summaryrefslogtreecommitdiffstats
path: root/src/convert4r4.src
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xsrc/convert4r4.src2527
1 files changed, 2527 insertions, 0 deletions
diff --git a/src/convert4r4.src b/src/convert4r4.src
new file mode 100755
index 0000000..47987fc
--- /dev/null
+++ b/src/convert4r4.src
@@ -0,0 +1,2527 @@
+#! PERL_COMMAND
+
+# This is a Perl script that reads an Exim run-time configuration file for
+# Exim 3. It makes what changes it can for Exim 4, and also output commentary
+# on what it has done, and on things it cannot do.
+
+# It is assumed that the input is a valid Exim 3 configuration file.
+
+use warnings;
+BEGIN { pop @INC if $INC[-1] eq '.' };
+
+use Getopt::Long;
+use File::Basename;
+
+GetOptions(
+ 'version' => sub {
+ print basename($0) . ": $0\n",
+ "build: EXIM_RELEASE_VERSIONEXIM_VARIANT_VERSION\n",
+ "perl(runtime): $^V\n";
+ exit 0;
+ },
+);
+
+# These are lists of main options which are abolished in Exim 4.
+# The first contains options that are used to construct new options.
+
+@skipped_options = (
+"auth_hosts",
+"auth_over_tls_hosts",
+"errors_address",
+"headers_check_syntax",
+"headers_checks_fail",
+"headers_sender_verify",
+"headers_sender_verify_errmsg",
+"host_accept_relay",
+"host_auth_accept_relay",
+"host_reject_recipients",
+"local_domains",
+"local_domains_include_host",
+"local_domains_include_host_literals",
+"log_all_parents",
+"log_arguments",
+"log_incoming_port",
+"log_interface",
+"log_level",
+"log_received_sender",
+"log_received_recipients",
+"log_rewrites",
+"log_sender_on_delivery",
+"log_smtp_confirmation",
+"log_smtp_connections",
+"log_smtp_syntax_errors",
+"log_subject",
+"log_queue_run_level",
+"rbl_domains",
+"rbl_hosts",
+"rbl_reject_recipients",
+"receiver_verify",
+"receiver_verify_addresses",
+"receiver_verify_hosts",
+"receiver_verify_senders",
+"recipients_reject_except",
+"recipients_reject_except_senders",
+"relay_domains",
+"relay_domains_include_local_mx",
+"sender_address_relay",
+"sender_address_relay_hosts",
+"sender_reject_recipients",
+"sender_verify",
+"sender_verify_hosts_callback",
+"sender_verify_callback_domains",
+"sender_verify_callback_timeout",
+"sender_verify_hosts",
+"smtp_etrn_hosts",
+"smtp_expn_hosts",
+"smtp_verify",
+"tls_host_accept_relay",
+"tls_hosts",
+"tls_log_cipher",
+"tls_log_peerdn",
+"tls_verify_ciphers"
+);
+
+# The second contains options that are completely abolished and have
+# no equivalent.
+
+@abolished_options = (
+"always_bcc",
+"debug_level",
+"helo_strict_syntax",
+"kill_ip_options",
+"log_ip_options",
+"log_refused_recipients",
+"message_size_limit_count_recipients",
+"rbl_log_headers",
+"rbl_log_rcpt_count",
+"receiver_try_verify",
+"refuse_ip_options",
+"relay_match_host_or_sender",
+"sender_try_verify",
+"sender_verify_batch",
+"sender_verify_fixup",
+"sender_verify_reject",
+"sender_verify_max_retry_rate",
+);
+
+# This is a list of options that are not otherwise handled, but which
+# contain domain or host lists that have to be processed so that any
+# regular expressions are marked "not for expansion".
+
+@list_options = (
+"dns_again_means_nonexist",
+"hold_domains",
+"hosts_treat_as_local",
+"percent_hack_domains",
+"queue_smtp_domains",
+"helo_accept_junk_hosts",
+"host_lookup",
+"ignore_fromline_hosts",
+"rfc1413_hosts",
+"sender_unqualified_hosts",
+"smtp_reserve_hosts",
+"tls_advertise_hosts",
+"tls_verify_hosts",
+);
+
+
+
+##################################################
+# Output problem rubric once #
+##################################################
+
+sub rubric {
+return if $rubric_output;
+$rubric_output = 1;
+print STDERR "\n" .
+"** The following comments describe problems that have been encountered\n" .
+" while converting an Exim 3 runtime file for Exim 4. More detail can\n" .
+" be found in the file doc/Exim4.upgrade.\n";
+}
+
+
+##################################################
+# Analyse one line #
+##################################################
+
+sub checkline{
+my($line) = $_[0];
+
+return "comment" if $line =~ /^\s*(#|$)/;
+return "end" if $line =~ /^\s*end\s*$/i;
+
+# Macros are recognized only in the first section of the file.
+
+return "macro" if $prefix eq "" && $line =~ /^\s*[A-Z]/;
+
+# In retry and rewrite sections, the type is always "other"
+
+return "other" if $prefix eq "=retry" || $prefix eq "=rewrite";
+
+# Pick out the name at the start and the rest of the line (into global
+# variables) and return whether the start of a driver or not.
+
+($hide,$name,$rest) = $line =~ /^\s*(hide\s+|)([a-z0-9_]+)\s*(.*?)\s*$/;
+
+# If $rest begins with a colon, this is a driver name
+
+return "driver" if $rest =~ /^:/;
+
+# If $rest begins with an = the value of the option is given explicitly;
+# remove the = from the start. Turn "yes"/"no" into "true"/"false".
+
+if ($rest =~ /^=/)
+ {
+ $rest =~ s/^=\s*//;
+ $rest = "true" if $rest eq "yes";
+ $rest = "false" if $rest eq "no";
+ }
+
+# Otherwise we have a boolean option. Set up a "true"/"false" value.
+
+else
+ {
+ if ($name =~ /^not?_/) # Recognize "no_" or "not_"
+ {
+ $rest = "false";
+ $name =~ s/^not?_//;
+ }
+ else
+ {
+ $rest = "true";
+ }
+ }
+
+return "option";
+}
+
+
+
+##################################################
+# Negate a list of things #
+##################################################
+
+# Can be tricky, because there may be comment lines in the list.
+# Also, lists may have different delimiters.
+
+sub negate {
+my($list) = $_[0];
+my($delim) = ":";
+my($leadin) = "";
+
+return $list if ! defined $list;
+
+($list) = $list =~ /^"?(.*?)"?\s*$/s; # Remove surrounding quotes
+$list =~ s/\\\s*\n\s*//g; # Remove continuation markers
+
+if ($list =~ /^(\s*<(\S)\s*)(.*)/s)
+ {
+ $leadin = $1;
+ $delim = $2;
+ $list = $3;
+ }
+
+$list =~ s/^\s+//;
+$list =~ s/\Q$delim$delim/>%%%%</g;
+@split = split /\s*\Q$delim\E\s*/s, $list;
+
+foreach $item (@split)
+ {
+ $item =~ s/>%%%%</$delim$delim/g;
+
+ if ($item =~ /^\s*#/)
+ {
+ $item =~ s/((?:^\s*#[^\n]*\n)+\s*)/$1! /mg;
+ $item =~ s/!\s*!//sg;
+ }
+ else
+ {
+ if ($item =~ /^\s*!(.*)/)
+ { $item = $1; }
+ else
+ { $item = "! " . $item; }
+ }
+ }
+
+$" = " $delim \\\n ";
+$leadin .= " " if $leadin !~ /(^|\s)$/;
+return "$leadin@split";
+}
+
+
+
+##################################################
+# Prevent regex expansion in a list of things #
+##################################################
+
+# Can be tricky, because there may be comment lines in the list.
+# Also, lists may have different delimiters.
+
+sub no_expand_regex {
+my($list) = $_[0];
+my($delim) = ":";
+my($leadin) = "";
+
+return $list if ! defined $list;
+
+$delim = $_[1] if (defined $_[1]);
+
+my($is_route_list) = $delim eq ";";
+
+($list) = $list =~ /^"?(.*?)"?\s*$/s; # Remove surrounding quotes
+$list =~ s/\\\s*\n\s*//g; # Remove continuation markers
+
+if ($list =~ /^(\s*<(\S)\s*)(.*)/s)
+ {
+ $leadin = $1;
+ $delim = $2;
+ $list = $3;
+ }
+
+$list =~ s/^\s+//;
+$list =~ s/\Q$delim$delim/>%%%%</g;
+@split = split /\s*\Q$delim\E\s*/s, $list;
+
+my($changed) = 0;
+foreach $item (@split)
+ {
+ $item =~ s/>%%%%</$delim$delim/g;
+ if ($item =~ /^\^/)
+ {
+ # Fudge for route_list items
+
+ if ($is_route_list)
+ {
+ $item = "\\N$item"; # Only one item ...
+ }
+ else
+ {
+ $item = "\\N$item\\N";
+ }
+ $changed = 1;
+ }
+ }
+print STDOUT
+ "#!!# Regular expressions enclosed in \\N...\\N to avoid expansion\n"
+ if $changed;
+
+$" = " $delim \\\n ";
+$leadin .= " " if $leadin !~ /(^|\s)$/;
+return "$leadin@split";
+}
+
+
+
+##################################################
+# Sort out lookups in an address list #
+##################################################
+
+# Can be tricky, because there may be comment lines in the list.
+# Also, lists may have different delimiters.
+
+sub sort_address_list {
+my($list) = $_[0];
+my($name) = $_[1];
+my($delim) = ":";
+my($leadin) = "";
+my($quoted) = 0;
+
+return $list if ! defined $list;
+
+if ($list =~ /^"(.*?)"\s*$/s) # Remove surrounding quotes
+ {
+ $list = $1;
+ $quoted = 1;
+ }
+
+$list =~ s/\\\s*\n\s*//g; # Remove continuation markers
+
+if ($list =~ /^(\s*<(\S)\s*)(.*)/s)
+ {
+ $leadin = $1;
+ $delim = $2;
+ $list = $3;
+ }
+
+$list =~ s/^\s+//;
+$list =~ s/\Q$delim$delim/>%%%%</g;
+@split = split /\s*\Q$delim\E\s*/s, $list;
+
+foreach $item (@split)
+ {
+ $item =~ s/>%%%%</$delim$delim/g;
+ if ($item =~ /^\s*(?:partial-)?(\w+;.*)$/)
+ {
+ my($lookup) = $1;
+ if ($lookup =~ /^lsearch|^dbm|^cdb|^nis[^p]/)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The Exim 3 \"$name\" option specifies an address\n" .
