2 * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: envelope.c,v 8.296 2006/03/31 18:53:50 ca Exp $")
19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope
22 ** e -- the envelope to clear.
33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), "");
34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), "");
35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), "");
36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), "");
39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), "");
40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), "");
41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), "");
42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), "");
43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), "");
44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), "");
46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), "");
47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), "");
48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), "");
49 # endif /* _FFR_TLS_1 */
54 ** NEWENVELOPE -- fill in a new envelope
56 ** Supports inheritance.
59 ** e -- the new envelope to fill in.
60 ** parent -- the envelope to be the parent of e.
61 ** rpool -- either NULL, or a pointer to a resource pool
62 ** from which envelope memory is allocated, and
63 ** to which envelope resources are attached.
73 newenvelope(e, parent, rpool)
75 register ENVELOPE *parent;
78 #if _FFR_DM_PER_DAEMON
80 #endif /* _FFR_DM_PER_DAEMON */
83 ** This code used to read:
84 ** if (e == parent && e->e_parent != NULL)
85 ** parent = e->e_parent;
86 ** So if e == parent && e->e_parent == NULL then we would
87 ** set e->e_parent = e, which creates a loop in the e_parent chain.
88 ** This meant macvalue() could go into an infinite loop.
91 #if _FFR_DM_PER_DAEMON
93 sendmode = parent->e_sendmode;
96 #endif /* _FFR_DM_PER_DAEMON */
100 clearenvelope(e, true, rpool);
102 memmove((char *) &e->e_from,
103 (char *) &NullAddress,
106 memmove((char *) &e->e_from,
107 (char *) &CurEnv->e_from,
109 e->e_parent = parent;
111 e->e_ctime = curtime();
114 e->e_msgpriority = parent->e_msgsize;
115 if (parent->e_quarmsg == NULL)
118 macdefine(&e->e_macro, A_PERM,
119 macid("{quarantine}"), "");
123 e->e_quarmsg = sm_rpool_strdup_x(rpool,
125 macdefine(&e->e_macro, A_PERM,
126 macid("{quarantine}"), e->e_quarmsg);
129 e->e_puthdr = putheader;
130 e->e_putbody = putbody;
131 if (CurEnv->e_xfp != NULL)
132 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT);
133 #if _FFR_DM_PER_DAEMON
134 if (sendmode != DM_NOTSET)
135 e->e_sendmode = sendmode;
136 #endif /* _FFR_DM_PER_DAEMON */
141 /* values for msg_timeout, see also IS_* below for usage (bit layout) */
142 #define MSG_T_O 0x01 /* normal timeout */
143 #define MSG_T_O_NOW 0x02 /* NOW timeout */
144 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */
145 #define MSG_WARN 0x10 /* normal queue warning */
146 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */
148 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */
150 /* immediate return */
151 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0)
152 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */
155 ** DROPENVELOPE -- deallocate an envelope.
158 ** e -- the envelope to deallocate.
159 ** fulldrop -- if set, do return receipts.
160 ** split -- if true, split by recipient if message is queued up
166 ** housekeeping necessary to dispose of an envelope.
167 ** Unlocks this queue file.
171 dropenvelope(e, fulldrop, split)
172 register ENVELOPE *e;
177 bool queueit = false;
179 bool failure_return = false;
180 bool delay_return = false;
181 bool success_return = false;
182 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags);
191 sm_dprintf("dropenvelope %p: id=", e);
192 xputs(sm_debug_file(), e->e_id);
193 sm_dprintf(", flags=");
197 sm_dprintf("sendq=");
198 printaddr(sm_debug_file(), e->e_sendqueue, true);
203 sm_syslog(LOG_DEBUG, id,
204 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d",
205 e->e_flags, OpMode, (int) CurrentPid);
207 /* we must have an id to remove disk files */
211 /* if verify-only mode, we can skip most of this */
212 if (OpMode == MD_VERIFY)
215 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags))
217 e->e_flags &= ~EF_LOGSENDER;
219 /* post statistics */
223 ** Extract state information from dregs of send list.
