diff options
| author | Bertrand Jacquin <beber@meleeweb.net> | 2006-12-22 03:17:21 +0100 |
|---|---|---|
| committer | Bertrand Jacquin <beber@meleeweb.net> | 2006-12-22 03:17:21 +0100 |
| commit | a549ce75fdad72adf98e87da83bc570c7173255c (patch) | |
| tree | f02d38d121a1e1488edcc12c121788d89614c7ef /mail-mta/exim | |
| parent | evas: import portage change (diff) | |
| download | portage-a549ce75fdad72adf98e87da83bc570c7173255c.tar.xz | |
exim: add dsn, and import dk and dovecot support to 4.63
Diffstat (limited to 'mail-mta/exim')
| -rw-r--r-- | mail-mta/exim/Manifest | 52 | ||||
| -rw-r--r-- | mail-mta/exim/exim-4.63.ebuild | 327 | ||||
| -rw-r--r-- | mail-mta/exim/files/auth_conf.sub | 25 | ||||
| -rw-r--r-- | mail-mta/exim/files/configure | 419 | ||||
| -rw-r--r-- | mail-mta/exim/files/digest-exim-4.63 | 6 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim-4.10-gentoo.diff | 65 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim-4.30-conf.patch | 19 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim-4.50-srs_update-1.0.patch | 527 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim.confd | 2 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim.rc6 | 22 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim_463_dsn_1_3.patch | 1167 | ||||
| -rw-r--r-- | mail-mta/exim/files/mailer.conf | 10 | ||||
| -rw-r--r-- | mail-mta/exim/files/pam.d-exim | 3 | ||||
| -rw-r--r-- | mail-mta/exim/files/system_filter.exim | 220 |
14 files changed, 2864 insertions, 0 deletions
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest index cbccefb0..c8ce5fa7 100644 --- a/mail-mta/exim/Manifest +++ b/mail-mta/exim/Manifest @@ -1,3 +1,15 @@ +AUX auth_conf.sub 775 RMD160 3d0280be4646b4e7bb222da2b95af82c2d0d669d SHA1 3116e59ac760f38eb2562fe44df649be4ffa11e5 SHA256 48c652cdeb971ad2b3854f4c6e417174d45568ad9977bb374afc0700aece962f +MD5 68fc403ba2c98ccba281939085cb9052 files/auth_conf.sub 775 +RMD160 3d0280be4646b4e7bb222da2b95af82c2d0d669d files/auth_conf.sub 775 +SHA256 48c652cdeb971ad2b3854f4c6e417174d45568ad9977bb374afc0700aece962f files/auth_conf.sub 775 +AUX configure 16346 RMD160 7826da9ebcf9d9318894bb3a412532a371e62032 SHA1 8e1b61ede8c86fc6efa50eca0e5da52e9be3dfaf SHA256 c0b8dee099095963d77d19a44ed9305759b4db2a1048ae77d1f839f75e017d6e +MD5 0cb2ffe88c81fd7ac8429b5a19d58b35 files/configure 16346 +RMD160 7826da9ebcf9d9318894bb3a412532a371e62032 files/configure 16346 +SHA256 c0b8dee099095963d77d19a44ed9305759b4db2a1048ae77d1f839f75e017d6e files/configure 16346 +AUX exim-4.10-gentoo.diff 1889 RMD160 5e3b7424901e8ce55c43ed1d87193f915d633285 SHA1 49c5ad9efbfd5e380f4bd4485ea5771203be3029 SHA256 b9c4c055c0992362f16e02d64f81e0427cc87729d67f9ac4e275d0360709b40b +MD5 369b42cafcbe5631c2d03cbbfd4aeddd files/exim-4.10-gentoo.diff 1889 +RMD160 5e3b7424901e8ce55c43ed1d87193f915d633285 files/exim-4.10-gentoo.diff 1889 +SHA256 b9c4c055c0992362f16e02d64f81e0427cc87729d67f9ac4e275d0360709b40b files/exim-4.10-gentoo.diff 1889 AUX exim-4.14-tail.patch 446 RMD160 685e27ff995710f3b8d77d8785b04503170e7e27 SHA1 d52b5d10656ead546beda128068ed2f9dbc67200 SHA256 74d1044bb94e167180fd8f8aba7449ca3d2b09b1ce170a1a2e4e54ca0cd660da MD5 5d5aabea7d56a91803df1312c04d32c0 files/exim-4.14-tail.patch 446 RMD160 685e27ff995710f3b8d77d8785b04503170e7e27 files/exim-4.14-tail.patch 446 @@ -6,6 +18,10 @@ AUX exim-4.20-maildir.patch 478 RMD160 50c6a1dd6ae3f7bb1776696d3d0d7a161c351fce MD5 622b726ea7b32aae93a8fe9f3c2af9cd files/exim-4.20-maildir.patch 478 RMD160 50c6a1dd6ae3f7bb1776696d3d0d7a161c351fce files/exim-4.20-maildir.patch 478 SHA256 2704c4db67bb7c58c2421656d942f533d1eedf1df187e76297ab72d2c2a2fb4c files/exim-4.20-maildir.patch 478 +AUX exim-4.30-conf.patch 887 RMD160 4e50bdb4f3a9f061c7f4da763ad5e427b9cbea26 SHA1 cf7ecab19aba3b758d736c584b98fa4be2338050 SHA256 a33425492f246c6afe3be21e83e0dc20ecd5ea300a172d877f666d077648eedf +MD5 f03fc637e154f9ca79d991e71eb063bf files/exim-4.30-conf.patch 887 +RMD160 4e50bdb4f3a9f061c7f4da763ad5e427b9cbea26 files/exim-4.30-conf.patch 887 +SHA256 a33425492f246c6afe3be21e83e0dc20ecd5ea300a172d877f666d077648eedf files/exim-4.30-conf.patch 887 AUX exim-4.43-SmtpUsingDovecot.patch 13382 RMD160 792ec7e17ebf40e3b2ae7a4cb7d2ccee7dde7438 SHA1 c50d1a3a2b87690e439a380a77424472edff8977 SHA256 9c64359f42b9f6019c486a240e2b4a14c5390f680e6fed456894eb6ec3da81cd MD5 d7affee8bf277ce9380f2027320c958c files/exim-4.43-SmtpUsingDovecot.patch 13382 RMD160 792ec7e17ebf40e3b2ae7a4cb7d2ccee7dde7438 files/exim-4.43-SmtpUsingDovecot.patch 13382 @@ -18,7 +34,36 @@ AUX exim-4.43-r2-localscan_dlopen.patch 9236 RMD160 d33f7bcf72f947e8d1a3d9177136 MD5 c76437104cbde9184f01eb0987bfd738 files/exim-4.43-r2-localscan_dlopen.patch 9236 RMD160 d33f7bcf72f947e8d1a3d917713630100c175491 files/exim-4.43-r2-localscan_dlopen.patch 9236 SHA256 3ec15d2dfdf251c70647c3def09711385f23983eceeecb6ec9d42b39f54b198d files/exim-4.43-r2-localscan_dlopen.patch 9236 +AUX exim-4.50-srs_update-1.0.patch 18372 RMD160 1ac6d641f8c1b8c9c6378bfc0de9dce4c59a7413 SHA1 b4d8b531b267cedfd1b293d1a46d02f18931186e SHA256 df0e4f4901abb53a3ada0367d1682d5b25846804330b37abb2fecc7f0fed1563 +MD5 67d515cfd03abf9c207c28c997de4177 files/exim-4.50-srs_update-1.0.patch 18372 +RMD160 1ac6d641f8c1b8c9c6378bfc0de9dce4c59a7413 files/exim-4.50-srs_update-1.0.patch 18372 +SHA256 df0e4f4901abb53a3ada0367d1682d5b25846804330b37abb2fecc7f0fed1563 files/exim-4.50-srs_update-1.0.patch 18372 +AUX exim.confd 62 RMD160 d8dcabf184ffb9066ad45c3e77cce1ec0392a143 SHA1 c56feda3c3193fad26852310da8ef24ef91f60f6 SHA256 668f912565a59926957090c6143f669f0e9de2cf441507d3c05fcd046865b401 +MD5 f442b68d435598831bab8536ade071b8 files/exim.confd 62 +RMD160 d8dcabf184ffb9066ad45c3e77cce1ec0392a143 files/exim.confd 62 +SHA256 668f912565a59926957090c6143f669f0e9de2cf441507d3c05fcd046865b401 files/exim.confd 62 +AUX exim.rc6 565 RMD160 f9f2d644c2997478e3e9011217bb2d73068ecc22 SHA1 345dbbf7de380eba06c2c2fd90cd2dc006324344 SHA256 f4ed3ffeaf066730451046431b73832a37cdb62ba9ef9c2ae2605188ab830fa7 +MD5 8609e97b73196813ddfc2b3de6a2bbac files/exim.rc6 565 +RMD160 f9f2d644c2997478e3e9011217bb2d73068ecc22 files/exim.rc6 565 +SHA256 f4ed3ffeaf066730451046431b73832a37cdb62ba9ef9c2ae2605188ab830fa7 files/exim.rc6 565 +AUX exim_463_dsn_1_3.patch 40205 RMD160 af2a818f9ba58c79b83bab621956caa421deb975 SHA1 6967c73a49d7a8643735f01a3d44ff94f789c55d SHA256 12156e4b30ad2147a3ae4df841d6a110fae0a14c98e7020366767a98589aadb2 +MD5 1af0bb7a11bb82671b3095c7aaf5d217 files/exim_463_dsn_1_3.patch 40205 +RMD160 af2a818f9ba58c79b83bab621956caa421deb975 files/exim_463_dsn_1_3.patch 40205 +SHA256 12156e4b30ad2147a3ae4df841d6a110fae0a14c98e7020366767a98589aadb2 files/exim_463_dsn_1_3.patch 40205 +AUX mailer.conf 259 RMD160 6412ac421b836f9425af443084dbaa49feb14df6 SHA1 690b15bdb334ed2bfda927a156227385823353f2 SHA256 c1dfa59d617c5744ebd119c37b408d7135f1fa6be4322d2f77db8ba9cb30d359 +MD5 9c5befad84b514b263004dc7a66b3d39 files/mailer.conf 259 +RMD160 6412ac421b836f9425af443084dbaa49feb14df6 files/mailer.conf 259 +SHA256 c1dfa59d617c5744ebd119c37b408d7135f1fa6be4322d2f77db8ba9cb30d359 files/mailer.conf 259 +AUX pam.d-exim 101 RMD160 8ad4e0a05068ae20d5e8d401146456945d068322 SHA1 bdca3fb37937baa5da5e656c07ec333abfaa0f7d SHA256 80d94cb0b3ded20ed1513f4d5627969c4ce85d3006c702eb24920ffa01eec674 +MD5 d230e0fa45f2b65d5bc50c0879c40148 files/pam.d-exim 101 +RMD160 8ad4e0a05068ae20d5e8d401146456945d068322 files/pam.d-exim 101 +SHA256 80d94cb0b3ded20ed1513f4d5627969c4ce85d3006c702eb24920ffa01eec674 files/pam.d-exim 101 +AUX system_filter.exim 8120 RMD160 267545af6dd333e0e5f05e1d4d02a0e8ee638d45 SHA1 a9eaf04538cd35eae726e2920cb0d115bc2ab2e0 SHA256 35539f6d20f2847b4093824618797b4d602dcc5b7d920e49bf5c26f0fd89858e +MD5 4c0b8ee742360c08f0bc0b526fcaad10 files/system_filter.exim 8120 +RMD160 267545af6dd333e0e5f05e1d4d02a0e8ee638d45 files/system_filter.exim 8120 +SHA256 35539f6d20f2847b4093824618797b4d602dcc5b7d920e49bf5c26f0fd89858e files/system_filter.exim 8120 DIST exim-4.62.tar.bz2 1577729 RMD160 9553b758e3bfd3d12027262b6211e37ad3259252 SHA1 2b3f95c1880de07ef22a96d7141eaa66e3c46768 SHA256 b5438894807c560a7933af36d10b2951f890aece9bff14c95fe2b91b0398629b +DIST exim-4.63.tar.bz2 1586169 RMD160 43ff82bad9e097da670d6b5c77e672b3edc3945b SHA1 44bb57c26bee29500d0b80ba57997e5325f144d0 SHA256 b7d64eff366de656a7f992991e354d9be3ab067a94defe2136937f3159da94d7 DIST exiscan.conf 22113 RMD160 e52b77f656b3ba2105e833075d1368f41e414d64 SHA1 74dc6e30f49402f5e6fefc280ea325d17f6af8c4 SHA256 f8cc731d3225a902461e05c0997df23bfd231ea8d5bf33a9aba5783bc6e0c964 EBUILD exim-4.62-r1.ebuild 9415 RMD160 d30f3cc4b0589ad5fdba440158873b90db1d0bec SHA1 14282701dc9a90c0a40979f8895da13ef851b085 SHA256 dfec5f6a4a2a2608189d0982fe48af69a1c6919d7bca13ba622fd5606bda6624 MD5 06ae8ab5fb6ae358fca522e635177655 exim-4.62-r1.ebuild 9415 @@ -28,9 +73,16 @@ EBUILD exim-4.62-r2.ebuild 9746 RMD160 83c3af9169d0e94cf426f4c75d92d57582199ab4 MD5 1287278ba300ed151881be0abd68d9af exim-4.62-r2.ebuild 9746 RMD160 83c3af9169d0e94cf426f4c75d92d57582199ab4 exim-4.62-r2.ebuild 9746 SHA256 d54efa135f261c97cc94063189c951b20700c5899c46fc63ea48f285d4f6bc87 exim-4.62-r2.ebuild 9746 +EBUILD exim-4.63.ebuild 9887 RMD160 ca2e4976bf03ffe54e94ef5bf09095d1bde529cb SHA1 80d0a3d1320bb1c8bc5248625f47950d34fc5065 SHA256 f8467ed5fccff55a75c24fd2c52d557b0c1556b8aa6e17f22ee4ea76a19718ef +MD5 d37c66525706ae4b45ed6e841f330e5b exim-4.63.ebuild 9887 +RMD160 ca2e4976bf03ffe54e94ef5bf09095d1bde529cb exim-4.63.ebuild 9887 +SHA256 f8467ed5fccff55a75c24fd2c52d557b0c1556b8aa6e17f22ee4ea76a19718ef exim-4.63.ebuild 9887 MD5 31e2a5f83bcae355694aafddd6d76d10 files/digest-exim-4.62-r1 449 RMD160 b65f09555de6587827634d3c592f8a25515d938e files/digest-exim-4.62-r1 449 SHA256 23a4934530694bdb862bb652d6045101cfaa263d8be8e34f7a6b296f97ae2202 files/digest-exim-4.62-r1 449 MD5 31e2a5f83bcae355694aafddd6d76d10 files/digest-exim-4.62-r2 449 RMD160 b65f09555de6587827634d3c592f8a25515d938e files/digest-exim-4.62-r2 449 SHA256 23a4934530694bdb862bb652d6045101cfaa263d8be8e34f7a6b296f97ae2202 files/digest-exim-4.62-r2 449 +MD5 7e896911202f5cc29d66df5cc32f8d8b files/digest-exim-4.63 449 +RMD160 b35c51c7718b924fc20263ee5ad224a14c2d57c6 files/digest-exim-4.63 449 +SHA256 2cddb407eec5a561dfd0ea5ff5def202abebf996df72215b652bdefeb7dfee7e files/digest-exim-4.63 449 diff --git a/mail-mta/exim/exim-4.63.ebuild b/mail-mta/exim/exim-4.63.ebuild new file mode 100644 index 00000000..c729c60f --- /dev/null +++ b/mail-mta/exim/exim-4.63.ebuild @@ -0,0 +1,327 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/exim/exim-4.63.ebuild,v 1.2 2006/11/23 20:25:35 vivo Exp $ + +inherit eutils + +IUSE="tcpd ssl postgres mysql ldap pam exiscan-acl mailwrapper lmtp ipv6 sasl dnsdb perl mbx X exiscan nis syslog spf srs gnutls sqlite domainkeys dovecot dsn" + +DESCRIPTION="A highly configurable, drop-in replacement for sendmail" +SRC_URI="ftp://ftp.exim.org/pub/exim/exim4/${P}.tar.bz2 mirror://gentoo/exiscan.conf" +HOMEPAGE="http://www.exim.org/" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86" + +PROVIDE="virtual/mta" +DEPEND=">=sys-apps/sed-4.0.5 + perl? ( sys-devel/libperl ) + >=sys-libs/db-3.2 + pam? ( >=sys-libs/pam-0.75 ) + tcpd? ( sys-apps/tcp-wrappers ) + ssl? ( >=dev-libs/openssl-0.9.6 ) + gnutls? ( net-libs/gnutls ) + ldap? ( >=net-nds/openldap-2.0.7 ) + mysql? ( virtual/mysql ) + postgres? ( >=dev-db/postgresql-7 ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.14 ) + spf? ( >=mail-filter/libspf2-1.2.5-r1 ) + srs? ( mail-filter/libsrs_alt ) + domainkeys? ( mail-filter/libdomainkeys ) + X? ( || ( ( x11-proto/xproto + x11-libs/libX11 + x11-libs/libXmu + x11-libs/libXt + x11-libs/libXaw ) + virtual/x11 ) + ) + sqlite? ( dev-db/sqlite ) + dovecot? ( net-mail/dovecot )" + # added X check for #57206 +RDEPEND="${DEPEND} + mailwrapper? ( >=net-mail/mailwrapper-0.2 ) + !mailwrapper? ( !virtual/mta ) + >=net-mail/mailbase-0.00-r5" + +src_unpack() { + unpack ${A} + cd ${S} + + local myconf + + epatch ${FILESDIR}/exim-4.14-tail.patch + epatch ${FILESDIR}/exim-4.43-r2-localscan_dlopen.patch + + if use dovecot; then + einfo "Patching for SMTP Dovecot Auth" + einfo "See http://www.exim.org/eximwiki/AuthenticatedSmtpUsingDovecot" + epatch ${FILESDIR}/exim-4.43-SmtpUsingDovecot.patch + fi + + if use dsn; then + einfo "Patching for DSN Support" + einfo "http://sourceforge.net/projects/eximdsn/" + epatch ${FILESDIR}/exim_463_dsn_1_3.patch + fi + + if ! use mbx; then + einfo "Patching maildir support into exim.conf" + epatch ${FILESDIR}/exim-4.20-maildir.patch + fi + + sed -i "/SYSTEM_ALIASES_FILE/ s'SYSTEM_ALIASES_FILE'/etc/mail/aliases'" ${S}/src/configure.default + cp ${S}/src/configure.default ${S}/src/configure.default.orig + + # Includes Typo fix for bug 47106 + sed -e "48i\CFLAGS=${CFLAGS}" \ + -e "s:# AUTH_CRAM_MD5=yes:AUTH_CRAM_MD5=yes:" \ + -e "s:# AUTH_PLAINTEXT=yes:AUTH_PLAINTEXT=yes:" \ + -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=/usr/sbin:" \ + -e "s:COMPRESS_COMMAND=/usr/bin/gzip:COMPRESS_COMMAND=/bin/gzip:" \ + -e "s:ZCAT_COMMAND=/usr/bin/zcat:ZCAT_COMMAND=/bin/zcat:" \ + -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=/etc/exim/exim.conf:" \ + -e "s:EXIM_MONITOR=eximon.bin:# EXIM_MONITOR=eximon.bin:" \ + -e "s:# INFO_DIRECTORY=/usr/local/info:INFO_DIRECTORY=/usr/share/info:" \ + -e "s:# LOG_FILE_PATH=/var/log/exim_%slog:LOG_FILE_PATH=/var/log/exim/exim_%s.log:" \ + -e "s:# PID_FILE_PATH=/var/lock/exim.pid:PID_FILE_PATH=/var/run/exim.pid:" \ + -e "s:# SPOOL_DIRECTORY=/var/spool/exim:SPOOL_DIRECTORY=/var/spool/exim:" \ + -e "s:# SUPPORT_MAILDIR=yes:SUPPORT_MAILDIR=yes:" \ + -e "s:# SUPPORT_MAILSTORE=yes:SUPPORT_MAILSTORE=yes:" \ + -e "s:EXIM_USER=:EXIM_USER=mail:" \ + -e "s:# AUTH_SPA=yes:AUTH_SPA=yes:" \ + -e "s:^ZCAT_COMMAND.*$:ZCAT_COMMAND=/bin/zcat:" \ + -e "s:# LOOKUP_PASSWD=yes:LOOKUP_PASSWD=yes:" \ + src/EDITME > Local/Makefile + + # exiscan-acl is now integrated - enabled it when use-flag set + if use exiscan-acl; then + sed -i "s:# WITH_CONTENT_SCAN=yes:WITH_CONTENT_SCAN=yes:" Local/Makefile + sed -i "s:# WITH_OLD_DEMIME=yes:WITH_OLD_DEMIME=yes:" Local/Makefile + elif (use spf || use srs || use domainkeys) then + eerror SPF, SRS and DomainKeys support require exiscan-acl to be enabled, please add + eerror to your USE settings. + exit 1 + fi + if use spf; then + myconf="${myconf} -lspf2" + sed -i "s:# EXPERIMENTAL_SPF=yes:EXPERIMENTAL_SPF=yes:" Local/Makefile + mycflags="${mycflags} -DEXPERIMENTAL_SPF" + fi + if use srs; then + myconf="${myconf} -lsrs_alt" + sed -i "s:# EXPERIMENTAL_SRS=yes:EXPERIMENTAL_SRS=yes:" Local/Makefile + fi + + if use domainkeys; then + myconf="${myconf} -ldomainkeys" + echo "EXPERIMENTAL_DOMAINKEYS=yes" >> Local/Makefile + mycflags="${mycflags} -DEXPERIMENTAL_DOMAINKEYS" + fi + + if use dovecot; then + sed -i "s:# AUTH_DOVECOT=yes:AUTH_DOVECOT=yes:" Local/Makefile + fi + + cd Local + # enable optional exim_monitor support via X use flag bug #46778 + if use X; then + einfo "Configuring eximon" + cp ../exim_monitor/EDITME eximon.conf + sed -i "s:# EXIM_MONITOR=eximon.bin:EXIM_MONITOR=eximon.bin:" Makefile + fi + #These next two should resolve 37964 + if use perl; then + sed -i "s:# EXIM_PERL=perl.o:EXIM_PERL=perl.o:" Makefile + fi + # mbox useflag renamed, see bug 110741 + if use mbx; then + sed -i "s:# SUPPORT_MBX=yes:SUPPORT_MBX=yes:" Makefile + fi + if use pam; then + sed -i "s:# \(SUPPORT_PAM=yes\):\1:" Makefile + myconf="${myconf} -lpam" + fi + if use sasl; then + sed -i "s:# CYRUS_SASLAUTHD_SOCKET=/var/state/saslauthd/mux:CYRUS_SASLAUTHD_SOCKET=/var/lib/sasl2/mux:" Makefile + sed -i "s:# AUTH_CYRUS_SASL=yes:AUTH_CYRUS_SASL=yes:" Makefile + myconf="${myconf} -lsasl2" + fi + if use tcpd; then + sed -i "s:# \(USE_TCP_WRAPPERS=yes\):\1:" Makefile + myconf="${myconf} -lwrap" + fi + if use lmtp; then + sed -i "s:# \(TRANSPORT_LMTP=yes\):\1:" Makefile + fi + if use ipv6; then + echo "HAVE_IPV6=YES" >> Makefile + #To fix bug 41196 + echo "IPV6_USE_INET_PTON=yes" >> Makefile + fi + + if [ -n "$myconf" ] ; then + echo "EXTRALIBS=${myconf} ${LDFLAGS}" >> Makefile + fi + + cd ${S} + if use ssl; then + sed -i \ + -e "s:# \(SUPPORT_TLS=yes\):\1:" Local/Makefile + if use gnutls; then + sed -i \ + -e "s:# \(USE_GNUTLS=yes\):\1:" \ + -e "s:# \(TLS_LIBS=-lgnutls -ltasn1 -lgcrypt\):\1:" Local/Makefile + else + sed -i \ + -e "s:# \(TLS_LIBS=-lssl -lcrypto\):\1:" Local/Makefile + fi + fi + + LOOKUP_INCLUDE= + LOOKUP_LIBS= + + if use ldap; then + sed -i \ + -e "s:# \(LOOKUP_LDAP=yes\):\1:" \ + -e "s:# \(LDAP_LIB_TYPE=OPENLDAP2\):\1:" Local/Makefile + LOOKUP_INCLUDE="-I/usr/include/ldap" + LOOKUP_LIBS="-L/usr/lib -lldap -llber" + fi + + if use mysql; then + sed -i "s:# LOOKUP_MYSQL=yes:LOOKUP_MYSQL=yes:" Local/Makefile + LOOKUP_INCLUDE="$LOOKUP_INCLUDE -I/usr/include/mysql" + LOOKUP_LIBS="$LOOKUP_LIBS -L/usr/lib -lmysqlclient" + fi + + if use postgres; then + sed -i "s:# LOOKUP_PGSQL=yes:LOOKUP_PGSQL=yes:" Local/Makefile + LOOKUP_INCLUDE="$LOOKUP_INCLUDE -I/usr/include/postgresql" + LOOKUP_LIBS="$LOOKUP_LIBS -lpq" + fi + if use sqlite; then + sed -i "s:# LOOKUP_SQLITE=yes: LOOKUP_SQLITE=yes:" Local/Makefile + LOOKUP_INCLUDE="$LOOKUP_INCLUDE -I/usr/include/sqlite" + LOOKUP_LIBS="$LOOKUP_LIBS -lsqlite3" + fi + if [ -n "$LOOKUP_INCLUDE" ]; then + sed -i "s:# LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include -I /usr/local/pgsql/include:LOOKUP_INCLUDE=$LOOKUP_INCLUDE:" \ + Local/Makefile + fi + + if [ -n "$LOOKUP_LIBS" ]; then + sed -i "s:# LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq -lgds -lsqlite3:LOOKUP_LIBS=$LOOKUP_LIBS:" \ + Local/Makefile + fi + + + cat Makefile | sed -e 's/^buildname=.*/buildname=exim-gentoo/g' > Makefile.gentoo && mv -f Makefile.gentoo Makefile + + sed -i "s:# LOOKUP_DSEARCH=yes:LOOKUP_DSEARCH=yes:" Local/Makefile + + if use dnsdb; then + sed -i "s:# LOOKUP_DNSDB=yes:LOOKUP_DNSDB=yes:" Local/Makefile + fi + sed -i "s:# LOOKUP_CDB=yes:LOOKUP_CDB=yes:" Local/Makefile + + if use nis; then + sed -i "s:# LOOKUP_NIS=yes:LOOKUP_NIS=yes:" Local/Makefile + sed -i "s:# LOOKUP_NISPLUS=yes:LOOKUP_NISPLUS=yes:" Local/Makefile + fi + if use syslog; then + sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Local/Makefile + fi +# Use the "native" interface to the DBM library + echo "USE_DB=yes" >> ${S}/Local/Makefile +} + +src_compile() { + make || die "make failed" +} + + +src_install () { + cd ${S}/build-exim-gentoo + exeinto /usr/sbin + doexe exim + if use X;then + doexe eximon.bin + doexe eximon + fi + fperms 4755 /usr/sbin/exim + + dodir /usr/bin /usr/sbin /usr/lib + dosym ../sbin/exim /usr/bin/mailq + dosym ../sbin/exim /usr/bin/newaliases + einfo "The Exim ebuild will no longer touch /usr/bin/mail, so as not to interfere with mailx/nail." + dosym exim /usr/sbin/rsmtp + dosym exim /usr/sbin/rmail + if \[ ! -e /usr/lib/sendmail \]; + then + dosym /usr/sbin/sendmail /usr/lib/sendmail + fi + + if use mailwrapper + then + insinto /etc/mail + doins ${FILESDIR}/mailer.conf + else + dosym exim /usr/sbin/sendmail + fi + + exeinto /usr/sbin + for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \ + exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \ + convert4r3 convert4r4 exipick + do + doexe $i + done + + dodoc ${S}/doc/* + doman ${S}/doc/exim.8 + + # conf files + insinto /etc/exim + newins ${S}/src/configure.default.orig exim.conf.dist + if use exiscan-acl; then + newins ${S}/src/configure.default exim.conf.exiscan-acl + fi + doins ${FILESDIR}/system_filter.exim + doins ${FILESDIR}/auth_conf.sub + if use exiscan; then + newins ${S}/src/configure.default exim.conf.exiscan + doins ${FILESDIR}/exiscan.conf + fi + + if use pam + then + # INSTALL a pam.d file for SMTP AUTH that works with gentoo's pam + insinto /etc/pam.d + newins ${FILESDIR}/pam.d-exim exim + fi + + exeinto /etc/init.d + newexe ${FILESDIR}/exim.rc6 exim + + insinto /etc/conf.d + newins ${FILESDIR}/exim.confd exim + + DIROPTIONS="--mode=0750 --owner=mail --group=mail" + dodir /var/log/${PN} +} + + +pkg_postinst() { + einfo "/etc/exim/system_filter.exim is a sample system_filter." + einfo "/etc/exim/auth_conf.sub contains the configuration sub for using smtp auth." + einfo "Please create /etc/exim/exim.conf from /etc/exim/exim.conf.dist." + + if ! use mailwrapper && [[ -e /etc/mailer.conf ]] + then + einfo + einfo "Since you emerged $PN without mailwrapper in USE," + einfo "you probably want to 'emerge -C mailwrapper' now." + einfo + fi +} diff --git a/mail-mta/exim/files/auth_conf.sub b/mail-mta/exim/files/auth_conf.sub new file mode 100644 index 00000000..fb744a5a --- /dev/null +++ b/mail-mta/exim/files/auth_conf.sub @@ -0,0 +1,25 @@ +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +# If you're using PAM to authenticate, lifes real simple. +# This plain directive works for nearly everything except windows MUA's the +# login directive will allow you to authenticate your Outlook 2000 and +# outlook express clients. + + + +plain: + driver = plaintext + public_name = PLAIN + server_condition = "${if pam{$2:$3}{1}{0}}" + server_set_id = $2 + +login: + driver = plaintext + public_name = LOGIN + server_prompts = "Username:: : Password::" + server_condition = "${if pam{$1:$2}{1}{0}}" + server_set_id = $1 + +# FIXME +# Need to add authenticator for SPA!! diff --git a/mail-mta/exim/files/configure b/mail-mta/exim/files/configure new file mode 100644 index 00000000..740da7fc --- /dev/null +++ b/mail-mta/exim/files/configure @@ -0,0 +1,419 @@ +###################################################################### +# Runtime configuration file for Exim # +###################################################################### + + +# This is a default configuration file which will operate correctly in +# uncomplicated installations. Please see the manual for a complete list +# of all the runtime configuration options that can be included in a +# configuration file. There are many more than are mentioned here. The +# manual is in the file doc/spec.txt in the Exim distribution as a plain +# ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available +# from the Exim ftp sites. The manual is also online via the Exim web sites. + + +# This file is divided into several parts, all but the last of which are +# terminated by a line containing the word "end". The parts must appear +# in the correct order, and all must be present (even if some of them are +# in fact empty). Blank lines, and lines starting with # are ignored. + + +############ IMPORTANT ########## IMPORTANT ########### IMPORTANT ############ +# # +# Whenever you change Exim's configuration file, you *must* remember to HUP # +# the Exim daemon, because it will not pick up the new configuration until # +# until you do this. It is usually a good idea to test a new configuration # +# for syntactic correctness (e.g. using "exim -C /config/file -bV") first. # +# # +############ IMPORTANT ########## IMPORTANT ########### IMPORTANT ############ + + + +###################################################################### +# MAIN CONFIGURATION SETTINGS # +###################################################################### + +# Specify your host's canonical name here. This should normally be the fully +# qualified "official" name of your host. If this option is not set, the +# uname() function is called to obtain the name. + +# primary_hostname = + + +# Specify the domain you want to be added to all unqualified addresses +# here. An unqualified address is one that does not contain an "@" character +# followed by a domain. For example, "caesar@rome.ex" is a fully qualified +# address, but the string "caesar" (i.e. just a login name) is an unqualified +# email address. Unqualified addresses are accepted only from local callers by +# default. See the receiver_unqualified_{hosts,nets} options if you want +# to permit unqualified addresses from remote sources. If this option is +# not set, the primary_hostname value is used for qualification. + +# qualify_domain = + + +# If you want unqualified recipient addresses to be qualified with a different +# domain to unqualified sender addresses, specify the recipient domain here. +# If this option is not set, the qualify_domain value is used. + +# qualify_recipient = + + +# Specify your local domains as a colon-separated list here. If this option +# is not set (i.e. not mentioned in the configuration file), the +# qualify_recipient value is used as the only local domain. If you do not want +# to do any local deliveries, uncomment the following line, but do not supply +# any data for it. This sets local_domains to an empty string, which is not +# the same as not mentioning it at all. An empty string specifies that there +# are no local domains; not setting it at all causes the default value (the +# setting of qualify_recipient) to be used. + +# local_domains = + + +# If you want to accept mail addressed to your host's literal IP address, for +# example, mail addressed to "user@[111.111.111.111]", then uncomment the +# following line, or supply the literal domain(s) as part of "local_domains" +# above. You also need to comment "forbid_domain_literals" below. This is not +# recommended for today's Internet. + +# local_domains_include_host_literals + + +# The following line prevents Exim from recognizing addresses of the form +# "user@[111.111.111.111]" that is, with a "domain literal" (an IP address) +# instead of a named domain. The RFCs still require this form, but it makes +# little sense to permit mail to be sent to specific hosts by their IP address +# in the modern Internet, and this ancient format has been used by those +# seeking to abuse hosts by using them for unwanted relaying. If you really +# do want to support domain literals, remove the following line, and see +# also the "domain_literal" router below. + +forbid_domain_literals + + +# No local deliveries will ever