courier: Use the hostname in SMTP HELO

The SMTP courier, which handles outgoing connections, uses the domain of
the envelope's from as the domain in the HELO/EHLO greeting.

This works fine in practice, but ideally the domain used in the greeting
should match the reverse DNS record. This used to be more relevant but
nowadays it is not really enforced; however, it sometimes comes up in
self checks, and might cause some confusion when troubleshooting.

So this patch makes it use the configured hostname instead, which is
under the users' control and more likely to be compliant. It also
simplifies the code.

The documentation of the hostname configuration option is also updated
to mention this behaviour.

Thanks to Jonas Seydel (thor77) for bringing this up.

internal/courier/smtp.go

@@ -6,7 +6,6 @@ import (
 	"expvar"
 	"flag"
 	"net"
-	"os"
 	"time"
 
 	"golang.org/x/net/idna"
@@ -45,8 +44,9 @@ var (
 
 // SMTP delivers remote mail via outgoing SMTP.
 type SMTP struct {
-	Dinfo    *domaininfo.DB
-	STSCache *sts.PolicyCache
+	HelloDomain string
+	Dinfo       *domaininfo.DB
+	STSCache    *sts.PolicyCache
 }
 
 // Deliver an email. On failures, returns an error, and whether or not it is
@@ -77,17 +77,6 @@ func (s *SMTP) Deliver(from string, to string, data []byte) (error, bool) {
 		return a.tr.Errorf("Could not find mail server: %v", err), perm
 	}
 
-	// Issue an EHLO with a valid domain; otherwise, some servers like postfix
-	// will complain.
-	a.helloDomain, err = idna.ToASCII(envelope.DomainOf(from))
-	if err != nil {
-		return a.tr.Errorf("Sender domain not IDNA compliant: %v", err), true
-	}
-	if a.helloDomain == "" {
-		// This can happen when sending bounces. Last resort.
-		a.helloDomain, _ = os.Hostname()
-	}
-
 	a.stsPolicy = s.fetchSTSPolicy(a.tr, a.toDomain)
 
 	for _, mx := range mxs {
@@ -118,8 +107,7 @@ type attempt struct {
 	to   string
 	data []byte
 
-	toDomain    string
-	helloDomain string
+	toDomain string
 
 	stsPolicy *sts.Policy
 
@@ -145,7 +133,7 @@ retry:
 		return a.tr.Errorf("Error creating client: %v", err), false
 	}
 
-	if err = c.Hello(a.helloDomain); err != nil {
+	if err = c.Hello(a.courier.HelloDomain); err != nil {
 		return a.tr.Errorf("Error saying hello: %v", err), false
 	}
 

internal/courier/smtp_test.go

@@ -36,7 +36,7 @@ func newSMTP(t *testing.T) (*SMTP, string) {
 		t.Fatal(err)
 	}
 
-	return &SMTP{dinfo, nil}, dir
+	return &SMTP{"hello", dinfo, nil}, dir
 }
 
 // Fake server, to test SMTP out.
@@ -94,7 +94,7 @@ func TestSMTP(t *testing.T) {
 
 	responses := map[string]string{
 		"_welcome":          "220 welcome\n",
-		"EHLO me":           "250 ehlo ok\n",
+		"EHLO hello":        "250 ehlo ok\n",
 		"MAIL FROM:<me@me>": "250 mail ok\n",
 		"RCPT TO:<to@to>":   "250 rcpt ok\n",
 		"DATA":              "354 send data\n",
@@ -140,14 +140,14 @@ func TestSMTPErrors(t *testing.T) {
 		// MAIL FROM not allowed.
 		{
 			"_welcome":          "220 mail from not allowed\n",
-			"EHLO me":           "250 ehlo ok\n",
+			"EHLO hello":        "250 ehlo ok\n",
 			"MAIL FROM:<me@me>": "501 mail error\n",
 		},
 
 		// RCPT TO not allowed.
 		{
 			"_welcome":          "220 rcpt to not allowed\n",
-			"EHLO me":           "250 ehlo ok\n",
+			"EHLO hello":        "250 ehlo ok\n",
 			"MAIL FROM:<me@me>": "250 mail ok\n",
 			"RCPT TO:<to@to>":   "501 rcpt error\n",
 		},
@@ -155,7 +155,7 @@ func TestSMTPErrors(t *testing.T) {
 		// DATA error.
 		{
 			"_welcome":          "220 data error\n",
-			"EHLO me":           "250 ehlo ok\n",
+			"EHLO hello":        "250 ehlo ok\n",
 			"MAIL FROM:<me@me>": "250 mail ok\n",
 			"RCPT TO:<to@to>":   "250 rcpt ok\n",
 			"DATA":              "554 data error\n",
@@ -164,7 +164,7 @@ func TestSMTPErrors(t *testing.T) {
 		// DATA response error.
 		{
 			"_welcome":          "220 data response error\n",
-			"EHLO me":           "250 ehlo ok\n",
+			"EHLO hello":        "250 ehlo ok\n",
 			"MAIL FROM:<me@me>": "250 mail ok\n",
 			"RCPT TO:<to@to>":   "250 rcpt ok\n",
 			"DATA":              "354 send data\n",