--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/abstract.txt Wed Jan 14 22:31:56 2015 +0100
@@ -0,0 +1,1052 @@
+Kurzer Konfigurationsritt
+=========================
+:Author: Heiko Schlittermann
+:Toc:
+:data-uri:
+:icons:
+:numbered:
+
+
+== Konfig im Detail ==
+
+Welche Konfiguration wird eingelesen? Je nach Installation kann das
+ein anderes File sind.
+
+.aktive Konfiguration ermitteln:
+----
+> exim -bV | tail -n 1
+> exim -bP configure_file
+----
+
+.aktive Konfiguration ändern
+----
+> exim -C `pwd`/test.config …
+----
+
+Die Konfiguration öfter gelesen, als vielleicht erwartet:
+
+* Klar - beim Start
+* Aber - wann wird gestartet?
+ ** Start des Daemon
+ ** Signal HUP
+ ** re-exec for verschiedene Zwecke
+* Achtung:
+ ** exim4.conf + .include ist "statisch"
+ ** lists, lookups, … "dynamisch"
+
+Der Config-Parser ist ziemlich einfach.
+
+* einfache Syntax-Checks
+* Erst „de-comment“, dann „trimm“, dann Fortsetzungszeilen mit `\`
+ am Ende
+
+== Syntax der Konfiguration ==
+
+Es gibt Macros.
+
+* Macros - Text-Ersatz während des Einlesens,
+ ggf. bedingt über `.ifdef`
+* `.include`, `.include_ifexists`
+
+.Macro-Ersetzungen
+----
+FOO = foo <1>
+FOO == bar <2>
+primary_hostname = FOO
+----
+<1> Definition
+<2> Re-Definition
+
+Es gibt weitere Elemente:
+
+* Optionsnamen
+* benamste Listen
+* Instanzen von Routern, Transports, …
+
+== Werte ==
+
+Optionen und Listen haben Werte. Es gibt _bool_, _integer_, _fixed-point_, _time_ und _string_.
+
+=== Bool ===
+
+_bool_ sind einfache Schalter.
+
+.Format
+----
+true
+false
+<option>
+no_<option>
+not_<option>
+----
+
+----
+split_spool_directory
+not_split_spool_directory
+split_spool_directory = true
+split_spool_directory = no
+----
+
+.spect.txt
+ +---------------------+---------+-------------+--------------+
+ |split_spool_directory|Use: main|Type: boolean|Default: false|
+ +---------------------+---------+-------------+--------------+
+
+=== Integer ===
+
+Zahlen halt. Ganze Zahlen.
+
+.Format
+----
+ <n>[<suffix>]
+ 0<n>[<suffix>]
+0x<n>[<suffix>]
+ suffix: k|m
+----
+
+----
+check_spool_space = 10M
+----
+
+.spec.txt
+ +-----------------+---------+-------------+----------+
+ |check_spool_space|Use: main|Type: integer|Default: 0|
+ +-----------------+---------+-------------+----------+
+
+
+
+### fixed-point
+ Format: <i>[.d[d[d]]] eg: 0.234
+
+ +----------------------+---------+-----------------+--------------+
+ |deliver_queue_load_max|Use: main|Type: fixed-point|Default: unset|
+ +----------------------+---------+-----------------+--------------+
+ > exim -C <(echo deliver_queue_load_max = 3.3) -bP deliver_queue_load_max
+
+### time intervals
+ Format: n<suffix>... eg: 2w3d
+ suffix: s|m|h|d|w
+
+ +---------+---------+----------+-----------+
+ |auto_thaw|Use: main|Type: time|Default: 0s|
+ +---------+---------+----------+-----------+
+ > exim -C <(echo auto_thaw = 1w7s) -bP auto_thaw
+
+### strings
+ Fromat: <string> eg: localhost
+ <"string"> eg: " A\x42C"
+
+ Quoting für \\, \n, \r, \t, \ddd, \xdd und führende oder baumelnde Spaces
+
+ - Vorsicht: Expansion
+ - Vorsicht: User/Groups
+
+ +----------------+---------+------------+------------------+
+ |primary_hostname|Use: main|Type: string|Default: see below|
+ +----------------+---------+------------+------------------+
+ > exim -C <(echo 'primary_hostname = a\x41b') -bP primary_hostname
+ > exim -C <(echo 'primary_hostname = "a\x41b"') -bP primary_hostname
+
+ Steuerzeichen werden für die Ausgabe escaped:
+ > exim -C <(echo 'primary_hostname = "a\x091b"') -bP primary_hostname
+
+
+### Lists
+ Format: <item>:… eg: a:b:c:d vs. a:b::c:d
+ eg: : -> ein leeres Element
+ [<<sep> <item><sep>…] eg: <, a,b,c
+
+ - leere Felder am Ende werden „gestrippt“
+ - Whitespace der Felder wird gestrippt
+ - leeres Feld in der Mitte: a: :b
+ - leeres Felder am Anfang bleibt
+ - "Escapen" des Listentrenners durch Verdoppeln
+
+ a : b::c : d -> (a) (b:c) (d)
+
+ > exim -be '${map{:a:b:c,}{<$item>}}'
+ > exim -be '${map{<,,a,b,c,}{<$item>}}'
+
+ > exim -C <(echo domainlist local_domains = 'a:b::c:d') -be '${listnamed:local_domains}'
+
+
+### Regexp
+ Format ^…
+
+ Beginnt mit ^, damit es sich von einem normalen String unterscheidet!