+" list that includes the item\n\n" .
+" $item\n\n" .
+" In Exim 4 address lists, single-key lookups without a local part just\n" .
+" look up the complete address. They don't also try the domain, as\n" .
+" happened in Exim 3. The item has been rewritten as two items to make\n" .
+" it behave in the same way as Exim 3, but you should check to see if\n" .
+" this is actually what you want.\n";
+
+ $item = "*\@$item $delim $lookup";
+ }
+ }
+ }
+
+$" = " $delim \\\n ";
+$leadin .= " " if $leadin !~ /(^|\s)$/;
+
+return $quoted? "\"$leadin@split\"" : "$leadin@split";
+}
+
+
+
+##################################################
+# Quote a string against expansion #
+##################################################
+
+# Used for setting up new "domains" options
+
+sub expquote {
+my($s) = $_[0];
+$s =~ s/\$/\\\$/sg;
+$s =~ s/\\(?!\s*\n)/\\\\/sg;
+return $s;
+}
+
+
+
+##################################################
+# Dequote an option string #
+##################################################
+
+# If the original list is not quoted, do nothing.
+# If it is quoted, just get rid of the quotes.
+
+sub unquote {
+my($s) = $_[0];
+$s =~ s/^"(.*)"$/$1/s;
+return $s;
+}
+
+
+##################################################
+# Quote/dequote an option string #
+##################################################
+
+# If the original list is not quoted, quote it against expansion.
+# If it is quoted, just get rid of the quotes. Also, indent any
+# continuations.
+
+sub acl_quote {
+my($s) = $_[0];
+$s = ($s =~ /^"(.*)"$/s)? $1 : &expquote($s);
+$s =~ s/\n/\n /g;
+$s =~ s/\n\s{11,}/\n /g;
+return $s;
+}
+
+
+##################################################
+# Handle abolished driver options #
+##################################################
+
+sub abolished {
+my($hash) = shift @_;
+my($name) = shift @_;
+for $abolished (@_)
+ {
+ if (defined $$hash{$abolished})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** $name used the \"$abolished\" option, which no\n".
+" longer exists. The option has been removed.\n";
+ print STDOUT "#!!# $abolished option removed\n";
+ delete $$hash{$abolished};
+ }
+ }
+}
+
+
+
+##################################################
+# Handle renamed driver options #
+##################################################
+
+sub renamed {
+my($hash,$old,$new) = @_;
+if (defined $$hash{$old})
+ {
+ print STDOUT "#!!# $old renamed $new\n";
+ $$hash{$new} = $$hash{$old};
+ delete $$hash{$old};
+ }
+}
+
+
+
+##################################################
+# Comment on user names in require_files #
+##################################################
+
+sub check_require {
+my($string, $name) = @_;
+
+$string =~ s/::/[[[]]]/g;
+my(@list) = split /:/, $string;
+my($item);
+
+for $item (@list)
+ {
+ if ($item =~ /^\s*[\w,]+\s*$/)
+ {
+ &rubric();
+ $item =~ s/^\s*//;
+ $item =~ s/\s*$//;
+ print STDERR "\n" .
+"** A setting of require_files in the $name contains\n" .
+" what appears to be a user name ('$item'). The ability to check files\n" .
+" as a specific user is done differently in Exim 4. In fact, because the\n" .
+" routers run as root, you may not need this at all.\n"
+ }
+ }
+}
+
+
+##################################################
+# Handle current and home directory #
+##################################################
+
+sub handle_current_and_home_directory {
+my($hash,$driver,$name) = @_;
+
+for ("current_directory", "home_directory")
+ {
+ if (defined $$hash{$_} && $$hash{$_} eq "check_local_user")
+ {
+ my($article) = (substr($driver, 0, 1) eq "a")? "an" : "a";
+ &rubric();
+ print STDERR "\n" .
+"** The Exim 3 configuration contains $article '$driver' director called\n" .
+" '$name', which set '$_' to the special value\n" .
+" 'check_local_user'. This facility has been abolished in Exim 4 because\n" .
+" it is no longer necessary. The setting has therefore been omitted. See\n" .
+" note X.\n";
+ delete $$hash{$_};
+ }
+ else
+ {
+ &renamed($hash, $_, "transport_$_");
+ }
+ }
+}
+
+
+
+##################################################
+# Handle batch/bsmtp for appendfile/pipe #
+##################################################
+
+sub handle_batch_and_bsmtp{
+my($hash) = @_;
+
+if (defined $$hash{"bsmtp"})
+ {
+ if ($$hash{"bsmtp"} ne "none")
+ {
+ $$hash{"use_bsmtp"} = "true";
+ $$hash{"message_prefix"} = "\"HELO \$primary_host_name\\n\""
+ if defined $$hash{"bsmtp_helo"} && $$hash{"bsmtp_helo"} eq "true";
+ }
+
+ if ($$hash{"bsmtp"} eq "one")
+ {
+ delete $$hash{"batch"};
+ }
+ else
+ {
+ $$hash{"batch"} = $$hash{"bsmtp"};
+ }
+
+ delete $$hash{"bsmtp"};
+ delete $$hash{"bsmtp_helo"};
+ }
+
+if (defined $$hash{"batch"} && $$hash{"batch"} ne "none")
+ {
+ $$hash{"batch_max"} = "100" if !defined $$hash{"batch_max"};
+ $$hash{"batch_id"} = "\$domain" if $$hash{"batch"} eq "domain";
+ }
+else
+ {
+ $$hash{"batch_max"} = "1" if defined $$hash{"batch_max"};
+ }
+delete $$hash{"batch"};
+}
+
+
+
+##################################################
+# Output one option #
+##################################################
+
+sub outopt {
+my($hash, $key, $no_expand) = @_;
+my($data) = $$hash{$key};
+
+print STDOUT "hide " if defined $$hash{"$key-hide"};
+
+# Output booleans in the form that doesn't use "="
+
+if ($data eq "true")
+ {
+ print STDOUT "$key\n";
+ }
+elsif ($data eq "false")
+ {
+ print STDOUT "no_$key\n";
+ }
+else
+ {
+ if ($no_expand)
+ {
+ printf STDOUT ("$key = %s\n", &no_expand_regex($data));
+ }
+ else
+ {
+ print STDOUT "$key = $data\n";
+ }
+ }
+}
+
+
+
+##################################################
+# Output the options for one driver #
+##################################################
+
+# Put the "driver" option first
+
+sub outdriver {
+my($hash) = $_[0];
+print STDOUT " driver = $$hash{'driver'}\n";
+foreach $key (sort keys %$hash)
+ {
+ next if $key eq "driver" || $key =~ /-hide$/;
+ print STDOUT " ";
+ &outopt($hash, $key, 0);
+ }
+}
+
+
+
+##################################################
+# Output a rewrite or a retry line #
+##################################################
+
+# These lines start with patterns which are now always expanded. If the
+# pattern is a regex, arrange for it not to expand.
+
+sub print_no_expand {
+my($s) = $_[0];
+if ($s =~ /^\^/)
+ {
+ if (!$escape_output)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** You have a retry or rewrite pattern that is a regular expression. Because\n" .
+" these patterns are now always expanded, you need to be sure that the\n" .
+" special characters in the regex are not interpreted by the expander.\n" .
+" \\N has been inserted at the start of the regex to prevent the rest of\n" .
+" it from being expanded.\n";
+ $escape_output = 1;
+ }
+ print STDOUT "\\N";
+ }
+print STDOUT "$s\n";
+}
+
+
+
+##################################################
+# Test a boolean main option #
+##################################################
+
+# This just saves a lot of typing
+
+sub bool {
+return defined $main{$_[0]} && $main{$_[0]} eq "true";
+}
+
+
+
+##################################################
+# Main program #
+##################################################
+
+print STDERR "Runtime configuration file converter for Exim release 4.\n";
+
+$transport_start = $director_start = $router_start = $retry_start
+ = $rewrite_start = $auth_start = 999999;
+
+$macro_output = "";
+$rubric_output = 0;
+$errmsg_output = 0;
+$key_output = 0;
+$unk_output = 0;
+$escape_output = 0;
+$add_no_more = 0;
+$add_caseful_local_part = 0;
+$done_dns_check_names = 0;
+
+$queue_only_load_was_present = 0;
+$deliver_queue_load_max_was_present = 0;
+
+# Read the entire file into an array
+
+chomp(@c = <STDIN>);
+$clen = scalar @c;
+
+# Remove the standard comment that appears at the end of the default
+
+if ($clen > 0 && $c[$clen-1] =~ /^#\s*End of Exim configuration file\s*/i)
+ {
+ pop @c;
+ $clen--;
+ }
+
+# The first pass over the input fishes out all the options settings in the
+# main, transport, director, and router sections, and places their values in
+# associative arrays. It also notes the starting position of all the sections.
+
+$prefix = "";
+%main = ();
+$hash = \%main;
+
+for ($i = 0; $i < $clen; $i++)
+ {
+ # Change references to +allow_unknown and +warn_unknown into +include_unknown
+
+ if ($c[$i] =~ /\+(?:allow|warn)_unknown/)
+ {
+ if (!$unk_output)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** You have used '+allow_unknown' or '+warn_unknown' in a configuration\n" .
+" option. This has been converted to '+include_unknown', but the action\n" .
+" is different in Exim 4, so you should review all the relevant options.\n";
+ $unk_output = 1;
+ }
+ $c[$i] =~ s/\+(?:allow|warn)_unknown/+include_unknown/g;
+ }
+
+ # Any reference to $errmsg_recipient is changed to $bounce_recipient
+
+ if ($c[$i] =~ /\$errmsg_recipient/)
+ {
+ if (!$errmsg_output)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** References to \$errmsg_recipient have been changed to \$bounce_recipient\n";
+ $errmsg_output = 1;
+ }
+ $c[$i] =~ s/\$errmsg_recipient/\$bounce_recipient/g;
+ }
+
+
+ # Analyse the type of line
+
+ $type = &checkline($c[$i]);
+ next if $type eq "comment";
+
+ # Output a warning if $key is used
+
+ if ($c[$i] =~ /\$key/ && !$key_output)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** You have used '\$key' in a configuration option. This variable does not\n" .
+" exist in Exim 4. Instead, the value you need for your lookup will be\n" .
+" in one of the other variables such as '\$domain' or '\$host'. You will\n" .
+" need to edit the new configuration to sort this out.\n";
+ $key_output = 1;
+ }
+
+ # Save macro definitions so we can output them first; must handle
+ # continuations.
