-/* $Cambridge: exim/src/src/deliver.c,v 1.23 2005/11/14 13:56:49 ph10 Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2014 */
/* See the file NOTICE for conditions of use and distribution. */
/* The main code for delivering a message. */
static address_item *addr_remote = NULL;
static address_item *addr_route = NULL;
static address_item *addr_succeed = NULL;
+#ifdef EXPERIMENTAL_DSN
+static address_item *addr_dsntmp = NULL;
+static address_item *addr_senddsn = NULL;
+#endif
static FILE *message_log = NULL;
static BOOL update_spool;
}
/* For multiple addresses, don't set local part, and leave the domain and
-self_hostname set only if it is the same for all of them. */
+self_hostname set only if it is the same for all of them. It is possible to
+have multiple pipe and file addresses, but only when all addresses have routed
+to the same pipe or file. */
else
{
address_item *addr2;
+ if (testflag(addr, af_pfr))
+ {
+ if (testflag(addr, af_file)) address_file = addr->local_part;
+ else if (addr->local_part[0] == '|') address_pipe = addr->local_part;
+ }
for (addr2 = addr->next; addr2 != NULL; addr2 = addr2->next)
{
if (deliver_domain != NULL &&
{
if (Ustrcmp(addr->unique, dup->unique) == 0)
{
- tree_add_nonrecipient(dup->address);
+ tree_add_nonrecipient(dup->unique);
child_done(dup, now);
}
}
+static uschar *
+d_hostlog(uschar * s, int * sizep, int * ptrp, address_item * addr)
+{
+ s = string_append(s, sizep, ptrp, 5, US" H=", addr->host_used->name,
+ US" [", addr->host_used->address, US"]");
+ if ((log_extra_selector & LX_outgoing_port) != 0)
+ s = string_append(s, sizep, ptrp, 2, US":", string_sprintf("%d",
+ addr->host_used->port));
+ return s;
+}
+
+#ifdef SUPPORT_TLS
+static uschar *
+d_tlslog(uschar * s, int * sizep, int * ptrp, address_item * addr)
+{
+ if ((log_extra_selector & LX_tls_cipher) != 0 && addr->cipher != NULL)
+ s = string_append(s, sizep, ptrp, 2, US" X=", addr->cipher);
+ if ((log_extra_selector & LX_tls_certificate_verified) != 0 &&
+ addr->cipher != NULL)
+ s = string_append(s, sizep, ptrp, 2, US" CV=",
+ testflag(addr, af_cert_verified)? "yes":"no");
+ if ((log_extra_selector & LX_tls_peerdn) != 0 && addr->peerdn != NULL)
+ s = string_append(s, sizep, ptrp, 3, US" DN=\"",
+ string_printing(addr->peerdn), US"\"");
+ return s;
+}
+#endif
+
+/* If msg is NULL this is a delivery log and logchar is used. Otherwise
+this is a nonstandard call; no two-character delivery flag is written
+but sender-host and sender are prefixed and "msg" is inserted in the log line.
+
+Arguments:
+ flags passed to log_write()
+*/
+void
+delivery_log(int flags, address_item * addr, int logchar, uschar * msg)
+{
+uschar *log_address;
+int size = 256; /* Used for a temporary, */
+int ptr = 0; /* expanding buffer, for */
+uschar *s; /* building log lines; */
+void *reset_point; /* released afterwards. */
+
+
+/* Log the delivery on the main log. We use an extensible string to build up
+the log line, and reset the store afterwards. Remote deliveries should always
+have a pointer to the host item that succeeded; local deliveries can have a
+pointer to a single host item in their host list, for use by the transport. */
+
+#ifdef EXPERIMENTAL_TPDA
+ tpda_delivery_ip = NULL; /* presume no successful remote delivery */
+ tpda_delivery_port = 0;
+ tpda_delivery_fqdn = NULL;
+ tpda_delivery_local_part = NULL;
+ tpda_delivery_domain = NULL;
+ tpda_delivery_confirmation = NULL;
+ lookup_dnssec_authenticated = NULL;
+#endif
+
+s = reset_point = store_get(size);
+
+log_address = string_log_address(addr, (log_write_selector & L_all_parents) != 0, TRUE);
+if (msg)
+ s = string_append(s, &size, &ptr, 3, host_and_ident(TRUE), US" ", log_address);
+else
+ {
+ s[ptr++] = logchar;
+ s = string_append(s, &size, &ptr, 2, US"> ", log_address);
+ }
+
+if ((log_extra_selector & LX_sender_on_delivery) != 0 || msg)
+ s = string_append(s, &size, &ptr, 3, US" F=<", sender_address, US">");
+
+#ifdef EXPERIMENTAL_SRS
+if(addr->p.srs_sender)
+ s = string_append(s, &size, &ptr, 3, US" SRS=<", addr->p.srs_sender, US">");
+#endif
+
+/* You might think that the return path must always be set for a successful
+delivery; indeed, I did for some time, until this statement crashed. The case
+when it is not set is for a delivery to /dev/null which is optimised by not
+being run at all. */
+
+if (used_return_path != NULL &&
+ (log_extra_selector & LX_return_path_on_delivery) != 0)
+ s = string_append(s, &size, &ptr, 3, US" P=<", used_return_path, US">");
+
+if (msg)
+ s = string_append(s, &size, &ptr, 2, US" ", msg);
+
+/* For a delivery from a system filter, there may not be a router */
+if (addr->router != NULL)
+ s = string_append(s, &size, &ptr, 2, US" R=", addr->router->name);
+
+s = string_append(s, &size, &ptr, 2, US" T=", addr->transport->name);
+
+if ((log_extra_selector & LX_delivery_size) != 0)
+ s = string_append(s, &size, &ptr, 2, US" S=",
+ string_sprintf("%d", transport_count));
+
+/* Local delivery */
+
+if (addr->transport->info->local)
+ {
+ if (addr->host_list != NULL)
+ {
+ s = string_append(s, &size, &ptr, 2, US" H=", addr->host_list->name);
+ #ifdef EXPERIMENTAL_TPDA
+ tpda_delivery_fqdn = addr->host_list->name;
+ #endif
+ }
+ if (addr->shadow_message != NULL)
+ s = string_cat(s, &size, &ptr, addr->shadow_message,
+ Ustrlen(addr->shadow_message));
+ }
+
+/* Remote delivery */
+
+else
+ {
+ if (addr->host_used)
+ {
+ s = d_hostlog(s, &size, &ptr, addr);
+ if (continue_sequence > 1)
+ s = string_cat(s, &size, &ptr, US"*", 1);
+
+ #ifdef EXPERIMENTAL_TPDA
+ tpda_delivery_ip = addr->host_used->address;
+ tpda_delivery_port = addr->host_used->port;
+ tpda_delivery_fqdn = addr->host_used->name;
+ tpda_delivery_local_part = addr->local_part;
+ tpda_delivery_domain = addr->domain;
+ tpda_delivery_confirmation = addr->message;
+
+ /* DNS lookup status */
+ lookup_dnssec_authenticated = addr->host_used->dnssec==DS_YES ? US"yes"
+ : addr->host_used->dnssec==DS_NO ? US"no"
+ : NULL;
+ #endif
+ }
+
+ #ifdef SUPPORT_TLS
+ s = d_tlslog(s, &size, &ptr, addr);
+ #endif
+
+ if (addr->authenticator)
+ {
+ s = string_append(s, &size, &ptr, 2, US" A=", addr->authenticator);
+ if (addr->auth_id)
+ {
+ s = string_append(s, &size, &ptr, 2, US":", addr->auth_id);
+ if (log_extra_selector & LX_smtp_mailauth && addr->auth_sndr)
+ s = string_append(s, &size, &ptr, 2, US":", addr->auth_sndr);
+ }
+ }
+
+ #ifndef DISABLE_PRDR
+ if (addr->flags & af_prdr_used)
+ s = string_append(s, &size, &ptr, 1, US" PRDR");
+ #endif
+ }
+
+/* confirmation message (SMTP (host_used) and LMTP (driver_name)) */
+
+if ((log_extra_selector & LX_smtp_confirmation) != 0 &&
+ addr->message != NULL &&
+ ((addr->host_used != NULL) || (Ustrcmp(addr->transport->driver_name, "lmtp") == 0)))
+ {
+ int i;
+ uschar *p = big_buffer;
+ uschar *ss = addr->message;
+ *p++ = '\"';
+ for (i = 0; i < 100 && ss[i] != 0; i++)
+ {
+ if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\';
+ *p++ = ss[i];
+ }
+ *p++ = '\"';
+ *p = 0;
+ s = string_append(s, &size, &ptr, 2, US" C=", big_buffer);
+ }
+
+/* Time on queue and actual time taken to deliver */
+
+if ((log_extra_selector & LX_queue_time) != 0)
+ {
+ s = string_append(s, &size, &ptr, 2, US" QT=",
+ readconf_printtime(time(NULL) - received_time));
+ }
+
+if ((log_extra_selector & LX_deliver_time) != 0)
+ {
+ s = string_append(s, &size, &ptr, 2, US" DT=",
+ readconf_printtime(addr->more_errno));
+ }
+
+/* string_cat() always leaves room for the terminator. Release the
+store we used to build the line after writing it. */
+
+s[ptr] = 0;
+log_write(0, flags, "%s", s);
+
+#ifdef EXPERIMENTAL_TPDA
+if (addr->transport->tpda_delivery_action)
+ {
+ DEBUG(D_deliver)
+ debug_printf(" TPDA(Delivery): tpda_deliver_action=|%s| tpda_delivery_IP=%s\n",
+ addr->transport->tpda_delivery_action, tpda_delivery_ip);
+
+ router_name = addr->router->name;
+ transport_name = addr->transport->name;
+ if (!expand_string(addr->transport->tpda_delivery_action) && *expand_string_message)
+ log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand tpda_deliver_action in %s: %s\n",
+ transport_name, expand_string_message);
+ router_name = NULL;
+ transport_name = NULL;
+ }
+#endif
+store_reset(reset_point);
+return;
+}
+
+
+
/*************************************************
* Actions at the end of handling an address *
*************************************************/
if (addr->message != NULL)
{
addr->message = string_printing(addr->message);
- if (Ustrstr(addr->message, "failed to expand") != NULL &&
- (Ustrstr(addr->message, "ldap:") != NULL ||
+ if (((Ustrstr(addr->message, "failed to expand") != NULL) || (Ustrstr(addr->message, "expansion of ") != NULL)) &&
+ (Ustrstr(addr->message, "mysql") != NULL ||
+ Ustrstr(addr->message, "pgsql") != NULL ||
+#ifdef EXPERIMENTAL_REDIS
+ Ustrstr(addr->message, "redis") != NULL ||
+#endif
+ Ustrstr(addr->message, "sqlite") != NULL ||
+ Ustrstr(addr->message, "ldap:") != NULL ||
Ustrstr(addr->message, "ldapdn:") != NULL ||
Ustrstr(addr->message, "ldapm:") != NULL))
{
