public void IfStlsOptionalButSslRequiredByIpRangeForAuthThenAuthShouldFail()
{
var range = SingletonProvider<TestSetup>.Instance.GetApp().Settings.SecurityRanges.get_ItemByName("My computer");
range.RequireSSLTLSForAuth = true;
range.Save();
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25002);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
var loginResult = smtpClientSimulator.SendAndReceive("AUTH LOGIN\r\n");
Assert.IsTrue(loginResult.StartsWith("530 A SSL/TLS-connection is required for authentication.")); // must run starttls first.
}
public void IfStartTlsNotEnabledStartTlsShouldNotBeShownInEhloResponse()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25);
var data1 = smtpClientSimulator.Receive();
var data = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsFalse(data.Contains("STARTTLS"));
}
public void HandshakeCompletionShouldBeLoggedWithCipherDetails()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25002);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
smtpClientSimulator.SendAndReceive("STARTTLS\r\n");
smtpClientSimulator.HandshakeAsClient();
var capabilities2 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
var default_log = LogHandler.ReadCurrentDefaultLog();
Assert.IsTrue(default_log.Contains("Version: TLS"));
Assert.IsTrue(default_log.Contains("Cipher: "));
Assert.IsTrue(default_log.Contains("Bits: "));
}
public void TestTooManyInvalidCommandsHELO()
{
Settings settings = _settings;
settings.DisconnectInvalidClients = true;
settings.MaxNumberOfInvalidCommands = 3;
var sim = new TcpConnection();
sim.Connect(25);
sim.Receive(); // banner
sim.SendAndReceive("HELO\r\n");
sim.SendAndReceive("HELO\r\n");
sim.SendAndReceive("HELO\r\n");
sim.SendAndReceive("HELO\r\n");
var result = sim.SendAndReceive("HELO\r\n");
CustomAssert.IsTrue(result.Contains("Too many invalid commands"), result);
}
public void TestRcptToSyntax()
{
Account account1 = SingletonProvider<TestSetup>.Instance.AddAccount(_domain, "*****@*****.**", "test");
var oSMTP = new TcpConnection();
oSMTP.Connect(25);
CustomAssert.IsTrue(oSMTP.Receive().StartsWith("220"));
oSMTP.Send("HELO test\r\n");
CustomAssert.IsTrue(oSMTP.Receive().StartsWith("250"));
// A few tests of invalid syntax.
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM: <*****@*****.**>\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("RCPT TO: [email protected]>\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("RCPT TO: <[email protected]\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("RCPT TO <[email protected]\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("RCPT TO<[email protected]\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RCPT TO: <*****@*****.**>\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RCPT TO: [email protected]\r\n").StartsWith("250"));
oSMTP.Disconnect();
}
public void TestMailFromSyntaxValidation()
{
Account account1 = SingletonProvider<TestSetup>.Instance.AddAccount(_domain, "*****@*****.**", "test");
var oSMTP = new TcpConnection();
oSMTP.Connect(25);
CustomAssert.IsTrue(oSMTP.Receive().StartsWith("220"));
oSMTP.Send("HELO test\r\n");
CustomAssert.IsTrue(oSMTP.Receive().StartsWith("250"));
// A few tests of invalid syntax.
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: <[email protected]\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: [email protected]>\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: < [email protected] \r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: < \r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: > \r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM: <[email protected]\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM <*****@*****.**>\r\n").StartsWith("250"));
CustomAssert.IsFalse(oSMTP.SendAndReceive("MAIL FROM [email protected]\r\n").StartsWith("250"));
// Valid syntax, < and >
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM: <*****@*****.**>\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RSET\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM: [email protected]\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RSET\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM: [email protected] \r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RSET\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM:[email protected]\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RSET\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("MAIL FROM:<*****@*****.**>\r\n").StartsWith("250"));
CustomAssert.IsTrue(oSMTP.SendAndReceive("RSET\r\n").StartsWith("250"));
oSMTP.Disconnect();
}
private void AssertValidMailRcptToCommand(string comamnd)
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25);
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("220"));
smtpClientSimulator.Send("HELO test\r\n");
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("250"));
smtpClientSimulator.Send("MAIL FROM: <*****@*****.**>\r\n");
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("250"));
string result = smtpClientSimulator.SendAndReceive(comamnd + "\r\n");
smtpClientSimulator.Disconnect();
Assert.AreEqual("250 OK\r\n", result);
}
public void IfStlsRequiredLogonShouldSucceedIfStls()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25003);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
smtpClientSimulator.SendAndReceive("STARTTLS\r\n");
smtpClientSimulator.HandshakeAsClient();
var loginResult = smtpClientSimulator.SendAndReceive("AUTH LOGIN\r\n");
Assert.IsTrue(loginResult.StartsWith("334"));
}
public void IfStlsRequiredLogonShouldFailIfNoStls()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25003);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
var loginResult = smtpClientSimulator.SendAndReceive("AUTH LOGIN\r\n");
Assert.IsTrue(loginResult.StartsWith("530 Must issue STARTTLS first."));
}
public void TestTooManyInvalidCommandsHELOSuccesfullCommandDoesNotResetCounter()
{
Settings settings = _settings;
settings.DisconnectInvalidClients = true;
settings.MaxNumberOfInvalidCommands = 3;
var sim = new TcpConnection();
sim.Connect(25);
sim.Receive(); // banner
sim.SendAndReceive("HELO\r\n");
sim.SendAndReceive("HELO\r\n");
sim.SendAndReceive("HELO\r\n");
var result = sim.SendAndReceive("HELO test.com\r\n");
Assert.IsTrue(result.Contains("250 Hello."), result);
result = sim.SendAndReceive("HELO\r\n");
Assert.IsTrue(result.Contains("Too many invalid commands"), result);
}
public void StartTlsCommandShouldSwithToTls()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25002);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
smtpClientSimulator.SendAndReceive("STARTTLS\r\n");
smtpClientSimulator.HandshakeAsClient();
// Send a command over TLS.
