diff --git a/smtp2slack4qnap.py b/smtp2slack4qnap.py index c5217b9..8c8c3d6 100644 --- a/smtp2slack4qnap.py +++ b/smtp2slack4qnap.py @@ -7,7 +7,6 @@ # generate self-signed cert (better than nothing): # openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 3650 -nodes -subj '/CN=localhost' -import os import ssl import asyncio from aiosmtpd.controller import Controller @@ -18,6 +17,45 @@ from base64 import b64encode, b64decode import requests import email import json +import html2text +import re +import os + +### CONFIG DATA + +# for SMTP AUTH LOGIN (SECRET = sha256(password) avoiding storing plaintext) +USER = 'qnap-messenger' +SECRET = '60E9CFC9BEEBE71B0954A29FDABC67EB8AB9622140846A3970220D3E905BD28E' + +# SMTP listener (set to localhost if running on QNAP device) +LHOST, LPORT = '0.0.0.0', 1025 + +# target slack authenticated webhook url (keep confidential!) +WEBHOOK_URL = 'http://slack2chat.ipa.champion/AAAAcMVs3C4?key=AIzaSyDdI0hCZtE6vySjMm-WEfRq3CPzqKqqsHI&token=IAoPWEptPtdR1TOS6XtUhqOWZgPwAhabl_sqSvwjtjk%3D' + +### END OF CONFIG DATA + +# implemented LOGIN authentication (non-RFC compliant, works with QNAP-NAS) +# overkill for running locally, but mandatory for remote +class MyServer(Server): + authenticated = False + @syntax('AUTH LOGIN') + async def smtp_AUTH(self, arg): + if arg != 'LOGIN': + await self.push('501 Syntax: AUTH LOGIN') + return + await self.push('334 VXNlcm5hbWU=') # b64('Username') + username = await self._reader.readline() + username = b64decode(username.rstrip(b'\r\n')) + await self.push('334 UGFzc3dvcmQ=') # b64('Password') + password = await self._reader.readline() + password = b64decode(password.rstrip(b'\r\n')) + if username.decode() == USER and sha256(password).hexdigest() == SECRET: + self.authenticated = True + print("[+] Authenticated") + await self.push('235 2.7.0 Authentication successful') + else: + await self.push('535 Invalid credentials') # requires STARTTLS # again, overkill for running locally, but mandatory for remote