- uschar *p = Ustrstr(addr->message, "pass=");
- if (p != NULL)
- {
- p += 5;
- while (*p != 0 && !isspace(*p)) *p++ = 'x';
- }
+ addr->message = string_sprintf("Temporary internal error");
}
}
{
BOOL return_output = FALSE;
struct stat statbuf;
- fsync(addr->return_file);
+ (void)EXIMfsync(addr->return_file);
/* If there is no output, do nothing. */
(void)close(addr->return_file);
}
-/* Create the address string for logging. Must not do this earlier, because
-an OK result may be changed to FAIL when a pipe returns text. */
-
-log_address = string_log_address(addr,
- (log_write_selector & L_all_parents) != 0, result == OK);
-
-/* The sucess case happens only after delivery by a transport. */
+/* The success case happens only after delivery by a transport. */
if (result == OK)
{
DEBUG(D_deliver) debug_printf("%s delivered\n", addr->address);
if (addr->parent == NULL)
- {
deliver_msglog("%s %s: %s%s succeeded\n", now, addr->address,
driver_name, driver_kind);
- }
else
{
deliver_msglog("%s %s <%s>: %s%s succeeded\n", now, addr->address,
child_done(addr, now);
}
- /* Log the delivery on the main log. We use an extensible string to build up
- the log line, and reset the store afterwards. Remote deliveries should always
- have a pointer to the host item that succeeded; local deliveries can have a
- pointer to a single host item in their host list, for use by the transport. */
-
- s = reset_point = store_get(size);
- s[ptr++] = logchar;
-
- s = string_append(s, &size, &ptr, 2, US"> ", log_address);
-
- if ((log_extra_selector & LX_sender_on_delivery) != 0)
- s = string_append(s, &size, &ptr, 3, US" F=<", sender_address, US">");
-
- #ifdef EXPERIMENTAL_SRS
- if(addr->p.srs_sender)
- s = string_append(s, &size, &ptr, 3, US" SRS=<", addr->p.srs_sender, US">");
+ /* Certificates for logging (via TPDA) */
+ #ifdef SUPPORT_TLS
+ tls_out.ourcert = addr->ourcert;
+ addr->ourcert = NULL;
+ tls_out.peercert = addr->peercert;
+ addr->peercert = NULL;
+
+ tls_out.cipher = addr->cipher;
+ tls_out.peerdn = addr->peerdn;
+ tls_out.ocsp = addr->ocsp;
#endif
- /* You might think that the return path must always be set for a successful
- delivery; indeed, I did for some time, until this statement crashed. The case
- when it is not set is for a delivery to /dev/null which is optimised by not
- being run at all. */
-
- if (used_return_path != NULL &&
- (log_extra_selector & LX_return_path_on_delivery) != 0)
- s = string_append(s, &size, &ptr, 3, US" P=<", used_return_path, US">");
-
- /* For a delivery from a system filter, there may not be a router */
-
- if (addr->router != NULL)
- s = string_append(s, &size, &ptr, 2, US" R=", addr->router->name);
-
- s = string_append(s, &size, &ptr, 2, US" T=", addr->transport->name);
-
- if ((log_extra_selector & LX_delivery_size) != 0)
- s = string_append(s, &size, &ptr, 2, US" S=",
- string_sprintf("%d", transport_count));
+ delivery_log(LOG_MAIN, addr, logchar, NULL);
- /* Local delivery */
-
- if (addr->transport->info->local)
- {
- if (addr->host_list != NULL)
- s = string_append(s, &size, &ptr, 2, US" H=", addr->host_list->name);
- if (addr->shadow_message != NULL)
- s = string_cat(s, &size, &ptr, addr->shadow_message,
- Ustrlen(addr->shadow_message));
- }
-
- /* Remote delivery */
-
- else
- {
- if (addr->host_used != NULL)
- {
- s = string_append(s, &size, &ptr, 5, US" H=", addr->host_used->name,
- US" [", addr->host_used->address, US"]");
- if ((log_extra_selector & LX_outgoing_port) != 0)
- s = string_append(s, &size, &ptr, 2, US":", string_sprintf("%d",
- addr->host_used->port));
- if (continue_sequence > 1)
- s = string_cat(s, &size, &ptr, US"*", 1);
- }
-
- #ifdef SUPPORT_TLS
- if ((log_extra_selector & LX_tls_cipher) != 0 && addr->cipher != NULL)
- s = string_append(s, &size, &ptr, 2, US" X=", addr->cipher);
- if ((log_extra_selector & LX_tls_certificate_verified) != 0 &&
- addr->cipher != NULL)
- s = string_append(s, &size, &ptr, 2, US" CV=",
- testflag(addr, af_cert_verified)? "yes":"no");
- if ((log_extra_selector & LX_tls_peerdn) != 0 && addr->peerdn != NULL)
- s = string_append(s, &size, &ptr, 3, US" DN=\"", addr->peerdn, US"\"");
- #endif
-
- if ((log_extra_selector & LX_smtp_confirmation) != 0 &&
- addr->message != NULL)
- {
- int i;
- uschar *p = big_buffer;
- uschar *ss = addr->message;
- *p++ = '\"';
- for (i = 0; i < 100 && ss[i] != 0; i++)
- {
- if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\';
- *p++ = ss[i];
- }
- *p++ = '\"';
- *p = 0;
- s = string_append(s, &size, &ptr, 2, US" C=", big_buffer);
- }
- }
-
- /* Time on queue and actual time taken to deliver */
-
- if ((log_extra_selector & LX_queue_time) != 0)
+ #ifdef SUPPORT_TLS
+ if (tls_out.ourcert)
{
- s = string_append(s, &size, &ptr, 2, US" QT=",
- readconf_printtime(time(NULL) - received_time));
+ tls_free_cert(tls_out.ourcert);
+ tls_out.ourcert = NULL;
}
-
- if ((log_extra_selector & LX_deliver_time) != 0)
+ if (tls_out.peercert)
{
- s = string_append(s, &size, &ptr, 2, US" DT=",
- readconf_printtime(addr->more_errno));
+ tls_free_cert(tls_out.peercert);
+ tls_out.peercert = NULL;
}
-
- /* string_cat() always leaves room for the terminator. Release the
- store we used to build the line after writing it. */
-
- s[ptr] = 0;
- log_write(0, LOG_MAIN, "%s", s);
- store_reset(reset_point);
+ tls_out.cipher = NULL;
+ tls_out.peerdn = NULL;
+ tls_out.ocsp = OCSP_NOT_REQ;
+ #endif
}
log. */
s = reset_point = store_get(size);
+
+ /* Create the address string for logging. Must not do this earlier, because
+ an OK result may be changed to FAIL when a pipe returns text. */
+
+ log_address = string_log_address(addr,
+ (log_write_selector & L_all_parents) != 0, result == OK);
+
s = string_cat(s, &size, &ptr, log_address, Ustrlen(log_address));
/* Either driver_name contains something and driver_kind contains
/* Build up the log line for the message and main logs */
s = reset_point = store_get(size);
+
+ /* Create the address string for logging. Must not do this earlier, because
+ an OK result may be changed to FAIL when a pipe returns text. */
+
+ log_address = string_log_address(addr,
+ (log_write_selector & L_all_parents) != 0, result == OK);
+
s = string_cat(s, &size, &ptr, log_address, Ustrlen(log_address));
if ((log_extra_selector & LX_sender_on_delivery) != 0)
if (used_return_path != NULL &&
(log_extra_selector & LX_return_path_on_delivery) != 0)
- {
s = string_append(s, &size, &ptr, 3, US" P=<", used_return_path, US">");
- }
if (addr->router != NULL)
s = string_append(s, &size, &ptr, 2, US" R=", addr->router->name);
s = string_append(s, &size, &ptr, 2, US" T=", addr->transport->name);
if (addr->host_used != NULL)
- s = string_append(s, &size, &ptr, 5, US" H=", addr->host_used->name,
- US" [", addr->host_used->address, US"]");
+ s = d_hostlog(s, &size, &ptr, addr);
+
+ #ifdef SUPPORT_TLS
+ s = d_tlslog(s, &size, &ptr, addr);
+ #endif
if (addr->basic_errno > 0)
s = string_append(s, &size, &ptr, 2, US": ",
va_start(ap, format);
if (!string_vformat(buffer, sizeof(buffer), CS format, ap))
log_write(0, LOG_MAIN|LOG_PANIC_DIE,
- "common_error expansion was longer than %d", sizeof(buffer));
+ "common_error expansion was longer than " SIZE_T_FMT, sizeof(buffer));
va_end(ap);
addr->message = string_copy(buffer);
}
}
}
+/* If the transport did not set a group, see if the router did. */
+
+if (!gid_set && testflag(addr, af_gid_set))
+ {
+ *gidp = addr->gid;
+ gid_set = TRUE;
+ }
+
/* Pick up a uid from the transport if one is set. */
if (tp->uid_set) *uidp = tp->uid;
}
}
-/* Otherwise see if the address specifies the uid and if so, take its
-initgroups flag. The gid from the address is taken only if the transport hasn't
-set it. In other words, a gid on the transport overrides the gid on the
-address. */
+/* Otherwise see if the address specifies the uid and if so, take it and its
+initgroups flag. */
else if (testflag(addr, af_uid_set))
{
*uidp = addr->uid;
*igfp = testflag(addr, af_initgroups);
- if (!gid_set)
- {
- *gidp = addr->gid;
- gid_set = TRUE;
- }
}
/* Nothing has specified the uid - default to the Exim user, and group if the
}
}
-/* If no gid is set, it is a disaster. */
+/* If no gid is set, it is a disaster. We default to the Exim gid only if
+defaulting to the Exim uid. In other words, if the configuration has specified
+a uid, it must also provide a gid. */
if (!gid_set)
{
int size_limit;
deliver_set_expansions(addr);
-size_limit = expand_string_integer(tp->message_size_limit);
+size_limit = expand_string_integer(tp->message_size_limit, TRUE);
deliver_set_expansions(NULL);
-if (size_limit < 0)
+if (expand_string_message != NULL)
{
rc = DEFER;
if (size_limit == -1)
+/******************************************************
+* Check for a given header in a header string *
+******************************************************/
+
+/* This function is used when generating quota warnings. The configuration may
+specify any header lines it likes in quota_warn_message. If certain of them are
+missing, defaults are inserted, so we need to be able to test for the presence
+of a given header.
