mikromail 0.0.1

package/lib/chunk-TCYL3UFZ.mjs

@@ -0,0 +1,541 @@
+import {
+  encodeQuotedPrintable,
+  validateEmail
+} from "./chunk-UDLJWUFN.mjs";
+
+// src/SMTPClient.ts
+import { Buffer } from "node:buffer";
+import crypto from "node:crypto";
+import net from "node:net";
+import os from "node:os";
+import tls from "node:tls";
+var SMTPClient = class {
+  config;
+  socket;
+  connected;
+  lastCommand;
+  serverCapabilities;
+  secureMode;
+  retryCount;
+  constructor(config) {
+    this.config = {
+      host: config.host,
+      user: config.user,
+      password: config.password,
+      port: config.port ?? (config.secure ? 465 : 587),
+      secure: config.secure ?? true,
+      debug: config.debug ?? false,
+      timeout: config.timeout ?? 1e4,
+      clientName: config.clientName ?? os.hostname(),
+      maxRetries: config.maxRetries ?? 3,
+      retryDelay: config.retryDelay ?? 1e3,
+      skipAuthentication: config.skipAuthentication || false
+    };
+    this.socket = null;
+    this.connected = false;
+    this.lastCommand = "";
+    this.serverCapabilities = [];
+    this.secureMode = this.config.secure;
+    this.retryCount = 0;
+  }
+  /**
+   * Log debug messages if debug mode is enabled
+   */
+  log(message, isError = false) {
+    if (this.config.debug) {
+      const prefix = isError ? "SMTP ERROR: " : "SMTP: ";
+      console.log(`${prefix}${message}`);
+    }
+  }
+  /**
+   * Connect to the SMTP server
+   */
+  async connect() {
+    return new Promise((resolve, reject) => {
+      const connectionTimeout = setTimeout(() => {
+        reject(new Error(`Connection timeout after ${this.config.timeout}ms`));
+        this.socket?.destroy();
+      }, this.config.timeout);
+      try {
+        if (this.config.secure) {
+          this.createTLSConnection(connectionTimeout, resolve, reject);
+        } else {
+          this.createPlainConnection(connectionTimeout, resolve, reject);
+        }
+      } catch (error) {
+        clearTimeout(connectionTimeout);
+        this.log(`Failed to create socket: ${error.message}`, true);
+        reject(error);
+      }
+    });
+  }
+  /**
+   * Create a secure TLS connection
+   */
+  createTLSConnection(connectionTimeout, resolve, reject) {
+    this.socket = tls.connect({
+      host: this.config.host,
+      port: this.config.port,
+      rejectUnauthorized: true,
+      // Always validate TLS certificates
+      minVersion: "TLSv1.2",
+      // Enforce TLS 1.2 or higher
+      ciphers: "HIGH:!aNULL:!MD5:!RC4"
+    });
+    this.setupSocketEventHandlers(connectionTimeout, resolve, reject);
+  }
+  /**
+   * Create a plain socket connection (for later STARTTLS upgrade)
+   */
+  createPlainConnection(connectionTimeout, resolve, reject) {
+    this.socket = net.createConnection({
+      host: this.config.host,
+      port: this.config.port
+    });
+    this.setupSocketEventHandlers(connectionTimeout, resolve, reject);
+  }
+  /**
+   * Set up common socket event handlers
+   */
+  setupSocketEventHandlers(connectionTimeout, resolve, reject) {
+    if (!this.socket) return;
+    this.socket.once("error", (err) => {
+      clearTimeout(connectionTimeout);
+      this.log(`Connection error: ${err.message}`, true);
+      reject(new Error(`SMTP connection error: ${err.message}`));
+    });
+    this.socket.once("connect", () => {
+      this.log("Connected to SMTP server");
+      clearTimeout(connectionTimeout);
+      this.socket.once("data", (data) => {
+        const greeting = data.toString().trim();
+        this.log(`Server greeting: ${greeting}`);
+        if (greeting.startsWith("220")) {
+          this.connected = true;
+          this.secureMode = this.config.secure;
+          resolve();
+        } else {
+          reject(new Error(`Unexpected server greeting: ${greeting}`));
+          this.socket.destroy();
+        }
+      });
+    });
+    this.socket.once("close", (hadError) => {
+      if (this.connected) {
+        this.log(`Connection closed${hadError ? " with error" : ""}`);
+      } else {
+        clearTimeout(connectionTimeout);
