smtpsrv: Close the connection after 3 errors (lowering from 10)

Today, we close the connection after 10 errors. While this is fine for normal use, it is unnecessarily large. Lowering it to 3 helps with defense-in-depth for cross-protocol attacks (e.g. https://alpaca-attack.com/), while still being large enough for useful troubleshooting and normal operation. As part of this change, we also remove the AUTH-specific failures limit, because they're covered by the connection limit.
2025-12-23 15:37:01 +00:00 · 2021-06-10 18:41:28 +01:00
parent 44eb0b903a
commit 85305f4bd9
7 changed files with 62 additions and 26 deletions
--- a/test/t-12-minor_dialogs/auth_multi_dialog.cmy
+++ b/test/t-12-minor_dialogs/auth_multi_dialog.cmy
@@ -13,6 +13,13 @@ c <~ 334
 c -> dXNlckB0ZXN0c2VydmVyAHlalala==
 c <~ 501 5.5.2 Error decoding AUTH response

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tls_connect localhost:1465
+c <~ 220
+c -> EHLO localhost
+c <... 250 HELP
+
 c -> AUTH PLAIN
 c <~ 334
 c -> dXNlckB0ZXN0c2VydmVyAHVzZXJAdGVzdHNlcnZlcgB3cm9uZ3Bhc3N3b3Jk
--- a/test/t-12-minor_dialogs/auth_too_many_failures.cmy
+++ b/test/t-12-minor_dialogs/auth_too_many_failures.cmy
@@ -10,9 +10,5 @@ c <~ 501
 c -> AUTH PLAIN something
 c <~ 501
 c -> AUTH PLAIN something
-c <~ 501
-c -> AUTH PLAIN something
-c <~ 501
-c -> AUTH PLAIN something
-c <~ 503 5.7.8 Too many attempts, go away
+c <~ 421 4.5.0 Too many errors, bye

--- a/test/t-12-minor_dialogs/bad_data.cmy
+++ b/test/t-12-minor_dialogs/bad_data.cmy
@@ -11,6 +11,13 @@ c <~ 250
 c -> DATA
 c <- 503 5.5.1 Sender not yet given

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tcp_connect localhost:1025
+c <~ 220
+c -> HELO localhost
+c <~ 250
+
 c -> MAIL FROM:<a@b>
 c <~ 250
 c -> RCPT TO: user@testserver
--- a/test/t-12-minor_dialogs/bad_mail_from.cmy
+++ b/test/t-12-minor_dialogs/bad_mail_from.cmy
@@ -10,11 +10,25 @@ c <- 500 5.5.2 Unknown command
 c -> MAIL FROM:
 c <~ 500

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tcp_connect localhost:1025
+c <~ 220
+c -> HELO localhost
+c <~ 250
+
 c -> MAIL FROM:<pepe>
 c <~ 501

 c -> MAIL FROM:<a@xn--->
 c <- 501 5.1.8 Malformed sender domain (IDNA conversion failed)

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tcp_connect localhost:1025
+c <~ 220
+c -> HELO localhost
+c <~ 250
+
 c -> MAIL FROM:<aaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaX@bbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbX>
 c <- 501 5.1.7 Sender address too long
--- a/test/t-12-minor_dialogs/bad_rcpt_to.cmy
+++ b/test/t-12-minor_dialogs/bad_rcpt_to.cmy
@@ -13,12 +13,30 @@ c <- 500 5.5.2 Unknown command
 c -> RCPT TO:
 c <~ 500

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tcp_connect localhost:1025
+c <~ 220
+c -> HELO localhost
+c <~ 250
+c -> MAIL FROM:<test@testy.com>
+c <~ 250
+
 c -> RCPT TO:<pepe>
 c <~ 501

 c -> RCPT TO:<a@xn--->
 c <- 501 5.1.2 Malformed destination domain (IDNA conversion failed)

+# Reconnect to avoid getting rejected due to too many errors.
+c close
+c tcp_connect localhost:1025
+c <~ 220
+c -> HELO localhost
+c <~ 250
+c -> MAIL FROM:<test@testy.com>
+c <~ 250
+
 c -> RCPT TO:<henryⅣ@testserver>
 c <- 550 5.1.3 Destination address is invalid