Go to the first, previous, next, last section, table of contents.


9. String expansions

A number of configuration strings are expanded before use. Some of them are expanded every time they are used; others are expanded only once.

Expanded strings are copied verbatim from left to right except when a dollar or backslash character is encountered. A dollar specifies the start of a portion of the string which is interpreted and replaced as described below.

An uninterpreted dollar can be included in the string by putting a backslash in front of it -- if the string appears in quotes in the configuration file, two backslashes are required because the quotes themselves cause interpretation of backslashes when the string is read in. A backslash can be used to prevent any special character being treated specially in an expansion, including itself.

A backslash followed by one of the letters `n', `r', or `t' is recognized as an escape sequence for the character newline, carriage return, or tab, respectively. A backslash followed by up to three octal digits is recognized as an octal encoding for a single character, while a backslash followed by `x' and up to two hexadecimal digits is a hexadecimal encoding. A backslash followed by any other character causes that character to be added to the output string uninterpreted. These escape sequences are also recognized in quoted strings as they are read in; their interpretation in expansions as well is useful for unquoted strings and other cases such as looked-up strings that are then expanded.

9.1 Testing string expansions

Many expansions can be tested by calling Exim with the -be option. This takes the command arguments, or lines from the standard input if there are no arguments, runs them through the string expansion code, and writes the results to the standard output. Variables based on configuration values are set up, but since no message is being processed, variables such as $local_part have no value. Nevertheless the -be option can be useful for checking out file and database lookups, and the use of expansion operators such as substr and hash.

Exim gives up its root privilege when it is called with the -be option, and instead runs under the uid and gid it was called with, to prevent users from using -be for reading files to which they normally do not have access.

9.2 Expansion items

The following items are recognized in expanded strings. White space may be used between sub-items that are keywords or substrings enclosed in braces inside an outer set of braces, to improve readability. Within braces, however, white space is significant.

______________________________________________________________

$<variable name> or ${<variable name>}

Substitute the contents of the named variable, for example

$local_part
${domain}

The second form can be used to separate the name from subsequent alphanumeric characters. This form (using curly brackets) is available only for variables; it does not apply to message headers. The names of the variables are given in section 9.5 below. If the name of a non-existent variable is given, the expansion fails.

______________________________________________________________

$header_<header name>: or $h_<header name>:

Substitute the contents of the named message header line, for example

$header_reply-to:

The header names follow the syntax of RFC 822, which states that they may contain any printing characters except space and colon. Consequently, curly brackets do not terminate header names, and should not be used to enclose them as if they were variables. Attempting to do so causes a syntax error.

Upper-case and lower-case letters are synonymous in header names. If the following character is white space, the terminating colon may be omitted, but this is not recommended, because you may then forget it when it is needed. When white space terminates the header name, it is included in the expanded string. If the message does not contain the given header, the expansion item is replaced by an empty string. (See the def condition in section 9.4 for a means of testing for the existence of a header.) If there is more than one header with the same name, they are all concatenated to form the substitution string, with a newline character between each of them. However, if the length of this string exceeds 64K, any further headers of the same name are ignored.

______________________________________________________________

${<op>:<string>}

The string is first itself expanded, and then the operation specified by <op> is applied to it. For example,

${lc:$local_part}

A list of operators is given in section 9.3 below. The string starts with the first character after the colon, which may be leading white space.

______________________________________________________________

${extract{<key>}{<string1>}{<string2>}{<string3>}}

The key and <string1> are first expanded separately. The key must not consist entirely of digits. For the string, the result must be of the form:

<key1> = <value1>  <key2> = <value2> ...

where the equals signs and spaces are optional. If any of the values contain white space, they must be enclosed in double quotes, and any values that are enclosed in double quotes are subject to escape processing as described in section 7.8. The expanded <string1> is searched for the value that corresponds to the key. If it is found, <string2> is expanded, and replaces the whole item; otherwise <string3> is used. During the expansion of <string2> the variable $value contains the value that has been extracted. Afterwards, it is restored to any previous value it might have had.

If {<string3>} is omitted, the item is replaced by an empty string if the key is not found. If {<string2>} is also omitted, the value that was looked up is used. Thus, for example, these two expansions are identical, and yield `2001':

${extract{gid}{uid=1984 gid=2001}}
${extract{gid}{uid=1984 gid=2001}{$value}}

Instead of {<string3>} the word `fail' (not in curly brackets) can appear, for example:

${extract{Z}{A=... B=...}{$value} fail }

{<string2>} must be present for `fail' to be recognized. When this syntax is used, if the extraction fails, the entire string expansion fails in a way that can be detected by the code in Exim which requested the expansion. This is called `forced expansion failure', and its consequences depend on the circumstances. In some cases it is no different from any other expansion failure, but in others a different action may be taken. See for example the new_address option of the smartuser director.

