extra safetycheck before we process group addresses
[squirrelmail.git] / class / deliver / Deliver_SMTP.class.php
CommitLineData
e1ee60fe 1<?php
5b8fd093 2/**
3 * Deliver_SMTP.class.php
4 *
76911253 5 * Copyright (c) 1999-2003 The SquirrelMail Project Team
5b8fd093 6 * Licensed under the GNU GPL. For full terms see the file COPYING.
7 *
8 * Delivery backend for the Deliver class.
9 *
10 * $Id$
11 */
e1ee60fe 12
0f85ddf9 13require_once(SM_PATH . 'class/deliver/Deliver.class.php');
e1ee60fe 14
15class Deliver_SMTP extends Deliver {
16
5fe73b9f 17 function preWriteToStream(&$s) {
18 if ($s) {
19 if ($s{0} == '.') $s = '.' . $s;
20 $s = str_replace("\n.","\n..",$s);
21 }
22 }
23
24 function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false) {
47a29326 25 global $use_smtp_tls,$smtp_auth_mech,$username,$key,$onetimepad;
26
27 if ($authpop) {
28 $this->authPop($host, '', $username, $pass);
5fe73b9f 29 }
47a29326 30
31 $rfc822_header = $message->rfc822_header;
5fe73b9f 32 $from = $rfc822_header->from[0];
33 $to = $rfc822_header->to;
34 $cc = $rfc822_header->cc;
47a29326 35 $bcc = $rfc822_header->bcc;
36
37 if (($use_smtp_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) {
38 $stream = fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
39 } else {
40 $stream = fsockopen($host, $port, $errorNumber, $errorString);
41 }
5fe73b9f 42
5fe73b9f 43 if (!$stream) {
44 $this->dlv_msg = $errorString;
45 $this->dlv_ret_nr = $errorNumber;
46 return(0);
47 }
48 $tmp = fgets($stream, 1024);
49 if ($this->errorCheck($tmp, $stream)) {
50 return(0);
51 }
0c0e6024 52
53 /* If $_SERVER['HTTP_HOST'] is set, use that in our HELO to the SMTP
54 server. This should fix the DNS issues some people have had */
55 if (sqgetGlobalVar('HTTP_HOST', $HTTP_HOST, SQ_SERVER)) { // HTTP_HOST is set
56 $helohost = $HTTP_HOST;
57 } else { // For some reason, HTTP_HOST is not set - revert to old behavior
58 $helohost = $domain;
59 }
60
5fe73b9f 61 /* Lets introduce ourselves */
639c7164 62 if (( $smtp_auth_mech == 'cram-md5') or ( $smtp_auth_mech == 'digest-md5' )) {
47a29326 63 // Doing some form of non-plain auth
0c0e6024 64 fputs($stream, "EHLO $helohost\r\n");
47a29326 65 $tmp = fgets($stream,1024);
66 if ($this->errorCheck($tmp,$stream)) {
67 return(0);
68 }
69 if ($smtp_auth_mech == 'cram-md5') {
70 fputs($stream, "AUTH CRAM-MD5\r\n");
71 } elseif ($smtp_auth_mech == 'digest-md5') {
72 fputs($stream, "AUTH DIGEST-MD5\r\n");
73 }
74 $tmp = fgets($stream,1024);
75
76 if ($this->errorCheck($tmp,$stream)) {
77 return(0);
78 }
79
80 // At this point, $tmp should hold "334 <challenge string>"
81 $chall = substr($tmp,4);
82 // Depending on mechanism, generate response string
83 if ($smtp_auth_mech == 'cram-md5') {
84 $response = cram_md5_response($username,$pass,$chall);
85 } elseif ($smtp_auth_mech == 'digest-md5') {
86 $response = digest_md5_response($username,$pass,$chall,'smtp',$host);
87 }
88 fputs($stream, $response);
89
90 // Let's see what the server had to say about that
91 $tmp = fgets($stream,1024);
92 if ($this->errorCheck($tmp,$stream)) {
93 return(0);
94 }
95
96 // CRAM-MD5 is done at this point. If DIGEST-MD5, there's a bit more to go
97 if ($smtp_auth_mech == 'digest-md5')
98 {
99 // $tmp contains rspauth, but I don't store that yet. (No need yet)
