1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) The Exim Maintainers 2020 - 2023 */
6 /* Copyright (c) University of Cambridge 1995 - 2018 */
7 /* See the file NOTICE for conditions of use and distribution. */
8 /* SPDX-License-Identifier: GPL-2.0-or-later */
11 /* These two macros make it possible to obtain the result of macro-expanding
12 a string as a text string. This is sometimes useful for debugging output. */
14 #define mac_string(s) # s
15 #define mac_expanded_string(s) mac_string(s)
17 /* Number of elements of an array */
18 #define nelem(arr) (sizeof(arr) / sizeof(*arr))
20 /* Maximum of two items */
22 # define MAX(a,b) ((a) > (b) ? (a) : (b))
26 /* When running in the test harness, the load average is fudged. */
28 #define OS_GETLOADAVG() \
29 (f.running_in_test_harness? (test_harness_load_avg += 10) : os_getloadavg())
32 /* The address_item structure has a struct full of 1-bit flags. These macros
35 #define setflag(addr, flagname) addr->flags.flagname = TRUE
36 #define clearflag(addr, flagname) addr->flags.flagname = FALSE
38 #define testflag(addr, flagname) (addr->flags.flagname)
40 #define copyflag(addrnew, addrold, flagname) \
41 addrnew->flags.flagname = addrold->flags.flagname
44 /* For almost all calls to convert things to printing characters, we want to
45 allow tabs & spaces. A macro just makes life a bit easier. */
47 #define string_printing(s) string_printing2((s), 0)
49 #define SP_SPACE BIT(1)
52 /* We need a special return code for "no recipients and failed to send an error
53 message". ANSI C defines only EXIT_FAILURE and EXIT_SUCCESS. On the assumption
54 that these are always 1 and 0 on Unix systems ... */
56 #define EXIT_NORECIPIENTS 2
59 /* Character-handling macros. It seems that the set of standard functions in
60 ctype.h aren't actually all that useful. One reason for this is that email is
61 international, so the concept of using a locale to vary what they do is not
62 helpful. Another problem is that in different operating systems, the libraries
63 yield different results, even in the default locale. For example, Linux yields
64 TRUE for iscntrl() for all characters > 127, whereas many other systems yield
65 FALSE. For these reasons we define our own set of macros for a number of
66 character testing functions. Ensure that all these tests treat their arguments
69 #define mac_iscntrl(c) \
70 ((uschar)(c) < 32 || (uschar)(c) == 127)
72 #define mac_iscntrl_or_special(c) \
73 ((uschar)(c) < 32 || strchr(" ()<>@,;:\\\".[]\177", (uschar)(c)) != NULL)
75 #define mac_isgraph(c) \
76 ((uschar)(c) > 32 && (uschar)(c) != 127)
78 #define mac_isprint(c) \
79 (((uschar)(c) >= 32 && (uschar)(c) <= 126) || c == '\t' || \
80 ((uschar)(c) > 127 && print_topbitchars))
83 /* When built with TLS support, the act of flushing SMTP output becomes
84 a no-op once an SSL session is in progress. */
87 #define mac_smtp_fflush() if (tls_in.active.sock < 0) fflush(smtp_out);
89 #define mac_smtp_fflush() fflush(smtp_out);
93 /* Define which ends of pipes are for reading and writing, as some systems
94 don't make the file descriptors two-way. */
99 /* The RFC 1413 ident port */
101 #define IDENT_PORT 113
103 /* A macro to simplify testing bits in lookup types */
105 #define mac_islookup(a,b) ((lookup_list[a]->type & (b)) != 0)
107 /* Debugging control */
109 #define LOG_NAME_SIZE 256
110 #define DEBUG(x) if (debug_selector & (x))
111 #define HDEBUG(x) if (host_checking || debug_selector & (x))
113 /* The default From: text for DSNs */
115 #define DEFAULT_DSN_FROM "Mail Delivery System <Mailer-Daemon@$qualify_domain>"
117 /* The size of the vector for saving/restoring address expansion pointers while
118 verifying. This has to be explicit because it is referenced in more than one
121 #define ADDRESS_EXPANSIONS_COUNT 19
123 /* The maximum permitted number of command-line (-D) macro definitions. We
124 need a limit only to make it easier to generate argument vectors for re-exec
127 #define MAX_CLMACROS 10
129 /* The number of integer variables available in filter files. If this is
130 changed, then the tables in expand.c for accessing them must be changed too. */
132 #define FILTER_VARIABLE_COUNT 10
134 /* The size of the vector holding delay warning times */
136 #define DELAY_WARNING_SIZE 12
138 /* The size of the buffer holding the processing information string. */
140 #define PROCESS_INFO_SIZE 384
142 /* The size of buffer to get for constructing log entries. Make it big
143 enough to hold all the headers from a normal kind of message. */
145 #define LOG_BUFFER_SIZE 8192
147 /* The size of the circular buffer that remembers recent SMTP commands */
149 #define SMTP_HBUFF_SIZE 20
150 #define SMTP_HBUFF_PREV(n) ((n) ? (n)-1 : SMTP_HBUFF_SIZE-1)
152 /* The initial size of a big buffer for use in various places. It gets put
153 into big_buffer_size and in some circumstances increased. It should be at least
154 as long as the maximum path length PLUS room for string additions.
