1 /* $NetBSD: cleanup.c,v 1.7 2020/03/18 19:05:15 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* cleanup 8 6 /* SUMMARY 7 /* canonicalize and enqueue Postfix message 8 /* SYNOPSIS 9 /* \fBcleanup\fR [generic Postfix daemon options] 10 /* DESCRIPTION 11 /* The \fBcleanup\fR(8) daemon processes inbound mail, inserts it 12 /* into the \fBincoming\fR mail queue, and informs the queue 13 /* manager of its arrival. 14 /* 15 /* The \fBcleanup\fR(8) daemon always performs the following transformations: 16 /* .IP \(bu 17 /* Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR, 18 /* \fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR. 19 /* .IP \(bu 20 /* Transform envelope and header addresses to the standard 21 /* \fIuser@fully-qualified-domain\fR form that is expected by other 22 /* Postfix programs. 23 /* This task is delegated to the \fBtrivial-rewrite\fR(8) daemon. 24 /* .IP \(bu 25 /* Eliminate duplicate envelope recipient addresses. 26 /* .IP \(bu 27 /* Remove message headers: \fBBcc\fR, \fBContent-Length\fR, 28 /* \fBResent-Bcc\fR, \fBReturn-Path\fR. 29 /* .PP 30 /* The following address transformations are optional: 31 /* .IP \(bu 32 /* Optionally, rewrite all envelope and header addresses according 33 /* to the mappings specified in the \fBcanonical\fR(5) lookup tables. 34 /* .IP \(bu 35 /* Optionally, masquerade envelope sender addresses and message 36 /* header addresses (i.e. strip host or domain information below 37 /* all domains listed in the \fBmasquerade_domains\fR parameter, 38 /* except for user names listed in \fBmasquerade_exceptions\fR). 39 /* By default, address masquerading does not affect envelope recipients. 40 /* .IP \(bu 41 /* Optionally, expand envelope recipients according to information 42 /* found in the \fBvirtual\fR(5) lookup tables. 43 /* .PP 44 /* The \fBcleanup\fR(8) daemon performs sanity checks on the content of 45 /* each message. When it finds a problem, by default it returns a 46 /* diagnostic status to the client, and leaves it up to the client 47 /* to deal with the problem. Alternatively, the client can request 48 /* the \fBcleanup\fR(8) daemon to bounce the message back to the sender 49 /* in case of trouble. 50 /* STANDARDS 51 /* RFC 822 (ARPA Internet Text Messages) 52 /* RFC 2045 (MIME: Format of Internet Message Bodies) 53 /* RFC 2046 (MIME: Media Types) 54 /* RFC 2822 (Internet Message Format) 55 /* RFC 3463 (Enhanced Status Codes) 56 /* RFC 3464 (Delivery status notifications) 57 /* RFC 5322 (Internet Message Format) 58 /* DIAGNOSTICS 59 /* Problems and transactions are logged to \fBsyslogd\fR(8) 60 /* or \fBpostlogd\fR(8). 61 /* BUGS 62 /* Table-driven rewriting rules make it hard to express \fBif then 63 /* else\fR and other logical relationships. 64 /* CONFIGURATION PARAMETERS 65 /* .ad 66 /* .fi 67 /* Changes to \fBmain.cf\fR are picked up automatically, as 68 /* \fBcleanup\fR(8) 69 /* processes run for only a limited amount of time. Use the command 70 /* "\fBpostfix reload\fR" to speed up a change. 71 /* 72 /* The text below provides only a parameter summary. See 73 /* \fBpostconf\fR(5) for more details including examples. 74 /* COMPATIBILITY CONTROLS 75 /* .ad 76 /* .fi 77 /* .IP "\fBundisclosed_recipients_header (see 'postconf -d' output)\fR" 78 /* Message header that the Postfix \fBcleanup\fR(8) server inserts when a 79 /* message contains no To: or Cc: message header. 80 /* .PP 81 /* Available in Postfix version 2.1 only: 82 /* .IP "\fBenable_errors_to (no)\fR" 83 /* Report mail delivery errors to the address specified with the 84 /* non-standard Errors-To: message header, instead of the envelope 85 /* sender address (this feature is removed with Postfix version 2.2, is 86 /* turned off by default with Postfix version 2.1, and is always turned on 87 /* with older Postfix versions). 