2 * Copyright (c) 1998-2003, 2006 Proofpoint, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: envelope.c,v 8.313 2013-11-22 20:51:55 ca Exp $")
19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope
22 ** e -- the envelope to clear.
33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), "");
34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), "");
35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), "");
36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), "");
39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), "");
40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), "");
41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), "");
42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), "");
43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), "");
44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), "");
45 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), "");
46 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), "");
47 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), "");
52 ** NEWENVELOPE -- fill in a new envelope
54 ** Supports inheritance.
57 ** e -- the new envelope to fill in.
58 ** parent -- the envelope to be the parent of e.
59 ** rpool -- either NULL, or a pointer to a resource pool
60 ** from which envelope memory is allocated, and
61 ** to which envelope resources are attached.
71 newenvelope(e, parent, rpool)
73 register ENVELOPE *parent;
79 ** This code used to read:
80 ** if (e == parent && e->e_parent != NULL)
81 ** parent = e->e_parent;
82 ** So if e == parent && e->e_parent == NULL then we would
83 ** set e->e_parent = e, which creates a loop in the e_parent chain.
84 ** This meant macvalue() could go into an infinite loop.
88 sendmode = parent->e_sendmode;
94 clearenvelope(e, true, rpool);
96 memmove((char *) &e->e_from,
97 (char *) &NullAddress,
100 memmove((char *) &e->e_from,
101 (char *) &CurEnv->e_from,
103 e->e_parent = parent;
105 e->e_ctime = curtime();
107 e->e_sessid = e->e_id;
111 e->e_msgpriority = parent->e_msgsize;
113 if (parent->e_sessid != NULL)
114 e->e_sessid = sm_rpool_strdup_x(rpool,
118 if (parent->e_quarmsg == NULL)
121 macdefine(&e->e_macro, A_PERM,
122 macid("{quarantine}"), "");
126 e->e_quarmsg = sm_rpool_strdup_x(rpool,
128 macdefine(&e->e_macro, A_PERM,
129 macid("{quarantine}"), e->e_quarmsg);
132 e->e_puthdr = putheader;
133 e->e_putbody = putbody;
134 if (CurEnv->e_xfp != NULL)
135 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT);
136 if (sendmode != DM_NOTSET)
137 set_delivery_mode(sendmode, e);
142 /* values for msg_timeout, see also IS_* below for usage (bit layout) */
143 #define MSG_T_O 0x01 /* normal timeout */
144 #define MSG_T_O_NOW 0x02 /* NOW timeout */
145 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */
146 #define MSG_WARN 0x10 /* normal queue warning */
147 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */
149 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */
151 /* immediate return */
152 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0)
153 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */
156 ** DROPENVELOPE -- deallocate an envelope.
159 ** e -- the envelope to deallocate.
160 ** fulldrop -- if set, do return receipts.
161 ** split -- if true, split by recipient if message is queued up
164 ** EX_* status (currently: 0: success, EX_IOERR on panic)
167 ** housekeeping necessary to dispose of an envelope.
168 ** Unlocks this queue file.
172 dropenvelope(e, fulldrop, split)
173 register ENVELOPE *e;
178 bool queueit = false;
180 bool failure_return = false;
181 bool delay_return = false;
182 bool success_return = false;
183 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags);
192 sm_dprintf("dropenvelope %p: id=", (void *)e);
193 xputs(sm_debug_file(), e->e_id);
194 sm_dprintf(", flags=");
198 sm_dprintf("sendq=");
199 printaddr(sm_debug_file(), e->e_sendqueue, true);
204 sm_syslog(LOG_DEBUG, id,
205 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d",
206 e->e_flags, OpMode, (int) CurrentPid);
208 /* we must have an id to remove disk files */
212 /* if verify-only mode, we can skip most of this */
213 if (OpMode == MD_VERIFY)
217 sm_dprintf("dropenvelope: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n",
218 e->e_id, bitset(EF_LOGSENDER, e->e_flags), LogLevel);
219 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags))
221 e->e_flags &= ~EF_LOGSENDER;
223 /* post statistics */
227 ** Extract state information from dregs of send list.
