dnl
dnl проверка синтаксиса SMTP команд MAIL и RCPT
dnl
dnl NO		- не проводить проверку синтаксиса SMTP команд
dnl YES		- проводить проверку синтаксиса SMTP команд
dnl define(`confCHECK_SMTP_COMMANDS', `NO')dnl
dnl
dnl шаблоны проверки синтаксиса SMTP команд находятся в файлах
dnl CONFDIR/access-smtp-command-mail и CONFDIR/access-smtp-command-rcpt
dnl в виде:
dnl шаблон : действие : сообщение SMTP клиенту : сообщение в файл протокола
dnl
dnl в качестве "действия" могут выступать:
dnl ok			- исключать проверяемое значение из дальнейших проверок
dnl warn		- выдача предупреждения в лог файл и в заголовки письма
dnl 			и добавление в заголовки сообщения поле X-Warn-SMTP-Command
dnl 			текст сообщения об ошибке может быть указан через двоеточие
dnl deny или reject	- отказ в приеме сообщения
dnl drop		- отказ в приеме сообщения с обрывом соединения
dnl discard		- прием письма без доставки получателю
dnl defer		- возврат клиенту временной ошибки 4xx
dnl quarantine		- принять письмо с сохранением в карантин без доставки получателям
dnl greylist=xx		- добавление xx баллов к счетчику опционального greylisting'а
dnl greylisting=xx	- синоним greylist=xx
dnl reject=yy		- добавление yy баллов к счетчику опционального reject'а
dnl deny=yy		- синоним reject=yy
dnl delay=zz		- задержка на zz секунд перед продолжением обработки сообщения
dnl pause=zz		- синоним delay=zz
dnl
dnl пример (для access-smtp-command-mail):
dnl \N^(?-i)MAIL\x20FROM\x3A\s*[^<\s]\N			: warn delay=20 greylist=10 reject=2 : Temporary local problem : The angle brackets in MAIL FROM command not found
dnl \N^(?-i)Mail\x20from\x3A\s*[^<\s]\N			: warn delay=20 greylist=10 reject=2 : Temporary local problem : The angle brackets in MAIL FROM command not found 
dnl \N^(?-i)MAIL\x20FROM\x3A\N				: ok
dnl \N^(?-i)Mail\x20from\x3A\N				: ok
dnl \N^(?-i)[^\x3A]*[a-z][^\x3A]*\x3A\s*[^<\s]\N	: warn delay=30 greylist=10 reject=4 : Temporary local problem : The angle brackets in MAIL FROM command not found and lowercase letter has found in MAIL FROM command
dnl \N^mail\x20from\x3A\s*[^<\s]\N			: warn delay=20 greylist=10 reject=2 : Temporary local problem : The angle brackets in MAIL FROM command not found
dnl \N^(?-i)[^\x3A]*[a-z][^\x3A]*\x3A\N 		: warn delay=20 greylist=10 reject=2 : Temporary local problem : Lowercase letter has found in MAIL FROM command
dnl

# Проверка синтаксиса SMTP команды MAIL

	warn	set acl_m0	=
ifdef(`confRECIPIENTS_SPAM_FRIENDS', `ifelse(confRECIPIENTS_SPAM_FRIENDS, `NO', `dnl
	warn	domains		= +local_domains confDOMAINS_ABUSE
		local_parts	= postmaster : abuse
		set acl_m0	= skip
', `dnl
	warn	domains		= +local_domains confDOMAINS_ABUSE
		recipients	= @@wildlsearch;CONFDIR/recipients_spam_friends
		set acl_m0	= skip
')') dnl ifdef(`confRECIPIENTS_SPAM_FRIENDS', `ifelse(confRECIPIENTS_SPAM_FRIENDS, `NO', `')')

	warn	set acl_m1	=
		condition	= ${if eq{$acl_m0}{}{yes}{no}}
		set acl_m0	= ${lookup{$acl_m_smtp_command_mail_from}wildlsearch{CONFDIR/access-smtp-command-mail}{$value}{}}
		condition	= ${if eq{$acl_m0}{}{no}{yes}}
		acl		= acl_normalize_action "${extract{1}{:}{$acl_m0}}"
		set acl_m1	= ${sg{$acl_m_normalize_action_result }{\N\b([^=\s\d]+)(\s)\N}{\$1=00\$2}}
		# message	= $acl_m2
		# log_message	= $acl_m0
		set acl_m2	= ${expand:${sg{${extract{2}{:}{$acl_m0}}}{\N^\s+\N}{}}}
		set acl_m2	= ${if eq{$acl_m2}{}{Access denied}{$acl_m2}}
		set acl_m0	= ${expand:${sg{${extract{3}{:}{$acl_m0}}}{\N^\s+\N}{}}}
		set acl_m_check_smtp_cmd_mail_msg	= ${if eq{$acl_m0}{}{}{: $acl_m0}}
		set acl_m0	= ${if eq{$acl_m0}{}{SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)${if eq{$acl_m2}{}{}{: $acl_m2}}}{$acl_m0 ($acl_m_smtp_command_mail_from)}}

