projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Raise smtp_cmd_buffer_size to 16384.
[exim.git] / src / src / transports / smtp.c
CommitLineData
0756eb3c
PH		 1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
ca5aa725 5/* Copyright (c) University of Cambridge 1995 - 2009 */
0756eb3c
PH		 6/* See the file NOTICE for conditions of use and distribution. */
7
8#include "../exim.h"
9#include "smtp.h"
10
11#define PENDING 256
12#define PENDING_DEFER (PENDING + DEFER)
13#define PENDING_OK (PENDING + OK)
14
15
16/* Options specific to the smtp transport. This transport also supports LMTP
17over TCP/IP. The options must be in alphabetic order (note that "_" comes
18before the lower case letters). Some live in the transport_instance block so as
19to be publicly visible; these are flagged with opt_public. */
20
21optionlist smtp_transport_options[] = {
48c7f9e2
PH		 22 { "address_retry_include_sender", opt_bool,
23 (void *)offsetof(smtp_transport_options_block, address_retry_include_sender) },
0756eb3c
PH		 24 { "allow_localhost", opt_bool,
25 (void *)offsetof(smtp_transport_options_block, allow_localhost) },
26 { "authenticated_sender", opt_stringptr,
27 (void *)offsetof(smtp_transport_options_block, authenticated_sender) },
382afc6b
PH		 28 { "authenticated_sender_force", opt_bool,
29 (void *)offsetof(smtp_transport_options_block, authenticated_sender_force) },
0756eb3c
PH		 30 { "command_timeout", opt_time,
31 (void *)offsetof(smtp_transport_options_block, command_timeout) },
32 { "connect_timeout", opt_time,
33 (void *)offsetof(smtp_transport_options_block, connect_timeout) },
34 { "connection_max_messages", opt_int | opt_public,
35 (void *)offsetof(transport_instance, connection_max_messages) },
36 { "data_timeout", opt_time,
37 (void *)offsetof(smtp_transport_options_block, data_timeout) },
38 { "delay_after_cutoff", opt_bool,
39 (void *)offsetof(smtp_transport_options_block, delay_after_cutoff) },
80a47a2c 40#ifndef DISABLE_DKIM
f7572e5a
TK		 41 { "dkim_canon", opt_stringptr,
42 (void *)offsetof(smtp_transport_options_block, dkim_canon) },
43 { "dkim_domain", opt_stringptr,
44 (void *)offsetof(smtp_transport_options_block, dkim_domain) },
45 { "dkim_private_key", opt_stringptr,
46 (void *)offsetof(smtp_transport_options_block, dkim_private_key) },
47 { "dkim_selector", opt_stringptr,
48 (void *)offsetof(smtp_transport_options_block, dkim_selector) },
49 { "dkim_sign_headers", opt_stringptr,
50 (void *)offsetof(smtp_transport_options_block, dkim_sign_headers) },
51 { "dkim_strict", opt_stringptr,
52 (void *)offsetof(smtp_transport_options_block, dkim_strict) },
80a47a2c 53#endif
0756eb3c
PH		 54 { "dns_qualify_single", opt_bool,
55 (void *)offsetof(smtp_transport_options_block, dns_qualify_single) },
56 { "dns_search_parents", opt_bool,
57 (void *)offsetof(smtp_transport_options_block, dns_search_parents) },
58 { "fallback_hosts", opt_stringptr,
59 (void *)offsetof(smtp_transport_options_block, fallback_hosts) },
60 { "final_timeout", opt_time,
61 (void *)offsetof(smtp_transport_options_block, final_timeout) },
62 { "gethostbyname", opt_bool,
63 (void *)offsetof(smtp_transport_options_block, gethostbyname) },
80a47a2c 64#ifdef SUPPORT_TLS
83da1223
PH		 65 { "gnutls_require_kx", opt_stringptr,
66 (void *)offsetof(smtp_transport_options_block, gnutls_require_kx) },
67 { "gnutls_require_mac", opt_stringptr,
68 (void *)offsetof(smtp_transport_options_block, gnutls_require_mac) },
69 { "gnutls_require_protocols", opt_stringptr,
70 (void *)offsetof(smtp_transport_options_block, gnutls_require_proto) },
80a47a2c 71#endif
0756eb3c
PH		 72 { "helo_data", opt_stringptr,
73 (void *)offsetof(smtp_transport_options_block, helo_data) },
74 { "hosts", opt_stringptr,
75 (void *)offsetof(smtp_transport_options_block, hosts) },
76 { "hosts_avoid_esmtp", opt_stringptr,
77 (void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) },
c51b8e75
PH		 78 { "hosts_avoid_pipelining", opt_stringptr,
79 (void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) },
80a47a2c 80#ifdef SUPPORT_TLS
0756eb3c
PH		 81 { "hosts_avoid_tls", opt_stringptr,
82 (void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) },
80a47a2c 83#endif
0756eb3c
PH		 84 { "hosts_max_try", opt_int,
85 (void *)offsetof(smtp_transport_options_block, hosts_max_try) },
533244af
PH		 86 { "hosts_max_try_hardlimit", opt_int,
87 (void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) },
80a47a2c 88#ifdef SUPPORT_TLS
0756eb3c
PH		 89 { "hosts_nopass_tls", opt_stringptr,
90 (void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) },
80a47a2c 91#endif
0756eb3c
PH		 92 { "hosts_override", opt_bool,
93 (void *)offsetof(smtp_transport_options_block, hosts_override) },
94 { "hosts_randomize", opt_bool,
95 (void *)offsetof(smtp_transport_options_block, hosts_randomize) },
96 { "hosts_require_auth", opt_stringptr,
97 (void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
80a47a2c 98#ifdef SUPPORT_TLS
0756eb3c
PH		 99 { "hosts_require_tls", opt_stringptr,
100 (void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
80a47a2c 101#endif
0756eb3c
PH		 102 { "hosts_try_auth", opt_stringptr,
103 (void *)offsetof(smtp_transport_options_block, hosts_try_auth) },
104 { "interface", opt_stringptr,
105 (void *)offsetof(smtp_transport_options_block, interface) },
106 { "keepalive", opt_bool,
107 (void *)offsetof(smtp_transport_options_block, keepalive) },
f1513293
PH		 108 { "lmtp_ignore_quota", opt_bool,
109 (void *)offsetof(smtp_transport_options_block, lmtp_ignore_quota) },
0756eb3c
PH		 110 { "max_rcpt", opt_int | opt_public,
111 (void *)offsetof(transport_instance, max_addresses) },
112 { "multi_domain", opt_bool | opt_public,
113 (void *)offsetof(transport_instance, multi_domain) },
114 { "port", opt_stringptr,
115 (void *)offsetof(smtp_transport_options_block, port) },
116 { "protocol", opt_stringptr,
117 (void *)offsetof(smtp_transport_options_block, protocol) },
118 { "retry_include_ip_address", opt_bool,
119 (void *)offsetof(smtp_transport_options_block, retry_include_ip_address) },
120 { "serialize_hosts", opt_stringptr,
121 (void *)offsetof(smtp_transport_options_block, serialize_hosts) },
122 { "size_addition", opt_int,
123 (void *)offsetof(smtp_transport_options_block, size_addition) }
80a47a2c 124#ifdef SUPPORT_TLS
0756eb3c
PH		 125 ,{ "tls_certificate", opt_stringptr,
126 (void *)offsetof(smtp_transport_options_block, tls_certificate) },
127 { "tls_crl", opt_stringptr,
128 (void *)offsetof(smtp_transport_options_block, tls_crl) },
129 { "tls_privatekey", opt_stringptr,
130 (void *)offsetof(smtp_transport_options_block, tls_privatekey) },
131 { "tls_require_ciphers", opt_stringptr,
132 (void *)offsetof(smtp_transport_options_block, tls_require_ciphers) },
133 { "tls_tempfail_tryclear", opt_bool,
134 (void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) },
135 { "tls_verify_certificates", opt_stringptr,
136 (void *)offsetof(smtp_transport_options_block, tls_verify_certificates) }
80a47a2c 137#endif
0756eb3c
PH		 138};
139
140/* Size of the options list. An extern variable has to be used so that its
141address can appear in the tables drtables.c. */
142
143int smtp_transport_options_count =
144 sizeof(smtp_transport_options)/sizeof(optionlist);
145
146/* Default private options block for the smtp transport. */
147
148smtp_transport_options_block smtp_transport_option_defaults = {
149 NULL, /* hosts */
150 NULL, /* fallback_hosts */
151 NULL, /* hostlist */
152 NULL, /* fallback_hostlist */
153 NULL, /* authenticated_sender */
154 US"$primary_hostname", /* helo_data */
155 NULL, /* interface */
156 NULL, /* port */
157 US"smtp", /* protocol */
158 NULL, /* serialize_hosts */
159 NULL, /* hosts_try_auth */
160 NULL, /* hosts_require_auth */
161 NULL, /* hosts_require_tls */
162 NULL, /* hosts_avoid_tls */
c51b8e75 163 NULL, /* hosts_avoid_pipelining */
0756eb3c
PH		 164 NULL, /* hosts_avoid_esmtp */
165 NULL, /* hosts_nopass_tls */
166 5*60, /* command_timeout */
167 5*60, /* connect_timeout; shorter system default overrides */
168 5*60, /* data timeout */
169 10*60, /* final timeout */
170 1024, /* size_addition */
171 5, /* hosts_max_try */
8e669ac1 172 50, /* hosts_max_try_hardlimit */
48c7f9e2 173 TRUE, /* address_retry_include_sender */
0756eb3c 174 FALSE, /* allow_localhost */
382afc6b 175 FALSE, /* authenticated_sender_force */
0756eb3c
PH		 176 FALSE, /* gethostbyname */
177 TRUE, /* dns_qualify_single */
178 FALSE, /* dns_search_parents */
179 TRUE, /* delay_after_cutoff */
180 FALSE, /* hosts_override */
181 FALSE, /* hosts_randomize */
182 TRUE, /* keepalive */
f1513293 183 FALSE, /* lmtp_ignore_quota */
0756eb3c 184 TRUE /* retry_include_ip_address */
80a47a2c 185#ifdef SUPPORT_TLS
0756eb3c
PH		 186 ,NULL, /* tls_certificate */
187 NULL, /* tls_crl */
188 NULL, /* tls_privatekey */
189 NULL, /* tls_require_ciphers */
83da1223
PH		 190 NULL, /* gnutls_require_kx */
191 NULL, /* gnutls_require_mac */
192 NULL, /* gnutls_require_proto */
0756eb3c
PH		 193 NULL, /* tls_verify_certificates */
194 TRUE /* tls_tempfail_tryclear */
80a47a2c
TK		 195#endif
196#ifndef DISABLE_DKIM
f7572e5a
TK		 197 ,NULL, /* dkim_canon */
198 NULL, /* dkim_domain */
199 NULL, /* dkim_private_key */
200 NULL, /* dkim_selector */
201 NULL, /* dkim_sign_headers */
202 NULL /* dkim_strict */
80a47a2c 203#endif
0756eb3c
PH		 204};
205
206
207/* Local statics */
208
209static uschar *smtp_command; /* Points to last cmd for error messages */
210static uschar *mail_command; /* Points to MAIL cmd for error messages */
f6c332bd 211static BOOL update_waiting; /* TRUE to update the "wait" database */
0756eb3c
PH		 212
213
214/*************************************************
215* Setup entry point *
216*************************************************/
217
218/* This function is called when the transport is about to be used,
219but before running it in a sub-process. It is used for two things:
220
221 (1) To set the fallback host list in addresses, when delivering.
26da7e20
PH		 222 (2) To pass back the interface, port, protocol, and other options, for use
223 during callout verification.
0756eb3c
PH		 224
225Arguments:
226 tblock pointer to the transport instance block
227 addrlist list of addresses about to be transported
228 tf if not NULL, pointer to block in which to return options
929ba01c
PH		 229 uid the uid that will be set (not used)
230 gid the gid that will be set (not used)
0756eb3c
PH		 231 errmsg place for error message (not used)
232
233Returns: OK always (FAIL, DEFER not used)
234*/
235
236static int
237smtp_transport_setup(transport_instance *tblock, address_item *addrlist,
929ba01c 238 transport_feedback *tf, uid_t uid, gid_t gid, uschar **errmsg)
0756eb3c
PH		 239{
240smtp_transport_options_block *ob =
241 (smtp_transport_options_block *)(tblock->options_block);
242
243errmsg = errmsg; /* Keep picky compilers happy */
929ba01c
PH		 244uid = uid;
245gid = gid;
0756eb3c
PH		 246
247/* Pass back options if required. This interface is getting very messy. */
248
249if (tf != NULL)
250 {
251 tf->interface = ob->interface;
252 tf->port = ob->port;
253 tf->protocol = ob->protocol;
254 tf->hosts = ob->hosts;
255 tf->hosts_override = ob->hosts_override;
256 tf->hosts_randomize = ob->hosts_randomize;
257 tf->gethostbyname = ob->gethostbyname;
258 tf->qualify_single = ob->dns_qualify_single;
259 tf->search_parents = ob->dns_search_parents;
26da7e20 260 tf->helo_data = ob->helo_data;
0756eb3c
PH		 261 }
262
263/* Set the fallback host list for all the addresses that don't have fallback
264host lists, provided that the local host wasn't present in the original host
265list. */
266
267if (!testflag(addrlist, af_local_host_removed))
268 {
269 for (; addrlist != NULL; addrlist = addrlist->next)
270 if (addrlist->fallback_hosts == NULL)
271 addrlist->fallback_hosts = ob->fallback_hostlist;
272 }
273
274return OK;
275}
276
277
278
279/*************************************************
280* Initialization entry point *
281*************************************************/
282
283/* Called for each instance, after its options have been read, to
284enable consistency checks to be done, or anything else that needs
285to be set up.
286
287Argument: pointer to the transport instance block
288Returns: nothing
289*/
290
291void
292smtp_transport_init(transport_instance *tblock)
293{
294smtp_transport_options_block *ob =
295 (smtp_transport_options_block *)(tblock->options_block);
296
297/* Retry_use_local_part defaults FALSE if unset */
298
299if (tblock->retry_use_local_part == TRUE_UNSET)
300 tblock->retry_use_local_part = FALSE;
301
302/* Set the default port according to the protocol */
303
304if (ob->port == NULL)
305 ob->port = (strcmpic(ob->protocol, US"lmtp") == 0)? US"lmtp" : US"smtp";
306
307/* Set up the setup entry point, to be called before subprocesses for this
308transport. */
309
310tblock->setup = smtp_transport_setup;
311
312/* Complain if any of the timeouts are zero. */
313
314if (ob->command_timeout <= 0 || ob->data_timeout <= 0 ||
315 ob->final_timeout <= 0)
316 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
317 "command, data, or final timeout value is zero for %s transport",
318 tblock->name);
319
320/* If hosts_override is set and there are local hosts, set the global
321flag that stops verify from showing router hosts. */
322
323if (ob->hosts_override && ob->hosts != NULL) tblock->overrides_hosts = TRUE;
324
325/* If there are any fallback hosts listed, build a chain of host items
326for them, but do not do any lookups at this time. */
327
328host_build_hostlist(&(ob->fallback_hostlist), ob->fallback_hosts, FALSE);
329}
330
331
332
333
334
335/*************************************************
336* Set delivery info into all active addresses *
337*************************************************/
338
339/* Only addresses whose status is >= PENDING are relevant. A lesser
340status means that an address is not currently being processed.
