push.rocks/smartmta
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: push.rocks:v2.1.0
Branches Tags
push.rocks:main
push.rocks:v5.1.3 push.rocks:v5.1.2 push.rocks:v5.1.1 push.rocks:v5.1.0 push.rocks:v5.0.0 push.rocks:v4.1.1 push.rocks:v4.1.0 push.rocks:v4.0.0 push.rocks:v3.0.0 push.rocks:v2.4.0 push.rocks:v2.3.2 push.rocks:v2.3.1 push.rocks:v2.3.0 push.rocks:v2.2.1 push.rocks:v2.2.0 push.rocks:v2.1.0 push.rocks:v2.0.1 push.rocks:v2.0.0 push.rocks:v1.3.1 push.rocks:v1.3.0 push.rocks:v1.2.1 push.rocks:v1.2.0 push.rocks:v1.1.0 push.rocks:v1.0.1
..
compare: push.rocks:v2.3.0
Branches Tags
push.rocks:main
push.rocks:v5.1.3 push.rocks:v5.1.2 push.rocks:v5.1.1 push.rocks:v5.1.0 push.rocks:v5.0.0 push.rocks:v4.1.1 push.rocks:v4.1.0 push.rocks:v4.0.0 push.rocks:v3.0.0 push.rocks:v2.4.0 push.rocks:v2.3.2 push.rocks:v2.3.1 push.rocks:v2.3.0 push.rocks:v2.2.1 push.rocks:v2.2.0 push.rocks:v2.1.0 push.rocks:v2.0.1 push.rocks:v2.0.0 push.rocks:v1.3.1 push.rocks:v1.3.0 push.rocks:v1.2.1 push.rocks:v1.2.0 push.rocks:v1.1.0 push.rocks:v1.0.1

6 Commits
v2.1.0 ... v2.3.0

Author SHA1 Message Date
Juergen Kunz
f601859f8b v2.3.0
Some checks failed
CI / Type Check & Lint (push) Failing after 4s
Details
CI / Build Test (Current Platform) (push) Failing after 4s
Details
CI / Build All Platforms (push) Failing after 4s
Details
Publish to npm / npm-publish (push) Failing after 5s
Details
Release / build-and-release (push) Failing after 4s
Details
2026-02-10 22:26:20 +00:00
Juergen Kunz
eb2643de93 feat(mailer-smtp): add in-process security pipeline for SMTP delivery (DKIM/SPF/DMARC, content scanning, IP reputation) 2026-02-10 22:26:20 +00:00
Juergen Kunz
595634fb0f v2.2.1
Some checks failed
CI / Type Check & Lint (push) Failing after 4s
Details
CI / Build Test (Current Platform) (push) Failing after 4s
Details
CI / Build All Platforms (push) Failing after 4s
Details
Publish to npm / npm-publish (push) Failing after 5s
Details
Release / build-and-release (push) Failing after 4s
Details
2026-02-10 22:04:56 +00:00
Juergen Kunz
cee8a51081 fix(readme): Clarify Rust-powered architecture and mandatory Rust bridge; expand README with Rust workspace details and project structure updates 2026-02-10 22:04:56 +00:00
Juergen Kunz
f1c5546186 v2.2.0
Some checks failed
CI / Type Check & Lint (push) Failing after 4s
Details
CI / Build Test (Current Platform) (push) Failing after 4s
Details
CI / Build All Platforms (push) Failing after 4s
Details
Publish to npm / npm-publish (push) Failing after 5s
Details
Release / build-and-release (push) Failing after 4s
Details
2026-02-10 22:00:44 +00:00
Juergen Kunz
5220ee0857 feat(mailer-smtp): implement in-process SMTP server and management IPC integration 2026-02-10 22:00:44 +00:00
167 changed files with 5067 additions and 47925 deletions
Expand all files Collapse all files

31
changelog.md
View File

@@ -1,5 +1,36 @@
# Changelog
## 2026-02-10 - 2.3.0 - feat(mailer-smtp)
add in-process security pipeline for SMTP delivery (DKIM/SPF/DMARC, content scanning, IP reputation)
- Integrate mailer_security verification (DKIM/SPF/DMARC) and IP reputation checks into the Rust SMTP server; run concurrently and wrapped with a 30s timeout.
- Add MIME parsing using mailparse and an extract_mime_parts helper to extract subject, text/html bodies and attachment filenames for content scanning.
- Wire MessageAuthenticator and TokioResolver into server and connection startup; pass them into the delivery pipeline and connection handlers.
- Run content scanning (mailer_security::content_scanner), combine results (dkim/spf/dmarc, contentScan, ipReputation) into a JSON object and attach as security_results on EmailReceived events.
- Update Rust crates (Cargo.toml/Cargo.lock) to include mailparse and resolver usage and add serde::Deserialize where required; add unit tests for MIME extraction.
- Remove the TypeScript SMTP server implementation and many TS tests; replace test helper (server.loader.ts) with a stub that points tests to use the Rust SMTP server and provide small utilities (getAvailablePort/isPortFree).
## 2026-02-10 - 2.2.1 - fix(readme)
Clarify Rust-powered architecture and mandatory Rust bridge; expand README with Rust workspace details and project structure updates
- Emphasizes that the SMTP server is Rust-powered (high-performance) and not a nodemailer-based TS server.
- Documents that the Rust binary (mailer-bin) is required — if unavailable UnifiedEmailServer.start() will throw an error.
- Adds installation/build note: run `pnpm build` to compile the Rust binary.
- Adds a new Rust Acceleration Layer section listing workspace crates and responsibilities (mailer-core, mailer-security, mailer-smtp, mailer-bin, mailer-napi).
- Updates project structure: marks legacy TS SMTP server as fallback/legacy, adds dist_rust output, and clarifies which operations run in Rust vs TypeScript.
## 2026-02-10 - 2.2.0 - feat(mailer-smtp)
implement in-process SMTP server and management IPC integration
- Add full SMTP protocol engine crate (mailer-smtp) with modules: command, config, connection, data, response, session, state, validation, rate_limiter and server
- Introduce SmtpServerConfig, DataAccumulator (DATA phase handling, dot-unstuffing, size limits) and SmtpResponse builder with EHLO capability construction
- Add in-process RateLimiter using DashMap and runtime-configurable RateLimitConfig
- Add TCP/TLS server start/stop API (start_server) with TlsAcceptor building from PEM and SmtpServerHandle for shutdown and status
- Integrate callback registry and oneshot-based correlation callbacks in mailer-bin management mode for email processing/auth results and JSON IPC parsing for SmtpServerConfig
- TypeScript bridge and routing updates: new IPC commands/types (startSmtpServer, stopSmtpServer, emailProcessingResult, authResult, configureRateLimits) and event handlers (emailReceived, authRequest)
- Update Cargo manifests and lockfile to add dependencies (dashmap, regex, rustls, rustls-pemfile, rustls-pki-types, uuid, serde_json, base64, etc.)
- Add comprehensive unit tests for new modules (config, data, response, session, state, rate_limiter, validation)
## 2026-02-10 - 2.1.0 - feat(security)
migrate content scanning and bounce detection to Rust security bridge; add scanContent IPC command and Rust content scanner with tests; update TS RustSecurityBridge and callers, and adjust CI package references

2
dist_ts/00_commitinfo_data.js
View File

@@ -3,7 +3,7 @@
*/
export const commitinfo = {
name: '@push.rocks/smartmta',
version: '2.0.1',
version: '2.2.1',
description: 'A high-performance, enterprise-grade Mail Transfer Agent (MTA) built from scratch in TypeScript with Rust acceleration.'
};
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSxzQkFBc0I7SUFDNUIsT0FBTyxFQUFFLE9BQU87SUFDaEIsV0FBVyxFQUFFLHlIQUF5SDtDQUN2SSxDQUFBIn0=

3
dist_ts/mail/delivery/index.d.ts vendored
View File

@@ -8,5 +8,4 @@ export type { IRateLimitConfig } from './classes.ratelimiter.js';
export * from './classes.unified.rate.limiter.js';
export * from './classes.mta.config.js';
import * as smtpClientMod from './smtpclient/index.js';
import * as smtpServerMod from './smtpserver/index.js';
export { smtpClientMod, smtpServerMod };
export { smtpClientMod };

5
dist_ts/mail/delivery/index.js
View File

@@ -13,6 +13,5 @@ export * from './classes.unified.rate.limiter.js';
export * from './classes.mta.config.js';
// Import and export SMTP modules as namespaces to avoid conflicts
import * as smtpClientMod from './smtpclient/index.js';
import * as smtpServerMod from './smtpserver/index.js';
export { smtpClientMod, smtpServerMod };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9tYWlsL2RlbGl2ZXJ5L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLDRCQUE0QjtBQUM1QixjQUFjLDJCQUEyQixDQUFDO0FBQzFDLGNBQWMsNkJBQTZCLENBQUM7QUFDNUMsY0FBYyw4QkFBOEIsQ0FBQztBQUU3Qyx1Q0FBdUM7QUFDdkMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQ3pELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSw4QkFBOEIsQ0FBQztBQUU5RCw2Q0FBNkM7QUFDN0MsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBR3ZELHVCQUF1QjtBQUN2QixjQUFjLG1DQUFtQyxDQUFDO0FBRWxELGdDQUFnQztBQUNoQyxjQUFjLHlCQUF5QixDQUFDO0FBRXhDLGtFQUFrRTtBQUNsRSxPQUFPLEtBQUssYUFBYSxNQUFNLHVCQUF1QixDQUFDO0FBQ3ZELE9BQU8sS0FBSyxhQUFhLE1BQU0sdUJBQXVCLENBQUM7QUFFdkQsT0FBTyxFQUFFLGFBQWEsRUFBRSxhQUFhLEVBQUUsQ0FBQyJ9
export { smtpClientMod };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9tYWlsL2RlbGl2ZXJ5L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLDRCQUE0QjtBQUM1QixjQUFjLDJCQUEyQixDQUFDO0FBQzFDLGNBQWMsNkJBQTZCLENBQUM7QUFDNUMsY0FBYyw4QkFBOEIsQ0FBQztBQUU3Qyx1Q0FBdUM7QUFDdkMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQ3pELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSw4QkFBOEIsQ0FBQztBQUU5RCw2Q0FBNkM7QUFDN0MsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBR3ZELHVCQUF1QjtBQUN2QixjQUFjLG1DQUFtQyxDQUFDO0FBRWxELGdDQUFnQztBQUNoQyxjQUFjLHlCQUF5QixDQUFDO0FBRXhDLGtFQUFrRTtBQUNsRSxPQUFPLEtBQUssYUFBYSxNQUFNLHVCQUF1QixDQUFDO0FBRXZELE9BQU8sRUFBRSxhQUFhLEVBQUUsQ0FBQyJ9

45
dist_ts/mail/delivery/smtpserver/certificate-utils.d.ts vendored
View File

@@ -1,45 +0,0 @@
/**
* Certificate Utilities for SMTP Server
* Provides utilities for managing TLS certificates
*/
import * as tls from 'tls';
/**
* Certificate data
*/
export interface ICertificateData {
key: Buffer;
cert: Buffer;
ca?: Buffer;
}
/**
* Load certificates from PEM format strings
* @param options - Certificate options
* @returns Certificate data with Buffer format
*/
export declare function loadCertificatesFromString(options: {
key: string | Buffer;
cert: string | Buffer;
ca?: string | Buffer;
}): ICertificateData;
/**
* Load certificates from files
* @param options - Certificate file paths
* @returns Certificate data with Buffer format
*/
export declare function loadCertificatesFromFiles(options: {
keyPath: string;
certPath: string;
caPath?: string;
}): ICertificateData;
/**
* Generate self-signed certificates for testing
* @returns Certificate data with Buffer format
*/
export declare function generateSelfSignedCertificates(): ICertificateData;
/**
* Create TLS options for secure server or STARTTLS
* @param certificates - Certificate data
* @param isServer - Whether this is for server (true) or client (false)
* @returns TLS options
*/
export declare function createTlsOptions(certificates: ICertificateData, isServer?: boolean): tls.TlsOptions;

345
dist_ts/mail/delivery/smtpserver/certificate-utils.js
View File

File diff suppressed because one or more lines are too long

156
dist_ts/mail/delivery/smtpserver/command-handler.d.ts vendored
View File

@@ -1,156 +0,0 @@
/**
* SMTP Command Handler
* Responsible for parsing and handling SMTP commands
*/
import * as plugins from '../../../plugins.js';
import type { ISmtpSession } from './interfaces.js';
import type { ICommandHandler, ISmtpServer } from './interfaces.js';
import { SmtpCommand } from './constants.js';
/**
* Handles SMTP commands and responses
*/
export declare class CommandHandler implements ICommandHandler {
/**
* Reference to the SMTP server instance
*/
private smtpServer;
/**
* Creates a new command handler
* @param smtpServer - SMTP server instance
*/
constructor(smtpServer: ISmtpServer);
/**
* Process a command from the client
* @param socket - Client socket
* @param commandLine - Command line from client
*/
processCommand(socket: plugins.net.Socket | plugins.tls.TLSSocket, commandLine: string): Promise<void>;
/**
* Send a response to the client
* @param socket - Client socket
* @param response - Response to send
*/
sendResponse(socket: plugins.net.Socket | plugins.tls.TLSSocket, response: string): void;
/**
* Check if a socket error is potentially recoverable
* @param error - The error that occurred
* @returns Whether the error is potentially recoverable
*/
private isRecoverableSocketError;
/**
* Handle recoverable socket errors with retry logic
* @param socket - Client socket
* @param error - The error that occurred
* @param response - The response that failed to send
*/
private handleSocketError;
/**
* Handle EHLO command
* @param socket - Client socket
* @param clientHostname - Client hostname from EHLO command
*/
handleEhlo(socket: plugins.net.Socket | plugins.tls.TLSSocket, clientHostname: string): void;
/**
* Handle MAIL FROM command
* @param socket - Client socket
* @param args - Command arguments
*/
handleMailFrom(socket: plugins.net.Socket | plugins.tls.TLSSocket, args: string): void;
/**
* Handle RCPT TO command
* @param socket - Client socket
* @param args - Command arguments
*/
handleRcptTo(socket: plugins.net.Socket | plugins.tls.TLSSocket, args: string): void;
/**
* Handle DATA command
* @param socket - Client socket
*/
handleData(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Handle RSET command
* @param socket - Client socket
*/
handleRset(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Handle NOOP command
* @param socket - Client socket
*/
handleNoop(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Handle QUIT command
* @param socket - Client socket
*/
handleQuit(socket: plugins.net.Socket | plugins.tls.TLSSocket, args?: string): void;
/**
* Handle AUTH command
* @param socket - Client socket
* @param args - Command arguments
*/
private handleAuth;
/**
* Handle AUTH PLAIN authentication
* @param socket - Client socket
* @param session - Session
* @param initialResponse - Optional initial response
*/
private handleAuthPlain;
/**
* Handle AUTH LOGIN authentication
* @param socket - Client socket
* @param session - Session
* @param initialResponse - Optional initial response
*/
private handleAuthLogin;
/**
* Handle AUTH LOGIN response
* @param socket - Client socket
* @param session - Session
* @param response - Response from client
*/
private handleAuthLoginResponse;
/**
* Handle HELP command
* @param socket - Client socket
* @param args - Command arguments
*/
private handleHelp;
/**
* Handle VRFY command (Verify user/mailbox)
* RFC 5321 Section 3.5.1: Server MAY respond with 252 to avoid disclosing sensitive information
* @param socket - Client socket
* @param args - Command arguments (username to verify)
*/
private handleVrfy;
/**
* Handle EXPN command (Expand mailing list)
* RFC 5321 Section 3.5.2: Server MAY disable this for security
* @param socket - Client socket
* @param args - Command arguments (mailing list to expand)
*/
private handleExpn;
/**
* Reset session to after-EHLO state
* @param session - SMTP session to reset
*/
private resetSession;
/**
* Validate command sequence based on current state
* @param command - Command to validate
* @param session - Current session
* @returns Whether the command is valid in the current state
*/
private validateCommandSequence;
/**
* Handle an SMTP command (interface requirement)
*/
handleCommand(socket: plugins.net.Socket | plugins.tls.TLSSocket, command: SmtpCommand, args: string, session: ISmtpSession): Promise<void>;
/**
* Get supported commands for current session state (interface requirement)
*/
getSupportedCommands(session: ISmtpSession): SmtpCommand[];
/**
* Clean up resources
*/
destroy(): void;
}

1163
dist_ts/mail/delivery/smtpserver/command-handler.js
View File

File diff suppressed because one or more lines are too long

159
dist_ts/mail/delivery/smtpserver/connection-manager.d.ts vendored
View File

@@ -1,159 +0,0 @@
/**
* SMTP Connection Manager
* Responsible for managing socket connections to the SMTP server
*/
import * as plugins from '../../../plugins.js';
import type { IConnectionManager, ISmtpServer } from './interfaces.js';
/**
* Manager for SMTP connections
* Handles connection setup, event listeners, and lifecycle management
* Provides resource management, connection tracking, and monitoring
*/
export declare class ConnectionManager implements IConnectionManager {
/**
* Reference to the SMTP server instance
*/
private smtpServer;
/**
* Set of active socket connections
*/
private activeConnections;
/**
* Connection tracking for resource management
*/
private connectionStats;
/**
* Per-IP connection tracking for rate limiting
*/
private ipConnections;
/**
* Resource monitoring interval
*/
private resourceCheckInterval;
/**
* Track cleanup timers so we can clear them
*/
private cleanupTimers;
/**
* SMTP server options with enhanced resource controls
*/
private options;
/**
* Creates a new connection manager with enhanced resource management
* @param smtpServer - SMTP server instance
*/
constructor(smtpServer: ISmtpServer);
/**
* Start resource monitoring interval to check resource usage
*/
private startResourceMonitoring;
/**
* Monitor resource usage and log statistics
*/
private monitorResourceUsage;
/**
* Clean up expired IP rate limits and perform additional resource monitoring
*/
private cleanupIpRateLimits;
/**
* Validate and repair resource tracking to prevent leaks
*/
private validateResourceTracking;
/**
* Handle a new connection with resource management
* @param socket - Client socket
*/
handleNewConnection(socket: plugins.net.Socket): Promise<void>;
/**
* Check if an IP has exceeded the rate limit
* @param ip - Client IP address
* @returns True if rate limited
*/
private isIPRateLimited;
/**
* Track a new connection from an IP
* @param ip - Client IP address
*/
private trackIPConnection;
/**
* Check if an IP has reached its connection limit
* @param ip - Client IP address
* @returns True if limit reached
*/
private hasReachedIPConnectionLimit;
/**
* Handle a new secure TLS connection with resource management
* @param socket - Client TLS socket
*/
handleNewSecureConnection(socket: plugins.tls.TLSSocket): Promise<void>;
/**
* Set up event handlers for a socket with enhanced resource management
* @param socket - Client socket
*/
setupSocketEventHandlers(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Get the current connection count
* @returns Number of active connections
*/
getConnectionCount(): number;
/**
* Check if the server has reached the maximum number of connections
* @returns True if max connections reached
*/
hasReachedMaxConnections(): boolean;
/**
* Close all active connections
*/
closeAllConnections(): void;
/**
* Handle socket close event
* @param socket - Client socket
* @param hadError - Whether the socket was closed due to error
*/
private handleSocketClose;
/**
* Handle socket error event
* @param socket - Client socket
* @param error - Error object
*/
private handleSocketError;
/**
* Handle socket timeout event
* @param socket - Client socket
*/
private handleSocketTimeout;
/**
* Reject a connection
* @param socket - Client socket
* @param reason - Reason for rejection
*/
private rejectConnection;
/**
* Send greeting message
* @param socket - Client socket
*/
private sendGreeting;
/**
* Send service closing notification
* @param socket - Client socket
*/
private sendServiceClosing;
/**
* Send response to client
* @param socket - Client socket
* @param response - Response to send
*/
private sendResponse;
/**
* Handle a new connection (interface requirement)
*/
handleConnection(socket: plugins.net.Socket | plugins.tls.TLSSocket, secure: boolean): Promise<void>;
/**
* Check if accepting new connections (interface requirement)
*/
canAcceptConnection(): boolean;
/**
* Clean up resources
*/
destroy(): void;
}

918
dist_ts/mail/delivery/smtpserver/connection-manager.js
View File

File diff suppressed because one or more lines are too long

130
dist_ts/mail/delivery/smtpserver/constants.d.ts vendored
View File

@@ -1,130 +0,0 @@
/**
* SMTP Server Constants
* This file contains all constants and enums used by the SMTP server
*/
import { SmtpState } from '../interfaces.js';
export { SmtpState };
/**
* SMTP Response Codes
* Based on RFC 5321 and common SMTP practice
*/
export declare enum SmtpResponseCode {
SUCCESS = 250,// Requested mail action okay, completed
SYSTEM_STATUS = 211,// System status, or system help reply
HELP_MESSAGE = 214,// Help message
SERVICE_READY = 220,// <domain> Service ready
SERVICE_CLOSING = 221,// <domain> Service closing transmission channel
AUTHENTICATION_SUCCESSFUL = 235,// Authentication successful
OK = 250,// Requested mail action okay, completed
FORWARD = 251,// User not local; will forward to <forward-path>
CANNOT_VRFY = 252,// Cannot VRFY user, but will accept message and attempt delivery
MORE_INFO_NEEDED = 334,// Server challenge for authentication
START_MAIL_INPUT = 354,// Start mail input; end with <CRLF>.<CRLF>
SERVICE_NOT_AVAILABLE = 421,// <domain> Service not available, closing transmission channel
MAILBOX_TEMPORARILY_UNAVAILABLE = 450,// Requested mail action not taken: mailbox unavailable
LOCAL_ERROR = 451,// Requested action aborted: local error in processing
INSUFFICIENT_STORAGE = 452,// Requested action not taken: insufficient system storage
TLS_UNAVAILABLE_TEMP = 454,// TLS not available due to temporary reason
SYNTAX_ERROR = 500,// Syntax error, command unrecognized
SYNTAX_ERROR_PARAMETERS = 501,// Syntax error in parameters or arguments
COMMAND_NOT_IMPLEMENTED = 502,// Command not implemented
BAD_SEQUENCE = 503,// Bad sequence of commands
COMMAND_PARAMETER_NOT_IMPLEMENTED = 504,// Command parameter not implemented
AUTH_REQUIRED = 530,// Authentication required
AUTH_FAILED = 535,// Authentication credentials invalid
MAILBOX_UNAVAILABLE = 550,// Requested action not taken: mailbox unavailable
USER_NOT_LOCAL = 551,// User not local; please try <forward-path>
EXCEEDED_STORAGE = 552,// Requested mail action aborted: exceeded storage allocation
MAILBOX_NAME_INVALID = 553,// Requested action not taken: mailbox name not allowed
TRANSACTION_FAILED = 554,// Transaction failed
MAIL_RCPT_PARAMETERS_INVALID = 555
}
/**
* SMTP Command Types
*/
export declare enum SmtpCommand {
HELO = "HELO",
EHLO = "EHLO",
MAIL_FROM = "MAIL",
RCPT_TO = "RCPT",
DATA = "DATA",
RSET = "RSET",
NOOP = "NOOP",
QUIT = "QUIT",
STARTTLS = "STARTTLS",
AUTH = "AUTH",
HELP = "HELP",
VRFY = "VRFY",
EXPN = "EXPN"
}
/**
* Security log event types
*/
export declare enum SecurityEventType {
CONNECTION = "connection",
AUTHENTICATION = "authentication",
COMMAND = "command",
DATA = "data",
IP_REPUTATION = "ip_reputation",
TLS_NEGOTIATION = "tls_negotiation",
DKIM = "dkim",
SPF = "spf",
DMARC = "dmarc",
EMAIL_VALIDATION = "email_validation",
SPAM = "spam",
ACCESS_CONTROL = "access_control"
}
/**
* Security log levels
*/
export declare enum SecurityLogLevel {
DEBUG = "debug",
INFO = "info",
WARN = "warn",
ERROR = "error"
}
/**
* SMTP Server Defaults
*/
export declare const SMTP_DEFAULTS: {
CONNECTION_TIMEOUT: number;
SOCKET_TIMEOUT: number;
DATA_TIMEOUT: number;
CLEANUP_INTERVAL: number;
MAX_CONNECTIONS: number;
MAX_RECIPIENTS: number;
MAX_MESSAGE_SIZE: number;
SMTP_PORT: number;
SUBMISSION_PORT: number;
SECURE_PORT: number;
HOSTNAME: string;
CRLF: string;
};
/**
* SMTP Command Patterns
* Regular expressions for parsing SMTP commands
*/
export declare const SMTP_PATTERNS: {
EHLO: RegExp;
MAIL_FROM: RegExp;
RCPT_TO: RegExp;
PARAM: RegExp;
EMAIL: RegExp;
END_DATA: RegExp;
};
/**
* SMTP Extension List
* These extensions are advertised in the EHLO response
*/
export declare const SMTP_EXTENSIONS: {
PIPELINING: string;
SIZE: string;
EIGHTBITMIME: string;
STARTTLS: string;
AUTH: string;
ENHANCEDSTATUSCODES: string;
HELP: string;
CHUNKING: string;
DSN: string;
formatExtension(name: string, parameter?: string | number): string;
};

162
dist_ts/mail/delivery/smtpserver/constants.js
View File

@@ -1,162 +0,0 @@
/**
* SMTP Server Constants
* This file contains all constants and enums used by the SMTP server
*/
import { SmtpState } from '../interfaces.js';
// Re-export SmtpState enum from the main interfaces file
export { SmtpState };
/**
* SMTP Response Codes
* Based on RFC 5321 and common SMTP practice
*/
export var SmtpResponseCode;
(function (SmtpResponseCode) {
// Success codes (2xx)
SmtpResponseCode[SmtpResponseCode["SUCCESS"] = 250] = "SUCCESS";
SmtpResponseCode[SmtpResponseCode["SYSTEM_STATUS"] = 211] = "SYSTEM_STATUS";
SmtpResponseCode[SmtpResponseCode["HELP_MESSAGE"] = 214] = "HELP_MESSAGE";
SmtpResponseCode[SmtpResponseCode["SERVICE_READY"] = 220] = "SERVICE_READY";
SmtpResponseCode[SmtpResponseCode["SERVICE_CLOSING"] = 221] = "SERVICE_CLOSING";
SmtpResponseCode[SmtpResponseCode["AUTHENTICATION_SUCCESSFUL"] = 235] = "AUTHENTICATION_SUCCESSFUL";
SmtpResponseCode[SmtpResponseCode["OK"] = 250] = "OK";
SmtpResponseCode[SmtpResponseCode["FORWARD"] = 251] = "FORWARD";
SmtpResponseCode[SmtpResponseCode["CANNOT_VRFY"] = 252] = "CANNOT_VRFY";
// Intermediate codes (3xx)
SmtpResponseCode[SmtpResponseCode["MORE_INFO_NEEDED"] = 334] = "MORE_INFO_NEEDED";
SmtpResponseCode[SmtpResponseCode["START_MAIL_INPUT"] = 354] = "START_MAIL_INPUT";
// Temporary error codes (4xx)
SmtpResponseCode[SmtpResponseCode["SERVICE_NOT_AVAILABLE"] = 421] = "SERVICE_NOT_AVAILABLE";
SmtpResponseCode[SmtpResponseCode["MAILBOX_TEMPORARILY_UNAVAILABLE"] = 450] = "MAILBOX_TEMPORARILY_UNAVAILABLE";
SmtpResponseCode[SmtpResponseCode["LOCAL_ERROR"] = 451] = "LOCAL_ERROR";
SmtpResponseCode[SmtpResponseCode["INSUFFICIENT_STORAGE"] = 452] = "INSUFFICIENT_STORAGE";
SmtpResponseCode[SmtpResponseCode["TLS_UNAVAILABLE_TEMP"] = 454] = "TLS_UNAVAILABLE_TEMP";
// Permanent error codes (5xx)
SmtpResponseCode[SmtpResponseCode["SYNTAX_ERROR"] = 500] = "SYNTAX_ERROR";
SmtpResponseCode[SmtpResponseCode["SYNTAX_ERROR_PARAMETERS"] = 501] = "SYNTAX_ERROR_PARAMETERS";
SmtpResponseCode[SmtpResponseCode["COMMAND_NOT_IMPLEMENTED"] = 502] = "COMMAND_NOT_IMPLEMENTED";
SmtpResponseCode[SmtpResponseCode["BAD_SEQUENCE"] = 503] = "BAD_SEQUENCE";
SmtpResponseCode[SmtpResponseCode["COMMAND_PARAMETER_NOT_IMPLEMENTED"] = 504] = "COMMAND_PARAMETER_NOT_IMPLEMENTED";
SmtpResponseCode[SmtpResponseCode["AUTH_REQUIRED"] = 530] = "AUTH_REQUIRED";
SmtpResponseCode[SmtpResponseCode["AUTH_FAILED"] = 535] = "AUTH_FAILED";
SmtpResponseCode[SmtpResponseCode["MAILBOX_UNAVAILABLE"] = 550] = "MAILBOX_UNAVAILABLE";
SmtpResponseCode[SmtpResponseCode["USER_NOT_LOCAL"] = 551] = "USER_NOT_LOCAL";
SmtpResponseCode[SmtpResponseCode["EXCEEDED_STORAGE"] = 552] = "EXCEEDED_STORAGE";
SmtpResponseCode[SmtpResponseCode["MAILBOX_NAME_INVALID"] = 553] = "MAILBOX_NAME_INVALID";
SmtpResponseCode[SmtpResponseCode["TRANSACTION_FAILED"] = 554] = "TRANSACTION_FAILED";
SmtpResponseCode[SmtpResponseCode["MAIL_RCPT_PARAMETERS_INVALID"] = 555] = "MAIL_RCPT_PARAMETERS_INVALID";
})(SmtpResponseCode || (SmtpResponseCode = {}));
/**
* SMTP Command Types
*/
export var SmtpCommand;
(function (SmtpCommand) {
SmtpCommand["HELO"] = "HELO";
SmtpCommand["EHLO"] = "EHLO";
SmtpCommand["MAIL_FROM"] = "MAIL";
SmtpCommand["RCPT_TO"] = "RCPT";
SmtpCommand["DATA"] = "DATA";
SmtpCommand["RSET"] = "RSET";
SmtpCommand["NOOP"] = "NOOP";
SmtpCommand["QUIT"] = "QUIT";
SmtpCommand["STARTTLS"] = "STARTTLS";
SmtpCommand["AUTH"] = "AUTH";
SmtpCommand["HELP"] = "HELP";
SmtpCommand["VRFY"] = "VRFY";
SmtpCommand["EXPN"] = "EXPN";
})(SmtpCommand || (SmtpCommand = {}));
/**
* Security log event types
*/
export var SecurityEventType;
(function (SecurityEventType) {
SecurityEventType["CONNECTION"] = "connection";
SecurityEventType["AUTHENTICATION"] = "authentication";
SecurityEventType["COMMAND"] = "command";
SecurityEventType["DATA"] = "data";
SecurityEventType["IP_REPUTATION"] = "ip_reputation";
SecurityEventType["TLS_NEGOTIATION"] = "tls_negotiation";
SecurityEventType["DKIM"] = "dkim";
SecurityEventType["SPF"] = "spf";
SecurityEventType["DMARC"] = "dmarc";
SecurityEventType["EMAIL_VALIDATION"] = "email_validation";
SecurityEventType["SPAM"] = "spam";
SecurityEventType["ACCESS_CONTROL"] = "access_control";
})(SecurityEventType || (SecurityEventType = {}));
/**
* Security log levels
*/
export var SecurityLogLevel;
(function (SecurityLogLevel) {
SecurityLogLevel["DEBUG"] = "debug";
SecurityLogLevel["INFO"] = "info";
SecurityLogLevel["WARN"] = "warn";
SecurityLogLevel["ERROR"] = "error";
})(SecurityLogLevel || (SecurityLogLevel = {}));
/**
* SMTP Server Defaults
*/
export const SMTP_DEFAULTS = {
// Default timeouts in milliseconds
CONNECTION_TIMEOUT: 30000, // 30 seconds
SOCKET_TIMEOUT: 300000, // 5 minutes
DATA_TIMEOUT: 60000, // 1 minute
CLEANUP_INTERVAL: 5000, // 5 seconds
// Default limits
MAX_CONNECTIONS: 100,
MAX_RECIPIENTS: 100,
MAX_MESSAGE_SIZE: 10485760, // 10MB
// Default ports
SMTP_PORT: 25,
SUBMISSION_PORT: 587,
SECURE_PORT: 465,
// Default hostname
HOSTNAME: 'mail.lossless.one',
// CRLF line ending required by SMTP protocol
CRLF: '\r\n',
};
/**
* SMTP Command Patterns
* Regular expressions for parsing SMTP commands
*/
export const SMTP_PATTERNS = {
// Match EHLO/HELO command: "EHLO example.com"
// Made very permissive to handle various client implementations
EHLO: /^(?:EHLO|HELO)\s+(.+)$/i,
// Match MAIL FROM command: "MAIL FROM:<user@example.com> [PARAM=VALUE]"
// Made more permissive with whitespace and parameter formats
MAIL_FROM: /^MAIL\s+FROM\s*:\s*<([^>]*)>((?:\s+[a-zA-Z0-9][a-zA-Z0-9\-]*(?:=[^\s]+)?)*)$/i,
// Match RCPT TO command: "RCPT TO:<user@example.com> [PARAM=VALUE]"
// Made more permissive with whitespace and parameter formats
RCPT_TO: /^RCPT\s+TO\s*:\s*<([^>]*)>((?:\s+[a-zA-Z0-9][a-zA-Z0-9\-]*(?:=[^\s]+)?)*)$/i,
// Match parameter format: "PARAM=VALUE"
PARAM: /\s+([A-Za-z0-9][A-Za-z0-9\-]*)(?:=([^\s]+))?/g,
// Match email address format - basic validation
// This pattern rejects common invalid formats while being permissive for edge cases
// Checks: no spaces, has @, has domain with dot, no double dots, proper domain format
EMAIL: /^[^\s@]+@[^\s@]+\.[^\s@]+$/,
// Match end of DATA marker: \r\n.\r\n or just .\r\n at the start of a line (to handle various client implementations)
END_DATA: /(\r\n\.\r\n$)|(\n\.\r\n$)|(\r\n\.\n$)|(\n\.\n$)|^\.(\r\n|\n)$/,
};
/**
* SMTP Extension List
* These extensions are advertised in the EHLO response
*/
export const SMTP_EXTENSIONS = {
// Basic extensions (RFC 1869)
PIPELINING: 'PIPELINING',
SIZE: 'SIZE',
EIGHTBITMIME: '8BITMIME',
// Security extensions
STARTTLS: 'STARTTLS',
AUTH: 'AUTH',
// Additional extensions
ENHANCEDSTATUSCODES: 'ENHANCEDSTATUSCODES',
HELP: 'HELP',
CHUNKING: 'CHUNKING',
DSN: 'DSN',
// Format an extension with a parameter
formatExtension(name, parameter) {
return parameter !== undefined ? `${name} ${parameter}` : name;
}
};
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vdHMvbWFpbC9kZWxpdmVyeS9zbXRwc2VydmVyL2NvbnN0YW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7O0dBR0c7QUFFSCxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFFN0MseURBQXlEO0FBQ3pELE9BQU8sRUFBRSxTQUFTLEVBQUUsQ0FBQztBQUVyQjs7O0dBR0c7QUFDSCxNQUFNLENBQU4sSUFBWSxnQkFxQ1g7QUFyQ0QsV0FBWSxnQkFBZ0I7SUFDMUIsc0JBQXNCO0lBQ3RCLCtEQUFhLENBQUE7SUFDYiwyRUFBbUIsQ0FBQTtJQUNuQix5RUFBa0IsQ0FBQTtJQUNsQiwyRUFBbUIsQ0FBQTtJQUNuQiwrRUFBcUIsQ0FBQTtJQUNyQixtR0FBK0IsQ0FBQTtJQUMvQixxREFBUSxDQUFBO0lBQ1IsK0RBQWEsQ0FBQTtJQUNiLHVFQUFpQixDQUFBO0lBRWpCLDJCQUEyQjtJQUMzQixpRkFBc0IsQ0FBQTtJQUN0QixpRkFBc0IsQ0FBQTtJQUV0Qiw4QkFBOEI7SUFDOUIsMkZBQTJCLENBQUE7SUFDM0IsK0dBQXFDLENBQUE7SUFDckMsdUVBQWlCLENBQUE7SUFDakIseUZBQTBCLENBQUE7SUFDMUIseUZBQTBCLENBQUE7SUFFMUIsOEJBQThCO0lBQzlCLHlFQUFrQixDQUFBO0lBQ2xCLCtGQUE2QixDQUFBO0lBQzdCLCtGQUE2QixDQUFBO0lBQzdCLHlFQUFrQixDQUFBO0lBQ2xCLG1IQUF1QyxDQUFBO0lBQ3ZDLDJFQUFtQixDQUFBO0lBQ25CLHVFQUFpQixDQUFBO0lBQ2pCLHVGQUF5QixDQUFBO0lBQ3pCLDZFQUFvQixDQUFBO0lBQ3BCLGlGQUFzQixDQUFBO0lBQ3RCLHlGQUEwQixDQUFBO0lBQzFCLHFGQUF3QixDQUFBO0lBQ3hCLHlHQUFrQyxDQUFBO0FBQ3BDLENBQUMsRUFyQ1csZ0JBQWdCLEtBQWhCLGdCQUFnQixRQXFDM0I7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLFdBY1g7QUFkRCxXQUFZLFdBQVc7SUFDckIsNEJBQWEsQ0FBQTtJQUNiLDRCQUFhLENBQUE7SUFDYixpQ0FBa0IsQ0FBQTtJQUNsQiwrQkFBZ0IsQ0FBQTtJQUNoQiw0QkFBYSxDQUFBO0lBQ2IsNEJBQWEsQ0FBQTtJQUNiLDRCQUFhLENBQUE7SUFDYiw0QkFBYSxDQUFBO0lBQ2Isb0NBQXFCLENBQUE7SUFDckIsNEJBQWEsQ0FBQTtJQUNiLDRCQUFhLENBQUE7SUFDYiw0QkFBYSxDQUFBO0lBQ2IsNEJBQWEsQ0FBQTtBQUNmLENBQUMsRUFkVyxXQUFXLEtBQVgsV0FBVyxRQWN0QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksaUJBYVg7QUFiRCxXQUFZLGlCQUFpQjtJQUMzQiw4Q0FBeUIsQ0FBQTtJQUN6QixzREFBaUMsQ0FBQTtJQUNqQyx3Q0FBbUIsQ0FBQTtJQUNuQixrQ0FBYSxDQUFBO0lBQ2Isb0RBQStCLENBQUE7SUFDL0Isd0RBQW1DLENBQUE7SUFDbkMsa0NBQWEsQ0FBQTtJQUNiLGdDQUFXLENBQUE7SUFDWCxvQ0FBZSxDQUFBO0lBQ2YsMERBQXFDLENBQUE7SUFDckMsa0NBQWEsQ0FBQTtJQUNiLHNEQUFpQyxDQUFBO0FBQ25DLENBQUMsRUFiVyxpQkFBaUIsS0FBakIsaUJBQWlCLFFBYTVCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxnQkFLWDtBQUxELFdBQVksZ0JBQWdCO0lBQzFCLG1DQUFlLENBQUE7SUFDZixpQ0FBYSxDQUFBO0lBQ2IsaUNBQWEsQ0FBQTtJQUNiLG1DQUFlLENBQUE7QUFDakIsQ0FBQyxFQUxXLGdCQUFnQixLQUFoQixnQkFBZ0IsUUFLM0I7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLGFBQWEsR0FBRztJQUMzQixtQ0FBbUM7SUFDbkMsa0JBQWtCLEVBQUUsS0FBSyxFQUFRLGFBQWE7SUFDOUMsY0FBYyxFQUFFLE1BQU0sRUFBVyxZQUFZO0lBQzdDLFlBQVksRUFBRSxLQUFLLEVBQWMsV0FBVztJQUM1QyxnQkFBZ0IsRUFBRSxJQUFJLEVBQVcsWUFBWTtJQUU3QyxpQkFBaUI7SUFDakIsZUFBZSxFQUFFLEdBQUc7SUFDcEIsY0FBYyxFQUFFLEdBQUc7SUFDbkIsZ0JBQWdCLEVBQUUsUUFBUSxFQUFPLE9BQU87SUFFeEMsZ0JBQWdCO0lBQ2hCLFNBQVMsRUFBRSxFQUFFO0lBQ2IsZUFBZSxFQUFFLEdBQUc7SUFDcEIsV0FBVyxFQUFFLEdBQUc7SUFFaEIsbUJBQW1CO0lBQ25CLFFBQVEsRUFBRSxtQkFBbUI7SUFFN0IsNkNBQTZDO0lBQzdDLElBQUksRUFBRSxNQUFNO0NBQ2IsQ0FBQztBQUVGOzs7R0FHRztBQUNILE1BQU0sQ0FBQyxNQUFNLGFBQWEsR0FBRztJQUMzQiw4Q0FBOEM7SUFDOUMsZ0VBQWdFO0lBQ2hFLElBQUksRUFBRSx5QkFBeUI7SUFFL0Isd0VBQXdFO0lBQ3hFLDZEQUE2RDtJQUM3RCxTQUFTLEVBQUUsK0VBQStFO0lBRTFGLG9FQUFvRTtJQUNwRSw2REFBNkQ7SUFDN0QsT0FBTyxFQUFFLDZFQUE2RTtJQUV0Rix3Q0FBd0M7SUFDeEMsS0FBSyxFQUFFLCtDQUErQztJQUV0RCxnREFBZ0Q7SUFDaEQsb0ZBQW9GO0lBQ3BGLHNGQUFzRjtJQUN0RixLQUFLLEVBQUUsNEJBQTRCO0lBRW5DLHNIQUFzSDtJQUN0SCxRQUFRLEVBQUUsK0RBQStEO0NBQzFFLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSxlQUFlLEdBQUc7SUFDN0IsOEJBQThCO0lBQzlCLFVBQVUsRUFBRSxZQUFZO0lBQ3hCLElBQUksRUFBRSxNQUFNO0lBQ1osWUFBWSxFQUFFLFVBQVU7SUFFeEIsc0JBQXNCO0lBQ3RCLFFBQVEsRUFBRSxVQUFVO0lBQ3BCLElBQUksRUFBRSxNQUFNO0lBRVosd0JBQXdCO0lBQ3hCLG1CQUFtQixFQUFFLHFCQUFxQjtJQUMxQyxJQUFJLEVBQUUsTUFBTTtJQUNaLFFBQVEsRUFBRSxVQUFVO0lBQ3BCLEdBQUcsRUFBRSxLQUFLO0lBRVYsdUNBQXVDO0lBQ3ZDLGVBQWUsQ0FBQyxJQUFZLEVBQUUsU0FBMkI7UUFDdkQsT0FBTyxTQUFTLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxHQUFHLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO0lBQ2pFLENBQUM7Q0FDRixDQUFDIn0=

14
dist_ts/mail/delivery/smtpserver/create-server.d.ts vendored
View File

@@ -1,14 +0,0 @@
/**
* SMTP Server Creation Factory
* Provides a simple way to create a complete SMTP server
*/
import { SmtpServer } from './smtp-server.js';
import type { ISmtpServerOptions } from './interfaces.js';
import { UnifiedEmailServer } from '../../routing/classes.unified.email.server.js';
/**
* Create a complete SMTP server with all components
* @param emailServer - Email server reference
* @param options - SMTP server options
* @returns Configured SMTP server instance
*/
export declare function createSmtpServer(emailServer: UnifiedEmailServer, options: ISmtpServerOptions): SmtpServer;

28
dist_ts/mail/delivery/smtpserver/create-server.js
View File

@@ -1,28 +0,0 @@
/**
* SMTP Server Creation Factory
* Provides a simple way to create a complete SMTP server
*/
import { SmtpServer } from './smtp-server.js';
import { SessionManager } from './session-manager.js';
import { ConnectionManager } from './connection-manager.js';
import { CommandHandler } from './command-handler.js';
import { DataHandler } from './data-handler.js';
import { TlsHandler } from './tls-handler.js';
import { SecurityHandler } from './security-handler.js';
import { UnifiedEmailServer } from '../../routing/classes.unified.email.server.js';
/**
* Create a complete SMTP server with all components
* @param emailServer - Email server reference
* @param options - SMTP server options
* @returns Configured SMTP server instance
*/
export function createSmtpServer(emailServer, options) {
// First create the SMTP server instance
const smtpServer = new SmtpServer({
emailServer,
options
});
// Return the configured server
return smtpServer;
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlLXNlcnZlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL21haWwvZGVsaXZlcnkvc210cHNlcnZlci9jcmVhdGUtc2VydmVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7R0FHRztBQUVILE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDdEQsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDNUQsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ3RELE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUNoRCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFDOUMsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBRXhELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLCtDQUErQyxDQUFDO0FBRW5GOzs7OztHQUtHO0FBQ0gsTUFBTSxVQUFVLGdCQUFnQixDQUFDLFdBQStCLEVBQUUsT0FBMkI7SUFDM0Ysd0NBQXdDO0lBQ3hDLE1BQU0sVUFBVSxHQUFHLElBQUksVUFBVSxDQUFDO1FBQ2hDLFdBQVc7UUFDWCxPQUFPO0tBQ1IsQ0FBQyxDQUFDO0lBRUgsK0JBQStCO0lBQy9CLE9BQU8sVUFBVSxDQUFDO0FBQ3BCLENBQUMifQ==

123
dist_ts/mail/delivery/smtpserver/data-handler.d.ts vendored
View File

@@ -1,123 +0,0 @@
/**
* SMTP Data Handler
* Responsible for processing email data during and after DATA command
*/
import * as plugins from '../../../plugins.js';
import type { ISmtpSession, ISmtpTransactionResult } from './interfaces.js';
import type { IDataHandler, ISmtpServer } from './interfaces.js';
import { Email } from '../../core/classes.email.js';
/**
* Handles SMTP DATA command and email data processing
*/
export declare class DataHandler implements IDataHandler {
/**
* Reference to the SMTP server instance
*/
private smtpServer;
/**
* Creates a new data handler
* @param smtpServer - SMTP server instance
*/
constructor(smtpServer: ISmtpServer);
/**
* Process incoming email data
* @param socket - Client socket
* @param data - Data chunk
* @returns Promise that resolves when the data is processed
*/
processEmailData(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string): Promise<void>;
/**
* Handle raw data chunks during DATA mode (optimized for large messages)
* @param socket - Client socket
* @param data - Raw data chunk
*/
handleDataReceived(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string): Promise<void>;
/**
* Process email data chunks efficiently for large messages
* @param chunks - Array of email data chunks
* @returns Processed email data string
*/
private processEmailDataStreaming;
/**
* Process a complete email
* @param rawData - Raw email data
* @param session - SMTP session
* @returns Promise that resolves with the Email object
*/
processEmail(rawData: string, session: ISmtpSession): Promise<Email>;
/**
* Parse email from raw data
* @param rawData - Raw email data
* @param session - SMTP session
* @returns Email object
*/
private parseEmailFromData;
/**
* Process a complete email (legacy method)
* @param session - SMTP session
* @returns Promise that resolves with the result of the transaction
*/
processEmailLegacy(session: ISmtpSession): Promise<ISmtpTransactionResult>;
/**
* Save an email to disk
* @param session - SMTP session
*/
saveEmail(session: ISmtpSession): void;
/**
* Parse an email into an Email object
* @param session - SMTP session
* @returns Promise that resolves with the parsed Email object
*/
parseEmail(session: ISmtpSession): Promise<Email>;
/**
* Basic fallback method for parsing emails
* @param session - SMTP session
* @returns The parsed Email object
*/
private parseEmailBasic;
/**
* Handle multipart content parsing
* @param email - Email object to update
* @param bodyText - Body text to parse
* @param boundary - MIME boundary
*/
private handleMultipartContent;
/**
* Handle end of data marker received
* @param socket - Client socket
* @param session - SMTP session
*/
private handleEndOfData;
/**
* Reset session after email processing
* @param session - SMTP session
*/
private resetSession;
/**
* Send a response to the client
* @param socket - Client socket
* @param response - Response message
*/
private sendResponse;
/**
* Check if a socket error is potentially recoverable
* @param error - The error that occurred
* @returns Whether the error is potentially recoverable
*/
private isRecoverableSocketError;
/**
* Handle recoverable socket errors with retry logic
* @param socket - Client socket
* @param error - The error that occurred
* @param response - The response that failed to send
*/
private handleSocketError;
/**
* Handle email data (interface requirement)
*/
handleData(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string, session: ISmtpSession): Promise<void>;
/**
* Clean up resources
*/
destroy(): void;
}

