* Copyright (c) 1983 Eric P. Allman
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
* %sccs.include.redist.c%
static char sccsid
[] = "@(#)savemail.c 8.60 (Berkeley) %G%";
** SAVEMAIL -- Save mail on error
** If mailing back errors, mail it back to the originator
** together with an error message; otherwise, just put it in
** dead.letter in the user's home directory (if he exists on
** e -- the envelope containing the message in error.
** sendbody -- if TRUE, also send back the body of the
** message; otherwise just send the header.
** Saves the letter, by writing or mailing it back to the
** sender, or by putting it in dead.letter in her home
/* defines for state machine */
# define ESM_REPORT 0 /* report to sender's terminal */
# define ESM_MAIL 1 /* mail back to sender */
# define ESM_QUIET 2 /* messages have already been returned */
# define ESM_DEADLETTER 3 /* save in ~/dead.letter */
# define ESM_POSTMASTER 4 /* return to postmaster */
# define ESM_USRTMP 5 /* save in /usr/tmp/dead.letter */
# define ESM_PANIC 6 /* leave the locked queue/transcript files */
# define ESM_DONE 7 /* the message is successfully delivered */
# define _PATH_VARTMP "/usr/tmp/"
register struct passwd
*pw
;
extern struct passwd
*getpwnam();
printf("\nsavemail, errormode = %c, id = %s, ExitStat = %d\n e_from=",
e
->e_errormode
, e
->e_id
== NULL
? "NONE" : e
->e_id
,
printaddr(&e
->e_from
, FALSE
);
/* can't return a message with no id */
** In the unhappy event we don't know who to return the mail
if (CurEnv
->e_returnto
== NULL
)
CurEnv
->e_returnto
= parse("root", (ADDRESS
*) NULL
, 0);
if (CurEnv
->e_returnto
== NULL
)
syserr("553 Cannot parse Postmaster!");
** This machine runs through the following states:
** ESM_QUIET Errors have already been printed iff the
** ESM_REPORT Report directly to the sender's terminal.
** ESM_MAIL Mail response to the sender.
** ESM_DEADLETTER Save response in ~/dead.letter.
** ESM_POSTMASTER Mail response to the postmaster.
** ESM_PANIC Save response anywhere possible.
/* determine starting state */
/* mail back, but return o.k. exit status */
/* no need to return anything at all */
syserr("554 savemail: bogus errormode x%x\n", e
->e_errormode
);
/* if this is already an error response, send to postmaster */
if (bitset(EF_RESPONSE
, e
->e_flags
))
if (e
->e_parent
!= NULL
&&
bitset(EF_RESPONSE
, e
->e_parent
->e_flags
))
/* got an error sending a response -- can it */
while (state
!= ESM_DONE
)
printf(" state %d\n", state
);
if (bitnset(M_LOCALMAILER
, e
->e_from
.q_mailer
->m_flags
))
** If the user is still logged in on the same terminal,
** then write the error messages back to hir (sic).
if (p
== NULL
|| freopen(p
, "w", stdout
) == NULL
)
expand("\201n", buf
, sizeof buf
, e
);
printf("\r\nMessage from %s...\r\n", buf
);
printf("Errors occurred while sending mail.\r\n");
fp
= fopen(queuename(e
, 'x'), "r");
syserr("Cannot open %s", queuename(e
, 'x'));
printf("Transcript of session is unavailable.\r\n");
printf("Transcript follows:\r\n");
while (fgets(buf
, sizeof buf
, fp
) != NULL
&&
(void) xfclose(fp
, "savemail transcript", e
->e_id
);
printf("Original message will be saved in dead.letter.\r\n");
** If mailing back, do it.
** Throw away all further output. Don't alias,
** since this could cause loops, e.g., if joe
** mails to joe@x, and for some reason the network
** for @x is down, then the response gets sent to
** joe@x, which gives a response, etc. Also force
** the mail to be delivered even if a version of
** it has already been sent to the sender.
** If this is a configuration or local software
** error, send to the local postmaster as well,
** since the originator can't do anything
** about it anyway. Note that this is a full
** copy of the message (intentionally) so that
** the Postmaster can forward things along.
if (ExitStat
== EX_CONFIG
|| ExitStat
== EX_SOFTWARE
)
(void) sendtolist("postmaster",
NULLADDR
, &e
->e_errorqueue
, 0, e
);
if (!emptyaddr(&e
->e_from
))
(void) sendtolist(e
->e_from
.q_paddr
,
NULLADDR
, &e
->e_errorqueue
, 0, e
);