______________________________________________________________

${extract{<number>}{<separators>}{<string1>}{<string2>}{<string3>}}

The <number> argument must consist entirely of decimal digits. This is what distinguishes this form of extract from the previous kind. It behaves in the same way, except that, instead of extracting a named field, it extracts from <string1> the field whose number is given as the first argument. The first field is numbered one. If the number is greater than the number of fields in the string, the result is the expansion of <string3>, or the empty string if <string3> is not provided. If the number is zero, the entire string is returned. The fields in the string are separated by any one of the characters in the separator string. For example:

${extract{2}{:}{x:42:99:& Mailer::/bin/bash}}

yields `42'. Two successive separators mean that the field between them is empty (for example, the fifth field above).

______________________________________________________________

${if <condition> {<string1>}{<string2>}}

If <condition> is true, <string1> is expanded and replaces the whole item; otherwise <string2> is used. For example,

${if eq {$local_part}{postmaster} {yes}{no} }

The second string need not be present; if it is not and the condition is not true, the item is replaced with nothing. Alternatively, the word `fail' may be present instead of the second string (without any curly brackets). In this case, the expansion is forced to fail if the condition is not true. The available conditions are described in section 9.4 below.

______________________________________________________________

${lookup{<key>} <search type> {<file>} {<string1>} {<string2>}}
${lookup <search type> {<query>} {<string1>} {<string2>}}

These items specify data lookups in files and databases, as discussed in chapter 6. The first form is used for single-key lookups, and the second is used for query-style lookups. The <key>, <file>, and <query> strings are expanded before use.

If there is any white space in a lookup item which is part of a filter command, a rewrite rule, a routing rule for the domainlist router, or any other place where white space is significant, the lookup item must be enclosed in double quotes. The use of data lookups in users' filter files may be locked out by the system administrator.

If the lookup succeeds, <string1> is expanded and replaces the entire item. During its expansion, the variable $value contains the data returned by the lookup. Afterwards it reverts to the value it had previously (at the outer level it is empty). If the lookup fails, <string2> is expanded and replaces the entire item. If {<string2>} is omitted, the replacement is null on failure. Alternatively, <string2> can itself be a nested lookup, thus providing a mechanism for looking up a default value when the original lookup fails.

If a nested lookup is used as part of <string1>, $value contains the data for the outer lookup while the parameters of the second lookup are expanded, and also while <string2> of the second lookup is expanded, should the second lookup fail.

Instead of {<string2>} the word `fail' can appear, and in this case, if the lookup fails, the entire expansion is forced to fail. If both {<string1>} and {<string2>} are omitted, the result is the looked up value in the case of a successful lookup, and nothing in the case of failure.

For single-key lookups, the string `partial-' is permitted to precede the search type in order to do partial matching, and * or *@ may follow a search type to request default lookups if the key does not match (see sections 6.6 and 6.7).

If a partial search is used, the variables $1 and $2 contain the wild and non-wild parts of the key during the expansion of the replacement text. They return to their previous values at the end of the lookup item.

This example looks up the postmaster alias in the conventional alias file.

${lookup {postmaster} lsearch {/etc/aliases} {$value}}

This example uses NIS+ to look up the full name of the user corresponding to the local part of an address, forcing the expansion to fail if it is not found.

"${lookup nisplus {[name=$local_part],passwd.org_dir:gcos} \
  {$value}fail}"
______________________________________________________________

${lookup{<key:subkey>} <search type> {<file>} {<string1>} {<string2>}}

This is just a syntactic variation for a single-key lookup, surrounded by an extract item. It searches for <key> in the file as described above for single-key lookups; if it succeeds, it extracts from the data a subfield which is identified by the <subkey>. For example, if a line in a linearly searched file contains

alice: uid=1984 gid=2001

then expanding the string

${lookup{alice:uid}lsearch{<file name>}{$value}}

yields the string `1984'. If the subkey is not found in the looked up data, then <string2>, if present, is expanded and replaces the entire item. Otherwise the replacement is null. The example above could equally well be written like this:

${extract{uid}{${lookup{alice}lsearch{<file name>}}}}

and this is recommended, because this approach can also be used with query-style lookups.

______________________________________________________________

${perl{<subroutine>}{<arg>}{<arg>}...}

This item is available only if Exim has been built to include an embedded Perl interpreter. The subroutine name and the arguments are first separately expanded, and then the Perl subroutine is called with those arguments. No arguments need be given; the maximum number permitted is eight.

The return value of the subroutine is inserted into the expanded string, unless the return value is undef. In that case, the expansion fails in the same way as an explicit `fail' on a lookup item. If the subroutine exits by calling Perl's die function, the expansion fails with the error message that was passed to die.

More details of the embedded Perl facility are given in chapter 10.

