. Update the Copyright year (only) when changing content.
. /////////////////////////////////////////////////////////////////////////////
-.set previousversion "4.90"
+.set previousversion "4.91"
.include ./local_params
.set ACL "access control lists (ACLs)"
.set I " "
.macro copyyear
-2017
+2018
.endmacro
. /////////////////////////////////////////////////////////////////////////////
.section "FTP and web sites" "SECID2"
.cindex "web site"
.cindex "FTP site"
-The primary site for Exim source distributions is currently the University of
-Cambridge's FTP site, whose contents are described in &'Where to find the Exim
-distribution'& below. In addition, there is a web site and an FTP site at
-&%exim.org%&. These are now also hosted at the University of Cambridge. The
-&%exim.org%& site was previously hosted for a number of years by Energis
-Squared, formerly Planet Online Ltd, whose support I gratefully acknowledge.
+The primary site for Exim source distributions is the &%exim.org%& FTP site,
+available over HTTPS, HTTP and FTP. These services, and the &%exim.org%&
+website, are hosted at the University of Cambridge.
.cindex "wiki"
.cindex "FAQ"
online information is the Exim wiki (&url(http://wiki.exim.org)),
which contains what used to be a separate FAQ, as well as various other
examples, tips, and know-how that have been contributed by Exim users.
+The wiki site should always redirect to the correct place, which is currently
+provided by GitHub, and is open to editing by anyone with a GitHub account.
.cindex Bugzilla
An Exim Bugzilla exists at &url(https://bugs.exim.org). You can use
this to report bugs, and also to add items to the wish list. Please search
first to check that you are not duplicating a previous entry.
-
+Please do not ask for configuration help in the bug-tracker.
.section "Mailing lists" "SECID3"
.section "Where to find the Exim distribution" "SECTavail"
.cindex "FTP site"
+.cindex "HTTPS download site"
.cindex "distribution" "ftp site"
-The master ftp site for the Exim distribution is
+.cindex "distribution" "https site"
+The master distribution site for the Exim distribution is
.display
-&*ftp://ftp.exim.org/pub/exim*&
+&*https://downloads.exim.org/*&
.endd
-The file references that follow are relative to the &_exim_& directories at
-these sites. There are now quite a number of independent mirror sites around
+The service is available over HTTPS, HTTP and FTP.
+We encourage people to migrate to HTTPS.
+
+The content served at &'https://downloads.exim.org/'& is identical to the
+content served at &'https://ftp.exim.org/pub/exim'& and
+&'ftp://ftp.exim.org/pub/exim'&.
+
+If accessing via a hostname containing &'ftp'&, then the file references that
+follow are relative to the &_exim_& directories at these sites.
+If accessing via the hostname &'downloads'& then the subdirectories described
+here are top-level directories.
+
+There are now quite a number of independent mirror sites around
the world. Those that I know about are listed in the file called &_Mirrors_&.
-Within the &_exim_& directory there are subdirectories called &_exim3_& (for
+Within the top exim directory there are subdirectories called &_exim3_& (for
previous Exim 3 distributions), &_exim4_& (for the latest Exim 4
distributions), and &_Testing_& for testing versions. In the &_exim4_&
subdirectory, the current release can always be found in files called
.display
+&_exim-n.nn.tar.xz_&
&_exim-n.nn.tar.gz_&
&_exim-n.nn.tar.bz2_&
.endd
-where &'n.nn'& is the highest such version number in the directory. The two
+where &'n.nn'& is the highest such version number in the directory. The three
files contain identical data; the only difference is the type of compression.
-The &_.bz2_& file is usually a lot smaller than the &_.gz_& file.
+The &_.xz_& file is usually the smallest, while the &_.gz_& file is the
+most portable to old systems.
.cindex "distribution" "signing details"
.cindex "distribution" "public key"
&_nigel-pubkey.asc_&. All keys used will be available in public keyserver pools,
such as &'pool.sks-keyservers.net'&.
-At time of last update, releases were being made by Phil Pennock and signed with
-key &'0x403043153903637F'&, although that key is expected to be replaced in 2013.
-A trust path from Nigel's key to Phil's can be observed at
-&url(https://www.security.spodhuis.org/exim-trustpath).
-
-Releases have also been authorized to be performed by Todd Lyons who signs with
-key &'0xC4F4F94804D29EBA'&. A direct trust path exists between previous RE Phil
-Pennock and Todd Lyons through a common associate.
+At time of last update, releases were being made by Jeremy Harris and signed
+with key &'0xBCE58C8CE41F32DF'&. Other recent keys used for signing are those
+of Heiko Schlittermann, &'0x26101B62F69376CE'&,
+and of Phil Pennock, &'0x4D1E900E14C1CC04'&.
The signatures for the tar bundles are in:
.display
+&_exim-n.nn.tar.xz.asc_&
&_exim-n.nn.tar.gz.asc_&
&_exim-n.nn.tar.bz2.asc_&
.endd
&_exim-texinfo-n.nn.tar.gz_&
.endd
These tar files contain only the &_doc_& directory, not the complete
-distribution, and are also available in &_.bz2_& as well as &_.gz_& forms.
+distribution, and are also available in &_.bz2_& and &_.xz_& forms.
.section "Limitations" "SECID6"
are available, similarly to the drivers. Because macros are sometimes used
for storing passwords, this option is restricted.
The output format is one item per line.
-.new
For the "-bP macro <name>" form, if no such macro is found
the exit status will be nonzero.
-.wen
.vitem &%-bp%&
.oindex "&%-bp%&"
.vitem &%-MCK%&
.oindex "&%-MCK%&"
This option is not intended for use by external callers. It is used internally
-by Exim in conjunction with the &%-MC%& option. It signifies that an
+by Exim in conjunction with the &%-MC%& option. It signifies that a
remote host supports the ESMTP &_CHUNKING_& extension.
.vitem &%-MCP%&
${lookup redis{get keyname}}
.endd
+As of release 4.91, "lightweight" support for Redis Cluster is available.
+Requires &%redis_servers%& list to contain all the servers in the cluster, all
+of which must be reachable from the running exim instance. If the cluster has
+master/slave replication, the list must contain all the master and slave
+servers.
+
+When the Redis Cluster returns a "MOVED" response to a query, Exim does not
+immediately follow the redirection but treats the response as a DEFER, moving on
+to the next server in the &%redis_servers%& list until the correct server is
+reached.
+
.ecindex IIDfidalo1
.ecindex IIDfidalo2
If the ACL returns defer the result is a forced-fail. Otherwise the expansion fails.
-.new
.vitem "&*${authresults{*&<&'authserv-id'&>&*}}*&"
.cindex authentication "results header"
.cindex headers "authentication-results:"
+.cindex authentication "expansion item"
This item returns a string suitable for insertion as an
&'Authentication-Results"'&
header line.
The given <&'authserv-id'&> is included in the result; typically this
-will ba a domain name identifying the system performing the authentications.
-Methods that may be present in the result include:
+will be a domain name identifying the system performing the authentications.
+Methods that might be present in the result include:
.code
none
iprev
.code
add_header = :at_start:${authresults {$primary_hostname}}
.endd
-.wen
+This is safe even if no authentication results are available.
.vitem "&*${certextract{*&<&'field'&>&*}{*&<&'certificate'&>&*}&&&
The &%sha3%& expansion item is only supported if Exim has been
compiled with GnuTLS 3.5.0 or later,
-.new
or OpenSSL 1.1.1 or later.
The macro "_CRYPTO_HASH_SHA3" will be defined if it is supported.
-.wen
.vitem &*${stat:*&<&'string'&>&*}*&
user/password authenticator configuration might preserve the user name for use
in the routers. Note that this is not the same information that is saved in
&$sender_host_authenticated$&.
+
When a message is submitted locally (that is, not over a TCP connection)
the value of &$authenticated_id$& is normally the login name of the calling
process. However, a trusted user can override this by means of the &%-oMai%&
command line option.
+This second case also sets up inforamtion used by the
+&$authresults$& expansion item.
.vitem &$authenticated_fail_id$&
.cindex "authentication" "fail" "id"
the result, the name is not accepted, and &$host_lookup_deferred$& is set to
&"1"&. See also &$sender_host_name$&.
+.cindex authentication "expansion item"
+Performing these checks sets up information used by the
+&$authresults$& expansion item.
+
+
.vitem &$host_lookup_failed$&
.vindex "&$host_lookup_failed$&"
See &$host_lookup_deferred$&.
is compiled with the content-scanning extension. For details, see section
&<<SECTscanspamass>>&.
-.new
.vitem &$spf_header_comment$& &&&
&$spf_received$& &&&
&$spf_result$& &&&
+ &$spf_result_guessed$& &&&
&$spf_smtp_comment$&
These variables are only available if Exim is built with SPF support.
For details see section &<<SECSPF>>&.
-.wen
.vitem &$spool_directory$&
.vindex "&$spool_directory$&"
&%certextract%& expansion item, &%md5%&, &%sha1%& or &%sha256%& operator,
or a &%def%& condition.
-&*Note*&: Under current versions of OpenSSL, when a list of more than one
+&*Note*&: Under versions of OpenSSL preceding 1.1.1,
+when a list of more than one
file is used for &%tls_certificate%&, this variable is not reliable.
.vitem &$tls_in_peercert$&
-.new
.option spf_guess main string "v=spf1 a/24 mx/24 ptr ?all"
This option is available when Exim is compiled with SPF support.
See section &<<SECSPF>>& for more details.
-.wen
.option spool_wireformat main boolean false
.cindex "spool directory" "file formats"
-If this option is set, Exim may for some messages use an alternate format
+If this option is set, Exim may for some messages use an alternative format
for data-files in the spool which matches the wire format.
Doing this permits more efficient message reception and transmission.
-Currently it is only done for messages received using the EMSTP CHUNKING
+Currently it is only done for messages received using the ESMTP CHUNKING
option.
The following variables will not have useful values:
Users of the local_scan() API (see &<<CHAPlocalscan>>&),
and any external programs which are passed a reference to a message data file
(except via the &"regex"&, &"malware"& or &"spam"&) ACL conditions)
-will need to be aware of the potential different format.
+will need to be aware of the different formats potentially available.
Using any of the ACL conditions noted will negate the reception benefit
(as a Unix-mbox-format file is constructed for them).
&*Note*&: If you use filenames based on IP addresses, change the list
separator in the usual way to avoid confusion under IPv6.
-&*Note*&: Under current versions of OpenSSL, when a list of more than one
+&*Note*&: Under versions of OpenSSL preceding 1.1.1,
+when a list of more than one
file is used, the &$tls_in_ourcert$& variable is unreliable.
&*Note*&: OCSP stapling is not usable under OpenSSL
This option specifies a certificate revocation list. The expanded value must
be the name of a file that contains CRLs in PEM format.
-.new
Under OpenSSL the option can specify a directory with CRL files.
&*Note:*& Under OpenSSL the option must, if given, supply a CRL
for each signing element of the certificate chain (i.e. all but the leaf).
For the file variant this can be multiple PEM blocks in the one file.
-.wen
See &<<SECTtlssni>>& for discussion of when this option might be re-expanded.
Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
-.new
For GnuTLS 3.5.6 or later the expanded value of this option can be a list
of files, to match a list given for the &%tls_certificate%& option.
The ordering of the two lists must match.
-.wen
.option tls_on_connect_ports main "string list" unset
MX records of equal priority are sorted by Exim into a random order. Exim then
looks for address records for the host names obtained from MX or SRV records.
When a host has more than one IP address, they are sorted into a random order,
-.new
except that IPv6 addresses are sorted before IPv4 addresses. If all the
-.wen
IP addresses found are discarded by a setting of the &%ignore_target_hosts%&
generic option, the router declines.
also being queued.
-.new
.option ipv4_only "string&!!" unset
.cindex IPv6 disabling
.cindex DNS "IPv6 disabling"
or an empty string, or one of the strings “0” or “no” or “false”
(checked without regard to the case of the letters),
A records are sorted before AAAA records (inverting the default).
-.wen
.option mx_domains dnslookup "domain list&!!" unset
.cindex "MX record" "required to exist"
&%bydns%&: look up address records for the hosts directly in the DNS; fail if
no address records are found. If there is a temporary DNS error (such as a
timeout), delivery is deferred.
-.new
.next
&%ipv4_only%&: in direct DNS lookups, look up only A records.
.next
&%ipv4_prefer%&: in direct DNS lookups, sort A records before AAAA records.
-.wen
.endlist
For example:
option.
-.new
.option dane_require_tls_ciphers smtp string&!! unset
.cindex "TLS" "requiring specific ciphers for DANE"
.cindex "cipher" "requiring specific"
counter-intuitively decreasing it.
If the option expands to be empty or is forced to fail, then it will
be treated as unset and &%tls_require_ciphers%& will be used instead.
-.wen
.option data_timeout smtp time 5m
TLS session for any host that matches this list.
&%tls_verify_certificates%& should also be set for the transport.
-.new
.option hosts_require_dane smtp "host list&!!" unset
.cindex DANE "transport options"
.cindex DANE "requiring for certain servers"
and that a DANE-verified TLS connection is made.
There will be no fallback to in-clear communication.
See section &<<SECDANE>>&.
-.wen
.option hosts_require_ocsp smtp "host list&!!" unset
.cindex "TLS" "requiring for certain servers"
CHUNKING support, Exim will attempt to use BDAT commands rather than DATA.
BDAT will not be used in conjunction with a transport filter.
-.new
.option hosts_try_dane smtp "host list&!!" unset
.cindex DANE "transport options"
.cindex DANE "attempting for certain servers"
a DANE-verified TLS connection is made to that host;
there will be no fallback to in-clear communication.
See section &<<SECDANE>>&.
-.wen
.option hosts_try_fastopen smtp "host list&!!" unset
.cindex "fast open, TCP" "enabling, in client"
client from which the message was received. This variable is empty if there was
no successful authentication.
+.cindex authentication "expansion item"
+Successful authentication sets up information used by the
+&$authresults$& expansion item.
+
Note that the hostlist test for whether to do authentication can be
confused if name-IP lookups change between the time the peer is decided
-on and the transport running. For example, with a manualroute
-router given a host name, and DNS "round-robin" use by that name: if
+upon and the time that the transport runs. For example, with a manualroute
+router given a host name, and with DNS "round-robin" used by that name: if
the local resolver cache times out between the router and the transport
running, the transport may get an IP for the name for its authentication
check which does not match the connection peer IP.
contentious. As of RFC 8314, the common practice of using the historically
allocated port 465 for "email submission but with TLS immediately upon connect
instead of using STARTTLS" is officially blessed by the IETF, and recommended
-in preference to STARTTLS.
+by them in preference to STARTTLS.
The name originally assigned to the port was &"ssmtp"& or &"smtps"&, but as
clarity emerged over the dual roles of SMTP, for MX delivery and Email
reassigned for other use.
Thus you may encounter guidance claiming that you shouldn't enable use of
this port.
-In practice, a number of mail-clients have only supported submissions, not
-submission with STARTTLS upgrade.
+In practice, a number of mail-clients have only ever supported submissions,
+not submission with STARTTLS upgrade.
Ideally, offer both submission (587) and submissions (465) service.
Exim supports TLS-on-connect by means of the &%tls_on_connect_ports%&
-.new
.section DANE "SECDANE"
.cindex DANE
DNS-based Authentication of Named Entities, as applied to SMTP over TLS, provides assurance to a client that
DANE-TA is commonly used for several services and/or servers, each having a TLSA query-domain CNAME record,
all of which point to a single TLSA record.
+Another approach which should be seriously considered is to use DANE with a certificate
+from a public CA, because of another technology, "MTA-STS", described below.
+
The TLSA record should have a Selector field of SPKI(1) and a Matching Type field of SHA2-512(2).
At the time of writing, &url(https://www.huque.com/bin/gen_tlsa)
Section 4.3 of that document.
Under GnuTLS, DANE is only supported from version 3.0.0 onwards.
-.wen
+
+DANE is specified in published RFCs and decouples certificate authority trust
+selection from a "race to the bottom" of "you must trust everything for mail
+to get through". There is an alternative technology called MTA-STS, which
+instead publishes MX trust anchor information on an HTTPS website. At the
+time this text was last updated, MTA-STS was still a draft, not yet an RFC.
+Exim has no support for MTA-STS as a client, but Exim mail server operators
+can choose to publish information describing their TLS configuration using
+MTA-STS to let those clients who do use that protocol derive trust
+information.
+
+The MTA-STS design requires a certificate from a public Certificate Authority
+which is recognized by clients sending to you. That selection is outside your
+control.
+
+The most interoperable course of action is probably to use
+&url(https://letsencrypt.org/,Let's Encrypt), with automated certificate
+renewal; to publish the anchor information in DNSSEC-secured DNS via TLSA
+records for DANE clients (such as Exim and Postfix) and to publish anchor
+information for MTA-STS as well. This is what is done for the &'exim.org'&
+domain itself (with caveats around occasionally broken MTA-STS because of
+incompatible specification changes prior to reaching RFC status).
Note also that headers cannot be
modified by any of the post-data ACLs (DATA, MIME and DKIM).
Headers may be modified by routers (subject to the above) and transports.
-The Received-By: header is generated as soon as the body reception starts,
+The &'Received-By:'& header is generated as soon as the body reception starts,
rather than the traditional time after the full message is received;
this will affect the timestamp.
before use.
The usual list-parsing of the content (see &<<SECTlistconstruct>>&) applies.
The following scanner types are supported in this release,
-.new
though individual ones can be included or not at build time:
-.wen
.vlist
.vitem &%avast%&
or host and port specifiers separated by white space.
The host may be a name or an IP address; the port is either a
single number or a pair of numbers with a dash between.
-Any further options are given, on separate lines,
-to the daemon as options before the main scan command.
+A list of options may follow. These options are interpreted on the
+Exim's side of the malware scanner, or are given on separate lines to
+the daemon as options before the main scan command.
+
+.cindex &`pass_unscanned`& "avast"
+If &`pass_unscanned`&
+is set, any files the Avast scanner can't scan (e.g.
+decompression bombs, or invalid archives) are considered clean. Use with
+care.
+
For example:
.code
av_scanner = avast:/var/run/avast/scan.sock:FLAGS -fullfiles:SENSITIVITY -pup
+av_scanner = avast:/var/run/avast/scan.sock:pass_unscanned:FLAGS -fullfiles:SENSITIVITY -pup
av_scanner = avast:192.168.2.22 5036
.endd
If you omit the argument, the default path
PACK
.endd
-Only the first virus detected will be reported.
-
+If the scanner returns a temporary failure (e.g. license issues, or
+permission problems), the message is deferred and a paniclog entry is
+written. The usual &`defer_ok`& option is available.
.vitem &%aveserver%&
.cindex "virus scanners" "Kaspersky"
If the value of av_scanner points to a UNIX socket file or contains the
&`local`&
option, then the ClamAV interface will pass a filename containing the data
-to be scanned, which will should normally result in less I/O happening and be
+to be scanned, which should normally result in less I/O happening and be
more efficient. Normally in the TCP case, the data is streamed to ClamAV as
Exim does not assume that there is a common filesystem with the remote host.
.code
av_scanner = f-protd:localhost 10200-10204
.endd
-If you omit the argument, the default values show above are used.
+If you omit the argument, the default values shown above are used.
.vitem &%f-prot6d%&
.cindex "virus scanners" "f-prot6d"
failed. The delivery was discarded.
.endlist olist
.next
-.new
.cindex DKIM "log line"
&'DKIM: d='&&~&~Verbose results of a DKIM verification attempt, if enabled for
logging and the message has a DKIM signature header.
-.wen
.endlist ilist
&` queue_time_overall `& time on queue for whole message
&` pid `& Exim process id
&` proxy `& proxy address on <= and => lines
+&` receive_time `& time taken to receive message
&` received_recipients `& recipients on <= lines
&` received_sender `& sender on <= lines
&`*rejected_header `& header contents on reject log
&%delivery_size%&: For each delivery, the size of message delivered is added to
the &"=>"& line, tagged with S=.
.next
-.new
.cindex log "DKIM verification"
.cindex DKIM "verification logging"
&%dkim%&: For message acceptance log lines, when an DKIM signature in the header
.cindex log "DKIM verification"
.cindex DKIM "verification logging"
&%dkim_verbose%&: A log entry is written for each attempted DKIM verification.
-.wen
.next
.cindex "log" "dnslist defer"
.cindex "DNS list" "logging defer"
the local host is logged as QT=<&'time'&> on &"Completed"& lines, for
example, &`QT=3m45s`&. The clock starts when Exim starts to receive the
message, so it includes reception time as well as the total delivery time.
-.new
.next
.cindex "log" "receive duration"
&%receive_time%&: For each message, the amount of real time it has taken to
perform the reception is logged as RT=<&'time'&>, for example, &`RT=1s`&.
If millisecond logging is enabled, short times will be shown with greater
precision, eg. &`RT=0.204s`&.
-.wen
.next
.cindex "log" "recipients"
&%received_recipients%&: The recipients of a message are listed in the main log
&%tls_certificate_verified%&: An extra item is added to <= and => log lines
when TLS is in use. The item is &`CV=yes`& if the peer's certificate was
verified
-.new
using a CA trust anchor,
&`CA=dane`& if using a DNS trust anchor,
-.wen
and &`CV=no`& if not.
.next
.cindex "log" "TLS cipher"
be tracked on a per-domain basis, rather than merely upon source IP address.
DKIM is documented in RFC 6376.
-.new
As DKIM relies on the message being unchanged in transit, messages handled
by a mailing-list (which traditionally adds to the message) will not match
any original DKIM signature.
-.wen
DKIM support is compiled into Exim by default if TLS support is present.
It can be disabled by setting DISABLE_DKIM=yes in &_Local/Makefile_&.
default "policy". Instead it enables you to build your own policy using
Exim's standard controls.
