* RFC 821 - Simple Mail Transfer Protocol
* RFC 876 - Survey of SMTP Implementations
* RFC 1047 - Duplicate messages and SMTP
- * RFC 1854 - command pipelining
+ * RFC 1652 - 8 bit MIME
* RFC 1869 - Extended Simple Mail Transfer Protocol
* RFC 1870 - SMTP Service Extension for Message Size Declaration
- * RFC 1893 - Enhanced Mail System Status Codes
* RFC 2033 - Local Mail Transfer Protocol
- * RFC 2034 - SMTP Service Extension for Returning Enhanced Error Codes
* RFC 2197 - SMTP Service Extension for Command Pipelining
* RFC 2476 - Message Submission
* RFC 2487 - SMTP Service Extension for Secure SMTP over TLS
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#include <libcitadel.h>
#include "citadel.h"
#include "server.h"
#include "citserver.h"
#include "policy.h"
#include "database.h"
#include "msgbase.h"
-#include "tools.h"
#include "internet_addressing.h"
#include "genstamp.h"
#include "domain.h"
#include "locate_host.h"
#include "citadel_dirs.h"
-#ifdef HAVE_OPENSSL
-#include "serv_crypto.h"
-#endif
-
#ifndef HAVE_SNPRINTF
smtp_plain
};
-#define SMTP CC->SMTP
+#define SMTP ((struct citsmtp *)CC->session_specific_data)
int run_queue_now = 0; /* Set to 1 to ignore SMTP send retry times */
strcpy(CC->cs_clientname, "SMTP session");
CC->internal_pgm = 1;
CC->cs_flags |= CS_STEALTH;
- SMTP = malloc(sizeof(struct citsmtp));
+ CC->session_specific_data = malloc(sizeof(struct citsmtp));
memset(SMTP, 0, sizeof(struct citsmtp));
SMTP->is_msa = is_msa;
/*
* SMTPS is just like SMTP, except it goes crypto right away.
*/
-#ifdef HAVE_OPENSSL
void smtps_greeting(void) {
- CtdlStartTLS(NULL, NULL, NULL);
+ CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
+#ifdef HAVE_OPENSSL
+ if (!CC->redirect_ssl) CC->kill_me = 1; /* kill session if no crypto */
+#endif
smtp_greeting(0);
}
-#endif
/*
* Login greeting common to all auth methods
*/
void smtp_auth_greeting(void) {
- cprintf("235 2.0.0 Hello, %s\r\n", CC->user.fullname);
+ cprintf("235 Hello, %s\r\n", CC->user.fullname);
lprintf(CTDL_NOTICE, "SMTP authenticated %s\n", CC->user.fullname);
CC->internal_pgm = 0;
CC->cs_flags &= ~CS_STEALTH;
cprintf("250-SIZE %ld\r\n", config.c_maxmsglen);
#ifdef HAVE_OPENSSL
-
- /* Only offer the PIPELINING command if TLS is inactive,
- * because of flow control issues. Also, avoid offering TLS
- * if TLS is already active. Finally, we only offer TLS on
+ /*
+ * Offer TLS, but only if TLS is not already active.
+ * Furthermore, only offer TLS when running on
* the SMTP-MSA port, not on the SMTP-MTA port, due to
* questionable reliability of TLS in certain sending MTA's.
*/
if ( (!CC->redirect_ssl) && (SMTP->is_msa) ) {
- cprintf("250-PIPELINING\r\n");
cprintf("250-STARTTLS\r\n");
}
-
-#else /* HAVE_OPENSSL */
-
- /* Non SSL enabled server, so always offer PIPELINING. */
- cprintf("250-PIPELINING\r\n");
-
#endif /* HAVE_OPENSSL */
- cprintf("250-AUTH LOGIN PLAIN\r\n");
- cprintf("250-AUTH=LOGIN PLAIN\r\n");
-
- cprintf("250 ENHANCEDSTATUSCODES\r\n");
+ cprintf("250-AUTH LOGIN PLAIN\r\n"
+ "250-AUTH=LOGIN PLAIN\r\n"
+ "250 8BITMIME\r\n"
+ );
}
}
CtdlDecodeBase64(username, argbuf, SIZ);
/* lprintf(CTDL_DEBUG, "Trying <%s>\n", username); */
if (CtdlLoginExistingUser(NULL, username) == login_ok) {
- CtdlEncodeBase64(buf, "Password:", 9);
+ CtdlEncodeBase64(buf, "Password:", 9, 0);
cprintf("334 %s\r\n", buf);
SMTP->command_state = smtp_password;
}
else {