______________________________________________________________

${sg{<subject>}{<regex>}{<replacement>}}

This item works like Perl's substitution operator (s) with the global (/g) option; hence its name. It takes three arguments: the subject string, a regular expression, and a substitution string. For example

${sg{abcdefabcdef}{abc}{xyz}}

yields `xyzdefxyzdef'. Because all three arguments are expanded before use, if any $ or \ characters are required in the regular expression or in the substitution string, they have to be escaped. For example

${sg{abcdef}{^(...)(...)\$}{\$2\$1}}

yields `defabc', and

${sg{1=A 4=D 3=C}{(\\d+)=}{K\$1=}}

yields `K1=A K4=D K3=C'.

______________________________________________________________

${tr{<subject>}{<characters>}{<replacements>}}

This item does single-character translation on its subject string. The second argument is a list of characters to be translated in the subject string. Each matching character is replaced by the corresponding character from the replacement list. For example

${tr{abcdea}{ac}{13}}

yields `1b3de1'. If there are duplicates in the second character string, the last occurrence is used. If the third string is shorter than the second, its last character is replicated. However, if it is empty, no translation takes place.

9.3 Expansion operators

The following operations can be performed on portions of an expanded string. The substring is first expanded before the operation is applied to it.

______________________________________________________________

${domain:<string>}

The string is interpreted as an RFC 822 address and the domain is extracted from it. If the string does not parse successfully, the result is empty.

______________________________________________________________

${escape:<string>}

If the string contains any non-printing characters, they are converted to escape sequences starting with a backslash. Whether characters with the most significant bit set (so-called `8-bit characters') count as printing or not is controlled by the print_topbitchars option.

______________________________________________________________

${expand:<string>}

The expand operator causes a string to be expanded for a second time. For example,

${expand:${lookup{$domain}dbm{/some/file}{$value}}}

first looks up a string in a file while expanding the operand for expand, and then re-expands what it has found.

______________________________________________________________

${hash_<n>_<m>:<string>}

The two items <n> and <m> are numbers. If <n> is greater than or equal to the length of the string, the operator returns the string. Otherwise it computes a new string of length <n> by applying a hashing function to the string. The new string consists of characters taken from the first <m> characters of the string

abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQWRSTUVWXYZ0123456789

and if <m> is not present the value 26 is used, so that only lower case letters appear. These examples:

${hash_3:monty}
${hash_5:monty}
${hash_4_62:monty python}

yield

jmg
monty
fbWx

respectively. The abbreviation h can be used instead of hash.

______________________________________________________________

${nhash_<n>:<string>}

The string is processed by a hash function which returns a numeric value in the range 0--<n>-1.

______________________________________________________________

${nhash_<n>_<m>:<string>}

The string is processed by a div/mod hash function which returns two numbers, separated by a slash, in the ranges 0--<n>-1 and 0--<m>-1, respectively. For example,

${nhash_8_64:supercalifragilisticexpialidocious}

returns the string `6/33'.

______________________________________________________________

${md5:<string>}

The md5 operator computes the MD5 hash value of the string, and returns it as a 32-digit hexadecimal number.

______________________________________________________________

${lc:<string>}

This forces the letters in the string into lower-case, for example:

${lc:$local_part}

______________________________________________________________

${uc:<string>}

This forces the letters in the string into upper-case.

${length_<number>:<string>}

The length operator can be used to extract the initial portion of a string. It is followed by an underscore and the number of characters required. For example

${length_50:$message_body}

The result of this operator is either the first <number> characters or the whole string, whichever is the shorter. The abbreviation l can be used instead of length.

______________________________________________________________

${local_part:<string>}

The string is interpreted as an RFC 822 address and the local part is extracted from it. If the string does not parse successfully, the result is empty.

${mask:<IP address>/<bit count>}

If the form of the string to be operated on is not an IP address followed by a slash and an integer, the expansion fails. Otherwise, this operator converts the IP address to binary, masks off the least significant bits according to the bit count, and converts the result back to text, with mask appended. For example,

${mask:10.111.131.206/28}

returns the string `10.111.131.192/28'. Since this operation is expected to be mostly used for looking up masked addresses in files, the result for an IPv6 address uses fullstops (periods) to separate components instead of colons, because colon terminates a key string in lsearch files. So, for example,

${mask:5f03:1200:836f:0a00:000a:0800:200a:c031/99}

returns the string

5f03.1200.836f.0a00.000a.0800.2000.0000/99

Letters in IPv6 addresses are always output in lower case.

______________________________________________________________

${quote:<string>}

The quote operator puts its argument into double quotes if it contains anything other than letters, digits, underscores, full stops (periods), and hyphens. Any occurrences of double quotes and backslashes are escaped with a backslash. For example,

${quote:ab"*"cd}

becomes

"ab\"*\"cd"

The place where this is useful is when the argument is a substitution from a variable or a message header.

______________________________________________________________

${quote_<lookup-type>:<string>}

This operator applies lookup-specific quoting rules to the string. Each query-style lookup type has its own quoting rules which are described with the lookups in chapter 6. For example,

${quote_ldap:two + two}

returns `two%20%5C+%20two'. For single-key lookup types, no quoting is necessary and this operator yields an unchanged string.

