Forbid logins on the SMTP-STARTTLS port

Also, introduce the outline of a framework to handle message sending
differently to message receipt.

internal/smtp/server.go

@@ -29,10 +29,11 @@ func NewServer(cancel context.CancelFunc, datastore store.Interface, submission
 	out.server.TLSConfig = datastore.TLSConfig()
 
 	if submission {
-		out.name = "submission"
+		out.handler = &Sender{}
 		out.server.Addr = ":587"
+		out.allowLogin = true // Only allow login on submission ports
 	} else {
-		out.name = "SMTP"
+		out.handler = &Receiver{}
 		out.server.Addr = ":25"
 	}
 
@@ -40,10 +41,12 @@ func NewServer(cancel context.CancelFunc, datastore store.Interface, submission
 }
 
 type concrete struct {
-	name   string
-	cancel context.CancelFunc
-	store  store.Interface
-	server *smtp.Server
+	name       string
+	cancel     context.CancelFunc
+	store      store.Interface
+	server     *smtp.Server
+	handler    Handler
+	allowLogin bool
 
 	// Session IDs
 	sid uint64
@@ -61,6 +64,10 @@ func (c *concrete) Run() {
 
 // backend implementation for go-smtp
 func (c *concrete) Login(user, pass string) (smtp.User, error) {
+	if !c.allowLogin {
+		return nil, fmt.Errorf("Login is disabled")
+	}
+
 	account, err := c.store.FindAccountWithPassword(user, pass)
 	if err != nil {
 		// Lo the real error, but don't show it to the end user
@@ -69,9 +76,9 @@ func (c *concrete) Login(user, pass string) (smtp.User, error) {
 	}
 
 	session := &Session{
-		ID:          atomic.AddUint64(&c.sid, uint64(1)),
-		Account:     account,
-		ServiceName: c.name,
+		ID:      atomic.AddUint64(&c.sid, uint64(1)),
+		Account: account,
+		Handler: c.handler,
 	}
 
 	log.Printf("Beginning %s session %d for %s", c.name, session.ID, user)