- cprintf("500 5.7.0 No such user.\r\n");
+ cprintf("500 No such user.\r\n");
SMTP->command_state = smtp_command;
}
}
smtp_auth_greeting();
}
else {
- cprintf("535 5.7.0 Authentication failed.\r\n");
+ cprintf("535 Authentication failed.\r\n");
}
SMTP->command_state = smtp_command;
}
SMTP->command_state = smtp_command;
- if (strlen(ident) > 0) {
+ if (!IsEmptyStr(ident)) {
result = CtdlLoginExistingUser(user, ident);
}
else {
return;
}
}
- cprintf("504 5.7.4 Authentication failed.\r\n");
+ cprintf("504 Authentication failed.\r\n");
}
char encoded_authstring[1024];
if (CC->logged_in) {
- cprintf("504 5.7.4 Already logged in.\r\n");
+ cprintf("504 Already logged in.\r\n");
return;
}
smtp_get_user(&argbuf[6]);
}
else {
- CtdlEncodeBase64(username_prompt, "Username:", 9);
+ CtdlEncodeBase64(username_prompt, "Username:", 9, 0);
cprintf("334 %s\r\n", username_prompt);
SMTP->command_state = smtp_user;
}
}
if (strncasecmp(method, "login", 5) ) {
- cprintf("504 5.7.4 Unknown authentication method.\r\n");
+ cprintf("504 Unknown authentication method.\r\n");
return;
}
SMTP->is_unfiltered = is_unfiltered;
if (do_response) {
- cprintf("250 2.0.0 Zap!\r\n");
+ cprintf("250 Zap!\r\n");
}
}
SMTP->message_originated_locally = 0;
}
+const char *smtp_get_Recipients(void)
+{
+ if (SMTP == NULL)
+ return NULL;
+ else return SMTP->from;
+}
/*
* Implements the "MAIL From:" command
char node[SIZ];
char name[SIZ];
- if (strlen(SMTP->from) != 0) {
- cprintf("503 5.1.0 Only one sender permitted\r\n");
+ if (!IsEmptyStr(SMTP->from)) {
+ cprintf("503 Only one sender permitted\r\n");
return;
}
if (strncasecmp(argbuf, "From:", 5)) {
- cprintf("501 5.1.7 Syntax error\r\n");
+ cprintf("501 Syntax error\r\n");
return;
}
* address so we don't have to contend with the empty string causing
* other code to fail when it's expecting something there.
*/
- if (strlen(SMTP->from) == 0) {
+ if (IsEmptyStr(SMTP->from)) {
strcpy(SMTP->from, "someone@somewhere.org");
}
*/
if (CC->logged_in) {
safestrncpy(SMTP->from, CC->cs_inet_email, sizeof SMTP->from);
- cprintf("250 2.1.0 Sender ok <%s>\r\n", SMTP->from);
+ cprintf("250 Sender ok <%s>\r\n", SMTP->from);
SMTP->message_originated_locally = 1;
return;
}
else if (config.c_allow_spoofing == 0) {
process_rfc822_addr(SMTP->from, user, node, name);
if (CtdlHostAlias(node) != hostalias_nomatch) {
- cprintf("550 5.7.1 "
- "You must log in to send mail from %s\r\n",
- node);
+ cprintf("550 You must log in to send mail from %s\r\n", node);
strcpy(SMTP->from, "");
return;
}
}
- cprintf("250 2.0.0 Sender ok\r\n");
+ cprintf("250 Sender ok\r\n");
}
char message_to_spammer[SIZ];
struct recptypes *valid = NULL;
- if (strlen(SMTP->from) == 0) {
- cprintf("503 5.5.1 Need MAIL before RCPT\r\n");
+ if (IsEmptyStr(SMTP->from)) {
+ cprintf("503 Need MAIL before RCPT\r\n");
return;
}
if (strncasecmp(argbuf, "To:", 3)) {
- cprintf("501 5.1.7 Syntax error\r\n");
+ cprintf("501 Syntax error\r\n");
return;
}
if ( (SMTP->is_msa) && (!CC->logged_in) ) {
- cprintf("550 5.1.8 "
- "You must log in to send mail on this port.\r\n");
+ cprintf("550 You must log in to send mail on this port.\r\n");
strcpy(SMTP->from, "");
return;
}
stripallbut(recp, '<', '>');
if ( (strlen(recp) + strlen(SMTP->recipients) + 1 ) >= SIZ) {
- cprintf("452 4.5.3 Too many recipients\r\n");
+ cprintf("452 Too many recipients\r\n");
return;
}
}
}
- valid = validate_recipients(recp);
+ valid = validate_recipients(recp,
