<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><style xmlns="" type="text/css">
div.added { background-color: #ffff99; }
div.deleted { text-decoration: line-through;
background-color: #FF7F7F; }
div.changed { background-color: #99ff99; }
div.off { }
span.added { background-color: #ffff99; }
span.deleted { text-decoration: line-through;
background-color: #FF7F7F; }
span.changed { background-color: #99ff99; }
span.off { }
pre.literallayout {
background-color: #E8E8D0;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div[class=changed] pre.literallayout {
background-color: #99ff99;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div.literallayout {
background-color: #E8E8D0;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
div[class=changed] div.literallayout {
background-color: #99ff99;
padding-left: 0.5cm;
padding-top: 5px;
padding-bottom: 5px;
}
</style><title>42. Adding a local scan function to Exim</title><meta name="generator" content="DocBook XSL Stylesheets V1.72.0" /><link rel="start" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="up" href="index.html" title="Specification of the Exim Mail Transfer Agent" /><link rel="prev" href="ch41.html" title="41. Content scanning at ACL time" /><link rel="next" href="ch43.html" title="43. System-wide message filtering" /></head><body><div class="navheader">
<table width="100%" summary="Navigation header"><tr><td width="20%" align="left"><a accesskey="p" href="ch41.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ch43.html">Next</a></td></tr></table></div>
<div class="chapter" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h2 class="title"><a href="index.html#toc0365" id="CHAPlocalscan">42. Adding a local scan function to Exim</a></h2></div>
</div>
</div>
<p>
<a id="IIDlosca" class="indexterm"></a>
<a id="id637147" class="indexterm"></a>
<a id="id637162" class="indexterm"></a>
In these days of email worms, viruses, and ever-increasing spam, some sites
want to apply a lot of checking to messages before accepting them.
</p>
<p>
The content scanning extension (chapter <a href="ch41.html" title="41. Content scanning at ACL time">41</a>) has facilities for
passing messages to external virus and spam scanning software. You can also do
a certain amount in Exim itself through string expansions and the <span><strong class="option">condition</strong></span>
condition in the ACL that runs after the SMTP DATA command or the ACL for
non-SMTP messages (see chapter <a href="ch40.html" title="40. Access control lists">40</a>), but this has its limitations.
</p>
<p>
To allow for further customization to a site’s own requirements, there is the
possibility of linking Exim with a private message scanning function, written
in C. If you want to run code that is written in something other than C, you
can of course use a little C stub to call it.
</p>
<p>
The local scan function is run once for every incoming message, at the point
when Exim is just about to accept the message.
It can therefore be used to control non-SMTP messages from local processes as
well as messages arriving via SMTP.
</p>
<p>
Exim applies a timeout to calls of the local scan function, and there is an
option called <span><strong class="option">local_scan_timeout</strong></span> for setting it. The default is 5 minutes.
Zero means “<span class="quote">no timeout</span>”.
Exim also sets up signal handlers for SIGSEGV, SIGILL, SIGFPE, and SIGBUS
before calling the local scan function, so that the most common types of crash
are caught. If the timeout is exceeded or one of those signals is caught, the
incoming message is rejected with a temporary error if it is an SMTP message.
For a non-SMTP message, the message is dropped and Exim ends with a non-zero
code. The incident is logged on the main and reject logs.
</p>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0366" id="SECID207">42.1 Building Exim to use a local scan function</a></h3></div>
</div>
</div>
<p>
<a id="id637247" class="indexterm"></a>
To make use of the local scan function feature, you must tell Exim where your
function is before building Exim, by setting LOCAL_SCAN_SOURCE in your
<em class="filename">Local/Makefile</em>. A recommended place to put it is in the <em class="filename">Local</em>
directory, so you might set
</p>
<pre class="literallayout">LOCAL_SCAN_SOURCE=Local/local_scan.c
</pre><p>
for example. The function must be called <em class="function">local_scan()</em>. It is called by
Exim after it has received a message, when the success return code is about to
be sent. This is after all the ACLs have been run. The return code from your
function controls whether the message is actually accepted or not. There is a
commented template function (that just accepts the message) in the file
_src/local_scan.c_.
</p>
<p>
If you want to make use of Exim’s run time configuration file to set options
for your <em class="function">local_scan()</em> function, you must also set
</p>
<pre class="literallayout">LOCAL_SCAN_HAS_OPTIONS=yes
</pre><p>
in <em class="filename">Local/Makefile</em> (see section <a href="ch42.html#SECTconoptloc" title="42.3 Configuration options for local_scan()">42.3</a> below).
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0367" id="SECTapiforloc">42.2 API for local_scan()</a></h3></div>
</div>
</div>
<p>
<a id="id637351" class="indexterm"></a>
You must include this line near the start of your code:
</p>
<pre class="literallayout">#include "local_scan.h"
</pre><p>
This header file defines a number of variables and other values, and the
prototype for the function itself. Exim is coded to use unsigned char values
almost exclusively, and one of the things this header defines is a shorthand
for <code class="literal">unsigned char</code> called <code class="literal">uschar</code>.