+
+Arguments:
+ hdr the required header name
+ hstring the header string
+
+Returns: TRUE the header is in the string
+ FALSE the header is not in the string
+*/
+
+static BOOL
+contains_header(uschar *hdr, uschar *hstring)
+{
+int len = Ustrlen(hdr);
+uschar *p = hstring;
+while (*p != 0)
+ {
+ if (strncmpic(p, hdr, len) == 0)
+ {
+ p += len;
+ while (*p == ' ' || *p == '\t') p++;
+ if (*p == ':') return TRUE;
+ }
+ while (*p != 0 && *p != '\n') p++;
+ if (*p == '\n') p++;
+ }
+return FALSE;
+}
+
+
+
/*************************************************
* Perform a local delivery *
if (!findugid(addr, tp, &uid, &gid, &use_initgroups)) return;
-/* See if either the transport or the address specifies a home and/or a current
-working directory. Expand it if necessary. If nothing is set, use "/", for the
-working directory, which is assumed to be a directory to which all users have
-access. It is necessary to be in a visible directory for some operating systems
-when running pipes, as some commands (e.g. "rm" under Solaris 2.5) require
-this. */
+/* See if either the transport or the address specifies a home directory. A
+home directory set in the address may already be expanded; a flag is set to
+indicate that. In other cases we must expand it. */
-deliver_home = (tp->home_dir != NULL)? tp->home_dir :
- (addr->home_dir != NULL)? addr->home_dir : NULL;
-
-if (deliver_home != NULL && !testflag(addr, af_home_expanded))
+if ((deliver_home = tp->home_dir) != NULL || /* Set in transport, or */
+ ((deliver_home = addr->home_dir) != NULL && /* Set in address and */
+ !testflag(addr, af_home_expanded))) /* not expanded */
{
uschar *rawhome = deliver_home;
deliver_home = NULL; /* in case it contains $home */
}
}
-working_directory = (tp->current_dir != NULL)? tp->current_dir :
- (addr->current_dir != NULL)? addr->current_dir : NULL;
+/* See if either the transport or the address specifies a current directory,
+and if so, expand it. If nothing is set, use the home directory, unless it is
+also unset in which case use "/", which is assumed to be a directory to which
+all users have access. It is necessary to be in a visible directory for some
+operating systems when running pipes, as some commands (e.g. "rm" under Solaris
+2.5) require this. */
+
+working_directory = (tp->current_dir != NULL)?
+ tp->current_dir : addr->current_dir;
if (working_directory != NULL)
{
HP-UX doesn't have RLIMIT_CORE; I don't know how to do this in that
system. Some experimental/developing systems (e.g. GNU/Hurd) may define
RLIMIT_CORE but not support it in setrlimit(). For such systems, do not
- complain if the error is "not supported". */
+ complain if the error is "not supported".
+
+ There are two scenarios where changing the max limit has an effect. In one,
+ the user is using a .forward and invoking a command of their choice via pipe;
+ for these, we do need the max limit to be 0 unless the admin chooses to
+ permit an increased limit. In the other, the command is invoked directly by
+ the transport and is under administrator control, thus being able to raise
+ the limit aids in debugging. So there's no general always-right answer.
+
+ Thus we inhibit core-dumps completely but let individual transports, while
+ still root, re-raise the limits back up to aid debugging. We make the
+ default be no core-dumps -- few enough people can use core dumps in
+ diagnosis that it's reasonable to make them something that has to be explicitly requested.
+ */
#ifdef RLIMIT_CORE
struct rlimit rl;
if (addr->transport->setup != NULL)
{
- switch((addr->transport->setup)(addr->transport, addr, NULL,
+ switch((addr->transport->setup)(addr->transport, addr, NULL, uid, gid,
&(addr->message)))
{
case DEFER:
set_process_info("delivering %s to %s using %s", message_id,
addr->local_part, addr->transport->name);
+ /* Setting this global in the subprocess means we need never clear it */
+ transport_name = addr->transport->name;
+
/* If a transport filter has been specified, set up its argument list.
Any errors will get put into the address, and FALSE yielded. */
int i;
int local_part_length = Ustrlen(addr2->local_part);
uschar *s;
+ int ret;
- (void)write(pfd[pipe_write], (void *)&(addr2->transport_return), sizeof(int));
- (void)write(pfd[pipe_write], (void *)&transport_count, sizeof(transport_count));
- (void)write(pfd[pipe_write], (void *)&(addr2->flags), sizeof(addr2->flags));
- (void)write(pfd[pipe_write], (void *)&(addr2->basic_errno), sizeof(int));
- (void)write(pfd[pipe_write], (void *)&(addr2->more_errno), sizeof(int));
- (void)write(pfd[pipe_write], (void *)&(addr2->special_action), sizeof(int));
- (void)write(pfd[pipe_write], (void *)&(addr2->transport),
- sizeof(transport_instance *));
+ if( (ret = write(pfd[pipe_write], (void *)&(addr2->transport_return), sizeof(int))) != sizeof(int)
+ || (ret = write(pfd[pipe_write], (void *)&transport_count, sizeof(transport_count))) != sizeof(transport_count)
+ || (ret = write(pfd[pipe_write], (void *)&(addr2->flags), sizeof(addr2->flags))) != sizeof(addr2->flags)
+ || (ret = write(pfd[pipe_write], (void *)&(addr2->basic_errno), sizeof(int))) != sizeof(int)
+ || (ret = write(pfd[pipe_write], (void *)&(addr2->more_errno), sizeof(int))) != sizeof(int)
+ || (ret = write(pfd[pipe_write], (void *)&(addr2->special_action), sizeof(int))) != sizeof(int)
+ || (ret = write(pfd[pipe_write], (void *)&(addr2->transport),
+ sizeof(transport_instance *))) != sizeof(transport_instance *)
/* For a file delivery, pass back the local part, in case the original
was only part of the final delivery path. This gives more complete
logging. */
- if (testflag(addr2, af_file))
- {
- (void)write(pfd[pipe_write], (void *)&local_part_length, sizeof(int));
- (void)write(pfd[pipe_write], addr2->local_part, local_part_length);
- }
+ || (testflag(addr2, af_file)
+ && ( (ret = write(pfd[pipe_write], (void *)&local_part_length, sizeof(int))) != sizeof(int)
+ || (ret = write(pfd[pipe_write], addr2->local_part, local_part_length)) != local_part_length
+ )
+ )
+ )
+ log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s\n",
+ ret == -1 ? strerror(errno) : "short write");
/* Now any messages */
for (i = 0, s = addr2->message; i < 2; i++, s = addr2->user_message)
{
int message_length = (s == NULL)? 0 : Ustrlen(s) + 1;
- (void)write(pfd[pipe_write], (void *)&message_length, sizeof(int));
- if (message_length > 0) (void)write(pfd[pipe_write], s, message_length);
+ if( (ret = write(pfd[pipe_write], (void *)&message_length, sizeof(int))) != sizeof(int)
+ || (message_length > 0 && (ret = write(pfd[pipe_write], s, message_length)) != message_length)
+ )
+ log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s\n",
+ ret == -1 ? strerror(errno) : "short write");
}
}
/* Ensure the journal file is pushed out to disk. */
- if (fsync(journal_fd) < 0)
+ if (EXIMfsync(journal_fd) < 0)
log_write(0, LOG_MAIN|LOG_PANIC, "failed to fsync journal: %s",
strerror(errno));
}
if (pid > 0)
{
FILE *f = fdopen(fd, "wb");