231 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass])
232 msg_timeout = MSG_T_O;
233 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 &&
234 now >= e->e_ctime + e->e_deliver_by &&
235 !bitset(EF_RESPONSE, e->e_flags))
237 msg_timeout = MSG_NOT_BY;
238 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
240 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW &&
241 !bitset(EF_RESPONSE, e->e_flags))
243 msg_timeout = MSG_T_O_NOW;
244 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
251 sm_dprintf("dropenvelope: mode=%c, e=%p, sibling=%p, nrcpts=%d, sendqueue=%p, next=%p, state=%d\n",
252 e->e_sendmode, e, e->e_sibling, e->e_nrcpts, q,
253 (q == NULL) ? (void *)0 : q->q_next,
254 (q == NULL) ? -1 : q->q_state);
256 #endif /* _FFR_PROXY */
258 e->e_flags &= ~EF_QUEUERUN;
259 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
261 if (QS_IS_UNDELIVERED(q->q_state))
265 if (queueit && e->e_sendmode == SM_PROXY)
269 /* see if a notification is needed */
270 if (bitset(QPINGONFAILURE, q->q_flags) &&
271 ((IS_MSG_ERR(msg_timeout) &&
272 QS_IS_UNDELIVERED(q->q_state)) ||
273 QS_IS_BADADDR(q->q_state) ||
274 IS_IMM_RET(msg_timeout)))
276 failure_return = true;
277 if (!done && q->q_owner == NULL &&
278 !emptyaddr(&e->e_from))
280 (void) sendtolist(e->e_from.q_paddr, NULLADDR,
281 &e->e_errorqueue, 0, e);
285 else if ((bitset(QPINGONSUCCESS, q->q_flags) &&
286 ((QS_IS_SENT(q->q_state) &&
287 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) ||
288 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) ||
289 bitset(QBYTRACE, q->q_flags) ||
290 bitset(QBYNRELAY, q->q_flags))
292 success_return = true;
297 e->e_flags |= EF_NO_BODY_RETN;
300 ** See if the message timed out.
305 /* nothing to do */ ;
306 else if (IS_MSG_ERR(msg_timeout))
310 if (msg_timeout == MSG_NOT_BY)
312 (void) sm_snprintf(buf, sizeof(buf),
313 "delivery time expired %lds",
318 (void) sm_snprintf(buf, sizeof(buf),
319 "Cannot send message for %s",
320 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
324 /* don't free, allocated from e_rpool */
325 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
327 e->e_flags |= EF_CLRQUEUE;
329 if (msg_timeout == MSG_NOT_BY)
331 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
332 "Delivery time (%lds) expired\n",
336 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
337 "Message could not be delivered for %s\n",
338 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
340 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
341 "Message will be deleted from queue\n");
342 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
344 if (QS_IS_UNDELIVERED(q->q_state))
346 q->q_state = QS_BADADDR;
347 if (msg_timeout == MSG_NOT_BY)
348 q->q_status = "5.4.7";
350 q->q_status = "4.4.7";
356 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 &&
358 TimeOuts.to_q_warning[e->e_timeoutclass])
359 msg_timeout = MSG_WARN;
360 else if (IS_DLVR_NOTIFY(e) &&
361 e->e_deliver_by > 0 &&
362 now >= e->e_ctime + e->e_deliver_by)
363 msg_timeout = MSG_WARN_BY;
365 if (IS_MSG_WARN(msg_timeout))
367 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) &&
369 e->e_from.q_paddr != NULL &&
370 strcmp(e->e_from.q_paddr, "<>") != 0 &&
371 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 &&
372 (strlen(e->e_from.q_paddr) <= 8 ||
373 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8],
376 for (q = e->e_sendqueue; q != NULL;
379 if (QS_IS_UNDELIVERED(q->q_state)
380 #if _FFR_NODELAYDSN_ON_HOLD
382 q->q_mailer->m_flags)
388 (bitset(QPINGONDELAY,
394 q->q_flags |= QBYNDELAY;
397 if (bitset(QPINGONDELAY,
400 q->q_flags |= QDELAYED;
408 if (msg_timeout == MSG_WARN_BY)
410 (void) sm_snprintf(buf, sizeof(buf),
411 "Warning: Delivery time (%lds) exceeded",
415 (void) sm_snprintf(buf, sizeof(buf),
416 "Warning: could not send message for past %s",
417 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
420 /* don't free, allocated from e_rpool */
421 e->e_message = sm_rpool_strdup_x(e->e_rpool,
424 e->e_flags |= EF_WARNING;
426 if (msg_timeout == MSG_WARN_BY)
428 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
429 "Warning: Delivery time (%lds) exceeded\n",
433 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
434 "Warning: message still undelivered after %s\n",
435 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
437 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
438 "Will keep trying until message is %s old\n",
439 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
445 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n",
446 failure_return, delay_return, success_return, queueit);
449 ** If we had some fatal error, but no addresses are marked as bad,
450 ** mark all OK/VERIFIED addresses as bad (if QPINGONFAILURE).