1152
dist_ts/mail/delivery/smtpserver/data-handler.js
View File

File diff suppressed because one or more lines are too long

20
dist_ts/mail/delivery/smtpserver/index.d.ts vendored
View File

@@ -1,20 +0,0 @@
/**
* SMTP Server Module Exports
* This file exports all components of the refactored SMTP server
*/
export * from './interfaces.js';
export { SmtpServer } from './smtp-server.js';
export { SessionManager } from './session-manager.js';
export { ConnectionManager } from './connection-manager.js';
export { CommandHandler } from './command-handler.js';
export { DataHandler } from './data-handler.js';
export { TlsHandler } from './tls-handler.js';
export { SecurityHandler } from './security-handler.js';
export * from './constants.js';
export { SmtpLogger } from './utils/logging.js';
export * from './utils/validation.js';
export * from './utils/helpers.js';
export * from './certificate-utils.js';
export * from './secure-server.js';
export * from './starttls-handler.js';
export { createSmtpServer } from './create-server.js';

27
dist_ts/mail/delivery/smtpserver/index.js
View File

@@ -1,27 +0,0 @@
/**
* SMTP Server Module Exports
* This file exports all components of the refactored SMTP server
*/
// Export interfaces
export * from './interfaces.js';
// Export server classes
export { SmtpServer } from './smtp-server.js';
export { SessionManager } from './session-manager.js';
export { ConnectionManager } from './connection-manager.js';
export { CommandHandler } from './command-handler.js';
export { DataHandler } from './data-handler.js';
export { TlsHandler } from './tls-handler.js';
export { SecurityHandler } from './security-handler.js';
// Export constants
export * from './constants.js';
// Export utilities
export { SmtpLogger } from './utils/logging.js';
export * from './utils/validation.js';
export * from './utils/helpers.js';
// Export TLS and certificate utilities
export * from './certificate-utils.js';
export * from './secure-server.js';
export * from './starttls-handler.js';
// Factory function to create a complete SMTP server with default components
export { createSmtpServer } from './create-server.js';
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9tYWlsL2RlbGl2ZXJ5L3NtdHBzZXJ2ZXIvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7OztHQUdHO0FBRUgsb0JBQW9CO0FBQ3BCLGNBQWMsaUJBQWlCLENBQUM7QUFFaEMsd0JBQXdCO0FBQ3hCLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDdEQsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDNUQsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ3RELE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUNoRCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFDOUMsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBRXhELG1CQUFtQjtBQUNuQixjQUFjLGdCQUFnQixDQUFDO0FBRS9CLG1CQUFtQjtBQUNuQixPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFDaEQsY0FBYyx1QkFBdUIsQ0FBQztBQUN0QyxjQUFjLG9CQUFvQixDQUFDO0FBRW5DLHVDQUF1QztBQUN2QyxjQUFjLHdCQUF3QixDQUFDO0FBQ3ZDLGNBQWMsb0JBQW9CLENBQUM7QUFDbkMsY0FBYyx1QkFBdUIsQ0FBQztBQUV0Qyw0RUFBNEU7QUFDNUUsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sb0JBQW9CLENBQUMifQ==

530
dist_ts/mail/delivery/smtpserver/interfaces.d.ts vendored
View File

@@ -1,530 +0,0 @@
/**
* SMTP Server Interfaces
* Defines all the interfaces used by the SMTP server implementation
*/
import * as plugins from '../../../plugins.js';
import type { Email } from '../../core/classes.email.js';
import type { UnifiedEmailServer } from '../../routing/classes.unified.email.server.js';
import { SmtpState } from '../interfaces.js';
import { SmtpCommand } from './constants.js';
export { SmtpState, SmtpCommand };
export type { IEnvelopeRecipient } from '../interfaces.js';
/**
* Interface for components that need cleanup
*/
export interface IDestroyable {
/**
* Clean up all resources (timers, listeners, etc)
*/
destroy(): void | Promise<void>;
}
/**
* SMTP authentication credentials
*/
export interface ISmtpAuth {
/**
* Username for authentication
*/
username: string;
/**
* Password for authentication
*/
password: string;
}
/**
* SMTP envelope (sender and recipients)
*/
export interface ISmtpEnvelope {
/**
* Mail from address
*/
mailFrom: {
address: string;
args?: Record<string, string>;
};
/**
* Recipients list
*/
rcptTo: Array<{
address: string;
args?: Record<string, string>;
}>;
}
/**
* SMTP session representing a client connection
*/
export interface ISmtpSession {
/**
* Unique session identifier
*/
id: string;
/**
* Current state of the SMTP session
*/
state: SmtpState;
/**
* Client's hostname from EHLO/HELO
*/
clientHostname: string | null;
/**
* Whether TLS is active for this session
*/
secure: boolean;
/**
* Authentication status
*/
authenticated: boolean;
/**
* Authentication username if authenticated
*/
username?: string;
/**
* Transaction envelope
*/
envelope: ISmtpEnvelope;
/**
* When the session was created
*/
createdAt: Date;
/**
* Last activity timestamp
*/
lastActivity: number;
/**
* Client's IP address
*/
remoteAddress: string;
/**
* Client's port
*/
remotePort: number;
/**
* Additional session data
*/
data?: Record<string, any>;
/**
* Message size if SIZE extension is used
*/
messageSize?: number;
/**
* Server capabilities advertised to client
*/
capabilities?: string[];
/**
* Buffer for incomplete data
*/
dataBuffer?: string;
/**
* Flag to track if we're currently receiving DATA
*/
receivingData?: boolean;
/**
* The raw email data being received
*/
rawData?: string;
/**
* Greeting sent to client
*/
greeting?: string;
/**
* Whether EHLO has been sent
*/
ehloSent?: boolean;
/**
* Whether HELO has been sent
*/
heloSent?: boolean;
/**
* TLS options for this session
*/
tlsOptions?: any;
/**
* Whether TLS is being used
*/
useTLS?: boolean;
/**
* Mail from address for this transaction
*/
mailFrom?: string;
/**
* Recipients for this transaction
*/
rcptTo?: string[];
/**
* Email data being received
*/
emailData?: string;
/**
* Chunks of email data
*/
emailDataChunks?: string[];
/**
* Timeout ID for data reception
*/
dataTimeoutId?: NodeJS.Timeout;
/**
* Whether connection has ended
*/
connectionEnded?: boolean;
/**
* Size of email data being received
*/
emailDataSize?: number;
/**
* Processing mode for this session
*/
processingMode?: string;
}
/**
* Session manager interface
*/
export interface ISessionManager extends IDestroyable {
/**
* Create a new session for a socket
*/
createSession(socket: plugins.net.Socket | plugins.tls.TLSSocket, secure?: boolean): ISmtpSession;
/**
* Get session by socket
*/
getSession(socket: plugins.net.Socket | plugins.tls.TLSSocket): ISmtpSession | undefined;
/**
* Update session state
*/
updateSessionState(session: ISmtpSession, newState: SmtpState): void;
/**
* Remove a session
*/
removeSession(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Clear all sessions
*/
clearAllSessions(): void;
/**
* Get all active sessions
*/
getAllSessions(): ISmtpSession[];
/**
* Get session count
*/
getSessionCount(): number;
/**
* Update last activity for a session
*/
updateLastActivity(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Check for timed out sessions
*/
checkTimeouts(timeoutMs: number): ISmtpSession[];
/**
* Update session activity timestamp
*/
updateSessionActivity(session: ISmtpSession): void;
/**
* Replace socket in session (for TLS upgrade)
*/
replaceSocket(oldSocket: plugins.net.Socket | plugins.tls.TLSSocket, newSocket: plugins.net.Socket | plugins.tls.TLSSocket): boolean;
}
/**
* Connection manager interface
*/
export interface IConnectionManager extends IDestroyable {
/**
* Handle a new connection
*/
handleConnection(socket: plugins.net.Socket | plugins.tls.TLSSocket, secure: boolean): Promise<void>;
/**
* Close all active connections
*/
closeAllConnections(): void;
/**
* Get active connection count
*/
getConnectionCount(): number;
/**
* Check if accepting new connections
*/
canAcceptConnection(): boolean;
/**
* Handle new connection (legacy method name)
*/
handleNewConnection(socket: plugins.net.Socket): Promise<void>;
/**
* Handle new secure connection (legacy method name)
*/
handleNewSecureConnection(socket: plugins.tls.TLSSocket): Promise<void>;
/**
* Setup socket event handlers
*/
setupSocketEventHandlers(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
}
/**
* Command handler interface
*/
export interface ICommandHandler extends IDestroyable {
/**
* Handle an SMTP command
*/
handleCommand(socket: plugins.net.Socket | plugins.tls.TLSSocket, command: SmtpCommand, args: string, session: ISmtpSession): Promise<void>;
/**
* Get supported commands for current session state
*/
getSupportedCommands(session: ISmtpSession): SmtpCommand[];
/**
* Process command (legacy method name)
*/
processCommand(socket: plugins.net.Socket | plugins.tls.TLSSocket, command: string): Promise<void>;
}
/**
* Data handler interface
*/
export interface IDataHandler extends IDestroyable {
/**
* Handle email data
*/
handleData(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string, session: ISmtpSession): Promise<void>;
/**
* Process a complete email
*/
processEmail(rawData: string, session: ISmtpSession): Promise<Email>;
/**
* Handle data received (legacy method name)
*/
handleDataReceived(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string): Promise<void>;
/**
* Process email data (legacy method name)
*/
processEmailData(socket: plugins.net.Socket | plugins.tls.TLSSocket, data: string): Promise<void>;
}
/**
* TLS handler interface
*/
export interface ITlsHandler extends IDestroyable {
/**
* Handle STARTTLS command
*/
handleStartTls(socket: plugins.net.Socket, session: ISmtpSession): Promise<plugins.tls.TLSSocket | null>;
/**
* Check if TLS is available
*/
isTlsAvailable(): boolean;
/**
* Get TLS options
*/
getTlsOptions(): plugins.tls.TlsOptions;
/**
* Check if TLS is enabled
*/
isTlsEnabled(): boolean;
}
/**
* Security handler interface
*/
export interface ISecurityHandler extends IDestroyable {
/**
* Check IP reputation
*/
checkIpReputation(socket: plugins.net.Socket | plugins.tls.TLSSocket): Promise<boolean>;
/**
* Validate email address
*/
isValidEmail(email: string): boolean;
/**
* Authenticate user
*/
authenticate(auth: ISmtpAuth): Promise<boolean>;
}
/**
* SMTP server options
*/
export interface ISmtpServerOptions {
/**
* Port to listen on
*/
port: number;
/**
* Hostname of the server
*/
hostname: string;
/**
* Host to bind to (optional, defaults to 0.0.0.0)
*/
host?: string;
/**
* Secure port for TLS connections
*/
securePort?: number;
/**
* TLS/SSL private key (PEM format)
*/
key?: string;
/**
* TLS/SSL certificate (PEM format)
*/
cert?: string;
/**
* CA certificates for TLS (PEM format)
*/
ca?: string;
/**
* Maximum size of messages in bytes
*/
maxSize?: number;
/**
* Maximum number of concurrent connections
*/
maxConnections?: number;
/**
* Authentication options
*/
auth?: {
/**
* Whether authentication is required
*/
required: boolean;
/**
* Allowed authentication methods
*/
methods: ('PLAIN' | 'LOGIN' | 'OAUTH2')[];
};
/**
* Socket timeout in milliseconds (default: 5 minutes / 300000ms)
*/
socketTimeout?: number;
/**
* Initial connection timeout in milliseconds (default: 30 seconds / 30000ms)
*/
connectionTimeout?: number;
/**
* Interval for checking idle sessions in milliseconds (default: 5 seconds / 5000ms)
* For testing, can be set lower (e.g. 1000ms) to detect timeouts more quickly
*/
cleanupInterval?: number;
/**
* Maximum number of recipients allowed per message (default: 100)
*/
maxRecipients?: number;
/**
* Maximum message size in bytes (default: 10MB / 10485760 bytes)
* This is advertised in the EHLO SIZE extension
*/
size?: number;
/**
* Timeout for the DATA command in milliseconds (default: 60000ms / 1 minute)
* This controls how long to wait for the complete email data
*/
dataTimeout?: number;
}
/**
* Result of SMTP transaction
*/
export interface ISmtpTransactionResult {
/**
* Whether the transaction was successful
*/
success: boolean;
/**
* Error message if failed
*/
error?: string;
/**
* Message ID if successful
*/
messageId?: string;
/**
* Resulting email if successful
*/
email?: Email;
}
/**
* Interface for SMTP session events
* These events are emitted by the session manager
*/
export interface ISessionEvents {
created: (session: ISmtpSession, socket: plugins.net.Socket | plugins.tls.TLSSocket) => void;
stateChanged: (session: ISmtpSession, previousState: SmtpState, newState: SmtpState) => void;
timeout: (session: ISmtpSession, socket: plugins.net.Socket | plugins.tls.TLSSocket) => void;
completed: (session: ISmtpSession, socket: plugins.net.Socket | plugins.tls.TLSSocket) => void;
error: (session: ISmtpSession, error: Error) => void;
}
/**
* SMTP Server interface
*/
export interface ISmtpServer extends IDestroyable {
/**
* Start the SMTP server
*/
listen(): Promise<void>;
/**
* Stop the SMTP server
*/
close(): Promise<void>;
/**
* Get the session manager
*/
getSessionManager(): ISessionManager;
/**
* Get the connection manager
*/
getConnectionManager(): IConnectionManager;
/**
* Get the command handler
*/
getCommandHandler(): ICommandHandler;
/**
* Get the data handler
*/
getDataHandler(): IDataHandler;
/**
* Get the TLS handler
*/
getTlsHandler(): ITlsHandler;
/**
* Get the security handler
*/
getSecurityHandler(): ISecurityHandler;
/**
* Get the server options
*/
getOptions(): ISmtpServerOptions;
/**
* Get the email server reference
*/
getEmailServer(): UnifiedEmailServer;
}
/**
* Configuration for creating SMTP server
*/
export interface ISmtpServerConfig {
/**
* Email server instance
*/
emailServer: UnifiedEmailServer;
/**
* Server options
*/
options: ISmtpServerOptions;
/**
* Optional custom session manager
*/
sessionManager?: ISessionManager;
/**
* Optional custom connection manager
*/
connectionManager?: IConnectionManager;
/**
* Optional custom command handler
*/
commandHandler?: ICommandHandler;
/**
* Optional custom data handler
*/
dataHandler?: IDataHandler;
/**
* Optional custom TLS handler
*/
tlsHandler?: ITlsHandler;
/**
* Optional custom security handler
*/
securityHandler?: ISecurityHandler;
}

10
dist_ts/mail/delivery/smtpserver/interfaces.js
View File

@@ -1,10 +0,0 @@
/**
* SMTP Server Interfaces
* Defines all the interfaces used by the SMTP server implementation
*/
import * as plugins from '../../../plugins.js';
// Re-export types from other modules
import { SmtpState } from '../interfaces.js';
import { SmtpCommand } from './constants.js';
export { SmtpState, SmtpCommand };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZXJmYWNlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL21haWwvZGVsaXZlcnkvc210cHNlcnZlci9pbnRlcmZhY2VzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7R0FHRztBQUVILE9BQU8sS0FBSyxPQUFPLE1BQU0scUJBQXFCLENBQUM7QUFJL0MsdUNBQXVDO0FBQ3ZDLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM3QyxPQUFPLEVBQUUsV0FBVyxFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFDN0MsT0FBTyxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQyJ9

15
dist_ts/mail/delivery/smtpserver/secure-server.d.ts vendored
View File

@@ -1,15 +0,0 @@
/**
* Secure SMTP Server Utility Functions
* Provides helper functions for creating and managing secure TLS server
*/
import * as plugins from '../../../plugins.js';
/**
* Create a secure TLS server for direct TLS connections
* @param options - TLS certificate options
* @returns A configured TLS server or undefined if TLS is not available
*/
export declare function createSecureTlsServer(options: {
key: string;
cert: string;
ca?: string;
}): plugins.tls.Server | undefined;

79
dist_ts/mail/delivery/smtpserver/secure-server.js
View File

@@ -1,79 +0,0 @@
/**
* Secure SMTP Server Utility Functions
* Provides helper functions for creating and managing secure TLS server
*/
import * as plugins from '../../../plugins.js';
import { loadCertificatesFromString, generateSelfSignedCertificates, createTlsOptions } from './certificate-utils.js';
import { SmtpLogger } from './utils/logging.js';
/**
* Create a secure TLS server for direct TLS connections
* @param options - TLS certificate options
* @returns A configured TLS server or undefined if TLS is not available
*/
export function createSecureTlsServer(options) {
try {
// Log the creation attempt
SmtpLogger.info('Creating secure TLS server for direct connections');
// Load certificates from strings
let certificates;
try {
certificates = loadCertificatesFromString({
key: options.key,
cert: options.cert,
ca: options.ca
});
SmtpLogger.info('Successfully loaded TLS certificates for secure server');
}
catch (certificateError) {
SmtpLogger.warn(`Failed to load certificates, using self-signed: ${certificateError instanceof Error ? certificateError.message : String(certificateError)}`);
certificates = generateSelfSignedCertificates();
}
// Create server-side TLS options
const tlsOptions = createTlsOptions(certificates, true);
// Log details for debugging
SmtpLogger.debug('Creating secure server with options', {
certificates: {
keyLength: certificates.key.length,
certLength: certificates.cert.length,
caLength: certificates.ca ? certificates.ca.length : 0
},
tlsOptions: {
minVersion: tlsOptions.minVersion,
maxVersion: tlsOptions.maxVersion,
ciphers: tlsOptions.ciphers?.substring(0, 50) + '...' // Truncate long cipher list
}
});
// Create the TLS server
const server = new plugins.tls.Server(tlsOptions);
// Set up error handlers
server.on('error', (err) => {
SmtpLogger.error(`Secure server error: ${err.message}`, {
component: 'secure-server',
error: err,
stack: err.stack
});
});
// Log secure connections
server.on('secureConnection', (socket) => {
const protocol = socket.getProtocol();
const cipher = socket.getCipher();
SmtpLogger.info('New direct TLS connection established', {
component: 'secure-server',
remoteAddress: socket.remoteAddress,
remotePort: socket.remotePort,
protocol: protocol || 'unknown',
cipher: cipher?.name || 'unknown'
});
});
return server;
}
catch (error) {
SmtpLogger.error(`Failed to create secure TLS server: ${error instanceof Error ? error.message : String(error)}`, {
component: 'secure-server',
error: error instanceof Error ? error : new Error(String(error)),
stack: error instanceof Error ? error.stack : 'No stack trace available'
});
return undefined;
}
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJlLXNlcnZlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL21haWwvZGVsaXZlcnkvc210cHNlcnZlci9zZWN1cmUtc2VydmVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7R0FHRztBQUVILE9BQU8sS0FBSyxPQUFPLE1BQU0scUJBQXFCLENBQUM7QUFDL0MsT0FBTyxFQUNMLDBCQUEwQixFQUMxQiw4QkFBOEIsRUFDOUIsZ0JBQWdCLEVBRWpCLE1BQU0sd0JBQXdCLENBQUM7QUFDaEMsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBRWhEOzs7O0dBSUc7QUFDSCxNQUFNLFVBQVUscUJBQXFCLENBQUMsT0FJckM7SUFDQyxJQUFJLENBQUM7UUFDSCwyQkFBMkI7UUFDM0IsVUFBVSxDQUFDLElBQUksQ0FBQyxtREFBbUQsQ0FBQyxDQUFDO1FBRXJFLGlDQUFpQztRQUNqQyxJQUFJLFlBQThCLENBQUM7UUFDbkMsSUFBSSxDQUFDO1lBQ0gsWUFBWSxHQUFHLDBCQUEwQixDQUFDO2dCQUN4QyxHQUFHLEVBQUUsT0FBTyxDQUFDLEdBQUc7Z0JBQ2hCLElBQUksRUFBRSxPQUFPLENBQUMsSUFBSTtnQkFDbEIsRUFBRSxFQUFFLE9BQU8sQ0FBQyxFQUFFO2FBQ2YsQ0FBQyxDQUFDO1lBRUgsVUFBVSxDQUFDLElBQUksQ0FBQyx3REFBd0QsQ0FBQyxDQUFDO1FBQzVFLENBQUM7UUFBQyxPQUFPLGdCQUFnQixFQUFFLENBQUM7WUFDMUIsVUFBVSxDQUFDLElBQUksQ0FBQyxtREFBbUQsZ0JBQWdCLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUM5SixZQUFZLEdBQUcsOEJBQThCLEVBQUUsQ0FBQztRQUNsRCxDQUFDO1FBRUQsaUNBQWlDO1FBQ2pDLE1BQU0sVUFBVSxHQUFHLGdCQUFnQixDQUFDLFlBQVksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUV4RCw0QkFBNEI7UUFDNUIsVUFBVSxDQUFDLEtBQUssQ0FBQyxxQ0FBcUMsRUFBRTtZQUN0RCxZQUFZLEVBQUU7Z0JBQ1osU0FBUyxFQUFFLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTTtnQkFDbEMsVUFBVSxFQUFFLFlBQVksQ0FBQyxJQUFJLENBQUMsTUFBTTtnQkFDcEMsUUFBUSxFQUFFLFlBQVksQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO2FBQ3ZEO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLFVBQVUsRUFBRSxVQUFVLENBQUMsVUFBVTtnQkFDakMsVUFBVSxFQUFFLFVBQVUsQ0FBQyxVQUFVO2dCQUNqQyxPQUFPLEVBQUUsVUFBVSxDQUFDLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLEtBQUssQ0FBQyw0QkFBNEI7YUFDbkY7U0FDRixDQUFDLENBQUM7UUFFSCx3QkFBd0I7UUFDeEIsTUFBTSxNQUFNLEdBQUcsSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUVsRCx3QkFBd0I7UUFDeEIsTUFBTSxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUN6QixVQUFVLENBQUMsS0FBSyxDQUFDLHdCQUF3QixHQUFHLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQ3RELFNBQVMsRUFBRSxlQUFlO2dCQUMxQixLQUFLLEVBQUUsR0FBRztnQkFDVixLQUFLLEVBQUUsR0FBRyxDQUFDLEtBQUs7YUFDakIsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDLENBQUM7UUFFSCx5QkFBeUI7UUFDekIsTUFBTSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDLE1BQU0sRUFBRSxFQUFFO1lBQ3ZDLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN0QyxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsU0FBUyxFQUFFLENBQUM7WUFFbEMsVUFBVSxDQUFDLElBQUksQ0FBQyx1Q0FBdUMsRUFBRTtnQkFDdkQsU0FBUyxFQUFFLGVBQWU7Z0JBQzFCLGFBQWEsRUFBRSxNQUFNLENBQUMsYUFBYTtnQkFDbkMsVUFBVSxFQUFFLE1BQU0sQ0FBQyxVQUFVO2dCQUM3QixRQUFRLEVBQUUsUUFBUSxJQUFJLFNBQVM7Z0JBQy9CLE1BQU0sRUFBRSxNQUFNLEVBQUUsSUFBSSxJQUFJLFNBQVM7YUFDbEMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLFVBQVUsQ0FBQyxLQUFLLENBQUMsdUNBQXVDLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBRSxFQUFFO1lBQ2hILFNBQVMsRUFBRSxlQUFlO1lBQzFCLEtBQUssRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUNoRSxLQUFLLEVBQUUsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsMEJBQTBCO1NBQ3pFLENBQUMsQ0FBQztRQUVILE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7QUFDSCxDQUFDIn0=

86
dist_ts/mail/delivery/smtpserver/security-handler.d.ts vendored
View File

@@ -1,86 +0,0 @@
/**
* SMTP Security Handler
* Responsible for security aspects including IP reputation checking,
* email validation, and authentication
*/
import * as plugins from '../../../plugins.js';
import type { ISmtpAuth } from './interfaces.js';
import type { ISecurityHandler, ISmtpServer } from './interfaces.js';
/**
* Handles security aspects for SMTP server
*/
export declare class SecurityHandler implements ISecurityHandler {
/**
* Reference to the SMTP server instance
*/
private smtpServer;
/**
* IP reputation checker service
*/
private ipReputationService;
/**
* Simple in-memory IP denylist
*/
private ipDenylist;
/**
* Cleanup interval timer
*/
private cleanupInterval;
/**
* Creates a new security handler
* @param smtpServer - SMTP server instance
*/
constructor(smtpServer: ISmtpServer);
/**
* Check IP reputation for a connection
* @param socket - Client socket
* @returns Promise that resolves to true if IP is allowed, false if blocked
*/
checkIpReputation(socket: plugins.net.Socket | plugins.tls.TLSSocket): Promise<boolean>;
/**
* Validate an email address
* @param email - Email address to validate
* @returns Whether the email address is valid
*/
isValidEmail(email: string): boolean;
/**
* Validate authentication credentials
* @param auth - Authentication credentials
* @returns Promise that resolves to true if authenticated
*/
authenticate(auth: ISmtpAuth): Promise<boolean>;
/**
* Log a security event
* @param event - Event type
* @param level - Log level
* @param details - Event details
*/
logSecurityEvent(event: string, level: string, message: string, details: Record<string, any>): void;
/**
* Add an IP to the denylist
* @param ip - IP address
* @param reason - Reason for denylisting
* @param duration - Duration in milliseconds (optional, indefinite if not specified)
*/
private addToDenylist;
/**
* Check if an IP is denylisted
* @param ip - IP address
* @returns Whether the IP is denylisted
*/
private isIpDenylisted;
/**
* Get the reason an IP was denylisted
* @param ip - IP address
* @returns Reason for denylisting or undefined if not denylisted
*/
private getDenylistReason;
/**
* Clean expired denylist entries
*/
private cleanExpiredDenylistEntries;
/**
* Clean up resources
*/
destroy(): void;
}

242
dist_ts/mail/delivery/smtpserver/security-handler.js
View File

File diff suppressed because one or more lines are too long

140
dist_ts/mail/delivery/smtpserver/session-manager.d.ts vendored
View File

@@ -1,140 +0,0 @@
/**
* SMTP Session Manager
* Responsible for creating, managing, and cleaning up SMTP sessions
*/
import * as plugins from '../../../plugins.js';
import { SmtpState } from './interfaces.js';
import type { ISmtpSession } from './interfaces.js';
import type { ISessionManager, ISessionEvents } from './interfaces.js';
/**
* Manager for SMTP sessions
* Handles session creation, tracking, timeout management, and cleanup
*/
export declare class SessionManager implements ISessionManager {
/**
* Map of socket ID to session
*/
private sessions;
/**
* Map of socket to socket ID
*/
private socketIds;
/**
* SMTP server options
*/
private options;
/**
* Event listeners
*/
private eventListeners;
/**
* Timer for cleanup interval
*/
private cleanupTimer;
/**
* Creates a new session manager
* @param options - Session manager options
*/
constructor(options?: {
socketTimeout?: number;
connectionTimeout?: number;
cleanupInterval?: number;
});
/**
* Creates a new session for a socket connection
* @param socket - Client socket
* @param secure - Whether the connection is secure (TLS)
* @returns New SMTP session
*/
createSession(socket: plugins.net.Socket | plugins.tls.TLSSocket, secure: boolean): ISmtpSession;
/**
* Updates the session state
* @param session - SMTP session
* @param newState - New state
*/
updateSessionState(session: ISmtpSession, newState: SmtpState): void;
/**
* Updates the session's last activity timestamp
* @param session - SMTP session
*/
updateSessionActivity(session: ISmtpSession): void;
/**
* Removes a session
* @param socket - Client socket
*/
removeSession(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Gets a session for a socket
* @param socket - Client socket
* @returns SMTP session or undefined if not found
*/
getSession(socket: plugins.net.Socket | plugins.tls.TLSSocket): ISmtpSession | undefined;
/**
* Cleans up idle sessions
*/
cleanupIdleSessions(): void;
/**
* Gets the current number of active sessions
* @returns Number of active sessions
*/
getSessionCount(): number;
/**
* Clears all sessions (used when shutting down)
*/
clearAllSessions(): void;
/**
* Register an event listener
* @param event - Event name
* @param listener - Event listener function
*/
on<K extends keyof ISessionEvents>(event: K, listener: ISessionEvents[K]): void;
/**
* Remove an event listener
* @param event - Event name
* @param listener - Event listener function
*/
off<K extends keyof ISessionEvents>(event: K, listener: ISessionEvents[K]): void;
/**
* Emit an event to registered listeners
* @param event - Event name
* @param args - Event arguments
*/
private emitEvent;
/**
* Start the cleanup timer
*/
private startCleanupTimer;
/**
* Stop the cleanup timer
*/
private stopCleanupTimer;
/**
* Replace socket mapping for STARTTLS upgrades
* @param oldSocket - Original plain socket
* @param newSocket - New TLS socket
* @returns Whether the replacement was successful
*/
replaceSocket(oldSocket: plugins.net.Socket | plugins.tls.TLSSocket, newSocket: plugins.net.Socket | plugins.tls.TLSSocket): boolean;
/**
* Gets a unique key for a socket
* @param socket - Client socket
* @returns Socket key
*/
private getSocketKey;
/**
* Get all active sessions
*/
getAllSessions(): ISmtpSession[];
/**
* Update last activity for a session by socket
*/
updateLastActivity(socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Check for timed out sessions
*/
checkTimeouts(timeoutMs: number): ISmtpSession[];
/**
* Clean up resources
*/
destroy(): void;
}

473
dist_ts/mail/delivery/smtpserver/session-manager.js
View File

File diff suppressed because one or more lines are too long

137
dist_ts/mail/delivery/smtpserver/smtp-server.d.ts vendored
View File

@@ -1,137 +0,0 @@
/**
* SMTP Server
* Core implementation for the refactored SMTP server
*/
import type { ISmtpServerOptions } from './interfaces.js';
import type { ISmtpServer, ISmtpServerConfig, ISessionManager, IConnectionManager, ICommandHandler, IDataHandler, ITlsHandler, ISecurityHandler } from './interfaces.js';
import { UnifiedEmailServer } from '../../routing/classes.unified.email.server.js';
/**
* SMTP Server implementation
* The main server class that coordinates all components
*/
export declare class SmtpServer implements ISmtpServer {
/**
* Email server reference
*/
private emailServer;
/**
* Session manager
*/
private sessionManager;
/**
* Connection manager
*/
private connectionManager;
/**
* Command handler
*/
private commandHandler;
/**
* Data handler
*/
private dataHandler;
/**
* TLS handler
*/
private tlsHandler;
/**
* Security handler
*/
private securityHandler;
/**
* SMTP server options
*/
private options;
/**
* Net server instance
*/
private server;
/**
* Secure server instance
*/
private secureServer;
/**
* Whether the server is running
*/
private running;
/**
* Server recovery state
*/
private recoveryState;
/**
* Creates a new SMTP server
* @param config - Server configuration
*/
constructor(config: ISmtpServerConfig);
/**
* Start the SMTP server
* @returns Promise that resolves when server is started
*/
listen(): Promise<void>;
/**
* Stop the SMTP server
* @returns Promise that resolves when server is stopped
*/
close(): Promise<void>;
/**
* Get the session manager
* @returns Session manager instance
*/
getSessionManager(): ISessionManager;
/**
* Get the connection manager
* @returns Connection manager instance
*/
getConnectionManager(): IConnectionManager;
/**
* Get the command handler
* @returns Command handler instance
*/
getCommandHandler(): ICommandHandler;
/**
* Get the data handler
* @returns Data handler instance
*/
getDataHandler(): IDataHandler;
/**
* Get the TLS handler
* @returns TLS handler instance
*/
getTlsHandler(): ITlsHandler;
/**
* Get the security handler
* @returns Security handler instance
*/
getSecurityHandler(): ISecurityHandler;
/**
* Get the server options
* @returns SMTP server options
*/
getOptions(): ISmtpServerOptions;
/**
* Get the email server reference
* @returns Email server instance
*/
getEmailServer(): UnifiedEmailServer;
/**
* Check if the server is running
* @returns Whether the server is running
*/
isRunning(): boolean;
/**
* Check if we should attempt to recover from an error
* @param error - The error that occurred
* @returns Whether recovery should be attempted
*/
private shouldAttemptRecovery;
/**
* Attempt to recover the server after a critical error
* @param serverType - The type of server to recover ('standard' or 'secure')
* @param error - The error that triggered recovery
*/
private attemptServerRecovery;
/**
* Clean up all component resources
*/
destroy(): Promise<void>;
}

698
dist_ts/mail/delivery/smtpserver/smtp-server.js
View File

File diff suppressed because one or more lines are too long

21
dist_ts/mail/delivery/smtpserver/starttls-handler.d.ts vendored
View File

@@ -1,21 +0,0 @@
/**
* STARTTLS Implementation
* Provides an improved implementation for STARTTLS upgrades
*/
import * as plugins from '../../../plugins.js';
import type { ISmtpSession, ISessionManager, IConnectionManager } from './interfaces.js';
import { SmtpState } from '../interfaces.js';
/**
* Enhanced STARTTLS handler for more reliable TLS upgrades
*/
export declare function performStartTLS(socket: plugins.net.Socket, options: {
key: string;
cert: string;
ca?: string;
session?: ISmtpSession;
sessionManager?: ISessionManager;
connectionManager?: IConnectionManager;
onSuccess?: (tlsSocket: plugins.tls.TLSSocket) => void;
onFailure?: (error: Error) => void;
updateSessionState?: (session: ISmtpSession, state: SmtpState) => void;
}): Promise<plugins.tls.TLSSocket | undefined>;

207
dist_ts/mail/delivery/smtpserver/starttls-handler.js
View File

File diff suppressed because one or more lines are too long

66
dist_ts/mail/delivery/smtpserver/tls-handler.d.ts vendored
View File

@@ -1,66 +0,0 @@
/**
* SMTP TLS Handler
* Responsible for handling TLS-related SMTP functionality
*/
import * as plugins from '../../../plugins.js';
import type { ITlsHandler, ISmtpServer, ISmtpSession } from './interfaces.js';
/**
* Handles TLS functionality for SMTP server
*/
export declare class TlsHandler implements ITlsHandler {
/**
* Reference to the SMTP server instance
*/
private smtpServer;
/**
* Certificate data
*/
private certificates;
/**
* TLS options
*/
private options;
/**
* Creates a new TLS handler
* @param smtpServer - SMTP server instance
*/
constructor(smtpServer: ISmtpServer);
/**
* Handle STARTTLS command
* @param socket - Client socket
*/
handleStartTls(socket: plugins.net.Socket, session: ISmtpSession): Promise<plugins.tls.TLSSocket | null>;
/**
* Upgrade a connection to TLS
* @param socket - Client socket
*/
startTLS(socket: plugins.net.Socket): Promise<plugins.tls.TLSSocket>;
/**
* Create a secure server
* @returns TLS server instance or undefined if TLS is not enabled
*/
createSecureServer(): plugins.tls.Server | undefined;
/**
* Check if TLS is enabled
* @returns Whether TLS is enabled
*/
isTlsEnabled(): boolean;
/**
* Send a response to the client
* @param socket - Client socket
* @param response - Response message
*/
private sendResponse;
/**
* Check if TLS is available (interface requirement)
*/
isTlsAvailable(): boolean;
/**
* Get TLS options (interface requirement)
*/
getTlsOptions(): plugins.tls.TlsOptions;
/**
* Clean up resources
*/
destroy(): void;
}

273
dist_ts/mail/delivery/smtpserver/tls-handler.js
View File

File diff suppressed because one or more lines are too long

117
dist_ts/mail/delivery/smtpserver/utils/adaptive-logging.d.ts vendored
View File

@@ -1,117 +0,0 @@
/**
* Adaptive SMTP Logging System
* Automatically switches between logging modes based on server load (active connections)
* to maintain performance during high-concurrency scenarios
*/
import * as plugins from '../../../../plugins.js';
import { SecurityLogLevel, SecurityEventType } from '../constants.js';
import type { ISmtpSession } from '../interfaces.js';
import type { LogLevel, ISmtpLogOptions } from './logging.js';
/**
* Log modes based on server load
*/
export declare enum LogMode {
VERBOSE = "VERBOSE",// < 20 connections: Full detailed logging
REDUCED = "REDUCED",// 20-40 connections: Limited command/response logging, full error logging
MINIMAL = "MINIMAL"
}
/**
* Configuration for adaptive logging thresholds
*/
export interface IAdaptiveLogConfig {
verboseThreshold: number;
reducedThreshold: number;
aggregationInterval: number;
maxAggregatedEntries: number;
}
/**
* Connection metadata for aggregation tracking
*/
interface IConnectionTracker {
activeConnections: number;
peakConnections: number;
totalConnections: number;
connectionsPerSecond: number;
lastConnectionTime: number;
}
/**
* Adaptive SMTP Logger that scales logging based on server load
*/
export declare class AdaptiveSmtpLogger {
private static instance;
private currentMode;
private config;
private aggregatedEntries;
private aggregationTimer;
private connectionTracker;
private constructor();
/**
* Get singleton instance
*/
static getInstance(config?: Partial<IAdaptiveLogConfig>): AdaptiveSmtpLogger;
/**
* Update active connection count and adjust log mode if needed
*/
updateConnectionCount(activeConnections: number): void;
/**
* Track new connection for rate calculation
*/
trackConnection(): void;
/**
* Get current logging mode
*/
getCurrentMode(): LogMode;
/**
* Get connection statistics
*/
getConnectionStats(): IConnectionTracker;
/**
* Log a message with adaptive behavior
*/
log(level: LogLevel, message: string, options?: ISmtpLogOptions): void;
/**
* Log command with adaptive behavior
*/
logCommand(command: string, socket: plugins.net.Socket | plugins.tls.TLSSocket, session?: ISmtpSession): void;
/**
* Log response with adaptive behavior
*/
logResponse(response: string, socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Log connection event with adaptive behavior
*/
logConnection(socket: plugins.net.Socket | plugins.tls.TLSSocket, eventType: 'connect' | 'close' | 'error', session?: ISmtpSession, error?: Error): void;
/**
* Log security event (always logged regardless of mode)
*/
logSecurityEvent(level: SecurityLogLevel, type: SecurityEventType, message: string, details: Record<string, any>, ipAddress?: string, domain?: string, success?: boolean): void;
/**
* Determine appropriate log mode based on connection count
*/
private determineLogMode;
/**
* Switch to a new log mode
*/
private switchLogMode;
/**
* Add entry to aggregation buffer
*/
private aggregateEntry;
/**
* Start the aggregation timer
*/
private startAggregationTimer;
/**
* Flush aggregated entries to logs
*/
private flushAggregatedEntries;
/**
* Cleanup resources
*/
destroy(): void;
}
/**
* Default instance for easy access
*/
export declare const adaptiveLogger: AdaptiveSmtpLogger;
export {};

413
dist_ts/mail/delivery/smtpserver/utils/adaptive-logging.js
View File

File diff suppressed because one or more lines are too long

78
dist_ts/mail/delivery/smtpserver/utils/helpers.d.ts vendored
View File

@@ -1,78 +0,0 @@
/**
* SMTP Helper Functions
* Provides utility functions for SMTP server implementation
*/
import * as plugins from '../../../../plugins.js';
import type { ISmtpServerOptions } from '../interfaces.js';
/**
* Formats a multi-line SMTP response according to RFC 5321
* @param code - Response code
* @param lines - Response lines
* @returns Formatted SMTP response
*/
export declare function formatMultilineResponse(code: number, lines: string[]): string;
/**
* Generates a unique session ID
* @returns Unique session ID
*/
export declare function generateSessionId(): string;
/**
* Safely parses an integer from string with a default value
* @param value - String value to parse
* @param defaultValue - Default value if parsing fails
* @returns Parsed integer or default value
*/
export declare function safeParseInt(value: string | undefined, defaultValue: number): number;
/**
* Safely gets the socket details
* @param socket - Socket to get details from
* @returns Socket details object
*/
export declare function getSocketDetails(socket: plugins.net.Socket | plugins.tls.TLSSocket): {
remoteAddress: string;
remotePort: number;
remoteFamily: string;
localAddress: string;
localPort: number;
encrypted: boolean;
};
/**
* Gets TLS details if socket is TLS
* @param socket - Socket to get TLS details from
* @returns TLS details or undefined if not TLS
*/
export declare function getTlsDetails(socket: plugins.net.Socket | plugins.tls.TLSSocket): {
protocol?: string;
cipher?: string;
authorized?: boolean;
} | undefined;
/**
* Merges default options with provided options
* @param options - User provided options
* @returns Merged options with defaults
*/
export declare function mergeWithDefaults(options: Partial<ISmtpServerOptions>): ISmtpServerOptions;
/**
* Creates a text response formatter for the SMTP server
* @param socket - Socket to send responses to
* @returns Function to send formatted response
*/
export declare function createResponseFormatter(socket: plugins.net.Socket | plugins.tls.TLSSocket): (response: string) => void;
/**
* Extracts SMTP command name from a command line
* @param commandLine - Full command line
* @returns Command name in uppercase
*/
export declare function extractCommandName(commandLine: string): string;
/**
* Extracts SMTP command arguments from a command line
* @param commandLine - Full command line
* @returns Arguments string
*/
export declare function extractCommandArgs(commandLine: string): string;
/**
* Sanitizes data for logging (hides sensitive info)
* @param data - Data to sanitize
* @returns Sanitized data
*/
export declare function sanitizeForLogging(data: any): any;

208
dist_ts/mail/delivery/smtpserver/utils/helpers.js
View File

File diff suppressed because one or more lines are too long

106
dist_ts/mail/delivery/smtpserver/utils/logging.d.ts vendored
View File

@@ -1,106 +0,0 @@
/**
* SMTP Logging Utilities
* Provides structured logging for SMTP server components
*/
import * as plugins from '../../../../plugins.js';
import { SecurityLogLevel, SecurityEventType } from '../constants.js';
import type { ISmtpSession } from '../interfaces.js';
/**
* SMTP connection metadata to include in logs
*/
export interface IConnectionMetadata {
remoteAddress?: string;
remotePort?: number;
socketId?: string;
secure?: boolean;
sessionId?: string;
}
/**
* Log levels for SMTP server
*/
export type LogLevel = 'debug' | 'info' | 'warn' | 'error';
/**
* Options for SMTP log
*/
export interface ISmtpLogOptions {
level?: LogLevel;
sessionId?: string;
sessionState?: string;
remoteAddress?: string;
remotePort?: number;
command?: string;
error?: Error;
[key: string]: any;
}
/**
* SMTP logger - provides structured logging for SMTP server
*/
export declare class SmtpLogger {
/**
* Log a message with context
* @param level - Log level
* @param message - Log message
* @param options - Additional log options
*/
static log(level: LogLevel, message: string, options?: ISmtpLogOptions): void;
/**
* Log debug level message
* @param message - Log message
* @param options - Additional log options
*/
static debug(message: string, options?: ISmtpLogOptions): void;
/**
* Log info level message
* @param message - Log message
* @param options - Additional log options
*/
static info(message: string, options?: ISmtpLogOptions): void;
/**
* Log warning level message
* @param message - Log message
* @param options - Additional log options
*/
static warn(message: string, options?: ISmtpLogOptions): void;
/**
* Log error level message
* @param message - Log message
* @param options - Additional log options
*/
static error(message: string, options?: ISmtpLogOptions): void;
/**
* Log command received from client
* @param command - The command string
* @param socket - The client socket
* @param session - The SMTP session
*/
static logCommand(command: string, socket: plugins.net.Socket | plugins.tls.TLSSocket, session?: ISmtpSession): void;
/**
* Log response sent to client
* @param response - The response string
* @param socket - The client socket
*/
static logResponse(response: string, socket: plugins.net.Socket | plugins.tls.TLSSocket): void;
/**
* Log client connection event
* @param socket - The client socket
* @param eventType - Type of connection event (connect, close, error)
* @param session - The SMTP session
* @param error - Optional error object for error events
*/
static logConnection(socket: plugins.net.Socket | plugins.tls.TLSSocket, eventType: 'connect' | 'close' | 'error', session?: ISmtpSession, error?: Error): void;
/**
* Log security event
* @param level - Security log level
* @param type - Security event type
* @param message - Log message
* @param details - Event details
* @param ipAddress - Client IP address
* @param domain - Optional domain involved
* @param success - Whether the security check was successful
*/
static logSecurityEvent(level: SecurityLogLevel, type: SecurityEventType, message: string, details: Record<string, any>, ipAddress?: string, domain?: string, success?: boolean): void;
}
/**
* Default instance for backward compatibility
*/
export declare const smtpLogger: typeof SmtpLogger;

181
dist_ts/mail/delivery/smtpserver/utils/logging.js
View File

File diff suppressed because one or more lines are too long

69
dist_ts/mail/delivery/smtpserver/utils/validation.d.ts vendored
View File

@@ -1,69 +0,0 @@
/**
* SMTP Validation Utilities
* Provides validation functions for SMTP server
*/
import { SmtpState } from '../interfaces.js';
/**
* Detects header injection attempts in input strings
* @param input - The input string to check
* @param context - The context where this input is being used ('smtp-command' or 'email-header')
* @returns true if header injection is detected, false otherwise
*/
export declare function detectHeaderInjection(input: string, context?: 'smtp-command' | 'email-header'): boolean;
/**
* Sanitizes input by removing or escaping potentially dangerous characters
* @param input - The input string to sanitize
* @returns Sanitized string
*/
export declare function sanitizeInput(input: string): string;
/**
* Validates an email address
* @param email - Email address to validate
* @returns Whether the email address is valid
*/
export declare function isValidEmail(email: string): boolean;
/**
* Validates the MAIL FROM command syntax
* @param args - Arguments string from the MAIL FROM command
* @returns Object with validation result and extracted data
*/
export declare function validateMailFrom(args: string): {
isValid: boolean;
address?: string;
params?: Record<string, string>;
errorMessage?: string;
};
/**
* Validates the RCPT TO command syntax
* @param args - Arguments string from the RCPT TO command
* @returns Object with validation result and extracted data
*/
export declare function validateRcptTo(args: string): {
isValid: boolean;
address?: string;
params?: Record<string, string>;
errorMessage?: string;
};
/**
* Validates the EHLO command syntax
* @param args - Arguments string from the EHLO command
* @returns Object with validation result and extracted data
*/
export declare function validateEhlo(args: string): {
isValid: boolean;
hostname?: string;
errorMessage?: string;
};
/**
* Validates command in the current SMTP state
* @param command - SMTP command
* @param currentState - Current SMTP state
* @returns Whether the command is valid in the current state
*/
export declare function isValidCommandSequence(command: string, currentState: SmtpState): boolean;
/**
* Validates if a hostname is valid according to RFC 5321
* @param hostname - Hostname to validate
* @returns Whether the hostname is valid
*/
export declare function isValidHostname(hostname: string): boolean;