var capabilities2 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsFalse(capabilities2.Contains("STARTTLS"));
// We're now on SSL.
}
public void TestRcptToSyntax()
{
SingletonProvider<TestSetup>.Instance.AddAccount(_domain, "*****@*****.**", "test");
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25);
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("220"));
smtpClientSimulator.Send("HELO test\r\n");
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("250"));
// A few tests of invalid syntax.
Assert.IsTrue(smtpClientSimulator.SendAndReceive("MAIL FROM: <*****@*****.**>\r\n").StartsWith("250"));
Assert.IsFalse(smtpClientSimulator.SendAndReceive("RCPT TO: [email protected]>\r\n").StartsWith("250"));
Assert.IsFalse(smtpClientSimulator.SendAndReceive("RCPT TO: <[email protected]\r\n").StartsWith("250"));
Assert.IsFalse(smtpClientSimulator.SendAndReceive("RCPT TO <[email protected]\r\n").StartsWith("250"));
Assert.IsFalse(smtpClientSimulator.SendAndReceive("RCPT TO<[email protected]\r\n").StartsWith("250"));
Assert.IsTrue(smtpClientSimulator.SendAndReceive("RCPT TO: <*****@*****.**>\r\n").StartsWith("250"));
Assert.IsTrue(smtpClientSimulator.SendAndReceive("RCPT TO: [email protected]\r\n").StartsWith("250"));
smtpClientSimulator.Disconnect();
}
public void MailFromWithAuthParameterShouldBeAccepted()
{
Account account1 = SingletonProvider<TestSetup>.Instance.AddAccount(_domain, "*****@*****.**", "test");
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25);
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("220"));
smtpClientSimulator.Send("HELO test\r\n");
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("250"));
// A few tests of invalid syntax.
Assert.IsTrue(smtpClientSimulator.SendAndReceive("MAIL FROM: <*****@*****.**> AUTH=<>\r\n").StartsWith("250"));
smtpClientSimulator.Disconnect();
}
public void TestTooManyInvalidCommandsUnknownRcptShouldBeCounted()
{
Settings settings = _settings;
settings.DisconnectInvalidClients = true;
settings.MaxNumberOfInvalidCommands = 3;
var sim = new TcpConnection();
sim.Connect(25);
sim.Receive(); // banner
sim.SendAndReceive("HELO example.com\r\n");
sim.SendAndReceive("MAIL FROM: [email protected]\r\n");
var result = sim.SendAndReceive("RCPT TO: [email protected]\r\n");
Assert.IsTrue(result.Contains("550 Unknown user"), result);
result = sim.SendAndReceive("RCPT TO: [email protected]\r\n");
Assert.IsTrue(result.Contains("550 Unknown user"), result);
result = sim.SendAndReceive("RCPT TO: [email protected]\r\n");
Assert.IsTrue(result.Contains("550 Unknown user"), result);
result = sim.SendAndReceive("RCPT TO: [email protected]\r\n");
Assert.IsTrue(result.Contains("Too many invalid commands"), result);
}
private void AssertInvalidMailFromCommand(string command, string expectedResponse)
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25);
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("220"));
smtpClientSimulator.Send("HELO test\r\n");
Assert.IsTrue(smtpClientSimulator.Receive().StartsWith("250"));
string result = smtpClientSimulator.SendAndReceive(command+ "\r\n");
smtpClientSimulator.Disconnect();
Assert.AreEqual(expectedResponse + "\r\n", result);
}
public void TestPlaintextCommandInjection()
{
var smtpClientSimulator = new TcpConnection();
smtpClientSimulator.Connect(25002);
var banner = smtpClientSimulator.Receive();
var capabilities1 = smtpClientSimulator.SendAndReceive("EHLO example.com\r\n");
Assert.IsTrue(capabilities1.Contains("STARTTLS"));
var resp = smtpClientSimulator.SendAndReceive("STARTTLS\r\nRSET\r\n");
Assert.AreEqual("220 Ready to start TLS\r\n", resp);
smtpClientSimulator.HandshakeAsClient();
var quitResponse = smtpClientSimulator.SendAndReceive("QUIT\r\n");
Assert.AreEqual(quitResponse, "221 goodbye\r\n");
var default_log = LogHandler.ReadCurrentDefaultLog();
Assert.IsFalse(default_log.Contains("RSET"));
}
