* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2015 */
+/* Copyright (c) University of Cambridge 1995 - 2016 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for handling an incoming SMTP call. */
static BOOL rcpt_in_progress;
static int nonmail_command_count;
static BOOL smtp_exit_function_called = 0;
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
static BOOL smtputf8_advertised;
#endif
static int synprot_error_count;
ENV_MAIL_OPT_PRDR,
#endif
ENV_MAIL_OPT_RET, ENV_MAIL_OPT_ENVID,
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
ENV_MAIL_OPT_UTF8,
#endif
};
#endif
{ US"RET", ENV_MAIL_OPT_RET, TRUE },
{ US"ENVID", ENV_MAIL_OPT_ENVID, TRUE },
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
{ US"SMTPUTF8",ENV_MAIL_OPT_UTF8, FALSE }, /* rfc6531 */
#endif
/* keep this the last entry */
spf_result = NULL;
spf_smtp_comment = NULL;
#endif
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
message_smtputf8 = FALSE;
#endif
body_linecount = body_zerocount = 0;
sync_cmd_limit = NON_SYNC_CMD_NON_PIPELINING;
smtp_exit_function_called = FALSE; /* For avoiding loop in not-quit exit */
-memset(sender_host_cache, 0, sizeof(sender_host_cache));
-
/* If receiving by -bs from a trusted user, or testing with -bh, we allow
authentication settings from -oMaa to remain in force. */
tls_advertised = FALSE;
#endif
dsn_advertised = FALSE;
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
smtputf8_advertised = FALSE;
#endif
esc = US""; /* Default extended status code */
esclen = 0; /* Length of esc */
-if (user_msg == NULL)
+if (!user_msg)
{
- s = expand_string(smtp_banner);
- if (s == NULL)
+ if (!(s = expand_string(smtp_banner)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Expansion of \"%s\" (smtp_banner) "
"failed: %s", smtp_banner, expand_string_message);
}
{
int codelen = 3;
s = user_msg;
- smtp_message_code(&code, &codelen, &s, NULL);
+ smtp_message_code(&code, &codelen, &s, NULL, TRUE);
if (codelen > 4)
{
esc = code + 4;
{
int len;
uschar *linebreak = Ustrchr(p, '\n');
- ss = string_cat(ss, &size, &ptr, code, 3);
+ ss = string_catn(ss, &size, &ptr, code, 3);
if (linebreak == NULL)
{
len = Ustrlen(p);
- ss = string_cat(ss, &size, &ptr, US" ", 1);
+ ss = string_catn(ss, &size, &ptr, US" ", 1);
}
else
{
len = linebreak - p;
- ss = string_cat(ss, &size, &ptr, US"-", 1);
+ ss = string_catn(ss, &size, &ptr, US"-", 1);
}
- ss = string_cat(ss, &size, &ptr, esc, esclen);
- ss = string_cat(ss, &size, &ptr, p, len);
- ss = string_cat(ss, &size, &ptr, US"\r\n", 2);
+ ss = string_catn(ss, &size, &ptr, esc, esclen);
+ ss = string_catn(ss, &size, &ptr, p, len);
+ ss = string_catn(ss, &size, &ptr, US"\r\n", 2);
p += len;
if (linebreak != NULL) p++;
}
codelen length of smtp code; if > 4 there's an ESC
msg message text
log_msg optional log message, to be adjusted with the new SMTP code
+ check_valid if true, verify the response code
Returns: nothing
*/
void
-smtp_message_code(uschar **code, int *codelen, uschar **msg, uschar **log_msg)
+smtp_message_code(uschar **code, int *codelen, uschar **msg, uschar **log_msg,
+ BOOL check_valid)
{
int n;
int ovector[3];
-if (msg == NULL || *msg == NULL) return;
+if (!msg || !*msg) return;
-n = pcre_exec(regex_smtp_code, NULL, CS *msg, Ustrlen(*msg), 0,
- PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int));
-if (n < 0) return;
+if ((n = pcre_exec(regex_smtp_code, NULL, CS *msg, Ustrlen(*msg), 0,
+ PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int))) < 0) return;
-if ((*msg)[0] != (*code)[0])
+if (check_valid && (*msg)[0] != (*code)[0])
{
log_write(0, LOG_MAIN|LOG_PANIC, "configured error code starts with "
"incorrect digit (expected %c) in \"%s\"", (*code)[0], *msg);
(aka RFC 2821) has concluded that the response should be 252 in the disabled
state, because there are broken clients that try VRFY before RCPT. A 5xx
response should be given only when the address is positively known to be
-undeliverable. Sigh. Also, for ETRN, 458 is given on refusal, and for AUTH,
-503.