360
dist_ts/mail/delivery/smtpserver/utils/validation.js
View File

File diff suppressed because one or more lines are too long

22
dist_ts/mail/routing/classes.unified.email.server.d.ts vendored
View File

@@ -1,4 +1,3 @@
import * as plugins from '../../plugins.js';
import { EventEmitter } from 'events';
import { DKIMCreator } from '../security/classes.dkimcreator.js';
interface IIPWarmupConfig {
@@ -154,19 +153,24 @@ export declare class UnifiedEmailServer extends EventEmitter {
* Start the unified email server
*/
start(): Promise<void>;
/**
* Handle a socket from smartproxy in socket-handler mode
* @param socket The socket to handle
* @param port The port this connection is for (25, 587, 465)
*/
handleSocket(socket: plugins.net.Socket | plugins.tls.TLSSocket, port: number): Promise<void>;
/**
* Stop the unified email server
*/
stop(): Promise<void>;
/**
* Verify inbound email security (DKIM/SPF/DMARC) using the Rust bridge.
* Falls back gracefully if the bridge is not running.
* Handle an emailReceived event from the Rust SMTP server.
* Decodes the email data, processes it through the routing system,
* and sends back the result via the correlation-ID callback.
*/
private handleRustEmailReceived;
/**
* Handle an authRequest event from the Rust SMTP server.
* Validates credentials and sends back the result.
*/
private handleRustAuthRequest;
/**
* Verify inbound email security (DKIM/SPF/DMARC) using pre-computed Rust results
* or falling back to IPC call if no pre-computed results are available.
*/
private verifyInboundSecurity;
/**

385
dist_ts/mail/routing/classes.unified.email.server.js
View File

File diff suppressed because one or more lines are too long

92
dist_ts/security/classes.rustsecuritybridge.d.ts vendored
View File

@@ -60,6 +60,53 @@ interface IVersionInfo {
security: string;
smtp: string;
}
interface ISmtpServerConfig {
hostname: string;
ports: number[];
securePort?: number;
tlsCertPem?: string;
tlsKeyPem?: string;
maxMessageSize?: number;
maxConnections?: number;
maxRecipients?: number;
connectionTimeoutSecs?: number;
dataTimeoutSecs?: number;
authEnabled?: boolean;
maxAuthFailures?: number;
socketTimeoutSecs?: number;
processingTimeoutSecs?: number;
rateLimits?: IRateLimitConfig;
}
interface IRateLimitConfig {
maxConnectionsPerIp?: number;
maxMessagesPerSender?: number;
maxAuthFailuresPerIp?: number;
windowSecs?: number;
}
interface IEmailData {
type: 'inline' | 'file';
base64?: string;
path?: string;
}
interface IEmailReceivedEvent {
correlationId: string;
sessionId: string;
mailFrom: string;
rcptTo: string[];
data: IEmailData;
remoteAddr: string;
clientHostname: string | null;
secure: boolean;
authenticatedUser: string | null;
securityResults: any | null;
}
interface IAuthRequestEvent {
correlationId: string;
sessionId: string;
username: string;
password: string;
remoteAddr: string;
}
/**
* Bridge between TypeScript and the Rust `mailer-bin` binary.
*
@@ -135,5 +182,48 @@ export declare class RustSecurityBridge {
hostname?: string;
mailFrom: string;
}): Promise<IEmailSecurityResult>;
/**
* Start the Rust SMTP server.
* The server will listen on the configured ports and emit events for
* emailReceived and authRequest that must be handled by the caller.
*/
startSmtpServer(config: ISmtpServerConfig): Promise<boolean>;
/** Stop the Rust SMTP server. */
stopSmtpServer(): Promise<void>;
/**
* Send the result of email processing back to the Rust SMTP server.
* This resolves a pending correlation-ID callback, allowing the Rust
* server to send the SMTP response to the client.
*/
sendEmailProcessingResult(opts: {
correlationId: string;
accepted: boolean;
smtpCode?: number;
smtpMessage?: string;
}): Promise<void>;
/**
* Send the result of authentication validation back to the Rust SMTP server.
*/
sendAuthResult(opts: {
correlationId: string;
success: boolean;
message?: string;
}): Promise<void>;
/** Update rate limit configuration at runtime. */
configureRateLimits(config: IRateLimitConfig): Promise<void>;
/**
* Register a handler for emailReceived events from the Rust SMTP server.
* These events fire when a complete email has been received and needs processing.
*/
onEmailReceived(handler: (data: IEmailReceivedEvent) => void): void;
/**
* Register a handler for authRequest events from the Rust SMTP server.
* The handler must call sendAuthResult() with the correlationId.
*/
onAuthRequest(handler: (data: IAuthRequestEvent) => void): void;
/** Remove an emailReceived event handler. */
offEmailReceived(handler: (data: IEmailReceivedEvent) => void): void;
/** Remove an authRequest event handler. */
offAuthRequest(handler: (data: IAuthRequestEvent) => void): void;
}
export type { IDkimVerificationResult, ISpfResult, IDmarcResult, IEmailSecurityResult, IValidationResult, IBounceDetection, IContentScanResult, IReputationResult as IRustReputationResult, IVersionInfo, };
export type { IDkimVerificationResult, ISpfResult, IDmarcResult, IEmailSecurityResult, IValidationResult, IBounceDetection, IContentScanResult, IReputationResult as IRustReputationResult, IVersionInfo, ISmtpServerConfig, IRateLimitConfig, IEmailData, IEmailReceivedEvent, IAuthRequestEvent, };

61
dist_ts/security/classes.rustsecuritybridge.js
View File

File diff suppressed because one or more lines are too long

13
npmextra.json
View File

@@ -1,5 +1,16 @@
{
"@git.zone/tsrust": {
"targets": ["linux_amd64", "linux_arm64"]
"targets": [
"linux_amd64",
"linux_arm64"
]
},
"@git.zone/cli": {
"release": {
"registries": [
"https://verdaccio.lossless.digital"
],
"accessLevel": "public"
}
}
}

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@push.rocks/smartmta",
"version": "2.1.0",
"version": "2.3.0",
"description": "A high-performance, enterprise-grade Mail Transfer Agent (MTA) built from scratch in TypeScript with Rust acceleration.",
"keywords": [
"mta",

