~(1<<ACL_WHERE_DATA), /* dmarc_status */
#endif
- (1<<ACL_WHERE_NOTSMTP)| /* dnslists */
- (1<<ACL_WHERE_NOTSMTP_START),
+ /* Explicit key lookups can be made in non-smtp ACLs so pass
+ always and check in the verify processing itself. */
+
+ 0, /* dnslists */
(unsigned int)
~((1<<ACL_WHERE_RCPT) /* domains */
+ |(1<<ACL_WHERE_VRFY)
#ifndef DISABLE_PRDR
|(1<<ACL_WHERE_PRDR)
#endif
(unsigned int)
~((1<<ACL_WHERE_RCPT) /* local_parts */
+ |(1<<ACL_WHERE_VRFY)
#ifndef DISABLE_PRDR
|(1<<ACL_WHERE_PRDR)
#endif
#endif
case ACLC_DNSLISTS:
- rc = verify_check_dnsbl(&arg);
+ rc = verify_check_dnsbl(where, &arg, log_msgptr);
break;
case ACLC_DOMAINS:
log_reject_target = LOG_MAIN|LOG_REJECT;
#ifndef DISABLE_PRDR
-if (where == ACL_WHERE_RCPT || where == ACL_WHERE_PRDR)
+if (where==ACL_WHERE_RCPT || where==ACL_WHERE_VRFY || where==ACL_WHERE_PRDR)
#else
-if (where == ACL_WHERE_RCPT)
+if (where==ACL_WHERE_RCPT || where==ACL_WHERE_VRFY)
#endif
{
adb = address_defaults;
and rcpt acl returned accept,
and first recipient (cancel on any subsequents)
open one now and run it up to RCPT acceptance.
-A failed verify should cancel cutthrough request.
-
+A failed verify should cancel cutthrough request,
+and will pass the fail to the originator.
Initial implementation: dual-write to spool.
Assume the rxd datastream is now being copied byte-for-byte to an open cutthrough connection.
#ifndef DISABLE_PRDR
case ACL_WHERE_PRDR:
#endif
- if (rc == OK && cutthrough.delivery && rcpt_count > cutthrough.nrcpt)
- open_cutthrough_connection(addr);
+ if (host_checking_callout) /* -bhc mode */
+ cancel_cutthrough_connection("host-checking mode");
+ else if (rc == OK && cutthrough.delivery && rcpt_count > cutthrough.nrcpt)
+ rc = open_cutthrough_connection(addr);
break;
case ACL_WHERE_PREDATA:
- if( rc == OK )
+ if (rc == OK)
cutthrough_predata();
else
cancel_cutthrough_connection("predata acl not ok");