100 fputs($stream,"\r\n");
101 $tmp = fgets($stream,1024);
102
103 if ($this->errorCheck($tmp,$stream)) {
104 return(0);
105 }
106 }
107 // CRAM-MD5 and DIGEST-MD5 code ends here
108 } elseif ($smtp_auth_mech == 'none') {
109 // No auth at all, just send helo and then send the mail
0c0e6024 110 fputs($stream, "HELO $helohost\r\n");
47a29326 111 $tmp = fgets($stream, 1024);
112 if ($this->errorCheck($tmp, $stream)) {
113 return(0);
114 }
fe0b18b3 115 } elseif ($smtp_auth_mech == 'login') {
116 // The LOGIN method
0c0e6024 117 fputs($stream, "EHLO $helohost\r\n");
47a29326 118 $tmp = fgets($stream, 1024);
119 if ($this->errorCheck($tmp, $stream)) {
120 return(0);
121 }
122 fputs($stream, "AUTH LOGIN\r\n");
123 $tmp = fgets($stream, 1024);
5fe73b9f 124
47a29326 125 if ($this->errorCheck($tmp, $stream)) {
126 return(0);
127 }
128 fputs($stream, base64_encode ($username) . "\r\n");
129 $tmp = fgets($stream, 1024);
130 if ($this->errorCheck($tmp, $stream)) {
131 return(0);
132 }
5fe73b9f 133
47a29326 134 fputs($stream, base64_encode($pass) . "\r\n");
135 $tmp = fgets($stream, 1024);
136 if ($this->errorCheck($tmp, $stream)) {
137 return(0);
138 }
aa358b7e 139 } else {
140 /* Right here, they've reached an unsupported auth mechanism.
141 This is the ugliest hack I've ever done, but it'll do till I can fix
142 things up better tomorrow. So tired... */
143 if ($this->errorCheck("535 Unable to use this auth type",$stream)) {
144 return(0);
145 }
146 }
5fe73b9f 147
148 /* Ok, who is sending the message? */
149 fputs($stream, 'MAIL FROM: <'.$from->mailbox.'@'.$from->host.">\r\n");
150 $tmp = fgets($stream, 1024);
151 if ($this->errorCheck($tmp, $stream)) {
152 return(0);
153 }
154
155 /* send who the recipients are */
156 for ($i = 0, $cnt = count($to); $i < $cnt; $i++) {
157 if (!$to[$i]->host) $to[$i]->host = $domain;
d1825c3c 158 if ($to[$i]->mailbox) {
159 fputs($stream, 'RCPT TO: <'.$to[$i]->mailbox.'@'.$to[$i]->host.">\r\n");
160 $tmp = fgets($stream, 1024);
161 if ($this->errorCheck($tmp, $stream)) {
162 return(0);
163 }
5fe73b9f 164 }
165 }
d1825c3c 166
5fe73b9f 167 for ($i = 0, $cnt = count($cc); $i < $cnt; $i++) {
d1825c3c 168 if (!$cc[$i]->host) $cc[$i]->host = $domain;
169 if ($cc[$i]->mailbox) {
170 fputs($stream, 'RCPT TO: <'.$cc[$i]->mailbox.'@'.$cc[$i]->host.">\r\n");
171 $tmp = fgets($stream, 1024);
172 if ($this->errorCheck($tmp, $stream)) {
173 return(0);
174 }
5fe73b9f 175 }
176 }
177 for ($i = 0, $cnt = count($bcc); $i < $cnt; $i++) {
d1825c3c 178 if (!$bcc[$i]->host) $bcc[$i]->host = $domain;
179 if ($bcc[$i]->mailbox) {
180 fputs($stream, 'RCPT TO: <'.$bcc[$i]->mailbox.'@'.$bcc[$i]->host.">\r\n");
181 $tmp = fgets($stream, 1024);
182 if ($this->errorCheck($tmp, $stream)) {
183 return(0);
184 }
5fe73b9f 185 }
186 }
187 /* Lets start sending the actual message */
188 fputs($stream, "DATA\r\n");
189 $tmp = fgets($stream, 1024);
190 if ($this->errorCheck($tmp, $stream)) {
191 return(0);
192 }
193 return $stream;
194 }
195
196 function finalizeStream($stream) {
197 fputs($stream, ".\r\n"); /* end the DATA part */
198 $tmp = fgets($stream, 1024);
199 $this->errorCheck($tmp, $stream);
200 if ($this->dlv_ret_nr != 250) {
201 return(0);
202 }
203 fputs($stream, "QUIT\r\n"); /* log off */
204 fclose($stream);
205 return true;
206 }
207
