git » chasquid » commit a83dae1

smtpsrv: Flag to disable incoming DomainInfo rejection

author Alberto Bertogli
2024-11-11 21:52:48 UTC
committer Alberto Bertogli
2024-11-11 21:52:48 UTC
parent 41bb7b6f5eb52f18b9fd5d4270234135ebd4ab96
smtpsrv: Flag to disable incoming DomainInfo rejection

This flag makes us never reject incoming mail based on DomainInfo
checks, effectively turning the check into a warning.

This can be useful for situations where it's better to accept insecure
email than to reject it.
internal/smtpsrv/conn.go +13 -0 
diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index 8073f28..124c403 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -72,6 +72,14 @@ var (
 	maxReceivedHeaders = flag.Int("testing__max_received_headers", 50,
 		"max Received headers, for loop detection; ONLY FOR TESTING")
 
+	// Disable incoming domain info rejection. This is insecure, as it allows
+	// connection downgrading attacks.
+	// This flag is experimental and likely to be either removed, or replaced
+	// by a config option.
+	disableDomainInfoIncomingRejection = flag.Bool(
+		"insecure__disable_domain_info_incoming_rejection", false,
+		"disable rejection based on incoming domain info checks; INSECURE")
+
 	// Some go tests disable SPF, to avoid leaking DNS lookups.
 	disableSPFForTesting = false
 )
@@ -559,6 +567,11 @@ func (c *Conn) secLevelCheck(addr string) bool {
 		c.tr.Errorf("security level check for %s failed (%s)", domain, level)
 	}
 
+	if *disableDomainInfoIncomingRejection {
+		c.tr.Debugf("DomainInfo incoming rejection disabled, accepting mail")
+		return true
+	}
+
 	return ok
 }