** Deliver a non-delivery report to the
** Postmaster-designate (not necessarily
** Postmaster). This does not include the
** body of the message, for privacy reasons.
** You really shouldn't need this.
e
->e_flags
|= EF_PM_NOTIFY
;
/* check to see if there are any good addresses */
for (q
= e
->e_errorqueue
; q
!= NULL
; q
= q
->q_next
)
if (!bitset(QBADADDR
|QDONTSEND
, q
->q_flags
))
/* this is an error-error */
if (returntosender(e
->e_message
, e
->e_errorqueue
,
/* didn't work -- return to postmaster */
** Similar to previous case, but to system postmaster.
if (sendtolist("postmaster", NULL
, &q
, 0, e
) <= 0)
syserr("553 cannot parse postmaster!");
if (returntosender(e
->e_message
, q
, sendbody
, e
) == 0)
/* didn't work -- last resort */
** Save the message in dead.letter.
** If we weren't mailing back, and the user is
** local, we should save the message in
** ~/dead.letter so that the poor person doesn't
** have to type it over again -- and we all know
** what poor typists UNIX users are.
if (bitnset(M_HASPWENT
, e
->e_from
.q_mailer
->m_flags
))
if (e
->e_from
.q_home
!= NULL
)
else if ((pw
= getpwnam(e
->e_from
.q_user
)) != NULL
)
/* we have a home directory; open dead.letter */
expand("\201z/dead.letter", buf
, sizeof buf
, e
);
message("Saving message in %s", buf
);
(void) sendtolist(buf
, &e
->e_from
, &q
, 0, e
);
!bitset(QBADADDR
, q
->q_flags
) &&
/* no data file -- try mailing back */
** Log the mail in /usr/tmp/dead.letter.
if (SafeFileEnv
!= NULL
&& SafeFileEnv
[0] != '\0')
strcpy(buf
, _PATH_VARTMP
);
strcat(buf
, "dead.letter");
if (!writable(buf
, NULLADDR
, SFF_NOSLINK
|SFF_CREAT
))
fp
= safefopen(buf
, O_WRONLY
|O_CREAT
|O_APPEND
,
FileMode
, SFF_NOSLINK
|SFF_REGONLY
);
bzero(&mcibuf
, sizeof mcibuf
);
mcibuf
.mci_mailer
= FileMailer
;
if (bitnset(M_7BITS
, FileMailer
->m_flags
))
mcibuf
.mci_flags
|= MCIF_7BIT
;
(*e
->e_puthdr
)(&mcibuf
, e
->e_header
, e
);
(*e
->e_putbody
)(&mcibuf
, e
, NULL
);
state
= ferror(fp
) ? ESM_PANIC
: ESM_DONE
;
(void) xfclose(fp
, "savemail", buf
);
syserr("554 savemail: unknown state %d", state
);
/* leave the locked queue & transcript files around */
loseqfile(e
, "savemail panic");
syserr("!554 savemail: cannot save rejected email anywhere");
** RETURNTOSENDER -- return a message to the sender with an error.
** msg -- the explanatory message.
** returnq -- the queue of people to send the message to.
** sendbody -- if TRUE, also send back the body of the
** message; otherwise just send the header.
** e -- the current envelope.
** zero -- if everything went ok.
** Returns the current message to the sender via
#define MAXRETURNS 6 /* max depth of returning messages */
#define ERRORFUDGE 100 /* nominal size of error message text */
returntosender(msg
, returnq
, sendbody
, e
)
extern putheader(), errbody();
ENVELOPE
*oldcur
= CurEnv
;
msg
= "Unable to deliver mail";
printf("\n*** Return To Sender: msg=\"%s\", depth=%d, e=%x, returnq=",
printaddr(returnq
, TRUE
);
printaddr(e
->e_sendqueue
, TRUE
);
if (++returndepth
>= MAXRETURNS
)
if (returndepth
!= MAXRETURNS
)
syserr("554 returntosender: infinite recursion on %s", returnq
->q_paddr
);
/* don't "unrecurse" and fake a clean exit */
define('g', e
->e_from
.q_paddr
, e
);
/* initialize error envelope */
ee
= newenvelope(&errenvelope
, e
);
define('a', "\201b", ee
);
define('r', "internal", ee
);
define('s', "localhost", ee
);
define('_', "localhost", ee
);
ee
->e_puthdr
= putheader
;
ee
->e_flags
|= EF_RESPONSE
|EF_METOO
;
if (!bitset(EF_OLDSTYLE
, e
->e_flags
))
ee
->e_flags
&= ~EF_OLDSTYLE
;
ee
->e_sendqueue
= returnq
;
ee
->e_msgsize
= ERRORFUDGE
;
ee
->e_msgsize
+= e
->e_msgsize
;
for (q
= returnq
; q
!= NULL
; q
= q
->q_next
)
if (bitset(QBADADDR
, q
->q_flags
))
if (!DontPruneRoutes