+        reject(new Error("Connection closed before initialization completed"));
+      }
+      this.connected = false;
+    });
+  }
+  /**
+   * Upgrade connection to TLS using STARTTLS
+   */
+  async upgradeToTLS() {
+    if (!this.socket || this.secureMode) return;
+    return new Promise((resolve, reject) => {
+      const plainSocket = this.socket;
+      const tlsOptions = {
+        socket: plainSocket,
+        host: this.config.host,
+        rejectUnauthorized: true,
+        minVersion: "TLSv1.2",
+        ciphers: "HIGH:!aNULL:!MD5:!RC4"
+      };
+      const tlsSocket = tls.connect(tlsOptions);
+      tlsSocket.once("error", (err) => {
+        this.log(`TLS upgrade error: ${err.message}`, true);
+        reject(new Error(`STARTTLS error: ${err.message}`));
+      });
+      tlsSocket.once("secureConnect", () => {
+        this.log("Connection upgraded to TLS");
+        if (tlsSocket.authorized) {
+          this.socket = tlsSocket;
+          this.secureMode = true;
+          resolve();
+        } else {
+          reject(
+            new Error(
+              `TLS certificate verification failed: ${tlsSocket.authorizationError}`
+            )
+          );
+        }
+      });
+    });
+  }
+  /**
+   * Send an SMTP command and await response
+   */
+  async sendCommand(command, expectedCode, timeout = this.config.timeout) {
+    if (!this.socket || !this.connected) {
+      throw new Error("Not connected to SMTP server");
+    }
+    return new Promise((resolve, reject) => {
+      const commandTimeout = setTimeout(() => {
+        this.socket?.removeListener("data", onData);
+        reject(new Error(`Command timeout after ${timeout}ms: ${command}`));
+      }, timeout);
+      let responseData = "";
+      const onData = (chunk) => {
+        responseData += chunk.toString();
+        const lines = responseData.split("\r\n");
+        if (lines.length > 0 && lines[lines.length - 1] === "") {
+          const lastLine = lines[lines.length - 2] || "";
+          const matches = /^(\d{3})(.?)/.exec(lastLine);
+          if (matches?.[1] && matches[2] !== "-") {
+            this.socket?.removeListener("data", onData);
+            clearTimeout(commandTimeout);
+            this.log(`SMTP Response: ${responseData.trim()}`);
+            if (matches[1] === expectedCode.toString()) {
+              resolve(responseData.trim());
+            } else {
+              reject(new Error(`SMTP Error: ${responseData.trim()}`));
+            }
+          }
+        }
+      };
+      this.socket.on("data", onData);
+      if (command.startsWith("AUTH PLAIN") || command.startsWith("AUTH LOGIN") || this.lastCommand === "AUTH LOGIN" && !command.startsWith("AUTH")) {
+        this.log("SMTP Command: [Credentials hidden]");
+      } else {
+        this.log(`SMTP Command: ${command}`);
+      }
+      this.lastCommand = command;
+      this.socket.write(`${command}\r
+`);
+    });
+  }
+  /**
+   * Parse EHLO response to determine server capabilities
+   */
+  parseCapabilities(ehloResponse) {
+    const lines = ehloResponse.split("\r\n");
+    this.serverCapabilities = [];
+    for (let i = 1; i < lines.length; i++) {
+      const line = lines[i];
+      if (line.match(/^\d{3}/) && line.charAt(3) === " ") {
+        const capability = line.substr(4).toUpperCase();
+        this.serverCapabilities.push(capability);
+      }
+    }
+    this.log(`Server capabilities: ${this.serverCapabilities.join(", ")}`);
+  }
+  /**
+   * Determine the best authentication method supported by the server
+   */
+  getBestAuthMethod() {
+    const capabilities = this.serverCapabilities.map(
+      (cap) => cap.split(" ")[0]
+    );
+    if (capabilities.includes("AUTH")) {
+      const authLine = this.serverCapabilities.find(
+        (cap) => cap.startsWith("AUTH ")
+      );
+      if (authLine) {
+        const methods = authLine.split(" ").slice(1);
+        if (methods.includes("CRAM-MD5")) return "CRAM-MD5";
+        if (methods.includes("LOGIN")) return "LOGIN";
+        if (methods.includes("PLAIN")) return "PLAIN";
