2
0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00

postfix-3.10-20240622

This commit is contained in:
Wietse Z Venema 2024-06-22 00:00:00 -05:00 committed by Viktor Dukhovni
parent 65e61c361d
commit c770c08168
19 changed files with 224 additions and 76 deletions

View File

@ -28095,3 +28095,21 @@ Apologies for any names omitted.
Bugfix (defect introduced: Postfix 3.10, date 20230310): Bugfix (defect introduced: Postfix 3.10, date 20230310):
segfault after reading a null pointer, while responding to segfault after reading a null pointer, while responding to
an unknown or unimplemented command. File: smtpd/smtpd.c. an unknown or unimplemented command. File: smtpd/smtpd.c.
20240614
Documentation: made the descriptions of command-line arguments
inside {} more consistent. Files: proto/master, pipe/pipe.c.
20240618
Code health: factored out duplicate code for unknown and
unimplemented commands in the SMTP server. File: smtpd/smtpd.c.
20240622
Documentation: in the rbl_reply_maps description,added text
how it handles reject_rbl_* or reject_rhsbl_* queries with
an address filter. Also added text to clarify te differences
between rbl_reply_maps and postscreen_dnsbl_reply_map.
File: proto/postconf.proto.

View File

@ -16,6 +16,10 @@ Wish list:
using FIFOs anymore, and trigger servers could use a proper using FIFOs anymore, and trigger servers could use a proper
(attribute, value) protocol. (attribute, value) protocol.
The postsceen NON-SMTP test should log the command in
the same format as the BARE NEWLINE and PREGREET tests.
Consider logging the entire unadulterated command line.
"postconf -d" should not complain about a missing master.cf "postconf -d" should not complain about a missing master.cf
file. file.

View File

@ -909,7 +909,7 @@ stored as plaintext. </p>
auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>" auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>"
to query the LDAP database directly, with appropriate configuration to query the LDAP database directly, with appropriate configuration
in <code>saslauthd.conf</code>, <a in <code>saslauthd.conf</code>, <a
href="http://git.cyrusimap.org/cyrus-sasl/tree/saslauthd/LDAP_SASLAUTHD">as href="https://github.com/cyrusimap/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD">as
described here</a>. You will not be able to use any of the described here</a>. You will not be able to use any of the
methods that require access to plaintext passwords, such as the methods that require access to plaintext passwords, such as the
shared-secret methods CRAM-MD5 and DIGEST-MD5. </p> shared-secret methods CRAM-MD5 and DIGEST-MD5. </p>

View File

@ -240,16 +240,14 @@ MASTER(5) MASTER(5)
verbose. verbose.
<b>Command-line arguments that start with {</b> <b>Command-line arguments that start with {</b>
Specify "{" and "}" around command arguments that start
with "{" (Postfix 3.0 and later). The outer "{" and "}"
are removed from the input, together with any leading or
trailing whitespace.
<b>Other command-line arguments</b> <b>Command-line arguments that contain whitespace</b>
Specify "{" and "}" around command arguments that contain
whitespace (Postfix 3.0 and later). The outer "{" and "}" <b>Command-line arguments that must be empty</b>
are removed from the input, together with any leading or Specify "{" and "}" around such arguments (Postfix 3.0
trailing whitespace. and later). The outer "{" and "}" will be removed,
together with any leading or trailing whitespace in the
remaining text.
<b>SEE ALSO</b> <b>SEE ALSO</b>
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager

View File

@ -195,8 +195,10 @@ PIPE(8) PIPE(8)
interpreter. interpreter.
Specify "{" and "}" around command arguments that contain white- Specify "{" and "}" around command arguments that contain white-
space (Postfix 3.0 and later). Whitespace after the opening "{" space, arguments that begin with "{", or arguments that must be
and before the closing "}" is ignored. an empty string (Postfix 3.0 and later). The outer "{" and "}"
will be removed, together with any leading or trailing white-
space in the remaining text.
In the command argument vector, the following macros are recog- In the command argument vector, the following macros are recog-
nized and replaced with corresponding information from the Post- nized and replaced with corresponding information from the Post-

