X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/83da1223921fe30362e8374951360dcc8f21c4e7..b9df1829d6afa37ef6576d04fc8845c1d20269b0:/src/src/globals.h diff --git a/src/src/globals.h b/src/src/globals.h index 090e1b483..340f1aecf 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -1,10 +1,8 @@ -/* $Cambridge: exim/src/src/globals.h,v 1.44 2007/01/18 15:35:42 ph10 Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2007 */ +/* Copyright (c) University of Cambridge 1995 - 2017 */ /* See the file NOTICE for conditions of use and distribution. */ /* Almost all the global variables are defined together in this one header, so @@ -18,12 +16,19 @@ local_scan.h header file. */ extern int h_errno; #endif +/* We need to be careful about width of int and atomicity in signal handlers, +especially with the rise of 64-bit systems breaking older assumptions. But +sig_atomic_t comes from signal.h so can't go into mytypes.h without including +signal support in local_scan, which seems precipitous. */ +typedef volatile sig_atomic_t SIGNAL_BOOL; + /* Now things that are present only when configured. */ #ifdef EXIM_PERL extern uschar *opt_perl_startup; /* Startup code for Perl interpreter */ extern BOOL opt_perl_at_start; /* Start Perl interpreter at start */ extern BOOL opt_perl_started; /* Set once interpreter started */ +extern BOOL opt_perl_taintmode; /* Enable taint mode in Perl */ #endif #ifdef EXPAND_DLFUNC @@ -35,7 +40,14 @@ extern uschar *ibase_servers; #endif #ifdef LOOKUP_LDAP +extern uschar *eldap_ca_cert_dir; /* Directory with CA certificates */ +extern uschar *eldap_ca_cert_file; /* CA certificate file */ +extern uschar *eldap_cert_file; /* Certificate file */ +extern uschar *eldap_cert_key; /* Certificate key file */ +extern uschar *eldap_cipher_suite; /* Allowed cipher suite */ extern uschar *eldap_default_servers; /* List of default servers */ +extern uschar *eldap_require_cert; /* Peer certificate checking strategy */ +extern BOOL eldap_start_tls; /* Use STARTTLS */ extern int eldap_version; /* LDAP version */ #endif @@ -51,6 +63,10 @@ extern uschar *oracle_servers; /* List of servers and connect info */ extern uschar *pgsql_servers; /* List of servers and connect info */ #endif +#ifdef LOOKUP_REDIS +extern uschar *redis_servers; /* List of servers and connect info */ +#endif + #ifdef LOOKUP_SQLITE extern int sqlite_lock_timeout; /* Internal lock waiting timeout */ #endif @@ -63,23 +79,46 @@ extern BOOL move_frozen_messages; /* Get them out of the normal directory * cluttered in several places (e.g. during logging) if we can always refer to them. Also, the tls_ variables are now always visible. */ -extern int tls_active; /* fd/socket when in a TLS session */ -extern BOOL tls_certificate_verified; /* Client certificate verified */ -extern uschar *tls_cipher; /* Cipher used */ -extern BOOL tls_on_connect; /* For older MTAs that don't STARTTLS */ -extern uschar *tls_on_connect_ports; /* Ports always tls-on-connect */ -extern uschar *tls_peerdn; /* DN from peer */ +typedef struct { + int active; /* fd/socket when in a TLS session */ + int bits; /* bits used in TLS session */ + BOOL certificate_verified; /* Client certificate verified */ +#ifdef EXPERIMENTAL_DANE + BOOL dane_verified; /* ... via DANE */ + int tlsa_usage; /* TLSA record(s) usage */ +#endif + uschar *cipher; /* Cipher used */ + BOOL on_connect; /* For older MTAs that don't STARTTLS */ + uschar *on_connect_ports; /* Ports always tls-on-connect */ + void *ourcert; /* Certificate we presented, binary */ + void *peercert; /* Certificate of peer, binary */ + uschar *peerdn; /* DN from peer */ + uschar *sni; /* Server Name Indication */ + enum { + OCSP_NOT_REQ=0, /* not requested */ + OCSP_NOT_RESP, /* no response to request */ + OCSP_VFY_NOT_TRIED, /* response not verified */ + OCSP_FAILED, /* verify failed */ + OCSP_VFIED /* verified */ + } ocsp; /* Stapled OCSP status */ +} tls_support; +extern tls_support tls_in; +extern tls_support tls_out; #ifdef SUPPORT_TLS -extern uschar *gnutls_require_mac; /* So some can be avoided */ -extern uschar *gnutls_require_kx; /* So some can be avoided */ -extern uschar *gnutls_require_proto; /* So some can be avoided */ +extern BOOL gnutls_compat_mode; /* Less security, more compatibility */ +extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ +extern uschar *openssl_options; /* OpenSSL compatibility options */ extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */ -extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ extern uschar *tls_certificate; /* Certificate file */ +extern uschar *tls_channelbinding_b64; /* string of base64 channel binding */ extern uschar *tls_crl; /* CRL File */ +extern int tls_dh_max_bits; /* don't accept higher lib suggestions */ extern uschar *tls_dhparam; /* DH param file */ -extern BOOL tls_offered; /* Server offered TLS */ +extern uschar *tls_eccurve; /* EC curve */ +# ifndef DISABLE_OCSP +extern uschar *tls_ocsp_file; /* OCSP stapling proof file */ +# endif extern uschar *tls_privatekey; /* Private key file */ extern BOOL tls_remember_esmtp; /* For