fname = spool_fname(US"input", message_subdir, id, US"-D");
DEBUG(D_deliver) debug_printf("Trying spool file %s\n", fname);
+ /* We protect against symlink attacks both in not propagating the
+ * file-descriptor to other processes as we exec, and also ensuring that we
+ * don't even open symlinks.
+ * No -D file inside the spool area should be a symlink.
+ */
if ((fd = Uopen(fname,
#ifdef O_CLOEXEC
O_CLOEXEC |
+#endif
+#ifdef O_NOFOLLOW
+ O_NOFOLLOW |
#endif
O_RDWR | O_APPEND, 0)) >= 0)
break;
interface_address = NULL;
interface_port = 0;
local_error_message = FALSE;
+#ifdef HAVE_LOCAL_SCAN
local_scan_data = NULL;
+#endif
max_received_linelength = 0;
message_linecount = 0;
received_protocol = NULL;
#ifndef DISABLE_DKIM
dkim_signers = NULL;
dkim_disable_verify = FALSE;
-dkim_collect_input = FALSE;
+dkim_collect_input = 0;
#endif
#ifdef SUPPORT_TLS
sender_local = TRUE;
else if (Ustrcmp(big_buffer, "-localerror") == 0)
local_error_message = TRUE;
+#ifdef HAVE_LOCAL_SCAN
else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
local_scan_data = string_copy(big_buffer + 12);
+#endif
break;
case 'm':