-/* $Cambridge: exim/src/src/receive.c,v 1.30 2006/10/10 15:36:50 ph10 Exp $ */
+/* $Cambridge: exim/src/src/receive.c,v 1.45 2009/01/02 17:12:03 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2006 */
+/* Copyright (c) University of Cambridge 1995 - 2007 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for receiving a message and setting up spool files. */
#include "exim.h"
+#if (defined EXPERIMENTAL_DOMAINKEYS) && (defined EXPERIMENTAL_DKIM)
+
+#warning Chaining Domainkeys via DKIM receive functions
+#define RECEIVE_GETC dkim_receive_getc
+#define RECEIVE_UNGETC dkim_receive_ungetc
+
+#else
+
+#if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
+
#ifdef EXPERIMENTAL_DOMAINKEYS
+#warning Using Domainkeys receive functions
#define RECEIVE_GETC dk_receive_getc
#define RECEIVE_UNGETC dk_receive_ungetc
+#endif
+#ifdef EXPERIMENTAL_DKIM
+#warning Using DKIM receive functions
+#define RECEIVE_GETC dkim_receive_getc
+#define RECEIVE_UNGETC dkim_receive_ungetc
+#endif
+
#else
+
+/* Normal operation */
#define RECEIVE_GETC receive_getc
#define RECEIVE_UNGETC receive_ungetc
+
+#endif
+
+#endif
+
+
+#ifdef EXPERIMENTAL_DCC
+extern int dcc_ok;
#endif
/*************************************************
}
}
-/* We now have the patch; do the business */
+/* We now have the path; do the business */
memset(&statbuf, 0, sizeof(statbuf));
function if there is an ultimate disaster. That is why it is globally
accessible.
-Arguments: SMTP response to give if in an SMTP session
+Arguments:
+ reason text reason to pass to the not-quit ACL
+ msg default SMTP response to give if in an SMTP session
Returns: it doesn't
*/
void
-receive_bomb_out(uschar *msg)
+receive_bomb_out(uschar *reason, uschar *msg)
{
/* If spool_name is set, it contains the name of the data file that is being
written. Unlink it before closing so that it cannot be picked up by a delivery
if (data_file != NULL) (void)fclose(data_file);
else if (data_fd >= 0) (void)close(data_fd);
-/* Attempt to close down an SMTP connection tidily. */
+/* Attempt to close down an SMTP connection tidily. For non-batched SMTP, call
+smtp_notquit_exit(), which runs the NOTQUIT ACL, if present, and handles the
+SMTP response. */
if (smtp_input)
{
- if (!smtp_batched_input)
- {
- smtp_printf("421 %s %s - closing connection.\r\n", smtp_active_hostname,
- msg);
- mac_smtp_fflush();
- }
-
- /* Control does not return from moan_smtp_batch(). */
-
- else moan_smtp_batch(NULL, "421 %s - message abandoned", msg);
+ if (smtp_batched_input)
+ moan_smtp_batch(NULL, "421 %s - message abandoned", msg); /* No return */
+ smtp_notquit_exit(reason, US"421", US"%s %s - closing connection.",
+ smtp_active_hostname, msg);
}
/* Exit from the program (non-BSMTP cases) */
LOG_MAIN, "timed out while reading local message");
}
-receive_bomb_out(msg); /* Does not return */
+receive_bomb_out(US"data-timeout", msg); /* Does not return */
}
sig = sig; /* Keep picky compilers happy */
log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() function timed out - "
"message temporarily rejected (size %d)", message_size);
-receive_bomb_out(US"local verification problem"); /* Does not return */
+/* Does not return */
+receive_bomb_out(US"local-scan-timeout", US"local verification problem");
}
{
log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() function crashed with "
"signal %d - message temporarily rejected (size %d)", sig, message_size);
-receive_bomb_out(US"local verification problem"); /* Does not return */
+/* Does not return */