&& pruneroute(q
->q_paddr
))
parseaddr(q
->q_paddr
, q
, RF_COPYPARSE
, '\0', NULL
, e
);
for (p
= returnq
; p
!= NULL
; p
= p
->q_next
)
if (p
!= q
&& sameaddr(p
, q
))
if (!bitset(QDONTSEND
, q
->q_flags
))
addheader("To", q
->q_paddr
, &ee
->e_header
);
syslog(LOG_INFO
, "%s: %s: returntosender: %s",
if (strncasecmp(msg
, "warning:", 8) != 0)
(void) sprintf(buf
, "Returned mail: %s", msg
);
addheader("Subject", msg
, ee
);
/* fake up an address header for the from person */
expand("\201n", buf
, sizeof buf
, e
);
if (parseaddr(buf
, &ee
->e_from
, RF_COPYALL
|RF_SENDERADDR
, '\0', NULL
, e
) == NULL
)
syserr("553 Can't parse myself!");
ee
->e_sender
= ee
->e_from
.q_paddr
;
/* push state into submessage */
define('f', "\201n", ee
);
define('x', "Mail Delivery Subsystem", ee
);
/* actually deliver the error message */
/* should check for delivery errors here */
** ERRBODY -- output the body of an error message.
** Typically this is a copy of the transcript plus a copy of the
** original offending message.
** mci -- the mailer connection information.
** e -- the envelope we are working in.
** separator -- any possible MIME separator.
** flags -- to modify the behaviour.
** Outputs the body of an error message.
errbody(mci
, e
, separator
)
if (bitset(MCIF_INHEADER
, mci
->mci_flags
))
mci
->mci_flags
&= ~MCIF_INHEADER
;
syserr("errbody: null parent");
putline(" ----- Original message lost -----\n", mci
);
if (e
->e_msgboundary
!= NULL
)
putline("This is a MIME-encapsulated message", mci
);
(void) sprintf(buf
, "--%s", e
->e_msgboundary
);
** Output introductory information.
for (q
= e
->e_parent
->e_sendqueue
; q
!= NULL
; q
= q
->q_next
)
if (bitset(QBADADDR
, q
->q_flags
))
!bitset(EF_FATALERRS
|EF_SENDRECEIPT
, e
->e_parent
->e_flags
))
putline(" **********************************************",
putline(" ** THIS IS A WARNING MESSAGE ONLY **",
putline(" ** YOU DO NOT NEED TO RESEND YOUR MESSAGE **",
putline(" **********************************************",
sprintf(buf
, "The original message was received at %s",
arpadate(ctime(&e
->e_parent
->e_ctime
)));
expand("from \201_", buf
, sizeof buf
, e
->e_parent
);
** Output error message header (if specified and available).
if (ErrMsgFile
!= NULL
&& !bitset(EF_SENDRECEIPT
, e
->e_parent
->e_flags
))
xfile
= fopen(ErrMsgFile
, "r");
while (fgets(buf
, sizeof buf
, xfile
) != NULL
)
expand(buf
, buf
, sizeof buf
, e
);
expand(ErrMsgFile
, buf
, sizeof buf
, e
);
** Output message introduction
for (q
= e
->e_parent
->e_sendqueue
; q
!= NULL
; q
= q
->q_next
)
if (bitset(QBADADDR
|QREPORT
|QRELAYED
|QEXPLODED
, q
->q_flags
))
if (bitset(QBADADDR
, q
->q_flags
))
strcat(buf
, " (unrecoverable error)");
else if (!bitset(QPRIMARY
, q
->q_flags
))
else if (bitset(QRELAYED
, q
->q_flags
))
strcat(buf
, " (relayed to non-DSN-aware mailer)");
else if (bitset(QSENT
, q
->q_flags
))
strcat(buf
, " (successfully delivered)");
else if (bitset(QEXPLODED
, q
->q_flags
))
strcat(buf
, " (expanded by mailing list)");
strcat(buf
, " (transient failure)");
putline(" ----- The following addresses have delivery notifications -----",
strcpy(buf
, " (expanded from: ");
strcat(buf
, q
->q_alias
->q_paddr
);
** Output transcript of errors
p
= queuename(e
->e_parent
, 'x');
if ((xfile
= fopen(p
, "r")) == NULL
)
syserr("Cannot open %s", p
);
putline(" ----- Transcript of session is unavailable -----\n", mci
);
putline(" ----- Transcript of session follows -----\n", mci
);
while (fgets(buf
, sizeof buf
, xfile
) != NULL
)
(void) xfclose(xfile
, "errbody xscript", p
);
** Output machine-readable version.
if (e
->e_msgboundary
!= NULL
)
(void) sprintf(buf
, "--%s", e
->e_msgboundary
);
putline("Content-Type: message/X-delivery-status-2 (Draft of 20 January 1995)", mci
);
