Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
smtp-connection
Advanced tools
The smtp-connection npm package is a low-level module for handling SMTP (Simple Mail Transfer Protocol) connections. It allows you to connect to an SMTP server, authenticate, and send emails. This package is useful for developers who need fine-grained control over the SMTP communication process.
Connecting to an SMTP Server
This feature allows you to establish a connection to an SMTP server. You can specify the host, port, and whether to use a secure connection.
const SMTPConnection = require('smtp-connection');
const connection = new SMTPConnection({
host: 'smtp.example.com',
port: 587,
secure: false
});
connection.connect(function(err) {
if (err) {
console.error('Connection error:', err);
} else {
console.log('Connected to SMTP server');
}
});
Authenticating with the SMTP Server
This feature allows you to authenticate with the SMTP server using a username and password.
connection.login({
user: 'username',
pass: 'password'
}, function(err) {
if (err) {
console.error('Authentication error:', err);
} else {
console.log('Authenticated successfully');
}
});
Sending an Email
This feature allows you to send an email through the connected and authenticated SMTP server. You can specify the sender, recipient, subject, and body of the email.
const message = {
from: 'sender@example.com',
to: 'recipient@example.com',
subject: 'Test Email',
text: 'Hello, this is a test email.'
};
connection.send({
from: message.from,
to: message.to
}, message, function(err, info) {
if (err) {
console.error('Send error:', err);
} else {
console.log('Email sent:', info);
}
});
Nodemailer is a higher-level module for sending emails using various transport methods, including SMTP. It provides a simpler API and more features out of the box compared to smtp-connection, such as support for HTML content, attachments, and various authentication methods.
EmailJS is another package for sending emails via SMTP. It offers a straightforward API and supports features like attachments and HTML content. It is similar to Nodemailer but with a slightly different API design.
SMTP-Client is a low-level SMTP client similar to smtp-connection. It provides fine-grained control over the SMTP communication process but with a different API design. It is suitable for developers who need detailed control over the SMTP protocol.
SMTP client module. Connect to SMTP servers and send mail with it.
This module is the successor for the client part of the (now deprecated) SMTP module simplesmtp. For matching SMTP server see smtp-server.
Install with npm
npm install smtp-connection
Require in your script
const SMTPConnection = require('smtp-connection');
let connection = new SMTPConnection(options);
Where
options defines connection data
true
) or not (if false
)true
then logs to console. If value is not set or is false
then nothing is loggedsecure
option is true, then socket is upgraded from plaintext to ciphertextSMTPConnection instances are event emitters with the following events
Establish the connection
connection.connect(callback)
Where
After the connect event the connection
has the following properties:
true
then the connection uses a TLS socket, otherwise it is using a cleartext socket. Connection can start out as cleartext but if available (or requireTLS
is set to true) connection upgrade is triedIf the server requires authentication you can login with
connection.login(auth, callback)
Where
auth is the authentication object
pass
and xoauth2
values are set) or an XOAuth2 token generator object.callback is the callback to run once the authentication is finished. Callback has the following arguments
If a XOAuth2 token generator is used as the value for auth.xoauth2
then you do not need to set auth.user
. XOAuth2 generator generates required accessToken itself if it is missing or expired. In this case if the authentication fails, a new token is requeested and the authentication is retried. If it still fails, an error is returned.
XOAuth2 Example
let generator = require('xoauth2').createXOAuth2Generator({
user: '{username}',
clientId: '{Client ID}',
clientSecret: '{Client Secret}',
refreshToken: '{refresh-token}'
});
// listen for token updates
// you probably want to store these to a db
generator.on('token', function(token){
console.log('New token for %s: %s', token.user, token.accessToken);
});
// login
connection.login({
xoauth2: generator
}, callback);
smtp-connection
has experimental support for NTLM authentication. You can try it out like this:
connection.login({
domain: 'windows-domain',
workstation: 'windows-workstation',
user: 'user@somedomain.com',
pass: 'pass'
}, callback);
I do not have access to an actual server that supports NTLM authentication so this feature is untested and should be used carefully.
Once the connection is authenticated (or just after connection is established if authentication is not required), you can send mail with
connection.send(envelope, message, callback)
Where
envelope is the envelope object to use
envelope.from is the sender address
envelope.to is the recipient address or an array of addresses
envelope.size is an optional value of the predicted size of the message in bytes. This value is used if the server supports the SIZE extension (RFC1870)
envelope.use8BitMime if true
then inform the server that this message might contain bytes outside 7bit ascii range
envelope.dsn is the dsn options
message is either a String, Buffer or a Stream. All newlines are converted to \r\n and all dots are escaped automatically, no need to convert anything before.
callback is the callback to run once the sending is finished or failed. Callback has the following arguments
err and error object if sending failed
response
string (if available)info information object about accepted and rejected recipients
Use it for graceful disconnect
connection.quit();
Use it for less graceful disconnect
connection.close();
Use it to reset current session (invokes RSET command)
connection.reset(callback);
MIT
v3.1.0 2016-12-21
FAQs
Connect to SMTP servers
The npm package smtp-connection receives a total of 45,767 weekly downloads. As such, smtp-connection popularity was classified as popular.
We found that smtp-connection demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.