Author: bago
Date: Sun Dec 31 08:54:40 2006
New Revision: 491442
URL: http://svn.apache.org/viewvc?view=rev&rev=491442
Log:
Moved RcptCmdHandler checks to separate RcptHook (configured by default in the
CoreHandlers)
Added:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java
(with props)
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java
(with props)
Modified:
james/server/sandbox/handlerapi-experiment/TODO
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/CoreCmdHandlerLoader.java
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/RcptCmdHandler.java
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/filter/fastfail/DNSRBLHandler.java
james/server/sandbox/handlerapi-experiment/src/test/org/apache/james/smtpserver/SMTPServerTest.java
Modified: james/server/sandbox/handlerapi-experiment/TODO
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/TODO?view=diff&rev=491442&r1=491441&r2=491442
==============================================================================
--- james/server/sandbox/handlerapi-experiment/TODO (original)
+++ james/server/sandbox/handlerapi-experiment/TODO Sun Dec 31 08:54:40 2006
@@ -2,3 +2,7 @@
- Find a way to handle the old JunkHandlerScore stuff
- Check DataCmdHandler for correct clean-up on every exceptions
- Move abuse/postmaster tests from ResolvableEhloHeloHandlerTest to a generic
SMTPServer compliance test
+- on Rcpt message reject, the original code was logging a lot of informations.
Maybe we should change the Hook callers to do something similar (in
RcptCmdHandler create a log string including context() call)
+- Check AuthRequiredToRelayRcptHook to see if it is correct to return
different SMTP codes if Auth is announced (for relaying denied)
+- Remove CURRENT_RECIPIENT key from state usage: I think we don't use it
anymore but in tests.
+- Check why testDNSRBLRehectWorks was expecting 550, while we return now 554
(or maybe we should return 530, but not 550).
Added:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java?view=auto&rev=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java
(added)
+++
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java
Sun Dec 31 08:54:40 2006
@@ -0,0 +1,67 @@
+/****************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one *
+ * or more contributor license agreements. See the NOTICE file *
+ * distributed with this work for additional information *
+ * regarding copyright ownership. The ASF licenses this file *
+ * to you under the Apache License, Version 2.0 (the *
+ * "License"); you may not use this file except in compliance *
+ * with the License. You may obtain a copy of the License at *
+ * *
+ * http://www.apache.org/licenses/LICENSE-2.0 *
+ * *
+ * Unless required by applicable law or agreed to in writing, *
+ * software distributed under the License is distributed on an *
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
+ * KIND, either express or implied. See the License for the *
+ * specific language governing permissions and limitations *
+ * under the License. *
+ ****************************************************************/
+package org.apache.james.smtpserver.core;
+
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.james.smtpserver.SMTPSession;
+import org.apache.james.smtpserver.hook.HookResult;
+import org.apache.james.smtpserver.hook.HookReturnCode;
+import org.apache.james.smtpserver.hook.RcptHook;
+import org.apache.james.util.mail.SMTPRetCode;
+import org.apache.james.util.mail.dsn.DSNStatus;
+import org.apache.mailet.MailAddress;
+
+/**
+ * Handler which whitelist "postmaster" and "abuse" recipients.
+ */
+public class AuthRequiredToRelayRcptHook extends AbstractLogEnabled implements
+ RcptHook {
+
+ /**
+ * @see
org.apache.james.smtpserver.hook.RcptHook#doRcpt(org.apache.james.smtpserver.SMTPSession,
+ * org.apache.mailet.MailAddress, org.apache.mailet.MailAddress)
+ */
+ public HookResult doRcpt(SMTPSession session, MailAddress sender,
+ MailAddress rcpt) {
+ if (!session.isRelayingAllowed()) {
+ String toDomain = rcpt.getHost();
+ if
(!session.getConfigurationData().getMailServer().isLocalServer(toDomain)) {
+ if (session.isAuthRequired()) {
+ if (session.getUser() == null) {
+ return new HookResult(HookReturnCode.DENY,
+ SMTPRetCode.AUTH_REQUIRED, DSNStatus.getStatus(
+ DSNStatus.PERMANENT,
+ DSNStatus.SECURITY_AUTH)
+ + " Authentication Required");
+ }
+ } else {
+ return new HookResult(
+ HookReturnCode.DENY,
+ SMTPRetCode.MAILBOX_PERM_UNAVAILABLE,
+ DSNStatus.getStatus(DSNStatus.PERMANENT,
+ DSNStatus.SECURITY_AUTH)
+ + " Requested action not taken: relaying
denied");
+ }
+ }
+
+ }
+ return new HookResult(HookReturnCode.DECLINED);
+ }
+
+}
Propchange:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/AuthRequiredToRelayRcptHook.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/CoreCmdHandlerLoader.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/CoreCmdHandlerLoader.java?view=diff&rev=491442&r1=491441&r2=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/CoreCmdHandlerLoader.java
(original)
+++
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/CoreCmdHandlerLoader.java
Sun Dec 31 08:54:40 2006
@@ -47,6 +47,8 @@
private final Object SENDMAILHANDLER = SendMailHandler.class.getName();
private final Object USERSREPOSITORYAUTHHANDLER =
UsersRepositoryAuthHook.class.getName();
private final Object POSTMASTERABUSEHOOK =
PostmasterAbuseRcptHook.class.getName();
+ private final Object AUTHREQUIREDTORELAY =
AuthRequiredToRelayRcptHook.class.getName();
+ private final Object SENDERAUTHIDENTITYVERIFICATION =
SenderAuthIdentifyVerificationRcptHook.class.getName();
/**
* @see org.apache.james.smtpserver.HandlersPackage#getHandlers()
@@ -70,6 +72,8 @@
commands.add(RSETCMDHANDLER);
commands.add(VRFYCMDHANDLER);
commands.add(USERSREPOSITORYAUTHHANDLER);
+ commands.add(AUTHREQUIREDTORELAY);
+ commands.add(SENDERAUTHIDENTITYVERIFICATION);
commands.add(POSTMASTERABUSEHOOK);
return commands;
Modified:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/RcptCmdHandler.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/RcptCmdHandler.java?view=diff&rev=491442&r1=491441&r2=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/RcptCmdHandler.java
(original)
+++
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/RcptCmdHandler.java
Sun Dec 31 08:54:40 2006
@@ -197,84 +197,6 @@
optionTokenizer = null;
}
- if (!session.isRelayingAllowed()) {
- if (session.isAuthRequired()) {
- // Make sure the mail is being sent locally if not
- // authenticated else reject.