+receive_bomb_out(US"local-scan-error", US"local verification problem");
}
}
}
-receive_bomb_out(msg); /* Does not return */
+receive_bomb_out(US"signal-exit", msg); /* Does not return */
}
{
int ch_state;
register int ch;
+register int linelength = 0;
/* Handle the case when only EOF terminates the message */
if (ch == 0) body_zerocount++;
if (last_ch == '\r' && ch != '\n')
{
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
+ linelength = 0;
if (fputc('\n', fout) == EOF) return END_WERROR;
message_size++;
body_linecount++;
if (ch == '\r') continue;
if (fputc(ch, fout) == EOF) return END_WERROR;
- if (ch == '\n') body_linecount++;
+ if (ch == '\n')
+ {
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
+ linelength = 0;
+ body_linecount++;
+ }
+ else linelength++;
if (++message_size > thismessage_size_limit) return END_SIZE;
}
if (last_ch != '\n')
{
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
if (fputc('\n', fout) == EOF) return END_WERROR;
message_size++;
body_linecount++;
{
case 0: /* Normal state (previous char written) */
if (ch == '\n')
- { body_linecount++; ch_state = 1; }
+ {
+ body_linecount++;
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
+ linelength = -1;
+ ch_state = 1;
+ }
else if (ch == '\r')
{ ch_state = 2; continue; }
break;
case 1: /* After written "\n" */
if (ch == '.') { ch_state = 3; continue; }
- if (ch != '\n') ch_state = 0;
+ if (ch != '\n') ch_state = 0; else linelength = -1;
break;
case 2:
body_linecount++; /* After unwritten "\r" */
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
if (ch == '\n')
- { ch_state = 1; }
+ {
+ ch_state = 1;
+ linelength = -1;
+ }
else
{
if (message_size++, fputc('\n', fout) == EOF) return END_WERROR;
if (ch == '\r') continue;
ch_state = 0;
+ linelength = 0;
}
break;
if (ch == '\n') return END_DOT;
if (ch == '\r') { ch_state = 4; continue; }
message_size++;
+ linelength++;
if (fputc('.', fout) == EOF) return END_WERROR;
ch_state = 0;
break;
break;
}
+ linelength++;
if (fputc(ch, fout) == EOF) return END_WERROR;
if (++message_size > thismessage_size_limit) return END_SIZE;
}
{
int ch_state = 0;
register int ch;
+register int linelength = 0;
while ((ch = (RECEIVE_GETC)()) != EOF)
{
{
ch_state = 0;
body_linecount++;
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
+ linelength = -1;
}
else if (ch == '\r')
{
case 2: /* After (unwritten) CR */
body_linecount++;
+ if (linelength > max_received_linelength)
+ max_received_linelength = linelength;
+ linelength = -1;
if (ch == '\n')
{
ch_state = 0;
next. */
message_size++;
+ linelength++;
if (fout != NULL)
{
if (fputc(ch, fout) == EOF) return END_WERROR;
* Add header lines set up by ACL *
*************************************************/
-/* This function is called to add the header lines that were set up by "warn"
-statements in an ACL onto the list of headers in memory. It is done in two
-stages like this, because when the ACL for RCPT is running, the other headers
-have not yet been received. This function is called twice; once just before
-running the DATA ACL, and once after. This is so that header lines added by
-MAIL or RCPT are visible to the DATA ACL.
+/* This function is called to add the header lines that were set up by
+statements in an ACL to the list of headers in memory. It is done in two stages
+like this, because when the ACL for RCPT is running, the other headers have not
+yet been received. This function is called twice; once just before running the
+DATA ACL, and once after. This is so that header lines added by MAIL or RCPT
+are visible to the DATA ACL.
