sently 0.2.0

package/dist/chunk-tch6s785.js

@@ -0,0 +1,943 @@
+import {
+  OAuth2Client
+} from "./chunk-vm70w4e3.js";
+import {
+  extractEmails,
+  parseAddresses,
+  resolveAttachments,
+  toMIMEHeader
+} from "./chunk-hdqpvsm8.js";
+import {
+  decodeBase64,
+  encodeBase64,
+  encodeHeader,
+  encodeUtf8
+} from "./chunk-794hc3m4.js";
+import {
+  __require
+} from "./chunk-v0bahtg2.js";
+
+// src/core/dkim.ts
+var CRLF = `\r
+`;
+var DEFAULT_HEADER_FIELDS = "from:to:subject:date:message-id:mime-version:content-type";
+function canonicalizeHeadersRelaxed(headers, fieldNames) {
+  const parsed = parseHeaders(headers);
+  const lines = [];
+  for (const name of fieldNames) {
+    const key = name.toLowerCase().trim();
+    const values = parsed.get(key);
+    if (!values) {
+      continue;
+    }
+    for (const value of values) {
+      const unfolded = value.replace(/\r?\n/g, "").replace(/\s+/g, " ").trim();
+      lines.push(`${key}:${unfolded}`);
+    }
+  }
+  return lines.length > 0 ? `${lines.join(CRLF)}${CRLF}` : "";
+}
+function canonicalizeBodyRelaxed(body) {
+  const normalized = body.replace(/\r\n/g, `
+`).replace(/\r/g, `
+`);
+  const lines = normalized.split(`
+`).map((line) => line.replace(/[ \t]+$/g, "").replace(/[ \t]+/g, " ")).filter((line) => line.length > 0);
+  if (lines.length === 0) {
+    return CRLF;
+  }
+  return `${lines.join(CRLF)}${CRLF}`;
+}
+async function importPrivateKey(pem, algorithm) {
+  if (algorithm === "ed25519-sha256" && /OPENSSH PRIVATE KEY/i.test(pem)) {
+    throw new Error("Ed25519 keys must be in PKCS#8 PEM format (-----BEGIN PRIVATE KEY-----). Convert with: openssl pkcs8 -topk8 -nocrypt -in key.pem -out key_pkcs8.pem");
+  }
+  const der = pemToDer(pem);
+  const derBuffer = toArrayBuffer(der);
+  try {
+    if (algorithm === "ed25519-sha256") {
+      return await crypto.subtle.importKey("pkcs8", derBuffer, { name: "Ed25519" }, false, [
+        "sign"
+      ]);
+    }
+    return await crypto.subtle.importKey("pkcs8", derBuffer, { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, false, ["sign"]);
+  } catch (err) {
+    if (algorithm === "ed25519-sha256" && err instanceof DOMException) {
+      throw new Error("Ed25519 DKIM requires Node.js ≥ 18.4, Bun ≥ 1.0, or Cloudflare Workers", {
+        cause: err
+      });
+    }
+    throw err;
+  }
+}
+async function signDKIM(rawMessage, config) {
+  const algorithm = config.algorithm ?? "rsa-sha256";
+  const fieldList = (config.headerFieldNames ?? DEFAULT_HEADER_FIELDS).split(":").map((f) => f.trim().toLowerCase()).filter(Boolean);
+  const skip = new Set((config.skipFields ?? "").split(":").map((f) => f.trim().toLowerCase()).filter(Boolean));
+  const signFields = fieldList.filter((f) => !skip.has(f));
+  const text = new TextDecoder().decode(rawMessage);
+  const sep = text.indexOf(`\r
+\r
+`);
+  const headerPart = sep >= 0 ? text.slice(0, sep) : text;
+  const bodyPart = sep >= 0 ? text.slice(sep + 4) : "";
+  const bodyCanonical = canonicalizeBodyRelaxed(bodyPart);
+  const bodyHash = await sha256Base64(encodeUtf8(bodyCanonical));
+  const dkimAlgo = algorithm === "ed25519-sha256" ? "ed25519-sha256" : "rsa-sha256";
+  const headerList = signFields.join(":");
+  const timestamp = Math.floor(Date.now() / 1000);
+  const dkimWithoutSig = [
+    `v=1`,
+    `a=${dkimAlgo}`,
+    `c=relaxed/relaxed`,
+    `d=${config.domainName}`,
+    `s=${config.keySelector}`,
+    `h=${headerList}`,
+    `bh=${bodyHash}`,
+    `b=`,
+    `t=${timestamp}`
+  ].join("; ");
+  const dkimHeaderName = "dkim-signature";
+  const dkimHeaderValue = dkimWithoutSig;
