1 /*
2 ** Sendmail
3 ** Copyright (c) 1983 Eric P. Allman
4 ** Berkeley, California
5 **
6 ** Copyright (c) 1983 Regents of the University of California.
7 ** All rights reserved. The Berkeley software License Agreement
8 ** specifies the terms and conditions for redistribution.
9 */
10
11 #ifndef lint
12 static char SccsId[] = "@(#)deliver.c 5.15 (Berkeley) 12/12/87";
13 #endif not lint
14
15 # include <signal.h>
16 # include <errno.h>
17 # include "sendmail.h"
18 # include <sys/stat.h>
19 # include <netdb.h>
20
21 /*
22 ** DELIVER -- Deliver a message to a list of addresses.
23 **
24 ** This routine delivers to everyone on the same host as the
25 ** user on the head of the list. It is clever about mailers
26 ** that don't handle multiple users. It is NOT guaranteed
27 ** that it will deliver to all these addresses however -- so
28 ** deliver should be called once for each address on the
29 ** list.
30 **
31 ** Parameters:
32 ** e -- the envelope to deliver.
33 ** firstto -- head of the address list to deliver to.
34 **
35 ** Returns:
36 ** zero -- successfully delivered.
37 ** else -- some failure, see ExitStat for more info.
38 **
39 ** Side Effects:
40 ** The standard input is passed off to someone.
41 */
42
43 deliver(e, firstto)
44 register ENVELOPE *e;
45 ADDRESS *firstto;
46 {
47 char *host; /* host being sent to */
48 char *user; /* user being sent to */
49 char **pvp;
50 register char **mvp;
51 register char *p;
52 register MAILER *m; /* mailer for this recipient */
53 ADDRESS *ctladdr;
54 register ADDRESS *to = firstto;
55 bool clever = FALSE; /* running user smtp to this mailer */
56 ADDRESS *tochain = NULL; /* chain of users in this mailer call */
57 register int rcode; /* response code */
58 char *pv[MAXPV+1];
59 char tobuf[MAXLINE-50]; /* text line of to people */
60 char buf[MAXNAME];
61 char tfrombuf[MAXNAME]; /* translated from person */
62 extern bool checkcompat();
63 extern ADDRESS *getctladdr();
64 extern char *remotename();
65
66 errno = 0;
67 if (bitset(QDONTSEND, to->q_flags))
68 return (0);
69
70 m = to->q_mailer;
71 host = to->q_host;
72
73 # ifdef DEBUG
74 if (tTd(10, 1))
75 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n",
76 m->m_mno, host, to->q_user);
77 # endif DEBUG
78
79 /*
80 ** If this mailer is expensive, and if we don't want to make
81 ** connections now, just mark these addresses and return.
82 ** This is useful if we want to batch connections to
83 ** reduce load. This will cause the messages to be
84 ** queued up, and a daemon will come along to send the
85 ** messages later.
86 ** This should be on a per-mailer basis.
87 */
88
89 if (NoConnect && !QueueRun && bitnset(M_EXPENSIVE, m->m_flags) &&
90 !Verbose)
91 {
92 for (; to != NULL; to = to->q_next)
93 {
94 if (bitset(QDONTSEND, to->q_flags) || to->q_mailer != m)
95 continue;
96 to->q_flags |= QQUEUEUP|QDONTSEND;
97 e->e_to = to->q_paddr;
98 message(Arpa_Info, "queued");
99 if (LogLevel > 4)
100 logdelivery("queued");
101 }
102 e->e_to = NULL;
103 return (0);
104 }
105
106 /*
107 ** Do initial argv setup.
108 ** Insert the mailer name. Notice that $x expansion is
109 ** NOT done on the mailer name. Then, if the mailer has
110 ** a picky -f flag, we insert it as appropriate. This
111 ** code does not check for 'pv' overflow; this places a
112 ** manifest lower limit of 4 for MAXPV.
113 ** The from address rewrite is expected to make
114 ** the address relative to the other end.
115 */
116
117 /* rewrite from address, using rewriting rules */
118 expand("\001f", buf, &buf[sizeof buf - 1], e);
119 (void) strcpy(tfrombuf, remotename(buf, m, TRUE, TRUE));
120
121 define('g', tfrombuf, e); /* translated sender address */
122 define('h', host, e); /* to host */
123 Errors = 0;
124 pvp = pv;
125 *pvp++ = m->m_argv[0];
126
127 /* insert -f or -r flag as appropriate */
128 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags)))
129 {
130 if (bitnset(M_FOPT, m->m_flags))
131 *pvp++ = "-f";
132 else
133 *pvp++ = "-r";
134 expand("\001g", buf, &buf[sizeof buf - 1], e);
135 *pvp++ = newstr(buf);
136 }
137
138 /*
139 ** Append the other fixed parts of the argv. These run
140 ** up to the first entry containing "$u". There can only
141 ** be one of these, and there are only a few more slots
142 ** in the pv after it.
143 */
144
145 for (mvp = m->m_argv; (p = *++mvp) != NULL; )
146 {
147 while ((p = index(p, '\001')) != NULL)
148 if (*++p == 'u')
149 break;
150 if (p != NULL)
151 break;
152
153 /* this entry is safe -- go ahead and process it */
154 expand(*mvp, buf, &buf[sizeof buf - 1], e);
155 *pvp++ = newstr(buf);
156 if (pvp >= &pv[MAXPV - 3])
157 {
158 syserr("Too many parameters to %s before $u", pv[0]);
159 return (-1);
160 }
161 }
162
163 /*
164 ** If we have no substitution for the user name in the argument
165 ** list, we know that we must supply the names otherwise -- and
166 ** SMTP is the answer!!