227 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass])
228 msg_timeout = MSG_T_O;
229 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 &&
230 now >= e->e_ctime + e->e_deliver_by &&
231 !bitset(EF_RESPONSE, e->e_flags))
233 msg_timeout = MSG_NOT_BY;
234 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
236 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW &&
237 !bitset(EF_RESPONSE, e->e_flags))
239 msg_timeout = MSG_T_O_NOW;
240 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
243 e->e_flags &= ~EF_QUEUERUN;
244 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
246 if (QS_IS_UNDELIVERED(q->q_state))
249 /* see if a notification is needed */
250 if (bitset(QPINGONFAILURE, q->q_flags) &&
251 ((IS_MSG_ERR(msg_timeout) &&
252 QS_IS_UNDELIVERED(q->q_state)) ||
253 QS_IS_BADADDR(q->q_state) ||
254 IS_IMM_RET(msg_timeout)))
256 failure_return = true;
257 if (!done && q->q_owner == NULL &&
258 !emptyaddr(&e->e_from))
260 (void) sendtolist(e->e_from.q_paddr, NULLADDR,
261 &e->e_errorqueue, 0, e);
265 else if ((bitset(QPINGONSUCCESS, q->q_flags) &&
266 ((QS_IS_SENT(q->q_state) &&
267 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) ||
268 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) ||
269 bitset(QBYTRACE, q->q_flags) ||
270 bitset(QBYNRELAY, q->q_flags))
272 success_return = true;
277 e->e_flags |= EF_NO_BODY_RETN;
280 ** See if the message timed out.
285 /* nothing to do */ ;
286 else if (IS_MSG_ERR(msg_timeout))
290 if (msg_timeout == MSG_NOT_BY)
292 (void) sm_snprintf(buf, sizeof buf,
293 "delivery time expired %lds",
298 (void) sm_snprintf(buf, sizeof buf,
299 "Cannot send message for %s",
300 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
304 /* don't free, allocated from e_rpool */
305 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
307 e->e_flags |= EF_CLRQUEUE;
309 if (msg_timeout == MSG_NOT_BY)
311 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
312 "Delivery time (%lds) expired\n",
316 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
317 "Message could not be delivered for %s\n",
318 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
320 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
321 "Message will be deleted from queue\n");
322 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
324 if (QS_IS_UNDELIVERED(q->q_state))
326 q->q_state = QS_BADADDR;
327 if (msg_timeout == MSG_NOT_BY)
328 q->q_status = "5.4.7";
330 q->q_status = "4.4.7";
336 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 &&
338 TimeOuts.to_q_warning[e->e_timeoutclass])
339 msg_timeout = MSG_WARN;
340 else if (IS_DLVR_NOTIFY(e) &&
341 e->e_deliver_by > 0 &&
342 now >= e->e_ctime + e->e_deliver_by)
343 msg_timeout = MSG_WARN_BY;
345 if (IS_MSG_WARN(msg_timeout))
347 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) &&
349 e->e_from.q_paddr != NULL &&
350 strcmp(e->e_from.q_paddr, "<>") != 0 &&
351 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 &&
352 (strlen(e->e_from.q_paddr) <= 8 ||
353 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8],
356 for (q = e->e_sendqueue; q != NULL;
359 if (QS_IS_UNDELIVERED(q->q_state)
360 #if _FFR_NODELAYDSN_ON_HOLD
362 q->q_mailer->m_flags)
363 #endif /* _FFR_NODELAYDSN_ON_HOLD */
368 (bitset(QPINGONDELAY,
374 q->q_flags |= QBYNDELAY;
377 if (bitset(QPINGONDELAY,
380 q->q_flags |= QDELAYED;
388 if (msg_timeout == MSG_WARN_BY)
390 (void) sm_snprintf(buf, sizeof buf,
391 "Warning: Delivery time (%lds) exceeded",
395 (void) sm_snprintf(buf, sizeof buf,
396 "Warning: could not send message for past %s",
397 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
400 /* don't free, allocated from e_rpool */
401 e->e_message = sm_rpool_strdup_x(e->e_rpool,
404 e->e_flags |= EF_WARNING;
406 if (msg_timeout == MSG_WARN_BY)
408 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
409 "Warning: Delivery time (%lds) exceeded\n",
413 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
414 "Warning: message still undelivered after %s\n",
415 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
417 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
418 "Will keep trying until message is %s old\n",
419 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
425 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n",
426 failure_return, delay_return, success_return, queueit);
429 ** If we had some fatal error, but no addresses are marked as
430 ** bad, mark them _all_ as bad.
