Mask66 [Fri, 10 Feb 2017 17:36:29 +0000 (18:36 +0100)]
use basename to select executable identity
We ran into problems calling dma (on FreeBSD) from the nagios check_mailq script, and found out that it behaves correctly when called as just "mailq", but incorrectly when called as "/usr/bin/mailq" (with a path) for example. This patch written by my colleague Klaus-Uwe Ittner corrects this.
Also reported as https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216910.
Zach Crownover [Fri, 5 Aug 2016 22:24:27 +0000 (15:24 -0700)]
dma - Fix security hole (#46)
Affecting DragonFly 4.6 and earlier, Matt Dillon fixed this in base after
finding out from BSDNow Episode 152. Comments following were from his commit
which explains better than I. Just taking his change and putting it here as well.
* dma makes an age-old mistake of not properly checking whether a file
owned by a user is a symlink or not, a bug which the original mail.local
also had.
* Add O_NOFOLLOW to disallow symlinks.
Thanks-to: BSDNow Episode 152, made me dive dma to check when they talked
about the mail.local bug.
dns: do not treat unreachable DNS server as permanent error
getaddrinfo() does not distinguish between "DNS server not reachable"
and "DNS server told me host does not exist". For SMARTHOSTS it is
better to defer than to bounce in order to survive network outages.
Simon Schubert [Sat, 18 Feb 2012 00:15:22 +0000 (01:15 +0100)]
implement queue flushing prod
So far dma would sleep for the whole backoff period before retrying a
delivery. However, this also meant that a user issuing `dma -q` could
not force these mails to be retried immediately.
Switch to sleeping for only 30 seconds at a time, and poll the mtime
of a special queue flush signal file `flush` in the spool directory.
If the flush file has been touched since the beginning of the backoff
period, initiate a retry right away.
When flushing the queue with `dma -q` we now touch the flush file to
make waiting instances of dma process this user request.
The 30 second poll interval at the same time avoids a DoS via
excessive `dma -q` by any user.
Simon Schubert [Fri, 17 Feb 2012 20:52:30 +0000 (21:52 +0100)]
don't treat -options following -q as argument to it
sendmail's -q takes an optional argument, but the way we use getopt(3)
does not support this. Work around this by backtracking if the
argument to -q starts with a dash, indicating that it is an option instead.
Simon Schubert [Wed, 7 Dec 2011 11:39:46 +0000 (12:39 +0100)]
deliver_local: quote "From " more liberally
It seems that when scanning for mails in mbox files, most MUAs just
look for lines beginning with "From ", and not only for "From " lines
after an empty line. Therefore quote "From " more liberally, and also
implement the mboxro format by quoting />*From / lines that have been
quoted before.
Reported-by: Pierre Frenkiel <pierre.frenkiel@gmail.com>
Simon Schubert [Tue, 15 Nov 2011 22:08:43 +0000 (23:08 +0100)]
Makefile: create spool directories in a separate target
On some systems we don't want to create these directories, so putting
them in a separate target allows downstream maintainers to use our
Makefile without patching.
Simon Schubert [Mon, 14 Nov 2011 22:01:25 +0000 (23:01 +0100)]
Makefile: put libraries at the end when linking
With some linker configurations, libraries will have to be specified
after the objects that require them, otherwise the linker will not
include these libraries, leading to a link error.
Simon Schubert [Sat, 9 Jul 2011 00:34:53 +0000 (02:34 +0200)]
parse_addrs: fix parsing for multiple <addresses>
We would treat [,;] as address separator, triggering a new recipient.
However, if the previous recipient was enclosed in <brackets>, we
already added this recipient. Fix this by skipping over [,;] if the
current address is empty.
Peter Pentchev [Tue, 25 Jan 2011 09:18:32 +0000 (11:18 +0200)]
Fix straight SSL/TLS delivery to remote MX's.
If the SECURETRANS option is enabled but STARTTLS is not, this ought
to mean that dma should start talking SSL to the remote MX straight
away, without waiting for its greeting. Thus, postpone waiting for
the SMTP banner in this case until after the SSL connection has been
successfully initialized.
Peter Pentchev [Fri, 17 Dec 2010 11:31:41 +0000 (13:31 +0200)]
Make add_host() really return an error code.
Now that add_host() *may* return an error, it is kind of confusing
(and actually leads to errors) that it also returns the number of
hosts added to the value/result "hosts" array. Since the caller
really checks add_host()'s return value now, a successful lookup that
returns one host added will be treated as an error :)