diff --git a/AUTHORS b/AUTHORS index 5c9ad9e..817b038 100644 --- a/AUTHORS +++ b/AUTHORS @@ -24,5 +24,5 @@ for use in the OpenSSL Toolkit (http://www.openssl.org/). Translations ------------ -Thanks to Per-Arne Christensen for the Norwegian translation of +Thanks to Per-Arne Christensen for the Norwegian translation of the GUI. diff --git a/ChangeLog b/ChangeLog index c189116..ddbe2b0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,11 +1,18 @@ E-MailRelay Change Log ====================== -2.3 -> 2.3.1 ------------- -* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). +2.3 -> 2.4 +---------- +* Multiple "--filter" and "--client-filter" options allowed. * TLS key and certificate files can be specified separately. -* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50]. +* Finer control when using "--anonymous" (eg. "--anonymous=server"). +* The "auth-config" options can distinguish between TLS and non-TLS authentication. +* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). +* Listening file descriptors can be inherited from the parent process (see "--interface"). +* Listening ports on Windows use exclusive binding. +* The Linux event loop uses "epoll" by default rather than "select". +* Some support for message routing (see NEWS). +* Fix of error handling in network client filters ("--client-filter=net:...") [bug-id #50]. 2.2 -> 2.3 ---------- diff --git a/Makefile.am b/Makefile.am index 4b011a5..46285fb 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,5 +1,5 @@ # -## Copyright (C) 2001-2021 Graeme Walker +## Copyright (C) 2001-2022 Graeme Walker ## ## This program is free software: you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by @@ -61,7 +61,7 @@ EXTRA_DIST = \ winbuild.pl \ runperl.bat -SUBDIRS = bin src etc doc debian test m4 bsd po +SUBDIRS = bin src etc doc debian test m4 bsd po unity # work-round PKG_CHECK_MODULES if no pkg-config ACLOCAL_AMFLAGS = -I m4 @@ -76,6 +76,7 @@ RPM_ROOT ?= ${HOME}/rpmbuild ARCH ?= x86_64 RPM=$(RPM_ROOT)/RPMS/$(ARCH)/emailrelay-$(VERSION)-1.$(ARCH).rpm TAR=emailrelay-$(VERSION).tar.gz +ZIP=emailrelay-$(VERSION)-src.zip DEB=emailrelay_$(VERSION)_$(ARCH).deb .PHONY: strip @@ -102,21 +103,25 @@ deb: $(DEB) $(DEB): dist -mv emailrelay-$(VERSION) emailrelay-$(VERSION).old.$$$$ || true - tar xzf $(TAR) + tar -xzf $(TAR) cd emailrelay-$(VERSION) && fakeroot debian/rules binary mkdir emailrelay-$(VERSION)/debian/source .PHONY: deb-src deb-src: dist -mv emailrelay-$(VERSION) emailrelay-$(VERSION).old.$$$$ || true - tar xzf $(TAR) + tar -xzf $(TAR) mkdir emailrelay-$(VERSION)/debian/source echo 1.0 > emailrelay-$(VERSION)/debian/source/format dpkg-source --build emailrelay-$(VERSION) .PHONY: tidy tidy: - $(MAKE) -C src tidy + $(MAKE) -C unity tidy + +.PHONY: unitybuild +unitybuild: + $(MAKE) -C unity programs .PHONY: format format: @@ -130,3 +135,22 @@ cmake: cd build && cmake -DCMAKE_MAKE_PROGRAM:FILEPATH=/usr/bin/make -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .. @echo now run make from the '"build"' directory +.PHONY: tar +tar: $(TAR) + +$(TAR): + $(MAKE) dist + +.PHONY: zip +zip: $(ZIP) + +$(ZIP): $(TAR) + tar -xzf $(TAR) + sh -c "cd emailrelay-$(VERSION) && zip -r ../$(ZIP) ." + +.PHONY: mbedtls +mbedtls: + test -d mbedtls || git clone https://salsa.debian.org/debian/mbedtls.git + make -C mbedtls/library WINDOWS=0 + -@echo now run ./configure.sh + diff --git a/Makefile.in b/Makefile.in index e24e46a..21684e5 100644 --- a/Makefile.in +++ b/Makefile.in @@ -406,13 +406,14 @@ EXTRA_DIST = \ winbuild.pl \ runperl.bat -SUBDIRS = bin src etc doc debian test m4 bsd po +SUBDIRS = bin src etc doc debian test m4 bsd po unity # work-round PKG_CHECK_MODULES if no pkg-config ACLOCAL_AMFLAGS = -I m4 e_doc_DATA = COPYING AUTHORS INSTALL NEWS README ChangeLog RPM = $(RPM_ROOT)/RPMS/$(ARCH)/emailrelay-$(VERSION)-1.$(ARCH).rpm TAR = emailrelay-$(VERSION).tar.gz +ZIP = emailrelay-$(VERSION)-src.zip DEB = emailrelay_$(VERSION)_$(ARCH).deb all: all-recursive @@ -928,21 +929,25 @@ deb: $(DEB) $(DEB): dist -mv emailrelay-$(VERSION) emailrelay-$(VERSION).old.$$$$ || true - tar xzf $(TAR) + tar -xzf $(TAR) cd emailrelay-$(VERSION) && fakeroot debian/rules binary mkdir emailrelay-$(VERSION)/debian/source .PHONY: deb-src deb-src: dist -mv emailrelay-$(VERSION) emailrelay-$(VERSION).old.$$$$ || true - tar xzf $(TAR) + tar -xzf $(TAR) mkdir emailrelay-$(VERSION)/debian/source echo 1.0 > emailrelay-$(VERSION)/debian/source/format dpkg-source --build emailrelay-$(VERSION) .PHONY: tidy tidy: - $(MAKE) -C src tidy + $(MAKE) -C unity tidy + +.PHONY: unitybuild +unitybuild: + $(MAKE) -C unity programs .PHONY: format format: @@ -956,6 +961,25 @@ cmake: cd build && cmake -DCMAKE_MAKE_PROGRAM:FILEPATH=/usr/bin/make -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .. @echo now run make from the '"build"' directory +.PHONY: tar +tar: $(TAR) + +$(TAR): + $(MAKE) dist + +.PHONY: zip +zip: $(ZIP) + +$(ZIP): $(TAR) + tar -xzf $(TAR) + sh -c "cd emailrelay-$(VERSION) && zip -r ../$(ZIP) ." + +.PHONY: mbedtls +mbedtls: + test -d mbedtls || git clone https://salsa.debian.org/debian/mbedtls.git + make -C mbedtls/library WINDOWS=0 + -@echo now run ./configure.sh + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/NEWS b/NEWS index 7a931e8..db9d9e9 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,34 @@ News ---- -Version 2.3 is a relatively minor release. The main functional change is to -support unix domain sockets. Non-functional code changes include better -separation of interface and implementation in the SMTP message store. +Low-level changes include a rework of the event-loops. The Unix event loop +defaults to an epoll() implementation. -Version 2.3.1 is a point release principally to fix bug-id #50. +The i18n of the main server (not the gui) has been extended somewhat by marking +for translation the text of most C++ exceptions. This is only relevant if +building "--with-gettext" and running with "--localedir". + +The "--anonyous" option has changed slightly in v2.4 so that it will now force +the AUTH parameter on the MAIL command to be "AUTH=<>". Replace "--anonymous" +with "--anonymous=vrfy,server,content" to keep the same behaviour as before. + +The "emailrelay-submit" utility's "--content" option no longer suppresses +reading of the standard input stream; there is a new "--no-stdin" option +instead. A dot on its own does not terminate the input any more, so use ^D or +^Z to stop reading from the terminal. Header-only content with no body text is +now permitted. + +Authentication using PAM no longer insists on TLS encryption because the +"--server-auth-config" option can be used to disable password authentication +over an unencypted connection. + +Limited support for routing is included. The envelope files have two new fields: +ForwardTo and ForwardToAddress. A filter script can examine the message content +and deposit the appropriate domain name and port number in the ForwardTo field. +If the SMTP client sees a ForwardTo value then it runs the client-filter early +allowing the client filter to do a DNS MX lookup of the ForwardTo value and +deposit the address into the ForwardToAddress field. If the SMTP client sees a +ForwardToAddress it will initiate a connection to that address to send the +message. The client-filter is run a second time in the normal way once the SMTP +session has been established. A connection to the main "--forward-to" address +will always be made even if all the messages are routed elsewhere, and each +routed connection will carry only one message. diff --git a/README b/README index 4dd9a75..03c048a 100644 --- a/README +++ b/README @@ -73,6 +73,30 @@ or run: emailrelay --help --verbose +Packages +-------- +To install on Linux from a RPM or DEB package: + + sudo $SHELL # or 'su' + rpm -i emailrelay*.rpm # if RPM + dpkg -i emailrelay*.deb # if DEB + +If your Linux system uses "systemd" then you should check the E-MailRelay +configuration file "/etc/emailrelay.conf" is as you want it and then run: + + systemctl enable emailrelay + systemctl start emailrelay + systemctl status emailrelay + +On other systems try these commands: + + cp /usr/lib/emailrelay/init/emailrelay /etc/init.d/ + update-rc.d emailrelay enable || rc-update add emailrelay + invoke-rc.d emailrelay start || service emailrelay start + tail /var/log/messages /var/log/syslog 2>/dev/null + +On Windows run the setup program. + Documentation ------------- The following documentation is provided: @@ -87,7 +111,3 @@ The following documentation is provided: Source code documentation will be generated when building from source if "doxygen" is available. -Feedback --------- -Please feel free to e-mail the author at "mailto:graeme_walker@users.sourceforge.net". - diff --git a/README.md b/README.md index 2016da9..1ba0df7 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,30 @@ or run: emailrelay --help --verbose +Packages +-------- +To install on Linux from a RPM or DEB package: + + sudo $SHELL # or 'su' + rpm -i emailrelay*.rpm # if RPM + dpkg -i emailrelay*.deb # if DEB + +If your Linux system uses `systemd` then you should check the E-MailRelay +configuration file `/etc/emailrelay.conf` is as you want it and then run: + + systemctl enable emailrelay + systemctl start emailrelay + systemctl status emailrelay + +On other systems try these commands: + + cp /usr/lib/emailrelay/init/emailrelay /etc/init.d/ + update-rc.d emailrelay enable || rc-update add emailrelay + invoke-rc.d emailrelay start || service emailrelay start + tail /var/log/messages /var/log/syslog 2>/dev/null + +On Windows run the setup program. + Documentation ------------- The following documentation is provided: @@ -94,10 +118,6 @@ The following documentation is provided: Source code documentation will be generated when building from source if `doxygen` is available. -Feedback --------- -Please feel free to e-mail the author at `mailto:graeme_walker@users.sourceforge.net`. - [POP]: https://en.wikipedia.org/wiki/Post_Office_Protocol [SMTP]: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol diff --git a/README.rst b/README.rst index 052000f..7ae89f7 100644 --- a/README.rst +++ b/README.rst @@ -100,6 +100,36 @@ or run: emailrelay --help --verbose +Packages +======== +To install on Linux from a RPM or DEB package: + +:: + + sudo $SHELL # or 'su' + rpm -i emailrelay*.rpm # if RPM + dpkg -i emailrelay*.deb # if DEB + +If your Linux system uses *systemd* then you should check the E-MailRelay +configuration file */etc/emailrelay.conf* is as you want it and then run: + +:: + + systemctl enable emailrelay + systemctl start emailrelay + systemctl status emailrelay + +On other systems try these commands: + +:: + + cp /usr/lib/emailrelay/init/emailrelay /etc/init.d/ + update-rc.d emailrelay enable || rc-update add emailrelay + invoke-rc.d emailrelay start || service emailrelay start + tail /var/log/messages /var/log/syslog 2>/dev/null + +On Windows run the setup program. + Documentation ============= The following documentation is provided: @@ -115,10 +145,6 @@ The following documentation is provided: Source code documentation will be generated when building from source if *doxygen* is available. -Feedback -======== -Please feel free to e-mail the author at *mailto:graeme_walker@users.sourceforge.net*. - .. _POP: https://en.wikipedia.org/wiki/Post_Office_Protocol .. _SMTP: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol diff --git a/VERSION b/VERSION index 2bf1c1c..6b4950e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3.1 +2.4 diff --git a/autogen.sh b/autogen.sh old mode 100644 new mode 100755 diff --git a/bin/AutoMakeParser.pm b/bin/AutoMakeParser.pm index 8dadd3b..b4ab35c 100644 --- a/bin/AutoMakeParser.pm +++ b/bin/AutoMakeParser.pm @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -40,6 +40,24 @@ # $makefile->our_libs('foo') ; # $makefile->sys_libs('foo') ; # +# Typical directories in a autoconf vpath build (see includes()): +# +# project <-- $(top_srcdir) <-------+-+ "base_to_top" +# | | | +# +----src <-- readall() base --+ | <---+ base() +# | | | | +# | +-- sub1 <-- path() | ----+ +# | | +# +----bin | +# | | +# +--build <-- $(top_builddir) | <-- $(top_builddir) +# | | +# +-- src --+ <--+ base() +# | | +# +-- sub1 <-- c++ cwd ------+ +# +# See also ConfigStatus.pm. +# use strict ; use FileHandle ; @@ -104,11 +122,11 @@ sub depth return $this->{m_depth} ; } -sub top +sub base { # Returns the relative path up to the first readall() - # makefile, which might be different from $(top_srcdir). - # The returned value will be something like "../../../". + # makefile. The returned value will be something like + # "../../../". See also includes(). # my ( $this ) = @_ ; my $depth = $this->{m_depth} ; @@ -237,46 +255,47 @@ sub _definitions_imp sub includes { - # Returns a list of include directories, so for example - # "-I$(top_srcdir)/one/two -I$(top_srcdir)/three" - # with the 'top_srcdir' variable defined as "." gives - # ("./one/two","./three"). + # Returns a list of include directories derived from the + # AM_CPPFLAGS and CXXFLAGS macros. The returned list also + # optionally starts with the autoconf header directory, + # obtained by expanding top_srcdir. # - # However, since the 'top_srcdir' expansion is fixed, and - # relative include paths need to vary through the source - # tree, a prefix parameter ('top') should be passed in as - # the current value for expanding "$(top_srcdir)". So then - # "-I$(top_srcdir)/one/two" becomes "/./one/two". - # (Absolute paths do not get the 'top' prefixed by 'top'.) + # Include paths need to vary through the source tree, + # so a 'base' parameter is provided here which is used + # as a prefix for all relative paths from the AM_CPPFLAGS + # and CXXFLAGS expansions and as a suffix for the + # autoconf header directory. # - # The "top()" method provides a candidate for the 'top' - # parameter but will only work if readall() started at the - # 'top_srcdir' directory and the 'top_srcdir' variable is - # defined as ".". Otherwise, a simple approach is to still - # use top() for the 'top' parameter but define the 'top_srcdir' - # variable as the difference between the readall() base and - # the actual 'top_srcdir' directory. + # For example, if CXXFLAGS is "-I$(top_srcdir)/src/sub" + # and top_srcdir is "." then includes(base()) will + # will yield ("./..",".././src/sub") for one makefile and + # ("./../..","../.././src/sub") for another. # - my ( $this , $top , $full_paths , $no_top_dir ) = @_ ; - $top ||= "" ; - my $add_top = !$no_top_dir ; - my $real_top = simplepath( join( "/" , $this->value("top_srcdir") , $top ) ) ; - my @a = $this->_includes_imp( $top , "AM_CPPFLAGS" , $this->{m_vars} , $full_paths ) ; - my @b = $this->_includes_imp( $top , "CXXFLAGS" , $this->{m_vars} , $full_paths ) ; - my @c = ( $real_top && $add_top ) ? ( $real_top ) : () ; + # In practice the value for top_srcdir should be carefully + # chosen as some "base-to-top" relative path that makes things + # work correctly if readall() was not based at top_srcdir + # or when targeting vpath builds. See above. + # + my ( $this , $base , $full_paths , $no_autoconf_dir ) = @_ ; + $base ||= "" ; + my $add_autoconf_dir = !$no_autoconf_dir ; + my $autoconf_dir = simplepath( join( "/" , $this->value("top_srcdir") , $base ) ) ; + my @a = $this->_includes_imp( $base , "AM_CPPFLAGS" , $this->{m_vars} , $full_paths ) ; + my @b = $this->_includes_imp( $base , "CXXFLAGS" , $this->{m_vars} , $full_paths ) ; + my @c = ( $autoconf_dir && $add_autoconf_dir ) ? ( $autoconf_dir ) : () ; my @incs = ( @c , @a , @b ) ; return wantarray ? @incs : join(" ",@incs) ; } sub _includes_imp { - my ( $this , $top , $var , $vars , $full_paths ) = @_ ; + my ( $this , $base , $var , $vars , $full_paths ) = @_ ; my $s = protect_quoted_spaces( simple_spaces( $vars->{$var} ) ) ; $s =~ s/-I /-I/g ; return map { $full_paths?$this->fullpath($_):$_ } map { simplepath($_) } - map { my $p=$_ ; ($top&&($p!~m;^/;))?join("/",$top,$p):$p } + map { my $p=$_ ; ($base&&($p!~m;^/;))?join("/",$base,$p):$p } map { s/\t/ /g ; $_ } map { s:-I:: ; $_ } grep { m/-I\S+/ } split( " " , $s ) ; diff --git a/bin/CompilationDatabase.pm b/bin/CompilationDatabase.pm index dd1ad33..9e95724 100644 --- a/bin/CompilationDatabase.pm +++ b/bin/CompilationDatabase.pm @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,7 +26,9 @@ # Synopsis: # # use CompilationDatabase ; -# my $cdb = new CompilationDatabase( $src_dir , {WINDOWS=>0,...} , {top_srcdir=>'..'} , {} ) ; +# my @makefiles = AutoMakeParser::readall( ... ) ; +# my $cdb = new CompilationDatabase( \@makefiles , {full_paths=>1} ) ; +# my $cdb = new CompilationDatabase( $src_dir , {WINDOWS=>0,...} , {top_srcdir=>'..'