1N/A * Copyright (c) 1998-2010 Sendmail, Inc. and its suppliers. 1N/A * All rights reserved. 1N/A * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 1N/A * Copyright (c) 1988, 1993 1N/A * The Regents of the University of California. All rights reserved. 1N/A * By using this file, you agree to the terms and conditions set 1N/A * forth in the LICENSE file which can be found at the top level of 1N/A * the sendmail distribution. 1N/A#
endif /* SASL || STARTTLS */ 1N/A#
endif /* STARTTLS */ 1N/A#
endif /* _FFR_DM_ONE */ 1N/A/* server features */ 1N/A#
endif /* _FFR_NO_PIPE */ 1N/A#
endif /* PIPELINING */ 1N/A#
define SRV_REQ_SEC 0x0800 /* require security - equiv to AuthOptions=p */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A** PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT) 1N/A** addr_st -- address (RCPT only) 1N/A** delimptr -- current position in read buffer 1N/A** args -- arguments (output) 1N/A** esmtp_args -- function to process a single ESMTP argument 1N/A /* locate the beginning of the keyword */ 1N/A /* skip to the value portion */ 1N/A /* skip to the end of the value */ 1N/A while (*p !=
'\0' && *p !=
' ' &&
1N/A** SMTP -- run the SMTP protocol. 1N/A** nullserver -- if non-NULL, rejection message for 1N/A** (almost) all SMTP commands. 1N/A** d_flags -- daemon flags 1N/A** e -- the envelope. 1N/A** Reads commands from the input channel and processes them. 1N/A** Notice: The smtp server doesn't have a session context like the client 1N/A** side has (mci). Therefore some data (session oriented) is allocated 1N/A** or assigned to the "wrong" structure (esp. STARTTLS, AUTH). 1N/A** This should be fixed in a successor version. 1N/A/* values for cmd_code */ 1N/A#
define CMDRCPT 2 /* rcpt -- designate recipient */ 1N/A#
define CMDQUIT 8 /* quit -- close connection and die */ 1N/A#
define CMDEHLO 11 /* ehlo -- extended helo (RFC 1425) */ 1N/A#
define CMDAUTH 13 /* auth -- SASL authenticate */ 1N/A#
define CMDSTLS 14 /* STARTTLS -- start TLS session */ 1N/A#
endif /* STARTTLS */ 1N/A/* non-standard commands */ 1N/A#
define CMDVERB 17 /* verb -- go into verbose mode */ 1N/A/* unimplemented commands from RFC 821 */ 1N/A/* use this to catch and log "door handle" attempts on your system */ 1N/A/* debugging-only commands, only enabled if SMTPDEBUG is defined */ 1N/A** Note: If you change this list, remember to update 'helpfile' 1N/A#
endif /* STARTTLS */ 1N/A /* remaining commands are here only to trap and log attempts to use them */ 1N/A#
endif /* ! MAXBADCOMMANDS */ 1N/A#
endif /* ! MAXHELOCOMMANDS */ 1N/A#
endif /* ! MAXVRFYCOMMANDS */ 1N/A#
endif /* ! MAXETRNCOMMANDS */ 1N/A#
endif /* ! MAXTIMEOUT */ 1N/A** Maximum shift value to compute timeout for bad commands. 1N/A** This introduces an upper limit of 2^MAXSHIFT for the timeout. 1N/A#
endif /* ! MAXSHIFT */ 1N/A#
endif /* MAXSHIFT */ 1N/A#
else /* MAXBADCOMMANDS > 0 */ 1N/A#
endif /* MAXBADCOMMANDS > 0 */ 1N/A "@(#)$Debug: leak_smtp - trace memory leaks during SMTP processing $");
1N/A#
endif /* SM_HEAP_CHECK */ 1N/A unsigned int sm_nrcpts;
/* number of successful RCPT commands */ 1N/A /* e_nrcpts from envelope before recipient() call */ 1N/A "Milter: %s=%s, reject=421, errormode=4", \
1N/A "Milter: %s=%s, reject=%s", \
1N/A "Milter: %s=%s, reject=550 5.7.1 Command rejected", \
1N/A "Milter: %s=%s, discard", \
1N/A "Milter: %s=%s, reject=%s", \
1N/A /* abort milter filters */ \
1N/A sm_dprintf(
"CLEAR_STATE: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n",\
1N/A /* clean up a bit */ \
1N/A /* put back discard bit */ \
1N/A /* restore connection quarantining */ \
1N/A/* sleep to flatten out connection load */ 1N/A/* is it worth setting the process title for 1s? */ 1N/A "%s: %s: delaying %s: load average: %d", \
1N/A "delaying=%s, load average=%d >= %d", \
1N/A register char *