YAEB */ extern uschar *tls_require_ciphers; /* So some can be avoided */ @@ -87,36 +126,57 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif +extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ +extern uschar *dsn_envid; /* DSN envid string */ +extern int dsn_ret; /* DSN ret type*/ +extern const pcre *regex_DSN; /* For recognizing DSN settings */ +extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. */ -extern int (*receive_getc)(void); +extern int (*lwr_receive_getc)(unsigned); +extern int (*lwr_receive_ungetc)(int); +extern int (*receive_getc)(unsigned); +extern void (*receive_get_cache)(void); extern int (*receive_ungetc)(int); extern int (*receive_feof)(void); extern int (*receive_ferror)(void); +extern BOOL (*receive_smtp_buffered)(void); /* For clearing, saving, restoring address expansion variables. We have to have the size of this vector set explicitly, because it is referenced from more than one module. */ -extern uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT]; +extern const uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT]; /* General global variables */ extern BOOL accept_8bitmime; /* Allow *BITMIME incoming */ +extern uschar *add_environment; /* List of environment variables to add */ extern header_line *acl_added_headers; /* Headers added by an ACL */ extern tree_node *acl_anchor; /* Tree of named ACLs */ +extern uschar *acl_arg[9]; /* Argument to ACL call */ +extern int acl_narg; /* Number of arguments to ACL call */ +extern int acl_level; /* Nesting depth and debug indent */ extern uschar *acl_not_smtp; /* ACL run for non-SMTP messages */ #ifdef WITH_CONTENT_SCAN extern uschar *acl_not_smtp_mime; /* For MIME parts of ditto */ #endif extern uschar *acl_not_smtp_start; /* ACL run at the beginning of a non-SMTP session */ +extern uschar *acl_removed_headers; /* Headers deleted by an ACL */ extern uschar *acl_smtp_auth; /* ACL run for AUTH */ extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */ extern uschar *acl_smtp_data; /* ACL run after DATA received */ +#ifndef DISABLE_PRDR +extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/ +const extern pcre *regex_PRDR; /* For recognizing PRDR settings */ +#endif +#ifndef DISABLE_DKIM +extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */ +#endif extern uschar *acl_smtp_etrn; /* ACL run for ETRN */ extern uschar *acl_smtp_expn; /* ACL run for EXPN */ extern uschar *acl_smtp_helo; /* ACL run for HELO/EHLO */ @@ -125,6 +185,7 @@ extern uschar *acl_smtp_mailauth; /* ACL run for MAIL AUTH */ #ifdef WITH_CONTENT_SCAN extern uschar *acl_smtp_mime; /* ACL run after DATA, before acl_smtp_data, for each MIME part */ #endif +extern uschar *acl_smtp_notquit; /* ACL run for disconnects */ extern uschar *acl_smtp_predata; /* ACL run for DATA command */ extern uschar *acl_smtp_quit; /* ACL run for QUIT */ extern uschar *acl_smtp_rcpt; /* ACL run for RCPT */ @@ -132,7 +193,7 @@ extern uschar *acl_smtp_starttls; /* ACL run for STARTTLS */ extern uschar *acl_smtp_vrfy; /* ACL run for VRFY */ extern BOOL acl_temp_details; /* TRUE to give details for 4xx error */ extern tree_node *acl_var_c; /* ACL connection variables */ -extern tree_node *acl_var_m; /* ACL messsage variables */ +extern tree_node *acl_var_m; /* ACL message variables */ extern uschar *acl_verify_message; /* User message for verify failure */ extern string_item *acl_warn_logged; /* Logged lines */ extern uschar *acl_wherecodes[]; /* Response codes for ACL fails */ @@ -154,6 +215,7 @@ extern BOOL allow_mx_to_ip; /* Allow MX records to -> ip address */ extern BOOL allow_unqualified_recipient; /* As it says */ extern BOOL allow_unqualified_sender; /* Ditto */ extern BOOL allow_utf8_domains; /* For experimenting */ +extern uschar *authenticated_fail_id; /* ID that failed authentication */ extern uschar *authenticated_id; /* ID that was authenticated */ extern uschar *authenticated_sender; /* From AUTH on MAIL */ extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */ @@ -166,6 +228,7 @@ extern uschar *auth_defer_user_msg; /* Error message for user */ extern uschar *auth_vars[]; /* $authn variables */ extern int auto_thaw; /* Auto-thaw interval */ #ifdef WITH_CONTENT_SCAN +extern BOOL av_failed; /* TRUE if the AV process failed */ extern uschar *av_scanner; /* AntiVirus scanner to use for the malware condition */ #endif @@ -183,17 +246,18 @@ extern int bmi_deliver; /* Flag that determines if the message sh extern int bmi_run; /* Flag that determines if message should be run through Brightmail server */ extern uschar *bmi_verdicts; /* BASE64-encoded verdicts with recipient lists */ #endif -extern int body_linecount; /* Line count in body */ -extern int body_zerocount; /* Binary zero count in body */ +extern int body_8bitmime; /* sender declared BODY= ; 7=7BIT, 8=8BITMIME */ extern uschar *bounce_message_file; /* Template file */ extern uschar *bounce_message_text; /* One-liner */ extern uschar *bounce_recipient; /* When writing an errmsg */ extern BOOL bounce_return_body; /* Include body in returned message */ +extern int bounce_return_linesize_limit; /* Max