From b4ed4da0f525ab98c05797e15df0045e49ae3618 Mon Sep 17 00:00:00 2001 From: Philip Hazel Date: Mon, 15 Jan 2007 15:59:22 +0000 Subject: [PATCH] Added log selector +smtp_no_mail to log when no MAIL is issued (for Tony). --- doc/doc-txt/ChangeLog | 9 +- doc/doc-txt/NewStuff | 44 ++++++++- src/src/daemon.c | 4 +- src/src/exim.c | 10 ++- src/src/functions.h | 3 +- src/src/globals.c | 6 +- src/src/globals.h | 5 +- src/src/macros.h | 26 ++++-- src/src/smtp_in.c | 106 +++++++++++++++++++++- src/src/version.c | 4 +- test/confs/0547 | 22 +++++ test/confs/3454 | 34 +++++++ test/confs/3464 | 34 +++++++ test/log/0547 | 7 ++ test/log/3454 | 5 ++ test/log/3464 | 3 + test/rejectlog/0547 | 2 + test/runtest | 4 +- test/scripts/0000-Basic/0547 | 93 +++++++++++++++++++ test/scripts/3450-plaintext-GnuTLS/3454 | 41 +++++++++ test/scripts/3460-plaintext-OpenSSL/3464 | 40 +++++++++ test/stderr/0547 | 25 ++++++ test/stdout/0547 | 110 +++++++++++++++++++++++ test/stdout/3454 | 94 +++++++++++++++++++ test/stdout/3464 | 92 +++++++++++++++++++ 25 files changed, 804 insertions(+), 19 deletions(-) create mode 100644 test/confs/0547 create mode 100644 test/confs/3454 create mode 100644 test/confs/3464 create mode 100644 test/log/0547 create mode 100644 test/log/3454 create mode 100644 test/log/3464 create mode 100644 test/rejectlog/0547 create mode 100644 test/scripts/0000-Basic/0547 create mode 100644 test/scripts/3450-plaintext-GnuTLS/3454 create mode 100644 test/scripts/3460-plaintext-OpenSSL/3464 create mode 100644 test/stderr/0547 create mode 100644 test/stdout/0547 create mode 100644 test/stdout/3454 create mode 100644 test/stdout/3464 diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 668afc356..3b98e0e0c 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,8 +1,15 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.451 2007/01/08 11:56:41 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.452 2007/01/15 15:59:22 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.67 +----------------- + +PH/01 Added a new log selector smtp_no_mail, to log SMTP sessions that do not + issue a MAIL command. + + Exim version 4.66 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index e61421830..a24a21226 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.125 2006/12/20 09:44:37 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.126 2007/01/15 15:59:22 ph10 Exp $ New Features in Exim -------------------- @@ -8,6 +8,48 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the CVS before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.67 +------------ + + 1. There is a new log selector called smtp_no_mail, which is not included in + the default setting. When it is set, a line is written to the main log + whenever an accepted SMTP connection terminates without having issued a + MAIL command. This includes both the case when the connection is dropped, + and the case when QUIT is used. Note that it does not include cases where + the connection is rejected right at the start (by an ACL, or because there + are too many connections, or whatever). These cases already have their own + log lines. + + The log line that is written contains the identity of the client in the + usual way, followed by D= and a time, which records the duration of the + connection. If the connection was authenticated, this fact is logged + exactly as it is for an incoming message, with an A= item. If the + connection was encrypted, CV=, DN=, and X= items may appear as they do for + an incoming message, controlled by the same logging options. + + Finally, if any SMTP commands were issued during the connection, a C= item + is added to the line, listing the commands that were used. For example, + + C=EHLO,QUIT + + shows that the client issued QUIT straight after EHLO. If there were fewer + than 20 commands, they are all listed. If there were more than 