DKIM: Avoid spurious tls read timeout after signing failure

diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index a121e34aee46b23b7b02eb832446c30db2780309..7e6e34a67c886024ec6323f830a3175f2dd13dd5 100644 (file)
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -4436,6 +4436,21 @@ if (!sx->ok)
        message_error = Ustrncmp(smtp_command,"end ",4) == 0;
        break;
 
+#ifndef DISABLE_DKIM
+      case EACCES:
+       /* DKIM signing failure: avoid thinking we pipelined quit,
+       just abandon the message and close the socket. */
+
+       message_error = FALSE;
+# ifndef DISABLE_TLS
+       if (sx->cctx.tls_ctx)
+         {
+         tls_close(sx->cctx.tls_ctx, TLS_SHUTDOWN_WAIT);
+         sx->cctx.tls_ctx = NULL;
+         }
+# endif
+       break;
+#endif
       default:
        message_error = FALSE;
        break;