751 lines
19 KiB
Go
751 lines
19 KiB
Go
package main
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net"
|
|
"net/url"
|
|
"os"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"crypto/ed25519"
|
|
"crypto/tls"
|
|
"encoding/json"
|
|
"git.ailur.dev/ailur/smtp"
|
|
"github.com/emersion/go-imap/server"
|
|
"github.com/golang-jwt/jwt/v5"
|
|
"github.com/google/uuid"
|
|
"net/http"
|
|
"net/textproto"
|
|
|
|
library "git.ailur.dev/ailur/fg-library/v2"
|
|
nucleusLibrary "git.ailur.dev/ailur/fg-nucleus-library"
|
|
)
|
|
|
|
var ServiceInformation = library.Service{
|
|
Name: "kittemail",
|
|
Permissions: library.Permissions{
|
|
Authenticate: true,
|
|
Database: true,
|
|
BlobStorage: true,
|
|
InterServiceCommunication: true,
|
|
Resources: false,
|
|
},
|
|
ServiceID: uuid.MustParse("068b0c04-d8c8-4738-90fa-d3827f5abf68"),
|
|
}
|
|
|
|
// Log a message to the logger service
|
|
// messageType:
|
|
// 0 - Information
|
|
// 1 - Warning
|
|
// 2 - Error
|
|
// 3 - Guru (exits immediately)
|
|
func log(message string, messageType uint64) {
|
|
Information.Outbox <- library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000002"),
|
|
MessageType: messageType,
|
|
SentAt: time.Now(),
|
|
Message: message,
|
|
}
|
|
}
|
|
|
|
// Authenticate Fake for testing
|
|
func Authenticate(token string, config OAuthConfig) (uuid.UUID, error) {
|
|
println("called")
|
|
return uuid.MustParse("e59fece6-256f-4799-bb31-321268387d12"), nil
|
|
}
|
|
|
|
// GetUsername Fake for testing
|
|
func GetUsername(token string, config OAuthConfig) (string, error) {
|
|
return "arzumify", nil
|
|
}
|
|
|
|
func RAuthenticate(token string, config OAuthConfig) (uuid.UUID, error) {
|
|
parsedToken, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
|
|
return config.PublicKey, nil
|
|
})
|
|
if err != nil {
|
|
return uuid.Nil, err
|
|
}
|
|
|
|
if !parsedToken.Valid {
|
|
return uuid.Nil, errors.New("invalid token")
|
|
}
|
|
|
|
claims, ok := parsedToken.Claims.(jwt.MapClaims)
|
|
if !ok {
|
|
return uuid.Nil, errors.New("invalid token")
|
|
}
|
|
|
|
date, err := claims.GetExpirationTime()
|
|
if err != nil || date.Before(time.Now()) || claims["sub"] == nil || claims["isOpenID"] == nil || claims["isOpenID"].(bool) {
|
|
return uuid.Nil, errors.New("invalid token")
|
|
}
|
|
|
|
return uuid.MustParse(claims["sub"].(string)), nil
|
|
}
|
|
|
|
func RGetUsername(token string, config OAuthConfig) (string, error) {
|
|
var responseData struct {
|
|
Username string `json:"username"`
|
|
}
|
|
|
|
request, err := http.NewRequest("GET", config.HostName+"/api/oauth/userinfo", nil)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
request.Header.Set("Authorization", "Bearer "+token)
|
|
|
|
response, err := http.DefaultClient.Do(request)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if response.StatusCode != 200 || response.Body == nil || response.Body == http.NoBody {
|
|
return "", errors.New("invalid response")
|
|
}
|
|
|
|
err = json.NewDecoder(response.Body).Decode(&responseData)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
return responseData.Username, nil
|
|
}
|
|
|
|
func StoreFile(name string, data []byte, owner uuid.UUID) error {
|
|
response, err := timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000003"),
|
|
MessageType: 3,
|
|
SentAt: time.Now(),
|
|
