1 /* 2 * Copyright (c) 1998-2003, 2006, 2012, 2013 Proofpoint, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: savemail.c,v 8.319 2013-11-22 20:51:56 ca Exp $") 17 18 static bool errbody __P((MCI *, ENVELOPE *, char *)); 19 static bool pruneroute __P((char *)); 20 21 /* 22 ** SAVEMAIL -- Save mail on error 23 ** 24 ** If mailing back errors, mail it back to the originator 25 ** together with an error message; otherwise, just put it in 26 ** dead.letter in the user's home directory (if he exists on 27 ** this machine). 28 ** 29 ** Parameters: 30 ** e -- the envelope containing the message in error. 31 ** sendbody -- if true, also send back the body of the 32 ** message; otherwise just send the header. 33 ** 34 ** Returns: 35 ** true if savemail panic'ed, (i.e., the data file should 36 ** be preserved by dropenvelope()) 37 ** 38 ** Side Effects: 39 ** Saves the letter, by writing or mailing it back to the 40 ** sender, or by putting it in dead.letter in her home 41 ** directory. 42 */ 43 44 /* defines for state machine */ 45 #define ESM_REPORT 0 /* report to sender's terminal */ 46 #define ESM_MAIL 1 /* mail back to sender */ 47 #define ESM_QUIET 2 /* mail has already been returned */ 48 #define ESM_DEADLETTER 3 /* save in ~/dead.letter */ 49 #define ESM_POSTMASTER 4 /* return to postmaster */ 50 #define ESM_DEADLETTERDROP 5 /* save in DeadLetterDrop */ 51 #define ESM_PANIC 6 /* call loseqfile() */ 52 #define ESM_DONE 7 /* message is successfully delivered */ 53 54 bool 55 savemail(e, sendbody) 56 register ENVELOPE *e; 57 bool sendbody; 58 { 59 register SM_FILE_T *fp; 60 bool panic = false; 61 int state; 62 auto ADDRESS *q = NULL; 63 register char *p; 64 MCI mcibuf; 65 int flags; 66 long sff; 67 char buf[MAXLINE + 1]; 68 char dlbuf[MAXPATHLEN]; 69 SM_MBDB_T user; 70 71 72 if (tTd(6, 1)) 73 { 74 sm_dprintf("\nsavemail, errormode = %c, id = %s, ExitStat = %d\n e_from=", 75 e->e_errormode, e->e_id == NULL ? "NONE" : e->e_id, 76 ExitStat); 77 printaddr(sm_debug_file(), &e->e_from, false); 78 } 79 80 if (e->e_id == NULL) 81 { 82 /* can't return a message with no id */ 83 return panic; 84 } 85 86 /* 87 ** In the unhappy event we don't know who to return the mail 88 ** to, make someone up. 89 */ 90 91 if (e->e_from.q_paddr == NULL) 92 { 93 e->e_sender = "Postmaster"; 94 if (parseaddr(e->e_sender, &e->e_from, 95 RF_COPYPARSE|RF_SENDERADDR, 96 '\0', NULL, e, false) == NULL) 97 { 98 syserr("553 5.3.5 Cannot parse Postmaster!"); 99 finis(true, true, EX_SOFTWARE); 100 } 101 } 102 e->e_to = NULL; 103 104 /* 105 ** Basic state machine. 106 ** 107 ** This machine runs through the following states: 108 ** 109 ** ESM_QUIET Errors have already been printed iff the 110 ** sender is local. 111 ** ESM_REPORT Report directly to the sender's terminal. 112 ** ESM_MAIL Mail response to the sender. 113 ** ESM_DEADLETTER Save response in ~/dead.letter. 114 ** ESM_POSTMASTER Mail response to the postmaster. 115 ** ESM_DEADLETTERDROP 116 ** If DeadLetterDrop set, save it there. 117 ** ESM_PANIC Save response anywhere possible. 118 */ 119 120 /* determine starting state */ 121 switch (e->e_errormode) 122 { 123 case EM_WRITE: 124 state = ESM_REPORT; 125 break; 126 127 case EM_BERKNET: 128 case EM_MAIL: 129 state = ESM_MAIL; 130 break; 131 132 case EM_PRINT: 133 case '\0': 134 state = ESM_QUIET; 135 break; 136 137 case EM_QUIET: 138 /* no need to return anything at all */ 139 return panic; 140 141 default: 142 syserr("554 5.3.0 savemail: bogus errormode x%x", 143 e->e_errormode); 144 state = ESM_MAIL; 145 break; 146 } 147 148 /* if this is already an error response, send to postmaster */ 149 if (bitset(EF_RESPONSE, e->e_flags)) 150 { 151 if (e->e_parent != NULL && 152 bitset(EF_RESPONSE, e->e_parent->e_flags)) 153 { 154 /* got an error sending a response -- can it */ 155 return panic; 156 } 157 state = ESM_POSTMASTER; 158 } 159 160 while (state != ESM_DONE) 161 { 162 if (tTd(6, 5)) 163 sm_dprintf(" state %d\n", state); 164 165 switch (state) 166 { 167 case ESM_QUIET: 168 if (bitnset(M_LOCALMAILER, e->e_from.q_mailer->m_flags)) 169 state = ESM_DEADLETTER; 170 else 171 state = ESM_MAIL; 172 break; 173 174 case ESM_REPORT: 175 176 /* 177 ** If the user is still logged in on the same terminal, 178 ** then write the error messages back to hir (sic). 179 */ 180 181 #if USE_TTYPATH 182 p = ttypath(); 183 #else /* USE_TTYPATH */ 184 p = NULL; 185 #endif /* USE_TTYPATH */ 186 187 if (p == NULL || sm_io_reopen(SmFtStdio, 188 SM_TIME_DEFAULT, 189 p, SM_IO_WRONLY, NULL, 190 smioout) == NULL) 191 { 192 state = ESM_MAIL; 193 break; 194 } 195 196 expand("\201n", buf, sizeof(buf), e); 197 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, 198 "\r\nMessage from %s...\r\n", buf); 199 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, 200 "Errors occurred while sending mail.\r\n"); 201 if (e->e_xfp != NULL) 202 { 203 (void) bfrewind(e->e_xfp); 204 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, 205 "Transcript follows:\r\n"); 206 while (sm_io_fgets(e->e_xfp, SM_TIME_DEFAULT, 207 buf, sizeof(buf)) >= 0 && 208 !sm_io_error(smioout)) 209 (void) sm_io_fputs(smioout, 210 SM_TIME_DEFAULT, 211 buf); 212 } 213 else 214 { 215 syserr("Cannot open %s", 216 queuename(e, XSCRPT_LETTER)); 217 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, 218 "Transcript of session is unavailable.\r\n"); 219 } 220 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, 221 "Original message will be saved in dead.letter.\r\n"); 222 state = ESM_DEADLETTER; 223 break; 224 225 case ESM_MAIL: 226 /* 227 ** If mailing back, do it. 228 ** Throw away all further output. Don't alias, 229 ** since this could cause loops, e.g., if joe 230 ** mails to joe@x, and for some reason the network 231 ** for @x is down, then the response gets sent to 232 ** joe@x, which gives a response, etc. Also force 233 ** the mail to be delivered even if a version of 234 ** it has already been sent to the sender. 