Add configurable max message size enforcement (#254)

* Add configurable max message size enforcement

Introduces IMaxMessageSizeOptions, MaxMessageSizeOptions, and MaxMessageSizeHandling to allow configuration of maximum allowed message size and handling strategy. Updates relevant protocol and IO classes to enforce the limit, throwing MaxMessageSizeExceededException when exceeded in strict mode. Adjusts SmtpServerOptionsBuilder and ISmtpServerOptions to use the new options, and adds a test for strict enforcement.

Based on this existing pull request of @boba2fett
- https://github.com/cosullivan/SmtpServer/pull/213/files#diff-3ef8e28e7d91fa5d1ac55f908d172fc69242455c3a25d0a009c79cadc71916a3

* cleanup params

* Change to SmtpResponseException

Author: tinohager

Src/SmtpServer.Tests/PipeReaderTests.cs

@@ -24,8 +24,10 @@ public async Task CanReadLineAndRemoveTrailingCRLF()
             // arrange
             var reader = CreatePipeReader("abcde\r\n");
 
+            var maxMessageSizeOptions = new MaxMessageSizeOptions();
+
             // act
-            var line = await reader.ReadLineAsync(Encoding.ASCII).ConfigureAwait(false);
+            var line = await reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions).ConfigureAwait(false);
 
             // assert
             Assert.Equal(5, line.Length);
@@ -39,8 +41,10 @@ public async Task CanReadLinesWithInconsistentCRLF()
             // arrange
             var reader = CreatePipeReader("ab\rcd\ne\r\n");
 
+            var maxMessageSizeOptions = new MaxMessageSizeOptions();
+
             // act
-            var line = await reader.ReadLineAsync(Encoding.ASCII).ConfigureAwait(false);
+            var line = await reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions).ConfigureAwait(false);
 
             // assert
             Assert.Equal(7, line.Length);
@@ -54,10 +58,12 @@ public async Task CanReadMultipleLines()
             // arrange
             var reader = CreatePipeReader("abcde\r\nfghij\r\nklmno\r\n");
 
+            var maxMessageSizeOptions = new MaxMessageSizeOptions();
+
             // act
-            var line1 = await reader.ReadLineAsync(Encoding.ASCII).ConfigureAwait(false);
-            var line2 = await reader.ReadLineAsync(Encoding.ASCII).ConfigureAwait(false);
-            var line3 = await reader.ReadLineAsync(Encoding.ASCII).ConfigureAwait(false);
+            var line1 = await reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions).ConfigureAwait(false);
+            var line2 = await reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions).ConfigureAwait(false);
+            var line3 = await reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions).ConfigureAwait(false);
 
             // assert
             Assert.Equal("abcde", line1);
@@ -71,6 +77,8 @@ public async Task CanReadBlockWithDotStuffingRemoved()
             // arrange
             var reader = CreatePipeReader("abcd\r\n..1234\r\n.\r\n");
 
+            var maxMessageSizeOptions = new MaxMessageSizeOptions();
+
             // act
             var text = "";
             await reader.ReadDotBlockAsync(
@@ -79,7 +87,8 @@ await reader.ReadDotBlockAsync(
                     text = StringUtil.Create(buffer);
 
                     return Task.CompletedTask;
-                });
+                },
+                maxMessageSizeOptions);
 
             // assert
             Assert.Equal("abcd\r\n.1234", text);

Src/SmtpServer.Tests/SmtpServerTests.cs

@@ -1,4 +1,5 @@
 using MailKit;
+using MailKit.Net.Smtp;
 using SmtpServer.Authentication;
 using SmtpServer.ComponentModel;
 using SmtpServer.Mail;
@@ -9,6 +10,7 @@
 using System;
 using System.Diagnostics;
 using System.IO;
+using System.Linq;
 using System.Net;
 using System.Net.Security;
 using System.Net.Sockets;
@@ -162,6 +164,20 @@ public void WillTimeoutWaitingForCommand()
             }
         }
 
+        [Fact]
+        public void WillTerminateDueToTooMuchData()
+        {
+            var maxAcceptedMailMessageSize = 50;
+
+            var largeMailContent = string.Concat(Enumerable.Repeat("Too long for 1024 bytes", 1000));
+            using var mailMessage = MailClient.Message(from: "[email protected]", to: "[email protected]", text: largeMailContent);
+
+            using (CreateServer(c => c.MaxMessageSize(maxAcceptedMailMessageSize, MaxMessageSizeHandling.Strict)))
+            {
+                Assert.Throws<SmtpCommandException>(() => MailClient.Send(mailMessage));
+            }
+        }
+
         [Fact]
         public async Task WillSessionTimeoutDuringMailDataTransmission()
         {