volatile p;
1N/A bool vrfy;
/* set if this is a vrfy command */ 1N/A volatile unsigned int n_badcmds = 0;
/* count of bad commands */ 1N/A volatile unsigned int n_badrcpts = 0;
/* number of rejected RCPT */ 1N/A volatile unsigned int n_etrn = 0;
/* count of ETRN */ 1N/A volatile time_t wt;
/* timeout after too many commands */ 1N/A#
endif /* MAXINPLINE < MAXLINE */ 1N/A volatile unsigned int n_auth = 0;
/* count of AUTH commands */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A#
endif /* STARTTLS */ 1N/A#
endif /* _FFR_NO_PIPE */ 1N/A#
endif /* PIPELINING */ 1N/A#
endif /* _FFR_BADRCPT_SHUTDOWN */ 1N/A /* setup I/O fd correctly for the SMTP server */ 1N/A#
endif /* SM_HEAP_CHECK */ 1N/A /* XXX the rpool should be set when e is initialized in main() */ 1N/A /* check_relay may have set discard bit, save for later */ 1N/A /* auto-flush output when reading input */ 1N/A#
endif /* PIPELINING */ 1N/A /* Set default features for server. */ 1N/A#
endif /* PIPELINING */ 1N/A#
endif /* STARTTLS */ 1N/A "ERROR: srv_features=tempfail, relay=%.100s, access temporarily disabled",
1N/A /* for consistency */ 1N/A#
endif /* _FFR_NO_PIPE */ 1N/A#
endif /* PIPELINING */ 1N/A /* SASL server new connection */ 1N/A /* use empty realm: only works in SASL > 1.5.5 */ 1N/A#
else /* SASL >= 20000 */ 1N/A /* use no realm -> realm is set to hostname by SASL lib */ 1N/A#
endif /* SASL >= 20000 */ 1N/A "AUTH error: sasl_server_new failed=%d",
1N/A ** SASL set properties for sasl 1N/A ** XXX Cyrus SASL v1 only supports IPv4 1N/A#
endif /* NETINET6 */ 1N/A#
endif /* NETINET || NETINET6 */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* NETINET */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* set properties */ 1N/A /* XXX should these be options settable via .cf ? */ 1N/A /* ssp.min_ssf = 0; is default due to memset() */ 1N/A ** external security strength factor; 1N/A ** currently we have none so zero 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A#
endif /* STARTTLS */ 1N/A /* initialize mail filter connection */ 1N/A "Milter: initialization failed, rejecting commands");
1N/A "Milter: initialization failed, temp failing commands");
1N/A "Milter: initialization failed, closing connection");
1N/A /* arrange to ignore send list */ 1N/A "Milter: connect: host=%s, addr=%s, rejecting commands",
1N/A "Milter: connect: host=%s, addr=%s, temp failing commands",
1N/A "Milter: connect: host=%s, addr=%s, shutdown",
1N/A /* arrange to ignore send list */ 1N/A ** Broken proxies and SMTP slammers 1N/A ** push data without waiting, catch them 1N/A#
endif /* STARTTLS */ 1N/A /* Ask the rulesets how long to pause */ 1N/A /* pause for a moment */ 1N/A /* Obey RFC 2821: 4.3.5.2: 220 timeout of 5 minutes */ 1N/A /* check if data is on the socket during the pause */ 1N/A "rejecting commands from %s [%s] due to pre-greeting traffic after %d seconds",
1N/A /* If this an smtps connection, start TLS now */ 1N/A#
endif /* STARTTLS */ 1N/A /* output the first line, inserting "ESMTP" as second word */ 1N/A /* output remaining lines */ 1N/A /* sendinghost's storage must outlive the current envelope */ 1N/A /* setup for the read */ 1N/A /* read the input line */ 1N/A /* end of file, just die */ 1N/A /* close out milter filters */ 1N/A message(
"421 4.4.1 %s Lost input channel from %s",
1N/A "lost input channel from %s to %s after %s",
1N/A ** If have not accepted mail (DATA), do not bounce 1N/A ** bad addresses back to sender. 1N/A /* also used by "proxy" check below */ 1N/A ** SMTP AUTH requires accepting any length, 1N/A ** a limit is a bad idea (denial of service). 1N/A message(
"421 4.7.0 %s Command too long, possible attack %s",
1N/A "%s: SMTP violation, input too long: %lu",
1N/A /* Open proxy, drop it */ 1N/A "%s: probable open proxy: command=%.40s",
