mirrors/maddy
1
0
Fork 0
mirror of https://github.com/foxcpp/maddy.git synced 2025-04-04 13:37:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

Add a requiretls check for incoming SMTP

Browse source
This commit is contained in:
Nick Thomas 2019-11-13 00:14:34 +00:00 committed by Max Mazurov
parent dae3d5bd09
commit c5c8470845
3 changed files with 36 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/man/maddy-filters.5.scd
View file

@ -35,7 +35,7 @@ storage, the storage backend can place the message in the 'Junk' mailbox.
Another thing to keep in mind that 'remote' module (see *maddy-targets*(5))
will refuse to send quarantined messages.
# DNS checks
# Simple checks
## Configuration directives
@ -78,6 +78,14 @@ specified in EHLO/HELO command.
By default, quarantines messages coming from servers with mismatched or missing
PTR record, use 'fail_action' directive to change that.
## require_tls
Check that the source server is connected via TLS; either directly, or by using
the STARTTLS command.
By default, rejects messages coming from unencrypted servers. Use the
'fail_action' directive to change that.
# DKIM authentication module (verify_dkim)
This is the check module that performs verification of the DKIM signatures

26
internal/check/requiretls/requiretls.go Normal file
View file

@ -0,0 +1,26 @@
package requiretls
import (
"github.com/foxcpp/maddy/internal/check"
"github.com/foxcpp/maddy/internal/exterrors"
"github.com/foxcpp/maddy/internal/module"
)
func requireTLS(ctx check.StatelessCheckContext) module.CheckResult {
if ctx.MsgMeta.Conn != nil && ctx.MsgMeta.Conn.TLS.HandshakeComplete {
return module.CheckResult{}
}
return module.CheckResult{
Reason: &exterrors.SMTPError{
Code: 550,
EnhancedCode: exterrors.EnhancedCode{5, 7, 1},
Message: "TLS conversation required",
CheckName: "require_tls",
},
}
}
func init() {
check.RegisterStatelessCheck("require_tls", check.FailAction{Reject: true}, requireTLS, nil, nil, nil)
}

1
maddy.go
View file

@ -25,6 +25,7 @@ import (
_ "github.com/foxcpp/maddy/internal/check/dkim"
_ "github.com/foxcpp/maddy/internal/check/dns"
_ "github.com/foxcpp/maddy/internal/check/dnsbl"
_ "github.com/foxcpp/maddy/internal/check/requiretls"
_ "github.com/foxcpp/maddy/internal/check/spf"
_ "github.com/foxcpp/maddy/internal/endpoint/imap"
_ "github.com/foxcpp/maddy/internal/endpoint/smtp"