DOCSLIB.ORG

Specification of the Exim Mail Transfer Agent

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Specification of the Exim Mail Transfer Agent Specification of the Exim Mail Transfer Agent Exim Maintainers Specification of the Exim Mail Transfer Agent Author: Exim Maintainers Copyright © 2009 University of Cambridge Revision 4.73 19 Nov 2010 Contents 1. Introduction .................................................................................................................................. 1 1.1 Exim documentation .............................................................................................................. 1 1.2 FTP and web sites ................................................................................................................. 2 1.3 Mailing lists .............................................................................................................................. 2 1.4 Exim training ........................................................................................................................... 3 1.5 Bug reports .............................................................................................................................. 3 1.6 Where to find the Exim distribution ...................................................................................... 3 1.7 Limitations ............................................................................................................................... 3 1.8 Run time configuration ........................................................................................................... 4 1.9 Calling interface ...................................................................................................................... 4 1.10 Terminology ........................................................................................................................... 4 2. Incorporated code ...................................................................................................................... 6 3. How Exim receives and delivers mail ................................................................................... 8 3.1 Overall philosophy .................................................................................................................. 8 3.2 Policy control ........................................................................................................................... 8 3.3 User filters ............................................................................................................................... 8 3.4 Message identification ........................................................................................................... 9 3.5 Receiving mail ........................................................................................................................ 9 3.6 Handling an incoming message ........................................................................................ 10 3.7 Life of a message ................................................................................................................. 10 3.8 Processing an address for delivery ................................................................................... 11 3.9 Processing an address for verification .............................................................................. 12 3.10 Running an individual router ............................................................................................ 12 3.11 Duplicate addresses .......................................................................................................... 13 3.12 Router preconditions ......................................................................................................... 13 3.13 Delivery in detail ................................................................................................................. 14 3.14 Retry mechanism ............................................................................................................... 15 3.15 Temporary delivery failure ................................................................................................ 15 3.16 Permanent delivery failure ................................................................................................ 15 3.17 Failures to deliver bounce messages ............................................................................. 16 4. Building and installing Exim ................................................................................................. 17 4.1 Unpacking ............................................................................................................................. 17 4.2 Multiple machine architectures and operating systems ................................................. 17 4.3 PCRE library ......................................................................................................................... 17 4.4 DBM libraries ........................................................................................................................ 17 4.5 Pre-building configuration ................................................................................................... 18 4.6 Support for iconv() ............................................................................................................... 19 4.7 Including TLS/SSL encryption support ............................................................................. 19 4.8 Use of tcpwrappers .............................................................................................................. 20 4.9 Including support for IPv6 ................................................................................................... 20 4.10 The building process ......................................................................................................... 21 4.11 Output from “make” ........................................................................................................... 21 4.12 Overriding build-time options for Exim ............................................................................ 21 4.13 OS-specific header files .................................................................................................... 23 4.14 Overriding build-time options for the monitor ................................................................ 23 4.15 Installing Exim binaries and scripts ................................................................................. 23 4.16 Installing info documentation ........................................................................................... 24 4.17 Setting up the spool directory .......................................................................................... 25 4.18 Testing ................................................................................................................................. 25 iii 4.19 Replacing another MTA with Exim .................................................................................. 26 4.20 Upgrading Exim .................................................................................................................. 26 4.21 Stopping the Exim daemon on Solaris ........................................................................... 26 5. The Exim command line ......................................................................................................... 27 5.1 Setting options by program name ...................................................................................... 27 5.2 Trusted and admin users .................................................................................................... 27 5.3 Command line options ........................................................................................................ 28 6. The Exim run time configuration file ................................................................................... 49 6.1 Using a different configuration file ..................................................................................... 49 6.2 Configuration file format ...................................................................................................... 50 6.3 File inclusions in the configuration file .............................................................................. 51 6.4 Macros in the configuration file .......................................................................................... 51 6.5 Macro substitution ................................................................................................................ 51 6.6 Redefining macros ............................................................................................................... 52 6.7 Overriding macro values ..................................................................................................... 52 6.8 Example of macro usage .................................................................................................... 52 6.9 Conditional skips in the configuration file ......................................................................... 52 6.10 Common option syntax ..................................................................................................... 53 6.11 Boolean options ................................................................................................................. 53 6.12 Integer values ..................................................................................................................... 53 6.13 Octal integer values ........................................................................................................... 53 6.14 Fixed
Load more

Recommended publications
  • Handling Unwanted Email What Are the Main Sources of Junk Email?
