From f756ca0c98326cfb8e1d575842ddc3496e0ca2b2 Mon Sep 17 00:00:00 2001 From: Bernhard Froehlich Date: Mon, 10 Dec 2018 10:34:31 +0000 Subject: [PATCH] Add support for TLS and STARTTLS --- main.go | 17 +++++++++++++++++ smtp-proxy.ini | 5 ++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/main.go b/main.go index eeef5d7..6bbff70 100644 --- a/main.go +++ b/main.go @@ -1,8 +1,10 @@ package main import ( + "crypto/tls" "flag" "fmt" + "log" "net/smtp" "github.com/chrj/smtpd" @@ -14,6 +16,9 @@ var ( welcomeMsg = flag.String("welcome_msg", "", "Welcome message for SMTP session") localHost = flag.String("local_host", "localhost", "Address to listen for incoming SMTP") localPort = flag.Int("local_port", 25, "Port to listen") + localForceTLS = flag.Bool("local_forcetls", false, "Force STARTTLS (needs local_cert and local_key)") + localCert = flag.String("local_cert", "", "SSL certificate for STARTTLS/TLS") + localKey = flag.String("local_key", "", "SSL private key for STARTTLS/TLS") remoteHost = flag.String("remote_host", "smtp.gmail.com", "Outgoing SMTP host") remotePort = flag.Int("remote_port", 587, "Outgoing SMTP port") remoteUser = flag.String("remote_user", "", "Username for authentication on outgoing SMTP server") @@ -39,6 +44,18 @@ func main() { Hostname: *hostName, WelcomeMessage: *welcomeMsg, Handler: handler, + ForceTLS: *localForceTLS, + } + + if *localCert != "" && *localKey != "" { + cert, err := tls.LoadX509KeyPair(*localCert, *localKey) + if err != nil { + log.Fatal(err) + } + + server.TLSConfig = &tls.Config { + Certificates: [] tls.Certificate{cert}, + } } server.ListenAndServe(fmt.Sprintf("%s:%d", *localHost, *localPort)) diff --git a/smtp-proxy.ini b/smtp-proxy.ini index 2256f11..5c0cdab 100644 --- a/smtp-proxy.ini +++ b/smtp-proxy.ini @@ -3,8 +3,11 @@ ;hostname = "localhost.localdomain" ;welcome_msg = " ESMTP ready." -;local_host = 127.0.0.1 +;local_host = localhost ;local_port = 25 +;local_cert = +;local_key = +;local_forcetls = false ;remote_host = smtp.gmail.com ;remote_port = 587