1 /* $NetBSD: cleanup.c,v 1.6 2017/02/14 01:16:44 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* cleanup 8 6 /* SUMMARY 7 /* canonicalize and enqueue Postfix message 8 /* SYNOPSIS 9 /* \fBcleanup\fR [generic Postfix daemon options] 10 /* DESCRIPTION 11 /* The \fBcleanup\fR(8) daemon processes inbound mail, inserts it 12 /* into the \fBincoming\fR mail queue, and informs the queue 13 /* manager of its arrival. 14 /* 15 /* The \fBcleanup\fR(8) daemon always performs the following transformations: 16 /* .IP \(bu 17 /* Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR, 18 /* \fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR. 19 /* .IP \(bu 20 /* Transform envelope and header addresses to the standard 21 /* \fIuser@fully-qualified-domain\fR form that is expected by other 22 /* Postfix programs. 23 /* This task is delegated to the \fBtrivial-rewrite\fR(8) daemon. 24 /* .IP \(bu 25 /* Eliminate duplicate envelope recipient addresses. 26 /* .IP \(bu 27 /* Remove message headers: \fBBcc\fR, \fBContent-Length\fR, 28 /* \fBResent-Bcc\fR, \fBReturn-Path\fR. 29 /* .PP 30 /* The following address transformations are optional: 31 /* .IP \(bu 32 /* Optionally, rewrite all envelope and header addresses according 33 /* to the mappings specified in the \fBcanonical\fR(5) lookup tables. 34 /* .IP \(bu 35 /* Optionally, masquerade envelope sender addresses and message 36 /* header addresses (i.e. strip host or domain information below 37 /* all domains listed in the \fBmasquerade_domains\fR parameter, 38 /* except for user names listed in \fBmasquerade_exceptions\fR). 39 /* By default, address masquerading does not affect envelope recipients. 40 /* .IP \(bu 41 /* Optionally, expand envelope recipients according to information 42 /* found in the \fBvirtual\fR(5) lookup tables. 43 /* .PP 44 /* The \fBcleanup\fR(8) daemon performs sanity checks on the content of 45 /* each message. When it finds a problem, by default it returns a 46 /* diagnostic status to the client, and leaves it up to the client 47 /* to deal with the problem. Alternatively, the client can request 48 /* the \fBcleanup\fR(8) daemon to bounce the message back to the sender 49 /* in case of trouble. 50 /* STANDARDS 51 /* RFC 822 (ARPA Internet Text Messages) 52 /* RFC 2045 (MIME: Format of Internet Message Bodies) 53 /* RFC 2046 (MIME: Media Types) 54 /* RFC 2822 (Internet Message Format) 55 /* RFC 3463 (Enhanced Status Codes) 56 /* RFC 3464 (Delivery status notifications) 57 /* RFC 5322 (Internet Message Format) 58 /* DIAGNOSTICS 59 /* Problems and transactions are logged to \fBsyslogd\fR(8). 60 /* BUGS 61 /* Table-driven rewriting rules make it hard to express \fBif then 62 /* else\fR and other logical relationships. 63 /* CONFIGURATION PARAMETERS 64 /* .ad 65 /* .fi 66 /* Changes to \fBmain.cf\fR are picked up automatically, as 67 /* \fBcleanup\fR(8) 68 /* processes run for only a limited amount of time. Use the command 69 /* "\fBpostfix reload\fR" to speed up a change. 70 /* 71 /* The text below provides only a parameter summary. See 72 /* \fBpostconf\fR(5) for more details including examples. 73 /* COMPATIBILITY CONTROLS 74 /* .ad 75 /* .fi 76 /* .IP "\fBundisclosed_recipients_header (see 'postconf -d' output)\fR" 77 /* Message header that the Postfix \fBcleanup\fR(8) server inserts when a 78 /* message contains no To: or Cc: message header. 79 /* .PP 80 /* Available in Postfix version 2.1 only: 81 /* .IP "\fBenable_errors_to (no)\fR" 82 /* Report mail delivery errors to the address specified with the 83 /* non-standard Errors-To: message header, instead of the envelope 84 /* sender address (this feature is removed with Postfix version 2.2, is 85 /* turned off by default with Postfix version 2.1, and is always turned on 86 /* with older Postfix versions). 