} , {full_paths=>1} ) ; # my @files = $cdb->list() ; # my @stanzas = $cdb->stanzas() ; # $cdb->print() ; @@ -41,28 +43,50 @@ our $debug = 0 ; sub new { - my ( $classname , $base_makefile_dir , $switches , $ro_vars , $config ) = @_ ; - $AutoMakeParser::debug = 1 if $debug > 1 ; - $config ||= {} ; - $config->{test_mode} ||= 0 ; - $config->{full_paths} ||= 0 ; - my %me = ( - m_base_dir => $base_makefile_dir , - m_switches => $switches , - m_ro_vars => $ro_vars , - m_config => $config , - ) ; - return bless \%me , $classname ; + if( ref($_[1]) ) + { + # Parses a set of makefiles as given by an array of Makefile + # objects obtained from AutoMakeParser::readall(). + # + my ( $classname , $makefiles_ref , $config ) = @_ ; + $config ||= {} ; + $config->{test_mode} ||= 0 ; + $config->{full_paths} ||= 0 ; + my %me = ( + m_makefiles => $makefiles_ref , + m_config => $config , + ) ; + return bless \%me , $classname ; + } + else + { + # Finds makefiles under the given base directory and parses + # them. The switches and read-only expansion variables can + # be hard-coded or extracted from a config.status file + # (see ConfigStatus). + # + my ( $classname , $base_makefile_dir , $switches , $ro_vars , $config ) = @_ ; + $AutoMakeParser::debug = 1 if $debug > 1 ; + $config ||= {} ; + $config->{test_mode} ||= 0 ; + $config->{full_paths} ||= 0 ; + my @makefiles = AutoMakeParser::readall( $base_makefile_dir , $switches , $ro_vars ) ; + my %me = ( + m_makefiles => \@makefiles , + m_config => $config , + ) ; + return bless \%me , $classname ; + } } sub list { + # Returns a list of all the source files in all the makefiles found under base-dir. my ( $this ) = @_ ; my @list = () ; my $verbose = $debug ; - my @makefiles = AutoMakeParser::readall( $this->{m_base_dir} , $this->{m_switches} , $this->{m_ro_vars} , $verbose ) ; - for my $m ( @makefiles ) + for my $m ( @{$this->{m_makefiles}} ) { my $sub_dir = File::Basename::dirname( $m->path() ) ; for my $library ( $m->libraries() ) @@ -79,6 +103,7 @@ sub list sub print { + # Prints the complete compilation database json structure to stdout. my ( $this ) = @_ ; print "[\n" ; print join( ",\n" , $this->stanzas() ) ; @@ -87,14 +112,15 @@ sub print sub stanzas { + # Returns a list of separate compilation database stanzas for all the source files + # in all the makefiles found under base-dir. my ( $this ) = @_ ; - my @makefiles = AutoMakeParser::readall( $this->{m_base_dir} , $this->{m_switches} , $this->{m_ro_vars} ) ; my @output = () ; - for my $m ( @makefiles ) + for my $m ( @{$this->{m_makefiles}} ) { my $dir = File::Basename::dirname( $m->path() ) ; - my @includes = map { "-I$_" } $m->includes( $m->top() , undef , undef , $this->{m_config}->{full_paths} ) ; + my @includes = map { "-I$_" } $m->includes( $m->base() , undef , undef , $this->{m_config}->{full_paths} ) ; my @definitions = map { "-D$_" } $m->definitions() ; my @compile_options = $m->compile_options() ; my @link_options = $m->link_options() ; @@ -102,7 +128,7 @@ sub stanzas if( $debug ) { print "cdb: makefile=" , $m->path() , "\n" ; - print "cdb: top=",$m->top(),"\n" ; + print "cdb: base=",$m->base(),"\n" ; print "cdb: \@includes=" , join("|",@includes) , "\n" ; print "cdb: \@definitions=" , join("|",@definitions) , "\n" ; print "cdb: \@compile_options=" , join("|",@compile_options) , "\n" ; diff --git a/bin/ConfigStatus.pm b/bin/ConfigStatus.pm index f5ef715..bf27933 100644 --- a/bin/ConfigStatus.pm +++ b/bin/ConfigStatus.pm @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -23,7 +23,9 @@ # # Synopsis: # use ConfigStatus ; -# my $cs = new ConfigStatus( "config.status" ) ; +# my $cs = new ConfigStatus() ; +# my $cs = new ConfigStatus( "./config.status" ) ; +# my $cs = new ConfigStatus("") ; $cs->parse( "/tmp/config.status" ) ; # my %vars = $cs->vars() ; # my %switches = $cs->switches() ; # @@ -42,6 +44,18 @@ sub new m_vars => {} , m_switches => {} , } , $classname ; + if( !defined($filename) ) + { + for my $dir ( "." , ".." , "../.." ) + { + if( -e "$dir/config.status" ) + { + $filename = "$dir/config.status" ; + last ; + } + } + $filename or die ; + } $this->parse( $filename ) if $filename ; return $this ; } diff --git a/bin/Makefile.am b/bin/Makefile.am index 2ed57f1..c8187c8 100644 --- a/bin/Makefile.am +++ b/bin/Makefile.am @@ -1,5 +1,5 @@ # -## Copyright (C) 2001-2021 Graeme Walker +## Copyright (C) 2001-2022 Graeme Walker ## ## This program is free software: you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by @@ -19,6 +19,7 @@ example_scripts_static = \ emailrelay-bcc-check.pl \ emailrelay-check-ipaddress.js \ emailrelay-check-ipaddress.pl \ + emailrelay-dkim-signer.pl \ emailrelay-ldap-verify.py \ emailrelay-multicast.sh \ emailrelay-rot13.pl \ @@ -52,6 +53,7 @@ work_scripts = \ make-format \ make2cmake \ make2cdb \ + make2unity \ AutoMakeParser.pm \ CompilationDatabase.pm \ ConfigStatus.pm \ diff --git a/bin/Makefile.in b/bin/Makefile.in index 9d94961..c72b31f 100644 --- a/bin/Makefile.in +++ b/bin/Makefile.in @@ -286,6 +286,7 @@ example_scripts_static = \ emailrelay-bcc-check.pl \ emailrelay-check-ipaddress.js \ emailrelay-check-ipaddress.pl \ + emailrelay-dkim-signer.pl \ emailrelay-ldap-verify.py \ emailrelay-multicast.sh \ emailrelay-rot13.pl \ @@ -319,6 +320,7 @@ work_scripts = \ make-format \ make2cmake \ make2cdb \ + make2unity \ AutoMakeParser.pm \ CompilationDatabase.pm \ ConfigStatus.pm \ diff --git a/bin/doxygen.sh b/bin/doxygen.sh index d35f4ff..4e95a0d 100755 --- a/bin/doxygen.sh +++ b/bin/doxygen.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/emailrelay-bcc-check.pl b/bin/emailrelay-bcc-check.pl index a549234..7bd338f 100755 --- a/bin/emailrelay-bcc-check.pl +++ b/bin/emailrelay-bcc-check.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-deliver.sh.in b/bin/emailrelay-deliver.sh.in old mode 100644 new mode 100755 index 09a3e1c..be92336 --- a/bin/emailrelay-deliver.sh.in +++ b/bin/emailrelay-deliver.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-dkim-signer.pl b/bin/emailrelay-dkim-signer.pl new file mode 100755 index 0000000..2fd98a9 --- /dev/null +++ b/bin/emailrelay-dkim-signer.pl @@ -0,0 +1,65 @@ +#!/usr/bin/env perl +# +# Copyright (C) 2001-2022 Graeme Walker +# +# Copying and distribution of this file, with or without modification, +# are permitted in any medium without royalty provided the copyright +# notice and this notice are preserved. This file is offered as-is, +# without any warranty. +# === +# +# emailrelay-dkim-signer.pl +# +# An example E-MailRelay filter script for DKIM signing. +# +# To generate a key pair: +# $ openssl genrsa -out example.com.pk 2048 +# $ openssl rsa -in example.com.pk -pubout -out example.com.pub +# +# Serve up the public key via DNS, eg: +# $ grep -v PUBLIC example.com.pub | tr -d '\n' +# upload default._domainkey TXT "p=Q8AMIIB...." +# $ nslookup -query=TXT default._domainkey.example.com +# text = "p=Q8AMIIB...." +# +# Test with spamassassin: +# $ c=`emailrelay-submit -v -s \`pwd\` -C DQo= -C aGVsbG8sIHdvcmxkIQ== -d -F -t -f me@example.com you@example.com` +# $ emailrelay-dkim-signer.pl $c +# $ spamassassin --debug=dkim --test-mode < $c +# +# Requires debian package 'libmail-dkim-perl'. +# + +use strict ; +use FileHandle ; +use File::Copy ; +use Mail::DKIM::Signer ; +use Mail::DKIM::TextWrap ; + +$SIG{__DIE__} = sub { (my $e = join(" ",@_)) =~ s/\n/ /g ; print "<>\n" ; exit 99 } ; + +my $content = $ARGV[0] or die "usage error\n" ; +my $fh = new FileHandle( $content ) or die "cannot open content file\n" ; + +my $dkim = new Mail::DKIM::Signer( + Algorithm => 'rsa-sha1' , + Method => 'relaxed' , + Domain => 'example.com' , + Selector => 'default' , # => default._domainkey.example.com + KeyFile => '/etc/dkim/private/example.com.pk' , + Headers => '' , # 'x-header:x-header2' +); + +$dkim->load( $fh ) ; # includes CLOSE() +$fh->close() or die ; + +my $signature = $dkim->signature->as_string() ; + +$fh = new FileHandle( $content.".tmp" , "w" ) or die ; +print $fh $signature , "\r\n" ; +$fh->flush() ; +File::Copy::copy( $content , $fh ) or die ; +$fh->close() or die ; +File::Copy::move( $content.".tmp" , $content ) or die ; + +exit 0 ; diff --git a/bin/emailrelay-edit-content.js b/bin/emailrelay-edit-content.js index 2dae43f..a526ff5 100644 --- a/bin/emailrelay-edit-content.js +++ b/bin/emailrelay-edit-content.js @@ -1,5 +1,5 @@ // -// Copyright (C) 2001-2021 Graeme Walker +// Copyright (C) 2001-2022 Graeme Walker // // Copying and distribution of this file, with or without modification, // are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-edit-envelope.js b/bin/emailrelay-edit-envelope.js index 2393e97..d3463dd 100644 --- a/bin/emailrelay-edit-envelope.js +++ b/bin/emailrelay-edit-envelope.js @@ -1,5 +1,5 @@ // -// Copyright (C) 2001-2021 Graeme Walker +// Copyright (C) 2001-2022 Graeme Walker // // Copying and distribution of this file, with or without modification, // are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-ldap-verify.py b/bin/emailrelay-ldap-verify.py index 5333c85..dcbf26f 100755 --- a/bin/emailrelay-ldap-verify.py +++ b/bin/emailrelay-ldap-verify.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020-2021 +# Copyright (C) 2020-2022 # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-multicast.sh b/bin/emailrelay-multicast.sh index adf77df..06637ac 100755 --- a/bin/emailrelay-multicast.sh +++ b/bin/emailrelay-multicast.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-notify.sh.in b/bin/emailrelay-notify.sh.in old mode 100644 new mode 100755 index 6e7c029..d076cca --- a/bin/emailrelay-notify.sh.in +++ b/bin/emailrelay-notify.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-resubmit.js b/bin/emailrelay-resubmit.js index 2bae0c1..a4a0d5f 100644 --- a/bin/emailrelay-resubmit.js +++ b/bin/emailrelay-resubmit.js @@ -1,5 +1,5 @@ // -// Copyright (C) 2001-2021 Graeme Walker +// Copyright (C) 2001-2022 Graeme Walker // // Copying and distribution of this file, with or without modification, // are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-resubmit.sh.in b/bin/emailrelay-resubmit.sh.in old mode 100644 new mode 100755 index b675a68..1b516ee --- a/bin/emailrelay-resubmit.sh.in +++ b/bin/emailrelay-resubmit.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-rot13.pl b/bin/emailrelay-rot13.pl index 68159eb..6b1384b 100755 --- a/bin/emailrelay-rot13.pl +++ b/bin/emailrelay-rot13.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-sendmail.pl b/bin/emailrelay-sendmail.pl index 903f9b0..706e604 100755 --- a/bin/emailrelay-sendmail.pl +++ b/bin/emailrelay-sendmail.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-service-install.js b/bin/emailrelay-service-install.js index 63f57b6..2c5e6a0 100644 --- a/bin/emailrelay-service-install.js +++ b/bin/emailrelay-service-install.js @@ -1,5 +1,5 @@ // -// Copyright (C) 2001-2021 Graeme Walker +// Copyright (C) 2001-2022 Graeme Walker // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/bin/emailrelay-set-from.js b/bin/emailrelay-set-from.js index 55336b7..2b24293 100755 --- a/bin/emailrelay-set-from.js +++ b/bin/emailrelay-set-from.js @@ -1,5 +1,5 @@ // -// Copyright (C) 2001-2021 Graeme Walker +// Copyright (C) 2001-2022 Graeme Walker // // Copying and distribution of this file, with or without modification, // are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-set-from.pl b/bin/emailrelay-set-from.pl index f537a9a..71791b7 100755 --- a/bin/emailrelay-set-from.pl +++ b/bin/emailrelay-set-from.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay-submit.sh.in b/bin/emailrelay-submit.sh.in old mode 100644 new mode 100755 index 96042f5..2a95484 --- a/bin/emailrelay-submit.sh.in +++ b/bin/emailrelay-submit.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright diff --git a/bin/emailrelay.sh.in b/bin/emailrelay.sh.in index 9451b36..5d3f952 100644 --- a/bin/emailrelay.sh.in +++ b/bin/emailrelay.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/make-format b/bin/make-format index 435d7d3..381868f 100755 --- a/bin/make-format +++ b/bin/make-format @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/make-manifest.sh b/bin/make-manifest.sh index 3b22e35..4658b86 100755 --- a/bin/make-manifest.sh +++ b/bin/make-manifest.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/make-setup.sh b/bin/make-setup.sh index 3bb3fb3..8296375 100755 --- a/bin/make-setup.sh +++ b/bin/make-setup.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/make2cdb b/bin/make2cdb index b098be2..5daf8f9 100755 --- a/bin/make2cdb +++ b/bin/make2cdb @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/make2cmake b/bin/make2cmake index 056588e..7514c81 100755 --- a/bin/make2cmake +++ b/bin/make2cmake @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -100,7 +100,7 @@ sub create_cmake_file } my $definitions = join( " " , $m->definitions() ) ; - my $includes = join( " " , "." , ".." , $m->includes($m->top()) ) ; + my $includes = join( " " , "." , ".." , $m->includes($m->base()) ) ; my @libraries = $m->libraries() ; for my $library ( @libraries ) diff --git a/bin/make2unity b/bin/make2unity new file mode 100755 index 0000000..caf7e5b --- /dev/null +++ b/bin/make2unity @@ -0,0 +1,171 @@ +#!/usr/bin/env perl +# +# Copyright (C) 2001-2022 Graeme Walker +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# === +# +# make2unity +# +# Generates "unity build" source files by parsing autoconf/automake +# artifacts throughout the source tree. Also optionally creates a +# compilation database ("compile_commands.json") for running +# clang-tidy. +# +# usage: +# make2unity --out= [options] +# make2unity [options] [ [ ...]] +# --base= -- base directory for makefile search +# --config-status= -- path of config.status file +# --out= -- output source file (if one ) +# --cdb -- create a compilation database +# --cdb-top= -- top_srcdir (needed if --cdb) +# --cdb-cxx= -- compiler (needed if --cdb) +# +# The arguments are allowed to have a ".cpp" suffix. +# +# Eg: +# $ cd src +# $ ../bin/make2unity emailrelay.cpp +# $ g++ -pthread -I.... -c emailrelay.cpp +# $ g++ -pthread -o emailrelay emailrelay.o -lpam -lssl -lcrypto +# + +use strict ; +use warnings ; +use FileHandle ; +use File::Basename ; +use Getopt::Long ; +use Data::Dumper ; +use lib dirname($0) ; +use CompilationDatabase ; +use ConfigStatus ; +use AutoMakeParser ; +$AutoMakeParser::debug = 0 ; + +my %opt = () ; +GetOptions( \%opt , "out=s" , "cdb" , "cdb-cxx=s" , "cdb-top=s" , "base=s" , "config-status=s" ) or die "make2unity: usage error" ; +die "make2unity: usage error" if scalar(@ARGV) == 0 ; +die "make2unity: usage error" if ( $opt{out} && scalar(@ARGV) != 1 ) ; + +my $cfg_out = $opt{out} ; +my $cfg_cdb = exists $opt{cdb} ; +my $cfg_top_srcdir = $opt{'cdb-top'} ; +my $cfg_base_dir = exists $opt{base} ? $opt{base} : File::Basename::dirname($0)."/../src" ; +my $cfg_config_status = $opt{'config-status'} ; +my @cfg_programs = @ARGV ; +push @cfg_programs , "emailrelay" if !@cfg_programs ; +my $cfg_cxx = $opt{'cdb-cxx'} || "/usr/bin/c++" ; + +my $cs = new ConfigStatus( $cfg_config_status ) ; +my %switches = $cs->switches() ; +my %vars = $cs->vars() ; + +$vars{top_srcdir} = "." ; +$vars{top_builddir} = "." ; + +my @makefiles = AutoMakeParser::readall( $cfg_base_dir , \%switches , \%vars ) ; + +my $fh_cdb ; +if( $cfg_cdb ) +{ + $fh_cdb = new FileHandle( "compile_commands.json" , "w" ) or die ; + print $fh_cdb "[\n" ; +} + +for my $cfg_program ( @cfg_programs ) +{ + my $program = File::Basename::basename( $cfg_program , ".cpp" ) ; + my $out = $cfg_out ? $cfg_out : "${program}.cpp" ; + + my $fh_out = new FileHandle( $out , "w" ) or die ; + print $fh_out "/* autogenerated by make2unity */\n" ; + my $stanza = undef ; + my %libs = () ; + my @out_lines = () ; + for my $m ( @makefiles ) + { + my $dir = File::Basename::dirname( $m->path() ) ; + for my $p ( $m->programs() ) + { + if( $p eq $program || ($p eq "$program.real") ) + { + map { $libs{"lib".$_.".a"} = 1 } $m->our_libs( $p ) ; + push @out_lines , "/* exe [$dir] */\n" ; + print $fh_out "/* c++ -pthread".join(" -I ../",("",$m->includes("",0,0)))." -o $p $p.cpp ".join(" -l",("",$m->sys_libs($p)))." */\n" ; + for my $src ( $m->sources($p) ) + { + push @out_lines , "#include \"$src\"\n" ; + } + $stanza = stanza( $program , $m ) ; + } + } + } + for my $m ( @makefiles ) + { + my $dir = File::Basename::dirname( $m->path() ) ; + + print $fh_out "/* lib [$dir] */\n" ; + for my $library ( $m->libraries() ) + { + if( exists($libs{$library}) ) # ignore this library if not linked in to $program + { + for my $src ( $m->sources($library) ) + { + print $fh_out "#include \"$src\"\n" ; + } + } + else + { + print $fh_out "/* (not linked) */\n" ; + } + } + } + print $fh_out @out_lines ; # (after all the library sources) + $fh_out->close() or die ; + print $fh_cdb $stanza , "\n" if ( $fh_cdb && defined($stanza) ) ; +} + +if( $fh_cdb ) +{ + print $fh_cdb "]\n" ; + $fh_cdb->close() or die ; +} + +sub stanza +{ + my ( $program , $m ) = @_ ; + + my $dir = cwd() ; + my $src = "$program.cpp" ; + my $autoconf_dir = "../src" ; + my $program_dir = File::Basename::dirname( $m->path() ) ; + my $moc_dir = "." ; + my @includes = ( $autoconf_dir , $program_dir , $moc_dir , $m->includes($cfg_top_srcdir,0,1) ) ; + my $includes = join( " -I" , ("",@includes) ) ; + my $options = $m->compile_options() ; + my $cmd = "$cfg_cxx $options $includes -c $program.cpp" ; + + my $s = '{ + "directory" : "__DIR__" , + "command" : "__CMD__" , + "file" : "__SRC__" , + },' ; + $s =~ s/\t//gm ; + $s =~ s/__DIR__/$dir/m ; + $s =~ s/__CMD__/$cmd/m ; + $s =~ s/__SRC__/$src/m ; + return $s ; +} + diff --git a/bin/winbuild.pm b/bin/winbuild.pm index 34a1d81..5992463 100644 --- a/bin/winbuild.pm +++ b/bin/winbuild.pm @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bsd/Makefile.am b/bsd/Makefile.am index 128c49e..638d6f6 100644 --- a/bsd/Makefile.am +++ b/bsd/Makefile.am @@ -1,5 +1,5 @@ # -## Copyright (C) 2001-2021 Graeme Walker +## Copyright (C) 2001-2022 Graeme Walker ## ## This program is free software: you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by diff --git a/bsd/emailrelay-bsd.sh.in b/bsd/emailrelay-bsd.sh.in index df41c24..a4b476c 100755 --- a/bsd/emailrelay-bsd.sh.in +++ b/bsd/emailrelay-bsd.sh.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/configure b/configure index d8daa73..dfa2ef0 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for E-MailRelay 2.3.1. +# Generated by GNU Autoconf 2.69 for E-MailRelay 2.4. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -577,8 +577,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='E-MailRelay' PACKAGE_TARNAME='emailrelay' -PACKAGE_VERSION='2.3.1' -PACKAGE_STRING='E-MailRelay 2.3.1' +PACKAGE_VERSION='2.4' +PACKAGE_STRING='E-MailRelay 2.4' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -636,8 +636,6 @@ e_icondir e_bsdinitdir e_initdir e_docdir -GCONFIG_UDS_FALSE -GCONFIG_UDS_TRUE GCONFIG_PAM_FALSE GCONFIG_PAM_TRUE GCONFIG_TLS_USE_NONE_FALSE @@ -651,6 +649,10 @@ GCONFIG_TLS_USE_BOTH_TRUE GCONFIG_TLS_LIBS GCONFIG_GETTEXT_FALSE GCONFIG_GETTEXT_TRUE +GCONFIG_DNSBL_FALSE +GCONFIG_DNSBL_TRUE +GCONFIG_UDS_FALSE +GCONFIG_UDS_TRUE GCONFIG_WINDOWS_FALSE GCONFIG_WINDOWS_TRUE GCONFIG_TESTING_FALSE @@ -799,13 +801,14 @@ enable_std_thread enable_testing enable_verbose enable_windows +enable_uds +enable_dnsbl with_doxygen with_gettext with_man2html with_openssl with_mbedtls with_pam -with_uds ' ac_precious_vars='build_alias host_alias @@ -1375,7 +1378,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures E-MailRelay 2.3.1 to adapt to many kinds of systems. +\`configure' configures E-MailRelay 2.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1442,7 +1445,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of E-MailRelay 2.3.1:";; + short | recursive ) echo "Configuration of E-MailRelay 2.4:";; esac cat <<\_ACEOF @@ -1462,7 +1465,7 @@ Optional Features: --enable-bsd enable building for bsd (default auto) --enable-debug enable extra debug messages at compile-time (default no) - --enable-epoll enable epoll (default no) + --enable-epoll enable epoll (default auto) --enable-gui enable configuration gui (requires Qt) (default auto) --enable-install-hook enable fixing up the start/stop configuration file @@ -1475,6 +1478,8 @@ Optional Features: --enable-testing enable make check tests (default yes) --enable-verbose enable verbose logging (default yes) --enable-windows enable building for windows (default auto) + --enable-uds enable unix domain sockets (default auto) + --enable-dnsbl enable DNSBL (default yes) Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -1487,7 +1492,6 @@ Optional Packages: --with-openssl use openssl for tls layer (default auto) --with-mbedtls use mbedtls for tls layer (default auto) --with-pam use linux pam for authentication (default auto) - --with-uds enable unix domain sockets (default auto) Some influential environment variables: CC C compiler command @@ -1575,7 +1579,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -E-MailRelay configure 2.3.1 +E-MailRelay configure 2.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2011,7 +2015,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by E-MailRelay $as_me 2.3.1, which was +It was created by E-MailRelay $as_me 2.