static int
do_callout(address_item *addr, host_item *host_list, transport_feedback *tf,
static int
do_callout(address_item *addr, host_item *host_list, transport_feedback *tf,
- int callout, int callout_overall, int callout_connect, int options,
+ int callout, int callout_overall, int callout_connect, int options,
uschar *se_mailfrom, uschar *pm_mailfrom)
{
BOOL is_recipient = (options & vopt_is_recipient) != 0;
uschar *se_mailfrom, uschar *pm_mailfrom)
{
BOOL is_recipient = (options & vopt_is_recipient) != 0;
setflag(addr, af_verify_nsfail);
addr->user_message = US"(result of an earlier callout reused).";
yield = FAIL;
setflag(addr, af_verify_nsfail);
addr->user_message = US"(result of an earlier callout reused).";
yield = FAIL;
setflag(addr, af_verify_pmfail);
addr->user_message = US"(result of earlier verification reused).";
goto END_CALLOUT;
setflag(addr, af_verify_pmfail);
addr->user_message = US"(result of earlier verification reused).";
goto END_CALLOUT;
HDEBUG(D_verify)
debug_printf("callout cache: address record is negative\n");
addr->user_message = US"Previous (cached) callout verification failure";
HDEBUG(D_verify)
debug_printf("callout cache: address record is negative\n");
addr->user_message = US"Previous (cached) callout verification failure";
if (errno == 0 && responsebuffer[0] == '5')
{
setflag(addr, af_verify_nsfail);
if (errno == 0 && responsebuffer[0] == '5')
{
setflag(addr, af_verify_nsfail);
{
done =
smtp_write_command(&outblock, FALSE, "RCPT TO:<%.1000s>\r\n",
{
done =
smtp_write_command(&outblock, FALSE, "RCPT TO:<%.1000s>\r\n",
smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer),
'2', callout);
smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer),
'2', callout);
new_domain_record.postmaster_result = ccache_accept;
else if (errno == 0 && responsebuffer[0] == '5')
{
new_domain_record.postmaster_result = ccache_accept;
else if (errno == 0 && responsebuffer[0] == '5')
{
setflag(addr, af_verify_pmfail);
new_domain_record.postmaster_result = ccache_reject;
}
setflag(addr, af_verify_pmfail);
new_domain_record.postmaster_result = ccache_reject;
}
for individual commands
callout_overall if > 0, gives overall timeout for the callout function;
if < 0, a default is used (see do_callout())
for individual commands
callout_overall if > 0, gives overall timeout for the callout function;
if < 0, a default is used (see do_callout())
se_mailfrom when callout is requested to verify a sender, use this
in MAIL FROM; NULL => ""
pm_mailfrom when callout is requested, if non-NULL, do the postmaster
se_mailfrom when callout is requested to verify a sender, use this
in MAIL FROM; NULL => ""
pm_mailfrom when callout is requested, if non-NULL, do the postmaster
int
verify_address(address_item *vaddr, FILE *f, int options, int callout,
int
verify_address(address_item *vaddr, FILE *f, int options, int callout,
- int callout_overall, int callout_connect, uschar *se_mailfrom,
+ int callout_overall, int callout_connect, uschar *se_mailfrom,
address_item *addr_remote = NULL;
address_item *addr_local = NULL;
address_item *addr_succeed = NULL;
address_item *addr_remote = NULL;
address_item *addr_local = NULL;
address_item *addr_succeed = NULL;
if (f != NULL)
fprintf(f, "%sA domain is required for \"%s\"%s\n", ko_prefix, address,
cr);
if (f != NULL)
fprintf(f, "%sA domain is required for \"%s\"%s\n", ko_prefix, address,
cr);
host_build_hostlist(&host_list, s, tf.hosts_randomize);
/* Just ignore failures to find a host address. If we don't manage
host_build_hostlist(&host_list, s, tf.hosts_randomize);
/* Just ignore failures to find a host address. If we don't manage
- to find any addresses, the callout will defer. Note that more than
- one address may be found for a single host, which will result in
