2 * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: savemail.c,v 8.306 2006/02/25 02:16:53 ca Exp $")
18 static bool errbody __P((MCI *, ENVELOPE *, char *));
19 static bool pruneroute __P((char *));
22 ** SAVEMAIL -- Save mail on error
24 ** If mailing back errors, mail it back to the originator
25 ** together with an error message; otherwise, just put it in
26 ** dead.letter in the user's home directory (if he exists on
30 ** e -- the envelope containing the message in error.
31 ** sendbody -- if true, also send back the body of the
32 ** message; otherwise just send the header.
35 ** true if savemail panic'ed, (i.e., the data file should
36 ** be preserved by dropenvelope())
39 ** Saves the letter, by writing or mailing it back to the
40 ** sender, or by putting it in dead.letter in her home
44 /* defines for state machine */
45 #define ESM_REPORT 0 /* report to sender's terminal */
46 #define ESM_MAIL 1 /* mail back to sender */
47 #define ESM_QUIET 2 /* mail has already been returned */
48 #define ESM_DEADLETTER 3 /* save in ~/dead.letter */
49 #define ESM_POSTMASTER 4 /* return to postmaster */
50 #define ESM_DEADLETTERDROP 5 /* save in DeadLetterDrop */
51 #define ESM_PANIC 6 /* call loseqfile() */
52 #define ESM_DONE 7 /* message is successfully delivered */
59 register SM_FILE_T *fp;
62 auto ADDRESS *q = NULL;
67 char buf[MAXLINE + 1];
68 char dlbuf[MAXPATHLEN];
74 sm_dprintf("\nsavemail, errormode = %c, id = %s, ExitStat = %d\n e_from=",
75 e->e_errormode, e->e_id == NULL ? "NONE" : e->e_id,
77 printaddr(sm_debug_file(), &e->e_from, false);
82 /* can't return a message with no id */
87 ** In the unhappy event we don't know who to return the mail
88 ** to, make someone up.
91 if (e->e_from.q_paddr == NULL)
93 e->e_sender = "Postmaster";
94 if (parseaddr(e->e_sender, &e->e_from,
95 RF_COPYPARSE|RF_SENDERADDR,
96 '\0', NULL, e, false) == NULL)
98 syserr("553 5.3.5 Cannot parse Postmaster!");
99 finis(true, true, EX_SOFTWARE);
105 ** Basic state machine.
107 ** This machine runs through the following states:
109 ** ESM_QUIET Errors have already been printed iff the
111 ** ESM_REPORT Report directly to the sender's terminal.
112 ** ESM_MAIL Mail response to the sender.
113 ** ESM_DEADLETTER Save response in ~/dead.letter.
114 ** ESM_POSTMASTER Mail response to the postmaster.
115 ** ESM_DEADLETTERDROP
116 ** If DeadLetterDrop set, save it there.
117 ** ESM_PANIC Save response anywhere possible.
120 /* determine starting state */
121 switch (e->e_errormode)
138 /* no need to return anything at all */
142 syserr("554 5.3.0 savemail: bogus errormode x%x",
148 /* if this is already an error response, send to postmaster */
149 if (bitset(EF_RESPONSE, e->e_flags))
151 if (e->e_parent != NULL &&
152 bitset(EF_RESPONSE, e->e_parent->e_flags))
154 /* got an error sending a response -- can it */
157 state = ESM_POSTMASTER;
160 while (state != ESM_DONE)
163 sm_dprintf(" state %d\n", state);
168 if (bitnset(M_LOCALMAILER, e->e_from.q_mailer->m_flags))
169 state = ESM_DEADLETTER;
177 ** If the user is still logged in on the same terminal,
178 ** then write the error messages back to hir (sic).
183 #else /* USE_TTYPATH */
185 #endif /* USE_TTYPATH */
187 if (p == NULL || sm_io_reopen(SmFtStdio,
189 p, SM_IO_WRONLY, NULL,
196 expand("\201n", buf, sizeof buf, e);
197 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
198 "\r\nMessage from %s...\r\n", buf);
199 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
200 "Errors occurred while sending mail.\r\n");
201 if (e->e_xfp != NULL)
203 (void) bfrewind(e->e_xfp);
204 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
205 "Transcript follows:\r\n");
206 while (sm_io_fgets(e->e_xfp, SM_TIME_DEFAULT,
207 buf, sizeof buf) != NULL &&
208 !sm_io_error(smioout))
209 (void) sm_io_fputs(smioout,
215 syserr("Cannot open %s",
216 queuename(e, XSCRPT_LETTER));
217 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
218 "Transcript of session is unavailable.\r\n");
220 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
221 "Original message will be saved in dead.letter.\r\n");
222 state = ESM_DEADLETTER;
227 ** If mailing back, do it.
228 ** Throw away all further output. Don't alias,
229 ** since this could cause loops, e.g., if joe
230 ** mails to joe@x, and for some reason the network
231 ** for @x is down, then the response gets sent to
232 ** joe@x, which gives a response, etc. Also force
233 ** the mail to be delivered even if a version of
234 ** it has already been sent to the sender.
236 ** If this is a configuration or local software
237 ** error, send to the local postmaster as well,
238 ** since the originator can't do anything
239 ** about it anyway. Note that this is a full
240 ** copy of the message (intentionally) so that
241 ** the Postmaster can forward things along.