155 Let's go with "at least twice as large as maximum path length".
158 #ifdef AUTH_HEIMDAL_GSSAPI
159 /* RFC 4121 section 5.2, SHOULD support 64K input buffers */
160 # define __BIG_BUFFER_SIZE 65536
162 # define __BIG_BUFFER_SIZE 16384
166 /* exim.h will have ensured this exists before including us. */
167 # error headers confusion, PATH_MAX missing in macros.h
169 #if (PATH_MAX*2) > __BIG_BUFFER_SIZE
170 # define BIG_BUFFER_SIZE (PATH_MAX*2)
172 # define BIG_BUFFER_SIZE __BIG_BUFFER_SIZE
175 /* header size of pipe content
176 currently: char id, char subid, char[5] length */
177 #define PIPE_HEADER_SIZE 7
179 /* This limits the length of data returned by local_scan(). Because it is
180 written on the spool, it gets read into big_buffer. */
182 #define LOCAL_SCAN_MAX_RETURN (BIG_BUFFER_SIZE - 24)
184 /* The length of the base names of spool files, which consist of an internal
185 message id with a trailing "-H" or "-D" added. */
187 #define SPOOL_NAME_LENGTH_OLD (MESSAGE_ID_LENGTH_OLD + 2)
188 #define SPOOL_NAME_LENGTH (MESSAGE_ID_LENGTH + 2)
190 /* The maximum number of message ids to store in a waiting database
191 record, and the max number of continuation records allowed. */
193 #define WAIT_NAME_MAX 50
194 #define WAIT_CONT_MAX 1000
196 /* Fixed option values for all PCRE functions */
198 #define PCRE_COPT 0 /* compile */
199 #define PCRE_EOPT 0 /* exec */
201 /* Macros for trivial functions */
204 #define str(x) xstr(x) /* stringize, expanding macros in arg first */
205 #define mac_ismsgid(s) (regex_match(regex_ismsgid, (s), -1, NULL))
208 /* Options for dns_next_rr */
210 enum { RESET_NEXT, RESET_ANSWERS, RESET_AUTHORITY, RESET_ADDITIONAL };
212 /* Argument values for the time-of-day function */
214 enum { tod_log, tod_log_bare, tod_log_zone, tod_log_datestamp_daily,
215 tod_log_datestamp_monthly, tod_zone, tod_full, tod_bsdin,
216 tod_mbx, tod_epoch, tod_epoch_l, tod_zulu };
218 /* For identifying types of driver */
226 /* Error numbers for generating error messages when reading a message on the
230 ERRMESS_BADARGADDRESS, /* Bad address via argument list */
231 ERRMESS_BADADDRESS, /* Bad address read via -t */
232 ERRMESS_NOADDRESS, /* Message has no addresses */
233 ERRMESS_IGADDRESS, /* All -t addresses ignored */
234 ERRMESS_BADNOADDRESS, /* Bad address via -t, leaving none */
235 ERRMESS_IOERR, /* I/O error while reading a message */
236 ERRMESS_VLONGHEADER, /* Excessively long message header */
237 ERRMESS_VLONGHDRLINE, /* Excessively long single line in header */
238 ERRMESS_TOOBIG, /* Message too big */
239 ERRMESS_TOOMANYRECIP, /* Too many recipients */
240 ERRMESS_LOCAL_SCAN, /* Rejected by local scan */
241 ERRMESS_LOCAL_ACL /* Rejected by non-SMTP ACL */
243 ,ERRMESS_DMARC_FORENSIC /* DMARC Forensic Report */
247 /* Error handling styles - set by option, and apply only when receiving
248 a local message not via SMTP. */
251 ERRORS_SENDER, /* Return to sender (default) */
252 ERRORS_STDERR /* Write on stderr */
255 /* Exec control values when Exim execs itself via child_exec_exim. */
258 CEE_RETURN_ARGV, /* Don't exec, just build and return argv */
259 CEE_EXEC_EXIT, /* Just exit if exec fails */
260 CEE_EXEC_PANIC /* Panic-die if exec fails */
263 /* Bit values for filter_test */
265 #define FTEST_NONE 0 /* Not filter testing */
266 #define FTEST_USER 1 /* Testing user filter */
267 #define FTEST_SYSTEM 2 /* Testing system filter */
269 /* Returns from the routing, transport and authentication functions (not all
270 apply to all of them). Some other functions also use these convenient values,
271 and some additional values are used only by non-driver functions.
273 OK, FAIL, DEFER, ERROR, and FAIL_FORCED are also declared in local_scan.h for
274 use in the local_scan() function and in ${dlfunc loaded functions. Do not
275 change them unilaterally.
277 Use rc_names[] for debug strings. */
279 #define OK 0 /* Successful match */
280 #define DEFER 1 /* Defer - some problem */
281 #define FAIL 2 /* Matching failed */
282 #define ERROR 3 /* Internal or config error */
283 #define FAIL_FORCED 4 /* "Forced" failure */
285 #define DECLINE 5 /* Declined to handle the address, pass to next
286 router unless no_more is set */
287 #define PASS 6 /* Pass to next driver, or to pass_router,
288 even if no_more is set */
289 #define DISCARD 7 /* Address routed to :blackhole: or "seen finish" */
290 #define SKIP 8 /* Skip this router (used in route_address only) */
291 #define REROUTED 9 /* Address was changed and child created*/
292 #define PANIC 10 /* Hard failed with internal error */
293 #define BAD64 11 /* Bad base64 data (auth) */
294 #define UNEXPECTED 12 /* Unexpected initial auth data */
295 #define CANCELLED 13 /* Authentication cancelled */
296 #define FAIL_SEND 14 /* send() failed in authenticator */
297 #define FAIL_DROP 15 /* Fail and drop connection (used in ACL) */
298 #define DANE 16 /* Deferred for domain mismatch (used in transport) */
300 /* Returns from the deliver_message() function */
302 #define DELIVER_ATTEMPTED_NORMAL 0 /* Tried a normal delivery */
303 #define DELIVER_MUA_SUCCEEDED 1 /* Success when mua_wrapper is set */
304 #define DELIVER_MUA_FAILED 2 /* Failure when mua_wrapper is set */
305 #define DELIVER_NOT_ATTEMPTED 3 /* Not tried (no msg or is locked */
307 /* Returns from DNS lookup functions. Use dns_rc_names[] for debug strings */
309 enum { DNS_SUCCEED, DNS_NOMATCH, DNS_NODATA, DNS_AGAIN, DNS_FAIL };
311 /* Ending states when reading a message. The order is important. The test
312 for having to swallow the rest of an SMTP message is whether the value is
315 #define END_NOTSTARTED 0 /* Message not started */
316 #define END_DOT 1 /* Message ended with '.' */
317 #define END_EOF 2 /* Message ended with EOF (error for SMTP) */
318 #define END_NOTENDED 3 /* Message reading not yet ended */
319 #define END_SIZE 4 /* Reading ended because message too big */
320 #define END_WERROR 5 /* Write error while reading the message */
321 #define END_PROTOCOL 6 /* Protocol error in CHUNKING sequence */
323 /* result codes for bdat_getc() (which can also return EOF) */
329 /* Bit masks for debug and log selectors */
331 /* Assume words are 32 bits wide. Tiny waste of space on 64 bit
332 platforms, but this ensures bit vectors always work the same way. */
333 #define BITWORDSIZE 32
335 /* This macro is for single-word bit vectors: the debug selector,
336 and the first word of the log selector. */
337 #define BIT(n) (1UL << (n))
339 /* And these are for multi-word vectors. */
340 #define BITWORD(n) ( (n) / BITWORDSIZE)
341 #define BITMASK(n) (1U << (n) % BITWORDSIZE)
343 #define BIT_CLEAR(s,z,n) ((s)[BITWORD(n)] &= ~BITMASK(n))
344 #define BIT_SET(s,z,n) ((s)[BITWORD(n)] |= BITMASK(n))
345 #define BIT_TEST(s,z,n) (((s)[BITWORD(n)] & BITMASK(n)) != 0)
347 /* Used in globals.c for initializing bit_table structures. T will be either
348 D or L corresponding to the debug and log selector bits declared below. */
350 #define BIT_TABLE(T,name) { US #name, T##i_##name }
352 /* IOTA allows us to keep an implicit sequential count, like a simple enum,
353 but we can have sequentially numbered identifiers which are not declared
354 sequentially. We use this for more compact declarations of bit indexes and
355 masks, alternating between sequential bit index and corresponding mask. */
357 #define IOTA(iota) (__LINE__ - iota)
358 #define IOTA_INIT(zero) (__LINE__ - zero + 1)
360 /* Options bits for debugging. DEBUG_BIT() declares both a bit index and the
361 corresponding mask. Di_all is a special value recognized by decode_bits().