+ Achtung, Backslash ggf. vom String-Expander gefressen,
+ hauptsächlich in Listen, die RE enthalten dürfen
+
+ Ggf. mit \N..\N
+
+## Lookups
+
+ - 2 Syntaxen
+ - 2 Types
+ => 4 Varianten
+
+### Syntax 1: explizit - der Key oder die Frage wird ausdrücklich formuliert
+ es ist ein String-Expansion. s.u.
+
+ ${lookup{<key>}<type>{file}} eg: ${lookup{$domain}dsearch{/etc/exim4/domains}}
+ ${lookup <type> {<query>}} eg: ${lookup ldap {ldap:///o=roka?mail?sub?uid=${quote_ldap:$local_part}}}
+
+ Liefert eine Liste zurück, ggf. Listentrenner unorthodox und muss massiert werden
+
+### Syntax 2: implizit - der Key ergibt sich aus dem Kontext
+ keine Stringexpansion, sondern ein Element für sich
+
+
+ <type>;<file> eg: domains = dsearch;/etc/exim4/domains
+ <type>;<query> eg: domains = sqlite;/etc/db.sqlite SELECT … WHERE ${quote_sqlite:$local_part} …
+ domains = ldap;ldap:///o=roka?mail?sub?…
+
+ - Auffindes des "impliziten" Keys
+ - Query: Success der Query ist entscheidend, nicht der Resultat-Wert
+ - Achtung: In einer Liste ggf. an den Listentrenner denken!
+ domains = ldap;ldap::///o=…
+
+### Style 1: Single Key
+
+ ${lookup{<key>}<type>{<file>} eg: ${lookup{$sender_host_address}iplsearch{/etc/exim4/blacklist}}
+ <type>;<file> eg: hosts = iplsearch;/etc/exim4/blacklist
+
+ <type> ist dann lsearch, dsearch, iplsearch, …
+
+### Style 2: Query Style
+
+ ${lookup <type> {<query>}} eg: ${lookup dnsdb{mxh=roka.net}}
+ <type>;<query> eg: dnsdb;mxh=roka.net
+
+
+ Matrix
+
+ style| single key | query style
+ syntax \| |
+ ---------+--------------------------------+---------------------------
+ explicit | ${lookup{<key>}<type>{<file>} | ${lookup <type> {<query>}}
+ implizit | <type>;<file> | [ <type>;<query> ]
+
+
+ eg. config:
+
+ domains = ${lookup{$domain}lsearch{/etc/exim4/local_domains}} # WRONG
+ = <\n ${lookup mysql { SELECT domain FROM domains }} # BETTER
+ = ${lookup mysql { SELECT DISTINCT(domain) FROM domains WHERE domain = $domain}} # ggf BEST
+ vs
+ domains = lsearch;/etc/exim4/local_domains # OK
+
+
+## Named Lists
+ Format: <listtype> <name>
+ <listtype>_cache <name>
+ Bezug: +<name>
+
+ Typen: domainlist, hostlist, addresslist, localpartlist
+ Caching nur wenn die RHS keine '$' enthält, also konstante Ergebnisse zu erwarten sind.