- if (session.getUser() == null) {
- String toDomain = recipientAddress.getHost();
- if (!session.getConfigurationData().getMailServer()
- .isLocalServer(toDomain)) {
- StringBuffer sb = new StringBuffer(128);
- sb
- .append("Rejected message - authentication is
required for mail request");
- sb.append(getContext(session, recipientAddress,
- recipient));
- getLogger().error(sb.toString());
- return new SMTPResponse(SMTPRetCode.AUTH_REQUIRED,
- DSNStatus.getStatus(DSNStatus.PERMANENT,
- DSNStatus.SECURITY_AUTH)
- + " Authentication Required");
- }
- } else {
- // Identity verification checking
- if (session.getConfigurationData().isVerifyIdentity()) {
- String authUser = (session.getUser())
- .toLowerCase(Locale.US);
- MailAddress senderAddress = (MailAddress) session
- .getState().get(SMTPSession.SENDER);
-
- if ((senderAddress == null)
- || (!authUser.equals(senderAddress
- .getUser()))
- || (!session.getConfigurationData()
- .getMailServer().isLocalServer(
- senderAddress.getHost()))) {
- if (getLogger().isErrorEnabled()) {
- StringBuffer errorBuffer = new StringBuffer(
- 128)
- .append("User ")
- .append(authUser)
- .append(
- " authenticated, however tried
sending email as ")
- .append(senderAddress).append(
- getContext(session,
- recipientAddress,
- recipient));
- getLogger().error(errorBuffer.toString());
- }
-
- return new SMTPResponse(
- SMTPRetCode.BAD_SEQUENCE,
- DSNStatus.getStatus(
- DSNStatus.PERMANENT,
- DSNStatus.SECURITY_AUTH)
- + " Incorrect Authentication for
Specified Email Address");
- }
- }
- }
- } else {
- String toDomain = recipientAddress.getHost();
- if (!session.getConfigurationData().getMailServer()
- .isLocalServer(toDomain)) {
- StringBuffer errorBuffer = new StringBuffer(128)
- .append("Rejected message - ").append(
- session.getRemoteIPAddress()).append(
- " not authorized to relay to ").append(
- toDomain).append(
- getContext(session, recipientAddress,
- recipient));
- getLogger().error(errorBuffer.toString());
-
- return new SMTPResponse(
- SMTPRetCode.MAILBOX_PERM_UNAVAILABLE,
- DSNStatus.getStatus(DSNStatus.PERMANENT,
- DSNStatus.SECURITY_AUTH)
- + " Requested action not taken: relaying
denied");
- }
- }
- }
-
session.getState().put(SMTPSession.CURRENT_RECIPIENT,
recipientAddress);
Added:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java?view=auto&rev=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java
(added)
+++
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java
Sun Dec 31 08:54:40 2006
@@ -0,0 +1,65 @@
+/****************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one *
+ * or more contributor license agreements. See the NOTICE file *
+ * distributed with this work for additional information *
+ * regarding copyright ownership. The ASF licenses this file *
+ * to you under the Apache License, Version 2.0 (the *
+ * "License"); you may not use this file except in compliance *
+ * with the License. You may obtain a copy of the License at *
+ * *
+ * http://www.apache.org/licenses/LICENSE-2.0 *
+ * *
+ * Unless required by applicable law or agreed to in writing, *
+ * software distributed under the License is distributed on an *
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
+ * KIND, either express or implied. See the License for the *
+ * specific language governing permissions and limitations *
+ * under the License. *
+ ****************************************************************/
+package org.apache.james.smtpserver.core;
+
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.james.smtpserver.SMTPSession;
+import org.apache.james.smtpserver.hook.HookResult;
+import org.apache.james.smtpserver.hook.HookReturnCode;
+import org.apache.james.smtpserver.hook.RcptHook;
+import org.apache.james.util.mail.SMTPRetCode;
+import org.apache.james.util.mail.dsn.DSNStatus;
+import org.apache.mailet.MailAddress;
+
+import java.util.Locale;
+
+/**
+ * Handler which whitelist "postmaster" and "abuse" recipients.
