221ae0ec09e9a00690ffc763bb33296e40526350
[squirrelmail.git] / functions / smtp.php
1 <?php
2
3 /** smtp.php
4 **
5 ** Copyright (c) 1999-2001 The Squirrelmail Development Team
6 ** Licensed under the GNU GPL. For full terms see the file COPYING.
7 **
8 ** This contains all the functions needed to send messages through
9 ** an smtp server or sendmail.
10 **
11 ** $Id$
12 **/
13
14 require_once('../functions/addressbook.php');
15 require_once('../functions/plugin.php');
16
17 global $username, $popuser, $domain;
18
19 // This should most probably go to some initialization...
20 if (ereg("^([^@%/]+)[@%/](.+)$", $username, $usernamedata)) {
21 $popuser = $usernamedata[1];
22 $domain = $usernamedata[2];
23 unset($usernamedata);
24 } else {
25 $popuser = $username;
26 }
27 // We need domain for smtp
28 if (!$domain)
29 $domain = getenv('HOSTNAME');
30
31 // Returns true only if this message is multipart
32 function isMultipart () {
33 global $attachments;
34
35 if (count($attachments)>0)
36 return true;
37 else
38 return false;
39 }
40
41 // looks up aliases in the addressbook and expands them to
42 // the full address.
43 // Adds @$domain if it wasn't in the address book and if it
44 // doesn't have an @ symbol in it
45 function expandAddrs ($array) {
46 global $domain;
47
48 // don't show errors -- kinda critical that we don't see
49 // them here since the redirect won't work if we do show them
50 $abook = addressbook_init(false);
51 for ($i=0; $i < count($array); $i++) {
52 $result = $abook->lookup($array[$i]);
53 $ret = "";
54 if (isset($result['email'])) {
55 if (isset($result['name'])) {
56 $ret = '"'.$result['name'].'" ';
57 }
58 $ret .= '<'.$result['email'].'>';
59 $array[$i] = $ret;
60 }
61 else
62 {
63 if (strpos($array[$i], '@') === false)
64 $array[$i] .= '@' . $domain;
65 $array[$i] = '<' . $array[$i] . '>';
66 }
67 }
68 return $array;
69 }
70
71
72 // looks up aliases in the addressbook and expands them to
73 // the RFC 821 valid RCPT address. ie <user@example.com>
74 // Adds @$domain if it wasn't in the address book and if it
75 // doesn't have an @ symbol in it
76 function expandRcptAddrs ($array) {
77 global $domain;
78
79 // don't show errors -- kinda critical that we don't see
80 // them here since the redirect won't work if we do show them
81 $abook = addressbook_init(false);
82 for ($i=0; $i < count($array); $i++) {
83 $result = $abook->lookup($array[$i]);
84 $ret = "";
85 if (isset($result['email'])) {
86 $ret = '<'.$result['email'].'>';
87 $array[$i] = $ret;
88 }
89 else
90 {
91 if (strpos($array[$i], '@') === false)
92 $array[$i] .= '@' . $domain;
93 $array[$i] = '<' . $array[$i] . '>';
94 }
95 }
96 return $array;
97 }
98
99
100 // Attach the files that are due to be attached
101 function attachFiles ($fp) {
102 global $attachments, $attachment_dir;
103
104 $length = 0;
105
106 if (isMultipart()) {
107 foreach ($attachments as $info)
108 {
109 if (isset($info['type']))
110 $filetype = $info['type'];
111 else
112 $filetype = 'application/octet-stream';
113
114 $header = '--'.mimeBoundary()."\r\n";
115 $header .= "Content-Type: $filetype; name=\"" .
116 $info['remotefilename'] . "\"\r\n";
117 $header .= "Content-Disposition: attachment; filename=\"" .
