1// Package smtpclient is an SMTP client, used by the queue for sending outgoing messages.

2package smtpclient

4import (

5 "bufio"

6 "context"

7 "crypto/tls"

8 "encoding/base64"

9 "errors"

10 "fmt"

11 "io"

12 "net"

13 "strconv"

14 "strings"

15 "time"

17 "github.com/prometheus/client_golang/prometheus"

18 "github.com/prometheus/client_golang/prometheus/promauto"

20 "github.com/mjl-/mox/dns"

21 "github.com/mjl-/mox/metrics"

22 "github.com/mjl-/mox/mlog"

23 "github.com/mjl-/mox/mox-"

24 "github.com/mjl-/mox/moxio"

25 "github.com/mjl-/mox/sasl"

26 "github.com/mjl-/mox/smtp"

27)

29// todo future: add function to deliver message to multiple recipients. requires more elaborate return value, indicating success per message: some recipients may succeed, others may fail, and we should still deliver. to prevent backscatter, we also sometimes don't allow multiple recipients. ../rfc/5321:1144

31var (

32 metricCommands = promauto.NewHistogramVec(

33 prometheus.HistogramOpts{

34 Name: "mox_smtpclient_command_duration_seconds",

35 Help: "SMTP client command duration and result codes in seconds.",

36 Buckets: []float64{0.001, 0.005, 0.01, 0.05, 0.100, 0.5, 1, 5, 10, 20, 30, 60, 120},

37 },

38 []string{

39 "cmd",

40 "code",

41 "secode",

42 },

43 )

44)

46var (

47 ErrSize = errors.New("message too large for remote smtp server") // SMTP server announced a maximum message size and the message to be delivered exceeds it.

48 Err8bitmimeUnsupported = errors.New("remote smtp server does not implement 8bitmime extension, required by message")

49 ErrSMTPUTF8Unsupported = errors.New("remote smtp server does not implement smtputf8 extension, required by message")

50 ErrStatus = errors.New("remote smtp server sent unexpected response status code") // Relatively common, e.g. when a 250 OK was expected and server sent 451 temporary error.

51 ErrProtocol = errors.New("smtp protocol error") // After a malformed SMTP response or inconsistent multi-line response.

52 ErrTLS = errors.New("tls error") // E.g. handshake failure, or hostname validation was required and failed.

53 ErrBotched = errors.New("smtp connection is botched") // Set on a client, and returned for new operations, after an i/o error or malformed SMTP response.

54 ErrClosed = errors.New("client is closed")

55)

57// TLSMode indicates if TLS must, should or must not be used.

58type TLSMode string

60const (

61 // TLS with STARTTLS for MX SMTP servers, with validated certificate is required: matching name, not expired, trusted by CA.

62 TLSStrictStartTLS TLSMode = "strictstarttls"

64 // TLS immediately ("implicit TLS"), with validated certificate is required: matching name, not expired, trusted by CA.

65 TLSStrictImmediate TLSMode = "strictimmediate"

67 // Use TLS if remote claims to support it, but do not validate the certificate

68 // (not trusted by CA, different host name or expired certificate is accepted).

69 TLSOpportunistic TLSMode = "opportunistic"

71 // TLS must not be attempted, e.g. due to earlier TLS handshake error.

72 TLSSkip TLSMode = "skip"

73)

75// Client is an SMTP client that can deliver messages to a mail server.

76//

77// Use New to make a new client.

78type Client struct {

79 // OrigConn is the original (TCP) connection. We'll read from/write to conn, which

80 // can be wrapped in a tls.Client. We close origConn instead of conn because

81 // closing the TLS connection would send a TLS close notification, which may block

82 // for 5s if the server isn't reading it (because it is also sending it).

83 origConn net.Conn

84 conn net.Conn

86 r *bufio.Reader

87 w *bufio.Writer

88 tr *moxio.TraceReader // Kept for changing trace levels between cmd/auth/data.

89 tw *moxio.TraceWriter

90 log *mlog.Log

91 lastlog time.Time // For adding delta timestamps between log lines.