244 if (ExitStat == EX_CONFIG || ExitStat == EX_SOFTWARE)
246 (void) sendtolist("postmaster", NULLADDR,
247 &e->e_errorqueue, 0, e);
249 if (!emptyaddr(&e->e_from))
251 char from[TOBUFSIZE];
253 if (sm_strlcpy(from, e->e_from.q_paddr,
254 sizeof from) >= sizeof from)
256 state = ESM_POSTMASTER;
260 if (!DontPruneRoutes)
261 (void) pruneroute(from);
263 (void) sendtolist(from, NULLADDR,
264 &e->e_errorqueue, 0, e);
268 ** Deliver a non-delivery report to the
269 ** Postmaster-designate (not necessarily
270 ** Postmaster). This does not include the
271 ** body of the message, for privacy reasons.
272 ** You really shouldn't need this.
275 e->e_flags |= EF_PM_NOTIFY;
277 /* check to see if there are any good addresses */
278 for (q = e->e_errorqueue; q != NULL; q = q->q_next)
280 if (QS_IS_SENDABLE(q->q_state))
285 /* this is an error-error */
286 state = ESM_POSTMASTER;
289 if (returntosender(e->e_message, e->e_errorqueue,
290 sendbody ? RTSF_SEND_BODY
298 /* didn't work -- return to postmaster */
299 state = ESM_POSTMASTER;
304 ** Similar to previous case, but to system postmaster.
308 expand(DoubleBounceAddr, buf, sizeof buf, e);
311 ** Just drop it on the floor if DoubleBounceAddr
312 ** expands to an empty string.
320 if (sendtolist(buf, NULLADDR, &q, 0, e) <= 0)
322 syserr("553 5.3.0 cannot parse %s!", buf);
323 ExitStat = EX_SOFTWARE;
324 state = ESM_DEADLETTERDROP;
327 flags = RTSF_PM_BOUNCE;
329 flags |= RTSF_SEND_BODY;
330 if (returntosender(e->e_message, q, flags, e) == 0)
336 /* didn't work -- last resort */
337 state = ESM_DEADLETTERDROP;
342 ** Save the message in dead.letter.
343 ** If we weren't mailing back, and the user is
344 ** local, we should save the message in
345 ** ~/dead.letter so that the poor person doesn't
346 ** have to type it over again -- and we all know
347 ** what poor typists UNIX users are.
351 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags))
353 if (e->e_from.q_home != NULL)
354 p = e->e_from.q_home;
355 else if (sm_mbdb_lookup(e->e_from.q_user, &user)
357 *user.mbdb_homedir != '\0')
358 p = user.mbdb_homedir;
360 if (p == NULL || e->e_dfp == NULL)
362 /* no local directory or no data file */
367 /* we have a home directory; write dead.letter */
368 macdefine(&e->e_macro, A_TEMP, 'z', p);
370 /* get the sender for the UnixFromLine */
371 p = macvalue('g', e);
372 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender);
374 expand("\201z/dead.letter", dlbuf, sizeof dlbuf, e);
375 sff = SFF_CREAT|SFF_REGONLY|SFF_RUNASREALUID;
379 if (writable(dlbuf, NULL, sff) &&
380 mailfile(dlbuf, FileMailer, NULL, sff, e) == EX_OK)
382 int oldverb = Verbose;
384 if (OpMode != MD_DAEMON && OpMode != MD_SMTP)
387 message("Saved message in %s", dlbuf);
389 macdefine(&e->e_macro, A_PERM, 'g', p);
393 macdefine(&e->e_macro, A_PERM, 'g', p);
397 case ESM_DEADLETTERDROP:
399 ** Log the mail in DeadLetterDrop file.
408 if ((SafeFileEnv != NULL && SafeFileEnv[0] != '\0') ||
409 DeadLetterDrop == NULL ||
410 DeadLetterDrop[0] == '\0')
416 sff = SFF_CREAT|SFF_REGONLY|SFF_ROOTOK|SFF_OPENASROOT|SFF_MUSTOWN;
417 if (!writable(DeadLetterDrop, NULL, sff) ||
418 (fp = safefopen(DeadLetterDrop, O_WRONLY|O_APPEND,
419 FileMode, sff)) == NULL)
425 memset(&mcibuf, '\0', sizeof mcibuf);
427 mcibuf.mci_mailer = FileMailer;
428 if (bitnset(M_7BITS, FileMailer->m_flags))
429 mcibuf.mci_flags |= MCIF_7BIT;
431 /* get the sender for the UnixFromLine */
432 p = macvalue('g', e);
433 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender);
435 if (!putfromline(&mcibuf, e) ||
436 !(*e->e_puthdr)(&mcibuf, e->e_header, e,
438 !(*e->e_putbody)(&mcibuf, e, NULL) ||
439 !putline("\n", &mcibuf) ||
440 sm_io_flush(fp, SM_TIME_DEFAULT) == SM_IO_EOF ||
442 sm_io_close(fp, SM_TIME_DEFAULT) < 0)
446 int oldverb = Verbose;
448 if (OpMode != MD_DAEMON && OpMode != MD_SMTP)
451 message("Saved message in %s",
455 sm_syslog(LOG_NOTICE, e->e_id,
456 "Saved message in %s",
460 macdefine(&e->e_macro, A_PERM, 'g', p);
464 syserr("554 5.3.5 savemail: unknown state %d", state);
468 /* leave the locked queue & transcript files around */
469 loseqfile(e, "savemail panic");
472 syserr("554 savemail: cannot save rejected email anywhere");
480 ** RETURNTOSENDER -- return a message to the sender with an error.
