Instructions
The following configuration editor will allow you to modify the default configuration of Exim. Configuration changes made within this editor will be conserved across Exim updates and reinstallation. Changes to the default configuration can significantly impact Exim's performance and may prevent it from operating altogether. Use this editor with caution.

To use, add new directives or modify current directives within the provided text boxes. You should only use this feature if you understand how to write a valid Exim configuration file. Information on Exim's configuration syntax can be found in Exim's documentation.

Adding invalid configuration information here will prevent Exim from operating.


Combined Exim Configuration
Section: CONFIG
=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success

This is a Named list definition. Their use is described in section 10.5.

=
success
Exim Default: unset cPanel Default: acl_not_smtp

This option defines the ACL that is run when a non-SMTP message has been read and is on the point of being accepted. See chapter 42 for further details.

=
success
Exim Default: unset cPanel Default: acl_smtp_connect

This option defines the ACL that is run when an SMTP connection is received. See chapter 42 for further details.

=
success
Exim Default: unset cPanel Default: acl_smtp_data

This option defines the ACL that is run after an SMTP DATA command has been processed and the message itself has been received, but before the final acknowledgment is sent. See chapter 42 for further details.

=
success
Exim Default: unset cPanel Default: acl_smtp_helo

This option defines the ACL that is run when an SMTP EHLO or HELO command is received. See chapter 42 for further details.

=
success
Exim Default: unset cPanel Default: acl_smtp_mail

This option defines the ACL that is run when an SMTP MAIL command is received. See chapter 42 for further details.

=
success
cPanel Default: acl_smtp_notquit
=
success
Exim Default: unset cPanel Default: acl_smtp_quit

This option defines the ACL that is run when an SMTP QUIT command is received. See chapter 42 for further details.

=
success
Exim Default: unset cPanel Default: acl_smtp_rcpt

This option defines the ACL that is run when an SMTP RCPT command is received. See chapter 42 for further details.

=
success
Exim Default: empty cPanel Default: PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin

This option allows to set individual environment variables that the currently linked libraries and programs in child processes use. The default list is empty,

=
success
Exim Default: 0s cPanel Default: 7d

If this option is set to a time greater than zero, a queue runner will try a new delivery attempt on any frozen message, other than a bounce message, if this much time has passed since it was frozen. This may result in the message being re-frozen if nothing has changed since the last attempt. It is a way of saying “keep on trying, even though there are big problems”.

Note: This is an old option, which predates timeout_frozen_after and ignore_bounce_errors_after. It is retained for compatibility, but it is not thought to be very useful any more, and its use should probably be avoided.

=
success
Exim Default: 3h cPanel Default: 1h

This option specifies the expiry time for negative callout cache data for a domain. See section 42.43 for details of callout verification, and section 42.45 for details of the caching.

=
success
Exim Default: 2h cPanel Default: 1h

This option specifies the expiry time for negative callout cache data for an address. See section 42.43 for details of callout verification, and section 42.45 for details of the caching.

=
success
Exim Default: true cPanel Default: false

RFC 2047 defines a way of encoding non-ASCII characters in headers using a system of “encoded words”. The RFC specifies a maximum length for an encoded word; strings to be encoded that exceed this length are supposed to use multiple encoded words. By default, Exim does not recognize encoded words that exceed the maximum length. However, it seems that some software, in violation of the RFC, generates overlong encoded words. If check_rfc2047_length is set false, Exim recognizes encoded words of any length.

=
success
cPanel Default: 198.51.100.1
=
success
Exim Default: smtp cPanel Default: 25 : 465 : 587

This option specifies one or more default SMTP ports on which the Exim daemon listens. See chapter 13 for details of how it is used. For backward compatibility, daemon_smtp_port (singular) is a synonym.

=
success
Exim Default: unset cPanel Default: 18

When this option is set, a queue run is abandoned if the system load average becomes greater than the value of the option. The option has no effect on ancient operating systems on which Exim cannot determine the load average. See also queue_only_load and smtp_load_reserve.

=
success
Exim Default: unset cPanel Default: *

Exim checks the syntax of HELO and EHLO commands for incoming SMTP mail, and gives an error response for invalid data. Unfortunately, there are some SMTP clients that send syntactic junk. They can be accommodated by setting this option. Note that this is a syntax check only.

