Compare commits
No commits in common. "master" and "1.0.0" have entirely different histories.
24
Dockerfile
24
Dockerfile
|
@ -1,24 +0,0 @@
|
||||||
#Start multistage Docker
|
|
||||||
#Stage 1 : build brutalinks
|
|
||||||
|
|
||||||
|
|
||||||
FROM golang:latest AS zangbuilder
|
|
||||||
RUN apt install make git -y
|
|
||||||
RUN mkdir -p /go/src/zangtumb
|
|
||||||
RUN git clone https://git.keinpfusch.net/loweel/zangtumb.git /go/src/zangtumb
|
|
||||||
WORKDIR /go/src/zangtumb
|
|
||||||
ENV GO111MODULE=auto
|
|
||||||
RUN go build
|
|
||||||
|
|
||||||
|
|
||||||
#Start multistage Docker
|
|
||||||
#Stage 2 : put pieces together
|
|
||||||
|
|
||||||
FROM debian:latest
|
|
||||||
RUN apt update
|
|
||||||
RUN apt upgrade -y
|
|
||||||
RUN apt install ca-certificates -y
|
|
||||||
RUN mkdir -p /opt/zangtumb
|
|
||||||
WORKDIR /opt/zangtumb
|
|
||||||
COPY --from=zangbuilder /go/src/zangtumb /opt/zangtumb/
|
|
||||||
ENTRYPOINT ["/opt/zangtumb/zangtumb"]
|
|
299
LICENSE
299
LICENSE
|
@ -1,289 +1,14 @@
|
||||||
Copyright (C) 2020 loweel@keinpfusch.net
|
Copyright (C) 2020 loweel@keinpfusch.net
|
||||||
|
|
||||||
EUROPEAN UNION PUBLIC LICENCE v. 1.2
|
This program is free software: you can redistribute it and/or modify
|
||||||
EUPL © the European Union 2007, 2016
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
This European Union Public Licence (the ‘EUPL’) applies to the Work (as defined
|
(at your option) any later version.
|
||||||
below) which is provided under the terms of this Licence. Any use of the Work,
|
|
||||||
other than as authorised under this Licence is prohibited (to the extent such
|
This program is distributed in the hope that it will be useful,
|
||||||
use is covered by a right of the copyright holder of the Work).
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
The Work is provided under the terms of this Licence when the Licensor (as
|
GNU General Public License for more details.
|
||||||
defined below) has placed the following notice immediately following the
|
|
||||||
copyright notice for the Work:
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
Licensed under the EUPL
|
|
||||||
|
|
||||||
or has expressed by any other means his willingness to license under the EUPL.
|
|
||||||
|
|
||||||
1. Definitions
|
|
||||||
|
|
||||||
In this Licence, the following terms have the following meaning:
|
|
||||||
|
|
||||||
- ‘The Licence’: this Licence.
|
|
||||||
|
|
||||||
- ‘The Original Work’: the work or software distributed or communicated by the
|
|
||||||
Licensor under this Licence, available as Source Code and also as Executable
|
|
||||||
Code as the case may be.
|
|
||||||
|
|
||||||
- ‘Derivative Works’: the works or software that could be created by the
|
|
||||||
Licensee, based upon the Original Work or modifications thereof. This Licence
|
|
||||||
does not define the extent of modification or dependence on the Original Work
|
|
||||||
required in order to classify a work as a Derivative Work; this extent is
|
|
||||||
determined by copyright law applicable in the country mentioned in Article 15.
|
|
||||||
|
|
||||||
- ‘The Work’: the Original Work or its Derivative Works.
|
|
||||||
|
|
||||||
- ‘The Source Code’: the human-readable form of the Work which is the most
|
|
||||||
convenient for people to study and modify.
|
|
||||||
|
|
||||||
- ‘The Executable Code’: any code which has generally been compiled and which is
|
|
||||||
meant to be interpreted by a computer as a program.
|
|
||||||
|
|
||||||
- ‘The Licensor’: the natural or legal person that distributes or communicates
|
|
||||||
the Work under the Licence.
|
|
||||||
|
|
||||||
- ‘Contributor(s)’: any natural or legal person who modifies the Work under the
|
|
||||||
Licence, or otherwise contributes to the creation of a Derivative Work.
|
|
||||||
|
|
||||||
- ‘The Licensee’ or ‘You’: any natural or legal person who makes any usage of
|
|
||||||
the Work under the terms of the Licence.
|
|
||||||
|
|
||||||
- ‘Distribution’ or ‘Communication’: any act of selling, giving, lending,
|
|
||||||
renting, distributing, communicating, transmitting, or otherwise making
|
|
||||||
available, online or offline, copies of the Work or providing access to its
|
|
||||||
essential functionalities at the disposal of any other natural or legal
|
|
||||||
person.
