1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* Copyright (c) The Exim Maintainers 2020 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* A number of functions for driving outgoing SMTP calls. */
13 #include "transports/smtp.h"
17 /*************************************************
18 * Find an outgoing interface *
19 *************************************************/
21 /* This function is called from the smtp transport and also from the callout
22 code in verify.c. Its job is to expand a string to get a list of interfaces,
23 and choose a suitable one (IPv4 or IPv6) for the outgoing address.
26 istring string interface setting, may be NULL, meaning "any", in
27 which case the function does nothing
28 host_af AF_INET or AF_INET6 for the outgoing IP address
29 addr the mail address being handled (for setting errors)
30 interface point this to the interface
31 msg to add to any error message
33 Returns: TRUE on success, FALSE on failure, with error message
34 set in addr and transport_return set to PANIC
38 smtp_get_interface(uschar *istring, int host_af, address_item *addr,
39 uschar **interface, uschar *msg)
41 const uschar * expint;
45 if (!istring) return TRUE;
47 if (!(expint = expand_string(istring)))
49 if (f.expand_string_forcedfail) return TRUE;
50 addr->transport_return = PANIC;
51 addr->message = string_sprintf("failed to expand \"interface\" "
52 "option for %s: %s", msg, expand_string_message);
56 if (is_tainted2(expint, LOG_MAIN|LOG_PANIC, "Tainted value '%s' from '%s' for interface", expint, istring))
58 addr->transport_return = PANIC;
59 addr->message = string_sprintf("failed to expand \"interface\" "
60 "option for %s: configuration error", msg);
64 Uskip_whitespace(&expint);
65 if (!*expint) return TRUE;
67 /* we just tested to ensure no taint, so big_buffer is ok */
68 while ((iface = string_nextinlist(&expint, &sep, big_buffer,
71 if (string_is_ip_address(iface, NULL) == 0)
73 addr->transport_return = PANIC;
74 addr->message = string_sprintf("\"%s\" is not a valid IP "
75 "address for the \"interface\" option for %s",
80 if (((Ustrchr(iface, ':') == NULL)? AF_INET:AF_INET6) == host_af)
84 if (iface) *interface = string_copy(iface);
90 /*************************************************
91 * Find an outgoing port *
92 *************************************************/
94 /* This function is called from the smtp transport and also from the callout
95 code in verify.c. Its job is to find a port number. Note that getservbyname()
96 produces the number in network byte order.
99 rstring raw (unexpanded) string representation of the port
100 addr the mail address being handled (for setting errors)
101 port stick the port in here
102 msg for adding to error message
104 Returns: TRUE on success, FALSE on failure, with error message set
105 in addr, and transport_return set to PANIC
109 smtp_get_port(uschar *rstring, address_item *addr, int *port, uschar *msg)
111 uschar *pstring = expand_string(rstring);
115 addr->transport_return = PANIC;
116 addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
117 "for %s: %s", rstring, msg, expand_string_message);
121 if (isdigit(*pstring))
124 *port = Ustrtol(pstring, &end, 0);
125 if (end != pstring + Ustrlen(pstring))
127 addr->transport_return = PANIC;
128 addr->message = string_sprintf("invalid port number for %s: %s", msg,
136 struct servent *smtp_service = getservbyname(CS pstring, "tcp");
139 addr->transport_return = PANIC;
140 addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
144 *port = ntohs(smtp_service->s_port);
155 tfo_out_check(int sock)
158 struct tcp_info tinfo;
159 socklen_t len = sizeof(tinfo);
161 /* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as
162 well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */
163 switch (tcp_out_fastopen)
165 case TFO_ATTEMPTED_NODATA:
166 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
167 && tinfo.tcpi_state == TCPS_SYN_SENT
168 && tinfo.__tcpi_unacked > 0
171 DEBUG(D_transport|D_v)
172 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked);
173 tcp_out_fastopen = TFO_USED_NODATA;
177 case TFO_ATTEMPTED_DATA:
178 case TFO_ATTEMPTED_DATA:
179 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2
183 switch (tcp_out_fastopen)
185 case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break;
186 default: break; /* compiler quietening */
189 # else /* Linux & Apple */
190 # if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
191 struct tcp_info tinfo;
192 socklen_t len = sizeof(tinfo);
194 switch (tcp_out_fastopen)
196 /* This is a somewhat dubious detection method; totally undocumented so likely
197 to fail in future kernels. There seems to be no documented way. What we really
198 want to know is if the server sent smtp-banner data before our ACK of his SYN,ACK
199 hit him. What this (possibly?) detects is whether we sent a TFO cookie with our
200 SYN, as distinct from a TFO request. This gets a false-positive when the server
201 key is rotated; we send the old one (which this test sees) but the server returns
202 the new one and does not send its SMTP banner before we ACK his SYN,ACK.