483 ** msg -- the explanatory message.
484 ** returnq -- the queue of people to send the message to.
485 ** flags -- flags tweaking the operation:
486 ** RTSF_SENDBODY -- include body of message (otherwise
487 ** just send the header).
488 ** RTSF_PMBOUNCE -- this is a postmaster bounce.
489 ** e -- the current envelope.
492 ** zero -- if everything went ok.
493 ** else -- some error.
496 ** Returns the current message to the sender via mail.
499 #define MAXRETURNS 6 /* max depth of returning messages */
500 #define ERRORFUDGE 1024 /* nominal size of error message text */
503 returntosender(msg, returnq, flags, e)
507 register ENVELOPE *e;
509 register ENVELOPE *ee;
510 ENVELOPE *oldcur = CurEnv;
511 ENVELOPE errenvelope;
512 static int returndepth = 0;
515 char buf[MAXNAME + 1];
521 msg = "Unable to deliver mail";
525 sm_dprintf("\n*** Return To Sender: msg=\"%s\", depth=%d, e=%p, returnq=",
526 msg, returndepth, e);
527 printaddr(sm_debug_file(), returnq, true);
530 sm_dprintf("Sendq=");
531 printaddr(sm_debug_file(), e->e_sendqueue, true);
535 if (++returndepth >= MAXRETURNS)
537 if (returndepth != MAXRETURNS)
538 syserr("554 5.3.0 returntosender: infinite recursion on %s",
540 /* don't "unrecurse" and fake a clean exit */
545 macdefine(&e->e_macro, A_PERM, 'g', e->e_sender);
546 macdefine(&e->e_macro, A_PERM, 'u', NULL);
548 /* initialize error envelope */
549 ee = newenvelope(&errenvelope, e, sm_rpool_new_x(NULL));
550 macdefine(&ee->e_macro, A_PERM, 'a', "\201b");
551 macdefine(&ee->e_macro, A_PERM, 'r', "");
552 macdefine(&ee->e_macro, A_PERM, 's', "localhost");
553 macdefine(&ee->e_macro, A_PERM, '_', "localhost");
556 ee->e_puthdr = putheader;
557 ee->e_putbody = errbody;
558 ee->e_flags |= EF_RESPONSE|EF_METOO;
559 if (!bitset(EF_OLDSTYLE, e->e_flags))
560 ee->e_flags &= ~EF_OLDSTYLE;
561 if (bitset(EF_DONT_MIME, e->e_flags))
563 ee->e_flags |= EF_DONT_MIME;
566 ** If we can't convert to MIME and we don't pass
567 ** 8-bit, we can't send the body.
570 if (bitset(EF_HAS8BIT, e->e_flags) &&
571 !bitset(MM_PASS8BIT, MimeMode))
572 flags &= ~RTSF_SEND_BODY;
575 ee->e_sendqueue = returnq;
577 if (bitset(RTSF_SEND_BODY, flags) &&
578 !bitset(PRIV_NOBODYRETN, PrivacyFlags))
579 ee->e_msgsize = ERRORFUDGE + e->e_msgsize;
581 ee->e_flags |= EF_NO_BODY_RETN;
583 if (!setnewqueue(ee))
585 syserr("554 5.3.0 returntosender: cannot select queue for %s",
587 ExitStat = EX_UNAVAILABLE;
594 _res.retry = TimeOuts.res_retry[RES_TO_FIRST];
595 _res.retrans = TimeOuts.res_retrans[RES_TO_FIRST];
596 #endif /* NAMED_BIND */
597 for (q = returnq; q != NULL; q = q->q_next)
599 if (QS_IS_BADADDR(q->q_state))
602 q->q_flags &= ~(QHASNOTIFY|Q_PINGFLAGS);
603 q->q_flags |= QPINGONFAILURE;
605 if (!QS_IS_DEAD(q->q_state))
608 if (q->q_alias == NULL)
609 addheader("To", q->q_paddr, 0, ee);
614 if (bitset(EF_RESPONSE, e->e_flags))
615 p = "return to sender";
616 else if (bitset(EF_WARNING, e->e_flags))
618 else if (bitset(RTSF_PM_BOUNCE, flags))
619 p = "postmaster notify";
622 sm_syslog(LOG_INFO, e->e_id, "%s: %s: %s",
623 ee->e_id, p, shortenstring(msg, MAXSHORTSTR));
628 addheader("MIME-Version", "1.0", 0, ee);
629 (void) sm_snprintf(buf, sizeof buf, "%s.%ld/%.100s",
630 ee->e_id, (long)curtime(), MyHostName);
631 ee->e_msgboundary = sm_rpool_strdup_x(ee->e_rpool, buf);
632 (void) sm_snprintf(buf, sizeof buf,
634 "multipart/report; report-type=delivery-status;\n\tboundary=\"%s\"",
636 "multipart/mixed; boundary=\"%s\"",
639 addheader("Content-Type", buf, 0, ee);
641 p = hvalue("Content-Transfer-Encoding", e->e_header);
642 if (p != NULL && sm_strcasecmp(p, "binary") != 0)
644 if (p == NULL && bitset(EF_HAS8BIT, e->e_flags))
647 addheader("Content-Transfer-Encoding", p, 0, ee);
649 if (strncmp(msg, "Warning:", 8) == 0)
651 addheader("Subject", msg, 0, ee);