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2876,7 +2880,7 @@ fi # Define the identity of the package. PACKAGE='emailrelay' - VERSION='2.3.1' + VERSION='2.4' # Some tools Automake needs. @@ -7283,6 +7287,61 @@ $as_echo "#define GCONFIG_HAVE_IFNAMETOLUID 0" >>confdefs.h fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ifreq ifr_index" >&5 +$as_echo_n "checking for ifreq ifr_index... " >&6; } +if ${gconfig_cv_ifindex+:} false; then : + $as_echo_n "(cached) " >&6 +else + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #ifdef _WIN32 + #include + #include + #include + #include + #else + #include + #include + #include + #include + #include + #endif + struct ifreq req ; + int i = 0 ; + +int +main () +{ + + (void) ioctl( i , SIOCGIFINDEX , &req , sizeof(req) ); + i = req.ifr_ifindex ; + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + gconfig_cv_ifindex=yes +else + gconfig_cv_ifindex=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gconfig_cv_ifindex" >&5 +$as_echo "$gconfig_cv_ifindex" >&6; } + if test "$gconfig_cv_ifindex" = "yes" ; then + +$as_echo "#define GCONFIG_HAVE_IFINDEX 1" >>confdefs.h + + else + +$as_echo "#define GCONFIG_HAVE_IFINDEX 0" >>confdefs.h + + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gai_strerror()" >&5 $as_echo_n "checking for gai_strerror()... " >&6; } if ${gconfig_cv_gaistrerror+:} false; then : @@ -7380,6 +7439,55 @@ $as_echo "#define GCONFIG_HAVE_UDS 0" >>confdefs.h fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for unix domain sockets" >&5 +$as_echo_n "checking for unix domain sockets... " >&6; } +if ${gconfig_cv_uds_len+:} false; then : + $as_echo_n "(cached) " >&6 +else + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + struct sockaddr_un a ; + +int +main () +{ + + a.sun_len = 2U ; + a.sun_family = AF_UNIX | PF_UNIX ; + a.sun_path[0] = '\0' ; + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + gconfig_cv_uds_len=yes +else + gconfig_cv_uds_len=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gconfig_cv_uds_len" >&5 +$as_echo "$gconfig_cv_uds_len" >&6; } + if test "$gconfig_cv_uds_len" = "yes" + then + +$as_echo "#define GCONFIG_HAVE_UDS_LEN 1" >>confdefs.h + + else + +$as_echo "#define GCONFIG_HAVE_UDS_LEN 0" >>confdefs.h + + fi + + + @@ -8039,6 +8147,7 @@ main () { errno_t e = _sopen_s(&fd,"foo",_O_WRONLY,_SH_DENYNO,_S_IWRITE) ; + if( e ) return 1 ; ; return 0; @@ -8954,7 +9063,7 @@ if ${gconfig_cv_qt_build+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$gconfig_have_qt" = "yes" + if test "$gconfig_have_qt" = "yes" -a "$enable_gui" != "no" then gconfig_save_LIBS="$LIBS" gconfig_save_CXXFLAGS="$CXXFLAGS" @@ -9207,7 +9316,6 @@ $as_echo "#define GCONFIG_HAVE_MBEDTLS_NET_H 0" >>confdefs.h fi - # Check whether --enable-bsd was given. if test "${enable_bsd+set}" = set; then : enableval=$enable_bsd; @@ -9245,7 +9353,7 @@ if test "${enable_epoll+set}" = set; then : fi - if test "$enable_epoll" = "yes" + if test "$enable_epoll" != "no" then if test "$gconfig_cv_epoll" = "no" then @@ -9479,6 +9587,66 @@ else fi +# Check whether --enable-uds was given. +if test "${enable_uds+set}" = set; then : + enableval=$enable_uds; +fi + + + + if test "$enable_uds" = "no" + then + if false; then + GCONFIG_UDS_TRUE= + GCONFIG_UDS_FALSE='#' +else + GCONFIG_UDS_TRUE='#' + GCONFIG_UDS_FALSE= +fi + + else + if test "$enable_uds" = "yes" -a "$gconfig_cv_uds" = "no" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: forcing use of unix domain sockets even though not detected" >&5 +$as_echo "$as_me: WARNING: forcing use of unix domain sockets even though not detected" >&2;} + fi + if true; then + GCONFIG_UDS_TRUE= + GCONFIG_UDS_FALSE='#' +else + GCONFIG_UDS_TRUE='#' + GCONFIG_UDS_FALSE= +fi + + fi + +# Check whether --enable-dnsbl was given. +if test "${enable_dnsbl+set}" = set; then : + enableval=$enable_dnsbl; +fi + + + if test "$enable_dnsbl" = "no" + then + if false; then + GCONFIG_DNSBL_TRUE= + GCONFIG_DNSBL_FALSE='#' +else + GCONFIG_DNSBL_TRUE='#' + GCONFIG_DNSBL_FALSE= +fi + + else + if true; then + GCONFIG_DNSBL_TRUE= + GCONFIG_DNSBL_FALSE='#' +else + GCONFIG_DNSBL_TRUE='#' + GCONFIG_DNSBL_FALSE= +fi + + fi + # Check whether --with-doxygen was given. @@ -9505,11 +9673,7 @@ if test "${with_gettext+set}" = set; then : fi - if test "$with_gettext" = "no" - then - gconfig_cv_gettext="no" - : - elif test "$with_gettext" = "yes" + if test "$with_gettext" = "yes" then if test "$gconfig_cv_gettext" = "no" then @@ -9517,6 +9681,8 @@ fi $as_echo "$as_me: WARNING: forcing use of gettext even though not detected" >&2;} gconfig_cv_gettext="yes" fi + else + gconfig_cv_gettext="no" fi if test "$gconfig_cv_gettext" = "yes" ; then @@ -9627,7 +9793,7 @@ fi GCONFIG_TLS_LIBS="" fi - if test "$gconfig_ssl_use_none" = "yes" -a "$with_openssl" != "no" + if test "$gconfig_ssl_use_none" = "yes" then gconfig_warnings="$gconfig_warnings openssl/mbedtls_transport_layer_security" fi @@ -10014,40 +10180,6 @@ fi -# Check whether --with-uds was given. -if test "${with_uds+set}" = set; then : - withval=$with_uds; -fi - - - - if test "$with_uds" = "no" - then - if false; then - GCONFIG_UDS_TRUE= - GCONFIG_UDS_FALSE='#' -else - GCONFIG_UDS_TRUE='#' - GCONFIG_UDS_FALSE= -fi - - else - if test "$with_uds" = "yes" -a "$gconfig_cv_uds" = "no" - then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: forcing use of unix domain sockets even though not detected" >&5 -$as_echo "$as_me: WARNING: forcing use of unix domain sockets even though not detected" >&2;} - fi - if true; then - GCONFIG_UDS_TRUE= - GCONFIG_UDS_FALSE='#' -else - GCONFIG_UDS_TRUE='#' - GCONFIG_UDS_FALSE= -fi - - fi - - if test "$e_libexecdir" = "" then @@ -10124,7 +10256,7 @@ fi -ac_config_files="$ac_config_files Makefile src/Makefile src/glib/Makefile src/gssl/Makefile src/gnet/Makefile src/gauth/Makefile src/gsmtp/Makefile src/gpop/Makefile src/main/Makefile src/main/icon/Makefile src/win32/Makefile src/gui/Makefile bin/Makefile doc/Makefile etc/Makefile test/Makefile test/certificates/Makefile m4/Makefile bsd/Makefile debian/Makefile po/Makefile" +ac_config_files="$ac_config_files Makefile src/Makefile src/glib/Makefile src/gssl/Makefile src/gnet/Makefile src/gauth/Makefile src/gsmtp/Makefile src/gpop/Makefile src/main/Makefile src/main/icon/Makefile src/win32/Makefile src/gui/Makefile bin/Makefile doc/Makefile etc/Makefile test/Makefile test/certificates/Makefile m4/Makefile bsd/Makefile debian/Makefile po/Makefile unity/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -10299,6 +10431,22 @@ if test -z "${GCONFIG_WINDOWS_TRUE}" && test -z "${GCONFIG_WINDOWS_FALSE}"; then as_fn_error $? "conditional \"GCONFIG_WINDOWS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${GCONFIG_UDS_TRUE}" && test -z "${GCONFIG_UDS_FALSE}"; then + as_fn_error $? "conditional \"GCONFIG_UDS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GCONFIG_UDS_TRUE}" && test -z "${GCONFIG_UDS_FALSE}"; then + as_fn_error $? "conditional \"GCONFIG_UDS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GCONFIG_DNSBL_TRUE}" && test -z "${GCONFIG_DNSBL_FALSE}"; then + as_fn_error $? "conditional \"GCONFIG_DNSBL\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GCONFIG_DNSBL_TRUE}" && test -z "${GCONFIG_DNSBL_FALSE}"; then + as_fn_error $? "conditional \"GCONFIG_DNSBL\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${GCONFIG_GETTEXT_TRUE}" && test -z "${GCONFIG_GETTEXT_FALSE}"; then as_fn_error $? "conditional \"GCONFIG_GETTEXT\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -10323,14 +10471,6 @@ if test -z "${GCONFIG_PAM_TRUE}" && test -z "${GCONFIG_PAM_FALSE}"; then as_fn_error $? "conditional \"GCONFIG_PAM\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${GCONFIG_UDS_TRUE}" && test -z "${GCONFIG_UDS_FALSE}"; then - as_fn_error $? "conditional \"GCONFIG_UDS\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${GCONFIG_UDS_TRUE}" && test -z "${GCONFIG_UDS_FALSE}"; then - as_fn_error $? "conditional \"GCONFIG_UDS\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 @@ -10728,7 +10868,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by E-MailRelay $as_me 2.3.1, which was +This file was extended by E-MailRelay $as_me 2.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -10794,7 +10934,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -E-MailRelay config.status 2.3.1 +E-MailRelay config.status 2.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -10946,6 +11086,7 @@ do "bsd/Makefile") CONFIG_FILES="$CONFIG_FILES bsd/Makefile" ;; "debian/Makefile") CONFIG_FILES="$CONFIG_FILES debian/Makefile" ;; "po/Makefile") CONFIG_FILES="$CONFIG_FILES po/Makefile" ;; + "unity/Makefile") CONFIG_FILES="$CONFIG_FILES unity/Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac diff --git a/configure.ac b/configure.ac index ce310ba..0cf337a 100755 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -dnl Copyright (C) 2001-2021 Graeme Walker +dnl Copyright (C) 2001-2022 Graeme Walker dnl dnl This program is free software: you can redistribute it and/or modify dnl it under the terms of the GNU General Public License as published by @@ -19,7 +19,7 @@ dnl dnl Process this file with autoconf to produce a configure script. dnl -AC_INIT([E-MailRelay],[2.3.1],[],[emailrelay]) +AC_INIT([E-MailRelay],[2.4],[],[emailrelay]) AC_CONFIG_SRCDIR([src/glib/gdef.h]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE([no-define]) @@ -71,18 +71,13 @@ GCONFIG_FN_QT_BUILD GCONFIG_FN_TLS_OPENSSL GCONFIG_FN_TLS_MBEDTLS -dnl possibly enable full gettext support -- uncomment this after running -dnl 'gettextize' and remove the other gettext lines below -dnl -dnl AM_GNU_GETTEXT([external]) - dnl "--enable-whatever" dnl AC_ARG_ENABLE([bsd],AS_HELP_STRING([--enable-bsd],[enable building for bsd (default auto)])) GCONFIG_FN_ENABLE_BSD AC_ARG_ENABLE([debug],AS_HELP_STRING([--enable-debug],[enable extra debug messages at compile-time (default no)])) GCONFIG_FN_ENABLE_DEBUG -AC_ARG_ENABLE([epoll],AS_HELP_STRING([--enable-epoll],[enable epoll (default no)])) +AC_ARG_ENABLE([epoll],AS_HELP_STRING([--enable-epoll],[enable epoll (default auto)])) GCONFIG_FN_ENABLE_EPOLL AC_ARG_ENABLE([gui],AS_HELP_STRING([--enable-gui],[enable configuration gui (requires Qt) (default auto)])) GCONFIG_FN_ENABLE_GUI @@ -100,6 +95,10 @@ AC_ARG_ENABLE([verbose],AS_HELP_STRING([--enable-verbose],[enable verbose loggin GCONFIG_FN_ENABLE_VERBOSE AC_ARG_ENABLE([windows],AS_HELP_STRING([--enable-windows],[enable building for windows (default auto)])) GCONFIG_FN_ENABLE_WINDOWS +AC_ARG_ENABLE([uds],AS_HELP_STRING([--enable-uds],[enable unix domain sockets (default auto)])) +GCONFIG_FN_ENABLE_UDS +AC_ARG_ENABLE([dnsbl],AS_HELP_STRING([--enable-dnsbl],[enable DNSBL (default yes)])) +GCONFIG_FN_ENABLE_DNSBL dnl "--with-whatever" dnl @@ -114,8 +113,6 @@ AC_ARG_WITH([mbedtls],AS_HELP_STRING([--with-mbedtls],[use mbedtls for tls layer GCONFIG_FN_TLS AC_ARG_WITH([pam],AS_HELP_STRING([--with-pam],[use linux pam for authentication (default auto)])) GCONFIG_FN_WITH_PAM -AC_ARG_WITH([uds],AS_HELP_STRING([--with-uds],[enable unix domain sockets (default auto)])) -GCONFIG_FN_WITH_UDS dnl directory tweaking -- define e_ prefixed directory variables dnl @@ -124,7 +121,7 @@ GCONFIG_FN_SET_DIRECTORIES_E dnl generate files dnl -AC_CONFIG_FILES([Makefile src/Makefile src/glib/Makefile src/gssl/Makefile src/gnet/Makefile src/gauth/Makefile src/gsmtp/Makefile src/gpop/Makefile src/main/Makefile src/main/icon/Makefile src/win32/Makefile src/gui/Makefile bin/Makefile doc/Makefile etc/Makefile test/Makefile test/certificates/Makefile m4/Makefile bsd/Makefile debian/Makefile po/Makefile]) +AC_CONFIG_FILES([Makefile src/Makefile src/glib/Makefile src/gssl/Makefile src/gnet/Makefile src/gauth/Makefile src/gsmtp/Makefile src/gpop/Makefile src/main/Makefile src/main/icon/Makefile src/win32/Makefile src/gui/Makefile bin/Makefile doc/Makefile etc/Makefile test/Makefile test/certificates/Makefile m4/Makefile bsd/Makefile debian/Makefile po/Makefile unity/Makefile]) AC_OUTPUT dnl final warnings diff --git a/configure.sh b/configure.sh index 663ff2b..06b1932 100755 --- a/configure.sh +++ b/configure.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -31,8 +31,8 @@ # -w64 cross-compile for windows 64-bit with mingw-w64 # -p cross-compile for rpi # -g git-clone mbedtls and exit -# -# For systemd add "e_systemddir=/usr/lib/systemd/system". +# -S force e_systemddir for systemd +# -X suppress e_systemddir for systemd # # When cross-compiling with mbedtls the mbedtls source should be unpacked # into this base directory (see MBEDTLS_DIR below), or use '-g' to @@ -42,6 +42,7 @@ thisdir="`cd \`dirname $0\` && pwd`" usage="[-g] [{-d|-s <>}] [{-o|-w|-p}] -- " +opt_systemd=0 ; if test "`systemctl is-system-running 2>/dev/null | sed 's/offline//'`" != "" ; then opt_systemd=1 ; fi while expr "x$1" : "x-" >/dev/null do valued=0 @@ -54,6 +55,8 @@ do w32) opt_mingw=1 ; opt_win=32 ;; w64) opt_mingw=1 ; opt_win=64 ;; p) opt_rpi=1 ;; + S) opt_systemd=1 ;; + X) opt_systemd=0 ;; h) echo usage: `basename $0` $usage "..." ; $thisdir/configure --help=short ; exit 0 ;; #\?) echo usage: `basename $0` $usage >&2 ; exit 2 ;; *) opt_passthrough="$opt_passthrough $1" ;; @@ -90,7 +93,7 @@ if test "0$opt_debug" -eq 1 then export CFLAGS="-O0 -g" export CXXFLAGS="-O0 -g" - if expr "x$*" : '.*enable.debug' ; then : ; else enable_debug="--enable-debug" ; fi + if expr "x$*" : '.*enable.debug' >/dev/null ; then : ; else enable_debug="--enable-debug" ; fi : elif expr "x$*" : '.*enable.debug' >/dev/null then @@ -241,6 +244,15 @@ then $thisdir/configure $enable_debug $with_mbedtls \ --prefix=/opt/local --mandir=/opt/local/man $opt_passthrough "$@" : +elif test "`uname`" = "Linux" -a "$opt_systemd" -eq 1 +then + export CXXFLAGS + export LDFLAGS + $thisdir/configure $enable_debug $with_mbedtls \ + --prefix=/usr --libexecdir=/usr/lib --sysconfdir=/etc \ + --localstatedir=/var e_systemddir=/usr/lib/systemd/system \ + $opt_passthrough e_rundir=/run/emailrelay "$@" +: elif test "`uname`" = "Linux" then export CXXFLAGS diff --git a/debian/Makefile.am b/debian/Makefile.am index d030078..6f82903 100644 --- a/debian/Makefile.am +++ b/debian/Makefile.am @@ -1,5 +1,5 @@ # -## Copyright (C) 2001-2021 Graeme Walker +## Copyright (C) 2001-2022 Graeme Walker ## ## This program is free software: you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by diff --git a/debian/changelog b/debian/changelog index 95ebbd7..1369d70 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,16 +1,23 @@ -emailrelay (2.3.1) unstable; urgency=low - * Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). +emailrelay (2.4) unstable; urgency=low + * Multiple "--filter" and "--client-filter" options allowed. * TLS key and certificate files can be specified separately. - * Fixed error handling for network client filters ("--client-filter=net:...") [bug-id 50]. - -- maintainer graeme_walker Thu, 30 Jun 2022 00:00:00 +0000 + * Finer control when using "--anonymous" (eg. "--anonymous=server"). + * The "auth-config" options can distinguish between TLS and non-TLS authentication. + * Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). + * Listening file descriptors can be inherited from the parent process (see "--interface"). + * Listening ports on Windows use exclusive binding. + * The Linux event loop uses "epoll" by default rather than "select". + * Some support for message routing (see NEWS). + * Fix of error handling in network client filters ("--client-filter=net:...") [bug-id #50]. + -- maintainer graeme_walker Fri, 28 Oct 2022 00:00:00 +0000 emailrelay (2.3) unstable; urgency=low * Unix domain sockets supported (eg. "--interface=/tmp/smtp.s"). * Windows event log not used for verbose logging (prefer "--log-file"). - * New admin 'forward' command to trigger forwarding without waiting. + * New admin "forward" command to trigger forwarding without waiting. * Optional base64 encoding of passwords in secrets files ("plain:b"). * Support for MbedTLS version 3. - -- maintainer graeme_walker Tue, 14 Feb 2022 00:00:00 +0000 + -- maintainer graeme_walker Sun, 10 Apr 2022 00:00:00 +0000 emailrelay (2.2) unstable; urgency=low * Connections from IPv4 'private use' addresses are allowed by default (see "--remote-clients"). diff --git a/debian/control b/debian/control index e91122b..3afe463 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: emailrelay Section: mail Priority: optional Maintainer: Graeme Walker -Build-Depends: debhelper (>= 9), autotools-dev +Build-Depends: debhelper (>= 9), autotools-dev, libssl-dev, libpam0g-dev Standards-Version: 3.9.8 Homepage: http://emailrelay.sourceforge.net diff --git a/debian/copyright b/debian/copyright index 3df7dc3..8096da7 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,6 +1,6 @@ Copyright ========= -Copyright (C) 2001-2021 Graeme Walker +Copyright (C) 2001-2022 Graeme Walker Refer to the file COPYING (included), /usr/share/common-licenses/GPL-3, or for the terms of the GNU General Public License. diff --git a/debian/emailrelay.init b/debian/emailrelay.init index 1214ba3..a91f33d 100755 --- a/debian/emailrelay.init +++ b/debian/emailrelay.init @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2001-2021 Graeme Walker +# Copyright (C) 2001-2022 Graeme Walker # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/debian/emailrelay.service b/debian/emailrelay.service index 52a519e..a856af9 100644 --- a/debian/emailrelay.service +++ b/debian/emailrelay.service @@ -8,10 +8,9 @@ Wants=network-online.target Type=forking Restart=on-success KillMode=control-group -ExecStart=/etc/init.d/emailrelay start -ExecStop=/etc/init.d/emailrelay stop +ExecStart=/usr/sbin/emailrelay --as-server --syslog --pid-file /run/emailrelay/emailrelay.pid /etc/emailrelay.conf +ExecStop=/bin/kill -15 $MAINPID PIDFile=/run/emailrelay/emailrelay.pid -SuccessExitStatus=0 143 [Install] WantedBy=multi-user.target diff --git a/debian/postinst b/debian/postinst old mode 100644 new mode 100755 diff --git a/debian/postrm b/debian/postrm old mode 100644 new mode 100755 diff --git a/debian/preinst b/debian/preinst old mode 100644 new mode 100755 diff --git a/debian/prerm b/debian/prerm old mode 100644 new mode 100755 diff --git a/doc/Makefile.am b/doc/Makefile.am index e0b3fa5..c7d7217 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,5 +1,5 @@ # -## Copyright (C) 2001-2021 Graeme Walker +## Copyright (C) 2001-2022 Graeme Walker ## ## This program is free software: you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by diff --git a/doc/authentication.png b/doc/authentication.png index 5ccc167..481b623 100644 Binary files a/doc/authentication.png and b/doc/authentication.png differ diff --git a/doc/authentication.svg b/doc/authentication.svg index fa89ddd..20917e8 100644 --- a/doc/authentication.svg +++ b/doc/authentication.svg @@ -1,6 +1,6 @@ - + + E-MailRelay Change Log @@ -9,21 +9,28 @@