+  const headersWithDkim = `${headerPart}${CRLF}${dkimHeaderName}:${dkimHeaderValue}`;
+  const canonical = canonicalizeHeadersRelaxed(headersWithDkim, [...signFields, dkimHeaderName]);
+  const key = await importPrivateKey(config.privateKey, algorithm);
+  const data = encodeUtf8(canonical);
+  const signature = await signData(key, data, algorithm);
+  const bValue = encodeBase64(signature).replace(/\r\n/g, "");
+  const header = `DKIM-Signature: v=1; a=${dkimAlgo}; c=relaxed/relaxed; d=${config.domainName}; s=${config.keySelector}; h=${headerList}; bh=${bodyHash}; b=${bValue}; t=${timestamp}`;
+  return { header };
+}
+function parseHeaders(headerBlock) {
+  const map = new Map;
+  const lines = headerBlock.split(/\r?\n/).filter((l) => l.length > 0);
+  let currentName = "";
+  let currentValue = "";
+  const flush = () => {
+    if (!currentName) {
+      return;
+    }
+    const key = currentName.toLowerCase();
+    const list = map.get(key) ?? [];
+    list.push(currentValue);
+    map.set(key, list);
+    currentName = "";
+    currentValue = "";
+  };
+  for (const line of lines) {
+    if (/^[ \t]/.test(line) && currentName) {
+      currentValue += ` ${line.trim()}`;
+      continue;
+    }
+    flush();
+    const colon = line.indexOf(":");
+    if (colon > 0) {
+      currentName = line.slice(0, colon).trim();
+      currentValue = line.slice(colon + 1).trim();
+    }
+  }
+  flush();
+  return map;
+}
+function pemToDer(pem) {
+  const lines = pem.replace(/-----BEGIN[^-]+-----/g, "").replace(/-----END[^-]+-----/g, "").replace(/\s/g, "");
+  const binary = atob(lines);
+  const der = new Uint8Array(binary.length);
+  for (let i = 0;i < binary.length; i++) {
+    der[i] = binary.charCodeAt(i);
+  }
+  return der;
+}
+function toArrayBuffer(bytes) {
+  return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength);
+}
+async function sha256Base64(data) {
+  const hash = await crypto.subtle.digest("SHA-256", toArrayBuffer(data));
+  return encodeBase64(new Uint8Array(hash)).replace(/\r\n/g, "");
+}
+async function signData(key, data, algorithm) {
+  const buf = toArrayBuffer(data);
+  if (algorithm === "ed25519-sha256") {
+    const sig2 = await crypto.subtle.sign("Ed25519", key, buf);
+    return new Uint8Array(sig2);
+  }
+  const sig = await crypto.subtle.sign({ name: "RSASSA-PKCS1-v1_5" }, key, buf);
+  return new Uint8Array(sig);
+}
+
+// src/core/mime.ts
+var CRLF2 = `\r
+`;
+async function buildMIME(options, dkim) {
+  const messageId = options.messageId ?? generateMessageId();
+  const date = (options.date ?? new Date).toUTCString();
+  const fromAddrs = parseAddresses(options.from);
+  const toAddrs = parseAddresses(options.to);
+  const ccAddrs = options.cc ? parseAddresses(options.cc) : [];
+  if (fromAddrs.length === 0) {
+    throw new Error("Missing from address");
+  }
+  if (toAddrs.length === 0) {
+    throw new Error("Missing to address");
+  }
+  const envelope = {
+    from: fromAddrs[0]?.address ?? "",
+    to: [
+      ...extractEmails(options.to),
+      ...options.cc ? extractEmails(options.cc) : [],
+      ...options.bcc ? extractEmails(options.bcc) : []
+    ]
+  };
+  const attachments = options.attachments ?? [];
+  const inlineAttachments = attachments.filter((a) => a.inline || a.contentId);
+  const regularAttachments = attachments.filter((a) => !a.inline && !a.contentId);
+  let root = buildSimpleBody(options);
+  if (inlineAttachments.length > 0) {
+    const boundary = generateBoundary();
+    root = {
+      contentType: `multipart/related; boundary="${boundary}"`,
+      content: assembleMultipart(boundary, [
+        formatNestedPart(buildSimpleBody(options)),
