Haraka 2.8.28 → 3.0.1

package/plugins/mail_from.is_resolvable.js

@@ -11,36 +11,36 @@ exports.register = function () {
 }
 
 exports.load_ini = function () {
-    const plugin = this;
-    plugin.cfg = plugin.config.get('mail_from.is_resolvable.ini', {
+    this.cfg = this.config.get('mail_from.is_resolvable.ini', {
         booleans: [
             '-main.allow_mx_ip',
             '+main.reject_no_mx',
         ],
     }, () => {
-        plugin.load_ini();
+        this.load_ini();
     });
 
-    if (isNaN(plugin.cfg.main.timeout)) {
-        plugin.cfg.main.timeout = 29;
+    if (isNaN(this.cfg.main.timeout)) {
+        this.cfg.main.timeout = 29;
     }
 
-    if (plugin.timeout) {
-        if (plugin.timeout <= plugin.cfg.main.timeout) {
-            plugin.cfg.main.timeout = plugin.timeout - 1;
-            plugin.logwarn(`reducing plugin timeout to ${plugin.cfg.main.timeout}s`);
+    if (this.timeout) {
+        if (this.timeout <= this.cfg.main.timeout) {
+            this.cfg.main.timeout = this.timeout - 1;
+            this.logwarn(`reducing plugin timeout to ${this.cfg.main.timeout}s`);
         }
     }
 
-    plugin.re_bogus_ip = new RegExp(plugin.cfg.main.re_bogus_ip ||
+    this.re_bogus_ip = new RegExp(this.cfg.main.re_bogus_ip ||
             '^(?:0\\.0\\.0\\.0|255\\.255\\.255\\.255|127\\.)' );
 }
 
 exports.hook_mail = function (next, connection, params) {
     const plugin    = this;
     const mail_from = params[0];
-    const txn       = connection.transaction;
-    const results   = txn.results;
+    const txn       = connection?.transaction;
+    if (!txn) return next();
+    const { results }   = txn;
 
     // Check for MAIL FROM without an @ first - ignore those here
     if (!mail_from.host) {
@@ -83,7 +83,7 @@ exports.hook_mail = function (next, connection, params) {
             if (pending_queries !== 0) return;
 
             records = Object.keys(records);
-            if (records && records.length) {
+            if (records?.length) {
                 connection.logdebug(plugin, `${domain}: ${records}`);
                 results.add(plugin, {pass: 'has_fwd_dns'});
                 return mxDone();
@@ -114,21 +114,21 @@ exports.hook_mail = function (next, connection, params) {
                     return;
                 }
                 connection.logdebug(plugin, `${domain}: MX ${addr.priority} ${addr.exchange} => ${addresses2}`);
-                for (let i=0; i < addresses2.length; i++) {
+                for (const element of addresses2) {
                     // Ignore anything obviously bogus
-                    if (net.isIPv4(addresses2[i])){
-                        if (plugin.re_bogus_ip.test(addresses2[i])) {
-                            connection.logdebug(plugin, `${addr.exchange}: discarding ${addresses2[i]}`);
+                    if (net.isIPv4(element)){
+                        if (plugin.re_bogus_ip.test(element)) {
+                            connection.logdebug(plugin, `${addr.exchange}: discarding ${element}`);
                             continue;
                         }
                     }
-                    if (net.isIPv6(addresses2[i])){
-                        if (net_utils.ipv6_bogus(addresses2[i])) {
-                            connection.logdebug(plugin, `${addr.exchange}: discarding ${addresses2[i]}`);
+                    if (net.isIPv6(element)){
+                        if (net_utils.ipv6_bogus(element)) {
+                            connection.logdebug(plugin, `${addr.exchange}: discarding ${element}`);
                             continue;
                         }
                     }
-                    records[addresses2[i]] = 1;
+                    records[element] = 1;
                 }
                 check_results();
             });
@@ -139,11 +139,12 @@ exports.hook_mail = function (next, connection, params) {
 }
 
