Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@carlgo11/smtp-server

Package Overview
Dependencies
Maintainers
0
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@carlgo11/smtp-server

Simple lightweight SMTP server written in Node.js

  • 0.0.5
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
decreased by-100%
Maintainers
0
Weekly downloads
 
Created
Source

SMTP Server

A customizable and lightweight SMTP server designed for efficient email handling and extensibility. Built with modularity in mind, this server allows developers to easily integrate custom behavior through event-driven architecture, enabling seamless customization, whether it's for a small-scale personal project or a large-scale production environment.

Why Choose This SMTP Server?

  • Highly Customizable: Easily add your own business logic at different stages of the SMTP session. From filtering emails based on sender addresses to validating content before accepting the message, the callback system makes customization intuitive and powerful.

  • Event-Driven Architecture: Built on top of Node.js’s event model, this server emits events for each SMTP command, providing hooks to control and respond to every aspect of email handling, enabling advanced features like throttling, logging, and monitoring.

  • Lightweight and Efficient: Designed with performance in mind, the server is capable of handling multiple clients concurrently without heavy resource usage. By using async/await for non-blocking I/O, it ensures that each connection is processed quickly and efficiently.

  • Secure by Default: With built-in support for secure (TLS) connections, you can enforce STARTTLS and other security policies to ensure that emails are transmitted safely over the network. The server is designed to be compatible with modern security practices.

  • Enhanced Status Code Support: Provides support for RFC-compliant enhanced status codes, making it easier to diagnose and handle issues related to email delivery.

  • Developer-Friendly: Comes with comprehensive examples and detailed documentation to help you quickly set up the server, understand how it works, and start customizing it for your specific needs. Whether you’re developing a new email processing system, integrating with an existing application, or learning about SMTP, this server makes it easy.

Who is This For?

This SMTP server is perfect for:

  • Developers Building Custom Email Solutions: If you need complete control over how emails are processed, validated, and routed.
  • Security-Conscious Applications: Where validating senders, enforcing policies, and controlling the flow of messages is a critical requirement.
  • Learning and Experimentation: Provides a great playground for those looking to learn about the internals of SMTP, email protocols, and secure communication.

How It Works

The server begins by listening for incoming SMTP connections and provides hooks (callbacks) that allow you to manage the session. You have full control over each stage:

  • Connection Management: You can handle new client connections, enforce connection limits, and decide how to respond based on the client's IP address or behavior.
  • SMTP Commands: Customize how each command—like EHLO, MAIL FROM, RCPT TO, DATA—is processed. You can validate the content, enforce policies, or even reject messages based on specific conditions.
  • Secure Connections: The server supports STARTTLS, allowing clients to upgrade their connection to a secure one. You can choose whether to require or enforce TLS.

Getting Started

Prerequisites

  • Node.js: Ensure that you have Node.js installed on your machine (>=20.x recommended).
  • npm/yarn: Use npm or yarn for package management.

Installation

  1. Install smtp-server
    npm install @carlgo11/smtp-server
    
  2. Set up a script to call SMTPServer
    See Example.

Usage

To integrate this SMTP server into your project, you can start the server and listen to various events to handle the email flow.

Example

import {SMTPServer, Response} from '@carlgo11/smtp-server';

// Create server instance
const server = new SMTPServer({
  tlsOptions: {
    key: 'key.pem',
    cert: 'cert.pem',
  },
});

// Define event handlers
server.onConnect((session) => {
  console.log(`Client connected: ${session.clientIP}`);
});

server.onEHLO((address, session) => {
  console.log(`EHLO received from: ${address}`);
});

// Other hooks or event handlers...

//Start server on port 25
server.listen(25, null,() => {
   Logger.info(`SMTP Server listening on ${context.port}`);
});

Hooks and Event Flow

The SMTP server provides several hooks (callbacks) that you can implement to manage different stages of an SMTP session. Each callback corresponds to a specific phase of the email transfer process:

Hooks

Hooks (callbacks) offer you to intervene during an event (such as EHLO) and pass or reject a client's request. The downside to this is that the server will freeze the conversation with the client until your code returns. All hooks support Promises (async/await).

Hook NameArgumentsDescription
onConnectsessionTriggered when a client connects to the server.
onDisconnectsessionTriggered when a client disconnects from the server.
onEHLOaddress, sessionTriggered when the server receives the EHLO command.
onSecuresessionTriggered when a client initiates a STARTTLS connection.
onMAILFROMaddress, sessionTriggered when the MAIL FROM command is issued.
onRCPTTOaddress, sessionTriggered when the RCPT TO command is issued.
onDATAmessage, sessionTriggered when the DATA phase begins.
Handling Connections with Hooks

Here's a basic example of handling an incoming email:

server.onMAILFROM((address, session) => {
  // Validate the sender's address
  if (address.includes('blacklisted.com')) {
    throw new Response('Sender address rejected', 550, [5, 7, 1]);
  }
  // You can return true if you want the server to send a default message.
  return true;
});

server.onRCPTTO(async (address, session) => {
  // Check if recipient is allowed
   const allowed = await isAllowedRecipient(address);
  if (!allowed) {
    throw new Repsonse('Recipient does not exist', 550, [5, 1, 1]);
  }
  // If you return a Response, the default message is overwritten
  return new Response('${address} OK', 250, [2, 1, 5]) 
});

Events

Using events allows you to parse session events without freezing the client-server conversation. This is useful if you don't expect to reject a message, but just parse and store it.

Event NameArgumentsDescription
CONNECTsessionEmitted when a client connects.
disconnectsessionEmitted when a client disconnects.
securesessionEmitted when a STARTTLS connection is established.
commandsession, messageEmitted for every incoming command.
EHLOsession, domainEmitted when EHLO command is received.
MAILsession, addressEmitted when MAIL FROM command is received.
RCPTsession, addressEmitted when RCPT TO command is received.
MESSAGEsession, messageEmitted when the message data is received.
Handling Connections with Events
server.on('connect', (session) => {
  console.log(`${session.clientIP} connected.`);
});

server.on('MAIL', (session, address) => {
  console.log(`${session.id} set sender address to ${address}`);
});

Configuration

The server supports customization by passing options directly to the server constructor. Below are some common configuration options:

  • port: (Number) The port on which the server should listen (default is 25).
  • tlsOptions: (Object) Options for TLS setup. Allowed values are the TLSSocket options.
  • maxMessageSize: (Number) Maximum allowed size of an email message.
  • greeting: (String) The greeting part of SMTP status codes. (default is the computer hostname).

Logging

By default, the server provides basic logging of connections, disconnections, and commands received. You can enhance the logging by listening to events and writing custom log handlers.

Contributing

Contributions are welcome! If you'd like to contribute:

  1. Fork the repository.
  2. Create a new feature branch.
  3. Commit your changes and open a pull request with a description of the changes.

License

This project is licensed under the GPLv3 License. See the LICENSE file for more information.

Keywords

FAQs

Package last updated on 14 Oct 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc