Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
smtp-server-as-promised
Advanced tools
This module provides promisified version of
smtp-server
module. The API is
the same as for smtp-server
, except listen
method which return
Promise
object and callback options which are Promise
objects.
This module requires Node >= 5. For Node < 6 --harmony
flag is required.
npm install smtp-server-as-promised
smtp-server-as-promised
can be used like standard smtp-server
module:
const SMTPServerAsPromised = require('smtp-server-as-promised')
Typescript:
import SMTPServerAsPromised from 'smtp-server-as-promised'
const server = new SMTPServerAsPromised(options)
Create new SMTPServer instance.
Example:
const server = new SMTPServerAsPromised({
port: 2525,
onConnect, onMailFrom, onData, onError
})
Options are the same as for original smtp-server
constructor. Additionally the
default host
, port
and backlog
might be provided for listen
method.
Callback handlers are Promise
objects or async
functions:
async function onConnect (session) {
console.log(`[${session.id}] onConnect`)
}
async function onAuth (auth, session) {
if (auth.method === 'PLAIN' && auth.username === 'username' && auth.password === 'password') {
return {user: auth.username}
} else {
throw new Error('Invalid username or password')
}
}
This method must return the object with user
property.
async function onMailFrom (from, session) {
console.log(`[${session.id}] onMailFrom ${from.address}`)
if (from.address.split('@')[1] === 'spammer.com') {
throw new Error('we do not like spam!')
}
}
An errors can be thrown and then are handled by server in response message.
async function onRcptTo (to, session) {
console.log(`[${session.id}] onRcptTo ${to.address}`)
if (from.address.split('@')[1] === 'spammer.com') {
throw new Error('we do not like spam!')
}
}
async function onData (stream, session) {
console.log(`[${session.id}] onData started`)
session.messageLength = 0
for (let chunk; (chunk = await stream.read());) {
console.log(`[${session.id}] onData got data chunk ${chunk.length} bytes`)
session.messageLength += chunk.length
}
console.log(`[${session.id}] onData finished after reading ${session.messageLength} bytes`)
}
stream
object is a standard
stream.Readable
object.
Warning: if an error occures in onData
handler, stream have to be consumed
before return from function.
Example:
const NullWritable = require('null-writable')
async function onData (stream, session) {
try {
throw new Error('Something bad happened')
} catch (e) {
stream.pipe(new NullWritable()) // read it to the end
throw e // rethrow original error
}
}
async function onError (e) {
console.log('Server error:', e)
}
const promise = server.listen(port[,host][,backlog])
Start the server instance. This method returns promise which returns address
as its value.
Example:
async function main () {
const address = await server.listen(2525)
console.log(`Listening on [${address.address}]:${address.port}`)
}
const promise = server.close()
Stop the server from accepting new connections.
Example:
async function main () {
// ...
await server.close()
console.log(`Server was stopped`)
}
server.updateSecureContext(options)
Update TLS secure context.
Example:
server.updateSecureContext({ key: tlsKeyPem })
Copyright (c) 2016-2018 Piotr Roszatycki piotr.roszatycki@gmail.com
v3.3.1 2018-02-13
TlsOptions
type.FAQs
Promisify smtp-server module
The npm package smtp-server-as-promised receives a total of 31 weekly downloads. As such, smtp-server-as-promised popularity was classified as not popular.
We found that smtp-server-as-promised demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.