433 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return)
435 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
437 if ((QS_IS_OK(q->q_state) ||
438 QS_IS_VERIFIED(q->q_state)) &&
439 bitset(QPINGONFAILURE, q->q_flags))
441 failure_return = true;
442 q->q_state = QS_BADADDR;
448 ** Send back return receipts as requested.
451 if (success_return && !failure_return && !delay_return && fulldrop &&
452 !bitset(PRIV_NORECEIPTS, PrivacyFlags) &&
453 strcmp(e->e_from.q_paddr, "<>") != 0)
455 auto ADDRESS *rlist = NULL;
458 sm_dprintf("dropenvelope(%s): sending return receipt\n",
460 e->e_flags |= EF_SENDRECEIPT;
461 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e);
462 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e);
464 e->e_flags &= ~EF_SENDRECEIPT;
467 ** Arrange to send error messages if there are fatal errors.
470 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET)
473 sm_dprintf("dropenvelope(%s): saving mail\n", id);
474 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags));
478 ** Arrange to send warning messages to postmaster as requested.
481 if ((failure_return || pmnotify) &&
482 PostMasterCopy != NULL &&
483 !bitset(EF_RESPONSE, e->e_flags) &&
486 auto ADDRESS *rlist = NULL;
491 expand(PostMasterCopy, pcopy, sizeof pcopy, e);
494 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n",
496 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e);
499 (void) sendtolist("postmaster", NULLADDR,
501 (void) returntosender(e->e_message, rlist,
502 RTSF_PM_BOUNCE|RTSF_NO_BODY, e);
506 ** Instantiate or deinstantiate the queue.
511 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n",
513 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags))
517 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=",
523 if (e->e_dfp != NULL)
525 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
528 (void) xunlink(queuename(e, DATAFL_LETTER));
530 if (panic && QueueMode == QM_LOST)
533 ** leave the Qf file behind as
534 ** the delivery attempt failed.
540 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0)
542 /* add to available space in filesystem */
543 updfs(e, -1, panic ? 0 : -1, "dropenvelope");
546 if (e->e_ntries > 0 && LogLevel > 9)
547 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d",
548 pintvl(curtime() - e->e_ctime, true),
551 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
554 queueup(e, false, true);
561 ** Save old sibling and set it to NULL to avoid
562 ** queueing up the same envelopes again.
563 ** This requires that envelopes in that list have
564 ** been take care of before (or at some other place).
567 oldsib = e->e_sibling;
569 if (!split_by_recipient(e) &&
570 bitset(EF_FATALERRS, e->e_flags))
572 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d",
573 e->e_id, queuename(e, DATAFL_LETTER),
576 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
577 queueup(ee, false, true);
578 queueup(e, false, true);
581 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
583 /* now unlock the job */
585 sm_dprintf("dropenvelope(%s): unlocking job\n",
590 /* this envelope is marked unused */
591 if (ee->e_dfp != NULL)
593 (void) sm_io_close(ee->e_dfp,
598 ee->e_flags &= ~EF_HAS_DF;
600 e->e_sibling = oldsib;
604 /* now unlock the job */
606 sm_dprintf("dropenvelope(%s): unlocking job\n", id);
610 /* make sure that this envelope is marked unused */
611 if (e->e_dfp != NULL)
613 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
617 e->e_flags &= ~EF_HAS_DF;
620 ** CLEARENVELOPE -- clear an envelope without unlocking
622 ** This is normally used by a child process to get a clean
623 ** envelope without disturbing the parent.