be run under the uids of these users (a colon- +# separated list). An attempt to do so gets changed so that it runs under the +# uid of "nobody" instead. This is a paranoic safety catch. Note the default +# setting means you cannot deliver mail addressed to root as if it were a +# normal user. This isn't usually a problem, as most sites have an alias for +# root that redirects such mail to a human administrator. + +never_users = root + + +# The use of your host as a mail relay by any host, including the local host +# calling its own SMTP port, is locked out by default. If you want to permit +# relaying from the local host, you should set +# +# host_accept_relay = localhost +# +# If you want to permit relaying through your host from certain hosts or IP +# networks, you need to set the option appropriately, for example +# +# host_accept_relay = my.friends.host : 192.168.0.0/16 +# +# If you are an MX backup or gateway of some kind for some domains, you must +# set relay_domains to match those domains. This will allow any host to +# relay through your host to those domains. +# +# relay_domains = +# +# See the section of the manual entitled "Control of relaying" for more +# information. + + +# The setting below causes Exim to do a reverse DNS lookup on all incoming +# IP calls, in order to get the true host name. If you feel this is too +# expensive, you can specify the networks for which a lookup is done, or +# remove the setting entirely. + +host_lookup = * + + +# By default, Exim expects all envelope addresses to be fully qualified, that +# is, they must contain both a local part and a domain. If you want to accept +# unqualified addresses (just a local part) from certain hosts, you can specify +# these hosts by setting one or both of +# +# receiver_unqualified_hosts = +# sender_unqualified_hosts = +# +# to control sender and receiver addresses, respectively. When this is done, +# unqualified addresses are qualified using the settings of qualify_domain +# and/or qualify_recipient (see above). + + +# By default, Exim does not make any checks, other than syntactic ones, on +# incoming addresses during the SMTP dialogue. This reduces delays in SMTP +# transactions, but it does mean that you might accept messages with unknown +# recipients, and/or bad senders. + +# Uncomment this line if you want incoming recipient addresses to be verified +# during the SMTP dialogue. Unknown recipients are then rejected at this stage, +# and the generation of a failure message is the job of the sending host. + +# receiver_verify + +# Uncomment this line if you want incoming sender addresses (return-paths) to +# be verified during the SMTP dialogue. Verification can normally only check +# that the domain exists. + +# sender_verify + + +# Exim contains support for the Realtime Blocking List (RBL) that is being +# maintained as part of the DNS. See http://maps.vix.com/rbl/ for background. +# Uncommenting the first line below will make Exim reject mail from any +# host whose IP address is blacklisted in the RBL at maps.vix.com. Some +# others have followed the RBL lead and have produced other lists: DUL is +# a list of dial-up addresses, and ORBS is a list of open relay systems. The +# second line below checks all three lists. + +# rbl_domains = rbl.maps.vix.com +# rbl_domains = rbl.maps.vix.com:dul.maps.vix.com:relays.orbs.org + + +# If you want Exim to support the "percent hack" for all your local domains, +# uncomment the following line. This is the feature by which mail addressed +# to x%y@z (where z is one of your local domains) is locally rerouted to +# x@y and sent on. Otherwise x%y is treated as an ordinary local part. + +# percent_hack_domains = * + + +# When Exim can neither deliver a message nor return it to sender, it "freezes" +# the delivery error message (aka "bounce message"). There are also other +# circumstances in which messages get frozen. They will stay on the queue for +# ever unless one of the following options is set. + +# This option unfreezes unfreezes bounce messages after two days, tries +# once more to deliver them, and ignores any delivery failures. + +ignore_errmsg_errors_after = 2d + +# This option cancels (removes) frozen messages that are older than a week. + +timeout_frozen_after = 7d + +end + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +# ORDER DOES NOT MATTER # +# Only one appropriate transport is called for each delivery. # +###################################################################### + +# A transport is used only when referenced from a director or a router that +# successfully handles an address. + + +# This transport is used for delivering messages over SMTP connections. + +remote_smtp: + driver = smtp + + +# This transport is used for local delivery to user mailboxes in traditional +# BSD mailbox format. By default it will be run under the uid and gid of the +# local user, and requires the sticky bit to be set on the /var/mail directory. +# Some systems use the alternative approach of running mail deliveries under a +# particular group instead of using the sticky bit. The commented options below +# show how this can be done. + +local_delivery: + driver = appendfile +# file = /var/mail/$local_part + directory = $home/.maildir + maildir_format + delivery_date_add + envelope_to_add + return_path_add +# group = mail +# mode = 0660 + + +# This transport is used for handling pipe deliveries generated by alias +# or .forward files. If the pipe generates any standard output, it is returned +# to the sender of the message as a delivery error. Set return_fail_output +# instead of return_output if you want this to happen only when the pipe fails +# to complete normally. You can set different transports for aliases and +# forwards if you want to - see the references to address_pipe in the directors +# section below. + +address_pipe: + driver = pipe + return_output + + +# This transport is used for handling deliveries directly to files that are +# generated by aliasing or forwarding. + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + + +# This transport is used for handling autoreplies generated by the filtering +# option of the forwardfile director. + +address_reply: + driver = autoreply + + +end + + + +###################################################################### +# DIRECTORS CONFIGURATION # +# Specifies how local addresses are handled # +###################################################################### +# ORDER DOES MATTER # +# A local address is passed to each in turn until it is accepted. # +###################################################################### + +# Local addresses are those with a domain that matches some item in the +# "local_domains" setting above, or those which are passed back from the +# routers because of a "self=local" setting (not used in this configuration). + + +# This director handles aliasing using a traditional /etc/aliases file. +# If any of your aliases expand to pipes or files, you will need to set +# up a user and a group for these deliveries to run under. You can do +# this by uncommenting the "user" option below (changing the user name +# as appropriate) and adding a "group" option if necessary. Alternatively, you +# can specify "user" on the transports that are used. Note that those +# listed below are the same as are used for .forward files; you might want +# to set up different ones for pipe and file deliveries from aliases. + +system_aliases: + driver = aliasfile + file = /etc/mail/aliases + search_type = lsearch +# user = exim + file_transport = address_file + pipe_transport = address_pipe + + +# This director handles forwarding using traditional .forward files. +# If you want it also to allow mail filtering when a forward file +# starts with the string "# Exim filter", uncomment the "filter" option. + +# The no_verify setting means that this director will be skipped when +# verifying addresses if sender_verify or receiver_verify is set (though +# they are not set by default). Similarly, no_expn means that this director +# will be skipped if smtp_expn_hosts is set to allow any hosts to use the +# EXPN command. + +# The check_ancestor option means that if the forward file generates an +# address that is an ancestor of the current one, the current one gets +# passed on instead. This covers the case where A is aliased to B and B +# has a .forward file pointing to A. + +# The three transports specified at the end are those that are used when +# forwarding generates a direct delivery to a file, or to a pipe, or sets +# up an auto-reply, respectively. + +userforward: + driver = forwardfile + file = .forward + no_verify + no_expn + check_ancestor +# filter + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + + +# This director matches local user mailboxes. + +localuser: + driver = localuser + transport = local_delivery + + +end + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how remote addresses are handled # +###################################################################### +# ORDER DOES MATTER # +# A remote address is passed to each in turn until it is accepted. # +###################################################################### + +# Remote addresses are those with a domain that does not match any item +# in the "local_domains" setting above. + + +# This router routes to remote hosts over SMTP using a DNS lookup with +# default options. + +lookuphost: + driver = lookuphost + transport = remote_smtp + + +# This router routes to remote hosts over SMTP by explicit IP address, +# when an email address is given in "domain literal" form, for example, +# <user@[192.168.35.64]>. The RFCs require this facility. However, it is +# little-known these days, and has been exploited by evil people seeking +# to abuse SMTP relays. Consequently it is commented out in the default +# configuration. If you uncomment this router, you also need to comment out +# "forbid_domain_literals" above, so that Exim can recognize the syntax of +# domain literal addresses. + +# domain_literal: +# driver = ipliteral +# transport = remote_smtp + + +end + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### + +# This single retry rule applies to all domains and all errors. It specifies +# retries every 15 minutes for 2 hours, then increasing retry intervals, +# starting at 1 hour and increasing each time by a factor of 1.5, up to 16 +# hours, then retries every 8 hours until 4 days have passed since the first +# failed delivery. + +# Domain Error Retries +# ------ ----- ------- + +* * F,2h,15m; G,16h,1h,1.5; F,4d,8h + +end + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### + +# There are no rewriting specifications in this default configuration file. + +end + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### + +# There are no authenticator specifications in this default configuration file. + +# End of Exim configuration file diff --git a/mail-mta/exim/files/digest-exim-4.63 b/mail-mta/exim/files/digest-exim-4.63 new file mode 100644 index 00000000..e8cb3dea --- /dev/null +++ b/mail-mta/exim/files/digest-exim-4.63 @@ -0,0 +1,6 @@ +MD5 dde2d5f7106d51607409af94174db46c exim-4.63.tar.bz2 1586169 +RMD160 43ff82bad9e097da670d6b5c77e672b3edc3945b exim-4.63.tar.bz2 1586169 +SHA256 b7d64eff366de656a7f992991e354d9be3ab067a94defe2136937f3159da94d7 exim-4.63.tar.bz2 1586169 +MD5 eb249c90af3ab11e5a4d307e184a75ac exiscan.conf 22113 +RMD160 e52b77f656b3ba2105e833075d1368f41e414d64 exiscan.conf 22113 +SHA256 f8cc731d3225a902461e05c0997df23bfd231ea8d5bf33a9aba5783bc6e0c964 exiscan.conf 22113 diff --git a/mail-mta/exim/files/exim-4.10-gentoo.diff b/mail-mta/exim/files/exim-4.10-gentoo.diff new file mode 100644 index 00000000..6be61235 --- /dev/null +++ b/mail-mta/exim/files/exim-4.10-gentoo.diff @@ -0,0 +1,65 @@ +*** exim-4.10/src/daemon.c Mon Jul 22 09:59:48 2002 +- --- daemon.c Wed Dec 4 10:52:04 2002 +*************** +*** 960,991 **** + (b) When -bd is used and -oX is not used, or + (c) When -oP is used to supply a path. + +! The variable daemon_write_pid is used to control this. + +- - Note re use of sprintf: spool_directory and pid_file_path are checked on +- - input to be < 200 characters. */ +- - + if (running_in_test_harness || daemon_write_pid) + { + FILE *f; +- - uschar buff[256]; +- - + if (pid_file_path[0] == 0) +! sprintf(CS buff, "%s/exim-daemon.pid", spool_directory); +! else +! sprintf(CS buff, CS pid_file_path, ""); /* Backward compatibility */ + +! f = Ufopen(buff, "wb"); + if (f != NULL) + { + fprintf(f, "%d\n", (int)getpid()); + fchmod(fileno(f), 0644); + fclose(f); +! DEBUG(D_any) debug_printf("pid written to %s\n", buff); + } + else + DEBUG(D_any) +! debug_printf("%s\n", string_open_failed(errno, "pid file %s", buff)); + } + + /* Set up the handler for SIGHUP, which causes a restart of the daemon. */ +- --- 960,987 ---- + (b) When -bd is used and -oX is not used, or + (c) When -oP is used to supply a path. + +! The variable daemon_write_pid is used to control this. */ + + if (running_in_test_harness || daemon_write_pid) + { + FILE *f; + if (pid_file_path[0] == 0) +! pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory); + +! f = Ufopen(pid_file_path, "wb"); + if (f != NULL) + { + fprintf(f, "%d\n", (int)getpid()); + fchmod(fileno(f), 0644); + fclose(f); +! DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path); + } + else ++ { + DEBUG(D_any) +! debug_printf("%s\n", string_open_failed(errno, "pid file %s", +! pid_file_path)); +! } + } + + /* Set up the handler for SIGHUP, which causes a restart of the daemon. */ diff --git a/mail-mta/exim/files/exim-4.30-conf.patch b/mail-mta/exim/files/exim-4.30-conf.patch new file mode 100644 index 00000000..5d154b96 --- /dev/null +++ b/mail-mta/exim/files/exim-4.30-conf.patch @@ -0,0 +1,19 @@ +--- src/configure.default.orig 2004-03-29 22:48:24.000000000 +0100 ++++ src/configure.default.orig.patch-01 2004-03-29 22:57:10.000000000 +0100 +@@ -41,6 +41,16 @@ + # MAIN CONFIGURATION SETTINGS # + ###################################################################### + ++# This Sets up the default log location to syslog, specifically to the "mail" ++# Facility. Please note that you may want to change this, as other mail, ++# relatively noisy mail programs also log to the mail facility (eg. courier) ++ ++# Note: ++# If exim cannot log to syslog it will try to log to, /var/log/exim/exim_%s.log ++log_file_path=syslog ++ ++ ++ + # Specify your host's canonical name here. This should normally be the fully + # qualified "official" name of your host. If this option is not set, the + # uname() function is called to obtain the name. In many cases this does diff --git a/mail-mta/exim/files/exim-4.50-srs_update-1.0.patch b/mail-mta/exim/files/exim-4.50-srs_update-1.0.patch new file mode 100644 index 00000000..055686f4 --- /dev/null +++ b/mail-mta/exim/files/exim-4.50-srs_update-1.0.patch @@ -0,0 +1,527 @@ +diff -Naur exim-4.50/src/deliver.c exim-4.50-patched/src/deliver.c +--- exim-4.50/src/deliver.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/deliver.c 2005-04-01 21:03:14.000000000 +0100 +@@ -859,6 +859,11 @@ + + if ((log_extra_selector & LX_sender_on_delivery) != 0) + s = string_append(s, &size, &ptr, 3, US" F=<", sender_address, US">"); ++ ++ #ifdef EXPERIMENTAL_SRS ++ if(addr->p.srs_sender) ++ s = string_append(s, &size, &ptr, 3, US" SRS=<", addr->p.srs_sender, US">"); ++ #endif + + /* You might think that the return path must always be set for a successful + delivery; indeed, I did for some time, until this statement crashed. The case +@@ -1516,8 +1521,14 @@ + /* Set up the return path from the errors or sender address. If the transport + has its own return path setting, expand it and replace the existing value. */ + +-return_path = (addr->p.errors_address != NULL)? +- addr->p.errors_address : sender_address; ++if(addr->p.errors_address != NULL) ++ return_path = addr->p.errors_address; ++#ifdef EXPERIMENTAL_SRS ++else if(addr->p.srs_sender != NULL) ++ return_path = addr->p.srs_sender; ++#endif ++else ++ return_path = sender_address; + + if (tp->return_path != NULL) + { +@@ -3505,8 +3516,14 @@ + /* Compute the return path, expanding a new one if required. The old one + must be set first, as it might be referred to in the expansion. */ + +- return_path = (addr->p.errors_address != NULL)? +- addr->p.errors_address : sender_address; ++ if(addr->p.errors_address != NULL) ++ return_path = addr->p.errors_address; ++#ifdef EXPERIMENTAL_SRS ++ else if(addr->p.srs_sender != NULL) ++ return_path = addr->p.srs_sender; ++#endif ++ else ++ return_path = sender_address; + + if (tp->return_path != NULL) + { +diff -Naur exim-4.50/src/globals.c exim-4.50-patched/src/globals.c +--- exim-4.50/src/globals.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/globals.c 2005-04-01 19:03:23.000000000 +0100 +@@ -279,6 +279,9 @@ + NULL, /* errors_address */ + NULL, /* extra_headers */ + NULL, /* remove_headers */ ++#ifdef EXPERIMENTAL_SRS ++ NULL, /* srs_sender */ ++#endif + } + }; + +@@ -1031,10 +1034,16 @@ + uschar *srs_config = NULL; + uschar *srs_db_address = NULL; + uschar *srs_db_key = NULL; ++int srs_hashlength = 6; ++int srs_hashmin = -1; ++int srs_maxage = 31; + uschar *srs_orig_recipient = NULL; + uschar *srs_orig_sender = NULL; + uschar *srs_recipient = NULL; ++uschar *srs_secrets = NULL; + uschar *srs_status = NULL; ++BOOL srs_usehash = TRUE; ++BOOL srs_usetimestamp = TRUE; + #endif + int string_datestamp_offset= -1; + BOOL strip_excess_angle_brackets = FALSE; +diff -Naur exim-4.50/src/globals.h exim-4.50-patched/src/globals.h +--- exim-4.50/src/globals.h 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/globals.h 2005-04-01 18:55:30.000000000 +0100 +@@ -634,10 +634,16 @@ + extern uschar *srs_config; /* SRS config secret:max age:hash length:use timestamp:use hash */ + extern uschar *srs_db_address; /* SRS db address */ + extern uschar *srs_db_key; /* SRS db key */ ++extern int srs_hashlength; /* SRS hash length */ ++extern int srs_hashmin; /* SRS minimum hash length */ ++extern int srs_maxage; /* SRS max age */ + extern uschar *srs_orig_sender; /* SRS original sender */ + extern uschar *srs_orig_recipient; /* SRS original recipient */ + extern uschar *srs_recipient; /* SRS recipient */ ++extern uschar *srs_secrets; /* SRS secrets list */ + extern uschar *srs_status; /* SRS staus */ ++extern BOOL srs_usehash; /* SRS use hash flag */ ++extern BOOL srs_usetimestamp; /* SRS use timestamp flag */ + #endif + extern int string_datestamp_offset;/* After insertion by string_format */ + extern BOOL strip_excess_angle_brackets; /* Surrounding route-addrs */ +diff -Naur exim-4.50/src/readconf.c exim-4.50-patched/src/readconf.c +--- exim-4.50/src/readconf.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/readconf.c 2005-04-01 18:56:06.000000000 +0100 +@@ -334,6 +334,12 @@ + { "spool_directory", opt_stringptr, &spool_directory }, + #ifdef EXPERIMENTAL_SRS + { "srs_config", opt_stringptr, &srs_config }, ++ { "srs_hashlength", opt_int, &srs_hashlength }, ++ { "srs_hashmin", opt_int, &srs_hashmin }, ++ { "srs_maxage", opt_int, &srs_maxage }, ++ { "srs_secrets", opt_stringptr, &srs_secrets }, ++ { "srs_usehash", opt_bool, &srs_usehash }, ++ { "srs_usetimestamp", opt_bool, &srs_usetimestamp }, + #endif + { "strip_excess_angle_brackets", opt_bool, &strip_excess_angle_brackets }, + { "strip_trailing_dot", opt_bool, &strip_trailing_dot }, +diff -Naur exim-4.50/src/routers/redirect.c exim-4.50-patched/src/routers/redirect.c +--- exim-4.50/src/routers/redirect.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/routers/redirect.c 2005-04-02 01:31:32.000000000 +0100 +@@ -108,8 +108,10 @@ + (void *)offsetof(redirect_router_options_block, srs_alias) }, + { "srs_condition", opt_stringptr, + (void *)offsetof(redirect_router_options_block, srs_condition) }, +- { "srs_db", opt_stringptr, +- (void *)offsetof(redirect_router_options_block, srs_db) }, ++ { "srs_dbinsert", opt_stringptr, ++ (void *)offsetof(redirect_router_options_block, srs_dbinsert) }, ++ { "srs_dbselect", opt_stringptr, ++ (void *)offsetof(redirect_router_options_block, srs_dbselect) }, + #endif + { "syntax_errors_text", opt_stringptr, + (void *)offsetof(redirect_router_options_block, syntax_errors_text) }, +@@ -146,9 +148,10 @@ + NULL, /* owngroups */ + #ifdef EXPERIMENTAL_SRS + NULL, /* srs */ +- NULL, /* srs_condition */ +- NULL, /* srs_db */ + NULL, /* srs_alias */ ++ NULL, /* srs_condition */ ++ NULL, /* srs_dbinsert */ ++ NULL, /* srs_dbselect */ + #endif + 022, /* modemask */ + RDO_REWRITE, /* bit_options */ +@@ -517,6 +520,10 @@ + addr_prop.extra_headers = NULL; + addr_prop.remove_headers = NULL; + ++#ifdef EXPERIMENTAL_SRS ++addr_prop.srs_sender = NULL; ++#endif ++ + /* When verifying and testing addresses, the "logwrite" command in filters + must be bypassed. */ + +@@ -543,8 +550,8 @@ + } + + #ifdef EXPERIMENTAL_SRS +- /* For reverse SRS, fill the srs_recipient expandsion variable, +- on failure, return decline/fail as relevant */ ++ /* Perform SRS on recipient/return-path as required */ ++ + if(ob->srs != NULL) + { + BOOL usesrs = TRUE; +@@ -553,22 +560,78 @@ + usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL); + + if(usesrs) +- if(Ustrcmp(ob->srs, "reverse") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) ++ { ++ int srs_action, n_srs; ++ uschar *res; ++ uschar *usedomain; ++ ++ /* What are we doing? */ ++ if(Ustrcmp(ob->srs, "forward") == 0) ++ srs_action = 1; ++ else if(Ustrcmp(ob->srs, "reverseandforward") == 0) + { +- uschar *res; +- int n_srs; ++ srs_action = 3; + ++ if((ob->srs_dbinsert == NULL) ^ (ob->srs_dbselect == NULL)) ++ return DEFER; ++ } ++ else if(Ustrcmp(ob->srs, "reverse") == 0) ++ srs_action = 2; ++ ++ /* Reverse SRS */ ++ if(srs_action & 2) ++ { + srs_orig_recipient = addr->address; ++ + eximsrs_init(); +- if(ob->srs_db) +- eximsrs_db_set(TRUE, ob->srs_db); +- if((n_srs = eximsrs_reverse(&res, addr->address)) != OK) ++ if(ob->srs_dbselect) ++ eximsrs_db_set(TRUE, ob->srs_dbselect); ++// Comment this out for now... ++// else ++// eximsrs_db_set(TRUE, NULL); ++ ++ if((n_srs = eximsrs_reverse(&res, addr->address)) == OK) ++ { ++ srs_recipient = res; ++ DEBUG(D_any) ++ debug_printf("SRS (reverse): Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient); ++ } ++ ++ eximsrs_done(); ++ ++ if(n_srs != OK) + return n_srs; +- srs_recipient = res; ++ } ++ ++ /* Forward SRS */ ++ /* No point in actually performing SRS if we are just verifying a recipient */ ++ if((srs_action & 1) && !verify && (sender_address ? sender_address[0] != 0 : FALSE)) ++ { ++ ++ srs_orig_sender = sender_address; ++ eximsrs_init(); ++ if(ob->srs_dbinsert) ++ eximsrs_db_set(FALSE, ob->srs_dbinsert); ++// Comment this out for now... ++// else ++// eximsrs_db_set(FALSE, NULL); ++ ++ if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1) ++ usedomain = deliver_domain; ++ ++ if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) == OK) ++ { ++ addr_prop.srs_sender = res; ++ DEBUG(D_any) ++ debug_printf("SRS (forward): Sender '%s' rewritten to '%s'\n", srs_orig_sender, res); ++ } ++ + eximsrs_done(); +- DEBUG(D_any) +- debug_printf("SRS: Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient); ++ ++ if(n_srs != OK) ++ return n_srs; + } ++ } + } + #endif + +@@ -795,39 +858,6 @@ + (addr_prop.errors_address != NULL)? "\n" : ""); + } + +-#ifdef EXPERIMENTAL_SRS +- /* On successful redirection, check for SRS forwarding and adjust sender */ +- if(ob->srs != NULL) +- { +- BOOL usesrs = TRUE; +- +- if(ob->srs_condition != NULL) +- usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL); +- +- if(usesrs) +- if((Ustrcmp(ob->srs, "forward") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) && !verify) +- { +- uschar *res; +- uschar *usedomain; +- int n_srs; +- +- srs_orig_sender = sender_address; +- eximsrs_init(); +- if(ob->srs_db) +- eximsrs_db_set(FALSE, ob->srs_db); +- +- if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1) +- usedomain = deliver_domain; +- +- if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) != OK) +- return n_srs; +- sender_address = res; +- DEBUG(D_any) +- debug_printf("SRS: Sender '%s' rewritten to '%s'\n", srs_orig_sender, sender_address); +- } +- } +-#endif +- + /* Control gets here only when the address has been completely handled. Put the + original address onto the succeed queue so that any retry items that get + attached to it get processed. */ +diff -Naur exim-4.50/src/routers/redirect.h exim-4.50-patched/src/routers/redirect.h +--- exim-4.50/src/routers/redirect.h 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/routers/redirect.h 2005-04-02 01:22:45.000000000 +0100 +@@ -35,9 +35,10 @@ + + #ifdef EXPERIMENTAL_SRS + uschar *srs; +- uschar *srs_condition; +- uschar *srs_db; + uschar *srs_alias; ++ uschar *srs_condition; ++ uschar *srs_dbinsert; ++ uschar *srs_dbselect; + #endif + + int modemask; +diff -Naur exim-4.50/src/srs.c exim-4.50-patched/src/srs.c +--- exim-4.50/src/srs.