Like helo_try_verify_hosts, this option is obsolete, and retained only for backwards compatibility. For hosts that match this option, Exim checks the host name given in the HELO or EHLO in the same way as for helo_try_verify_hosts. If the check fails, the HELO or EHLO command is rejected with a 550 error, and entries are written to the main and reject logs. If a MAIL command is received before EHLO or HELO, it is rejected with a 503 error.

if you want to do semantic checking. See also helo_allow_chars for a way of extending the permitted character set.

=
success
Exim Default: 10w cPanel Default: 1d

This option affects the processing of bounce messages that cannot be delivered, that is, those that suffer a permanent delivery failure. (Bounce messages that suffer temporary delivery failures are of course retried in the usual way.)

After a permanent delivery failure, bounce messages are frozen, because there is no sender to whom they can be returned. When a frozen bounce message has been on the queue for more than the given time, it is unfrozen at the next queue run, and a further delivery is attempted. If delivery fails again, the bounce message is discarded. This makes it possible to keep failed bounce messages around for a shorter time than the normal maximum retry time for frozen messages. For example,

ignore_bounce_errors_after = 12h
                  

retries failed bounce message deliveries after 12 hours, discarding any further failures. If the value of this option is set to a zero time period, bounce failures are discarded immediately. Setting a very long time (as in the default value) has the effect of disabling this option. For ways of automatically dealing with other kinds of frozen message, see auto_thaw and timeout_frozen_after.

=
success
Exim Default: unset cPanel Default: X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR

This option contains a string list of environment variables to keep. You have to trust these variables or you have to be sure that these variables do not impose any security risk. Keep in mind that during the startup phase Exim is running with an effective UID 0 in most installations. As the default value is an empty list, the default environment for using libraries, running embedded Perl code, or running external binaries is empty, and does not not even contain PATH or HOME.

=
success
Exim Default: true cPanel Default: false

When a message is submitted locally (that is, not over a TCP/IP connection) by an untrusted user, Exim removes any existing Sender: header line, and checks that the From: header line matches the login of the calling user and the domain specified by qualify_domain.

Note: An unqualified address (no domain) in the From: header in a locally submitted message is automatically qualified by Exim, unless the -bnq command line option is used.

You can use local_from_prefix and local_from_suffix to permit affixes on the local part. If the From: header line does not match, Exim adds a Sender: header with an address constructed from the calling user’s login and the default qualify domain.

If local_from_check is set false, the From: header check is disabled, and no Sender: header is ever added. If, in addition, you want to retain Sender: header lines supplied by untrusted users, you must also set local_sender_retain to be true.

These options affect only the header lines in the message. The envelope sender is still forced to be the login id at the qualify domain unless untrusted_set_sender permits the user to supply an envelope sender.

For messages received over TCP/IP, an ACL can specify “submission mode” to request similar header line checking. See section 46.16, which has more details about Sender: processing.

=
success
Exim Default: unset cPanel Default: +incoming_port +smtp_connection +all_parents +retry_defer +subject +arguments +received_recipients

This option can be used to reduce or increase the number of things that Exim writes to its log files. Its argument is made up of names preceded by plus or minus characters. For example:

log_selector = +arguments -retry_defer
                  

A list of possible names and what they control is given in the chapter on logging, in section 51.15.


Note that cPanel will always enable these mandatory options in your configuration.

log_selector = +incoming_port +smtp_connection +all_parents

The following default options will also be enabled except when you specify a negative form.

log_selector = +retry_defer +subject +arguments +received_recipients
=
success
Exim Default: false cPanel Default: true

By default, newlines in the message body are replaced by spaces when setting the $message_body and $message_body_end expansion variables. If this option is set true, this no longer happens.

=
success
Exim Default: 500 cPanel Default: 5000

This option specifies how much of a message’s body is to be included in the $message_body and $message_body_end expansion variables.

=
success
Exim Default: unset cPanel Default: root

This option is expanded just once, at the start of Exim’s processing. Local message deliveries are normally run in processes that are setuid to the recipient, and remote deliveries are normally run under Exim’s own uid and gid. It is usually desirable to prevent any deliveries from running as root, as a safety precaution.

When Exim is built, an option called FIXED_NEVER_USERS can be set to a list of users that must not be used for local deliveries. This list is fixed in the binary and cannot be overridden by the configuration file. By default, it contains just the single user name “root”. The never_users runtime option can be used to add more users to the fixed list.

If a message is to be delivered as one of the users on the fixed list or the never_users list, an error occurs, and delivery is deferred. A common example is

never_users = root:daemon:bin
                  

Including root is redundant if it is also on the fixed list, but it does no harm. This option overrides the pipe_as_creator option of the pipe transport driver.

=
success
Exim Default: +no_sslv2 cPanel Default: +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1

This option allows an administrator to adjust the SSL options applied by OpenSSL to connections. It is given as a space-separated list of items, each one to be +added or -subtracted from the current value.

This option is only available if Exim is built against OpenSSL. The values available for this option vary according to the age of your OpenSSL install. The “all” value controls a subset of flags which are available, typically the bug workaround options. The SSL_CTX_set_options man page will list the values known on your system and Exim should support all the “bug workaround” options and many of the “modifying” options. The Exim names lose the leading “SSL_OP_” and are lower-cased.

Note that adjusting the options can have severe impact upon the security of SSL as used by Exim. It is possible to disable safety checks and shoot yourself in the foot in various unpleasant ways. This option should not be adjusted lightly. An unrecognised item will be detected at startup, by invoking Exim with the -bV flag.

Historical note: prior to release 4.80, Exim defaulted this value to "+dont_insert_empty_fragments", which may still be needed for compatibility with some clients, but which lowers security by increasing exposure to some now infamous attacks.

An example:

# Make both old MS and old Eudora happy:
                  openssl_options = -all +microsoft_big_sslv3_buffer \
                                         +dont_insert_empty_fragments
                  

Possible options may include:

  • all

  • allow_unsafe_legacy_renegotiation

  • cipher_server_preference

  • dont_insert_empty_fragments

  • ephemeral_rsa

  • legacy_server_connect

  • microsoft_big_sslv3_buffer

  • microsoft_sess_id_bug

  • msie_sslv2_rsa_padding

  • netscape_challenge_bug

  • netscape_reuse_cipher_change_bug

  • no_compression

  • no_session_resumption_on_renegotiation

  • no_sslv2

  • no_sslv3

  • no_ticket

  • no_tlsv1

  • no_tlsv1_1

  • no_tlsv1_2

  • single_dh_use

  • single_ecdh_use

  • ssleay_080_client_dh_bug

  • sslref2_reuse_cert_type_bug

  • tls_block_padding_bug

  • tls_d5_bug

  • tls_rollback_bug

=
success
Exim Default: unset cPanel Default: do '/etc/exim.pl'

This option is available only when Exim is built with an embedded Perl interpreter. See chapter 12 for details of its use.

=
success
Exim Default: unset cPanel Default: 36

If the system load average is higher than this value, incoming messages from all sources are queued, and no automatic deliveries are started. If this happens during local or remote SMTP input, all subsequent messages received on the same SMTP connection are queued by default, whatever happens to the load in the meantime, but this can be changed by setting queue_only_load_latch false.

Deliveries will subsequently be performed by queue runner processes. This option has no effect on ancient operating systems on which Exim cannot determine the load average. See also deliver_queue_load_max and smtp_load_reserve.

=
success
Exim Default: 2 cPanel Default: 10

This option controls parallel delivery of one message to a number of remote hosts. If the value is less than 2, parallel delivery is disabled, and Exim does all the remote deliveries for a message one by one. Otherwise, if a single message has to be delivered to more than one remote host, or if several copies have to be sent to the same remote host, up to remote_max_parallel deliveries are done simultaneously. If more than remote_max_parallel deliveries are required, the maximum number of processes are started, and as each one finishes, another is begun. The order of starting processes is the same as if sequential delivery were being done, and can be controlled by the remote_sort_domains option. If parallel delivery takes place while running with debugging turned on, the debugging output from each delivery process is tagged with its process id.

This option controls only the maximum number of parallel deliveries for one message in one Exim delivery process. Because Exim has no central queue manager, there is no way of controlling the total number of simultaneous deliveries if the configuration allows a delivery attempt as soon as a message is received.

