* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
#include "../exim.h"
(void *)(offsetof(dnslookup_router_options_block, check_secondary_mx)) },
{ "check_srv", opt_stringptr,
(void *)(offsetof(dnslookup_router_options_block, check_srv)) },
- { "dnssec_request_domains", opt_stringptr,
- (void *)(offsetof(dnslookup_router_options_block, dnssec_request_domains)) },
- { "dnssec_require_domains", opt_stringptr,
- (void *)(offsetof(dnslookup_router_options_block, dnssec_require_domains)) },
{ "fail_defer_domains", opt_stringptr,
(void *)(offsetof(dnslookup_router_options_block, fail_defer_domains)) },
{ "mx_domains", opt_stringptr,
NULL, /* mx_fail_domains */
NULL, /* srv_fail_domains */
NULL, /* check_srv */
- NULL, /* dnssec_request_domains */
- NULL, /* dnssec_require_domains */
NULL /* fail_defer_domains */
};
rc = host_find_bydns(&h, CUS rblock->ignore_target_hosts, flags, srv_service,
ob->srv_fail_domains, ob->mx_fail_domains,
- ob->dnssec_request_domains, ob->dnssec_require_domains,
- &fully_qualified_name, &removed);
+ &rblock->dnssec, &fully_qualified_name, &removed);
if (removed) setflag(addr, af_local_host_removed);
/* If host found with only address records, test for the domain's being in
/* Deferral returns forthwith, and anything other than failure breaks the
loop. */
+ if (rc == HOST_FIND_SECURITY)
+ {
+ addr->message = US"host lookup done insecurely";
+ return DEFER;
+ }
if (rc == HOST_FIND_AGAIN)
{
if (rblock->pass_on_timeout)
if (rc != HOST_FIND_FAILED) break;
+ if (ob->fail_defer_domains)
+ switch(match_isinlist(fully_qualified_name,
+ CUSS &ob->fail_defer_domains, 0,
+ &domainlist_anchor, addr->domain_cache, MCL_DOMAIN, TRUE, NULL))
+ {
+ case DEFER:
+ addr->message = US"lookup defer for fail_defer_domains option";
+ return DEFER;
+
+ case OK:
+ DEBUG(D_route) debug_printf("%s router: matched fail_defer_domains\n",
+ rblock->name);
+ addr->message = US"missing MX, or all MXs point to missing A records,"
+ " and defer requested";
+ return DEFER;
+ }
/* Check to see if the failure is the result of MX records pointing to
non-existent domains, and if so, set an appropriate error message; the case
of an MX or SRV record pointing to "." is another special case that we can
addr->message);
}
}
- if (ob->fail_defer_domains)
- {
- switch(match_isinlist(fully_qualified_name,
- CUSS &ob->fail_defer_domains, 0,
- &domainlist_anchor, addr->domain_cache, MCL_DOMAIN, TRUE, NULL))
- {
- case DEFER:
- addr->message = US"lookup defer for fail_defer_domains";
- return DEFER;
-
- case OK:
- DEBUG(D_route) debug_printf("%s router: matched fail_defer_domains\n",
- rblock->name);
- return DEFER;
- }
- }
return DECLINE;
}
/* Set up the errors address, if any. */
-rc = rf_get_errors_address(addr, rblock, verify, &(addr->p.errors_address));
+rc = rf_get_errors_address(addr, rblock, verify, &addr->prop.errors_address);
if (rc != OK) return rc;
/* Set up the additional and removeable headers for this address. */
-rc = rf_get_munge_headers(addr, rblock, &(addr->p.extra_headers),
- &(addr->p.remove_headers));
+rc = rf_get_munge_headers(addr, rblock, &addr->prop.extra_headers,
+ &addr->prop.remove_headers);
if (rc != OK) return rc;
/* Get store in which to preserve the original host item, chained on