README
¶
go-smtp
An ESMTP client and server library written in Go.
Features
- ESMTP client & server implementing RFC 5321
- Support for SMTP AUTH and PIPELINING
- UTF-8 support for subject and message
- LMTP support
Usage
Client
package main
import (
"log"
"strings"
"github.com/emersion/go-sasl"
"github.com/emersion/go-smtp"
)
func main() {
// Setup authentication information.
auth := sasl.NewPlainClient("", "user@example.com", "password")
// Connect to the server, authenticate, set the sender and recipient,
// and send the email all in one step.
to := []string{"recipient@example.net"}
msg := strings.NewReader("To: recipient@example.net\r\n" +
"Subject: discount Gophers!\r\n" +
"\r\n" +
"This is the email body.\r\n")
err := smtp.SendMail("mail.example.com:25", auth, "sender@example.org", to, msg)
if err != nil {
log.Fatal(err)
}
}
If you need more control, you can use Client instead. For example, if you
want to send an email via a server without TLS or auth support, you can do
something like this:
package main
import (
"log"
"strings"
"github.com/emersion/go-smtp"
)
func main() {
// Setup an unencrypted connection to a local mail server.
c, err := smtp.Dial("localhost:25")
if err != nil {
return err
}
defer c.Close()
// Set the sender and recipient, and send the email all in one step.
to := []string{"recipient@example.net"}
msg := strings.NewReader("To: recipient@example.net\r\n" +
"Subject: discount Gophers!\r\n" +
"\r\n" +
"This is the email body.\r\n")
err := c.SendMail("sender@example.org", to, msg)
if err != nil {
log.Fatal(err)
}
}
Server
package main
import (
"errors"
"io"
"io/ioutil"
"log"
"time"
"github.com/emersion/go-smtp"
)
// The Backend implements SMTP server methods.
type Backend struct{}
func (bkd *Backend) NewSession(_ *smtp.Conn) (smtp.Session, error) {
return &Session{}, nil
}
// A Session is returned after EHLO.
type Session struct {
auth bool
}
func (s *Session) AuthPlain(username, password string) error {
if username != "username" || password != "password" {
return smtp.ErrAuthFailed
}
s.auth = true
return nil
}
func (s *Session) Mail(from string, opts *smtp.MailOptions) error {
if !s.auth {
return smtp.ErrAuthRequired
}
log.Println("Mail from:", from)
return nil
}
func (s *Session) Rcpt(to string) error {
if !s.auth {
return smtp.ErrAuthRequired
}
log.Println("Rcpt to:", to)
return nil
}
func (s *Session) Data(r io.Reader) error {
if !s.auth {
return smtp.ErrAuthRequired
}
if b, err := ioutil.ReadAll(r); err != nil {
return err
} else {
log.Println("Data:", string(b))
}
return nil
}
func (s *Session) Reset() {}
func (s *Session) Logout() error {
return nil
}
func main() {
be := &Backend{}
s := smtp.NewServer(be)
s.Addr = ":1025"
s.Domain = "localhost"
s.ReadTimeout = 10 * time.Second
s.WriteTimeout = 10 * time.Second
s.MaxMessageBytes = 1024 * 1024
s.MaxRecipients = 50
s.AllowInsecureAuth = true
log.Println("Starting server at", s.Addr)
if err := s.ListenAndServe(); err != nil {
log.Fatal(err)
}
}
You can use the server manually with telnet:
$ telnet localhost 1025
EHLO localhost
AUTH PLAIN
AHVzZXJuYW1lAHBhc3N3b3Jk
MAIL FROM:<root@nsa.gov>
RCPT TO:<root@gchq.gov.uk>
DATA
Hey <3
.
Relationship with net/smtp
The Go standard library provides a SMTP client implementation in net/smtp.
However net/smtp is frozen: it's not getting any new features. go-smtp
provides a server implementation and a number of client improvements.
Licence
MIT
Documentation
¶
Overview ¶
Library for Simple Authentication and Security Layer (SASL) defined in RFC 4422.
Package smtp implements the Simple Mail Transfer Protocol as defined in RFC 5321.
It also implements the following extensions:
8BITMIME: RFC 1652 AUTH: RFC 2554 STARTTLS: RFC 3207 ENHANCEDSTATUSCODES: RFC 2034 SMTPUTF8: RFC 6531 REQUIRETLS: RFC 8689 CHUNKING: RFC 3030 BINARYMIME: RFC 3030
LMTP (RFC 2033) is also supported.
Additional extensions may be handled by other packages.
Index ¶
- Constants
- Variables
- type AnonymousAuthenticator
- type Backend
- type BodyType
- type Conn
- type CramMd5Authenticator
- type EnhancedCode
- type ExternalAuthenticator
- type LMTPSession
- type Logger
- type LoginAuthenticator
- type MailOptions
- type OAuthBearerAuthenticator
- type OAuthBearerError
- type OAuthBearerOptions
- type PlainAuthenticator
- type SMTPError
- type SaslClient
- func NewAnonymousClient(trace string) SaslClient
- func NewCramMd5Client(username, password string) SaslClient
- func NewExternalClient(identity string) SaslClient
- func NewLoginClient(username, password string) SaslClient
- func NewOAuthBearerClient(opt *OAuthBearerOptions) SaslClient
- func NewPlainClient(identity, username, password string) SaslClient
- type SaslServer
- func NewAnonymousServer(authenticator AnonymousAuthenticator) SaslServer
- func NewCramMd5Server(authenticator func(username string, password string) error) SaslServer
- func NewExternalServer(authenticator ExternalAuthenticator) SaslServer
- func NewLoginServer(authenticator func(username string, password string) error) SaslServer
- func NewOAuthBearerServer(auth OAuthBearerAuthenticator) SaslServer
- func NewPlainServer(authenticator PlainAuthenticator) SaslServer
- type SaslServerFactory
- type Server
- func (s *Server) AddCramMd5Login()
- func (s *Server) AddSaslLogin()
- func (s *Server) AddSaslPlain()
- func (s *Server) AddTokenLogin()
- func (s *Server) Close() error
- func (s *Server) EnableAuth(name string, f SaslServerFactory)
- func (s *Server) ForEachConn(f func(*Conn))
- func (s *Server) ListenAndServe() error
- func (s *Server) ListenAndServeTLS() error
- func (s *Server) Serve(l net.Listener) error
- func (s *Server) SetMinimumCaps(caps []string)
- func (s *Server) Shutdown(ctx context.Context) error
- type Session
- type StatusCollector
Constants ¶
const Anonymous = "ANONYMOUS"
The ANONYMOUS mechanism name.
const CramMd5 = "CRAM-MD5"
CramMd5 The LOGIN mechanism name.
const External = "EXTERNAL"
The EXTERNAL mechanism name.
const Login = "LOGIN"
The LOGIN mechanism name.
const OAuthBearer = "OAUTHBEARER"
The OAUTHBEARER mechanism name.
const Plain = "PLAIN"
The PLAIN mechanism name.
Variables ¶
var ( ErrUnexpectedClientResponse = errors.New("sasl: unexpected client response") ErrUnexpectedServerChallenge = errors.New("sasl: unexpected server challenge") )
Common SASL errors.
var ( ErrAuthFailed = &SMTPError{ Code: 535, EnhancedCode: EnhancedCode{5, 7, 8}, Message: "Authentication failed", } ErrAuthRequired = &SMTPError{ Code: 502, EnhancedCode: EnhancedCode{5, 7, 0}, Message: "Please authenticate first", } ErrAuthUnsupported = &SMTPError{ Code: 502, EnhancedCode: EnhancedCode{5, 7, 0}, Message: "Authentication not supported", } )
var EnhancedCodeNotSet = EnhancedCode{0, 0, 0}
EnhancedCodeNotSet is a nil value of EnhancedCode field in SMTPError, used to indicate that backend failed to provide enhanced status code. X.0.0 will be used (X is derived from error code).
var ErrDataReset = errors.New("smtp: message transmission aborted")
ErrDataReset is returned by Reader pased to Data function if client does not send another BDAT command and instead closes connection or issues RSET command.
var ErrDataTooLarge = &SMTPError{ Code: 552, EnhancedCode: EnhancedCode{5, 3, 4}, Message: "Maximum message size exceeded", }
var (
ErrServerClosed = errors.New("smtp: server already closed")
)
var ErrTooLongLine = errors.New("smtp: too long a line in input stream")
var NoEnhancedCode = EnhancedCode{-1, -1, -1}
NoEnhancedCode is used to indicate that enhanced error code should not be included in response.
