X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fserv_smtp.c;h=c5da74dd3e8352964a3a31fcf7b394f4d5e0e945;hb=c60ee2e375c3b381e36ffebb525f21f7aaf608fd;hp=6617cc2c4e465376e6e29afd4586ba190fb42624;hpb=e5ec517f0b5d29abe81caca0762c67139d55e343;p=citadel.git diff --git a/citadel/serv_smtp.c b/citadel/serv_smtp.c index 6617cc2c4..c5da74dd3 100644 --- a/citadel/serv_smtp.c +++ b/citadel/serv_smtp.c @@ -1,8 +1,24 @@ /* * $Id$ * - * An implementation of RFC821 (Simple Mail Transfer Protocol) for the - * Citadel system. + * This module is an SMTP and ESMTP implementation for the Citadel system. + * It is compliant with all of the following: + * + * RFC 821 - Simple Mail Transfer Protocol + * RFC 876 - Survey of SMTP Implementations + * RFC 1047 - Duplicate messages and SMTP + * RFC 1854 - command pipelining + * RFC 1869 - Extended Simple Mail Transfer Protocol + * RFC 1870 - SMTP Service Extension for Message Size Declaration + * RFC 1893 - Enhanced Mail System Status Codes + * RFC 2033 - Local Mail Transfer Protocol + * RFC 2034 - SMTP Service Extension for Returning Enhanced Error Codes + * RFC 2197 - SMTP Service Extension for Command Pipelining + * RFC 2487 - SMTP Service Extension for Secure SMTP over TLS + * RFC 2554 - SMTP Service Extension for Authentication + * RFC 2821 - Simple Mail Transfer Protocol + * RFC 2822 - Internet Message Format + * RFC 2920 - SMTP Service Extension for Command Pipelining * */ @@ -31,6 +47,9 @@ #include #include #include +#include +#include +#include #include "citadel.h" #include "server.h" #include "sysdep_decls.h" @@ -38,7 +57,7 @@ #include "support.h" #include "config.h" #include "control.h" -#include "dynloader.h" +#include "serv_extensions.h" #include "room_ops.h" #include "user_ops.h" #include "policy.h" @@ -49,6 +68,12 @@ #include "genstamp.h" #include "domain.h" #include "clientsocket.h" +#include "locate_host.h" + +#ifdef HAVE_OPENSSL +#include "serv_crypto.h" +#endif + #ifndef HAVE_SNPRINTF @@ -58,15 +83,17 @@ struct citsmtp { /* Information about the current session */ int command_state; char helo_node[SIZ]; - struct usersupp vrfy_buffer; + struct ctdluser vrfy_buffer; int vrfy_count; char vrfy_match[SIZ]; char from[SIZ]; char recipients[SIZ]; int number_of_recipients; - int number_of_rooms; int delivery_mode; int message_originated_locally; + int is_lmtp; + int is_unfiltered; + int is_msa; }; enum { /* Command states for login authentication */ @@ -80,13 +107,10 @@ enum { /* Delivery modes */ smtp_deliver_remote }; -#define SMTP ((struct citsmtp *)CtdlGetUserData(SYM_SMTP)) -#define SMTP_RECPS ((char *)CtdlGetUserData(SYM_SMTP_RECPS)) -#define SMTP_ROOMS ((char *)CtdlGetUserData(SYM_SMTP_ROOMS)) +#define SMTP CC->SMTP +#define SMTP_RECPS CC->SMTP_RECPS +#define SMTP_ROOMS CC->SMTP_ROOMS -long SYM_SMTP; -long SYM_SMTP_RECPS; -long SYM_SMTP_ROOMS; int run_queue_now = 0; /* Set to 1 to ignore SMTP send retry times */ @@ -97,8 +121,6 @@ int run_queue_now = 0; /* Set to 1 to ignore SMTP send retry times */ /*****************************************************************************/ - - /* * Here's where our SMTP session begins its happy day. */ @@ -107,36 +129,136 @@ void smtp_greeting(void) { strcpy(CC->cs_clientname, "SMTP session"); CC->internal_pgm = 1; CC->cs_flags |= CS_STEALTH; - CtdlAllocUserData(SYM_SMTP, sizeof(struct citsmtp)); - CtdlAllocUserData(SYM_SMTP_RECPS, SIZ); - CtdlAllocUserData(SYM_SMTP_ROOMS, SIZ); - snprintf(SMTP_RECPS, SIZ, "%s", ""); - snprintf(SMTP_ROOMS, SIZ, "%s", ""); + SMTP = malloc(sizeof(struct citsmtp)); + SMTP_RECPS = malloc(SIZ); + SMTP_ROOMS = malloc(SIZ); + memset(SMTP, 0, sizeof(struct citsmtp)); + memset(SMTP_RECPS, 0, SIZ); + memset(SMTP_ROOMS, 0, SIZ); + + cprintf("220 %s ESMTP Citadel server ready.\r\n", config.c_fqdn); +} + + +/* + * SMTPS is just like SMTP, except it goes crypto right away. + */ +#ifdef HAVE_OPENSSL +void smtps_greeting(void) { + CtdlStartTLS(NULL, NULL, NULL); + smtp_greeting(); +} +#endif + + +/* + * SMTP MSA port requires authentication. + */ +void smtp_msa_greeting(void) { + smtp_greeting(); + SMTP->is_msa = 1; +} + + +/* + * LMTP is like SMTP but with some extra bonus footage added. + */ +void lmtp_greeting(void) { + smtp_greeting(); + SMTP->is_lmtp = 1; +} - cprintf("220 %s ESMTP Citadel/UX server ready.\r\n", config.c_fqdn); + +/* + * We also have an unfiltered LMTP socket that bypasses spam filters. + */ +void lmtp_unfiltered_greeting(void) { + smtp_greeting(); + SMTP->is_lmtp = 1; + SMTP->is_unfiltered = 1; +} + + +/* + * Login greeting common to all auth methods + */ +void smtp_auth_greeting(void) { + cprintf("235 2.0.0 Hello, %s\r\n", CC->user.fullname); + lprintf(CTDL_NOTICE, "SMTP authenticated %s\n", CC->user.fullname); + CC->internal_pgm = 0; + CC->cs_flags &= ~CS_STEALTH; } /* * Implement HELO and EHLO commands. + * + * which_command: 0=HELO, 1=EHLO, 2=LHLO */ -void smtp_hello(char *argbuf, int is_esmtp) { +void smtp_hello(char *argbuf, int which_command) { safestrncpy(SMTP->helo_node, argbuf, sizeof SMTP->helo_node); - if (!is_esmtp) { - cprintf("250 Greetings and joyous salutations.