+ smtp_get_Recipients (),
+ (CC->logged_in)? POST_LOGGED_IN:POST_EXTERNAL);
if (valid->num_error != 0) {
- cprintf("599 5.1.1 Error: %s\r\n", valid->errormsg);
+ cprintf("599 Error: %s\r\n", valid->errormsg);
free_recipients(valid);
return;
}
if (valid->num_internet > 0) {
if (CC->logged_in) {
if (CtdlCheckInternetMailPermission(&CC->user)==0) {
- cprintf("551 5.7.1 <%s> - you do not have permission to send Internet mail\r\n", recp);
+ cprintf("551 <%s> - you do not have permission to send Internet mail\r\n", recp);
free_recipients(valid);
return;
}
if (valid->num_internet > 0) {
if ( (SMTP->message_originated_locally == 0)
&& (SMTP->is_lmtp == 0) ) {
- cprintf("551 5.7.1 <%s> - relaying denied\r\n", recp);
+ cprintf("551 <%s> - relaying denied\r\n", recp);
free_recipients(valid);
return;
}
}
- cprintf("250 2.1.5 RCPT ok <%s>\r\n", recp);
- if (strlen(SMTP->recipients) > 0) {
+ cprintf("250 RCPT ok <%s>\r\n", recp);
+ if (!IsEmptyStr(SMTP->recipients)) {
strcat(SMTP->recipients, ",");
}
strcat(SMTP->recipients, recp);
int i;
char result[SIZ];
- if (strlen(SMTP->from) == 0) {
- cprintf("503 5.5.1 Need MAIL command first.\r\n");
+ if (IsEmptyStr(SMTP->from)) {
+ cprintf("503 Need MAIL command first.\r\n");
return;
}
if (SMTP->number_of_recipients < 1) {
- cprintf("503 5.5.1 Need RCPT command first.\r\n");
+ cprintf("503 Need RCPT command first.\r\n");
return;
}
config.c_fqdn,
nowstamp);
- body = CtdlReadMessageBody(".", config.c_maxmsglen, body, 1);
+ body = CtdlReadMessageBody(".", config.c_maxmsglen, body, 1, 0);
if (body == NULL) {
- cprintf("550 5.6.5 "
- "Unable to save message: internal error.\r\n");
+ cprintf("550 Unable to save message: internal error.\r\n");
return;
}
msg->cm_fields['V'] = strdup(SMTP->recipients);
/* Submit the message into the Citadel system. */
- valid = validate_recipients(SMTP->recipients);
+ valid = validate_recipients(SMTP->recipients,
+ smtp_get_Recipients (),
+ (CC->logged_in)? POST_LOGGED_IN:POST_EXTERNAL);
/* If there are modules that want to scan this message before final
* submission (such as virus checkers or spam filters), call them now
/*
* implements the STARTTLS command (Citadel API version)
*/
-#ifdef HAVE_OPENSSL
void smtp_starttls(void)
{
char ok_response[SIZ];
char error_response[SIZ];
sprintf(ok_response,
- "200 2.0.0 Begin TLS negotiation now\r\n");
+ "220 2.0.0 Begin TLS negotiation now\r\n");
sprintf(nosup_response,
"554 5.7.3 TLS not supported here\r\n");
sprintf(error_response,
"554 5.7.3 Internal error\r\n");
- CtdlStartTLS(ok_response, nosup_response, error_response);
+ CtdlModuleStartCryptoMsgs(ok_response, nosup_response, error_response);
smtp_rset(0);
}
-#endif
}
#endif
else {
- cprintf("502 5.0.0 I'm afraid I can't do that.\r\n");
+ cprintf("502 I'm afraid I can't do that.\r\n");
}
if (!strncasecmp(buf, "From:", 5)) {
safestrncpy(mailfrom, &buf[5], sizeof mailfrom);
striplt(mailfrom);
- for (i=0; i<strlen(mailfrom); ++i) {
+ for (i=0; mailfrom[i]; ++i) {
if (!isprint(mailfrom[i])) {
strcpy(&mailfrom[i], &mailfrom[i+1]);
i=0;
/* Strip out parenthesized names */
lp = (-1);
rp = (-1);
- for (i=0; i<strlen(mailfrom); ++i) {
+ for (i=0; mailfrom[i]; ++i) {
if (mailfrom[i] == '(') lp = i;
if (mailfrom[i] == ')') rp = i;
}
/* Prefer brokketized names */
lp = (-1);
rp = (-1);
- for (i=0; i<strlen(mailfrom); ++i) {
+ for (i=0; mailfrom[i]; ++i) {
if (mailfrom[i] == '<') lp = i;
if (mailfrom[i] == '>') rp = i;
