search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / external / ibm-public / postfix / dist / src / verify / verify.c
blob9f88fd783b7026c8eb11967c0c0c153107d800bd
1 /* $NetBSD$ */
2
3 /*++
4 /* NAME
5 /* verify 8
6 /* SUMMARY
7 /* Postfix address verification server
8 /* SYNOPSIS
9 /* \fBverify\fR [generic Postfix daemon options]
10 /* DESCRIPTION
11 /* The \fBverify\fR(8) address verification server maintains a record
12 /* of what recipient addresses are known to be deliverable or
13 /* undeliverable.
14 /*
15 /* Addresses are verified by injecting probe messages into the
16 /* Postfix queue. Probe messages are run through all the routing
17 /* and rewriting machinery except for final delivery, and are
18 /* discarded rather than being deferred or bounced.
19 /*
20 /* Address verification relies on the answer from the nearest
21 /* MTA for the specified address, and will therefore not detect
22 /* all undeliverable addresses.
23 /*
24 /* The \fBverify\fR(8) server is designed to run under control
25 /* by the Postfix
26 /* master server. It maintains an optional persistent database.
27 /* To avoid being interrupted by "postfix stop" in the middle
28 /* of a database update, the process runs in a separate process
29 /* group.
30 /*
31 /* The \fBverify\fR(8) server implements the following requests:
32 /* .IP "\fBupdate\fI address status text\fR"
33 /* Update the status and text of the specified address.
34 /* .IP "\fBquery\fI address\fR"
35 /* Look up the \fIstatus\fR and \fItext\fR for the specified address.
36 /* If the status is unknown, a probe is sent and an "in progress"
37 /* status is returned.
38 /* SECURITY
39 /* .ad
40 /* .fi
41 /* The address verification server is not security-sensitive. It does
42 /* not talk to the network, and it does not talk to local users.
43 /* The verify server can run chrooted at fixed low privilege.
44 /*
45 /* The address verification server can be coerced to store
46 /* unlimited amounts of garbage. Limiting the cache size
47 /* trades one problem (disk space exhaustion) for another
48 /* one (poor response time to client requests).
49 /*
50 /* With Postfix version 2.5 and later, the \fBverify\fR(8)
51 /* server no longer uses root privileges when opening the
52 /* \fBaddress_verify_map\fR cache file. The file should now
53 /* be stored under the Postfix-owned \fBdata_directory\fR. As
54 /* a migration aid, an attempt to open a cache file under a
55 /* non-Postfix directory is redirected to the Postfix-owned
56 /* \fBdata_directory\fR, and a warning is logged.
57 /* DIAGNOSTICS
58 /* Problems and transactions are logged to \fBsyslogd\fR(8).
59 /* BUGS
60 /* The address verification service is suitable only for sites that
61 /* handle a low mail volume. Verification probes add additional
62 /* traffic to the mail queue and perform poorly under high load.
63 /* Servers may blacklist sites that probe excessively, or that
64 /* probe excessively for non-existent recipient addresses.
65 /*
66 /* If the persistent database ever gets corrupted then the world
67 /* comes to an end and human intervention is needed. This violates
68 /* a basic Postfix principle.
69 /* CONFIGURATION PARAMETERS
70 /* .ad
71 /* .fi
72 /* Changes to \fBmain.cf\fR are not picked up automatically,
73 /* as \fBverify\fR(8)
74 /* processes are persistent. Use the command "\fBpostfix reload\fR" after
75 /* a configuration change.
76 /*
77 /* The text below provides only a parameter summary. See
78 /* \fBpostconf\fR(5) for more details including examples.
79 /* CACHE CONTROLS
80 /* .ad
81 /* .fi
82 /* .IP "\fBaddress_verify_map (empty)\fR"
83 /* Optional lookup table for persistent address verification status
84 /* storage.
85 /* .IP "\fBaddress_verify_sender ($double_bounce_sender)\fR"
86 /* The sender address to use in address verification probes; prior
87 /* to Postfix 2.5 the default was "postmaster".
88 /* .IP "\fBaddress_verify_positive_expire_time (31d)\fR"
89 /* The time after which a successful probe expires from the address
90 /* verification cache.
91 /* .IP "\fBaddress_verify_positive_refresh_time (7d)\fR"
92 /* The time after which a successful address verification probe needs
93 /* to be refreshed.
