mirror of
https://github.com/wiggin77/mailrelay.git
synced 2025-07-14 05:04:59 +02:00
272 lines
6.7 KiB
Go
272 lines
6.7 KiB
Go
package main
|
|
|
|
import (
|
|
"bufio"
|
|
"encoding/json"
|
|
"errors"
|
|
"flag"
|
|
"fmt"
|
|
"net/smtp"
|
|
"os"
|
|
"os/signal"
|
|
"syscall"
|
|
|
|
"github.com/jpillora/ipfilter"
|
|
log "github.com/phires/go-guerrilla/log"
|
|
)
|
|
|
|
const (
|
|
DefaultSMTPPort = 465
|
|
DefaultMaxEmailSize = 83886080 // 80 MB (80 * 1024 * 1024)
|
|
DefaultLocalListenIP = "0.0.0.0"
|
|
DefaultLocalListenPort = 2525
|
|
DefaultTimeoutSecs = 300 // 5 minutes
|
|
MinEmailSizeBytes = 1024
|
|
)
|
|
|
|
// Logger is the global logger.
|
|
var Logger log.Logger
|
|
|
|
// AllowedSendersFilter holds the global list of allowed sender IPs.
|
|
var AllowedSendersFilter = ipfilter.New(ipfilter.Options{})
|
|
|
|
type mailRelayConfig struct {
|
|
SMTPServer string `json:"smtp_server"`
|
|
SMTPPort int `json:"smtp_port"`
|
|
SMTPStartTLS bool `json:"smtp_starttls"`
|
|
SMTPLoginAuthType bool `json:"smtp_login_auth_type"`
|
|
SMTPUsername string `json:"smtp_username"`
|
|
SMTPPassword string `json:"smtp_password"`
|
|
SMTPHelo string `json:"smtp_helo"`
|
|
SkipCertVerify bool `json:"smtp_skip_cert_verify"`
|
|
MaxEmailSize int64 `json:"smtp_max_email_size"`
|
|
LocalListenIP string `json:"local_listen_ip"`
|
|
LocalListenPort int `json:"local_listen_port"`
|
|
AllowedHosts []string `json:"allowed_hosts"`
|
|
AllowedSenders string `json:"allowed_senders"`
|
|
TimeoutSecs int `json:"timeout_secs"`
|
|
}
|
|
|
|
func main() {
|
|
err := run()
|
|
if err != nil {
|
|
fmt.Fprintln(os.Stderr, err.Error())
|
|
os.Exit(1)
|
|
}
|
|
os.Exit(0)
|
|
}
|
|
|
|
func run() error {
|
|
configFile, test, testsender, testrcpt, checkIP, ipToCheck, verbose := parseFlags()
|
|
|
|
appConfig, err := loadConfig(configFile)
|
|
if err != nil {
|
|
flag.Usage()
|
|
return fmt.Errorf("loading config: %w", err)
|
|
}
|
|
|
|
if err := setupIPFilter(appConfig); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := setupLogger(verbose); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := Start(appConfig, verbose); err != nil {
|
|
flag.Usage()
|
|
return fmt.Errorf("starting server: %w", err)
|
|
}
|
|
|
|
if test {
|
|
return runTest(testsender, testrcpt, appConfig.LocalListenPort)
|
|
}
|
|
|
|
if checkIP {
|
|
return runIPCheck(ipToCheck)
|
|
}
|
|
|
|
return waitForSignal()
|
|
}
|
|
|
|
func parseFlags() (string, bool, string, string, bool, string, bool) {
|
|
var configFile string
|
|
var test bool
|
|
var testsender string
|
|
var testrcpt string
|
|
var checkIP bool
|
|
var ipToCheck string
|
|
var verbose bool
|
|
|
|
flag.StringVar(&configFile, "config", "/etc/mailrelay.json", "specifies JSON config file")
|
|
flag.BoolVar(&test, "test", false, "sends a test message to SMTP server")
|
|
flag.StringVar(&testsender, "sender", "", "used with 'test' to specify sender email address")
|
|
flag.StringVar(&testrcpt, "rcpt", "", "used with 'test' to specify recipient email address")
|
|
flag.BoolVar(&verbose, "verbose", false, "verbose output")
|
|
flag.BoolVar(&checkIP, "checkIP", false, "checks a provided IP address to see if it would be allowed")
|
|
flag.StringVar(&ipToCheck, "ip", "", "used with 'checkIP' to specify IP address to test")
|
|
flag.Parse()
|
|
|
|
return configFile, test, testsender, testrcpt, checkIP, ipToCheck, verbose
|
|
}
|
|
|
|
func setupIPFilter(appConfig *mailRelayConfig) error {
|
|
if appConfig.AllowedSenders == "*" {
|
|
return nil
|
|
}
|
|
|
|
file, err := os.Open(appConfig.AllowedSenders)
|
|
if err != nil {
|
|
return fmt.Errorf("failed opening file: %w", err)
|
|
}
|
|
defer file.Close()
|
|
|
|
scanner := bufio.NewScanner(file)
|
|
scanner.Split(bufio.ScanLines)
|
|
var allowedIPsAndRanges []string
|
|
|
|
for scanner.Scan() {
|
|
