diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
commit | b5896ba9f6047e7031e2bdee0622d543e11a6734 (patch) | |
tree | fd7b460593a2fee1be579bec5697e6d887ea3421 /src/error/error.c | |
parent | Initial commit. (diff) | |
download | postfix-2f07919848e7bd4a084699d26e8821e3a00696d9.tar.xz postfix-2f07919848e7bd4a084699d26e8821e3a00696d9.zip |
Adding upstream version 3.4.23.upstream/3.4.23upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/error/error.c')
-rw-r--r-- | src/error/error.c | 266 |
1 files changed, 266 insertions, 0 deletions
diff --git a/src/error/error.c b/src/error/error.c new file mode 100644 index 0000000..61e805b --- /dev/null +++ b/src/error/error.c @@ -0,0 +1,266 @@ +/*++ +/* NAME +/* error 8 +/* SUMMARY +/* Postfix error/retry mail delivery agent +/* SYNOPSIS +/* \fBerror\fR [generic Postfix daemon options] +/* DESCRIPTION +/* The Postfix \fBerror\fR(8) delivery agent processes delivery +/* requests from +/* the queue manager. Each request specifies a queue file, a sender +/* address, the reason for non-delivery (specified as the +/* next-hop destination), and recipient information. +/* The reason may be prefixed with an RFC 3463-compatible detail code; +/* if none is specified a default 4.0.0 or 5.0.0 code is used instead. +/* This program expects to be run from the \fBmaster\fR(8) process +/* manager. +/* +/* Depending on the service name in master.cf, \fBerror\fR +/* or \fBretry\fR, the server bounces or defers all recipients +/* in the delivery request using the "next-hop" information +/* as the reason for non-delivery. The \fBretry\fR service name is +/* supported as of Postfix 2.4. +/* +/* Delivery status reports are sent to the \fBbounce\fR(8), +/* \fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate. +/* SECURITY +/* .ad +/* .fi +/* The \fBerror\fR(8) mailer is not security-sensitive. It does not talk +/* to the network, and can be run chrooted at fixed low privilege. +/* STANDARDS +/* RFC 3463 (Enhanced Status Codes) +/* DIAGNOSTICS +/* Problems and transactions are logged to \fBsyslogd\fR(8) +/* or \fBpostlogd\fR(8). +/* +/* Depending on the setting of the \fBnotify_classes\fR parameter, +/* the postmaster is notified of bounces and of other trouble. +/* CONFIGURATION PARAMETERS +/* .ad +/* .fi +/* Changes to \fBmain.cf\fR are picked up automatically as \fBerror\fR(8) +/* processes run for only a limited amount of time. Use the command +/* "\fBpostfix reload\fR" to speed up a change. +/* +/* The text below provides only a parameter summary. See +/* \fBpostconf\fR(5) for more details including examples. +/* .IP "\fB2bounce_notice_recipient (postmaster)\fR" +/* The recipient of undeliverable mail that cannot be returned to +/* the sender. +/* .IP "\fBbounce_notice_recipient (postmaster)\fR" +/* The recipient of postmaster notifications with the message headers +/* of mail that Postfix did not deliver and of SMTP conversation +/* transcripts of mail that Postfix did not receive. +/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" +/* The default location of the Postfix main.cf and master.cf +/* configuration files. +/* .IP "\fBdaemon_timeout (18000s)\fR" +/* How much time a Postfix daemon process may take to handle a +/* request before it is terminated by a built-in watchdog timer. +/* .IP "\fBdelay_logging_resolution_limit (2)\fR" +/* The maximal number of digits after the decimal point when logging +/* sub-second delay values. +/* .IP "\fBdouble_bounce_sender (double-bounce)\fR" +/* The sender address of postmaster notifications that are generated +/* by the mail system. +/* .IP "\fBipc_timeout (3600s)\fR" +/* The time limit for sending or receiving information over an internal +/* communication channel. +/* .IP "\fBmax_idle (100s)\fR" +/* The maximum amount of time that an idle Postfix daemon process waits +/* for an incoming connection before terminating voluntarily. +/* .IP "\fBmax_use (100)\fR" +/* The maximal number of incoming connections that a Postfix daemon +/* process will service before terminating voluntarily. +/* .IP "\fBnotify_classes (resource, software)\fR" +/* The list of error classes that are reported to the postmaster. +/* .IP "\fBprocess_id (read-only)\fR" +/* The process ID of a Postfix command or daemon process. +/* .IP "\fBprocess_name (read-only)\fR" +/* The process name of a Postfix command or daemon process. +/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR" +/* The location of the Postfix top-level queue directory. +/* .IP "\fBsyslog_facility (mail)\fR" +/* The syslog facility of Postfix logging. +/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" +/* A