+
+ if ($type eq "macro")
+ {
+ $macro_output .= "$c[$i++]\n" while $c[$i] =~ /\\\s*$|^\s*#/;
+ $macro_output .= "$c[$i]\n";
+ }
+
+ # Handle end of section
+
+ elsif ($type eq "end")
+ {
+ if ($prefix eq "=rewrite")
+ {
+ $prefix = "a.";
+ $auth_start = $i + 1;
+ last;
+ }
+ elsif ($prefix eq "=retry")
+ {
+ $prefix = "=rewrite";
+ $rewrite_start = $i + 1;
+ }
+ elsif ($prefix eq "r.")
+ {
+ $prefix = "=retry";
+ $retry_start = $i + 1;
+ }
+ elsif ($prefix eq "d.")
+ {
+ $prefix = "r.";
+ $router_start = $i + 1;
+ }
+ elsif ($prefix eq "t.")
+ {
+ $prefix = "d.";
+ $director_start = $i + 1;
+ }
+ elsif ($prefix eq "")
+ {
+ $prefix = "t.";
+ $transport_start = $i + 1;
+ }
+ }
+
+ # Handle start of a new director, router or transport driver
+
+ elsif ($type eq "driver" && $prefix !~ /^=/)
+ {
+ $hash = {};
+ if (defined $driverlist{"$prefix$name"})
+ {
+ die "*** There are two drivers with the name \"$name\"\n";
+ }
+ $driverlist{"$prefix$name"} = $hash;
+ $first_director = $name if !defined $first_director && $prefix eq "d.";
+ }
+
+ # Handle definition of an option; we must pull in any continuation
+ # strings, and save the value in the current hash. Note if the option
+ # is hidden.
+
+ elsif ($type eq "option")
+ {
+ my($nextline) = "";
+
+ while ($i < $clen - 1 && ($rest =~ /\\\s*$/s || $nextline =~ /^\s*#/))
+ {
+ $nextline = $c[++$i];
+ $rest .= "\n$nextline";
+ }
+
+ $$hash{$name} = $rest;
+ $$hash{"$name-hide"} = 1 if $hide ne "";
+ }
+ }
+
+
+# Generate the new configuration. Start with a warning rubric.
+
+print STDOUT "#!!# This file is output from the convert4r4 script, which tries\n";
+print STDOUT "#!!# to convert Exim 3 configurations into Exim 4 configurations.\n";
+print STDOUT "#!!# However, it is not perfect, especially with non-simple\n";
+print STDOUT "#!!# configurations. You must check it before running it.\n";
+print STDOUT "\n\n";
+
+# Output the macro definitions
+
+if ($macro_output ne "")
+ {
+ print STDOUT "#!!# All macro definitions have been gathered here to ensure\n";
+ print STDOUT "#!!# they precede any references to them.\n\n";
+ print STDOUT "$macro_output\n";
+ }
+
+# Output some default pointers to ACLs for RCPT and DATA time. If no Exim 3
+# options that apply are set, non-restricting ACLs are generated.
+
+print STDOUT "#!!# These options specify the Access Control Lists (ACLs) that\n";
+print STDOUT "#!!# are used for incoming SMTP messages - after the RCPT and DATA\n";
+print STDOUT "#!!# commands, respectively.\n\n";
+
+print STDOUT "acl_smtp_rcpt = check_recipient\n";
+print STDOUT "acl_smtp_data = check_message\n\n";
+
+if (defined $main{"auth_over_tls_hosts"})
+ {
+ print STDOUT "#!!# This option specifies the Access Control List (ACL) that\n";
+ print STDOUT "#!!# is used after an AUTH command.\n\n";
+ print STDOUT "acl_smtp_auth = check_auth\n\n";
+ }
+
+if (&bool("smtp_verify") ||
+ defined $main{"smtp_etrn_hosts"} ||
+ defined $main{"smtp_expn_hosts"})
+ {
+ print STDOUT "#!!# These options specify the Access Control Lists (ACLs) that\n";
+ print STDOUT "#!!# are used to control the ETRN, EXPN, and VRFY commands.\n";
+ print STDOUT "#!!# Where no ACL is defined, the command is locked out.\n\n";
+
+ print STDOUT "acl_smtp_etrn = check_etrn\n" if defined $main{"smtp_etrn_hosts"};
+ print STDOUT "acl_smtp_expn = check_expn\n" if defined $main{"smtp_expn_hosts"};
+ print STDOUT "acl_smtp_vrfy = check_vrfy\n" if &bool("smtp_verify");
+ print STDOUT "\n";
+ }
+
+# If local_domains was set, get its value; otherwise set to "@". Add into it
+# appropriate magic for local_domains_include_host[_literals].
+
+$local_domains = (defined $main{"local_domains"})? $main{"local_domains"} : "@";
+
+$ldsep = ":";
+if ($local_domains =~ /^\s*<(.)\s*(.*)/s)
+ {
+ $ldsep = $1;
+ $local_domains = $2;
+ }
+
+$local_domains = "\@[] $ldsep " . $local_domains
+ if defined $main{"local_domains_include_host_literals"} &&
+ $main{"local_domains_include_host_literals"} eq "true";
+
+$local_domains = "\@ $ldsep " . $local_domains
+ if defined $main{"local_domains_include_host"} &&
+ $main{"local_domains_include_host"} eq "true";
+
+$local_domains = "<$ldsep " . $local_domains if $ldsep ne ":";
+
+# Output a domain list setting for these domains, provided something is defined
+
+if ($local_domains !~ /^\s*$/)
+ {
+ print STDOUT "#!!# This setting defines a named domain list called\n";
+ print STDOUT "#!!# local_domains, created from the old options that\n";
+ print STDOUT "#!!# referred to local domains. It will be referenced\n";
+ print STDOUT "#!!# later on by the syntax \"+local_domains\".\n";
+ print STDOUT "#!!# Other domain and host lists may follow.\n\n";
+
+ printf STDOUT ("domainlist local_domains = %s\n\n",
+ &no_expand_regex($local_domains));
+ }
+
+$relay_domains = (defined $main{"relay_domains"})? $main{"relay_domains"} : "";
+
+$ldsep = ":";
+if ($relay_domains =~ /^\s*<(.)\s*(.*)/s)
+ {
+ $ldsep = $1;
+ }
+
+if (defined $main{"relay_domains_include_local_mx"})
+ {
+ $relay_domains .= ($relay_domains =~ /^\s*$/)? "\@mx_any" :
+ " $ldsep \@mx_any";
+ }
+
+printf STDOUT ("domainlist relay_domains = %s\n",
+ &no_expand_regex($relay_domains))
+ if $relay_domains !~ /^\s*$/;
+
+
+# If ignore_errmsg_errors is set, we are going to force 0s as the value
+# for ignore_errmsg_errors_after, so arrange to skip any other value.
+
+push @skipped_options, "ignore_errmsg_errors_after"
+ if &bool("ignore_errmsg_errors");
+
+
+# If rbl_domains is set, split it up and generate six lists:
+# rbl_warn_domains, rbl_warn_domains_skiprelay
+# rbl_reject_domains, rbl_reject_domains_skiprelay
+# rbl_accept_domains, rbl_accept_domains_skiprelay
+
+if (defined $main{"rbl_domains"})
+ {
+ my($s) = &unquote($main{"rbl_domains"});
+ $s =~ s/\s*\\\s*\n\s*/ /g;
+ my(@list) = split /\s*:\s*/, $s;
+
+ foreach $d (@list)
+ {
+ my(@sublist) = split /\//, $d;
+ my($name) = shift @sublist;
+ my($warn) = 0;
+ if (defined $main{"rbl_reject_recipients"})
+ {
+ $warn = $main{"rbl_reject_recipients"} ne "true";
+ }
+
+ foreach $o (@sublist)
+ {
+ $warn = 1 if $o eq "warn";
+ $warn = 0 if $o eq "reject";
+ $warn = 2 if $o eq "accept";
+ $skiprelay = 1 if $o eq "skiprelay";
+ }
+
+ if ($skiprelay)
+ {
+ if ($warn == 0)
+ {
+ $rbl_reject_skiprelay .= ((defined $rbl_reject_skiprelay)? ":":"").$name;
+ }
+ elsif ($warn == 1)
+ {
+ $rbl_warn_skiprelay .= ((defined $rbl_warn_skiprelay)? ":":"").$name;
+ }
+ elsif ($warn == 2)
+ {
+ $rbl_accept_skiprelay .= ((defined $rbl_accept_skiprelay)? ":":"").$name;
+ }
+ }
+ else
+ {
+ if ($warn == 0)
+ {
+ $rbl_reject_domains .= ((defined $rbl_reject_domains)? ":":"").$name;
+ }
+ elsif ($warn == 1)
+ {
+ $rbl_warn_domains .= ((defined $rbl_warn_domains)? ":":"").$name;
+ }
+ elsif ($warn == 2)
+ {
+ $rbl_accept_domains .= ((defined $rbl_accept_domains)? ":":"").$name;
+ }
+ }
+ }
+ }
+
+
+# Output host list settings
+
+printf STDOUT ("hostlist auth_hosts = %s\n",
+ &no_expand_regex($main{"auth_hosts"}))
+ if defined $main{"auth_hosts"};
+printf STDOUT ("hostlist rbl_hosts = %s\n",
+ &no_expand_regex($main{"rbl_hosts"}))
+ if defined $main{"rbl_hosts"};
+printf STDOUT ("hostlist relay_hosts = %s\n",
+ &no_expand_regex($main{"host_accept_relay"}))
+ if defined $main{"host_accept_relay"};
+printf STDOUT ("hostlist auth_relay_hosts = %s\n",
+ &no_expand_regex($main{"host_auth_accept_relay"}))
+ if defined $main{"host_auth_accept_relay"};
+
+printf STDOUT ("hostlist auth_over_tls_hosts = %s\n",
+ &no_expand_regex($main{"auth_over_tls_hosts"}))
+ if defined $main{"auth_over_tls_hosts"};
+printf STDOUT ("hostlist tls_hosts = %s\n",
+ &no_expand_regex($main{"tls_hosts"}))
+ if defined $main{"tls_hosts"};
+printf STDOUT ("hostlist tls_relay_hosts = %s\n",
+ &no_expand_regex($main{"tls_host_accept_relay"}))
+ if defined $main{"tls_host_accept_relay"};
+
+print STDOUT "\n";
+
+
+# Convert various logging options
+
+$log_selector = "";
+$sep = " \\\n ";
+
+if (defined $main{"log_level"})
+ {
+ my($level) = $main{"log_level"};
+ $log_selector .= "$sep -retry_defer$sep -skip_delivery" if $level < 5;
+ $log_selector .= "$sep -lost_incoming_connection$sep -smtp_syntax_error" .
