1/*++
2/* NAME
3/*	trivial-rewrite 8
4/* SUMMARY
5/*	Postfix address rewriting and resolving daemon
6/* SYNOPSIS
7/*	\fBtrivial-rewrite\fR [generic Postfix daemon options]
8/* DESCRIPTION
9/*	The \fBtrivial-rewrite\fR(8) daemon processes three types of client
10/*	service requests:
11/* .IP "\fBrewrite \fIcontext address\fR"
12/*	Rewrite an address to standard form, according to the
13/*	address rewriting context:
14/* .RS
15/* .IP \fBlocal\fR
16/*	Append the domain names specified with \fB$myorigin\fR or
17/*	\fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR
18/*	and \fBallow_percent_hack\fR processing as described below, and
19/*	strip source routed addresses (\fI@site,@site:user@domain\fR)
20/*	to \fIuser@domain\fR form.
21/* .IP \fBremote\fR
22/*	Append the domain name specified with
23/*	\fB$remote_header_rewrite_domain\fR to incomplete
24/*	addresses. Otherwise the result is identical to that of
25/*	the \fBlocal\fR address rewriting context. This prevents
26/*      Postfix from appending the local domain to spam from poorly
27/*	written remote clients.
28/* .RE
29/* .IP "\fBresolve \fIsender\fR \fIaddress\fR"
30/*	Resolve the address to a (\fItransport\fR, \fInexthop\fR,
31/*      \fIrecipient\fR, \fIflags\fR) quadruple. The meaning of
32/*	the results is as follows:
33/* .RS
34/* .IP \fItransport\fR
35/*	The delivery agent to use. This is the first field of an entry
36/*	in the \fBmaster.cf\fR file.
37/* .IP \fInexthop\fR
38/*	The host to send to and optional delivery method information.
39/* .IP \fIrecipient\fR
40/*	The envelope recipient address that is passed on to \fInexthop\fR.
41/* .IP \fIflags\fR
42/*	The address class, whether the address requires relaying,
43/*	whether the address has problems, and whether the request failed.
44/* .RE
45/* .IP "\fBverify \fIsender\fR \fIaddress\fR"
46/*	Resolve the address for address verification purposes.
47/* SERVER PROCESS MANAGEMENT
48/* .ad
49/* .fi
50/*	The \fBtrivial-rewrite\fR(8) servers run under control by
51/*	the Postfix master
52/*	server.  Each server can handle multiple simultaneous connections.
53/*	When all servers are busy while a client connects, the master
54/*	creates a new server process, provided that the trivial-rewrite
55/*	server process limit is not exceeded.
56/*	Each trivial-rewrite server terminates after
57/*	serving at least \fB$max_use\fR clients of after \fB$max_idle\fR
58/*	seconds of idle time.
59/* STANDARDS
60/* .ad
61/* .fi
62/*	None. The command does not interact with the outside world.
63/* SECURITY
64/* .ad
65/* .fi
66/*	The \fBtrivial-rewrite\fR(8) daemon is not security sensitive.
67/*	By default, this daemon does not talk to remote or local users.
68/*	It can run at a fixed low privilege in a chrooted environment.
69/* DIAGNOSTICS
70/*	Problems and transactions are logged to \fBsyslogd\fR(8).
71/* CONFIGURATION PARAMETERS
72/* .ad
73/* .fi
74/*	On busy mail systems a long time may pass before a \fBmain.cf\fR
75/*	change affecting \fBtrivial-rewrite\fR(8) is picked up. Use the command
76/*	"\fBpostfix reload\fR" to speed up a change.
77/*
78/*	The text below provides only a parameter summary. See
79/*	\fBpostconf\fR(5) for more details including examples.
80/* COMPATIBILITY CONTROLS
81/* .ad
82/* .fi
83/* .IP "\fBresolve_dequoted_address (yes)\fR"
84/*	Resolve a recipient address safely instead of correctly, by
85/*	looking inside quotes.
86/* .PP
87/*	Available with Postfix version 2.1 and later:
88/* .IP "\fBresolve_null_domain (no)\fR"
89/*	Resolve an address that ends in the "@" null domain as if the
90/*	local hostname were specified, instead of rejecting the address as
91/*	invalid.