 exports.mxErr = function (connection, domain, type, err, mxDone) {
-    const plugin = this;
-    const txn = connection.transaction;
+
+    const txn = connection?.transaction;
     if (!txn) return;
-    txn.results.add(plugin, {msg: `${domain}:${type}:${err.message}`});
-    connection.logdebug(plugin, `${domain}:${type} => ${err.message}`);
+
+    txn.results.add(this, {msg: `${domain}:${type}:${err.message}`});
+    connection.logdebug(this, `${domain}:${type} => ${err.message}`);
     switch (err.code) {
         case dns.NXDOMAIN:
         case dns.NOTFOUND:
@@ -159,31 +160,30 @@ exports.mxErr = function (connection, domain, type, err, mxDone) {
 
 // IS: IPv6 compatible
 exports.implicit_mx = function (connection, domain, mxDone) {
-    const plugin = this;
-    const txn = connection.transaction;
+    const txn = connection?.transaction;
+    if (!txn) return;
 
     net_utils.get_ips_by_host(domain, (err, addresses) => {
         if (!txn) return;
         if (!addresses || !addresses.length) {
-            txn.results.add(plugin, {fail: 'has_fwd_dns'});
-            return mxDone(((plugin.cfg.main.reject_no_mx) ? DENY : DENYSOFT),
+            txn.results.add(this, {fail: 'has_fwd_dns'});
+            return mxDone(((this.cfg.main.reject_no_mx) ? DENY : DENYSOFT),
                 'No MX for your FROM address');
         }
 
-        connection.logdebug(plugin, `${domain}: A/AAAA => ${addresses}`);
+        connection.logdebug(this, `${domain}: A/AAAA => ${addresses}`);
         let records = {};
-        for (let i=0; i < addresses.length; i++) {
-            const addr = addresses[i];
+        for (const addr of addresses) {
             // Ignore anything obviously bogus
             if (net.isIPv4(addr)) {
-                if (plugin.re_bogus_ip.test(addr)) {
-                    connection.logdebug(plugin, `${domain}: discarding ${addr}`);
+                if (this.re_bogus_ip.test(addr)) {
+                    connection.logdebug(this, `${domain}: discarding ${addr}`);
                     continue;
                 }
             }
             if (net.isIPv6(addr)) {
                 if (net_utils.ipv6_bogus(addr)) {
-                    connection.logdebug(plugin, `${domain}: discarding ${addr}`);
+                    connection.logdebug(this, `${domain}: discarding ${addr}`);
                     continue;
                 }
             }
@@ -191,12 +191,12 @@ exports.implicit_mx = function (connection, domain, mxDone) {
         }
 
         records = Object.keys(records);
-        if (records && records.length) {
-            txn.results.add(plugin, {pass: 'implicit_mx'});
+        if (records?.length) {
+            txn.results.add(this, {pass: 'implicit_mx'});
             return mxDone();
         }
 
-        txn.results.add(plugin, {fail: `implicit_mx(${domain})`});
+        txn.results.add(this, {fail: `implicit_mx(${domain})`});
         return mxDone();
     });
 }

package/plugins/messagesniffer.js

@@ -13,27 +13,26 @@ exports.register = function () {
 }
 
 exports.hook_connect = function (next, connection) {
-    const self = this;
     const cfg = this.config.get('messagesniffer.ini');
-
     // Skip any private IP ranges
-    if (connection.remote.is_private) return next();
+    // Skip connection.transaction undefined
+    if (connection?.remote?.is_private || !connection?.transaction) return next();
 
