jeremydumais / cpp-smtpclient-library Goto Github PK

In RFC2821, the MAIL FROM should be formatted like so:
MAIL FROM:<[email protected]>
This library tries 3 different formats, the first of which does not match the standard.
Some servers will reject the formatting, and the response code will not be 501, which is the code checked in order to continue to check the other formats.
I would suggest that the first format tried be the de-facto standard correct format, rather than the order it is currently in.
For reference: tested with hMailServer (it returns 550 Invalid syntax. Syntax should be MAIL FROM:<mailbox@domain>[crlf])

I've written a program which runs on an i.MX6 ARM system.
The system is built using Yocto system.
If I try to send an email, I'm getting the following output:

c: Trying to connect to smtp.office365.com on port 587
s: 220 VI1PR04CA0137.outlook.office365.com Microsoft ESMTP MAIL Service ready at Tue, 26 Apr 2022 22:14:55 +0000
c: Connected!
c: ehlo localhost\r\n
s: 250-VI1PR04CA0137.outlook.office365.com Hello [83.215.196.27]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
c: Info: STARTTLS is available by the server, the communication will be encrypted.
c: STARTTLS\r\n
s: 220 2.0.0 SMTP server ready
c: <Start TLS negotiation>
c & s: <Negotiate a TLS session>
c & s: <Check result of negotiation>
s: unable to get local issuer certificate
Unable to verify the result of chain verification|-58

I'm using the OpportunisticSecureSMTPClient client.

Do you have an idea, what's missing on my Linux distribution?
The same program compiled for Ubuntu Linux or MacOS is working properly.
There are certificates missing, but which ones?

Any help is appreciated.

Markus

There is currently and issue where sending a large message (styled html) causes the communication log to overflow.

I've gotten corrupted size vs. prev_size as error output, indicating overflow in a separate thread.
Setting a bigger buffer size fixes the issue.

May I also ask why are pointers used so much and have you thought about refactoring to use more of std::string or std::string_view?

In the current implementation and examples the user of the library has no option to indicate the preferred authentication option. This becomes a problem when using GMail over smtp for instance. Factually, the server returns the following authentication supported methods: PLAIN LOGIN XAOUTH2 OAUTHBEARER but does not actually support plain and login (since 2022).

The recommended authentication mechanism is XOAUTH2 (https://developers.google.com/gmail/imap/xoauth2-protocol).

This bug has been reported by one collaborator (Aurelie).

Whenever you are using a non-SMTP open port like 443 for HTTPS an index out-of-bound crash occurs in the SmtpClientBase class from the methods initializeSession (line #339) and sendRawCommand (line #384).

The solution is to include the possibility that the recv function can return 0 bytes. In that scenario the timeout will apply and a corresponding error code will return.

Solution :
while ((bytes_received = recv(mSock, outbuf, 1024, 0)) <= 0 && waitTime < mCommandTimeOut)

Hi @jeremydumais , i encounter an issue when i send the email with multiple recipients using Gmail service.

Error i encounter:

s: 550-5.7.1 This message is not RFC 5322 compliant. There are multiple To headers.
550-5.7.1 To reduce the amount of spam sent to Gmail, this message has been
550-5.7.1 blocked. For more information, go to
550-5.7.1 https://support.google.com/mail/?p=RfcMessageNonCompliant and review
550 5.7.1 RFC 5322 specifications. g14-20020a62f94e000000b006f2d97c3e87sm2449378pfm.125 - gsmtp

From google help page:
https://support.google.com/a/answer/13567860?hl=en#zippy=%2Cduplicate-header-example-picture

Any recommendation or suggestion on this?

For performance reasons it is often better to keep the smtp connection open if you intend to send many different emails sequentially to avoid the overhead of reconnecting with each send. Use case is emails are only sent at certain times of day and are queue up until that time.

Would be nice if sendmail() didn't close the connection after sending, but just wait until the destructor calls cleanup(). I might give it a try at some point and make a PR.

I ran into this issue pretty quickly with my first test email.
It is possible for a server to require authentication, even if implicit TLS or STARTTLS is not used.
I would suggest that the client check for 250-AUTH from the server and use the credentials set by the user of the library regardless of port, TLS, STARTTLS, etc.

How can I get the cid (Content-ID) for an attachment in order to use an img html tag like ?

https://www.rfc-editor.org/rfc/rfc2392 (Page 4)

I think attachment.cpp should generate a valid id and have a function to get that content id.

