ph10 2005/08/02 16:19:21 BST
Modified files:
exim-doc/doc-txt ChangeLog NewStuff
exim-src/src acl.c functions.h globals.c globals.h
smtp_in.c
exim-test-orig/AutoTest/confs 051
exim-test-orig/AutoTest/scripts 051
exim-test-orig/AutoTest/stderr 051 445 466 470
exim-test-orig/AutoTest/stdout 051
Log:
Make verify=helo do the verification on the fly it if was not done
earlier, like $sender_host_name handling.
Revision Changes Path
1.196 +6 -0 exim/exim-doc/doc-txt/ChangeLog
1.61 +6 -0 exim/exim-doc/doc-txt/NewStuff
1.43 +6 -2 exim/exim-src/src/acl.c
1.18 +1 -0 exim/exim-src/src/functions.h
1.33 +1 -0 exim/exim-src/src/globals.c
1.24 +1 -0 exim/exim-src/src/globals.h
1.22 +131 -95 exim/exim-src/src/smtp_in.c
1.2 +3 -1 exim/exim-test-orig/AutoTest/confs/051
1.2 +23 -0 exim/exim-test-orig/AutoTest/scripts/051
1.2 +88 -8 exim/exim-test-orig/AutoTest/stderr/051
1.2 +2 -2 exim/exim-test-orig/AutoTest/stderr/445
1.6 +2 -0 exim/exim-test-orig/AutoTest/stderr/466
1.9 +2 -0 exim/exim-test-orig/AutoTest/stderr/470
1.2 +34 -0 exim/exim-test-orig/AutoTest/stdout/051
Index: ChangeLog
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
retrieving revision 1.195
retrieving revision 1.196
diff -u -r1.195 -r1.196
--- ChangeLog 2 Aug 2005 13:43:04 -0000 1.195
+++ ChangeLog 2 Aug 2005 15:19:20 -0000 1.196
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.195 2005/08/02 13:43:04 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.196 2005/08/02 15:19:20 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -49,6 +49,12 @@
run a filter in a subprocess. This could lead to confusion in subsequent
lookups in the parent process. There should also be a search_tidyup() at
the end of the subprocess.
+
+PH/13 Previously, if "verify = helo" was set in an ACL, the condition was true
+ only if the host matched helo_try_verify_hosts, which caused the
+ verification to occur when the EHLO/HELO command was issued. The ACL just
+ tested the remembered result. Now, if a previous verification attempt has
+ not happened, "verify = helo" does it there and then.
Exim version 4.52
Index: NewStuff
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/NewStuff,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- NewStuff 2 Aug 2005 11:22:23 -0000 1.60
+++ NewStuff 2 Aug 2005 15:19:20 -0000 1.61
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.60 2005/08/02 11:22:23 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.61 2005/08/02 15:19:20 ph10 Exp $
New Features in Exim
--------------------
@@ -61,6 +61,12 @@
"IGNOREQUOTA" is added to RCPT commands when using the LMTP protocol,
provided that the server has advertised support for IGNOREQUOTA in its
response to the LHLO command.
+
+PH/05 Previously, if "verify = helo" was set in an ACL, the condition was true
+ only if the host matched helo_try_verify_hosts, which caused the
+ verification to occur when the EHLO/HELO command was issued. The ACL just
+ tested the remembered result. Now, if a previous verification attempt has
+ not happened, "verify = helo" does it there and then.
