353
352
# WITH_OLD_DEMIME=yes
354
# If you're using ClamAV and are backporting fixes to an old version, instead
355
# of staying current (which is the more usual approach) then you may need to
356
# use an older API which uses a STREAM command, now deprecated, instead of
357
# zINSTREAM. If you need to set this, please let the Exim developers know, as
358
# if nobody reports a need for it, we'll remove this option and clean up the
359
# code. zINSTREAM was introduced with ClamAV 0.95.
361
# WITH_OLD_CLAMAV_STREAM=yes
363
#------------------------------------------------------------------------------
364
# By default Exim includes code to support DKIM (DomainKeys Identified
365
# Mail, RFC4871) signing and verification. Verification of signatures is
366
# turned on by default. See the spec for information on conditionally
367
# disabling it. To disable the inclusion of the entire feature, set
368
# DISABLE_DKIM to "yes"
355
373
#------------------------------------------------------------------------------
356
374
# Compiling Exim with experimental features. These are documented in
357
375
# experimental-spec.txt. "Experimental" means that the way these features are
414
432
#------------------------------------------------------------------------------
415
# By default, Exim insists that its configuration file be owned either by root
416
# or by the Exim user. You can specify one additional permitted owner here.
433
# By default, Exim insists that its configuration file be owned by root. You
434
# can specify one additional permitted owner here.
418
436
# CONFIGURE_OWNER=
420
438
# If the configuration file is group-writeable, Exim insists by default that it
421
# is owned by root or the Exim user. You can specify one additional permitted
439
# is owned by root. You can specify one additional permitted group owner here.
424
441
# CONFIGURE_GROUP=
442
459
#------------------------------------------------------------------------------
443
460
# The -C option allows Exim to be run with an alternate runtime configuration
444
# file. When this is used by root or the Exim user, root privilege is retained
445
# by the binary (for any other caller, it is dropped). You can restrict the
446
# location of alternate configurations by defining a prefix below. Any file
447
# used with -C must then start with this prefix (except that /dev/null is also
448
# permitted if the caller is root, because that is used in the install script).
449
# If the prefix specifies a directory that is owned by root, a compromise of
450
# the Exim account does not permit arbitrary alternate configurations to be
451
# used. The prefix can be more restrictive than just a directory (the second
461
# file. When this is used by root, root privilege is retained by the binary
462
# (for any other caller including the Exim user, it is dropped). You can
463
# restrict the location of alternate configurations by defining a prefix below.
464
# Any file used with -C must then start with this prefix (except that /dev/null
465
# is also permitted if the caller is root, because that is used in the install
466
# script). If the prefix specifies a directory that is owned by root, a
467
# compromise of the Exim account does not permit arbitrary alternate
468
# configurations to be used. The prefix can be more restrictive than just a
469
# directory (the second example).
454
471
# ALT_CONFIG_PREFIX=/some/directory/
455
472
# ALT_CONFIG_PREFIX=/some/directory/exim.conf-
458
475
#------------------------------------------------------------------------------
459
# If you uncomment the following line, only root may use the -C or -D options
460
# without losing root privilege. The -C option specifies an alternate runtime
461
# configuration file, and the -D option changes macro values in the runtime
462
# configuration. Uncommenting this line restricts what can be done with these
463
# options. A call to receive a message (either one-off or via a daemon) cannot
464
# successfully continue to deliver it, because the re-exec of Exim to regain
465
# root privilege will fail, owing to the use of -C or -D by the Exim user.
466
# However, you can still use -C for testing (as root) if you do separate Exim
467
# calls for receiving a message and subsequently delivering it.
476
# When a user other than root uses the -C option to override the configuration
477
# file (including the Exim user when re-executing Exim to regain root
478
# privileges for local message delivery), this will normally cause Exim to
479
# drop root privileges. The TRUSTED_CONFIG_LIST option, specifies a file which
480
# contains a list of trusted configuration filenames, one per line. If the -C
481
# option is used by the Exim user or by the user specified in the
482
# CONFIGURE_OWNER setting, to specify a configuration file which is listed in
483
# the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim.
469
# ALT_CONFIG_ROOT_ONLY=yes
485
# TRUSTED_CONFIG_LIST=/usr/exim/trusted_configs
472
488
#------------------------------------------------------------------------------
480
496
#------------------------------------------------------------------------------
497
# By contrast, you might be maintaining a system which relies upon the ability
498
# to override values with -D and assumes that these will be passed through to
499
# the delivery processes. As of Exim 4.73, this is no longer the case by
500
# default. Going forward, we strongly recommend that you use a shim Exim
501
# configuration file owned by root stored under TRUSTED_CONFIG_LIST.
502
# That shim can set macros before .include'ing your main configuration file.
504
# As a strictly transient measure to ease migration to 4.73, the
505
# WHITELIST_D_MACROS value definies a colon-separated list of macro-names
506
# which are permitted to be overriden from the command-line which will be
507
# honoured by the Exim user. So these are macros that can persist to delivery
509
# Examples might be -DTLS or -DSPOOL=/some/dir. The values on the
510
# command-line are filtered to only permit: [A-Za-z0-9_/.-]*
512
# This option is highly likely to be removed in a future release. It exists
513
# only to make 4.73 as easy as possible to migrate to. If you use it, we
514
# encourage you to schedule time to rework your configuration to not depend
515
# upon it. Most people should not need to use this.
517
# By default, no macros are whitelisted for -D usage.
519
# WHITELIST_D_MACROS=TLS:SPOOL
521
#------------------------------------------------------------------------------
481
522
# Exim has support for the AUTH (authentication) extension of the SMTP
482
523
# protocol, as defined by RFC 2554. If you don't know what SMTP authentication
483
524
# is, you probably won't want to include this code, so you should leave these
845
886
# but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM
889
# To use a name other than exim in the tcpwrappers config file,
890
# e.g. if you're running multiple daemons with different access lists,
891
# or multiple MTAs with the same access list, define
892
# TCP_WRAPPERS_DAEMON_NAME accordingly
894
# TCP_WRAPPERS_DAEMON_NAME="exim"
849
897
#------------------------------------------------------------------------------