of the certificate |
| $tod_bsdinbox | holds the date and time of the day in BSD style format |
| $tod_epoch | the time and date as a number of seconds since the start of the Unix epoch |
| $tod_full | holds a full version of the date and time |
| $tod_log | holds the time and date in the format used for writing Exims log files |
| $tod_logfile | contains the date in the format yyyymmdd |
| $tod_zone | contains the numerical value of the local timezone |
| $tod_zulu | contains the UTC data and time in "Zulu" format |
| $value | contains the result of an expression lookup, extraction operation or external command |
| $version_number | holds the version number of Exim |
| $warn_message_delay | set only during the creation of a message warning about a delivery delay |
| $warn_message_recipients | set only during the creation of a message warning about a delivery delay |