ca71b2db 208 /* check if an SMTP reply is an error and set an error message) */
5fe73b9f 209 function errorCheck($line, $smtpConnection) {
ca71b2db 210
211 $err_num = substr($line, 0, 3);
212 $this->dlv_ret_nr = $err_num;
213 $server_msg = substr($line, 4);
214
215 while(substr($line, 0, 4) == ($err_num.'-')) {
216 $line = fgets($smtpConnection, 1024);
217 $server_msg .= substr($line, 4);
218 }
219
220 if ( ((int) $err_num{0}) < 4)
221 {
222 return false;
223 }
224
225 switch ($err_num) {
226 case '421': $message = _("Service not available, closing channel");
227 break;
228 case '432': $message = _("A password transition is needed");
229 break;
230 case '450': $message = _("Requested mail action not taken: mailbox unavailable");
231 break;
232 case '451': $message = _("Requested action aborted: error in processing");
233 break;
234 case '452': $message = _("Requested action not taken: insufficient system storage");
235 break;
236 case '454': $message = _("Temporary authentication failure");
237 break;
238 case '500': $message = _("Syntax error; command not recognized");
239 break;
240 case '501': $message = _("Syntax error in parameters or arguments");
241 break;
242 case '502': $message = _("Command not implemented");
243 break;
244 case '503': $message = _("Bad sequence of commands");
245 break;
246 case '504': $message = _("Command parameter not implemented");
247 break;
248 case '530': $message = _("Authentication required");
249 break;
250 case '534': $message = _("Authentication mechanism is too weak");
251 break;
252 case '535': $message = _("Authentication failed");
253 break;
254 case '538': $message = _("Encryption required for requested authentication mechanism");
255 break;
256 case '550': $message = _("Requested action not taken: mailbox unavailable");
257 break;
258 case '551': $message = _("User not local; please try forwarding");
259 break;
260 case '552': $message = _("Requested mail action aborted: exceeding storage allocation");
261 break;
262 case '553': $message = _("Requested action not taken: mailbox name not allowed");
263 break;
264 case '554': $message = _("Transaction failed");
265 break;
266 default: $message = _("Unknown response");
267 break;
268 }
269
270 $this->dlv_msg = $message;
271 $this->dlv_server_msg = nl2br(htmlspecialchars($server_msg));
272
5fe73b9f 273 return true;
274 }
275
276 function authPop($pop_server='', $pop_port='', $user, $pass) {
277 if (!$pop_port) {
278 $pop_port = 110;
279 }
280 if (!$pop_server) {
281 $pop_server = 'localhost';
282 }
283 $popConnection = fsockopen($pop_server, $pop_port, $err_no, $err_str);
284 if (!$popConnection) {
285 error_log("Error connecting to POP Server ($pop_server:$pop_port)"
286 . " $err_no : $err_str");
287 } else {
288 $tmp = fgets($popConnection, 1024); /* banner */
289 if (!eregi("^\+OK", $tmp, $regs)) {
290 return(0);
291 }
292 fputs($popConnection, "USER $user\r\n");
293 $tmp = fgets($popConnection, 1024);
294 if (!eregi("^\+OK", $tmp, $regs)) {
295 return(0);
296 }
297 fputs($popConnection, 'PASS ' . $pass . "\r\n");
298 $tmp = fgets($popConnection, 1024);
299 if (!eregi("^\+OK", $tmp, $regs)) {
300 return(0);
301 }
302 fputs($popConnection, "QUIT\r\n"); /* log off */
303 fclose($popConnection);
304 }
305 }
e1ee60fe 306}
5fe73b9f 307
e1ee60fe 308?>