serve.zone/mailer
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat(tests): Port CMD-06 RSET, SEC-06 IP Reputation, and ERR-01 Syntax Error tests

Browse Source 
- Ported CMD-06 RSET Command tests with 8 passing tests covering transaction resets and recipient clearing.
- Ported SEC-06 IP Reputation tests with 7 passing tests validating infrastructure and legitimate traffic acceptance.
- Ported ERR-01 Syntax Error tests with 10 passing tests for handling invalid commands and syntax errors.
- Updated README files to reflect the new test statuses and coverage.
- Added detailed test cases for handling invalid sequences in ERR-02 tests.
This commit is contained in:
Jürgen Kunz
2025-10-28 10:47:05 +00:00
parent 7ecdd9f1e4
commit 0018b19164
6 changed files with 1126 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

225
test/suite/smtpserver_commands/test.cmd-06.rset-command.test.ts Normal file
View File

@@ -0,0 +1,225 @@
/**
* CMD-06: RSET Command Tests
* Tests SMTP RSET command for transaction reset
*/
import { assert, assertEquals, assertMatch } from '@std/assert';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.ts';
import {
connectToSmtp,
waitForGreeting,
sendSmtpCommand,
closeSmtpConnection,
} from '../../helpers/utils.ts';
const TEST_PORT = 25259;
let testServer: ITestServer;
Deno.test({
name: 'CMD-06: Setup - Start SMTP server',
async fn() {
testServer = await startTestServer({ port: TEST_PORT });
assert(testServer, 'Test server should be created');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - resets transaction after MAIL FROM',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
// Send RSET
const rsetResponse = await sendSmtpCommand(conn, 'RSET', '250');
assert(rsetResponse.includes('250'), 'RSET should respond with 250 OK');
// After RSET, should be able to send new MAIL FROM
const mailFromResponse = await sendSmtpCommand(conn, 'MAIL FROM:<newsender@example.com>', '250');
assert(mailFromResponse.includes('250'), 'Should accept MAIL FROM after RSET');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RSET successfully resets transaction after MAIL FROM');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - resets transaction after RCPT TO',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
await sendSmtpCommand(conn, 'RCPT TO:<recipient@example.com>', '250');
// Send RSET
const rsetResponse = await sendSmtpCommand(conn, 'RSET', '250');
assert(rsetResponse.includes('250'), 'RSET should respond with 250 OK');
// After RSET, RCPT TO should fail (need MAIL FROM first)
const rcptToResponse = await sendSmtpCommand(conn, 'RCPT TO:<newrecipient@example.com>');
assertMatch(rcptToResponse, /^503/, 'Should reject RCPT TO without MAIL FROM after RSET');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RSET clears transaction state requiring new MAIL FROM');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - handles multiple consecutive RSET commands',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
// Send multiple RSETs
const rset1 = await sendSmtpCommand(conn, 'RSET', '250');
assert(rset1.includes('250'), 'First RSET should succeed');
const rset2 = await sendSmtpCommand(conn, 'RSET', '250');
assert(rset2.includes('250'), 'Second RSET should succeed');
const rset3 = await sendSmtpCommand(conn, 'RSET', '250');
assert(rset3.includes('250'), 'Third RSET should succeed');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Multiple consecutive RSET commands work (idempotent)');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - works without active transaction',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send RSET without any transaction
const rsetResponse = await sendSmtpCommand(conn, 'RSET', '250');
assert(rsetResponse.includes('250'), 'RSET should work even without active transaction');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RSET works without active transaction');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - clears all recipients',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
// Add multiple recipients
await sendSmtpCommand(conn, 'RCPT TO:<recipient1@example.com>', '250');
await sendSmtpCommand(conn, 'RCPT TO:<recipient2@example.com>', '250');
await sendSmtpCommand(conn, 'RCPT TO:<recipient3@example.com>', '250');
// Send RSET
const rsetResponse = await sendSmtpCommand(conn, 'RSET', '250');
assert(rsetResponse.includes('250'), 'RSET should respond with 250 OK');
// After RSET, DATA should fail (no recipients)
const dataResponse = await sendSmtpCommand(conn, 'DATA');
assertMatch(dataResponse, /^503/, 'DATA should fail without recipients after RSET');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RSET clears all recipients from transaction');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: RSET - ignores parameters',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send RSET with parameters (should be ignored)
const rsetResponse = await sendSmtpCommand(conn, 'RSET ignored parameter', '250');
assert(rsetResponse.includes('250'), 'RSET should ignore parameters and respond with 250 OK');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RSET ignores parameters as per RFC');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'CMD-06: Cleanup - Stop SMTP server',
async fn() {
await stopTestServer(testServer);
},
sanitizeResources: false,
sanitizeOps: false,
});