1N/A /* clean up end of line */ 1N/A ** if there is more input and pipelining is disabled: 1N/A ** delay ... (and maybe discard the input?) 1N/A ** XXX this doesn't really work, at least in tests using 1N/A ** telnet SM_IO_IS_READABLE only returns 1 if there were 1N/A ** more than 2 input lines available. 1N/A "unauthorized PIPELINING, sleeping, relay=%.100s",
1N/A#
endif /* _FFR_NO_PIPE */ 1N/A#
endif /* PIPELINING */ 1N/A /* could this be shorter? XXX */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A message(
"501 5.5.4 cannot decode AUTH parameter %s",
1N/A#
endif /* SASL >= 20000 */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* get an OK if we're done */ 1N/A /* get security strength (features) */ 1N/A#
else /* SASL >= 20000 */ 1N/A /* get security strength (features) */ 1N/A#
endif /* SASL >= 20000 */ 1N/A ** Only switch to encrypted connection 1N/A ** if a security layer has been negotiated 1N/A ** Convert I/O layer to use SASL. 1N/A ** If the call fails, the connection 1N/A /* restart dialogue */ 1N/A#
endif /* PIPELINING */ 1N/A /* NULL pointer ok since it's our function */ 1N/A "AUTH=server, relay=%s, authid=%.128s, mech=%.16s, bits=%d",
1N/A /* correct code? XXX */ 1N/A /* 454 Temp. authentication failure */ 1N/A message(
"454 4.5.4 Internal error: unable to encode64");
1N/A "AUTH encode64 error [%d for \"%s\"], relay=%.100s",
1N/A#
endif /* SASL >= 20000 */ 1N/A /* not SASL_OK or SASL_CONT */ 1N/A "AUTH failure (%s): %s (%d) %s, relay=%.100s",
1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* don't want to do any of this if authenticating */ 1N/A /* echo command to transcript */ 1N/A /* break off command */ 1N/A while (*p !=
'\0' &&
1N/A /* throw away leading whitespace */ 1N/A /* decode command */ 1N/A /* check whether a "non-null" command has been used */ 1N/A /* avoid information leak; take first two words? */ 1N/A ** If we are running as a null server, return 550 1N/A ** to almost everything. 1N/A /* process normally */ 1N/A /* theoretically this could overflow */ 1N/A message(
"421 4.7.0 %s Too many bad commands; closing connection",
1N/A /* arrange to ignore send list */ 1N/A#
endif /* MAXBADCOMMANDS > 0 */ 1N/A usrerr(
"452 4.4.5 Insufficient disk space; try again later");
1N/A message(
"503 5.5.0 AUTH not permitted during a mail transaction");
1N/A "SMTP AUTH command (%.100s) from %s tempfailed (due to previous checks)",
1N/A /* crude way to avoid crack attempts */ 1N/A /* make sure mechanism (p) is a valid string */ 1N/A while (*++q !=
'\0' &&
1N/A message(
"501 5.5.2 AUTH mechanism must be specified");
1N/A /* check whether mechanism is available */ 1N/A message(
"504 5.3.3 AUTH mechanism %.32s not available",
1N/A ** Unlike a zero-length client answer to a 1N/A ** 334 reply, a zero- length initial response 1N/A ** is sent as a single equals sign ("="). 1N/A /* will be free()d, don't use in=""; */ 1N/A /* could this be shorter? XXX */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A "AUTH decode64 error [%d for \"%s\"], relay=%.100s",
1N/A#
endif /* SASL >= 20000 */ 1N/A /* see if that auth type exists */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A "AUTH failure (%s): %s (%d) %s, relay=%.100s",
1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* ugly, but same code */ 1N/A /* authenticated by the initial response */ 1N/A /* len is at least 2 */ 1N/A message(
"454 4.5.4 Temporary authentication failure");
1N/A "AUTH encode64 error [%d for \"%s\"]",
1N/A#
endif /* SASL >= 20000 */ 1N/A message(
"501 5.5.2 Syntax error (no parameters allowed)");
1N/A message(
"454 4.3.3 TLS not available after start");
1N/A message(
"503 5.5.0 TLS not permitted during a mail transaction");
1N/A "SMTP STARTTLS command (%.100s) from %s tempfailed (due to previous checks)",
1N/A "STARTTLS=server, SSL_set_engine=failed");
1N/A#
