-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.380 2006/07/21 16:48:42 jetmore Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.381 2006/07/27 10:13:52 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
JJ/02 exipick: rewrote --help documentation to hopefully make more clear.
+PH/23 Made -oMaa and -oMt work with -bh and -bs to pretend the connection is
+ authenticated or an ident call has been made. Suppress the default
+ values for $authenticated_id and $authenticated_sender (but permit -oMai
+ and -oMas) when testing with -bh.
+
Exim version 4.62
-----------------
-/* $Cambridge: exim/src/src/exim.c,v 1.41 2006/07/13 13:53:33 ph10 Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.42 2006/07/27 10:13:52 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
BOOL one_msg_action = FALSE;
BOOL queue_only_set = FALSE;
BOOL receiving_message = TRUE;
+BOOL sender_ident_set = FALSE;
BOOL unprivileged;
BOOL removed_privilege = FALSE;
BOOL verify_address_mode = FALSE;
/* -oMt: Set sender ident */
- else if (Ustrcmp(argrest, "Mt") == 0) sender_ident = argv[++i];
+ else if (Ustrcmp(argrest, "Mt") == 0)
+ {
+ sender_ident_set = TRUE;
+ sender_ident = argv[++i];
+ }
/* Else a bad argument */
sender_local = TRUE;
/* A trusted caller can supply authenticated_sender and authenticated_id
- via -oMas and -oMai and if so, they will already be set. */
+ via -oMas and -oMai and if so, they will already be set. Otherwise, force
+ defaults except when host checking. */
- if (authenticated_sender == NULL)
+ if (authenticated_sender == NULL && !host_checking)
authenticated_sender = string_sprintf("%s@%s", originator_login,
qualify_domain_sender);
- if (authenticated_id == NULL) authenticated_id = originator_login;
+ if (authenticated_id == NULL && !host_checking)
+ authenticated_id = originator_login;
}
/* Trusted callers are always permitted to specify the sender address.
}
/* Handle host checking: this facility mocks up an incoming SMTP call from a
-given IP address so that the blocking and relay configuration can be tested. An
-RFC 1413 call is made only if we are running in the test harness and an
-incoming interface and both ports are specified, because there is no TCP/IP
-call to find the ident for. */
+given IP address so that the blocking and relay configuration can be tested.
+Unless a sender_ident was set by -oMt, we discard it (the default is the
+caller's login name). An RFC 1413 call is made only if we are running in the
+test harness and an incoming interface and both ports are specified, because
+there is no TCP/IP call to find the ident for. */
if (host_checking)
{
int x[4];
int size;
- sender_ident = NULL;
- if (running_in_test_harness && sender_host_port != 0 &&
- interface_address != NULL && interface_port != 0)
- verify_get_ident(1413);
+ if (!sender_ident_set)
+ {
+ sender_ident = NULL;
+ if (running_in_test_harness && sender_host_port != 0 &&
+ interface_address != NULL && interface_port != 0)
+ verify_get_ident(1413);
+ }
/* In case the given address is a non-canonical IPv6 address, canonicize
it. The code works for both IPv4 and IPv6, as it happens. */
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.39 2006/07/13 13:53:33 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.40 2006/07/27 10:13:52 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
memset(sender_host_cache, 0, sizeof(sender_host_cache));
-sender_host_authenticated = NULL;
+/* If receiving by -bs from a trusted user, or testing with -bh, we allow
+authentication settings from -oMaa to remain in force. */
+
+if (!host_checking && !sender_host_notsocket) sender_host_authenticated = NULL;
authenticated_by = NULL;
#ifdef SUPPORT_TLS
--- /dev/null