88 /* .PP 89 /* Available in Postfix version 2.6 and later: 90 /* .IP "\fBalways_add_missing_headers (no)\fR" 91 /* Always add (Resent-) From:, To:, Date: or Message-ID: headers 92 /* when not present. 93 /* .PP 94 /* Available in Postfix version 2.9 and later: 95 /* .IP "\fBenable_long_queue_ids (no)\fR" 96 /* Enable long, non-repeating, queue IDs (queue file names). 97 /* .PP 98 /* Available in Postfix version 3.0 and later: 99 /* .IP "\fBmessage_drop_headers (bcc, content-length, resent-bcc, return-path)\fR" 100 /* Names of message headers that the \fBcleanup\fR(8) daemon will remove 101 /* after applying \fBheader_checks\fR(5) and before invoking Milter applications. 102 /* BUILT-IN CONTENT FILTERING CONTROLS 103 /* .ad 104 /* .fi 105 /* Postfix built-in content filtering is meant to stop a flood of 106 /* worms or viruses. It is not a general content filter. 107 /* .IP "\fBbody_checks (empty)\fR" 108 /* Optional lookup tables for content inspection as specified in 109 /* the \fBbody_checks\fR(5) manual page. 110 /* .IP "\fBheader_checks (empty)\fR" 111 /* Optional lookup tables for content inspection of primary non-MIME 112 /* message headers, as specified in the \fBheader_checks\fR(5) manual page. 113 /* .PP 114 /* Available in Postfix version 2.0 and later: 115 /* .IP "\fBbody_checks_size_limit (51200)\fR" 116 /* How much text in a message body segment (or attachment, if you 117 /* prefer to use that term) is subjected to body_checks inspection. 118 /* .IP "\fBmime_header_checks ($header_checks)\fR" 119 /* Optional lookup tables for content inspection of MIME related 120 /* message headers, as described in the \fBheader_checks\fR(5) manual page. 121 /* .IP "\fBnested_header_checks ($header_checks)\fR" 122 /* Optional lookup tables for content inspection of non-MIME message 123 /* headers in attached messages, as described in the \fBheader_checks\fR(5) 124 /* manual page. 125 /* .PP 126 /* Available in Postfix version 2.3 and later: 127 /* .IP "\fBmessage_reject_characters (empty)\fR" 128 /* The set of characters that Postfix will reject in message 129 /* content. 130 /* .IP "\fBmessage_strip_characters (empty)\fR" 131 /* The set of characters that Postfix will remove from message 132 /* content. 133 /* BEFORE QUEUE MILTER CONTROLS 134 /* .ad 135 /* .fi 136 /* As of version 2.3, Postfix supports the Sendmail version 8 137 /* Milter (mail filter) protocol. When mail is not received via 138 /* the smtpd(8) server, the cleanup(8) server will simulate 139 /* SMTP events to the extent that this is possible. For details 140 /* see the MILTER_README document. 141 /* .IP "\fBnon_smtpd_milters (empty)\fR" 142 /* A list of Milter (mail filter) applications for new mail that 143 /* does not arrive via the Postfix \fBsmtpd\fR(8) server. 144 /* .IP "\fBmilter_protocol (6)\fR" 145 /* The mail filter protocol version and optional protocol extensions 146 /* for communication with a Milter application; prior to Postfix 2.6 147 /* the default protocol is 2. 148 /* .IP "\fBmilter_default_action (tempfail)\fR" 149 /* The default action when a Milter (mail filter) application is 150 /* unavailable or mis-configured. 151 /* .IP "\fBmilter_macro_daemon_name ($myhostname)\fR" 152 /* The {daemon_name} macro value for Milter (mail filter) applications. 153 /* .IP "\fBmilter_macro_v ($mail_name $mail_version)\fR" 154 /* The {v} macro value for Milter (mail filter) applications. 155 /* .IP "\fBmilter_connect_timeout (30s)\fR" 156 /* The time limit for connecting to a Milter (mail filter) 157 /* application, and for negotiating protocol options. 158 /* .IP "\fBmilter_command_timeout (30s)\fR" 159 /* The time limit for sending an SMTP command to a Milter (mail 160 /* filter) application, and for receiving the response. 