It also contains the following macro definitions, to simplify casting character
strings and pointers to character strings:
</p>
<pre class="literallayout">#define CS (char *)
#define CCS (const char *)
#define CSS (char **)
#define US (unsigned char *)
#define CUS (const unsigned char *)
#define USS (unsigned char **)
</pre><p>
The function prototype for <em class="function">local_scan()</em> is:
</p>
<pre class="literallayout">extern int local_scan(int fd, uschar **return_text);
</pre><p>
The arguments are as follows:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
<span><strong class="option">fd</strong></span> is a file descriptor for the file that contains the body of the message
(the -D file). The file is open for reading and writing, but updating it is not
recommended. <span class="bold"><strong>Warning</strong></span>: You must <span class="emphasis"><em>not</em></span> close this file descriptor.
</p>
<p>
The descriptor is positioned at character 19 of the file, which is the first
character of the body itself, because the first 19 characters are the message
id followed by <code class="literal">-D</code> and a newline. If you rewind the file, you should use the
macro SPOOL_DATA_START_OFFSET to reset to the start of the data, just in
case this changes in some future version.
</p>
</li><li><p>
<span><strong class="option">return_text</strong></span> is an address which you can use to return a pointer to a text
string at the end of the function. The value it points to on entry is NULL.
</p>
</li></ul></div>
<p>
The function must return an <span><strong class="option">int</strong></span> value which is one of the following macros:
</p>
<div class="variablelist">
<dl><dt><span class="term"><code class="literal">LOCAL_SCAN_ACCEPT</code></span></dt><dd><p>
<a id="id637508" class="indexterm"></a>
The message is accepted. If you pass back a string of text, it is saved with
the message, and made available in the variable <em class="varname">$local_scan_data</em>. No
newlines are permitted (if there are any, they are turned into spaces) and the
maximum length of text is 1000 characters.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_ACCEPT_FREEZE</code></span></dt><dd><p>
This behaves as LOCAL_SCAN_ACCEPT, except that the accepted message is
queued without immediate delivery, and is frozen.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_ACCEPT_QUEUE</code></span></dt><dd><p>
This behaves as LOCAL_SCAN_ACCEPT, except that the accepted message is
queued without immediate delivery.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_REJECT</code></span></dt><dd><p>
The message is rejected; the returned text is used as an error message which is
passed back to the sender and which is also logged. Newlines are permitted –
they cause a multiline response for SMTP rejections, but are converted to
<code class="literal">\n</code> in log lines. If no message is given, “<span class="quote">Administrative prohibition</span>” is
used.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_TEMPREJECT</code></span></dt><dd><p>
The message is temporarily rejected; the returned text is used as an error
message as for LOCAL_SCAN_REJECT. If no message is given, “<span class="quote">Temporary local
problem</span>” is used.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_REJECT_NOLOGHDR</code></span></dt><dd><p>
This behaves as LOCAL_SCAN_REJECT, except that the header of the rejected
message is not written to the reject log. It has the effect of unsetting the
<span><strong class="option">rejected_header</strong></span> log selector for just this rejection. If
<span><strong class="option">rejected_header</strong></span> is already unset (see the discussion of the
<span><strong class="option">log_selection</strong></span> option in section <a href="ch49.html#SECTlogselector" title="49.15 Reducing or increasing what is logged">49.15</a>), this code is the
same as LOCAL_SCAN_REJECT.
</p>
</dd><dt><span class="term"><code class="literal">LOCAL_SCAN_TEMPREJECT_NOLOGHDR</code></span></dt><dd><p>
This code is a variation of LOCAL_SCAN_TEMPREJECT in the same way that
LOCAL_SCAN_REJECT_NOLOGHDR is a variation of LOCAL_SCAN_REJECT.
</p>
</dd></dl></div>
<p>
If the message is not being received by interactive SMTP, rejections are
reported by writing to <span><strong class="option">stderr</strong></span> or by sending an email, as configured by the
<span><strong class="option">-oe</strong></span> command line options.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0368" id="SECTconoptloc">42.3 Configuration options for local_scan()</a></h3></div>
</div>
</div>
<p>
<a id="id637698" class="indexterm"></a>
It is possible to have option settings in the main configuration file
that set values in static variables in the <em class="function">local_scan()</em> module. If you
want to do this, you must have the line
</p>
<pre class="literallayout">LOCAL_SCAN_HAS_OPTIONS=yes
</pre><p>
in your <em class="filename">Local/Makefile</em> when you build Exim. (This line is in
<em class="filename">OS/Makefile-Default</em>, commented out). Then, in the <em class="function">local_scan()</em> source
file, you must define static variables to hold the option values, and a table
to define them.