92 cmds []string // Last or active command, for generating errors and metrics.

93 cmdStart time.Time // Start of command.

95 botched bool // If set, protocol is out of sync and no further commands can be sent.

96 needRset bool // If set, a new delivery requires an RSET command.

98 extEcodes bool // Remote server supports sending extended error codes.

99 extStartTLS bool // Remote server supports STARTTLS.

100 ext8bitmime bool

101 extSize bool // Remote server supports SIZE parameter.

102 maxSize int64 // Max size of email message.

103 extPipelining bool // Remote server supports command pipelining.

104 extSMTPUTF8 bool // Remote server supports SMTPUTF8 extension.

105 extAuthMechanisms []string // Supported authentication mechanisms.

106}

107

108// Error represents a failure to deliver a message.

109//

110// Code, Secode, Command and Line are only set for SMTP-level errors, and are zero

111// values otherwise.

112type Error struct {

113 // Whether failure is permanent, typically because of 5xx response.

114 Permanent bool

115 // SMTP response status, e.g. 2xx for success, 4xx for transient error and 5xx for

116 // permanent failure.

117 Code int

118 // Short enhanced status, minus first digit and dot. Can be empty, e.g. for io

119 // errors or if remote does not send enhanced status codes. If remote responds with

120 // "550 5.7.1 ...", the Secode will be "7.1".

121 Secode string

122 // SMTP command causing failure.

123 Command string

124 // For errors due to SMTP responses, the full SMTP line excluding CRLF that caused

125 // the error. Typically the last line read.

126 Line string

127 // Underlying error, e.g. one of the Err variables in this package, or io errors.

128 Err error

129}

130

131// Unwrap returns the underlying Err.

132func (e Error) Unwrap() error {

133 return e.Err

134}

135

136// Error returns a readable error string.

137func (e Error) Error() string {

138 s := ""

139 if e.Err != nil {

140 s = e.Err.Error() + ", "

141 }

142 if e.Permanent {

143 s += "permanent"

144 } else {

145 s += "transient"

146 }

147 if e.Line != "" {

148 s += ": " + e.Line

149 }

150 return s

151}

152

153// New initializes an SMTP session on the given connection, returning a client that

154// can be used to deliver messages.

155//

156// New optionally starts TLS (for submission), reads the server greeting,

157// identifies itself with a HELO or EHLO command, initializes TLS with STARTTLS if

158// remote supports it and optionally authenticates. If successful, a client is

159// returned on which eventually Close must be called. Otherwise an error is

160// returned and the caller is responsible for closing the connection.

161//

162// Connecting to the correct host is outside the scope of the client. The queue

163// managing outgoing messages decides which host to deliver to, taking multiple MX

164// records with preferences, other DNS records, MTA-STS, retries and special

165// cases into account.

166//

167// tlsMode indicates if TLS is required, optional or should not be used. A

168// certificate is only validated (trusted, match remoteHostname and not expired)

169// for the strict tls modes. By default, SMTP does not verify TLS for

170// interopability reasons, but MTA-STS or DANE can require it. If opportunistic TLS

171// is used, and a TLS error is encountered, the caller may want to try again (on a

172// new connection) without TLS.

173//

174// If auth is non-empty, authentication will be done with the first algorithm

175// supported by the server. If none of the algorithms are supported, an error is

176// returned.

177func New(ctx context.Context, log *mlog.Log, conn net.Conn, tlsMode TLSMode, ourHostname, remoteHostname dns.Domain, auth []sasl.Client) (*Client, error) {

178 c := &Client{

179 origConn: conn,

180 lastlog: time.Now(),

181 cmds: []string{"(none)"},

182 }

183 c.log = log.Fields(mlog.Field("smtpclient", "")).MoreFields(func() []mlog.Pair {

184 now := time.Now()

185 l := []mlog.Pair{

186 mlog.Field("delta", now.Sub(c.lastlog)),

187 }

188 c.lastlog = now

189 return l

190 })