+ "$sep -delay_delivery" if $level < 4;
+ $log_selector .= "$sep -size_reject" if $level < 2;
+ }
+
+$log_selector .= "$sep -queue_run"
+ if defined $main{"log_queue_run_level"} &&
+ defined $main{"log_level"} &&
+ $main{"log_queue_run_level"} > $main{"log_level"};
+
+$log_selector .= "$sep +address_rewrite" if &bool("log_rewrites");
+$log_selector .= "$sep +all_parents" if &bool("log_all_parents");
+$log_selector .= "$sep +arguments" if &bool("log_arguments");
+$log_selector .= "$sep +incoming_port" if &bool("log_incoming_port");
+$log_selector .= "$sep +incoming_interface" if &bool("log_interface");
+$log_selector .= "$sep +received_sender" if &bool("log_received_sender");
+$log_selector .= "$sep +received_recipients" if &bool("log_received_recipients");
+$log_selector .= "$sep +sender_on_delivery" if &bool("log_sender_on_delivery");
+$log_selector .= "$sep +smtp_confirmation" if &bool("log_smtp_confirmation");
+$log_selector .= "$sep +smtp_connection" if &bool("log_smtp_connections");
+$log_selector .= "$sep +smtp_syntax_error" if &bool("log_smtp_syntax_errors");
+$log_selector .= "$sep +subject" if &bool("log_subject");
+$log_selector .= "$sep +tls_cipher" if &bool("tls_log_cipher");
+$log_selector .= "$sep +tls_peerdn" if &bool("tls_log_peerdn");
+
+
+if ($log_selector ne "")
+ {
+ print STDOUT "#!!# All previous logging options are combined into a single\n"
+ . "#!!# option in Exim 4. This setting is an approximation to\n"
+ . "#!!# the previous state - some logging has changed.\n\n";
+ print STDOUT "log_selector = $log_selector\n\n";
+ }
+
+# If deliver_load_max is set, replace it with queue_only_load (taking the
+# lower value if both set) and also set deliver_queue_load_max if it is
+# not already set. When scanning for output, deliver_load_max is skipped.
+
+if (defined $main{"deliver_load_max"})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** deliver_load_max is abolished in Exim 4.\n";
+
+ if (defined $main{"queue_only_load"})
+ {
+ $queue_only_load_was_present = 1;
+ if ($main{"queue_only_load"} < $main{"deliver_load_max"})
+ {
+ print STDERR
+" As queue_only_load was set lower, deliver_load_max is just removed.\n";
+ }
+ else
+ {
+ print STDERR
+" As queue_only_load was set higher, it's value has been replaced by\n" .
+" the value of deliver_load_max.\n";
+ $main{"queue_only_load"} = $main{"deliver_load_max"};
+ }
+ }
+ else
+ {
+ print STDERR
+" queue_only_load has been set to the load value.\n";
+ $main{"queue_only_load"} = $main{"deliver_load_max"};
+ }
+
+ if (!defined $main{"deliver_queue_load_max"})
+ {
+ print STDERR
+" deliver_queue_load_max has been set to the value of queue_only_load.\n";
+ $main{"deliver_queue_load_max"} = $main{"queue_only_load"};
+ }
+ else
+ {
+ $deliver_queue_load_max_was_present = 1;
+ }
+ }
+
+
+# Now we scan through the various parts of the file again, making changes
+# as necessary.
+
+# -------- The main configuration --------
+
+$prefix = "";
+MainLine: for ($i = 0; $i < $clen; $i++)
+ {
+ my($nextline) = "";
+ $type = &checkline($c[$i]);
+ last if $type eq "end";
+
+ if ($type eq "macro")
+ {
+ $i++ while $c[$i] =~ /\\\s*$|^\s*#/;
+ next;
+ }
+
+ if ($type eq "comment") { print STDOUT "$c[$i]\n"; next; }
+
+ # Collect any continuation lines for an option setting
+
+ while ($rest =~ /\\\s*$/s || $nextline =~ /^\s*#/)
+ {
+ $nextline = $c[++$i];
+ $rest .= "\n$nextline";
+ }
+
+ $rest =~ s/^=\s*//;
+
+ # Deal with main options that are skipped (they are used in other
+ # options in other places).
+
+ for $skipped (@skipped_options)
+ {
+ next MainLine if $name eq $skipped;
+ }
+
+ # Deal with main options that are totally abolished
+
+ for $abolished (@abolished_options)
+ {
+ if ($name eq $abolished)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The $name option no longer exists, and has no equivalent\n" .
+" in Exim 4.\n";
+ next MainLine;
+ }
+ }
+
+ # There is a special case for rbl_warn_header
+
+ if ($name eq "rbl_warn_header")
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The $name option no longer exists. In Exim 4 you can achieve the\n" .
+" effect by adding a suitable \"message\" statement in the ACL.\n";
+ }
+
+ # There is a special case for sender_reject and host_reject
+
+ elsif ($name eq "sender_reject" || $name eq "host_reject")
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The $name option no longer exists. Its data has been used in\n" .
+" an Access Control List as if it were in ${name}_recipients.\n";
+ }
+
+ # And a special message for prohibition_message
+
+ elsif ($name eq "prohibition_message")
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The prohibition_message option no longer exists. The facility is\n" .
+" provided in a different way in Exim 4, via the \"message\" keyword\n" .
+" in Access Control Lists. It isn't possible to do an automatic conversion,\n" .
+" so the value of prohibition_message has been ignored. You will have to\n" .
+" modify the ACLs if you want to reinstate the feature.\n";
+ }
+
+ # auth_always_advertise gets converted to auth_advertise_hosts
+
+ elsif ($name eq "auth_always_advertise")
+ {
+ print STDOUT "#!!# auth_always_advertise converted to auth_advertise_hosts\n";
+ if (&bool("auth_always_advertise"))
+ {
+ print STDOUT "auth_advertise_hosts = *\n";
+ }
+ else
+ {
+ $sep = "";
+ print STDOUT "auth_advertise_hosts =";
+ if (defined $main{"auth_hosts"})
+ {
+ print STDOUT "$sep +auth_hosts";
+ $sep = " :";
+ }
+ if (defined $main{"host_accept_relay"})
+ {
+ print STDOUT "$sep !+relay_hosts";
+ $sep = " :";
+ }
+ if (defined $main{"host_auth_accept_relay"})
+ {
+ print STDOUT "$sep +auth_relay_hosts";
+ }
+ print STDOUT "\n";
+ }
+ }
+
+ # Deal with main options that have to be rewritten
+
+ elsif ($name eq "accept_timeout")
+ {
+ print STDOUT "#!!# accept_timeout renamed receive_timeout\n";
+ print STDOUT "receive_timeout = $rest\n";
+ }
+
+ elsif ($name eq "collapse_source_routes")
+ {
+ print STDOUT "#!!# collapse_source_routes removed\n";
+ print STDOUT "#!!# It has been a no-op since 3.10.\n";
+ }
+
+ elsif ($name eq "daemon_smtp_service")
+ {
+ print STDOUT "#!!# daemon_smtp_service renamed daemon_smtp_port\n";
+ print STDOUT "daemon_smtp_port = $rest\n";
+ }
+
+ elsif ($name eq "dns_check_names" || $name eq "dns_check_names_pattern")
+ {
+ if (!$done_dns_check_names)
+ {
+ if (&bool("dns_check_names"))
+ {
+ if (defined $main{"dns_check_names_pattern"})
+ {
+ &outopt(\%main, "dns_check_names_pattern", 0);
+ }
+ }
+
+ else
+ {
+ print STDOUT "#!!# dns_check_names has been abolished\n";
+ print STDOUT "#!!# setting dns_check_pattern empty to turn off check\n";
+ print STDOUT "dns_check_names_pattern =\n";
+ }
+
+ $done_dns_check_names = 1;
+ }
+ }
+
+ elsif ($name eq "deliver_load_max")
+ {
+ print STDOUT "deliver_queue_load_max = $main{'deliver_queue_load_max'}\n"
+ if !$deliver_queue_load_max_was_present;
+ print STDOUT "queue_only_load = $main{'queue_only_load'}\n"
+ if !$queue_only_load_was_present;
+ }
+
+ elsif ($name eq "errmsg_file")
+ {
+ print STDOUT "#!!# errmsg_file renamed bounce_message_file\n";
+ print STDOUT "bounce_message_file = $rest\n";
+ }
+
+ elsif ($name eq "errmsg_text")
+ {
+ print STDOUT "#!!# errmsg_text renamed bounce_message_text\n";
+ print STDOUT "bounce_message_text = $rest\n";
+ }
+
+ elsif ($name eq "forbid_domain_literals")
+ {
+ print STDOUT "#!!# forbid_domain_literals replaced by allow_domain_literals\n";
+ print STDOUT "allow_domain_literals = ",
+ &bool("forbid_domain_literals")? "false" : "true", "\n";
+ }
+
+ elsif ($name eq "freeze_tell_mailmaster")
+ {
+ print STDOUT "#!!# freeze_tell_mailmaster replaced by freeze_tell\n";
+ if (&bool("freeze_tell_mailmaster"))
+ {
+ print STDOUT "freeze_tell = ",
+ ((defined $main{"errors_address"})?
