+ /* Do postmaster check if requested; if a full check is required, we
+ check for RCPT TO:<postmaster> (no domain) in accordance with RFC 821. */
+
+ if (done && pm_mailfrom != NULL)
+ {
+ /* Could possibly shift before main verify, just above, and be ok
+ for cutthrough. But no way to handle a subsequent rcpt, so just
+ refuse any */
+ cancel_cutthrough_connection("postmaster verify");
+ HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of postmaster verify\n");
+
+ done =
+ smtp_write_command(&outblock, FALSE, "RSET\r\n") >= 0 &&
+ smtp_read_response(&inblock, responsebuffer,
+ sizeof(responsebuffer), '2', callout) &&
+
+ smtp_write_command(&outblock, FALSE,
+ "MAIL FROM:<%s>\r\n", pm_mailfrom) >= 0 &&
+ smtp_read_response(&inblock, responsebuffer,
+ sizeof(responsebuffer), '2', callout) &&
+
+ /* First try using the current domain */
+
+ ((
+ smtp_write_command(&outblock, FALSE,
+ "RCPT TO:<postmaster@%.1000s>\r\n", rcpt_domain) >= 0 &&
+ smtp_read_response(&inblock, responsebuffer,
+ sizeof(responsebuffer), '2', callout)
+ )
+
+ ||
+
+ /* If that doesn't work, and a full check is requested,
+ try without the domain. */
+
+ (
+ (options & vopt_callout_fullpm) != 0 &&
+ smtp_write_command(&outblock, FALSE,
+ "RCPT TO:<postmaster>\r\n") >= 0 &&
+ smtp_read_response(&inblock, responsebuffer,
+ sizeof(responsebuffer), '2', callout)
+ ));
+
+ /* Sort out the cache record */
+
+ new_domain_record.postmaster_stamp = time(NULL);
+
+ if (done)
+ new_domain_record.postmaster_result = ccache_accept;
+ else if (errno == 0 && responsebuffer[0] == '5')
+ {
+ *failure_ptr = US"postmaster";
+ setflag(addr, af_verify_pmfail);
+ new_domain_record.postmaster_result = ccache_reject;
+ }
+ }
+ } /* Random not accepted */
+ } /* MAIL FROM: accepted */
+
+ /* For any failure of the main check, other than a negative response, we just
+ close the connection and carry on. We can identify a negative response by the
+ fact that errno is zero. For I/O errors it will be non-zero