-
- if (errors_reply_to != NULL)
+ if (errors_reply_to != NULL &&
+ !contains_header(US"Reply-To", warn_message))
fprintf(f, "Reply-To: %s\n", errors_reply_to);
fprintf(f, "Auto-Submitted: auto-replied\n");
- fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
- qualify_domain_sender);
+ if (!contains_header(US"From", warn_message)) moan_write_from(f);
fprintf(f, "%s", CS warn_message);
/* Close and wait for child process to complete, without a timeout. */
disable_logging = tp->disable_logging;
- /* Check for batched addresses and possible amalgamation. File deliveries can
- never be batched. Skip all the work if either batch_max <= 1 or there aren't
- any other addresses for local delivery. */
+ /* Check for batched addresses and possible amalgamation. Skip all the work
+ if either batch_max <= 1 or there aren't any other addresses for local
+ delivery. */
- if (!testflag(addr, af_file) && tp->batch_max > 1 && addr_local != NULL)
+ if (tp->batch_max > 1 && addr_local != NULL)
{
int batch_count = 1;
BOOL uses_dom = readconf_depends((driver_instance *)tp, US"domain");
- BOOL uses_lp = readconf_depends((driver_instance *)tp, US"local_part");
+ BOOL uses_lp = (testflag(addr, af_pfr) &&
+ (testflag(addr, af_file) || addr->local_part[0] == '|')) ||
+ readconf_depends((driver_instance *)tp, US"local_part");
uschar *batch_id = NULL;
address_item **anchor = &addr_local;
address_item *last = addr;
same transport
not previously delivered (see comment about 50 lines above)
same local part if the transport's configuration contains $local_part
+ or if this is a file or pipe delivery from a redirection
same domain if the transport's configuration contains $domain
same errors address
same additional headers
BOOL ok =
tp == next->transport &&
!previously_transported(next, TRUE) &&
+ (addr->flags & (af_pfr|af_file)) == (next->flags & (af_pfr|af_file)) &&
(!uses_lp || Ustrcmp(next->local_part, addr->local_part) == 0) &&
(!uses_dom || Ustrcmp(next->domain, addr->domain) == 0) &&
same_strings(next->p.errors_address, addr->p.errors_address) &&
DEBUG(D_retry)
{
- debug_printf("retry record exists: age=%d (max=%d)\n",
- (int)(now - retry_record->time_stamp), retry_data_expire);
- debug_printf(" time to retry = %d expired = %d\n",
- (int)(now - retry_record->next_try), retry_record->expired);
+ debug_printf("retry record exists: age=%s ",
+ readconf_printtime(now - retry_record->time_stamp));
+ debug_printf("(max %s)\n", readconf_printtime(retry_data_expire));
+ debug_printf(" time to retry = %s expired = %d\n",
+ readconf_printtime(retry_record->next_try - now),
+ retry_record->expired);
}
if (queue_running && !deliver_force)
to do, which is for the ultimate address timeout. */
if (!ok)
- {
- retry_config *retry =
- retry_find_config(retry_key+2, addr2->domain,
- retry_record->basic_errno,
- retry_record->more_errno);
-
- DEBUG(D_deliver|D_retry)
- debug_printf("retry time not reached for %s: "
- "checking ultimate address timeout\n", addr2->address);
-
- if (retry != NULL && retry->rules != NULL)
- {
- retry_rule *last_rule;
- for (last_rule = retry->rules;
- last_rule->next != NULL;
- last_rule = last_rule->next);
- if (now - received_time > last_rule->timeout) ok = TRUE;
- }
- else ok = TRUE; /* No rule => timed out */
-
- DEBUG(D_deliver|D_retry)
- {
- if (ok) debug_printf("on queue longer than maximum retry for "
- "address - allowing delivery\n");
- }
- }
+ ok = retry_ultimate_address_timeout(retry_key, addr2->domain,
+ retry_record, now);
}
}
else DEBUG(D_retry) debug_printf("no retry record exists\n");
#ifdef SUPPORT_TLS
case 'X':
- if (addr == NULL) goto ADDR_MISMATCH; /* Below, in 'A' handler */
- addr->cipher = (*ptr)? string_copy(ptr) : NULL;
+ if (addr == NULL) goto ADDR_MISMATCH; /* Below, in 'A' handler */
+ switch (*ptr++)
+ {
+ case '1':
+ addr->cipher = NULL;
+ addr->peerdn = NULL;
+
+ if (*ptr)
+ addr->cipher = string_copy(ptr);
+ while (*ptr++);
+ if (*ptr)
+ addr->peerdn = string_copy(ptr);
+ break;
+
+ case '2':
+ addr->peercert = NULL;
+ if (*ptr)
+ (void) tls_import_cert(ptr, &addr->peercert);
+ break;
+
+ case '3':
+ addr->ourcert = NULL;
+ if (*ptr)
+ (void) tls_import_cert(ptr, &addr->ourcert);
+ break;
+
+ #ifdef EXPERIMENTAL_OCSP
+ case '4':
+ addr->ocsp = OCSP_NOT_REQ;
+ if (*ptr)
+ addr->ocsp = *ptr - '0';
+ break;
+ #endif
+ }
while (*ptr++);
- addr->peerdn = (*ptr)? string_copy(ptr) : NULL;
+ break;
+ #endif /*SUPPORT_TLS*/
+
+ case 'C': /* client authenticator information */
+ switch (*ptr++)
+ {
+ case '1':
+ addr->authenticator = (*ptr)? string_copy(ptr) : NULL;
+ break;
+ case '2':
+ addr->auth_id = (*ptr)? string_copy(ptr) : NULL;
+ break;
+ case '3':
+ addr->auth_sndr = (*ptr)? string_copy(ptr) : NULL;
+ break;
+ }
while (*ptr++);
break;
+
+#ifndef DISABLE_PRDR
+ case 'P':
+ addr->flags |= af_prdr_used;
+ break;
+#endif
+
+ #ifdef EXPERIMENTAL_DSN
+ case 'D':
+ if (addr == NULL) break;
+ memcpy(&(addr->dsn_aware), ptr, sizeof(addr->dsn_aware));
+ ptr += sizeof(addr->dsn_aware);
+ DEBUG(D_deliver) debug_printf("DSN read: addr->dsn_aware = %d\n", addr->dsn_aware);
+ break;
#endif
case 'A':
addr->user_message = (*ptr)? string_copy(ptr) : NULL;
while(*ptr++);
- /* Always two strings for host information, followed by the port number */
+ /* Always two strings for host information, followed by the port number and DNSSEC mark */
if (*ptr != 0)
{
while(*ptr++);
memcpy(&(h->port), ptr, sizeof(h->port));
ptr += sizeof(h->port);
+ h->dnssec = *ptr == '2' ? DS_YES
+ : *ptr == '1' ? DS_NO
+ : DS_UNK;
+ ptr++;
addr->host_used = h;
}
else ptr++;
+static void
+rmt_dlv_checked_write(int fd, void * buf, int size)
+{
+int ret = write(fd, buf, size);
+if(ret != size)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Failed writing transport result to pipe: %s\n",
+ ret == -1 ? strerror(errno) : "short write");
+}
+
/*************************************************
* Do remote deliveries *
*************************************************/
deliver_set_expansions(addr);
+ /* Ensure any transport-set auth info is fresh */
+ addr->authenticator = addr->auth_id = addr->auth_sndr = NULL;
+
/* Compute the return path, expanding a new one if required. The old one
must be set first, as it might be referred to in the expansion. */
else return_path = new_return_path;
}
+ /* Find the uid, gid, and use_initgroups setting for this transport. Failure
+ logs and sets up error messages, so we just post-process and continue with
+ the next address. */
+
+ if (!findugid(addr, tp, &uid, &gid, &use_initgroups))
+ {
+ remote_post_process(addr, LOG_MAIN|LOG_PANIC, NULL, fallback);
+ continue;
+ }
+
/* If this transport has a setup function, call it now so that it gets
run in this process and not in any subprocess. That way, the results of
- any setup that are retained by the transport can be reusable. */
+ any setup that are retained by the transport can be reusable. One of the
+ things the setup does is to set the fallback host lists in the addresses.
