* RFC 2821 - Simple Mail Transfer Protocol
* RFC 2822 - Internet Message Format
* RFC 2920 - SMTP Service Extension for Command Pipelining
+ *
+ * The VRFY and EXPN commands have been removed from this implementation
+ * because nobody uses these commands anymore, except for spammers.
*
*/
#include <arpa/inet.h>
#include "citadel.h"
#include "server.h"
-#include "sysdep_decls.h"
#include "citserver.h"
#include "support.h"
#include "config.h"
#include "control.h"
-#include "serv_extensions.h"
#include "room_ops.h"
#include "user_ops.h"
#include "policy.h"
#include "snprintf.h"
#endif
+
+#include "ctdl_module.h"
+
+
+
struct citsmtp { /* Information about the current session */
int command_state;
char helo_node[SIZ];
- struct ctdluser vrfy_buffer;
- int vrfy_count;
- char vrfy_match[SIZ];
char from[SIZ];
char recipients[SIZ];
int number_of_recipients;
smtp_plain
};
-enum { /* Delivery modes */
- smtp_deliver_local,
- smtp_deliver_remote
-};
-
#define SMTP CC->SMTP
-#define SMTP_RECPS CC->SMTP_RECPS
-#define SMTP_ROOMS CC->SMTP_ROOMS
int run_queue_now = 0; /* Set to 1 to ignore SMTP send retry times */
/*
* Here's where our SMTP session begins its happy day.
*/
-void smtp_greeting(void) {
+void smtp_greeting(int is_msa)
+{
+ char message_to_spammer[1024];
strcpy(CC->cs_clientname, "SMTP session");
CC->internal_pgm = 1;
CC->cs_flags |= CS_STEALTH;
SMTP = malloc(sizeof(struct citsmtp));
- SMTP_RECPS = malloc(SIZ);
- SMTP_ROOMS = malloc(SIZ);
memset(SMTP, 0, sizeof(struct citsmtp));
- memset(SMTP_RECPS, 0, SIZ);
- memset(SMTP_ROOMS, 0, SIZ);
+ SMTP->is_msa = is_msa;
+ /* If this config option is set, reject connections from problem
+ * addresses immediately instead of after they execute a RCPT
+ */
+ if ( (config.c_rbl_at_greeting) && (SMTP->is_msa == 0) ) {
+ if (rbl_check(message_to_spammer)) {
+ cprintf("550 %s\r\n", message_to_spammer);
+ CC->kill_me = 1;
+ /* no need to free_recipients(valid), it's not allocated yet */
+ return;
+ }
+ }
+
+ /* Otherwise we're either clean or we check later. */
+
+ if (CC->nologin==1) {
+ cprintf("500 Too many users are already online (maximum is %d)\r\n",
+ config.c_maxsessions
+ );
+ CC->kill_me = 1;
+ /* no need to free_recipients(valid), it's not allocated yet */
+ return;
+ }
+
+ /* Note: the FQDN *must* appear as the first thing after the 220 code.
+ * Some clients (including citmail.c) depend on it being there.
+ */
cprintf("220 %s ESMTP Citadel server ready.\r\n", config.c_fqdn);
}
#ifdef HAVE_OPENSSL
void smtps_greeting(void) {
CtdlStartTLS(NULL, NULL, NULL);
- smtp_greeting();
+ smtp_greeting(0);
}
#endif
* SMTP MSA port requires authentication.
*/
void smtp_msa_greeting(void) {
- smtp_greeting();
- SMTP->is_msa = 1;
+ smtp_greeting(1);
}
* LMTP is like SMTP but with some extra bonus footage added.
*/
void lmtp_greeting(void) {
- smtp_greeting();
+ smtp_greeting(0);
SMTP->is_lmtp = 1;
}
+/*
+ * Generic SMTP MTA greeting
+ */
+void smtp_mta_greeting(void) {
+ smtp_greeting(0);
+}
+
+
/*
* We also have an unfiltered LMTP socket that bypasses spam filters.