endif /* USE_OPENSSL_ENGINE */ 1N/A ** XXX do we need a temp key ? 1N/A#
else /* TLS_NO_RSA */ 1N/A#
endif /* TLS_NO_RSA */ 1N/A ** Note: this sets the verification globally 1N/A ** it's ok since it applies only to one transaction 1N/A#
endif /* TLS_VRFY_PER_CTX */ 1N/A message(
"454 4.3.3 TLS not available: error generating SSL handle");
1N/A ** this could be used if it were possible to set 1N/A ** verification per SSL (connection) 1N/A ** not just per SSL_CTX (global) 1N/A#
endif /* !TLS_VRFY_PER_CTX */ 1N/A message(
"454 4.3.3 TLS not available: error set fd");
1N/A#
endif /* PIPELINING */ 1N/A "STARTTLS=server, error: accept failed=%d, SSL_error=%d, errno=%d, retry=%d, relay=%.100s",
1N/A ** according to the next draft of 1N/A ** RFC 2487 the connection should be dropped 1N/A /* arrange to ignore any current send list */ 1N/A /* ignore return code for now, it's in {verify} */ 1N/A ** call Stls_client to find out whether 1N/A ** to accept the connection from the client 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* switch to secure connection */ 1N/A#
endif /* PIPELINING */ 1N/A ** XXX this is an internal error 1N/A ** how to deal with it? 1N/A ** we can't generate an error message 1N/A ** since the other side switched to an 1N/A ** encrypted layer, but we could not... 1N/A nullserver =
"454 4.3.3 TLS not available: can't switch to encrypted layer";
1N/A syserr(
"STARTTLS: can't switch to encrypted layer");
1N/A#
endif /* STARTTLS */ 1N/A /* avoid denial-of-service */ 1N/A /* check for valid domain name (re 1123 5.2.5) */ 1N/A /* check for long domain name (hides Received: info) */ 1N/A "invalid domain name (too long) from %s",
1N/A for (q = p; *q !=
'\0'; q++)
1N/A /* only complain if strict check */ 1N/A /* allow trailing whitespace */ 1N/A while (!
ok && *++q !=
'\0' &&
1N/A q =
"pleased to meet you";
1N/A "invalid domain name (%s) from %.100s",
1N/A q =
"accepting invalid domain name";
1N/A "Milter: helo=%s, reject=Command rejected",
1N/A "Milter: helo=%s, reject=%s",
1N/A "Milter: helo=%s, reject=%s",
1N/A "Milter: helo=%s, reject=421 4.7.0 %s closing connection",
1N/A /* arrange to ignore send list */ 1N/A ** save between messages 1N/A /* print HELO response message */ 1N/A /* offer ENHSC even for nullserver */ 1N/A ** print EHLO features list 1N/A ** Note: If you change this list, 1N/A ** remember to update 'helpfile' 1N/A#
endif /* PIPELINING */ 1N/A#
endif /* MIME8TO7 */ 1N/A#
endif /* STARTTLS */ 1N/A /* < 0: no deliver-by */ 1N/A /* check for validity of this command */ 1N/A usrerr(
"503 5.0.0 Polite people say HELO first");
1N/A usrerr(
"503 5.5.0 Sender already specified");
1N/A "SMTP MAIL command (%.100s) from %s tempfailed (due to previous checks)",
1N/A /* make sure we know who the sending host is */ 1N/A#
endif /* SM_HEAP_CHECK */ 1N/A#
endif /* PICKY_HELO_CHECK */ 1N/A /* do the processing */ 1N/A /* must parse sender first */ 1N/A /* Successfully set e_from, allow logging */ 1N/A /* put resulting triple from parseaddr() into macros */ 1N/A /* check for possible spoofing */ 1N/A /* reset to default value */ 1N/A /* now parse ESMTP arguments */ 1N/A /* set the default AUTH= if the sender didn't */ 1N/A /* XXX only do this for an MSA? */ 1N/A ** XXX should we invoke Strust_auth now? 1N/A ** authorizing as the client that just 1N/A ** authenticated, so we'll trust implicitly 1N/A#
endif /* _FFR_AUTH_PASSING */ 1N/A /* do config file checking of the sender */ 1N/A /* make the "real" sender address available */ 1N/A#
endif /* _FFR_MAIL_MACRO */ 1N/A usrerr(
"552 5.2.3 Message size exceeds fixed maximum message size (%ld)",
1N/A ** XXX always check whether there is at least one fs 1N/A ** with enough space? 1N/A ** However, this may not help much: the queue group 1N/A ** selection may later on select a FS that hasn't 1N/A#