94 /* .IP "\fBaddress_verify_negative_cache (yes)\fR"
95 /* Enable caching of failed address verification probe results.
96 /* .IP "\fBaddress_verify_negative_expire_time (3d)\fR"
97 /* The time after which a failed probe expires from the address
98 /* verification cache.
99 /* .IP "\fBaddress_verify_negative_refresh_time (3h)\fR"
100 /* The time after which a failed address verification probe needs to
101 /* be refreshed.
102 /* PROBE MESSAGE ROUTING CONTROLS
103 /* .ad
104 /* .fi
105 /* By default, probe messages are delivered via the same route
106 /* as regular messages. The following parameters can be used to
107 /* override specific message routing mechanisms.
108 /* .IP "\fBaddress_verify_relayhost ($relayhost)\fR"
109 /* Overrides the relayhost parameter setting for address verification
110 /* probes.
111 /* .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
112 /* Overrides the transport_maps parameter setting for address verification
113 /* probes.
114 /* .IP "\fBaddress_verify_local_transport ($local_transport)\fR"
115 /* Overrides the local_transport parameter setting for address
116 /* verification probes.
117 /* .IP "\fBaddress_verify_virtual_transport ($virtual_transport)\fR"
118 /* Overrides the virtual_transport parameter setting for address
119 /* verification probes.
120 /* .IP "\fBaddress_verify_relay_transport ($relay_transport)\fR"
121 /* Overrides the relay_transport parameter setting for address
122 /* verification probes.
123 /* .IP "\fBaddress_verify_default_transport ($default_transport)\fR"
124 /* Overrides the default_transport parameter setting for address
125 /* verification probes.
126 /* MISCELLANEOUS CONTROLS
127 /* .ad
128 /* .fi
129 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
130 /* The default location of the Postfix main.cf and master.cf
131 /* configuration files.
132 /* .IP "\fBdaemon_timeout (18000s)\fR"
133 /* How much time a Postfix daemon process may take to handle a
134 /* request before it is terminated by a built-in watchdog timer.
135 /* .IP "\fBipc_timeout (3600s)\fR"
136 /* The time limit for sending or receiving information over an internal
137 /* communication channel.
138 /* .IP "\fBprocess_id (read-only)\fR"
139 /* The process ID of a Postfix command or daemon process.
140 /* .IP "\fBprocess_name (read-only)\fR"
141 /* The process name of a Postfix command or daemon process.
142 /* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
143 /* The location of the Postfix top-level queue directory.
144 /* .IP "\fBsyslog_facility (mail)\fR"
145 /* The syslog facility of Postfix logging.
146 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
147 /* The mail system name that is prepended to the process name in syslog
148 /* records, so that "smtpd" becomes, for example, "postfix/smtpd".
149 /* SEE ALSO
150 /* smtpd(8), Postfix SMTP server
151 /* cleanup(8), enqueue Postfix message
152 /* postconf(5), configuration parameters
153 /* syslogd(5), system logging
154 /* README FILES
155 /* .ad
156 /* .fi
157 /* Use "\fBpostconf readme_directory\fR" or
158 /* "\fBpostconf html_directory\fR" to locate this information.
159 /* .na
160 /* .nf
161 /* ADDRESS_VERIFICATION_README, address verification howto
162 /* LICENSE
163 /* .ad
164 /* .fi
165 /* The Secure Mailer license must be distributed with this software.
166 /* HISTORY
167 /* .ad
168 /* .fi
169 /* This service was introduced with Postfix version 2.1.
170 /* AUTHOR(S)
171 /* Wietse Venema
172 /* IBM T.J. Watson Research
173 /* P.O. Box 704
174 /* Yorktown Heights, NY 10598, USA
175 /*--*/
176
177 /* System library. */
178
179 #include <sys_defs.h>
180 #include <sys/stat.h>
181 #include <time.h>
182 #include <string.h>
183 #include <stdlib.h>
184 #include <unistd.h>
185
186 /* Utility library. */
187
188 #include <msg.h>
189 #include <mymalloc.h>
190 #include <htable.h>
191 #include <dict_ht.h>
192 #include <dict.h>
193 #include <split_at.h>
194 #include <stringops.h>
195 #include <set_eugid.h>
196
197 /* Global library. */
198
199 #include <mail_conf.h>
200 #include <mail_params.h>
201 #include <mail_version.h>
202 #include <mail_proto.h>
203 #include <post_mail.h>
204 #include <data_redirect.h>
205 #include <verify_clnt.h>
206
207 /* Server skeleton. */
208
209 #include <mail_server.h>
210
211 /* Application-specific. */
212
213 /*
214 * Tunable parameters.
