fix previous

fix interface tagging listeners in the ipv6 case

while there factor some common code (from jacekm input)

ok jacekm@

Fix a memleak in parse_config(). Correct return code in few error paths.
Fix two memleaks in purge_config().

First problem spotted by parfait, the other ones - by myself.

"looks good" gilles@

some structures reference the maps they use by their id, if we allow 0 as a
valid map id, then we have no way to know for these structures if they have
a reference to a map, or if the member was not

some structures reference the maps they use by their id, if we allow 0 as a
valid map id, then we have no way to know for these structures if they have
a reference to a map, or if the member was not set. make map id start at 1.

show more ...

teach makemap how to build a set, which is a map containing only keys.
smtpd is now capable of looking primary domains at runtime in a set, which
means that the following becomes possible:

map "pri

teach makemap how to build a set, which is a map containing only keys.
smtpd is now capable of looking primary domains at runtime in a set, which
means that the following becomes possible:

map "primary" { source db "/etc/mail/primary.db" }
accept for domain map "primary" deliver to mbox

while at it fix a couple bugs in the aliases resolution path which caused
recipients to bounce if a ruleset did not have an "accept for local" rule

"diff reads good" jacekm@, flush queue & make clean

show more ...

this commit removes the hardcoded special "aliases" map and brings support
for multiple aliases maps that can be attached at the rule level. with it,
you can for example define different aliases maps

this commit removes the hardcoded special "aliases" map and brings support
for multiple aliases maps that can be attached at the rule level. with it,
you can for example define different aliases maps for different domains or
different aliases maps for the same domain depending on the client source:

map "localiases" { source db "/etc/mail/localiases.db" }
map "netaliases" { source db "/etc/mail/netaliases.db" }

accept from 192.168.0.0/16 for local alias "localiases" deliver to mbox
accept from all for local alias "netaliases" deliver to mbox

idea discussed with jacekm@ and various other hackers, diff contains some
bug fixes too which were not part of the original diff. man page follows
very shortly ... make clean & flush queue !

show more ...

change virtual rule so that it reads: accept for virtual "mapname", instead
of: accept for virtual map "mapname" ...

discussed with jacekm@

currently, smtpd is capable of having multiple listeners with different
options but they will all share the same ruleset. this means that there
is no way to have a rule apply to a session established

currently, smtpd is capable of having multiple listeners with different
options but they will all share the same ruleset. this means that there
is no way to have a rule apply to a session established on one listener
but not applied on another.

this commit brings initial support for tagging listeners and having the
rules able to match these specific listeners. The following will define
a rule which will only apply to interfaces tagged as "mynet":

listen on lo0 # implicit lo0 tag
listen on fxp0 tag mynet
listen on fxp1 tag mynet

accept on mynet for domain "example.org" deliver to mbox

show more ...

users within virtual domains do not necessarily map to a real user account,
teach smtpd how to deliver using specific user permissions:

accept for virtual map "foo" deliver to maildir "/m/%d/%u" us

users within virtual domains do not necessarily map to a real user account,
teach smtpd how to deliver using specific user permissions:

accept for virtual map "foo" deliver to maildir "/m/%d/%u" user foo

will deliver mail under /m/domain/user as user foo

idea and initial diff discussed with jacekm@

show more ...

implement proper virtual domains instead of faking them on top of primary
domains. this means that:

- virtual domains no longer deliver to a local user when not told to
- they no longer attempt to r

implement proper virtual domains instead of faking them on top of primary
domains. this means that:

- virtual domains no longer deliver to a local user when not told to
- they no longer attempt to resolve aliases when not told to
- they no longer need an explicit rule in smtpd.conf for EACH domain
- the "virtual" map is no longer hardcoded
- smtpd no longer needs a restart to support a new domain

instead we introduce the: accept for virtual map "mapname" [...] syntax
which refers to a map that can be manipulated at runtime.

idea discussed and okayd with jacekm@

show more ...