92/* .PP
93/*	Available with Postfix version 2.3 and later:
94/* .IP "\fBresolve_numeric_domain (no)\fR"
95/*	Resolve "user@ipaddress" as "user@[ipaddress]", instead of
96/*	rejecting the address as invalid.
97/* .PP
98/*	Available with Postfix version 2.5 and later:
99/* .IP "\fBallow_min_user (no)\fR"
100/*	Allow a sender or recipient address to have `-' as the first
101/*	character.
102/* ADDRESS REWRITING CONTROLS
103/* .ad
104/* .fi
105/* .IP "\fBmyorigin ($myhostname)\fR"
106/*	The domain name that locally-posted mail appears to come
107/*	from, and that locally posted mail is delivered to.
108/* .IP "\fBallow_percent_hack (yes)\fR"
109/*	Enable the rewriting of the form "user%domain" to "user@domain".
110/* .IP "\fBappend_at_myorigin (yes)\fR"
111/*	With locally submitted mail, append the string "@$myorigin" to mail
112/*	addresses without domain information.
113/* .IP "\fBappend_dot_mydomain (yes)\fR"
114/*	With locally submitted mail, append the string ".$mydomain" to
115/*	addresses that have no ".domain" information.
116/* .IP "\fBrecipient_delimiter (empty)\fR"
117/*	The set of characters that can separate a user name from its
118/*	extension (example: user+foo), or a .forward file name from its
119/*	extension (example: .forward+foo).
120/* .IP "\fBswap_bangpath (yes)\fR"
121/*	Enable the rewriting of "site!user" into "user@site".
122/* .PP
123/*	Available in Postfix 2.2 and later:
124/* .IP "\fBremote_header_rewrite_domain (empty)\fR"
125/*	Don't rewrite message headers from remote clients at all when
126/*	this parameter is empty; otherwise, rewrite message headers and
127/*	append the specified domain name to incomplete addresses.
128/* ROUTING CONTROLS
129/* .ad
130/* .fi
131/*	The following is applicable to Postfix version 2.0 and later.
132/*	Earlier versions do not have support for: virtual_transport,
133/*	relay_transport, virtual_alias_domains, virtual_mailbox_domains
134/*	or proxy_interfaces.
135/* .IP "\fBlocal_transport (local:$myhostname)\fR"
136/*	The default mail delivery transport and next-hop destination
137/*	for final delivery to domains listed with mydestination, and for
138/*	[ipaddress] destinations that match $inet_interfaces or $proxy_interfaces.
139/* .IP "\fBvirtual_transport (virtual)\fR"
140/*	The default mail delivery transport and next-hop destination for
141/*	final delivery to domains listed with $virtual_mailbox_domains.
142/* .IP "\fBrelay_transport (relay)\fR"
143/*	The default mail delivery transport and next-hop destination for
144/*	remote delivery to domains listed with $relay_domains.
145/* .IP "\fBdefault_transport (smtp)\fR"
146/*	The default mail delivery transport and next-hop destination for
147/*	destinations that do not match $mydestination, $inet_interfaces,
148/*	$proxy_interfaces, $virtual_alias_domains, $virtual_mailbox_domains,
149/*	or $relay_domains.
150/* .IP "\fBparent_domain_matches_subdomains (see 'postconf -d' output)\fR"
151/*	What Postfix features match subdomains of "domain.tld" automatically,
152/*	instead of requiring an explicit ".domain.tld" pattern.
153/* .IP "\fBrelayhost (empty)\fR"
154/*	The next-hop destination of non-local mail; overrides non-local
155/*	domains in recipient addresses.
156/* .IP "\fBtransport_maps (empty)\fR"
157/*	Optional lookup tables with mappings from recipient address to
158/*	(message delivery transport, next-hop destination).
159/* .PP
160/*	Available in Postfix version 2.3 and later:
161/* .IP "\fBsender_dependent_relayhost_maps (empty)\fR"
162/*	A sender-dependent override for the global relayhost parameter
163/*	setting.
164/* .PP
165/*	Available in Postfix version 2.5 and later:
166/* .IP "\fBempty_address_relayhost_maps_lookup_key (<>)\fR"
167/*	The sender_dependent_relayhost_maps search string that will be
168/*	used instead of the null sender address.