endif /* _FFR_ANY_FREE_FS */ 1N/A ** We perform this test again when the 1N/A ** queue directory is selected, in collect. 1N/A usrerr(
"452 4.4.5 Insufficient disk space; try again later");
1N/A ** An error occurred while processing a MAIL command. 1N/A ** Jump to the common error handling code. 1N/A ** hack to deal with hack, see below: 1N/A ** n_badrcpts is increased if limit is reached. 1N/A "%s: Possible SMTP RCPT flood, shutting down connection.",
1N/A message(
"421 4.7.0 %s Too many bad recipients; closing connection",
1N/A /* arrange to ignore any current send list */ 1N/A#
endif /* _FFR_BADRCPT_SHUTDOWN */ 1N/A "%s: Possible SMTP RCPT flood, throttling.",
1N/A /* To avoid duplicated message */ 1N/A ** Don't use exponential backoff for now. 1N/A ** Some systems will open more connections 1N/A ** and actually overload the receiver even 1N/A /* limit flooding of our machine */ 1N/A /* sleep(1); / * slow down? */ 1N/A#
endif /* _FFR_DM_ONE */ 1N/A ** Do not expand recipients at RCPT time (in the call 1N/A ** to recipient()) if a milter can delete or reject 1N/A ** a RCPT. If they are expanded, it is impossible 1N/A ** for removefromlist() to figure out the expanded 1N/A ** members of the original recipient and mark them 1N/A /* put resulting triple from parseaddr() into macros */ 1N/A /* now parse ESMTP arguments */ 1N/A ** rscheck() can trigger an "exception" 1N/A ** in which case the execution continues at 1N/A ** SM_EXCEPT(exc, "[!F]*") 1N/A ** This means milter_cmd_safe is not set 1N/A ** and hence milter is not invoked. 1N/A ** Would it be "safe" to change that, i.e., use 1N/A ** milter_cmd_safe = true; 1N/A ** here so a milter is informed (if requested) 1N/A ** about RCPTs that are rejected by check_rcpt? 1N/A /* do config file checking of the recipient */ 1N/A /* If discarding, don't bother to verify user */ 1N/A /* save in recipient list after ESMTP mods */ 1N/A /* may trigger exception... */ 1N/A /* punt -- should keep message in ADDRESS.... */ 1N/A /* how to get the error codes? */ 1N/A /* no errors during parsing, but might be a duplicate */ 1N/A " (will queue)" :
"");
1N/A /* Is this needed? */ 1N/A /* An exception occurred while processing RCPT */ 1N/A /* how to get the error codes? */ 1N/A "SMTP %s command (%.100s) from %s tempfailed (due to previous checks)",
1N/A /* RFC 821 doesn't allow 4xy reply code */ 1N/A message(
"252 2.5.2 Cannot VRFY user; try RCPT to attempt delivery (or try finger)");
1N/A message(
"502 5.7.0 Sorry, we do not allow this operation");
1N/A "%s: %s [rejected]",
1N/A usrerr(
"503 5.0.0 I demand that you introduce yourself first");
1N/A /* do config file checking of the address */ 1N/A /* see if there is more in the vrfy list */ 1N/A /* Don't leak queue information via debug flags */ 1N/A /* different message for MSA ? */ 1N/A message(
"502 5.7.0 Sorry, we do not allow this operation");
1N/A "%s: %s [rejected]",
1N/A "SMTP ETRN command (%.100s) from %s tempfailed (due to previous checks)",
1N/A /* crude way to avoid denial-of-service attacks */ 1N/A ** Do config file checking of the parameter. 1N/A ** Even though we have srv_features now, we still 1N/A ** need this ruleset because the former is called 1N/A ** when the connection has been established, while 1N/A ** this ruleset is called when the command is 1N/A ** actually issued and therefore has all information 1N/A ** available to make a decision. 1N/A message(
"250 2.0.0 Queuing for queue group %s started",
id);
1N/A message(
"250 2.0.0 Queuing for node %s started", p);
1N/A#
endif /* PIPELINING */ 1N/A /* arrange to ignore any current send list */ 1N/A /* shutdown TLS connection */ 1N/A#