Exim version 4.52
Index: acl.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/acl.c,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- acl.c 23 Jul 2005 20:46:42 -0000 1.42
+++ acl.c 2 Aug 2005 15:19:20 -0000 1.43
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/acl.c,v 1.42 2005/07/23 20:46:42 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/acl.c,v 1.43 2005/08/02 15:19:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1376,12 +1376,16 @@
return FAIL;
}
-/* We can test the result of optional HELO verification */
+/* We can test the result of optional HELO verification that might have
+occurred earlier. If not, we can attempt the verification now. */
if (strcmpic(ss, US"helo") == 0)
{
if (slash != NULL) goto NO_OPTIONS;
- return helo_verified? OK : FAIL;
+ if (helo_verified) return OK;
+ if (helo_verify_failed) return FAIL;
+ if (smtp_verify_helo()) return helo_verified? OK : FAIL;
+ return DEFER;
}
/* Do Client SMTP Authorization checks in a separate function, and turn the
Index: functions.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/functions.h,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- functions.h 22 Jun 2005 10:17:23 -0000 1.17
+++ functions.h 2 Aug 2005 15:19:20 -0000 1.18
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/functions.h,v 1.17 2005/06/22 10:17:23 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/functions.h,v 1.18 2005/08/02 15:19:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -268,6 +268,7 @@
extern int smtp_setup_msg(void);
extern BOOL smtp_start_session(void);
extern int smtp_ungetc(int);
+extern BOOL smtp_verify_helo(void);
extern int smtp_write_command(smtp_outblock *, BOOL, char *, ...);
#ifdef WITH_CONTENT_SCAN
extern int spam(uschar **);
Index: globals.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- globals.c 2 Aug 2005 11:22:24 -0000 1.32
+++ globals.c 2 Aug 2005 15:19:20 -0000 1.33
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/globals.c,v 1.32 2005/08/02 11:22:24 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/globals.c,v 1.33 2005/08/02 15:19:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -569,6 +569,7 @@
uschar *helo_lookup_domains = US"@ : @[]";
uschar *helo_try_verify_hosts = NULL;
BOOL helo_verified = FALSE;
+BOOL helo_verify_failed = FALSE;
uschar *helo_verify_hosts = NULL;
uschar *hex_digits = US"0123456789abcdef";
uschar *hold_domains = NULL;
Index: globals.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.h,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- globals.h 2 Aug 2005 11:22:24 -0000 1.23
+++ globals.h 2 Aug 2005 15:19:20 -0000 1.24
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/globals.h,v 1.23 2005/08/02 11:22:24 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/globals.h,v 1.24 2005/08/02 15:19:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -343,6 +343,7 @@
extern uschar *helo_lookup_domains; /* If these given, lookup host name */
extern uschar *helo_try_verify_hosts; /* Soft check HELO argument for these */
extern BOOL helo_verified; /* True if HELO verified */
+extern BOOL helo_verify_failed; /* True if attempt failed */
extern uschar *helo_verify_hosts; /* Hard check HELO argument for these */
extern uschar *hex_digits; /* Used in several places */
extern uschar *hold_domains; /* Hold up deliveries to these */
Index: smtp_in.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/smtp_in.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- smtp_in.c 2 Aug 2005 08:25:45 -0000 1.21
+++ smtp_in.c 2 Aug 2005 15:19:20 -0000 1.22
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.21 2005/08/02 08:25:45 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.22 2005/08/02 15:19:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1933,6 +1933,130 @@
/*************************************************
+* Verify HELO argument *
+*************************************************/
+
+/* This function is called if helo_verify_hosts or helo_try_verify_hosts is
+matched. It is also called from ACL processing if verify = helo is used and
+verification was not previously tried (i.e. helo_try_verify_hosts was not
+matched). The result of its processing is to set helo_verified and
+helo_verify_failed. These variables should both be FALSE for this function to
+be called.
+
+Note that EHLO/HELO is legitimately allowed to quote an address literal. Allow
+for IPv6 ::ffff: literals.
+
+Argument: none
+Returns: TRUE if testing was completed;
+ FALSE on a temporary failure
+*/
+
+BOOL
+smtp_verify_helo(void)
+{
+BOOL yield = TRUE;
+
+HDEBUG(D_receive) debug_printf("verifying EHLO/HELO argument \"%s\"\n",
+ sender_helo_name);
+
+if (sender_helo_name == NULL)
+ {
+ HDEBUG(D_receive) debug_printf("no EHLO/HELO command was issued\n");
+ }
+
+else if (sender_helo_name[0] == '[')
+ {
+ helo_verified = Ustrncmp(sender_helo_name+1, sender_host_address,
+ Ustrlen(sender_host_address)) == 0;
+
+ #if HAVE_IPV6
+ if (!helo_verified)
+ {
+ if (strncmpic(sender_host_address, US"::ffff:", 7) == 0)
+ helo_verified = Ustrncmp(sender_helo_name + 1,
