2024-02-24 23:10:48 +13:00
|
|
|
// Package pop3 is a simple POP3 server for Mailpit.
|
|
|
|
// By default it is disabled unless password credentials have been loaded.
|
|
|
|
//
|
|
|
|
// References: https://github.com/r0stig/golang-pop3 | https://github.com/inbucket/inbucket
|
|
|
|
// See RFC: https://datatracker.ietf.org/doc/html/rfc1939
|
|
|
|
package pop3
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"crypto/tls"
|
|
|
|
"fmt"
|
2024-06-19 05:34:40 +02:00
|
|
|
"io"
|
2024-02-24 23:10:48 +13:00
|
|
|
"net"
|
|
|
|
"strconv"
|
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/axllent/mailpit/config"
|
|
|
|
"github.com/axllent/mailpit/internal/auth"
|
|
|
|
"github.com/axllent/mailpit/internal/logger"
|
|
|
|
"github.com/axllent/mailpit/internal/storage"
|
|
|
|
"github.com/axllent/mailpit/server/websockets"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2024-06-19 15:46:38 +12:00
|
|
|
// AUTHORIZATION is the initial state
|
2024-06-19 05:34:40 +02:00
|
|
|
AUTHORIZATION = 1
|
2024-06-19 15:46:38 +12:00
|
|
|
// TRANSACTION is the state after login
|
|
|
|
TRANSACTION = 2
|
|
|
|
// UPDATE is the state before closing
|
|
|
|
UPDATE = 3
|
2024-02-24 23:10:48 +13:00
|
|
|
)
|
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
// Run will start the POP3 server if enabled
|
2024-02-24 23:10:48 +13:00
|
|
|
func Run() {
|
|
|
|
if auth.POP3Credentials == nil || config.POP3Listen == "" {
|
|
|
|
// POP3 server is disabled without authentication
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var listener net.Listener
|
|
|
|
var err error
|
|
|
|
|
|
|
|
if config.POP3TLSCert != "" {
|
2024-03-24 21:37:37 +13:00
|
|
|
cer, err2 := tls.LoadX509KeyPair(config.POP3TLSCert, config.POP3TLSKey)
|
|
|
|
if err2 != nil {
|
|
|
|
logger.Log().Errorf("[pop3] %s", err2.Error())
|
2024-02-24 23:10:48 +13:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
tlsConfig := &tls.Config{
|
|
|
|
Certificates: []tls.Certificate{cer},
|
|
|
|
MinVersion: tls.VersionTLS12,
|
|
|
|
}
|
|
|
|
|
|
|
|
listener, err = tls.Listen("tcp", config.POP3Listen, tlsConfig)
|
|
|
|
} else {
|
|
|
|
// unencrypted
|
|
|
|
listener, err = net.Listen("tcp", config.POP3Listen)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
logger.Log().Errorf("[pop3] %s", err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
logger.Log().Infof("[pop3] starting on %s", config.POP3Listen)
|
|
|
|
|
|
|
|
for {
|
|
|
|
conn, err := listener.Accept()
|
|
|
|
if err != nil {
|
2024-06-19 05:34:40 +02:00
|
|
|
logger.Log().Errorf("[pop3] accept error: %s", err.Error())
|
2024-02-24 23:10:48 +13:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
// run as goroutine
|
|
|
|
go handleClient(conn)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type message struct {
|
|
|
|
ID string
|
2024-04-05 15:48:32 +13:00
|
|
|
Size float64
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
func handleClient(conn net.Conn) {
|
|
|
|
var (
|
|
|
|
user = ""
|
2024-06-19 05:34:40 +02:00
|
|
|
state = AUTHORIZATION // Start with AUTHORIZATION state
|
|
|
|
toDelete []string // Track messages marked for deletion
|
|
|
|
messages []message
|
2024-02-24 23:10:48 +13:00
|
|
|
)
|
|
|
|
|
|
|
|
defer func() {
|
|
|
|
if state == UPDATE {
|
|
|
|
for _, id := range toDelete {
|
2024-04-05 15:48:32 +13:00
|
|
|
_ = storage.DeleteMessages([]string{id})
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
|
|
|
if len(toDelete) > 0 {
|
2024-06-19 05:34:40 +02:00
|
|
|
// Update web UI to remove deleted messages
|
2024-02-24 23:10:48 +13:00
|
|
|
websockets.Broadcast("prune", nil)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := conn.Close(); err != nil {
|
|
|
|
logger.Log().Errorf("[pop3] %s", err.Error())
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
reader := bufio.NewReader(conn)
|
|
|
|
|
|
|
|
logger.Log().Debugf("[pop3] connection opened by %s", conn.RemoteAddr().String())
|
|
|
|
|
|
|
|
// First welcome the new connection
|
|
|
|
sendResponse(conn, "+OK Mailpit POP3 server")
|
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
// Set 10 minutes timeout according to RFC1939
|
2024-06-14 22:50:22 +02:00
|
|
|
timeoutDuration := 600 * time.Second
|
2024-02-24 23:10:48 +13:00
|
|
|
|
|
|
|
for {
|
2024-06-19 05:34:40 +02:00
|
|
|