203 To force that rotation case:
204 '# echo -n "00000000-00000000-00000000-0000000" >/proc/sys/net/ipv4/tcp_fastopen_key'
205 The kernel seems to be counting unack'd packets. */
207 case TFO_ATTEMPTED_NODATA:
208 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
209 && tinfo.tcpi_state == TCP_SYN_SENT
210 && tinfo.tcpi_unacked > 1
213 DEBUG(D_transport|D_v)
214 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.tcpi_unacked);
215 tcp_out_fastopen = TFO_USED_NODATA;
219 /* When called after waiting for received data we should be able
220 to tell if data we sent was accepted. */
222 case TFO_ATTEMPTED_DATA:
223 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
224 && tinfo.tcpi_state == TCP_ESTABLISHED
226 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA)
228 DEBUG(D_transport|D_v) debug_printf("TFO: data was acked\n");
229 tcp_out_fastopen = TFO_USED_DATA;
233 DEBUG(D_transport|D_v) debug_printf("TFO: had to retransmit\n");
234 tcp_out_fastopen = TFO_NOT_USED;
238 default: break; /* compiler quietening */
241 # endif /* Linux & Apple */
247 host host item containing name and address and port
248 host_af AF_INET or AF_INET6
250 interface outgoing interface address or NULL
252 timeout timeout value or 0
253 early_data if non-NULL, idempotent data to be sent -
254 preferably in the TCP SYN segment
255 Special case: non-NULL but with NULL blob.data - caller is
256 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
259 Returns: connected socket number, or -1 with errno set
263 smtp_sock_connect(host_item * host, int host_af, int port, uschar * interface,
264 transport_instance * tb, int timeout, const blob * early_data)
266 smtp_transport_options_block * ob =
267 (smtp_transport_options_block *)tb->options_block;
268 const uschar * dscp = ob->dscp;
274 const blob * fastopen_blob = NULL;
277 #ifndef DISABLE_EVENT
278 deliver_host_address = host->address;
279 deliver_host_port = port;
280 if (event_raise(tb->event_action, US"tcp:connect", NULL)) return -1;
283 if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return -1;
285 /* Set TCP_NODELAY; Exim does its own buffering. */
287 if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
288 HDEBUG(D_transport|D_acl|D_v)
289 debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
291 /* Set DSCP value, if we can. For now, if we fail to set the value, we don't
292 bomb out, just log it and continue in default traffic class. */
294 if (dscp && dscp_lookup(dscp, host_af, &dscp_level, &dscp_option, &dscp_value))
296 HDEBUG(D_transport|D_acl|D_v)
297 debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
298 if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
299 HDEBUG(D_transport|D_acl|D_v)
300 debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
301 /* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
302 option for both; ignore failures here */
303 if (host_af == AF_INET6 &&
304 dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
305 (void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
308 /* Bind to a specific interface if requested. Caller must ensure the interface
309 is the same type (IPv4 or IPv6) as the outgoing address. */
311 if (interface && ip_bind(sock, host_af, interface, 0) < 0)
314 HDEBUG(D_transport|D_acl|D_v)
315 debug_printf_indent("unable to bind outgoing SMTP call to %s: %s", interface,
319 /* Connect to the remote host, and add keepalive to the socket before returning
320 it, if requested. If the build supports TFO, request it - and if the caller
321 requested some early-data then include that in the TFO request. If there is
322 early-data but no TFO support, send it after connecting. */
327 /* See if TCP Fast Open usable. Default is a traditional 3WHS connect */
328 if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, host) == OK)
331 fastopen_blob = &tcp_fastopen_nodata; /* TFO, with no data */
332 else if (early_data->data)
333 fastopen_blob = early_data; /* TFO, with data */
334 # ifdef TCP_FASTOPEN_CONNECT
336 { /* expecting client data */
337 debug_printf(" set up lazy-connect\n");
338 setsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, US &on, sizeof(on));
339 /* fastopen_blob = NULL; lazy TFO, triggered by data write */
345 if (ip_connect(sock, host_af, host->address, port, timeout, fastopen_blob) < 0)
347 else if (early_data && !fastopen_blob && early_data->data && early_data->len)
349 /* We had some early-data to send, but couldn't do TFO */
350 HDEBUG(D_transport|D_acl|D_v)
351 debug_printf("sending %ld nonTFO early-data\n", (long)early_data->len);
353 #ifdef TCP_QUICKACK_notdef
354 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
356 if (send(sock, early_data->data, early_data->len, 0) < 0)
359 #ifdef TCP_QUICKACK_notdef
360 /* Under TFO (with openssl & pipe-conn; testcase 4069, as of
361 5.10.8-100.fc32.x86_64) this seems to be inop.