161 /* .IP "\fBmilter_content_timeout (300s)\fR" 162 /* The time limit for sending message content to a Milter (mail 163 /* filter) application, and for receiving the response. 164 /* .IP "\fBmilter_connect_macros (see 'postconf -d' output)\fR" 165 /* The macros that are sent to Milter (mail filter) applications 166 /* after completion of an SMTP connection. 167 /* .IP "\fBmilter_helo_macros (see 'postconf -d' output)\fR" 168 /* The macros that are sent to Milter (mail filter) applications 169 /* after the SMTP HELO or EHLO command. 170 /* .IP "\fBmilter_mail_macros (see 'postconf -d' output)\fR" 171 /* The macros that are sent to Milter (mail filter) applications 172 /* after the SMTP MAIL FROM command. 173 /* .IP "\fBmilter_rcpt_macros (see 'postconf -d' output)\fR" 174 /* The macros that are sent to Milter (mail filter) applications 175 /* after the SMTP RCPT TO command. 176 /* .IP "\fBmilter_data_macros (see 'postconf -d' output)\fR" 177 /* The macros that are sent to version 4 or higher Milter (mail 178 /* filter) applications after the SMTP DATA command. 179 /* .IP "\fBmilter_unknown_command_macros (see 'postconf -d' output)\fR" 180 /* The macros that are sent to version 3 or higher Milter (mail 181 /* filter) applications after an unknown SMTP command. 182 /* .IP "\fBmilter_end_of_data_macros (see 'postconf -d' output)\fR" 183 /* The macros that are sent to Milter (mail filter) applications 184 /* after the message end-of-data. 185 /* .PP 186 /* Available in Postfix version 2.5 and later: 187 /* .IP "\fBmilter_end_of_header_macros (see 'postconf -d' output)\fR" 188 /* The macros that are sent to Milter (mail filter) applications 189 /* after the end of the message header. 190 /* .PP 191 /* Available in Postfix version 2.7 and later: 192 /* .IP "\fBmilter_header_checks (empty)\fR" 193 /* Optional lookup tables for content inspection of message headers 194 /* that are produced by Milter applications. 195 /* .PP 196 /* Available in Postfix version 3.1 and later: 197 /* .IP "\fBmilter_macro_defaults (empty)\fR" 198 /* Optional list of \fIname=value\fR pairs that specify default 199 /* values for arbitrary macros that Postfix may send to Milter 200 /* applications. 201 /* MIME PROCESSING CONTROLS 202 /* .ad 203 /* .fi 204 /* Available in Postfix version 2.0 and later: 205 /* .IP "\fBdisable_mime_input_processing (no)\fR" 206 /* Turn off MIME processing while receiving mail. 207 /* .IP "\fBmime_boundary_length_limit (2048)\fR" 208 /* The maximal length of MIME multipart boundary strings. 209 /* .IP "\fBmime_nesting_limit (100)\fR" 210 /* The maximal recursion level that the MIME processor will handle. 211 /* .IP "\fBstrict_8bitmime (no)\fR" 212 /* Enable both strict_7bit_headers and strict_8bitmime_body. 213 /* .IP "\fBstrict_7bit_headers (no)\fR" 214 /* Reject mail with 8-bit text in message headers. 215 /* .IP "\fBstrict_8bitmime_body (no)\fR" 216 /* Reject 8-bit message body text without 8-bit MIME content encoding 217 /* information. 218 /* .IP "\fBstrict_mime_encoding_domain (no)\fR" 219 /* Reject mail with invalid Content-Transfer-Encoding: information 220 /* for the message/* or multipart/* MIME content types. 221 /* .PP 222 /* Available in Postfix version 2.5 and later: 223 /* .IP "\fBdetect_8bit_encoding_header (yes)\fR" 224 /* Automatically detect 8BITMIME body content by looking at 225 /* Content-Transfer-Encoding: message headers; historically, this 226 /* behavior was hard-coded to be "always on". 227 /* AUTOMATIC BCC RECIPIENT CONTROLS 228 /* .ad 229 /* .fi 230 /* Postfix can automatically add BCC (blind carbon copy) 231 /* when mail enters the mail system: 232 /* .IP "\fBalways_bcc (empty)\fR" 233 /* Optional address that receives a "blind carbon copy" of each message 234 /* that is received by the Postfix mail system. 