Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@vandmo/fake-smtp-server
Advanced tools
Readme
Fake SMTP Server is an email testing tool for QA & development teams. It allows manual testing in a web interface, and automated testing via an API.
Received mails are listed on http://localhost:1080/api/emails
, and looks like this:
[
{
"attachments": [],
"text": "Hi Bob!",
"textAsHtml": "<p>Hi Bob!</p>",
"subject": "Hi",
"date": "2017-09-18T16:12:16.000Z",
"to": {
"value": [
{
"address": "bob@example.com",
"name": "Bob"
}
],
"html": "<span class=\"mp_address_group\"><span class=\"mp_address_name\">Bob</span> <<a href=\"mailto:bob@example.com\" class=\"mp_address_email\">bob@example.com</a>></span>",
"text": "Bob <bob@example.com>"
},
"from": {
"value": [
{
"address": "joe@example.com",
"name": "Joe"
}
],
"html": "<span class=\"mp_address_group\"><span class=\"mp_address_name\">Joe</span> <<a href=\"mailto:joe@example.com\" class=\"mp_address_email\">joe@example.com</a>></span>",
"text": "Joe <joe@example.com>"
},
"messageId": "<1433879119.43.1505751136615@[10.143.108.87]>",
"html": false
}
]
You can filter emails with the following parameters:
from
: filter senderto
: filter recipientsince
: filter email dateuntil
: filter email dateExample:
GET http://localhost:1080/api/emails?from=joe@example.com&to=bob@example.com&since=2017-09-18T12:00:00Z&until=2017-09-19T00:00:00Z
By default, fake-smtp-server will not capture custom headers in emails. To enable headers, start the server with the --headers
flag. If enabled, headers will be serialized as an object type.
For reference for what headers look like, consult Nodemailer's documentation, but keep in mind that the HTTP endpoint returns plain JSON objects rather than Map
s.
To remove all emails without restarting the server:
DELETE http://localhost:1080/api/emails
Go to http://localhost:1080
npm install -g fake-smtp-server
Usage:
fake-smtp-server [OPTIONS] [ARGS]
Options:
-s, --smtp-port [NUMBER] SMTP port to listen on (Default is 1025)
--smtp-ip [IP] IP Address to bind SMTP service to (Default is 0.0.0.0)
-h, --http-port [NUMBER] HTTP port to listen on (Default is 1080)
--http-ip [IP] IP Address to bind HTTP service to (Default is 0.0.0.0)
-w, --whitelist STRING Only accept e-mails from these adresses. Accepts
multiple e-mails comma-separated
-m, --max [NUMBER] Max number of e-mails to keep (Default is 100)
-a, --auth STRING Enable Authentication
--headers Enable headers in responses
-k, --no-color Omit color from output
--debug Show debug information
These instructions below were tested on Ubuntu 18.04 LTS but they should work out of the box (or close to it) on any distribution using systemd and rsyslog.
fakesmtp.service
service unitsudo vim /etc/systemd/system/fakesmtp.service
with the following content[Unit]
Description=Fake SMTP service
After=network.target
StartLimitIntervalSec=0
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=fake-smtp-server
[Service]
Type=simple
Restart=always
RestartSec=1
ExecStart=/usr/local/bin/fake-smtp-server # You can add extra options and arguments here
[Install]
WantedBy=multi-user.target
sudo systemctl enable fakesmtp.service
sudo systemctl start fakesmtp.service
sudo systemctl stop fakesmtp.service
sudo systemctl restart fakesmtp.service
The output is recorded by default to /var/log/syslog
but you can create a separate log file for your service (in this example, logs will be saved to /var/log/fakesmtp.log
).
sudo vim /etc/rsyslog.d/fakesmtp.conf
with the following content:if $programname == 'fake-smtp-server' then /var/log/fakesmtp.log
& stop
systemctl restart rsyslog.service
systemctl restart fakesmtp.service
FAQs
Fake SMTP Server for email testing
The npm package @vandmo/fake-smtp-server receives a total of 2 weekly downloads. As such, @vandmo/fake-smtp-server popularity was classified as not popular.
We found that @vandmo/fake-smtp-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.