87 /* .PP 88 /* Available in Postfix version 2.6 and later: 89 /* .IP "\fBalways_add_missing_headers (no)\fR" 90 /* Always add (Resent-) From:, To:, Date: or Message-ID: headers 91 /* when not present. 92 /* .PP 93 /* Available in Postfix version 2.9 and later: 94 /* .IP "\fBenable_long_queue_ids (no)\fR" 95 /* Enable long, non-repeating, queue IDs (queue file names). 96 /* .PP 97 /* Available in Postfix version 3.0 and later: 98 /* .IP "\fBmessage_drop_headers (bcc, content-length, resent-bcc, return-path)\fR" 99 /* Names of message headers that the \fBcleanup\fR(8) daemon will remove 100 /* after applying \fBheader_checks\fR(5) and before invoking Milter applications. 101 /* BUILT-IN CONTENT FILTERING CONTROLS 102 /* .ad 103 /* .fi 104 /* Postfix built-in content filtering is meant to stop a flood of 105 /* worms or viruses. It is not a general content filter. 106 /* .IP "\fBbody_checks (empty)\fR" 107 /* Optional lookup tables for content inspection as specified in 108 /* the \fBbody_checks\fR(5) manual page. 109 /* .IP "\fBheader_checks (empty)\fR" 110 /* Optional lookup tables for content inspection of primary non-MIME 111 /* message headers, as specified in the \fBheader_checks\fR(5) manual page. 112 /* .PP 113 /* Available in Postfix version 2.0 and later: 114 /* .IP "\fBbody_checks_size_limit (51200)\fR" 115 /* How much text in a message body segment (or attachment, if you 116 /* prefer to use that term) is subjected to body_checks inspection. 117 /* .IP "\fBmime_header_checks ($header_checks)\fR" 118 /* Optional lookup tables for content inspection of MIME related 119 /* message headers, as described in the \fBheader_checks\fR(5) manual page. 120 /* .IP "\fBnested_header_checks ($header_checks)\fR" 121 /* Optional lookup tables for content inspection of non-MIME message 122 /* headers in attached messages, as described in the \fBheader_checks\fR(5) 123 /* manual page. 124 /* .PP 125 /* Available in Postfix version 2.3 and later: 126 /* .IP "\fBmessage_reject_characters (empty)\fR" 127 /* The set of characters that Postfix will reject in message 128 /* content. 129 /* .IP "\fBmessage_strip_characters (empty)\fR" 130 /* The set of characters that Postfix will remove from message 131 /* content. 132 /* BEFORE QUEUE MILTER CONTROLS 133 /* .ad 134 /* .fi 135 /* As of version 2.3, Postfix supports the Sendmail version 8 136 /* Milter (mail filter) protocol. When mail is not received via 137 /* the smtpd(8) server, the cleanup(8) server will simulate 138 /* SMTP events to the extent that this is possible. For details 139 /* see the MILTER_README document. 140 /* .IP "\fBnon_smtpd_milters (empty)\fR" 141 /* A list of Milter (mail filter) applications for new mail that 142 /* does not arrive via the Postfix \fBsmtpd\fR(8) server. 143 /* .IP "\fBmilter_protocol (6)\fR" 144 /* The mail filter protocol version and optional protocol extensions 145 /* for communication with a Milter application; prior to Postfix 2.6 146 /* the default protocol is 2. 147 /* .IP "\fBmilter_default_action (tempfail)\fR" 148 /* The default action when a Milter (mail filter) application is 149 /* unavailable or mis-configured. 150 /* .IP "\fBmilter_macro_daemon_name ($myhostname)\fR" 151 /* The {daemon_name} macro value for Milter (mail filter) applications. 152 /* .IP "\fBmilter_macro_v ($mail_name $mail_version)\fR" 153 /* The {v} macro value for Milter (mail filter) applications. 