235 /* .PP 236 /* Available in Postfix version 2.1 and later: 237 /* .IP "\fBsender_bcc_maps (empty)\fR" 238 /* Optional BCC (blind carbon-copy) address lookup tables, indexed 239 /* by sender address. 240 /* .IP "\fBrecipient_bcc_maps (empty)\fR" 241 /* Optional BCC (blind carbon-copy) address lookup tables, indexed by 242 /* recipient address. 243 /* ADDRESS TRANSFORMATION CONTROLS 244 /* .ad 245 /* .fi 246 /* Address rewriting is delegated to the \fBtrivial-rewrite\fR(8) daemon. 247 /* The \fBcleanup\fR(8) server implements table driven address mapping. 248 /* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR" 249 /* The recipient of mail addressed to the null address. 250 /* .IP "\fBcanonical_maps (empty)\fR" 251 /* Optional address mapping lookup tables for message headers and 252 /* envelopes. 253 /* .IP "\fBrecipient_canonical_maps (empty)\fR" 254 /* Optional address mapping lookup tables for envelope and header 255 /* recipient addresses. 256 /* .IP "\fBsender_canonical_maps (empty)\fR" 257 /* Optional address mapping lookup tables for envelope and header 258 /* sender addresses. 259 /* .IP "\fBmasquerade_classes (envelope_sender, header_sender, header_recipient)\fR" 260 /* What addresses are subject to address masquerading. 261 /* .IP "\fBmasquerade_domains (empty)\fR" 262 /* Optional list of domains whose subdomain structure will be stripped 263 /* off in email addresses. 264 /* .IP "\fBmasquerade_exceptions (empty)\fR" 265 /* Optional list of user names that are not subjected to address 266 /* masquerading, even when their addresses match $masquerade_domains. 267 /* .IP "\fBpropagate_unmatched_extensions (canonical, virtual)\fR" 268 /* What address lookup tables copy an address extension from the lookup 269 /* key to the lookup result. 270 /* .PP 271 /* Available before Postfix version 2.0: 272 /* .IP "\fBvirtual_maps (empty)\fR" 273 /* Optional lookup tables with a) names of domains for which all 274 /* addresses are aliased to addresses in other local or remote domains, 275 /* and b) addresses that are aliased to addresses in other local or 276 /* remote domains. 277 /* .PP 278 /* Available in Postfix version 2.0 and later: 279 /* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR" 280 /* Optional lookup tables that alias specific mail addresses or domains 281 /* to other local or remote address. 282 /* .PP 283 /* Available in Postfix version 2.2 and later: 284 /* .IP "\fBcanonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)\fR" 285 /* What addresses are subject to canonical_maps address mapping. 286 /* .IP "\fBrecipient_canonical_classes (envelope_recipient, header_recipient)\fR" 287 /* What addresses are subject to recipient_canonical_maps address 288 /* mapping. 289 /* .IP "\fBsender_canonical_classes (envelope_sender, header_sender)\fR" 290 /* What addresses are subject to sender_canonical_maps address 291 /* mapping. 292 /* .IP "\fBremote_header_rewrite_domain (empty)\fR" 293 /* Don't rewrite message headers from remote clients at all when 294 /* this parameter is empty; otherwise, rewrite message headers and 295 /* append the specified domain name to incomplete addresses. 296 /* RESOURCE AND RATE CONTROLS 297 /* .ad 298 /* .fi 299 /* .IP "\fBduplicate_filter_limit (1000)\fR" 300 /* The maximal number of addresses remembered by the address 301 /* duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or 302 /* for \fBshowq\fR(8) queue displays. 303 /* .IP "\fBheader_size_limit (102400)\fR" 304 /* The maximal amount of memory in bytes for storing a message header. 