View File

@ -2670,7 +2670,7 @@ Instead of $name you can also specify ${name} or $(name).
<p> Note: when an enhanced status code is specified in an RBL reply <p> Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations template, it is subject to modification. The following transformations
are needed when the same RBL reply template is used for client, are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions. </p> helo, sender, or recipient access restrictions. </p>
<ul> <ul>
@ -8798,6 +8798,11 @@ the file is read). </p>
secret.zen.spamhaus.org zen.spamhaus.org secret.zen.spamhaus.org zen.spamhaus.org
</pre> </pre>
<p> NOTE: This feature differs from the Postfix SMTP server's
<a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> feature, where 1) the table search key includes the
optional "<i>=address</i>" filter, and where 2) the lookup result
contains free text with <i>$name</i> variables. </p>
<p> This feature is available in Postfix 2.8. </p> <p> This feature is available in Postfix 2.8. </p>
@ -9807,15 +9812,46 @@ This feature is available in Postfix 2.0 and later.
(default: empty)</b></DT><DD> (default: empty)</b></DT><DD>
<p> <p>
Optional lookup tables with RBL response templates. The tables are Optional lookup tables with RBL or RHSBL response templates. The
indexed by the RBL domain name. By default, Postfix uses the default table search key is the reject_rbl_* or reject_rhsbl_* argument,
including any optional "<i>=address-pattern</i>" filter. </p>
<p> By default, Postfix uses the
template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration
parameter. See there for a discussion of the syntax of RBL reply parameter. See there for a discussion of the response template
templates. syntax.
</p>
<p> Example: </p>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/rbl_reply
<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11],
...
<br>
/etc/postfix/rbl_reply:
# See https://www.postfix.org/postconf.5.html#<a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a>
# for the definition of the $client_address and $rbl_class etc.
# variables.
<i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11]
554 $rbl_class $rbl_what blocked using ZEN - see <a href="https://www.spamhaus.org/query/ip/$client_address">https://www.spamhaus.org/query/ip/$client_address</a> for details
<i>secret</i>.zen.dq.spamhaus.net
554 $rbl_class $rbl_what blocked using ZEN - see <a href="https://www.spamhaus.org/query/ip/$client_address">https://www.spamhaus.org/query/ip/$client_address</a> for details
</pre>
<p>
NOTE: This feature differs from <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> where
the table search key is a domain name (no "<i>=address</i>" filter,
no "<i>*weight</i>" factor) and where the lookup result should be
a domain name (no free text, no <i>$name</i> variables).
</p> </p>
<p> <p>
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
The "=address-pattern" filter is available in Postfix 2.8 and later.
</p> </p>

View File

@ -1316,7 +1316,7 @@ SMTPD(8) SMTPD(8)
<a href="postconf.5.html#reject_multi_recipient_bounce">ent_bounce</a> restriction. <a href="postconf.5.html#reject_multi_recipient_bounce">ent_bounce</a> restriction.
<b><a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> (empty)</b> <b><a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> (empty)</b>
Optional lookup tables with RBL response templates. Optional lookup tables with RBL or RHSBL response templates.
Available in Postfix version 2.6 and later: Available in Postfix version 2.6 and later:

View File

@ -243,15 +243,12 @@ personalities via master.cf.
Increase the verbose logging level. Specify multiple \fB\-v\fR Increase the verbose logging level. Specify multiple \fB\-v\fR
options to make a Postfix daemon process increasingly verbose. options to make a Postfix daemon process increasingly verbose.
.IP "\fBCommand\-line arguments that start with {\fR" .IP "\fBCommand\-line arguments that start with {\fR"
Specify "{" and "}" around command arguments that start .IP "\fBCommand\-line arguments that contain whitespace\fR"
with "{" (Postfix 3.0 and later). The outer "{" and "}" are .IP "\fBCommand\-line arguments that must be empty\fR"
removed from the input, together with any leading or trailing Specify "{" and "}" around such arguments (Postfix 3.0 and
whitespace. later). The outer "{" and "}" will be removed, together
.IP "\fBOther command\-line arguments\fR" with any leading or trailing whitespace in the remaining
Specify "{" and "}" around command arguments that contain text.
whitespace (Postfix 3.0 and later). The outer "{" and "}"
are removed from the input, together with any leading or
trailing whitespace.
.SH "SEE ALSO" .SH "SEE ALSO"
.na .na
.nf .nf