191

192 if tlsMode == TLSStrictImmediate {

193 tlsconfig := tls.Config{

194 ServerName: remoteHostname.ASCII,

195 RootCAs: mox.Conf.Static.TLS.CertPool,

196 MinVersion: tls.VersionTLS12, // ../rfc/8996:31 ../rfc/8997:66

197 }

198 tlsconn := tls.Client(conn, &tlsconfig)

199 if err := tlsconn.HandshakeContext(ctx); err != nil {

200 return nil, err

201 }

202 c.conn = tlsconn

203 tlsversion, ciphersuite := mox.TLSInfo(tlsconn)

204 c.log.Debug("tls client handshake done", mlog.Field("tls", tlsversion), mlog.Field("ciphersuite", ciphersuite), mlog.Field("servername", remoteHostname))

205 } else {

206 c.conn = conn

207 }

208

209 // We don't wrap reads in a timeoutReader for fear of an optional TLS wrapper doing

210 // reads without the client asking for it. Such reads could result in a timeout

211 // error.

212 c.tr = moxio.NewTraceReader(c.log, "RS: ", c.conn)

213 c.r = bufio.NewReader(c.tr)

214 // We use a single write timeout of 30 seconds.

215 // todo future: use different timeouts ../rfc/5321:3610

216 c.tw = moxio.NewTraceWriter(c.log, "LC: ", timeoutWriter{c.conn, 30 * time.Second, c.log})

217 c.w = bufio.NewWriter(c.tw)

218

219 if err := c.hello(ctx, tlsMode, ourHostname, remoteHostname, auth); err != nil {

220 return nil, err

221 }

222 return c, nil

223}

224

225// xbotchf generates a temporary error and marks the client as botched. e.g. for

226// i/o errors or invalid protocol messages.

227func (c *Client) xbotchf(code int, secode string, lastLine, format string, args ...any) {

228 panic(c.botchf(code, secode, lastLine, format, args...))

229}

230

231// botchf generates a temporary error and marks the client as botched. e.g. for

232// i/o errors or invalid protocol messages.

233func (c *Client) botchf(code int, secode string, lastLine, format string, args ...any) error {

234 c.botched = true

235 return c.errorf(false, code, secode, lastLine, format, args...)

236}

237

238func (c *Client) errorf(permanent bool, code int, secode, lastLine, format string, args ...any) error {

239 var cmd string

240 if len(c.cmds) > 0 {

241 cmd = c.cmds[0]

242 }

243 return Error{permanent, code, secode, cmd, lastLine, fmt.Errorf(format, args...)}

244}

245

246func (c *Client) xerrorf(permanent bool, code int, secode, lastLine, format string, args ...any) {

247 panic(c.errorf(permanent, code, secode, lastLine, format, args...))

248}

249

250// timeoutWriter passes each Write on to conn after setting a write deadline on conn based on

251// timeout.

252type timeoutWriter struct {

253 conn net.Conn

254 timeout time.Duration

255 log *mlog.Log

256}

257

258func (w timeoutWriter) Write(buf []byte) (int, error) {

259 if err := w.conn.SetWriteDeadline(time.Now().Add(w.timeout)); err != nil {

260 w.log.Errorx("setting write deadline", err)

261 }

262

263 return w.conn.Write(buf)

264}

265

266var bufs = moxio.NewBufpool(8, 2*1024)

267

268func (c *Client) readline() (string, error) {

269 // todo: could have per-operation timeouts. and rfc suggests higher minimum timeouts. ../rfc/5321:3610

270 if err := c.conn.SetReadDeadline(time.Now().Add(30 * time.Second)); err != nil {

271 c.log.Errorx("setting read deadline", err)

272 }

273

274 line, err := bufs.Readline(c.r)

275 if err != nil {

276 return line, c.botchf(0, "", "", "%s: %w", strings.Join(c.cmds, ","), err)

277 }

278 return line, nil

279}

280

281func (c *Client) xtrace(level mlog.Level) func() {

282 c.xflush()

283 c.tr.SetTrace(level)

284 c.tw.SetTrace(level)

285 return func() {

286 c.xflush()

287 c.tr.SetTrace(mlog.LevelTrace)

288 c.tw.SetTrace(mlog.LevelTrace)

289 }

290}

291

292func (c *Client) xwritelinef(format string, args ...any) {

293 c.xbwritelinef(format, args...)