626 ** e -- the envelope to clear.
627 ** fullclear - if set, the current envelope is total
628 ** garbage and should be ignored; otherwise,
629 ** release any resources it may indicate.
630 ** rpool -- either NULL, or a pointer to a resource pool
631 ** from which envelope memory is allocated, and
632 ** to which envelope resources are attached.
638 ** Closes files associated with the envelope.
639 ** Marks the envelope as unallocated.
643 clearenvelope(e, fullclear, rpool)
644 register ENVELOPE *e;
650 extern ENVELOPE BlankEnvelope;
655 /* clear out any file information */
656 if (e->e_xfp != NULL)
657 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
658 if (e->e_dfp != NULL)
659 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
660 e->e_xfp = e->e_dfp = NULL;
664 ** Copy BlankEnvelope into *e.
665 ** It is not safe to simply copy pointers to strings;
666 ** the strings themselves must be copied (or set to NULL).
667 ** The problem is that when we assign a new string value to
668 ** a member of BlankEnvelope, we free the old string.
669 ** We did not need to do this copying in sendmail 8.11 :-(
670 ** and it is a potential performance hit. Reference counted
671 ** strings are one way out.
676 e->e_qfletter = '\0';
678 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), "");
681 ** Copy the macro table.
682 ** We might be able to avoid this by zeroing the macro table
683 ** and always searching BlankEnvelope.e_macro after e->e_macro
687 for (p = &e->e_macro.mac_table[0];
688 p <= &e->e_macro.mac_table[MAXMACROID];
692 *p = sm_rpool_strdup_x(rpool, *p);
696 ** XXX There are many strings in the envelope structure
697 ** XXX that we are not attempting to copy here.
698 ** XXX Investigate this further.
702 e->e_macro.mac_rpool = rpool;
704 set_delivery_mode(SM_DELIVER, e);
705 bh = BlankEnvelope.e_header;
709 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof *bh);
710 memmove((char *) *nhp, (char *) bh, sizeof *bh);
712 nhp = &(*nhp)->h_link;
716 ** INITSYS -- initialize instantiation of system
718 ** In Daemon mode, this is done in the child.
721 ** e -- the envelope to use.
727 ** Initializes the system macros, some global variables,
728 ** etc. In particular, the current time in various
734 register ENVELOPE *e;
738 static char ybuf[60]; /* holds tty id */
740 extern char *ttyname();
744 ** Give this envelope a reality.
745 ** I.e., an id, a transcript, and a creation time.
746 ** We don't select the queue until all of the recipients are known.
750 e->e_ctime = curtime();
751 e->e_qfletter = '\0';
754 ** Set OutChannel to something useful if stdout isn't it.
755 ** This arranges that any extra stuff the mailer produces
756 ** gets sent back to the user on error (because it is
757 ** tucked away in the transcript).
760 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) &&
762 OutChannel = e->e_xfp;
765 ** Set up some basic system macros.
769 (void) sm_snprintf(buf, sizeof buf, "%d", (int) CurrentPid);
770 macdefine(&e->e_macro, A_TEMP, 'p', buf);
773 (void) sm_snprintf(buf, sizeof buf, "%d", e->e_hopcount);
774 macdefine(&e->e_macro, A_TEMP, 'c', buf);
776 /* time as integer, unix time, arpa time */
784 if (macvalue('y', e) == NULL)
789 if (strrchr(p, '/') != NULL)
790 p = strrchr(p, '/') + 1;
791 (void) sm_strlcpy(ybuf, sizeof ybuf, p);
792 macdefine(&e->e_macro, A_PERM, 'y', ybuf);
798 ** SETTIME -- set the current time.