______________________________________________________________

${rxquote:<string>}

The rxquote operator inserts a backslash before any non-alphanumeric characters in its argument. This is useful when substituting the values of variables or headers inside regular expressions.

______________________________________________________________

${substr_<start>_<length>:<string>}

The substr operator can be used to extract more general substrings than length. It is followed by an underscore and the starting offset, then a second underscore and the length required. For example

${substr_3_2:$local_part}

If the starting offset is greater than the string length the result is the null string; if the length plus starting offset is greater than the string length, the result is the right-hand part of the string, starting from the given offset. The first character in the string has offset zero. The abbreviation s can be used instead of substr.

The substr expansion operator can take negative offset values to count from the righthand end of its operand. The last character is offset -1, the second-last is offset -2, and so on. Thus, for example,

${substr_-5_2:1234567}

yields `34'. If the absolute value of a negative offset is greater than the length of the string, the substring starts at the beginning of the string, and the length is reduced by the amount of overshoot. Thus, for example,

${substr_-5_2:12}

yields an empty string, but

${substr_-3_2:12}

yields `1'.

If the second number is omitted from substr, the remainder of the string is taken if the offset was positive. If it was negative, all characters in the string preceding the offset point are taken. For example, an offset of -1 and no length yields all but the last character of the string.

9.4 Expansion conditions

The following conditions are available for testing by the ${if construct while expanding strings:

______________________________________________________________

!<condition>

Preceding any condition with an exclamation mark negates the result of the condition.

<symbolic operator> {<string1>}{<string2>}

There are a number of symbolic operators for doing numeric comparisons. They are:

=        equal
==       equal
>        greater
>=       greater or equal
<        less
<=       less or equal

For example,

${if >{$message_size}{10M} ...

Note that the general negation operator provides for inequality testing. The two strings must take the form of optionally signed decimal integers, optionally followed by one of the letters `K' or `M' (in either upper or lower case), signifying multiplication by 1024 or 1024*1024, respectively.

______________________________________________________________

def:<variable name>

The def condition must be followed by the name of one of the expansion variables defined in section 5. The condition is true if the named expansion variable does not contain the empty string, for example

${if def:sender_ident {from $sender_ident}}

Note that the variable name is given without a leading $ character. If the variable does not exist, the expansion fails.

______________________________________________________________

def:header_<header name>:  or  def:h_<header name>:

This condition is true if a message is being processed and the named header exists in the message. For example,

${if def:header_reply-to:{$h_reply-to:}{$h_from:}}

Note that no $ appears before header_ or h_ in the condition, and that header names must be terminated by colons if white space does not follow.

______________________________________________________________

exists {<file name>}

The substring is first expanded and then interpreted as an absolute path. The condition is true if the named file (or directory) exists. The existence test is done by calling the stat() function. The use of the exists test in users' filter files may be locked out by the system administrator.

eq {<string1>}{<string2>}

The two substrings are first expanded. The condition is true if the two resulting strings are identical, including the case of letters.

______________________________________________________________

crytpeq {<string1>}{<string2>}

This condition is included in the Exim binary if it is built to support any authentication mechanisms (see chapter 35). Otherwise, it is necessary to define SUPPORT_CRYPTEQ in `Local/Makefile' to get crypteq included in the binary.

The crypteq condition has two arguments. The first is encrypted and compared against the second, which is already encrypted. The second string may be in the LDAP form for storing encrypted strings, which starts with the encryption type in curly brackets, followed by the data. For example:

{md5}CY9rzUYh03PK3k6DJie09g==

If such a string appears directly in an expansion, the curly brackets have to be quoted, because they are part of the expansion syntax. For example:

${if crypteq {test}{\{md5\}CY9rzUYh03PK3k6DJie09g==}{yes}{no}}

Two encryption types are currently supported:

If the second string does not begin with `{' it is assumed to be encrypted with crypt(), since such strings cannot begin with `{'. Typically this will be a field from a password file.

______________________________________________________________

match {<string1>}{<string2>}

The two substrings are first expanded. The second is then treated as a regular expression and applied to the first. Because of the pre-expansion, if the regular expression contains dollar, or backslash characters, they must be escaped with backslashes. Care must also be taken if the regular expression contains braces (curly brackets). A closing brace must be escaped so that it is not taken as a premature termination of <string2>. It does no harm to escape opening braces, but this is not strictly necessary. For example,

${if match {$local_part}{^\\d\{3\}} ...

If the whole expansion string is in double quotes, further escaping of backslashes is also required.

The condition is true if the regular expression match succeeds. At the start of an if expansion the values of the numeric variable substitutions $1 etc. are remembered. Obeying a match condition that succeeds causes them to be reset to the substrings of that condition and they will have these values during the expansion of the success string. At the end of the if expansion, the previous values are restored. After testing a combination of conditions using or, the subsequent values of the numeric variables are those of the condition that succeeded.