    Handling unwanted email Almost entirely based on a presentation by Brian Candler What are the main sources of junk email? · Spam Unsolicited, bulk email Often fraudulent ± penis enlargement, lottery scams, close relatives of African presidents, etc. Low response rate => high volume sent · Viruses, Trojan horses Infected machine sends out mails without the owner 's knowledge · Malicious bounces These are called ªcollateral spamº or ªJoe-jobsº Junk mail is sent with forged MAIL FROM Accepted by some intermediate MTA, but later it bounces Bounces go to innocent third party 1 What are the costs? · Important messages can be accidentally discarded The more junk, the higher the risk · Wasted time Deleting junk Setting up and maintaining ®lters Checking discarded mail for false positives · Wasted bandwidth and disk space Especially for users on modems Viruses and spam attachments can be large · Annoyance, offence, even fraud There are no easy answers! 2 Where can you ®lter? · At the end-user hosts ✓ Each client has full control and customization ✓ Distributes the processing cost ✗ Client must still download each message · On the ISP's mail server ✓ Easier for users ✓ Sometimes can be rejected before receiving the body ✓ Saves disk space on the server ✗ Hard to make ¯exible for users to customize The Joe-job problem · Don't accept a message and then bounce it later If its sender is forged, we are creating a Joe-job · Much better to reject at RCPT TO or DATA stages A real MTA sender will create a bounce Spamware will ignore the rejection · For
    [Show full text]
  • DMARC — Defeating E-Mail Abuse
    CERT-EU Security Whitepaper 17-001 DMARC — Defeating E-Mail Abuse Christos Koutroumpas ver. 1.3 February 9, 2017 TLP: WHITE 1 Preface E-mail is one of the most valuable and broadly used means of communication and most orga- nizations strongly depend on it. The Simple Mail Transport Protocol (SMTP) – the Internet’s underlying email protocol – was adopted in the eighties and is still in use after 35 years. When it was designed, the need for security was not so obvious, and therefore security was not incor- porated in the design of this protocol. As a result, the protocol is susceptible to a wide range of attacks. Spear-phishing campaigns in particular can be more successful by spoofing (altering) the originator e-mail address to imper- sonate a trusted or trustworthy organization or person. This can lead to luring the recipient into giving away credentials or infecting his/her computer by executing malware delivered through the e-mail. While raising user awareness on how to avoid e-mail fraud is recommended, the Verizon Data Breach Investigations Report indicates that more needs to be done. The DBIR report reveals that 30% of all phishing e-mail messages were opened by the recipients and with 12% clicked on the content and executed malicious code. The median time for the first user of a phishing campaign to open the malicious email is 1 minute, 40 seconds. The median time to the first click on the attachment was 3 minutes, 45 seconds. These statistics highlight the risk for an organization on the receiving end of spear-phishing e-mails.
    [Show full text]
  • Setting up a Dial in PPP Server for Use with NX1500 Series Nexion Data Modems
    Setting up a Dial In PPP Server for use with NX1500 series Nexion Data modems. A Linux server can provide many network services and all of these can be accessed by users via a dial up connection. Such services might include Email, Instant Messaging, BBS File Sharing and Internet access. This document applies to Red Hat Linux 7.3 and details only PPP Dial In setup. It requires Mgetty and PPPd to be installed – PPPd is installed by default. Mgetty. Installation To see if Mgetty is installed, run GnoRPM and click Find. Select Match Label from the list and enter mgetty. Click find. No result means Mgetty is not installed. Close the find window. To install, insert the Red Hat CD, mount it by right clicking the desktop and choosing Disks, CD-ROM. Click the Install button in GnoRPM, find Mgetty in the list and install by following the prompts etc. Unmount the drive the same way it was mounted. Mgetty must be run against each port to be monitored for dial in. To run Mgetty on COM 1, the command would be /sbin/mgetty –D ttyS0 where –D forces data mode (deny fax) and ttyS0 = COM 1. (ttyS1 is equivalent to COM 2). Most commonly the Mgetty command is added to /etc/inittab so it is automatically executed at startup and is also re-executed each time the process is terminated (modem hang up). For a modem on COM 1, add the following line to /etc/inittab: S0:2345:respawn:/sbin/mgetty –D ttyS0 The starting ‘S0’ is an arbitrary reference and can be any unique set of characters.