453 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return)
455 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
457 if ((QS_IS_OK(q->q_state) ||
458 QS_IS_VERIFIED(q->q_state))
459 && bitset(QPINGONFAILURE, q->q_flags)
462 ** do not mark an address as bad if
463 ** - the address itself is stored in the queue
464 ** - the DeliveryMode requires queueing
465 ** - the envelope is queued
468 && !(bitset(QQUEUED, q->q_flags)
469 && WILL_BE_QUEUED(e->e_sendmode)
470 && bitset(EF_INQUEUE, e->e_flags)
474 failure_return = true;
475 q->q_state = QS_BADADDR;
481 ** Send back return receipts as requested.
484 if (success_return && !failure_return && !delay_return && fulldrop &&
485 !bitset(PRIV_NORECEIPTS, PrivacyFlags) &&
486 strcmp(e->e_from.q_paddr, "<>") != 0)
488 auto ADDRESS *rlist = NULL;
491 sm_dprintf("dropenvelope(%s): sending return receipt\n",
493 e->e_flags |= EF_SENDRECEIPT;
494 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e);
495 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e);
497 e->e_flags &= ~EF_SENDRECEIPT;
500 ** Arrange to send error messages if there are fatal errors.
503 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET)
506 sm_dprintf("dropenvelope(%s): saving mail\n", id);
507 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags));
511 ** Arrange to send warning messages to postmaster as requested.
514 if ((failure_return || pmnotify) &&
515 PostMasterCopy != NULL &&
516 !bitset(EF_RESPONSE, e->e_flags) &&
519 auto ADDRESS *rlist = NULL;
524 expand(PostMasterCopy, pcopy, sizeof(pcopy), e);
527 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n",
529 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e);
532 (void) sendtolist("postmaster", NULLADDR,
534 (void) returntosender(e->e_message, rlist,
535 RTSF_PM_BOUNCE|RTSF_NO_BODY, e);
539 ** Instantiate or deinstantiate the queue.
544 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n",
546 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags))
550 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=",
556 if (e->e_dfp != NULL)
558 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
561 (void) xunlink(queuename(e, DATAFL_LETTER));
563 if (panic && QueueMode == QM_LOST)
566 ** leave the Qf file behind as
567 ** the delivery attempt failed.
573 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0)
575 /* add to available space in filesystem */
576 updfs(e, -1, panic ? 0 : -1, "dropenvelope");
579 if (e->e_ntries > 0 && LogLevel > 9)
580 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d",
581 pintvl(curtime() - e->e_ctime, true),
584 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
587 queueup(e, false, true);
594 ** Save old sibling and set it to NULL to avoid
595 ** queueing up the same envelopes again.
596 ** This requires that envelopes in that list have
597 ** been take care of before (or at some other place).
