class/deliver/Deliver_SMTP.class.php

   1 <?php
   2 /**
   3 * Deliver_SMTP.class.php
   4 *
   5 * Copyright (c) 1999-2005 The SquirrelMail Project Team
   6 * Licensed under the GNU GPL. For full terms see the file COPYING.
   7 *
   8 * Delivery backend for the Deliver class.
   9 *
  10 * @version $Id$
  11 * @package squirrelmail
  12 */
  13
  14 /** This of course depends upon Deliver */
  15 require_once(SM_PATH . 'class/deliver/Deliver.class.php');
  16
  17 /**
  18 * Deliver messages using SMTP
  19 * @package squirrelmail
  20 */
  21 class Deliver_SMTP extends Deliver {
  22
  23     function preWriteToStream(&$s) {
  24         if ($s) {
  25             if ($s{0} == '.')   $s = '.' . $s;
  26             $s = str_replace("\n.","\n..",$s);
  27         }
  28     }
  29
  30     function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false) {
  31         global $use_smtp_tls,$smtp_auth_mech;
  32
  33         if ($authpop) {
  34             $this->authPop($host, '', $user, $pass);
  35         }
  36
  37         $rfc822_header = $message->rfc822_header;
  38
  39         $from = $rfc822_header->from[0];
  40         $to =   $rfc822_header->to;
  41         $cc =   $rfc822_header->cc;
  42         $bcc =  $rfc822_header->bcc;
  43         $content_type  = $rfc822_header->content_type;
  44
  45         // MAIL FROM: <from address> MUST be empty in cae of MDN (RFC2298)
  46         if ($content_type->type0 == 'multipart' &&
  47             $content_type->type1 == 'report' &&
  48             isset($content_type->properties['report-type']) &&
  49             $content_type->properties['report-type']=='disposition-notification') {
  50             $from->host = '';
  51             $from->mailbox = '';
  52         }
  53
  54         if (($use_smtp_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) {
  55             $stream = @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
  56         } else {
  57             $stream = @fsockopen($host, $port, $errorNumber, $errorString);
  58         }
  59
  60         if (!$stream) {
  61             $this->dlv_msg = $errorString;
  62             $this->dlv_ret_nr = $errorNumber;
  63             $this->dlv_server_msg = '';
  64             return(0);
  65         }
  66         $tmp = fgets($stream, 1024);
  67         if ($this->errorCheck($tmp, $stream)) {
  68             return(0);
  69         }
  70
  71         /*
  72         * If $_SERVER['HTTP_HOST'] is set, use that in our HELO to the SMTP
  73         * server.  This should fix the DNS issues some people have had
  74         */
  75         if (sqgetGlobalVar('HTTP_HOST', $HTTP_HOST, SQ_SERVER)) { // HTTP_HOST is set
  76             // optionally trim off port number
  77             if($p = strrpos($HTTP_HOST, ':')) {
  78                 $HTTP_HOST = substr($HTTP_HOST, 0, $p);
  79             }
  80             $helohost = $HTTP_HOST;
  81         } else { // For some reason, HTTP_HOST is not set - revert to old behavior
  82             $helohost = $domain;
  83         }
  84
  85         /* Lets introduce ourselves */
  86         fputs($stream, "EHLO $helohost\r\n");
  87         $tmp = fgets($stream,1024);
  88         if ($this->errorCheck($tmp,$stream)) {
  89             // fall back to HELO if EHLO is not supported
  90             if ($this->dlv_ret_nr == '500') {
  91                 fputs($stream, "HELO $helohost\r\n");
  92                 $tmp = fgets($stream,1024);
  93                 if ($this->errorCheck($tmp,$stream)) {
  94                     return(0);
  95                 }
  96             } else {
  97                 return(0);
  98             }
  99         }
 100
 101         if (( $smtp_auth_mech == 'cram-md5') or ( $smtp_auth_mech == 'digest-md5' )) {
 102             // Doing some form of non-plain auth
 103             if ($smtp_auth_mech == 'cram-md5') {
 104                 fputs($stream, "AUTH CRAM-MD5\r\n");
 105             } elseif ($smtp_auth_mech == 'digest-md5') {
 106                 fputs($stream, "AUTH DIGEST-MD5\r\n");
 107             }
 108
 109             $tmp = fgets($stream,1024);
 110
 111             if ($this->errorCheck($tmp,$stream)) {
 112                 return(0);
 113             }
 114
 115             // At this point, $tmp should hold "334 <challenge string>"
 116             $chall = substr($tmp,4);
 117             // Depending on mechanism, generate response string
 118             if ($smtp_auth_mech == 'cram-md5') {
 119                 $response = cram_md5_response($user,$pass,$chall);
 120             } elseif ($smtp_auth_mech == 'digest-md5') {
 121                 $response = digest_md5_response($user,$pass,$chall,'smtp',$host);
 122             }
 123             fputs($stream, $response);
 124
 125             // Let's see what the server had to say about that
 126             $tmp = fgets($stream,1024);
 127             if ($this->errorCheck($tmp,$stream)) {
 128                 return(0);
 129             }
 130
 131             // CRAM-MD5 is done at this point.  If DIGEST-MD5, there's a bit more to go
 132             if ($smtp_auth_mech == 'digest-md5') {
 133                 // $tmp contains rspauth, but I don't store that yet. (No need yet)
 134                 fputs($stream,"\r\n");
 135                 $tmp = fgets($stream,1024);
 136
 137                 if ($this->errorCheck($tmp,$stream)) {
 138                 return(0);
 139                 }
 140             }
 141         // CRAM-MD5 and DIGEST-MD5 code ends here
 142         } elseif ($smtp_auth_mech == 'none') {
 143         // No auth at all, just send helo and then send the mail
 144         // We already said hi earlier, nothing more is needed.