167 */
168
169 if (*mvp == NULL)
170 {
171 /* running SMTP */
172 # ifdef SMTP
173 clever = TRUE;
174 *pvp = NULL;
175 # else SMTP
176 /* oops! we don't implement SMTP */
177 syserr("SMTP style mailer");
178 return (EX_SOFTWARE);
179 # endif SMTP
180 }
181
182 /*
183 ** At this point *mvp points to the argument with $u. We
184 ** run through our address list and append all the addresses
185 ** we can. If we run out of space, do not fret! We can
186 ** always send another copy later.
187 */
188
189 tobuf[0] = '\0';
190 e->e_to = tobuf;
191 ctladdr = NULL;
192 for (; to != NULL; to = to->q_next)
193 {
194 /* avoid sending multiple recipients to dumb mailers */
195 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags))
196 break;
197
198 /* if already sent or not for this host, don't send */
199 if (bitset(QDONTSEND, to->q_flags) ||
200 strcmp(to->q_host, host) != 0 ||
201 to->q_mailer != firstto->q_mailer)
202 continue;
203
204 /* avoid overflowing tobuf */
205 if (sizeof tobuf - (strlen(to->q_paddr) + strlen(tobuf) + 2) < 0)
206 break;
207
208 # ifdef DEBUG
209 if (tTd(10, 1))
210 {
211 printf("\nsend to ");
212 printaddr(to, FALSE);
213 }
214 # endif DEBUG
215
216 /* compute effective uid/gid when sending */
217 if (to->q_mailer == ProgMailer)
218 ctladdr = getctladdr(to);
219
220 user = to->q_user;
221 e->e_to = to->q_paddr;
222 to->q_flags |= QDONTSEND;
223
224 /*
225 ** Check to see that these people are allowed to
226 ** talk to each other.
227 */
228
229 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize)
230 {
231 NoReturn = TRUE;
232 usrerr("Message is too large; %ld bytes max", m->m_maxsize);
233 giveresponse(EX_UNAVAILABLE, m, e);
234 continue;
235 }
236 if (!checkcompat(to))
237 {
238 giveresponse(EX_UNAVAILABLE, m, e);
239 continue;
240 }
241
242 /*
243 ** Strip quote bits from names if the mailer is dumb
244 ** about them.
245 */
246
247 if (bitnset(M_STRIPQ, m->m_flags))
248 {
249 stripquotes(user, TRUE);
250 stripquotes(host, TRUE);
251 }
252 else
253 {
254 stripquotes(user, FALSE);
255 stripquotes(host, FALSE);
256 }
257
258 /* hack attack -- delivermail compatibility */
259 if (m == ProgMailer && *user == '|')
260 user++;
261
262 /*
263 ** If an error message has already been given, don't
264 ** bother to send to this address.
265 **
266 ** >>>>>>>>>> This clause assumes that the local mailer
267 ** >> NOTE >> cannot do any further aliasing; that
268 ** >>>>>>>>>> function is subsumed by sendmail.
269 */
270
271 if (bitset(QBADADDR|QQUEUEUP, to->q_flags))
272 continue;
273
274 /* save statistics.... */
275 markstats(e, to);
276
277 /*
278 ** See if this user name is "special".
279 ** If the user name has a slash in it, assume that this
280 ** is a file -- send it off without further ado. Note
281 ** that this type of addresses is not processed along
282 ** with the others, so we fudge on the To person.
283 */
284
285 if (m == LocalMailer)
286 {
287 if (user[0] == '/')
288 {
289 rcode = mailfile(user, getctladdr(to));
290 giveresponse(rcode, m, e);
291 continue;
292 }
293 }
294
295 /*
296 ** Address is verified -- add this user to mailer
297 ** argv, and add it to the print list of recipients.
298 */
299
300 /* link together the chain of recipients */
301 to->q_tchain = tochain;
302 tochain = to;
303
304 /* create list of users for error messages */
305 (void) strcat(tobuf, ",");
306 (void) strcat(tobuf, to->q_paddr);
307 define('u', user, e); /* to user */
308 define('z', to->q_home, e); /* user's home */
309
310 /*
311 ** Expand out this user into argument list.
312 */
313
314 if (!clever)
315 {
316 expand(*mvp, buf, &buf[sizeof buf - 1], e);
317 *pvp++ = newstr(buf);
318 if (pvp >= &pv[MAXPV - 2])
319 {
320 /* allow some space for trailing parms */
321 break;
322 }
323 }
324 }
325
326 /* see if any addresses still exist */
327 if (tobuf[0] == '\0')
328 {
329 define('g', (char *) NULL, e);
330 return (0);
331 }
332
333 /* print out messages as full list */
334 e->e_to = tobuf + 1;
335
336 /*
337 ** Fill out any parameters after the $u parameter.
338 */
339
340 while (!clever && *++mvp != NULL)
341 {
342 expand(*mvp, buf, &buf[sizeof buf - 1], e);
343 *pvp++ = newstr(buf);
344 if (pvp >= &pv[MAXPV])
345 syserr("deliver: pv overflow after $u for %s", pv[0]);
346 }
347 *pvp++ = NULL;
348
349 /*
350 ** Call the mailer.
351 ** The argument vector gets built, pipes
352 ** are created as necessary, and we fork & exec as
353 ** appropriate.
354 ** If we are running SMTP, we just need to clean up.