362 Perhaps overwritten when we (client) go -> ESTABLISHED on seeing the 3rd-ACK?
363 For that case, added at smtp_reap_banner(). */
364 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
368 /* Either bind() or connect() failed */
372 HDEBUG(D_transport|D_acl|D_v)
374 debug_printf_indent(" failed: %s", CUstrerror(save_errno));
375 if (save_errno == ETIMEDOUT)
376 debug_printf(" (timeout=%s)", readconf_printtime(timeout));
384 /* Both bind() and connect() succeeded, and any early-data */
388 union sockaddr_46 interface_sock;
389 EXIM_SOCKLEN_T size = sizeof(interface_sock);
391 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" connected\n");
392 if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
393 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
396 log_write(0, LOG_MAIN | ((errno == ECONNRESET)? 0 : LOG_PANIC),
397 "getsockname() failed: %s", strerror(errno));
402 if (ob->keepalive) ip_keepalive(sock, host->address, TRUE);
415 smtp_port_for_connect(host_item * host, int port)
417 if (host->port != PORT_NONE)
419 HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
420 debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
424 else host->port = port; /* Set the port actually used */
428 /*************************************************
429 * Connect to remote host *
430 *************************************************/
432 /* Create a socket, and connect it to a remote host. IPv6 addresses are
433 detected by checking for a colon in the address. AF_INET6 is defined even on
434 non-IPv6 systems, to enable the code to be less messy. However, on such systems
435 host->address will always be an IPv4 address.
438 sc details for making connection: host, af, interface, transport
439 early_data if non-NULL, data to be sent - preferably in the TCP SYN segment
440 Special case: non-NULL but with NULL blob.data - caller is
441 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
444 Returns: connected socket number, or -1 with errno set
448 smtp_connect(smtp_connect_args * sc, const blob * early_data)
450 int port = sc->host->port;
451 smtp_transport_options_block * ob = sc->ob;
453 callout_address = string_sprintf("[%s]:%d", sc->host->address, port);
455 HDEBUG(D_transport|D_acl|D_v)
458 if (sc->interface) s = string_sprintf(" from %s ", sc->interface);
460 if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
462 debug_printf_indent("Connecting to %s %s%s... ", sc->host->name, callout_address, s);
465 /* Create and connect the socket */
470 int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
471 sc->tblock, ob->connect_timeout);
475 if (early_data && early_data->data && early_data->len)
476 if (send(sock, early_data->data, early_data->len, 0) < 0)
478 int save_errno = errno;
479 HDEBUG(D_transport|D_acl|D_v)
481 debug_printf_indent("failed: %s", CUstrerror(save_errno));
482 if (save_errno == ETIMEDOUT)
483 debug_printf(" (timeout=%s)", readconf_printtime(ob->connect_timeout));
495 return smtp_sock_connect(sc->host, sc->host_af, port, sc->interface,
496 sc->tblock, ob->connect_timeout, early_data);
500 /*************************************************
501 * Flush outgoing command buffer *
502 *************************************************/
504 /* This function is called only from smtp_write_command() below. It flushes
505 the buffer of outgoing commands. There is more than one in the buffer only when
509 outblock the SMTP output block
510 mode further data expected, or plain
512 Returns: TRUE if OK, FALSE on error, with errno set
516 flush_buffer(smtp_outblock * outblock, int mode)
519 int n = outblock->ptr - outblock->buffer;
520 BOOL more = mode == SCMD_MORE;
522 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
523 more ? " (more expected)" : "");
526 if (outblock->cctx->tls_ctx)
527 rc = tls_write(outblock->cctx->tls_ctx, outblock->buffer, n, more);
532 if (outblock->conn_args)
534 blob early_data = { .data = outblock->buffer, .len = n };
536 /* We ignore the more-flag if we're doing a connect with early-data, which
537 means we won't get BDAT+data. A pity, but wise due to the idempotency
538 requirement: TFO with data can, in rare cases, replay the data to the
541 if ( (outblock->cctx->sock = smtp_connect(outblock->conn_args, &early_data))
544 outblock->conn_args = NULL;
549 rc = send(outblock->cctx->sock, outblock->buffer, n,
557 #if defined(__linux__)