235 ** 236 ** If this is a configuration or local software 237 ** error, send to the local postmaster as well, 238 ** since the originator can't do anything 239 ** about it anyway. Note that this is a full 240 ** copy of the message (intentionally) so that 241 ** the Postmaster can forward things along. 242 */ 243 244 if (ExitStat == EX_CONFIG || ExitStat == EX_SOFTWARE) 245 { 246 (void) sendtolist("postmaster", NULLADDR, 247 &e->e_errorqueue, 0, e); 248 } 249 if (!emptyaddr(&e->e_from)) 250 { 251 char from[TOBUFSIZE]; 252 253 if (sm_strlcpy(from, e->e_from.q_paddr, 254 sizeof(from)) >= sizeof(from)) 255 { 256 state = ESM_POSTMASTER; 257 break; 258 } 259 260 if (!DontPruneRoutes) 261 (void) pruneroute(from); 262 263 (void) sendtolist(from, NULLADDR, 264 &e->e_errorqueue, 0, e); 265 } 266 267 /* 268 ** Deliver a non-delivery report to the 269 ** Postmaster-designate (not necessarily 270 ** Postmaster). This does not include the 271 ** body of the message, for privacy reasons. 272 ** You really shouldn't need this. 273 */ 274 275 e->e_flags |= EF_PM_NOTIFY; 276 277 /* check to see if there are any good addresses */ 278 for (q = e->e_errorqueue; q != NULL; q = q->q_next) 279 { 280 if (QS_IS_SENDABLE(q->q_state)) 281 break; 282 } 283 if (q == NULL) 284 { 285 /* this is an error-error */ 286 state = ESM_POSTMASTER; 287 break; 288 } 289 if (returntosender(e->e_message, e->e_errorqueue, 290 sendbody ? RTSF_SEND_BODY 291 : RTSF_NO_BODY, 292 e) == 0) 293 { 294 state = ESM_DONE; 295 break; 296 } 297 298 /* didn't work -- return to postmaster */ 299 state = ESM_POSTMASTER; 300 break; 301 302 case ESM_POSTMASTER: 303 /* 304 ** Similar to previous case, but to system postmaster. 305 */ 306 307 q = NULL; 308 expand(DoubleBounceAddr, buf, sizeof(buf), e); 309 310 /* 311 ** Just drop it on the floor if DoubleBounceAddr 312 ** expands to an empty string. 313 */ 314 315 if (*buf == '\0') 316 { 317 state = ESM_DONE; 318 break; 319 } 320 if (sendtolist(buf, NULLADDR, &q, 0, e) <= 0) 321 { 322 syserr("553 5.3.0 cannot parse %s!", buf); 323 ExitStat = EX_SOFTWARE; 324 state = ESM_DEADLETTERDROP; 325 break; 326 } 327 flags = RTSF_PM_BOUNCE; 328 if (sendbody) 329 flags |= RTSF_SEND_BODY; 330 if (returntosender(e->e_message, q, flags, e) == 0) 331 { 332 state = ESM_DONE; 333 break; 334 } 335 336 /* didn't work -- last resort */ 337 state = ESM_DEADLETTERDROP; 338 break; 339 340 case ESM_DEADLETTER: 341 /* 342 ** Save the message in dead.letter. 343 ** If we weren't mailing back, and the user is 344 ** local, we should save the message in 345 ** ~/dead.letter so that the poor person doesn't 346 ** have to type it over again -- and we all know 347 ** what poor typists UNIX users are. 348 */ 349 350 p = NULL; 351 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 352 { 353 if (e->e_from.q_home != NULL) 354 p = e->e_from.q_home; 355 else if (sm_mbdb_lookup(e->e_from.q_user, &user) 356 == EX_OK && 357 *user.mbdb_homedir != '\0') 358 p = user.mbdb_homedir; 359 } 360 if (p == NULL || e->e_dfp == NULL) 361 { 362 /* no local directory or no data file */ 363 state = ESM_MAIL; 364 break; 365 } 366 367 /* we have a home directory; write dead.letter */ 368 macdefine(&e->e_macro, A_TEMP, 'z', p); 369 370 /* get the sender for the UnixFromLine */ 371 p = macvalue('g', e); 372 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender); 373 374 expand("\201z/dead.letter", dlbuf, sizeof(dlbuf), e); 375 sff = SFF_CREAT|SFF_REGONLY|SFF_RUNASREALUID; 376 if (RealUid == 0) 377 sff |= SFF_ROOTOK; 378 e->e_to = dlbuf; 379 if (writable(dlbuf, NULL, sff) && 380 mailfile(dlbuf, FileMailer, NULL, sff, e) == EX_OK) 381 { 382 int oldverb = Verbose; 383 384 if (OpMode != MD_DAEMON && OpMode != MD_SMTP) 385 Verbose = 1; 386 if (Verbose > 0) 387 message("Saved message in %s", dlbuf); 388 Verbose = oldverb; 389 macdefine(&e->e_macro, A_PERM, 'g', p); 390 state = ESM_DONE; 391 break; 392 } 393 macdefine(&e->e_macro, A_PERM, 'g', p); 394 state = ESM_MAIL; 395 break; 396 397 case ESM_DEADLETTERDROP: 398 /* 399 ** Log the mail in DeadLetterDrop file. 400 */ 401 402 if (e->e_class < 0) 403 { 404 state = ESM_DONE; 405 break; 406 } 407 408 if ((SafeFileEnv != NULL && SafeFileEnv[0] != '\0') || 409 DeadLetterDrop == NULL || 410 DeadLetterDrop[0] == '\0') 411 { 412 state = ESM_PANIC; 413 break; 414 } 415 416 sff = SFF_CREAT|SFF_REGONLY|SFF_ROOTOK|SFF_OPENASROOT|SFF_MUSTOWN; 417 if (!writable(DeadLetterDrop, NULL, sff) || 418 (fp = safefopen(DeadLetterDrop, O_WRONLY|O_APPEND, 419 FileMode, sff)) == NULL) 420 { 421 state = ESM_PANIC; 422 break; 423 } 424 425 memset(&mcibuf, '\0', sizeof(mcibuf)); 426 mcibuf.mci_out = fp; 427 mcibuf.mci_mailer = FileMailer; 428 if (bitnset(M_7BITS, FileMailer->m_flags)) 429 mcibuf.mci_flags |= MCIF_7BIT; 430 431 /* get the sender for the UnixFromLine */ 432 p = macvalue('g', e); 433 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender); 434 435 if (!putfromline(&mcibuf, e) || 436 !(*e->e_puthdr)(&mcibuf, e->e_header, e, 437 M87F_OUTER) || 438 !