20 commands, + the last 20 are listed, preceded by "...". However, with the default + setting of 10 for smtp_accep_max_nonmail, the connection will in any case + be aborted before 20 non-mail commands are processed. + + +Version 4.66 +------------ + +No new features were added to 4.66. + + +Version 4.65 +------------ + +No new features were added to 4.65. + Version 4.64 ------------ diff --git a/src/src/daemon.c b/src/src/daemon.c index 7b84490e9..81c32020e 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/daemon.c,v 1.19 2007/01/08 10:50:17 ph10 Exp $ */ +/* $Cambridge: exim/src/src/daemon.c,v 1.20 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -500,6 +500,7 @@ if (pid == 0) if (!ok) /* Connection was dropped */ { mac_smtp_fflush(); + smtp_log_no_mail(); /* Log no mail if configured */ _exit(EXIT_SUCCESS); } if (message_id[0] == 0) continue; /* No message was accepted */ @@ -508,6 +509,7 @@ if (pid == 0) { mac_smtp_fflush(); search_tidyup(); + smtp_log_no_mail(); /* Log no mail if configured */ _exit((rc == 0)? EXIT_SUCCESS : EXIT_FAILURE); } diff --git a/src/src/exim.c b/src/src/exim.c index 5ed6e54e1..d33a04d03 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/exim.c,v 1.51 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/exim.c,v 1.52 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -4381,6 +4381,7 @@ if (host_checking) if (!receive_msg(FALSE)) break; } } + smtp_log_no_mail(); exim_exit(EXIT_SUCCESS); } @@ -4636,10 +4637,15 @@ while (more) if (message_id[0] == 0) { if (more) continue; + smtp_log_no_mail(); /* Log no mail if configured */ exim_exit(EXIT_FAILURE); } } - else exim_exit((rc == 0)? EXIT_SUCCESS : EXIT_FAILURE); + else + { + smtp_log_no_mail(); /* Log no mail if configured */ + exim_exit((rc == 0)? EXIT_SUCCESS : EXIT_FAILURE); + } } /* In the non-SMTP case, we have all the information from the command diff --git a/src/src/functions.h b/src/src/functions.h index 51ad1e062..f15142336 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/functions.h,v 1.32 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/functions.h,v 1.33 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -269,6 +269,7 @@ extern BOOL smtp_get_interface(uschar *, int, address_item *, BOOL *, extern BOOL smtp_get_port(uschar *, address_item *, int *, uschar *); extern int smtp_getc(void); extern int smtp_handle_acl_fail(int, int, uschar *, uschar *); +extern void smtp_log_no_mail(void); extern void smtp_message_code(uschar **, int *, uschar **, uschar **); extern BOOL smtp_read_response(smtp_inblock *, uschar *, int, int, int); extern void smtp_respond(uschar *, int, BOOL, uschar *); diff --git a/src/src/globals.c b/src/src/globals.c index 23d6ac967..796104bc0 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.c,v 1.61 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/globals.c,v 1.62 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -696,6 +696,7 @@ bit_table log_options[] = { { US"smtp_confirmation", LX_smtp_confirmation }, { US"smtp_connection", L_smtp_connection }, { US"smtp_incomplete_transaction", L_smtp_incomplete_transaction }, + { US"smtp_no_mail", LX_smtp_no_mail }, { US"smtp_protocol_error", L_smtp_protocol_error }, { US"smtp_syntax_error", L_smtp_syntax_error }, { US"subject", LX_subject }, @@ -1042,8 +1043,11 @@ uschar *smtp_banner = US"$smtp_active_hostname ESMTP " "\0<---------------Space to patch smtp_banner->"; BOOL smtp_batched_input = FALSE; BOOL smtp_check_spool_space = TRUE; +int smtp_ch_index = 0; uschar *smtp_cmd_argument = NULL; uschar *smtp_cmd_buffer = NULL; +time_t smtp_connection_start = 0; +uschar smtp_connection_had[SMTP_HBUFF_SIZE]; int smtp_connect_backlog = 20; double smtp_delay_mail = 0.0; double smtp_delay_rcpt = 0.0; diff --git a/src/src/globals.h b/src/src/globals.h index e7e4913d4..2ea06dad9 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.h,v 