355 */
356
357 message(Arpa_Info, "Connecting to %s.%s...", host, m->m_name);
358
359 if (ctladdr == NULL)
360 ctladdr = &e->e_from;
361 # ifdef SMTP
362 if (clever)
363 {
364 # ifdef MXDOMAIN
365 expand("\001w", buf, &buf[sizeof buf - 1], e);
366 if (host[0] == '[')
367 {
368 Nmx = 1;
369 MxHosts[0] = host;
370 rcode = EX_OK;
371 }
372 else if ((Nmx = getmxrr(host, MxHosts, MAXMXHOSTS, buf)) < 0)
373 {
374 /*
375 * Map errors into standard values
376 */
377 if (Nmx == -1)
378 rcode = EX_TEMPFAIL;
379 else if (Nmx == -3)
380 rcode = EX_NOHOST;
381 else
382 rcode = EX_UNAVAILABLE;
383 }
384 else
385 rcode = EX_OK;
386 #else MXDOMAIN
387 Nmx = 1;
388 MxHosts[0] = q->q_host;
389 rcode = EX_OK;
390 #endif
391 /* send the initial SMTP protocol */
392 if (rcode == EX_OK)
393 rcode = smtpinit(m, pv);
394
395 if (rcode == EX_OK)
396 {
397 /* send the recipient list */
398 tobuf[0] = '\0';
399 for (to = tochain; to != NULL; to = to->q_tchain)
400 {
401 int i;
402
403 e->e_to = to->q_paddr;
404 i = smtprcpt(to, m);
405 if (i != EX_OK)
406 {
407 markfailure(e, to, i);
408 giveresponse(i, m, e);
409 }
410 else
411 {
412 (void) strcat(tobuf, ",");
413 (void) strcat(tobuf, to->q_paddr);
414 }
415 }
416
417 /* now send the data */
418 if (tobuf[0] == '\0')
419 e->e_to = NULL;
420 else
421 {
422 e->e_to = tobuf + 1;
423 rcode = smtpdata(m, e);
424 }
425
426 /* now close the connection */
427 smtpquit(m);
428 }
429 }
430 else
431 # endif SMTP
432 rcode = sendoff(e, m, pv, ctladdr);
433
434 /*
435 ** Do final status disposal.
436 ** We check for something in tobuf for the SMTP case.
437 ** If we got a temporary failure, arrange to queue the
438 ** addressees.
439 */
440
441 if (tobuf[0] != '\0')
442 giveresponse(rcode, m, e);
443 if (rcode != EX_OK)
444 {
445 for (to = tochain; to != NULL; to = to->q_tchain)
446 markfailure(e, to, rcode);
447 }
448
449 errno = 0;
450 define('g', (char *) NULL, e);
451 return (rcode);
452 }
453 �/*
454 ** MARKFAILURE -- mark a failure on a specific address.
455 **
456 ** Parameters:
457 ** e -- the envelope we are sending.
458 ** q -- the address to mark.
459 ** rcode -- the code signifying the particular failure.
460 **
461 ** Returns:
462 ** none.
463 **
464 ** Side Effects:
465 ** marks the address (and possibly the envelope) with the
466 ** failure so that an error will be returned or
467 ** the message will be queued, as appropriate.
468 */
469
470 markfailure(e, q, rcode)
471 register ENVELOPE *e;
472 register ADDRESS *q;
473 int rcode;
474 {
475 if (rcode == EX_OK)
476 return;
477 else if (rcode != EX_TEMPFAIL)
478 q->q_flags |= QBADADDR;
479 else if (curtime() > e->e_ctime + TimeOut)
480 {
481 extern char *pintvl();
482 char buf[MAXLINE];
483
484 if (!bitset(EF_TIMEOUT, e->e_flags))
485 {
486 (void) sprintf(buf, "Cannot send message for %s",
487 pintvl(TimeOut, FALSE));
488 if (e->e_message != NULL)
489 free(e->e_message);
490 e->e_message = newstr(buf);
491 message(Arpa_Info, buf);
492 }
493 q->q_flags |= QBADADDR;
494 e->e_flags |= EF_TIMEOUT;
495 }
496 else
497 q->q_flags |= QQUEUEUP;
498 }
499 �/*
500 ** DOFORK -- do a fork, retrying a couple of times on failure.
501 **
502 ** This MUST be a macro, since after a vfork we are running
503 ** two processes on the same stack!!!
504 **
505 ** Parameters:
506 ** none.
507 **
508 ** Returns:
509 ** From a macro??? You've got to be kidding!
510 **
511 ** Side Effects:
512 ** Modifies the ==> LOCAL <== variable 'pid', leaving:
513 ** pid of child in parent, zero in child.
514 ** -1 on unrecoverable error.
515 **
516 ** Notes:
517 ** I'm awfully sorry this looks so awful. That's
518 ** vfork for you.....
519 */
520
521 # define NFORKTRIES 5
522 # ifdef VMUNIX
523 # define XFORK vfork
524 # else VMUNIX
525 # define XFORK fork
526 # endif VMUNIX
527
528 # define DOFORK(fORKfN) \
529 {\
530 register int i;\
531 \
532 for (i = NFORKTRIES; --i >= 0; )\
533 {\
534 pid = fORKfN();\
535 if (pid >= 0)\
536 break;\
537 if (i > 0)\
538 sleep((unsigned) NFORKTRIES - i);\
539 }\
540 }
541 �/*
542 ** DOFORK -- simple fork interface to DOFORK.
543 **
544 ** Parameters:
545 ** none.
546 **
547 ** Returns:
548 ** pid of child in parent.
549 ** zero in child.
550 ** -1 on error.
551 **
552 ** Side Effects:
553 ** returns twice, once in parent and once in child.