+ That is why it is called at this point, before the continue delivery
+ processing, because that might use the fallback hosts. */
if (tp->setup != NULL)
- (void)((tp->setup)(addr->transport, addr, NULL, NULL));
+ (void)((tp->setup)(addr->transport, addr, NULL, uid, gid, NULL));
/* If this is a run to continue delivery down an already-established
channel, check that this set of addresses matches the transport and
transport_filter_argv = NULL;
- /* Find the uid, gid, and use_initgroups setting for this transport. Failure
- logs and sets up error messages, so we just post-process and continue with
- the next address. */
-
- if (!findugid(addr, tp, &uid, &gid, &use_initgroups))
- {
- remote_post_process(addr, LOG_MAIN|LOG_PANIC, NULL, fallback);
- continue;
- }
-
/* Create the pipe for inter-process communication. If pipe creation
fails, it is probably because the value of remote_max_parallel is so
large that too many file descriptors for pipes have been created. Arrange
int fd = pfd[pipe_write];
host_item *h;
- /* There are weird circumstances in which logging is disabled */
+ /* Setting this global in the subprocess means we need never clear it */
+ transport_name = tp->name;
+ /* There are weird circumstances in which logging is disabled */
disable_logging = tp->disable_logging;
/* Show pids on debug output if parallelism possible */
{
if (h->address == NULL || h->status < hstatus_unusable) continue;
sprintf(CS big_buffer, "H%c%c%s", h->status, h->why, h->address);
- (void)write(fd, big_buffer, Ustrlen(big_buffer+3) + 4);
+ rmt_dlv_checked_write(fd, big_buffer, Ustrlen(big_buffer+3) + 4);
}
/* The number of bytes written. This is the same for each address. Even
big_buffer[0] = 'S';
memcpy(big_buffer+1, &transport_count, sizeof(transport_count));
- (void)write(fd, big_buffer, sizeof(transport_count) + 1);
+ rmt_dlv_checked_write(fd, big_buffer, sizeof(transport_count) + 1);
- /* Information about what happened to each address. Three item types are
- used: an optional 'X' item first, for TLS information, followed by 'R'
- items for any retry settings, and finally an 'A' item for the remaining
- data. */
+ /* Information about what happened to each address. Four item types are
+ used: an optional 'X' item first, for TLS information, then an optional "C"
+ item for any client-auth info followed by 'R' items for any retry settings,
+ and finally an 'A' item for the remaining data. */
for(; addr != NULL; addr = addr->next)
{
retry_item *r;
/* The certificate verification status goes into the flags */
-
- if (tls_certificate_verified) setflag(addr, af_cert_verified);
+ if (tls_out.certificate_verified) setflag(addr, af_cert_verified);
/* Use an X item only if there's something to send */
-
#ifdef SUPPORT_TLS
- if (addr->cipher != NULL)
+ if (addr->cipher)
{
ptr = big_buffer;
- *ptr++ = 'X';
- sprintf(CS ptr, "%.128s", addr->cipher);
+ sprintf(CS ptr, "X1%.128s", addr->cipher);
while(*ptr++);
- if (addr->peerdn == NULL) *ptr++ = 0; else
+ if (!addr->peerdn)
+ *ptr++ = 0;
+ else
{
sprintf(CS ptr, "%.512s", addr->peerdn);
while(*ptr++);
}
- (void)write(fd, big_buffer, ptr - big_buffer);
+
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
}
+ if (addr->peercert)
+ {
+ ptr = big_buffer;
+ *ptr++ = 'X'; *ptr++ = '2';
+ if (!tls_export_cert(ptr, big_buffer_size-2, addr->peercert))
+ while(*ptr++);
+ else
+ *ptr++ = 0;
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+ if (addr->ourcert)
+ {
+ ptr = big_buffer;
+ *ptr++ = 'X'; *ptr++ = '3';
+ if (!tls_export_cert(ptr, big_buffer_size-2, addr->ourcert))
+ while(*ptr++);
+ else
+ *ptr++ = 0;
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+ # ifdef EXPERIMENTAL_OCSP
+ if (addr->ocsp > OCSP_NOT_REQ)
+ {
+ ptr = big_buffer;
+ sprintf(CS ptr, "X4%c", addr->ocsp + '0');
+ while(*ptr++);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+ # endif
+ #endif /*SUPPORT_TLS*/
+
+ if (client_authenticator)
+ {
+ ptr = big_buffer;
+ sprintf(CS big_buffer, "C1%.64s", client_authenticator);
+ while(*ptr++);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+ if (client_authenticated_id)
+ {
+ ptr = big_buffer;
+ sprintf(CS big_buffer, "C2%.64s", client_authenticated_id);
+ while(*ptr++);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+ if (client_authenticated_sender)
+ {
+ ptr = big_buffer;
+ sprintf(CS big_buffer, "C3%.64s", client_authenticated_sender);
+ while(*ptr++);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
+ }
+
+ #ifndef DISABLE_PRDR
+ if (addr->flags & af_prdr_used)
+ rmt_dlv_checked_write(fd, "P", 1);
+ #endif
+
+ #ifdef EXPERIMENTAL_DSN
+ big_buffer[0] = 'D';
+ memcpy(big_buffer+1, &addr->dsn_aware, sizeof(addr->dsn_aware));
+ rmt_dlv_checked_write(fd, big_buffer, sizeof(addr->dsn_aware) + 1);
+ DEBUG(D_deliver) debug_printf("DSN write: addr->dsn_aware = %d\n", addr->dsn_aware);
#endif
/* Retry information: for most success cases this will be null. */
sprintf(CS ptr, "%.512s", r->message);
while(*ptr++);
}
- (void)write(fd, big_buffer, ptr - big_buffer);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
}
/* The rest of the information goes in an 'A' item. */
while(*ptr++);
memcpy(ptr, &(addr->host_used->port), sizeof(addr->host_used->port));
ptr += sizeof(addr->host_used->port);
+
+ /* DNS lookup status */
+ *ptr++ = addr->host_used->dnssec==DS_YES ? '2'
+ : addr->host_used->dnssec==DS_NO ? '1' : '0';
+
}
- (void)write(fd, big_buffer, ptr - big_buffer);
+ rmt_dlv_checked_write(fd, big_buffer, ptr - big_buffer);
}
/* Add termination flag, close the pipe, and that's it. The character
big_buffer[0] = 'Z';
big_buffer[1] = (continue_transport == NULL)? '0' : '1';
- (void)write(fd, big_buffer, 2);
+ rmt_dlv_checked_write(fd, big_buffer, 2);
(void)close(fd);
exit(EXIT_SUCCESS);
}
position must be set before calling.
This function used always to print the error. Nowadays we want to restrict it
-to cases such as SMTP errors from a remote host, and errors from :fail: and
-filter "fail". We no longer pass other information willy-nilly in bounce and
-warning messages. Text in user_message is always output; text in message only
-if the af_pass_message flag is set.
+to cases such as LMTP/SMTP errors from a remote host, and errors from :fail:
+and filter "fail". We no longer pass other information willy-nilly in bounce
+and warning messages. Text in user_message is always output; text in message
+only if the af_pass_message flag is set.
Arguments:
addr the address
f the FILE to print on
- s some leading text
+ t some leading text
Returns: nothing
*/
print_address_error(address_item *addr, FILE *f, uschar *t)
{
int count = Ustrlen(t);
-uschar *s = (addr->user_message != NULL)? addr->user_message : addr->message;
+uschar *s = testflag(addr, af_pass_message)? addr->message : NULL;
-if (addr->user_message != NULL)
- s = addr->user_message;
-else
+if (s == NULL)
{
- if (!testflag(addr, af_pass_message) || addr->message == NULL) return;
- s = addr->message;
+ if (addr->user_message != NULL) s = addr->user_message; else return;
}
fprintf(f, "\n %s", t);
/* This function was introduced when the test for duplicate addresses that are
not pipes, files, or autoreplies was moved from the middle of routing to when
routing was complete. That was to fix obscure cases when the routing history
-affects the subsequent routing of identical addresses. If that change has to be
-reversed, this function is no longer needed. For a while, the old code that was
-affected by this change is commented with !!!OLD-DE-DUP!!! so it can be found
-easily.
+affects the subsequent routing of identical addresses. This function is called
+after routing, to check that the final routed addresses are not duplicates.
-This function is called after routing, to check that the final routed addresses
-are not duplicates. If we detect a duplicate, we remember what it is a
-duplicate of. Note that pipe, file, and autoreply de-duplication is handled
-during routing, so we must leave such "addresses" alone here, as otherwise they
-will incorrectly be discarded.
+If we detect a duplicate, we remember what it is a duplicate of. Note that
+pipe, file, and autoreply de-duplication is handled during routing, so we must
+leave such "addresses" alone here, as otherwise they will incorrectly be
+discarded.
Argument: address of list anchor
Returns: nothing
int process_recipients = RECIP_ACCEPT;
open_db dbblock;
open_db *dbm_file;
+extern int acl_where;
uschar *info = (queue_run_pid == (pid_t)0)?
