{"id":49404957,"url":"https://github.com/mileusna/srs","last_synced_at":"2026-04-28T20:40:15.800Z","repository":{"id":57500399,"uuid":"135737569","full_name":"mileusna/srs","owner":"mileusna","description":"SRS Sender Rewriting Scheme Go/Golang package","archived":false,"fork":false,"pushed_at":"2023-03-17T21:09:12.000Z","size":13,"stargazers_count":8,"open_issues_count":2,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-01T05:24:57.958Z","etag":null,"topics":["exim","go","golang","postfix","postsrsd","sender-rewriting-scheme","spf","srs"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mileusna.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-01T15:58:35.000Z","updated_at":"2023-11-29T01:52:16.000Z","dependencies_parsed_at":"2024-06-21T04:19:51.180Z","dependency_job_id":"ade4a206-8473-447d-8710-da74f719e168","html_url":"https://github.com/mileusna/srs","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/mileusna/srs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mileusna%2Fsrs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mileusna%2Fsrs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mileusna%2Fsrs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mileusna%2Fsrs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mileusna","download_url":"https://codeload.github.com/mileusna/srs/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mileusna%2Fsrs/sbom","scorecard":{"id":647150,"data":{"date":"2025-08-11","repo":{"name":"github.com/mileusna/srs","commit":"501e7d108e91b985514e3b889f6fd2413125bfe9"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/16 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T12:25:47.548Z","repository_id":57500399,"created_at":"2025-08-21T12:25:47.548Z","updated_at":"2025-08-21T12:25:47.548Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32399002,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-28T19:38:08.556Z","status":"ssl_error","status_checked_at":"2026-04-28T19:37:55.688Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exim","go","golang","postfix","postsrsd","sender-rewriting-scheme","spf","srs"],"created_at":"2026-04-28T20:40:14.685Z","updated_at":"2026-04-28T20:40:15.790Z","avatar_url":"https://github.com/mileusna.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SRS Sender Rewriting Scheme Go/Golang package\n\nSender Rewriting Scheme is a scheme that allows mail transfer agents (MTA) like Postfix or Exim to remail/forward email message without breakig SPF (Sender Permitted Form) check.\n\nSRS will rewrite email address something like this:\n\n```\nmilos@mailspot.com  -\u003e  SRS0=JvSE=IT=mailspot.com=milos@forwarding-domain.com\n```\n\nSRS address contains timestamp and hash signature so only the forwarding domain will be able to reverse the SRS address on bounce and check the integrity.\n\nHere you can find more info on SRS in general and how it works:\n\n- https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme\n- http://www.libsrs2.org/srs/srs.pdf\n\n\n## Installation \u003ca id=\"installation\"\u003e\u003c/a\u003e\n```\ngo get github.com/mileusna/srs\n```\n\n## Example\u003ca id=\"example\"\u003e\u003c/a\u003e\n\n```go\n    func main() {\n        // setting up engine with mandatory params\n        srs := srs.SRS{\n            Secret: []byte(\"YourSecretKeyForHashingUniqueAndPermanentPerServer\"), \n            Domain: \"forwarding-domain.com\",\n        }\n        \n        // forwarding\n        // this code will produce something like this for fwd address\n        // SRS0=JvSE=IT=mailspot.com=milos@forwarding-domain.com        \n        fwd, err := srs.Forward(\"milos@mailspot.com\")\n        if err != nil {\n            log.Error(err)\n            return\n        }\n\n        // reverse check when emails are bounced back to forwarding server\n        rvs, err := srs.Reverse(\"SRS0=JvSE=IT=mailspot.com=milos@forwarding-domain.com\")\n        if err != nil {\n            // email is not SRS, invalid hash, invalid timestamp, timestamp out of date, etc..\n            log.Error(err)\n            return\n        }\n\n        // rvs is normal email address\n        fmt.Println(rvs)\n    }\n```\n\n## Testing\n\nSince SRS contains timestamp component it is difficult to test package against static expected results because SRS result will change over time.\nThat is the reasons why the tests actually connects to most popular SRS daemon for Postfix, [postsrsd](https://github.com/roehling/postsrsd), and checks the results. As long as you use the same domain name and same secret key, results should match, although there are some exceptions.\n\n### Exceptions\n\nThere are some cases which postsrsd will accept, but I find them wrong and they won't be supported by this package.\nI guess that postsrsd rely on mailserver to reject this type of email addresses so it doesn't check bad email formats. \n\nThese are some examples which postsrsd will accept, but this go package will return an error due to bad email formatting:\n\n- milos@ // @ sign but no domain\n- milos@netmark.rs@domain.com    // two @ signs\n- milosmileusnic@domain,net     // comma in domain name\n- milos mileusnic@domain.net    // space in user\n- etc.\n\nThis types of emails are excluded from testing.\n\n### Testing setup\n- Install postsrsd from https://github.com/roehling/postsrsd or use repo\nfor your linux distribution (CentOS https://wiki.mailserver.guru/doku.php/centos:mailserver.guru)\n- Start postsrsd\n- Use the same domain and secret key in `srs_test.go` as postsrsd. Postsrsd key is located in\n`/etc/postsrsd.secret`\n- Add more test emails in `srs_test.go` for testing\n- Run tests\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmileusna%2Fsrs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmileusna%2Fsrs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmileusna%2Fsrs/lists"}