E-MailRelay Change Log

-

2.3 -> 2.3.1

+

2.3 -> 2.4

    -
  • Hourly log file rotation using %h (eg. --log-file=log.%d.%h).
    • +
  • Multiple --filter and --client-filter options allowed.
  • TLS key and certificate files can be specified separately.
    • -
  • Fixed error handling for network client filters (--client-filter=net:...) [bug-id #50].
    • +
  • Finer control when using --anonymous (eg. --anonymous=server).
    • +
  • The auth-config options can distinguish between TLS and non-TLS authentication.
    • +
  • Hourly log file rotation using %h (eg. --log-file=log.%d.%h).
    • +
  • Listening file descriptors can be inherited from the parent process (see --interface).
    • +
  • Listening ports on Windows use exclusive binding.
    • +
  • The Linux event loop uses epoll by default rather than select.
    • +
  • Some support for message routing (see NEWS).
    • +
  • Fix of error handling in network client filters (--client-filter=net:...) [bug-id #50].
-

2.2 -> 2.3

+

2.2 -> 2.3

    -
  • Unix domain sockets supported (eg. --interface=/tmp/smtp.s.
    • +
  • Unix domain sockets supported (eg. --interface=/tmp/smtp.s).
  • Windows event log not used for verbose logging (prefer --log-file).
  • New admin forward command to trigger forwarding without waiting.
  • Optional base64 encoding of passwords in secrets files (plain:b).
  • Support for MbedTLS version 3.
-

2.1 -> 2.2

+

2.1 -> 2.2

  • Connections from IPv4 'private use' addresses are allowed by default (see --remote-clients).
  • Interface names can be used with --interface (eg. --interface=eth0).
    • @@ -39,7 +46,7 @@
  • Support for Windows XP restored when built with mingw-w64.
  • C++ 2011 compiler is required.
-

2.0.1 -> 2.1

+

2.0.1 -> 2.1

  • Backwards compatibility features for 1.9-to-2.0 transition removed.
  • Better handling of too-many-connections on Windows.
    • @@ -56,11 +63,11 @@
  • Certificate contents are not logged.
  • Timestamp parts of spool filenames no longer limited to six digits.
-

2.0 -> 2.0.1

+

2.0 -> 2.0.1

  • Make PLAIN client authentication work against servers with broken 334 responses.
-

1.9.2 -> 2.0

+

1.9.2 -> 2.0

  • Improved IPv6 support, with IPv4 and IPv6 used independently at run-time (see --interface).
  • Server process is not blocked during --filter or --address-verifier execution, if multi-threaded.
    • @@ -91,7 +98,7 @@
  • C++ 2011 is preferred, and required for multi-threading.
  • Support for very old versions of Windows is dropped.
-

1.9.1 -> 1.9.2

+

1.9.1 -> 1.9.2

  • Fixed a leak in the event-loop garbage collection.
  • A local hostname that fails to resolve is not an error.
    • @@ -107,11 +114,11 @@
  • Qt4 or Qt5 selected by the configure script.
  • Improved the RPM spec file.
-