*/
void lmtp_unfiltered_greeting(void) {
- smtp_greeting();
+ smtp_greeting(0);
SMTP->is_lmtp = 1;
SMTP->is_unfiltered = 1;
}
cprintf("214-Commands accepted:\r\n");
cprintf("214- DATA\r\n");
cprintf("214- EHLO\r\n");
- cprintf("214- EXPN\r\n");
cprintf("214- HELO\r\n");
cprintf("214- HELP\r\n");
cprintf("214- MAIL\r\n");
cprintf("214- QUIT\r\n");
cprintf("214- RCPT\r\n");
cprintf("214- RSET\r\n");
- cprintf("214- VRFY\r\n");
cprintf("214 \r\n");
}
CtdlDecodeBase64(username, argbuf, SIZ);
/* lprintf(CTDL_DEBUG, "Trying <%s>\n", username); */
- if (CtdlLoginExistingUser(username) == login_ok) {
+ if (CtdlLoginExistingUser(NULL, username) == login_ok) {
CtdlEncodeBase64(buf, "Password:", 9);
cprintf("334 %s\r\n", buf);
SMTP->command_state = smtp_password;
char ident[256];
char user[256];
char pass[256];
+ int result;
- CtdlDecodeBase64(decoded_authstring,
- encoded_authstring,
- strlen(encoded_authstring) );
+ CtdlDecodeBase64(decoded_authstring, encoded_authstring, strlen(encoded_authstring) );
safestrncpy(ident, decoded_authstring, sizeof ident);
safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
SMTP->command_state = smtp_command;
- if (CtdlLoginExistingUser(user) == login_ok) {
+
+ if (strlen(ident) > 0) {
+ result = CtdlLoginExistingUser(user, ident);
+ }
+ else {
+ result = CtdlLoginExistingUser(NULL, user);
+ }
+
+ if (result == login_ok) {
if (CtdlTryPassword(pass) == pass_ok) {
smtp_auth_greeting();
return;
}
-/*
- * Back end for smtp_vrfy() command
- */
-void smtp_vrfy_backend(struct ctdluser *us, void *data) {
-
- if (!fuzzy_match(us, SMTP->vrfy_match)) {
- ++SMTP->vrfy_count;
- memcpy(&SMTP->vrfy_buffer, us, sizeof(struct ctdluser));
- }
-}
-
-
-/*
- * Implements the VRFY (verify user name) command.
- * Performs fuzzy match on full user names.
- */
-void smtp_vrfy(char *argbuf) {
- SMTP->vrfy_count = 0;
- strcpy(SMTP->vrfy_match, argbuf);
- ForEachUser(smtp_vrfy_backend, NULL);
-
- if (SMTP->vrfy_count < 1) {
- cprintf("550 5.1.1 String does not match anything.\r\n");
- }
- else if (SMTP->vrfy_count == 1) {
- cprintf("250 %s <cit%ld@%s>\r\n",
- SMTP->vrfy_buffer.fullname,
- SMTP->vrfy_buffer.usernum,
- config.c_fqdn);
- }
- else if (SMTP->vrfy_count > 1) {
- cprintf("553 5.1.4 Request ambiguous: %d users matched.\r\n",
- SMTP->vrfy_count);
- }
-
-}
-
-
-
-/*
- * Back end for smtp_expn() command
- */
-void smtp_expn_backend(struct ctdluser *us, void *data) {
-
- if (!fuzzy_match(us, SMTP->vrfy_match)) {
-
- if (SMTP->vrfy_count >= 1) {
- cprintf("250-%s <cit%ld@%s>\r\n",
- SMTP->vrfy_buffer.fullname,
- SMTP->vrfy_buffer.usernum,
- config.c_fqdn);
- }
-
- ++SMTP->vrfy_count;
- memcpy(&SMTP->vrfy_buffer, us, sizeof(struct ctdluser));
- }
-}
-
-
-/*
- * Implements the EXPN (expand user name) command.
- * Performs fuzzy match on full user names.
- */
-void smtp_expn(char *argbuf) {
- SMTP->vrfy_count = 0;
- strcpy(SMTP->vrfy_match, argbuf);
- ForEachUser(smtp_expn_backend, NULL);
-
- if (SMTP->vrfy_count < 1) {
- cprintf("550 5.1.1 String does not match anything.\r\n");
- }
- else if (SMTP->vrfy_count >= 1) {
- cprintf("250 %s <cit%ld@%s>\r\n",
- SMTP->vrfy_buffer.fullname,
- SMTP->vrfy_buffer.usernum,
- config.c_fqdn);
- }
-}
-
-
/*
* Implements the RSET (reset state) command.