154 /* .IP "\fBmilter_connect_timeout (30s)\fR" 155 /* The time limit for connecting to a Milter (mail filter) 156 /* application, and for negotiating protocol options. 157 /* .IP "\fBmilter_command_timeout (30s)\fR" 158 /* The time limit for sending an SMTP command to a Milter (mail 159 /* filter) application, and for receiving the response. 160 /* .IP "\fBmilter_content_timeout (300s)\fR" 161 /* The time limit for sending message content to a Milter (mail 162 /* filter) application, and for receiving the response. 163 /* .IP "\fBmilter_connect_macros (see 'postconf -d' output)\fR" 164 /* The macros that are sent to Milter (mail filter) applications 165 /* after completion of an SMTP connection. 166 /* .IP "\fBmilter_helo_macros (see 'postconf -d' output)\fR" 167 /* The macros that are sent to Milter (mail filter) applications 168 /* after the SMTP HELO or EHLO command. 169 /* .IP "\fBmilter_mail_macros (see 'postconf -d' output)\fR" 170 /* The macros that are sent to Milter (mail filter) applications 171 /* after the SMTP MAIL FROM command. 172 /* .IP "\fBmilter_rcpt_macros (see 'postconf -d' output)\fR" 173 /* The macros that are sent to Milter (mail filter) applications 174 /* after the SMTP RCPT TO command. 175 /* .IP "\fBmilter_data_macros (see 'postconf -d' output)\fR" 176 /* The macros that are sent to version 4 or higher Milter (mail 177 /* filter) applications after the SMTP DATA command. 178 /* .IP "\fBmilter_unknown_command_macros (see 'postconf -d' output)\fR" 179 /* The macros that are sent to version 3 or higher Milter (mail 180 /* filter) applications after an unknown SMTP command. 181 /* .IP "\fBmilter_end_of_data_macros (see 'postconf -d' output)\fR" 182 /* The macros that are sent to Milter (mail filter) applications 183 /* after the message end-of-data. 184 /* .PP 185 /* Available in Postfix version 2.5 and later: 186 /* .IP "\fBmilter_end_of_header_macros (see 'postconf -d' output)\fR" 187 /* The macros that are sent to Milter (mail filter) applications 188 /* after the end of the message header. 189 /* .PP 190 /* Available in Postfix version 2.7 and later: 191 /* .IP "\fBmilter_header_checks (empty)\fR" 192 /* Optional lookup tables for content inspection of message headers 193 /* that are produced by Milter applications. 194 /* .PP 195 /* Available in Postfix version 3.1 and later: 196 /* .IP "\fBmilter_macro_defaults (empty)\fR" 197 /* Optional list of \fIname=value\fR pairs that specify default 198 /* values for arbitrary macros that Postfix may send to Milter 199 /* applications. 200 /* MIME PROCESSING CONTROLS 201 /* .ad 202 /* .fi 203 /* Available in Postfix version 2.0 and later: 204 /* .IP "\fBdisable_mime_input_processing (no)\fR" 205 /* Turn off MIME processing while receiving mail. 206 /* .IP "\fBmime_boundary_length_limit (2048)\fR" 207 /* The maximal length of MIME multipart boundary strings. 208 /* .IP "\fBmime_nesting_limit (100)\fR" 209 /* The maximal recursion level that the MIME processor will handle. 210 /* .IP "\fBstrict_8bitmime (no)\fR" 211 /* Enable both strict_7bit_headers and strict_8bitmime_body. 212 /* .IP "\fBstrict_7bit_headers (no)\fR" 213 /* Reject mail with 8-bit text in message headers. 214 /* .IP "\fBstrict_8bitmime_body (no)\fR" 215 /* Reject 8-bit message body text without 8-bit MIME content encoding 216 /* information. 217 /* .IP "\fBstrict_mime_encoding_domain (no)\fR" 218 /* Reject mail with invalid Content-Transfer-Encoding: information 219 /* for the message/* or multipart/* MIME content types. 220 /* .PP 221 /* Available in Postfix version 2.5 and later: 222 /* .IP "\fBdetect_8bit_encoding_header (yes)\fR" 223 /* Automatically detect 8BITMIME body content by looking at 224 /* Content-Transfer-Encoding: message headers; historically, this 225 /* behavior was hard-coded to be "always on". 