Note that RFC 2034 requires an enhanced code to be included in all 2xx, 4xx and 5xx responses. This constant is exported for use by extensions, you should probably use EnhancedCodeNotSet instead.
var (
Smtp_Message_Welcome = "Hello %s"
)
Functions ¶
This section is empty.
Types ¶
type AnonymousAuthenticator ¶ added in v0.0.1
Get trace information from clients logging in anonymously.
type Conn ¶
type Conn struct {
// contains filtered or unexported fields
}
func (*Conn) TLSConnectionState ¶
func (c *Conn) TLSConnectionState() (state tls.ConnectionState, ok bool)
TLSConnectionState returns the connection's TLS connection state. Zero values are returned if the connection doesn't use TLS.
type CramMd5Authenticator ¶ added in v0.0.8
CramMd5Authenticator Authenticates users with an username and a password.
type EnhancedCode ¶
type EnhancedCode [3]int
func ResponseBadPipe ¶ added in v0.0.8
func ResponseBadPipe() (int, EnhancedCode, string)
func ResponseNoEhlo ¶ added in v0.0.8
func ResponseNoEhlo() (int, EnhancedCode, string)
func ResponseWelcome ¶ added in v0.0.8
func ResponseWelcome(ehlo string) (int, EnhancedCode, string)
type ExternalAuthenticator ¶ added in v0.0.1
ExternalAuthenticator authenticates users with the EXTERNAL mechanism. If the identity is left blank, it indicates that it is the same as the one used in the external credentials. If identity is not empty and the server doesn't support it, an error must be returned.
type LMTPSession ¶
type LMTPSession interface {
// LMTPData is the LMTP-specific version of Data method.
// It can be optionally implemented by the backend to provide
// per-recipient status information when it is used over LMTP
// protocol.
//
// LMTPData implementation sets status information using passed
// StatusCollector by calling SetStatus once per each AddRcpt
// call, even if AddRcpt was called multiple times with
// the same argument. SetStatus must not be called after
// LMTPData returns.
//
// Return value of LMTPData itself is used as a status for
// recipients that got no status set before using StatusCollector.
LMTPData(r io.Reader, status StatusCollector) error
}
LMTPSession is an add-on interface for Session. It can be implemented by LMTP servers to provide extra functionality.
type Logger ¶
type Logger interface {
Printf(format string, v ...interface{})
Println(v ...interface{})
}
Logger interface is used by Server to report unexpected internal errors.
type LoginAuthenticator ¶ added in v0.0.1
Authenticates users with an username and a password.
type MailOptions ¶
type MailOptions struct {
// Value of BODY= argument, 7BIT, 8BITMIME or BINARYMIME.
Body BodyType
// Size of the body. Can be 0 if not specified by client.
Size int
// TLS is required for the message transmission.
//
// The message should be rejected if it can't be transmitted
// with TLS.
RequireTLS bool
// The message envelope or message header contains UTF-8-encoded strings.
// This flag is set by SMTPUTF8-aware (RFC 6531) client.
UTF8 bool
// The authorization identity asserted by the message sender in decoded
// form with angle brackets stripped.
//
// nil value indicates missing AUTH, non-nil empty string indicates
// AUTH=<>.
//
// Defined in RFC 4954.
Auth *string
}
MailOptions contains custom arguments that were passed as an argument to the MAIL command.
type OAuthBearerAuthenticator ¶ added in v0.0.2
type OAuthBearerAuthenticator func(opts OAuthBearerOptions) *OAuthBearerError
type OAuthBearerError ¶ added in v0.0.2
type OAuthBearerError struct {
Status string `json:"status"`
Schemes string `json:"schemes"`
Scope string `json:"scope"`
}
func (*OAuthBearerError) Error ¶ added in v0.0.2
func (err *OAuthBearerError) Error() string
Implements error
type OAuthBearerOptions ¶ added in v0.0.2
type PlainAuthenticator ¶ added in v0.0.1
Authenticates users with an identity, a username and a password. If the identity is left blank, it indicates that it is the same as the username. If identity is not empty and the server doesn't support it, an error must be returned.
