summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2012-12-06Fix my earlier "fix" for intermittently deliverable recipients.Tony Finch
Only do the ultimate address timeout check if there is an address retry record and there is not a domain retry record; this implies that previous attempts to handle the address had the retry_use_local_parts option turned on. We use this as an approximation for the destination being like a local delivery, as in LMTP.
2012-12-06Correct gecos expansion when From: is a prefix of the username.Tony Finch
Test 0254 submits a message to Exim with the header Resent-From: f When I ran the test suite under the user fanf2, Exim expanded the header to contain my full name, whereas it should have added a Resent-Sender: header. It erroneously treats any prefix of the username as equal to the username. This change corrects that bug.
2012-12-02Explain the 3 SSL_CTX we havePhil Pennock
2012-12-02Fix eximon build.Jeremy Harris
2012-11-29Fix ultimate retry timeouts for intermittently deliverable recipients.Tony Finch
When a queue runner is handling a message, Exim first routes the recipient addresses, during which it prunes them based on the retry hints database. After that it attempts to deliver the message to any remaining recipients. It then updates the hints database using the retry rules. So if a recipient address works intermittently, it can get repeatedly deferred at routing time. The retry hints record remains fresh so the address never reaches the final cutoff time. This is a fairly common occurrence when a user is bumping up against their storage quota. Exim had some logic in its local delivery code to deal with this. However it did not apply to per-recipient defers in remote deliveries, e.g. over LMTP to a separate IMAP message store. This commit adds a proper retry rule check during routing so that the final cutoff time is checked against the message's age. I also took the opportunity to unify three very similar blocks of code. I suspect this new check makes the old local delivery cutoff check redundant, but I have not verified this so I left the code in place.
2012-11-23DCC debug and logging tidyGraeme Fowler
2012-11-23Fix merge problem.Jeremy Harris
2012-11-23Check syscall return values.Jeremy Harris
Mostly just compiler-quietening rather than intelligent error-handling. This deals with complaints of "attribute warn_unused_result" during an rpm build for SL6 (probably for Fedora also).
2012-11-22Fix 64b build.Jeremy Harris
2012-11-19Dovecot: robustness; better msg on missing mech.Phil Pennock
If the dovecot protocol response doesn't include the MECH message for the SMTP AUTH protocol the client has requested, that's not a protocol failure, don't log it as such. Instead, explicitly log that it didn't advertise the mechanism we're looking for. This lets administrators fix either their Exim or their Dovecot configurations. Also: make the Dovecot handling more resistant to bad data from the auth server; handle too many fields with debug-log message to explain what's going on, permit lines of 8192 length per spec and detect if the line is too long, so that we can fail auth instead of becoming unsynchronised. Stop using the CUID from the server as the AUTH id counter. They're different, by my reading of the spec. TESTED: works against Dovecot 2.1.10. Thanks to Brady Catherman for reporting the problem with diagnosis.
2012-11-18More compiler quietening.Jeremy Harris
2012-11-18More compiler quietening.Jeremy Harris
2012-11-18More compiler quitening.Jeremy Harris
2012-11-17Fix initializer for struct tls_support, per edc33b5f1aca and 817d9f576cd.Jeremy Harris
2012-11-16Configure should stop on error.Phil Pennock
Set the POSIX -e option on the #! line invoking /bin/sh. If any of the sub-commands fail, the Configure as a whole should fail.
2012-11-09Auth info from transports must be tracked per-address.Jeremy Harris
2012-11-08Ensure that recipient is well-defined for expansion-called acl at RCPT-time.Jeremy Harris
2012-11-07Fix server_set_id for SPA/NTLM auth.Phil Pennock
Broken in 4.80 release, commit 08488c86. We need to leave $auth1 available after the authenticator returns, so that server_set_id can be evaluated by the caller. We need to do this whether we succeed or fail, because server_set_id only makes it into $authenticated_id if we return OK, but is logged regardless. Updated test config to set server_set_id; updated logs.
2012-11-06Add optional authenticated_sender info to A= elements of log lines; bug 1314.Jeremy Harris
New log_selector, smtp_mailauth, to enable.