226 /* AUTOMATIC BCC RECIPIENT CONTROLS 227 /* .ad 228 /* .fi 229 /* Postfix can automatically add BCC (blind carbon copy) 230 /* when mail enters the mail system: 231 /* .IP "\fBalways_bcc (empty)\fR" 232 /* Optional address that receives a "blind carbon copy" of each message 233 /* that is received by the Postfix mail system. 234 /* .PP 235 /* Available in Postfix version 2.1 and later: 236 /* .IP "\fBsender_bcc_maps (empty)\fR" 237 /* Optional BCC (blind carbon-copy) address lookup tables, indexed 238 /* by sender address. 239 /* .IP "\fBrecipient_bcc_maps (empty)\fR" 240 /* Optional BCC (blind carbon-copy) address lookup tables, indexed by 241 /* recipient address. 242 /* ADDRESS TRANSFORMATION CONTROLS 243 /* .ad 244 /* .fi 245 /* Address rewriting is delegated to the \fBtrivial-rewrite\fR(8) daemon. 246 /* The \fBcleanup\fR(8) server implements table driven address mapping. 247 /* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR" 248 /* The recipient of mail addressed to the null address. 249 /* .IP "\fBcanonical_maps (empty)\fR" 250 /* Optional address mapping lookup tables for message headers and 251 /* envelopes. 252 /* .IP "\fBrecipient_canonical_maps (empty)\fR" 253 /* Optional address mapping lookup tables for envelope and header 254 /* recipient addresses. 255 /* .IP "\fBsender_canonical_maps (empty)\fR" 256 /* Optional address mapping lookup tables for envelope and header 257 /* sender addresses. 258 /* .IP "\fBmasquerade_classes (envelope_sender, header_sender, header_recipient)\fR" 259 /* What addresses are subject to address masquerading. 260 /* .IP "\fBmasquerade_domains (empty)\fR" 261 /* Optional list of domains whose subdomain structure will be stripped 262 /* off in email addresses. 263 /* .IP "\fBmasquerade_exceptions (empty)\fR" 264 /* Optional list of user names that are not subjected to address 265 /* masquerading, even when their address matches $masquerade_domains. 266 /* .IP "\fBpropagate_unmatched_extensions (canonical, virtual)\fR" 267 /* What address lookup tables copy an address extension from the lookup 268 /* key to the lookup result. 269 /* .PP 270 /* Available before Postfix version 2.0: 271 /* .IP "\fBvirtual_maps (empty)\fR" 272 /* Optional lookup tables with a) names of domains for which all 273 /* addresses are aliased to addresses in other local or remote domains, 274 /* and b) addresses that are aliased to addresses in other local or 275 /* remote domains. 276 /* .PP 277 /* Available in Postfix version 2.0 and later: 278 /* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR" 279 /* Optional lookup tables that alias specific mail addresses or domains 280 /* to other local or remote address. 281 /* .PP 282 /* Available in Postfix version 2.2 and later: 283 /* .IP "\fBcanonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)\fR" 284 /* What addresses are subject to canonical_maps address mapping. 285 /* .IP "\fBrecipient_canonical_classes (envelope_recipient, header_recipient)\fR" 286 /* What addresses are subject to recipient_canonical_maps address 287 /* mapping. 288 /* .IP "\fBsender_canonical_classes (envelope_sender, header_sender)\fR" 289 /* What addresses are subject to sender_canonical_maps address 290 /* mapping. 291 /* .IP "\fBremote_header_rewrite_domain (empty)\fR" 292 /* Don't rewrite message headers from remote clients at all when 293 /* this parameter is empty; otherwise, rewrite message headers and 294 /* append the specified domain name to incomplete addresses. 