endif /* STARTTLS */ 1N/A /* XXX sasl_done(); this is a child */ 1N/A /* avoid future 050 messages */ 1N/A /* close out milter filters */ 1N/A ** even though this id is "bogus", it makes 1N/A ** it simpler to "grep" related events, e.g., 1N/A ** timeouts for the same connection. 1N/A /* return to handle next connection */ 1N/A /* just to avoid bogus warning from some compilers */ 1N/A /* this would give out the same info */ 1N/A#
else /* SMTPDEBUG */ 1N/A#
endif /* SMTPDEBUG */ 1N/A "\"%s\" command from %s (%.100s)",
1N/A message(
"421 4.7.0 %s Too many bad commands; closing connection",
1N/A /* arrange to ignore any current send list */ 1N/A#
endif /* MAXBADCOMMANDS > 0 */ 1N/A "Sending \"%s\" to Milter",
inp);
1N/A /* MILTER_REPLY already gave an error */ 1N/A#
endif /* MILTER && SMFI_VERSION > 2 */ 1N/A usrerr(
"500 5.5.1 Command unrecognized: \"%s\"",
1N/A usrerr(
"502 5.5.1 Command not implemented: \"%s\"",
1N/A ** The only possible exception is "E:mta.quickabort". 1N/A ** There is nothing to do except fall through and loop. 1N/A** SMTP_DATA -- implement the SMTP DATA command. 1N/A** smtp -- status of SMTP connection. 1N/A** true iff SMTP session can continue. 1N/A** possibly sends message. 1N/A "Milter: cmd=data, reject=%s",
1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A "Milter: cmd=data, reject=550 5.7.1 Command rejected");
1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A "Milter: cmd=data, discard");
1N/A "Milter: cmd=data, reject=%s",
1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A "Milter: cmd=data, reject=421 4.7.0 %s closing connection",
1N/A#
endif /* MILTER && SMFI_VERSION > 3 */ 1N/A /* put back discard bit */ 1N/A /* check to see if we need to re-expand aliases */ 1N/A /* also reset QS_BADADDR on already-diagnosted addrs */ 1N/A /* need to re-expand aliases */ 1N/A /* make this "go away" */ 1N/A /* collect the text of the message */ 1N/A /* redefine message size */ 1N/A /* rscheck() will set Errors or EF_DISCARD if it trips */ 1N/A "Milter: data, reject=%s",
1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A "Milter: data, reject=554 5.7.1 Command rejected");
1N/A "Milter: data, discard");
1N/A "Milter: data, reject=%s",
1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A "Milter: data, reject=421 4.7.0 %s closing connection",
1N/A /* Milter may have changed message size */ 1N/A /* abort message filters that didn't get the body & log msg is OK */ 1N/A ** If SuperSafe is SAFE_REALLY_POSTMILTER, and we don't have milter or 1N/A ** milter accepted message, sync it now 1N/A ** XXX This is almost a copy of the code in collect(): put it into 1N/A ** a function that is called from both places? 1N/A syserr(
"@collect: bfcommit(%s): already on disk, size=%ld",
1N/A /* Now reopen the df file */ 1N/A /* we haven't acked receipt yet, so just chuck this */ 1N/A /* Check if quarantining stats should be updated */ 1N/A ** set EF_DISCARD, don't queueup the message -- 1N/A ** that would lose the EF_DISCARD bit and deliver 1N/A /* Log who the mail would have gone to */ 1N/A ** If something above refused the message, we still haven't 1N/A ** accepted responsibility for it. Don't send DSNs. 1N/A /* from now on, we have to operate silently */ 1N/A ** Clear message, it may contain an error from the SMTP dialogue. 1N/A ** This error must not show up in the queue. 1N/A ** Some error message should show up, e.g., alias database 1N/A ** not available, but others shouldn't, e.g., from check_rcpt. 1N/A ** Arrange to send to everyone. 1N/A ** If sending to multiple people, mail back 1N/A ** errors rather than reporting directly. 1N/A ** In any case, don't mail back errors for 1N/A ** anything that has happened up to 1N/A ** now (the other end will do this). 1N/A ** Truncate our transcript -- the mail has gotten 1N/A ** to us successfully, and if we have 1N/A ** to mail this back, it will be easier 1N/A ** Then send to everyone. 1N/A ** Finally give a reply code. If an error has 1N/A ** already been given, don't mail a 1N/A ** We goose error returns by clearing error bit. 1N/A#