1.9 -> 1.9.1

+

1.9 -> 1.9.1

  • Updated OpenSSL from 1.0.1e to 1.0.1g in the Windows build.
-

1.8.2 -> 1.9

+

1.8.2 -> 1.9

  • Added negotiated TLS/SSL for POP (ie. STLS).
  • The first two fields in the secrets files are reordered (with backwards compatibility).
    • @@ -136,17 +143,17 @@
  • Added Windows --peer-lookup option.
  • Fix for MD5 code in 64-bit builds.
-

1.8.1 -> 1.8.2

+

1.8.1 -> 1.8.2

  • Fix namespaces for gcc 3.4.
-

1.8 -> 1.8.1

+

1.8 -> 1.8.1

  • Changed the definition of --as-proxy to use --poll 0 rather than --immediate [bug-id 1961652].
  • Fixed stalling bug when using server-side TLS/SSL (--server-tls) [bug-id 1961655].
  • Improved Debian packaging for Linux (make deb).
-

1.7 -> 1.8

+

1.7 -> 1.8

  • Speed optimisations (as identified by KCachegrind/valgrind in KDevelop).
  • Build-time size optimisations (eg. ./configure --disable-exec --enable-small-exceptions ...).
    • @@ -162,7 +169,7 @@
  • Improved native support for Mac OS X (10.5) with graphical installation from disk image.
  • Compatibility with gcc 2.95 restored.
-

1.6 -> 1.7

+

1.6 -> 1.7

  • TLS/SSL support for SMTP using OpenSSL (./configure --with-openssl with --client-tls and --server-tls).
  • Authentication mechanism PLAIN added.
    • @@ -170,7 +177,7 @@
  • Windows service wrapper has an --uninstall option.
  • Windows installation GUI uninstalls the service before reinstalling it.
-

1.5 -> 1.6

+

1.5 -> 1.6

  • GPLv3 licence (see http://gplv3.fsf.org).
  • New --prompt-timeout switch for the timeout when waiting for the initial 220 prompt from the SMTP server.
    • @@ -190,7 +197,7 @@
  • Experimental SpamAssassin spamc/spamd protocol support.
  • Acceptance tests added to the distribution.
-

1.4 -> 1.5

+

1.4 -> 1.5

  • New installation and configuration GUI using TrollTech Qt 4.x (./configure --enable-gui)
  • Default address verifier accepts all addresses as valid and never treats them as local mailboxes.
    • @@ -205,7 +212,7 @@
  • Documentation also created in docbook format (requires xmlto).
  • Windows installation document revised.
-

1.3.3 -> 1.4

+

1.3.3 -> 1.4

  • POP3 server (enable with --pop, disable at build-time with ./configure --disable-pop).
  • Fix for logging reentrancy bug (affects ./configure --enable-debug with --debug).
    • @@ -219,7 +226,7 @@
  • The --dont-listen switch is now --no-smtp.
  • Better IPv6 support (Linux only).
-

1.3.2 -> 1.3.3

+

1.3.2 -> 1.3.3

  • No bind() for outgoing connections [bug-id 1051689].
  • Updated rpm spec file [bug-id 1224850].
    • @@ -228,21 +235,21 @@
  • Documentation of auth switches corrected.
  • State-machine template type declaration modernised, possibly breaking older compilers.
-

1.3.1 -> 1.3.2

+

1.3.1 -> 1.3.2

  • Fix for core dump when --client-filter pre-processing fails.
  • Revised code structure to prepare for asynchronous pre-processing.
  • Better diagnostics when pre-processor exec() fails.
  • Better cleanup of empty and orphaned files.
-

1.3 -> 1.3.1

+

1.3 -> 1.3.1

  • Windows resource leak from CreateProcess() fixed.
  • Windows dialog box double-close fix.
  • Some documentation for the --scanner switch.
  • New usage patterns section in the user guide.
-

1.2 -> 1.3

+

1.2 -> 1.3

  • Client protocol waits for a greeting from the server on startup [bug-id 842156].
  • Fix for incorrect backslash normalisation on --verifier command-lines containing spaces [bug-id 890646].
    • @@ -255,7 +262,7 @@
  • New switches for the configure script.
  • More JavaScript example scripts.
-

1.1.2 -> 1.2

+

1.1.2 -> 1.2

  • The --filter and --verifier arguments interpreted as command-lines; spaces in executable paths now need escaping.
  • The --interface switch applies to outgoing connections too.
    • @@ -264,7 +271,7 @@
  • Fix for dangling reference bug, seen after quit command on Windows.
  • JavaScript examples in the documentation.
-

1.1.1 -> 1.1.2

+

1.1.1 -> 1.1.2

  • Earlier check for un-bindable ports on startup, and later fork()ing [bug-id 776972].
  • Resolved the file-descriptor kludge for --verifier on Windows.
    • @@ -273,7 +280,7 @@
  • Pre-processor (--filter) program's standard output searched for a failure reason string.
  • Undocumented --scanner switch added for asynchronous processing by a separate network server.
-

1.1.0 -> 1.1.1

+

1.1.0 -> 1.1.1

  • Restored the fix for building with gcc2.96.
  • Support for MinGW builds on Windows.
    • @@ -283,7 +290,7 @@
  • Fix for make install when man2html is not available.
  • Updated init script.
-

1.0.2 -> 1.1.0

+

1.0.2 -> 1.1.0

  • In proxy mode unexpected client-side disconnects and timeouts do not leave .bad files [see also bug-id 659039].
  • By default proxy mode does not interpret addresses for local delivery (--postmaster).
    • @@ -298,14 +305,14 @@
  • Support for Sun WorkShop 5.0 added.
  • Documentation overhaul.
-

1.0.0 -> 1.0.2

+

1.0.0 -> 1.0.2

  • Support for trusted IP addresses, allowing certain clients to avoid authentication.
  • Address verifier interface extended to include authentication information.
  • New public mail relay section added to the user guide.
  • Example verifier scripts etc. added to the reference guide.
-

1.0.0 -> 1.0.1

+

1.0.0 -> 1.0.1

  • In proxy mode unexpected client-side disconnects and timeouts result in .bad files [bug-id 659039].
  • Require successful AUTH before MAIL FROM when using --server-auth.
    • @@ -318,7 +325,7 @@
  • Fix build when using gcc2.96 rather than gcc2.95 (1.0.0-pl1).
  • Fix default spool directory in example scripts (1.0.0-pl1).
-

0.9.9 -> 1.0.0

+

0.9.9 -> 1.0.0

  • Briefer --help output; works with --verbose.
  • Option to listen on a specific network interface (--interface).
    • @@ -331,7 +338,7 @@
  • EHLO response parsing is now case-insensitive [bug-id 561522].
  • Fewer missing-secrets warnings [bug-id 564987].
-

0.9.8 -> 0.9.9

+

0.9.8 -> 0.9.9

  • More flexible logging options (--verbose and --debug work better).
  • File Hierarchy Standard (FHS) option for configure (--enable-fhs).
    • @@ -347,14 +354,14 @@
  • Submit utility works under Windows. [rc2]
  • Improved Windows project files. [rc2]
-

0.9.7 -> 0.9.8

+

0.9.7 -> 0.9.8

  • Fix for running pre-processor (--filter) as root.
  • Ignore bogus AUTH=LOGIN lines in EHLO response.
  • Submit utility improved to work with mutt.
  • Installation of submit man page.
-

0.9.6 -> 0.9.7

+

0.9.6 -> 0.9.7

  • CRAM-MD5 authentication mechanism added.
  • Revoke root permissions at start up, and reclaim them when needed.
    • @@ -370,7 +377,7 @@
  • Submission utility emailrelay-submit added.
  • HTML4.0 compliant HTML documentation, using CSS.
-

0.9.5 -> 0.9.6

+

0.9.5 -> 0.9.6

  • SMTP AUTHentication extension -- LOGIN mechanism only.
  • Client-side protocol timeout.
    • @@ -380,7 +387,7 @@
  • Multiple hard-coded listening addresses supported at compile-time.
  • Fix for automatic reopening of stderr stream.
-

0.9.4 -> 0.9.5

+

0.9.4 -> 0.9.5

Windows fixes and improvements...

@@ -390,14 +397,14 @@
  • fix for content file deletion
  • fix for directory iterator
    • -

    0.9.3 -> 0.9.4

    +

    0.9.3 -> 0.9.4

    • Fixed memory leak when no --log switch.
    • Windows build is more gui and less command-line.
    • Info command added to the administration interface.
    • Doxygen files removed from binary RPM.
    -

    0.9.2 -> 0.9.3

    +

    0.9.2 -> 0.9.3

    • Proxy mode (--immediate and --as-proxy).
    • Message pre-processing (--filter).
      • @@ -405,7 +412,7 @@
    • Improved notification script, with MIME encoding.
    • Builds with old 2.91 version of gcc.
    -

    0.9.1 -> 0.9.2

    +

    0.9.1 -> 0.9.2

    • Better autoconf detection.
    • Workround for FreeBSD uname() feature.
      • @@ -413,7 +420,7 @@
    • Fixed a benign directory iterator bug.
    • Use of gcc's exception header.
    -

    0.9 -> 0.9.1

    +

    0.9 -> 0.9.1

    • Improved documentation from doxygen.
    • More complete use of namespaces.
      • @@ -423,4 +430,4 @@
    - + diff --git a/doc/changelog.md b/doc/changelog.md index d8aed12..e0d6533 100644 --- a/doc/changelog.md +++ b/doc/changelog.md @@ -1,12 +1,19 @@ E-MailRelay Change Log ====================== -2.3 -> 2.3.1 ------------- +2.3 -> 2.4 +---------- +* Multiple `--filter` and `--client-filter` options allowed. +* [TLS][] key and certificate files can be specified separately. +* Finer control when using `--anonymous` (eg. `--anonymous=server`). +* The `auth-config` options can distinguish between TLS and non-TLS authentication. * Hourly log file rotation using `%h` (eg. `--log-file=log.%d.%h`). -* TLS key and certificate files can be specified separately. -* Fixed error handling for network client filters (`--client-filter=net:...`) [bug-id #50]. +* Listening file descriptors can be inherited from the parent process (see `--interface`). +* Listening ports on Windows use exclusive binding. +* The Linux event loop uses `epoll` by default rather than `select`. +* Some support for message routing (see NEWS). +* Fix of error handling in network client filters (`--client-filter=net:...`) [bug-id #50]. 2.2 -> 2.3 ---------- @@ -22,7 +29,7 @@ E-MailRelay Change Log * Connections from IPv4 'private use' addresses are allowed by default (see `--remote-clients`). * Interface names can be used with `--interface` (eg. `--interface=eth0`). -* New `--server-tls-connection` option for server-side implicit [TLS][]. +* New `--server-tls-connection` option for server-side implicit TLS. * New `--forward-to-some` option to permit some message recipients to be rejected. * New `--log-address` option to aid adaptive firewalling. * Dynamic log file rolling when using `--log-file=%d`. diff --git a/doc/changelog.rst b/doc/changelog.rst index b0ca93f..9ae4667 100644 --- a/doc/changelog.rst +++ b/doc/changelog.rst @@ -2,12 +2,19 @@ E-MailRelay Change Log ********************** -2.3 -> 2.3.1 -============ +2.3 -> 2.4 +========== +* Multiple *--filter* and *--client-filter* options allowed. +* TLS_ key and certificate files can be specified separately. +* Finer control when using *--anonymous* (eg. *--anonymous=server*). +* The *auth-config* options can distinguish between TLS and non-TLS authentication. * Hourly log file rotation using *%h* (eg. *--log-file=log.%d.%h*). -* TLS key and certificate files can be specified separately. -* Fixed error handling for network client filters (*--client-filter=net:...*) [bug-id #50]. +* Listening file descriptors can be inherited from the parent process (see *--interface*). +* Listening ports on Windows use exclusive binding. +* The Linux event loop uses *epoll* by default rather than *select*. +* Some support for message routing (see NEWS). +* Fix of error handling in network client filters (\ *--client-filter=net:...*\ ) [bug-id #50]. 2.2 -> 2.3 ========== @@ -15,7 +22,7 @@ E-MailRelay Change Log * Unix domain sockets supported (eg. *--interface=/tmp/smtp.s*). * Windows event log not used for verbose logging (prefer *--log-file*). * New admin *forward* command to trigger forwarding without waiting. -* Optional base64 encoding of passwords in secrets files (*plain:b*). +* Optional base64 encoding of passwords in secrets files (\ *plain:b*\ ). * Support for MbedTLS version 3. 2.1 -> 2.2 @@ -23,7 +30,7 @@ E-MailRelay Change Log * Connections from IPv4 'private use' addresses are allowed by default (see *--remote-clients*). * Interface names can be used with *--interface* (eg. *--interface=eth0*). -* New *--server-tls-connection* option for server-side implicit TLS_. +* New *--server-tls-connection* option for server-side implicit TLS. * New *--forward-to-some* option to permit some message recipients to be rejected. * New *--log-address* option to aid adaptive firewalling. * Dynamic log file rolling when using *--log-file=%d*. diff --git a/doc/changelog.txt b/doc/changelog.txt index c189116..ddbe2b0 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -1,11 +1,18 @@ E-MailRelay Change Log ====================== -2.3 -> 2.3.1 ------------- -* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). +2.3 -> 2.4 +---------- +* Multiple "--filter" and "--client-filter" options allowed. * TLS key and certificate files can be specified separately. -* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50]. +* Finer control when using "--anonymous" (eg. "--anonymous=server"). +* The "auth-config" options can distinguish between TLS and non-TLS authentication. +* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h"). +* Listening file descriptors can be inherited from the parent process (see "--interface"). +* Listening ports on Windows use exclusive binding. +* The Linux event loop uses "epoll" by default rather than "select". +* Some support for message routing (see NEWS). +* Fix of error handling in network client filters ("--client-filter=net:...") [bug-id #50]. 2.2 -> 2.3 ---------- diff --git a/doc/conf.py.sphinx b/doc/conf.py.sphinx index d02c370..c8c852c 100644 --- a/doc/conf.py.sphinx +++ b/doc/conf.py.sphinx @@ -9,8 +9,8 @@ master_doc = 'index' project = u'E-MailRelay' copyright = u'2022, Graeme Walker' author = u'Graeme Walker' -version = u'2.3' -release = u'2.3' +version = u'2.4' +release = u'2.4' language = None today_fmt = '%Y-%m-%d' exclude_patterns = [] diff --git a/doc/developer.html b/doc/developer.html index 38fdfa7..936d704 100644 --- a/doc/developer.html +++ b/doc/developer.html @@ -1,4 +1,4 @@ - + E-MailRelay Developer Guide @@ -8,7 +8,7 @@
    -

    E-MailRelay Developer Guide

    +

    E-MailRelay Developer Guide

    Principles

    The main principles in the design of E-MailRelay can be summarised as: @@ -102,34 +102,31 @@

    The main C++ libraries in the E-MailRelay code base are as follows:

    - -
    -
    glib
    +

    glib

    Low-level classes for file-system abstraction, date and time representation, string utility functions, logging, command line parsing etc.
    -
    gssl
    +

    gssl

    A thin layer over the third-party TLS libraries.
    -
    gnet
    +

    gnet

    Network and event-loop classes.
    -
    gauth
    +

    gauth

    Implements various authentication mechanisms.
    -
    gsmtp
    +

    gsmtp

    SMTP protocol and message-store classes.
    -
    gpop
    +

    gpop

    POP3 protocol classes.
    -

    All of these libraries are portable between Unix-like systems and Windows.