If you want to control the total number of deliveries on the system, you need to set the queue_only option. This ensures that all incoming messages are added to the queue without starting a delivery process. Then set up an Exim daemon to start queue runner processes at appropriate intervals (probably fairly often, for example, every minute), and limit the total number of queue runners by setting the queue_run_max parameter. Because each queue runner delivers only one message at a time, the maximum number of deliveries that can then take place at once is queue_run_max multiplied by remote_max_parallel.

If it is purely remote deliveries you want to control, use queue_smtp_domains instead of queue_only. This has the added benefit of doing the SMTP routing before queueing, so that several messages for the same host will eventually get delivered down the same connection.

=
success
Exim Default: 5s cPanel Default: 0s

This sets the timeout on RFC 1413 identification calls. If it is set to zero, no RFC 1413 calls are ever made.

=
success
Exim Default: 20 cPanel Default: 100

This option specifies the maximum number of simultaneous incoming SMTP calls that Exim will accept. It applies only to the listening daemon; there is no control (in Exim) when incoming SMTP is being handled by inetd. If the value is set to zero, no limit is applied. However, it is required to be non-zero if either smtp_accept_max_per_host or smtp_accept_queue is set. See also smtp_accept_reserve and smtp_load_reserve.

A new SMTP connection is immediately rejected if the smtp_accept_max limit has been reached. If not, Exim first checks smtp_accept_max_per_host. If that limit has not been reached for the client host, smtp_accept_reserve and smtp_load_reserve are then checked before accepting the connection.

=
success
Exim Default: 10 cPanel Default: 30

This option limits the number of delivery processes that Exim starts automatically when receiving messages via SMTP, whether via the daemon or by the use of -bs or -bS. If the value of the option is greater than zero, and the number of messages received in a single SMTP session exceeds this number, subsequent messages are placed on the queue, but no delivery processes are started. This helps to limit the number of Exim processes when a server restarts after downtime and there is a lot of mail waiting for it on other systems. On large systems, the default should probably be increased, and on dial-in client systems it should probably be set to zero (that is, disabled).

=
success
cPanel Default: "${primary_hostname} ESMTP Exim ${version_number} \#${compile_number} ${tod_full} \n We do not authorize the use of this system to transport unsolicited, \n and/or bulk e-mail."

This string, which is expanded every time it is used, is output as the initial positive response to an SMTP connection. The default setting is:

smtp_banner = $smtp_active_hostname ESMTP Exim \
                    $version_number $tod_full
                  

Failure to expand the string causes a panic error. If you want to create a multiline response to the initial SMTP connection, use “\n” in the string at appropriate points, but not at the end. Note that the 220 code is not included in this string. Exim adds it automatically (several times in the case of a multiline response).

=
success
Exim Default: 20 cPanel Default: 50

This option specifies a maximum number of waiting SMTP connections. Exim passes this value to the TCP/IP system when it sets up its listener. Once this number of connections are waiting for the daemon’s attention, subsequent connection attempts are refused at the TCP/IP level. At least, that is what the manuals say; in some circumstances such connection attempts have been observed to time out instead. For large systems it is probably a good idea to increase the value (to 50, say). It also gives some protection against denial-of-service attacks by SYN flooding.

=
success
Exim Default: true cPanel Default: false

The SMTP protocol specification requires the client to wait for a response from the server at certain points in the dialogue. Without PIPELINING these synchronization points are after every command; with PIPELINING they are fewer, but they still exist.

Some spamming sites send out a complete set of SMTP commands without waiting for any response. Exim protects against this by rejecting a message if the client has sent further input when it should not have. The error response “554 SMTP synchronization error” is sent, and the connection is dropped. Testing for this error cannot be perfect because of transmission delays (unexpected input may be on its way but not yet received when Exim checks). However, it does detect many instances.

The check can be globally disabled by setting smtp_enforce_sync false. If you want to disable the check selectively (for example, only for certain hosts), you can do so by an appropriate use of a control modifier in an ACL (see section 42.21). See also pipelining_advertise_hosts.

=
success
Exim Default: 5m cPanel Default: 165s

This sets a timeout value for SMTP reception. It applies to all forms of SMTP input, including batch SMTP. If a line of input (either an SMTP command or a data line) is not received within this time, the SMTP connection is dropped and the message is abandoned. A line is written to the log containing one of the following messages:

SMTP command timeout on connection from...
                  SMTP data timeout on connection from...
                  