295 /* RESOURCE AND RATE CONTROLS 296 /* .ad 297 /* .fi 298 /* .IP "\fBduplicate_filter_limit (1000)\fR" 299 /* The maximal number of addresses remembered by the address 300 /* duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or 301 /* for \fBshowq\fR(8) queue displays. 302 /* .IP "\fBheader_size_limit (102400)\fR" 303 /* The maximal amount of memory in bytes for storing a message header. 304 /* .IP "\fBhopcount_limit (50)\fR" 305 /* The maximal number of Received: message headers that is allowed 306 /* in the primary message headers. 307 /* .IP "\fBin_flow_delay (1s)\fR" 308 /* Time to pause before accepting a new message, when the message 309 /* arrival rate exceeds the message delivery rate. 310 /* .IP "\fBmessage_size_limit (10240000)\fR" 311 /* The maximal size in bytes of a message, including envelope information. 312 /* .PP 313 /* Available in Postfix version 2.0 and later: 314 /* .IP "\fBheader_address_token_limit (10240)\fR" 315 /* The maximal number of address tokens are allowed in an address 316 /* message header. 317 /* .IP "\fBmime_boundary_length_limit (2048)\fR" 318 /* The maximal length of MIME multipart boundary strings. 319 /* .IP "\fBmime_nesting_limit (100)\fR" 320 /* The maximal recursion level that the MIME processor will handle. 321 /* .IP "\fBqueue_file_attribute_count_limit (100)\fR" 322 /* The maximal number of (name=value) attributes that may be stored 323 /* in a Postfix queue file. 324 /* .PP 325 /* Available in Postfix version 2.1 and later: 326 /* .IP "\fBvirtual_alias_expansion_limit (1000)\fR" 327 /* The maximal number of addresses that virtual alias expansion produces 328 /* from each original recipient. 329 /* .IP "\fBvirtual_alias_recursion_limit (1000)\fR" 330 /* The maximal nesting depth of virtual alias expansion. 331 /* .PP 332 /* Available in Postfix version 3.0 and later: 333 /* .IP "\fBvirtual_alias_address_length_limit (1000)\fR" 334 /* The maximal length of an email address after virtual alias expansion. 335 /* SMTPUTF8 CONTROLS 336 /* .ad 337 /* .fi 338 /* Preliminary SMTPUTF8 support is introduced with Postfix 3.0. 339 /* .IP "\fBsmtputf8_enable (yes)\fR" 340 /* Enable preliminary SMTPUTF8 support for the protocols described 341 /* in RFC 6531..6533. 342 /* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR" 343 /* Detect that a message requires SMTPUTF8 support for the specified 344 /* mail origin classes. 345 /* MISCELLANEOUS CONTROLS 346 /* .ad 347 /* .fi 348 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 349 /* The default location of the Postfix main.cf and master.cf 350 /* configuration files. 351 /* .IP "\fBdaemon_timeout (18000s)\fR" 352 /* How much time a Postfix daemon process may take to handle a 353 /* request before it is terminated by a built-in watchdog timer. 354 /* .IP "\fBdelay_logging_resolution_limit (2)\fR" 355 /* The maximal number of digits after the decimal point when logging 356 /* sub-second delay values. 357 /* .IP "\fBdelay_warning_time (0h)\fR" 358 /* The time after which the sender receives a copy of the message 359 /* headers of mail that is still queued. 360 /* .IP "\fBipc_timeout (3600s)\fR" 361 /* The time limit for sending or receiving information over an internal 362 /* communication channel. 363 /* .IP "\fBmax_idle (100s)\fR" 364 /* The maximum amount of time that an idle Postfix daemon process waits 365 /* for an incoming connection before terminating voluntarily. 366 /* .IP "\fBmax_use (100)\fR" 367 /* The maximal number of incoming connections that a Postfix daemon 368 /* process will service before terminating voluntarily. 369 /* .IP "\fBmyhostname (see 'postconf -d' output)\fR" 370 /* The internet hostname of this mail system. 371 /* .IP "\fBmyorigin ($myhostname)\fR" 372 /* The domain name that locally-posted mail appears to come 373 /* from, and that locally posted mail is delivered to. 374 /* .IP "\fBprocess_id (read-only)\fR" 375 /* The process ID of a Postfix command or daemon process. 376 /* .IP "\fBprocess_name (read-only)\fR" 377 /* The process name of a Postfix command or daemon process. 378 /* .IP "\fBqueue_directory (see 'postconf -d' output)\fR" 379 /* The location of the Postfix top-level queue directory. 380 /* .IP "\fBsoft_bounce (no)\fR" 381 /* Safety net to keep mail queued that would otherwise be returned to 382 /* the sender. 383 /* .IP "\fBsyslog_facility (mail)\fR" 384 /* The syslog facility of Postfix logging. 385 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 386 /* The mail system name that is prepended to the process name in syslog 387 /* records, so that "smtpd" becomes, for example, "postfix/smtpd". 388 /* .PP 389 /* Available in Postfix version 2.1 and later: 390 /* .IP "\fBenable_original_recipient (yes)\fR" 391 /* Enable support for the X-Original-To message header. 392 /* FILES 393 /* /etc/postfix/canonical*, canonical mapping table 394 /* /etc/postfix/virtual*, virtual mapping table 395 /* SEE ALSO 396 /* trivial-rewrite(8), address rewriting 397 /* qmgr(8), queue manager 398 /* header_checks(5), message header content inspection 399 /* body_checks(5), body parts content inspection 400 /* canonical(5), canonical address lookup table format 401 /* virtual(5), virtual alias lookup table format 402 /* postconf(5), configuration parameters 403 /* master(5), generic daemon options 404 /* master(8), process manager 405 /* syslogd(8), system logging 406 /* README FILES 407 /* .ad 408 /* .fi 409 /* Use "\fBpostconf readme_directory\fR" or 410 /* "\fBpostconf html_directory\fR" to locate this information. 411 /* .na 412 /* .nf 413 /* ADDRESS_REWRITING_README Postfix address manipulation 414 /* CONTENT_INSPECTION_README content inspection 415 /* LICENSE 416 /* .ad 417 /* .fi 418 /* The Secure Mailer license must be distributed with this software. 419 /* AUTHOR(S) 420 /* Wietse Venema 421 /* IBM T.J. Watson Research 422 /* P.O. Box 704 423 /* Yorktown Heights, NY 10598, USA 424 /* 425 /* Wietse Venema 426 /* Google, Inc. 427 /* 111 8th Avenue 428 /* New York, NY 10011, USA 429 /*--*/ 430 431 /* System library. */ 432 433 #include <sys_defs.h> 434 #include <signal.h> 435 #include <unistd.h> 436 #include <stdlib.h> 437 438 /* Utility library. */ 439 440 #include <msg.h> 441 #include <vstring.h> 442 #include <dict.h> 443 444 /* Global library. */ 445 446 #include <mail_conf.h> 447 #include <cleanup_user.h> 448 #include <mail_proto.h> 449 #include <mail_params.h> 450 #include <record.h> 451 #include <rec_type.h> 452 #include <mail_version.h> 453 454 /* Single-threaded server skeleton. */ 455 456 #include <mail_server.h> 457 458 /* Application-specific. */ 459 460 #include "cleanup.h" 461 462 /* cleanup_service - process one request to inject a message into the queue */ 463 464 static void cleanup_service(VSTREAM *src, char *unused_service, char **argv) 465 { 466 VSTRING *buf = vstring_alloc(100); 467 CLEANUP_STATE *state; 468 int flags; 469 int type = 0; 470 int status; 471 472 /* 473 * Sanity check. This service takes no command-line arguments. 474 */ 475 if (argv[0]) 476 msg_fatal("unexpected command-line argument: %s", argv[0]); 477 478 /* 479 * Open a queue file and initialize state. 480 */ 481 state = cleanup_open(src); 482 483 /* 484 * Send the queue id to the client. Read client processing options. If we 485 * can't read the client processing options we can pretty much forget 486 * about the whole operation. 