npm - @push.rocks/smartmta - Versions diffs - 5.1.2 → 5.2.0 - Mend

@push.rocks/smartmta 5.1.2 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (99) hide show

package/changelog.md +14 -0
package/dist_ts/00_commitinfo_data.d.ts +8 -0
package/dist_ts/00_commitinfo_data.js +9 -0
package/dist_ts/index.d.ts +3 -0
package/dist_ts/index.js +4 -0
package/dist_ts/logger.d.ts +17 -0
package/dist_ts/logger.js +76 -0
package/dist_ts/mail/core/classes.bouncemanager.d.ts +185 -0
package/dist_ts/mail/core/classes.bouncemanager.js +569 -0
package/dist_ts/mail/core/classes.email.d.ts +291 -0
package/dist_ts/mail/core/classes.email.js +802 -0
package/dist_ts/mail/core/classes.emailvalidator.d.ts +61 -0
package/dist_ts/mail/core/classes.emailvalidator.js +184 -0
package/dist_ts/mail/core/classes.templatemanager.d.ts +95 -0
package/dist_ts/mail/core/classes.templatemanager.js +240 -0
package/dist_ts/mail/core/index.d.ts +4 -0
package/dist_ts/mail/core/index.js +6 -0
package/dist_ts/mail/delivery/classes.delivery.queue.d.ts +163 -0
package/dist_ts/mail/delivery/classes.delivery.queue.js +488 -0
package/dist_ts/mail/delivery/classes.delivery.system.d.ts +160 -0
package/dist_ts/mail/delivery/classes.delivery.system.js +630 -0
package/dist_ts/mail/delivery/classes.unified.rate.limiter.d.ts +200 -0
package/dist_ts/mail/delivery/classes.unified.rate.limiter.js +820 -0
package/dist_ts/mail/delivery/index.d.ts +4 -0
package/dist_ts/mail/delivery/index.js +6 -0
package/dist_ts/mail/delivery/interfaces.d.ts +140 -0
package/dist_ts/mail/delivery/interfaces.js +17 -0
package/dist_ts/mail/index.d.ts +7 -0
package/dist_ts/mail/index.js +12 -0
package/dist_ts/mail/routing/classes.dkim.manager.d.ts +25 -0
package/dist_ts/mail/routing/classes.dkim.manager.js +127 -0
package/dist_ts/mail/routing/classes.dns.manager.d.ts +79 -0
package/dist_ts/mail/routing/classes.dns.manager.js +415 -0
package/dist_ts/mail/routing/classes.domain.registry.d.ts +54 -0
package/dist_ts/mail/routing/classes.domain.registry.js +119 -0
package/dist_ts/mail/routing/classes.email.action.executor.d.ts +33 -0
package/dist_ts/mail/routing/classes.email.action.executor.js +137 -0
package/dist_ts/mail/routing/classes.email.router.d.ts +171 -0
package/dist_ts/mail/routing/classes.email.router.js +494 -0
package/dist_ts/mail/routing/classes.unified.email.server.d.ts +241 -0
package/dist_ts/mail/routing/classes.unified.email.server.js +935 -0
package/dist_ts/mail/routing/index.d.ts +7 -0
package/dist_ts/mail/routing/index.js +9 -0
package/dist_ts/mail/routing/interfaces.d.ts +187 -0
package/dist_ts/mail/routing/interfaces.js +2 -0