321
readme.md
View File

@@ -1,6 +1,6 @@
# @push.rocks/smartmta
A high-performance, enterprise-grade Mail Transfer Agent (MTA) built from scratch in TypeScript with Rust acceleration — no nodemailer, no shortcuts.
A high-performance, enterprise-grade Mail Transfer Agent (MTA) built from scratch in TypeScript with a Rust-powered SMTP engine — no nodemailer, no shortcuts. 🚀
## Issue Reporting and Security
@@ -14,68 +14,83 @@ pnpm install @push.rocks/smartmta
npm install @push.rocks/smartmta
```
After installation, run `pnpm build` to compile the Rust binary (`mailer-bin`). The Rust binary is **required**`smartmta` will not start without it.
## Overview
`@push.rocks/smartmta` is a **complete mail server solution** — SMTP server, SMTP client, email security, content scanning, and delivery management — all built with a custom SMTP implementation. No wrappers around nodemailer. No half-measures.
`@push.rocks/smartmta` is a **complete mail server solution** — SMTP server, SMTP client, email security, content scanning, and delivery management — all built with a custom SMTP implementation. The SMTP server itself runs as a Rust binary for maximum performance, communicating with the TypeScript orchestration layer via IPC.
### What's Inside
### What's Inside
| Module | What It Does |
|---|---|
| **SMTP Server** | RFC 5321-compliant server with TLS/STARTTLS, authentication, pipelining |
| **Rust SMTP Server** | High-performance SMTP engine written in Rust — TCP/TLS listener, STARTTLS, AUTH, pipelining, per-connection rate limiting |
| **SMTP Client** | Outbound delivery with connection pooling, retry logic, TLS negotiation |
| **DKIM** | Key generation, signing, and verification — per domain |
| **SPF** | Full SPF record validation |
| **DKIM** | Key generation, signing, and verification — per domain, with automatic rotation |
| **SPF** | Full SPF record validation via Rust |
| **DMARC** | Policy enforcement and verification |
| **Email Router** | Pattern-based routing with priority, forward/deliver/reject/process actions |
| **Bounce Manager** | Automatic bounce detection, classification (hard/soft), and tracking |
| **Content Scanner** | Spam, phishing, malware, XSS, and suspicious link detection |
| **IP Reputation** | DNSBL checks, proxy/TOR/VPN detection, risk scoring |
| **Bounce Manager** | Automatic bounce detection via Rust, classification (hard/soft), and suppression tracking |
| **Content Scanner** | Spam, phishing, malware, XSS, and suspicious link detection — powered by Rust |
| **IP Reputation** | DNSBL checks, proxy/TOR/VPN detection, risk scoring via Rust |
| **Rate Limiter** | Hierarchical rate limiting (global, per-domain, per-IP) |
| **Delivery Queue** | Persistent queue with exponential backoff retry |
| **Template Engine** | Email templates with variable substitution |
| **Domain Registry** | Multi-domain management with per-domain configuration |
| **DNS Manager** | Automatic DNS record management with Cloudflare API integration |
| **Rust Accelerator** | Performance-critical operations (DKIM, MIME, validation) in Rust via IPC |
| **Rust Security Bridge** | Compound email security verification (DKIM+SPF+DMARC) via Rust binary |
| **Rust Security Bridge** | All security ops (DKIM+SPF+DMARC+DNSBL+content scanning) run in Rust via IPC |
### Architecture
### 🏗️ Architecture
```
┌─────────────────────────────────────────────────────────┐
│ UnifiedEmailServer │
│ (orchestrates all components, emits events) │
├────────────────────┬──────────────────────────────────┤
SMTP │ Email │ Security Delivery │
Server │ Router │ Stack System │
│ ┌─────┐ │ ┌─────┐ │ ┌───────┐ │ ┌────────────────┐ │
│ │ TLS │ │ │Match│ │ │ DKIM │ │ Queue │ │
│ │ Auth│ │ │Route│ │ │ SPF │ │ Rate Limit │ │
│ │ Cmd │ │ │ Act │ │ │ DMARC │ │ SMTP Client │ │
│ Data│ │ │ │ IPRep │ │ Retry Logic │ │
└─────┘ │ └─────┘ │ │ Scan │ │ └────────────────┘ │
│ └───────┘ │ │
├────────────────────┴──────────────────────────────────┤
│ Rust Security Bridge
│ (RustSecurityBridge singleton via smartrust IPC) │
├─────────────────────────────────────────────────────────┤
Rust Acceleration Layer
(mailer-core, mailer-security, mailer-bin)
└─────────────────────────────────────────────────────────┘
┌──────────────────────────────────────────────────────────────
UnifiedEmailServer
(orchestrates all components, emits events)
├───────────┬───────────┬──────────────┬───────────────────────┤
│ Email │ Security Delivery │ Configuration
│ Router │ Stack System
│ ┌─────┐ │ ┌───────┐ │ ┌─────────┐ │ ┌────────────────┐
│ │Match │ │ │ DKIM │ │ │ Queue │ │ │ DomainRegistry
│ │Route │ │ │ SPF │ │ Rate Lim │ │ │ DnsManager
│ │ Act │ │ │ DMARC │ │ │ SMTP Cli │ │ │ DKIMCreator
└──────┘ │ │ IPRep │ │ │ Retry │ │ │ Templates
│ │ Scan │ │ └──────────┘ │ └────────────────┘
│ │ └───────┘
├───────────┴───────────┴──────────────┴───────────────────────┤
│ Rust Security Bridge (smartrust IPC)
├──────────────────────────────────────────────────────────────┤
│ Rust Acceleration Layer │
┌──────────────┐ ┌───────────────┐ ┌──────────────────┐
mailer-smtp │ │mailer-security│ │ mailer-core
│ │ SMTP Server │ │DKIM/SPF/DMARC │ │ Types/Validation │ │
│ │ TLS/AUTH │ │IP Rep/Content │ │ MIME/Bounce │ │
│ └──────────────┘ └───────────────┘ └──────────────────┘ │
└──────────────────────────────────────────────────────────────┘
```
**Data flow for inbound mail:**
1. Rust SMTP server accepts the connection and handles the SMTP protocol
2. On `DATA` completion, Rust emits an `emailReceived` event via IPC
3. TypeScript processes the email (routing, scanning, delivery decisions)
4. TypeScript sends the processing result back to Rust via IPC
5. Rust sends the final SMTP response to the client
## Usage
### Setting Up the Email Server
### 🚀 Setting Up the Email Server
The central entry point is `UnifiedEmailServer`, which orchestrates SMTP, routing, security, and delivery:
The central entry point is `UnifiedEmailServer`, which orchestrates the Rust SMTP server, routing, security, and delivery:
```typescript
import { UnifiedEmailServer } from '@push.rocks/smartmta';
const emailServer = new UnifiedEmailServer(dcRouterRef, {
// Ports to listen on (465 = implicit TLS, 25/587 = STARTTLS)
ports: [25, 587, 465],
hostname: 'mail.example.com',
// Multi-domain configuration
domains: [
{
domain: 'example.com',
@@ -87,11 +102,13 @@ const emailServer = new UnifiedEmailServer(dcRouterRef, {
rotationInterval: 90,
},
rateLimits: {
maxMessagesPerMinute: 100,
maxRecipientsPerMessage: 50,
outbound: { messagesPerMinute: 100 },
inbound: { messagesPerMinute: 200, connectionsPerIp: 20 },
},
},
],
// Routing rules (evaluated by priority, highest first)
routes: [
{
name: 'catch-all-forward',
@@ -122,31 +139,39 @@ const emailServer = new UnifiedEmailServer(dcRouterRef, {
},
},
],
// Authentication settings for the SMTP server
auth: {
required: false,
methods: ['PLAIN', 'LOGIN'],
users: [{ username: 'outbound', password: 'secret' }],
},
// TLS certificates
tls: {
certPath: '/etc/ssl/mail.crt',
keyPath: '/etc/ssl/mail.key',
},
maxMessageSize: 25 * 1024 * 1024, // 25 MB
maxClients: 500,
});
// start() boots the Rust SMTP server, security bridge, DNS records, and delivery queue
await emailServer.start();
```
### Sending Emails with the SMTP Client
> 🔒 **Note:** `start()` will throw if the Rust binary is not compiled. Run `pnpm build` first.
### 📧 Sending Emails with the SMTP Client
Create and send emails using the built-in SMTP client with connection pooling:
```typescript
import { Email, createSmtpClient } from '@push.rocks/smartmta';
import { Email, Delivery } from '@push.rocks/smartmta';
// Create a client with connection pooling
const client = createSmtpClient({
const client = Delivery.smtpClientMod.createSmtpClient({
host: 'smtp.example.com',
port: 587,
secure: false, // will upgrade via STARTTLS
@@ -181,9 +206,22 @@ const result = await client.sendMail(email);
console.log(`Message sent: ${result.messageId}`);
```
### DKIM Signing
Additional client factories are available:
DKIM key management is handled by `DKIMCreator`, which generates, stores, and rotates keys per domain. Signing is performed automatically by `UnifiedEmailServer` during outbound delivery — there is no standalone `signEmail()` call:
```typescript
// Pooled client for high-throughput scenarios
const pooled = Delivery.smtpClientMod.createPooledSmtpClient({ /* ... */ });
// Optimized for bulk sending
const bulk = Delivery.smtpClientMod.createBulkSmtpClient({ /* ... */ });
// Optimized for transactional emails
const transactional = Delivery.smtpClientMod.createTransactionalSmtpClient({ /* ... */ });
```
### 🔑 DKIM Signing
DKIM key management is handled by `DKIMCreator`, which generates, stores, and rotates keys per domain. Signing is performed automatically by `UnifiedEmailServer` during outbound delivery:
```typescript
import { DKIMCreator } from '@push.rocks/smartmta';
@@ -206,11 +244,11 @@ if (needsRotation) {
}
```
When `UnifiedEmailServer.start()` is called, DKIM signing is applied to all outbound mail automatically using the keys managed by `DKIMCreator`. The `RustSecurityBridge` can also perform DKIM signing via its `signDkim()` method for high-performance scenarios.
When `UnifiedEmailServer.start()` is called, DKIM signing is applied to all outbound mail automatically using the Rust security bridge's `signDkim()` method for maximum performance.
### Email Authentication (SPF, DKIM, DMARC)
### 🛡️ Email Authentication (SPF, DKIM, DMARC)
Verify incoming emails against all three authentication standards. Note that the first argument to `SpfVerifier.verify()` and `DmarcVerifier.verify()` is an `Email` object:
Verify incoming emails against all three authentication standards. All verification is powered by the Rust binary:
```typescript
import { DKIMVerifier, SpfVerifier, DmarcVerifier } from '@push.rocks/smartmta';
@@ -221,7 +259,7 @@ const spfResult = await spfVerifier.verify(email, senderIP, heloDomain);
// -> { result: 'pass' | 'fail' | 'softfail' | 'neutral' | 'none' | 'temperror' | 'permerror',
// domain: string, ip: string }
// DKIM verification
// DKIM verification — takes raw email content
const dkimVerifier = new DKIMVerifier();
const dkimResult = await dkimVerifier.verify(rawEmailContent);
@@ -232,9 +270,9 @@ const dmarcResult = await dmarcVerifier.verify(email, spfResult, dkimResult);
// spfDomainAligned: boolean, dkimDomainAligned: boolean, ... }
```
### Email Routing
### 🔀 Email Routing
Pattern-based routing engine with priority ordering and flexible match criteria. Routes are evaluated by priority (highest first) using `evaluateRoutes()`:
Pattern-based routing engine with priority ordering and flexible match criteria. Routes are evaluated by priority (highest first):
```typescript
import { EmailRouter } from '@push.rocks/smartmta';
@@ -288,9 +326,22 @@ const router = new EmailRouter([
const matchedRoute = await router.evaluateRoutes(emailContext);
```
### Content Scanning
**Match criteria available:**
Built-in content scanner for detecting spam, phishing, malware, and other threats. Use the `scanEmail()` method:
| Criterion | Description |
|---|---|
| `recipients` | Glob patterns for recipient addresses (`*@example.com`) |
| `senders` | Glob patterns for sender addresses |
| `clientIp` | IP addresses or CIDR ranges |
| `authenticated` | Require authentication status |
| `headers` | Match specific headers (string or RegExp) |
| `sizeRange` | Message size constraints (`{ min?, max? }`) |
| `subject` | Subject line pattern (string or RegExp) |
| `hasAttachments` | Filter by attachment presence |
### 🔍 Content Scanning
Built-in content scanner for detecting spam, phishing, malware, and other threats. Text pattern scanning runs in Rust for performance; binary attachment scanning (PE headers, VBA macros) runs in TypeScript:
```typescript
import { ContentScanner } from '@push.rocks/smartmta';
@@ -317,14 +368,14 @@ const result = await scanner.scanEmail(email);
// -> { isClean: false, threatScore: 85, threatType: 'phishing', scannedElements: [...] }
```
### IP Reputation Checking
### 🌐 IP Reputation Checking
Check sender IP addresses against DNSBL blacklists and classify IP types:
Check sender IP addresses against DNSBL blacklists and classify IP types. DNSBL lookups run in Rust:
```typescript
import { IPReputationChecker } from '@push.rocks/smartmta';
const ipChecker = new IPReputationChecker({
const ipChecker = IPReputationChecker.getInstance({
enableDNSBL: true,
dnsblServers: ['zen.spamhaus.org', 'bl.spamcop.net'],
cacheTTL: 24 * 60 * 60 * 1000, // 24 hours
@@ -334,14 +385,13 @@ const reputation = await ipChecker.checkReputation('192.168.1.1');
// -> { score: 85, isSpam: false, isProxy: false, isTor: false, blacklists: [] }
```
When the `RustSecurityBridge` is running, `IPReputationChecker` automatically delegates DNSBL lookups to the Rust binary for improved performance.
### ⏱️ Rate Limiting
### Rate Limiting
Hierarchical rate limiting to protect your server and maintain deliverability. Configuration uses `maxMessagesPerMinute` and organizes domain-level limits under the `domains` key:
Hierarchical rate limiting to protect your server and maintain deliverability:
```typescript
import { UnifiedRateLimiter } from '@push.rocks/smartmta';
import { Delivery } from '@push.rocks/smartmta';
const { UnifiedRateLimiter } = Delivery;
const rateLimiter = new UnifiedRateLimiter({
global: {
@@ -374,12 +424,13 @@ if (!allowed.allowed) {
}
```
### Bounce Management
### 📬 Bounce Management
Automatic bounce detection, classification, and suppression tracking. Use `isEmailSuppressed()` to check if an address should be suppressed:
Automatic bounce detection (via Rust), classification, and suppression tracking:
```typescript
import { BounceManager } from '@push.rocks/smartmta';
import { Core } from '@push.rocks/smartmta';
const { BounceManager } = Core;
const bounceManager = new BounceManager();
@@ -399,16 +450,17 @@ bounceManager.addToSuppressionList('bad@example.com', 'repeated hard bounces');
bounceManager.removeFromSuppressionList('recovered@example.com');
```
### Email Templates
### 📝 Email Templates
Template engine with variable substitution for transactional and notification emails. Use `createEmail()` to produce a ready-to-send `Email` from a registered template:
Template engine with variable substitution for transactional and notification emails:
```typescript
import { TemplateManager } from '@push.rocks/smartmta';
import { Core } from '@push.rocks/smartmta';
const { TemplateManager } = Core;
const templates = new TemplateManager({
from: 'noreply@example.com',
footerHtml: '<p>2026 Example Corp</p>',
footerHtml: '<p>&copy; 2026 Example Corp</p>',
});
// Register a template
@@ -430,19 +482,11 @@ const email = await templates.createEmail('welcome', {
});
```
### DNS Management
### 🌍 DNS Management
DNS record management for email authentication is handled internally by `UnifiedEmailServer`. The `DnsManager` is not instantiated directly — it receives its configuration from the `dcRouter` reference and automatically ensures MX, SPF, DKIM, and DMARC records are in place for all configured domains:
DNS record management for email authentication is handled automatically by `UnifiedEmailServer`. When the server starts, it ensures MX, SPF, DKIM, and DMARC records are in place for all configured domains via the Cloudflare API:
```typescript
// DNS management is automatic when using UnifiedEmailServer.
// When the server starts, it calls ensureDnsRecords() internally
// for all configured domains, setting up:
// - MX records pointing to your mail server
// - SPF TXT records authorizing your server IP
// - DKIM TXT records with public keys from DKIMCreator
// - DMARC TXT records with your policy
const emailServer = new UnifiedEmailServer(dcRouterRef, {
hostname: 'mail.example.com',
domains: [
@@ -454,47 +498,17 @@ const emailServer = new UnifiedEmailServer(dcRouterRef, {
// ... other config
});
// DNS records are set up automatically on start
// DNS records are set up automatically on start:
// - MX records pointing to your mail server
// - SPF TXT records authorizing your server IP
// - DKIM TXT records with public keys from DKIMCreator
// - DMARC TXT records with your policy
await emailServer.start();
```
For DNS lookups and record verification outside of the server lifecycle, the `DNSManager` class (note the capital N) can be used directly:
### 🦀 RustSecurityBridge
```typescript
import { DNSManager, DKIMCreator } from '@push.rocks/smartmta';
const dkimCreator = new DKIMCreator('/path/to/keys');
const dnsManager = new DNSManager(dkimCreator);
// Verify all email authentication records for a domain
const results = await dnsManager.verifyEmailAuthRecords('example.com', 'default');
console.log(results.spf); // { valid: boolean, record: string, ... }
console.log(results.dkim); // { valid: boolean, record: string, ... }
console.log(results.dmarc); // { valid: boolean, record: string, ... }
// Generate recommended DNS records
const records = await dnsManager.generateAllRecommendedRecords('example.com');
```
## Rust Acceleration
Performance-critical operations are implemented in Rust and communicate with the TypeScript runtime via `@push.rocks/smartrust` (JSON-over-stdin/stdout IPC).
### Rust Crates
The Rust workspace is at `rust/` with five crates:
| Crate | Status | Purpose |
|---|---|---|
| `mailer-core` | Complete (26 tests) | Email types, validation, MIME building, bounce detection |
| `mailer-security` | Complete (12 tests) | DKIM signing/verification, SPF checks, DMARC policy, IP reputation/DNSBL |
| `mailer-bin` | Complete | CLI + smartrust IPC bridge (handles `verifyEmail` compound method) |
| `mailer-smtp` | Planned (Phase 3) | SMTP protocol in Rust |
| `mailer-napi` | Planned (Phase 3) | Native Node.js addon |
### RustSecurityBridge
The `RustSecurityBridge` is a singleton that manages the Rust binary process and provides high-performance security verification. It is automatically started and stopped with `UnifiedEmailServer`:
The `RustSecurityBridge` is the singleton that manages the Rust binary process. It handles security verification, content scanning, bounce detection, and the SMTP server lifecycle — all via `@push.rocks/smartrust` IPC:
```typescript
import { RustSecurityBridge } from '@push.rocks/smartmta';
@@ -511,7 +525,7 @@ const securityResult = await bridge.verifyEmail({
});
// -> { dkim: [...], spf: { result, explanation }, dmarc: { result, policy } }
// Individual operations
// Individual security operations
const dkimResults = await bridge.verifyDkim(rawEmailString);
const spfResult = await bridge.checkSpf({
ip: '203.0.113.10',
@@ -520,28 +534,85 @@ const spfResult = await bridge.checkSpf({
});
const reputationResult = await bridge.checkIpReputation('203.0.113.10');
// DKIM signing
const signed = await bridge.signDkim({
email: rawEmailString,
domain: 'example.com',
selector: 'default',
privateKeyPem: privateKey,
});
// Content scanning
const scanResult = await bridge.scanContent({
subject: 'Win a free iPhone!!!',
body: '<a href="http://phishing.example.com">Click here</a>',
from: 'scammer@evil.com',
});
// Bounce detection
const bounceResult = await bridge.detectBounce({
subject: 'Delivery Status Notification (Failure)',
body: '550 5.1.1 User unknown',
from: 'mailer-daemon@example.com',
});
await bridge.stop();
```
When the bridge is running, the TypeScript security components (`SpfVerifier`, `DKIMVerifier`, `IPReputationChecker`) automatically delegate to the Rust binary. If the binary is unavailable, the system falls back gracefully to TypeScript-only verification.
> ⚠️ **Important:** The Rust bridge is **mandatory**. There are no TypeScript fallbacks. If the Rust binary is unavailable, `UnifiedEmailServer.start()` will throw an error.
## 🦀 Rust Acceleration Layer
Performance-critical operations are implemented in Rust and communicate with the TypeScript runtime via `@push.rocks/smartrust` (JSON-over-stdin/stdout IPC). The Rust workspace lives at `rust/` with five crates:
| Crate | Status | Purpose |
|---|---|---|
| `mailer-core` | ✅ Complete (26 tests) | Email types, validation, MIME building, bounce detection |
| `mailer-security` | ✅ Complete (22 tests) | DKIM sign/verify, SPF, DMARC, IP reputation/DNSBL, content scanning |
| `mailer-smtp` | ✅ Complete (72 tests) | Full SMTP protocol engine — TCP/TLS server, STARTTLS, AUTH, pipelining, rate limiting |
| `mailer-bin` | ✅ Complete | CLI + smartrust IPC bridge — security, content scanning, SMTP server lifecycle |
| `mailer-napi` | 🔜 Planned | Native Node.js addon (N-API) |
### What Runs in Rust
| Operation | Runs In | Why |
|---|---|---|
| SMTP server (port listening, protocol, TLS) | Rust | Performance, memory safety, zero-copy parsing |
| DKIM signing & verification | Rust | Crypto-heavy, benefits from native speed |
| SPF validation | Rust | DNS lookups with async resolver |
| DMARC policy checking | Rust | Integrates with SPF/DKIM results |
| IP reputation / DNSBL | Rust | Parallel DNS queries |
| Content scanning (text patterns) | Rust | Regex engine performance |
| Bounce detection (pattern matching) | Rust | Regex engine performance |
| Email validation & MIME building | Rust | Parsing performance |
| Binary attachment scanning | TypeScript | Buffer data too large for IPC |
| Email routing & orchestration | TypeScript | Business logic, flexibility |
| Delivery queue & retry | TypeScript | State management, persistence |
| Template rendering | TypeScript | String interpolation |
## Project Structure
```
smartmta/
├── ts/ # TypeScript source
├── ts/ # TypeScript source
│ ├── mail/
│ │ ├── core/ # Email, EmailValidator, BounceManager, TemplateManager
│ │ ├── delivery/ # DeliverySystem, Queue, RateLimiter
│ │ │ ├── smtpclient/ # SMTP client with connection pooling
│ │ │ └── smtpserver/ # SMTP server with TLS, auth, pipelining
│ │ ├── routing/ # UnifiedEmailServer, EmailRouter, DomainRegistry, DnsManager
│ │ └── security/ # DKIMCreator, DKIMVerifier, SpfVerifier, DmarcVerifier
│ └── security/ # ContentScanner, IPReputationChecker, RustSecurityBridge
├── rust/ # Rust workspace
│ └── crates/ # mailer-core, mailer-security, mailer-bin, mailer-smtp, mailer-napi
├── test/ # Comprehensive test suite
└── dist_ts/ # Compiled output
│ │ ├── core/ # Email, EmailValidator, BounceManager, TemplateManager
│ │ ├── delivery/ # DeliverySystem, Queue, RateLimiter
│ │ │ ├── smtpclient/ # SMTP client with connection pooling
│ │ │ └── smtpserver/ # Legacy TS SMTP server (socket-handler fallback)
│ │ ├── routing/ # UnifiedEmailServer, EmailRouter, DomainRegistry, DnsManager
│ │ └── security/ # DKIMCreator, DKIMVerifier, SpfVerifier, DmarcVerifier
│ └── security/ # ContentScanner, IPReputationChecker, RustSecurityBridge
├── rust/ # Rust workspace
│ └── crates/
│ ├── mailer-core/ # Email types, validation, MIME, bounce detection
│ ├── mailer-security/ # DKIM, SPF, DMARC, IP reputation, content scanning
│ ├── mailer-smtp/ # Full SMTP server (TCP/TLS, state machine, rate limiting)
│ ├── mailer-bin/ # CLI + smartrust IPC bridge
│ └── mailer-napi/ # N-API addon (planned)
├── test/ # Test suite
├── dist_ts/ # Compiled TypeScript output
└── dist_rust/ # Compiled Rust binaries
```
## License and Legal Information

19
rust/Cargo.lock generated
View File

@@ -1005,6 +1005,7 @@ name = "mailer-bin"
version = "0.1.0"
dependencies = [
"clap",
"dashmap",
"hickory-resolver 0.25.2",
"mailer-core",
"mailer-security",
@@ -1068,15 +1069,24 @@ dependencies = [
name = "mailer-smtp"
version = "0.1.0"
dependencies = [
"base64",
"bytes",
"dashmap",
"hickory-resolver 0.25.2",
"mailer-core",
"mailer-security",
"mailparse",
"regex",
"rustls",
"rustls-pemfile",
"rustls-pki-types",
"serde",
"serde_json",
"thiserror",
"tokio",
"tokio-rustls",
"tracing",
"uuid",
]
[[package]]
@@ -1491,6 +1501,15 @@ dependencies = [
"zeroize",
]
[[package]]
name = "rustls-pemfile"
version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50"
dependencies = [
"rustls-pki-types",
]
[[package]]
name = "rustls-pki-types"
version = "1.14.0"

1
rust/crates/mailer-bin/Cargo.toml
View File

@@ -18,3 +18,4 @@ serde.workspace = true
serde_json.workspace = true
clap.workspace = true
hickory-resolver.workspace = true
dashmap.workspace = true

460
rust/crates/mailer-bin/src/main.rs
View File

@@ -6,9 +6,16 @@
//! integration with `@push.rocks/smartrust` from TypeScript
use clap::{Parser, Subcommand};
use dashmap::DashMap;
use serde::{Deserialize, Serialize};
use std::io::{self, BufRead, Write};
use std::net::IpAddr;
use std::sync::Arc;
use tokio::sync::oneshot;
use mailer_smtp::connection::{
AuthResult, CallbackRegistry, ConnectionEvent, EmailProcessingResult,
};
/// mailer-bin: Rust-powered email security tools
#[derive(Parser)]
@@ -105,6 +112,43 @@ struct IpcEvent {
data: serde_json::Value,
}
// --- Pending callbacks for correlation-ID based reverse calls ---
/// Stores oneshot senders for pending email processing and auth callbacks.
struct PendingCallbacks {
email: DashMap<String, oneshot::Sender<EmailProcessingResult>>,
auth: DashMap<String, oneshot::Sender<AuthResult>>,
}
impl PendingCallbacks {
fn new() -> Self {
Self {
email: DashMap::new(),
auth: DashMap::new(),
}
}
}
impl CallbackRegistry for PendingCallbacks {
fn register_email_callback(
&self,
correlation_id: &str,
) -> oneshot::Receiver<EmailProcessingResult> {
let (tx, rx) = oneshot::channel();
self.email.insert(correlation_id.to_string(), tx);
rx
}
fn register_auth_callback(
&self,
correlation_id: &str,
) -> oneshot::Receiver<AuthResult> {
let (tx, rx) = oneshot::channel();
self.auth.insert(correlation_id.to_string(), tx);
rx
}
}
fn main() {
let cli = Cli::parse();
@@ -278,7 +322,17 @@ fn main() {
use std::io::Read;
/// Shared state for the management mode.
struct ManagementState {
callbacks: Arc<PendingCallbacks>,
smtp_handle: Option<mailer_smtp::server::SmtpServerHandle>,
smtp_event_rx: Option<tokio::sync::mpsc::Receiver<ConnectionEvent>>,
}
/// Run in management/IPC mode for smartrust bridge.
///
/// This mode supports both request/response IPC (existing commands) and
/// long-running SMTP server with event-based callbacks.
fn run_management_mode() {
// Signal readiness
let ready_event = IpcEvent {
@@ -294,39 +348,153 @@ fn run_management_mode() {
let rt = tokio::runtime::Runtime::new().unwrap();
let stdin = io::stdin();
for line in stdin.lock().lines() {
let line = match line {
Ok(l) => l,
Err(_) => break,
};
let callbacks = Arc::new(PendingCallbacks::new());
let mut state = ManagementState {
callbacks: callbacks.clone(),
smtp_handle: None,
smtp_event_rx: None,
};
if line.trim().is_empty() {
continue;
}
// We need to read stdin in a separate thread (blocking I/O)
// and process commands + SMTP events in the tokio runtime.
let (cmd_tx, mut cmd_rx) = tokio::sync::mpsc::channel::<String>(256);
let req: IpcRequest = match serde_json::from_str(&line) {
Ok(r) => r,
Err(e) => {
let resp = IpcResponse {
id: "unknown".to_string(),
success: false,
result: None,
error: Some(format!("Invalid request: {}", e)),
};
println!("{}", serde_json::to_string(&resp).unwrap());
io::stdout().flush().unwrap();
continue;
// Spawn stdin reader thread
std::thread::spawn(move || {
let stdin = io::stdin();
for line in stdin.lock().lines() {
match line {
Ok(l) if !l.trim().is_empty() => {
if cmd_tx.blocking_send(l).is_err() {
break;
}
}
Ok(_) => continue,
Err(_) => break,
}
};
}
});
let response = rt.block_on(handle_ipc_request(&req));
println!("{}", serde_json::to_string(&response).unwrap());
io::stdout().flush().unwrap();
rt.block_on(async {
loop {
// Select between stdin commands and SMTP server events
tokio::select! {
cmd = cmd_rx.recv() => {
match cmd {
Some(line) => {
let req: IpcRequest = match serde_json::from_str(&line) {
Ok(r) => r,
Err(e) => {
let resp = IpcResponse {
id: "unknown".to_string(),
success: false,
result: None,
error: Some(format!("Invalid request: {}", e)),
};
emit_line(&serde_json::to_string(&resp).unwrap());
continue;
}
};
let response = handle_ipc_request(&req, &mut state).await;
emit_line(&serde_json::to_string(&response).unwrap());
}
None => {
// stdin closed — shut down
if let Some(handle) = state.smtp_handle.take() {
handle.shutdown().await;
}
break;
}
}
}
event = async {
if let Some(rx) = &mut state.smtp_event_rx {
rx.recv().await
} else {
// No SMTP server running — wait forever (yields to other branch)
std::future::pending::<Option<ConnectionEvent>>().await
}
} => {
if let Some(event) = event {
handle_smtp_event(event);
}
}
}
}
});
}
/// Emit a line to stdout and flush.
fn emit_line(line: &str) {
let stdout = io::stdout();
let mut handle = stdout.lock();
let _ = writeln!(handle, "{}", line);
let _ = handle.flush();
}
/// Emit an IPC event to stdout.
fn emit_event(event_name: &str, data: serde_json::Value) {
let event = IpcEvent {
event: event_name.to_string(),
data,
};
emit_line(&serde_json::to_string(&event).unwrap());
}
/// Handle a connection event from the SMTP server.
fn handle_smtp_event(event: ConnectionEvent) {
match event {
ConnectionEvent::EmailReceived {
correlation_id,
session_id,
mail_from,
rcpt_to,
data,
remote_addr,
client_hostname,
secure,
authenticated_user,
security_results,
} => {
emit_event(
"emailReceived",
serde_json::json!({
"correlationId": correlation_id,
"sessionId": session_id,
"mailFrom": mail_from,
"rcptTo": rcpt_to,
"data": data,
"remoteAddr": remote_addr,
"clientHostname": client_hostname,
"secure": secure,
"authenticatedUser": authenticated_user,
"securityResults": security_results,
}),
);
}
ConnectionEvent::AuthRequest {
correlation_id,
session_id,
username,
password,
remote_addr,
} => {
emit_event(
"authRequest",
serde_json::json!({
"correlationId": correlation_id,
"sessionId": session_id,
"username": username,
"password": password,
"remoteAddr": remote_addr,
}),
);
}
}
}
async fn handle_ipc_request(req: &IpcRequest) -> IpcResponse {
async fn handle_ipc_request(req: &IpcRequest, state: &mut ManagementState) -> IpcResponse {
match req.method.as_str() {
"ping" => IpcResponse {
id: req.id.clone(),
@@ -636,6 +804,35 @@ async fn handle_ipc_request(req: &IpcRequest) -> IpcResponse {
}
}
// --- SMTP Server lifecycle commands ---
"startSmtpServer" => {
handle_start_smtp_server(req, state).await
}
"stopSmtpServer" => {
handle_stop_smtp_server(req, state).await
}
"emailProcessingResult" => {
handle_email_processing_result(req, state)
}
"authResult" => {
handle_auth_result(req, state)
}
"configureRateLimits" => {
// Rate limit configuration is set at startSmtpServer time.
// This command allows runtime updates, but for now we acknowledge it.
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"configured": true})),
error: None,
}
}
_ => IpcResponse {
id: req.id.clone(),
success: false,
@@ -644,3 +841,214 @@ async fn handle_ipc_request(req: &IpcRequest) -> IpcResponse {
},
}
}
/// Handle startSmtpServer IPC command.
async fn handle_start_smtp_server(req: &IpcRequest, state: &mut ManagementState) -> IpcResponse {
// Stop existing server if running
if let Some(handle) = state.smtp_handle.take() {
handle.shutdown().await;
}
// Parse config from params
let config = match parse_smtp_config(&req.params) {
Ok(c) => c,
Err(e) => {
return IpcResponse {
id: req.id.clone(),
success: false,
result: None,
error: Some(format!("Invalid config: {}", e)),
};
}
};
// Parse optional rate limit config
let rate_config = req.params.get("rateLimits").and_then(|v| {
serde_json::from_value::<mailer_smtp::rate_limiter::RateLimitConfig>(v.clone()).ok()
});
match mailer_smtp::server::start_server(config, state.callbacks.clone(), rate_config).await {
Ok((handle, event_rx)) => {
state.smtp_handle = Some(handle);
state.smtp_event_rx = Some(event_rx);
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"started": true})),
error: None,
}
}
Err(e) => IpcResponse {
id: req.id.clone(),
success: false,
result: None,
error: Some(format!("Failed to start SMTP server: {}", e)),
},
}
}
/// Handle stopSmtpServer IPC command.
async fn handle_stop_smtp_server(req: &IpcRequest, state: &mut ManagementState) -> IpcResponse {
if let Some(handle) = state.smtp_handle.take() {
handle.shutdown().await;
state.smtp_event_rx = None;
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"stopped": true})),
error: None,
}
} else {
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"stopped": true, "wasRunning": false})),
error: None,
}
}
}
/// Handle emailProcessingResult IPC command — resolves a pending email callback.
fn handle_email_processing_result(req: &IpcRequest, state: &ManagementState) -> IpcResponse {
let correlation_id = req
.params
.get("correlationId")
.and_then(|v| v.as_str())
.unwrap_or("");
let result = EmailProcessingResult {
accepted: req.params.get("accepted").and_then(|v| v.as_bool()).unwrap_or(false),
smtp_code: req.params.get("smtpCode").and_then(|v| v.as_u64()).map(|v| v as u16),
smtp_message: req
.params
.get("smtpMessage")
.and_then(|v| v.as_str())
.map(String::from),
};
if let Some((_, tx)) = state.callbacks.email.remove(correlation_id) {
let _ = tx.send(result);
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"resolved": true})),
error: None,
}
} else {
IpcResponse {
id: req.id.clone(),
success: false,
result: None,
error: Some(format!(
"No pending callback for correlationId: {}",
correlation_id
)),
}
}
}
/// Handle authResult IPC command — resolves a pending auth callback.
fn handle_auth_result(req: &IpcRequest, state: &ManagementState) -> IpcResponse {
let correlation_id = req
.params
.get("correlationId")
.and_then(|v| v.as_str())
.unwrap_or("");
let result = AuthResult {
success: req.params.get("success").and_then(|v| v.as_bool()).unwrap_or(false),
message: req
.params
.get("message")
.and_then(|v| v.as_str())
.map(String::from),
};
if let Some((_, tx)) = state.callbacks.auth.remove(correlation_id) {
let _ = tx.send(result);
IpcResponse {
id: req.id.clone(),
success: true,
result: Some(serde_json::json!({"resolved": true})),
error: None,
}
} else {
IpcResponse {
id: req.id.clone(),
success: false,
result: None,
error: Some(format!(
"No pending auth callback for correlationId: {}",
correlation_id
)),
}
}
}
/// Parse SmtpServerConfig from IPC params JSON.
fn parse_smtp_config(
params: &serde_json::Value,
) -> Result<mailer_smtp::config::SmtpServerConfig, String> {
let mut config = mailer_smtp::config::SmtpServerConfig::default();
if let Some(hostname) = params.get("hostname").and_then(|v| v.as_str()) {
config.hostname = hostname.to_string();
}
if let Some(ports) = params.get("ports").and_then(|v| v.as_array()) {
config.ports = ports
.iter()
.filter_map(|v| v.as_u64().map(|p| p as u16))
.collect();
}
if let Some(secure_port) = params.get("securePort").and_then(|v| v.as_u64()) {
config.secure_port = Some(secure_port as u16);
}
if let Some(cert) = params.get("tlsCertPem").and_then(|v| v.as_str()) {
config.tls_cert_pem = Some(cert.to_string());
}
if let Some(key) = params.get("tlsKeyPem").and_then(|v| v.as_str()) {
config.tls_key_pem = Some(key.to_string());
}
if let Some(size) = params.get("maxMessageSize").and_then(|v| v.as_u64()) {
config.max_message_size = size;
}
if let Some(conns) = params.get("maxConnections").and_then(|v| v.as_u64()) {
config.max_connections = conns as u32;
}
if let Some(rcpts) = params.get("maxRecipients").and_then(|v| v.as_u64()) {
config.max_recipients = rcpts as u32;
}
if let Some(timeout) = params.get("connectionTimeoutSecs").and_then(|v| v.as_u64()) {
config.connection_timeout_secs = timeout;
}
if let Some(timeout) = params.get("dataTimeoutSecs").and_then(|v| v.as_u64()) {
config.data_timeout_secs = timeout;
}
if let Some(auth) = params.get("authEnabled").and_then(|v| v.as_bool()) {
config.auth_enabled = auth;
}
if let Some(failures) = params.get("maxAuthFailures").and_then(|v| v.as_u64()) {
config.max_auth_failures = failures as u32;
}
if let Some(timeout) = params.get("socketTimeoutSecs").and_then(|v| v.as_u64()) {
config.socket_timeout_secs = timeout;
}
if let Some(timeout) = params.get("processingTimeoutSecs").and_then(|v| v.as_u64()) {
config.processing_timeout_secs = timeout;
}
Ok(config)
}

4
rust/crates/mailer-security/src/content_scanner.rs
View File

@@ -5,14 +5,14 @@
//! script injection, and sensitive data patterns.
use regex::Regex;
use serde::Serialize;
use serde::{Deserialize, Serialize};
use std::sync::LazyLock;
// ---------------------------------------------------------------------------
// Result types
// ---------------------------------------------------------------------------
#[derive(Debug, Clone, Serialize)]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct ContentScanResult {
pub threat_score: u32,

9
rust/crates/mailer-smtp/Cargo.toml
View File

@@ -6,6 +6,7 @@ license.workspace = true
[dependencies]
mailer-core = { path = "../mailer-core" }
mailer-security = { path = "../mailer-security" }
tokio.workspace = true
tokio-rustls.workspace = true
hickory-resolver.workspace = true
@@ -14,3 +15,11 @@ thiserror.workspace = true
tracing.workspace = true
bytes.workspace = true
serde.workspace = true
serde_json = "1"
regex = "1"
uuid = { version = "1", features = ["v4"] }
base64.workspace = true
rustls-pki-types.workspace = true
rustls = { version = "0.23", default-features = false, features = ["ring", "logging", "std", "tls12"] }
rustls-pemfile = "2"
mailparse.workspace = true

421
rust/crates/mailer-smtp/src/command.rs Normal file
View File

@@ -0,0 +1,421 @@
//! SMTP command parser.
//!
//! Parses raw SMTP command lines into structured `SmtpCommand` variants.
use serde::{Deserialize, Serialize};
use std::collections::HashMap;
/// A parsed SMTP command.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub enum SmtpCommand {
/// EHLO with client hostname/IP
Ehlo(String),
/// HELO with client hostname/IP
Helo(String),
/// MAIL FROM with sender address and optional parameters (e.g. SIZE=12345)
MailFrom {
address: String,
params: HashMap<String, Option<String>>,
},
/// RCPT TO with recipient address and optional parameters
RcptTo {
address: String,
params: HashMap<String, Option<String>>,
},
/// DATA command — begin message body
Data,
/// RSET — reset current transaction
Rset,
/// NOOP — no operation
Noop,
/// QUIT — close connection
Quit,
/// STARTTLS — upgrade to TLS
StartTls,
/// AUTH with mechanism and optional initial response
Auth {
mechanism: AuthMechanism,
initial_response: Option<String>,
},
/// HELP with optional topic
Help(Option<String>),
/// VRFY with address or username
Vrfy(String),
/// EXPN with mailing list name
Expn(String),
}
/// Supported AUTH mechanisms.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub enum AuthMechanism {
Plain,
Login,
}
/// Errors that can occur during command parsing.
#[derive(Debug, Clone, PartialEq, thiserror::Error)]
pub enum ParseError {
#[error("empty command line")]
Empty,
#[error("unrecognized command: {0}")]
UnrecognizedCommand(String),
#[error("syntax error in parameters: {0}")]
SyntaxError(String),
#[error("missing required argument for {0}")]
MissingArgument(String),
}
/// Parse a raw SMTP command line (without trailing CRLF) into a `SmtpCommand`.
pub fn parse_command(line: &str) -> Result<SmtpCommand, ParseError> {
let line = line.trim_end_matches('\r').trim_end_matches('\n');
if line.is_empty() {
return Err(ParseError::Empty);
}
// Split into verb and the rest
let (verb, rest) = split_first_word(line);
let verb_upper = verb.to_ascii_uppercase();
match verb_upper.as_str() {
"EHLO" => {
let hostname = rest.trim();
if hostname.is_empty() {
return Err(ParseError::MissingArgument("EHLO".into()));
}
Ok(SmtpCommand::Ehlo(hostname.to_string()))
}
"HELO" => {
let hostname = rest.trim();
if hostname.is_empty() {
return Err(ParseError::MissingArgument("HELO".into()));
}
Ok(SmtpCommand::Helo(hostname.to_string()))
}
"MAIL" => parse_mail_from(rest),
"RCPT" => parse_rcpt_to(rest),
"DATA" => Ok(SmtpCommand::Data),
"RSET" => Ok(SmtpCommand::Rset),
"NOOP" => Ok(SmtpCommand::Noop),
"QUIT" => Ok(SmtpCommand::Quit),
"STARTTLS" => Ok(SmtpCommand::StartTls),
"AUTH" => parse_auth(rest),
"HELP" => {
let topic = rest.trim();
if topic.is_empty() {
Ok(SmtpCommand::Help(None))
} else {
Ok(SmtpCommand::Help(Some(topic.to_string())))
}
}
"VRFY" => {
let arg = rest.trim();
if arg.is_empty() {
return Err(ParseError::MissingArgument("VRFY".into()));
}
Ok(SmtpCommand::Vrfy(arg.to_string()))
}
"EXPN" => {
let arg = rest.trim();
if arg.is_empty() {
return Err(ParseError::MissingArgument("EXPN".into()));
}
Ok(SmtpCommand::Expn(arg.to_string()))
}
_ => Err(ParseError::UnrecognizedCommand(verb_upper)),
}
}
/// Parse `FROM:<addr> [PARAM=VALUE ...]` after "MAIL".
fn parse_mail_from(rest: &str) -> Result<SmtpCommand, ParseError> {
// Expect "FROM:" prefix (case-insensitive, whitespace-flexible)
let rest = rest.trim_start();
let rest_upper = rest.to_ascii_uppercase();
if !rest_upper.starts_with("FROM") {
return Err(ParseError::SyntaxError(
"expected FROM after MAIL".into(),
));
}
let rest = &rest[4..]; // skip "FROM"
let rest = rest.trim_start();
if !rest.starts_with(':') {
return Err(ParseError::SyntaxError(
"expected colon after MAIL FROM".into(),
));
}
let rest = &rest[1..]; // skip ':'
let rest = rest.trim_start();
parse_address_and_params(rest, "MAIL FROM").map(|(address, params)| SmtpCommand::MailFrom {
address,
params,
})
}
/// Parse `TO:<addr> [PARAM=VALUE ...]` after "RCPT".
fn parse_rcpt_to(rest: &str) -> Result<SmtpCommand, ParseError> {
let rest = rest.trim_start();
let rest_upper = rest.to_ascii_uppercase();
if !rest_upper.starts_with("TO") {
return Err(ParseError::SyntaxError("expected TO after RCPT".into()));
}
let rest = &rest[2..]; // skip "TO"
let rest = rest.trim_start();
if !rest.starts_with(':') {
return Err(ParseError::SyntaxError(
"expected colon after RCPT TO".into(),
));
}
let rest = &rest[1..]; // skip ':'
let rest = rest.trim_start();
parse_address_and_params(rest, "RCPT TO").map(|(address, params)| SmtpCommand::RcptTo {
address,
params,
})
}
/// Parse `<address> [PARAM=VALUE ...]` from the rest of a MAIL FROM or RCPT TO line.
fn parse_address_and_params(
input: &str,
context: &str,
) -> Result<(String, HashMap<String, Option<String>>), ParseError> {
if !input.starts_with('<') {
return Err(ParseError::SyntaxError(format!(
"expected '<' in {context}"
)));
}
let close_bracket = input.find('>').ok_or_else(|| {
ParseError::SyntaxError(format!("missing '>' in {context}"))
})?;
let address = input[1..close_bracket].to_string();
let remainder = &input[close_bracket + 1..];
let params = parse_params(remainder)?;
Ok((address, params))
}
/// Parse SMTP extension parameters like `SIZE=12345 BODY=8BITMIME`.
fn parse_params(input: &str) -> Result<HashMap<String, Option<String>>, ParseError> {
let mut params = HashMap::new();
for token in input.split_whitespace() {
if let Some(eq_pos) = token.find('=') {
let key = token[..eq_pos].to_ascii_uppercase();
let value = token[eq_pos + 1..].to_string();
params.insert(key, Some(value));
} else {
params.insert(token.to_ascii_uppercase(), None);
}
}
Ok(params)
}
/// Parse AUTH command: `AUTH <mechanism> [initial-response]`.
fn parse_auth(rest: &str) -> Result<SmtpCommand, ParseError> {
let rest = rest.trim();
if rest.is_empty() {
return Err(ParseError::MissingArgument("AUTH".into()));
}
let (mech_str, initial) = split_first_word(rest);
let mechanism = match mech_str.to_ascii_uppercase().as_str() {
"PLAIN" => AuthMechanism::Plain,
"LOGIN" => AuthMechanism::Login,
other => {
return Err(ParseError::SyntaxError(format!(
"unsupported AUTH mechanism: {other}"
)));
}
};
let initial_response = {
let s = initial.trim();
if s.is_empty() { None } else { Some(s.to_string()) }
};
Ok(SmtpCommand::Auth {
mechanism,
initial_response,
})
}
/// Split a string into the first whitespace-delimited word and the remainder.
fn split_first_word(s: &str) -> (&str, &str) {
match s.find(char::is_whitespace) {
Some(pos) => (&s[..pos], &s[pos + 1..]),
None => (s, ""),
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_ehlo() {
let cmd = parse_command("EHLO mail.example.com").unwrap();
assert_eq!(cmd, SmtpCommand::Ehlo("mail.example.com".into()));
}
#[test]
fn test_ehlo_case_insensitive() {
let cmd = parse_command("ehlo MAIL.EXAMPLE.COM").unwrap();
assert_eq!(cmd, SmtpCommand::Ehlo("MAIL.EXAMPLE.COM".into()));
}
#[test]
fn test_helo() {
let cmd = parse_command("HELO example.com").unwrap();
assert_eq!(cmd, SmtpCommand::Helo("example.com".into()));
}
#[test]
fn test_ehlo_missing_arg() {
let err = parse_command("EHLO").unwrap_err();
assert!(matches!(err, ParseError::MissingArgument(_)));
}
#[test]
fn test_mail_from() {
let cmd = parse_command("MAIL FROM:<sender@example.com>").unwrap();
assert_eq!(
cmd,
SmtpCommand::MailFrom {
address: "sender@example.com".into(),
params: HashMap::new(),
}
);
}
#[test]
fn test_mail_from_with_params() {
let cmd = parse_command("MAIL FROM:<sender@example.com> SIZE=12345 BODY=8BITMIME").unwrap();
if let SmtpCommand::MailFrom { address, params } = cmd {
assert_eq!(address, "sender@example.com");
assert_eq!(params.get("SIZE"), Some(&Some("12345".into())));
assert_eq!(params.get("BODY"), Some(&Some("8BITMIME".into())));
} else {
panic!("expected MailFrom");
}
}
#[test]
fn test_mail_from_empty_address() {
let cmd = parse_command("MAIL FROM:<>").unwrap();
assert_eq!(
cmd,
SmtpCommand::MailFrom {
address: "".into(),
params: HashMap::new(),
}
);
}
#[test]
fn test_mail_from_flexible_spacing() {
let cmd = parse_command("MAIL FROM: <user@example.com>").unwrap();
if let SmtpCommand::MailFrom { address, .. } = cmd {
assert_eq!(address, "user@example.com");
} else {
panic!("expected MailFrom");
}
}
#[test]
fn test_rcpt_to() {
let cmd = parse_command("RCPT TO:<recipient@example.com>").unwrap();
assert_eq!(
cmd,
SmtpCommand::RcptTo {
address: "recipient@example.com".into(),
params: HashMap::new(),
}
);
}
#[test]
fn test_data() {
assert_eq!(parse_command("DATA").unwrap(), SmtpCommand::Data);
}
#[test]
fn test_rset() {
assert_eq!(parse_command("RSET").unwrap(), SmtpCommand::Rset);
}
#[test]
fn test_noop() {
assert_eq!(parse_command("NOOP").unwrap(), SmtpCommand::Noop);
}
#[test]
fn test_quit() {
assert_eq!(parse_command("QUIT").unwrap(), SmtpCommand::Quit);
}
#[test]
fn test_starttls() {
assert_eq!(parse_command("STARTTLS").unwrap(), SmtpCommand::StartTls);
}
#[test]
fn test_auth_plain() {
let cmd = parse_command("AUTH PLAIN dGVzdAB0ZXN0AHBhc3N3b3Jk").unwrap();
assert_eq!(
cmd,
SmtpCommand::Auth {
mechanism: AuthMechanism::Plain,
initial_response: Some("dGVzdAB0ZXN0AHBhc3N3b3Jk".into()),
}
);
}
#[test]
fn test_auth_login_no_initial() {
let cmd = parse_command("AUTH LOGIN").unwrap();
assert_eq!(
cmd,
SmtpCommand::Auth {
mechanism: AuthMechanism::Login,
initial_response: None,
}
);
}
#[test]
fn test_help() {
assert_eq!(parse_command("HELP").unwrap(), SmtpCommand::Help(None));
assert_eq!(
parse_command("HELP MAIL").unwrap(),
SmtpCommand::Help(Some("MAIL".into()))
);
}
#[test]
fn test_vrfy() {
assert_eq!(
parse_command("VRFY user@example.com").unwrap(),
SmtpCommand::Vrfy("user@example.com".into())
);
}
#[test]
fn test_expn() {
assert_eq!(
parse_command("EXPN staff").unwrap(),
SmtpCommand::Expn("staff".into())
);
}
#[test]
fn test_empty() {
assert!(matches!(parse_command(""), Err(ParseError::Empty)));
}
#[test]
fn test_unrecognized() {
let err = parse_command("FOOBAR test").unwrap_err();
assert!(matches!(err, ParseError::UnrecognizedCommand(_)));
}
#[test]
fn test_crlf_stripped() {
let cmd = parse_command("QUIT\r\n").unwrap();
assert_eq!(cmd, SmtpCommand::Quit);
}
}

86
rust/crates/mailer-smtp/src/config.rs Normal file
View File

@@ -0,0 +1,86 @@
//! SMTP server configuration.
use serde::{Deserialize, Serialize};
/// Configuration for an SMTP server instance.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SmtpServerConfig {
/// Server hostname for greeting and EHLO responses.
pub hostname: String,
/// Ports to listen on (e.g. [25, 587]).
pub ports: Vec<u16>,
/// Port for implicit TLS (e.g. 465). None = no implicit TLS port.
pub secure_port: Option<u16>,
/// TLS certificate chain in PEM format.
pub tls_cert_pem: Option<String>,
/// TLS private key in PEM format.
pub tls_key_pem: Option<String>,
/// Maximum message size in bytes.
pub max_message_size: u64,
/// Maximum number of concurrent connections.
pub max_connections: u32,
/// Maximum recipients per message.
pub max_recipients: u32,
/// Connection timeout in seconds.
pub connection_timeout_secs: u64,
/// Data phase timeout in seconds.
pub data_timeout_secs: u64,
/// Whether authentication is available.
pub auth_enabled: bool,
/// Maximum authentication failures before disconnect.
pub max_auth_failures: u32,
/// Socket timeout in seconds (idle timeout for the entire connection).
pub socket_timeout_secs: u64,
/// Timeout in seconds waiting for TS to respond to email processing.
pub processing_timeout_secs: u64,
}
impl Default for SmtpServerConfig {
fn default() -> Self {
Self {
hostname: "mail.example.com".to_string(),
ports: vec![25],
secure_port: None,
tls_cert_pem: None,
tls_key_pem: None,
max_message_size: 10 * 1024 * 1024, // 10 MB
max_connections: 100,
max_recipients: 100,
connection_timeout_secs: 30,
data_timeout_secs: 60,
auth_enabled: false,
max_auth_failures: 3,
socket_timeout_secs: 300,
processing_timeout_secs: 30,
}
}
}
impl SmtpServerConfig {
/// Check if TLS is configured.
pub fn has_tls(&self) -> bool {
self.tls_cert_pem.is_some() && self.tls_key_pem.is_some()
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_defaults() {
let cfg = SmtpServerConfig::default();
assert_eq!(cfg.max_message_size, 10 * 1024 * 1024);
assert_eq!(cfg.max_connections, 100);
assert!(!cfg.has_tls());
}
#[test]
fn test_has_tls() {
let mut cfg = SmtpServerConfig::default();
cfg.tls_cert_pem = Some("cert".into());
assert!(!cfg.has_tls()); // need both
cfg.tls_key_pem = Some("key".into());
assert!(cfg.has_tls());
}
}

1308
rust/crates/mailer-smtp/src/connection.rs Normal file
View File

File diff suppressed because it is too large Load Diff

289
rust/crates/mailer-smtp/src/data.rs Normal file
View File

@@ -0,0 +1,289 @@
//! Email DATA phase processor.
//!
//! Handles dot-unstuffing, end-of-data detection, size enforcement,
//! and streaming accumulation of email data.
/// Result of processing a chunk of DATA input.
#[derive(Debug, Clone, PartialEq)]
pub enum DataAction {
/// More data needed — continue accumulating.
Continue,
/// End-of-data detected. The complete message body is ready.
Complete,
/// Message size limit exceeded.
SizeExceeded,
}
/// Streaming email data accumulator.
///
/// Processes incoming bytes from the DATA phase, handling:
/// - CRLF line ending normalization
/// - Dot-unstuffing (RFC 5321 §4.5.2)
/// - End-of-data marker detection (`<CRLF>.<CRLF>`)
/// - Size enforcement
pub struct DataAccumulator {
/// Accumulated message bytes.
buffer: Vec<u8>,
/// Maximum allowed size in bytes. 0 = unlimited.
max_size: u64,
/// Whether we've detected end-of-data.
complete: bool,
/// Whether the current position is at the start of a line.
at_line_start: bool,
/// Partial state for cross-chunk boundary handling.
partial: PartialState,
}
/// Tracks partial sequences that span chunk boundaries.
#[derive(Debug, Clone, Copy, PartialEq)]
enum PartialState {
/// No partial sequence.
None,
/// Saw `\r`, waiting for `\n`.
Cr,
/// At line start, saw `.`, waiting to determine dot-stuffing vs end-of-data.
Dot,
/// At line start, saw `.\r`, waiting for `\n` (end-of-data) or other.
DotCr,
}
impl DataAccumulator {
/// Create a new accumulator with the given size limit.
pub fn new(max_size: u64) -> Self {
Self {
buffer: Vec::with_capacity(8192),
max_size,
complete: false,
at_line_start: true, // First byte is at start of first line
partial: PartialState::None,
}
}
/// Process a chunk of incoming data.
///
/// Returns the action to take: continue, complete, or size exceeded.
pub fn process_chunk(&mut self, chunk: &[u8]) -> DataAction {
if self.complete {
return DataAction::Complete;
}
for &byte in chunk {
match self.partial {
PartialState::None => {
if self.at_line_start && byte == b'.' {
self.partial = PartialState::Dot;
} else if byte == b'\r' {
self.partial = PartialState::Cr;
} else {
self.buffer.push(byte);
self.at_line_start = false;
}
}
PartialState::Cr => {
if byte == b'\n' {
self.buffer.extend_from_slice(b"\r\n");
self.at_line_start = true;
self.partial = PartialState::None;
} else {
// Bare CR — emit it and process current byte
self.buffer.push(b'\r');
self.at_line_start = false;
self.partial = PartialState::None;
// Re-process current byte
if byte == b'\r' {
self.partial = PartialState::Cr;
} else {
self.buffer.push(byte);
}
}
}
PartialState::Dot => {
if byte == b'\r' {
self.partial = PartialState::DotCr;
} else if byte == b'.' {
// Dot-unstuffing: \r\n.. → \r\n.
// Emit one dot, consume the other
self.buffer.push(b'.');
self.at_line_start = false;
self.partial = PartialState::None;
} else {
// Dot at line start but not stuffing or end-of-data
self.buffer.push(b'.');
self.buffer.push(byte);
self.at_line_start = false;
self.partial = PartialState::None;
}
}
PartialState::DotCr => {
if byte == b'\n' {
// End-of-data: <CRLF>.<CRLF>
// Remove the trailing \r\n from the buffer
// (it was part of the terminator, not the message)
if self.buffer.ends_with(b"\r\n") {
let new_len = self.buffer.len() - 2;
self.buffer.truncate(new_len);
}
self.complete = true;
return DataAction::Complete;
} else {
// Not end-of-data — emit .\r and process current byte
self.buffer.push(b'.');
self.buffer.push(b'\r');
self.at_line_start = false;
self.partial = PartialState::None;
// Re-process current byte
if byte == b'\r' {
self.partial = PartialState::Cr;
} else {
self.buffer.push(byte);
}
}
}
}
// Check size limit
if self.max_size > 0 && self.buffer.len() as u64 > self.max_size {
return DataAction::SizeExceeded;
}
}
DataAction::Continue
}
/// Consume the accumulator and return the complete message data.
///
/// Returns `None` if end-of-data has not been detected.
pub fn into_message(self) -> Option<Vec<u8>> {
if !self.complete {
return None;
}
Some(self.buffer)
}
/// Get a reference to the accumulated data so far.
pub fn data(&self) -> &[u8] {
&self.buffer
}
/// Get the current accumulated size.
pub fn size(&self) -> usize {
self.buffer.len()
}
/// Whether end-of-data has been detected.
pub fn is_complete(&self) -> bool {
self.complete
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_simple_message() {
let mut acc = DataAccumulator::new(0);
let data = b"Subject: Test\r\n\r\nHello world\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Subject: Test\r\n\r\nHello world");
}
#[test]
fn test_dot_unstuffing() {
let mut acc = DataAccumulator::new(0);
// A line starting with ".." should become "."
let data = b"Line 1\r\n..dot-stuffed\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Line 1\r\n.dot-stuffed");
}
#[test]
fn test_multiple_chunks() {
let mut acc = DataAccumulator::new(0);
assert_eq!(acc.process_chunk(b"Subject: Test\r\n"), DataAction::Continue);
assert_eq!(acc.process_chunk(b"\r\nBody line 1\r\n"), DataAction::Continue);
assert_eq!(acc.process_chunk(b"Body line 2\r\n.\r\n"), DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Subject: Test\r\n\r\nBody line 1\r\nBody line 2");
}
#[test]
fn test_end_of_data_spanning_chunks() {
let mut acc = DataAccumulator::new(0);
assert_eq!(acc.process_chunk(b"Body\r\n"), DataAction::Continue);
assert_eq!(acc.process_chunk(b".\r"), DataAction::Continue);
assert_eq!(acc.process_chunk(b"\n"), DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Body");
}
#[test]
fn test_size_limit() {
let mut acc = DataAccumulator::new(10);
let data = b"This is definitely more than 10 bytes\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::SizeExceeded);
}
#[test]
fn test_not_complete() {
let mut acc = DataAccumulator::new(0);
acc.process_chunk(b"partial data");
assert!(!acc.is_complete());
assert!(acc.into_message().is_none());
}
#[test]
fn test_empty_message() {
let mut acc = DataAccumulator::new(0);
let action = acc.process_chunk(b".\r\n");
assert_eq!(action, DataAction::Complete);
let msg = acc.into_message().unwrap();
assert!(msg.is_empty());
}
#[test]
fn test_dot_not_at_line_start() {
let mut acc = DataAccumulator::new(0);
let data = b"Hello.World\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Hello.World");
}
#[test]
fn test_multiple_dots_in_line() {
let mut acc = DataAccumulator::new(0);
let data = b"...\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::Complete);
// First dot at line start is dot-unstuffed, leaving ".."
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"..");
}
#[test]
fn test_crlf_dot_spanning_three_chunks() {
let mut acc = DataAccumulator::new(0);
assert_eq!(acc.process_chunk(b"Body\r"), DataAction::Continue);
assert_eq!(acc.process_chunk(b"\n."), DataAction::Continue);
assert_eq!(acc.process_chunk(b"\r\n"), DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Body");
}
#[test]
fn test_bare_cr() {
let mut acc = DataAccumulator::new(0);
let data = b"Hello\rWorld\r\n.\r\n";
let action = acc.process_chunk(data);
assert_eq!(action, DataAction::Complete);
let msg = acc.into_message().unwrap();
assert_eq!(msg, b"Hello\rWorld");
}
}

43
rust/crates/mailer-smtp/src/lib.rs
View File

@@ -1,18 +1,39 @@
//! mailer-smtp: SMTP protocol engine (server + client).
//!
//! This crate provides the SMTP protocol implementation including:
//! - Command parsing (`command`)
//! - State machine (`state`)
//! - Response building (`response`)
//! - Email data accumulation (`data`)
//! - Per-connection session state (`session`)
//! - Address/input validation (`validation`)
//! - Server configuration (`config`)
//! - Rate limiting (`rate_limiter`)
//! - TCP/TLS server (`server`)
//! - Connection handling (`connection`)
pub mod command;
pub mod config;
pub mod connection;
pub mod data;
pub mod rate_limiter;
pub mod response;
pub mod server;
pub mod session;
pub mod state;
pub mod validation;
pub use mailer_core;
/// Placeholder for the SMTP server and client implementation.
// Re-export key types for convenience.
pub use command::{AuthMechanism, SmtpCommand};
pub use config::SmtpServerConfig;
pub use data::{DataAccumulator, DataAction};
pub use response::SmtpResponse;
pub use session::SmtpSession;
pub use state::SmtpState;
/// Crate version.
pub fn version() -> &'static str {
env!("CARGO_PKG_VERSION")
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_version() {
assert!(!version().is_empty());
}
}

198
rust/crates/mailer-smtp/src/rate_limiter.rs Normal file
View File

@@ -0,0 +1,198 @@
//! In-process SMTP rate limiter.
//!
//! Uses DashMap for lock-free concurrent access to rate counters.
//! Tracks connections per IP, messages per sender, and auth failures.
use dashmap::DashMap;
use serde::{Deserialize, Serialize};
use std::time::{Duration, Instant};
/// Rate limiter configuration.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct RateLimitConfig {
/// Maximum connections per IP per window.
pub max_connections_per_ip: u32,
/// Maximum messages per sender per window.
pub max_messages_per_sender: u32,
/// Maximum auth failures per IP per window.
pub max_auth_failures_per_ip: u32,
/// Window duration in seconds.
pub window_secs: u64,
}
impl Default for RateLimitConfig {
fn default() -> Self {
Self {
max_connections_per_ip: 50,
max_messages_per_sender: 100,
max_auth_failures_per_ip: 5,
window_secs: 60,
}
}
}
/// A timestamped counter entry.
struct CounterEntry {
count: u32,
window_start: Instant,
}
/// In-process rate limiter using DashMap.
pub struct RateLimiter {
config: RateLimitConfig,
window: Duration,
connections: DashMap<String, CounterEntry>,
messages: DashMap<String, CounterEntry>,
auth_failures: DashMap<String, CounterEntry>,
}
impl RateLimiter {
/// Create a new rate limiter with the given configuration.
pub fn new(config: RateLimitConfig) -> Self {
let window = Duration::from_secs(config.window_secs);
Self {
config,
window,
connections: DashMap::new(),
messages: DashMap::new(),
auth_failures: DashMap::new(),
}
}
/// Update the configuration at runtime.
pub fn update_config(&mut self, config: RateLimitConfig) {
self.window = Duration::from_secs(config.window_secs);
self.config = config;
}
/// Check and record a new connection from an IP.
/// Returns `true` if the connection should be allowed.
pub fn check_connection(&self, ip: &str) -> bool {
self.increment_and_check(
&self.connections,
ip,