305 /* .IP "\fBhopcount_limit (50)\fR" 306 /* The maximal number of Received: message headers that is allowed 307 /* in the primary message headers. 308 /* .IP "\fBin_flow_delay (1s)\fR" 309 /* Time to pause before accepting a new message, when the message 310 /* arrival rate exceeds the message delivery rate. 311 /* .IP "\fBmessage_size_limit (10240000)\fR" 312 /* The maximal size in bytes of a message, including envelope information. 313 /* .PP 314 /* Available in Postfix version 2.0 and later: 315 /* .IP "\fBheader_address_token_limit (10240)\fR" 316 /* The maximal number of address tokens are allowed in an address 317 /* message header. 318 /* .IP "\fBmime_boundary_length_limit (2048)\fR" 319 /* The maximal length of MIME multipart boundary strings. 320 /* .IP "\fBmime_nesting_limit (100)\fR" 321 /* The maximal recursion level that the MIME processor will handle. 322 /* .IP "\fBqueue_file_attribute_count_limit (100)\fR" 323 /* The maximal number of (name=value) attributes that may be stored 324 /* in a Postfix queue file. 325 /* .PP 326 /* Available in Postfix version 2.1 and later: 327 /* .IP "\fBvirtual_alias_expansion_limit (1000)\fR" 328 /* The maximal number of addresses that virtual alias expansion produces 329 /* from each original recipient. 330 /* .IP "\fBvirtual_alias_recursion_limit (1000)\fR" 331 /* The maximal nesting depth of virtual alias expansion. 332 /* .PP 333 /* Available in Postfix version 3.0 and later: 334 /* .IP "\fBvirtual_alias_address_length_limit (1000)\fR" 335 /* The maximal length of an email address after virtual alias expansion. 336 /* SMTPUTF8 CONTROLS 337 /* .ad 338 /* .fi 339 /* Preliminary SMTPUTF8 support is introduced with Postfix 3.0. 340 /* .IP "\fBsmtputf8_enable (yes)\fR" 341 /* Enable preliminary SMTPUTF8 support for the protocols described 342 /* in RFC 6531..6533. 343 /* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR" 344 /* Detect that a message requires SMTPUTF8 support for the specified 345 /* mail origin classes. 346 /* .PP 347 /* Available in Postfix version 3.2 and later: 348 /* .IP "\fBenable_idna2003_compatibility (no)\fR" 349 /* Enable 'transitional' compatibility between IDNA2003 and IDNA2008, 350 /* when converting UTF-8 domain names to/from the ASCII form that is 351 /* used for DNS lookups. 352 /* MISCELLANEOUS CONTROLS 353 /* .ad 354 /* .fi 355 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 356 /* The default location of the Postfix main.cf and master.cf 357 /* configuration files. 358 /* .IP "\fBdaemon_timeout (18000s)\fR" 359 /* How much time a Postfix daemon process may take to handle a 360 /* request before it is terminated by a built-in watchdog timer. 361 /* .IP "\fBdelay_logging_resolution_limit (2)\fR" 362 /* The maximal number of digits after the decimal point when logging 363 /* sub-second delay values. 364 /* .IP "\fBdelay_warning_time (0h)\fR" 365 /* The time after which the sender receives a copy of the message 366 /* headers of mail that is still queued. 367 /* .IP "\fBipc_timeout (3600s)\fR" 368 /* The time limit for sending or receiving information over an internal 369 /* communication channel. 370 /* .IP "\fBmax_idle (100s)\fR" 371 /* The maximum amount of time that an idle Postfix daemon process waits 372 /* for an incoming connection before terminating voluntarily. 373 /* .IP "\fBmax_use (100)\fR" 374 /* The maximal number of incoming connections that a Postfix daemon 375 /* process will service before terminating voluntarily. 376 /* .IP "\fBmyhostname (see 'postconf -d' output)\fR" 377 /* The internet hostname of this mail system. 378 /* .IP "\fBmyorigin ($myhostname)\fR" 379 /* The domain name that locally-posted mail appears to come 380 /* from, and that locally posted mail is delivered to. 381 /* .IP "\fBprocess_id (read-only)\fR" 382 /* The process ID of a Postfix command or daemon process. 