     // Retrieve GBUdb information for the connecting IP
     SNFClient(`<snf><xci><gbudb><test ip='${connection.remote.ip}'/></gbudb></xci></snf>`, (err, result) => {
         if (err) {
-            connection.logerror(self, err.message);
+            connection.logerror(this, err.message);
             return next();
         }
         let match;
         if ((match = /<result ((?:(?!\/>)[^])+)\/>/.exec(result))) {
             // Log result
-            connection.loginfo(self, match[1]);
+            connection.loginfo(this, match[1]);
             // Populate result
             const gbudb = {};
             const split = match[1].toString().split(/\s+/);
-            for (let i=0; i<split.length; i++) {
-                const split2 = split[i].split(/=/);
+            for (const element of split) {
+                const split2 = element.split(/=/);
                 gbudb[split2[0]] = split2[1].replace(/(?:^'|'$)/g,'');
             }
             // Set notes for other plugins
@@ -52,8 +51,8 @@ exports.hook_connect = function (next, connection) {
                 case 'caution':
                 case 'black':
                 case 'truncate':
-                    if (cfg.gbudb && cfg.gbudb[gbudb.range]) {
-                        connection.loginfo(self, `range=${gbudb.range} action=${cfg.gbudb[gbudb.range]}`);
+                    if (cfg.gbudb?.[gbudb.range]) {
+                        connection.loginfo(this, `range=${gbudb.range} action=${cfg.gbudb[gbudb.range]}`);
                         switch (cfg.gbudb[gbudb.range]) {
                             case 'accept':
                                 // Whitelist
@@ -89,20 +88,19 @@ exports.hook_connect = function (next, connection) {
                     return next();
                 default:
                     // Unknown
-                    connection.logerror(self, `Unknown GBUdb range: ${gbudb.range}`);
-                    return next();
+                    connection.logerror(this, `Unknown GBUdb range: ${gbudb.range}`);
+                    next();
             }
         }
         else {
-            return next();
+            next();
         }
     });
 }
 
 exports.hook_data_post = function (next, connection) {
-    const self = this;
     const cfg = this.config.get('messagesniffer.ini');
-    const txn = connection.transaction;
+    const txn = connection?.transaction;
     if (!txn) return next();
 
     function tag_subject (){
@@ -120,7 +118,7 @@ exports.hook_data_post = function (next, connection) {
     }
 
     // Check GBUdb results
-    if (connection.notes.gbudb && connection.notes.gbudb.action) {
+    if (connection.notes.gbudb?.action) {
         switch (connection.notes.gbudb.action) {
             case 'accept':
             case 'quarantine':
@@ -137,8 +135,8 @@ exports.hook_data_post = function (next, connection) {
     const ws = fs.createWriteStream(tmpfile);
 
     ws.once('error', err => {
-        connection.logerror(self, `Error writing temporary file: ${err.message}`);
-        return next();
+        connection.logerror(this, `Error writing temporary file: ${err.message}`);
+        next();
     });
 