554 */
555
556 dofork()
557 {
558 register int pid;
559
560 DOFORK(fork);
561 return (pid);
562 }
563 �/*
564 ** SENDOFF -- send off call to mailer & collect response.
565 **
566 ** Parameters:
567 ** e -- the envelope to mail.
568 ** m -- mailer descriptor.
569 ** pvp -- parameter vector to send to it.
570 ** ctladdr -- an address pointer controlling the
571 ** user/groupid etc. of the mailer.
572 **
573 ** Returns:
574 ** exit status of mailer.
575 **
576 ** Side Effects:
577 ** none.
578 */
579
580 sendoff(e, m, pvp, ctladdr)
581 register ENVELOPE *e;
582 MAILER *m;
583 char **pvp;
584 ADDRESS *ctladdr;
585 {
586 auto FILE *mfile;
587 auto FILE *rfile;
588 register int i;
589 int pid;
590
591 /*
592 ** Create connection to mailer.
593 */
594
595 pid = openmailer(m, pvp, ctladdr, FALSE, &mfile, &rfile);
596 if (pid < 0)
597 return (-1);
598
599 /*
600 ** Format and send message.
601 */
602
603 putfromline(mfile, m);
604 (*e->e_puthdr)(mfile, m, e);
605 putline("\n", mfile, m);
606 (*e->e_putbody)(mfile, m, e);
607 (void) fclose(mfile);
608
609 i = endmailer(pid, pvp[0]);
610
611 /* arrange a return receipt if requested */
612 if (e->e_receiptto != NULL && bitnset(M_LOCAL, m->m_flags))
613 {
614 e->e_flags |= EF_SENDRECEIPT;
615 /* do we want to send back more info? */
616 }
617
618 return (i);
619 }
620 �/*
621 ** ENDMAILER -- Wait for mailer to terminate.
622 **
623 ** We should never get fatal errors (e.g., segmentation
624 ** violation), so we report those specially. For other
625 ** errors, we choose a status message (into statmsg),
626 ** and if it represents an error, we print it.
627 **
628 ** Parameters:
629 ** pid -- pid of mailer.
630 ** name -- name of mailer (for error messages).
631 **
632 ** Returns:
633 ** exit code of mailer.
634 **
635 ** Side Effects:
636 ** none.
637 */
638
639 endmailer(pid, name)
640 int pid;
641 char *name;
642 {
643 int st;
644
645 /* in the IPC case there is nothing to wait for */
646 if (pid == 0)
647 return (EX_OK);
648
649 /* wait for the mailer process to die and collect status */
650 st = waitfor(pid);
651 if (st == -1)
652 {
653 syserr("endmailer %s: wait", name);
654 return (EX_SOFTWARE);
655 }
656
657 /* see if it died a horrid death */
658 if ((st & 0377) != 0)
659 {
660 syserr("mailer %s died with signal %o", name, st);
661 ExitStat = EX_TEMPFAIL;
662 return (EX_TEMPFAIL);
663 }
664
665 /* normal death -- return status */
666 st = (st >> 8) & 0377;
667 return (st);
668 }
669 �/*
670 ** OPENMAILER -- open connection to mailer.
671 **
672 ** Parameters:
673 ** m -- mailer descriptor.
674 ** pvp -- parameter vector to pass to mailer.
675 ** ctladdr -- controlling address for user.
676 ** clever -- create a full duplex connection.
677 ** pmfile -- pointer to mfile (to mailer) connection.
678 ** prfile -- pointer to rfile (from mailer) connection.
679 **
680 ** Returns:
681 ** pid of mailer ( > 0 ).
682 ** -1 on error.
683 ** zero on an IPC connection.
684 **
685 ** Side Effects:
686 ** creates a mailer in a subprocess.
687 */
688
689 openmailer(m, pvp, ctladdr, clever, pmfile, prfile)
690 MAILER *m;
691 char **pvp;
692 ADDRESS *ctladdr;
693 bool clever;
694 FILE **pmfile;
695 FILE **prfile;
696 {
697 int pid;
698 int mpvect[2];
699 int rpvect[2];
700 FILE *mfile;
701 FILE *rfile;
702 extern FILE *fdopen();
703
704 # ifdef DEBUG
705 if (tTd(11, 1))
706 {
707 printf("openmailer:");
708 printav(pvp);
709 }
710 # endif DEBUG
711 errno = 0;
712
713 CurHostName = m->m_mailer;
714
715 /*
716 ** Deal with the special case of mail handled through an IPC
717 ** connection.
718 ** In this case we don't actually fork. We must be
719 ** running SMTP for this to work. We will return a
720 ** zero pid to indicate that we are running IPC.
721 ** We also handle a debug version that just talks to stdin/out.
