int vrfy_count;
char vrfy_match[SIZ];
char from[SIZ];
+ char recipients[SIZ];
int number_of_recipients;
int number_of_rooms;
int delivery_mode;
int message_originated_locally;
- struct recptypes valid;
};
enum { /* Command states for login authentication */
decode_base64(password, argbuf, SIZ);
lprintf(9, "Trying <%s>\n", password);
if (CtdlTryPassword(password) == pass_ok) {
- cprintf("235 Authentication successful.\r\n");
+ cprintf("235 Hello, %s\r\n", CC->usersupp.fullname);
lprintf(9, "SMTP authenticated login successful\n");
CC->internal_pgm = 0;
CC->cs_flags &= ~CS_STEALTH;
*/
void smtp_data_clear(void) {
strcpy(SMTP->from, "");
+ strcpy(SMTP->recipients, "");
SMTP->number_of_recipients = 0;
SMTP->delivery_mode = 0;
SMTP->message_originated_locally = 0;
- memset(&SMTP->valid, 0, sizeof(struct recptypes));
}
void smtp_mail(char *argbuf) {
char user[SIZ];
char node[SIZ];
- int cvt;
+ char name[SIZ];
+ struct recptypes *valid;
if (strlen(SMTP->from) != 0) {
cprintf("503 Only one sender permitted\r\n");
strcpy(SMTP->from, &argbuf[5]);
striplt(SMTP->from);
+ stripallbut(SMTP->from, '<', '>');
if (strlen(SMTP->from) == 0) {
cprintf("501 Empty sender name is not permitted\r\n");
return;
}
-
/* If this SMTP connection is from a logged-in user, make sure that
* the user only sends email from his/her own address.
*/
if (CC->logged_in) {
- cvt = convert_internet_address(user, node, SMTP->from);
- lprintf(9, "cvt=%d, citaddr=<%s@%s>\n", cvt, user, node);
- if ( (cvt != 0) || (strcasecmp(user, CC->usersupp.fullname))) {
+ valid = validate_recipients(SMTP->from);
+ if ( (valid->num_local == 1) &&
+ (!strcasecmp(valid->recp_local, CC->usersupp.fullname)) ) {
+ cprintf("250 Sender ok <%s>\r\n", valid->recp_local);
+ SMTP->message_originated_locally = 1;
+ }
+ else {
cprintf("550 <%s> is not your address.\r\n",
SMTP->from);
strcpy(SMTP->from, "");
- return;
- }
- else {
- SMTP->message_originated_locally = 1;
}
+ phree(valid);
+ return;
}
+
/* Otherwise, make sure outsiders aren't trying to forge mail from
* this system.
*/
else {
- cvt = convert_internet_address(user, node, SMTP->from);
- lprintf(9, "cvt=%d, citaddr=<%s@%s>\n", cvt, user, node);
- if (CtdlHostAlias(node) == hostalias_localhost) {
+ process_rfc822_addr(SMTP->from, user, node, name);
+ if (CtdlHostAlias(node) != hostalias_nomatch) {
cprintf("550 You must log in to send mail from %s\r\n",
node);
strcpy(SMTP->from, "");
* Implements the "RCPT To:" command
*/
void smtp_rcpt(char *argbuf) {
- int cvt;
- char user[SIZ];
- char node[SIZ];
char recp[SIZ];
+ struct recptypes *valid;
if (strlen(SMTP->from) == 0) {
cprintf("503 Need MAIL before RCPT\r\n");
strcpy(recp, &argbuf[3]);
striplt(recp);
stripallbut(recp, '<', '>');
- alias(recp);
- cvt = convert_internet_address(user, node, recp);
- snprintf(recp, sizeof recp, "%s@%s", user, node);
- lprintf(9, "cvt=%d, citaddr=<%s@%s>\n", cvt, user, node);
-
- /* FIXME possible buffer overflow type of issues here. */
- switch(cvt) {
- case rfc822_address_locally_validated:
- cprintf("250 %s is a valid local user.\r\n", user);
- if (SMTP->valid.num_local > 0) {
- strcat(SMTP->valid.recp_local, "|");
- }
