Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
SMTP Server and Web Interface for reading and testing emails during development
MailDev is a simple way to test email sending functionality during development. It acts as a SMTP server that captures emails and displays them in a web interface, allowing developers to view and test emails without sending them to real email addresses.
SMTP Server
MailDev can be used as a SMTP server to capture emails sent from your application. The code sample demonstrates how to start MailDev on port 1025.
const maildev = new MailDev();
maildev.listen(1025);
Web Interface
MailDev provides a web interface to view captured emails. This code snippet shows how to start the web interface on the default port 1080.
maildev.listen(1025, function() {
console.log('MailDev web interface running at http://localhost:1080');
});
Email Retrieval via API
MailDev offers an API to retrieve emails programmatically. The example fetches all emails from the MailDev server using a simple HTTP GET request.
fetch('http://localhost:1080/email')
.then(response => response.json())
.then(emails => console.log(emails));
Nodemailer is a module for Node.js applications to send emails. Unlike MailDev, which is used for capturing and testing emails, Nodemailer is used for sending emails in production environments. It provides various transport methods, including SMTP, and is highly configurable.
MailHog is a similar tool to MailDev, designed to capture and display emails sent by applications. It provides a web interface and API for viewing and managing emails. MailHog is written in Go and can be used across different platforms, offering similar functionalities to MailDev.
SMTP Server is a Node.js module that provides an SMTP server for testing purposes. It allows developers to create custom SMTP servers for capturing emails. While it doesn't provide a web interface like MailDev, it offers more flexibility in terms of server customization.
MailDev is a simple way to test your project's generated emails during development with an easy to use web interface that runs on your machine built on top of Node.js.
$ npm install -g maildev
$ maildev
If you want to use MailDev with Docker, you can use the djfarrelly/maildev image on Docker Hub. For a guide for usage with Docker, checkout the docs.
$ docker run -p 1080:80 -p 1025:25 djfarrelly/maildev
For convenient use with Grunt, try grunt-maildev.
maildev [options]
-h, --help output usage information
-V, --version output the version number
-s, --smtp <port> SMTP port to catch emails [1025]
-w, --web <port> Port to run the Web GUI [1080]
--ip <ip address> IP Address to bind SMTP service to
--outgoing-host <host> SMTP host for outgoing emails
--outgoing-port <port> SMTP port for outgoing emails
--outgoing-user <user> SMTP user for outgoing emails
--outgoing-pass <password> SMTP password for outgoing emails
--outgoing-secure Use SMTP SSL for outgoing emails
--auto-relay [email] Use auto-relay mode. Optional relay email address
--auto-relay-rules <file> Filter rules for auto relay mode
--incoming-user <user> SMTP user for incoming emails
--incoming-pass <pass> SMTP password for incoming emails
--web-ip <ip address> IP Address to bind HTTP service to, defaults to --ip
--web-user <user> HTTP user for GUI
--web-pass <password> HTTP password for GUI
--base-pathname <path> base path for URLs
--disable-web Disable the use of the web interface. Useful for unit testing
--hide-extensions <extensions> Comma separated list of SMTP extensions to NOT advertise
(STARTTLS, SMTPUTF8, PIPELINING, 8BITMIME)
-o, --open Open the Web GUI after startup
-v, --verbose
--silent
MailDev can be used in your Node.js application. For more info view the API docs.
const MailDev = require('maildev')
const maildev = new MailDev()
maildev.listen()
maildev.on('new', function (email) {
// We got a new email!
})
MailDev also has a REST API. For more info view the docs.
Maildev optionally supports selectively relaying email to an outgoing SMTP server. If you configure outgoing email with the --outgoing-* options you can click "Relay" on an individual email to relay through MailDev out to a real SMTP service that will actually send the email to the recipient.
Example:
$ maildev --outgoing-host smtp.gmail.com \
--outgoing-secure \
--outgoing-user 'you@gmail.com' \
--outgoing-pass '<pass>'
Enabling the auto relay mode will automatically send each email to it's recipient without the need to click the "Relay" button mentioned above. The outgoing email options are required to enable this feature.
Optionally you may pass an single email address which Maildev will forward all
emails to instead of the original recipient. For example, using
--auto-relay you@example.com
will forward all emails to that address
automatically.
Additionally, you can pass a valid json file with additional configuration for
what email addresses you would like to allow
or deny
. The last matching
rule in the array will be the rule MailDev will follow.
Example:
$ maildev --outgoing-host smtp.gmail.com \
--outgoing-secure \
--outgoing-user 'you@gmail.com' \
--outgoing-pass '<pass>' \
--auto-relay \
--auto-relay-rules file.json
Rules example file:
[
{ "allow": "*" },
{ "deny": "*@test.com" },
{ "allow": "ok@test.com" },
{ "deny": "*@utah.com" },
{ "allow": "johnny@utah.com" }
]
This would allow angelo@fbi.gov
, ok@test.com
, johnny@utah.com
, but deny
bodhi@test.com
.
Configure your application to send emails via port 1025
and open localhost:1080
in your browser.
Nodemailer (v1.0+)
const transport = nodemailer.createTransport({
port: 1025,
ignoreTLS: true,
// other settings...
})
Nodemailer (v0.7)
const transport = nodemailer.createTransport('SMTP', {
port: 1025,
// other settings...
})
Django -- Add EMAIL_PORT = 1025
in your settings file [source]
Rails -- config settings:
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
address: "localhost",
port: 1025,
enable_starttls_auto: false
}
Drupal -- Install and configure SMTP module or use a library like SwiftMailer.
If you're using MailDev and you have a great idea, I'd love to hear it. If you're not using MailDev because it lacks a feature, I'd love to hear that too. Add an issue to the repo here or contact me on twitter.
Any help on MailDev would be awesome. There is plenty of room for improvement. Feel free to create a Pull Request from small to big changes.
To run MailDev during development:
npm install
npm run dev
The "dev" task will run MailDev using nodemon and restart automatically when
changes are detected. On *.scss
file save, the css will also be recompiled.
Using test/send.js
, a few test emails will be sent every time the application
restarts.
The project uses the JavaScript Standard coding style.
To lint your code before submitting your PR, run npm run lint
.
To run the test suite:
$ npm test
MailDev is built on using great open source projects including Express, AngularJS, Font Awesome and two great projects from Andris Reinman: smtp-server and mailparser. Many thanks to Andris as his projects are the backbone of this app and to MailCatcher for the inspiration.
Additionally, thanks to all the awesome contributors to the project.
MIT
FAQs
SMTP Server and Web Interface for reading and testing emails during development
The npm package maildev receives a total of 60,565 weekly downloads. As such, maildev popularity was classified as popular.
We found that maildev demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.