The former means that Exim was expecting to read an SMTP command; the latter means that it was in the DATA phase, reading the contents of a message.

The value set by this option can be overridden by the -os command-line option. A setting of zero time disables the timeout, but this should never be used for SMTP over TCP/IP. (It can be useful in some cases of local input using -bs or -bS.) For non-SMTP input, the reception timeout is controlled by receive_timeout and -or.

=
success
cPanel Default: :
=
success
cPanel Default: 127.0.0.1 783 retry=30s tmo=3m

This option is available when Exim is compiled with the content-scanning extension. It specifies how Exim connects to SpamAssassin’s spamd daemon. The default value is

127.0.0.1 783
                  

See section 43.2 for more details.

=
success
Exim Default: false cPanel Default: yes

If this option is set, it causes Exim to split its input directory into 62 subdirectories, each with a single alphanumeric character as its name. The sixth character of the message id is used to allocate messages to subdirectories; this is the least significant base-62 digit of the time of arrival of the message.

Splitting up the spool in this way may provide better performance on systems where there are long mail queues, by reducing the number of files in any one directory. The msglog directory is also split up in a similar way to the input directory; however, if preserve_message_logs is set, all old msglog files are still placed in the single directory msglog.OLD.

It is not necessary to take any special action for existing messages when changing split_spool_directory. Exim notices messages that are in the “wrong” place, and continues to process them. If the option is turned off after a period of being on, the subdirectories will eventually empty and be automatically deleted.

When split_spool_directory is set, the behaviour of queue runner processes changes. Instead of creating a list of all messages in the queue, and then trying to deliver each one in turn, it constructs a list of those in one sub-directory and tries to deliver them, before moving on to the next sub-directory. The sub-directories are processed in a random order. This spreads out the scanning of the input directories, and uses less memory. It is particularly beneficial when there are lots of messages on the queue. However, if queue_run_in_order is set, none of this new processing happens. The entire queue has to be scanned and sorted before any deliveries can start.

=
success
Exim Default: unset cPanel Default: /etc/cpanel_exim_system_filter

This option specifies an Exim filter file that is applied to all messages at the start of each delivery attempt, before any routing is done. System filters must be Exim filters; they cannot be Sieve filters. If the system filter generates any deliveries to files or pipes, or any new mail messages, the appropriate system_filter_..._transport option(s) must be set, to define which transports are to be used. Details of this facility are given in chapter 45.

=
success
Exim Default: unset cPanel Default: cpaneleximfilter

This option is used only when system_filter_user is also set. It sets the gid under which the system filter is run, overriding any gid that is associated with the user. The value may be numerical or symbolic.

=
success
Exim Default: unset cPanel Default: cpaneleximfilter

If this option is set to root, the system filter is run in the main Exim delivery process, as root. Otherwise, the system filter runs in a separate process, as the given user, defaulting to the Exim run-time user. Unless the string consists entirely of digits, it is looked up in the password data. Failure to find the named user causes a configuration error. The gid is either taken from the password data, or specified by system_filter_group. When the uid is specified numerically, system_filter_group is required to be set.

If the system filter generates any pipe, file, or reply deliveries, the uid under which the filter is run is used when transporting them, unless a transport option overrides.

=
success
Exim Default: 0s cPanel Default: 5d

If timeout_frozen_after is set to a time greater than zero, a frozen message of any kind that has been on the queue for longer than the given time is automatically cancelled at the next queue run. If the frozen message is a bounce message, it is just discarded; otherwise, a bounce is sent to the sender, in a similar manner to cancellation by the -Mg command line option. If you want to timeout frozen bounce messages earlier than other kinds of frozen message, see ignore_bounce_errors_after.

Note: the default value of zero means no timeouts; with this setting, frozen messages remain on the queue forever (except for any frozen bounce messages that are released by ignore_bounce_errors_after).

