proto.m4

< linux网络编程工具>>配套源码

dnl do "we" ($=w) act as backup MX server for the destination domain?
R<NO> $* < @ $+ >		$: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
R<MX> < : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
dnl yes: mark it as <RELAY>
R<MX> < $* : $=w. : $* > < $+ >	$: <RELAY> $4
dnl no: put old <NO> mark back
R<MX> < : $* : > < $+ >		$: <NO> $2', `dnl')

dnl workspace: <(NO|RELAY)> localpart<@domain>, where localpart contains $=O
dnl if mark is <NO> then change it to <RELAY> if domain is "authorized"
ifdef(`_RELAY_HOSTS_ONLY_',
`R<NO> $* < @ $=R >		$: <RELAY> $1 < @ $2 >
ifdef(`_ACCESS_TABLE_', `dnl
R<NO> $* < @ $+ >		$: <$(access To:$2 $: NO $)> $1 < @ $2 >
R<NO> $* < @ $+ >		$: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')',
`R<NO> $* < @ $* $=R >		$: <RELAY> $1 < @ $2 $3 >
ifdef(`_ACCESS_TABLE_', `dnl
R<NO> $* < @ $+ >		$: $>LookUpDomain <$2> <NO> <$1 < @ $2 >> <+To>
R<$+> <$+>			$: <$1> $2',`dnl')')


R<RELAY> $* < @ $* >		$@ $>ParseRecipient $1
R<$-> $*			$@ $2


######################################################################
###  check_relay -- check hostname/address on SMTP startup
######################################################################

SLocal_check_relay
Scheck`'_U_`'relay
R$*			$: $1 $| $>"Local_check_relay" $1
R$* $| $* $| $#$*	$#$3
R$* $| $* $| $*		$@ $>"Basic_check_relay" $1 $| $2

SBasic_check_relay
# check for deferred delivery mode
R$*			$: < ${deliveryMode} > $1
R< d > $*		$@ deferred
R< $* > $*		$: $2

ifdef(`_ACCESS_TABLE_', `dnl
dnl workspace: {client_name} $| {client_addr}
R$+ $| $+		$: $>LookUpDomain < $1 > <?> < $2 > <+Connect>
dnl workspace: <result-of-lookup> <{client_addr}>
R<?> <$+>		$: $>LookUpAddress < $1 > <?> < $1 > <+Connect>	no: another lookup
dnl workspace: <result-of-lookup> <{client_addr}>
R<?> < $+ >		$: $1					found nothing
dnl workspace: <result-of-lookup> <{client_addr}>
dnl or {client_addr}
R<$={Accept}> < $* >	$@ $1				return value of lookup
R<REJECT> $*		$#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
R<DISCARD> $*		$#discard $: discard
dnl error tag
R<ERROR:$-.$-.$-:$+> <$*>	$#error $@ $1.$2.$3 $: $4
R<ERROR:$+> <$*>		$#error $: $1
dnl generic error from access map
R<$+> <$*>		$#error $: $1', `dnl')

ifdef(`_RBL_',`dnl
# DNS based IP address spam list
R$*			$: $&{client_addr}
R::ffff:$-.$-.$-.$-	$: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
R$-.$-.$-.$-		$: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
R<?>OK			$: OKSOFAR
R<?>$+			$#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site _RBL_"',
`dnl')
undivert(8)

######################################################################
###  check_mail -- check SMTP ``MAIL FROM:'' command argument
######################################################################

SLocal_check_mail
Scheck`'_U_`'mail
R$*			$: $1 $| $>"Local_check_mail" $1
R$* $| $#$*		$#$2
R$* $| $*		$@ $>"Basic_check_mail" $1

SBasic_check_mail
# check for deferred delivery mode
R$*			$: < ${deliveryMode} > $1
R< d > $*		$@ deferred
R< $* > $*		$: $2