View File

@ -1732,7 +1732,7 @@ Instead of $name you can also specify ${name} or $(name).
.PP .PP
Note: when an enhanced status code is specified in an RBL reply Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations template, it is subject to modification. The following transformations
are needed when the same RBL reply template is used for client, are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions. helo, sender, or recipient access restrictions.
.IP \(bu .IP \(bu
When rejecting a sender address, the Postfix SMTP server When rejecting a sender address, the Postfix SMTP server
@ -5570,6 +5570,11 @@ Example:
.ad .ad
.ft R .ft R
.PP .PP
NOTE: This feature differs from the Postfix SMTP server's
rbl_reply_maps feature, where 1) the table search key includes the
optional "\fI=address\fR" filter, and where 2) the lookup result
contains free text with \fI$name\fR variables.
.PP
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
.SH postscreen_dnsbl_sites (default: empty) .SH postscreen_dnsbl_sites (default: empty)
Optional list of patterns with DNS allow/denylist domains, filters Optional list of patterns with DNS allow/denylist domains, filters
@ -6160,13 +6165,46 @@ queue and schedules delivery requests.
.PP .PP
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
.SH rbl_reply_maps (default: empty) .SH rbl_reply_maps (default: empty)
Optional lookup tables with RBL response templates. The tables are Optional lookup tables with RBL or RHSBL response templates. The
indexed by the RBL domain name. By default, Postfix uses the default table search key is the reject_rbl_* or reject_rhsbl_* argument,
including any optional "\fI=address\-pattern\fR" filter.
.PP
By default, Postfix uses the
template as specified with the default_rbl_reply configuration template as specified with the default_rbl_reply configuration
parameter. See there for a discussion of the syntax of RBL reply parameter. See there for a discussion of the response template
templates. syntax.
.PP
Example:
.PP
.nf
.na
.ft C
/etc/postfix/main.cf:
rbl_reply_maps = hash:/etc/postfix/rbl_reply
smtpd_recipient_restrictions =
permit_mynetworks,
reject_rbl_client \fIsecret\fR.zen.dq.spamhaus.net=127.0.0.[2..11],
...
.br
/etc/postfix/rbl_reply:
# See https://www.postfix.org/postconf.5.html#default_rbl_reply
# for the definition of the $client_address and $rbl_class etc.
# variables.
\fIsecret\fR.zen.dq.spamhaus.net=127.0.0.[2..11]
554 $rbl_class $rbl_what blocked using ZEN \- see https://www.spamhaus.org/query/ip/$client_address for details
\fIsecret\fR.zen.dq.spamhaus.net
554 $rbl_class $rbl_what blocked using ZEN \- see https://www.spamhaus.org/query/ip/$client_address for details
.fi
.ad
.ft R
.PP
NOTE: This feature differs from postscreen_dnsbl_reply_map where
the table search key is a domain name (no "\fI=address\fR" filter,
no "\fI*weight\fR" factor) and where the lookup result should be
a domain name (no free text, no \fI$name\fR variables).
.PP .PP
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
The "=address\-pattern" filter is available in Postfix 2.8 and later.
.SH readme_directory (default: see "postconf \-d" output) .SH readme_directory (default: see "postconf \-d" output)
The location of Postfix README files that describe how to build, The location of Postfix README files that describe how to build,
configure or operate a specific Postfix subsystem or feature. configure or operate a specific Postfix subsystem or feature.

