search

mjl- / mox

modern full-featured open source secure mail server for low-maintenance self-hosted email
https://www.xmox.nl
MIT License
3.71k stars 113 forks source link

smtp may be too pedantic (for localserve) #55

Closed gimpf closed 1 year ago

gimpf commented 1 year ago

Background: I'm trying to use mox localserve for testing Odoo's processing of both in- and outgoing mails - maybe not completely the intended use-case, but thanks to the new webmail feature something conveniently possible. Mox functions as both a replacement and extension of mailpit in this case.

Error description:

I use mox localserve, with pedantic deactivated. Ports/connections itself work just fine, but I got the error message: 5.5.2 bad syntax: need at least one char for subdomain.

Looking at the log, I see:

trace: "LS: 220 localhost ESMTP mox v0.0.6\r\n" (pkg: smtpserver; cid: 18a2c656776; delta: "174.221µs")
trace: "RC: ehlo MYHOSTNAME.\r\n" (pkg: smtpserver; cid: 18a2c656776; delta: "360.184µs")
debug: "smtp command result": "bad syntax: need at least one char for subdomain (remaining \"\")" (pkg: smtpserver; kind: submission; cmd: ehlo; code: 501; ecode: 5.5.2; duration: "33.644µs"; cid: 18a2c656776; delta: "128.314µs")

I guessed that the trailing dot of the hostname (as sent by Odoo and outside my practical sphere of influence) might be the issue.

Locally patching https://github.com/mjl-/mox/blob/61a5eb61a446581f59bc338aa23b6074cd068695/smtpserver/parse.go#L245C1-L249:

func (p *parser) xdomain() dns.Domain {
        s := p.xsubdomain()
        for p.take(".") {
                if !p.empty() { // <----- HAACK
                        s += "." + p.xsubdomain()
                }
        }

worked. AFAIU the referenced RFC, domain names with trailing dot are not explicitely forbidden, but I'm not sure, and I haven't dug out all the referenced RFCs and sections.

Is this a bug (and could be fixed generally), or if not, is it possible to allow it in non-pedantic mode for localserve?

mjl- commented 1 year ago

Thanks for reporting. I think we should probably be more lenient (perhaps even completely ignore) the argument to ehlo in the case of submission. Unlike with regular SMTP, the value isn't used at all with submission. Plenty of mail clients just write something there.

Will try to make a fix later today. It will probably not be in xdomain(), but in the helo/ehlo handling in smtpserver/server.go.

mjl- commented 1 year ago

I hope the commit solves this: For submission without pedantic, we just ignore the parameters since we don't use them.

What odoo is sending seems invalid to me. The SMTP RFC 5321 has the following syntax:

rfc/5321:1829:
   ehlo           = "EHLO" SP ( Domain / address-literal ) CRLF

rfc/5321:2291:

   Domain         = sub-domain *("." sub-domain)

rfc/5321:2303:

   sub-domain     = Let-dig [Ldh-str]

   Let-dig        = ALPHA / DIGIT

   Ldh-str        = *( ALPHA / DIGIT / "-" ) Let-dig

So a dot at the end is not allowed. But it'll be ignored now (:.

gimpf commented 1 year ago

Thanks for the very quick response, this solves my issue, and I think in a most appropriate way.

I agree, the RFC seems very clear about this. Color me surprised, though: A complete/absolute domain name is designated with a dot at the end (as per the antique RFC 1035), and I thought that it is universally valid. Seems Odoo, or some Python library, was written with an analoguous, erroneous assumption.