341
342Arguments:
447d236c
PH		 343 addrlist points to a chain of addresses
344 errno_value to put in each address's errno field
345 msg to put in each address's message field
346 rc to put in each address's transport_return field
347 pass_message if TRUE, set the "pass message" flag in the address
0756eb3c
PH		 348
349If errno_value has the special value ERRNO_CONNECTTIMEOUT, ETIMEDOUT is put in
350the errno field, and RTEF_CTOUT is ORed into the more_errno field, to indicate
351this particular type of timeout.
352
353Returns: nothing
354*/
355
7cd1141b
PH		 356static void
357set_errno(address_item *addrlist, int errno_value, uschar *msg, int rc,
447d236c 358 BOOL pass_message)
0756eb3c
PH		 359{
360address_item *addr;
361int orvalue = 0;
362if (errno_value == ERRNO_CONNECTTIMEOUT)
363 {
364 errno_value = ETIMEDOUT;
365 orvalue = RTEF_CTOUT;
366 }
367for (addr = addrlist; addr != NULL; addr = addr->next)
368 {
369 if (addr->transport_return < PENDING) continue;
370 addr->basic_errno = errno_value;
371 addr->more_errno |= orvalue;
447d236c
PH		 372 if (msg != NULL)
373 {
374 addr->message = msg;
375 if (pass_message) setflag(addr, af_pass_message);
376 }
0756eb3c
PH		 377 addr->transport_return = rc;
378 }
379}
380
381
382
383/*************************************************
384* Check an SMTP response *
385*************************************************/
386
387/* This function is given an errno code and the SMTP response buffer
388to analyse, together with the host identification for generating messages. It
389sets an appropriate message and puts the first digit of the response code into
390the yield variable. If no response was actually read, a suitable digit is
391chosen.
392
393Arguments:
447d236c
PH		 394 host the current host, to get its name for messages
395 errno_value pointer to the errno value
396 more_errno from the top address for use with ERRNO_FILTER_FAIL
397 buffer the SMTP response buffer
398 yield where to put a one-digit SMTP response code
399 message where to put an errror message
400 pass_message set TRUE if message is an SMTP response
401
402Returns: TRUE if an SMTP "QUIT" command should be sent, else FALSE
0756eb3c
PH		 403*/
404
405static BOOL check_response(host_item *host, int *errno_value, int more_errno,
447d236c 406 uschar *buffer, int *yield, uschar **message, BOOL *pass_message)
0756eb3c
PH		 407{
408uschar *pl = US"";
409
410if (smtp_use_pipelining &&
411 (Ustrcmp(smtp_command, "MAIL") == 0 ||
412 Ustrcmp(smtp_command, "RCPT") == 0 ||
413 Ustrcmp(smtp_command, "DATA") == 0))
414 pl = US"pipelined ";
415
416*yield = '4'; /* Default setting is to give a temporary error */
417
418/* Handle response timeout */
419
420if (*errno_value == ETIMEDOUT)
421 {
422 *message = US string_sprintf("SMTP timeout while connected to %s [%s] "
423 "after %s%s", host->name, host->address, pl, smtp_command);
424 if (transport_count > 0)
425 *message = US string_sprintf("%s (%d bytes written)", *message,
426 transport_count);
427 return FALSE;
428 }
429
430/* Handle malformed SMTP response */
431
432if (*errno_value == ERRNO_SMTPFORMAT)
433 {
434 uschar *malfresp = string_printing(buffer);
435 while (isspace(*malfresp)) malfresp++;
436 if (*malfresp == 0)
437 *message = string_sprintf("Malformed SMTP reply (an empty line) from "
438 "%s [%s] in response to %s%s", host->name, host->address, pl,
439 smtp_command);
440 else
441 *message = string_sprintf("Malformed SMTP reply from %s [%s] in response "
442 "to %s%s: %s", host->name, host->address, pl, smtp_command, malfresp);
443 return FALSE;
444 }
445
446/* Handle a failed filter process error; can't send QUIT as we mustn't
447end the DATA. */
448
449if (*errno_value == ERRNO_FILTER_FAIL)
450 {
35af9f61 451 *message = US string_sprintf("transport filter process failed (%d)%s",
8e669ac1 452 more_errno,
35af9f61 453 (more_errno == EX_EXECFAILED)? ": unable to execute command" : "");
0756eb3c
PH		 454 return FALSE;
455 }
456
457/* Handle a failed add_headers expansion; can't send QUIT as we mustn't
458end the DATA. */
459
460if (*errno_value == ERRNO_CHHEADER_FAIL)
461 {
462 *message =
463 US string_sprintf("failed to expand headers_add or headers_remove: %s",
464 expand_string_message);
465 return FALSE;
466 }
467
468/* Handle failure to write a complete data block */
469
470if (*errno_value == ERRNO_WRITEINCOMPLETE)
471 {
472 *message = US string_sprintf("failed to write a data block");
473 return FALSE;
474 }
475
476/* Handle error responses from the remote mailer. */
477
478if (buffer[0] != 0)
479 {
480 uschar *s = string_printing(buffer);
447d236c 481 *message = US string_sprintf("SMTP error from remote mail server after %s%s: "
0756eb3c 482 "host %s [%s]: %s", pl, smtp_command, host->name, host->address, s);
447d236c 483 *pass_message = TRUE;
0756eb3c
PH		 484 *yield = buffer[0];
485 return TRUE;
486 }
487
488/* No data was read. If there is no errno, this must be the EOF (i.e.
19b9dc85
PH		 489connection closed) case, which causes deferral. An explicit connection reset
490error has the same effect. Otherwise, put the host's identity in the message,
491leaving the errno value to be interpreted as well. In all cases, we have to
492assume the connection is now dead. */
0756eb3c 493
19b9dc85 494if (*errno_value == 0 || *errno_value == ECONNRESET)
0756eb3c
PH		 495 {
496 *errno_value = ERRNO_SMTPCLOSED;
497 *message = US string_sprintf("Remote host %s [%s] closed connection "
498 "in response to %s%s", host->name, host->address, pl, smtp_command);
499 }
500else *message = US string_sprintf("%s [%s]", host->name, host->address);
501
502return FALSE;
503}
504
505
506
507/*************************************************
508* Write error message to logs *
509*************************************************/
510
511/* This writes to the main log and to the message log.
512
513Arguments:
514 addr the address item containing error information
515 host the current host
516
517Returns: nothing
518*/
519
520static void
521write_logs(address_item *addr, host_item *host)
522{
523if (addr->message != NULL)
524 {
525 uschar *message = addr->message;
526 if (addr->basic_errno > 0)
527 message = string_sprintf("%s: %s", message, strerror(addr->basic_errno));
528 log_write(0, LOG_MAIN, "%s", message);
529 deliver_msglog("%s %s\n", tod_stamp(tod_log), message);
530 }
531else
532 {
7cd1141b
PH		 533 uschar *msg =
534 ((log_extra_selector & LX_outgoing_port) != 0)?
535 string_sprintf("%s [%s]:%d", host->name, host->address,
536 (host->port == PORT_NONE)? 25 : host->port)
537 :
538 string_sprintf("%s [%s]", host->name, host->address);
539 log_write(0, LOG_MAIN, "%s %s", msg, strerror(addr->basic_errno));
540 deliver_msglog("%s %s %s\n", tod_stamp(tod_log), msg,
0756eb3c
PH		 541 strerror(addr->basic_errno));
542 }
543}
544
545
546
547/*************************************************
548* Synchronize SMTP responses *
549*************************************************/
550
551/* This function is called from smtp_deliver() to receive SMTP responses from
552the server, and match them up with the commands to which they relate. When
553PIPELINING is not in use, this function is called after every command, and is
554therefore somewhat over-engineered, but it is simpler to use a single scheme
555that works both with and without PIPELINING instead of having two separate sets
556of code.
557
558The set of commands that are buffered up with pipelining may start with MAIL
559and may end with DATA; in between are RCPT commands that correspond to the
560addresses whose status is PENDING_DEFER. All other commands (STARTTLS, AUTH,
561etc.) are never buffered.
562
563Errors after MAIL or DATA abort the whole process leaving the response in the
564buffer. After MAIL, pending responses are flushed, and the original command is
565re-instated in big_buffer for error messages. For RCPT commands, the remote is
566permitted to reject some recipient addresses while accepting others. However
567certain errors clearly abort the whole process. Set the value in
568transport_return to PENDING_OK if the address is accepted. If there is a
569subsequent general error, it will get reset accordingly. If not, it will get
570converted to OK at the end.
571
572Arguments:
48c7f9e2
PH		 573 addrlist the complete address list
574 include_affixes TRUE if affixes include in RCPT
575 sync_addr ptr to the ptr of the one to start scanning at (updated)
576 host the host we are connected to
577 count the number of responses to read
578 address_retry_
579 include_sender true if 4xx retry is to include the sender it its key
580 pending_MAIL true if the first response is for MAIL
581 pending_DATA 0 if last command sent was not DATA
582 +1 if previously had a good recipient
583 -1 if not previously had a good recipient
584 inblock incoming SMTP block
585 timeout timeout value
586 buffer buffer for reading response
587 buffsize size of buffer
0756eb3c
PH		 588
589Returns: 3 if at least one address had 2xx and one had 5xx
590 2 if at least one address had 5xx but none had 2xx
591 1 if at least one host had a 2xx response, but none had 5xx
592 0 no address had 2xx or 5xx but no errors (all 4xx, or just DATA)
593 -1 timeout while reading RCPT response
594 -2 I/O or other non-response error for RCPT
595 -3 DATA or MAIL failed - errno and buffer set
596*/
597
598static int
599sync_responses(address_item *addrlist, BOOL include_affixes,
48c7f9e2
PH		 600 address_item **sync_addr, host_item *host, int count,
601 BOOL address_retry_include_sender, BOOL pending_MAIL,
0756eb3c
PH		 602 int pending_DATA, smtp_inblock *inblock, int timeout, uschar *buffer,
603 int buffsize)
604{
605address_item *addr = *sync_addr;
606int yield = 0;
607
608/* Handle the response for a MAIL command. On error, reinstate the original
609command in big_buffer for error message use, and flush any further pending
610responses before returning, except after I/O errors and timeouts. */
611
612if (pending_MAIL)
613 {
614 count--;
615 if (!smtp_read_response(inblock, buffer, buffsize, '2', timeout))
616 {
617 Ustrcpy(big_buffer, mail_command); /* Fits, because it came from there! */
618 if (errno == 0 && buffer[0] != 0)
619 {
620 uschar flushbuffer[4096];
e97957bc
PH		 621 int save_errno = 0;
622 if (buffer[0] == '4')
623 {
624 save_errno = ERRNO_MAIL4XX;
625 addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
626 }
0756eb3c
PH		 627 while (count-- > 0)
628 {
629 if (!smtp_read_response(inblock, flushbuffer, sizeof(flushbuffer),
630 '2', timeout)
631 && (errno != 0 || flushbuffer[0] == 0))
632 break;
633 }
e97957bc 634 errno = save_errno;
0756eb3c
PH		 635 }
636 return -3;
637 }
638 }
639
640if (pending_DATA) count--; /* Number of RCPT responses to come */
641
642/* Read and handle the required number of RCPT responses, matching each one up
643with an address by scanning for the next address whose status is PENDING_DEFER.
644*/
645
646while (count-- > 0)
647 {
648 while (addr->transport_return != PENDING_DEFER) addr = addr->next;
649
650 /* The address was accepted */
651
652 if (smtp_read_response(inblock, buffer, buffsize, '2', timeout))
653 {
654 yield |= 1;
655 addr->transport_return = PENDING_OK;
656
657 /* If af_dr_retry_exists is set, there was a routing delay on this address;
09945f1e
PH		 658 ensure that any address-specific retry record is expunged. We do this both
659 for the basic key and for the version that also includes the sender. */
0756eb3c
PH		 660
661 if (testflag(addr, af_dr_retry_exists))
09945f1e
PH		 662 {
663 uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
664 sender_address);
665 retry_add_item(addr, altkey, rf_delete);
0756eb3c 666 retry_add_item(addr, addr->address_retry_key, rf_delete);
09945f1e 667 }
0756eb3c
PH		 668 }
669
670 /* Timeout while reading the response */
671
672 else if (errno == ETIMEDOUT)
673 {
674 int save_errno = errno;
675 uschar *message = string_sprintf("SMTP timeout while connected to %s [%s] "
676 "after RCPT TO:<%s>", host->name, host->address,
677 transport_rcpt_address(addr, include_affixes));
447d236c 678 set_errno(addrlist, save_errno, message, DEFER, FALSE);
0756eb3c 679 retry_add_item(addr, addr->address_retry_key, 0);
f6c332bd 680 update_waiting = FALSE;
0756eb3c
PH		 681 return -1;
682 }
683
684 /* Handle other errors in obtaining an SMTP response by returning -1. This
685 will cause all the addresses to be deferred. Restore the SMTP command in
686 big_buffer for which we are checking the response, so the error message
687 makes sense. */
688
689 else if (errno != 0 || buffer[0] == 0)
690 {
691 string_format(big_buffer, big_buffer_size, "RCPT TO:<%s>",
692 transport_rcpt_address(addr, include_affixes));
693 return -2;
694 }
695
696 /* Handle SMTP permanent and temporary response codes. */
697
698 else
699 {
700 addr->message =
447d236c 701 string_sprintf("SMTP error from remote mail server after RCPT TO:<%s>: "
0756eb3c
PH		 702 "host %s [%s]: %s", transport_rcpt_address(addr, include_affixes),
703 host->name, host->address, string_printing(buffer));
447d236c 704 setflag(addr, af_pass_message);
0756eb3c
PH		 705 deliver_msglog("%s %s\n", tod_stamp(tod_log), addr->message);
706
707 /* The response was 5xx */
708
709 if (buffer[0] == '5')
710 {
711 addr->transport_return = FAIL;
712 yield |= 2;
713 }
714
715 /* The response was 4xx */
716
717 else
718 {
0756eb3c
PH		 719 addr->transport_return = DEFER;
720 addr->basic_errno = ERRNO_RCPT4XX;
e97957bc 721 addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
0756eb3c
PH		 722
723 /* Log temporary errors if there are more hosts to be tried. */
724
725 if (host->next != NULL) log_write(0, LOG_MAIN, "%s", addr->message);
726
f6c332bd
PH		 727 /* Do not put this message on the list of those waiting for specific
728 hosts, as otherwise it is likely to be tried too often. */
0756eb3c 729
f6c332bd 730 update_waiting = FALSE;
0756eb3c 731
48c7f9e2
PH		 732 /* Add a retry item for the address so that it doesn't get tried again
733 too soon. If address_retry_include_sender is true, add the sender address
734 to the retry key. */
0756eb3c 735
48c7f9e2
PH		 736 if (address_retry_include_sender)
737 {
738 uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
739 sender_address);
740 retry_add_item(addr, altkey, 0);
741 }
742 else retry_add_item(addr, addr->address_retry_key, 0);
0756eb3c
PH		 743 }
744 }
745 } /* Loop for next RCPT response */
746
747/* Update where to start at for the next block of responses, unless we
748have already handled all the addresses. */
749
750if (addr != NULL) *sync_addr = addr->next;
751
752/* Handle a response to DATA. If we have not had any good recipients, either
753previously or in this block, the response is ignored. */
754
755if (pending_DATA != 0 &&
756 !smtp_read_response(inblock, buffer, buffsize, '3', timeout))
757 {
758 int code;
759 uschar *msg;
447d236c 760 BOOL pass_message;
e97957bc
PH		 761 if (pending_DATA > 0 || (yield & 1) != 0)
762 {
763 if (errno == 0 && buffer[0] == '4')
764 {
765 errno = ERRNO_DATA4XX;
766 addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
767 }
768 return -3;
769 }
447d236c 770 (void)check_response(host, &errno, 0, buffer, &code, &msg, &pass_message);
0756eb3c
PH		 771 DEBUG(D_transport) debug_printf("%s\nerror for DATA ignored: pipelining "
772 "is in use and there were no good recipients\n", msg);
773 }
774
775/* All responses read and handled; MAIL (if present) received 2xx and DATA (if
776present) received 3xx. If any RCPTs were handled and yielded anything other
777than 4xx, yield will be set non-zero. */
778
779return yield;
780}
781
782
783
784/*************************************************
785* Deliver address list to given host *
786*************************************************/
787
788/* If continue_hostname is not null, we get here only when continuing to
789deliver down an existing channel. The channel was passed as the standard
6c512171
PH		 790input. TLS is never active on a passed channel; the previous process always
791closes it down before passing the connection on.
