summaryrefslogtreecommitdiffstats
path: root/network/exim/exim.Makefile
diff options
context:
space:
mode:
Diffstat (limited to 'network/exim/exim.Makefile')
-rw-r--r--network/exim/exim.Makefile102
1 files changed, 64 insertions, 38 deletions
diff --git a/network/exim/exim.Makefile b/network/exim/exim.Makefile
index edd9de5a7e..4494a160fc 100644
--- a/network/exim/exim.Makefile
+++ b/network/exim/exim.Makefile
@@ -1,6 +1,8 @@
##################################################
# The Exim mail transport agent #
##################################################
+# Copyright (c) The Exim Maintainers 2022 - 2023
+# SPDX-License-Identifier: GPL-2.0-or-later
# This is the template for Exim's main build-time configuration file. It
# contains settings that are independent of any operating system. These are
@@ -399,7 +401,7 @@ SUPPORT_MBX=yes
# For Redis you need to have hiredis installed on your system
# (https://github.com/redis/hiredis).
# Depending on where it is installed you may have to edit the CFLAGS
-# (often += -I/usr/local/include) and LDFLAGS (-lhiredis) lines.
+# (often += -I/usr/local/include) and LOOKUP_LIBS (-lhiredis) lines.
# If your system has pkg-config then the _INCLUDE/_LIBS setting can be
# handled for you automatically by also defining the _PC variable to reference
@@ -460,27 +462,27 @@ LDAP_LIB_TYPE=OPENLDAP2
#------------------------------------------------------------------------------
-# The PCRE library is required for Exim. There is no longer an embedded
+# The PCRE2 library is required for Exim. There is no longer an embedded
# version of the PCRE library included with the source code, instead you
-# must use a system library or build your own copy of PCRE.
+# must use a system library or build your own copy of PCRE2.
# In either case you must specify the library link info here. If the
-# PCRE header files are not in the standard search path you must also
+# PCRE2 header files are not in the standard search path you must also
# modify the INCLUDE path (above)
#
# Use PCRE_CONFIG to query the pcre-config command (first found in $PATH)
# to find the include files and libraries, else use PCRE_LIBS and set INCLUDE
# too if needed.
-PCRE_CONFIG=yes
-# PCRE_LIBS=-lpcre
+PCRE2_CONFIG=yes
+# PCRE_LIBS=-lpcre2
#------------------------------------------------------------------------------
-# Comment out the following line to remove DANE support
-# Note: Enabling this unconditionally overrides DISABLE_DNSSEC
-# forces you to have SUPPORT_TLS enabled (the default). For DANE under
-# GnuTLS we need an additional library. See TLS_LIBS or USE_GNUTLS_PC
-# below.
+# Comment out the following line to remove DANE support.
+# Note: DANE support requires DNSSEC support (the default) and
+# SUPPORT_TLS (the default). For DANE under GnuTLS we need an additional
+# library. See TLS_LIBS or USE_GNUTLS_PC below.
+
SUPPORT_DANE=yes
#------------------------------------------------------------------------------
@@ -498,6 +500,13 @@ SUPPORT_DANE=yes
# LOOKUP_INCLUDE +=-I /usr/local/include
# LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq -lgds -lsqlite3 -llmdb
+#------------------------------------------------------------------------------
+# If you included LOOKUP_LMDB above you will need the library. Depending
+# on where installed you may also need an include directory
+#
+# LOOKUP_INCLUDE += -I/usr/local/include
+# LOOKUP_LIBS += -llmdb
+
# ...or just enable your favourite lookups and let GNUmake handle the rest
ifeq ($(LOOKUP_LDAP),yes)
@@ -575,7 +584,7 @@ DISABLE_MAL_MKS=yes
# By default, Exim has support for checking the AD bit in a DNS response, to
# determine if DNSSEC validation was successful. If your system libraries
# do not support that bit, then set DISABLE_DNSSEC to "yes"
-# Note: Enabling SUPPORT_DANE unconditionally overrides this setting.
+# Note: DNSSEC is required for DANE support.
# DISABLE_DNSSEC=yes
@@ -592,8 +601,8 @@ DISABLE_MAL_MKS=yes
# DISABLE_QUEUE_RAMP=yes
# Uncomment the following lines to add SRS (Sender Rewriting Scheme) support
-# using only native facilities. See EXPERIMENTAL_SRS_ALT for an alternative.
-# SUPPORT_SRS=yes
+# using only native facilities.
+SUPPORT_SRS=yes
#------------------------------------------------------------------------------
@@ -603,30 +612,23 @@ DISABLE_MAL_MKS=yes
# Uncomment the following line to add support for talking to dccifd. This
# defaults the socket path to /usr/local/dcc/var/dccifd.
-# Doing so will also explicitly turn on the WITH_CONTENT_SCAN option.