294 c.xflush()

295}

296

297func (c *Client) xwriteline(line string) {

298 c.xbwriteline(line)

299 c.xflush()

300}

301

302func (c *Client) xbwritelinef(format string, args ...any) {

303 c.xbwriteline(fmt.Sprintf(format, args...))

304}

305

306func (c *Client) xbwriteline(line string) {

307 _, err := fmt.Fprintf(c.w, "%s\r\n", line)

308 if err != nil {

309 c.xbotchf(0, "", "", "write: %w", err)

310 }

311}

312

313func (c *Client) xflush() {

314 err := c.w.Flush()

315 if err != nil {

316 c.xbotchf(0, "", "", "writes: %w", err)

317 }

318}

319

320// read response, possibly multiline, with supporting extended codes based on configuration in client.

321func (c *Client) xread() (code int, secode, lastLine string, texts []string) {

322 var err error

323 code, secode, lastLine, texts, err = c.read()

324 if err != nil {

325 panic(err)

326 }

327 return

328}

329

330func (c *Client) read() (code int, secode, lastLine string, texts []string, rerr error) {

331 return c.readecode(c.extEcodes)

332}

333

334// read response, possibly multiline.

335// if ecodes, extended codes are parsed.

336func (c *Client) readecode(ecodes bool) (code int, secode, lastLine string, texts []string, rerr error) {

337 for {

338 co, sec, text, line, last, err := c.read1(ecodes)

339 if err != nil {

340 rerr = err

341 return

342 }

343 texts = append(texts, text)

344 if code != 0 && co != code {

345 // ../rfc/5321:2771

346 err := c.botchf(0, "", line, "%w: multiline response with different codes, previous %d, last %d", ErrProtocol, code, co)

347 return 0, "", "", nil, err

348 }

349 code = co

350 if last {

351 if code != smtp.C334ContinueAuth {

352 cmd := ""

353 if len(c.cmds) > 0 {

354 cmd = c.cmds[0]

355 // We only keep the last, so we're not creating new slices all the time.

356 if len(c.cmds) > 1 {

357 c.cmds = c.cmds[1:]

358 }

359 }

360 metricCommands.WithLabelValues(cmd, fmt.Sprintf("%d", co), sec).Observe(float64(time.Since(c.cmdStart)) / float64(time.Second))

361 c.log.Debug("smtpclient command result", mlog.Field("cmd", cmd), mlog.Field("code", co), mlog.Field("secode", sec), mlog.Field("duration", time.Since(c.cmdStart)))

362 }

363 return co, sec, line, texts, nil

364 }

365 }

366}

367

368func (c *Client) xreadecode(ecodes bool) (code int, secode, lastLine string, texts []string) {

369 var err error

370 code, secode, lastLine, texts, err = c.readecode(ecodes)

371 if err != nil {

372 panic(err)

373 }

374 return

375}

376

377// read single response line.

378// if ecodes, extended codes are parsed.

379func (c *Client) read1(ecodes bool) (code int, secode, text, line string, last bool, rerr error) {

380 line, rerr = c.readline()

381 if rerr != nil {

382 return

383 }

384 i := 0

385 for ; i < len(line) && line[i] >= '0' && line[i] <= '9'; i++ {

386 }

387 if i != 3 {

388 rerr = c.botchf(0, "", line, "%w: expected response code: %s", ErrProtocol, line)

389 return

390 }

391 v, err := strconv.ParseInt(line[:i], 10, 32)

392 if err != nil {

393 rerr = c.botchf(0, "", line, "%w: bad response code (%s): %s", ErrProtocol, err, line)

394 return

395 }

396 code = int(v)

397 major := code / 100

398 s := line[3:]

399 if strings.HasPrefix(s, "-") || strings.HasPrefix(s, " ") {

400 last = s[0] == ' '