</p>
<p>
The table must be a vector called <span><strong class="option">local_scan_options</strong></span>, of type
<code class="literal">optionlist</code>. Each entry is a triplet, consisting of a name, an option type,
and a pointer to the variable that holds the value. The entries must appear in
alphabetical order. Following <span><strong class="option">local_scan_options</strong></span> you must also define a
variable called <span><strong class="option">local_scan_options_count</strong></span> that contains the number of
entries in the table. Here is a short example, showing two kinds of option:
</p>
<pre class="literallayout">static int my_integer_option = 42;
static uschar *my_string_option = US"a default string";
optionlist local_scan_options[] = {
{ "my_integer", opt_int, &my_integer_option },
{ "my_string", opt_stringptr, &my_string_option }
};
int local_scan_options_count =
sizeof(local_scan_options)/sizeof(optionlist);
</pre><p>
The values of the variables can now be changed from Exim’s runtime
configuration file by including a local scan section as in this example:
</p>
<pre class="literallayout">begin local_scan
my_integer = 99
my_string = some string of text...
</pre><p>
The available types of option data are as follows:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>opt_bool</strong></span></span></dt><dd><p>
This specifies a boolean (true/false) option. The address should point to a
variable of type <code class="literal">BOOL</code>, which will be set to TRUE or FALSE, which are macros
that are defined as “<span class="quote">1</span>” and “<span class="quote">0</span>”, respectively. If you want to detect
whether such a variable has been set at all, you can initialize it to
TRUE_UNSET. (BOOL variables are integers underneath, so can hold more than two
values.)
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_fixed</strong></span></span></dt><dd><p>
This specifies a fixed point number, such as is used for load averages.
The address should point to a variable of type <code class="literal">int</code>. The value is stored
multiplied by 1000, so, for example, 1.4142 is truncated and stored as 1414.
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_int</strong></span></span></dt><dd><p>
This specifies an integer; the address should point to a variable of type
<code class="literal">int</code>. The value may be specified in any of the integer formats accepted by
Exim.
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_mkint</strong></span></span></dt><dd><p>
This is the same as <span><strong class="option">opt_int</strong></span>, except that when such a value is output in a
<span><strong class="option">-bP</strong></span> listing, if it is an exact number of kilobytes or megabytes, it is
printed with the suffix K or M.
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_octint</strong></span></span></dt><dd><p>
This also specifies an integer, but the value is always interpreted as an
octal integer, whether or not it starts with the digit zero, and it is
always output in octal.
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_stringptr</strong></span></span></dt><dd><p>
This specifies a string value; the address must be a pointer to a
variable that points to a string (for example, of type <code class="literal">uschar *</code>).
</p>
</dd><dt><span class="term"><span class="bold"><strong>opt_time</strong></span></span></dt><dd><p>
This specifies a time interval value. The address must point to a variable of
type <code class="literal">int</code>. The value that is placed there is a number of seconds.
</p>
</dd></dl></div>
<p>
If the <span><strong class="option">-bP</strong></span> command line option is followed by <code class="literal">local_scan</code>, Exim prints
out the values of all the <em class="function">local_scan()</em> options.
</p>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0369" id="SECID208">42.4 Available Exim variables</a></h3></div>
</div>
</div>
<p>
<a id="id638029" class="indexterm"></a>
The header <em class="filename">local_scan.h</em> gives you access to a number of C variables. These
are the only ones that are guaranteed to be maintained from release to release.
Note, however, that you can obtain the value of any Exim expansion variable,
including <em class="varname">$recipients</em>, by calling <span class="emphasis"><em>expand_string()</em></span>. The exported
C variables are as follows:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>int body_linecount</strong></span></span></dt><dd><p>
This variable contains the number of lines in the message’s body.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int body_zerocount</strong></span></span></dt><dd><p>
This variable contains the number of binary zero bytes in the message’s body.
</p>
</dd><dt><span class="term"><span class="bold"><strong>unsigned int debug_selector</strong></span></span></dt><dd><p>
This variable is set to zero when no debugging is taking place. Otherwise, it
is a bitmap of debugging selectors. Two bits are identified for use in
<em class="function">local_scan()</em>; they are defined as macros:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
The <code class="literal">D_v</code> bit is set when <span><strong class="option">-v</strong></span> was present on the command line. This is a
testing option that is not privileged – any caller may set it. All the
other selector bits can be set only by admin users.
</p>
</li><li><p>
The <code class="literal">D_local_scan</code> bit is provided for use by <em class="function">local_scan()</em>; it is set
by the <code class="literal">+local_scan</code> debug selector. It is not included in the default set
of debugging bits.
</p>
</li></ul></div>
<p>
Thus, to write to the debugging output only when <code class="literal">+local_scan</code> has been
selected, you should use code like this:
</p>
<pre class="literallayout">if ((debug_selector & D_local_scan) != 0)
debug_printf("xxx", ...);
</pre></dd><dt><span class="term"><span class="bold"><strong>uschar *expand_string_message</strong></span></span></dt><dd><p>
After a failing call to <span class="emphasis"><em>expand_string()</em></span> (returned value NULL), the
variable <span><strong class="option">expand_string_message</strong></span> contains the error message, zero-terminated.
</p>
</dd><dt><span class="term"><span class="bold"><strong>header_line *header_list</strong></span></span></dt><dd><p>
A pointer to a chain of header lines. The <span><strong class="option">header_line</strong></span> structure is
discussed below.
</p>
</dd><dt><span class="term"><span class="bold"><strong>header_line *header_last</strong></span></span></dt><dd><p>
A pointer to the last of the header lines.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *headers_charset</strong></span></span></dt><dd><p>
The value of the <span><strong class="option">headers_charset</strong></span> configuration option.