+ */
+public class SenderAuthIdentifyVerificationRcptHook extends AbstractLogEnabled
+ implements RcptHook {
+
+ /**
+ * @see
org.apache.james.smtpserver.hook.RcptHook#doRcpt(org.apache.james.smtpserver.SMTPSession,
+ * org.apache.mailet.MailAddress, org.apache.mailet.MailAddress)
+ */
+ public HookResult doRcpt(SMTPSession session, MailAddress sender,
+ MailAddress rcpt) {
+ if (!session.isRelayingAllowed() && session.isAuthRequired()
+ && session.getUser() != null
+ && session.getConfigurationData().isVerifyIdentity()) {
+ String authUser = (session.getUser()).toLowerCase(Locale.US);
+ MailAddress senderAddress = (MailAddress) session.getState().get(
+ SMTPSession.SENDER);
+
+ if ((senderAddress == null)
+ || (!authUser.equals(senderAddress.getUser()))
+ || (!session.getConfigurationData().getMailServer()
+ .isLocalServer(senderAddress.getHost()))) {
+ return new HookResult(HookReturnCode.DENY,
+ SMTPRetCode.BAD_SEQUENCE,
+ DSNStatus.getStatus(DSNStatus.PERMANENT,
+ DSNStatus.SECURITY_AUTH)
+ + " Incorrect Authentication for Specified
Email Address");
+ }
+ }
+ return new HookResult(HookReturnCode.DECLINED);
+ }
+
+}
Propchange:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/SenderAuthIdentifyVerificationRcptHook.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/filter/fastfail/DNSRBLHandler.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/filter/fastfail/DNSRBLHandler.java?view=diff&rev=491442&r1=491441&r2=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/filter/fastfail/DNSRBLHandler.java
(original)
+++
james/server/sandbox/handlerapi-experiment/src/java/org/apache/james/smtpserver/core/filter/fastfail/DNSRBLHandler.java
Sun Dec 31 08:54:40 2006
@@ -34,6 +34,7 @@
import org.apache.james.smtpserver.hook.HookResult;
import org.apache.james.smtpserver.hook.HookReturnCode;
import org.apache.james.smtpserver.hook.RcptHook;
+import org.apache.james.util.mail.SMTPRetCode;
import org.apache.james.util.mail.dsn.DSNStatus;
import org.apache.mailet.MailAddress;
@@ -254,11 +255,11 @@
!(session.isAuthRequired() && session.getUser() != null) //
Not (SMTP AUTH is enabled and not authenticated)
) {
if (blocklistedDetail == null) {
- return new
HookResult(HookReturnCode.DENY,DSNStatus.getStatus(DSNStatus.PERMANENT,
+ return new
HookResult(HookReturnCode.DENY,SMTPRetCode.AUTH_REQUIRED,DSNStatus.getStatus(DSNStatus.PERMANENT,
DSNStatus.SECURITY_AUTH) + " Rejected:
unauthenticated e-mail from " + session.getRemoteIPAddress()
+ " is restricted. Contact the postmaster for
details.");
} else {
- return new
HookResult(HookReturnCode.DENY,"530",DSNStatus.getStatus(DSNStatus.PERMANENT,DSNStatus.SECURITY_AUTH)
+ " " + blocklistedDetail);
+ return new
HookResult(HookReturnCode.DENY,SMTPRetCode.AUTH_REQUIRED,DSNStatus.getStatus(DSNStatus.PERMANENT,DSNStatus.SECURITY_AUTH)
+ " " + blocklistedDetail);
}
}
Modified:
james/server/sandbox/handlerapi-experiment/src/test/org/apache/james/smtpserver/SMTPServerTest.java
URL:
http://svn.apache.org/viewvc/james/server/sandbox/handlerapi-experiment/src/test/org/apache/james/smtpserver/SMTPServerTest.java?view=diff&rev=491442&r1=491441&r2=491442
==============================================================================
---
james/server/sandbox/handlerapi-experiment/src/test/org/apache/james/smtpserver/SMTPServerTest.java
(original)
+++
james/server/sandbox/handlerapi-experiment/src/test/org/apache/james/smtpserver/SMTPServerTest.java
Sun Dec 31 08:54:40 2006
@@ -1465,7 +1465,7 @@
smtpProtocol.setSender(sender);
smtpProtocol.addRecipient("[EMAIL PROTECTED]");
- assertEquals("reject", 550, smtpProtocol
+ assertEquals("reject: "+smtpProtocol.getReplyString(), 550,
smtpProtocol
.getReplyCode());
smtpProtocol.sendShortMessageData("Subject: test\r\n\r\nTest body
testDNSRBLRejectWorks\r\n");
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