401 s = s[1:]

402 } else if s == "" {

403 // Allow missing space. ../rfc/5321:2570 ../rfc/5321:2612

404 last = true

405 } else {

406 rerr = c.botchf(0, "", line, "%w: expected space or dash after response code: %s", ErrProtocol, line)

407 return

408 }

409

410 if ecodes {

411 secode, s = parseEcode(major, s)

412 }

413

414 return code, secode, s, line, last, nil

415}

416

417func parseEcode(major int, s string) (secode string, remain string) {

418 o := 0

419 bad := false

420 take := func(need bool, a, b byte) bool {

421 if !bad && o < len(s) && s[o] >= a && s[o] <= b {

422 o++

423 return true

424 }

425 bad = bad || need

426 return false

427 }

428 digit := func(need bool) bool {

429 return take(need, '0', '9')

430 }

431 dot := func() bool {

432 return take(true, '.', '.')

433 }

434

435 digit(true)

436 dot()

437 xo := o

438 digit(true)

439 for digit(false) {

440 }

441 dot()

442 digit(true)

443 for digit(false) {

444 }

445 secode = s[xo:o]

446 take(false, ' ', ' ')

447 if bad || int(s[0])-int('0') != major {

448 return "", s

449 }

450 return secode, s[o:]

451}

452

453func (c *Client) recover(rerr *error) {

454 x := recover()

455 if x == nil {

456 return

457 }

458 cerr, ok := x.(Error)

459 if !ok {

460 metrics.PanicInc(metrics.Smtpclient)

461 panic(x)

462 }

463 *rerr = cerr

464}

465

466func (c *Client) hello(ctx context.Context, tlsMode TLSMode, ourHostname, remoteHostname dns.Domain, auth []sasl.Client) (rerr error) {

467 defer c.recover(&rerr)

468

469 // perform EHLO handshake, falling back to HELO if server does not appear to

470 // implement EHLO.

471 hello := func(heloOK bool) {

472 // Write EHLO and parse the supported extensions.

473 // ../rfc/5321:987

474 c.cmds[0] = "ehlo"

475 c.cmdStart = time.Now()

476 // Syntax: ../rfc/5321:1827

477 c.xwritelinef("EHLO %s", ourHostname.ASCII)

478 code, _, lastLine, remains := c.xreadecode(false)

479 switch code {

480 // ../rfc/5321:997

481 // ../rfc/5321:3098

482 case smtp.C500BadSyntax, smtp.C501BadParamSyntax, smtp.C502CmdNotImpl, smtp.C503BadCmdSeq, smtp.C504ParamNotImpl:

483 if !heloOK {

484 c.xerrorf(true, code, "", lastLine, "%w: remote claims ehlo is not supported", ErrProtocol)

485 }

486 // ../rfc/5321:996

487 c.cmds[0] = "helo"

488 c.cmdStart = time.Now()

489 c.xwritelinef("HELO %s", ourHostname.ASCII)

490 code, _, lastLine, _ = c.xreadecode(false)

491 if code != smtp.C250Completed {

492 c.xerrorf(code/100 == 5, code, "", lastLine, "%w: expected 250 to HELO, got %d", ErrStatus, code)

493 }

494 return

495 case smtp.C250Completed:

496 default:

497 c.xerrorf(code/100 == 5, code, "", lastLine, "%w: expected 250, got %d", ErrStatus, code)

498 }

499 for _, s := range remains[1:] {

500 // ../rfc/5321:1869

501 s = strings.ToUpper(strings.TrimSpace(s))

502 switch s {

503 case "STARTTLS":

504 c.extStartTLS = true

505 case "ENHANCEDSTATUSCODES":

506 c.extEcodes = true

507 case "8BITMIME":

508 c.ext8bitmime = true

509 case "PIPELINING":

510 c.extPipelining = true

511 default:

512 // For SMTPUTF8 we must ignore any parameter. ../rfc/6531:207

513 if s == "SMTPUTF8" || strings.HasPrefix(s, "SMTPUTF8 ") {

514 c.extSMTPUTF8 = true

515 } else if strings.HasPrefix(s, "SIZE ") {

516 c.extSize = true

517 if v, err := strconv.ParseInt(s[len("SIZE "):], 10, 64); err == nil {

518 c.maxSize = v

519 }

520 } else if strings.HasPrefix(s, "AUTH ") {

521 c.extAuthMechanisms = strings.Split(s[len("AUTH "):], " ")

522 }

523 }

524 }

525 }

526

527 // Read greeting.