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/srs.c 2005-04-01 22:33:39.000000000 +0100 +@@ -1,11 +1,12 @@ +-/* $Cambridge: exim/exim-src/src/srs.c,v 1.4 2005/02/17 11:58:26 ph10 Exp $ */ +- + /************************************************* + * Exim - an Internet mail transport agent * + *************************************************/ + + /* SRS - Sender rewriting scheme support +- ©2004 Miles Wilton <miles@mirtol.com> ++ (C)2004 Miles Wilton <miles@mirtol.com> ++ ++ SRS Support Version: 1.0 ++ + License: GPL */ + + #include "exim.h" +@@ -24,72 +25,88 @@ + + int eximsrs_init() + { +- int co; + uschar *list = srs_config; + char secret_buf[SRS_MAX_SECRET_LENGTH]; + char *secret; + char sbuf[4]; + char *sbufp; +- int hashlen, maxage; +- + ++ // Check if this instance of Exim has not initialized SRS + if(!srs) + { +- /* Check config */ +- if(!srs_config) ++ int co = 0; ++ int hashlen, maxage; ++ BOOL usetimestamp, usehash; ++ ++ /* Copy config vars */ ++ hashlen = srs_hashlength; ++ maxage = srs_maxage; ++ usetimestamp = srs_usetimestamp; ++ usehash = srs_usehash; ++ ++ /* Pass srs_config var (overrides new config vars) */ ++ co = 0; ++ if(srs_config) + { +- log_write(0, LOG_MAIN | LOG_PANIC, +- "SRS Configuration Error"); +- return DEFER; ++ secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH); ++ ++ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) ++ maxage = atoi(sbuf); ++ ++ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) ++ hashlen = atoi(sbuf); ++ ++ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) ++ usetimestamp = atoi(sbuf); ++ ++ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) ++ usehash = atoi(sbuf); + } ++ ++ if(srs_hashmin == -1) ++ srs_hashmin = hashlen; + +- /* Get config */ ++ /* First secret specified in secrets? */ + co = 0; +- if((secret = string_nextinlist(&list, &co, secret_buf, +- SRS_MAX_SECRET_LENGTH)) == NULL) ++ list = srs_secrets; ++ if(secret == NULL) + { +- log_write(0, LOG_MAIN | LOG_PANIC, +- "SRS Configuration Error: No secret specified"); +- return DEFER; ++ if((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) == NULL) ++ { ++ log_write(0, LOG_MAIN | LOG_PANIC, ++ "SRS Configuration Error: No secret specified"); ++ return DEFER; ++ } + } +- +- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) == NULL) +- maxage = 31; +- else +- maxage = atoi(sbuf); ++ ++ /* Check config */ + if(maxage < 0 || maxage > 365) + { + log_write(0, LOG_MAIN | LOG_PANIC, + "SRS Configuration Error: Invalid maximum timestamp age"); + return DEFER; + } +- +- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) == NULL) +- hashlen = 6; +- else +- hashlen = atoi(sbuf); +- if(hashlen < 1 || hashlen > 20) ++ if(hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20) + { + log_write(0, LOG_MAIN | LOG_PANIC, + "SRS Configuration Error: Invalid hash length"); + return DEFER; + } + +- + if((srs = srs_open(secret, strnlen(secret, SRS_MAX_SECRET_LENGTH), +- maxage, hashlen, hashlen)) == NULL) ++ maxage, hashlen, srs_hashmin)) == NULL) + { + log_write(0, LOG_MAIN | LOG_PANIC, + "Failed to allocate SRS memory"); + return DEFER; + } + ++ srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp); ++ srs_set_option(srs, SRS_OPTION_USEHASH, usehash); + +- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) +- srs_set_option(srs, SRS_OPTION_USETIMESTAMP, atoi(sbuf)); +- +- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL) +- srs_set_option(srs, SRS_OPTION_USEHASH, atoi(sbuf)); ++ /* Extra secrets? */ ++ while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) != NULL) ++ srs_add_secret(srs, secret, strnlen(secret, SRS_MAX_SECRET_LENGTH)); + + DEBUG(D_any) + debug_printf("SRS initialized\n"); +@@ -151,11 +168,12 @@ + int eximsrs_db_set(BOOL reverse, uschar *srs_db) + { + if(reverse) +- srs_db_reverse = string_copy(srs_db); ++ srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db)); + else +- srs_db_forward = string_copy(srs_db); ++ srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db)); + +- if(srs_set_db_functions(srs, eximsrs_db_insert, eximsrs_db_lookup) * SRS_RESULT_FAIL) ++ if(srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL), ++ (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL) + return DEFER; + + return OK; +@@ -167,9 +185,12 @@ + uschar *res; + char buf[64]; + ++ if(!srs_db_forward) ++ return SRS_RESULT_DBERROR; ++ + srs_db_address = string_copyn(data, data_len); + if(srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL) +- return DEFER; ++ return SRS_RESULT_DBERROR; + + srs_db_key = string_copyn(buf, 16); + +@@ -188,6 +209,9 @@ + srs_result eximsrs_db_lookup(srs_t *srs, char *data, uint data_len, char *result, uint result_len) + { + uschar *res; ++ ++ if(!srs_db_reverse) ++ return SRS_RESULT_DBERROR; + + srs_db_key = string_copyn(data, data_len); + if((res = expand_string(srs_db_reverse)) == NULL) +diff -Naur exim-4.50/src/structs.h exim-4.50-patched/src/structs.h +--- exim-4.50/src/structs.h 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/structs.h 2005-04-01 18:55:45.000000000 +0100 +@@ -469,6 +469,10 @@ + uschar *errors_address; /* where to send errors (NULL => sender) */ + header_line *extra_headers; /* additional headers */ + uschar *remove_headers; /* list of those to remove */ ++ ++ #ifdef EXPERIMENTAL_SRS ++ uschar *srs_sender; /* Change return path when delivering */ ++ #endif + } address_item_propagated; + + /* Bits for the flags field below */ +@@ -551,7 +555,7 @@ + uschar *cipher; /* Cipher used for transport */ + uschar *peerdn; /* DN of server's certificate */ + #endif +- ++ + uid_t uid; /* uid for transporting */ + gid_t gid; /* gid for transporting */ + +diff -Naur exim-4.50/src/verify.c exim-4.50-patched/src/verify.c +--- exim-4.50/src/verify.c 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50-patched/src/verify.c 2005-04-01 22:34:52.000000000 +0100 +@@ -1228,6 +1228,10 @@ + addr_list = addr->next; + + fprintf(f, "%s", CS addr->address); ++#ifdef EXPERIMENTAL_SRS ++ if(addr->p.srs_sender) ++ fprintf(f, " [srs = %s]", addr->p.srs_sender); ++#endif + while (p != NULL) + { + fprintf(f, "\n <-- %s", p->address); diff --git a/mail-mta/exim/files/exim.confd b/mail-mta/exim/files/exim.confd new file mode 100644 index 00000000..a3974d33 --- /dev/null +++ b/mail-mta/exim/files/exim.confd @@ -0,0 +1,2 @@ +# Command-line options for running exim +EXIM_OPTS="-bd -q15m" diff --git a/mail-mta/exim/files/exim.rc6 b/mail-mta/exim/files/exim.rc6 new file mode 100644 index 00000000..c5172a7f --- /dev/null +++ b/mail-mta/exim/files/exim.rc6 @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/exim/files/exim.rc6,v 1.5 2005/03/03 22:24:59 peitolm Exp $ + +depend() { + need logger net + use antivirus + provide mta +} + +start() { + ebegin "Starting exim" + start-stop-daemon --start --quiet --exec /usr/sbin/exim --pidfile /var/run/exim.pid -- ${EXIM_OPTS:--bd -q15m} + eend $? +} + +stop() { + ebegin "Stopping exim" + start-stop-daemon --stop --quiet --pidfile /var/run/exim.pid --name exim + eend $? +} diff --git a/mail-mta/exim/files/exim_463_dsn_1_3.patch b/mail-mta/exim/files/exim_463_dsn_1_3.patch new file mode 100644 index 00000000..9a89e9af --- /dev/null +++ b/mail-mta/exim/files/exim_463_dsn_1_3.patch @@ -0,0 +1,1167 @@ +diff -urN exim-4.63-orig/README.DSN exim-4.63-dsn/README.DSN +--- exim-4.63-orig/README.DSN 1970-01-01 01:00:00.000000000 +0100 ++++ exim-4.63-dsn/README.DSN 2006-09-12 11:47:24.000000000 +0100 +@@ -0,0 +1,104 @@ ++Exim DSN Patch (4.60) ++--------------------- ++ ++This patch is free software; you can redistribute it and/or modify ++it under the terms of the GNU General Public License as published by ++the Free Software Foundation; either version 2 of the License, or ++(at your option) any later version. ++ ++This patch is distributed in the hope that it will be useful, ++but WITHOUT ANY WARRANTY; without even the implied warranty of ++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++GNU General Public License for more details. ++ ++You should have received a copy of the GNU General Public License ++along with this patch; if not, write to the Free Software ++Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111 USA. ++ ++Install ++------- ++cd into the source tree for a vanilla exim ++ ++patch -p1 </path/to/patch/file.patch ++ ++Example :- ++[root@linuxbuild exim-4.60-test]# patch -p1 <../exim.dsn.patch.460 ++ ++Expected Output :- ++patching file README.DSN ++patching file src/config.h.defaults ++patching file src/deliver.c ++patching file src/exim.c ++patching file src/exim.h ++patching file src/globals.c ++patching file src/globals.h ++patching file src/local_scan.h ++patching file src/macros.h ++patching file src/readconf.c ++patching file src/route.c ++patching file src/smtp_in.c ++patching file src/spool_in.c ++patching file src/spool_out.c ++patching file src/structs.h ++patching file src/transport.c ++patching file src/transports/smtp.c ++ ++ ++This patch can be included / excluded from the compilation by use of the #define SUPPORT_DSN ++which gets added into src/config.h.defaults & src/EDITME by the patch. ++ ++Use ++--- ++ ++The facility (once compiled in) can be turned on for a particular router via the ++dsn_process directive Eg :- ++ ++dest_delivery_int: ++ driver = manualroute ++ domains = +relay_to_domains ++ condition = ${if eq {${lc:$sender_address_domain}}\ ++ {domain.com}\ ++ {yes}{no}\ ++ } ++ dsn_process ++ hide route_data = ${lc:${extract{mailHost}{$address_data}{$value}{}}} ++ transport = remote_smtp ++ ++Exim will produce 1 of 2 DSN's back to the originator, or pass on the DSN request. ++The 2 DSN's will either contain (relayed via non "Remote SMTP" router) or ++(relayed to non-DSN-aware mailer) depending on if the delivery was VIA an SMTP ++transport or not. ++ ++ ++Credits ++------- ++ ++The original work for the patch was done by Philip Hazel in Exim 3 ++ ++The extract was taken and re-applied to Exim 4 by the following :- ++Phil Bingham (phil.bingham@cwipapps.net) ++Steve Falla (steve.falla@cwipapps.net) ++Ray Edah (ray.edah@cwipapps.net) ++Andrew Johnson (andrew.johnson@cwippaps.net) ++Adrian Hungate (adrian.hungate@cwipapps.net) ++ ++Contributions ++------------- ++Andrey J. Melnikoff (TEMHOTA) (temnota@kmv.ru) ++ ++ ++ChangeLog ++--------- ++ ++14-Apr-2006 : Changed subject to "Delivery Status Notification" ++ ++17-May-2006 : debug_printf in spool-in.c were not wrapped with #ifndef COMPILE_UTILITY ++ thanks to Andrey J. Melnikoff for this information ++ ++ ++ ++Support for this patch (limited though it is) will only be provided through the SourceForge ++project page (http://sourceforge.net/projects/eximdsn/) ++ ++-- ++Andrew Johnson Cable & Wireless +diff -urN exim-4.63-orig/src/config.h.defaults exim-4.63-dsn/src/config.h.defaults +--- exim-4.63-orig/src/config.h.defaults 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/config.h.defaults 2006-09-12 11:47:24.000000000 +0100 +@@ -123,6 +123,7 @@ + #define SUPPORT_MOVE_FROZEN_MESSAGES + #define SUPPORT_PAM + #define SUPPORT_TLS ++#define SUPPORT_DSN + #define SUPPORT_TRANSLATE_IP_ADDRESS + + #define SYSLOG_LOG_PID +diff -urN exim-4.63-orig/src/deliver.c exim-4.63-dsn/src/deliver.c +--- exim-4.63-orig/src/deliver.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/deliver.c 2006-09-12 11:47:24.000000000 +0100 +@@ -65,6 +65,9 @@ + static address_item *addr_remote = NULL; + static address_item *addr_route = NULL; + static address_item *addr_succeed = NULL; ++#ifdef SUPPORT_DSN ++static address_item *addr_dsntmp = NULL; ++#endif + + static FILE *message_log = NULL; + static BOOL update_spool; +@@ -2866,6 +2869,15 @@ + break; + #endif + ++ #ifdef SUPPORT_DSN ++ case 'D': ++ if (addr == NULL) break; ++ addr->dsn_aware = (*ptr)? string_copy(ptr) : string_copy(" "); ++ while (*ptr++); ++ DEBUG(D_deliver) debug_printf("DSN read: addr->dsn_aware = %s\n", addr->dsn_aware); ++ break; ++ #endif ++ + case 'A': + if (addr == NULL) + { +@@ -3935,6 +3947,15 @@ + } + #endif + ++ #ifdef SUPPORT_DSN ++ if (addr->dsn_aware == NULL) ++ addr->dsn_aware = string_copy(" "); ++ DEBUG(D_deliver) debug_printf("DSN write: addr->dsn_aware = %s\n", addr->dsn_aware); ++ sprintf(big_buffer, "D%s", addr->dsn_aware); ++ DEBUG(D_deliver) debug_printf("DSN write: big_buffer = %s (%d)\n", big_buffer, strlen(big_buffer)+1); ++ write(fd, big_buffer, strlen(big_buffer)+1); ++ #endif ++ + /* Retry information: for most success cases this will be null. */ + + for (r = addr->retries; r != NULL; r = r->next) +@@ -5072,6 +5093,14 @@ + if (r->pno >= 0) + new->onetime_parent = recipients_list[r->pno].address; + ++ #ifdef SUPPORT_DSN ++ /* If DSN support is enabled, set the dsn flags and the original receipt ++ to be passed on to other DSN enabled MTAs */ ++ new->dsn_flags = r->dsn_flags & rf_dsnflags; ++ new->dsn_orcpt = r->orcpt; ++ debug_printf("DSN (deliver): orcpt: %s flags: %d\n", new->dsn_orcpt, new->dsn_flags); ++ #endif ++ + switch (process_recipients) + { + /* RECIP_DEFER is set when a system filter freezes a message. */ +@@ -5959,6 +5988,12 @@ + regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE); + #endif + ++ #ifdef SUPPORT_DSN ++ /* Set the regex to check for DSN support on remote MTA */ ++ if (regex_DSN == NULL) regex_DSN = ++ regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE); ++ #endif ++ + /* Now sort the addresses if required, and do the deliveries. The yield of + do_remote_deliveries is FALSE when mua_wrapper is set and all addresses + cannot be delivered in one transaction. */ +@@ -6063,6 +6098,179 @@ + + else if (!dont_deliver) retry_update(&addr_defer, &addr_failed, &addr_succeed); + ++#ifdef SUPPORT_DSN ++/* ********** philb - Send DSN for successful messages */ ++ ++addr_dsntmp = addr_succeed; ++ ++while(addr_dsntmp != NULL) ++{ ++ BOOL dsn_sendmessage = FALSE; ++ uschar dsnmsgbuf[4096]; ++ ++ DEBUG(D_deliver) ++ debug_printf("DSN: processing router : %s\n", addr_dsntmp->router->name); ++ ++ DEBUG(D_deliver) ++ debug_printf("DSN: processing successful delivery address: %s\n", addr_dsntmp->address); ++ ++ if (testflag(addr_dsntmp, af_ignore_error)) ++ { ++ DEBUG(D_deliver) ++ debug_printf("DSN: Ignore error for: %s\n", addr_dsntmp->address); ++ } ++ else ++ { ++ DEBUG(D_deliver) debug_printf("DSN: Checking Flag\n"); ++ if (addr_dsntmp->dsn_aware == NULL) { ++ DEBUG(D_deliver) debug_printf("DSN: dsn_aware was NULL, setting to space at %s %d\n", __FILE__, __LINE__); ++ addr_dsntmp->dsn_aware = string_copy(" "); ++ } ++ DEBUG(D_deliver) debug_printf("DSN: Sender_address: %s\n", sender_address); ++ DEBUG(D_deliver) debug_printf("DSN: orcpt: %s flags: %d\n", addr_dsntmp->dsn_orcpt, addr_dsntmp->dsn_flags); ++ DEBUG(D_deliver) debug_printf("DSN: envid: %s ret: %d\n", dsn_envid, dsn_ret); ++ DEBUG(D_deliver) debug_printf("DSN: Remote SMTP server supports DSN: %s\n", addr_dsntmp->dsn_aware); ++ ++ /* Process the flags */ ++ if((addr_dsntmp->dsn_flags & rf_dsnflags) != 0) ++ { ++ /* We've got at least one flag set */ ++ ++ /* set flag so we don't send bounces */ ++ setflag(addr_dsntmp, af_ignore_error); ++ ++ if((addr_dsntmp->dsn_flags & rf_notify_never) != 0) ++ { ++ DEBUG(D_deliver) debug_printf("DSN: NEVER FLAG\n"); ++ ++ /* nothing to do here */ ++ } ++ ++ if((addr_dsntmp->dsn_flags & rf_notify_success) != 0) ++ { ++ DEBUG(D_deliver) debug_printf("DSN: SUCCESS FLAG\n"); ++ ++ dsn_sendmessage = TRUE; ++ } ++ ++ if((addr_dsntmp->dsn_flags & rf_notify_failure) != 0) ++ { ++ DEBUG(D_deliver) debug_printf("DSN: FAILURE FLAG\n"); ++ ++ /* allow bounce messages */ ++ clearflag(addr_dsntmp, af_ignore_error); ++ } ++ ++ if((addr_dsntmp->dsn_flags & rf_notify_delay) != 0) ++ { ++ DEBUG(D_deliver) debug_printf("DSN: DELAY FLAG\n"); ++ ++ /* hmm, what to do here? */ ++ } ++ } ++ ++ if ((addr_dsntmp->dsn_aware != 0) && (addr_dsntmp->dsn_aware[0] != 'Y') && (dsn_sendmessage == TRUE) && (addr_dsntmp->router->dsn_process == TRUE)) ++ { ++ pid_t pid; ++ int fd; ++ ++ /* remote MTA does not support DSN, so we need to send message */ ++ ++ /* create exim process to send message */ ++ pid = child_open_exim(&fd); ++ ++ DEBUG(D_deliver) debug_printf("DSN: child_open_exim returns: %d\n", pid); ++ ++ if (pid < 0) /* Creation of child failed */ ++ { ++ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Process %d (parent %d) failed to " ++ "create child process to send failure message: %s", getpid(), ++ getppid(), strerror(errno)); ++ ++ DEBUG(D_deliver) debug_printf("DSN: child_open_exim failed\n"); ++ ++ } ++ else /* Creation of child succeeded */ ++ { ++ FILE *f = fdopen(fd, "wb"); ++ int topt = topt_add_return_path; ++ uschar boundaryStr[64]; ++ ++ DEBUG(D_deliver) debug_printf("sending error message to: %s\n", sender_address); ++ ++ /* build unique id for MIME boundary */ ++ snprintf(boundaryStr, 63, "%d-cwdsn-%d", pid, rand()); ++ DEBUG(D_deliver) debug_printf("DSN: MIME boundary: %s\n", boundaryStr); ++ ++ /* if the sender doesn't want the whole message returned, don't send the body */ ++ if (dsn_ret != dsn_ret_full) topt |= topt_no_body; ++ ++ if (errors_reply_to != NULL) fprintf(f,"Reply-To: %s\n", errors_reply_to); ++ ++ fprintf(f,"Auto-Submitted: auto-generated\n"); ++ fprintf(f,"From: Mail Delivery System <Mailer-Daemon@%s>\n", qualify_domain_sender); ++ fprintf(f,"To: %s\n", sender_address); ++ fprintf(f,"Subject: Delivery Status Notification\n"); ++ fprintf(f,"Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n", boundaryStr); ++ fprintf(f,"MIME-Version: 1.0\n\n"); ++ ++ fprintf(f,"--%s\n", boundaryStr); ++ fprintf(f,"Content-type: text/plain; charset=us-ascii\n\n"); ++ ++ fprintf(f,"This message was created automatically by mail delivery software.\n"); ++ fprintf(f," ----- The following addresses had successful delivery notifications -----\n"); ++/* AH: added specific message for non "Remote SMTP" situations */ ++ if (addr_dsntmp->dsn_aware[0] == 'N') { ++ fprintf(f,"<%s> (relayed to non-DSN-aware mailer)\n\n", addr_dsntmp->address); ++ } else { ++ fprintf(f,"<%s> (relayed via non \"Remote SMTP\" router)\n\n", addr_dsntmp->address); ++ } ++ ++ fprintf(f,"--%s\n", boundaryStr); ++ fprintf(f,"Content-type: message/delivery-status\n\n"); ++ ++ if (dsn_envid) { /* Test for NULL added by GC */ ++ fprintf(f,"Original-Envelope-Id: %s\n", dsn_envid); ++ } ++ fprintf(f,"Reporting-MTA: dns; %s\n", qualify_domain_sender); ++ if (addr_dsntmp->dsn_orcpt) { /* Test for NULL added by GC */ ++ fprintf(f,"Original-Recipient: %s\n", addr_dsntmp->dsn_orcpt); ++ } ++ fprintf(f,"Action: delivered\n\n"); ++ ++ fprintf(f,"--%s\n", boundaryStr); ++ fprintf(f,"Content-type: message/rfc822\n\n"); ++ ++ fflush(f); ++ transport_filter_argv = NULL; /* Just in case */ ++ return_path = sender_address; /* In case not previously set */ ++ ++ /* Write the original email out */ ++ transport_write_message(NULL, fileno(f), topt, 2048, NULL, NULL, NULL, NULL, NULL, 0); ++ fflush(f); ++ ++ fprintf(f,"\n"); ++ fprintf(f,"--%s--\n", boundaryStr); ++ ++ fflush(f); ++ fclose(f); ++ rc = child_close(pid, 0); /* Waits for child to close, no timeout */ ++ } ++ } ++ else ++ { if (addr_dsntmp->router->dsn_process == TRUE) ++ DEBUG(D_deliver) debug_printf("DSN: *** NOT SENDING DSN SUCCESS Message ***\n"); ++ if (addr_dsntmp->router->dsn_process == FALSE) ++ DEBUG(D_deliver) debug_printf("DSN: *** NOT SENDING DSN SUCCESS Message (gagged) ***\n"); ++ } ++ } ++ ++ addr_dsntmp = addr_dsntmp->next; ++} ++ ++/* ********** philb - end of mod */ ++#endif ++ + /* If any addresses failed, we must send a message to somebody, unless + af_ignore_error is set, in which case no action is taken. It is possible for + several messages to get sent if there are addresses with different +diff -urN exim-4.63-orig/src/EDITME exim-4.63-dsn/src/EDITME +--- exim-4.63-orig/src/EDITME 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/EDITME 2006-09-12 11:47:24.000000000 +0100 +@@ -195,6 +195,8 @@ + # least one type of lookup. You should consider whether you want to build + # the Exim monitor or not. + ++# Support DSN ++SUPPORT_DSN=yes + + #------------------------------------------------------------------------------ + # These settings determine which individual router drivers are included in the +diff -urN exim-4.63-orig/src/exim.c exim-4.63-dsn/src/exim.c +--- exim-4.63-orig/src/exim.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/exim.c 2006-09-12 11:47:24.000000000 +0100 +@@ -920,6 +920,9 @@ + #ifdef EXPERIMENTAL_DOMAINKEYS + fprintf(f, " Experimental_DomainKeys"); + #endif ++#ifdef SUPPORT_DSN ++ fprintf(f, " C&W_DSN_1.2"); ++#endif + fprintf(f, "\n"); + + fprintf(f, "Lookups:"); +@@ -2192,6 +2195,16 @@ + break; + } + ++ #ifdef SUPPORT_DSN ++ /* -MCD: set the smtp_use_dsn flag; this indicates that the host ++ that exim is connected to supports the esmtp extension DSN */ ++ else if (strcmp(argrest, "CD") == 0) ++ { ++ smtp_use_dsn = TRUE; ++ break; ++ } ++ #endif ++ + /* -MCP: set the smtp_use_pipelining flag; this is useful only when + it preceded -MC (see above) */ + +diff -urN exim-4.63-orig/src/globals.c exim-4.63-dsn/src/globals.c +--- exim-4.63-orig/src/globals.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/globals.c 2006-09-12 11:47:24.000000000 +0100 +@@ -121,6 +121,13 @@ + uschar *tls_verify_hosts = NULL; + #endif + ++#ifdef SUPPORT_DSN ++BOOL dsn = TRUE; ++uschar *dsn_envid = NULL; ++int dsn_ret = 0; ++const pcre *regex_DSN = NULL; ++BOOL smtp_use_dsn = FALSE; ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. The defaults use stdin. We never need these for any +@@ -270,6 +277,11 @@ + NULL, /* cipher */ + NULL, /* peerdn */ + #endif ++ #ifdef SUPPORT_DSN ++ NULL, /* dsn_orcpt */ ++ 0, /* dsn_flags */ ++ NULL, /* dsn_aware */ ++ #endif + (uid_t)(-1), /* uid */ + (gid_t)(-1), /* gid */ + 0, /* flags */ +@@ -958,6 +970,9 @@ + TRUE, /* verify_sender */ + FALSE, /* uid_set */ + FALSE, /* unseen */ ++#ifdef SUPPORT_DSN ++ FALSE, /* dsn_process */ ++#endif + + self_freeze, /* self_code */ + (uid_t)(-1), /* uid */ +@@ -967,6 +982,7 @@ + NULL, /* transport instance */ + NULL, /* pass_router */ + NULL /* redirect_router */ ++ + }; + + ip_address_item *running_interfaces = NULL; +diff -urN exim-4.63-orig/src/globals.h exim-4.63-dsn/src/globals.h +--- exim-4.63-orig/src/globals.h 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/globals.h 2006-09-12 11:47:24.000000000 +0100 +@@ -85,6 +85,13 @@ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + ++#ifdef SUPPORT_DSN ++extern BOOL dsn; /* FALSE if DSN not to be used */ ++extern uschar *dsn_envid; /* DSN envid string */ ++extern int dsn_ret; /* DSN ret type*/ ++extern const pcre *regex_DSN; /* For recognizing DSN settings */ ++extern BOOL smtp_use_dsn; /* Global for passed connections */ ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +diff -urN exim-4.63-orig/src/local_scan.h exim-4.63-dsn/src/local_scan.h +--- exim-4.63-orig/src/local_scan.h 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/local_scan.h 2006-09-12 11:47:24.000000000 +0100 +@@ -123,9 +123,13 @@ + field is always NULL except for one_time aliases that had errors_to on the + routers that generated them. */ + ++/* Added the dsn attributes orcpt and dsn_flags for DSN support*/ ++ + typedef struct recipient_item { + uschar *address; /* the recipient address */ + int pno; /* parent number for "one_time" alias, or -1 */ ++ uschar *orcpt; /* DSN orcpt */ ++ int dsn_flags; /* DSN flags */ + uschar *errors_to; /* the errors_to address or NULL */ + #ifdef EXPERIMENTAL_BRIGHTMAIL + uschar *bmi_optin; +diff -urN exim-4.63-orig/src/macros.h exim-4.63-dsn/src/macros.h +--- exim-4.63-orig/src/macros.h 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/macros.h 2006-09-12 11:47:24.000000000 +0100 +@@ -734,6 +734,22 @@ + #define topt_no_body 0x040 /* Omit body */ + #define topt_escape_headers 0x080 /* Apply escape check to headers */ + ++/* Flags for recipient_block, used in DSN support */ ++ ++#define rf_onetime 0x01 /* A one-time alias */ ++#define rf_notify_never 0x02 /* NOTIFY= settings */ ++#define rf_notify_success 0x04 ++#define rf_notify_failure 0x08 ++#define rf_notify_delay 0x10 ++ ++#define rf_dsnflags (rf_notify_never | rf_notify_success | \ ++ rf_notify_failure | rf_notify_delay) ++ ++/* DSN RET types */ ++ ++#define dsn_ret_full 1 ++#define dsn_ret_hdrs 2 ++ + /* Codes for the host_find_failed option. */ + + #define hff_freeze 0 +diff -urN exim-4.63-orig/src/readconf.c exim-4.63-dsn/src/readconf.c +--- exim-4.63-orig/src/readconf.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/readconf.c 2006-09-12 11:47:24.000000000 +0100 +@@ -203,6 +203,9 @@ + { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup }, + { "dns_retrans", opt_time, &dns_retrans }, + { "dns_retry", opt_int, &dns_retry }, ++#ifdef SUPPORT_DSN ++ { "dsn", opt_bool, &dsn }, ++#endif + /* This option is now a no-op, retained for compability */ + { "drop_cr", opt_bool, &drop_cr }, + /*********************************************************/ +diff -urN exim-4.63-orig/src/receive.c exim-4.63-dsn/src/receive.c +--- exim-4.63-orig/src/receive.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/receive.c 2006-09-12 11:47:24.000000000 +0100 +@@ -474,6 +474,8 @@ + memcpy(recipients_list, oldlist, oldmax * sizeof(recipient_item)); + } + ++/* memset added by GC to blank dsn records, etc. */ ++memset(&recipients_list[recipients_count], 0, sizeof(recipient_item)); + recipients_list[recipients_count].address = recipient; + recipients_list[recipients_count].pno = pno; + #ifdef EXPERIMENTAL_BRIGHTMAIL +diff -urN exim-4.63-orig/src/route.c exim-4.63-dsn/src/route.c +--- exim-4.63-orig/src/route.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/route.c 2006-09-12 11:47:24.000000000 +0100 +@@ -60,6 +60,10 @@ + (void *)offsetof(router_instance, domains) }, + { "driver", opt_stringptr|opt_public, + (void *)offsetof(router_instance, driver_name) }, ++ #ifdef SUPPORT_DSN ++ { "dsn_process", opt_bool|opt_public, ++ (void *)offsetof(router_instance, dsn_process) }, ++ #endif + { "errors_to", opt_stringptr|opt_public, + (void *)(offsetof(router_instance, errors_to)) }, + { "expn", opt_bool|opt_public, +@@ -272,6 +276,13 @@ + + if (r->pass_router_name != NULL) + set_router(r, r->pass_router_name, &(r->pass_router), TRUE); ++ ++ #ifdef SUPPORT_DSN ++ if (r->dsn_process == FALSE) ++ DEBUG(D_route) debug_printf("%s router skipping DSN - add dsn_process to router\n", r->name); ++ if (r->dsn_process == TRUE) ++ DEBUG(D_route) debug_printf("%s router performing DSN \n", r->name); ++ #endif + } + } + +@@ -1408,7 +1419,10 @@ + + copyflag(new, addr, af_propagate); + new->p.address_data = addr->p.address_data; +- ++#ifdef SUPPORT_DSN ++ new->dsn_flags = addr->dsn_flags; ++ new->dsn_orcpt = addr->dsn_orcpt; ++#endif + + /* As it has turned out, we haven't set headers_add or headers_remove for the + * clone. Thinking about it, it isn't entirely clear whether they should be +diff -urN exim-4.63-orig/src/smtp_in.c exim-4.63-dsn/src/smtp_in.c +--- exim-4.63-orig/src/smtp_in.