 145         } elseif ($smtp_auth_mech == 'login') {
 146             // The LOGIN method
 147             fputs($stream, "AUTH LOGIN\r\n");
 148             $tmp = fgets($stream, 1024);
 149
 150             if ($this->errorCheck($tmp, $stream)) {
 151                 return(0);
 152             }
 153             fputs($stream, base64_encode ($user) . "\r\n");
 154             $tmp = fgets($stream, 1024);
 155             if ($this->errorCheck($tmp, $stream)) {
 156                 return(0);
 157             }
 158
 159             fputs($stream, base64_encode($pass) . "\r\n");
 160             $tmp = fgets($stream, 1024);
 161             if ($this->errorCheck($tmp, $stream)) {
 162                 return(0);
 163             }
 164         } elseif ($smtp_auth_mech == "plain") {
 165             /* SASL Plain */
 166             $auth = base64_encode("$user\0$user\0$pass");
 167
 168             $query = "AUTH PLAIN\r\n";
 169             fputs($stream, $query);
 170             $read=fgets($stream, 1024);
 171
 172             if (substr($read,0,3) == '334') { // OK so far..
 173                 fputs($stream, "$auth\r\n");
 174                 $read = fgets($stream, 1024);
 175             }
 176
 177             $results=explode(" ",$read,3);
 178             $response=$results[1];
 179             $message=$results[2];
 180         } else {
 181             /* Right here, they've reached an unsupported auth mechanism.
 182             This is the ugliest hack I've ever done, but it'll do till I can fix
 183             things up better tomorrow.  So tired... */
 184             if ($this->errorCheck("535 Unable to use this auth type",$stream)) {
 185                 return(0);
 186             }
 187         }
 188
 189         /* Ok, who is sending the message? */
 190         $fromaddress = ($from->mailbox && $from->host) ?
 191             $from->mailbox.'@'.$from->host : '';
 192         fputs($stream, 'MAIL FROM:<'.$fromaddress.">\r\n");
 193         $tmp = fgets($stream, 1024);
 194         if ($this->errorCheck($tmp, $stream)) {
 195             return(0);
 196         }
 197
 198         /* send who the recipients are */
 199         for ($i = 0, $cnt = count($to); $i < $cnt; $i++) {
 200             if (!$to[$i]->host) $to[$i]->host = $domain;
 201             if ($to[$i]->mailbox) {
 202                 fputs($stream, 'RCPT TO:<'.$to[$i]->mailbox.'@'.$to[$i]->host.">\r\n");
 203                 $tmp = fgets($stream, 1024);
 204                 if ($this->errorCheck($tmp, $stream)) {
 205                     return(0);
 206                 }
 207             }
 208         }
 209
 210         for ($i = 0, $cnt = count($cc); $i < $cnt; $i++) {
 211             if (!$cc[$i]->host) $cc[$i]->host = $domain;
 212             if ($cc[$i]->mailbox) {
 213                 fputs($stream, 'RCPT TO:<'.$cc[$i]->mailbox.'@'.$cc[$i]->host.">\r\n");
 214                 $tmp = fgets($stream, 1024);
 215                 if ($this->errorCheck($tmp, $stream)) {
 216                     return(0);
 217                 }
 218             }
 219         }
 220
 221         for ($i = 0, $cnt = count($bcc); $i < $cnt; $i++) {
 222             if (!$bcc[$i]->host) $bcc[$i]->host = $domain;
 223             if ($bcc[$i]->mailbox) {
 224                 fputs($stream, 'RCPT TO:<'.$bcc[$i]->mailbox.'@'.$bcc[$i]->host.">\r\n");
 225                 $tmp = fgets($stream, 1024);
 226                 if ($this->errorCheck($tmp, $stream)) {
 227                     return(0);
 228                 }
 229             }
 230         }
 231         /* Lets start sending the actual message */
 232         fputs($stream, "DATA\r\n");
 233         $tmp = fgets($stream, 1024);
 234         if ($this->errorCheck($tmp, $stream)) {
 235                 return(0);
 236         }
 237         return $stream;
 238     }
 239
 240     function finalizeStream($stream) {
 241         fputs($stream, "\r\n.\r\n"); /* end the DATA part */
 242         $tmp = fgets($stream, 1024);
 243         $this->errorCheck($tmp, $stream);
 244         if ($this->dlv_ret_nr != 250) {
 245                 return(0);
 246         }
 247         fputs($stream, "QUIT\r\n"); /* log off */
 248         fclose($stream);