type SMTPError ¶
type SMTPError struct {
Code int
EnhancedCode EnhancedCode
Message string
}
SMTPError specifies the error code, enhanced error code (if any) and message returned by the server.
type SaslClient ¶ added in v0.0.1
type SaslClient interface {
// Begins SASL authentication with the server. It returns the
// authentication mechanism name and "initial response" data (if required by
// the selected mechanism). A non-nil error causes the client to abort the
// authentication attempt.
//
// A nil ir value is different from a zero-length value. The nil value
// indicates that the selected mechanism does not use an initial response,
// while a zero-length value indicates an empty initial response, which must
// be sent to the server.
Start() (mech string, ir []byte, err error)
// Continues challenge-response authentication. A non-nil error causes
// the client to abort the authentication attempt.
Next(challenge []byte) (response []byte, err error)
}
Client interface to perform challenge-response authentication.
func NewAnonymousClient ¶ added in v0.0.1
func NewAnonymousClient(trace string) SaslClient
A client implementation of the ANONYMOUS authentication mechanism, as described in RFC 4505.
func NewCramMd5Client ¶ added in v0.0.8
func NewCramMd5Client(username, password string) SaslClient
func NewExternalClient ¶ added in v0.0.1
func NewExternalClient(identity string) SaslClient
An implementation of the EXTERNAL authentication mechanism, as described in RFC 4422. Authorization identity may be left blank to indicate that the client is requesting to act as the identity associated with the authentication credentials.
func NewLoginClient ¶ added in v0.0.1
func NewLoginClient(username, password string) SaslClient
A client implementation of the LOGIN authentication mechanism for SMTP, as described in http://www.iana.org/go/draft-murchison-sasl-login
It is considered obsolete, and should not be used when other mechanisms are available. For plaintext password authentication use PLAIN mechanism.
func NewOAuthBearerClient ¶ added in v0.0.2
func NewOAuthBearerClient(opt *OAuthBearerOptions) SaslClient
An implementation of the OAUTHBEARER authentication mechanism, as described in RFC 7628.
func NewPlainClient ¶ added in v0.0.1
func NewPlainClient(identity, username, password string) SaslClient
A client implementation of the PLAIN authentication mechanism, as described in RFC 4616. Authorization identity may be left blank to indicate that it is the same as the username.
type SaslServer ¶ added in v0.0.1
type SaslServer interface {
// Begins or continues challenge-response authentication. If the client
// supplies an initial response, response is non-nil.
//
// If the authentication is finished, done is set to true. If the
// authentication has failed, an error is returned.
Next(response []byte) (challenge []byte, done bool, err error)
}
Server interface to perform challenge-response authentication.
func NewAnonymousServer ¶ added in v0.0.1
func NewAnonymousServer(authenticator AnonymousAuthenticator) SaslServer
A server implementation of the ANONYMOUS authentication mechanism, as described in RFC 4505.
func NewCramMd5Server ¶ added in v0.0.8
func NewCramMd5Server(authenticator func(username string, password string) error) SaslServer
A server implementation of the LOGIN authentication mechanism, as described in https://tools.ietf.org/html/draft-murchison-sasl-login-00.
LOGIN is obsolete and should only be enabled for legacy clients that cannot be updated to use PLAIN.
func NewExternalServer ¶ added in v0.0.1
func NewExternalServer(authenticator ExternalAuthenticator) SaslServer
NewExternalServer creates a server implementation of the EXTERNAL authentication mechanism, as described in RFC 4422.
func NewLoginServer ¶ added in v0.0.1
func NewLoginServer(authenticator func(username string, password string) error) SaslServer
A server implementation of the LOGIN authentication mechanism, as described in https://tools.ietf.org/html/draft-murchison-sasl-login-00.