\r\n"); + if ( (which_command != 2) && (SMTP->is_lmtp) ) { + cprintf("500 Only LHLO is allowed when running LMTP\r\n"); + return; + } + + if ( (which_command == 2) && (SMTP->is_lmtp == 0) ) { + cprintf("500 LHLO is only allowed when running LMTP\r\n"); + return; + } + + if (which_command == 0) { + cprintf("250 Hello %s (%s [%s])\r\n", + SMTP->helo_node, + CC->cs_host, + CC->cs_addr + ); } else { - cprintf("250-Greetings and joyous salutations.\r\n"); + if (which_command == 1) { + cprintf("250-Hello %s (%s [%s])\r\n", + SMTP->helo_node, + CC->cs_host, + CC->cs_addr + ); + } + else { + cprintf("250-Greetings and joyous salutations.\r\n"); + } cprintf("250-HELP\r\n"); cprintf("250-SIZE %ld\r\n", config.c_maxmsglen); + +#ifdef HAVE_OPENSSL + + /* Only offer the PIPELINING command if TLS is inactive, + * because of flow control issues. Also, avoid offering TLS + * if TLS is already active. Finally, we only offer TLS on + * the SMTP-MSA port, not on the SMTP-MTA port, due to + * questionable reliability of TLS in certain sending MTA's. + */ + if ( (!CC->redirect_ssl) && (SMTP->is_msa) ) { + cprintf("250-PIPELINING\r\n"); + cprintf("250-STARTTLS\r\n"); + } + +#else /* HAVE_OPENSSL */ + + /* Non SSL enabled server, so always offer PIPELINING. */ cprintf("250-PIPELINING\r\n"); - cprintf("250 AUTH=LOGIN\r\n"); + +#endif /* HAVE_OPENSSL */ + + cprintf("250-AUTH LOGIN PLAIN\r\n"); + cprintf("250-AUTH=LOGIN PLAIN\r\n"); + + cprintf("250 ENHANCEDSTATUSCODES\r\n"); } } + /* * Implement HELP command. */ @@ -164,15 +286,15 @@ void smtp_get_user(char *argbuf) { char buf[SIZ]; char username[SIZ]; - decode_base64(username, argbuf, SIZ); - lprintf(9, "Trying <%s>\n", username); + CtdlDecodeBase64(username, argbuf, SIZ); + /* lprintf(CTDL_DEBUG, "Trying <%s>\n", username); */ if (CtdlLoginExistingUser(username) == login_ok) { - encode_base64(buf, "Password:"); + CtdlEncodeBase64(buf, "Password:", 9); cprintf("334 %s\r\n", buf); SMTP->command_state = smtp_password; } else { - cprintf("500 No such user.\r\n"); + cprintf("500 5.7.0 No such user.\r\n"); SMTP->command_state = smtp_command; } } @@ -184,16 +306,13 @@ void smtp_get_user(char *argbuf) { void smtp_get_pass(char *argbuf) { char password[SIZ]; - decode_base64(password, argbuf, SIZ); - lprintf(9, "Trying <%s>\n", password); + CtdlDecodeBase64(password, argbuf, SIZ); + /* lprintf(CTDL_DEBUG, "Trying <%s>\n", password); */ if (CtdlTryPassword(password) == pass_ok) { - cprintf("235 Hello, %s\r\n", CC->usersupp.fullname); - lprintf(9, "SMTP authenticated login successful\n"); - CC->internal_pgm = 0; - CC->cs_flags &= ~CS_STEALTH; + smtp_auth_greeting(); } else { - cprintf("500 Authentication failed.\r\n"); + cprintf("535 5.7.0 Authentication failed.\r\n"); } SMTP->command_state = smtp_command; } @@ -203,33 +322,67 @@ void smtp_get_pass(char *argbuf) { * */ void smtp_auth(char *argbuf) { - char buf[SIZ]; + char username_prompt[64]; + char method[64]; + char encoded_authstring[1024]; + char decoded_authstring[1024]; + char ident[256]; + char user[256]; + char pass[256]; - if (strncasecmp(argbuf, "login", 5) ) { - cprintf("550 We only support LOGIN authentication.\r\n"); + if (CC->logged_in) { + cprintf("504 5.7.4 Already logged in.\r\n"); return; } - if (strlen(argbuf) >= 7) { - smtp_get_user(&argbuf[6]); + extract_token(method, argbuf, 0, ' ', sizeof method); + + if (!strncasecmp(method, "login", 5) ) { + if (strlen(argbuf) >= 7) { + smtp_get_user(&argbuf[6]); + } + else { + CtdlEncodeBase64(username_prompt, "Username:", 9); + cprintf("334 %s\r\n", username_prompt); + SMTP->command_state = smtp_user; + } + return; } - else { - encode_base64(buf, "Username:"); - cprintf("334 %s\r\n", buf); - SMTP->command_state = smtp_user; + if (!strncasecmp(method, "plain", 5) ) { + extract_token(encoded_authstring, argbuf, 1, ' ', sizeof encoded_authstring); + CtdlDecodeBase64(decoded_authstring, + encoded_authstring, + strlen(encoded_authstring) ); + safestrncpy(ident, decoded_authstring, sizeof ident); + safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); + safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + + if (CtdlLoginExistingUser(user) == login_ok) { + if (CtdlTryPassword(pass) == pass_ok) { + smtp_auth_greeting(); + return; + } + } + cprintf("504 5.7.4 Authentication failed.\r\n"); } + + if (strncasecmp(method, "login", 5) ) { + cprintf("504 5.7.4 Unknown authentication method.