-.new
Please note that verification of DKIM signatures in incoming mail is turned
on by default for logging (in the <= line) purposes.
c=relaxed/relaxed a=rsa-sha1
i=@facebookmail.com t=1252484542 [verification succeeded]
.endd
-.wen
You might want to turn off DKIM verification processing entirely for internal
or relay mail sources. To do that, set the &%dkim_disable_verify%& ACL
.section "Signing outgoing messages" "SECDKIMSIGN"
.cindex "DKIM" "signing"
-.new
For signing to be usable you must have published a DKIM record in DNS.
Note that RFC 8301 says:
.code
for the former it is the base64 of the ASN.1 for the RSA public key
(equivalent to the private-key .pem with the header/trailer stripped)
but for EC keys it is the base64 of the pure key; no ASN.1 wrapping.
-.wen
Signing is enabled by setting private options on the SMTP transport.
These options take (expandable) strings as arguments.
The result can either
.ilist
be a valid RSA private key in ASCII armor (.pem file), including line breaks
-.new
.next
-with GnuTLS 3.6.0 or later, be a valid Ed25519 private key (same format as above)
-.wen
+with GnuTLS 3.6.0 or OpenSSL 1.1.1 or later,
+be a valid Ed25519 private key (same format as above)
.next
start with a slash, in which case it is treated as a file that contains
the private key
is set.
.endlist
-.new
+To generate keys under OpenSSL:
+.code
+openssl genrsa -out dkim_rsa.private 2048
+openssl rsa -in dkim_rsa.private -out /dev/stdout -pubout -outform PEM
+.endd
+Take the base-64 lines from the output of the second command, concatenated,
+for the DNS TXT record.
+See section 3.6 of RFC6376 for the record specification.
+
+Under GnuTLS:
+.code
+certtool --generate-privkey --rsa --bits=2048 --password='' -8 --outfile=dkim_rsa.private
+certtool --load-privkey=dkim_rsa.private --pubkey-info
+.endd
+
Note that RFC 8301 says:
.code
Signers MUST use RSA keys of at least 1024 bits for all keys.
for some transition period.
The "_CRYPTO_SIGN_ED25519" macro will be defined if support is present
for EC keys.
-.wen
+
+OpenSSL 1.1.1 and GnuTLS 3.6.0 can create Ed25519 private keys:
+.code
+openssl genpkey -algorithm ed25519 -out dkim_ed25519.private
+certtool --generate-privkey --key-type=ed25519 --outfile=dkim_ed25519.private
+.endd
+
+To produce the required public key value for a DNS record:
+.code
+openssl pkey -outform DER -pubout -in dkim_ed25519.private | tail -c +13 | base64
+certtool --load_privkey=dkim_ed25519.private --pubkey_info --outder | tail -c +13 | base64
+.endd
+
+Note that the format
+of Ed25519 keys in DNS has not yet been decided; this release supports
+both of the leading candidates at this time, a future release will
+probably drop support for whichever proposal loses.
.option dkim_hash smtp string&!! sha256
-Can be set alternatively to &"sha1"& to use an alternate hash
-method.
+Can be set to any one of the supported hash methods, which are:
+.ilist
+&`sha1`& &-- should not be used, is old and insecure
+.next
+&`sha256`& &-- the default
+.next
+&`sha512`& &-- possibly more secure but less well supported
+.endlist
-.new
Note that RFC 8301 says:
.code
rsa-sha1 MUST NOT be used for signing or verifying.
.endd
-.wen
.option dkim_identity smtp string&!! unset
If set after expansion, the value is used to set an "i=" tag in
containing the signature status and its details are set up during the
runtime of the ACL.
+.cindex authentication "expansion item"
+Performing verification sets up information used by the
+&$authresults$& expansion item.
+
Calling the ACL only for existing signatures is not sufficient to build
more advanced policies. For that reason, the global option
&%dkim_verify_signers%&, and a global expansion variable
This might, for instance, be done to enforce a policy restriction on
hash-method or key-size:
.code
- warn condition = ${if eq {$dkim_verify_status}{pass}}
- condition = ${if eq {$len_3:$dkim_algo}{rsa}}
- condition = ${if or {eq {$dkim_algo}{rsa-sha1}} \
- {< {$dkim_key_length}{1024}} }
- logwrite = NOTE: forcing dkim verify fail (was pass)
- set dkim_verify_status = fail
- set dkim_verify_reason = hash too weak or key too short
+ warn condition = ${if eq {$dkim_verify_status}{pass}}
+ condition = ${if eq {${length_3:$dkim_algo}}{rsa}}
+ condition = ${if or {{eq {$dkim_algo}{rsa-sha1}} \
+ {< {$dkim_key_length}{1024}}}}
+ logwrite = NOTE: forcing DKIM verify fail (was pass)
+ set dkim_verify_status = fail
+ set dkim_verify_reason = hash too weak or key too short
.endd
After all the DKIM ACL runs have completed, the value becomes a
.vitem &%$dkim_algo%&
The algorithm used. One of 'rsa-sha1' or 'rsa-sha256'.
-.new
-If running under GnuTLS 3.6.0 or later, may also be 'ed25519-sha256'.
+If running under GnuTLS 3.6.0 or OpenSSL 1.1.1 or later,
+may also be 'ed25519-sha256'.
The "_CRYPTO_SIGN_ED25519" macro will be defined if support is present
for EC keys.
-.wen
-.new
Note that RFC 8301 says:
.code
rsa-sha1 MUST NOT be used for signing or verifying.
To enforce this you must have a DKIM ACL which checks this variable
and overwrites the &$dkim_verify_status$& variable as discussed above.
-.wen
.vitem &%$dkim_canon_body%&
The body canonicalization method. One of 'relaxed' or 'simple'.
signature to be treated as "expired". When this was not specified by the
signer, "9999999999999" is returned. This makes it possible to do useful
integer size comparisons against this value.
-.new
Note that Exim does not check this value.
-.wen
.vitem &%$dkim_headernames%&
A colon-separated list of names of headers included in the signature.
.vitem &%$dkim_key_length%&
Number of bits in the key.
-.new
Note that RFC 8301 says:
.code
Verifiers MUST NOT consider signatures using RSA keys of
To enforce this you must have a DKIM ACL which checks this variable
and overwrites the &$dkim_verify_status$& variable as discussed above.
As EC keys are much smaller, the check should only do this for RSA keys.
-.wen
.endlist
-.new
.section "SPF (Sender Policy Framework)" SECSPF
.cindex SPF verification
SPF verification support is built into Exim if SUPPORT_SPF=yes is set in
&_Local/Makefile_&. The support uses the &_libspf2_& library
&url(http://www.libspf2.org/).
-There is no Exim involvement on the trasmission of messages; publishing certain
-DNS records is all that is required.
+There is no Exim involvement in the transmission of messages;
+publishing certain DNS records is all that is required.
For verification, an ACL condition and an expansion lookup are provided.
+.cindex authentication "expansion item"
+Performing verification sets up information used by the
+&$authresults$& expansion item.
+
.cindex SPF "ACL condition"
.cindex ACL "spf condition"
.vitem &%permerror%&
This indicates a syntax error in the SPF record of the queried domain.
-You may deny messages when this occurs. (Changed in 4.83)
+You may deny messages when this occurs.
.vitem &%temperror%&
This indicates a temporary error during all processing, including Exim's
SPF processing. You may defer messages when this occurs.
-(Changed in 4.83)
-
-.vitem &%err_temp%&
-Same as permerror, deprecated in 4.83, will be removed in a future release.
-
-.vitem &%err_perm%&
-Same as temperror, deprecated in 4.83, will be removed in a future release.
.endlist
You can prefix each string with an exclamation mark to invert
one of pass, fail, softfail, none, neutral, permerror or
temperror.
+.vitem &$spf_result_guessed$&
+.vindex &$spf_result_guessed$&
+ This boolean is true only if a best-guess operation was used
+ and required in order to obtain a result.
+
.vitem &$spf_smtp_comment$&
.vindex &$spf_smtp_comment$&
This contains a string that can be used in a SMTP response
${lookup {username@domain} spf {ip.ip.ip.ip}}
.endd
-The lookup will return the same result strings as they can appear in
+The lookup will return the same result strings as can appear in
&$spf_result$& (pass,fail,softfail,neutral,none,err_perm,err_temp).
Currently, only IPv4 addresses are supported.
-. wen-for SPF section
-.wen
. ////////////////////////////////////////////////////////////////////////////
.cindex utf8 "address downconversion"
.cindex i18n "utf8 address downconversion"
-.new
The RCPT ACL
-.wen
may use the following modifier:
.display
control = utf8_downconvert
options, and new features, see the NewStuff file next to this ChangeLog.
-Exim 4.next
-----------
+Exim version 4.92
+-----------------
JH/01 Remove code calling the customisable local_scan function, unless a new
definition "HAVE_LOCAL_SCAN=yes" is present in the Local/Makefile.
JH/02 Bug 1007: Avoid doing logging from signal-handlers, as that can result in
non-signal-safe funxtions being used.
-JH/03 Fix syslog logging for syslog_timestamp=no and log_selector +millisec.
- Previously the millisecond value corrupted the output.
- Fix also for syslog_pid=no and log_selector +pid, for which the pid
- corrupted the output.
-Since Exim version 4.90
------------------------
+Exim version 4.91
+-----------------
GF/01 DEFER rather than ERROR on redis cluster MOVED response.
- When redis_servers is set to a list of > 1 element, and the Redis servers
- in that list are in cluster configuration, convert the REDIS_REPLY_ERROR
- case of MOVED into a DEFER case instead, thus moving the query onto the
- next server in the list. For a cluster of N elements, all N servers must
- be defined in redis_servers.
+ When redis_servers is set to a list of > 1 element, and the Redis servers
+ in that list are in cluster configuration, convert the REDIS_REPLY_ERROR
+ case of MOVED into a DEFER case instead, thus moving the query onto the
+ next server in the list. For a cluster of N elements, all N servers must
+ be defined in redis_servers.
+
+GF/02 Catch and remove uninitialized value warning in exiqsumm
+ Check for existence of @ARGV before looking at $ARGV[0]
JH/01 Replace the store_release() internal interface with store_newblock(),
which internalises the check required to safely use the old one, plus
dead before release of memory in the daemon loop. This stops complaints
about them when the debug_store option is enabled. Discovered specifically
for sender_rate_period, but applies to a whole set of variables.
- Do the same for the queue-runner loop, for variables set from spool
- message files.
+ Do the same for the queue-runner and queue-list loops, for variables set
+ from spool message files. Do the same for the SMTP per-message loop, for
+ certain variables indirectly set in ACL operations.
-PP/02 DANE: add dane_require_tls_ciphers SMTP Transport option; if unset,
- tls_require_ciphers is used as before.
+JH/29 Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such
+ as a multi-recipient message from a mailinglist manager). The coding had
+ an arbitrary cutoff number of characters while checking for more input;
+ enforced by writing a NUL into the buffer. This corrupted long / fast
+ input. The problem was exposed more widely when more pipelineing of SMTP
+ responses was introduced, and one Exim system was feeding another.
+ The symptom is log complaints of SMTP syntax error (NUL chars) on the
+ receiving system, and refused recipients seen by the sending system
+ (propating to people being dropped from mailing lists).
+ Discovered and pinpointed by David Carter.
+
+JH/30 The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being
+ replaced by the ${authresults } expansion.
+
+JH/31 Bug 2257: Fix pipe transport to not use a socket-only syscall.
+
+HS/03 Set a handler for SIGTERM and call exit(3) if running as PID 1. This
+ allows proper process termination in container environments.
+
+JH/32 Bug 2258: Fix spool_wireformat in combination with LMTP transport.
+ Previously the "final dot" had a newline after it; ensure it is CR,LF.
+
+JH/33 SPF: remove support for the "spf" ACL condition outcome values "err_temp"
+ and "err_perm", deprecated since 4.83 when the RFC-defined words
+ "temperror" and "permerror" were introduced.
JH/34 Re-introduce enforcement of no cutthrough delivery on transports having
transport-filters or DKIM-signing. The restriction was lost in the
consolidation of verify-callout and delivery SMTP handling.
Extend the restriction to also cover ARC-signing.
+JH/35 Cutthrough: for a final-dot response timeout (and nonunderstood responses)
+ in defer=pass mode supply a 450 to the initiator. Previously the message
+ would be spooled.
+
+PP/02 DANE: add dane_require_tls_ciphers SMTP Transport option; if unset,
+ tls_require_ciphers is used as before.
+
+HS/03 Malware Avast: Better match the Avast multiline protocol. Add
+ "pass_unscanned". Only tmpfails from the scanner are written to
+ the paniclog, as they may require admin intervention (permission
+ denied, license issues). Other scanner errors (like decompression
+ bombs) do not cause a paniclog entry.
+
+JH/36 Fix reinitialisation of DKIM logging variable between messages.
+ Previously it was possible to log spurious information in receive log
+ lines.
+
+JH/37 Bug 2255: Revert the disable of the OpenSSL session caching. This
+ triggered odd behaviour from Outlook Express clients.
+
+PP/03 Add util/renew-opendmarc-tlds.sh script for safe renewal of public
+ suffix list.
+
+JH/38 DKIM: accept Ed25519 pubkeys in SubjectPublicKeyInfo-wrapped form,
+ since the IETF WG has not yet settled on that versus the original
+ "bare" representation.
+
+JH/39 Fix syslog logging for syslog_timestamp=no and log_selector +millisec.
+ Previously the millisecond value corrupted the output.
+ Fix also for syslog_pid=no and log_selector +pid, for which the pid
+ corrupted the output.
+
Exim version 4.90
-----------------
test from the snapshots or the Git before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.92
+--------------
+
Version 4.91
--------------
under OpenSSL version 1.1.1 or later.
9. DKIM operations can now use the Ed25519 algorithm in addition to RSA, under
- GnuTLS 3.6.0 or later.
+ GnuTLS 3.6.0 or OpenSSL 1.1.1 or later.
10. Builtin feature-macros _CRYPTO_HASH_SHA3 and _CRYPTO_SIGN_ED25519, library
version dependent.
Authentication-Results: header.
13. EXPERIMENTAL_ARC. See the experimental.spec file.
+ See also new util/renew-opendmarc-tlds.sh script for use with DMARC/ARC.
14: A dane:fail event, intended to facilitate reporting.
+15. "Lightweight" support for Redis Cluster. Requires redis_servers list to
+ contain all the servers in the cluster, all of which must be reachable from
+ the running exim instance. If the cluster has master/slave replication, the
+ list must contain all the master and slave servers.
+
+16. Add an option to the Avast scanner interface: "pass_unscanned". This
+ allows to treat unscanned files as clean. Files may be unscanned for
+ several reasons: decompression bombs, broken archives.
+
Version 4.90
------------
2. Use the following global settings to configure DMARC:
-Optional:
+Required:
dmarc_tld_file Defines the location of a text file of valid
top level domains the opendmarc library uses
during domain parsing. Maintained by Mozilla,
the most current version can be downloaded
from a link at http://publicsuffix.org/list/.
- If unset, "/etc/exim/opendmarc.tlds" (hardcoded)
- is used.
+ See also util/renew-opendmarc-tlds.sh script.
Optional:
dmarc_history_file Defines the location of a file to log results
supports, including LDAP, Postgres, MySQL, etc, as long as the
result is a list of colon-separated strings.
+Performing the check sets up information used by the
+${authresults } expansion item.
+
Several expansion variables are set before the DATA ACL is
processed, and you can use them in this ACL. The following
expansion variables are available:
are "none", "reject" and "quarantine". It is blank when there
is any error, including no DMARC record.
- o $dmarc_ar_header
- This is the entire Authentication-Results header which you can
- add using an add_header modifier.
+A now-redundant variable $dmarc_ar_header has now been withdrawn.
+Use the ${authresults } expansion instead.
5. How to enable DMARC advanced operation:
warn dmarc_status = accept : none : off
!authenticated = *
log_message = DMARC DEBUG: $dmarc_status $dmarc_used_domain
- add_header = $dmarc_ar_header
warn dmarc_status = !accept
!authenticated = *
!authenticated = *
message = Message from $dmarc_used_domain failed sender's DMARC policy, REJECT
+ warn add_header = :at_start:${authresults {$primary_hostname}}
+
DSN extra information
The transport only takes one option:
* directory - This is used to specify the directory messages should be
-copied to
+copied to. Expanded.
The generic transport options (body_only, current_directory, disable_logging,
debug_print, delivery_date_add, envelope_to_add, event_action, group,
This assumes that `/opt/openssl` is not in use. If it is, pick
something else. `/opt/exim/openssl` perhaps.
+If you pick a location shared amongst various local packages, such as
+`/usr/local` on Linux, then the new OpenSSL will be used by all of those
+packages. If that's what you want, great! If instead you want to
+ensure that only software you explicitly set to use the newer OpenSSL
+will try to use the new OpenSSL, then stick to something like
+`/opt/openssl`.
+
./config --prefix=/opt/openssl --openssldir=/etc/ssl \
-L/opt/openssl/lib -Wl,-R/opt/openssl/lib \
enable-ssl-trace shared
make
make install
+On some systems, the linker uses `-rpath` instead of `-R`; on such systems,
+replace the parameter starting `-Wl` with: `-Wl,-rpath,/opt/openssl/lib`.
+There are more variations on less common systems.
+
You now have an installed OpenSSL under /opt/openssl which will not be
used by any system programs.
choose the pkg-config approach in that file, but also tell Exim to add
the relevant directory into the rpath stamped into the binary:
+ PKG_CONFIG_PATH=/opt/openssl/lib/pkgconfig
+
SUPPORT_TLS=yes
USE_OPENSSL_PC=openssl
- LDFLAGS=-ldl -Wl,-rpath,/opt/openssl/lib
+ LDFLAGS+=-ldl -Wl,-rpath,/opt/openssl/lib
The -ldl is needed by OpenSSL 1.0.2+ on Linux and is not needed on most
-other platforms.
+other platforms. The LDFLAGS is needed because `pkg-config` doesn't know
+how to emit information about RPATH-stamping, but we can still leverage
+`pkg-config` for everything else.
-Then tell pkg-config how to find the configuration files for your new
-OpenSSL install, and build Exim:
+Then build Exim:
- export PKG_CONFIG_PATH=/opt/openssl/lib/pkgconfig
make
sudo make install
-(From Exim 4.89, you can put that `PKG_CONFIG_PATH` directly into
- your `Local/Makefile` file.)
-
Confirming
----------
readelf -d $(which exim) | grep RPATH
+It is important to use `RPATH` and not `RUNPATH`!
+
+The gory details about `RUNPATH` (skip unless interested):
+The OpenSSL library might be opened indirectly by some other library
+which Exim depends upon. If the executable does have `RUNPATH` then
+that will inhibit using either of `RPATH` or `RUNPATH` from the
+executable for finding the OpenSSL library when that other library tries
+to load it.
+In fact, if the intermediate library has a `RUNPATH` stamped into it,
+then this will block `RPATH` too, and will create problems with Exim.
+If you're in such a situation, and those libraries were supplied to you
+instead of built by you, then you're reaching the limits of sane
+repairability and it's time to prioritize rebuilding your mail-server
+hosts to be a current OS release which natively pulls in an
+upstream-supported OpenSSL, or stick to the OS releases of Exim.
+
Very Advanced
-------------
# LDFLAGS += -lsrs_alt
# Uncomment the following line to add DMARC checking capability, implemented
-# using libopendmarc libraries. You must have SPF support enabled also.
+# using libopendmarc libraries. You must have SPF and DKIM support enabled also.
