On callout avoid SIZE every time but noncacheable rcpt main-verify. Bug 2151

[exim.git] / src / src / verify.c

diff --git a/src/src/verify.c b/src/src/verify.c
index e46d2020bd76d006de3572225c2389df8103cfa1..6c71d7feb2427fedafb4545cfd51c0f10cd49b46 100644 (file)
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -785,8 +785,12 @@ tls_retry_connection:
       postmaster-verify.
       The sync_responses() would need to be taught about it and we'd
       need another return code filtering out to here.
+
+      Avoid using a SIZE option on the MAIL for all randon-rcpt checks.
       */
 
+      sx.avoid_option = OPTION_SIZE;
+
       /* Remember when we last did a random test */
       new_domain_record.random_stamp = time(NULL);
 
@@ -795,9 +799,12 @@ tls_retry_connection:
          {
          case PENDING_OK:
            new_domain_record.random_result = ccache_accept;
-           break;
-         case FAIL:
+           yield = OK;         /* Only usable result we can return */
+           done = TRUE;
+           goto no_conn;
+         case FAIL:            /* the preferred result */
            new_domain_record.random_result = ccache_reject;
+           sx.avoid_option = 0;
 
            /* Between each check, issue RSET, because some servers accept only
            one recipient after MAIL FROM:<>.
@@ -842,12 +849,14 @@ tls_retry_connection:
     else
       done = TRUE;
 
-    /* Main verify. If the host is accepting all local parts, as determined
-    by the "random" check, we don't need to waste time doing any further
-    checking. */
+    /* Main verify.  For rcpt-verify use SIZE if we know it and we're not cacheing;
+    for sndr-verify never use it. */
 
     if (done)
       {
+      if (!(options & vopt_is_recipient  &&  options & vopt_callout_no_cache))
+       sx.avoid_option = OPTION_SIZE;
+
       done = FALSE;
       switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield))
        {
@@ -856,12 +865,12 @@ tls_retry_connection:
                    case PENDING_OK:  done = TRUE;
                                      new_address_record.result = ccache_accept;
                                      break;
-                   case FAIL:        done = TRUE;
+                   case FAIL:      done = TRUE;
                                      yield = FAIL;
                                      *failure_ptr = US"recipient";
                                      new_address_record.result = ccache_reject;
                                      break;
-                   default:          break;
+                   default:        break;
                    }
                  break;
 
@@ -914,6 +923,7 @@ tls_retry_connection:
        sx.ok = FALSE;
        sx.send_rset = TRUE;
        sx.completed_addr = FALSE;
+       sx.avoid_option = OPTION_SIZE;
 
        if(  smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0
          && addr->transport_return == PENDING_OK
@@ -1177,7 +1187,7 @@ if(cutthrough.fd < 0)
 
 if(
 #ifdef SUPPORT_TLS
-   (tls_out.active == cutthrough.fd) ? tls_write(FALSE, ctblock.buffer, n) :
+   tls_out.active == cutthrough.fd ? tls_write(FALSE, ctblock.buffer, n, FALSE) :
 #endif
    send(cutthrough.fd, ctblock.buffer, n, 0) > 0
   )
@@ -1344,6 +1354,7 @@ tctx.tblock = cutthrough.addr.transport;
 tctx.addr = &cutthrough.addr;
 tctx.check_string = US".";
 tctx.escape_string = US"..";
+/*XXX check under spool_files_wireformat.  Might be irrelevant */
 tctx.options = topt_use_crlf;
 
 if (!transport_headers_send(&tctx, &cutthrough_write_chunk))
@@ -1395,6 +1406,7 @@ cutthrough.delivery = cutthrough.callout_hold_only = FALSE;
 void
 release_cutthrough_connection(const uschar * why)
 {
+if (cutthrough.fd < 0) return;
 HDEBUG(D_acl) debug_printf_indent("release cutthrough conn: %s\n", why);
 cutthrough.fd = -1;
 cutthrough.delivery = cutthrough.callout_hold_only = FALSE;
@@ -1515,7 +1527,7 @@ va_list ap;
 
 va_start(ap, format);
 if (smtp_out && (f == smtp_out))
-  smtp_vprintf(format, ap);
+  smtp_vprintf(format, FALSE, ap);
 else
   vfprintf(f, format, ap);
 va_end(ap);