Merge pull request #200 from immjs/patch-1

andris9 · web-flow · commit d4e1cfdc8e47 · 2023-10-24T13:17:43.000+03:00
Do not impose an unauthenticated command limit when auth is optional
diff --git a/lib/smtp-connection.js b/lib/smtp-connection.js
@@ -496,7 +496,7 @@ class SMTPConnection extends EventEmitter {
         }
 
         // block users that try to fiddle around without logging in
-        if (!this.session.user && this._isSupported('AUTH') && commandName !== 'AUTH' && this._maxAllowedUnauthenticatedCommands !== false) {
+        if (!this.session.user && this._isSupported('AUTH') && !this._server.options.authOptional && commandName !== 'AUTH' && this._maxAllowedUnauthenticatedCommands !== false) {
             this._unauthenticatedCommands++;
             if (this._unauthenticatedCommands >= this._maxAllowedUnauthenticatedCommands) {
                 return this.send(421, 'Error: too many unauthenticated commands');

Original file line number	Diff line number	Diff line change
`@@ -496,7 +496,7 @@ class SMTPConnection extends EventEmitter {`
`496`	`496`	`}`
`497`	`497`
`498`	`498`	`// block users that try to fiddle around without logging in`
`499`		`- if (!this.session.user && this._isSupported('AUTH') && commandName !== 'AUTH' && this._maxAllowedUnauthenticatedCommands !== false) {`
	`499`	`+ if (!this.session.user && this._isSupported('AUTH') && !this._server.options.authOptional && commandName !== 'AUTH' && this._maxAllowedUnauthenticatedCommands !== false) {`
`500`	`500`	`this._unauthenticatedCommands++;`
`501`	`501`	`if (this._unauthenticatedCommands >= this._maxAllowedUnauthenticatedCommands) {`
`502`	`502`	`return this.send(421, 'Error: too many unauthenticated commands');`