test whether it was successful or not. (This is for optional verification; for
mandatory verification, the connection doesn't last this long.) */
- if (tls_in.certificate_verified) return OK;
- *user_msgptr = US"no verified certificate";
- return FAIL;
+ if (tls_in.certificate_verified) return OK;
+ *user_msgptr = US"no verified certificate";
+ return FAIL;
case VERIFY_HELO:
/* We can test the result of optional HELO verification that might have
occurred earlier. If not, we can attempt the verification now. */
- if (!helo_verified && !helo_verify_failed) smtp_verify_helo();
- return helo_verified? OK : FAIL;
+ if (!helo_verified && !helo_verify_failed) smtp_verify_helo();
+ return helo_verified? OK : FAIL;
case VERIFY_CSA:
/* Do Client SMTP Authorization checks in a separate function, and turn the
result code into user-friendly strings. */
- rc = acl_verify_csa(list);
- *log_msgptr = *user_msgptr = string_sprintf("client SMTP authorization %s",
+ rc = acl_verify_csa(list);
+ *log_msgptr = *user_msgptr = string_sprintf("client SMTP authorization %s",
csa_reason_string[rc]);
- csa_status = csa_status_string[rc];
- DEBUG(D_acl) debug_printf("CSA result %s\n", csa_status);
- return csa_return_code[rc];
+ csa_status = csa_status_string[rc];
+ DEBUG(D_acl) debug_printf("CSA result %s\n", csa_status);
+ return csa_return_code[rc];
case VERIFY_HDR_SYNTAX:
/* Check that all relevant header lines have the correct syntax. If there is
always). */
rc = verify_check_headers(log_msgptr);
- if (rc != OK && smtp_return_error_details && *log_msgptr != NULL)
- *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr);
+ if (rc != OK && *log_msgptr)
+ if (smtp_return_error_details)
+ *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr);
+ else
+ acl_verify_message = *log_msgptr;
return rc;
case VERIFY_HDR_NAMES_ASCII:
case ACLC_VERIFY:
rc = acl_verify(where, addr, arg, user_msgptr, log_msgptr, basic_errno);
- acl_verify_message = *user_msgptr;
+ if (*user_msgptr)
+ acl_verify_message = *user_msgptr;
if (verb == ACL_WARN) *user_msgptr = NULL;
break;
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test failed in ACL "check_message"
->>> end of ACL "check_message": not OK
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> check logwrite = acl_verify_message: '$acl_verify_message'
+>>> = acl_verify_message: ''>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z'
+LOG: 10HmaY-0005vi-00 acl_verify_message: ''>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z'
+>>> deny: condition test succeeded in ACL "check_message"
+>>> end of ACL "check_message": DENY
LOG: 10HmaY-0005vi-00 H=[V4NET.10.10.10] F=<userx@exim.test.ex> rejected after DATA: '>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test failed in ACL "check_message"
->>> end of ACL "check_message": not OK
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> check logwrite = acl_verify_message: '$acl_verify_message'
+>>> = acl_verify_message: ''>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z'
+LOG: 10HmaZ-0005vi-00 acl_verify_message: ''>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z'
+>>> deny: condition test succeeded in ACL "check_message"
+>>> end of ACL "check_message": DENY
LOG: 10HmaZ-0005vi-00 H=[V4NET.10.10.10] F=<userx@exim.test.ex> rejected after DATA: '>' missing at end of address: failing address in "Cc:" header is: <abcd@x.y.z
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test failed in ACL "check_message"
->>> end of ACL "check_message": not OK
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> check logwrite = acl_verify_message: '$acl_verify_message'
+>>> = acl_verify_message: ''>' missing at end of address: failing address in "Resent-To:" header is: <xyz@a.b.c.d'
+LOG: 10HmbA-0005vi-00 acl_verify_message: ''>' missing at end of address: failing address in "Resent-To:" header is: <xyz@a.b.c.d'
+>>> deny: condition test succeeded in ACL "check_message"
+>>> end of ACL "check_message": DENY
LOG: 10HmbA-0005vi-00 H=[V4NET.10.10.10] F=<userx@exim.test.ex> rejected after DATA: '>' missing at end of address: failing address in "Resent-To:" header is: <xyz@a.b.c.d
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test failed in ACL "check_message"
->>> end of ACL "check_message": not OK
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> check logwrite = acl_verify_message: '$acl_verify_message'
+>>> = acl_verify_message: 'unmatched doublequote in local part: failing address in "Cc:" header begins: "abcd@x.y.z (missing quote),\n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addre'
+LOG: 10HmbB-0005vi-00 acl_verify_message: 'unmatched doublequote in local part: failing address in "Cc:" header begins: "abcd@x.y.z (missing quote),\n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addre'
+>>> deny: condition test succeeded in ACL "check_message"
+>>> end of ACL "check_message": DENY
LOG: 10HmbB-0005vi-00 H=[V4NET.10.10.10] F=<userx@exim.test.ex> rejected after DATA: unmatched doublequote in local part: failing address in "Cc:" header begins: "abcd@x.y.z (missing quote),\n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addresses.addresses.addresses, \n longlonglonglonglong@long.long.long.long.long.long.long.long,\n listlistlistlistlist@list.list.list.list.list.list.list.list,\n ofofofofofofofofofof@of.of.of.of.of.of.of.of.of.of.of.of.of,\n addressesaddresses@addresses.addre
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test failed in ACL "check_message"
->>> end of ACL "check_message": not OK
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> check logwrite = acl_verify_message: '$acl_verify_message'
+>>> = acl_verify_message: 'unqualified address not permitted: failing address in "Cc:" header is: <abcd>'
+LOG: 10HmbC-0005vi-00 acl_verify_message: 'unqualified address not permitted: failing address in "Cc:" header is: <abcd>'
+>>> deny: condition test succeeded in ACL "check_message"
+>>> end of ACL "check_message": DENY
LOG: 10HmbC-0005vi-00 H=[V4NET.10.10.10] F=<userx@exim.test.ex> rejected after DATA: unqualified address not permitted: failing address in "Cc:" header is: <abcd>
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> end of inline ACL: ACCEPT
>>> host in ignore_fromline_hosts? no (option unset)
>>> using ACL "check_message"
->>> processing "require"
->>> check verify = header_syntax
->>> require: condition test succeeded in ACL "check_message"
+>>> processing "deny"
+>>> check !verify = header_syntax
+>>> deny: condition test failed in ACL "check_message"
>>> processing "accept"
>>> accept: condition test succeeded in ACL "check_message"
>>> end of ACL "check_message": ACCEPT
git://git.exim.org / exim.git / commitdiff