______________________________________________________________

pam {<string1>:<string2>:...}

Pluggable Authentication Modules (http://www.kernel.org/pub/linux/libs/pam/) are a facility which is available in the latest releases of Solaris and in some GNU/Linux distributions. The Exim support, which is intended for use in conjunction with the SMTP AUTH command, is available only if Exim is compiled with

SUPPORT_PAM=yes

in `Local/Makefile'. You probably need to add -lpam to EXTRALIBS, and in some releases of GNU/Linux -ldl is also needed.

The argument string is first expanded, and the result must be a colon-separated list of strings. The PAM module is initialized with the service name `exim' and the user name taken from the first item in the colon-separated data string (i.e. <string1>). The remaining items in the data string are passed over in response to requests from the authentication function. In the simple case there will only be one request, for a password, so the data will consist of just two strings.

There can be problems if any of the strings are permitted to contain colon characters. In the usual way, these have to be doubled to avoid being taken as separators. If the data is being inserted from a variable, the sg expansion item can be used to double any existing colons. For example, the configuration of a LOGIN authenticator might contain this setting:

server_condition = ${if pam{$1:${sg{$2}{:}{::}}}{yes}{no}}
______________________________________________________________

first_delivery

This condition, which has no data, is true during a message's first delivery attempt. It is false during any subsequent delivery attempts.

______________________________________________________________

queue_running

This condition, which has no data, is true during delivery attempts that are initiated by queue-runner processes, and false otherwise.

______________________________________________________________

or {{<cond1>}{<cond2>}...}

The sub-conditions are evaluated from left to right. The condition is true if any one of the sub-conditions is true. For example,

${if or {{eq{$local_part}{spqr}}{eq{$domain}{testing.com}}}...

When a true sub-condition is found, the following ones are parsed but not evaluated. If there are several `match' sub-conditions the values of the numeric variables afterwards are taken from the first one that succeeds.

______________________________________________________________

and {{<cond1>}{<cond2>}...}

The sub-conditions are evaluated from left to right. The condition is true if all of the sub-conditions are true. If there are several `match' sub-conditions, the values of the numeric variables afterwards are taken from the last one. When a false sub-condition is found, the following ones are parsed but not evaluated.

Note that and and or are complete conditions on their own, and precede their lists of sub-conditions. Each sub-condition must be enclosed in braces within the overall braces that contain the list. No repetition of if is used.

9.5 Expansion variables

The variable substitutions that are available for use in expansion strings are:

$0, $1, etc: When a matches expansion condition succeeds, these variables contain the captured substrings identified by the regular expression during subsequent processing of the success string of the containing if expansion item. They may also be set externally by some other matching process which precedes the expansion of the string. For example, the commands available in Exim filter files include an if command with its own regular expression matching condition.

$address_file: When, as a result of aliasing or forwarding, a message is directed to a specific file, this variable holds the name of the file when the transport is running. For example, using the default configuration, if user r2d2 has a `.forward' file containing

/home/r2d2/savemail

then when the address_file transport is running, $address_file contains `/home/r2d2/savemail'. At other times, the variable is empty.

$address_pipe: When, as a result of aliasing or forwarding, a message is directed to a pipe, this variable holds the pipe command when the transport is running.

$authenticated_id: When a server successfully authenticates a client it may be configured to preserve some of the authentication information in the variable $authenticated_id (see chapter 35). For example, a user/password authenticator configuration might preserve the user name for use in the directors or routers.

$authenticated_sender: When a client host has authenticated itself, Exim pays attention to the AUTH= parameter on the SMTP MAIL command, provided the setting of server_mail_auth_condition (see chapter 35) permits it. Otherwise, it accepts the syntax, but ignores the data. Unless the data is the string `<>', it is set as the authenticated sender of the message, and the value is available during delivery in the $authenticated_sender variable.

$body_linecount: When a message is being received or delivered, this variable contains the number of lines in the message's body.

$caller_gid: The group id under which the process that called Exim was running. This is not the same as the group id of the originator of a message (see $originator_gid). If Exim re-execs itself, this variable in the new incarnation normally contains the Exim gid.

$caller_uid: The user id under which the process that called Exim was running. This is not the same as the user id of the originator of a message (see $originator_uid). If Exim re-execs itself, this variable in the new incarnation normally contains the Exim uid.

$compile_date: The date on which the Exim binary was compiled.

$compile_number: The building process for Exim keeps a count of the number of times it has been compiled. This serves to distinguish different compilations of the same version of the program.

$domain: When an address is being directed, routed, or delivered on its own, this variable contains the domain. In particular, it is set during user filtering, but not during system filtering, since a message may have many recipients and the system filter is called just once.

