diff options
author | Simon Arlott <bugzilla.exim.simon@arlott.org> | 2019-03-16 16:01:15 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2019-03-16 16:01:15 +0000 |
commit | 7c498df16cbb3d35eb8df3668ec426388f0dc974 (patch) | |
tree | d0af3af7e56f63539f3cbad70674da9f8d1b65a9 | |
parent | 9883af7240d3c25b7a8a859c9e8482caacd5f1aa (diff) |
Add caseless option to verify=not_blind. Bug 2356
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 7 | ||||
-rw-r--r-- | doc/doc-txt/NewStuff | 2 | ||||
-rw-r--r-- | src/src/acl.c | 17 | ||||
-rw-r--r-- | src/src/functions.h | 2 | ||||
-rw-r--r-- | src/src/verify.c | 33 | ||||
-rw-r--r-- | test/confs/0583 | 24 | ||||
-rw-r--r-- | test/log/0583 | 6 | ||||
-rw-r--r-- | test/rejectlog/0507 | 2 | ||||
-rw-r--r-- | test/rejectlog/0583 | 36 | ||||
-rw-r--r-- | test/scripts/0000-Basic/0507 | 2 | ||||
-rw-r--r-- | test/scripts/0000-Basic/0583 | 65 | ||||
-rw-r--r-- | test/stderr/0583 | 12 | ||||
-rw-r--r-- | test/stdout/0583 | 52 |
13 files changed, 238 insertions, 22 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 6638e8c01..7a7608bd6 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -30844,7 +30844,7 @@ For SMTP input that does not come over TCP/IP (the &%-bs%& command line option), this condition is always true. -.vitem &*verify&~=&~not_blind*& +.vitem &*verify&~=&~not_blind/*&<&'options'&> .cindex "verifying" "not blind" .cindex "bcc recipients, verifying none" This condition checks that there are no blind (bcc) recipients in the message. @@ -30854,6 +30854,11 @@ case-sensitively; domains are checked case-insensitively. If &'Resent-To:'& or &'Resent-Cc:'& header lines exist, they are also checked. This condition can be used only in a DATA or non-SMTP ACL. +.new +There is one possible option, &`case_insensitive`&. If this is present then +local parts are checked case-insensitively. +.wen + There are, of course, many legitimate messages that make use of blind (bcc) recipients. This check should not be used on its own for blocking messages. diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 973a66937..e776a4f95 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -18,6 +18,8 @@ Version 4.93 4. Log_selectors "msg_id" (on by default) and "msg_id_created". + 5. A case_insensitive option for verify=not_blind. + Version 4.92 -------------- diff --git a/src/src/acl.c b/src/src/acl.c index 6168187ec..fdd32b8e7 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1512,7 +1512,7 @@ static verify_type_t verify_type_list[] = { { US"helo", VERIFY_HELO, ~0, TRUE, 0 }, { US"csa", VERIFY_CSA, ~0, FALSE, 0 }, { US"header_syntax", VERIFY_HDR_SYNTAX, ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 }, - { US"not_blind", VERIFY_NOT_BLIND, ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 }, + { US"not_blind", VERIFY_NOT_BLIND, ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 }, { US"header_sender", VERIFY_HDR_SNDR, ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 }, { US"sender", VERIFY_SNDR, ACL_BIT_MAIL | ACL_BIT_RCPT |ACL_BIT_PREDATA | ACL_BIT_DATA | ACL_BIT_NOTSMTP, @@ -1711,14 +1711,27 @@ switch(vp->value) case VERIFY_NOT_BLIND: /* Check that no recipient of this message is "blind", that is, every envelope recipient must be mentioned in either To: or Cc:. */ + { + BOOL case_sensitive = TRUE; - if ((rc = verify_check_notblind()) != OK) + while ((ss = string_nextinlist(&list, &sep, NULL, 0))) + if (strcmpic(ss, US"case_insensitive") == 0) + case_sensitive = FALSE; + else + { + *log_msgptr = string_sprintf("unknown option \"%s\" in ACL " + "condition \"verify %s\"", ss, arg); + return ERROR; + } + + if ((rc = verify_check_notblind(case_sensitive)) != OK) { *log_msgptr = string_sprintf("bcc recipient detected"); if (smtp_return_error_details) *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr); } return rc; + } /* The remaining verification tests check recipient and sender addresses, either from the envelope or from the header. There are a number of diff --git a/src/src/functions.h b/src/src/functions.h index f8c0bbf8a..4193caccb 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -572,7 +572,7 @@ extern int verify_check_header_address(uschar **, uschar **, int, int, int, extern int verify_check_headers(uschar **); extern int verify_check_header_names_ascii(uschar **); extern int verify_check_host(uschar **); -extern int verify_check_notblind(void); +extern int verify_check_notblind(BOOL); extern int verify_check_given_host(const uschar **, const host_item *); extern int verify_check_this_host(const uschar **, unsigned int *, const uschar*, const uschar *, const uschar **); diff --git a/src/src/verify.c b/src/src/verify.c index 7bdfa8152..528a668b8 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -2369,13 +2369,13 @@ The original proposed patch did the former, but I have chosen to do the latter, because (a) it requires no memory and (b) will use fewer resources when there are many addresses in To: and/or Cc: and only one or two envelope recipients. -Arguments: none +Arguments: case_sensitive true if case sensitive matching should be used Returns: OK if there are no blind recipients FAIL if there is at least one blind recipient */ int -verify_check_notblind(void) +verify_check_notblind(BOOL case_sensitive) { for (int i = 0; i < recipients_count; i++) { @@ -2399,8 +2399,8 @@ for (int i = 0; i < recipients_count; i++) while (*s) { - uschar *ss = parse_find_address_end(s, FALSE); - uschar *recipient,*errmess; + uschar * ss = parse_find_address_end(s, FALSE); + uschar * recipient, * errmess; int terminator = *ss; int start, end, domain; @@ -2412,21 +2412,22 @@ for (int i = 0; i < recipients_count; i++) *ss = terminator; /* If we found a valid recipient that has a domain, compare it with the - envelope recipient. Local parts are compared case-sensitively, domains - case-insensitively. By comparing from the start with length "domain", we - include the "@" at the end, which ensures that we are comparing the whole - local part of each address. */ - - if (recipient != NULL && domain != 0) - { - found = Ustrncmp(recipient, address, domain) == 0 && - strcmpic(recipient + domain, address + domain) == 0; - if (found) break; - } + envelope recipient. Local parts are compared with case-sensitivity + according to the routine arg, domains case-insensitively. + By comparing from the start with length "domain", we include the "@" at + the end, which ensures that we are comparing the whole local part of each + address. */ + + if (recipient && domain != 0) + if ((found = (case_sensitive + ? Ustrncmp(recipient, address, domain) == 0 + : strncmpic(recipient, address, domain) == 0) + && strcmpic(recipient + domain, address + domain) == 0)) + break; /* Advance to the next address */ - s = ss + (terminator? 1:0); + s = ss + (terminator ? 1:0); while (isspace(*s)) s++; } /* Next address */ diff --git a/test/confs/0583 b/test/confs/0583 new file mode 100644 index 000000000..ae5b55d46 --- /dev/null +++ b/test/confs/0583 @@ -0,0 +1,24 @@ +# Exim test configuration 0583 + +ERROR_DETAILS= + +.include DIR/aux-var/std_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +acl_smtp_rcpt = accept +acl_smtp_data = check_data + +ERROR_DETAILS + +# ----- ACL ------ + +begin acl + +check_data: + accept verify = not_blind/case_insensitive + + +# End diff --git a/test/log/0583 b/test/log/0583 new file mode 100644 index 000000000..94f171bfd --- /dev/null +++ b/test/log/0583 @@ -0,0 +1,6 @@ +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss +1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +1999-03-02 09:44:33 10HmaY-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-smtp S=sss diff --git a/test/rejectlog/0507 b/test/rejectlog/0507 index 957071a1f..ca6243bd3 100644 --- a/test/rejectlog/0507 +++ b/test/rejectlog/0507 @@ -5,7 +5,7 @@ P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) (envelope-from <CALLER@myhost.test.ex>) id 10HmaX-0005vi-00 for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000 -T To: a@b.c, himself <usery@dom.com> +T To: a@b.c, himself <usery@dom.com>, HIMSELF <USERX@dom.com> I Message-Id: <E10HmaX-0005vi-00@myhost.test.ex> F From: CALLER_NAME <CALLER@myhost.test.ex> Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/rejectlog/0583 b/test/rejectlog/0583 new file mode 100644 index 000000000..993bc4559 --- /dev/null +++ b/test/rejectlog/0583 @@ -0,0 +1,36 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +Envelope-from: <CALLER@myhost.test.ex> +Envelope-to: <userx@dom.com> +P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) + (envelope-from <CALLER@myhost.test.ex>) + id 10HmaX-0005vi-00 + for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000 +T To: b@b.c, himself <usery@dom.com> +I Message-Id: <E10HmaX-0005vi-00@myhost.test.ex> +F From: CALLER_NAME <CALLER@myhost.test.ex> + Date: Tue, 2 Mar 1999 09:44:33 +0000 +1999-03-02 09:44:33 10HmaY-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +Envelope-from: <CALLER@myhost.test.ex> +Envelope-to: <userx@dom.com> +P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) + (envelope-from <CALLER@myhost.test.ex>) + id 10HmaY-0005vi-00 + for userx@dom.com; Tue, 2 Mar 1999 09:44:33 +0000 +T To: c@b.c, himself <usery@dom.com> +I Message-Id: <E10HmaY-0005vi-00@myhost.test.ex> +F From: CALLER_NAME <CALLER@myhost.test.ex> + Date: Tue, 2 Mar 1999 09:44:33 +0000 +1999-03-02 09:44:33 10HmaZ-0005vi-00 U=CALLER F=<CALLER@myhost.test.ex> rejected after DATA: bcc recipient detected +Envelope-from: <CALLER@myhost.test.ex> +Envelope-to: <userx@dom.com> + <usery@dom.com> + <userz@dom.com> +P Received: from CALLER by myhost.test.ex with local-smtp (Exim x.yz) + (envelope-from <CALLER@myhost.test.ex>) + id 10HmaZ-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +T To: e@b.c, himself <UserY@dom.com> +* Cc: unqualified, UserX@dom.com, x@y.z +C Cc: unqualified@myhost.test.ex, UserX@dom.com, x@y.z +I Message-Id: <E10HmaZ-0005vi-00@myhost.test.ex> +F From: CALLER_NAME <CALLER@myhost.test.ex> + Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/scripts/0000-Basic/0507 b/test/scripts/0000-Basic/0507 index d4f5bc065..ce8d71e85 100644 --- a/test/scripts/0000-Basic/0507 +++ b/test/scripts/0000-Basic/0507 @@ -11,7 +11,7 @@ exim -odq -bs mail from:<> rcpt to:<userx@dom.com> data -To: a@b.c, himself <usery@dom.com> +To: a@b.c, himself <usery@dom.com>, HIMSELF <USERX@dom.com> . quit **** diff --git a/test/scripts/0000-Basic/0583 b/test/scripts/0000-Basic/0583 new file mode 100644 index 000000000..c4ae477c1 --- /dev/null +++ b/test/scripts/0000-Basic/0583 @@ -0,0 +1,65 @@ +# verify = not_blind/case_insensitive +# +# Accept: the env rcpt matches a header To: +exim -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +data +To: a@b.c, himself <UserX@dom.com> +. +quit +**** +### Reject: no match +exim -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +data +To: b@b.c, himself <usery@dom.com> +. +quit +**** +### Reject, with specific SMTP message +exim -DERROR_DETAILS=smtp_return_error_details -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +data +To: c@b.c, himself <usery@dom.com> +. +quit +**** +### Accept, matches in header CC: +exim -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +rcpt to:<usery@dom.com> +data +To: d@b.c, himself <UserY@dom.com> +Cc: unqualified, UserX@dom.com, x@y.z +. +quit +**** +### Reject: To: & CC: combo, an env rcpt missing +exim -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +rcpt to:<usery@dom.com> +rcpt to:<userz@dom.com> +data +To: e@b.c, himself <UserY@dom.com> +Cc: unqualified, UserX@dom.com, x@y.z +. +quit +**** +### Accept: Resent-To: & Resent-CC: combo +exim -odq -bs +mail from:<> +rcpt to:<userx@dom.com> +rcpt to:<usery@dom.com> +data +Resent-To: f@b.c, himself <UserY@dom.com> +Resent-Cc: unqualified, UserX@dom.com, x@y.z +To: an@other +. +quit +**** +no_msglog_check diff --git a/test/stderr/0583 b/test/stderr/0583 new file mode 100644 index 000000000..3c3c7f103 --- /dev/null +++ b/test/stderr/0583 @@ -0,0 +1,12 @@ +### Reject: no match +### Reject, with specific SMTP message +### Accept, matches in header CC: +### Reject: To: & CC: combo, an env rcpt missing +### Accept: Resent-To: & Resent-CC: combo + +******** SERVER ******** +### Reject: no match +### Reject, with specific SMTP message +### Accept, matches in header CC: +### Reject: To: & CC: combo, an env rcpt missing +### Accept: Resent-To: & Resent-CC: combo diff --git a/test/stdout/0583 b/test/stdout/0583 new file mode 100644 index 000000000..9c896e3e6 --- /dev/null +++ b/test/stdout/0583 @@ -0,0 +1,52 @@ +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+250 OK id=10HmbA-0005vi-00
+221 myhost.test.ex closing connection
+### Reject: no match +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+550 Administrative prohibition
+221 myhost.test.ex closing connection
+### Reject, with specific SMTP message +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+550 Rejected after DATA: bcc recipient detected
+221 myhost.test.ex closing connection
+### Accept, matches in header CC: +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+250 OK id=10HmbB-0005vi-00
+221 myhost.test.ex closing connection
+### Reject: To: & CC: combo, an env rcpt missing +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+250 Accepted
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+550 Administrative prohibition
+221 myhost.test.ex closing connection
+### Accept: Resent-To: & Resent-CC: combo +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+250 Accepted
+354 Enter message, ending with "." on a line by itself
+250 OK id=10HmbC-0005vi-00
+221 myhost.test.ex closing connection
+ +******** SERVER ******** +### Reject: no match +### Reject, with specific SMTP message +### Accept, matches in header CC: +### Reject: To: & CC: combo, an env rcpt missing +### Accept: Resent-To: & Resent-CC: combo |