+undeliverable. Sigh. We return 252 if there is no VRFY ACL or it provides
+no explicit code, but if there is one we let it know best.
+Also, for ETRN, 458 is given on refusal, and for AUTH, 503.
From Exim 4.63, it is possible to override the response code details by
providing a suitable response code string at the start of the message provided
in user_msg. The code's first digit is checked for validity.
Arguments:
- where where the ACL was called from
- rc the failure code
- user_msg a message that can be included in an SMTP response
- log_msg a message for logging
+ where where the ACL was called from
+ rc the failure code
+ user_msg a message that can be included in an SMTP response
+ log_msg a message for logging
Returns: 0 in most cases
2 if the failure code was FAIL_DROP, in which case the
/* Set the default SMTP code, and allow a user message to change it. */
-smtp_code = (rc != FAIL)? US"451" : acl_wherecodes[where];
-smtp_message_code(&smtp_code, &codelen, &user_msg, &log_msg);
+smtp_code = rc == FAIL ? acl_wherecodes[where] : US"451";
+smtp_message_code(&smtp_code, &codelen, &user_msg, &log_msg,
+ where != ACL_WHERE_VRFY);
/* We used to have sender_address here; however, there was a bug that was not
updating sender_address after a rewrite during a verify. When this bug was
if (log_reject_target != 0)
{
#ifdef SUPPORT_TLS
- uschar * s = s_tlslog(NULL, NULL, NULL);
- if (!s) s = US"";
+ uschar * tls = s_tlslog(NULL, NULL, NULL);
+ if (!tls) tls = US"";
#else
- uschar * s = US"";
+ uschar * tls = US"";
#endif
- log_write(0, log_reject_target, "%s%s %s%srejected %s%s",
- host_and_ident(TRUE), s,
- sender_info, (rc == FAIL)? US"" : US"temporarily ", what, log_msg);
+ log_write(0, log_reject_target, "%s%s%s %s%srejected %s%s",
+ LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
+ host_and_ident(TRUE),
+ tls,
+ sender_info,
+ rc == FAIL ? US"" : US"temporarily ",
+ what, log_msg);
}
if (!drop) return 0;
smtp_user_msg(uschar *code, uschar *user_msg)
{
int len = 3;
-smtp_message_code(&code, &len, &user_msg, NULL);
+smtp_message_code(&code, &len, &user_msg, NULL, TRUE);
smtp_respond(code, len, TRUE, user_msg);
}
)
{
cmd_list[CMD_LIST_TLS_AUTH].is_mail_cmd = FALSE;
- if (acl_smtp_auth)
+ if ( acl_smtp_auth
+ && (rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth,
+ &user_msg, &log_msg)) != OK
+ )
{
- rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth, &user_msg, &log_msg);
- if (rc != OK)
- {
- done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
- continue;
- }
+ done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
+ continue;
}
for (au = auths; au; au = au->next)
smtp_cmd_data = NULL;
if (smtp_in_auth(au, &s, &ss) == OK)
- DEBUG(D_auth) debug_printf("tls auth succeeded\n");
+ { DEBUG(D_auth) debug_printf("tls auth succeeded\n"); }
else
- DEBUG(D_auth) debug_printf("tls auth not succeeded\n");
+ { DEBUG(D_auth) debug_printf("tls auth not succeeded\n"); }
break;
}
}
/* Check the ACL */
- if (acl_smtp_auth)
+ if ( acl_smtp_auth
+ && (rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth,
+ &user_msg, &log_msg)) != OK
+ )
{
- rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth, &user_msg, &log_msg);
- if (rc != OK)
- {
- done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
- break;
- }
+ done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
+ break;
}
/* Find the name of the requested authentication mechanism. */
/* Apply an ACL check if one is defined; afterwards, recheck
synchronization in case the client started sending in a delay. */
- if (acl_smtp_helo != NULL)
- {
- rc = acl_check(ACL_WHERE_HELO, NULL, acl_smtp_helo, &user_msg, &log_msg);
- if (rc != OK)
+ if (acl_smtp_helo)
+ if ((rc = acl_check(ACL_WHERE_HELO, NULL, acl_smtp_helo,
+ &user_msg, &log_msg)) != OK)
{
done = smtp_handle_acl_fail(ACL_WHERE_HELO, rc, user_msg, log_msg);
sender_helo_name = NULL;
break;
}
else if (!check_sync()) goto SYNC_FAILURE;
- }
/* Generate an OK reply. The default string includes the ident if present,