And then we just need to output it here: https://github.com/hesa2020/CPP-SMTPClient-library/blob/master/src/smtpclientbase.cpp#L884

Edit: I made a pull-request, I am going to handle the content-id generation on my side.

Example generation:

#include <iostream>
#include <string>
#include <ctime>
#include <sstream>

std::string generate_content_id() {
    std::stringstream ss;
    ss << "<" << std::time(nullptr) << "." << std::rand() << "@example.com>";
    return ss.str();
}

int main() {
    std::cout << generate_content_id() << std::endl;
    return 0;
}

For the secure and opportunistic clients, it would be ideal to be able to configure it to ignore the openssl self-signed certificate failure of SSL_get_verify_result.
The default behavior would of course be to fail at that point, but even if just for testing purposes (with a local test SMTP server), being able to ignore that error would help a lot.

No email is sent to the Cc and Bcc email addresses.

So I compiled the opportunistic test app and linked it to my own build of LibreSSL under macOS. When running the test, I receive the error code -58 and message "unable to get local issuer certificate".

I then replaced LibreSSL with my own build of OpenSSL 1.1.1m and got the same result.

Any idea what that might be about?

There is a linker error because the symbols are not exported.

Looking at the instructions here

https://github.com/jeremydumais/CPP-SMTPClient-library/wiki/Build-the-CPP-SMTPClient-library-on-Windows

When building CPP-SMTPClient-library as a standalone project, the typical workflow starts with:

mkdir build
cd build

There is a simple step ommitted -

cd "installation folder"
mkdir build
cd build

Hi @jeremydumais

I recently move my emails between providers, from google to zoho but now i have a issue, can't send emails, logs shared:

c: Trying to connect to smtppro.zoho.com on port 587
s: 220 mx.zohomail.com SMTP Server ready April 18, 2024 6:38:02 AM PDT
c: Connected!
c: ehlo localhost\r\n
s: 250-mx.zohomail.com Hello localhost ({HIDDEN} ({HIDDEN}))
250-STARTTLS
c: Info: STARTTLS is available by the server, the communication will be encrypted.
c: STARTTLS\r\n
s: 250 SIZE 53477376
An error occurred: No message correspond to this error code (error no: 250)

Using a smtp tool to check if server is able to send emails, got the following log:

<< 220 mx.zohomail.com SMTP Server ready April 18, 2024 6:40:27 AM PDT
>> EHLO [172.31.11.248]
<< 250-mx.zohomail.com Hello [{HIDDEN}] (ec2-54-212-131-181.us-west-2.compute.amazonaws.com (54.212.131.181))
<< 250-STARTTLS
<< 250 SIZE 53477376
>> STARTTLS
<< 220 Ready to start TLS.
>> EHLO [172.31.11.248]
<< 250-mx.zohomail.com Hello [{HIDDEN}] (ec2-54-212-131-181.us-west-2.compute.amazonaws.com (54.212.131.181))
<< 250-AUTH LOGIN PLAIN
<< 250 SIZE 53477376
>> AUTH PLAIN =====PLAIN_HASH======
<< 235 Authentication Successful
>> MAIL FROM:<{HIDDEN}> SIZE=550
<< 250 Sender <{HIDDEN}> OK
>> RCPT TO:<{HIDDEN}>
<< 250 Recipient <{HIDDEN}> OK
>> DATA
<< 354 Ok Send data ending with <CRLF>.<CRLF>
>> From: {HIDDEN}
>> Date: Thu, 18 Apr 2024 13:40:17 퍍
>> Subject: SMTP test from smtppro.zoho.com
>> Message-Id: <{HIDDEN}@{HIDDEN}>
>> To: [email protected]
>> MIME-Version: 1.0
>> Content-Type: multipart/alternative; boundary="={HIDDEN}=="
>>
>> --=-{HIDDEN}==
>> Content-Type: text/plain; charset=utf-8
>>
>> Test message
>> --={HIDDEN}==
>> Content-Type: text/html; charset=utf-8
>> Content-Id: <{HIDDEN}>
>>
>> <b>Test message</b>
>> --={HIDDEN}==--
>> .
<< 250 Message received

Could you check if something went wrong? Because tool used sends STARTTLS after 250 SIZE message.