Message: nucleusLibrary.File{
|
|
Name: name,
|
|
User: owner,
|
|
Bytes: data,
|
|
},
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 0:
|
|
return nil
|
|
case 1, 2:
|
|
return response.Message.(error)
|
|
default:
|
|
return errors.New("unknown error")
|
|
}
|
|
}
|
|
|
|
func GetFile(name string, owner uuid.UUID) (*os.File, error) {
|
|
response, err := timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000003"),
|
|
MessageType: 4,
|
|
SentAt: time.Now(),
|
|
Message: nucleusLibrary.File{
|
|
Name: name,
|
|
User: owner,
|
|
},
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 0:
|
|
file, ok := response.Message.(*os.File)
|
|
if !ok {
|
|
return nil, errors.New("invalid response")
|
|
}
|
|
|
|
return file, nil
|
|
case 1, 2:
|
|
return nil, errors.New(response.Message.(string))
|
|
default:
|
|
return nil, errors.New("unknown error")
|
|
}
|
|
}
|
|
|
|
func DeleteFile(name string, owner uuid.UUID) error {
|
|
response, err := timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000003"),
|
|
MessageType: 5,
|
|
SentAt: time.Now(),
|
|
Message: nucleusLibrary.File{
|
|
Name: name,
|
|
User: owner,
|
|
},
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 0:
|
|
return nil
|
|
case 1, 2:
|
|
return response.Message.(error)
|
|
default:
|
|
return errors.New("unknown error")
|
|
}
|
|
}
|
|
|
|
func timedOutInterServiceMessage(message library.InterServiceMessage, timeout time.Duration) (response library.InterServiceMessage, err error) {
|
|
Information.Outbox <- message
|
|
|
|
var stopped sync.Once
|
|
stop := make(chan struct{})
|
|
|
|
go func() {
|
|
time.Sleep(timeout)
|
|
if response == (library.InterServiceMessage{}) {
|
|
err = errors.New("timed out")
|
|
stopped.Do(func() {
|
|
close(stop)
|
|
})
|
|
}
|
|
}()
|
|
|
|
go func() {
|
|
for {
|
|
select {
|
|
case response = <-Information.Inbox:
|
|
stopped.Do(func() {
|
|
close(stop)
|
|
})
|
|
return
|
|
case <-stop:
|
|
return
|
|
}
|
|
}
|
|
}()
|
|
|
|
select {
|
|
case <-stop:
|
|
return
|
|
}
|
|
}
|
|
|
|
func getDatabase() (database library.Database, err error) {
|
|
var response library.InterServiceMessage
|
|
response, err = timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000001"),
|
|
MessageType: 1,
|
|
SentAt: time.Now(),
|
|
Message: nil,
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 2:
|
|
var ok bool
|
|
database, ok = response.Message.(library.Database)
|
|
if !ok {
|
|
err = errors.New("database not found")
|
|
return
|
|
}
|
|
|
|
err = setupDatabase(database)
|
|
if err != nil {
|
|
return
|
|
}
|
|
case 1, 0:
|
|
err = errors.New(response.Message.(string))
|
|
default:
|
|
err = errors.New("unknown error")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func getPublicKey() (publicKey ed25519.PublicKey, err error) {
|
|
var response library.InterServiceMessage
|
|
response, err = timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000004"),
|
|
MessageType: 2,
|
|
SentAt: time.Now(),
|
|
Message: nil,
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 2:
|
|
var ok bool
|
|
publicKey, ok = response.Message.(ed25519.PublicKey)
|
|
if !ok {
|
|
err = errors.New("publicKey not found")
|
|
return
|
|
}
|
|
default:
|
|
err = errors.New("unknown error")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func getOAuthHostName() (hostName string, err error) {