- additional host items being inserted into the chain. Hence we must
+ to find any addresses, the callout will defer. Note that more than
+ one address may be found for a single host, which will result in
+ additional host items being inserted into the chain. Hence we must
string_is_ip_address(host->name, NULL) > 0)
(void)host_find_byname(host, NULL, &canonical_name, TRUE);
else
string_is_ip_address(host->name, NULL) > 0)
(void)host_find_byname(host, NULL, &canonical_name, TRUE);
else
/* A router may return REROUTED if it has set up a child address as a result
of a change of domain name (typically from widening). In this case we always
want to continue to verify the new child. */
if (rc == REROUTED) continue;
/* A router may return REROUTED if it has set up a child address as a result
of a change of domain name (typically from widening). In this case we always
want to continue to verify the new child. */
if (rc == REROUTED) continue;
log_msgptr points to where to put a log error message
callout timeout for callout check (passed to verify_address())
callout_overall overall callout timeout (ditto)
log_msgptr points to where to put a log error message
callout timeout for callout check (passed to verify_address())
callout_overall overall callout timeout (ditto)
se_mailfrom mailfrom for verify; NULL => ""
pm_mailfrom sender for pm callout check (passed to verify_address())
options callout options (passed to verify_address())
se_mailfrom mailfrom for verify; NULL => ""
pm_mailfrom sender for pm callout check (passed to verify_address())
options callout options (passed to verify_address())
If log_msgptr is set to something without setting user_msgptr, the caller
normally uses log_msgptr for both things.
If log_msgptr is set to something without setting user_msgptr, the caller
normally uses log_msgptr for both things.
- int callout, int callout_overall, int callout_connect, uschar *se_mailfrom,
+ int callout, int callout_overall, int callout_connect, uschar *se_mailfrom,
uschar *pm_mailfrom, int options, int *verrno)
{
static int header_types[] = { htype_sender, htype_reply_to, htype_from };
uschar *pm_mailfrom, int options, int *verrno)
{
static int header_types[] = { htype_sender, htype_reply_to, htype_from };
{
vaddr = deliver_make_addr(address, FALSE);
new_ok = verify_address(vaddr, NULL, options | vopt_fake_sender,
{
vaddr = deliver_make_addr(address, FALSE);
new_ok = verify_address(vaddr, NULL, options | vopt_fake_sender,
- callout, callout_overall, callout_connect, se_mailfrom,
+ callout, callout_overall, callout_connect, se_mailfrom,
if (smtp_return_error_details)
{
*user_msgptr = string_sprintf("Rejected after DATA: "
"could not verify \"%.*s\" header address\n%s: %s",
endname - h->text, h->text, vaddr->address, vaddr->message);
}
if (smtp_return_error_details)
{
*user_msgptr = string_sprintf("Rejected after DATA: "
"could not verify \"%.*s\" header address\n%s: %s",
endname - h->text, h->text, vaddr->address, vaddr->message);
}
/* Adjust parameters for the type of lookup. For a query-style
lookup, there is no file name, and the "key" is just the query. For
a single-key lookup, the key is the current IP address, masked
/* Adjust parameters for the type of lookup. For a query-style
lookup, there is no file name, and the "key" is just the query. For
a single-key lookup, the key is the current IP address, masked
For IPv6 addresses, specify dot separators instead of colons. */
if (mac_islookup(search_type, lookup_querystyle))
For IPv6 addresses, specify dot separators instead of colons. */
if (mac_islookup(search_type, lookup_querystyle))
cb.host_ipv4 = (Ustrncmp(host_address, "::ffff:", 7) == 0)?
host_address + 7 : host_address;
cb.host_ipv4 = (Ustrncmp(host_address, "::ffff:", 7) == 0)?