}
scan_done = 1;
}
} while (scan_done == 0);
- if (strlen(mailfrom)==0) strcpy(mailfrom, "someone@somewhere.org");
+ if (IsEmptyStr(mailfrom)) strcpy(mailfrom, "someone@somewhere.org");
stripallbut(mailfrom, '<', '>');
/* Figure out what mail exchanger host we have to connect to */
}
/* Do an AUTH command if necessary */
- if (strlen(mx_user) > 0) {
+ if (!IsEmptyStr(mx_user)) {
char encoded[1024];
sprintf(buf, "%s%c%s%c%s", mx_user, '\0', mx_user, '\0', mx_pass);
- CtdlEncodeBase64(encoded, buf, strlen(mx_user) + strlen(mx_user) + strlen(mx_pass) + 2);
+ CtdlEncodeBase64(encoded, buf, strlen(mx_user) + strlen(mx_user) + strlen(mx_pass) + 2, 0);
snprintf(buf, sizeof buf, "AUTH PLAIN %s\r\n", encoded);
lprintf(CTDL_DEBUG, ">%s", buf);
sock_write(sock, buf, strlen(buf));
/* First try the user who sent the message */
lprintf(CTDL_DEBUG, "bounce to user? <%s>\n", bounceto);
- if (strlen(bounceto) == 0) {
+ if (IsEmptyStr(bounceto)) {
lprintf(CTDL_ERR, "No bounce address specified\n");
bounce_msgid = (-1L);
}
/* Can we deliver the bounce to the original sender? */
- valid = validate_recipients(bounceto);
+ valid = validate_recipients(bounceto, smtp_get_Recipients (), 0);
if (valid != NULL) {
if (valid->num_error == 0) {
CtdlSubmitMsg(bmsg, valid, "");
-
+const char *CitadelServiceSMTP_MTA="SMTP-MTA";
+const char *CitadelServiceSMTPS_MTA="SMTPs-MTA";
+const char *CitadelServiceSMTP_MSA="SMTP-MSA";
+const char *CitadelServiceSMTP_LMTP="LMTP";
+const char *CitadelServiceSMTP_LMTP_UNF="LMTP-UnF";
CTDL_MODULE_INIT(smtp)
{
- CtdlRegisterServiceHook(config.c_smtp_port, /* SMTP MTA */
- NULL,
- smtp_mta_greeting,
- smtp_command_loop,
- NULL);
+ if (!threading)
+ {
+ CtdlRegisterServiceHook(config.c_smtp_port, /* SMTP MTA */
+ NULL,
+ smtp_mta_greeting,
+ smtp_command_loop,
+ NULL,
+ CitadelServiceSMTP_MTA);
#ifdef HAVE_OPENSSL
- CtdlRegisterServiceHook(config.c_smtps_port,
- NULL,
- smtps_greeting,
- smtp_command_loop,
- NULL);
+ CtdlRegisterServiceHook(config.c_smtps_port,
+ NULL,
+ smtps_greeting,
+ smtp_command_loop,
+ NULL,
+ CitadelServiceSMTPS_MTA);
#endif
- CtdlRegisterServiceHook(config.c_msa_port, /* SMTP MSA */
- NULL,
- smtp_msa_greeting,
- smtp_command_loop,
- NULL);
-
- CtdlRegisterServiceHook(0, /* local LMTP */
- file_lmtp_socket,
- lmtp_greeting,
- smtp_command_loop,
- NULL);
-
- CtdlRegisterServiceHook(0, /* local LMTP */
- file_lmtp_unfiltered_socket,
- lmtp_unfiltered_greeting,
- smtp_command_loop,
- NULL);
-
- smtp_init_spoolout();
- CtdlRegisterSessionHook(smtp_do_queue, EVT_TIMER);
- CtdlRegisterSessionHook(smtp_cleanup_function, EVT_STOP);
- CtdlRegisterProtoHook(cmd_smtp, "SMTP", "SMTP utility commands");
-
+ CtdlRegisterServiceHook(config.c_msa_port, /* SMTP MSA */
+ NULL,
+ smtp_msa_greeting,
+ smtp_command_loop,
+ NULL,
+ CitadelServiceSMTP_MSA);
+
+ CtdlRegisterServiceHook(0, /* local LMTP */
+ file_lmtp_socket,
+ lmtp_greeting,
+ smtp_command_loop,
+ NULL,
+ CitadelServiceSMTP_LMTP);
+
+ CtdlRegisterServiceHook(0, /* local LMTP */
+ file_lmtp_unfiltered_socket,
+ lmtp_unfiltered_greeting,
+ smtp_command_loop,
+ NULL,
+ CitadelServiceSMTP_LMTP_UNF);
+
+ smtp_init_spoolout();
+ CtdlRegisterSessionHook(smtp_do_queue, EVT_TIMER);
+ CtdlRegisterSessionHook(smtp_cleanup_function, EVT_STOP);
+ CtdlRegisterProtoHook(cmd_smtp, "SMTP", "SMTP utility commands");
+ }
+
/* return our Subversion id for the Log */
return "$Id$";
}