652 p = "warning-timeout";
654 else if (strncmp(msg, "Postmaster warning:", 19) == 0)
656 addheader("Subject", msg, 0, ee);
657 p = "postmaster-warning";
659 else if (strcmp(msg, "Return receipt") == 0)
661 addheader("Subject", msg, 0, ee);
662 p = "return-receipt";
664 else if (bitset(RTSF_PM_BOUNCE, flags))
666 (void) sm_snprintf(buf, sizeof buf,
667 "Postmaster notify: see transcript for details");
668 addheader("Subject", buf, 0, ee);
669 p = "postmaster-notification";
673 (void) sm_snprintf(buf, sizeof buf,
674 "Returned mail: see transcript for details");
675 addheader("Subject", buf, 0, ee);
678 (void) sm_snprintf(buf, sizeof buf, "auto-generated (%s)", p);
679 addheader("Auto-Submitted", buf, 0, ee);
681 /* fake up an address header for the from person */
682 expand("\201n", buf, sizeof buf, e);
683 if (parseaddr(buf, &ee->e_from,
684 RF_COPYALL|RF_SENDERADDR, '\0', NULL, e, false) == NULL)
686 syserr("553 5.3.5 Can't parse myself!");
687 ExitStat = EX_SOFTWARE;
691 ee->e_from.q_flags &= ~(QHASNOTIFY|Q_PINGFLAGS);
692 ee->e_from.q_flags |= QPINGONFAILURE;
693 ee->e_sender = ee->e_from.q_paddr;
695 /* push state into submessage */
697 macdefine(&ee->e_macro, A_PERM, 'f', "\201n");
698 macdefine(&ee->e_macro, A_PERM, 'x', "Mail Delivery Subsystem");
699 eatheader(ee, true, true);
701 /* mark statistics */
702 markstats(ee, NULLADDR, STATS_NORMAL);
704 /* actually deliver the error message */
705 sendall(ee, SM_DELIVER);
708 dropenvelope(ee, true, false);
709 sm_rpool_free(ee->e_rpool);
713 /* check for delivery errors */
714 if (ee->e_parent == NULL ||
715 !bitset(EF_RESPONSE, ee->e_parent->e_flags))
717 for (q = ee->e_sendqueue; q != NULL; q = q->q_next)
719 if (QS_IS_ATTEMPTED(q->q_state))
725 ** ERRBODY -- output the body of an error message.
727 ** Typically this is a copy of the transcript plus a copy of the
728 ** original offending message.
731 ** mci -- the mailer connection information.
732 ** e -- the envelope we are working in.
733 ** separator -- any possible MIME separator (unused).
739 ** Outputs the body of an error message.
744 errbody(mci, e, separator)
746 register ENVELOPE *e;
753 register SM_FILE_T *xfile;
755 register ADDRESS *q = NULL;
756 char actual[MAXLINE];
759 if (bitset(MCIF_INHEADER, mci->mci_flags))
761 if (!putline("", mci))
763 mci->mci_flags &= ~MCIF_INHEADER;
765 if (e->e_parent == NULL)
767 syserr("errbody: null parent");
768 if (!putline(" ----- Original message lost -----\n", mci))
774 ** Output MIME header.
777 if (e->e_msgboundary != NULL)
779 (void) sm_strlcpyn(buf, sizeof buf, 2, "--", e->e_msgboundary);
780 if (!putline("This is a MIME-encapsulated message", mci) ||
782 !putline(buf, mci) ||
788 ** Output introductory information.
792 p = hvalue("subject", e->e_header);
793 if (p != NULL && strncmp(p, "Postmaster ", 11) == 0)
797 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next)
799 if (QS_IS_BADADDR(q->q_state))
803 if (!pm_notify && q == NULL &&
804 !bitset(EF_FATALERRS|EF_SENDRECEIPT, e->e_parent->e_flags))
806 if (!putline(" **********************************************",
808 !putline(" ** THIS IS A WARNING MESSAGE ONLY **",
810 !putline(" ** YOU DO NOT NEED TO RESEND YOUR MESSAGE **",
812 !putline(" **********************************************",
817 (void) sm_snprintf(buf, sizeof buf,
818 "The original message was received at %s",
819 arpadate(ctime(&e->e_parent->e_ctime)));
820 if (!putline(buf, mci))
822 expand("from \201_", buf, sizeof buf, e->e_parent);
823 if (!putline(buf, mci))
826 /* include id in postmaster copies */
827 if (pm_notify && e->e_parent->e_id != NULL)
829 (void) sm_strlcpyn(buf, sizeof buf, 2, "with id ",
831 if (!putline(buf, mci))
834 if (!putline("", mci))
838 ** Output error message header (if specified and available).