line length in return */ extern BOOL bounce_return_message; /* Include message in bounce */ extern int bounce_return_size_limit; /* Max amount to return */ extern uschar *bounce_sender_authentication; /* AUTH address for bounces */ extern int bsmtp_transaction_linecount; /* Start of last transaction */ +extern uschar *callout_address; /* Address used for a malware/spamd/verify etc. callout */ extern int callout_cache_domain_positive_expire; /* Time for positive domain callout cache records to expire */ extern int callout_cache_domain_negative_expire; /* Time for negative domain callout cache records to expire */ extern int callout_cache_positive_expire; /* Time for positive callout cache records to expire */ @@ -205,21 +269,26 @@ extern int check_log_space; /* Minimum for message acceptance */ extern BOOL check_rfc2047_length; /* Check RFC 2047 encoded string length */ extern int check_spool_inodes; /* Minimum for message acceptance */ extern int check_spool_space; /* Minimum for message acceptance */ +extern uschar *chunking_advertise_hosts; /* RFC 3030 CHUNKING */ +extern unsigned chunking_datasize; +extern unsigned chunking_data_left; +extern BOOL chunking_offered; +extern chunking_state_t chunking_state; +extern uschar *client_authenticator; /* Authenticator name used for smtp delivery */ +extern uschar *client_authenticated_id; /* "login" name used for SMTP AUTH */ +extern uschar *client_authenticated_sender; /* AUTH option to SMTP MAIL FROM (not yet used) */ extern int clmacro_count; /* Number of command line macros */ extern uschar *clmacros[]; /* Copy of them, for re-exec */ extern int connection_max_messages;/* Max down one SMTP connection */ extern BOOL config_changed; /* True if -C used */ extern FILE *config_file; /* Configuration file */ -extern uschar *config_filename; /* Configuration file name */ -#ifdef CONFIGURE_GROUP +extern const uschar *config_filename; /* Configuration file name */ extern gid_t config_gid; /* Additional group owner */ -#endif extern int config_lineno; /* Line number */ extern uschar *config_main_filelist; /* List of possible config files */ extern uschar *config_main_filename; /* File name actually used */ -#ifdef CONFIGURE_OWNER +extern uschar *config_main_directory; /* Directory where the main config file was found */ extern uid_t config_uid; /* Additional owner */ -#endif extern uschar *continue_hostname; /* Host for continued delivery */ extern uschar *continue_host_address; /* IP address for ditto */ extern BOOL continue_more; /* Flag more addresses waiting */ @@ -228,34 +297,57 @@ extern uschar *continue_transport; /* Transport for continued delivery */ extern uschar *csa_status; /* Client SMTP Authorization result */ +typedef struct { + unsigned delivery:1; /* When to attempt */ + unsigned defer_pass:1; /* Pass 4xx to caller rather than spooling */ + int fd; /* Open connection */ + int nrcpt; /* Count of addresses */ + uschar * interface; /* (address of) */ + host_item host; /* Host used */ + address_item addr; /* (Chain of) addresses */ +} cut_t; +extern cut_t cutthrough; /* Deliver-concurrently */ + extern BOOL daemon_listen; /* True if listening required */ extern uschar *daemon_smtp_port; /* Can be a list of ports */ extern int daemon_startup_retries; /* Number of times to retry */ extern int daemon_startup_sleep; /* Sleep between retries */ + +#ifdef EXPERIMENTAL_DCC +extern BOOL dcc_direct_add_header; /* directly add header */ +extern uschar *dcc_header; /* dcc header */ +extern uschar *dcc_result; /* dcc result */ +extern uschar *dccifd_address; /* address of the dccifd daemon */ +extern uschar *dccifd_options; /* options for the dccifd daemon */ +#endif + extern BOOL debug_daemon; /* Debug the daemon process only */ extern int debug_fd; /* The fd for debug_file */ extern FILE *debug_file; /* Where to write debugging info */ +extern int debug_notall[]; /* Debug options excluded from +all */ extern bit_table debug_options[]; /* Table of debug options */ extern int debug_options_count; /* Size of table */ +extern BOOL debug_store; /* Do extra checks on store_reset */ extern int delay_warning[]; /* Times between warnings */ extern uschar *delay_warning_condition; /* Condition string for warnings */ extern BOOL delivery_date_remove; /* Remove delivery-date headers */ extern uschar *deliver_address_data; /* Arbitrary data for an address */ extern int deliver_datafile; /* FD for data part of message */ -extern uschar *deliver_domain; /* The local domain for delivery */ +extern const uschar *deliver_domain; /* The local domain for delivery */ extern uschar *deliver_domain_data; /* From domain lookup */ -extern uschar *deliver_domain_orig; /* The original local domain for delivery */ -extern uschar *deliver_domain_parent; /* The parent domain for delivery */ +extern const uschar *deliver_domain_orig; /* The original local domain for delivery */ +extern const uschar *deliver_domain_parent; /* The parent domain for delivery */ extern BOOL deliver_drop_privilege; /* TRUE for unprivileged delivery */ extern BOOL deliver_firsttime; /* True