GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → richfelker → mxclient

richfelker / mxclient

Licence: MIT License
A minimalist client for sending mail direct to recipient's MX

Programming Languages

c
50402 projects - #5 most used programming language
Makefile
30231 projects

Labels

smtpdanesendmailpassword-resetstarttlsmail-exchanger

Projects that are alternatives of or similar to mxclient

DANE-for-SMTP
'DANE for SMTP' wiki
Stars: ✭ 28 (-3.45%)
Mutual labels:  smtp, dane, starttls
Free Email Forwarding
The best free email forwarding for custom domains. Visit our website to get started (SMTP server)
Stars: ✭ 2,024 (+6879.31%)
Mutual labels:  smtp, sendmail
Mail
The Hoa\Mail library.
Stars: ✭ 24 (-17.24%)
Mutual labels:  smtp, sendmail
ESP-Mail-Client
⚡️Arduino Mail Client Library to send, read and get incoming mail notification for ESP32, ESP8266 and SAMD21 devices. The library also supported other Arduino devices using Clients interfaces e.g. WiFiClient, EthernetClient, and GSMClient.
Stars: ✭ 78 (+168.97%)
Mutual labels:  smtp, sendmail
feed2email
RSS/Atom feed updates in your email
Stars: ✭ 37 (+27.59%)
Mutual labels:  smtp, sendmail
smtpdane
SMTP DANE testing tool
Stars: ✭ 15 (-48.28%)
Mutual labels:  smtp, dane
docker-protonmail-bridge
Run ProtonMail Bridge in a docker container
Stars: ✭ 34 (+17.24%)
Mutual labels:  smtp
tmail
A throwaway smtp server with API
Stars: ✭ 13 (-55.17%)
Mutual labels:  smtp
yggmail
End-to-end encrypted email for the mesh networking age
Stars: ✭ 72 (+148.28%)
Mutual labels:  smtp
mailcat
Fake SMTP server that prints emails to stdout
Stars: ✭ 39 (+34.48%)
Mutual labels:  smtp
mailcoach-support
Questions and support for Mailcoach
Stars: ✭ 32 (+10.34%)
Mutual labels:  smtp
flask-admin-boilerplate
Flask Admin Boilerplate with MongoDB
Stars: ✭ 63 (+117.24%)
Mutual labels:  smtp
Contact-Form-PHP
Simple and secure contact form using Ajax, validations inputs, SMTP protocol and Google reCAPTCHA v3 in PHP.
Stars: ✭ 28 (-3.45%)
Mutual labels:  smtp
haraka-plugin-mongodb
Plugin for the Haraka SMTP server to store incoming and outgoing emails to MongoDB
Stars: ✭ 25 (-13.79%)
Mutual labels:  smtp
Smtp-Cracker-V3
[NEW] : Simple Mail Transfer Protocol (SMTP) CHECKER - CRACKER Tool V3
Stars: ✭ 18 (-37.93%)
Mutual labels:  smtp
danetls
Program to test DANE enabled TLS Services
Stars: ✭ 18 (-37.93%)
Mutual labels:  dane
go-html-email
Sending HTML email using Go 💌
Stars: ✭ 31 (+6.9%)
Mutual labels:  smtp
polog
Логирование должно быть красивым
Stars: ✭ 26 (-10.34%)
Mutual labels:  smtp
php-smtp
Simple PHP SMTP Mail Send Script
Stars: ✭ 57 (+96.55%)
Mutual labels:  smtp
smtp-dkim-signer
SMTP-proxy that DKIM-signs e-mails before submission to an upstream SMTP-server.
Stars: ✭ 28 (-3.45%)
Mutual labels:  smtp
View All Similar Projects ➔

mxclient

mxclient is not a normal MTA. Rather, it's a minimalist client for sending mail direct to the recipient's MX, or mail exchanger, in contrast to the widespread practice of sending through a "smarthost" or "outgoing mail server".

In combination with sufficient cryptographic measures, this ensures that no one outside the receiving domain's mail system can intercept or alter the contents of the message, making mxclient suitable for:

  • Private bi-directional communication between individuals (with personal domains) or organizations that mutually implement this kind of delivery.

  • Delivery of sensitive data like account access or password reset tokens without them passing through third party mailer systems.

  • Avoiding dragnet surveillance of outgoing mail in otherwise conventional mail setups.

mxclient is not an outgoing mail queue. It delivers mail synchronously, to a single recipient, reporting success, temporary failure, or permanent failure via the exit status (using sysexits.h codes). It can be used as the backend for the separate queuing frontend to yield a full "sendmail" command for use by MUAs or scripts that expect asynchronous delivery.

Ability to send mail directly to the recipient's MX depends on having unblocked outgoing port 25 (many residential and mobile ISPs firewall it) and on not being on one of several "dialup"/residential IP address lists that many sites' mail systems use to block likely spammers. To get around this while still maintaining the security and privacy properties of interfacing directly with the recipient's MX, future versions of mxclient will support performing the actual TCP connection through a (SOCKS5 or ssh -W child process) proxy while keeping the actual TLS endpoint local.

Project Status

mxclient is incomplete but under active development. Proxy support is missing, and DANE modes other than DANE-EE with public key only (vs full cert) are untested. Otherwise all basic functionality is present.

Background on SMTP and TLS

SMTP does not use a separate port/service for TLS-encrypted sessions, but rather a "STARTTLS" command, advertised in the greeting response, to upgrade a connection to TLS. Originally this provided only opportunistic encryption that was easily stripped by MITM devices, and provided no authentication of the server to the client. Since the CA infrastructure used on the web does not carry over to SMTP, mail servers generally used self-signed certificates.

With DANE and DNSSEC, however, it's possible to have a full chain of trust for the intended recipient domain. In short, DANE publishes key or certificate pinnings for a domain in DNS records, and DNSSEC provides a signature chain proving the authenticity of both the DANE records and the conventional record types used for mail (MX for the domain's mail exchangers, and A/AAAA/CNAME records used to find the IP address of the server to send to).

mxclient uses the SMTP STARTTLS extension whenever it is advertised by the server or DANE is in use for the domain, and enforces DANE-EE unless it can determine non-existence of TLSA (DANE) records for the recipient domain's MX. It relies on a local DNSSEC-validating nameserver, ideally on localhost, to obtain this information.

Building

The only dependencies for mxclient are BearSSL and a libc with the arpa/nameser.h and res_query interfaces. Drop-in replacements for these can be used on systems that don't have them.

A config.mak file can be created to override default compile/link flags or install paths. Future versions will ship a configure script that can generate a config.mak for you.

After checking and adusting config as needed, simply run make. mxclient can be installed with make install, but installation is not needed to use it. The program is entirely self-contained and stand-alone.

Usage

Basic usage is:

mxclient -f [email protected] [email protected] < message

where message should be in standard RFC 822/2822 email message form, but is not processed locally by mxclient. In particular, a line containing a lone . is not special; input ends only at EOF (like sendmail with the -i option). Either ordinary newlines or CR/LF line endings (or any mix) are accepted.

mxclient accepts (and mostly ignores) a few common sendmail command line options, including -F, -i, and -o*. The only option it actually uses is -f, to set the envelope sender (for the MAIL FROM: command).

Exit code will be 75 for temporary/retryable errors, and another (from among sysexits.h codes) nonzero value for non-retryable errors, or zero for success. During operation, progress is printed to stdout.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].