# EXPERIMENTAL_DMARC=yes
# DMARC_TLD_FILE= /etc/exim/opendmarc.tlds
# CFLAGS += -I/usr/local/include
# Uncomment the following line to add ARC (Authenticated Received Chain)
# support. You must have SPF and DKIM support enabled also.
-# EXPERIMENTAL_ARC
+# EXPERIMENTAL_ARC=yes
# Uncomment the following lines to add Brightmail AntiSpam support. You need
# to have the Brightmail client SDK installed. Please check the experimental
}
deliver_domain = deliver_localpart = deliver_address_data =
- sender_address_data = NULL;
+ deliver_domain_data = sender_address_data = NULL;
/* A DISCARD response is permitted only for message ACLs, excluding the PREDATA
ACL, which is really in the middle of an SMTP command. */
arc_set * as;
int inst;
BOOL ams_fail_found = FALSE;
-uschar * ret = NULL;
if (!(as = ctx->arcset_chain))
return US"none";
arc_received = ctx->arcset_chain_last;
arc_received_instance = inst;
-if (ret)
- return ret;
/* We can skip the latest-AMS validation, if we already did it. */
as = ctx->arcset_chain_last;
-if (as->ams_verify_done && !as->ams_verify_passed)
+if (!as->ams_verify_passed)
{
- arc_state_reason = as->ams_verify_done;
- return US"fail";
+ if (as->ams_verify_done)
+ {
+ arc_state_reason = as->ams_verify_done;
+ return US"fail";
+ }
+ if (!!arc_ams_verify(ctx, as))
+ return US"fail";
}
-if (!!arc_ams_verify(ctx, as))
- return US"fail";
-
return NULL;
}
if ((rheaders = arc_sign_scan_headers(&arc_sign_ctx, sigheaders)))
{
hdr_rlist ** rp;
- for (rp = &rheaders; *rp; ) rp = &(*rp)->prev;
- *rp = headers_rlist;
- headers_rlist = rheaders;
+ for (rp = &headers_rlist; *rp; ) rp = &(*rp)->prev;
+ *rp = rheaders;
}
-else
- rheaders = headers_rlist;
/* Finally, build a normal-order headers list */
/*XXX only needed for hunt-the-AR? */
+/*XXX also, we really should be accepting any number of ADMD-matching ARs */
{
header_line * hnext = NULL;
- for (; rheaders; hnext = rheaders->h, rheaders = rheaders->prev)
+ for (rheaders = headers_rlist; rheaders;
+ hnext = rheaders->h, rheaders = rheaders->prev)
rheaders->h->next = hnext;
headers = hnext;
}
error_out = FAIL;
goto ERROR_OUT;
}
- if (&gbufdesc_out.length != 0) {
+ if (gbufdesc_out.length != 0) {
error_out = auth_get_data(&from_client,
gbufdesc_out.value, gbufdesc_out.length);
if (error_out != OK)
for this domain. */
if (!(dkim_sel = expand_string(dkim->dkim_selector)))
- if (!(dkim_signing_selector = expand_string(dkim->dkim_selector)))
{ errwhen = US"dkim_selector"; goto expand_bad; }
while ((dkim_signing_selector = string_nextinlist(&dkim_sel, &sel_sep,
{
int *netmask = NULL; /* Ignored */
int is_ipv6 = 0;
-char *tld_file = dmarc_tld_file ? CS dmarc_tld_file : DMARC_TLD_FILE;
/* Set some sane defaults. Also clears previous results when
* multiple messages in one connection. */
dmarc_abort = FALSE;
dmarc_pass_fail = US"skipped";
dmarc_used_domain = US"";
-dmarc_ar_header = NULL;
dmarc_has_been_checked = FALSE;
header_from_sender = NULL;
spf_sender_domain = NULL;
opendmarc_policy_status_to_str(libdm_status));
dmarc_abort = TRUE;
}
-if (dmarc_tld_file == NULL)
+if (!dmarc_tld_file)
+ {
+ DEBUG(D_receive) debug_printf("DMARC: no dmarc_tld_file\n");
dmarc_abort = TRUE;
-else if (opendmarc_tld_read_file(tld_file, NULL, NULL, NULL))
+ }
+else if (opendmarc_tld_read_file(dmarc_tld_file, NULL, NULL, NULL))
{
log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to load tld list %s: %d",
- tld_file, errno);
+ dmarc_tld_file, errno);
dmarc_abort = TRUE;
}
-if (sender_host_address == NULL)
+if (!sender_host_address)
+ {
+ DEBUG(D_receive) debug_printf("DMARC: no sender_host_address\n");
dmarc_abort = TRUE;
+ }
/* This catches locally originated email and startup errors above. */
if (!dmarc_abort)
{
is_ipv6 = string_is_ip_address(sender_host_address, netmask) == 6;
- dmarc_pctx = opendmarc_policy_connect_init(sender_host_address, is_ipv6);
- if (dmarc_pctx == NULL)
+ if (!(dmarc_pctx = opendmarc_policy_connect_init(sender_host_address, is_ipv6)))
{
log_write(0, LOG_MAIN|LOG_PANIC,
"DMARC failure creating policy context: ip=%s", sender_host_address);
/* dmarc_store_data stores the header data so that subsequent
- * dmarc_process can access the data */
+dmarc_process can access the data */
-int dmarc_store_data(header_line *hdr) {
- /* No debug output because would change every test debug output */
- if (dmarc_disable_verify != TRUE)
- from_header = hdr;
- return OK;
+int
+dmarc_store_data(header_line *hdr)
+{
+/* No debug output because would change every test debug output */
+if (!dmarc_disable_verify)
+ from_header = hdr;
+return OK;
}
}
/* dmarc_process adds the envelope sender address to the existing
- context (if any), retrieves the result, sets up expansion
- strings and evaluates the condition outcome. */
+context (if any), retrieves the result, sets up expansion
+strings and evaluates the condition outcome. */
int
dmarc_process()
/* ACLs have "control=dmarc_disable_verify" */
if (dmarc_disable_verify)
- {
- dmarc_ar_header = dmarc_auth_results_header(from_header, NULL);
return OK;
- }
/* Store the header From: sender domain for this part of DMARC.
* If there is no from_header struct, then it's likely this message
* the entire DMARC system if we can't find a From: header....or if
* there was a previous error.
*/
-if (!from_header || dmarc_abort)
+if (!from_header)
+ {
+ DEBUG(D_receive) debug_printf("DMARC: no From: header\n");
dmarc_abort = TRUE;
-else
+ }
+else if (!dmarc_abort)
{
uschar * errormsg;
int dummy, domain;
log_write(0, LOG_MAIN, "DMARC results: spf_domain=%s dmarc_domain=%s "
"spf_align=%s dkim_align=%s enforcement='%s'",
spf_sender_domain, dmarc_used_domain,
- (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?"yes":"no",
- (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?"yes":"no",
+ sa==DMARC_POLICY_SPF_ALIGNMENT_PASS ?"yes":"no",
+ da==DMARC_POLICY_DKIM_ALIGNMENT_PASS ?"yes":"no",
dmarc_status_text);
history_file_status = dmarc_write_history_file();
/* Now get the forensic reporting addresses, if any */
}
}
-/* set some global variables here */
-dmarc_ar_header = dmarc_auth_results_header(from_header, NULL);
-
/* shut down libopendmarc */
if (dmarc_pctx)
(void) opendmarc_policy_connect_shutdown(dmarc_pctx);
return OK;
}
-int
+static int
dmarc_write_history_file()
{
int history_file_fd;
uschar *history_buffer = NULL;
if (!dmarc_history_file)
+ {
+ DEBUG(D_receive) debug_printf("DMARC history file not set\n");
return DMARC_HIST_DISABLED;
+ }
history_file_fd = log_create(dmarc_history_file);
if (history_file_fd < 0)
return US"";
}
-uschar *
-dmarc_auth_results_header(header_line *from_header, uschar *hostname)
-{
-uschar *hdr_tmp = US"";
-
-/* Allow a server hostname to be passed to this function, but is
- * currently unused */
-if (!hostname)
- hostname = primary_hostname;
-hdr_tmp = string_sprintf("%s %s;", DMARC_AR_HEADER, hostname);
-
-#if 0
-/* I don't think this belongs here, but left it here commented out
- * because it was a lot of work to get working right. */
-if (spf_response != NULL) {
- uschar *dmarc_ar_spf = US"";
- int sr = 0;
- sr = spf_response->result;
- dmarc_ar_spf = (sr == SPF_RESULT_NEUTRAL) ? US"neutral" :
- (sr == SPF_RESULT_PASS) ? US"pass" :
- (sr == SPF_RESULT_FAIL) ? US"fail" :
- (sr == SPF_RESULT_SOFTFAIL) ? US"softfail" :
- US"none";
- hdr_tmp = string_sprintf("%s spf=%s (%s) smtp.mail=%s;",
- hdr_tmp, dmarc_ar_spf_result,
- spf_response->header_comment,
- expand_string(US"$sender_address") );
-}
-#endif
-hdr_tmp = string_sprintf("%s dmarc=%s", hdr_tmp, dmarc_pass_fail);
-if (header_from_sender)
- hdr_tmp = string_sprintf("%s header.from=%s",
- hdr_tmp, header_from_sender);
-return hdr_tmp;
+gstring *
+authres_dmarc(gstring * g)
+{
+if (dmarc_has_been_checked)
+ {
+ g = string_append(g, 2, US";\n\tdmarc=", dmarc_pass_fail);
+ if (header_from_sender)
+ g = string_append(g, 2, US" header.from=", header_from_sender);
+ }
+return g;
}
# endif /* SUPPORT_SPF */
uschar *dmarc_exim_expand_query(int);
uschar *dmarc_exim_expand_defaults(int);
uschar *dmarc_auth_results_header(header_line *,uschar *);
-int dmarc_write_history_file();
+static int dmarc_write_history_file();
#define DMARC_AR_HEADER US"Authentication-Results:"
#define DMARC_VERIFY_STATUS 1
va_end(ap);
}
+/***********************************************
+* Handler for SIGTERM *
+***********************************************/
+static void
+term_handler(int sig)
+{
+ exit(1);
+}
/*************************************************
set_process_info("initializing");
os_restarting_signal(SIGUSR1, usr1_handler);
+/* If running in a dockerized environment, the TERM signal is only
+delegated to the PID 1 if we request it by setting an signal handler */
+if (getpid() == 1) signal(SIGTERM, term_handler);
+
/* SIGHUP is used to get the daemon to reconfigure. It gets set as appropriate
in the daemon code. For the rest of Exim's uses, we ignore it. */
/* DANE w/o DNSSEC is useless */
#if defined(SUPPORT_DANE) && defined(DISABLE_DNSSEC)
-# undef DISABLE_DNSSEC
+# error DANE support requires DNSSEC support
#endif
/* Some platforms (FreeBSD, OpenBSD, Solaris) do not seem to define this */
BEGIN { pop @INC if $INC[-1] eq '.' };
use File::Basename;
-if ($ARGV[0] eq '--version') {
+if (@ARGV && $ARGV[0] eq '--version') {
print basename($0) . ": $0\n",
"build: EXIM_RELEASE_VERSIONEXIM_VARIANT_VERSION\n",
"perl(runtime): $]\n";
{ "dkim_verify_status", vtype_stringptr, &dkim_verify_status },
#endif
#ifdef EXPERIMENTAL_DMARC
- { "dmarc_ar_header", vtype_stringptr, &dmarc_ar_header },
{ "dmarc_domain_policy", vtype_stringptr, &dmarc_domain_policy },
{ "dmarc_status", vtype_stringptr, &dmarc_status },
{ "dmarc_status_text", vtype_stringptr, &dmarc_status_text },
{ "spf_header_comment", vtype_stringptr, &spf_header_comment },
{ "spf_received", vtype_stringptr, &spf_received },
{ "spf_result", vtype_stringptr, &spf_result },
+ { "spf_result_guessed", vtype_bool, &spf_result_guessed },
{ "spf_smtp_comment", vtype_stringptr, &spf_smtp_comment },
#endif
{ "spool_directory", vtype_stringptr, &spool_directory },
+/* Append a "local" element to an Autherntication-Results: header
+if this was a non-smtp message.
+*/
+
+static gstring *
+authres_local(gstring * g, const uschar * sysname)
+{
+if (!authentication_local)
+ return g;
+g = string_append(g, 3, US";\n\tlocal=pass (non-smtp, ", sysname, US")");
+if (authenticated_id) g = string_append(g, 2, " u=", authenticated_id);
+return g;
+}
+
+
/* Append an "iprev" element to an Autherntication-Results: header
if we have attempted to get the calling host's name.
*/
US"Authentication-Results: ", sub_arg[0], US"; none");
yield->ptr -= 6;
+ yield = authres_local(yield, sub_arg[0]);
yield = authres_iprev(yield);
yield = authres_smtpauth(yield);
#ifdef SUPPORT_SPF
#ifndef DISABLE_DKIM
yield = authres_dkim(yield);
#endif
+#ifdef EXPERIMENTAL_DMARC
+ yield = authres_dmarc(yield);
+#endif
#ifdef EXPERIMENTAL_ARC
yield = authres_arc(yield);
#endif
extern uschar *auth_xtextencode(uschar *, int);
extern int auth_xtextdecode(uschar *, uschar **);
-extern gstring *authres_smtpauth(gstring *);
-#ifdef SUPPORT_SPF
-extern gstring *authres_spf(gstring *);
+#ifdef EXPERIMENTAL_ARC
+extern gstring *authres_arc(gstring *);
#endif
#ifndef DISABLE_DKIM
extern gstring *authres_dkim(gstring *);
#endif
-#ifdef EXPERIMENTAL_ARC
-extern gstring *authres_arc(gstring *);
+#ifdef EXPERIMENTAL_DMARC
+extern gstring *authres_dmarc(gstring *);
+#endif
+extern gstring *authres_smtpauth(gstring *);
+#ifdef SUPPORT_SPF
+extern gstring *authres_spf(gstring *);
#endif
extern uschar *b64encode(uschar *, int);
uschar *authenticated_id = NULL;
uschar *authenticated_sender = NULL;
BOOL authentication_failed = FALSE;
+BOOL authentication_local = FALSE;
auth_instance *auths = NULL;
uschar *auth_advertise_hosts = US"*";
auth_instance auth_defaults = {
#endif
#ifdef EXPERIMENTAL_DMARC
BOOL dmarc_has_been_checked = FALSE;
-uschar *dmarc_ar_header = NULL;
uschar *dmarc_domain_policy = NULL;
uschar *dmarc_forensic_sender = NULL;
uschar *dmarc_history_file = NULL;
uschar *spf_header_comment = NULL;
uschar *spf_received = NULL;
uschar *spf_result = NULL;
+BOOL spf_result_guessed = FALSE;
uschar *spf_smtp_comment = NULL;
#endif
uschar *verify_mode = NULL;
uschar *version_copyright =
US"Copyright (c) University of Cambridge, 1995 - 2018\n"
- "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2017";
+ "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018";
uschar *version_date = US"?";
uschar *version_cnumber = US"????";
uschar *version_string = US"?";
extern uschar *authenticated_id; /* ID that was authenticated */
extern uschar *authenticated_sender; /* From AUTH on MAIL */
extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */
+extern BOOL authentication_local; /* TRUE if non-smtp (implicit authentication) */
extern uschar *auth_advertise_hosts; /* Only advertise to these */
extern auth_info auths_available[]; /* Vector of available auth mechanisms */
extern auth_instance *auths; /* Chain of instantiated auths */
#endif
#ifdef EXPERIMENTAL_DMARC
extern BOOL dmarc_has_been_checked; /* Global variable to check if test has been called yet */
-extern uschar *dmarc_ar_header; /* Expansion variable, suggested header for dmarc auth results */
extern uschar *dmarc_domain_policy; /* Expansion for declared policy of used domain */
extern uschar *dmarc_forensic_sender; /* Set sender address for forensic reports */
extern uschar *dmarc_history_file; /* Expansion variable, file to store dmarc results */
extern uschar *spf_header_comment; /* spf header comment */
extern uschar *spf_received; /* Received-SPF: header */
extern uschar *spf_result; /* spf result in string form */
+extern BOOL spf_result_guessed; /* spf result is of best-guess operation */
extern uschar *spf_smtp_comment; /* spf comment to include in SMTP reply */
#endif
extern BOOL split_spool_directory; /* TRUE to use multiple subdirs */
typedef enum hashmethod {
HASH_BADTYPE,
+ HASH_NULL,
HASH_SHA1,
HASH_SHA2_256,
#define topt_use_bdat 0x100 /* prepend chunks with RFC3030 BDAT header */
#define topt_output_string 0x200 /* create string rather than write to fd */
#define topt_continuation 0x400 /* do not reset buffer */
+#define topt_not_socket 0x800 /* cannot do socket-only syscalls */
/* Options for smtp_write_command */
#ifndef DISABLE_MAL_AVAST
static const uschar * ava_re_clean_str = US "(?!\\\\)\\t\\[\\+\\]";
-static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d\\.\\d\\t\\d\\s(.*)";
+static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d+\\.0\\t0\\s(.*)";
+static const uschar * ava_re_error_str = US "(?!\\\\)\\t\\[E\\]\\d+\\.0\\tError\\s\\d+\\s(.*)";
static const pcre * ava_re_clean = NULL;
static const pcre * ava_re_virus = NULL;
+static const pcre * ava_re_error = NULL;
#endif
#ifndef DISABLE_MAL_FFROT6D
extern uschar spooled_message_id[MESSAGE_ID_LENGTH+1];
+/* Some (currently avast only) use backslash escaped whitespace,
+this function undoes these escapes */
+static inline void
+unescape(uschar *p)
+{
+uschar *p0;
+for (; *p; ++p)
+ if (*p == '\\' && (isspace(p[1]) || p[1] == '\\'))
+ for (p0 = p; *p0; ++p0) *p0 = p0[1];
+}
+
+/* --- malware_*_defer --- */
static inline int
-malware_errlog_defer(const uschar * str)
+malware_panic_defer(const uschar * str)
{
log_write(0, LOG_MAIN|LOG_PANIC, "malware acl condition: %s", str);
return DEFER;
}
-
-static int
-m_errlog_defer(struct scan * scanent, const uschar * hostport,
+static inline int
+malware_log_defer(const uschar * str)
+{
+log_write(0, LOG_MAIN, "malware acl condition: %s", str);
+return DEFER;
+}
+/* --- m_*_defer --- */
+static inline int
+m_panic_defer(struct scan * scanent, const uschar * hostport,
const uschar * str)
{
-return malware_errlog_defer(string_sprintf("%s %s : %s",
+return malware_panic_defer(string_sprintf("%s %s : %s",
scanent->name, hostport ? hostport : CUS"", str));
}
-static int
-m_errlog_defer_3(struct scan * scanent, const uschar * hostport,
+static inline int
+m_log_defer(struct scan * scanent, const uschar * hostport,
+ const uschar * str)
+{
+return malware_log_defer(string_sprintf("%s %s : %s",
+ scanent->name, hostport ? hostport : CUS"", str));
+}
+/* --- m_*_defer_3 */
+static inline int
+m_panic_defer_3(struct scan * scanent, const uschar * hostport,
+ const uschar * str, int fd_to_close)
+{
+(void) close(fd_to_close);
+return m_panic_defer(scanent, hostport, str);
+}
+static inline int
+m_log_defer_3(struct scan * scanent, const uschar * hostport,
const uschar * str, int fd_to_close)
{
(void) close(fd_to_close);
-return m_errlog_defer(scanent, hostport, str);
+return m_log_defer(scanent, hostport, str);
}
/*************************************************/
while (i < 0 && errno == EINTR);
if (i <= 0)
{
- (void) malware_errlog_defer(
+ (void) malware_panic_defer(
US"unable to write to mksd UNIX socket (/var/run/mksd/socket)");
return -1;
}
i = ip_recv(sock, av_buffer+offset, av_buffer_size-offset, tmo-time(NULL));
if (i <= 0)
{
- (void) malware_errlog_defer(US"unable to read from mksd UNIX socket (/var/run/mksd/socket)");
+ (void) malware_panic_defer(US"unable to read from mksd UNIX socket (/var/run/mksd/socket)");
return -1;
}
/* offset == av_buffer_size -> buffer full */
if (offset == av_buffer_size)
{
- (void) malware_errlog_defer(US"malformed reply received from mksd");
+ (void) malware_panic_defer(US"malformed reply received from mksd");
return -1;
}
} while (av_buffer[offset-1] != '\n');
case 'A': /* ERR */
if ((p = strchr (line, '\n')) != NULL)
*p = '\0';
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("scanner failed: %s", line));
default: /* VIR */
return OK;
}
}
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("malformed reply received: %s", line));
}
}
/* Ensure the eml mbox file is spooled up */
if (!(mbox_file = spool_mbox(&mbox_size, scan_filename, &eml_filename)))
- return malware_errlog_defer(US"error while creating mbox spool file");
+ return malware_panic_defer(US"error while creating mbox spool file");
/* None of our current scanners need the mbox file as a stream (they use
the name), so we can close it right away. Get the directory too. */
{
if ( !malware_default_re
&& !(malware_default_re = m_pcre_compile(malware_regex_default, &errstr)))
- return malware_errlog_defer(errstr);
+ return malware_panic_defer(errstr);
malware_re = malware_regex_default;
re = malware_default_re;
}
/* compile the regex, see if it works */
else if (!(re = m_pcre_compile(malware_re, &errstr)))
- return malware_errlog_defer(errstr);
+ return malware_panic_defer(errstr);
/* if av_scanner starts with a dollar, expand it first */
if (*av_scanner == '$')
{
if (!(av_scanner_work = expand_string(av_scanner)))
- return malware_errlog_defer(
+ return malware_panic_defer(
string_sprintf("av_scanner starts with $, but expansion failed: %s",
expand_string_message));
{
/* find the scanner type from the av_scanner option */
if (!(scanner_name = string_nextinlist(&av_scanner_work, &sep, NULL, 0)))
- return malware_errlog_defer(US"av_scanner configuration variable is empty");
+ return malware_panic_defer(US"av_scanner configuration variable is empty");
if (!timeout) timeout = MALWARE_TIMEOUT;
tmo = time(NULL) + timeout;
for (scanent = m_scans; ; scanent++)
{
if (!scanent->name)
- return malware_errlog_defer(string_sprintf("unknown scanner type '%s'",
+ return malware_panic_defer(string_sprintf("unknown scanner type '%s'",
scanner_name));
if (strcmpic(scanner_name, US scanent->name) != 0)
continue;
default: /* compiler quietening */ break;
}
if (sock < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
break;
}
/* send scan request */
if (m_sock_send(sock, scanrequest, Ustrlen(scanrequest)+1, &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
while ((len = recv_line(sock, buf, sizeof(buf), tmo)) >= 0)
if (len > 0)
if ((!fprot6d_re_virus && !(fprot6d_re_virus = m_pcre_compile(fprot6d_re_virus_str, &errstr)))
|| (!fprot6d_re_error && !(fprot6d_re_error = m_pcre_compile(fprot6d_re_error_str, &errstr))))
- return malware_errlog_defer(errstr);
+ return malware_panic_defer(errstr);
scanrequest = string_sprintf("SCAN FILE %s\n", eml_filename);
DEBUG(D_acl) debug_printf_indent("Malware scan: issuing %s: %s\n",
scanner_name, scanrequest);
if (m_sock_send(sock, scanrequest, Ustrlen(scanrequest), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL));
if (bread <= 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read from socket (%s)", strerror(errno)),
sock);
if (bread == sizeof(av_buffer))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"buffer too small", sock);
av_buffer[bread] = '\0';
m_sock_send(sock, US"QUIT\n", 5, 0);
if ((e = m_pcre_exec(fprot6d_re_error, linebuffer)))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("scanner reported error (%s)", e), sock);
if (!(malware_name = m_pcre_exec(fprot6d_re_virus, linebuffer)))
{
/* calc file size */
if ((drweb_fd = open(CCS eml_filename, O_RDONLY)) == -1)
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't open spool file %s: %s",
eml_filename, strerror(errno)),
sock);
int err;
badseek: err = errno;
(void)close(drweb_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't seek spool file %s: %s",
eml_filename, strerror(err)),
sock);
if ((off_t)fsize_uint != fsize)
{
(void)close(drweb_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("seeking spool file %s, size overflow",
eml_filename),
sock);
(send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0))
{
(void)close(drweb_fd);
- return m_errlog_defer_3(scanent, CUS callout_address, string_sprintf(
+ return m_panic_defer_3(scanent, CUS callout_address, string_sprintf(
"unable to send commands to socket (%s)", scanner_options),
sock);
}
if (!(drweb_fbuf = US malloc(fsize_uint)))
{
(void)close(drweb_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("unable to allocate memory %u for file (%s)",
fsize_uint, eml_filename),
sock);
int err = errno;
(void)close(drweb_fd);
free(drweb_fbuf);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't read spool file %s: %s",
eml_filename, strerror(err)),
sock);
if (send(sock, drweb_fbuf, fsize, 0) < 0)
{
free(drweb_fbuf);
- return m_errlog_defer_3(scanent, CUS callout_address, string_sprintf(
+ return m_panic_defer_3(scanent, CUS callout_address, string_sprintf(
"unable to send file body to socket (%s)", scanner_options),
sock);
}
(send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0) ||
(send(sock, eml_filename, Ustrlen(eml_filename), 0) < 0) ||
