From 0a86ef3e98425646233eb32d1f28e1bdbcb3f1b2 Mon Sep 17 00:00:00 2001
From: Mahno <bestwow2014@gmail.com>
Date: Tue, 15 Apr 2025 18:27:54 +0800
Subject: [PATCH] add filter rule

---
 main.go | 32 +++++++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/main.go b/main.go
index f1328c4..143b63f 100644
--- a/main.go
+++ b/main.go
@@ -6,6 +6,7 @@ import (
 	"io"
 	"net"
 	"os"
+	"regexp"
 	"strings"
 	"sync"
 	"time"
@@ -26,6 +27,8 @@ var (
 	serverTLSConf *tls.Config
 )
 
+var re = regexp.MustCompile(`^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$`)
+
 type timeoutConn struct {
 	conn net.Conn
 }
@@ -132,7 +135,11 @@ func handleConnection(clientConn net.Conn) {
 				log.Infof("Connection upgraded to TLS for %s", smtp.clientAddr)
 				continue
 			}
-
+			if strings.HasPrefix(cmd, "AUTH") {
+				smtp.client.Write([]byte("554 5.7.1 Access denied\r\n"))
+				log.Warnf("Rejected recipient from %s: external auth denied", smtp.clientAddr)
+				return
+			}
 			// Handle RCPT TO validation inside TLS if needed
 			if strings.HasPrefix(cmd, "RCPT TO:") {
 				parts := strings.Split(strings.ToLower(line), ":")
@@ -141,13 +148,32 @@ func handleConnection(clientConn net.Conn) {
 					return
 				}
 
-				email := strings.Trim(strings.TrimSpace(parts[1]), "<>")
+				// email := strings.Trim(strings.TrimSpace(parts[1]), "<>")
+				// domain := strings.Split(email, "@")
+				// if len(domain) != 2 {
+				// 	smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
+				// 	return
+				// }
+				// fmt.Sscanf(parts[1], "<%s>%s", &email, &whatever)
+				// email := re.FindStringSubmatch(parts[1])
+				// if len(email) < 1 {
+				// 	log.Errorf("%s is not email address", email[1])
+				// 	return
+				// }
+				// domain := strings.Split(email[0], "@")
+				start := strings.Index(parts[1], "<")
+				end := strings.Index(parts[1], ">")
+				if start == -1 || end == -1 || start >= end {
+					smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
+					return
+				}
+
+				email := parts[1][start+1 : end]
 				domain := strings.Split(email, "@")
 				if len(domain) != 2 {
 					smtp.client.Write([]byte("501 Syntax error in parameters or arguments\r\n"))
 					return
 				}
-
 				if domain[1] != allowDomain {
 					log.Warnf("Rejected recipient from %s: domain %s not allowed", smtp.clientAddr, domain[1])
 					smtp.client.Write([]byte("554 Domain not allowed\r\n"))