+        ...inlineAttachments.map(formatAttachmentPart)
+      ])
+    };
+  }
+  if (regularAttachments.length > 0) {
+    const boundary = generateBoundary();
+    root = {
+      contentType: `multipart/mixed; boundary="${boundary}"`,
+      content: assembleMultipart(boundary, [
+        formatNestedPart(root),
+        ...regularAttachments.map(formatAttachmentPart)
+      ])
+    };
+  }
+  const headers = [
+    foldHeader("From", fromAddrs.map(toMIMEHeader).join(", ")),
+    foldHeader("To", toAddrs.map(toMIMEHeader).join(", "))
+  ];
+  if (ccAddrs.length > 0) {
+    headers.push(foldHeader("Cc", ccAddrs.map(toMIMEHeader).join(", ")));
+  }
+  if (options.replyTo) {
+    headers.push(foldHeader("Reply-To", parseAddresses(options.replyTo).map(toMIMEHeader).join(", ")));
+  }
+  headers.push(foldHeader("Subject", encodeHeader(options.subject)), foldHeader("Date", date), foldHeader("Message-ID", messageId), "MIME-Version: 1.0");
+  if (options.priority === "high") {
+    headers.push("X-Priority: 1", "Importance: high");
+  } else if (options.priority === "low") {
+    headers.push("X-Priority: 5", "Importance: low");
+  }
+  if (options.headers) {
+    for (const [key, value] of Object.entries(options.headers)) {
+      headers.push(foldHeader(key, value));
+    }
+  }
+  headers.push(`Content-Type: ${root.contentType}`);
+  if (root.contentTransferEncoding) {
+    headers.push(`Content-Transfer-Encoding: ${root.contentTransferEncoding}`);
+  }
+  const rawText = `${headers.join(CRLF2)}${CRLF2}${CRLF2}${root.content}`;
+  let raw = encodeUtf8(rawText);
+  if (dkim) {
+    const { header } = await signDKIM(raw, dkim);
+    const signedText = `${header}${CRLF2}${rawText}`;
+    raw = encodeUtf8(signedText);
+  }
+  return { raw, envelope, messageId, size: raw.length };
+}
+function buildSimpleBody(options) {
+  const hasText = Boolean(options.text);
+  const hasHtml = Boolean(options.html);
+  if (hasText && hasHtml) {
+    const boundary = generateBoundary();
+    return {
+      contentType: `multipart/alternative; boundary="${boundary}"`,
+      content: assembleMultipart(boundary, [
+        formatSimplePart({
+          contentType: "text/plain; charset=utf-8",
+          contentTransferEncoding: "8bit",
+          content: options.text ?? ""
+        }),
+        formatSimplePart({
+          contentType: "text/html; charset=utf-8",
+          contentTransferEncoding: "8bit",
+          content: options.html ?? ""
+        })
+      ])
+    };
+  }
+  if (hasHtml) {
+    return {
+      contentType: "text/html; charset=utf-8",
+      contentTransferEncoding: "8bit",
+      content: options.html ?? ""
+    };
+  }
+  return {
+    contentType: "text/plain; charset=utf-8",
+    contentTransferEncoding: "8bit",
+    content: options.text ?? ""
+  };
+}
+function formatSimplePart(part) {
+  const headers = [`Content-Type: ${part.contentType}`];
+  if (part.contentTransferEncoding) {
+    headers.push(`Content-Transfer-Encoding: ${part.contentTransferEncoding}`);
+  }
+  return `${headers.join(CRLF2)}${CRLF2}${CRLF2}${part.content}`;
+}
+function formatNestedPart(part) {
+  const headers = [`Content-Type: ${part.contentType}`];
+  if (part.contentTransferEncoding) {
+    headers.push(`Content-Transfer-Encoding: ${part.contentTransferEncoding}`);
+  }
+  return `${headers.join(CRLF2)}${CRLF2}${CRLF2}${part.content}`;
+}
+function formatAttachmentPart(attachment) {
+  if (!attachment.content || typeof attachment.content === "string") {
+    throw new Error(`Attachment "${attachment.filename}" requires Uint8Array content`);
+  }
+  const headers = [
+    `Content-Type: ${attachment.contentType ?? "application/octet-stream"}`,
