Home Explore Help
Sign In
ThebeMail
/
ref-go-smtprelay
mirror of https://github.com/decke/smtprelay.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Implement authentication checker against a plaintext file

Bernhard Froehlich 6 years ago
parent
926c681bdf
commit
e87b1e7168
2 changed files with 35 additions and 0 deletions
Unified View Show Diff Stats
  1. 30 0
      main.go
  2. 5 0
      smtp-proxy.ini

+ 30 - 0
main.go
View File 

@@ -1,6 +1,7 @@
 
 package main
 
 package main
 
 
 
 import (
 
 import (
 
+	"bufio"
 
 	"crypto/tls"
 
 	"crypto/tls"
 
 	"flag"
 
 	"flag"
 
 	"fmt"
 
 	"fmt"
 
@@ -32,6 +33,7 @@ var (
 
 	allowedNets = flag.String("allowed_nets", "127.0.0.1/8 ::1/128", "Networks allowed to send mails")
 
 	allowedNets = flag.String("allowed_nets", "127.0.0.1/8 ::1/128", "Networks allowed to send mails")
 
 	allowedSender = flag.String("allowed_sender", "", "Regular expression for valid FROM EMail adresses")
 
 	allowedSender = flag.String("allowed_sender", "", "Regular expression for valid FROM EMail adresses")
 
 	allowedRecipients = flag.String("allowed_recipients", "", "Regular expression for valid TO EMail adresses")
 
 	allowedRecipients = flag.String("allowed_recipients", "", "Regular expression for valid TO EMail adresses")
 
+	allowedUsers = flag.String("allowed_users", "", "Path to file with valid users/passwords")
 
 	remoteHost = flag.String("remote_host", "smtp.gmail.com:587", "Outgoing SMTP server")
 
 	remoteHost = flag.String("remote_host", "smtp.gmail.com:587", "Outgoing SMTP server")
 
 	remoteUser = flag.String("remote_user", "", "Username for authentication on outgoing SMTP server")
 
 	remoteUser = flag.String("remote_user", "", "Username for authentication on outgoing SMTP server")
 
 	remotePass = flag.String("remote_pass", "", "Password for authentication on outgoing SMTP server")
 
 	remotePass = flag.String("remote_pass", "", "Password for authentication on outgoing SMTP server")
 
@@ -87,6 +89,30 @@ func recipientChecker(peer smtpd.Peer, addr string) error {
 
 	}
 
 	}
 
 }
 
 }
 
 
 
+func authChecker(peer smtpd.Peer, username string, password string) error {
 
+	file, err := os.Open(*allowedUsers)
 
+	if err != nil {
 
+		log.Printf("User file not found %v", err)
 
+		return smtpd.Error{Code: 552, Message: "Denied"}
 
+	}
 
+	defer file.Close()
 
+
 
+	scanner := bufio.NewScanner(file)
 
+	for scanner.Scan() {
 
+		parts := strings.Fields(scanner.Text())
 
+
 
+		if len(parts) != 2 {
 
+			continue
 
+		}
 
+
 
+		if username == parts[0] && password == parts[1] {
 
+			return nil
 
+		}
 
+	}
 
+
 
+	return smtpd.Error{Code: 552, Message: "Denied"}
 
+}
 
+
 
 func mailHandler(peer smtpd.Peer, env smtpd.Envelope) error {
 
 func mailHandler(peer smtpd.Peer, env smtpd.Envelope) error {
 
 
 
 	var auth smtp.Auth
 
 	var auth smtp.Auth
 
@@ -144,6 +170,10 @@ func main() {
 
 			ProtocolLogger:    log.New(logwriter, "INBOUND: ", log.Lshortfile),
 
 			ProtocolLogger:    log.New(logwriter, "INBOUND: ", log.Lshortfile),
 
 		}
 
 		}
 
 
 
+		if *allowedUsers != "" {
 
+			server.Authenticator = authChecker
 
+		}
 
+
 
 		if strings.Index(listeners[i], "://") == -1 {
 
 		if strings.Index(listeners[i], "://") == -1 {
 
 			log.Printf("Listen on %s ...\n", listener)
 
 			log.Printf("Listen on %s ...\n", listener)
 
 			go server.ListenAndServe(listener)
 
 			go server.ListenAndServe(listener)

+ 5 - 0
smtp-proxy.ini
View File 

@@ -35,6 +35,11 @@
 
 ; Example: ^(.*)@localhost.localdomain$
 
 ; Example: ^(.*)@localhost.localdomain$
 
 ;allowed_recipients =
 
 ;allowed_recipients =
 
 
 
+; File which contains username and password used for
 
+; authentication before they can send mail.
 
+; File format: username password
 
+;allowed_users =
 
+
 
 ; Relay all mails to this SMTP server
 
 ; Relay all mails to this SMTP server
 
 
 
 ; GMail
 
 ; GMail