for first delivery attempt */ extern BOOL deliver_force; /* TRUE if delivery was forced */ extern BOOL deliver_freeze; /* TRUE if delivery is frozen */ -extern int deliver_frozen_at; /* Time of freezing */ +extern time_t deliver_frozen_at; /* Time of freezing */ extern uschar *deliver_home; /* Home directory for pipes */ -extern uschar *deliver_host; /* (First) host for routed local deliveries */ +extern const uschar *deliver_host; /* (First) host for routed local deliveries */ /* Remote host for filter */ -extern uschar *deliver_host_address; /* Address for remote delivery filter */ +extern const uschar *deliver_host_address; /* Address for remote delivery filter */ +extern int deliver_host_port; /* Address for remote delivery filter */ extern uschar *deliver_in_buffer; /* Buffer for copying file */ extern ino_t deliver_inode; /* Inode for appendfile */ extern uschar *deliver_localpart; /* The local part for delivery */ @@ -273,27 +365,52 @@ extern uschar *deliver_selectstring; /* For selecting by recipient */ extern BOOL deliver_selectstring_regex; /* String is regex */ extern uschar *deliver_selectstring_sender; /* For selecting by sender */ extern BOOL deliver_selectstring_sender_regex; /* String is regex */ -#ifdef WITH_OLD_DEMIME -extern int demime_errorlevel; /* Severity of MIME error */ -extern int demime_ok; /* Nonzero if message has been demimed */ -extern uschar *demime_reason; /* Reason for broken MIME container */ +extern BOOL disable_callout_flush; /* Don't flush before callouts */ +extern BOOL disable_delay_flush; /* Don't flush before "delay" in ACL */ +#ifdef ENABLE_DISABLE_FSYNC +extern BOOL disable_fsync; /* Not for normal use */ #endif extern BOOL disable_ipv6; /* Don't do any IPv6 things */ extern BOOL disable_logging; /* Disables log writing when TRUE */ -#ifdef EXPERIMENTAL_DOMAINKEYS -extern uschar *dk_signing_domain; /* Domain used for signing a message. */ -extern uschar *dk_signing_selector; /* Selector used for signing a message. */ -extern int dk_do_verify; /* DK verification switch. Set with ACL control statement. */ +#ifndef DISABLE_DKIM +extern BOOL dkim_collect_input; /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */ +extern uschar *dkim_cur_signer; /* Expansion variable, holds the current "signer" domain or identity during a acl_smtp_dkim run */ +extern BOOL dkim_disable_verify; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */ +extern int dkim_key_length; /* Expansion variable, length of signing key in bits */ +extern uschar *dkim_signers; /* Expansion variable, holds colon-separated list of domains and identities that have signed a message */ +extern uschar *dkim_signing_domain; /* Expansion variable, domain used for signing a message. */ +extern uschar *dkim_signing_selector; /* Expansion variable, selector used for signing a message. */ +extern uschar *dkim_verify_signers; /* Colon-separated list of domains for each of which we call the DKIM ACL */ +#endif +#ifdef EXPERIMENTAL_DMARC +extern BOOL dmarc_has_been_checked; /* Global variable to check if test has been called yet */ +extern uschar *dmarc_ar_header; /* Expansion variable, suggested header for dmarc auth results */ +extern uschar *dmarc_domain_policy; /* Expansion for declared policy of used domain */ +extern uschar *dmarc_forensic_sender; /* Set sender address for forensic reports */ +extern uschar *dmarc_history_file; /* Expansion variable, file to store dmarc results */ +extern uschar *dmarc_status; /* Expansion variable, one word value */ +extern uschar *dmarc_status_text; /* Expansion variable, human readable value */ +extern uschar *dmarc_tld_file; /* Mozilla TLDs text file */ +extern uschar *dmarc_used_domain; /* Expansion variable, domain libopendmarc chose for DMARC policy lookup */ +extern BOOL dmarc_disable_verify; /* Set via ACL control statement. When set, DMARC verification is disabled for the current message */ +extern BOOL dmarc_enable_forensic; /* Set via ACL control statement. When set, DMARC forensic reports are enabled for the current message */ #endif extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standard) */ extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ +#ifdef EXPERIMENTAL_DANE +extern int dns_dane_ok; /* Ok to use DANE when checking TLS authenticity */ +#endif extern int dns_retrans; /* Retransmission time setting */ extern int dns_retry; /* Number of retries */ +extern int dns_dnssec_ok; /* When constructing DNS query, set DO flag */ +extern uschar *dns_trust_aa; /* DNSSEC trust AA as AD */ +extern int dns_use_edns0; /* Coerce EDNS0 support on/off in resolver. */ extern uschar *dnslist_domain; /* DNS (black) list domain */ +extern uschar *dnslist_matched; /* DNS (black) list matched key */ extern uschar *dnslist_text; /* DNS (black) list text message */ extern uschar *dnslist_value; /* DNS (black) list IP address */ extern tree_node *domainlist_anchor; /* Tree of defined domain lists */ @@ -304,18 +421,30 @@ extern BOOL dot_ends; /* TRUE if "." ends non-SMTP input */ /* This option is now a no-opt, retained for compatibility */ extern BOOL drop_cr; /* For broken local MUAs */ +extern uschar *dsn_from; /* From: string for DSNs */ + extern BOOL enable_dollar_recipients; /* Make $recipients available */ -extern int envelope_to_remove; /* Remove envelope_to_headers */ +extern BOOL envelope_to_remove; /* Remove envelope_to_headers */ extern int errno_quota; /* Quota errno in this OS */ extern int error_handling; /* Error handling style */ extern uschar *errors_copy; /* For taking copies of errors */ extern uschar *errors_reply_to; /* Reply-to for error messages */ extern int errors_sender_rc; /* Return after message to sender*/ + +#ifndef DISABLE_EVENT +extern uschar *event_action; /* expansion for delivery events */ +extern uschar *event_data; /* event data */ +extern int event_defer_errno; /* error number set when a remote delivery is deferred with a host error */ +extern const uschar *event_name; /* event classification */ +#endif + extern gid_t exim_gid; /* To be used with exim_uid */ extern BOOL exim_gid_set; /* TRUE if exim_gid set */ extern uschar *exim_path; /* Path to exec exim */ +extern const uschar *exim_sieve_extension_list[]; /* list of sieve extensions */ extern uid_t exim_uid; /* Non-root uid for exim */ extern BOOL exim_uid_set; /* TRUE if exim_uid set */ +extern int expand_level; /* Nesting depth; indent for debug */ extern int expand_forbid; /* RDO flags for forbidding things */ extern int expand_nlength[]; /* Lengths of numbered strings */ extern int expand_nmax; /* Max numerical value */ @@ -335,9 +464,6 @@ extern uschar *filter_test_ufile; /* User filter test file */ extern uschar *filter_thisaddress; /* For address looping */ extern int finduser_retries; /* Retry count for getpwnam() */ extern uid_t fixed_never_users[]; /* Can't be overridden */ -#ifdef WITH_OLD_DEMIME -extern uschar *found_extension; /* demime acl condition: file extension found */ -#endif extern uschar *freeze_tell; /* Message on (some) freezings */ extern uschar *freeze_tell_config; /* The configured setting */ extern uschar *fudged_queue_times; /* For use in test harness */ @@ -359,7 +485,7 @@ extern uschar *helo_try_verify_hosts; /* Soft check HELO argument for these */ extern BOOL helo_verified; /* True if HELO verified */ extern BOOL helo_verify_failed; /* True if attempt failed */ extern uschar *helo_verify_hosts; /* Hard check HELO argument for these */ -extern uschar *hex_digits; /* Used in several places */ +extern const uschar *hex_digits; /* Used in several places */ extern uschar *hold_domains; /* Hold up deliveries to these */ extern BOOL host_find_failed_syntax;/* DNS syntax check failure */ extern BOOL host_checking_callout; /* TRUE if real callout wanted */ @@ -380,10 +506,15 @@ extern uschar *hosts_treat_as_local; /* For routing */ extern int ignore_bounce_errors_after; /* Keep them for this time. */ extern BOOL ignore_fromline_local; /* Local SMTP ignore fromline */ extern uschar *ignore_fromline_hosts; /* Hosts permitted to send "From " */ +extern BOOL inetd_wait_mode; /* Whether running in inetd wait mode */ +extern int inetd_wait_timeout; /* Timeout for inetd wait mode */ +extern uschar *initial_cwd; /* The directory we where in at startup */ extern BOOL is_inetd; /* True for inetd calls */ +extern uschar *iterate_item; /* Item from iterate list */ extern int journal_fd; /* Fd for journal file */ +extern uschar *keep_environment; /* Whitelist for environment variables */ extern int keep_malformed; /* Time to keep malformed messages */ extern uschar *eldap_dn; /* Where LDAP DNs are left */ @@ -403,31 +534,37 @@ extern uid_t local_user_uid; /* As it says; may be set in routers */ extern tree_node *localpartlist_anchor;/* Tree of defined localpart lists */ extern int localpartlist_count; /* Number defined */ extern uschar *log_buffer; /* For constructing log entries */ -extern unsigned int log_extra_selector;/* Bit map of logging options other than used by log_write() */ +extern int log_default[]; /* Initialization list for log_selector */ extern uschar *log_file_path; /* If unset, use default */ +extern int log_notall[]; /* Log options excluded from +all */ extern bit_table log_options[]; /* Table of options */ extern int log_options_count; /* Size of table */ extern int log_reject_target; /* Target log for ACL rejections */ +extern unsigned int log_selector[]; /* Bit map of logging options */ extern uschar *log_selector_string; /* As supplied in the config */ extern FILE *log_stderr; /* Copy of stderr for log use, or NULL */ extern BOOL log_testing_mode; /* TRUE in various testing modes */ extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ -extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ extern uschar *login_sender_address; /* The actual sender address */ -extern lookup_info lookup_list[]; /* Vector of available lookups */ +extern lookup_info **lookup_list; /* Array of pointers to available lookups */ extern int lookup_list_count; /* Number of entries in the list */ +extern uschar *lookup_dnssec_authenticated; /* AD status of dns lookup */ extern int lookup_open_max; /* Max lookup files to