600 oldsib = e->e_sibling;
602 if (!split_by_recipient(e) &&
603 bitset(EF_FATALERRS, e->e_flags))
605 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%ld",
606 e->e_id, queuename(e, DATAFL_LETTER),
609 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
610 queueup(ee, false, true);
611 queueup(e, false, true);
614 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
616 /* now unlock the job */
618 sm_dprintf("dropenvelope(%s): unlocking job\n",
623 /* this envelope is marked unused */
624 if (ee->e_dfp != NULL)
626 (void) sm_io_close(ee->e_dfp,
631 ee->e_flags &= ~EF_HAS_DF;
633 e->e_sibling = oldsib;
637 /* now unlock the job */
639 sm_dprintf("dropenvelope(%s): unlocking job\n", id);
643 /* make sure that this envelope is marked unused */
644 if (e->e_dfp != NULL)
646 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
650 e->e_flags &= ~EF_HAS_DF;
657 ** CLEARENVELOPE -- clear an envelope without unlocking
659 ** This is normally used by a child process to get a clean
660 ** envelope without disturbing the parent.
663 ** e -- the envelope to clear.
664 ** fullclear - if set, the current envelope is total
665 ** garbage and should be ignored; otherwise,
666 ** release any resources it may indicate.
667 ** rpool -- either NULL, or a pointer to a resource pool
668 ** from which envelope memory is allocated, and
669 ** to which envelope resources are attached.
675 ** Closes files associated with the envelope.
676 ** Marks the envelope as unallocated.
680 clearenvelope(e, fullclear, rpool)
681 register ENVELOPE *e;
687 extern ENVELOPE BlankEnvelope;
692 /* clear out any file information */
693 if (e->e_xfp != NULL)
694 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
695 if (e->e_dfp != NULL)
696 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
697 e->e_xfp = e->e_dfp = NULL;
701 ** Copy BlankEnvelope into *e.
702 ** It is not safe to simply copy pointers to strings;
703 ** the strings themselves must be copied (or set to NULL).
704 ** The problem is that when we assign a new string value to
705 ** a member of BlankEnvelope, we free the old string.
706 ** We did not need to do this copying in sendmail 8.11 :-(
707 ** and it is a potential performance hit. Reference counted
708 ** strings are one way out.
713 e->e_qfletter = '\0';
715 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), "");
718 ** Copy the macro table.
719 ** We might be able to avoid this by zeroing the macro table
720 ** and always searching BlankEnvelope.e_macro after e->e_macro
724 for (p = &e->e_macro.mac_table[0];
725 p <= &e->e_macro.mac_table[MAXMACROID];
729 *p = sm_rpool_strdup_x(rpool, *p);
733 ** XXX There are many strings in the envelope structure
734 ** XXX that we are not attempting to copy here.
735 ** XXX Investigate this further.
739 e->e_macro.mac_rpool = rpool;
741 set_delivery_mode(SM_DELIVER, e);
742 bh = BlankEnvelope.e_header;
746 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh));
747 memmove((char *) *nhp, (char *) bh, sizeof(*bh));
749 nhp = &(*nhp)->h_link;
751 #if _FFR_MILTER_ENHSC
752 e->e_enhsc[0] = '\0';
756 ** INITSYS -- initialize instantiation of system
758 ** In Daemon mode, this is done in the child.
761 ** e -- the envelope to use.
767 ** Initializes the system macros, some global variables,
768 ** etc. In particular, the current time in various
774 register ENVELOPE *e;
778 static char ybuf[60]; /* holds tty id */
780 extern char *ttyname();
784 ** Give this envelope a reality.
785 ** I.e., an id, a transcript, and a creation time.
786 ** We don't select the queue until all of the recipients are known.
790 e->e_ctime = curtime();
791 e->e_qfletter = '\0';
794 ** Set OutChannel to something useful if stdout isn't it.
795 ** This arranges that any extra stuff the mailer produces
796 ** gets sent back to the user on error (because it is
797 ** tucked away in the transcript).
800 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) &&
802 OutChannel = e->e_xfp;
805 ** Set up some basic system macros.
