summaryrefslogtreecommitdiffstats
path: root/usr.sbin/smtpd (follow)
Commit message (Collapse)AuthorAgeFilesLines
* if cipher list is not specified for a relay action, use the globaleric2021-04-021-3/+6
| | | | | | cipher list if defined. otherwise fallback to libtls default. ok millert@
* turn log_trace() into a macro to prevent evaluating the format stringeric2021-03-312-10/+9
| | | | | | parameters when tracing is not enabled. ok millert@
* allow to specify tls protocols and ciphers on relay actionseric2021-03-314-10/+46
| | | | ok espie@ sthen@ tb@
* do not request client certificate unless requirederic2021-03-101-3/+1
| | | | | | | issue hit by florian@ diff by jsing@ ok tb@
* use the mx hostname for sni on outgoing connection, not the reverseeric2021-03-071-2/+2
| | | | | | | dns for the peer address. spotted by krw@ ok krw@ tb@
* Start porting smtpd to libtls.eric2021-03-0523-577/+549
| | | | | | | | | | Note that it changes the way SNI works: The certificate to use is now selected by looking at the names found in the certificates themselves, rather than the names of the pki entries in the configuration file. The set of certificates for a tls listener must be defined explicitly by using the pki listener option multiple times. ok tb@
* -h does not display version; from larry hynesjmc2021-02-131-3/+3
|
* readability fixes; from larry hynesjmc2021-02-131-4/+4
|
* various readability fixes; from larry hynesjmc2021-02-131-19/+19
|
* various readability fixes; from larry hynesjmc2021-02-131-6/+6
|
* add some missing articles; from larry hynesjmc2021-02-131-3/+4
|
* readability fix; from larry hynesjmc2021-02-131-4/+4
|
* comma swap; from larry hynesjmc2021-02-131-4/+4
|
* mark up fixes; from lyndonjmc2021-01-271-4/+4
|
* makemap does not need a common which it does not use.deraadt2021-01-271-2/+1
|
* Remove unused variables found by clang. Additional unused var spotted by eric@.rob2021-01-2310-44/+32
| | | | OK mvs@, eric@
* Do the KAME embedded scope fixup in the two places where getifaddrs() isclaudio2021-01-194-37/+29
| | | | | | | used. With this there should be no more embedded scopes left and therefor in6addr_to_text() can be removed. getnameinfo() will just do the right thing now. OK eric@
* Rename the pony process to dispatcher and klondike to crypto.martijn2020-12-3113-253/+253
| | | | | From gilles@ OK millert@ giovanni@
* sync usage() with SYNOPSIS; the -S option remainsjmc2020-12-291-2/+2
| | | | undocumented, at least for now;
* smtpd's filter state machine can prematurely release resourcesmillert2020-12-231-6/+1
| | | | leading to a crash. From gilles@
* Fix a memory leak: use a single memory allocation for struct addrinfo anderic2020-12-231-31/+38
| | | | | | | | | the sockaddr it contains, as expected by freeaddrinfo(). Move the allocation to a helper function for clarity. comments from martijn@ millert@ ok millert@
* Use regfree after we're done with preg.martijn2020-12-231-2/+7
| | | | From gilles@
* The plumbing already allowed for smtp authentication, hook it up to the -amartijn2020-12-212-7/+35
| | | | | | | flag. Manpage order feedback jmc@ OK eric@
* Use NI_NUMERICSERV. We don't use the result and it's faster and is amartijn2020-12-212-5/+6
| | | | | | | workaround for the memory-leak in asr. smtp_session part from eric@ OK eric@ gilles@
* Onlly call event_del if there are events enabled, since not all libeventsmartijn2020-12-201-2/+3
| | | | | | are created equal. From gilles@
* Free filter_name in lka_filter_endmartijn2020-12-201-1/+2
| | | | | From gilles@ OK millert@ eric@
* Sync bsnprintf() with ldapd/util.c r1.13tb2020-11-291-2/+2
| | | | Pointed out by jmatthew and requested by florian.