(*e->e_putbody)(&mcibuf, e, NULL) || 439 !putline("\n", &mcibuf) || 440 sm_io_flush(fp, SM_TIME_DEFAULT) == SM_IO_EOF || 441 sm_io_error(fp) || 442 sm_io_close(fp, SM_TIME_DEFAULT) < 0) 443 state = ESM_PANIC; 444 else 445 { 446 int oldverb = Verbose; 447 448 if (OpMode != MD_DAEMON && OpMode != MD_SMTP) 449 Verbose = 1; 450 if (Verbose > 0) 451 message("Saved message in %s", 452 DeadLetterDrop); 453 Verbose = oldverb; 454 if (LogLevel > 3) 455 sm_syslog(LOG_NOTICE, e->e_id, 456 "Saved message in %s", 457 DeadLetterDrop); 458 state = ESM_DONE; 459 } 460 macdefine(&e->e_macro, A_PERM, 'g', p); 461 break; 462 463 default: 464 syserr("554 5.3.5 savemail: unknown state %d", state); 465 /* FALLTHROUGH */ 466 467 case ESM_PANIC: 468 /* leave the locked queue & transcript files around */ 469 loseqfile(e, "savemail panic"); 470 panic = true; 471 errno = 0; 472 syserr("554 savemail: cannot save rejected email anywhere"); 473 state = ESM_DONE; 474 break; 475 } 476 } 477 return panic; 478 } 479 /* 480 ** RETURNTOSENDER -- return a message to the sender with an error. 481 ** 482 ** Parameters: 483 ** msg -- the explanatory message. 484 ** returnq -- the queue of people to send the message to. 485 ** flags -- flags tweaking the operation: 486 ** RTSF_SENDBODY -- include body of message (otherwise 487 ** just send the header). 488 ** RTSF_PMBOUNCE -- this is a postmaster bounce. 489 ** e -- the current envelope. 490 ** 491 ** Returns: 492 ** zero -- if everything went ok. 493 ** else -- some error. 494 ** 495 ** Side Effects: 496 ** Returns the current message to the sender via mail. 497 */ 498 499 #define MAXRETURNS 6 /* max depth of returning messages */ 500 #define ERRORFUDGE 1024 /* nominal size of error message text */ 501 502 int 503 returntosender(msg, returnq, flags, e) 504 char *msg; 505 ADDRESS *returnq; 506 int flags; 507 register ENVELOPE *e; 508 { 509 int ret; 510 register ENVELOPE *ee; 511 ENVELOPE *oldcur = CurEnv; 512 ENVELOPE errenvelope; 513 static int returndepth = 0; 514 register ADDRESS *q; 515 char *p; 516 char buf[MAXNAME + 1]; 517 518 if (returnq == NULL) 519 return -1; 520 521 if (msg == NULL) 522 msg = "Unable to deliver mail"; 523 524 if (tTd(6, 1)) 525 { 526 sm_dprintf("\n*** Return To Sender: msg=\"%s\", depth=%d, e=%p, returnq=", 527 msg, returndepth, e); 528 printaddr(sm_debug_file(), returnq, true); 529 if (tTd(6, 20)) 530 { 531 sm_dprintf("Sendq="); 532 printaddr(sm_debug_file(), e->e_sendqueue, true); 533 } 534 } 535 536 if (++returndepth >= MAXRETURNS) 537 { 538 if (returndepth != MAXRETURNS) 539 syserr("554 5.3.0 returntosender: infinite recursion on %s", 540 returnq->q_paddr); 541 /* don't "unrecurse" and fake a clean exit */ 542 /* returndepth--; */ 543 return 0; 544 } 545 546 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender); 547 macdefine(&e->e_macro, A_PERM, 'u', NULL); 548 549 /* initialize error envelope */ 550 ee = newenvelope(&errenvelope, e, sm_rpool_new_x(NULL)); 551 macdefine(&ee->e_macro, A_PERM, 'a', "\201b"); 552 macdefine(&ee->e_macro, A_PERM, 'r', ""); 553 macdefine(&ee->e_macro, A_PERM, 's', "localhost"); 554 macdefine(&ee->e_macro, A_PERM, '_', "localhost"); 555 clrsessenvelope(ee); 556 557 ee->e_puthdr = putheader; 558 ee->e_putbody = errbody; 559 ee->e_flags |= EF_RESPONSE|EF_METOO; 560 if (!bitset(EF_OLDSTYLE, e->e_flags)) 561 ee->e_flags &= ~EF_OLDSTYLE; 562 if (bitset(EF_DONT_MIME, e->e_flags)) 563 { 564 ee->e_flags |= EF_DONT_MIME; 565 566 /* 567 ** If we can't convert to MIME and we don't pass 568 ** 8-bit, we can't send the body. 569 */ 570 571 if (bitset(EF_HAS8BIT, e->e_flags) && 572 !bitset(MM_PASS8BIT, MimeMode)) 573 flags &= ~RTSF_SEND_BODY; 574 } 575 576 ee->e_sendqueue = returnq; 577 ee->e_msgsize = 0; 578 if (bitset(RTSF_SEND_BODY, flags) && 579 !bitset(PRIV_NOBODYRETN, PrivacyFlags)) 580 ee->e_msgsize = ERRORFUDGE + e->e_msgsize; 581 else 582 ee->e_flags |= EF_NO_BODY_RETN; 583 584 #if _FFR_BOUNCE_QUEUE 585 if (BounceQueue != NOQGRP) 586 ee->e_qgrp = ee->e_dfqgrp = BounceQueue; 587 #endif /* _FFR_BOUNCE_QUEUE */ 588 if (!setnewqueue(ee)) 589 { 590 syserr("554 5.3.0 returntosender: cannot select queue for %s", 591 returnq->q_paddr); 592 ExitStat = EX_UNAVAILABLE; 593 returndepth--; 594 return -1; 595 } 596 initsys(ee); 597 598 #if NAMED_BIND 599 _res.retry = TimeOuts.res_retry[RES_TO_FIRST]; 600 _res.retrans = TimeOuts.res_retrans[RES_TO_FIRST]; 601 #endif /* NAMED_BIND */ 602 for (q = returnq; q != NULL; q = q->q_next) 603 { 604 if (QS_IS_BADADDR(q->q_state)) 605 continue; 606 607 q->q_flags &= ~(QHASNOTIFY|Q_PINGFLAGS); 608 q->q_flags |= QPINGONFAILURE; 609 610 if (!QS_IS_DEAD(q->q_state)) 611 ee->e_nrcpts++; 612 613 if (q->q_alias == NULL) 614 addheader("To", q->q_paddr, 0, ee, true); 615 } 616 617 if (LogLevel > 5) 618 { 619 if (bitset(EF_RESPONSE, e->e_flags)) 620 p = "return to sender"; 621 else if (bitset(EF_WARNING, e->e_flags)) 622 p = "sender notify"; 623 else if (bitset(RTSF_PM_BOUNCE, flags)) 624 p = "postmaster notify"; 625 else 626 p = "DSN"; 627 sm_syslog(LOG_INFO, e->e_id, "%s: %s: %s", 628 ee->e_id, p, shortenstring(msg, MAXSHORTSTR)); 629 } 630 631 if (SendMIMEErrors) 632 { 633 addheader("MIME-Version", "1.0", 0, ee, true); 634 (void) sm_snprintf(buf, sizeof(buf), "%s.%ld/%.100s", 635 ee->e_id, (long)curtime(), MyHostName); 636 ee->e_msgboundary = sm_rpool_strdup_x(ee->e_rpool, buf); 637 (void) sm_snprintf(buf, sizeof(buf), 638 #if DSN 639 "multipart/report; report-type=delivery-status;\n\tboundary=\"%s\"", 640 #else /* DSN */ 641 "multipart/mixed; boundary=\"%s\"", 642 #endif /* DSN */ 643 ee->e_msgboundary); 644 addheader("Content-Type", buf, 0, ee, true); 645 646 p = hvalue("Content-Transfer-Encoding", e->e_header); 647 if (p != NULL && sm_strcasecmp(p, "binary") != 0) 648 p = NULL; 649 if (p == NULL && bitset(EF_HAS8BIT, e->e_flags)) 650 p = "8bit"; 651 if (p != NULL) 652 addheader("Content-Transfer-Encoding", p, 0, ee, true); 653 } 654 if (strncmp(msg, "Warning:", 8) == 0) 655 { 656 addheader("Subject", msg, 0, ee, true); 657 p = "warning-timeout"; 658 } 659 else if (strncmp(msg, "Postmaster warning:", 19) == 0) 660 { 661 addheader("Subject", msg, 0, ee, true); 662 p = "postmaster-warning"; 663 } 664 else if (strcmp(msg, "Return