+ $main{"errors_address"} : "postmaster"), "\n";
+ }
+ else
+ {
+ print STDOUT "#!!# freeze_tell is unset by default\n";
+ }
+ }
+
+ elsif ($name eq "helo_verify")
+ {
+ print STDOUT "#!!# helo_verify renamed helo_verify_hosts\n";
+ printf STDOUT ("helo_verify_hosts = %s\n", &no_expand_regex($rest));
+ }
+
+ elsif ($name eq "ignore_errmsg_errors")
+ {
+ print STDOUT "ignore_bounce_errors_after = 0s\n";
+ }
+
+ elsif ($name eq "ignore_errmsg_errors_after")
+ {
+ print STDOUT "#!!# ignore_errmsg_errors_after renamed ignore_bounce_errors_after\n";
+ print STDOUT "ignore_bounce_errors_after = $rest\n";
+ }
+
+ elsif ($name eq "ipv4_address_lookup" || $name eq "dns_ipv4_lookup")
+ {
+ print STDOUT "#!!# $name changed to dns_ipv4_lookup\n"
+ if $name eq "ipv4_address_lookup";
+ print STDOUT "#!!# dns_ipv4_lookup is now a domain list\n";
+ if (&bool($name))
+ {
+ print STDOUT "dns_ipv4_lookup = *\n";
+ }
+ else
+ {
+ print STDOUT "#!!# default for dns_ipv4_lookup is unset\n";
+ }
+ }
+
+ elsif ($name eq "locally_caseless")
+ {
+ print STDOUT "#!!# locally_caseless removed\n";
+ print STDOUT "#!!# caseful_local_part will be added to ex-directors\n";
+ $add_caseful_local_part = 1;
+ }
+
+ elsif ($name eq "message_filter_directory2_transport")
+ {
+ print STDOUT "#!!# message_filter_directory2_transport removed\n";
+ }
+
+ elsif ($name =~ /^message_filter(.*)/)
+ {
+ print STDOUT "#!!# $name renamed system_filter$1\n";
+ print STDOUT "system_filter$1 = $rest\n";
+ }
+
+ elsif ($name eq "queue_remote_domains")
+ {
+ print STDOUT "#!!# queue_remote_domains renamed queue_domains\n";
+ printf STDOUT ("queue_domains = %s\n", &no_expand_regex($rest));
+ }
+
+ elsif ($name eq "receiver_unqualified_hosts")
+ {
+ print STDOUT "#!!# receiver_unqualified_hosts renamed recipient_unqualified_hosts\n";
+ printf STDOUT ("recipient_unqualified_hosts = %s\n",
+ &no_expand_regex($rest));
+ }
+
+ elsif ($name eq "remote_sort")
+ {
+ print STDOUT "#!!# remote_sort renamed remote_sort_domains\n";
+ printf STDOUT ("remote_sort_domains = %s\n", &no_expand_regex($rest));
+ }
+
+ elsif ($name eq "security")
+ {
+ if ($rest eq "unprivileged")
+ {
+ print STDOUT "#!!# security=unprivileged changed to deliver_drop_privilege\n";
+ print STDOUT "deliver_drop_privilege\n";
+ }
+ else
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The 'security' option no longer exists.\n";
+ }
+ }
+
+ elsif ($name eq "timestamps_utc")
+ {
+ print STDOUT "#!!# timestamps_utc changed to use timezone\n";
+ print STDOUT "timezone = utc\n";
+ }
+
+ elsif ($name eq "untrusted_set_sender")
+ {
+ print STDOUT "#!!# untrusted_set_sender is now a list of what can be set\n";
+ print STDOUT "#!!# The default is an empty list.\n";
+ if (&bool("untrusted_set_sender"))
+ {
+ print STDOUT "untrusted_set_sender = *\n";
+ }
+ }
+
+ elsif ($name eq "warnmsg_file")
+ {
+ print STDOUT "#!!# warnmsg_file renamed warn_message_file\n";
+ print STDOUT "warn_message_file = $rest\n";
+ }
+
+ # Remaining options just get copied unless they are one of those that's
+ # a list where any regular expressions have to be escaped.
+
+ else
+ {
+ my($no_expand) = 0;
+ foreach $o (@list_options)
+ {
+ if ($name eq $o)
+ {
+ $no_expand = 1;
+ last;
+ }
+ }
+ &outopt(\%main, $name, $no_expand);
+ }
+ }
+
+
+# -------- The ACL configuration --------
+
+print STDOUT "\n";
+print STDOUT "#!!#######################################################!!#\n";
+print STDOUT "#!!# This new section of the configuration contains ACLs #!!#\n";
+print STDOUT "#!!# (Access Control Lists) derived from the Exim 3 #!!#\n";
+print STDOUT "#!!# policy control options. #!!#\n";
+print STDOUT "#!!#######################################################!!#\n";
+
+print STDOUT "\n";
+print STDOUT "#!!# These ACLs are crudely constructed from Exim 3 options.\n";
+print STDOUT "#!!# They are almost certainly not optimal. You should study\n";
+print STDOUT "#!!# them and rewrite as necessary.\n";
+
+print STDOUT "\nbegin acl\n\n";
+
+
+# Output an ACL for use after the RCPT command. This combines all the previous
+# policy checking options.
+
+print STDOUT "#!!# ACL that is used after the RCPT command\n";
+print STDOUT "check_recipient:\n";
+
+print STDOUT " # Exim 3 had no checking on -bs messages, so for compatibility\n";
+print STDOUT " # we accept if the source is local SMTP (i.e. not over TCP/IP).\n";
+print STDOUT " # We do this by testing for an empty sending host field.\n";
+print STDOUT " accept hosts = :\n";
+
+if (defined $main{"tls_verify_ciphers"})
+ {
+ print STDOUT " deny ";
+ print STDOUT "hosts = $main{'tls_verify_hosts'}\n "
+ if defined $main{"tls_verify_hosts"};
+ print STDOUT " encrypted = *\n ";
+ print STDOUT "!encrypted = $main{'tls_verify_ciphers'}\n";
+ }
+
+print STDOUT " deny hosts = +auth_hosts\n" .
+ " message = authentication required\n" .
+ " !authenticated = *\n"
+ if defined $main{"auth_hosts"};
+
+print STDOUT " deny hosts = +tls_hosts\n" .
+ " message = encryption required\n" .
+ " !encrypted = *\n"
+ if defined $main{"tls_hosts"};
+
+printf STDOUT (" accept recipients = %s\n",
+ &acl_quote(&sort_address_list($main{"recipients_reject_except"},
+ "recipients_reject_except")))
+ if defined $main{"recipients_reject_except"};
+
+printf STDOUT (" accept senders = %s\n",
+ &acl_quote(&sort_address_list($main{"recipients_reject_except_senders"},
+ "recipients_reject_except_senders")))
+ if defined $main{"recipients_reject_except_senders"};
+
+printf STDOUT (" deny hosts = %s\n", &acl_quote($main{"host_reject"}))
+ if defined $main{"host_reject"};
+
+printf STDOUT (" deny hosts = %s\n",
+ &acl_quote($main{"host_reject_recipients"}))
+ if defined $main{"host_reject_recipients"};
+
+if (defined $main{"rbl_domains"})
+ {
+ my($msg) = "message = host is listed in \$dnslist_domain\n ";
+ my($hlist) = (defined $main{"rbl_hosts"})?
+ "hosts = +rbl_hosts\n " : "";
+
+ print STDOUT " accept ${hlist}dnslists = $rbl_accept_domains\n"
+ if defined $rbl_accept_domains;
+ print STDOUT " deny ${hlist}${msg}dnslists = $rbl_reject_domains\n"
+ if defined $rbl_reject_domains;
+ print STDOUT " warn ${hlist}" .
+ "message = X-Warning: \$sender_host_address is listed at \$dnslist_domain\n" .
+ " dnslists = $rbl_warn_domains\n"
+ if defined $rbl_warn_domains;
+
+ if (defined $main{"host_accept_relay"})
+ {
+ $hlist .= "hosts = !+relay_hosts\n ";
+ print STDOUT " accept ${hlist}dnslists = $rbl_accept_skiprelay\n"
+ if defined $rbl_accept_skiprelay;
+ print STDOUT " deny ${hlist}${msg}dnslists = $rbl_reject_skiprelay\n"
+ if defined $rbl_reject_skiprelay;
+ print STDOUT " warn ${hlist}" .
+ "message = X-Warning: \$sender_host_address is listed at \$dnslist_domain\n" .
+ " dnslists = $rbl_warn_skiprelay\n"
+ if defined $rbl_warn_skiprelay;
+ }
+ }
+
+printf STDOUT (" deny senders = %s\n",
+ &acl_quote(&sort_address_list($main{"sender_reject"}, "sender_reject")))
+ if defined $main{"sender_reject"};
+
+printf STDOUT (" deny senders = %s\n",
+ &acl_quote(&sort_address_list($main{"sender_reject_recipients"},
+ "sender_reject_recipients")))
+ if defined $main{"sender_reject_recipients"};
+
+if (&bool("sender_verify"))
+ {
+ if (defined $main{"sender_verify_hosts_callback"} &&
+ defined $main{"sender_verify_callback_domains"})
+ {
+ printf STDOUT (" deny hosts = %s\n",
+ &acl_quote($main{"sender_verify_hosts_callback"}));
+ printf STDOUT (" sender_domains = %s\n",
+ &acl_quote($main{"sender_verify_callback_domains"}));
+ print STDOUT " !verify = sender/callout";
+ print STDOUT "=$main{\"sender_verify_callback_timeout\"}"
+ if defined $main{"sender_verify_callback_timeout"};
+ print STDOUT "\n";
+ }
+
+ if (defined $main{"sender_verify_hosts"})
+ {
+ printf STDOUT (" deny hosts = %s\n",
+ &acl_quote($main{"sender_verify_hosts"}));
+ print STDOUT " !verify = sender\n";
+ }
+ else
+ {
+ print STDOUT " require verify = sender\n";
+ }
+ }
+
+if (&bool("receiver_verify"))
+ {
+ print STDOUT " deny message = unrouteable address\n";
+ printf STDOUT (" recipients = %s\n",
+ &acl_quote(&sort_address_list($main{"receiver_verify_addresses"},
+ "receiver_verify_addresses")))
+ if defined $main{"receiver_verify_addresses"};
+ printf STDOUT (" hosts = %s\n",
+ &acl_quote($main{"receiver_verify_hosts"}))
+ if defined $main{"receiver_verify_hosts"};
+ printf STDOUT (" senders = %s\n",
+ &acl_quote(&sort_address_list($main{"receiver_verify_senders"},
+ "receiver_verify_senders")))
+ if defined $main{"receiver_verify_senders"};
+ print STDOUT " !verify = recipient\n";
+ }
+
+print STDOUT " accept domains = +local_domains\n"
+ if $local_domains !~ /^\s*$/;
+
+print STDOUT " accept domains = +relay_domains\n"
+ if $relay_domains !~ /^\s*$/;
+
+if (defined $main{"host_accept_relay"})
+ {
+ if (defined $main{"sender_address_relay"})
+ {
+ if (defined $main{"sender_address_relay_hosts"})
+ {
+ printf STDOUT (" accept hosts = %s\n",
+ &acl_quote($main{"sender_address_relay_hosts"}));
+ print STDOUT " endpass\n";
+ print STDOUT " message = invalid sender\n";
+ printf STDOUT (" senders = %s\n",
+ &acl_quote(&sort_address_list($main{"sender_address_relay"},
+ "sender_address_relay")));
+ print STDOUT " accept hosts = +relay_hosts\n";
+ }
+ else
+ {
+ print STDOUT " accept hosts = +relay_hosts\n";
+ print STDOUT " endpass\n";
+ print STDOUT " message = invalid sender\n";
+ printf STDOUT (" senders = %s\n",
+ &acl_quote(&sort_address_list($main{"sender_address_relay"},
+ "sender_address_relay")));
+ }
+ }
+ else
+ {
+ print STDOUT " accept hosts = +relay_hosts\n";
+ }
+ }
+
+print STDOUT " accept hosts = +auth_relay_hosts\n" .