362 These must match the debug_options table in globals.c .
364 Exim's code assumes in a number of places that the debug_selector is one
365 word, and this is exposed in the local_scan ABI. The D_v and D_local_scan bit
366 masks are part of the local_scan API so are #defined in local_scan.h */
368 #define DEBUG_BIT(name) Di_##name = IOTA(Di_iota), D_##name = (int)BIT(Di_##name)
375 Di_iota = IOTA_INIT(2),
376 DEBUG_BIT(acl), /* 2 */
381 DEBUG_BIT(exec), /* 7 */
384 DEBUG_BIT(hints_lookup),
385 DEBUG_BIT(host_lookup),
387 DEBUG_BIT(interface),
389 DEBUG_BIT(load), /* 15 */
394 DEBUG_BIT(process_info),
395 DEBUG_BIT(queue_run),
397 DEBUG_BIT(resolver), /* 23 */
401 DEBUG_BIT(timestamp),
403 DEBUG_BIT(transport),
405 DEBUG_BIT(verify), /* 31 */
408 /* Multi-bit debug masks */
410 #define D_all 0xffffffff
412 #define D_any (D_all & \
418 #define D_default (0xffffffff & \
430 /* Bits for debug triggers */
437 /* Options bits for logging. Those that have values < BITWORDSIZE can be used
438 in calls to log_write(). The others are put into later words in log_selector
439 and are only ever tested independently, so they do not need bit mask
440 declarations. The Li_all value is recognized specially by decode_bits().
441 Add also to log_options[] when creating new ones. */
443 #define LOG_BIT(name) Li_##name = IOTA(Li_iota), L_##name = BIT(Li_##name)
448 Li_iota = IOTA_INIT(0),
449 LOG_BIT(address_rewrite),
450 LOG_BIT(all_parents),
451 LOG_BIT(connection_reject),
452 LOG_BIT(delay_delivery),
453 LOG_BIT(dnslist_defer),
455 LOG_BIT(host_lookup_failed),
456 LOG_BIT(lost_incoming_connection),
458 LOG_BIT(retry_defer),
459 LOG_BIT(size_reject),
460 LOG_BIT(skip_delivery),
461 LOG_BIT(smtp_connection),
462 LOG_BIT(smtp_incomplete_transaction),
463 LOG_BIT(smtp_protocol_error),
464 LOG_BIT(smtp_syntax_error),
466 Li_8bitmime = BITWORDSIZE,
476 Li_incoming_interface,
481 Li_outgoing_interface,
488 Li_queue_time_exclusive,
489 Li_queue_time_overall,
492 Li_received_recipients,
494 Li_return_path_on_delivery,
495 Li_sender_on_delivery,
496 Li_sender_verify_fail,
497 Li_smtp_confirmation,
501 Li_tls_certificate_verified,
508 log_selector_size = BITWORD(Li_unknown_in_list) + 1
511 #define LOGGING(opt) BIT_TEST(log_selector, log_selector_size, Li_##opt)
513 /* Private error numbers for delivery failures, set negative so as not
514 to conflict with system errno values. Take care to maintain the string
515 table exim_errstrings[] in log.c */
517 #define ERRNO_UNKNOWNERROR (-1)
518 #define ERRNO_USERSLASH (-2)
519 #define ERRNO_EXISTRACE (-3)
520 #define ERRNO_NOTREGULAR (-4)
521 #define ERRNO_NOTDIRECTORY (-5)
522 #define ERRNO_BADUGID (-6)
523 #define ERRNO_BADMODE (-7)
524 #define ERRNO_INODECHANGED (-8)
525 #define ERRNO_LOCKFAILED (-9)
526 #define ERRNO_BADADDRESS2 (-10)
527 #define ERRNO_FORBIDPIPE (-11)
528 #define ERRNO_FORBIDFILE (-12)
529 #define ERRNO_FORBIDREPLY (-13)
530 #define ERRNO_MISSINGPIPE (-14)
531 #define ERRNO_MISSINGFILE (-15)
532 #define ERRNO_MISSINGREPLY (-16)
533 #define ERRNO_BADREDIRECT (-17)
534 #define ERRNO_SMTPCLOSED (-18)
535 #define ERRNO_SMTPFORMAT (-19)
536 #define ERRNO_SPOOLFORMAT (-20)
537 #define ERRNO_NOTABSOLUTE (-21)
538 #define ERRNO_EXIMQUOTA (-22) /* Exim-imposed quota */
539 #define ERRNO_HELD (-23)
540 #define ERRNO_FILTER_FAIL (-24) /* Delivery filter process failure */
541 #define ERRNO_CHHEADER_FAIL (-25) /* Delivery add/remove header failure */
542 #define ERRNO_WRITEINCOMPLETE (-26) /* Delivery write incomplete error */
543 #define ERRNO_EXPANDFAIL (-27) /* Some expansion failed */
544 #define ERRNO_GIDFAIL (-28) /* Failed to get gid */
545 #define ERRNO_UIDFAIL (-29) /* Failed to get uid */
546 #define ERRNO_BADTRANSPORT (-30) /* Unset or non-existent transport */
547 #define ERRNO_MBXLENGTH (-31) /* MBX length mismatch */
548 #define ERRNO_UNKNOWNHOST (-32) /* Lookup failed routing or in smtp tpt */
549 #define ERRNO_FORMATUNKNOWN (-33) /* Can't match format in appendfile */
550 #define ERRNO_BADCREATE (-34) /* Creation outside home in appendfile */
551 #define ERRNO_LISTDEFER (-35) /* Can't check a list; lookup defer */
552 #define ERRNO_DNSDEFER (-36) /* DNS lookup defer */
553 #define ERRNO_TLSFAILURE (-37) /* Failed to start TLS session */
554 #define ERRNO_TLSREQUIRED (-38) /* Mandatory TLS session not started */
555 #define ERRNO_CHOWNFAIL (-39) /* Failed to chown a file */
556 #define ERRNO_PIPEFAIL (-40) /* Failed to create a pipe */
557 #define ERRNO_CALLOUTDEFER (-41) /* When verifying */
558 #define ERRNO_AUTHFAIL (-42) /* When required by client */
559 #define ERRNO_CONNECTTIMEOUT (-43) /* Used internally in smtp transport */
560 #define ERRNO_RCPT4XX (-44) /* RCPT gave 4xx error */
561 #define ERRNO_MAIL4XX (-45) /* MAIL gave 4xx error */
562 #define ERRNO_DATA4XX (-46) /* DATA gave 4xx error */
563 #define ERRNO_PROXYFAIL (-47) /* Negotiation failed for proxy configured host */
564 #define ERRNO_AUTHPROB (-48) /* Authenticator "other" failure */
565 #define ERRNO_UTF8_FWD (-49) /* target not supporting SMTPUTF8 */
566 #define ERRNO_HOST_IS_LOCAL (-50) /* Transport refuses to talk to localhost */