|
|
var response library.InterServiceMessage
|
|
response, err = timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000004"),
|
|
MessageType: 0,
|
|
SentAt: time.Now(),
|
|
Message: nil,
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 0:
|
|
var ok bool
|
|
hostName, ok = response.Message.(string)
|
|
if !ok {
|
|
err = errors.New("oauthHostName not found")
|
|
return
|
|
}
|
|
case 1, 2:
|
|
err = response.Message.(error)
|
|
default:
|
|
err = errors.New("unknown error")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func registerOAuth(hostName string) (oauthRegistration nucleusLibrary.OAuthResponse, err error) {
|
|
var urlPath string
|
|
urlPath, err = url.JoinPath(hostName, "/oauth")
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
var response library.InterServiceMessage
|
|
response, err = timedOutInterServiceMessage(library.InterServiceMessage{
|
|
ServiceID: ServiceInformation.ServiceID,
|
|
ForServiceID: uuid.MustParse("00000000-0000-0000-0000-000000000004"),
|
|
MessageType: 1,
|
|
SentAt: time.Now(),
|
|
Message: nucleusLibrary.OAuthInformation{
|
|
Name: "Kittemail",
|
|
RedirectUri: urlPath,
|
|
Scopes: []string{"openid"},
|
|
},
|
|
}, 3*time.Second)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
switch response.MessageType {
|
|
case 0:
|
|
var ok bool
|
|
oauthRegistration, ok = response.Message.(nucleusLibrary.OAuthResponse)
|
|
if !ok {
|
|
err = errors.New("oauthRegistration not found")
|
|
}
|
|
case 1, 2:
|
|
err = errors.New(response.Message.(string))
|
|
default:
|
|
err = errors.New("unknown error")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func beginInitialisation(hostName string) (database library.Database, publicKey ed25519.PublicKey, oauthHostName string, oauthRegistration nucleusLibrary.OAuthResponse, err error) {
|
|
database, err = getDatabase()
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
publicKey, err = getPublicKey()
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
oauthHostName, err = getOAuthHostName()
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
oauthRegistration, err = registerOAuth(hostName)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func setupDatabase(database library.Database) error {
|
|
if database.DBType == library.Sqlite {
|
|
_, err := database.DB.Exec("CREATE TABLE IF NOT EXISTS emails (id BLOB NOT NULL PRIMARY KEY, prefix TEXT NOT NULL, suffix TEXT NOT NULL, creator BLOB NOT NULL, UNIQUE(prefix, suffix))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = database.DB.Exec("CREATE TABLE IF NOT EXISTS mailboxes (id BLOB NOT NULL PRIMARY KEY, owner BLOB NOT NULL, mailbox TEXT NOT NULL, subscribed BOOLEAN NOT NULL DEFAULT FALSE, UNIQUE(mailbox, owner))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = database.DB.Exec("CREATE TABLE IF NOT EXISTS messages (id BLOB NOT NULL PRIMARY KEY, owner BLOB NOT NULL, uid INTEGER NOT NULL, created INTEGER NOT NULL, bodySize INTEGER NOT NULL, flags TEXT NOT NULL, mailbox BLOB NOT NULL, FOREIGN KEY (mailbox) REFERENCES mailboxes(id))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
} else {
|
|