+# This support also requires WITH_CONTENT_SCAN enabled.
# EXPERIMENTAL_DCC=yes
-# Uncomment the following lines to add SRS (Sender rewriting scheme) support
-# using the implementation in linbsrs_alt.
-# You need to have libsrs_alt installed on your system (srs.mirtol.com).
-# Depending on where it is installed you may have to edit the CFLAGS and
-# LDFLAGS lines.
-
-# EXPERIMENTAL_SRS_ALT=yes
-# CFLAGS += -I/usr/local/include
-# LDFLAGS += -lsrs_alt
-
# Uncomment the following line to add DMARC checking capability, implemented
# using libopendmarc libraries. You must have SPF and DKIM support enabled also.
-# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken;
-# 1.3.2-3 works. I seems that the OpenDMARC project broke their API.
# SUPPORT_DMARC=yes
# CFLAGS += -I/usr/local/include
# LDFLAGS += -lopendmarc
# Uncomment the following if you need to change the default. You can
# override it at runtime (main config option dmarc_tld_file)
# DMARC_TLD_FILE=/etc/exim/opendmarc.tlds
+#
+# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken;
+# 1.3.2-3 works. It seems that the OpenDMARC project broke their API.
+# Use this option if you need to build with an old library (1.3.x)
+# DMARC_API=100300
# Uncomment the following line to add ARC (Authenticated Received Chain)
# support. You must have SPF and DKIM support enabled also.
@@ -646,6 +648,9 @@ DISABLE_MAL_MKS=yes
# Uncomment the following line to add queuefile transport support
# EXPERIMENTAL_QUEUEFILE=yes
+#
+# Uncomment the following line to add XCLIENT support
+# EXPERIMENTAL_XCLIENT=yes
###############################################################################
# THESE ARE THINGS YOU MIGHT WANT TO SPECIFY #
@@ -660,6 +665,29 @@ DISABLE_MAL_MKS=yes
#------------------------------------------------------------------------------
+# Which DBM library to use. If you do not specify a specific here, you get
+# the platform default. Uncomment the pair of lines as preferred.
+# Note: when changing an installation from one DB type to another all the
+# hints-DB files, in spool/db, should be removed.
+
+# gdbm in native mode
+# USE_GDBM = yes
+# DBMLIB = -lgdbm
+
+# gdbm in Berkeley-DB compatibility mode
+# USE_NDBM = yes
+# DBMLIB = -lgdbm -lgdbm_compat
+
+# tdb
+# USE_TDB = yes
+# DBMLIB = -ltdb
+
+# Berkeley DB
+# USE_DB = yes
+# DBMLIB = -ldb
+
+
+#------------------------------------------------------------------------------
# Although Exim is normally a setuid program, owned by root, it refuses to run
# local deliveries as root by default. There is a runtime option called
# "never_users" which lists the users that must never be used for local
@@ -762,13 +790,6 @@ FIXED_NEVER_USERS=root
# WHITELIST_D_MACROS=TLS:SPOOL
-# The next setting enables a main config option
-# "allow_insecure_tainted_data" to turn taint failures into warnings.
-# Though this option is new, it is deprecated already now, and will be
-# ignored in future releases of Exim. It is meant as mitigation for
-# upgrading old (possibly insecure) configurations to more secure ones.
-ALLOW_INSECURE_TAINTED_DATA=yes
-
#------------------------------------------------------------------------------
# Exim has support for the AUTH (authentication) extension of the SMTP
# protocol, as defined by RFC 2554. If you don't know what SMTP authentication
@@ -1048,10 +1069,10 @@ EXTRALIBS += -ldl
# If you want IDNA2008 mappings per RFCs 5890, 6530 and 6533, you additionally
# need libidn2 and SUPPORT_I18N_2008.
-SUPPORT_I18N=yes
-LDFLAGS += -lidn
-# SUPPORT_I18N_2008=yes
-# LDFLAGS += -lidn -lidn2
+# SUPPORT_I18N=yes
+# LDFLAGS += -lidn
+SUPPORT_I18N_2008=yes
+LDFLAGS += -lidn -lidn2
#------------------------------------------------------------------------------
@@ -1514,4 +1535,9 @@ PID_FILE_PATH=/var/run/exim.pid
# For development, add this to include code to time various stages and report.
# CFLAGS += -DMEASURE_TIMING
+# For a very slightly smaller build, for constrained systems, uncomment this.
+# The feature involved is purely for debugging.
+
+# DISABLE_CLIENT_CMD_LOG=yes
+
# End of EDITME for Exim 4.