0756eb3c
PH		 792
793Otherwise, we have to make a connection to the remote host, and do the
794initial protocol exchange.
795
796When running as an MUA wrapper, if the sender or any recipient is rejected,
797temporarily or permanently, we force failure for all recipients.
798
799Arguments:
800 addrlist chain of potential addresses to deliver; only those whose
801 transport_return field is set to PENDING_DEFER are currently
802 being processed; others should be skipped - they have either
803 been delivered to an earlier host or IP address, or been
804 failed by one of them.
805 host host to deliver to
806 host_af AF_INET or AF_INET6
2d280592 807 port default TCP/IP port to use, in host byte order
0756eb3c
PH		 808 interface interface to bind to, or NULL
809 tblock transport instance block
810 copy_host TRUE if host set in addr->host_used must be copied, because
811 it is specific to this call of the transport
812 message_defer set TRUE if yield is OK, but all addresses were deferred
813 because of a non-recipient, non-host failure, that is, a
814 4xx response to MAIL FROM, DATA, or ".". This is a defer
815 that is specific to the message.
816 suppress_tls if TRUE, don't attempt a TLS connection - this is set for
817 a second attempt after TLS initialization fails
818
819Returns: OK - the connection was made and the delivery attempted;
820 the result for each address is in its data block.
821 DEFER - the connection could not be made, or something failed
822 while setting up the SMTP session, or there was a
823 non-message-specific error, such as a timeout.
824 ERROR - a filter command is specified for this transport,
825 and there was a problem setting it up; OR helo_data
826 or add_headers or authenticated_sender is specified
827 for this transport, and the string failed to expand
828*/
829
830static int
831smtp_deliver(address_item *addrlist, host_item *host, int host_af, int port,
832 uschar *interface, transport_instance *tblock, BOOL copy_host,
833 BOOL *message_defer, BOOL suppress_tls)
834{
835address_item *addr;
836address_item *sync_addr;
837address_item *first_addr = addrlist;
838int yield = OK;
839int address_count;
840int save_errno;
841int rc;
842time_t start_delivery_time = time(NULL);
843smtp_transport_options_block *ob =
844 (smtp_transport_options_block *)(tblock->options_block);
845BOOL lmtp = strcmpic(ob->protocol, US"lmtp") == 0;
846BOOL ok = FALSE;
847BOOL send_rset = TRUE;
848BOOL send_quit = TRUE;
849BOOL setting_up = TRUE;
850BOOL completed_address = FALSE;
851BOOL esmtp = TRUE;
852BOOL pending_MAIL;
447d236c 853BOOL pass_message = FALSE;
0756eb3c
PH		 854smtp_inblock inblock;
855smtp_outblock outblock;
856int max_rcpt = tblock->max_addresses;
f1513293 857uschar *igquotstr = US"";
0756eb3c 858uschar *local_authenticated_sender = authenticated_sender;
41c7c167 859uschar *helo_data = NULL;
0756eb3c
PH		 860uschar *message = NULL;
861uschar new_message_id[MESSAGE_ID_LENGTH + 1];
862uschar *p;
863uschar buffer[4096];
864uschar inbuffer[4096];
865uschar outbuffer[1024];
866
867suppress_tls = suppress_tls; /* stop compiler warning when no TLS support */
868
869*message_defer = FALSE;
870smtp_command = US"initial connection";
871if (max_rcpt == 0) max_rcpt = 999999;
872
873/* Set up the buffer for reading SMTP response packets. */
874
875inblock.buffer = inbuffer;
876inblock.buffersize = sizeof(inbuffer);
877inblock.ptr = inbuffer;
878inblock.ptrend = inbuffer;
879
880/* Set up the buffer for holding SMTP commands while pipelining */
881
882outblock.buffer = outbuffer;
883outblock.buffersize = sizeof(outbuffer);
884outblock.ptr = outbuffer;
885outblock.cmd_count = 0;
886outblock.authenticating = FALSE;
887
6c512171
PH		 888/* Reset the parameters of a TLS session. */
889
890tls_cipher = NULL;
891tls_peerdn = NULL;
892
0756eb3c
PH		 893/* If an authenticated_sender override has been specified for this transport
894instance, expand it. If the expansion is forced to fail, and there was already
895an authenticated_sender for this message, the original value will be used.
896Other expansion failures are serious. An empty result is ignored, but there is
897otherwise no check - this feature is expected to be used with LMTP and other
898cases where non-standard addresses (e.g. without domains) might be required. */
899
900if (ob->authenticated_sender != NULL)
901 {
902 uschar *new = expand_string(ob->authenticated_sender);
903 if (new == NULL)
904 {
905 if (!expand_string_forcedfail)
906 {
907 uschar *message = string_sprintf("failed to expand "
908 "authenticated_sender: %s", expand_string_message);
447d236c 909 set_errno(addrlist, 0, message, DEFER, FALSE);
0756eb3c
PH		 910 return ERROR;
911 }
912 }
913 else if (new[0] != 0) local_authenticated_sender = new;
914 }
915
916/* Make a connection to the host if this isn't a continued delivery, and handle
917the initial interaction and HELO/EHLO/LHLO. Connect timeout errors are handled
918specially so they can be identified for retries. */
919
920if (continue_hostname == NULL)
921 {
922 inblock.sock = outblock.sock =
923 smtp_connect(host, host_af, port, interface, ob->connect_timeout,
4311097e
PH		 924 ob->keepalive); /* This puts port into host->port */
925
0756eb3c
PH		 926 if (inblock.sock < 0)
927 {
928 set_errno(addrlist, (errno == ETIMEDOUT)? ERRNO_CONNECTTIMEOUT : errno,
447d236c 929 NULL, DEFER, FALSE);
0756eb3c
PH		 930 return DEFER;
931 }
932
41c7c167
PH		 933 /* Expand the greeting message while waiting for the initial response. (Makes
934 sense if helo_data contains ${lookup dnsdb ...} stuff). The expansion is
935 delayed till here so that $sending_interface and $sending_port are set. */
936
937 helo_data = expand_string(ob->helo_data);
938
0756eb3c
PH		 939 /* The first thing is to wait for an initial OK response. The dreaded "goto"
940 is nevertheless a reasonably clean way of programming this kind of logic,
941 where you want to escape on any error. */
942
943 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
944 ob->command_timeout)) goto RESPONSE_FAILED;
945
41c7c167
PH		 946 /* Now check if the helo_data expansion went well, and sign off cleanly if it
947 didn't. */
948
949 if (helo_data == NULL)
950 {
951 uschar *message = string_sprintf("failed to expand helo_data: %s",
952 expand_string_message);
953 set_errno(addrlist, 0, message, DEFER, FALSE);
954 yield = DEFER;
955 goto SEND_QUIT;
956 }
957
0756eb3c
PH		 958/** Debugging without sending a message
959addrlist->transport_return = DEFER;
960goto SEND_QUIT;
961**/
962
963 /* Errors that occur after this point follow an SMTP command, which is
964 left in big_buffer by smtp_write_command() for use in error messages. */
965
966 smtp_command = big_buffer;
967
968 /* Tell the remote who we are...
969
970 February 1998: A convention has evolved that ESMTP-speaking MTAs include the
971 string "ESMTP" in their greeting lines, so make Exim send EHLO if the
972 greeting is of this form. The assumption was that the far end supports it
973 properly... but experience shows that there are some that give 5xx responses,
974 even though the banner includes "ESMTP" (there's a bloody-minded one that
975 says "ESMTP not spoken here"). Cope with that case.
976
977 September 2000: Time has passed, and it seems reasonable now to always send
978 EHLO at the start. It is also convenient to make the change while installing
979 the TLS stuff.
980
981 July 2003: Joachim Wieland met a broken server that advertises "PIPELINING"
982 but times out after sending MAIL FROM, RCPT TO and DATA all together. There
983 would be no way to send out the mails, so there is now a host list
984 "hosts_avoid_esmtp" that disables ESMTP for special hosts and solves the
985 PIPELINING problem as well. Maybe it can also be useful to cure other
986 problems with broken servers.
987
988 Exim originally sent "Helo" at this point and ran for nearly a year that way.
989 Then somebody tried it with a Microsoft mailer... It seems that all other
990 mailers use upper case for some reason (the RFC is quite clear about case
991 independence) so, for peace of mind, I gave in. */
992
993 esmtp = verify_check_this_host(&(ob->hosts_avoid_esmtp), NULL,
994 host->name, host->address, NULL) != OK;
995
996 if (esmtp)
997 {
998 if (smtp_write_command(&outblock, FALSE, "%s %s\r\n",
999 lmtp? "LHLO" : "EHLO", helo_data) < 0)
1000 goto SEND_FAILED;
1001 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1002 ob->command_timeout))
1003 {
1004 if (errno != 0 || buffer[0] == 0 || lmtp) goto RESPONSE_FAILED;
1005 esmtp = FALSE;
1006 }
1007 }
1008 else
1009 {
1010 DEBUG(D_transport)
1011 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
1012 }
1013
1014 if (!esmtp)
1015 {
1016 if (smtp_write_command(&outblock, FALSE, "HELO %s\r\n", helo_data) < 0)
1017 goto SEND_FAILED;
1018 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1019 ob->command_timeout)) goto RESPONSE_FAILED;
1020 }
1021
f1513293
PH		 1022 /* Set IGNOREQUOTA if the response to LHLO specifies support and the
1023 lmtp_ignore_quota option was set. */
1024
1025 igquotstr = (lmtp && ob->lmtp_ignore_quota &&
1026 pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer, Ustrlen(CS buffer), 0,
1027 PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US"";
1028
0756eb3c
PH		 1029 /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
1030
1031 #ifdef SUPPORT_TLS
1032 tls_offered = esmtp &&
1033 pcre_exec(regex_STARTTLS, NULL, CS buffer, Ustrlen(buffer), 0,
1034 PCRE_EOPT, NULL, 0) >= 0;
1035 #endif
1036 }
1037
1038/* For continuing deliveries down the same channel, the socket is the standard
1039input, and we don't need to redo EHLO here (but may need to do so for TLS - see
1040below). Set up the pointer to where subsequent commands will be left, for
1041error messages. Note that smtp_use_size and smtp_use_pipelining will have been
1042set from the command line if they were set in the process that passed the
1043connection on. */
1044
1045else
1046 {
1047 inblock.sock = outblock.sock = fileno(stdin);
1048 smtp_command = big_buffer;
4311097e 1049 host->port = port; /* Record the port that was used */
0756eb3c
PH		 1050 }
1051
1052/* If TLS is available on this connection, whether continued or not, attempt to
1053start up a TLS session, unless the host is in hosts_avoid_tls. If successful,
1054send another EHLO - the server may give a different answer in secure mode. We
1055use a separate buffer for reading the response to STARTTLS so that if it is
1056negative, the original EHLO data is available for subsequent analysis, should
1057the client not be required to use TLS. If the response is bad, copy the buffer
1058for error analysis. */
1059
1060#ifdef SUPPORT_TLS
1061if (tls_offered && !suppress_tls &&
1062 verify_check_this_host(&(ob->hosts_avoid_tls), NULL, host->name,
1063 host->address, NULL) != OK)
1064 {
1065 uschar buffer2[4096];
1066 if (smtp_write_command(&outblock, FALSE, "STARTTLS\r\n") < 0)
1067 goto SEND_FAILED;
1068
1069 /* If there is an I/O error, transmission of this message is deferred. If
1070 there is a temporary rejection of STARRTLS and tls_tempfail_tryclear is
1071 false, we also defer. However, if there is a temporary rejection of STARTTLS
1072 and tls_tempfail_tryclear is true, or if there is an outright rejection of
1073 STARTTLS, we carry on. This means we will try to send the message in clear,
1074 unless the host is in hosts_require_tls (tested below). */
1075
1076 if (!smtp_read_response(&inblock, buffer2, sizeof(buffer2), '2',
1077 ob->command_timeout))
1078 {
0756eb3c
PH		 1079 if (errno != 0 || buffer2[0] == 0 ||
1080 (buffer2[0] == '4' && !ob->tls_tempfail_tryclear))
0dda4340
TK		 1081 {
1082 Ustrncpy(buffer, buffer2, sizeof(buffer));
0756eb3c 1083 goto RESPONSE_FAILED;
0dda4340 1084 }
0756eb3c
PH		 1085 }
1086
1087 /* STARTTLS accepted: try to negotiate a TLS session. */
1088
1089 else
1090 {
83da1223
PH		 1091 int rc = tls_client_start(inblock.sock,
1092 host,
1093 addrlist,
0756eb3c
PH		 1094 NULL, /* No DH param */
1095 ob->tls_certificate,
1096 ob->tls_privatekey,
1097 ob->tls_verify_certificates,
1098 ob->tls_crl,
1099 ob->tls_require_ciphers,
83da1223
PH		 1100 ob->gnutls_require_mac,
1101 ob->gnutls_require_kx,
1102 ob->gnutls_require_proto,
0756eb3c
PH		 1103 ob->command_timeout);
1104
1105 /* TLS negotiation failed; give an error. From outside, this function may
1106 be called again to try in clear on a new connection, if the options permit
1107 it for this host. */
1108
1109 if (rc != OK)
1110 {
1111 save_errno = ERRNO_TLSFAILURE;
1112 message = US"failure while setting up TLS session";
1113 send_quit = FALSE;
1114 goto TLS_FAILED;
1115 }
1116
1117 /* TLS session is set up */
1118
1119 for (addr = addrlist; addr != NULL; addr = addr->next)
1120 {
5ca2a9a1
PH		 1121 if (addr->transport_return == PENDING_DEFER)
1122 {
1123 addr->cipher = tls_cipher;
1124 addr->peerdn = tls_peerdn;
1125 }
0756eb3c
PH		 1126 }
1127 }
1128 }
1129
41c7c167
PH		 1130/* If we started TLS, redo the EHLO/LHLO exchange over the secure channel. If
1131helo_data is null, we are dealing with a connection that was passed from
1132another process, and so we won't have expanded helo_data above. We have to
1133expand it here. $sending_ip_address and $sending_port are set up right at the
1134start of the Exim process (in exim.c). */
0756eb3c
PH		 1135
1136if (tls_active >= 0)
1137 {
41c7c167
PH		 1138 if (helo_data == NULL)
1139 {
1140 helo_data = expand_string(ob->helo_data);
1141 if (helo_data == NULL)
1142 {
1143 uschar *message = string_sprintf("failed to expand helo_data: %s",
1144 expand_string_message);
1145 set_errno(addrlist, 0, message, DEFER, FALSE);
1146 yield = DEFER;
1147 goto SEND_QUIT;
1148 }
1149 }
1150
0756eb3c
PH		 1151 if (smtp_write_command(&outblock, FALSE, "%s %s\r\n", lmtp? "LHLO" : "EHLO",
1152 helo_data) < 0)
1153 goto SEND_FAILED;
1154 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1155 ob->command_timeout))
1156 goto RESPONSE_FAILED;
1157 }
1158
1159/* If the host is required to use a secure channel, ensure that we
1160have one. */
1161
1162else if (verify_check_this_host(&(ob->hosts_require_tls), NULL, host->name,
1163 host->address, NULL) == OK)
1164 {
1165 save_errno = ERRNO_TLSREQUIRED;
1166 message = string_sprintf("a TLS session is required for %s [%s], but %s",
1167 host->name, host->address,
1168 tls_offered? "an attempt to start TLS failed" :
1169 "the server did not offer TLS support");
1170 goto TLS_FAILED;
1171 }
1172#endif
1173
1174/* If TLS is active, we have just started it up and re-done the EHLO command,
1175so its response needs to be analyzed. If TLS is not active and this is a
1176continued session down a previously-used socket, we haven't just done EHLO, so
1177we skip this. */
1178
1179if (continue_hostname == NULL
1180 #ifdef SUPPORT_TLS
1181 || tls_active >= 0
1182 #endif
1183 )
1184 {
1185 int require_auth;
1186 uschar *fail_reason = US"server did not advertise AUTH support";
1187
f1513293
PH		 1188 /* Set for IGNOREQUOTA if the response to LHLO specifies support and the
1189 lmtp_ignore_quota option was set. */
1190
1191 igquotstr = (lmtp && ob->lmtp_ignore_quota &&
1192 pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer, Ustrlen(CS buffer), 0,
1193 PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US"";
1194
0756eb3c
PH		 1195 /* If the response to EHLO specified support for the SIZE parameter, note
1196 this, provided size_addition is non-negative. */
1197
1198 smtp_use_size = esmtp && ob->size_addition >= 0 &&
1199 pcre_exec(regex_SIZE, NULL, CS buffer, Ustrlen(CS buffer), 0,
1200 PCRE_EOPT, NULL, 0) >= 0;
1201
1202 /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched
c51b8e75
PH		 1203 the current host, esmtp will be false, so PIPELINING can never be used. If
1204 the current host matches hosts_avoid_pipelining, don't do it. */
0756eb3c
PH		 1205
1206 smtp_use_pipelining = esmtp &&
c51b8e75
PH		 1207 verify_check_this_host(&(ob->hosts_avoid_pipelining), NULL, host->name,
1208 host->address, NULL) != OK &&
0756eb3c
PH		 1209 pcre_exec(regex_PIPELINING, NULL, CS buffer, Ustrlen(CS buffer), 0,
1210 PCRE_EOPT, NULL, 0) >= 0;
1211
1212 DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
1213 smtp_use_pipelining? "" : "not ");
1214
1215 /* Note if the response to EHLO specifies support for the AUTH extension.