    @@ -353,10 +350,10 @@

    - Copyright (C) 2001-2021 Graeme Walker + Copyright (C) 2001-2022 Graeme Walker

    - + diff --git a/doc/developer.md b/doc/developer.md index cb71df7..ba8796c 100644 --- a/doc/developer.md +++ b/doc/developer.md @@ -77,28 +77,33 @@ Module structure ---------------- The main C++ libraries in the E-MailRelay code base are as follows: -* `glib` +### "glib" ### Low-level classes for file-system abstraction, date and time representation, string utility functions, logging, command line parsing etc. -* `gssl` + +### "gssl" ### A thin layer over the third-party TLS libraries. -* `gnet` + +### "gnet" ### Network and event-loop classes. -* `gauth` + +### "gauth" ### Implements various authentication mechanisms. -* `gsmtp` + +### "gsmtp" ### SMTP protocol and message-store classes. -* `gpop` + +### "gpop" ### POP3 protocol classes. @@ -287,4 +292,4 @@ Use `./configure --help` to see a complete list of options. [TLS]: https://en.wikipedia.org/wiki/Transport_Layer_Security _____________________________________ -Copyright (C) 2001-2021 Graeme Walker +Copyright (C) 2001-2022 Graeme Walker diff --git a/doc/developer.rst b/doc/developer.rst index 6ce8960..3476901 100644 --- a/doc/developer.rst +++ b/doc/developer.rst @@ -77,30 +77,17 @@ required. Module structure ================ The main C++ libraries in the E-MailRelay code base are as follows: - -* \ *glib*\ - Low-level classes for file-system abstraction, date and time representation, string utility functions, logging, command line parsing etc. -* \ *gssl*\ - A thin layer over the third-party TLS libraries. -* \ *gnet*\ - Network and event-loop classes. -* \ *gauth*\ - Implements various authentication mechanisms. -* \ *gsmtp*\ - SMTP protocol and message-store classes. -* \ *gpop*\ - POP3 protocol classes. All of these libraries are portable between Unix-like systems and Windows. @@ -290,4 +277,4 @@ Use *./configure --help* to see a complete list of options. .. _SMTP: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol .. _TLS: https://en.wikipedia.org/wiki/Transport_Layer_Security -.. footer:: Copyright (C) 2001-2021 Graeme Walker +.. footer:: Copyright (C) 2001-2022 Graeme Walker diff --git a/doc/developer.txt b/doc/developer.txt index 7300eee..d476384 100644 --- a/doc/developer.txt +++ b/doc/developer.txt @@ -275,4 +275,4 @@ Use "./configure --help" to see a complete list of options. _____________________________________ -Copyright (C) 2001-2021 Graeme Walker +Copyright (C) 2001-2022 Graeme Walker diff --git a/doc/doxygen-missing.html b/doc/doxygen-missing.html index 6083393..2d4a467 100644 --- a/doc/doxygen-missing.html +++ b/doc/doxygen-missing.html @@ -1,4 +1,4 @@ - + E-MailRelay source code documentation missing @@ -11,4 +11,4 @@ - + diff --git a/doc/doxygen.cfg.in b/doc/doxygen.cfg.in index 1660393..20ca8bb 100644 --- a/doc/doxygen.cfg.in +++ b/doc/doxygen.cfg.in @@ -838,51 +838,7 @@ INPUT_ENCODING = UTF-8 # *.m, *.markdown, *.md, *.mm, *.dox, *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, # *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf, *.qsf and *.ice. -FILE_PATTERNS = *.c \ - *.cc \ - *.cxx \ - *.cpp \ - *.c++ \ - *.java \ - *.ii \ - *.ixx \ - *.ipp \ - *.i++ \ - *.inl \ - *.idl \ - *.ddl \ - *.odl \ - *.h \ - *.hh \ - *.hxx \ - *.hpp \ - *.h++ \ - *.cs \ - *.d \ - *.php \ - *.php4 \ - *.php5 \ - *.phtml \ - *.inc \ - *.m \ - *.markdown \ - *.md \ - *.mm \ - *.dox \ - *.py \ - *.pyw \ - *.f90 \ - *.f95 \ - *.f03 \ - *.f08 \ - *.f \ - *.for \ - *.tcl \ - *.vhd \ - *.vhdl \ - *.ucf \ - *.qsf \ - *.ice +FILE_PATTERNS = *.h *.cpp # The RECURSIVE tag can be used to specify whether or not subdirectories should # be searched for input files as well. @@ -913,7 +869,7 @@ EXCLUDE_SYMLINKS = NO # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories for example use the pattern */test/* -EXCLUDE_PATTERNS = *_none* *_win32* *_basic* *_mac* *_mbedtls* *_ipv4* *_ip.cpp *_both* *_epoll* +EXCLUDE_PATTERNS = *handles.h *_*cpp # The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names # (namespaces, classes, functions, etc.) that should be excluded from the diff --git a/doc/emailrelay-doxygen.css b/doc/emailrelay-doxygen.css index c95eb12..73f47c1 100644 --- a/doc/emailrelay-doxygen.css +++ b/doc/emailrelay-doxygen.css @@ -1,5 +1,5 @@ /* - Copyright (C) 2001-2021 Graeme Walker + Copyright (C) 2001-2022 Graeme Walker */ /* diff --git a/doc/emailrelay-filter-copy.1 b/doc/emailrelay-filter-copy.1 index c5f7e29..40f87e6 100644 --- a/doc/emailrelay-filter-copy.1 +++ b/doc/emailrelay-filter-copy.1 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2001-2021 Graeme Walker +.\" Copyright (C) 2001-2022 Graeme Walker .\" .\" This program is free software: you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by @@ -47,7 +47,7 @@ forwarding. When using .I "-d" all envelope files in the spool directory are copied to all -sub-directories. This should be used after using +sub-directories. This can be used after .B emailrelay-submit has deposited an envelope file into the main spool directory, or perhaps periodically from cron. diff --git a/doc/emailrelay-man.html b/doc/emailrelay-man.html index d07cb10..a67f6a8 100644 --- a/doc/emailrelay-man.html +++ b/doc/emailrelay-man.html @@ -1,5 +1,4 @@ - - + Man page of EMAILRELAY

    EMAILRELAY

    @@ -67,23 +66,10 @@ disconnects.  

    OPTIONS

    +  +

    Basic options

    +
    -
    --address-verifier <program> - -
    -Runs the specified external program to verify a message recipent's e-mail address. A network verifier can be specified as net:<transport-address>. -
    -a, --admin <admin-port> - -
    -Enables an administration interface on the specified listening port number. Use telnet or something similar to connect. The administration interface can be used to trigger forwarding of spooled mail messages if the --forward-to option is used. -
    -Q, --admin-terminate - -
    -Enables the terminate command in the administration interface. -
    -A, --anonymous - -
    -Disables the server's SMTP VRFY command, sends less verbose SMTP responses and SMTP greeting, and stops Received lines being added to mail message content files.
    -q, --as-client <host:port>
    @@ -96,6 +82,155 @@ This is equivalent to --log, --close-stderr, --forward-on-disco
    This is equivalent to --log and --close-stderr. It is a convenient way of running a background storage daemon that accepts mail messages and spools them. Use --log instead of --as-server to keep standard error stream open. +
    -s, --spool-dir <dir> + +
    +Specifies the directory used for holding mail messages that have been received but not yet forwarded. +
    -h, --help + +
    +Displays help text and then exits. Use with --verbose for more complete output. +
    -V, --version + +
    +Displays version information and then exits. +
    +  +

    SMTP client options

    + +
    +
    -f, --forward + +
    +Causes spooled mail messages to be forwarded when the program first starts. +
    -1, --forward-on-disconnect + +
    +Causes spooled mail messages to be forwarded whenever a SMTP client connection disconnects. +
    -o, --forward-to <host:port> + +
    +Specifies the transport address of the remote SMTP server that spooled mail messages are forwarded to. +
    -O, --poll <period> + +
    +Causes forwarding of spooled mail messages to happen at regular intervals (with the time given in seconds). +
    -Y, --client-filter <program> + +
    +Runs the specified external filter program whenever a mail message is forwarded. The filter is passed the name of the message file in the spool directory so that it can edit it as required. A network filter can be specified as net:<tcp-address> and prefixes of spam:, spam-edit: and exit: are also allowed. The spam: and spam-edit: prefixes require a SpamAssassin daemon to be running. For store-and-forward applications the --filter option is normally more useful than --client-filter. +
    -6, --client-interface <ip-address> + +
    +Specifies the IP network address to be used to bind the local end of outgoing SMTP connections. By default the address will depend on the routing tables in the normal way. Use 0.0.0.0 to use only IPv4 addresses returned from DNS lookups of the --forward-to address, or :: for IPv6. +
    -U, --connection-timeout <time> + +
    +Specifies a timeout (in seconds) for establishing a TCP connection to remote SMTP servers. The default is 40 seconds. +
    --idle-timeout <time> + +
    +Specifies a timeout (in seconds) for receiving network traffic from remote SMTP and POP clients. The default is 60 seconds. +
    -T, --response-timeout <time> + +
    +Specifies a timeout (in seconds) for getting responses from remote SMTP servers. The default is 60 seconds. +
    --forward-to-some + +
    +Allow forwarding to continue even if some recipient addresses on an e-mail envelope are rejected by the remote server. +
    -m, --immediate + +
    +Causes mail messages to be forwarded as they are received, even before they have been accepted. This can be used to do proxying without store-and-forward, but in practice clients tend to to time out while waiting for their mail message to be accepted. +
    +  +

    SMTP server options

    + +
    +
    -p, --port <port> + +
    +Sets the port number used for listening for incoming SMTP connections. +
    -r, --remote-clients + +
    +Allows incoming connections from addresses that are not local. The default behaviour is to reject connections that are not local in order to prevent accidental exposure to the public internet, although a firewall should also be used. Local address ranges are defined in RFC-1918, RFC-6890 etc. +
    --address-verifier <program> + +
    +Runs the specified external program to verify a message recipent's e-mail address. A network verifier can be specified as net:<tcp-address>. +
    -A, --anonymous, --anonymous=<scope> + +
    +Disables the server's SMTP VRFY command, sends less verbose SMTP greeting and responses, stops Received lines being added to mail message content files, and stops the SMTP client protocol adding AUTH= to the MAIL command. For finer control use a comma-separated list of things to anonymise: vrfy, server, content and/or client, eg. --anonymous=server,content. +
    --dnsbl <config> + +
    +Specifies a list of DNSBL servers that are used to reject SMTP connections from blocked addresses. The configuration string is made up of comma-separated fields: the DNS server's transport address, a timeout in milliseconds, a rejection threshold, and then the list of DNSBL servers. +
    -D, --domain <fqdn> + +
    +Specifies the network name that is used in SMTP EHLO commands, Received lines, and for generating authentication challenges. The default is derived from a DNS lookup of the local hostname. +
    -z, --filter <program> + +
    +Runs the specified external filter program whenever a mail message is stored. The filter is passed the name of the message file in the spool directory so that it can edit it as required. The mail message is rejected if the filter program terminates with an exit code between 1 and 99. Use net:<tcp-address> to communicate with a filter daemon over the network, or spam:<tcp-address> for a spamassassin spamd daemon to accept or reject mail messages, or spam-edit:<tcp-address> to have spamassassin edit the message content without rejecting it, or exit:<number> to emulate a filter program that just exits. +
    -W, --filter-timeout <time> + +
    +Specifies a timeout (in seconds) for running a --filter program. The default is 60 seconds. +
    -I, --interface <ip-address-list> + +
    +Specifies the IP network addresses or interface names used to bind listening ports. By default listening ports for incoming SMTP, POP and administration connections will bind the 'any' address for IPv4 and for IPv6, ie. 0.0.0.0 and ::. Multiple addresses can be specified by using the option more than once or by using a comma-separated list. Use a prefix of smtp=, pop= or admin= on addresses that should apply only to those types of listening port. Any link-local IPv6 addresses must include a zone name or scope id. Interface names can be used instead of addresses, in which case all the addresses associated with that interface at startup will used for listening. When an interface name is decorated with a -ipv4 or -ipv6 suffix only their IPv4 or IPv6 addresses will be used (eg. ppp0-ipv4). To inherit listening file descriptors from the parent process on unix use a syntax like this: --interface=smtp=fd#3,smtp=fd#4,pop=fd#5. +
    -w, --prompt-timeout <time> + +
    +Specifies a timeout (in seconds) for getting the initial prompt from a remote SMTP server. If no prompt is received after this time then the SMTP dialog goes ahead without it. +
    -M, --size <bytes> + +
    +Limits the size of mail messages that can be submitted over SMTP. +
    +  +

    POP server options

    + +
    +
    -B, --pop + +
    +Enables the POP server, listening by default on port 110, providing access to spooled mail messages. Negotiated TLS using the POP STLS command will be enabled if the --server-tls option is also given. +
    -J, --pop-by-name + +
    +Modifies the spool directory used by the POP server to be a sub-directory with the same name as the POP authentication user-id. This allows multiple POP clients to read the spooled mail messages without interfering with each other, particularly when also using --pop-no-delete. Content files can stay in the main spool directory with only the envelope files copied into user-specific sub-directories. The emailrelay-filter-copy program is a convenient way of doing this when run via --filter. +
    -G, --pop-no-delete + +
    +Disables the POP DELE command so that the command appears to succeed but mail messages are not deleted from the spool directory. +
    -E, --pop-port <port> + +
    +Sets the POP server's listening port number. +
    +  +

    Admin server options

    + +
    +
    -a, --admin <port> + +
    +Enables an administration interface on the specified listening port number. Use telnet or something similar to connect. The administration interface can be used to trigger forwarding of spooled mail messages if the --forward-to option is used. +
    -Q, --admin-terminate + +
    +Enables the terminate command in the administration interface. +
    +  +

    Authentication options

    + +
    -C, --client-auth <file>
    @@ -103,15 +238,24 @@ Enables SMTP client authentication with the remote server, using the client acco
    --client-auth-config <config>
    -Configures the SMTP client authentication module using a semicolon-separated list of configuration items. Each item is a single-character key, followed by a colon and then a comma-separated list. A 'm' character introduces an ordered list of authentication mechanisms, and an 'x' is used for blocklisted mechanisms. -
    -Y, --client-filter <program> +Configures the SMTP client authentication module using a semicolon-separated list of configuration items. Each item is a single-character key, followed by a colon and then a comma-separated list. A 'm' character introduces an ordered list of preferred authentication mechanisms and an 'x' introduces a list of mechanisms to avoid. An 'a' list and a 'd' list can be used similarly to prefer and avoid certain mechanisms once the session is encrypted with TLS. +
    -S, --server-auth <file>
    -Runs the specified external filter program whenever a mail message is forwarded. The filter is passed the name of the message file in the spool directory so that it can edit it as required. A network filter can be specified as net:<transport-address> and prefixes of spam:, spam-edit: and exit: are also allowed. The spam: and spam-edit: prefixes require a SpamAssassin daemon to be running. For store-and-forward applications the --filter option is normally more useful than --client-filter. -
    -6, --client-interface <ip-address> +Enables SMTP server authentication of remote SMTP clients. Account names and passwords are taken from the specified secrets file. The secrets file should contain lines that have four space-separated fields, starting with server in the first field; the second field is the password encoding (plain or md5), the third is the client user-id and the fourth is the password. The user-id is RFC-1891 xtext encoded, and the password is either xtext encoded or generated by emailrelay-passwd. A special value of /pam can be used for authentication using linux PAM. +
    --server-auth-config <config>
    -Specifies the IP network address to be used to bind the local end of outgoing SMTP connections. By default the address will depend on the routing tables in the normal way. Use 0.0.0.0 to use only IPv4 addresses returned from DNS lookups of the --forward-to address, or :: for IPv6. +Configures the SMTP server authentication module using a semicolon-separated list of configuration items. Each item is a single-character key, followed by a colon and then a comma-separated list. A 'm' character introduces an ordered list of allowed authentication mechanisms and an 'x' introduces a list of mechanisms to deny. An 'a' list and a 'd' list can be used similarly to allow and deny mechanisms once the session is encrypted with TLS. In typical usage you might have an empty allow list for an unencrypted session and a single preferred mechanism once encrypted, m:;a:plain. +
    -F, --pop-auth <file> + +
    +Specifies a file containing valid POP account details. The file format is the same as for the SMTP server secrets file, ie. lines starting with server, with user-id and password in the third and fourth fields. A special value of /pam can be used for authentication using linux PAM. +
    +  +