** Output per-message information.
/* original envelope id from MAIL FROM: line */
if (e
->e_parent
->e_envid
!= NULL
)
(void) sprintf(buf
, "Original-Envelope-Id: %s",
xtextify(e
->e_parent
->e_envid
));
/* Reporting-MTA: is us (required) */
p
= e
->e_parent
->e_from
.q_mailer
->m_mtatype
;
(void) sprintf(buf
, "Reporting-MTA: %s; %s", p
,
/* Received-From-MTA: shows where we got this message from */
if (RealHostName
!= NULL
)
/* XXX use $s for type? */
p
= e
->e_parent
->e_from
.q_mailer
->m_mtatype
;
(void) sprintf(buf
, "Received-From-MTA: %s; %s",
p
, xtextify(RealHostName
));
/* Arrival-Date: -- when it arrived here */
(void) sprintf(buf
, "Arrival-Date: %s",
arpadate(ctime(&e
->e_parent
->e_ctime
)));
** Output per-address information.
for (q
= e
->e_parent
->e_sendqueue
; q
!= NULL
; q
= q
->q_next
)
if (bitset(QBADADDR
, q
->q_flags
))
else if (!bitset(QPRIMARY
, q
->q_flags
))
else if (bitset(QRELAYED
, q
->q_flags
))
else if (bitset(QEXPLODED
, q
->q_flags
))
action
= "delivered (to mailing list)";
else if (bitset(QSENT
, q
->q_flags
) &&
bitnset(M_LOCALMAILER
, q
->q_mailer
->m_flags
))
action
= "delivered (final delivery)";
else if (bitset(QREPORT
, q
->q_flags
))
/* Original-Recipient: -- passed from on high */
(void) sprintf(buf
, "Original-Recipient: %s",
/* Final-Recipient: -- the name from the RCPT command */
p
= e
->e_parent
->e_from
.q_mailer
->m_addrtype
;
for (r
= q
; r
->q_alias
!= NULL
; r
= r
->q_alias
)
if (strchr(r
->q_user
, '@') == NULL
)
(void) sprintf(buf
, "Final-Recipient: %s; %s@",
strcat(buf
, xtextify(MyHostName
));
(void) sprintf(buf
, "Final-Recipient: %s; %s",
/* X-Actual-Recipient: -- the real problem address */
if (strchr(q
->q_user
, '@') == NULL
)
(void) sprintf(buf
, "X-Actual-Recipient: %s; %s@",
strcat(buf
, xtextify(MyHostName
));
(void) sprintf(buf
, "X-Actual-Recipient: %s; %s",
/* Action: -- what happened? */
sprintf(buf
, "Action: %s", action
);
/* Status: -- what _really_ happened? */
strcat(buf
, q
->q_status
);
else if (bitset(QBADADDR
, q
->q_flags
))
else if (bitset(QQUEUEUP
, q
->q_flags
))
/* Remote-MTA: -- who was I talking to? */
p
= q
->q_mailer
->m_mtatype
;
(void) sprintf(buf
, "Remote-MTA: %s; ", p
);
if (q
->q_statmta
!= NULL
)
else if (q
->q_host
!= NULL
&& q
->q_host
[0] != '\0')
p
= &buf
[strlen(buf
) - 1];
/* Diagnostic-Code: -- actual result from other end */
if (q
->q_rstatus
!= NULL
)
p
= q
->q_mailer
->m_diagtype
;
(void) sprintf(buf
, "Diagnostic-Code: %s; %s",
/* Last-Attempt-Date: -- fine granularity */
if (q
->q_statdate
== (time_t) 0L)
q
->q_statdate
= curtime();
(void) sprintf(buf
, "Last-Attempt-Date: %s",
arpadate(ctime(&q
->q_statdate
)));
/* Expiry-Date: -- for delayed messages only */
if (bitset(QQUEUEUP
, q
->q_flags
) &&
!bitset(QBADADDR
, q
->q_flags
))
xdate
= e
->e_ctime
+ TimeOuts
.to_q_return
[e
->e_timeoutclass
];
sprintf(buf
, "Expiry-Date: %s",
arpadate(ctime(&xdate
)));
** Output text of original message
if (bitset(EF_HAS_DF
, e
->e_parent
->e_flags
))
sendbody
= !bitset(EF_NO_BODY_RETN
, e
->e_parent
->e_flags
);
if (e
->e_msgboundary
== NULL
)
putline(" ----- Original message follows -----\n", mci
);
putline(" ----- Message header follows -----\n", mci
);
(void) fflush(mci
->mci_out
);
(void) sprintf(buf
, "--%s", e
->e_msgboundary
);
(void) sprintf(buf
, "Content-Type: message/rfc822%s",
mci
, sendbody
? "" : "-headers");
putheader(mci
, e
->e_parent
->e_header
, e
->e_parent
);
putbody(mci
, e
->e_parent
, e
->e_msgboundary
);
else if (e
->e_msgboundary
== NULL
)
putline(" ----- Message body suppressed -----", mci
);
else if (e
->e_msgboundary
== NULL
)
putline(" ----- No message was collected -----\n", mci
);
if (e
->e_msgboundary
!= NULL
)
(void) sprintf(buf
, "--%s--", e
->e_msgboundary
);
syserr("errbody: I/O error");