567 #define ERRNO_TAINT (-51) /* Transport refuses to talk use tainted filename */
569 /* These must be last, so all retry deferments can easily be identified */
571 #define ERRNO_RETRY_BASE (-52) /* Base to test against */
572 #define ERRNO_RRETRY (-52) /* Not time for routing */
574 #define ERRNO_WARN_BASE (-53) /* Base to test against */
575 #define ERRNO_LRETRY (-53) /* Not time for local delivery */
576 #define ERRNO_HRETRY (-54) /* Not time for any remote host */
577 #define ERRNO_LOCAL_ONLY (-55) /* Local-only delivery */
578 #define ERRNO_QUEUE_DOMAIN (-56) /* Domain in queue_domains */
579 #define ERRNO_TRETRY (-57) /* Transport concurrency limit */
580 #define ERRNO_EVENT (-58) /* Event processing request alternate response */
584 /* Special actions to take after failure or deferment. */
587 SPECIAL_NONE, /* No special action */
588 SPECIAL_FREEZE, /* Freeze message */
589 SPECIAL_FAIL, /* Fail the delivery */
590 SPECIAL_WARN /* Send a warning message */
593 /* Flags that get ORed into the more_errno field of an address to give more
594 information about errors for retry purposes. They are greater than 256, because
595 the bottom byte contains 'A' or 'M' for remote addresses, to indicate whether
596 the name was looked up only via an address record or whether MX records were
597 used, respectively. */
599 #define RTEF_CTOUT 0x0100 /* Connection timed out */
601 /* Permission and other options for parse_extract_addresses(),
602 filter_interpret(), and rda_interpret(), i.e. what special things are allowed
603 in redirection operations. Not all apply to all cases. Some of the bits allow
604 and some forbid, reflecting the "allow" and "forbid" options in the redirect
605 router, which were chosen to represent the standard situation for users'
608 #define RDO_BLACKHOLE 0x00000001 /* Forbid :blackhole: */
609 #define RDO_DEFER 0x00000002 /* Allow :defer: or "defer" */
610 #define RDO_EACCES 0x00000004 /* Ignore EACCES */
611 #define RDO_ENOTDIR 0x00000008 /* Ignore ENOTDIR */
612 #define RDO_EXISTS 0x00000010 /* Forbid "exists" in expansion in filter */
613 #define RDO_FAIL 0x00000020 /* Allow :fail: or "fail" */
614 #define RDO_FILTER 0x00000040 /* Allow a filter script */
615 #define RDO_FREEZE 0x00000080 /* Allow "freeze" */
616 #define RDO_INCLUDE 0x00000100 /* Forbid :include: */
617 #define RDO_LOG 0x00000200 /* Forbid "log" */
618 #define RDO_LOOKUP 0x00000400 /* Forbid "lookup" in expansion in filter */
619 #define RDO_PERL 0x00000800 /* Forbid "perl" in expansion in filter */
620 #define RDO_READFILE 0x00001000 /* Forbid "readfile" in exp in filter */
621 #define RDO_READSOCK 0x00002000 /* Forbid "readsocket" in exp in filter */
622 #define RDO_RUN 0x00004000 /* Forbid "run" in expansion in filter */
623 #define RDO_DLFUNC 0x00008000 /* Forbid "dlfunc" in expansion in filter */
624 #define RDO_REALLOG 0x00010000 /* Really do log (not testing/verifying) */
625 #define RDO_REWRITE 0x00020000 /* Rewrite generated addresses */
626 #define RDO_EXIM_FILTER 0x00040000 /* Forbid Exim filters */
627 #define RDO_SIEVE_FILTER 0x00080000 /* Forbid Sieve filters */
628 #define RDO_PREPEND_HOME 0x00100000 /* Prepend $home to relative paths in Exim filter save commands */
630 /* This is the set that apply to expansions in filters */
632 #define RDO_FILTER_EXPANSIONS \
633 (RDO_EXISTS|RDO_LOOKUP|RDO_PERL|RDO_READFILE|RDO_READSOCK|RDO_RUN|RDO_DLFUNC)
635 /* As well as the RDO bits themselves, we need the bit numbers in order to
636 access (most of) the individual bits as separate options. This could be
637 automated, but I haven't bothered. Keep this list in step with the above! */
639 enum { RDON_BLACKHOLE, RDON_DEFER, RDON_EACCES, RDON_ENOTDIR, RDON_EXISTS,
640 RDON_FAIL, RDON_FILTER, RDON_FREEZE, RDON_INCLUDE, RDON_LOG, RDON_LOOKUP,
641 RDON_PERL, RDON_READFILE, RDON_READSOCK, RDON_RUN, RDON_DLFUNC, RDON_REALLOG,
642 RDON_REWRITE, RDON_EXIM_FILTER, RDON_SIEVE_FILTER, RDON_PREPEND_HOME };
644 /* Results of filter or forward file processing. Some are only from a filter;
645 some are only from a forward file. */
648 FF_DELIVERED, /* Success, took significant action */
649 FF_NOTDELIVERED, /* Success, didn't take significant action */
650 FF_BLACKHOLE, /* Blackholing requested */
651 FF_DEFER, /* Defer requested */
652 FF_FAIL, /* Fail requested */
653 FF_INCLUDEFAIL, /* :include: failed */
654 FF_NONEXIST, /* Forward file does not exist */
655 FF_FREEZE, /* Freeze requested */
656 FF_ERROR /* We have a problem */
659 /* Values for identifying particular headers; printing characters are used, so
660 they can be read in the spool file for those headers that are permanently
661 marked. The lower case values don't get onto the spool; they are used only as
662 return values from header_checkname(). */
664 #define htype_other ' ' /* Unspecified header */
665 #define htype_from 'F'
668 #define htype_bcc 'B'
669 #define htype_id 'I' /* for message-id */
670 #define htype_reply_to 'R'
671 #define htype_received 'P' /* P for Postmark */
672 #define htype_sender 'S'
673 #define htype_old '*' /* Replaced header */
675 #define htype_date 'd'
676 #define htype_return_path 'p'
677 #define htype_delivery_date 'x'
