59 lines
2.9 KiB
Plaintext
59 lines
2.9 KiB
Plaintext
Postfix enhanced status code implementation notes
|
|
=================================================
|
|
|
|
RFC 3463 Enhanced status code support is implemented in stages. In
|
|
the first stage, the goal is to minimize code changes (it's several
|
|
hundred pages of context diffs already). For this reason, the
|
|
pre-existing status variables (success, defer, etc.) are still
|
|
updated separately from the diagnostic text and the RFC 3463 enhanced
|
|
status code. All this means that one has to be careful when updating
|
|
the code, to keep things in sync.
|
|
|
|
Specific issues that one should be aware of:
|
|
|
|
- In the SMTP client, update the enhanced status code and text
|
|
whenever smtp_errno or resp->code are updated, or place an explicit
|
|
comment that says no update is needed.
|
|
|
|
- In the SMTP client, don't worry about the initial enhanced status
|
|
digit when reporting failure to look up or connect to a host. For
|
|
convenience, the SMTP client top-level code automatically changes
|
|
the initial digit into '4' or '5' as appropriate.
|
|
|
|
- In the SMTP server, don't worry about the initial enhanced status
|
|
code digit when an smtpd_mumble_restriction rejects access. For
|
|
convenience, the smtpd_check_reject() routine automatically changes
|
|
the initial digit into '4' or '5' as appropriate.
|
|
|
|
- Some low-level support routines update the diagnostic text but
|
|
not the enhanced status code. To identify these, search for functions
|
|
that are called with why->vstring as output parameter, and make
|
|
sure that the caller updates the enhanced status code in all
|
|
appropriate cases.
|
|
|
|
- By design, the pipe, local and virtual delivery agent code never
|
|
update the diagnostic text separately from the enhanced status code.
|
|
|
|
- Don't rely on the system errno value after calling a routine that
|
|
performs or prepares for mail delivery. Instead, have that routine
|
|
update the enhanced status code (and text) when the error happens.
|
|
This was an issue with mailbox, maildir and file delivery. Currently
|
|
there remains one exception to this errno usage rule; the maildir
|
|
delivery routines log a helpful warning when delivery fails with
|
|
EACCES. The latter happens to work because mbox_open() does not
|
|
need to unlock the output file, so it won't clobber the errno value.
|
|
|
|
- Avoid passing around strings that combine enhanced status code
|
|
and diagnostic text. Instead, use separate variables for status
|
|
code and text, so that the compiler can enforce that everything has
|
|
a status code. Currently there are two exceptions to this rule:
|
|
the cleanup server status reply, and the delivery agent status
|
|
reply. Once these protocols are updated we can remove the dns_prepend()
|
|
routine. The third exception, enhanced status codes in external
|
|
command output, is a feature.
|
|
|
|
- The bounce/defer/sent library modules will catch the cases where
|
|
an enhanced status code does not match the reject/defer/success
|
|
status. They log a warning message, and replace the incorrect
|
|
enhanced status code by a generic one.
|