	warn	condition	= ${if match{$acl_m1}{warn}{yes}{no}}
		log_message	= $acl_m0${if eq{${extract{pause}{$acl_m1}}}{}{}{: message delayed for ${extract{pause}{$acl_m1}}s}}
		add_header	= X-Warn-SMTP-Command-MAIL: $acl_m0
	warn	condition	= ${if eq{${extract{pause}{$acl_m1}}}{}{no}{yes}}
		delay		= ${extract{pause}{$acl_m1}}s
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				delay=${extract{pause}{$acl_m1}}s\t\t\
				$acl_m0\n
	# quarantine and !reject
	warn	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
		add_header	= X-Quarantine-SMTP-Command-MAIL: SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)${acl_m_check_smtp_cmd_mail_msg}
		log_message	= message will be quarantined: SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)
		set acl_m_add_x_orig_rcpt = yes
		set acl_m_quarantined = $acl_m_quarantined envelope
	accept	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
	# quarantine and reject
	accept	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{yes}{no}}
		log_message	= message will be quarantined: SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)
		set acl_m_fakereject	= \
				message will be quarantined: SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)\
				|X-Quarantine-SMTP-Command-MAIL: SMTP command MAIL systax error ($acl_m_smtp_command_mail_from)${acl_m_check_smtp_cmd_mail_msg}\
				|${expand:$acl_m2}
		set acl_m_add_x_orig_rcpt = yes
		set acl_m_quarantined = $acl_m_quarantined envelope
	# !quarantine and reject
	deny	condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{no}{yes}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	defer	condition	= ${if match{$acl_m1}{defer}{yes}{no}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	drop	condition	= ${if match{$acl_m1}{drop}{yes}{no}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	discard	condition	= ${if match{$acl_m1}{discard}{yes}{no}}
		log_message	= $acl_m0
ifelse(confGREYLIST, `OPTIONAL', `dnl
	warn	condition	= ${if eq{${extract{greylist}{$acl_m1}}}{}{no}{yes}}
		set acl_m_optional_greylist	= \
				scores=${eval:${extract{scores}{$acl_m_optional_greylist}}+${extract{greylist}{$acl_m1}}} \
				log_message="${extract{log_message}{$acl_m_optional_greylist}} $acl_m0;"
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				greylist scores=${extract{greylist}{$acl_m1}}\t\
				$acl_m0\n
') dnl ifelse(confGREYLIST, `OPTIONAL', `')
ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `dnl', `dnl
	warn	condition	= ${if eq{${extract{reject}{$acl_m1}}}{}{no}{yes}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
		set acl_m_optional_reject	= \
				scores=${eval:${extract{scores}{$acl_m_optional_reject}}+${extract{reject}{$acl_m1}}} \
				log_message="${extract{log_message}{$acl_m_optional_reject}} $acl_m0;"
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				reject scores=${extract{reject}{$acl_m1}}\t\t\
				$acl_m0\n
')') dnl ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `', `')')


# Проверка синтаксиса SMTP команды RCPT

	warn	set acl_m0	=
ifdef(`confRECIPIENTS_SPAM_FRIENDS', `ifelse(confRECIPIENTS_SPAM_FRIENDS, `NO', `dnl
	warn	domains		= +local_domains confDOMAINS_ABUSE
		local_parts	= postmaster : abuse
		set acl_m0	= skip
', `dnl
	warn	domains		= +local_domains confDOMAINS_ABUSE
		recipients	= @@wildlsearch;CONFDIR/recipients_spam_friends
		set acl_m0	= skip
')') dnl ifdef(`confRECIPIENTS_SPAM_FRIENDS', `ifelse(confRECIPIENTS_SPAM_FRIENDS, `NO', `')')