118 $info['remotefilename'] . "\"\r\n";
119
120 // Use 'rb' for NT systems -- read binary
121 // Unix doesn't care -- everything's binary! :-)
122 $file = fopen ($attachment_dir . $info['localfilename'], 'rb');
123 if (substr($filetype, 0, 5) == 'text/' ||
124 $filetype == 'message/rfc822') {
125 $header .= "\r\n";
126 fputs ($fp, $header);
127 $length += strlen($header);
128 while ($tmp = fgets($file, 4096)) {
129 $tmp = str_replace("\r\n", "\n", $tmp);
130 $tmp = str_replace("\r", "\n", $tmp);
131 $tmp = str_replace("\n", "\r\n", $tmp);
132 if (feof($fp) && substr($tmp, -2) != "\r\n")
133 $tmp .= "\r\n";
134 fputs($fp, $tmp);
135 $length += strlen($tmp);
136 }
137 } else {
138 $header .= "Content-Transfer-Encoding: base64\r\n\r\n";
139 fputs ($fp, $header);
140 $length += strlen($header);
141 while ($tmp = fread($file, 570)) {
142 $encoded = chunk_split(base64_encode($tmp));
143 $length += strlen($encoded);
144 fputs ($fp, $encoded);
145 }
146 }
147 fclose ($file);
148 }
149 }
150
151 return $length;
152 }
153
154 // Delete files that are uploaded for attaching
155 function deleteAttachments() {
156 global $attachments, $attachment_dir;
157
158 if (isMultipart()) {
159 reset($attachments);
160 while (list($localname, $remotename) = each($attachments)) {
161 if (!ereg ("\\/", $localname)) {
162 unlink ($attachment_dir.$localname);
163 unlink ($attachment_dir.$localname.'.info');
164 }
165 }
166 }
167 }
168
169 // Return a nice MIME-boundary
170 function mimeBoundary () {
171 static $mimeBoundaryString;
172
173 if ($mimeBoundaryString == "") {
174 $mimeBoundaryString = "----=_" .
175 GenerateRandomString(60, '\'()+,-./:=?_', 7);
176 }
177
178 return $mimeBoundaryString;
179 }
180
181 /* Time offset for correct timezone */
182 function timezone () {
183 global $invert_time;
184
185 $diff_second = date('Z');
186 if ($invert_time)
187 $diff_second = - $diff_second;
188 if ($diff_second > 0)
189 $sign = '+';
190 else
191 $sign = '-';
192
193 $diff_second = abs($diff_second);
194
195 $diff_hour = floor ($diff_second / 3600);
196 $diff_minute = floor (($diff_second-3600*$diff_hour) / 60);
197
198 $zonename = '('.strftime('%Z').')';
199 $result = sprintf ("%s%02d%02d %s", $sign, $diff_hour, $diff_minute, $zonename);
200 return ($result);
201 }
202
203 /* Print all the needed RFC822 headers */
204 function write822Header ($fp, $t, $c, $b, $subject, $more_headers) {
205 global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT;
206 global $data_dir, $username, $popuser, $domain, $version, $useSendmail;
207 global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR;
208 global $REMOTE_HOST, $identity;
209
210 // Storing the header to make sure the header is the same
211 // everytime the header is printed.
