static void pre_init(char *unused_name, char **unused_argv)
{
/*
* Reset the file size limit from the message size limit to the mailbox
* size limit. XXX This still isn't accurate because the file size limit
* also affects delivery to command.
*
* A file size limit protects the machine against runaway software errors.
* It is not suitable to enforce mail quota, because users can get around
* mail quota by delivering to /file/name or to |command.
*
* We can't have mailbox size limit smaller than the message size limit,
* because that prohibits the delivery agent from updating the queue
* file.
*/
if (var_mailbox_limit) {
if (var_mailbox_limit < var_message_limit || var_message_limit == 0)
msg_fatal("main.cf configuration error: %s is smaller than %s",
VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
set_file_limit(var_mailbox_limit);
}
alias_maps = maps_create("aliases", var_alias_maps,
DICT_FLAG_LOCK | DICT_FLAG_PARANOID
| DICT_FLAG_FOLD_FIX);
flush_init();
}
static void flush_site(const char *site)
{
int status;
const char *errstr;
uid_t uid = getuid();
if (uid != 0 && uid != var_owner_uid
&& (errstr = check_user_acl_byuid(VAR_FLUSH_ACL, var_flush_acl,
uid)) != 0)
msg_fatal_status(EX_NOPERM,
"User %s(%ld) is not allowed to flush the mail queue",
errstr, (long) uid);
flush_init();
switch (status = flush_send_site(site)) {
case FLUSH_STAT_OK:
exit(0);
case FLUSH_STAT_BAD:
msg_fatal_status(EX_USAGE, "Invalid request: \"%s\"", site);
case FLUSH_STAT_FAIL:
msg_fatal_status(EX_UNAVAILABLE,
"Cannot flush mail queue - mail system is down");
case FLUSH_STAT_DENY:
msg_fatal_status(EX_UNAVAILABLE,
"Flush service is not configured for destination \"%s\"",
site);
default:
msg_fatal_status(EX_SOFTWARE,
"Unknown flush server reply status %d", status);
}
}
static void pre_init(char *unused_name, char **unused_argv)
{
static NAME_MASK lookup_masks[] = {
SMTP_HOST_LOOKUP_DNS, SMTP_HOST_FLAG_DNS,
SMTP_HOST_LOOKUP_NATIVE, SMTP_HOST_FLAG_NATIVE,
0,
};
/*
* Turn on per-peer debugging.
*/
debug_peer_init();
/*
* Select hostname lookup mechanisms.
*/
if (var_disable_dns)
smtp_host_lookup_mask = SMTP_HOST_FLAG_NATIVE;
else
smtp_host_lookup_mask = name_mask(VAR_SMTP_HOST_LOOKUP, lookup_masks,
var_smtp_host_lookup);
if (msg_verbose)
msg_info("host name lookup methods: %s",
str_name_mask(VAR_SMTP_HOST_LOOKUP, lookup_masks,
smtp_host_lookup_mask));
/*
* SASL initialization.
*/
if (var_smtp_sasl_enable)
#ifdef USE_SASL_AUTH
smtp_sasl_initialize();
#else
msg_warn("%s is true, but SASL support is not compiled in",
VAR_SMTP_SASL_ENABLE);
#endif
/*
* Flush client.
*/
flush_init();
}
static void pre_init(char *unused_name, char **unused_argv)
{
/*
* Reset the file size limit from the message size limit to the mailbox
* size limit.
*
* We can't have mailbox size limit smaller than the message size limit,
* because that prohibits the delivery agent from updating the queue
* file.
*/
if (var_virt_mailbox_limit) {
if (var_virt_mailbox_limit < var_message_limit || var_message_limit == 0)
msg_fatal("main.cf configuration error: %s is smaller than %s",
VAR_VIRT_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
set_file_limit(var_virt_mailbox_limit);
}
/*
* flush client.
*/
flush_init();
}
static void flush_site(const char *site)
{
int status;
flush_init();
switch (status = flush_send(site)) {
case FLUSH_STAT_OK:
exit(0);
case FLUSH_STAT_BAD:
msg_fatal_status(EX_USAGE, "Invalid request: \"%s\"", site);
case FLUSH_STAT_FAIL:
msg_fatal_status(EX_UNAVAILABLE,
"Cannot flush mail queue - mail system is down");
case FLUSH_STAT_DENY:
msg_fatal_status(EX_UNAVAILABLE,
"Flush service is not configured for destination \"%s\"",
site);
default:
msg_fatal_status(EX_SOFTWARE,
"Unknown flush server reply status %d", status);
}
}
static void pre_init(char *unused_name, char **unused_argv)
{
flush_init();
}
static void pre_init(char *unused_name, char **unused_argv)
{
int use_tls;
static const NAME_CODE addr_pref_map[] = {
INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6,
INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4,
INET_PROTO_NAME_ANY, 0,
0, -1,
};
/*
* Turn on per-peer debugging.
