1 package org.cacert.gigi.email;
3 import java.io.BufferedReader;
4 import java.io.IOException;
5 import java.io.InputStreamReader;
6 import java.io.OutputStreamWriter;
7 import java.io.PrintWriter;
8 import java.net.Socket;
9 import java.security.GeneralSecurityException;
10 import java.security.Key;
11 import java.security.PrivateKey;
12 import java.security.cert.Certificate;
13 import java.security.cert.X509Certificate;
14 import java.util.Arrays;
15 import java.util.Comparator;
16 import java.util.Properties;
17 import java.util.regex.Pattern;
19 import javax.naming.NamingException;
20 import javax.net.ssl.SSLSocketFactory;
22 import org.cacert.gigi.crypto.SMIME;
23 import org.cacert.gigi.database.GigiPreparedStatement;
24 import org.cacert.gigi.util.DNSUtil;
25 import org.cacert.gigi.util.DomainAssessment;
27 public abstract class EmailProvider {
29 public abstract void sendMail(String to, String subject, String message, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException;
31 private static EmailProvider instance;
33 private X509Certificate c;
37 protected void init(Certificate c, Key k) {
38 this.c = (X509Certificate) c;
39 this.k = (PrivateKey) k;
42 protected final void sendSigned(String contents, PrintWriter output) throws IOException, GeneralSecurityException {
43 if (k == null || c == null) {
44 output.println("Content-Transfer-Encoding: base64");
46 output.print(contents);
48 SMIME.smime(contents, k, c, output);
52 public static EmailProvider getInstance() {
56 protected static void setInstance(EmailProvider instance) {
57 EmailProvider.instance = instance;
60 public static void initSystem(Properties conf, Certificate cert, Key pk) {
62 Class<?> c = Class.forName(conf.getProperty("emailProvider"));
63 EmailProvider ep = (EmailProvider) c.getDeclaredConstructor(Properties.class).newInstance(conf);
66 } catch (ReflectiveOperationException e) {
71 public static final String OK = "OK";
73 public static final String FAIL = "FAIL";
75 private static final String MAIL_P_RFC_WORD = "[A-Za-z0-9\\+\\.!#$%&'*/=?^_`|~{}-]+";
77 private static final String MAIL_P_RFC_LOCAL = MAIL_P_RFC_WORD + "(?:\\." + MAIL_P_RFC_WORD + ")*";
79 private static final String MAIL_P_RFC_LABEL = "(?!(?!xn)..--|-)(?:[A-Za-z0-9-]+)(?<!-)";
81 private static final String MAIL_P_RFC_ADDRESS = MAIL_P_RFC_LOCAL + "@(?:" + MAIL_P_RFC_LABEL + "\\.)+" + MAIL_P_RFC_LABEL + "\\.?";
83 private static final Pattern MAIL_LOCAL = Pattern.compile("^" + MAIL_P_RFC_LOCAL + "$");
85 private static final Pattern MAIL_ADDRESS = Pattern.compile("^" + MAIL_P_RFC_ADDRESS + "$");
87 public String checkEmailServer(int forUid, String address) throws IOException {
88 if (isValidMailAddress(address)) {
89 String[] parts = address.split("@", 2);
90 String domain = parts[1];
94 mxhosts = DNSUtil.getMXEntries(domain);
95 } catch (NamingException e1) {
96 return "MX lookup for your hostname failed.";
100 for (String host : mxhosts) {
101 host = host.split(" ", 2)[1];
102 if (host.endsWith(".")) {
103 host = host.substring(0, host.length() - 1);
105 return "Strange MX records.";
107 try (Socket s = new Socket(host, 25);
108 BufferedReader br0 = new BufferedReader(new InputStreamReader(s.getInputStream(), "UTF-8"));//
109 PrintWriter pw0 = new PrintWriter(new OutputStreamWriter(s.getOutputStream(), "UTF-8"))) {
110 BufferedReader br = br0;
111 PrintWriter pw = pw0;
113 if ( !SendMail.readSMTPResponse(br, 220)) {
117 pw.print("EHLO www.cacert.org\r\n");
119 boolean starttls = false;
121 line = br.readLine();
125 starttls |= line.substring(4).equals("STARTTLS");
126 } while (line.startsWith("250-"));
127 if (line == null || !line.startsWith("250 ")) {
132 pw.print("STARTTLS\r\n");
134 if ( !SendMail.readSMTPResponse(br, 220)) {
137 Socket s1 = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(s, host, 25, true);
138 br = new BufferedReader(new InputStreamReader(s1.getInputStream(), "UTF-8"));
139 pw = new PrintWriter(new OutputStreamWriter(s1.getOutputStream(), "UTF-8"));
140 pw.print("EHLO www.cacert.org\r\n");
142 if ( !SendMail.readSMTPResponse(br, 250)) {
147 pw.print("MAIL FROM: <returns@cacert.org>\r\n");
150 if ( !SendMail.readSMTPResponse(br, 250)) {
153 pw.print("RCPT TO: <" + address + ">\r\n");
156 if ( !SendMail.readSMTPResponse(br, 250)) {
159 pw.print("QUIT\r\n");
161 if ( !SendMail.readSMTPResponse(br, 221)) {
165 try (GigiPreparedStatement statmt = new GigiPreparedStatement("INSERT INTO `emailPinglog` SET `when`=NOW(), `email`=?, `result`=?, `uid`=?, `type`='fast', `status`=?::`pingState`")) {
166 statmt.setString(1, address);
167 statmt.setString(2, line);
168 statmt.setInt(3, forUid);
169 statmt.setString(4, "success");
173 if (line == null || !line.startsWith("250")) {
182 try (GigiPreparedStatement statmt = new GigiPreparedStatement("INSERT INTO `emailPinglog` SET `when`=NOW(), `email`=?, `result`=?, `uid`=?, `type`='fast', `status`=?::`pingState`")) {
183 statmt.setString(1, address);
184 statmt.setString(2, "Failed to make a connection to the mail server");
185 statmt.setInt(3, forUid);
186 statmt.setString(4, "failed");
192 private static void sortMX(String[] mxhosts) {
193 Arrays.sort(mxhosts, new Comparator<String>() {
196 public int compare(String o1, String o2) {
197 int i1 = Integer.parseInt(o1.split(" ")[0]);
198 int i2 = Integer.parseInt(o2.split(" ")[0]);
199 return Integer.compare(i1, i2);
204 public static boolean isValidMailAddress(String address) {
205 if ( !MAIL_ADDRESS.matcher(address).matches()) {
209 String[] parts = address.split("@", 2);
211 String local = parts[0];
212 String domain = parts[1];
214 if ( !MAIL_LOCAL.matcher(local).matches()) {
218 for (String domainPart : domain.split("\\.", -1)) {
219 if ( !DomainAssessment.isValidDomainPart(domainPart)) {