View File

@ -201,8 +201,10 @@ The command is executed directly, i.e. without interpretation of
shell meta characters by a shell command interpreter. shell meta characters by a shell command interpreter.
.sp .sp
Specify "{" and "}" around command arguments that contain Specify "{" and "}" around command arguments that contain
whitespace (Postfix 3.0 and later). Whitespace whitespace, arguments that begin with "{", or arguments
after the opening "{" and before the closing "}" is ignored. that must be an empty string (Postfix 3.0 and later). The
outer "{" and "}" will be removed, together with any leading
or trailing whitespace in the remaining text.
.sp .sp
In the command argument vector, the following macros are recognized In the command argument vector, the following macros are recognized
and replaced with corresponding information from the Postfix queue and replaced with corresponding information from the Postfix queue

View File

@ -1140,7 +1140,7 @@ The numerical Postfix SMTP server response code when a remote SMTP
client request is blocked by the reject_multi_recipient_bounce client request is blocked by the reject_multi_recipient_bounce
restriction. restriction.
.IP "\fBrbl_reply_maps (empty)\fR" .IP "\fBrbl_reply_maps (empty)\fR"
Optional lookup tables with RBL response templates. Optional lookup tables with RBL or RHSBL response templates.
.PP .PP
Available in Postfix version 2.6 and later: Available in Postfix version 2.6 and later:
.IP "\fBaccess_map_defer_code (450)\fR" .IP "\fBaccess_map_defer_code (450)\fR"

View File

@ -909,7 +909,7 @@ stored as plaintext. </p>
auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>" auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>"
to query the LDAP database directly, with appropriate configuration to query the LDAP database directly, with appropriate configuration
in <code>saslauthd.conf</code>, <a in <code>saslauthd.conf</code>, <a
href="http://git.cyrusimap.org/cyrus-sasl/tree/saslauthd/LDAP_SASLAUTHD">as href="https://github.com/cyrusimap/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD">as
described here</a>. You will not be able to use any of the described here</a>. You will not be able to use any of the
methods that require access to plaintext passwords, such as the methods that require access to plaintext passwords, such as the
shared-secret methods CRAM-MD5 and DIGEST-MD5. </p> shared-secret methods CRAM-MD5 and DIGEST-MD5. </p>

View File

@ -237,15 +237,12 @@
# Increase the verbose logging level. Specify multiple \fB-v\fR # Increase the verbose logging level. Specify multiple \fB-v\fR
# options to make a Postfix daemon process increasingly verbose. # options to make a Postfix daemon process increasingly verbose.
# .IP "\fBCommand-line arguments that start with {\fR" # .IP "\fBCommand-line arguments that start with {\fR"
# Specify "{" and "}" around command arguments that start # .IP "\fBCommand-line arguments that contain whitespace\fR"
# with "{" (Postfix 3.0 and later). The outer "{" and "}" are # .IP "\fBCommand-line arguments that must be empty\fR"
# removed from the input, together with any leading or trailing # Specify "{" and "}" around such arguments (Postfix 3.0 and
# whitespace. # later). The outer "{" and "}" will be removed, together
# .IP "\fBOther command-line arguments\fR" # with any leading or trailing whitespace in the remaining
Specify "{" and "}" around command arguments that contain # text.
# whitespace (Postfix 3.0 and later). The outer "{" and "}"
# are removed from the input, together with any leading or
# trailing whitespace.
# SEE ALSO # SEE ALSO
# master(8), process manager # master(8), process manager
# postconf(5), configuration parameters # postconf(5), configuration parameters