169/* .PP
170/*	Available in Postfix version 2.7 and later:
171/* .IP "\fBempty_address_default_transport_maps_lookup_key (<>)\fR"
172/*	The sender_dependent_default_transport_maps search string that
173/*	will be used instead of the null sender address.
174/* .IP "\fBsender_dependent_default_transport_maps (empty)\fR"
175/*	A sender-dependent override for the global default_transport
176/*	parameter setting.
177/* ADDRESS VERIFICATION CONTROLS
178/* .ad
179/* .fi
180/*	Postfix version 2.1 introduces sender and recipient address verification.
181/*	This feature is implemented by sending probe email messages that
182/*	are not actually delivered.
183/*	By default, address verification probes use the same route
184/*	as regular mail. To override specific aspects of message
185/*	routing for address verification probes, specify one or more
186/*	of the following:
187/* .IP "\fBaddress_verify_local_transport ($local_transport)\fR"
188/*	Overrides the local_transport parameter setting for address
189/*	verification probes.
190/* .IP "\fBaddress_verify_virtual_transport ($virtual_transport)\fR"
191/*	Overrides the virtual_transport parameter setting for address
192/*	verification probes.
193/* .IP "\fBaddress_verify_relay_transport ($relay_transport)\fR"
194/*	Overrides the relay_transport parameter setting for address
195/*	verification probes.
196/* .IP "\fBaddress_verify_default_transport ($default_transport)\fR"
197/*	Overrides the default_transport parameter setting for address
198/*	verification probes.
199/* .IP "\fBaddress_verify_relayhost ($relayhost)\fR"
200/*	Overrides the relayhost parameter setting for address verification
201/*	probes.
202/* .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
203/*	Overrides the transport_maps parameter setting for address verification
204/*	probes.
205/* .PP
206/*	Available in Postfix version 2.3 and later:
207/* .IP "\fBaddress_verify_sender_dependent_relayhost_maps ($sender_dependent_relayhost_maps)\fR"
208/*	Overrides the sender_dependent_relayhost_maps parameter setting for address
209/*	verification probes.
210/* .PP
211/*	Available in Postfix version 2.7 and later:
212/* .IP "\fBaddress_verify_sender_dependent_default_transport_maps ($sender_dependent_default_transport_maps)\fR"
213/*	Overrides the sender_dependent_default_transport_maps parameter
214/*	setting for address verification probes.
215/* MISCELLANEOUS CONTROLS
216/* .ad
217/* .fi
218/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
219/*	The default location of the Postfix main.cf and master.cf
220/*	configuration files.
221/* .IP "\fBdaemon_timeout (18000s)\fR"
222/*	How much time a Postfix daemon process may take to handle a
223/*	request before it is terminated by a built-in watchdog timer.
224/* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR"
225/*	The recipient of mail addressed to the null address.
226/* .IP "\fBipc_timeout (3600s)\fR"
227/*	The time limit for sending or receiving information over an internal
228/*	communication channel.
229/* .IP "\fBmax_idle (100s)\fR"
230/*	The maximum amount of time that an idle Postfix daemon process waits
231/*	for an incoming connection before terminating voluntarily.
232/* .IP "\fBmax_use (100)\fR"
233/*	The maximal number of incoming connections that a Postfix daemon
234/*	process will service before terminating voluntarily.
235/* .IP "\fBrelocated_maps (empty)\fR"
236/*	Optional lookup tables with new contact information for users or
237/*	domains that no longer exist.
238/* .IP "\fBprocess_id (read-only)\fR"
239/*	The process ID of a Postfix command or daemon process.
240/* .IP "\fBprocess_name (read-only)\fR"
241/*	The process name of a Postfix command or daemon process.
242/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
243/*	The location of the Postfix top-level queue directory.
244/* .IP "\fBshow_user_unknown_table_name (yes)\fR"
245/*	Display the name of the recipient table in the "User unknown"
246/*	responses.
247/* .IP "\fBsyslog_facility (mail)\fR"
248/*	The syslog facility of Postfix logging.
249/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
250/*	The mail system name that is prepended to the process name in syslog
251/*	records, so that "smtpd" becomes, for example, "postfix/smtpd".
252/* .PP
253/*	Available in Postfix version 2.0 and later:
254/* .IP "\fBhelpful_warnings (yes)\fR"
255/*	Log warnings about problematic configuration settings, and provide
256/*	helpful suggestions.
