From 6ea85e9a4ac76f292db7bb946d6ada8d3ac93a2d Mon Sep 17 00:00:00 2001
From: Philip Hazel <ph10@hermes.cam.ac.uk>
Date: Mon, 25 Sep 2006 10:14:20 +0000
Subject: Add log_reject_target as an ACL modifier.

---
 src/src/acl.c     | 51 +++++++++++++++++++++++++++++++++++++++++++++------
 src/src/globals.c |  5 +++--
 src/src/globals.h |  5 +++--
 src/src/receive.c | 11 ++++++++---
 src/src/smtp_in.c | 15 +++++++++------
 5 files changed, 68 insertions(+), 19 deletions(-)

(limited to 'src')

diff --git a/src/src/acl.c b/src/src/acl.c
index 5709a11ab..8274e0c73 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/acl.c,v 1.65 2006/09/19 14:31:06 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.66 2006/09/25 10:14:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -65,6 +65,7 @@ enum { ACLC_ACL,
        ACLC_HOSTS,
        ACLC_LOCAL_PARTS,
        ACLC_LOG_MESSAGE,
+       ACLC_LOG_REJECT_TARGET,
        ACLC_LOGWRITE,
 #ifdef WITH_CONTENT_SCAN
        ACLC_MALWARE,
@@ -90,8 +91,9 @@ enum { ACLC_ACL,
        ACLC_VERIFY };
 
 /* ACL conditions/modifiers: "delay", "control", "endpass", "message",
-"log_message", "logwrite", and "set" are modifiers that look like conditions
-but always return TRUE. They are used for their side effects. */
+"log_message", "log_reject_target", "logwrite", and "set" are modifiers that
+look like conditions but always return TRUE. They are used for their side
+effects. */
 
 static uschar *conditions[] = {
   US"acl",
@@ -117,8 +119,15 @@ static uschar *conditions[] = {
   US"dk_senders",
   US"dk_status",
 #endif
-  US"dnslists", US"domains", US"encrypted",
-  US"endpass", US"hosts", US"local_parts", US"log_message", US"logwrite",
+  US"dnslists",
+  US"domains",
+  US"encrypted",
+  US"endpass",
+  US"hosts",
+  US"local_parts",
+  US"log_message",
+  US"log_reject_target",
+  US"logwrite",
 #ifdef WITH_CONTENT_SCAN
   US"malware",
 #endif
@@ -232,6 +241,7 @@ static uschar cond_expand_at_top[] = {
   FALSE,   /* hosts */
   FALSE,   /* local_parts */
   TRUE,    /* log_message */
+  TRUE,    /* log_reject_target */
   TRUE,    /* logwrite */
 #ifdef WITH_CONTENT_SCAN
   TRUE,    /* malware */
@@ -290,6 +300,7 @@ static uschar cond_modifiers[] = {
   FALSE,   /* hosts */
   FALSE,   /* local_parts */
   TRUE,    /* log_message */
+  TRUE,    /* log_reject_target */
   TRUE,    /* logwrite */
 #ifdef WITH_CONTENT_SCAN
   FALSE,   /* malware */
@@ -433,6 +444,8 @@ static unsigned int cond_forbids[] = {
 
   0,                                               /* log_message */
 
+  0,                                               /* log_reject_target */
+
   0,                                               /* logwrite */
 
   #ifdef WITH_CONTENT_SCAN
@@ -2844,6 +2857,29 @@ for (; cb != NULL; cb = cb->next)
       &deliver_localpart_data);
     break;
 
+    case ACLC_LOG_REJECT_TARGET:
+      {
+      int logbits = 0;
+      int sep = 0;
+      uschar *s = arg;
+      uschar *ss;
+      while ((ss = string_nextinlist(&s, &sep, big_buffer, big_buffer_size))
+              != NULL)
+        {
+        if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
+        else if (Ustrcmp(ss, "panic") == 0) logbits |= LOG_PANIC;
+        else if (Ustrcmp(ss, "reject") == 0) logbits |= LOG_REJECT;
+        else
+          {
+          logbits |= LOG_MAIN|LOG_REJECT;
+          log_write(0, LOG_MAIN|LOG_PANIC, "unknown log name \"%s\" in "
+            "\"log_reject_target\" in %s ACL", ss, acl_wherenames[where]);
+          }
+        }
+      log_reject_target = logbits;
+      }
+    break;
+
     case ACLC_LOGWRITE:
       {
       int logbits = 0;
@@ -2870,6 +2906,8 @@ for (; cb != NULL; cb = cb->next)
         s++;
         }
       while (isspace(*s)) s++;
+
+
       if (logbits == 0) logbits = LOG_MAIN;
       log_write(0, logbits, "%s", string_printing(s));
       }
@@ -2878,7 +2916,7 @@ for (; cb != NULL; cb = cb->next)
     #ifdef WITH_CONTENT_SCAN
     case ACLC_MALWARE:
       {
-      /* Seperate the regular expression and any optional parameters. */
+      /* Separate the regular expression and any optional parameters. */
       uschar *ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size);
       /* Run the malware backend. */
       rc = malware(&ss);
@@ -3513,6 +3551,7 @@ address_item *addr = NULL;
 *user_msgptr = *log_msgptr = NULL;
 sender_verified_failed = NULL;
 ratelimiters_cmd = NULL;
+log_reject_target = LOG_MAIN|LOG_REJECT;
 
