This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
The following commit(s) were added to refs/heads/master by this push:
new 037bb72cdc [ENHANCEMENT] AuditTrail for invalid RCPT (#2671)
037bb72cdc is described below
commit 037bb72cdc62ca9911d19e1a520fefd64eca1d59
Author: Benoit TELLIER <[email protected]>
AuthorDate: Wed Mar 12 05:30:00 2025 +0100
[ENHANCEMENT] AuditTrail for invalid RCPT (#2671)
---
.../core/fastfail/AbstractValidRcptHandler.java | 27 +++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/fastfail/AbstractValidRcptHandler.java
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/fastfail/AbstractValidRcptHandler.java
index 7709157dc9..b16ea57bbc 100644
---
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/fastfail/AbstractValidRcptHandler.java
+++
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/fastfail/AbstractValidRcptHandler.java
@@ -19,18 +19,26 @@
package org.apache.james.protocols.smtp.core.fastfail;
+import java.util.Optional;
+
import org.apache.james.core.Domain;
import org.apache.james.core.MailAddress;
import org.apache.james.core.MaybeSender;
+import org.apache.james.core.Username;
+import org.apache.james.protocols.api.ProtocolSession;
import org.apache.james.protocols.smtp.SMTPRetCode;
import org.apache.james.protocols.smtp.SMTPSession;
import org.apache.james.protocols.smtp.dsn.DSNStatus;
import org.apache.james.protocols.smtp.hook.HookResult;
import org.apache.james.protocols.smtp.hook.HookReturnCode;
import org.apache.james.protocols.smtp.hook.RcptHook;
+import org.apache.james.util.AuditTrail;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.github.fge.lambdas.Throwing;
+import com.google.common.collect.ImmutableMap;
+
/**
* Handler which want to do a recipient check should extend this
*/
@@ -44,7 +52,7 @@ public abstract class AbstractValidRcptHandler implements
RcptHook {
return HookResult.DECLINED;
}
if (!isValidRecipient(session, rcpt)) {
- return reject(rcpt);
+ return reject(session, rcpt);
}
return HookResult.DECLINED;
} catch (IllegalArgumentException e) {
@@ -64,8 +72,21 @@ public abstract class AbstractValidRcptHandler implements
RcptHook {
}
}
- public HookResult reject(MailAddress rcpt) {
- LOGGER.info("Rejected message. Unknown user: {}", rcpt);
+ public HookResult reject(SMTPSession session, MailAddress rcpt) {
+ MaybeSender sender = session.getAttachment(SMTPSession.SENDER,
ProtocolSession.State.Transaction).orElse(MaybeSender.nullSender());
+ AuditTrail.entry()
+ .username(() -> Optional.ofNullable(session.getUsername())
+ .map(Username::asString)
+ .orElse(""))
+ .remoteIP(() -> Optional.ofNullable(session.getRemoteAddress()))
+ .sessionId(session::getSessionID)
+ .protocol("SMTP")
+ .action("SPOOL")
+ .parameters(Throwing.supplier(() -> ImmutableMap.of(
+ "sender", sender.asString(),
+ "recipient", rcpt.asString())))
+ .log("Rejected message. Unknown user: " + rcpt.asString());
+
return HookResult.builder()
.hookReturnCode(HookReturnCode.deny())
.smtpReturnCode(SMTPRetCode.MAILBOX_PERM_UNAVAILABLE)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