+ sender_host_address + 7, Ustrlen(sender_host_address) - 7) == 0;
+ }
+ #endif
+
+ HDEBUG(D_receive)
+ { if (helo_verified) debug_printf("matched host address\n"); }
+ }
+
+/* Do a reverse lookup if one hasn't already given a positive or negative
+response. If that fails, or the name doesn't match, try checking with a forward
+lookup. */
+
+else
+ {
+ if (sender_host_name == NULL && !host_lookup_failed)
+ yield = host_name_lookup() != DEFER;
+
+ /* If a host name is known, check it and all its aliases. */
+
+ if (sender_host_name != NULL)
+ {
+ helo_verified = strcmpic(sender_host_name, sender_helo_name) == 0;
+
+ if (helo_verified)
+ {
+ HDEBUG(D_receive) debug_printf("matched host name\n");
+ }
+ else
+ {
+ uschar **aliases = sender_host_aliases;
+ while (*aliases != NULL)
+ {
+ helo_verified = strcmpic(*aliases++, sender_helo_name) == 0;
+ if (helo_verified) break;
+ }
+ HDEBUG(D_receive)
+ {
+ if (helo_verified)
+ debug_printf("matched alias %s\n", *(--aliases));
+ }
+ }
+ }
+
+ /* Final attempt: try a forward lookup of the helo name */
+
+ if (!helo_verified)
+ {
+ int rc;
+ host_item h;
+ h.name = sender_helo_name;
+ h.address = NULL;
+ h.mx = MX_NONE;
+ h.next = NULL;
+ HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
+ sender_helo_name);
+ rc = host_find_byname(&h, NULL, NULL, TRUE);
+ if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
+ {
+ host_item *hh = &h;
+ while (hh != NULL)
+ {
+ if (Ustrcmp(hh->address, sender_host_address) == 0)
+ {
+ helo_verified = TRUE;
+ HDEBUG(D_receive)
+ debug_printf("IP address for %s matches calling address\n",
+ sender_helo_name);
+ break;
+ }
+ hh = hh->next;
+ }
+ }
+ }
+ }
+
+if (!helo_verified) helo_verify_failed = FALSE; /* We've tried ... */
+return yield;
+}
+
+
+
+
+/*************************************************
* Initialize for SMTP incoming message *
*************************************************/
@@ -2282,104 +2406,16 @@
(tls_active >= 0)? " TLS" : "", host_and_ident(FALSE));
/* Verify if configured. This doesn't give much security, but it does
- make some people happy to be able to do it. Note that HELO is legitimately
- allowed to quote an address literal. Allow for IPv6 ::ffff: literals. */
+ make some people happy to be able to do it. If helo_required is set,
+ (host matches helo_verify_hosts) failure forces rejection. If helo_verify
+ is set (host matches helo_try_verify_hosts), it does not. This is perhaps
+ now obsolescent, since the verification can now be requested selectively
+ at ACL time. */
- helo_verified = FALSE;
+ helo_verified = helo_verify_failed = FALSE;
if (helo_required || helo_verify)
{
- BOOL tempfail = FALSE;
-
- HDEBUG(D_receive) debug_printf("verifying %s %s\n", hello,
- sender_helo_name);
- if (sender_helo_name[0] == '[')
- {
- helo_verified = Ustrncmp(sender_helo_name+1, sender_host_address,
- Ustrlen(sender_host_address)) == 0;
-
- #if HAVE_IPV6
- if (!helo_verified)
- {
- if (strncmpic(sender_host_address, US"::ffff:", 7) == 0)
- helo_verified = Ustrncmp(sender_helo_name + 1,
- sender_host_address + 7, Ustrlen(sender_host_address) - 7) == 0;
- }
- #endif
-
- HDEBUG(D_receive)
- { if (helo_verified) debug_printf("matched host address\n"); }
- }
-
- /* Do a reverse lookup if one hasn't already given a positive or
- negative response. If that fails, or the name doesn't match, try
- checking with a forward lookup. */
-
- else
- {
- if (sender_host_name == NULL && !host_lookup_failed)
- tempfail = host_name_lookup() == DEFER;
-
- /* If a host name is known, check it and all its aliases. */
-
- if (sender_host_name != NULL)
- {
- helo_verified = strcmpic(sender_host_name, sender_helo_name) == 0;
-
- if (helo_verified)
- {
- HDEBUG(D_receive) debug_printf("matched host name\n");
- }
- else
- {
- uschar **aliases = sender_host_aliases;
- while (*aliases != NULL)
- {
- helo_verified = strcmpic(*aliases++, sender_helo_name) == 0;
- if (helo_verified) break;
- }
- HDEBUG(D_receive)
- {
- if (helo_verified)
- debug_printf("matched alias %s\n", *(--aliases));
- }
- }
- }
-
- /* Final attempt: try a forward lookup of the helo name */
-
- if (!helo_verified)
- {
- int rc;
- host_item h;
- h.name = sender_helo_name;
- h.address = NULL;
- h.mx = MX_NONE;
- h.next = NULL;
- HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
- sender_helo_name);
- rc = host_find_byname(&h, NULL, NULL, TRUE);
- if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
- {
- host_item *hh = &h;
- while (hh != NULL)
- {
- if (Ustrcmp(hh->address, sender_host_address) == 0)
- {
- helo_verified = TRUE;
- HDEBUG(D_receive)
- debug_printf("IP address for %s matches calling address\n",
- sender_helo_name);
- break;
- }
- hh = hh->next;
- }
- }
- }
- }
-
- /* Verification failed. A temporary lookup failure gives a temporary
- error. */
-
+ BOOL tempfail = !smtp_verify_helo();
if (!helo_verified)
{
if (helo_required)
Index: 051
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/confs/051,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 051 8 Oct 2004 14:49:15 -0000 1.1