722 */
723
724 #ifdef DEBUG
725 /* check for Local Person Communication -- not for mortals!!! */
726 if (strcmp(m->m_mailer, "[LPC]") == 0)
727 {
728 *pmfile = stdout;
729 *prfile = stdin;
730 return (0);
731 }
732 #endif DEBUG
733
734 if (strcmp(m->m_mailer, "[IPC]") == 0)
735 {
736 #ifdef HOSTINFO
737 register STAB *st;
738 extern STAB *stab();
739 #endif HOSTINFO
740 #ifdef DAEMON
741 register int i, j;
742 register u_short port;
743
744 CurHostName = pvp[1];
745 if (!clever)
746 syserr("non-clever IPC");
747 if (pvp[2] != NULL)
748 port = atoi(pvp[2]);
749 else
750 port = 0;
751 for (j = 0; j < Nmx; j++)
752 {
753 CurHostName = MxHosts[j];
754 #ifdef HOSTINFO
755 /* see if we have already determined that this host is fried */
756 st = stab(MxHosts[j], ST_HOST, ST_FIND);
757 if (st == NULL || st->s_host.ho_exitstat == EX_OK)
758 i = makeconnection(MxHosts[j], port, pmfile, prfile);
759 else
760 {
761 i = st->s_host.ho_exitstat;
762 errno = st->s_host.ho_errno;
763 }
764 #else HOSTINFO
765 i = makeconnection(MxHosts[j], port, pmfile, prfile);
766 #endif HOSTINFO
767 if (i != EX_OK)
768 {
769 #ifdef HOSTINFO
770 /* enter status of this host */
771 if (st == NULL)
772 st = stab(MxHosts[j], ST_HOST, ST_ENTER);
773 st->s_host.ho_exitstat = i;
774 st->s_host.ho_errno = errno;
775 #endif HOSTINFO
776 ExitStat = i;
777 continue;
778 }
779 else
780 return (0);
781 }
782 return (-1);
783 #else DAEMON
784 syserr("openmailer: no IPC");
785 return (-1);
786 #endif DAEMON
787 }
788
789 /* create a pipe to shove the mail through */
790 if (pipe(mpvect) < 0)
791 {
792 syserr("openmailer: pipe (to mailer)");
793 return (-1);
794 }
795
796 #ifdef SMTP
797 /* if this mailer speaks smtp, create a return pipe */
798 if (clever && pipe(rpvect) < 0)
799 {
800 syserr("openmailer: pipe (from mailer)");
801 (void) close(mpvect[0]);
802 (void) close(mpvect[1]);
803 return (-1);
804 }
805 #endif SMTP
806
807 /*
808 ** Actually fork the mailer process.
809 ** DOFORK is clever about retrying.
810 **
811 ** Dispose of SIGCHLD signal catchers that may be laying
812 ** around so that endmail will get it.
813 */
814
815 if (CurEnv->e_xfp != NULL)
816 (void) fflush(CurEnv->e_xfp); /* for debugging */
817 (void) fflush(stdout);
818 # ifdef SIGCHLD
819 (void) signal(SIGCHLD, SIG_DFL);
820 # endif SIGCHLD
821 DOFORK(XFORK);
822 /* pid is set by DOFORK */
823 if (pid < 0)
824 {
825 /* failure */
826 syserr("openmailer: cannot fork");
827 (void) close(mpvect[0]);
828 (void) close(mpvect[1]);
829 #ifdef SMTP
830 if (clever)
831 {
832 (void) close(rpvect[0]);
833 (void) close(rpvect[1]);
834 }
835 #endif SMTP
836 return (-1);
837 }
838 else if (pid == 0)
839 {
840 int i;
841 extern int DtableSize;
842
843 /* child -- set up input & exec mailer */
844 /* make diagnostic output be standard output */
845 (void) signal(SIGINT, SIG_IGN);
846 (void) signal(SIGHUP, SIG_IGN);
847 (void) signal(SIGTERM, SIG_DFL);
848
849 /* arrange to filter standard & diag output of command */
850 if (clever)
851 {
852 (void) close(rpvect[0]);
853 (void) close(1);
854 (void) dup(rpvect[1]);
855 (void) close(rpvect[1]);
856 }
857 else if (OpMode == MD_SMTP || HoldErrs)
858 {
859 /* put mailer output in transcript */
860 (void) close(1);
861 (void) dup(fileno(CurEnv->e_xfp));
862 }
863 (void) close(2);
864 (void) dup(1);
865
866 /* arrange to get standard input */
867 (void) close(mpvect[1]);
868 (void) close(0);
869 if (dup(mpvect[0]) < 0)
870 {
871 syserr("Cannot dup to zero!");
872 _exit(EX_OSERR);
873 }
874 (void) close(mpvect[0]);
875 if (!bitnset(M_RESTR, m->m_flags))
876 {
877 if (ctladdr == NULL || ctladdr->q_uid == 0)
878 {
879 (void) setgid(DefGid);
880 (void) setuid(DefUid);
881 }
882 else
883 {
884 (void) setgid(ctladdr->q_gid);
885 (void) setuid(ctladdr->q_uid);
886 }
887 }
888
889 /* arrange for all the files to be closed */
890 for (i = 3; i < DtableSize; i++)
891 #ifdef FIOCLEX
892 (void) ioctl(i, FIOCLEX, 0);
893 #else FIOCLEX
894 (void) close(i);
895 #endif FIOCLEX
896
897 /* try to execute the mailer */
898 execve(m->m_mailer, pvp, UserEnviron);
899
900 #ifdef FIOCLEX
901 syserr("Cannot exec %s", m->m_mailer);
902 #else FIOCLEX
903 printf("Cannot exec '%s' errno=%d\n", m->m_mailer, errno);
904 (void) fflush(stdout);
905 #endif FIOCLEX
906 if (m == LocalMailer || errno == EIO || errno == EAGAIN ||
907 errno == ENOMEM || errno == EPROCLIM)
908 _exit(EX_TEMPFAIL);
909 else
910 _exit(EX_UNAVAILABLE);
911 }
912
913 /*
914 ** Set up return value.
915 */
916
917 (void) close(mpvect[0]);
918 mfile = fdopen(mpvect[1], "w");
919 if (clever)
920 {
921 (void) close(rpvect[1]);
922 rfile = fdopen(rpvect[0], "r");
923 }
924
925 *pmfile = mfile;
926 *prfile = rfile;
927
928 return (pid);
929 }
930 �/*
931 ** GIVERESPONSE -- Interpret an error response from a mailer
932 **
933 ** Parameters:
934 ** stat -- the status code from the mailer (high byte
935 ** only; core dumps must have been taken care of
936 ** already).