+ " endpass\n" .
+ " message = authentication required\n" .
+ " authenticated = *\n"
+ if defined $main{"host_auth_accept_relay"};
+
+print STDOUT " accept hosts = +tls_relay_hosts\n" .
+ " endpass\n" .
+ " message = encryption required\n" .
+ " encrypted = *\n"
+ if defined $main{"tls_host_accept_relay"};
+
+print STDOUT " deny message = relay not permitted\n\n";
+
+
+# Output an ACL for use after the DATA command. This is concerned with
+# header checking.
+
+print STDOUT "#!!# ACL that is used after the DATA command\n";
+print STDOUT "check_message:\n";
+
+# Default for headers_checks_fail is true
+
+if (!defined $main{"headers_checks_fail"} ||
+ $main{"headers_checks_fail"} eq "true")
+ {
+ print STDOUT " require verify = header_syntax\n"
+ if &bool("headers_check_syntax");
+ print STDOUT " require verify = header_sender\n"
+ if &bool("headers_sender_verify");
+ print STDOUT " accept senders = !:\n require verify = header_sender\n"
+ if &bool("headers_sender_verify_errmsg");
+ }
+else
+ {
+ print STDOUT " warn !verify = header_syntax\n"
+ if &bool("headers_check_syntax");
+ print STDOUT " warn !verify = header_sender\n"
+ if &bool("headers_sender_verify");
+ print STDOUT " accept senders = !:\n warn !verify = header_sender\n"
+ if &bool("headers_sender_verify_errmsg");
+ }
+
+print STDOUT " accept\n\n";
+
+
+# Output an ACL for AUTH if required
+
+if (defined $main{"auth_over_tls_hosts"})
+ {
+ print STDOUT "#!!# ACL that is used after the AUTH command\n" .
+ "check_auth:\n" .
+ " accept hosts = +auth_over_tls_hosts\n" .
+ " endpass\n" .
+ " message = STARTTLS required before AUTH\n" .
+ " encrypted = *\n" .
+ " accept\n";
+ }
+
+
+# Output ACLs for ETRN, EXPN, and VRFY if required
+
+if (defined $main{"smtp_etrn_hosts"})
+ {
+ print STDOUT "#!!# ACL that is used after the ETRN command\n" .
+ "check_etrn:\n";
+ print STDOUT " deny hosts = +auth_hosts\n" .
+ " message = authentication required\n" .
+ " !authenticated = *\n"
+ if defined $main{"auth_hosts"};
+ print STDOUT " accept hosts = $main{\"smtp_etrn_hosts\"}\n\n";
+ }
+
+if (defined $main{"smtp_expn_hosts"})
+ {
+ print STDOUT "#!!# ACL that is used after the EXPN command\n" .
+ "check_expn:\n";
+ print STDOUT " deny hosts = +auth_hosts\n" .
+ " message = authentication required\n" .
+ " !authenticated = *\n"
+ if defined $main{"auth_hosts"};
+ print STDOUT " accept hosts = $main{\"smtp_expn_hosts\"}\n\n";
+ }
+
+if (&bool("smtp_verify"))
+ {
+ print STDOUT "#!!# ACL that is used after the VRFY command\n" .
+ "check_vrfy:\n";
+ print STDOUT " deny hosts = +auth_hosts\n" .
+ " message = authentication required\n" .
+ " !authenticated = *\n"
+ if defined $main{"auth_hosts"};
+ print STDOUT " accept\n\n";
+ }
+
+# -------- The authenticators --------
+
+$started = 0;
+for ($i = $auth_start; $i < $clen; $i++)
+ {
+ if (!$started)
+ {
+ if ($c[$i] !~ /^\s*(#|$)/)
+ {
+ print STDOUT "\nbegin authenticators\n\n";
+ $started = 1;
+ }
+ }
+ print STDOUT "$c[$i]\n";
+ }
+
+
+# -------- Rewrite section --------
+
+$started = 0;
+for ($i = $rewrite_start; $i < $clen && $i < $auth_start - 1; $i++)
+ {
+ if (!$started)
+ {
+ if ($c[$i] !~ /^\s*(#|$)/)
+ {
+ print STDOUT "\nbegin rewrite\n\n";
+ $started = 1;
+ }
+ }
+ &print_no_expand($c[$i]);
+ }
+
+
+# -------- The routers configuration --------
+
+# The new routers configuration is created out of the old directors and routers
+# configuration. We put the old routers first, adding a "domains" option to
+# any that don't have one, to make them select the domains that do not match
+# the original local_domains. The routers get modified as necessary, and the
+# final one has "no_more" set, unless it has conditions. In that case we have
+# to add an extra router to be sure of failing all non-local addresses that
+# fall through. We do this also if there are no routers at all. The old
+# directors follow, modified as required.
+
+$prefix = "r.";
+undef @comments;
+
+print STDOUT "\n";
+print STDOUT "#!!#######################################################!!#\n";
+print STDOUT "#!!# Here follow routers created from the old routers, #!!#\n";
+print STDOUT "#!!# for handling non-local domains. #!!#\n";
+print STDOUT "#!!#######################################################!!#\n";
+
+print STDOUT "\nbegin routers\n\n";
+
+for ($i = $router_start; $i < $clen; $i++)
+ {
+ $type = &checkline($c[$i]);
+ last if $type eq "end";
+
+ if ($type eq "comment") { push(@comments, "$c[$i]\n"); next; }
+
+ # When we hit the start of a driver, modify its options as necessary,
+ # and then output it from the stored option settings, having first output
+ # and previous comments.
+
+ if ($type eq "driver")
+ {
+ print STDOUT shift @comments while scalar(@comments) > 0;
+
+ $hash = $driverlist{"$prefix$name"};
+ $driver = $$hash{"driver"};
+ print STDOUT "$name:\n";
+
+ $add_no_more =
+ ! defined $$hash{"domains"} &&
+ ! defined $$hash{"local_parts"} &&
+ ! defined $$hash{"senders"} &&
+ ! defined $$hash{"condition"} &&
+ ! defined $$hash{"require_files"} &&
+ (!defined $$hash{"verify_only"} || $$hash{"verify_only"} eq "false") &&
+ (!defined $$hash{"verify"} || $$hash{"verify"} eq "true");
+
+ # Create a "domains" setting if there isn't one, unless local domains
+ # was explicitly empty.
+
+ $$hash{"domains"} = "! +local_domains"
+ if !defined $$hash{"domains"} && $local_domains !~ /^\s*$/;
+
+ # If the router had a local_parts setting, add caseful_local_part
+
+ $$hash{"caseful_local_part"} = "true" if defined $$hash{"local_parts"};
+
+ # If the router has "self=local" set, change it to "self=pass", and
+ # set pass_router to the router that was the first director. Change the
+ # obsolete self settings of "fail_hard" and "fail_soft" to "fail" and
+ # "pass".
+
+ if (defined $$hash{"self"})
+ {
+ if ($$hash{"self"} eq "local")
+ {
+ $$hash{"self"} = "pass";
+ $$hash{"pass_router"} = $first_director;
+ }
+ elsif ($$hash{"self"} eq "fail_hard")
+ {
+ $$hash{"self"} = "fail";
+ }
+ elsif ($$hash{"self"} eq "fail_soft")
+ {
+ $$hash{"self"} = "pass";
+ }
+ }
+
+ # If the router had a require_files setting, check it for user names
+ # and colons that are part of expansion items
+
+ if (defined $$hash{"require_files"})
+ {
+ &check_require($$hash{"require_files"}, "'$name' router");
+ if (($$hash{"require_files"} =~ s/(\$\{\w+):/$1::/g) > 0 ||
+ ($$hash{"require_files"} =~ s/ldap:/ldap::/g) > 0)
+ {
+ &rubric();
+ print STDERR "\n" .
+"*** A setting of require_files in the $name router contains\n" .
+" a colon in what appears to be an expansion item. In Exim 3, the\n" .
+" whole string was expanded before splitting the list, but in Exim 4\n" .
+" each item is expanded separately, so colons that are not list\n" .
+" item separators have to be doubled. One or more such colons in this\n" .
+" list have been doubled as a precaution. Please check the result.\n";
+ }
+ }
+
+ # If the router had a "senders" setting, munge the address list
+
+ $$hash{"senders"} = &sort_address_list($$hash{"senders"}, "senders")
+ if defined $$hash{"senders"};
+
+ # ---- Changes to domainlist router ----
+
+ if ($driver eq "domainlist")
+ {
+ &abolished($hash, "A domainlist router",
+ "modemask", "owners", "owngroups",
+ "qualify_single", "search_parents");
+
+ # The name has changed
+
+ $$hash{"driver"} = "manualroute";
+
+ # Turn "route_file", "route_query" and "route_queries" into lookups for
+ # route_data.
+
+ if (defined $$hash{"route_file"})
+ {
+ $$hash{"route_data"} = "\${lookup\{\$domain\}$$hash{'search_type'}" .
+ "\{$$hash{'route_file'}\}\}";
+ }
+ elsif (defined $$hash{"route_query"})
+ {
+ $$hash{"route_data"} = "\${lookup $$hash{'search_type'}" .
+ "\{" . &unquote($$hash{'route_query'}) . "\}\}";
+ }
+ elsif (defined $$hash{"route_queries"})
+ {
+ $endkets = 0;
+ $$hash{"route_data"} = "";
+ $route_queries = $$hash{'route_queries'};
+ $route_queries =~ s/^"(.*)"$/$1/s;
+ $route_queries =~ s/::/++colons++/g;
+ @qq = split(/:/, $route_queries);
+
+ foreach $q (@qq)
+ {
+ $q =~ s/\+\+colons\+\+/:/g;
+ $q =~ s/^\s+//;
+ $q =~ s/\s+$//;
+ if ($endkets > 0)
+ {
+ $$hash{"route_data"} .= "\\\n {";
+ $endkets++;
+ }
+ $$hash{"route_data"} .= "\${lookup $$hash{'search_type'} \{$q\}\{\$value\}";
+ $endkets++;
+ }
+
+ $$hash{"route_data"} .= "}" x $endkets;
+ }
+
+ delete $$hash{"route_file"};
+ delete $$hash{"route_query"};
+ delete $$hash{"route_queries"};
+ delete $$hash{"search_type"};
+
+ # But we can't allow both route_data and route_list
+
+ if (defined $$hash{"route_data"} && defined $$hash{"route_list"})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** An Exim 3 'domainlist' router called '$name' contained a 'route_list'\n" .