Src/SmtpServer/IMaxMessageSizeOptions.cs

@@ -0,0 +1,19 @@
+namespace SmtpServer
+{
+    /// <summary>
+    /// Defines configuration options for enforcing a maximum allowed message size according to the SMTP SIZE extension (RFC 1870).
+    /// Includes the size limit in bytes and the handling strategy for oversized messages.
+    /// </summary>
+    public interface IMaxMessageSizeOptions
+    {
+        /// <summary>
+        /// Gets or sets the maximum allowed message size in bytes.
+        /// </summary>
+        int Length { get; }
+
+        /// <summary>
+        /// Gets the handling type an oversized message.
+        /// </summary>
+        MaxMessageSizeHandling Handling { get; }
+    }
+}

Src/SmtpServer/IO/PipeReaderExtensions.cs

@@ -4,6 +4,7 @@
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
+using SmtpServer.Protocol;
 using SmtpServer.Text;
 
 namespace SmtpServer.IO
@@ -21,9 +22,10 @@ internal static class PipeReaderExtensions
         /// <param name="reader">The reader to read from.</param>
         /// <param name="sequence">The sequence to find to terminate the read operation.</param>
         /// <param name="func">The callback to execute to process the buffer.</param>
+        /// <param name="maxMessageSizeOptions">Handling of MaxMessageSize.</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>The value that was read from the buffer.</returns>
-        static async ValueTask ReadUntilAsync(PipeReader reader, byte[] sequence, Func<ReadOnlySequence<byte>, Task> func, CancellationToken cancellationToken)
+        static async ValueTask ReadUntilAsync(PipeReader reader, byte[] sequence, Func<ReadOnlySequence<byte>, Task> func, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken)
         {
             if (reader == null)
             {
@@ -35,6 +37,11 @@ static async ValueTask ReadUntilAsync(PipeReader reader, byte[] sequence, Func<R
 
             while (read.IsCanceled == false && read.IsCompleted == false && read.Buffer.IsEmpty == false)
             {
+                if (maxMessageSizeOptions.Handling == MaxMessageSizeHandling.Strict && read.Buffer.Length > maxMessageSizeOptions.Length)
+                {
+                    throw new SmtpResponseException(SmtpResponse.MaxMessageSizeExceeded, true);
+                }
+
                 if (read.Buffer.TryFind(sequence, ref head, out var tail))
                 {
                     try
@@ -60,42 +67,45 @@ static async ValueTask ReadUntilAsync(PipeReader reader, byte[] sequence, Func<R
         /// </summary>
         /// <param name="reader">The reader to read from.</param>
         /// <param name="func">The action to process the buffer.</param>
+        /// <param name="maxMessageSizeOptions">Handling of MaxMessageSize.</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>A task that can be used to wait on the operation on complete.</returns>
-        internal static ValueTask ReadLineAsync(this PipeReader reader, Func<ReadOnlySequence<byte>, Task> func, CancellationToken cancellationToken = default)
+        internal static ValueTask ReadLineAsync(this PipeReader reader, Func<ReadOnlySequence<byte>, Task> func, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken = default)
         {
             if (reader == null)
             {
                 throw new ArgumentNullException(nameof(reader));
             }
 
-            return ReadUntilAsync(reader, CRLF, func, cancellationToken);
+            return ReadUntilAsync(reader, CRLF, func, maxMessageSizeOptions, cancellationToken);
         }
 
         /// <summary>
         /// Reads a line from the reader.
         /// </summary>
         /// <param name="reader">The reader to read from.</param>
+        /// <param name="maxMessageSizeOptions">Handling of MaxMessageSize.</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>A task that can be used to wait on the operation on complete.</returns>
-        internal static ValueTask<string> ReadLineAsync(this PipeReader reader, CancellationToken cancellationToken = default)
+        internal static ValueTask<string> ReadLineAsync(this PipeReader reader, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken = default)
         {
             if (reader == null)
             {
                 throw new ArgumentNullException(nameof(reader));
             }
 
-            return reader.ReadLineAsync(Encoding.ASCII, cancellationToken);
+            return reader.ReadLineAsync(Encoding.ASCII, maxMessageSizeOptions, cancellationToken);
         }
 