* Currently this just zeroes out the state buffer. If pointers to data
* Implements the "RCPT To:" command
*/
void smtp_rcpt(char *argbuf) {
- char recp[SIZ];
+ char recp[1024];
char message_to_spammer[SIZ];
struct recptypes *valid = NULL;
return;
}
- strcpy(recp, &argbuf[3]);
+ safestrncpy(recp, &argbuf[3], sizeof recp);
striplt(recp);
stripallbut(recp, '<', '>');
}
/* RBL check */
- if ( (!CC->logged_in)
- && (!SMTP->is_lmtp) ) {
- if (rbl_check(message_to_spammer)) {
- cprintf("550 %s\r\n", message_to_spammer);
- /* no need to free(valid), it's not allocated yet */
- return;
+ if ( (!CC->logged_in) /* Don't RBL authenticated users */
+ && (!SMTP->is_lmtp) ) { /* Don't RBL LMTP clients */
+ if (config.c_rbl_at_greeting == 0) { /* Don't RBL again if we already did it */
+ if (rbl_check(message_to_spammer)) {
+ cprintf("550 %s\r\n", message_to_spammer);
+ /* no need to free_recipients(valid), it's not allocated yet */
+ return;
+ }
}
}
valid = validate_recipients(recp);
if (valid->num_error != 0) {
cprintf("599 5.1.1 Error: %s\r\n", valid->errormsg);
- free(valid);
+ free_recipients(valid);
return;
}
if (CC->logged_in) {
if (CtdlCheckInternetMailPermission(&CC->user)==0) {
cprintf("551 5.7.1 <%s> - you do not have permission to send Internet mail\r\n", recp);
- free(valid);
+ free_recipients(valid);
return;
}
}
if ( (SMTP->message_originated_locally == 0)
&& (SMTP->is_lmtp == 0) ) {
cprintf("551 5.7.1 <%s> - relaying denied\r\n", recp);
- free(valid);
+ free_recipients(valid);
return;
}
}
}
strcat(SMTP->recipients, recp);
SMTP->number_of_recipients += 1;
- if (valid != NULL)
- free(valid);
+ if (valid != NULL) {
+ free_recipients(valid);
+ }
}
/* Clean up */
CtdlFreeMessage(msg);
- free(valid);
+ free_recipients(valid);
smtp_data_clear(); /* clear out the buffers now */
}
smtp_data();
}
- else if (!strncasecmp(cmdbuf, "EXPN", 4)) {
- smtp_expn(&cmdbuf[5]);
- }
-
else if (!strncasecmp(cmdbuf, "HELO", 4)) {
smtp_hello(&cmdbuf[5], 0);
}
smtp_starttls();
}
#endif
- else if (!strncasecmp(cmdbuf, "VRFY", 4)) {
- smtp_vrfy(&cmdbuf[5]);
- }
-
else {
cprintf("502 5.0.0 I'm afraid I can't do that.\r\n");
}
sock = (-1);
for (mx=0; (mx<num_mxhosts && sock < 0); ++mx) {
+ char *endpart;
extract_token(buf, mxhosts, mx, '|', sizeof buf);
strcpy(mx_user, "");
strcpy(mx_pass, "");
if (num_tokens(buf, '@') > 1) {
- extract_token(mx_user, buf, 0, '@', sizeof mx_user);
- if (num_tokens(mx_user, ':') > 1) {
- extract_token(mx_pass, mx_user, 1, ':', sizeof mx_pass);
- remove_token(mx_user, 1, ':');
+ strcpy (mx_user, buf);
+ endpart = strrchr(mx_user, '@');
+ *endpart = '\0';
+ strcpy (mx_host, endpart + 1);
+ endpart = strrchr(mx_user, ':');
+ if (endpart != NULL) {
+ strcpy(mx_pass, endpart+1);
+ *endpart = '\0';
}
- remove_token(buf, 0, '@');
}
- extract_token(mx_host, buf, 0, ':', sizeof mx_host);
- extract_token(mx_port, buf, 1, ':', sizeof mx_port);
- if (!mx_port[0]) {
+ else
+ strcpy (mx_host, buf);
+ endpart = strrchr(mx_host, ':');
+ if (endpart != 0){
+ *endpart = '\0';