- strcat(SMTP->valid.recp_local, user);
- SMTP->valid.num_local += 1;
- SMTP->number_of_recipients += 1;
- return;
- case rfc822_room_delivery:
- cprintf("250 Delivering to room '%s'\r\n", user);
- if (SMTP->valid.num_room > 0) {
- strcat(SMTP->valid.recp_room, "|");
- }
- strcat(SMTP->valid.recp_room, user);
- SMTP->valid.num_room += 1;
- SMTP->number_of_recipients += 1;
- return;
-
- case rfc822_address_on_citadel_network:
- cprintf("250 '%s' is a valid network user.\r\n", user);
- if (SMTP->valid.num_ignet > 0) {
- strcat(SMTP->valid.recp_ignet, "|");
- }
- strcat(SMTP->valid.recp_ignet, user);
- SMTP->valid.num_ignet += 1;
- SMTP->number_of_recipients += 1;
- return;
-
- case rfc822_no_such_user:
- cprintf("550 %s: no such user\r\n", recp);
- return;
+ if ( (strlen(recp) + strlen(SMTP->recipients) + 1 ) >= SIZ) {
+ cprintf("452 Too many recipients\r\n");
+ return;
+ }
- case rfc822_address_nonlocal:
- if (SMTP->message_originated_locally == 0) {
- cprintf("551 Relaying denied.\r\n");
- }
- else {
- cprintf("250 Remote recipient %s ok\r\n", recp);
+ valid = validate_recipients(recp);
+ if (valid->num_error > 0) {
+ cprintf("599 Error: %s\r\n", valid->errormsg);
+ phree(valid);
+ return;
+ }
- if (SMTP->valid.num_internet > 0) {
- strcat(SMTP->valid.recp_internet, "|");
- }
- strcat(SMTP->valid.recp_internet, user);
- SMTP->valid.num_internet += 1;
- SMTP->number_of_recipients += 1;
- return;
- }
+ if (valid->num_internet > 0) {
+ if (SMTP->message_originated_locally == 0) {
+ cprintf("551 Relaying denied <%s>\r\n", recp);
+ phree(valid);
return;
+ }
}
- cprintf("599 Unknown error\r\n");
+ cprintf("250 RCPT ok <%s>\r\n", recp);
+ if (strlen(SMTP->recipients) > 0) {
+ strcat(SMTP->recipients, ",");
+ }
+ strcat(SMTP->recipients, recp);
+ SMTP->number_of_recipients += 1;
}
struct CtdlMessage *msg;
long msgnum;
char nowstamp[SIZ];
+ struct recptypes *valid;
if (strlen(SMTP->from) == 0) {
cprintf("503 Need MAIL command first.\r\n");
cprintf("354 Transmit message now; terminate with '.' by itself\r\n");
- datestring(nowstamp, time(NULL), DATESTRING_RFC822);
+ datestring(nowstamp, sizeof nowstamp, time(NULL), DATESTRING_RFC822);
body = mallok(4096);
+ /* FIXME
+ it should be Received: from %s (real.name.dom [w.x.y.z])
+ */
if (body != NULL) snprintf(body, 4096,
- "Received: from %s\n"
- " by %s;\n"
- " %s\n",
+ "Received: from %s (%s)\n"
+ " by %s; %s\n",
SMTP->helo_node,
+ CC->cs_host,
config.c_fqdn,
nowstamp);
}
/* Submit the message into the Citadel system. */
- msgnum = CtdlSubmitMsg(msg, &SMTP->valid, "");
+ valid = validate_recipients(SMTP->recipients);
+ msgnum = CtdlSubmitMsg(msg, valid, "");
CtdlFreeMessage(msg);
+ phree(valid);
if (msgnum > 0L) {
cprintf("250 Message accepted.\r\n");
CC->kill_me = 1;
return;
}
- lprintf(5, "citserver[%3d]: %s\n", CC->cs_pid, cmdbuf);
+ lprintf(5, "SMTP: %s\n", cmdbuf);
while (strlen(cmdbuf) < 5) strcat(cmdbuf, " ");
if (SMTP->command_state == smtp_user) {
/* First try the user who sent the message */
lprintf(9, "bounce to user? <%s>\n", bounceto);
- TRACE;
if (strlen(bounceto) == 0) {
lprintf(7, "No bounce address specified\n");
bounce_msgid = (-1L);