1.42 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/globals.h,v 1.43 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -628,8 +628,11 @@ extern uschar *smtp_active_hostname; /* Hostname for this message */ extern BOOL smtp_authenticated; /* Sending client has authenticated */ extern uschar *smtp_banner; /* Banner string (to be expanded) */ extern BOOL smtp_check_spool_space; /* TRUE to check SMTP SIZE value */ +extern int smtp_ch_index; /* Index in smtp_connection_had */ extern uschar *smtp_cmd_argument; /* For all SMTP commands */ extern uschar *smtp_cmd_buffer; /* SMTP command buffer */ +extern time_t smtp_connection_start; /* Start time of SMTP connection */ +extern uschar smtp_connection_had[]; /* Recent SMTP commands */ extern int smtp_connect_backlog; /* Max backlog permitted */ extern double smtp_delay_mail; /* Current MAIL delay */ extern double smtp_delay_rcpt; /* Current RCPT delay */ diff --git a/src/src/macros.h b/src/src/macros.h index b7dfb591b..7b317e42d 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/macros.h,v 1.29 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/macros.h,v 1.30 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -127,6 +127,10 @@ enough to hold all the headers from a normal kind of message. */ #define LOG_BUFFER_SIZE 8192 +/* The size of the circular buffer that remembers recent SMTP commands */ + +#define SMTP_HBUFF_SIZE 20 + /* The initial size of a big buffer for use in various places. It gets put into big_buffer_size and in some circumstances increased. It should be at least as long as the maximum path length. */ @@ -383,11 +387,12 @@ set all the bits in a multi-word selector. */ #define LX_sender_on_delivery 0x80004000 #define LX_sender_verify_fail 0x80008000 #define LX_smtp_confirmation 0x80010000 -#define LX_subject 0x80020000 -#define LX_tls_certificate_verified 0x80040000 -#define LX_tls_cipher 0x80080000 -#define LX_tls_peerdn 0x80100000 -#define LX_unknown_in_list 0x80200000 +#define LX_smtp_no_mail 0x80020000 +#define LX_subject 0x80040000 +#define LX_tls_certificate_verified 0x80080000 +#define LX_tls_cipher 0x80100000 +#define LX_tls_peerdn 0x80200000 +#define LX_unknown_in_list 0x80400000 #define L_default (L_connection_reject | \ L_delay_delivery | \ @@ -691,6 +696,15 @@ local_scan.h */ #define LOG_CONFIG_FOR (256+128) /* Add " for" instead of ":\n" */ #define LOG_CONFIG_IN (512+128) /* Add " in line x[ of file y]" */ +/* SMTP command identifiers for the smtp_connection_had field that records the +most recent SMTP commands. Must be kept in step with the list of names in +smtp_in.c that is used for creating the smtp_no_mail logging action. SCH_NONE +is "empty". */ + +enum { SCH_NONE, SCH_AUTH, SCH_DATA, SCH_EHLO, SCH_ETRN, SCH_EXPN, SCH_HELO, + SCH_HELP, SCH_MAIL, SCH_NOOP, SCH_QUIT, SCH_RCPT, SCH_RSET, SCH_STARTTLS, + SCH_VRFY }; + /* Returns from host_find_by{name,dns}() */ enum { diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 7e80c6209..b1a1eba3d 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/smtp_in.c,v 1.49 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/smtp_in.c,v 1.50 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -96,6 +96,13 @@ enum { TOO_MANY_NONMAIL_CMD }; +/* This is a convenience macro for adding the identity of an SMTP command +to the circular buffer that holds a list of the last n received. */ + +#define HAD(n) \ + smtp_connection_had[smtp_ch_index++] = n; \ + if (smtp_ch_index >= SMTP_HBUFF_SIZE) smtp_ch_index = 0 + /************************************************* * Local static variables * @@ -165,6 +172,15 @@ static smtp_cmd_list *cmd_list_end = #define CMD_LIST_AUTH 3 #define CMD_LIST_STARTTLS 4 +/* This list of names is used for performing the smtp_no_mail logging action. +It must be kept in step with the SCH_xxx enumerations. */ + +static uschar *smtp_names[] = + { + US"NONE", US"AUTH", US"DATA", US"EHLO", US"ETRN", US"EXPN", US"HELO", + US"HELP", US"MAIL", US"NOOP", US"QUIT", US"RCPT", US"RSET", US"STARTTLS", + US"VRFY" }; + static uschar *protocols[] = { US"local-smtp", /* HELO */ US"local-smtps", /* The rare case EHLO->STARTTLS->HELO */ @@ -666,6 +682,74 @@ return string_sprintf("SMTP connection from %s", hostname); +/************************************************* +* Log lack of MAIL if so configured * +*************************************************/ + +/* This function is called when an SMTP session ends. If the log selector +smtp_no_mail is set, write a log line giving some details of what has happened +in the SMTP session. + +Arguments: none +Returns: nothing +*/ + +void +smtp_log_no_mail(void) +{ +int size, ptr, i; +uschar *s, *sep; + +if (smtp_mailcmd_count > 0 || (log_extra_selector & LX_smtp_no_mail) == 0) + return; + +s = NULL; +size = ptr = 0; + +if (sender_host_authenticated != NULL) + { + s = string_append(s, &size, &ptr, 2, US" A=", sender_host_authenticated); + if (authenticated_id != NULL) + s = string_append(s, &size, &ptr, 2, US":", authenticated_id); + } + +#ifdef SUPPORT_TLS +if ((log_extra_selector & LX_tls_cipher) != 0 && tls_cipher != NULL) + s = string_append(s, &size, &ptr, 2, US" X=", tls_cipher); +if ((log_extra_selector & LX_tls_certificate_verified) != 0 && + tls_cipher != NULL) + s = string_append(s, &size, &ptr, 2, US" CV=", + tls_certificate_verified? "yes":"no"); +if ((log_extra_selector & LX_tls_peerdn) != 0 && tls_peerdn != NULL) + s = string_append(s, &size, &ptr, 3, US" DN=\"", tls_peerdn, US"\""); +#endif + +sep = (smtp_connection_had[SMTP_HBUFF_SIZE-1] != SCH_NONE)? + US" C=..." : US" C="; +for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++) + { + if (smtp_connection_had[i] != SCH_NONE) + { + s = string_append(s, &size, &ptr, 2, sep, + smtp_names[smtp_connection_had[i]]); + sep = US","; + } + } + +for (i = 0; i < smtp_ch_index; i++) + { + s = string_append(s, &size, &ptr, 2, sep, smtp_names[smtp_connection_had[i]]); + sep = US","; + } + +if (s != NULL) s[ptr] = 0; else s = US""; +log_write(0, LOG_MAIN, "no MAIL in SMTP connection from %s D=%s%s", + host_and_ident(FALSE), + readconf_printtime(time(NULL) - smtp_connection_start), s); +} + + + /************************************************* * Check HELO line and set sender_helo_name * *************************************************/ @@ -1146,9 +1230,15 @@ uschar *user_msg, *log_msg; uschar *code, *esc; uschar *p, *s, *ss; +smtp_connection_start = time(NULL); +for (smtp_ch_index = 0; smtp_ch_index < SMTP_HBUFF_SIZE; smtp_ch_index++) + smtp_connection_had[smtp_ch_index] = SCH_NONE; +smtp_ch_index = 0; + /* Default values for certain variables */ helo_seen = esmtp = helo_accept_junk = FALSE; +smtp_mailcmd_count = 0; count_nonmail = TRUE_UNSET; synprot_error_count = unknown_command_count = nonmail_command_count = 0; smtp_delay_mail = smtp_rlm_base; @@ -2335,6 +2425,7 @@ while (done <= 0) AUTHS will eventually hit the nonmail threshold. */ case AUTH_CMD: + HAD(SCH_AUTH); authentication_failed = TRUE; cmd_list[CMD_LIST_AUTH].is_mail_cmd = FALSE; @@ -2527,11 +2618,13 @@ while (done <= 0) it did the reset first. */ case HELO_CMD: + HAD(SCH_HELO); hello = US"HELO"; esmtp = FALSE; goto HELO_EHLO; case EHLO_CMD: + HAD(SCH_EHLO); hello = US"EHLO"; esmtp = TRUE; @@ -2870,6 +2963,7 @@ while (done <= 0) it is the canonical extracted address which is all that is kept. */ case MAIL_CMD: + HAD(SCH_MAIL); smtp_mailcmd_count++; /* Count for limit and ratelimit */ was_rej_mail = TRUE; /* Reset if accepted */ @@ -3159,6 +3253,7 @@ while (done <= 0) extracted address. */ case RCPT_CMD: + HAD(SCH_RCPT); rcpt_count++; was_rcpt = TRUE; @@ -3346,6 +3441,7 @@ while (done <= 0) because it is the same whether pipelining is in use or not. */ case DATA_CMD: + HAD(SCH_DATA); if (!discarded && recipients_count <= 0) { if (pipelining_advertised && last_was_rcpt) @@ -3390,6 +3486,7 @@ while (done <= 0) case VRFY_CMD: + HAD(SCH_VRFY); rc = acl_check(ACL_WHERE_VRFY, NULL, acl_smtp_vrfy, &user_msg, &log_msg); if (rc != OK) done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg); @@ -3437,6 +3534,7 @@ while (done <= 0) case EXPN_CMD: + HAD(SCH_EXPN); rc = acl_check(ACL_WHERE_EXPN, NULL, acl_smtp_expn, &user_msg, &log_msg); if (rc != OK) done = smtp_handle_acl_fail(ACL_WHERE_EXPN, rc, user_msg, log_msg); @@ -3456,6 +3554,7 @@ while (done <= 0) #ifdef SUPPORT_TLS case STARTTLS_CMD: + HAD(SCH_STARTTLS); if (!tls_advertised) { done = synprot_error(L_smtp_protocol_error, 503, NULL, @@ -3569,6 +3668,7 @@ while (done <= 0) message. */ case QUIT_CMD: + HAD(SCH_QUIT); incomplete_transaction_log(US"QUIT"); if (acl_smtp_quit != NULL) @@ -3595,6 +3695,7 @@ while (done <= 0) case RSET_CMD: + HAD(SCH_RSET); incomplete_transaction_log(US"RSET"); smtp_reset(reset_point); toomany = FALSE; @@ -3604,6 +3705,7 @@ while (done <= 0) case NOOP_CMD: + HAD(SCH_NOOP); smtp_printf("250 OK\r\n"); break; @@ -3613,6 +3715,7 @@ while (done <= 0) permitted hosts. */ case HELP_CMD: + HAD(SCH_HELP); smtp_printf("214-Commands supported:\r\n"); { uschar buffer[256]; @@ -3654,6 +3757,7 @@ while (done <= 0) case ETRN_CMD: + HAD(SCH_ETRN); if (sender_address != NULL) { done = synprot_error(L_smtp_protocol_error, 503, NULL, diff --git a/src/src/version.c b/src/src/version.c index a41b17c90..70cf65a7b 100644 --- a/src/src/version.c +++ b/src/src/version.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/version.c,v 1.20 2007/01/08 10:50:18 ph10 Exp $ */ +/* $Cambridge: exim/src/src/version.c,v 1.21 2007/01/15 15:59:22 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -12,7 +12,7 @@ #include "exim.h" -#define THIS_VERSION "4.66" +#define THIS_VERSION "4.67" /* The header file cnumber.h contains a single line containing the diff --git a/test/confs/0547 b/test/confs/0547 new file mode 100644 index 000000000..d5f2fcce7 --- /dev/null +++ b/test/confs/0547 @@ -0,0 +1,22 @@ +# Exim test configuration 0547 + +MAXNM = 100 + +exim_path = EXIM_PATH +host_lookup_order = bydns +primary_hostname = myhost.test.ex +rfc1413_query_timeout = 0s +spool_directory = DIR/spool +log_file_path = DIR/spool/log/%slog +gecos_pattern = "" +gecos_name = CALLER_NAME + +# ----- Main settings ----- + +acl_smtp_rcpt = accept + +log_selector = +smtp_no_mail + +smtp_accept_max_nonmail = MAXNM + +# End diff --git a/test/confs/3454 b/test/confs/3454 new file mode 100644 index 000000000..9e059f7ee --- /dev/null +++ b/test/confs/3454 @@ -0,0 +1,34 @@ +# Exim test configuration 3454 + +exim_path = EXIM_PATH +host_lookup_order = bydns +primary_hostname = myhost.test.ex +rfc1413_query_timeout = 0s +spool_directory = DIR/spool +log_file_path = DIR/spool/log/%slog +gecos_pattern = "" +gecos_name = CALLER_NAME + +# ----- Main settings ----- + +domainlist local_domains = test.ex + +log_selector = +smtp_no_mail + +tls_advertise_hosts = * +tls_certificate = DIR/aux-fixed/cert1 +tls_privatekey = DIR/aux-fixed/cert1 + + +# ----- Authenticators ----- + +begin authenticators + +plain: + driver = plaintext + public_name = PLAIN + server_condition = "\ + ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}" + server_set_id = $2 + +# End diff --git a/test/confs/3464 b/test/confs/3464 new file mode 100644 index 000000000..495d0d99a --- /dev/null +++ b/test/confs/3464 @@ -0,0 +1,34 @@ +# Exim test configuration 3464 + +exim_path = EXIM_PATH +host_lookup_order = bydns +primary_hostname = myhost.test.ex +rfc1413_query_timeout = 0s +spool_directory = DIR/spool +log_file_path = DIR/spool/log/%slog +gecos_pattern = "" +gecos_name = CALLER_NAME + +# ----- Main settings ----- + +domainlist local_domains = test.ex + +log_selector = +smtp_no_mail + +tls_advertise_hosts = * +tls_certificate = DIR/aux-fixed/cert1 +tls_privatekey = DIR/aux-fixed/cert1 + + +# ----- Authenticators ----- + +begin authenticators + +plain: + driver = plaintext + public_name = PLAIN + server_condition = "\ + ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}" + server_set_id = $2 + +# End diff --git a/test/log/0547 b/test/log/0547 new file mode 100644 index 000000000..3b86d2bd5 --- /dev/null +++ b/test/log/0547 @@ -0,0 +1,7 @@ +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s C=QUIT +1999-03-02 09:44:33 H=(x.y.z) [127.0.0.1] rejected VRFY a@b.c +1999-03-02 09:44:33 no MAIL in SMTP connection from (x.y.z) [127.0.0.1] D=0s C=EHLO,VRFY,QUIT +1999-03-02 09:44:33 U=CALLER rejected EXPN x@y +1999-03-02 09:44:33 no MAIL in SMTP connection from CALLER D=0s C=EXPN,QUIT diff --git a/test/log/3454 b/test/log/3454 new file mode 100644 index 000000000..596be1a9e --- /dev/null +++ b/test/log/3454 @@ -0,0 +1,5 @@ +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 TLS recv error on connection from [127.0.0.1]: A TLS packet with unexpected length was received. +1999-03-02 09:44:33 TLS send error on connection from [127.0.0.1]: The specified session has been invalidated for some reason. +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s X=TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32 C=EHLO,STARTTLS,AUTH +1999-03-02 09:44:33 no MAIL in SMTP connection from (foobar) [127.0.0.1] D=0s A=plain:userx X=TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32 C=EHLO,STARTTLS,EHLO,AUTH,QUIT diff --git a/test/log/3464 b/test/log/3464 new file mode 100644 index 000000000..3fb7c7887 --- /dev/null +++ b/test/log/3464 @@ -0,0 +1,3 @@ +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 no MAIL in SMTP connection from [127.0.0.1] D=0s X=TLSv1:AES256-SHA:256 C=EHLO,STARTTLS,AUTH +1999-03-02 09:44:33 no MAIL in SMTP connection from (foobar) [127.0.0.1] D=0s A=plain:userx X=TLSv1:AES256-SHA:256 C=EHLO,STARTTLS,EHLO,AUTH,QUIT diff --git a/test/rejectlog/0547 b/test/rejectlog/0547 new file mode 100644 index 000000000..e72b967dd --- /dev/null +++ b/test/rejectlog/0547 @@ -0,0 +1,2 @@ +1999-03-02 09:44:33 H=(x.y.z) [127.0.0.1] rejected VRFY a@b.c +1999-03-02 09:44:33 U=CALLER rejected EXPN x@y diff --git a/test/runtest b/test/runtest index ec1e8280a..ac56a1c95 100755 --- a/test/runtest +++ b/test/runtest @@ -1,6 +1,6 @@ #! /usr/bin/perl -w -# $Cambridge: exim/test/runtest,v 1.20 2007/01/08 11:56:41 ph10 Exp $ +# $Cambridge: exim/test/runtest,v 1.21 2007/01/15 15:59:22 ph10 Exp $ ############################################################################### # This is the controlling script for the "new" test suite for Exim. It should # @@ -23,7 +23,7 @@ use Socket; # Start by initializing some global variables -$testversion = "4.66 (08-Jan-07)"; +$testversion = "4.67 (15-Jan-07)"; $cf = "bin/cf"; $cr = "\r"; diff --git a/test/scripts/0000-Basic/0547 b/test/scripts/0000-Basic/0547 new file mode 100644 index 000000000..2ee0dd5ce --- /dev/null +++ b/test/scripts/0000-Basic/0547 @@ -0,0 +1,93 @@ +# log_selector = +smtp_no_mail +need_ipv4 +# +exim -DSERVER=server -bd -oX PORT_D +**** +client 127.0.0.1 PORT_D +??? 220 +**** +client 127.0.0.1 PORT_D +??? 220 +quit +??? 221 +**** +client 127.0.0.1 PORT_D +??? 220 +ehlo x.y.z +??? 250 +??? 250 +??? 250 +??? 250 +VRFY a@b.c +??? 252 +quit +??? 221 +**** +client 127.0.0.1 PORT_D +??? 220 +ehlo x.y.z +??? 250 +??? 250 +??? 250 +??? 250 +MAIL FROM:<> +??? 250 +quit +??? 221 +**** +killdaemon +# +exim -bh 10.9.8.7 +HELO rhu.barb +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +QUIT +**** +exim -bs +EXPN x@y +QUIT +**** +exim -DMAXNM=10 -bh 10.9.8.7 +HELO rhu.barb +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +RSET +NOOP +HELP +QUIT +**** diff --git a/test/scripts/3450-plaintext-GnuTLS/3454 b/test/scripts/3450-plaintext-GnuTLS/3454 new file mode 100644 index 000000000..0c45cbcc5 --- /dev/null +++ b/test/scripts/3450-plaintext-GnuTLS/3454 @@ -0,0 +1,41 @@ +# TLS (server: logging for smtp_no_mail log selector) +gnutls +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +auth plain AHVzZXJ4AHNlY3JldA== +??? 