|
|
||||||
|
|
||||||
2. Scope of the rights granted by the Licence
|
|
||||||
|
|
||||||
The Licensor hereby grants You a worldwide, royalty-free, non-exclusive,
|
|
||||||
sublicensable licence to do the following, for the duration of copyright vested
|
|
||||||
in the Original Work:
|
|
||||||
|
|
||||||
- use the Work in any circumstance and for all usage,
|
|
||||||
- reproduce the Work,
|
|
||||||
- modify the Work, and make Derivative Works based upon the Work,
|
|
||||||
- communicate to the public, including the right to make available or display
|
|
||||||
the Work or copies thereof to the public and perform publicly, as the case may
|
|
||||||
be, the Work,
|
|
||||||
- distribute the Work or copies thereof,
|
|
||||||
- lend and rent the Work or copies thereof,
|
|
||||||
- sublicense rights in the Work or copies thereof.
|
|
||||||
|
|
||||||
Those rights can be exercised on any media, supports and formats, whether now
|
|
||||||
known or later invented, as far as the applicable law permits so.
|
|
||||||
|
|
||||||
In the countries where moral rights apply, the Licensor waives his right to
|
|
||||||
exercise his moral right to the extent allowed by law in order to make effective
|
|
||||||
the licence of the economic rights here above listed.
|
|
||||||
|
|
||||||
The Licensor grants to the Licensee royalty-free, non-exclusive usage rights to
|
|
||||||
any patents held by the Licensor, to the extent necessary to make use of the
|
|
||||||
rights granted on the Work under this Licence.
|
|
||||||
|
|
||||||
3. Communication of the Source Code
|
|
||||||
|
|
||||||
The Licensor may provide the Work either in its Source Code form, or as
|
|
||||||
Executable Code. If the Work is provided as Executable Code, the Licensor
|
|
||||||
provides in addition a machine-readable copy of the Source Code of the Work
|
|
||||||
along with each copy of the Work that the Licensor distributes or indicates, in
|
|
||||||
a notice following the copyright notice attached to the Work, a repository where
|
|
||||||
the Source Code is easily and freely accessible for as long as the Licensor
|
|
||||||
continues to distribute or communicate the Work.
|
|
||||||
|
|
||||||
4. Limitations on copyright
|
|
||||||
|
|
||||||
Nothing in this Licence is intended to deprive the Licensee of the benefits from
|
|
||||||
any exception or limitation to the exclusive rights of the rights owners in the
|
|
||||||
Work, of the exhaustion of those rights or of other applicable limitations
|
|
||||||
thereto.
|
|
||||||
|
|
||||||
5. Obligations of the Licensee
|
|
||||||
|
|
||||||
The grant of the rights mentioned above is subject to some restrictions and
|
|
||||||
obligations imposed on the Licensee. Those obligations are the following:
|
|
||||||
|
|
||||||
Attribution right: The Licensee shall keep intact all copyright, patent or
|
|
||||||
trademarks notices and all notices that refer to the Licence and to the
|
|
||||||
disclaimer of warranties. The Licensee must include a copy of such notices and a
|
|
||||||
copy of the Licence with every copy of the Work he/she distributes or
|
|
||||||
communicates. The Licensee must cause any Derivative Work to carry prominent
|
|
||||||
notices stating that the Work has been modified and the date of modification.
|
|
||||||
|
|
||||||
Copyleft clause: If the Licensee distributes or communicates copies of the
|
|
||||||
Original Works or Derivative Works, this Distribution or Communication will be
|
|
||||||
done under the terms of this Licence or of a later version of this Licence
|
|
||||||
unless the Original Work is expressly distributed only under this version of the
|
|
||||||
Licence — for example by communicating ‘EUPL v. 1.2 only’. The Licensee
|
|
||||||
(becoming Licensor) cannot offer or impose any additional terms or conditions on
|
|
||||||
the Work or Derivative Work that alter or restrict the terms of the Licence.
|
|
||||||
|
|
||||||
Compatibility clause: If the Licensee Distributes or Communicates Derivative
|
|
||||||
Works or copies thereof based upon both the Work and another work licensed under
|
|
||||||
a Compatible Licence, this Distribution or Communication can be done under the
|
|
||||||
terms of this Compatible Licence. For the sake of this clause, ‘Compatible
|
|
||||||
Licence’ refers to the licences listed in the appendix attached to this Licence.
|
|
||||||
Should the Licensee's obligations under the Compatible Licence conflict with
|
|
||||||
his/her obligations under this Licence, the obligations of the Compatible
|
|
||||||
Licence shall prevail.
|
|
||||||
|
|
||||||
Provision of Source Code: When distributing or communicating copies of the Work,
|
|
||||||
the Licensee will provide a machine-readable copy of the Source Code or indicate
|
|
||||||
a repository where this Source will be easily and freely available for as long
|
|
||||||
as the Licensee continues to distribute or communicate the Work.