	warn	set acl_m1	=
		condition	= ${if eq{$acl_m0}{}{yes}{no}}
		set acl_m0	= ${lookup{$acl_m_smtp_command_rcpt_to}wildlsearch{CONFDIR/access-smtp-command-rcpt}{$value}{}}
		condition	= ${if eq{$acl_m0}{}{no}{yes}}
		acl		= acl_normalize_action "${extract{1}{:}{$acl_m0}}"
		set acl_m1	= ${sg{$acl_m_normalize_action_result }{\N\b([^=\s\d]+)(\s)\N}{\$1=00\$2}}
		# message	= $acl_m2
		# log_message	= $acl_m0
		set acl_m2	= ${expand:${sg{${extract{2}{:}{$acl_m0}}}{\N^\s+\N}{}}}
		set acl_m2	= ${if eq{$acl_m2}{}{Access denied}{$acl_m2}}
		set acl_m0	= ${expand:${sg{${extract{3}{:}{$acl_m0}}}{\N^\s+\N}{}}}
		set acl_m_check_smtp_cmd_rcpt_msg	= ${if eq{$acl_m0}{}{}{: $acl_m0}}
		set acl_m0	= ${if eq{$acl_m0}{}{SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)${if eq{$acl_m2}{}{}{: $acl_m2}}}{$acl_m0 ($acl_m_smtp_command_rcpt_to)}}

	warn	condition	= ${if match{$acl_m1}{warn}{yes}{no}}
		log_message	= $acl_m0${if eq{${extract{pause}{$acl_m1}}}{}{}{: message delayed for ${extract{pause}{$acl_m1}}s}}
		add_header	= X-Warn-SMTP-Command-RCPT: $acl_m0
	warn	condition	= ${if eq{${extract{pause}{$acl_m1}}}{}{no}{yes}}
		delay		= ${extract{pause}{$acl_m1}}s
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				delay=${extract{pause}{$acl_m1}}s\t\t\
				$acl_m0\n
	# quarantine and !reject
	warn	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
		add_header	= X-Quarantine-SMTP-Command-RCPT: SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)${acl_m_check_smtp_cmd_rcpt_msg}
		log_message	= message will be quarantined: SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)
		set acl_m_add_x_orig_rcpt = yes
		set acl_m_quarantined = $acl_m_quarantined envelope
	accept	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
	# quarantine and reject
	accept	condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{yes}{no}}
		log_message	= message will be quarantined: SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)
		set acl_m_fakereject	= \
				message will be quarantined: SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)\
				|X-Quarantine-SMTP-Command-RCPT: SMTP command RCPT systax error ($acl_m_smtp_command_rcpt_to)${acl_m_check_smtp_cmd_rcpt_msg}\
				|${expand:$acl_m2}
		set acl_m_add_x_orig_rcpt = yes
		set acl_m_quarantined = $acl_m_quarantined envelope
	# !quarantine and reject
	deny	condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{yes}{no}}
		condition	= ${if eq{${extract{quarantine}{$acl_m1}}}{00}{no}{yes}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	defer	condition	= ${if match{$acl_m1}{defer}{yes}{no}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	drop	condition	= ${if match{$acl_m1}{drop}{yes}{no}}
		log_message	= $acl_m0
		message		= ${expand:$acl_m2}
	discard	condition	= ${if match{$acl_m1}{discard}{yes}{no}}
		log_message	= $acl_m0
ifelse(confGREYLIST, `OPTIONAL', `dnl
	warn	condition	= ${if eq{${extract{greylist}{$acl_m1}}}{}{no}{yes}}
		set acl_m_optional_greylist	= \
				scores=${eval:${extract{scores}{$acl_m_optional_greylist}}+${extract{greylist}{$acl_m1}}} \
				log_message="${extract{log_message}{$acl_m_optional_greylist}} $acl_m0;"
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				greylist scores=${extract{greylist}{$acl_m1}}\t\
				$acl_m0\n
') dnl ifelse(confGREYLIST, `OPTIONAL', `')
ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `dnl', `dnl
	warn	condition	= ${if eq{${extract{reject}{$acl_m1}}}{}{no}{yes}}
		condition	= ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}}
		set acl_m_optional_reject	= \
				scores=${eval:${extract{scores}{$acl_m_optional_reject}}+${extract{reject}{$acl_m1}}} \
				log_message="${extract{log_message}{$acl_m_optional_reject}} $acl_m0;"
		set acl_m_spam_action	= ${acl_m_spam_action}\t\
				reject scores=${extract{reject}{$acl_m1}}\t\t\
				$acl_m0\n
')') dnl ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `', `')')