+      }
+    }
+    return "PLAIN";
+  }
+  /**
+   * Authenticate with the SMTP server using the best available method
+   */
+  async authenticate() {
+    const authMethod = this.getBestAuthMethod();
+    switch (authMethod) {
+      case "CRAM-MD5":
+        await this.authenticateCramMD5();
+        break;
+      case "LOGIN":
+        await this.authenticateLogin();
+        break;
+      default:
+        await this.authenticatePlain();
+        break;
+    }
+  }
+  /**
+   * Authenticate using PLAIN method
+   */
+  async authenticatePlain() {
+    const authPlain = Buffer.from(
+      `\0${this.config.user}\0${this.config.password}`
+    ).toString("base64");
+    await this.sendCommand(`AUTH PLAIN ${authPlain}`, 235);
+  }
+  /**
+   * Authenticate using LOGIN method
+   */
+  async authenticateLogin() {
+    await this.sendCommand("AUTH LOGIN", 334);
+    await this.sendCommand(
+      Buffer.from(this.config.user).toString("base64"),
+      334
+    );
+    await this.sendCommand(
+      Buffer.from(this.config.password).toString("base64"),
+      235
+    );
+  }
+  /**
+   * Authenticate using CRAM-MD5 method
+   */
+  async authenticateCramMD5() {
+    const response = await this.sendCommand("AUTH CRAM-MD5", 334);
+    const challenge = Buffer.from(response.substr(4), "base64").toString(
+      "utf8"
+    );
+    const hmac = crypto.createHmac("md5", this.config.password);
+    hmac.update(challenge);
+    const digest = hmac.digest("hex");
+    const cramResponse = `${this.config.user} ${digest}`;
+    const encodedResponse = Buffer.from(cramResponse).toString("base64");
+    await this.sendCommand(encodedResponse, 235);
+  }
+  /**
+   * Generate a unique message ID
+   */
+  generateMessageId() {
+    const random = crypto.randomBytes(16).toString("hex");
+    const domain = this.config.user.split("@")[1] || "localhost";
+    return `<${random}@${domain}>`;
+  }
+  /**
+   * Generate MIME boundary for multipart messages
+   */
+  generateBoundary() {
+    return `----=_NextPart_${crypto.randomBytes(12).toString("hex")}`;
+  }
+  /**
+   * Encode string according to RFC 2047 for headers with non-ASCII characters
+   */
+  encodeHeaderValue(value) {
+    if (/^[\x00-\x7F]*$/.test(value)) {
+      return value;
+    }
+    return `=?UTF-8?Q?${// biome-ignore lint/suspicious/noControlCharactersInRegex: <explanation>
+    value.replace(/[^\x00-\x7F]/g, (c) => {
+      const hex = c.charCodeAt(0).toString(16).toUpperCase();
+      return `=${hex.length < 2 ? `0${hex}` : hex}`;
+    })}?=`;
+  }
+  /**
+   * Sanitize and encode header value to prevent injection and handle internationalization
+   */
+  sanitizeHeader(value) {
+    const sanitized = value.replace(/[\r\n]+/g, " ");
+    return this.encodeHeaderValue(sanitized);
+  }
+  /**
+   * Create email headers with proper sanitization
+   */
+  createEmailHeaders(options) {
+    const messageId = this.generateMessageId();
+    const date = (/* @__PURE__ */ new Date()).toUTCString();
+    const from = options.from || this.config.user;
+    const { to } = options;
+    const headers = [
+      `From: ${this.sanitizeHeader(from)}`,
+      `To: ${this.sanitizeHeader(to)}`,
+      `Subject: ${this.sanitizeHeader(options.subject)}`,
+      `Message-ID: ${messageId}`,
+      `Date: ${date}`,
+      "MIME-Version: 1.0"
+    ];
+    if (options.cc) {
+      const cc = Array.isArray(options.cc) ? options.cc.join(", ") : options.cc;
+      headers.push(`Cc: ${this.sanitizeHeader(cc)}`);
+    }
+    if (options.replyTo) {
+      headers.push(`Reply-To: ${this.sanitizeHeader(options.replyTo)}`);
+    }
+    if (options.headers) {
+      for (const [name, value] of Object.entries(options.headers)) {
+        if (!/^[a-zA-Z0-9-]+$/.test(name)) continue;
+        if (/^(from|to|cc|bcc|subject|date|message-id)$/i.test(name)) continue;
+        headers.push(`${name}: ${this.sanitizeHeader(value)}`);
+      }
+    }
+    return headers;
+  }
+  /**
+   * Create a multipart email with text and HTML parts
+   */
+  createMultipartEmail(options) {
