-/* $Cambridge: exim/src/src/acl.c,v 1.6 2004/12/16 15:11:47 tom Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.16 2005/01/12 14:41:12 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2005 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for handling Access Control Lists (ACLs) */
static unsigned int cond_forbids[] = {
0, /* acl */
+
(1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* authenticated */
(1<<ACL_WHERE_HELO),
#ifdef EXPERIMENTAL_BRIGHTMAIL
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* bmi_optin */
+ (1<<ACL_WHERE_AUTH)| /* bmi_optin */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_MIME)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
0, /* control */
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* decode */
+ (1<<ACL_WHERE_AUTH)| /* decode */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
0, /* delay */
-#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* demime */
+#ifdef WITH_OLD_DEMIME
+ (1<<ACL_WHERE_AUTH)| /* demime */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* encrypted */
(1<<ACL_WHERE_HELO),
+
0, /* endpass */
+
(1<<ACL_WHERE_NOTSMTP), /* hosts */
(1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* local_parts */
(1<<ACL_WHERE_VRFY),
0, /* log_message */
+
0, /* logwrite */
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* malware */
+ (1<<ACL_WHERE_AUTH)| /* malware */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
0, /* message */
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* mime_regex */
+ (1<<ACL_WHERE_AUTH)| /* mime_regex */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_VRFY),
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* regex */
+ (1<<ACL_WHERE_AUTH)| /* regex */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
0, /* set */
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)| /* spam */
+ (1<<ACL_WHERE_AUTH)| /* spam */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
CONTROL_ENFORCE_SYNC, CONTROL_NO_ENFORCE_SYNC, CONTROL_FREEZE,
CONTROL_QUEUE_ONLY, CONTROL_SUBMISSION,
#ifdef WITH_CONTENT_SCAN
- CONTROL_NO_MBOX_UNSPOOL, CONTROL_FAKEREJECT,
+ CONTROL_NO_MBOX_UNSPOOL,
#endif
- CONTROL_NO_MULTILINE };
+ CONTROL_FAKEREJECT, CONTROL_NO_MULTILINE };
/* Bit map vector of which controls are not allowed at certain times. For
each control, there's a bitmap of dis-allowed times. For some, it is easier to
#ifdef EXPERIMENTAL_BRIGHTMAIL
0, /* bmi_run */
#endif
+
0, /* error */
+
+ (unsigned int)
~(1<<ACL_WHERE_RCPT), /* caseful_local_part */
+
+ (unsigned int)
~(1<<ACL_WHERE_RCPT), /* caselower_local_part */
+
(1<<ACL_WHERE_NOTSMTP), /* enforce_sync */
+
(1<<ACL_WHERE_NOTSMTP), /* no_enforce_sync */
+ (unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* freeze */
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
(1<<ACL_WHERE_NOTSMTP)),
+ (unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* queue_only */
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
(1<<ACL_WHERE_NOTSMTP)),
+ (unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* submission */
(1<<ACL_WHERE_PREDATA)),
#ifdef WITH_CONTENT_SCAN
- (1<<ACL_WHERE_NOTSMTP), /* no_mbox_unspool */
- (1<<ACL_WHERE_NOTSMTP), /* fakereject */
+ (unsigned int)
+ ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* no_mbox_unspool */
+ (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)),
#endif
+ (unsigned int)
+ ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* fakereject */
+ (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)),
+
(1<<ACL_WHERE_NOTSMTP) /* no_multiline */
};
{ US"queue_only", CONTROL_QUEUE_ONLY, FALSE},
#ifdef WITH_CONTENT_SCAN
{ US"no_mbox_unspool", CONTROL_NO_MBOX_UNSPOOL, FALSE},
- { US"fakereject", CONTROL_FAKEREJECT, TRUE},
#endif
+ { US"fakereject", CONTROL_FAKEREJECT, TRUE},
{ US"submission", CONTROL_SUBMISSION, TRUE}
};
no_multiline_responses = TRUE;
break;
-#ifdef WITH_CONTENT_SCAN
case CONTROL_FAKEREJECT:
fake_reject = TRUE;
if (*p == '/')
else
{
/* Explicitly reset to default string */
- fake_reject_text = US"Your message has been rejected but is being kept for evaluation.\nIf it was a legit message, it may still be delivered to the target recipient(s).";
+ fake_reject_text = US"Your message has been rejected but is being kept for evaluation.\nIf it was a legitimate message, it may still be delivered to the target recipient(s).";
}
break;
-#endif
case CONTROL_FREEZE:
deliver_freeze = TRUE;
HDEBUG(D_acl)
debug_printf("delay skipped in -bh checking mode\n");
}
- else sleep(delay);
+ else
+ {
+ while (delay > 0) delay = sleep(delay);
+ }
}
}
break;
git://git.exim.org / exim.git / blobdiff