</p>
</dd><dt><span class="term"><span class="bold"><strong>BOOL host_checking</strong></span></span></dt><dd><p>
This variable is TRUE during a host checking session that is initiated by the
<span><strong class="option">-bh</strong></span> command line option.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *interface_address</strong></span></span></dt><dd><p>
The IP address of the interface that received the message, as a string. This
is NULL for locally submitted messages.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int interface_port</strong></span></span></dt><dd><p>
The port on which this message was received. When testing with the <span><strong class="option">-bh</strong></span>
command line option, the value of this variable is -1 unless a port has been
specified via the <span><strong class="option">-oMi</strong></span> option.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *message_id</strong></span></span></dt><dd><p>
This variable contains Exim’s message id for the incoming message (the value of
<em class="varname">$message_exim_id</em>) as a zero-terminated string.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *received_protocol</strong></span></span></dt><dd><p>
The name of the protocol by which the message was received.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int recipients_count</strong></span></span></dt><dd><p>
The number of accepted recipients.
</p>
</dd><dt><span class="term"><span class="bold"><strong>recipient_item *recipients_list</strong></span></span></dt><dd><p>
<a id="id638414" class="indexterm"></a>
<a id="id638428" class="indexterm"></a>
The list of accepted recipients, held in a vector of length
<span><strong class="option">recipients_count</strong></span>. The <span><strong class="option">recipient_item</strong></span> structure is discussed below. You
can add additional recipients by calling <span class="emphasis"><em>receive_add_recipient()</em></span> (see
below). You can delete recipients by removing them from the vector and
adjusting the value in <span><strong class="option">recipients_count</strong></span>. In particular, by setting
<span><strong class="option">recipients_count</strong></span> to zero you remove all recipients. If you then return the
value <code class="literal">LOCAL_SCAN_ACCEPT</code>, the message is accepted, but immediately
blackholed. To replace the recipients, you can set <span><strong class="option">recipients_count</strong></span> to zero
and then call <span class="emphasis"><em>receive_add_recipient()</em></span> as often as needed.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *sender_address</strong></span></span></dt><dd><p>
The envelope sender address. For bounce messages this is the empty string.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *sender_host_address</strong></span></span></dt><dd><p>
The IP address of the sending host, as a string. This is NULL for
locally-submitted messages.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *sender_host_authenticated</strong></span></span></dt><dd><p>
The name of the authentication mechanism that was used, or NULL if the message
was not received over an authenticated SMTP connection.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *sender_host_name</strong></span></span></dt><dd><p>
The name of the sending host, if known.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int sender_host_port</strong></span></span></dt><dd><p>
The port on the sending host.
</p>
</dd><dt><span class="term"><span class="bold"><strong>BOOL smtp_input</strong></span></span></dt><dd><p>
This variable is TRUE for all SMTP input, including BSMTP.
</p>
</dd><dt><span class="term"><span class="bold"><strong>BOOL smtp_batched_input</strong></span></span></dt><dd><p>
This variable is TRUE for BSMTP input.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int store_pool</strong></span></span></dt><dd><p>
The contents of this variable control which pool of memory is used for new
requests. See section <a href="ch42.html#SECTmemhanloc" title="42.8 More about Exim’s memory handling">42.8</a> for details.
</p>
</dd></dl></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0370" id="SECID209">42.5 Structure of header lines</a></h3></div>
</div>
</div>
<p>
The <span><strong class="option">header_line</strong></span> structure contains the members listed below.
You can add additional header lines by calling the <span class="emphasis"><em>header_add()</em></span> function
(see below). You can cause header lines to be ignored (deleted) by setting
their type to *.
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>struct header_line *next</strong></span></span></dt><dd><p>
A pointer to the next header line, or NULL for the last line.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int type</strong></span></span></dt><dd><p>
A code identifying certain headers that Exim recognizes. The codes are printing
characters, and are documented in chapter <a href="ch53.html" title="53. Format of spool files">53</a> of this manual.
Notice in particular that any header line whose type is * is not transmitted
with the message. This flagging is used for header lines that have been
rewritten, or are to be removed (for example, <span class="emphasis"><em>Envelope-sender:</em></span> header
lines.) Effectively, * means “<span class="quote">deleted</span>”.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int slen</strong></span></span></dt><dd><p>
The number of characters in the header line, including the terminating and any
internal newlines.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *text</strong></span></span></dt><dd><p>
A pointer to the text of the header. It always ends with a newline, followed by
a zero byte. Internal newlines are preserved.
