diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-09-23 16:58:12 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-09-23 16:58:12 +0300 |
commit | a1096d448035872df4eaa4d4f6d7b1606a388abb (patch) | |
tree | d32687f987b9fe20f2aa4a2368ff570050ccd31c | |
parent | e70ec5f9057d131ac8d44629038bb29814243384 (diff) | |
download | mailfromd-a1096d448035872df4eaa4d4f6d7b1606a388abb.tar.gz mailfromd-a1096d448035872df4eaa4d4f6d7b1606a388abb.tar.bz2 |
Add milter connection patch for Sendmail-8.14.3
* etc/sendmail-8.14.3.connect.diff: New file.
* doc/mailfromd.texi: Document new patch.
-rw-r--r-- | doc/mailfromd.texi | 11 | ||||
-rw-r--r-- | etc/sendmail-8.14.3.connect.diff | 103 |
2 files changed, 109 insertions, 5 deletions
diff --git a/doc/mailfromd.texi b/doc/mailfromd.texi index 66dc6d04..0eb6c513 100644 --- a/doc/mailfromd.texi +++ b/doc/mailfromd.texi @@ -5129,11 +5129,12 @@ in my opinion, absurd. My practice shows that it is often reasonable, and even necessary, to return a meaningful textual message if the initial connection is declined. The opinion of @command{mailfromd} users seems to support this view. Bearing this in mind, -@command{mailfromd} is shipped with a patch for Sendmail 8.13.7 which -makes it honor both extended return code and textual message given -with the action. The patch is in the file -@file{etc/@/sendmail-8.13.7.connect.diff}. It applies cleanly to -versions of Sendmail up to 8.14. +@command{mailfromd} is shipped with a patch for Sendmail, +which makes it honor both extended return code and textual message given +with the action. Two versions are provided: +@file{etc/@/sendmail-8.13.7.connect.diff}, for +Sendmail versions 8.13.x, and +@file{etc/@/sendmail-8.14.3.connect.diff}, for Sendmail versions 8.14.3. @end deffn diff --git a/etc/sendmail-8.14.3.connect.diff b/etc/sendmail-8.14.3.connect.diff new file mode 100644 index 00000000..fadc3107 --- /dev/null +++ b/etc/sendmail-8.14.3.connect.diff @@ -0,0 +1,103 @@ +diff -pur orig/sendmail-8.14.3/sendmail/milter.c sendmail-8.14.3/sendmail/milter.c +--- orig/sendmail-8.14.3/sendmail/milter.c 2007-06-06 20:26:12.000000000 +0300 ++++ sendmail-8.14.3/sendmail/milter.c 2009-08-31 11:49:59.750070622 +0300 +@@ -3951,29 +3951,30 @@ milter_connect(hostname, addr, e, state) + milter_per_connection_check(e); + + /* ++ * There used to be the following comment here: ++ * + ** SMFIR_REPLYCODE can't work with connect due to + ** the requirements of SMTP. Therefore, ignore the + ** reply code text but keep the state it would reflect. ++ * ++ * However, this is wrong. RFC2821, section 3.9 states, that: ++ * ++ * "An SMTP server MUST NOT intentionally close the connection except: ++ * [...] ++ * - After detecting the need to shut down the SMTP service and ++ * returning a 421 response code. This response code can be issued ++ * after the server receives any command or, if necessary, ++ * asynchronously from command receipt (on the assumption that the ++ * client will receive it after the next command is issued)." ++ * ++ * I see no reason why a milter cannot supply its own textual ++ * explanation in xxfi_connect. So, instead of blindly filtering ++ * out the user-supllied response, I return it to smtp(). The latter ++ * is crafted so that it will graciously abort the connection, if ++ * the response begins with 421, giving the user-supplied textual ++ * message, and will proceed with nullserver otherwise. ++ * --gray + */ +- +- if (*state == SMFIR_REPLYCODE) +- { +- if (response != NULL && +- *response == '4') +- { +- if (strncmp(response, "421 ", 4) == 0) +- *state = SMFIR_SHUTDOWN; +- else +- *state = SMFIR_TEMPFAIL; +- } +- else +- *state = SMFIR_REJECT; +- if (response != NULL) +- { +- sm_free(response); /* XXX */ +- response = NULL; +- } +- } + return response; + } + +diff -pur orig/sendmail-8.14.3/sendmail/srvrsmtp.c sendmail-8.14.3/sendmail/srvrsmtp.c +--- orig/sendmail-8.14.3/sendmail/srvrsmtp.c 2008-03-31 19:32:13.000000000 +0300 ++++ sendmail-8.14.3/sendmail/srvrsmtp.c 2009-09-23 16:07:56.604677429 +0300 +@@ -957,6 +957,8 @@ smtp(nullserver, d_flags, e) + { + char state; + char *response; ++ static char greetcodebuf[4]; ++ size_t len; + + q = macvalue(macid("{client_name}"), e); + SM_ASSERT(q != NULL || OpMode == MD_SMTP); +@@ -965,7 +967,36 @@ smtp(nullserver, d_flags, e) + response = milter_connect(q, RealHostAddr, e, &state); + switch (state) + { +- case SMFIR_REPLYCODE: /* REPLYCODE shouldn't happen */ ++ case SMFIR_REPLYCODE: ++ if (MilterLogLevel > 3) ++ sm_syslog(LOG_INFO, e->e_id, ++ "Milter: connect: host=%s, addr=%s, reject=%s", ++ peerhostname, ++ anynet_ntoa(&RealHostAddr), ++ response); ++ len = strlen(response); ++ if (len >= 3) { ++ /* RFC 2821, Section 3.9 */ ++ nullserver = newstr(response); ++ if (memcmp(response, "421", 3) == 0) { ++ message(response); ++ /* arrange to ignore send list */ ++ e->e_sendqueue = NULL; ++ sm_syslog(LOG_INFO, e->e_id, ++ "host=%s, addr=%s, reject=%s", ++ peerhostname, ++ anynet_ntoa(&RealHostAddr), ++ response); ++ goto doquit; ++ } else { ++ memcpy(greetcodebuf, response, 3); ++ greetcodebuf[3] = 0; ++ greetcode = greetcodebuf; ++ break; ++ } ++ } ++ /* FALL THROUGH */ ++ + case SMFIR_REJECT: + if (MilterLogLevel > 3) + sm_syslog(LOG_INFO, e->e_id, |