     ws.once('close', () => {
@@ -162,8 +160,7 @@ exports.hook_data_post = function (next, connection) {
                     // Parse the returned headers and add them to the message
                     const xhdr = match[1].split('\r\n');
                     const headers = [];
-                    for (let i=0; i < xhdr.length; i++) {
-                        const line = xhdr[i];
+                    for (const line of xhdr) {
                         // Check for continuation
                         if (/^\s/.test(line)) {
                             // Continuation; add to previous header value
@@ -180,8 +177,7 @@ exports.hook_data_post = function (next, connection) {
                         }
                     }
                     // Add headers to message
-                    for (let h=0; h < headers.length; h++) {
-                        const header = headers[h];
+                    for (const header of headers) {
                         // If present save the group for logging purposes
                         if (header.header === 'X-MessageSniffer-SNF-Group') {
                             group = header.value.replace(/\r?\n/gm, '');
@@ -191,11 +187,11 @@ exports.hook_data_post = function (next, connection) {
                             // Retrieve IP address determined by GBUdb
                             const gbudb_split = header.value.split(/,\s*/);
                             gbudb_ip = gbudb_split[1];
-                            connection.logdebug(self, `GBUdb: ${header.value.replace(/\r?\n/gm, '')}`);
+                            connection.logdebug(this, `GBUdb: ${header.value.replace(/\r?\n/gm, '')}`);
                         }
                         if (header.header === 'X-MessageSniffer-Rules') {
                             rules = header.value.replace(/\r?\n/gm, '').replace(/\s+/g,' ').trim();
-                            connection.logdebug(self, `rules: ${rules}`);
+                            connection.logdebug(this, `rules: ${rules}`);
                         }
                         // Remove any existing headers
                         txn.remove_header(header.header);
@@ -203,7 +199,7 @@ exports.hook_data_post = function (next, connection) {
                     }
                 }
                 // Summary log
-                connection.loginfo(self, `result: time=${elapsed}ms code=${code
+                connection.loginfo(this, `result: time=${elapsed}ms code=${code
                 }${gbudb_ip ? ` ip="${gbudb_ip}"` : ''
                 }${group ? ` group="${group}"` : ''
                 }${rules ? ` rule_count=${rules.split(/\s+/).length}` : ''
@@ -249,7 +245,7 @@ exports.hook_data_post = function (next, connection) {
                                         action = cfg.message.nonzero;
                                     }
                                     else {
-                                        return next(DENY, `${'Spam detected by MessageSniffer (code='}${code} group=${group})`);
+                                        return next(DENY, `Spam detected by MessageSniffer (code=${code} group=${group})`);
                                     }
                                 }
                             }
@@ -258,7 +254,7 @@ exports.hook_data_post = function (next, connection) {
                     else {
                         // Default with no configuration
                         if (code > 1 && code !== 40) {
-                            return next(DENY, `${'Spam detected by MessageSniffer (code='}${code} group=${group})`);
+                            return next(DENY, `Spam detected by MessageSniffer (code=${code} group=${group})`);
                         }
                         else {
                             return next();
@@ -318,7 +314,7 @@ exports.hook_data_post = function (next, connection) {
             }
             else {
                 // Something must have gone wrong
-                connection.logwarn(self, `unexpected response: ${result}`);
+                connection.logwarn(this, `unexpected response: ${result}`);
             }
             return next();
         });
@@ -329,7 +325,6 @@ exports.hook_data_post = function (next, connection) {
 }
 
 exports.hook_disconnect = function (next, connection) {
-    const self = this;
     const cfg = this.config.get('messagesniffer.ini');
 
     // Train GBUdb on rejected messages and recipients
@@ -338,16 +333,16 @@ exports.hook_disconnect = function (next, connection) {
         const snfreq = `<snf><xci><gbudb><bad ip='${connection.remote.ip}'/></gbudb></xci></snf>`;
         SNFClient(snfreq, (err, result) => {
             if (err) {
-                connection.logerror(self, err.message);
+                connection.logerror(this, err.message);
             }
             else {
-                connection.logdebug(self, `GBUdb bad encounter added for ${connection.remote.ip}`);
+                connection.logdebug(this, `GBUdb bad encounter added for ${connection.remote.ip}`);
             }
-            return next();
+            next();
         });
     }
     else {
-        return next();
+        next();
     }
 }
 
@@ -357,7 +352,7 @@ function SNFClient (req, cb) {
     sock.setTimeout(30 * 1000); // Connection timeout
     sock.once('timeout', function () {
         this.destroy();
-        return cb(new Error('connection timed out'));
+        cb(new Error('connection timed out'));
     });
     sock.once('error', err => cb(err));
     sock.once('connect', function () {
@@ -372,16 +367,14 @@ function SNFClient (req, cb) {
     });
     sock.once('end', () => {
         // Check for result
+        if (/<result /.exec(result)) return cb(null, result);
+
         let match;
-        if (/<result /.exec(result)) {
-            return cb(null, result);
-        }
-        else if ((match = /<error message='([^']+)'/.exec(result))) {
+        if ((match = /<error message='([^']+)'/.exec(result))) {
             return cb(new Error(match[1]));
         }
-        else {
-            return cb(new Error(`unexpected result: ${result}`));
-        }
+
+        cb(new Error(`unexpected result: ${result}`));
     });
     // Start the sequence
     sock.connect(port);