</p>
</dd></dl></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0371" id="SECID210">42.6 Structure of recipient items</a></h3></div>
</div>
</div>
<p>
The <span><strong class="option">recipient_item</strong></span> structure contains these members:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>uschar *address</strong></span></span></dt><dd><p>
This is a pointer to the recipient address as it was received.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int pno</strong></span></span></dt><dd><p>
This is used in later Exim processing when top level addresses are created by
the <span><strong class="option">one_time</strong></span> option. It is not relevant at the time <em class="function">local_scan()</em> is run
and must always contain -1 at this stage.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *errors_to</strong></span></span></dt><dd><p>
If this value is not NULL, bounce messages caused by failing to deliver to the
recipient are sent to the address it contains. In other words, it overrides the
envelope sender for this one recipient. (Compare the <span><strong class="option">errors_to</strong></span> generic
router option.) If a <em class="function">local_scan()</em> function sets an <span><strong class="option">errors_to</strong></span> field to
an unqualified address, Exim qualifies it using the domain from
<span><strong class="option">qualify_recipient</strong></span>. When <em class="function">local_scan()</em> is called, the <span><strong class="option">errors_to</strong></span> field
is NULL for all recipients.
</p>
</dd></dl></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0372" id="SECID211">42.7 Available Exim functions</a></h3></div>
</div>
</div>
<p>
<a id="id638868" class="indexterm"></a>
The header <em class="filename">local_scan.h</em> gives you access to a number of Exim functions.
These are the only ones that are guaranteed to be maintained from release to
release:
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>pid_t child_open(uschar **argv, uschar **envp, int newumask, int *infdptr, int *outfdptr, BOOL make_leader)</strong></span></span></dt><dd><p>
This function creates a child process that runs the command specified by
<span><strong class="option">argv</strong></span>. The environment for the process is specified by <span><strong class="option">envp</strong></span>, which can
be NULL if no environment variables are to be passed. A new umask is supplied
for the process in <span><strong class="option">newumask</strong></span>.
</p>
<p>
Pipes to the standard input and output of the new process are set up
and returned to the caller via the <span><strong class="option">infdptr</strong></span> and <span><strong class="option">outfdptr</strong></span> arguments. The
standard error is cloned to the standard output. If there are any file
descriptors “<span class="quote">in the way</span>” in the new process, they are closed. If the final
argument is TRUE, the new process is made into a process group leader.
</p>
<p>
The function returns the pid of the new process, or -1 if things go wrong.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int child_close(pid_t pid, int timeout)</strong></span></span></dt><dd><p>
This function waits for a child process to terminate, or for a timeout (in
seconds) to expire. A timeout value of zero means wait as long as it takes. The
return value is as follows:
</p>
<div class="itemizedlist">
<ul type="disc"><li><p>
>= 0
</p>
<p>
The process terminated by a normal exit and the value is the process
ending status.
</p>
</li><li><p>
< 0 and > –256
</p>
<p>
The process was terminated by a signal and the value is the negation of the
signal number.
</p>
</li><li><p>
–256
</p>
<p>
The process timed out.
</p>
</li><li><p>
–257
</p>
<p>
The was some other error in wait(); <span><strong class="option">errno</strong></span> is still set.
</p>
</li></ul></div>
</dd><dt><span class="term"><span class="bold"><strong>pid_t child_open_exim(int *fd)</strong></span></span></dt><dd><p>
This function provide you with a means of submitting a new message to
Exim. (Of course, you can also call <em class="filename">/usr/sbin/sendmail</em> yourself if you
want, but this packages it all up for you.) The function creates a pipe,
forks a subprocess that is running
</p>
<pre class="literallayout">exim -t -oem -oi -f <>
</pre><p>
and returns to you (via the <code class="literal">int *</code> argument) a file descriptor for the pipe
that is connected to the standard input. The yield of the function is the PID
of the subprocess. You can then write a message to the file descriptor, with
recipients in <span class="emphasis"><em>To:</em></span>, <span class="emphasis"><em>Cc:</em></span>, and/or <span class="emphasis"><em>Bcc:</em></span> header lines.
</p>
<p>
When you have finished, call <span class="emphasis"><em>child_close()</em></span> to wait for the process to
finish and to collect its ending status. A timeout value of zero is usually
fine in this circumstance. Unless you have made a mistake with the recipient
addresses, you should get a return code of zero.
</p>
</dd><dt><span class="term"><span class="bold"><strong>pid_t child_open_exim2(int *fd, uschar *sender, uschar *sender_authentication)</strong></span></span></dt><dd><p>
This function is a more sophisticated version of <span class="emphasis"><em>child_open()</em></span>. The command
that it runs is:
</p>
<div class="literallayout">
<code class="literal">exim -t -oem -oi -f </code><span class="emphasis"><em>sender</em></span><code class="literal"> -oMas </code><span class="emphasis"><em>sender_authentication</em></span><br />
</div>
<p>
The third argument may be NULL, in which case the <span><strong class="option">-oMas</strong></span> option is omitted.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void debug_printf(char *, ...)</strong></span></span></dt><dd><p>
This is Exim’s debugging function, with arguments as for <span class="emphasis"><em>(printf()</em></span>. The
output is written to the standard error stream. If no debugging is selected,
calls to <span class="emphasis"><em>debug_printf()</em></span> have no effect. Normally, you should make calls
conditional on the <code class="literal">local_scan</code> debug selector by coding like this:
</p>
<pre class="literallayout">if ((debug_selector & D_local_scan) != 0)
debug_printf("xxx", ...);
</pre></dd><dt><span class="term"><span class="bold"><strong>uschar *expand_string(uschar *string)</strong></span></span></dt><dd><p>
This is an interface to Exim’s string expansion code. The return value is the
expanded string, or NULL if there was an expansion failure.
