-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.362 2006/06/28 13:59:12 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.363 2006/06/28 16:00:23 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
TF/01 Correct an error in the documentation for the redirect router. Exim
does (usually) call initgroups() when daemonizing.
-TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs with
- consistent privilege compared to when running as a daemon.
+TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs
+ with consistent privilege compared to when running as a daemon.
TF/03 Note in the spec that $authenticated_id is not set for local
submissions from trusted users.
PH/05 Applied Alex Kiernan's patch to fix Bugzilla #99: a problem with
libradius.
+PH/06 Added acl_not_smtp_start, based on Johannes Berg's patch, and set the
+ bit to forbid control=suppress_local_fixups in the acl_not_smtp ACL,
+ because it is too late at that time, and has no effect.
+
Exim version 4.62
-----------------
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.103 2006/06/27 14:34:26 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.104 2006/06/28 16:00:23 ph10 Exp $
New Features in Exim
--------------------
it is automatically prepended to the relative path. This action can now be
prevented by setting filter_prepend_home false.
+2. There is a new acl, set by acl_not_smtp_start, which is run right at the
+ start of receiving a non-SMTP message, before any of the message has been
+ read. (This is the analogue of the acl_smtp_predata ACL for SMTP input.) The
+ result of this ACL is ignored; it cannot be used to reject a message. If
+ you really need to, you could set a value in an ACL variable here and reject
+ based on that in the acl_not_smtp ACL. However, this ACL can be used to set
+ controls, and in particular, it can be used to set control=suppress_local_
+ fixups, which cannot be used in the acl_not_smtp ACL because by the time
+ that ACL is run, it is too late. When the acl_not_smtp_start ACL is run, the
+ sender and recipients are known, so the "senders" and "sender_domains"
+ conditions and $sender_address and $recipients variables can be used.
+ Variables such as $authenticated_ sender are also available. It is possible
+ to specify added header lines in this ACL.
+
Version 4.62
------------
-$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.48 2006/06/28 13:59:13 ph10 Exp $
+$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.49 2006/06/28 16:00:23 ph10 Exp $
EXIM ACKNOWLEDGEMENTS
Patch for ${quote_local_part
Peter Benie A number mistakes found by analysing the code
Johannes Berg Suggested patch for authentication client $auth<n> support
+ Suggested patch for acl_not_smtp_start
Matt Bernstein LMTP over socket
Suggested patch for dnslists '&' feature
Mike Bethune Help with debugging an elusive ALRM signal bug
-/* $Cambridge: exim/src/src/acl.c,v 1.61 2006/06/27 15:07:18 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.62 2006/06/28 16:00:23 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
0, /* acl */
(unsigned int)
- ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* add_header */
+ ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* add_header */
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
- (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)),
+ (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)|
+ (1<<ACL_WHERE_NOTSMTP_START)),
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* authenticated */
- (1<<ACL_WHERE_HELO),
+ (1<<ACL_WHERE_NOTSMTP)| /* authenticated */
+ (1<<ACL_WHERE_NOTSMTP_START)|
+ (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO),
#ifdef EXPERIMENTAL_BRIGHTMAIL
(1<<ACL_WHERE_AUTH)| /* bmi_optin */
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_PREDATA),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_PREDATA)|
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
0, /* condition */
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_policy */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_sender_domains */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_sender_local_parts */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_senders */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_status */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
#endif
- (1<<ACL_WHERE_NOTSMTP), /* dnslists */
+ (1<<ACL_WHERE_NOTSMTP)| /* dnslists */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* domains */
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* encrypted */
+ (1<<ACL_WHERE_NOTSMTP)| /* encrypted */
+ (1<<ACL_WHERE_CONNECT)|
+ (1<<ACL_WHERE_NOTSMTP_START)|
(1<<ACL_WHERE_HELO),
0, /* endpass */
- (1<<ACL_WHERE_NOTSMTP), /* hosts */
+ (1<<ACL_WHERE_NOTSMTP)| /* hosts */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* local_parts */
(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_MAILAUTH)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
+ (1<<ACL_WHERE_NOTSMTP)|
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
/* Certain types of verify are always allowed, so we let it through
#endif
#ifdef EXPERIMENTAL_DOMAINKEYS
- (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP), /* dk_verify */
+ (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dk_verify */
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
0, /* error */
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* caselower_local_part */