801 ** e -- the envelope in which the macros should be set.
807 ** Sets the various time macros -- $a, $b, $d, $t.
812 register ENVELOPE *e;
817 register struct tm *tm;
820 (void) sm_snprintf(buf, sizeof buf, "%ld", (long) now);
821 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf);
823 (void) sm_snprintf(buf, sizeof buf, "%04d%02d%02d%02d%02d",
824 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
825 tm->tm_hour, tm->tm_min);
826 macdefine(&e->e_macro, A_TEMP, 't', buf);
827 (void) sm_strlcpy(buf, ctime(&now), sizeof buf);
828 p = strchr(buf, '\n');
831 macdefine(&e->e_macro, A_TEMP, 'd', buf);
832 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf));
833 if (macvalue('a', e) == NULL)
834 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e));
837 ** OPENXSCRIPT -- Open transcript file
839 ** Creates a transcript file for possible eventual mailing or
843 ** e -- the envelope to create the transcript in/for.
849 ** Creates the transcript file.
854 #endif /* ! O_APPEND */
858 register ENVELOPE *e;
862 if (e->e_xfp != NULL)
866 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags))
867 syserr("openxscript: job not locked");
870 p = queuename(e, XSCRPT_LETTER);
871 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize,
872 SFF_NOTEXCL|SFF_OPENASROOT);
874 if (e->e_xfp == NULL)
876 syserr("Can't create transcript file %s", p);
877 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
878 SM_PATH_DEVNULL, SM_IO_RDWR, NULL);
879 if (e->e_xfp == NULL)
880 syserr("!Can't open %s", SM_PATH_DEVNULL);
882 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0);
885 sm_dprintf("openxscript(%s):\n ", p);
886 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true,
891 ** CLOSEXSCRIPT -- close the transcript file.
894 ** e -- the envelope containing the transcript to close.
905 register ENVELOPE *e;
907 if (e->e_xfp == NULL)
910 if (e->e_lockfp == NULL)
911 syserr("closexscript: job not locked");
913 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
917 ** SETSENDER -- set the person who this message is from
919 ** Under certain circumstances allow the user to say who
920 ** s/he is (using -f or -r). These are:
921 ** 1. The user's uid is zero (root).
922 ** 2. The user's login name is in an approved list (typically
923 ** from a network server).
924 ** 3. The address the user is trying to claim has a
925 ** "!" character in it (since #2 doesn't do it for
926 ** us if we are dialing out for UUCP).
927 ** A better check to replace #3 would be if the
928 ** effective uid is "UUCP" -- this would require me
929 ** to rewrite getpwent to "grab" uucp as it went by,
930 ** make getname more nasty, do another passwd file
931 ** scan, or compile the UID of "UUCP" into the code,
932 ** all of which are reprehensible.
934 ** Assuming all of these fail, we figure out something
938 ** from -- the person we would like to believe this message
939 ** is from, as specified on the command line.
940 ** e -- the envelope in which we would like the sender set.
941 ** delimptr -- if non-NULL, set to the location of the
942 ** trailing delimiter.
943 ** delimchar -- the character that will delimit the sender
945 ** internal -- set if this address is coming from an internal
946 ** source such as an owner alias.
952 ** sets sendmail's notion of who the from person is.
956 setsender(from, e, delimptr, delimchar, internal)
958 register ENVELOPE *e;
964 char *realname = NULL;
966 char buf[MAXNAME + 2];
967 char pvpbuf[PSBUFSIZE];
968 extern char *FullName;
971 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from);
973 /* may be set from earlier calls */
974 macdefine(&e->e_macro, A_PERM, 'x', "");
977 ** Figure out the real user executing us.
978 ** Username can return errno != 0 on non-errors.