+    "Content-Transfer-Encoding: base64",
+    `Content-Disposition: ${attachment.inline ? "inline" : "attachment"}; filename="${attachment.filename}"`
+  ];
+  if (attachment.contentId) {
+    headers.push(`Content-ID: <${attachment.contentId}>`);
+  }
+  if (attachment.headers) {
+    for (const [key, value] of Object.entries(attachment.headers)) {
+      headers.push(`${key}: ${value}`);
+    }
+  }
+  return `${headers.join(CRLF2)}${CRLF2}${CRLF2}${encodeBase64(attachment.content)}`;
+}
+function assembleMultipart(boundary, parts) {
+  const segments = parts.map((part) => `--${boundary}${CRLF2}${part}`);
+  segments.push(`--${boundary}--`);
+  return segments.join(CRLF2);
+}
+function generateMessageId() {
+  const random = crypto.getRandomValues(new Uint8Array(8));
+  const hex = Array.from(random, (b) => b.toString(16).padStart(2, "0")).join("");
+  return `<${Date.now()}.${hex}@sently>`;
+}
+function generateBoundary() {
+  const random = crypto.getRandomValues(new Uint8Array(12));
+  const hex = Array.from(random, (b) => b.toString(16).padStart(2, "0")).join("");
+  return `----sently_${hex}`;
+}
+function foldHeader(name, value) {
+  const line = `${name}: ${value}`;
+  if (line.length <= 76) {
+    return line;
+  }
+  const chunks = [];
+  let remaining = line;
+  while (remaining.length > 76) {
+    let breakAt = remaining.lastIndexOf(" ", 76);
+    if (breakAt <= name.length + 1) {
+      breakAt = 76;
+    }
+    chunks.push(remaining.slice(0, breakAt));
+    remaining = ` ${remaining.slice(breakAt).trimStart()}`;
+  }
+  chunks.push(remaining);
+  return chunks.join(`${CRLF2} `);
+}
+
+// src/core/cram-md5.ts
+var BLOCK_SIZE = 64;
+function u32(x) {
+  return x >>> 0;
+}
+function md5(data) {
+  const padded = padMessage(data);
+  let a0 = 1732584193;
+  let b0 = 4023233417;
+  let c0 = 2562383102;
+  let d0 = 271733878;
+  for (let i = 0;i < padded.length; i += 64) {
+    const block = padded.subarray(i, i + 64);
+    const m = new Uint32Array(16);
+    for (let j = 0;j < 16; j++) {
+      const o = j * 4;
+      m[j] = u32((block[o] ?? 0) | (block[o + 1] ?? 0) << 8 | (block[o + 2] ?? 0) << 16 | (block[o + 3] ?? 0) << 24);
+    }
+    let a = a0;
+    let b = b0;
+    let c = c0;
+    let d = d0;
+    for (let k = 0;k < 64; k++) {
+      let f;
+      let g;
+      if (k < 16) {
+        f = u32(b & c | ~b & d);
+        g = k;
+      } else if (k < 32) {
+        f = u32(b & d | c & ~d);
+        g = u32((5 * k + 1) % 16);
+      } else if (k < 48) {
+        f = u32(b ^ c ^ d);
+        g = u32((3 * k + 5) % 16);
+      } else {
+        f = u32(c ^ (b | ~d));
+        g = u32(7 * k % 16);
+      }
+      const temp = d;
+      d = c;
+      c = b;
+      b = u32(b + leftRotate(u32(a + f + u32((K[k] ?? 0) + (m[g] ?? 0))), S[k] ?? 0));
+      a = temp;
+    }
+    a0 = u32(a0 + a);
+    b0 = u32(b0 + b);
+    c0 = u32(c0 + c);
+    d0 = u32(d0 + d);
+  }
+  const out = new Uint8Array(16);
+  const view = new DataView(out.buffer);
+  view.setUint32(0, a0, true);
+  view.setUint32(4, b0, true);
+  view.setUint32(8, c0, true);
+  view.setUint32(12, d0, true);
+  return out;
+}
+var S = [
+  7,
+  12,
+  17,
+  22,
+  7,
+  12,
+  17,
+  22,
+  7,
+  12,
+  17,
+  22,
+  7,
+  12,
+  17,
+  22,
+  5,
+  9,
+  14,
+  20,
+  5,
+  9,
+  14,
+  20,
+  5,
+  9,
+  14,
+  20,
+  5,
+  9,
+  14,
+  20,
+  4,
+  11,
+  16,
+  23,
+  4,
+  11,
+  16,
+  23,
+  4,
+  11,
+  16,
+  23,
+  4,
+  11,
+  16,
+  23,
+  6,
+  10,
+  15,
+  21,
+  6,
+  10,
+  15,
+  21,
+  6,
+  10,
+  15,
+  21,
+  6,
+  10,
+  15,
+  21
+];
+var K = new Uint32Array([
+  3614090360,