    [Show full text]
  • Delivering Results to the Inbox Sailthru’S 2020 Playbook on Deliverability, Why It’S Imperative and How It Drives Business Results Introduction to Deliverability
    Delivering Results to the Inbox Sailthru’s 2020 Playbook on Deliverability, Why It’s Imperative and How It Drives Business Results Introduction to Deliverability Every day, people receive more than 293 billion Deliverability is the unsung hero of email marketing, emails, a staggering number that only represents ultimately ensuring a company’s emails reach their the tip of the iceberg. Why? The actual number intended recipients. It’s determined by a host of of emails sent is closer to 5.9 quadrillion, with the factors, including the engagement of your subscribers overwhelming majority blocked outright or delivered and the quality of your lists. All together, these factors to the spam folder. result in your sender reputation score, which is used to determine how the ISPs treat your email stream. Something many people don’t realize is that to the Deliverability is also a background player, so far in the major Internet Service Providers (ISPs) — Gmail, shadows that many people don’t think about it, until Yahoo!, Hotmail, Comcast and AOL — “spam” there’s a major issue. doesn’t refer to marketing messages people may find annoying, but rather malicious email filled with That’s why Sailthru’s deliverability team created this scams and viruses. In order to protect their networks guide. Read on to learn more about how deliverability and their customers, the ISPs cast a wide net. If a works on the back-end and how it impacts revenue, message is deemed to be spam by the ISP’s filters, it’s your sender reputation and how to maintain a good dead on arrival, never to see the light of the inbox, as one, and best practices for list management, email protecting users’ inboxes is the top priority of any ISP.
    [Show full text]
  • H2418.1 EMC-Computer Generated Solutions E-Mail Management and E-Discovery Solution Overview
    Solution Overview EMC-Computer Generated Solutions E-mail Management and E-discovery Solution The Big Picture • Saves time, money, and space on • Helps reduce help desk calls and e-mail servers because the application lessens IT time spent manually runs on a different server (no code is archiving e-mail loaded on the e-mail server) • Delivers a secure corporate e-mail sys- • Remote calls to e-mail servers allow tem that protects valuable intellectual Unlimited Mailbox to run 24 hours per property, as well as complying with day, seven days a week without any government regulatory standards impact on e-mail server performance regarding e-mail storage and retention • Supports all known e-mail platforms, • Delivers immediate time to value including Microsoft Exchange, Lotus by enabling businesses to conduct Domino, Novell GroupWise, SunOne, legal discovery in-house, minimizing and UNIX Sendmail the need for expensive outside e-discovery fees • Provides complete compatibility with double-byte character support •Lowers the total cost of ownership by reducing operational and adminis- • Reduces disk and tape storage trative costs with self-managing and required to back up mail servers and self-healing content-addressed improves the performance of the storage (CAS) backup and recovery of e-mails • Provides long-term data retention • Reduces e-mail server farm as older capabilities, so content cannot be messages are moved to stable, overwritten or changed and is kept for less-expensive media a definable period of time, ensuring •Reduces licensing fees for operating its authenticity and meeting regulatory and backup systems, maintenance requirements costs, and support communications costs A unique, flexible solution that reduces costs and provides faster, less-expensive, lower-risk e-discovery The number and size of e-mails received at any given company, any given day, is becoming increasingly difficult and costly to manage.
    [Show full text]
  • Groupwise Internet Agent
    GroupWise Internet Agent April 7, 2000 Novell Confidential Manual Rev 99a24 8 February 00 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. or Canada. Copyright © 1993-1999 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. U.S. Patent Nos. 4,555,775; 4,580,218; 5,412,772; 5,701,459; 5,717,912; 5,760,772; 5,870,739; 5,873,079; 5,884,304; 5,903,755; 5,913,209; 5,924,096; 5,946,467; D393,457 and U.S. Patents Pending. Novell, Inc. 122 East 1700 South Provo, UT 84606 U.S.A. www.novell.com GroupWise Internet Agent February 2000 104-001304-001 Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see www.novell.com/documentation.