endif /* NAMED_BIND */ 1N/A /* make sure we actually do delivery */ 1N/A /* from now on, operate silently */ 1N/A /* make sure it is in the queue */ 1N/A /* send to all recipients */ 1N/A#
endif /* _FFR_DM_ONE */ 1N/A /* put back id for SMTP logging in putoutmsg() */ 1N/A /* issue success message */ 1N/A#
endif /* _FFR_MSG_ACCEPT */ 1N/A /* if we just queued, poke it */ 1N/A /* close all the queue files */ 1N/A ** XXX if we don't do this, we get 250 twice 1N/A ** because it is also flushed in the child. 1N/A#
endif /* PIPELINING */ 1N/A sm_dprintf(
"abortmessage: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n",
1N/A /* clean up a bit */ 1N/A ** Call dropenvelope if and only if the envelope is *not* 1N/A ** being processed by the child process forked by doworklist(). 1N/A /* restore connection quarantining */ 1N/A** LOGUNDELRCPTS -- log undelivered (or all) recipients. 1N/A** msg -- message for Stat= 1N/A** level -- log level. 1N/A** all -- log all recipients. 1N/A** logs undelivered (or all) recipients 1N/A /* Clear $h so relay= doesn't get mislogged by logdelivery() */ 1N/A /* Log who the mail would have gone to */ 1N/A#
endif /* _FFR_MILTER_ENHSC */ 1N/A** CHECKSMTPATTACK -- check for denial-of-service attack by repetition 1N/A** pcounter -- pointer to a counter for this command. 1N/A** maxcount -- maximum value for this counter before we 1N/A** waitnow -- sleep now (in this routine)? 1N/A** cname -- command name for logging. 1N/A** e -- the current envelope. 1N/A** STOP_ATTACK if twice as many commands as allowed and 1N/A** Slows down if we seem to be under attack. 1N/A "%s: possible SMTP attack: command=%.40s, count=%u",
1N/A /* sleep at least 1 second before returning */ 1N/A** SETUP_SMTPD_IO -- setup I/O fd correctly for the SMTP server 1N/A** may change I/O fd. 1N/A /* arrange for debugging output to go to remote host */ 1N/A ** and connected to ttys 1N/A ** and fcntl(STDIN, F_SETFL, O_NONBLOCKING) also changes STDOUT, 1N/A ** then "chain" them together. 1N/A "fcntl(inchfd, F_GETFL) failed: %s",
1N/A "fcntl(outchfd, F_GETFL) failed: %s",
1N/A /* changing InChannel also changes OutChannel */ 1N/A "set automode for I (%d)/O (%d) in SMTP server",
1N/A /* undo change of inchfd */ 1N/A** SKIPWORD -- skip a fixed word. 1N/A** p -- place to start looking. 1N/A** w -- word to skip. 1N/A** clobbers the p data area. 1N/A register char *
volatile p;
1N/A /* find beginning of word */ 1N/A /* find end of word */ 1N/A usrerr(
"501 5.5.2 Syntax error in parameters scanning \"%s\"",
1N/A /* see if the input word matches desired word */ 1N/A** RESET_MAIL_ESMTP_ARGS -- process ESMTP arguments from MAIL line 1N/A** e -- the envelope. 1N/A /* "size": no reset */ 1N/A#
endif /* _FFR_AUTH_PASSING */ 1N/A** MAIL_ESMTP_ARGS -- process ESMTP arguments from MAIL line 1N/A** a -- address (unused, for compatibility with rcpt_esmtp_args) 1N/A** kp -- the parameter key. 1N/A** vp -- the value of that parameter. 1N/A** e -- the envelope. 1N/A usrerr(
"552 5.2.3 Message size exceeds maximum value");
1N/A usrerr(
"504 5.7.0 Sorry, ENVID not supported, we do not allow DSN");
1N/A usrerr(
"501 5.5.4 Syntax error in ENVID parameter value");
1N/A usrerr(
"501 5.5.0 Duplicate ENVID parameter");
1N/A usrerr(
"504 5.7.0 Sorry, RET not supported, we do not allow DSN");
1N/A usrerr(
"501 5.5.0 Duplicate AUTH parameter");
1N/A usrerr(
"501 5.5.4 Syntax error in AUTH parameter value");
1N/A /* just a warning? */ 1N/A /* XXX define this always or only if trusted? */ 1N/A ** call Strust_auth to find out whether 1N/A ** auth_param is acceptable (trusted) 1N/A ** we shouldn't trust it if not authenticated 1N/A ** (required by RFC, leave it to ruleset?) 1N/A#
endif /* _FFR_AUTH_PASSING */ 1N/A ** "by" is only accepted if DeliverByMin >= 0. 1N/A ** We maybe could add this to the list of server_features. 1N/A ++s;
