Wietse Venema: > I have a fix (attached) that no longer flags this as a PIPELINING > error (because it isn't). It just logs "BDAT without valid RCPT" > without blocking mail.
A last-minute edit broke the code. Attached is the corrected version. Wietse
diff -ur /var/tmp/postfix-3.5-20191013/HISTORY ./HISTORY --- /var/tmp/postfix-3.5-20191013/HISTORY 2019-10-13 12:04:37.000000000 -0400 +++ ./HISTORY 2019-10-13 18:07:20.000000000 -0400 @@ -24437,3 +24437,15 @@ smtp/smtp_rcpt.c, tls/tls_certkey.c, util/nbbio.c, util/vstream_tweak.c. +20191014 + + Bugfix (introduced: Postfix 2.8): don't gratuitously enable + all after-220 tests when only one such test is enabled. + This made selective tests impossible with 'good' clients. + File: postscreen/postscreen_smtpd.c. + + Bugfix: the 20180903 fix for a misleading "PIPELINING after + BDAT" warning looked at the wrong variable. The warning + now says "BDAT without valid RCPT", and the error is no + longer treated as a command PIPELINING error. File: + postscreen/postscreen_smtpd.c. diff -ur /var/tmp/postfix-3.5-20191013/src/postscreen/postscreen_smtpd.c ./src/postscreen/postscreen_smtpd.c --- /var/tmp/postfix-3.5-20191013/src/postscreen/postscreen_smtpd.c 2019-10-13 11:32:18.000000000 -0400 +++ ./src/postscreen/postscreen_smtpd.c 2019-10-13 19:08:41.000000000 -0400 @@ -591,6 +591,8 @@ * never see DATA from a legitimate client, because 1) the server rejects * every recipient, and 2) the server does not announce PIPELINING. */ + msg_info("DATA without valid RCPT from [%s]:%s", + PSC_CLIENT_ADDR_PORT(state)); if (PSC_SMTPD_NEXT_TOKEN(args) != 0) PSC_CLEAR_EVENT_DROP_SESSION_STATE(state, psc_smtpd_time_event, @@ -620,6 +622,8 @@ * client, because 1) the server rejects every recipient, and 2) the * server does not announce PIPELINING. */ + msg_info("BDAT without valid RCPT from [%s]:%s", + PSC_CLIENT_ADDR_PORT(state)); if (state->ehlo_discard_mask & EHLO_MASK_CHUNKING) PSC_CLEAR_EVENT_DROP_SESSION_STATE(state, psc_smtpd_time_event, @@ -1033,7 +1037,7 @@ } } /* Command PIPELINING test. */ - if ((state->flags & PSC_SMTPD_CMD_FLAG_HAS_PAYLOAD) == 0 + if ((cmdp->flags & PSC_SMTPD_CMD_FLAG_HAS_PAYLOAD) == 0 && (state->flags & PSC_STATE_MASK_PIPEL_TODO_SKIP) == PSC_STATE_FLAG_PIPEL_TODO && !PSC_SMTPD_BUFFER_EMPTY(state)) { printable(command, '?'); @@ -1172,16 +1176,17 @@ state->read_state = PSC_SMTPD_CMD_ST_ANY; /* - * Opportunistically make postscreen more useful by turning on the - * pipelining and non-SMTP command tests when a pre-handshake test - * failed, or when some deep test is configured as enabled. + * Disable all after-220 tests when we need to hang up immediately after + * reading the first SMTP client command. * - * XXX Make "opportunistically" configurable for each test. + * Opportunistically make postscreen more useful, by turning on all + * after-220 tests when a pre-handshake test failed. Do not turn on + * additional tests when some deep test is configured as enabled. */ - if ((state->flags & PSC_STATE_FLAG_SMTPD_X21) == 0) { - state->flags |= PSC_STATE_MASK_SMTPD_TODO; - } else { + if (state->flags & PSC_STATE_FLAG_SMTPD_X21) { state->flags &= ~PSC_STATE_MASK_SMTPD_TODO; + } else if (state->flags & PSC_STATE_MASK_ANY_FAIL) { + state->flags |= PSC_STATE_MASK_SMTPD_TODO; } /*