212 static $header, $headerlength;
213
214 if ($header == '') {
215 $to = expandAddrs(parseAddrs($t));
216 $cc = expandAddrs(parseAddrs($c));
217 $bcc = expandAddrs(parseAddrs($b));
218 if (isset($identity) && $identity != 'default')
219 {
220 $reply_to = getPref($data_dir, $username, 'reply_to' . $identity);
221 $from = getPref($data_dir, $username, 'full_name' . $identity);
222 $from_addr = getPref($data_dir, $username, 'email_address' . $identity);
223 }
224 else
225 {
226 $reply_to = getPref($data_dir, $username, 'reply_to');
227 $from = getPref($data_dir, $username, 'full_name');
228 $from_addr = getPref($data_dir, $username, 'email_address');
229 }
230
231 if ($from_addr == '')
232 $from_addr = $popuser.'@'.$domain;
233
234 $to_list = getLineOfAddrs($to);
235 $cc_list = getLineOfAddrs($cc);
236 $bcc_list = getLineOfAddrs($bcc);
237
238 /* Encoding 8-bit characters and making from line */
239 $subject = encodeHeader($subject);
240 if ($from == '')
241 $from = "<$from_addr>";
242 else
243 $from = '"' . encodeHeader($from) . "\" <$from_addr>";
244
245 /* This creates an RFC 822 date */
246 $date = date("D, j M Y H:i:s ", mktime()) . timezone();
247
248 /* Create a message-id */
249 $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.';
250 $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>';
251
252 /* Make an RFC822 Received: line */
253 if (isset($REMOTE_HOST))
254 $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
255 else
256 $received_from = $REMOTE_ADDR;
257
258 if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
259 if ($HTTP_X_FORWARDED_FOR == '')
260 $HTTP_X_FORWARDED_FOR = 'unknown';
261 $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
262 }
263
264 $header = "Received: from $received_from\r\n";
265 $header .= " (SquirrelMail authenticated user $username)\r\n";
266 $header .= " by $SERVER_NAME with HTTP;\r\n";
267 $header .= " $date\r\n";
268
269 /* Insert the rest of the header fields */
270 $header .= "Message-ID: $message_id\r\n";
271 $header .= "Date: $date\r\n";
272 $header .= "Subject: $subject\r\n";
273 $header .= "From: $from\r\n";
274 $header .= "To: $to_list\r\n"; // Who it's TO
275
276 /* Insert headers from the $more_headers array */
277 if(is_array($more_headers)) {
278 reset($more_headers);
279 while(list($h_name, $h_val) = each($more_headers)) {
280 $header .= sprintf("%s: %s\r\n", $h_name, $h_val);
281 }
282 }
283
284 if ($cc_list) {
285 $header .= "Cc: $cc_list\r\n"; // Who the CCs are
286 }
287
288 if ($reply_to != '')
289 $header .= "Reply-To: $reply_to\r\n";
290
291 if ($useSendmail) {
292 if ($bcc_list) {
293 // BCCs is removed from header by sendmail
294 $header .= "Bcc: $bcc_list\r\n";
295 }
296 }
297
298 $header .= "X-Mailer: SquirrelMail (version $version)\r\n"; // Identify SquirrelMail
299
300 // Do the MIME-stuff
301 $header .= "MIME-Version: 1.0\r\n";
302
303 if (isMultipart()) {
304 $header .= 'Content-Type: multipart/mixed; boundary="';
305 $header .= mimeBoundary();
306 $header .= "\"\r\n";
307 } else {
308 if ($default_charset != '')
309 $header .= "Content-Type: text/plain; charset=$default_charset\r\n";
310 else
311 $header .= "Content-Type: text/plain;\r\n";
312 $header .= "Content-Transfer-Encoding: 8bit\r\n";
313 }
314 $header .= "\r\n"; // One blank line to separate header and body
315
316 $headerlength = strlen($header);
317 }
318
319 // Write the header
320 fputs ($fp, $header);
321
322 return $headerlength;
323 }
324
325 // Send the body
326 function writeBody ($fp, $passedBody) {
327 global $default_charset;
328
329 $attachmentlength = 0;
330
331 if (isMultipart()) {
332 $body = '--'.mimeBoundary()."\r\n";
333
334 if ($default_charset != "")
335 $body .= "Content-Type: text/plain; charset=$default_charset\r\n";
336 else
337 $body .= "Content-Type: text/plain\r\n";
338
339 $body .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
340 $body .= $passedBody . "\r\n\r\n";
341 fputs ($fp, $body);
342
343 $attachmentlength = attachFiles($fp);
344
345 if (!isset($postbody)) $postbody = "";
346 $postbody .= "\r\n--".mimeBoundary()."--\r\n\r\n";
347 fputs ($fp, $postbody);
348 } else {
349 $body = $passedBody . "\r\n";
350 fputs ($fp, $body);
351 $postbody = "\r\n";
352 fputs ($fp, $postbody);
353 }
354
355 return (strlen($body) + strlen($postbody) + $attachmentlength);
356 }
357
358 // Send mail using the sendmail command
359 function sendSendmail($t, $c, $b, $subject, $body, $more_headers) {
360 global $sendmail_path, $popuser, $username, $domain;
361
362 // Build envelope sender address. Make sure it doesn't contain
363 // spaces or other "weird" chars that would allow a user to
364 // exploit the shell/pipe it is used in.