678 #define htype_envelope_to 'e'
679 #define htype_subject 's'
681 /* These values are used only when adding new headers from an ACL; they too
682 never get onto the spool. The type of the added header is set by reference
683 to the header name, by calling header_checkname(). */
685 #define htype_add_top 'a'
686 #define htype_add_rec 'r'
687 #define htype_add_bot 'z'
688 #define htype_add_rfc 'f'
690 /* Types of item in options lists. These are the bottom 8 bits of the "type"
691 field, which is an int. The opt_void value is used for entries in tables that
692 point to special types of value that are accessed only indirectly (e.g. the
693 rewrite data that is built out of a string option.) We need to have some values
694 visible in local_scan, so the following are declared there:
696 opt_stringptr, opt_int, opt_octint, opt_mkint, opt_Kint, opt_fixed, opt_time,
699 To make sure we don't conflict, the local_scan.h values start from zero, and
700 those defined here start from 32. The boolean ones must all be together so they
701 can be easily tested as a group. That is the only use of opt_bool_last. */
703 enum { opt_bit = 32, opt_bool_verify, opt_bool_set, opt_expand_bool,
705 opt_rewrite, opt_timelist, opt_uid, opt_gid, opt_uidlist, opt_gidlist,
706 opt_expand_uid, opt_expand_gid, opt_func, opt_void };
708 /* There's a high-ish bit which is used to flag duplicate options, kept
709 for compatibility, which shouldn't be output. Also used for hidden options
710 that are automatically maintained from others. Another high bit is used to
711 flag driver options that although private (so as to be settable only on some
712 drivers), are stored in the instance block so as to be accessible from outside.
713 A third high bit is set when an option is read, so as to be able to give an
714 error if any option is set twice. Finally, there's a bit which is set when an
715 option is set with the "hide" prefix, to prevent -bP from showing it to
716 non-admin callers. The next byte up in the int is used to keep the bit number
717 for booleans that are kept in one bit. */
719 #define opt_hidden 0x100 /* Private to Exim */
720 #define opt_public 0x200 /* Stored in the main instance block */
721 #define opt_set 0x400 /* Option is set */
722 #define opt_secure 0x800 /* "hide" prefix used */
723 #define opt_rep_con 0x1000 /* Can be appended to by a repeated line (condition) */
724 #define opt_rep_str 0x2000 /* Can be appended to by a repeated line (string) */
725 #define opt_mask 0x00ff
727 /* Verify types when directing and routing */
729 enum { v_none, v_sender, v_recipient, v_expn };
731 /* Option flags for verify_address() */
733 #define vopt_fake_sender 0x0001 /* for verify=sender=<address> */
734 #define vopt_is_recipient 0x0002
735 #define vopt_qualify 0x0004
736 #define vopt_expn 0x0008
737 #define vopt_callout_fullpm 0x0010 /* full postmaster during callout */
738 #define vopt_callout_random 0x0020 /* during callout */
739 #define vopt_callout_no_cache 0x0040 /* disable callout cache */
740 #define vopt_callout_recipsender 0x0080 /* use real sender to verify recip */
741 #define vopt_callout_recippmaster 0x0100 /* use postmaster to verify recip */
742 #define vopt_callout_hold 0x0200 /* lazy close connection */
743 #define vopt_success_on_redirect 0x0400
744 #define vopt_quota 0x0800 /* quota check, to local/appendfile */
746 /* Values for fields in callout cache records */
748 #define ccache_unknown 0 /* test hasn't been done */
749 #define ccache_accept 1
750 #define ccache_reject 2 /* All rejections except */
751 #define ccache_reject_mfnull 3 /* MAIL FROM:<> was rejected */
753 /* Options for lookup functions */
755 #define lookup_querystyle 1 /* query-style lookup */
756 #define lookup_absfile 2 /* requires absolute file name */
757 #define lookup_absfilequery 4 /* query-style starts with file name */
759 /* Status values for host_item blocks. Require hstatus_unusable and
760 hstatus_unusable_expired to be last. */
762 enum { hstatus_unknown, hstatus_usable, hstatus_unusable,
763 hstatus_unusable_expired };
765 /* Reasons why a host is unusable (for clearer log messages) */
767 enum { hwhy_unknown, hwhy_retry, hwhy_insecure, hwhy_failed, hwhy_deferred,
770 /* Domain lookup types for routers */
772 #define LK_DEFAULT BIT(0)
773 #define LK_BYNAME BIT(1)
774 #define LK_BYDNS BIT(2) /* those 3 should be mutually exclusive */
776 #define LK_IPV4_ONLY BIT(3)
777 #define LK_IPV4_PREFER BIT(4)
779 /* Values for the self_code fields */
781 enum { self_freeze, self_defer, self_send, self_reroute, self_pass, self_fail };
783 /* Flags for rewrite rules */
785 #define rewrite_sender 0x0001
786 #define rewrite_from 0x0002
787 #define rewrite_to 0x0004
788 #define rewrite_cc 0x0008
789 #define rewrite_bcc 0x0010
790 #define rewrite_replyto 0x0020
791 #define rewrite_all_headers 0x003F /* all header flags */
793 #define rewrite_envfrom 0x0040
794 #define rewrite_envto 0x0080
795 #define rewrite_all_envelope 0x00C0 /* all envelope flags */
797 #define rewrite_all (rewrite_all_headers | rewrite_all_envelope)
799 #define rewrite_smtp 0x0100 /* rewrite at SMTP time */