+
+ Jeder Listtyp hat seine Eigenarten.
+
+ > exim -bP +<name>
+
+### domainlist
+
+ domainlist - @, @mx_primary, @mx_secondary, @mx_any, <pattern>, lookup, literal
+ hostlist - Namen, Adressen spec(10.11 ff)
+
+
+## String-Expansion
+
+ - von links nach rechts: $ und \ wirken als Trigger
+
+ > exim -be [<string>]
+ > exim -bem <message-file> [<string>]
+ > exim -be -Mset <spool-id> [<string>]
+
+ eg: exim -be '$primary_hostname'
+ exim -be '$tod_full'
+ exim -bem <(echo 'Subject: Hi') '$h_subject:'
+
+ Expansionen liefern neuen Text zurück oder können „forced expansion failure“
+ bewirken
+
+## Expansions-Items
+
+### Variablen
+ Format: $<variable> eg: $localhost_number
+ ${<variable>}
+
+### Operatoren
+ Format: ${<op>:<string>}
+ Für einfache Expansionen, lc, uc, hash, …
+
+### Funktionen
+ Format ${<function>{string1}...}
+
+# Debugging
+
+## Konfiguration
+
+ - > exim -bV
+
+## Routing / Transport
+
+ > exim -bt <address>
+ > exim -bts <address>
+
+ > exim -bv <address>
+ > exim -bvs <address>
+
+ Routing, Fake-Delivery
+ > exim -N < <message-file>
+
+ Fake-SMTP-Session
+ > exim -bh <sender-ip>
+ > swaks --pipe 'exim -bh <sender-ip>' -f <sender> -t <rcpt>
+ (note: --tls-cert, --tls-key Optionen sind für SWAKS vorhanden, um ein
+ Client-Zertifikat mitzuschicken, aber offenbar erst in neueren Versionen
+ von swaks)
+
+ - debug_print Option für Router und Transports
+
+
+### Minimalkonfiguration
+
+ .-[ m.conf ]-------- {{{
+ |exim_user = exim
+ |spool_directory = /tmp/exim-spool
+ |log_file_path =
+ |
+ |begin routers
+ |
+ | default:
+ | driver = accept
+ | transport = null
+ | no_more
+ |
+ |begin transports
+ |
+ | null:
+ | driver = appendfile
+ | file = /dev/null
+ `------------- }}}
+
+
+# Routing
+
+ - Preconditions
+ - Driver und Driver-Options
+ Result: - accept -> DONE (transport oder neue Adresse)
+ - pass -> pass_router (bzw. nächster Router)
+ - decline -> nächster Router (or fail, wenn no_more)
+ - fail -> DONE (bounce)
+ - defer -> Semi-DONE (re-queue)
+ - error -> wie defer
+
+# Hint-Databases
+
+ liegen in $spool_directory/db
+ - retry
+ - wait-<transport>
+ - callout
+ - ratelimit
+ - misc
+
+ Sind verzichtbar!
+
+## Wartung
+
+### Ansehen
+
+ > exim_dumpdb <spool_dir> <db>
+ eg: exim_dumpdb /var/spool/exim4
+
+ Je nach DB unterschiedliches Format
+
+### Verändern
+
+ Aufräumen
+ > exim_tidyb <spool_dir> <db> (Cronjob)
+
+ Reparieren
+ > exim_fixdb <spool_dir> <db>
+
+ … that's it …
+
+### Retry
+
+ exinext - Route: Adressproblem
+ Transport: Hostproblem
+
+# Acess Control Lists
+
+ acl_not_smtp ACL for non-SMTP messages
+ acl_not_smtp_mime ACL for non-SMTP MIME parts
+ acl_not_smtp_start ACL at start of non-SMTP message
+ acl_smtp_auth ACL for AUTH
+ acl_smtp_connect ACL for start of SMTP connection
+ acl_smtp_data ACL after DATA is complete
+ acl_smtp_data_prdr ACL for each recipient, after DATA is complete
+ acl_smtp_etrn ACL for ETRN
+ acl_smtp_expn ACL for EXPN
+ acl_smtp_helo ACL for HELO or EHLO
+ acl_smtp_mail ACL for MAIL
+ acl_smtp_mailauth ACL for the AUTH parameter of MAIL
+ acl_smtp_mime ACL for content-scanning MIME parts
+ acl_smtp_notquit ACL for non-QUIT terminations
+ acl_smtp_predata ACL at start of DATA command
+ acl_smtp_quit ACL for QUIT
+ acl_smtp_rcpt ACL for RCPT
+ acl_smtp_starttls ACL for STARTTLS
+ acl_smtp_vrfy ACL for VRFY
+
+ acl_<hook> = <aclverb> | <filename> | <acl-name>
+
+ eg: acl_smtp_rcpt = acl_check_rcpt
+ acl_smtp_rcpt = acl_check_rcpt_${primary_hostname}
+
+## Policies
+
+### acl_smtp_rcpt
+
+ Abweisung einzelner Empfänger, noch kein Content!