937 ** m -- the mailer descriptor for this mailer.
938 **
939 ** Returns:
940 ** none.
941 **
942 ** Side Effects:
943 ** Errors may be incremented.
944 ** ExitStat may be set.
945 */
946
947 giveresponse(stat, m, e)
948 int stat;
949 register MAILER *m;
950 ENVELOPE *e;
951 {
952 register char *statmsg;
953 extern char *SysExMsg[];
954 register int i;
955 extern int N_SysEx, h_errno;
956 char buf[MAXLINE];
957
958 #ifdef lint
959 if (m == NULL)
960 return;
961 #endif lint
962
963 /*
964 ** Compute status message from code.
965 */
966
967 i = stat - EX__BASE;
968 if (stat == 0)
969 statmsg = "250 Sent";
970 else if (i < 0 || i > N_SysEx)
971 {
972 (void) sprintf(buf, "554 unknown mailer error %d", stat);
973 stat = EX_UNAVAILABLE;
974 statmsg = buf;
975 }
976 else if (stat == EX_TEMPFAIL)
977 {
978 (void) strcpy(buf, SysExMsg[i]);
979 if (h_errno == TRY_AGAIN)
980 {
981 extern char *errstring();
982
983 statmsg = errstring(h_errno+MAX_ERRNO);
984 }
985 else
986 {
987 if (errno != 0)
988 {
989 extern char *errstring();
990
991 statmsg = errstring(errno);
992 }
993 else
994 {
995 #ifdef SMTP
996 extern char SmtpError[];
997
998 statmsg = SmtpError;
999 #else SMTP
1000 statmsg = NULL;
1001 #endif SMTP
1002 }
1003 }
1004 if (statmsg != NULL && statmsg[0] != '\0')
1005 {
1006 (void) strcat(buf, ": ");
1007 (void) strcat(buf, statmsg);
1008 }
1009 statmsg = buf;
1010 }
1011 else
1012 {
1013 statmsg = SysExMsg[i];
1014 }
1015
1016 /*
1017 ** Print the message as appropriate
1018 */
1019
1020 if (stat == EX_OK || stat == EX_TEMPFAIL)
1021 message(Arpa_Info, &statmsg[4]);
1022 else
1023 {
1024 Errors++;
1025 usrerr(statmsg);
1026 }
1027
1028 /*
1029 ** Final cleanup.
1030 ** Log a record of the transaction. Compute the new
1031 ** ExitStat -- if we already had an error, stick with
1032 ** that.
1033 */
1034
1035 if (LogLevel > ((stat == 0 || stat == EX_TEMPFAIL) ? 3 : 2))
1036 logdelivery(&statmsg[4]);
1037
1038 if (stat != EX_TEMPFAIL)
1039 setstat(stat);
1040 if (stat != EX_OK)
1041 {
1042 if (e->e_message != NULL)
1043 free(e->e_message);
1044 e->e_message = newstr(&statmsg[4]);
1045 }
1046 errno = 0;
1047 h_errno = 0;
1048 }
1049 �/*
1050 ** LOGDELIVERY -- log the delivery in the system log
1051 **
1052 ** Parameters:
1053 ** stat -- the message to print for the status
1054 **
1055 ** Returns:
1056 ** none
1057 **
1058 ** Side Effects:
1059 ** none
1060 */
1061
1062 logdelivery(stat)
1063 char *stat;
1064 {
1065 extern char *pintvl();
1066
1067 # ifdef LOG
1068 syslog(LOG_INFO, "%s: to=%s, delay=%s, stat=%s", CurEnv->e_id,
1069 CurEnv->e_to, pintvl(curtime() - CurEnv->e_ctime, TRUE), stat);
1070 # endif LOG
1071 }
1072 �/*
1073 ** PUTFROMLINE -- output a UNIX-style from line (or whatever)
1074 **
1075 ** This can be made an arbitrary message separator by changing $l
1076 **
1077 ** One of the ugliest hacks seen by human eyes is contained herein:
1078 ** UUCP wants those stupid "remote from <host>" lines. Why oh why
1079 ** does a well-meaning programmer such as myself have to deal with
1080 ** this kind of antique garbage????
1081 **
1082 ** Parameters:
1083 ** fp -- the file to output to.
1084 ** m -- the mailer describing this entry.
1085 **
1086 ** Returns:
1087 ** none
1088 **
1089 ** Side Effects:
1090 ** outputs some text to fp.
1091 */
1092
1093 putfromline(fp, m)
1094 register FILE *fp;
1095 register MAILER *m;
1096 {
1097 char *template = "\001l\n";
1098 char buf[MAXLINE];
1099
1100 if (bitnset(M_NHDR, m->m_flags))
1101 return;
1102
1103 # ifdef UGLYUUCP
1104 if (bitnset(M_UGLYUUCP, m->m_flags))
1105 {
1106 char *bang;
1107 char xbuf[MAXLINE];
1108
1109 expand("\001g", buf, &buf[sizeof buf - 1], CurEnv);
1110 bang = index(buf, '!');
1111 if (bang == NULL)
1112 syserr("No ! in UUCP! (%s)", buf);
1113 else
1114 {
1115 *bang++ = '\0';
1116 (void) sprintf(xbuf, "From %s \001d remote from %s\n", bang, buf);
1117 template = xbuf;
1118 }
1119 }
1120 # endif UGLYUUCP
1121 expand(template, buf, &buf[sizeof buf - 1], CurEnv);
1122 putline(buf, fp, m);
1123 }
1124 �/*
1125 ** PUTBODY -- put the body of a message.