prefix that is prepended to the process name in syslog +/* records, so that, for example, "smtpd" becomes "prefix/smtpd". +/* .PP +/* Available in Postfix 3.3 and later: +/* .IP "\fBservice_name (read-only)\fR" +/* The master.cf service name of a Postfix daemon process. +/* SEE ALSO +/* qmgr(8), queue manager +/* bounce(8), delivery status reports +/* discard(8), Postfix discard delivery agent +/* postconf(5), configuration parameters +/* master(5), generic daemon options +/* master(8), process manager +/* postlogd(8), Postfix logging +/* syslogd(8), system logging +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/* +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA +/*--*/ + +/* System library. */ + +#include <sys_defs.h> +#include <unistd.h> +#include <stdlib.h> + +/* Utility library. */ + +#include <msg.h> +#include <vstream.h> + +/* Global library. */ + +#include <deliver_request.h> +#include <mail_queue.h> +#include <bounce.h> +#include <defer.h> +#include <deliver_completed.h> +#include <flush_clnt.h> +#include <dsn_util.h> +#include <sys_exits.h> +#include <mail_proto.h> +#include <mail_version.h> + +/* Single server skeleton. */ + +#include <mail_server.h> + +/* deliver_message - deliver message with extreme prejudice */ + +static int deliver_message(DELIVER_REQUEST *request, const char *def_dsn, + int (*append) (int, const char *, MSG_STATS *, RECIPIENT *, + const char *, DSN *)) +{ + const char *myname = "deliver_message"; + VSTREAM *src; + int result = 0; + int status; + RECIPIENT *rcpt; + int nrcpt; + DSN_SPLIT dp; + DSN dsn; + + if (msg_verbose) + msg_info("deliver_message: from %s", request->sender); + + /* + * Sanity checks. + */ + if (request->nexthop[0] == 0) + msg_fatal("empty nexthop hostname"); + if (request->rcpt_list.len <= 0) + msg_fatal("recipient count: %d", request->rcpt_list.len); + + /* + * Open the queue file. Opening the file can fail for a variety of + * reasons, such as the system running out of resources. Instead of + * throwing away mail, we're raising a fatal error which forces the mail + * system to back off, and retry later. + */ + src = mail_queue_open(request->queue_name, request->queue_id, + O_RDWR, 0); + if (src == 0) + msg_fatal("%s: open %s %s: %m", myname, + request->queue_name, request->queue_id); + if (msg_verbose) + msg_info("%s: file %s", myname, VSTREAM_PATH(src)); + + /* + * Bounce/defer/whatever all recipients. + */ +#define BOUNCE_FLAGS(request) DEL_REQ_TRACE_FLAGS(request->flags) + + dsn_split(&dp, def_dsn, request->nexthop); + (void) DSN_SIMPLE(&dsn, DSN_STATUS(dp.dsn), dp.text); + for (nrcpt = 0; nrcpt < request->rcpt_list.len; nrcpt++) { + rcpt = request->rcpt_list.info + nrcpt; + status = append(BOUNCE_FLAGS(request), request->queue_id, + &request->msg_stats, rcpt, "none", &dsn); + if (status == 0) + deliver_completed(src, rcpt->offset); + result |= status; + } + + /* + * Clean up. + */ + if (vstream_fclose(src)) + msg_warn("close %s %s: %m", request->queue_name, request->queue_id); + + return (result); +} + +/* error_service - perform service for client */ + +static void error_service(VSTREAM *client_stream, char *service, char **argv) +{ + DELIVER_REQUEST *request; + int status; + + /* + * Sanity check. This service takes no command-line arguments. + */ + if (argv[0]) + msg_fatal("unexpected command-line argument: %s", argv[0]); + + /* + * This routine runs whenever a client connects to the UNIX-domain socket + * dedicated to the error mailer. What we see below is a little protocol + * to (1) tell the queue manager that we are ready, (2) read a request + * from the queue manager, and (3) report the completion status of that + * request. All connection-management stuff is handled by the common code + * in single_server.c. + */ + if ((request = deliver_request_read(client_stream)) != 0) { + if (strcmp(service, MAIL_SERVICE_ERROR) == 0) + status = deliver_message(request, "5.0.0", bounce_append); + else if (strcmp(service, MAIL_SERVICE_RETRY) == 0) + status = deliver_message(request, "4.0.0", defer_append); + else + msg_fatal("bad error service name: %s", service); + deliver_request_done(client_stream, request, status); + } +} + +/* pre_init - pre-jail initialization */ + +static void pre_init(char *unused_name, char **unused_argv) +{ + flush_init(); +} + +MAIL_VERSION_STAMP_DECLARE; + +/* main - pass control to the single-threaded skeleton */ + +int main(int argc, char **argv) +{ + + /* + * Fingerprint executables and core dumps. + */ + MAIL_VERSION_STAMP_ALLOCATE; + + single_server_main(argc, argv, error_service, + CA_MAIL_SERVER_PRE_INIT(pre_init), + 0); +} |