-/* $Cambridge: exim/src/src/acl.c,v 1.78 2007/08/22 10:10:23 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.82 2008/02/12 12:52:51 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
ACLC_CONDITION,
ACLC_CONTINUE,
ACLC_CONTROL,
+#ifdef EXPERIMENTAL_DCC
+ ACLC_DCC,
+#endif
#ifdef WITH_CONTENT_SCAN
ACLC_DECODE,
#endif
#endif
#ifdef EXPERIMENTAL_SPF
ACLC_SPF,
+ ACLC_SPF_GUESS,
#endif
ACLC_VERIFY };
US"condition",
US"continue",
US"control",
+#ifdef EXPERIMENTAL_DCC
+ US"dcc",
+#endif
#ifdef WITH_CONTENT_SCAN
US"decode",
#endif
#endif
#ifdef EXPERIMENTAL_SPF
US"spf",
+ US"spf_guess",
#endif
US"verify" };
#ifdef EXPERIMENTAL_DOMAINKEYS
CONTROL_DK_VERIFY,
#endif
+ #ifdef EXPERIMENTAL_DKIM
+ CONTROL_DKIM_VERIFY,
+ #endif
CONTROL_ERROR,
CONTROL_CASEFUL_LOCAL_PART,
CONTROL_CASELOWER_LOCAL_PART,
#ifdef EXPERIMENTAL_DOMAINKEYS
US"dk_verify",
#endif
+ #ifdef EXPERIMENTAL_DKIM
+ US"dkim_verify",
+ #endif
US"error",
US"caseful_local_part",
US"caselower_local_part",
TRUE, /* condition */
TRUE, /* continue */
TRUE, /* control */
+#ifdef EXPERIMENTAL_DCC
+ TRUE, /* dcc */
+#endif
#ifdef WITH_CONTENT_SCAN
TRUE, /* decode */
#endif
#endif
#ifdef EXPERIMENTAL_SPF
TRUE, /* spf */
+ TRUE, /* spf_guess */
#endif
TRUE /* verify */
};
FALSE, /* condition */
TRUE, /* continue */
TRUE, /* control */
+#ifdef EXPERIMENTAL_DCC
+ FALSE, /* dcc */
+#endif
#ifdef WITH_CONTENT_SCAN
FALSE, /* decode */
#endif
#endif
#ifdef EXPERIMENTAL_SPF
FALSE, /* spf */
+ FALSE, /* spf_guess */
#endif
FALSE /* verify */
};
0, /* control */
+ #ifdef EXPERIMENTAL_DCC
+ (unsigned int)
+ ~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)), /* dcc */
+ #endif
+
#ifdef WITH_CONTENT_SCAN
(unsigned int)
~(1<<ACL_WHERE_MIME), /* decode */
(1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
(1<<ACL_WHERE_NOTSMTP)|
(1<<ACL_WHERE_NOTSMTP_START),
+
+ (1<<ACL_WHERE_AUTH)|(1<<ACL_WHERE_CONNECT)| /* spf_guess */
+ (1<<ACL_WHERE_HELO)|
+ (1<<ACL_WHERE_MAILAUTH)|
+ (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
+ (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
+ (1<<ACL_WHERE_NOTSMTP)|
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
/* Certain types of verify are always allowed, so we let it through
(1<<ACL_WHERE_NOTSMTP_START),
#endif
+ #ifdef EXPERIMENTAL_DKIM
+ (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dkim_verify */
+ (1<<ACL_WHERE_NOTSMTP_START),
+ #endif
+
0, /* error */
(unsigned int)
#endif
#ifdef EXPERIMENTAL_DOMAINKEYS
{ US"dk_verify", CONTROL_DK_VERIFY, FALSE },
+#endif
+#ifdef EXPERIMENTAL_DKIM
+ { US"dkim_verify", CONTROL_DKIM_VERIFY, FALSE },
#endif
{ US"caseful_local_part", CONTROL_CASEFUL_LOCAL_PART, FALSE },
{ US"caselower_local_part", CONTROL_CASELOWER_LOCAL_PART, FALSE },
break;
#endif
+ #ifdef EXPERIMENTAL_DKIM
+ case CONTROL_DKIM_VERIFY:
+ dkim_do_verify = 1;
+ break;
+ #endif
+
case CONTROL_ERROR:
return ERROR;
}
break;
+ #ifdef EXPERIMENTAL_DCC
+ case ACLC_DCC:
+ {
+ /* Seperate the regular expression and any optional parameters. */
+ uschar *ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size);
+ /* Run the dcc backend. */
+ rc = dcc_process(&ss);
+ /* Modify return code based upon the existance of options. */
+ while ((ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size))
+ != NULL) {
+ if (strcmpic(ss, US"defer_ok") == 0 && rc == DEFER)
+ {
+ /* FAIL so that the message is passed to the next ACL */
+ rc = FAIL;
+ }
+ }
+ }
+ break;
+ #endif
+
#ifdef WITH_CONTENT_SCAN
case ACLC_DECODE:
rc = mime_decode(&arg);
#ifdef EXPERIMENTAL_SPF
case ACLC_SPF:
- rc = spf_process(&arg, sender_address);
+ rc = spf_process(&arg, sender_address, SPF_PROCESS_NORMAL);
+ break;
+ case ACLC_SPF_GUESS:
+ rc = spf_process(&arg, sender_address, SPF_PROCESS_GUESS);
break;
#endif
*log_msgptr = *user_msgptr = NULL;
acl_temp_details = FALSE;
- if (where == ACL_WHERE_QUIT &&
+ if ((where == ACL_WHERE_QUIT || where == ACL_WHERE_NOTQUIT) &&
acl->verb != ACL_ACCEPT &&
acl->verb != ACL_WARN)
{
- *log_msgptr = string_sprintf("\"%s\" is not allowed in a QUIT ACL",
+ *log_msgptr = string_sprintf("\"%s\" is not allowed in a QUIT or not-QUIT ACL",
verbs[acl->verb]);
return ERROR;
}