 249         return true;
 250     }
 251
 252     /* check if an SMTP reply is an error and set an error message) */
 253     function errorCheck($line, $smtpConnection) {
 254
 255         $err_num = substr($line, 0, 3);
 256         $this->dlv_ret_nr = $err_num;
 257         $server_msg = substr($line, 4);
 258
 259         while(substr($line, 0, 4) == ($err_num.'-')) {
 260             $line = fgets($smtpConnection, 1024);
 261             $server_msg .= substr($line, 4);
 262         }
 263
 264         if ( ((int) $err_num{0}) < 4) {
 265             return false;
 266         }
 267
 268         switch ($err_num) {
 269         case '421': $message = _("Service not available, closing channel");
 270             break;
 271         case '432': $message = _("A password transition is needed");
 272             break;
 273         case '450': $message = _("Requested mail action not taken: mailbox unavailable");
 274             break;
 275         case '451': $message = _("Requested action aborted: error in processing");
 276             break;
 277         case '452': $message = _("Requested action not taken: insufficient system storage");
 278             break;
 279         case '454': $message = _("Temporary authentication failure");
 280             break;
 281         case '500': $message = _("Syntax error; command not recognized");
 282             break;
 283         case '501': $message = _("Syntax error in parameters or arguments");
 284             break;
 285         case '502': $message = _("Command not implemented");
 286             break;
 287         case '503': $message = _("Bad sequence of commands");
 288             break;
 289         case '504': $message = _("Command parameter not implemented");
 290             break;
 291         case '530': $message = _("Authentication required");
 292             break;
 293         case '534': $message = _("Authentication mechanism is too weak");
 294             break;
 295         case '535': $message = _("Authentication failed");
 296             break;
 297         case '538': $message = _("Encryption required for requested authentication mechanism");
 298             break;
 299         case '550': $message = _("Requested action not taken: mailbox unavailable");
 300             break;
 301         case '551': $message = _("User not local; please try forwarding");
 302             break;
 303         case '552': $message = _("Requested mail action aborted: exceeding storage allocation");
 304             break;
 305         case '553': $message = _("Requested action not taken: mailbox name not allowed");
 306             break;
 307         case '554': $message = _("Transaction failed");
 308             break;
 309         default:    $message = _("Unknown response");
 310             break;
 311         }
 312
 313         $this->dlv_msg = $message;
 314         $this->dlv_server_msg = nl2br(htmlspecialchars($server_msg));
 315
 316         return true;
 317     }
 318
 319     function authPop($pop_server='', $pop_port='', $user, $pass) {
 320         if (!$pop_port) {
 321             $pop_port = 110;
 322         }
 323         if (!$pop_server) {
 324             $pop_server = 'localhost';
 325         }
 326         $popConnection = fsockopen($pop_server, $pop_port, $err_no, $err_str);
 327         if (!$popConnection) {
 328             error_log("Error connecting to POP Server ($pop_server:$pop_port)"
 329                 . " $err_no : $err_str");
 330         } else {
 331             $tmp = fgets($popConnection, 1024); /* banner */
 332             if (substr($tmp, 0, 3) != '+OK') {
 333                 return(0);
 334             }
 335             fputs($popConnection, "USER $user\r\n");
 336             $tmp = fgets($popConnection, 1024);
 337             if (substr($tmp, 0, 3) != '+OK') {
 338                 return(0);
 339             }
 340             fputs($popConnection, 'PASS ' . $pass . "\r\n");
 341             $tmp = fgets($popConnection, 1024);
 342             if (substr($tmp, 0, 3) != '+OK') {
 343                 return(0);
 344             }
 345             fputs($popConnection, "QUIT\r\n"); /* log off */
 346             fclose($popConnection);
 347         }
 348     }
 349 }
 350
 351 ?>