drew/smtprelay
1
0
Fork 1
mirror of https://github.com/decke/smtprelay.git synced 2025-12-26 00:42:29 -07:00
Code Issues Packages Projects Releases Wiki Activity

Implement authentication checker against a plaintext file

Browse Source
This commit is contained in:
Bernhard Froehlich
2018-12-20 13:52:19 +00:00
parent 926c681bdf
commit e87b1e7168
2 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
main.go
View File

@@ -1,6 +1,7 @@
package main package main
import ( import (
"bufio"
"crypto/tls" "crypto/tls"
"flag" "flag"
"fmt" "fmt"
@@ -32,6 +33,7 @@ var (
allowedNets = flag.String("allowed_nets", "127.0.0.1/8 ::1/128", "Networks allowed to send mails") allowedNets = flag.String("allowed_nets", "127.0.0.1/8 ::1/128", "Networks allowed to send mails")
allowedSender = flag.String("allowed_sender", "", "Regular expression for valid FROM EMail adresses") allowedSender = flag.String("allowed_sender", "", "Regular expression for valid FROM EMail adresses")
allowedRecipients = flag.String("allowed_recipients", "", "Regular expression for valid TO EMail adresses") allowedRecipients = flag.String("allowed_recipients", "", "Regular expression for valid TO EMail adresses")
allowedUsers = flag.String("allowed_users", "", "Path to file with valid users/passwords")
remoteHost = flag.String("remote_host", "smtp.gmail.com:587", "Outgoing SMTP server") remoteHost = flag.String("remote_host", "smtp.gmail.com:587", "Outgoing SMTP server")
remoteUser = flag.String("remote_user", "", "Username for authentication on outgoing SMTP server") remoteUser = flag.String("remote_user", "", "Username for authentication on outgoing SMTP server")
remotePass = flag.String("remote_pass", "", "Password for authentication on outgoing SMTP server") remotePass = flag.String("remote_pass", "", "Password for authentication on outgoing SMTP server")
@@ -87,6 +89,30 @@ func recipientChecker(peer smtpd.Peer, addr string) error {
} }
} }
func authChecker(peer smtpd.Peer, username string, password string) error {
file, err := os.Open(*allowedUsers)
if err != nil {
log.Printf("User file not found %v", err)
return smtpd.Error{Code: 552, Message: "Denied"}
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
parts := strings.Fields(scanner.Text())
if len(parts) != 2 {
continue
}
if username == parts[0] && password == parts[1] {
return nil
}
}
return smtpd.Error{Code: 552, Message: "Denied"}
}
func mailHandler(peer smtpd.Peer, env smtpd.Envelope) error { func mailHandler(peer smtpd.Peer, env smtpd.Envelope) error {
var auth smtp.Auth var auth smtp.Auth
@@ -144,6 +170,10 @@ func main() {
ProtocolLogger: log.New(logwriter, "INBOUND: ", log.Lshortfile), ProtocolLogger: log.New(logwriter, "INBOUND: ", log.Lshortfile),
} }
if *allowedUsers != "" {
server.Authenticator = authChecker
}
if strings.Index(listeners[i], "://") == -1 { if strings.Index(listeners[i], "://") == -1 {
log.Printf("Listen on %s ...\n", listener) log.Printf("Listen on %s ...\n", listener)
go server.ListenAndServe(listener) go server.ListenAndServe(listener)

5
smtp-proxy.ini
View File

@@ -35,6 +35,11 @@
; Example: ^(.*)@localhost.localdomain$ ; Example: ^(.*)@localhost.localdomain$
;allowed_recipients = ;allowed_recipients =
; File which contains username and password used for
; authentication before they can send mail.
; File format: username password
;allowed_users =
; Relay all mails to this SMTP server ; Relay all mails to this SMTP server
; GMail ; GMail