800 #define rewrite_smtp_sender 0x0200 /* SMTP sender rewrite (allows <>) */
801 #define rewrite_qualify 0x0400 /* qualify if necessary */
802 #define rewrite_repeat 0x0800 /* repeat rewrite rule */
804 #define rewrite_whole 0x1000 /* option bit for headers */
805 #define rewrite_quit 0x2000 /* "no more" option */
807 /* Flags for log_write(); LOG_MAIN, LOG_PANIC, and LOG_REJECT are also in
810 #define LOG_MAIN 1 /* Write to the main log */
811 #define LOG_PANIC 2 /* Write to the panic log */
812 #define LOG_PANIC_DIE 6 /* Write to the panic log and then die */
813 #define LOG_REJECT 16 /* Write to the reject log, with headers */
814 #define LOG_SENDER 32 /* Add raw sender to the message */
815 #define LOG_RECIPIENTS 64 /* Add raw recipients to the message */
816 #define LOG_CONFIG 128 /* Add "Exim configuration error" */
817 #define LOG_CONFIG_FOR (256+128) /* Add " for" instead of ":\n" */
818 #define LOG_CONFIG_IN (512+128) /* Add " in line x[ of file y]" */
820 /* and for debug_bits() logging action control: */
821 #define DEBUG_FROM_CONFIG 0x0001
823 /* SMTP command identifiers for the smtp_connection_had field that records the
824 most recent SMTP commands. SCH_NONE is "empty". */
826 enum { SCH_NONE, SCH_AUTH, SCH_DATA, SCH_BDAT,
827 SCH_EHLO, SCH_ETRN, SCH_EXPN, SCH_HELO,
828 SCH_HELP, SCH_MAIL, SCH_NOOP, SCH_QUIT, SCH_RCPT, SCH_RSET, SCH_STARTTLS,
830 #ifdef EXPERIMENTAL_XCLIENT
835 /* Returns from host_find_by{name,dns}() */
838 HOST_FIND_FAILED, /* failed to find the host */
839 HOST_FIND_AGAIN, /* could not resolve at this time */
840 HOST_FIND_SECURITY, /* dnssec required but not acheived */
841 HOST_FOUND, /* found host */
842 HOST_FOUND_LOCAL, /* found, but MX points to local host */
843 HOST_IGNORED /* found but ignored - used internally only */
846 /* Flags for host_find_bydns() */
848 #define HOST_FIND_BY_SRV BIT(0)
849 #define HOST_FIND_BY_MX BIT(1)
850 #define HOST_FIND_BY_A BIT(2)
851 #define HOST_FIND_BY_AAAA BIT(3)
852 #define HOST_FIND_QUALIFY_SINGLE BIT(4)
853 #define HOST_FIND_SEARCH_PARENTS BIT(5)
854 #define HOST_FIND_IPV4_FIRST BIT(6)
855 #define HOST_FIND_IPV4_ONLY BIT(7)
857 /* Actions applied to specific messages. */
859 enum { MSG_DELIVER, MSG_FREEZE, MSG_REMOVE, MSG_THAW, MSG_ADD_RECIPIENT,
860 MSG_MARK_ALL_DELIVERED, MSG_MARK_DELIVERED, MSG_EDIT_SENDER,
861 MSG_SHOW_COPY, MSG_LOAD, MSG_SETQUEUE,
862 /* These ones must be last: a test for >= MSG_SHOW_BODY is used
863 to test for actions that list individual spool files. */
864 MSG_SHOW_BODY, MSG_SHOW_HEADER, MSG_SHOW_LOG };
866 /* Returns from the spool_read_header() function */
869 spool_read_OK, /* success */
870 spool_read_notopen, /* open failed */
871 spool_read_enverror, /* error in the envelope */
872 spool_read_hdrerror /* error in the headers */
875 /* Options for transport_write_message */
877 #define topt_add_return_path BIT(0)
878 #define topt_add_delivery_date BIT(1)
879 #define topt_add_envelope_to BIT(2)
880 #define topt_escape_headers BIT(3) /* Apply escape check to headers */
881 #define topt_truncate_headers BIT(4) /* Truncate header lines at 998 chars */
882 #define topt_use_crlf BIT(5) /* Terminate lines with CRLF */
883 #define topt_no_headers BIT(6) /* Omit headers */
884 #define topt_no_body BIT(7) /* Omit body */
885 #define topt_end_dot BIT(8) /* Send terminating dot line */
886 #define topt_no_flush BIT(9) /* more data expected after message (eg QUIT) */
887 #define topt_use_bdat BIT(10) /* prepend chunks with RFC3030 BDAT header */
888 #define topt_output_string BIT(11) /* create string rather than write to fd */
889 #define topt_continuation BIT(12) /* do not reset buffer */
890 #define topt_not_socket BIT(13) /* cannot do socket-only syscalls */
892 /* Options for smtp_write_command */
895 SCMD_FLUSH = 0, /* write to kernel */
896 SCMD_MORE, /* write to kernel, but likely more soon */
897 SCMD_BUFFER /* stash in application cmd output buffer */
900 /* Flags for recipient_block, used in DSN support */
902 #define rf_dsnlasthop 0x01 /* Do not propagate DSN any further */
903 #define rf_notify_never 0x02 /* NOTIFY= settings */
904 #define rf_notify_success 0x04
905 #define rf_notify_failure 0x08
906 #define rf_notify_delay 0x10
908 #define rf_dsnflags (rf_notify_never | rf_notify_success | \
909 rf_notify_failure | rf_notify_delay)
913 #define dsn_ret_full 1
914 #define dsn_ret_hdrs 2
916 #define dsn_support_unknown 0
917 #define dsn_support_yes 1
918 #define dsn_support_no 2
921 /* Codes for the host_find_failed and host_all_ignored options. */
926 #define hff_decline 3
930 /* Router information flags */
932 #define ri_yestransport 0x0001 /* Must have a transport */
933 #define ri_notransport 0x0002 /* Must not have a transport */
935 /* Codes for match types in match_check_list; to any of them, MCL_NOEXPAND may
938 #define MCL_NOEXPAND 16
940 enum { MCL_STRING, MCL_DOMAIN, MCL_HOST, MCL_ADDRESS, MCL_LOCALPART };
942 /* Codes for the places from which ACLs can be called. These are cunningly
943 ordered to make it easy to implement tests for certain ACLs when processing
944 "control" modifiers, by means of a maximum "where" value. Do not modify this
945 order without checking carefully!
