courier: Fix SMTP outgoing security level check

The outgoing security level checks are not being performed, because of a bug: the courier thinks the "to"'s domain is always empty. This patch fixes the bug by simplifying the logic, as there's no need for the conditional (there is always a domain in the "to" address if it got to the SMTP courier).
2025-12-17 14:37:02 +00:00 · 2017-07-14 00:39:23 +01:00
parent a85ba1252b
commit a016d78515
2 changed files with 16 additions and 8 deletions
--- a/internal/courier/smtp.go
+++ b/internal/courier/smtp.go
@@ -46,6 +46,7 @@ func (s *SMTP) Deliver(from string, to string, data []byte) (error, bool) {
 		courier:  s,
 		from:     from,
 		to:       to,
+		toDomain: envelope.DomainOf(to),
 		data:     data,
 		tr:       trace.New("Courier.SMTP", to),
 	}
@@ -57,8 +58,7 @@ func (s *SMTP) Deliver(from string, to string, data []byte) (error, bool) {
 		a.from = ""
 	}

-	toDomain := envelope.DomainOf(to)
-	mxs, err := lookupMXs(a.tr, toDomain)
+	mxs, err := lookupMXs(a.tr, a.toDomain)
 	if err != nil || len(mxs) == 0 {
 		// Note this is considered a permanent error.
 		// This is in line with what other servers (Exim) do. However, the
@@ -163,7 +163,7 @@ retry:
 		a.tr.Debugf("Insecure - NOT using TLS")
 	}

-	if a.toDomain != "" && !a.courier.Dinfo.OutgoingSecLevel(a.toDomain, secLevel) {
+	if !a.courier.Dinfo.OutgoingSecLevel(a.toDomain, secLevel) {
 		// We consider the failure transient, so transient misconfigurations
 		// do not affect deliveries.
 		slcResults.Add("fail", 1)
--- a/test/t-09-loop/run.sh
+++ b/test/t-09-loop/run.sh
@@ -41,4 +41,12 @@ while sleep 0.1; do
 	fi
 done

+# Test that A has outgoing domaininfo for srv-b.
+# This is unrelated to the loop itself, but serves as an end-to-end
+# verification that outgoing domaininfo works.
+if ! grep -q "outgoing_sec_level: TLS_INSECURE" ".data-A/domaininfo/s:srv-b";
+then
+	fail "A is missing the domaininfo for srv-b"
+fi
+
 success