For remote addresses, the domain that is being routed can change as routing proceeds, as a result of router actions (see, for example, the domainlist router). However, the value of $domain remains as the original domain. The current routing domain can often be accessed by other means.

When a remote or local delivery is taking place, if all the addresses that are being handled simultaneously contain the same domain, it is placed in $domain. Otherwise this variable is empty. Transports should be restricted to handling only one domain at once if its value is required at transport time -- this is the default for local transports. For further details of the environment in which local transports are run, see chapter 13.

At the end of a delivery, if all deferred addresses have the same domain, it is set in $domain during the expansion of delay_warning_condition.

Because configured address rewriting happens at the time a message is received, $domain normally contains the value after rewriting. However, when a rewrite item is actually being processed (see chapter 34) $domain contains the domain portion of the address that is being rewritten; it can be used in the expansion of the replacement address, for example, to rewrite domains by file lookup.

When the smtp_etrn_command option is being expanded, $domain contains the complete argument of the ETRN command (see section 48.6).

$domain_data: When a director or a router has a setting of the domains generic option, and that involves a lookup which succeeds, the data read by the lookup is available during the running of the director or router as $domain_data. In addition, if the driver directs or routes the address to a transport, the value is available in that transport. In all other situations, this variable expands to nothing.

$errmsg_recipient: This is set to the recipient address of an error message while Exim is creating it. It is useful if a customized error message text file is in use (see chapter 39).

$home: A home directory may be set during a local delivery, either by the transport or by the director that handled the address. When this is the case, $home contains its value and may be used in any expanded options for the transport. The forwardfile director also makes use of $home. Full details are given in chapter 24. When interpreting a user's filter file, Exim is normally configured so that $home contains the user's home directory. When running a filter test via the -bf option, $home is set to the value of the environment variable HOME.

$host: When the smtp transport is expanding its options for encryption using TLS, $host contains the name of the host to which it is connected. Likewise, when used in the client part of an authenticator configuration (see chapter 35), $host contains the name of the server to which the client is connected.

When used in a transport filter (see chapter 14) $host refers to the host involved in the current connection.

When a local transport is run as a result of routing a remote address, this variable is available to access the host name that the router defined. A router may set up many hosts; in this case $host refers to the first one. It is expected that this usage will be mainly via the domainlist router, setting up a single host for batched SMTP output, for example.

$host_address: This variable is set to the remote host's IP address whenever $host is set for a remote connection.

$host_lookup_failed: This variable contains `1' if the message came from a remote host and there was an attempt to look up the host's name from its IP address, but the attempt failed. Otherwise the value of the variable is `0'.

$interface_address: For a message received over a TCP/IP connection, this variable contains the address of the IP interface that was used. See also the -oMi command line option.

$key: When a domain, host, or address list is being searched, this variable contains the value of the key, so that it can be inserted into strings for query-style lookups. See section 6.4 for further details and an example. In other circumstances this variable is empty.

$local_part: When an address is being directed, routed, or delivered on its own, this variable contains the local part. If a local part prefix or suffix has been recognized, it is not included in the value. When a number of addresses are being delivered in a batch by a local or remote transport, $local_part is not set.

When a message is being delivered to a pipe, file, or autoreply transport as a result of aliasing or forwarding, $local_part is set to the local part of the parent address.

In all cases, all quoting is removed from the local part. For example, for both the addresses

"abc:xyz"@test.example
abc\:xyz@test.example

the value of $local_part is

abc:xyz

If you use this variable to create another address, for example, in the new_address option of a smartuser director, you should always wrap it inside a quoting operator:

new_address = ${quote:$local_part}@new.domain

Because global address rewriting happens at the time a message is received, $local_part normally contains the value after rewriting. However, when a rewrite item is actually being processed (see chapter 34) $local_part contains the local part of the address that is being rewritten; it can be used in the expansion of the replacement address, for example, to rewrite local parts by file lookup.

$local_part_data: When a director or a router has a setting of the local_parts generic option, and that involves a lookup which succeeds, the data read by the lookup is available during the running of the director or router as $local_part_data. In addition, if the driver directs or routes the address to a transport, the value is available in that transport. In all other situations, this variable expands to nothing.

$local_part_prefix: When an address is being directed or delivered locally, and a specific prefix for the local part was recognized, it is available in this variable. Otherwise it is empty.

$local_part_suffix: When an address is being directed or delivered locally, and a specific suffix for the local part was recognized, it is available in this variable. Otherwise it is empty.

$localhost_number: This contains the expanded value of the localhost_number option. The expansion happens after the main options have been read.

$message_age: This variable is set at the start of a delivery attempt to contain the number of seconds since the message was received. It does not change during a single delivery attempt.

$message_body: This variable contains the initial portion of a message's body while it is being delivered, and is intended mainly for use in filter files. The maximum number of characters of the body that are used is set by the message_body_visible configuration option; the default is 500. Newlines are converted into spaces to make it easier to search for phrases that might be split over a line break.