809 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid);
810 macdefine(&e->e_macro, A_TEMP, 'p', buf);
813 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount);
814 macdefine(&e->e_macro, A_TEMP, 'c', buf);
816 /* time as integer, unix time, arpa time */
824 if (macvalue('y', e) == NULL)
829 if (strrchr(p, '/') != NULL)
830 p = strrchr(p, '/') + 1;
831 (void) sm_strlcpy(ybuf, sizeof(ybuf), p);
832 macdefine(&e->e_macro, A_PERM, 'y', ybuf);
838 ** SETTIME -- set the current time.
841 ** e -- the envelope in which the macros should be set.
847 ** Sets the various time macros -- $a, $b, $d, $t.
852 register ENVELOPE *e;
857 register struct tm *tm;
860 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now);
861 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf);
863 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d",
864 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
865 tm->tm_hour, tm->tm_min);
866 macdefine(&e->e_macro, A_TEMP, 't', buf);
867 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf));
868 p = strchr(buf, '\n');
871 macdefine(&e->e_macro, A_TEMP, 'd', buf);
872 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf));
873 if (macvalue('a', e) == NULL)
874 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e));
877 ** OPENXSCRIPT -- Open transcript file
879 ** Creates a transcript file for possible eventual mailing or
883 ** e -- the envelope to create the transcript in/for.
889 ** Creates the transcript file.
898 register ENVELOPE *e;
902 if (e->e_xfp != NULL)
906 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags))
907 syserr("openxscript: job not locked");
910 p = queuename(e, XSCRPT_LETTER);
911 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize,
912 SFF_NOTEXCL|SFF_OPENASROOT);
914 if (e->e_xfp == NULL)
916 syserr("Can't create transcript file %s", p);
917 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
918 SM_PATH_DEVNULL, SM_IO_RDWR, NULL);
919 if (e->e_xfp == NULL)
920 syserr("!Can't open %s", SM_PATH_DEVNULL);
922 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0);
925 sm_dprintf("openxscript(%s):\n ", p);
926 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true,
931 ** CLOSEXSCRIPT -- close the transcript file.
934 ** e -- the envelope containing the transcript to close.
945 register ENVELOPE *e;
947 if (e->e_xfp == NULL)
950 if (e->e_lockfp == NULL)
951 syserr("closexscript: job not locked");
953 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
957 ** SETSENDER -- set the person who this message is from
959 ** Under certain circumstances allow the user to say who
960 ** s/he is (using -f or -r). These are:
961 ** 1. The user's uid is zero (root).
962 ** 2. The user's login name is in an approved list (typically
963 ** from a network server).
964 ** 3. The address the user is trying to claim has a
965 ** "!" character in it (since #2 doesn't do it for
966 ** us if we are dialing out for UUCP).
967 ** A better check to replace #3 would be if the
968 ** effective uid is "UUCP" -- this would require me
969 ** to rewrite getpwent to "grab" uucp as it went by,
970 ** make getname more nasty, do another passwd file
971 ** scan, or compile the UID of "UUCP" into the code,
972 ** all of which are reprehensible.
974 ** Assuming all of these fail, we figure out something
978 ** from -- the person we would like to believe this message
979 ** is from, as specified on the command line.
980 ** e -- the envelope in which we would like the sender set.
981 ** delimptr -- if non-NULL, set to the location of the
982 ** trailing delimiter.
983 ** delimchar -- the character that will delimit the sender
985 ** internal -- set if this address is coming from an internal
986 ** source such as an owner alias.
992 ** sets sendmail's notion of who the from person is.
996 setsender(from, e, delimptr, delimchar, internal)
998 register ENVELOPE *e;
1003 register char **pvp;
1004 char *realname = NULL;
1006 char buf[MAXNAME + 2];
1007 char pvpbuf[PSBUFSIZE];
1008 extern char *FullName;
1011 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from);
1013 /* may be set from earlier calls */
1014 macdefine(&e->e_macro, A_PERM, 'x', "");
1017 ** Figure out the real user executing us.
1018 ** Username can return errno != 0 on non-errors.