365 $envelopefrom = "$popuser@$domain";
366 $envelopefrom = ereg_replace("[[:blank:]]",'', $envelopefrom);
367 $envelopefrom = ereg_replace("[[:space:]]",'', $envelopefrom);
368 $envelopefrom = ereg_replace("[[:cntrl:]]",'', $envelopefrom);
369
370 // open pipe to sendmail or qmail-inject (qmail-inject doesn't accept -t param)
371 if (strstr($sendmail_path, "qmail-inject")) {
372 $fp = popen (escapeshellcmd("$sendmail_path -f$envelopefrom"), "w");
373 } else {
374 $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), "w");
375 }
376
377 $headerlength = write822Header ($fp, $t, $c, $b, $subject, $more_headers);
378 $bodylength = writeBody($fp, $body);
379
380 pclose($fp);
381
382 return ($headerlength + $bodylength);
383 }
384
385 function smtpReadData($smtpConnection) {
386 $read = fgets($smtpConnection, 1024);
387 $counter = 0;
388 while ($read) {
389 echo $read . '<BR>';
390 $data[$counter] = $read;
391 $read = fgets($smtpConnection, 1024);
392 $counter++;
393 }
394 }
395
396 function sendSMTP($t, $c, $b, $subject, $body, $more_headers) {
397 global $username, $popuser, $domain, $version, $smtpServerAddress,
398 $smtpPort, $data_dir, $color, $use_authenticated_smtp, $identity,
399 $key, $onetimepad;
400
401 $to = expandRcptAddrs(parseAddrs($t));
402 $cc = expandRcptAddrs(parseAddrs($c));
403 $bcc = expandRcptAddrs(parseAddrs($b));
404 if (isset($identity) && $identity != 'default')
405 $from_addr = getPref($data_dir, $username, 'email_address' . $identity);
406 else
407 $from_addr = getPref($data_dir, $username, 'email_address');
408
409 if (!$from_addr)
410 $from_addr = "$popuser@$domain";
411
412 $smtpConnection = fsockopen($smtpServerAddress, $smtpPort, $errorNumber, $errorString);
413 if (!$smtpConnection) {
414 echo 'Error connecting to SMTP Server.<br>';
415 echo "$errorNumber : $errorString<br>";
416 exit;
417 }
418 $tmp = fgets($smtpConnection, 1024);
419 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
420
421 $to_list = getLineOfAddrs($to);
422 $cc_list = getLineOfAddrs($cc);
423
424 /** Lets introduce ourselves */
425 if (! isset ($use_authenticated_smtp) || $use_authenticated_smtp == false) {
426 fputs($smtpConnection, "HELO $domain\r\n");
427 $tmp = fgets($smtpConnection, 1024);
428 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
429 } else {
430 fputs($smtpConnection, "EHLO $domain\r\n");
431 $tmp = fgets($smtpConnection, 1024);
432 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
433
434 fputs($smtpConnection, "AUTH LOGIN\r\n");
435 $tmp = fgets($smtpConnection, 1024);
436 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
437
438 fputs($smtpConnection, base64_encode ($username) . "\r\n");
439 $tmp = fgets($smtpConnection, 1024);
440 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
441
442 fputs($smtpConnection, base64_encode (OneTimePadDecrypt($key, $onetimepad)) . "\r\n");
443 $tmp = fgets($smtpConnection, 1024);
444 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
445 }
446
447 /** Ok, who is sending the message? */
448 fputs($smtpConnection, "MAIL FROM: <$from_addr>\r\n");
449 $tmp = fgets($smtpConnection, 1024);
450 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
451
452 /** send who the recipients are */
453 for ($i = 0; $i < count($to); $i++) {
454 fputs($smtpConnection, "RCPT TO: $to[$i]\r\n");
455 $tmp = fgets($smtpConnection, 1024);
456 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
457 }
458 for ($i = 0; $i < count($cc); $i++) {
459 fputs($smtpConnection, "RCPT TO: $cc[$i]\r\n");
460 $tmp = fgets($smtpConnection, 1024);