1216 If it has, check that this host is one we want to authenticate to, and do
1217 the business. The host name and address must be available when the
1218 authenticator's client driver is running. */
1219
1220 smtp_authenticated = FALSE;
1221 require_auth = verify_check_this_host(&(ob->hosts_require_auth), NULL,
1222 host->name, host->address, NULL);
1223
1224 if (esmtp && regex_match_and_setup(regex_AUTH, buffer, 0, -1))
1225 {
1226 uschar *names = string_copyn(expand_nstring[1], expand_nlength[1]);
1227 expand_nmax = -1; /* reset */
1228
1229 /* Must not do this check until after we have saved the result of the
1230 regex match above. */
1231
1232 if (require_auth == OK ||
1233 verify_check_this_host(&(ob->hosts_try_auth), NULL, host->name,
1234 host->address, NULL) == OK)
1235 {
1236 auth_instance *au;
1237 fail_reason = US"no common mechanisms were found";
1238
1239 DEBUG(D_transport) debug_printf("scanning authentication mechanisms\n");
1240
1241 /* Scan the configured authenticators looking for one which is configured
6c512171
PH		 1242 for use as a client, which is not suppressed by client_condition, and
1243 whose name matches an authentication mechanism supported by the server.
1244 If one is found, attempt to authenticate by calling its client function.
1245 */
0756eb3c
PH		 1246
1247 for (au = auths; !smtp_authenticated && au != NULL; au = au->next)
1248 {
1249 uschar *p = names;
6c512171
PH		 1250 if (!au->client ||
1251 (au->client_condition != NULL &&
1252 !expand_check_condition(au->client_condition, au->name,
1253 US"client authenticator")))
1254 {
1255 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1256 au->name,
1257 (au->client)? "client_condition is false" :
1258 "not configured as a client");
1259 continue;
1260 }
0756eb3c
PH		 1261
1262 /* Loop to scan supported server mechanisms */
1263
1264 while (*p != 0)
1265 {
1266 int rc;
1267 int len = Ustrlen(au->public_name);
1268 while (isspace(*p)) p++;
1269
1270 if (strncmpic(au->public_name, p, len) != 0 ||
1271 (p[len] != 0 && !isspace(p[len])))
1272 {
1273 while (*p != 0 && !isspace(*p)) p++;
1274 continue;
1275 }
1276
1277 /* Found data for a listed mechanism. Call its client entry. Set
1278 a flag in the outblock so that data is overwritten after sending so
1279 that reflections don't show it. */
1280
1281 fail_reason = US"authentication attempt(s) failed";
1282 outblock.authenticating = TRUE;
1283 rc = (au->info->clientcode)(au, &inblock, &outblock,
1284 ob->command_timeout, buffer, sizeof(buffer));
1285 outblock.authenticating = FALSE;
1286 DEBUG(D_transport) debug_printf("%s authenticator yielded %d\n",
1287 au->name, rc);
1288
1289 /* A temporary authentication failure must hold up delivery to
1290 this host. After a permanent authentication failure, we carry on
1291 to try other authentication methods. If all fail hard, try to
1292 deliver the message unauthenticated unless require_auth was set. */
1293
1294 switch(rc)
1295 {
1296 case OK:
1297 smtp_authenticated = TRUE; /* stops the outer loop */
1298 break;
1299
1300 /* Failure after writing a command */
1301
1302 case FAIL_SEND:
1303 goto SEND_FAILED;
1304
1305 /* Failure after reading a response */
1306
1307 case FAIL:
1308 if (errno != 0 || buffer[0] != '5') goto RESPONSE_FAILED;
1309 log_write(0, LOG_MAIN, "%s authenticator failed H=%s [%s] %s",
1310 au->name, host->name, host->address, buffer);
1311 break;
1312
1313 /* Failure by some other means. In effect, the authenticator
1314 decided it wasn't prepared to handle this case. Typically this
1315 is the result of "fail" in an expansion string. Do we need to
4730f942
PH		 1316 log anything here? Feb 2006: a message is now put in the buffer
1317 if logging is required. */
0756eb3c
PH		 1318
1319 case CANCELLED:
4730f942
PH		 1320 if (*buffer != 0)
1321 log_write(0, LOG_MAIN, "%s authenticator cancelled "
1322 "authentication H=%s [%s] %s", au->name, host->name,
1323 host->address, buffer);
0756eb3c
PH		 1324 break;
1325
1326 /* Internal problem, message in buffer. */
1327
1328 case ERROR:
1329 yield = ERROR;
447d236c 1330 set_errno(addrlist, 0, string_copy(buffer), DEFER, FALSE);
0756eb3c
PH		 1331 goto SEND_QUIT;
1332 }
1333
1334 break; /* If not authenticated, try next authenticator */
1335 } /* Loop for scanning supported server mechanisms */
1336 } /* Loop for further authenticators */
1337 }
1338 }
1339
1340 /* If we haven't authenticated, but are required to, give up. */
1341
1342 if (require_auth == OK && !smtp_authenticated)
1343 {
1344 yield = DEFER;
1345 set_errno(addrlist, ERRNO_AUTHFAIL,
447d236c
PH		 1346 string_sprintf("authentication required but %s", fail_reason), DEFER,
1347 FALSE);
0756eb3c
PH		 1348 goto SEND_QUIT;
1349 }
1350 }
1351
1352/* The setting up of the SMTP call is now complete. Any subsequent errors are
1353message-specific. */
1354
1355setting_up = FALSE;
1356
1357/* If there is a filter command specified for this transport, we can now
1358set it up. This cannot be done until the identify of the host is known. */
1359
1360if (tblock->filter_command != NULL)
1361 {
1362 BOOL rc;
1363 uschar buffer[64];
1364 sprintf(CS buffer, "%.50s transport", tblock->name);
1365 rc = transport_set_up_command(&transport_filter_argv, tblock->filter_command,
1366 TRUE, DEFER, addrlist, buffer, NULL);
9b989985 1367 transport_filter_timeout = tblock->filter_timeout;
0756eb3c
PH		 1368
1369 /* On failure, copy the error to all addresses, abandon the SMTP call, and
1370 yield ERROR. */
1371
1372 if (!rc)
1373 {
447d236c
PH		 1374 set_errno(addrlist->next, addrlist->basic_errno, addrlist->message, DEFER,
1375 FALSE);
0756eb3c
PH		 1376 yield = ERROR;
1377 goto SEND_QUIT;
1378 }
1379 }
1380
1381
1382/* For messages that have more than the maximum number of envelope recipients,
1383we want to send several transactions down the same SMTP connection. (See
1384comments in deliver.c as to how this reconciles, heuristically, with
1385remote_max_parallel.) This optimization was added to Exim after the following
1386code was already working. The simplest way to put it in without disturbing the
1387code was to use a goto to jump back to this point when there is another
1388transaction to handle. */
1389
1390SEND_MESSAGE:
1391sync_addr = first_addr;
1392address_count = 0;
1393ok = FALSE;
1394send_rset = TRUE;
1395completed_address = FALSE;
1396
1397
1398/* Initiate a message transfer. If we know the receiving MTA supports the SIZE
1399qualification, send it, adding something to the message size to allow for
1400imprecision and things that get added en route. Exim keeps the number of lines
1401in a message, so we can give an accurate value for the original message, but we
1402need some additional to handle added headers. (Double "." characters don't get
1403included in the count.) */
1404
1405p = buffer;
1406*p = 0;
1407
1408if (smtp_use_size)
1409 {
1410 sprintf(CS p, " SIZE=%d", message_size+message_linecount+ob->size_addition);
1411 while (*p) p++;
1412 }
1413
1414/* Add the authenticated sender address if present */
1415
382afc6b
PH		 1416if ((smtp_authenticated || ob->authenticated_sender_force) &&
1417 local_authenticated_sender != NULL)
0756eb3c
PH		 1418 {
1419 string_format(p, sizeof(buffer) - (p-buffer), " AUTH=%s",
1420 auth_xtextencode(local_authenticated_sender,
1421 Ustrlen(local_authenticated_sender)));
1422 }
1423
1424/* From here until we send the DATA command, we can make use of PIPELINING
1425if the server host supports it. The code has to be able to check the responses
1426at any point, for when the buffer fills up, so we write it totally generally.
1427When PIPELINING is off, each command written reports that it has flushed the
1428buffer. */
1429
1430pending_MAIL = TRUE; /* The block starts with MAIL */
1431
1432rc = smtp_write_command(&outblock, smtp_use_pipelining,
1433 "MAIL FROM:<%s>%s\r\n", return_path, buffer);
1434mail_command = string_copy(big_buffer); /* Save for later error message */
1435
1436switch(rc)
1437 {
1438 case -1: /* Transmission error */
1439 goto SEND_FAILED;
1440
1441 case +1: /* Block was sent */
1442 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
e97957bc
PH		 1443 ob->command_timeout))
1444 {
1445 if (errno == 0 && buffer[0] == '4')
1446 {
1447 errno = ERRNO_MAIL4XX;
1448 addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
1449 }
1450 goto RESPONSE_FAILED;
1451 }
0756eb3c
PH		 1452 pending_MAIL = FALSE;
1453 break;
1454 }
1455
1456/* Pass over all the relevant recipient addresses for this host, which are the
1457ones that have status PENDING_DEFER. If we are using PIPELINING, we can send
1458several before we have to read the responses for those seen so far. This
1459checking is done by a subroutine because it also needs to be done at the end.
1460Send only up to max_rcpt addresses at a time, leaving first_addr pointing to
1461the next one if not all are sent.
1462
1463In the MUA wrapper situation, we want to flush the PIPELINING buffer for the
1464last address because we want to abort if any recipients have any kind of
1465problem, temporary or permanent. We know that all recipient addresses will have
1466the PENDING_DEFER status, because only one attempt is ever made, and we know
1467that max_rcpt will be large, so all addresses will be done at once. */
1468
1469for (addr = first_addr;
1470 address_count < max_rcpt && addr != NULL;
1471 addr = addr->next)
1472 {
1473 int count;
1474 BOOL no_flush;
1475
1476 if (addr->transport_return != PENDING_DEFER) continue;
1477
1478 address_count++;
1479 no_flush = smtp_use_pipelining && (!mua_wrapper || addr->next != NULL);
1480
1481 /* Now send the RCPT command, and process outstanding responses when
1482 necessary. After a timeout on RCPT, we just end the function, leaving the
1483 yield as OK, because this error can often mean that there is a problem with
1484 just one address, so we don't want to delay the host. */
1485
f1513293
PH		 1486 count = smtp_write_command(&outblock, no_flush, "RCPT TO:<%s>%s\r\n",
1487 transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr);
0756eb3c
PH		 1488 if (count < 0) goto SEND_FAILED;
1489 if (count > 0)
1490 {
1491 switch(sync_responses(first_addr, tblock->rcpt_include_affixes,
48c7f9e2
PH		 1492 &sync_addr, host, count, ob->address_retry_include_sender,
1493 pending_MAIL, 0, &inblock, ob->command_timeout, buffer,
1494 sizeof(buffer)))
0756eb3c
PH		 1495 {
1496 case 3: ok = TRUE; /* 2xx & 5xx => OK & progress made */
1497 case 2: completed_address = TRUE; /* 5xx (only) => progress made */
1498 break;
1499
1500 case 1: ok = TRUE; /* 2xx (only) => OK, but if LMTP, */
1501 if (!lmtp) completed_address = TRUE; /* can't tell about progress yet */
1502 case 0: /* No 2xx or 5xx, but no probs */
1503 break;
1504
1505 case -1: goto END_OFF; /* Timeout on RCPT */
1506 default: goto RESPONSE_FAILED; /* I/O error, or any MAIL error */
1507 }
1508 pending_MAIL = FALSE; /* Dealt with MAIL */
1509 }
1510 } /* Loop for next address */
1511
1512/* If we are an MUA wrapper, abort if any RCPTs were rejected, either
1513permanently or temporarily. We should have flushed and synced after the last
1514RCPT. */
1515
1516if (mua_wrapper)
1517 {
1518 address_item *badaddr;
1519 for (badaddr = first_addr; badaddr != NULL; badaddr = badaddr->next)
1520 {
1521 if (badaddr->transport_return != PENDING_OK) break;
1522 }
1523 if (badaddr != NULL)
1524 {
447d236c
PH		 1525 set_errno(addrlist, 0, badaddr->message, FAIL,
1526 testflag(badaddr, af_pass_message));
0756eb3c
PH		 1527 ok = FALSE;
1528 }
1529 }
1530
1531/* If ok is TRUE, we know we have got at least one good recipient, and must now
1532send DATA, but if it is FALSE (in the normal, non-wrapper case), we may still
1533have a good recipient buffered up if we are pipelining. We don't want to waste
1534time sending DATA needlessly, so we only send it if either ok is TRUE or if we
1535are pipelining. The responses are all handled by sync_responses(). */
1536
1537if (ok || (smtp_use_pipelining && !mua_wrapper))
1538 {
1539 int count = smtp_write_command(&outblock, FALSE, "DATA\r\n");
1540 if (count < 0) goto SEND_FAILED;
1541 switch(sync_responses(first_addr, tblock->rcpt_include_affixes, &sync_addr,
48c7f9e2
PH		 1542 host, count, ob->address_retry_include_sender, pending_MAIL,
1543 ok? +1 : -1, &inblock, ob->command_timeout, buffer, sizeof(buffer)))
0756eb3c
PH		 1544 {
1545 case 3: ok = TRUE; /* 2xx & 5xx => OK & progress made */
1546 case 2: completed_address = TRUE; /* 5xx (only) => progress made */
1547 break;
1548
1549 case 1: ok = TRUE; /* 2xx (only) => OK, but if LMTP, */
1550 if (!lmtp) completed_address = TRUE; /* can't tell about progress yet */
1551 case 0: break; /* No 2xx or 5xx, but no probs */
1552
1553 case -1: goto END_OFF; /* Timeout on RCPT */
1554 default: goto RESPONSE_FAILED; /* I/O error, or any MAIL/DATA error */
1555 }
1556 }
1557
1558/* Save the first address of the next batch. */
1559
1560first_addr = addr;
1561
1562/* If there were no good recipients (but otherwise there have been no
1563problems), just set ok TRUE, since we have handled address-specific errors
1564already. Otherwise, it's OK to send the message. Use the check/escape mechanism
1565for handling the SMTP dot-handling protocol, flagging to apply to headers as
1566well as body. Set the appropriate timeout value to be used for each chunk.
