Add check and paniclog attempts to do so. Bug 1411 (WONTFIX).
from one SMTP connection to another. If a recipient-verify callout connection is
requested in the same ACL it is held open and used for the data, otherwise one is made
after the ACL completes.
from one SMTP connection to another. If a recipient-verify callout connection is
requested in the same ACL it is held open and used for the data, otherwise one is made
after the ACL completes.
-Note that routers are used in verify mode.
+
+Note that routers are used in verify mode. Note also that headers cannot be
+modified by any of the post-data ACLs (DATA, MIME and DKIM).
Should the ultimate destination system positively accept or reject the mail,
a corresponding indication is given to the source system and nothing is queued.
Should the ultimate destination system positively accept or reject the mail,
a corresponding indication is given to the source system and nothing is queued.
add_header = X-blacklisted-at: $dnslist_domain
.endd
The &%add_header%& modifier is permitted in the MAIL, RCPT, PREDATA, DATA,
add_header = X-blacklisted-at: $dnslist_domain
.endd
The &%add_header%& modifier is permitted in the MAIL, RCPT, PREDATA, DATA,
-MIME, and non-SMTP ACLs (in other words, those that are concerned with
+MIME, DKIM, and non-SMTP ACLs (in other words, those that are concerned with
receiving a message). The message must ultimately be accepted for
&%add_header%& to have any significant effect. You can use &%add_header%& with
any ACL verb, including &%deny%& (though this is potentially useful only in a
RCPT ACL).
receiving a message). The message must ultimately be accepted for
&%add_header%& to have any significant effect. You can use &%add_header%& with
any ACL verb, including &%deny%& (though this is potentially useful only in a
RCPT ACL).
+Headers will not be added to the message if the modifier is used in
+DATA, MIME or DKIM ACLs for messages delivered by cutthrough routing.
+
Leading and trailing newlines are removed from
the data for the &%add_header%& modifier; if it then
contains one or more newlines that
Leading and trailing newlines are removed from
the data for the &%add_header%& modifier; if it then
contains one or more newlines that
remove_header = x-route-mail1 : x-route-mail2
.endd
The &%remove_header%& modifier is permitted in the MAIL, RCPT, PREDATA, DATA,
remove_header = x-route-mail1 : x-route-mail2
.endd
The &%remove_header%& modifier is permitted in the MAIL, RCPT, PREDATA, DATA,
-MIME, and non-SMTP ACLs (in other words, those that are concerned with
+MIME, DKIM, and non-SMTP ACLs (in other words, those that are concerned with
receiving a message). The message must ultimately be accepted for
&%remove_header%& to have any significant effect. You can use &%remove_header%&
with any ACL verb, including &%deny%&, though this is really not useful for
any verb that doesn't result in a delivered message.
receiving a message). The message must ultimately be accepted for
&%remove_header%& to have any significant effect. You can use &%remove_header%&
with any ACL verb, including &%deny%&, though this is really not useful for
any verb that doesn't result in a delivered message.
+Headers will not be removed to the message if the modifier is used in
+DATA, MIME or DKIM ACLs for messages delivered by cutthrough routing.
+
More than one header can be removed at the same time by using a colon separated
list of header names. The header matching is case insensitive. Wildcards are
not permitted, nor is list expansion performed, so you cannot use hostlists to
More than one header can be removed at the same time by using a colon separated
list of header names. The header matching is case insensitive. Wildcards are
not permitted, nor is list expansion performed, so you cannot use hostlists to
-add_acl_headers(uschar *acl_name)
+add_acl_headers(int where, uschar *acl_name)
{
header_line *h, *next;
header_line *last_received = NULL;
{
header_line *h, *next;
header_line *last_received = NULL;
+switch(where)
+ {
+ case ACL_WHERE_DKIM:
+ case ACL_WHERE_MIME:
+ case ACL_WHERE_DATA: if (cutthrough_fd >= 0 && (acl_removed_headers || acl_added_headers))
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "Header modification in data ACLs"
+ "will not take effect on cutthrough deliveries");
+ return;
+ }
+ }
+
if (acl_removed_headers != NULL)
{
DEBUG(D_receive|D_acl) debug_printf(">>Headers removed by %s ACL:\n", acl_name);
if (acl_removed_headers != NULL)
{
DEBUG(D_receive|D_acl) debug_printf(">>Headers removed by %s ACL:\n", acl_name);
-add_acl_headers(US"MIME");
+add_acl_headers(ACL_WHERE_MIME, US"MIME");
if (rc == DISCARD)
{
recipients_count = 0;
if (rc == DISCARD)
{
recipients_count = 0;
goto TIDYUP; /* Skip to end of function */
}
received_header_gen();
goto TIDYUP; /* Skip to end of function */
}
received_header_gen();
- add_acl_headers(US"MAIL or RCPT");
+ add_acl_headers(ACL_WHERE_RCPT, US"MAIL or RCPT");
(void) cutthrough_headers_send();
}
(void) cutthrough_headers_send();
}
/* If an ACL from any RCPT commands set up any warning headers to add, do so
now, before running the DATA ACL. */
/* If an ACL from any RCPT commands set up any warning headers to add, do so
now, before running the DATA ACL. */
- add_acl_headers(US"MAIL or RCPT");
+ add_acl_headers(ACL_WHERE_RCPT, US"MAIL or RCPT");
}
else
message_body_size = (fstat(data_fd, &statbuf) == 0)?
}
else
message_body_size = (fstat(data_fd, &statbuf) == 0)?
- add_acl_headers(US"DKIM");
+ add_acl_headers(ACL_WHERE_DKIM, US"DKIM");
if (rc == DISCARD)
{
recipients_count = 0;
if (rc == DISCARD)
{
recipients_count = 0;
if (acl_smtp_data != NULL && recipients_count > 0)
{
rc = acl_check(ACL_WHERE_DATA, NULL, acl_smtp_data, &user_msg, &log_msg);
if (acl_smtp_data != NULL && recipients_count > 0)
{
rc = acl_check(ACL_WHERE_DATA, NULL, acl_smtp_data, &user_msg, &log_msg);
- add_acl_headers(US"DATA");
+ add_acl_headers(ACL_WHERE_DATA, US"DATA");
if (rc == DISCARD)
{
recipients_count = 0;
if (rc == DISCARD)
{
recipients_count = 0;
/* Does not return */
}
}
/* Does not return */
}
}
- add_acl_headers(US"non-SMTP");
+ add_acl_headers(ACL_WHERE_NOTSMTP, US"non-SMTP");