Originally these header lines were added at the end. Now there is support for
three different places: top, bottom, and after the Received: header(s). There
/* check if it is a MIME message */
my_headerlist = header_list;
-while (my_headerlist != NULL) {
+while (my_headerlist != NULL)
+ {
/* skip deleted headers */
- if (my_headerlist->type == '*') {
+ if (my_headerlist->type == '*')
+ {
my_headerlist = my_headerlist->next;
continue;
- };
- if (strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0) {
+ }
+ if (strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0)
+ {
DEBUG(D_receive) debug_printf("Found Content-Type: header - executing acl_smtp_mime.\n");
goto DO_MIME_ACL;
- };
+ }
my_headerlist = my_headerlist->next;
-};
+ }
DEBUG(D_receive) debug_printf("No Content-Type: header - presumably not a MIME message.\n");
return TRUE;
rc = mime_acl_check(acl, mbox_file, NULL, &user_msg, &log_msg);
(void)fclose(mbox_file);
-if (Ustrlen(rfc822_file_path) > 0) {
+if (Ustrlen(rfc822_file_path) > 0)
+ {
mime_part_count = mime_part_count_buffer;
- if (unlink(CS rfc822_file_path) == -1) {
+ if (unlink(CS rfc822_file_path) == -1)
+ {
log_write(0, LOG_PANIC,
"acl_smtp_mime: can't unlink RFC822 spool file, skipping.");
goto END_MIME_ACL;
- };
-};
+ }
+ }
/* check if we must check any message/rfc822 attachments */
-if (rc == OK) {
+if (rc == OK)
+ {
uschar temp_path[1024];
int n;
struct dirent *entry;
(void)string_format(temp_path, 1024, "%s/scan/%s", spool_directory,
message_id);
- tempdir = opendir(CS temp_path);
- n = 0;
- do {
- entry = readdir(tempdir);
- if (entry == NULL) break;
- if (strncmpic(US entry->d_name,US"__rfc822_",9) == 0) {
+ tempdir = opendir(CS temp_path);
+ n = 0;
+ do
+ {
+ entry = readdir(tempdir);
+ if (entry == NULL) break;
+ if (strncmpic(US entry->d_name,US"__rfc822_",9) == 0)
+ {
(void)string_format(rfc822_file_path, 2048,"%s/scan/%s/%s", spool_directory, message_id, entry->d_name);
- debug_printf("RFC822 attachment detected: running MIME ACL for '%s'\n", rfc822_file_path);
- break;
- };
- } while (1);
- closedir(tempdir);
+ debug_printf("RFC822 attachment detected: running MIME ACL for '%s'\n", rfc822_file_path);
+ break;
+ }
+ } while (1);
+ closedir(tempdir);
- if (entry != NULL) {
+ if (entry != NULL)
+ {
mbox_file = Ufopen(rfc822_file_path,"rb");
- if (mbox_file == NULL) {
+ if (mbox_file == NULL)
+ {
log_write(0, LOG_PANIC,
"acl_smtp_mime: can't open RFC822 spool file, skipping.");
unlink(CS rfc822_file_path);
goto END_MIME_ACL;
- };
+ }
/* set RFC822 expansion variable */
mime_is_rfc822 = 1;
mime_part_count_buffer = mime_part_count;
goto MIME_ACL_CHECK;
- };
-};
+ }
+ }
END_MIME_ACL:
add_acl_headers(US"MIME");
*smtp_reply_ptr = US""; /* Indicate reply already sent */
message_id[0] = 0; /* Indicate no message accepted */
return FALSE; /* Cause skip to end of receive function */
- };
+ }
return TRUE;
}
int start, end, domain, size, sptr;
int id_resolution;
int had_zero = 0;
+int prevlines_length = 0;
register int ptr = 0;
uschar *errmsg, *s;
struct stat statbuf;
-/* Final message to give to SMTP caller */
+/* Final message to give to SMTP caller, and messages from ACLs */
uschar *smtp_reply = NULL;
+uschar *user_msg, *log_msg;
/* Working header pointers */