1567(Haven't been able to make it work using select() for writing yet.) */
1568
1569if (!ok) ok = TRUE; else
1570 {
1571 sigalrm_seen = FALSE;
1572 transport_write_timeout = ob->data_timeout;
1573 smtp_command = US"sending data block"; /* For error messages */
1574 DEBUG(D_transport|D_v)
1575 debug_printf(" SMTP>> writing message and terminating \".\"\n");
1576 transport_count = 0;
80a47a2c 1577#ifndef DISABLE_DKIM
4cd12fe9
TK		 1578 ok = dkim_transport_write_message(addrlist, inblock.sock,
1579 topt_use_crlf | topt_end_dot | topt_escape_headers |
1580 (tblock->body_only? topt_no_headers : 0) |
1581 (tblock->headers_only? topt_no_body : 0) |
1582 (tblock->return_path_add? topt_add_return_path : 0) |
1583 (tblock->delivery_date_add? topt_add_delivery_date : 0) |
1584 (tblock->envelope_to_add? topt_add_envelope_to : 0),
1585 0, /* No size limit */
1586 tblock->add_headers, tblock->remove_headers,
1587 US".", US"..", /* Escaping strings */
1588 tblock->rewrite_rules, tblock->rewrite_existflags,
1589 ob->dkim_private_key, ob->dkim_domain, ob->dkim_selector,
80a47a2c 1590 ob->dkim_canon, ob->dkim_strict, ob->dkim_sign_headers
4cd12fe9
TK		 1591 );
1592#else
0756eb3c
PH		 1593 ok = transport_write_message(addrlist, inblock.sock,
1594 topt_use_crlf | topt_end_dot | topt_escape_headers |
1595 (tblock->body_only? topt_no_headers : 0) |
1596 (tblock->headers_only? topt_no_body : 0) |
1597 (tblock->return_path_add? topt_add_return_path : 0) |
1598 (tblock->delivery_date_add? topt_add_delivery_date : 0) |
1599 (tblock->envelope_to_add? topt_add_envelope_to : 0),
1600 0, /* No size limit */
1601 tblock->add_headers, tblock->remove_headers,
1602 US".", US"..", /* Escaping strings */
1603 tblock->rewrite_rules, tblock->rewrite_existflags);
4cd12fe9 1604#endif
0756eb3c
PH		 1605
1606 /* transport_write_message() uses write() because it is called from other
1607 places to write to non-sockets. This means that under some OS (e.g. Solaris)
1608 it can exit with "Broken pipe" as its error. This really means that the
1609 socket got closed at the far end. */
1610
1611 transport_write_timeout = 0; /* for subsequent transports */
1612
1613 /* Failure can either be some kind of I/O disaster (including timeout),
1614 or the failure of a transport filter or the expansion of added headers. */
1615
1616 if (!ok)
1617 {
1618 buffer[0] = 0; /* There hasn't been a response */
1619 goto RESPONSE_FAILED;
1620 }
1621
1622 /* We used to send the terminating "." explicitly here, but because of
1623 buffering effects at both ends of TCP/IP connections, you don't gain
1624 anything by keeping it separate, so it might as well go in the final
1625 data buffer for efficiency. This is now done by setting the topt_end_dot
1626 flag above. */
1627
1628 smtp_command = US"end of data";
1629
1630 /* For SMTP, we now read a single response that applies to the whole message.
1631 If it is OK, then all the addresses have been delivered. */
1632
e97957bc
PH		 1633 if (!lmtp)
1634 {
1635 ok = smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1636 ob->final_timeout);
1637 if (!ok && errno == 0 && buffer[0] == '4')
1638 {
1639 errno = ERRNO_DATA4XX;
1640 addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
1641 }
1642 }
0756eb3c
PH		 1643
1644 /* For LMTP, we get back a response for every RCPT command that we sent;
1645 some may be accepted and some rejected. For those that get a response, their
1646 status is fixed; any that are accepted have been handed over, even if later
1647 responses crash - at least, that's how I read RFC 2033.
1648
1649 If all went well, mark the recipient addresses as completed, record which
1650 host/IPaddress they were delivered to, and cut out RSET when sending another
1651 message down the same channel. Write the completed addresses to the journal
1652 now so that they are recorded in case there is a crash of hardware or
1653 software before the spool gets updated. Also record the final SMTP
1654 confirmation if needed (for SMTP only). */
1655
1656 if (ok)
1657 {
1658 int flag = '=';
1659 int delivery_time = (int)(time(NULL) - start_delivery_time);
1660 int len;
1661 host_item *thost;
1662 uschar *conf = NULL;
1663 send_rset = FALSE;
1664
1665 /* Make a copy of the host if it is local to this invocation
1666 of the transport. */
1667
1668 if (copy_host)
1669 {
1670 thost = store_get(sizeof(host_item));
1671 *thost = *host;
1672 thost->name = string_copy(host->name);
1673 thost->address = string_copy(host->address);
1674 }
1675 else thost = host;
1676
1677 /* Set up confirmation if needed - applies only to SMTP */
1678
1679 if ((log_extra_selector & LX_smtp_confirmation) != 0 && !lmtp)
1680 {
1681 uschar *s = string_printing(buffer);
1682 conf = (s == buffer)? (uschar *)string_copy(s) : s;
1683 }
1684
1685 /* Process all transported addresses - for LMTP, read a status for
1686 each one. */
1687
1688 for (addr = addrlist; addr != first_addr; addr = addr->next)
1689 {
1690 if (addr->transport_return != PENDING_OK) continue;
1691
1692 /* LMTP - if the response fails badly (e.g. timeout), use it for all the
1693 remaining addresses. Otherwise, it's a return code for just the one
75def545
PH		 1694 address. For temporary errors, add a retry item for the address so that
1695 it doesn't get tried again too soon. */
0756eb3c
PH		 1696
1697 if (lmtp)
1698 {
1699 if (!smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1700 ob->final_timeout))
1701 {
1702 if (errno != 0 || buffer[0] == 0) goto RESPONSE_FAILED;
1703 addr->message = string_sprintf("LMTP error after %s: %s",
1704 big_buffer, string_printing(buffer));
75def545
PH		 1705 setflag(addr, af_pass_message); /* Allow message to go to user */
1706 if (buffer[0] == '5')
1707 addr->transport_return = FAIL;
1708 else
1709 {
e97957bc
PH		 1710 errno = ERRNO_DATA4XX;
1711 addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8;
75def545
PH		 1712 addr->transport_return = DEFER;
1713 retry_add_item(addr, addr->address_retry_key, 0);
1714 }
0756eb3c
PH		 1715 continue;
1716 }
1717 completed_address = TRUE; /* NOW we can set this flag */
c0ea85ab
TF		 1718 if ((log_extra_selector & LX_smtp_confirmation) != 0)
1719 {
1720 uschar *s = string_printing(buffer);
1721 conf = (s == buffer)? (uschar *)string_copy(s) : s;
1722 }
0756eb3c
PH		 1723 }
1724
1725 /* SMTP, or success return from LMTP for this address. Pass back the
2d280592 1726 actual host that was used. */
0756eb3c
PH		 1727
1728 addr->transport_return = OK;
1729 addr->more_errno = delivery_time;
0756eb3c
PH		 1730 addr->host_used = thost;
1731 addr->special_action = flag;
1732 addr->message = conf;
1733 flag = '-';
1734
1735 /* Update the journal. For homonymic addresses, use the base address plus
1736 the transport name. See lots of comments in deliver.c about the reasons
1737 for the complications when homonyms are involved. Just carry on after
1738 write error, as it may prove possible to update the spool file later. */
1739
1740 if (testflag(addr, af_homonym))
1741 sprintf(CS buffer, "%.500s/%s\n", addr->unique + 3, tblock->name);
1742 else
1743 sprintf(CS buffer, "%.500s\n", addr->unique);
1744
1745 DEBUG(D_deliver) debug_printf("journalling %s", buffer);
1746 len = Ustrlen(CS buffer);
1747 if (write(journal_fd, buffer, len) != len)
1748 log_write(0, LOG_MAIN|LOG_PANIC, "failed to write journal for "
1749 "%s: %s", buffer, strerror(errno));
1750 }
1751
1752 /* Ensure the journal file is pushed out to disk. */
1753
54fc8428 1754 if (EXIMfsync(journal_fd) < 0)
0756eb3c
PH		 1755 log_write(0, LOG_MAIN|LOG_PANIC, "failed to fsync journal: %s",
1756 strerror(errno));
1757 }
1758 }
1759
1760
1761/* Handle general (not specific to one address) failures here. The value of ok
1762is used to skip over this code on the falling through case. A timeout causes a
1763deferral. Other errors may defer or fail according to the response code, and
1764may set up a special errno value, e.g. after connection chopped, which is
1765assumed if errno == 0 and there is no text in the buffer. If control reaches
1766here during the setting up phase (i.e. before MAIL FROM) then always defer, as
1767the problem is not related to this specific message. */
1768
1769if (!ok)
1770 {
1771 int code;
1772
1773 RESPONSE_FAILED:
1774 save_errno = errno;
1775 message = NULL;
1776 send_quit = check_response(host, &save_errno, addrlist->more_errno,
447d236c 1777 buffer, &code, &message, &pass_message);
0756eb3c
PH		 1778 goto FAILED;
1779
1780 SEND_FAILED:
1781 save_errno = errno;
1782 code = '4';
1783 message = US string_sprintf("send() to %s [%s] failed: %s",
1784 host->name, host->address, strerror(save_errno));
1785 send_quit = FALSE;
1786 goto FAILED;
1787
1788 /* This label is jumped to directly when a TLS negotiation has failed,
1789 or was not done for a host for which it is required. Values will be set
1790 in message and save_errno, and setting_up will always be true. Treat as
1791 a temporary error. */
1792
1793 #ifdef SUPPORT_TLS
1794 TLS_FAILED:
1795 code = '4';
1796 #endif
1797
1798 /* If the failure happened while setting up the call, see if the failure was
1799 a 5xx response (this will either be on connection, or following HELO - a 5xx
1800 after EHLO causes it to try HELO). If so, fail all addresses, as this host is
1801 never going to accept them. For other errors during setting up (timeouts or
1802 whatever), defer all addresses, and yield DEFER, so that the host is not
1803 tried again for a while. */
1804
1805 FAILED:
1806 ok = FALSE; /* For when reached by GOTO */
1807
1808 if (setting_up)
1809 {
1810 if (code == '5')
1811 {
447d236c 1812 set_errno(addrlist, save_errno, message, FAIL, pass_message);
0756eb3c
PH		 1813 }
1814 else
1815 {
447d236c 1816 set_errno(addrlist, save_errno, message, DEFER, pass_message);
0756eb3c
PH		 1817 yield = DEFER;
1818 }
1819 }
1820
e97957bc 1821 /* We want to handle timeouts after MAIL or "." and loss of connection after
0756eb3c 1822 "." specially. They can indicate a problem with the sender address or with
e97957bc
PH		 1823 the contents of the message rather than a real error on the connection. These
1824 cases are treated in the same way as a 4xx response. This next bit of code
1825 does the classification. */
0756eb3c 1826
e97957bc 1827 else
0756eb3c 1828 {
e97957bc 1829 BOOL message_error;
0756eb3c 1830
e97957bc
PH		 1831 switch(save_errno)
1832 {
1833 case 0:
1834 case ERRNO_MAIL4XX:
1835 case ERRNO_DATA4XX:
1836 message_error = TRUE;
1837 break;
0756eb3c 1838
e97957bc
PH		 1839 case ETIMEDOUT:
1840 message_error = Ustrncmp(smtp_command,"MAIL",4) == 0 ||
1841 Ustrncmp(smtp_command,"end ",4) == 0;
1842 break;
1843
1844 case ERRNO_SMTPCLOSED:
1845 message_error = Ustrncmp(smtp_command,"end ",4) == 0;
1846 break;
1847
1848 default:
1849 message_error = FALSE;
1850 break;
1851 }
0756eb3c 1852
e97957bc 1853 /* Handle the cases that are treated as message errors. These are:
0756eb3c 1854
e97957bc
PH		 1855 (a) negative response or timeout after MAIL
1856 (b) negative response after DATA
1857 (c) negative response or timeout or dropped connection after "."
0756eb3c 1858
e97957bc
PH		 1859 It won't be a negative response or timeout after RCPT, as that is dealt
1860 with separately above. The action in all cases is to set an appropriate
1861 error code for all the addresses, but to leave yield set to OK because the
1862 host itself has not failed. Of course, it might in practice have failed
1863 when we've had a timeout, but if so, we'll discover that at the next
1864 delivery attempt. For a temporary error, set the message_defer flag, and
1865 write to the logs for information if this is not the last host. The error
1866 for the last host will be logged as part of the address's log line. */
1867
1868 if (message_error)
0756eb3c 1869 {
e97957bc
PH		 1870 if (mua_wrapper) code = '5'; /* Force hard failure in wrapper mode */
1871 set_errno(addrlist, save_errno, message, (code == '5')? FAIL : DEFER,
1872 pass_message);
1873
1874 /* If there's an errno, the message contains just the identity of
1875 the host. */
1876
1877 if (code != '5') /* Anything other than 5 is treated as temporary */
1878 {
1879 if (save_errno > 0)
1880 message = US string_sprintf("%s: %s", message, strerror(save_errno));
1881 if (host->next != NULL) log_write(0, LOG_MAIN, "%s", message);
1882 deliver_msglog("%s %s\n", tod_stamp(tod_log), message);
1883 *message_defer = TRUE;
1884 }
1885 }
1886
1887 /* Otherwise, we have an I/O error or a timeout other than after MAIL or
1888 ".", or some other transportation error. We defer all addresses and yield
1889 DEFER, except for the case of failed add_headers expansion, or a transport
1890 filter failure, when the yield should be ERROR, to stop it trying other
1891 hosts. */
1892
1893 else
1894 {
1895 yield = (save_errno == ERRNO_CHHEADER_FAIL ||
1896 save_errno == ERRNO_FILTER_FAIL)? ERROR : DEFER;
1897 set_errno(addrlist, save_errno, message, DEFER, pass_message);
0756eb3c
PH		 1898 }
1899 }
1900 }
1901
1902
1903/* If all has gone well, send_quit will be set TRUE, implying we can end the
1904SMTP session tidily. However, if there were too many addresses to send in one
1905message (indicated by first_addr being non-NULL) we want to carry on with the
1906rest of them. Also, it is desirable to send more than one message down the SMTP
1907connection if there are several waiting, provided we haven't already sent so
1908many as to hit the configured limit. The function transport_check_waiting looks
1909for a waiting message and returns its id. Then transport_pass_socket tries to
1910set up a continued delivery by passing the socket on to another process. The
1911variable send_rset is FALSE if a message has just been successfully transfered.
