-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.298 2006/02/14 14:26:14 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.299 2006/02/14 14:55:37 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
PH/30 Fix eximon buffer overflow bug (Bugzilla #73).
+PH/31 Added sender_verify_fail logging option.
+
Exim version 4.60
-----------------
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.84 2006/02/14 14:12:06 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.85 2006/02/14 14:55:37 ph10 Exp $
New Features in Exim
--------------------
PH/06 In both GnuTLS and OpenSSL, an expansion of tls_privatekey that results
in an empty string is now treated as unset.
+PH/07 There is a new log selector called sender_verify_fail, which is set by
+ default. If it is unset, the separate log line that gives details of a
+ sender verification failure is not written. Log lines for the rejection
+ of SMTP commands (e.g. RCPT) contain just "sender verify failed", so some
+ detail is lost.
+
Version 4.60
------------
-/* $Cambridge: exim/src/src/globals.c,v 1.48 2006/02/13 12:02:59 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.49 2006/02/14 14:55:37 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
{ US"retry_defer", L_retry_defer },
{ US"return_path_on_delivery", LX_return_path_on_delivery },
{ US"sender_on_delivery", LX_sender_on_delivery },
+ { US"sender_verify_fail", LX_sender_verify_fail },
{ US"size_reject", L_size_reject },
{ US"skip_delivery", L_skip_delivery },
{ US"smtp_confirmation", LX_smtp_confirmation },
-/* $Cambridge: exim/src/src/macros.h,v 1.22 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/macros.h,v 1.23 2006/02/14 14:55:37 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
#define LX_rejected_header 0x80001000
#define LX_return_path_on_delivery 0x80002000
#define LX_sender_on_delivery 0x80004000
-#define LX_smtp_confirmation 0x80008000
-#define LX_subject 0x80010000
-#define LX_tls_certificate_verified 0x80020000
-#define LX_tls_cipher 0x80040000
-#define LX_tls_peerdn 0x80080000
-#define LX_unknown_in_list 0x80100000
+#define LX_sender_verify_fail 0x80008000
+#define LX_smtp_confirmation 0x80010000
+#define LX_subject 0x80020000
+#define LX_tls_certificate_verified 0x80040000
+#define LX_tls_cipher 0x80080000
+#define LX_tls_peerdn 0x80100000
+#define LX_unknown_in_list 0x80200000
#define L_default (L_connection_reject | \
L_delay_delivery | \
#define LX_default ((LX_acl_warn_skipped | \
LX_rejected_header | \
+ LX_sender_verify_fail | \
LX_tls_cipher) & 0x7fffffff)
/* Private error numbers for delivery failures, set negative so as not
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.32 2006/02/13 16:23:57 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.33 2006/02/14 14:55:37 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
/* If there's been a sender verification failure with a specific message, and
we have not sent a response about it yet, do so now, as a preliminary line for
-failures, but not defers. However, log it in both cases. */
+failures, but not defers. However, always log it for defer, and log it for fail
+unless the sender_verify_fail log selector has been turned off. */
if (sender_verified_failed != NULL &&
!testflag(sender_verified_failed, af_sverify_told))
{
setflag(sender_verified_failed, af_sverify_told);
- log_write(0, LOG_MAIN|LOG_REJECT, "%s sender verify %s for <%s>%s",
- host_and_ident(TRUE),
- ((sender_verified_failed->special_action & 255) == DEFER)? "defer" : "fail",
- sender_verified_failed->address,
- (sender_verified_failed->message == NULL)? US"" :
- string_sprintf(": %s", sender_verified_failed->message));
+ if (rc != FAIL || (log_extra_selector & LX_sender_verify_fail) != 0)
+ log_write(0, LOG_MAIN|LOG_REJECT, "%s sender verify %s for <%s>%s",