# authenticated?
dnl done first: we can require authentication for every mail transaction
dnl workspace: address as given by MAIL FROM: (sender)
R$*			$: $1 $| $>"tls_client" $&{verify} $| MAIL
R$* $| $#$+		$#$2
dnl undo damage: remove result of tls_client call
R$* $| $*		$: $1

dnl workspace: address as given by MAIL FROM:
R<>			$@ <OK>			we MUST accept <> (RFC 1123)
ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
dnl do some additional checks
dnl no user@host
dnl no user@localhost (if nonlocal sender)
dnl this is a pretty simple canonification, it will not catch every case
dnl just make sure the address has <> around it (which is required by
dnl the RFC anyway, maybe we should complain if they are missing...)
dnl dirty trick: if it is user@host, just add a dot: user@host. this will
dnl not be modified by host lookups.
R$+			$: <?> $1
R<?><$+>		$: <@> <$1>
R<?>$+			$: <@> <$1>
dnl workspace: <@> <address>
dnl prepend daemon_flags
R$*			$: $&{daemon_flags} $| $1
dnl workspace: ${daemon_flags} $| <@> <address>
dnl do not allow these at all or only from local systems?
R$* f $* $| <@> < $* @ $- >	$: < ? $&{client_name} > < $3 @ $4 >
dnl accept unqualified sender: change mark to avoid test
R$* u $* $| <@> < $* >	$: <?> < $3 >
dnl workspace: ${daemon_flags} $| <@> <address>
dnl        or:                    <? ${client_name} > <address>
dnl        or:                    <?> <address>
dnl remove daemon_flags
R$* $| $*		$: $2
# handle case of @localhost on address
R<@> < $* @ localhost >	$: < ? $&{client_name} > < $1 @ localhost >
R<@> < $* @ [127.0.0.1] >
			$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
R<@> < $* @ localhost.$m >
			$: < ? $&{client_name} > < $1 @ localhost.$m >
ifdef(`_NO_UUCP_', `dnl',
`R<@> < $* @ localhost.UUCP >
			$: < ? $&{client_name} > < $1 @ localhost.UUCP >')
dnl workspace: < ? $&{client_name} > <user@localhost|host>
dnl	or:    <@> <address>
dnl	or:    <?> <address>	(thanks to u in ${daemon_flags})
R<@> $*			$: $1			no localhost as domain
dnl workspace: < ? $&{client_name} > <user@localhost|host>
dnl	or:    <address>
dnl	or:    <?> <address>	(thanks to u in ${daemon_flags})
R<? $=w> $*		$: $2			local client: ok
R<? $+> <$+>		$#error $@ 5.5.4 $: "501 Real domain name required for sender address"
dnl remove <?> (happens only if ${client_name} == "" or u in ${daemon_flags})
R<?> $*			$: $1')
dnl workspace: address (or <address>)
R$*			$: <?> $>CanonAddr $1		canonify sender address and mark it
dnl workspace: <?> CanonicalAddress (i.e. address in canonical form localpart<@host>)
dnl there is nothing behind the <@host> so no trailing $* needed
R<?> $* < @ $+ . >	<?> $1 < @ $2 >			strip trailing dots
# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
R<?> $* < @ $* $=P >	$: <OK> $1 < @ $2 $3 >
dnl workspace <mark> CanonicalAddress	where mark is ? or OK
ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
`R<?> $* < @ $+ >	$: <OK> $1 < @ $2 >		... unresolvable OK',
`R<?> $* < @ $+ >	$: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
R<? $* <$->> $* < @ $+ >
			$: <$2> $3 < @ $4 >')
dnl workspace <mark> CanonicalAddress	where mark is ?, OK, PERM, TEMP
dnl mark is ? iff the address is user (wo @domain)

ifdef(`_ACCESS_TABLE_', `dnl
# check sender address: user@address, user@, address
dnl should we remove +ext from user?
dnl workspace: <mark> CanonicalAddress where mark is: ?, OK, PERM, TEMP
R<$+> $+ < @ $* >	$: @<$1> <$2 < @ $3 >> $| <F:$2@$3> <U:$2@> <H:$3>
R<$+> $+		$: @<$1> <$2> $| <U:$2@>
dnl workspace: @<mark> <CanonicalAddress> $| <@type:address> ....
dnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
dnl will only return user<@domain when "reversing" the args
R@ <$+> <$*> $| <$+>	$: <@> <$1> <$2> $| $>SearchList <+From> $| <$3> <>
dnl workspace: <@><mark> <CanonicalAddress> $| <result>
R<@> <$+> <$*> $| <$*>	$: <$3> <$1> <$2>		reverse result
dnl workspace: <result> <mark> <CanonicalAddress>
# retransform for further use
dnl required form:
dnl <ResultOfLookup|mark> CanonicalAddress
R<?> <$+> <$*>		$: <$1> $2	no match
R<$+> <$+> <$*>		$: <$1> $3	relevant result, keep it', `dnl')
dnl workspace <ResultOfLookup|mark> CanonicalAddress
dnl mark is ? iff the address is user (wo @domain)

ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
# handle case of no @domain on address
dnl prepend daemon_flags
R<?> $*			$: $&{daemon_flags} $| <?> $1
dnl accept unqualified sender: change mark to avoid test
R$* u $* $| <?> $*	$: <OK> $3
dnl remove daemon_flags
R$* $| $*		$: $2
R<?> $*			$: < ? $&{client_name} > $1
R<?> $*			$@ <OK>				...local unqualed ok
R<? $+> $*		$#error $@ 5.5.4 $: "501 Domain name required for sender address " $&f
							...remote is not')
# check results
R<?> $*			$: @ $1		mark address: nothing known about it
R<OK> $*		$@ <OK>
R<TEMP> $*		$#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
R<PERM> $*		$#error $@ 5.1.8 $: "501 Domain of sender address " $&f " does not exist"
ifdef(`_ACCESS_TABLE_', `dnl
R<$={Accept}> $*	$# $1
R<DISCARD> $*		$#discard $: discard
R<REJECT> $*		$#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
dnl error tag
R<ERROR:$-.$-.$-:$+> $*		$#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $*		$#error $: $1
dnl generic error from access map
R<$+> $*		$#error $: $1		error from access db',
`dnl')

######################################################################
###  check_rcpt -- check SMTP ``RCPT TO:'' command argument
######################################################################

SLocal_check_rcpt
Scheck`'_U_`'rcpt
R$*			$: $1 $| $>"Local_check_rcpt" $1
R$* $| $#$*		$#$2
R$* $| $*		$@ $>"Basic_check_rcpt" $1

SBasic_check_rcpt
# check for deferred delivery mode
R$*			$: < ${deliveryMode} > $1
R< d > $*		$@ deferred
R< $* > $*		$: $2

ifdef(`_REQUIRE_QUAL_RCPT_', `dnl
# require qualified recipient?
R$+			$: <?> $1
R<?><$+>		$: <@> <$1>
R<?>$+			$: <@> <$1>
dnl prepend daemon_flags
R$*			$: $&{daemon_flags} $| $1
dnl workspace: ${daemon_flags} $| <@> <address>
dnl do not allow these at all or only from local systems?
R$* r $* $| <@> < $* @ $- >	$: < ? $&{client_name} > < $3 @ $4 >
R<?> < $* >		$: <$1>
R<? $=w> < $* >		$: <$1>
R<? $+> <$+>		$#error $@ 5.5.4 $: "553 Domain name required"
dnl remove daemon_flags for other cases
R$* $| <@> $*		$: $2', `dnl')

ifdef(`_LOOSE_RELAY_CHECK_',`dnl
R$*			$: $>CanonAddr $1
R$* < @ $* . >		$1 < @ $2 >			strip trailing dots',
`R$*			$: $>ParseRecipient $1		strip relayable hosts')

ifdef(`_BESTMX_IS_LOCAL_',`dnl
ifelse(_BESTMX_IS_LOCAL_, `', `dnl
# unlimited bestmx
R$* < @ $* > $*			$: $1 < @ $2 @@ $(bestmx $2 $) > $3',
`dnl
# limit bestmx to $=B
R$* < @ $* $=B > $*		$: $1 < @ $2 $3 @@ $(bestmx $2 $3 $) > $4')
R$* $=O $* < @ $* @@ $=w . > $*	$@ $>"Basic_check_rcpt" $1 $2 $3
R$* < @ $* @@ $=w . > $*	$: $1 < @ $3 > $4
R$* < @ $* @@ $* > $*		$: $1 < @ $2 > $4')

