Skip to content

fix: correctly close SMTP message and await response #14495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 30, 2024
Merged

fix: correctly close SMTP message and await response #14495

merged 1 commit into from
Aug 30, 2024

Conversation

dannykopping
Copy link
Contributor

We originally took heavy inspiration from Alertmanager's SMTP dispatch functionality due to the number of options we need to support.

In their dispatch code, they defer the call to message.Close but in fact this is necessary to complete the SMTP submission and await any errors; we do the same in our code.

NOTE: We use emersion/go-smtp as our SMTP library while Alertmanager uses net/smtp, but the former extends the latter, so the code that follows is effectively the same.

// coderd/notifications/dispatch/smtp.go
// Our client calls Data(), which returns a `dataCloser`.
message, err := c.Data()

...

// emersion/go-smtp@v0.21.2/client.go
func (c *Client) Data() (io.WriteCloser, error) {
	_, _, err := c.cmd(354, "DATA")
	if err != nil {
		return nil, err
	}
	return &dataCloser{c: c, WriteCloser: c.text.DotWriter()}, nil
}
...
func (d *dataCloser) Close() error {
	...
	if d.c.lmtp {
          ...
	} else {
		_, _, err := d.c.readResponse(250) // <---- this is the crucial line
		if err != nil {
			return err
		}
	}

	d.closed = true
	return nil
}

We cannot defer a call to Close because we depend on the error which is returned to determine if the message was successfully sent or not.

_, _, err := d.c.readResponse(250)

This line checks if the response was successful (docs); if not, we need to fail this dispatch and mark it for retry.

I discovered this bug by incorrectly configuring CODER_NOTIFICATIONS_EMAIL_FROM as my @coder.com address (which is backed by GSuite) and testing a dispatch via an outlook.com SMTP server. The server was rejecting the message with 554 5.2.252 SendAsDenied; <redacted>@outlook.com not allowed to send as <redacted>@coder.com, but the message was being marked successful, because we were not waiting for the actual outcome of the mail dispatch.

This has quite worrying implications for Alertmanager, and I plan to raise a PR in that repo too to address this.

@dannykopping
fix: correctly close SMTP message and await response
f659568 
Signed-off-by: Danny Kopping <danny@coder.com>
@dannykopping dannykopping self-assigned this Aug 30, 2024
@dannykopping dannykopping mentioned this pull request Aug 30, 2024
Closed
johnstcn
johnstcn approved these changes Aug 30, 2024
View reviewed changes
Copy link
Member

@johnstcn johnstcn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Nice catch!

coderd/notifications/dispatch/smtp_test.go
return &smtp.SMTPError{Code: 501, EnhancedCode: smtp.EnhancedCode{5, 5, 4}, Message: "Rejected!"}
},
expectedErr: "SMTP error 501: Rejected!",
retryable: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't this error non-retryable?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not apriori; it could be a temporary failure.

coderd/notifications/dispatch/smtp_util_test.go
Comment on lines +151 to +153
if s.backend.cfg.FailOnDataFn != nil {
return s.backend.cfg.FailOnDataFn()
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At some point in the future, would it make sense to test with something like mocktools/go-smtp-mock instead?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I evaluated it, but it does not support authentication.

@dannykopping dannykopping merged commit c90be9b into main Aug 30, 2024
28 checks passed
@dannykopping dannykopping deleted the dk/smtp-close branch August 30, 2024 09:37
@github-actions github-actions bot locked and limited conversation to collaborators Aug 30, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@johnstcn johnstcn johnstcn approved these changes

@mtojek mtojek Awaiting requested review from mtojek

Assignees

@dannykopping dannykopping

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dannykopping @johnstcn