+++ 051 2 Aug 2005 15:19:20 -0000 1.2
@@ -1,5 +1,7 @@
# Exim test configuration 051
+HVH=
+
# Macros are set externally in order to get the path
# of the Exim that is being tested, and the directory
# in which the test data lives.
@@ -11,7 +13,7 @@
# ----- Main settings -----
acl_smtp_rcpt = rcpt
-helo_verify_hosts = ten-1.test.ex : ten-3.test.ex : 99.99.99.99
+helo_verify_hosts = ten-1.test.ex : ten-3.test.ex : HVH
helo_try_verify_hosts = ten-2.test.ex
log_selector = -host_lookup_failed
Index: 051
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/scripts/051,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 051 8 Oct 2004 14:49:52 -0000 1.1
+++ 051 2 Aug 2005 15:19:20 -0000 1.2
@@ -6,6 +6,7 @@
0
exim -bh 10.0.0.13
mail from:<ph10@???>
+rcpt to:<a@b>
quit
****
0
@@ -41,7 +42,29 @@
****
# This is a special IP address that provokes a temporary lookup failure
0
+exim -DHVH=99.99.99.99 -bh 99.99.99.99
+ehlo rhubarb
+quit
+****
+0
+exim -bh 10.0.0.13
+helo [10.0.0.99]
+mail from:<a@b>
+rcpt to:<c@d>
+quit
+****
+0
+exim -bh 10.0.0.13
+helo [10.0.0.13]
+mail from:<a@b>
+rcpt to:<c@d>
+quit
+****
+# Temporary lookup when not in helo_try_verify_hosts
+0
exim -bh 99.99.99.99
ehlo rhubarb
+mail from:<a@b>
+rcpt to:<c@d>
quit
****
Index: 051
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stderr/051,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 051 8 Oct 2004 14:50:08 -0000 1.1
+++ 051 2 Aug 2005 15:19:20 -0000 1.2
@@ -22,6 +22,13 @@
>>> name=ten-2.test.ex address=10.0.0.2
>>> host in helo_try_verify_hosts? no (end of list)
>>> host in helo_accept_junk_hosts? no (option unset)
+>>> using ACL "rcpt"
+>>> processing "require"
+>>> check verify = helo
+>>> verifying EHLO/HELO argument "NULL"
+>>> no EHLO/HELO command was issued
+>>> require: condition test failed
+LOG: H=[10.0.0.13] F=<ph10@???> rejected RCPT <a@b>: helo not verified
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? no (option unset)
>>> host in host_reject_connection? no (option unset)
@@ -37,11 +44,12 @@
>>> host in helo_try_verify_hosts? yes (matched "ten-2.test.ex")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> [10.0.0.1] in helo_lookup_domains? no (end of list)
->>> verifying HELO [10.0.0.1]
+>>> verifying EHLO/HELO argument "[10.0.0.1]"
>>> HELO verification failed but host is in helo_try_verify_hosts
>>> using ACL "rcpt"
>>> processing "require"
>>> check verify = helo
+>>> verifying EHLO/HELO argument "[10.0.0.1]"
>>> require: condition test failed
LOG: H=([10.0.0.1]) [10.0.0.2] F=<a@b> rejected RCPT <c@d>: helo not verified
>>> host in hosts_connection_nolog? no (option unset)
@@ -59,7 +67,7 @@
>>> host in helo_try_verify_hosts? yes (matched "ten-2.test.ex")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> [10.0.0.2] in helo_lookup_domains? no (end of list)
->>> verifying HELO [10.0.0.2]
+>>> verifying EHLO/HELO argument "[10.0.0.2]"
>>> matched host address
>>> using ACL "rcpt"
>>> processing "require"
@@ -78,7 +86,7 @@
>>> host in helo_verify_hosts? yes (matched "ten-1.test.ex")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> ten-1.test.ex in helo_lookup_domains? no (end of list)
->>> verifying HELO ten-1.test.ex
+>>> verifying EHLO/HELO argument "ten-1.test.ex"
>>> looking up host name for 10.0.0.1
>>> IP address lookup yielded ten-1.test.ex
>>> gethostbyname2 looked up these IP addresses:
@@ -98,7 +106,7 @@
>>> host in helo_verify_hosts? yes (matched "ten-3.test.ex")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> ten-3.test.ex in helo_lookup_domains? no (end of list)
->>> verifying HELO ten-3.test.ex
+>>> verifying EHLO/HELO argument "ten-3.test.ex"
>>> looking up host name for 10.0.0.3
>>> IP address lookup yielded ten-3.test.ex
>>> alias ten-3-alias.test.ex
@@ -112,9 +120,9 @@
>>> 10.0.0.3 OK
>>> matched host name