487 */ 488 attr_print(src, ATTR_FLAG_NONE, 489 SEND_ATTR_STR(MAIL_ATTR_QUEUEID, state->queue_id), 490 ATTR_TYPE_END); 491 if (attr_scan(src, ATTR_FLAG_STRICT, 492 RECV_ATTR_INT(MAIL_ATTR_FLAGS, &flags), 493 ATTR_TYPE_END) != 1) { 494 state->errs |= CLEANUP_STAT_BAD; 495 flags = 0; 496 } 497 cleanup_control(state, flags); 498 499 /* 500 * XXX Rely on the front-end programs to enforce record size limits. 501 * 502 * First, copy the envelope records to the queue file. Then, copy the 503 * message content (headers and body). Finally, attach any information 504 * extracted from message headers. 505 */ 506 while (CLEANUP_OUT_OK(state)) { 507 if ((type = rec_get_raw(src, buf, 0, REC_FLAG_NONE)) < 0) { 508 state->errs |= CLEANUP_STAT_BAD; 509 break; 510 } 511 if (REC_GET_HIDDEN_TYPE(type)) { 512 msg_warn("%s: record type %d not allowed - discarding this message", 513 state->queue_id, type); 514 state->errs |= CLEANUP_STAT_BAD; 515 break; 516 } 517 CLEANUP_RECORD(state, type, vstring_str(buf), VSTRING_LEN(buf)); 518 if (type == REC_TYPE_END) 519 break; 520 } 521 522 /* 523 * Keep reading in case of problems, until the sender is ready to receive 524 * our status report. 525 */ 526 if (CLEANUP_OUT_OK(state) == 0 && type > 0) { 527 while (type != REC_TYPE_END 528 && (type = rec_get_raw(src, buf, 0, REC_FLAG_NONE)) > 0) { 529 if (type == REC_TYPE_MILT_COUNT) { 530 int milter_count = atoi(vstring_str(buf)); 531 532 /* Avoid deadlock. */ 533 if (milter_count >= 0) 534 cleanup_milter_receive(state, milter_count); 535 } 536 } 537 } 538 539 /* 540 * Log something to make timeout errors easier to debug. 541 */ 542 if (vstream_ftimeout(src)) 543 msg_warn("%s: read timeout on %s", 544 state->queue_id, VSTREAM_PATH(src)); 545 546 /* 547 * Finish this message, and report the result status to the client. 548 */ 549 status = cleanup_flush(state); /* in case state is modified */ 550 attr_print(src, ATTR_FLAG_NONE, 551 SEND_ATTR_INT(MAIL_ATTR_STATUS, status), 552 SEND_ATTR_STR(MAIL_ATTR_WHY, 553 (state->flags & CLEANUP_FLAG_SMTP_REPLY) 554 && state->smtp_reply ? state->smtp_reply : 555 state->reason ? state->reason : ""), 556 ATTR_TYPE_END); 557 cleanup_free(state); 558 559 /* 560 * Cleanup. 561 */ 562 vstring_free(buf); 563 } 564 565 /* pre_accept - see if tables have changed */ 566 567 static void pre_accept(char *unused_name, char **unused_argv) 568 { 569 const char *table; 570 571 if ((table = dict_changed_name()) != 0) { 572 msg_info("table %s has changed -- restarting", table); 573 exit(0); 574 } 575 } 576 577 MAIL_VERSION_STAMP_DECLARE; 578 579 /* main - the main program */ 580 581 int main(int argc, char **argv) 582 { 583 584 /* 585 * Fingerprint executables and core dumps. 586 */ 587 MAIL_VERSION_STAMP_ALLOCATE; 588 589 /* 590 * Clean up an incomplete queue file in case of a fatal run-time error, 591 * or after receiving SIGTERM from the master at shutdown time. 592 */ 593 signal(SIGTERM, cleanup_sig); 594 msg_cleanup(cleanup_all); 595 596 /* 597 * Pass control to the single-threaded service skeleton. 598 */ 599 single_server_main(argc, argv, cleanup_service, 600 CA_MAIL_SERVER_INT_TABLE(cleanup_int_table), 601 CA_MAIL_SERVER_BOOL_TABLE(cleanup_bool_table), 602 CA_MAIL_SERVER_STR_TABLE(cleanup_str_table), 603 CA_MAIL_SERVER_TIME_TABLE(cleanup_time_table), 604 CA_MAIL_SERVER_PRE_INIT(cleanup_pre_jail), 605 CA_MAIL_SERVER_POST_INIT(cleanup_post_jail), 606 CA_MAIL_SERVER_PRE_ACCEPT(pre_accept), 607 CA_MAIL_SERVER_IN_FLOW_DELAY, 608 CA_MAIL_SERVER_UNLIMITED, 609 0); 610 } 611