search

jetmore / swaks

Swaks - Swiss Army Knife for SMTP
http://jetmore.org/john/code/swaks/
GNU General Public License v2.0
848 stars 86 forks source link

--tls --xclient options cause potentially wrong sequence #21

Closed martine-plutoflume closed 3 years ago

martine-plutoflume commented 3 years ago

Hi there! Firstly wanted to say how great swaks is, I use it all the time.

I am currently testing behaviour with tls and xclient, and would like some clarification on the command sequence. When sending an email with both --xclient and --tls, there seems to be some unexpected behaviour. From the client, I would expect STARTTLS -> EHLO -> XCLIENT -> EHLO. It seems unexpected that we would have STARTTLS -> XCLIENT -> EHLO -> EHLO. Can you confirm whether this is the correct behaviour?

swaks -s 127.0.0.1:2506 --to test@localhost --from another-test@localhost --xclient-addr '12.13.123.0' --tls
=== Trying 127.0.0.1:2506...
=== Connected to 127.0.0.1.
<-  220 redacted ESMTP
 -> EHLO example-000506.example.net
<-  250-example-000506
<-  250-8BITMIME
<-  250-SMTPUTF8
<-  250-STARTTLS
<-  250 XCLIENT ADDR
 -> STARTTLS
<-  220 OK
=== TLS started with cipher TLS-redacted
=== TLS no local certificate set
=== TLS peer DN="redacted"
 ~> XCLIENT ADDR=12.13.123.0
<~  220 redacted ESMTP
 ~> EHLO example-000506.example.net
<~  250-example-000506
<~  250-8BITMIME
<~  250-SMTPUTF8
<~  250 XCLIENT ADDR
 ~> EHLO example-000506.example.net

When passing the --xclient-before-starttls the behaviour seems correct. XCLIENT -> EHLO -> STARTTLS -> EHLO

swaks -s 127.0.0.1:2506 --to test@localhost.local --from another-test@localhost --xclient-before-starttls --xclient-addr '12.13.123.0' -tls
=== Trying 127.0.0.1:2506...
=== Connected to 127.0.0.1.
<-  220 redacted ESMTP
 -> EHLO example-000506.example.net
<-  250-example-000506
<-  250-8BITMIME
<-  250-SMTPUTF8
<-  250-STARTTLS
<-  250 XCLIENT ADDR
 -> XCLIENT ADDR=12.13.123.0
<-  220 redacted ESMTP
 -> EHLO example-000506.example.net
<-  250-example-000506
<-  250-8BITMIME
<-  250-SMTPUTF8
<-  250-STARTTLS
<-  250 XCLIENT ADDR
 -> STARTTLS
<-  220 OK
=== TLS started with cipher redacted
=== TLS no local certificate set
=== TLS peer DN="redacted"
 ~> EHLO example-000506.example.net
<~  250-example-000506
<~  250-8BITMIME
<~  250-SMTPUTF8
<~  250 XCLIENT ADDR
 ~> MAIL FROM:<another-test@localhost>
<~  250 OK
 ~> RCPT TO:<test@localhost>
<~  250 OK
 ~> DATA
<~  354 <CR><LF>.<CR><LF>
 ~> Date: Fri, 31 Jul 2020 11:34:56 +0100
 ~> To: test@localhost
 ~> From: another-test@localhost
 ~> Subject: test Fri, 31 Jul 2020 11:34:56 +0100
 ~> Message-Id: <20200731113456.1198349@example-000506.example.net>
 ~> X-Mailer: swaks v20190914.0 jetmore.org/john/code/swaks/
 ~> 
 ~> This is a test mailing
 ~> 
 ~> 
 ~> .
<~  250 Message Queued (68B68CDD-09B7-4850-8398-6EEDD1206BDF.1)
 ~> QUIT
<~  221 OK
=== Connection closed with remote host.

Thanks so much!!

jetmore commented 3 years ago

@martine-plutoflume can you try https://raw.githubusercontent.com/jetmore/swaks/21-xclient-order/swaks and see if it fixes the issue you are seeing?

martine-plutoflume commented 3 years ago

@jetmore thanks so much for such a quick response. And yes, it fixes the issue! 😃