LOGIN is obsolete and should only be enabled for legacy clients that cannot be updated to use PLAIN.
func NewOAuthBearerServer ¶ added in v0.0.2
func NewOAuthBearerServer(auth OAuthBearerAuthenticator) SaslServer
func NewPlainServer ¶ added in v0.0.1
func NewPlainServer(authenticator PlainAuthenticator) SaslServer
A server implementation of the PLAIN authentication mechanism, as described in RFC 4616.
type SaslServerFactory ¶
type SaslServerFactory func(conn *Conn) SaslServer
SaslServerFactory A function that creates SASL servers.
type Server ¶
type Server struct {
// TCP or Unix address to listen on.
Addr string
// The server TLS configuration.
TLSConfig *tls.Config
// Enable LMTP mode, as defined in RFC 2033. LMTP mode cannot be used with a
// TCP listener.
LMTP bool
Domain string
MaxRecipients int
MaxMessageBytes int
MaxLineLength int
AllowInsecureAuth bool
Strict bool
Debug io.Writer
ErrorLog Logger
ReadTimeout time.Duration
WriteTimeout time.Duration
// Advertise SMTPUTF8 (RFC 6531) capability.
// Should be used only if backend supports it.
EnableSMTPUTF8 bool
// Advertise REQUIRETLS (RFC 8689) capability.
// Should be used only if backend supports it.
EnableREQUIRETLS bool
// Advertise BINARYMIME (RFC 3030) capability.
// Should be used only if backend supports it.
EnableBINARYMIME bool
// If set, the AUTH command will not be advertised and authentication
// attempts will be rejected. This setting overrides AllowInsecureAuth.
AuthDisabled bool
// The server backend.
Backend Backend
// contains filtered or unexported fields
}
Server A SMTP server.
func (*Server) AddCramMd5Login ¶ added in v0.0.8
func (s *Server) AddCramMd5Login()
func (*Server) AddSaslLogin ¶ added in v0.0.8
func (s *Server) AddSaslLogin()
func (*Server) AddSaslPlain ¶ added in v0.0.8
func (s *Server) AddSaslPlain()
func (*Server) AddTokenLogin ¶ added in v0.0.11
func (s *Server) AddTokenLogin()
func (*Server) Close ¶
Close immediately closes all active listeners and connections.
Close returns any error returned from closing the server's underlying listener(s).
func (*Server) EnableAuth ¶
func (s *Server) EnableAuth(name string, f SaslServerFactory)
EnableAuth enables an authentication mechanism on this server.
This function should not be called directly, it must only be used by libraries implementing extensions of the SMTP protocol.
func (*Server) ForEachConn ¶
ForEachConn iterates through all opened connections.
func (*Server) ListenAndServe ¶
ListenAndServe listens on the network address s.Addr and then calls Serve to handle requests on incoming connections.
If s.Addr is blank and LMTP is disabled, ":smtp" is used.
func (*Server) ListenAndServeTLS ¶
ListenAndServeTLS listens on the TCP network address s.Addr and then calls Serve to handle requests on incoming TLS connections.
If s.Addr is blank, ":smtps" is used.
func (*Server) SetMinimumCaps ¶
func (*Server) Shutdown ¶
Shutdown gracefully shuts down the server without interrupting any active connections. Shutdown works by first closing all open listeners and then waiting indefinitely for connections to return to idle and then shut down. If the provided context expires before the shutdown is complete, Shutdown returns the context's error, otherwise it returns any error returned from closing the Server's underlying Listener(s).
type Session ¶
type Session interface {
// Discard currently processed message.
Reset()
// Free all resources associated with session.
Logout() error
// Authenticate the user using SASL PLAIN.
AuthPlain(username, password string) error
// Authenticate the user using SASL LOGIN.
AuthLogin(username, password string) error
// Authenticate the user using SASL LOGIN.
AuthCramMd5(username, password string) error
// Authenticate the user using SASL LOGIN.
AuthToken(token string) error
// Set return path for currently processed message.
Mail(from string, opts *MailOptions) error
// Add recipient for currently processed message.
Rcpt(to string) error
// Set currently processed message contents and send it.
//
// r must be consumed before Data returns.
Data(r io.Reader) error
// Var
CanContinue() error
Verp() string
}
Session is used by servers to respond to an SMTP client.
The methods are called when the remote client issues the matching command.
type StatusCollector ¶
StatusCollector allows a backend to provide per-recipient status information.
Source Files