/tags/rel-1_5_1/squirrelmail/class/deliver/Deliver_SMTP.class.php
PHP | 514 lines | 360 code | 41 blank | 113 comment | 82 complexity | 452a72e8de9c821327451d3354aed1d9 MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0
- <?php
- /**
- * Deliver_SMTP.class.php
- *
- * SMTP delivery backend for the Deliver class.
- *
- * @copyright © 1999-2006 The SquirrelMail Project Team
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- * @version $Id: Deliver_SMTP.class.php 10595 2006-01-28 19:24:08Z tokul $
- * @package squirrelmail
- */
- /** @ignore */
- if (!defined('SM_PATH')) define('SM_PATH','../../');
- /** This of course depends upon Deliver */
- include_once(SM_PATH . 'class/deliver/Deliver.class.php');
- /**
- * Deliver messages using SMTP
- * @package squirrelmail
- */
- class Deliver_SMTP extends Deliver {
- /**
- * Array keys are uppercased ehlo keywords
- * array key values are ehlo params. If ehlo-param contains space, it is splitted into array.
- * @var array ehlo
- * @since 1.5.1
- */
- var $ehlo = array();
- /**
- * @var string domain
- * @since 1.5.1
- */
- var $domain = '';
- /**
- * SMTP STARTTLS rfc: "Both the client and the server MUST know if there
- * is a TLS session active."
- * Variable should be set to true, when encryption is turned on.
- * @var boolean
- * @since 1.5.1
- */
- var $tls_enabled = false;
- /**
- * Private var
- * var stream $stream
- * @todo don't pass stream resource in class method arguments.
- */
- //var $stream = false;
- /** @var string delivery error message */
- var $dlv_msg = '';
- /** @var integer delivery error number from server */
- var $dlv_ret_nr = '';
- /** @var string delivery error message from server */
- var $dlv_server_msg = '';
- function preWriteToStream(&$s) {
- if ($s) {
- if ($s{0} == '.') $s = '.' . $s;
- $s = str_replace("\n.","\n..",$s);
- }
- }
- function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false) {
- global $use_smtp_tls,$smtp_auth_mech;
- if ($authpop) {
- $this->authPop($host, '', $user, $pass);
- }
- $rfc822_header = $message->rfc822_header;
- $from = $rfc822_header->from[0];
- $to = $rfc822_header->to;
- $cc = $rfc822_header->cc;
- $bcc = $rfc822_header->bcc;
- $content_type = $rfc822_header->content_type;
- // MAIL FROM: <from address> MUST be empty in cae of MDN (RFC2298)
- if ($content_type->type0 == 'multipart' &&
- $content_type->type1 == 'report' &&
- isset($content_type->properties['report-type']) &&
- $content_type->properties['report-type']=='disposition-notification') {
- $from->host = '';
- $from->mailbox = '';
- }
- if ($use_smtp_tls == 1) {
- if ((check_php_version(4,3)) && (extension_loaded('openssl'))) {
- $stream = @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
- $this->tls_enabled = true;
- } else {
- /**
- * don't connect to server when user asks for smtps and
- * PHP does not support it.