+
+### acl_smtp_data
+
+ Content-Scan. Nicht mehr für einzelne Empfänger,
+ $local_part, $domain steht nicht mehr zur Verfügung,
+ aber $recpients, $rcpt_count, …
+
+## Return-Values
+
+ - accept
+ - defer
+ - deny
+ - discard
+
+ default: "accept", ausser bei acl_smtp_rcpt, dort ist es "deny"
+ implizit "deny" am Ende jeder ACL!
+
+
+## Test
+
+ > exim -bh <ip> # ohne callouts
+ > exim -bhc <ip> # mit callouts
+ > swaks --pipe 'exim -bh <ip> -C <config>' -f <sender> -t <rcpt>
+
+ exim -N hilft nicht, ist nicht für die SMTP acl
+ relevant!
+
+## Format
+
+ <aclverb> [<condition>]
+ …
+ [<modifier]
+
+ Bedingungen müssen erfüllt sein, Order matters, Abbruch
+ bei nicht erfüllter Bedingung! Modifier sind immer "true"
+
+### Verb
+
+ accept, defer, deny, discard, drop, require, warn
+
+### Modifier
+
+ message = [code] text
+ log_message = text
+
+ Immediate:
+ logwrite = …
+ control = …
+ set = …
+ add_header = …
+ remove_header = …
+ delay = …
+
+### Conditions
+
+ <condition> = <value>
+
+ eg: deny hosts = !192.168.3.8 # neg. Liste
+ deny !hosts = 192.168.3.8 # neg. Resultat
+
+ vs: deny !verify = recipient # works
+ deny verify = !recipient # FALSCH
+
+
+ Wert der Condition und von Modifiern wird expandiert.
+ Force Failure bedeutet: Condition war nicht anwesend!
+
+ Reihenfolge ist wichtig! Short Circuit.
+ Position der Modifier ist wichtig!
+
+
+
+# DNS Lookups
+
+## DNSSEC
+ dns_dnssec_ok = 1
+
+ dnslookup.dnssec_require_domains = # leider noch falsche Syntax
+ smtp.dnssec_require_domains = # leider noch falsche Syntax
+ dnslookup.dnssec_request_domains = # leider noch falsche Syntax
+ smtp.dnssec_request_domains = # leider noch falsche Syntax
+
+# Anhang
+
+## Misc
+
+ Spec.txt durchsuchen (less):
+ - Option /^.<option> eg: |exim_user|
+ - Variable /^\$<variable eg: $localhost_number
+ - Operators: /^\$\{<operator>: eg: ${hash:<string>} …
+ - Condition: /^<condition> \{ eg: eq {<string1>}{<string2>} …
+ - Functions: /^\$\{<function\{ eg: ${map{<string1>}{<string2>}} …
+ - ACL conditions /^<condition> = eg: malware = …
+
+// Die folgenden Listen sind durch einfaches Greppen im Spec-File bzw.
+// im spec.xfpt enstanden, also weder vollständig noch zwingend korrekt!
