{"id":15451800,"url":"https://github.com/willscott/gosendmail","last_synced_at":"2025-05-06T21:49:20.812Z","repository":{"id":39716924,"uuid":"189762531","full_name":"willscott/gosendmail","owner":"willscott","description":"Outbound mail sender with dkim StartTLS","archived":false,"fork":false,"pushed_at":"2024-01-18T12:58:57.000Z","size":208,"stargazers_count":16,"open_issues_count":4,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-31T03:22:34.535Z","etag":null,"topics":["dkim","golang","hacktoberfest","smtp","smtp-server"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willscott.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-06-01T17:54:14.000Z","updated_at":"2025-03-30T02:29:19.000Z","dependencies_parsed_at":"2024-06-21T14:18:55.374Z","dependency_job_id":"0fc62f64-d593-4745-9372-56e04438585f","html_url":"https://github.com/willscott/gosendmail","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willscott%2Fgosendmail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willscott%2Fgosendmail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willscott%2Fgosendmail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willscott%2Fgosendmail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willscott","download_url":"https://codeload.github.com/willscott/gosendmail/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252776498,"owners_count":21802463,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dkim","golang","hacktoberfest","smtp","smtp-server"],"created_at":"2024-10-01T21:39:34.721Z","updated_at":"2025-05-06T21:49:20.766Z","avatar_url":"https://github.com/willscott.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"GoSendmail\n===\n\nA subset of sendmail functionality for modern self hosting.\n\nMotivation\n---\n\nTraditional models of email security are designed around a\ntrusted mail server, and semi-trusted user agents. The mail server should\ncontinue to perform reasonably even if an end-user machine is compromised.\nFor single-user domains, realistic threat models are more likely to\ninvolve compromise of the publicly connected server, motivating a design\nminimizing trust in the front server.\n\nGoSendmail is an originating mail transfer agent for this threat model.\n\nIt is designed as a counterpoint to\n[maildiranasaurus](https://github.com/flashmob/maildiranasaurus), which\nreceives email on a semi-trusted server.\n\nFeatures\n---\n\n* Sends from an authoritative / stable IP, supporting StartTLS, and with\nclient certificates proving the authoritative sender.\n* Mail DKIM signed with a key that isn't on the authoritative server.\n\nDesign\n---\ngosendmail provides two binaries which together provide:\n\n* Santitizing / writing a message ID to identify a new message.\n* DKIM signing / authorization of email.\n* Finding the destination mail server(s) for the message.\n* Speaking the SMTP protocol over secured TLS for delivery.\n\n`signmail` parses stdin for mail sent via a `mutt`-like program.\nIt runs santization and dkim signing, and then passes the signed message\nto another process, based on the sending domain. The sub-process\ninteraction is designed to be interoperable with the semantics of\n`sendmail`. (e.g. the final email body is passed to stdin.)\n\n`sendmail` runs on a semi-trusted server, takes an already signed message,\nand performs the actual sending to remote MTSs.\n\nUsage\n---\n\n* `go build ./cmd/sendmail ./cmd/signmail`\n* copy `sendmail` to your cloud server (or build it there).\n* Modify `config.json` for relevant keys and domain(s).\n* Configure Mutt or your MTA to send using the `signmail` binary.\n* Use the environmental variables `GOSENDMAIL_TLS` and `GOSENDMAIL_SELFSIGNED`\n  when insecure mail delivery is desirable. These variable will be read by\n  the sendmail binary, a can be propagated through SSH.\n\nConfiguration Options\n---\n\nEnvironmental Variables\n\n* `GOSENDMAIL_TLS` - set to a false-y (\"false\", \"0\") value to skip StartTLS\n* `GOSENDMAIL_SELFSIGNED` - set to a true value (\"true\", \"1\") to allow\n   TLS handshakes with servers that present invalid certificates.\n* `GOSENDMAIL_RECIPIENTS` - overrides the addresses the message will be sent\n   to. This helps support partial resumption of remaining recipients and BCC.\n   If not specified, recipients will be loaded from the To, CC, and BCC fields.\n\nConfiguration Options (signmail)\n\n* `DkimKeyCmd` The subprocess to execute to retrieve the bytes of the dkim signing key.\n* `DkimSelector` The DKIM selector, a part of the DKIM dns record. (default: 'default')\n* `SendCommand` The subprocess to use to send signed messages via the semi-trusted server.\n\nConfiguration Options (sendmail)\n\n* `DialerProxy` A URL (e.g. `socks5://...`) that connections to remote MTAs will be\n   dialed through.\n* `TLSCert` The certificate file for the sender (client) to use for self authentication.\n* `TLSKey` The corresponding private key file for the sending client to use.\n\nDKIM setup\n---\n\n```\nopenssl genpkey -algorithm ed25519 -out domain.dkim.pem\nopenssl pkey -in domain.dkim.pem -pubout -out domain.dkim.pub\nP=openssl asn1parse -in domain.dkim.pub -offset 12 -noout -out /dev/stdout | openssl base64\n```\nthen the record is `v=DKIM1; k=ed25519; p=$P`","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillscott%2Fgosendmail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillscott%2Fgosendmail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillscott%2Fgosendmail/lists"}