receipt") == 0) 665 { 666 addheader("Subject", msg, 0, ee, true); 667 p = "return-receipt"; 668 } 669 else if (bitset(RTSF_PM_BOUNCE, flags)) 670 { 671 (void) sm_snprintf(buf, sizeof(buf), 672 "Postmaster notify: see transcript for details"); 673 addheader("Subject", buf, 0, ee, true); 674 p = "postmaster-notification"; 675 } 676 else 677 { 678 (void) sm_snprintf(buf, sizeof(buf), 679 "Returned mail: see transcript for details"); 680 addheader("Subject", buf, 0, ee, true); 681 p = "failure"; 682 } 683 (void) sm_snprintf(buf, sizeof(buf), "auto-generated (%s)", p); 684 addheader("Auto-Submitted", buf, 0, ee, true); 685 686 /* fake up an address header for the from person */ 687 expand("\201n", buf, sizeof(buf), e); 688 if (parseaddr(buf, &ee->e_from, 689 RF_COPYALL|RF_SENDERADDR, '\0', NULL, e, false) == NULL) 690 { 691 syserr("553 5.3.5 Can't parse myself!"); 692 ExitStat = EX_SOFTWARE; 693 returndepth--; 694 return -1; 695 } 696 ee->e_from.q_flags &= ~(QHASNOTIFY|Q_PINGFLAGS); 697 ee->e_from.q_flags |= QPINGONFAILURE; 698 ee->e_sender = ee->e_from.q_paddr; 699 700 /* push state into submessage */ 701 CurEnv = ee; 702 macdefine(&ee->e_macro, A_PERM, 'f', "\201n"); 703 macdefine(&ee->e_macro, A_PERM, 'x', "Mail Delivery Subsystem"); 704 eatheader(ee, true, true); 705 706 /* mark statistics */ 707 markstats(ee, NULLADDR, STATS_NORMAL); 708 709 #if _FFR_BOUNCE_QUEUE 710 if (BounceQueue == NOQGRP) 711 { 712 #endif 713 /* actually deliver the error message */ 714 sendall(ee, SM_DELIVER); 715 #if _FFR_BOUNCE_QUEUE 716 } 717 #endif 718 (void) dropenvelope(ee, true, false); 719 720 /* check for delivery errors */ 721 ret = -1; 722 if (ee->e_parent == NULL || 723 !bitset(EF_RESPONSE, ee->e_parent->e_flags)) 724 { 725 ret = 0; 726 } 727 else 728 { 729 for (q = ee->e_sendqueue; q != NULL; q = q->q_next) 730 { 731 if (QS_IS_ATTEMPTED(q->q_state)) 732 { 733 ret = 0; 734 break; 735 } 736 } 737 } 738 739 /* restore state */ 740 sm_rpool_free(ee->e_rpool); 741 CurEnv = oldcur; 742 returndepth--; 743 744 return ret; 745 } 746 747 /* 748 ** ERRBODY -- output the body of an error message. 749 ** 750 ** Typically this is a copy of the transcript plus a copy of the 751 ** original offending message. 752 ** 753 ** Parameters: 754 ** mci -- the mailer connection information. 755 ** e -- the envelope we are working in. 756 ** separator -- any possible MIME separator (unused). 757 ** 758 ** Returns: 759 ** true iff body was written successfully 760 ** 761 ** Side Effects: 762 ** Outputs the body of an error message. 763 */ 764 765 /* ARGSUSED2 */ 766 static bool 767 errbody(mci, e, separator) 768 register MCI *mci; 769 register ENVELOPE *e; 770 char *separator; 771 { 772 bool printheader; 773 bool sendbody; 774 bool pm_notify; 775 int save_errno; 776 register SM_FILE_T *xfile; 777 char *p; 778 register ADDRESS *q = NULL; 779 char actual[MAXLINE]; 780 char buf[MAXLINE]; 781 782 if (bitset(MCIF_INHEADER, mci->mci_flags)) 783 { 784 if (!putline("", mci)) 785 goto writeerr; 786 mci->mci_flags &= ~MCIF_INHEADER; 787 } 788 if (e->e_parent == NULL) 789 { 790 syserr("errbody: null parent"); 791 if (!putline(" ----- Original message lost -----\n", mci)) 792 goto writeerr; 793 return true; 794 } 795 796 /* 797 ** Output MIME header. 798 */ 799 800 if (e->e_msgboundary != NULL) 801 { 802 (void) sm_strlcpyn(buf, sizeof(buf), 2, "--", e->e_msgboundary); 803 if (!putline("This is a MIME-encapsulated message", mci) || 804 !putline("", mci) || 805 !putline(buf, mci) || 806 !putline("", mci)) 807 goto writeerr; 808 } 809 810 /* 811 ** Output introductory information. 812 */ 813 814 pm_notify = false; 815 p = hvalue("subject", e->e_header); 816 if (p != NULL && strncmp(p, "Postmaster ", 11) == 0) 817 pm_notify = true; 818 else 819 { 820 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next) 821 { 822 if (QS_IS_BADADDR(q->q_state)) 823 break; 824 } 825 } 826 if (!pm_notify && q == NULL && 827 !bitset(EF_FATALERRS|EF_SENDRECEIPT, e->e_parent->e_flags)) 828 { 829 if (!putline(" **********************************************", 830 mci) || 831 !putline(" ** THIS IS A WARNING MESSAGE ONLY **", 832 mci) || 833 !putline(" ** YOU DO NOT NEED TO RESEND YOUR MESSAGE **", 834 mci) || 835 !putline(" **********************************************", 836 mci) || 837 !putline("", mci)) 838 goto writeerr; 839 } 840 (void) sm_snprintf(buf, sizeof(buf), 841 "The original message was received at %s", 842 arpadate(ctime(&e->e_parent->e_ctime))); 843 if (!putline(buf, mci)) 844 goto writeerr; 845 expand("from \201_", buf, sizeof(buf), e->e_parent); 846 if (!putline(buf, mci)) 847 goto writeerr; 848 849 /* include id in postmaster copies */ 850 if (pm_notify && e->e_parent->e_id != NULL) 851 { 852 (void) sm_strlcpyn(buf, sizeof(buf), 2, "with id ", 853 e->e_parent->e_id); 854 if (!putline(buf, mci)) 855 goto writeerr; 856 } 857 if (!putline("", mci)) 858 goto writeerr; 859 860 /* 861 ** Output error message header (if specified and available). 