|
|
||||||
|
|
||||||
Legal Protection: This Licence does not grant permission to use the trade names,
|
|
||||||
trademarks, service marks, or names of the Licensor, except as required for
|
|
||||||
reasonable and customary use in describing the origin of the Work and
|
|
||||||
reproducing the content of the copyright notice.
|
|
||||||
|
|
||||||
6. Chain of Authorship
|
|
||||||
|
|
||||||
The original Licensor warrants that the copyright in the Original Work granted
|
|
||||||
hereunder is owned by him/her or licensed to him/her and that he/she has the
|
|
||||||
power and authority to grant the Licence.
|
|
||||||
|
|
||||||
Each Contributor warrants that the copyright in the modifications he/she brings
|
|
||||||
to the Work are owned by him/her or licensed to him/her and that he/she has the
|
|
||||||
power and authority to grant the Licence.
|
|
||||||
|
|
||||||
Each time You accept the Licence, the original Licensor and subsequent
|
|
||||||
Contributors grant You a licence to their contributions to the Work, under the
|
|
||||||
terms of this Licence.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty
|
|
||||||
|
|
||||||
The Work is a work in progress, which is continuously improved by numerous
|
|
||||||
Contributors. It is not a finished work and may therefore contain defects or
|
|
||||||
‘bugs’ inherent to this type of development.
|
|
||||||
|
|
||||||
For the above reason, the Work is provided under the Licence on an ‘as is’ basis
|
|
||||||
and without warranties of any kind concerning the Work, including without
|
|
||||||
limitation merchantability, fitness for a particular purpose, absence of defects
|
|
||||||
or errors, accuracy, non-infringement of intellectual property rights other than
|
|
||||||
copyright as stated in Article 6 of this Licence.
|
|
||||||
|
|
||||||
This disclaimer of warranty is an essential part of the Licence and a condition
|
|
||||||
for the grant of any rights to the Work.
|
|
||||||
|
|
||||||
8. Disclaimer of Liability
|
|
||||||
|
|
||||||
Except in the cases of wilful misconduct or damages directly caused to natural
|
|
||||||
persons, the Licensor will in no event be liable for any direct or indirect,
|
|
||||||
material or moral, damages of any kind, arising out of the Licence or of the use
|
|
||||||
of the Work, including without limitation, damages for loss of goodwill, work
|
|
||||||
stoppage, computer failure or malfunction, loss of data or any commercial
|
|
||||||
damage, even if the Licensor has been advised of the possibility of such damage.
|
|
||||||
However, the Licensor will be liable under statutory product liability laws as
|
|
||||||
far such laws apply to the Work.
|
|
||||||
|
|
||||||
9. Additional agreements
|
|
||||||
|
|
||||||
While distributing the Work, You may choose to conclude an additional agreement,
|
|
||||||
defining obligations or services consistent with this Licence. However, if
|
|
||||||
accepting obligations, You may act only on your own behalf and on your sole
|
|
||||||
responsibility, not on behalf of the original Licensor or any other Contributor,
|
|
||||||
and only if You agree to indemnify, defend, and hold each Contributor harmless
|
|
||||||
for any liability incurred by, or claims asserted against such Contributor by
|
|
||||||
the fact You have accepted any warranty or additional liability.
|
|
||||||
|
|
||||||
10. Acceptance of the Licence
|
|
||||||
|
|
||||||
The provisions of this Licence can be accepted by clicking on an icon ‘I agree’
|
|
||||||
placed under the bottom of a window displaying the text of this Licence or by
|
|
||||||
affirming consent in any other similar way, in accordance with the rules of
|
|
||||||
applicable law. Clicking on that icon indicates your clear and irrevocable
|
|
||||||
acceptance of this Licence and all of its terms and conditions.
|
|
||||||
|
|
||||||
Similarly, you irrevocably accept this Licence and all of its terms and
|
|
||||||
conditions by exercising any rights granted to You by Article 2 of this Licence,
|
|
||||||
such as the use of the Work, the creation by You of a Derivative Work or the
|
|
||||||
Distribution or Communication by You of the Work or copies thereof.
|
|
||||||
|
|
||||||
11. Information to the public
|
|
||||||
|
|
||||||
In case of any Distribution or Communication of the Work by means of electronic
|
|
||||||
communication by You (for example, by offering to download the Work from a
|
|
||||||
remote location) the distribution channel or media (for example, a website) must
|
|
||||||
at least provide to the public the information requested by the applicable law
|
|
||||||
regarding the Licensor, the Licence and the way it may be accessible, concluded,
|
|
||||||
stored and reproduced by the Licensee.