spool_name[0] = 0;
message_size = 0;
warning_count = 0;
-received_count = 1; /* For the one we will add */
+received_count = 1; /* For the one we will add */
if (thismessage_size_limit <= 0) thismessage_size_limit = INT_MAX;
/* While reading the message, the following counts are computed. */
-message_linecount = body_linecount = body_zerocount = 0;
+message_linecount = body_linecount = body_zerocount =
+ max_received_linelength = 0;
#ifdef EXPERIMENTAL_DOMAINKEYS
/* Call into DK to set up the context. Check if DK is to be run are carried out
inside dk_exim_verify_init(). */
dk_exim_verify_init();
#endif
+#ifdef EXPERIMENTAL_DKIM
+/* Call into DKIM to set up the context. Check if DKIM is to be run are carried out
+ inside dk_exim_verify_init(). */
+dkim_exim_verify_init();
+#endif
+
/* Remember the time of reception. Exim uses time+pid for uniqueness of message
ids, and fractions of a second are required. See the comments that precede the
receive_linecount++;
message_linecount++;
+ /* Keep track of maximum line length */
+
+ if (ptr - prevlines_length > max_received_linelength)
+ max_received_linelength = ptr - prevlines_length;
+ prevlines_length = ptr + 1;
+
/* Now put in the terminating newline. There is always space for
at least two more characters. */
next->text = store_get(header_size);
ptr = 0;
had_zero = 0;
+ prevlines_length = 0;
} /* Continue, starting to read the next header */
/* At this point, we have read all the headers into a data structure in main
/* Record whether a Date: or Resent-Date: header exists, as appropriate. */
case htype_date:
- date_header_exists = !resents_exist || is_resent;
+ if (!resents_exist || is_resent) date_header_exists = TRUE;
break;
/* Same comments as about Return-Path: below. */
if (sender_address_unrewritten == NULL)
sender_address_unrewritten = sender_address;
sender_address = generated_sender_address;
- log_write(L_address_rewrite, LOG_MAIN,
- "\"%s\" from env-from rewritten as \"%s\" by submission mode",
- sender_address_unrewritten, generated_sender_address);
+ if (Ustrcmp(sender_address_unrewritten, generated_sender_address) != 0)
+ log_write(L_address_rewrite, LOG_MAIN,
+ "\"%s\" from env-from rewritten as \"%s\" by submission mode",
+ sender_address_unrewritten, generated_sender_address);
}
}
anything until the terminating dot line is sent. */
if (fflush(data_file) == EOF || ferror(data_file) ||
- fsync(fileno(data_file)) < 0 || (receive_ferror)())
+ EXIMfsync(fileno(data_file)) < 0 || (receive_ferror)())
{
uschar *msg_errno = US strerror(errno);
BOOL input_error = (receive_ferror)() != 0;
*/
deliver_datafile = data_fd;
+user_msg = NULL;
+
+enable_dollar_recipients = TRUE;
if (recipients_count == 0)
{
}
else
{
- enable_dollar_recipients = TRUE;
-
/* Handle interactive SMTP messages */
if (smtp_input && !smtp_batched_input)
#ifdef EXPERIMENTAL_DOMAINKEYS
dk_exim_verify_finish();
#endif
+#ifdef EXPERIMENTAL_DKIM
+ dkim_exim_verify_finish();
+#endif
#ifdef WITH_CONTENT_SCAN
if (acl_smtp_mime != NULL &&
if (acl_smtp_data != NULL && recipients_count > 0)
{
- uschar *user_msg, *log_msg;
rc = acl_check(ACL_WHERE_DATA, NULL, acl_smtp_data, &user_msg, &log_msg);
add_acl_headers(US"DATA");
if (rc == DISCARD)
if (deliver_freeze) frozen_by = US"ACL"; /* for later logging */