package/dist_ts/mail/security/classes.dkimcreator.d.ts +72 -0
package/dist_ts/mail/security/classes.dkimcreator.js +360 -0
package/dist_ts/mail/security/classes.spfverifier.d.ts +62 -0
package/dist_ts/mail/security/classes.spfverifier.js +87 -0
package/dist_ts/mail/security/index.d.ts +2 -0
package/dist_ts/mail/security/index.js +4 -0
package/dist_ts/paths.d.ts +14 -0
package/dist_ts/paths.js +39 -0
package/dist_ts/plugins.d.ts +24 -0
package/dist_ts/plugins.js +28 -0
package/dist_ts/security/classes.contentscanner.d.ts +130 -0
package/dist_ts/security/classes.contentscanner.js +338 -0
package/dist_ts/security/classes.ipreputationchecker.d.ts +73 -0
package/dist_ts/security/classes.ipreputationchecker.js +263 -0
package/dist_ts/security/classes.rustsecuritybridge.d.ts +398 -0
package/dist_ts/security/classes.rustsecuritybridge.js +484 -0
package/dist_ts/security/classes.securitylogger.d.ts +140 -0
package/dist_ts/security/classes.securitylogger.js +235 -0
package/dist_ts/security/index.d.ts +4 -0
package/dist_ts/security/index.js +5 -0
package/package.json +6 -1
package/readme.md +52 -9
package/ts/00_commitinfo_data.ts +8 -0
package/ts/index.ts +3 -0
package/ts/logger.ts +91 -0
package/ts/mail/core/classes.bouncemanager.ts +731 -0
package/ts/mail/core/classes.email.ts +942 -0
package/ts/mail/core/classes.emailvalidator.ts +239 -0
package/ts/mail/core/classes.templatemanager.ts +320 -0
package/ts/mail/core/index.ts +5 -0
package/ts/mail/delivery/classes.delivery.queue.ts +645 -0
package/ts/mail/delivery/classes.delivery.system.ts +816 -0
package/ts/mail/delivery/classes.unified.rate.limiter.ts +1053 -0
package/ts/mail/delivery/index.ts +5 -0
package/ts/mail/delivery/interfaces.ts +167 -0
package/ts/mail/index.ts +17 -0
package/ts/mail/routing/classes.dkim.manager.ts +157 -0
package/ts/mail/routing/classes.dns.manager.ts +573 -0
package/ts/mail/routing/classes.domain.registry.ts +139 -0
package/ts/mail/routing/classes.email.action.executor.ts +175 -0
package/ts/mail/routing/classes.email.router.ts +575 -0
package/ts/mail/routing/classes.unified.email.server.ts +1207 -0
package/ts/mail/routing/index.ts +9 -0
package/ts/mail/routing/interfaces.ts +202 -0
package/ts/mail/security/classes.dkimcreator.ts +447 -0
package/ts/mail/security/classes.spfverifier.ts +126 -0
package/ts/mail/security/index.ts +3 -0
package/ts/paths.ts +48 -0
package/ts/plugins.ts +53 -0
package/ts/security/classes.contentscanner.ts +400 -0
package/ts/security/classes.ipreputationchecker.ts +315 -0
package/ts/security/classes.rustsecuritybridge.ts +943 -0
package/ts/security/classes.securitylogger.ts +299 -0
package/ts/security/index.ts +40 -0