862 */ 863 864 if (ErrMsgFile != NULL && 865 !bitset(EF_SENDRECEIPT, e->e_parent->e_flags)) 866 { 867 if (*ErrMsgFile == '/') 868 { 869 long sff = SFF_ROOTOK|SFF_REGONLY; 870 871 if (DontLockReadFiles) 872 sff |= SFF_NOLOCK; 873 if (!bitnset(DBS_ERRORHEADERINUNSAFEDIRPATH, 874 DontBlameSendmail)) 875 sff |= SFF_SAFEDIRPATH; 876 xfile = safefopen(ErrMsgFile, O_RDONLY, 0444, sff); 877 if (xfile != NULL) 878 { 879 while (sm_io_fgets(xfile, SM_TIME_DEFAULT, buf, 880 sizeof(buf)) >= 0) 881 { 882 int lbs; 883 bool putok; 884 char *lbp; 885 886 lbs = sizeof(buf); 887 lbp = translate_dollars(buf, buf, &lbs); 888 expand(lbp, lbp, lbs, e); 889 putok = putline(lbp, mci); 890 if (lbp != buf) 891 sm_free(lbp); 892 if (!putok) 893 goto writeerr; 894 } 895 (void) sm_io_close(xfile, SM_TIME_DEFAULT); 896 if (!putline("\n", mci)) 897 goto writeerr; 898 } 899 } 900 else 901 { 902 expand(ErrMsgFile, buf, sizeof(buf), e); 903 if (!putline(buf, mci) || !putline("", mci)) 904 goto writeerr; 905 } 906 } 907 908 /* 909 ** Output message introduction 910 */ 911 912 /* permanent fatal errors */ 913 printheader = true; 914 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next) 915 { 916 if (!QS_IS_BADADDR(q->q_state) || 917 !bitset(QPINGONFAILURE, q->q_flags)) 918 continue; 919 920 if (printheader) 921 { 922 if (!putline(" ----- The following addresses had permanent fatal errors -----", 923 mci)) 924 goto writeerr; 925 printheader = false; 926 } 927 928 (void) sm_strlcpy(buf, shortenstring(q->q_paddr, MAXSHORTSTR), 929 sizeof(buf)); 930 if (!putline(buf, mci)) 931 goto writeerr; 932 if (q->q_rstatus != NULL) 933 { 934 (void) sm_snprintf(buf, sizeof(buf), 935 " (reason: %s)", 936 shortenstring(exitstat(q->q_rstatus), 937 MAXSHORTSTR)); 938 if (!putline(buf, mci)) 939 goto writeerr; 940 } 941 if (q->q_alias != NULL) 942 { 943 (void) sm_snprintf(buf, sizeof(buf), 944 " (expanded from: %s)", 945 shortenstring(q->q_alias->q_paddr, 946 MAXSHORTSTR)); 947 if (!putline(buf, mci)) 948 goto writeerr; 949 } 950 } 951 if (!printheader && !putline("", mci)) 952 goto writeerr; 953 954 /* transient non-fatal errors */ 955 printheader = true; 956 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next) 957 { 958 if (QS_IS_BADADDR(q->q_state) || 959 !bitset(QPRIMARY, q->q_flags) || 960 !bitset(QBYNDELAY, q->q_flags) || 961 !bitset(QDELAYED, q->q_flags)) 962 continue; 963 964 if (printheader) 965 { 966 if (!putline(" ----- The following addresses had transient non-fatal errors -----", 967 mci)) 968 goto writeerr; 969 printheader = false; 970 } 971 972 (void) sm_strlcpy(buf, shortenstring(q->q_paddr, MAXSHORTSTR), 973 sizeof(buf)); 974 if (!putline(buf, mci)) 975 goto writeerr; 976 if (q->q_alias != NULL) 977 { 978 (void) sm_snprintf(buf, sizeof(buf), 979 " (expanded from: %s)", 980 shortenstring(q->q_alias->q_paddr, 981 MAXSHORTSTR)); 982 if (!putline(buf, mci)) 983 goto writeerr; 984 } 985 } 986 if (!printheader && !putline("", mci)) 987 goto writeerr; 988 989 /* successful delivery notifications */ 990 printheader = true; 991 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next) 992 { 993 if (QS_IS_BADADDR(q->q_state) || 994 !bitset(QPRIMARY, q->q_flags) || 995 bitset(QBYNDELAY, q->q_flags) || 996 bitset(QDELAYED, q->q_flags)) 997 continue; 998 else if (bitset(QBYNRELAY, q->q_flags)) 999 p = "Deliver-By notify: relayed"; 1000 else if (bitset(QBYTRACE, q->q_flags)) 1001 p = "Deliver-By trace: relayed"; 1002 else if (!bitset(QPINGONSUCCESS, q->q_flags)) 1003 continue; 1004 else if (bitset(QRELAYED, q->q_flags)) 1005 p = "relayed to non-DSN-aware mailer"; 1006 else if (bitset(QDELIVERED, q->q_flags)) 1007 { 1008 if (bitset(QEXPANDED, q->q_flags)) 1009 p = "successfully delivered to mailing list"; 1010 else 1011 p = "successfully delivered to mailbox"; 1012 } 1013 else if (bitset(QEXPANDED, q->q_flags)) 1014 p = "expanded by alias"; 1015 else 1016 continue; 1017 1018 if (printheader) 1019 { 1020 if (!putline(" ----- The following addresses had successful delivery notifications -----", 1021 mci)) 1022 goto writeerr; 1023 printheader = false; 1024 } 1025 1026 (void) sm_snprintf(buf, sizeof(buf), "%s (%s)", 1027 shortenstring(q->q_paddr, MAXSHORTSTR), p); 1028 if (!putline(buf, mci)) 1029 goto writeerr; 1030 if (q->q_alias != NULL) 1031 { 1032 (void) sm_snprintf(buf, sizeof(buf), 1033 " (expanded from: %s)", 1034 shortenstring(q->q_alias->q_paddr, 1035 MAXSHORTSTR)); 1036 if (!putline(buf, mci)) 1037 goto writeerr; 1038 } 1039 } 1040 if (!printheader && !putline("", mci)) 1041 goto writeerr; 1042 1043 /* 1044 ** Output transcript of errors 1045 */ 1046 1047 (void) sm_io_flush(smioout, SM_TIME_DEFAULT); 1048 if (e->e_parent->e_xfp == NULL) 1049 { 1050 if (!putline(" ----- Transcript of session is unavailable -----\n", 1051 mci)) 1052 goto writeerr; 1053 } 1054 else 1055 { 1056 int blen; 1057 1058 printheader = true; 1059 (void) bfrewind(e->e_parent->e_xfp); 1060 if (e->e_xfp != NULL) 1061 (void) sm_io_flush(e->e_xfp, SM_TIME_DEFAULT); 1062 while ((blen = sm_io_fgets(e->e_parent->e_xfp, SM_TIME_DEFAULT, 1063 buf, sizeof(buf))) >= 0) 1064 { 1065 if (printheader && !putline(" ----- Transcript of session follows -----\n", 1066 mci)) 1067 goto writeerr; 1068 printheader = false; 1069 if (!putxline(buf, blen, mci, PXLF_MAPFROM)) 1070 goto writeerr; 1071 } 1072 } 1073 errno = 0; 1074 1075 #if DSN 1076 /* 1077 ** Output machine-readable version. 1078 */ 1079 1080 if (e->e_msgboundary != NULL) 1081 { 1082 (void) sm_strlcpyn(buf, sizeof(buf), 2, "--", e->e_msgboundary); 1083 if (!putline("", mci) || 1084 !putline(buf, mci) || 1085 !putline("Content-Type: message/delivery-status", mci) || 1086 !putline("", mci)) 1087 goto writeerr; 1088 1089 /* 1090 ** Output per-message information. 