1/* $NetBSD$ */ 2 3/*++ 4/* NAME 5/* discard 8 6/* SUMMARY 7/* Postfix discard mail delivery agent 8/* SYNOPSIS 9/* \fBdiscard\fR [generic Postfix daemon options] 10/* DESCRIPTION 11/* The Postfix \fBdiscard\fR(8) delivery agent processes 12/* delivery requests from 13/* the queue manager. Each request specifies a queue file, a sender 14/* address, a domain or host name that is treated as the reason for 15/* discarding the mail, and recipient information. 16/* The reason may be prefixed with an RFC 3463-compatible detail code. 17/* This program expects to be run from the \fBmaster\fR(8) process 18/* manager. 19/* 20/* The \fBdiscard\fR(8) delivery agent pretends to deliver all recipients 21/* in the delivery request, logs the "next-hop" domain or host 22/* information as the reason for discarding the mail, updates the 23/* queue file and marks recipients as finished or informs the 24/* queue manager that delivery should be tried again at a later time. 25/* 26/* Delivery status reports are sent to the \fBtrace\fR(8) 27/* daemon as appropriate. 28/* SECURITY 29/* .ad 30/* .fi 31/* The \fBdiscard\fR(8) mailer is not security-sensitive. It does not talk 32/* to the network, and can be run chrooted at fixed low privilege. 33/* STANDARDS 34/* None. 35/* DIAGNOSTICS 36/* Problems and transactions are logged to \fBsyslogd\fR(8). 37/* 38/* Depending on the setting of the \fBnotify_classes\fR parameter, 39/* the postmaster is notified of bounces and of other trouble. 40/* CONFIGURATION PARAMETERS 41/* .ad 42/* .fi 43/* Changes to \fBmain.cf\fR are picked up automatically as \fBdiscard\fR(8) 44/* processes run for only a limited amount of time. Use the command 45/* "\fBpostfix reload\fR" to speed up a change. 46/* 47/* The text below provides only a parameter summary. See 48/* \fBpostconf\fR(5) for more details including examples. 49/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 50/* The default location of the Postfix main.cf and master.cf 51/* configuration files. 52/* .IP "\fBdaemon_timeout (18000s)\fR" 53/* How much time a Postfix daemon process may take to handle a 54/* request before it is terminated by a built-in watchdog timer. 55/* .IP "\fBdelay_logging_resolution_limit (2)\fR" 56/* The maximal number of digits after the decimal point when logging 57/* sub-second delay values. 58/* .IP "\fBdouble_bounce_sender (double-bounce)\fR" 59/* The sender address of postmaster notifications that are generated 60/* by the mail system. 61/* .IP "\fBipc_timeout (3600s)\fR" 62/* The time limit for sending or receiving information over an internal 63/* communication channel. 64/* .IP "\fBmax_idle (100s)\fR" 65/* The maximum amount of time that an idle Postfix daemon process waits 66/* for an incoming connection before terminating voluntarily. 67/* .IP "\fBmax_use (100)\fR" 68/* The maximal number of incoming connections that a Postfix daemon 69/* process will service before terminating voluntarily. 70/* .IP "\fBprocess_id (read-only)\fR" 71/* The process ID of a Postfix command or daemon process. 72/* .IP "\fBprocess_name (read-only)\fR" 73/* The process name of a Postfix command or daemon process. 74/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR" 75/* The location of the Postfix top-level queue directory. 76/* .IP "\fBsyslog_facility (mail)\fR" 77/* The syslog facility of Postfix logging. 78/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 79/* The mail system name that is prepended to the process name in syslog 80/* records, so that "smtpd" becomes, for example, "postfix/smtpd". 81/* SEE ALSO 82/* qmgr(8), queue manager 83/* bounce(8), delivery status reports 84/* error(8), Postfix error delivery agent 85/* postconf(5), configuration parameters 86/* master(5), generic daemon options 87/* master(8), process manager 88/* syslogd(8), system logging 89/* LICENSE 90/* .ad 91/* .fi 92/* The Secure Mailer license must be distributed with this software. 93/* HISTORY 94/* This service was introduced with Postfix version 2.2. 