         /// <summary>
         /// Reads a line from the reader.
         /// </summary>
         /// <param name="reader">The reader to read from.</param>
         /// <param name="encoding">The encoding to use when converting the input.</param>
+        /// <param name="maxMessageSizeOptions"> Handling of MaxMessageSize</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>A task that can be used to wait on the operation on complete.</returns>
-        internal static async ValueTask<string> ReadLineAsync(this PipeReader reader, Encoding encoding, CancellationToken cancellationToken = default)
+        internal static async ValueTask<string> ReadLineAsync(this PipeReader reader, Encoding encoding, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken = default)
         {
             if (reader == null)
             {
@@ -111,6 +121,7 @@ await reader.ReadLineAsync(
 
                     return Task.CompletedTask;
                 },
+                maxMessageSizeOptions,
                 cancellationToken);
 
             return text;
@@ -121,24 +132,26 @@ await reader.ReadLineAsync(
         /// </summary>
         /// <param name="reader">The reader to read from.</param>
         /// <param name="func">The action to process the buffer.</param>
+        /// <param name="maxMessageSizeOptions">Handling of MaxMessageSize.</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>The value that was read from the buffer.</returns>
-        internal static async ValueTask ReadDotBlockAsync(this PipeReader reader, Func<ReadOnlySequence<byte>, Task> func, CancellationToken cancellationToken = default)
+        internal static async ValueTask ReadDotBlockAsync(this PipeReader reader, Func<ReadOnlySequence<byte>, Task> func, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken = default)
         {
             if (reader == null)
             {
                 throw new ArgumentNullException(nameof(reader));
             }
 
             await ReadUntilAsync(
-                reader, 
-                DotBlock, 
+                reader,
+                DotBlock,
                 buffer =>
                 {
                     buffer = Unstuff(buffer);
 
                     return func(buffer);
-                }, 
+                },
+                maxMessageSizeOptions,
                 cancellationToken);
 
             static ReadOnlySequence<byte> Unstuff(ReadOnlySequence<byte> buffer)

Src/SmtpServer/ISmtpServerOptions.cs

@@ -9,9 +9,9 @@ namespace SmtpServer
     public interface ISmtpServerOptions
     {
         /// <summary>
-        /// Gets the maximum size of a message.
+        /// Gets the maximum message size option.
         /// </summary>
-        int MaxMessageSize { get; }
+        IMaxMessageSizeOptions MaxMessageSizeOptions { get; }
 
         /// <summary>
         /// The maximum number of retries before quitting the session.

Src/SmtpServer/MaxMessageSizeHandling.cs

@@ -0,0 +1,18 @@
+namespace SmtpServer
+{
+    /// <summary>
+    /// Choose how MaxMessageSize limit should be considered
+    /// </summary>
+    public enum MaxMessageSizeHandling
+    {
+        /// <summary>
+        /// Use the size limit for the SIZE extension of ESMTP
+        /// </summary>
+        Ignore = 0,
+
+        /// <summary>
+        /// Close the session after too much data has been sent
+        /// </summary>
+        Strict = 1,
+    }
+}

Src/SmtpServer/MaxMessageSizeOptions.cs

@@ -0,0 +1,44 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SmtpServer
+{
+    /// <summary>
+    /// Represents configuration settings for enforcing a maximum message size in SMTP,
+    /// including the size limit in bytes and the behavior when that limit is exceeded.
+    /// </summary>
+    public class MaxMessageSizeOptions : IMaxMessageSizeOptions
+    {
+        /// <summary>
+        /// Gets or sets the maximum allowed message size in bytes,
+        /// as specified by the SMTP SIZE extension (RFC 1870).
+        /// </summary>
+        public int Length { get; set; }
+
+        /// <summary>
+        /// Gets or sets the handling strategy for messages that exceed the maximum allowed size.
+        /// </summary>
+        public MaxMessageSizeHandling Handling { get; set; }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="MaxMessageSizeOptions"/> class 
+        /// with the specified handling strategy and message size limit.
+        /// </summary>
+        /// <param name="handling">The strategy for handling messages that exceed the maximum allowed size.</param>
+        /// <param name="length">The maximum allowed message size in bytes.</param>
+        public MaxMessageSizeOptions(MaxMessageSizeHandling handling, int length)
+        {
+            Length = length;
+            Handling = handling;
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="MaxMessageSizeOptions"/> class with default values.
+        /// </summary>
+        public MaxMessageSizeOptions()
+        {
+
+        }
+    }
+}