=
success
Exim Default: unset cPanel Default: America/Chicago

The value of timezone is used to set the environment variable TZ while running Exim (if it is different on entry). This ensures that all timestamps created by Exim are in the required timezone. If you want all your timestamps to be in UTC (aka GMT) you should set

timezone = UTC
                  

The default value is taken from TIMEZONE_DEFAULT in Local/Makefile, or, if that is not set, from the value of the TZ environment variable when Exim is built. If timezone is set to the empty string, either at build or run time, any existing TZ variable is removed from the environment when Exim runs. This is appropriate behaviour for obtaining wall-clock time on some, but unfortunately not all, operating systems.

=
success
Exim Default: unset cPanel Default: *

When Exim is built with support for TLS encrypted connections, the availability of the STARTTLS command to set up an encrypted session is advertised in response to EHLO only to those client hosts that match this option. See chapter 41 for details of Exim’s support for TLS.

=
success
Exim Default: unset cPanel Default: ${if and { {gt{$tls_in_sni}{}} {!match{$tls_in_sni}{/}} } {${if exists {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} {${if exists {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} {/etc/exim.crt} }} }} {/etc/exim.crt} }

The value of this option is expanded, and must then be the absolute path to a file which contains the server’s certificates. The server’s private key is also assumed to be in this file if tls_privatekey is unset. See chapter 41 for further details.

Note: The certificates defined by this option are used only when Exim is receiving incoming messages as a server. If you want to supply certificates for use when sending messages as a client, you must set the tls_certificate option in the relevant smtp transport.

If the option contains $tls_sni and Exim is built against OpenSSL, then if the OpenSSL build supports TLS extensions and the TLS client sends the Server Name Indication extension, then this option and others documented in 41.10 will be re-expanded.

=
success
Exim Default: unset cPanel Default: 465

This option specifies a list of incoming SSMTP (aka SMTPS) ports that should operate the obsolete SSMTP (SMTPS) protocol, where a TLS session is immediately set up without waiting for the client to issue a STARTTLS command. For further details, see section 13.4.

=
success
Exim Default: unset cPanel Default: ${if and { {gt{$tls_in_sni}{}} {!match{$tls_in_sni}{/}} } {${if exists {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} {${if exists {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} {/etc/exim.key} }} }} {/etc/exim.key} }

The value of this option is expanded, and must then be the absolute path to a file which contains the server’s private key. If this option is unset, or if the expansion is forced to fail, or the result is an empty string, the private key is assumed to be in the same file as the server’s certificates. See chapter 41 for further details.

See 41.10 for discussion of when this option might be re-expanded.

=
success
Exim Default: unset cPanel Default: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

This option controls which ciphers can be used for incoming TLS connections. The smtp transport has an option of the same name for controlling outgoing connections. This option is expanded for each connection, so can be varied for different clients if required. The value of this option must be a list of permitted cipher suites. The OpenSSL and GnuTLS libraries handle cipher control in somewhat different ways. If GnuTLS is being used, the client controls the preference order of the available ciphers. Details are given in sections 41.4 and 41.5.

=
success
Exim Default: unset cPanel Default: *

When an untrusted user submits a message to Exim using the standard input, Exim normally creates an envelope sender address from the user’s login and the default qualification domain. Data from the -f option (for setting envelope senders on non-SMTP messages) or the SMTP MAIL command (if -bs or -bS is used) is ignored.

However, untrusted users are permitted to set an empty envelope sender address, to declare that a message should never generate any bounces. For example:

exim -f '<>' [email protected]
                  

The untrusted_set_sender option allows you to permit untrusted users to set other envelope sender addresses in a controlled way. When it is set, untrusted users are allowed to set envelope sender addresses that match any of the patterns in the list. Like all address lists, the string is expanded. The identity of the user is in $sender_ident, so you can, for example, restrict users to setting senders that start with their login ids followed by a hyphen by a setting like this:

untrusted_set_sender = ^$sender_ident-
                  

If you want to allow untrusted users to set envelope sender addresses without restriction, you can use

untrusted_set_sender = *
                  

The untrusted_set_sender option applies to all forms of local input, but only to the setting of the envelope sender. It does not permit untrusted users to use the other options which trusted user can use to override message parameters. Furthermore, it does not stop Exim from removing an existing Sender: header in the message, or from adding a Sender: header if necessary.

