-/* $Cambridge: exim/src/src/deliver.c,v 1.43 2007/02/06 11:11:40 ph10 Exp $ */
+/* $Cambridge: exim/src/src/deliver.c,v 1.48 2010/06/05 10:04:44 pdp Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2007 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
/* See the file NOTICE for conditions of use and distribution. */
/* The main code for delivering a message. */
s = string_append(s, &size, &ptr, 2, US" CV=",
testflag(addr, af_cert_verified)? "yes":"no");
if ((log_extra_selector & LX_tls_peerdn) != 0 && addr->peerdn != NULL)
- s = string_append(s, &size, &ptr, 3, US" DN=\"", addr->peerdn, US"\"");
+ s = string_append(s, &size, &ptr, 3, US" DN=\"",
+ string_printing(addr->peerdn), US"\"");
#endif
if ((log_extra_selector & LX_smtp_confirmation) != 0 &&
HP-UX doesn't have RLIMIT_CORE; I don't know how to do this in that
system. Some experimental/developing systems (e.g. GNU/Hurd) may define
RLIMIT_CORE but not support it in setrlimit(). For such systems, do not
- complain if the error is "not supported". */
+ complain if the error is "not supported".
+
+ There are two scenarios where changing the max limit has an effect. In one,
+ the user is using a .forward and invoking a command of their choice via pipe;
+ for these, we do need the max limit to be 0 unless the admin chooses to
+ permit an increased limit. In the other, the command is invoked directly by
+ the transport and is under administrator control, thus being able to raise
+ the limit aids in debugging. So there's no general always-right answer.
+
+ Thus we inhibit core-dumps completely but let individual transports, while
+ still root, re-raise the limits back up to aid debugging. We make the
+ default be no core-dumps -- few enough people can use core dumps in
+ diagnosis that it's reasonable to make them something that has to be explicitly requested.
+ */
#ifdef RLIMIT_CORE
struct rlimit rl;
RDO_REWRITE,
NULL, /* No :include: restriction (not used in filter) */
NULL, /* No sieve vacation directory (not sieve!) */
+ NULL, /* No sieve enotify mailto owner (not sieve!) */
NULL, /* No sieve user address (not sieve!) */
NULL, /* No sieve subaddress (not sieve!) */
&ugid, /* uid/gid data */
if (address_retry_record == NULL)
{
- uschar * altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
+ uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
sender_address);
address_retry_record = dbfn_read(dbm_file, altkey);
if (address_retry_record != NULL &&
string_sprintf("R:%s", addr->domain), 0);
/* Otherwise, if there is an existing retry record in the database, add
- retry items to delete both forms. Since the domain might have been
- rewritten (expanded to fully qualified) as a result of routing, ensure
- that the rewritten form is also deleted. */
+ retry items to delete both forms. We must also allow for the possibility
+ of a routing retry that includes the sender address. Since the domain might
+ have been rewritten (expanded to fully qualified) as a result of routing,
+ ensure that the rewritten form is also deleted. */
else if (testflag(addr, af_dr_retry_exists))
{
+ uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
+ sender_address);
+ retry_add_item(addr, altkey, rf_delete);
retry_add_item(addr, addr->address_retry_key, rf_delete);
retry_add_item(addr, addr->domain_retry_key, rf_delete);
if (Ustrcmp(addr->domain, old_domain) != 0)
git://git.exim.org / exim.git / blobdiff