(send(sock, &drweb_fin, sizeof(drweb_fin), 0) < 0))
- return m_errlog_defer_3(scanent, CUS callout_address, string_sprintf(
+ return m_panic_defer_3(scanent, CUS callout_address, string_sprintf(
"unable to send commands to socket (%s)", scanner_options),
sock);
}
/* wait for result */
if (!recv_len(sock, &drweb_rc, sizeof(drweb_rc), tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"unable to read return code", sock);
drweb_rc = ntohl(drweb_rc);
if (!recv_len(sock, &drweb_vnum, sizeof(drweb_vnum), tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"unable to read the number of viruses", sock);
drweb_vnum = ntohl(drweb_vnum);
/* read the size of report */
if (!recv_len(sock, &drweb_slen, sizeof(drweb_slen), tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"cannot read report size", sock);
drweb_slen = ntohl(drweb_slen);
tmpbuf = store_get(drweb_slen);
/* read report body */
if (!recv_len(sock, tmpbuf, drweb_slen, tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"cannot read report string", sock);
tmpbuf[drweb_slen] = '\0';
* DERR_CRC_ERROR, DERR_READSOCKET, DERR_WRITE_ERR
* and others are ignored */
if (drweb_s)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("drweb daemon retcode 0x%x (%s)", drweb_rc, drweb_s),
sock);
recv_line(sock, buf, sizeof(buf), tmo);
if (buf[0] != '2') /* aveserver is having problems */
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unavailable (Responded: %s).",
((buf[0] != 0) ? buf : US "nothing") ),
sock);
DEBUG(D_acl) debug_printf_indent("Malware scan: issuing %s %s\n",
scanner_name, buf);
if (m_sock_send(sock, buf, Ustrlen(buf), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
malware_name = NULL;
result = 0;
break;
if (buf[0] == '5') /* aveserver is having problems */
{
- result = m_errlog_defer(scanent, CUS callout_address,
+ result = m_panic_defer(scanent, CUS callout_address,
string_sprintf("unable to scan file %s (Responded: %s).",
eml_filename, buf));
break;
}
if (m_sock_send(sock, US"quit\r\n", 6, &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
/* read aveserver's greeting and see if it is ready (2xx greeting) */
buf[0] = 0;
recv_line(sock, buf, sizeof(buf), tmo);
if (buf[0] != '2') /* aveserver is having problems */
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to quit dialogue (Responded: %s).",
((buf[0] != 0) ? buf : US "nothing") ),
sock);
{
if (m_sock_send(sock, cmdopt[i], Ustrlen(cmdopt[i]), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL));
if (bread > 0) av_buffer[bread]='\0';
if (bread < 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read answer %d (%s)", i, strerror(errno)),
sock);
for (j = 0; j < bread; j++)
file_name = string_sprintf("SCAN\t%s\n", eml_filename);
if (m_sock_send(sock, file_name, Ustrlen(file_name), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
/* set up match */
/* todo also SUSPICION\t */
errno = ETIMEDOUT;
i = av_buffer+sizeof(av_buffer)-p;
if ((bread= ip_recv(sock, p, i-1, tmo-time(NULL))) < 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read result (%s)", strerror(errno)),
sock);
/* send scan request */
if (m_sock_send(sock, scanrequest, Ustrlen(scanrequest)+1, &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
/* wait for result */
if (!recv_len(sock, tmpbuf, 2, tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"unable to read 2 bytes from socket.", sock);
/* get errorcode from one nibble */
switch(kav_rc)
{
case 5: case 6: /* improper kavdaemon configuration */
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"please reconfigure kavdaemon to NOT disinfect or remove infected files.",
sock);
case 1:
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"reported 'scanning not completed' (code 1).", sock);
case 7:
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"reported 'kavdaemon damaged' (code 7).", sock);
}
{
/* read report size */
if (!recv_len(sock, &kav_reportlen, 4, tmo))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"cannot read report size", sock);
/* it's possible that avp returns av_buffer[1] == 1 but the
uschar *p;
if (!cmdline_scanner)
- return m_errlog_defer(scanent, NULL, errstr);
+ return m_panic_defer(scanent, NULL, errstr);
/* find scanner output trigger */
cmdline_trigger_re = m_pcre_nextinlist(&av_scanner_work, &sep,
"missing trigger specification", &errstr);
if (!cmdline_trigger_re)
- return m_errlog_defer(scanent, NULL, errstr);
+ return m_panic_defer(scanent, NULL, errstr);
/* find scanner name regex */
cmdline_regex_re = m_pcre_nextinlist(&av_scanner_work, &sep,
"missing virus name regex specification", &errstr);
if (!cmdline_regex_re)
- return m_errlog_defer(scanent, NULL, errstr);
+ return m_panic_defer(scanent, NULL, errstr);
/* prepare scanner call; despite the naming, file_name holds a directory
name which is documented as the value given to %s. */
{
int err = errno;
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("call (%s) failed: %s.", commandline, strerror(err)));
}
scanner_fd = fileno(scanner_out);
int err = errno;
(void) pclose(scanner_out);
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
- return m_errlog_defer(scanent, NULL, string_sprintf(
+ return m_panic_defer(scanent, NULL, string_sprintf(
"opening scanner output file (%s) failed: %s.",
file_name, strerror(err)));
}
break;
(void) pclose(scanner_out);
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
- return m_errlog_defer(scanent, NULL, string_sprintf(
+ return m_panic_defer(scanent, NULL, string_sprintf(
"unable to read from scanner (%s): %s",
commandline, strerror(err)));
}
/* short write */
(void) pclose(scanner_out);
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
- return m_errlog_defer(scanent, NULL, string_sprintf(
+ return m_panic_defer(scanent, NULL, string_sprintf(
"short write on scanner output file (%s).", file_name));
}
putc('\n', scanner_record);
sep = pclose(scanner_out);
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
if (sep != 0)
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
sep == -1
? string_sprintf("running scanner failed: %s", strerror(sep))
: string_sprintf("scanner returned error code: %d", sep));
if ( write(sock, file_name, Ustrlen(file_name)) < 0
|| write(sock, "\n", 1) != 1
)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to write to UNIX socket (%s)", scanner_options),
sock);
/* wait for result */
memset(av_buffer, 0, sizeof(av_buffer));
if ((bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL))) <= 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read from UNIX socket (%s)", scanner_options),
sock);
malware_name = string_copy(&av_buffer[2]);
}
else if (!strncmp(CS av_buffer, "-1", 2))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"scanner reported error", sock);
else /* all ok, no virus */
malware_name = NULL;
/* parse options */
if (clamd_option(cd, sublist, &subsep) != OK)
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("bad option '%s'", scanner_options));
cv[0] = cd;
}
sublist = scanner_options;
if (!(cd->hostspec = string_nextinlist(&sublist, &subsep, NULL, 0)))
{
- (void) m_errlog_defer(scanent, NULL,
+ (void) m_panic_defer(scanent, NULL,
string_sprintf("missing address: '%s'", scanner_options));
continue;
}
if (!(s = string_nextinlist(&sublist, &subsep, NULL, 0)))
{
- (void) m_errlog_defer(scanent, NULL,
+ (void) m_panic_defer(scanent, NULL,
string_sprintf("missing port: '%s'", scanner_options));
continue;
}
/* parse options */
/*XXX should these options be common over scanner types? */
if (clamd_option(cd, sublist, &subsep) != OK)
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("bad option '%s'", scanner_options));
cv[num_servers++] = cd;
if (num_servers >= MAX_CLAMD_SERVERS)
{
- (void) m_errlog_defer(scanent, NULL,
+ (void) m_panic_defer(scanent, NULL,
US"More than " MAX_CLAMD_SERVERS_S " clamd servers "
"specified; only using the first " MAX_CLAMD_SERVERS_S );
break;
/* check if we have at least one server */
if (!num_servers)
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
US"no useable server addresses in malware configuration option.");
}
/* See the discussion of response formats below to see why we really
don't like colons in filenames when passing filenames to ClamAV. */
if (use_scan_command && Ustrchr(eml_filename, ':'))
- return m_errlog_defer(scanent, NULL,
+ return m_panic_defer(scanent, NULL,
string_sprintf("local/SCAN mode incompatible with" \
" : in path to email filename [%s]", eml_filename));
if (sock >= 0)
break;
- (void) m_errlog_defer(scanent, CUS callout_address, errstr);
+ (void) m_panic_defer(scanent, CUS callout_address, errstr);
/* Remove the server from the list. XXX We should free the memory */
num_servers--;
}
if (num_servers == 0)
- return m_errlog_defer(scanent, NULL, US"all servers failed");
+ return m_panic_defer(scanent, NULL, US"all servers failed");
}
else
for (;;)
break;
}
if (cv[0]->retry <= 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
while (cv[0]->retry > 0) cv[0]->retry = sleep(cv[0]->retry);
}
/* Pass the string to ClamAV (10 = "zINSTREAM\0"), if not already sent */
if (cmd_str.len)
if (send(sock, cmd_str.data, cmd_str.len, 0) < 0)
- return m_errlog_defer_3(scanent, CUS hostname,
+ return m_panic_defer_3(scanent, CUS hostname,
string_sprintf("unable to send zINSTREAM to socket (%s)",
strerror(errno)),
sock);
if ((clam_fd = open(CS eml_filename, O_RDONLY)) < 0)
{
int err = errno;
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't open spool file %s: %s",
eml_filename, strerror(err)),
sock);
int err;
b_seek: err = errno;
(void)close(clam_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't seek spool file %s: %s",
eml_filename, strerror(err)),
sock);
if ((off_t)fsize_uint != fsize)
{
(void)close(clam_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("seeking spool file %s, size overflow",
eml_filename),
sock);
if (!(clamav_fbuf = US malloc(fsize_uint)))
{
(void)close(clam_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("unable to allocate memory %u for file (%s)",
fsize_uint, eml_filename),
sock);
{
int err = errno;
free(clamav_fbuf); (void)close(clam_fd);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("can't read spool file %s: %s",
eml_filename, strerror(err)),
sock);
(send(sock, &send_final_zeroblock, sizeof(send_final_zeroblock), 0) < 0))
{
free(clamav_fbuf);
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
string_sprintf("unable to send file body to socket (%s)", hostname),
sock);
}
if (cmd_str.len)
if (send(sock, cmd_str.data, cmd_str.len, 0) < 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to write to socket (%s)", strerror(errno)),
sock);
sock = -1;
if (bread <= 0)
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
string_sprintf("unable to read from socket (%s)",
errno == 0 ? "EOF" : strerror(errno)));
if (bread == sizeof(av_buffer))
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
US"buffer too small");
/* We're now assured of a NULL at the end of av_buffer */
passing a filename to clamd). */
if (!(*av_buffer))
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
US"ClamAV returned null");
/* strip newline at the end (won't be present for zINSTREAM)
/* colon in returned output? */
if(!(p = Ustrchr(av_buffer,':')))
- return m_errlog_defer(scanent, CUS callout_address, string_sprintf(
+ return m_panic_defer(scanent, CUS callout_address, string_sprintf(
"ClamAV returned malformed result (missing colon): %s",
av_buffer));
}
else if (Ustrcmp(result_tag, "ERROR") == 0)
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
string_sprintf("ClamAV returned: %s", av_buffer));
else if (Ustrcmp(result_tag, "OK") == 0)
}
else
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
string_sprintf("unparseable response from ClamAV: {%s}", av_buffer));
break;
uschar * s = Ustrchr(sockline_scanner, '%');
if (s++)
if ((*s != 's' && *s != '%') || Ustrchr(s+1, '%'))
- return m_errlog_defer_3(scanent, NULL,
+ return m_panic_defer_3(scanent, NULL,
US"unsafe sock scanner call spec", sock);
}
else
sockline_trig_re = m_pcre_nextinlist(&av_scanner_work, &sep,
"missing trigger specification", &errstr);
if (!sockline_trig_re)
- return m_errlog_defer_3(scanent, NULL, errstr, sock);
+ return m_panic_defer_3(scanent, NULL, errstr, sock);
/* find virus name regex */
sockline_name_re = m_pcre_nextinlist(&av_scanner_work, &sep,
"missing virus name regex specification", &errstr);
if (!sockline_name_re)
- return m_errlog_defer_3(scanent, NULL, errstr, sock);
+ return m_panic_defer_3(scanent, NULL, errstr, sock);
/* prepare scanner call - security depends on expansions check above */
commandline = string_sprintf( CS sockline_scanner, CS eml_filename);
/* Pass the command string to the socket */
if (m_sock_send(sock, commandline, Ustrlen(commandline), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
/* Read the result */
bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL));
if (bread <= 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read from socket (%s)", strerror(errno)),
sock);
if (bread == sizeof(av_buffer))
- return m_errlog_defer_3(scanent, CUS callout_address,
+ return m_panic_defer_3(scanent, CUS callout_address,
US"buffer too small", sock);
av_buffer[bread] = '\0';
linebuffer = string_copy(av_buffer);
|| mksd_maxproc < 1
|| mksd_maxproc > 32
)
- return m_errlog_defer(scanent, CUS callout_address,
+ return m_panic_defer(scanent, CUS callout_address,
string_sprintf("invalid option '%s'", scanner_options));
}
if((sock = ip_unixsocket(US "/var/run/mksd/socket", &errstr)) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
+ return m_panic_defer(scanent, CUS callout_address, errstr);
malware_name = NULL;
#ifndef DISABLE_MAL_AVAST
case M_AVAST: /* "avast" scanner type ----------------------------------- */
{
- int ovector[1*3];
uschar buf[1024];
uschar * scanrequest;
enum {AVA_HELO, AVA_OPT, AVA_RSP, AVA_DONE} avast_stage;
int nread;
- int more_data;
+ uschar * error_message = NULL;
+ BOOL more_data = FALSE;
+ BOOL strict = TRUE;
/* According to Martin Tuma @avast the protocol uses "escaped
whitespace", that is, every embedded whitespace is backslash
[E] - some error occured
Such marker follows the first non-escaped TAB. For more information
see avast-protocol(5)
- */
+
+ We observed two cases:
+ -> SCAN /file
+ <- /file [E]0.0 Error 13 Permission denied
+ <- 451 SCAN Engine error 13 permission denied
+
+ -> SCAN /file
+ <- /file… [E]3.0 Error 41120 The file is a decompression bomb
+ <- /file… [+]2.0
+ <- /file… [+]2.0 0 Eicar Test Virus!!!
+ <- 200 SCAN OK
+
+ If the scanner returns 4xx, DEFER is a good decision, combined
+ with a panic log entry, to get the admin's attention.
+
+ If the scanner returns 200, we reject it as malware, if found any,
+ or, in case of an error, we set the malware message to the error
+ string.
+
+ Some of the >= 42000 errors are message related - usually some
+ broken archives etc, but some of them are e.g. license related.
+ Once the license expires the engine starts returning errors for
+ every scanning attempt. I¹ have the full list of the error codes
+ but it is not a public API and is subject to change. It is hard
+ for me to say what you should do in case of an engine error. You
+ can have a “Treat * unscanned file as infection” policy or “Treat
+ unscanned file as clean” policy. ¹) Jakub Bednar
+
+ */
+
if ( ( !ava_re_clean
&& !(ava_re_clean = m_pcre_compile(ava_re_clean_str, &errstr)))
|| ( !ava_re_virus
&& !(ava_re_virus = m_pcre_compile(ava_re_virus_str, &errstr)))
+ || ( !ava_re_error
+ && !(ava_re_error = m_pcre_compile(ava_re_error_str, &errstr)))
)
- return malware_errlog_defer(errstr);
+ return malware_panic_defer(errstr);
/* wait for result */
for (avast_stage = AVA_HELO;
if ((scanrequest = string_nextinlist(&av_scanner_work, &sep,
NULL, 0)))
{
+ if (Ustrcmp(scanrequest, "pass_unscanned") == 0)
+ {
+ DEBUG(D_acl) debug_printf_indent("pass unscanned files as clean\n");
+ strict = FALSE;
+ goto sendreq;
+ }
scanrequest = string_sprintf("%s\n", scanrequest);
avast_stage = AVA_OPT; /* just sent option */
DEBUG(D_acl) debug_printf_indent("send to avast OPTION: %s", scanrequest);
/* send config-cmd or scan-request to socket */
len = Ustrlen(scanrequest);
- if (send(sock, scanrequest, len, 0) < 0)
+ if (send(sock, scanrequest, len, 0) == -1)
{
scanrequest[len-1] = '\0';
- return m_errlog_defer_3(scanent, CUS callout_address, string_sprintf(
+ return m_panic_defer_3(scanent, CUS callout_address, string_sprintf(
"unable to send request '%s' to socket (%s): %s",
scanrequest, scanner_options, strerror(errno)), sock);
}
case AVA_RSP:
- if (Ustrncmp(buf, "200", 3) == 0)
- { /* we're done finally */
- if (send(sock, "QUIT\n", 5, 0) < 0) /* courtesy */
- return m_errlog_defer_3(scanent, CUS callout_address,
- string_sprintf(
- "unable to send quit request to socket (%s): %s",
- scanner_options, strerror(errno)),
- sock);
-
- avast_stage = AVA_DONE;
+ if (isdigit(buf[0])) /* We're done */
goto endloop;
- }
- if (malware_name) break; /* found malware already, nothing to do anymore */
+ if (malware_name) /* Nothing else matters, just read on */
+ break;
- if (pcre_exec(ava_re_clean, NULL, CS buf, slen,
- 0, 0, ovector, nelem(ovector)) > 0)
+ if (pcre_exec(ava_re_clean, NULL, CS buf, slen, 0, 0, NULL, 0) == 0)
break;
- if (malware_name = m_pcre_exec(ava_re_virus, buf))
- { /* remove backslash in front of [whitespace|backslash] */
- uschar * p, * p0;
- for (p = malware_name; *p; ++p)
- if (*p == '\\' && (isspace(p[1]) || p[1] == '\\'))
- for (p0 = p; *p0; ++p0) *p0 = p0[1];
-
- DEBUG(D_acl)
- debug_printf_indent("unescaped malware name: '%s'\n", malware_name);
- break;
- }
+ if ((malware_name = m_pcre_exec(ava_re_virus, buf)))
+ {
+ unescape(malware_name);
+ DEBUG(D_acl)
+ debug_printf_indent("unescaped malware name: '%s'\n", malware_name);
+ break;
+ }
+
+ if (strict) /* treat scanner errors as malware */
+ {
+ if ((malware_name = m_pcre_exec(ava_re_error, buf)))
+ {
+ unescape(malware_name);
+ DEBUG(D_acl)
+ debug_printf_indent("unescaped error message: '%s'\n", malware_name);
+ break;
+ }
+ }
+ else if (pcre_exec(ava_re_error, NULL, CS buf, slen, 0, 0, NULL, 0) == 0)
+ {
+ log_write(0, LOG_MAIN, "internal scanner error (ignored): %s", buf);
+ break;
+ }
/* here also for any unexpected response from the scanner */
+ DEBUG(D_acl) debug_printf("avast response not handled: '%s'\n", buf);
+
goto endloop;
default: log_write(0, LOG_PANIC, "%s:%d:%s: should not happen",
}
}
}
+
endloop:
- switch(avast_stage)
- {
- case AVA_HELO:
- case AVA_OPT:
- case AVA_RSP: return m_errlog_defer_3(scanent, CUS callout_address,
- nread >= 0
- ? string_sprintf(
- "invalid response from scanner: '%s'", buf)
- : nread == -1
- ? US"EOF from scanner"
- : US"timeout from scanner",
- sock);
- default: break;
- }
- break;
+ if (nread == -1) error_message = US"EOF from scanner";
+ else if (nread < 0) error_message = US"timeout from scanner";
+ else if (nread == 0) error_message = US"got nothing from scanner";
+ else if (buf[0] != '2') error_message = buf;
+
+ DEBUG(D_acl) debug_printf_indent("sent to avast QUIT\n");
+ if (send(sock, "QUIT\n", 5, 0) == -1)
+ return m_panic_defer_3(scanent, CUS callout_address,
+ string_sprintf("unable to send quit request to socket (%s): %s",
+ scanner_options, strerror(errno)), sock);
+
+ if (error_message)
+ return m_panic_defer_3(scanent, CUS callout_address, error_message, sock);
+
}
#endif
} /* scanner type switch */
if (!kav_re_inf)
kav_re_inf = regex_must_compile(kav_re_inf_str, FALSE, TRUE);
#endif
-#ifndef DISABLE_MAL_AVA
+#ifndef DISABLE_MAL_AVAST
if (!ava_re_clean)
ava_re_clean = regex_must_compile(ava_re_clean_str, FALSE, TRUE);
if (!ava_re_virus)
ava_re_virus = regex_must_compile(ava_re_virus_str, FALSE, TRUE);
+if (!ava_re_error)
+ ava_re_error = regex_must_compile(ava_re_error_str, FALSE, TRUE);
#endif
-#ifndef DISABLE_MAL_FPROT6D
+#ifndef DISABLE_MAL_FFROT6D
if (!fprot6d_re_error)
fprot6d_re_error = regex_must_compile(fprot6d_re_error_str, FALSE, TRUE);
if (!fprot6d_re_virus)
# if GNUTLS_VERSION_NUMBER >= 0x030000
# define SIGN_GNUTLS
# if GNUTLS_VERSION_NUMBER >= 0x030600
-# define SIGN_HAVE_ED25519 /*MMMM*/
+# define SIGN_HAVE_ED25519
# endif
# else
# define SIGN_GCRYPT
#else
# define SIGN_OPENSSL
+# if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10101000L
+# define SIGN_HAVE_ED25519
+# endif
+
#endif
const uschar * pdkim_keytypes[] = {
[KEYTYPE_RSA] = US"rsa",
#ifdef SIGN_HAVE_ED25519
- [KEYTYPE_ED25519] = US"ed25519", /* Works for 3.6.0 GnuTLS */
+ [KEYTYPE_ED25519] = US"ed25519", /* Works for 3.6.0 GnuTLS, OpenSSL 1.1.1 */
#endif
#ifdef notyet_EC_dkim_extensions /* https://tools.ietf.org/html/draft-srose-dkim-ecc-00 */
break;
case 'a': /* algorithm */
{
- uschar * s = Ustrchr(cur_val->s, '-');
-
- for(i = 0; i < nelem(pdkim_keytypes); i++)
- if (Ustrncmp(cur_val->s, pdkim_keytypes[i], s - cur_val->s) == 0)
- { sig->keytype = i; break; }
- if (sig->keytype < 0)
- log_write(0, LOG_MAIN,
- "DKIM: ignoring signature due to nonhandled keytype in a=%s",
- cur_val->s);
-
- sig->hashtype = pdkim_hashname_to_hashtype(++s, 0);
- break;
+ const uschar * list = cur_val->s;
+ int sep = '-';
+ uschar * elem;
+
+ if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
+ for(i = 0; i < nelem(pdkim_keytypes); i++)
+ if (Ustrcmp(elem, pdkim_keytypes[i]) == 0)
+ { sig->keytype = i; break; }
+ if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
+ for (i = 0; i < nelem(pdkim_hashes); i++)
+ if (Ustrcmp(elem, pdkim_hashes[i].dkim_hashname) == 0)
+ { sig->hashtype = i; break; }
}
case 'c': /* canonicalization */
for (b = ctx->bodyhash; b; b = b->next) /* Finish hashes */
{
- DEBUG(D_acl) debug_printf("PDKIM: finish bodyhash %d/%d/%d len %ld\n",
+ DEBUG(D_acl) debug_printf("PDKIM: finish bodyhash %d/%d/%ld len %ld\n",
b->hashtype, b->canon_method, b->bodylength, b->signed_body_bytes);
exim_sha_finish(&b->body_hash_ctx, &b->bh);
}
/* -------------------------------------------------------------------------- */
+/* According to draft-ietf-dcrup-dkim-crypto-07 "keys are 256 bits" (referring
+to DNS, hence the pubkey). Check for more than 32 bytes; if so assume the
+alternate possible representation (still) being discussed: a
+SubjectPublickeyInfo wrapped key - and drop all but the trailing 32-bytes (it
+should be a DER, with exactly 12 leading bytes - but we could accept a BER also,
+which could be any size). We still rely on the crypto library for checking for
+undersize.