|
|
||||||
|
|
||||||
12. Termination of the Licence
|
|
||||||
|
|
||||||
The Licence and the rights granted hereunder will terminate automatically upon
|
|
||||||
any breach by the Licensee of the terms of the Licence.
|
|
||||||
|
|
||||||
Such a termination will not terminate the licences of any person who has
|
|
||||||
received the Work from the Licensee under the Licence, provided such persons
|
|
||||||
remain in full compliance with the Licence.
|
|
||||||
|
|
||||||
13. Miscellaneous
|
|
||||||
|
|
||||||
Without prejudice of Article 9 above, the Licence represents the complete
|
|
||||||
agreement between the Parties as to the Work.
|
|
||||||
|
|
||||||
If any provision of the Licence is invalid or unenforceable under applicable
|
|
||||||
law, this will not affect the validity or enforceability of the Licence as a
|
|
||||||
whole. Such provision will be construed or reformed so as necessary to make it
|
|
||||||
valid and enforceable.
|
|
||||||
|
|
||||||
The European Commission may publish other linguistic versions or new versions of
|
|
||||||
this Licence or updated versions of the Appendix, so far this is required and
|
|
||||||
reasonable, without reducing the scope of the rights granted by the Licence. New
|
|
||||||
versions of the Licence will be published with a unique version number.
|
|
||||||
|
|
||||||
All linguistic versions of this Licence, approved by the European Commission,
|
|
||||||
have identical value. Parties can take advantage of the linguistic version of
|
|
||||||
their choice.
|
|
||||||
|
|
||||||
14. Jurisdiction
|
|
||||||
|
|
||||||
Without prejudice to specific agreement between parties,
|
|
||||||
|
|
||||||
- any litigation resulting from the interpretation of this License, arising
|
|
||||||
between the European Union institutions, bodies, offices or agencies, as a
|
|
||||||
Licensor, and any Licensee, will be subject to the jurisdiction of the Court
|
|
||||||
of Justice of the European Union, as laid down in article 272 of the Treaty on
|
|
||||||
the Functioning of the European Union,
|
|
||||||
|
|
||||||
- any litigation arising between other parties and resulting from the
|
|
||||||
interpretation of this License, will be subject to the exclusive jurisdiction
|
|
||||||
of the competent court where the Licensor resides or conducts its primary
|
|
||||||
business.
|
|
||||||
|
|
||||||
15. Applicable Law
|
|
||||||
|
|
||||||
Without prejudice to specific agreement between parties,
|
|
||||||
|
|
||||||
- this Licence shall be governed by the law of the European Union Member State
|
|
||||||
where the Licensor has his seat, resides or has his registered office,
|
|
||||||
|
|
||||||
- this licence shall be governed by Belgian law if the Licensor has no seat,
|
|
||||||
residence or registered office inside a European Union Member State.
|
|
||||||
|
|
||||||
Appendix
|
|
||||||
|
|
||||||
‘Compatible Licences’ according to Article 5 EUPL are:
|
|
||||||
|
|
||||||
- GNU General Public License (GPL) v. 2, v. 3
|
|
||||||
- GNU Affero General Public License (AGPL) v. 3
|
|
||||||
- Open Software License (OSL) v. 2.1, v. 3.0
|
|
||||||
- Eclipse Public License (EPL) v. 1.0
|
|
||||||
- CeCILL v. 2.0, v. 2.1
|
|
||||||
- Mozilla Public Licence (MPL) v. 2
|
|
||||||
- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3
|
|
||||||
- Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0) for
|
|
||||||
works other than software
|
|
||||||
- European Union Public Licence (EUPL) v. 1.1, v. 1.2
|
|
||||||
- Québec Free and Open-Source Licence — Reciprocity (LiLiQ-R) or Strong
|
|
||||||
Reciprocity (LiLiQ-R+).
|
|
||||||
|
|
||||||
The European Commission may update this Appendix to later versions of the above
|
|
||||||
licences without producing a new version of the EUPL, as long as they provide
|
|
||||||
the rights granted in Article 2 of this Licence and protect the covered Source
|
|
||||||
Code from exclusive appropriation.
|
|
||||||
|
|
||||||
All other changes or additions to this Appendix require the production of a new
|
|
||||||
EUPL version.