- */
- $errorNumber = '';
- $errorString = _("Secure SMTP (TLS) is enabled in SquirrelMail configuration, but used PHP version does not support it.");
- }
- } else {
- $stream = @fsockopen($host, $port, $errorNumber, $errorString);
- }
- if (!$stream) {
- // reset tls state var to default value, if connection fails
- $this->tls_enabled = false;
- // set error messages
- $this->dlv_msg = $errorString;
- $this->dlv_ret_nr = $errorNumber;
- $this->dlv_server_msg = _("Can't open SMTP stream.");
- return(0);
- }
- // get server greeting
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- /*
- * If $_SERVER['HTTP_HOST'] is set, use that in our HELO to the SMTP
- * server. This should fix the DNS issues some people have had
- */
- if (sqgetGlobalVar('HTTP_HOST', $HTTP_HOST, SQ_SERVER)) { // HTTP_HOST is set
- // optionally trim off port number
- if($p = strrpos($HTTP_HOST, ':')) {
- $HTTP_HOST = substr($HTTP_HOST, 0, $p);
- }
- $helohost = $HTTP_HOST;
- } else { // For some reason, HTTP_HOST is not set - revert to old behavior
- $helohost = $domain;
- }
- /* Lets introduce ourselves */
- fputs($stream, "EHLO $helohost\r\n");
- // Read ehlo response
- $tmp = $this->parse_ehlo_response($stream);
- if ($this->errorCheck($tmp,$stream)) {
- // fall back to HELO if EHLO is not supported
- if ($this->dlv_ret_nr == '500') {
- fputs($stream, "HELO $helohost\r\n");
- $tmp = fgets($stream,1024);
- if ($this->errorCheck($tmp,$stream)) {
- return(0);
- }
- } else {
- return(0);
- }
- }
- /**
- * Implementing SMTP STARTTLS (rfc2487) in php 5.1.0+
- * http://www.php.net/stream-socket-enable-crypto
- */
- if ($use_smtp_tls == 2) {
- if (function_exists('stream_socket_enable_crypto')) {
- // don't try starting tls, when client thinks that it is already active
- if ($this->tls_enabled) {
- $this->dlv_msg = _("TLS session is already activated.");
- return 0;
- } elseif (!array_key_exists('STARTTLS',$this->ehlo)) {
- // check for starttls in ehlo response
- $this->dlv_msg = _("SMTP STARTTLS is enabled in SquirrelMail configuration, but used SMTP server does not support it");
- return 0;
- }
- // issue starttls command
- fputs($stream, "STARTTLS\r\n");
- // get response
- $tmp = fgets($stream,1024);
- if ($this->errorCheck($tmp,$stream)) {
- return 0;
- }
- // start crypto on connection. suppress function errors.
- if (@stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
- // starttls was successful (rfc2487 5.2 Result of the STARTTLS Command)
- // get new EHLO response
- fputs($stream, "EHLO $helohost\r\n");
- // Read ehlo response
- $tmp = $this->parse_ehlo_response($stream);
- if ($this->errorCheck($tmp,$stream)) {
- // don't revert to helo here. server must support ESMTP
- return 0;
- }
- // set information about started tls
- $this->tls_enabled = true;
- } else {
- /**
- * stream_socket_enable_crypto() call failed.
- */
- $this->dlv_msg = _("Unable to start TLS.");
- return 0;
- // Bug: can't get error message. See comments in sqimap_create_stream().
- }
- } else {
- // php install does not support stream_socket_enable_crypto() function
- $this->dlv_msg = _("SMTP STARTTLS is enabled in SquirrelMail configuration, but used PHP version does not support functions that allow to enable encryption on open socket.");
- return 0;
- }
- }
- // FIXME: check ehlo response before using authentication
- if (( $smtp_auth_mech == 'cram-md5') or ( $smtp_auth_mech == 'digest-md5' )) {
- // Doing some form of non-plain auth
- if ($smtp_auth_mech == 'cram-md5') {
- fputs($stream, "AUTH CRAM-MD5\r\n");
- } elseif ($smtp_auth_mech == 'digest-md5') {
- fputs($stream, "AUTH DIGEST-MD5\r\n");
- }
- $tmp = fgets($stream,1024);
- if ($this->errorCheck($tmp,$stream)) {
- return(0);
- }
- // At this point, $tmp should hold "334 <challenge string>"
- $chall = substr($tmp,4);
- // Depending on mechanism, generate response string
- if ($smtp_auth_mech == 'cram-md5') {
- $response = cram_md5_response($user,$pass,$chall);
- } elseif ($smtp_auth_mech == 'digest-md5') {
- $response = digest_md5_response($user,$pass,$chall,'smtp',$host);
- }
- fputs($stream, $response);
- // Let's see what the server had to say about that
- $tmp = fgets($stream,1024);
- if ($this->errorCheck($tmp,$stream)) {
- return(0);
- }
- // CRAM-MD5 is done at this point. If DIGEST-MD5, there's a bit more to go
- if ($smtp_auth_mech == 'digest-md5') {
- // $tmp contains rspauth, but I don't store that yet. (No need yet)
- fputs($stream,"\r\n");
- $tmp = fgets($stream,1024);
- if ($this->errorCheck($tmp,$stream)) {
- return(0);
- }
- }
- // CRAM-MD5 and DIGEST-MD5 code ends here
- } elseif ($smtp_auth_mech == 'none') {
- // No auth at all, just send helo and then send the mail
- // We already said hi earlier, nothing more is needed.