1912
1913If we are already sending down a continued channel, there may be further
1914addresses not yet delivered that are aimed at the same host, but which have not
1915been passed in this run of the transport. In this case, continue_more will be
1916true, and all we should do is send RSET if necessary, and return, leaving the
1917channel open.
1918
1919However, if no address was disposed of, i.e. all addresses got 4xx errors, we
1920do not want to continue with other messages down the same channel, because that
1921can lead to looping between two or more messages, all with the same,
1922temporarily failing address(es). [The retry information isn't updated yet, so
1923new processes keep on trying.] We probably also don't want to try more of this
1924message's addresses either.
1925
1926If we have started a TLS session, we have to end it before passing the
1927connection to a new process. However, not all servers can handle this (Exim
1928can), so we do not pass such a connection on if the host matches
1929hosts_nopass_tls. */
1930
1931DEBUG(D_transport)
1932 debug_printf("ok=%d send_quit=%d send_rset=%d continue_more=%d "
1933 "yield=%d first_address is %sNULL\n", ok, send_quit, send_rset,
1934 continue_more, yield, (first_addr == NULL)? "":"not ");
1935
1936if (completed_address && ok && send_quit)
1937 {
1938 BOOL more;
1939 if (first_addr != NULL || continue_more ||
1940 (
1941 (tls_active < 0 ||
1942 verify_check_this_host(&(ob->hosts_nopass_tls), NULL, host->name,
1943 host->address, NULL) != OK)
1944 &&
1945 transport_check_waiting(tblock->name, host->name,
1946 tblock->connection_max_messages, new_message_id, &more)
1947 ))
1948 {
1949 uschar *msg;
447d236c 1950 BOOL pass_message;
0756eb3c
PH		 1951
1952 if (send_rset)
1953 {
1954 if (! (ok = smtp_write_command(&outblock, FALSE, "RSET\r\n") >= 0))
1955 {
1956 msg = US string_sprintf("send() to %s [%s] failed: %s", host->name,
1957 host->address, strerror(save_errno));
1958 send_quit = FALSE;
1959 }
1960 else if (! (ok = smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1961 ob->command_timeout)))
1962 {
1963 int code;
447d236c
PH		 1964 send_quit = check_response(host, &errno, 0, buffer, &code, &msg,
1965 &pass_message);
0756eb3c
PH		 1966 if (!send_quit)
1967 {
1968 DEBUG(D_transport) debug_printf("%s\n", msg);
1969 }
1970 }
1971 }
1972
1973 /* Either RSET was not needed, or it succeeded */
1974
1975 if (ok)
1976 {
1977 if (first_addr != NULL) /* More addresses still to be sent */
1978 { /* in this run of the transport */
1979 continue_sequence++; /* Causes * in logging */
1980 goto SEND_MESSAGE;
1981 }
1982 if (continue_more) return yield; /* More addresses for another run */
1983
1984 /* Pass the socket to a new Exim process. Before doing so, we must shut
1985 down TLS. Not all MTAs allow for the continuation of the SMTP session
1986 when TLS is shut down. We test for this by sending a new EHLO. If we
1987 don't get a good response, we don't attempt to pass the socket on. */
1988
1989 #ifdef SUPPORT_TLS
1990 if (tls_active >= 0)
1991 {
1992 tls_close(TRUE);
1993 ok = smtp_write_command(&outblock,FALSE,"EHLO %s\r\n",helo_data) >= 0 &&
1994 smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
1995 ob->command_timeout);
1996 }
1997 #endif
1998
1999 /* If the socket is successfully passed, we musn't send QUIT (or
2000 indeed anything!) from here. */
2001
2002 if (ok && transport_pass_socket(tblock->name, host->name, host->address,
2003 new_message_id, inblock.sock))
2004 {
2005 send_quit = FALSE;
2006 }
2007 }
2008
2009 /* If RSET failed and there are addresses left, they get deferred. */
2010
447d236c 2011 else set_errno(first_addr, errno, msg, DEFER, FALSE);
0756eb3c
PH		 2012 }
2013 }
2014
2015/* End off tidily with QUIT unless the connection has died or the socket has
2016been passed to another process. There has been discussion on the net about what
2017to do after sending QUIT. The wording of the RFC suggests that it is necessary
2018to wait for a response, but on the other hand, there isn't anything one can do
2019with an error response, other than log it. Exim used to do that. However,
2020further discussion suggested that it is positively advantageous not to wait for
2021the response, but to close the session immediately. This is supposed to move
2022the TCP/IP TIME_WAIT state from the server to the client, thereby removing some
2023load from the server. (Hosts that are both servers and clients may not see much
2024difference, of course.) Further discussion indicated that this was safe to do
2025on Unix systems which have decent implementations of TCP/IP that leave the
2026connection around for a while (TIME_WAIT) after the application has gone away.
2027This enables the response sent by the server to be properly ACKed rather than
2028timed out, as can happen on broken TCP/IP implementations on other OS.
2029
2030This change is being made on 31-Jul-98. After over a year of trouble-free
2031operation, the old commented-out code was removed on 17-Sep-99. */
2032
2033SEND_QUIT:
2034if (send_quit) (void)smtp_write_command(&outblock, FALSE, "QUIT\r\n");
2035
2036END_OFF:
2037
2038#ifdef SUPPORT_TLS
2039tls_close(TRUE);
2040#endif
2041
2042/* Close the socket, and return the appropriate value, first setting
2043continue_transport and continue_hostname NULL to prevent any other addresses
2044that may include the host from trying to re-use a continuation socket. This
2045works because the NULL setting is passed back to the calling process, and
2046remote_max_parallel is forced to 1 when delivering over an existing connection,
2047
2048If all went well and continue_more is set, we shouldn't actually get here if
2049there are further addresses, as the return above will be taken. However,
2050writing RSET might have failed, or there may be other addresses whose hosts are
2051specified in the transports, and therefore not visible at top level, in which
2052case continue_more won't get set. */
2053
f1e894f3 2054(void)close(inblock.sock);
0756eb3c
PH		 2055continue_transport = NULL;
2056continue_hostname = NULL;
2057return yield;
2058}
2059
2060
2061
2062
2063/*************************************************
2064* Closedown entry point *
2065*************************************************/
2066
2067/* This function is called when exim is passed an open smtp channel
2068from another incarnation, but the message which it has been asked
2069to deliver no longer exists. The channel is on stdin.
2070
2071We might do fancy things like looking for another message to send down
2072the channel, but if the one we sought has gone, it has probably been
2073delivered by some other process that itself will seek further messages,
2074so just close down our connection.
2075
2076Argument: pointer to the transport instance block
2077Returns: nothing
2078*/
2079
2080void
2081smtp_transport_closedown(transport_instance *tblock)
2082{
2083smtp_transport_options_block *ob =
2084 (smtp_transport_options_block *)(tblock->options_block);
2085smtp_inblock inblock;
2086smtp_outblock outblock;
2087uschar buffer[256];
2088uschar inbuffer[4096];
2089uschar outbuffer[16];
2090
2091inblock.sock = fileno(stdin);
2092inblock.buffer = inbuffer;
2093inblock.buffersize = sizeof(inbuffer);
2094inblock.ptr = inbuffer;
2095inblock.ptrend = inbuffer;
2096
2097outblock.sock = inblock.sock;
2098outblock.buffersize = sizeof(outbuffer);
2099outblock.buffer = outbuffer;
2100outblock.ptr = outbuffer;
2101outblock.cmd_count = 0;
2102outblock.authenticating = FALSE;
2103
2104(void)smtp_write_command(&outblock, FALSE, "QUIT\r\n");
2105(void)smtp_read_response(&inblock, buffer, sizeof(buffer), '2',
2106 ob->command_timeout);
f1e894f3 2107(void)close(inblock.sock);
0756eb3c
PH		 2108}
2109
2110
2111
2112/*************************************************
2113* Prepare addresses for delivery *
2114*************************************************/
2115
2116/* This function is called to flush out error settings from previous delivery
2117attempts to other hosts. It also records whether we got here via an MX record
2118or not in the more_errno field of the address. We are interested only in
2119addresses that are still marked DEFER - others may have got delivered to a
2120previously considered IP address. Set their status to PENDING_DEFER to indicate
2121which ones are relevant this time.
2122
2123Arguments:
2124 addrlist the list of addresses
2125 host the host we are delivering to
2126
2127Returns: the first address for this delivery
2128*/
2129
2130static address_item *
2131prepare_addresses(address_item *addrlist, host_item *host)
2132{
2133address_item *first_addr = NULL;
2134address_item *addr;
2135for (addr = addrlist; addr != NULL; addr = addr->next)
2136 {
2137 if (addr->transport_return != DEFER) continue;
2138 if (first_addr == NULL) first_addr = addr;
2139 addr->transport_return = PENDING_DEFER;
2140 addr->basic_errno = 0;
2141 addr->more_errno = (host->mx >= 0)? 'M' : 'A';
2142 addr->message = NULL;
2143 #ifdef SUPPORT_TLS
2144 addr->cipher = NULL;
2145 addr->peerdn = NULL;
2146 #endif
2147 }
2148return first_addr;
2149}
2150
2151
2152
2153/*************************************************
2154* Main entry point *
2155*************************************************/
2156
2157/* See local README for interface details. As this is a remote transport, it is
2158given a chain of addresses to be delivered in one connection, if possible. It
2159always returns TRUE, indicating that each address has its own independent
2160status set, except if there is a setting up problem, in which case it returns
2161FALSE. */
2162
2163BOOL
2164smtp_transport_entry(
2165 transport_instance *tblock, /* data for this instantiation */
2166 address_item *addrlist) /* addresses we are working on */
2167{
2168int cutoff_retry;
2169int port;
2170int hosts_defer = 0;
2171int hosts_fail = 0;
2172int hosts_looked_up = 0;
2173int hosts_retry = 0;
2174int hosts_serial = 0;
2175int hosts_total = 0;
8e669ac1 2176int total_hosts_tried = 0;
0756eb3c
PH		 2177address_item *addr;
2178BOOL expired = TRUE;
2179BOOL continuing = continue_hostname != NULL;
2180uschar *expanded_hosts = NULL;
2181uschar *pistring;
2182uschar *tid = string_sprintf("%s transport", tblock->name);
2183smtp_transport_options_block *ob =
2184 (smtp_transport_options_block *)(tblock->options_block);
2185host_item *hostlist = addrlist->host_list;
2186host_item *host = NULL;
2187
2188DEBUG(D_transport)
2189 {
2190 debug_printf("%s transport entered\n", tblock->name);
2191 for (addr = addrlist; addr != NULL; addr = addr->next)
2192 debug_printf(" %s\n", addr->address);
2193 if (continuing) debug_printf("already connected to %s [%s]\n",
2194 continue_hostname, continue_host_address);
2195 }
2196
f6c332bd
PH		 2197/* Set the flag requesting that these hosts be added to the waiting
2198database if the delivery fails temporarily or if we are running with
2199queue_smtp or a 2-stage queue run. This gets unset for certain
2200kinds of error, typically those that are specific to the message. */
2201
2202update_waiting = TRUE;
2203
0756eb3c
PH		 2204/* If a host list is not defined for the addresses - they must all have the
2205same one in order to be passed to a single transport - or if the transport has
2206a host list with hosts_override set, use the host list supplied with the
2207transport. It is an error for this not to exist. */
2208
2209if (hostlist == NULL || (ob->hosts_override && ob->hosts != NULL))
2210 {
2211 if (ob->hosts == NULL)
2212 {
2213 addrlist->message = string_sprintf("%s transport called with no hosts set",
2214 tblock->name);
2215 addrlist->transport_return = PANIC;
2216 return FALSE; /* Only top address has status */
2217 }
2218
2219 DEBUG(D_transport) debug_printf("using the transport's hosts: %s\n",
2220 ob->hosts);
2221
2222 /* If the transport's host list contains no '$' characters, and we are not
2223 randomizing, it is fixed and therefore a chain of hosts can be built once
2224 and for all, and remembered for subsequent use by other calls to this
2225 transport. If, on the other hand, the host list does contain '$', or we are
2226 randomizing its order, we have to rebuild it each time. In the fixed case,
2227 as the hosts string will never be used again, it doesn't matter that we
2228 replace all the : characters with zeros. */
2229
2230 if (ob->hostlist == NULL)
2231 {
2232 uschar *s = ob->hosts;
2233
2234 if (Ustrchr(s, '$') != NULL)
2235 {
2236 expanded_hosts = expand_string(s);
2237 if (expanded_hosts == NULL)
2238 {
2239 addrlist->message = string_sprintf("failed to expand list of hosts "
2240 "\"%s\" in %s transport: %s", s, tblock->name, expand_string_message);
2241 addrlist->transport_return = search_find_defer? DEFER : PANIC;
2242 return FALSE; /* Only top address has status */
2243 }
2244 DEBUG(D_transport) debug_printf("expanded list of hosts \"%s\" to "
2245 "\"%s\"\n", s, expanded_hosts);
2246 s = expanded_hosts;
2247 }
2248 else
2249 if (ob->hosts_randomize) s = expanded_hosts = string_copy(s);
2250
2251 host_build_hostlist(&hostlist, s, ob->hosts_randomize);
2252
e276e04b
TF		 2253 /* Check that the expansion yielded something useful. */
2254 if (hostlist == NULL)
2255 {
2256 addrlist->message =
2257 string_sprintf("%s transport has empty hosts setting", tblock->name);
2258 addrlist->transport_return = PANIC;
2259 return FALSE; /* Only top address has status */
2260 }
2261
0756eb3c
PH		 2262 /* If there was no expansion of hosts, save the host list for
2263 next time. */
2264
2265 if (expanded_hosts == NULL) ob->hostlist = hostlist;
2266 }
2267
2268 /* This is not the first time this transport has been run in this delivery;
2269 the host list was built previously. */
2270
2271 else hostlist = ob->hostlist;
2272 }
2273
2274/* The host list was supplied with the address. If hosts_randomize is set, we
2275must sort it into a random order if it did not come from MX records and has not
2276already been randomized (but don't bother if continuing down an existing
2277connection). */
2278
2279else if (ob->hosts_randomize && hostlist->mx == MX_NONE && !continuing)
2280 {
2281 host_item *newlist = NULL;
2282 while (hostlist != NULL)
2283 {
2284 host_item *h = hostlist;
2285 hostlist = hostlist->next;
2286
2287 h->sort_key = random_number(100);
2288
2289 if (newlist == NULL)
2290 {
2291 h->next = NULL;
2292 newlist = h;
2293 }
2294 else if (h->sort_key < newlist->sort_key)
2295 {
2296 h->next = newlist;
2297 newlist = h;
2298 }
2299 else
2300 {
2301 host_item *hh = newlist;
2302 while (hh->next != NULL)
2303 {
2304 if (h->sort_key < hh->next->sort_key) break;
2305 hh = hh->next;
2306 }
2307 h->next = hh->next;
2308 hh->next = h;
2309 }
2310 }
2311
2312 hostlist = addrlist->host_list = newlist;
2313 }
2314
2315
2d280592 2316/* Sort out the default port. */
0756eb3c
PH		 2317
2318if (!smtp_get_port(ob->port, addrlist, &port, tid)) return FALSE;
0756eb3c
PH		 2319
2320
2321/* For each host-plus-IP-address on the list:
2322
2323. If this is a continued delivery and the host isn't the one with the
2324 current connection, skip.