package/ts/mail/delivery/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+// Email delivery components
+export * from './classes.delivery.queue.js';
+export * from './classes.delivery.system.js';
+export { DeliveryStatus } from './classes.delivery.system.js';
+export * from './classes.unified.rate.limiter.js';

package/ts/mail/delivery/interfaces.ts ADDED Viewed

@@ -0,0 +1,167 @@
+/**
+ * SMTP and email delivery interface definitions
+ */
+/**
+ * SMTP session state enumeration
+ */
+export enum SmtpState {
+  GREETING = 'GREETING',
+  AFTER_EHLO = 'AFTER_EHLO',
+  MAIL_FROM = 'MAIL_FROM',
+  RCPT_TO = 'RCPT_TO',
+  DATA = 'DATA',
+  DATA_RECEIVING = 'DATA_RECEIVING',
+  FINISHED = 'FINISHED'
+}
+/**
+ * Email processing mode type
+ */
+export type EmailProcessingMode = 'forward' | 'mta' | 'process';
+/**
+ * Envelope recipient information
+ */
+export interface IEnvelopeRecipient {
+  /**
+   * Email address of the recipient
+   */
+  address: string;
+  /**
+   * Additional SMTP command arguments
+   */
+  args: Record<string, string>;
+}
+/**
+ * SMTP session envelope information
+ */
+export interface ISmtpEnvelope {
+  /**
+   * Envelope sender (MAIL FROM) information
+   */
+  mailFrom: {
+    /**
+     * Email address of the sender
+     */
+    address: string;
+    /**
+     * Additional SMTP command arguments
+     */
+    args: Record<string, string>;
+  };
+  /**
+   * Envelope recipients (RCPT TO) information
+   */
+  rcptTo: IEnvelopeRecipient[];
+}
+/**
+ * SMTP Session interface - represents an active SMTP connection
+ */
+export interface ISmtpSession {
+  /**
+   * Unique session identifier
+   */
+  id: string;
+  /**
+   * Current session state in the SMTP conversation
+   */
+  state: SmtpState;
+  /**
+   * Hostname provided by the client in EHLO/HELO command
+   */
+  clientHostname: string;
+  /**
+   * MAIL FROM email address (legacy format)
+   */
+  mailFrom: string;
+  /**
+   * RCPT TO email addresses (legacy format)
+   */
+  rcptTo: string[];
+  /**
+   * Raw email data being received
+   */
+  emailData: string;
+  /**
+   * Chunks of email data for more efficient buffer management
+   */
+  emailDataChunks?: string[];
+  /**
+   * Whether the connection is using TLS
+   */
+  useTLS: boolean;
+  /**
+   * Whether the connection has ended
+   */
+  connectionEnded: boolean;
+  /**
+   * Remote IP address of the client
+   */
+  remoteAddress: string;
+  /**
+   * Whether the connection is secure (TLS)
+   */
+  secure: boolean;
+  /**
+   * Whether the client has been authenticated
+   */
+  authenticated: boolean;
+  /**
+   * SMTP envelope information (structured format)
+   */
+  envelope: ISmtpEnvelope;
+  /**
+   * Email processing mode to use for this session
+   */
+  processingMode?: EmailProcessingMode;
+  /**
+   * Timestamp of last activity for session timeout tracking
+   */
+  lastActivity?: number;
+  /**
+   * Timeout ID for DATA command timeout
+   */
+  dataTimeoutId?: NodeJS.Timeout;
+}
+/**
+ * SMTP authentication data
+ */
+export interface ISmtpAuth {
+  /**
+   * Authentication method used
+   */
+  method: 'PLAIN' | 'LOGIN' | 'OAUTH2' | string;
+  /**
+   * Username for authentication
+   */
+  username: string;
+  /**
+   * Password or token for authentication
+   */
+  password: string;
+}

package/ts/mail/index.ts ADDED Viewed

@@ -0,0 +1,17 @@
+// Export all mail modules for simplified imports
+export * from './routing/index.js';
+export * from './security/index.js';
+// Make the core and delivery modules accessible
+import * as Core from './core/index.js';
+import * as Delivery from './delivery/index.js';
+export { Core, Delivery };
+// For direct imports
+import { Email } from './core/classes.email.js';
+// Re-export commonly used classes
+export {
+  Email,
+};

