starred/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-04-26 00:35:51 +03:00
Code Issues Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #623] Mailpit allows nested MAIL command during an active SMTP transaction #391

New issue
Closed
opened 2026-03-15 14:13:01 +03:00 by kerem · 1 comment
kerem commented 2026-03-15 14:13:01 +03:00
Owner
Copy link

Originally created by @rsingha108 on GitHub (Jan 21, 2026).
Original GitHub issue: https://github.com/axllent/mailpit/issues/623

Description

Mailpit accepts a nested MAIL command during an active mail transaction (after RCPT TO but before DATA), responding with 250 instead of rejecting the command. This violates SMTP command sequencing rules and allows starting a new transaction without properly concluding or aborting the previous one.

Affected Version

v1.28

Steps to Reproduce

  1. Start Mailpit (Docker image axllent/mailpit:v1.28) and ensure it is listening on 127.0.0.1:8030.
  2. Connect to Mailpit via an SMTP client (e.g., telnet 127.0.0.1 8030).
  3. Issue the following commands in order:
  1. Observe the server’s response to the second MAIL command.

Buggy Behavior

Mailpit replies “250 2.1.0 Ok” to the second MAIL command even though a mail transaction is already open (RCPT accepted, DATA not yet sent).

Expected Behavior

  • The server should reject a second MAIL command during an open transaction with a 503 Bad sequence of commands (or equivalent).
  • As per RFC 5321: [4.1.4] MAIL (or SEND, SOML, or SAML) MUST NOT be sent if a mail transaction is already open, i.e., it should be sent only if no mail transaction had been started in the session, or if the previous one successfully concluded with a successful DATA command, or if the previous one was aborted, e.g., with a RSET or new EHLO.
Originally created by @rsingha108 on GitHub (Jan 21, 2026). Original GitHub issue: https://github.com/axllent/mailpit/issues/623 ### Description Mailpit accepts a nested MAIL command during an active mail transaction (after RCPT TO but before DATA), responding with 250 instead of rejecting the command. This violates SMTP command sequencing rules and allows starting a new transaction without properly concluding or aborting the previous one. ### Affected Version v1.28 ### Steps to Reproduce 1. Start Mailpit (Docker image axllent/mailpit:v1.28) and ensure it is listening on 127.0.0.1:8030. 2. Connect to Mailpit via an SMTP client (e.g., telnet 127.0.0.1 8030). 3. Issue the following commands in order: - EHLO example.com - MAIL FROM:<alice@example.com> - RCPT TO:<bob@example.com> - MAIL FROM:<charlie@example.com> 4. Observe the server’s response to the second MAIL command. ### Buggy Behavior Mailpit replies “250 2.1.0 Ok” to the second MAIL command even though a mail transaction is already open (RCPT accepted, DATA not yet sent). ### Expected Behavior - The server should reject a second MAIL command during an open transaction with a 503 Bad sequence of commands (or equivalent). - As per RFC 5321: [4.1.4] MAIL (or SEND, SOML, or SAML) MUST NOT be sent if a mail transaction is already open, i.e., it should be sent only if no mail transaction had been started in the session, or if the previous one successfully concluded with a successful DATA command, or if the previous one was aborted, e.g., with a RSET or new EHLO.
kerem 2026-03-15 14:13:01 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-03-15 14:13:17 +03:00
Author
Owner
Copy link

@axllent commented on GitHub (Jan 24, 2026):

I have released v1.28.4 which includes a fix for this. Thank you (and your AI tools) for finding the bug.

<!-- gh-comment-id:3795527533 --> @axllent commented on GitHub (Jan 24, 2026): I have released [v1.28.4](https://github.com/axllent/mailpit/releases/tag/v1.28.4) which includes a fix for this. Thank you (and your AI tools) for finding the bug.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
master
v1.29.7
v1.29.6
v1.29.5
v1.29.4
v1.29.3
v1.29.2
v1.29.1
v1.29.0
v1.28.4
v1.28.3
v1.28.2
v1.28.1
v1.28.0
v1.27.11
v1.27.10
v1.27.9
v1.27.8
v1.27.7
v1.27.6
v1.27.5
v1.27.4
v1.27.3
v1.27.2
v1.27.1
v1.27.0
v1.26.2
v1.26.1
v1.26.0
v1.25.1
v1.25.0
v1.24.2
v1.24.1
v1.24.0
v1.23.2
v1.23.1
v1.23.0
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.21.1
v1.21.0
v1.20.7
v1.20.6
v1.20.5
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.18.7
v1.18.6
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.1
v1.17.0
v1.16.0
v1.15.1
v1.15.0
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.1
v1.12.0
v1.11.1
v1.11.0
v1.10.4
v1.10.3
v1.10.2
v1.10.1
v1.10.0
v1.9.10
v1.9.9
v1.9.8
v1.9.7
v1.9.6
v1.9.5
v1.9.4
v1.9.3
v1.9.2
v1.9.1
v1.9.0
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.1
v1.7.0
v1.6.22
v1.6.21
v1.6.20
v1.6.19
v1.6.18
v1.6.17
v1.6.16
v1.6.15
v1.6.14
v1.6.13
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.0
v1.3.11
v1.3.10
v1.3.9
v1.3.8
v1.3.7
v1.3.6
v1.3.5
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.9
v1.2.8
v1.2.7
v1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.7
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.0
1.0.0-beta1
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0
0.0.9
0.0.8
0.0.7
0.0.6
0.0.5
0.0.4
0.0.3
0.0.2
0.0.1-beta
Labels
Clear labels   
awaiting feedback

   
bug

   
docker

   
documentation

   
enhancement

   
github_actions

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
wontfix
No labels
awaiting feedback
bug
docker
documentation
enhancement
github_actions
invalid
pull-request
question
stale
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/mailpit#391
No description provided.