summaryrefslogtreecommitdiffstats
path: root/src/error/error.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:46:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:46:30 +0000
commitb5896ba9f6047e7031e2bdee0622d543e11a6734 (patch)
treefd7b460593a2fee1be579bec5697e6d887ea3421 /src/error/error.c
parentInitial commit. (diff)
downloadpostfix-2f07919848e7bd4a084699d26e8821e3a00696d9.tar.xz
postfix-2f07919848e7bd4a084699d26e8821e3a00696d9.zip
Adding upstream version 3.4.23.upstream/3.4.23upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/error/error.c')
-rw-r--r--src/error/error.c266
1 files changed, 266 insertions, 0 deletions
diff --git a/src/error/error.c b/src/error/error.c
new file mode 100644
index 0000000..61e805b
--- /dev/null
+++ b/src/error/error.c
@@ -0,0 +1,266 @@
+/*++
+/* NAME
+/* error 8
+/* SUMMARY
+/* Postfix error/retry mail delivery agent
+/* SYNOPSIS
+/* \fBerror\fR [generic Postfix daemon options]
+/* DESCRIPTION
+/* The Postfix \fBerror\fR(8) delivery agent processes delivery
+/* requests from
+/* the queue manager. Each request specifies a queue file, a sender
+/* address, the reason for non-delivery (specified as the
+/* next-hop destination), and recipient information.
+/* The reason may be prefixed with an RFC 3463-compatible detail code;
+/* if none is specified a default 4.0.0 or 5.0.0 code is used instead.
+/* This program expects to be run from the \fBmaster\fR(8) process
+/* manager.
+/*
+/* Depending on the service name in master.cf, \fBerror\fR
+/* or \fBretry\fR, the server bounces or defers all recipients
+/* in the delivery request using the "next-hop" information
+/* as the reason for non-delivery. The \fBretry\fR service name is
+/* supported as of Postfix 2.4.
+/*
+/* Delivery status reports are sent to the \fBbounce\fR(8),
+/* \fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate.
+/* SECURITY
+/* .ad
+/* .fi
+/* The \fBerror\fR(8) mailer is not security-sensitive. It does not talk
+/* to the network, and can be run chrooted at fixed low privilege.
+/* STANDARDS
+/* RFC 3463 (Enhanced Status Codes)
+/* DIAGNOSTICS
+/* Problems and transactions are logged to \fBsyslogd\fR(8)
+/* or \fBpostlogd\fR(8).
+/*
+/* Depending on the setting of the \fBnotify_classes\fR parameter,
+/* the postmaster is notified of bounces and of other trouble.
+/* CONFIGURATION PARAMETERS
+/* .ad
+/* .fi
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBerror\fR(8)
+/* processes run for only a limited amount of time. Use the command
+/* "\fBpostfix reload\fR" to speed up a change.
+/*
+/* The text below provides only a parameter summary. See
+/* \fBpostconf\fR(5) for more details including examples.
+/* .IP "\fB2bounce_notice_recipient (postmaster)\fR"
+/* The recipient of undeliverable mail that cannot be returned to
+/* the sender.
+/* .IP "\fBbounce_notice_recipient (postmaster)\fR"
+/* The recipient of postmaster notifications with the message headers
+/* of mail that Postfix did not deliver and of SMTP conversation
+/* transcripts of mail that Postfix did not receive.
+/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+/* The default location of the Postfix main.cf and master.cf
+/* configuration files.
+/* .IP "\fBdaemon_timeout (18000s)\fR"
+/* How much time a Postfix daemon process may take to handle a
+/* request before it is terminated by a built-in watchdog timer.
+/* .IP "\fBdelay_logging_resolution_limit (2)\fR"
+/* The maximal number of digits after the decimal point when logging
+/* sub-second delay values.
+/* .IP "\fBdouble_bounce_sender (double-bounce)\fR"
+/* The sender address of postmaster notifications that are generated
+/* by the mail system.
+/* .IP "\fBipc_timeout (3600s)\fR"
+/* The time limit for sending or receiving information over an internal
+/* communication channel.
+/* .IP "\fBmax_idle (100s)\fR"
+/* The maximum amount of time that an idle Postfix daemon process waits
+/* for an incoming connection before terminating voluntarily.
+/* .IP "\fBmax_use (100)\fR"
+/* The maximal number of incoming connections that a Postfix daemon
+/* process will service before terminating voluntarily.
+/* .IP "\fBnotify_classes (resource, software)\fR"
+/* The list of error classes that are reported to the postmaster.
+/* .IP "\fBprocess_id (read-only)\fR"
+/* The process ID of a Postfix command or daemon process.
+/* .IP "\fBprocess_name (read-only)\fR"
+/* The process name of a Postfix command or daemon process.
+/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+/* The location of the Postfix top-level queue directory.
+/* .IP "\fBsyslog_facility (mail)\fR"
+/* The syslog facility of Postfix logging.
+/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+/* A prefix that is prepended to the process name in syslog
+/* records, so that, for example, "smtpd" becomes "prefix/smtpd".
+/* .PP
+/* Available in Postfix 3.3 and later:
+/* .IP "\fBservice_name (read-only)\fR"
+/* The master.cf service name of a Postfix daemon process.
