mirror of
https://github.com/wiggin77/mailrelay.git
synced 2024-11-26 00:53:09 +01:00
Committing the additions that add in the Allowed Sender IP functionality.
This commit is contained in:
parent
eaa5e32600
commit
0c6f4055b7
@ -27,11 +27,18 @@ func sendMail(e *mail.Envelope, config *relayConfig) error {
|
||||
msg.WriteString("\r\n")
|
||||
|
||||
Logger.Infof("starting email send -- from:%s, starttls:%t", e.MailFrom.String(), config.STARTTLS)
|
||||
Logger.Infof("Client Remote IP: %s", e.RemoteIP)
|
||||
|
||||
var err error
|
||||
var conn net.Conn
|
||||
var client *smtp.Client
|
||||
var writer io.WriteCloser
|
||||
|
||||
if AllowedSendersFilter.Blocked(e.RemoteIP) {
|
||||
Logger.Info("Remote IP of " + e.RemoteIP + " not allowed to send email.")
|
||||
return errors.Wrap(err, "Remote IP of "+e.RemoteIP+" not allowed to send email.")
|
||||
}
|
||||
|
||||
tlsconfig := &tls.Config{
|
||||
InsecureSkipVerify: config.SkipVerify, //nolint:gosec
|
||||
ServerName: config.Server,
|
||||
|
44
main.go
44
main.go
@ -1,6 +1,7 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
@ -10,6 +11,7 @@ import (
|
||||
"syscall"
|
||||
|
||||
log "github.com/flashmob/go-guerrilla/log"
|
||||
"github.com/jpillora/ipfilter"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -23,6 +25,9 @@ const (
|
||||
// Logger is the global logger
|
||||
var Logger log.Logger
|
||||
|
||||
// Global List of Allowed Sender IPs:
|
||||
var AllowedSendersFilter = ipfilter.New(ipfilter.Options{})
|
||||
|
||||
type mailRelayConfig struct {
|
||||
SMTPServer string `json:"smtp_server"`
|
||||
SMTPPort int `json:"smtp_port"`
|
||||
@ -35,6 +40,7 @@ type mailRelayConfig struct {
|
||||
LocalListenIP string `json:"local_listen_ip"`
|
||||
LocalListenPort int `json:"local_listen_port"`
|
||||
AllowedHosts []string `json:"allowed_hosts"`
|
||||
AllowedSenders string `json:"allowed_senders"`
|
||||
TimeoutSecs int `json:"timeout_secs"`
|
||||
}
|
||||
|
||||
@ -52,12 +58,16 @@ func run() error {
|
||||
var test bool
|
||||
var testsender string
|
||||
var testrcpt string
|
||||
var checkIP bool
|
||||
var ipToCheck string
|
||||
var verbose bool
|
||||
flag.StringVar(&configFile, "config", "/etc/mailrelay.json", "specifies JSON config file")
|
||||
flag.BoolVar(&test, "test", false, "sends a test message to SMTP server")
|
||||
flag.StringVar(&testsender, "sender", "", "used with 'test' to specify sender email address")
|
||||
flag.StringVar(&testrcpt, "rcpt", "", "used with 'test' to specify recipient email address")
|
||||
flag.BoolVar(&verbose, "verbose", false, "verbose output")
|
||||
flag.BoolVar(&checkIP, "checkIP", false, "Checks a provided IP address to see if it would be allowed")
|
||||
flag.StringVar(&ipToCheck, "ip", "", "used with 'checkIP' to specify IP address to test")
|
||||
flag.Parse()
|
||||
|
||||
appConfig, err := loadConfig(configFile)
|
||||
@ -66,6 +76,34 @@ func run() error {
|
||||
return fmt.Errorf("loading config: %w", err)
|
||||
}
|
||||
|
||||
if appConfig.AllowedSenders != "*" {
|
||||
file, err := os.Open(appConfig.AllowedSenders)
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed opening file: %s", err)
|
||||
}
|
||||
|
||||
scanner := bufio.NewScanner(file)
|
||||
scanner.Split(bufio.ScanLines)
|
||||
var allowedIPsAndRanges []string
|
||||
|
||||
for scanner.Scan() {
|
||||
allowedIPsAndRanges = append(allowedIPsAndRanges, scanner.Text())
|
||||
}
|
||||
|
||||
file.Close()
|
||||
|
||||
for _, eachline := range allowedIPsAndRanges {
|
||||
fmt.Println(eachline)
|
||||
}
|
||||
|
||||
AllowedSendersFilter = ipfilter.New(ipfilter.Options{
|
||||
//AllowedIPs: []string{"192.168.0.0/24"},
|
||||
AllowedIPs: allowedIPsAndRanges,
|
||||
BlockByDefault: true,
|
||||
})
|
||||
}
|
||||
|
||||
err = Start(appConfig, verbose)
|
||||
if err != nil {
|
||||
flag.Usage()
|
||||
@ -89,6 +127,11 @@ func run() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
if checkIP {
|
||||
Logger.Infof("Checking to see if %s is allowed to send email: %t", ipToCheck, AllowedSendersFilter.Allowed(ipToCheck))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Wait for SIGINT
|
||||
c := make(chan os.Signal, 1)
|
||||
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
|
||||
@ -124,6 +167,7 @@ func configDefaults(config *mailRelayConfig) {
|
||||
config.LocalListenIP = DefaultLocalListenIP
|
||||
config.LocalListenPort = DefaultLocalListenPort
|
||||
config.AllowedHosts = []string{"*"}
|
||||
config.AllowedSenders = "*"
|
||||
config.TimeoutSecs = DefaultTimeoutSecs
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user