1091 */ 1092 1093 /* original envelope id from MAIL FROM: line */ 1094 if (e->e_parent->e_envid != NULL) 1095 { 1096 (void) sm_snprintf(buf, sizeof(buf), 1097 "Original-Envelope-Id: %.800s", 1098 xuntextify(e->e_parent->e_envid)); 1099 if (!putline(buf, mci)) 1100 goto writeerr; 1101 } 1102 1103 /* Reporting-MTA: is us (required) */ 1104 (void) sm_snprintf(buf, sizeof(buf), 1105 "Reporting-MTA: dns; %.800s", MyHostName); 1106 if (!putline(buf, mci)) 1107 goto writeerr; 1108 1109 /* DSN-Gateway: not relevant since we are not translating */ 1110 1111 /* Received-From-MTA: shows where we got this message from */ 1112 if (RealHostName != NULL) 1113 { 1114 /* XXX use $s for type? */ 1115 if (e->e_parent->e_from.q_mailer == NULL || 1116 (p = e->e_parent->e_from.q_mailer->m_mtatype) == NULL) 1117 p = "dns"; 1118 (void) sm_snprintf(buf, sizeof(buf), 1119 "Received-From-MTA: %s; %.800s", 1120 p, RealHostName); 1121 if (!putline(buf, mci)) 1122 goto writeerr; 1123 } 1124 1125 /* Arrival-Date: -- when it arrived here */ 1126 (void) sm_strlcpyn(buf, sizeof(buf), 2, "Arrival-Date: ", 1127 arpadate(ctime(&e->e_parent->e_ctime))); 1128 if (!putline(buf, mci)) 1129 goto writeerr; 1130 1131 /* Deliver-By-Date: -- when it should have been delivered */ 1132 if (IS_DLVR_BY(e->e_parent)) 1133 { 1134 time_t dbyd; 1135 1136 dbyd = e->e_parent->e_ctime + e->e_parent->e_deliver_by; 1137 (void) sm_strlcpyn(buf, sizeof(buf), 2, 1138 "Deliver-By-Date: ", 1139 arpadate(ctime(&dbyd))); 1140 if (!putline(buf, mci)) 1141 goto writeerr; 1142 } 1143 1144 /* 1145 ** Output per-address information. 1146 */ 1147 1148 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next) 1149 { 1150 char *action; 1151 1152 if (QS_IS_BADADDR(q->q_state)) 1153 { 1154 /* RFC 1891, 6.2.6 (b) */ 1155 if (bitset(QHASNOTIFY, q->q_flags) && 1156 !bitset(QPINGONFAILURE, q->q_flags)) 1157 continue; 1158 action = "failed"; 1159 } 1160 else if (!bitset(QPRIMARY, q->q_flags)) 1161 continue; 1162 else if (bitset(QDELIVERED, q->q_flags)) 1163 { 1164 if (bitset(QEXPANDED, q->q_flags)) 1165 action = "delivered (to mailing list)"; 1166 else 1167 action = "delivered (to mailbox)"; 1168 } 1169 else if (bitset(QRELAYED, q->q_flags)) 1170 action = "relayed (to non-DSN-aware mailer)"; 1171 else if (bitset(QEXPANDED, q->q_flags)) 1172 action = "expanded (to multi-recipient alias)"; 1173 else if (bitset(QDELAYED, q->q_flags)) 1174 action = "delayed"; 1175 else if (bitset(QBYTRACE, q->q_flags)) 1176 action = "relayed (Deliver-By trace mode)"; 1177 else if (bitset(QBYNDELAY, q->q_flags)) 1178 action = "delayed (Deliver-By notify mode)"; 1179 else if (bitset(QBYNRELAY, q->q_flags)) 1180 action = "relayed (Deliver-By notify mode)"; 1181 else 1182 continue; 1183 1184 if (!putline("", mci)) 1185 goto writeerr; 1186 1187 /* Original-Recipient: -- passed from on high */ 1188 if (q->q_orcpt != NULL) 1189 { 1190 p = strchr(q->q_orcpt, ';'); 1191 1192 /* 1193 ** p == NULL shouldn't happen due to 1194 ** check in srvrsmtp.c 1195 ** we could log an error in this case. 1196 */ 1197 1198 if (p != NULL) 1199 { 1200 *p = '\0'; 1201 (void) sm_snprintf(buf, sizeof(buf), 1202 "Original-Recipient: %.100s;%.700s", 1203 q->q_orcpt, xuntextify(p + 1)); 1204 *p = ';'; 1205 if (!putline(buf, mci)) 1206 goto writeerr; 1207 } 1208 } 1209 1210 /* Figure out actual recipient */ 1211 actual[0] = '\0'; 1212 if (q->q_user[0] != '\0') 1213 { 1214 if (q->q_mailer != NULL && 1215 q->q_mailer->m_addrtype != NULL) 1216 p = q->q_mailer->m_addrtype; 1217 else 1218 p = "rfc822"; 1219 1220 if (sm_strcasecmp(p, "rfc822") == 0 && 1221 strchr(q->q_user, '@') == NULL) 1222 { 1223 (void) sm_snprintf(actual, 1224 sizeof(actual), 1225 "%s; %.700s@%.100s", 1226 p, q->q_user, 1227 MyHostName); 1228 } 1229 else 1230 { 1231 (void) sm_snprintf(actual, 1232 sizeof(actual), 1233 "%s; %.800s", 1234 p, q->q_user); 1235 } 1236 } 1237 1238 /* Final-Recipient: -- the name from the RCPT command */ 1239 if (q->q_finalrcpt == NULL) 1240 { 1241 /* should never happen */ 1242 sm_syslog(LOG_ERR, e->e_id, 1243 "returntosender: q_finalrcpt is NULL"); 1244 1245 /* try to fall back to the actual recipient */ 1246 if (actual[0] != '\0') 1247 q->q_finalrcpt = sm_rpool_strdup_x(e->e_rpool, 1248 actual); 1249 } 1250 1251 if (q->q_finalrcpt != NULL) 1252 { 1253 (void) sm_snprintf(buf, sizeof(buf), 1254 "Final-Recipient: %s", 1255 q->q_finalrcpt); 1256 if (!putline(buf, mci)) 1257 goto writeerr; 1258 } 1259 1260 /* X-Actual-Recipient: -- the real problem address */ 1261 if (actual[0] != '\0' && 1262 q->q_finalrcpt != NULL && 1263 !bitset(PRIV_NOACTUALRECIPIENT, PrivacyFlags) && 1264 strcmp(actual, q->q_finalrcpt) != 0) 1265 { 1266 (void) sm_snprintf(buf, sizeof(buf), 1267 "X-Actual-Recipient: %s", 1268 actual); 1269 if (!putline(buf, mci)) 1270 goto writeerr; 1271 } 1272 1273 /* Action: -- what happened? */ 1274 (void) sm_strlcpyn(buf, sizeof(buf), 2, "Action: ", 1275 action); 1276 if (!putline(buf, mci)) 1277 goto writeerr; 1278 1279 /* Status: -- what _really_ happened? */ 1280 if (q->q_status != NULL) 1281 p = q->q_status; 1282 else if (QS_IS_BADADDR(q->q_state)) 1283 p = "5.0.0"; 1284 else if (QS_IS_QUEUEUP(q->q_state)) 1285 p = "4.0.0"; 1286 else 1287 p = "2.0.0"; 1288 (void) sm_strlcpyn(buf, sizeof(buf), 2, "Status: ", p); 1289 if (!putline(buf, mci)) 1290 goto writeerr; 1291 1292 /* Remote-MTA: -- who was I talking to? */ 1293 if (q->q_statmta != NULL) 1294 { 1295 if (q->q_mailer == NULL || 1296 (p = q->q_mailer->m_mtatype) == NULL) 1297 p = "dns"; 1298 (void) sm_snprintf(buf, sizeof(buf), 1299 "Remote-MTA: %s; %.800s", 1300 p, q->q_statmta); 1301 p = &buf[strlen(buf) - 1]; 1302 if (*p == '.') 