_, err := database.DB.Exec("CREATE TABLE IF NOT EXISTS emails (id BYTEA NOT NULL PRIMARY KEY, prefix TEXT NOT NULL, suffix TEXT NOT NULL, creator BYTEA NOT NULL, UNIQUE(prefix, suffix))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = database.DB.Exec("CREATE TABLE IF NOT EXISTS mailboxes (id BYTEA NOT NULL PRIMARY KEY, owner BLOB NOT NULL, mailbox TEXT NOT NULL, subscribed BOOLEAN NOT NULL DEFAULT FALSE, UNIQUE(mailbox, owner))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = database.DB.Exec("CREATE TABLE IF NOT EXISTS messages (id BYTEA NOT NULL PRIMARY KEY, owner BYTEA NOT NULL, uid BIGINT NOT NULL, created INTEGER NOT NULL, bodySize BIGINT NOT NULL, flags TEXT NOT NULL, mailbox BYTEA NOT NULL, FOREIGN KEY (mailbox) REFERENCES mailboxes(id))")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type ByteLiteral struct {
|
|
UnderlyingReader io.Reader
|
|
Length int
|
|
}
|
|
|
|
func (l *ByteLiteral) Read(p []byte) (n int, err error) {
|
|
return l.UnderlyingReader.Read(p)
|
|
}
|
|
|
|
func (l *ByteLiteral) Len() int {
|
|
return l.Length
|
|
}
|
|
|
|
var (
|
|
Information library.ServiceInitializationInformation
|
|
Database library.Database
|
|
SMTPDatabaseBackend = smtp.DatabaseBackend{
|
|
CheckUser: func(address *smtp.Address) (bool, error) {
|
|
var prefix, suffix string
|
|
err := Database.DB.QueryRow("SELECT prefix, suffix FROM emails WHERE prefix = $1 AND suffix = $2", address.Name, address.Address).Scan(&prefix, &suffix)
|
|
if err != nil {
|
|
return false, errors.New("503 5.5.1 User not found")
|
|
}
|
|
|
|
if prefix == address.Name && suffix == address.Address {
|
|
return true, nil
|
|
} else {
|
|
return false, nil
|
|
}
|
|
},
|
|
WriteMail: func(mail *smtp.Mail) error {
|
|
for _, recipient := range mail.To {
|
|
var idRaw []byte
|
|
err := Database.DB.QueryRow("SELECT creator FROM emails WHERE prefix = $1 AND suffix = $2", recipient.Name, recipient.Address).Scan(&idRaw)
|
|
if err != nil {
|
|
return errors.New("503 5.5.1 User not found")
|
|
}
|
|
|
|
user := &User{
|
|
sub: uuid.Must(uuid.FromBytes(idRaw)),
|
|
openMessages: make(map[*Message]struct{}),
|
|
}
|
|
|
|
mailbox, err := user.GetMailbox("INBOX")
|
|
if err != nil {
|
|
return errors.New("503 5.5.1 User not found")
|
|
}
|
|
|
|
err = mailbox.CreateMessage(nil, time.Now(), &ByteLiteral{
|
|
UnderlyingReader: bytes.NewReader(mail.Data),
|
|
Length: len(mail.Data),
|
|
})
|
|
if err != nil {
|
|
return errors.New("421 4.7.0 Error storing message")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
return nil
|
|
},
|
|
}
|
|
)
|
|
|
|
func NewSMTPAuthenticationBackend(OAuthRegistration OAuthConfig) smtp.AuthenticationBackend {
|
|
return smtp.AuthenticationBackend{
|
|
SupportedMechanisms: []string{"PLAIN", "XOAUTH2", "OAUTHBEARER"},
|
|
Authenticate: func(initial string, conn *textproto.Conn) (checkAddr smtp.CheckAddress, finalErr error) {
|
|
initialResponse := strings.SplitN(initial, " ", 2)
|
|
|
|
var username, token string
|
|
switch initialResponse[0] {
|
|
case "PLAIN":
|
|
credentials, err := base64.StdEncoding.DecodeString(initialResponse[1])
|
|
if err != nil {
|
|
return nil, errors.New("421 4.7.0 Malformed credentials")
|
|
}
|
|
|
|
credentialSlice := bytes.SplitN(bytes.TrimPrefix(credentials, []byte{0x00}), []byte{0x00}, 2)
|
|
username = string(credentialSlice[0])
|
|
token = string(credentialSlice[1])
|
|
case "OAUTHBEARER", "XOAUTH2":
|
|
credentials, err := base64.StdEncoding.DecodeString(initialResponse[1])
|
|
if err != nil {
|
|