+/* SEE ALSO
+/* qmgr(8), queue manager
+/* bounce(8), delivery status reports
+/* discard(8), Postfix discard delivery agent
+/* postconf(5), configuration parameters
+/* master(5), generic daemon options
+/* master(8), process manager
+/* postlogd(8), Postfix logging
+/* syslogd(8), system logging
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <unistd.h>
+#include <stdlib.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <vstream.h>
+
+/* Global library. */
+
+#include <deliver_request.h>
+#include <mail_queue.h>
+#include <bounce.h>
+#include <defer.h>
+#include <deliver_completed.h>
+#include <flush_clnt.h>
+#include <dsn_util.h>
+#include <sys_exits.h>
+#include <mail_proto.h>
+#include <mail_version.h>
+
+/* Single server skeleton. */
+
+#include <mail_server.h>
+
+/* deliver_message - deliver message with extreme prejudice */
+
+static int deliver_message(DELIVER_REQUEST *request, const char *def_dsn,
+ int (*append) (int, const char *, MSG_STATS *, RECIPIENT *,
+ const char *, DSN *))
+{
+ const char *myname = "deliver_message";
+ VSTREAM *src;
+ int result = 0;
+ int status;
+ RECIPIENT *rcpt;
+ int nrcpt;
+ DSN_SPLIT dp;
+ DSN dsn;
+
+ if (msg_verbose)
+ msg_info("deliver_message: from %s", request->sender);
+
+ /*
+ * Sanity checks.
+ */
+ if (request->nexthop[0] == 0)
+ msg_fatal("empty nexthop hostname");
+ if (request->rcpt_list.len <= 0)
+ msg_fatal("recipient count: %d", request->rcpt_list.len);
+
+ /*
+ * Open the queue file. Opening the file can fail for a variety of
+ * reasons, such as the system running out of resources. Instead of
+ * throwing away mail, we're raising a fatal error which forces the mail
+ * system to back off, and retry later.
+ */
+ src = mail_queue_open(request->queue_name, request->queue_id,
+ O_RDWR, 0);
+ if (src == 0)
+ msg_fatal("%s: open %s %s: %m", myname,
+ request->queue_name, request->queue_id);
+ if (msg_verbose)
+ msg_info("%s: file %s", myname, VSTREAM_PATH(src));
+
+ /*
+ * Bounce/defer/whatever all recipients.
+ */
+#define BOUNCE_FLAGS(request) DEL_REQ_TRACE_FLAGS(request->flags)
+
+ dsn_split(&dp, def_dsn, request->nexthop);
+ (void) DSN_SIMPLE(&dsn, DSN_STATUS(dp.dsn), dp.text);
+ for (nrcpt = 0; nrcpt < request->rcpt_list.len; nrcpt++) {
+ rcpt = request->rcpt_list.info + nrcpt;
+ status = append(BOUNCE_FLAGS(request), request->queue_id,
+ &request->msg_stats, rcpt, "none", &dsn);
+ if (status == 0)
+ deliver_completed(src, rcpt->offset);
+ result |= status;
+ }
+
+ /*
+ * Clean up.
+ */
+ if (vstream_fclose(src))
+ msg_warn("close %s %s: %m", request->queue_name, request->queue_id);
+
+ return (result);
+}
+
+/* error_service - perform service for client */
+
+static void error_service(VSTREAM *client_stream, char *service, char **argv)
+{
+ DELIVER_REQUEST *request;
+ int status;
+
+ /*
+ * Sanity check. This service takes no command-line arguments.
+ */
+ if (argv[0])
+ msg_fatal("unexpected command-line argument: %s", argv[0]);
+
+ /*
+ * This routine runs whenever a client connects to the UNIX-domain socket
+ * dedicated to the error mailer. What we see below is a little protocol
+ * to (1) tell the queue manager that we are ready, (2) read a request
+ * from the queue manager, and (3) report the completion status of that
+ * request. All connection-management stuff is handled by the common code
+ * in single_server.c.
+ */
+ if ((request = deliver_request_read(client_stream)) != 0) {
+ if (strcmp(service, MAIL_SERVICE_ERROR) == 0)
+ status = deliver_message(request, "5.0.0", bounce_append);
+ else if (strcmp(service, MAIL_SERVICE_RETRY) == 0)
+ status = deliver_message(request, "4.0.0", defer_append);
+ else
+ msg_fatal("bad error service name: %s", service);
+ deliver_request_done(client_stream, request, status);
+ }
+}
+
+/* pre_init - pre-jail initialization */
+
+static void pre_init(char *unused_name, char **unused_argv)
+{
+ flush_init();
+}
+
+MAIL_VERSION_STAMP_DECLARE;
+
+/* main - pass control to the single-threaded skeleton */
+
+int main(int argc, char **argv)
+{
+
+ /*
+ * Fingerprint executables and core dumps.
+ */
+ MAIL_VERSION_STAMP_ALLOCATE;
+
+ single_server_main(argc, argv, error_service,
+ CA_MAIL_SERVER_PRE_INIT(pre_init),
+ 0);
+}