diff --git a/backendutil/transform_test.go b/backendutil/transform_test.go index 50961cf..7ab39b1 100755 --- a/backendutil/transform_test.go +++ b/backendutil/transform_test.go @@ -282,6 +282,7 @@ func TestServer_tooLongMessage(t *testing.T) { func TestServer_anonymousUserOK(t *testing.T) { be, s, c, scanner, _ := testServerEhlo(t) + s.AuthDisabled = true defer s.Close() defer c.Close() diff --git a/conn.go b/conn.go index 72a67d8..5b340a7 100644 --- a/conn.go +++ b/conn.go @@ -104,6 +104,12 @@ func (c *Conn) handle(cmd string, arg string) { } cmd = strings.ToUpper(cmd) + // Auth should be checked for mail, rcpt, data commands. + if (cmd == "MAIL" || cmd == "RCPT" || cmd == "DATA") && !c.server.AuthDisabled && !c.didAuth { + c.writeResponse(502, EnhancedCode{5, 7, 0}, "Please authenticate first") + return + } + switch cmd { case "SEND", "SOML", "SAML", "EXPN", "HELP", "TURN": // These commands are not implemented in any state diff --git a/lmtp_server_test.go b/lmtp_server_test.go index 9cd98c2..b62cf0e 100644 --- a/lmtp_server_test.go +++ b/lmtp_server_test.go @@ -45,6 +45,7 @@ func sendLHLO(t *testing.T, scanner *bufio.Scanner, c io.Writer) { func TestServer_LMTP(t *testing.T) { be, s, c, scanner := testServerGreeted(t, func(s *smtp.Server) { s.LMTP = true + s.AuthDisabled = true be := s.Backend.(*backend) be.implementLMTPData = true be.lmtpStatus = []struct { @@ -82,6 +83,7 @@ func TestServer_LMTP_Early(t *testing.T) { be, s, c, scanner := testServerGreeted(t, func(s *smtp.Server) { s.LMTP = true + s.AuthDisabled = true be := s.Backend.(*backend) be.implementLMTPData = true be.lmtpStatusSync = lmtpStatusSync @@ -126,6 +128,7 @@ func TestServer_LMTP_Expand(t *testing.T) { be, s, c, scanner := testServerGreeted(t, func(s *smtp.Server) { s.LMTP = true + s.AuthDisabled = true }) defer s.Close() defer c.Close() @@ -149,6 +152,7 @@ func TestServer_LMTP_Expand(t *testing.T) { func TestServer_LMTP_DuplicatedRcpt(t *testing.T) { be, s, c, scanner := testServerGreeted(t, func(s *smtp.Server) { s.LMTP = true + s.AuthDisabled = true be := s.Backend.(*backend) be.implementLMTPData = true be.lmtpStatus = []struct { diff --git a/server_test.go b/server_test.go index 0db69a8..2d0c96a 100644 --- a/server_test.go +++ b/server_test.go @@ -756,6 +756,7 @@ func TestServer_anonymousUserError(t *testing.T) { func TestServer_anonymousUserOK(t *testing.T) { be, s, c, scanner, _ := testServerEhlo(t) + s.AuthDisabled = true defer s.Close() defer c.Close() @@ -780,6 +781,7 @@ func TestServer_anonymousUserOK(t *testing.T) { func TestServer_authParam(t *testing.T) { be, s, c, scanner, _ := testServerEhlo(t) + s.AuthDisabled = true defer s.Close() defer c.Close()