    [Show full text]
  • Install Sendmail Mail Server on Debian GNU / Linux
    Walking in Light with Christ - Faith, Computing, Diary Articles & tips and tricks on GNU/Linux, FreeBSD, Windows, mobile phone articles, religious related texts http://www.pc-freak.net/blog Install Sendmail mail server on Debian GNU / Linux Author : admin Installing sendmail on Debian Linux is something not so common these days. As sendmail has been overshadowed by his competitors Exim and Postfix. By default Debian Linux comes with Exim (light) installed as Exim is tiny and perfectly suitable for dealing with small and mid-sized SMTP needs. The reason why sendmail has been moved out by its competitors over the last 15 years is sendmail configuration is one big hell and besides that sendmail has been well known for its many security remote exploit holes - making it a famous target for crackers. Well anyways in some cases sendmail is necessary to install especially if you have a client which wants to have it set up. In this short article I will show how very basic sendmail installation on Debian host is done. blackstar:~# apt-get install sendmail-bin sensible-mda Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: sendmail-base sendmail-cf sensible-mda Suggested packages: sendmail-doc logcheck resolvconf sasl2-bin The following packages will be REMOVED: exim4 exim4-base exim4-config exim4-daemon-light sa-exim task-mail-server The following NEW packages will be installed: sendmail-base sendmail-bin sendmail-cf 0 upgraded, 3 newly installed, 6 to remove and 26 not upgraded. Need to get 1,626 kB of archives.
    [Show full text]
  • Understanding Email Sending in Nagios XI
    The Industry Standard In Infrastructure Monitoring Nagios XI Understanding Email Sending Purpose This document describes how Nagios XI sends emails and explains how to configure your email settings. Nagios XI uses email to send notifications as well as for sending reports. Target Audience This document is intended for use by Nagios Administrators who want to understand in detail how emails are sent by Nagios XI. Navigation Email settings in Nagios XI are located in Admin > System Config > Manage Email Settings. 1295 Bandana Blvd N, St. Paul, MN 55108 [email protected] US: 1-888-624-4671 INTL: 1-651-204-9102 www.nagios.com © 2017 Nagios Enterprises, LLC. All rights reserved. Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. Page 1 / 7 Updated – September, 2018 The Industry Standard In Infrastructure Monitoring Nagios XI Understanding Email Sending Web Browser Behavior There are some behaviors of your web browser which you need to be aware of. A lot of different web browsers will auto-complete / auto-populate fields on a web page when it loads. This usually only occurs when it sees a common field that does not have a value, it may have a saved value for that "named field" and hence it will populate that field with that saved value. If you open the Manage Email Settings page in Nagios XI you might notice that the username and password fields are already populated. You know that you didn't put a value in here, especially when this is the first time you've visited this page on a fresh install of Nagios XI.
    [Show full text]
  • Presentations Made by Senders
    SES ���� ��� � �� � � � � � � � ������������� DomainKeys ��������� SPF ��������������������� ���������� ����������������� ������������������������������������������������ Contents Introduction 3 Deployment: For Email Receivers 6 Audience 3 Two Sides of the Coin 6 How to Read this White Paper 3 Recording Trusted Senders Who Passed Authentication 6 A Vision for Spam-Free Email 4 Whitelisting Incoming Forwarders 6 The Problem of Abuse 4 What To Do About Forgeries 6 The Underlying Concept 4 Deployment: For ISPs and Enterprises 7 Drivers; or, Who’s Buying It 4 Complementary considerations for ISPs 7 Vision Walkthrough 5 Deployment: For MTA vendors 8 About Sender Authentication 8 Which specification? 8 An Example 8 Conformance testing 8 History 8 Perform SRS and prepend headers when forwarding 8 How IP-based Authentication Works 9 Add ESMTP support for Submitter 8 The SPF record 9 Record authentication and policy results in the headers 8 How SPF Classic Works 9 Join the developers mailing list 8 How Sender ID works 9 Deployment: For MUA vendors 9 How Cryptographic Techniques Work 0 Displaying Authentication-Results 9 Using Multiple Approaches Automatic switching to port 587 9 Reputation Systems Deployment: For ESPs 20 Deployment: For Email Senders 2 Don’t look like a phisher! 20 First, prepare. 2 Delegation 20 Audit Your Outbound Mailstreams 2 Publish Appropriately 20 Construct the record 2 Deployment: For Spammers 2 Think briefly about PRA and Mail-From contexts. 3 Two Types of Spammers 2 Test the record, part 3 Publish SPF and sign with DomainKeys. 2 Put the record in DNS 3 Stop forging random domains. 2 Test the record, part 2 4 Buy your own domains. 2 Keep Track of Violations 4 Reuse an expired domain.
