diff options
author | Philip Hazel <ph10@hermes.cam.ac.uk> | 2006-09-25 10:14:20 +0000 |
---|---|---|
committer | Philip Hazel <ph10@hermes.cam.ac.uk> | 2006-09-25 10:14:20 +0000 |
commit | 6ea85e9a4ac76f292db7bb946d6ada8d3ac93a2d (patch) | |
tree | 859514941e1f6762ebd8e51b0db8c1e965e77ba4 /src | |
parent | f324b55dcd5a95ce8273f6f368d03aab81d7ea59 (diff) |
Add log_reject_target as an ACL modifier.
Diffstat (limited to 'src')
-rw-r--r-- | src/src/acl.c | 51 | ||||
-rw-r--r-- | src/src/globals.c | 5 | ||||
-rw-r--r-- | src/src/globals.h | 5 | ||||
-rw-r--r-- | src/src/receive.c | 11 | ||||
-rw-r--r-- | src/src/smtp_in.c | 15 |
5 files changed, 68 insertions, 19 deletions
diff --git a/src/src/acl.c b/src/src/acl.c index 5709a11ab..8274e0c73 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/acl.c,v 1.65 2006/09/19 14:31:06 ph10 Exp $ */ +/* $Cambridge: exim/src/src/acl.c,v 1.66 2006/09/25 10:14:20 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -65,6 +65,7 @@ enum { ACLC_ACL, ACLC_HOSTS, ACLC_LOCAL_PARTS, ACLC_LOG_MESSAGE, + ACLC_LOG_REJECT_TARGET, ACLC_LOGWRITE, #ifdef WITH_CONTENT_SCAN ACLC_MALWARE, @@ -90,8 +91,9 @@ enum { ACLC_ACL, ACLC_VERIFY }; /* ACL conditions/modifiers: "delay", "control", "endpass", "message", -"log_message", "logwrite", and "set" are modifiers that look like conditions -but always return TRUE. They are used for their side effects. */ +"log_message", "log_reject_target", "logwrite", and "set" are modifiers that +look like conditions but always return TRUE. They are used for their side +effects. */ static uschar *conditions[] = { US"acl", @@ -117,8 +119,15 @@ static uschar *conditions[] = { US"dk_senders", US"dk_status", #endif - US"dnslists", US"domains", US"encrypted", - US"endpass", US"hosts", US"local_parts", US"log_message", US"logwrite", + US"dnslists", + US"domains", + US"encrypted", + US"endpass", + US"hosts", + US"local_parts", + US"log_message", + US"log_reject_target", + US"logwrite", #ifdef WITH_CONTENT_SCAN US"malware", #endif @@ -232,6 +241,7 @@ static uschar cond_expand_at_top[] = { FALSE, /* hosts */ FALSE, /* local_parts */ TRUE, /* log_message */ + TRUE, /* log_reject_target */ TRUE, /* logwrite */ #ifdef WITH_CONTENT_SCAN TRUE, /* malware */ @@ -290,6 +300,7 @@ static uschar cond_modifiers[] = { FALSE, /* hosts */ FALSE, /* local_parts */ TRUE, /* log_message */ + TRUE, /* log_reject_target */ TRUE, /* logwrite */ #ifdef WITH_CONTENT_SCAN FALSE, /* malware */ @@ -433,6 +444,8 @@ static unsigned int cond_forbids[] = { 0, /* log_message */ + 0, /* log_reject_target */ + 0, /* logwrite */ #ifdef WITH_CONTENT_SCAN @@ -2844,6 +2857,29 @@ for (; cb != NULL; cb = cb->next) &deliver_localpart_data); break; + case ACLC_LOG_REJECT_TARGET: + { + int logbits = 0; + int sep = 0; + uschar *s = arg; + uschar *ss; + while ((ss = string_nextinlist(&s, &sep, big_buffer, big_buffer_size)) + != NULL) + { + if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN; + else if (Ustrcmp(ss, "panic") == 0) logbits |= LOG_PANIC; + else if (Ustrcmp(ss, "reject") == 0) logbits |= LOG_REJECT; + else + { + logbits |= LOG_MAIN|LOG_REJECT; + log_write(0, LOG_MAIN|LOG_PANIC, "unknown log name \"%s\" in " + "\"log_reject_target\" in %s ACL", ss, acl_wherenames[where]); + } + } + log_reject_target = logbits; + } + break; + case ACLC_LOGWRITE: { int logbits = 0; @@ -2870,6 +2906,8 @@ for (; cb != NULL; cb = cb->next) s++; } while (isspace(*s)) s++; + + if (logbits == 0) logbits = LOG_MAIN; log_write(0, logbits, "%s", string_printing(s)); } @@ -2878,7 +2916,7 @@ for (; cb != NULL; cb = cb->next) #ifdef WITH_CONTENT_SCAN case ACLC_MALWARE: { - /* Seperate the regular expression and any optional parameters. */ + /* Separate the regular expression and any optional parameters. */ uschar *ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size); /* Run the malware backend. */ rc = malware(&ss); @@ -3513,6 +3551,7 @@ address_item *addr = NULL; *user_msgptr = *log_msgptr = NULL; sender_verified_failed = NULL; ratelimiters_cmd = NULL; +log_reject_target = LOG_MAIN|LOG_REJECT; if (where == ACL_WHERE_RCPT) { diff --git a/src/src/globals.c b/src/src/globals.c index a694053c5..7c3f8e9f1 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.c,v 1.58 2006/09/19 11:28:45 ph10 Exp $ */ +/* $Cambridge: exim/src/src/globals.c,v 1.59 2006/09/25 10:14:20 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -703,11 +703,12 @@ bit_table log_options[] = { }; int log_options_count = sizeof(log_options)/sizeof(bit_table); -unsigned int log_write_selector= L_default; +int log_reject_target = 0; uschar *log_selector_string = NULL; FILE *log_stderr = NULL; BOOL log_testing_mode = FALSE; BOOL log_timezone = FALSE; +unsigned int log_write_selector= L_default; uschar *login_sender_address = NULL; int lookup_open_max = 25; uschar *lookup_value = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index cd5fb4e36..0bafda666 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.h,v 1.40 2006/09/19 11:28:45 ph10 Exp $ */ +/* $Cambridge: exim/src/src/globals.h,v 1.41 2006/09/25 10:14:20 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -404,11 +404,12 @@ extern unsigned int log_extra_selector;/* Bit map of logging options other than extern uschar *log_file_path; /* If unset, use default */ extern bit_table log_options[]; /* Table of options */ extern int log_options_count; /* Size of table */ -extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ +extern int log_reject_target; /* Target log for ACL rejections */ extern uschar *log_selector_string; /* As supplied in the config */ extern FILE *log_stderr; /* Copy of stderr for log use, or NULL */ extern BOOL log_testing_mode; /* TRUE in various testing modes */ extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ +extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ extern uschar *login_sender_address; /* The actual sender address */ extern lookup_info lookup_list[]; /* Vector of available lookups */ extern int lookup_list_count; /* Number of entries in the list */ diff --git a/src/src/receive.c b/src/src/receive.c index 3f430f1aa..797444ca1 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/receive.c,v 1.28 2006/07/13 13:53:33 ph10 Exp $ */ +/* $Cambridge: exim/src/src/receive.c,v 1.29 2006/09/25 10:14:20 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -2985,8 +2985,13 @@ else #ifdef WITH_CONTENT_SCAN unspool_mbox(); #endif - log_write(0, LOG_MAIN|LOG_REJECT, "F=<%s> rejected by non-SMTP ACL: %s", - sender_address, log_msg); + /* The ACL can specify where rejections are to be logged, possibly + nowhere. The default is main and reject logs. */ + + if (log_reject_target != 0) + log_write(0, log_reject_target, "F=<%s> rejected by non-SMTP ACL: %s", + sender_address, log_msg); + if (user_msg == NULL) user_msg = US"local configuration problem"; if (smtp_batched_input) { diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 614a3ffe0..36c4c3021 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/smtp_in.c,v 1.43 2006/09/19 11:28:45 ph10 Exp $ */ +/* $Cambridge: exim/src/src/smtp_in.c,v 1.44 2006/09/25 10:14:20 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -2002,12 +2002,15 @@ else US"Temporary local problem - please try later"); } -/* Log the incident. If the connection is not forcibly to be dropped, return 0. -Otherwise, log why it is closing if required and return 2. */ +/* Log the incident to the logs that are specified by log_reject_target +(default main, reject). This can be empty to suppress logging of rejections. If +the connection is not forcibly to be dropped, return 0. Otherwise, log why it +is closing if required and return 2. */ -log_write(0, LOG_MAIN|LOG_REJECT, "%s %s%srejected %s%s", - host_and_ident(TRUE), - sender_info, (rc == FAIL)? US"" : US"temporarily ", what, log_msg); +if (log_reject_target != 0) + log_write(0, log_reject_target, "%s %s%srejected %s%s", + host_and_ident(TRUE), + sender_info, (rc == FAIL)? US"" : US"temporarily ", what, log_msg); if (!drop) return 0; |