|
|
|
@ -71,22 +71,20 @@ everything is configured using ENV strings , as follows
|
||||||
| ---------- | --------------------- | ------------------------------------------------------------ |
|
| ---------- | --------------------- | ------------------------------------------------------------ |
|
||||||
| KEYFILE | "/certs/mydomain.key" | Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
|
| KEYFILE | "/certs/mydomain.key" | Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
|
||||||
| CERTFILE | "/certs/mydomain.crt" | Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
|
| CERTFILE | "/certs/mydomain.crt" | Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
|
||||||
| DOMAINNAME | "mydomain.tld" | will declare this value on the banner. No impact on recipients. Used as CN in self-signed certificates |
|
| DOMAINNAME | "mydomain.tld" | will declare this value on the banner. No impact on recipients. |
|
||||||
| LISTEN | ":5025" | Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "1.2.3.4:5025" |
|
| LISTEN | ":5025" | Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "1.2.3.4:5025" |
|
||||||
| RECIPIENTS | "recipients.conf" | File containing a list with email to serve. One mail address per line. Please notice, that pippo@pluto.com and pippo@paperino.com will end in the same mailbox, "pippo". |
|
| RECIPIENTS | "recipients.conf" | File containing a list with email to serve. One mail address per line. Please notice, that pippo@pluto.com and pippo@paperino.com will end in the same mailbox, "pippo". |
|
||||||
| MAILFOLDER | "/zangmail" | Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" . |
|
| MAILFOLDER | "/zangmail" | Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" . |
|
||||||
| USETLS | "true" | Whether to force all to use TLS or not. yes. Do it. |
|
| USETLS | "true" | Whether to force all to use TLS or not. yes. Do it. |
|
||||||
|
|
||||||
|
|
||||||
Of course , if you put your certificatesinto /certs, (likethe example), this folder MUST exist.
|
|
||||||
|
|
||||||
|
|
||||||
That's it.
|
That's it.
|
||||||
|
|
||||||
# FAQ
|
# FAQ
|
||||||
|
|
||||||
- _This TLS behavior is violating RFC 2487_
|
- _This TLS behavior is violating RFC 2487_
|
||||||
- To give a shit of RFCs is a *de facto standard*. Zangtumb works, and no spammer will ever buy a certificate per each spambot.
|
- To give a shit of RFCs is a de facto standard. It works, and no spammer will ever buy a certificate per each spambot.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,6 @@ import (
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// The Backend implements SMTP server methods.
|
// The Backend implements SMTP server methods.
|
||||||
|
@ -18,8 +17,6 @@ type Backend struct {
|
||||||
|
|
||||||
var SmtpBackend *Backend
|
var SmtpBackend *Backend
|
||||||
|
|
||||||
var mutex = &sync.Mutex{}
|
|
||||||
|
|
||||||
// Load Valid Recipients
|
// Load Valid Recipients
|
||||||
func (bkd *Backend) LoadValidRecipients() error {
|
func (bkd *Backend) LoadValidRecipients() error {
|
||||||
bkd.MaxRecipients = 0
|
bkd.MaxRecipients = 0
|
||||||
|
@ -44,13 +41,9 @@ func (bkd *Backend) LoadValidRecipients() error {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Checks if Mail is a valid local recipient
|
// Checks if Mail is a valid recipient
|
||||||
func (bkd *Backend) CheckValidRcpt(to string) bool {
|
func (bkd *Backend) CheckValidRcpt(to string) bool {
|
||||||
|
|
||||||
defer mutex.Unlock()
|
|
||||||
|
|
||||||
mutex.Lock()
|
|
||||||
|
|
||||||
_, isValid := bkd.ValidRecipientsMap[to]
|
_, isValid := bkd.ValidRecipientsMap[to]
|
||||||
|
|
||||||
return isValid
|
return isValid
|
||||||
|
|
5
go.mod
5
go.mod
|
@ -2,4 +2,7 @@ module zangtumb
|
||||||
|
|
||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
require github.com/amalfra/maildir v0.0.7
|
require (
|
||||||
|
github.com/amalfra/maildir v0.0.7
|
||||||
|
github.com/emersion/go-smtp v0.12.1 // indirect
|
||||||
|
)
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -1,2 +1,6 @@
|
||||||