The C variable <span><strong class="option">expand_string_message</strong></span> contains an error message after an
expansion failure. If expansion does not change the string, the return value is
the pointer to the input string. Otherwise, the return value points to a new
block of memory that was obtained by a call to <span class="emphasis"><em>store_get()</em></span>. See section
<a href="ch42.html#SECTmemhanloc" title="42.8 More about Exim’s memory handling">42.8</a> below for a discussion of memory handling.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void header_add(int type, char *format, ...)</strong></span></span></dt><dd><p>
This function allows you to an add additional header line at the end of the
existing ones. The first argument is the type, and should normally be a space
character. The second argument is a format string and any number of
substitution arguments as for <em class="function">sprintf()</em>. You may include internal newlines
if you want, and you must ensure that the string ends with a newline.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void header_add_at_position(BOOL after, uschar *name, BOOL topnot, int type, char *format, ...)</strong></span></span></dt><dd><p>
This function adds a new header line at a specified point in the header
chain. The header itself is specified as for <span class="emphasis"><em>header_add()</em></span>.
</p>
<p>
If <span><strong class="option">name</strong></span> is NULL, the new header is added at the end of the chain if
<span><strong class="option">after</strong></span> is true, or at the start if <span><strong class="option">after</strong></span> is false. If <span><strong class="option">name</strong></span> is not
NULL, the header lines are searched for the first non-deleted header that
matches the name. If one is found, the new header is added before it if
<span><strong class="option">after</strong></span> is false. If <span><strong class="option">after</strong></span> is true, the new header is added after the
found header and any adjacent subsequent ones with the same name (even if
marked “<span class="quote">deleted</span>”). If no matching non-deleted header is found, the <span><strong class="option">topnot</strong></span>
option controls where the header is added. If it is true, addition is at the
top; otherwise at the bottom. Thus, to add a header after all the <span class="emphasis"><em>Received:</em></span>
headers, or at the top if there are no <span class="emphasis"><em>Received:</em></span> headers, you could use
</p>
<pre class="literallayout">header_add_at_position(TRUE, US"Received", TRUE,
' ', "X-xxx: ...");
</pre><p>
Normally, there is always at least one non-deleted <span class="emphasis"><em>Received:</em></span> header, but
there may not be if <span><strong class="option">received_header_text</strong></span> expands to an empty string.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void header_remove(int occurrence, uschar *name)</strong></span></span></dt><dd><p>
This function removes header lines. If <span><strong class="option">occurrence</strong></span> is zero or negative, all
occurrences of the header are removed. If occurrence is greater than zero, that
particular instance of the header is removed. If no header(s) can be found that
match the specification, the function does nothing.
</p>
</dd><dt><span class="term"><span class="bold"><strong>BOOL header_testname(header_line *hdr, uschar *name, int length, BOOL notdel)</strong></span></span></dt><dd><p>
This function tests whether the given header has the given name. It is not just
a string comparison, because white space is permitted between the name and the
colon. If the <span><strong class="option">notdel</strong></span> argument is true, a false return is forced for all
“<span class="quote">deleted</span>” headers; otherwise they are not treated specially. For example:
</p>
<pre class="literallayout">if (header_testname(h, US"X-Spam", 6, TRUE)) ...
</pre></dd><dt><span class="term"><span class="bold"><strong>uschar *lss_b64encode(uschar *cleartext, int length)</strong></span></span></dt><dd><p>
<a id="id639429" class="indexterm"></a>
This function base64-encodes a string, which is passed by address and length.
The text may contain bytes of any value, including zero. The result is passed
back in dynamic memory that is obtained by calling <span class="emphasis"><em>store_get()</em></span>. It is
zero-terminated.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int lss_b64decode(uschar *codetext, uschar **cleartext)</strong></span></span></dt><dd><p>
This function decodes a base64-encoded string. Its arguments are a
zero-terminated base64-encoded string and the address of a variable that is set
to point to the result, which is in dynamic memory. The length of the decoded
string is the yield of the function. If the input is invalid base64 data, the
yield is -1. A zero byte is added to the end of the output string to make it
easy to interpret as a C string (assuming it contains no zeros of its own). The
added zero byte is not included in the returned count.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int lss_match_domain(uschar *domain, uschar *list)</strong></span></span></dt><dd><p>
This function checks for a match in a domain list. Domains are always
matched caselessly. The return value is one of the following:
</p>
<div class="literallayout">
<code class="literal">OK </code> match succeeded<br />
<code class="literal">FAIL </code> match failed<br />
<code class="literal">DEFER </code> match deferred<br />
</div>
<p>
DEFER is usually caused by some kind of lookup defer, such as the
inability to contact a database.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int lss_match_local_part(uschar *localpart, uschar *list, BOOL caseless)</strong></span></span></dt><dd><p>
This function checks for a match in a local part list. The third argument
controls case-sensitivity. The return values are as for
<span class="emphasis"><em>lss_match_domain()</em></span>.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int lss_match_address(uschar *address, uschar *list, BOOL caseless)</strong></span></span></dt><dd><p>
This function checks for a match in an address list. The third argument
controls the case-sensitivity of the local part match. The domain is always
matched caselessly. The return values are as for <span class="emphasis"><em>lss_match_domain()</em></span>.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int lss_match_host(uschar *host_name, uschar *host_address, uschar *list)</strong></span></span></dt><dd><p>
This function checks for a match in a host list. The most common usage is
expected to be
</p>
<pre class="literallayout">lss_match_host(sender_host_name, sender_host_address, ...)