+ strcpy(mx_port, endpart + 1);
+ }
+ else {
strcpy(mx_port, "25");
}
lprintf(CTDL_DEBUG, "Trying %s : %s ...\n", mx_host, mx_port);
/* Do an AUTH command if necessary */
if (strlen(mx_user) > 0) {
- sprintf(buf, "%s%c%s%c%s%c", mx_user, 0, mx_user, 0, mx_pass, 0);
- CtdlEncodeBase64(mailfrom, buf, strlen(mx_user) + strlen(mx_user) + strlen(mx_pass) + 3);
- snprintf(buf, sizeof buf, "AUTH PLAIN %s\r\n", mailfrom);
+ char encoded[1024];
+ sprintf(buf, "%s%c%s%c%s", mx_user, '\0', mx_user, '\0', mx_pass);
+ CtdlEncodeBase64(encoded, buf, strlen(mx_user) + strlen(mx_user) + strlen(mx_pass) + 2);
+ snprintf(buf, sizeof buf, "AUTH PLAIN %s\r\n", encoded);
lprintf(CTDL_DEBUG, ">%s", buf);
sock_write(sock, buf, strlen(buf));
if (ml_sock_gets(sock, buf) < 0) {
char addr[1024];
char dsn[1024];
char bounceto[1024];
+ char boundary[64];
int num_bounces = 0;
int bounce_this = 0;
long bounce_msgid = (-1);
int give_up = 0;
struct recptypes *valid;
int successful_bounce = 0;
+ static int seq = 0;
+ char *omsgtext;
+ size_t omsgsize;
+ long omsgid = (-1);
lprintf(CTDL_DEBUG, "smtp_do_bounce() called\n");
strcpy(bounceto, "");
-
+ sprintf(boundary, "=_Citadel_Multipart_%s_%04x%04x", config.c_fqdn, getpid(), ++seq);
lines = num_tokens(instr, '\n');
-
/* See if it's time to give up on delivery of this message */
for (i=0; i<lines; ++i) {
extract_token(buf, instr, i, '\n', sizeof buf);
give_up = 1;
}
+ /* Start building our bounce message */
+
bmsg = (struct CtdlMessage *) malloc(sizeof(struct CtdlMessage));
if (bmsg == NULL) return;
memset(bmsg, 0, sizeof(struct CtdlMessage));
bmsg->cm_magic = CTDLMESSAGE_MAGIC;
bmsg->cm_anon_type = MES_NORMAL;
- bmsg->cm_format_type = 1;
+ bmsg->cm_format_type = FMT_RFC822;
bmsg->cm_fields['A'] = strdup("Citadel");
bmsg->cm_fields['O'] = strdup(MAILROOM);
bmsg->cm_fields['N'] = strdup(config.c_nodename);
bmsg->cm_fields['U'] = strdup("Delivery Status Notification (Failure)");
-
- if (give_up) bmsg->cm_fields['M'] = strdup(
+ bmsg->cm_fields['M'] = malloc(1024);
+
+ strcpy(bmsg->cm_fields['M'], "Content-type: multipart/mixed; boundary=\"");
+ strcat(bmsg->cm_fields['M'], boundary);
+ strcat(bmsg->cm_fields['M'], "\"\r\n");
+ strcat(bmsg->cm_fields['M'], "MIME-Version: 1.0\r\n");
+ strcat(bmsg->cm_fields['M'], "X-Mailer: " CITADEL "\r\n");
+ strcat(bmsg->cm_fields['M'], "\r\nThis is a multipart message in MIME format.\r\n\r\n");
+ strcat(bmsg->cm_fields['M'], "--");
+ strcat(bmsg->cm_fields['M'], boundary);
+ strcat(bmsg->cm_fields['M'], "\r\n");
+ strcat(bmsg->cm_fields['M'], "Content-type: text/plain\r\n\r\n");
+
+ if (give_up) strcat(bmsg->cm_fields['M'],
"A message you sent could not be delivered to some or all of its recipients\n"
"due to prolonged unavailability of its destination(s).\n"
"Giving up on the following addresses:\n\n"
);
- else bmsg->cm_fields['M'] = strdup(
+ else strcat(bmsg->cm_fields['M'],
"A message you sent could not be delivered to some or all of its recipients.\n"
"The following addresses were undeliverable:\n\n"
);
strcpy(bounceto, addr);
}
- if (