215 */
216 char *var_verify_map;
217 int var_verify_pos_exp;
218 int var_verify_pos_try;
219 int var_verify_neg_exp;
220 int var_verify_neg_try;
221 char *var_verify_sender;
222
223 /*
224 * State.
225 */
226 static DICT *verify_map;
227
228 /*
229 * Silly little macros.
230 */
231 #define STR(x) vstring_str(x)
232 #define STREQ(x,y) (strcmp(x,y) == 0)
233
234 /*
235 * The address verification database consists of (address, data) tuples. The
236 * format of the data field is "status:probed:updated:text". The meaning of
237 * each field is:
238 *
239 * status: one of the four recipient status codes (OK, DEFER, BOUNCE or TODO).
240 * In the case of TODO, we have no information about the address, and the
241 * address is being probed.
242 *
243 * probed: if non-zero, the time the currently outstanding address probe was
244 * sent. If zero, there is no outstanding address probe.
245 *
246 * updated: if non-zero, the time the address probe result was received. If
247 * zero, we have no information about the address, and the address is being
248 * probed.
249 *
250 * text: descriptive text from delivery agents etc.
251 */
252
253 /*
254 * Quick test to see status without parsing the whole entry.
255 */
256 #define STATUS_FROM_RAW_ENTRY(e) atoi(e)
257
258 /* verify_make_entry - construct table entry */
259
260 static void verify_make_entry(VSTRING *buf, int status, long probed,
261 long updated, const char *text)
262 {
263 vstring_sprintf(buf, "%d:%ld:%ld:%s", status, probed, updated, text);
264 }
265
266 /* verify_parse_entry - parse table entry */
267
268 static int verify_parse_entry(char *buf, int *status, long *probed,
269 long *updated, char **text)
270 {
271 char *probed_text;
272 char *updated_text;
273
274 if ((probed_text = split_at(buf, ':')) != 0
275 && (updated_text = split_at(probed_text, ':')) != 0
276 && (*text = split_at(updated_text, ':')) != 0
277 && alldig(buf)
278 && alldig(probed_text)
279 && alldig(updated_text)) {
280 *probed = atol(probed_text);
281 *updated = atol(updated_text);
282 *status = atoi(buf);
283
284 /*
285 * Coverity 200604: the code incorrectly tested (probed || updated),
286 * so that the sanity check never detected all-zero time stamps. Such
287 * records are never written. If we read a record with all-zero time
288 * stamps, then something is badly broken.
289 */
290 if ((*status == DEL_RCPT_STAT_OK
291 || *status == DEL_RCPT_STAT_DEFER
292 || *status == DEL_RCPT_STAT_BOUNCE
293 || *status == DEL_RCPT_STAT_TODO)
294 && (*probed || *updated))
295 return (0);
296 }
297 msg_warn("bad address verify table entry: %.100s", buf);
298 return (-1);
299 }
300
301 /* verify_stat2name - status to name */
302
303 static const char *verify_stat2name(int addr_status)
304 {
305 if (addr_status == DEL_RCPT_STAT_OK)
306 return ("deliverable");
307 if (addr_status == DEL_RCPT_STAT_DEFER)
308 return ("undeliverable");
309 if (addr_status == DEL_RCPT_STAT_BOUNCE)
310 return ("undeliverable");
311 return (0);
312 }
313
314 /* verify_update_service - update address service */
315
316 static void verify_update_service(VSTREAM *client_stream)
317 {
318 VSTRING *buf = vstring_alloc(10);
319 VSTRING *addr = vstring_alloc(10);
320 int addr_status;
321 VSTRING *text = vstring_alloc(10);
322 const char *status_name;
323 const char *raw_data;
324 long probed;
325 long updated;
326
327 if (attr_scan(client_stream, ATTR_FLAG_STRICT,
328 ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
329 ATTR_TYPE_INT, MAIL_ATTR_ADDR_STATUS, &addr_status,
330 ATTR_TYPE_STR, MAIL_ATTR_WHY, text,
331 ATTR_TYPE_END) == 3) {
332 /* FIX 200501 IPv6 patch did not neuter ":" in address literals. */
333 translit(STR(addr), ":", "_");
334 if ((status_name = verify_stat2name(addr_status)) == 0) {
335 msg_warn("bad recipient status %d for recipient %s",
336 addr_status, STR(addr));
337 attr_print(client_stream, ATTR_FLAG_NONE,
338 ATTR_TYPE_INT, MAIL_ATTR_STATUS, VRFY_STAT_BAD,
339 ATTR_TYPE_END);
340 } else {
341
342 /*
343 * Robustness: don't allow a failed probe to clobber an OK
344 * address before it expires. The failed probe is ignored so that
345 * the address will be re-probed upon the next query. As long as
346 * some probes succeed the address will remain cached as OK.
