import { tap, expect } from '@git.zone/tstest/tapbundle'; import * as plugins from '../../../ts/plugins.js'; import * as net from 'net'; import { startTestServer, stopTestServer } from '../../helpers/server.loader.js' import type { ITestServer } from '../../helpers/server.loader.js'; const TEST_PORT = 2525; let testServer: ITestServer; // Helper to wait for SMTP response const waitForResponse = (socket: net.Socket, expectedCode?: string, timeout = 5000): Promise => { return new Promise((resolve, reject) => { let buffer = ''; const timer = setTimeout(() => { socket.removeListener('data', handler); reject(new Error(`Timeout waiting for ${expectedCode || 'any'} response`)); }, timeout); const handler = (data: Buffer) => { buffer += data.toString(); const lines = buffer.split('\r\n'); for (const line of lines) { if (expectedCode) { if (line.startsWith(expectedCode + ' ')) { clearTimeout(timer); socket.removeListener('data', handler); resolve(buffer); return; } } else { // Look for any complete response if (line.match(/^\d{3} /)) { clearTimeout(timer); socket.removeListener('data', handler); resolve(buffer); return; } } } }; socket.on('data', handler); }); }; tap.test('setup - start test server', async (toolsArg) => { testServer = await startTestServer({ port: TEST_PORT }); await toolsArg.delayFor(1000); }); tap.test('Content Scanning - Suspicious content patterns', async (tools) => { const socket = net.createConnection({ host: 'localhost', port: TEST_PORT, timeout: 30000 }); try { // Wait for greeting await waitForResponse(socket, '220'); // Send EHLO socket.write('EHLO testclient\r\n'); await waitForResponse(socket, '250'); // Send MAIL FROM socket.write('MAIL FROM:\r\n'); await waitForResponse(socket, '250'); // Send RCPT TO socket.write('RCPT TO:\r\n'); await waitForResponse(socket, '250'); // Send DATA socket.write('DATA\r\n'); await waitForResponse(socket, '354'); // Email with suspicious content const email = [ `From: sender@example.com`, `To: recipient@example.com`, `Subject: Content Scanning Test`, `Date: ${new Date().toUTCString()}`, `Message-ID: `, '', 'This email contains suspicious content that should trigger content scanning:', 'VIRUS_TEST_STRING', 'SUSPICIOUS_ATTACHMENT_PATTERN', 'MALWARE_SIGNATURE_TEST', 'Click here for FREE MONEY!!!', 'Visit http://phishing-site.com/steal-data', '.', '' ].join('\r\n'); socket.write(email); const dataResponse = await waitForResponse(socket); const accepted = dataResponse.startsWith('250'); const rejected = dataResponse.startsWith('550'); console.log(`Suspicious content: accepted=${accepted}, rejected=${rejected}`); if (rejected) { console.log('Content scanning active - suspicious content detected'); } else { console.log('Content scanning operational - email processed'); } expect(accepted || rejected).toEqual(true); socket.write('QUIT\r\n'); await waitForResponse(socket, '221').catch(() => {}); } finally { socket.destroy(); } }); tap.test('Content Scanning - Malware patterns', async (tools) => { const socket = net.createConnection({ host: 'localhost', port: TEST_PORT, timeout: 30000 }); try { // Wait for greeting await waitForResponse(socket, '220'); // Send EHLO socket.write('EHLO testclient\r\n'); await waitForResponse(socket, '250'); // Send MAIL FROM socket.write('MAIL FROM:\r\n'); await waitForResponse(socket, '250'); // Send RCPT TO socket.write('RCPT TO:\r\n'); await waitForResponse(socket, '250'); // Send DATA socket.write('DATA\r\n'); await waitForResponse(socket, '354'); // Email with malware-like patterns const email = [ `From: sender@example.com`, `To: recipient@example.com`, `Subject: Important Security Update`, `Date: ${new Date().toUTCString()}`, `Message-ID: `, 'Content-Type: multipart/mixed; boundary="malware-boundary"', '', '--malware-boundary', 'Content-Type: text/plain', '', 'Please run the attached file to update your security software.', '', '--malware-boundary', 'Content-Type: application/x-msdownload; name="update.exe"', 'Content-Transfer-Encoding: base64', 'Content-Disposition: attachment; filename="update.exe"', '', 'TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', 'AAAA4AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v', '', '--malware-boundary--', '.', '' ].join('\r\n'); socket.write(email); const dataResponse = await waitForResponse(socket); const accepted = dataResponse.startsWith('250'); const rejected = dataResponse.startsWith('550'); console.log(`Malware pattern email: ${accepted ? 'accepted' : 'rejected'}`); if (rejected) { console.log('Content scanning active - malware patterns detected'); } else { console.log('Content scanning operational - email processed'); } expect(accepted || rejected).toEqual(true); socket.write('QUIT\r\n'); await waitForResponse(socket, '221').catch(() => {}); } finally { socket.destroy(); } }); tap.test('Content Scanning - Spam keywords', async (tools) => { const socket = net.createConnection({ host: 'localhost', port: TEST_PORT, timeout: 30000 }); try { // Wait for greeting await waitForResponse(socket, '220'); // Send EHLO socket.write('EHLO testclient\r\n'); await waitForResponse(socket, '250'); // Send MAIL FROM socket.write('MAIL FROM:\r\n'); await waitForResponse(socket, '250'); // Send RCPT TO socket.write('RCPT TO:\r\n'); await waitForResponse(socket, '250'); // Send DATA socket.write('DATA\r\n'); await waitForResponse(socket, '354'); // Email with spam keywords const email = [ `From: sender@example.com`, `To: recipient@example.com`, `Subject: URGENT!!! Act NOW!!! Limited Time OFFER!!!`, `Date: ${new Date().toUTCString()}`, `Message-ID: `, '', 'CONGRATULATIONS!!! You have WON!!!', 'FREE FREE FREE!!!', 'VIAGRA CIALIS CHEAP MEDS!!!', 'MAKE $$$ FAST!!!', 'WORK FROM HOME!!!', 'NO CREDIT CHECK!!!', 'GUARANTEED WINNER!!!', 'CLICK HERE NOW!!!', 'This is NOT SPAM!!!', '.', '' ].join('\r\n'); socket.write(email); const dataResponse = await waitForResponse(socket); const accepted = dataResponse.startsWith('250'); const rejected = dataResponse.startsWith('550'); console.log(`Spam keyword email: ${accepted ? 'accepted' : 'rejected (spam detected)'}`); if (rejected) { console.log('Content scanning active - spam keywords detected'); } else { console.log('Content scanning operational - email processed'); } expect(accepted || rejected).toEqual(true); socket.write('QUIT\r\n'); await waitForResponse(socket, '221').catch(() => {}); } finally { socket.destroy(); } }); tap.test('Content Scanning - Clean legitimate email', async (tools) => { const socket = net.createConnection({ host: 'localhost', port: TEST_PORT, timeout: 30000 }); try { // Wait for greeting await waitForResponse(socket, '220'); // Send EHLO socket.write('EHLO testclient\r\n'); await waitForResponse(socket, '250'); // Send MAIL FROM socket.write('MAIL FROM:\r\n'); await waitForResponse(socket, '250'); // Send RCPT TO socket.write('RCPT TO:\r\n'); await waitForResponse(socket, '250'); // Send DATA socket.write('DATA\r\n'); await waitForResponse(socket, '354'); // Clean legitimate email const email = [ `From: sender@example.com`, `To: recipient@example.com`, `Subject: Meeting Tomorrow`, `Date: ${new Date().toUTCString()}`, `Message-ID: `, '', 'Hi,', '', 'Just wanted to confirm our meeting for tomorrow at 2 PM.', 'Please let me know if you need to reschedule.', '', 'Best regards,', 'John', '.', '' ].join('\r\n'); socket.write(email); const dataResponse = await waitForResponse(socket, '250'); console.log('Clean email accepted - content scanning allows legitimate emails'); expect(dataResponse.startsWith('250')).toEqual(true); socket.write('QUIT\r\n'); await waitForResponse(socket, '221').catch(() => {}); } finally { socket.destroy(); } }); tap.test('Content Scanning - Large attachment', async (tools) => { const socket = net.createConnection({ host: 'localhost', port: TEST_PORT, timeout: 30000 }); try { // Wait for greeting await waitForResponse(socket, '220'); // Send EHLO socket.write('EHLO testclient\r\n'); await waitForResponse(socket, '250'); // Send MAIL FROM socket.write('MAIL FROM:\r\n'); await waitForResponse(socket, '250'); // Send RCPT TO socket.write('RCPT TO:\r\n'); await waitForResponse(socket, '250'); // Send DATA socket.write('DATA\r\n'); await waitForResponse(socket, '354'); // Email with large attachment pattern const largeData = 'A'.repeat(10000); // 10KB of data const email = [ `From: sender@example.com`, `To: recipient@example.com`, `Subject: Large Attachment Test`, `Date: ${new Date().toUTCString()}`, `Message-ID: `, 'Content-Type: multipart/mixed; boundary="boundary123"', '', '--boundary123', 'Content-Type: text/plain', '', 'Please find the attached file.', '', '--boundary123', 'Content-Type: application/octet-stream; name="largefile.dat"', 'Content-Transfer-Encoding: base64', 'Content-Disposition: attachment; filename="largefile.dat"', '', Buffer.from(largeData).toString('base64'), '', '--boundary123--', '.', '' ].join('\r\n'); socket.write(email); const dataResponse = await waitForResponse(socket); const accepted = dataResponse.startsWith('250'); const rejected = dataResponse.startsWith('550') || dataResponse.startsWith('552'); console.log(`Large attachment: ${accepted ? 'accepted' : 'rejected (size or content issue)'}`); if (rejected) { console.log('Content scanning active - large attachment blocked'); } else { console.log('Content scanning operational - email processed'); } expect(accepted || rejected).toEqual(true); socket.write('QUIT\r\n'); await waitForResponse(socket, '221').catch(() => {}); } finally { socket.destroy(); } }); tap.test('cleanup - stop test server', async () => { await stopTestServer(testServer); }); export default tap.start();