extern/mailrelay
1
0
Fork 0
mirror of https://github.com/wiggin77/mailrelay.git synced 2024-11-22 15:23:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Committing the additions that add in the Allowed Sender IP functionality.

Browse Source
This commit is contained in:
Omar Ramos 2021-01-05 15:49:46 -08:00
parent eaa5e32600
commit 0c6f4055b7
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
client.go
View File

@ -27,11 +27,18 @@ func sendMail(e *mail.Envelope, config *relayConfig) error {
msg.WriteString("\r\n") msg.WriteString("\r\n")
Logger.Infof("starting email send -- from:%s, starttls:%t", e.MailFrom.String(), config.STARTTLS) Logger.Infof("starting email send -- from:%s, starttls:%t", e.MailFrom.String(), config.STARTTLS)
Logger.Infof("Client Remote IP: %s", e.RemoteIP)
var err error var err error
var conn net.Conn var conn net.Conn
var client *smtp.Client var client *smtp.Client
var writer io.WriteCloser var writer io.WriteCloser
if AllowedSendersFilter.Blocked(e.RemoteIP) {
Logger.Info("Remote IP of " + e.RemoteIP + " not allowed to send email.")
return errors.Wrap(err, "Remote IP of "+e.RemoteIP+" not allowed to send email.")
}
tlsconfig := &tls.Config{ tlsconfig := &tls.Config{
InsecureSkipVerify: config.SkipVerify, //nolint:gosec InsecureSkipVerify: config.SkipVerify, //nolint:gosec
ServerName: config.Server, ServerName: config.Server,

44
main.go
View File

@ -1,6 +1,7 @@
package main package main
import ( import (
"bufio"
"encoding/json" "encoding/json"
"flag" "flag"
"fmt" "fmt"
@ -10,6 +11,7 @@ import (
"syscall" "syscall"
log "github.com/flashmob/go-guerrilla/log" log "github.com/flashmob/go-guerrilla/log"
"github.com/jpillora/ipfilter"
) )
const ( const (
@ -23,6 +25,9 @@ const (
// Logger is the global logger // Logger is the global logger
var Logger log.Logger var Logger log.Logger
// Global List of Allowed Sender IPs:
var AllowedSendersFilter = ipfilter.New(ipfilter.Options{})
type mailRelayConfig struct { type mailRelayConfig struct {
SMTPServer string `json:"smtp_server"` SMTPServer string `json:"smtp_server"`
SMTPPort int `json:"smtp_port"` SMTPPort int `json:"smtp_port"`
@ -35,6 +40,7 @@ type mailRelayConfig struct {
LocalListenIP string `json:"local_listen_ip"` LocalListenIP string `json:"local_listen_ip"`
LocalListenPort int `json:"local_listen_port"` LocalListenPort int `json:"local_listen_port"`
AllowedHosts []string `json:"allowed_hosts"` AllowedHosts []string `json:"allowed_hosts"`
AllowedSenders string `json:"allowed_senders"`
TimeoutSecs int `json:"timeout_secs"` TimeoutSecs int `json:"timeout_secs"`
} }
@ -52,12 +58,16 @@ func run() error {
var test bool var test bool
var testsender string var testsender string
var testrcpt string var testrcpt string
var checkIP bool
var ipToCheck string
var verbose bool var verbose bool
flag.StringVar(&configFile, "config", "/etc/mailrelay.json", "specifies JSON config file") flag.StringVar(&configFile, "config", "/etc/mailrelay.json", "specifies JSON config file")
flag.BoolVar(&test, "test", false, "sends a test message to SMTP server") flag.BoolVar(&test, "test", false, "sends a test message to SMTP server")
flag.StringVar(&testsender, "sender", "", "used with 'test' to specify sender email address") flag.StringVar(&testsender, "sender", "", "used with 'test' to specify sender email address")
flag.StringVar(&testrcpt, "rcpt", "", "used with 'test' to specify recipient email address") flag.StringVar(&testrcpt, "rcpt", "", "used with 'test' to specify recipient email address")
flag.BoolVar(&verbose, "verbose", false, "verbose output") flag.BoolVar(&verbose, "verbose", false, "verbose output")
flag.BoolVar(&checkIP, "checkIP", false, "Checks a provided IP address to see if it would be allowed")
flag.StringVar(&ipToCheck, "ip", "", "used with 'checkIP' to specify IP address to test")
flag.Parse() flag.Parse()
appConfig, err := loadConfig(configFile) appConfig, err := loadConfig(configFile)
@ -66,6 +76,34 @@ func run() error {
return fmt.Errorf("loading config: %w", err) return fmt.Errorf("loading config: %w", err)
} }
if appConfig.AllowedSenders != "*" {
file, err := os.Open(appConfig.AllowedSenders)
if err != nil {
return fmt.Errorf("failed opening file: %s", err)
}
scanner := bufio.NewScanner(file)
scanner.Split(bufio.ScanLines)
var allowedIPsAndRanges []string
for scanner.Scan() {
allowedIPsAndRanges = append(allowedIPsAndRanges, scanner.Text())
}
file.Close()
for _, eachline := range allowedIPsAndRanges {
fmt.Println(eachline)
}
AllowedSendersFilter = ipfilter.New(ipfilter.Options{
//AllowedIPs: []string{"192.168.0.0/24"},
AllowedIPs: allowedIPsAndRanges,
BlockByDefault: true,
})
}
err = Start(appConfig, verbose) err = Start(appConfig, verbose)
if err != nil { if err != nil {
flag.Usage() flag.Usage()
@ -89,6 +127,11 @@ func run() error {
return nil return nil
} }
if checkIP {
Logger.Infof("Checking to see if %s is allowed to send email: %t", ipToCheck, AllowedSendersFilter.Allowed(ipToCheck))
return nil
}
// Wait for SIGINT // Wait for SIGINT
c := make(chan os.Signal, 1) c := make(chan os.Signal, 1)
signal.Notify(c, os.Interrupt, syscall.SIGTERM) signal.Notify(c, os.Interrupt, syscall.SIGTERM)
@ -124,6 +167,7 @@ func configDefaults(config *mailRelayConfig) {
config.LocalListenIP = DefaultLocalListenIP config.LocalListenIP = DefaultLocalListenIP
config.LocalListenPort = DefaultLocalListenPort config.LocalListenPort = DefaultLocalListenPort
config.AllowedHosts = []string{"*"} config.AllowedHosts = []string{"*"}
config.AllowedSenders = "*"
config.TimeoutSecs = DefaultTimeoutSecs config.TimeoutSecs = DefaultTimeoutSecs
} }