841 if (ErrMsgFile != NULL &&
842 !bitset(EF_SENDRECEIPT, e->e_parent->e_flags))
844 if (*ErrMsgFile == '/')
846 long sff = SFF_ROOTOK|SFF_REGONLY;
848 if (DontLockReadFiles)
850 if (!bitnset(DBS_ERRORHEADERINUNSAFEDIRPATH,
852 sff |= SFF_SAFEDIRPATH;
853 xfile = safefopen(ErrMsgFile, O_RDONLY, 0444, sff);
856 while (sm_io_fgets(xfile, SM_TIME_DEFAULT, buf,
859 translate_dollars(buf);
860 expand(buf, buf, sizeof buf, e);
861 if (!putline(buf, mci))
864 (void) sm_io_close(xfile, SM_TIME_DEFAULT);
865 if (!putline("\n", mci))
871 expand(ErrMsgFile, buf, sizeof buf, e);
872 if (!putline(buf, mci) || !putline("", mci))
878 ** Output message introduction
881 /* permanent fatal errors */
883 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next)
885 if (!QS_IS_BADADDR(q->q_state) ||
886 !bitset(QPINGONFAILURE, q->q_flags))
891 if (!putline(" ----- The following addresses had permanent fatal errors -----",
897 (void) sm_strlcpy(buf, shortenstring(q->q_paddr, MAXSHORTSTR),
899 if (!putline(buf, mci))
901 if (q->q_rstatus != NULL)
903 (void) sm_snprintf(buf, sizeof buf,
905 shortenstring(exitstat(q->q_rstatus),
907 if (!putline(buf, mci))
910 if (q->q_alias != NULL)
912 (void) sm_snprintf(buf, sizeof buf,
913 " (expanded from: %s)",
914 shortenstring(q->q_alias->q_paddr,
916 if (!putline(buf, mci))
920 if (!printheader && !putline("", mci))
923 /* transient non-fatal errors */
925 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next)
927 if (QS_IS_BADADDR(q->q_state) ||
928 !bitset(QPRIMARY, q->q_flags) ||
929 !bitset(QBYNDELAY, q->q_flags) ||
930 !bitset(QDELAYED, q->q_flags))
935 if (!putline(" ----- The following addresses had transient non-fatal errors -----",
941 (void) sm_strlcpy(buf, shortenstring(q->q_paddr, MAXSHORTSTR),
943 if (!putline(buf, mci))
945 if (q->q_alias != NULL)
947 (void) sm_snprintf(buf, sizeof buf,
948 " (expanded from: %s)",
949 shortenstring(q->q_alias->q_paddr,
951 if (!putline(buf, mci))
955 if (!printheader && !putline("", mci))
958 /* successful delivery notifications */
960 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next)
962 if (QS_IS_BADADDR(q->q_state) ||
963 !bitset(QPRIMARY, q->q_flags) ||
964 bitset(QBYNDELAY, q->q_flags) ||
965 bitset(QDELAYED, q->q_flags))
967 else if (bitset(QBYNRELAY, q->q_flags))
968 p = "Deliver-By notify: relayed";
969 else if (bitset(QBYTRACE, q->q_flags))
970 p = "Deliver-By trace: relayed";
971 else if (!bitset(QPINGONSUCCESS, q->q_flags))
973 else if (bitset(QRELAYED, q->q_flags))
974 p = "relayed to non-DSN-aware mailer";
975 else if (bitset(QDELIVERED, q->q_flags))
977 if (bitset(QEXPANDED, q->q_flags))
978 p = "successfully delivered to mailing list";
980 p = "successfully delivered to mailbox";
982 else if (bitset(QEXPANDED, q->q_flags))
983 p = "expanded by alias";
989 if (!putline(" ----- The following addresses had successful delivery notifications -----",
995 (void) sm_snprintf(buf, sizeof buf, "%s (%s)",
996 shortenstring(q->q_paddr, MAXSHORTSTR), p);
997 if (!putline(buf, mci))
999 if (q->q_alias != NULL)
1001 (void) sm_snprintf(buf, sizeof buf,
1002 " (expanded from: %s)",
1003 shortenstring(q->q_alias->q_paddr,
1005 if (!putline(buf, mci))
1009 if (!printheader && !putline("", mci))
1013 ** Output transcript of errors
1016 (void) sm_io_flush(smioout, SM_TIME_DEFAULT);
1017 if (e->e_parent->e_xfp == NULL)
1019 if (!putline(" ----- Transcript of session is unavailable -----\n",
1026 (void) bfrewind(e->e_parent->e_xfp);
1027 if (e->e_xfp != NULL)
1028 (void) sm_io_flush(e->e_xfp, SM_TIME_DEFAULT);
1029 while (sm_io_fgets(e->e_parent->e_xfp, SM_TIME_DEFAULT, buf,
1030 sizeof buf) != NULL)
1032 if (printheader && !putline(" ----- Transcript of session follows -----\n",
1035 printheader = false;
1036 if (!putline(buf, mci))
1044 ** Output machine-readable version.
1047 if (e->e_msgboundary != NULL)
1049 (void) sm_strlcpyn(buf, sizeof buf, 2, "--", e->e_msgboundary);
1050 if (!putline("", mci) ||
1051 !putline(buf, mci) ||
1052 !putline("Content-Type: message/delivery-status", mci) ||
1057 ** Output per-message information.