257/* SEE ALSO
258/*	postconf(5), configuration parameters
259/*	transport(5), transport table format
260/*	relocated(5), format of the "user has moved" table
261/*	master(8), process manager
262/*	syslogd(8), system logging
263/* README FILES
264/* .ad
265/* .fi
266/*	Use "\fBpostconf readme_directory\fR" or
267/*	"\fBpostconf html_directory\fR" to locate this information.
268/* .na
269/* .nf
270/*	ADDRESS_CLASS_README, Postfix address classes howto
271/*	ADDRESS_VERIFICATION_README, Postfix address verification
272/* LICENSE
273/* .ad
274/* .fi
275/*	The Secure Mailer license must be distributed with this software.
276/* AUTHOR(S)
277/*	Wietse Venema
278/*	IBM T.J. Watson Research
279/*	P.O. Box 704
280/*	Yorktown Heights, NY 10598, USA
281/*--*/
282
283/* System library. */
284
285#include <sys_defs.h>
286#include <unistd.h>
287#include <stdlib.h>
288#include <string.h>
289
290/* Utility library. */
291
292#include <msg.h>
293#include <vstring.h>
294#include <vstream.h>
295#include <vstring_vstream.h>
296#include <split_at.h>
297#include <stringops.h>
298#include <dict.h>
299#include <events.h>
300
301/* Global library. */
302
303#include <mail_params.h>
304#include <mail_version.h>
305#include <mail_proto.h>
306#include <resolve_local.h>
307#include <mail_conf.h>
308#include <resolve_clnt.h>
309#include <rewrite_clnt.h>
310#include <tok822.h>
311#include <mail_addr.h>
312
313/* Multi server skeleton. */
314
315#include <mail_server.h>
316
317/* Application-specific. */
318
319#include <trivial-rewrite.h>
320#include <transport.h>
321
322static VSTRING *command;
323
324 /*
325  * Tunable parameters.
326  */
327char   *var_transport_maps;
328bool    var_swap_bangpath;
329bool    var_append_dot_mydomain;
330bool    var_append_at_myorigin;
331bool    var_percent_hack;
332char   *var_local_transport;
333char   *var_virt_transport;
334char   *var_relay_transport;
335int     var_resolve_dequoted;
336char   *var_virt_alias_maps;		/* XXX virtual_alias_domains */
337char   *var_virt_mailbox_maps;		/* XXX virtual_mailbox_domains */
338char   *var_virt_alias_doms;
339char   *var_virt_mailbox_doms;
340char   *var_relocated_maps;
341char   *var_def_transport;
342char   *var_snd_def_xport_maps;
343char   *var_empty_addr;
344int     var_show_unk_rcpt_table;
345int     var_resolve_nulldom;
346char   *var_remote_rwr_domain;
347char   *var_snd_relay_maps;
348char   *var_null_relay_maps_key;
349char   *var_null_def_xport_maps_key;
350int     var_resolve_num_dom;
351bool    var_allow_min_user;
352
353 /*
354  * Shadow personality for address verification.
355  */
356char   *var_vrfy_xport_maps;
357char   *var_vrfy_local_xport;
358char   *var_vrfy_virt_xport;
359char   *var_vrfy_relay_xport;
360char   *var_vrfy_def_xport;
361char   *var_vrfy_snd_def_xport_maps;
362char   *var_vrfy_relayhost;
363char   *var_vrfy_relay_maps;
364
365 /*
366  * Different resolver personalities depending on the kind of request.
367  */
368RES_CONTEXT resolve_regular = {
369    VAR_LOCAL_TRANSPORT, &var_local_transport,
370    VAR_VIRT_TRANSPORT, &var_virt_transport,
371    VAR_RELAY_TRANSPORT, &var_relay_transport,
372    VAR_DEF_TRANSPORT, &var_def_transport,
373    VAR_SND_DEF_XPORT_MAPS, &var_snd_def_xport_maps, 0,
374    VAR_RELAYHOST, &var_relayhost,
375    VAR_SND_RELAY_MAPS, &var_snd_relay_maps, 0,
376    VAR_TRANSPORT_MAPS, &var_transport_maps, 0
377};
378
379RES_CONTEXT resolve_verify = {
380    VAR_VRFY_LOCAL_XPORT, &var_vrfy_local_xport,
381    VAR_VRFY_VIRT_XPORT, &var_vrfy_virt_xport,
382    VAR_VRFY_RELAY_XPORT, &var_vrfy_relay_xport,
383    VAR_VRFY_DEF_XPORT, &var_vrfy_def_xport,
384    VAR_VRFY_SND_DEF_XPORT_MAPS, &var_vrfy_snd_def_xport_maps, 0,
385    VAR_VRFY_RELAYHOST, &var_vrfy_relayhost,
386    VAR_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0,
387    VAR_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0
388};
389
390 /*
391  * Connection management. When file-based lookup tables change we should
392  * restart at our convenience, but avoid client read errors. We restart
393  * rather than reopen, because the process may be chrooted (and if it isn't
394  * we still need code that handles the chrooted case anyway).