string_sprintf("delivering %s", id) :
update_spool = FALSE;
remove_journal = TRUE;
+/* Set a known context for any ACLs we call via expansions */
+acl_where = ACL_WHERE_DELIVERY;
+
/* Reset the random number generator, so that if several delivery processes are
started from a queue runner that has already used random numbers (for sorting),
they don't all get the same sequence. */
RDO_REWRITE,
NULL, /* No :include: restriction (not used in filter) */
NULL, /* No sieve vacation directory (not sieve!) */
+ NULL, /* No sieve enotify mailto owner (not sieve!) */
NULL, /* No sieve user address (not sieve!) */
NULL, /* No sieve subaddress (not sieve!) */
&ugid, /* uid/gid data */
while (p != NULL)
{
+ if (parent->child_count == SHRT_MAX)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "system filter generated more "
+ "than %d delivery addresses", SHRT_MAX);
parent->child_count++;
p->parent = parent;
if (r->pno >= 0)
new->onetime_parent = recipients_list[r->pno].address;
+ #ifdef EXPERIMENTAL_DSN
+ /* If DSN support is enabled, set the dsn flags and the original receipt
+ to be passed on to other DSN enabled MTAs */
+ new->dsn_flags = r->dsn_flags & rf_dsnflags;
+ new->dsn_orcpt = r->orcpt;
+ DEBUG(D_deliver) debug_printf("DSN: set orcpt: %s flags: %d\n", new->dsn_orcpt, new->dsn_flags);
+ #endif
+
switch (process_recipients)
{
/* RECIP_DEFER is set when a system filter freezes a message. */
if (testflag(addr, af_pfr))
{
- int offset = testflag(addr->parent, af_homonym)? 3:0;
+ /* If an autoreply in a filter could not generate a syntactically valid
+ address, give up forthwith. Set af_ignore_error so that we don't try to
+ generate a bounce. */
+
+ if (testflag(addr, af_bad_reply))
+ {
+ addr->basic_errno = ERRNO_BADADDRESS2;
+ addr->local_part = addr->address;
+ addr->message =
+ US"filter autoreply generated syntactically invalid recipient";
+ setflag(addr, af_ignore_error);
+ (void)post_process_one(addr, FAIL, LOG_MAIN, DTYPE_ROUTER, 0);
+ continue; /* with the next new address */
+ }
/* If two different users specify delivery to the same pipe or file or
autoreply, there should be two different deliveries, so build a unique
duplicate testing and recording delivery, and also for retrying. */
addr->unique =
- string_sprintf("%s:%s", addr->address, addr->parent->unique + offset);
+ string_sprintf("%s:%s", addr->address, addr->parent->unique +
+ (testflag(addr->parent, af_homonym)? 3:0));
addr->address_retry_key = addr->domain_retry_key =
string_sprintf("T:%s", addr->unique);
continue;
}
-
- /* !!!OLD-DE-DUP!!! We used to test for duplicates at this point, in order
- to save effort on routing duplicate addresses. However, facilities have
- been added to Exim so that now two identical addresses that are children of
- other addresses may be routed differently as a result of their previous
- routing history. For example, different redirect routers may have given
- them different redirect_router values, but there are other cases too.
- Therefore, tests for duplicates now take place when routing is complete.
- This is the old code, kept for a while for the record, and in case this
- radical change has to be backed out for some reason. */
-
- #ifdef NEVER
- /* If it's a duplicate, remember what it's a duplicate of */
-
- if ((tnode = tree_search(tree_duplicates, addr->unique)) != NULL)
- {
- DEBUG(D_deliver|D_route)
- debug_printf("%s is a duplicate address: discarded\n", addr->unique);
- addr->dupof = tnode->data.ptr;
- addr->next = addr_duplicate;
- addr_duplicate = addr;
- continue;
- }
-
- /* Record this address, so subsequent duplicates get picked up. */
-
- tree_add_duplicate(addr->unique, addr);
- #endif
-
-
-
/* Get the routing retry status, saving the two retry keys (with and
- without the local part) for subsequent use. Ignore retry records that
- are too old. */
+ without the local part) for subsequent use. If there is no retry record for
+ the standard address routing retry key, we look for the same key with the
+ sender attached, because this form is used by the smtp transport after a
+ 4xx response to RCPT when address_retry_include_sender is true. */
addr->domain_retry_key = string_sprintf("R:%s", addr->domain);
addr->address_retry_key = string_sprintf("R:%s@%s", addr->local_part,
domain_retry_record = dbfn_read(dbm_file, addr->domain_retry_key);
if (domain_retry_record != NULL &&
now - domain_retry_record->time_stamp > retry_data_expire)
- domain_retry_record = NULL;
+ domain_retry_record = NULL; /* Ignore if too old */
address_retry_record = dbfn_read(dbm_file, addr->address_retry_key);
if (address_retry_record != NULL &&
now - address_retry_record->time_stamp > retry_data_expire)
- address_retry_record = NULL;
+ address_retry_record = NULL; /* Ignore if too old */
+
+ if (address_retry_record == NULL)
+ {
+ uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
+ sender_address);
+ address_retry_record = dbfn_read(dbm_file, altkey);
+ if (address_retry_record != NULL &&
+ now - address_retry_record->time_stamp > retry_data_expire)
+ address_retry_record = NULL; /* Ignore if too old */
+ }
}
DEBUG(D_deliver|D_retry)
(void)post_process_one(addr, DEFER, LOG_MAIN, DTYPE_ROUTER, 0);
}
- /* If queue_running, defer routing unless no retry data or we've
- passed the next retry time, or this message is forced. However,
- if the retry time has expired, allow the routing attempt.
- If it fails again, the address will be failed. This ensures that
+ /* If we are in a queue run, defer routing unless there is no retry data or
+ we've passed the next retry time, or this message is forced. In other
+ words, ignore retry data when not in a queue run.
+
+ However, if the domain retry time has expired, always allow the routing
+ attempt. If it fails again, the address will be failed. This ensures that
each address is routed at least once, even after long-term routing
failures.
If there is an address retry, check that too; just wait for the next
retry time. This helps with the case when the temporary error on the
address was really message-specific rather than address specific, since
- it allows other messages through. */
-
- else if (!deliver_force && queue_running &&
+ it allows other messages through.
+
+ We also wait for the next retry time if this is a message sent down an
+ existing SMTP connection (even though that will be forced). Otherwise there
+ will be far too many attempts for an address that gets a 4xx error. In
+ fact, after such an error, we should not get here because, the host should
+ not be remembered as one this message needs. However, there was a bug that
+ used to cause this to happen, so it is best to be on the safe side.
+
+ Even if we haven't reached the retry time in the hints, there is one more
+ check to do, which is for the ultimate address timeout. We only do this
+ check if there is an address retry record and there is not a domain retry
+ record; this implies that previous attempts to handle the address had the
+ retry_use_local_parts option turned on. We use this as an approximation
+ for the destination being like a local delivery, for example delivery over
+ LMTP to an IMAP message store. In this situation users are liable to bump
+ into their quota and thereby have intermittently successful deliveries,
+ which keep the retry record fresh, which can lead to us perpetually
+ deferring messages. */
+
+ else if (((queue_running && !deliver_force) || continue_hostname != NULL)
+ &&
((domain_retry_record != NULL &&
now < domain_retry_record->next_try &&
!domain_retry_record->expired)
||
(address_retry_record != NULL &&
now < address_retry_record->next_try))
- )
+ &&
+ (domain_retry_record != NULL ||
+ address_retry_record == NULL ||
+ !retry_ultimate_address_timeout(addr->address_retry_key,
+ addr->domain, address_retry_record, now)))
{
addr->message = US"retry time not reached";
addr->basic_errno = ERRNO_RRETRY;
string_sprintf("R:%s", addr->domain), 0);
/* Otherwise, if there is an existing retry record in the database, add
- retry items to delete both forms. Since the domain might have been
- rewritten (expanded to fully qualified) as a result of routing, ensure
- that the rewritten form is also deleted. */
+ retry items to delete both forms. We must also allow for the possibility
+ of a routing retry that includes the sender address. Since the domain might
+ have been rewritten (expanded to fully qualified) as a result of routing,
+ ensure that the rewritten form is also deleted. */
else if (testflag(addr, af_dr_retry_exists))
{
+ uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
+ sender_address);
+ retry_add_item(addr, altkey, rf_delete);
retry_add_item(addr, addr->address_retry_key, rf_delete);
retry_add_item(addr, addr->domain_retry_key, rf_delete);
if (Ustrcmp(addr->domain, old_domain) != 0)
local_user_gid = (gid_t)(-1);
local_user_uid = (uid_t)(-1);
-
-/* !!!OLD-DE-DUP!!! The next two statement were introduced when checking for
-duplicates was moved from within routing to afterwards. If that change has to
-be backed out, they should be removed. */
-
/* Check for any duplicate addresses. This check is delayed until after
routing, because the flexibility of the routing configuration means that
identical addresses with different parentage may end up being redirected to
do_duplicate_check(&addr_local);
do_duplicate_check(&addr_remote);
-
/* When acting as an MUA wrapper, we proceed only if all addresses route to a
remote transport. The check that they all end up in one transaction happens in
the do_remote_deliveries() function. */
that the mode is correct - the group setting doesn't always seem to get
set automatically. */
- (void)fcntl(journal_fd, F_SETFD, fcntl(journal_fd, F_GETFD) | FD_CLOEXEC);
- (void)fchown(journal_fd, exim_uid, exim_gid);
- (void)fchmod(journal_fd, SPOOL_MODE);
+ if( fcntl(journal_fd, F_SETFD, fcntl(journal_fd, F_GETFD) | FD_CLOEXEC)
+ || fchown(journal_fd, exim_uid, exim_gid)
+ || fchmod(journal_fd, SPOOL_MODE)