1021 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP ||
1022 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON)
1024 if (realname == NULL || realname[0] == '\0')
1025 realname = username();
1027 if (ConfigLevel < 2)
1030 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
1032 /* preset state for then clause in case from == NULL */
1033 e->e_from.q_state = QS_BADADDR;
1034 e->e_from.q_flags = 0;
1036 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR,
1037 delimchar, delimptr, e, false) == NULL ||
1038 QS_IS_BADADDR(e->e_from.q_state) ||
1039 e->e_from.q_mailer == ProgMailer ||
1040 e->e_from.q_mailer == FileMailer ||
1041 e->e_from.q_mailer == InclMailer)
1043 /* log garbage addresses for traceback */
1044 if (from != NULL && LogLevel > 2)
1047 char ebuf[MAXNAME * 2 + 2];
1049 p = macvalue('_', e);
1052 char *host = RealHostName;
1056 (void) sm_snprintf(ebuf, sizeof(ebuf),
1057 "%.*s@%.*s", MAXNAME,
1058 realname, MAXNAME, host);
1061 sm_syslog(LOG_NOTICE, e->e_id,
1062 "setsender: %s: invalid or unparsable, received from %s",
1063 shortenstring(from, 83), p);
1067 if (!QS_IS_BADADDR(e->e_from.q_state))
1069 /* it was a bogus mailer in the from addr */
1070 e->e_status = "5.1.7";
1071 usrerrenh(e->e_status,
1072 "553 Invalid sender address");
1076 if (from == realname ||
1077 parseaddr(from = realname,
1078 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ',
1079 NULL, e, false) == NULL)
1084 expand("\201n", nbuf, sizeof(nbuf), e);
1085 from = sm_rpool_strdup_x(e->e_rpool, nbuf);
1086 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ',
1087 NULL, e, false) == NULL &&
1088 parseaddr(from = "postmaster", &e->e_from,
1089 RF_COPYALL, ' ', NULL, e, false) == NULL)
1090 syserr("553 5.3.0 setsender: can't even parse postmaster!");
1095 e->e_from.q_state = QS_SENDER;
1098 sm_dprintf("setsender: QS_SENDER ");
1099 printaddr(sm_debug_file(), &e->e_from, false);
1104 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags))
1108 p = udbsender(e->e_from.q_user, e->e_rpool);
1114 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags))
1120 /* if the user already given fullname don't redefine */
1121 if (FullName == NULL)
1122 FullName = macvalue('x', e);
1123 if (FullName != NULL)
1125 if (FullName[0] == '\0')
1128 FullName = newstr(FullName);
1132 if (e->e_from.q_user[0] != '\0' &&
1133 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK)
1136 ** Process passwd file entry.
1139 /* extract home directory */
1140 if (*user.mbdb_homedir == '\0')
1141 e->e_from.q_home = NULL;
1142 else if (strcmp(user.mbdb_homedir, "/") == 0)
1143 e->e_from.q_home = "";
1145 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool,
1147 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home);
1149 /* extract user and group id */
1150 if (user.mbdb_uid != SM_NO_UID)
1152 e->e_from.q_uid = user.mbdb_uid;
1153 e->e_from.q_gid = user.mbdb_gid;
1154 e->e_from.q_flags |= QGOODUID;
1157 /* extract full name from passwd file */
1158 if (FullName == NULL && !internal &&
1159 user.mbdb_fullname[0] != '\0' &&
1160 strcmp(user.mbdb_name, e->e_from.q_user) == 0)
1162 FullName = newstr(user.mbdb_fullname);
1167 e->e_from.q_home = NULL;
1169 if (FullName != NULL && !internal)
1170 macdefine(&e->e_macro, A_TEMP, 'x', FullName);
1172 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP)
1174 if (e->e_from.q_home == NULL)
1176 e->e_from.q_home = getenv("HOME");
1177 if (e->e_from.q_home != NULL)
1179 if (*e->e_from.q_home == '\0')
1180 e->e_from.q_home = NULL;
1181 else if (strcmp(e->e_from.q_home, "/") == 0)
1185 e->e_from.q_uid = RealUid;
1186 e->e_from.q_gid = RealGid;
1187 e->e_from.q_flags |= QGOODUID;
1191 ** Rewrite the from person to dispose of possible implicit
1192 ** links in the net.