\r\n"); + return; + } + } /* * Back end for smtp_vrfy() command */ -void smtp_vrfy_backend(struct usersupp *us, void *data) { +void smtp_vrfy_backend(struct ctdluser *us, void *data) { if (!fuzzy_match(us, SMTP->vrfy_match)) { ++SMTP->vrfy_count; - memcpy(&SMTP->vrfy_buffer, us, sizeof(struct usersupp)); + memcpy(&SMTP->vrfy_buffer, us, sizeof(struct ctdluser)); } } @@ -244,7 +397,7 @@ void smtp_vrfy(char *argbuf) { ForEachUser(smtp_vrfy_backend, NULL); if (SMTP->vrfy_count < 1) { - cprintf("550 String does not match anything.\r\n"); + cprintf("550 5.1.1 String does not match anything.\r\n"); } else if (SMTP->vrfy_count == 1) { cprintf("250 %s \r\n", @@ -253,7 +406,7 @@ void smtp_vrfy(char *argbuf) { config.c_fqdn); } else if (SMTP->vrfy_count > 1) { - cprintf("553 Request ambiguous: %d users matched.\r\n", + cprintf("553 5.1.4 Request ambiguous: %d users matched.\r\n", SMTP->vrfy_count); } @@ -264,7 +417,7 @@ void smtp_vrfy(char *argbuf) { /* * Back end for smtp_expn() command */ -void smtp_expn_backend(struct usersupp *us, void *data) { +void smtp_expn_backend(struct ctdluser *us, void *data) { if (!fuzzy_match(us, SMTP->vrfy_match)) { @@ -276,7 +429,7 @@ void smtp_expn_backend(struct usersupp *us, void *data) { } ++SMTP->vrfy_count; - memcpy(&SMTP->vrfy_buffer, us, sizeof(struct usersupp)); + memcpy(&SMTP->vrfy_buffer, us, sizeof(struct ctdluser)); } } @@ -291,7 +444,7 @@ void smtp_expn(char *argbuf) { ForEachUser(smtp_expn_backend, NULL); if (SMTP->vrfy_count < 1) { - cprintf("550 String does not match anything.\r\n"); + cprintf("550 5.1.1 String does not match anything.\r\n"); } else if (SMTP->vrfy_count >= 1) { cprintf("250 %s \r\n", @@ -305,15 +458,45 @@ void smtp_expn(char *argbuf) { /* * Implements the RSET (reset state) command. * Currently this just zeroes out the state buffer. If pointers to data - * allocated with mallok() are ever placed in the state buffer, we have to - * be sure to phree() them first! + * allocated with malloc() are ever placed in the state buffer, we have to + * be sure to free() them first! + * + * Set do_response to nonzero to output the SMTP RSET response code. */ -void smtp_rset(void) { +void smtp_rset(int do_response) { + int is_lmtp; + int is_unfiltered; + + /* + * Our entire SMTP state is discarded when a RSET command is issued, + * but we need to preserve this one little piece of information, so + * we save it for later. + */ + is_lmtp = SMTP->is_lmtp; + is_unfiltered = SMTP->is_unfiltered; + memset(SMTP, 0, sizeof(struct citsmtp)); - if (CC->logged_in) { - logout(CC); + + /* + * It is somewhat ambiguous whether we want to log out when a RSET + * command is issued. Here's the code to do it. It is commented out + * because some clients (such as Pine) issue RSET commands before + * each message, but still expect to be logged in. + * + * if (CC->logged_in) { + * logout(CC); + * } + */ + + /* + * Reinstate this little piece of information we saved (see above). + */ + SMTP->is_lmtp = is_lmtp; + SMTP->is_unfiltered = is_unfiltered; + + if (do_response) { + cprintf("250 2.0.0 Zap!\r\n"); } - cprintf("250 Zap!\r\n"); } /* @@ -337,61 +520,62 @@ void smtp_mail(char *argbuf) { char user[SIZ]; char node[SIZ]; char name[SIZ]; - struct recptypes *valid; if (strlen(SMTP->from) != 0) { - cprintf("503 Only one sender permitted\r\n"); + cprintf("503 5.1.0 Only one sender permitted\r\n"); return; } if (strncasecmp(argbuf, "From:", 5)) { - cprintf("501 Syntax error\r\n"); + cprintf("501 5.1.7 Syntax error\r\n"); return; } strcpy(SMTP->from, &argbuf[5]); striplt(SMTP->from); - stripallbut(SMTP->from, '<', '>'); + if (haschar(SMTP->from, '<') > 0) { + stripallbut(SMTP->from, '<', '>'); + } + /* We used to reject empty sender names, until it was brought to our + * attention that RFC1123 5.2.9 requires that this be allowed. So now + * we allow it, but replace the empty string with a fake + * address so we don't have to contend with the empty string causing + * other code to fail when it's expecting something there. + */ if (strlen(SMTP->from) == 0) { - cprintf("501 Empty sender name is not permitted\r\n"); - return; + strcpy(SMTP->from, "someone@somewhere.org"); } - /* If this SMTP connection is from a logged-in user, make sure that - * the user only sends email from his/her own address. + /* If this SMTP connection is from a logged-in user, force the 'from' + * to be the user's Internet e-mail address as Citadel knows it. */ if (CC->logged_in) { - valid = validate_recipients(SMTP->from); - if ( (valid->num_local == 1) && - (!strcasecmp(valid->recp_local, CC->usersupp.fullname)) ) { - cprintf("250 Sender ok <%s>\r\n", valid->recp_local); - SMTP->message_originated_locally = 1; - } - else { - cprintf("550 <%s> is not your address.