+  3905402710,
+  606105819,
+  3250441966,
+  4118548399,
+  1200080426,
+  2821735955,
+  4249261313,
+  1770035416,
+  2336552879,
+  4294925233,
+  2304563134,
+  1804603682,
+  4254626195,
+  2792965006,
+  1236535329,
+  4129170786,
+  3225465664,
+  643717713,
+  3921069994,
+  3593408605,
+  38016083,
+  3634488961,
+  3889429448,
+  568446438,
+  3275163606,
+  4107603335,
+  1163531501,
+  2850285829,
+  4243563512,
+  1735328473,
+  2368359562,
+  4294588738,
+  2272392833,
+  1839030562,
+  4259657740,
+  2763975236,
+  1272893353,
+  4139469664,
+  3200236656,
+  681279174,
+  3936430074,
+  3572445317,
+  76029189,
+  3654602809,
+  3873151461,
+  530742520,
+  3299628645,
+  4096336452,
+  1126891415,
+  2878612391,
+  4237533241,
+  1700485571,
+  2399980690,
+  4293915773,
+  2240044497,
+  1873313359,
+  4264355552,
+  2734768916,
+  1309151649,
+  4149444226,
+  3174756917,
+  718787259,
+  3951481745
+]);
+function leftRotate(value, shift) {
+  return u32(value << shift | value >>> 32 - shift);
+}
+function padMessage(data) {
+  const bitLen = data.length * 8;
+  const padLen = (56 - (data.length + 1) % 64 + 64) % 64;
+  const totalLen = data.length + 1 + padLen + 8;
+  const padded = new Uint8Array(totalLen);
+  padded.set(data);
+  padded[data.length] = 128;
+  const view = new DataView(padded.buffer);
+  view.setUint32(totalLen - 8, bitLen >>> 0, true);
+  view.setUint32(totalLen - 4, Math.floor(bitLen / 4294967296), true);
+  return padded;
+}
+function hmacMD5(key, data) {
+  let k = key;
+  if (k.length > BLOCK_SIZE) {
+    k = md5(k);
+  }
+  const paddedKey = new Uint8Array(BLOCK_SIZE);
+  paddedKey.set(k);
+  const ipad = new Uint8Array(BLOCK_SIZE);
+  const opad = new Uint8Array(BLOCK_SIZE);
+  for (let i = 0;i < BLOCK_SIZE; i++) {
+    ipad[i] = (paddedKey[i] ?? 0) ^ 54;
+    opad[i] = (paddedKey[i] ?? 0) ^ 92;
+  }
+  const inner = new Uint8Array(ipad.length + data.length);
+  inner.set(ipad);
+  inner.set(data, ipad.length);
+  const innerHash = md5(inner);
+  const outer = new Uint8Array(opad.length + innerHash.length);
+  outer.set(opad);
+  outer.set(innerHash, opad.length);
+  return md5(outer);
+}
+function bytesToHex(bytes) {
+  return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+}
+async function computeCRAMMD5(challenge, user, pass) {
+  const challengeBytes = decodeBase64(challenge.trim());
+  const passBytes = encodeUtf8(pass);
+  const digest = hmacMD5(passBytes, challengeBytes);
+  const hex = bytesToHex(digest);
+  return encodeBase64(`${user} ${hex}`).replace(/\r\n/g, "");
+}
+
+// src/core/smtp.ts
+class SMTPError extends Error {
+  code;
+  command;
+  response;
+  constructor(message, code, command, response) {
+    super(message);
+    this.code = code;
+    this.command = command;
+    this.response = response;
+    this.name = "SMTPError";
+  }
+}
+function encodeCommand(cmd) {
+  let line;
+  switch (cmd.type) {
+    case "EHLO":
+      line = `EHLO ${cmd.domain}`;
+      break;
+    case "STARTTLS":
+      line = "STARTTLS";
+      break;
+    case "AUTH_LOGIN":
+      line = "AUTH LOGIN";
+      break;
+    case "AUTH_PLAIN":
+      line = `AUTH PLAIN ${encodeBase64(`\x00${cmd.user}\x00${cmd.pass}`).replace(/\r\n/g, "")}`;
+      break;
+    case "AUTH_CRAM_MD5_INIT":
+      line = "AUTH CRAM-MD5";
+      break;
+    case "AUTH_CRAM_MD5_RESPONSE":
+      return encodeUtf8(`${cmd.response}\r
+`);
+    case "AUTH_XOAUTH2":
+      line = `AUTH XOAUTH2 ${cmd.xoauth2String}`;
+      break;
+    case "MAIL_FROM":
+      line = `MAIL FROM:<${cmd.address}>`;
+      break;
+    case "RCPT_TO":
+      line = `RCPT TO:<${cmd.address}>`;
