{
  "ruleId": "S019",
  "name": "SMTP Injection Protection",
  "description": "Detects potential SMTP/IMAP injection vulnerabilities by identifying unsanitized user input in email fields and direct SMTP protocol manipulation",
  "category": "security",
  "severity": "error",
  "languages": ["typescript", "javascript"],
  "tags": ["security", "owasp", "injection", "smtp", "email", "crlf"],
  "enabled": true,
  "fixable": false,
  "engine": "heuristic",
  "metadata": {
    "owaspCategory": "A03:2021 - Injection",
    "cweId": "CWE-93, CWE-144",
    "impact": "High - Email spoofing, unauthorized email sending, header injection, spam",
    "remediation": "Remove CRLF characters (\\r\\n) from user input before using in email fields. Use secure email service APIs (SendGrid, AWS SES, Mailgun) instead of direct SMTP manipulation. Validate email addresses with proper regex patterns.",
    "references": [
      "https://owasp.org/www-community/attacks/SMTP_Injection",
      "https://cwe.mitre.org/data/definitions/93.html",
      "https://cwe.mitre.org/data/definitions/144.html"
    ],
    "examples": {
      "vulnerable": [
        "sendMail({ to: req.body.email, subject: req.body.subject })",
        "message.setSubject(userInput)",
        "const headers = 'To: ' + req.query.recipient"
      ],
      "safe": [
        "sendMail({ to: sanitize(req.body.email), subject: escape(req.body.subject) })",
        "const cleanEmail = email.replace(/[\\r\\n]/g, '')",
        "if (/^[a-zA-Z0-9@._-]+$/.test(email)) { sendMail({ to: email }) }"
      ]
    }
  }
}