+ host_and_ident(TRUE),
+ ((sender_verified_failed->special_action & 255) == DEFER)? "defer":"fail",
+ sender_verified_failed->address,
+ (sender_verified_failed->message == NULL)? US"" :
+ string_sprintf(": %s", sender_verified_failed->message));
if (rc == FAIL && sender_verified_failed->user_message != NULL)
smtp_respond(code, FALSE, string_sprintf(
# Exim test configuration 0462
+SELECTOR=
+
exim_path = EXIM_PATH
host_lookup_order = bydns
primary_hostname = myhost.test.ex
acl_smtp_rcpt = $local_part
smtp_return_error_details
+log_selector = SELECTOR
# ----- ACL -----
1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F=<Ok@localhost> rejected RCPT <checkpm@test.ex>: Sender verify failed
1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for <NOTok@elsewhere>: response to "RCPT TO:<NOTok@elsewhere>" from 127.0.0.1 [127.0.0.1] was: 550 NO
1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F=<NOTok@elsewhere> rejected RCPT <nocheckpm@test.ex>: Sender verify failed
+1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F=<NOTok2@elsewhere> rejected RCPT <nocheckpm@test.ex>: Sender verify failed
1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F=<Ok@localhost> rejected RCPT <checkpm@test.ex>: Sender verify failed
1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for <NOTok@elsewhere>: response to "RCPT TO:<NOTok@elsewhere>" from 127.0.0.1 [127.0.0.1] was: 550 NO
1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F=<NOTok@elsewhere> rejected RCPT <nocheckpm@test.ex>: Sender verify failed
+1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F=<NOTok2@elsewhere> rejected RCPT <nocheckpm@test.ex>: Sender verify failed
RCPT TO:<nocheckpm@test.ex>
QUIT
****
+# Same again, but with sender_verify_fail logging turned off
+server PORT_S
+220 Server ready
+HELO
+250 OK
+MAIL FROM
+250 OK
+RCPT TO
+550 NO
+QUIT
+250 OK
+****
+sudo exim -DSELECTOR=-sender_verify_fail -d-all+verify -v -bs -oMa V4NET.0.0.2
+MAIL FROM:<NOTok2@elsewhere>
+RCPT TO:<nocheckpm@test.ex>
+QUIT
+****
LOG: smtp_connection MAIN
SMTP connection from root closed by QUIT
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
+Exim version x.yz ....
+configuration file is TESTSUITE/test-config
+trusted user
+admin user
+LOG: smtp_connection MAIN
+ SMTP connection from root
+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
+Verifying NOTok2@elsewhere
+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
+Considering NOTok2@elsewhere
+Attempting full verification using callout
+callout cache: found domain record
+callout cache: no address record found
+interface=NULL port=1224
+Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected
+ SMTP<< 220 Server ready
+ SMTP>> HELO myhost.test.ex
+ SMTP<< 250 OK
+ SMTP>> MAIL FROM:<>
+ SMTP<< 250 OK
+ SMTP>> RCPT TO:<NOTok2@elsewhere>
+ SMTP<< 550 NO
+ SMTP>> QUIT
+wrote callout cache domain record:
+ result=1 postmaster=0 random=0
+wrote negative callout cache address record
+LOG: MAIN REJECT
+ H=[V4NET.0.0.2] U=root F=<NOTok2@elsewhere> rejected RCPT <nocheckpm@test.ex>: Sender verify failed
+LOG: smtp_connection MAIN
+ SMTP connection from root closed by QUIT
+>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
550-Response: 550 NO\r
550 Sender verify failed\r
221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+550-Verification failed for <NOTok2@elsewhere>\r
+550-Called: 127.0.0.1\r
+550-Sent: RCPT TO:<NOTok2@elsewhere>\r
+550-Response: 550 NO\r
+550 Sender verify failed\r
+221 myhost.test.ex closing connection\r
******** SERVER ********
Listening on port 1224 ...
QUIT
250 OK
End of script
+Listening on port 1224 ...
+Connection request from [127.0.0.1]
+220 Server ready
+HELO myhost.test.ex
+250 OK
+MAIL FROM:<>
+250 OK
+RCPT TO:<NOTok2@elsewhere>
+550 NO
+QUIT
+250 OK
+End of script
projects / exim.git / commitdiff