+      break;
+    case "DATA":
+      line = "DATA";
+      break;
+    case "DATA_BODY":
+      return encodeUtf8(applyDotStuffing(cmd.content));
+    case "QUIT":
+      line = "QUIT";
+      break;
+    case "RSET":
+      line = "RSET";
+      break;
+    case "NOOP":
+      line = "NOOP";
+      break;
+  }
+  return encodeUtf8(`${line}\r
+`);
+}
+function parseResponse(data) {
+  const text = new TextDecoder().decode(data).trim();
+  const lines = text.split(/\r?\n/);
+  const lastLine = lines[lines.length - 1] ?? "";
+  const match = lastLine.match(/^(\d{3})([\s-])(.*)$/);
+  if (!match) {
+    throw new SMTPError("Invalid SMTP response", 0, "PARSE", text);
+  }
+  const code = Number.parseInt(match[1] ?? "0", 10);
+  const message = lines.map((l) => l.replace(/^\d{3}[\s-]/, "")).join(" ");
+  return {
+    code,
+    message,
+    isSuccess: code >= 200 && code < 300,
+    isReady: code >= 300 && code < 400,
+    isError: code >= 400
+  };
+}
+function accumulateResponse(chunks) {
+  if (chunks.length === 0) {
+    return null;
+  }
+  const total = chunks.reduce((sum, c) => sum + c.length, 0);
+  const combined = new Uint8Array(total);
+  let offset = 0;
+  for (const chunk of chunks) {
+    combined.set(chunk, offset);
+    offset += chunk.length;
+  }
+  const text = new TextDecoder().decode(combined);
+  const lines = text.split(/\r?\n/).filter((l) => l.length > 0);
+  if (lines.length === 0) {
+    return null;
+  }
+  const lastLine = lines[lines.length - 1] ?? "";
+  if (/^\d{3} /.test(lastLine)) {
+    return combined;
+  }
+  return null;
+}
+function selectAuthMethod(capabilities) {
+  const upper = capabilities.map((c) => c.toUpperCase());
+  if (upper.some((c) => c.includes("AUTH") && c.includes("XOAUTH2"))) {
+    return "OAUTH2";
+  }
+  if (upper.some((c) => c.includes("AUTH") && c.includes("CRAM-MD5"))) {
+    return "CRAM-MD5";
+  }
+  if (upper.some((c) => c.includes("AUTH") && c.includes("LOGIN"))) {
+    return "LOGIN";
+  }
+  if (upper.some((c) => c.includes("AUTH") && c.includes("PLAIN"))) {
+    return "PLAIN";
+  }
+  throw new SMTPError("No supported AUTH method", 0, "EHLO", capabilities.join(" "));
+}
+function parseEHLO(response) {
+  return response.message.split(/\s+/).flatMap((part) => part.split(/\r?\n/)).filter(Boolean);
+}
+function assertResponse(response, expectedCodes, command) {
+  if (!expectedCodes.includes(response.code)) {
+    throw new SMTPError(`Unexpected SMTP response for ${command}`, response.code, command, response.message);
+  }
+}
+function applyDotStuffing(content) {
+  const text = new TextDecoder().decode(content);
+  const lines = text.split(/\r?\n/);
+  const stuffed = lines.map((line) => line.startsWith(".") ? `.${line}` : line);
+  return `${stuffed.join(`\r
+`)}\r
+.\r
+`;
+}
+function encodeAuthLoginPass(pass) {
+  return encodeUtf8(`${encodeBase64(pass).replace(/\r\n/g, "")}\r
+`);
+}
+function encodeAuthLoginUser(user) {
+  return encodeUtf8(`${encodeBase64(user).replace(/\r\n/g, "")}\r
+`);
+}
+function encodeLine(line) {
+  return encodeUtf8(`${line}\r
+`);
+}
+
+// src/transports/smtp.ts
+class SMTPTransport {
+  config;
+  adapter = null;
+  constructor(config) {
+    this.config = resolveSMTPConfig(config);
+  }
+  async send(options) {
+    const resolvedOptions = {
+      ...options,
+      attachments: await resolveAttachments(options.attachments)
+    };
+    const mime = await buildMIME(resolvedOptions, this.config.dkim);
+    const adapter = await this.getAdapter();
+    const host = this.config.direct ? await resolveMX(mime.envelope.from.split("@")[1] ?? this.config.host) : this.config.host;