- } elseif ($smtp_auth_mech == 'login') {
- // The LOGIN method
- fputs($stream, "AUTH LOGIN\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- fputs($stream, base64_encode ($user) . "\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- fputs($stream, base64_encode($pass) . "\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- } elseif ($smtp_auth_mech == "plain") {
- /* SASL Plain */
- $auth = base64_encode("$user\0$user\0$pass");
- $query = "AUTH PLAIN\r\n";
- fputs($stream, $query);
- $read=fgets($stream, 1024);
- if (substr($read,0,3) == '334') { // OK so far..
- fputs($stream, "$auth\r\n");
- $read = fgets($stream, 1024);
- }
- $results=explode(" ",$read,3);
- $response=$results[1];
- $message=$results[2];
- } else {
- /* Right here, they've reached an unsupported auth mechanism.
- This is the ugliest hack I've ever done, but it'll do till I can fix
- things up better tomorrow. So tired... */
- if ($this->errorCheck("535 Unable to use this auth type",$stream)) {
- return(0);
- }
- }
- /* Ok, who is sending the message? */
- $fromaddress = ($from->mailbox && $from->host) ?
- $from->mailbox.'@'.$from->host : '';
- fputs($stream, 'MAIL FROM:<'.$fromaddress.">\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- /* send who the recipients are */
- for ($i = 0, $cnt = count($to); $i < $cnt; $i++) {
- if (!$to[$i]->host) $to[$i]->host = $domain;
- if ($to[$i]->mailbox) {
- fputs($stream, 'RCPT TO:<'.$to[$i]->mailbox.'@'.$to[$i]->host.">\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- }
- }
- for ($i = 0, $cnt = count($cc); $i < $cnt; $i++) {
- if (!$cc[$i]->host) $cc[$i]->host = $domain;
- if ($cc[$i]->mailbox) {
- fputs($stream, 'RCPT TO:<'.$cc[$i]->mailbox.'@'.$cc[$i]->host.">\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- }
- }
- for ($i = 0, $cnt = count($bcc); $i < $cnt; $i++) {
- if (!$bcc[$i]->host) $bcc[$i]->host = $domain;
- if ($bcc[$i]->mailbox) {
- fputs($stream, 'RCPT TO:<'.$bcc[$i]->mailbox.'@'.$bcc[$i]->host.">\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- }
- }
- /* Lets start sending the actual message */
- fputs($stream, "DATA\r\n");
- $tmp = fgets($stream, 1024);
- if ($this->errorCheck($tmp, $stream)) {
- return(0);
- }
- return $stream;
- }
- function finalizeStream($stream) {
- fputs($stream, "\r\n.\r\n"); /* end the DATA part */
- $tmp = fgets($stream, 1024);
- $this->errorCheck($tmp, $stream);
- if ($this->dlv_ret_nr != 250) {
- return(0);
- }
- fputs($stream, "QUIT\r\n"); /* log off */
- fclose($stream);
- return true;
- }
- /* check if an SMTP reply is an error and set an error message) */
- function errorCheck($line, $smtpConnection) {
- $err_num = substr($line, 0, 3);
- $this->dlv_ret_nr = $err_num;
- $server_msg = substr($line, 4);
- while(substr($line, 0, 4) == ($err_num.'-')) {
- $line = fgets($smtpConnection, 1024);
- $server_msg .= substr($line, 4);
- }
- if ( ((int) $err_num{0}) < 4) {
- return false;
- }
- switch ($err_num) {
- case '421': $message = _("Service not available, closing channel");
- break;
- case '432': $message = _("A password transition is needed");
- break;
- case '450': $message = _("Requested mail action not taken: mailbox unavailable");
- break;
- case '451': $message = _("Requested action aborted: error in processing");
- break;
- case '452': $message = _("Requested action not taken: insufficient system storage");
- break;
- case '454': $message = _("Temporary authentication failure");
- break;
- case '500': $message = _("Syntax error; command not recognized");
- break;
- case '501': $message = _("Syntax error in parameters or arguments");