+ )
+ {
+ int ret = Uunlink(spoolname);
+ log_write(0, LOG_MAIN|LOG_PANIC, "Couldn't set perms on journal file %s: %s",
+ spoolname, strerror(errno));
+ if(ret && errno != ENOENT)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s: %s",
+ spoolname, strerror(errno));
+ return DELIVER_NOT_ATTEMPTED;
+ }
}
+
/* Now we can get down to the business of actually doing deliveries. Local
deliveries are done first, then remote ones. If ever the problems of how to
handle fallback transports are figured out, this section can be put into a loop
regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
#endif
+ #ifndef DISABLE_PRDR
+ if (regex_PRDR == NULL) regex_PRDR =
+ regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE);
+ #endif
+
+ #ifdef EXPERIMENTAL_DSN
+ /* Set the regex to check for DSN support on remote MTA */
+ if (regex_DSN == NULL) regex_DSN =
+ regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE);
+ #endif
+
/* Now sort the addresses if required, and do the deliveries. The yield of
do_remote_deliveries is FALSE when mua_wrapper is set and all addresses
cannot be delivered in one transaction. */
else if (!dont_deliver) retry_update(&addr_defer, &addr_failed, &addr_succeed);
+#ifdef EXPERIMENTAL_DSN
+/* Send DSN for successful messages */
+addr_dsntmp = addr_succeed;
+addr_senddsn = NULL;
+
+while(addr_dsntmp != NULL)
+ {
+ DEBUG(D_deliver)
+ debug_printf("DSN: processing router : %s\n", addr_dsntmp->router->name);
+
+ DEBUG(D_deliver)
+ debug_printf("DSN: processing successful delivery address: %s\n", addr_dsntmp->address);
+
+ /* af_ignore_error not honored here. it's not an error */
+
+ DEBUG(D_deliver) debug_printf("DSN: Sender_address: %s\n", sender_address);
+ DEBUG(D_deliver) debug_printf("DSN: orcpt: %s flags: %d\n", addr_dsntmp->dsn_orcpt, addr_dsntmp->dsn_flags);
+ DEBUG(D_deliver) debug_printf("DSN: envid: %s ret: %d\n", dsn_envid, dsn_ret);
+ DEBUG(D_deliver) debug_printf("DSN: Final recipient: %s\n", addr_dsntmp->address);
+ DEBUG(D_deliver) debug_printf("DSN: Remote SMTP server supports DSN: %d\n", addr_dsntmp->dsn_aware);
+
+ /* send report if next hop not DSN aware or a router flagged "last DSN hop"
+ and a report was requested */
+ if (((addr_dsntmp->dsn_aware != dsn_support_yes) ||
+ ((addr_dsntmp->dsn_flags & rf_dsnlasthop) != 0))
+ &&
+ (((addr_dsntmp->dsn_flags & rf_dsnflags) != 0) &&
+ ((addr_dsntmp->dsn_flags & rf_notify_success) != 0)))
+ {
+ /* copy and relink address_item and send report with all of them at once later */
+ address_item *addr_next;
+ addr_next = addr_senddsn;
+ addr_senddsn = store_get(sizeof(address_item));
+ memcpy(addr_senddsn, addr_dsntmp, sizeof(address_item));
+ addr_senddsn->next = addr_next;
+ }
+ else
+ {
+ DEBUG(D_deliver) debug_printf("DSN: *** NOT SENDING DSN SUCCESS Message ***\n");
+ }
+
+ addr_dsntmp = addr_dsntmp->next;
+ }
+
+if (addr_senddsn != NULL)
+ {
+ pid_t pid;
+ int fd;
+
+ /* create exim process to send message */
+ pid = child_open_exim(&fd);
+
+ DEBUG(D_deliver) debug_printf("DSN: child_open_exim returns: %d\n", pid);
+
+ if (pid < 0) /* Creation of child failed */
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Process %d (parent %d) failed to "
+ "create child process to send failure message: %s", getpid(),
+ getppid(), strerror(errno));
+
+ DEBUG(D_deliver) debug_printf("DSN: child_open_exim failed\n");
+
+ }
+ else /* Creation of child succeeded */
+ {
+ FILE *f = fdopen(fd, "wb");
+ /* header only as required by RFC. only failure DSN needs to honor RET=FULL */
+ int topt = topt_add_return_path | topt_no_body;
+ uschar boundaryStr[64];
+
+ DEBUG(D_deliver) debug_printf("sending error message to: %s\n", sender_address);
+
+ /* build unique id for MIME boundary */
+ snprintf(boundaryStr, 63, "%d-eximdsn-%d", time(NULL), rand());
+ DEBUG(D_deliver) debug_printf("DSN: MIME boundary: %s\n", boundaryStr);
+
+ if (errors_reply_to != NULL) fprintf(f,"Reply-To: %s\n", errors_reply_to);
+
+ fprintf(f,"Auto-Submitted: auto-generated\n");
+ fprintf(f,"From: Mail Delivery System <Mailer-Daemon@%s>\n", qualify_domain_sender);
+ fprintf(f,"To: %s\n", sender_address);
+ fprintf(f,"Subject: Delivery Status Notification\n");
+ fprintf(f,"Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n", boundaryStr);
+ fprintf(f,"MIME-Version: 1.0\n\n");
+
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: text/plain; charset=us-ascii\n\n");
+
+ fprintf(f,"This message was created automatically by mail delivery software.\n");
+ fprintf(f," ----- The following addresses had successful delivery notifications -----\n");
+
+ addr_dsntmp = addr_senddsn;
+ while(addr_dsntmp != NULL)
+ {
+ if ((addr_dsntmp->dsn_flags & rf_dsnlasthop) == 1) {
+ fprintf(f,"<%s> (relayed via non DSN router)\n\n", addr_dsntmp->address);
+ }
+ else if (addr_dsntmp->dsn_aware == dsn_support_no) {
+ fprintf(f,"<%s> (relayed to non-DSN-aware mailer)\n\n", addr_dsntmp->address);
+ }
+ else {
+ fprintf(f,"<%s> (relayed via non \"Remote SMTP\" router)\n\n", addr_dsntmp->address);
+ }
+ addr_dsntmp = addr_dsntmp->next;
+ }
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: message/delivery-status\n\n");
+
+ fprintf(f,"Reporting-MTA: dns; %s\n", smtp_active_hostname);
+ if (dsn_envid != NULL) {
+ /* must be decoded from xtext: see RFC 3461:6.3a */
+ uschar *xdec_envid;
+ if (auth_xtextdecode(dsn_envid, &xdec_envid) > 0)
+ fprintf(f,"Original-Envelope-ID: %s\n", dsn_envid);
+ else
+ fprintf(f,"X-Original-Envelope-ID: error decoding xtext formated ENVID\n");
+ }
+ fprintf(f,"\n");
+
+ addr_dsntmp = addr_senddsn;
+ while(addr_dsntmp != NULL)
+ {
+ if (addr_dsntmp->dsn_orcpt != NULL) {
+ fprintf(f,"Original-Recipient: %s\n", addr_dsntmp->dsn_orcpt);
+ }
+ fprintf(f,"Action: delivered\n");
+ fprintf(f,"Final-Recipient: rfc822;%s\n", addr_dsntmp->address);
+ fprintf(f,"Status: 2.0.0\n");
+ if ((addr_dsntmp->host_used != NULL) && (addr_dsntmp->host_used->name != NULL))
+ fprintf(f,"Remote-MTA: dns; %s\nDiagnostic-Code: smtp; 250 Ok\n", addr_dsntmp->host_used->name);
+ else
+ if ((addr_dsntmp->dsn_flags & rf_dsnlasthop) == 1)
+ fprintf(f,"Diagnostic-Code: X-Exim; relayed via non DSN router\n");
+ else
+ fprintf(f,"Diagnostic-Code: X-Exim; relayed via non SMTP router\n");
+ fprintf(f,"\n");
+ addr_dsntmp = addr_dsntmp->next;
+ }
+
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: text/rfc822-headers\n\n");
+
+ fflush(f);
+ transport_filter_argv = NULL; /* Just in case */
+ return_path = sender_address; /* In case not previously set */
+
+ /* Write the original email out */
+ transport_write_message(NULL, fileno(f), topt, 0, NULL, NULL, NULL, NULL, NULL, 0);
+ fflush(f);
+
+ fprintf(f,"\n");
+ fprintf(f,"--%s--\n", boundaryStr);
+
+ fflush(f);
+ fclose(f);
+ rc = child_close(pid, 0); /* Waits for child to close, no timeout */
+ }
+ }
+#endif
+
/* If any addresses failed, we must send a message to somebody, unless
af_ignore_error is set, in which case no action is taken. It is possible for
several messages to get sent if there are addresses with different
it from the list, throw away any saved message file, log it, and
mark the recipient done. */
- if (testflag(addr_failed, af_ignore_error))
- {
+ if (testflag(addr_failed, af_ignore_error)
+#ifdef EXPERIMENTAL_DSN
+ || (((addr_failed->dsn_flags & rf_dsnflags) != 0)
+ && ((addr_failed->dsn_flags & rf_notify_failure) != rf_notify_failure))
+#endif
+ )
+ {
addr = addr_failed;
addr_failed = addr->next;
if (addr->return_filename != NULL) Uunlink(addr->return_filename);
if (errors_reply_to != NULL)
fprintf(f, "Reply-To: %s\n", errors_reply_to);
fprintf(f, "Auto-Submitted: auto-replied\n");
- fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
- qualify_domain_sender);
+ moan_write_from(f);
fprintf(f, "To: %s\n", bounce_recipient);
+#ifdef EXPERIMENTAL_DSN
+ /* generate boundary string and output MIME-Headers */
+ uschar boundaryStr[64];
+ snprintf(boundaryStr, 63, "%d-eximdsn-%d", time(NULL), rand());
+ fprintf(f,"Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n", boundaryStr);
+ fprintf(f,"MIME-Version: 1.0\n");
+#endif
+
/* Open a template file if one is provided. Log failure to open, but
carry on - default texts will be used. */
to_sender? ": returning message to sender" : "");
}
+#ifdef EXPERIMENTAL_DSN
+ /* output human readable part as text/plain section */
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: text/plain; charset=us-ascii\n\n");
+#endif
+
emf_text = next_emf(emf, US"intro");
if (emf_text != NULL) fprintf(f, "%s", CS emf_text); else
{
fprintf(f, "\n");
}
+#ifdef EXPERIMENTAL_DSN
+ /* output machine readable part */
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: message/delivery-status\n\n");
+
+ fprintf(f,"Reporting-MTA: dns; %s\n", smtp_active_hostname);
+ if (dsn_envid != NULL) {
+ /* must be decoded from xtext: see RFC 3461:6.3a */
+ uschar *xdec_envid;
+ if (auth_xtextdecode(dsn_envid, &xdec_envid) > 0)
+ fprintf(f,"Original-Envelope-ID: %s\n", dsn_envid);
+ else
+ fprintf(f,"X-Original-Envelope-ID: error decoding xtext formated ENVID\n");
+ }
+ fprintf(f,"\n");
+
+ for (addr = handled_addr; addr != NULL; addr = addr->next)
+ {
+ fprintf(f,"Action: failed\n");
+ fprintf(f,"Final-Recipient: rfc822;%s\n", addr->address);
+ fprintf(f,"Status: 5.0.0\n");
+ if ((addr->host_used != NULL) && (addr->host_used->name != NULL))
+ fprintf(f,"Remote-MTA: dns; %s\nDiagnostic-Code: smtp; %d\n", addr->host_used->name, addr->basic_errno);
+ }
+#endif
+
/* Now copy the message, trying to give an intelligible comment if
it is too long for it all to be copied. The limit isn't strictly
applied because of the buffering. There is, however, an option
emf_text = next_emf(emf, US"copy");
+#ifndef EXPERIMENTAL_DSN
if (bounce_return_message)
{
int topt = topt_add_return_path;
if (emf_text != NULL) fprintf(f, "%s", CS emf_text);
(void)fclose(emf);
}
+#else
+ /* add message body
+ we ignore the intro text from template and add
+ the text for bounce_return_size_limit at the end.
