option), this condition is always true.
-.vitem &*verify&~=&~not_blind*&
+.vitem &*verify&~=&~not_blind/*&<&'options'&>
.cindex "verifying" "not blind"
.cindex "bcc recipients, verifying none"
This condition checks that there are no blind (bcc) recipients in the message.
&'Resent-Cc:'& header lines exist, they are also checked. This condition can be
used only in a DATA or non-SMTP ACL.
+.new
+There is one possible option, &`case_insensitive`&. If this is present then
+local parts are checked case-insensitively.
+.wen
+
There are, of course, many legitimate messages that make use of blind (bcc)
recipients. This check should not be used on its own for blocking messages.
4. Log_selectors "msg_id" (on by default) and "msg_id_created".
+ 5. A case_insensitive option for verify=not_blind.
+
Version 4.92
--------------
{ US"helo", VERIFY_HELO, ~0, TRUE, 0 },
{ US"csa", VERIFY_CSA, ~0, FALSE, 0 },
{ US"header_syntax", VERIFY_HDR_SYNTAX, ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 },
- { US"not_blind", VERIFY_NOT_BLIND, ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 },
+ { US"not_blind", VERIFY_NOT_BLIND, ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 },
{ US"header_sender", VERIFY_HDR_SNDR, ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 },
{ US"sender", VERIFY_SNDR, ACL_BIT_MAIL | ACL_BIT_RCPT
|ACL_BIT_PREDATA | ACL_BIT_DATA | ACL_BIT_NOTSMTP,
case VERIFY_NOT_BLIND:
/* Check that no recipient of this message is "blind", that is, every envelope
recipient must be mentioned in either To: or Cc:. */
+ {
+ BOOL case_sensitive = TRUE;
- if ((rc = verify_check_notblind()) != OK)
+ while ((ss = string_nextinlist(&list, &sep, NULL, 0)))
+ if (strcmpic(ss, US"case_insensitive") == 0)
+ case_sensitive = FALSE;
+ else
+ {
+ *log_msgptr = string_sprintf("unknown option \"%s\" in ACL "
+ "condition \"verify %s\"", ss, arg);
+ return ERROR;
+ }
+
+ if ((rc = verify_check_notblind(case_sensitive)) != OK)
{
*log_msgptr = string_sprintf("bcc recipient detected");
if (smtp_return_error_details)
*user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr);
}
return rc;
+ }
/* The remaining verification tests check recipient and sender addresses,
either from the envelope or from the header. There are a number of
extern int verify_check_headers(uschar **);
extern int verify_check_header_names_ascii(uschar **);
extern int verify_check_host(uschar **);
-extern int verify_check_notblind(void);
+extern int verify_check_notblind(BOOL);
extern int verify_check_given_host(const uschar **, const host_item *);
extern int verify_check_this_host(const uschar **, unsigned int *,
const uschar*, const uschar *, const uschar **);
because (a) it requires no memory and (b) will use fewer resources when there
are many addresses in To: and/or Cc: and only one or two envelope recipients.
-Arguments: none
+Arguments: case_sensitive true if case sensitive matching should be used
Returns: OK if there are no blind recipients
FAIL if there is at least one blind recipient
*/
int
-verify_check_notblind(void)
+verify_check_notblind(BOOL case_sensitive)
{
for (int i = 0; i < recipients_count; i++)
{
while (*s)
{
- uschar *ss = parse_find_address_end(s, FALSE);
- uschar *recipient,*errmess;
+ uschar * ss = parse_find_address_end(s, FALSE);
+ uschar * recipient, * errmess;
int terminator = *ss;
int start, end, domain;
*ss = terminator;
/* If we found a valid recipient that has a domain, compare it with the
- envelope recipient. Local parts are compared case-sensitively, domains
- case-insensitively. By comparing from the start with length "domain", we
- include the "@" at the end, which ensures that we are comparing the whole
- local part of each address. */
-
- if (recipient != NULL && domain != 0)
- {
- found = Ustrncmp(recipient, address, domain) == 0 &&
- strcmpic(recipient + domain, address + domain) == 0;
- if (found) break;
- }
+ envelope recipient. Local parts are compared with case-sensitivity
+ according to the routine arg, domains case-insensitively.