+" option as well as a setting of 'route_file', 'route_query', or\n" .
+" 'route_queries'. The latter has been turned into a 'route_data' setting,\n".
+" but in Exim 4 you can't have both 'route_data' and 'route_list'. You'll\n" .
+" have to rewrite this router; in the meantime, 'route_list' has been\n" .
+" omitted.\n";
+ print STDOUT "#!!# route_list option removed\n";
+ delete $$hash{"route_list"};
+ }
+
+ # Change bydns_a into bydns in a route_list; also bydns_mx, but that
+ # works differently.
+
+ if (defined $$hash{"route_list"})
+ {
+ $$hash{"route_list"} =~ s/bydns_a/bydns/g;
+ if ($$hash{"route_list"} =~ /bydns_mx/)
+ {
+ $$hash{"route_list"} =~ s/bydns_mx/bydns/g;
+ &rubric();
+ print STDERR "\n" .
+"*** An Exim 3 'domainlist' router called '$name' contained a 'route_list'\n" .
+" option which used 'bydns_mx'. This feature no longer exists in Exim 4.\n" .
+" It has been changed to 'bydns', but it won't have the same effect,\n" .
+" because it will look for A rather than MX records. Use the 'dnslookup'\n" .
+" router to do MX lookups - if you want to override the hosts found from\n" .
+" MX records, you should route to a special 'smtp' transport which has\n" .
+" both 'hosts' and 'hosts_override' set.\n";
+ }
+ }
+
+ # Arrange to not expand regex
+
+ $$hash{"route_list"} = &no_expand_regex($$hash{"route_list"}, ";")
+ if (defined $$hash{"route_list"})
+ }
+
+
+ # ---- Changes to iplookup router ----
+
+ elsif ($driver eq "iplookup")
+ {
+ &renamed($hash, "service", "port");
+ }
+
+
+ # ---- Changes to lookuphost router ----
+
+ elsif ($driver eq "lookuphost")
+ {
+ $$hash{"driver"} = "dnslookup";
+
+ if (defined $$hash{"gethostbyname"})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** An Exim 3 'lookuphost' router called '$name' used the 'gethostbyname'\n" .
+" option, which no longer exists. You will have to rewrite it.\n";
+ print STDOUT "#!!# gethostbyname option removed\n";
+ delete $$hash{"gethostbyname"};
+ }
+
+ $$hash{"mx_domains"} = &no_expand_regex($$hash{"mx_domains"})
+ if defined $$hash{"mx_domains"};
+ }
+
+
+ # ---- Changes to the queryprogram router ----
+
+ elsif ($driver eq "queryprogram")
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The configuration contains a 'queryprogram' router. Please note that\n" .
+" the specification for the text that is returned by the program run\n" .
+" by this router has changed in Exim 4. You will need to modify your\n" .
+" program.\n";
+
+ if (!defined $$hash{'command_user'})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The 'queryprogram' router called '$name' does not have a setting for\n" .
+" the 'command_user' option. This is mandatory in Exim 4. A setting of\n" .
+" 'nobody' has been created.\n";
+ $$hash{"command_user"} = "nobody";
+ }
+ }
+
+
+ # -------------------------------------
+
+ # Output the router's option settings
+
+ &outdriver($hash);
+ next;
+ }
+
+ # Skip past any continuation lines for an option setting
+ while ($c[$i] =~ /\\\s*$/s && $i < $clen - 1)
+ {
+ $i++;
+ $i++ while ($c[$i] =~ /^\s*#/);
+ }
+ }
+
+# Add "no_more" to the final driver from the old routers, provided it had no
+# conditions. Otherwise, or if there were no routers, make up one to fail all
+# non-local domains.
+
+if ($add_no_more)
+ {
+ print STDOUT " no_more\n";
+ print STDOUT shift @comments while scalar(@comments) > 0;
+ }
+else
+ {
+ print STDOUT shift @comments while scalar(@comments) > 0;
+ print STDOUT "\n#!!# This new router is put here to fail all domains that\n";
+ print STDOUT "#!!# were not in local_domains in the Exim 3 configuration.\n\n";
+ print STDOUT "fail_remote_domains:\n";
+ print STDOUT " driver = redirect\n";
+ print STDOUT " domains = ! +local_domains\n";
+ print STDOUT " allow_fail\n";
+ print STDOUT " data = :fail: unrouteable mail domain \"\$domain\"\n\n";
+ }
+
+# Now copy the directors, making appropriate changes
+
+print STDOUT "\n";
+print STDOUT "#!!#######################################################!!#\n";
+print STDOUT "#!!# Here follow routers created from the old directors, #!!#\n";
+print STDOUT "#!!# for handling local domains. #!!#\n";
+print STDOUT "#!!#######################################################!!#\n";
+
+$prefix = "d.";
+for ($i = $director_start; $i < $clen; $i++)
+ {
+ $type = &checkline($c[$i]);
+ last if $type eq "end";
+
+ if ($type eq "comment") { print STDOUT "$c[$i]\n"; next; }
+
+ undef $second_router;
+
+ if ($type eq "driver")
+ {
+ $hash = $driverlist{"$prefix$name"};
+ $driver = $$hash{"driver"};
+ print STDOUT "$name:\n";
+
+ $$hash{"caseful_local_part"} = "true" if $add_caseful_local_part;
+
+ if (defined $$hash{"local_parts"} &&
+ (defined $$hash{"prefix"} || defined $hash{"suffix"}))
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The Exim 3 configuration contains a director called '$name' which has\n" .
+" 'local_parts' set, together with either or both of 'prefix' and 'suffix'\n".
+" This combination has a different effect in Exim 4, where the affix\n" .
+" is removed *before* 'local_parts' is tested. You will probably need\n" .
+" to make changes to this driver.\n";
+ }
+
+ &renamed($hash, "prefix", "local_part_prefix");
+ &renamed($hash, "prefix_optional", "local_part_prefix_optional");
+ &renamed($hash, "suffix", "local_part_suffix");
+ &renamed($hash, "suffix_optional", "local_part_suffix_optional");
+ &renamed($hash, "new_director", "redirect_router");
+
+ &handle_current_and_home_directory($hash, $driver, $name);
+
+ # If the director had a require_files setting, check it for user names
+ # and colons that are part of expansion items
+
+ if (defined $$hash{"require_files"})
+ {
+ &check_require($$hash{"require_files"}, "'$name' director");
+ if (($$hash{"require_files"} =~ s/(\$\{\w+):/$1::/g) > 0 ||
+ ($$hash{"require_files"} =~ s/ldap:/ldap::/g) > 0)
+ {
+ &rubric();
+ print STDERR "\n" .
+"*** A setting of require_files in the $name director contains\n" .
+" a colon in what appears to be an expansion item. In Exim 3, the\n" .
+" whole string was expanded before splitting the list, but in Exim 4\n" .
+" each item is expanded separately, so colons that are not list\n" .
+" item separators have to be doubled. One or more such colons in this\n" .
+" list have been doubled as a precaution. Please check the result.\n";
+ }
+ }
+
+ # If the director had a "senders" setting, munge the address list
+
+ $$hash{"senders"} = &sort_address_list($$hash{"senders"}, "senders")
+ if defined $$hash{"senders"};
+
+ # ---- Changes to aliasfile director ----
+
+ if ($driver eq "aliasfile")
+ {
+ &abolished($hash, "An aliasfile director",
+ "directory2_transport", "freeze_missing_include",
+ "modemask", "owners", "owngroups");
+
+ $$hash{"driver"} = "redirect";
+
+ $key = "\$local_part";
+ $key = "\$local_part\@\$domain"
+ if defined $$hash{"include_domain"} &&
+ $$hash{"include_domain"} eq "true";
+ delete $$hash{"include_domain"};
+
+ if (defined $$hash{"forbid_special"} && $$hash{"forbid_special"} eq "true")
+ {
+ $$hash{"forbid_blackhole"} = "true";
+ }
+ else
+ {
+ $$hash{"allow_defer"} = "true";
+ $$hash{"allow_fail"} = "true";
+ }
+ delete $$hash{"forbid_special"};
+
+ # Deal with "file", "query", or "queries"
+
+ if (defined $$hash{"file"})
+ {
+ $$hash{"data"} =
+ "\$\{lookup\{$key\}$$hash{'search_type'}\{$$hash{'file'}\}\}";
+ if (defined $$hash{"optional"} && $$hash{"optional"} eq "true")
+ {
+ $$hash{"data"} =
+ "\$\{if exists\{$$hash{'file'}\}\{$$hash{'data'}\}\}";
+ }
+ delete $$hash{"optional"};
+ }
+ elsif (defined $$hash{"query"})
+ {
+ &abolished($hash, "An aliasfile director", "optional");
+ $$hash{"data"} = "\${lookup $$hash{'search_type'} " .
+ "\{" . &unquote($$hash{'query'}) . "\}\}";
+ }
+ else # Must be queries
+ {
+ &abolished($hash, "An aliasfile director", "optional");
+ $endkets = 0;
+ $$hash{"data"} = "";
+ $queries = $$hash{'queries'};
+ $queries =~ s/^"(.*)"$/$1/s;
+ $queries =~ s/::/++colons++/g;
+ @qq = split(/:/, $queries);
+
+ foreach $q (@qq)
+ {
+ $q =~ s/\+\+colons\+\+/:/g;
+ $q =~ s/^\s+//;
+ $q =~ s/\s+$//;
+ if ($endkets > 0)
+ {
+ $$hash{"data"} .= "\\\n {";
+ $endkets++;
+ }
+ $$hash{"data"} .= "\${lookup $$hash{'search_type'} \{$q\}\{\$value\}";
+ $endkets++;
+ }
+
+ $$hash{"data"} .= "}" x $endkets;
+ }
+
+ $$hash{"data"} = "\${expand:$$hash{'data'}\}"
+ if (defined $$hash{"expand"} && $$hash{"expand"} eq "true");
+
+ delete $$hash{"expand"};
+ delete $$hash{"file"};
+ delete $$hash{"query"};
+ delete $$hash{"queries"};
+ delete $$hash{"search_type"};
+
+ # Turn aliasfile + transport into accept + condition
+
+ if (defined $$hash{'transport'})
+ {
+ &rubric();
+ if (!defined $$hash{'condition'})
+ {
+ print STDERR "\n" .