View File

@ -1254,7 +1254,7 @@ Instead of $name you can also specify ${name} or $(name).
<p> Note: when an enhanced status code is specified in an RBL reply <p> Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations template, it is subject to modification. The following transformations
are needed when the same RBL reply template is used for client, are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions. </p> helo, sender, or recipient access restrictions. </p>
<ul> <ul>
@ -3586,15 +3586,46 @@ The default time unit is s (seconds). </p>
%PARAM rbl_reply_maps %PARAM rbl_reply_maps
<p> <p>
Optional lookup tables with RBL response templates. The tables are Optional lookup tables with RBL or RHSBL response templates. The
indexed by the RBL domain name. By default, Postfix uses the default table search key is the reject_rbl_* or reject_rhsbl_* argument,
including any optional "<i>=address-pattern</i>" filter. </p>
<p> By default, Postfix uses the
template as specified with the default_rbl_reply configuration template as specified with the default_rbl_reply configuration
parameter. See there for a discussion of the syntax of RBL reply parameter. See there for a discussion of the response template
templates. syntax.
</p>
<p> Example: </p>
<pre>
/etc/postfix/main.cf:
rbl_reply_maps = hash:/etc/postfix/rbl_reply
smtpd_recipient_restrictions =
permit_mynetworks,
reject_rbl_client <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11],
...
<br>
/etc/postfix/rbl_reply:
# See https://www.postfix.org/postconf.5.html#default_rbl_reply
# for the definition of the $client_address and $rbl_class etc.
# variables.
<i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11]
554 $rbl_class $rbl_what blocked using ZEN - see https://www.spamhaus.org/query/ip/$client_address for details
<i>secret</i>.zen.dq.spamhaus.net
554 $rbl_class $rbl_what blocked using ZEN - see https://www.spamhaus.org/query/ip/$client_address for details
</pre>
<p>
NOTE: This feature differs from postscreen_dnsbl_reply_map where
the table search key is a domain name (no "<i>=address</i>" filter,
no "<i>*weight</i>" factor) and where the lookup result should be
a domain name (no free text, no <i>$name</i> variables).
</p> </p>
<p> <p>
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
The "=address-pattern" filter is available in Postfix 2.8 and later.
</p> </p>
%PARAM receive_override_options %PARAM receive_override_options
@ -15418,6 +15449,11 @@ the file is read). </p>
secret.zen.spamhaus.org zen.spamhaus.org secret.zen.spamhaus.org zen.spamhaus.org
</pre> </pre>
<p> NOTE: This feature differs from the Postfix SMTP server's
rbl_reply_maps feature, where 1) the table search key includes the
optional "<i>=address</i>" filter, and where 2) the lookup result
contains free text with <i>$name</i> variables. </p>
<p> This feature is available in Postfix 2.8. </p> <p> This feature is available in Postfix 2.8. </p>
%PARAM postscreen_dnsbl_timeout 10s %PARAM postscreen_dnsbl_timeout 10s

View File

@ -1604,3 +1604,5 @@ LLC
Maadani Maadani
GTEST GTEST
javascript javascript
SMFI
RHSBL

View File

@ -126,3 +126,5 @@ proto proto mysql_table proto pgsql_table proto ldap_table
a domain File postalias postalias c a domain File postalias postalias c
File spawn spawn c File spawn spawn c
an unknown or unimplemented command File smtpd smtpd c an unknown or unimplemented command File smtpd smtpd c
inside more consistent Files proto master pipe pipe c
unimplemented commands in the SMTP server File smtpd smtpd c

View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20240612" #define MAIL_RELEASE_DATE "20240622"
#define MAIL_VERSION_NUMBER "3.10" #define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT #ifdef SNAPSHOT

View File

@ -191,8 +191,10 @@
/* shell meta characters by a shell command interpreter. /* shell meta characters by a shell command interpreter.
/* .sp /* .sp
/* Specify "{" and "}" around command arguments that contain /* Specify "{" and "}" around command arguments that contain
/* whitespace (Postfix 3.0 and later). Whitespace /* whitespace, arguments that begin with "{", or arguments
/* after the opening "{" and before the closing "}" is ignored. /* that must be an empty string (Postfix 3.0 and later). The
/* outer "{" and "}" will be removed, together with any leading
/* or trailing whitespace in the remaining text.
/* .sp /* .sp
/* In the command argument vector, the following macros are recognized /* In the command argument vector, the following macros are recognized
/* and replaced with corresponding information from the Postfix queue /* and replaced with corresponding information from the Postfix queue