289
test/suite/smtpserver_error-handling/test.err-01.syntax-errors.test.ts Normal file
View File

@@ -0,0 +1,289 @@
/**
* ERR-01: Syntax Error Handling Tests
* Tests SMTP server handling of syntax errors and malformed commands
*/
import { assert, assertMatch } from '@std/assert';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.ts';
import {
connectToSmtp,
waitForGreeting,
sendSmtpCommand,
readSmtpResponse,
closeSmtpConnection,
} from '../../helpers/utils.ts';
const TEST_PORT = 25261;
let testServer: ITestServer;
Deno.test({
name: 'ERR-01: Setup - Start SMTP server',
async fn() {
testServer = await startTestServer({ port: TEST_PORT });
assert(testServer, 'Test server should be created');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects invalid command',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send invalid command
const encoder = new TextEncoder();
await conn.write(encoder.encode('INVALID_COMMAND\r\n'));
const response = await readSmtpResponse(conn);
// RFC 5321: Should return 500 (syntax error) or 502 (command not implemented)
assertMatch(response, /^(500|502)/, 'Should reject invalid command with 500 or 502');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Invalid command rejected with appropriate error code');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects MAIL FROM without brackets',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send MAIL FROM without angle brackets
const encoder = new TextEncoder();
await conn.write(encoder.encode('MAIL FROM:test@example.com\r\n'));
const response = await readSmtpResponse(conn);
// Should return 501 (syntax error in parameters)
assertMatch(response, /^501/, 'Should reject MAIL FROM without brackets with 501');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ MAIL FROM without brackets rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects RCPT TO without brackets',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
// Send RCPT TO without angle brackets
const encoder = new TextEncoder();
await conn.write(encoder.encode('RCPT TO:recipient@example.com\r\n'));
const response = await readSmtpResponse(conn);
// Should return 501 (syntax error in parameters)
assertMatch(response, /^501/, 'Should reject RCPT TO without brackets with 501');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RCPT TO without brackets rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects EHLO without hostname',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send EHLO without hostname
const encoder = new TextEncoder();
await conn.write(encoder.encode('EHLO\r\n'));
const response = await readSmtpResponse(conn);
// Should return 501 (syntax error in parameters - missing domain)
assertMatch(response, /^501/, 'Should reject EHLO without hostname with 501');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ EHLO without hostname rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - handles commands with extra parameters',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send QUIT with extra parameters (QUIT doesn't take parameters)
const encoder = new TextEncoder();
await conn.write(encoder.encode('QUIT extra parameters\r\n'));
const response = await readSmtpResponse(conn);
// Some servers accept it (221), others reject it (501)
assertMatch(response, /^(221|501)/, 'Should either accept or reject QUIT with extra params');
console.log(`✓ QUIT with extra parameters handled: ${response.substring(0, 3)}`);
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects malformed email addresses',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send malformed email address
const encoder = new TextEncoder();
await conn.write(encoder.encode('MAIL FROM:<not an email>\r\n'));
const response = await readSmtpResponse(conn);
// Should return 501 (syntax error) or 553 (bad address)
assertMatch(response, /^(501|553)/, 'Should reject malformed email with 501 or 553');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Malformed email address rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - rejects commands in wrong sequence',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send DATA without MAIL FROM/RCPT TO
const encoder = new TextEncoder();
await conn.write(encoder.encode('DATA\r\n'));
const response = await readSmtpResponse(conn);
// Should return 503 (bad sequence of commands)
assertMatch(response, /^503/, 'Should reject DATA without setup with 503');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Commands in wrong sequence rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Syntax Errors - handles excessively long commands',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send EHLO with excessively long hostname
const longString = 'A'.repeat(1000);
const encoder = new TextEncoder();
await conn.write(encoder.encode(`EHLO ${longString}\r\n`));
const response = await readSmtpResponse(conn);
// Some servers accept long hostnames (250), others reject (500/501)
assertMatch(response, /^(250|500|501)/, 'Should handle long commands (accept or reject)');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log(`✓ Excessively long command handled: ${response.substring(0, 3)}`);
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-01: Cleanup - Stop SMTP server',
async fn() {
await stopTestServer(testServer);
},
sanitizeResources: false,
sanitizeOps: false,
});

303
test/suite/smtpserver_error-handling/test.err-02.invalid-sequence.test.ts Normal file
View File

@@ -0,0 +1,303 @@
/**
* ERR-02: Invalid Sequence Tests
* Tests SMTP server handling of commands in incorrect sequence
*/
import { assert, assertMatch } from '@std/assert';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.ts';
import {
connectToSmtp,
waitForGreeting,
sendSmtpCommand,
readSmtpResponse,
closeSmtpConnection,
} from '../../helpers/utils.ts';
const TEST_PORT = 25262;
let testServer: ITestServer;
Deno.test({
name: 'ERR-02: Setup - Start SMTP server',
async fn() {
testServer = await startTestServer({ port: TEST_PORT });
assert(testServer, 'Test server should be created');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - rejects MAIL FROM before EHLO',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send MAIL FROM without EHLO
const encoder = new TextEncoder();
await conn.write(encoder.encode('MAIL FROM:<test@example.com>\r\n'));
const response = await readSmtpResponse(conn);
// Should return 503 (bad sequence of commands)
assertMatch(response, /^503/, 'Should reject MAIL FROM before EHLO with 503');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ MAIL FROM before EHLO rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - rejects RCPT TO before MAIL FROM',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send RCPT TO without MAIL FROM
const encoder = new TextEncoder();
await conn.write(encoder.encode('RCPT TO:<test@example.com>\r\n'));
const response = await readSmtpResponse(conn);
// Should return 503 (bad sequence of commands)
assertMatch(response, /^503/, 'Should reject RCPT TO before MAIL FROM with 503');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ RCPT TO before MAIL FROM rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - rejects DATA before RCPT TO',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<test@example.com>', '250');
// Send DATA without RCPT TO
const encoder = new TextEncoder();
await conn.write(encoder.encode('DATA\r\n'));
const response = await readSmtpResponse(conn);
// RFC 5321: Should return 503 (bad sequence of commands)
assertMatch(response, /^503/, 'Should reject DATA before RCPT TO with 503');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ DATA before RCPT TO rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - allows multiple EHLO commands',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
// Send multiple EHLO commands
const response1 = await sendSmtpCommand(conn, 'EHLO test1.example.com', '250');
assert(response1.includes('250'), 'First EHLO should succeed');
const response2 = await sendSmtpCommand(conn, 'EHLO test2.example.com', '250');
assert(response2.includes('250'), 'Second EHLO should succeed');
const response3 = await sendSmtpCommand(conn, 'EHLO test3.example.com', '250');
assert(response3.includes('250'), 'Third EHLO should succeed');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Multiple EHLO commands allowed');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - rejects second MAIL FROM without RSET',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender1@example.com>', '250');
// Send second MAIL FROM without RSET
const encoder = new TextEncoder();
await conn.write(encoder.encode('MAIL FROM:<sender2@example.com>\r\n'));
const response = await readSmtpResponse(conn);
// Should return 503 (bad sequence) or 250 (some implementations allow overwrite)
assertMatch(response, /^(503|250)/, 'Should handle second MAIL FROM');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log(`✓ Second MAIL FROM handled: ${response.substring(0, 3)}`);
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - rejects DATA without MAIL FROM',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Send DATA without MAIL FROM
const encoder = new TextEncoder();
await conn.write(encoder.encode('DATA\r\n'));
const response = await readSmtpResponse(conn);
// Should return 503 (bad sequence of commands)
assertMatch(response, /^503/, 'Should reject DATA without MAIL FROM with 503');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ DATA without MAIL FROM rejected');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - handles commands after QUIT',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'QUIT', '221');
// Try to send command after QUIT
const encoder = new TextEncoder();
let writeSucceeded = false;
try {
await conn.write(encoder.encode('EHLO test.example.com\r\n'));
writeSucceeded = true;
// If write succeeded, wait to see if we get a response (we shouldn't)
await new Promise((resolve) => setTimeout(resolve, 500));
} catch {
// Write failed - connection already closed (expected)
}
// Either write failed or no response received after QUIT (both acceptable)
assert(true, 'Commands after QUIT handled correctly');
console.log(`✓ Commands after QUIT handled (write ${writeSucceeded ? 'succeeded but ignored' : 'failed'})`);
} finally {
try {
conn.close();
} catch {
// Already closed
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Invalid Sequence - recovers from syntax error in sequence',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
// Send RCPT TO with wrong syntax (missing brackets)
const encoder = new TextEncoder();
await conn.write(encoder.encode('RCPT TO:recipient@example.com\r\n'));
const badResponse = await readSmtpResponse(conn);
assertMatch(badResponse, /^501/, 'Should reject RCPT TO without brackets with 501');
// Now send valid RCPT TO (session should still be valid)
const goodResponse = await sendSmtpCommand(conn, 'RCPT TO:<recipient@example.com>', '250');
assert(goodResponse.includes('250'), 'Should accept valid RCPT TO after syntax error');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Session recovered from syntax error');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'ERR-02: Cleanup - Stop SMTP server',
async fn() {
await stopTestServer(testServer);
},
sanitizeResources: false,
sanitizeOps: false,
});

222
test/suite/smtpserver_security/test.sec-06.ip-reputation.test.ts Normal file
View File

@@ -0,0 +1,222 @@
/**
* SEC-06: IP Reputation Tests
* Tests SMTP server IP reputation checking infrastructure
*
* NOTE: Current implementation uses placeholder IP reputation checker
* that accepts all connections. These tests verify the infrastructure
* is in place and working correctly with legitimate traffic.
*/
import { assert, assertEquals } from '@std/assert';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.ts';
import {
connectToSmtp,
waitForGreeting,
sendSmtpCommand,
closeSmtpConnection,
} from '../../helpers/utils.ts';
const TEST_PORT = 25260;
let testServer: ITestServer;
Deno.test({
name: 'SEC-06: Setup - Start SMTP server',
async fn() {
testServer = await startTestServer({ port: TEST_PORT });
assert(testServer, 'Test server should be created');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: IP Reputation - accepts localhost connections',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
// IP reputation check should pass for localhost
const greeting = await waitForGreeting(conn);
assert(greeting.includes('220'), 'Should receive greeting after IP reputation check');
await sendSmtpCommand(conn, 'EHLO localhost', '250');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ IP reputation check passed for localhost');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: IP Reputation - accepts known good sender',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
// Legitimate sender should be accepted
const mailFromResponse = await sendSmtpCommand(conn, 'MAIL FROM:<test@example.com>', '250');
assert(mailFromResponse.includes('250'), 'Should accept legitimate sender');
// Legitimate recipient should be accepted
const rcptToResponse = await sendSmtpCommand(conn, 'RCPT TO:<recipient@example.com>', '250');
assert(rcptToResponse.includes('250'), 'Should accept legitimate recipient');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Known good sender accepted - IP reputation allows legitimate traffic');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: IP Reputation - handles multiple connections from same IP',
async fn() {
const connections: Deno.Conn[] = [];
const connectionResults: Promise<void>[] = [];
const totalConnections = 3;
// Create multiple connections rapidly
for (let i = 0; i < totalConnections; i++) {
const connectionPromise = (async () => {
try {
const conn = await connectToSmtp('localhost', TEST_PORT);
connections.push(conn);
// Wait for greeting
const greeting = await waitForGreeting(conn);
assert(greeting.includes('220'), `Connection ${i + 1} should receive greeting`);
// Send EHLO
const ehloResponse = await sendSmtpCommand(conn, 'EHLO testclient', '250');
assert(ehloResponse.includes('250'), `Connection ${i + 1} should accept EHLO`);
// Graceful quit
await sendSmtpCommand(conn, 'QUIT', '221');
console.log(`✓ Connection ${i + 1} completed successfully`);
} catch (err: any) {
console.error(`Connection ${i + 1} error:`, err.message);
throw err;
}
})();
connectionResults.push(connectionPromise);
// Small delay between connections
if (i < totalConnections - 1) {
await new Promise(resolve => setTimeout(resolve, 100));
}
}
// Wait for all connections to complete
await Promise.all(connectionResults);
// Clean up all connections
for (const conn of connections) {
try {
conn.close();
} catch {
// Already closed
}
}
console.log('✓ All connections from same IP handled successfully');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: IP Reputation - complete SMTP flow with reputation check',
async fn() {
const conn = await connectToSmtp('localhost', TEST_PORT);
try {
// Full SMTP transaction should work after IP reputation check
await waitForGreeting(conn);
await sendSmtpCommand(conn, 'EHLO test.example.com', '250');
await sendSmtpCommand(conn, 'MAIL FROM:<sender@example.com>', '250');
await sendSmtpCommand(conn, 'RCPT TO:<recipient@example.com>', '250');
// Send DATA
await sendSmtpCommand(conn, 'DATA', '354');
// Send email content
const encoder = new TextEncoder();
const emailContent = `Subject: IP Reputation Test\r\nFrom: sender@example.com\r\nTo: recipient@example.com\r\n\r\nThis email tests IP reputation checking.\r\n`;
await conn.write(encoder.encode(emailContent));
await conn.write(encoder.encode('.\r\n'));
// Should receive acceptance
const decoder = new TextDecoder();
const responseBuffer = new Uint8Array(1024);
const bytesRead = await conn.read(responseBuffer);
const response = decoder.decode(responseBuffer.subarray(0, bytesRead || 0));
assert(response.includes('250'), 'Should accept email after IP reputation check');
await sendSmtpCommand(conn, 'QUIT', '221');
console.log('✓ Complete SMTP flow works with IP reputation infrastructure');
} finally {
try {
conn.close();
} catch {
// Ignore
}
}
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: IP Reputation - infrastructure placeholder test',
async fn() {
// This test documents that IP reputation checking is currently a placeholder
// Future implementations should:
// 1. Check against real IP reputation databases
// 2. Reject connections from blacklisted IPs
// 3. Detect suspicious hostnames
// 4. Identify spam patterns
// 5. Apply rate limiting based on reputation score
console.log(' IP Reputation Infrastructure Status:');
console.log(' - IPReputationChecker class exists');
console.log(' - Currently returns placeholder data (score: 100, not blacklisted)');
console.log(' - Infrastructure is in place for future implementation');
console.log(' - Tests verify legitimate traffic is accepted');
assert(true, 'Infrastructure test passed');
},
sanitizeResources: false,
sanitizeOps: false,
});
Deno.test({
name: 'SEC-06: Cleanup - Stop SMTP server',
async fn() {
await stopTestServer(testServer);
},
sanitizeResources: false,
sanitizeOps: false,
});