There are cases, like email bounces and forwarding, where a remote server may
use an address within our domain as "MAIL FROM".
The current test at MAIL FROM will block them, which can be quite an
inconvenience as those cases are not that rare.
It's a nice test but doesn't add much, as we don't really pass the validation
along, and we still do relay and user checks on RCPT TO.
So this patch removes that test.
It's more convenient and in line with standard practice to fail RCPT TO if the
user does not exist.
This involves making the server and client aware of aliases, but it doesn't
end up being very convoluted, and simplifies other code.
This patch tidies up the Procmail courier:
- Move the configuration options to the courier instance, instead of using
global variables.
- Implement more useful string replacement options.
- Use exec.CommandContext for running the command with a timeout.
As a consequence of the first item, the queue now takes the couriers via its
constructor.
This patch makes the queue read and write items to disk.
It uses protobuf for serialization. We serialize to text format to make
manual troubleshooting easier, as the performance difference is not very
relevant for us.
This patch adds checks that verify:
- The envelope from must match the authenticated user. This prevents
impersonation at the envelope level (while still allowing bounces, of
course).
- If the destination is remote, then the user must have completed
authentication. This prevents unauthorized relaying.
The patch ends up adjusting quite a few tests, as they were not written
considering these restrictions so they have to be changed accordingly.
We want to be able to distinguish between connections for SMTP and connections
for submission, so we can make different policy decisions.
To do that, we first make the configuration aware of the different kinds of
addresses. This is done in this patch in a backwards-incompatible way, but at
this point in time it is ok to do so.
Then, we extend systemd's socket passing library to support socket naming, so
we can tell the different sockets apart. This is done via the
LISTEN_FDNAMES/FileDescriptorName mechanism.
And finally we make the server and connection types aware of the socket mode.
This patch does various minor style and simplification cleanups, fixing things
detected by tools such as go vet, gofmt -s, and golint.
There are no functional changes, this change is purely cosmetic, but will
enable us to run those tools more regularly now that their output is clean.
MAIL FROM commands usually come in the form of:
MAIL FROM:<from@from> BODY=8BITMIME
Note that there's extra parameters after the address, which for now we want to
ignore.
The current parser doesn't ignore them, and relies on mail.ParseAddress doing
so (that is, on mail.ParseAddress("<from> BODY=8BITMIME") working).
However, in go 1.7, the parser will get more strict and start to fail these
cases.
To fix this, we change the way we parse the line to use fmt.Sprintf, which is
much nicer than splitting by hand, and is more readable as well.
This patch implements the AUTH SMTP command, using per-domain user databases.
Note that we don't really use or check the validation for anything, this is
just implementing the command itself.
We implement the VRFY and EXPN commands, but as no-ops. The RFC allows this,
and most implementations seem to do it this way too.
While at it, merge the tests for simple commands like these into one.
This patch introduces a basic, in-memory queue that only holds emails for now.
This slows down the benchmarks because we don't yet have a way to wait for
delivery (even if fake), that will come in later patches.
This patch introduces a basic on disk configuration, comprised of a main
configuration file and per-domain directories.
It's still not complete, but will be extended in subsequent patches.
This patch adds some tests that cover the SMTP commands, including STARTTLS
and various correctness checks.
There are also two simple benchmarks, that are not optimized and are more
useful for stress testing and profiling than anything else.