2325
2326. If the status is unusable (i.e. previously failed or retry checked), skip.
2327
2328. If no IP address set, get the address, either by turning the name into
2329 an address, calling gethostbyname if gethostbyname is on, or by calling
2330 the DNS. The DNS may yield multiple addresses, in which case insert the
2331 extra ones into the list.
2332
2333. Get the retry data if not previously obtained for this address and set the
2334 field which remembers the state of this address. Skip if the retry time is
2335 not reached. If not, remember whether retry data was found. The retry string
2336 contains both the name and the IP address.
2337
2338. Scan the list of addresses and mark those whose status is DEFER as
2339 PENDING_DEFER. These are the only ones that will be processed in this cycle
2340 of the hosts loop.
2341
2342. Make a delivery attempt - addresses marked PENDING_DEFER will be tried.
2343 Some addresses may be successfully delivered, others may fail, and yet
2344 others may get temporary errors and so get marked DEFER.
2345
2346. The return from the delivery attempt is OK if a connection was made and a
2347 valid SMTP dialogue was completed. Otherwise it is DEFER.
2348
2349. If OK, add a "remove" retry item for this host/IPaddress, if any.
2350
2351. If fail to connect, or other defer state, add a retry item.
2352
2353. If there are any addresses whose status is still DEFER, carry on to the
2354 next host/IPaddress, unless we have tried the number of hosts given
533244af 2355 by hosts_max_try or hosts_max_try_hardlimit; otherwise return. Note that
8e669ac1
PH		 2356 there is some fancy logic for hosts_max_try that means its limit can be
2357 overstepped in some circumstances.
0756eb3c
PH		 2358
2359If we get to the end of the list, all hosts have deferred at least one address,
2360or not reached their retry times. If delay_after_cutoff is unset, it requests a
2361delivery attempt to those hosts whose last try was before the arrival time of
2362the current message. To cope with this, we have to go round the loop a second
2363time. After that, set the status and error data for any addresses that haven't
2364had it set already. */
2365
2366for (cutoff_retry = 0; expired &&
2367 cutoff_retry < ((ob->delay_after_cutoff)? 1 : 2);
2368 cutoff_retry++)
2369 {
2370 host_item *nexthost = NULL;
2371 int unexpired_hosts_tried = 0;
2372
2373 for (host = hostlist;
8e669ac1 2374 host != NULL &&
533244af
PH		 2375 unexpired_hosts_tried < ob->hosts_max_try &&
2376 total_hosts_tried < ob->hosts_max_try_hardlimit;
0756eb3c
PH		 2377 host = nexthost)
2378 {
2379 int rc;
2380 int host_af;
2381 uschar *rs;
2382 BOOL serialized = FALSE;
2383 BOOL host_is_expired = FALSE;
2384 BOOL message_defer = FALSE;
2385 BOOL ifchanges = FALSE;
2386 BOOL some_deferred = FALSE;
2387 address_item *first_addr = NULL;
2388 uschar *interface = NULL;
2389 uschar *retry_host_key = NULL;
2390 uschar *retry_message_key = NULL;
2391 uschar *serialize_key = NULL;
2392
9c4e8f60
PH		 2393 /* Default next host is next host. :-) But this can vary if the
2394 hosts_max_try limit is hit (see below). It may also be reset if a host
2395 address is looked up here (in case the host was multihomed). */
2396
2397 nexthost = host->next;
2398
0756eb3c
PH		 2399 /* If the address hasn't yet been obtained from the host name, look it up
2400 now, unless the host is already marked as unusable. If it is marked as
2401 unusable, it means that the router was unable to find its IP address (in
2402 the DNS or wherever) OR we are in the 2nd time round the cutoff loop, and
2403 the lookup failed last time. We don't get this far if *all* MX records
2404 point to non-existent hosts; that is treated as a hard error.
2405
2406 We can just skip this host entirely. When the hosts came from the router,
2407 the address will timeout based on the other host(s); when the address is
2408 looked up below, there is an explicit retry record added.
2409
2410 Note that we mustn't skip unusable hosts if the address is not unset; they
2411 may be needed as expired hosts on the 2nd time round the cutoff loop. */
2412
2413 if (host->address == NULL)
2414 {
322050c2 2415 int new_port, flags;
7cd1141b 2416 host_item *hh;
0756eb3c
PH		 2417 uschar *canonical_name;
2418
2419 if (host->status >= hstatus_unusable)
2420 {
2421 DEBUG(D_transport) debug_printf("%s has no address and is unusable - skipping\n",
2422 host->name);
2423 continue;
2424 }
2425
2426 DEBUG(D_transport) debug_printf("getting address for %s\n", host->name);
2427
7cd1141b
PH		 2428 /* The host name is permitted to have an attached port. Find it, and
2429 strip it from the name. Just remember it for now. */
2430
2431 new_port = host_item_get_port(host);
2432
2433 /* Count hosts looked up */
2434
0756eb3c
PH		 2435 hosts_looked_up++;
2436
2437 /* Find by name if so configured, or if it's an IP address. We don't
2438 just copy the IP address, because we need the test-for-local to happen. */
2439
322050c2
PH		 2440 flags = HOST_FIND_BY_A;
2441 if (ob->dns_qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
2442 if (ob->dns_search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
2443
7e66e54d 2444 if (ob->gethostbyname || string_is_ip_address(host->name, NULL) != 0)
322050c2 2445 rc = host_find_byname(host, NULL, flags, &canonical_name, TRUE);
0756eb3c 2446 else
0756eb3c
PH		 2447 rc = host_find_bydns(host, NULL, flags, NULL, NULL, NULL,
2448 &canonical_name, NULL);
0756eb3c 2449
7cd1141b
PH		 2450 /* Update the host (and any additional blocks, resulting from
2451 multihoming) with a host-specific port, if any. */
2452
2453 for (hh = host; hh != nexthost; hh = hh->next) hh->port = new_port;
2454
0756eb3c
PH		 2455 /* Failure to find the host at this time (usually DNS temporary failure)
2456 is really a kind of routing failure rather than a transport failure.
2457 Therefore we add a retry item of the routing kind, not to stop us trying
2458 to look this name up here again, but to ensure the address gets timed
2459 out if the failures go on long enough. A complete failure at this point
2460 commonly points to a configuration error, but the best action is still
2461 to carry on for the next host. */
2462
2463 if (rc == HOST_FIND_AGAIN || rc == HOST_FIND_FAILED)
2464 {
2465 retry_add_item(addrlist, string_sprintf("R:%s", host->name), 0);
2466 expired = FALSE;
2467 if (rc == HOST_FIND_AGAIN) hosts_defer++; else hosts_fail++;
2468 DEBUG(D_transport) debug_printf("rc = %s for %s\n", (rc == HOST_FIND_AGAIN)?
2469 "HOST_FIND_AGAIN" : "HOST_FIND_FAILED", host->name);
2470 host->status = hstatus_unusable;
2471
2472 for (addr = addrlist; addr != NULL; addr = addr->next)
2473 {
2474 if (addr->transport_return != DEFER) continue;
2475 addr->basic_errno = ERRNO_UNKNOWNHOST;
2476 addr->message =
2477 string_sprintf("failed to lookup IP address for %s", host->name);
2478 }
2479 continue;
2480 }
2481
2482 /* If the host is actually the local host, we may have a problem, or
2483 there may be some cunning configuration going on. In the problem case,
2484 log things and give up. The default transport status is already DEFER. */
2485
2486 if (rc == HOST_FOUND_LOCAL && !ob->allow_localhost)
2487 {
2488 for (addr = addrlist; addr != NULL; addr = addr->next)
2489 {
2490 addr->basic_errno = 0;
2491 addr->message = string_sprintf("%s transport found host %s to be "
2492 "local", tblock->name, host->name);
2493 }
2494 goto END_TRANSPORT;
2495 }
2496 } /* End of block for IP address lookup */
2497
2498 /* If this is a continued delivery, we are interested only in the host
2499 which matches the name of the existing open channel. The check is put
2500 here after the local host lookup, in case the name gets expanded as a
2501 result of the lookup. Set expired FALSE, to save the outer loop executing
2502 twice. */
2503
2504 if (continuing && (Ustrcmp(continue_hostname, host->name) != 0 ||
2505 Ustrcmp(continue_host_address, host->address) != 0))
2506 {
2507 expired = FALSE;
2508 continue; /* With next host */
2509 }
2510
9c4e8f60
PH		 2511 /* Reset the default next host in case a multihomed host whose addresses
2512 are not looked up till just above added to the host list. */
83364d30
PH		 2513
2514 nexthost = host->next;
2515
0756eb3c
PH		 2516 /* If queue_smtp is set (-odqs or the first part of a 2-stage run), or the
2517 domain is in queue_smtp_domains, we don't actually want to attempt any
2518 deliveries. When doing a queue run, queue_smtp_domains is always unset. If
2519 there is a lookup defer in queue_smtp_domains, proceed as if the domain
2520 were not in it. We don't want to hold up all SMTP deliveries! Except when
2521 doing a two-stage queue run, don't do this if forcing. */
2522
2523 if ((!deliver_force || queue_2stage) && (queue_smtp ||
cf39cf57
PH		 2524 match_isinlist(addrlist->domain, &queue_smtp_domains, 0,
2525 &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK))
0756eb3c
PH		 2526 {
2527 expired = FALSE;
2528 for (addr = addrlist; addr != NULL; addr = addr->next)
2529 {
2530 if (addr->transport_return != DEFER) continue;
2531 addr->message = US"domain matches queue_smtp_domains, or -odqs set";
2532 }
2533 continue; /* With next host */
2534 }
2535
2536 /* Count hosts being considered - purely for an intelligent comment
2537 if none are usable. */
2538
2539 hosts_total++;
2540
2541 /* Set $host and $host address now in case they are needed for the
2542 interface expansion or the serialize_hosts check; they remain set if an
2543 actual delivery happens. */
2544
2545 deliver_host = host->name;
2546 deliver_host_address = host->address;
2547
7cd1141b
PH		 2548 /* Set up a string for adding to the retry key if the port number is not
2549 the standard SMTP port. A host may have its own port setting that overrides
2550 the default. */
2551
2552 pistring = string_sprintf(":%d", (host->port == PORT_NONE)?
2553 port : host->port);
2554 if (Ustrcmp(pistring, ":25") == 0) pistring = US"";
2555
0756eb3c
PH		 2556 /* Select IPv4 or IPv6, and choose an outgoing interface. If the interface
2557 string changes upon expansion, we must add it to the key that is used for
2558 retries, because connections to the same host from a different interface
2559 should be treated separately. */
2560
2561 host_af = (Ustrchr(host->address, ':') == NULL)? AF_INET : AF_INET6;
2562 if (!smtp_get_interface(ob->interface, host_af, addrlist, &ifchanges,
2563 &interface, tid))
2564 return FALSE;
2565 if (ifchanges) pistring = string_sprintf("%s/%s", pistring, interface);
2566
2567 /* The first time round the outer loop, check the status of the host by
2568 inspecting the retry data. The second time round, we are interested only
2569 in expired hosts that haven't been tried since this message arrived. */
2570
2571 if (cutoff_retry == 0)
2572 {
2573 /* Ensure the status of the address is set by checking retry data if
2574 necessary. There maybe host-specific retry data (applicable to all
2575 messages) and also data for retries of a specific message at this host.
2576 If either of these retry records are actually read, the keys used are
2577 returned to save recomputing them later. */
2578
2579 host_is_expired = retry_check_address(addrlist->domain, host, pistring,
2580 ob->retry_include_ip_address, &retry_host_key, &retry_message_key);
2581
2582 DEBUG(D_transport) debug_printf("%s [%s]%s status = %s\n", host->name,
2583 (host->address == NULL)? US"" : host->address, pistring,
2584 (host->status == hstatus_usable)? "usable" :
2585 (host->status == hstatus_unusable)? "unusable" :
2586 (host->status == hstatus_unusable_expired)? "unusable (expired)" : "?");
2587
2588 /* Skip this address if not usable at this time, noting if it wasn't
2589 actually expired, both locally and in the address. */
2590
2591 switch (host->status)
2592 {
2593 case hstatus_unusable:
2594 expired = FALSE;
2595 setflag(addrlist, af_retry_skipped);
2596 /* Fall through */
2597
2598 case hstatus_unusable_expired:
2599 switch (host->why)
2600 {
2601 case hwhy_retry: hosts_retry++; break;
2602 case hwhy_failed: hosts_fail++; break;
2603 case hwhy_deferred: hosts_defer++; break;
2604 }
2605
2606 /* If there was a retry message key, implying that previously there
2607 was a message-specific defer, we don't want to update the list of
f6c332bd 2608 messages waiting for these hosts. */
0756eb3c 2609
f6c332bd 2610 if (retry_message_key != NULL) update_waiting = FALSE;
0756eb3c
PH		 2611 continue; /* With the next host or IP address */
2612 }
2613 }
2614
2615 /* Second time round the loop: if the address is set but expired, and
2616 the message is newer than the last try, let it through. */
2617
2618 else
2619 {
2620 if (host->address == NULL ||
2621 host->status != hstatus_unusable_expired ||
2622 host->last_try > received_time)
2623 continue;
2624 DEBUG(D_transport)
2625 debug_printf("trying expired host %s [%s]%s\n",
2626 host->name, host->address, pistring);
2627 host_is_expired = TRUE;
2628 }
2629
2630 /* Setting "expired=FALSE" doesn't actually mean not all hosts are expired;
2631 it remains TRUE only if all hosts are expired and none are actually tried.
2632 */
2633
2634 expired = FALSE;
2635
2636 /* If this host is listed as one to which access must be serialized,
2637 see if another Exim process has a connection to it, and if so, skip
2638 this host. If not, update the database to record our connection to it
2639 and remember this for later deletion. Do not do any of this if we are
2640 sending the message down a pre-existing connection. */
2641
2642 if (!continuing &&
2643 verify_check_this_host(&(ob->serialize_hosts), NULL, host->name,
2644 host->address, NULL) == OK)
2645 {
2646 serialize_key = string_sprintf("host-serialize-%s", host->name);
2647 if (!enq_start(serialize_key))
2648 {
2649 DEBUG(D_transport)
2650 debug_printf("skipping host %s because another Exim process "
2651 "is connected to it\n", host->name);
2652 hosts_serial++;
2653 continue;
2654 }
2655 serialized = TRUE;
2656 }
2657
2658 /* OK, we have an IP address that is not waiting for its retry time to
2659 arrive (it might be expired) OR (second time round the loop) we have an
2660 expired host that hasn't been tried since the message arrived. Have a go
2661 at delivering the message to it. First prepare the addresses by flushing
2662 out the result of previous attempts, and finding the first address that
2663 is still to be delivered. */
2664
2665 first_addr = prepare_addresses(addrlist, host);
2666
2667 DEBUG(D_transport) debug_printf("delivering %s to %s [%s] (%s%s)\n",
2668 message_id, host->name, host->address, addrlist->address,
2669 (addrlist->next == NULL)? "" : ", ...");
2670
2671 set_process_info("delivering %s to %s [%s] (%s%s)",
2672 message_id, host->name, host->address, addrlist->address,
2673 (addrlist->next == NULL)? "" : ", ...");
2674
2675 /* This is not for real; don't do the delivery. If there are
2676 any remaining hosts, list them. */
2677
2678 if (dont_deliver)
2679 {
2680 host_item *host2;
447d236c 2681 set_errno(addrlist, 0, NULL, OK, FALSE);
0756eb3c
PH		 2682 for (addr = addrlist; addr != NULL; addr = addr->next)
2683 {
2684 addr->host_used = host;
2685 addr->special_action = '*';
2686 addr->message = US"delivery bypassed by -N option";
2687 }
2688 DEBUG(D_transport)
2689 {
2690 debug_printf("*** delivery by %s transport bypassed by -N option\n"
2691 "*** host and remaining hosts:\n", tblock->name);
2692 for (host2 = host; host2 != NULL; host2 = host2->next)
2693 debug_printf(" %s [%s]\n", host2->name,
2694 (host2->address == NULL)? US"unset" : host2->address);
2695 }
2696 rc = OK;
2697 }
2698
2699 /* This is for real. If the host is expired, we don't count it for
2700 hosts_max_retry. This ensures that all hosts must expire before an address
8e669ac1 2701 is timed out, unless hosts_max_try_hardlimit (which protects against
533244af 2702 lunatic DNS configurations) is reached.