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/smtp_in.c 2006-09-12 11:47:24.000000000 +0100 +@@ -835,6 +835,13 @@ + sender_verified_list = NULL; /* No senders verified */ + memset(sender_address_cache, 0, sizeof(sender_address_cache)); + memset(sender_domain_cache, 0, sizeof(sender_domain_cache)); ++ ++#ifdef SUPPORT_DSN ++/* Reset the DSN flags */ ++dsn_ret = 0; ++dsn_envid = NULL; ++#endif ++ + authenticated_sender = NULL; + #ifdef EXPERIMENTAL_BRIGHTMAIL + bmi_run = 0; +@@ -2229,6 +2236,10 @@ + int ptr, size, rc; + int c, i; + auth_instance *au; ++#ifdef SUPPORT_DSN ++ uschar *orcpt = NULL; ++ int flags; ++#endif + + switch(smtp_read_command(TRUE)) + { +@@ -2632,6 +2643,12 @@ + if (accept_8bitmime) + s = string_cat(s, &size, &ptr, US"250-8BITMIME\r\n", 14); + ++ #ifdef SUPPORT_DSN ++ /* Advertise DSN support if configured to do so. */ ++ if (dsn) ++ s = string_cat(s, &size, &ptr, US"250-DSN\r\n", 9); ++ #endif ++ + /* Advertise ETRN if there's an ACL checking whether a host is + permitted to issue it; a check is made when any host actually tries. */ + +@@ -2823,6 +2840,43 @@ + (strcmpic(value, US"8BITMIME") == 0 || + strcmpic(value, US"7BIT") == 0)) {} + ++ #ifdef SUPPORT_DSN ++ ++ /* Handle the two DSN options, but only if configured to do so (which ++ will have caused "DSN" to be given in the EHLO response). The code itself ++ is included only if configured in at build time. */ ++ ++ else if (dsn && strcmpic(name, US"RET") == 0) ++ { ++ /* Check if RET has already been set */ ++ if (dsn_ret > 0) { ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"RET can be specified once only"); ++ goto COMMAND_LOOP; ++ } ++ dsn_ret = (strcmpic(value, US"HDRS") == 0)? dsn_ret_hdrs : ++ (strcmpic(value, US"FULL") == 0)? dsn_ret_full : 0; ++ DEBUG(D_receive) debug_printf("DSN_RET: %d\n", dsn_ret); ++ /* Check for invalid invalid value, and exit with error */ ++ if (dsn_ret == 0) { ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"Value for RET is invalid"); ++ goto COMMAND_LOOP; ++ } ++ } ++ else if (dsn && strcmpic(name, US"ENVID") == 0) ++ { ++ /* Check if the dsn envid has been already set */ ++ if (dsn_envid != NULL) { ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"ENVID can be specified once only"); ++ goto COMMAND_LOOP; ++ } ++ dsn_envid = string_copy(value); ++ DEBUG(D_receive) debug_printf("DSN_ENVID: %s\n", dsn_envid); ++ } ++ #endif ++ + /* Handle the AUTH extension. If the value given is not "<>" and either + the ACL says "yes" or there is no ACL but the sending host is + authenticated, we set it up as the authenticated sender. However, if the +@@ -3070,6 +3124,89 @@ + rcpt_fail_count++; + break; + } ++ ++ #ifdef SUPPORT_DSN ++ /* Set the DSN flags orcpt and dsn_flags from the session*/ ++ orcpt = NULL; ++ flags = 0; ++ ++ if (esmtp) for(;;) ++ { ++ uschar *name, *value, *end; ++ int size; ++ ++ if (!extract_option(&name, &value)) ++ { ++ break; ++ } ++ ++ if (strcmpic(name, US"ORCPT") == 0) ++ { ++ /* Check whether orcpt has been already set */ ++ if (orcpt != NULL) { ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"ORCPT can be specified once only"); ++ goto COMMAND_LOOP; ++ } ++ orcpt = string_copy(value); ++ DEBUG(D_receive) debug_printf("DSN orcpt: %s\n", orcpt); ++ } ++ ++ else if (strcmpic(name, US"NOTIFY") == 0) ++ { ++ /* Check if the notify flags have been already set */ ++ if (flags > 0) ++ { ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"NOTIFY can be specified once only"); ++ goto COMMAND_LOOP; ++ } ++ if (strcmpic(value, US"NEVER") == 0) flags |= rf_notify_never; else ++ { ++ uschar *p = value; ++ while (*p != 0) ++ { ++ uschar *pp = p; ++ while (*pp != 0 && *pp != ',') pp++; ++ if (*pp == ',') *pp++ = 0; ++ if (strcmpic(p, US"SUCCESS") == 0) { ++ DEBUG(D_receive) debug_printf("GC: Setting notify success\n"); ++ flags |= rf_notify_success; ++ } ++ else if (strcmpic(p, US"FAILURE") == 0) { ++ DEBUG(D_receive) debug_printf("GC: Setting notify failure\n"); ++ flags |= rf_notify_failure; ++ } ++ else if (strcmpic(p, US"DELAY") == 0) { ++ DEBUG(D_receive) debug_printf("GC: Setting notify delay\n"); ++ flags |= rf_notify_delay; ++ } ++ else ++ { ++ /* Catch any strange values */ ++ synprot_error(L_smtp_syntax_error, 501, NULL, ++ US"Invalid value for NOTIFY parameter"); ++ goto COMMAND_LOOP; ++ } ++ p = pp; ++ } ++ DEBUG(D_receive) debug_printf("DSN Flags: %x\n", flags); ++ } ++ } ++ ++ /* Unknown option. Stick back the terminator characters and break ++ the loop. An error for a malformed address will occur. */ ++ ++ else ++ { ++ DEBUG(D_receive) debug_printf("Invalid dsn command: %s : %s\n", name, value); ++ name[-1] = ' '; ++ value[-1] = '='; ++ break; ++ } ++ } ++ #endif ++ + + /* Apply SMTP rewriting then extract the working address. Don't allow "<>" + as a recipient address */ +@@ -3176,6 +3313,24 @@ + { + smtp_printf("250 Accepted\r\n"); + receive_add_recipient(recipient, -1); ++ ++ #ifdef SUPPORT_DSN ++ ++ /* Set the dsn flags in the recipients_list */ ++ if (orcpt != NULL) ++ recipients_list[recipients_count-1].orcpt = orcpt; ++ else ++ recipients_list[recipients_count-1].orcpt = NULL; ++ ++ if (flags != 0) ++ recipients_list[recipients_count-1].dsn_flags = flags; ++ else ++ recipients_list[recipients_count-1].dsn_flags = 0; ++ debug_printf("DSN-AJ(smtp-in): orcpt: %s flags: %d\n", recipients_list[recipients_count-1].orcpt, recipients_list[recipients_count-1].dsn_flags); ++ ++ ++ #endif ++ + } + + /* The recipient was discarded */ +diff -urN exim-4.63-orig/src/spool_in.c exim-4.63-dsn/src/spool_in.c +--- exim-4.63-orig/src/spool_in.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/spool_in.c 2006-09-12 11:47:24.000000000 +0100 +@@ -292,6 +292,13 @@ + spam_score_int = NULL; + #endif + ++#ifdef SUPPORT_DSN ++#ifndef COMPILE_UTILITY ++dsn_ret = 0; ++dsn_envid = NULL; ++#endif /* COMPILE_UTILITY */ ++#endif ++ + /* Generate the full name and open the file. If message_subdir is already + set, just look in the given directory. Otherwise, look in both the split + and unsplit directories, as for the data file above. */ +@@ -474,6 +481,21 @@ + tls_peerdn = string_copy(big_buffer + 12); + #endif + ++ #ifdef SUPPORT_DSN ++ #ifndef COMPILE_UTILITY ++ /* Check if the dsn flags have been set in the header file */ ++ else if (Ustrncmp(big_buffer, "-dsn_ret", 8) == 0) ++ { ++ dsn_ret= atoi(big_buffer + 8); ++ } ++ else if (Ustrncmp(big_buffer, "-dsn_envid", 10) == 0) ++ { ++ dsn_envid = string_copy(big_buffer + 11); ++ } ++ #endif /* COMPILE_UTILITY */ ++ #endif ++ ++ + /* We now record the port number after the address, separated by a + dot. For compatibility during upgrading, do nothing if there + isn't a value (it gets left at zero). */ +@@ -558,6 +580,10 @@ + { + int nn; + int pno = -1; ++ #ifdef SUPPORT_DSN ++ int dsn_flags = 0; ++ uschar *orcpt = NULL; ++ #endif + uschar *errors_to = NULL; + uschar *p; + +@@ -626,10 +652,19 @@ + } + + /* Handle current format Exim 4 spool files */ ++ /* Spool file is modified if DSN is supported ++ Original was "address errors_to len(errors_to),pno ++ New for DSN support is now: ++ "address errors_to orcpt len(errors_to),len(orcpt),pno,dsn_flags */ + + else if (*p == '#') + { + int flags; ++ ++ #ifndef COMPILE_UTILITY ++ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n"); ++ #endif /* COMPILE_UTILITY */ ++ + (void)sscanf(CS p+1, "%d", &flags); + + if ((flags & 0x01) != 0) /* one_time data exists */ +@@ -642,15 +677,82 @@ + { + p -= len; + errors_to = string_copy(p); ++ } ++ } ++ ++ *(--p) = 0; /* Terminate address */ ++ } ++ #ifdef SUPPORT_DSN ++ else if (*p == '!') /* Handle Exim4 + DSN spool files */ ++ { ++ int flags; ++ int temp_dsn_flags; ++ ++ #ifndef COMPILE_UTILITY ++ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - C&W DSN format spoolfile\n"); ++ #endif /* COMPILE_UTILITY */ ++ ++ sscanf(CS p+1, "%d,%d", &flags, &temp_dsn_flags); ++ ++ if (((flags & 0x01) != 0) || (temp_dsn_flags > 0)) /* one_time data or dsn_flags exist */ ++ { ++ int len; ++ int len_orcpt; ++ ++ #ifndef COMPILE_UTILITY ++ DEBUG(D_deliver) debug_printf("**** spool_in dsn_flags = 0\n"); ++ #endif /* COMPILE_UTILITY */ ++ ++ dsn_flags = 0; ++ ++ while (isdigit(*(--p)) || *p == ',' || *p == '-'); ++ sscanf(CS p+1, "%d,%d,%d,%d", &len, &len_orcpt, &pno, &dsn_flags); ++ ++ *p = 0; ++ if (len_orcpt > 0) ++ { ++ p -= len_orcpt; ++ orcpt = string_copy(p); + } ++ *(--p) = 0; /* change the space to a NULL */ ++ ++ if (len > 0) ++ { ++ p -= len; ++ errors_to = string_copy(p); ++ } + } + + *(--p) = 0; /* Terminate address */ + } ++ #endif ++ #ifndef COMPILE_UTILITY ++ else ++ { ++ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); ++ } ++ #endif /* COMPILE_UTILITY */ ++ ++ #ifdef SUPPORT_DSN ++ #ifndef COMPILE_UTILITY ++ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s| orcpt: |%s| dsn_flags: %d\n", ++ big_buffer, errors_to, orcpt, dsn_flags); ++ #endif /* COMPILE_UTILITY */ ++ #endif ++ #ifndef SUPPORT_DSN ++ #ifndef COMPILE_UTILITY ++ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n", ++ big_buffer, errors_to); ++ #endif /* COMPILE_UTILITY */ ++ #endif + + recipients_list[recipients_count].address = string_copy(big_buffer); + recipients_list[recipients_count].pno = pno; + recipients_list[recipients_count].errors_to = errors_to; ++ #ifdef SUPPORT_DSN ++ recipients_list[recipients_count].orcpt = orcpt; ++ recipients_list[recipients_count].dsn_flags = dsn_flags; ++ #endif + } + + /* The remainder of the spool header file contains the headers for the message, +diff -urN exim-4.63-orig/src/spool_out.c exim-4.63-dsn/src/spool_out.c +--- exim-4.63-orig/src/spool_out.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/spool_out.c 2006-09-12 11:47:24.000000000 +0100 +@@ -243,6 +243,15 @@ + if (tls_peerdn != NULL) fprintf(f, "-tls_peerdn %s\n", tls_peerdn); + #endif + ++#ifdef SUPPORT_DSN ++/* Write the dsn flags to the spool header file */ ++DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_envid %s\n", dsn_envid); ++if (dsn_envid != NULL) fprintf(f, "-dsn_envid %s\n", dsn_envid); ++DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_ret %d\n", dsn_ret); ++if (dsn_ret != 0) fprintf(f, "-dsn_ret %d\n", dsn_ret); ++#endif ++ ++ + /* To complete the envelope, write out the tree of non-recipients, followed by + the list of recipients. These won't be disjoint the first time, when no + checking has been done. If a recipient is a "one-time" alias, it is followed by +@@ -253,14 +262,36 @@ + for (i = 0; i < recipients_count; i++) + { + recipient_item *r = recipients_list + i; +- if (r->pno < 0 && r->errors_to == NULL) ++#ifdef SUPPORT_DSN ++DEBUG(D_deliver) debug_printf("DSN: Flags :%d\n", r->dsn_flags); ++#endif ++ if (r->pno < 0 && r->errors_to == NULL ++ #ifdef SUPPORT_DSN ++ && r->dsn_flags == 0 ++ #endif ++ ) + fprintf(f, "%s\n", r->address); + else + { + uschar *errors_to = (r->errors_to == NULL)? US"" : r->errors_to; ++ #ifdef SUPPORT_DSN ++ uschar *orcpt = (r->orcpt == NULL)? US"" : r->orcpt; ++ fprintf(f, "%s %s %s %d,%d,%d,%d!1\n", r->address, errors_to, orcpt, ++ Ustrlen(errors_to), Ustrlen(orcpt), r->pno, r->dsn_flags); ++ #else + fprintf(f, "%s %s %d,%d#1\n", r->address, errors_to, + Ustrlen(errors_to), r->pno); ++ #endif + } ++ ++ #ifdef SUPPORT_DSN ++ DEBUG(D_deliver) debug_printf("DSN :**** SPOOL_OUT - address: |%s| errorsto: |%s| orcpt: |%s| dsn_flags: %d\n", ++ r->address, r->errors_to, r->orcpt, r->dsn_flags); ++ #endif ++ #ifndef SUPPORT_DSN ++ DEBUG(D_deliver) debug_printf("**** SPOOL_OUT - address: |%s| errorsto: |%s|\n", ++ r->address, r->errors_to); ++ #endif + } + + /* Put a blank line before the headers */ +diff -urN exim-4.63-orig/src/structs.h exim-4.63-dsn/src/structs.h +--- exim-4.63-orig/src/structs.h 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/structs.h 2006-09-12 11:47:24.000000000 +0100 +@@ -281,7 +281,9 @@ + BOOL verify_sender; /* Use this router when verifying a sender */ + BOOL uid_set; /* Flag to indicate uid is set */ + BOOL unseen; /* If TRUE carry on, even after success */ +- ++#ifdef SUPPORT_DSN ++ BOOL dsn_process; /* If TRUE, activate DSN for this router */ ++#endif + int self_code; /* Encoded version of "self" */ + uid_t uid; /* Fixed uid value */ + gid_t gid; /* Fixed gid value */ +@@ -560,6 +562,12 @@ + uschar *peerdn; /* DN of server's certificate */ + #endif + ++ #ifdef SUPPORT_DSN ++ uschar *dsn_orcpt; /* DSN orcpt value */ ++ int dsn_flags; /* DSN flags */ ++ uschar *dsn_aware; /* DSN aware flag */ ++ #endif ++ + uid_t uid; /* uid for transporting */ + gid_t gid; /* gid for transporting */ + +diff -urN exim-4.63-orig/src/transport.c exim-4.63-dsn/src/transport.c +--- exim-4.63-orig/src/transport.