cache */ extern uschar *lookup_value; /* Value looked up from file */ extern macro_item *macros; /* Configuration macros */ +extern macro_item *mlast; /* Last item in macro list */ +extern BOOL macros_builtin_created; /* Flag for lazy-create */ extern uschar *mailstore_basename; /* For mailstore deliveries */ #ifdef WITH_CONTENT_SCAN extern uschar *malware_name; /* Name of virus or malware ("W32/Klez-H") */ #endif +extern int max_received_linelength;/* What it says */ extern int max_username_length; /* For systems with broken getpwnam() */ extern int message_age; /* In seconds */ extern uschar *message_body; /* Start of message body for filter */ extern uschar *message_body_end; /* End of message body for filter */ +extern BOOL message_body_newlines; /* FALSE => remove newlines */ extern int message_body_size; /* Sic */ extern int message_body_visible; /* Amount visible in message_body */ extern int message_ended; /* State of message reading and how ended */ @@ -441,13 +578,18 @@ extern int message_linecount; /* As it says */ extern BOOL message_logs; /* TRUE to write message logs */ extern int message_size; /* Size of message */ extern uschar *message_size_limit; /* As it says */ +#ifdef SUPPORT_I18N +extern BOOL message_smtputf8; /* Internationalized mail handling */ +extern int message_utf8_downconvert; /* convert from utf8 */ +const extern pcre *regex_UTF8; /* For recognizing SMTPUTF8 settings */ +#endif extern uschar message_subdir[]; /* Subdirectory for messages */ extern uschar *message_reference; /* Reference for error messages */ /* MIME ACL expandables */ #ifdef WITH_CONTENT_SCAN extern int mime_anomaly_level; -extern uschar *mime_anomaly_text; +extern const uschar *mime_anomaly_text; extern uschar *mime_boundary; extern uschar *mime_charset; extern uschar *mime_content_description; @@ -472,6 +614,9 @@ extern BOOL no_mbox_unspool; /* don't unlink files in /scan directory #endif extern BOOL no_multiline_responses; /* For broken clients */ +extern const int on; /* For setsockopt */ +extern const int off; + extern optionlist optionlist_auths[]; /* These option lists are made */ extern int optionlist_auths_size; /* global so that readconf can */ extern optionlist optionlist_routers[]; /* see them for printing out */ @@ -492,17 +637,34 @@ extern BOOL parse_found_group; /* In the middle of a group */ extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ extern uschar *pipelining_advertise_hosts; /* As it says */ +extern BOOL pipelining_enable; /* As it says */ +#ifndef DISABLE_PRDR +extern BOOL prdr_enable; /* As it says */ +extern BOOL prdr_requested; /* Connecting mail server wants PRDR */ +#endif extern BOOL preserve_message_logs; /* Save msglog files */ extern uschar *primary_hostname; /* Primary name of this computer */ extern BOOL print_topbitchars; /* Topbit chars are printing chars */ extern uschar process_info[]; /* For SIGUSR1 output */ +extern int process_info_len; extern uschar *process_log_path; /* Alternate path */ extern BOOL prod_requires_admin; /* TRUE if prodding requires admin */ + +#if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS) +extern uschar *hosts_proxy; /* Hostlist which (require) use proxy protocol */ +extern uschar *proxy_external_address; /* IP of remote interface of proxy */ +extern int proxy_external_port; /* Port on remote interface of proxy */ +extern uschar *proxy_local_address; /* IP of local interface of proxy */ +extern int proxy_local_port; /* Port on local interface of proxy */ +extern BOOL proxy_session; /* TRUE if receiving mail from valid proxy */ +extern BOOL proxy_session_failed; /* TRUE if required proxy negotiation failed */ +#endif + extern uschar *prvscheck_address; /* Set during prvscheck expansion item */ extern uschar *prvscheck_keynum; /* Set during prvscheck expansion item */ extern uschar *prvscheck_result; /* Set during prvscheck expansion item */ -extern uschar *qualify_domain_recipient; /* Domain to qualify recipients with */ +extern const uschar *qualify_domain_recipient; /* Domain to qualify recipients with */ extern uschar *qualify_domain_sender; /* Domain to qualify senders with */ extern BOOL queue_2stage; /* Run queue in 2-stage manner */ extern uschar *queue_domains; /* Queue these domains */ @@ -515,14 +677,16 @@ extern BOOL queue_running; /* TRUE for queue running process and */ extern pid_t queue_run_pid; /* PID of the queue running process or 0 */ extern int queue_run_pipe; /* Pipe for synchronizing */ extern int queue_interval; /* Queue running interval */ +extern uschar *queue_name; /* Name of queue, if nondefault spooling */ extern BOOL queue_only; /* TRUE to disable immediate delivery */ extern int queue_only_load; /* Max load before auto-queue */ +extern BOOL queue_only_load_latch; /* Latch queue_only_load TRUE */ extern uschar *queue_only_file; /* Queue if file exists/not-exists */ extern BOOL queue_only_override; /* Allow override from command line */ extern BOOL queue_only_policy; /* ACL or local_scan wants queue_only */ extern BOOL queue_run_in_order; /* As opposed to random */ -extern int