981 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP ||
982 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON)
984 if (realname == NULL || realname[0] == '\0')
985 realname = username();
990 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
992 /* preset state for then clause in case from == NULL */
993 e->e_from.q_state = QS_BADADDR;
994 e->e_from.q_flags = 0;
996 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR,
997 delimchar, delimptr, e, false) == NULL ||
998 QS_IS_BADADDR(e->e_from.q_state) ||
999 e->e_from.q_mailer == ProgMailer ||
1000 e->e_from.q_mailer == FileMailer ||
1001 e->e_from.q_mailer == InclMailer)
1003 /* log garbage addresses for traceback */
1004 if (from != NULL && LogLevel > 2)
1007 char ebuf[MAXNAME * 2 + 2];
1009 p = macvalue('_', e);
1012 char *host = RealHostName;
1016 (void) sm_snprintf(ebuf, sizeof ebuf,
1017 "%.*s@%.*s", MAXNAME,
1018 realname, MAXNAME, host);
1021 sm_syslog(LOG_NOTICE, e->e_id,
1022 "setsender: %s: invalid or unparsable, received from %s",
1023 shortenstring(from, 83), p);
1027 if (!QS_IS_BADADDR(e->e_from.q_state))
1029 /* it was a bogus mailer in the from addr */
1030 e->e_status = "5.1.7";
1031 usrerrenh(e->e_status,
1032 "553 Invalid sender address");
1036 if (from == realname ||
1037 parseaddr(from = realname,
1038 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ',
1039 NULL, e, false) == NULL)
1044 expand("\201n", nbuf, sizeof nbuf, e);
1045 from = sm_rpool_strdup_x(e->e_rpool, nbuf);
1046 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ',
1047 NULL, e, false) == NULL &&
1048 parseaddr(from = "postmaster", &e->e_from,
1049 RF_COPYALL, ' ', NULL, e, false) == NULL)
1050 syserr("553 5.3.0 setsender: can't even parse postmaster!");
1055 e->e_from.q_state = QS_SENDER;
1058 sm_dprintf("setsender: QS_SENDER ");
1059 printaddr(sm_debug_file(), &e->e_from, false);
1064 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags))
1068 p = udbsender(e->e_from.q_user, e->e_rpool);
1074 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags))
1080 /* if the user already given fullname don't redefine */
1081 if (FullName == NULL)
1082 FullName = macvalue('x', e);
1083 if (FullName != NULL)
1085 if (FullName[0] == '\0')
1088 FullName = newstr(FullName);
1092 if (e->e_from.q_user[0] != '\0' &&
1093 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK)
1096 ** Process passwd file entry.
1099 /* extract home directory */
1100 if (*user.mbdb_homedir == '\0')
1101 e->e_from.q_home = NULL;
1102 else if (strcmp(user.mbdb_homedir, "/") == 0)
1103 e->e_from.q_home = "";
1105 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool,
1107 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home);
1109 /* extract user and group id */
1110 if (user.mbdb_uid != SM_NO_UID)
1112 e->e_from.q_uid = user.mbdb_uid;
1113 e->e_from.q_gid = user.mbdb_gid;
1114 e->e_from.q_flags |= QGOODUID;
1117 /* extract full name from passwd file */
1118 if (FullName == NULL && !internal &&
1119 user.mbdb_fullname[0] != '\0' &&
1120 strcmp(user.mbdb_name, e->e_from.q_user) == 0)
1122 FullName = newstr(user.mbdb_fullname);
1127 e->e_from.q_home = NULL;
1129 if (FullName != NULL && !internal)
1130 macdefine(&e->e_macro, A_TEMP, 'x', FullName);
1132 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP)
1134 if (e->e_from.q_home == NULL)
1136 e->e_from.q_home = getenv("HOME");
1137 if (e->e_from.q_home != NULL)
1139 if (*e->e_from.q_home == '\0')
1140 e->e_from.q_home = NULL;
1141 else if (strcmp(e->e_from.q_home, "/") == 0)
1145 e->e_from.q_uid = RealUid;
1146 e->e_from.q_gid = RealGid;
1147 e->e_from.q_flags |= QGOODUID;
1151 ** Rewrite the from person to dispose of possible implicit
1152 ** links in the net.