528 c.cmds = []string{"(greeting)"}

529 c.cmdStart = time.Now()

530 code, _, lastLine, _ := c.xreadecode(false)

531 if code != smtp.C220ServiceReady {

532 c.xerrorf(code/100 == 5, code, "", lastLine, "%w: expected 220, got %d", ErrStatus, code)

533 }

534

535 // Write EHLO, falling back to HELO if server doesn't appear to support it.

536 hello(true)

537

538 // Attempt TLS if remote understands STARTTLS and we aren't doing immediate TLS or if caller requires it.

539 if c.extStartTLS && (tlsMode != TLSSkip && tlsMode != TLSStrictImmediate) || tlsMode == TLSStrictStartTLS {

540 c.log.Debug("starting tls client", mlog.Field("tlsmode", tlsMode), mlog.Field("servername", remoteHostname))

541 c.cmds[0] = "starttls"

542 c.cmdStart = time.Now()

543 c.xwritelinef("STARTTLS")

544 code, secode, lastLine, _ := c.xread()

545 // ../rfc/3207:107

546 if code != smtp.C220ServiceReady {

547 c.xerrorf(code/100 == 5, code, secode, lastLine, "%w: STARTTLS: got %d, expected 220", ErrTLS, code)

548 }

549

550 // We don't want to do TLS on top of c.r because it also prints protocol traces: We

551 // don't want to log the TLS stream. So we'll do TLS on the underlying connection,

552 // but make sure any bytes already read and in the buffer are used for the TLS

553 // handshake.

554 conn := c.conn

555 if n := c.r.Buffered(); n > 0 {

556 conn = &moxio.PrefixConn{

557 PrefixReader: io.LimitReader(c.r, int64(n)),

558 Conn: conn,

559 }

560 }

561

562 // For TLSStrictStartTLS, the Go TLS library performs the checks needed for MTA-STS.

563 // ../rfc/8461:646

564 // todo: possibly accept older TLS versions for TLSOpportunistic?

565 tlsConfig := &tls.Config{

566 ServerName: remoteHostname.ASCII,

567 RootCAs: mox.Conf.Static.TLS.CertPool,

568 InsecureSkipVerify: tlsMode != TLSStrictStartTLS,

569 MinVersion: tls.VersionTLS12, // ../rfc/8996:31 ../rfc/8997:66

570 }

571 nconn := tls.Client(conn, tlsConfig)

572 c.conn = nconn

573

574 nctx, cancel := context.WithTimeout(ctx, time.Minute)

575 defer cancel()

576 err := nconn.HandshakeContext(nctx)

577 if err != nil {

578 c.xerrorf(false, 0, "", "", "%w: STARTTLS TLS handshake: %s", ErrTLS, err)

579 }

580 cancel()

581 c.tr = moxio.NewTraceReader(c.log, "RS: ", c.conn)

582 c.tw = moxio.NewTraceWriter(c.log, "LC: ", c.conn) // No need to wrap in timeoutWriter, it would just set the timeout on the underlying connection, which is still active.