- (1<<ACL_WHERE_NOTSMTP), /* enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP)| /* enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP_START),
- (1<<ACL_WHERE_NOTSMTP), /* no_enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP)| /* no_enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* freeze */
(unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* suppress_local_fixups */
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_PREDATA)),
+ (1<<ACL_WHERE_PREDATA)|
+ (1<<ACL_WHERE_NOTSMTP_START)),
#ifdef WITH_CONTENT_SCAN
(unsigned int)
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
(1<<ACL_WHERE_MIME)),
- (1<<ACL_WHERE_NOTSMTP) /* no_multiline */
+ (1<<ACL_WHERE_NOTSMTP)| /* no_multiline */
+ (1<<ACL_WHERE_NOTSMTP_START)
};
/* Structure listing various control arguments, with their characteristics. */
-/* $Cambridge: exim/src/src/exim.c,v 1.39 2006/05/22 18:42:34 fanf2 Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.40 2006/06/28 16:00:24 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
}
}
-/* Otherwise, set up the input size limit here */
+/* Otherwise, set up the input size limit here. */
else
{
}
}
+ /* Run the acl_not_smtp_start ACL if required. The result of the ACL is
+ ignored; rejecting here would just add complication, and it can just as
+ well be done later. Allow $recipients to be visible in the ACL. */
+
+ if (acl_not_smtp_start != NULL)
+ {
+ uschar *user_msg, *log_msg;
+ enable_dollar_recipients = TRUE;
+ (void)acl_check(ACL_WHERE_NOTSMTP_START, NULL, acl_not_smtp_start,
+ &user_msg, &log_msg);
+ enable_dollar_recipients = FALSE;
+ }
+
/* Read the data for the message. If filter_test is not FTEST_NONE, this
will just read the headers for the message, and not write anything onto the
spool. */
-/* $Cambridge: exim/src/src/globals.c,v 1.53 2006/03/06 16:05:12 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.54 2006/06/28 16:00:24 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
#ifdef WITH_CONTENT_SCAN
uschar *acl_not_smtp_mime = NULL;
#endif
+uschar *acl_not_smtp_start = NULL;
uschar *acl_smtp_auth = NULL;
uschar *acl_smtp_connect = NULL;
uschar *acl_smtp_data = NULL;
US"EXPN",
US"EHLO or HELO",
US"MAILAUTH",
+ US"non-SMTP-start",
US"QUIT",
US"STARTTLS",
US"VRFY"
550, /* EXPN */
550, /* HELO/EHLO */
0, /* MAILAUTH; not relevant */
+ 0, /* not SMTP; not relevant */
0, /* QUIT; not relevant */
550, /* STARTTLS */
252 /* VRFY */
-/* $Cambridge: exim/src/src/globals.h,v 1.37 2006/03/06 16:05:12 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.38 2006/06/28 16:00:24 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
#ifdef WITH_CONTENT_SCAN
extern uschar *acl_not_smtp_mime; /* For MIME parts of ditto */
#endif
+extern uschar *acl_not_smtp_start; /* ACL run at the beginning of a non-SMTP session */
extern uschar *acl_smtp_auth; /* ACL run for AUTH */
extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */
extern uschar *acl_smtp_data; /* ACL run after DATA received */
-/* $Cambridge: exim/src/src/macros.h,v 1.25 2006/06/27 14:34:26 ph10 Exp $ */
+/* $Cambridge: exim/src/src/macros.h,v 1.26 2006/06/28 16:00:24 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
ACL_WHERE_EXPN,
ACL_WHERE_HELO,
ACL_WHERE_MAILAUTH,
+ ACL_WHERE_NOTSMTP_START,
ACL_WHERE_QUIT,
ACL_WHERE_STARTTLS,
ACL_WHERE_VRFY
-/* $Cambridge: exim/src/src/readconf.c,v 1.22 2006/03/09 15:10:16 ph10 Exp $ */
+/* $Cambridge: exim/src/src/readconf.c,v 1.23 2006/06/28 16:00:24 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
#ifdef WITH_CONTENT_SCAN
{ "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
#endif
+ { "acl_not_smtp_start", opt_stringptr, &acl_not_smtp_start },
{ "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
{ "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
{ "acl_smtp_data", opt_stringptr, &acl_smtp_data },
--- /dev/null
+# Exim test configuration 0535
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+# ----- Main settings -----
+
+acl_not_smtp_start = one
+trusted_users = CALLER
+
+
+# ----- ACLs -----
+
+begin ACL
+
+one:
+ warn senders = ^nofix@
+ control = suppress_local_fixups
+ add_header = X-Added: $recipients
+
+# ----- Routers -----
+
+begin routers
+
+r1:
+ driver = accept
+ transport = t1
+
+
+# ----- Transports -----
+
+begin transports
+
+t1:
+ driver = appendfile
+ user = CALLER
+ file = DIR/test-mail/$local_part
+
+
+# End
--- /dev/null
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => userx <userx@test.ex> R=r1 T=t1
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= nofix@test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaY-0005vi-00 => userx <userx@test.ex> R=r1 T=t1
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
--- /dev/null
+From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmaX-0005vi-00
+ for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
+From: CALLER_NAME <CALLER@myhost.test.ex>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+
+No headers supplied.
+
+From nofix@test.ex Tue Mar 02 09:44:33 1999
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+ (envelope-from <nofix@test.ex>)
+ id 10HmaY-0005vi-00
+ for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
+X-Added: userx@test.ex
+
+No headers supplied.
+
--- /dev/null
+# acl_not_smtp_start
+exim -odi userx@test.ex
+No headers supplied.
+****
+exim -odi -f nofix@test.ex userx@test.ex
+No headers supplied.
+****