** SMTPTODSN -- convert SMTP to DSN status code
** smtpstat -- the smtp status code (e.g., 550).
** The DSN version of the status code.
case 450: /* Req mail action not taken: mailbox unavailable */
case 451: /* Req action aborted: local error in processing */
case 452: /* Req action not taken: insufficient sys storage */
case 500: /* Syntax error, command unrecognized */
case 501: /* Syntax error in parameters or arguments */
case 502: /* Command not implemented */
case 503: /* Bad sequence of commands */
case 504: /* Command parameter not implemented */
case 550: /* Req mail action not taken: mailbox unavailable */
case 551: /* User not local; please try <...> */
case 552: /* Req mail action aborted: exceeded storage alloc */
case 553: /* Req action not taken: mailbox name not allowed */
case 554: /* Transaction failed */
if ((smtpstat
/ 100) == 2)
if ((smtpstat
/ 100) == 4)
** XTEXTIFY -- take regular text and turn it into DSN-style xtext
** t -- the text to convert.
** The xtext-ified version of the same string.
/* figure out how long this xtext will have to be */
for (p
= t
; *p
!= '\0'; p
++)
register int c
= (*p
& 0xff);
/* ASCII dependence here -- this is the way the spec words it */
if ((c
< ' ' || c
> '~' || c
== '+' || c
== '\\' || c
== '(') &&
/* now allocate space if necessary for the new string */
/* ok, copy the text with byte expansion */
for (p
= bp
; *t
!= '\0'; )
register int c
= (*t
++ & 0xff);
/* ASCII dependence here -- this is the way the spec words it */
if (c
< '!' || c
> '~' || c
== '+' || c
== '\\' || c
== '(')
*p
++ = "0123456789abcdef"[c
>> 4];
*p
++ = "0123456789abcdef"[c
& 0xf];
** XTEXTOK -- check if a string is legal xtext
** Xtext is used in Delivery Status Notifications. The spec was
** taken from draft-ietf-notary-mime-delivery-04.txt.
** s -- the string to check.
** TRUE -- if 's' is legal xtext.
** FALSE -- if it has any illegal characters in it.
while ((c
= *s
++) != '\0')
if (!isascii(c
) || !isxdigit(c
))
if (!isascii(c
) || !isxdigit(c
))
else if (c
< '!' || c
> '~' || c
== '\\' || c
== '(')
** PRUNEROUTE -- prune an RFC-822 source route
** Trims down a source route to the last internet-registered hop.
** This is encouraged by RFC 1123 section 5.3.3.
** TRUE -- address was modified
** FALSE -- address could not be pruned
** modifies addr in-place
char *start
, *at
, *comma
;
char *mxhosts
[MAXMXHOSTS
+ 1];
/* check to see if this is really a route-addr */
if (*addr
!= '<' || addr
[1] != '@' || addr
[strlen(addr
) - 1] != '>')
start
= strchr(addr
, ':');
if (start
== NULL
|| at
== NULL
|| at
< start
)
/* slice off the angle brackets */
hostbuf
[strlen(hostbuf
) - 1] = '\0';
if (getmxrr(hostbuf
, mxhosts
, FALSE
, &rcode
) > 0)
strcpy(addr
+ 1, start
+ 1);
comma
= strrchr(addr
, ',');
if (comma
&& comma
[1] == '@')
strcpy(hostbuf
, comma
+ 2);