courier: Fix SMTP outgoing security level check

The outgoing security level checks are not being performed, because of a
bug: the courier thinks the "to"'s domain is always empty.

This patch fixes the bug by simplifying the logic, as there's no need
for the conditional (there is always a domain in the "to" address if it
got to the SMTP courier).

internal/courier/smtp.go

@@ -43,11 +43,12 @@ type SMTP struct {
 
 func (s *SMTP) Deliver(from string, to string, data []byte) (error, bool) {
 	a := &attempt{
-		courier: s,
+		courier:  s,
-		from:    from,
+		from:     from,
-		to:      to,
+		to:       to,
-		data:    data,
+		toDomain: envelope.DomainOf(to),
-		tr:      trace.New("Courier.SMTP", to),
+		data:     data,
+		tr:       trace.New("Courier.SMTP", to),
 	}
 	defer a.tr.Finish()
 	a.tr.Debugf("%s  ->  %s", from, to)
@@ -57,8 +58,7 @@ func (s *SMTP) Deliver(from string, to string, data []byte) (error, bool) {
 		a.from = ""
 	}
 
-	toDomain := envelope.DomainOf(to)
+	mxs, err := lookupMXs(a.tr, a.toDomain)
-	mxs, err := lookupMXs(a.tr, toDomain)
 	if err != nil || len(mxs) == 0 {
 		// Note this is considered a permanent error.
 		// This is in line with what other servers (Exim) do. However, the
@@ -163,7 +163,7 @@ retry:
 		a.tr.Debugf("Insecure - NOT using TLS")
 	}
 
-	if a.toDomain != "" && !a.courier.Dinfo.OutgoingSecLevel(a.toDomain, secLevel) {
+	if !a.courier.Dinfo.OutgoingSecLevel(a.toDomain, secLevel) {
 		// We consider the failure transient, so transient misconfigurations
 		// do not affect deliveries.
 		slcResults.Add("fail", 1)

test/t-09-loop/run.sh

@@ -41,4 +41,12 @@ while sleep 0.1; do
 	fi
 done
 
+# Test that A has outgoing domaininfo for srv-b.
+# This is unrelated to the loop itself, but serves as an end-to-end
+# verification that outgoing domaininfo works.
+if ! grep -q "outgoing_sec_level: TLS_INSECURE" ".data-A/domaininfo/s:srv-b";
+then
+	fail "A is missing the domaininfo for srv-b"
+fi
+
 success