</pre><p>
<a id="id639595" class="indexterm"></a>
An empty address field matches an empty item in the host list. If the host name
is NULL, the name corresponding to <em class="varname">$sender_host_address</em> is automatically
looked up if a host name is required to match an item in the list. The return
values are as for <span class="emphasis"><em>lss_match_domain()</em></span>, but in addition, <span class="emphasis"><em>lss_match_host()</em></span>
returns ERROR in the case when it had to look up a host name, but the lookup
failed.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void log_write(unsigned int selector, int which, char *format, ...)</strong></span></span></dt><dd><p>
This function writes to Exim’s log files. The first argument should be zero (it
is concerned with <span><strong class="option">log_selector</strong></span>). The second argument can be <code class="literal">LOG_MAIN</code> or
<code class="literal">LOG_REJECT</code> or <code class="literal">LOG_PANIC</code> or the inclusive “<span class="quote">or</span>” of any combination of
them. It specifies to which log or logs the message is written. The remaining
arguments are a format and relevant insertion arguments. The string should not
contain any newlines, not even at the end.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void receive_add_recipient(uschar *address, int pno)</strong></span></span></dt><dd><p>
This function adds an additional recipient to the message. The first argument
is the recipient address. If it is unqualified (has no domain), it is qualified
with the <span><strong class="option">qualify_recipient</strong></span> domain. The second argument must always be -1.
</p>
<p>
This function does not allow you to specify a private <span><strong class="option">errors_to</strong></span> address (as
described with the structure of <span><strong class="option">recipient_item</strong></span> above), because it pre-dates
the addition of that field to the structure. However, it is easy to add such a
value afterwards. For example:
</p>
<pre class="literallayout"> receive_add_recipient(US"monitor@mydom.example", -1);
recipients_list[recipients_count-1].errors_to =
US"postmaster@mydom.example";
</pre></dd><dt><span class="term"><span class="bold"><strong>BOOL receive_remove_recipient(uschar *recipient)</strong></span></span></dt><dd><p>
This is a convenience function to remove a named recipient from the list of
recipients. It returns true if a recipient was removed, and false if no
matching recipient could be found. The argument must be a complete email
address.
</p>
</dd></dl></div>
<p>
<a id="id639749" class="indexterm"></a>
</p>
<div class="variablelist">
<dl><dt><span class="term"><span class="bold"><strong>uschar rfc2047_decode(uschar *string, BOOL lencheck, uschar *target, int zeroval, int *lenptr, uschar **error)</strong></span></span></dt><dd><p>
This function decodes strings that are encoded according to RFC 2047. Typically
these are the contents of header lines. First, each “<span class="quote">encoded word</span>” is decoded
from the Q or B encoding into a byte-string. Then, if provided with the name of
a charset encoding, and if the <em class="function">iconv()</em> function is available, an attempt is
made to translate the result to the named character set. If this fails, the
binary string is returned with an error message.
</p>
<p>
The first argument is the string to be decoded. If <span><strong class="option">lencheck</strong></span> is TRUE, the
maximum MIME word length is enforced. The third argument is the target
encoding, or NULL if no translation is wanted.
</p>
<p>
<a id="id639807" class="indexterm"></a>
<a id="id639822" class="indexterm"></a>
If a binary zero is encountered in the decoded string, it is replaced by the
contents of the <span><strong class="option">zeroval</strong></span> argument. For use with Exim headers, the value must
not be 0 because header lines are handled as zero-terminated strings.
</p>
<p>
The function returns the result of processing the string, zero-terminated; if
<span><strong class="option">lenptr</strong></span> is not NULL, the length of the result is set in the variable to
which it points. When <span><strong class="option">zeroval</strong></span> is 0, <span><strong class="option">lenptr</strong></span> should not be NULL.
</p>
<p>
If an error is encountered, the function returns NULL and uses the <span><strong class="option">error</strong></span>
argument to return an error message. The variable pointed to by <span><strong class="option">error</strong></span> is
set to NULL if there is no error; it may be set non-NULL even when the function
returns a non-NULL value if decoding was successful, but there was a problem
with translation.
</p>
</dd><dt><span class="term"><span class="bold"><strong>int smtp_fflush(void)</strong></span></span></dt><dd><p>
This function is used in conjunction with <span class="emphasis"><em>smtp_printf()</em></span>, as described
below.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void smtp_printf(char *, ...)</strong></span></span></dt><dd><p>
The arguments of this function are like <em class="function">printf()</em>; it writes to the SMTP
output stream. You should use this function only when there is an SMTP output
stream, that is, when the incoming message is being received via interactive
SMTP. This is the case when <span><strong class="option">smtp_input</strong></span> is TRUE and <span><strong class="option">smtp_batched_input</strong></span>
is FALSE. If you want to test for an incoming message from another host (as
opposed to a local process that used the <span><strong class="option">-bs</strong></span> command line option), you can
test the value of <span><strong class="option">sender_host_address</strong></span>, which is non-NULL when a remote host
is involved.