+
+When the RFC is published this should be re-addressed. */
+
+static void
+check_bare_ed25519_pubkey(pdkim_pubkey * p)
+{
+int excess = p->key.len - 32;
+if (excess > 0)
+ {
+ DEBUG(D_acl) debug_printf("PDKIM: unexpected pubkey len %lu\n", p->key.len);
+ p->key.data += excess; p->key.len = 32;
+ }
+}
+
+
static pdkim_pubkey *
pdkim_key_from_dns(pdkim_ctx * ctx, pdkim_signature * sig, ev_ctx * vctx,
const uschar ** errstr)
/* Import public key */
+/* Normally we use the signature a= tag to tell us the pubkey format.
+When signing under debug we do a test-import of the pubkey, and at that
+time we do not have a signature so we must interpret the pubkey k= tag
+instead. Assume writing on the sig is ok in that case. */
+
+if (sig->keytype < 0)
+ {
+ int i;
+ for(i = 0; i < nelem(pdkim_keytypes); i++)
+ if (Ustrcmp(p->keytype, pdkim_keytypes[i]) == 0)
+ { sig->keytype = i; goto k_ok; }
+ DEBUG(D_acl) debug_printf("verify_init: unhandled keytype %s\n", p->keytype);
+ sig->verify_status = PDKIM_VERIFY_INVALID;
+ sig->verify_ext_status = PDKIM_VERIFY_INVALID_PUBKEY_IMPORT;
+ return NULL;
+ }
+k_ok:
+
+if (sig->keytype == KEYTYPE_ED25519)
+ check_bare_ed25519_pubkey(p);
+
if ((*errstr = exim_dkim_verify_init(&p->key,
sig->keytype == KEYTYPE_ED25519 ? KEYFMT_ED25519_BARE : KEYFMT_DER,
vctx)))
if (ctx->flags & PDKIM_MODE_SIGN)
{
hashmethod hm = sig->keytype == KEYTYPE_ED25519
- ? HASH_SHA2_512 : pdkim_hashes[sig->hashtype].exim_hashmethod;
+#if defined(SIGN_OPENSSL)
+ ? HASH_NULL
+#else
+ ? HASH_SHA2_512
+#endif
+ : pdkim_hashes[sig->hashtype].exim_hashmethod;
#ifdef SIGN_HAVE_ED25519
/* For GCrypt, and for EC, we pass the hash-of-headers to the signing
hhash.len = hdata->ptr;
}
-/*XXX extend for non-RSA algos */
-/*- done for GnuTLS */
if ((*err = exim_dkim_sign(&sctx, hm, &hhash, &sig->sighash)))
{
log_write(0, LOG_MAIN|LOG_PANIC, "signing: %s", *err);
else
{
ev_ctx vctx;
+ hashmethod hm;
/* Make sure we have all required signature tags */
if (!( sig->domain && *sig->domain
}
}
+ hm = sig->keytype == KEYTYPE_ED25519
+#if defined(SIGN_OPENSSL)
+ ? HASH_NULL
+#else
+ ? HASH_SHA2_512
+#endif
+ : pdkim_hashes[sig->hashtype].exim_hashmethod;
+
/* Check the signature */
-/*XXX extend for non-RSA algos */
-/*- done for GnuTLS */
- if ((*err = exim_dkim_verify(&vctx,
- pdkim_hashes[sig->hashtype].exim_hashmethod,
- &hhash, &sig->sighash)))
+
+ if ((*err = exim_dkim_verify(&vctx, hm, &hhash, &sig->sighash)))
{
DEBUG(D_acl) debug_printf("headers verify: %s\n", *err);
sig->verify_status = PDKIM_VERIFY_FAIL;
const uschar *
exim_dkim_signing_init(const uschar * privkey_pem, es_ctx * sign_ctx)
{
-gnutls_datum_t k = { .data = privkey_pem, .size = Ustrlen(privkey_pem) };
+gnutls_datum_t k = { .data = (void *)privkey_pem, .size = Ustrlen(privkey_pem) };
gnutls_x509_privkey_t x509_key;
int rc;
sign_ctx->keytype =
#ifdef SIGN_HAVE_ED25519
- EVP_PKEY_type(EVP_PKEY_id(sign_ctx->key)) == EVP_PKEY_EC
+ EVP_PKEY_type(EVP_PKEY_id(sign_ctx->key)) == EVP_PKEY_ED25519
? KEYTYPE_ED25519 : KEYTYPE_RSA;
#else
KEYTYPE_RSA;
/* allocate mem for signature (when signing) */
-/* hash & sign data. Could be incremental
+/* hash & sign data. Incremental not supported.
Return: NULL for success with the signaature in the sig blob, or an error string */
switch (hash)
{
+ case HASH_NULL: md = NULL; break; /* Ed25519 signing */
case HASH_SHA1: md = EVP_sha1(); break;
case HASH_SHA2_256: md = EVP_sha256(); break;
case HASH_SHA2_512: md = EVP_sha512(); break;
default: return US"nonhandled hash type";
}
-/* Create the Message Digest Context */
-/*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */
-if( (ctx = EVP_MD_CTX_create())
-
-/* Initialise the DigestSign operation */
- && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0
+#ifdef SIGN_HAVE_ED25519
+if ( (ctx = EVP_MD_CTX_new())
+ && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0
+ && EVP_DigestSign(ctx, NULL, &siglen, NULL, 0) > 0
+ && (sig->data = store_get(siglen))
- /* Call update with the message */
+ /* Obtain the signature (slen could change here!) */
+ && EVP_DigestSign(ctx, sig->data, &siglen, data->data, data->len) > 0
+ )
+ {
+ EVP_MD_CTX_destroy(ctx);
+ sig->len = siglen;
+ return NULL;
+ }
+#else
+/*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */
+if ( (ctx = EVP_MD_CTX_create())
+ && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0
&& EVP_DigestSignUpdate(ctx, data->data, data->len) > 0
-
- /* Finalise the DigestSign operation */
- /* First call EVP_DigestSignFinal with a NULL sig parameter to obtain the length of the
- * signature. Length is returned in slen */
&& EVP_DigestSignFinal(ctx, NULL, &siglen) > 0
-
- /* Allocate memory for the signature based on size in slen */
&& (sig->data = store_get(siglen))
-
- /* Obtain the signature (slen could change here!) */
+
+ /* Obtain the signature (slen could change here!) */
&& EVP_DigestSignFinal(ctx, sig->data, &siglen) > 0
)
{
sig->len = siglen;
return NULL;
}
+#endif
if (ctx) EVP_MD_CTX_destroy(ctx);
return US ERR_error_string(ERR_get_error(), NULL);
const uschar * s = pubkey->data;
uschar * ret = NULL;
-if (fmt != KEYFMT_DER) return US"pubkey format not handled";
switch(fmt)
{
case KEYFMT_DER:
- /*XXX ok, this fails for EC:
- error:0609E09C:digital envelope routines:pkey_set_type:unsupported algorithm
- */
-
/*XXX hmm, we never free this */
if (!(verify_ctx->key = d2i_PUBKEY(NULL, &s, pubkey->len)))
ret = US ERR_error_string(ERR_get_error(), NULL);
break;
#ifdef SIGN_HAVE_ED25519
case KEYFMT_ED25519_BARE:
- {
- BIGNUM * x;
- EC_KEY * eck;
- if ( !(x = BN_bin2bn(s, pubkey->len, NULL))
- || !(eck = EC_KEY_new_by_curve_name(NID_ED25519))
- || !EC_KEY_set_public_key_affine_coordinates(eck, x, NULL)
- || !(verify_ctx->key = EVP_PKEY_new())
- || !EVP_PKEY_assign_EC_KEY(verify_ctx->key, eck)
- )
+ if (!(verify_ctx->key = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL,
+ s, pubkey->len)))
ret = US ERR_error_string(ERR_get_error(), NULL);
- }
break;
#endif
default:
-/* verify signature (of hash)
-(pre-EC coding; of data if "notyet" code, The latter could be incremental)
+/* verify signature (of hash, except Ed25519 where of-data)
(given pubkey & alleged sig)
Return: NULL for success, or an error string */
{
const EVP_MD * md;
-/*XXX OpenSSL does not seem to have Ed25519 support yet. Reportedly BoringSSL does,
-but that's a nonstable API and not recommended (by its owner, Google) for external use. */
-
switch (hash)
{
+ case HASH_NULL: md = NULL; break;
case HASH_SHA1: md = EVP_sha1(); break;
case HASH_SHA2_256: md = EVP_sha256(); break;
case HASH_SHA2_512: md = EVP_sha512(); break;
default: return US"nonhandled hash type";
}
-#ifdef notyet_SIGN_HAVE_ED25519
+#ifdef SIGN_HAVE_ED25519
+if (!md)
{
EVP_MD_CTX * ctx;
- /*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */
- if (
- (ctx = EVP_MD_CTX_create())
-
- /* Initialize `key` with a public key */
+ if ( (ctx = EVP_MD_CTX_new())
&& EVP_DigestVerifyInit(ctx, NULL, md, NULL, verify_ctx->key) > 0
-
- /* add data to be hashed (call multiple times if needed) */
-
- && EVP_DigestVerifyUpdate(ctx, data->data, data->len) > 0
-
- /* finish off the hash and check the offered signature */
-
- && EVP_DigestVerifyFinal(ctx, sig->data, sig->len) > 0
+ && EVP_DigestVerify(ctx, sig->data, sig->len, data->data, data->len) > 0
)
- {
- EVP_MD_CTX_destroy(ctx); /* renamed to _free in 1.1.0 */
- return NULL;
- }
+ { EVP_MD_CTX_free(ctx); return NULL; }
if (ctx) EVP_MD_CTX_free(ctx);
- return US ERR_error_string(ERR_get_error(), NULL);
}
-#else
+else
+#endif
{
EVP_PKEY_CTX * ctx;
{ EVP_PKEY_CTX_free(ctx); return NULL; }
if (ctx) EVP_PKEY_CTX_free(ctx);
- return US ERR_error_string(ERR_get_error(), NULL);
}
-#endif
+return US ERR_error_string(ERR_get_error(), NULL);
}
/* Now scan the chain and print information, resetting store used
each time. */
-for (reset_point = store_get(0); f; f = f->next)
+for (reset_point = store_get(0);
+ f;
+ spool_clear_header_globals(), store_reset(reset_point), f = f->next
+ )
{
int rc, save_errno;
int size = 0;
message_size = 0;
message_subdir[0] = f->dir_uschar;
rc = spool_read_header(f->text, FALSE, count <= 0);
- if (rc == spool_read_notopen && errno == ENOENT && count <= 0) goto next;
+ if (rc == spool_read_notopen && errno == ENOENT && count <= 0)
+ continue;
save_errno = errno;
env_read = (rc == spool_read_OK || rc == spool_read_hdrerror);
if (rc != spool_read_hdrerror)
{
printf("\n\n");
- goto next;
+ continue;
}
}
tree_node *delivered =
tree_search(tree_nonrecipients, recipients_list[i].address);
if (!delivered || option != 1)
- printf(" %s %s\n", (delivered != NULL)? "D":" ",
- recipients_list[i].address);
+ printf(" %s %s\n",
+ delivered ? "D" : " ", recipients_list[i].address);
if (delivered) delivered->data.val = TRUE;
}
if (option == 2 && tree_nonrecipients)
queue_list_extras(tree_nonrecipients);
printf("\n");
}
-
-next:
- received_protocol = NULL;
- sender_fullhost = sender_helo_name =
- sender_rcvhost = sender_host_address = sender_address = sender_ident = NULL;
- sender_host_authenticated = authenticated_sender = authenticated_id = NULL;
- interface_address = NULL;
- acl_var_m = NULL;
-
- store_reset(reset_point);
}
}
int rc = FAIL;
int msg_size = 0;
int process_info_len = Ustrlen(process_info);
-int error_rc = (error_handling == ERRORS_SENDER)?
- errors_sender_rc : EXIT_FAILURE;
+int error_rc = error_handling == ERRORS_SENDER
+ ? errors_sender_rc : EXIT_FAILURE;
int header_size = 256;
int start, end, domain;
int id_resolution;
goto TIDYUP;
#endif /* WITH_CONTENT_SCAN */
- if (acl_not_smtp != NULL)
+ if (acl_not_smtp)
{
uschar *user_msg, *log_msg;
+ authentication_local = TRUE;
rc = acl_check(ACL_WHERE_NOTSMTP, NULL, acl_not_smtp, &user_msg, &log_msg);
if (rc == DISCARD)
{
recipients_count = 0;
blackholed_by = US"non-SMTP ACL";
- if (log_msg != NULL)
+ if (log_msg)
blackhole_log_msg = string_sprintf(": %s", log_msg);
}
else if (rc != OK)
/* The ACL can specify where rejections are to be logged, possibly
nowhere. The default is main and reject logs. */
- if (log_reject_target != 0)
+ if (log_reject_target)
log_write(0, log_reject_target, "F=<%s> rejected by non-SMTP ACL: %s",
sender_address, log_msg);
- if (user_msg == NULL) user_msg = US"local configuration problem";
+ if (!user_msg) user_msg = US"local configuration problem";
if (smtp_batched_input)
{
moan_smtp_batch(NULL, "%d %s", 550, user_msg);
case '4': /* Temp-reject. Keep spoolfiles and accept, unless defer-pass mode.
... for which, pass back the exact error */
if (cutthrough.defer_pass) smtp_reply = string_copy_malloc(msg);
- /*FALLTRHOUGH*/
+ cutthrough_done = TMP_REJ; /* Avoid the usual immediate delivery attempt */
+ break; /* message_id needed for SMTP accept below */
default: /* Unknown response, or error. Treat as temp-reject. */
+ if (cutthrough.defer_pass) smtp_reply = US"450 Onward transmission not accepted";
cutthrough_done = TMP_REJ; /* Avoid the usual immediate delivery attempt */
break; /* message_id needed for SMTP accept below */
if (rc < 0) return TRUE; /* End of file or error */
smtp_ungetc(rc);
-rc = smtp_inend - smtp_inptr;
-if (rc > 150) rc = 150;
-smtp_inptr[rc] = 0;
return FALSE;
}
static BOOL
check_sync(void)
{
-if (!smtp_enforce_sync || sender_host_address == NULL || sender_host_notsocket)
+if (!smtp_enforce_sync || !sender_host_address || sender_host_notsocket)
return TRUE;
return wouldblock_reading();
fflush(smtp_out);
if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
-/* Limit amount read, so non-message data is not fed to DKIM */
+/* Limit amount read, so non-message data is not fed to DKIM.
+Take care to not touch the safety NUL at the end of the buffer. */
-rc = read(fileno(smtp_in), smtp_inbuffer, MIN(IN_BUFFER_SIZE, lim));
+rc = read(fileno(smtp_in), smtp_inbuffer, MIN(IN_BUFFER_SIZE-1, lim));
save_errno = errno;
if (smtp_receive_timeout > 0) alarm(0);
if (rc <= 0)
/* Enforce synchronization for unknown commands */
-if (smtp_inptr < smtp_inend && /* Outstanding input */
- check_sync && /* Local flag set */
- smtp_enforce_sync && /* Global flag set */
- sender_host_address != NULL && /* Not local input */
- !sender_host_notsocket) /* Really is a socket */
+if ( smtp_inptr < smtp_inend /* Outstanding input */
+ && check_sync /* Local flag set */
+ && smtp_enforce_sync /* Global flag set */
+ && sender_host_address /* Not local input */
+ && !sender_host_notsocket) /* Really is a socket */
return BADSYN_CMD;
return OTHER_CMD;
sending_ip_address = NULL;
return_path = sender_address = NULL;
sender_data = NULL; /* Can be set by ACL */
-deliver_localpart_orig = NULL;
-deliver_domain_orig = NULL;
+deliver_localpart_parent = deliver_localpart_orig = NULL;
+deliver_domain_parent = deliver_domain_orig = NULL;
callout_address = NULL;
submission_name = NULL; /* Can be set by ACL */
raw_sender = NULL; /* After SMTP rewrite, before qualifying */
#ifndef DISABLE_DKIM
dkim_cur_signer = dkim_signers =
dkim_signing_domain = dkim_signing_selector = dkim_signatures = NULL;
+dkim_cur_signer = dkim_signers = dkim_signing_domain = dkim_signing_selector = NULL;
dkim_disable_verify = dkim_collect_input = FALSE;
+dkim_verify_overall = dkim_verify_status = dkim_verify_reason = NULL;
+dkim_key_length = 0;
+dkim_verify_signers = US"$dkim_signers";
+#endif
+#ifdef EXPERIMENTAL_DMARC
+dmarc_has_been_checked = dmarc_disable_verify = dmarc_enable_forensic = FALSE;
+dmarc_ar_header = dmarc_domain_policy = dmarc_forensic_sender =
+dmarc_history_file = dmarc_status = dmarc_status_text = dmarc_tld_file =
+dmarc_used_domain = NULL;
#endif
#ifdef EXPERIMENTAL_DMARC
dmarc_has_been_checked = dmarc_disable_verify = dmarc_enable_forensic = FALSE;
#endif
#ifdef SUPPORT_SPF
spf_header_comment = spf_received = spf_result = spf_smtp_comment = NULL;
+spf_result_guessed = FALSE;
+#endif
+#ifdef EXPERIMENTAL_DMARC
+dmarc_has_been_checked = dmarc_disable_verify = dmarc_enable_forensic = FALSE;
+dmarc_domain_policy = dmarc_status = dmarc_status_text = dmarc_used_domain = NULL;
#endif
#ifdef EXPERIMENTAL_ARC
arc_state = arc_state_reason = NULL;
(sender_host_address ? protocols : protocols_local) [pnormal];
/* Set up the buffer for inputting using direct read() calls, and arrange to
-call the local functions instead of the standard C ones. */
+call the local functions instead of the standard C ones. Place a NUL at the
+end of the buffer to safety-stop C-string reads from it. */
if (!(smtp_inbuffer = US malloc(IN_BUFFER_SIZE)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malloc() failed for SMTP input buffer");
+smtp_inbuffer[IN_BUFFER_SIZE-1] = '\0';
receive_getc = smtp_getc;
receive_getbuf = smtp_getbuf;
case BADCHAR_CMD:
done = synprot_error(L_smtp_syntax_error, 0, NULL, /* Just logs */
- US"NULL character(s) present (shown as '?')");
- smtp_printf("501 NULL characters are not allowed in SMTP commands\r\n", FALSE);
+ US"NUL character(s) present (shown as '?')");
+ smtp_printf("501 NUL characters are not allowed in SMTP commands\r\n", FALSE);
break;
if (smtp_inend >= smtp_inbuffer + IN_BUFFER_SIZE)
smtp_inend = smtp_inbuffer + IN_BUFFER_SIZE - 1;
c = smtp_inend - smtp_inptr;
- if (c > 150) c = 150;
+ if (c > 150) c = 150; /* limit logged amount */
smtp_inptr[c] = 0;
incomplete_transaction_log(US"sync failure");
log_write(0, LOG_MAIN|LOG_REJECT, "SMTP protocol synchronization error "
{ US"fail", 3 },
{ US"softfail", 4 },
{ US"none", 5 },
- { US"err_temp", 6 }, /* Deprecated Apr 2014 */
- { US"err_perm", 7 }, /* Deprecated Apr 2014 */
{ US"temperror", 6 }, /* RFC 4408 defined */
{ US"permerror", 7 } /* RFC 4408 defined */
};
{
/* get SPF result */
if (action == SPF_PROCESS_FALLBACK)
+ {
SPF_request_query_fallback(spf_request, &spf_response, CS spf_guess);
+ spf_result_guessed = TRUE;
+ }
else
SPF_request_query_mailfrom(spf_request, &spf_response);
gstring *
authres_spf(gstring * g)
{
+uschar * s;
if (!spf_result) return g;
-return string_append(g, 4, US";\n\tspf=", spf_result,
- US" smtp.mailfrom=", expand_string(US"$sender_address_domain"));
+g = string_append(g, 2, US";\n\tspf=", spf_result);
+if (spf_result_guessed)
+ g = string_cat(g, US" (best guess record for domain)");
+
+s = expand_string(US"$sender_address_domain");
+return s && *s
+ ? string_append(g, 2, US" smtp.mailfrom=", s)
+ : string_cat(g, US" smtp.mailfrom=<>");
}
else
DEBUG(D_tls) debug_printf("no SSL CTX options to set\n");
-/* Disable session cache unconditionally */
-
+/* We'd like to disable session cache unconditionally, but foolish Outlook
+Express clients then give up the first TLS connection and make a second one
+(which works). Only when there is an IMAP service on the same machine.