Do not print "could not load cert" warning at startup if certificate is not
required. Requested by jmc@, gilles@ ok.

if path in "deliver to maildir path" is omitted, use ~/Maildir by
default; from gilles@

make env->sc_listeners and env->sc_ssl pointers, one step further toward
configuration reloading without killing active sessions; ok jacekm@

It is now possible to specify a certificate to use when relaying to another
host which requests client certificates:

accept [...] relay via [...] ssl certificate "mycert"

diff from Josh Elsasser <

It is now possible to specify a certificate to use when relaying to another
host which requests client certificates:

accept [...] relay via [...] ssl certificate "mycert"

diff from Josh Elsasser <josh@elsasser.org>, tested and okayed by me with
no change but the addition of status 554 to the state machine to deal with
remote host telling us it doesn't like our certificate.

show more ...

temporary fix to a ruleset processing bug that stems from the fact
that the ip address/subnet parsing isn't done in the same way as
in other daemons.

fix by gilles@

no longer create a dynamic map with 127.0.0.1 and ::1 for every single rule
that has an implicit local source. instead we create static "localhost" map
before the configuration file is parsed, we fil

no longer create a dynamic map with 127.0.0.1 and ::1 for every single rule
that has an implicit local source. instead we create static "localhost" map
before the configuration file is parsed, we fill it with every single local
address we can find, and we have rules with implicit local source reference
that special map.

this unbreaks a behavior which I hated and which prevented:

accept for all relay

from accepting relaying if LOCAL session was initiated on any interface but
lo0.

show more ...

first step towards configuration reload in smtpd, smtpctl reload will parse
the configuration file again and replace current configuration with new one
in all processes. what we don't support yet is

first step towards configuration reload in smtpd, smtpctl reload will parse
the configuration file again and replace current configuration with new one
in all processes. what we don't support yet is graceful restart, clients in
sessions at the moment of the reload will have a temp failure thrown at 'em
which is ok RFC-wise but which we will try to improve anyway.

tested with various setups, "diff reads good" jacekm@

show more ...

Code assumed the certificate name to always match the interface name, even
when a certificate name was explicitely provided. This would cause imsg to
fatal() because with some configurations, it woul

Code assumed the certificate name to always match the interface name, even
when a certificate name was explicitely provided. This would cause imsg to
fatal() because with some configurations, it would look for the wrong name
in the ssl tree and would fail to find the proper cert.

issue spotted by Gregory Edigarov <gregory.edigarov@gmail.com>, I found the
fix just a few minutes ago when I succeeded to reproduce the issue...

show more ...

change syntax of the "listen on" and "relay via" directives:
1) kill the ssmtp keyword in "ssmtp listen on ...";
2) kill the use keyword in "... use certificate foo";
3) tls no longer implicit, user

change syntax of the "listen on" and "relay via" directives:
1) kill the ssmtp keyword in "ssmtp listen on ...";
2) kill the use keyword in "... use certificate foo";
3) tls no longer implicit, user must explicitely use the tls or smtps option.
4) for "relay via", move the tls/smtps options to right after the
port specification; makes it similar to "listen on".

These directives:

ssmtp listen on fxp0 use ceritifate "foo"
accept for all relay via tls "mx.bar.com"

now become:

listen on fxp0 smtps certificate "foo"
accept for all relay via "mx.bar.com" tls

ok gilles@

show more ...

Fixed memory leaks which would occur if the second of two memory
allocations fails.

looks right deraadt, krw
ok henning

when listen was declared without a port parameter, it would get it wrong
because of a missing htons()

in accept rules, support "for local" as a destination which is an alias to
"localhost" and system hostname. this allows us to ship with a config file
that goes: accept for local deliver to mbox , a

in accept rules, support "for local" as a destination which is an alias to
"localhost" and system hostname. this allows us to ship with a config file
that goes: accept for local deliver to mbox , and which will allow us to
have mail working sanely out of the box.

show more ...

add basic support for outgoing authentication (AUTH PLAIN over ssl) which
can be turned on by adding "enable auth" to a "relay via" rule. this made
me rework the mx resolution so that it is done by t

add basic support for outgoing authentication (AUTH PLAIN over ssl) which
can be turned on by adding "enable auth" to a "relay via" rule. this made
me rework the mx resolution so that it is done by the mta process and not
the runner process anymore.

show more ...

supporting delivery to a mbox that's not in _PATH_MAILDIR is not supported,
if someone comes with good rationale why this is needed, we'll consider it,
meanwhile it's more work than it looks like and

supporting delivery to a mbox that's not in _PATH_MAILDIR is not supported,
if someone comes with good rationale why this is needed, we'll consider it,
meanwhile it's more work than it looks like and it brings a lot of pain.

discussed with jacekm@ and deraadt@

show more ...

replace MAX* constants by sizeof where possible

ok jacekm@