+    const { text, html } = options;
+    const headers = this.createEmailHeaders(options);
+    const boundary = this.generateBoundary();
+    if (html && text) {
+      headers.push(
+        `Content-Type: multipart/alternative; boundary="${boundary}"`
+      );
+      return `${headers.join("\r\n")}\r
+\r
+--${boundary}\r
+Content-Type: text/plain; charset=utf-8\r
+Content-Transfer-Encoding: quoted-printable\r
+\r
+${encodeQuotedPrintable(text || "")}\r
+\r
+--${boundary}\r
+Content-Type: text/html; charset=utf-8\r
+Content-Transfer-Encoding: quoted-printable\r
+\r
+${encodeQuotedPrintable(html || "")}\r
+\r
+--${boundary}--\r
+`;
+    }
+    if (html) {
+      headers.push("Content-Type: text/html; charset=utf-8");
+      headers.push("Content-Transfer-Encoding: quoted-printable");
+      return `${headers.join("\r\n")}\r
+\r
+${encodeQuotedPrintable(html)}`;
+    }
+    headers.push("Content-Type: text/plain; charset=utf-8");
+    headers.push("Content-Transfer-Encoding: quoted-printable");
+    return `${headers.join("\r\n")}\r
+\r
+${encodeQuotedPrintable(text || "")}`;
+  }
+  /**
+   * Perform full SMTP handshake, including STARTTLS if needed
+   */
+  async smtpHandshake() {
+    const ehloResponse = await this.sendCommand(
+      `EHLO ${this.config.clientName}`,
+      250
+    );
+    this.parseCapabilities(ehloResponse);
+    if (!this.secureMode && this.serverCapabilities.includes("STARTTLS")) {
+      await this.sendCommand("STARTTLS", 220);
+      await this.upgradeToTLS();
+      const secureEhloResponse = await this.sendCommand(
+        `EHLO ${this.config.clientName}`,
+        250
+      );
+      this.parseCapabilities(secureEhloResponse);
+    }
+    if (!this.config.skipAuthentication) {
+      await this.authenticate();
+    } else {
+      this.log("Authentication skipped (testing mode)");
+    }
+  }
+  /**
+   * Send an email with retry capability
+   */
+  async sendEmail(options) {
+    const from = options.from || this.config.user;
+    const { to, subject } = options;
+    const text = options.text || "";
+    const html = options.html || "";
+    if (!from || !to || !subject || !text && !html) {
+      return {
+        success: false,
+        error: "Missing required email parameters (from, to, subject, and either text or html)"
+      };
+    }
+    if (!validateEmail(from) || !validateEmail(to)) {
+      return {
+        success: false,
+        error: "Invalid email address format"
+      };
+    }
+    for (this.retryCount = 0; this.retryCount <= this.config.maxRetries; this.retryCount++) {
+      try {
+        if (this.retryCount > 0) {
+          this.log(
+            `Retrying email send (attempt ${this.retryCount} of ${this.config.maxRetries})...`
+          );
+          await new Promise(
+            (resolve) => setTimeout(resolve, this.config.retryDelay)
+          );
+        }
+        if (!this.connected) {
+          await this.connect();
+          await this.smtpHandshake();
+        }
+        await this.sendCommand(`MAIL FROM:<${from}>`, 250);
+        await this.sendCommand(`RCPT TO:<${to}>`, 250);
+        if (options.cc) {
+          const ccList = Array.isArray(options.cc) ? options.cc : [options.cc];
+          for (const cc of ccList) {
+            if (validateEmail(cc)) {
+              await this.sendCommand(`RCPT TO:<${cc}>`, 250);
+            }
+          }
+        }
+        if (options.bcc) {
+          const bccList = Array.isArray(options.bcc) ? options.bcc : [options.bcc];
+          for (const bcc of bccList) {
+            if (validateEmail(bcc)) {
+              await this.sendCommand(`RCPT TO:<${bcc}>`, 250);
+            }
+          }
+        }
+        await this.sendCommand("DATA", 354);
+        const emailContent = this.createMultipartEmail(options);
+        await this.sendCommand(`${emailContent}\r
+.`, 250);
+        const messageIdMatch = /Message-ID: (.*)/i.exec(emailContent);
+        const messageId = messageIdMatch ? messageIdMatch[1].trim() : void 0;
+        return {
+          success: true,
+          messageId,