948 **** Furthermore, remember to keep these in step with the tables
949 **** of names and response codes in globals.c.
953 enum { ACL_WHERE_RCPT, /* Some controls are for RCPT only */
954 ACL_WHERE_MAIL, /* ) */
955 ACL_WHERE_PREDATA, /* ) There are several tests for "in message", */
956 ACL_WHERE_MIME, /* ) implemented by <= WHERE_NOTSMTP */
957 ACL_WHERE_DKIM, /* ) */
958 ACL_WHERE_DATA, /* ) */
960 ACL_WHERE_PRDR, /* ) */
962 ACL_WHERE_NOTSMTP, /* ) */
964 ACL_WHERE_AUTH, /* These remaining ones are not currently */
965 ACL_WHERE_CONNECT, /* required to be in a special order so they */
966 ACL_WHERE_ETRN, /* are just alphabetical. */
970 ACL_WHERE_NOTSMTP_START,
977 ACL_WHERE_UNKNOWN /* Currently used by a ${acl:name} expansion */
980 #define ACL_BIT_RCPT BIT(ACL_WHERE_RCPT)
981 #define ACL_BIT_MAIL BIT(ACL_WHERE_MAIL)
982 #define ACL_BIT_PREDATA BIT(ACL_WHERE_PREDATA)
983 #define ACL_BIT_MIME BIT(ACL_WHERE_MIME)
984 #define ACL_BIT_DKIM BIT(ACL_WHERE_DKIM)
985 #define ACL_BIT_DATA BIT(ACL_WHERE_DATA)
987 # define ACL_BIT_PRDR 0
989 # define ACL_BIT_PRDR BIT(ACL_WHERE_PRDR)
991 #define ACL_BIT_NOTSMTP BIT(ACL_WHERE_NOTSMTP)
992 #define ACL_BIT_AUTH BIT(ACL_WHERE_AUTH)
993 #define ACL_BIT_CONNECT BIT(ACL_WHERE_CONNECT)
994 #define ACL_BIT_ETRN BIT(ACL_WHERE_ETRN)
995 #define ACL_BIT_EXPN BIT(ACL_WHERE_EXPN)
996 #define ACL_BIT_HELO BIT(ACL_WHERE_HELO)
997 #define ACL_BIT_MAILAUTH BIT(ACL_WHERE_MAILAUTH)
998 #define ACL_BIT_NOTSMTP_START BIT(ACL_WHERE_NOTSMTP_START)
999 #define ACL_BIT_NOTQUIT BIT(ACL_WHERE_NOTQUIT)
1000 #define ACL_BIT_QUIT BIT(ACL_WHERE_QUIT)
1001 #define ACL_BIT_STARTTLS BIT(ACL_WHERE_STARTTLS)
1002 #define ACL_BIT_VRFY BIT(ACL_WHERE_VRFY)
1003 #define ACL_BIT_DELIVERY BIT(ACL_WHERE_DELIVERY)
1004 #define ACL_BIT_UNKNOWN BIT(ACL_WHERE_UNKNOWN)
1006 #define ACL_BITS_HAVEDATA (ACL_BIT_MIME | ACL_BIT_DKIM | ACL_BIT_DATA \
1008 | ACL_BIT_NOTSMTP | ACL_BIT_QUIT | ACL_BIT_NOTQUIT)
1011 /* Situations for spool_write_header() */
1013 enum { SW_RECEIVING, SW_DELIVERING, SW_MODIFYING };
1015 /* MX fields for hosts not obtained from MX records are always negative.