queue_run_max; /* Max queue runners */ -extern BOOL queue_smtp; /* Disable all immediate STMP (-odqs)*/ +extern uschar *queue_run_max; /* Max queue runners */ +extern BOOL queue_smtp; /* Disable all immediate SMTP (-odqs)*/ extern uschar *queue_smtp_domains; /* Ditto, for these domains */ extern unsigned int random_seed; /* Seed for random numbers */ @@ -554,15 +718,20 @@ extern uschar *recipient_verify_failure; /* What went wrong */ extern BOOL recipients_discarded; /* By an ACL */ extern int recipients_list_max; /* Maximum number fitting in list */ extern int recipients_max; /* Max permitted */ -extern int recipients_max_reject; /* If TRUE, reject whole message */ +extern BOOL recipients_max_reject; /* If TRUE, reject whole message */ extern const pcre *regex_AUTH; /* For recognizing AUTH settings */ extern const pcre *regex_check_dns_names; /* For DNS name checking */ extern const pcre *regex_From; /* For recognizing "From_" lines */ +extern const pcre *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */ extern const pcre *regex_SIZE; /* For recognizing SIZE settings */ -extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */ extern const pcre *regex_ismsgid; /* Compiled r.e. for message it */ +extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */ +extern uschar *regex_vars[]; /* $regexN variables */ +#ifdef WHITELIST_D_MACROS +extern const pcre *regex_whitelisted_macro; /* For -D macro values */ +#endif #ifdef WITH_CONTENT_SCAN extern uschar *regex_match_string; /* regex that matched a line (regex ACL condition) */ #endif @@ -579,10 +748,12 @@ extern int rewrite_existflags; /* Indicate which headers have rewrites * extern uschar *rfc1413_hosts; /* RFC hosts */ extern int rfc1413_query_timeout; /* Timeout on RFC 1413 calls */ /* extern BOOL rfc821_domains; */ /* If set, syntax is 821, not 822 => being abolished */ +extern uid_t root_gid; /* The gid for root */ extern uid_t root_uid; /* The uid for root */ extern router_info routers_available[];/* Vector of available routers */ extern router_instance *routers; /* Chain of instantiated routers */ extern router_instance router_defaults;/* Default values */ +extern uschar *router_name; /* Name of router last started */ extern BOOL running_in_test_harness; /*TRUE when running_status is patched */ extern ip_address_item *running_interfaces; /* Host's running interfaces */ extern uschar *running_status; /* Flag string for testing */ @@ -598,9 +769,11 @@ extern uschar *sender_address_unrewritten; /* Set if rewritten by verify */ extern uschar *sender_data; /* lookup result for senders */ extern unsigned int sender_domain_cache[(MAX_NAMED_LIST * 2)/32]; /* Cache bits for sender domain */ extern uschar *sender_fullhost; /* Sender host name + address */ +extern BOOL sender_helo_dnssec; /* True if HELO verify used DNS and was DNSSEC */ extern uschar *sender_helo_name; /* Host name from HELO/EHLO */ extern uschar **sender_host_aliases; /* Points to list of alias names */ extern unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32]; /* Cache bits for incoming host */ +extern BOOL sender_host_dnssec; /* true if sender_host_name verified in DNSSEC */ extern BOOL sender_host_notsocket; /* Set for -bs and -bS */ extern BOOL sender_host_unknown; /* TRUE for -bs and -bS except inetd */ extern uschar *sender_ident; /* Sender identity via RFC 1413 */ @@ -615,8 +788,11 @@ extern uschar *sender_unqualified_hosts; /* Permitted unqualified senders */ extern uschar *sender_verify_failure; /* What went wrong */ extern address_item *sender_verified_list; /* Saved chain of sender verifies */ extern address_item *sender_verified_failed; /* The one that caused denial */ -extern volatile BOOL sigalrm_seen; /* Flag for sigalrm_handler */ +extern uschar *sending_ip_address; /* Address of outgoing (SMTP) interface */ +extern int sending_port; /* Port of outgoing interface */ +extern SIGNAL_BOOL sigalrm_seen; /* Flag for sigalrm_handler */ extern uschar **sighup_argv; /* Args for re-execing after SIGHUP */ +extern int slow_lookup_log; /* Log DNS lookups taking longer than N millisecs */ extern int smtp_accept_count; /* Count of connections */ extern BOOL smtp_accept_keepalive; /* Set keepalive on incoming */ extern int smtp_accept_max; /* Max SMTP connections */ @@ -647,12 +823,14 @@ extern int smtp_load_reserve; /* Only from reserved if load > this */ extern int smtp_mailcmd_count; /* Count of MAIL commands */ extern int smtp_max_synprot_errors;/* Max syntax/protocol errors */ extern int smtp_max_unknown_commands; /* As it says */ +extern uschar *smtp_notquit_reason; /* Global for disconnect reason */ extern FILE *smtp_out; /* Incoming SMTP output file */ extern uschar *smtp_ratelimit_hosts; /* Rate limit these hosts */ extern uschar *smtp_ratelimit_mail; /* Parameters for MAIL limiting */ extern uschar *smtp_ratelimit_rcpt; /* Parameters for RCPT limiting */ extern uschar *smtp_read_error; /* Message for SMTP input error */ extern int smtp_receive_timeout; /* Applies to each received line */ +extern uschar *smtp_receive_timeout_s; /* ... expandable version */ extern uschar *smtp_reserve_hosts; /* Hosts for reserved slots */ extern BOOL smtp_return_error_details; /* TRUE to return full info */ extern int smtp_rlm_base; /* Base interval for MAIL rate limit */ @@ -663,19 +841,24 @@ extern int smtp_rlr_base; /* Base interval for RCPT rate limit */ extern double smtp_rlr_factor; /* Factor for RCPT rate limit */ extern int smtp_rlr_limit; /* Max delay */ extern int smtp_rlr_threshold; /* Threshold for RCPT rate limit */ -extern BOOL smtp_use_pipelining; /* Global for passed connections */ -extern BOOL smtp_use_size; /* Global for passed connections */ +extern unsigned smtp_peer_options; /* Global flags for passed connections */ +extern unsigned smtp_peer_options_wrap; /* stacked version hidden by TLS */ +#ifdef SUPPORT_I18N +extern uschar *smtputf8_advertise_hosts; /* ingress control */ +#endif #ifdef WITH_CONTENT_SCAN extern uschar *spamd_address; /* address for the spamassassin daemon */ extern uschar *spam_bar; /* the spam "bar" (textual representation of spam_score) */ extern uschar *spam_report; /* the spamd report (multiline) */ +extern uschar *spam_action; /* the spamd recommended-action */ extern uschar *spam_score; /* the spam score (float) */ extern uschar *spam_score_int; /* spam_score * 10 (int) */ #endif #ifdef EXPERIMENTAL_SPF +extern uschar *spf_guess; /* spf best-guess record */ extern uschar *spf_header_comment; /* spf header comment */ -extern uschar *spf_received; /* SPF-Received: header */ +extern uschar *spf_received; /* Received-SPF: header */ extern uschar *spf_result; /* spf result in string form */ extern uschar *spf_smtp_comment; /* spf comment to include in SMTP reply */ #endif @@ -698,15 +881,19 @@ extern BOOL srs_usetimestamp; /* SRS use timestamp flag */ #endif extern BOOL strict_acl_vars; /* ACL variables have to be set before being used */ extern int string_datestamp_offset;/* After insertion by string_format */ +extern int string_datestamp_length;/* After insertion by string_format */ +extern int string_datestamp_type; /* After insertion by string_format */ extern BOOL strip_excess_angle_brackets; /* Surrounding route-addrs */ extern BOOL strip_trailing_dot; /* Remove dots at ends of domains */ extern uschar *submission_domain; /* Domain for submission mode */ extern BOOL submission_mode; /* Can be forced from ACL */ extern uschar *submission_name; /* User name set from ACL */ extern BOOL suppress_local_fixups; /* Can be forced from ACL */ +extern BOOL suppress_local_fixups_default; /* former is reset to this; override with -G */ extern BOOL synchronous_delivery; /* TRUE if -odi is set */ extern BOOL syslog_duplication; /* FALSE => no duplicate logging */ extern int syslog_facility; /* As defined by Syslog.h */ +extern BOOL syslog_pid; /* TRUE if PID on syslogs */ extern uschar *syslog_processname; /* 'ident' param to openlog() */ extern BOOL syslog_timestamp; /* TRUE if time on syslogs */ extern uschar *system_filter; /* Name of system filter file */ @@ -722,12 +909,20 @@ extern uid_t system_filter_uid; /* Uid for running system filter */ extern BOOL system_filter_uid_set; /* TRUE if uid set */ extern BOOL system_filtering; /* TRUE when running system filter */ +extern BOOL tcp_fastopen_ok; /* appears to be supported by kernel */ extern BOOL tcp_nodelay; /* Controls TCP_NODELAY on daemon */ +#ifdef USE_TCP_WRAPPERS +extern uschar *tcp_wrappers_daemon_name; /* tcpwrappers daemon lookup name */ +#endif +extern int test_harness_load_avg; /* For use when testing */ extern int thismessage_size_limit; /* Limit for this message */ extern int timeout_frozen_after; /* Max time to keep frozen messages */ extern BOOL timestamps_utc; /* Use UTC for all times */ + +extern uschar *transport_name; /* Name of transport last started */ extern int transport_count; /* Count of bytes transported */ -extern uschar **transport_filter_argv; /* For on-the-fly filtering */ +extern int transport_newlines; /* Accurate count of number of newline chars transported */ +extern const uschar **transport_filter_argv; /* For on-the-fly filtering */ extern int transport_filter_timeout; /* Timeout for same */ extern BOOL transport_filter_timed_out; /* True if it did */ @@ -743,6 +938,7 @@ extern tree_node *tree_nonrecipients; /* Tree of nonrecipient addresses */ extern tree_node *tree_unusable; /* Tree of unusable addresses */ extern BOOL trusted_caller; /* Caller is trusted */ +extern BOOL trusted_config; /* Configuration file is trusted */ extern gid_t *trusted_groups; /* List of trusted groups */ extern uid_t *trusted_users; /* List of trusted users */ extern uschar *timezone_string; /* Required timezone setting */ @@ -758,6 +954,7 @@ extern uschar *warnmsg_delay; /* String form of delay time */ extern uschar *warnmsg_recipients; /* Recipients of warning message */ extern BOOL write_rejectlog; /* Control of reject logging */ +extern uschar *verify_mode; /* Running a router in verify mode */ extern uschar *version_copyright; /* Copyright notice */ extern uschar *version_date; /* Date of compilation */ extern uschar *version_cnumber; /* Compile number */