383 /* .IP "\fBprocess_name (read-only)\fR" 384 /* The process name of a Postfix command or daemon process. 385 /* .IP "\fBqueue_directory (see 'postconf -d' output)\fR" 386 /* The location of the Postfix top-level queue directory. 387 /* .IP "\fBsoft_bounce (no)\fR" 388 /* Safety net to keep mail queued that would otherwise be returned to 389 /* the sender. 390 /* .IP "\fBsyslog_facility (mail)\fR" 391 /* The syslog facility of Postfix logging. 392 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 393 /* A prefix that is prepended to the process name in syslog 394 /* records, so that, for example, "smtpd" becomes "prefix/smtpd". 395 /* .PP 396 /* Available in Postfix version 2.1 and later: 397 /* .IP "\fBenable_original_recipient (yes)\fR" 398 /* Enable support for the original recipient address after an 399 /* address is rewritten to a different address (for example with 400 /* aliasing or with canonical mapping). 401 /* .PP 402 /* Available in Postfix 3.3 and later: 403 /* .IP "\fBservice_name (read-only)\fR" 404 /* The master.cf service name of a Postfix daemon process. 405 /* .PP 406 /* Available in Postfix 3.5 and later: 407 /* .IP "\fBinfo_log_address_format (external)\fR" 408 /* The email address form that will be used in non-debug logging 409 /* (info, warning, etc.). 410 /* FILES 411 /* /etc/postfix/canonical*, canonical mapping table 412 /* /etc/postfix/virtual*, virtual mapping table 413 /* SEE ALSO 414 /* trivial-rewrite(8), address rewriting 415 /* qmgr(8), queue manager 416 /* header_checks(5), message header content inspection 417 /* body_checks(5), body parts content inspection 418 /* canonical(5), canonical address lookup table format 419 /* virtual(5), virtual alias lookup table format 420 /* postconf(5), configuration parameters 421 /* master(5), generic daemon options 422 /* master(8), process manager 423 /* postlogd(8), Postfix logging 424 /* syslogd(8), system logging 425 /* README FILES 426 /* .ad 427 /* .fi 428 /* Use "\fBpostconf readme_directory\fR" or 429 /* "\fBpostconf html_directory\fR" to locate this information. 430 /* .na 431 /* .nf 432 /* ADDRESS_REWRITING_README Postfix address manipulation 433 /* CONTENT_INSPECTION_README content inspection 434 /* LICENSE 435 /* .ad 436 /* .fi 437 /* The Secure Mailer license must be distributed with this software. 438 /* AUTHOR(S) 439 /* Wietse Venema 440 /* IBM T.J. Watson Research 441 /* P.O. Box 704 442 /* Yorktown Heights, NY 10598, USA 443 /* 444 /* Wietse Venema 445 /* Google, Inc. 446 /* 111 8th Avenue 447 /* New York, NY 10011, USA 448 /*--*/ 449 450 /* System library. */ 451 452 #include <sys_defs.h> 453 #include <signal.h> 454 #include <unistd.h> 455 #include <stdlib.h> 456 457 /* Utility library. */ 458 459 #include <msg.h> 460 #include <vstring.h> 461 #include <dict.h> 462 463 /* Global library. */ 464 465 #include <mail_conf.h> 466 #include <cleanup_user.h> 467 #include <mail_proto.h> 468 #include <mail_params.h> 469 #include <record.h> 470 #include <rec_type.h> 471 #include <mail_version.h> 472 473 /* Single-threaded server skeleton. */ 474 475 #include <mail_server.h> 476 477 /* Application-specific. */ 478 479 #include "cleanup.h" 480 481 /* cleanup_service - process one request to inject a message into the queue */ 482 483 static void cleanup_service(VSTREAM *src, char *unused_service, char **argv) 484 { 485 VSTRING *buf = vstring_alloc(100); 486 CLEANUP_STATE *state; 487 int flags; 488 int type = 0; 489 int status; 490 491 /* 492 * Sanity check. This service takes no command-line arguments. 493 */ 494 if (argv[0]) 495 msg_fatal("unexpected command-line argument: %s", argv[0]); 496 497 /* 498 * Open a queue file and initialize state. 