Src/SmtpServer/Protocol/AuthCommand.cs

@@ -106,7 +106,7 @@ async Task<bool> TryPlainAsync(ISessionContext context, CancellationToken cancel
             {
                 await context.Pipe.Output.WriteReplyAsync(new SmtpResponse(SmtpReplyCode.ContinueWithAuth, " "), cancellationToken).ConfigureAwait(false);
 
-                authentication = await context.Pipe.Input.ReadLineAsync(Encoding.ASCII, cancellationToken).ConfigureAwait(false);
+                authentication = await context.Pipe.Input.ReadLineAsync(Encoding.ASCII, context.ServerOptions.MaxMessageSizeOptions, cancellationToken).ConfigureAwait(false);
             }
 
             if (TryExtractFromBase64(authentication) == false)
@@ -155,13 +155,13 @@ async Task<bool> TryLoginAsync(ISessionContext context, CancellationToken cancel
                 //Username = VXNlcm5hbWU6 (base64)
                 await context.Pipe.Output.WriteReplyAsync(new SmtpResponse(SmtpReplyCode.ContinueWithAuth, "VXNlcm5hbWU6"), cancellationToken).ConfigureAwait(false);
 
-                _user = await ReadBase64EncodedLineAsync(context.Pipe.Input, cancellationToken).ConfigureAwait(false);
+                _user = await ReadBase64EncodedLineAsync(context.Pipe.Input, context.ServerOptions.MaxMessageSizeOptions, cancellationToken).ConfigureAwait(false);
             }
 
             //Password = UGFzc3dvcmQ6 (base64)
             await context.Pipe.Output.WriteReplyAsync(new SmtpResponse(SmtpReplyCode.ContinueWithAuth, "UGFzc3dvcmQ6"), cancellationToken).ConfigureAwait(false);
 
-            _password = await ReadBase64EncodedLineAsync(context.Pipe.Input, cancellationToken).ConfigureAwait(false);
+            _password = await ReadBase64EncodedLineAsync(context.Pipe.Input, context.ServerOptions.MaxMessageSizeOptions, cancellationToken).ConfigureAwait(false);
 
             return true;
         }
@@ -172,9 +172,9 @@ async Task<bool> TryLoginAsync(ISessionContext context, CancellationToken cancel
         /// <param name="reader">The pipe to read from.</param>
         /// <param name="cancellationToken">The cancellation token.</param>
         /// <returns>The decoded Base64 string.</returns>
-        static async Task<string> ReadBase64EncodedLineAsync(PipeReader reader, CancellationToken cancellationToken)
+        static async Task<string> ReadBase64EncodedLineAsync(PipeReader reader, IMaxMessageSizeOptions maxMessageSizeOptions, CancellationToken cancellationToken)
         {
-            var text = await reader.ReadLineAsync(cancellationToken);
+            var text = await reader.ReadLineAsync(maxMessageSizeOptions, cancellationToken);
 
             return text == null ? string.Empty : Encoding.UTF8.GetString(Convert.FromBase64String(text));
         }

Src/SmtpServer/Protocol/DataCommand.cs

@@ -52,7 +52,8 @@ await context.Pipe.Input.ReadDotBlockAsync(
                     {
                         // ReSharper disable once AccessToDisposedClosure
                         response = await container.Instance.SaveAsync(context, context.Transaction, buffer, cancellationToken).ConfigureAwait(false);
-                    }, 
+                    },
+                    context.ServerOptions.MaxMessageSizeOptions,
                     cancellationToken).ConfigureAwait(false);
 
                 await context.Pipe.Output.WriteReplyAsync(response, cancellationToken).ConfigureAwait(false);

Src/SmtpServer/Protocol/EhloCommand.cs

@@ -75,9 +75,9 @@ protected virtual IEnumerable<string> GetExtensions(ISessionContext context)
                 yield return "STARTTLS";
             }
 
-            if (context.ServerOptions.MaxMessageSize > 0)
+            if (context.ServerOptions.MaxMessageSizeOptions.Length > 0)
             {
-                yield return $"SIZE {context.ServerOptions.MaxMessageSize}";
+                yield return $"SIZE {context.ServerOptions.MaxMessageSizeOptions.Length}";
             }
 
             if (IsPlainLoginAllowed(context))