From: Philip Hazel Date: Tue, 14 Feb 2006 14:55:37 +0000 (+0000) Subject: Add log selector sender_verify_fail. X-Git-Tag: exim-4_61~56 X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=278c6e6cc2394271726a444eecc97cd9b25596e2 Add log selector sender_verify_fail. --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 4e844d6d0..ce179b7d5 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.298 2006/02/14 14:26:14 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.299 2006/02/14 14:55:37 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -160,6 +160,8 @@ PH/29 In GnuTLS, a forced expansion failure for tls_privatekey was not being PH/30 Fix eximon buffer overflow bug (Bugzilla #73). +PH/31 Added sender_verify_fail logging option. + Exim version 4.60 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index d4c307cff..fdccff410 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.84 2006/02/14 14:12:06 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.85 2006/02/14 14:55:37 ph10 Exp $ New Features in Exim -------------------- @@ -49,6 +49,12 @@ PH/05 The "control=freeze" ACL modifier can now be followed by /no_tell. If PH/06 In both GnuTLS and OpenSSL, an expansion of tls_privatekey that results in an empty string is now treated as unset. +PH/07 There is a new log selector called sender_verify_fail, which is set by + default. If it is unset, the separate log line that gives details of a + sender verification failure is not written. Log lines for the rejection + of SMTP commands (e.g. RCPT) contain just "sender verify failed", so some + detail is lost. + Version 4.60 ------------ diff --git a/src/src/globals.c b/src/src/globals.c index 11470fbe4..4031fa2d3 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.c,v 1.48 2006/02/13 12:02:59 ph10 Exp $ */ +/* $Cambridge: exim/src/src/globals.c,v 1.49 2006/02/14 14:55:37 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -677,6 +677,7 @@ bit_table log_options[] = { { US"retry_defer", L_retry_defer }, { US"return_path_on_delivery", LX_return_path_on_delivery }, { US"sender_on_delivery", LX_sender_on_delivery }, + { US"sender_verify_fail", LX_sender_verify_fail }, { US"size_reject", L_size_reject }, { US"skip_delivery", L_skip_delivery }, { US"smtp_confirmation", LX_smtp_confirmation }, diff --git a/src/src/macros.h b/src/src/macros.h index 1deab7ad8..497589023 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/macros.h,v 1.22 2006/02/07 11:19:00 ph10 Exp $ */ +/* $Cambridge: exim/src/src/macros.h,v 1.23 2006/02/14 14:55:37 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -381,12 +381,13 @@ set all the bits in a multi-word selector. */ #define LX_rejected_header 0x80001000 #define LX_return_path_on_delivery 0x80002000 #define LX_sender_on_delivery 0x80004000 -#define LX_smtp_confirmation 0x80008000 -#define LX_subject 0x80010000 -#define LX_tls_certificate_verified 0x80020000 -#define LX_tls_cipher 0x80040000 -#define LX_tls_peerdn 0x80080000 -#define LX_unknown_in_list 0x80100000 +#define LX_sender_verify_fail 0x80008000 +#define LX_smtp_confirmation 0x80010000 +#define LX_subject 0x80020000 +#define LX_tls_certificate_verified 0x80040000 +#define LX_tls_cipher 0x80080000 +#define LX_tls_peerdn 0x80100000 +#define LX_unknown_in_list 0x80200000 #define L_default (L_connection_reject | \ L_delay_delivery | \ @@ -401,6 +402,7 @@ set all the bits in a multi-word selector. */ #define LX_default ((LX_acl_warn_skipped | \ LX_rejected_header | \ + LX_sender_verify_fail | \ LX_tls_cipher) & 0x7fffffff) /* Private error numbers for delivery failures, set negative so as not diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index a6a14fe2f..4ed335c02 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/smtp_in.c,v 1.32 2006/02/13 16:23:57 ph10 Exp $ */ +/* $Cambridge: exim/src/src/smtp_in.c,v 1.33 2006/02/14 14:55:37 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -1845,19 +1845,21 @@ if (where == ACL_WHERE_RCPT || where == ACL_WHERE_DATA || where == ACL_WHERE_MIM /* If there's been a sender verification failure with a specific message, and we have not sent a response about it yet, do so now, as a preliminary line for -failures, but not defers. However, log it in both cases. */ +failures, but not defers. However, always log it for defer, and log it for fail +unless the sender_verify_fail log selector has been turned off. */ if (sender_verified_failed != NULL && !testflag(sender_verified_failed, af_sverify_told)) { setflag(sender_verified_failed, af_sverify_told); - log_write(0, LOG_MAIN|LOG_REJECT, "%s