558 /* This is a workaround for a current linux kernel bug: as of
559 5.6.8-200.fc31.x86_64 small (<MSS) writes get delayed by about 200ms,
560 This is despite NODELAY being active.
561 https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
564 setsockopt(outblock->cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
571 HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
575 outblock->ptr = outblock->buffer;
576 outblock->cmd_count = 0;
582 /*************************************************
583 * Write SMTP command *
584 *************************************************/
586 /* The formatted command is left in big_buffer so that it can be reflected in
590 sx SMTP connection, contains buffer for pipelining, and socket
591 mode buffer, write-with-more-likely, write
592 format a format, starting with one of
593 of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
594 If NULL, flush pipeline buffer only.
595 ... data for the format
597 Returns: 0 if command added to pipelining buffer, with nothing transmitted
598 +n if n commands transmitted (may still have buffered the new one)
599 -1 on error, with errno set
603 smtp_write_command(void * sx, int mode, const char *format, ...)
605 smtp_outblock * outblock = &((smtp_context *)sx)->outblock;
610 gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer };
613 /* Use taint-unchecked routines for writing into big_buffer, trusting that
614 we'll never expand the results. Actually, the error-message use - leaving
615 the results in big_buffer for potential later use - is uncomfortably distant.
616 XXX Would be better to assume all smtp commands are short, use normal pool
617 alloc rather than big_buffer, and another global for the data-for-error. */
619 va_start(ap, format);
620 if (!string_vformat(&gs, SVFMT_TAINT_NOCHK, CS format, ap))
621 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
624 string_from_gstring(&gs);
626 if (gs.ptr > outblock->buffersize)
627 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
630 if (gs.ptr > outblock->buffersize - (outblock->ptr - outblock->buffer))
632 rc = outblock->cmd_count; /* flush resets */
633 if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
636 Ustrncpy(outblock->ptr, gs.s, gs.ptr);
637 outblock->ptr += gs.ptr;
638 outblock->cmd_count++;
639 gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for error message */
641 /* We want to hide the actual data sent in AUTH transactions from reflections
642 and logs. While authenticating, a flag is set in the outblock to enable this.
643 The AUTH command itself gets any data flattened. Other lines are flattened
646 if (outblock->authenticating)
648 uschar *p = big_buffer;
649 if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
652 while (isspace(*p)) p++;
653 while (!isspace(*p)) p++;
654 while (isspace(*p)) p++;
656 while (*p) *p++ = '*';
659 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP%c> %s\n",
660 mode == SCMD_BUFFER ? '|' : mode == SCMD_MORE ? '+' : '>',
664 if (mode != SCMD_BUFFER)
666 rc += outblock->cmd_count; /* flush resets */
667 if (!flush_buffer(outblock, mode)) return -1;
675 /*************************************************
676 * Read one line of SMTP response *
677 *************************************************/
679 /* This function reads one line of SMTP response from the server host. This may
680 not be a complete response - it could be just part of a multiline response. We
681 have to use a buffer for incoming packets, because when pipelining or using
682 LMTP, there may well be more than one response in a single packet. This
683 function is called only from the one that follows.
686 inblock the SMTP input block (contains holding buffer, socket, etc.)