$message_body_end: This variable contains the final portion of a message's body while it is being delivered. The format and maximum size are as for $message_body.

$message_body_size: When a message is being received or delivered, this variable contains the size of the body in bytes. The count starts from the character after the blank line that separates the body from the header. Newlines are included in the count. See also $message_size and $body_linecount.

$message_headers: This variable contains a concatenation of all the header lines when a message is being processed. They are separated by newline characters.

$message_id: When a message is being received or delivered, this variable contains the unique message id which is used by Exim to identify the message.

$message_precedence: When a message is being delivered, the value of any Precedence: header is made available in this variable. If there is no such header, the value is the null string.

$message_size: When a message is being received or delivered, this variable contains its size in bytes. In most cases, the size includes those headers that were received with the message, but not those (such as Envelope-to:) that are added to individual deliveries as they are written. However, there is one special case: during the expansion of the maildir_tag option in the appendfile transport while doing a delivery in maildir format, the value of $message_size is the precise size of the file that has been written. See also $message_body_size and $body_linecount.

$n0 -- $n9: These variables are counters that can be incremented by means of the add command in filter files.

$original_domain: When a top-level address is being processed for delivery, this contains the same value as $domain. However, if a `child' address (for example, generated by an alias, forward, or filter file) is being processed, this variable contains the domain of the original address. This differs from $parent_domain when there is more than one level of aliasing or forwarding. When more than one address is being delivered in a batch by a local or remote transport, $original_domain is not set.

Address rewriting happens as a message is received. Once it has happened, the previous form of the address is no longer accessible. It is the rewritten top-level address whose domain appears in this variable.

$original_local_part: When a top-level address is being processed for delivery, this contains the same value as $local_part. However, if a `child' address (for example, generated by an alias, forward, or filter file) is being processed, this variable contains the local part of the original address. This differs from $parent_local_part when there is more than one level of aliasing or forwarding. When more than one address is being delivered in a batch by a local or remote transport, $original_local_part is not set.

Address rewriting happens as a message is received. Once it has happened, the previous form of the address is no longer accessible. It is the rewritten top-level address whose local part appears in this variable.

$originator_gid: The value of $caller_gid that was set when the message was received. For messages received via the command line, this is the gid of the sending user. For messages received by SMTP over TCP/IP, this is normally the gid of the Exim user.

$originator_uid: The value of $caller_uid that was set when the message was received. For messages received via the command line, this is the uid of the sending user. For messages received by SMTP over TCP/IP, this is normally the uid of the Exim user.

$parent_domain: This variable is empty, except when a `child' address (generated by aliasing or forwarding, for example) is being processed, in which case it contains the domain of the immediately preceding parent address.

$parent_local_part: This variable is empty, except when a `child' address (generated by aliasing or forwarding, for example) is being processed, in which case it contains the local part of the immediately preceding parent address.

$pipe_addresses: This is not an expansion variable, but is mentioned here because the string `$pipe_addresses' is handled specially in the command specification for the pipe transport and in transport filters. It cannot be used in general expansion strings, and provokes an `unknown variable' error if encountered.

$primary_hostname: The value set in the configuration file, or read by the uname() function.

$prohibition_reason: This variable is set only during the expansion of prohibition messages. See section 46.5 for details.

$qualify_domain: The value set for this option in the configuration file.

$qualify_recipient: The value set for this option in the configuration file, or if not set, the value of $qualify_domain.

$rbl_domain: While expanding prohibition_message when rejecting a recipient because of an RBL failure (see section 46.5), $rbl_domain contains the name of the RBL domain that caused the rejection.

$rbl_text: While expanding prohibition_message when rejecting a recipient because of an RBL failure (see section 46.5), $rbl_text contains the text of a DNS TXT record that is associated with the block, if one exists.

$received_for: If there is only a single recipient address in an incoming message, then when the Received: header line is being built, this variable contains that address. Otherwise it is empty.

$received_protocol: When a message is being processed, this variable contains the name of the protocol by which it was received.

$recipients: This variable contains a list of envelope recipients for a message, but is recognized only in the system filter file, to prevent exposure of Bcc recipients to ordinary users. A comma and a space separate the addresses in the replacement text.

$recipients_count: When a message is being processed, this variable contains the number of envelope recipients that came with the message. Duplicates are not excluded from the count.

$reply_address: When a message is being processed, this variable contains the contents of the Reply-To: header line if one exists, or otherwise the contents of the From: header line. However, if the message contains a set of `Resent-' header lines, their contents are used in preference.

$return_path: When a message is being delivered, this variable contains the return path -- the sender field that will be sent as part of the envelope. It is not enclosed in <> characters. In many cases, $return_path has the same value as $sender_address, but if, for example, an incoming message to a mailing list has been expanded by a director which specifies a specific address for delivery error messages, $return_path contains the new error address, while $sender_address contains the original sender address that was received with the message.