>>> host in smtp_accept_max_nonmail_hosts? yes (matched "*")
->>> verifying HELO ten-3-alias.test.ex
+>>> verifying EHLO/HELO argument "ten-3-alias.test.ex"
>>> matched alias ten-3-alias.test.ex
->>> verifying HELO ten-3xtra.test.ex
+>>> verifying EHLO/HELO argument "ten-3xtra.test.ex"
>>> getting IP address for ten-3xtra.test.ex
>>> gethostbyname2 looked up these IP addresses:
>>> name=ten-3xtra.test.ex address=10.0.0.3
@@ -129,7 +137,7 @@
>>> host in helo_verify_hosts? yes (matched "ten-1.test.ex")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> rhubarb in helo_lookup_domains? no (end of list)
->>> verifying EHLO rhubarb
+>>> verifying EHLO/HELO argument "rhubarb"
>>> looking up host name for 10.0.0.1
>>> IP address lookup yielded ten-1.test.ex
>>> gethostbyname2 looked up these IP addresses:
@@ -151,9 +159,81 @@
>>> host in helo_verify_hosts? yes (matched "99.99.99.99")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> rhubarb in helo_lookup_domains? no (end of list)
->>> verifying EHLO rhubarb
+>>> verifying EHLO/HELO argument "rhubarb"
>>> looking up host name for 99.99.99.99
>>> Test harness: host name lookup returns DEFER
>>> getting IP address for rhubarb
>>> no IP address found for host rhubarb (during SMTP connection from (rhubarb) [99.99.99.99])
LOG: temporarily rejected "EHLO rhubarb" from (rhubarb) [99.99.99.99]
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-1.test.ex address=10.0.0.1
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-3.test.ex address=10.0.0.3
+>>> host in helo_verify_hosts? no (end of list)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-2.test.ex address=10.0.0.2
+>>> host in helo_try_verify_hosts? no (end of list)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> [10.0.0.99] in helo_lookup_domains? no (end of list)
+>>> using ACL "rcpt"
+>>> processing "require"
+>>> check verify = helo
+>>> verifying EHLO/HELO argument "[10.0.0.99]"
+>>> require: condition test failed
+LOG: H=([10.0.0.99]) [10.0.0.13] F=<a@b> rejected RCPT <c@d>: helo not verified
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-1.test.ex address=10.0.0.1
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-3.test.ex address=10.0.0.3
+>>> host in helo_verify_hosts? no (end of list)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-2.test.ex address=10.0.0.2
+>>> host in helo_try_verify_hosts? no (end of list)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> [10.0.0.13] in helo_lookup_domains? no (end of list)
+>>> using ACL "rcpt"
+>>> processing "require"
+>>> check verify = helo
+>>> verifying EHLO/HELO argument "[10.0.0.13]"
+>>> matched host address
+>>> require: condition test succeeded
+>>> processing "deny"
+>>> deny: condition test succeeded
+LOG: H=([10.0.0.13]) [10.0.0.13] F=<a@b> rejected RCPT <c@d>: helo did verify
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-1.test.ex address=10.0.0.1
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-3.test.ex address=10.0.0.3
+>>> host in helo_verify_hosts? no (end of list)
+>>> gethostbyname2 looked up these IP addresses:
+>>> name=ten-2.test.ex address=10.0.0.2
+>>> host in helo_try_verify_hosts? no (end of list)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> rhubarb in helo_lookup_domains? no (end of list)
+>>> host in pipelining_advertise_hosts? yes (matched "*")
+>>> host in tls_advertise_hosts? no (option unset)
+>>> using ACL "rcpt"
+>>> processing "require"
+>>> check verify = helo
+>>> verifying EHLO/HELO argument "rhubarb"
+>>> looking up host name for 99.99.99.99
+>>> Test harness: host name lookup returns DEFER
+>>> getting IP address for rhubarb
+>>> no IP address found for host rhubarb (during SMTP connection from (rhubarb) [99.99.99.99])
+>>> require: condition test deferred
+LOG: H=(rhubarb) [99.99.99.99] F=<a@b> temporarily rejected RCPT <c@d>