+    await adapter.connect(host, this.config.port);
+    this.adapter = adapter;
+    try {
+      await openSMTPSession(adapter, this.config);
+      return await deliverSMTPMessage(adapter, mime);
+    } finally {
+      await closeSMTPSession(adapter);
+      this.adapter = null;
+    }
+  }
+  async verify() {
+    const adapter = await this.getAdapter();
+    await adapter.connect(this.config.host, this.config.port);
+    try {
+      await openSMTPSession(adapter, this.config);
+      return true;
+    } finally {
+      await closeSMTPSession(adapter);
+    }
+  }
+  async close() {
+    if (this.adapter) {
+      await this.adapter.close();
+      this.adapter = null;
+    }
+  }
+  async getAdapter() {
+    if (!this.config.adapter) {
+      throw new SMTPError("No socket adapter configured", 0, "CONNECT", "");
+    }
+    return this.config.adapter;
+  }
+}
+function resolveSMTPConfig(config) {
+  const secure = config.secure ?? false;
+  return {
+    host: config.host,
+    port: config.port ?? (secure ? 465 : 587),
+    secure,
+    ...config.auth !== undefined ? { auth: config.auth } : {},
+    ...config.dkim !== undefined ? { dkim: config.dkim } : {},
+    ...config.tls !== undefined ? { tls: config.tls } : {},
+    ...config.connectionTimeout !== undefined ? { connectionTimeout: config.connectionTimeout } : {},
+    ...config.greetingTimeout !== undefined ? { greetingTimeout: config.greetingTimeout } : {},
+    ...config.socketTimeout !== undefined ? { socketTimeout: config.socketTimeout } : {},
+    ...config.direct !== undefined ? { direct: config.direct } : {},
+    ...config.adapter !== undefined ? { adapter: config.adapter } : {}
+  };
+}
+async function openSMTPSession(adapter, config) {
+  const greeting = await readSMTPResponse(adapter);
+  assertResponse(greeting, [220], "greeting");
+  let capabilities = await ehlo(adapter, config.host);
+  if (!config.secure && !adapter.secure) {
+    await sendRaw(adapter, encodeCommand({ type: "STARTTLS" }));
+    const starttlsResp = await readSMTPResponse(adapter);
+    assertResponse(starttlsResp, [220], "STARTTLS");
+    await adapter.startTLS(config.tls);
+    capabilities = await ehlo(adapter, config.host);
+  }
+  if (config.auth) {
+    await authenticate(adapter, config.auth, capabilities);
+  }
+}
+async function deliverSMTPMessage(adapter, mime) {
+  await sendCommand(adapter, { type: "MAIL_FROM", address: mime.envelope.from });
+  const mailResp = await readSMTPResponse(adapter);
+  assertResponse(mailResp, [250], "MAIL FROM");
+  const accepted = [];
+  const rejected = [];
+  for (const recipient of mime.envelope.to) {
+    await sendRaw(adapter, encodeCommand({ type: "RCPT_TO", address: recipient }));
+    const rcptResp = await readSMTPResponse(adapter);
+    if (rcptResp.isSuccess) {
+      accepted.push(recipient);
+    } else {
+      rejected.push(recipient);
+    }
+  }
+  await sendCommand(adapter, { type: "DATA" });
+  const dataResp = await readSMTPResponse(adapter);
+  assertResponse(dataResp, [354], "DATA");
+  let finalResp;
+  try {
+    await sendRaw(adapter, encodeCommand({ type: "DATA_BODY", content: mime.raw }));
+    finalResp = await readSMTPResponse(adapter);
+  } catch (err) {
+    await sendRaw(adapter, encodeCommand({ type: "DATA_BODY", content: mime.raw }));
+    finalResp = await readSMTPResponse(adapter);
+    if (finalResp.isError) {
+      throw err;
+    }
+  }
+  assertResponse(finalResp, [250], "DATA end");
+  return {
+    messageId: mime.messageId,
+    accepted,
+    rejected,
+    response: finalResp.message,
+    envelope: mime.envelope
+  };
+}
+async function closeSMTPSession(adapter) {