When a message is submitted locally (that is, not over a TCP/IP connection) by an untrusted user, Exim removes any existing Sender: header line. If you do not want this to happen, you must set local_sender_retain, and you must also set local_from_check to be false (Exim will complain if you do not). See also the ACL modifier control = suppress_local_fixups. Section 46.16 has more details about Sender: processing.

and local_from_check for ways of overriding these actions. The handling of the Sender: header is also described in section 46.16.

The log line for a message’s arrival shows the envelope sender following “<=”. For local messages, the user’s login always follows, after “U=”. In -bp displays, and in the Exim monitor, if an untrusted user sets an envelope sender address, the user’s login is shown in parentheses after the sender address.


Add additional configuration setting
                  
Section: BEGINACL

                                        
success
Section: ACLs

acl_not_smtp:
custom_begin_outgoing_notsmtp_checkall
success
outgoing_spam_scan (Scan outgoing messages for spam and reject based on the Apache SpamAssassin™ internal spam_score setting)
outgoing_spam_scan_over_int (Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score)
resolve_vhost_owner
warn condition = ${if eq{$originator_uid}{${perl{user2uid}{nobody}}}{1}{0}} set acl_c_vhost_owner = ${perl{resolve_vhost_owner}}
end_default_outgoing_notsmtp_checkall
accept
custom_end_outgoing_notsmtp_checkall
success
custom_begin_not_smtp
success
custom_end_not_smtp
success

acl_not_smtp_mime:
custom_begin_not_smtp_mime
success
custom_end_not_smtp_mime
success

acl_not_smtp_start:
custom_begin_not_smtp_start
success
custom_end_not_smtp_start
success

acl_smtp_auth:
custom_begin_smtp_auth
success
custom_end_smtp_auth
success

acl_smtp_connect:
custom_begin_connect
success
blockedcountryips
drop message = Your country is not allowed to connect to this server. log_message = Country is banned hosts = +blocked_incoming_email_country_ips
delay_unknown_hosts (Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam.)
warn !hosts = : +loopback : +neighbor_netblocks : +trustedmailhosts : +recent_authed_mail_ips : +back upmx_hosts : +skipsmtpcheck_hosts : +senderverifybypass_hosts : +greylist_trusted_netblocks : +greyl ist_common_mail_providers : +cpanel_mail_netblocks #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} delay = 20s
ratelimit (Ratelimit suspicious SMTP servers)
accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts accept hosts = +trustedmailhosts accept condition = ${if match_ip{$sender_host_address}{net-iplsearch;/etc/trustedmailhosts}{1}{0}} defer #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} message = The server has reached its limit for processing requests from your host. Please t ry again later. log_message = "Host is ratelimited ($sender_rate/$sender_rate_period max:$sender_rate_limit) " ratelimit = 1.2 / 1h / strict / per_conn / noupdate
slow_fail_block (Ratelimit incoming connections with only failed recipients)
warn #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} # host had a success in the last hour ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_accept_$sender_host_address set acl_m4 = 1 defer #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} condition = ${if eq {${acl_m4}}{1}{0}{1}} log_message = "Host is ratelimited due to multiple failure only connections ($sender_rate/$s ender_rate_period max:$sender_rate_limit)" ratelimit = 5 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address
spammerlist
drop message = Your host is not allowed to connect to this server. log_message = Host is banned !hosts = : +skipsmtpcheck_hosts : +trustedmailhosts hosts = +spammeripblocks
custom_end_connect
success
custom_begin_connect_post
success
default_connect_post
# do not change the comment in the line below, it is required for /usr/local/cpanel/bin/check_exim_c onfig #acl_smtp_notquit is required for this to work (exim 4.68) accept
custom_end_connect_post
success