ifdef(`_BLACKLIST_RCPT_',`dnl
ifdef(`_ACCESS_TABLE_', `dnl
# blacklist local users or any host from receiving mail
R$*			$: <?> $1
dnl user is now tagged with @ to be consistent with check_mail
dnl and to distinguish users from hosts (com would be host, com@ would be user)
R<?> $+ < @ $=w >	$: <> <$1 < @ $2 >> $| <F:$1@$2> <U:$1@> <H:$2>
R<?> $+ < @ $* >	$: <> <$1 < @ $2 >> $| <F:$1@$2> <H:$2>
R<?> $+			$: <> <$1> $| <U:$1@>
dnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
dnl will only return user<@domain when "reversing" the args
R<> <$*> $| <$+>	$: <@> <$1> $| $>SearchList <+To> $| <$2> <>
R<@> <$*> $| <$*>	$: <$2> <$1>		reverse result
R<?> <$*>		$: @ $1		mark address as no match
R<$={Accept}> <$*>	$: @ $2		mark address as no match
ifdef(`_DELAY_CHECKS_',`dnl
dnl we have to filter these because otherwise they would be interpreted
dnl as generic error message...
dnl error messages should be "tagged" by prefixing them with error: !
dnl that would make a lot of things easier.
dnl maybe we should stop checks already here (if SPAM_xyx)?
R<$={SpamTag}> <$*>	$: @ $2		mark address as no match')
R<REJECT> $*		$#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
R<DISCARD> $*		$#discard $: discard
dnl error tag
R<ERROR:$-.$-.$-:$+> $*		$#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $*		$#error $: $1
dnl generic error from access map
R<$+> $*		$#error $: $1		error from access db
R@ $*			$1		remove mark', `dnl')', `dnl')

ifdef(`_PROMISCUOUS_RELAY_', `divert(-1)')
# authenticated?
dnl do this unconditionally? this requires to manage CAs carefully
dnl just because someone has a CERT signed by a "trusted" CA
dnl does not mean we want to allow relaying for her,
dnl either use a subroutine or provide something more sophisticated
dnl this could for example check the DN (maybe an access map lookup)
R$*		$: $1 $| $>RelayAuth $1 $| $&{verify}	client authenticated?
R$* $| $# $+		$# $2				error/ok?
R$* $| $*		$: $1				no

# authenticated by a trusted mechanism?
R$*			$: $1 $| $&{auth_type}
dnl empty ${auth_type}?
R$* $|			$: $1
dnl mechanism ${auth_type} accepted?
dnl use $# to override further tests (delay_checks): see check_rcpt below
R$* $| $={TrustAuthMech}	$# RELAYAUTH
dnl undo addition of ${auth_type}
R$* $| $*		$: $1
dnl workspace: localpart<@domain>
ifelse(defn(`_NO_UUCP_'), `r',
`R$* ! $* < @ $* >	$: <REMOTE> $2 < @ BANG_PATH >', `dnl')
# anything terminating locally is ok
ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
R$+ < @ $* $=m >	$@ RELAYTO', `dnl')
R$+ < @ $=w >		$@ RELAYTO
ifdef(`_RELAY_HOSTS_ONLY_',
`R$+ < @ $=R >		$@ RELAYTO
ifdef(`_ACCESS_TABLE_', `dnl
R$+ < @ $+ >		$: <$(access To:$2 $: ? $)> <$1 < @ $2 >>
dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
R<?> <$+ < @ $+ >>	$: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
`R$+ < @ $* $=R >	$@ RELAYTO
ifdef(`_ACCESS_TABLE_', `dnl
R$+ < @ $+ >		$: $>LookUpDomain <$2> <?> <$1 < @ $2 >> <+To>',`dnl')')
ifdef(`_ACCESS_TABLE_', `dnl
dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
R<RELAY> $*		$@ RELAYTO
R<$*> <$*>		$: $2',`dnl')


ifdef(`_RELAY_MX_SERVED_', `dnl
# allow relaying for hosts which we MX serve
R$+ < @ $+ >		$: < : $(mxserved $2 $) : > $1 < @ $2 >
dnl this must not necessarily happen if the client is checked first...
R< : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
R<$* : $=w . : $*> $*	$@ RELAYTO
R< : $* : > $*		$: $2',
`dnl')

# check for local user (i.e. unqualified address)
R$*			$: <?> $1
R<?> $* < @ $+ >	$: <REMOTE> $1 < @ $2 >
# local user is ok
dnl is it really? the standard requires user@domain, not just user
dnl but we should accept it anyway (maybe making it an option:
dnl RequireFQDN ?)
dnl