</p>
<p>
If an SMTP TLS connection is established, <span class="emphasis"><em>smtp_printf()</em></span> uses the TLS
output function, so it can be used for all forms of SMTP connection.
</p>
<p>
Strings that are written by <span class="emphasis"><em>smtp_printf()</em></span> from within <em class="function">local_scan()</em>
must start with an appropriate response code: 550 if you are going to return
LOCAL_SCAN_REJECT, 451 if you are going to return
LOCAL_SCAN_TEMPREJECT, and 250 otherwise. Because you are writing the
initial lines of a multi-line response, the code must be followed by a hyphen
to indicate that the line is not the final response line. You must also ensure
that the lines you write terminate with CRLF. For example:
</p>
<pre class="literallayout">smtp_printf("550-this is some extra info\r\n");
return LOCAL_SCAN_REJECT;
</pre><p>
Note that you can also create multi-line responses by including newlines in
the data returned via the <span><strong class="option">return_text</strong></span> argument. The added value of using
<span class="emphasis"><em>smtp_printf()</em></span> is that, for instance, you could introduce delays between
multiple output lines.
</p>
<p>
The <span class="emphasis"><em>smtp_printf()</em></span> function does not return any error indication, because it
does not automatically flush pending output, and therefore does not test
the state of the stream. (In the main code of Exim, flushing and error
detection is done when Exim is ready for the next SMTP input command.) If
you want to flush the output and check for an error (for example, the
dropping of a TCP/IP connection), you can call <span class="emphasis"><em>smtp_fflush()</em></span>, which has no
arguments. It flushes the output stream, and returns a non-zero value if there
is an error.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void *store_get(int)</strong></span></span></dt><dd><p>
This function accesses Exim’s internal store (memory) manager. It gets a new
chunk of memory whose size is given by the argument. Exim bombs out if it ever
runs out of memory. See the next section for a discussion of memory handling.
</p>
</dd><dt><span class="term"><span class="bold"><strong>void *store_get_perm(int)</strong></span></span></dt><dd><p>
This function is like <span class="emphasis"><em>store_get()</em></span>, but it always gets memory from the
permanent pool. See the next section for a discussion of memory handling.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *string_copy(uschar *string)</strong></span></span></dt><dd><p>
See below.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *string_copyn(uschar *string, int length)</strong></span></span></dt><dd><p>
See below.
</p>
</dd><dt><span class="term"><span class="bold"><strong>uschar *string_sprintf(char *format, ...)</strong></span></span></dt><dd><p>
These three functions create strings using Exim’s dynamic memory facilities.
The first makes a copy of an entire string. The second copies up to a maximum
number of characters, indicated by the second argument. The third uses a format
and insertion arguments to create a new string. In each case, the result is a
pointer to a new string in the current memory pool. See the next section for
more discussion.
</p>
</dd></dl></div>
</div>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
<div>
<h3 xmlns="" class="title"><a xmlns="http://www.w3.org/1999/xhtml" href="index.html#toc0373" id="SECTmemhanloc">42.8 More about Exim’s memory handling</a></h3></div>
</div>
</div>
<p>
<a id="id640113" class="indexterm"></a>
No function is provided for freeing memory, because that is never needed.
The dynamic memory that Exim uses when receiving a message is automatically
recycled if another message is received by the same process (this applies only
to incoming SMTP connections – other input methods can supply only one
message at a time). After receiving the last message, a reception process
terminates.
</p>
<p>
Because it is recycled, the normal dynamic memory cannot be used for holding
data that must be preserved over a number of incoming messages on the same SMTP
connection. However, Exim in fact uses two pools of dynamic memory; the second
one is not recycled, and can be used for this purpose.
</p>
<p>
If you want to allocate memory that remains available for subsequent messages
in the same SMTP connection, you should set
</p>
<pre class="literallayout">store_pool = POOL_PERM
</pre><p>
before calling the function that does the allocation. There is no need to
restore the value if you do not need to; however, if you do want to revert to
the normal pool, you can either restore the previous value of <span><strong class="option">store_pool</strong></span> or
set it explicitly to POOL_MAIN.
</p>
<p>
The pool setting applies to all functions that get dynamic memory, including
<span class="emphasis"><em>expand_string()</em></span>, <span class="emphasis"><em>store_get()</em></span>, and the <span class="emphasis"><em>string_xxx()</em></span> functions.
There is also a convenience function called <span class="emphasis"><em>store_get_perm()</em></span> that gets a
block of memory from the permanent pool while preserving the value of
<span><strong class="option">store_pool</strong></span>.
<a id="id640197" class="indexterm"></a>
</p>
</div>
</div>
<div class="navfooter">
<table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ch41.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="ch43.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div>
</body></html>