1195 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL,
1196 IntTokenTab, false);
1199 /* don't need to give error -- prescan did that already */
1201 sm_syslog(LOG_NOTICE, e->e_id,
1202 "cannot prescan from (%s)",
1203 shortenstring(from, MAXSHORTSTR));
1204 finis(true, true, ExitStat);
1206 (void) REWRITE(pvp, 3, e);
1207 (void) REWRITE(pvp, 1, e);
1208 (void) REWRITE(pvp, 4, e);
1209 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1211 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false);
1212 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags))
1214 /* heuristic: route-addr: add angle brackets */
1215 (void) sm_strlcat(bp, ">", sizeof(buf) - 1);
1218 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp);
1219 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender);
1221 /* save the domain spec if this mailer wants it */
1222 if (e->e_from.q_mailer != NULL &&
1223 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags))
1227 /* get rid of any pesky angle brackets */
1228 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
1229 (void) REWRITE(pvp, 3, e);
1230 (void) REWRITE(pvp, 1, e);
1231 (void) REWRITE(pvp, 4, e);
1232 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1234 /* strip off to the last "@" sign */
1235 for (lastat = NULL; *pvp != NULL; pvp++)
1237 if (strcmp(*pvp, "@") == 0)
1242 e->e_fromdomain = copyplist(lastat, true, e->e_rpool);
1245 sm_dprintf("Saving from domain: ");
1246 printav(sm_debug_file(), e->e_fromdomain);
1252 ** PRINTENVFLAGS -- print envelope flags for debugging
1255 ** e -- the envelope with the flags to be printed.
1264 unsigned long ef_bit;
1267 static struct eflags EnvelopeFlags[] =
1269 { "OLDSTYLE", EF_OLDSTYLE },
1270 { "INQUEUE", EF_INQUEUE },
1271 { "NO_BODY_RETN", EF_NO_BODY_RETN },
1272 { "CLRQUEUE", EF_CLRQUEUE },
1273 { "SENDRECEIPT", EF_SENDRECEIPT },
1274 { "FATALERRS", EF_FATALERRS },
1275 { "DELETE_BCC", EF_DELETE_BCC },
1276 { "RESPONSE", EF_RESPONSE },
1277 { "RESENT", EF_RESENT },
1278 { "VRFYONLY", EF_VRFYONLY },
1279 { "WARNING", EF_WARNING },
1280 { "QUEUERUN", EF_QUEUERUN },
1281 { "GLOBALERRS", EF_GLOBALERRS },
1282 { "PM_NOTIFY", EF_PM_NOTIFY },
1283 { "METOO", EF_METOO },
1284 { "LOGSENDER", EF_LOGSENDER },
1285 { "NORECEIPT", EF_NORECEIPT },
1286 { "HAS8BIT", EF_HAS8BIT },
1287 { "RET_PARAM", EF_RET_PARAM },
1288 { "HAS_DF", EF_HAS_DF },
1289 { "IS_MIME", EF_IS_MIME },
1290 { "DONT_MIME", EF_DONT_MIME },
1291 { "DISCARD", EF_DISCARD },
1292 { "TOOBIG", EF_TOOBIG },
1293 { "SPLIT", EF_SPLIT },
1294 { "UNSAFE", EF_UNSAFE },
1295 { "TOODEEP", EF_TOODEEP },
1296 { "SECURE", EF_SECURE },
1302 register ENVELOPE *e;
1304 register struct eflags *ef;
1307 sm_dprintf("%lx", e->e_flags);
1308 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++)
1310 if (!bitset(ef->ef_bit, e->e_flags))
1313 sm_dprintf("<%s", ef->ef_name);
1315 sm_dprintf(",%s", ef->ef_name);