--- Makefile.orig	Sat Jul 19 09:20:54 2008
+++ Makefile	Fri May  1 20:13:23 2009
@@ -1595,19 +1595,26 @@
 auto_split.h spf.h
 	./compile qmail-showctl.c
 
+
+qmail-spp.o: \
+compile qmail-spp.c readwrite.h stralloc.h substdio.h control.h str.h \
+byte.h env.h exit.h wait.h fork.h fd.h fmt.h getln.h
+	./compile qmail-spp.c
+ 
+
 qmail-smtpd: \
 load qmail-smtpd.o rcpthosts.o commands.o timeoutread.o \
 timeoutwrite.o ip.o ipme.o ipalloc.o strsalloc.o control.o constmap.o \
 received.o date822fmt.o now.o qmail.o spf.o dns.o cdb.a fd.a wait.a \
 datetime.a getln.a open.a sig.a case.a env.a stralloc.a alloc.a substdio.a \
-error.a str.a fs.a auto_qmail.o base64.o socket.lib dns.lib
+error.a str.a fs.a auto_qmail.o base64.o qmail-spp.o socket.lib dns.lib
 	./load qmail-smtpd rcpthosts.o commands.o timeoutread.o \
 	timeoutwrite.o ip.o ipme.o ipalloc.o strsalloc.o control.o \
 	tls.o ssl_timeoutio.o ndelay.a -L/usr/local/lib -lssl -lcrypto \
 	constmap.o received.o date822fmt.o now.o qmail.o spf.o dns.o cdb.a \
-	fd.a wait.a datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
-	alloc.a substdio.a error.a fs.a auto_qmail.o base64.o \
-	str.a `cat socket.lib` `cat dns.lib`
+	fd.a wait.a datetime.a getln.a open.a sig.a case.a qmail-spp.o \
+	env.a stralloc.a alloc.a substdio.a error.a fs.a auto_qmail.o \
+	base64.o str.a `cat socket.lib` `cat dns.lib`
 
 qmail-smtpd.0: \
 qmail-smtpd.8
@@ -1619,7 +1626,7 @@
 error.h ipme.h ip.h ipalloc.h strsalloc.h ip.h gen_alloc.h ip.h qmail.h \
 substdio.h str.h fmt.h scan.h byte.h case.h env.h now.h datetime.h \
 exit.h rcpthosts.h timeoutread.h timeoutwrite.h commands.h wait.h spf.h \
-fd.h base64.h
+fd.h base64.h qmail-spp.h
 	./compile qmail-smtpd.c
 
 qmail-start: \
--- qmail-smtpd.c.orig	Sat Jul 19 09:47:20 2008
+++ qmail-smtpd.c	Fri May  1 19:56:20 2009
@@ -26,7 +26,9 @@
 #include "wait.h"
 #include "fd.h"
 #include "spf.h"
-
+#include "qmail-spp.h"
+ 
+int spp_val;
 #define AUTHCRAM
 #define MAXHOPS 100
 unsigned int databytes = 0;
@@ -154,6 +156,7 @@
   if (timeout <= 0) timeout = 1;
 
   if (rcpthosts_init() == -1) die_control();
+  if (spp_init() == -1) die_control();
 
   bmfok = control_readfile(&bmf,"control/badmailfrom",0);
   if (bmfok == -1) die_control();
@@ -283,6 +286,7 @@
 
 int seenmail = 0;
 int flagbarf; /* defined if seenmail */
+int allowed;
 int flagbarfspf;
 stralloc spfbarfmsg = {0};
 stralloc mailfrom = {0};
@@ -290,12 +294,14 @@
 
 void smtp_helo(arg) char *arg;
 {
+  if(!spp_helo(arg)) return;
   smtp_greet("250 "); out("\r\n");
   seenmail = 0; dohelo(arg);
 }
 /* ESMTP extensions are published here */
 void smtp_ehlo(arg) char *arg;
 {
+  if(!spp_helo(arg)) return;
   smtp_greet("250-");
 #ifdef AUTHCRAM
 #ifdef TLS
@@ -321,6 +327,7 @@
 }
 void smtp_rset()
 {
+  spp_rset();
   seenmail = 0;
   out("250 flushed\r\n");
 }
@@ -330,6 +337,9 @@
   int r;
 
   if (!addrparse(arg)) { err_syntax(); return; }
+
+  if (!(spp_val = spp_mail())) return;
+  if (spp_val == 1)
   flagbarf = bmfcheck();
   flagbarfspf = 0;
   if (spfbehavior && !relayclient)
@@ -396,14 +406,19 @@
   if (!seenmail) { err_wantmail(); return; }
   if (!addrparse(arg)) { err_syntax(); return; }
   if (flagbarf) { err_bmf(); return; }
+  if (!relayclient) allowed = addrallowed();
+  else allowed = 1;
+  if (!(spp_val = spp_rcpt(allowed))) return;
   if (flagbarfspf) { err_spf(); return; }
   if (relayclient) {
     --addr.len;
     if (!stralloc_cats(&addr,relayclient)) die_nomem();
     if (!stralloc_0(&addr)) die_nomem();
   }
-  else
-    if (!addrallowed()) { err_nogateway(); return; }
+  else if (spp_val == 1) {
+    if (!allowed) { err_nogateway(); return; }
+  }
+  spp_rcpt_accepted();
   if (!stralloc_cats(&rcptto,"T")) die_nomem();
   if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
   if (!stralloc_0(&rcptto)) die_nomem();
@@ -542,6 +557,7 @@
  
   if (!seenmail) { err_wantmail(); return; }
   if (!rcptto.len) { err_wantrcpt(); return; }
+  if (!spp_data()) return;
   seenmail = 0;
   if (databytes) bytestooverflow = databytes + 1;
   if (qmail_open(&qqt) == -1) { err_qqt(); return; }
@@ -549,6 +565,8 @@
   out("354 go ahead\r\n");
  
   received(&qqt,protocol,local,remoteip,remotehost,remoteinfo,fakehelo);
+  qmail_put(&qqt,sppheaders.s,sppheaders.len); /* set in qmail-spp.c */
+  spp_rset();
   spfreceived();
   blast(&hops);
   hops = (hops >= MAXHOPS);
@@ -964,6 +982,7 @@
 
   switch (authcmds[i].fun(arg)) {
     case 0:
+      if (!spp_auth(authcmds[i].text, user.s)) return;
       authd = 1;
       relayclient = "";
       remoteinfo = user.s;
@@ -1006,8 +1025,10 @@
   if (chdir(auto_qmail) == -1) die_control();
   setup();
   if (ipme_init() != 1) die_ipme();
+  if (spp_connect()) {
   smtp_greet("220 ");
   out(" ESMTP\r\n");
+  }
   if (commands(&ssin,&smtpcommands) == 0) die_read();
   die_nomem();
 }