+
+ bounce_return_message is ignored
+ in case RET= is defined we honor these values
+ otherwise bounce_return_body is honored.
+
+ bounce_return_size_limit is always honored.
+ */
+
+ fprintf(f,"\n--%s\n", boundaryStr);
+
+ uschar *dsnlimitmsg = US"X-Exim-DSN-Information: Due to administrative limits only headers are returned";
+ uschar *dsnnotifyhdr = NULL;
+ int topt = topt_add_return_path;
+ /* RET=HDRS? top priority */
+ if (dsn_ret == dsn_ret_hdrs)
+ topt |= topt_no_body;
+ else
+ /* no full body return at all? */
+ if (!bounce_return_body)
+ {
+ topt |= topt_no_body;
+ /* add header if we overrule RET=FULL */
+ if (dsn_ret == dsn_ret_full)
+ dsnnotifyhdr = dsnlimitmsg;
+ }
+ /* size limited ... return headers only if limit reached */
+ else if (bounce_return_size_limit > 0)
+ {
+ struct stat statbuf;
+ if (fstat(deliver_datafile, &statbuf) == 0 && statbuf.st_size > max)
+ {
+ topt |= topt_no_body;
+ dsnnotifyhdr = dsnlimitmsg;
+ }
+ }
+
+ if (topt & topt_no_body)
+ fprintf(f,"Content-type: text/rfc822-headers\n\n");
+ else
+ fprintf(f,"Content-type: message/rfc822\n\n");
+
+ fflush(f);
+ transport_filter_argv = NULL; /* Just in case */
+ return_path = sender_address; /* In case not previously set */
+ transport_write_message(NULL, fileno(f), topt,
+ 0, dsnnotifyhdr, NULL, NULL, NULL, NULL, 0);
+ fflush(f);
+
+ /* we never add the final text. close the file */
+ if (emf != NULL)
+ (void)fclose(emf);
+
+ fprintf(f,"\n");
+ fprintf(f,"--%s--\n", boundaryStr);
+#endif
/* Close the file, which should send an EOF to the child process
that is receiving the message. Wait for it to finish. */
else
{
if (Uunlink(spoolname) < 0)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s", spoolname);
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s: %s",
+ spoolname, strerror(errno));
}
}
sprintf(CS spoolname, "%s/input/%s/%s-D", spool_directory, message_subdir, id);
if (Uunlink(spoolname) < 0)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s", spoolname);
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s: %s",
+ spoolname, strerror(errno));
sprintf(CS spoolname, "%s/input/%s/%s-H", spool_directory, message_subdir, id);
if (Uunlink(spoolname) < 0)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s", spoolname);
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s: %s",
+ spoolname, strerror(errno));
/* Log the end of this message, with queue time if requested. */
readconf_printtime(time(NULL) - received_time));
else
log_write(0, LOG_MAIN, "Completed");
+
+ /* Unset deliver_freeze so that we won't try to move the spool files further down */
+ deliver_freeze = FALSE;
}
/* If there are deferred addresses, we are keeping this message because it is
it also defers). */
if (!queue_2stage && delivery_attempted &&
+#ifdef EXPERIMENTAL_DSN
+ (((addr_defer->dsn_flags & rf_dsnflags) == 0) ||
+ (addr_defer->dsn_flags & rf_notify_delay) == rf_notify_delay) &&
+#endif
delay_warning[1] > 0 && sender_address[0] != 0 &&
(delay_warning_condition == NULL ||
expand_check_condition(delay_warning_condition,
if (errors_reply_to != NULL)
fprintf(f, "Reply-To: %s\n", errors_reply_to);
fprintf(f, "Auto-Submitted: auto-replied\n");
- fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
- qualify_domain_sender);
+ moan_write_from(f);
fprintf(f, "To: %s\n", recipients);
+#ifdef EXPERIMENTAL_DSN
+ /* generated boundary string and output MIME-Headers */
+ uschar boundaryStr[64];
+ snprintf(boundaryStr, 63, "%d-eximdsn-%d", time(NULL), rand());
+ fprintf(f,"Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n", boundaryStr);
+ fprintf(f,"MIME-Version: 1.0\n");
+#endif
+
wmf_text = next_emf(wmf, US"header");
if (wmf_text != NULL)
fprintf(f, "%s\n", wmf_text);
fprintf(f, "Subject: Warning: message %s delayed %s\n\n",
message_id, warnmsg_delay);
+#ifdef EXPERIMENTAL_DSN
+ /* output human readable part as text/plain section */
+ fprintf(f,"--%s\n", boundaryStr);
+ fprintf(f,"Content-type: text/plain; charset=us-ascii\n\n");
+#endif
+
wmf_text = next_emf(wmf, US"intro");
if (wmf_text != NULL) fprintf(f, "%s", CS wmf_text); else
{
/* List the addresses, with error information if allowed */
+#ifdef EXPERIMENTAL_DSN
+ /* store addr_defer for machine readable part */
+ address_item *addr_dsndefer = addr_defer;
+#endif
fprintf(f, "\n");
while (addr_defer != NULL)
{
"and when that happens, the message will be returned to you.\n");
}
+#ifdef EXPERIMENTAL_DSN
+ /* output machine readable part */
+ fprintf(f,"\n--%s\n", boundaryStr);
+ fprintf(f,"Content-type: message/delivery-status\n\n");
+
+ fprintf(f,"Reporting-MTA: dns; %s\n", smtp_active_hostname);
+ if (dsn_envid != NULL) {
+ /* must be decoded from xtext: see RFC 3461:6.3a */
+ uschar *xdec_envid;
+ if (auth_xtextdecode(dsn_envid, &xdec_envid) > 0)
+ fprintf(f,"Original-Envelope-ID: %s\n", dsn_envid);
+ else
+ fprintf(f,"X-Original-Envelope-ID: error decoding xtext formated ENVID\n");
+ }
+ fprintf(f,"\n");
+
+ while (addr_dsndefer != NULL)
+ {
+ if (addr_dsndefer->dsn_orcpt != NULL) {
+ fprintf(f,"Original-Recipient: %s\n", addr_dsndefer->dsn_orcpt);
+ }
+ fprintf(f,"Action: delayed\n");
+ fprintf(f,"Final-Recipient: rfc822;%s\n", addr_dsndefer->address);
+ fprintf(f,"Status: 4.0.0\n");
+ if ((addr_dsndefer->host_used != NULL) && (addr_dsndefer->host_used->name != NULL))
+ fprintf(f,"Remote-MTA: dns; %s\nDiagnostic-Code: smtp; %d\n",
+ addr_dsndefer->host_used->name, addr_dsndefer->basic_errno);
+ addr_dsndefer = addr_dsndefer->next;
+ }
+
+ fprintf(f,"\n--%s\n", boundaryStr);
+ fprintf(f,"Content-type: text/rfc822-headers\n\n");
+
+ fflush(f);
+ /* header only as required by RFC. only failure DSN needs to honor RET=FULL */
+ int topt = topt_add_return_path | topt_no_body;
+ transport_filter_argv = NULL; /* Just in case */
+ return_path = sender_address; /* In case not previously set */
+ /* Write the original email out */
+ transport_write_message(NULL, fileno(f), topt, 0, NULL, NULL, NULL, NULL, NULL, 0);
+ fflush(f);
+
+ fprintf(f,"\n");
+ fprintf(f,"--%s--\n", boundaryStr);
+
+ fflush(f);
+#endif
+
/* Close and wait for child process to complete, without a timeout.
If there's an error, don't update the count. */
released. */
search_tidyup();
+acl_where = ACL_WHERE_UNKNOWN;
return final_yield;
}
+/* vi: aw ai sw=2
+*/
/* End of deliver.c */