+          message: "Email sent successfully"
+        };
+      } catch (error) {
+        const errorMessage = error.message;
+        this.log(`Error sending email: ${errorMessage}`, true);
+        const isPermanentError = errorMessage.includes("5.") || // 5xx SMTP errors are permanent
+        errorMessage.includes("Authentication failed") || errorMessage.includes("certificate");
+        if (isPermanentError || this.retryCount >= this.config.maxRetries) {
+          return {
+            success: false,
+            error: errorMessage
+          };
+        }
+        try {
+          if (this.connected) {
+            await this.sendCommand("RSET", 250);
+          }
+        } catch (_error) {
+        }
+        this.socket?.end();
+        this.connected = false;
+      }
+    }
+    return {
+      success: false,
+      error: "Maximum retry count exceeded"
+    };
+  }
+  /**
+   * Close the connection gracefully
+   */
+  async close() {
+    try {
+      if (this.connected) {
+        await this.sendCommand("QUIT", 221);
+      }
+    } catch (e) {
+      this.log(`Error during QUIT: ${e.message}`, true);
+    } finally {
+      if (this.socket) {
+        this.socket.end();
+        this.connected = false;
+      }
+    }
+  }
+};
+
+export {
+  SMTPClient
+};

package/lib/chunk-UDLJWUFN.mjs

@@ -0,0 +1,83 @@
+// src/utils/index.ts
+import { promises as dnsPromises } from "node:dns";
+function encodeQuotedPrintable(text) {
+  let result = text.replace(/\r?\n/g, "\r\n");
+  result = result.replace(/=/g, "=3D");
+  const utf8Bytes = new TextEncoder().encode(result);
+  let encoded = "";
+  let lineLength = 0;
+  for (let i = 0; i < utf8Bytes.length; i++) {
+    const byte = utf8Bytes[i];
+    let chunk = "";
+    if (byte >= 33 && byte <= 126 && byte !== 61 || byte === 32) {
+      chunk = String.fromCharCode(byte);
+    } else if (byte === 13 || byte === 10) {
+      chunk = String.fromCharCode(byte);
+      if (byte === 10) {
+        lineLength = 0;
+      }
+    } else {
+      const hex = byte.toString(16).toUpperCase();
+      chunk = `=${hex.length < 2 ? `0${hex}` : hex}`;
+    }
+    if (lineLength + chunk.length > 75 && !(byte === 13 || byte === 10)) {
+      encoded += "=\r\n";
+      lineLength = 0;
+    }
+    encoded += chunk;
+    lineLength += chunk.length;
+  }
+  return encoded;
+}
+function validateEmail(email) {
+  try {
+    const [localPart, domain] = email.split("@");
+    if (!localPart || localPart.length > 64) return false;
+    if (localPart.startsWith(".") || localPart.endsWith(".") || localPart.includes(".."))
+      return false;
+    if (!/^[a-zA-Z0-9!#$%&'*+\-/=?^_`{|}~.]+$/.test(localPart)) return false;
+    if (!domain || domain.length > 255) return false;
+    if (domain.startsWith("[") && domain.endsWith("]")) {
+      const ipContent = domain.slice(1, -1);
+      if (ipContent.startsWith("IPv6:")) return true;
+      const ipv4Regex = /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/;
+      return ipv4Regex.test(ipContent);
+    }
+    if (domain.startsWith(".") || domain.endsWith(".") || domain.includes(".."))
+      return false;
+    const domainParts = domain.split(".");
+    if (domainParts.length < 2 || domainParts[domainParts.length - 1].length < 2)
+      return false;
+    for (const part of domainParts) {
+      if (!part || part.length > 63) return false;
+      if (!/^[a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?$/.test(part)) return false;
+    }
+    return true;
+  } catch (_error) {
+    return false;
+  }
+}
+async function verifyMXRecords(domain) {
+  try {
+    const records = await dnsPromises.resolveMx(domain);
+    return !!records && records.length > 0;
+  } catch (_error) {
+    return false;
+  }
+}
+async function verifyEmailDomain(email) {
+  try {
+    const domain = email.split("@")[1];
+    if (!domain) return false;
+    return await verifyMXRecords(domain);
+  } catch (_error) {
+    return false;
+  }
+}
+
+export {
+  encodeQuotedPrintable,
+  validateEmail,
+  verifyMXRecords,
+  verifyEmailDomain
+};