acl_smtp_data:
custom_begin_outgoing_smtp_checkall
success
outgoing_spam_scan (Scan outgoing messages for spam and reject based on the Apache SpamAssassin™ internal spam_score setting)
outgoing_spam_scan_over_int (Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score)
custom_end_outgoing_smtp_checkall
success
custom_begin_check_message_pre
success
default_check_message_pre
# # Enabling this will make the server non-rfc compliant # require verify = header_sender # accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts accept authenticated = * hosts = * accept condition = ${extract{size}{${stat:/etc/trustedmailhosts}}} hosts = +trustedmailhosts accept condition = ${extract{size}{${stat:/etc/trustedmailhosts}}} condition = ${if match_ip{$sender_host_address}{net-iplsearch;/etc/trustedmailhosts}{1}{ 0}}
custom_end_check_message_pre
success
custom_begin_pre_spam_scan
success
mailproviders
# Research in Motion - Blackberry white list accept condition = ${if exists {/etc/mailproviders/rim/ips}{${if match_ip{$sender_host_address}{iplsea rch;/etc/mailproviders/rim/ips}{1}{0}}}{0}}
custom_end_pre_spam_scan
success
custom_begin_spam_scan
success
default_spam_scan
warn # Remove spam headers from outside sources condition = ${perl{spamd_is_available}} !hosts = +skipsmtpcheck_hosts remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x -spam-flag : x-ham-report warn condition = ${perl{spamd_is_available}} condition = ${if eq {${acl_m0}}{1}{1}{0}} spam = ${acl_m1}/defer_ok # Always make sure cPanel support mail can get through !hosts = : +trustedmailhosts : +cpanel_mail_netblocks log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)" add_header = X-Spam-Subject: ***SPAM*** $rh_subject add_header = X-Spam-Status: Yes, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Report: ${sg{$spam_report}{\N\n \n\N}{\n}} add_header = X-Spam-Flag: YES set acl_m2 = 1 warn condition = ${perl{spamd_is_available}} condition = ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_ score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}} warn condition = ${perl{spamd_is_available}} condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}} add_header = X-Spam-Status: No, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Ham-Report: ${sg{$spam_report}{\N\n \n\N}{\n}} add_header = X-Spam-Flag: NO log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)"
custom_end_spam_scan
success
custom_begin_ratelimit_spam
success
ratelimit_spam_score_over_100
ratelimit_spam_score_over_125
ratelimit_spam_score_over_150
ratelimit_spam_score_over_175
ratelimit_spam_score_over_200
ratelimit_spam_score_over_int (Apache SpamAssassin™: ratelimit spam score threshold)
custom_end_ratelimit_spam
success
custom_begin_spam
success
deny_spam_score_over_100
deny_spam_score_over_125
deny_spam_score_over_150
deny_spam_score_over_175
deny_spam_score_over_200
deny_spam_score_over_int (Apache SpamAssassin™ reject spam score threshold)
no_forward_outbound_spam
no_forward_outbound_spam_over_int
custom_end_spam
success
custom_begin_check_message_post
success
default_check_message_post
accept
custom_end_check_message_post
success

acl_smtp_etrn:
custom_begin_smtp_etrn
success
custom_end_smtp_etrn
success

acl_smtp_helo:
custom_begin_smtp_helo
success
custom_end_smtp_helo
success
custom_begin_smtp_helo_post
success
default_smtp_helo
accept
custom_end_smtp_helo_post
success

acl_smtp_mail:
custom_begin_mail_pre
success
default_mail_pre
# ignore authenticated hosts accept authenticated = * warn condition = ${if match_ip{$sender_host_address}{+loopback}{${perl{identify_local_connection} {$sender_host_address}{$sender_host_port}{$received_ip_address}{$received_port}{1}}}{0}} set acl_c_authenticated_local_user = ${perl{get_identified_local_connection_user}} accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts
custom_end_mail_pre
success
custom_begin_mail
success
requirehelo (Require HELO before MAIL)
deny condition = ${if eq{$sender_helo_name}{}} message = HELO required before MAIL
requirehelonoforge (Require remote (hostname/IP address) HELO)
drop # if ($sender_helo_name eq $primary_hostname) { # if (defined $interface_address) { # return is_loopback($interface_address) ? 0 : 1; #ok from localhost # } else { # return 0; #exim -bs # } # } else { # return 0; # } condition = ${if eq{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{${if def:interface_address {${if match_ip{$interface_address}{+loopback}{0}{1}}}{0}}}{0}} message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]" drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} message = "REJECTED - Interface: $interface_address is _my_ address"
requirehelonold (Require remote (domain) HELO)
requirehelosyntax (Require RFC-compliant HELO)
drop condition = ${if isip{$sender_helo_name}} message = Access denied - Invalid HELO name (See RFC2821 4.1.3) drop # Required because "[IPv6:<address>]" will have no .s condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}} message = Access deni