+  try {
+    await sendCommand(adapter, { type: "QUIT" });
+    await readSMTPResponse(adapter);
+  } catch {} finally {
+    await adapter.close();
+  }
+}
+async function ehlo(adapter, host) {
+  await sendCommand(adapter, { type: "EHLO", domain: host });
+  const response = await readSMTPResponse(adapter);
+  assertResponse(response, [250], "EHLO");
+  return parseEHLO(response);
+}
+async function authenticate(adapter, auth, capabilities) {
+  if (auth.type === "OAUTH2" && auth.oauth2) {
+    const client = new OAuth2Client(auth.oauth2);
+    const xoauth2 = await client.buildXOAUTH2();
+    await sendCommand(adapter, { type: "AUTH_XOAUTH2", xoauth2String: xoauth2 });
+    let resp2 = await readSMTPResponse(adapter);
+    if (resp2.code === 334) {
+      await sendRaw(adapter, encodeLine(""));
+      resp2 = await readSMTPResponse(adapter);
+    }
+    assertResponse(resp2, [235], "AUTH XOAUTH2");
+    return;
+  }
+  const method = auth.type ?? selectAuthMethod(capabilities);
+  if (method === "CRAM-MD5") {
+    const pass2 = requirePassword(auth, "CRAM-MD5");
+    await sendCommand(adapter, { type: "AUTH_CRAM_MD5_INIT" });
+    let resp2 = await readSMTPResponse(adapter);
+    assertResponse(resp2, [334], "AUTH CRAM-MD5");
+    const challenge = resp2.message.trim();
+    const response = await computeCRAMMD5(challenge, auth.user, pass2);
+    await sendCommand(adapter, { type: "AUTH_CRAM_MD5_RESPONSE", response });
+    resp2 = await readSMTPResponse(adapter);
+    assertResponse(resp2, [235], "AUTH CRAM-MD5 response");
+    return;
+  }
+  if (method === "PLAIN") {
+    const pass2 = requirePassword(auth, "PLAIN");
+    await sendRaw(adapter, encodeCommand({ type: "AUTH_PLAIN", user: auth.user, pass: pass2 }));
+    const resp2 = await readSMTPResponse(adapter);
+    assertResponse(resp2, [235], "AUTH PLAIN");
+    return;
+  }
+  const pass = requirePassword(auth, "LOGIN");
+  await sendRaw(adapter, encodeCommand({ type: "AUTH_LOGIN", user: auth.user, pass }));
+  let resp = await readSMTPResponse(adapter);
+  assertResponse(resp, [334], "AUTH LOGIN");
+  await sendRaw(adapter, encodeAuthLoginUser(auth.user));
+  resp = await readSMTPResponse(adapter);
+  assertResponse(resp, [334], "AUTH LOGIN user");
+  await sendRaw(adapter, encodeAuthLoginPass(pass));
+  resp = await readSMTPResponse(adapter);
+  assertResponse(resp, [235], "AUTH LOGIN pass");
+}
+function requirePassword(auth, method) {
+  if (!auth.pass) {
+    throw new SMTPError(`Password required for ${method} authentication`, 0, `AUTH ${method}`, "");
+  }
+  return auth.pass;
+}
+async function sendCommand(adapter, command) {
+  await sendRaw(adapter, encodeCommand(command));
+}
+async function sendRaw(adapter, data) {
+  await adapter.write(data);
+}
+async function readSMTPResponse(adapter) {
+  const chunks = [];
+  for await (const chunk of adapter.read()) {
+    chunks.push(chunk);
+    const complete = accumulateResponse(chunks);
+    if (complete) {
+      return parseResponse(complete);
+    }
+  }
+  throw new SMTPError("Connection closed while reading SMTP response", 0, "READ", "");
+}
+async function resolveMX(domain) {
+  const dns = await import("node:dns/promises");
+  const records = await dns.resolveMx(domain);
+  if (records.length === 0) {
+    throw new SMTPError(`No MX records for ${domain}`, 0, "MX", "");
+  }
+  records.sort((a, b) => a.priority - b.priority);
+  return records[0]?.exchange ?? domain;
+}
+export { buildMIME, encodeLine, SMTPTransport, resolveSMTPConfig, openSMTPSession, deliverSMTPMessage, closeSMTPSession, readSMTPResponse };
+
+//# debugId=6E41A48857F001F464756E2164756E21