395  *
396  * Three variants are implemented. Only one should be used.
397  *
398  * ifdef DETACH_AND_ASK_CLIENTS_TO_RECONNECT
399  *
400  * This code detaches the trivial-rewrite process from the master, stops
401  * accepting new clients, and handles established clients in the background,
402  * asking them to reconnect the next time they send a request. The master
403  * creates a new process that accepts connections. This is reasonably safe
404  * because the number of trivial-rewrite server processes is small compared
405  * to the number of trivial-rewrite client processes. The few extra
406  * background processes should not make a difference in Postfix's footprint.
407  * However, once a daemon detaches from the master, its exit status will be
408  * lost, and abnormal termination may remain undetected. Timely restart is
409  * achieved by checking the table changed status every 10 seconds or so
410  * before responding to a client request.
411  *
412  * ifdef CHECK_TABLE_STATS_PERIODICALLY
413  *
414  * This code runs every 10 seconds and terminates the process when lookup
415  * tables have changed. This is subject to race conditions when established
416  * clients send a request while the server exits; those clients may read EOF
417  * instead of a server reply. If the experience with the oldest option
418  * (below) is anything to go by, however, then this is unlikely to be a
419  * problem during real deployment.
420  *
421  * ifdef CHECK_TABLE_STATS_BEFORE_ACCEPT
422  *
423  * This is the old code. It checks the table changed status when a new client
424  * connects (i.e. before the server calls accept()), and terminates
425  * immediately. This is invisible for the connecting client, but is subject
426  * to race conditions when established clients send a request while the
427  * server exits; those clients may read EOF instead of a server reply. This
428  * has, however, not been a problem in real deployment. With the old code,
429  * timely restart is achieved by setting the ipc_ttl parameter to 60
430  * seconds, so that the table change status is checked several times a
431  * minute.
432  */
433int     server_flags;
434
435 /*
436  * Define exactly one of these.
437  */
438/* #define DETACH_AND_ASK_CLIENTS_TO_RECONNECT	/* correct and complex */
439#define CHECK_TABLE_STATS_PERIODICALLY	/* quick */
440/* #define CHECK_TABLE_STATS_BEFORE_ACCEPT	/* slow */
441
442/* rewrite_service - read request and send reply */
443
444static void rewrite_service(VSTREAM *stream, char *unused_service, char **argv)
445{
446    int     status = -1;
447
448#ifdef DETACH_AND_ASK_CLIENTS_TO_RECONNECT
449    static time_t last;
450    time_t  now;
451    const char *table;
452
453#endif
454
455    /*
456     * Sanity check. This service takes no command-line arguments.
457     */
458    if (argv[0])
459	msg_fatal("unexpected command-line argument: %s", argv[0]);
460
461    /*
462     * Client connections are long-lived. Be sure to refesh timely.
463     */
464#ifdef DETACH_AND_ASK_CLIENTS_TO_RECONNECT
465    if (server_flags == 0 && (now = event_time()) - last > 10) {
466	if ((table = dict_changed_name()) != 0) {
467	    msg_info("table %s has changed -- restarting", table);
468	    if (multi_server_drain() == 0)
469		server_flags = 1;
470	}
471	last = now;
472    }
473#endif
474
475    /*
476     * This routine runs whenever a client connects to the UNIX-domain socket
477     * dedicated to address rewriting. All connection-management stuff is
478     * handled by the common code in multi_server.c.
