Mirrors/yggmail
1
0
Fork 0
mirror of https://github.com/neilalexander/yggmail.git synced 2026-05-04 11:06:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Validation fixes

Browse Source
This commit is contained in:
Neil Alexander
2021-07-08 22:38:18 +01:00
parent 73ec35d5fa
commit f9ae101d38
4 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -12,7 +12,7 @@ Yggmail is a single-binary all-in-one mail transfer agent which sends and receiv
* All mail exchange traffic between any two Yggmail nodes is always end-to-end encrypted without exception;
* Yggdrasil and Yggmail nodes on the same network are discovered automatically using multicast or you can configure a static Yggdrasil peer.
Email addresses are based on your public key, like `neilalexander@e3bf4665ae1ff714e0112040af8ddfc8e4b664a28e4afa40746e13952550f9ef.yggmail`.
Email addresses are based on your public key, like `neilalexander@1mLp6AtYSE7rYOVDDTPKzasmFgG9BfKOk7aK4xOdZcT.yggmail`.
## Why?

3
internal/smtpsender/sender.go
View File

@@ -94,16 +94,19 @@ func (q *Queue) run() {
defer client.Close()
if err := client.Hello(base62.EncodeToString(q.queues.Config.PublicKey)); err != nil {
q.queues.Log.Println("Remote server", q.destination, "did not accept HELLO:", err)
return fmt.Errorf("client.Hello: %w", err)
}
q.backoff.Store(0)
if err := client.Mail(mail.From, nil); err != nil {
q.queues.Log.Println("Remote server", q.destination, "did not accept MAIL:", err)
return fmt.Errorf("client.Mail: %w", err)
}
if err := client.Rcpt(mail.Rcpt); err != nil {
q.queues.Log.Println("Remote server", q.destination, "did not accept RCPT:", err)
return fmt.Errorf("client.Rcpt: %w", err)
}

5
internal/smtpserver/backend.go
View File

@@ -63,11 +63,12 @@ func (b *Backend) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, err
if err != nil {
return nil, fmt.Errorf("hex.DecodeString: %w", err)
}
if state.Hostname != base62.EncodeToString(pks) {
remote := base62.EncodeToString(pks)
if state.Hostname != remote {
return nil, fmt.Errorf("You are not who you claim to be")
}
b.Log.Println("Incoming SMTP session from", state.RemoteAddr.String())
b.Log.Println("Incoming SMTP session from", remote)
return &SessionRemote{
backend: b,
state: state,

9
internal/smtpserver/session_remote.go
View File

@@ -3,6 +3,7 @@ package smtpserver
import (
"bytes"
"crypto/ed25519"
"encoding/hex"
"fmt"
"io"
"time"
@@ -26,7 +27,13 @@ func (s *SessionRemote) Mail(from string, opts smtp.MailOptions) error {
return fmt.Errorf("mail.ParseAddress: %w", err)
}
if local := s.state.RemoteAddr.String(); local != host {
pks, err := hex.DecodeString(host)
if err != nil {
return fmt.Errorf("hex.DecodeString: %w", err)
}
remote := base62.EncodeToString(pks)
if local := s.state.RemoteAddr.String(); local != remote {
return fmt.Errorf("not allowed to send incoming mail as %s", from)
}