package/ts/mail/routing/classes.dkim.manager.ts ADDED Viewed

@@ -0,0 +1,157 @@
+import { logger } from '../../logger.js';
+import { DKIMCreator } from '../security/classes.dkimcreator.js';
+import { DomainRegistry } from './classes.domain.registry.js';
+import { RustSecurityBridge } from '../../security/classes.rustsecuritybridge.js';
+import { Email } from '../core/classes.email.js';
+/** External DcRouter interface shape used by DkimManager */
+interface DcRouter {
+  storageManager: any;
+  dnsServer?: any;
+}
+/**
+ * Manages DKIM key setup, rotation, and signing for all configured domains
+ */
+export class DkimManager {
+  private dkimKeys: Map<string, string> = new Map();
+  constructor(
+    private dkimCreator: DKIMCreator,
+    private domainRegistry: DomainRegistry,
+    private dcRouter: DcRouter,
+    private rustBridge: RustSecurityBridge,
+  ) {}
+  async setupDkimForDomains(): Promise<void> {
+    const domainConfigs = this.domainRegistry.getAllConfigs();
+    if (domainConfigs.length === 0) {
+      logger.log('warn', 'No domains configured for DKIM');
+      return;
+    }
+    for (const domainConfig of domainConfigs) {
+      const domain = domainConfig.domain;
+      const selector = domainConfig.dkim?.selector || 'default';
+      try {
+        let keyPair: { privateKey: string; publicKey: string };
+        try {
+          keyPair = await this.dkimCreator.readDKIMKeys(domain);
+          logger.log('info', `Using existing DKIM keys for domain: ${domain}`);
+        } catch (error) {
+          keyPair = await this.dkimCreator.createDKIMKeys();
+          await this.dkimCreator.createAndStoreDKIMKeys(domain);
+          logger.log('info', `Generated new DKIM keys for domain: ${domain}`);
+        }
+        this.dkimKeys.set(domain, keyPair.privateKey);
+        logger.log('info', `DKIM keys loaded for domain: ${domain} with selector: ${selector}`);
+      } catch (error) {
+        logger.log('error', `Failed to set up DKIM for domain ${domain}: ${error.message}`);
+      }
+    }
+  }
+  async checkAndRotateDkimKeys(): Promise<void> {
+    const domainConfigs = this.domainRegistry.getAllConfigs();
+    for (const domainConfig of domainConfigs) {
+      const domain = domainConfig.domain;
+      const selector = domainConfig.dkim?.selector || 'default';
+      const rotateKeys = domainConfig.dkim?.rotateKeys || false;
+      const rotationInterval = domainConfig.dkim?.rotationInterval || 90;
+      const keySize = domainConfig.dkim?.keySize || 2048;
+      if (!rotateKeys) {
+        logger.log('debug', `DKIM key rotation disabled for ${domain}`);
+        continue;
+      }
+      try {
+        const needsRotation = await this.dkimCreator.needsRotation(domain, selector, rotationInterval);
+        if (needsRotation) {
+          logger.log('info', `DKIM keys need rotation for ${domain} (selector: ${selector})`);
+          const newSelector = await this.dkimCreator.rotateDkimKeys(domain, selector, keySize);
+          domainConfig.dkim = {
+            ...domainConfig.dkim,
+            selector: newSelector
+          };
+          if (domainConfig.dnsMode === 'internal-dns' && this.dcRouter.dnsServer) {
+            const keyPair = await this.dkimCreator.readDKIMKeysForSelector(domain, newSelector);
+            const publicKeyBase64 = keyPair.publicKey
+              .replace(/-----BEGIN PUBLIC KEY-----/g, '')
+              .replace(/-----END PUBLIC KEY-----/g, '')
+              .replace(/\s/g, '');
+            const ttl = domainConfig.dns?.internal?.ttl || 3600;
+            this.dcRouter.dnsServer.registerHandler(
+              `${newSelector}._domainkey.${domain}`,
+              ['TXT'],
+              () => ({
+                name: `${newSelector}._domainkey.${domain}`,
+                type: 'TXT',
+                class: 'IN',
+                ttl: ttl,
+                data: `v=DKIM1; k=rsa; p=${publicKeyBase64}`
+              })
+            );
+            logger.log('info', `DKIM DNS handler registered for new selector: ${newSelector}._domainkey.${domain}`);
+            await this.dcRouter.storageManager.set(
+              `/email/dkim/${domain}/public.key`,
+              keyPair.publicKey
+            );
+          }
+          this.dkimCreator.cleanupOldKeys(domain, 30).catch(error => {
+            logger.log('warn', `Failed to cleanup old DKIM keys for ${domain}: ${error.message}`);
+          });
+        } else {
+          logger.log('debug', `DKIM keys for ${domain} are up to date`);
+        }
+      } catch (error) {
+        logger.log('error', `Failed to check/rotate DKIM keys for ${domain}: ${error.message}`);
+      }
+    }
+  }
+  async handleDkimSigning(email: Email, domain: string, selector: string): Promise<void> {
+    try {
+      await this.dkimCreator.handleDKIMKeysForDomain(domain);
+      const { privateKey } = await this.dkimCreator.readDKIMKeys(domain);
+      const rawEmail = email.toRFC822String();
+      // Detect key type from PEM header
+      const keyType = privateKey.includes('ED25519') ? 'ed25519' : 'rsa';
+      const signResult = await this.rustBridge.signDkim({
+        rawMessage: rawEmail,
+        domain,
+        selector,
+        privateKey,
+        keyType,
+      });
+      if (signResult.header) {
+        email.addHeader('DKIM-Signature', signResult.header);
+        logger.log('info', `Successfully added DKIM signature for ${domain}`);
+      }
+    } catch (error) {
+      logger.log('error', `Failed to sign email with DKIM: ${error.message}`);
+    }
+  }
+  getDkimKey(domain: string): string | undefined {
+    return this.dkimKeys.get(domain);
+  }
+}