461 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
462 }
463 for ($i = 0; $i < count($bcc); $i++) {
464 fputs($smtpConnection, "RCPT TO: $bcc[$i]\r\n");
465 $tmp = fgets($smtpConnection, 1024);
466 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
467 }
468
469 /** Lets start sending the actual message */
470 fputs($smtpConnection, "DATA\r\n");
471 $tmp = fgets($smtpConnection, 1024);
472 if (errorCheck($tmp, $smtpConnection)!=5) return(0);
473
474 // Send the message
475 $headerlength = write822Header ($smtpConnection, $t, $c, $b, $subject, $more_headers);
476 $bodylength = writeBody($smtpConnection, $body);
477
478 fputs($smtpConnection, ".\r\n"); // end the DATA part
479 $tmp = fgets($smtpConnection, 1024);
480 $num = errorCheck($tmp, $smtpConnection, true);
481 if ($num != 250) {
482 $tmp = nl2br(htmlspecialchars($tmp));
483 displayPageHeader($color, 'None');
484 include_once('../functions/display_messages.php');
485 $msg = "Message not sent!<br>\nReason given: $tmp";
486 plain_error_message($msg, $color);
487 return(0);
488 }
489
490 fputs($smtpConnection, "QUIT\r\n"); // log off
491
492 fclose($smtpConnection);
493
494 return ($headerlength + $bodylength);
495 }
496
497
498 function errorCheck($line, $smtpConnection, $verbose = false) {
499 global $color;
500
501 // Read new lines on a multiline response
502 $lines = $line;
503 while(ereg("^[0-9]+-", $line)) {
504 $line = fgets($smtpConnection, 1024);
505 $lines .= $line;
506 }
507
508 // Status: 0 = fatal
509 // 5 = ok
510
511 $err_num = substr($line, 0, strpos($line, " "));
512 switch ($err_num) {
513 case 500: $message = 'Syntax error; command not recognized';
514 $status = 0;
515 break;
516 case 501: $message = 'Syntax error in parameters or arguments';
517 $status = 0;
518 break;
519 case 502: $message = 'Command not implemented';
520 $status = 0;
521 break;
522 case 503: $message = 'Bad sequence of commands';
523 $status = 0;
524 break;
525 case 504: $message = 'Command parameter not implemented';
526 $status = 0;
527 break;
528
529
530 case 211: $message = 'System status, or system help reply';
531 $status = 5;
532 break;
533 case 214: $message = 'Help message';
534 $status = 5;
535 break;
536
537
538 case 220: $message = 'Service ready';
539 $status = 5;
540 break;
541 case 221: $message = 'Service closing transmission channel';
542 $status = 5;
543 break;
544 case 421: $message = 'Service not available, closing chanel';
545 $status = 0;
546 break;
547
548 case 235: return(5); break;
549 case 250: $message = 'Requested mail action okay, completed';
550 $status = 5;
551 break;
552 case 251: $message = 'User not local; will forward';
553 $status = 5;
554 break;
555 case 334: return(5); break;
556 case 450: $message = 'Requested mail action not taken: mailbox unavailable';
557 $status = 0;
558 break;
559 case 550: $message = 'Requested action not taken: mailbox unavailable';
560 $status = 0;
561 break;
562 case 451: $message = 'Requested action aborted: error in processing';
563 $status = 0;
564 break;
565 case 551: $message = 'User not local; please try forwarding';
566 $status = 0;
567 break;
568 case 452: $message = 'Requested action not taken: insufficient system storage';
569 $status = 0;
570 break;
571 case 552: $message = 'Requested mail action aborted: exceeding storage allocation';
572 $status = 0;
573 break;
574 case 553: $message = 'Requested action not taken: mailbox name not allowed';
575 $status = 0;
576 break;
577 case 354: $message = 'Start mail input; end with .';