*/
debug_peer_init();
/*
* SASL initialization.
*/
if (var_smtp_sasl_enable)
#ifdef USE_SASL_AUTH
smtp_sasl_initialize();
#else
msg_warn("%s is true, but SASL support is not compiled in",
VAR_SMTP_SASL_ENABLE);
#endif
if (*var_smtp_tls_level != 0)
switch (tls_level_lookup(var_smtp_tls_level)) {
case TLS_LEV_SECURE:
case TLS_LEV_VERIFY:
case TLS_LEV_FPRINT:
case TLS_LEV_ENCRYPT:
var_smtp_use_tls = var_smtp_enforce_tls = 1;
break;
case TLS_LEV_MAY:
var_smtp_use_tls = 1;
var_smtp_enforce_tls = 0;
break;
case TLS_LEV_NONE:
var_smtp_use_tls = var_smtp_enforce_tls = 0;
break;
default:
/* tls_level_lookup() logs no warning. */
/* session_tls_init() assumes that var_smtp_tls_level is sane. */
msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level);
}
use_tls = (var_smtp_use_tls || var_smtp_enforce_tls);
/*
* Initialize the TLS data before entering the chroot jail
*/
if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) {
#ifdef USE_TLS
TLS_CLIENT_INIT_PROPS props;
int using_smtp = (strcmp(var_procname, "smtp") == 0);
/*
* We get stronger type safety and a cleaner interface by combining
* the various parameters into a single tls_client_props structure.
*
* Large parameter lists are error-prone, so we emulate a language
* feature that C does not have natively: named parameter lists.
*/
smtp_tls_ctx =
TLS_CLIENT_INIT(&props,
log_param = using_smtp ?
VAR_SMTP_TLS_LOGLEVEL : VAR_LMTP_TLS_LOGLEVEL,
log_level = var_smtp_tls_loglevel,
verifydepth = var_smtp_tls_scert_vd,
cache_type = using_smtp ?
TLS_MGR_SCACHE_SMTP : TLS_MGR_SCACHE_LMTP,
cert_file = var_smtp_tls_cert_file,
key_file = var_smtp_tls_key_file,
dcert_file = var_smtp_tls_dcert_file,
dkey_file = var_smtp_tls_dkey_file,
eccert_file = var_smtp_tls_eccert_file,
eckey_file = var_smtp_tls_eckey_file,
CAfile = var_smtp_tls_CAfile,
CApath = var_smtp_tls_CApath,
fpt_dgst = var_smtp_tls_fpt_dgst);
smtp_tls_list_init();
#else
msg_warn("TLS has been selected, but TLS support is not compiled in");
#endif
}
/*
* Flush client.
*/
flush_init();
/*
* Session cache domain list.
*/
if (*var_smtp_cache_dest)
smtp_cache_dest = string_list_init(MATCH_FLAG_RETURN, var_smtp_cache_dest);
/*
* EHLO keyword filter.
*/
if (*var_smtp_ehlo_dis_maps)
smtp_ehlo_dis_maps = maps_create(VAR_SMTP_EHLO_DIS_MAPS,
var_smtp_ehlo_dis_maps,
DICT_FLAG_LOCK);
/*
* PIX bug workarounds.
*/
if (*var_smtp_pix_bug_maps)
smtp_pix_bug_maps = maps_create(VAR_SMTP_PIX_BUG_MAPS,
var_smtp_pix_bug_maps,
DICT_FLAG_LOCK);
/*
* Generic maps.
*/
if (*var_prop_extension)
smtp_ext_prop_mask =
ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension);
if (*var_smtp_generic_maps)
smtp_generic_maps =
maps_create(VAR_SMTP_GENERIC_MAPS, var_smtp_generic_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
/*
* Header/body checks.
*/
smtp_header_checks = hbc_header_checks_create(
VAR_SMTP_HEAD_CHKS, var_smtp_head_chks,
VAR_SMTP_MIME_CHKS, var_smtp_mime_chks,
VAR_SMTP_NEST_CHKS, var_smtp_nest_chks,
smtp_hbc_callbacks);
smtp_body_checks = hbc_body_checks_create(
VAR_SMTP_BODY_CHKS, var_smtp_body_chks,
smtp_hbc_callbacks);
/*
* Server reply filter.