github.com/amalfra/maildir v0.0.7 h1:quK6vVGmjqP1zbeo9g7jtx37htGoYrKKlSpcDcplD04=
|
github.com/amalfra/maildir v0.0.7 h1:quK6vVGmjqP1zbeo9g7jtx37htGoYrKKlSpcDcplD04=
|
||||||
github.com/amalfra/maildir v0.0.7/go.mod h1:+ynYowCpUHTWebUhg3Sb6Jp2dq+SUSWLTSLIf7Vy+ak=
|
github.com/amalfra/maildir v0.0.7/go.mod h1:+ynYowCpUHTWebUhg3Sb6Jp2dq+SUSWLTSLIf7Vy+ak=
|
||||||
|
github.com/emersion/go-sasl v0.0.0-20190817083125-240c8404624e h1:ba7YsgX5OV8FjGi5ZWml8Jng6oBrJAb3ahqWMJ5Ce8Q=
|
||||||
|
github.com/emersion/go-sasl v0.0.0-20190817083125-240c8404624e/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
||||||
|
github.com/emersion/go-smtp v0.12.1 h1:1R8BDqrR2HhlGwgFYcOi+BVTvK1bMjAB65QcVpJ5sNA=
|
||||||
|
github.com/emersion/go-smtp v0.12.1/go.mod h1:SD9V/xa4ndMw77lR3Mf7htkp8RBNYuPh9UeuBs9tpUQ=
|
||||||
|
|
23
handler.go
23
handler.go
|
@ -4,12 +4,8 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"time"
|
|
||||||
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
func mailHandler(origin net.Addr, from string, to []string, data []byte) {
|
func mailHandler(origin net.Addr, from string, to []string, data []byte) {
|
||||||
SmtpSession := new(Session)
|
SmtpSession := new(Session)
|
||||||
|
|
||||||
|
@ -24,7 +20,7 @@ func mailHandler(origin net.Addr, from string, to []string, data []byte) {
|
||||||
if dataErr := SmtpSession.Data(bytes.NewReader(data)); dataErr != nil {
|
if dataErr := SmtpSession.Data(bytes.NewReader(data)); dataErr != nil {
|
||||||
log.Println("Problem Saving Message: ", dataErr.Error())
|
log.Println("Problem Saving Message: ", dataErr.Error())
|
||||||
}
|
}
|
||||||
|
log.Println("Session is: ", SmtpSession)
|
||||||
} else {
|
} else {
|
||||||
log.Println(rcptErr)
|
log.Println(rcptErr)
|
||||||
}
|
}
|
||||||
|
@ -32,20 +28,3 @@ func mailHandler(origin net.Addr, from string, to []string, data []byte) {
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
func handlerRcpt(remoteAddr net.Addr, from string, to string) bool {
|
|
||||||
|
|
||||||
log.Println("CHECK #2 Rcpt to:", to)
|
|
||||||
if !SmtpBackend.CheckValidRcpt(to) {
|
|
||||||
log.Printf("%s [ %s -> %s ] %s BAD!!!!", "YU NO MAIL!!! WE NU RELAY!!! ", from, to, remoteAddr.String() )
|
|
||||||
time.Sleep(10 * time.Second)
|
|
||||||
return false
|
|
||||||
}else{
|
|
||||||
log.Printf("%s [ %s -> %s ] %s GOOD!!!!", "WE DO!!!", from, to, remoteAddr.String() )
|
|
||||||
}
|
|
||||||
|
|
||||||
return true
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
4
run.sh
4
run.sh
|
@ -8,11 +8,11 @@ export LISTEN=":1025"
|
||||||
|
|
||||||
|
|
||||||
##SESSION
|
##SESSION
|
||||||
export RECIPIENTS="./recipients.conf.example"
|
export RECIPIENTS="./recipients.conf"
|
||||||
export MAILFOLDER="mail"
|
export MAILFOLDER="mail"
|
||||||
|
|
||||||
##MAIN
|
##MAIN
|
||||||
export USETLS="true"
|
export USETLS="false"
|
||||||
|
|
||||||
##RUN
|
##RUN
|
||||||
|
|
||||||
|
|
10
session.go
10
session.go
|
@ -1,13 +1,13 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/amalfra/maildir"
|
"github.com/amalfra/maildir"
|
||||||
)
|
)
|
||||||
|
@ -22,7 +22,11 @@ type Session struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Session) Rcpt(to string) error {
|
func (s *Session) Rcpt(to string) error {
|
||||||
log.Println("CHECK #1 Rcpt to:", to)
|
log.Println("Rcpt to:", to)
|
||||||
|
if !SmtpBackend.CheckValidRcpt(to) {
|
||||||
|
time.Sleep(10 * time.Second)
|
||||||
|
return errors.New("YU NO MAIL!!! WE NU RELAY")
|
||||||
|
}
|
||||||
s.RcptTo = to
|
s.RcptTo = to
|
||||||
if strings.Contains(to, "@") {
|
if strings.Contains(to, "@") {
|
||||||
rcptArray := strings.Split(to, "@")
|
rcptArray := strings.Split(to, "@")
|
||||||
|
|
|
@ -41,10 +41,9 @@ type AuthHandler func(remoteAddr net.Addr, mechanism string, username []byte, pa
|
||||||
// ListenAndServe listens on the TCP network address addr
|
// ListenAndServe listens on the TCP network address addr
|
||||||
// and then calls Serve with handler to handle requests
|
// and then calls Serve with handler to handle requests
|
||||||
// on incoming connections.
|
// on incoming connections.