if (queue_only_policy) queued_by = US"ACL";
-
- enable_dollar_recipients = FALSE;
}
#ifdef WITH_CONTENT_SCAN
unspool_mbox();
#endif
+#ifdef EXPERIMENTAL_DCC
+dcc_ok = 0;
+#endif
+
+
/* The final check on the message is to run the scan_local() function. The
version supplied with Exim always accepts, but this is a hook for sysadmins to
supply their own checking code. The local_scan() function is run even when all
alarm(0);
os_non_restarting_signal(SIGALRM, sigalrm_handler);
+enable_dollar_recipients = FALSE;
+
store_pool = POOL_MAIN; /* In case changed */
DEBUG(D_receive) debug_printf("local_scan() returned %d %s\n", rc,
local_scan_data);
if (rc == LOCAL_SCAN_ACCEPT_FREEZE)
{
- if (!deliver_freeze) /* ACL might have already frozen */
+ if (!deliver_freeze) /* ACL might have already frozen */
{
deliver_freeze = TRUE;
deliver_frozen_at = time(NULL);
s = string_append(s, &size, &sptr, 2, US" CV=",
tls_certificate_verified? "yes":"no");
if ((log_extra_selector & LX_tls_peerdn) != 0 && tls_peerdn != NULL)
- s = string_append(s, &size, &sptr, 3, US" DN=\"", tls_peerdn, US"\"");
+ s = string_append(s, &size, &sptr, 3, US" DN=\"",
+ string_printing(tls_peerdn), US"\"");
#endif
if (sender_host_authenticated != NULL)
s[sptr] = 0;
-/* While writing to the log, set a flag to cause a call to receive_bomb_out()
-if the log cannot be opened. */
-
-receive_call_bombout = TRUE;
-log_write(0, LOG_MAIN |
- (((log_extra_selector & LX_received_recipients) != 0)? LOG_RECIPIENTS : 0) |
- (((log_extra_selector & LX_received_sender) != 0)? LOG_SENDER : 0),
- "%s", s);
-receive_call_bombout = FALSE;
-
-/* Log any control actions taken by an ACL or local_scan(). */
-
-if (deliver_freeze) log_write(0, LOG_MAIN, "frozen by %s", frozen_by);
-if (queue_only_policy) log_write(L_delay_delivery, LOG_MAIN,
- "no immediate delivery: queued by %s", queued_by);
-
/* Create a message log file if message logs are being used and this message is
not blackholed. Write the reception stuff to it. We used to leave message log
creation until the first delivery, but this has proved confusing for somep
}
}
+/* Everything has now been done for a successful message except logging its
+arrival, and outputting an SMTP response. While writing to the log, set a flag
+to cause a call to receive_bomb_out() if the log cannot be opened. */
+
+receive_call_bombout = TRUE;
+
+/* Before sending an SMTP response in a TCP/IP session, we check to see if the
+connection has gone away. This can only be done if there is no unconsumed input
+waiting in the local input buffer. We can test for this by calling
+receive_smtp_buffered(). RFC 2920 (pipelining) explicitly allows for additional
+input to be sent following the final dot, so the presence of following input is
+not an error.
+
+If the connection is still present, but there is no unread input for the
+socket, the result of a select() call will be zero. If, however, the connection
+has gone away, or if there is pending input, the result of select() will be
+non-zero. The two cases can be distinguished by trying to read the next input
+character. If we succeed, we can unread it so that it remains in the local
+buffer for handling later. If not, the connection has been lost.