+Presumably OE is trying to use the cache for A on B. Leave it enabled for
+now, until we work out a decent way of presenting control to the config. It
+will never be used because we use a new context every time. */
+#ifdef notdef
(void) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+#endif
/* Initialize with DH parameters if supplied */
/* Initialize ECDH temp key parameter selection */
tls_out.active == fd ? tls_write(FALSE, block, len, more) :
#endif
#ifdef MSG_MORE
- more ? send(fd, block, len, MSG_MORE) :
+ more && !(tctx->options & topt_not_socket)
+ ? send(fd, block, len, MSG_MORE) :
#endif
write(fd, block, len);
save_errno = errno;
tls_out.active == fd ? tls_write(FALSE, block, len, more) :
#endif
#ifdef MSG_MORE
- more ? send(fd, block, len, MSG_MORE) :
+ more && !(tctx->options & topt_not_socket)
+ ? send(fd, block, len, MSG_MORE) :
#endif
write(fd, block, len);
if (len != 0) return FALSE;
}
-/* Finished with the check string */
+/* Finished with the check string, and spool-format consideration */
nl_check_length = nl_escape_length = 0;
+spool_file_wireformat = FALSE;
/* If requested, add a terminating "." line (SMTP output). */
if (yield)
{
nl_check_length = nl_escape_length = 0;
+ spool_file_wireformat = FALSE;
if ( tctx->options & topt_end_dot
&& ( last_filter_was_NL
? !write_chunk(tctx, US".\n", 2)
int used;
off_t size;
struct stat statbuf;
-transport_ctx tctx = {{0}};
-
-tctx.u.fd = to_fd;
+transport_ctx tctx = { .u={.fd = to_fd}, .options = topt_not_socket };
/* If the current mailbox size is zero, write a header block */
if (yield == OK)
{
transport_ctx tctx = {
- {fd},
- tblock,
- addr,
- ob->check_string,
- ob->escape_string,
- ob->options
+ .u = {.fd=fd},
+ .tblock = tblock,
+ .addr = addr,
+ .check_string = ob->check_string,
+ .escape_string = ob->escape_string,
+ .options = ob->options | topt_not_socket
};
if (!transport_write_message(&tctx, 0))
yield = DEFER;
:
US"------ This is a copy of the message, including all the headers.\n";
transport_ctx tctx = {
- {fileno(f)},
- tblock,
- addr,
- NULL, NULL,
- (tblock->body_only ? topt_no_headers : 0) |
- (tblock->headers_only ? topt_no_body : 0) |
- (tblock->return_path_add ? topt_add_return_path : 0) |
- (tblock->delivery_date_add ? topt_add_delivery_date : 0) |
- (tblock->envelope_to_add ? topt_add_envelope_to : 0)
+ .u = {.fd = fileno(f)},
+ .tblock = tblock,
+ .addr = addr,
+ .check_string = NULL,
+ .escape_string = NULL,
+ .options = (tblock->body_only ? topt_no_headers : 0)
+ | (tblock->headers_only ? topt_no_body : 0)
+ | (tblock->return_path_add ? topt_add_return_path : 0)
+ | (tblock->delivery_date_add ? topt_add_delivery_date : 0)
+ | (tblock->envelope_to_add ? topt_add_envelope_to : 0)
+ | topt_not_socket
};
if (bounce_return_size_limit > 0 && !tblock->headers_only)
uschar *cmd, *ss;
uschar *eol = ob->use_crlf ? US"\r\n" : US"\n";
transport_ctx tctx = {
- {0},
- tblock,
- addr,
- ob->check_string,
- ob->escape_string,
- ob->options /* set at initialization time */
+ .tblock = tblock,
+ .addr = addr,
+ .check_string = ob->check_string,
+ .escape_string = ob->escape_string,
+ ob->options | topt_not_socket /* set at initialization time */
};
DEBUG(D_transport) debug_printf("%s transport entered\n", tblock->name);
Arguments:
tb the transport block
addr address_item being processed
+ dstpath destination directory name
sdfd int Source directory fd
ddfd int Destination directory fd
link_file BOOL use linkat instead of data copy
static BOOL
copy_spool_files(transport_instance * tb, address_item * addr,
- int sdfd, int ddfd, BOOL link_file, int srcfd)
+ const uschar * dstpath, int sdfd, int ddfd, BOOL link_file, int srcfd)
{
BOOL is_hdr_file = srcfd < 0;
const uschar * suffix = srcfd < 0 ? US"H" : US"D";
int dstfd;
const uschar * filename = string_sprintf("%s-%s", message_id, suffix);
const uschar * srcpath = spool_fname(US"input", message_subdir, message_id, suffix);
-const uschar * dstpath = string_sprintf("%s/%s-%s",
- ((queuefile_transport_options_block *) tb->options_block)->dirname,
- message_id, suffix);
-const uschar * s;
-const uschar * op;
+const uschar * s, * op;
+
+dstpath = string_sprintf("%s/%s-%s", dstpath, message_id, suffix);
if (link_file)
{
(queuefile_transport_options_block *) tblock->options_block;
BOOL can_link;
uschar * sourcedir = spool_dname(US"input", message_subdir);
-uschar * s;
+uschar * s, * dstdir;
struct stat dstatbuf, sstatbuf;
int ddfd = -1, sdfd = -1;
# define O_NOFOLLOW 0
#endif
-if (ob->dirname[0] != '/')
+if (!(dstdir = expand_string(ob->dirname)))
+ {
+ addr->message = string_sprintf("%s transport: failed to expand dirname option",
+ tblock->name);
+ addr->transport_return = DEFER;
+ return FALSE;
+ }
+if (*dstdir != '/')
{
addr->transport_return = PANIC;
addr->message = string_sprintf("%s transport directory: "
- "%s is not absolute", tblock->name, ob->dirname);
+ "%s is not absolute", tblock->name, dstdir);
return FALSE;
}
/* Open the source and destination directories and check if they are
on the same filesystem, so we can hard-link files rather than copying. */
-if ( (s = ob->dirname,
+if ( (s = dstdir,
(ddfd = Uopen(s, O_RDONLY | O_DIRECTORY | O_NOFOLLOW, 0)) < 0)
|| (s = sourcedir,
(sdfd = Uopen(sourcedir, O_RDONLY | O_DIRECTORY | O_NOFOLLOW, 0)) < 0)
return FALSE;
}
-if ( (s = ob->dirname, fstat(ddfd, &dstatbuf) < 0)
- || (s = sourcedir, fstat(sdfd, &sstatbuf) < 0)
+if ( (s = dstdir, fstat(ddfd, &dstatbuf) < 0)
+ || (s = sourcedir, fstat(sdfd, &sstatbuf) < 0)
)
{
addr->transport_return = PANIC;
DEBUG(D_transport)
debug_printf("%s transport, copying header file\n", tblock->name);
-if (!copy_spool_files(tblock, addr, sdfd, ddfd, can_link, -1))
+if (!copy_spool_files(tblock, addr, dstdir, sdfd, ddfd, can_link, -1))
goto RETURN;
DEBUG(D_transport)
debug_printf("%s transport, copying data file\n", tblock->name);
-if (!copy_spool_files(tblock, addr, sdfd, ddfd, can_link, deliver_datafile))
+if (!copy_spool_files(tblock, addr, dstdir, sdfd, ddfd, can_link,
+ deliver_datafile))
{
DEBUG(D_transport)
debug_printf("%s transport, copying data file failed, "
"unlinking the header file\n", tblock->name);
- Uunlink(string_sprintf("%s/%s-H", ob->dirname, message_id));
+ Uunlink(string_sprintf("%s/%s-H", dstdir, message_id));
goto RETURN;
}
--- /dev/null
+#!/bin/sh -eu
+#
+# Short version of this script:
+# curl -f -o /var/cache/exim/opendmarc.tlds https://publicsuffix.org/list/public_suffix_list.dat
+# but run as Exim runtime user, writing to a place it can write to, and with
+# sanity checks and atomic replacement.
+#
+# For now, we deliberately leave the invalid file around for analysis
+# with .<pid> suffix.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8< cut here >8~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+# Create a cron-job as the Exim run-time user to invoke this daily, with a
+# single parameter, 'cron'. Eg:
+#
+# 3 4 * * * /usr/local/sbin/renew-opendmarc-tlds.sh cron
+#
+# That will, at 3 minutes past the 4th hour (in whatever timezone cron is
+# running it) invoke this script with 'cron'; we will then sleep between 10 and
+# 50 seconds, before continuing.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8< cut here >8~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+# This should be "pretty portable"; the only things it depends upon are:
+# * a POSIX shell which additionally implements 'local' (dash works)
+# * the 'curl' command; change the fetch_candidate() function to replace that
+# * the 'stat' command, to get the size of a file; else Perl
+# + change size_of() if need be; it's defined per-OS
+# * the 'hexdump' command and /dev/urandom existing
+# + used when invoked with 'cron', to avoid retrieving on a minute boundary
+# and contending with many other automated systems.
+# + with bash/zsh, can replace with: $(( 10 + ( RANDOM % 40 ) ))
+# + on Debian/Ubuntu systems, hexdump is in the 'bsdmainutils' package.
+
+# Consider putting an email address inside the parentheses, something like
+# noc@example.org or other reachable address, so that if something goes wrong
+# and the server operators need to step in, they can see from logs who to
+# contact instead of just blocking your IP:
+readonly CurlUserAgent='renew-opendmarc-tlds/0.1 (distributed with Exim)'
+
+# change this to your Exim run-time user (exim -n -bP exim_user) :
+readonly RuntimeUser='_exim'
+
+# Do not make this a directory which untrusted users can write to:
+readonly StateDir='/var/cache/exim'
+
+readonly URL='https://publicsuffix.org/list/public_suffix_list.dat'
+
+readonly TargetShortFile='opendmarc.tlds'
+
+# When replacing, new file must be at least this percentage the size of
+# the old one or it's an error:
+readonly MinNewSizeRation=90
+
+# Each of these regexps must be matched by the file, or it's an error:
+readonly MustExistRegexps='
+ ^ac\.uk$
+ ^org$
+ ^tech$
+ '
+
+# =======================8< end of configuration >8=======================
+
+set -eu
+
+readonly FullTargetPath="${StateDir}/${TargetShortFile}"
+readonly WorkingFile="${FullTargetPath}.$$"
+
+progname="$(basename "$0")"
+note() { printf >&2 '%s: %s\n' "$progname" "$*"; }
+die() { note "$@"; exit 1; }
+
+# guard against stomping on file-permissions
+[ ".$(id -un)" = ".${RuntimeUser:?}" ] || \
+ die "must be invoked as ${RuntimeUser}"
+
+fetch_candidate() {
+ curl --user-agent "$CurlUserAgent" -fSs -o "${WorkingFile}" "${URL}"
+}
+
+case $(uname -s) in
+*BSD|Darwin)
+ size_of() { stat -f %z "$1"; }
+ ;;
+Linux)
+ size_of() { stat -c %s "$1"; }
+ ;;
+*)
+ # why do we live in a world where Perl is the safe portable solution
+ # to getting the size of a file?
+ size_of() { perl -le 'print((stat($ARGV[0]))[7])' -- "$1"; }
+ ;;
+esac
+
+sanity_check_candidate() {
+ local new_size prev_size re
+ new_size="$(size_of "$WorkingFile")"
+
+ for re in $MustExistRegexps; do
+ grep -qs "$re" -- "$WorkingFile" || \
+ die "regexp $re not found in $WorkingFile"
+ done
+
+ if ! prev_size="$(size_of "$FullTargetPath")"; then
+ note "missing previous file, can't size-compare: $FullTargetPath"
+ # We're sane by definition, probably initial fetch, and the
+ # stat failure and this note will be printed. That's fine; if
+ # a cron invocation is missing the file then something has gone
+ # badly wrong.
+ return 0
+ fi
+ local ratio
+ ratio=$(expr $new_size \* 100 / $prev_size)
+ if [ $ratio -lt $MinNewSizeRation ]; then
+ die "New $TargetShortFile candidate only ${ratio}% size of old; $new_size vs $prev_size"
+ fi
+}
+
+if [ "${1:-.}" = "cron" ]; then
+ shift
+ # Don't pull on-the-minute, wait for off-cycle-peak
+ sleep $(( ($(dd if=/dev/urandom bs=1 count=1 2>/dev/null | hexdump -e '1/1 "%u"') % 40) + 10))
+fi
+
+umask 022
+fetch_candidate
+sanity_check_candidate
+mv -- "$WorkingFile" "$FullTargetPath"
LDFLAGS=@LDFLAGS@
CLIENT_SSL=@CLIENT_SSL@
CLIENT_GNUTLS=@CLIENT_GNUTLS@
-B64_GNUTLS=@B64_GNUTLS@
LOADED=@LOADED@
LOADED_OPT=@LOADED_OPT@
LIBS=@LIBS@
BINARIES = bin/cf bin/client $(CLIENT_SSL) $(CLIENT_GNUTLS) \
bin/checkaccess bin/fakens bin/fd bin/iefbr14 $(LOADED) \
- bin/mtpscript bin/server bin/showids bin/locate \
- $(B64_GNUTLS)
+ bin/mtpscript bin/server bin/showids bin/locate
# List of targets
cp $(SRC)/locate.pl bin/locate
chmod 0755 bin/locate
-bin/ed25519_privkey_pem_to_pubkey_raw_b64: $(SRC)/ed25519_privkey_pem_to_pubkey_raw_b64.c Makefile
- $(CC) $(CFLAGS) -DHAVE_GNUTLS $(LDFLAGS) -o bin/ed25519_privkey_pem_to_pubkey_raw_b64 \
- $(SRC)/ed25519_privkey_pem_to_pubkey_raw_b64.c -lgnutls -lgcrypt $(LIBS)
-
clean:; rm -rf $(BINARIES) bin.sys
FORCE:
LIBOBJS
LOADED_OPT
LOADED
-B64_GNUTLS
CLIENT_GNUTLS
CLIENT_SSL
BIND_8_COMPAT
done
-for ac_header in gnutls/gnutls.h
-do :
- ac_fn_c_check_header_mongrel "$LINENO" "gnutls/gnutls.h" "ac_cv_header_gnutls_gnutls_h" "$ac_includes_default"
-if test "x$ac_cv_header_gnutls_gnutls_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_GNUTLS_GNUTLS_H 1
-_ACEOF
- B64_GNUTLS=bin/ed25519_privkey_pem_to_pubkey_raw_b64
-fi
-
-done
begin acl
acl_29_29_29:
- deny dnslists = test.ex/$sender_address_domain
- accept
+ deny dnslists = test.ex/$sender_address_domain
+ accept logwrite = authresults: ${authresults {$primary_hostname}}
acl_29_29_0:
deny dnslists = test.ex
--- /dev/null
+# Exim test configuration 4562
+
+SERVER=
+VALUE=
+INSERT=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = test.ex
+
+# ----- Main settings -----
+
+acl_smtp_rcpt = accept
+acl_smtp_data = check_data
+
+log_selector = +received_recipients +dkim_verbose
+queue_only
+
+# ----- ACL -----
+begin acl
+
+check_data:
+ warn !verify = arc VALUE
+ INSERT
+
+ warn logwrite = arc_state: <$arc_state>
+ condition = ${if def:arc_state_reason}
+ logwrite = reason: <$arc_state_reason>
+
+.ifdef OPTION
+ accept
+.else
+ accept add_header = :at_start:${authresults {$primary_hostname}}
+.endif
+
+# ----- Routers -----
+
+begin routers
+
+d1:
+ driver = accept
+ local_parts = ^a
+ transport = tfile
+
+redir:
+ driver = redirect
+ data = ${substr_1:$local_part}@$domain
+ redirect_router = fwd
+
+fwd:
+ driver = accept
+ transport = tsmtp
+
+# ----- Transports -----
+
+begin transports
+
+tfile:
+ driver = appendfile
+ file = DIR/test-mail/$local_part
+ user = CALLER
+
+tsmtp:
+ driver = smtp
+ hosts = 127.0.0.1
+ port = PORT_D
+ allow_localhost
+ dkim_domain = $primary_hostname
+ dkim_selector = sel
+ dkim_private_key = DIR/aux-fixed/dkim/dkim.private
+.ifndef OPTION
+ arc_sign = $primary_hostname : sel : DIR/aux-fixed/dkim/dkim.private
+.endif
+
+# End
begin acl
check_rcpt:
- accept hosts = HOSTIPV4
+ accept condition = ${if eq {$received_port}{PORT_D}}
spf_guess = pass
- logwrite = spf_result $spf_result
+ logwrite = spf_result $spf_result (guess <$spf_result_guessed>)
logwrite = spf_header_comment $spf_header_comment
logwrite = spf_smtp_comment $spf_smtp_comment
logwrite = spf_received $spf_received
logwrite = ${authresults {$primary_hostname}}
- accept hosts = 127.0.0.1
+ accept condition = ${if eq {$received_port}{PORT_S}}
spf = pass : softfail : neutral
logwrite = spf_result $spf_result
logwrite = spf_header_comment $spf_header_comment
logwrite = ${authresults {$primary_hostname}}
deny
- logwrite = spf_result $spf_result
+ logwrite = spf_result $spf_result (guess <$spf_result_guessed>)
logwrite = spf_header_comment $spf_header_comment
logwrite = spf_smtp_comment $spf_smtp_comment
logwrite = spf_received $spf_received
--- /dev/null
+# Exim test configuration 4650
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+dmarc_tld_file = DIR/aux-fixed/TESTNUM.tldfile
+
+acl_smtp_rcpt = accept
+acl_smtp_data = check_data
+
+queue_only
+
+begin acl
+
+check_data:
+ accept hosts = HOSTIPV4
+ spf = pass : !pass
+ dmarc_status = none : !none
+ logwrite = dmarc_status <$dmarc_status>
+ logwrite = dmarc_status_text <$dmarc_status_text>
+ logwrite = dmarc_used_domain <$dmarc_used_domain>
+ logwrite = dmarc_domain_policy <$dmarc_domain_policy>
+ logwrite = ${authresults {$primary_hostname}}
+
+# End
scan:
driver = queuefile
- directory = test-mail/subdir
+ directory = ${if = {0}{0} {test-mail/subdir}{}}
# ----- Retry -----
; EC signing, using Ed25519
; - needs GnuTLS 3.6.0 (fedora rawhide has that)
; certtool --generate-privkey --key-type=ed25519 --outfile=dkim_ed25519.private
-; bin/ed25519_privkey_pem_to_pubkey_raw_b64 dkim_ed25519.private
+; certtool --load_privkey=dkim_ed25519.private --pubkey_info --outder | tail -c +13 | base64
sed._domainkey TXT "v=DKIM1; k=ed25519; p=sPs07Vu29FpHT/80UXUcYHFOHifD4o2ZlP2+XUh9g6E="
+; version of the above wrapped in SubjectPublicKeyInfo, in case the WG plumps in that direction
+; certtool --load_privkey=aux-fixed/dkim/dkim_ed25519.private --pubkey_info
+; (and grab the b64 content from between the pem headers)
+
+sedw._domainkey TXT "v=DKIM1; k=ed25519; p=MCowBQYDK2VwAyEAsPs07Vu29FpHT/80UXUcYHFOHifD4o2ZlP2+XUh9g6E="
+
; End
1999-03-02 09:44:33 10HmaX-0005vi-00 F=<ted@29.29.0.com> rejected by non-SMTP ACL: cannot test auto-keyed dnslists condition in non-SMTP ACL
1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> R=10HmaX-0005vi-00 U=EXIMUSER P=local S=sss
1999-03-02 09:44:33 10HmaY-0005vi-00 no immediate delivery: queued by ACL
+1999-03-02 09:44:33 10HmaZ-0005vi-00 authresults: Authentication-Results: myhost.test.ex;\n local=pass (non-smtp, myhost.test.ex) u=CALLER
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= bill@29.29.29.com U=CALLER P=local S=sss
-1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted"
-1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: <userx@test.ex> R=r
-1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: 'blah [E]'
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted"
+1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <userx@test.ex> R=r
+1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> temporarily rejected after DATA
1999-03-02 09:44:33 10HmbA-0005vi-00 malware_name VNAME
1999-03-02 09:44:33 10HmbA-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted despite timeout"
1999-03-02 09:44:33 10HmaZ-0005vi-00 => :blackhole: <userx@test.ex> R=r
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbB-0005vi-00 malware_name The file is a decompression bomb
+1999-03-02 09:44:33 10HmbB-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted"
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => :blackhole: <userx@test.ex> R=r
-1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: '/bin/error [E]0.0'
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted"
+1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: <userx@test.ex> R=r
+1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> temporarily rejected after DATA
-1999-03-02 09:44:33 10HmaY-0005vi-00 malware_name This ist not even an EICAR test virus.