/* XXX: spaces allowed? */ 1N/A usrerr(
"501 5.5.4 mode R requires BY time > 0");
1N/A ++s;
/* XXX: spaces allowed? */ 1N/A /* XXX: check whether more characters follow? */ 1N/A** RCPT_ESMTP_ARGS -- process ESMTP arguments from RCPT line 1N/A** a -- the address corresponding to the To: parameter. 1N/A** kp -- the parameter key. 1N/A** vp -- the value of that parameter. 1N/A** e -- the envelope. 1N/A usrerr(
"504 5.7.0 Sorry, NOTIFY not supported, we do not allow DSN");
1N/A usrerr(
"501 5.5.4 Bad argument \"%s\" to NOTIFY",
1N/A usrerr(
"504 5.7.0 Sorry, ORCPT not supported, we do not allow DSN");
1N/A usrerr(
"501 5.5.4 Syntax error in ORCPT parameter value");
1N/A usrerr(
"501 5.5.0 Duplicate ORCPT parameter");
1N/A** PRINTVRFYADDR -- print an entry in the verify queue 1N/A** a -- the address to print. 1N/A** last -- set if this is the last one. 1N/A** vrfy -- set if this is a VRFY command. 1N/A** Prints the appropriate 250 codes. 1N/A#
define OFFF (
3 +
1 +
5 +
1)
/* offset in fmt: SMTP reply + enh. code */ 1N/A** SASLMECHS -- get list of possible AUTH mechanisms 1N/A** conn -- SASL connection info. 1N/A** mechlist -- output parameter for list of mechanisms. 1N/A /* "user" is currently unused */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A "AUTH error: listmech=%d, num=%d",
1N/A "AUTH: available mech=%s, allowed mech=%s",
1N/A "AUTH warning: no mechanisms");
1N/A** PROXY_POLICY -- define proxy policy for AUTH 1N/A** context -- unused. 1N/A** requested_user -- authorization identity. 1N/A** rlen -- authorization identity length. 1N/A** auth_identity -- authentication identity. 1N/A** alen -- authentication identity length. 1N/A** def_realm -- default user realm. 1N/A** urlen -- user realm length. 1N/A** propctx -- unused. 1N/A** sets {auth_authen} macro. 1N/A#
else /* SASL >= 20000 */ 1N/A** PROXY_POLICY -- define proxy policy for AUTH 1N/A** context -- unused. 1N/A** auth_identity -- authentication identity. 1N/A** requested_user -- authorization identity. 1N/A** user -- allowed user (output). 1N/A** errstr -- possible error string (output). 1N/A#
endif /* SASL >= 20000 */ 1N/A** INITSRVTLS -- initialize server side TLS 1N/A** tls_ok -- should tls initialization be done? 1N/A** sets tls_ok_srv which is a static variable in this module. 1N/A** Do NOT remove assignments to it! 1N/A /* do NOT remove assignment */ 1N/A#
endif /* STARTTLS */ 1N/A** SRVFEATURES -- get features for SMTP server 1N/A** e -- envelope (should be session context). 1N/A** clientname -- name of client. 1N/A** features -- default features for this invocation. 1N/A/* table with options: it uses just one character, how about strings? */ 1N/A#
endif /* _FFR_NO_PIPE */ 1N/A#
endif /* PIPELINING */ 1N/A/* { 'T', SRV_TMP_FAIL }, */ 1N/A/* { 'Y', SRV_OFFER_VRFY }, */ 1N/A ** Since we can change some features per daemon, we have both 1N/A "srvfeatures: unknown feature %s",
1N/A** HELP -- implement the HELP command. 1N/A** topic -- the topic we want help for. 1N/A** outputs the help file to message output. 1N/A message(
"502 5.3.0 Sendmail %s -- HELP not implemented",
1N/A /* print version if no/old vers# in file */ 1N/A "%s too old (require version %d)",
1N/A /* avoid log next time */ 1N/A** RESET_SASLCONN -- reset SASL connection data 1N/A** conn -- SASL connection context 1N/A** hostname -- host name 1N/A** various connection data 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* SASL >= 20000 */ 1N/A /* use empty realm: only works in SASL > 1.5.5 */ 1N/A#
else /* SASL >= 20000 */ 1N/A /* use no realm -> realm is set to hostname by SASL lib */ 1N/A#
endif /* SASL >= 20000 */ 1N/A#
endif /* NETINET || NETINET6 */ 1N/A#
else /* SASL >= 20000 */ 1N/A#
endif /* NETINET */ 1N/A#
endif /* SASL >= 20000 */