+ By comparing from the start with length "domain", we include the "@" at
+ the end, which ensures that we are comparing the whole local part of each
+ address. */
+
+ if (recipient && domain != 0)
+ if ((found = (case_sensitive
+ ? Ustrncmp(recipient, address, domain) == 0
+ : strncmpic(recipient, address, domain) == 0)
+ && strcmpic(recipient + domain, address + domain) == 0))
+ break;
/* Advance to the next address */
- s = ss + (terminator? 1:0);
+ s = ss + (terminator ? 1:0);
while (isspace(*s)) s++;
} /* Next address */
--- /dev/null
+# Exim test configuration 0583
+
+ERROR_DETAILS=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+acl_smtp_rcpt = accept
+acl_smtp_data = check_data
+
+ERROR_DETAILS
+
+# ----- ACL ------
+
+begin acl
+
+check_data:
+ accept verify = not_blind/case_insensitive
+
+
+# End
--- /dev/null
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+1999-03-02 09:44:33 10HmaY-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss
(envelope-from <CALLER@myhost.test.ex>)
id 10HmaX-0005vi-00
for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000
-T To: a@b.c, himself <usery@dom.com>
+T To: a@b.c, himself <usery@dom.com>, HIMSELF <USERX@dom.com>
I Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
F From: CALLER_NAME <CALLER@myhost.test.ex>
Date: Tue, 2 Mar 1999 09:44:33 +0000
--- /dev/null
+1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@dom.com>
+P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmaX-0005vi-00
+ for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000
+T To: b@b.c, himself <usery@dom.com>
+I Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
+1999-03-02 09:44:33 10HmaY-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@dom.com>
+P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmaY-0005vi-00
+ for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000
+T To: c@b.c, himself <usery@dom.com>
+I Message-Id: <E10HmaY-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
+1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected
+Envelope-from: <CALLER@myhost.test.ex>
+Envelope-to: <userx@dom.com>
+ <usery@dom.com>
+ <userz@dom.com>
+P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz)
+ (envelope-from <CALLER@myhost.test.ex>)
+ id 10HmaZ-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+T To: e@b.c, himself <UserY@dom.com>
+* Cc: unqualified, UserX@dom.com, x@y.z
+C Cc: unqualified@myhost.test.ex, UserX@dom.com, x@y.z
+I Message-Id: <E10HmaZ-0005vi-00@myhost.test.ex>
+F From: CALLER_NAME <CALLER@myhost.test.ex>
+ Date: Tue, 2 Mar 1999 09:44:33 +0000
mail from:<>
rcpt to:<userx@dom.com>
data
-To: a@b.c, himself <usery@dom.com>
+To: a@b.c, himself <usery@dom.com>, HIMSELF <USERX@dom.com>
.
quit
****
--- /dev/null
+# verify = not_blind/case_insensitive
+#
+# Accept: the env rcpt matches a header To:
+exim -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+data
+To: a@b.c, himself <UserX@dom.com>
+.
+quit
+****
+### Reject: no match
+exim -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+data
+To: b@b.c, himself <usery@dom.com>
+.
+quit
+****
+### Reject, with specific SMTP message
+exim -DERROR_DETAILS=smtp_return_error_details -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+data
+To: c@b.c, himself <usery@dom.com>
+.
+quit
+****
+### Accept, matches in header CC:
+exim -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+rcpt to:<usery@dom.com>
+data
+To: d@b.c, himself <UserY@dom.com>
+Cc: unqualified, UserX@dom.com, x@y.z
+.
+quit
+****
+### Reject: To: & CC: combo, an env rcpt missing
+exim -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+rcpt to:<usery@dom.com>
+rcpt to:<userz@dom.com>
+data
+To: e@b.c, himself <UserY@dom.com>
+Cc: unqualified, UserX@dom.com, x@y.z
+.
+quit
+****
+### Accept: Resent-To: & Resent-CC: combo
+exim -odq -bs
+mail from:<>
+rcpt to:<userx@dom.com>
+rcpt to:<usery@dom.com>
+data
+Resent-To: f@b.c, himself <UserY@dom.com>
+Resent-Cc: unqualified, UserX@dom.com, x@y.z
+To: an@other
+.
+quit
+****
+no_msglog_check
--- /dev/null
+### Reject: no match
+### Reject, with specific SMTP message
+### Accept, matches in header CC:
+### Reject: To: & CC: combo, an env rcpt missing
+### Accept: Resent-To: & Resent-CC: combo
+
+******** SERVER ********
+### Reject: no match
+### Reject, with specific SMTP message
+### Accept, matches in header CC:
+### Reject: To: & CC: combo, an env rcpt missing
+### Accept: Resent-To: & Resent-CC: combo
--- /dev/null
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmbA-0005vi-00\r
+221 myhost.test.ex closing connection\r
+### Reject: no match
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Administrative prohibition\r
+221 myhost.test.ex closing connection\r
+### Reject, with specific SMTP message
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Rejected after DATA: bcc recipient detected\r
+221 myhost.test.ex closing connection\r
+### Accept, matches in header CC:
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmbB-0005vi-00\r
+221 myhost.test.ex closing connection\r
+### Reject: To: & CC: combo, an env rcpt missing
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+250 Accepted\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+550 Administrative prohibition\r
+221 myhost.test.ex closing connection\r
+### Accept: Resent-To: & Resent-CC: combo
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 OK\r
+250 Accepted\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmbC-0005vi-00\r
+221 myhost.test.ex closing connection\r
+
+******** SERVER ********
+### Reject: no match
+### Reject, with specific SMTP message
+### Accept, matches in header CC:
+### Reject: To: & CC: combo, an env rcpt missing
+### Accept: Resent-To: & Resent-CC: combo
git://git.exim.org / exim.git / commitdiff