+1999-03-02 09:44:33 10HmaY-0005vi-00 malware_name This is not even an EICAR test virus.
1999-03-02 09:44:33 10HmaY-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+1999-03-02 09:44:33 10HmaZ-0005vi-00 malware_name The file is a decompression bomb
+1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+1999-03-02 09:44:33 10HmbA-0005vi-00 malware_name The file is a decompression bomb
+1999-03-02 09:44:33 10HmbA-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+1999-03-02 09:44:33 10HmbC-0005vi-00 internal scanner error (ignored): /bin/error [E]0.0 Error 42110 The\ file\ is\ a\ decompression\ bomb
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss T="message should be accepted"
+1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <userx@test.ex> R=r
+1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=ses c=relaxed/relaxed a=rsa-sha256 b=512 [verification succeeded]
1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From:To:Subject
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
-1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.dkim.dom.ain bits: 1024 h=
-1999-03-02 09:44:33 10HmaY-0005vi-00 data acl: dkim status pass:pass:none
+1999-03-02 09:44:33 10HmaY-0005vi-00 data acl: dkim status pass:pass
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 10HmaY-0005vi-00 => c <c@test.ex> R=server_store T=file
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sed c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded]
1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sed header.a=ed25519-sha256
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=E10HmaY-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: kitterman.org bits: 512
-1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded]
-1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: @kitterman.org bits: 512
-1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded]
-1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=kitterman.org header.i=@kitterman.org header.s=ed25519 header.a=ed25519-sha256
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=kitterman.org id=example@example.com
+1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 512
+1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sedw c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded]
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sedw header.a=ed25519-sha256
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=E10HmaY-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbA-0005vi-00 signer: kitterman.org bits: 512
+1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded]
+1999-03-02 09:44:33 10HmbA-0005vi-00 signer: @kitterman.org bits: 512
+1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded]
+1999-03-02 09:44:33 10HmbA-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=kitterman.org header.i=@kitterman.org header.s=ed25519 header.a=ed25519-sha256
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=kitterman.org id=example@example.com
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=example.com s=sel c=relaxed/relaxed a=rsa-sha256 b=2048 [verification failed - body hash mismatch (body probably modified in transit)]
+1999-03-02 09:44:33 10HmaX-0005vi-00 arc_state: <none>
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net for za@test.ex
+1999-03-02 09:44:33 Start queue run: pid=pppp
+1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=example.com s=sel c=relaxed/relaxed a=rsa-sha256 b=2048 [verification failed - body hash mismatch (body probably modified in transit)]
+1999-03-02 09:44:33 10HmaY-0005vi-00 arc_state: <pass>
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=localhost (test.ex) [127.0.0.1] P=esmtp S=sss DKIM=test.ex ARC id=qwerty1234@disco-zombie.net for a@test.ex
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex <za@test.ex> R=fwd T=tsmtp H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp
+1999-03-02 09:44:33 Start queue run: pid=pppp
+1999-03-02 09:44:33 10HmaY-0005vi-00 => a <a@test.ex> R=d1 T=tfile
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp
******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 spf_result fail
-1999-03-02 09:44:33 spf_header_comment myhost.test.ex: domain of example.com does not designate ip4.ip4.ip4.ip4 as permitted sender
-1999-03-02 09:44:33 spf_smtp_comment Please see http://www.openspf.org/Why?id=a%40example.com&ip=ip4.ip4.ip4.ip4&receiver=myhost.test.ex : Reason: mechanism
-1999-03-02 09:44:33 spf_received Received-SPF: fail (myhost.test.ex: domain of example.com does not designate ip4.ip4.ip4.ip4 as permitted sender) client-ip=ip4.ip4.ip4.ip4; envelope-from=a@example.com; helo=testclient;
-1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n spf=fail smtp.mailfrom=example.com
-1999-03-02 09:44:33 H=(testclient) [ip4.ip4.ip4.ip4] F=<a@example.com> rejected RCPT <fred@test.ex>
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224
+1999-03-02 09:44:33 spf_result pass (guess <no>)
+1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
+1999-03-02 09:44:33 spf_smtp_comment
+1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=a@example.com; helo=testclient;
+1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n spf=pass smtp.mailfrom=example.com
+1999-03-02 09:44:33 spf_result pass (guess <no>)
+1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
+1999-03-02 09:44:33 spf_smtp_comment
+1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=b@test.example.com; helo=testclient;
+1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n spf=pass smtp.mailfrom=test.example.com
1999-03-02 09:44:33 spf_result pass
1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
1999-03-02 09:44:33 spf_smtp_comment
-1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=b@example.com; helo=testclient;
+1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=c@example.com; helo=testclient;
1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n spf=pass smtp.mailfrom=example.com
******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 a@example.com [ip4.ip4.ip4.ip4] lookup: 'fail'
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 port 1224
+1999-03-02 09:44:33 a@example.com [127.0.0.1] lookup: 'pass'
1999-03-02 09:44:33 b@example.com [127.0.0.1] lookup: 'pass'
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 10HmaX-0005vi-00 dmarc_status <norecord>
+1999-03-02 09:44:33 10HmaX-0005vi-00 dmarc_status_text <No DMARC record>
+1999-03-02 09:44:33 10HmaX-0005vi-00 dmarc_used_domain <example.com>
+1999-03-02 09:44:33 10HmaX-0005vi-00 dmarc_domain_policy <>
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n spf=fail smtp.mailfrom=example.com;\n dmarc=none header.from=example.com
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= a@example.com H=(testclient) [ip4.ip4.ip4.ip4] P=smtp S=sss
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss for userf@domain.com
1999-03-02 09:44:33 rcpt for userg@domain.com
1999-03-02 09:44:33 10HmbC-0005vi-00 U=CALLER userg@domain.com F=<CALLER@myhost.test.ex> tmp-reject from cutthrough after DATA: R=all T=smtp H=127.0.0.1 [127.0.0.1] C="459 content reject"
+1999-03-02 09:44:33 rcpt for userj@domain.com
1999-03-02 09:44:33 rcpt for userh@domain.com
1999-03-02 09:44:33 10HmbD-0005vi-00 >> userh@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1] C="250 OK"
1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss for userh@domain.com
iprev=pass (localhost) smtp.client-ip=127.0.0.1;
auth=pass (tls) x509.auth="Phil Pennock"
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtpsa (TLS1.x:ke_RSA_AES_256_CBC_SHAnnn:256)
+ by myhost.test.ex with esmtpsa (TLSv1:ke-RSA-AES256-SHA:xxx)
(Exim x.yz)
(envelope-from <ok@test.ex>)
id 10HmbA-0005vi-00
iprev=pass (localhost) smtp.client-ip=127.0.0.1;
auth=pass (tls) x509.auth="Phil Pennock"
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtpsa (TLS1.x:ke_RSA_AES_256_CBC_SHAnnn:256)
+ by myhost.test.ex with esmtpsa (TLSv1:ke-RSA-AES256-SHA:xxx)
(Exim x.yz)
(envelope-from <ok@test.ex>)
id 10HmaZ-0005vi-00
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=2) header.s=sel arc.oldest-pass=2 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbC-0005vi-00
for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
ARC-Seal: i=2; cv=pass; a=rsa-sha256; d=test.ex; s=sel;
- b=yjlE1/MuuhrLFWK1L1/4OyMyvK47vEmb9dlUF0JGxKTUgJRTqd725Qqzv5ArRQDbCGDah3Pttx
- NfKYLDijgST4z5MSTQbiQAoXuGEIfwPSJjMm/cQ37FMcBA2l0gVLNoQIT6GlO8B0i4cigHGEZx
- fhUOLvI8pYW8KY8ZiBLY4qE=;
+ b=MYYY1fE5A9EbBkaRpJD6OvFBUALCd7U3J/zro6xlQJXJLW+NaeDCRtStbk/ARCcTkOgnX7ZOzs
+ iLuOphCpepZTMAGWhZtit1d19HK33+s0nCIzvx31BNqpEn3xewb4/jtxBvkyVomuUudSrjbO+u
+ 8nNmcIB7siu2S8lrTSj1PPw=;
ARC-Authentication-Results: i=2; test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed; d=test.ex; s=sel;
bh=HUzfKKxIjPIa07lkj5uzDQ3q5YTRF/NwAUE7dhrrfvs=;
P4RkRsmKXqHCoaOiSOqLvBvc8822Ap0l7F/cT2Gk3VRR5ITZI2piAsgLzFpLOEJsGwGVdYsNdx
5rxBKMPvXAWZip//tBngMRw=;
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=3) header.s=sel arc.oldest-pass=0 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbG-0005vi-00
for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
ARC-Seal: i=3; cv=pass; a=rsa-sha256; d=test.ex; s=sel;
- b=HfcLGHnX3KFIqq4Hj5/+WI4kkcNEpDCTHUbuLlB8PAdwgW2ZwwD2keARxqpkeFUz0KeedU/XZc
- 54F5otXO+EkfzVP7l3nugFl4CAOGHqPOnXNU83o/tZmFb9OWDUpfB0AKN7pQZCcNbLaEdDjWuk
- YkuDNVDM0PBQ2EXpLCIbTrE=;
+ b=toV+uStte4whonmLSQreJpbH4aVVPtd+7SRqSC37YAIQugpQMe3V3RL+ThxRfxQHvAeGn5K9sh
+ pRpkAdOrY38izcXtYx9aJw/kkSjsRHQURUFeIb5hk5RiqiKnQSPP17k5b+50IYVL1K7wGxWFza
+ 4a1dn6ILHMTRyax7sxgeCrs=;
ARC-Authentication-Results: i=3; test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=2) header.s=sel arc.oldest-pass=0 smtp.client-ip=127.0.0.1
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed; d=test.ex; s=sel;
bh=31zA4VNQZ2yhHUh+7vWASIL9kKqo6pSym1QghgPyUkM=;
Ke1FhjdC7iXPv/Dj86J40D9yib5y7YC9Ce3px0xJSXDD+ml1eDi45rVo9GDkm1zVG3eZdESktT
Iv0EvpWIFn7dpelS30IKk78=;
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=2) header.s=sel arc.oldest-pass=0 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbF-0005vi-00
for za@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
ARC-Seal: i=2; cv=pass; a=rsa-sha256; d=test.ex; s=sel;
- b=l/OY+REy6qXxE2df0mxzk2Fyv4C9dTuIr2GfnpylYmIr2m/9a8uJRahXa7Ygk9wR8ofnJS+7mr
- PTM33+jhCQidq7ZgE28Q7XVMPGmqE4Frs+OmzIL4j7UpK1CYktEzYwOOCSAf8/Yu1XH5w2XNqA
- rfIrGPWlAcSoxwfnbyYxVXQ=;
+ b=SN3ee5Elw4yqVxQjcNV978Nj4mHfyVpWxau+IX9cSo9oHfx8Cn7nbjjPK7gwwu+tu9i2//afhl
+ sc+7qNkz3TLDVlII0DU9obOKks4zQXboWKIs0/b4yGUf1m/KaJNU9ClMVzHHwvDkFYh1OMpqCn
+ oPvOntgmIYGBp2JYDaPubmc=;
ARC-Authentication-Results: i=2; test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed; d=test.ex; s=sel;
bh=31zA4VNQZ2yhHUh+7vWASIL9kKqo6pSym1QghgPyUkM=;
Avoox5GkxPCBgYfO6wzh801k7F12Usgo7ryY8lOgQ/4OQ77TawNHFnlQ1WxhpaR/lUYkTXZXm2
LDzSoSVOQ0uFYg3cFzp54OA=;
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=fail (i=3 (cv, sequence or missing header))
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbL-0005vi-00
for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
ARC-Seal: i=3; cv=fail; a=rsa-sha256; d=test.ex; s=sel;
- b=kz0kMxmRu3kimu9tZvLx4HCAt6Scs+hbhEjjE30exA6FCQtaT9UjBekWGRtMLFSmR7CBlRRmOq
- Rl6lWMahfAvmdnLVKyX2FrfQLiCGBadOFeZVv5uGX0sdZXDqgjGJLGlNfnk1dtP/y4durC28LL
- 8PiM7An58gtCVWyiygt1Qk4=;
+ b=SWUvDQ1P3lgo13tJJeM68YmtvWI7gQqNWkCotGXdMN4wBcOpHPWI1oWcXb8uXu0VZOGi7tnznT
+ GokNUeB0MLtwsYMEr1JTlffMvwxqWaD37CmUsWg7JrTJ2NXPZ1qHKT21oFUvFEvkjd/RuoBiXJ
+ G7jbR5IG8oefz5Juq/ymDXU=;
ARC-Authentication-Results: i=3; test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=fail (i=2)(AMS body hash miscompare) header.s=sel arc.oldest-pass=0 smtp.client-ip=127.0.0.1
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed; d=test.ex; s=sel;
bh=31zA4VNQZ2yhHUh+7vWASIL9kKqo6pSym1QghgPyUkM=;
Ke1FhjdC7iXPv/Dj86J40D9yib5y7YC9Ce3px0xJSXDD+ml1eDi45rVo9GDkm1zVG3eZdESktT
Iv0EvpWIFn7dpelS30IKk78=;
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=fail (i=2)(AMS body hash miscompare) header.s=sel arc.oldest-pass=0 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbK-0005vi-00
for za@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=2) header.s=sel arc.oldest-pass=2 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbJ-0005vi-00
for mza@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
ARC-Seal: i=2; cv=pass; a=rsa-sha256; d=test.ex; s=sel;
- b=yjlE1/MuuhrLFWK1L1/4OyMyvK47vEmb9dlUF0JGxKTUgJRTqd725Qqzv5ArRQDbCGDah3Pttx
- NfKYLDijgST4z5MSTQbiQAoXuGEIfwPSJjMm/cQ37FMcBA2l0gVLNoQIT6GlO8B0i4cigHGEZx
- fhUOLvI8pYW8KY8ZiBLY4qE=;
+ b=MYYY1fE5A9EbBkaRpJD6OvFBUALCd7U3J/zro6xlQJXJLW+NaeDCRtStbk/ARCcTkOgnX7ZOzs
+ iLuOphCpepZTMAGWhZtit1d19HK33+s0nCIzvx31BNqpEn3xewb4/jtxBvkyVomuUudSrjbO+u
+ 8nNmcIB7siu2S8lrTSj1PPw=;
ARC-Authentication-Results: i=2; test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed; d=test.ex; s=sel;
bh=HUzfKKxIjPIa07lkj5uzDQ3q5YTRF/NwAUE7dhrrfvs=;
P4RkRsmKXqHCoaOiSOqLvBvc8822Ap0l7F/cT2Gk3VRR5ITZI2piAsgLzFpLOEJsGwGVdYsNdx
5rxBKMPvXAWZip//tBngMRw=;
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
id 10HmbO-0005vi-00
for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1
Received: from localhost ([127.0.0.1] helo=test.ex)
by test.ex with esmtp (Exim x.yz)
From CALLER@bloggs.com Tue Mar 02 09:44:33 1999
Authentication-Results: test.ex;
- iprev=pass (localhost);
+ iprev=pass (localhost) smtp.client-ip=127.0.0.1;
dkim=pass header.d=dmarc.org header.s=clochette header.a=rsa-sha256;
dkim=fail (body hash mismatch; body probably modified in transit)
header.d=convivian.com header.s=default header.a=rsa-sha256;
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: 'blah [E]'
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
1999-03-02 09:44:33 10HmaY-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : timeout from scanner
1999-03-02 09:44:33 10HmaZ-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : timeout from scanner
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: '/bin/error [E]0.0'
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
Subject: message should be tmp-rejected due to timeout
I Message-Id: <E10HmaY-0005vi-00@myhost.test.ex>
F From: CALLER_NAME <CALLER@myhost.test.ex>
+1999-03-02 09:44:33 10HmbB-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@test.ex>
+P Received: from CALLER (helo=test.ex)
+ by myhost.test.ex with local-esmtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmbB-0005vi-00
+ for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
+ Subject: defer this one, the scanner had an error
+I Message-Id: <E10HmbB-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
Subject: message should be rejected
I Message-Id: <E10HmaY-0005vi-00@myhost.test.ex>
F From: CALLER_NAME <CALLER@myhost.test.ex>
+1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@test.ex>
+P Received: from CALLER (helo=test.ex)
+ by myhost.test.ex with local-esmtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmaZ-0005vi-00
+ for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
+ Subject: message should be rejected
+I Message-Id: <E10HmaZ-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
+1999-03-02 09:44:33 10HmbA-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@test.ex>
+P Received: from CALLER (helo=test.ex)
+ by myhost.test.ex with local-esmtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmbA-0005vi-00
+ for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
+ Subject: message should be rejected
+I Message-Id: <E10HmbA-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
+++ /dev/null
-
-******** SERVER ********
-1999-03-02 09:44:33 H=(testclient) [ip4.ip4.ip4.ip4] F=<a@example.com> rejected RCPT <fred@test.ex>
next if /^Waiting for MySQL server to answer/;
next if /mysqladmin: CREATE DATABASE failed; .* database exists/;
+ # Not all builds include DMARC
+ next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ;
+
# When Exim is checking the size of directories for maildir, it uses
# the check_dir_size() function to scan directories. Of course, the order
# of the files that are obtained using readdir() varies from system to
.
****
#
-exim -f bill@29.29.29.com -odq ok1@test.ex
+exim -oMai CALLER -f bill@29.29.29.com -odq ok1@test.ex
should pass
.
****
system 'mysqladmin --protocol=TCP -P PORT_N -u root shutdown';
****
killdaemon
-#sudo rm -fr DIR/mysql
+sudo rm -fr DIR/mysql
#
sleep 5
perl
-my @pidfiles = ( "DIR/redis-cluster/node1/node1.pid", "DIR/redis-cluster/node2/" );
+my @pidfiles = ( "DIR/redis-cluster/node1/node1.pid", "DIR/redis-cluster/node2/node2.pid" );
foreach my $pidfile (@pidfiles) {
if ( -f $pidfile ) {
open (my $fh, "<", $pidfile);
****
#
#
-#
+### (non-internal) scanner error -> paniclog
server DIR/eximdir/avast_sock
>LF>220 ready
<SCAN
>LF>210 SCAN DATA
->LF>blah [E]
->LF>200 SCAN OK
+>LF>blah [E]0.0 Error 13 Permission\\ denied
+>LF>451 SCAN Engine error 13 Permission denied
<QUIT
*eof
****
>LF>220 ready
<SCAN
>LF>210 SCAN DATA
->LF>b\\ l\\ a\\ h [L]9.9 9 VNAME
+>LF>b\\ l\\ a\\ h [L]9.0 0 VNAME
>LF>200 SCAN OK
<QUIT
*eof
.
quit
****
+#
+#
+### internal scanner error, no panic log
+server DIR/eximdir/avast_sock
+>LF>220 ready
+<SCAN
+>LF>210 SCAN DATA
+>LF>blah [E]0.0 Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>200 SCAN OK
+<QUIT
+*eof
+****
+#
+#
+#
+exim -odi -bs -DOPTION= -DINSERT=
+ehlo test.ex
+mail from:<>
+rcpt to:<userx@test.ex>
+data
+Date: Fri, 17 Dec 2004 14:35:01 +0100
+Subject: defer this one, the scanner had an error
+
+.
+quit
+****
****
#
#
-### clean and error | multiline response
+### scanner tmpfail -> defer
server DIR/eximdir/avast_sock
>LF>220 ready
<SCAN
>LF>210 SCAN DATA
->LF>/bin/ok [+]
->LF>/bin/error [E]0.0
->LF>/bin/infected [L]0.0 0 This is not even EICAR!
->LF>200 SCAN OK
+>LF>/bin/error [E]0.0 Error 13 Permission\\ denied
+>LF>451 SCAN Engine error 13 Permission denied
<QUIT
*eof
****
****
#
#
-# clean and infected | multiline response
+# clean and infected -> reject
+server DIR/eximdir/avast_sock
+>LF>220 ready
+<SCAN
+>LF>210 SCAN DATA
+>LF>/bin/clean [+]
+>LF>v\\ i\\ a\\ r\\ u\\ s [L]9.0 0 This\\ is\\ not\\ even\\ an\\ EICAR\\ test\\ virus.
+>LF>200 SCAN OK
+<QUIT
+*eof
+****
+#
+#
+#
+exim -odi -bs -DOPTION= -DINSERT="/defer_ok"
+ehlo test.ex
+mail from:<>
+rcpt to:<userx@test.ex>
+data
+Date: Fri, 17 Dec 2004 14:35:01 +0100
+Subject: message should be rejected
+
+.
+quit
+****
+#
+#
+# clean, error, infected -> reject
server DIR/eximdir/avast_sock
>LF>220 ready
<SCAN
>LF>210 SCAN DATA
>LF>/bin/clean [+]
->LF>v\\ i\\ a\\ r\\ u\\ s [L]9.9 9 This ist not even an EICAR test virus.
+>LF>/bin/error [E]0.0 Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>v\\ i\\ a\\ r\\ u\\ s [L]9.0 0 This\\ is\\ not\\ even\\ an\\ EICAR\\ test\\ virus.
>LF>200 SCAN OK
<QUIT
*eof
.
quit
****
+#
+#
+# clean, error -> reject
+server DIR/eximdir/avast_sock
+>LF>220 ready
+<SCAN
+>LF>210 SCAN DATA
+>LF>/bin/clean [+]
+>LF>/bin/error [E]0.0 Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>200 SCAN OK
+<QUIT
+*eof
+****
+#
+#
+#
+exim -odi -bs -DOPTION= -DINSERT=
+ehlo test.ex
+mail from:<>
+rcpt to:<userx@test.ex>
+data
+Date: Fri, 17 Dec 2004 14:35:01 +0100
+Subject: message should be rejected
+
+.
+quit
+****
+#
+#
+# clean, error (pass_unscanned) -> accept
+server DIR/eximdir/avast_sock
+>LF>220 ready
+<SCAN
+>LF>210 SCAN DATA
+>LF>/bin/clean [+]
+>LF>/bin/error [E]0.0 Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>200 SCAN OK
+<QUIT
+*eof
+****
+#
+#
+#
+exim -odi -bs -DOPTION=pass_unscanned -DINSERT=
+ehlo test.ex
+mail from:<>
+rcpt to:<userx@test.ex>
+data
+Date: Fri, 17 Dec 2004 14:35:01 +0100
+Subject: message should be accepted
+
+.