*/
if (*var_smtp_resp_filter)
smtp_chat_resp_filter =
dict_open(var_smtp_resp_filter, O_RDONLY,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
/*
* Address family preference.
*/
if (*var_smtp_addr_pref) {
smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE,
var_smtp_addr_pref);
if (smtp_addr_pref < 0)
msg_fatal("bad %s value: %s", VAR_SMTP_ADDR_PREF, var_smtp_addr_pref);
}
}
void cleanup_pre_jail(char *unused_name, char **unused_argv)
{
static const NAME_MASK send_canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
0,
};
static const NAME_MASK rcpt_canon_class_table[] = {
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_RCPT, CLEANUP_CANON_FLAG_HDR_RCPT,
0,
};
static const NAME_MASK canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
CANON_CLASS_HDR_RCPT, CLEANUP_CANON_FLAG_HDR_RCPT,
0,
};
static const NAME_MASK masq_class_table[] = {
MASQ_CLASS_ENV_FROM, CLEANUP_MASQ_FLAG_ENV_FROM,
MASQ_CLASS_ENV_RCPT, CLEANUP_MASQ_FLAG_ENV_RCPT,
MASQ_CLASS_HDR_FROM, CLEANUP_MASQ_FLAG_HDR_FROM,
MASQ_CLASS_HDR_RCPT, CLEANUP_MASQ_FLAG_HDR_RCPT,
0,
};
if (*var_canonical_maps)
cleanup_comm_canon_maps =
maps_create(VAR_CANONICAL_MAPS, var_canonical_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_send_canon_maps)
cleanup_send_canon_maps =
maps_create(VAR_SEND_CANON_MAPS, var_send_canon_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_rcpt_canon_maps)
cleanup_rcpt_canon_maps =
maps_create(VAR_RCPT_CANON_MAPS, var_rcpt_canon_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_virt_alias_maps)
cleanup_virt_alias_maps = maps_create(VAR_VIRT_ALIAS_MAPS,
var_virt_alias_maps,
DICT_FLAG_LOCK
| DICT_FLAG_FOLD_FIX);
if (*var_canon_classes)
cleanup_comm_canon_flags =
name_mask(VAR_CANON_CLASSES, canon_class_table,
var_canon_classes);
if (*var_send_canon_classes)
cleanup_send_canon_flags =
name_mask(VAR_CANON_CLASSES, send_canon_class_table,
var_send_canon_classes);
if (*var_rcpt_canon_classes)
cleanup_rcpt_canon_flags =
name_mask(VAR_CANON_CLASSES, rcpt_canon_class_table,
var_rcpt_canon_classes);
if (*var_masq_domains)
cleanup_masq_domains = argv_split(var_masq_domains, " ,\t\r\n");
if (*var_header_checks)
cleanup_header_checks =
maps_create(VAR_HEADER_CHECKS, var_header_checks, DICT_FLAG_LOCK);
if (*var_mimehdr_checks)
cleanup_mimehdr_checks =
maps_create(VAR_MIMEHDR_CHECKS, var_mimehdr_checks, DICT_FLAG_LOCK);
if (*var_nesthdr_checks)
cleanup_nesthdr_checks =
maps_create(VAR_NESTHDR_CHECKS, var_nesthdr_checks, DICT_FLAG_LOCK);
if (*var_body_checks)
cleanup_body_checks =
maps_create(VAR_BODY_CHECKS, var_body_checks, DICT_FLAG_LOCK);
if (*var_masq_exceptions)
cleanup_masq_exceptions =
string_list_init(MATCH_FLAG_NONE, var_masq_exceptions);
if (*var_masq_classes)
cleanup_masq_flags = name_mask(VAR_MASQ_CLASSES, masq_class_table,
var_masq_classes);
if (*var_send_bcc_maps)
cleanup_send_bcc_maps =
maps_create(VAR_SEND_BCC_MAPS, var_send_bcc_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_rcpt_bcc_maps)
cleanup_rcpt_bcc_maps =
maps_create(VAR_RCPT_BCC_MAPS, var_rcpt_bcc_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_cleanup_milters)
cleanup_milters = milter_create(var_cleanup_milters,
var_milt_conn_time,
var_milt_cmd_time,
var_milt_msg_time,
var_milt_protocol,
var_milt_def_action,
var_milt_conn_macros,
var_milt_helo_macros,
var_milt_mail_macros,
var_milt_rcpt_macros,
var_milt_data_macros,
var_milt_eoh_macros,
var_milt_eod_macros,
var_milt_unk_macros);
flush_init();
}
