aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2009-09-23 16:58:12 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2009-09-23 16:58:12 +0300
commita1096d448035872df4eaa4d4f6d7b1606a388abb (patch)
treed32687f987b9fe20f2aa4a2368ff570050ccd31c
parente70ec5f9057d131ac8d44629038bb29814243384 (diff)
downloadmailfromd-a1096d448035872df4eaa4d4f6d7b1606a388abb.tar.gz
mailfromd-a1096d448035872df4eaa4d4f6d7b1606a388abb.tar.bz2
Add milter connection patch for Sendmail-8.14.3
* etc/sendmail-8.14.3.connect.diff: New file. * doc/mailfromd.texi: Document new patch.
-rw-r--r--doc/mailfromd.texi11
-rw-r--r--etc/sendmail-8.14.3.connect.diff103
2 files changed, 109 insertions, 5 deletions
diff --git a/doc/mailfromd.texi b/doc/mailfromd.texi
index 66dc6d04..0eb6c513 100644
--- a/doc/mailfromd.texi
+++ b/doc/mailfromd.texi
@@ -5129,11 +5129,12 @@ in my opinion, absurd. My practice shows that it is often reasonable,
and even necessary, to return a meaningful textual message if the
initial connection is declined. The opinion of @command{mailfromd}
users seems to support this view. Bearing this in mind,
-@command{mailfromd} is shipped with a patch for Sendmail 8.13.7 which
-makes it honor both extended return code and textual message given
-with the action. The patch is in the file
-@file{etc/@/sendmail-8.13.7.connect.diff}. It applies cleanly to
-versions of Sendmail up to 8.14.
+@command{mailfromd} is shipped with a patch for Sendmail,
+which makes it honor both extended return code and textual message given
+with the action. Two versions are provided:
+@file{etc/@/sendmail-8.13.7.connect.diff}, for
+Sendmail versions 8.13.x, and
+@file{etc/@/sendmail-8.14.3.connect.diff}, for Sendmail versions 8.14.3.
@end deffn
diff --git a/etc/sendmail-8.14.3.connect.diff b/etc/sendmail-8.14.3.connect.diff
new file mode 100644
index 00000000..fadc3107
--- /dev/null
+++ b/etc/sendmail-8.14.3.connect.diff
@@ -0,0 +1,103 @@
+diff -pur orig/sendmail-8.14.3/sendmail/milter.c sendmail-8.14.3/sendmail/milter.c
+--- orig/sendmail-8.14.3/sendmail/milter.c 2007-06-06 20:26:12.000000000 +0300
++++ sendmail-8.14.3/sendmail/milter.c 2009-08-31 11:49:59.750070622 +0300
+@@ -3951,29 +3951,30 @@ milter_connect(hostname, addr, e, state)
+ milter_per_connection_check(e);
+
+ /*
++ * There used to be the following comment here:
++ *
+ ** SMFIR_REPLYCODE can't work with connect due to
+ ** the requirements of SMTP. Therefore, ignore the
+ ** reply code text but keep the state it would reflect.
++ *
++ * However, this is wrong. RFC2821, section 3.9 states, that:
++ *
++ * "An SMTP server MUST NOT intentionally close the connection except:
++ * [...]
++ * - After detecting the need to shut down the SMTP service and
++ * returning a 421 response code. This response code can be issued
++ * after the server receives any command or, if necessary,
++ * asynchronously from command receipt (on the assumption that the
++ * client will receive it after the next command is issued)."
++ *
++ * I see no reason why a milter cannot supply its own textual
++ * explanation in xxfi_connect. So, instead of blindly filtering
++ * out the user-supllied response, I return it to smtp(). The latter
++ * is crafted so that it will graciously abort the connection, if
++ * the response begins with 421, giving the user-supplied textual
++ * message, and will proceed with nullserver otherwise.
++ * --gray
+ */
+-
+- if (*state == SMFIR_REPLYCODE)
+- {
+- if (response != NULL &&
+- *response == '4')
+- {
+- if (strncmp(response, "421 ", 4) == 0)
+- *state = SMFIR_SHUTDOWN;
+- else
+- *state = SMFIR_TEMPFAIL;
+- }
+- else
+- *state = SMFIR_REJECT;
+- if (response != NULL)
+- {
+- sm_free(response); /* XXX */
+- response = NULL;
+- }
+- }
+ return response;
+ }
+
+diff -pur orig/sendmail-8.14.3/sendmail/srvrsmtp.c sendmail-8.14.3/sendmail/srvrsmtp.c
+--- orig/sendmail-8.14.3/sendmail/srvrsmtp.c 2008-03-31 19:32:13.000000000 +0300
++++ sendmail-8.14.3/sendmail/srvrsmtp.c 2009-09-23 16:07:56.604677429 +0300
+@@ -957,6 +957,8 @@ smtp(nullserver, d_flags, e)
+ {
+ char state;
+ char *response;
++ static char greetcodebuf[4];
++ size_t len;
+
+ q = macvalue(macid("{client_name}"), e);
+ SM_ASSERT(q != NULL || OpMode == MD_SMTP);
+@@ -965,7 +967,36 @@ smtp(nullserver, d_flags, e)
+ response = milter_connect(q, RealHostAddr, e, &state);
+ switch (state)
+ {
+- case SMFIR_REPLYCODE: /* REPLYCODE shouldn't happen */
++ case SMFIR_REPLYCODE:
++ if (MilterLogLevel > 3)
++ sm_syslog(LOG_INFO, e->e_id,
++ "Milter: connect: host=%s, addr=%s, reject=%s",
++ peerhostname,
++ anynet_ntoa(&RealHostAddr),
++ response);
++ len = strlen(response);
++ if (len >= 3) {
++ /* RFC 2821, Section 3.9 */
++ nullserver = newstr(response);
++ if (memcmp(response, "421", 3) == 0) {
++ message(response);
++ /* arrange to ignore send list */
++ e->e_sendqueue = NULL;
++ sm_syslog(LOG_INFO, e->e_id,
++ "host=%s, addr=%s, reject=%s",
++ peerhostname,
++ anynet_ntoa(&RealHostAddr),
++ response);
++ goto doquit;
++ } else {
++ memcpy(greetcodebuf, response, 3);
++ greetcodebuf[3] = 0;
++ greetcode = greetcodebuf;
++ break;
++ }
++ }
++ /* FALL THROUGH */
++
+ case SMFIR_REJECT:
+ if (MilterLogLevel > 3)
+ sm_syslog(LOG_INFO, e->e_id,

Return to:

Send suggestions and report system problems to the System administrator.