// Set read deadline
|
|
|
|
if err := conn.SetReadDeadline(time.Now().Add(timeoutDuration)); err != nil {
|
2024-02-24 23:10:48 +13:00
|
|
|
logger.Log().Errorf("[pop3] %s", err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Reads a line from the client
|
|
|
|
rawLine, err := reader.ReadString('\n')
|
|
|
|
if err != nil {
|
2024-06-19 05:34:40 +02:00
|
|
|
if err == io.EOF {
|
|
|
|
logger.Log().Debugf("[pop3] client disconnected: %s", conn.RemoteAddr().String())
|
|
|
|
} else {
|
|
|
|
logger.Log().Errorf("[pop3] read error: %s", err.Error())
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Parses the command
|
|
|
|
cmd, args := getCommand(rawLine)
|
2024-06-19 15:46:38 +12:00
|
|
|
cmd = strings.ToUpper(cmd) // Commands in the POP3 are case-insensitive
|
2024-02-24 23:10:48 +13:00
|
|
|
|
|
|
|
logger.Log().Debugf("[pop3] received: %s (%s)", strings.TrimSpace(rawLine), conn.RemoteAddr().String())
|
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
switch cmd {
|
|
|
|
case "CAPA":
|
2024-02-24 23:10:48 +13:00
|
|
|
// List our capabilities per RFC2449
|
2024-06-19 15:59:55 +12:00
|
|
|
sendResponse(conn, "+OK capability list follows")
|
2024-02-24 23:10:48 +13:00
|
|
|
sendResponse(conn, "TOP")
|
|
|
|
sendResponse(conn, "USER")
|
|
|
|
sendResponse(conn, "UIDL")
|
|
|
|
sendResponse(conn, "IMPLEMENTATION Mailpit")
|
|
|
|
sendResponse(conn, ".")
|
2024-06-19 05:34:40 +02:00
|
|
|
case "USER":
|
|
|
|
if state == AUTHORIZATION {
|
|
|
|
if len(args) != 1 {
|
|
|
|
sendResponse(conn, "-ERR must supply a user")
|
|
|
|
return
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
2024-06-19 05:34:40 +02:00
|
|
|
sendResponse(conn, "+OK")
|
|
|
|
user = args[0]
|
2024-02-24 23:10:48 +13:00
|
|
|
} else {
|
2024-06-19 05:34:40 +02:00
|
|
|
sendResponse(conn, "-ERR user already specified")
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
2024-06-19 05:34:40 +02:00
|
|
|
case "PASS":
|
|
|
|
if state == AUTHORIZATION {
|
2024-06-19 15:47:05 +12:00
|
|
|
if user == "" {
|
|
|
|
sendResponse(conn, "-ERR must supply a user")
|
|
|
|
return
|
|
|
|
}
|
2024-06-19 05:34:40 +02:00
|
|
|
if len(args) != 1 {
|
|
|
|
sendResponse(conn, "-ERR must supply a password")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
pass := args[0]
|
|
|
|
if authUser(user, pass) {
|
|
|
|
sendResponse(conn, "+OK signed in")
|
|
|
|
var err error
|
|
|
|
messages, err = getMessages()
|
|
|
|
if err != nil {
|
|
|
|
logger.Log().Errorf("[pop3] %s", err.Error())
|
|
|
|
}
|
|
|
|
state = TRANSACTION
|
|
|
|
} else {
|
|
|
|
sendResponse(conn, "-ERR invalid password")
|
|
|
|
logger.Log().Warnf("[pop3] failed login: %s", user)
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
sendResponse(conn, "-ERR user not specified")
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
2024-06-19 15:59:18 +12:00
|
|
|
case "STAT", "LIST", "UIDL", "RETR", "TOP", "NOOP", "DELE", "RSET":
|
2024-06-19 05:34:40 +02:00
|
|
|
if state == TRANSACTION {
|
|
|
|
handleTransactionCommand(conn, cmd, args, messages, &toDelete)
|
|
|
|
} else {
|
|
|
|
sendResponse(conn, "-ERR user not authenticated")
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
2024-06-19 05:34:40 +02:00
|
|
|
case "QUIT":
|
2024-06-19 15:59:55 +12:00
|
|
|
sendResponse(conn, "+OK goodbye")
|
2024-06-19 05:34:40 +02:00
|
|
|
state = UPDATE
|
|
|
|
return
|
|
|
|
default:
|
|
|
|
sendResponse(conn, "-ERR unknown command")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
func handleTransactionCommand(conn net.Conn, cmd string, args []string, messages []message, toDelete *[]string) {
|
|
|
|
switch cmd {
|
|
|
|
case "STAT":
|
|
|
|
totalSize := float64(0)
|
|
|
|
for _, m := range messages {
|
|
|
|
totalSize += m.Size
|
|
|
|
}
|
|
|
|
sendResponse(conn, fmt.Sprintf("+OK %d %d", len(messages), int64(totalSize)))
|
|
|
|
case "LIST":
|
|
|
|
totalSize := float64(0)
|
|
|
|
for _, m := range messages {
|
|
|
|
totalSize += m.Size
|
|
|
|
}
|
|
|
|
sendResponse(conn, fmt.Sprintf("+OK %d messages (%d octets)", len(messages), int64(totalSize)))
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
for row, m := range messages {
|
|
|
|
sendResponse(conn, fmt.Sprintf("%d %d", row+1, int64(m.Size))) // Convert Size to int64 when printing
|
|
|
|
}
|
|
|
|
sendResponse(conn, ".")