+
+## Liste globaler Optionen {{{
+
+ accept_8bitmime
+ acl_not_smtp
+ acl_not_smtp_mime
+ acl_not_smtp_start
+ acl_smtp_auth
+ acl_smtp_connect
+ acl_smtp_data
+ acl_smtp_data_prdr
+ acl_smtp_etrn
+ acl_smtp_expn
+ acl_smtp_helo
+ acl_smtp_mail
+ acl_smtp_mailauth
+ acl_smtp_mime
+ acl_smtp_predata
+ acl_smtp_quit
+ acl_smtp_rcpt
+ acl_smtp_starttls
+ acl_smtp_vrfy
+ admin_groups
+ allow_domain_literals
+ allow_mx_to_ip
+ allow_utf8_domains
+ auth_advertise_hosts
+ auto_thaw
+ av_scanner
+ bi_command
+ bounce_message_file
+ bounce_message_text
+ bounce_return_body
+ bounce_return_message
+ bounce_return_size_limit
+ bounce_sender_authentication
+ callout_domain_negative_expire
+ callout_domain_positive_expire
+ callout_negative_expire
+ callout_positive_expire
+ callout_random_local_part
+ check_log_inodes
+ check_log_space
+ check_rfc2047_length
+ check_spool_inodes
+ check_spool_space
+ daemon_smtp_ports
+ daemon_startup_retries
+ daemon_startup_sleep
+ delay_warning
+ delay_warning_condition
+ deliver_drop_privilege
+ deliver_queue_load_max
+ delivery_date_remove
+ disable_fsync
+ disable_ipv6
+ dns_again_means_nonexist
+ dns_check_names_pattern
+ dns_csa_search_limit
+ dns_csa_use_reverse
+ dns_dnssec_ok
+ dns_ipv4_lookup
+ dns_retrans
+ dns_retry
+ dns_use_edns0
+ drop_cr
+ dsn_from
+ envelope_to_remove
+ errors_copy
+ errors_reply_to
+ exim_group
+ exim_path
+ exim_user
+ extra_local_interfaces
+ finduser_retries
+ freeze_tell
+ gecos_name
+ gecos_pattern
+ gnutls_compat_mode
+ header_line_maxsize
+ header_maxsize
+ headers_charset
+ helo_accept_junk_hosts
+ helo_allow_chars
+ helo_lookup_domains
+ helo_try_verify_hosts
+ helo_verify_hosts
+ hold_domains
+ host_lookup
+ host_lookup_order
+ host_reject_connection
+ hosts_connection_nolog
+ hosts_treat_as_local
+ ibase_servers
+ ignore_bounce_errors_after
+ ignore_fromline_hosts
+ ignore_fromline_local
+ keep_malformed
+ ldap_ca_cert_dir
+ ldap_ca_cert_file
+ ldap_cert_file
+ ldap_cert_key
+ ldap_cipher_suite
+ ldap_default_servers
+ ldap_require_cert
+ ldap_start_tls
+ ldap_version
+ local_from_check
+ local_from_prefix
+ local_from_suffix
+ local_interfaces
+ local_scan_timeout
+ local_sender_retain
+ localhost_number
+ log_file_path
+ log_selector
+ log_timezone
+ lookup_open_max
+ max_username_length
+ message_body_newlines
+ message_body_visible
+ message_id_header_domain
+ message_id_header_text
+ message_logs
+ message_size_limit
+ move_frozen_messages
+ mua_wrapper
+ mysql_servers
+ never_users
+ openssl_options
+ oracle_servers
+ percent_hack_domains
+ perl_at_start
+ perl_startup
+ pgsql_servers
+ pid_file_path
+ pipelining_advertise_hosts
+ prdr_enable
+ preserve_message_logs
+ primary_hostname
+ print_topbitchars
+ process_log_path
+ prod_requires_admin
+ qualify_domain
+ qualify_recipient
+ queue_domains
+ queue_list_requires_admin
+ queue_only
+ queue_only_file
+ queue_only_load
+ queue_only_load_latch
+ queue_only_override
+ queue_run_in_order
+ queue_run_max
+ queue_smtp_domains
+ receive_timeout
+ received_header_text
+ received_headers_max
+ recipient_unqualified_hosts
+ recipients_max
+ recipients_max_reject
+ remote_max_parallel