1060 /* original envelope id from MAIL FROM: line */
1061 if (e->e_parent->e_envid != NULL)
1063 (void) sm_snprintf(buf, sizeof buf,
1064 "Original-Envelope-Id: %.800s",
1065 xuntextify(e->e_parent->e_envid));
1066 if (!putline(buf, mci))
1070 /* Reporting-MTA: is us (required) */
1071 (void) sm_snprintf(buf, sizeof buf,
1072 "Reporting-MTA: dns; %.800s", MyHostName);
1073 if (!putline(buf, mci))
1076 /* DSN-Gateway: not relevant since we are not translating */
1078 /* Received-From-MTA: shows where we got this message from */
1079 if (RealHostName != NULL)
1081 /* XXX use $s for type? */
1082 if (e->e_parent->e_from.q_mailer == NULL ||
1083 (p = e->e_parent->e_from.q_mailer->m_mtatype) == NULL)
1085 (void) sm_snprintf(buf, sizeof buf,
1086 "Received-From-MTA: %s; %.800s",
1088 if (!putline(buf, mci))
1092 /* Arrival-Date: -- when it arrived here */
1093 (void) sm_strlcpyn(buf, sizeof buf, 2, "Arrival-Date: ",
1094 arpadate(ctime(&e->e_parent->e_ctime)));
1095 if (!putline(buf, mci))
1098 /* Deliver-By-Date: -- when it should have been delivered */
1099 if (IS_DLVR_BY(e->e_parent))
1103 dbyd = e->e_parent->e_ctime + e->e_parent->e_deliver_by;
1104 (void) sm_strlcpyn(buf, sizeof buf, 2,
1105 "Deliver-By-Date: ",
1106 arpadate(ctime(&dbyd)));
1107 if (!putline(buf, mci))
1112 ** Output per-address information.
1115 for (q = e->e_parent->e_sendqueue; q != NULL; q = q->q_next)
1119 if (QS_IS_BADADDR(q->q_state))
1121 /* RFC 1891, 6.2.6 (b) */
1122 if (bitset(QHASNOTIFY, q->q_flags) &&
1123 !bitset(QPINGONFAILURE, q->q_flags))
1127 else if (!bitset(QPRIMARY, q->q_flags))
1129 else if (bitset(QDELIVERED, q->q_flags))
1131 if (bitset(QEXPANDED, q->q_flags))
1132 action = "delivered (to mailing list)";
1134 action = "delivered (to mailbox)";
1136 else if (bitset(QRELAYED, q->q_flags))
1137 action = "relayed (to non-DSN-aware mailer)";
1138 else if (bitset(QEXPANDED, q->q_flags))
1139 action = "expanded (to multi-recipient alias)";
1140 else if (bitset(QDELAYED, q->q_flags))
1142 else if (bitset(QBYTRACE, q->q_flags))
1143 action = "relayed (Deliver-By trace mode)";
1144 else if (bitset(QBYNDELAY, q->q_flags))
1145 action = "delayed (Deliver-By notify mode)";
1146 else if (bitset(QBYNRELAY, q->q_flags))
1147 action = "relayed (Deliver-By notify mode)";
1151 if (!putline("", mci))
1154 /* Original-Recipient: -- passed from on high */
1155 if (q->q_orcpt != NULL)
1157 (void) sm_snprintf(buf, sizeof buf,
1158 "Original-Recipient: %.800s",
1160 if (!putline(buf, mci))
1164 /* Figure out actual recipient */
1166 if (q->q_user[0] != '\0')
1168 if (q->q_mailer != NULL &&
1169 q->q_mailer->m_addrtype != NULL)
1170 p = q->q_mailer->m_addrtype;
1174 if (sm_strcasecmp(p, "rfc822") == 0 &&
1175 strchr(q->q_user, '@') == NULL)
1177 (void) sm_snprintf(actual,
1179 "%s; %.700s@%.100s",
1185 (void) sm_snprintf(actual,
1192 /* Final-Recipient: -- the name from the RCPT command */
1193 if (q->q_finalrcpt == NULL)
1195 /* should never happen */
1196 sm_syslog(LOG_ERR, e->e_id,
1197 "returntosender: q_finalrcpt is NULL");
1199 /* try to fall back to the actual recipient */
1200 if (actual[0] != '\0')
1201 q->q_finalrcpt = sm_rpool_strdup_x(e->e_rpool,
1205 if (q->q_finalrcpt != NULL)
1207 (void) sm_snprintf(buf, sizeof buf,
1208 "Final-Recipient: %s",
1210 if (!putline(buf, mci))
1214 /* X-Actual-Recipient: -- the real problem address */
1215 if (actual[0] != '\0' &&
1216 q->q_finalrcpt != NULL &&
1217 #if _FFR_PRIV_NOACTUALRECIPIENT
1218 !bitset(PRIV_NOACTUALRECIPIENT, PrivacyFlags) &&
1219 #endif /* _FFR_PRIV_NOACTUALRECIPIENT */
1220 strcmp(actual, q->q_finalrcpt) != 0)
1222 (void) sm_snprintf(buf, sizeof buf,
1223 "X-Actual-Recipient: %s",
1225 if (!putline(buf, mci))
1229 /* Action: -- what happened? */
1230 (void) sm_strlcpyn(buf, sizeof buf, 2, "Action: ",
1232 if (!putline(buf, mci))
1235 /* Status: -- what _really_ happened? */
1236 if (q->q_status != NULL)
1238 else if (QS_IS_BADADDR(q->q_state))
1240 else if (QS_IS_QUEUEUP(q->q_state))