- (!strcasecmp(key, "local"))
- || (!strcasecmp(key, "remote"))
- || (!strcasecmp(key, "ignet"))
- || (!strcasecmp(key, "room"))
- ) {
+ if (!strcasecmp(key, "msgid")) {
+ omsgid = atol(addr);
+ }
+
+ if (!strcasecmp(key, "remote")) {
if (status == 5) bounce_this = 1;
if (give_up) bounce_this = 1;
}
strcat(bmsg->cm_fields['M'], addr);
strcat(bmsg->cm_fields['M'], ": ");
strcat(bmsg->cm_fields['M'], dsn);
- strcat(bmsg->cm_fields['M'], "\n");
+ strcat(bmsg->cm_fields['M'], "\r\n");
remove_token(instr, i, '\n');
--i;
}
}
+ /* Attach the original message */
+ if (omsgid >= 0) {
+ strcat(bmsg->cm_fields['M'], "--");
+ strcat(bmsg->cm_fields['M'], boundary);
+ strcat(bmsg->cm_fields['M'], "\r\n");
+ strcat(bmsg->cm_fields['M'], "Content-type: message/rfc822\r\n");
+ strcat(bmsg->cm_fields['M'], "Content-Transfer-Encoding: 7bit\r\n");
+ strcat(bmsg->cm_fields['M'], "Content-Disposition: inline\r\n");
+ strcat(bmsg->cm_fields['M'], "\r\n");
+
+ CC->redirect_buffer = malloc(SIZ);
+ CC->redirect_len = 0;
+ CC->redirect_alloc = SIZ;
+ CtdlOutputMsg(omsgid, MT_RFC822, HEADERS_ALL, 0, 1, NULL);
+ omsgtext = CC->redirect_buffer;
+ omsgsize = CC->redirect_len;
+ CC->redirect_buffer = NULL;
+ CC->redirect_len = 0;
+ CC->redirect_alloc = 0;
+ bmsg->cm_fields['M'] = realloc(bmsg->cm_fields['M'],
+ (strlen(bmsg->cm_fields['M']) + omsgsize + 1024) );
+ strcat(bmsg->cm_fields['M'], omsgtext);
+ free(omsgtext);
+ }
+
+ /* Close the multipart MIME scope */
+ strcat(bmsg->cm_fields['M'], "--");
+ strcat(bmsg->cm_fields['M'], boundary);
+ strcat(bmsg->cm_fields['M'], "--\r\n");
+
/* Deliver the bounce if there's anything worth mentioning */
lprintf(CTDL_DEBUG, "num_bounces = %d\n", num_bounces);
if (num_bounces > 0) {
/* Free up the memory we used */
if (valid != NULL) {
- free(valid);
+ free_recipients(valid);
}
}
completed = 0;
- if (
- (!strcasecmp(key, "local"))
- || (!strcasecmp(key, "remote"))
- || (!strcasecmp(key, "ignet"))
- || (!strcasecmp(key, "room"))
- ) {
+ if (!strcasecmp(key, "remote")) {
if (status == 2) completed = 1;
else ++incomplete;
}
lprintf(CTDL_DEBUG, "Performing SMTP cleanup hook\n");
free(SMTP);
- free(SMTP_ROOMS);
- free(SMTP_RECPS);
}
-char *serv_smtp_init(void)
+CTDL_MODULE_INIT(smtp)
{
-
CtdlRegisterServiceHook(config.c_smtp_port, /* SMTP MTA */
NULL,
- smtp_greeting,
+ smtp_mta_greeting,
smtp_command_loop,
NULL);
NULL);
CtdlRegisterServiceHook(0, /* local LMTP */
- file_lmtp_socket,
- lmtp_greeting,
- smtp_command_loop,
- NULL);
+ file_lmtp_socket,
+ lmtp_greeting,
+ smtp_command_loop,
+ NULL);
CtdlRegisterServiceHook(0, /* local LMTP */
- file_lmtp_unfiltered_socket,
- lmtp_unfiltered_greeting,
- smtp_command_loop,
- NULL);
+ file_lmtp_unfiltered_socket,
+ lmtp_unfiltered_greeting,
+ smtp_command_loop,
+ NULL);
smtp_init_spoolout();
CtdlRegisterSessionHook(smtp_do_queue, EVT_TIMER);
CtdlRegisterSessionHook(smtp_cleanup_function, EVT_STOP);
CtdlRegisterProtoHook(cmd_smtp, "SMTP", "SMTP utility commands");
+
+ /* return our Subversion id for the Log */
return "$Id$";
}