1016 MX_NONE is the default case; lesser values are used when the hosts are
1017 randomized in batches. */
1019 #define MX_NONE (-1)
1021 /* host_item.port defaults to PORT_NONE; the only current case where this
1022 is changed before running the transport is when an dnslookup router sets an
1023 explicit port number. */
1025 #define PORT_NONE (-1)
1027 /* Flags for single-key search defaults */
1029 #define SEARCH_STAR 0x01
1030 #define SEARCH_STARAT 0x02
1034 enum { FILTER_UNSET, FILTER_FORWARD, FILTER_EXIM, FILTER_SIEVE };
1036 /* Codes for ESMTP facilities offered by peer */
1038 #define OPTION_TLS BIT(0)
1039 #define OPTION_IGNQ BIT(1)
1040 #define OPTION_PRDR BIT(2)
1041 #define OPTION_UTF8 BIT(3)
1042 #define OPTION_DSN BIT(4)
1043 #define OPTION_PIPE BIT(5)
1044 #define OPTION_SIZE BIT(6)
1045 #define OPTION_CHUNKING BIT(7)
1046 #define OPTION_EARLY_PIPE BIT(8)
1048 /* Argument for *_getc */
1050 #define GETC_BUFFER_UNLIMITED UINT_MAX
1052 /* UTF-8 chars for line-drawing */
1054 #define UTF8_DOWN_RIGHT "\xE2\x95\xAD"
1055 #define UTF8_VERT "\xE2\x94\x82"
1056 #define UTF8_HORIZ "\xE2\x94\x80"
1057 #define UTF8_VERT_RIGHT "\xE2\x94\x9C"
1058 #define UTF8_UP_RIGHT "\xE2\x95\xB0"
1059 #define UTF8_VERT_2DASH "\xE2\x95\x8E"
1062 /* Options on tls_close */
1063 #define TLS_NO_SHUTDOWN 0 /* Just forget the context */
1064 #define TLS_SHUTDOWN_NOWAIT 1 /* Send alert; do not wait */
1065 #define TLS_SHUTDOWN_WAIT 2 /* Send alert & wait for peer's alert */
1066 #define TLS_SHUTDOWN_WONLY 3 /* only wait for peer's alert */
1069 #ifdef COMPILE_UTILITY
1070 # define ALARM(seconds) alarm(seconds);
1071 # define ALARM_CLR(seconds) alarm(seconds);
1073 /* For debugging of odd alarm-signal problems, stash caller info while the
1074 alarm is active. Clear it down on cancelling the alarm so we can tell there
1075 should not be one active. */
1077 # define ALARM(seconds) \
1078 debug_selector & D_any \
1079 ? (sigalarm_setter = CUS __FUNCTION__, alarm(seconds)) : alarm(seconds);
1080 # define ALARM_CLR(seconds) \
1081 debug_selector & D_any \
1082 ? (sigalarm_setter = NULL, alarm(seconds)) : alarm(seconds);
1085 #define AUTHS_REGEX US"\\n250[\\s\\-]AUTH\\s+([\\-\\w \\t]+)(?:\\n|$)"
1087 #define EARLY_PIPE_FEATURE_NAME "PIPECONNECT"
1088 #define EARLY_PIPE_FEATURE_LEN 11
1091 /* Flags for auth_client_item() */
1093 #define AUTH_ITEM_FIRST BIT(0)
1094 #define AUTH_ITEM_LAST BIT(1)
1095 #define AUTH_ITEM_IGN64 BIT(2)
1098 /* Flags for tls_{in,out}_resumption */
1099 #define RESUME_SUPPORTED BIT(0)
1100 #define RESUME_CLIENT_REQUESTED BIT(1)
1101 #define RESUME_CLIENT_SUGGESTED BIT(2)
1102 #define RESUME_SERVER_TICKET BIT(3)
1103 #define RESUME_USED BIT(4)
1105 #define RESUME_DECODE_STRING \
1106 US"not requested or offered" \
1107 ": 0x02 :client requested, no server ticket" \
1109 ": 0x06 :client offered session, no server action" \
1110 ": 0x08 :no client request" \
1111 ": 0x0A :client requested new ticket, server provided" \
1112 ": 0x0C :client offered session, not used" \
1113 ": 0x0E :client offered session, server only provided new ticket" \
1114 ": 0x10 :session resumed unasked" \
1115 ": 0x12 :session resumed unasked" \
1117 ": 0x16 :session resumed" \
1118 ": 0x18 :session resumed unasked" \
1119 ": 0x1A :session resumed unasked" \
1120 ": 0x1C :session resumed" \
1121 ": 0x1E :session resumed, also new ticket"
1123 /* Flags for string_vformat */
1124 #define SVFMT_EXTEND BIT(0)
1125 #define SVFMT_REBUFFER BIT(1)
1126 #define SVFMT_TAINT_NOCHK BIT(2)
1129 #define NOTIFIER_SOCKET_NAME "exim_daemon_notify"
1130 /* Notify message types */
1131 #define NOTIFY_MSG_QRUN 1 /* 2stage qrun fast-ramp trigger */
1132 #define NOTIFY_QUEUE_SIZE_REQ 2 /* obtain current queue count */
1133 #define NOTIFY_REGEX 3 /* an RE for caching */
1135 /* Flags for match_check_string() */
1136 typedef unsigned mcs_flags;
1137 #define MCS_NOFLAGS 0
1138 #define MCS_PARTIAL BIT(0) /* permit partial- search types */
1139 #define MCS_CASELESS BIT(1) /* caseless matching where possible */
1140 #define MCS_AT_SPECIAL BIT(2) /* recognize @, @[], etc. */
1141 #define MCS_CACHEABLE BIT(3) /* no dynamic expansions used for pattern */
1143 /* Flags for open() */
1145 # define EXIM_CLOEXEC O_CLOEXEC
1147 # define EXIM_CLOEXEC 0
1150 # define EXIM_NOFOLLOW O_NOFOLLOW
1152 # define EXIM_NOFOLLOW 0
1155 /* A big number for (effectively) unlimited envelope addresses */
1156 #define UNLIMITED_ADDRS 999999
1158 /* Flags for queue_list() */
1160 #define QL_UNDELIVERED_ONLY 1
1161 #define QL_PLUS_GENERATED 2
1162 #define QL_MSGID_ONLY 3
1163 #define QL_UNSORTED 8
1165 /* Flags for transport_set_up_command() */
1166 #define TSUC_EXPAND_ARGS BIT(0)
1167 #define TSUC_ALLOW_TAINTED_ARGS BIT(1)
1168 #define TSUC_ALLOW_RECIPIENTS BIT(2)
1170 /* Flags for smtp_printf */
1171 #define SP_MORE TRUE
1172 #define SP_NO_MORE FALSE
1174 /* Flags for smtp_respond */
1175 #define SR_FINAL TRUE
1176 #define SR_NOT_FINAL FALSE
1178 /* Return codes for smtp_write_mail_and_rcpt_cmds() */
1180 sw_mrc_ok, /* good, rcpt results in addr->transport_return (PENDING_OK, DEFER, FAIL) */
1181 sw_mrc_bad_mail, /* MAIL response error */
1182 sw_mrc_bad_read, /* any non-MAIL read i/o error */
1183 sw_mrc_nonmail_read_timeo, /* non-MAIL response timeout */
1184 sw_mrc_bad_internal, /* internal error; channel still usable */
1185 sw_mrc_tx_fail, /* transmit failed */
1188 /* Recent versions of PCRE2 are allocating 20kB per match, rather than the previous 112 B.
1189 When doing en extended loop of matching, release store periodically. */
1191 #define REGEX_LOOPCOUNT_STORE_RESET 1000
1193 /* End of macros.h */