1244 (void) sm_strlcpyn(buf, sizeof buf, 2, "Status: ", p);
1245 if (!putline(buf, mci))
1248 /* Remote-MTA: -- who was I talking to? */
1249 if (q->q_statmta != NULL)
1251 if (q->q_mailer == NULL ||
1252 (p = q->q_mailer->m_mtatype) == NULL)
1254 (void) sm_snprintf(buf, sizeof buf,
1255 "Remote-MTA: %s; %.800s",
1257 p = &buf[strlen(buf) - 1];
1260 if (!putline(buf, mci))
1264 /* Diagnostic-Code: -- actual result from other end */
1265 if (q->q_rstatus != NULL)
1267 p = q->q_mailer->m_diagtype;
1270 (void) sm_snprintf(buf, sizeof buf,
1271 "Diagnostic-Code: %s; %.800s",
1273 if (!putline(buf, mci))
1277 /* Last-Attempt-Date: -- fine granularity */
1278 if (q->q_statdate == (time_t) 0L)
1279 q->q_statdate = curtime();
1280 (void) sm_strlcpyn(buf, sizeof buf, 2,
1281 "Last-Attempt-Date: ",
1282 arpadate(ctime(&q->q_statdate)));
1283 if (!putline(buf, mci))
1286 /* Will-Retry-Until: -- for delayed messages only */
1287 if (QS_IS_QUEUEUP(q->q_state))
1291 xdate = e->e_parent->e_ctime +
1292 TimeOuts.to_q_return[e->e_parent->e_timeoutclass];
1293 (void) sm_strlcpyn(buf, sizeof buf, 2,
1294 "Will-Retry-Until: ",
1295 arpadate(ctime(&xdate)));
1296 if (!putline(buf, mci))
1304 ** Output text of original message
1307 if (!putline("", mci))
1309 if (bitset(EF_HAS_DF, e->e_parent->e_flags))
1311 sendbody = !bitset(EF_NO_BODY_RETN, e->e_parent->e_flags) &&
1312 !bitset(EF_NO_BODY_RETN, e->e_flags);
1314 if (e->e_msgboundary == NULL)
1318 ? " ----- Original message follows -----\n"
1319 : " ----- Message header follows -----\n",
1327 (void) sm_strlcpyn(buf, sizeof buf, 2, "--",
1330 if (!putline(buf, mci))
1332 (void) sm_strlcpyn(buf, sizeof buf, 2, "Content-Type: ",
1333 sendbody ? "message/rfc822"
1334 : "text/rfc822-headers");
1335 if (!putline(buf, mci))
1338 p = hvalue("Content-Transfer-Encoding",
1339 e->e_parent->e_header);
1340 if (p != NULL && sm_strcasecmp(p, "binary") != 0)
1343 bitset(EF_HAS8BIT, e->e_parent->e_flags))
1347 (void) sm_snprintf(buf, sizeof buf,
1348 "Content-Transfer-Encoding: %s",
1350 if (!putline(buf, mci))
1354 if (!putline("", mci))
1357 if (!putheader(mci, e->e_parent->e_header, e->e_parent,
1363 if (!putbody(mci, e->e_parent, e->e_msgboundary))
1366 else if (e->e_msgboundary == NULL)
1368 if (!putline("", mci) ||
1369 !putline(" ----- Message body suppressed -----",
1376 else if (e->e_msgboundary == NULL)
1378 if (!putline(" ----- No message was collected -----\n", mci))
1382 if (e->e_msgboundary != NULL)
1384 (void) sm_strlcpyn(buf, sizeof buf, 3, "--", e->e_msgboundary,
1386 if (!putline("", mci) || !putline(buf, mci))
1389 if (!putline("", mci) ||
1390 sm_io_flush(mci->mci_out, SM_TIME_DEFAULT) == SM_IO_EOF)
1400 syserr("errbody: I/O error");
1407 ** SMTPTODSN -- convert SMTP to DSN status code
1410 ** smtpstat -- the smtp status code (e.g., 550).
1413 ** The DSN version of the status code.
1415 ** Storage Management:
1416 ** smtptodsn() returns a pointer to a character string literal,
1417 ** which will remain valid forever, and thus does not need to
1418 ** be copied. Current code relies on this property.
1430 case 450: /* Req mail action not taken: mailbox unavailable */
1433 case 451: /* Req action aborted: local error in processing */
1436 case 452: /* Req action not taken: insufficient sys storage */
1439 case 500: /* Syntax error, command unrecognized */
1442 case 501: /* Syntax error in parameters or arguments */
1445 case 502: /* Command not implemented */
1448 case 503: /* Bad sequence of commands */
1451 case 504: /* Command parameter not implemented */
1454 case 550: /* Req mail action not taken: mailbox unavailable */
1457 case 551: /* User not local; please try <...> */
1460 case 552: /* Req mail action aborted: exceeded storage alloc */
1463 case 553: /* Req action not taken: mailbox name not allowed */
1466 case 554: /* Transaction failed */
1470 if (REPLYTYPE(smtpstat) == 2)
1472 if (REPLYTYPE(smtpstat) == 4)
1477 ** XTEXTIFY -- take regular text and turn it into DSN-style xtext
1480 ** t -- the text to convert.