    TLS options

    + +
    -j, --client-tls
    @@ -140,158 +284,6 @@ Enables verification of the remote SMTP server's certificate against any of the
    Enables verification of the CNAME within the remote SMTP server's certificate. -
    -e, --close-stderr - -
    -Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by --as-server and --as-proxy. -
    -U, --connection-timeout <time> - -
    -Specifies a timeout (in seconds) for establishing a TCP connection to remote SMTP servers. The default is 40 seconds. -
    -g, --debug - -
    -Enables debug level logging, if built in. Debug messages are usually only useful when cross-referenced with the source code and they may expose plaintext passwords and mail message content. -
    --dnsbl <config> - -
    -Specifies a list of DNSBL servers that are used to reject SMTP connections from blocked addresses. The configuration string is made up of comma-separated fields: the DNS server's transport address, a timeout in milliseconds, a rejection threshold, and then the list of DNSBL servers. -
    -D, --domain <fqdn> - -
    -Specifies the network name that is used in SMTP EHLO commands, Received lines, and for generating authentication challenges. The default is derived from a DNS lookup of the local hostname. -
    -x, --dont-serve - -
    -Disables all network serving, including SMTP, POP and administration interfaces. The program will terminate as soon as any initial forwarding is complete. -
    -z, --filter <program> - -
    -Runs the specified external filter program whenever a mail message is stored. The filter is passed the name of the message file in the spool directory so that it can edit it as required. The mail message is rejected if the filter program terminates with an exit code between 1 and 99. Use net:<transport-address> to communicate with a filter daemon over the network, or spam:<transport-address> for a spamassassin spamd daemon to accept or reject mail messages, or spam-edit:<transport-address> to have spamassassin edit the message content without rejecting it, or exit:<number> to emulate a filter program that just exits. -
    -W, --filter-timeout <time> - -
    -Specifies a timeout (in seconds) for running a --filter program. The default is 300 seconds. -
    -f, --forward - -
    -Causes spooled mail messages to be forwarded when the program first starts. -
    -1, --forward-on-disconnect - -
    -Causes spooled mail messages to be forwarded whenever a SMTP client connection disconnects. -
    -o, --forward-to <host:port> - -
    -Specifies the transport address of the remote SMTP server that is use for mail message forwarding. -
    --forward-to-some - -
    -Allow forwarding to continue even if some recipient addresses on an e-mail envelope are rejected by the remote server. -
    -h, --help - -
    -Displays help text and then exits. Use with --verbose for more complete output. -
    -H, --hidden - -
    -Windows only. Hides the application window and disables all message boxes, overriding any --show option. This is useful when running as a windows service. -
    --idle-timeout <time> - -
    -Specifies a timeout (in seconds) for receiving network traffic from remote SMTP and POP clients. The default is 1800 seconds. -
    -m, --immediate - -
    -Causes mail messages to be forwarded as they are received, even before they have been accepted. This can be used to do proxying without store-and-forward, but in practice clients tend to to time out while waiting for their mail message to be accepted. -
    -I, --interface <ip-address-list> - -
    -Specifies the IP network addresses or interface names used to bind listening ports. By default listening ports for incoming SMTP, POP and administration connections will bind the 'any' address for IPv4 and for IPv6, ie. 0.0.0.0 and ::. Multiple addresses can be specified by using the option more than once or by using a comma-separated list. Use a prefix of smtp=, pop= or admin= on addresses that should apply only to those types of listening port. Any link-local IPv6 addresses must include a zone name or scope id. Interface names can be used instead of addresses, in which case all the addresses associated with that interface at startup will used for listening. When an interface name is decorated with a -ipv4 or -ipv6 suffix only their IPv4 or IPv6 addresses will be used (eg. ppp0-ipv4). -
    --localedir <dir> - -
    -Enables localisation and specifies the locale base directory where message catalogues can be found. An empty directory can be used for the built-in default. -
    -l, --log - -
    -Enables logging to the standard error stream and to the syslog. The --close-stderr and --no-syslog options can be used to disable output to standard error stream and the syslog separately. Note that --as-server, --as-client and --as-proxy imply --log, and --as-server and --as-proxy also imply --close-stderr. -
    --log-address - -
    -Adds the network address of remote clients to the logging output. -
    -N, --log-file <file> - -
    -Redirects standard-error logging to the specified file. Logging to the log file is not affected by --close-stderr. The filename can include %d to get daily log files; the %d is replaced by the current date in the local timezone using a YYYYMMDD format. -
    -L, --log-time - -
    -Adds a timestamp to the logging output using the local timezone. -
    -t, --no-daemon - -
    -Disables the normal backgrounding at startup so that the program runs in the foreground, without forking or detaching from the terminal. On Windows this disables the system tray icon so the program uses a normal window; when the window is closed the program terminates. -
    -X, --no-smtp - -
    -Disables listening for incoming SMTP connections. -
    -n, --no-syslog - -
    -Disables logging to the syslog. Note that --as-client implies --no-syslog. -
    -i, --pid-file <pid-file> - -
    -Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon. -
    -O, --poll <period> - -
    -Causes forwarding of spooled mail messages to happen at regular intervals (with the time given in seconds). -
    -B, --pop - -
    -Enables the POP server listening, by default on port 110, providing access to spooled mail messages. Negotiated TLS using the POP STLS command will be enabled if the --server-tls option is also given. -
    -F, --pop-auth <file> - -
    -Specifies a file containing valid POP account details. The file format is the same as for the SMTP server secrets file, ie. lines starting with server, with user-id and password in the third and fourth fields. A special value of /pam can be used for authentication using linux PAM. -
    -J, --pop-by-name - -
    -Modifies the spool directory used by the POP server to be a sub-directory with the same name as the POP authentication user-id. This allows multiple POP clients to read the spooled messages without interfering with each other, particularly when also using --pop-no-delete. Content files can stay in the main spool directory with only the envelope files copied into user-specific sub-directories. The emailrelay-filter-copy program is a convenient way of doing this when run via --filter. -
    -G, --pop-no-delete - -
    -Disables the POP DELE command so that the command appears to succeed but mail messages are not deleted from the spool directory. -
    -E, --pop-port <port> - -
    -Sets the POP server's listening port number. -
    -p, --port <port> - -
    -Sets the port number used for listening for incoming SMTP connections. -
    -w, --prompt-timeout <time> - -
    -Specifies a timeout (in seconds) for getting the initial prompt from a remote SMTP server. If no prompt is received after this time then the SMTP dialog goes ahead without it. -
    -r, --remote-clients - -
    -Allows incoming connections from addresses that are not local. The default behaviour is to reject connections that are not local in order to prevent accidental exposure to the public internet, although a firewall should also be used. Local address ranges are defined in RFC-1918, RFC-6890 etc. -
    -T, --response-timeout <time> - -
    -Specifies a timeout (in seconds) for getting responses from remote SMTP servers. The default is 1800 seconds. -
    -S, --server-auth <file> - -
    -Enables SMTP server authentication of remote SMTP clients. Account names and passwords are taken from the specified secrets file. The secrets file should contain lines that have four space-separated fields, starting with server in the first field; the second field is the password encoding (plain or md5), the third is the client user-id and the fourth is the password. The user-id is RFC-1891 xtext encoded, and the password is either xtext encoded or generated by emailrelay-passwd. A special value of /pam can be used for authentication using linux PAM. -
    --server-auth-config <config> - -
    -Configures the SMTP server authentication module using a semicolon-separated list of configuration items. Each item is a single-character key, followed by a colon and then a comma-separated list. A 'm' character introduces a preferred sub-set of the built-in authentication mechanisms, and an 'x' is used for blocklisted mechanisms.
    -K, --server-tls
    @@ -312,43 +304,93 @@ Makes the use of TLS mandatory for any incoming SMTP and POP connections. SMTP c
    Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify <default> for the TLS library's default set of trusted CAs. -
    -M, --size <bytes> - -
    -Limits the size of mail messages that can be submitted over SMTP. -
    -s, --spool-dir <dir> - -
    -Specifies the directory used for holding mail messages that have been received but not yet forwarded. -
    -k, --syslog, --syslog=<facility> - -
    -When used with --log this option enables logging to the syslog even if the --no-syslog option is also used. This is typically used as a convenient override when using --as-client.
    -9, --tls-config <options>
    Selects and configures the low-level TLS library, using a comma-separated list of keywords. If OpenSSL and mbedTLS are both built in then keywords of openssl and mbedtls will select one or the other. Keywords like tlsv1.0 can be used to set a minimum TLS protocol version, or -tlsv1.2 to set a maximum version. +
    +  +

    Process options

    + +
    +
    -x, --dont-serve + +
    +Disables all network serving, including SMTP, POP and administration interfaces. The program will terminate as soon as any initial forwarding is complete. +
    -H, --hidden + +
    +Windows only. Hides the application window and disables all message boxes, overriding any --show option. This is useful when running as a windows service. +
    --localedir <dir> + +
    +Enables localisation and specifies the locale base directory where message catalogues can be found. An empty directory can be used for the built-in default. +
    -t, --no-daemon + +
    +Disables the normal backgrounding at startup so that the program runs in the foreground, without forking or detaching from the terminal. On Windows this disables the system tray icon so the program uses a normal window; when the window is closed the program terminates. +
    -X, --no-smtp + +
    +Disables listening for incoming SMTP connections. +
    -i, --pid-file <path> + +
    +Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon. The immediate parent directory is created if necessary.
    -u, --user <username>
    -When started as root the program switches to a non-privileged effective user-id when idle. This option can be used to define the idle user-id and also the group ownership of new files and sockets. Specify root to disable all user-id switching. Ignored on Windows. +When started as root the program switches to a non-privileged effective user-id when idle. This option can be used to define the idle user-id and also the group ownership of new files and sockets. Specify root to disable all user-id switching. Ignored on Windows. +
    +  +

    Logging options

    + +
    -v, --verbose
    Enables more verbose logging when used with --log, and more verbose help when used with --help. -
    -V, --version +
    -l, --log
    -Displays version information and then exits. +Enables logging to the standard error stream and to the syslog. The --close-stderr and --no-syslog options can be used to disable output to standard error stream and the syslog separately. Note that --as-server, --as-client and --as-proxy imply --log, and --as-server and --as-proxy also imply --close-stderr. +
    -g, --debug + +
    +Enables debug level logging, if built in. Debug messages are usually only useful when cross-referenced with the source code and they may expose plaintext passwords and mail message content. +
    --log-address + +
    +Adds the network address of remote clients to the logging output. +
    -N, --log-file <file> + +
    +Redirects standard-error logging to the specified file. Logging to the log file is not affected by --close-stderr. The filename can include %d to get daily log files; the %d is replaced by the current date in the local timezone using a YYYYMMDD format. +
    -L, --log-time + +
    +Adds a timestamp to the logging output using the local timezone. +
    -n, --no-syslog + +
    +Disables logging to the syslog. Note that --as-client implies --no-syslog. +
    -k, --syslog, --syslog=<facility> + +
    +When used with --log this option enables logging to the syslog even if the --no-syslog option is also used. This is typically used as a convenient override when using --as-client. +
    -e, --close-stderr + +
    +Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by --as-server and --as-proxy.
    -  + 

