105 lines
2.6 KiB
Markdown
105 lines
2.6 KiB
Markdown
# SMTP Protocol Bridge
|
|
|
|
A high-performance Node.js SMTP proxy designed to bridge legacy hardware and applications with modern, secure email providers.
|
|
|
|
## The Problem
|
|
|
|
Many legacy devices (printers, scanners, older PLC controllers) and "end-of-life" software suites only support legacy SMTP standards. They often fail when communicating with modern providers due to:
|
|
|
|
* Outdated TLS: Modern servers require TLS 1.2 or 1.3; legacy devices often top out at SSLv3 or TLS 1.0.
|
|
* Certificate Chain Issues: Hardware often lacks the memory or firmware updates to store modern Root Certificate Authorities.
|
|
* Authentication Mismatches: Inability to handle modern SASL mechanisms or specific encryption-first (Implicit SSL) requirements.
|
|
|
|
## The Solution
|
|
|
|
This bridge acts as a local Protocol Translator:
|
|
|
|
Inbound: It accepts unauthenticated, plain-text SMTP connections on a local port.
|
|
|
|
Processing: It captures the envelope metadata and the raw RFC822 data stream.
|
|
|
|
Outbound: It establishes a modern, encrypted tunnel to a designated upstream provider and authenticates using modern standards.
|
|
|
|
## Configuration
|
|
|
|
The bridge is configured entirely via environment variables.
|
|
|
|
RELAY_HOST
|
|
_required_
|
|
|
|
The address of the upstream SMTP server (e.g., smtp.gmail.com).
|
|
|
|
RELAY_PORT
|
|
_optional_
|
|
|
|
The username for the upstream provider.
|
|
|
|
RELAY_PASS
|
|
_optional_
|
|
|
|
The password or API key for the upstream provider.
|
|
|
|
SMTP_PORT
|
|
_optional_
|
|
|
|
The port this proxy listens on locally. Defaults to 2525.
|
|
|
|
## Execution
|
|
|
|
### Local
|
|
|
|
```bash
|
|
export RELAY_HOST='your.provider.com'
|
|
export RELAY_PORT='465'
|
|
export RELAY_USER='user@example.com'
|
|
export RELAY_PASS='your-secure-password'
|
|
node index.js
|
|
```
|
|
|
|
### Docker (recommended)
|
|
|
|
This service is designed to run in a lightweight container.
|
|
|
|
```docker
|
|
# Dockerfile
|
|
FROM node:18-slim
|
|
WORKDIR /app
|
|
RUN npm install smtp-server nodemailer
|
|
COPY index.js .
|
|
EXPOSE 2525
|
|
CMD ["node", "index.js"]
|
|
```
|
|
|
|
Bash:
|
|
```
|
|
docker run -d \
|
|
--name smtp-proxy \
|
|
-p 25:2525 \
|
|
-e RELAY_HOST='smtp.provider.com' \
|
|
-e RELAY_PORT='465' \
|
|
-e RELAY_USER='username' \
|
|
-e RELAY_PASS='password' \
|
|
--restart always \
|
|
smtp-proxy
|
|
```
|
|
|
|
## Client Configuration (legacy device)
|
|
|
|
Point your legacy hardware or software to this proxy using the following settings:
|
|
|
|
SMTP Server
|
|
The IP of the host running this bridge.
|
|
|
|
Port
|
|
The mapped port (e.g., 25).
|
|
|
|
Authentication
|
|
Disabled
|
|
|
|
Security/Encryption
|
|
Disabled (None/Plain).
|
|
|
|
## Security Note
|
|
|
|
This proxy is an open relay for anyone with network access to it. Do not expose the SMTP_PORT to the public internet. Restrict access via firewall or run it on an isolated internal management VLAN.
|