    [Show full text]
  • Combatting Spam Using Mimedefang, Spamassassin and Perl
    Combating Spam Using SpamAssassin, MIMEDefang and Perl Copyright 2003 David F. Skoll Roaring Penguin Software Inc. (Booth #23) Administrivia Please turn off or silence cell phones, pagers, Blackberry devices, etc... After the tutorial, please be sure to fill out an evaluation form and return it to the USENIX folks. 2 Overview After this tutorial, you will: Understand how central mail filtering works. Know how to use MIMEDefang to filter mail. Be able to integrate SpamAssassin into your mail filter. Know how to implement mail filtering policies with MIMEDefang and Perl. Know how to fight common spammer tactics. 3 Outline Introduction to Mail Filtering Sendmail's Milter API MIMEDefang Introduction, Architecture Writing MIMEDefang Filters SpamAssassin Integration Advanced Filter Writing Fighting Common Spammer Tactics Advanced Topics Policy Suggestions 4 Assumptions I assume that you: Are familiar with Sendmail configuration. You don't need to be a sendmail.cf guru, but should know the basics. Are familiar with Perl. Again, you don't need to be able to write an AI program in a Perl one- liner, but should be able to read simple Perl scripts. Are running the latest version of Sendmail 8.12 on a modern UNIX or UNIX-like system. 5 Why Filter Mail? The old reason: to stop viruses. The new reason: to stop spam and inappropriate content. Blocking viruses is easy. Block .exe and similar files, and test against signature databases. Blocking spam is hard, but becoming increasingly important. Organizations can even face lawsuits over inappropriate content. 6 Mail filtering is required for many reasons. In addition to the reasons given on the slide, you might need to filter outgoing mail as well to prevent virus propagation, dissemination of sensitive information, etc.
    [Show full text]
  • Account Administrator's Guide
    ePrism Email Security Account Administrator’s Guide - V10.4 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2016 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 10.4 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 Document Conventions 6 Other Conventions 6 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 7 Additional Resources 7 Chapter 2 Portal Overview 8 Navigation Tree 9 Work Area 10 Navigation Icons 10 Getting Started 11 Logging into the portal for the first time 11 Logging into the portal after registration 12 Changing Your Personal Information 12 Configuring Accounts 12 Chapter 3 EdgeWave Administrator
    [Show full text]
  • Postfix−Cyrus−Web−Cyradm−HOWTO
    Postfix−Cyrus−Web−cyradm−HOWTO Luc de Louw luc at delouw.ch Revision History Revision 1.2.0 2002−10−16 Revised by: ldl The first release of the 1.2 version. Revision 1.1.7 2002−10−15 Revised by: ldl Added Michael Muenz' hints for SMTP AUTH, corrected ca−cert related mistake, improved SGML code (more metadata), updated the software mentioned in the document. Revision 1.1.6 2002−06−14 Revised by: ldl Added sasl_mech_list: PLAIN to imapd.conf, added web−cyradm Mailinglist, added more to web−cyradm Revision 1.1.5 2002−06−11 Revised by: ldl Added new SQL query to initialize web−cyradm to have full data integrity in the MySQL Database, mysql−mydestination.cf reported to be operational as expected. Revision 1.1.4 2002−05−15 Revised by: ldl Added description what is needed in /etc/services Another fix for pam_mysql compile, updated software versions. Revision 1.1.3 2002−05−08 Revised by: ldl Added more description for web−cyradm, fix for wrong path of the saslauthdb−socket, Fix for wrong place of com_err.h, protection of the TLS/SSL private key. Revision 1.1.2 2002−04−29 Revised by: ldl Added description for Redhat users how to install the init scripts. Revision 1.1.1 2002−04−29 Revised by: ldl Fixed bug in configuring cyrus−IMAP (disabled unused kerberos authentication) Revision 1.1.0 2002−04−28 Revised by: ldl Initial support for building cyrus from source, dropped binary installation for Cyrus, because configuration has changed with Release 2.1.x Revision 1.0.2 2002−04−25 Revised by: ldl Added basic description for sieve and correct sender handling, minor fixes to db related stuff, Added mysql−lookup for »mydestination« , fixed bug for building postfix with mysql support.
    [Show full text]