View File

@ -1084,7 +1084,7 @@
/* client request is blocked by the reject_multi_recipient_bounce /* client request is blocked by the reject_multi_recipient_bounce
/* restriction. /* restriction.
/* .IP "\fBrbl_reply_maps (empty)\fR" /* .IP "\fBrbl_reply_maps (empty)\fR"
/* Optional lookup tables with RBL response templates. /* Optional lookup tables with RBL or RHSBL response templates.
/* .PP /* .PP
/* Available in Postfix version 2.6 and later: /* Available in Postfix version 2.6 and later:
/* .IP "\fBaccess_map_defer_code (450)\fR" /* .IP "\fBaccess_map_defer_code (450)\fR"
@ -5501,11 +5501,43 @@ static void tls_reset(SMTPD_STATE *state)
#endif #endif
/* milter_unknown_reply_override - common code for unknown/unimplemented case */
static int milter_unknown_reply_override(SMTPD_STATE *state)
{
const char *err;
/*
* XXX The Postfix libmilter implementation does not indicate whether it
* returns:
*
* 1) A generic "command rejected" etc. reply text that is generated by the
* Postfix milter library, when the Sendmail milter library replies with
* SMFI_REJECT or SMFI_TEMPFAIL.
*
* 2) A custom reply text that is generated by a milter application, when
* the Sendmail milter library replies with SMFI_REPLY.
*
* As a compromise, we will not override the Postfix SMTP server's specific
* "5XX Unknown command" etc. reply.
*/
if (state->milters != 0
&& (err = milter_unknown_event(state->milters,
STR(state->buffer))) != 0) {
if (err[0] == '4') {
smtpd_chat_reply(state, "%s", err);
return (1);
} else if (err[0] != '5') {
msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
}
}
return (0);
}
/* unimpl_cmd - dummy for functionality that is not compiled in */ /* unimpl_cmd - dummy for functionality that is not compiled in */
static int unimpl_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv) static int unimpl_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
{ {
const char *err = 0;
/* /*
* When a connection is closed we want to log the request counts for * When a connection is closed we want to log the request counts for
@ -5516,16 +5548,8 @@ static int unimpl_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
* it must either tempfail or reject. * it must either tempfail or reject.
*/ */
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
if (state->milters != 0 if (milter_unknown_reply_override(state) == 0)
&& (err = milter_unknown_event(state->milters,
STR(state->buffer))) != 0
&& err[0] == '4') {
smtpd_chat_reply(state, "%s", err);
} else {
if (err && err[0] != '5')
msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
smtpd_chat_reply(state, "502 5.5.1 Error: command not implemented"); smtpd_chat_reply(state, "502 5.5.1 Error: command not implemented");
}
return (-1); return (-1);
} }
@ -5553,7 +5577,7 @@ typedef struct SMTPD_CMD {
#define SMTPD_CMD_FLAG_PRE_TLS (1<<1) /* allow before STARTTLS */ #define SMTPD_CMD_FLAG_PRE_TLS (1<<1) /* allow before STARTTLS */
#define SMTPD_CMD_FLAG_LAST (1<<2) /* last in PIPELINING command group */ #define SMTPD_CMD_FLAG_LAST (1<<2) /* last in PIPELINING command group */
static int help_cmd(SMTPD_STATE *, int, SMTPD_TOKEN *); static int help_cmd(SMTPD_STATE *, int, SMTPD_TOKEN *);
static SMTPD_CMD smtpd_cmd_table[] = { static SMTPD_CMD smtpd_cmd_table[] = {
{SMTPD_CMD_HELO, helo_cmd, SMTPD_CMD_FLAG_LIMIT | SMTPD_CMD_FLAG_PRE_TLS | SMTPD_CMD_FLAG_LAST,}, {SMTPD_CMD_HELO, helo_cmd, SMTPD_CMD_FLAG_LIMIT | SMTPD_CMD_FLAG_PRE_TLS | SMTPD_CMD_FLAG_LAST,},
@ -6021,19 +6045,9 @@ static void smtpd_proto(SMTPD_STATE *state)
} }
/* state->access_denied == 0 || cmdp->action == quit_cmd */ /* state->access_denied == 0 || cmdp->action == quit_cmd */
if (cmdp->name == 0) { if (cmdp->name == 0) {
/* See unimpl_cmd() for valid xxfi_unknown() return values. */ if (milter_unknown_reply_override(state) == 0)
err = 0;
if (state->milters != 0
&& (err = milter_unknown_event(state->milters,
STR(state->buffer))) != 0
&& err[0] == '4') {
smtpd_chat_reply(state, "%s", err);
} else {
if (err && err[0] != '5')
msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
smtpd_chat_reply(state, smtpd_chat_reply(state,
"500 5.5.2 Error: command not recognized"); "500 5.5.2 Error: command not recognized");
}
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
state->error_count++; state->error_count++;
continue; continue;