503 +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +auth plain AHVzZXJ4AHNlY3JldA== +??? 235 +quit +??? 221 +**** +killdaemon diff --git a/test/scripts/3460-plaintext-OpenSSL/3464 b/test/scripts/3460-plaintext-OpenSSL/3464 new file mode 100644 index 000000000..293ab7af0 --- /dev/null +++ b/test/scripts/3460-plaintext-OpenSSL/3464 @@ -0,0 +1,40 @@ +# TLS (server: logging for smtp_no_mail log selector) +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +auth plain AHVzZXJ4AHNlY3JldA== +??? 503 +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +ehlo foobar +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +auth plain AHVzZXJ4AHNlY3JldA== +??? 235 +quit +??? 221 +**** +killdaemon diff --git a/test/stderr/0547 b/test/stderr/0547 new file mode 100644 index 000000000..980da7a0b --- /dev/null +++ b/test/stderr/0547 @@ -0,0 +1,25 @@ +>>> host in hosts_connection_nolog? no (option unset) +>>> host in host_lookup? no (option unset) +>>> host in host_reject_connection? no (option unset) +>>> host in sender_unqualified_hosts? no (option unset) +>>> host in recipient_unqualified_hosts? no (option unset) +>>> host in helo_verify_hosts? no (option unset) +>>> host in helo_try_verify_hosts? no (option unset) +>>> host in helo_accept_junk_hosts? no (option unset) +>>> rhu.barb in helo_lookup_domains? no (end of list) +>>> host in smtp_accept_max_nonmail_hosts? yes (matched "*") +LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=0s C=...HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,QUIT +>>> host in hosts_connection_nolog? no (option unset) +>>> host in host_lookup? no (option unset) +>>> host in host_reject_connection? no (option unset) +>>> host in sender_unqualified_hosts? no (option unset) +>>> host in recipient_unqualified_hosts? no (option unset) +>>> host in helo_verify_hosts? no (option unset) +>>> host in helo_try_verify_hosts? no (option unset) +>>> host in helo_accept_junk_hosts? no (option unset) +>>> rhu.barb in helo_lookup_domains? no (end of list) +>>> host in smtp_accept_max_nonmail_hosts? yes (matched "*") +LOG: SMTP call from (rhu.barb) [10.9.8.7] dropped: too many nonmail commands (last was "HELP") +LOG: no MAIL in SMTP connection from (rhu.barb) [10.9.8.7] D=0s C=HELO,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP,HELP,RSET,NOOP + +******** SERVER ******** diff --git a/test/stdout/0547 b/test/stdout/0547 new file mode 100644 index 000000000..94356f825 --- /dev/null +++ b/test/stdout/0547 @@ -0,0 +1,110 @@ +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo x.y.z +??? 250 +<<< 250-myhost.test.ex Hello x.y.z [127.0.0.1] +??? 250 +<<< 250-SIZE 52428800 +??? 250 +<<< 250-PIPELINING +??? 250 +<<< 250 HELP +>>> VRFY a@b.c +??? 252 +<<< 252 Administrative prohibition +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo x.y.z +??? 250 +<<< 250-myhost.test.ex Hello x.y.z [127.0.0.1] +??? 250 +<<< 250-SIZE 52428800 +??? 250 +<<< 250-PIPELINING +??? 250 +<<< 250 HELP +>>> MAIL FROM:<> +??? 250 +<<< 250 OK +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script + +**** SMTP testing session as if from host 10.9.8.7 +**** but without any ident (RFC 1413) callback. +**** This is not for real! + +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250 myhost.test.ex Hello rhu.barb [10.9.8.7] +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +550 Administrative prohibition +221 myhost.test.ex closing connection + +**** SMTP testing session as if from host 10.9.8.7 +**** but without any ident (RFC 1413) callback. +**** This is not for real! + +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250 