499 */ 500 state = cleanup_open(src); 501 502 /* 503 * Send the queue id to the client. Read client processing options. If we 504 * can't read the client processing options we can pretty much forget 505 * about the whole operation. 506 */ 507 attr_print(src, ATTR_FLAG_NONE, 508 SEND_ATTR_STR(MAIL_ATTR_QUEUEID, state->queue_id), 509 ATTR_TYPE_END); 510 if (attr_scan(src, ATTR_FLAG_STRICT, 511 RECV_ATTR_INT(MAIL_ATTR_FLAGS, &flags), 512 ATTR_TYPE_END) != 1) { 513 state->errs |= CLEANUP_STAT_BAD; 514 flags = 0; 515 } 516 cleanup_control(state, flags); 517 518 /* 519 * XXX Rely on the front-end programs to enforce record size limits. 520 * 521 * First, copy the envelope records to the queue file. Then, copy the 522 * message content (headers and body). Finally, attach any information 523 * extracted from message headers. 524 */ 525 while (CLEANUP_OUT_OK(state)) { 526 if ((type = rec_get_raw(src, buf, 0, REC_FLAG_NONE)) < 0) { 527 state->errs |= CLEANUP_STAT_BAD; 528 break; 529 } 530 if (REC_GET_HIDDEN_TYPE(type)) { 531 msg_warn("%s: record type %d not allowed - discarding this message", 532 state->queue_id, type); 533 state->errs |= CLEANUP_STAT_BAD; 534 break; 535 } 536 CLEANUP_RECORD(state, type, vstring_str(buf), VSTRING_LEN(buf)); 537 if (type == REC_TYPE_END) 538 break; 539 } 540 541 /* 542 * Keep reading in case of problems, until the sender is ready to receive 543 * our status report. 544 */ 545 if (CLEANUP_OUT_OK(state) == 0 && type > 0) { 546 while (type != REC_TYPE_END 547 && (type = rec_get_raw(src, buf, 0, REC_FLAG_NONE)) > 0) { 548 if (type == REC_TYPE_MILT_COUNT) { 549 int milter_count = atoi(vstring_str(buf)); 550 551 /* Avoid deadlock. */ 552 if (milter_count >= 0) 553 cleanup_milter_receive(state, milter_count); 554 } 555 } 556 } 557 558 /* 559 * Log something to make timeout errors easier to debug. 560 */ 561 if (vstream_ftimeout(src)) 562 msg_warn("%s: read timeout on %s", 563 state->queue_id, VSTREAM_PATH(src)); 564 565 /* 566 * Finish this message, and report the result status to the client. 567 */ 568 status = cleanup_flush(state); /* in case state is modified */ 569 attr_print(src, ATTR_FLAG_NONE, 570 SEND_ATTR_INT(MAIL_ATTR_STATUS, status), 571 SEND_ATTR_STR(MAIL_ATTR_WHY, 572 (state->flags & CLEANUP_FLAG_SMTP_REPLY) 573 && state->smtp_reply ? state->smtp_reply : 574 state->reason ? state->reason : ""), 575 ATTR_TYPE_END); 576 cleanup_free(state); 577 578 /* 579 * Cleanup. 580 */ 581 vstring_free(buf); 582 } 583 584 /* pre_accept - see if tables have changed */ 585 586 static void pre_accept(char *unused_name, char **unused_argv) 587 { 588 const char *table; 589 590 if ((table = dict_changed_name()) != 0) { 591 msg_info("table %s has changed -- restarting", table); 592 exit(0); 593 } 594 } 595 596 MAIL_VERSION_STAMP_DECLARE; 597 598 /* main - the main program */ 599 600 int main(int argc, char **argv) 601 { 602 603 /* 604 * Fingerprint executables and core dumps. 605 */ 606 MAIL_VERSION_STAMP_ALLOCATE; 607 608 /* 609 * Clean up an incomplete queue file in case of a fatal run-time error, 610 * or after receiving SIGTERM from the master at shutdown time. 611 */ 612 signal(SIGTERM, cleanup_sig); 613 msg_cleanup(cleanup_all); 614 615 /* 616 * Pass control to the single-threaded service skeleton. 617 */ 618 single_server_main(argc, argv, cleanup_service, 619 CA_MAIL_SERVER_INT_TABLE(cleanup_int_table), 620 CA_MAIL_SERVER_BOOL_TABLE(cleanup_bool_table), 621 CA_MAIL_SERVER_STR_TABLE(cleanup_str_table), 622 CA_MAIL_SERVER_TIME_TABLE(cleanup_time_table), 623 CA_MAIL_SERVER_PRE_INIT(cleanup_pre_jail), 624 CA_MAIL_SERVER_POST_INIT(cleanup_post_jail), 625 CA_MAIL_SERVER_PRE_ACCEPT(pre_accept), 626 CA_MAIL_SERVER_IN_FLOW_DELAY, 627 CA_MAIL_SERVER_UNLIMITED, 628 0); 629 } 630