@Override public HookResult doRcpt(SMTPSession session, MaybeSender sender, MailAddress rcpt) { if (session.isRelayingAllowed()) { return HookResult.OK; } return HookResult.DECLINED; }
@Override public HookResult doRcpt(SMTPSession session, MaybeSender sender, MailAddress rcpt) { if (!session.isRelayingAllowed()) { return doGreyListCheck(session, sender,rcpt); } else { LOGGER.info("IpAddress {} is allowed to send. Skip greylisting.", session.getRemoteAddress().getAddress().getHostAddress()); } return HookResult.DECLINED; } }
@Override public Response onConnect(SMTPSession session) { // some kind of random cleanup process if (Math.random() > 0.99) { POP3BeforeSMTPHelper.removeExpiredIP(expireTime); } // Check if the ip is allowed to relay if (!session.isRelayingAllowed() && POP3BeforeSMTPHelper.isAuthorized(session.getRemoteAddress().getAddress().getHostAddress())) { session.setRelayingAllowed(true); } return null; }
@Override public HookResult doRcpt(SMTPSession session, MaybeSender sender, MailAddress rcpt) { if (!session.isRelayingAllowed()) { Domain toDomain = rcpt.getDomain(); if (!isLocalDomain(toDomain)) { if (session.isAuthSupported()) { return AUTH_REQUIRED; } else { return RELAYING_DENIED; } } } return HookResult.DECLINED; }
if (session.isRelayingAllowed()) { LOGGER.info("Ipaddress {} is allowed to relay. Don't check it", session.getRemoteAddress().getAddress()); return;
/** * @see org.apache.james.smtpserver.protocol.ConnectHandler#onConnect(SMTPSession) */ public void onConnect(SMTPSession session) { // some kind of random cleanup process if (Math.random() > 0.99) { POP3BeforeSMTPHelper.removeExpiredIP(expireTime); } // Check if the ip is allowed to relay if (!session.isRelayingAllowed() && POP3BeforeSMTPHelper.isAuthorized(session.getRemoteIPAddress())) { session.setRelayingAllowed(true); } }
/** * @see org.apache.james.protocols.smtp.hook.RcptHook#doRcpt(org.apache.james.protocols.smtp.SMTPSession, org.apache.mailet.MailAddress, org.apache.mailet.MailAddress) */ public HookResult doRcpt(SMTPSession session, MailAddress sender, MailAddress rcpt) { if (!session.isRelayingAllowed()) { // Check if session is blocklisted if (session.getState().get(SPF_BLOCKLISTED)!= null) { return new HookResult(HookReturnCode.DENY,DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.SECURITY_AUTH) + " " + session.getState().get(SPF_TEMPBLOCKLISTED)); } else if (session.getState().get(SPF_TEMPBLOCKLISTED) != null) { return new HookResult(HookReturnCode.DENYSOFT, SMTPRetCode.LOCAL_ERROR,DSNStatus.getStatus(DSNStatus.TRANSIENT, DSNStatus.NETWORK_DIR_SERVER) + " " + "Temporarily rejected: Problem on SPF lookup"); } } return new HookResult(HookReturnCode.DECLINED); }
@Override public HookResult onMessage(SMTPSession session, Mail mail) { if (mail instanceof MailImpl) { final MailImpl mailImpl = (MailImpl) mail; mailImpl.setRemoteHost(session.getRemoteAddress().getHostName()); mailImpl.setRemoteAddr(session.getRemoteAddress().getAddress().getHostAddress()); if (session.getUser() != null) { mail.setAttribute(Mail.SMTP_AUTH_USER_ATTRIBUTE_NAME, session.getUser()); } if (session.isRelayingAllowed()) { mail.setAttribute(SMTP_AUTH_NETWORK_NAME, "true"); } } return HookResult.DECLINED; }
@Test public void testAuthWorks() { POP3BeforeSMTPHandler handler = new POP3BeforeSMTPHandler(); setupMockedSMTPSession(); POP3BeforeSMTPHelper.addIPAddress("192.168.200.1"); assertThat(mockedSession.isRelayingAllowed()).isFalse(); handler.onConnect(mockedSession); assertThat(mockedSession.isRelayingAllowed()).isTrue(); }
@Test public void testIPGetRemoved() { long sleepTime = 100; POP3BeforeSMTPHandler handler = new POP3BeforeSMTPHandler(); setupMockedSMTPSession(); POP3BeforeSMTPHelper.addIPAddress("192.168.200.1"); assertThat(mockedSession.isRelayingAllowed()).isFalse(); try { Thread.sleep(sleepTime); POP3BeforeSMTPHelper.removeExpiredIP(10); handler.onConnect(mockedSession); assertThat(mockedSession.isRelayingAllowed()).isFalse(); } catch (InterruptedException e) { // ignore } }
@Override public HookResult doRcpt(SMTPSession session, MaybeSender sender, MailAddress rcpt) { checkDNSRBL(session, session.getRemoteAddress().getAddress().getHostAddress()); if (!session.isRelayingAllowed()) { String blocklisted = (String) session.getAttachment(RBL_BLOCKLISTED_MAIL_ATTRIBUTE_NAME, State.Connection); if (blocklisted != null) { // was found in the RBL if (blocklistedDetail == null) { return HookResult.builder() .hookReturnCode(HookReturnCode.deny()) .smtpDescription(DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.SECURITY_AUTH) + " Rejected: unauthenticated e-mail from " + session.getRemoteAddress().getAddress() + " is restricted. Contact the postmaster for details.") .build(); } else { return HookResult.builder() .hookReturnCode(HookReturnCode.deny()) .smtpDescription(DSNStatus.getStatus(DSNStatus.PERMANENT,DSNStatus.SECURITY_AUTH) + " " + blocklistedDetail) .build(); } } } return HookResult.DECLINED; }
public HookResult onMessage(SMTPSession session, Mail mail) { if (mail instanceof MailImpl) { final MailImpl mailImpl = (MailImpl) mail; mailImpl.setRemoteHost(session.getRemoteHost()); mailImpl.setRemoteAddr(session.getRemoteIPAddress()); if (session.getUser() != null) { mail.setAttribute(SMTP_AUTH_USER_ATTRIBUTE_NAME, session.getUser()); } if (session.isRelayingAllowed()) { mail.setAttribute(SMTP_AUTH_NETWORK_NAME,"true"); } } return new HookResult(HookReturnCode.DECLINED); }
@Override public HookResult doRcpt(SMTPSession session, MailAddress sender, MailAddress rcpt) { if (!session.isRelayingAllowed()) { // Check if session is blocklisted if (session.getAttachment(SPF_BLOCKLISTED, State.Transaction) != null) { return HookResult.builder() .hookReturnCode(HookReturnCode.deny()) .smtpDescription(DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.SECURITY_AUTH) + " " + session.getAttachment(SPF_TEMPBLOCKLISTED, State.Transaction)) .build(); } else if (session.getAttachment(SPF_TEMPBLOCKLISTED, State.Transaction) != null) { return HookResult.builder() .hookReturnCode(HookReturnCode.denySoft()) .smtpReturnCode(SMTPRetCode.LOCAL_ERROR) .smtpDescription(DSNStatus.getStatus(DSNStatus.TRANSIENT, DSNStatus.NETWORK_DIR_SERVER) + " Temporarily rejected: Problem on SPF lookup") .build(); } } return HookResult.DECLINED; }