1481 ** taboo -- additional characters that must be encoded.
1484 ** The xtext-ified version of the same string.
1495 static char *bp = NULL;
1496 static int bplen = 0;
1501 /* figure out how long this xtext will have to be */
1503 for (p = t; *p != '\0'; p++)
1505 register int c = (*p & 0xff);
1507 /* ASCII dependence here -- this is the way the spec words it */
1508 if (c < '!' || c > '~' || c == '+' || c == '\\' || c == '(' ||
1509 strchr(taboo, c) != NULL)
1515 /* since nbogus is ssize_t and wrapped, 2 * size_t would wrap */
1516 syserr("!xtextify string too long");
1520 l += nbogus * 2 + 1;
1522 /* now allocate space if necessary for the new string */
1526 sm_free(bp); /* XXX */
1527 bp = sm_pmalloc_x(l);
1531 /* ok, copy the text with byte expansion */
1532 for (p = bp; *t != '\0'; )
1534 register int c = (*t++ & 0xff);
1536 /* ASCII dependence here -- this is the way the spec words it */
1537 if (c < '!' || c > '~' || c == '+' || c == '\\' || c == '(' ||
1538 strchr(taboo, c) != NULL)
1541 *p++ = "0123456789ABCDEF"[c >> 4];
1542 *p++ = "0123456789ABCDEF"[c & 0xf];
1551 ** XUNTEXTIFY -- take xtext and turn it into plain text
1554 ** t -- the xtextified text.
1557 ** The decoded text. No attempt is made to deal with
1558 ** null strings in the resulting text.
1567 static char *bp = NULL;
1568 static int bplen = 0;
1570 /* heuristic -- if no plus sign, just return the input */
1571 if (strchr(t, '+') == NULL)
1574 /* xtext is always longer than decoded text */
1579 sm_free(bp); /* XXX */
1584 /* ok, copy the text with byte compression */
1585 for (p = bp; *t != '\0'; t++)
1587 register int c = *t & 0xff;
1596 if (!isascii(c) || !isxdigit(c))
1598 /* error -- first digit is not hex */
1599 usrerr("bogus xtext: +%c", c);
1605 else if (isupper(c))
1612 if (!isascii(c) || !isxdigit(c))
1614 /* error -- second digit is not hex */
1615 usrerr("bogus xtext: +%x%c", *p >> 4, c);
1621 else if (isupper(c))
1631 ** XTEXTOK -- check if a string is legal xtext
1633 ** Xtext is used in Delivery Status Notifications. The spec was
1634 ** taken from RFC 1891, ``SMTP Service Extension for Delivery
1635 ** Status Notifications''.
1638 ** s -- the string to check.
1641 ** true -- if 's' is legal xtext.
1642 ** false -- if it has any illegal characters in it.
1651 while ((c = *s++) != '\0')
1656 if (!isascii(c) || !isxdigit(c))
1659 if (!isascii(c) || !isxdigit(c))
1662 else if (c < '!' || c > '~' || c == '=')
1668 ** PRUNEROUTE -- prune an RFC-822 source route
1670 ** Trims down a source route to the last internet-registered hop.
1671 ** This is encouraged by RFC 1123 section 5.3.3.
1674 ** addr -- the address
1677 ** true -- address was modified
1678 ** false -- address could not be pruned
1681 ** modifies addr in-place
1689 char *start, *at, *comma;
1694 char hostbuf[BUFSIZ];
1695 char *mxhosts[MAXMXHOSTS + 1];
1697 /* check to see if this is really a route-addr */
1698 if (*addr != '<' || addr[1] != '@' || addr[strlen(addr) - 1] != '>')
1702 ** Can't simply find the first ':' is the address might be in the
1703 ** form: "<@[IPv6:::1]:user@host>" and the first ':' in inside
1704 ** the IPv6 address.
1709 while (*start != '\0')
1711 if (*start == ':' && braclev <= 0)
1713 else if (*start == '[')
1715 else if (*start == ']' && braclev > 0)
1719 if (braclev > 0 || *start != ':')
1722 at = strrchr(addr, '@');
1723 if (at == NULL || at < start)
1726 /* slice off the angle brackets */
1728 if (i >= sizeof hostbuf)
1730 (void) sm_strlcpy(hostbuf, at + 1, sizeof hostbuf);
1731 hostbuf[i - 1] = '\0';
1733 while (start != NULL)
1735 if (getmxrr(hostbuf, mxhosts, NULL, false,
1736 &rcode, true, NULL) > 0)
1738 (void) sm_strlcpy(addr + 1, start + 1,
1744 comma = strrchr(addr, ',');
1745 if (comma != NULL && comma[1] == '@' &&
1746 strlen(comma + 2) < sizeof hostbuf)
1747 (void) sm_strlcpy(hostbuf, comma + 2, sizeof hostbuf);
1753 #endif /* NAMED_BIND */