347 */
348 if (addr_status == DEL_RCPT_STAT_OK
349 || (raw_data = dict_get(verify_map, STR(addr))) == 0
350 || STATUS_FROM_RAW_ENTRY(raw_data) != DEL_RCPT_STAT_OK) {
351 probed = 0;
352 updated = (long) time((time_t *) 0);
353 verify_make_entry(buf, addr_status, probed, updated, STR(text));
354 if (msg_verbose)
355 msg_info("PUT %s status=%d probed=%ld updated=%ld text=%s",
356 STR(addr), addr_status, probed, updated, STR(text));
357 dict_put(verify_map, STR(addr), STR(buf));
358 }
359 attr_print(client_stream, ATTR_FLAG_NONE,
360 ATTR_TYPE_INT, MAIL_ATTR_STATUS, VRFY_STAT_OK,
361 ATTR_TYPE_END);
362 }
363 }
364 vstring_free(buf);
365 vstring_free(addr);
366 vstring_free(text);
367 }
368
369 /* verify_post_mail_action - callback */
370
371 static void verify_post_mail_action(VSTREAM *stream, void *unused_context)
372 {
373
374 /*
375 * Probe messages need no body content, because they are never delivered,
376 * deferred, or bounced.
377 */
378 if (stream != 0)
379 post_mail_fclose(stream);
380 }
381
382 /* verify_query_service - query address status */
383
384 static void verify_query_service(VSTREAM *client_stream)
385 {
386 VSTRING *addr = vstring_alloc(10);
387 VSTRING *get_buf = 0;
388 VSTRING *put_buf = 0;
389 const char *raw_data;
390 int addr_status;
391 long probed;
392 long updated;
393 char *text;
394
395 if (attr_scan(client_stream, ATTR_FLAG_STRICT,
396 ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
397 ATTR_TYPE_END) == 1) {
398 long now = (long) time((time_t *) 0);
399
400 /*
401 * Produce a default record when no usable record exists.
402 *
403 * If negative caching is disabled, purge an expired record from the
404 * database.
405 *
406 * XXX Assume that a probe is lost if no response is received in 1000
407 * seconds. If this number is too small the queue will slowly fill up
408 * with delayed probes.
409 *
410 * XXX Maintain a moving average for the probe turnaround time, and
411 * allow probe "retransmission" when a probe is outstanding for, say
412 * some minimal amount of time (1000 sec) plus several times the
413 * observed probe turnaround time. This causes probing to back off
414 * when the mail system becomes congested.
415 */
416 #define POSITIVE_ENTRY_EXPIRED(addr_status, updated) \
417 (addr_status == DEL_RCPT_STAT_OK && updated + var_verify_pos_exp < now)
418 #define NEGATIVE_ENTRY_EXPIRED(addr_status, updated) \
419 (addr_status != DEL_RCPT_STAT_OK && updated + var_verify_neg_exp < now)
420 #define PROBE_TTL 1000
421
422 /* FIX 200501 IPv6 patch did not neuter ":" in address literals. */
423 translit(STR(addr), ":", "_");
424 if ((raw_data = dict_get(verify_map, STR(addr))) == 0 /* not found */
425 || ((get_buf = vstring_alloc(10)),
426 vstring_strcpy(get_buf, raw_data), /* malformed */
427 verify_parse_entry(STR(get_buf), &addr_status, &probed,
428 &updated, &text) < 0)
429 || (now - probed > PROBE_TTL /* safe to probe */
430 && (POSITIVE_ENTRY_EXPIRED(addr_status, updated)
431 || NEGATIVE_ENTRY_EXPIRED(addr_status, updated)))) {
432 addr_status = DEL_RCPT_STAT_TODO;
433 probed = 0;
434 updated = 0;
435 text = "Address verification in progress";
436 if (raw_data != 0 && var_verify_neg_cache == 0)
437 dict_del(verify_map, STR(addr));
438 }
439 if (msg_verbose)
440 msg_info("GOT %s status=%d probed=%ld updated=%ld text=%s",
441 STR(addr), addr_status, probed, updated, text);
442
443 /*
444 * Respond to the client.
