This is an automated email from the ASF dual-hosted git repository.
rcordier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
The following commit(s) were added to refs/heads/master by this push:
new 27e2890493 JAMES-4162 Allow usage of <> sender for authenticated users
(cf RFC-8098)
27e2890493 is described below
commit 27e2890493bac1acbe5b76d582a4e703dd15b448
Author: Benoit TELLIER <[email protected]>
AuthorDate: Thu Jan 8 14:52:41 2026 +0100
JAMES-4162 Allow usage of <> sender for authenticated users (cf RFC-8098)
---
...AbstractSenderAuthIdentifyVerificationHook.java | 7 +-
.../james/smtp/SmtpIdentityVerificationTest.java | 75 ++++++++++++++++++----
2 files changed, 68 insertions(+), 14 deletions(-)
diff --git
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationHook.java
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationHook.java
index 8f78f8b0b7..c5937e3548 100644
---
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationHook.java
+++
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationHook.java
@@ -58,8 +58,13 @@ public abstract class
AbstractSenderAuthIdentifyVerificationHook implements Mail
* the user was already authenticated
*/
protected boolean senderDoesNotMatchAuthUser(SMTPSession session,
MaybeSender sender) {
+ if (sender.isNullSender()) {
+ // Authenticated users can legitimately use MAIL FROM eg for MDNs
CF RFC 8098
+ // Please note that the header From is later verified by the DATA
hook.
+ return false;
+ }
return session.getUsername() != null &&
- (isAnonymous(sender) || !senderMatchSessionUser(sender, session)
|| !belongsToLocalDomain(sender));
+ (!senderMatchSessionUser(sender, session) ||
!belongsToLocalDomain(sender));
}
/*
diff --git
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
index aec3211ed0..5c7144691e 100644
---
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
+++
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
@@ -206,6 +206,68 @@ class SmtpIdentityVerificationTest {
.hasMessageContaining("503 5.7.1 Incorrect Authentication for
Specified Email Address");
}
+ @Test
+ void shouldRequireFromHeaderWhenNoMailFrom(@TempDir File temporaryFolder)
throws Exception {
+ createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+ .requireAuthentication()
+ .verifyIdentity());
+
+ String message = """
+ subject: test\r
+ \r
+ content\r
+ .\r
+ """;
+
+ assertThatThrownBy(() ->
+ messageSender.connect(LOCALHOST_IP,
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+ .authenticate(USER, PASSWORD)
+ .sendMessageWithHeaders("", ImmutableList.of(USER), message))
+ .isInstanceOf(SMTPSendingException.class)
+ .hasMessageContaining("503 5.5.4 Missing From header");
+ }
+
+ @Test
+ void shouldRequireFromHeaderAlignementWhenNoMailFrom(@TempDir File
temporaryFolder) throws Exception {
+ createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+ .requireAuthentication()
+ .verifyIdentity());
+
+ String message = """
+ FROM: [email protected]\r
+ subject: test\r
+ \r
+ content\r
+ .\r
+ """;
+
+ assertThatThrownBy(() ->
+ messageSender.connect(LOCALHOST_IP,
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+ .authenticate(USER, PASSWORD)
+ .sendMessageWithHeaders("", ImmutableList.of(USER), message))
+ .isInstanceOf(SMTPSendingException.class)
+ .hasMessageContaining("503 5.7.1 Incorrect Authentication for
Specified Email Address");
+ }
+
+ @Test
+ void shouldAcceptNoMailFromWhenCorrectFrom(@TempDir File temporaryFolder)
throws Exception {
+ createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+ .requireAuthentication()
+ .verifyIdentity());
+
+ String message = """
+ FROM: [email protected]\r
+ subject: test\r
+ \r
+ content\r
+ .\r
+ """;
+
+ messageSender.connect(LOCALHOST_IP,
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+ .authenticate(USER, PASSWORD)
+ .sendMessageWithHeaders("", ImmutableList.of(USER), message);
+ }
+
@Test
void
spoofingAttemptsShouldBeRejectedInFromFieldWhenGroupWithOtherUsers(@TempDir
File temporaryFolder) throws Exception {
createJamesServer(temporaryFolder, SmtpConfiguration.builder()
@@ -398,19 +460,6 @@ class SmtpIdentityVerificationTest {
.sendMessageWithHeaders(USER, ImmutableList.of(USER), message);
}
- @Test
- void verifyIdentityShouldRejectNullSenderWHenAuthenticated(@TempDir File
temporaryFolder) throws Exception {
- createJamesServer(temporaryFolder, SmtpConfiguration.builder()
- .requireAuthentication()
- .verifyIdentity());
-
- assertThatThrownBy(() ->
- messageSender.connect(LOCALHOST_IP,
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
- .authenticate(USER, PASSWORD)
- .sendMessageNoSender(USER, USER))
- .isEqualTo(new SMTPSendingException(SmtpSendingStep.Sender, "503
5.7.1 Incorrect Authentication for Specified Email Address\n"));
- }
-
@Test
void
verifyIdentityShouldAcceptNullSenderWhenAuthenticationRequired(@TempDir File
temporaryFolder) throws Exception {
createJamesServer(temporaryFolder, SmtpConfiguration.builder()
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