* partially revert revision 1.423 which went a bit too farjung2020-11-201-2/+3
| | | | | | | | | | slightly relax the ORCPT check by not enforcing that a domain is required, allowing e.g.: ORCPT=rfc822;root originally reported via github issue #1084 by Leo Gaspard with input from gilles ok kn
* Revert agentx support for now, we're too close to release.martijn2020-09-237-416/+13
| | | | requested by deraadt@
* Add support for agentx to smtpd.martijn2020-09-237-14/+417
| | | | | | | | | | This is based around NETWORK-SERVICES-MIB from RFC2788 and MTA-MIB from RFC2789, but does not export the full spec. Hopefully this will expand in the future. People who want to use this against net-snmp (currently the only option known to me at the time of writing) may want to add -I -mta_sendmail to the flags, so net-snmp doesn't throw garbage into the mib-2.28 subtree.
* Allow handling long lines in an aliases table.martijn2020-09-221-6/+8
| | | | | | Pointed out by AIsha Tammy (openbsd <dot> bugs <at> aisha <dot> cc) Original diff by Edgar Pettijohn (edgar <at> pettijohn-web <dot> com) OK tb@
* Add the admd keyword. This can be used by filters interested in themartijn2020-09-164-6/+32
| | | | | | Authentication-Results header. OK giovanni@
* Fix handling of user names containing '@' symbols.millert2020-09-141-2/+2
| | | | | | It is possible to have a user name of the form foo@bar in the URL. When splitting user name from host name, split at the last '@', not the first one. From Josh Rickmar
* Document "pki" option for relay delivery too; from Nick Gassonmillert2020-09-141-2/+10
| | | | OK jmc@ martijn@
* All buffers are in rw-memory, but lookup_record has it defined asmartijn2020-09-141-2/+2
| | | | | | const char *. Remove the const so things compile a little cleaner. Pointer out by Mark Patruck <mark <at> wrapped <dot> cx>. Thanks
* Make "spf walk" report if an spf-record has macro's and can't be resolved.martijn2020-09-142-3/+18
| | | | | | | | Originally reported by and OK on earlier version giovanni@ Looks good to deraadt@ feedback and OK jmc@ feedback semarie@ OK sthen@
* add missing "regex" keyword; from heddi nabbisenjmc2020-08-271-3/+3
| | | | ok martijn
* set TLS SNI when relaying to hostsemarie2020-06-091-1/+22
| | | | | ok beck@ "looks reasonable" millert@
* Run lmtp deliveries as SMTPD_USER instead of the recipient user.chrisz2020-06-012-4/+6
| | | | ok millert@
* Correct getsockname(2)/getpeername(2) usage.millert2020-05-211-7/+11
| | | | | Fixes an uninitialized variable and a potential stack overflow with IPv6 connections. From Leah Neukirchen; OK eric@ deraadt@
* Only allow forkmda() to be called from a local action dispatcher.millert2020-05-061-1/+3
| | | | From gilles@, OK deraadt@ jung@
* In virtual alias context, do not try to match catchall entries foreric2020-04-281-1/+5
| | | | | | | | | | usernames, but only for email addresses. fixes an issue where usernames always expand to the @ wildcard if defined in the virtual alias file. discussed with Gilles Chehade ok millert@
* update filter documentation after protocol changeeric2020-04-251-20/+27
| | | | from Gilles Chehade
* point out that the "junk" filter decision adds the X-Spam headereric2020-04-251-5/+13
| | | | from Ryan Kavanagh
* strip trailing CRs at smtp level rather than io leveleric2020-04-246-10/+25
| | | | ok millert@
* ce examples of "Ar arg Ar arg" with "Ar arg arg" and stop the spread;jmc2020-04-232-13/+13
|
* Check for the dispatcher name in the envelope validation function.eric2020-04-222-11/+5
| | | | | | | Fixes a possible crash and caching issue when manually moving an envelope to the queue with smtpctl discover. ok millert@
* switch email and result fields in mail-from/rcpt-to event reportseric2020-04-171-4/+4
| | | | | | | | and bump protocol version. discussed with jung@, martijn@ and Gilles. ok jung@
* When failing to validate a peer TLS certificate in the MTA due to thebeck2020-04-101-2/+6
| | | | | | | | desired name of the MX not being present in the certificate, log that this is he reason for the failure and the name we couldn't find in the cert. ok millert@ martijn@
* bump smtpd versioneric2020-04-081-2/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.