1303 *p = '\0'; 1304 if (!putline(buf, mci)) 1305 goto writeerr; 1306 } 1307 1308 /* Diagnostic-Code: -- actual result from other end */ 1309 if (q->q_rstatus != NULL) 1310 { 1311 if (q->q_mailer == NULL || 1312 (p = q->q_mailer->m_diagtype) == NULL) 1313 p = "smtp"; 1314 (void) sm_snprintf(buf, sizeof(buf), 1315 "Diagnostic-Code: %s; %.800s", 1316 p, q->q_rstatus); 1317 if (!putline(buf, mci)) 1318 goto writeerr; 1319 } 1320 1321 /* Last-Attempt-Date: -- fine granularity */ 1322 if (q->q_statdate == (time_t) 0L) 1323 q->q_statdate = curtime(); 1324 (void) sm_strlcpyn(buf, sizeof(buf), 2, 1325 "Last-Attempt-Date: ", 1326 arpadate(ctime(&q->q_statdate))); 1327 if (!putline(buf, mci)) 1328 goto writeerr; 1329 1330 /* Will-Retry-Until: -- for delayed messages only */ 1331 if (QS_IS_QUEUEUP(q->q_state)) 1332 { 1333 time_t xdate; 1334 1335 xdate = e->e_parent->e_ctime + 1336 TimeOuts.to_q_return[e->e_parent->e_timeoutclass]; 1337 (void) sm_strlcpyn(buf, sizeof(buf), 2, 1338 "Will-Retry-Until: ", 1339 arpadate(ctime(&xdate))); 1340 if (!putline(buf, mci)) 1341 goto writeerr; 1342 } 1343 } 1344 } 1345 #endif /* DSN */ 1346 1347 /* 1348 ** Output text of original message 1349 */ 1350 1351 if (!putline("", mci)) 1352 goto writeerr; 1353 if (bitset(EF_HAS_DF, e->e_parent->e_flags)) 1354 { 1355 sendbody = !bitset(EF_NO_BODY_RETN, e->e_parent->e_flags) && 1356 !bitset(EF_NO_BODY_RETN, e->e_flags); 1357 1358 if (e->e_msgboundary == NULL) 1359 { 1360 if (!putline( 1361 sendbody 1362 ? " ----- Original message follows -----\n" 1363 : " ----- Message header follows -----\n", 1364 mci)) 1365 { 1366 goto writeerr; 1367 } 1368 } 1369 else 1370 { 1371 (void) sm_strlcpyn(buf, sizeof(buf), 2, "--", 1372 e->e_msgboundary); 1373 1374 if (!putline(buf, mci)) 1375 goto writeerr; 1376 (void) sm_strlcpyn(buf, sizeof(buf), 2, "Content-Type: ", 1377 sendbody ? "message/rfc822" 1378 : "text/rfc822-headers"); 1379 if (!putline(buf, mci)) 1380 goto writeerr; 1381 1382 p = hvalue("Content-Transfer-Encoding", 1383 e->e_parent->e_header); 1384 if (p != NULL && sm_strcasecmp(p, "binary") != 0) 1385 p = NULL; 1386 if (p == NULL && 1387 bitset(EF_HAS8BIT, e->e_parent->e_flags)) 1388 p = "8bit"; 1389 if (p != NULL) 1390 { 1391 (void) sm_snprintf(buf, sizeof(buf), 1392 "Content-Transfer-Encoding: %s", 1393 p); 1394 if (!putline(buf, mci)) 1395 goto writeerr; 1396 } 1397 } 1398 if (!putline("", mci)) 1399 goto writeerr; 1400 save_errno = errno; 1401 if (!putheader(mci, e->e_parent->e_header, e->e_parent, 1402 M87F_OUTER)) 1403 goto writeerr; 1404 errno = save_errno; 1405 if (sendbody) 1406 { 1407 if (!putbody(mci, e->e_parent, e->e_msgboundary)) 1408 goto writeerr; 1409 } 1410 else if (e->e_msgboundary == NULL) 1411 { 1412 if (!putline("", mci) || 1413 !putline(" ----- Message body suppressed -----", 1414 mci)) 1415 { 1416 goto writeerr; 1417 } 1418 } 1419 } 1420 else if (e->e_msgboundary == NULL) 1421 { 1422 if (!putline(" ----- No message was collected -----\n", mci)) 1423 goto writeerr; 1424 } 1425 1426 if (e->e_msgboundary != NULL) 1427 { 1428 (void) sm_strlcpyn(buf, sizeof(buf), 3, "--", e->e_msgboundary, 1429 "--"); 1430 if (!putline("", mci) || !putline(buf, mci)) 1431 goto writeerr; 1432 } 1433 if (!putline("", mci) || 1434 sm_io_flush(mci->mci_out, SM_TIME_DEFAULT) == SM_IO_EOF) 1435 goto writeerr; 1436 1437 /* 1438 ** Cleanup and exit 1439 */ 1440 1441 if (errno != 0) 1442 { 1443 writeerr: 1444 syserr("errbody: I/O error"); 1445 return false; 1446 } 1447 return true; 1448 } 1449 1450 /* 1451 ** SMTPTODSN -- convert SMTP to DSN status code 1452 ** 1453 ** Parameters: 1454 ** smtpstat -- the smtp status code (e.g., 550). 1455 ** 1456 ** Returns: 1457 ** The DSN version of the status code. 1458 ** 1459 ** Storage Management: 1460 ** smtptodsn() returns a pointer to a character string literal, 1461 ** which will remain valid forever, and thus does not need to 1462 ** be copied. Current code relies on this property. 1463 */ 1464 1465 char * 1466 smtptodsn(smtpstat) 1467 int smtpstat; 1468 { 1469 if (smtpstat < 0) 1470 return "4.4.2"; 1471 1472 switch (smtpstat) 1473 { 1474 case 450: /* Req mail action not taken: mailbox unavailable */ 1475 return "4.2.0"; 1476 1477 case 451: /* Req action aborted: local error in processing */ 1478 return "4.3.0"; 1479 1480 case 452: /* Req action not taken: insufficient sys storage */ 1481 return "4.3.1"; 1482 1483 case 500: /* Syntax error, command unrecognized */ 1484 return "5.5.2"; 1485 1486 case 501: /* Syntax error in parameters or arguments */ 1487 return "5.5.4"; 1488 1489 case 502: /* Command not implemented */ 1490 return "5.5.1"; 1491 1492 case 503: /* Bad sequence of commands */ 1493 return "5.5.1"; 1494 1495 case 504: /* Command parameter not implemented */ 1496 return "5.5.4"; 1497 1498 case 550: /* Req mail action not taken: mailbox unavailable */ 1499 return "5.2.0"; 1500 1501 case 551: /* User not local; please try <...> */ 1502 return "5.1.6"; 1503 1504 case 552: /* Req mail action aborted: exceeded storage alloc */ 1505 return "5.2.2"; 1506 1507 case 553: /* Req action not taken: mailbox name not allowed */ 1508 return "5.1.0"; 1509 1510 case 554: /* Transaction failed */ 1511 return "5.0.0"; 1512 } 1513 1514 if (REPLYTYPE(smtpstat) == 2) 1515 return "2.0.0"; 1516 if (REPLYTYPE(smtpstat) == 4) 1517 return "4.0.0"; 1518 return "5.0.0"; 1519 } 1520 /* 1521 ** XTEXTIFY -- take regular text and turn it into DSN-style xtext 1522 ** 1523 ** Parameters: 1524 ** t -- the text to convert. 1525 ** taboo -- additional characters that must be encoded. 1526 ** 1527 ** Returns: 1528 ** The xtext-ified version of the same string. 1529 */ 1530 1531 char * 1532 xtextify(t, taboo) 1533 register char *t; 1534 char *taboo; 1535 { 1536 register char *p; 1537 int l; 1538 int nbogus; 1539 static char *bp = NULL; 1540 static int bplen = 0; 1541 1542 if (taboo == NULL) 1543 taboo = ""; 1544 1545 /* figure out how long this xtext will have to be */ 1546 nbogus = l = 0; 1547 for (p = t; *p != '\0'; p++) 1548 { 1549 register int c = (*p & 0xff); 1550 1551 /* ASCII dependence here -- this is the way the spec words it */ 1552 if (c < '!' || c > '~' || c == '+' || c == '\\' || c == '(' || 1553 strchr(taboo, c) != NULL) 1554 nbogus++; 1555 l++; 1556 } 1557 if (nbogus < 0) 1558 { 1559 /* since nbogus is ssize_t and wrapped, 2 * size_t would wrap */ 1560 syserr("!xtextify string too long"); 1561 } 1562 if (nbogus == 0) 1563 return t; 1564 l += nbogus * 2 + 1; 1565 1566 /* now allocate space if necessary for the new string */ 1567 if (l > bplen) 1568 { 1569 if (bp != NULL) 1570 sm_free(bp); /* XXX */ 1571 bp = sm_pmalloc_x(l); 1572 bplen = l; 1573 } 1574 1575 /* ok, copy the text with byte expansion */ 1576 for (p = bp; *t != '\0'; ) 1577 { 1578 register int c = (*t++ & 0xff); 1579 1580 /* ASCII dependence here -- this is the way the spec words it */ 1581 if (c < '!' || c > '~' || c == '+' || c == '\\' || c == '(' || 1582 strchr(taboo, c) != NULL) 1583 { 1584 *p++ = '+'; 1585 *p++ = "0123456789ABCDEF"[c >> 4]; 1586 *p++ = "0123456789ABCDEF"[c & 0xf]; 1587 } 1588 else 1589 *p++ = c; 1590 } 1591 *p = '\0'; 1592 return bp; 1593 } 1594 /* 1595 ** XUNTEXTIFY -- take xtext and turn it into plain text 1596 ** 1597 ** Parameters: 1598 ** t -- the xtextified text. 1599 ** 1600 ** Returns: 1601 ** The decoded text. No attempt is made to deal with 1602 ** null strings in the resulting text. 1603 */ 1604 1605 char * 1606 xuntextify(t) 1607 register char *t; 1608 { 1609 register char *p; 1610 int l; 1611 static char *bp = NULL; 1612 static int bplen = 0; 1613 1614 /* heuristic -- if no plus sign, just return the input */ 1615 if (strchr(t, '+') == NULL) 1616 return t; 1617 1618 /* xtext is always longer than decoded text */ 1619 l = strlen(t); 1620 if (l > bplen) 1621 { 1622 if (bp != NULL) 1623 sm_free(bp); /* XXX */ 1624 bp = xalloc(l); 1625 bplen = l; 1626 } 1627 1628 /* ok, copy the text with byte compression */ 1629 for (p = bp; *t != '\0'; t++) 1630 { 1631 register int c = *t & 0xff; 1632 1633 if (c != '+') 1634 { 1635 *p++ = c; 1636 continue; 1637 } 1638 1639 c = *++t & 0xff; 1640 if (!isascii(c) || !isxdigit(c)) 1641 { 1642 /* error -- first digit is not hex */ 1643 usrerr("bogus xtext: +%c", c); 1644 t--; 1645 continue; 1646 } 1647 if (isdigit(c)) 1648 c -= '0'; 1649 else if (isupper(c)) 1650 c -= 'A' - 10; 1651 else 1652 c -= 'a' - 10; 1653 *p = c << 4; 1654 1655 c = *++t & 0xff; 1656 if (!isascii(c) || !isxdigit(c)) 1657 { 1658 /* error -- second digit is not hex */ 1659 usrerr("bogus xtext: +%x%c", *p >> 4, c); 1660 t--; 1661 continue; 1662 } 1663 if (isdigit(c)) 1664 c -= '0'; 1665 else if (isupper(c)) 1666 c -= 'A' - 10; 1667 else 1668 c -= 'a' - 10; 1669 *p++ |= c; 1670 } 1671 *p = '\0'; 1672 return bp; 1673 } 1674 /* 1675 ** XTEXTOK -- check if a string is legal xtext 1676 ** 1677 ** Xtext is used in Delivery Status Notifications. The spec was 1678 ** taken from RFC 1891, ``SMTP Service Extension for Delivery 1679 ** Status Notifications''. 1680 ** 1681 ** Parameters: 1682 ** s -- the string to check. 1683 ** 1684 ** Returns: 1685 ** true -- if 's' is legal xtext. 1686 ** false -- if it has any illegal characters in it. 1687 */ 1688 1689 bool 1690 xtextok(s) 1691 char *s; 1692 { 1693 int c; 1694 1695 while ((c = *s++) != '\0') 1696 { 1697 if (c == '+') 1698 { 1699 c = *s++; 1700 if (!isascii(c) || !isxdigit(c)) 1701 return false; 1702 c = *s++; 1703 if (!isascii(c) || !isxdigit(c)) 1704 return false; 1705 } 1706 else if (c < '!' || c > '~' || c == '=') 1707 return false; 1708 } 1709 return true; 1710 } 1711 1712 /* 1713 ** ISATOM -- check if a string is an "atom" 1714 ** 1715 ** Parameters: 1716 ** s -- the string to check. 1717 ** 1718 ** Returns: 1719 ** true -- iff s is an atom 1720 */ 1721 1722 bool 1723 isatom(s) 1724 const char *s; 1725 { 1726 int c; 1727 1728 if (s == NULL || *s == '\0') 1729 return false; 1730 while ((c = *s++) != '\0') 1731 { 1732 if (strchr("()<>@,;:\\.[]\"", c) != NULL) 1733 return false; 1734 if (c < '!' || c > '~') 1735 return false; 1736 } 1737 return true; 1738 } 1739 /* 1740 ** PRUNEROUTE -- prune an RFC-822 source route 1741 ** 1742 ** Trims down a source route to the last internet-registered hop. 1743 ** This is encouraged by RFC 1123 section 5.3.3. 1744 ** 1745 ** Parameters: 1746 ** addr -- the address 1747 ** 1748 ** Returns: 1749 ** true -- address was modified 1750 ** false -- address could not be pruned 1751 ** 1752 ** Side Effects: 1753 ** modifies addr in-place 1754 */ 1755 1756 static bool 1757 pruneroute(addr) 1758 char *addr; 1759 { 1760 #if NAMED_BIND 1761 char *start, *at, *comma; 1762 char c; 1763 int braclev; 1764 int rcode; 1765 int i; 1766 char hostbuf[BUFSIZ]; 1767 char *mxhosts[MAXMXHOSTS + 1]; 1768 1769 /* check to see if this is really a route-addr */ 1770 if (*addr != '<' || addr[1] != '@' || addr[strlen(addr) - 1] != '>') 1771 return false; 1772 1773 /* 1774 ** Can't simply find the first ':' is the address might be in the 1775 ** form: "<@[IPv6:::1]:user@host>" and the first ':' in inside 1776 ** the IPv6 address. 1777 */ 1778 1779 start = addr; 1780 braclev = 0; 1781 while (*start != '\0') 1782 { 1783 if (*start == ':' && braclev <= 0) 1784 break; 1785 else if (*start == '[') 1786 braclev++; 1787 else if (*start == ']' && braclev > 0) 1788 braclev--; 1789 start++; 1790 } 1791 if (braclev > 0 || *start != ':') 1792 return false; 1793 1794 at = strrchr(addr, '@'); 1795 if (at == NULL || at < start) 1796 return false; 1797 1798 /* slice off the angle brackets */ 1799 i = strlen(at + 1); 1800 if (i >= sizeof(hostbuf)) 1801 return false; 1802 (void) sm_strlcpy(hostbuf, at + 1, sizeof(hostbuf)); 1803 hostbuf[i - 1] = '\0'; 1804 1805 while (start != NULL) 1806 { 1807 if (getmxrr(hostbuf, mxhosts, NULL, false, 1808 &rcode, true, NULL) > 0) 1809 { 1810 (void) sm_strlcpy(addr + 1, start + 1, 1811 strlen(addr) - 1); 1812 return true; 1813 } 1814 c = *start; 1815 *start = '\0'; 1816 comma = strrchr(addr, ','); 1817 if (comma != NULL && comma[1] == '@' && 1818 strlen(comma + 2) < sizeof(hostbuf)) 1819 (void) sm_strlcpy(hostbuf, comma + 2, sizeof(hostbuf)); 1820 else 1821 comma = NULL; 1822 *start = c; 1823 start = comma; 1824 } 1825 #endif /* NAMED_BIND */ 1826 return false; 1827 } 1828