$return_size_limit: This contains the value set in the return_size_limit option, rounded up to a multiple of 1000. It is useful when a customized error message text file is in use (see chapter 39).

$route_option: A router may set up an arbitrary string to be passed to a transport via this variable. Currently, only the queryprogram router has the ability to do so.

$self_hostname: The generic router option self can be set to the values `local' or `pass' (amongst others). These cause the address to be passed over to the directors, as if its domain were a local domain, or to be passed on to the next router, respectively. While subsequently directing or routing (and doing any deliveries) $self_hostname is set to the name of the local host that the router encountered. In other circumstances its contents are null.

$sender_address: When a message is being processed, this variable contains the sender's address that was received in the message's envelope. For delivery failure reports, the value of this variable is the empty string.

$sender_address_domain: The domain portion of $sender_address.

$sender_address_local_part: The local part portion of $sender_address.

$sender_fullhost: When a message is received from a remote host, this variable contains the host name and IP address in a single string, which always ends with the IP address in square brackets. If log_incoming_port is set, the port number on the remote host is added to the IP address, separated by a full stop. The format of the rest of the string depends on whether the host issued a HELO or EHLO SMTP command, and whether the host name was verified by looking up its IP address. (Looking up the IP address can be forced by the host_lookup option, independent of verification.) A plain host name at the start of the string is a verified host name; if this is not present, verification either failed or was not requested. A host name in parentheses is the argument of a HELO or EHLO command. This is omitted if it is identical to the verified host name or to the host's IP address in square brackets.

$sender_helo_name: When a message is received from a remote host that has issued a HELO or EHLO command, the first item in the argument of that command is placed in this variable. It is also set if HELO or EHLO is used when a message is received using SMTP locally via the -bs or -bS options.

$sender_host_address: When a message is received from a remote host, this variable contains that host's IP address. The value is set as soon as the connection is established, so it is available, for example, during the expansion of prohibition_message.

$sender_host_authenticated: During message delivery, this variable contains the name (not the public name) of the authenticator driver which successfully authenticated the client from which the message was received. It is empty if there was no successful authentication.

$sender_host_name: When a message is received from a remote host, this variable contains the host's name as verified by looking up its IP address. If verification failed, or was not requested, this variable contains the empty string.

$sender_host_port: When a message is received from a remote host, this variable contains the port number that was used on the remote host.

$sender_ident: When a message is received from a remote host, this variable contains the identification received in response to an RFC 1413 request. When a message has been received locally, this variable contains the login name of the user that called Exim.

$sender_rcvhost: This is provided specifically for use in Received: headers. It starts with either the verified host name (as obtained from a reverse DNS lookup) or, if there is no verified host name, the IP address in square brackets. After that there may be text in parentheses. When the first item is a verified host name, the first thing in the parentheses is the IP address in square brackets. There may also be items of the form `helo=xxxx' if HELO or EHLO was used and its argument was not identical to the real host name or IP address, and `ident=xxxx' if an RFC 1413 ident string is available. If all three items are present in the parentheses, a newline and tab are inserted into the string, to improve the formatting of the Received: header.

$sn0 -- $sn9: These variables are copies of the values of the $n0 -- $n9 accumulators that were current at the end of the system filter file. This allows a system filter file to set values that can be tested in users' filter files. For example, a system filter could set a value indicating how likely it is that a message is junk mail.

$spool_directory: The name of Exim's spool directory.

$thisaddress: This variable is set only during the processing of the foranyaddress command in a filter file. Its use is explained in the description of that command.

$tls_cipher: When a message is received from a remote host over an encrypted SMTP connection, this variable is set to the cipher that was negotiated, for example DES-CBC3-SHA. See chapter 38.

$tls_peerdn: When a message is received from a remote host over an encrypted SMTP connection, and Exim is configured to request a certificate from the client, the value of the Distinguished Name of the certificate is made available in the $tls_peerdn during subsequent processing.

$tod_bsdinbox: The time of day and date, in the format required for BSD-style mailbox files, for example: Thu Oct 17 17:14:09 1995.

$tod_full: A full version of the time and date, for example: Wed, 16 Oct 1995 09:51:40 +0100. The timezone is always given as a numerical offset from GMT.

$tod_log: The time and date in the format used for writing Exim's log files, for example: 1995-10-12 15:32:29.

$value: This variable contains the result of an expansion lookup or extraction operation, as described above. Also, if a domainlist router has a lookup pattern in a route item, $value contains the data that was looked up during the expansion of the host list. If $value is used in other circumstances, its contents are null.

$version_number: The version number of Exim.

$warnmsg_delay: This variable is set only during the creation of a message warning about a delivery delay. Details of its use are explained in section 39.2.

$warnmsg_recipients: This variable is set only during the creation of a message warning about a delivery delay. Details of its use are explained in section 39.2.


Go to the first, previous, next, last section, table of contents.