|
||||||
func ListenAndServe(addr string, handler Handler, rcpthandler HandlerRcpt, appname string, hostname string, instance *Server) error {
|
func ListenAndServe(addr string, handler Handler, appname string, hostname string, instance *Server) error {
|
||||||
srv := instance
|
srv := instance
|
||||||
srv.Addr = addr
|
srv.Addr = addr
|
||||||
srv.HandlerRcpt = rcpthandler
|
|
||||||
srv.Handler = handler
|
srv.Handler = handler
|
||||||
srv.Appname = appname
|
srv.Appname = appname
|
||||||
srv.Hostname = hostname
|
srv.Hostname = hostname
|
||||||
|
@ -259,11 +258,6 @@ loop:
|
||||||
to = nil
|
to = nil
|
||||||
buffer.Reset()
|
buffer.Reset()
|
||||||
case "MAIL":
|
case "MAIL":
|
||||||
|
|
||||||
log.Println("TlsConfigExists: " , s.srv.TLSConfig != nil)
|
|
||||||
log.Println("TLS_Required: " , s.srv.TLSRequired)
|
|
||||||
log.Println("We Are in Clear: ", !s.tls)
|
|
||||||
|
|
||||||
if s.srv.TLSConfig != nil && s.srv.TLSRequired && !s.tls {
|
if s.srv.TLSConfig != nil && s.srv.TLSRequired && !s.tls {
|
||||||
s.writef("530 5.7.0 Must issue a STARTTLS command first")
|
s.writef("530 5.7.0 Must issue a STARTTLS command first")
|
||||||
break
|
break
|
||||||
|
|
289
tls.go
289
tls.go
|
@ -1,289 +0,0 @@
|
||||||
package main
|
|
||||||
|
|
||||||
|
|
||||||
import (
|
|
||||||
|
|
||||||
"crypto/ecdsa"
|
|
||||||
"crypto/ed25519"
|
|
||||||
"crypto/elliptic"
|
|
||||||
"crypto/rand"
|
|
||||||
"crypto/rsa"
|
|
||||||
"crypto/x509"
|
|
||||||
"crypto/x509/pkix"
|
|
||||||
"encoding/pem"
|
|
||||||
"log"
|
|
||||||
"math/big"
|
|
||||||
"net"
|
|
||||||
"os"
|
|
||||||
"strings"
|
|
||||||
"time"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
func publicKey(priv interface{}) interface{} {
|
|
||||||
|
|
||||||
switch k := priv.(type) {
|
|
||||||
|
|
||||||
case *rsa.PrivateKey:
|
|
||||||
|
|
||||||
return &k.PublicKey
|
|
||||||
|
|
||||||
case *ecdsa.PrivateKey:
|
|
||||||
|
|
||||||
return &k.PublicKey
|
|
||||||
|
|
||||||
case ed25519.PrivateKey:
|
|
||||||
|
|
||||||
return k.Public().(ed25519.PublicKey)
|
|
||||||
|
|
||||||
default:
|
|
||||||
|
|
||||||
return nil
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
func ZMakecert() {
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
host := ZangSmtpServer.Hostname
|
|
||||||
|
|
||||||
validFrom := ""
|
|
||||||
|
|
||||||
validFor := time.Duration(3650 * 24 * time.Hour)
|
|
||||||
|
|
||||||
isCA := true
|
|
||||||
|
|
||||||
rsaBits := 4096
|
|
||||||
|
|
||||||
ecdsaCurve := "P256"
|
|
||||||
|
|
||||||
ed25519Key := true
|
|
||||||
|
|
||||||
|
|
||||||
var priv interface{}
|
|
||||||
|
|
||||||
var err error
|
|
||||||
|
|
||||||
switch ecdsaCurve {
|
|
||||||
|
|
||||||
case "":
|
|
||||||
|
|
||||||
if ed25519Key {
|
|
||||||
|
|
||||||
_, priv, err = ed25519.GenerateKey(rand.Reader)
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
priv, err = rsa.GenerateKey(rand.Reader, rsaBits)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
case "P224":
|
|
||||||
|
|
||||||
priv, err = ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
|
|
||||||
|
|
||||||
case "P256":
|
|
||||||
|
|
||||||
priv, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
||||||
|
|
||||||
case "P384":
|
|
||||||
|
|
||||||
priv, err = ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
|
|
||||||
|
|
||||||
case "P521":
|
|
||||||
|
|
||||||
priv, err = ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
|
|
||||||
|
|
||||||
default:
|
|
||||||
|
|
||||||
log.Fatalf("Unrecognized elliptic curve: %q", ecdsaCurve)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to generate private key: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
// ECDSA, ED25519 and RSA subject keys should have the DigitalSignature
|
|
||||||
|
|
||||||
// KeyUsage bits set in the x509.Certificate template
|
|
||||||
|
|
||||||
keyUsage := x509.KeyUsageDigitalSignature
|
|
||||||
|
|
||||||
// Only RSA subject keys should have the KeyEncipherment KeyUsage bits set. In
|
|
||||||
|
|
||||||
// the context of TLS this KeyUsage is particular to RSA key exchange and
|
|
||||||
|
|
||||||
// authentication.
