Main config options check_{log,spool}_{inodes,space} are now
100 inodes, 10MB unless set otherwise in the configuration.
+JH/29 Fix the connection_reject log selector to apply to the connect ACL.
+ Previously it only applied to the main-section connection policy
+ options.
+
Exim version 4.87
-----------------
has been renamed. Therefore, do a stat() and see if the inode has changed, and
if so, re-open. */
-if ((flags & LOG_MAIN) != 0 &&
- (selector == 0 || (selector & log_selector[0]) != 0))
+if ( flags & LOG_MAIN
+ && (!selector || selector & log_selector[0]))
{
- if ((logging_mode & LOG_MODE_SYSLOG) != 0 &&
- (syslog_duplication || (flags & (LOG_REJECT|LOG_PANIC)) == 0))
+ if ( logging_mode & LOG_MODE_SYSLOG
+ && (syslog_duplication || !(flags & (LOG_REJECT|LOG_PANIC))))
write_syslog(LOG_INFO, log_buffer);
- if ((logging_mode & LOG_MODE_FILE) != 0)
+ if (logging_mode & LOG_MODE_FILE)
{
struct stat statbuf;
proxy_session = FALSE;
proxy_session_failed = FALSE;
if (check_proxy_protocol_host())
- {
if (setup_proxy_protocol_host() == FALSE)
{
proxy_session_failed = TRUE;
(void)host_name_lookup();
host_build_sender_fullhost();
}
- }
#endif
/* Run the ACL if it exists */
user_msg = NULL;
-if (acl_smtp_connect != NULL)
+if (acl_smtp_connect)
{
int rc;
- rc = acl_check(ACL_WHERE_CONNECT, NULL, acl_smtp_connect, &user_msg,
- &log_msg);
- if (rc != OK)
+ if ((rc = acl_check(ACL_WHERE_CONNECT, NULL, acl_smtp_connect, &user_msg,
+ &log_msg)) != OK)
{
- (void)smtp_handle_acl_fail(ACL_WHERE_CONNECT, rc, user_msg, log_msg);
+ (void) smtp_handle_acl_fail(ACL_WHERE_CONNECT, rc, user_msg, log_msg);
return FALSE;
}
}
uschar *sender_info = US"";
uschar *what =
#ifdef WITH_CONTENT_SCAN
- (where == ACL_WHERE_MIME)? US"during MIME ACL checks" :
+ where == ACL_WHERE_MIME ? US"during MIME ACL checks" :
#endif
- (where == ACL_WHERE_PREDATA)? US"DATA" :
- (where == ACL_WHERE_DATA)? US"after DATA" :
+ where == ACL_WHERE_PREDATA ? US"DATA" :
+ where == ACL_WHERE_DATA ? US"after DATA" :
#ifndef DISABLE_PRDR
- (where == ACL_WHERE_PRDR)? US"after DATA PRDR" :
+ where == ACL_WHERE_PRDR ? US"after DATA PRDR" :
#endif
- (smtp_cmd_data == NULL)?
- string_sprintf("%s in \"connect\" ACL", acl_wherenames[where]) :
- string_sprintf("%s %s", acl_wherenames[where], smtp_cmd_data);
+ smtp_cmd_data ?
+ string_sprintf("%s %s", acl_wherenames[where], smtp_cmd_data) :
+ string_sprintf("%s in \"connect\" ACL", acl_wherenames[where]);
if (drop) rc = FAIL;
/* Sort out text for logging */
-log_msg = (log_msg == NULL)? US"" : string_sprintf(": %s", log_msg);
-lognl = Ustrchr(log_msg, '\n');
-if (lognl != NULL) *lognl = 0;
+log_msg = log_msg ? string_sprintf(": %s", log_msg) : US"";
+if ((lognl = Ustrchr(log_msg, '\n'))) *lognl = 0;
/* Send permanent failure response to the command, but the code used isn't
always a 5xx one - see comments at the start of this function. If the original
#else
uschar * tls = US"";
#endif
- log_write(0, log_reject_target, "%s%s%s %s%srejected %s%s",
+ log_write(where == ACL_WHERE_CONNECT ? L_connection_reject : 0,
+ log_reject_target, "%s%s%s %s%srejected %s%s",
LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
host_and_ident(TRUE),
tls,
Here is a simple example:
client 127.0.0.1 PORT_D
- ??? 250
+ ??? 220
EHLO xxx
??? 250-
??? 250
SERVER=
BR=
+LOG_SELECTOR=
.include DIR/aux-var/std_conf_prefix
acl_smtp_rcpt = rcpt
BR
+log_selector = LOG_SELECTOR
qualify_domain = test.ex
trusted_users = CALLER
# Exim test configuration 0314
+LOG_SELECTOR=
+
.include DIR/aux-var/std_conf_prefix
# ----- Main settings -----
-host_reject_connection = V4NET.0.0.1
+log_selector = LOG_SELECTOR
+host_reject_connection = 127.0.0.1
# End
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 refused connection from [127.0.0.1] (host_reject_connection)
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
F From: ok@test4
Date: Tue, 2 Mar 1999 09:44:33 +0000