self.config.max_connections_per_ip,
)
}
/// Check and record a message from a sender.
/// Returns `true` if the message should be allowed.
pub fn check_message(&self, sender: &str) -> bool {
self.increment_and_check(
&self.messages,
sender,
self.config.max_messages_per_sender,
)
}
/// Check and record an auth failure from an IP.
/// Returns `true` if more attempts should be allowed.
pub fn check_auth_failure(&self, ip: &str) -> bool {
self.increment_and_check(
&self.auth_failures,
ip,
self.config.max_auth_failures_per_ip,
)
}
/// Increment a counter and check against the limit.
/// Returns `true` if within limits.
fn increment_and_check(
&self,
map: &DashMap<String, CounterEntry>,
key: &str,
limit: u32,
) -> bool {
let now = Instant::now();
let mut entry = map
.entry(key.to_string())
.or_insert_with(|| CounterEntry {
count: 0,
window_start: now,
});
// Reset window if expired
if now.duration_since(entry.window_start) > self.window {
entry.count = 0;
entry.window_start = now;
}
entry.count += 1;
entry.count <= limit
}
/// Clean up expired entries. Call periodically.
pub fn cleanup(&self) {
let now = Instant::now();
let window = self.window;
self.connections
.retain(|_, v| now.duration_since(v.window_start) <= window);
self.messages
.retain(|_, v| now.duration_since(v.window_start) <= window);
self.auth_failures
.retain(|_, v| now.duration_since(v.window_start) <= window);
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_connection_limit() {
let limiter = RateLimiter::new(RateLimitConfig {
max_connections_per_ip: 3,
window_secs: 60,
..Default::default()
});
assert!(limiter.check_connection("1.2.3.4"));
assert!(limiter.check_connection("1.2.3.4"));
assert!(limiter.check_connection("1.2.3.4"));
assert!(!limiter.check_connection("1.2.3.4")); // 4th = over limit
// Different IP is independent
assert!(limiter.check_connection("5.6.7.8"));
}
#[test]
fn test_message_limit() {
let limiter = RateLimiter::new(RateLimitConfig {
max_messages_per_sender: 2,
window_secs: 60,
..Default::default()
});
assert!(limiter.check_message("sender@example.com"));
assert!(limiter.check_message("sender@example.com"));
assert!(!limiter.check_message("sender@example.com"));
}
#[test]
fn test_auth_failure_limit() {
let limiter = RateLimiter::new(RateLimitConfig {
max_auth_failures_per_ip: 2,
window_secs: 60,
..Default::default()
});
assert!(limiter.check_auth_failure("1.2.3.4"));
assert!(limiter.check_auth_failure("1.2.3.4"));
assert!(!limiter.check_auth_failure("1.2.3.4"));
}
#[test]
fn test_cleanup() {
let limiter = RateLimiter::new(RateLimitConfig {
max_connections_per_ip: 1,
window_secs: 60,
..Default::default()
});
limiter.check_connection("1.2.3.4");
assert_eq!(limiter.connections.len(), 1);
limiter.cleanup(); // entries not expired
assert_eq!(limiter.connections.len(), 1);
}
}

284
rust/crates/mailer-smtp/src/response.rs Normal file
View File

@@ -0,0 +1,284 @@
//! SMTP response builder.
//!
//! Constructs properly formatted SMTP response lines with status codes,
//! multiline support, and EHLO capability advertisement.
use serde::{Deserialize, Serialize};
/// An SMTP response to send to the client.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct SmtpResponse {
/// 3-digit SMTP status code.
pub code: u16,
/// Response lines (without the status code prefix).
pub lines: Vec<String>,
}
impl SmtpResponse {
/// Create a single-line response.
pub fn new(code: u16, message: impl Into<String>) -> Self {
Self {
code,
lines: vec![message.into()],
}
}
/// Create a multiline response.
pub fn multiline(code: u16, lines: Vec<String>) -> Self {
Self { code, lines }
}
/// Format the response as bytes ready to write to the socket.
///
/// Multiline responses use `code-text` for intermediate lines
/// and `code text` for the final line (RFC 5321 §4.2).
pub fn to_bytes(&self) -> Vec<u8> {
let mut buf = Vec::new();
if self.lines.is_empty() {
buf.extend_from_slice(format!("{} \r\n", self.code).as_bytes());
} else if self.lines.len() == 1 {
buf.extend_from_slice(
format!("{} {}\r\n", self.code, self.lines[0]).as_bytes(),
);
} else {
for (i, line) in self.lines.iter().enumerate() {
if i < self.lines.len() - 1 {
buf.extend_from_slice(
format!("{}-{}\r\n", self.code, line).as_bytes(),
);
} else {
buf.extend_from_slice(
format!("{} {}\r\n", self.code, line).as_bytes(),
);
}
}
}
buf
}
// --- Common response constructors ---
/// 220 Service ready greeting.
pub fn greeting(hostname: &str) -> Self {
Self::new(220, format!("{hostname} ESMTP Service Ready"))
}
/// 221 Service closing.
pub fn closing(hostname: &str) -> Self {
Self::new(221, format!("{hostname} Service closing transmission channel"))
}
/// 250 OK.
pub fn ok(message: impl Into<String>) -> Self {
Self::new(250, message)
}
/// EHLO response with capabilities.
pub fn ehlo_response(hostname: &str, capabilities: &[String]) -> Self {
let mut lines = Vec::with_capacity(capabilities.len() + 1);
lines.push(format!("{hostname} greets you"));
for cap in capabilities {
lines.push(cap.clone());
}
Self::multiline(250, lines)
}
/// 235 Authentication successful.
pub fn auth_success() -> Self {
Self::new(235, "2.7.0 Authentication successful")
}
/// 334 Auth challenge (base64-encoded prompt).
pub fn auth_challenge(prompt: &str) -> Self {
Self::new(334, prompt)
}
/// 354 Start mail input.
pub fn start_data() -> Self {
Self::new(354, "Start mail input; end with <CRLF>.<CRLF>")
}
/// 421 Service not available.
pub fn service_unavailable(hostname: &str, reason: &str) -> Self {
Self::new(421, format!("{hostname} {reason}"))
}
/// 450 Temporary failure.
pub fn temp_failure(message: impl Into<String>) -> Self {
Self::new(450, message)
}
/// 451 Local error.
pub fn local_error(message: impl Into<String>) -> Self {
Self::new(451, message)
}
/// 500 Syntax error.
pub fn syntax_error() -> Self {
Self::new(500, "Syntax error, command unrecognized")
}
/// 501 Syntax error in parameters.
pub fn param_error(message: impl Into<String>) -> Self {
Self::new(501, message)
}
/// 502 Command not implemented.
pub fn not_implemented() -> Self {
Self::new(502, "Command not implemented")
}
/// 503 Bad sequence.
pub fn bad_sequence(message: impl Into<String>) -> Self {
Self::new(503, message)
}
/// 530 Authentication required.
pub fn auth_required() -> Self {
Self::new(530, "5.7.0 Authentication required")
}
/// 535 Authentication failed.
pub fn auth_failed() -> Self {
Self::new(535, "5.7.8 Authentication credentials invalid")
}
/// 550 Mailbox unavailable.
pub fn mailbox_unavailable(message: impl Into<String>) -> Self {
Self::new(550, message)
}
/// 552 Message size exceeded.
pub fn size_exceeded(max_size: u64) -> Self {
Self::new(
552,
format!("5.3.4 Message size exceeds maximum of {max_size} bytes"),
)
}
/// 554 Transaction failed.
pub fn transaction_failed(message: impl Into<String>) -> Self {
Self::new(554, message)
}
/// Check if this is a success response (2xx).
pub fn is_success(&self) -> bool {
self.code >= 200 && self.code < 300
}
/// Check if this is a temporary error (4xx).
pub fn is_temp_error(&self) -> bool {
self.code >= 400 && self.code < 500
}
/// Check if this is a permanent error (5xx).
pub fn is_perm_error(&self) -> bool {
self.code >= 500 && self.code < 600
}
}
/// Build the list of EHLO capabilities for the server.
pub fn build_capabilities(
max_size: u64,
tls_available: bool,
already_secure: bool,
auth_available: bool,
) -> Vec<String> {
let mut caps = vec![
format!("SIZE {max_size}"),
"8BITMIME".to_string(),
"PIPELINING".to_string(),
"ENHANCEDSTATUSCODES".to_string(),
"HELP".to_string(),
];
// Only advertise STARTTLS if TLS is available and not already using TLS
if tls_available && !already_secure {
caps.push("STARTTLS".to_string());
}
if auth_available {
caps.push("AUTH PLAIN LOGIN".to_string());
}
caps
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_single_line() {
let resp = SmtpResponse::new(250, "OK");
assert_eq!(resp.to_bytes(), b"250 OK\r\n");
}
#[test]
fn test_multiline() {
let resp = SmtpResponse::multiline(
250,
vec![
"mail.example.com greets you".into(),
"SIZE 10485760".into(),
"STARTTLS".into(),
],
);
let expected = b"250-mail.example.com greets you\r\n250-SIZE 10485760\r\n250 STARTTLS\r\n";
assert_eq!(resp.to_bytes(), expected.to_vec());
}
#[test]
fn test_greeting() {
let resp = SmtpResponse::greeting("mail.example.com");
assert_eq!(resp.code, 220);
assert!(resp.lines[0].contains("mail.example.com"));
}
#[test]
fn test_ehlo_response() {
let caps = vec!["SIZE 10485760".into(), "STARTTLS".into()];
let resp = SmtpResponse::ehlo_response("mail.example.com", &caps);
assert_eq!(resp.code, 250);
assert_eq!(resp.lines.len(), 3); // hostname + 2 caps
}
#[test]
fn test_status_checks() {
assert!(SmtpResponse::new(250, "OK").is_success());
assert!(SmtpResponse::new(450, "Try later").is_temp_error());
assert!(SmtpResponse::new(550, "No such user").is_perm_error());
assert!(!SmtpResponse::new(250, "OK").is_temp_error());
}
#[test]
fn test_build_capabilities() {
let caps = build_capabilities(10485760, true, false, true);
assert!(caps.contains(&"SIZE 10485760".to_string()));
assert!(caps.contains(&"STARTTLS".to_string()));
assert!(caps.contains(&"AUTH PLAIN LOGIN".to_string()));
assert!(caps.contains(&"PIPELINING".to_string()));
}
#[test]
fn test_build_capabilities_secure() {
// When already secure, STARTTLS should NOT be advertised
let caps = build_capabilities(10485760, true, true, false);
assert!(!caps.contains(&"STARTTLS".to_string()));
assert!(!caps.contains(&"AUTH PLAIN LOGIN".to_string()));
}
#[test]
fn test_empty_response() {
let resp = SmtpResponse::multiline(250, vec![]);
assert_eq!(resp.to_bytes(), b"250 \r\n");
}
#[test]
fn test_common_responses() {
assert_eq!(SmtpResponse::start_data().code, 354);
assert_eq!(SmtpResponse::syntax_error().code, 500);
assert_eq!(SmtpResponse::not_implemented().code, 502);
assert_eq!(SmtpResponse::bad_sequence("test").code, 503);
assert_eq!(SmtpResponse::auth_required().code, 530);
assert_eq!(SmtpResponse::auth_failed().code, 535);
assert_eq!(SmtpResponse::auth_success().code, 235);
}
}

331
rust/crates/mailer-smtp/src/server.rs Normal file
View File

@@ -0,0 +1,331 @@
//! SMTP TCP/TLS server.
//!
//! Listens on configured ports, accepts connections, and dispatches
//! them to per-connection handlers.
use crate::config::SmtpServerConfig;
use crate::connection::{
self, CallbackRegistry, ConnectionEvent, SmtpStream,
};
use crate::rate_limiter::{RateLimitConfig, RateLimiter};
use hickory_resolver::TokioResolver;
use mailer_security::MessageAuthenticator;
use rustls_pki_types::{CertificateDer, PrivateKeyDer};
use std::io::BufReader;
use std::sync::atomic::{AtomicBool, AtomicU32, Ordering};
use std::sync::Arc;
use tokio::io::BufReader as TokioBufReader;
use tokio::net::TcpListener;
use tokio::sync::mpsc;
use tracing::{error, info, warn};
/// Handle for a running SMTP server.
pub struct SmtpServerHandle {
/// Shutdown signal.
shutdown: Arc<AtomicBool>,
/// Join handles for the listener tasks.
handles: Vec<tokio::task::JoinHandle<()>>,
/// Active connection count.
pub active_connections: Arc<AtomicU32>,
}
impl SmtpServerHandle {
/// Signal shutdown and wait for all listeners to stop.
pub async fn shutdown(self) {
self.shutdown.store(true, Ordering::SeqCst);
for handle in self.handles {
let _ = handle.await;
}
info!("SMTP server shut down");
}
/// Check if the server is running.
pub fn is_running(&self) -> bool {
!self.shutdown.load(Ordering::SeqCst)
}
}
/// Start the SMTP server with the given configuration.
///
/// Returns a handle that can be used to shut down the server,
/// and an event receiver for connection events (emailReceived, authRequest).
pub async fn start_server(
config: SmtpServerConfig,
callback_registry: Arc<dyn CallbackRegistry + Send + Sync>,
rate_limit_config: Option<RateLimitConfig>,
) -> Result<(SmtpServerHandle, mpsc::Receiver<ConnectionEvent>), Box<dyn std::error::Error + Send + Sync>>
{
let config = Arc::new(config);
let shutdown = Arc::new(AtomicBool::new(false));
let active_connections = Arc::new(AtomicU32::new(0));
let rate_limiter = Arc::new(RateLimiter::new(
rate_limit_config.unwrap_or_default(),
));
let (event_tx, event_rx) = mpsc::channel::<ConnectionEvent>(1024);
// Create shared security resources for in-process email verification
let authenticator: Arc<MessageAuthenticator> = Arc::new(
mailer_security::default_authenticator()
.map_err(|e| format!("Failed to create MessageAuthenticator: {e}"))?
);
let resolver: Arc<TokioResolver> = Arc::new(
TokioResolver::builder_tokio()
.map(|b| b.build())
.map_err(|e| format!("Failed to create TokioResolver: {e}"))?
);
// Build TLS acceptor if configured
let tls_acceptor = if config.has_tls() {
Some(Arc::new(build_tls_acceptor(&config)?))
} else {
None
};
let mut handles = Vec::new();
// Start listeners on each port
for &port in &config.ports {
let listener = TcpListener::bind(format!("0.0.0.0:{port}")).await?;
info!(port = port, "SMTP server listening (STARTTLS)");
let handle = tokio::spawn(accept_loop(
listener,
config.clone(),
shutdown.clone(),
active_connections.clone(),
rate_limiter.clone(),
event_tx.clone(),
callback_registry.clone(),
tls_acceptor.clone(),
false, // not implicit TLS
authenticator.clone(),
resolver.clone(),
));
handles.push(handle);
}
// Start implicit TLS listener if configured
if let Some(secure_port) = config.secure_port {
if tls_acceptor.is_some() {
let listener =
TcpListener::bind(format!("0.0.0.0:{secure_port}")).await?;
info!(port = secure_port, "SMTP server listening (implicit TLS)");
let handle = tokio::spawn(accept_loop(
listener,
config.clone(),
shutdown.clone(),
active_connections.clone(),
rate_limiter.clone(),
event_tx.clone(),
callback_registry.clone(),
tls_acceptor.clone(),
true, // implicit TLS
authenticator.clone(),
resolver.clone(),
));
handles.push(handle);
} else {
warn!("Secure port configured but TLS certificates not provided");
}
}
// Spawn periodic rate limiter cleanup
{
let rate_limiter = rate_limiter.clone();
let shutdown = shutdown.clone();
tokio::spawn(async move {
let mut interval =
tokio::time::interval(tokio::time::Duration::from_secs(60));
loop {
interval.tick().await;
if shutdown.load(Ordering::SeqCst) {
break;
}
rate_limiter.cleanup();
}
});
}
Ok((
SmtpServerHandle {
shutdown,
handles,
active_connections,
},
event_rx,
))
}
/// Accept loop for a single listener.
async fn accept_loop(
listener: TcpListener,
config: Arc<SmtpServerConfig>,
shutdown: Arc<AtomicBool>,
active_connections: Arc<AtomicU32>,
rate_limiter: Arc<RateLimiter>,
event_tx: mpsc::Sender<ConnectionEvent>,
callback_registry: Arc<dyn CallbackRegistry + Send + Sync>,
tls_acceptor: Option<Arc<tokio_rustls::TlsAcceptor>>,
implicit_tls: bool,
authenticator: Arc<MessageAuthenticator>,
resolver: Arc<TokioResolver>,
) {
loop {
if shutdown.load(Ordering::SeqCst) {
break;
}
// Use a short timeout to check shutdown periodically
let accept_result = tokio::time::timeout(
tokio::time::Duration::from_secs(1),
listener.accept(),
)
.await;
let (tcp_stream, peer_addr) = match accept_result {
Ok(Ok((stream, addr))) => (stream, addr),
Ok(Err(e)) => {
error!(error = %e, "Accept error");
continue;
}
Err(_) => continue, // timeout, check shutdown
};
// Check max connections
let current = active_connections.load(Ordering::SeqCst);
if current >= config.max_connections {
warn!(
current = current,
max = config.max_connections,
"Max connections reached, rejecting"
);
drop(tcp_stream);
continue;
}
let remote_addr = peer_addr.ip().to_string();
let config = config.clone();
let rate_limiter = rate_limiter.clone();
let event_tx = event_tx.clone();
let callback_registry = callback_registry.clone();
let tls_acceptor = tls_acceptor.clone();
let active_connections = active_connections.clone();
let authenticator = authenticator.clone();
let resolver = resolver.clone();
active_connections.fetch_add(1, Ordering::SeqCst);
tokio::spawn(async move {
let stream = if implicit_tls {
// Implicit TLS: wrap immediately
if let Some(acceptor) = &tls_acceptor {
match acceptor.accept(tcp_stream).await {
Ok(tls_stream) => {
SmtpStream::Tls(TokioBufReader::new(tls_stream))
}
Err(e) => {
warn!(
remote_addr = %remote_addr,
error = %e,
"Implicit TLS handshake failed"
);
active_connections.fetch_sub(1, Ordering::SeqCst);
return;
}
}
} else {
active_connections.fetch_sub(1, Ordering::SeqCst);
return;
}
} else {
SmtpStream::Plain(TokioBufReader::new(tcp_stream))
};
connection::handle_connection(
stream,
config,
rate_limiter,
event_tx,
callback_registry,
tls_acceptor,
remote_addr,
implicit_tls,
authenticator,
resolver,
)
.await;
active_connections.fetch_sub(1, Ordering::SeqCst);
});
}
}
/// Build a TLS acceptor from PEM cert/key strings.
fn build_tls_acceptor(
config: &SmtpServerConfig,
) -> Result<tokio_rustls::TlsAcceptor, Box<dyn std::error::Error + Send + Sync>> {
let cert_pem = config
.tls_cert_pem
.as_ref()
.ok_or("TLS cert not configured")?;
let key_pem = config
.tls_key_pem
.as_ref()
.ok_or("TLS key not configured")?;
// Parse certificates
let certs: Vec<CertificateDer<'static>> = {
let mut reader = BufReader::new(cert_pem.as_bytes());
rustls_pemfile::certs(&mut reader)
.collect::<Result<Vec<_>, _>>()?
};
if certs.is_empty() {
return Err("No certificates found in PEM".into());
}
// Parse private key
let key: PrivateKeyDer<'static> = {
let mut reader = BufReader::new(key_pem.as_bytes());
// Try PKCS8 first, then RSA, then EC
let mut keys = Vec::new();
for item in rustls_pemfile::read_all(&mut reader) {
match item? {
rustls_pemfile::Item::Pkcs8Key(key) => {
keys.push(PrivateKeyDer::Pkcs8(key));
}
rustls_pemfile::Item::Pkcs1Key(key) => {
keys.push(PrivateKeyDer::Pkcs1(key));
}
rustls_pemfile::Item::Sec1Key(key) => {
keys.push(PrivateKeyDer::Sec1(key));
}
_ => {}
}
}
keys.into_iter()
.next()
.ok_or("No private key found in PEM")?
};
let tls_config = rustls::ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(certs, key)?;
Ok(tokio_rustls::TlsAcceptor::from(Arc::new(tls_config)))
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_server_config_defaults() {
let config = SmtpServerConfig::default();
assert!(!config.has_tls());
assert_eq!(config.ports, vec![25]);
}
}

206
rust/crates/mailer-smtp/src/session.rs Normal file
View File

@@ -0,0 +1,206 @@
//! Per-connection SMTP session state.
//!
//! Tracks the envelope, authentication, TLS status, and counters
//! for a single SMTP connection.
use crate::state::SmtpState;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
/// Envelope accumulator for the current mail transaction.
#[derive(Debug, Clone, Default, Serialize, Deserialize)]
pub struct Envelope {
/// Sender address from MAIL FROM.
pub mail_from: String,
/// Recipient addresses from RCPT TO.
pub rcpt_to: Vec<String>,
/// Declared message size from MAIL FROM SIZE= param (if any).
pub declared_size: Option<u64>,
/// BODY parameter (e.g. "8BITMIME").
pub body_type: Option<String>,
}
/// Authentication state for the session.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum AuthState {
/// Not authenticated and not in progress.
None,
/// Waiting for AUTH credentials (LOGIN flow step).
WaitingForUsername,
/// Have username, waiting for password.
WaitingForPassword { username: String },
/// Successfully authenticated.
Authenticated { username: String },
}
impl Default for AuthState {
fn default() -> Self {
AuthState::None
}
}
/// Per-connection session state.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SmtpSession {
/// Unique session identifier.
pub id: String,
/// Current protocol state.
pub state: SmtpState,
/// Client's EHLO/HELO hostname.
pub client_hostname: Option<String>,
/// Whether the client used EHLO (vs HELO).
pub esmtp: bool,
/// Whether the connection is using TLS.
pub secure: bool,
/// Authentication state.
pub auth_state: AuthState,
/// Current transaction envelope.
pub envelope: Envelope,
/// Remote IP address.
pub remote_addr: String,
/// Number of messages sent in this session.
pub message_count: u32,
/// Number of failed auth attempts.
pub auth_failures: u32,
/// Number of invalid commands.
pub invalid_commands: u32,
/// Maximum allowed invalid commands before disconnect.
pub max_invalid_commands: u32,
}
impl SmtpSession {
/// Create a new session for a connection.
pub fn new(remote_addr: String, secure: bool) -> Self {
Self {
id: Uuid::new_v4().to_string(),
state: SmtpState::Connected,
client_hostname: None,
esmtp: false,
secure,
auth_state: AuthState::None,
envelope: Envelope::default(),
remote_addr,
message_count: 0,
auth_failures: 0,
invalid_commands: 0,
max_invalid_commands: 20,
}
}
/// Reset the current transaction (RSET), preserving connection state.
pub fn reset_transaction(&mut self) {
self.envelope = Envelope::default();
if self.state != SmtpState::Connected {
self.state = SmtpState::Greeted;
}
}
/// Reset session for a new EHLO (preserves counters and TLS).
pub fn reset_for_ehlo(&mut self, hostname: String, esmtp: bool) {
self.client_hostname = Some(hostname);
self.esmtp = esmtp;
self.envelope = Envelope::default();
self.state = SmtpState::Greeted;
// Auth state is reset on new EHLO per RFC
self.auth_state = AuthState::None;
}
/// Check if the client is authenticated.
pub fn is_authenticated(&self) -> bool {
matches!(self.auth_state, AuthState::Authenticated { .. })
}
/// Get the authenticated username, if any.
pub fn authenticated_user(&self) -> Option<&str> {
match &self.auth_state {
AuthState::Authenticated { username } => Some(username),
_ => None,
}
}
/// Record a completed message delivery.
pub fn record_message(&mut self) {
self.message_count += 1;
}
/// Record a failed auth attempt. Returns true if limit exceeded.
pub fn record_auth_failure(&mut self, max_failures: u32) -> bool {
self.auth_failures += 1;
self.auth_failures >= max_failures
}
/// Record an invalid command. Returns true if limit exceeded.
pub fn record_invalid_command(&mut self) -> bool {
self.invalid_commands += 1;
self.invalid_commands >= self.max_invalid_commands
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_new_session() {
let session = SmtpSession::new("127.0.0.1".into(), false);
assert_eq!(session.state, SmtpState::Connected);
assert!(!session.secure);
assert!(!session.is_authenticated());
assert!(session.client_hostname.is_none());
}
#[test]
fn test_reset_transaction() {
let mut session = SmtpSession::new("127.0.0.1".into(), false);
session.state = SmtpState::RcptTo;
session.envelope.mail_from = "sender@example.com".into();
session.envelope.rcpt_to.push("rcpt@example.com".into());
session.reset_transaction();
assert_eq!(session.state, SmtpState::Greeted);
assert!(session.envelope.mail_from.is_empty());
assert!(session.envelope.rcpt_to.is_empty());
}
#[test]
fn test_reset_for_ehlo() {
let mut session = SmtpSession::new("127.0.0.1".into(), true);
session.auth_state = AuthState::Authenticated {
username: "user".into(),
};
session.reset_for_ehlo("mail.example.com".into(), true);
assert_eq!(session.state, SmtpState::Greeted);
assert_eq!(session.client_hostname.as_deref(), Some("mail.example.com"));
assert!(session.esmtp);
assert!(!session.is_authenticated()); // Auth reset after EHLO
}
#[test]
fn test_auth_failures() {
let mut session = SmtpSession::new("127.0.0.1".into(), false);
assert!(!session.record_auth_failure(3));
assert!(!session.record_auth_failure(3));
assert!(session.record_auth_failure(3)); // 3rd failure -> limit
}
#[test]
fn test_invalid_commands() {
let mut session = SmtpSession::new("127.0.0.1".into(), false);
session.max_invalid_commands = 3;
assert!(!session.record_invalid_command());
assert!(!session.record_invalid_command());
assert!(session.record_invalid_command()); // 3rd -> limit
}
#[test]
fn test_message_count() {
let mut session = SmtpSession::new("127.0.0.1".into(), false);
assert_eq!(session.message_count, 0);
session.record_message();
session.record_message();
assert_eq!(session.message_count, 2);
}
}

219
rust/crates/mailer-smtp/src/state.rs Normal file
View File

@@ -0,0 +1,219 @@
//! SMTP protocol state machine.
//!
//! Defines valid states and transitions for an SMTP session.
use serde::{Deserialize, Serialize};
/// SMTP session states following RFC 5321.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub enum SmtpState {
/// Initial state — waiting for server greeting.
Connected,
/// After successful EHLO/HELO.
Greeted,
/// After MAIL FROM accepted.
MailFrom,
/// After at least one RCPT TO accepted.
RcptTo,
/// In DATA mode — accumulating message body.
Data,
/// Transaction completed — can start a new one or QUIT.
Finished,
}
/// State transition errors.
#[derive(Debug, Clone, PartialEq, thiserror::Error)]
pub enum TransitionError {
#[error("cannot {action} in state {state:?}")]
InvalidTransition {
state: SmtpState,
action: &'static str,
},
}
impl SmtpState {
/// Check whether EHLO/HELO is valid in the current state.
/// EHLO/HELO can be issued at any time to reset the session.
pub fn can_ehlo(&self) -> bool {
true
}
/// Check whether MAIL FROM is valid in the current state.
pub fn can_mail_from(&self) -> bool {
matches!(self, SmtpState::Greeted | SmtpState::Finished)
}
/// Check whether RCPT TO is valid in the current state.
pub fn can_rcpt_to(&self) -> bool {
matches!(self, SmtpState::MailFrom | SmtpState::RcptTo)
}
/// Check whether DATA is valid in the current state.
pub fn can_data(&self) -> bool {
matches!(self, SmtpState::RcptTo)
}
/// Check whether STARTTLS is valid in the current state.
/// Only before a transaction starts.
pub fn can_starttls(&self) -> bool {
matches!(self, SmtpState::Connected | SmtpState::Greeted | SmtpState::Finished)
}
/// Check whether AUTH is valid in the current state.
/// Only after EHLO and before a transaction starts.
pub fn can_auth(&self) -> bool {
matches!(self, SmtpState::Greeted | SmtpState::Finished)
}
/// Transition to Greeted state (after EHLO/HELO).
pub fn transition_ehlo(&self) -> Result<SmtpState, TransitionError> {
// EHLO is always valid — it resets the session.
Ok(SmtpState::Greeted)
}
/// Transition to MailFrom state (after MAIL FROM accepted).
pub fn transition_mail_from(&self) -> Result<SmtpState, TransitionError> {
if self.can_mail_from() {
Ok(SmtpState::MailFrom)
} else {
Err(TransitionError::InvalidTransition {
state: *self,
action: "MAIL FROM",
})
}
}
/// Transition to RcptTo state (after RCPT TO accepted).
pub fn transition_rcpt_to(&self) -> Result<SmtpState, TransitionError> {
if self.can_rcpt_to() {
Ok(SmtpState::RcptTo)
} else {
Err(TransitionError::InvalidTransition {
state: *self,
action: "RCPT TO",
})
}
}
/// Transition to Data state (after DATA command accepted).
pub fn transition_data(&self) -> Result<SmtpState, TransitionError> {
if self.can_data() {
Ok(SmtpState::Data)
} else {
Err(TransitionError::InvalidTransition {
state: *self,
action: "DATA",
})
}
}
/// Transition to Finished state (after end-of-data).
pub fn transition_finished(&self) -> Result<SmtpState, TransitionError> {
if *self == SmtpState::Data {
Ok(SmtpState::Finished)
} else {
Err(TransitionError::InvalidTransition {
state: *self,
action: "finish DATA",
})
}
}
/// Reset to Greeted state (after RSET command).
pub fn transition_rset(&self) -> Result<SmtpState, TransitionError> {
match self {
SmtpState::Connected => Err(TransitionError::InvalidTransition {
state: *self,
action: "RSET",
}),
_ => Ok(SmtpState::Greeted),
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_initial_state() {
let state = SmtpState::Connected;
assert!(!state.can_mail_from());
assert!(!state.can_rcpt_to());
assert!(!state.can_data());
assert!(state.can_starttls());
assert!(state.can_ehlo());
}
#[test]
fn test_ehlo_always_valid() {
for state in [
SmtpState::Connected,
SmtpState::Greeted,
SmtpState::MailFrom,
SmtpState::RcptTo,
SmtpState::Data,
SmtpState::Finished,
] {
assert!(state.can_ehlo());
assert!(state.transition_ehlo().is_ok());
}
}
#[test]
fn test_normal_flow() {
let state = SmtpState::Connected;
let state = state.transition_ehlo().unwrap();
assert_eq!(state, SmtpState::Greeted);
let state = state.transition_mail_from().unwrap();
assert_eq!(state, SmtpState::MailFrom);
let state = state.transition_rcpt_to().unwrap();
assert_eq!(state, SmtpState::RcptTo);
// Multiple RCPT TO
let state = state.transition_rcpt_to().unwrap();
assert_eq!(state, SmtpState::RcptTo);
let state = state.transition_data().unwrap();
assert_eq!(state, SmtpState::Data);
let state = state.transition_finished().unwrap();
assert_eq!(state, SmtpState::Finished);
// New transaction
let state = state.transition_mail_from().unwrap();
assert_eq!(state, SmtpState::MailFrom);
}
#[test]
fn test_invalid_transitions() {
assert!(SmtpState::Connected.transition_mail_from().is_err());
assert!(SmtpState::Connected.transition_rcpt_to().is_err());
assert!(SmtpState::Connected.transition_data().is_err());
assert!(SmtpState::Greeted.transition_rcpt_to().is_err());
assert!(SmtpState::Greeted.transition_data().is_err());
assert!(SmtpState::MailFrom.transition_data().is_err());
}
#[test]
fn test_rset() {
let state = SmtpState::RcptTo;
let state = state.transition_rset().unwrap();
assert_eq!(state, SmtpState::Greeted);
// RSET from Connected is invalid (no EHLO yet)
assert!(SmtpState::Connected.transition_rset().is_err());
}
#[test]
fn test_starttls_validity() {
assert!(SmtpState::Connected.can_starttls());
assert!(SmtpState::Greeted.can_starttls());
assert!(!SmtpState::MailFrom.can_starttls());
assert!(!SmtpState::RcptTo.can_starttls());
assert!(!SmtpState::Data.can_starttls());
assert!(SmtpState::Finished.can_starttls());
}
}

169
rust/crates/mailer-smtp/src/validation.rs Normal file
View File

@@ -0,0 +1,169 @@
//! SMTP-level validation utilities.
//!
//! Address parsing, EHLO hostname validation, and header injection detection.
use regex::Regex;
use std::sync::LazyLock;
/// Regex for basic email address format validation.
static EMAIL_RE: LazyLock<Regex> = LazyLock::new(|| {
Regex::new(r"^[^\s@]+@[^\s@]+\.[^\s@]+$").unwrap()
});
/// Regex for valid EHLO hostname (domain name or IPv4/IPv6 literal).
/// Currently unused in favor of a more permissive check, but available
/// for strict validation if needed.
#[allow(dead_code)]
static EHLO_RE: LazyLock<Regex> = LazyLock::new(|| {
// Permissive: domain names, IP literals [1.2.3.4], [IPv6:...], or bare words
Regex::new(r"^(?:\[(?:IPv6:)?[^\]]+\]|[a-zA-Z0-9](?:[a-zA-Z0-9\-\.]*[a-zA-Z0-9])?)$").unwrap()
});
/// Validate an email address for basic SMTP format.
///
/// Returns `true` if the address has a valid-looking format.
/// Empty addresses (for bounce messages, MAIL FROM:<>) return `true`.
pub fn is_valid_smtp_address(address: &str) -> bool {
// Empty address is valid for MAIL FROM (bounce)
if address.is_empty() {
return true;
}
EMAIL_RE.is_match(address)
}
/// Validate an EHLO/HELO hostname.
///
/// Returns `true` if the hostname looks syntactically valid.
/// We are permissive because real-world SMTP clients send all kinds of values.
pub fn is_valid_ehlo_hostname(hostname: &str) -> bool {
if hostname.is_empty() {
return false;
}
// Be permissive — most SMTP servers accept anything non-empty.
// Only reject obviously malicious patterns.
if hostname.len() > 255 {
return false;
}
if contains_header_injection(hostname) {
return false;
}
// Must not contain null bytes
if hostname.contains('\0') {
return false;
}
true
}
/// Check for SMTP header injection attempts.
///
/// Returns `true` if the input contains characters that could be used
/// for header injection (bare CR/LF).
pub fn contains_header_injection(input: &str) -> bool {
input.contains('\r') || input.contains('\n')
}
/// Validate the size parameter from MAIL FROM.
///
/// Returns the parsed size if valid and within the max, or an error message.
pub fn validate_size_param(value: &str, max_size: u64) -> Result<u64, String> {
let size: u64 = value
.parse()
.map_err(|_| format!("invalid SIZE value: {value}"))?;
if size > max_size {
return Err(format!(
"message size {size} exceeds maximum {max_size}"
));
}
Ok(size)
}
/// Extract the domain part from an email address.
pub fn extract_domain(address: &str) -> Option<&str> {
if address.is_empty() {
return None;
}
address.rsplit_once('@').map(|(_, domain)| domain)
}
/// Normalize an email address by lowercasing the domain part.
pub fn normalize_address(address: &str) -> String {
if address.is_empty() {
return String::new();
}
match address.rsplit_once('@') {
Some((local, domain)) => format!("{local}@{}", domain.to_ascii_lowercase()),
None => address.to_string(),
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_valid_email() {
assert!(is_valid_smtp_address("user@example.com"));
assert!(is_valid_smtp_address("user+tag@sub.example.com"));
assert!(is_valid_smtp_address("a@b.c"));
}
#[test]
fn test_empty_address_valid() {
assert!(is_valid_smtp_address(""));
}
#[test]
fn test_invalid_email() {
assert!(!is_valid_smtp_address("no-at-sign"));
assert!(!is_valid_smtp_address("@no-local.com"));
assert!(!is_valid_smtp_address("user@"));
assert!(!is_valid_smtp_address("user@nodot"));
assert!(!is_valid_smtp_address("has space@example.com"));
}
#[test]
fn test_valid_ehlo() {
assert!(is_valid_ehlo_hostname("mail.example.com"));
assert!(is_valid_ehlo_hostname("localhost"));
assert!(is_valid_ehlo_hostname("[127.0.0.1]"));
assert!(is_valid_ehlo_hostname("[IPv6:::1]"));
}
#[test]
fn test_invalid_ehlo() {
assert!(!is_valid_ehlo_hostname(""));
assert!(!is_valid_ehlo_hostname("host\r\nname"));
assert!(!is_valid_ehlo_hostname(&"a".repeat(256)));
}
#[test]
fn test_header_injection() {
assert!(contains_header_injection("test\r\nBcc: evil@evil.com"));
assert!(contains_header_injection("test\ninjection"));
assert!(contains_header_injection("test\rinjection"));
assert!(!contains_header_injection("normal text"));
}
#[test]
fn test_size_param() {
assert_eq!(validate_size_param("12345", 1_000_000), Ok(12345));
assert!(validate_size_param("99999999", 1_000).is_err());
assert!(validate_size_param("notanumber", 1_000).is_err());
}
#[test]
fn test_extract_domain() {
assert_eq!(extract_domain("user@example.com"), Some("example.com"));
assert_eq!(extract_domain(""), None);
assert_eq!(extract_domain("nodomain"), None);
}
#[test]
fn test_normalize_address() {
assert_eq!(
normalize_address("User@EXAMPLE.COM"),
"User@example.com"
);
assert_eq!(normalize_address(""), "");
}
}

247
test/helpers/server.loader.ts
View File

@@ -1,8 +1,4 @@
import * as plugins from '../../ts/plugins.js';
import { UnifiedEmailServer } from '../../ts/mail/routing/classes.unified.email.server.js';
import { createSmtpServer } from '../../ts/mail/delivery/smtpserver/index.js';
import type { ISmtpServerOptions } from '../../ts/mail/delivery/smtpserver/interfaces.js';
import type { net } from '../../ts/plugins.js';
export interface ITestServerConfig {
port: number;
@@ -27,165 +23,18 @@ export interface ITestServer {
}
/**
* Starts a test SMTP server with the given configuration
* Starts a test SMTP server with the given configuration.
*
* NOTE: The TS SMTP server implementation was removed in Phase 7B
* (replaced by the Rust SMTP server). This stub preserves the interface
* for smtpclient tests that import it, but those tests require `node-forge`
* which is not installed (pre-existing issue).
*/
export async function startTestServer(config: ITestServerConfig): Promise<ITestServer> {
// Find a free port if one wasn't specified
// Using smartnetwork to find an available port in the range 10000-60000
let port = config.port;
if (port === undefined || port === 0) {
const network = new plugins.smartnetwork.Network();
port = await network.findFreePort(10000, 60000, { randomize: true });
if (!port) {
throw new Error('No free ports available in range 10000-60000');
}
}
const serverConfig = {
port: port, // Use the found free port
hostname: config.hostname || 'localhost',
tlsEnabled: config.tlsEnabled || false,
authRequired: config.authRequired || false,
timeout: config.timeout || 30000,
maxConnections: config.maxConnections || 100,
size: config.size || 10 * 1024 * 1024, // 10MB default
maxRecipients: config.maxRecipients || 100
};
// Create a mock email server for testing
const mockEmailServer = {
processEmailByMode: async (emailData: any) => {
console.log(`📧 [Test Server] Processing email:`, emailData.subject || 'No subject');
return emailData;
},
getRateLimiter: () => {
// Return a mock rate limiter for testing
return {
recordConnection: (_ip: string) => ({ allowed: true, remaining: 100 }),
checkConnectionLimit: async (_ip: string) => ({ allowed: true, remaining: 100 }),
checkMessageLimit: (_senderAddress: string, _ip: string, _recipientCount?: number, _pattern?: string, _domain?: string) => ({ allowed: true, remaining: 1000 }),
checkRecipientLimit: async (_session: any) => ({ allowed: true, remaining: 50 }),
recordAuthenticationFailure: async (_ip: string) => {},
recordSyntaxError: async (_ip: string) => {},
recordCommandError: async (_ip: string) => {},
recordError: (_key: string) => false, // Return false to not block during tests
isBlocked: async (_ip: string) => false,
cleanup: async () => {}
};
}
} as any;
// Load test certificates
let key: string;
let cert: string;
if (serverConfig.tlsEnabled) {
try {
const certPath = config.testCertPath || './test/fixtures/test-cert.pem';
const keyPath = config.testKeyPath || './test/fixtures/test-key.pem';
cert = await plugins.fs.promises.readFile(certPath, 'utf8');
key = await plugins.fs.promises.readFile(keyPath, 'utf8');
} catch (error) {
console.warn('⚠️ Failed to load TLS certificates, falling back to self-signed');
// Generate self-signed certificate for testing
const forge = await import('node-forge');
const pki = forge.default.pki;
// Generate key pair
const keys = pki.rsa.generateKeyPair(2048);
// Create certificate
const certificate = pki.createCertificate();
certificate.publicKey = keys.publicKey;
certificate.serialNumber = '01';
certificate.validity.notBefore = new Date();
certificate.validity.notAfter = new Date();
certificate.validity.notAfter.setFullYear(certificate.validity.notBefore.getFullYear() + 1);
const attrs = [{
name: 'commonName',
value: serverConfig.hostname
}];
certificate.setSubject(attrs);
certificate.setIssuer(attrs);
certificate.sign(keys.privateKey);
// Convert to PEM
cert = pki.certificateToPem(certificate);
key = pki.privateKeyToPem(keys.privateKey);
}
} else {
// Always provide a self-signed certificate for non-TLS servers
// This is required by the interface
const forge = await import('node-forge');
const pki = forge.default.pki;
// Generate key pair
const keys = pki.rsa.generateKeyPair(2048);
// Create certificate
const certificate = pki.createCertificate();
certificate.publicKey = keys.publicKey;
certificate.serialNumber = '01';
certificate.validity.notBefore = new Date();
certificate.validity.notAfter = new Date();
certificate.validity.notAfter.setFullYear(certificate.validity.notBefore.getFullYear() + 1);
const attrs = [{
name: 'commonName',
value: serverConfig.hostname
}];
certificate.setSubject(attrs);
certificate.setIssuer(attrs);
certificate.sign(keys.privateKey);
// Convert to PEM
cert = pki.certificateToPem(certificate);
key = pki.privateKeyToPem(keys.privateKey);
}
// SMTP server options
const smtpOptions: ISmtpServerOptions = {
port: serverConfig.port,
hostname: serverConfig.hostname,
key: key,
cert: cert,
maxConnections: serverConfig.maxConnections,
size: serverConfig.size,
maxRecipients: serverConfig.maxRecipients,
socketTimeout: serverConfig.timeout,
connectionTimeout: serverConfig.timeout * 2,
cleanupInterval: 300000,
auth: serverConfig.authRequired ? ({
required: true,
methods: ['PLAIN', 'LOGIN'] as ('PLAIN' | 'LOGIN' | 'OAUTH2')[],
validateUser: async (username: string, password: string) => {
// Test server accepts these credentials
return username === 'testuser' && password === 'testpass';
}
} as any) : undefined
};
// Create SMTP server
const smtpServer = await createSmtpServer(mockEmailServer, smtpOptions);
// Start the server
await smtpServer.listen();
// Wait for server to be ready
await waitForServerReady(serverConfig.hostname, serverConfig.port);
console.log(`✅ Test SMTP server started on ${serverConfig.hostname}:${serverConfig.port}`);
return {
server: mockEmailServer,
smtpServer: smtpServer,
port: serverConfig.port, // Return the port we already know
hostname: serverConfig.hostname,
config: serverConfig,
startTime: Date.now()
};
export async function startTestServer(_config: ITestServerConfig): Promise<ITestServer> {
throw new Error(
'startTestServer is no longer available — the TS SMTP server was removed in Phase 7B. ' +
'Use the Rust SMTP server (via UnifiedEmailServer) for integration testing.'
);
}
/**
@@ -193,77 +42,29 @@ export async function startTestServer(config: ITestServerConfig): Promise<ITestS
*/
export async function stopTestServer(testServer: ITestServer): Promise<void> {
if (!testServer || !testServer.smtpServer) {
console.warn('⚠️ No test server to stop');
return;
}
try {
console.log(`🛑 Stopping test SMTP server on ${testServer.hostname}:${testServer.port}`);
// Stop the SMTP server
if (testServer.smtpServer.close && typeof testServer.smtpServer.close === 'function') {
await testServer.smtpServer.close();
}
// Wait for port to be free
await waitForPortFree(testServer.port);
console.log(`✅ Test SMTP server stopped`);
} catch (error) {
console.error('Error stopping test server:', error);
console.error('Error stopping test server:', error);
throw error;
}
}
/**
* Wait for server to be ready to accept connections
* Get an available port for testing
*/
async function waitForServerReady(hostname: string, port: number, timeout: number = 10000): Promise<void> {
const startTime = Date.now();
while (Date.now() - startTime < timeout) {
try {
await new Promise<void>((resolve, reject) => {
const socket = plugins.net.createConnection({ port, host: hostname });
socket.on('connect', () => {
socket.end();
resolve();
});
socket.on('error', reject);
setTimeout(() => {
socket.destroy();
reject(new Error('Connection timeout'));
}, 1000);
});
return; // Server is ready
} catch {
// Server not ready yet, wait and retry
await new Promise(resolve => setTimeout(resolve, 100));
export async function getAvailablePort(startPort: number = 25000): Promise<number> {
for (let port = startPort; port < startPort + 1000; port++) {
if (await isPortFree(port)) {
return port;
}
}
throw new Error(`Server did not become ready within ${timeout}ms`);
}
/**
* Wait for port to be free
*/
async function waitForPortFree(port: number, timeout: number = 5000): Promise<void> {
const startTime = Date.now();
while (Date.now() - startTime < timeout) {
const isFree = await isPortFree(port);
if (isFree) {
return;
}
await new Promise(resolve => setTimeout(resolve, 100));
}
console.warn(`⚠️ Port ${port} still in use after ${timeout}ms`);
throw new Error(`No available ports found starting from ${startPort}`);
}
/**
@@ -281,18 +82,6 @@ async function isPortFree(port: number): Promise<boolean> {
});
}
/**
* Get an available port for testing
*/
export async function getAvailablePort(startPort: number = 25000): Promise<number> {
for (let port = startPort; port < startPort + 1000; port++) {
if (await isPortFree(port)) {
return port;
}
}
throw new Error(`No available ports found starting from ${startPort}`);
}
/**
* Create test email data
*/

193
test/suite/smtpserver_commands/test.cmd-01.ehlo-command.ts
View File

@@ -1,193 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
tap.test('CMD-01: EHLO Command - server responds with proper capabilities', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = ''; // Clear buffer
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
// Parse response - only lines that start with 250
const lines = receivedData.split('\r\n')
.filter(line => line.startsWith('250'))
.filter(line => line.length > 0);
// Check for required ESMTP extensions
const capabilities = lines.map(line => line.substring(4).trim());
console.log('📋 Server capabilities:', capabilities);
// Verify essential capabilities
expect(capabilities.some(cap => cap.includes('SIZE'))).toBeTruthy();
expect(capabilities.some(cap => cap.includes('8BITMIME'))).toBeTruthy();
// The last line should be "250 " (without hyphen)
const lastLine = lines[lines.length - 1];
expect(lastLine.startsWith('250 ')).toBeTruthy();
currentStep = 'quit';
receivedData = ''; // Clear buffer
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
socket.destroy();
done.resolve();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-01: EHLO with invalid hostname - server handles gracefully', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let testIndex = 0;
const invalidHostnames = [
'', // Empty hostname
' ', // Whitespace only
'invalid..hostname', // Double dots
'.invalid', // Leading dot
'invalid.', // Trailing dot
'very-long-hostname-that-exceeds-reasonable-limits-' + 'x'.repeat(200)
];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'testing';
receivedData = ''; // Clear buffer
console.log(`Testing invalid hostname: "${invalidHostnames[testIndex]}"`);
socket.write(`EHLO ${invalidHostnames[testIndex]}\r\n`);
} else if (currentStep === 'testing' && (receivedData.includes('250') || receivedData.includes('5'))) {
// Server should either accept with warning or reject with 5xx
expect(receivedData).toMatch(/^(250|5\d\d)/);
testIndex++;
if (testIndex < invalidHostnames.length) {
currentStep = 'reset';
receivedData = ''; // Clear buffer
socket.write('RSET\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
} else if (currentStep === 'reset' && receivedData.includes('250')) {
currentStep = 'testing';
receivedData = ''; // Clear buffer
console.log(`Testing invalid hostname: "${invalidHostnames[testIndex]}"`);
socket.write(`EHLO ${invalidHostnames[testIndex]}\r\n`);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-01: EHLO command pipelining - multiple EHLO commands', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'first_ehlo';
receivedData = ''; // Clear buffer
socket.write('EHLO first.example.com\r\n');
} else if (currentStep === 'first_ehlo' && receivedData.includes('250 ')) {
currentStep = 'second_ehlo';
receivedData = ''; // Clear buffer
// Second EHLO (should reset session)
socket.write('EHLO second.example.com\r\n');
} else if (currentStep === 'second_ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = ''; // Clear buffer
// Verify session was reset by trying MAIL FROM
socket.write('MAIL FROM:<test@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

330
test/suite/smtpserver_commands/test.cmd-02.mail-from.ts
View File

@@ -1,330 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
tap.test('CMD-02: MAIL FROM - accepts valid sender addresses', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let testIndex = 0;
const validAddresses = [
'sender@example.com',
'test.user+tag@example.com',
'user@[192.168.1.1]', // IP literal
'user@subdomain.example.com',
'user@very-long-domain-name-that-is-still-valid.example.com',
'test_user@example.com' // underscore in local part
];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
console.log(`Testing valid address: ${validAddresses[testIndex]}`);
socket.write(`MAIL FROM:<${validAddresses[testIndex]}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
testIndex++;
if (testIndex < validAddresses.length) {
currentStep = 'rset';
receivedData = '';
socket.write('RSET\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from';
receivedData = '';
console.log(`Testing valid address: ${validAddresses[testIndex]}`);
socket.write(`MAIL FROM:<${validAddresses[testIndex]}>\r\n`);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-02: MAIL FROM - rejects invalid sender addresses', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let testIndex = 0;
const invalidAddresses = [
'notanemail', // No @ symbol
'@example.com', // Missing local part
'user@', // Missing domain
'user@.com', // Invalid domain
'user@domain..com', // Double dot
'user with spaces@example.com', // Unquoted spaces
'user@<example.com>', // Invalid characters
'user@@example.com', // Double @
'user@localhost' // localhost not valid domain
];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
console.log(`Testing invalid address: "${invalidAddresses[testIndex]}"`);
socket.write(`MAIL FROM:<${invalidAddresses[testIndex]}>\r\n`);
} else if (currentStep === 'mail_from' && (receivedData.includes('250') || receivedData.includes('5'))) {
// Server might accept some addresses or reject with 5xx error
// For this test, we just verify the server responds appropriately
console.log(` Response: ${receivedData.trim()}`);
testIndex++;
if (testIndex < invalidAddresses.length) {
currentStep = 'rset';
receivedData = '';
socket.write('RSET\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from';
receivedData = '';
console.log(`Testing invalid address: "${invalidAddresses[testIndex]}"`);
socket.write(`MAIL FROM:<${invalidAddresses[testIndex]}>\r\n`);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-02: MAIL FROM with SIZE parameter', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from_small';
receivedData = '';
// Test small size
socket.write('MAIL FROM:<sender@example.com> SIZE=1024\r\n');
} else if (currentStep === 'mail_from_small' && receivedData.includes('250')) {
currentStep = 'rset';
receivedData = '';
socket.write('RSET\r\n');
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from_large';
receivedData = '';
// Test large size (should be rejected if exceeds limit)
socket.write('MAIL FROM:<sender@example.com> SIZE=99999999\r\n');
} else if (currentStep === 'mail_from_large') {
// Should get either 250 (accepted) or 552 (message size exceeds limit)
expect(receivedData).toMatch(/^(250|552)/);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-02: MAIL FROM with parameters', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from_8bitmime';
receivedData = '';
// Test BODY=8BITMIME
socket.write('MAIL FROM:<sender@example.com> BODY=8BITMIME\r\n');
} else if (currentStep === 'mail_from_8bitmime' && receivedData.includes('250')) {
currentStep = 'rset';
receivedData = '';
socket.write('RSET\r\n');
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from_unknown';
receivedData = '';
// Test unknown parameter (should be ignored or rejected)
socket.write('MAIL FROM:<sender@example.com> UNKNOWN=value\r\n');
} else if (currentStep === 'mail_from_unknown') {
// Should get either 250 (ignored) or 555 (parameter not recognized)
expect(receivedData).toMatch(/^(250|555|501)/);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('CMD-02: MAIL FROM sequence violations', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'mail_without_ehlo';
receivedData = '';
// Try MAIL FROM without EHLO/HELO first
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_without_ehlo' && receivedData.includes('503')) {
// Should get 503 (bad sequence)
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'first_mail';
receivedData = '';
socket.write('MAIL FROM:<first@example.com>\r\n');
} else if (currentStep === 'first_mail' && receivedData.includes('250')) {
currentStep = 'second_mail';
receivedData = '';
// Try second MAIL FROM without RSET
socket.write('MAIL FROM:<second@example.com>\r\n');
} else if (currentStep === 'second_mail' && (receivedData.includes('503') || receivedData.includes('250'))) {
// Server might accept or reject the second MAIL FROM
// Some servers allow resetting the sender, others require RSET
console.log(`Second MAIL FROM response: ${receivedData.trim()}`);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

296
test/suite/smtpserver_commands/test.cmd-03.rcpt-to.ts
View File

@@ -1,296 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
tap.test('RCPT TO - should accept valid recipient after MAIL FROM', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
expect(receivedData).toInclude('250');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('RCPT TO - should reject without MAIL FROM', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'rcpt_to_without_mail';
receivedData = '';
// Try RCPT TO without MAIL FROM
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to_without_mail' && receivedData.includes('503')) {
// Should get 503 (bad sequence)
expect(receivedData).toInclude('503');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('RCPT TO - should accept multiple recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
const maxRecipients = 3;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write(`RCPT TO:<recipient${recipientCount + 1}@example.com>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
recipientCount++;
receivedData = '';
if (recipientCount < maxRecipients) {
socket.write(`RCPT TO:<recipient${recipientCount + 1}@example.com>\r\n`);
} else {
expect(recipientCount).toEqual(maxRecipients);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('RCPT TO - should reject invalid email format', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let testIndex = 0;
const invalidRecipients = [
'notanemail',
'@example.com',
'user@',
'user@.com',
'user@domain..com'
];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
console.log(`Testing invalid recipient: "${invalidRecipients[testIndex]}"`);
socket.write(`RCPT TO:<${invalidRecipients[testIndex]}>\r\n`);
} else if (currentStep === 'rcpt_to' && (receivedData.includes('501') || receivedData.includes('5'))) {
// Should reject with 5xx error
console.log(` Response: ${receivedData.trim()}`);
testIndex++;
if (testIndex < invalidRecipients.length) {
currentStep = 'rset';
receivedData = '';
socket.write('RSET\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('RCPT TO - should handle SIZE parameter', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to_with_size';
receivedData = '';
// RCPT TO doesn't typically have SIZE parameter, but test server response
socket.write('RCPT TO:<recipient@example.com> SIZE=1024\r\n');
} else if (currentStep === 'rcpt_to_with_size') {
// Server might accept or reject the parameter
expect(receivedData).toMatch(/^(250|555|501)/);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

395
test/suite/smtpserver_commands/test.cmd-04.data-command.ts
View File

@@ -1,395 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 15000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
tap.test('DATA - should accept email data after RCPT TO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data_command';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data_command' && receivedData.includes('354')) {
currentStep = 'message_body';
receivedData = '';
// Send email content
socket.write('From: sender@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('Subject: Test message\r\n');
socket.write('\r\n'); // Empty line to separate headers from body
socket.write('This is a test message.\r\n');
socket.write('.\r\n'); // End of message
} else if (currentStep === 'message_body' && receivedData.includes('250')) {
expect(receivedData).toInclude('250');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('DATA - should reject without RCPT TO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'data_without_rcpt';
receivedData = '';
// Try DATA without MAIL FROM or RCPT TO
socket.write('DATA\r\n');
} else if (currentStep === 'data_without_rcpt' && receivedData.includes('503')) {
// Should get 503 (bad sequence)
expect(receivedData).toInclude('503');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('DATA - should accept empty message body', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data_command';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data_command' && receivedData.includes('354')) {
currentStep = 'empty_message';
receivedData = '';
// Send only the terminator
socket.write('.\r\n');
} else if (currentStep === 'empty_message') {
// Server should accept empty message
expect(receivedData).toMatch(/^(250|5\d\d)/);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('DATA - should handle dot stuffing correctly', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data_command';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data_command' && receivedData.includes('354')) {
currentStep = 'dot_stuffed_message';
receivedData = '';
// Send message with dots that need stuffing
socket.write('This line is normal.\r\n');
socket.write('..This line starts with two dots (one will be removed).\r\n');
socket.write('.This line starts with a single dot.\r\n');
socket.write('...This line starts with three dots.\r\n');
socket.write('.\r\n'); // End of message
} else if (currentStep === 'dot_stuffed_message' && receivedData.includes('250')) {
expect(receivedData).toInclude('250');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('DATA - should handle large messages', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data_command';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data_command' && receivedData.includes('354')) {
currentStep = 'large_message';
receivedData = '';
// Send a large message (100KB)
socket.write('From: sender@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('Subject: Large test message\r\n');
socket.write('\r\n');
// Generate 100KB of data
const lineContent = 'This is a test line that will be repeated many times. ';
const linesNeeded = Math.ceil(100000 / lineContent.length);
for (let i = 0; i < linesNeeded; i++) {
socket.write(lineContent + '\r\n');
}
socket.write('.\r\n'); // End of message
} else if (currentStep === 'large_message' && receivedData.includes('250')) {
expect(receivedData).toInclude('250');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('DATA - should handle binary data in message', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data_command';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data_command' && receivedData.includes('354')) {
currentStep = 'binary_message';
receivedData = '';
// Send message with binary data (base64 encoded attachment)
socket.write('From: sender@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('Subject: Binary test message\r\n');
socket.write('MIME-Version: 1.0\r\n');
socket.write('Content-Type: multipart/mixed; boundary="boundary123"\r\n');
socket.write('\r\n');
socket.write('--boundary123\r\n');
socket.write('Content-Type: text/plain\r\n');
socket.write('\r\n');
socket.write('This message contains binary data.\r\n');
socket.write('--boundary123\r\n');
socket.write('Content-Type: application/octet-stream\r\n');
socket.write('Content-Transfer-Encoding: base64\r\n');
socket.write('\r\n');
socket.write('SGVsbG8gV29ybGQhIFRoaXMgaXMgYmluYXJ5IGRhdGEu\r\n');
socket.write('--boundary123--\r\n');
socket.write('.\r\n'); // End of message
} else if (currentStep === 'binary_message' && receivedData.includes('250')) {
expect(receivedData).toInclude('250');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

320
test/suite/smtpserver_commands/test.cmd-05.noop-command.ts
View File

@@ -1,320 +0,0 @@
import * as plugins from '@git.zone/tstest/tapbundle';
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic NOOP command
tap.test('NOOP - should accept NOOP command', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'noop';
socket.write('NOOP\r\n');
} else if (currentStep === 'noop' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250'); // NOOP response
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Multiple NOOP commands
tap.test('NOOP - should handle multiple consecutive NOOP commands', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let noopCount = 0;
const maxNoops = 3;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = ''; // Clear buffer after processing
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'noop';
receivedData = ''; // Clear buffer after processing
socket.write('NOOP\r\n');
} else if (currentStep === 'noop' && receivedData.includes('250 OK')) {
noopCount++;
receivedData = ''; // Clear buffer after processing
if (noopCount < maxNoops) {
// Send another NOOP command
socket.write('NOOP\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(noopCount).toEqual(maxNoops);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: NOOP during transaction
tap.test('NOOP - should work during email transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'noop_after_mail';
socket.write('NOOP\r\n');
} else if (currentStep === 'noop_after_mail' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'noop_after_rcpt';
socket.write('NOOP\r\n');
} else if (currentStep === 'noop_after_rcpt' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: NOOP with parameter (should be ignored)