package/plugins/prevent_credential_leaks.js

@@ -6,8 +6,10 @@ function escapeRegExp (str) {
 }
 
 exports.hook_data = (next, connection) => {
-    if (connection.notes.auth_user && connection.notes.auth_passwd) {
-        connection.transaction.parse_body = true;
+    const { notes, transaction } = connection ?? {}
+
+    if (transaction && notes?.auth_user && notes.auth_passwd) {
+        transaction.parse_body = true;
     }
     next();
 }
@@ -19,8 +21,8 @@ exports.hook_data_post = (next, connection) => {
 
     let user = connection.notes.auth_user;
     let domain;
-    let idx;
-    if ((idx = user.indexOf('@'))) {
+    const idx = user.indexOf('@')
+    if (idx) {
         // If the username is qualified (e.g. user@domain.com)
         // then we make the @domain.com part optional in the regexp.
         domain = user.substr(idx);
@@ -34,7 +36,7 @@ exports.hook_data_post = (next, connection) => {
                                    (domain ? `(?:${escapeRegExp(domain)})?` : '') +
                                    bound_regexp, 'im');
 
-    if (look_for_credentials(user_regexp, passwd_regexp, connection.transaction.body)) {
+    if (look_for_credentials(user_regexp, passwd_regexp, connection?.transaction?.body)) {
         return next(DENY, "Credential leak detected: never give out your username/password to anyone!");
     }
 

package/plugins/process_title.js

@@ -59,7 +59,7 @@ exports.hook_init_master = function (next, server) {
         process.title = title;
         server.notes.pt_concurrent_cluster = {};
         server.notes.pt_new_out_stats = [0,0,0,0];
-        const cluster = server.cluster;
+        const { cluster } = server;
         const recvMsg = msg => {
             let count;
             switch (msg.event) {
@@ -120,7 +120,7 @@ exports.hook_init_master = function (next, server) {
         });
     }
     this._interval = setupInterval(title, server);
-    return next();
+    next();
 }
 
 exports.hook_init_child = function (next, server) {
@@ -134,10 +134,9 @@ exports.hook_init_child = function (next, server) {
     server.notes.pt_messages = 0;
     server.notes.pt_mps_diff = 0;
     server.notes.pt_mps_max = 0;
-    const title = 'Haraka (worker)';
-    process.title = title;
-    this._interval = setupInterval(title, server);
-    return next();
+    process.title = 'Haraka (worker)';
+    this._interval = setupInterval(process.title, server);
+    next();
 }
 
 exports.shutdown = function () {
@@ -146,19 +145,19 @@ exports.shutdown = function () {
 }
 
 exports.hook_connect_init = (next, connection) => {
-    const server = connection.server;
+    const { server } = connection;
     connection.notes.pt_connect_run = true;
     if (server.cluster) {
-        const worker = server.cluster.worker;
+        const { worker } = server.cluster;
         worker.send({event: 'process_title.connect', wid: worker.id});
     }
     server.notes.pt_connections++;
     server.notes.pt_concurrent++;
-    return next();
+    next();
 }
 
 exports.hook_disconnect = (next, connection) => {
-    const server = connection.server;
+    const { server } = connection;
     // Check that the hook above ran
     // It might not if the disconnection is immediate
     // echo "QUIT" | nc localhost 25
@@ -177,25 +176,25 @@ exports.hook_disconnect = (next, connection) => {
         worker.send({event: 'process_title.disconnect', wid: worker.id});
     }
     server.notes.pt_concurrent--;
-    return next();
+    next();
 }
 
 exports.hook_rcpt = (next, connection) => {
-    const server = connection.server;
+    const { server } = connection;
     if (server.cluster) {
-        const worker = server.cluster.worker;
+        const { worker } = server.cluster;
         worker.send({event: 'process_title.recipient'});
     }
     server.notes.pt_recipients++;
-    return next();
+    next();
 }
 
 exports.hook_data = (next, connection) => {
-    const server = connection.server;
+    const { server } = connection;
     if (server.cluster) {
-        const worker = server.cluster.worker;
+        const { worker } = server.cluster;
         worker.send({event: 'process_title.message'});
     }
     server.notes.pt_messages++;
-    return next();
+    next();
 }

package/plugins/queue/deliver.js

@@ -5,9 +5,9 @@
 const outbound = require('./outbound');
 
 exports.hook_queue_outbound = (next, connection) => {
-    if (!connection.relaying) {
+    if (!connection?.relaying) {
         return next(); // we're not relaying so don't deliver outbound
     }
 