allowedIPsAndRanges = append(allowedIPsAndRanges, scanner.Text())
|
|
}
|
|
|
|
AllowedSendersFilter = ipfilter.New(ipfilter.Options{
|
|
AllowedIPs: allowedIPsAndRanges,
|
|
BlockByDefault: true,
|
|
})
|
|
|
|
return nil
|
|
}
|
|
|
|
func setupLogger(verbose bool) error {
|
|
logLevel := "info"
|
|
if verbose {
|
|
logLevel = "debug"
|
|
}
|
|
|
|
var err error
|
|
Logger, err = log.GetLogger("stdout", logLevel)
|
|
if err != nil {
|
|
return fmt.Errorf("creating logger: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func runTest(testsender, testrcpt string, port int) error {
|
|
err := sendTest(testsender, testrcpt, port)
|
|
if err != nil {
|
|
return fmt.Errorf("sending test message: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func runIPCheck(ipToCheck string) error {
|
|
if ipToCheck == "" {
|
|
return errors.New("IP address to check is required when `checkIP` flag is used. " +
|
|
"Provide an IP address using the `-ip` flag")
|
|
}
|
|
|
|
result := ""
|
|
if !AllowedSendersFilter.Blocked(ipToCheck) {
|
|
result = "NOT "
|
|
}
|
|
fmt.Printf("IP address %s is %sallowed to send email\n", ipToCheck, result)
|
|
return nil
|
|
}
|
|
|
|
func waitForSignal() error {
|
|
c := make(chan os.Signal, 1)
|
|
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
|
|
<-c
|
|
return nil
|
|
}
|
|
|
|
func loadConfig(path string) (*mailRelayConfig, error) {
|
|
var cfg mailRelayConfig
|
|
configDefaults(&cfg)
|
|
|
|
file, err := os.Open(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer file.Close()
|
|
|
|
parser := json.NewDecoder(file)
|
|
if err := parser.Decode(&cfg); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := validateConfig(&cfg); err != nil {
|
|
return nil, fmt.Errorf("invalid configuration: %w", err)
|
|
}
|
|
|
|
return &cfg, nil
|
|
}
|
|
|
|
func configDefaults(config *mailRelayConfig) {
|
|
config.SMTPPort = DefaultSMTPPort
|
|
config.SMTPStartTLS = false
|
|
config.SMTPLoginAuthType = false
|
|
config.MaxEmailSize = DefaultMaxEmailSize
|
|
config.SkipCertVerify = false
|
|
config.LocalListenIP = DefaultLocalListenIP
|
|
config.LocalListenPort = DefaultLocalListenPort
|
|
config.AllowedHosts = []string{"*"}
|
|
config.AllowedSenders = "*"
|
|
config.TimeoutSecs = DefaultTimeoutSecs
|
|
}
|
|
|
|
// validateConfig validates the configuration values.
|
|
func validateConfig(config *mailRelayConfig) error {
|
|
if config.SMTPServer == "" {
|
|
return errors.New("smtp_server is required")
|
|
}
|
|
|
|
if config.SMTPPort < 1 || config.SMTPPort > 65535 {
|
|
return errors.New("smtp_port must be between 1 and 65535")
|
|
}
|
|
|
|
if config.LocalListenPort < 1 || config.LocalListenPort > 65535 {
|
|
return errors.New("local_listen_port must be between 1 and 65535")
|
|
}
|
|
|
|
if config.MaxEmailSize < MinEmailSizeBytes {
|
|
return errors.New("smtp_max_email_size must be at least 1024 bytes")
|
|
}
|
|
|
|
if config.TimeoutSecs < 1 || config.TimeoutSecs > 3600 {
|
|
return errors.New("timeout_secs must be between 1 and 3600 seconds")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// sendTest sends a test message to the SMTP server specified in mailrelay.json.
|
|
func sendTest(sender string, rcpt string, port int) error {
|
|
conn, err := smtp.Dial(fmt.Sprintf("localhost:%d", port))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := conn.Mail(sender); err != nil {
|
|
return err
|
|
}
|
|
if err := conn.Rcpt(rcpt); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := writeBody(conn, sender); err != nil {
|
|
return err
|
|
}
|
|
return conn.Quit()
|
|
}
|
|
|
|
func writeBody(conn *smtp.Client, sender string) error {
|
|
wc, err := conn.Data()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer wc.Close()
|
|
_, err = fmt.Fprintf(wc, "From: %s\nSubject: Test message\n\nThis is a test email from mailrelay.\n", sender)
|
|
return err
|
|
}
|