    SEE ALSO

    emailrelay-submit(1), emailrelay-passwd(1), -  + 

    AUTHOR

    Graeme Walker, mailto:graeme_walker@users.sourceforge.net @@ -361,8 +403,19 @@ Graeme Walker, mailto:graem
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    -
    SEE ALSO
    -
    AUTHOR
    +
    +
    Basic options
    +
    SMTP client options
    +
    SMTP server options
    +
    POP server options
    +
    Admin server options
    +
    Authentication options
    +
    TLS options
    +
    Process options
    +
    Logging options
    +
    +
    SEE ALSO
    +
    AUTHOR
    This document was created by @@ -370,3 +423,4 @@ This document was created by using the manual pages.
    + diff --git a/doc/emailrelay-passwd.1 b/doc/emailrelay-passwd.1 index 0ce6634..2a1fb30 100644 --- a/doc/emailrelay-passwd.1 +++ b/doc/emailrelay-passwd.1 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2001-2021 Graeme Walker +.\" Copyright (C) 2001-2022 Graeme Walker .\" .\" This program is free software: you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by @@ -39,6 +39,21 @@ server md5 alice Oqng9/H7wAyKgbuqw5VzG1bNO6feqtblyiNEi6QuN5dH .br server md5 bob Ot6SDdGj23eWjdEuKICgN8Nj9z/Vx9IV3ISz9VvmnaUB .SH OPTIONS +.TP +.B \-H, --hash \fI\fR +Specifies the hash function, such as MD5 or SHA1. MD5 is the default, and a hash function of NONE does simple xtext encoding. Other hash function may or may not be available, depending on the build. +.TP +.B \-h, --help +Shows help text and exits. +.TP +.B \-b, --base64 +The input password is interpreted as being base-64 encoded. +.TP +.B \-d, --dotted +Generates a dotted decimal format, for backwards compatibility. +.TP +.B \-p, --password \fI\fR +Specifies the password to be hashed. Beware of leaking sensitive passwords via command-line history or the process-table when using this option. .SH SEE ALSO .BR emailrelay (1), .BR emailrelay-submit (1), diff --git a/doc/emailrelay-submit.1 b/doc/emailrelay-submit.1 index 021fdce..7d04055 100644 --- a/doc/emailrelay-submit.1 +++ b/doc/emailrelay-submit.1 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2001-2021 Graeme Walker +.\" Copyright (C) 2001-2022 Graeme Walker .\" .\" This program is free software: you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by @@ -33,6 +33,52 @@ spool directory. .LP The verbose option causes the path of the new content file to be printed. +.SH OPTIONS +.TP +.B \-f, --from \fI\fR +Sets the envelope 'from' address. +.TP +.B \-h, --help +Shows help text and exits. +.TP +.B \-s, --spool-dir \fI\fR +Specifies the spool directory. +.TP +.B \-v, --verbose +Prints the full path of the content file. +.TP +.B \-d, --content-date +Adds a \fIDate:\fR content header if there is none. +.TP +.B \-F, --content-from +Adds the envelope 'from' addresses as a \fIFrom:\fR content header. +.TP +.B \-t, --content-to +Adds the envelope 'to' addresses as \fITo:\fR content headers. +.TP +.B \-c, --copy +Copies the envelope file into all sub-directories of the main spool directory. +.TP +.B \-n, --filename +Prints the name of the content file. +.TP +.B \-V, --version +Prints the version number and exits. +.TP +.B \-a, --auth \fI\fR +Sets the authentication value in the envelope file. +.TP +.B \-C, --content \fI\fR +Sets a line of content. This can be a header line, a blank line or a line of the body text. The first blank line separates headers from the body. The option value should be base64 encoded. +.TP +.B \-i, --from-auth-in \fI\fR +Sets the 'from-auth-in' value in the envelope file. +.TP +.B \-o, --from-auth-out \fI\fR +Sets the 'from-auth-out' value in the envelope file. +.TP +.B \-N, --no-stdin +Ignores the standard-input. Typically used with \fI\fR\fI--content\fR\fI\fR. .SH SEE ALSO .BR emailrelay (1), .BR emailrelay-passwd (1) diff --git a/doc/emailrelay.1 b/doc/emailrelay.1 index b4d099c..94e8a1d 100644 --- a/doc/emailrelay.1 +++ b/doc/emailrelay.1 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2001-2021 Graeme Walker +.\" Copyright (C) 2001-2022 Graeme Walker .\" .\" This program is free software: you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by @@ -51,18 +51,7 @@ In this mode all e-mail messages are spooled temporarily while the client is connected and forwarded as soon as the client disconnects. .SH OPTIONS -.TP -.B --address-verifier \fI\fR -Runs the specified external program to verify a message recipent's e-mail address. A network verifier can be specified as \fInet:\fR. -.TP -.B \-a, --admin \fI\fR -Enables an administration interface on the specified listening port number. Use telnet or something similar to connect. The administration interface can be used to trigger forwarding of spooled mail messages if the \fI--forward-to\fR option is used. -.TP -.B \-Q, --admin-terminate -Enables the \fIterminate\fR command in the administration interface. -.TP -.B \-A, --anonymous -Disables the server's SMTP VRFY command, sends less verbose SMTP responses and SMTP greeting, and stops \fIReceived\fR lines being added to mail message content files. +.SS Basic options .TP .B \-q, --as-client \fI\fR This is equivalent to \fI--log\fR, \fI--no-syslog\fR, \fI--no-daemon\fR, \fI--dont-serve\fR, \fI--forward\fR and \fI--forward-to\fR. It is a convenient way of running a forwarding agent that forwards spooled mail messages and then terminates. @@ -73,17 +62,119 @@ This is equivalent to \fI--log\fR, \fI--close-stderr\fR, \fI--forward-on-disconn .B \-d, --as-server This is equivalent to \fI--log\fR and \fI--close-stderr\fR. It is a convenient way of running a background storage daemon that accepts mail messages and spools them. Use \fI--log\fR instead of \fI--as-server\fR to keep standard error stream open. .TP +.B \-s, --spool-dir \fI\fR +Specifies the directory used for holding mail messages that have been received but not yet forwarded. +.TP +.B \-h, --help +Displays help text and then exits. Use with \fI--verbose\fR for more complete output. +.TP +.B \-V, --version +Displays version information and then exits. +.SS SMTP client options +.TP +.B \-f, --forward +Causes spooled mail messages to be forwarded when the program first starts. +.TP +.B \-1, --forward-on-disconnect +Causes spooled mail messages to be forwarded whenever a SMTP client connection disconnects. +.TP +.B \-o, --forward-to \fI\fR +Specifies the transport address of the remote SMTP server that spooled mail messages are forwarded to. +.TP +.B \-O, --poll \fI\fR +Causes forwarding of spooled mail messages to happen at regular intervals (with the time given in seconds). +.TP +.B \-Y, --client-filter \fI\fR +Runs the specified external filter program whenever a mail message is forwarded. The filter is passed the name of the message file in the spool directory so that it can edit it as required. A network filter can be specified as \fInet:\fR and prefixes of \fIspam:\fR, \fIspam-edit:\fR and \fIexit:\fR are also allowed. The \fIspam:\fR and \fIspam-edit:\fR prefixes require a SpamAssassin daemon to be running. For store-and-forward applications the \fI--filter\fR option is normally more useful than \fI--client-filter\fR. +.TP +.B \-6, --client-interface \fI\fR +Specifies the IP network address to be used to bind the local end of outgoing SMTP connections. By default the address will depend on the routing tables in the normal way. Use \fI0.0.0.0\fR to use only IPv4 addresses returned from DNS lookups of the \fI--forward-to\fR address, or \fI::\fR for IPv6. +.TP +.B \-U, --connection-timeout \fI
    --client-tls-verify-name <cname>
    @@ -146,243 +345,6 @@ Enables verification of the CNAME within the remote SMTP server's certificate. -
    --close-stderr (-e)
    -
    - Causes the standard error stream to be closed soon after start-up. This is - useful when operating as a background daemon and it is therefore implied by - --as-server and --as-proxy. -
    -
    --connection-timeout <time> (-U)
    -
    - Specifies a timeout (in seconds) for establishing a TCP connection to remote - SMTP servers. The default is 40 seconds. -
    -
    --debug (-g)
    -
    - Enables debug level logging, if built in. Debug messages are usually only - useful when cross-referenced with the source code and they may expose - plaintext passwords and mail message content. -
    -
    --dnsbl <config>
    -
    - Specifies a list of DNSBL servers that are used to reject SMTP connections - from blocked addresses. The configuration string is made up of - comma-separated fields: the DNS server's transport address, a timeout in - milliseconds, a rejection threshold, and then the list of DNSBL servers. -
    -
    --domain <fqdn> (-D)
    -
    - Specifies the network name that is used in SMTP EHLO commands, Received - lines, and for generating authentication challenges. The default is derived - from a DNS lookup of the local hostname. -
    -
    --dont-serve (-x)
    -
    - Disables all network serving, including SMTP, POP and administration - interfaces. The program will terminate as soon as any initial forwarding is - complete. -
    -
    --filter <program> (-z)
    -
    - Runs the specified external filter program whenever a mail message is stored. - The filter is passed the name of the message file in the spool directory so - that it can edit it as required. The mail message is rejected if the filter - program terminates with an exit code between 1 and 99. Use - net: to communicate with a filter daemon over the - network, or spam: for a spamassassin spamd daemon to - accept or reject mail messages, or spam-edit: to have - spamassassin edit the message content without rejecting it, or - exit: to emulate a filter program that just exits. -
    -
    --filter-timeout <time> (-W)
    -
    - Specifies a timeout (in seconds) for running a --filter program. The - default is 300 seconds. -
    -
    --forward (-f)
    -
    - Causes spooled mail messages to be forwarded when the program first starts. -
    -
    --forward-on-disconnect (-1)
    -
    - Causes spooled mail messages to be forwarded whenever a SMTP client - connection disconnects. -
    -
    --forward-to <host:port> (-o)
    -
    - Specifies the transport address of the remote SMTP server that is use for - mail message forwarding. -
    -
    --forward-to-some
    -
    - Allow forwarding to continue even if some recipient addresses on an e-mail - envelope are rejected by the remote server. -
    -
    --help (-h)
    -
    - Displays help text and then exits. Use with --verbose for more complete - output. -
    -
    --hidden (-H)
    -
    - Windows only. Hides the application window and disables all message boxes, - overriding any --show option. This is useful when running as a windows - service. -
    -
    --idle-timeout <time>
    -
    - Specifies a timeout (in seconds) for receiving network traffic from remote - SMTP and POP clients. The default is 1800 seconds. -
    -
    --immediate (-m)
    -
    - Causes mail messages to be forwarded as they are received, even before they - have been accepted. This can be used to do proxying without - store-and-forward, but in practice clients tend to to time out while - waiting for their mail message to be accepted. -
    -
    --interface <ip-address-list> (-I)
    -
    - Specifies the IP network addresses or interface names used to bind listening - ports. By default listening ports for incoming SMTP, POP and administration - connections will bind the 'any' address for IPv4 and for IPv6, ie. - 0.0.0.0 and ::. Multiple addresses can be specified by using the option - more than once or by using a comma-separated list. Use a prefix of smtp=, - pop= or admin= on addresses that should apply only to those types of - listening port. Any link-local IPv6 addresses must include a zone name or - scope id. Interface names can be used instead of addresses, in which case - all the addresses associated with that interface at startup will used for - listening. When an interface name is decorated with a -ipv4 or -ipv6 - suffix only their IPv4 or IPv6 addresses will be used (eg. ppp0-ipv4). -
    -
    --localedir <dir>
    -
    - Enables localisation and specifies the locale base directory where message - catalogues can be found. An empty directory can be used for the built-in - default. -
    -
    --log (-l)
    -
    - Enables logging to the standard error stream and to the syslog. The - --close-stderr and --no-syslog options can be used to disable output to - standard error stream and the syslog separately. Note that --as-server, - --as-client and --as-proxy imply --log, and --as-server and - --as-proxy also imply --close-stderr. -
    -
    --log-address
    -
    - Adds the network address of remote clients to the logging output. -
    -
    --log-file <file> (-N)
    -
    - Redirects standard-error logging to the specified file. Logging to the log - file is not affected by --close-stderr. The filename can include %d to - get daily log files; the %d is replaced by the current date in the local - timezone using a YYYYMMDD format. -
    -
    --log-time (-L)
    -
    - Adds a timestamp to the logging output using the local timezone. -
    -
    --no-daemon (-t)
    -
    - Disables the normal backgrounding at startup so that the program runs in the - foreground, without forking or detaching from the terminal. On Windows - this disables the system tray icon so the program uses a normal window; - when the window is closed the program terminates. -
    -
    --no-smtp (-X)
    -
    - Disables listening for incoming SMTP connections. -
    -
    --no-syslog (-n)
    -
    - Disables logging to the syslog. Note that --as-client implies - --no-syslog. -
    -
    --pid-file <pid-file> (-i)
    -
    - Causes the process-id to be written into the specified file when the program - starts up, typically after it has become a background daemon. -
    -
    --poll <period> (-O)
    -
    - Causes forwarding of spooled mail messages to happen at regular intervals - (with the time given in seconds). -
    -
    --pop (-B)
    -
    - Enables the POP server listening, by default on port 110, providing access to - spooled mail messages. Negotiated TLS using the POP STLS command will be - enabled if the --server-tls option is also given. -
    -
    --pop-auth <file> (-F)
    -
    - Specifies a file containing valid POP account details. The file format is the - same as for the SMTP server secrets file, ie. lines starting with server, - with user-id and password in the third and fourth fields. A special value - of /pam can be used for authentication using linux PAM. -
    -
    --pop-by-name (-J)
    -
    - Modifies the spool directory used by the POP server to be a sub-directory - with the same name as the POP authentication user-id. This allows multiple - POP clients to read the spooled messages without interfering with each - other, particularly when also using --pop-no-delete. Content files can - stay in the main spool directory with only the envelope files copied into - user-specific sub-directories. The emailrelay-filter-copy program is a - convenient way of doing this when run via --filter. -
    -
    --pop-no-delete (-G)
    -
    - Disables the POP DELE command so that the command appears to succeed but mail - messages are not deleted from the spool directory. -
    -
    --pop-port <port> (-E)
    -
    - Sets the POP server's listening port number. -
    -
    --port <port> (-p)
    -
    - Sets the port number used for listening for incoming SMTP connections. -
    -
    --prompt-timeout <time> (-w)
    -
    - Specifies a timeout (in seconds) for getting the initial prompt from a remote - SMTP server. If no prompt is received after this time then the SMTP dialog - goes ahead without it. -
    -
    --remote-clients (-r)
    -
    - Allows incoming connections from addresses that are not local. The default - behaviour is to reject connections that are not local in order to prevent - accidental exposure to the public internet, although a firewall should also - be used. Local address ranges are defined in RFC-1918, RFC-6890 etc. -
    -
    --response-timeout <time> (-T)
    -
    - Specifies a timeout (in seconds) for getting responses from remote SMTP - servers. The default is 1800 seconds. -
    -
    --server-auth <file> (-S)
    -
    - Enables SMTP server authentication of remote SMTP clients. Account names and - passwords are taken from the specified secrets file. The secrets file - should contain lines that have four space-separated fields, starting with - server in the first field; the second field is the password encoding - (plain or md5), the third is the client user-id and the fourth is the - password. The user-id is RFC-1891 xtext encoded, and the password is either - xtext encoded or generated by emailrelay-passwd. A special value of - /pam can be used for authentication using linux PAM. -
    -
    --server-auth-config <config>
    -
    - Configures the SMTP server authentication module using a semicolon-separated - list of configuration items. Each item is a single-character key, followed - by a colon and then a comma-separated list. A 'm' character introduces a - preferred sub-set of the built-in authentication mechanisms, and an 'x' is - used for blocklisted mechanisms. -
    --server-tls (-K)
    Enables TLS for incoming SMTP and POP connections. SMTP clients can then @@ -394,8 +356,8 @@
    Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the - PEM file format. Alternatively, use this option twice with the first one - specifying the key file and the second the certificate file. Keep the file + PEM file format. Alternatively, use this option twice with the first one + specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
    --server-tls-connection
    @@ -414,24 +376,9 @@ Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root - certificate. Specify <default> for the TLS library's default set of + certificate. Specify for the TLS library's default set of trusted CAs. -
    --size <bytes> (-M)
    -
    - Limits the size of mail messages that can be submitted over SMTP. -
    -
    --spool-dir <dir> (-s)
    -
    - Specifies the directory used for holding mail messages that have been - received but not yet forwarded. -
    -
    --syslog[=<facility>] (-k)
    -
    - When used with --log this option enables logging to the syslog even if the - --no-syslog option is also used. This is typically used as a convenient - override when using --as-client. -
    --tls-config <options> (-9)
    Selects and configures the low-level TLS library, using a comma-separated @@ -440,6 +387,44 @@ tlsv1.0 can be used to set a minimum TLS protocol version, or -tlsv1.2 to set a maximum version.
    + +

    Process options

    +
    +
    --dont-serve (-x)
    +
    + Disables all network serving, including SMTP, POP and administration + interfaces. The program will terminate as soon as any initial forwarding is + complete. +
    +
    --hidden (-H)
    +
    + Windows only. Hides the application window and disables all message boxes, + overriding any --show option. This is useful when running as a windows + service. +
    +
    --localedir <dir>
    +
    + Enables localisation and specifies the locale base directory where message + catalogues can be found. An empty directory can be used for the built-in + default. +
    +
    --no-daemon (-t)
    +
    + Disables the normal backgrounding at startup so that the program runs in the + foreground, without forking or detaching from the terminal. On Windows + this disables the system tray icon so the program uses a normal window; + when the window is closed the program terminates. +
    +
    --no-smtp (-X)
    +
    + Disables listening for incoming SMTP connections. +
    +
    --pid-file <path> (-i)
    +
    + Causes the process-id to be written into the specified file when the program + starts up, typically after it has become a background daemon. The immediate + parent directory is created if necessary. +
    --user <username> (-u)
    When started as root the program switches to a non-privileged effective @@ -447,14 +432,59 @@ also the group ownership of new files and sockets. Specify root to disable all user-id switching. Ignored on Windows.
    +
    +

    Logging options

    +
    --verbose (-v)
    Enables more verbose logging when used with --log, and more verbose help when used with --help.
    -
    --version (-V)
    +
    --log (-l)
    - Displays version information and then exits. + Enables logging to the standard error stream and to the syslog. The + --close-stderr and --no-syslog options can be used to disable output to + standard error stream and the syslog separately. Note that --as-server, + --as-client and --as-proxy imply --log, and --as-server and + --as-proxy also imply --close-stderr. +
    +
    --debug (-g)
    +
    + Enables debug level logging, if built in. Debug messages are usually only + useful when cross-referenced with the source code and they may expose + plaintext passwords and mail message content. +
    +
    --log-address
    +
    + Adds the network address of remote clients to the logging output. +
    +
    --log-file <file> (-N)
    +
    + Redirects standard-error logging to the specified file. Logging to the log + file is not affected by --close-stderr. The filename can include %d to + get daily log files; the %d is replaced by the current date in the local + timezone using a YYYYMMDD format. +
    +
    --log-time (-L)
    +
    + Adds a timestamp to the logging output using the local timezone. +
    +
    --no-syslog (-n)
    +
    + Disables logging to the syslog. Note that --as-client implies + --no-syslog. +
    +
    --syslog[=<facility>] (-k)
    +
    + When used with --log this option enables logging to the syslog even if the + --no-syslog option is also used. This is typically used as a convenient + override when using --as-client. +
    +
    --close-stderr (-e)
    +
    + Causes the standard error stream to be closed soon after start-up. This is + useful when operating as a background daemon and it is therefore implied by + --as-server and --as-proxy.

    @@ -906,7 +936,7 @@ server plain carol my+20password

    - 
    $ openssl req -x509 -nodes -subj "/CN=$USER" -newkey rsa:2048 -keyout emailrelay.pem  -out emailrelay.pem
+       
    $ openssl req -x509 -noenc -subj "/CN=$USER" -newkey rsa:2048 -keyout emailrelay.pem  -out emailrelay.pem

    @@ -957,21 +987,15 @@ server plain carol my+20password 

    auth requisite pam_unix.so nullok_secure
-session required pam_permit.so
-account required pam_permit.so
-password required pam_deny.so

    With this configuration the E-MailRelay server will use normal unix system account names and passwords to authenticate remote clients. On some systems this will require special permissioning to allow the E-MailRelay server to - read the shadow password database. -

    - -

    - When using PAM authentication E-MailRelay requires that remote clients - establish an encrypted session using TLS before authentication can proceed. + read the shadow password database, so run the server as root and also add the + --user=root command-line option to make sure that the process's effective + user-id stays as root while it accesses the PAM system.

    IP addresses

    @@ -1413,9 +1437,7 @@ catch( e )

    The following are some security issues that have been taken into consideration:

    - -
    -
    Effective userid
    +

    Effective userid

    Suid privileges are revoked at start-up, switching the effective userid/groupid to be the real userid/groupid values. If started as root @@ -1427,32 +1449,32 @@ catch( e ) groupid, so that new files have group ownership corresponding to the daemon user.
    -
    Execution environment
    +

    Execution environment

    The external filter programs are run with an almost empty set of environment variables (PATH and IFS), and with no open file descriptors other than stdin and stderr open onto /dev/null, and stdout open onto a pipe.
    -
    Umask
    +

    Umask

    - The program runs for most of the time with a umask of 177, switching to 117 + The program runs for most of the time with a umask of 077, switching to 007 when creating spool files.
    -
    Remote clients
    +

    Remote clients

    By default connections will be rejected if they come from remote machines.
    -
    Remote configuration
    +

    Remote configuration

    No configuration parameters can be changed through the administrative interface.
    -
    Use of exec() and system()
    +

    Use of exec() and system()

    No exec(), system() or popen() calls are used other than execve() to spawn the mail filter and/or address verifier.
    -
    File permissions
    +

    File permissions

    After a normal installation the spool directory is has ownership of root.daemon with permissions of -rwxrwxr-x and messages files are created @@ -1464,7 +1486,7 @@ catch( e ) spool directory, and the files created end up owned by the submitter but with group ownership of daemon.
    -
    Logging
    +

    Logging

    Logging output is conditioned so that ANSI escape sequences cannot appear in the log. @@ -1472,17 +1494,16 @@ catch( e ) Passwords and message content are not logged (except if using the --debug option at run time with debug logging enabled at build time).
    -
    Information leakage
    +

    Information leakage

    The --anonymous option can be used to reduce the amount of information leaked to remote clients.
    -
    Mandatory encryption
    +

    Mandatory encryption

    When using PAM for authentication all clients are required to use TLS/SSL encryption.
    -

    Security issues which relate to the SMTP protocol itself are beyond the scope of this document, but RFC-2821 makes the following observation: "SMTP mail is @@ -1551,7 +1572,39 @@ E-MailRelay> quit An E-MailRelay --filter script can be used to reject messages with incorrect Bcc: headers, and an example script is included.

    -

    Files and directories

    +

    Routing

    +

    + E-MailRelay does not normally do any routing of e-mail messages; they are + all forwarded to a fixed smarthost address given by the --forward-to or + --as-client command-line options. +

    + +

    + However, each message envelope file contains a ForwardToAddress field that + can be populated by filter scripts in order to route the message to some other + server. +

    + +

    + If the ForwardTo field has any non-empty value then E-MailRelay runs its + client filter early to allow the client filter script to set or update the + ForwardToAddress before the outgoing connection is made. (The client filter is + run a second time as normal once the connection is made and the SMTP session has + been established.) +

    + +

    + Typically a --filter script would be used to examine the message content and + populate the ForwardTo field, then a --client-filter script would use + the ForwardTo value to populate the ForwardToAddress field with an up-to-date + forwarding address. +

    + +

    + Note that a successful connection to the smarthost is required even if a message + is routed elsewhere. +

    +

    Files and directories

    On Unix-like systems E-MailRelay installs by default under /usr/local, but binary distributions will probably have been built to install elsewhere. @@ -1611,10 +1664,10 @@ E-MailRelay> quit

    - Copyright (C) 2001-2021 Graeme Walker + Copyright (C) 2001-2022 Graeme Walker

    - + diff --git a/doc/reference.md b/doc/reference.md index 1f1eda4..7a57d80 100644 --- a/doc/reference.md +++ b/doc/reference.md @@ -7,29 +7,7 @@ The `emailrelay` program supports the following command-line usage: emailrelay [