+"** The Exim 3 configuration contains an aliasfile director called '$name',\n".
+" which has 'transport' set. This has been turned into an 'accept' router\n".
+" with a 'condition' setting, but should be carefully checked.\n";
+ $$hash{'driver'} = "accept";
+ $$hash{'condition'} =
+ "\$\{if eq \{\}\{$$hash{'data'}\}\{no\}\{yes\}\}";
+ delete $$hash{'data'};
+ delete $$hash{'allow_defer'};
+ delete $$hash{'allow_fail'};
+ }
+ else
+ {
+ print STDERR "\n" .
+"** The Exim 3 configuration contains an aliasfile director called '$name',\n".
+" which has 'transport' set. This cannot be turned into an 'accept' router\n".
+" with a 'condition' setting, because there is already a 'condition'\n" .
+" setting. It has been left as 'redirect' with a transport, which is\n" .
+" invalid - you must sort this one out.\n";
+ }
+ }
+ }
+
+
+ # ---- Changes to forwardfile director ----
+
+ elsif ($driver eq "forwardfile")
+ {
+ &abolished($hash, "A forwardfile director",
+ "check_group", "directory2_transport",
+ "freeze_missing_include", "match_directory",
+ "seteuid");
+
+ &renamed($hash, "filter", "allow_filter");
+
+ $$hash{"driver"} = "redirect";
+ $$hash{"check_local_user"} = "true"
+ if !defined $$hash{"check_local_user"};
+
+ if (defined $$hash{"forbid_pipe"} && $$hash{"forbid_pipe"} eq "true")
+ {
+ print STDOUT "#!!# forbid_filter_run added because forbid_pipe is set\n";
+ $$hash{"forbid_filter_run"} = "true";
+ }
+
+ if (defined $$hash{'allow_system_actions'} &&
+ $$hash{'allow_system_actions'} eq 'true')
+ {
+ $$hash{'allow_freeze'} = "true";
+ }
+ delete $$hash{'allow_system_actions'};
+
+ # If file_directory is defined, use it to qualify relative paths; if not,
+ # and check_local_user is defined, use $home. Remove file_directory from
+ # the output.
+
+ $dir = "";
+ if (defined $$hash{"file_directory"})
+ {
+ $dir = $$hash{"file_directory"} . "/";
+ delete $$hash{"file_directory"};
+ }
+ elsif ($$hash{"check_local_user"} eq "true")
+ {
+ $dir = "\$home/";
+ }
+
+ # If it begins with an upper case letter, guess that this is really
+ # a macro.
+
+ if (defined $$hash{"file"} && $$hash{"file"} !~ /^[\/A-Z]/)
+ {
+ $$hash{"file"} = $dir . $$hash{"file"};
+ }
+ }
+
+
+ # ---- Changes to localuser director ----
+
+ elsif ($driver eq "localuser")
+ {
+ &abolished($hash, "A localuser director", "match_directory");
+ $$hash{"driver"} = "accept";
+ $$hash{"check_local_user"} = "true";
+ }
+
+
+ # ---- Changes to smartuser director ----
+
+ elsif ($driver eq "smartuser")
+ {
+ &abolished($hash, "A smartuser director", "panic_expansion_fail");
+
+ $transport = $$hash{"transport"};
+ $new_address = $$hash{"new_address"};
+
+ if (defined $transport && defined $new_address)
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The Exim 3 configuration contains a smartuser director called '$name',\n".
+" which has both 'transport' and 'new_address' set. This has been turned\n".
+" into two routers for Exim 4. However, if the new address contains a\n" .
+" reference to \$local_part, this won't work correctly. In any case, you\n".
+" may be able to make it tidier by rewriting.\n";
+ $$hash{"driver"} = "redirect";
+ $$hash{"data"} = $new_address;
+ $$hash{"redirect_router"} = "${name}_part2";
+
+ $second_router = "\n".
+ "#!!# This router is invented to go with the previous one because\n".
+ "#!!# in Exim 4 you can't have a change of address and a transport\n".
+ "#!!# setting in the same router as you could in Exim 3.\n\n" .
+ "${name}_part2:\n".
+ " driver = accept\n".
+ " condition = \$\{if eq\{\$local_part@\$domain\}" .
+ "\{$new_address\}\{yes\}\{no\}\}\n".
+ " transport = $$hash{'transport'}\n";
+
+ delete $$hash{"new_address"};
+ delete $$hash{"transport"};
+ }
+ elsif (defined $new_address)
+ {
+ $$hash{"driver"} = "redirect";
+ $$hash{"data"} = $new_address;
+ $$hash{"allow_defer"} = "true";
+ $$hash{"allow_fail"} = "true";
+ delete $$hash{"new_address"};
+ }
+ else # Includes the case of neither set (verify_only)
+ {
+ $$hash{"driver"} = "accept";
+ if (defined $$hash{"rewrite"})
+ {
+ &rubric();
+ print STDERR "\n" .
+"** The Exim 3 configuration contains a setting of the 'rewrite' option on\n".
+" a smartuser director called '$name', but this director does not have\n".
+" a setting of 'new_address', so 'rewrite' has no effect. The director\n".
+" has been turned into an 'accept' router, and 'rewrite' has been discarded.";
+ delete $$hash{"rewrite"};
+ }
+ }
+ }
+
+
+ # -------------------------------------
+
+ # For ex-directors that don't have check_local_user set, add
+ # retry_use_local_part to imitate what Exim 3 would have done.
+
+ $$hash{"retry_use_local_part"} = "true"
+ if (!defined $$hash{"check_local_user"} ||
+ $$hash{"check_local_user"} eq "false") ;
+
+ # Output the router's option settings
+
+ &outdriver($hash);
+
+ # Output an auxiliary router if one is needed
+
+ print STDOUT $second_router if defined $second_router;
+
+ next;
+ }
+
+ # Skip past any continuation lines for an option setting
+ while ($c[$i] =~ /\\\s*$/s)
+ {
+ $i++;
+ $i++ while ($c[$i] =~ /^\s*#/);
+ }
+ }
+
+
+
+# -------- The transports configuration --------
+
+$started = 0;
+$prefix = "t.";
+for ($i = $transport_start; $i < $clen; $i++)
+ {
+ $type = &checkline($c[$i]);
+ last if $type eq "end";
+
+ if ($type eq "comment") { print STDOUT "$c[$i]\n"; next; }
+
+ if (!$started)
+ {
+ print STDOUT "begin transports\n\n";
+ $started = 1;
+ }
+
+ if ($type eq "driver")
+ {
+ $hash = $driverlist{"$prefix$name"};
+ $driver = $$hash{"driver"};
+ print STDOUT "$name:\n";
+
+ # ---- Changes to the appendfile transport ----
+
+ if ($driver eq "appendfile")
+ {
+ &renamed($hash, "prefix", "message_prefix");
+ &renamed($hash, "suffix", "message_suffix");
+ &abolished($hash, "An appendfile transport",
+ "require_lockfile");
+ &handle_batch_and_bsmtp($hash);
+ if (defined $$hash{"from_hack"} && $$hash{"from_hack"} eq "false")
+ {
+ print STDOUT "#!!# no_from_hack replaced by check_string\n";
+ $$hash{"check_string"} = "";
+ }
+ delete $$hash{"from_hack"};
+ }
+
+ # ---- Changes to the lmtp transport ----
+
+ elsif ($driver eq "lmtp")
+ {
+ if (defined $$hash{"batch"} && $$hash{"batch"} ne "none")
+ {
+ $$hash{"batch_max"} = "100" if !defined $$hash{"batch_max"};
+ $$hash{"batch_id"} = "\$domain" if $$hash{"batch"} eq "domain";
+ }
+ else
+ {
+ $$hash{"batch_max"} = "1" if defined $$hash{"batch_max"};
+ }
+ delete $$hash{"batch"};
+ }
+
+ # ---- Changes to the pipe transport ----
+
+ elsif ($driver eq "pipe")
+ {
+ &renamed($hash, "prefix", "message_prefix");
+ &renamed($hash, "suffix", "message_suffix");
+ &handle_batch_and_bsmtp($hash);
+ if (defined $$hash{"from_hack"} && $$hash{"from_hack"} eq "false")
+ {
+ print STDOUT "#!!# no_from_hack replaced by check_string\n";
+ $$hash{"check_string"} = "";
+ }
+ delete $$hash{"from_hack"};
+ }
+
+ # ---- Changes to the smtp transport ----
+
+ elsif ($driver eq "smtp")
+ {
+ &abolished($hash, "An smtp transport", "mx_domains");
+ &renamed($hash, "service", "port");
+ &renamed($hash, "tls_verify_ciphers", "tls_require_ciphers");
+ &renamed($hash, "authenticate_hosts", "hosts_try_auth");
+
+ if (defined $$hash{"batch_max"})
+ {
+ print STDOUT "#!!# batch_max renamed connection_max_messages\n";
+ $$hash{"connection_max_messages"} = $$hash{"batch_max"};
+ delete $$hash{"batch_max"};
+ }
+
+ foreach $o ("hosts_try_auth", "hosts_avoid_tls", "hosts_require_tls",
+ "mx_domains", "serialize_hosts")
+ {
+ $$hash{$o} = &no_expand_regex($$hash{$o}) if defined $$hash{$o};
+ }
+ }
+
+ &outdriver($driverlist{"$prefix$name"});
+ next;
+ }
+
+ # Skip past any continuation lines for an option setting
+ while ($c[$i] =~ /\\\s*$/s)
+ {
+ $i++;
+ $i++ while ($c[$i] =~ /^\s*#/);
+ }
+ }
+
+
+# -------- The retry configuration --------
+
+$started = 0;
+for ($i = $retry_start; $i < $clen && $i < $rewrite_start - 1; $i++)
+ {
+ if (!$started)
+ {
+ if ($c[$i] !~ /^\s*(#|$)/)
+ {
+ print STDOUT "\nbegin retry\n\n";
+ $started = 1;
+ }
+ }
+ &print_no_expand($c[$i]);
+ }
+
+print STDOUT "\n# End of Exim 4 configuration\n";
+
+print STDERR "\n*******************************************************\n";
+print STDERR "***** Please review the generated file carefully. *****\n";
+print STDERR "*******************************************************\n\n";
+
+# End of convert4r4
+