and also the IP address if present. Reflecting back the ident is intended
tls_advertised = FALSE;
#endif
dsn_advertised = FALSE;
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
smtputf8_advertised = FALSE;
#endif
if (sender_host_address != NULL)
{
- s = string_cat(s, &size, &ptr, US" [", 2);
- s = string_cat(s, &size, &ptr, sender_host_address,
- Ustrlen(sender_host_address));
- s = string_cat(s, &size, &ptr, US"]", 1);
+ s = string_catn(s, &size, &ptr, US" [", 2);
+ s = string_cat (s, &size, &ptr, sender_host_address);
+ s = string_catn(s, &size, &ptr, US"]", 1);
}
}
{
char *ss;
int codelen = 4;
- smtp_message_code(&smtp_code, &codelen, &user_msg, NULL);
+ smtp_message_code(&smtp_code, &codelen, &user_msg, NULL, TRUE);
s = string_sprintf("%.*s%s", codelen, smtp_code, user_msg);
if ((ss = strpbrk(CS s, "\r\n")) != NULL)
{
size = ptr + 1;
}
- s = string_cat(s, &size, &ptr, US"\r\n", 2);
+ s = string_catn(s, &size, &ptr, US"\r\n", 2);
/* If we received EHLO, we must create a multiline response which includes
the functions supported. */
{
sprintf(CS big_buffer, "%.3s-SIZE %d\r\n", smtp_code,
thismessage_size_limit);
- s = string_cat(s, &size, &ptr, big_buffer, Ustrlen(big_buffer));
+ s = string_cat(s, &size, &ptr, big_buffer);
}
else
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-SIZE\r\n", 7);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-SIZE\r\n", 7);
}
/* Exim does not do protocol conversion or data conversion. It is 8-bit
if (accept_8bitmime)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-8BITMIME\r\n", 11);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-8BITMIME\r\n", 11);
}
/* Advertise DSN support if configured to do so. */
if (verify_check_host(&dsn_advertise_hosts) != FAIL)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-DSN\r\n", 6);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-DSN\r\n", 6);
dsn_advertised = TRUE;
}
if (acl_smtp_etrn != NULL)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-ETRN\r\n", 7);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-ETRN\r\n", 7);
}
/* Advertise EXPN if there's an ACL checking whether a host is
if (acl_smtp_expn != NULL)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-EXPN\r\n", 7);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-EXPN\r\n", 7);
}
/* Exim is quite happy with pipelining, so let the other end know that
if (pipelining_enable &&
verify_check_host(&pipelining_advertise_hosts) == OK)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-PIPELINING\r\n", 13);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-PIPELINING\r\n", 13);
sync_cmd_limit = NON_SYNC_CMD_PIPELINING;
pipelining_advertised = TRUE;
}
int saveptr;
if (first)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-AUTH", 5);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-AUTH", 5);
first = FALSE;
auth_advertised = TRUE;
}
saveptr = ptr;
- s = string_cat(s, &size, &ptr, US" ", 1);
- s = string_cat(s, &size, &ptr, au->public_name,
- Ustrlen(au->public_name));
+ s = string_catn(s, &size, &ptr, US" ", 1);
+ s = string_cat (s, &size, &ptr, au->public_name);
while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]);
au->advertised = TRUE;
}
else
au->advertised = FALSE;
- if (!first) s = string_cat(s, &size, &ptr, US"\r\n", 2);
+ if (!first) s = string_catn(s, &size, &ptr, US"\r\n", 2);
}
/* Advertise TLS (Transport Level Security) aka SSL (Secure Socket Layer)
if (tls_in.active < 0 &&
verify_check_host(&tls_advertise_hosts) != FAIL)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-STARTTLS\r\n", 11);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-STARTTLS\r\n", 11);
tls_advertised = TRUE;
}
#endif
/* Per Recipient Data Response, draft by Eric A. Hall extending RFC */
if (prdr_enable)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-PRDR\r\n", 7);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-PRDR\r\n", 7);
}
#endif
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
if ( accept_8bitmime
&& verify_check_host(&smtputf8_advertise_hosts) != FAIL)