95/* AUTHOR(S) 96/* Victor Duchovni 97/* Morgan Stanley 98/* 99/* Based on code by: 100/* Wietse Venema 101/* IBM T.J. Watson Research 102/* P.O. Box 704 103/* Yorktown Heights, NY 10598, USA 104/*--*/ 105 106/* System library. */ 107 108#include <sys_defs.h> 109#include <unistd.h> 110#include <stdlib.h> 111 112/* Utility library. */ 113 114#include <msg.h> 115#include <vstream.h> 116 117/* Global library. */ 118 119#include <deliver_request.h> 120#include <mail_queue.h> 121#include <bounce.h> 122#include <deliver_completed.h> 123#include <flush_clnt.h> 124#include <sent.h> 125#include <dsn_util.h> 126#include <mail_version.h> 127 128/* Single server skeleton. */ 129 130#include <mail_server.h> 131 132/* deliver_message - deliver message with extreme prejudice */ 133 134static int deliver_message(DELIVER_REQUEST *request) 135{ 136 const char *myname = "deliver_message"; 137 VSTREAM *src; 138 int result = 0; 139 int status; 140 RECIPIENT *rcpt; 141 int nrcpt; 142 DSN_SPLIT dp; 143 DSN dsn; 144 145 if (msg_verbose) 146 msg_info("deliver_message: from %s", request->sender); 147 148 /* 149 * Sanity checks. 150 */ 151 if (request->nexthop[0] == 0) 152 msg_fatal("empty nexthop hostname"); 153 if (request->rcpt_list.len <= 0) 154 msg_fatal("recipient count: %d", request->rcpt_list.len); 155 156 /* 157 * Open the queue file. Opening the file can fail for a variety of 158 * reasons, such as the system running out of resources. Instead of 159 * throwing away mail, we're raising a fatal error which forces the mail 160 * system to back off, and retry later. 161 */ 162 src = mail_queue_open(request->queue_name, request->queue_id, 163 O_RDWR, 0); 164 if (src == 0) 165 msg_fatal("%s: open %s %s: %m", myname, 166 request->queue_name, request->queue_id); 167 if (msg_verbose) 168 msg_info("%s: file %s", myname, VSTREAM_PATH(src)); 169 170 /* 171 * Discard all recipients. 172 */ 173#define BOUNCE_FLAGS(request) DEL_REQ_TRACE_FLAGS(request->flags) 174 175 dsn_split(&dp, "2.0.0", request->nexthop); 176 (void) DSN_SIMPLE(&dsn, DSN_STATUS(dp.dsn), dp.text); 177 for (nrcpt = 0; nrcpt < request->rcpt_list.len; nrcpt++) { 178 rcpt = request->rcpt_list.info + nrcpt; 179 status = sent(BOUNCE_FLAGS(request), request->queue_id, 180 &request->msg_stats, rcpt, "none", &dsn); 181 if (status == 0 && (request->flags & DEL_REQ_FLAG_SUCCESS)) 182 deliver_completed(src, rcpt->offset); 183 result |= status; 184 } 185 186 /* 187 * Clean up. 188 */ 189 if (vstream_fclose(src)) 190 msg_warn("close %s %s: %m", request->queue_name, request->queue_id); 191 192 return (result); 193} 194 195/* discard_service - perform service for client */ 196 197static void discard_service(VSTREAM *client_stream, char *unused_service, char **argv) 198{ 199 DELIVER_REQUEST *request; 200 int status; 201 202 /* 203 * Sanity check. This service takes no command-line arguments. 204 */ 205 if (argv[0]) 206 msg_fatal("unexpected command-line argument: %s", argv[0]); 207 208 /* 209 * This routine runs whenever a client connects to the UNIX-domain socket 210 * dedicated to the discard mailer. What we see below is a little 211 * protocol to (1) tell the queue manager that we are ready, (2) read a 212 * request from the queue manager, and (3) report the completion status 213 * of that request. All connection-management stuff is handled by the 214 * common code in single_server.c. 215 */ 216 if ((request = deliver_request_read(client_stream)) != 0) { 217 status = deliver_message(request); 218 deliver_request_done(client_stream, request, status); 219 } 220} 221 222/* pre_init - pre-jail initialization */ 223 224static void pre_init(char *unused_name, char **unused_argv) 225{ 226 flush_init(); 227} 228 229MAIL_VERSION_STAMP_DECLARE; 230 231/* main - pass control to the single-threaded skeleton */ 232 233int main(int argc, char **argv) 234{ 235 236 /* 237 * Fingerprint executables and core dumps. 238 */ 239 MAIL_VERSION_STAMP_ALLOCATE; 240 241 single_server_main(argc, argv, discard_service, 242 MAIL_SERVER_PRE_INIT, pre_init, 243 0); 244} 245