1155 pvp = prescan(from, delimchar, pvpbuf, sizeof pvpbuf, NULL, NULL, false);
1158 /* don't need to give error -- prescan did that already */
1160 sm_syslog(LOG_NOTICE, e->e_id,
1161 "cannot prescan from (%s)",
1162 shortenstring(from, MAXSHORTSTR));
1163 finis(true, true, ExitStat);
1165 (void) REWRITE(pvp, 3, e);
1166 (void) REWRITE(pvp, 1, e);
1167 (void) REWRITE(pvp, 4, e);
1168 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1170 cataddr(pvp, NULL, bp, sizeof buf - 2, '\0');
1171 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags))
1173 /* heuristic: route-addr: add angle brackets */
1174 (void) sm_strlcat(bp, ">", sizeof buf - 1);
1177 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp);
1178 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender);
1180 /* save the domain spec if this mailer wants it */
1181 if (e->e_from.q_mailer != NULL &&
1182 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags))
1186 /* get rid of any pesky angle brackets */
1187 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
1188 (void) REWRITE(pvp, 3, e);
1189 (void) REWRITE(pvp, 1, e);
1190 (void) REWRITE(pvp, 4, e);
1191 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1193 /* strip off to the last "@" sign */
1194 for (lastat = NULL; *pvp != NULL; pvp++)
1196 if (strcmp(*pvp, "@") == 0)
1201 e->e_fromdomain = copyplist(lastat, true, e->e_rpool);
1204 sm_dprintf("Saving from domain: ");
1205 printav(sm_debug_file(), e->e_fromdomain);
1211 ** PRINTENVFLAGS -- print envelope flags for debugging
1214 ** e -- the envelope with the flags to be printed.
1223 unsigned long ef_bit;
1226 static struct eflags EnvelopeFlags[] =
1228 { "OLDSTYLE", EF_OLDSTYLE },
1229 { "INQUEUE", EF_INQUEUE },
1230 { "NO_BODY_RETN", EF_NO_BODY_RETN },
1231 { "CLRQUEUE", EF_CLRQUEUE },
1232 { "SENDRECEIPT", EF_SENDRECEIPT },
1233 { "FATALERRS", EF_FATALERRS },
1234 { "DELETE_BCC", EF_DELETE_BCC },
1235 { "RESPONSE", EF_RESPONSE },
1236 { "RESENT", EF_RESENT },
1237 { "VRFYONLY", EF_VRFYONLY },
1238 { "WARNING", EF_WARNING },
1239 { "QUEUERUN", EF_QUEUERUN },
1240 { "GLOBALERRS", EF_GLOBALERRS },
1241 { "PM_NOTIFY", EF_PM_NOTIFY },
1242 { "METOO", EF_METOO },
1243 { "LOGSENDER", EF_LOGSENDER },
1244 { "NORECEIPT", EF_NORECEIPT },
1245 { "HAS8BIT", EF_HAS8BIT },
1246 { "NL_NOT_EOL", EF_NL_NOT_EOL },
1247 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL },
1248 { "RET_PARAM", EF_RET_PARAM },
1249 { "HAS_DF", EF_HAS_DF },
1250 { "IS_MIME", EF_IS_MIME },
1251 { "DONT_MIME", EF_DONT_MIME },
1252 { "DISCARD", EF_DISCARD },
1253 { "TOOBIG", EF_TOOBIG },
1254 { "SPLIT", EF_SPLIT },
1255 { "UNSAFE", EF_UNSAFE },
1261 register ENVELOPE *e;
1263 register struct eflags *ef;
1266 sm_dprintf("%lx", e->e_flags);
1267 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++)
1269 if (!bitset(ef->ef_bit, e->e_flags))
1272 sm_dprintf("<%s", ef->ef_name);
1274 sm_dprintf(",%s", ef->ef_name);