return nil, errors.New("421 4.7.0 Malformed credentials")
|
|
}
|
|
|
|
credentialSlice := bytes.SplitN(bytes.TrimSuffix(bytes.TrimPrefix(credentials, []byte("user=")), []byte{0x01, 0x01}), []byte{0x01}, 2)
|
|
username = string(credentialSlice[0])
|
|
token = string(credentialSlice[1])
|
|
default:
|
|
return nil, errors.New("503 5.5.1 Invalid authentication method: " + initialResponse[0])
|
|
}
|
|
|
|
fmt.Println("Username: " + username)
|
|
fmt.Println("Token: " + token)
|
|
|
|
sub, err := Authenticate(token, OAuthRegistration)
|
|
if err != nil {
|
|
return nil, errors.New("421 4.7.0 Invalid credentials")
|
|
}
|
|
|
|
usernameCheck, err := GetUsername(token, OAuthRegistration)
|
|
if err != nil {
|
|
return nil, errors.New("421 4.7.0 Invalid credentials")
|
|
}
|
|
|
|
if username != usernameCheck {
|
|
return nil, errors.New("421 4.7.0 Username does not match")
|
|
}
|
|
|
|
return func(address *smtp.Address) (bool, error) {
|
|
rows, err := Database.DB.Query("SELECT prefix, suffix FROM emails WHERE creator = $1", sub[:])
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
defer func() {
|
|
err := rows.Close()
|
|
if err != nil {
|
|
log("Failed to close rows: "+err.Error()+", resource leaks may occur", 1)
|
|
}
|
|
}()
|
|
|
|
for rows.Next() {
|
|
var prefix, suffix string
|
|
err = rows.Scan(&prefix, &suffix)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if address.Name == prefix && address.Address == suffix {
|
|
return true, nil
|
|
}
|
|
}
|
|
|
|
return false, nil
|
|
}, nil
|
|
},
|
|
}
|
|
}
|
|
|
|
func parseConfig() (hostName string, listenerHost string, ownedDomains []string, enforceTLS bool, enableTLS bool, certificatePath string, keyPath string, err error) {
|
|
var ok bool
|
|
hostName, ok = Information.Configuration["hostName"].(string)
|
|
if !ok {
|
|
err = errors.New("hostName not found")
|
|
return
|
|
}
|
|
|
|
listenerHost, ok = Information.Configuration["listenerHost"].(string)
|
|
if !ok {
|
|
err = errors.New("listenerHost not found")
|
|
return
|
|
}
|
|
|
|
ownedDomains, ok = Information.Configuration["ownedDomains"].([]string)
|
|
if !ok {
|
|
err = errors.New("ownedDomains not found")
|
|
return
|
|
}
|
|
|
|
enforceTLS, ok = Information.Configuration["enforceTLS"].(bool)
|
|
if !ok {
|
|
err = errors.New("enforceTLS not found")
|
|
return
|
|
}
|
|
|
|
enableTLS, ok = Information.Configuration["enableTLS"].(bool)
|
|
if !ok {
|
|
err = errors.New("enableTLS not found")
|
|
return
|
|
}
|
|
|
|
if enforceTLS && !enableTLS {
|
|
err = errors.New("cannot enforce TLS without enabling it")
|
|
return
|
|
}
|
|
|
|
if enableTLS {
|
|
tlsConfiguration, ok := Information.Configuration["tlsConfiguration"].(map[string]interface{})
|
|
if !ok {
|
|
err = errors.New("tlsConfiguration not found")
|
|
return
|
|
}
|
|
|
|
certificatePath, ok = tlsConfiguration["certificatePath"].(string)
|
|
if !ok {
|
|
err = errors.New("certificatePath not found")
|
|
return
|
|
}
|
|
|
|
keyPath, ok = tlsConfiguration["keyPath"].(string)
|
|
if !ok {
|
|
err = errors.New("keyPath not found")
|
|
return
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func getTLSConfig(enableTLS bool, certificatePath string, keyPath string) (tlsConfig *tls.Config, err error) {
|
|
if enableTLS {
|
|
certificate, err := tls.LoadX509KeyPair(certificatePath, keyPath)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