\r\n", - SMTP->from); - strcpy(SMTP->from, ""); - } - phree(valid); + safestrncpy(SMTP->from, CC->cs_inet_email, sizeof SMTP->from); + cprintf("250 2.1.0 Sender ok <%s>\r\n", SMTP->from); + SMTP->message_originated_locally = 1; return; } + else if (SMTP->is_lmtp) { + /* Bypass forgery checking for LMTP */ + } /* Otherwise, make sure outsiders aren't trying to forge mail from - * this system. + * this system (unless, of course, c_allow_spoofing is enabled) */ - else { + else if (config.c_allow_spoofing == 0) { process_rfc822_addr(SMTP->from, user, node, name); if (CtdlHostAlias(node) != hostalias_nomatch) { - cprintf("550 You must log in to send mail from %s\r\n", + cprintf("550 5.1.8 " + "You must log in to send mail from %s\r\n", node); strcpy(SMTP->from, ""); return; } } - cprintf("250 Sender ok\r\n"); + cprintf("250 2.0.0 Sender ok\r\n"); } @@ -401,15 +585,23 @@ void smtp_mail(char *argbuf) { */ void smtp_rcpt(char *argbuf) { char recp[SIZ]; - struct recptypes *valid; + char message_to_spammer[SIZ]; + struct recptypes *valid = NULL; if (strlen(SMTP->from) == 0) { - cprintf("503 Need MAIL before RCPT\r\n"); + cprintf("503 5.5.1 Need MAIL before RCPT\r\n"); return; } if (strncasecmp(argbuf, "To:", 3)) { - cprintf("501 Syntax error\r\n"); + cprintf("501 5.1.7 Syntax error\r\n"); + return; + } + + if ( (SMTP->is_msa) && (!CC->logged_in) ) { + cprintf("550 5.1.8 " + "You must log in to send mail on this port.\r\n"); + strcpy(SMTP->from, ""); return; } @@ -418,26 +610,47 @@ void smtp_rcpt(char *argbuf) { stripallbut(recp, '<', '>'); if ( (strlen(recp) + strlen(SMTP->recipients) + 1 ) >= SIZ) { - cprintf("452 Too many recipients\r\n"); + cprintf("452 4.5.3 Too many recipients\r\n"); return; } + /* RBL check */ + if ( (!CC->logged_in) + && (!SMTP->is_lmtp) ) { + if (rbl_check(message_to_spammer)) { + cprintf("550 %s\r\n", message_to_spammer); + /* no need to free(valid), it's not allocated yet */ + return; + } + } + valid = validate_recipients(recp); if (valid->num_error > 0) { - cprintf("599 Error: %s\r\n", valid->errormsg); - phree(valid); + cprintf("599 5.1.1 Error: %s\r\n", valid->errormsg); + free(valid); return; } if (valid->num_internet > 0) { - if (SMTP->message_originated_locally == 0) { - cprintf("551 Relaying denied <%s>\r\n", recp); - phree(valid); + if (CC->logged_in) { + if (CtdlCheckInternetMailPermission(&CC->user)==0) { + cprintf("551 5.7.1 <%s> - you do not have permission to send Internet mail\r\n", recp); + free(valid); + return; + } + } + } + + if (valid->num_internet > 0) { + if ( (SMTP->message_originated_locally == 0) + && (SMTP->is_lmtp == 0) ) { + cprintf("551 5.7.1 <%s> - relaying denied\r\n", recp); + free(valid); return; } } - cprintf("250 RCPT ok <%s>\r\n", recp); + cprintf("250 2.1.5 RCPT ok <%s>\r\n", recp); if (strlen(SMTP->recipients) > 0) { strcat(SMTP->recipients, ","); } @@ -457,72 +670,143 @@ void smtp_data(void) { long msgnum; char nowstamp[SIZ]; struct recptypes *valid; + int scan_errors; + int i; + char result[SIZ]; if (strlen(SMTP->from) == 0) { - cprintf("503 Need MAIL command first.\r\n"); + cprintf("503 5.5.1 Need MAIL command first.\r\n"); return; } if (SMTP->number_of_recipients < 1) { - cprintf("503 Need RCPT command first.\r\n"); + cprintf("503 5.5.1 Need RCPT command first.\r\n"); return; } - cprintf("354 Transmit message now; terminate with '.' by itself\r\n"); + cprintf("354 Transmit message now - terminate with '.' by itself\r\n"); datestring(nowstamp, sizeof nowstamp, time(NULL), DATESTRING_RFC822); - body = mallok(4096); + body = malloc(4096); - /* FIXME - it should be Received: from %s (real.name.dom [w.x.y.z]) - */ if (body != NULL) snprintf(body, 4096, - "Received: from %s (%s)\n" + "Received: from %s (%s [%s])\n" " by %s; %s\n", SMTP->helo_node, CC->cs_host, + CC->cs_addr, config.c_fqdn, nowstamp); - body = CtdlReadMessageBody(".", config.c_maxmsglen, body); + body = CtdlReadMessageBody(".", config.c_maxmsglen, body, 1); if (body == NULL) { - cprintf("550 Unable to save message: internal error.\r\n"); + cprintf("550 5.6.5 " + "Unable to save message: internal error.\r\n"); return; } - lprintf(9, "Converting message...\n"); + lprintf(CTDL_DEBUG, "Converting message...\n"); msg = convert_internet_message(body); /* If the user is locally authenticated, FORCE the From: header to * show up as the real sender. Yes, this violates the RFC standard, - * but IT MAKES SENSE. Comment it out if you don't like this behavior. + * but IT MAKES SENSE. If you prefer strict RFC adherence over + * common sense, you can disable this in the configuration. + * + * We also set the "message room name" ('O' field) to MAILROOM + * (which is Mail> on most systems) to prevent it from getting set + * to something ugly like "0000058008.Sent Items>" when the message + * is read with a Citadel client. */ - if (CC->logged_in) { - if (msg->cm_fields['A'] != NULL) phree(msg->cm_fields['A']); - if (msg->cm_fields['N'] != NULL) phree(msg->cm_fields['N']); - if (msg->cm_fields['H'] != NULL) phree(msg->cm_fields['H']); - msg->cm_fields['A'] = strdoop(CC->usersupp.fullname); - msg->cm_fields['N'] = strdoop(config.c_nodename); - msg->cm_fields['H'] = strdoop(config.c_humannode); + if ( (CC->logged_in) && (config.c_rfc822_strict_from == 0) ) { + if (msg->cm_fields['A'] != NULL) free(msg->cm_fields['A']); + if (msg->cm_fields['N'] != NULL) free(msg->cm_fields['N']); + if (msg->cm_fields['H'] != NULL) free(msg->cm_fields['H']); + if (msg->cm_fields['F'] != NULL) free(msg->cm_fields['F']); + if (msg->cm_fields['O'] != NULL) free(msg->cm_fields['O']); + msg->cm_fields['A'] = strdup(CC->user.fullname); + msg->cm_fields['N'] = strdup(config.c_nodename); + msg->cm_fields['H'] = strdup(config.c_humannode); + msg->cm_fields['F'] = strdup(CC->cs_inet_email); + msg->cm_fields['O'] = strdup(MAILROOM); } /* Submit the message into the Citadel system. */ valid = validate_recipients(SMTP->recipients); - msgnum = CtdlSubmitMsg(msg, valid, ""); - CtdlFreeMessage(msg); - phree(valid); - if (msgnum > 0L) { - cprintf("250 Message accepted.\r\n"); + /* If there are modules that want to scan this message before final + * submission (such as virus checkers or spam filters), call them now + * and give them an opportunity to reject the message. + */ + if (SMTP->is_unfiltered) { + scan_errors = 0; + } + else { + scan_errors = PerformMessageHooks(msg, EVT_SMTPSCAN); + } + + if (scan_errors > 0) { /* We don't want this message! */ + + if (msg->cm_fields['0'] == NULL) { + msg->cm_fields['0'] = strdup( + "5.7.1 Message rejected by filter"); + } + + sprintf(result, "550 %s\r\n", msg->cm_fields['0']); + } + + else { /* Ok, we'll accept this message. */ + msgnum = CtdlSubmitMsg(msg, valid, NULL, NULL, ""); + if (msgnum > 0L) { + sprintf(result, "250 2.0.0 Message accepted.\r\n"); + } + else { + sprintf(result, "550 5.5.0 Internal delivery error\r\n"); + } + } + + /* For SMTP and ESTMP, just print the result message. For LMTP, we + * have to print one result message for each recipient. Since there + * is nothing in Citadel which would cause different recipients to + * have different results, we can get away with just spitting out the + * same message once for each recipient. + */ + if (SMTP->is_lmtp) { + for (i=0; inumber_of_recipients; ++i) { + cprintf("%s", result); + } } else { - cprintf("550 Internal delivery error\r\n"); + cprintf("%s", result); } + CtdlFreeMessage(msg); + free(valid); smtp_data_clear(); /* clear out the buffers now */ } +/* + * implements the STARTTLS command (Citadel API version) + */ +#ifdef HAVE_OPENSSL +void smtp_starttls(void) +{ + char ok_response[SIZ]; + char nosup_response[SIZ]; + char error_response[SIZ]; + + sprintf(ok_response, + "200 2.0.0 Begin TLS negotiation now\r\n"); + sprintf(nosup_response, + "554 5.7.3 TLS not supported here\r\n"); + sprintf(error_response, + "554 5.7.3 Internal error\r\n"); + CtdlStartTLS(ok_response, nosup_response, error_response); + smtp_rset(0); +} +#endif + /* @@ -533,12 +817,12 @@ void smtp_command_loop(void) { time(&CC->lastcmd); memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */ - if (client_gets(cmdbuf) < 1) { - lprintf(3, "SMTP socket is broken. Ending session.\n"); + if (client_getln(cmdbuf, sizeof cmdbuf) < 1) { + lprintf(CTDL_CRIT, "SMTP socket is broken. Ending session.\n"); CC->kill_me = 1; return; } - lprintf(5, "SMTP: %s\n", cmdbuf); + lprintf(CTDL_INFO, "SMTP: %s\n", cmdbuf); while (strlen(cmdbuf) < 5) strcat(cmdbuf, " "); if (SMTP->command_state == smtp_user) { @@ -557,10 +841,6 @@ void smtp_command_loop(void) { smtp_data(); } - else if (!strncasecmp(cmdbuf, "EHLO", 4)) { - smtp_hello(&cmdbuf[5], 1); - } - else if (!strncasecmp(cmdbuf, "EXPN", 4)) { smtp_expn(&cmdbuf[5]); } @@ -569,6 +849,14 @@ void smtp_command_loop(void) { smtp_hello(&cmdbuf[5], 0); } + else if (!strncasecmp(cmdbuf, "EHLO", 4)) { + smtp_hello(&cmdbuf[5], 1); + } + + else if (!strncasecmp(cmdbuf, "LHLO", 4)) { + smtp_hello(&cmdbuf[5], 2); + } + else if (!strncasecmp(cmdbuf, "HELP", 4)) { smtp_help(); } @@ -592,17 +880,22 @@ void smtp_command_loop(void) { } else if (!strncasecmp(cmdbuf, "RSET", 4)) { - smtp_rset(); + smtp_rset(1); } - +#ifdef HAVE_OPENSSL + else if (!strcasecmp(cmdbuf, "STARTTLS")) { + smtp_starttls(); + } +#endif else if (!strncasecmp(cmdbuf, "VRFY", 4)) { smtp_vrfy(&cmdbuf[5]); } else { - cprintf("502 I'm afraid I can't do that.\r\n"); + cprintf("502 5.0.0 I'm afraid I can't do that.