# SMTP Protocol Bridge A high-performance Node.js SMTP proxy designed to bridge legacy hardware and applications with modern, secure email providers. ## The Problem Many legacy devices (printers, scanners, older PLC controllers) and "end-of-life" software suites only support legacy SMTP standards. They often fail when communicating with modern providers due to: * Outdated TLS: Modern servers require TLS 1.2 or 1.3; legacy devices often top out at SSLv3 or TLS 1.0. * Certificate Chain Issues: Hardware often lacks the memory or firmware updates to store modern Root Certificate Authorities. * Authentication Mismatches: Inability to handle modern SASL mechanisms or specific encryption-first (Implicit SSL) requirements. ## The Solution This bridge acts as a local Protocol Translator: Inbound: It accepts unauthenticated, plain-text SMTP connections on a local port. Processing: It captures the envelope metadata and the raw RFC822 data stream. Outbound: It establishes a modern, encrypted tunnel to a designated upstream provider and authenticates using modern standards. ## Configuration The bridge is configured entirely via environment variables. RELAY_HOST _required_ The address of the upstream SMTP server (e.g., smtp.gmail.com). RELAY_PORT _optional_ The username for the upstream provider. RELAY_PASS _optional_ The password or API key for the upstream provider. SMTP_PORT _optional_ The port this proxy listens on locally. Defaults to 2525. ## Execution ### Local ```bash export RELAY_HOST='your.provider.com' export RELAY_PORT='465' export RELAY_USER='user@example.com' export RELAY_PASS='your-secure-password' node index.js ``` ### Docker (recommended) This service is designed to run in a lightweight container. ```docker # Dockerfile FROM node:18-slim WORKDIR /app RUN npm install smtp-server nodemailer COPY index.js . EXPOSE 2525 CMD ["node", "index.js"] ``` Bash: ``` docker run -d \ --name smtp-proxy \ -p 25:2525 \ -e RELAY_HOST='smtp.provider.com' \ -e RELAY_PORT='465' \ -e RELAY_USER='username' \ -e RELAY_PASS='password' \ --restart always \ smtp-proxy ``` ## Client Configuration (legacy device) Point your legacy hardware or software to this proxy using the following settings: SMTP Server The IP of the host running this bridge. Port The mapped port (e.g., 25). Authentication Disabled Security/Encryption Disabled (None/Plain). ## Security Note This proxy is an open relay for anyone with network access to it. Do not expose the SMTP_PORT to the public internet. Restrict access via firewall or run it on an isolated internal management VLAN.