tlsConfig = &tls.Config{
|
|
Certificates: []tls.Certificate{certificate},
|
|
}
|
|
} else {
|
|
tlsConfig = &tls.Config{
|
|
GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
|
return nil, errors.New("TLS disabled in configuration")
|
|
},
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func Main(information library.ServiceInitializationInformation) {
|
|
Information = information
|
|
hostName, listenerHost, ownedDomains, enforceTLS, enableTLS, certificatePath, keyPath, err := parseConfig()
|
|
|
|
var oauthConfig OAuthConfig
|
|
// var oauthRegistration nucleusLibrary.OAuthResponse
|
|
Database, oauthConfig.PublicKey, oauthConfig.HostName, _, err = beginInitialisation(hostName)
|
|
if err != nil {
|
|
log("Failed to initialise: "+err.Error(), 3)
|
|
return
|
|
}
|
|
|
|
imapBackend := &Backend{oauthConfig: oauthConfig}
|
|
|
|
tlsConfig, err := getTLSConfig(enableTLS, certificatePath, keyPath)
|
|
if err != nil {
|
|
log("Failed to get TLS config: "+err.Error(), 3)
|
|
return
|
|
}
|
|
|
|
// Plaintext IMAP port
|
|
go func() {
|
|
imapServer := server.New(imapBackend)
|
|
if !enforceTLS {
|
|
imapServer.AllowInsecureAuth = true
|
|
}
|
|
imapServer.TLSConfig = tlsConfig
|
|
imapServer.Addr = listenerHost + ":143"
|
|
err := imapServer.ListenAndServe()
|
|
if err != nil {
|
|
log("Failed to serve IMAP: "+err.Error(), 3)
|
|
}
|
|
}()
|
|
|
|
// Implicit TLS IMAP port
|
|
go func() {
|
|
imapServer := server.New(imapBackend)
|
|
if !enforceTLS {
|
|
imapServer.AllowInsecureAuth = true
|
|
}
|
|
imapServer.TLSConfig = tlsConfig
|
|
imapServer.Addr = listenerHost + ":993"
|
|
err := imapServer.ListenAndServeTLS()
|
|
if err != nil {
|
|
log("Failed to serve IMAP: "+err.Error(), 3)
|
|
}
|
|
}()
|
|
|
|
var smtpTLSConfig *tls.Config
|
|
if enableTLS {
|
|
smtpTLSConfig = tlsConfig
|
|
}
|
|
|
|
// SMTP Proxy port
|
|
go func() {
|
|
smtpListener, err := net.Listen("tcp", ":25")
|
|
if err != nil {
|
|
log("Failed to listen on port 25: "+err.Error(), 3)
|
|
return
|
|
}
|
|
|
|
smtpBackend := smtp.NewReceiver(smtpListener, hostName, ownedDomains, enforceTLS, SMTPDatabaseBackend, NewSMTPAuthenticationBackend(oauthConfig), smtpTLSConfig)
|
|
err = smtpBackend.Serve()
|
|
if err != nil {
|
|
log("Failed to serve SMTP: "+err.Error(), 3)
|
|
}
|
|
}()
|
|
|
|
// Plaintext submission port
|
|
go func() {
|
|
smtpListener, err := net.Listen("tcp", ":587")
|
|
if err != nil {
|
|
log("Failed to listen on port 587: "+err.Error(), 3)
|
|
return
|
|
}
|
|
smtpBackend := smtp.NewReceiver(smtpListener, hostName, ownedDomains, enforceTLS, SMTPDatabaseBackend, NewSMTPAuthenticationBackend(oauthConfig), smtpTLSConfig)
|
|
err = smtpBackend.Serve()
|
|
if err != nil {
|
|
log("Failed to serve SMTP submission: "+err.Error(), 3)
|
|
}
|
|
}()
|
|
|
|
// Implicit TLS Submission port
|
|
go func() {
|
|
smtpListener, err := net.Listen("tcp", ":465")
|
|
if err != nil {
|
|
log("Failed to listen on port 587: "+err.Error(), 3)
|
|
return
|
|
}
|
|
smtpBackend := smtp.NewReceiver(tls.NewListener(smtpListener, tlsConfig), hostName, ownedDomains, enforceTLS, SMTPDatabaseBackend, NewSMTPAuthenticationBackend(oauthConfig), smtpTLSConfig)
|
|
err = smtpBackend.Serve()
|
|
if err != nil {
|
|
log("Failed to serve SMTP submission: "+err.Error(), 3)
|
|
}
|
|
}()
|
|
}
|