1126 **
1127 ** Parameters:
1128 ** fp -- file to output onto.
1129 ** m -- a mailer descriptor to control output format.
1130 ** e -- the envelope to put out.
1131 **
1132 ** Returns:
1133 ** none.
1134 **
1135 ** Side Effects:
1136 ** The message is written onto fp.
1137 */
1138
1139 putbody(fp, m, e)
1140 FILE *fp;
1141 MAILER *m;
1142 register ENVELOPE *e;
1143 {
1144 char buf[MAXLINE];
1145
1146 /*
1147 ** Output the body of the message
1148 */
1149
1150 if (e->e_dfp == NULL)
1151 {
1152 if (e->e_df != NULL)
1153 {
1154 e->e_dfp = fopen(e->e_df, "r");
1155 if (e->e_dfp == NULL)
1156 syserr("Cannot open %s", e->e_df);
1157 }
1158 else
1159 putline("<<< No Message Collected >>>", fp, m);
1160 }
1161 if (e->e_dfp != NULL)
1162 {
1163 rewind(e->e_dfp);
1164 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL)
1165 {
1166 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) &&
1167 strncmp(buf, "From", 4) == 0)
1168 (void) putc('>', fp);
1169 putline(buf, fp, m);
1170 }
1171
1172 if (ferror(e->e_dfp))
1173 {
1174 syserr("putbody: read error");
1175 ExitStat = EX_IOERR;
1176 }
1177 }
1178
1179 (void) fflush(fp);
1180 if (ferror(fp) && errno != EPIPE)
1181 {
1182 syserr("putbody: write error");
1183 ExitStat = EX_IOERR;
1184 }
1185 errno = 0;
1186 }
1187 �/*
1188 ** MAILFILE -- Send a message to a file.
1189 **
1190 ** If the file has the setuid/setgid bits set, but NO execute
1191 ** bits, sendmail will try to become the owner of that file
1192 ** rather than the real user. Obviously, this only works if
1193 ** sendmail runs as root.
1194 **
1195 ** This could be done as a subordinate mailer, except that it
1196 ** is used implicitly to save messages in ~/dead.letter. We
1197 ** view this as being sufficiently important as to include it
1198 ** here. For example, if the system is dying, we shouldn't have
1199 ** to create another process plus some pipes to save the message.
1200 **
1201 ** Parameters:
1202 ** filename -- the name of the file to send to.
1203 ** ctladdr -- the controlling address header -- includes
1204 ** the userid/groupid to be when sending.
1205 **
1206 ** Returns:
1207 ** The exit code associated with the operation.
1208 **
1209 ** Side Effects:
1210 ** none.
1211 */
1212
1213 mailfile(filename, ctladdr)
1214 char *filename;
1215 ADDRESS *ctladdr;
1216 {
1217 register FILE *f;
1218 register int pid;
1219
1220 /*
1221 ** Fork so we can change permissions here.
1222 ** Note that we MUST use fork, not vfork, because of
1223 ** the complications of calling subroutines, etc.
1224 */
1225
1226 DOFORK(fork);
1227
1228 if (pid < 0)
1229 return (EX_OSERR);
1230 else if (pid == 0)
1231 {
1232 /* child -- actually write to file */
1233 struct stat stb;
1234
1235 (void) signal(SIGINT, SIG_DFL);
1236 (void) signal(SIGHUP, SIG_DFL);
1237 (void) signal(SIGTERM, SIG_DFL);
1238 (void) umask(OldUmask);
1239 if (stat(filename, &stb) < 0)
1240 {
1241 errno = 0;
1242 stb.st_mode = 0666;
1243 }
1244 if (bitset(0111, stb.st_mode))
1245 exit(EX_CANTCREAT);
1246 if (ctladdr == NULL)
1247 ctladdr = &CurEnv->e_from;
1248 if (!bitset(S_ISGID, stb.st_mode) || setgid(stb.st_gid) < 0)
1249 {
1250 if (ctladdr->q_uid == 0)
1251 (void) setgid(DefGid);
1252 else
1253 (void) setgid(ctladdr->q_gid);
1254 }
1255 if (!bitset(S_ISUID, stb.st_mode) || setuid(stb.st_uid) < 0)
1256 {
1257 if (ctladdr->q_uid == 0)
1258 (void) setuid(DefUid);
1259 else
1260 (void) setuid(ctladdr->q_uid);
1261 }
1262 f = dfopen(filename, "a");
1263 if (f == NULL)
1264 exit(EX_CANTCREAT);
1265
1266 putfromline(f, ProgMailer);
1267 (*CurEnv->e_puthdr)(f, ProgMailer, CurEnv);
1268 putline("\n", f, ProgMailer);
1269 (*CurEnv->e_putbody)(f, ProgMailer, CurEnv);
1270 putline("\n", f, ProgMailer);
1271 (void) fclose(f);
1272 (void) fflush(stdout);
1273
1274 /* reset ISUID & ISGID bits for paranoid systems */
1275 (void) chmod(filename, (int) stb.st_mode);
1276 exit(EX_OK);
1277 /*NOTREACHED*/
1278 }
1279 else
1280 {
1281 /* parent -- wait for exit status */
1282 int st;
1283
1284 st = waitfor(pid);
1285 if ((st & 0377) != 0)
1286 return (EX_UNAVAILABLE);
1287 else
1288 return ((st >> 8) & 0377);
1289 }
1290 }
1291 �/*
1292 ** SENDALL -- actually send all the messages.