\r\n"); } + } @@ -632,39 +925,36 @@ void smtp_try(const char *key, const char *addr, int *status, char buf[1024]; char mailfrom[1024]; int lp, rp; - FILE *msg_fp = NULL; + char *msgtext; + char *ptr; size_t msg_size; - size_t blocksize = 0; int scan_done; /* Parse out the host portion of the recipient address */ process_rfc822_addr(addr, user, node, name); - lprintf(9, "Attempting SMTP delivery to <%s> @ <%s> (%s)\n", + lprintf(CTDL_DEBUG, "Attempting SMTP delivery to <%s> @ <%s> (%s)\n", user, node, name); - /* Load the message out of the database into a temp file */ - msg_fp = tmpfile(); - if (msg_fp == NULL) { - *status = 4; - snprintf(dsn, n, "Error creating temporary file"); - return; - } - else { - CtdlRedirectOutput(msg_fp, -1); - CtdlOutputMsg(msgnum, MT_RFC822, 0, 0, 1); - CtdlRedirectOutput(NULL, -1); - fseek(msg_fp, 0L, SEEK_END); - msg_size = ftell(msg_fp); - } - + /* Load the message out of the database */ + CC->redirect_buffer = malloc(SIZ); + CC->redirect_len = 0; + CC->redirect_alloc = SIZ; + CtdlOutputMsg(msgnum, MT_RFC822, HEADERS_ALL, 0, 1); + msgtext = CC->redirect_buffer; + msg_size = CC->redirect_len; + CC->redirect_buffer = NULL; + CC->redirect_len = 0; + CC->redirect_alloc = 0; /* Extract something to send later in the 'MAIL From:' command */ strcpy(mailfrom, ""); - rewind(msg_fp); scan_done = 0; + ptr = msgtext; do { - if (fgets(buf, sizeof buf, msg_fp)==NULL) scan_done = 1; + if (ptr = memreadline(ptr, buf, sizeof buf), *ptr == 0) { + scan_done = 1; + } if (!strncasecmp(buf, "From:", 5)) { safestrncpy(mailfrom, &buf[5], sizeof mailfrom); striplt(mailfrom); @@ -702,24 +992,25 @@ void smtp_try(const char *key, const char *addr, int *status, } } while (scan_done == 0); if (strlen(mailfrom)==0) strcpy(mailfrom, "someone@somewhere.org"); + stripallbut(mailfrom, '<', '>'); /* Figure out what mail exchanger host we have to connect to */ num_mxhosts = getmx(mxhosts, node); - lprintf(9, "Number of MX hosts for <%s> is %d\n", node, num_mxhosts); + lprintf(CTDL_DEBUG, "Number of MX hosts for <%s> is %d\n", node, num_mxhosts); if (num_mxhosts < 1) { *status = 5; snprintf(dsn, SIZ, "No MX hosts found for <%s>", node); return; } - for (mx=0; mx\n", buf); + sock = (-1); + for (mx=0; (mx\n", buf); sock = sock_connect(buf, "25", "tcp"); snprintf(dsn, SIZ, "Could not connect: %s", strerror(errno)); - if (sock >= 0) lprintf(9, "Connected!\n"); + if (sock >= 0) lprintf(CTDL_DEBUG, "Connected!\n"); if (sock < 0) snprintf(dsn, SIZ, "%s", strerror(errno)); - if (sock >= 0) break; } if (sock < 0) { @@ -733,7 +1024,7 @@ void smtp_try(const char *key, const char *addr, int *status, strcpy(dsn, "Connection broken during SMTP conversation"); goto bail; } - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); if (buf[0] != '2') { if (buf[0] == '4') { *status = 4; @@ -751,14 +1042,14 @@ void smtp_try(const char *key, const char *addr, int *status, /* Do a HELO command */ snprintf(buf, sizeof buf, "HELO %s\r\n", config.c_fqdn); - lprintf(9, ">%s", buf); + lprintf(CTDL_DEBUG, ">%s", buf); sock_write(sock, buf, strlen(buf)); if (ml_sock_gets(sock, buf) < 0) { *status = 4; strcpy(dsn, "Connection broken during SMTP HELO"); goto bail; } - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); if (buf[0] != '2') { if (buf[0] == '4') { *status = 4; @@ -772,17 +1063,16 @@ void smtp_try(const char *key, const char *addr, int *status, } } - /* HELO succeeded, now try the MAIL From: command */ snprintf(buf, sizeof buf, "MAIL From: <%s>\r\n", mailfrom); - lprintf(9, ">%s", buf); + lprintf(CTDL_DEBUG, ">%s", buf); sock_write(sock, buf, strlen(buf)); if (ml_sock_gets(sock, buf) < 0) { *status = 4; strcpy(dsn, "Connection broken during SMTP MAIL"); goto bail; } - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); if (buf[0] != '2') { if (buf[0] == '4') { *status = 4; @@ -796,17 +1086,16 @@ void smtp_try(const char *key, const char *addr, int *status, } } - /* MAIL succeeded, now try the RCPT To: command */ - snprintf(buf, sizeof buf, "RCPT To: <%s>\r\n", addr); - lprintf(9, ">%s", buf); + snprintf(buf, sizeof buf, "RCPT To: <%s@%s>\r\n", user, node); + lprintf(CTDL_DEBUG, ">%s", buf); sock_write(sock, buf, strlen(buf)); if (ml_sock_gets(sock, buf) < 0) { *status = 4; strcpy(dsn, "Connection broken during SMTP RCPT"); goto bail; } - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); if (buf[0] != '2') { if (buf[0] == '4') { *status = 4; @@ -820,16 +1109,15 @@ void smtp_try(const char *key, const char *addr, int *status, } } - /* RCPT succeeded, now try the DATA command */ - lprintf(9, ">DATA\n"); + lprintf(CTDL_DEBUG, ">DATA\n"); sock_write(sock, "DATA\r\n", 6); if (ml_sock_gets(sock, buf) < 0) { *status = 4; strcpy(dsn, "Connection broken during SMTP DATA"); goto bail; } - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); if (buf[0] != '3') { if (buf[0] == '4') { *status = 3; @@ -844,18 +1132,11 @@ void smtp_try(const char *key, const char *addr, int *status, } /* If we reach this point, the server is expecting data */ - rewind(msg_fp); - while (msg_size > 0) { - blocksize = sizeof(buf); - if (blocksize > msg_size) blocksize = msg_size; - fread(buf, blocksize, 1, msg_fp); - sock_write(sock, buf, blocksize); - msg_size -= blocksize; - } - if (buf[blocksize-1] != 10) { - lprintf(5, "Possible problem: message did not correctly " - "terminate. (expecting 0x10, got 0x%02x)\n", - buf[blocksize-1]); + sock_write(sock, msgtext, msg_size); + if (msgtext[msg_size-1] != 10) { + lprintf(CTDL_WARNING, "Possible problem: message did not " + "correctly terminate. (expecting 0x10, got 0x%02x)\n", + buf[msg_size-1]); } sock_write(sock, ".