8e669ac1 2703
533244af
PH		 2704 If the host is not expired and we are about to hit the hosts_max_retry
2705 limit, check to see if there is a subsequent hosts with a different MX
2706 value. If so, make that the next host, and don't count this one. This is a
2707 heuristic to make sure that different MXs do get tried. With a normal kind
2708 of retry rule, they would get tried anyway when the earlier hosts were
2709 delayed, but if the domain has a "retry every time" type of rule - as is
2710 often used for the the very large ISPs, that won't happen. */
0756eb3c
PH		 2711
2712 else
2713 {
2714 if (!host_is_expired && ++unexpired_hosts_tried >= ob->hosts_max_try)
2715 {
2716 host_item *h;
2717 DEBUG(D_transport)
2718 debug_printf("hosts_max_try limit reached with this host\n");
2719 for (h = host; h != NULL; h = h->next)
2720 if (h->mx != host->mx) break;
2721 if (h != NULL)
2722 {
2723 nexthost = h;
2724 unexpired_hosts_tried--;
2725 DEBUG(D_transport) debug_printf("however, a higher MX host exists "
2726 "and will be tried\n");
2727 }
2728 }
2729
2730 /* Attempt the delivery. */
2731
533244af 2732 total_hosts_tried++;
0756eb3c
PH		 2733 rc = smtp_deliver(addrlist, host, host_af, port, interface, tblock,
2734 expanded_hosts != NULL, &message_defer, FALSE);
2735
2736 /* Yield is one of:
2737 OK => connection made, each address contains its result;
2738 message_defer is set for message-specific defers (when all
2739 recipients are marked defer)
2740 DEFER => there was a non-message-specific delivery problem;
2741 ERROR => there was a problem setting up the arguments for a filter,
2742 or there was a problem with expanding added headers
2743 */
2744
2745 /* If the result is not OK, there was a non-message-specific problem.
2746 If the result is DEFER, we need to write to the logs saying what happened
2747 for this particular host, except in the case of authentication and TLS
2748 failures, where the log has already been written. If all hosts defer a
2749 general message is written at the end. */
2750
2751 if (rc == DEFER && first_addr->basic_errno != ERRNO_AUTHFAIL &&
2752 first_addr->basic_errno != ERRNO_TLSFAILURE)
2753 write_logs(first_addr, host);
2754
2755 /* If STARTTLS was accepted, but there was a failure in setting up the
2756 TLS session (usually a certificate screwup), and the host is not in
2757 hosts_require_tls, and tls_tempfail_tryclear is true, try again, with
2758 TLS forcibly turned off. We have to start from scratch with a new SMTP
2759 connection. That's why the retry is done from here, not from within
2760 smtp_deliver(). [Rejections of STARTTLS itself don't screw up the
2761 session, so the in-clear transmission after those errors, if permitted,
2762 happens inside smtp_deliver().] */
2763
2764 #ifdef SUPPORT_TLS
2765 if (rc == DEFER && first_addr->basic_errno == ERRNO_TLSFAILURE &&
2766 ob->tls_tempfail_tryclear &&
2767 verify_check_this_host(&(ob->hosts_require_tls), NULL, host->name,
2768 host->address, NULL) != OK)
2769 {
2770 log_write(0, LOG_MAIN, "TLS session failure: delivering unencrypted "
2771 "to %s [%s] (not in hosts_require_tls)", host->name, host->address);
2772 first_addr = prepare_addresses(addrlist, host);
2773 rc = smtp_deliver(addrlist, host, host_af, port, interface, tblock,
2774 expanded_hosts != NULL, &message_defer, TRUE);
2775 if (rc == DEFER && first_addr->basic_errno != ERRNO_AUTHFAIL)
2776 write_logs(first_addr, host);
2777 }
2778 #endif
2779 }
2780
2781 /* Delivery attempt finished */
2782
2783 rs = (rc == OK)? US"OK" : (rc == DEFER)? US"DEFER" : (rc == ERROR)?
2784 US"ERROR" : US"?";
2785
2786 set_process_info("delivering %s: just tried %s [%s] for %s%s: result %s",
2787 message_id, host->name, host->address, addrlist->address,
2788 (addrlist->next == NULL)? "" : " (& others)", rs);
2789
2790 /* Release serialization if set up */
2791
2792 if (serialized) enq_end(serialize_key);
2793
2794 /* If the result is DEFER, or if a host retry record is known to exist, we
2795 need to add an item to the retry chain for updating the retry database
2796 at the end of delivery. We only need to add the item to the top address,
2797 of course. Also, if DEFER, we mark the IP address unusable so as to skip it
2798 for any other delivery attempts using the same address. (It is copied into
2799 the unusable tree at the outer level, so even if different address blocks
2800 contain the same address, it still won't get tried again.) */
2801
2802 if (rc == DEFER || retry_host_key != NULL)
2803 {
2804 int delete_flag = (rc != DEFER)? rf_delete : 0;
2805 if (retry_host_key == NULL)
2806 {
2807 retry_host_key = ob->retry_include_ip_address?
2808 string_sprintf("T:%S:%s%s", host->name, host->address, pistring) :
2809 string_sprintf("T:%S%s", host->name, pistring);
2810 }
2811
2812 /* If a delivery of another message over an existing SMTP connection
2813 yields DEFER, we do NOT set up retry data for the host. This covers the
2814 case when there are delays in routing the addresses in the second message
2815 that are so long that the server times out. This is alleviated by not
2816 routing addresses that previously had routing defers when handling an
2817 existing connection, but even so, this case may occur (e.g. if a
2818 previously happily routed address starts giving routing defers). If the
2819 host is genuinely down, another non-continued message delivery will
2820 notice it soon enough. */
2821
2822 if (delete_flag != 0 || !continuing)
2823 retry_add_item(first_addr, retry_host_key, rf_host | delete_flag);
2824
2825 /* We may have tried an expired host, if its retry time has come; ensure
2826 the status reflects the expiry for the benefit of any other addresses. */
2827
2828 if (rc == DEFER)
2829 {
2830 host->status = (host_is_expired)?
2831 hstatus_unusable_expired : hstatus_unusable;
2832 host->why = hwhy_deferred;
2833 }
2834 }
2835
2836 /* If message_defer is set (host was OK, but every recipient got deferred
2837 because of some message-specific problem), or if that had happened
2838 previously so that a message retry key exists, add an appropriate item
2839 to the retry chain. Note that if there was a message defer but now there is
2840 a host defer, the message defer record gets deleted. That seems perfectly
2841 reasonable. Also, stop the message from being remembered as waiting
f6c332bd 2842 for specific hosts. */
0756eb3c
PH		 2843
2844 if (message_defer || retry_message_key != NULL)
2845 {
2846 int delete_flag = message_defer? 0 : rf_delete;
2847 if (retry_message_key == NULL)
2848 {
2849 retry_message_key = ob->retry_include_ip_address?
2850 string_sprintf("T:%S:%s%s:%s", host->name, host->address, pistring,
2851 message_id) :
2852 string_sprintf("T:%S%s:%s", host->name, pistring, message_id);
2853 }
2854 retry_add_item(addrlist, retry_message_key,
2855 rf_message | rf_host | delete_flag);
f6c332bd 2856 update_waiting = FALSE;
0756eb3c
PH		 2857 }
2858
2859 /* Any return other than DEFER (that is, OK or ERROR) means that the
2860 addresses have got their final statuses filled in for this host. In the OK
2861 case, see if any of them are deferred. */
2862
2863 if (rc == OK)
2864 {
2865 for (addr = addrlist; addr != NULL; addr = addr->next)
2866 {
2867 if (addr->transport_return == DEFER)
2868 {
2869 some_deferred = TRUE;
2870 break;
2871 }
2872 }
2873 }
2874
2875 /* If no addresses deferred or the result was ERROR, return. We do this for
2876 ERROR because a failing filter set-up or add_headers expansion is likely to
2877 fail for any host we try. */
2878
2879 if (rc == ERROR || (rc == OK && !some_deferred))
2880 {
2881 DEBUG(D_transport) debug_printf("Leaving %s transport\n", tblock->name);
2882 return TRUE; /* Each address has its status */
2883 }
2884
2885 /* If the result was DEFER or some individual addresses deferred, let
2886 the loop run to try other hosts with the deferred addresses, except for the
2887 case when we were trying to deliver down an existing channel and failed.
2888 Don't try any other hosts in this case. */
2889
2890 if (continuing) break;
2891
2892 /* If the whole delivery, or some individual addresses, were deferred and
2893 there are more hosts that could be tried, do not count this host towards
2894 the hosts_max_try limit if the age of the message is greater than the
2895 maximum retry time for this host. This means we may try try all hosts,
2896 ignoring the limit, when messages have been around for some time. This is
2897 important because if we don't try all hosts, the address will never time
533244af 2898 out. NOTE: this does not apply to hosts_max_try_hardlimit. */
0756eb3c
PH		 2899
2900 if ((rc == DEFER || some_deferred) && nexthost != NULL)
2901 {
2902 BOOL timedout;
2903 retry_config *retry = retry_find_config(host->name, NULL, 0, 0);
2904
2905 if (retry != NULL && retry->rules != NULL)
2906 {
2907 retry_rule *last_rule;
2908 for (last_rule = retry->rules;
2909 last_rule->next != NULL;
2910 last_rule = last_rule->next);
2911 timedout = time(NULL) - received_time > last_rule->timeout;
2912 }
2913 else timedout = TRUE; /* No rule => timed out */
2914
2915 if (timedout)
2916 {
2917 unexpired_hosts_tried--;
2918 DEBUG(D_transport) debug_printf("temporary delivery error(s) override "
2919 "hosts_max_try (message older than host's retry time)\n");
2920 }
2921 }
2922 } /* End of loop for trying multiple hosts. */
2923
2924 /* This is the end of the loop that repeats iff expired is TRUE and
2925 ob->delay_after_cutoff is FALSE. The second time round we will
2926 try those hosts that haven't been tried since the message arrived. */
2927
2928 DEBUG(D_transport)
2929 {
2930 debug_printf("all IP addresses skipped or deferred at least one address\n");
2931 if (expired && !ob->delay_after_cutoff && cutoff_retry == 0)
2932 debug_printf("retrying IP addresses not tried since message arrived\n");
2933 }
2934 }
2935
2936
2937/* Get here if all IP addresses are skipped or defer at least one address. In
2938MUA wrapper mode, this will happen only for connection or other non-message-
2939specific failures. Force the delivery status for all addresses to FAIL. */
2940
2941if (mua_wrapper)
2942 {
2943 for (addr = addrlist; addr != NULL; addr = addr->next)
2944 addr->transport_return = FAIL;
2945 goto END_TRANSPORT;
2946 }
2947
2948/* In the normal, non-wrapper case, add a standard message to each deferred
2949address if there hasn't been an error, that is, if it hasn't actually been
2950tried this time. The variable "expired" will be FALSE if any deliveries were
2951actually tried, or if there was at least one host that was not expired. That
2952is, it is TRUE only if no deliveries were tried and all hosts were expired. If
2953a delivery has been tried, an error code will be set, and the failing of the
2954message is handled by the retry code later.
2955
2956If queue_smtp is set, or this transport was called to send a subsequent message
2957down an existing TCP/IP connection, and something caused the host not to be
2958found, we end up here, but can detect these cases and handle them specially. */
2959
2960for (addr = addrlist; addr != NULL; addr = addr->next)
2961 {
2962 /* If host is not NULL, it means that we stopped processing the host list
533244af
PH		 2963 because of hosts_max_try or hosts_max_try_hardlimit. In the former case, this
2964 means we need to behave as if some hosts were skipped because their retry
2965 time had not come. Specifically, this prevents the address from timing out.
8e669ac1 2966 However, if we have hit hosts_max_try_hardlimit, we want to behave as if all
533244af 2967 hosts were tried. */
0756eb3c
PH		 2968
2969 if (host != NULL)
2970 {
533244af
PH		 2971 if (total_hosts_tried >= ob->hosts_max_try_hardlimit)
2972 {
2973 DEBUG(D_transport)
2974 debug_printf("hosts_max_try_hardlimit reached: behave as if all "
2975 "hosts were tried\n");
2976 }
2977 else
8e669ac1 2978 {
533244af
PH		 2979 DEBUG(D_transport)
2980 debug_printf("hosts_max_try limit caused some hosts to be skipped\n");
2981 setflag(addr, af_retry_skipped);
8e669ac1 2982 }
0756eb3c
PH		 2983 }
2984
2985 if (queue_smtp) /* no deliveries attempted */
2986 {
2987 addr->transport_return = DEFER;
2988 addr->basic_errno = 0;
2989 addr->message = US"SMTP delivery explicitly queued";
2990 }
2991
2992 else if (addr->transport_return == DEFER &&
2993 (addr->basic_errno == ERRNO_UNKNOWNERROR || addr->basic_errno == 0) &&
2994 addr->message == NULL)
2995 {
2996 addr->basic_errno = ERRNO_HRETRY;
2997 if (continue_hostname != NULL)
2998 {
2999 addr->message = US"no host found for existing SMTP connection";
3000 }
3001 else if (expired)
3002 {
fffffe4c 3003 setflag(addr, af_pass_message); /* This is not a security risk */
0756eb3c
PH		 3004 addr->message = (ob->delay_after_cutoff)?
3005 US"retry time not reached for any host after a long failure period" :
3006 US"all hosts have been failing for a long time and were last tried "
3007 "after this message arrived";
3008
3009 /* If we are already using fallback hosts, or there are no fallback hosts
3010 defined, convert the result to FAIL to cause a bounce. */
3011
3012 if (addr->host_list == addr->fallback_hosts ||
3013 addr->fallback_hosts == NULL)
3014 addr->transport_return = FAIL;
3015 }
3016 else
3017 {
3018 if (hosts_retry == hosts_total)
3019 addr->message = US"retry time not reached for any host";
3020 else if (hosts_fail == hosts_total)
3021 addr->message = US"all host address lookups failed permanently";
3022 else if (hosts_defer == hosts_total)
3023 addr->message = US"all host address lookups failed temporarily";
3024 else if (hosts_serial == hosts_total)
3025 addr->message = US"connection limit reached for all hosts";
3026 else if (hosts_fail+hosts_defer == hosts_total)
3027 addr->message = US"all host address lookups failed";
3028 else addr->message = US"some host address lookups failed and retry time "
3029 "not reached for other hosts or connection limit reached";
3030 }
3031 }
3032 }
3033
3034/* Update the database which keeps information about which messages are waiting
f6c332bd
PH		 3035for which hosts to become available. For some message-specific errors, the
3036update_waiting flag is turned off because we don't want follow-on deliveries in
3037those cases. */
0756eb3c 3038
f6c332bd 3039if (update_waiting) transport_update_waiting(hostlist, tblock->name);
0756eb3c
PH		 3040
3041END_TRANSPORT:
3042
3043DEBUG(D_transport) debug_printf("Leaving %s transport\n", tblock->name);
3044
3045return TRUE; /* Each address has its status */
3046}
3047
3048/* End of transport/smtp.c */
Unnamed repository; edit this file 'description' to name the repository.