add filter rule

2025-04-15 18:27:54 +08:00 · 2025-04-15 18:27:54 +08:00 · 0a86ef3e98
commit 0a86ef3e98
parent 28a768458b
1 changed files with 29 additions and 3 deletions
--- a/main.go
+++ b/main.go
@ -6,6 +6,7 @@ import (
 	"io"
 	"net"
 	"os"
+	"regexp"
 	"strings"
 	"sync"
 	"time"
@ -26,6 +27,8 @@ var (
 	serverTLSConf *tls.Config
 )

+var re = regexp.MustCompile(`^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$`)
+
 type timeoutConn struct {
 	conn net.Conn
 }
@ -132,7 +135,11 @@ func handleConnection(clientConn net.Conn) {
 				log.Infof("Connection upgraded to TLS for %s", smtp.clientAddr)
 				continue
 			}
-
+			if strings.HasPrefix(cmd, "AUTH") {
+				smtp.client.Write([]byte("554 5.7.1 Access denied\r\n"))
+				log.Warnf("Rejected recipient from %s: external auth denied", smtp.clientAddr)
+				return
+			}
 			// Handle RCPT TO validation inside TLS if needed
 			if strings.HasPrefix(cmd, "RCPT TO:") {
 				parts := strings.Split(strings.ToLower(line), ":")
@ -141,13 +148,32 @@ func handleConnection(clientConn net.Conn) {
 					return
 				}

-				email := strings.Trim(strings.TrimSpace(parts[1]), "<>")
+				// email := strings.Trim(strings.TrimSpace(parts[1]), "<>")
+				// domain := strings.Split(email, "@")
+				// if len(domain) != 2 {
+				// 	smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
+				// 	return
+				// }
+				// fmt.Sscanf(parts[1], "<%s>%s", &email, &whatever)
+				// email := re.FindStringSubmatch(parts[1])
+				// if len(email) < 1 {
+				// 	log.Errorf("%s is not email address", email[1])
+				// 	return
+				// }
+				// domain := strings.Split(email[0], "@")
+				start := strings.Index(parts[1], "<")
+				end := strings.Index(parts[1], ">")
+				if start == -1 || end == -1 || start >= end {
+					smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
+					return
+				}
+
+				email := parts[1][start+1 : end]
 				domain := strings.Split(email, "@")
 				if len(domain) != 2 {
 					smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
 					return
 				}
-
 				if domain[1] != allowDomain {
 					log.Warnf("Rejected recipient from %s: domain %s not allowed", smtp.clientAddr, domain[1])
 					smtp.client.Write([]byte("554 Domain not allowed\r\n"))