445 */
446 attr_print(client_stream, ATTR_FLAG_NONE,
447 ATTR_TYPE_INT, MAIL_ATTR_STATUS, VRFY_STAT_OK,
448 ATTR_TYPE_INT, MAIL_ATTR_ADDR_STATUS, addr_status,
449 ATTR_TYPE_STR, MAIL_ATTR_WHY, text,
450 ATTR_TYPE_END);
451
452 /*
453 * Send a new probe when the information needs to be refreshed.
454 *
455 * XXX For an initial proof of concept implementation, use synchronous
456 * mail submission. This needs to be made async for high-volume
457 * sites, which makes it even more interesting to eliminate duplicate
458 * queries while a probe is being built.
459 *
460 * If negative caching is turned off, update the database only when
461 * refreshing an existing entry.
462 */
463 #define POSITIVE_REFRESH_NEEDED(addr_status, updated) \
464 (addr_status == DEL_RCPT_STAT_OK && updated + var_verify_pos_try < now)
465 #define NEGATIVE_REFRESH_NEEDED(addr_status, updated) \
466 (addr_status != DEL_RCPT_STAT_OK && updated + var_verify_neg_try < now)
467
468 if (now - probed > PROBE_TTL
469 && (POSITIVE_REFRESH_NEEDED(addr_status, updated)
470 || NEGATIVE_REFRESH_NEEDED(addr_status, updated))) {
471 if (msg_verbose)
472 msg_info("PROBE %s status=%d probed=%ld updated=%ld",
473 STR(addr), addr_status, now, updated);
474 post_mail_fopen_async(strcmp(var_verify_sender, "<>") == 0 ?
475 "" : var_verify_sender, STR(addr),
476 INT_FILT_MASK_NONE,
477 DEL_REQ_FLAG_MTA_VRFY,
478 (VSTRING *) 0,
479 verify_post_mail_action,
480 (void *) 0);
481 if (updated != 0 || var_verify_neg_cache != 0) {
482 put_buf = vstring_alloc(10);
483 verify_make_entry(put_buf, addr_status, now, updated, text);
484 if (msg_verbose)
485 msg_info("PUT %s status=%d probed=%ld updated=%ld text=%s",
486 STR(addr), addr_status, now, updated, text);
487 dict_put(verify_map, STR(addr), STR(put_buf));
488 }
489 }
490 }
491 vstring_free(addr);
492 if (get_buf)
493 vstring_free(get_buf);
494 if (put_buf)
495 vstring_free(put_buf);
496 }
497
498 /* verify_service - perform service for client */
499
500 static void verify_service(VSTREAM *client_stream, char *unused_service,
501 char **argv)
502 {
503 VSTRING *request = vstring_alloc(10);
504
505 /*
506 * Sanity check. This service takes no command-line arguments.
507 */
508 if (argv[0])
509 msg_fatal("unexpected command-line argument: %s", argv[0]);
510
511 /*
512 * This routine runs whenever a client connects to the socket dedicated
513 * to the address verification service. All connection-management stuff
514 * is handled by the common code in multi_server.c.
515 */
516 if (attr_scan(client_stream,
517 ATTR_FLAG_MORE | ATTR_FLAG_STRICT,
518 ATTR_TYPE_STR, MAIL_ATTR_REQ, request,
519 ATTR_TYPE_END) == 1) {
520 if (STREQ(STR(request), VRFY_REQ_UPDATE)) {
521 verify_update_service(client_stream);
522 } else if (STREQ(STR(request), VRFY_REQ_QUERY)) {
523 verify_query_service(client_stream);
524 } else {
525 msg_warn("unrecognized request: \"%s\", ignored", STR(request));
526 attr_print(client_stream, ATTR_FLAG_NONE,
527 ATTR_TYPE_INT, MAIL_ATTR_STATUS, VRFY_STAT_BAD,
528 ATTR_TYPE_END);
529 }
530 }
531 vstream_fflush(client_stream);
532 vstring_free(request);
533 }
534
535 /* post_jail_init - post-jail initialization */
536
537 static void post_jail_init(char *unused_name, char **unused_argv)
538 {
539
540 /*
541 * If the database is in volatile memory only, prevent automatic process
542 * suicide after a limited number of client requests or after a limited
543 * amount of idle time.