 if (where == ACL_WHERE_RCPT)
   {
diff --git a/src/src/globals.c b/src/src/globals.c
index a694053c5..7c3f8e9f1 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.c,v 1.58 2006/09/19 11:28:45 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.59 2006/09/25 10:14:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -703,11 +703,12 @@ bit_table log_options[]        = {
 };
 
 int     log_options_count      = sizeof(log_options)/sizeof(bit_table);
-unsigned int log_write_selector= L_default;
+int     log_reject_target      = 0;
 uschar *log_selector_string    = NULL;
 FILE   *log_stderr             = NULL;
 BOOL    log_testing_mode       = FALSE;
 BOOL    log_timezone           = FALSE;
+unsigned int log_write_selector= L_default;
 uschar *login_sender_address   = NULL;
 int     lookup_open_max        = 25;
 uschar *lookup_value           = NULL;
diff --git a/src/src/globals.h b/src/src/globals.h
index cd5fb4e36..0bafda666 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.h,v 1.40 2006/09/19 11:28:45 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.41 2006/09/25 10:14:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -404,11 +404,12 @@ extern unsigned int log_extra_selector;/* Bit map of logging options other than
 extern uschar *log_file_path;          /* If unset, use default */
 extern bit_table log_options[];        /* Table of options */
 extern int     log_options_count;      /* Size of table */
-extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */
+extern int     log_reject_target;      /* Target log for ACL rejections */
 extern uschar *log_selector_string;    /* As supplied in the config */
 extern FILE   *log_stderr;             /* Copy of stderr for log use, or NULL */
 extern BOOL    log_testing_mode;       /* TRUE in various testing modes */
 extern BOOL    log_timezone;           /* TRUE to include the timezone in log lines */
+extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */
 extern uschar *login_sender_address;   /* The actual sender address */
 extern lookup_info lookup_list[];      /* Vector of available lookups */
 extern int     lookup_list_count;      /* Number of entries in the list */
diff --git a/src/src/receive.c b/src/src/receive.c
index 3f430f1aa..797444ca1 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/receive.c,v 1.28 2006/07/13 13:53:33 ph10 Exp $ */
+/* $Cambridge: exim/src/src/receive.c,v 1.29 2006/09/25 10:14:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -2985,8 +2985,13 @@ else
 #ifdef WITH_CONTENT_SCAN
         unspool_mbox();
 #endif
-        log_write(0, LOG_MAIN|LOG_REJECT, "F=<%s> rejected by non-SMTP ACL: %s",
-          sender_address, log_msg);
+        /* The ACL can specify where rejections are to be logged, possibly
+        nowhere. The default is main and reject logs. */
+
+        if (log_reject_target != 0)
+          log_write(0, log_reject_target, "F=<%s> rejected by non-SMTP ACL: %s",
+            sender_address, log_msg);
+
         if (user_msg == NULL) user_msg = US"local configuration problem";
         if (smtp_batched_input)
           {
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index 614a3ffe0..36c4c3021 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.43 2006/09/19 11:28:45 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.44 2006/09/25 10:14:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -2002,12 +2002,15 @@ else
       US"Temporary local problem - please try later");
   }
 
-/* Log the incident. If the connection is not forcibly to be dropped, return 0.
-Otherwise, log why it is closing if required and return 2.  */
+/* Log the incident to the logs that are specified by log_reject_target
+(default main, reject). This can be empty to suppress logging of rejections. If
+the connection is not forcibly to be dropped, return 0. Otherwise, log why it
+is closing if required and return 2.  */
 
-log_write(0, LOG_MAIN|LOG_REJECT, "%s %s%srejected %s%s",
-  host_and_ident(TRUE),
-  sender_info, (rc == FAIL)? US"" : US"temporarily ", what, log_msg);
+if (log_reject_target != 0)
+  log_write(0, log_reject_target, "%s %s%srejected %s%s",
+    host_and_ident(TRUE),
+    sender_info, (rc == FAIL)? US"" : US"temporarily ", what, log_msg);
 
 if (!drop) return 0;
 
-- 
cgit v1.2.3