Index: 445
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stderr/445,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 445 8 Oct 2004 14:50:08 -0000 1.1
+++ 445 2 Aug 2005 15:19:20 -0000 1.2
@@ -6,13 +6,13 @@
>>> host in helo_verify_hosts? yes (matched "*")
>>> host in helo_accept_junk_hosts? no (option unset)
>>> [10.9.8.7] in helo_lookup_domains? no (end of list)
->>> verifying EHLO [10.9.8.7]
+>>> verifying EHLO/HELO argument "[10.9.8.7]"
>>> matched host address
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in tls_advertise_hosts? no (option unset)
>>> host in smtp_accept_max_nonmail_hosts? yes (matched "*")
>>> [1.2.3.4] in helo_lookup_domains? no (end of list)
->>> verifying EHLO [1.2.3.4]
+>>> verifying EHLO/HELO argument "[1.2.3.4]"
LOG: rejected "EHLO [1.2.3.4]" from ([1.2.3.4]) [10.9.8.7]
>>> processing "accept"
>>> accept: condition test succeeded
Index: 466
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stderr/466,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- 466 1 Aug 2005 13:20:29 -0000 1.5
+++ 466 2 Aug 2005 15:19:20 -0000 1.6
@@ -84,6 +84,7 @@
calling r1 router
rda_interpret (file): /source/exim4/AutoTest/aux/466.f
expanded: /source/exim4/AutoTest/aux/466.f
+search_tidyup called
changed uid/gid: r1 router (recipient is ph10@???)
uid=1169 gid=1169 pid=pppp
auxiliary group list: <none>
@@ -92,6 +93,7 @@
data is an Exim filter program
Filter: start of processing
Filter: end of processing
+search_tidyup called
rda_interpret: subprocess yield=0 error=NULL
set transport t1
r1 router generated /source/exim4/AutoTest/test-mail
Index: 470
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stderr/470,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- 470 1 Aug 2005 13:20:29 -0000 1.8
+++ 470 2 Aug 2005 15:19:20 -0000 1.9
@@ -190,6 +190,7 @@
expanded: #Exim filter
mail text rhubarb
seen finish
+search_tidyup called
changed uid/gid: r2 router (recipient is mug99@???)
uid=1169 gid=1169 pid=pppp
auxiliary group list: <none>
@@ -197,6 +198,7 @@
data is an Exim filter program
Filter: start of processing
Filter: end of processing
+search_tidyup called
rda_interpret: subprocess yield=0 error=NULL
set transport t1
r2 router generated >sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???, sender@???
Index: 051
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stdout/051,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 051 8 Oct 2004 14:50:13 -0000 1.1
+++ 051 2 Aug 2005 15:19:21 -0000 1.2
@@ -13,6 +13,7 @@
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
250 OK
+550 helo not verified
221 myhost.test.ex closing connection
**** SMTP testing session as if from host 10.0.0.2
@@ -67,4 +68,37 @@
220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
451 EHLO argument does not match calling host
+221 myhost.test.ex closing connection
+
+**** SMTP testing session as if from host 10.0.0.13
+**** but without any ident (RFC 1413) callback.
+**** This is not for real!
+
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 myhost.test.ex Hello [10.0.0.99] [10.0.0.13]
+250 OK
+550 helo not verified
+221 myhost.test.ex closing connection
+
+**** SMTP testing session as if from host 10.0.0.13
+**** but without any ident (RFC 1413) callback.
+**** This is not for real!
+
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 myhost.test.ex Hello [10.0.0.13] [10.0.0.13]
+250 OK
+550 helo did verify
+221 myhost.test.ex closing connection
+
+**** SMTP testing session as if from host 99.99.99.99
+**** but without any ident (RFC 1413) callback.
+**** This is not for real!
+
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250-myhost.test.ex Hello rhubarb [99.99.99.99]
+250-SIZE 52428800
+250-PIPELINING
+250 HELP
+250 OK
+451 Temporary local problem - please try later
221 myhost.test.ex closing connection