1293 **
1294 ** Parameters:
1295 ** e -- the envelope to send.
1296 ** mode -- the delivery mode to use. If SM_DEFAULT, use
1297 ** the current SendMode.
1298 **
1299 ** Returns:
1300 ** none.
1301 **
1302 ** Side Effects:
1303 ** Scans the send lists and sends everything it finds.
1304 ** Delivers any appropriate error messages.
1305 ** If we are running in a non-interactive mode, takes the
1306 ** appropriate action.
1307 */
1308
1309 sendall(e, mode)
1310 ENVELOPE *e;
1311 char mode;
1312 {
1313 register ADDRESS *q;
1314 bool oldverbose;
1315 int pid;
1316
1317 /* determine actual delivery mode */
1318 if (mode == SM_DEFAULT)
1319 {
1320 extern bool shouldqueue();
1321
1322 if (shouldqueue(e->e_msgpriority))
1323 mode = SM_QUEUE;
1324 else
1325 mode = SendMode;
1326 }
1327
1328 #ifdef DEBUG
1329 if (tTd(13, 1))
1330 {
1331 printf("\nSENDALL: mode %c, sendqueue:\n", mode);
1332 printaddr(e->e_sendqueue, TRUE);
1333 }
1334 #endif DEBUG
1335
1336 /*
1337 ** Do any preprocessing necessary for the mode we are running.
1338 ** Check to make sure the hop count is reasonable.
1339 ** Delete sends to the sender in mailing lists.
1340 */
1341
1342 CurEnv = e;
1343
1344 if (e->e_hopcount > MAXHOP)
1345 {
1346 syserr("sendall: too many hops (%d max)", MAXHOP);
1347 return;
1348 }
1349
1350 if (!MeToo)
1351 {
1352 extern ADDRESS *recipient();
1353
1354 e->e_from.q_flags |= QDONTSEND;
1355 (void) recipient(&e->e_from, &e->e_sendqueue);
1356 }
1357
1358 # ifdef QUEUE
1359 if ((mode == SM_QUEUE || mode == SM_FORK ||
1360 (mode != SM_VERIFY && SuperSafe)) &&
1361 !bitset(EF_INQUEUE, e->e_flags))
1362 queueup(e, TRUE, mode == SM_QUEUE);
1363 #endif QUEUE
1364
1365 oldverbose = Verbose;
1366 switch (mode)
1367 {
1368 case SM_VERIFY:
1369 Verbose = TRUE;
1370 break;
1371
1372 case SM_QUEUE:
1373 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE;
1374 return;
1375
1376 case SM_FORK:
1377 if (e->e_xfp != NULL)
1378 (void) fflush(e->e_xfp);
1379 pid = fork();
1380 if (pid < 0)
1381 {
1382 mode = SM_DELIVER;
1383 break;
1384 }
1385 else if (pid > 0)
1386 {
1387 /* be sure we leave the temp files to our child */
1388 e->e_id = e->e_df = NULL;
1389 return;
1390 }
1391
1392 /* double fork to avoid zombies */
1393 if (fork() > 0)
1394 exit(EX_OK);
1395
1396 /* be sure we are immune from the terminal */
1397 disconnect(FALSE);
1398
1399 break;
1400 }
1401
1402 /*
1403 ** Run through the list and send everything.
1404 */
1405
1406 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
1407 {
1408 if (mode == SM_VERIFY)
1409 {
1410 e->e_to = q->q_paddr;
1411 if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
1412 message(Arpa_Info, "deliverable");
1413 }
1414 else
1415 (void) deliver(e, q);
1416 }
1417 Verbose = oldverbose;
1418
1419 /*
1420 ** Now run through and check for errors.
1421 */
1422
1423 if (mode == SM_VERIFY)
1424 return;
1425
1426 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
1427 {
1428 register ADDRESS *qq;
1429
1430 # ifdef DEBUG
1431 if (tTd(13, 3))
1432 {
1433 printf("Checking ");
1434 printaddr(q, FALSE);
1435 }
1436 # endif DEBUG
1437
1438 /* only send errors if the message failed */
1439 if (!bitset(QBADADDR, q->q_flags))
1440 continue;
1441
1442 /* we have an address that failed -- find the parent */
1443 for (qq = q; qq != NULL; qq = qq->q_alias)
1444 {
1445 char obuf[MAXNAME + 6];
1446 extern char *aliaslookup();
1447
1448 /* we can only have owners for local addresses */
1449 if (!bitnset(M_LOCAL, qq->q_mailer->m_flags))
1450 continue;
1451
1452 /* see if the owner list exists */
1453 (void) strcpy(obuf, "owner-");
1454 if (strncmp(qq->q_user, "owner-", 6) == 0)
1455 (void) strcat(obuf, "owner");
1456 else
1457 (void) strcat(obuf, qq->q_user);
1458 if (aliaslookup(obuf) == NULL)
1459 continue;
1460
1461 # ifdef DEBUG
1462 if (tTd(13, 4))
1463 printf("Errors to %s\n", obuf);
1464 # endif DEBUG
1465
1466 /* owner list exists -- add it to the error queue */
1467 sendtolist(obuf, (ADDRESS *) NULL, &e->e_errorqueue);
1468 ErrorMode = EM_MAIL;
1469 break;
1470 }
1471
1472 /* if we did not find an owner, send to the sender */
1473 if (qq == NULL && bitset(QBADADDR, q->q_flags))
1474 sendtolist(e->e_from.q_paddr, qq, &e->e_errorqueue);
1475 }
1476
1477 if (mode == SM_FORK)
1478 finis();
1479 }
1480