1/*++ 2/* NAME 3/* error 8 4/* SUMMARY 5/* Postfix error/retry mail delivery agent 6/* SYNOPSIS 7/* \fBerror\fR [generic Postfix daemon options] 8/* DESCRIPTION 9/* The Postfix \fBerror\fR(8) delivery agent processes delivery 10/* requests from 11/* the queue manager. Each request specifies a queue file, a sender 12/* address, the reason for non-delivery (specified as the 13/* next-hop destination), and recipient information. 14/* The reason may be prefixed with an RFC 3463-compatible detail code; 15/* if none is specified a default 4.0.0 or 5.0.0 code is used instead. 16/* This program expects to be run from the \fBmaster\fR(8) process 17/* manager. 18/* 19/* Depending on the service name in master.cf, \fBerror\fR 20/* or \fBretry\fR, the server bounces or defers all recipients 21/* in the delivery request using the "next-hop" information 22/* as the reason for non-delivery. The \fBretry\fR service name is 23/* supported as of Postfix 2.4. 24/* 25/* Delivery status reports are sent to the \fBbounce\fR(8), 26/* \fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate. 27/* SECURITY 28/* .ad 29/* .fi 30/* The \fBerror\fR(8) mailer is not security-sensitive. It does not talk 31/* to the network, and can be run chrooted at fixed low privilege. 32/* STANDARDS 33/* RFC 3463 (Enhanced Status Codes) 34/* DIAGNOSTICS 35/* Problems and transactions are logged to \fBsyslogd\fR(8). 36/* 37/* Depending on the setting of the \fBnotify_classes\fR parameter, 38/* the postmaster is notified of bounces and of other trouble. 39/* CONFIGURATION PARAMETERS 40/* .ad 41/* .fi 42/* Changes to \fBmain.cf\fR are picked up automatically as \fBerror\fR(8) 43/* processes run for only a limited amount of time. Use the command 44/* "\fBpostfix reload\fR" to speed up a change. 45/* 46/* The text below provides only a parameter summary. See 47/* \fBpostconf\fR(5) for more details including examples. 48/* .IP "\fB2bounce_notice_recipient (postmaster)\fR" 49/* The recipient of undeliverable mail that cannot be returned to 50/* the sender. 51/* .IP "\fBbounce_notice_recipient (postmaster)\fR" 52/* The recipient of postmaster notifications with the message headers 53/* of mail that Postfix did not deliver and of SMTP conversation 54/* transcripts of mail that Postfix did not receive. 55/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 56/* The default location of the Postfix main.cf and master.cf 57/* configuration files. 58/* .IP "\fBdaemon_timeout (18000s)\fR" 59/* How much time a Postfix daemon process may take to handle a 60/* request before it is terminated by a built-in watchdog timer. 61/* .IP "\fBdelay_logging_resolution_limit (2)\fR" 62/* The maximal number of digits after the decimal point when logging 63/* sub-second delay values. 64/* .IP "\fBdouble_bounce_sender (double-bounce)\fR" 65/* The sender address of postmaster notifications that are generated 66/* by the mail system. 67/* .IP "\fBipc_timeout (3600s)\fR" 68/* The time limit for sending or receiving information over an internal 69/* communication channel. 70/* .IP "\fBmax_idle (100s)\fR" 71/* The maximum amount of time that an idle Postfix daemon process waits 72/* for an incoming connection before terminating voluntarily. 73/* .IP "\fBmax_use (100)\fR" 74/* The maximal number of incoming connections that a Postfix daemon 75/* process will service before terminating voluntarily. 76/* .IP "\fBnotify_classes (resource, software)\fR" 77/* The list of error classes that are reported to the postmaster. 78/* .IP "\fBprocess_id (read-only)\fR" 79/* The process ID of a Postfix command or daemon process. 80/* .IP "\fBprocess_name (read-only)\fR" 81/* The process name of a Postfix command or daemon process. 82/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR" 83/* The location of the Postfix top-level queue directory. 84/* .IP "\fBsyslog_facility (mail)\fR" 85/* The syslog facility of Postfix logging. 86/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 87/* The mail system name that is prepended to the process name in syslog 88/* records, so that "smtpd" becomes, for example, "postfix/smtpd". 89/* SEE ALSO 90/* qmgr(8), queue manager 91/* bounce(8), delivery status reports 92/* discard(8), Postfix discard delivery agent 93/* postconf(5), configuration parameters 94/* master(5), generic daemon options 95/* master(8), process manager 96/* syslogd(8), system logging 97/* LICENSE 98/* .ad 99/* .fi 100/* The Secure Mailer license must be distributed with this software. 