578 $status = 5;
579 break;
580 case 554: $message = 'Transaction failed';
581 $status = 0;
582 break;
583 default: $message = 'Unknown response: '. nl2br(htmlspecialchars($lines));
584 $status = 0;
585 $error_num = '001';
586 break;
587 }
588
589 if ($status == 0) {
590 include_once('../functions/page_header.php');
591 displayPageHeader($color, 'None');
592 include_once('../functions/display_messages.php');
593 $lines = nl2br(htmlspecialchars($lines));
594 $msg = $message . "<br>\nServer replied: $lines";
595 plain_error_message($msg, $color);
596 }
597 if (! $verbose) return $status;
598 return $err_num;
599 }
600
601 function sendMessage($t, $c, $b, $subject, $body, $reply_id, $prio = 3) {
602 global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad;
603 global $data_dir, $username, $domain, $key, $version, $sent_folder, $imapServerAddress, $imapPort;
604 global $default_use_priority;
605 global $more_headers;
606 $more_headers = Array();
607
608 do_hook("smtp_send");
609
610 $imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
611
612 if (isset($reply_id) && $reply_id) {
613 sqimap_mailbox_select ($imap_stream, $mailbox);
614 sqimap_messages_flag ($imap_stream, $reply_id, $reply_id, 'Answered');
615
616 // Insert In-Reply-To and References headers if the
617 // message-id of the message we reply to is set (longer than "<>")
618 // The References header should really be the old Referenced header
619 // with the message ID appended, but it can be only the message ID too.
620 $hdr = sqimap_get_small_header ($imap_stream, $reply_id, false);
621 if(strlen($hdr->message_id) > 2) {
622 $more_headers['In-Reply-To'] = $hdr->message_id;
623 $more_headers['References'] = $hdr->message_id;
624 }
625 }
626 if ($default_use_priority) {
627 $more_headers = array_merge($more_headers, createPriorityHeaders($prio));
628 }
629
630 // In order to remove the problem of users not able to create
631 // messages with "." on a blank line, RFC821 has made provision
632 // in section 4.5.2 (Transparency).
633 $body = ereg_replace("\n\\.", "\n..", $body);
634 $body = ereg_replace("^\\.", "..", $body);
635
636 // this is to catch all plain \n instances and
637 // replace them with \r\n. All newlines were converted
638 // into just \n inside the compose.php file.
639 $body = ereg_replace("\n", "\r\n", $body);
640
641 if ($useSendmail) {
642 $length = sendSendmail($t, $c, $b, $subject, $body, $more_headers);
643 } else {
644 $length = sendSMTP($t, $c, $b, $subject, $body, $more_headers);
645 }
646
647 if (sqimap_mailbox_exists ($imap_stream, $sent_folder)) {
648 sqimap_append ($imap_stream, $sent_folder, $length);
649 write822Header ($imap_stream, $t, $c, $b, $subject, $more_headers);
650 writeBody ($imap_stream, $body);
651 sqimap_append_done ($imap_stream);
652 }
653 sqimap_logout($imap_stream);
654 // Delete the files uploaded for attaching (if any).
655 // only if $length != 0 (if there was no error)
656 if ($length)
657 ClearAttachments();
658
659 return $length;
660 }
661
662 function createPriorityHeaders($prio) {
663 $prio_headers = Array();
664 $prio_headers["X-Priority"] = $prio;
665
666 switch($prio) {
667 case 1: $prio_headers["Importance"] = "High";
668 $prio_headers["X-MSMail-Priority"] = "High";
669 break;
670
671 case 3: $prio_headers["Importance"] = "Normal";
672 $prio_headers["X-MSMail-Priority"] = "Normal";
673 break;
674
675 case 5:
676 $prio_headers["Importance"] = "Low";
677 $prio_headers["X-MSMail-Priority"] = "Low";
678 break;
679 }
680 return $prio_headers;
681 }
682 ?>