+ remote_sort_domains
+ retry_data_expire
+ retry_interval_max
+ return_path_remove
+ return_size_limit
+ rfc1413_hosts
+ rfc1413_query_timeout
+ sender_unqualified_hosts
+ smtp_accept_keepalive
+ smtp_accept_max
+ smtp_accept_max_nonmail
+ smtp_accept_max_nonmail_hosts
+ smtp_accept_max_per_connection
+ smtp_accept_max_per_host
+ smtp_accept_queue
+ smtp_accept_queue_per_connection
+ smtp_accept_reserve
+ smtp_active_hostname
+ smtp_banner
+ smtp_check_spool_space
+ smtp_connect_backlog
+ smtp_enforce_sync
+ smtp_etrn_command
+ smtp_etrn_serialize
+ smtp_load_reserve
+ smtp_max_synprot_errors
+ smtp_max_unknown_commands
+ smtp_ratelimit_hosts
+ smtp_ratelimit_mail
+ smtp_ratelimit_rcpt
+ smtp_receive_timeout
+ smtp_reserve_hosts
+ smtp_return_error_details
+ spamd_address
+ split_spool_directory
+ spool_directory
+ sqlite_lock_timeout
+ strict_acl_vars
+ strip_excess_angle_brackets
+ strip_trailing_dot
+ syslog_duplication
+ syslog_facility
+ syslog_processname
+ syslog_timestamp
+ system_filter
+ system_filter_directory_transport
+ system_filter_file_transport
+ system_filter_group
+ system_filter_pipe_transport
+ system_filter_reply_transport
+ system_filter_user
+ tcp_nodelay
+ timeout_frozen_after
+ timezone
+ tls_advertise_hosts
+ tls_certificate
+ tls_crl
+ tls_dh_max_bits
+ tls_dhparam
+ tls_ocsp_file
+ tls_on_connect_ports
+ tls_privatekey
+ tls_remember_esmtp
+ tls_require_ciphers
+ tls_try_verify_hosts
+ tls_verify_certificates
+ tls_verify_hosts
+ trusted_groups
+ trusted_users
+ unknown_login
+ unknown_username
+ untrusted_set_sender
+ uucp_from_pattern
+ uucp_from_sender
+ warn_message_file
+ write_rejectlog
+
+
+ }}}
+
+## Liste von Expansionsvariablen {{{
+
+ $acl_narg
+ $acl_verify_message
+ $address_data
+ $address_file
+ $address_pipe
+ $authenticated_fail_id
+ $authenticated_id
+ $authenticated_sender
+ $authentication_failed
+ $av_failed
+ $body_linecount
+ $body_zerocount
+ $bounce_recipient
+ $bounce_return_size_limit
+ $caller_gid
+ $caller_uid
+ $compile_date
+ $compile_number
+ $demime_errorlevel
+ $demime_errorlevel
+ $demime_reason
+ $demime_reason
+ $dnslist_domain
+ $domain
+ $domain_data
+ $exim_gid
+ $exim_path
+ $exim_uid
+ $found_extension
+ $found_extension
+ $header_
+ $headers_added
+ $home
+ $host
+ $host_address
+ $host_data
+ $host_lookup_deferred
+ $host_lookup_failed
+ $host_port
+ $inode
+ $interface_address
+ $interface_port
+ $item
+ $ldap_dn
+ $load_average
+ $local_part
+ $local_part_data
+ $local_part_prefix
+ $local_part_suffix
+ $local_scan_data
+ $local_user_gid
+ $local_user_uid
+ $localhost_number
+ $log_inodes
+ $log_space
+ $lookup_dnssec_authenticated
+ $mailstore_basename
+ $malware_name
+ $max_received_linelength
+ $message_age
+ $message_body
+ $message_body_end
+ $message_body_size
+ $message_exim_id
+ $message_headers
+ $message_headers_raw
+ $message_id
+ $message_linecount
+ $message_size
+ $mime_
+ $mime_boundary
+ $mime_charset
+ $mime_content_description
+ $mime_content_disposition
+ $mime_content_id
+ $mime_content_size
+ $mime_content_transfer_encoding
+ $mime_content_type
+ $mime_decoded_filename
+ $mime_filename
+ $mime_is_coverletter
+ $mime_is_multipart