|
|
|
|
case "UIDL":
|
|
|
|
sendResponse(conn, "+OK unique-id listing follows")
|
|
|
|
for row, m := range messages {
|
|
|
|
sendResponse(conn, fmt.Sprintf("%d %s", row+1, m.ID))
|
|
|
|
}
|
|
|
|
sendResponse(conn, ".")
|
|
|
|
case "RETR":
|
|
|
|
if len(args) != 1 {
|
|
|
|
sendResponse(conn, "-ERR no such message")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
nr, err := strconv.Atoi(args[0])
|
|
|
|
if err != nil || nr < 1 || nr > len(messages) {
|
|
|
|
sendResponse(conn, "-ERR no such message")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
m := messages[nr-1]
|
|
|
|
raw, err := storage.GetMessageRaw(m.ID)
|
|
|
|
if err != nil {
|
|
|
|
sendResponse(conn, "-ERR no such message")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
size := len(raw)
|
|
|
|
sendResponse(conn, fmt.Sprintf("+OK %d octets", size))
|
|
|
|
|
|
|
|
// When all lines of the response have been sent, a
|
|
|
|
// final line is sent, consisting of a termination octet (decimal code
|
|
|
|
// 046, ".") and a CRLF pair. If any line of the multi-line response
|
|
|
|
// begins with the termination octet, the line is "byte-stuffed" by
|
|
|
|
// pre-pending the termination octet to that line of the response.
|
|
|
|
// @see: https://www.ietf.org/rfc/rfc1939.txt
|
|
|
|
sendData(conn, strings.Replace(string(raw), "\n.", "\n..", -1))
|
|
|
|
sendResponse(conn, ".")
|
|
|
|
case "TOP":
|
|
|
|
arg, err := getSafeArg(args, 0)
|
|
|
|
if err != nil {
|
|
|
|
sendResponse(conn, "-ERR TOP requires two arguments")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
nr, err := strconv.Atoi(arg)
|
|
|
|
if err != nil || nr < 1 || nr > len(messages) {
|
|
|
|
sendResponse(conn, "-ERR no such message")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
arg2, err := getSafeArg(args, 1)
|
|
|
|
if err != nil {
|
|
|
|
sendResponse(conn, "-ERR TOP requires two arguments")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
lines, err := strconv.Atoi(arg2)
|
|
|
|
if err != nil {
|
|
|
|
sendResponse(conn, "-ERR TOP requires two arguments")
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 05:34:40 +02:00
|
|
|
m := messages[nr-1]
|
|
|
|
headers, body, err := getTop(m.ID, lines)
|
|
|
|
if err != nil {
|
|
|
|
sendResponse(conn, err.Error())
|
|
|
|
return
|
|
|
|
}
|
2024-02-24 23:10:48 +13:00
|
|
|
|
2024-06-19 15:59:55 +12:00
|
|
|
sendResponse(conn, "+OK top of message follows")
|
2024-06-19 05:34:40 +02:00
|
|
|
sendData(conn, headers+"\r\n")
|
|
|
|
sendData(conn, body)
|
|
|
|
sendResponse(conn, ".")
|
|
|
|
case "NOOP":
|
|
|
|
sendResponse(conn, "+OK")
|
|
|
|
case "DELE":
|
|
|
|
arg, _ := getSafeArg(args, 0)
|
|
|
|
nr, err := strconv.Atoi(arg)
|
|
|
|
if err != nil || nr < 1 || nr > len(messages) {
|
|
|
|
sendResponse(conn, "-ERR no such message")
|
2024-02-24 23:10:48 +13:00
|
|
|
return
|
|
|
|
}
|
2024-06-19 05:34:40 +02:00
|
|
|
|
|
|
|
m := messages[nr-1]
|
|
|
|
*toDelete = append(*toDelete, m.ID)
|
|
|
|
sendResponse(conn, "+OK message marked for deletion")
|
2024-06-19 15:59:18 +12:00
|
|
|
case "RSET":
|
|
|
|
*toDelete = []string{}
|
|
|
|
sendResponse(conn, "+OK")
|
2024-06-19 05:34:40 +02:00
|
|
|
default:
|
|
|
|
sendResponse(conn, "-ERR unknown command")
|
2024-02-24 23:10:48 +13:00
|
|
|
}
|
|
|
|
}
|