-    outbound.send_email(connection.transaction, next);
+    outbound.send_email(connection?.transaction, next);
 }

package/plugins/queue/lmtp.js

@@ -10,20 +10,18 @@ exports.register = function () {
 }
 
 exports.load_lmtp_ini = function () {
-    const plugin = this;
-    plugin.cfg = plugin.config.get('lmtp.ini', () => {
-        plugin.load_lmtp_ini();
+    this.cfg = this.config.get('lmtp.ini', () => {
+        this.load_lmtp_ini();
     })
 }
 
 exports.hook_get_mx = function (next, hmail, domain) {
-    const plugin = this;
 
     if (!hmail.todo.notes.using_lmtp) return next();
 
     const mx = { using_lmtp: true, priority: 0, exchange: '127.0.0.1' };
 
-    const section = plugin.cfg[domain] || plugin.cfg.main;
+    const section = this.cfg[domain] || this.cfg.main;
     if (section.path) {
         Object.assign(mx, { path: section.path });
         return next(OK, mx);
@@ -38,7 +36,8 @@ exports.hook_get_mx = function (next, hmail, domain) {
 }
 
 exports.hook_queue = (next, connection) => {
-    const txn = connection.transaction;
+    const txn = connection?.transaction;
+    if (!txn) return next();
 
     const q_wants = txn.notes.get('queue.wants');
     if (q_wants && q_wants !== 'lmtp') return next();

package/plugins/queue/qmail-queue.js

@@ -4,37 +4,36 @@ const childproc = require('child_process');
 const fs        = require('fs');
 
 exports.register = function () {
-    const plugin = this;
 
-    plugin.queue_exec = plugin.config.get('qmail-queue.path') || '/var/qmail/bin/qmail-queue';
-    if (!fs.existsSync(plugin.queue_exec)) {
-        throw new Error(`Cannot find qmail-queue binary (${plugin.queue_exec})`);
+    this.queue_exec = this.config.get('qmail-queue.path') || '/var/qmail/bin/qmail-queue';
+    if (!fs.existsSync(this.queue_exec)) {
+        throw new Error(`Cannot find qmail-queue binary (${this.queue_exec})`);
     }
 
-    plugin.load_qmail_queue_ini();
+    this.load_qmail_queue_ini();
 
-    if (plugin.cfg.main.enable_outbound) {
-        plugin.register_hook('queue_outbound', 'hook_queue');
+    if (this.cfg.main.enable_outbound) {
+        this.register_hook('queue_outbound', 'hook_queue');
     }
 }
 
 exports.load_qmail_queue_ini = function () {
-    const plugin = this;
 
-    plugin.cfg = plugin.config.get('qmail-queue.ini', {
+    this.cfg = this.config.get('qmail-queue.ini', {
         booleans: [
             '+main.enable_outbound',
         ],
     },
     () => {
-        plugin.load_qmail_queue_ini();
+        this.load_qmail_queue_ini();
     });
 }
 
 exports.hook_queue = function (next, connection) {
     const plugin = this;
 
-    const txn = connection.transaction;
+    const txn = connection?.transaction;
+    if (!txn) return next();
 
     const q_wants = txn.notes.get('queue.wants');
     if (q_wants && q_wants !== 'qmail-queue') return next();
@@ -58,9 +57,8 @@ exports.hook_queue = function (next, connection) {
     connection.transaction.message_stream.pipe(qmail_queue.stdin, { line_endings: '\n' });
 
     qmail_queue.stdin.on('close', () => {
-        if (!connection.transaction) {
+        if (!connection?.transaction) {
             plugin.logerror("Transaction went away while delivering mail to qmail-queue");
-
             try {
                 qmail_queue.stdout.end();
             }