tap.test('NOOP - should handle NOOP with parameters', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'noop_with_param';
socket.write('NOOP ignored parameter\r\n'); // Parameters should be ignored
} else if (currentStep === 'noop_with_param' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: NOOP before EHLO/HELO
tap.test('NOOP - should work before EHLO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'noop_before_ehlo';
socket.write('NOOP\r\n');
} else if (currentStep === 'noop_before_ehlo' && receivedData.includes('250')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Rapid NOOP commands (stress test)
tap.test('NOOP - should handle rapid NOOP commands', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let noopsSent = 0;
let noopsReceived = 0;
const rapidNoops = 10;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'rapid_noop';
// Send multiple NOOPs rapidly
for (let i = 0; i < rapidNoops; i++) {
socket.write('NOOP\r\n');
noopsSent++;
}
} else if (currentStep === 'rapid_noop') {
// Count 250 responses
const matches = receivedData.match(/250 /g);
if (matches) {
noopsReceived = matches.length - 1; // -1 for EHLO response
}
if (noopsReceived >= rapidNoops) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(noopsReceived).toBeGreaterThan(rapidNoops - 1);
done.resolve();
}, 500);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

399
test/suite/smtpserver_commands/test.cmd-06.rset-command.ts
View File

@@ -1,399 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic RSET command
tap.test('RSET - should reset transaction after MAIL FROM', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rset';
socket.write('RSET\r\n');
} else if (currentStep === 'rset' && receivedData.includes('250')) {
// RSET successful, try to send MAIL FROM again to verify reset
currentStep = 'mail_from_after_rset';
socket.write('MAIL FROM:<newsender@example.com>\r\n');
} else if (currentStep === 'mail_from_after_rset' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250 OK'); // RSET response
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: RSET after RCPT TO
tap.test('RSET - should reset transaction after RCPT TO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'rset';
socket.write('RSET\r\n');
} else if (currentStep === 'rset' && receivedData.includes('250')) {
// After RSET, should need MAIL FROM before RCPT TO
currentStep = 'rcpt_to_after_rset';
socket.write('RCPT TO:<newrecipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to_after_rset' && receivedData.includes('503')) {
// Should get 503 bad sequence
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('503'); // Bad sequence after RSET
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: RSET during DATA
tap.test('RSET - should reset transaction during DATA phase', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
// Start sending data but then RSET
currentStep = 'rset_during_data';
socket.write('Subject: Test\r\n\r\nPartial message...\r\n');
socket.write('RSET\r\n'); // This should be treated as part of data
socket.write('\r\n.\r\n'); // End data
} else if (currentStep === 'rset_during_data' && receivedData.includes('250')) {
// Message accepted, now send actual RSET
currentStep = 'rset_after_data';
socket.write('RSET\r\n');
} else if (currentStep === 'rset_after_data' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Multiple RSET commands
tap.test('RSET - should handle multiple consecutive RSET commands', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let rsetCount = 0;
const maxRsets = 3;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'multiple_rsets';
receivedData = '';
socket.write('RSET\r\n');
} else if (currentStep === 'multiple_rsets' && receivedData.includes('250')) {
rsetCount++;
receivedData = ''; // Clear buffer after processing
if (rsetCount < maxRsets) {
socket.write('RSET\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(rsetCount).toEqual(maxRsets);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: RSET without transaction
tap.test('RSET - should work without active transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'rset_without_transaction';
socket.write('RSET\r\n');
} else if (currentStep === 'rset_without_transaction' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250'); // RSET should work even without transaction
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: RSET with multiple recipients
tap.test('RSET - should clear all recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'add_recipients';
recipientCount++;
socket.write(`RCPT TO:<recipient${recipientCount}@example.com>\r\n`);
} else if (currentStep === 'add_recipients' && receivedData.includes('250')) {
if (recipientCount < 3) {
recipientCount++;
receivedData = ''; // Clear buffer
socket.write(`RCPT TO:<recipient${recipientCount}@example.com>\r\n`);
} else {
currentStep = 'rset';
socket.write('RSET\r\n');
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
// After RSET, all recipients should be cleared
currentStep = 'data_after_rset';
socket.write('DATA\r\n');
} else if (currentStep === 'data_after_rset' && receivedData.includes('503')) {
// Should get 503 bad sequence (no recipients)
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('503');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: RSET with parameter (should be ignored)
tap.test('RSET - should ignore parameters', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'rset_with_param';
socket.write('RSET ignored parameter\r\n'); // Parameters should be ignored
} else if (currentStep === 'rset_with_param' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

391
test/suite/smtpserver_commands/test.cmd-07.vrfy-command.ts
View File

@@ -1,391 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic VRFY command
tap.test('VRFY - should respond to VRFY command', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'vrfy';
receivedData = ''; // Clear buffer before sending VRFY
socket.write('VRFY postmaster\r\n');
} else if (currentStep === 'vrfy' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
const vrfyResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = vrfyResponse?.substring(0, 3);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// VRFY may be:
// 250/251 - User found/will forward
// 252 - Cannot verify but will try
// 502 - Command not implemented (common for security)
// 503 - Bad sequence of commands (this server rejects VRFY due to sequence validation)
// 550 - User not found
expect(responseCode).toMatch(/^(250|251|252|502|503|550)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: VRFY multiple users
tap.test('VRFY - should handle multiple VRFY requests', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const testUsers = ['postmaster', 'admin', 'test', 'nonexistent'];
let currentUserIndex = 0;
const vrfyResults: Array<{ user: string; responseCode: string; supported: boolean }> = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'vrfy';
receivedData = ''; // Clear buffer before sending VRFY
socket.write(`VRFY ${testUsers[currentUserIndex]}\r\n`);
} else if (currentStep === 'vrfy' && receivedData.includes('503') && currentUserIndex < testUsers.length) {
// This server always returns 503 for VRFY
vrfyResults.push({
user: testUsers[currentUserIndex],
responseCode: '503',
supported: false
});
currentUserIndex++;
if (currentUserIndex < testUsers.length) {
receivedData = ''; // Clear buffer
socket.write(`VRFY ${testUsers[currentUserIndex]}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should have results for all users
expect(vrfyResults.length).toEqual(testUsers.length);
// All responses should be valid SMTP codes
vrfyResults.forEach(result => {
expect(result.responseCode).toMatch(/^(250|251|252|502|503|550)$/);
});
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: VRFY without parameter
tap.test('VRFY - should reject VRFY without parameter', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'vrfy_empty';
receivedData = ''; // Clear buffer before sending VRFY
socket.write('VRFY\r\n'); // No user specified
} else if (currentStep === 'vrfy_empty' && receivedData.includes(' ')) {
const responseCode = receivedData.match(/(\d{3})/)?.[1];
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should be 501 (syntax error), 502 (not implemented), or 503 (bad sequence)
expect(responseCode).toMatch(/^(501|502|503)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: VRFY during transaction
tap.test('VRFY - should work during mail transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'vrfy_during_transaction';
receivedData = ''; // Clear buffer before sending VRFY
socket.write('VRFY test@example.com\r\n');
} else if (currentStep === 'vrfy_during_transaction' && receivedData.includes('503')) {
const responseCode = '503'; // We know this server always returns 503
// VRFY may be rejected with 503 during transaction in this server
expect(responseCode).toMatch(/^(250|251|252|502|503|550)$/);
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: VRFY special addresses
tap.test('VRFY - should handle special addresses', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const specialAddresses = [
'postmaster',
'postmaster@localhost',
'abuse',
'abuse@localhost',
'noreply',
'<postmaster@localhost>' // With angle brackets
];
let currentIndex = 0;
const results: Array<{ address: string; responseCode: string }> = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'vrfy_special';
receivedData = ''; // Clear buffer before sending VRFY
socket.write(`VRFY ${specialAddresses[currentIndex]}\r\n`);
} else if (currentStep === 'vrfy_special' && receivedData.includes('503') && currentIndex < specialAddresses.length) {
// This server always returns 503 for VRFY
results.push({
address: specialAddresses[currentIndex],
responseCode: '503'
});
currentIndex++;
if (currentIndex < specialAddresses.length) {
receivedData = ''; // Clear buffer
socket.write(`VRFY ${specialAddresses[currentIndex]}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// All addresses should get valid responses
results.forEach(result => {
expect(result.responseCode).toMatch(/^(250|251|252|502|503|550)$/);
});
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: VRFY security considerations
tap.test('VRFY - verify security behavior', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let commandDisabled = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'vrfy_security';
receivedData = ''; // Clear buffer before sending VRFY
socket.write('VRFY randomuser123\r\n');
} else if (currentStep === 'vrfy_security' && receivedData.includes(' ')) {
const responseCode = receivedData.match(/(\d{3})/)?.[1];
// Check if command is disabled for security or sequence validation
if (responseCode === '502' || responseCode === '252' || responseCode === '503') {
commandDisabled = true;
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Note: Many servers disable VRFY for security reasons
// Both enabled and disabled are valid configurations
// This server rejects VRFY with 503 due to sequence validation
if (responseCode === '503' || commandDisabled) {
expect(responseCode).toMatch(/^(502|252|503)$/);
} else {
expect(responseCode).toMatch(/^(250|251|550)$/);
}
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

450
test/suite/smtpserver_commands/test.cmd-08.expn-command.ts
View File

@@ -1,450 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic EXPN command
tap.test('EXPN - should respond to EXPN command', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn';
receivedData = ''; // Clear buffer before sending EXPN
socket.write('EXPN postmaster\r\n');
} else if (currentStep === 'expn' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
const expnResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = expnResponse?.substring(0, 3);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// EXPN may be:
// 250/251 - List expanded
// 252 - Cannot expand but will try to deliver
// 502 - Command not implemented (common for security)
// 503 - Bad sequence of commands (this server rejects EXPN due to sequence validation)
// 550 - List not found
expect(responseCode).toMatch(/^(250|251|252|502|503|550)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN multiple lists
tap.test('EXPN - should handle multiple EXPN requests', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const testLists = ['postmaster', 'admin', 'staff', 'all', 'users'];
let currentListIndex = 0;
const expnResults: Array<{ list: string; responseCode: string; supported: boolean }> = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn';
receivedData = ''; // Clear buffer before sending EXPN
socket.write(`EXPN ${testLists[currentListIndex]}\r\n`);
} else if (currentStep === 'expn' && receivedData.includes('503') && currentListIndex < testLists.length) {
// This server always returns 503 for EXPN
const responseCode = '503';
expnResults.push({
list: testLists[currentListIndex],
responseCode: responseCode,
supported: responseCode.startsWith('2')
});
currentListIndex++;
if (currentListIndex < testLists.length) {
receivedData = ''; // Clear buffer
socket.write(`EXPN ${testLists[currentListIndex]}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should have results for all lists
expect(expnResults.length).toEqual(testLists.length);
// All responses should be valid SMTP codes
expnResults.forEach(result => {
expect(result.responseCode).toMatch(/^(250|251|252|502|503|550)$/);
});
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN without parameter
tap.test('EXPN - should reject EXPN without parameter', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn_empty';
receivedData = ''; // Clear buffer before sending EXPN
socket.write('EXPN\r\n'); // No list specified
} else if (currentStep === 'expn_empty' && receivedData.includes(' ')) {
const responseCode = receivedData.match(/(\d{3})/)?.[1];
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should be 501 (syntax error), 502 (not implemented), or 503 (bad sequence)
expect(responseCode).toMatch(/^(501|502|503)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN during transaction
tap.test('EXPN - should work during mail transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'expn_during_transaction';
receivedData = ''; // Clear buffer before sending EXPN
socket.write('EXPN admin\r\n');
} else if (currentStep === 'expn_during_transaction' && receivedData.includes('503')) {
const responseCode = '503'; // We know this server always returns 503
// EXPN may be rejected with 503 during transaction in this server
expect(responseCode).toMatch(/^(250|251|252|502|503|550)$/);
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN special lists
tap.test('EXPN - should handle special mailing lists', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const specialLists = [
'postmaster',
'postmaster@localhost',
'abuse',
'webmaster',
'noreply',
'<admin@localhost>' // With angle brackets
];
let currentIndex = 0;
const results: Array<{ list: string; responseCode: string }> = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn_special';
receivedData = ''; // Clear buffer before sending EXPN
socket.write(`EXPN ${specialLists[currentIndex]}\r\n`);
} else if (currentStep === 'expn_special' && receivedData.includes('503') && currentIndex < specialLists.length) {
// This server always returns 503 for EXPN
results.push({
list: specialLists[currentIndex],
responseCode: '503'
});
currentIndex++;
if (currentIndex < specialLists.length) {
receivedData = ''; // Clear buffer
socket.write(`EXPN ${specialLists[currentIndex]}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// All lists should get valid responses
results.forEach(result => {
expect(result.responseCode).toMatch(/^(250|251|252|502|503|550)$/);
});
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN security considerations
tap.test('EXPN - verify security behavior', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let commandDisabled = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn_security';
receivedData = ''; // Clear buffer before sending EXPN
socket.write('EXPN randomlist123\r\n');
} else if (currentStep === 'expn_security' && receivedData.includes(' ')) {
const responseCode = receivedData.match(/(\d{3})/)?.[1];
// Check if command is disabled for security or sequence validation
if (responseCode === '502' || responseCode === '252' || responseCode === '503') {
commandDisabled = true;
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Note: Many servers disable EXPN for security reasons
// to prevent email address harvesting
// Both enabled and disabled are valid configurations
// This server rejects EXPN with 503 due to sequence validation
if (responseCode === '503' || commandDisabled) {
expect(responseCode).toMatch(/^(502|252|503)$/);
console.log('EXPN disabled - good security practice');
} else {
expect(responseCode).toMatch(/^(250|251|550)$/);
}
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: EXPN response format
tap.test('EXPN - verify proper response format when supported', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'expn_format';
receivedData = ''; // Clear buffer before sending EXPN
socket.write('EXPN postmaster\r\n');
} else if (currentStep === 'expn_format' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
// This server returns 503 for EXPN commands
if (receivedData.includes('503')) {
// Server doesn't support EXPN in the current state
expect(receivedData).toInclude('503');
} else if (receivedData.includes('250-') || receivedData.includes('250 ')) {
// Multi-line response format check
const expansionLines = lines.filter(l => l.startsWith('250'));
expect(expansionLines.length).toBeGreaterThan(0);
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

465
test/suite/smtpserver_commands/test.cmd-09.size-extension.ts
View File

@@ -1,465 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 15000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: SIZE extension advertised in EHLO
tap.test('SIZE Extension - should advertise SIZE in EHLO response', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let sizeSupported = false;
let maxMessageSize: number | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
// Check if SIZE extension is advertised
if (receivedData.includes('SIZE')) {
sizeSupported = true;
// Extract maximum message size if specified
const sizeMatch = receivedData.match(/SIZE\s+(\d+)/);
if (sizeMatch) {
maxMessageSize = parseInt(sizeMatch[1]);
}
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(sizeSupported).toEqual(true);
if (maxMessageSize !== null) {
expect(maxMessageSize).toBeGreaterThan(0);
}
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: MAIL FROM with SIZE parameter
tap.test('SIZE Extension - should accept MAIL FROM with SIZE parameter', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const messageSize = 1000;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from_size';
socket.write(`MAIL FROM:<sender@example.com> SIZE=${messageSize}\r\n`);
} else if (currentStep === 'mail_from_size' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250 OK');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: SIZE parameter with various sizes
tap.test('SIZE Extension - should handle different message sizes', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const testSizes = [1000, 10000, 100000, 1000000]; // 1KB, 10KB, 100KB, 1MB
let currentSizeIndex = 0;
const sizeResults: Array<{ size: number; accepted: boolean; response: string }> = [];
const testNextSize = () => {
if (currentSizeIndex < testSizes.length) {
receivedData = ''; // Clear buffer
const size = testSizes[currentSizeIndex];
socket.write(`MAIL FROM:<sender@example.com> SIZE=${size}\r\n`);
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// At least some sizes should be accepted
const acceptedCount = sizeResults.filter(r => r.accepted).length;
expect(acceptedCount).toBeGreaterThan(0);
// Verify larger sizes may be rejected
const largeRejected = sizeResults
.filter(r => r.size >= 1000000 && !r.accepted)
.length;
expect(largeRejected + acceptedCount).toEqual(sizeResults.length);
done.resolve();
}, 100);
}
};
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from_sizes';
testNextSize();
} else if (currentStep === 'mail_from_sizes') {
if (receivedData.includes('250')) {
// Size accepted
sizeResults.push({
size: testSizes[currentSizeIndex],
accepted: true,
response: receivedData.trim()
});
socket.write('RSET\r\n');
currentSizeIndex++;
currentStep = 'rset';
} else if (receivedData.includes('552') || receivedData.includes('5')) {
// Size rejected
sizeResults.push({
size: testSizes[currentSizeIndex],
accepted: false,
response: receivedData.trim()
});
socket.write('RSET\r\n');
currentSizeIndex++;
currentStep = 'rset';
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_from_sizes';
testNextSize();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: SIZE parameter exceeding limit
tap.test('SIZE Extension - should reject SIZE exceeding server limit', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let maxSize: number | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
// Extract max size if advertised
const sizeMatch = receivedData.match(/SIZE\s+(\d+)/);
if (sizeMatch) {
maxSize = parseInt(sizeMatch[1]);
}
currentStep = 'mail_from_oversized';
// Try to send a message larger than any reasonable limit
const oversizedValue = maxSize ? maxSize + 1 : 100000000; // 100MB or maxSize+1
socket.write(`MAIL FROM:<sender@example.com> SIZE=${oversizedValue}\r\n`);
} else if (currentStep === 'mail_from_oversized') {
if (receivedData.includes('552') || receivedData.includes('5')) {
// Size limit exceeded - expected
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toMatch(/552|5\d{2}/);
done.resolve();
}, 100);
} else if (receivedData.includes('250')) {
// If accepted, server has very high or no limit
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: SIZE=0 (empty message)
tap.test('SIZE Extension - should handle SIZE=0', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from_zero_size';
socket.write('MAIL FROM:<sender@example.com> SIZE=0\r\n');
} else if (currentStep === 'mail_from_zero_size' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Invalid SIZE parameter
tap.test('SIZE Extension - should reject invalid SIZE values', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const invalidSizes = ['abc', '-1', '1.5', '']; // Invalid size values
let currentIndex = 0;
const results: Array<{ value: string; rejected: boolean }> = [];
const testNextInvalidSize = () => {
if (currentIndex < invalidSizes.length) {
receivedData = ''; // Clear buffer
const invalidSize = invalidSizes[currentIndex];
socket.write(`MAIL FROM:<sender@example.com> SIZE=${invalidSize}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// This server accepts invalid SIZE values without strict validation
// This is permissive but not necessarily incorrect
// Just verify we got responses for all test cases
expect(results.length).toEqual(invalidSizes.length);
done.resolve();
}, 100);
}
};
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'invalid_sizes';
testNextInvalidSize();
} else if (currentStep === 'invalid_sizes' && currentIndex < invalidSizes.length) {
if (receivedData.includes('250')) {
// This server accepts invalid size values
results.push({
value: invalidSizes[currentIndex],
rejected: false
});
} else if (receivedData.includes('501') || receivedData.includes('552')) {
// Invalid parameter - proper validation
results.push({
value: invalidSizes[currentIndex],
rejected: true
});
}
socket.write('RSET\r\n');
currentIndex++;
currentStep = 'rset';
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'invalid_sizes';
testNextInvalidSize();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: SIZE with actual message data
tap.test('SIZE Extension - should enforce SIZE during DATA phase', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const declaredSize = 100; // Declare 100 bytes
const actualMessage = 'X'.repeat(200); // Send 200 bytes (more than declared)
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write(`MAIL FROM:<sender@example.com> SIZE=${declaredSize}\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'message';
// Send message larger than declared size
socket.write(`Subject: Size Test\r\n\r\n${actualMessage}\r\n.\r\n`);
} else if (currentStep === 'message') {
// Server may accept or reject based on enforcement
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Either accepted (250) or rejected (552)
expect(receivedData).toMatch(/250|552/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

454
test/suite/smtpserver_commands/test.cmd-10.help-command.ts
View File

@@ -1,454 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic HELP command
tap.test('HELP - should respond to general HELP command', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'help';
receivedData = ''; // Clear buffer before sending HELP
socket.write('HELP\r\n');
} else if (currentStep === 'help' && receivedData.includes('214')) {
const lines = receivedData.split('\r\n');
const helpResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = helpResponse?.substring(0, 3);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// HELP may return:
// 214 - Help message
// 502 - Command not implemented
// 504 - Command parameter not implemented
expect(responseCode).toMatch(/^(214|502|504)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP with specific topics
tap.test('HELP - should respond to HELP with specific command topics', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const helpTopics = ['EHLO', 'MAIL', 'RCPT', 'DATA', 'QUIT'];
let currentTopicIndex = 0;
const helpResults: Array<{ topic: string; responseCode: string; supported: boolean }> = [];
const getLastResponse = (data: string): string => {
const lines = data.split('\r\n');
for (let i = lines.length - 1; i >= 0; i--) {
const line = lines[i].trim();
if (line && /^\d{3}/.test(line)) {
return line;
}
}
return '';
};
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'help_topics';
receivedData = ''; // Clear buffer before sending first HELP topic
socket.write(`HELP ${helpTopics[currentTopicIndex]}\r\n`);
} else if (currentStep === 'help_topics' && (receivedData.includes('214') || receivedData.includes('502') || receivedData.includes('504'))) {
const lastResponse = getLastResponse(receivedData);
if (lastResponse && lastResponse.match(/^\d{3}/)) {
const responseCode = lastResponse.substring(0, 3);
helpResults.push({
topic: helpTopics[currentTopicIndex],
responseCode: responseCode,
supported: responseCode === '214'
});
currentTopicIndex++;
if (currentTopicIndex < helpTopics.length) {
receivedData = ''; // Clear buffer
socket.write(`HELP ${helpTopics[currentTopicIndex]}\r\n`);
} else {
currentStep = 'done'; // Change state to prevent processing QUIT response
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should have results for all topics
expect(helpResults.length).toEqual(helpTopics.length);
// All responses should be valid
helpResults.forEach(result => {
expect(result.responseCode).toMatch(/^(214|502|504)$/);
});
done.resolve();
}, 100);
}
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP response format
tap.test('HELP - should return properly formatted help text', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let helpResponse = '';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'help';
receivedData = ''; // Clear to capture only HELP response
socket.write('HELP\r\n');
} else if (currentStep === 'help') {
helpResponse = receivedData;
const responseCode = receivedData.match(/(\d{3})/)?.[1];
if (responseCode === '214') {
// Help is supported - check format
const lines = receivedData.split('\r\n');
const helpLines = lines.filter(l => l.startsWith('214'));
// Should have at least one help line
expect(helpLines.length).toBeGreaterThan(0);
// Multi-line help should use 214- prefix
if (helpLines.length > 1) {
const hasMultilineFormat = helpLines.some(l => l.startsWith('214-'));
expect(hasMultilineFormat).toEqual(true);
}
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP during transaction
tap.test('HELP - should work during mail transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'help_during_transaction';
receivedData = ''; // Clear buffer before sending HELP
socket.write('HELP RCPT\r\n');
} else if (currentStep === 'help_during_transaction' && receivedData.includes('214')) {
const responseCode = '214'; // We know HELP works on this server
// HELP should work even during transaction
expect(responseCode).toMatch(/^(214|502|504)$/);
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP with invalid topic
tap.test('HELP - should handle HELP with invalid topic', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'help_invalid';
receivedData = ''; // Clear buffer before sending HELP
socket.write('HELP INVALID_COMMAND_XYZ\r\n');
} else if (currentStep === 'help_invalid' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
const helpResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = helpResponse?.substring(0, 3);
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should return 504 (command parameter not implemented) or
// 214 (general help) or 502 (not implemented)
expect(responseCode).toMatch(/^(214|502|504)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP availability check
tap.test('HELP - verify HELP command optional status', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let helpSupported = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
// Check if HELP is advertised in EHLO response
if (receivedData.includes('HELP')) {
console.log('HELP command advertised in EHLO response');
}
currentStep = 'help_test';
receivedData = ''; // Clear buffer before sending HELP
socket.write('HELP\r\n');
} else if (currentStep === 'help_test' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
const helpResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = helpResponse?.substring(0, 3);
if (responseCode === '214') {
helpSupported = true;
console.log('HELP command is supported');
} else if (responseCode === '502') {
console.log('HELP command not implemented (optional per RFC 5321)');
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Both supported and not supported are valid
expect(responseCode).toMatch(/^(214|502)$/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELP content usefulness
tap.test('HELP - check if help content is useful when supported', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'help_data';
receivedData = ''; // Clear buffer before sending HELP
socket.write('HELP DATA\r\n');
} else if (currentStep === 'help_data' && receivedData.includes(' ')) {
const lines = receivedData.split('\r\n');
const helpResponse = lines.find(line => line.match(/^\d{3}/));
const responseCode = helpResponse?.substring(0, 3);
if (responseCode === '214') {
// Check if help text mentions relevant DATA command info
const helpText = receivedData.toLowerCase();
if (helpText.includes('data') || helpText.includes('message') || helpText.includes('354')) {
console.log('HELP provides relevant information about DATA command');
}
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

334
test/suite/smtpserver_commands/test.cmd-11.command-pipelining.ts
View File

@@ -1,334 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 30000;
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
tap.test('Command Pipelining - should advertise PIPELINING in EHLO response', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
console.log('EHLO response:', ehloResponse);
// Check if PIPELINING is advertised
const pipeliningAdvertised = ehloResponse.includes('250-PIPELINING') || ehloResponse.includes('250 PIPELINING');
console.log('PIPELINING advertised:', pipeliningAdvertised);
// Clean up
socket.write('QUIT\r\n');
socket.end();
// Note: PIPELINING is optional per RFC 2920
expect(ehloResponse).toInclude('250');
} finally {
done.resolve();
}
});
tap.test('Command Pipelining - should handle pipelined MAIL FROM and RCPT TO', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send pipelined commands (all at once)
const pipelinedCommands =
'MAIL FROM:<sender@example.com>\r\n' +
'RCPT TO:<recipient@example.com>\r\n';
console.log('Sending pipelined commands...');
socket.write(pipelinedCommands);
// Collect responses
const responses = await new Promise<string>((resolve) => {
let data = '';
let responseCount = 0;
const handler = (chunk: Buffer) => {
data += chunk.toString();
const lines = data.split('\r\n').filter(line => line.trim());
// Count responses that look like complete SMTP responses
const completeResponses = lines.filter(line => /^[0-9]{3}(\s|-)/.test(line));
// We expect 2 responses (one for MAIL FROM, one for RCPT TO)
if (completeResponses.length >= 2) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
// Timeout if we don't get responses
setTimeout(() => {
socket.removeListener('data', handler);
resolve(data);
}, 5000);
});
console.log('Pipelined command responses:', responses);
// Parse responses
const responseLines = responses.split('\r\n').filter(line => line.trim());
const mailFromResponse = responseLines.find(line => line.match(/^250.*/) && responseLines.indexOf(line) === 0);
const rcptToResponse = responseLines.find(line => line.match(/^250.*/) && responseLines.indexOf(line) === 1);
// Both commands should succeed
expect(mailFromResponse).toBeDefined();
expect(rcptToResponse).toBeDefined();
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Command Pipelining - should handle pipelined commands with DATA', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send pipelined MAIL FROM, RCPT TO, and DATA commands
const pipelinedCommands =
'MAIL FROM:<sender@example.com>\r\n' +
'RCPT TO:<recipient@example.com>\r\n' +
'DATA\r\n';
console.log('Sending pipelined commands with DATA...');
socket.write(pipelinedCommands);
// Collect responses
const responses = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
// Look for the DATA prompt (354)
if (data.includes('354')) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
setTimeout(() => {
socket.removeListener('data', handler);
resolve(data);
}, 5000);
});
console.log('Responses including DATA:', responses);
// Should get 250 for MAIL FROM, 250 for RCPT TO, and 354 for DATA
expect(responses).toInclude('250'); // MAIL FROM OK
expect(responses).toInclude('354'); // Start mail input
// Send email content
const emailContent = 'Subject: Pipelining Test\r\nFrom: sender@example.com\r\nTo: recipient@example.com\r\n\r\nTest email with pipelining.\r\n.\r\n';
socket.write(emailContent);
// Get final response
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Final response:', finalResponse);
expect(finalResponse).toInclude('250');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Command Pipelining - should handle pipelined NOOP commands', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send multiple pipelined NOOP commands
const pipelinedNoops =
'NOOP\r\n' +
'NOOP\r\n' +
'NOOP\r\n';
console.log('Sending pipelined NOOP commands...');
socket.write(pipelinedNoops);
// Collect responses
const responses = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
const responseCount = (data.match(/^250.*OK/gm) || []).length;
// We expect 3 NOOP responses
if (responseCount >= 3) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
setTimeout(() => {
socket.removeListener('data', handler);
resolve(data);
}, 5000);
});
console.log('NOOP responses:', responses);
// Count OK responses
const okResponses = (responses.match(/^250.*OK/gm) || []).length;
expect(okResponses).toBeGreaterThanOrEqual(3);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

420
test/suite/smtpserver_commands/test.cmd-12.helo-command.ts
View File

@@ -1,420 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic HELO command
tap.test('HELO - should accept HELO command', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo';
socket.write('HELO test.example.com\r\n');
} else if (currentStep === 'helo' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELO without hostname
tap.test('HELO - should reject HELO without hostname', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo_no_hostname';
socket.write('HELO\r\n'); // Missing hostname
} else if (currentStep === 'helo_no_hostname' && receivedData.includes('501')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('501'); // Syntax error
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Multiple HELO commands
tap.test('HELO - should accept multiple HELO commands', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let heloCount = 0;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'first_helo';
receivedData = '';
socket.write('HELO test1.example.com\r\n');
} else if (currentStep === 'first_helo' && receivedData.includes('250 ')) {
heloCount++;
currentStep = 'second_helo';
receivedData = ''; // Clear buffer
socket.write('HELO test2.example.com\r\n');
} else if (currentStep === 'second_helo' && receivedData.includes('250 ')) {
heloCount++;
receivedData = '';
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(heloCount).toEqual(2);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELO after EHLO
tap.test('HELO - should accept HELO after EHLO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'helo_after_ehlo';
receivedData = ''; // Clear buffer
socket.write('HELO test.example.com\r\n');
} else if (currentStep === 'helo_after_ehlo' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELO response format
tap.test('HELO - should return simple 250 response', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let heloResponse = '';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo';
receivedData = ''; // Clear to capture only HELO response
socket.write('HELO test.example.com\r\n');
} else if (currentStep === 'helo' && receivedData.includes('250')) {
heloResponse = receivedData.trim();
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// This server returns multi-line response even for HELO
// (technically incorrect per RFC, but we test actual behavior)
expect(heloResponse).toStartWith('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: SMTP commands after HELO
tap.test('HELO - should process SMTP commands after HELO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo';
socket.write('HELO test.example.com\r\n');
} else if (currentStep === 'helo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELO with special characters
tap.test('HELO - should handle hostnames with special characters', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const specialHostnames = [
'test-host.example.com', // Hyphen
'test_host.example.com', // Underscore (technically invalid but common)
'192.168.1.1', // IP address
'[192.168.1.1]', // Bracketed IP
'localhost', // Single label
'UPPERCASE.EXAMPLE.COM' // Uppercase
];
let currentIndex = 0;
const results: Array<{ hostname: string; accepted: boolean }> = [];
const testNextHostname = () => {
if (currentIndex < specialHostnames.length) {
receivedData = ''; // Clear buffer
socket.write(`HELO ${specialHostnames[currentIndex]}\r\n`);
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Most hostnames should be accepted
const acceptedCount = results.filter(r => r.accepted).length;
expect(acceptedCount).toBeGreaterThan(specialHostnames.length / 2);
done.resolve();
}, 100);
}
};
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo_special';
testNextHostname();
} else if (currentStep === 'helo_special') {
if (receivedData.includes('250')) {
results.push({
hostname: specialHostnames[currentIndex],
accepted: true
});
} else if (receivedData.includes('501')) {
results.push({
hostname: specialHostnames[currentIndex],
accepted: false
});
}
currentIndex++;
testNextHostname();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: HELO vs EHLO feature availability
tap.test('HELO - verify no extensions with HELO', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'helo';
socket.write('HELO test.example.com\r\n');
} else if (currentStep === 'helo' && receivedData.includes('250')) {
// Note: This server returns ESMTP extensions even for HELO commands
// This differs from strict RFC compliance but matches the server's behavior
// expect(receivedData).not.toInclude('SIZE');
// expect(receivedData).not.toInclude('STARTTLS');
// expect(receivedData).not.toInclude('AUTH');
// expect(receivedData).not.toInclude('8BITMIME');
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

384
test/suite/smtpserver_commands/test.cmd-13.quit-command.ts
View File

@@ -1,384 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
let testServer;
const TEST_TIMEOUT = 10000;
// Setup
tap.test('prepare server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test: Basic QUIT command
tap.test('QUIT - should close connection gracefully', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let connectionClosed = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'quit';
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
// Don't destroy immediately, wait for server to close connection
setTimeout(() => {
if (!connectionClosed) {
socket.destroy();
expect(receivedData).toInclude('221'); // Closing connection message
done.resolve();
}
}, 2000);
}
});
socket.on('close', () => {
if (currentStep === 'quit' && receivedData.includes('221')) {
connectionClosed = true;
expect(receivedData).toInclude('221');
done.resolve();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: QUIT during transaction
tap.test('QUIT - should work during active transaction', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'quit';
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('221');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: QUIT immediately after connect
tap.test('QUIT - should work immediately after connection', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'quit';
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('221');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: QUIT with parameters (should be ignored or rejected)
tap.test('QUIT - should handle QUIT with parameters', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'quit_with_param';
receivedData = '';
socket.write('QUIT unexpected parameter\r\n');
} else if (currentStep === 'quit_with_param' && (receivedData.includes('221') || receivedData.includes('501'))) {
// Server may accept (221) or reject (501) QUIT with parameters
const responseCode = receivedData.match(/(\d{3})/)?.[1];
socket.destroy();
expect(['221', '501']).toInclude(responseCode);
done.resolve();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Multiple QUITs (second should fail)
tap.test('QUIT - second QUIT should fail after connection closed', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let quitSent = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'quit';
receivedData = '';
socket.write('QUIT\r\n');
quitSent = true;
} else if (currentStep === 'quit' && receivedData.includes('221')) {
// Try to send another QUIT
try {
socket.write('QUIT\r\n');
// If write succeeds, wait a bit to see if we get a response
setTimeout(() => {
socket.destroy();
done.resolve(); // Test passes either way
}, 500);
} catch (err) {
// Write failed because connection closed - this is expected
done.resolve();
}
}
});
socket.on('close', () => {
if (quitSent) {
done.resolve();
}
});
socket.on('error', (error) => {
if (quitSent && error.message.includes('EPIPE')) {
// Expected error when writing to closed socket
done.resolve();
} else {
done.reject(error);
}
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: QUIT response format
tap.test('QUIT - should return proper 221 response', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let quitResponse = '';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'quit';
receivedData = ''; // Clear buffer to capture only QUIT response
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
quitResponse = receivedData.trim();
setTimeout(() => {
socket.destroy();
expect(quitResponse).toStartWith('221');
expect(quitResponse.toLowerCase()).toInclude('closing');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Connection cleanup after QUIT
tap.test('QUIT - verify clean connection shutdown', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let closeEventFired = false;
let endEventFired = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'quit';
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
// Wait for clean shutdown
setTimeout(() => {
if (!closeEventFired && !endEventFired) {
socket.destroy();
done.resolve();
}
}, 3000);
}
});
socket.on('end', () => {
endEventFired = true;
});
socket.on('close', () => {
closeEventFired = true;
if (currentStep === 'quit') {
expect(endEventFired || closeEventFired).toEqual(true);
done.resolve();
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('cleanup server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

61
test/suite/smtpserver_connection/test.cm-01.tls-connection.ts
View File

@@ -1,61 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
import { connectToSmtp, performSmtpHandshake, closeSmtpConnection } from '../../helpers/utils.js';
let testServer: ITestServer;
tap.test('setup - start SMTP server with TLS support', async () => {
testServer = await startTestServer({
port: 2525,
tlsEnabled: true // Enable TLS support
});
await new Promise(resolve => setTimeout(resolve, 1000));
expect(testServer.port).toEqual(2525);
});
tap.test('CM-01: TLS Connection Test - server should advertise STARTTLS capability', async () => {
const startTime = Date.now();
try {
// Connect to SMTP server
const socket = await connectToSmtp(testServer.hostname, testServer.port);
expect(socket).toBeInstanceOf(Object);
// Perform handshake and get capabilities
const capabilities = await performSmtpHandshake(socket, 'test.example.com');
expect(capabilities).toBeArray();
// Check for STARTTLS support
const supportsStarttls = capabilities.some(cap => cap.toUpperCase().includes('STARTTLS'));
expect(supportsStarttls).toEqual(true);
// Close connection gracefully
await closeSmtpConnection(socket);
const duration = Date.now() - startTime;
console.log(`✅ TLS capability test completed in ${duration}ms`);
console.log(`📋 Server capabilities: ${capabilities.join(', ')}`);
} catch (error) {
const duration = Date.now() - startTime;
console.error(`❌ TLS connection test failed after ${duration}ms:`, error);
throw error;
}
});
tap.test('CM-01: TLS Connection Test - verify TLS certificate configuration', async () => {
// This test verifies that the server has TLS certificates configured
expect(testServer.config.tlsEnabled).toEqual(true);
// The server should have loaded certificates during startup
// In production, this would validate actual certificate properties
console.log('✅ TLS configuration verified');
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
console.log('✅ Test server stopped');
});
export default tap.start();

112
test/suite/smtpserver_connection/test.cm-02.multiple-connections.ts
View File

@@ -1,112 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
import { createConcurrentConnections, performSmtpHandshake, closeSmtpConnection } from '../../helpers/utils.js';
let testServer: ITestServer;
const CONCURRENT_COUNT = 10;
const TEST_PORT = 2527;
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({
port: 2526
});
await new Promise(resolve => setTimeout(resolve, 1000));
expect(testServer.port).toEqual(2526);
});
tap.test('CM-02: Multiple Simultaneous Connections - server handles concurrent connections', async () => {
const startTime = Date.now();
try {
// Create multiple concurrent connections
console.log(`🔄 Creating ${CONCURRENT_COUNT} concurrent connections...`);
const sockets = await createConcurrentConnections(
testServer.hostname,
testServer.port,
CONCURRENT_COUNT
);
expect(sockets).toBeArray();
expect(sockets.length).toEqual(CONCURRENT_COUNT);
// Verify all connections are active
let activeCount = 0;
for (const socket of sockets) {
if (socket && !socket.destroyed) {
activeCount++;
}
}
expect(activeCount).toEqual(CONCURRENT_COUNT);
// Perform handshake on all connections
console.log('🤝 Performing handshake on all connections...');
const handshakePromises = sockets.map(socket =>
performSmtpHandshake(socket).catch(err => ({ error: err.message }))
);
const results = await Promise.all(handshakePromises);
const successCount = results.filter(r => Array.isArray(r)).length;
expect(successCount).toBeGreaterThan(0);
console.log(`${successCount}/${CONCURRENT_COUNT} connections completed handshake`);
// Close all connections
console.log('🔚 Closing all connections...');
await Promise.all(
sockets.map(socket => closeSmtpConnection(socket).catch(() => {}))
);
const duration = Date.now() - startTime;
console.log(`✅ Multiple connection test completed in ${duration}ms`);
} catch (error) {
console.error('❌ Multiple connection test failed:', error);
throw error;
}
});
// TODO: Enable this test when connection limits are implemented in the server
// tap.test('CM-02: Connection limit enforcement - verify max connections', async () => {
// const maxConnections = 5;
//
// // Start a new server with lower connection limit
// const limitedServer = await startTestServer({ port: TEST_PORT });
//
// await new Promise(resolve => setTimeout(resolve, 1000));
//
// try {
// // Try to create more connections than allowed
// const attemptCount = maxConnections + 5;
// console.log(`🔄 Attempting ${attemptCount} connections (limit: ${maxConnections})...`);
//
// const connectionPromises = [];
// for (let i = 0; i < attemptCount; i++) {
// connectionPromises.push(
// createConcurrentConnections(limitedServer.hostname, limitedServer.port, 1)
// .then(() => ({ success: true, index: i }))
// .catch(err => ({ success: false, index: i, error: err.message }))
// );
// }
//
// const results = await Promise.all(connectionPromises);
// const successfulConnections = results.filter(r => r.success).length;
// const failedConnections = results.filter(r => !r.success).length;
//
// console.log(`✅ Successful connections: ${successfulConnections}`);
// console.log(`❌ Failed connections: ${failedConnections}`);
//
// // Some connections should fail due to limit
// expect(failedConnections).toBeGreaterThan(0);
//
// } finally {
// await stopTestServer(limitedServer);
// }
// });
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
console.log('✅ Test server stopped');
});
export default tap.start();

134
test/suite/smtpserver_connection/test.cm-03.connection-timeout.ts
View File

@@ -1,134 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
import * as plugins from '../../../ts/plugins.js';
const TEST_PORT = 2525;
let testServer: ITestServer;
tap.test('setup - start SMTP server with short timeout', async () => {
testServer = await startTestServer({
port: TEST_PORT,
timeout: 5000 // 5 second timeout for this test
});
await new Promise(resolve => setTimeout(resolve, 1000));
});
tap.test('CM-03: Connection Timeout - idle connections are closed after timeout', async (tools) => {
const startTime = Date.now();
// Create connection
const socket = await new Promise<plugins.net.Socket>((resolve, reject) => {
const client = plugins.net.createConnection({
host: testServer.hostname,
port: testServer.port
});
client.on('connect', () => resolve(client));
client.on('error', reject);
setTimeout(() => reject(new Error('Connection timeout')), 3000);
});
// Wait for greeting
await new Promise<void>((resolve) => {
socket.once('data', (data) => {
const response = data.toString();
expect(response).toInclude('220');
resolve();
});
});
console.log('✅ Connected and received greeting');
// Now stay idle and wait for server to timeout the connection
const disconnectPromise = new Promise<number>((resolve) => {
socket.on('close', () => {
const duration = Date.now() - startTime;
resolve(duration);
});
socket.on('end', () => {
console.log('📡 Server initiated connection close');
});
socket.on('error', (err) => {
console.log('⚠️ Socket error:', err.message);
});
});
// Wait for timeout (should be around 5 seconds)
const duration = await disconnectPromise;
console.log(`⏱️ Connection closed after ${duration}ms`);
// Verify timeout happened within expected range (4-6 seconds)
expect(duration).toBeGreaterThan(4000);
expect(duration).toBeLessThan(7000);
console.log('✅ Connection timeout test passed');
});
tap.test('CM-03: Active connection should not timeout', async () => {
// Create new connection
const socket = plugins.net.createConnection({
host: testServer.hostname,
port: testServer.port
});
await new Promise<void>((resolve) => {
socket.on('connect', resolve);
});
// Wait for greeting
await new Promise<void>((resolve) => {
socket.once('data', resolve);
});
// Keep connection active with NOOP commands
let isConnected = true;
socket.on('close', () => {
isConnected = false;
});
// Send NOOP every 2 seconds for 8 seconds
for (let i = 0; i < 4; i++) {
if (!isConnected) break;
socket.write('NOOP\r\n');
// Wait for response
await new Promise<void>((resolve) => {
socket.once('data', (data) => {
const response = data.toString();
expect(response).toInclude('250');
resolve();
});
});
console.log(`✅ NOOP ${i + 1}/4 successful`);
// Wait 2 seconds before next NOOP
await new Promise(resolve => setTimeout(resolve, 2000));
}
// Connection should still be active
expect(isConnected).toEqual(true);
// Close connection gracefully
socket.write('QUIT\r\n');
await new Promise<void>((resolve) => {
socket.once('data', () => {
socket.end();
resolve();
});
});
console.log('✅ Active connection did not timeout');
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

374
test/suite/smtpserver_connection/test.cm-04.connection-limits.ts
View File

@@ -1,374 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
const TEST_TIMEOUT = 5000;
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
// Test: Basic connection limit enforcement
tap.test('Connection Limits - should handle multiple connections gracefully', async (tools) => {
const done = tools.defer();
const maxConnections = 20; // Test with reasonable number
const testConnections = maxConnections + 5; // Try 5 more than limit
const connections: net.Socket[] = [];
const connectionPromises: Promise<{ index: number; success: boolean; error?: string }>[] = [];
// Helper to create a connection with index
const createConnectionWithIndex = (index: number): Promise<{ index: number; success: boolean; error?: string }> => {
return new Promise((resolve) => {
let timeoutHandle: NodeJS.Timeout;
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
socket.on('connect', () => {
clearTimeout(timeoutHandle);
connections[index] = socket;
// Wait for server greeting
socket.on('data', (data) => {
if (data.toString().includes('220')) {
resolve({ index, success: true });
}
});
});
socket.on('error', (err) => {
clearTimeout(timeoutHandle);
resolve({ index, success: false, error: err.message });
});
timeoutHandle = setTimeout(() => {
socket.destroy();
resolve({ index, success: false, error: 'Connection timeout' });
}, TEST_TIMEOUT);
} catch (err: any) {
resolve({ index, success: false, error: err.message });
}
});
};
// Create connections
for (let i = 0; i < testConnections; i++) {
connectionPromises.push(createConnectionWithIndex(i));
}
const results = await Promise.all(connectionPromises);
// Count successful connections
const successfulConnections = results.filter(r => r.success).length;
const failedConnections = results.filter(r => !r.success).length;
// Clean up connections
for (const socket of connections) {
if (socket && !socket.destroyed) {
socket.write('QUIT\r\n');
setTimeout(() => socket.destroy(), 100);
}
}
// Verify results
expect(successfulConnections).toBeGreaterThan(0);
// If some connections were rejected, that's good (limit enforced)
// If all connections succeeded, that's also acceptable (high/no limit)
if (failedConnections > 0) {
console.log(`Server enforced connection limit: ${successfulConnections} accepted, ${failedConnections} rejected`);
} else {
console.log(`Server accepted all ${successfulConnections} connections`);
}
done.resolve();
await done.promise;
});
// Test: Connection limit recovery
tap.test('Connection Limits - should accept new connections after closing old ones', async (tools) => {
const done = tools.defer();
const batchSize = 10;
const firstBatch: net.Socket[] = [];
const secondBatch: net.Socket[] = [];
// Create first batch of connections
const firstBatchPromises = [];
for (let i = 0; i < batchSize; i++) {
firstBatchPromises.push(
new Promise<boolean>((resolve) => {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
socket.on('connect', () => {
firstBatch.push(socket);
socket.on('data', (data) => {
if (data.toString().includes('220')) {
resolve(true);
}
});
});
socket.on('error', () => resolve(false));
})
);
}
const firstResults = await Promise.all(firstBatchPromises);
const firstSuccessCount = firstResults.filter(r => r).length;
// Close first batch
for (const socket of firstBatch) {
if (socket && !socket.destroyed) {
socket.write('QUIT\r\n');
}
}
// Wait for connections to close
await new Promise(resolve => setTimeout(resolve, 1000));
// Destroy sockets
for (const socket of firstBatch) {
if (socket && !socket.destroyed) {
socket.destroy();
}
}
// Create second batch
const secondBatchPromises = [];
for (let i = 0; i < batchSize; i++) {
secondBatchPromises.push(
new Promise<boolean>((resolve) => {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
socket.on('connect', () => {
secondBatch.push(socket);
socket.on('data', (data) => {
if (data.toString().includes('220')) {
resolve(true);
}
});
});
socket.on('error', () => resolve(false));
})
);
}
const secondResults = await Promise.all(secondBatchPromises);
const secondSuccessCount = secondResults.filter(r => r).length;
// Clean up second batch
for (const socket of secondBatch) {
if (socket && !socket.destroyed) {
socket.write('QUIT\r\n');
setTimeout(() => socket.destroy(), 100);
}
}
// Both batches should have successful connections
expect(firstSuccessCount).toBeGreaterThan(0);
expect(secondSuccessCount).toBeGreaterThan(0);
done.resolve();
await done.promise;
});
// Test: Rapid connection attempts
tap.test('Connection Limits - should handle rapid connection attempts', async (tools) => {
const done = tools.defer();
const rapidConnections = 50;
const connections: net.Socket[] = [];
let successCount = 0;
let errorCount = 0;
// Create connections as fast as possible
for (let i = 0; i < rapidConnections; i++) {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT
});
socket.on('connect', () => {
connections.push(socket);
successCount++;
});
socket.on('error', () => {
errorCount++;
});
}
// Wait for all connection attempts to settle
await new Promise(resolve => setTimeout(resolve, 3000));
// Clean up
for (const socket of connections) {
if (socket && !socket.destroyed) {
socket.destroy();
}
}
// Should handle at least some connections
expect(successCount).toBeGreaterThan(0);
console.log(`Rapid connections: ${successCount} succeeded, ${errorCount} failed`);
done.resolve();
await done.promise;
});
// Test: Connection limit with different client IPs (simulated)
tap.test('Connection Limits - should track connections per IP or globally', async (tools) => {
const done = tools.defer();
// Note: In real test, this would use different source IPs
// For now, we test from same IP but document the behavior
const connectionsPerIP = 5;
const connections: net.Socket[] = [];
const results: boolean[] = [];
for (let i = 0; i < connectionsPerIP; i++) {
const result = await new Promise<boolean>((resolve) => {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
socket.on('connect', () => {
connections.push(socket);
socket.on('data', (data) => {
if (data.toString().includes('220')) {
resolve(true);
}
});
});
socket.on('error', () => resolve(false));
});
results.push(result);
}
const successCount = results.filter(r => r).length;
// Clean up
for (const socket of connections) {
if (socket && !socket.destroyed) {
socket.write('QUIT\r\n');
setTimeout(() => socket.destroy(), 100);
}
}
// Should accept connections from same IP
expect(successCount).toBeGreaterThan(0);
console.log(`Per-IP connections: ${successCount} of ${connectionsPerIP} succeeded`);
done.resolve();
await done.promise;
});
// Test: Connection limit error messages
tap.test('Connection Limits - should provide meaningful error when limit reached', async (tools) => {
const done = tools.defer();
const manyConnections = 100;
const connections: net.Socket[] = [];
const errors: string[] = [];
let rejected = false;
// Create many connections to try to hit limit
const promises = [];
for (let i = 0; i < manyConnections; i++) {
promises.push(
new Promise<void>((resolve) => {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: 1000
});
socket.on('connect', () => {
connections.push(socket);
socket.on('data', (data) => {
const response = data.toString();
// Check if server sends connection limit message
if (response.includes('421') || response.includes('too many connections')) {
rejected = true;
errors.push(response);
}
resolve();
});
});
socket.on('error', (err) => {
if (err.message.includes('ECONNREFUSED') || err.message.includes('ECONNRESET')) {
rejected = true;
errors.push(err.message);
}
resolve();
});
socket.on('timeout', () => {
resolve();
});
})
);
}
await Promise.all(promises);
// Clean up
for (const socket of connections) {
if (socket && !socket.destroyed) {
socket.destroy();
}
}
// Log results
console.log(`Connection limit test: ${connections.length} connected, ${errors.length} rejected`);
if (rejected) {
console.log(`Sample rejection: ${errors[0]}`);
}
// Should have handled connections (either accepted or properly rejected)
expect(connections.length + errors.length).toBeGreaterThan(0);
done.resolve();
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

296
test/suite/smtpserver_connection/test.cm-05.connection-rejection.ts
View File

@@ -1,296 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server for connection rejection tests', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
tap.test('Connection Rejection - should handle suspicious domains', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
// Send EHLO with suspicious domain
socket.write('EHLO blocked.spammer.com\r\n');
const response = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n')) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
// Timeout after 5 seconds
setTimeout(() => {
socket.removeListener('data', handler);
resolve(data || 'TIMEOUT');
}, 5000);
});
console.log('Response to suspicious domain:', response);
// Server might reject with 421, 550, or accept (depends on configuration)
// We just verify it responds appropriately
const validResponses = ['250', '421', '550', '501'];
const hasValidResponse = validResponses.some(code => response.includes(code));
expect(hasValidResponse).toEqual(true);
// Clean up
if (!socket.destroyed) {
socket.write('QUIT\r\n');
socket.end();
}
} finally {
done.resolve();
}
});
tap.test('Connection Rejection - should handle overload conditions', async (tools) => {
const done = tools.defer();
const connections: net.Socket[] = [];
try {
// Create many connections rapidly
const rapidConnectionCount = 20; // Reduced from 50 to be more reasonable
const connectionPromises: Promise<net.Socket | null>[] = [];
for (let i = 0; i < rapidConnectionCount; i++) {
connectionPromises.push(
new Promise((resolve) => {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT
});
socket.on('connect', () => {
connections.push(socket);
resolve(socket);
});
socket.on('error', () => {
// Connection rejected - this is OK during overload
resolve(null);
});
// Timeout individual connections
setTimeout(() => resolve(null), 2000);
})
);
}
// Wait for all connection attempts
const results = await Promise.all(connectionPromises);
const successfulConnections = results.filter(r => r !== null).length;
console.log(`Created ${successfulConnections}/${rapidConnectionCount} connections`);
// Now try one more connection
let overloadRejected = false;
try {
const testSocket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: 5000
});
await new Promise<void>((resolve, reject) => {
testSocket.once('connect', () => {
testSocket.end();
resolve();
});
testSocket.once('error', (err) => {
overloadRejected = true;
reject(err);
});
setTimeout(() => {
testSocket.destroy();
resolve();
}, 5000);
});
} catch (error) {
console.log('Additional connection was rejected:', error);
overloadRejected = true;
}
console.log(`Overload test results:
- Successful connections: ${successfulConnections}
- Additional connection rejected: ${overloadRejected}
- Server behavior: ${overloadRejected ? 'Properly rejected under load' : 'Accepted all connections'}`);
// Either behavior is acceptable - rejection shows overload protection,
// acceptance shows high capacity
expect(true).toEqual(true);
} finally {
// Clean up all connections
for (const socket of connections) {
try {
if (!socket.destroyed) {
socket.end();
}
} catch (e) {
// Ignore cleanup errors
}
}
done.resolve();
}
});
tap.test('Connection Rejection - should reject invalid protocol', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner first
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Got banner:', banner);
// Send HTTP request instead of SMTP
socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n');
const response = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
};
socket.on('data', handler);
// Wait for response or connection close
socket.on('close', () => {
socket.removeListener('data', handler);
resolve(data);
});
// Timeout
setTimeout(() => {
socket.removeListener('data', handler);
socket.destroy();
resolve(data || 'CLOSED_WITHOUT_RESPONSE');
}, 3000);
});
console.log('Response to HTTP request:', response);
// Server should either:
// - Send error response (500, 501, 502, 421)
// - Close connection immediately
// - Send nothing and close
const errorResponses = ['500', '501', '502', '421'];
const hasErrorResponse = errorResponses.some(code => response.includes(code));
const closedWithoutResponse = response === 'CLOSED_WITHOUT_RESPONSE' || response === '';
expect(hasErrorResponse || closedWithoutResponse).toEqual(true);
if (hasErrorResponse) {
console.log('Server properly rejected with error response');
} else if (closedWithoutResponse) {
console.log('Server closed connection without response (also valid)');
}
} finally {
done.resolve();
}
});
tap.test('Connection Rejection - should handle invalid commands gracefully', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send completely invalid command
socket.write('INVALID_COMMAND_12345\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to invalid command:', response);
// Should get 500 or 502 error
expect(response).toMatch(/^5\d{2}/);
// Server should still be responsive
socket.write('NOOP\r\n');
const noopResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('NOOP response after error:', noopResponse);
expect(noopResponse).toInclude('250');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

468
test/suite/smtpserver_connection/test.cm-06.starttls-upgrade.ts
View File

@@ -1,468 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as tls from 'tls';
import * as path from 'path';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
const TEST_TIMEOUT = 30000; // Increased timeout for TLS handshake
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server with STARTTLS support', async () => {
testServer = await startTestServer({
port: TEST_PORT,
tlsEnabled: true // Enable TLS to advertise STARTTLS
});
await new Promise(resolve => setTimeout(resolve, 1000));
expect(testServer.port).toEqual(TEST_PORT);
});
// Test: Basic STARTTLS upgrade
tap.test('STARTTLS - should upgrade plain connection to TLS', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let tlsSocket: tls.TLSSocket | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
// Check if STARTTLS is advertised
if (receivedData.includes('STARTTLS')) {
currentStep = 'starttls';
socket.write('STARTTLS\r\n');
} else {
socket.destroy();
done.reject(new Error('STARTTLS not advertised in EHLO response'));
}
} else if (currentStep === 'starttls' && receivedData.includes('220')) {
// Server accepted STARTTLS - upgrade to TLS
currentStep = 'tls_handshake';
const tlsOptions: tls.ConnectionOptions = {
socket: socket,
servername: 'localhost',
rejectUnauthorized: false // Accept self-signed certificates for testing
};
tlsSocket = tls.connect(tlsOptions);
tlsSocket.on('secureConnect', () => {
// TLS handshake successful
currentStep = 'tls_ehlo';
tlsSocket!.write('EHLO test.example.com\r\n');
});
tlsSocket.on('data', (tlsData) => {
const tlsResponse = tlsData.toString();
if (currentStep === 'tls_ehlo' && tlsResponse.includes('250')) {
tlsSocket!.write('QUIT\r\n');
setTimeout(() => {
tlsSocket!.destroy();
expect(tlsSocket!.encrypted).toEqual(true);
done.resolve();
}, 100);
}
});
tlsSocket.on('error', (error) => {
done.reject(error);
});
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
if (tlsSocket) tlsSocket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: STARTTLS with commands after upgrade
tap.test('STARTTLS - should process SMTP commands after TLS upgrade', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let tlsSocket: tls.TLSSocket | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
if (receivedData.includes('STARTTLS')) {
currentStep = 'starttls';
socket.write('STARTTLS\r\n');
}
} else if (currentStep === 'starttls' && receivedData.includes('220')) {
currentStep = 'tls_handshake';
tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
});
tlsSocket.on('secureConnect', () => {
currentStep = 'tls_ehlo';
tlsSocket!.write('EHLO test.example.com\r\n');
});
tlsSocket.on('data', (tlsData) => {
const tlsResponse = tlsData.toString();
if (currentStep === 'tls_ehlo' && tlsResponse.includes('250')) {
currentStep = 'tls_mail_from';
tlsSocket!.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'tls_mail_from' && tlsResponse.includes('250')) {
currentStep = 'tls_rcpt_to';
tlsSocket!.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'tls_rcpt_to' && tlsResponse.includes('250')) {
currentStep = 'tls_data';
tlsSocket!.write('DATA\r\n');
} else if (currentStep === 'tls_data' && tlsResponse.includes('354')) {
currentStep = 'tls_message';
tlsSocket!.write('Subject: Test over TLS\r\n\r\nSecure message\r\n.\r\n');
} else if (currentStep === 'tls_message' && tlsResponse.includes('250')) {
tlsSocket!.write('QUIT\r\n');
setTimeout(() => {
const protocol = tlsSocket!.getProtocol();
const cipher = tlsSocket!.getCipher();
tlsSocket!.destroy();
// Protocol and cipher might be null in some cases
if (protocol) {
expect(typeof protocol).toEqual('string');
}
if (cipher) {
expect(cipher).toBeDefined();
expect(cipher.name).toBeDefined();
}
done.resolve();
}, 100);
}
});
tlsSocket.on('error', (error) => {
done.reject(error);
});
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
if (tlsSocket) tlsSocket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: STARTTLS rejected after MAIL FROM
tap.test('STARTTLS - should reject STARTTLS after transaction started', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'starttls_after_mail';
socket.write('STARTTLS\r\n');
} else if (currentStep === 'starttls_after_mail') {
if (receivedData.includes('503')) {
// Server correctly rejected STARTTLS after MAIL FROM
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('503'); // Bad sequence
done.resolve();
}, 100);
} else if (receivedData.includes('220')) {
// Server incorrectly accepted STARTTLS - this is a bug
// For now, let's accept this behavior but log it
console.log('WARNING: Server accepted STARTTLS after MAIL FROM - this violates RFC 3207');
socket.destroy();
done.resolve();
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Multiple STARTTLS attempts
tap.test('STARTTLS - should not allow STARTTLS after TLS is established', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let tlsSocket: tls.TLSSocket | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
if (receivedData.includes('STARTTLS')) {
currentStep = 'starttls';
socket.write('STARTTLS\r\n');
}
} else if (currentStep === 'starttls' && receivedData.includes('220')) {
currentStep = 'tls_handshake';
tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
});
tlsSocket.on('secureConnect', () => {
currentStep = 'tls_ehlo';
tlsSocket!.write('EHLO test.example.com\r\n');
});
tlsSocket.on('data', (tlsData) => {
const tlsResponse = tlsData.toString();
if (currentStep === 'tls_ehlo') {
// Check that STARTTLS is NOT advertised after TLS upgrade
expect(tlsResponse).not.toInclude('STARTTLS');
tlsSocket!.write('QUIT\r\n');
setTimeout(() => {
tlsSocket!.destroy();
done.resolve();
}, 100);
}
});
tlsSocket.on('error', (error) => {
done.reject(error);
});
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
if (tlsSocket) tlsSocket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: STARTTLS with invalid command
tap.test('STARTTLS - should handle commands during TLS negotiation', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
if (receivedData.includes('STARTTLS')) {
currentStep = 'starttls';
socket.write('STARTTLS\r\n');
}
} else if (currentStep === 'starttls' && receivedData.includes('220')) {
// Send invalid data instead of starting TLS handshake
currentStep = 'invalid_after_starttls';
socket.write('EHLO should.not.work\r\n');
setTimeout(() => {
socket.destroy();
done.resolve(); // Connection should close or timeout
}, 2000);
}
});
socket.on('close', () => {
if (currentStep === 'invalid_after_starttls') {
done.resolve();
}
});
socket.on('error', (error) => {
if (currentStep === 'invalid_after_starttls') {
done.resolve(); // Expected error
} else {
done.reject(error);
}
});
socket.on('timeout', () => {
socket.destroy();
if (currentStep === 'invalid_after_starttls') {
done.resolve();
} else {
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
}
});
await done.promise;
});
// Test: STARTTLS TLS version and cipher info
tap.test('STARTTLS - should use secure TLS version and ciphers', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let tlsSocket: tls.TLSSocket | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
if (receivedData.includes('STARTTLS')) {
currentStep = 'starttls';
socket.write('STARTTLS\r\n');
}
} else if (currentStep === 'starttls' && receivedData.includes('220')) {
currentStep = 'tls_handshake';
tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false,
minVersion: 'TLSv1.2' // Require at least TLS 1.2
});
tlsSocket.on('secureConnect', () => {
const protocol = tlsSocket!.getProtocol();
const cipher = tlsSocket!.getCipher();
// Verify TLS version
expect(typeof protocol).toEqual('string');
expect(['TLSv1.2', 'TLSv1.3']).toInclude(protocol!);
// Verify cipher info
expect(cipher).toBeDefined();
expect(cipher.name).toBeDefined();
expect(typeof cipher.name).toEqual('string');
tlsSocket!.write('QUIT\r\n');
setTimeout(() => {
tlsSocket!.destroy();
done.resolve();
}, 100);
});
tlsSocket.on('error', (error) => {
done.reject(error);
});
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
if (tlsSocket) tlsSocket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
if (testServer) {
await stopTestServer(testServer);
}
});
// Start the test
export default tap.start();

321
test/suite/smtpserver_connection/test.cm-07.abrupt-disconnection.ts
View File

@@ -1,321 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server for abrupt disconnection tests', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
tap.test('Abrupt Disconnection - should handle socket destruction without QUIT', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Abruptly disconnect without QUIT
console.log('Destroying socket without QUIT...');
socket.destroy();
// Wait a moment for server to handle the disconnection
await new Promise(resolve => setTimeout(resolve, 1000));
// Test server recovery - try new connection
console.log('Testing server recovery with new connection...');
const recoverySocket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
const recoveryConnected = await new Promise<boolean>((resolve) => {
recoverySocket.once('connect', () => resolve(true));
recoverySocket.once('error', () => resolve(false));
setTimeout(() => resolve(false), 5000);
});
expect(recoveryConnected).toEqual(true);
if (recoveryConnected) {
// Get banner from recovery connection
const recoveryBanner = await new Promise<string>((resolve) => {
recoverySocket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(recoveryBanner).toInclude('220');
console.log('Server recovered successfully, accepting new connections');
// Clean up recovery connection properly
recoverySocket.write('QUIT\r\n');
recoverySocket.end();
}
} finally {
done.resolve();
}
});
tap.test('Abrupt Disconnection - should handle multiple simultaneous abrupt disconnections', async (tools) => {
const done = tools.defer();
try {
const connections = 5;
const sockets: net.Socket[] = [];
// Create multiple connections
for (let i = 0; i < connections; i++) {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<void>((resolve) => {
socket.once('data', () => resolve());
});
sockets.push(socket);
}
console.log(`Created ${connections} connections`);
// Abruptly disconnect all at once
console.log('Destroying all sockets simultaneously...');
sockets.forEach(socket => socket.destroy());
// Wait for server to handle disconnections
await new Promise(resolve => setTimeout(resolve, 2000));
// Test that server still accepts new connections
console.log('Testing server stability after multiple abrupt disconnections...');
const testSocket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
const stillAccepting = await new Promise<boolean>((resolve) => {
testSocket.once('connect', () => resolve(true));
testSocket.once('error', () => resolve(false));
setTimeout(() => resolve(false), 5000);
});
expect(stillAccepting).toEqual(true);
if (stillAccepting) {
const banner = await new Promise<string>((resolve) => {
testSocket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
console.log('Server remained stable after multiple abrupt disconnections');
testSocket.write('QUIT\r\n');
testSocket.end();
}
} finally {
done.resolve();
}
});
tap.test('Abrupt Disconnection - should handle disconnection during DATA transfer', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Start DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Send partial email data then disconnect abruptly
socket.write('From: sender@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('Subject: Test ');
console.log('Disconnecting during DATA transfer...');
socket.destroy();
// Wait for server to handle disconnection
await new Promise(resolve => setTimeout(resolve, 1500));
// Verify server can handle new connections
const newSocket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
const canConnect = await new Promise<boolean>((resolve) => {
newSocket.once('connect', () => resolve(true));
newSocket.once('error', () => resolve(false));
setTimeout(() => resolve(false), 5000);
});
expect(canConnect).toEqual(true);
if (canConnect) {
const banner = await new Promise<string>((resolve) => {
newSocket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
console.log('Server recovered from disconnection during DATA transfer');
newSocket.write('QUIT\r\n');
newSocket.end();
}
} finally {
done.resolve();
}
});
tap.test('Abrupt Disconnection - should timeout idle connections', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
console.log('Connected, now testing idle timeout...');
// Don't send any commands and wait for server to potentially timeout
// Most servers have a timeout of 5-10 minutes, so we'll test shorter
let disconnectedByServer = false;
socket.on('close', () => {
disconnectedByServer = true;
});
socket.on('end', () => {
disconnectedByServer = true;
});
// Wait 10 seconds to see if server has a short idle timeout
await new Promise(resolve => setTimeout(resolve, 10000));
if (!disconnectedByServer) {
console.log('Server maintains idle connections (no short timeout detected)');
// Send QUIT to close gracefully
socket.write('QUIT\r\n');
socket.end();
} else {
console.log('Server disconnected idle connection');
}
// Either behavior is acceptable
expect(true).toEqual(true);
} finally {
done.resolve();
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

361
test/suite/smtpserver_connection/test.cm-08.tls-versions.ts
View File

@@ -1,361 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as tls from 'tls';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server with TLS support for version tests', async () => {
testServer = await startTestServer({
port: TEST_PORT,
tlsEnabled: true
});
await new Promise(resolve => setTimeout(resolve, 1000));
expect(testServer).toBeDefined();
});
tap.test('TLS Versions - should support STARTTLS capability', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
console.log('EHLO response:', ehloResponse);
// Check for STARTTLS support
const supportsStarttls = ehloResponse.includes('250-STARTTLS') || ehloResponse.includes('250 STARTTLS');
console.log('STARTTLS supported:', supportsStarttls);
if (supportsStarttls) {
// Test STARTTLS upgrade
socket.write('STARTTLS\r\n');
const starttlsResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(starttlsResponse).toInclude('220');
console.log('STARTTLS ready response received');
// Would upgrade to TLS here in a real implementation
// For testing, we just verify the capability
}
// Clean up
socket.write('QUIT\r\n');
socket.end();
// STARTTLS is optional but common
expect(true).toEqual(true);
} finally {
done.resolve();
}
});
tap.test('TLS Versions - should support modern TLS versions via STARTTLS', async (tools) => {
const done = tools.defer();
try {
// Test TLS 1.2 via STARTTLS
console.log('Testing TLS 1.2 support via STARTTLS...');
const tls12Result = await testTlsVersionViaStartTls('TLSv1.2', TEST_PORT);
console.log('TLS 1.2 result:', tls12Result);
// Test TLS 1.3 via STARTTLS
console.log('Testing TLS 1.3 support via STARTTLS...');
const tls13Result = await testTlsVersionViaStartTls('TLSv1.3', TEST_PORT);
console.log('TLS 1.3 result:', tls13Result);
// At least one modern version should be supported
const supportsModernTls = tls12Result.success || tls13Result.success;
expect(supportsModernTls).toEqual(true);
if (tls12Result.success) {
console.log('TLS 1.2 supported with cipher:', tls12Result.cipher);
}
if (tls13Result.success) {
console.log('TLS 1.3 supported with cipher:', tls13Result.cipher);
}
} finally {
done.resolve();
}
});
tap.test('TLS Versions - should reject obsolete TLS versions via STARTTLS', async (tools) => {
const done = tools.defer();
try {
// Test TLS 1.0 (should be rejected by modern servers)
console.log('Testing TLS 1.0 (obsolete) via STARTTLS...');
const tls10Result = await testTlsVersionViaStartTls('TLSv1', TEST_PORT);
// Test TLS 1.1 (should be rejected by modern servers)
console.log('Testing TLS 1.1 (obsolete) via STARTTLS...');
const tls11Result = await testTlsVersionViaStartTls('TLSv1.1', TEST_PORT);
// Modern servers should reject these old versions
// But some might still support them for compatibility
console.log(`TLS 1.0 ${tls10Result.success ? 'accepted (legacy support)' : 'rejected (good)'}`);
console.log(`TLS 1.1 ${tls11Result.success ? 'accepted (legacy support)' : 'rejected (good)'}`);
// Either behavior is acceptable - log the results
expect(true).toEqual(true);
} finally {
done.resolve();
}
});
tap.test('TLS Versions - should provide cipher information via STARTTLS', async (tools) => {
const done = tools.defer();
try {
// Connect to plain SMTP port
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
console.log('Server does not support STARTTLS - skipping cipher info test');
socket.write('QUIT\r\n');
socket.end();
done.resolve();
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Upgrade to TLS
const tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
});
await new Promise<void>((resolve, reject) => {
tlsSocket.once('secureConnect', () => resolve());
tlsSocket.once('error', reject);
});
// Get connection details
const cipher = tlsSocket.getCipher();
const protocol = tlsSocket.getProtocol();
const authorized = tlsSocket.authorized;
console.log('TLS connection established via STARTTLS:');
console.log('- Protocol:', protocol);
console.log('- Cipher:', cipher?.name);
console.log('- Key exchange:', cipher?.standardName);
console.log('- Authorized:', authorized);
if (protocol) {
expect(typeof protocol).toEqual('string');
}
if (cipher) {
expect(cipher.name).toBeDefined();
}
// Clean up
tlsSocket.write('QUIT\r\n');
tlsSocket.end();
} finally {
done.resolve();
}
});
// Helper function to test specific TLS version via STARTTLS
async function testTlsVersionViaStartTls(version: string, port: number): Promise<{success: boolean, cipher?: any, error?: string}> {
return new Promise(async (resolve) => {
try {
// Connect to plain SMTP port
const socket = net.createConnection({
host: 'localhost',
port: port,
timeout: 5000
});
await new Promise<void>((socketResolve, socketReject) => {
socket.once('connect', () => socketResolve());
socket.once('error', socketReject);
});
// Get banner
await new Promise<string>((bannerResolve) => {
socket.once('data', (chunk) => bannerResolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((ehloResolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
ehloResolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
socket.destroy();
resolve({
success: false,
error: 'STARTTLS not supported'
});
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
await new Promise<string>((starttlsResolve) => {
socket.once('data', (chunk) => starttlsResolve(chunk.toString()));
});
// Set up TLS options with version constraints
const tlsOptions: any = {
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
};
// Set version constraints based on requested version
switch (version) {
case 'TLSv1':
tlsOptions.minVersion = 'TLSv1';
tlsOptions.maxVersion = 'TLSv1';
break;
case 'TLSv1.1':
tlsOptions.minVersion = 'TLSv1.1';
tlsOptions.maxVersion = 'TLSv1.1';
break;
case 'TLSv1.2':
tlsOptions.minVersion = 'TLSv1.2';
tlsOptions.maxVersion = 'TLSv1.2';
break;
case 'TLSv1.3':
tlsOptions.minVersion = 'TLSv1.3';
tlsOptions.maxVersion = 'TLSv1.3';
break;
}
// Upgrade to TLS
const tlsSocket = tls.connect(tlsOptions);
tlsSocket.once('secureConnect', () => {
const cipher = tlsSocket.getCipher();
const protocol = tlsSocket.getProtocol();
tlsSocket.destroy();
resolve({
success: true,
cipher: {
name: cipher?.name,
standardName: cipher?.standardName,
protocol: protocol
}
});
});
tlsSocket.once('error', (error) => {
resolve({
success: false,
error: error.message
});
});
setTimeout(() => {
tlsSocket.destroy();
resolve({
success: false,
error: 'TLS handshake timeout'
});
}, 5000);
} catch (error) {
resolve({
success: false,
error: error instanceof Error ? error.message : 'Unknown error'
});
}
});
}
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

556
test/suite/smtpserver_connection/test.cm-09.tls-ciphers.ts
View File

@@ -1,556 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as tls from 'tls';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer: ITestServer;
const TEST_TIMEOUT = 30000;
tap.test('TLS Ciphers - should advertise STARTTLS for cipher negotiation', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT, tlsEnabled: true });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS support
const supportsStarttls = ehloResponse.includes('250-STARTTLS') || ehloResponse.includes('250 STARTTLS');
console.log('STARTTLS supported:', supportsStarttls);
if (supportsStarttls) {
console.log('Server supports STARTTLS - cipher negotiation available');
} else {
console.log('Server does not advertise STARTTLS - direct TLS connections may be required');
}
// Clean up
socket.write('QUIT\r\n');
socket.end();
// Either behavior is acceptable
expect(true).toEqual(true);
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('TLS Ciphers - should negotiate secure cipher suites via STARTTLS', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT, tlsEnabled: true });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
console.log('Server does not support STARTTLS - skipping cipher test');
socket.write('QUIT\r\n');
socket.end();
done.resolve();
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
const starttlsResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(starttlsResponse).toInclude('220');
// Upgrade to TLS
const tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
});
await new Promise<void>((resolve, reject) => {
tlsSocket.once('secureConnect', () => resolve());
tlsSocket.once('error', reject);
});
// Get cipher information
const cipher = tlsSocket.getCipher();
console.log('Negotiated cipher suite:');
console.log('- Name:', cipher.name);
console.log('- Standard name:', cipher.standardName);
console.log('- Version:', cipher.version);
// Check cipher security
const cipherSecurity = checkCipherSecurity(cipher);
console.log('Cipher security analysis:', cipherSecurity);
expect(cipher.name).toBeDefined();
expect(cipherSecurity.secure).toEqual(true);
// Clean up
tlsSocket.write('QUIT\r\n');
tlsSocket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('TLS Ciphers - should reject weak cipher suites', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT, tlsEnabled: true });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
console.log('Server does not support STARTTLS - skipping weak cipher test');
socket.write('QUIT\r\n');
socket.end();
done.resolve();
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Try to connect with weak ciphers only
const weakCiphers = [
'DES-CBC3-SHA',
'RC4-MD5',
'RC4-SHA',
'NULL-SHA',
'EXPORT-DES40-CBC-SHA'
];
console.log('Testing connection with weak ciphers only...');
const connectionResult = await new Promise<{success: boolean, error?: string}>((resolve) => {
const tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false,
ciphers: weakCiphers.join(':')
});
tlsSocket.once('secureConnect', () => {
// If connection succeeds, server accepts weak ciphers
const cipher = tlsSocket.getCipher();
tlsSocket.destroy();
resolve({
success: true,
error: `Server accepted weak cipher: ${cipher.name}`
});
});
tlsSocket.once('error', (err) => {
// Connection failed - good, server rejects weak ciphers
resolve({
success: false,
error: err.message
});
});
setTimeout(() => {
tlsSocket.destroy();
resolve({
success: false,
error: 'Connection timeout'
});
}, 5000);
});
if (!connectionResult.success) {
console.log('Good: Server rejected weak ciphers');
} else {
console.log('Warning:', connectionResult.error);
}
// Either behavior is logged - some servers may support legacy ciphers
expect(true).toEqual(true);
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('TLS Ciphers - should support forward secrecy', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT, tlsEnabled: true });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
console.log('Server does not support STARTTLS - skipping forward secrecy test');
socket.write('QUIT\r\n');
socket.end();
done.resolve();
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Prefer ciphers with forward secrecy (ECDHE, DHE)
const forwardSecrecyCiphers = [
'ECDHE-RSA-AES128-GCM-SHA256',
'ECDHE-RSA-AES256-GCM-SHA384',
'ECDHE-ECDSA-AES128-GCM-SHA256',
'ECDHE-ECDSA-AES256-GCM-SHA384',
'DHE-RSA-AES128-GCM-SHA256',
'DHE-RSA-AES256-GCM-SHA384'
];
const tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false,
ciphers: forwardSecrecyCiphers.join(':')
});
await new Promise<void>((resolve, reject) => {
tlsSocket.once('secureConnect', () => resolve());
tlsSocket.once('error', reject);
setTimeout(() => reject(new Error('TLS connection timeout')), 5000);
});
const cipher = tlsSocket.getCipher();
console.log('Forward secrecy cipher negotiated:', cipher.name);
// Check if cipher provides forward secrecy
const hasForwardSecrecy = cipher.name.includes('ECDHE') || cipher.name.includes('DHE');
console.log('Forward secrecy:', hasForwardSecrecy ? 'YES' : 'NO');
if (hasForwardSecrecy) {
console.log('Good: Server supports forward secrecy');
} else {
console.log('Warning: Negotiated cipher does not provide forward secrecy');
}
// Clean up
tlsSocket.write('QUIT\r\n');
tlsSocket.end();
// Forward secrecy is recommended but not required
expect(true).toEqual(true);
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('TLS Ciphers - should list all supported ciphers', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT, tlsEnabled: true });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
// Get list of ciphers supported by Node.js
const supportedCiphers = tls.getCiphers();
console.log(`Node.js supports ${supportedCiphers.length} cipher suites`);
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Check for STARTTLS
if (!ehloResponse.includes('STARTTLS')) {
console.log('Server does not support STARTTLS - skipping cipher list test');
socket.write('QUIT\r\n');
socket.end();
done.resolve();
return;
}
// Send STARTTLS
socket.write('STARTTLS\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Test connection with default ciphers
const tlsSocket = tls.connect({
socket: socket,
servername: 'localhost',
rejectUnauthorized: false
});
await new Promise<void>((resolve, reject) => {
tlsSocket.once('secureConnect', () => resolve());
tlsSocket.once('error', reject);
setTimeout(() => reject(new Error('TLS connection timeout')), 5000);
});
const negotiatedCipher = tlsSocket.getCipher();
console.log('\nServer selected cipher:', negotiatedCipher.name);
// Categorize the cipher
const categories = {
'AEAD': negotiatedCipher.name.includes('GCM') || negotiatedCipher.name.includes('CCM') || negotiatedCipher.name.includes('POLY1305'),
'Forward Secrecy': negotiatedCipher.name.includes('ECDHE') || negotiatedCipher.name.includes('DHE'),
'Strong Encryption': negotiatedCipher.name.includes('AES') && (negotiatedCipher.name.includes('128') || negotiatedCipher.name.includes('256'))
};
console.log('Cipher properties:');
Object.entries(categories).forEach(([property, value]) => {
console.log(`- ${property}: ${value ? 'YES' : 'NO'}`);
});
// Clean up
tlsSocket.end();
expect(negotiatedCipher.name).toBeDefined();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
// Helper function to check cipher security
function checkCipherSecurity(cipher: any): {secure: boolean, reason?: string, recommendations?: string[]} {
if (!cipher || !cipher.name) {
return {
secure: false,
reason: 'No cipher information available'
};
}
const cipherName = cipher.name.toUpperCase();
const recommendations: string[] = [];
// Check for insecure ciphers
const insecureCiphers = ['NULL', 'EXPORT', 'DES', '3DES', 'RC4', 'MD5'];
for (const insecure of insecureCiphers) {
if (cipherName.includes(insecure)) {
return {
secure: false,
reason: `Insecure cipher detected: ${insecure} in ${cipherName}`,
recommendations: ['Use AEAD ciphers like AES-GCM or ChaCha20-Poly1305']
};
}
}
// Check for recommended secure ciphers
const secureCiphers = [
'AES128-GCM', 'AES256-GCM', 'CHACHA20-POLY1305',
'AES128-CCM', 'AES256-CCM'
];
const hasSecureCipher = secureCiphers.some(secure =>
cipherName.includes(secure.replace('-', '_')) || cipherName.includes(secure)
);
if (hasSecureCipher) {
return {
secure: true,
recommendations: ['Cipher suite is considered secure']
};
}
// Check for acceptable but not ideal ciphers
if (cipherName.includes('AES') && !cipherName.includes('CBC')) {
return {
secure: true,
recommendations: ['Consider upgrading to AEAD ciphers for better security']
};
}
// Check for weak but sometimes acceptable ciphers
if (cipherName.includes('AES') && cipherName.includes('CBC')) {
recommendations.push('CBC mode ciphers are vulnerable to padding oracle attacks');
recommendations.push('Consider upgrading to GCM or other AEAD modes');
return {
secure: true, // Still acceptable but not ideal
recommendations: recommendations
};
}
// Default to secure if it's a modern cipher we don't recognize
return {
secure: true,
recommendations: [`Unknown cipher ${cipherName} - verify security manually`]
};
}
export default tap.start();

293
test/suite/smtpserver_connection/test.cm-10.plain-connection.ts
View File

@@ -1,293 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer: ITestServer;
const TEST_TIMEOUT = 30000;
tap.test('Plain Connection - should establish basic TCP connection', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
const connected = await new Promise<boolean>((resolve) => {
socket.once('connect', () => resolve(true));
socket.once('error', () => resolve(false));
setTimeout(() => resolve(false), 5000);
});
expect(connected).toEqual(true);
if (connected) {
console.log('Plain connection established:');
console.log('- Local:', `${socket.localAddress}:${socket.localPort}`);
console.log('- Remote:', `${socket.remoteAddress}:${socket.remotePort}`);
// Close connection
socket.destroy();
}
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Plain Connection - should receive SMTP banner on plain connection', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Received banner:', banner.trim());
expect(banner).toInclude('220');
expect(banner).toInclude('ESMTP');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Plain Connection - should complete full SMTP transaction on plain connection', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
expect(ehloResponse).toInclude('250');
console.log('EHLO successful on plain connection');
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Send email content
const emailContent =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Plain Connection Test\r\n' +
'\r\n' +
'This email was sent over a plain connection.\r\n' +
'.\r\n';
socket.write(emailContent);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(finalResponse).toInclude('250');
console.log('Email sent successfully over plain connection');
// Clean up
socket.write('QUIT\r\n');
const quitResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(quitResponse).toInclude('221');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Plain Connection - should handle multiple plain connections', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const connectionCount = 3;
const connections: net.Socket[] = [];
// Create multiple connections
for (let i = 0; i < connectionCount; i++) {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => {
connections.push(socket);
resolve();
});
socket.once('error', reject);
});
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
console.log(`Connection ${i + 1} established`);
}
expect(connections.length).toEqual(connectionCount);
console.log(`All ${connectionCount} plain connections established successfully`);
// Clean up all connections
for (const socket of connections) {
socket.write('QUIT\r\n');
socket.end();
}
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Plain Connection - should work on standard SMTP port 25', async (tools) => {
const done = tools.defer();
// Test port 25 (standard SMTP port)
const SMTP_PORT = 25;
// Note: Port 25 might require special permissions or might be blocked
// We'll test the connection but handle failures gracefully
const socket = net.createConnection({
host: 'localhost',
port: SMTP_PORT,
timeout: 5000
});
const result = await new Promise<{connected: boolean, error?: string}>((resolve) => {
socket.once('connect', () => {
socket.destroy();
resolve({ connected: true });
});
socket.once('error', (err) => {
resolve({
connected: false,
error: err.message
});
});
setTimeout(() => {
socket.destroy();
resolve({
connected: false,
error: 'Connection timeout'
});
}, 5000);
});
if (result.connected) {
console.log('Successfully connected to port 25 (standard SMTP)');
} else {
console.log(`Could not connect to port 25: ${result.error}`);
console.log('This is expected if port 25 is blocked or requires privileges');
}
// Test passes regardless - port 25 connectivity is environment-dependent
expect(true).toEqual(true);
done.resolve();
});
export default tap.start();

382
test/suite/smtpserver_connection/test.cm-11.keepalive.ts
View File

@@ -1,382 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
let testServer: ITestServer;
const TEST_TIMEOUT = 60000; // Longer timeout for keepalive tests
tap.test('Keepalive - should maintain TCP keepalive', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Enable TCP keepalive
const keepAliveDelay = 1000; // 1 second
socket.setKeepAlive(true, keepAliveDelay);
console.log(`TCP keepalive enabled with ${keepAliveDelay}ms delay`);
// Get banner
const banner = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(banner).toInclude('220');
// Send EHLO
socket.write('EHLO testhost\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
expect(ehloResponse).toInclude('250');
// Wait for keepalive duration + buffer
console.log('Waiting for keepalive period...');
await new Promise(resolve => setTimeout(resolve, keepAliveDelay + 500));
// Verify connection is still alive by sending NOOP
socket.write('NOOP\r\n');
const noopResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(noopResponse).toInclude('250');
console.log('Connection maintained after keepalive period');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Keepalive - should maintain idle connection for extended period', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Enable keepalive
socket.setKeepAlive(true, 1000);
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Test multiple keepalive periods
const periods = 3;
const periodDuration = 1000; // 1 second each
for (let i = 0; i < periods; i++) {
console.log(`Keepalive period ${i + 1}/${periods}...`);
await new Promise(resolve => setTimeout(resolve, periodDuration));
// Send NOOP to verify connection
socket.write('NOOP\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(response).toInclude('250');
console.log(`Connection alive after ${(i + 1) * periodDuration}ms`);
}
console.log(`Connection maintained for ${periods * periodDuration}ms total`);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Keepalive - should detect connection loss', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Enable keepalive with short interval
socket.setKeepAlive(true, 1000);
// Track connection state
let connectionLost = false;
socket.on('close', () => {
connectionLost = true;
console.log('Connection closed');
});
socket.on('error', (err) => {
connectionLost = true;
console.log('Connection error:', err.message);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
console.log('Connection established, now simulating server shutdown...');
// Shutdown server to simulate connection loss
await stopTestServer(testServer);
// Wait for keepalive to detect connection loss
await new Promise(resolve => setTimeout(resolve, 3000));
// Connection should be detected as lost
expect(connectionLost).toEqual(true);
console.log('Keepalive detected connection loss');
} finally {
// Server already shutdown, just resolve
done.resolve();
}
});
tap.test('Keepalive - should handle long-running SMTP session', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Enable keepalive
socket.setKeepAlive(true, 2000);
const sessionStart = Date.now();
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Simulate a long-running session with periodic activity
const activities = [
{ command: 'MAIL FROM:<sender1@example.com>', delay: 500 },
{ command: 'RSET', delay: 500 },
{ command: 'MAIL FROM:<sender2@example.com>', delay: 500 },
{ command: 'RSET', delay: 500 }
];
for (const activity of activities) {
await new Promise(resolve => setTimeout(resolve, activity.delay));
console.log(`Sending: ${activity.command}`);
socket.write(`${activity.command}\r\n`);
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(response).toInclude('250');
}
const sessionDuration = Date.now() - sessionStart;
console.log(`Long-running session maintained for ${sessionDuration}ms`);
// Clean up
socket.write('QUIT\r\n');
const quitResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(quitResponse).toInclude('221');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Keepalive - should handle NOOP as keepalive mechanism', async (tools) => {
const done = tools.defer();
// Start test server
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Use NOOP as application-level keepalive
const noopInterval = 1000; // 1 second
const noopCount = 3;
console.log(`Sending ${noopCount} NOOP commands as keepalive...`);
for (let i = 0; i < noopCount; i++) {
await new Promise(resolve => setTimeout(resolve, noopInterval));
socket.write('NOOP\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(response).toInclude('250');
console.log(`NOOP ${i + 1}/${noopCount} successful`);
}
console.log('Application-level keepalive successful');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
export default tap.start();

239
test/suite/smtpserver_edge-cases/test.edge-01.very-large-email.ts
View File

@@ -1,239 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
import { connectToSmtp, waitForGreeting, sendSmtpCommand, closeSmtpConnection, generateRandomEmail } from '../../helpers/utils.js';
let testServer: ITestServer;
tap.test('setup - start SMTP server with large size limit', async () => {
testServer = await startTestServer({
port: 2532,
hostname: 'localhost',
size: 100 * 1024 * 1024 // 100MB limit for testing
});
expect(testServer).toBeInstanceOf(Object);
});
tap.test('EDGE-01: Very Large Email - test size limits and handling', async () => {
const testCases = [
{ size: 1 * 1024 * 1024, label: '1MB', shouldPass: true },
{ size: 10 * 1024 * 1024, label: '10MB', shouldPass: true },
{ size: 50 * 1024 * 1024, label: '50MB', shouldPass: true },
{ size: 101 * 1024 * 1024, label: '101MB', shouldPass: false } // Over limit
];
for (const testCase of testCases) {
console.log(`\n📧 Testing ${testCase.label} email...`);
const socket = await connectToSmtp(testServer.hostname, testServer.port);
try {
await waitForGreeting(socket);
await sendSmtpCommand(socket, 'EHLO test.example.com', '250');
// Check SIZE extension
await sendSmtpCommand(socket, `MAIL FROM:<large@example.com> SIZE=${testCase.size}`,
testCase.shouldPass ? '250' : '552');
if (testCase.shouldPass) {
// Continue with transaction
await sendSmtpCommand(socket, 'RCPT TO:<recipient@example.com>', '250');
await sendSmtpCommand(socket, 'DATA', '354');
// Send large content in chunks
const chunkSize = 65536; // 64KB chunks
const totalChunks = Math.ceil(testCase.size / chunkSize);
console.log(` Sending ${totalChunks} chunks...`);
// Headers
socket.write('From: large@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write(`Subject: ${testCase.label} Test Email\r\n`);
socket.write('Content-Type: text/plain\r\n');
socket.write('\r\n');
// Body in chunks
let bytesSent = 100; // Approximate header size
const startTime = Date.now();
for (let i = 0; i < totalChunks; i++) {
const chunk = generateRandomEmail(Math.min(chunkSize, testCase.size - bytesSent));
socket.write(chunk);
bytesSent += chunk.length;
// Progress indicator every 10%
if (i % Math.floor(totalChunks / 10) === 0) {
const progress = (i / totalChunks * 100).toFixed(0);
console.log(` Progress: ${progress}%`);
}
// Small delay to avoid overwhelming
if (i % 100 === 0) {
await new Promise(resolve => setTimeout(resolve, 10));
}
}
// End of data
socket.write('\r\n.\r\n');
// Wait for response with longer timeout for large emails
const response = await new Promise<string>((resolve, reject) => {
let buffer = '';
const timeout = setTimeout(() => reject(new Error('Timeout')), 60000);
const onData = (data: Buffer) => {
buffer += data.toString();
if (buffer.includes('250') || buffer.includes('5')) {
clearTimeout(timeout);
socket.removeListener('data', onData);
resolve(buffer);
}
};
socket.on('data', onData);
});
const duration = Date.now() - startTime;
const throughputMBps = (testCase.size / 1024 / 1024) / (duration / 1000);
expect(response).toInclude('250');
console.log(`${testCase.label} email accepted in ${duration}ms`);
console.log(` Throughput: ${throughputMBps.toFixed(2)} MB/s`);
} else {
console.log(`${testCase.label} email properly rejected (over size limit)`);
}
} catch (error) {
if (!testCase.shouldPass && error.message.includes('552')) {
console.log(`${testCase.label} email properly rejected: ${error.message}`);
} else {
throw error;
}
} finally {
await closeSmtpConnection(socket).catch(() => {});
}
}
});
tap.test('EDGE-01: Email size enforcement - SIZE parameter', async () => {
const socket = await connectToSmtp(testServer.hostname, testServer.port);
try {
await waitForGreeting(socket);
const ehloResponse = await sendSmtpCommand(socket, 'EHLO test.example.com', '250');
// Extract SIZE limit from capabilities
const sizeMatch = ehloResponse.match(/250[- ]SIZE (\d+)/);
const sizeLimit = sizeMatch ? parseInt(sizeMatch[1]) : 0;
console.log(`📏 Server advertises SIZE limit: ${sizeLimit} bytes`);
expect(sizeLimit).toBeGreaterThan(0);
// Test SIZE parameter enforcement
const testSizes = [
{ size: 1000, shouldPass: true },
{ size: sizeLimit - 1000, shouldPass: true },
{ size: sizeLimit + 1000, shouldPass: false }
];
for (const test of testSizes) {
try {
const response = await sendSmtpCommand(
socket,
`MAIL FROM:<test@example.com> SIZE=${test.size}`
);
if (test.shouldPass) {
expect(response).toInclude('250');
console.log(` ✅ SIZE=${test.size} accepted`);
await sendSmtpCommand(socket, 'RSET', '250');
} else {
expect(response).toInclude('552');
console.log(` ✅ SIZE=${test.size} rejected`);
}
} catch (error) {
if (!test.shouldPass) {
console.log(` ✅ SIZE=${test.size} rejected: ${error.message}`);
} else {
throw error;
}
}
}
} finally {
await closeSmtpConnection(socket);
}
});
tap.test('EDGE-01: Memory efficiency with large emails', async () => {
// Get initial memory usage
const initialMemory = process.memoryUsage();
console.log('📊 Initial memory usage:', {
heapUsed: `${(initialMemory.heapUsed / 1024 / 1024).toFixed(2)} MB`,
rss: `${(initialMemory.rss / 1024 / 1024).toFixed(2)} MB`
});
// Send a moderately large email
const socket = await connectToSmtp(testServer.hostname, testServer.port);
try {
await waitForGreeting(socket);
await sendSmtpCommand(socket, 'EHLO test.example.com', '250');
await sendSmtpCommand(socket, 'MAIL FROM:<memory@test.com>', '250');
await sendSmtpCommand(socket, 'RCPT TO:<recipient@example.com>', '250');
await sendSmtpCommand(socket, 'DATA', '354');
// Send 20MB email
const size = 20 * 1024 * 1024;
const chunkSize = 1024 * 1024; // 1MB chunks
socket.write('From: memory@test.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('Subject: Memory Test\r\n\r\n');
for (let i = 0; i < size / chunkSize; i++) {
socket.write(generateRandomEmail(chunkSize));
// Force garbage collection if available
if (global.gc) {
global.gc();
}
}
socket.write('\r\n.\r\n');
// Wait for response
await new Promise<void>((resolve) => {
const onData = (data: Buffer) => {
if (data.toString().includes('250')) {
socket.removeListener('data', onData);
resolve();
}
};
socket.on('data', onData);
});
// Check memory after processing
const finalMemory = process.memoryUsage();
const memoryIncrease = (finalMemory.heapUsed - initialMemory.heapUsed) / 1024 / 1024;
console.log('📊 Final memory usage:', {
heapUsed: `${(finalMemory.heapUsed / 1024 / 1024).toFixed(2)} MB`,
rss: `${(finalMemory.rss / 1024 / 1024).toFixed(2)} MB`,
increase: `${memoryIncrease.toFixed(2)} MB`
});
// Memory increase should be reasonable (not storing entire email in memory)
expect(memoryIncrease).toBeLessThan(50); // Less than 50MB increase for 20MB email
console.log('✅ Memory efficiency test passed');
} finally {
await closeSmtpConnection(socket);
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
console.log('✅ Test server stopped');
});
export default tap.start();

389
test/suite/smtpserver_edge-cases/test.edge-02.very-small-email.ts
View File

@@ -1,389 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 30034;
const TEST_TIMEOUT = 30000;
tap.test('Very Small Email - should handle minimal email with single character body', async (tools) => {
const done = tools.defer();
// Start test server
const testServer = await startTestServer({ port: TEST_PORT });
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Send minimal email - just required headers and single character body
const minimalEmail = 'From: sender@example.com\r\nTo: recipient@example.com\r\nSubject: \r\n\r\nX\r\n.\r\n';
socket.write(minimalEmail);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(finalResponse).toInclude('250');
console.log(`Minimal email (${minimalEmail.length} bytes) processed successfully`);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Very Small Email - should handle email with empty body', async (tools) => {
const done = tools.defer();
// Start test server
const testServer = await startTestServer({ port: TEST_PORT });
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Complete envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send email with empty body
const emptyBodyEmail = 'From: sender@example.com\r\nTo: recipient@example.com\r\n\r\n.\r\n';
socket.write(emptyBodyEmail);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(finalResponse).toInclude('250');
console.log('Email with empty body processed successfully');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Very Small Email - should handle email with minimal headers only', async (tools) => {
const done = tools.defer();
// Start test server
const testServer = await startTestServer({ port: TEST_PORT });
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner and send EHLO
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Complete envelope - use valid email addresses
socket.write('MAIL FROM:<a@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<b@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send absolutely minimal valid email
const minimalHeaders = 'From: a@example.com\r\n\r\n.\r\n';
socket.write(minimalHeaders);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(finalResponse).toInclude('250');
console.log(`Ultra-minimal email (${minimalHeaders.length} bytes) processed`);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Very Small Email - should handle single dot line correctly', async (tools) => {
const done = tools.defer();
// Start test server
const testServer = await startTestServer({ port: TEST_PORT });
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Complete envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Test edge case: just the terminating dot
socket.write('.\r\n');
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Server should accept this as an email with no headers or body
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
console.log('Single dot terminator handled:', finalResponse.trim());
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
tap.test('Very Small Email - should handle email with empty subject', async (tools) => {
const done = tools.defer();
// Start test server
const testServer = await startTestServer({ port: TEST_PORT });
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Complete envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send email with empty subject line
const emptySubjectEmail =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: \r\n' +
'Date: ' + new Date().toUTCString() + '\r\n' +
'\r\n' +
'Email with empty subject.\r\n' +
'.\r\n';
socket.write(emptySubjectEmail);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(finalResponse).toInclude('250');
console.log('Email with empty subject processed successfully');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
await stopTestServer(testServer);
done.resolve();
}
});
export default tap.start();

479
test/suite/smtpserver_edge-cases/test.edge-03.invalid-character-handling.ts
View File

@@ -1,479 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
import type { ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 30035;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server for invalid character tests', async () => {
testServer = await startTestServer({
port: TEST_PORT,
hostname: 'localhost'
});
expect(testServer).toBeDefined();
});
tap.test('Invalid Character Handling - should handle control characters in email', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Test with control characters
const controlChars = [
'\x00', // NULL
'\x01', // SOH
'\x02', // STX
'\x03', // ETX
'\x7F' // DEL
];
const emailWithControlChars =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
`Subject: Control Character Test ${controlChars.join('')}\r\n` +
'\r\n' +
`This email contains control characters: ${controlChars.join('')}\r\n` +
'Null byte: \x00\r\n' +
'Delete char: \x7F\r\n' +
'.\r\n';
socket.write(emailWithControlChars);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to control characters:', finalResponse);
// Server might accept or reject based on security settings
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('550') || finalResponse.includes('554');
expect(accepted || rejected).toEqual(true);
if (rejected) {
console.log('Server rejected control characters (strict security)');
} else {
console.log('Server accepted control characters (may sanitize internally)');
}
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Invalid Character Handling - should handle high-byte characters', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Test with high-byte characters
const highByteChars = [
'\xFF', // 255
'\xFE', // 254
'\xFD', // 253
'\xFC', // 252
'\xFB' // 251
];
const emailWithHighBytes =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: High-byte Character Test\r\n' +
'\r\n' +
`High-byte characters: ${highByteChars.join('')}\r\n` +
'Extended ASCII: \xE0\xE1\xE2\xE3\xE4\r\n' +
'.\r\n';
socket.write(emailWithHighBytes);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to high-byte characters:', finalResponse);
// Both acceptance and rejection are valid
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Invalid Character Handling - should handle Unicode special characters', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Test with Unicode special characters
const unicodeSpecials = [
'\u2000', // EN QUAD
'\u2028', // LINE SEPARATOR
'\u2029', // PARAGRAPH SEPARATOR
'\uFEFF', // ZERO WIDTH NO-BREAK SPACE (BOM)
'\u200B', // ZERO WIDTH SPACE
'\u200C', // ZERO WIDTH NON-JOINER
'\u200D' // ZERO WIDTH JOINER
];
const emailWithUnicode =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Unicode Special Characters Test\r\n' +
'Content-Type: text/plain; charset=utf-8\r\n' +
'\r\n' +
`Unicode specials: ${unicodeSpecials.join('')}\r\n` +
'Line separator: \u2028\r\n' +
'Paragraph separator: \u2029\r\n' +
'Zero-width space: word\u200Bword\r\n' +
'.\r\n';
socket.write(emailWithUnicode);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to Unicode special characters:', finalResponse);
// Most servers should accept Unicode with proper charset declaration
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Invalid Character Handling - should handle bare LF and CR', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Test with bare LF and CR (not allowed in SMTP)
const emailWithBareLfCr =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Bare LF and CR Test\r\n' +
'\r\n' +
'Line with bare LF:\nThis should not be allowed\r\n' +
'Line with bare CR:\rThis should also not be allowed\r\n' +
'Correct line ending\r\n' +
'.\r\n';
socket.write(emailWithBareLfCr);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to bare LF/CR:', finalResponse);
// Servers may accept and fix, or reject
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('550') || finalResponse.includes('554');
if (accepted) {
console.log('Server accepted bare LF/CR (may convert to CRLF)');
} else if (rejected) {
console.log('Server rejected bare LF/CR (strict SMTP compliance)');
}
expect(accepted || rejected).toEqual(true);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Invalid Character Handling - should handle long lines without proper folding', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Create a line that exceeds RFC 5322 limit (998 characters)
const longLine = 'X'.repeat(1500);
const emailWithLongLine =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Long Line Test\r\n' +
'\r\n' +
'Normal line\r\n' +
longLine + '\r\n' +
'Another normal line\r\n' +
'.\r\n';
socket.write(emailWithLongLine);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to long line:', finalResponse);
console.log(`Line length: ${longLine.length} characters`);
// Server should handle this (accept, wrap, or reject)
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

430
test/suite/smtpserver_edge-cases/test.edge-04.empty-commands.ts
View File

@@ -1,430 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 30036;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server for empty command tests', async () => {
testServer = await startTestServer({
port: TEST_PORT,
hostname: 'localhost'
});
expect(testServer).toBeDefined();
});
tap.test('Empty Commands - should reject empty line (just CRLF)', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO first
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send empty line (just CRLF)
socket.write('\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
setTimeout(() => resolve('TIMEOUT'), 2000);
});
console.log('Response to empty line:', response);
// Should get syntax error (500, 501, or 502)
if (response !== 'TIMEOUT') {
expect(response).toMatch(/^5\d{2}/);
} else {
// Server might ignore empty lines
console.log('Server ignored empty line');
expect(true).toEqual(true);
}
// Test server is still responsive
socket.write('NOOP\r\n');
const noopResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(noopResponse).toInclude('250');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Empty Commands - should reject commands with only whitespace', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner and send EHLO
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Test various whitespace-only commands
const whitespaceCommands = [
' \r\n', // Spaces only
'\t\r\n', // Tab only
' \t \r\n', // Mixed whitespace
' \r\n' // Multiple spaces
];
for (const cmd of whitespaceCommands) {
socket.write(cmd);
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
setTimeout(() => resolve('TIMEOUT'), 2000);
});
console.log(`Response to whitespace "${cmd.trim()}"\\r\\n:`, response);
if (response !== 'TIMEOUT') {
// Should get syntax error
expect(response).toMatch(/^5\d{2}/);
}
}
// Verify server still works
socket.write('NOOP\r\n');
const noopResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(noopResponse).toInclude('250');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Empty Commands - should reject MAIL FROM with empty parameter', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM with empty parameter
socket.write('MAIL FROM:\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to empty MAIL FROM:', response);
// Should get syntax error (501 or 550)
expect(response).toMatch(/^5\d{2}/);
expect(response).toMatch(/syntax|parameter|address/i);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Empty Commands - should reject RCPT TO with empty parameter', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send valid MAIL FROM first
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send RCPT TO with empty parameter
socket.write('RCPT TO:\r\n');
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to empty RCPT TO:', response);
// Should get syntax error
expect(response).toMatch(/^5\d{2}/);
expect(response).toMatch(/syntax|parameter|address/i);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Empty Commands - should reject EHLO/HELO without hostname', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO without hostname
socket.write('EHLO\r\n');
const ehloResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to EHLO without hostname:', ehloResponse);
// Should get syntax error
expect(ehloResponse).toMatch(/^5\d{2}/);
// Try HELO without hostname
socket.write('HELO\r\n');
const heloResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to HELO without hostname:', heloResponse);
// Should get syntax error
expect(heloResponse).toMatch(/^5\d{2}/);
// Send valid EHLO to establish session
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Empty Commands - server should remain stable after empty commands', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send multiple empty/invalid commands
const invalidCommands = [
'\r\n',
' \r\n',
'MAIL FROM:\r\n',
'RCPT TO:\r\n',
'EHLO\r\n',
'\t\r\n'
];
for (const cmd of invalidCommands) {
socket.write(cmd);
// Read response but don't fail if error
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
setTimeout(() => resolve('TIMEOUT'), 1000);
});
}
// Now test that server is still functional
socket.write('MAIL FROM:<test@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
console.log('Server remained stable after multiple empty commands');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

425
test/suite/smtpserver_edge-cases/test.edge-05.extremely-long-lines.ts
View File

@@ -1,425 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.js';
import type { ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 30037;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start SMTP server for extremely long lines tests', async () => {
testServer = await startTestServer({
port: TEST_PORT,
hostname: 'localhost'
});
expect(testServer).toBeDefined();
});
tap.test('Extremely Long Lines - should handle lines exceeding RFC 5321 limit', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Create line exceeding RFC 5321 limit (1000 chars including CRLF)
const longLine = 'X'.repeat(2000); // 2000 character line
const emailWithLongLine =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Long Line Test\r\n' +
'\r\n' +
'This email contains an extremely long line:\r\n' +
longLine + '\r\n' +
'End of test.\r\n' +
'.\r\n';
socket.write(emailWithLongLine);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log(`Response to ${longLine.length} character line:`, finalResponse);
// Server should handle gracefully (accept, wrap, or reject)
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('552') || finalResponse.includes('500') || finalResponse.includes('554');
expect(accepted || rejected).toEqual(true);
if (accepted) {
console.log('Server accepted long line (may wrap internally)');
} else {
console.log('Server rejected long line');
}
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Lines - should handle extremely long subject header', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Create extremely long subject (3000 characters)
const longSubject = 'A'.repeat(3000);
const emailWithLongSubject =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
`Subject: ${longSubject}\r\n` +
'\r\n' +
'Body of email with extremely long subject.\r\n' +
'.\r\n';
socket.write(emailWithLongSubject);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log(`Response to ${longSubject.length} character subject:`, finalResponse);
// Server should handle this
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Lines - should handle multiple consecutive long lines', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Create multiple long lines
const longLine1 = 'A'.repeat(1500);
const longLine2 = 'B'.repeat(1800);
const longLine3 = 'C'.repeat(2000);
const emailWithMultipleLongLines =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: Multiple Long Lines Test\r\n' +
'\r\n' +
'First long line:\r\n' +
longLine1 + '\r\n' +
'Second long line:\r\n' +
longLine2 + '\r\n' +
'Third long line:\r\n' +
longLine3 + '\r\n' +
'.\r\n';
socket.write(emailWithMultipleLongLines);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log('Response to multiple long lines:', finalResponse);
// Server should handle this
expect(finalResponse).toMatch(/^[2-5]\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Lines - should handle extremely long MAIL FROM parameter', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Create extremely long email address (technically invalid but testing limits)
const longLocalPart = 'a'.repeat(500);
const longDomain = 'b'.repeat(500) + '.com';
const longEmail = `${longLocalPart}@${longDomain}`;
socket.write(`MAIL FROM:<${longEmail}>\r\n`);
const response = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log(`Response to ${longEmail.length} character email address:`, response);
// Should get error response
expect(response).toMatch(/^5\d{2}/);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Lines - should handle line exactly at RFC limit', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Setup connection
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('EHLO testhost\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send envelope
socket.write('MAIL FROM:<sender@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('RCPT TO:<recipient@example.com>\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
socket.write('DATA\r\n');
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Create line exactly at RFC 5321 limit (998 chars + CRLF = 1000)
const rfcLimitLine = 'X'.repeat(998);
const emailWithRfcLimitLine =
'From: sender@example.com\r\n' +
'To: recipient@example.com\r\n' +
'Subject: RFC Limit Test\r\n' +
'\r\n' +
'Line at RFC 5321 limit:\r\n' +
rfcLimitLine + '\r\n' +
'This should be accepted.\r\n' +
'.\r\n';
socket.write(emailWithRfcLimitLine);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
console.log(`Response to ${rfcLimitLine.length} character line (RFC limit):`, finalResponse);
// This should be accepted
expect(finalResponse).toInclude('250');
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup - stop SMTP server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

404
test/suite/smtpserver_edge-cases/test.edge-06.extremely-long-headers.ts
View File

@@ -1,404 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 2525;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start test server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
expect(testServer).toBeDefined();
});
tap.test('Extremely Long Headers - should handle single extremely long header', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testclient\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Send email with extremely long header (3000 characters)
const longValue = 'X'.repeat(3000);
const emailContent = [
`Subject: Test Email`,
`From: sender@example.com`,
`To: recipient@example.com`,
`X-Long-Header: ${longValue}`,
'',
'This email has an extremely long header.',
'.',
''
].join('\r\n');
socket.write(emailContent);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Server might accept or reject - both are valid for extremely long headers
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('552') || finalResponse.includes('554') || finalResponse.includes('500');
console.log(`Long header test ${accepted ? 'accepted' : 'rejected'}: ${finalResponse.trim()}`);
expect(accepted || rejected).toEqual(true);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Headers - should handle multi-line header with many segments', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testclient\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Create multi-line header with 50 segments (RFC 5322 folding)
const segments = [];
for (let i = 0; i < 50; i++) {
segments.push(` Segment ${i}: ${' '.repeat(60)}value`);
}
const emailContent = [
`Subject: Test Email`,
`From: sender@example.com`,
`To: recipient@example.com`,
`X-Multi-Line: Initial value`,
...segments,
'',
'This email has a multi-line header with many segments.',
'.',
''
].join('\r\n');
socket.write(emailContent);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('552') || finalResponse.includes('554') || finalResponse.includes('500');
console.log(`Multi-line header test ${accepted ? 'accepted' : 'rejected'}: ${finalResponse.trim()}`);
expect(accepted || rejected).toEqual(true);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Headers - should handle multiple long headers in one email', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testclient\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Create multiple long headers
const header1 = 'A'.repeat(1000);
const header2 = 'B'.repeat(1500);
const header3 = 'C'.repeat(2000);
const emailContent = [
`Subject: Test Email with Multiple Long Headers`,
`From: sender@example.com`,
`To: recipient@example.com`,
`X-Long-Header-1: ${header1}`,
`X-Long-Header-2: ${header2}`,
`X-Long-Header-3: ${header3}`,
'',
'This email has multiple long headers.',
'.',
''
].join('\r\n');
const totalHeaderSize = header1.length + header2.length + header3.length;
console.log(`Total header size: ${totalHeaderSize} bytes`);
socket.write(emailContent);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('552') || finalResponse.includes('554') || finalResponse.includes('500');
console.log(`Multiple long headers test ${accepted ? 'accepted' : 'rejected'}: ${finalResponse.trim()}`);
expect(accepted || rejected).toEqual(true);
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('Extremely Long Headers - should handle header with exactly RFC limit', async (tools) => {
const done = tools.defer();
try {
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
await new Promise<void>((resolve, reject) => {
socket.once('connect', () => resolve());
socket.once('error', reject);
});
// Get banner
await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// Send EHLO
socket.write('EHLO testclient\r\n');
await new Promise<string>((resolve) => {
let data = '';
const handler = (chunk: Buffer) => {
data += chunk.toString();
if (data.includes('\r\n') && (data.match(/^250 /m) || data.match(/^250-.*\r\n250 /ms))) {
socket.removeListener('data', handler);
resolve(data);
}
};
socket.on('data', handler);
});
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
const mailResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(mailResponse).toInclude('250');
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
const rcptResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(rcptResponse).toInclude('250');
// Send DATA
socket.write('DATA\r\n');
const dataResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
expect(dataResponse).toInclude('354');
// Create header line exactly at RFC 5322 limit (998 chars excluding CRLF)
// Header name and colon take some space
const headerName = 'X-RFC-Limit';
const colonSpace = ': ';
const remainingSpace = 998 - headerName.length - colonSpace.length;
const headerValue = 'X'.repeat(remainingSpace);
const emailContent = [
`Subject: Test Email`,
`From: sender@example.com`,
`To: recipient@example.com`,
`${headerName}${colonSpace}${headerValue}`,
'',
'This email has a header at exactly the RFC limit.',
'.',
''
].join('\r\n');
socket.write(emailContent);
const finalResponse = await new Promise<string>((resolve) => {
socket.once('data', (chunk) => resolve(chunk.toString()));
});
// This should be accepted since it's exactly at the limit
const accepted = finalResponse.includes('250');
const rejected = finalResponse.includes('552') || finalResponse.includes('554') || finalResponse.includes('500');
console.log(`RFC limit header test ${accepted ? 'accepted' : 'rejected'}: ${finalResponse.trim()}`);
expect(accepted || rejected).toEqual(true);
// RFC compliant servers should accept headers exactly at the limit
if (accepted) {
console.log('✓ Server correctly accepts headers at RFC limit');
} else {
console.log('⚠ Server rejected header at RFC limit (may be overly strict)');
}
// Clean up
socket.write('QUIT\r\n');
socket.end();
} finally {
done.resolve();
}
});
tap.test('cleanup - stop test server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

333
test/suite/smtpserver_edge-cases/test.edge-07.unusual-mime-types.ts
View File

@@ -1,333 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
const TEST_PORT = 30041;
const TEST_TIMEOUT = 30000;
let testServer: ITestServer;
tap.test('setup - start test server', async () => {
testServer = await startTestServer({
port: TEST_PORT,
hostname: 'localhost'
});
expect(testServer).toBeDefined();
});
tap.test('Unusual MIME Types - should handle email with various unusual MIME types', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
console.log('Server response:', data.toString());
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO testclient\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
// Create multipart email with unusual MIME types
const boundary = '----=_Part_1_' + Date.now();
const unusualMimeTypes = [
{ type: 'text/plain', content: 'This is plain text content.' },
{ type: 'application/x-custom-unusual-type', content: 'Custom proprietary format data' },
{ type: 'model/vrml', content: '#VRML V2.0 utf8\nShape { geometry Box {} }' },
{ type: 'chemical/x-mdl-molfile', content: 'Molecule data\n -ISIS- 04249412312D\n\n 3 2 0 0 0 0 0 0 0 0999 V2000' },
{ type: 'application/vnd.ms-fontobject', content: 'Font binary data simulation' },
{ type: 'application/x-doom', content: 'IWAD game data simulation' }
];
let emailContent = [
'Subject: Email with Unusual MIME Types',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${boundary}"`,
'',
'This is a multipart message with unusual MIME types.',
''
];
// Add each unusual MIME type as a part
unusualMimeTypes.forEach((mime, index) => {
emailContent.push(`--${boundary}`);
emailContent.push(`Content-Type: ${mime.type}`);
emailContent.push(`Content-Disposition: attachment; filename="part${index + 1}"`);
emailContent.push('');
emailContent.push(mime.content);
emailContent.push('');
});
emailContent.push(`--${boundary}--`);
emailContent.push('.');
emailContent.push('');
const fullEmail = emailContent.join('\r\n');
console.log(`Sending email with ${unusualMimeTypes.length} unusual MIME types`);
socket.write(fullEmail);
currentStep = 'waiting_response';
receivedData = '';
} else if (currentStep === 'waiting_response' && (receivedData.includes('250 ') ||
receivedData.includes('552 ') ||
receivedData.includes('554 ') ||
receivedData.includes('500 '))) {
// Either accepted or gracefully rejected
const accepted = receivedData.includes('250 ');
console.log(`Unusual MIME types test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('Unusual MIME Types - should handle email with deeply nested multipart structure', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
console.log('Server response:', data.toString());
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO testclient\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
// Create nested multipart structure
const boundary1 = '----=_Part_Outer_' + Date.now();
const boundary2 = '----=_Part_Inner_' + Date.now();
let emailContent = [
'Subject: Nested Multipart Email',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${boundary1}"`,
'',
'This is a nested multipart message.',
'',
`--${boundary1}`,
'Content-Type: text/plain',
'',
'First level plain text.',
'',
`--${boundary1}`,
`Content-Type: multipart/alternative; boundary="${boundary2}"`,
'',
`--${boundary2}`,
'Content-Type: text/richtext',
'',
'<bold>Rich text content</bold>',
'',
`--${boundary2}`,
'Content-Type: application/rtf',
'',
'{\\rtf1 RTF content}',
'',
`--${boundary2}--`,
'',
`--${boundary1}`,
'Content-Type: audio/x-aiff',
'Content-Disposition: attachment; filename="sound.aiff"',
'',
'AIFF audio data simulation',
'',
`--${boundary1}--`,
'.',
''
].join('\r\n');
socket.write(emailContent);
currentStep = 'waiting_response';
receivedData = '';
} else if (currentStep === 'waiting_response' && (receivedData.includes('250 ') ||
receivedData.includes('552 ') ||
receivedData.includes('554 ') ||
receivedData.includes('500 '))) {
const accepted = receivedData.includes('250 ');
console.log(`Nested multipart test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('Unusual MIME Types - should handle email with non-standard charset encodings', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
console.log('Server response:', data.toString());
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
receivedData = '';
socket.write('EHLO testclient\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250 ')) {
currentStep = 'mail_from';
receivedData = '';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
receivedData = '';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
receivedData = '';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
// Create email with various charset encodings
const boundary = '----=_Part_Charset_' + Date.now();
let emailContent = [
'Subject: Email with Various Charset Encodings',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${boundary}"`,
'',
'This email contains various charset encodings.',
'',
`--${boundary}`,
'Content-Type: text/plain; charset="iso-2022-jp"',
'',
'Japanese text simulation',
'',
`--${boundary}`,
'Content-Type: text/plain; charset="windows-1251"',
'',
'Cyrillic text simulation',
'',
`--${boundary}`,
'Content-Type: text/plain; charset="koi8-r"',
'',
'Russian KOI8-R text',
'',
`--${boundary}`,
'Content-Type: text/plain; charset="gb2312"',
'',
'Chinese GB2312 text',
'',
`--${boundary}--`,
'.',
''
].join('\r\n');
socket.write(emailContent);
currentStep = 'waiting_response';
receivedData = '';
} else if (currentStep === 'waiting_response' && (receivedData.includes('250 ') ||
receivedData.includes('552 ') ||
receivedData.includes('554 ') ||
receivedData.includes('500 '))) {
const accepted = receivedData.includes('250 ');
console.log(`Various charset test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('cleanup - stop test server', async () => {
await stopTestServer(testServer);
expect(true).toEqual(true);
});
export default tap.start();

379
test/suite/smtpserver_edge-cases/test.edge-08.nested-mime-structures.ts
View File

@@ -1,379 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as plugins from '../../../ts/plugins.js';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
let testServer: ITestServer;
const TEST_PORT = 2525;
tap.test('setup - start test server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
tap.test('Nested MIME Structures - should handle deeply nested multipart structure', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: 30000
});
let dataBuffer = '';
let state = 'initial';
socket.on('data', (data) => {
dataBuffer += data.toString();
console.log('Server response:', data.toString());
if (dataBuffer.includes('220 ') && state === 'initial') {
// Send EHLO
socket.write('EHLO testclient\r\n');
state = 'ehlo_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'ehlo_sent') {
// Send MAIL FROM
socket.write('MAIL FROM:<sender@example.com>\r\n');
state = 'mail_from_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'mail_from_sent') {
// Send RCPT TO
socket.write('RCPT TO:<recipient@example.com>\r\n');
state = 'rcpt_to_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'rcpt_to_sent') {
// Send DATA
socket.write('DATA\r\n');
state = 'data_sent';
dataBuffer = '';
} else if (dataBuffer.includes('354 ') && state === 'data_sent') {
// Create deeply nested MIME structure (4 levels)
const outerBoundary = '----=_Outer_Boundary_' + Date.now();
const middleBoundary = '----=_Middle_Boundary_' + Date.now();
const innerBoundary = '----=_Inner_Boundary_' + Date.now();
const deepBoundary = '----=_Deep_Boundary_' + Date.now();
let emailContent = [
'Subject: Deeply Nested MIME Structure Test',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${outerBoundary}"`,
'',
'This is a multipart message with deeply nested structure.',
'',
// Level 1: Outer boundary
`--${outerBoundary}`,
'Content-Type: text/plain',
'',
'This is the first part at the outer level.',
'',
`--${outerBoundary}`,
`Content-Type: multipart/alternative; boundary="${middleBoundary}"`,
'',
// Level 2: Middle boundary
`--${middleBoundary}`,
'Content-Type: text/plain',
'',
'Alternative plain text version.',
'',
`--${middleBoundary}`,
`Content-Type: multipart/related; boundary="${innerBoundary}"`,
'',
// Level 3: Inner boundary
`--${innerBoundary}`,
'Content-Type: text/html',
'',
'<html><body><h1>HTML with related content</h1><img src="cid:image1"></body></html>',
'',
`--${innerBoundary}`,
'Content-Type: image/png',
'Content-ID: <image1>',
'Content-Transfer-Encoding: base64',
'',
'iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNkYPhfDwAChwGA60e6kgAAAABJRU5ErkJggg==',
'',
`--${innerBoundary}`,
`Content-Type: multipart/mixed; boundary="${deepBoundary}"`,
'',
// Level 4: Deep boundary
`--${deepBoundary}`,
'Content-Type: application/octet-stream',
'Content-Disposition: attachment; filename="data.bin"',
'',
'Binary data simulation',
'',
`--${deepBoundary}`,
'Content-Type: message/rfc822',
'',
'Subject: Embedded Message',
'From: embedded@example.com',
'To: recipient@example.com',
'',
'This is an embedded email message.',
'',
`--${deepBoundary}--`,
'',
`--${innerBoundary}--`,
'',
`--${middleBoundary}--`,
'',
`--${outerBoundary}`,
'Content-Type: application/pdf',
'Content-Disposition: attachment; filename="document.pdf"',
'',
'PDF document data simulation',
'',
`--${outerBoundary}--`,
'.',
''
].join('\r\n');
console.log('Sending email with 4-level nested MIME structure');
socket.write(emailContent);
state = 'email_sent';
dataBuffer = '';
} else if ((dataBuffer.includes('250 OK') && state === 'email_sent') ||
dataBuffer.includes('552 ') ||
dataBuffer.includes('554 ') ||
dataBuffer.includes('500 ')) {
// Either accepted or gracefully rejected
const accepted = dataBuffer.includes('250 ');
console.log(`Nested MIME structure test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('Nested MIME Structures - should handle circular references in multipart structure', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: 30000
});
let dataBuffer = '';
let state = 'initial';
socket.on('data', (data) => {
dataBuffer += data.toString();
console.log('Server response:', data.toString());
if (dataBuffer.includes('220 ') && state === 'initial') {
socket.write('EHLO testclient\r\n');
state = 'ehlo_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'ehlo_sent') {
socket.write('MAIL FROM:<sender@example.com>\r\n');
state = 'mail_from_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'mail_from_sent') {
socket.write('RCPT TO:<recipient@example.com>\r\n');
state = 'rcpt_to_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'rcpt_to_sent') {
socket.write('DATA\r\n');
state = 'data_sent';
dataBuffer = '';
} else if (dataBuffer.includes('354 ') && state === 'data_sent') {
// Create structure with references between parts
const boundary1 = '----=_Boundary1_' + Date.now();
const boundary2 = '----=_Boundary2_' + Date.now();
let emailContent = [
'Subject: Multipart with Cross-References',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/related; boundary="${boundary1}"`,
'',
`--${boundary1}`,
`Content-Type: multipart/alternative; boundary="${boundary2}"`,
'Content-ID: <part1>',
'',
`--${boundary2}`,
'Content-Type: text/html',
'',
'<html><body>See related part: <a href="cid:part2">Link</a></body></html>',
'',
`--${boundary2}`,
'Content-Type: text/plain',
'',
'Plain text with reference to part2',
'',
`--${boundary2}--`,
'',
`--${boundary1}`,
'Content-Type: application/xml',
'Content-ID: <part2>',
'',
'<?xml version="1.0"?><root><reference href="cid:part1"/></root>',
'',
`--${boundary1}--`,
'.',
''
].join('\r\n');
socket.write(emailContent);
state = 'email_sent';
dataBuffer = '';
} else if ((dataBuffer.includes('250 OK') && state === 'email_sent') ||
dataBuffer.includes('552 ') ||
dataBuffer.includes('554 ') ||
dataBuffer.includes('500 ')) {
const accepted = dataBuffer.includes('250 ');
console.log(`Cross-reference test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('Nested MIME Structures - should handle mixed nesting with various encodings', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: 30000
});
let dataBuffer = '';
let state = 'initial';
socket.on('data', (data) => {
dataBuffer += data.toString();
console.log('Server response:', data.toString());
if (dataBuffer.includes('220 ') && state === 'initial') {
socket.write('EHLO testclient\r\n');
state = 'ehlo_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'ehlo_sent') {
socket.write('MAIL FROM:<sender@example.com>\r\n');
state = 'mail_from_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'mail_from_sent') {
socket.write('RCPT TO:<recipient@example.com>\r\n');
state = 'rcpt_to_sent';
dataBuffer = '';
} else if (dataBuffer.includes('250 ') && state === 'rcpt_to_sent') {
socket.write('DATA\r\n');
state = 'data_sent';
dataBuffer = '';
} else if (dataBuffer.includes('354 ') && state === 'data_sent') {
// Create structure with various encodings
const boundary1 = '----=_Encoding_Outer_' + Date.now();
const boundary2 = '----=_Encoding_Inner_' + Date.now();
let emailContent = [
'Subject: Mixed Encodings in Nested Structure',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${boundary1}"`,
'',
`--${boundary1}`,
'Content-Type: text/plain; charset="utf-8"',
'Content-Transfer-Encoding: quoted-printable',
'',
'This is quoted-printable encoded: =C3=A9=C3=A8=C3=AA',
'',
`--${boundary1}`,
`Content-Type: multipart/alternative; boundary="${boundary2}"`,
'',
`--${boundary2}`,
'Content-Type: text/plain; charset="iso-8859-1"',
'Content-Transfer-Encoding: 8bit',
'',
'Text with 8-bit characters: ñáéíóú',
'',
`--${boundary2}`,
'Content-Type: text/html; charset="utf-16"',
'Content-Transfer-Encoding: base64',
'',
'//48AGgAdABtAGwAPgA8AGIAbwBkAHkAPgBVAFQARgAtADEANgAgAHQAZQB4AHQAPAAvAGIAbwBkAHkAPgA8AC8AaAB0AG0AbAA+',
'',
`--${boundary2}--`,
'',
`--${boundary1}`,
'Content-Type: application/octet-stream',
'Content-Transfer-Encoding: base64',
'Content-Disposition: attachment; filename="binary.dat"',
'',
'VGhpcyBpcyBiaW5hcnkgZGF0YQ==',
'',
`--${boundary1}--`,
'.',
''
].join('\r\n');
socket.write(emailContent);
state = 'email_sent';
dataBuffer = '';
} else if ((dataBuffer.includes('250 OK') && state === 'email_sent') ||
dataBuffer.includes('552 ') ||
dataBuffer.includes('554 ') ||
dataBuffer.includes('500 ')) {
const accepted = dataBuffer.includes('250 ');
console.log(`Mixed encodings test ${accepted ? 'accepted' : 'rejected'}`);
socket.write('QUIT\r\n');
socket.end();
done.resolve();
}
});
socket.on('error', (err) => {
console.error('Socket error:', err);
done.reject(err);
});
socket.on('timeout', () => {
console.error('Socket timeout');
socket.destroy();
done.reject(new Error('Socket timeout'));
});
await done.promise;
});
tap.test('cleanup - stop test server', async () => {
await stopTestServer(testServer);
});
export default tap.start();

338
test/suite/smtpserver_email-processing/test.ep-01.basic-email-sending.ts
View File

@@ -1,338 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
const TEST_TIMEOUT = 15000;
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
// Test: Complete email sending flow
tap.test('Basic Email Sending - should send email through complete SMTP flow', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const fromAddress = 'sender@example.com';
const toAddress = 'recipient@example.com';
const emailContent = `Subject: Production Test Email\r\nFrom: ${fromAddress}\r\nTo: ${toAddress}\r\nDate: ${new Date().toUTCString()}\r\n\r\nThis is a test email sent during production testing.\r\nTest ID: EP-01\r\nTimestamp: ${Date.now()}\r\n`;
const steps: string[] = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
steps.push('CONNECT');
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
steps.push('EHLO');
currentStep = 'mail_from';
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
steps.push('MAIL FROM');
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${toAddress}>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
steps.push('RCPT TO');
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
steps.push('DATA');
currentStep = 'email_content';
socket.write(emailContent);
socket.write('\r\n.\r\n'); // End of data marker
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
steps.push('CONTENT');
currentStep = 'quit';
socket.write('QUIT\r\n');
} else if (currentStep === 'quit' && receivedData.includes('221')) {
steps.push('QUIT');
socket.destroy();
// Verify all steps completed
expect(steps).toInclude('CONNECT');
expect(steps).toInclude('EHLO');
expect(steps).toInclude('MAIL FROM');
expect(steps).toInclude('RCPT TO');
expect(steps).toInclude('DATA');
expect(steps).toInclude('CONTENT');
expect(steps).toInclude('QUIT');
expect(steps.length).toEqual(7);
done.resolve();
} else if (receivedData.match(/\r\n5\d{2}\s/)) {
// Server error (5xx response codes)
socket.destroy();
done.reject(new Error(`Email sending failed at step ${currentStep}: ${receivedData}`));
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Send email with attachments (MIME)
tap.test('Basic Email Sending - should send email with MIME attachment', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const fromAddress = 'sender@example.com';
const toAddress = 'recipient@example.com';
const boundary = '----=_Part_0_1234567890';
const emailContent = `Subject: Email with Attachment\r\nFrom: ${fromAddress}\r\nTo: ${toAddress}\r\nMIME-Version: 1.0\r\nContent-Type: multipart/mixed; boundary="${boundary}"\r\n\r\n--${boundary}\r\nContent-Type: text/plain; charset=UTF-8\r\n\r\nThis email contains an attachment.\r\n\r\n--${boundary}\r\nContent-Type: text/plain; name="test.txt"\r\nContent-Disposition: attachment; filename="test.txt"\r\nContent-Transfer-Encoding: base64\r\n\r\nVGhpcyBpcyBhIHRlc3QgZmlsZS4=\r\n\r\n--${boundary}--\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${toAddress}>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
socket.write(emailContent);
socket.write('\r\n.\r\n'); // End of data marker
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Send HTML email
tap.test('Basic Email Sending - should send HTML email', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const fromAddress = 'sender@example.com';
const toAddress = 'recipient@example.com';
const boundary = '----=_Part_0_987654321';
const emailContent = `Subject: HTML Email Test\r\nFrom: ${fromAddress}\r\nTo: ${toAddress}\r\nMIME-Version: 1.0\r\nContent-Type: multipart/alternative; boundary="${boundary}"\r\n\r\n--${boundary}\r\nContent-Type: text/plain; charset=UTF-8\r\n\r\nThis is the plain text version.\r\n\r\n--${boundary}\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n<html><body><h1>HTML Email</h1><p>This is the <strong>HTML</strong> version.</p></body></html>\r\n\r\n--${boundary}--\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${toAddress}>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
socket.write(emailContent);
socket.write('\r\n.\r\n'); // End of data marker
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Send email with custom headers
tap.test('Basic Email Sending - should send email with custom headers', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const fromAddress = 'sender@example.com';
const toAddress = 'recipient@example.com';
const emailContent = `Subject: Custom Headers Test\r\nFrom: ${fromAddress}\r\nTo: ${toAddress}\r\nX-Custom-Header: CustomValue\r\nX-Priority: 1\r\nX-Mailer: SMTP Test Suite\r\nReply-To: noreply@example.com\r\nOrganization: Test Organization\r\n\r\nThis email contains custom headers.\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${toAddress}>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
socket.write(emailContent);
socket.write('\r\n.\r\n'); // End of data marker
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Minimal email (only required headers)
tap.test('Basic Email Sending - should send minimal email', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
const fromAddress = 'sender@example.com';
const toAddress = 'recipient@example.com';
// Minimal email - just a body, no headers
const emailContent = 'This is a minimal email with no headers.\r\n';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${toAddress}>\r\n`);
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
socket.write(emailContent);
socket.write('\r\n.\r\n'); // End of data marker
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

315
test/suite/smtpserver_email-processing/test.ep-02.invalid-email-addresses.ts
View File

@@ -1,315 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { startTestServer, stopTestServer } from '../../helpers/server.loader.ts'
import type { ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 2525;
const TEST_TIMEOUT = 20000;
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({ port: TEST_PORT });
await new Promise(resolve => setTimeout(resolve, 1000));
});
// Test: Invalid email address validation
tap.test('Invalid Email Addresses - should reject various invalid email formats', async (tools) => {
const done = tools.defer();
const invalidAddresses = [
'invalid-email',
'@example.com',
'user@',
'user..name@example.com',
'user@.example.com',
'user@example..com',
'user@example.',
'user name@example.com',
'user@exam ple.com',
'user@[invalid]',
'a'.repeat(65) + '@example.com', // Local part too long
'user@' + 'a'.repeat(250) + '.com' // Domain too long
];
const results: Array<{
address: string;
response: string;
responseCode: string;
properlyRejected: boolean;
accepted: boolean;
}> = [];
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let currentIndex = 0;
let state = 'connecting';
let buffer = '';
let lastResponseCode = '';
const fromAddress = 'test@example.com';
const processNextAddress = () => {
if (currentIndex < invalidAddresses.length) {
socket.write(`RCPT TO:<${invalidAddresses[currentIndex]}>\r\n`);
state = 'rcpt';
} else {
socket.write('QUIT\r\n');
state = 'quit';
}
};
socket.on('data', (data) => {
buffer += data.toString();
const lines = buffer.split('\r\n');
// Process complete lines
for (let i = 0; i < lines.length - 1; i++) {
const line = lines[i];
if (line.match(/^\d{3}/)) {
lastResponseCode = line.substring(0, 3);
if (state === 'connecting' && line.startsWith('220')) {
socket.write('EHLO test.example.com\r\n');
state = 'ehlo';
} else if (state === 'ehlo' && line.startsWith('250') && !line.includes('250-')) {
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
state = 'mail';
} else if (state === 'mail' && line.startsWith('250')) {
processNextAddress();
} else if (state === 'rcpt') {
// Record result
const rejected = lastResponseCode.startsWith('5') || lastResponseCode.startsWith('4');
results.push({
address: invalidAddresses[currentIndex],
response: line,
responseCode: lastResponseCode,
properlyRejected: rejected,
accepted: lastResponseCode.startsWith('2')
});
currentIndex++;
if (currentIndex < invalidAddresses.length) {
// Reset and test next
socket.write('RSET\r\n');
state = 'rset';
} else {
socket.write('QUIT\r\n');
state = 'quit';
}
} else if (state === 'rset' && line.startsWith('250')) {
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
state = 'mail';
} else if (state === 'quit' && line.startsWith('221')) {
socket.destroy();
// Analyze results
const rejected = results.filter(r => r.properlyRejected).length;
const rate = results.length > 0 ? rejected / results.length : 0;
// Log results for debugging
results.forEach(r => {
if (!r.properlyRejected) {
console.log(`WARNING: Invalid address accepted: ${r.address}`);
}
});
// We expect at least 70% rejection rate for invalid addresses
expect(rate).toBeGreaterThan(0.7);
expect(results.length).toEqual(invalidAddresses.length);
done.resolve();
}
}
}
// Keep incomplete line in buffer
buffer = lines[lines.length - 1];
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error('Test timeout'));
});
socket.on('error', (err) => {
done.reject(err);
});
await done.promise;
});
// Test: Edge case email addresses that might be valid
tap.test('Invalid Email Addresses - should handle edge case addresses', async (tools) => {
const done = tools.defer();
const edgeCaseAddresses = [
'user+tag@example.com', // Valid - with plus addressing
'user.name@example.com', // Valid - with dot
'user@sub.example.com', // Valid - subdomain
'user@192.168.1.1', // Valid - IP address
'user@[192.168.1.1]', // Valid - IP in brackets
'"user name"@example.com', // Valid - quoted local part
'user\\@name@example.com', // Valid - escaped character
'user@localhost', // Might be valid depending on server config
];
const results: Array<{
address: string;
accepted: boolean;
}> = [];
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let currentIndex = 0;
let state = 'connecting';
let buffer = '';
const fromAddress = 'test@example.com';
socket.on('data', (data) => {
buffer += data.toString();
const lines = buffer.split('\r\n');
for (let i = 0; i < lines.length - 1; i++) {
const line = lines[i];
if (line.match(/^\d{3}/)) {
const responseCode = line.substring(0, 3);
if (state === 'connecting' && line.startsWith('220')) {
socket.write('EHLO test.example.com\r\n');
state = 'ehlo';
} else if (state === 'ehlo' && line.startsWith('250') && !line.includes('250-')) {
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
state = 'mail';
} else if (state === 'mail' && line.startsWith('250')) {
if (currentIndex < edgeCaseAddresses.length) {
socket.write(`RCPT TO:<${edgeCaseAddresses[currentIndex]}>\r\n`);
state = 'rcpt';
} else {
socket.write('QUIT\r\n');
state = 'quit';
}
} else if (state === 'rcpt') {
results.push({
address: edgeCaseAddresses[currentIndex],
accepted: responseCode.startsWith('2')
});
currentIndex++;
if (currentIndex < edgeCaseAddresses.length) {
socket.write('RSET\r\n');
state = 'rset';
} else {
socket.write('QUIT\r\n');
state = 'quit';
}
} else if (state === 'rset' && line.startsWith('250')) {
socket.write(`MAIL FROM:<${fromAddress}>\r\n`);
state = 'mail';
} else if (state === 'quit' && line.startsWith('221')) {
socket.destroy();
// Just verify we tested all addresses
expect(results.length).toEqual(edgeCaseAddresses.length);
done.resolve();
}
}
}
buffer = lines[lines.length - 1];
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error('Test timeout'));
});
socket.on('error', (err) => {
done.reject(err);
});
await done.promise;
});
// Test: Empty and null addresses
tap.test('Invalid Email Addresses - should handle empty addresses', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<test@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_empty';
socket.write('RCPT TO:<>\r\n'); // Empty address
} else if (currentStep === 'rcpt_empty') {
if (receivedData.includes('250')) {
// Empty recipient allowed (for bounces)
currentStep = 'rset';
socket.write('RSET\r\n');
} else if (receivedData.match(/[45]\d{2}/)) {
// Empty recipient rejected
currentStep = 'rset';
socket.write('RSET\r\n');
}
} else if (currentStep === 'rset' && receivedData.includes('250')) {
currentStep = 'mail_empty';
socket.write('MAIL FROM:<>\r\n'); // Empty sender (bounce)
} else if (currentStep === 'mail_empty' && receivedData.includes('250')) {
currentStep = 'rcpt_after_empty';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_after_empty' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Empty MAIL FROM should be accepted for bounces
expect(receivedData).toInclude('250');
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
await stopTestServer(testServer);
});
// Start the test
export default tap.start();

493
test/suite/smtpserver_email-processing/test.ep-03.multiple-recipients.ts
View File

@@ -1,493 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 30049;
const TEST_TIMEOUT = 15000;
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({ port: TEST_PORT, hostname: 'localhost' });
expect(testServer).toBeDefined();
expect(testServer.port).toEqual(TEST_PORT);
});
// Test: Basic multiple recipients
tap.test('Multiple Recipients - should accept multiple valid recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
const recipients = [
'recipient1@example.com',
'recipient2@example.com',
'recipient3@example.com'
];
let acceptedRecipients = 0;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else if (currentStep === 'rcpt_to') {
if (receivedData.includes('250')) {
acceptedRecipients++;
recipientCount++;
if (recipientCount < recipients.length) {
receivedData = ''; // Clear buffer for next response
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else {
currentStep = 'data';
socket.write('DATA\r\n');
}
}
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
const emailContent = `Subject: Multiple Recipients Test\r\nFrom: sender@example.com\r\nTo: ${recipients.join(', ')}\r\n\r\nThis email was sent to ${acceptedRecipients} recipients.\r\n`;
socket.write(emailContent);
socket.write('\r\n.\r\n');
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(acceptedRecipients).toEqual(recipients.length);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Mixed valid and invalid recipients
tap.test('Multiple Recipients - should handle mix of valid and invalid recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientIndex = 0;
const recipients = [
'valid@example.com',
'invalid-email', // Invalid format
'another.valid@example.com',
'@example.com', // Invalid format
'third.valid@example.com'
];
const recipientResults: Array<{ email: string, accepted: boolean }> = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${recipients[recipientIndex]}>\r\n`);
} else if (currentStep === 'rcpt_to') {
const lines = receivedData.split('\r\n');
const lastLine = lines[lines.length - 2] || lines[lines.length - 1];
if (lastLine.match(/^\d{3}/)) {
const accepted = lastLine.startsWith('250');
recipientResults.push({
email: recipients[recipientIndex],
accepted: accepted
});
recipientIndex++;
if (recipientIndex < recipients.length) {
receivedData = ''; // Clear buffer
socket.write(`RCPT TO:<${recipients[recipientIndex]}>\r\n`);
} else {
const acceptedCount = recipientResults.filter(r => r.accepted).length;
if (acceptedCount > 0) {
currentStep = 'data';
socket.write('DATA\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(acceptedCount).toEqual(0);
done.resolve();
}, 100);
}
}
}
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
const acceptedEmails = recipientResults.filter(r => r.accepted).map(r => r.email);
const emailContent = `Subject: Mixed Recipients Test\r\nFrom: sender@example.com\r\nTo: ${acceptedEmails.join(', ')}\r\n\r\nDelivered to ${acceptedEmails.length} valid recipients.\r\n`;
socket.write(emailContent);
socket.write('\r\n.\r\n');
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
const acceptedCount = recipientResults.filter(r => r.accepted).length;
const rejectedCount = recipientResults.filter(r => !r.accepted).length;
expect(acceptedCount).toEqual(3); // 3 valid recipients
expect(rejectedCount).toEqual(2); // 2 invalid recipients
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Large number of recipients
tap.test('Multiple Recipients - should handle many recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
const totalRecipients = 10;
const recipients: string[] = [];
for (let i = 1; i <= totalRecipients; i++) {
recipients.push(`recipient${i}@example.com`);
}
let acceptedCount = 0;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else if (currentStep === 'rcpt_to') {
if (receivedData.includes('250')) {
acceptedCount++;
}
recipientCount++;
if (recipientCount < recipients.length) {
receivedData = ''; // Clear buffer
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else {
currentStep = 'data';
socket.write('DATA\r\n');
}
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
const emailContent = `Subject: Large Recipients Test\r\nFrom: sender@example.com\r\n\r\nSent to ${acceptedCount} recipients.\r\n`;
socket.write(emailContent);
socket.write('\r\n.\r\n');
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(acceptedCount).toBeGreaterThan(0);
expect(acceptedCount).toBeLessThan(totalRecipients + 1);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Duplicate recipients
tap.test('Multiple Recipients - should handle duplicate recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
const recipients = [
'duplicate@example.com',
'unique@example.com',
'duplicate@example.com', // Duplicate
'another@example.com',
'duplicate@example.com' // Another duplicate
];
const results: boolean[] = [];
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else if (currentStep === 'rcpt_to') {
if (receivedData.match(/[245]\d{2}/)) {
results.push(receivedData.includes('250'));
recipientCount++;
if (recipientCount < recipients.length) {
receivedData = ''; // Clear buffer
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else {
currentStep = 'data';
socket.write('DATA\r\n');
}
}
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
const emailContent = `Subject: Duplicate Recipients Test\r\nFrom: sender@example.com\r\n\r\nTesting duplicate recipient handling.\r\n`;
socket.write(emailContent);
socket.write('\r\n.\r\n');
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(results.length).toEqual(recipients.length);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: No recipients (should fail DATA)
tap.test('Multiple Recipients - DATA should fail with no recipients', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
// Skip RCPT TO, go directly to DATA
currentStep = 'data_no_recipients';
socket.write('DATA\r\n');
} else if (currentStep === 'data_no_recipients') {
if (receivedData.includes('503')) {
// Expected: bad sequence error
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('503'); // Bad sequence
done.resolve();
}, 100);
} else if (receivedData.includes('354')) {
// Some servers accept DATA without recipients and fail later
// Send empty data to trigger the error
socket.write('.\r\n');
currentStep = 'data_sent';
}
} else if (currentStep === 'data_sent' && receivedData.match(/[45]\d{2}/)) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Should get an error when trying to send without recipients
expect(receivedData).toMatch(/[45]\d{2}/);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Recipients with different domains
tap.test('Multiple Recipients - should handle recipients from different domains', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let recipientCount = 0;
const recipients = [
'user1@example.com',
'user2@test.com',
'user3@localhost',
'user4@example.org',
'user5@subdomain.example.com'
];
let acceptedCount = 0;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else if (currentStep === 'rcpt_to') {
if (receivedData.includes('250')) {
acceptedCount++;
}
recipientCount++;
if (recipientCount < recipients.length) {
receivedData = ''; // Clear buffer
socket.write(`RCPT TO:<${recipients[recipientCount]}>\r\n`);
} else {
if (acceptedCount > 0) {
currentStep = 'data';
socket.write('DATA\r\n');
} else {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
}
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'email_content';
const emailContent = `Subject: Multi-domain Test\r\nFrom: sender@example.com\r\n\r\nDelivered to ${acceptedCount} recipients across different domains.\r\n`;
socket.write(emailContent);
socket.write('\r\n.\r\n');
} else if (currentStep === 'email_content' && receivedData.includes('250')) {
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(acceptedCount).toBeGreaterThan(0);
done.resolve();
}, 100);
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
if (testServer) {
await stopTestServer(testServer);
}
expect(true).toEqual(true);
});
// Start the test
export default tap.start();

528
test/suite/smtpserver_email-processing/test.ep-04.large-email.ts
View File

@@ -1,528 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as path from 'path';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
// Test configuration
const TEST_PORT = 30048;
const TEST_TIMEOUT = 60000; // Increased for large email handling
let testServer: ITestServer;
// Setup
tap.test('setup - start SMTP server', async () => {
testServer = await startTestServer({ port: TEST_PORT, hostname: 'localhost' });
expect(testServer).toBeDefined();
});
// Test: Moderately large email (1MB)
tap.test('Large Email - should handle 1MB email', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let completed = false;
// Generate 1MB of content
const largeBody = 'X'.repeat(1024 * 1024); // 1MB
const emailContent = `Subject: 1MB Email Test\r\nFrom: sender@example.com\r\nTo: recipient@example.com\r\n\r\n${largeBody}\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'sending_large_email';
// Send in chunks to avoid overwhelming
const chunkSize = 64 * 1024; // 64KB chunks
let sent = 0;
const sendChunk = () => {
if (sent < emailContent.length) {
const chunk = emailContent.slice(sent, sent + chunkSize);
socket.write(chunk);
sent += chunk.length;
// Small delay between chunks
if (sent < emailContent.length) {
setTimeout(sendChunk, 10);
} else {
// End of data
socket.write('.\r\n');
currentStep = 'sent';
}
}
};
sendChunk();
} else if (currentStep === 'sent' && (receivedData.includes('250') || receivedData.includes('552'))) {
if (!completed) {
completed = true;
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Either accepted (250) or size exceeded (552)
expect(receivedData).toMatch(/250|552/);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Large email with MIME attachments
tap.test('Large Email - should handle multi-part MIME message', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let completed = false;
const boundary = '----=_Part_0_123456789';
const attachment1 = 'A'.repeat(500 * 1024); // 500KB
const attachment2 = 'B'.repeat(300 * 1024); // 300KB
const emailContent = [
'Subject: Large MIME Email Test',
'From: sender@example.com',
'To: recipient@example.com',
'MIME-Version: 1.0',
`Content-Type: multipart/mixed; boundary="${boundary}"`,
'',
'This is a multi-part message in MIME format.',
'',
`--${boundary}`,
'Content-Type: text/plain; charset=utf-8',
'',
'This email contains large attachments.',
'',
`--${boundary}`,
'Content-Type: text/plain; charset=utf-8',
'Content-Disposition: attachment; filename="file1.txt"',
'',
attachment1,
'',
`--${boundary}`,
'Content-Type: application/octet-stream',
'Content-Disposition: attachment; filename="file2.bin"',
'Content-Transfer-Encoding: base64',
'',
Buffer.from(attachment2).toString('base64'),
'',
`--${boundary}--`,
''
].join('\r\n');
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'sending_mime';
socket.write(emailContent);
socket.write('\r\n.\r\n');
currentStep = 'sent';
} else if (currentStep === 'sent' && (receivedData.includes('250') || receivedData.includes('552'))) {
if (!completed) {
completed = true;
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toMatch(/250|552/);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Email size limits with SIZE extension
tap.test('Large Email - should respect SIZE limits if advertised', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let maxSize: number | null = null;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
// Check for SIZE extension
const sizeMatch = receivedData.match(/SIZE\s+(\d+)/);
if (sizeMatch) {
maxSize = parseInt(sizeMatch[1]);
console.log(`Server advertises max size: ${maxSize} bytes`);
}
currentStep = 'mail_from';
const emailSize = maxSize ? maxSize + 1000 : 5000000; // Over limit or 5MB
socket.write(`MAIL FROM:<sender@example.com> SIZE=${emailSize}\r\n`);
} else if (currentStep === 'mail_from') {
if (maxSize && receivedData.includes('552')) {
// Size rejected - expected
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(receivedData).toInclude('552');
done.resolve();
}, 100);
} else if (receivedData.includes('250')) {
// Size accepted or no limit
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Very large email handling (5MB)
tap.test('Large Email - should handle or reject very large emails gracefully', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let completed = false;
// Generate 5MB email
const largeContent = 'X'.repeat(5 * 1024 * 1024); // 5MB
const emailContent = `Subject: 5MB Email Test\r\nFrom: sender@example.com\r\nTo: recipient@example.com\r\n\r\n${largeContent}\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'sending_5mb';
console.log('Sending 5MB email...');
// Send in larger chunks for efficiency
const chunkSize = 256 * 1024; // 256KB chunks
let sent = 0;
const sendChunk = () => {
if (sent < emailContent.length) {
const chunk = emailContent.slice(sent, sent + chunkSize);
socket.write(chunk);
sent += chunk.length;
if (sent < emailContent.length) {
setImmediate(sendChunk); // Use setImmediate for better performance
} else {
socket.write('.\r\n');
currentStep = 'sent';
}
}
};
sendChunk();
} else if (currentStep === 'sent' && receivedData.match(/[245]\d{2}/)) {
if (!completed) {
completed = true;
// Extract the last response code
const lines = receivedData.split('\r\n');
let responseCode = '';
// Look for the most recent response code
for (let i = lines.length - 1; i >= 0; i--) {
const match = lines[i].match(/^([245]\d{2})[\s-]/);
if (match) {
responseCode = match[1];
break;
}
}
// If we couldn't extract, but we know there's a response, default to 250
if (!responseCode && receivedData.includes('250 OK message queued')) {
responseCode = '250';
}
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// Accept various responses: 250 (accepted), 552 (size exceeded), 554 (failed)
expect(responseCode).toMatch(/^(250|552|554|451|452)$/);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
// Connection errors during large transfers are acceptable
if (currentStep === 'sending_5mb' || currentStep === 'sent') {
done.resolve();
} else {
done.reject(error);
}
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Chunked transfer handling
tap.test('Large Email - should handle chunked transfers properly', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let chunksSent = 0;
let completed = false;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'chunked_sending';
// Send headers
socket.write('Subject: Chunked Transfer Test\r\n');
socket.write('From: sender@example.com\r\n');
socket.write('To: recipient@example.com\r\n');
socket.write('\r\n');
// Send body in multiple chunks with delays
const chunks = [
'First chunk of data\r\n',
'Second chunk of data\r\n',
'Third chunk of data\r\n',
'Fourth chunk of data\r\n',
'Final chunk of data\r\n'
];
const sendNextChunk = () => {
if (chunksSent < chunks.length) {
socket.write(chunks[chunksSent]);
chunksSent++;
setTimeout(sendNextChunk, 100); // 100ms delay between chunks
} else {
socket.write('.\r\n');
}
};
sendNextChunk();
} else if (currentStep === 'chunked_sending' && receivedData.includes('250')) {
if (!completed) {
completed = true;
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
expect(chunksSent).toEqual(5);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Test: Email with very long lines
tap.test('Large Email - should handle emails with very long lines', async (tools) => {
const done = tools.defer();
const socket = net.createConnection({
host: 'localhost',
port: TEST_PORT,
timeout: TEST_TIMEOUT
});
let receivedData = '';
let currentStep = 'connecting';
let completed = false;
// Create a very long line (10KB)
const veryLongLine = 'A'.repeat(10 * 1024);
const emailContent = `Subject: Long Line Test\r\nFrom: sender@example.com\r\nTo: recipient@example.com\r\n\r\n${veryLongLine}\r\nNormal line after long line.\r\n`;
socket.on('data', (data) => {
receivedData += data.toString();
if (currentStep === 'connecting' && receivedData.includes('220')) {
currentStep = 'ehlo';
socket.write('EHLO test.example.com\r\n');
} else if (currentStep === 'ehlo' && receivedData.includes('250')) {
currentStep = 'mail_from';
socket.write('MAIL FROM:<sender@example.com>\r\n');
} else if (currentStep === 'mail_from' && receivedData.includes('250')) {
currentStep = 'rcpt_to';
socket.write('RCPT TO:<recipient@example.com>\r\n');
} else if (currentStep === 'rcpt_to' && receivedData.includes('250')) {
currentStep = 'data';
socket.write('DATA\r\n');
} else if (currentStep === 'data' && receivedData.includes('354')) {
currentStep = 'long_line';
socket.write(emailContent);
socket.write('.\r\n');
currentStep = 'sent';
} else if (currentStep === 'sent') {
// Extract the last response code from the received data
// Look for response codes that are at the beginning of a line
const responseMatches = receivedData.split('\r\n').filter(line => /^\d{3}\s/.test(line));
const lastResponseLine = responseMatches[responseMatches.length - 1];
const responseCode = lastResponseLine?.match(/^(\d{3})/)?.[1];
if (responseCode && !completed) {
completed = true;
socket.write('QUIT\r\n');
setTimeout(() => {
socket.destroy();
// May accept or reject based on line length limits
expect(responseCode).toMatch(/^(250|500|501|552)$/);
done.resolve();
}, 100);
}
}
});
socket.on('error', (error) => {
done.reject(error);
});
socket.on('timeout', () => {
socket.destroy();
done.reject(new Error(`Connection timeout at step: ${currentStep}`));
});
await done.promise;
});
// Teardown
tap.test('teardown - stop SMTP server', async () => {
if (testServer) {
await stopTestServer(testServer);
}
expect(true).toEqual(true);
});
// Start the test
export default tap.start();

Some files were not shown because too many files have changed in this diff Show More