Expand allowedUsers email field to support comma-separated and domains

[JonathonReinhart]

This closes #8 and implements Option 1.

In addition to the unit tests, this has been tested in production with the following sample:

appsrv $2a$10$xxxxxxx [email protected],appsrv.internal.example.com

Then I attempted to send mail (sendmail):

• As root Linux user
  • sendmail -r [email protected] [email protected] ✔️
  • sendmail [email protected] (effective address: [email protected]) ✔️
  • sendmail -r [email protected] [email protected] ❌ (failed, as expected)
• As jreinhart Linux user:
  • sendmail [email protected] (effective address: [email protected]) ✔️

[decke]

You've lost the strings.ToLower(addr) case but i think this should be done in the new addrAllowed()

[JonathonReinhart]

Good catch. This was a result of the refactor. I've fixed that, and added a test (cabf848).

[decke]

Since addr is the sender email it shoud be valid that the address does not contain a domain and @ yet.

[JonathonReinhart]

Per below, I was unaware that "local" addresses could reach smtprelay. Updated (see below).

[decke]

Suggested change

	addr = strings.ToLower(addr)

[JonathonReinhart]

Applied (earlier in the function, so domain is lowercased, too).

[decke]

This is now a conflict because the absence of @ can be because it's a domain or a local address without domain yet.

[JonathonReinhart]

Per below, I was unaware that "local" addresses could reach smtprelay. Updated (see below).

[JonathonReinhart]

In two places in addrAllowed(), I missed the fact that addr (as passed to senderChecker) could be a local address without a domain. I assumed that an SMTP Relay (MTA) would only receive mail that already had a full [email protected] address.

In that case, when would the @domain.com part be added? By the upstream smarthost to which this server relays the mail? When I try this with postfix sendmail -r somebody, local postfix is the one that appends @domain.com, due to:

$ postconf  | grep 'origin\>'
append_at_myorigin = yes
myorigin = $myhostname

Anyway, with that fact, you are correct: my allowedUsers format is ambiguous (john.doe and gmail.com are indistinguishable).

I think there is an easy fix: To specify an entire (sub)domain, you simply prefix with an @. So then:

appsrv hash [email protected],@appsrv.example.com

Means:

• Can send as [email protected]
• Can send as (anyone)@appsrv.example.com

Does that sound reasonable?

[JonathonReinhart]

Commit c980683 addresses the problems by changing the anyone-at-domain specification to require an @ in front.

[decke]

That looks good now. Thanks a lot for your contribution!

[JonathonReinhart]

Thanks for quickly reviewing and merging! Do you think it would make sense to tag/release 1.5.0 with these latest changes? I've been running v1.4.0-jr3 local releases 😄

Also, I noticed that you seem to have used the "Squash and merge" feature when you merged this. Would you prefer I squash future contributions into a single commit?

[decke]

Yes, the plan is to release 1.5.0 quite soon.

If possible please keep it as separate commits since that is a lot easier to review but in that case the commits were all about one feature so it made sense to squash them.

[JonathonReinhart]

If possible please keep it as separate commits since that is a lot easier to review but in that case the commits were all about one feature so it made sense to squash them.

👍 As someone who spends much of their day reviewing code, I completely agree. Having clear, concise commits makes code review so much easier.

Yes, the plan is to release 1.5.0 quite soon.

Great, thanks. I've made all of the changes I'd been considering, and v1.4.0 (plus my 3 PRs) is running well in production. So I wouldn't expect any more from me in the short term. Once v1.5.0 is released, I'll build and update my production server.

Thanks for smtprelay which fit my needs very nicely, and thanks for your quick and thorough review+merges!