479     */
480    if (attr_scan(stream, ATTR_FLAG_STRICT | ATTR_FLAG_MORE,
481		  ATTR_TYPE_STR, MAIL_ATTR_REQ, command,
482		  ATTR_TYPE_END) == 1) {
483	if (strcmp(vstring_str(command), REWRITE_ADDR) == 0) {
484	    status = rewrite_proto(stream);
485	} else if (strcmp(vstring_str(command), RESOLVE_REGULAR) == 0) {
486	    status = resolve_proto(&resolve_regular, stream);
487	} else if (strcmp(vstring_str(command), RESOLVE_VERIFY) == 0) {
488	    status = resolve_proto(&resolve_verify, stream);
489	} else {
490	    msg_warn("bad command %.30s", printable(vstring_str(command), '?'));
491	}
492    }
493    if (status < 0)
494	multi_server_disconnect(stream);
495}
496
497/* pre_accept - see if tables have changed */
498
499#ifdef CHECK_TABLE_STATS_BEFORE_ACCEPT
500
501static void pre_accept(char *unused_name, char **unused_argv)
502{
503    const char *table;
504
505    if ((table = dict_changed_name()) != 0) {
506	msg_info("table %s has changed -- restarting", table);
507	exit(0);
508    }
509}
510
511#endif
512
513static void check_table_stats(int unused_event, char *unused_context)
514{
515    const char *table;
516
517    if ((table = dict_changed_name()) != 0) {
518	msg_info("table %s has changed -- restarting", table);
519	exit(0);
520    }
521    event_request_timer(check_table_stats, (char *) 0, 10);
522}
523
524/* pre_jail_init - initialize before entering chroot jail */
525
526static void pre_jail_init(char *unused_name, char **unused_argv)
527{
528    command = vstring_alloc(100);
529    rewrite_init();
530    resolve_init();
531    if (*RES_PARAM_VALUE(resolve_regular.transport_maps))
532	resolve_regular.transport_info =
533	    transport_pre_init(resolve_regular.transport_maps_name,
534			   RES_PARAM_VALUE(resolve_regular.transport_maps));
535    if (*RES_PARAM_VALUE(resolve_verify.transport_maps))
536	resolve_verify.transport_info =
537	    transport_pre_init(resolve_verify.transport_maps_name,
538			    RES_PARAM_VALUE(resolve_verify.transport_maps));
539    if (*RES_PARAM_VALUE(resolve_regular.snd_relay_maps))
540	resolve_regular.snd_relay_info =
541	    maps_create(resolve_regular.snd_relay_maps_name,
542			RES_PARAM_VALUE(resolve_regular.snd_relay_maps),
543			DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
544			| DICT_FLAG_NO_REGSUB);
545    if (*RES_PARAM_VALUE(resolve_verify.snd_relay_maps))
546	resolve_verify.snd_relay_info =
547	    maps_create(resolve_verify.snd_relay_maps_name,
548			RES_PARAM_VALUE(resolve_verify.snd_relay_maps),
549			DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
550			| DICT_FLAG_NO_REGSUB);
551    if (*RES_PARAM_VALUE(resolve_regular.snd_def_xp_maps))
552	resolve_regular.snd_def_xp_info =
553	    maps_create(resolve_regular.snd_def_xp_maps_name,
554			RES_PARAM_VALUE(resolve_regular.snd_def_xp_maps),
555			DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
556			| DICT_FLAG_NO_REGSUB);
557    if (*RES_PARAM_VALUE(resolve_verify.snd_def_xp_maps))
558	resolve_verify.snd_def_xp_info =
559	    maps_create(resolve_verify.snd_def_xp_maps_name,
560			RES_PARAM_VALUE(resolve_verify.snd_def_xp_maps),
561			DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
562			| DICT_FLAG_NO_REGSUB);
563}
564
565/* post_jail_init - initialize after entering chroot jail */
566
567static void post_jail_init(char *unused_name, char **unused_argv)
568{
