mirror of
https://github.com/mjl-/mox.git
synced 2024-12-27 08:53:48 +03:00
960a51242d
the members must currently all be addresses of local accounts. a message sent to an alias is accepted if at least one of the members accepts it. if no members accepts it (e.g. due to bad reputation of sender), the message is rejected. if a message is submitted to both an alias addresses and to recipients that are members of the alias in an smtp transaction, the message will be delivered to such members only once. the same applies if the address in the message from-header is the address of a member: that member won't receive the message (they sent it). this prevents duplicate messages. aliases have three configuration options: - PostPublic: whether anyone can send through the alias, or only members. members-only lists can be useful inside organizations for internal communication. public lists can be useful for support addresses. - ListMembers: whether members can see the addresses of other members. this can be seen in the account web interface. in the future, we could export this in other ways, so clients can expand the list. - AllowMsgFrom: whether messages can be sent through the alias with the alias address used in the message from-header. the webmail knows it can use that address, and will use it as from-address when replying to a message sent to that address. ideas for the future: - allow external addresses as members. still with some restrictions, such as requiring a valid dkim-signature so delivery has a chance to succeed. will also need configuration of an admin that can receive any bounces. - allow specifying specific members who can sent through the list (instead of all members). for github issue #57 by hmfaysal. also relevant for #99 by naturalethic. thanks to damir & marin from sartura for discussing requirements/features.
292 lines
8.3 KiB
Go
292 lines
8.3 KiB
Go
package smtpserver
|
|
|
|
import (
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/mjl-/bstore"
|
|
|
|
"github.com/mjl-/mox/dns"
|
|
"github.com/mjl-/mox/smtp"
|
|
"github.com/mjl-/mox/smtpclient"
|
|
"github.com/mjl-/mox/store"
|
|
)
|
|
|
|
// Check user can submit message with message From address they are member of.
|
|
func TestAliasSubmitMsgFrom(t *testing.T) {
|
|
ts := newTestServer(t, filepath.FromSlash("../testdata/smtp/mox.conf"), dns.MockResolver{})
|
|
defer ts.close()
|
|
|
|
ts.submission = true
|
|
ts.user = "mjl@mox.example"
|
|
ts.pass = password0
|
|
|
|
var msg = strings.ReplaceAll(`From: <public@mox.example>
|
|
To: <public@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "public@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, nil)
|
|
})
|
|
|
|
msg = strings.ReplaceAll(`From: <private@mox.example>
|
|
To: <private@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
|
})
|
|
}
|
|
|
|
// Non-member cannot submit as alias that allows it for members.
|
|
func TestAliasSubmitMsgFromDenied(t *testing.T) {
|
|
ts := newTestServer(t, filepath.FromSlash("../testdata/smtp/mox.conf"), dns.MockResolver{})
|
|
defer ts.close()
|
|
|
|
acc, err := store.OpenAccount(pkglog, "☺")
|
|
tcheck(t, err, "open account")
|
|
err = acc.SetPassword(pkglog, password0)
|
|
tcheck(t, err, "set password")
|
|
err = acc.Close()
|
|
tcheck(t, err, "close account")
|
|
acc.CheckClosed()
|
|
|
|
ts.submission = true
|
|
ts.user = "☺@mox.example"
|
|
ts.pass = password0
|
|
|
|
var msg = strings.ReplaceAll(`From: <public@mox.example>
|
|
To: <public@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "☺@mox.example"
|
|
rcptTo := "public@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), true, true, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7DeliveryUnauth1})
|
|
})
|
|
}
|
|
|
|
// Non-member can deliver to public list, not to private list.
|
|
func TestAliasDeliverNonMember(t *testing.T) {
|
|
resolver := dns.MockResolver{
|
|
A: map[string][]string{
|
|
"example.org.": {"127.0.0.10"}, // For mx check.
|
|
},
|
|
PTR: map[string][]string{
|
|
"127.0.0.10": {"example.org."}, // To get passed junk filter.
|
|
},
|
|
}
|
|
ts := newTestServer(t, filepath.FromSlash("../testdata/smtp/mox.conf"), resolver)
|
|
defer ts.close()
|
|
|
|
var msg = strings.ReplaceAll(`From: <other@example.org>
|
|
To: <private@mox.example>
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "other@example.org"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7ExpnProhibited2})
|
|
})
|
|
|
|
msg = strings.ReplaceAll(`From: <private@mox.example>
|
|
To: <private@mox.example>
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "private@example.org"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7ExpnProhibited2})
|
|
})
|
|
|
|
msg = strings.ReplaceAll(`From: <other@example.org>
|
|
To: <public@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "other@example.org"
|
|
rcptTo := "public@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, nil)
|
|
|
|
ts.checkCount("Inbox", 2) // Receiving for both mjl@ and móx@.
|
|
})
|
|
}
|
|
|
|
// Member can deliver to private list, but still not with alias address as message
|
|
// from. Message with alias from address as message from is allowed.
|
|
func TestAliasDeliverMember(t *testing.T) {
|
|
resolver := dns.MockResolver{
|
|
A: map[string][]string{
|
|
"mox.example.": {"127.0.0.10"}, // For mx check.
|
|
},
|
|
PTR: map[string][]string{
|
|
"127.0.0.10": {"mox.example."}, // To get passed junk filter.
|
|
},
|
|
TXT: map[string][]string{
|
|
"mox.example.": {"v=spf1 ip4:127.0.0.10 -all"}, // To allow multiple recipients in transaction.
|
|
},
|
|
}
|
|
ts := newTestServer(t, filepath.FromSlash("../testdata/smtp/mox.conf"), resolver)
|
|
defer ts.close()
|
|
|
|
var msg = strings.ReplaceAll(`From: <mjl@mox.example>
|
|
To: <private@mox.example>
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := []string{"private@mox.example", "móx@mox.example"}
|
|
if err == nil {
|
|
_, err = client.DeliverMultiple(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), true, true, false)
|
|
// assuming there wasn't a per-recipient error
|
|
}
|
|
ts.smtperr(err, nil)
|
|
|
|
ts.checkCount("Inbox", 0) // Not receiving for mjl@ due to msgfrom, and not móx@ due to rcpt to.
|
|
})
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, nil)
|
|
|
|
ts.checkCount("Inbox", 1) // Only receiving for móx@mox.example, not mjl@.
|
|
})
|
|
|
|
msg = strings.ReplaceAll(`From: <private@mox.example>
|
|
To: <private@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "other@mox.example"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Permanent: true, Code: smtp.C550MailboxUnavail, Secode: smtp.SePol7ExpnProhibited2})
|
|
})
|
|
|
|
msg = strings.ReplaceAll(`From: <public@mox.example>
|
|
To: <public@mox.example>
|
|
Subject: test
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "public@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, nil)
|
|
})
|
|
}
|
|
|
|
// Message is rejected if no member accepts it.
|
|
func TestAliasDeliverReject(t *testing.T) {
|
|
resolver := dns.MockResolver{
|
|
A: map[string][]string{
|
|
"mox.example.": {"127.0.0.10"}, // For mx check.
|
|
},
|
|
PTR: map[string][]string{
|
|
"127.0.0.10": {"mox.example."}, // To get passed junk filter.
|
|
},
|
|
TXT: map[string][]string{
|
|
"mox.example.": {"v=spf1 ip4:127.0.0.10 -all"}, // To allow multiple recipients in transaction.
|
|
},
|
|
}
|
|
ts := newTestServer(t, filepath.FromSlash("../testdata/smtp/mox.conf"), resolver)
|
|
defer ts.close()
|
|
|
|
var msg = strings.ReplaceAll(`From: <mjl@mox.example>
|
|
To: <private@mox.example>
|
|
|
|
test email
|
|
`, "\n", "\r\n")
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, nil)
|
|
|
|
ts.checkCount("Inbox", 1) // Only receiving for móx@mox.example, not mjl@.
|
|
})
|
|
|
|
// Mark message as junk.
|
|
q := bstore.QueryDB[store.Message](ctxbg, ts.acc.DB)
|
|
n, err := q.UpdateFields(map[string]any{"Junk": true})
|
|
tcheck(t, err, "mark as junk")
|
|
tcompare(t, n, 1)
|
|
|
|
ts.run(func(err error, client *smtpclient.Client) {
|
|
t.Helper()
|
|
mailFrom := "mjl@mox.example"
|
|
rcptTo := "private@mox.example"
|
|
if err == nil {
|
|
err = client.Deliver(ctxbg, mailFrom, rcptTo, int64(len(msg)), strings.NewReader(msg), false, false, false)
|
|
}
|
|
ts.smtperr(err, &smtpclient.Error{Code: smtp.C451LocalErr, Secode: smtp.SeSys3Other0})
|
|
})
|
|
}
|