mirror of
https://github.com/mjl-/mox.git
synced 2025-01-15 18:06:27 +03:00
smtpserver: allow using an "message from" address from an allowed alias as smtp mail from during submission
mail clients will use these message from addresses also for smtp mail from, so sending over smtp would fail for these cases. for the webmail and webapi they already succeeded since we just took the "message from" address as "smtp mail from" address. for issue #266 by Robby-, thanks for reporting!
This commit is contained in:
parent
d4d2a0fd99
commit
871f70151c
2 changed files with 47 additions and 2 deletions
|
@ -40,6 +40,16 @@ test email
|
||||||
ts.smtpErr(err, nil)
|
ts.smtpErr(err, nil)
|
||||||
})
|
})
|
||||||
|
|
||||||
|
ts.run(func(err error, client *smtpclient.Client) {
|
||||||
|
t.Helper()
|
||||||
|
mailFrom := "public@mox.example" // List address as smtp mail from.
|
||||||
|
rcptTo := "public@mox.example"
|
||||||
|
if err == nil {
|
||||||
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
||||||
|
}
|
||||||
|
ts.smtpErr(err, nil)
|
||||||
|
})
|
||||||
|
|
||||||
msg = strings.ReplaceAll(`From: <private@mox.example>
|
msg = strings.ReplaceAll(`From: <private@mox.example>
|
||||||
To: <private@mox.example>
|
To: <private@mox.example>
|
||||||
Subject: test
|
Subject: test
|
||||||
|
@ -56,6 +66,16 @@ test email
|
||||||
}
|
}
|
||||||
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
ts.run(func(err error, client *smtpclient.Client) {
|
||||||
|
t.Helper()
|
||||||
|
mailFrom := "private@mox.example" // List address as smtp mail from.
|
||||||
|
rcptTo := "private@mox.example"
|
||||||
|
if err == nil {
|
||||||
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
||||||
|
}
|
||||||
|
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Non-member cannot submit as alias that allows it for members.
|
// Non-member cannot submit as alias that allows it for members.
|
||||||
|
@ -97,6 +117,16 @@ test email
|
||||||
}
|
}
|
||||||
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
ts.run(func(err error, client *smtpclient.Client) {
|
||||||
|
t.Helper()
|
||||||
|
mailFrom := "public@mox.example" // List address as message from.
|
||||||
|
rcptTo := "public@mox.example"
|
||||||
|
if err == nil {
|
||||||
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), true, true, false)
|
||||||
|
}
|
||||||
|
ts.smtpErr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Non-member can deliver to public list, not to private list.
|
// Non-member can deliver to public list, not to private list.
|
||||||
|
@ -162,6 +192,18 @@ test email
|
||||||
|
|
||||||
ts.checkCount("Inbox", 2) // Receiving for both mjl@ and móx@.
|
ts.checkCount("Inbox", 2) // Receiving for both mjl@ and móx@.
|
||||||
})
|
})
|
||||||
|
|
||||||
|
ts.run(func(err error, client *smtpclient.Client) {
|
||||||
|
t.Helper()
|
||||||
|
mailFrom := "public@example.org" // List address as message from.
|
||||||
|
rcptTo := "public@mox.example"
|
||||||
|
if err == nil {
|
||||||
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
||||||
|
}
|
||||||
|
ts.smtpErr(err, nil)
|
||||||
|
|
||||||
|
ts.checkCount("Inbox", 4) // Receiving for both mjl@ and móx@.
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Member can deliver to private list, but still not with alias address as message
|
// Member can deliver to private list, but still not with alias address as message
|
||||||
|
|
|
@ -1756,13 +1756,16 @@ func (c *conn) cmdMail(p *parser) {
|
||||||
|
|
||||||
// For submission, check if reverse path is allowed. I.e. authenticated account
|
// For submission, check if reverse path is allowed. I.e. authenticated account
|
||||||
// must have the rpath configured. We do a check again on rfc5322.from during DATA.
|
// must have the rpath configured. We do a check again on rfc5322.from during DATA.
|
||||||
|
// Mail clients may use the alias address as smtp mail from address, so we allow it
|
||||||
|
// for such aliases.
|
||||||
rpathAllowed := func() bool {
|
rpathAllowed := func() bool {
|
||||||
// ../rfc/6409:349
|
// ../rfc/6409:349
|
||||||
if rpath.IsZero() {
|
if rpath.IsZero() {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
accName, _, _, _, err := mox.LookupAddress(rpath.Localpart, rpath.IPDomain.Domain, false, false)
|
|
||||||
return err == nil && accName == c.account.Name
|
from := smtp.NewAddress(rpath.Localpart, rpath.IPDomain.Domain)
|
||||||
|
return mox.AllowMsgFrom(c.account.Name, from)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !c.submission && !rpath.IPDomain.Domain.IsZero() {
|
if !c.submission && !rpath.IPDomain.Domain.IsZero() {
|
||||||
|
|
Loading…
Reference in a new issue