Kevin Schoon 1 week ago
73 commits
01de4f37 main
move spf validation out of session
file commit size mode time
.containerignore add a basic containerfile for maitred-debug 7 B -rw-r--r-- 1 month ago
.gitignore Reduce duplicated code for STARTTLS connections 29 B -rw-r--r-- 2 weeks ago
Cargo.lock re-write session to work like a state machine, lots of other… 61 KiB -rw-r--r-- 1 week ago
Cargo.toml make maitred-debug a top level package 71 B -rw-r--r-- 1 week ago
Containerfile working STARTTLS implementation 384 B -rw-r--r-- 3 weeks ago
LICENSE add license 33.7 KiB -rw-r--r-- 2 months ago
README.md move spf validation out of session 4 KiB -rw-r--r-- 1 week ago
contrib add support for HAProxy's PROXY Protocol NaN B d--------- 3 weeks ago
demo add neomutt demo accounts, improve maitred-debug NaN B d--------- 1 month ago
maitred-debug fix spf validation failure NaN B d--------- 1 week ago
maitred.toml move spf validation out of session 511 B -rw-r--r-- 1 week ago
maitred move spf validation out of session NaN B d--------- 1 week ago
rfcs add placeholder for REQUIRETLS NaN B d--------- 3 weeks ago
scripts add tls no-auth test NaN B d--------- 1 week ago

maitred

Lightweight embeddable SMTP RFC5321 server for use in applications that need to receive e-mail.

Use Case

The original goal of this library is to have a usable SMTP server that can be embedded in mailing list software, particularly for use in Ayllu and Mailpot. After considering all of the existing SMTP servers there was no Rust library that could be easily embedded in an application and general purpose SMTP servers like Postfix are too complex to be reasonably packaged.

Security

Relaying

Due to the common abuse of the SMTP protocol by nefarious internet actors the default behavior of this package must never allow open relaying without explicit and conscious configuration from the user. Additionally the SMTP server must never expose the e-mail addresses or other user data contained within.

Alpha Status

This library is in an “alpha” state currently and should not be considered stable until it reaches version 1.0, use at your own risk!

Protocol Status

SMTP Base server and Commands RFC5321

Name Status Notes
HELO
EHLO
MAIL
RCPT
BDAT
DATA
AUTH SASL PLAIN only
VRFY
EXPN
STARTTLS

ESMTP Extensions

Name Status RFC
SIZE RFC1870
PIPELINING RFC2920
8BITMIME RFC6152
ENHANCED STATUS CODES ⚠️ RFC2920
SMTPUTF8 TODO RFC6531
CHUNKING RFC3030
DSN TODO RFC3461
ETRN RFC1985
ATRN RFC2645
BURL RFC4468
REQUIRETLS TODO RFC8689

Authentication Extensions

All authentication extensions are implemented with the mail-auth package from Stalwart.

name status
DKIM Verification
ARC Chain Verification TODO
SPF Policy Evaluation
DMARC Policy Evaluation TODO

TLS Configuration

STARTTLS is supported for upgrading plain text connections (opportunistic TLS).

Implicit TLS on a dedicated port is a WIP.

Proxy Protocol

Often times you don’t want to bind directly to privileged port 25. Maitred provdes support for HAProxy’s PROXY protocol which lets you proxy traffic from Nginx (or HAProxy) and expose the client’s original source IP address. This is required for SPF session level validation.

Attributions

Several of the free software libraries released by stalwart are in use here.

Clone

HTTP

Subscribe

License

AGPL-3.0

Authors

Kevin Schoon: 100%

Analysis

Recent Activity (90 days) 0 2000 4000 6000 8000 10000 0 10 20 30 40 50 60 70 80 90 Composition [2659 LOC] Rust TOML Shell Markdown Plain Text 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%