+# Exim test configuration 0537
+
+TRUSTED=
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+# ----- Main settings -----
+
+acl_smtp_connect = connect
+acl_smtp_mail = mail
+acl_not_smtp_start = mail
+
+queue_only
+trusted_users = TRUSTED
+
+# ----- ACLs -----
+
+begin ACL
+
+connect:
+ accept acl = log
+
+mail:
+ accept acl = log
+ acl = auth
+
+log:
+ accept logwrite = ===========================================================
+ logwrite = sender_ip_address=[$sender_host_address]
+ logwrite = sender_host_authenticated=$sender_host_authenticated
+ logwrite = authenticated_id=$authenticated_id
+ logwrite = authenticated_sender=$authenticated_sender
+ logwrite = interface_address=[$interface_address]
+ logwrite = received_protocol=$received_protocol
+ logwrite = sender_host_name=$sender_host_name
+ logwrite = sender_ident=$sender_ident
+
+auth:
+ accept authenticated = *
+ logwrite = +++ host is authenticated +++
+
+ accept
+
--- /dev/null
+1999-03-02 09:44:33 ===========================================================
+1999-03-02 09:44:33 sender_ip_address=[5.6.7.8]
+1999-03-02 09:44:33 sender_host_authenticated=authname
+1999-03-02 09:44:33 authenticated_id=authid
+1999-03-02 09:44:33 authenticated_sender=authsender
+1999-03-02 09:44:33 interface_address=[9.10.11.12]
+1999-03-02 09:44:33 received_protocol=smtp
+1999-03-02 09:44:33 sender_host_name=hostname
+1999-03-02 09:44:33 sender_ident=ident
+1999-03-02 09:44:33 ===========================================================
+1999-03-02 09:44:33 sender_ip_address=[5.6.7.8]
+1999-03-02 09:44:33 sender_host_authenticated=authname
+1999-03-02 09:44:33 authenticated_id=authid
+1999-03-02 09:44:33 authenticated_sender=
+1999-03-02 09:44:33 interface_address=[9.10.11.12]
+1999-03-02 09:44:33 received_protocol=esmtpa
+1999-03-02 09:44:33 sender_host_name=hostname
+1999-03-02 09:44:33 sender_ident=ident
+1999-03-02 09:44:33 +++ host is authenticated +++
+1999-03-02 09:44:33 ===========================================================
+1999-03-02 09:44:33 sender_ip_address=[5.6.7.8]
+1999-03-02 09:44:33 sender_host_authenticated=authname
+1999-03-02 09:44:33 authenticated_id=authid
+1999-03-02 09:44:33 authenticated_sender=<asender@a.domain>
+1999-03-02 09:44:33 interface_address=[9.10.11.12]
+1999-03-02 09:44:33 received_protocol=esmtpa
+1999-03-02 09:44:33 sender_host_name=hostname
+1999-03-02 09:44:33 sender_ident=ident
+1999-03-02 09:44:33 +++ host is authenticated +++
+1999-03-02 09:44:33 ===========================================================
+1999-03-02 09:44:33 sender_ip_address=[5.6.7.8]
+1999-03-02 09:44:33 sender_host_authenticated=authname
+1999-03-02 09:44:33 authenticated_id=authid
+1999-03-02 09:44:33 authenticated_sender=authsender
+1999-03-02 09:44:33 interface_address=[9.10.11.12]
+1999-03-02 09:44:33 received_protocol=protocol
+1999-03-02 09:44:33 sender_host_name=hostname
+1999-03-02 09:44:33 sender_ident=ident
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex H=hostname [5.6.7.8] U=ident P=protocol A=authname:authid S=sss
--- /dev/null
+# -oMa... options in various situations
+exim -oMa 5.6.7.8 -bh 1.2.3.4
+quit
+****
+exim -bh 1.2.3.4 \
+ -oMa 5.6.7.8 \
+ -oMaa authname \
+ -oMai authid \
+ -oMr protocol \
+ -oMas authsender \
+ -oMi 9.10.11.12 \
+ -oMs hostname \
+ -oMt ident
+ehlo a.b
+mail from:<>
+rset
+mail from:<> auth=<asender@a.domain>
+quit
+****
+exim -DTRUSTED=CALLER \
+ -bs \
+ -oMa 5.6.7.8 \
+ -oMaa authname \
+ -oMai authid \
+ -oMr protocol \
+ -oMas authsender \
+ -oMi 9.10.11.12 \
+ -oMs hostname \
+ -oMt ident
+ehlo a.b
+mail from:<>
+rset
+mail from:<> auth=<asender@a.domain>
+quit
+****
+exim -DTRUSTED=CALLER \
+ -oMa 5.6.7.8 \
+ -oMaa authname \
+ -oMai authid \
+ -oMr protocol \
+ -oMas authsender \
+ -oMi 9.10.11.12 \
+ -oMs hostname \
+ -oMt ident \
+ userx
+****
+no_msglog_check
--- /dev/null
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> host in helo_verify_hosts? no (option unset)
+>>> host in helo_try_verify_hosts? no (option unset)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> using ACL "connect"
+>>> processing "accept"
+>>> check acl = log
+>>> using ACL "log"
+>>> processing "accept"
+>>> check logwrite = ===========================================================
+LOG: ===========================================================
+>>> check logwrite = sender_ip_address=[$sender_host_address]
+>>> = sender_ip_address=[1.2.3.4]
+LOG: sender_ip_address=[1.2.3.4]
+>>> check logwrite = sender_host_authenticated=$sender_host_authenticated
+>>> = sender_host_authenticated=
+LOG: sender_host_authenticated=
+>>> check logwrite = authenticated_id=$authenticated_id
+>>> = authenticated_id=
+LOG: authenticated_id=
+>>> check logwrite = authenticated_sender=$authenticated_sender
+>>> = authenticated_sender=
+LOG: authenticated_sender=
+>>> check logwrite = interface_address=[$interface_address]
+>>> = interface_address=[]
+LOG: interface_address=[]
+>>> check logwrite = received_protocol=$received_protocol
+>>> = received_protocol=smtp
+LOG: received_protocol=smtp
+>>> looking up host name for 1.2.3.4
+LOG: no host name found for IP address 1.2.3.4
+>>> check logwrite = sender_host_name=$sender_host_name
+>>> = sender_host_name=
+LOG: sender_host_name=
+>>> check logwrite = sender_ident=$sender_ident
+>>> = sender_ident=
+LOG: sender_ident=
+>>> accept: condition test succeeded
+>>> accept: condition test succeeded
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> host in helo_verify_hosts? no (option unset)
+>>> host in helo_try_verify_hosts? no (option unset)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> using ACL "connect"
+>>> processing "accept"
+>>> check acl = log
+>>> using ACL "log"
+>>> processing "accept"
+>>> check logwrite = ===========================================================
+LOG: ===========================================================
+>>> check logwrite = sender_ip_address=[$sender_host_address]
+>>> = sender_ip_address=[5.6.7.8]
+LOG: sender_ip_address=[5.6.7.8]
+>>> check logwrite = sender_host_authenticated=$sender_host_authenticated
+>>> = sender_host_authenticated=authname
+LOG: sender_host_authenticated=authname
+>>> check logwrite = authenticated_id=$authenticated_id
+>>> = authenticated_id=authid
+LOG: authenticated_id=authid
+>>> check logwrite = authenticated_sender=$authenticated_sender
+>>> = authenticated_sender=authsender
+LOG: authenticated_sender=authsender
+>>> check logwrite = interface_address=[$interface_address]
+>>> = interface_address=[9.10.11.12]
+LOG: interface_address=[9.10.11.12]
+>>> check logwrite = received_protocol=$received_protocol
+>>> = received_protocol=smtp
+LOG: received_protocol=smtp
+>>> check logwrite = sender_host_name=$sender_host_name
+>>> = sender_host_name=hostname
+LOG: sender_host_name=hostname
+>>> check logwrite = sender_ident=$sender_ident
+>>> = sender_ident=ident
+LOG: sender_ident=ident
+>>> accept: condition test succeeded
+>>> accept: condition test succeeded
+>>> host in pipelining_advertise_hosts? yes (matched "*")
+>>> using ACL "mail"
+>>> processing "accept"
+>>> check acl = log
+>>> using ACL "log"
+>>> processing "accept"
+>>> check logwrite = ===========================================================
+LOG: ===========================================================
+>>> check logwrite = sender_ip_address=[$sender_host_address]
+>>> = sender_ip_address=[5.6.7.8]
+LOG: sender_ip_address=[5.6.7.8]
+>>> check logwrite = sender_host_authenticated=$sender_host_authenticated
+>>> = sender_host_authenticated=authname
+LOG: sender_host_authenticated=authname
+>>> check logwrite = authenticated_id=$authenticated_id
+>>> = authenticated_id=authid
+LOG: authenticated_id=authid
+>>> check logwrite = authenticated_sender=$authenticated_sender
+>>> = authenticated_sender=
+LOG: authenticated_sender=
+>>> check logwrite = interface_address=[$interface_address]
+>>> = interface_address=[9.10.11.12]
+LOG: interface_address=[9.10.11.12]
+>>> check logwrite = received_protocol=$received_protocol
+>>> = received_protocol=esmtpa
+LOG: received_protocol=esmtpa
+>>> check logwrite = sender_host_name=$sender_host_name
+>>> = sender_host_name=hostname
+LOG: sender_host_name=hostname
+>>> check logwrite = sender_ident=$sender_ident
+>>> = sender_ident=ident
+LOG: sender_ident=ident
+>>> accept: condition test succeeded
+>>> check acl = auth
+>>> using ACL "auth"
+>>> processing "accept"
+>>> check authenticated = *
+>>> authname in "*"? yes (matched "*")
+>>> check logwrite = +++ host is authenticated +++
+LOG: +++ host is authenticated +++
+>>> accept: condition test succeeded
+>>> accept: condition test succeeded
+>>> using ACL "mail"
+>>> processing "accept"
+>>> check acl = log
+>>> using ACL "log"
+>>> processing "accept"
+>>> check logwrite = ===========================================================
+LOG: ===========================================================
+>>> check logwrite = sender_ip_address=[$sender_host_address]
+>>> = sender_ip_address=[5.6.7.8]
+LOG: sender_ip_address=[5.6.7.8]
+>>> check logwrite = sender_host_authenticated=$sender_host_authenticated
+>>> = sender_host_authenticated=authname
+LOG: sender_host_authenticated=authname
+>>> check logwrite = authenticated_id=$authenticated_id
+>>> = authenticated_id=authid
+LOG: authenticated_id=authid
+>>> check logwrite = authenticated_sender=$authenticated_sender
+>>> = authenticated_sender=<asender@a.domain>
+LOG: authenticated_sender=<asender@a.domain>
+>>> check logwrite = interface_address=[$interface_address]
+>>> = interface_address=[9.10.11.12]
+LOG: interface_address=[9.10.11.12]
+>>> check logwrite = received_protocol=$received_protocol
+>>> = received_protocol=esmtpa
+LOG: received_protocol=esmtpa
+>>> check logwrite = sender_host_name=$sender_host_name
+>>> = sender_host_name=hostname
+LOG: sender_host_name=hostname
+>>> check logwrite = sender_ident=$sender_ident
+>>> = sender_ident=ident
+LOG: sender_ident=ident
+>>> accept: condition test succeeded
+>>> check acl = auth
+>>> using ACL "auth"
+>>> processing "accept"
+>>> check authenticated = *
+>>> authname in "*"? yes (matched "*")
+>>> check logwrite = +++ host is authenticated +++
+LOG: +++ host is authenticated +++
+>>> accept: condition test succeeded
+>>> accept: condition test succeeded
--- /dev/null
+
+**** SMTP testing session as if from host 1.2.3.4
+**** but without any ident (RFC 1413) callback.
+**** This is not for real!
+
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+221 myhost.test.ex closing connection\r
+
+**** SMTP testing session as if from host 5.6.7.8
+**** but without any ident (RFC 1413) callback.
+**** This is not for real!
+
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello ident at hostname [5.6.7.8]\r
+250-SIZE 52428800\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Reset OK\r
+250 OK\r
+221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello ident at hostname [5.6.7.8]\r
+250-SIZE 52428800\r
+250-PIPELINING\r
+250 HELP\r
+250 OK\r
+250 Reset OK\r
+250 OK\r
+221 myhost.test.ex closing connection\r