{
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US"-SMTPUTF8\r\n", 11);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US"-SMTPUTF8\r\n", 11);
smtputf8_advertised = TRUE;
}
#endif
/* Finish off the multiline reply with one that is always available. */
- s = string_cat(s, &size, &ptr, smtp_code, 3);
- s = string_cat(s, &size, &ptr, US" HELP\r\n", 7);
+ s = string_catn(s, &size, &ptr, smtp_code, 3);
+ s = string_catn(s, &size, &ptr, US" HELP\r\n", 7);
}
/* Terminate the string (for debug), write it, and note that HELO/EHLO
break;
#endif
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
case ENV_MAIL_OPT_UTF8:
if (smtputf8_advertised)
{
case VRFY_CMD:
- HAD(SCH_VRFY);
- rc = acl_check(ACL_WHERE_VRFY, NULL, acl_smtp_vrfy, &user_msg, &log_msg);
- if (rc != OK)
- done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg);
- else
{
- uschar *address;
- uschar *s = NULL;
+ uschar * address;
+
+ HAD(SCH_VRFY);
- /* rfc821_domains = TRUE; << no longer needed */
- address = parse_extract_address(smtp_cmd_data, &errmess, &start, &end,
- &recipient_domain, FALSE);
- /* rfc821_domains = FALSE; << no longer needed */
+ if(!(address = parse_extract_address(smtp_cmd_data, &errmess, &start, &end,
+ &recipient_domain, FALSE)))
+ smtp_printf("501 %s\r\n", errmess);
- if (address == NULL)
- s = string_sprintf("501 %s", errmess);
+ else if ((rc = acl_check(ACL_WHERE_VRFY, address, acl_smtp_vrfy,
+ &user_msg, &log_msg)) != OK)
+ done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg);
else
- {
- address_item *addr = deliver_make_addr(address, FALSE);
- switch(verify_address(addr, NULL, vopt_is_recipient | vopt_qualify, -1,
- -1, -1, NULL, NULL, NULL))
- {
- case OK:
- s = string_sprintf("250 <%s> is deliverable", address);
- break;
+ {
+ uschar *s = NULL;
- case DEFER:
- s = (addr->user_message != NULL)?
- string_sprintf("451 <%s> %s", address, addr->user_message) :
- string_sprintf("451 Cannot resolve <%s> at this time", address);
- break;
+ address_item *addr = deliver_make_addr(address, FALSE);
+ switch(verify_address(addr, NULL, vopt_is_recipient | vopt_qualify, -1,
+ -1, -1, NULL, NULL, NULL))
+ {
+ case OK:
+ s = string_sprintf("250 <%s> is deliverable", address);
+ break;
- case FAIL:
- s = (addr->user_message != NULL)?
- string_sprintf("550 <%s> %s", address, addr->user_message) :
- string_sprintf("550 <%s> is not deliverable", address);
- log_write(0, LOG_MAIN, "VRFY failed for %s %s",
- smtp_cmd_argument, host_and_ident(TRUE));
- break;
- }
- }
+ case DEFER:
+ s = (addr->user_message != NULL)?
+ string_sprintf("451 <%s> %s", address, addr->user_message) :
+ string_sprintf("451 Cannot resolve <%s> at this time", address);
+ break;
- smtp_printf("%s\r\n", s);
+ case FAIL:
+ s = (addr->user_message != NULL)?
+ string_sprintf("550 <%s> %s", address, addr->user_message) :
+ string_sprintf("550 <%s> is not deliverable", address);
+ log_write(0, LOG_MAIN, "VRFY failed for %s %s",
+ smtp_cmd_argument, host_and_ident(TRUE));
+ break;
+ }
+
+ smtp_printf("%s\r\n", s);
+ }
+ break;
}
- break;
case EXPN_CMD:
/* Apply an ACL check if one is defined */
- if (acl_smtp_starttls != NULL)
+ if ( acl_smtp_starttls
+ && (rc = acl_check(ACL_WHERE_STARTTLS, NULL, acl_smtp_starttls,
+ &user_msg, &log_msg)) != OK
+ )
{
- rc = acl_check(ACL_WHERE_STARTTLS, NULL, acl_smtp_starttls, &user_msg,
- &log_msg);
- if (rc != OK)
- {
- done = smtp_handle_acl_fail(ACL_WHERE_STARTTLS, rc, user_msg, log_msg);
- break;
- }
+ done = smtp_handle_acl_fail(ACL_WHERE_STARTTLS, rc, user_msg, log_msg);
+ break;
}
/* RFC 2487 is not clear on when this command may be sent, though it
log_write(L_etrn, LOG_MAIN, "ETRN %s received from %s", smtp_cmd_argument,
host_and_ident(FALSE));
- rc = acl_check(ACL_WHERE_ETRN, NULL, acl_smtp_etrn, &user_msg, &log_msg);
- if (rc != OK)
+ if ((rc = acl_check(ACL_WHERE_ETRN, NULL, acl_smtp_etrn,
+ &user_msg, &log_msg)) != OK)
{
done = smtp_handle_acl_fail(ACL_WHERE_ETRN, rc, user_msg, log_msg);
break;
projects / exim.git / blobdiff