Add SMTP Honeypot
This commit is contained in:
12
honeypot/smtp/mail.go
Normal file
12
honeypot/smtp/mail.go
Normal file
@@ -0,0 +1,12 @@
|
||||
package smtp
|
||||
|
||||
import "time"
|
||||
|
||||
type MailData struct {
|
||||
From string
|
||||
Recipients []string
|
||||
Data string
|
||||
|
||||
RemoteAddr string
|
||||
Timestamp time.Time
|
||||
}
|
||||
30
honeypot/smtp/metrics.go
Normal file
30
honeypot/smtp/metrics.go
Normal file
@@ -0,0 +1,30 @@
|
||||
package smtp
|
||||
|
||||
import "github.com/prometheus/client_golang/prometheus"
|
||||
|
||||
type MetricsStore struct {
|
||||
backend SMTPStore
|
||||
mailTotal *prometheus.CounterVec
|
||||
}
|
||||
|
||||
func NewMetricsStore(backend SMTPStore) *MetricsStore {
|
||||
store := &MetricsStore{backend: backend}
|
||||
|
||||
store.mailTotal = prometheus.NewCounterVec(
|
||||
prometheus.CounterOpts{
|
||||
Name: "apiary_smtp_received_total",
|
||||
Help: "Total count of received emails.",
|
||||
ConstLabels: prometheus.Labels{"service": "honeypot_smtp"},
|
||||
},
|
||||
[]string{"from"},
|
||||
)
|
||||
prometheus.MustRegister(store.mailTotal)
|
||||
|
||||
return store
|
||||
}
|
||||
|
||||
func (s *MetricsStore) AddMailData(data *MailData) error {
|
||||
s.mailTotal.WithLabelValues(data.From).Inc()
|
||||
|
||||
return s.backend.AddMailData(data)
|
||||
}
|
||||
112
honeypot/smtp/server.go
Normal file
112
honeypot/smtp/server.go
Normal file
@@ -0,0 +1,112 @@
|
||||
package smtp
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"io"
|
||||
"time"
|
||||
|
||||
smtplib "github.com/emersion/go-smtp"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type backend struct {
|
||||
honeypot *SMTPHoneypot
|
||||
}
|
||||
|
||||
func (b *backend) Login(state *smtplib.ConnectionState, username, password string) (smtplib.Session, error) {
|
||||
sess := &session{
|
||||
honeypot: b.honeypot,
|
||||
loginUsername: username,
|
||||
loginPassword: password,
|
||||
remoteAddr: state.RemoteAddr.String(),
|
||||
}
|
||||
return sess, nil
|
||||
}
|
||||
func (b *backend) AnonymousLogin(state *smtplib.ConnectionState) (smtplib.Session, error) {
|
||||
sess := &session{
|
||||
loginAnonymous: true,
|
||||
remoteAddr: state.RemoteAddr.String(),
|
||||
}
|
||||
return sess, nil
|
||||
}
|
||||
|
||||
type session struct {
|
||||
honeypot *SMTPHoneypot
|
||||
|
||||
loginUsername string
|
||||
loginPassword string
|
||||
loginAnonymous bool
|
||||
remoteAddr string
|
||||
|
||||
mail MailData
|
||||
}
|
||||
|
||||
func (sess *session) Reset() {
|
||||
}
|
||||
func (sess *session) Logout() error {
|
||||
return nil
|
||||
}
|
||||
func (sess *session) Mail(from string, opts smtplib.MailOptions) error {
|
||||
sess.mail.From = from
|
||||
return nil
|
||||
}
|
||||
func (sess *session) Rcpt(to string) error {
|
||||
sess.mail.Recipients = append(sess.mail.Recipients, to)
|
||||
return nil
|
||||
}
|
||||
func (sess *session) Data(r io.Reader) error {
|
||||
lr := io.LimitReader(r, 1024*1024)
|
||||
var buf bytes.Buffer
|
||||
n, err := io.Copy(&buf, lr)
|
||||
if err != nil {
|
||||
sess.honeypot.Logger.Debugw("Error reading email data from client.", "error", err, "remote_addr", sess.remoteAddr)
|
||||
}
|
||||
|
||||
if n == 1024*1024 {
|
||||
// There is probably more data, read the rest from the client
|
||||
// We don't really care what happens to this, or if it errors
|
||||
_, _ = io.Copy(io.Discard, r)
|
||||
}
|
||||
|
||||
sess.mail.Data = buf.String()
|
||||
|
||||
if err := sess.honeypot.Store.AddMailData(&sess.mail); err != nil {
|
||||
sess.honeypot.Logger.Warnw("Error storing maildata.", "error", err, "remote_addr", sess.remoteAddr)
|
||||
return smtplib.ErrDataTooLarge
|
||||
}
|
||||
sess.honeypot.Logger.Infow("Mail received", "from", sess.mail.From, "remote_addr", sess.remoteAddr, "size", len(sess.mail.Data))
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
type SMTPHoneypot struct {
|
||||
Addr string
|
||||
Logger *zap.SugaredLogger
|
||||
Store SMTPStore
|
||||
server *smtplib.Server
|
||||
}
|
||||
|
||||
func NewSMTPHoneypot() (*SMTPHoneypot, error) {
|
||||
honeypot := &SMTPHoneypot{
|
||||
Logger: zap.NewNop().Sugar(),
|
||||
}
|
||||
|
||||
return honeypot, nil
|
||||
}
|
||||
|
||||
func (sh *SMTPHoneypot) ListenAndServe() error {
|
||||
server := smtplib.NewServer(&backend{
|
||||
honeypot: sh,
|
||||
})
|
||||
server.Addr = sh.Addr
|
||||
server.Domain = "apiary.t-juice.club"
|
||||
server.AllowInsecureAuth = true
|
||||
server.ReadTimeout = 10 * time.Second
|
||||
server.WriteTimeout = 10 * time.Second
|
||||
sh.server = server
|
||||
return server.ListenAndServe()
|
||||
}
|
||||
|
||||
func (sh *SMTPHoneypot) Shutdown() error {
|
||||
return sh.server.Close()
|
||||
}
|
||||
12
honeypot/smtp/store.go
Normal file
12
honeypot/smtp/store.go
Normal file
@@ -0,0 +1,12 @@
|
||||
package smtp
|
||||
|
||||
type SMTPStore interface {
|
||||
AddMailData(mail *MailData) error
|
||||
}
|
||||
|
||||
type DiscardStore struct {
|
||||
}
|
||||
|
||||
func (s *DiscardStore) AddMailData(mail *MailData) error {
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user