From 9b2bb352b2e3aabacf465d874aea058141406478 Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Mon, 11 Nov 2024 21:52:48 +0000
Subject: [PATCH] smtpsrv: Flag to disable incoming DomainInfo rejection

This flag makes us never reject incoming mail based on DomainInfo
checks, effectively turning the check into a warning.

This can be useful for situations where it's better to accept insecure
email than to reject it.
---
 internal/smtpsrv/conn.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index 8a67e42..2fb88d1 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -72,6 +72,14 @@ var (
 	maxReceivedHeaders = flag.Int("testing__max_received_headers", 50,
 		"max Received headers, for loop detection; ONLY FOR TESTING")
 
+	// Disable incoming domain info rejection. This is insecure, as it allows
+	// connection downgrading attacks.
+	// This flag is experimental and likely to be either removed, or replaced
+	// by a config option.
+	disableDomainInfoIncomingRejection = flag.Bool(
+		"insecure__disable_domain_info_incoming_rejection", false,
+		"disable rejection based on incoming domain info checks; INSECURE")
+
 	// Some go tests disable SPF, to avoid leaking DNS lookups.
 	disableSPFForTesting = false
 )
@@ -559,6 +567,11 @@ func (c *Conn) secLevelCheck(addr string) bool {
 		c.tr.Errorf("security level check for %s failed (%s)", domain, level)
 	}
 
+	if *disableDomainInfoIncomingRejection {
+		c.tr.Debugf("DomainInfo incoming rejection disabled, accepting mail")
+		return true
+	}
+
 	return ok
 }