569    if (resolve_regular.transport_info)
570	transport_post_init(resolve_regular.transport_info);
571    if (resolve_verify.transport_info)
572	transport_post_init(resolve_verify.transport_info);
573    check_table_stats(0, (char *) 0);
574}
575
576MAIL_VERSION_STAMP_DECLARE;
577
578/* main - pass control to the multi-threaded skeleton code */
579
580int     main(int argc, char **argv)
581{
582    static const CONFIG_STR_TABLE str_table[] = {
583	VAR_TRANSPORT_MAPS, DEF_TRANSPORT_MAPS, &var_transport_maps, 0, 0,
584	VAR_LOCAL_TRANSPORT, DEF_LOCAL_TRANSPORT, &var_local_transport, 1, 0,
585	VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
586	VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
587	VAR_DEF_TRANSPORT, DEF_DEF_TRANSPORT, &var_def_transport, 1, 0,
588	VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
589	VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
590	VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
591	VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
592	VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
593	VAR_EMPTY_ADDR, DEF_EMPTY_ADDR, &var_empty_addr, 1, 0,
594	VAR_VRFY_XPORT_MAPS, DEF_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0, 0,
595	VAR_VRFY_LOCAL_XPORT, DEF_VRFY_LOCAL_XPORT, &var_vrfy_local_xport, 1, 0,
596	VAR_VRFY_VIRT_XPORT, DEF_VRFY_VIRT_XPORT, &var_vrfy_virt_xport, 1, 0,
597	VAR_VRFY_RELAY_XPORT, DEF_VRFY_RELAY_XPORT, &var_vrfy_relay_xport, 1, 0,
598	VAR_VRFY_DEF_XPORT, DEF_VRFY_DEF_XPORT, &var_vrfy_def_xport, 1, 0,
599	VAR_VRFY_RELAYHOST, DEF_VRFY_RELAYHOST, &var_vrfy_relayhost, 0, 0,
600	VAR_REM_RWR_DOMAIN, DEF_REM_RWR_DOMAIN, &var_remote_rwr_domain, 0, 0,
601	VAR_SND_RELAY_MAPS, DEF_SND_RELAY_MAPS, &var_snd_relay_maps, 0, 0,
602	VAR_NULL_RELAY_MAPS_KEY, DEF_NULL_RELAY_MAPS_KEY, &var_null_relay_maps_key, 1, 0,
603	VAR_VRFY_RELAY_MAPS, DEF_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0, 0,
604	VAR_SND_DEF_XPORT_MAPS, DEF_SND_DEF_XPORT_MAPS, &var_snd_def_xport_maps, 0, 0,
605	VAR_NULL_DEF_XPORT_MAPS_KEY, DEF_NULL_DEF_XPORT_MAPS_KEY, &var_null_def_xport_maps_key, 1, 0,
606	VAR_VRFY_SND_DEF_XPORT_MAPS, DEF_VRFY_SND_DEF_XPORT_MAPS, &var_vrfy_snd_def_xport_maps, 0, 0,
607	0,
608    };
609    static const CONFIG_BOOL_TABLE bool_table[] = {
610	VAR_SWAP_BANGPATH, DEF_SWAP_BANGPATH, &var_swap_bangpath,
611	VAR_APP_DOT_MYDOMAIN, DEF_APP_DOT_MYDOMAIN, &var_append_dot_mydomain,
612	VAR_APP_AT_MYORIGIN, DEF_APP_AT_MYORIGIN, &var_append_at_myorigin,
613	VAR_PERCENT_HACK, DEF_PERCENT_HACK, &var_percent_hack,
614	VAR_RESOLVE_DEQUOTED, DEF_RESOLVE_DEQUOTED, &var_resolve_dequoted,
615	VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table,
616	VAR_RESOLVE_NULLDOM, DEF_RESOLVE_NULLDOM, &var_resolve_nulldom,
617	VAR_RESOLVE_NUM_DOM, DEF_RESOLVE_NUM_DOM, &var_resolve_num_dom,
618	VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user,
619	0,
620    };
621
622    /*
623     * Fingerprint executables and core dumps.
624     */
625    MAIL_VERSION_STAMP_ALLOCATE;
626
627    multi_server_main(argc, argv, rewrite_service,
628		      MAIL_SERVER_STR_TABLE, str_table,
629		      MAIL_SERVER_BOOL_TABLE, bool_table,
630		      MAIL_SERVER_PRE_INIT, pre_jail_init,
631		      MAIL_SERVER_POST_INIT, post_jail_init,
632#ifdef CHECK_TABLE_STATS_BEFORE_ACCEPT
633		      MAIL_SERVER_PRE_ACCEPT, pre_accept,
634#endif
635		      0);
636}
637