sender verify %s for <%s>%s", - host_and_ident(TRUE), - ((sender_verified_failed->special_action & 255) == DEFER)? "defer" : "fail", - sender_verified_failed->address, - (sender_verified_failed->message == NULL)? US"" : - string_sprintf(": %s", sender_verified_failed->message)); + if (rc != FAIL || (log_extra_selector & LX_sender_verify_fail) != 0) + log_write(0, LOG_MAIN|LOG_REJECT, "%s sender verify %s for <%s>%s", + host_and_ident(TRUE), + ((sender_verified_failed->special_action & 255) == DEFER)? "defer":"fail", + sender_verified_failed->address, + (sender_verified_failed->message == NULL)? US"" : + string_sprintf(": %s", sender_verified_failed->message)); if (rc == FAIL && sender_verified_failed->user_message != NULL) smtp_respond(code, FALSE, string_sprintf( diff --git a/test/confs/0462 b/test/confs/0462 index 31560b90f..7ff47e6b5 100644 --- a/test/confs/0462 +++ b/test/confs/0462 @@ -1,5 +1,7 @@ # Exim test configuration 0462 +SELECTOR= + exim_path = EXIM_PATH host_lookup_order = bydns primary_hostname = myhost.test.ex @@ -15,6 +17,7 @@ domainlist local_domains = test.ex acl_smtp_rcpt = $local_part smtp_return_error_details +log_selector = SELECTOR # ----- ACL ----- diff --git a/test/log/0462 b/test/log/0462 index 3a5954e9a..ec4952f98 100644 --- a/test/log/0462 +++ b/test/log/0462 @@ -2,3 +2,4 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for : response to "RCPT TO:" from 127.0.0.1 [127.0.0.1] was: 550 NO 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed +1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed diff --git a/test/rejectlog/0462 b/test/rejectlog/0462 index 3a5954e9a..ec4952f98 100644 --- a/test/rejectlog/0462 +++ b/test/rejectlog/0462 @@ -2,3 +2,4 @@ 1999-03-02 09:44:33 H=[V4NET.0.0.1] U=root F= rejected RCPT : Sender verify failed 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root sender verify fail for : response to "RCPT TO:" from 127.0.0.1 [127.0.0.1] was: 550 NO 1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed +1999-03-02 09:44:33 H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed diff --git a/test/scripts/0000-Basic/0462 b/test/scripts/0000-Basic/0462 index a6f3622ba..d12ced725 100644 --- a/test/scripts/0000-Basic/0462 +++ b/test/scripts/0000-Basic/0462 @@ -41,3 +41,20 @@ MAIL FROM: RCPT TO: QUIT **** +# Same again, but with sender_verify_fail logging turned off +server PORT_S +220 Server ready +HELO +250 OK +MAIL FROM +250 OK +RCPT TO +550 NO +QUIT +250 OK +**** +sudo exim -DSELECTOR=-sender_verify_fail -d-all+verify -v -bs -oMa V4NET.0.0.2 +MAIL FROM: +RCPT TO: +QUIT +**** diff --git a/test/stderr/0462 b/test/stderr/0462 index 876aacc79..238959945 100644 --- a/test/stderr/0462 +++ b/test/stderr/0462 @@ -79,3 +79,34 @@ LOG: MAIN REJECT LOG: smtp_connection MAIN SMTP connection from root closed by QUIT >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +trusted user +admin user +LOG: smtp_connection MAIN + SMTP connection from root +>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +Verifying NOTok2@elsewhere +>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +Considering NOTok2@elsewhere +Attempting full verification using callout +callout cache: found domain record +callout cache: no address record found +interface=NULL port=1224 +Connecting to 127.0.0.1 [127.0.0.1]:1224 ... connected + SMTP<< 220 Server ready + SMTP>> HELO myhost.test.ex + SMTP<< 250 OK + SMTP>> MAIL FROM:<> + SMTP<< 250 OK + SMTP>> RCPT TO: + SMTP<< 550 NO + SMTP>> QUIT +wrote callout cache domain record: + result=1 postmaster=0 random=0 +wrote negative callout cache address record +LOG: MAIN REJECT + H=[V4NET.0.0.2] U=root F= rejected RCPT : Sender verify failed +LOG: smtp_connection MAIN + SMTP connection from root closed by QUIT +>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stdout/0462 b/test/stdout/0462 index f454d0c23..004a788af 100644 --- a/test/stdout/0462 +++ b/test/stdout/0462 @@ -18,6 +18,14 @@ 550-Response: 550 NO 550 Sender verify failed 221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250 OK +550-Verification failed for +550-Called: 127.0.0.1 +550-Sent: RCPT TO: +550-Response: 550 NO +550 Sender verify failed +221 myhost.test.ex closing connection ******** SERVER ******** Listening on port 1224 ... @@ -50,3 +58,15 @@ RCPT TO: QUIT 250 OK End of script +Listening on port 1224 ... +Connection request from [127.0.0.1] +220 Server ready +HELO myhost.test.ex +250 OK +MAIL FROM:<> +250 OK +RCPT TO: +550 NO +QUIT +250 OK +End of script