[Exim] Bounce authentication patch for exim-3.30

Top Page
Delete this message
Reply to this message
Author: Marian Eichholz
Date:  
To: exim-users, Philip Hazel
Subject: [Exim] Bounce authentication patch for exim-3.30
Hi Philip, *

Browsing through the new Exim 3.30 code, I found that the "authenticate
bounce" code seems to be missing in the new release. Only the -Mas/-Mai
interface made it's way into the release.

So I patched the full semantics as discussed in February back into the
new release. I am pretty shure, that it may be of use for some sites
with authentication. So I ask You, if You probably want to include it in
the next release.

The attached patch allows to send bounces as authenticated mail over the
next ASMTP link. For this purpose it introduces a new global boolean
attribute, "authenticate bounces". It uses the exim-user as
authenticator.

An additional suggestion for discussion: Wouldn't it be probably safer
to allow only trusted callers to authenticate implicitly with the
-Mai/-Mas options? That's, why the set_authenticateed_xxxx variables are
back again.

Please find the patch attached.

Mit freundlichen Gruessen / Yours sincerely

Marian Eichholz
Postmaster
freenet.de AG          Vorsitzender des Aufsichtsrates: Gerhard Schmid
Deelbögenkamp 4c       Vorstand: Eckhard Spoerr (Vors.), Axel Krieger
22297 Hamburg          Amtsgericht Hamburg, HRB 74048
--- src/exim.c.orig    Mon Jun 18 11:03:24 2001
+++ src/exim.c    Mon Jun 18 13:21:24 2001
@@ -401,6 +401,11 @@
 struct sockaddr inetd_sock;
 #endif


+#ifdef HAVE_AUTH
+char *set_authenticated_sender = NULL;
+char *set_authenticated_id = NULL;
+#endif
+
/* Possible options for -R and -S */

static char *rsopts[] = { "f", "ff", "r", "rf", "rff" };
@@ -1449,11 +1454,11 @@

       /* -oMas: setting authenticated sender */


-      else if (strcmp(argrest, "Mas") == 0) authenticated_sender = argv[++i];
+      else if (strcmp(argrest, "Mas") == 0) set_authenticated_sender = argv[++i];


       /* -oMai: setting authenticated id */


-      else if (strcmp(argrest, "Mai") == 0) authenticated_id = argv[++i];
+      else if (strcmp(argrest, "Mai") == 0) set_authenticated_id = argv[++i];


       /* -oMi: Set incoming interface address */


@@ -2057,14 +2062,38 @@
mailer_argv[4] = "-f";
mailer_argv[5] = "<>";

+i = 6;
+
+#ifdef HAVE_AUTH
+
+/* If the mailer daemon shall be authenticated, it's final
+   authenticated_sender-ID is given here. It is wired to
+   "Mailer-Daemon@qualify_domain_sender".  The authenticated_id is set
+   to the exim user login. The whole thing has to be activated by
+   "authenticate_bounces = yes" */
+
+if (authenticate_bounces != 0)
+  {
+    struct passwd *pw = getpwuid(exim_uid);
+    if (pw && pw->pw_name && pw->pw_name[0])
+      {
+    mailer_argv[i++] = "-oMas";
+    mailer_argv[i++] = string_sprintf("Mailer-Daemon@%s",
+                      qualify_domain_sender);
+    mailer_argv[i++] = "-oMai";
+    mailer_argv[i++] =  string_copy(pw->pw_name);
+      } /* authenticate_bounces */
+  }
+
+#endif
+
 /* Set up the -E option to give the current message id, if any. If debugging is
 turned on, arrange to pass the setting when we re-exec exim for error messages,
 etc. Also pass on -N if set (-d is always set if -N is.) The argument list has
 several 0 entries at the end, all but the last of which can be overwritten. */


-mailer_argv[6] = message_id_option;
+mailer_argv[i++] = message_id_option;

-i = 7;
 if (debug_level > 0)
   {
   mailer_argv[i++] = string_sprintf("-d%d", debug_level);
@@ -2786,6 +2815,21 @@
   if (authenticated_id == NULL) authenticated_id = originator_login;
   #endif
   }
+
+/* A locally-supplied bounce mail comes with no sender, but can become
+   authenticated with sender/id supplied at the command line.  Only a
+   trusted user (or anybody w/untrusted_set_sender set) is allowed to
+   to this. */
+
+#ifdef HAVE_AUTH
+ if (trusted_caller || untrusted_set_sender)
+ {
+   if (set_authenticated_sender != NULL)
+     authenticated_sender = set_authenticated_sender;
+   if (set_authenticated_id != NULL )
+     authenticated_id = set_authenticated_id;
+  }
+#endif


 /* Trusted callers are always permitted to specify the sender address.
 Untrusted callers may specify it if untrusted_set_sender is set, or if what is
--- src/globals.c.orig    Mon Jun 18 11:03:24 2001
+++ src/globals.c    Mon Jun 18 13:09:53 2001
@@ -38,6 +38,7 @@
 #ifdef HAVE_AUTH
 BOOL   auth_always_advertise  = TRUE;
 char  *auth_hosts             = NULL;
+BOOL   authenticate_bounces   = FALSE;
 #ifdef SUPPORT_TLS
 char  *auth_over_tls_hosts    = NULL;
 #endif
--- src/globals.h.orig    Mon Jun 18 11:03:24 2001
+++ src/globals.h    Mon Jun 18 13:09:53 2001
@@ -24,6 +24,7 @@
 #ifdef HAVE_AUTH
 extern BOOL   auth_always_advertise;  /* If FALSE, advertise only when needed */
 extern char  *auth_hosts;             /* These must authenticate */
+extern BOOL  authenticate_bounces;    /* use -oMai amd -iMas w/error messages */
 #ifdef SUPPORT_TLS
 extern char  *auth_over_tls_hosts;    /* These must use TLS for AUTH */
 #endif
--- src/readconf.c.orig    Mon Jun 18 11:03:26 2001
+++ src/readconf.c    Mon Jun 18 13:09:53 2001
@@ -43,6 +43,7 @@
 #ifdef SUPPORT_TLS
   { "auth_over_tls_hosts",      opt_stringptr,   &auth_over_tls_hosts },
 #endif
+  { "authenticate_bounces",     opt_bool,        &authenticate_bounces },
 #endif
   { "auto_thaw",                opt_time,        &auto_thaw },
   { "bi_command",               opt_stringptr,   &bi_command },