544 */
545 if (*var_verify_map == 0) {
546 var_use_limit = 0;
547 var_idle_limit = 0;
548 }
549 }
550
551 /* pre_jail_init - pre-jail initialization */
552
553 static void pre_jail_init(char *unused_name, char **unused_argv)
554 {
555 mode_t saved_mask;
556 VSTRING *redirect;
557
558 /*
559 * Never, ever, get killed by a master signal, as that would corrupt the
560 * database when we're in the middle of an update.
561 */
562 setsid();
563
564 /*
565 * Security: don't create root-owned files that contain untrusted data.
566 * And don't create Postfix-owned files in root-owned directories,
567 * either. We want a correct relationship between (file/directory)
568 * ownership and (file/directory) content.
569 *
570 * XXX Non-root open can violate the principle of least surprise: Postfix
571 * can't open an *SQL config file for database read-write access, even
572 * though it can open that same control file for database read-only
573 * access.
574 *
575 * The solution is to query a map type and obtain its properties before
576 * opening it. A clean solution is to add a dict_info() API that is
577 * simlar to dict_open() except it returns properties (dict flags) only.
578 * A pragmatic solution is to overload the existing API and have
579 * dict_open() return a dummy map when given a null map name.
580 *
581 * However, the proxymap daemon has been opening *SQL maps as non-root for
582 * years now without anyone complaining, let's not solve a problem that
583 * doesn't exist.
584 */
585 SAVE_AND_SET_EUGID(var_owner_uid, var_owner_gid);
586 redirect = vstring_alloc(100);
587
588 /*
589 * Keep state in persistent (external) or volatile (internal) map.
590 */
591 #define VERIFY_DICT_OPEN_FLAGS (DICT_FLAG_DUP_REPLACE | DICT_FLAG_SYNC_UPDATE)
592
593 if (*var_verify_map) {
594 saved_mask = umask(022);
595 verify_map = dict_open(data_redirect_map(redirect, var_verify_map),
596 O_CREAT | O_RDWR,
597 VERIFY_DICT_OPEN_FLAGS);
598 (void) umask(saved_mask);
599 } else {
600 verify_map = dict_ht_open("verify", htable_create(0), myfree);
601 }
602
603 /*
604 * Clean up and restore privilege.
605 */
606 vstring_free(redirect);
607 RESTORE_SAVED_EUGID();
608 }
609
610 MAIL_VERSION_STAMP_DECLARE;
611
612 /* main - pass control to the multi-threaded skeleton */
613
614 int main(int argc, char **argv)
615 {
616 static const CONFIG_STR_TABLE str_table[] = {
617 VAR_VERIFY_MAP, DEF_VERIFY_MAP, &var_verify_map, 0, 0,
618 VAR_VERIFY_SENDER, DEF_VERIFY_SENDER, &var_verify_sender, 0, 0,
619 0,
620 };
621 static const CONFIG_TIME_TABLE time_table[] = {
622 VAR_VERIFY_POS_EXP, DEF_VERIFY_POS_EXP, &var_verify_pos_exp, 1, 0,
623 VAR_VERIFY_POS_TRY, DEF_VERIFY_POS_TRY, &var_verify_pos_try, 1, 0,
624 VAR_VERIFY_NEG_EXP, DEF_VERIFY_NEG_EXP, &var_verify_neg_exp, 1, 0,
625 VAR_VERIFY_NEG_TRY, DEF_VERIFY_NEG_TRY, &var_verify_neg_try, 1, 0,
626 0,
627 };
628
629 /*
630 * Fingerprint executables and core dumps.
631 */
632 MAIL_VERSION_STAMP_ALLOCATE;
633
634 multi_server_main(argc, argv, verify_service,
635 MAIL_SERVER_STR_TABLE, str_table,
636 MAIL_SERVER_TIME_TABLE, time_table,
637 MAIL_SERVER_PRE_INIT, pre_jail_init,
638 MAIL_SERVER_POST_INIT, post_jail_init,
639 MAIL_SERVER_SOLITARY,
640 0);
641 }
NetBSD on the FriendlyARM MINI2440