[exim-cvs] Handle MAIL-before-EHLO under smtp_max_synprot_er…

Gitweb: https://git.exim.org/exim.git/commitdiff/b97c55112656f7d9cc5629b0cdb2e14a1b2ac649

Commit:     b97c55112656f7d9cc5629b0cdb2e14a1b2ac649
Parent:     359e2110201a7d6f9c5db33f4f9be4380b3cce25
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Mon May 20 14:47:04 2024 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon May 20 14:47:04 2024 +0100

    Handle MAIL-before-EHLO under smtp_max_synprot_errors.  Bug 3096
---
 doc/doc-txt/ChangeLog        |  7 +++++--
 src/src/smtp_in.c            |  3 ++-
 test/confs/0637              | 13 +++++++++++++
 test/log/0637                |  8 ++++++++
 test/rejectlog/0637          |  7 +++++++
 test/scripts/0000-Basic/0637 | 18 ++++++++++++++++++
 test/stdout/0637             | 20 ++++++++++++++++++++
 7 files changed, 73 insertions(+), 3 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 98c7a9584..e1cec9e15 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -151,10 +151,13 @@ JH/29 Bug 3087: Fix SRS encode. A zero-length quoted element in the local-part
JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC.

 JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of
-      ipv6 addresses for the sender.  Previously the uncompressed form was
-      used, and if used in textual form this would result in behavior difference
+      ipv6 addresses for the sender.  Previously the uncompressed form was used,
+      and if used in textual form this would result in behavior difference
       versus non-bh.

+JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is
+      now classed as a protocol error and subject to smtp_max_synprot_errors.
+

 Exim version 4.97
 -----------------
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index f65ab6603..ff50c80f9 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -4352,9 +4352,10 @@ while (done <= 0)
     if (  fl.helo_verify_required
        || verify_check_host(&hosts_require_helo) == OK)
       {
-      smtp_printf("503 HELO or EHLO required\r\n", SP_NO_MORE);
       log_write(0, LOG_MAIN|LOG_REJECT, "rejected MAIL from %s: no "
         "HELO/EHLO given", host_and_ident(FALSE));
+      done = synprot_error(L_smtp_protocol_error, 503, NULL,
+              US"HELO or EHLO required");
       break;
       }
     else if (smtp_mailcmd_max < 0)
diff --git a/test/confs/0637 b/test/confs/0637
new file mode 100644
index 000000000..a47d7d128
--- /dev/null
+++ b/test/confs/0637
@@ -0,0 +1,13 @@
+# Exim test configuration 0637
+
+HVH=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+# ----- ACL -----
+
+# End
diff --git a/test/log/0637 b/test/log/0637
new file mode 100644
index 000000000..5971628d3
--- /dev/null
+++ b/test/log/0637
@@ -0,0 +1,8 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 SMTP call from [127.0.0.1] dropped: too many syntax or protocol errors (last command was "mail from:<u4@???>",  C=MAIL,MAIL,MAIL,MAIL)
diff --git a/test/rejectlog/0637 b/test/rejectlog/0637
new file mode 100644
index 000000000..9f539cd1d
--- /dev/null
+++ b/test/rejectlog/0637
@@ -0,0 +1,7 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 SMTP call from [127.0.0.1] dropped: too many syntax or protocol errors (last command was "mail from:<u4@???>",  C=MAIL,MAIL,MAIL,MAIL)
diff --git a/test/scripts/0000-Basic/0637 b/test/scripts/0000-Basic/0637
new file mode 100644
index 000000000..7ed9b3cbe
--- /dev/null
+++ b/test/scripts/0000-Basic/0637
@@ -0,0 +1,18 @@
+# mail before ehlo
+exim -bd -DSERVER=server -oX PORT_D
+****
+client 127.0.0.1 PORT_D
+??? 220
+mail from:<u1@???>
+??? 503 HELO or EHLO required
+mail from:<u2@???>
+??? 503
+mail from:<u3@???>
+??? 503
+mail from:<u4@???>
+??? 503-
+??? 503 Too many
+???*
+****
+killdaemon
+no_stderr_check
diff --git a/test/stdout/0637 b/test/stdout/0637
new file mode 100644
index 000000000..97d95ea6e
--- /dev/null
+++ b/test/stdout/0637
@@ -0,0 +1,20 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> mail from:<u1@???>
+??? 503 HELO or EHLO required
+<<< 503 HELO or EHLO required
+>>> mail from:<u2@???>
+??? 503
+<<< 503 HELO or EHLO required
+>>> mail from:<u3@???>
+??? 503
+<<< 503 HELO or EHLO required
+>>> mail from:<u4@???>
+??? 503-
+<<< 503-HELO or EHLO required
+??? 503 Too many
+<<< 503 Too many syntax or protocol errors
+???*
+Expected EOF read
+End of script

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-cvs.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-cvs-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/