\r\n", 3); @@ -864,7 +1145,7 @@ void smtp_try(const char *key, const char *addr, int *status, strcpy(dsn, "Connection broken during SMTP message transmit"); goto bail; } - lprintf(9, "%s\n", buf); + lprintf(CTDL_DEBUG, "%s\n", buf); if (buf[0] != '2') { if (buf[0] == '4') { *status = 4; @@ -882,12 +1163,14 @@ void smtp_try(const char *key, const char *addr, int *status, safestrncpy(dsn, &buf[4], 1023); *status = 2; - lprintf(9, ">QUIT\n"); + lprintf(CTDL_DEBUG, ">QUIT\n"); sock_write(sock, "QUIT\r\n", 6); ml_sock_gets(sock, buf); - lprintf(9, "<%s\n", buf); + lprintf(CTDL_DEBUG, "<%s\n", buf); + lprintf(CTDL_INFO, "SMTP delivery to <%s> @ <%s> (%s) succeeded\n", + user, node, name); -bail: if (msg_fp != NULL) fclose(msg_fp); +bail: free(msgtext); sock_close(sock); return; } @@ -917,7 +1200,7 @@ void smtp_do_bounce(char *instr) { struct recptypes *valid; int successful_bounce = 0; - lprintf(9, "smtp_do_bounce() called\n"); + lprintf(CTDL_DEBUG, "smtp_do_bounce() called\n"); strcpy(bounceto, ""); lines = num_tokens(instr, '\n'); @@ -925,9 +1208,9 @@ void smtp_do_bounce(char *instr) { /* See if it's time to give up on delivery of this message */ for (i=0; icm_magic = CTDLMESSAGE_MAGIC; bmsg->cm_anon_type = MES_NORMAL; bmsg->cm_format_type = 1; - bmsg->cm_fields['A'] = strdoop("Citadel"); - bmsg->cm_fields['O'] = strdoop(MAILROOM); - bmsg->cm_fields['N'] = strdoop(config.c_nodename); + bmsg->cm_fields['A'] = strdup("Citadel"); + bmsg->cm_fields['O'] = strdup(MAILROOM); + bmsg->cm_fields['N'] = strdup(config.c_nodename); + bmsg->cm_fields['U'] = strdup("Delivery Status Notification (Failure)"); - if (give_up) bmsg->cm_fields['M'] = strdoop( + if (give_up) bmsg->cm_fields['M'] = strdup( "A message you sent could not be delivered to some or all of its recipients\n" "due to prolonged unavailability of its destination(s).\n" "Giving up on the following addresses:\n\n" ); - else bmsg->cm_fields['M'] = strdoop( + else bmsg->cm_fields['M'] = strdup( "A message you sent could not be delivered to some or all of its recipients.\n" "The following addresses were undeliverable:\n\n" ); @@ -964,16 +1248,15 @@ void smtp_do_bounce(char *instr) { /* * Now go through the instructions checking for stuff. */ - for (i=0; i addr=<%s> status=%d dsn=<%s>\n", + lprintf(CTDL_DEBUG, "key=<%s> addr=<%s> status=%d dsn=<%s>\n", key, addr, status, dsn); if (!strcasecmp(key, "bounceto")) { @@ -994,11 +1277,11 @@ void smtp_do_bounce(char *instr) { ++num_bounces; if (bmsg->cm_fields['M'] == NULL) { - lprintf(2, "ERROR ... M field is null " + lprintf(CTDL_ERR, "ERROR ... M field is null " "(%s:%d)\n", __FILE__, __LINE__); } - bmsg->cm_fields['M'] = reallok(bmsg->cm_fields['M'], + bmsg->cm_fields['M'] = realloc(bmsg->cm_fields['M'], strlen(bmsg->cm_fields['M']) + 1024 ); strcat(bmsg->cm_fields['M'], addr); strcat(bmsg->cm_fields['M'], ": "); @@ -1012,13 +1295,13 @@ void smtp_do_bounce(char *instr) { } /* Deliver the bounce if there's anything worth mentioning */ - lprintf(9, "num_bounces = %d\n", num_bounces); + lprintf(CTDL_DEBUG, "num_bounces = %d\n", num_bounces); if (num_bounces > 0) { /* First try the user who sent the message */ - lprintf(9, "bounce to user? <%s>\n", bounceto); + lprintf(CTDL_DEBUG, "bounce to user? <%s>\n", bounceto); if (strlen(bounceto) == 0) { - lprintf(7, "No bounce address specified\n"); + lprintf(CTDL_ERR, "No bounce address specified\n"); bounce_msgid = (-1L); } @@ -1026,24 +1309,24 @@ void smtp_do_bounce(char *instr) { valid = validate_recipients(bounceto); if (valid != NULL) { if (valid->num_error == 0) { - CtdlSubmitMsg(bmsg, valid, ""); + CtdlSubmitMsg(bmsg, valid, NULL, NULL, ""); successful_bounce = 1; } } /* If not, post it in the Aide> room */ if (successful_bounce == 0) { - CtdlSubmitMsg(bmsg, NULL, AIDEROOM); + CtdlSubmitMsg(bmsg, NULL, NULL, NULL, config.c_aideroom); } /* Free up the memory we used */ if (valid != NULL) { - phree(valid); + free(valid); } } CtdlFreeMessage(bmsg); - lprintf(9, "Done processing bounces\n"); + lprintf(CTDL_DEBUG, "Done processing bounces\n"); } @@ -1066,11 +1349,11 @@ int smtp_purge_completed_deliveries(char *instr) { lines = num_tokens(instr, '\n'); for (i=0; icm_fields['M']); + instr = strdup(msg->cm_fields['M']); CtdlFreeMessage(msg); /* Strip out the headers amd any other non-instruction line */ lines = num_tokens(instr, '\n'); for (i=0; i\n", addr); + lprintf(CTDL_DEBUG, "SMTP: Trying <%s>\n", addr); smtp_try(key, addr, &status, dsn, sizeof dsn, text_msgid); if (status != 2) { if (results == NULL) { - results = mallok(1024); + results = malloc(1024); memset(results, 0, 1024); } else { - results = reallok(results, + results = realloc(results, strlen(results) + 1024); } snprintf(&results[strlen(results)], 