+ $mime_is_rfc822
+ $mime_part_count
+ $original_domain
+ $original_local_part
+ $originator_gid
+ $originator_uid
+ $parent_domain
+ $parent_local_part
+ $pid
+ $pipe_addresses
+ $primary_hostname
+ $prvscheck_address
+ $prvscheck_keynum
+ $prvscheck_result
+ $qualify_domain
+ $qualify_recipient
+ $rcpt_count
+ $rcpt_defer_count
+ $rcpt_fail_count
+ $received_count
+ $received_for
+ $received_ip_address
+ $received_port
+ $received_protocol
+ $received_time
+ $recipient_data
+ $recipient_verify_failure
+ $recipients
+ $recipients_count
+ $regex_match_string
+ $reply_address
+ $return_path
+ $return_size_limit
+ $router_name
+ $runrc
+ $self_hostname
+ $sender_address
+ $sender_address_data
+ $sender_address_domain
+ $sender_address_local_part
+ $sender_data
+ $sender_fullhost
+ $sender_helo_name
+ $sender_host_address
+ $sender_host_authenticated
+ $sender_host_dnssec
+ $sender_host_name
+ $sender_host_port
+ $sender_ident
+ $sender_rate_
+ $sender_rcvhost
+ $sender_verify_failure
+ $sending_ip_address
+ $sending_port
+ $smtp_active_hostname
+ $smtp_command
+ $smtp_command_argument
+ $smtp_count_at_connection_start
+ $spam_
+ $spam_bar
+ $spam_report
+ $spam_score
+ $spam_score_int
+ $spool_directory
+ $spool_inodes
+ $spool_space
+ $thisaddress
+ $tls_in_bits
+ $tls_in_certificate_verified
+ $tls_in_cipher
+ $tls_in_ocsp
+ $tls_in_ourcert
+ $tls_in_peercert
+ $tls_in_peerdn
+ $tls_in_sni
+ $tls_out_bits
+ $tls_out_certificate_verified
+ $tls_out_cipher
+ $tls_out_ocsp
+ $tls_out_ourcert
+ $tls_out_peercert
+ $tls_out_peerdn
+ $tls_out_sni
+ $tod_bsdinbox
+ $tod_epoch
+ $tod_epoch_l
+ $tod_full
+ $tod_log
+ $tod_logfile
+ $tod_zone
+ $tod_zulu
+ $transport_name
+ $value
+ $verify_mode
+ $version_number
+ $warn_message_delay
+ $warn_message_recipients
+
+ }}}
+
+## Liste von Operatoren {{{
+
+ ${address:
+ ${addresses:
+ ${base62:
+ ${base62d:
+ ${domain:
+ ${escape:
+ ${eval:
+ ${expand:
+ ${from_utf8:
+ ${hex2b64:
+ ${hexquote:
+ ${lc:
+ ${listcount:
+ ${listnamed:
+ ${local_part:
+ ${mask:
+ ${md5:
+ ${quote:
+ ${quote_local_part:
+ ${randint:
+ ${reverse_ip:
+ ${rfc2047:
+ ${rfc2047d:
+ ${rxquote:
+ ${sha1:
+ ${sha256:
+ ${stat:
+ ${str2b64:
+ ${strlen:
+ ${time_eval:
+ ${time_interval:
+ ${uc:
+ ${utf8clean:
+
+ }}}
+
+## List of Conditions {{{
+
+ acl
+ and
+ bool
+ bool_lax
+ crypteq
+ eq
+ exists
+ ge
+ gt
+ inlist
+ isip
+ ldapauth
+ le
+ lt
+ match
+ match_address
+ match_domain
+ match_ip
+ match_local_part
+ or
+ pam
+ pwcheck
+ radius
+
+ }}}
+
+## List of Functions {{{
+
+ ${acl
+ ${certextract
+ ${dlfunc
+ ${extract
+ ${extract
+ ${filter
+ ${hash
+ ${hmac
+ ${length
+ ${listextract
+ ${lookup
+ ${map
+ ${nhash
+ ${perl
+ ${prvs
+ ${prvscheck
+ ${readfile
+ ${readsocket
+ ${reduce
+ ${run
+ ${sg
+ ${sort
+ ${substr
+ ${tr
+
+ }}}
+
+## Routing Pre-Conditions {{{
+
+ address_test
+ check_local_user
+ condition
+ domains
+ expn
+ local_part_prefix
+ local_part_suffix
+ local_parts
+ require_files
+ senders
+ verify
+ verify_only
+ verify_recipient
+ verify_sender
+
+ }}}
+
+
+Cheat sheet: http://www.datadisk.co.uk/html_docs/exim/exim_cs.htm
+
+# vim:tw=0:et:ts=4:sw=4:fdm=marker:ft=asciidoc: