// Copyright 2000-2005 the Contributors, as shown in the revision logs. // Licensed under the Apache Public Source License 2.0 ("the License"). // You may not use this file except in compliance with the License. package org.ibex.mail; import org.ibex.mail.target.*; import org.ibex.util.*; import org.ibex.net.*; import org.ibex.io.*; import java.net.*; import java.io.*; import java.util.*; import java.text.*; import javax.naming.*; import javax.naming.directory.*; // FIXME: inbound throttling/ratelimiting // "Address enumeration detection" -- notice when it looks like somebody // is trying a raft of addresses. // RFC's implemented // RFC2554: SMTP Service Extension for Authentication // - did not implement section 5, though // RFC4616: SASL PLAIN // Note: we can't actually use status codes for feedback if we accept // multiple destination addresses... a failure on one and success on // the other... // FIXME: logging: current logging sucks // FIXME: loop prevention // FIXME: probably need some throttling on outbound mail // FEATURE: public static boolean validate(Address a) // FEATURE: rate-limiting // FEATURE: infer messageid, date, if not present (?) // FEATURE: exponential backoff on retry time? // FEATURE: RFC2822, section 4.5.1: special "postmaster" address // FEATURE: RFC2822, section 4.5.4.1: retry strategies // FEATURE: RFC2822, section 5, multiple MX records, preferences, ordering // FEATURE: RFC2822, end of 4.1.2: backslashes in headers public class SMTP { public static final SimpleDateFormat dateFormat = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z"); public static final int numOutgoingThreads = 5; private static final SqliteMailbox allmail = (SqliteMailbox)FileBasedMailbox .getFileBasedMailbox("/afs/megacz.com/mail/user/megacz/allmail", false); public static final int GRAYLIST_MINWAIT = 1000 * 60 * 60; // one hour public static final int GRAYLIST_MAXWAIT = 1000 * 60 * 60 * 24 * 5; // five days public static final int RETRY_TIME = 1000 * 60 * 30; public static final Graylist graylist; public static final Whitelist whitelist; static { try { graylist = new Graylist(Mailbox.STORAGE_ROOT+"/db/graylist.sqlite"); whitelist = new Whitelist(Mailbox.STORAGE_ROOT+"/db/whitelist.sqlite"); } catch (Exception e) { throw new RuntimeException(e); } } public static final int MAX_MESSAGE_SIZE = Integer.parseInt(System.getProperty("org.ibex.mail.smtp.maxMessageSize", "-1")); private static final Mailbox spool = FileBasedMailbox.getFileBasedMailbox(Mailbox.STORAGE_ROOT,false).slash("spool",true).slash("smtp",true).getMailbox(); static { for(int i=0; i") ? null : new Address(command); conn.println("250 " + from + " is syntactically correct"); // Don't perform SAV; discouraged here // http://blog.fastmail.fm/2007/12/05/sending-email-servers-best-practice/ } else if (c.startsWith("RCPT TO:")) { // some clients are broken and put RCPT first; we will tolerate this command = command.substring(8).trim(); if(command.indexOf(' ') != -1) command = command.substring(0, command.indexOf(' ')); Address addr = new Address(command); if (conn.getRemoteAddress().isLoopbackAddress() || (from!=null&&from.toString().indexOf("johnw")!=-1)) { conn.println("250 you are connected locally, so I will let you send"); to.addElement(addr); if (!whitelist.isWhitelisted(addr)) whitelist.addWhitelist(addr); } else if (authenticatedAs!=null) { conn.println("250 you are authenticated as "+authenticatedAs+", so I will let you send"); to.addElement(addr); if (!whitelist.isWhitelisted(addr)) whitelist.addWhitelist(addr); } else if (addr.isLocal()) { if (to.size() > 3) { conn.println("536 sorry, limit on 3 RCPT TO's per DATA"); } else { // FEATURE: should check the address further and give 550 if undeliverable conn.println("250 " + addr + " is on this machine; I will deliver it"); to.addElement(addr); } } else { conn.println("535 sorry, " + addr + " is not on this machine, you are not connected from localhost, and I will not relay without SMTP AUTH"); Log.warn("","535 sorry, " + addr + " is not on this machine, you are not connected from localhost, and I will not relay without SMTP AUTH"); failedRcptCount++; if (failedRcptCount > 3) { conn.close(); return; } } conn.flush(); } else if (c.startsWith("DATA")) { //if (from == null) { conn.println("503 MAIL FROM command must precede DATA"); continue; } if (to == null || to.size()==0) { conn.println("503 RCPT TO command must precede DATA"); continue; } if (!graylist.isWhitelisted(conn.getRemoteAddress()) && !conn.getRemoteAddress().isLoopbackAddress() && authenticatedAs==null) { long when = graylist.getGrayListTimestamp(conn.getRemoteAddress(), from+"", to+""); if (when == 0 || System.currentTimeMillis() - when > GRAYLIST_MAXWAIT) { graylist.setGrayListTimestamp(conn.getRemoteAddress(), from+"", to+"", System.currentTimeMillis()); conn.println("451 you are graylisted; please try back in one hour to be whitelisted"); Log.warn(conn.getRemoteAddress().toString(), "451 you are graylisted; please try back in one hour to be whitelisted"); conn.flush(); continue; } else if (System.currentTimeMillis() - when > GRAYLIST_MINWAIT) { graylist.addWhitelist(conn.getRemoteAddress()); conn.println("354 (you have been whitelisted) Enter message, ending with \".\" on a line by itself"); Log.warn(conn.getRemoteAddress().toString(), "has been whitelisted"); } else { conn.println("451 you are still graylisted (since "+new java.util.Date(when)+")"); conn.flush(); Log.warn(conn.getRemoteAddress().toString(), "451 you are still graylisted (since "+new java.util.Date(when)+")"); continue; } } else { conn.println("354 Enter message, ending with \".\" on a line by itself"); } conn.flush(); try { // FIXME: deal with messages larger than memory here? StringBuffer buf = new StringBuffer(); buf.append("Received: from " + conn.getRemoteHostname() + " (" + remotehost + ")\r\n"); buf.append(" by "+conn.vhost+" ("+SMTP.class.getName()+") with "+(ehlo?"ESMTP":"SMTP") + "\r\n"); buf.append(" for "); // FIXME: this is leaking BCC addrs // for(int i=0; i MAX_MESSAGE_SIZE && (from+"").indexOf("paperless")==-1) { Log.error("**"+conn.getRemoteAddress()+"**", "sorry, this mail server only accepts messages of less than " + ByteSize.toString(MAX_MESSAGE_SIZE)); throw new MailException.Malformed("sorry, this mail server only accepts messages of less than " + ByteSize.toString(MAX_MESSAGE_SIZE)); } } String message = buf.toString(); Message m = null; for(int i=0; i 100) { // required by rfc Log.warn(SMTP.Outgoing.class, "Message with " + lines + " trace hops; dropping\n" + m.summary()); return; } } synchronized(Outgoing.class) { spool.insert(m, Mailbox.Flag.defaultFlags); Outgoing.class.notifyAll(); } } public static boolean attempt(Message m) throws IOException { return attempt(m, false); } public static boolean attempt(Message m, boolean noBounces) throws IOException { if (m.envelopeTo == null) { Log.warn(SMTP.Outgoing.class, "aieeee, null envelopeTo: " + m.summary()); return false; } InetAddress[] mx = getMailExchangerIPs(m.envelopeTo.host); if (mx.length == 0) { if (!noBounces) { enqueue(m.bounce("could not resolve " + m.envelopeTo.host)); return true; } else { Log.warn(SMTP.Outgoing.class, "could not resolve " + m.envelopeTo.host); return false; } } if (new Date().getTime() - m.arrival.getTime() > 1000 * 60 * 60 * 24 * 5) { if (!noBounces) { enqueue(m.bounce("could not send for 5 days")); return true; } else { Log.warn(SMTP.Outgoing.class, "could not send for 5 days: " + m.summary()); return false; } } for(int i=0; i 3 && s.charAt(3) == '-') s = conn.readln(); //if (s.startsWith("4")||s.startsWith("5")) throw new SMTPException(s); if (!s.startsWith("2")&&!s.startsWith("3")) throw new SMTPException(s); } private static boolean attempt(final Message m, final InetAddress mx) { boolean accepted = false; Connection conn = null; try { conn = new Connection(new Socket(mx, 25), InetAddress.getLocalHost().getHostName()); InetAddress localAddress = conn.getSocket().getLocalAddress(); String reverse = DNSUtil.reverseLookup(localAddress); Log.info(SMTP.Outgoing.class, "outbound connection to " + mx + " uses " + localAddress + " [reverse: " + reverse + "]"); InetAddress relookup = InetAddress.getByName(reverse); if (!relookup.equals(localAddress)) Log.error(SMTP.Outgoing.class, "Warning: local machine fails forward-confirmed-reverse; " + reverse + " resolves to " + localAddress); conn.setNewline("\r\n"); conn.setTimeout(60 * 1000); check(conn.readln(), conn); // banner try { conn.println("EHLO " + reverse); check(conn.readln(), conn); } catch (SMTPException smtpe) { conn.println("HELO " + reverse); check(conn.readln(), conn); } String envelopeFrom = m.envelopeFrom==null ? "" : m.envelopeFrom.toString(); conn.println("MAIL FROM:<" + envelopeFrom +">"); check(conn.readln(), conn); conn.println("RCPT TO:<" + m.envelopeTo.toString()+">"); check(conn.readln(), conn); conn.println("DATA"); check(conn.readln(), conn); Headers head = new Headers(m.headers, new String[] { "return-path", null, "bcc", null }); Stream stream = head.getStream(); for(String s = stream.readln(); s!=null; s=stream.readln()) { if (s.startsWith(".")) conn.print("."); conn.println(s); } conn.println(""); stream = m.getBody().getStream(); for(String s = stream.readln(); s!=null; s=stream.readln()) { if (s.startsWith(".")) conn.print("."); conn.println(s); } conn.println("."); String resp = conn.readln(); if (resp == null) throw new SMTPException("server " + mx + " closed connection without accepting message"); check(resp, conn); Log.warn(SMTP.Outgoing.class, "success: " + mx + " accepted " + m.summary() + "\n["+resp+"]"); accepted = true; conn.close(); } catch (SMTPException e) { if (accepted) return true; Log.warn(SMTP.Outgoing.class, " unable to send; error=" + e); Log.warn(SMTP.Outgoing.class, " message: " + m.summary()); Log.warn(SMTP.Outgoing.class, e); /* // FIXME: we should not be bouncing here! if (e.code >= 500 && e.code <= 599) { try { attempt(m.bounce("unable to deliver: " + e), true); } catch (Exception ex) { Log.error(SMTP.Outgoing.class, "exception while trying to deliver bounce; giving up completely"); Log.error(SMTP.Outgoing.class, ex); } return true; } */ return false; } catch (Exception e) { if (accepted) return true; Log.warn(SMTP.Outgoing.class, " unable to send; error=" + e); Log.warn(SMTP.Outgoing.class, " message: " + m.summary()); Log.warn(SMTP.Outgoing.class, e); //if (conn != null) Log.warn(SMTP.Outgoing.class, conn.dumpLog()); return false; } finally { if (conn != null) conn.close(); } return accepted; } private static HashSet threads = new HashSet(); private static int serials = 1; private int serial = serials++; private Mailbox.Iterator it; private static Map nextTry = Collections.synchronizedMap(new HashMap()); public Outgoing() { synchronized(Outgoing.class) { threads.add(this); } } public void wake() { int count = spool.count(Query.all()); Log.info(SMTP.Outgoing.class, "outgoing thread #"+serial+" woke up; " + count + " messages to send"); try { while(true) { boolean good = false; synchronized(Outgoing.class) { it = spool.iterator(); OUTER: for(; it.next(); ) { for(Outgoing o : threads) if (o!=this && o.it != null && o.it.uid()==it.uid()) continue OUTER; good = true; break; } } if (!good) break; try { String messageid = it.cur().messageid; if (nextTry.get(messageid) == null || System.currentTimeMillis() > nextTry.get(messageid)) { boolean ok = attempt(it.cur()); if (ok) it.delete(); else nextTry.put(messageid, System.currentTimeMillis() + RETRY_TIME); } } catch (Exception e) { Log.error(SMTP.Outgoing.class, e); } Log.info(this, "sleeping for 3s..."); Thread.sleep(3000); } } catch (Exception e) { //if (e instanceof InterruptedException) throw e; Log.error(SMTP.Outgoing.class, e); } Log.info(SMTP.Outgoing.class, "outgoing thread #"+serial+" going back to sleep"); it = null; } public void run() { try { while(true) { Log.setThreadAnnotation("[outgoing #"+serial+"] "); wake(); Thread.sleep(1000); synchronized(Outgoing.class) { Outgoing.class.wait(5 * 60 * 1000); } } } catch (InterruptedException e) { Log.warn(this, e); } } } public static InetAddress[] getMailExchangerIPs(String hostName) { InetAddress[] ret; try { Hashtable env = new Hashtable(); env.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory"); DirContext ictx = new InitialDirContext(env); Attributes attrs = ictx.getAttributes(hostName, new String[] { "MX" }); Attribute attr = attrs.get("MX"); if (attr == null) { ret = new InetAddress[1]; try { ret[0] = InetAddress.getByName(hostName); if (ret[0].equals(IP.getIP(127,0,0,1)) || ret[0].isLoopbackAddress()) throw new UnknownHostException(); return ret; } catch (UnknownHostException uhe) { Log.warn(SMTP.class, "no MX hosts or A record for " + hostName); return new InetAddress[0]; } } else { ret = new InetAddress[attr.size()]; NamingEnumeration ne = attr.getAll(); for(int i=0; ne.hasMore();) { String mx = (String)ne.next(); // FIXME we should be sorting here mx = mx.substring(mx.indexOf(" ") + 1); if (mx.charAt(mx.length() - 1) == '.') mx = mx.substring(0, mx.length() - 1); InetAddress ia = InetAddress.getByName(mx); if (ia.equals(IP.getIP(127,0,0,1)) || ia.isLoopbackAddress()) continue; ret[i++] = ia; } } } catch (Exception e) { Log.warn(SMTP.class, "couldn't find MX host for " + hostName + " due to"); Log.warn(SMTP.class, e); return new InetAddress[0]; } return ret; } }