myhost.test.ex Hello rhu.barb [10.9.8.7] +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +214-Commands supported: +214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP +250 Reset OK +250 OK +554 Too many nonmail commands diff --git a/test/stdout/3454 b/test/stdout/3454 new file mode 100644 index 000000000..7ccebbc84 --- /dev/null +++ b/test/stdout/3454 @@ -0,0 +1,94 @@ +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +SSL info: before/connect initialization +SSL info: before/connect initialization +SSL info: SSLv2/v3 write client hello A +SSL info: SSLv3 read server hello A +SSL info: SSLv3 read server certificate A +SSL info: SSLv3 read server key exchange A +SSL info: SSLv3 read server done A +SSL info: SSLv3 write client key exchange A +SSL info: SSLv3 write change cipher spec A +SSL info: SSLv3 write finished A +SSL info: SSLv3 flush data +SSL info: SSLv3 read finished A +SSL info: SSL negotiation finished successfully +SSL info: SSL negotiation finished successfully +SSL connection using DHE-RSA-AES256-SHA +Succeeded in starting TLS +>>> auth plain AHVzZXJ4AHNlY3JldA== +??? 503 +<<< 503 AUTH command used when not advertised +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +SSL info: before/connect initialization +SSL info: before/connect initialization +SSL info: SSLv2/v3 write client hello A +SSL info: SSLv3 read server hello A +SSL info: SSLv3 read server certificate A +SSL info: SSLv3 read server key exchange A +SSL info: SSLv3 read server done A +SSL info: SSLv3 write client key exchange A +SSL info: SSLv3 write change cipher spec A +SSL info: SSLv3 write finished A +SSL info: SSLv3 flush data +SSL info: SSLv3 read finished A +SSL info: SSL negotiation finished successfully +SSL info: SSL negotiation finished successfully +SSL connection using DHE-RSA-AES256-SHA +Succeeded in starting TLS +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250 +<<< 250 HELP +>>> auth plain AHVzZXJ4AHNlY3JldA== +??? 235 +<<< 235 Authentication succeeded +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script diff --git a/test/stdout/3464 b/test/stdout/3464 new file mode 100644 index 000000000..449f77d07 --- /dev/null +++ b/test/stdout/3464 @@ -0,0 +1,92 @@ +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +SSL info: before/connect initialization +SSL info: before/connect initialization +SSL info: SSLv2/v3 write client hello A +SSL info: SSLv3 read server hello A +SSL info: SSLv3 read server certificate A +SSL info: SSLv3 read server done A +SSL info: SSLv3 write client key exchange A +SSL info: SSLv3 write change cipher spec A +SSL info: SSLv3 write finished A +SSL info: SSLv3 flush data +SSL info: SSLv3 read finished A +SSL info: SSL negotiation finished successfully +SSL info: SSL negotiation finished successfully +SSL connection using AES256-SHA +Succeeded in starting TLS +>>> auth plain AHVzZXJ4AHNlY3JldA== +??? 503 +<<< 503 AUTH command used when not advertised +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +SSL info: before/connect initialization +SSL info: before/connect initialization +SSL info: SSLv2/v3 write client hello A +SSL info: SSLv3 read server hello A +SSL info: SSLv3 read server certificate A +SSL info: SSLv3 read server done A +SSL info: SSLv3 write client key exchange A +SSL info: SSLv3 write change cipher spec A +SSL info: SSLv3 write finished A +SSL info: SSLv3 flush data +SSL info: SSLv3 read finished A +SSL info: SSL negotiation finished successfully +SSL info: SSL negotiation finished successfully +SSL connection using AES256-SHA +Succeeded in starting TLS +>>> ehlo foobar +??? 250- +<<< 250-myhost.test.ex Hello foobar [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250 +<<< 250 HELP +>>> auth plain AHVzZXJ4AHNlY3JldA== +??? 235 +<<< 235 Authentication succeeded +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script -- 2.30.2