host_address + 7 : host_address;
-/* During the running of the check, put the IP address into $host_address. In
-the case of calls from the smtp transport, it will already be there. However,
-in other calls (e.g. when testing ignore_target_hosts), it won't. Just to be on
+/* During the running of the check, put the IP address into $host_address. In
+the case of calls from the smtp transport, it will already be there. However,
+in other calls (e.g. when testing ignore_target_hosts), it won't. Just to be on
the safe side, any existing setting is preserved, though as I write this
(November 2004) I can't see any cases where it is actually needed. */
the safe side, any existing setting is preserved, though as I write this
(November 2004) I can't see any cases where it is actually needed. */
check_host, /* function for testing */
&cb, /* argument for function */
MCL_HOST, /* type of check */
check_host, /* function for testing */
&cb, /* argument for function */
MCL_HOST, /* type of check */
US"host" : host_address, /* text for debugging */
valueptr); /* where to pass back data */
deliver_host_address = save_host_address;
US"host" : host_address, /* text for debugging */
valueptr); /* where to pass back data */
deliver_host_address = save_host_address;
- iplist the list of matching IP addresses
- bitmask true if bitmask matching is wanted
- invert_result true if result to be inverted
- defer_return what to return for a defer
+ iplist the list of matching IP addresses
+ bitmask true if bitmask matching is wanted
+ invert_result true if result to be inverted
+ defer_return what to return for a defer
-one_check_dnsbl(uschar *domain, uschar *keydomain, uschar *query,
+one_check_dnsbl(uschar *domain, uschar *keydomain, uschar *query,
uschar *iplist, BOOL bitmask, BOOL invert_result, int defer_return)
uschar *iplist, BOOL bitmask, BOOL invert_result, int defer_return)
debug_printf("=> there was %s match for %c%s\n",
invert_result? "an exclude":"no", bitmask? '&' : '=', iplist);
}
debug_printf("=> there was %s match for %c%s\n",
invert_result? "an exclude":"no", bitmask? '&' : '=', iplist);
}
if (key == NULL)
{
if (sender_host_address == NULL) return FAIL; /* can never match */
if (revadd[0] == 0) invert_address(revadd, sender_host_address);
frc = string_format(query, sizeof(query), "%s%s", revadd, domain);
if (key == NULL)
{
if (sender_host_address == NULL) return FAIL; /* can never match */
if (revadd[0] == 0) invert_address(revadd, sender_host_address);
frc = string_format(query, sizeof(query), "%s%s", revadd, domain);
if (!frc)
{
log_write(0, LOG_MAIN|LOG_PANIC, "dnslist query is too long "
"(ignored): %s...", query);
continue;
}
if (!frc)
{
log_write(0, LOG_MAIN|LOG_PANIC, "dnslist query is too long "
"(ignored): %s...", query);
continue;
}
-
- rc = one_check_dnsbl(domain, sender_host_address, query, iplist, bitmask,
+
+ rc = one_check_dnsbl(domain, sender_host_address, query, iplist, bitmask,
-
- while ((keydomain = string_nextinlist(&key, &keysep, keybuffer,
+
+ while ((keydomain = string_nextinlist(&key, &keysep, keybuffer,
if (string_is_ip_address(keydomain, NULL) > 0)
{
uschar keyrevadd[128];
invert_address(keyrevadd, keydomain);
if (string_is_ip_address(keydomain, NULL) > 0)
{
uschar keyrevadd[128];
invert_address(keyrevadd, keydomain);
- frc = string_format(query, sizeof(query), "%s%s", keyrevadd, domain);
+ frc = string_format(query, sizeof(query), "%s%s", keyrevadd, domain);
frc = string_format(query, sizeof(query), "%s.%s", keydomain, domain);
}
frc = string_format(query, sizeof(query), "%s.%s", keydomain, domain);
}
-
- rc = one_check_dnsbl(domain, keydomain, query, iplist, bitmask,
+
+ rc = one_check_dnsbl(domain, keydomain, query, iplist, bitmask,
/* If the lookup deferred, remember this fact. We keep trying the rest
of the list to see if we get a useful result, and if we don't, we return
DEFER at the end. */
/* If the lookup deferred, remember this fact. We keep trying the rest
of the list to see if we get a useful result, and if we don't, we return
DEFER at the end. */