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/transport.c 2006-09-12 11:47:24.000000000 +0100 +@@ -1756,6 +1756,11 @@ + + argv = child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); + ++ #ifdef SUPPORT_DSN ++ /* Call with the dsn flag */ ++ if (smtp_use_dsn) argv[i++] = US"-MCD"; ++ #endif ++ + if (smtp_authenticated) argv[i++] = US"-MCA"; + + #ifdef SUPPORT_TLS +diff -urN exim-4.63-orig/src/transports/smtp.c exim-4.63-dsn/src/transports/smtp.c +--- exim-4.63-orig/src/transports/smtp.c 2006-07-31 15:19:48.000000000 +0100 ++++ exim-4.63-dsn/src/transports/smtp.c 2006-09-12 11:47:24.000000000 +0100 +@@ -194,6 +194,16 @@ + static uschar *smtp_command; /* Points to last cmd for error messages */ + static uschar *mail_command; /* Points to MAIL cmd for error messages */ + ++#ifdef SUPPORT_DSN ++/* some DSN flags for use later */ ++ ++static int rf_list[] = {rf_notify_never, rf_notify_success, ++ rf_notify_failure, rf_notify_delay }; ++ ++static uschar *rf_names[] = { "NEVER", "SUCCESS", "FAILURE", "DELAY" }; ++#endif ++ ++ + + /************************************************* + * Setup entry point * +@@ -1137,6 +1147,14 @@ + DEBUG(D_transport) debug_printf("%susing PIPELINING\n", + smtp_use_pipelining? "" : "not "); + ++ #ifdef SUPPORT_DSN ++ /* Note if the server supports DSN */ ++ smtp_use_dsn = dsn && ++ esmtp && pcre_exec(regex_DSN, NULL, CS buffer, (int)Ustrlen(CS buffer), 0, ++ PCRE_EOPT, NULL, 0) >= 0; ++ DEBUG(D_transport) debug_printf("use_dsn=%d\n", smtp_use_dsn); ++ #endif ++ + /* Note if the response to EHLO specifies support for the AUTH extension. + If it has, check that this host is one we want to authenticate to, and do + the business. The host name and address must be available when the +@@ -1324,6 +1342,26 @@ + while (*p) p++; + } + ++#ifdef SUPPORT_DSN ++/* Add any DSN flags to the mail command */ ++ ++if (smtp_use_dsn) ++ { ++ if (dsn_ret == dsn_ret_hdrs) ++ { ++ strcpy(p, " RET=HDRS"); ++ while (*p) p++; ++ } ++ else if (dsn_ret == dsn_ret_full) ++ { ++ strcpy(p, " RET=FULL"); ++ while (*p) p++; ++ } ++ if (dsn_envid != NULL) ++ string_format(p, sizeof(buffer) - (p-buffer), " ENVID=%s", dsn_envid); ++ } ++#endif ++ + /* Add the authenticated sender address if present */ + + if ((smtp_authenticated || ob->authenticated_sender_force) && +@@ -1386,18 +1424,66 @@ + int count; + BOOL no_flush; + ++ #ifdef SUPPORT_DSN ++ /* philb - set dsn_aware flag for this recipient */ ++ if(smtp_use_dsn) ++ addr->dsn_aware = string_copy("Y"); ++ else ++ addr->dsn_aware = string_copy("N"); ++ #endif ++ + if (addr->transport_return != PENDING_DEFER) continue; + + address_count++; + no_flush = smtp_use_pipelining && (!mua_wrapper || addr->next != NULL); + ++ #ifdef SUPPORT_DSN ++ /* Add any DSN flags to the rcpt command and add to the sent string */ ++ ++ p = buffer; ++ *p = 0; ++ ++ if (smtp_use_dsn) ++ { ++ if ((addr->dsn_flags & rf_dsnflags) != 0) ++ { ++ int i; ++ BOOL first = TRUE; ++ strcpy(p, " NOTIFY="); ++ while (*p) p++; ++ for (i = 0; i < 4; i++) ++ { ++ if ((addr->dsn_flags & rf_list[i]) != 0) ++ { ++ if (!first) *p++ = ','; ++ first = FALSE; ++ strcpy(p, rf_names[i]); ++ while (*p) p++; ++ } ++ } ++ } ++ ++ if (addr->dsn_orcpt != NULL) ++ string_format(p, sizeof(buffer) - (p-buffer), " ORCPT=%s", ++ addr->dsn_orcpt); ++ } ++ ++ #endif ++ ++ + /* Now send the RCPT command, and process outstanding responses when + necessary. After a timeout on RCPT, we just end the function, leaving the + yield as OK, because this error can often mean that there is a problem with + just one address, so we don't want to delay the host. */ + ++ #ifdef SUPPORT_DSN ++ count = smtp_write_command(&outblock, no_flush, "RCPT TO:<%s>%s%s\r\n", ++ transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr, buffer); ++ #else + count = smtp_write_command(&outblock, no_flush, "RCPT TO:<%s>%s\r\n", + transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr); ++ #endif ++ + if (count < 0) goto SEND_FAILED; + if (count > 0) + { diff --git a/mail-mta/exim/files/mailer.conf b/mail-mta/exim/files/mailer.conf new file mode 100644 index 00000000..7dbf79b3 --- /dev/null +++ b/mail-mta/exim/files/mailer.conf @@ -0,0 +1,10 @@ +# Execute the "real" sendmail program from exim, +# named /usr/sbin/exim +# +sendmail /usr/sbin/exim +mailq /usr/sbin/exim +newaliases /usr/sbin/exim +rmail /usr/sbin/exim +send-mail /usr/sbin/exim +rsmtp /usr/sbin/exim +mail /usr/sbin/exim diff --git a/mail-mta/exim/files/pam.d-exim b/mail-mta/exim/files/pam.d-exim new file mode 100644 index 00000000..9b3a1d21 --- /dev/null +++ b/mail-mta/exim/files/pam.d-exim @@ -0,0 +1,3 @@ +# You may need to remove the "md5" +auth required pam_unix.so shadow md5 +account required pam_unix.so diff --git a/mail-mta/exim/files/system_filter.exim b/mail-mta/exim/files/system_filter.exim new file mode 100644 index 00000000..8817cc00 --- /dev/null +++ b/mail-mta/exim/files/system_filter.exim @@ -0,0 +1,220 @@ +# Exim filter +## Version: 0.13 +# $Id: system_filter.exim,v 1.1 2004/05/30 02:35:58 robbat2 Exp $ + +## If you haven't worked with exim filters before, read +## the install notes at the end of this file. + +# +# Only run any of this stuff on the first pass through the +# filter - this is an optomisation for messages that get +# queued and have several delivery attempts +# +# we express this in reverse so we can just bail out +# on inappropriate messages +# +if not first_delivery +then + finish +endif + +# Check for MS buffer overruns as per latest BUGTRAQ. +# http://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D61 +# This could happen in error messages, hence its placing +# here... +# We substract the first n characters of the date header +# and test if its the same as the date header... which +# is a lousy way of checking if the date is longer than +# n chars long +if ${length_80:$header_date:} is not $header_date: +then + fail text "This message has been rejected because it has\n\ + \tan overlength date field which can be used\n\ + \tto subvert Microsoft mail programs\n\ + \tThe following URL has further information\n\ + \thttp://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D61" + seen finish +endif + +# This is a nasty compromise. +# This crud is now being sent with a <> envelope sender, but +# blocking all error messages that pattern match prevents +# bounces getting back.... so we fudge it somewhat +if $header_from: contains "@sexyfun.net" +then + fail text "This message has been rejected since it has\n\ + \tthe signature of a known virus in the header." + seen finish +endif +if error_message and $header_from: contains "Mailer-Daemon@" +then + # looks like a real error message - just ignore it + finish +endif + +# Look for single part MIME messages with suspicious name extensions +# Check Content-Type header using quoted filename [content_type_quoted_fn_match] +if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|hta|bat|scr|pif)\")" +then + fail text "This message has been rejected because it has\n\ + \tpotentially executable content $1\n\ + \tThis form of attachment has been used by\n\ + \trecent viruses or other malware.\n\ + \tIf you meant to send this file then please\n\ + \tpackage it up as a zip file and resend it." + seen finish +endif +# same again using unquoted filename [content_type_unquoted_fn_match] +if $header_content-type: matches "(?:file)?name=([\\\\w.-]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|hta|bat|scr|pif))" +then + fail text "This message has been rejected because it has\n\ + \tpotentially executable content $1\n\ + \tThis form of attachment has been used by\n\ + \trecent viruses or other malware.\n\ + \tIf you meant to send this file then please\n\ + \tpackage it up as a zip file and resend it." + seen finish +endif + + +# Attempt to catch embedded VBS attachments +# in emails. These were used as the basis for +# the ILOVEYOU virus and its variants +# Quoted filename - [body_quoted_fn_match] +if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\"[^\"]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|hta|bat|scr|pif)\")[\\\\s;]" +then + fail text "This message has been rejected because it has\n\ + \ta potentially executable attachment $1\n\ + \tThis form of attachment has been used by\n\ + \trecent viruses or other malware.\n\ + \tIf you meant to send this file then please\n\ + \tpackage it up as a zip file and resend it." + seen finish +endif +# same again using unquoted filename [body_unquoted_fn_match] +if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))([\\\\w.-]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|hta|bat|scr|pif))[\\\\s;]" +then + fail text "This message has been rejected because it has\n\ + \ta potentially executable attachment $1\n\ + \tThis form of attachment has been used by\n\ + \trecent viruses or other malware.\n\ + \tIf you meant to send this file then please\n\ + \tpackage it up as a zip file and resend it." + seen finish +endif + +#### Version history +# +# 0.01 5 May 2000 +# Initial release +# 0.02 8 May 2000 +# Widened list of content-types accepted, added WSF extension +# 0.03 8 May 2000 +# Embedded the install notes in for those that don't do manuals +# 0.04 9 May 2000 +# Check global content-type header. Efficiency mods to REs +# 0.05 9 May 2000 +# More minor efficiency mods, doc changes +# 0.06 20 June 2000 +# Added extension handling - thx to Douglas Gray Stephens & Jeff Carnahan +# 0.07 19 July 2000 +# Latest MS Outhouse bug catching +# 0.08 19 July 2000 +# Changed trigger length to 80 chars, fixed some spelling +# 0.09 29 September 2000 +# More extensions... its getting so we should just allow 2 or 3 through +# 0.10 18 January 2001 +# Removed exclusion for error messages - this is a little nasty +# since it has other side effects, hence we do still exclude +# on unix like error messages +# 0.11 20 March, 2001 +# Added CMD extension, tidied docs slightly, added RCS tag +# ** Missed changing version number at top of file :-( +# 0.12 10 May, 2001 +# Added HTA extension +# 0.13 22 May, 2001 +# Reformatted regexps and code to build them so that they are +# shorter than the limits on pre exim 3.20 filters. This will +# make them significantly less efficient, but I am getting so +# many queries about this that requiring 3.2x appears unsupportable. +# +#### Install Notes +# +# Exim filters run the exim filter language - a very primitive +# scripting language - in place of a user .forward file, or on +# a per system basis (on all messages passing through). +# The filtering capability is documented in the main set of manuals +# a copy of which can be found on the exim web site +# http://www.exim.org/ +# +# To install, copy the filter file (with appropriate permissions) +# to /etc/exim/system_filter.exim and add to your exim config file +# [location is installation depedant - typicaly /etc/exim/config ] +# at the top the line:- +# message_filter = /etc/exim/system_filter.exim +# message_body_visible = 5000 +# +# You may also want to set the message_filter_user & message_filter_group +# options, but they default to the standard exim user and so can +# be left untouched. The other message_filter_* options are only +# needed if you modify this to do other functions such as deliveries. +# The main exim documentation is quite thorough and so I see no need +# to expand it here... +# +# Any message that matches the filter will then be bounced. +# If you wish you can change the error message by editing it +# in the section above - however be careful you don't break it. +# +# After install exim should be restarted - a kill -HUP to the +# daemon will do this. +# +#### LIMITATIONS +# +# This filter tries to parse MIME with a regexp... that doesn't +# work too well. It will also only see the amount of the body +# specified in message_body_visible +# +#### BASIS +# +# The regexp that is used to pickup MIME/uuencoded parts is replicated +# below (in perl format). You need to remember that exim converts +# newlines to spaces in the message_body variable. +# +# (?:Content- # start of content header +# (?:Type: (?>\s*) # rest of c/t header +# [\w-]+/[\w-]+ # content-type (any) +# |Disposition: (?>\s*) # content-disposition hdr +# attachment) # content-disposition +# ;(?>\s*) # ; space or newline +# (?:file)?name= # filename=/name= +# |begin (?>\s+) [0-7]{3,4} (?>\s+)) # begin octal-mode +# (\"[^\"]+\. # quoted filename. +# (?:vb[se] # list of extns +# |ws[fh] +# |jse? +# |exe +# |com +# |cmd +# |shs +# |hta +# |bat +# |scr +# |pif) +# \" # end quote +# |[\w.-]+\. # unquoted filename.ext +# (?:vb[se] # list of extns +# |ws[fh] +# |jse? +# |exe +# |com +# |cmd +# |shs +# |hta +# |bat +# |scr +# |pif) +# ) # end of filename capture +# [\s;] # trailing ;/space/newline +# +# +### [End] |