mirror of
https://github.com/mjl-/mox.git
synced 2025-01-28 07:15:55 +03:00
for submission over IPv6, allow missing "IPv6" tag in ip address (unless in pedantic mode)
an EHLO ipv4 address looks like this: "[1.2.3.4]". for ipv6, the syntax is: "[IPv6🔡:1]". mail user agents aren't as careful in compliance as smtp servers. for incoming messages from smtp servers, we want to be strict (we're eager to find a reason not to accept spam messages, and not adhering to the standards is usually a strong spam signal), but there is no reason to punish authenticated users. for the syntax requirements, see ABNF rule "address-literal" in rfc 5321. for issue #48 by @bobobo1618, thanks!
This commit is contained in:
parent
9c25c88542
commit
70806137da
2 changed files with 16 additions and 6 deletions
|
@ -270,7 +270,7 @@ func (p *parser) xsubdomain() string {
|
||||||
func (p *parser) xmailbox() smtp.Path {
|
func (p *parser) xmailbox() smtp.Path {
|
||||||
localpart := p.xlocalpart()
|
localpart := p.xlocalpart()
|
||||||
p.xtake("@")
|
p.xtake("@")
|
||||||
return smtp.Path{Localpart: localpart, IPDomain: p.xipdomain()}
|
return smtp.Path{Localpart: localpart, IPDomain: p.xipdomain(false)}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ../rfc/5321:2307
|
// ../rfc/5321:2307
|
||||||
|
@ -281,7 +281,7 @@ func (p *parser) xldhstr() string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// parse address-literal or domain.
|
// parse address-literal or domain.
|
||||||
func (p *parser) xipdomain() dns.IPDomain {
|
func (p *parser) xipdomain(isehlo bool) dns.IPDomain {
|
||||||
// ../rfc/5321:2309
|
// ../rfc/5321:2309
|
||||||
// ../rfc/5321:2397
|
// ../rfc/5321:2397
|
||||||
if p.take("[") {
|
if p.take("[") {
|
||||||
|
@ -304,10 +304,20 @@ func (p *parser) xipdomain() dns.IPDomain {
|
||||||
p.xerrorf("invalid ip in address: %q", ipaddr)
|
p.xerrorf("invalid ip in address: %q", ipaddr)
|
||||||
}
|
}
|
||||||
isv4 := ip.To4() != nil
|
isv4 := ip.To4() != nil
|
||||||
|
isAllowedSloppyIPv6Submission := func() bool {
|
||||||
|
// Mail user agents that submit are relatively likely to use IPs in EHLO and forget
|
||||||
|
// that an IPv6 address needs to be tagged as such. We can forgive them. For
|
||||||
|
// SMTP servers we are strict.
|
||||||
|
return isehlo && p.conn.submission && !moxvar.Pedantic && ip.To16() != nil
|
||||||
|
}
|
||||||
if ipv6 && isv4 {
|
if ipv6 && isv4 {
|
||||||
p.xerrorf("ip is not ipv6")
|
p.xerrorf("ip address is not ipv6")
|
||||||
} else if !ipv6 && !isv4 {
|
} else if !ipv6 && !isv4 && !isAllowedSloppyIPv6Submission() {
|
||||||
p.xerrorf("ip is not ipv4")
|
if ip.To16() != nil {
|
||||||
|
p.xerrorf("ip address is ipv6, must use syntax [IPv6:...]")
|
||||||
|
} else {
|
||||||
|
p.xerrorf("ip address is not ipv4")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return dns.IPDomain{IP: ip}
|
return dns.IPDomain{IP: ip}
|
||||||
}
|
}
|
||||||
|
|
|
@ -772,7 +772,7 @@ func (c *conn) cmdHello(p *parser, ehlo bool) {
|
||||||
p.xspace()
|
p.xspace()
|
||||||
var remote dns.IPDomain
|
var remote dns.IPDomain
|
||||||
if ehlo {
|
if ehlo {
|
||||||
remote = p.xipdomain()
|
remote = p.xipdomain(true)
|
||||||
} else {
|
} else {
|
||||||
remote = dns.IPDomain{Domain: p.xdomain()}
|
remote = dns.IPDomain{Domain: p.xdomain()}
|
||||||
if !c.submission {
|
if !c.submission {
|
||||||
|
|
Loading…
Reference in a new issue