+
+Of course, since TCP/IP is asynchronous, there is always a chance that the
+connection will vanish between the time of this test and the sending of the
+response, but the chance of this happening should be small. */
+
+if (smtp_input && sender_host_address != NULL && !sender_host_notsocket &&
+ !receive_smtp_buffered())
+ {
+ struct timeval tv;
+ fd_set select_check;
+ FD_ZERO(&select_check);
+ FD_SET(fileno(smtp_in), &select_check);
+ tv.tv_sec = 0;
+ tv.tv_usec = 0;
+
+ if (select(fileno(smtp_in) + 1, &select_check, NULL, NULL, &tv) != 0)
+ {
+ int c = (RECEIVE_GETC)();
+ if (c != EOF) (RECEIVE_UNGETC)(c); else
+ {
+ uschar *msg = US"SMTP connection lost after final dot";
+ smtp_reply = US""; /* No attempt to send a response */
+ smtp_yield = FALSE; /* Nothing more on this connection */
+
+ /* Re-use the log line workspace */
+
+ sptr = 0;
+ s = string_cat(s, &size, &sptr, msg, Ustrlen(msg));
+ s = add_host_info_for_log(s, &size, &sptr);
+ s[sptr] = 0;
+ log_write(0, LOG_MAIN, "%s", s);
+
+ /* Delete the files for this aborted message. */
+
+ sprintf(CS spool_name, "%s/input/%s/%s-D", spool_directory,
+ message_subdir, message_id);
+ Uunlink(spool_name);
+
+ sprintf(CS spool_name, "%s/input/%s/%s-H", spool_directory,
+ message_subdir, message_id);
+ Uunlink(spool_name);
+
+ sprintf(CS spool_name, "%s/msglog/%s/%s", spool_directory,
+ message_subdir, message_id);
+ Uunlink(spool_name);
+
+ goto TIDYUP;
+ }
+ }
+ }
+
+/* The connection has not gone away; we really are going to take responsibility
+for this message. */
+
+log_write(0, LOG_MAIN |
+ (((log_extra_selector & LX_received_recipients) != 0)? LOG_RECIPIENTS : 0) |
+ (((log_extra_selector & LX_received_sender) != 0)? LOG_SENDER : 0),
+ "%s", s);
+receive_call_bombout = FALSE;
+
+/* Log any control actions taken by an ACL or local_scan(). */
+
+if (deliver_freeze) log_write(0, LOG_MAIN, "frozen by %s", frozen_by);
+if (queue_only_policy) log_write(L_delay_delivery, LOG_MAIN,
+ "no immediate delivery: queued by %s", queued_by);
+
store_reset(s); /* The store for the main log message can be reused */
/* If the message is frozen, and freeze_tell is set, do the telling. */
/* Either a message has been successfully received and written to the two spool
files, or an error in writing the spool has occurred for an SMTP message, or
-an SMTP message has been rejected because of a bad sender. (For a non-SMTP
-message we will have already given up because there's no point in carrying on!)
-In either event, we must now close (and thereby unlock) the data file. In the
+an SMTP message has been rejected for policy reasons. (For a non-SMTP message
+we will have already given up because there's no point in carrying on!) In
+either event, we must now close (and thereby unlock) the data file. In the
successful case, this leaves the message on the spool, ready for delivery. In
the error case, the spool file will be deleted. Then tidy up store, interact
with an SMTP call if necessary, and return.
yield = smtp_yield;
/* Handle interactive SMTP callers. After several kinds of error, smtp_reply
- is set to the response. However, after an ACL error or local_scan() error,
- the response has already been sent, and smtp_reply is an empty string to
- indicate this. */
+ is set to the response that should be sent. When it is NULL, we generate
+ default responses. After an ACL error or local_scan() error, the response has
+ already been sent, and smtp_reply is an empty string to indicate this. */
if (!smtp_batched_input)
{
if (fake_response != OK)
smtp_respond((fake_response == DEFER)? US"450" : US"550", 3, TRUE,
fake_response_text);
+
+ /* An OK response is required; use "message" text if present. */
+
+ else if (user_msg != NULL)
+ {
+ uschar *code = US"250";
+ int len = 3;
+ smtp_message_code(&code, &len, &user_msg, NULL);
+ smtp_respond(code, len, TRUE, user_msg);
+ }
+
+ /* Default OK response */
+
else
smtp_printf("250 OK id=%s\r\n", message_id);
if (host_checking)
fprintf(stdout,
"\n**** SMTP testing: that is not a real message id!\n\n");
}
+
+ /* smtp_reply is set non-empty */
+
else if (smtp_reply[0] != 0)
{
if (fake_response != OK && (smtp_reply[0] == '2'))
git://git.exim.org / exim.git / blobdiff