101/* AUTHOR(S) 102/* Wietse Venema 103/* IBM T.J. Watson Research 104/* P.O. Box 704 105/* Yorktown Heights, NY 10598, USA 106/*--*/ 107 108/* System library. */ 109 110#include <sys_defs.h> 111#include <unistd.h> 112#include <stdlib.h> 113 114/* Utility library. */ 115 116#include <msg.h> 117#include <vstream.h> 118 119/* Global library. */ 120 121#include <deliver_request.h> 122#include <mail_queue.h> 123#include <bounce.h> 124#include <defer.h> 125#include <deliver_completed.h> 126#include <flush_clnt.h> 127#include <dsn_util.h> 128#include <sys_exits.h> 129#include <mail_proto.h> 130#include <mail_version.h> 131 132/* Single server skeleton. */ 133 134#include <mail_server.h> 135 136/* deliver_message - deliver message with extreme prejudice */ 137 138static int deliver_message(DELIVER_REQUEST *request, const char *def_dsn, 139 int (*append) (int, const char *, MSG_STATS *, RECIPIENT *, 140 const char *, DSN *)) 141{ 142 const char *myname = "deliver_message"; 143 VSTREAM *src; 144 int result = 0; 145 int status; 146 RECIPIENT *rcpt; 147 int nrcpt; 148 DSN_SPLIT dp; 149 DSN dsn; 150 151 if (msg_verbose) 152 msg_info("deliver_message: from %s", request->sender); 153 154 /* 155 * Sanity checks. 156 */ 157 if (request->nexthop[0] == 0) 158 msg_fatal("empty nexthop hostname"); 159 if (request->rcpt_list.len <= 0) 160 msg_fatal("recipient count: %d", request->rcpt_list.len); 161 162 /* 163 * Open the queue file. Opening the file can fail for a variety of 164 * reasons, such as the system running out of resources. Instead of 165 * throwing away mail, we're raising a fatal error which forces the mail 166 * system to back off, and retry later. 167 */ 168 src = mail_queue_open(request->queue_name, request->queue_id, 169 O_RDWR, 0); 170 if (src == 0) 171 msg_fatal("%s: open %s %s: %m", myname, 172 request->queue_name, request->queue_id); 173 if (msg_verbose) 174 msg_info("%s: file %s", myname, VSTREAM_PATH(src)); 175 176 /* 177 * Bounce/defer/whatever all recipients. 178 */ 179#define BOUNCE_FLAGS(request) DEL_REQ_TRACE_FLAGS(request->flags) 180 181 dsn_split(&dp, def_dsn, request->nexthop); 182 (void) DSN_SIMPLE(&dsn, DSN_STATUS(dp.dsn), dp.text); 183 for (nrcpt = 0; nrcpt < request->rcpt_list.len; nrcpt++) { 184 rcpt = request->rcpt_list.info + nrcpt; 185 status = append(BOUNCE_FLAGS(request), request->queue_id, 186 &request->msg_stats, rcpt, "none", &dsn); 187 if (status == 0) 188 deliver_completed(src, rcpt->offset); 189 result |= status; 190 } 191 192 /* 193 * Clean up. 194 */ 195 if (vstream_fclose(src)) 196 msg_warn("close %s %s: %m", request->queue_name, request->queue_id); 197 198 return (result); 199} 200 201/* error_service - perform service for client */ 202 203static void error_service(VSTREAM *client_stream, char *service, char **argv) 204{ 205 DELIVER_REQUEST *request; 206 int status; 207 208 /* 209 * Sanity check. This service takes no command-line arguments. 210 */ 211 if (argv[0]) 212 msg_fatal("unexpected command-line argument: %s", argv[0]); 213 214 /* 215 * This routine runs whenever a client connects to the UNIX-domain socket 216 * dedicated to the error mailer. What we see below is a little protocol 217 * to (1) tell the queue manager that we are ready, (2) read a request 218 * from the queue manager, and (3) report the completion status of that 219 * request. All connection-management stuff is handled by the common code 220 * in single_server.c. 221 */ 222 if ((request = deliver_request_read(client_stream)) != 0) { 223 if (strcmp(service, MAIL_SERVICE_ERROR) == 0) 224 status = deliver_message(request, "5.0.0", bounce_append); 225 else if (strcmp(service, MAIL_SERVICE_RETRY) == 0) 226 status = deliver_message(request, "4.0.0", defer_append); 227 else 228 msg_fatal("bad error service name: %s", service); 229 deliver_request_done(client_stream, request, status); 230 } 231} 232 233/* pre_init - pre-jail initialization */ 234 235static void pre_init(char *unused_name, char **unused_argv) 236{ 237 flush_init(); 238} 239 240MAIL_VERSION_STAMP_DECLARE; 241 242/* main - pass control to the single-threaded skeleton */ 243 244int main(int argc, char **argv) 245{ 246 247 /* 248 * Fingerprint executables and core dumps. 249 */ 250 MAIL_VERSION_STAMP_ALLOCATE; 251 252 single_server_main(argc, argv, error_service, 253 MAIL_SERVER_PRE_INIT, pre_init, 254 0); 255} 256