687 buffer where to put the line
688 size space available for the line
689 timelimit deadline for reading the lime, seconds past epoch
691 Returns: length of a line that has been put in the buffer
692 -1 otherwise, with errno set, and inblock->ptr adjusted
696 read_response_line(smtp_inblock *inblock, uschar *buffer, int size, time_t timelimit)
699 uschar *ptr = inblock->ptr;
700 uschar *ptrend = inblock->ptrend;
701 client_conn_ctx * cctx = inblock->cctx;
703 /* Loop for reading multiple packets or reading another packet after emptying
704 a previously-read one. */
710 /* If there is data in the input buffer left over from last time, copy
711 characters from it until the end of a line, at which point we can return,
712 having removed any whitespace (which will include CR) at the end of the line.
713 The rules for SMTP say that lines end in CRLF, but there are have been cases
714 of hosts using just LF, and other MTAs are reported to handle this, so we
715 just look for LF. If we run out of characters before the end of a line,
716 carry on to read the next incoming packet. */
723 while (p > buffer && isspace(p[-1])) p--;
731 *p = 0; /* Leave malformed line for error message */
732 errno = ERRNO_SMTPFORMAT;
738 /* Need to read a new input packet. */
740 if((rc = ip_recv(cctx, inblock->buffer, inblock->buffersize, timelimit)) <= 0)
742 DEBUG(D_deliver|D_transport|D_acl|D_v)
743 debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
748 /* Another block of data has been successfully read. Set up the pointers
749 and let the loop continue. */
751 ptrend = inblock->ptrend = inblock->buffer + rc;
752 ptr = inblock->buffer;
753 DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
756 /* Get here if there has been some kind of recv() error; errno is set, but we
757 ensure that the result buffer is empty before returning. */
759 inblock->ptr = inblock->ptrend = inblock->buffer;
768 /*************************************************
769 * Read SMTP response *
770 *************************************************/
772 /* This function reads an SMTP response with a timeout, and returns the
773 response in the given buffer, as a string. A multiline response will contain
774 newline characters between the lines. The function also analyzes the first
775 digit of the reply code and returns FALSE if it is not acceptable. FALSE is
776 also returned after a reading error. In this case buffer[0] will be zero, and
777 the error code will be in errno.
780 sx the SMTP connection (contains input block with holding buffer,
782 buffer where to put the response
783 size the size of the buffer
784 okdigit the expected first digit of the response
785 timeout the timeout to use, in seconds
787 Returns: TRUE if a valid, non-error response was received; else FALSE
789 /*XXX could move to smtp transport; no other users */
792 smtp_read_response(void * sx0, uschar * buffer, int size, int okdigit,
795 smtp_context * sx = sx0;
796 uschar * ptr = buffer;
798 time_t timelimit = time(NULL) + timeout;
800 errno = 0; /* Ensure errno starts out zero */
802 #ifndef DISABLE_PIPE_CONNECT
803 if (sx->pending_BANNER || sx->pending_EHLO)
806 if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
808 DEBUG(D_transport) debug_printf("failed reaping pipelined cmd responsess\n");
810 if (rc == DEFER) errno = ERRNO_TLSFAILURE;
816 /* This is a loop to read and concatenate the lines that make up a multi-line
821 if ((count = read_response_line(&sx->inblock, ptr, size, timelimit)) < 0)
824 HDEBUG(D_transport|D_acl|D_v)
825 debug_printf_indent(" %s %s\n", ptr == buffer ? "SMTP<<" : " ", ptr);
827 /* Check the format of the response: it must start with three digits; if
828 these are followed by a space or end of line, the response is complete. If
829 they are followed by '-' this is a multi-line response and we must look for
830 another line until the final line is reached. The only use made of multi-line
831 responses is to pass them back as error messages. We therefore just
832 concatenate them all within the buffer, which should be large enough to
833 accept any reasonable number of lines. */
839 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
841 errno = ERRNO_SMTPFORMAT; /* format error */
845 /* If the line we have just read is a terminal line, line, we are done.
846 Otherwise more data has to be read. */
848 if (ptr[3] != '-') break;
850 /* Move the reading pointer upwards in the buffer and insert \n between the
851 components of a multiline response. Space is left for this by read_response_
860 tfo_out_check(sx->cctx.sock);
863 /* Return a value that depends on the SMTP return code. On some systems a
864 non-zero value of errno has been seen at this point, so ensure it is zero,
865 because the caller of this function looks at errno when FALSE is returned, to
866 distinguish between an unexpected return code and other errors such as
867 timeouts, lost connections, etc. */
870 return buffer[0] == okdigit;
873 /* End of smtp_out.c */