583 c.r = bufio.NewReader(c.tr)

584 c.w = bufio.NewWriter(c.tw)

585

586 tlsversion, ciphersuite := mox.TLSInfo(nconn)

587 c.log.Debug("starttls client handshake done", mlog.Field("tls", tlsversion), mlog.Field("ciphersuite", ciphersuite), mlog.Field("servername", remoteHostname), mlog.Field("insecureskipverify", tlsConfig.InsecureSkipVerify))

588

589 hello(false)

590 }

591

592 if len(auth) > 0 {

593 return c.auth(auth)

594 }

595 return

596}

597

598// ../rfc/4954:139

599func (c *Client) auth(auth []sasl.Client) (rerr error) {

600 defer c.recover(&rerr)

601

602 c.cmds[0] = "auth"

603 c.cmdStart = time.Now()

604

605 var a sasl.Client

606 var name string

607 var cleartextCreds bool

608 for _, x := range auth {

609 name, cleartextCreds = x.Info()

610 for _, s := range c.extAuthMechanisms {

611 if s == name {

612 a = x

613 break

614 }

615 }

616 }

617 if a == nil {

618 c.xerrorf(true, 0, "", "", "no matching authentication mechanisms, server supports %s", strings.Join(c.extAuthMechanisms, ", "))

619 }

620

621 abort := func() (int, string, string) {

622 // Abort authentication. ../rfc/4954:193

623 c.xwriteline("*")

624

625 // Server must respond with 501. // ../rfc/4954:195

626 code, secode, lastline, _ := c.xread()

627 if code != smtp.C501BadParamSyntax {

628 c.botched = true

629 }

630 return code, secode, lastline

631 }

632

633 toserver, last, err := a.Next(nil)

634 if err != nil {

635 c.xerrorf(false, 0, "", "", "initial step in auth mechanism %s: %w", name, err)

636 }

637 if cleartextCreds {

638 defer c.xtrace(mlog.LevelTraceauth)()

639 }

640 if toserver == nil {

641 c.xwriteline("AUTH " + name)

642 } else if len(toserver) == 0 {

643 c.xwriteline("AUTH " + name + " =") // ../rfc/4954:214

644 } else {

645 c.xwriteline("AUTH " + name + " " + base64.StdEncoding.EncodeToString(toserver))

646 }

647 for {

648 if cleartextCreds && last {

649 c.xtrace(mlog.LevelTrace) // Restore.

650 }

651

652 code, secode, lastLine, texts := c.xreadecode(last)

653 if code == smtp.C235AuthSuccess {

654 if !last {

655 c.xerrorf(false, code, secode, lastLine, "server completed authentication earlier than client expected")

656 }

657 return nil

658 } else if code == smtp.C334ContinueAuth {

659 if last {

660 c.xerrorf(false, code, secode, lastLine, "server requested unexpected continuation of authentication")

661 }

662 if len(texts) != 1 {

663 abort()

664 c.xerrorf(false, code, secode, lastLine, "server responded with multiline contination")

665 }

666 fromserver, err := base64.StdEncoding.DecodeString(texts[0])

667 if err != nil {

668 abort()

669 c.xerrorf(false, code, secode, lastLine, "malformed base64 data in authentication continuation response")

670 }

671 toserver, last, err = a.Next(fromserver)

672 if err != nil {

673 // For failing SCRAM, the client stops due to message about invalid proof. The

674 // server still sends an authentication result (it probably should send 501

675 // instead).

676 xcode, xsecode, lastline := abort()

677 c.xerrorf(false, xcode, xsecode, lastline, "client aborted authentication: %w", err)

678 }

679 c.xwriteline(base64.StdEncoding.EncodeToString(toserver))

680 } else {

681 c.xerrorf(code/100 == 5, code, secode, lastLine, "unexpected response during authentication, expected 334 continue or 235 auth success")

682 }

683 }

684}

685

686// Supports8BITMIME returns whether the SMTP server supports the 8BITMIME

687// extension, needed for sending data with non-ASCII bytes.

688func (c *Client) Supports8BITMIME() bool {

689 return c.ext8bitmime

690}

691

692// SupportsSMTPUTF8 returns whether the SMTP server supports the SMTPUTF8

693// extension, needed for sending messages with UTF-8 in headers or in an (SMTP)

694// address.

695func (c *Client) SupportsSMTPUTF8() bool {

696 return c.extSMTPUTF8

697}

698

699// Deliver attempts to deliver a message to a mail server.

700//

701// mailFrom must be an email address, or empty in case of a DSN. rcptTo must be

702// an email address.

703//

704// If the message contains bytes with the high bit set, req8bitmime must be true. If

705// set, the remote server must support the 8BITMIME extension or delivery will

706// fail.

707//

708// If the message is internationalized, e.g. when headers contain non-ASCII

709// character, or when UTF-8 is used in a localpart, reqSMTPUTF8 must be true. If set,

710// the remote server must support the SMTPUTF8 extension or delivery will fail.

711//

712// Deliver uses the following SMTP extensions if the remote server supports them:

713// 8BITMIME, SMTPUTF8, SIZE, PIPELINING, ENHANCEDSTATUSCODES, STARTTLS.

714//

715// Returned errors can be of type Error, one of the Err-variables in this package

716// or other underlying errors, e.g. for i/o. Use errors.Is to check.

717func (c *Client) Deliver(ctx context.Context, mailFrom string, rcptTo string, msgSize int64, msg io.Reader, req8bitmime, reqSMTPUTF8 bool) (rerr error) {

718 defer c.recover(&rerr)

719

720 if c.origConn == nil {

721 return ErrClosed

722 } else if c.botched {

723 return ErrBotched

724 } else if c.needRset {

725 if err := c.Reset(); err != nil {

726 return err

727 }

728 }

729

730 if !c.ext8bitmime && req8bitmime {

731 // Temporary error, e.g. OpenBSD spamd does not announce 8bitmime support, but once

732 // you get through, the mail server behind it probably does. Just needs a few

733 // retries.

734 c.xerrorf(false, 0, "", "", "%w", Err8bitmimeUnsupported)

735 }

736 if !c.extSMTPUTF8 && reqSMTPUTF8 {

737 // ../rfc/6531:313

738 c.xerrorf(false, 0, "", "", "%w", ErrSMTPUTF8Unsupported)

739 }

740

741 if c.extSize && msgSize > c.maxSize {

742 c.xerrorf(true, 0, "", "", "%w: message is %d bytes, remote has a %d bytes maximum size", ErrSize, msgSize, c.maxSize)

743 }

744

745 var mailSize, bodyType string

746 if c.extSize {

747 mailSize = fmt.Sprintf(" SIZE=%d", msgSize)

748 }

749 if c.ext8bitmime {

750 if req8bitmime {

751 bodyType = " BODY=8BITMIME"

752 } else {

753 bodyType = " BODY=7BIT"

754 }

755 }

756 var smtputf8Arg string

757 if reqSMTPUTF8 {

758 // ../rfc/6531:213

759 smtputf8Arg = " SMTPUTF8"

760 }

761

762 // Transaction overview: ../rfc/5321:1015

763 // MAIL FROM: ../rfc/5321:1879

764 // RCPT TO: ../rfc/5321:1916

765 // DATA: ../rfc/5321:1992

766 lineMailFrom := fmt.Sprintf("MAIL FROM:<%s>%s%s%s", mailFrom, mailSize, bodyType, smtputf8Arg)

767 lineRcptTo := fmt.Sprintf("RCPT TO:<%s>", rcptTo)

768

769 // We are going into a transaction. We'll clear this when done.

770 c.needRset = true

771

772 if c.extPipelining {

773 c.cmds = []string{"mailfrom", "rcptto", "data"}

774 c.cmdStart = time.Now()

775 // todo future: write in a goroutine to prevent potential deadlock if remote does not consume our writes before expecting us to read. could potentially happen with greylisting and a small tcp send window?

776 c.xbwriteline(lineMailFrom)

777 c.xbwriteline(lineRcptTo)

778 c.xbwriteline("DATA")

779 c.xflush()

780

781 // We read the response to RCPT TO and DATA without panic on read error. Servers

782 // may be aborting the connection after a failed MAIL FROM, e.g. outlook when it

783 // has blocklisted your IP. We don't want the read for the response to RCPT TO to

784 // cause a read error as it would result in an unhelpful error message and a

785 // temporary instead of permanent error code.

786

787 mfcode, mfsecode, mflastline, _ := c.xread()