1024, @@ -1216,9 +1508,9 @@ void smtp_do_procmsg(long msgnum, void *userdata) { } if (results != NULL) { - instr = reallok(instr, strlen(instr) + strlen(results) + 2); + instr = realloc(instr, strlen(instr) + strlen(results) + 2); strcat(instr, results); - phree(results); + free(results); } @@ -1235,8 +1527,8 @@ void smtp_do_procmsg(long msgnum, void *userdata) { * message and the message message. */ if (incomplete_deliveries_remaining <= 0) { - CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, msgnum, ""); - CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, text_msgid, ""); + CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, msgnum, "", 0); + CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, text_msgid, "", 0); } @@ -1245,8 +1537,8 @@ void smtp_do_procmsg(long msgnum, void *userdata) { * instructions and replace with the updated ones. */ if (incomplete_deliveries_remaining > 0) { - CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, msgnum, ""); - msg = mallok(sizeof(struct CtdlMessage)); + CtdlDeleteMessages(SMTP_SPOOLOUT_ROOM, msgnum, "", 0); + msg = malloc(sizeof(struct CtdlMessage)); memset(msg, 0, sizeof(struct CtdlMessage)); msg->cm_magic = CTDLMESSAGE_MAGIC; msg->cm_anon_type = MES_NORMAL; @@ -1258,11 +1550,11 @@ void smtp_do_procmsg(long msgnum, void *userdata) { "attempted|%ld\n" "retry|%ld\n", SPOOLMIME, instr, (long)time(NULL), (long)retry ); - phree(instr); - CtdlSubmitMsg(msg, NULL, SMTP_SPOOLOUT_ROOM); + CtdlSubmitMsg(msg, NULL, NULL, NULL, SMTP_SPOOLOUT_ROOM); CtdlFreeMessage(msg); } + free(instr); } @@ -1287,16 +1579,16 @@ void smtp_do_queue(void) { /* * Go ahead and run the queue */ - lprintf(7, "SMTP: processing outbound queue\n"); + lprintf(CTDL_INFO, "SMTP: processing outbound queue\n"); - if (getroom(&CC->quickroom, SMTP_SPOOLOUT_ROOM) != 0) { - lprintf(3, "Cannot find room <%s>\n", SMTP_SPOOLOUT_ROOM); + if (getroom(&CC->room, SMTP_SPOOLOUT_ROOM) != 0) { + lprintf(CTDL_ERR, "Cannot find room <%s>\n", SMTP_SPOOLOUT_ROOM); return; } CtdlForEachMessage(MSGS_ALL, 0L, SPOOLMIME, NULL, smtp_do_procmsg, NULL); - lprintf(7, "SMTP: queue run completed\n"); + lprintf(CTDL_INFO, "SMTP: queue run completed\n"); run_queue_now = 0; doing_queue = 0; } @@ -1308,23 +1600,23 @@ void smtp_do_queue(void) { /*****************************************************************************/ void cmd_smtp(char *argbuf) { - char cmd[SIZ]; - char node[SIZ]; - char buf[SIZ]; + char cmd[64]; + char node[256]; + char buf[1024]; int i; int num_mxhosts; if (CtdlAccessCheck(ac_aide)) return; - extract(cmd, argbuf, 0); + extract_token(cmd, argbuf, 0, '|', sizeof cmd); if (!strcasecmp(cmd, "mx")) { - extract(node, argbuf, 1); + extract_token(node, argbuf, 1, '|', sizeof node); num_mxhosts = getmx(buf, node); cprintf("%d %d MX hosts listed for %s\n", LISTING_FOLLOWS, num_mxhosts, node); for (i=0; inown rooms list for Aides. + */ + if (lgetroom(&qrbuf, SMTP_SPOOLOUT_ROOM) == 0) { + qrbuf.QRflags2 |= QR2_SYSTEM; + lputroom(&qrbuf); + } +} + + /*****************************************************************************/ /* MODULE INITIALIZATION STUFF */ /*****************************************************************************/ +/* + * This cleanup function blows away the temporary memory used by + * the SMTP server. + */ +void smtp_cleanup_function(void) { + + /* Don't do this stuff if this is not an SMTP session! */ + if (CC->h_command_function != smtp_command_loop) return; + + lprintf(CTDL_DEBUG, "Performing SMTP cleanup hook\n"); + free(SMTP); + free(SMTP_ROOMS); + free(SMTP_RECPS); +} + -char *Dynamic_Module_Init(void) -{ - SYM_SMTP = CtdlGetDynamicSymbol(); - CtdlRegisterServiceHook(config.c_smtp_port, /* On the net... */ + +char *serv_smtp_init(void) +{ + CtdlRegisterServiceHook(config.c_smtp_port, /* SMTP MTA */ NULL, smtp_greeting, - smtp_command_loop); + smtp_command_loop, + NULL); - CtdlRegisterServiceHook(0, /* ...and locally */ - "smtp.socket", - smtp_greeting, - smtp_command_loop); +#ifdef HAVE_OPENSSL + CtdlRegisterServiceHook(config.c_smtps_port, + NULL, + smtps_greeting, + smtp_command_loop, + NULL); +#endif + + CtdlRegisterServiceHook(config.c_msa_port, /* SMTP MSA */ + NULL, + smtp_msa_greeting, + smtp_command_loop, + NULL); + + CtdlRegisterServiceHook(0, /* local LMTP */ +#ifndef HAVE_RUN_DIR + "." +#else + RUN_DIR +#endif + "/lmtp.socket", + lmtp_greeting, + smtp_command_loop, + NULL); + + CtdlRegisterServiceHook(0, /* local LMTP */ +#ifndef HAVE_RUN_DIR + "." +#else + RUN_DIR +#endif + "/lmtp-unfiltered.socket", + lmtp_unfiltered_greeting, + smtp_command_loop, + NULL); - create_room(SMTP_SPOOLOUT_ROOM, 3, "", 0, 1, 0); + smtp_init_spoolout(); CtdlRegisterSessionHook(smtp_do_queue, EVT_TIMER); + CtdlRegisterSessionHook(smtp_cleanup_function, EVT_STOP); CtdlRegisterProtoHook(cmd_smtp, "SMTP", "SMTP utility commands"); return "$Id$"; }