- break;
- case '502': $message = _("Command not implemented");
- break;
- case '503': $message = _("Bad sequence of commands");
- break;
- case '504': $message = _("Command parameter not implemented");
- break;
- case '530': $message = _("Authentication required");
- break;
- case '534': $message = _("Authentication mechanism is too weak");
- break;
- case '535': $message = _("Authentication failed");
- break;
- case '538': $message = _("Encryption required for requested authentication mechanism");
- break;
- case '550': $message = _("Requested action not taken: mailbox unavailable");
- break;
- case '551': $message = _("User not local; please try forwarding");
- break;
- case '552': $message = _("Requested mail action aborted: exceeding storage allocation");
- break;
- case '553': $message = _("Requested action not taken: mailbox name not allowed");
- break;
- case '554': $message = _("Transaction failed");
- break;
- default: $message = _("Unknown response");
- break;
- }
- $this->dlv_msg = $message;
- $this->dlv_server_msg = $server_msg;
- return true;
- }
- function authPop($pop_server='', $pop_port='', $user, $pass) {
- if (!$pop_port) {
- $pop_port = 110;
- }
- if (!$pop_server) {
- $pop_server = 'localhost';
- }
- $popConnection = fsockopen($pop_server, $pop_port, $err_no, $err_str);
- if (!$popConnection) {
- error_log("Error connecting to POP Server ($pop_server:$pop_port)"
- . " $err_no : $err_str");
- } else {
- $tmp = fgets($popConnection, 1024); /* banner */
- if (substr($tmp, 0, 3) != '+OK') {
- return(0);
- }
- fputs($popConnection, "USER $user\r\n");
- $tmp = fgets($popConnection, 1024);
- if (substr($tmp, 0, 3) != '+OK') {
- return(0);
- }
- fputs($popConnection, 'PASS ' . $pass . "\r\n");
- $tmp = fgets($popConnection, 1024);
- if (substr($tmp, 0, 3) != '+OK') {
- return(0);
- }
- fputs($popConnection, "QUIT\r\n"); /* log off */
- fclose($popConnection);
- }
- }
- /**
- * Parses ESMTP EHLO response (rfc1869)
- *
- * Reads SMTP response to EHLO command and fills class variables
- * (ehlo array and domain string). Returns last line.
- * @param stream $stream smtp connection stream.
- * @return string last ehlo line
- * @since 1.5.1
- */
- function parse_ehlo_response($stream) {
- // don't cache ehlo information
- $this->ehlo=array();
- $ret = '';
- $firstline = true;
- /**
- * ehlo mailclient.example.org
- * 250-mail.example.org
- * 250-PIPELINING
- * 250-SIZE 52428800
- * 250-DATAZ
- * 250-STARTTLS
- * 250-AUTH LOGIN PLAIN
- * 250 8BITMIME
- */
- while ($line=fgets($stream, 1024)){
- // match[1] = first symbol after 250
- // match[2] = domain or ehlo-keyword
- // match[3] = greeting or ehlo-param
- // match space after keyword in ehlo-keyword CR LF
- if (preg_match("/^250(-|\s)(\S*)\s+(\S.*)\r\n/",$line,$match)||
- preg_match("/^250(-|\s)(\S*)\s*\r\n/",$line,$match)) {
- if ($firstline) {
- // first ehlo line (250[-\ ]domain SP greeting)
- $this->domain = $match[2];
- $firstline=false;
- } elseif (!isset($match[3])) {
- // simple one word extension
- $this->ehlo[strtoupper($match[2])]='';
- } elseif (!preg_match("/\s/",trim($match[3]))) {
- // extension with one option
- // yes, I know about ctype extension. no, i don't want to depend on it
- $this->ehlo[strtoupper($match[2])]=trim($match[3]);
- } else {
- // ehlo-param with spaces
- $this->ehlo[strtoupper($match[2])]=explode(' ',trim($match[3]));
- }
- if ($match[1]==' ') {
- // stop while cycle, if we reach last 250 line
- $ret = $line;
- break;
- }
- } else {
- // this is not 250 response
- $ret = $line;
- break;
- }
- }
- return $ret;
- }
- }
- ?>