1999-03-02 09:44:33 H=[10.9.8.7] U=CALLER rejected connection in "connect" ACL
+1999-03-02 09:44:33 H=[10.9.8.7] U=CALLER rejected connection in "connect" ACL
1999-03-02 09:44:33 H=[10.9.8.8] U=CALLER rejected MAIL <bad@test1>
1999-03-02 09:44:33 mail accepted "mail from:<ok@test1>" "<ok@test1>"
1999-03-02 09:44:33 H=[10.9.8.9] U=CALLER rejected connection in "connect" ACL: forcibly dropped
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 refused connection from [127.0.0.1] (host_reject_connection)
+1999-03-02 09:44:33 refused connection from [127.0.0.1] (host_reject_connection)
****
exim -bs -oMa 10.9.8.7
****
+exim -DLOG_SELECTOR=-connection_reject -bs -oMa 10.9.8.7
+****
exim -d-all+acl+lists -bs -oMa 10.9.8.8
mail from:<bad@test1>
mail from:<ok@test1>
# host_reject_connection
-exim -bh V4NET.0.0.1
+need_ipv4
+exim -DSERVER=server -bd -oX PORT_D
****
-exim -bh V4NET.0.0.2
+client 127.0.0.1 PORT_D
+??? 554
****
+client HOSTIPV4 PORT_D
+??? 220
+****
+killdaemon
+exim -DSERVER=server -DLOG_SELECTOR=-connection_reject -bd -oX PORT_D
+****
+client 127.0.0.1 PORT_D
+??? 554
+****
+killdaemon
deny: condition test succeeded in ACL "connect1"
end of ACL "connect1": DENY
SMTP>> 550 Administrative prohibition
-LOG: MAIN REJECT
+LOG: connection_reject MAIN REJECT
H=ten-1.test.ex [V4NET.0.0.1] rejected connection in "connect" ACL
search_tidyup called
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
deny: condition test failed in ACL "connect2"
end of ACL "connect2": implicit DENY
SMTP>> 550 Administrative prohibition
-LOG: MAIN REJECT
+LOG: connection_reject MAIN REJECT
H=[V4NET.0.0.2] rejected connection in "connect" ACL
search_tidyup called
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
+++ /dev/null
->>> host in hosts_connection_nolog? no (option unset)
->>> host in host_lookup? no (option unset)
->>> host in host_reject_connection? yes (matched "V4NET.0.0.1")
-LOG: refused connection from [V4NET.0.0.1] (host_reject_connection)
->>> host in hosts_connection_nolog? no (option unset)
->>> host in host_lookup? no (option unset)
->>> host in host_reject_connection? no (end of list)
->>> host in sender_unqualified_hosts? no (option unset)
->>> host in recipient_unqualified_hosts? no (option unset)
->>> host in helo_verify_hosts? no (option unset)
->>> host in helo_try_verify_hosts? no (option unset)
->>> host in helo_accept_junk_hosts? no (option unset)
deny: condition test failed in ACL "connect1"
end of ACL "connect1": implicit DENY
SMTP>> 550 Administrative prohibition
-LOG: MAIN REJECT
+LOG: connection_reject MAIN REJECT
H=[10.0.0.1] rejected connection in "connect" ACL
search_tidyup called
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
deny: condition test failed in ACL "connect2"
end of ACL "connect2": implicit DENY
SMTP>> 550 Administrative prohibition
-LOG: MAIN REJECT
+LOG: connection_reject MAIN REJECT
H=[10.0.0.2] rejected connection in "connect" ACL
search_tidyup called
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
550 Administrative prohibition\r
+550 Administrative prohibition\r
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
550 Administrative prohibition\r
250 OK\r
-
-**** SMTP testing session as if from host V4NET.0.0.1
-**** but without any ident (RFC 1413) callback.
-**** This is not for real!
-
-554 SMTP service not available\r
-
-**** SMTP testing session as if from host V4NET.0.0.2
-**** but without any ident (RFC 1413) callback.
-**** This is not for real!
-
-220 the.local.host.name ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
-421 the.local.host.name lost input connection\r
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 554
+<<< 554 SMTP service not available
+End of script
+Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
+??? 220
+<<< 220 the.local.host.name ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 554
+<<< 554 SMTP service not available
+End of script
projects / exim.git / commitdiff