2012-11-04Add A= to delivery log lines, and a client_set_id option to authenticators.Jeremy Harris
2012-10-29Track ACL context through ${acl expansions. Bug 1305.Jeremy Harris
Rather than pass "where" around all the string-expansion calls I've used a global; and unpleasant mismatch with the existing "where" tracking done for nested ACL calls.
2012-10-28Quieten complaining compilers.Jeremy Harris
2012-10-264.81 to 4.82Phil Pennock
Avoiding confusion of 4.80.1 vs 4.81, we went with skipping to 4.82 instead.
2012-10-26Merge 4.80.1 security fix in.Phil Pennock
Merge commit '4263f395efd136dece52d765dfcff3c96f17506e' Amendment to ChangeLog to handle changes.
2012-10-25Merge branch 'master' of git://git.exim.org/eximJeremy Harris
2012-10-25Save/restore $acl_arg1 ... across acl calls, making them local variables.Jeremy Harris
2012-10-24SECURITY: DKIM DNS buffer overflow protectionPhil Pennock
CVE-2012-5671 malloc/heap overflow, with a 60kB window of overwrite. Requires DNS under control of person sending email, leaves plenty of evidence, but is very likely exploitable on OSes that have not been well hardened.
2012-10-15Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
2012-10-15Adjust debug output to indicate a test, not resultTodd Lyons
2012-10-14Avoid reset of store pool in expand when a ${acl is used; it may have ↵Jeremy Harris
side-effects that must be persistent.
2012-10-06Move Wolfgang's ack to current sectionPhil Pennock
2012-10-06Logging-only patch for 8BITMIME; bug 817.Jeremy Harris
2012-10-05Add smarthost Router to default config, commented-out.Phil Pennock
This is a very common requirement for the portion of the user-base who need the most assistance.
2012-10-04Add expansion variable $headers_added returning newline-sep list of headersJeremy Harris
added in ACLs. Bug 199.
2012-10-04Strip leading/trailing newlines on list of headers for addition; bug 884.Jeremy Harris
NB: this means a bare "X-ACL-Warn:" header is harder to add.
2012-09-27Unbreak non-ipv6 build.Jeremy Harris
My commit 3a7963704c519 broke compilation without HAVE_IPv6. Rework.
2012-09-17Typo in debug output.Todd Lyons
2012-09-11Minor doc nits re bug 1262.Phil Pennock
Update src comment to be clearer about why it's safe for "state of this transport" to affect other deliveries. Mention change in externally observable state in README.UPDATING. Reference bugzilla entry in ChangeLog. Update Paul's credit in ACKNOWLEDGMENTS.
2012-09-11Avoid using a waiting db for single-message-only transports. PerformanceJeremy Harris
bug 1262 and patch from Paul Fisher. Testcase 0288 exercises.
2012-09-05Add dnsdb lookup pseudo-type "a+". Addresses bug 1269.Jeremy Harris
2012-07-27Bug #198: Add remove_header ACL modifier.Todd Lyons
Used patch from Magnus Holmgren dated 2007-02-20. Added documentation. Added tests to detect proper operation.
2012-07-16Doc fixes from Regid Ichira & Andreas MetzlerPhil Pennock
2012-07-12Doc note re 9999 days & 32bit time (SSL certs)Phil Pennock
Thanks to Jay Rouman for highlighting that there can be rollover. I have chosen *not* to reduce the duration, but to leave it and instead provoke thought on the part of those deploying systems, if this bites them.
2012-07-08Merge branch 'master' of git://git.exim.org/eximJeremy Harris
2012-07-08Multiple headers_add/remove options per router/transport - fixes bug 337Jeremy Harris
2012-07-06Make +smtp_confirmation be a default logging option.Todd Lyons
2012-07-05Fix bug 1267 - inlist/i were ignoring negation.Jeremy Harris
Fix the acl condition also; and make editor brace-matching a little better.
2012-07-05Delay expansion of smtp transport option "authenticated_sender"Jeremy Harris
after connection startup, to match documentation - bug 1144.
2012-07-01Merge branch 'acl'Jeremy Harris
2012-06-27git/ACKNOWLEDGMENTS: coerce charset of git toolsPhil Pennock
github seems to assume content is 8bit.