Like the Terminal Server, don't count authenticated connections against the MaxConcurrentConnections limit.

Only authenticated users with passwords (not Guest) count as authenticated connections.

This might not be so great for IPv6 connections (let me know).

Also, use macro for the maximum received SMTP bad command magic number.

Fix-up the sender and recipient info included in log messages in the sendmail thread too.

Bumped rev to 1.735.

Weird that no mail server has ever complained; I guess they're all prettty
"liberal in what they accept".

Also, eliminated an unnecessary strcpy() call.

The mail (SMTP) server is a popular target of bots. Impose a maximum-concurrent-connections limit (optionally). Similar to the terminal server option, except, don't deduct the number of authenticated connections (I can add something like that if desired). The new config option is [mail] MaxConcurrentConnections in the ctrl/sbbs.ini (defaults to 0, no maximum).

Fixed error responses in mail_server accept loop: was always sending POP3 error responses even if the connection was SMTP.

Cleaned-up the service/port checking/logging in the mail_server accept loop: no strcmp() needed, log the protocol name (e.g. "SMTPS") instead of the service name (e.g. "submissions").

Also, if getuserdat() fails, don't count that as a failed login attempt.
Also, track username and password of failed-login attempts of deleted or inactive user accounts.

active_clients is destroyed in cleanup(), so it must be re-initialized inside
the server init/recycle loop.

Fix reported and observed crash in cleanup() (in ftp, mail, websrvr)
when failing to create the temp directory. This was due to cleanup()
being called before the protected integer "active_clients" was
initialized.

Also, md() needs to return the errno value (not a BOOL) since the
caller may be in another DLL with a different errno (which likely
has a value of 0/no error).

... in other non sbbs.dll modules (e.g. *srvr.dll).

So now log error messages elsewhere where appropriate.

DLL-exported and optimized md() a bit.

Eliminate the hack in each server where it will over-write startup host_name
(with the configured Internet email address), if it's blank. This hack was
subject to a race condition where the parent app (e.g. sbbsctrl.exe) would
clear or re-initialize the host_name after the sever threads had initialized.
Instead, just use a function which will return either the startup->host_name
or (fallback to) scfg.inet_addr.

Add another "get cryptlib error string" (at least, that's what I assume GCES
stands for) that allows the log level to be specified, rather than derived
from Cryptlib thinks the log level should be. Do this rather than adding one
(lowering the severity) of every cryptlib log message as I did in the previous
commit to this file.

(e.g. errors become warnings) - I'm tired of seeing this in my
error.log every day:
SEND/TLS ... ERROR 'Received TLS alert message: Handshake failure' (-15) setting session active

The problem: the sysop (me) is not notified of critical errors (e.g. synchro.net zone file problems) in a timely manner.
Part of the solution: notify a configured user (e.g. user #1) via short-message/telegram and email/netmail logged-errors when messages of a configured severity (e.g. "Critical") are logged.
The second part of the solution (coming next) will be allowing timed events to log a message of a configurable severity logged when the event fails (returns a non-zero error level to sbbs).

I'm saving the error-notification-user-number and log-severity as part of the node.cnf file because:
- that's where the validation user number is already set
- I can conceive of a large system were certain node ranges (different instances of sbbs) might want different operators to be notified of logged-errors

This also means I eliminated all the legacy com port/modem stuff from the end of the node.cnf file. None of that is used in sbbs v3.

Also included in this commit are improvements around logging:
- reduce the severity of UDP recvfrom failures in services
- a more detailed log message when the mail server successfully delivers an email (via SMTP) - easier to answer the question: was that email you/they sent delivered successfully?

FTN Reply-IDs are not added here (yet).

SEND using auto-detected DNS server address: 2001:4860:4860::
!SEND INVALID DNS server address: 2001:4860:4860::
Fix off-by-one buffer overflow while at it.

SCFG for Win32 is linked against a load_cfg lib that builds withOUT SCFG defined, so these compiled AR elements were allocated and then many SCFG operations (e.g. copy/paste, create new) would copy the allocated ARs to another configuration and then be subjected to double-free upon exit/clean-up (resulting in exception or crash).
Just get rid of this cruft and some other related RAM-byte-saving hold-overs from the MS-DOS days.

*always* set the KILLSENT attribute flag on email/netmail received for relay via SMTP (regardless of the Internet/Fido netmail setting in SCFG).
The sender should already have a copy (e.g. in their outbox), if they want to keep it.

MSG_SENT is in the netattr field, not the attr field. Double-oops. Thanks Dan_C and Nelgin for bringing to my attention.

Set the KILLSENT network attribute for created Internet email messages when enabled in SCFG->Networks->Internet (new option).
Do the same for FidoNet NetMail messages routed via SMTP.
Only auto-delete sent Internet mail messges when either the KILLSENT
network attribute flag is set or there was no SENDEREXT (from_ext) on the sent message.

the net-attributes header fields.

MIME-decoded header fields not to be handled appropriately in the mail server.

(new) scfg_t.text member. This will make it much easier for non-Terminal Server
JS modules (and the functions they execute) make use of the text.dat strings.

If the RECIPIENTTOLIST header fields exists and the RFC822 header field
does not exist, that means the original RFC822 "To" field was not MIME-encoded,
which is the majority of email. The routine that converted an smbmsg_t to an
RFC822 header did not use this new field however (ignored it). Whoops. So
multiple recipients were reflect in the To field and the original destination
address(es) in the To field weren't passed on either. Thanks, Frank!

is actually an authenticated local user (when usernum != 0).

msg_client_hfields() no longer saves the client->user as the SMB SENDERUSERID
hfield when the client hasn't been authenticated (as is the case with normal
SMTP). The SENDUSERIDs were redundant and misleading for unauthenticated
SMTP-received mail messages, so that's now fixed.

in-place or by also copying to a new string in the process.

Don't string "soft-CRs" (0x8d) from UTF-8 encoded FTN messages, ever.

Default strip_soft_cr SBBSecho setting to true/on.

name. This is a fix for "From", but "To" and "CC" header fields would need
a similar fix (not included in this commit).

We don't yet support UTF-8 in node/user messages.

(ctrl/node.dab) is constantly closed and re-opened for every non-locking read.
This is really slow across network file systems and unnecessary, so use a
similar optimization as the C++ sbbs_t class where the file can (and normally
is) left open across multiple consecutive reads.
Create/use opennodedat() function.
Uses the new CLOSE_OPEN_FILE() macro from xpdev/filewrap.h.

is being forwarded to an external email address. Introduced in rev 1.690,
user-forwarded emails wouldn't work because sending envelope would contain
the original forward-path. Thanks again to Alterego (ALTERANT) for testing
this stuff and reporting issues with detail!