+quit
+****
# This should pass, only Mail::DKIM::Signer does not handle ed25519-sha256 yet
#
# Mail original (will be)in aux-fixed/4500.msg1.txt
-# Sig generated by: perl aux-fixed/dkim/sign.pl --algorithm=ed255190sha256 \
+# Sig (would be) generated by: perl aux-fixed/dkim/sign.pl --algorithm=ed255190sha256 \
# --method=simple/simple < aux-fixed/4500.msg1.txt
#
# TODO - until we have that we can only test internal consistency,
****
#
#
+# Duplicate of the above, but referencing a pubkey in "wrapped-in-SubjectPublicKeyInfo"
+# format. Should pass also.
+client 127.0.0.1 PORT_D
+??? 220
+HELO xxx
+??? 250
+MAIL FROM:<CALLER@bloggs.com>
+??? 250
+RCPT TO:<a@test.ex>
+??? 250
+DATA
+??? 354
+DKIM-Signature: v=1; a=ed25519-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex
+ ; s=sedw; h=From:To:Subject; bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;
+ b=g0aVl5sI4fFLWDwXj9SnLgENXg2u8H8kKgK5/bXBZ7DKAImkm2+4tRzz1UOveu/Navis53Bg/C
+ 9nPxsspzb/Dg==;
+Received: from jgh by myhost.test.ex with local (Exim x.yz)
+ envelope-from <jgh@myhost.test.ex>)
+ 1dtXln-0000YP-Hb
+ a@test.ex; Sun, 17 Sep 2017 12:29:51 +0100
+From: nobody@example.com
+Message-Id: <E1dtXln-0000YP-Hb@myhost.test.ex>
+Sender: CALLER_NAME <jgh@myhost.test.ex>
+Date: Sun, 17 Sep 2017 12:29:51 +0100
+
+content
+.
+??? 250
+QUIT
+??? 221
+****
+#
+#
+
# This should pass, an independently-generated sample from Scott Kitterman.
# I don't want to retain this longterm as it hits an external DNS record,
# not under the testsuite.
--- /dev/null
+# ARC sign, DKIM header interactions
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+#
+# Random-ish input message, having a DKIM header
+client 127.0.0.1 PORT_D
+??? 220
+HELO xxx
+??? 250
+MAIL FROM:<CALLER@bloggs.com>
+??? 250
+RCPT TO:<za@test.ex>
+??? 250
+DATA
+??? 354
+DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
+ d=example.com; s=sel; h=List-Archive;
+ bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=uslVEq1LzHDR2ACoSTiErsGhe
+ GcuqL5no/4XYjsEJOIXkKFp4FFTj7QTcblHqyqsjgd5Dgs7zuFV4U3lwU9jSZtqJNQI+BtYZ5dS48
+ sjr9PbLiguw8rAv5eDXBQKi5XcNCnZlUnWEjl10OXEgJZ9UXdKToWHpSfWEw1nFvOlKAfPBfkznnA
+ EOQXSTJOTanLpr7EZ4Yw5LWE+9BWJfnl6snn6W0mmJl4tbfEXEV1ZzOxdQF1rwjJqmojoCG36Z+v5
+ sWKswl7HgSlKo2GKgxh9zIIhoxg5+7zfmHdKUQ2/6zuR8nqjDAjl3bSdOMgZVM0L6G6EMxQP6Sj6f
+ oEr6ePt9A==;
+From: mrgus@text.ex
+To: bakawolf@yahoo.com
+Date: Thu, 19 Nov 2015 17:00:07 -0700
+Message-ID: <qwerty1234@disco-zombie.net>
+Subject: simple test
+
+This is a simple test.
+.
+??? 250
+QUIT
+??? 221
+****
+exim -DSERVER=server -DNOTDAEMON -q
+****
+exim -DSERVER=server -DNOTDAEMON -q
+****
+#
+#
+#
+#
+#
+killdaemon
+no_stdout_check
+no_msglog_check
# to provide values for testcases.
#
# For now just check that what should be working syntax does not cause us to fall over.
-# Be careful with envelope-domains used for testcases, as real DNS lookups will be done.
+# Be careful with envelope-domains and IPs used for testcases, as real DNS lookups will be done.
#
-exim -bd -DSERVER=server -oX PORT_D
+exim -bd -DSERVER=server -oX PORT_D:PORT_S
****
-client HOSTIPV4 PORT_D
+client 127.0.0.1 PORT_D
??? 220
helo testclient
??? 250
mail from:<a@example.com>
??? 250
rcpt to:<fred@test.ex>
-??? 550
+??? 250
quit
****
client 127.0.0.1 PORT_D
??? 220
helo testclient
??? 250
-mail from:<b@example.com>
+mail from:<b@test.example.com>
+??? 250
+rcpt to:<fred@test.ex>
+??? 250
+quit
+****
+client 127.0.0.1 PORT_S
+??? 220
+helo testclient
+??? 250
+mail from:<c@example.com>
??? 250
rcpt to:<fred@test.ex>
??? 250
# For now just check that what should be working syntax does not cause us to fall over.
# Be careful with envelope-domains used for testcases, as real DNS lookups will be done.
#
-exim -bd -DSERVER=server -oX PORT_D
+exim -bd -DSERVER=server -oX PORT_D:PORT_S
****
-client HOSTIPV4 PORT_D
+client 127.0.0.1 PORT_D
??? 220
helo testclient
??? 250
??? 250
quit
****
-client 127.0.0.1 PORT_D
+client 127.0.0.1 PORT_S
??? 220
helo testclient
??? 250
--- /dev/null
+# acl variables and authresults
+#
+# SPF is a problem. We use libspf2 to do the work, and it
+# does the DNS lookups, so we cannot intercept them in the testsuite's usual fashion
+# to provide values for testcases.
+#
+# For now just check that what should be working syntax does not cause us to fall over.
+# Be careful with envelope-domains used for testcases, as real DNS lookups will be done.
+#
+exim -bd -DSERVER=server -oX PORT_D
+****
+client HOSTIPV4 PORT_D
+??? 220
+HELO testclient
+??? 250
+MAIL FROM:<a@example.com>
+??? 250
+RCPT TO:<fred@test.ex>
+??? 250
+DATA
+??? 3
+Subject: test
+From: z@example.com
+
+body line
+.
+??? 250
+QUIT
+****
+#
+killdaemon
+no_msglog_check
--- /dev/null
+support Experimental_DMARC
RCPT TO:<userg@domain.com>
DATA
+.
+QUIT
+****
+#
+# conn-drop (at DATA-dot), option "pass". Should tmp-rej source, at DATA.
+server PORT_S
+220 ESMTP
+EHLO
+250 OK
+MAIL FROM:
+250 Sender OK
+RCPT TO:
+250 good rcpt
+DATA
+354 Send data
+.
+>*eof
+****
+exim -DCONTROL=/defer=pass -bs
+EHLO myhost.test.ex
+MAIL FROM:<CALLER@myhost.test.ex>
+RCPT TO:<userj@domain.com>
+DATA
+
.
QUIT
****
+++ /dev/null
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-
-#include <stdarg.h>
-#include <stddef.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-/* Unix includes */
-
-typedef unsigned char uschar;
-
-#define CS (char *)
-#define US (unsigned char *)
-
-#define FALSE 0
-#define TRUE 1
-
-
-
-#ifdef HAVE_GNUTLS
-
-
-#include <gnutls/gnutls.h>
-#include <gnutls/abstract.h>
-#include <gnutls/x509.h>
-
-#if GNUTLS_VERSION_NUMBER >= 0x030600
-# define SIGN_HAVE_ED25519
-#endif
-
-
-
-static uschar *enc64table =
- US"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-uschar *
-b64encode(uschar *clear, int len)
-{
-uschar *code = malloc(4*((len+2)/3) + 2);
-uschar *p = code;
-
-while (len-- >0)
- {
- int x, y;
-
- x = *clear++;
- *p++ = enc64table[(x >> 2) & 63];
-
- if (len-- <= 0)
- {
- *p++ = enc64table[(x << 4) & 63];
- *p++ = '=';
- *p++ = '=';
- break;
- }
-
- y = *clear++;
- *p++ = enc64table[((x << 4) | ((y >> 4) & 15)) & 63];
-
- if (len-- <= 0)
- {
- *p++ = enc64table[(y << 2) & 63];
- *p++ = '=';
- break;
- }
-
- x = *clear++;
- *p++ = enc64table[((y << 2) | ((x >> 6) & 3)) & 63];
-
- *p++ = enc64table[x & 63];
- }
-
-*p = 0;
-
-return code;
-}
-
-/*************************************************
-* Main Program *
-*************************************************/
-
-
-int
-main(int argc, char **argv)
-{
-uschar * pemfile = argv[1];
-int fd;
-uschar buf[1024];
-int len, rc;
-gnutls_privkey_t privkey;
-gnutls_datum_t k;
-gnutls_pubkey_t pubkey;
-uschar * b64;
-
-#ifdef SIGN_HAVE_ED25519
-if ((fd = open(CS pemfile, O_RDONLY)) < 0)
- exit(1);
-
-if ((len = read(fd, buf, sizeof(buf)-1)) < 0)
- exit(2);
-
-k.data = buf;
-k.size = len;
-
-if ( (rc = gnutls_privkey_init(&privkey))
- || (rc = gnutls_privkey_import_x509_raw(privkey, &k, GNUTLS_X509_FMT_PEM, NULL, GNUTLS_PKCS_PLAIN))
- || (rc = gnutls_pubkey_init(&pubkey))
- || (rc = gnutls_pubkey_import_privkey(pubkey, privkey, GNUTLS_KEY_DIGITAL_SIGNATURE, 0))
- || (rc = gnutls_pubkey_export_ecc_raw2(pubkey, NULL, &k, NULL, GNUTLS_EXPORT_FLAG_NO_LZ))
- )
- fprintf(stderr, "%s\n", gnutls_strerror(rc));
-
-b64 = b64encode(k.data, k.size);
-
-printf("%s\n", b64);
-exit(0);
-
-#else
-fprintf(stderr, "No support for ed25519 signing in GnuTLS (version %s)\n", gnutls_check_version(NULL));
-exit(3);
-#endif
-}
-
-#endif
-
-#ifdef HAVE_OPENSSL
-int
-main(int argc, char **argv)
-{
-fprintf(stderr, "No support for ed25519 signing in OpenSSL\n");
-exit(3);
-}
-
-#endif
smtp_setup_msg entered
SMTP<< HELO ?
LOG: smtp_syntax_error MAIN
- SMTP syntax error in "HELO ?" U=CALLER NULL character(s) present (shown as '?')
-SMTP>> 501 NULL characters are not allowed in SMTP commands
+ SMTP syntax error in "HELO ?" U=CALLER NUL character(s) present (shown as '?')
+SMTP>> 501 NUL characters are not allowed in SMTP commands
SMTP<< quit
SMTP>> 221 myhost.test.ex closing connection
LOG: smtp_connection MAIN
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: 'blah [E]'
+### (non-internal) scanner error -> paniclog
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
1999-03-02 09:44:33 10HmaY-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : timeout from scanner
1999-03-02 09:44:33 10HmaZ-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : timeout from scanner
+### internal scanner error, no panic log
+
+******** SERVER ********
+### (non-internal) scanner error -> paniclog
+### internal scanner error, no panic log
### clean | multiline response
-### clean and error | multiline response
-1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : invalid response from scanner: '/bin/error [E]0.0'
+### scanner tmpfail -> defer
+1999-03-02 09:44:33 10HmaX-0005vi-00 malware acl condition: avast TESTSUITE/eximdir/avast_sock : 451 SCAN Engine error 13 Permission denied
******** SERVER ********
### clean | multiline response
-### clean and error | multiline response
+### scanner tmpfail -> defer
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
-501 NULL characters are not allowed in SMTP commands\r
+501 NUL characters are not allowed in SMTP commands\r
221 myhost.test.ex closing connection\r
250 OK\r
250 Accepted\r
354 Enter message, ending with "." on a line by itself\r
-250 OK id=10HmbB-0005vi-00\r
+250 OK id=10HmbC-0005vi-00\r
221 myhost.test.ex closing connection\r
+### (non-internal) scanner error -> paniclog
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
250-myhost.test.ex Hello CALLER at test.ex\r
250-SIZE 52428800\r
354 Enter message, ending with "." on a line by itself\r
250 OK id=10HmaZ-0005vi-00\r
221 myhost.test.ex closing connection\r
+### internal scanner error, no panic log
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Administrative prohibition\r
+221 myhost.test.ex closing connection\r
******** SERVER ********
Listening on TESTSUITE/eximdir/avast_sock ...
<FLAGS -fullfiles
>LF>210 FLAGS DATA
>LF>200 FLAGS OK
-<SCAN TESTSUITE/spool/scan/10HmbB-0005vi-00
+<SCAN TESTSUITE/spool/scan/10HmbC-0005vi-00
>LF>210 SCAN DATA
>LF>blah\x09[+]
>LF>200 SCAN OK
<QUIT
Expected EOF read from client
End of script
+### (non-internal) scanner error -> paniclog
Listening on TESTSUITE/eximdir/avast_sock ...
Connection request
>LF>220 ready
<SCAN TESTSUITE/spool/scan/10HmaX-0005vi-00
>LF>210 SCAN DATA
->LF>blah\x09[E]
->LF>200 SCAN OK
-Unexpected EOF read from client
+>LF>blah\x09[E]0.0\x09Error 13 Permission\\ denied
+>LF>451 SCAN Engine error 13 Permission denied
+<QUIT
+Expected EOF read from client
+End of script
Listening on TESTSUITE/eximdir/avast_sock ...
Connection request
>LF>220 ready
<SCAN TESTSUITE/spool/scan/10HmbA-0005vi-00
>LF>210 SCAN DATA
->LF>b\\ l\\ a\\ h\x09[L]9.9\x099 VNAME
+>LF>b\\ l\\ a\\ h\x09[L]9.0\x090 VNAME
>LF>200 SCAN OK
<QUIT
Expected EOF read from client
Connection request
*sleep 3
End of script
+### internal scanner error, no panic log
+Listening on TESTSUITE/eximdir/avast_sock ...
+Connection request
+>LF>220 ready
+<SCAN TESTSUITE/spool/scan/10HmbB-0005vi-00
+>LF>210 SCAN DATA
+>LF>blah\x09[E]0.0\x09Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>200 SCAN OK
+<QUIT
+Expected EOF read from client
+End of script
250 OK\r
250 Accepted\r
354 Enter message, ending with "." on a line by itself\r
-250 OK id=10HmaZ-0005vi-00\r
+250 OK id=10HmbB-0005vi-00\r
221 myhost.test.ex closing connection\r
-### clean and error | multiline response
+### scanner tmpfail -> defer
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
250-myhost.test.ex Hello CALLER at test.ex\r
250-SIZE 52428800\r
354 Enter message, ending with "." on a line by itself\r
550 Administrative prohibition\r
221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Administrative prohibition\r
+221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Administrative prohibition\r
+221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmbC-0005vi-00\r
+221 myhost.test.ex closing connection\r
******** SERVER ********
### clean | multiline response
>LF>FLAGS -fullfiles
>LF>FLAGS +extra
>LF>200 FLAGS OK
-<SCAN TESTSUITE/spool/scan/10HmaZ-0005vi-00
+<SCAN TESTSUITE/spool/scan/10HmbB-0005vi-00
>LF>210 SCAN DATA
>LF>/bin/clean1\x09[+]
>LF>/bin/clean2\x09[+]
<QUIT
Expected EOF read from client
End of script
-### clean and error | multiline response
+### scanner tmpfail -> defer
Listening on TESTSUITE/eximdir/avast_sock ...
Connection request
>LF>220 ready
<SCAN TESTSUITE/spool/scan/10HmaX-0005vi-00
>LF>210 SCAN DATA
->LF>/bin/ok\x09[+]
->LF>/bin/error\x09[E]0.0
->LF>/bin/infected\x09[L]0.0\x090 This is not even EICAR!
->LF>200 SCAN OK
-Unexpected EOF read from client
+>LF>/bin/error\x09[E]0.0\x09Error 13 Permission\\ denied
+>LF>451 SCAN Engine error 13 Permission denied
+<QUIT
+Expected EOF read from client
+End of script
Listening on TESTSUITE/eximdir/avast_sock ...
Connection request
>LF>220 ready
<SCAN TESTSUITE/spool/scan/10HmaY-0005vi-00
>LF>210 SCAN DATA
>LF>/bin/clean\x09[+]
->LF>v\\ i\\ a\\ r\\ u\\ s\x09[L]9.9\x099 This ist not even an EICAR test virus.
+>LF>v\\ i\\ a\\ r\\ u\\ s\x09[L]9.0\x090 This\\ is\\ not\\ even\\ an\\ EICAR\\ test\\ virus.
+>LF>200 SCAN OK
+<QUIT
+Expected EOF read from client
+End of script
+Listening on TESTSUITE/eximdir/avast_sock ...
+Connection request
+>LF>220 ready
+<SCAN TESTSUITE/spool/scan/10HmaZ-0005vi-00
+>LF>210 SCAN DATA
+>LF>/bin/clean\x09[+]
+>LF>/bin/error\x09[E]0.0\x09Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>v\\ i\\ a\\ r\\ u\\ s\x09[L]9.0\x090 This\\ is\\ not\\ even\\ an\\ EICAR\\ test\\ virus.
+>LF>200 SCAN OK
+<QUIT
+Expected EOF read from client
+End of script
+Listening on TESTSUITE/eximdir/avast_sock ...
+Connection request
+>LF>220 ready
+<SCAN TESTSUITE/spool/scan/10HmbA-0005vi-00
+>LF>210 SCAN DATA
+>LF>/bin/clean\x09[+]
+>LF>/bin/error\x09[E]0.0\x09Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
+>LF>200 SCAN OK
+<QUIT
+Expected EOF read from client
+End of script
+Listening on TESTSUITE/eximdir/avast_sock ...
+Connection request
+>LF>220 ready
+<SCAN TESTSUITE/spool/scan/10HmbC-0005vi-00
+>LF>210 SCAN DATA
+>LF>/bin/clean\x09[+]
+>LF>/bin/error\x09[E]0.0\x09Error 42110 The\\ file\\ is\\ a\\ decompression\\ bomb
>LF>200 SCAN OK
<QUIT
Expected EOF read from client
-Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
+Connecting to 127.0.0.1 port 1225 ... connected
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> helo testclient
??? 250
-<<< 250 myhost.test.ex Hello testclient [ip4.ip4.ip4.ip4]
+<<< 250 myhost.test.ex Hello testclient [127.0.0.1]
>>> mail from:<a@example.com>
??? 250
<<< 250 OK
>>> rcpt to:<fred@test.ex>
-??? 550
-<<< 550 Administrative prohibition
+??? 250
+<<< 250 Accepted
>>> quit
End of script
Connecting to 127.0.0.1 port 1225 ... connected
>>> helo testclient
??? 250
<<< 250 myhost.test.ex Hello testclient [127.0.0.1]
->>> mail from:<b@example.com>
+>>> mail from:<b@test.example.com>
+??? 250
+<<< 250 OK
+>>> rcpt to:<fred@test.ex>
+??? 250
+<<< 250 Accepted
+>>> quit
+End of script
+Connecting to 127.0.0.1 port 1224 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> helo testclient
+??? 250
+<<< 250 myhost.test.ex Hello testclient [127.0.0.1]
+>>> mail from:<c@example.com>
??? 250
<<< 250 OK
>>> rcpt to:<fred@test.ex>
-Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
+Connecting to 127.0.0.1 port 1225 ... connected
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> helo testclient
??? 250
-<<< 250 myhost.test.ex Hello testclient [ip4.ip4.ip4.ip4]
+<<< 250 myhost.test.ex Hello testclient [127.0.0.1]
>>> mail from:<a@example.com>
??? 250
<<< 250 OK
<<< 250 Accepted
>>> quit
End of script
-Connecting to 127.0.0.1 port 1225 ... connected
+Connecting to 127.0.0.1 port 1224 ... connected
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> helo testclient
--- /dev/null
+Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> HELO testclient
+??? 250
+<<< 250 myhost.test.ex Hello testclient [ip4.ip4.ip4.ip4]
+>>> MAIL FROM:<a@example.com>
+??? 250
+<<< 250 OK
+>>> RCPT TO:<fred@test.ex>
+??? 250
+<<< 250 Accepted
+>>> DATA
+??? 3
+<<< 354 Enter message, ending with "." on a line by itself
+>>> Subject: test
+>>> From: z@example.com
+>>>
+>>> body line
+>>> .
+??? 250
+<<< 250 OK id=10HmaX-0005vi-00
+>>> QUIT
+End of script
250 OK\r
250 Accepted\r
354 Enter message, ending with "." on a line by itself\r
+450 Onward transmission not accepted\r
+221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at myhost.test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
250 OK id=10HmbD-0005vi-00\r
221 myhost.test.ex closing connection\r
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
250 OK
MAIL FROM:<CALLER@myhost.test.ex>
250 Sender OK
+RCPT TO:<userj@domain.com>
+250 good rcpt
+DATA
+354 Send data
+Received: from CALLER (helo=myhost.test.ex)
+ by myhost.test.ex with local-esmtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmbE-0005vi-00
+ for userj@domain.com; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmbE-0005vi-00@myhost.test.ex>
+From: CALLER_NAME <CALLER@myhost.test.ex>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+X-hdr-rtr-new: +++
+
+.
+>*eof
+End of script
+Listening on port 1224 ...
+Connection request from [ip4.ip4.ip4.ip4]
+220 ESMTP
+EHLO myhost.test.ex
+250 OK
+MAIL FROM:<CALLER@myhost.test.ex>
+250 Sender OK
RCPT TO:<userh@domain.com>
250 Recipient OK
DATA