|
|
||||||
|
|
||||||
if _, isRSA := priv.(*rsa.PrivateKey); isRSA {
|
|
||||||
|
|
||||||
keyUsage |= x509.KeyUsageKeyEncipherment
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
var notBefore time.Time
|
|
||||||
|
|
||||||
if len(validFrom) == 0 {
|
|
||||||
|
|
||||||
notBefore = time.Now()
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
notBefore, err = time.Parse("Jan 2 15:04:05 2006", validFrom)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to parse creation date: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
notAfter := notBefore.Add(validFor)
|
|
||||||
|
|
||||||
|
|
||||||
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
|
|
||||||
|
|
||||||
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to generate serial number: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
template := x509.Certificate{
|
|
||||||
|
|
||||||
SerialNumber: serialNumber,
|
|
||||||
|
|
||||||
Subject: pkix.Name{
|
|
||||||
|
|
||||||
Organization: []string{"ZangTumb Internal CA"},
|
|
||||||
Country: []string{"00"},
|
|
||||||
Province: []string{"5a622d3c-f218-11eb-9a03-0242ac130003"},
|
|
||||||
Locality: []string{"8927f2fa-f218-11eb-9a03-0242ac130003"},
|
|
||||||
StreetAddress: []string{"8927f3ea-f218-11eb-9a03-0242ac130003"},
|
|
||||||
PostalCode: []string{"666"},
|
|
||||||
|
|
||||||
},
|
|
||||||
|
|
||||||
NotBefore: notBefore,
|
|
||||||
|
|
||||||
NotAfter: notAfter,
|
|
||||||
|
|
||||||
|
|
||||||
KeyUsage: keyUsage,
|
|
||||||
|
|
||||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
|
||||||
|
|
||||||
BasicConstraintsValid: true,
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
hosts := strings.Split(host, ",")
|
|
||||||
|
|
||||||
for _, h := range hosts {
|
|
||||||
|
|
||||||
if ip := net.ParseIP(h); ip != nil {
|
|
||||||
|
|
||||||
template.IPAddresses = append(template.IPAddresses, ip)
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
template.DNSNames = append(template.DNSNames, h)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
if isCA {
|
|
||||||
|
|
||||||
template.IsCA = true
|
|
||||||
|
|
||||||
template.KeyUsage |= x509.KeyUsageCertSign
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey(priv), priv)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to create certificate: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
certOut, err := os.Create(CrtFile)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to open cert.pem for writing: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}); err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to write data to cert.pem: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := certOut.Close(); err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Error closing cert.pem: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
log.Println("Finished creating: ", CrtFile)
|
|
||||||
|
|
||||||
|
|
||||||
keyOut, err := os.OpenFile(KeyFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to open key.pem for writing: %v", err)
|
|
||||||
|
|
||||||
return
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Unable to marshal private key: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Failed to write data to key.pem: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := keyOut.Close(); err != nil {
|
|
||||||
|
|
||||||
log.Fatalf("Error closing key.pem: %v", err)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
log.Println("Finished creating: ", KeyFile)
|
|
||||||
|
|
||||||
}
|
|
19
zangtumb.go
19
zangtumb.go
|
@ -36,11 +36,11 @@ func init() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if os.Getenv("USETLS") == "true" {
|
if os.Getenv("USETLS") == "true" {
|
||||||
log.Println("Preparing TLS Keys")
|
|
||||||
ZMakecert()
|
ZangSmtpServer.ConfigureTLS(CrtFile, KeyFile)
|
||||||
ZangSmtpServer.TLSListener = false
|
ZangSmtpServer.TLSListener = false
|
||||||
ZangSmtpServer.TLSRequired = true
|
ZangSmtpServer.TLSRequired = true
|
||||||
log.Println("Using TLS: ", ZangSmtpServer.TLSRequired)
|
log.Println("Using TLS")
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
|
@ -49,21 +49,12 @@ func init() {
|
||||||
log.Println("WARNING: NOT Using TLS")
|
log.Println("WARNING: NOT Using TLS")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
log.Println("Ready to start the server.")
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
|
||||||
log.Println("Starting the server....")
|
if err := smtpd.ListenAndServe(ListenAddr, mailHandler, AppName, ServerName, ZangSmtpServer); err != nil {
|
||||||
|
|
||||||
ZangSmtpServer.ConfigureTLS(CrtFile, KeyFile)
|
|
||||||
|
|
||||||
defer log.Println("Shutting down the server")
|
|
||||||
|
|
||||||
if err := smtpd.ListenAndServe(ListenAddr, mailHandler, handlerRcpt, AppName, ServerName, ZangSmtpServer); err != nil {
|
|
||||||
log.Panicln("Ops. Something went wrong: ", err.Error())
|
log.Panicln("Ops. Something went wrong: ", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue