Issue 8503: smtpd SMTPServer does not allow domain filtering (original) (raw)

Created on 2010-04-23 07:56 by mike.s, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Messages (7)

msg103993 - (view)

Author: mike s (mike.s)

Date: 2010-04-23 07:56

The SMTPServer supplied by the smtpd library allows clients to send mail to any domain. This makes the server attractive to spammers, thinking they have found an open relay.

The patch below adds an "accept_domain" method to SMTPServer (documented below) which can be overridden by the user to compare the incoming domain against a list, etc, and return True or False (True=accept address, False=reject).

My apologies if this is the wrong place to submit this; I have not submitted a patch like this before and am just hoping to help! :)

Mike

--- smtpd.py.bak 2010-04-23 00:22:39.000000000 -0700 +++ smtpd.py 2010-04-23 00:51:22.000000000 -0700 @@ -241,6 +241,10 @@ if not address: self.push('501 Syntax: RCPT TO:

') return + address_domain = address.split('@')[1] + if self._SMTPChannel__server.accept_domain(address_domain) is False: + self.push('554 Relay access denied') + return self.__rcpttos.append(address) print >> DEBUGSTREAM, 'recips:', self.__rcpttos self.push('250 Ok') @@ -289,6 +293,15 @@ print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr) channel = SMTPChannel(self, conn, addr)

def accept_domain(self,domain):

"""domain is a string like domain.com that specifes the domain of

an email address supplied by client's RCPT TO command.
Override this method to determine whether SMTPServer should
accept mail for a given domain. This is handy for preventing
spammers from thinking you are running an open relay."""
```
return True
```

# API for "doing something useful with the message"
def process_message(self, peer, mailfrom, rcpttos, data):
    """Override this abstract method to handle messages from the client.

msg104003 - (view)

Author: Eric V. Smith (eric.smith) * (Python committer)

Date: 2010-04-23 11:08

This is the right place, thanks for the patch!

Since this is a feature request it can only be added to 3.2 (and 2.8, if such a thing ever exists).

msg104039 - (view)

Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer)

Date: 2010-04-23 19:00

Idea: wouldn't it be better to provide a more powerful "accept_mail" method instead of "accept_domain?

msg104040 - (view)

Author: mike s (mike.s)

Date: 2010-04-23 19:05

I don't think that is a suitable solution for this problem, because the expected SMTP behavior is to reject an unsuitable RCPT TO directly after it is proposed by the client.

However, I think it would be a great idea to have such a method being called after the end of the DATA segment (immediately before the message is queued - or not).

Mike

On 2010-04-23, at 12:00 PM, Giampaolo Rodola' wrote:

Giampaolo Rodola' <g.rodola@gmail.com> added the comment:

Idea: wouldn't it be better to provide a more powerful "accept_mail" method instead of "accept_domain?

nosy: +giampaolo.rodola

Python tracker <report@bugs.python.org> <http://bugs.python.org/issue8503>

msg146014 - (view)

Author: Petri Lehtinen (petri.lehtinen) * (Python committer)

Date: 2011-10-20 09:53

This sounds like an important feature to me.

A few points:

I'd rename the function name from accept_domain to e.g. validate_domain for clarity
There could also be a function to validate the loca part of each recipient addresses. Or maybe the function should be changed to validate the whole recipient address, not only the domain part.

msg220200 - (view)

Author: Milan Oberkirch (zvyn) *

Date: 2014-06-10 21:58

I see no reason to restrict the filtering possibilities to the domain, so I added a method "validate_recipient_address" wich gets an address of the form "local-part@domain" and returns True. SMTPChannel.smtp_RCPT checks any address with this method before appending it to the recipient list and returns "554 ..." as proposed by Mike if the validation failed.

msg309752 - (view)

Author: Barry A. Warsaw (barry) * (Python committer)

Date: 2018-01-10 00:55

I'm closing this as won't fix since smtpd.py is deprecated and will likely not get any future development. Please see aiosmtpd as a much better third party replacement.

History

Date

User

Action

Args

2022-04-11 14:57:00

admin

set

github: 52749

2018-01-10 00:55:19

barry

set

status: open -> closed
resolution: wont fix
messages: +

stage: test needed -> resolved

2014-08-09 00:39:39

zvyn

set

files: + issue8503v2.patch

2014-06-10 21:58:24

zvyn

set

files: + issue8503.patch

nosy: + r.david.murray, jesstess, barry, zvyn
messages: +

components: + email
keywords: + patch

2013-11-20 10:54:27

lpolzer

set

nosy: + lpolzer

2011-10-20 09:53:36

petri.lehtinen

set

messages: +

2011-10-20 09:35:41

petri.lehtinen

set

nosy: + petri.lehtinen

versions: + Python 3.3, - Python 3.2

2010-04-23 19:05:12

mike.s

set

messages: +

2010-04-23 19:00:35

giampaolo.rodola

set

nosy: + giampaolo.rodola
messages: +

2010-04-23 11:08:06

eric.smith

set

priority: normal

type: enhancement
versions: - Python 2.6, Python 2.5, Python 3.1, Python 2.7, Python 3.3
nosy: + eric.smith

messages: +
stage: test needed

2010-04-23 07:59:57

mike.s

set

title: smtpd module does not allow domain filtering -> smtpd SMTPServer does not allow domain filtering

2010-04-23 07:59:29

mike.s

set

title: smtpd module does not allow -> smtpd module does not allow domain filtering

2010-04-23 07:56:10

mike.s

create