HackerTrans
TopNewTrendsCommentsPastAskShowJobs

aeaa3

no profile record

Submissions

Show HN: A fake SMTP server for software integration testing

fakemail.stream
127 points·by aeaa3·2 ปีที่แล้ว·49 comments

comments

aeaa3
·11 เดือนที่ผ่านมา·discuss
Does this means that you have the ability to

a) impersonate the identities of your users and b) decrypt the SSL traffic of your users

?
aeaa3
·2 ปีที่แล้ว·discuss
Why would the user be entitled to the commercial SAAS platform's custom modifications?

Because the platform provider didn't pay for the database's commercial license.
aeaa3
·2 ปีที่แล้ว·discuss
> The ability to set up your own clone instance its completely meaningless

Isn't that the whole point?
aeaa3
·2 ปีที่แล้ว·discuss
Yes, currently these are never deleted.

I will probably update it to delete accounts that have been inactive for a year or something.
aeaa3
·2 ปีที่แล้ว·discuss
A little more information:

So, it's called fakemail but there is a real SMTP server in there. Attachments should work fine. Getting the web app to create SMTP accounts was quite tricky, I'm sure there are better ways but I ended up implementing the unix crypt() algorithm in C#.

Server is holding up fine so far (there was a rate-limiting bug which brought the site down yesterday). Logs show 37K unique IPs have accessed it since yesterday, and it seems to be using about 1% of the CPU (it's on a free VM in the Oracle Cloud).

There is a whole API sitting behind the web page, including proper authentication, but the frontend is very much a MVP.

Very few actual emails have been sent to it, so I'd love it if people could actually send stuff. There are a bunch of websites that can be used to send test mails, e.g.

https://www.gmass.co/smtp-test

https://www.smtper.net/

https://smtpserver.com/smtptest

https://dnschecker.org/smtp-test-tool.php
aeaa3
·2 ปีที่แล้ว·discuss
Most people these days are using a service provider for SMTP in production, so it isn't really possible to keep your prod and test configs in sync.

I do agree about using testing everything real tools, which is why this (fakemail) uses OpenSMTPD as the mail server.

All the work is in configuring it (similar complexity to your postfix configuration by the looks of it), interfacing to it, and deploying it (currently using ansible but will probably dockerize it).

The fact that no emails can get through to a real recipient is a feature.
aeaa3
·2 ปีที่แล้ว·discuss
The idea is that, in a a test environment, we should not actually deliver the mails to the recipient, instead making them available on a web page (or through an API).
aeaa3
·2 ปีที่แล้ว·discuss
This is all open source by the way, and can be self-hosted. All the code is at https://github.com/aled/fakemail.
aeaa3
·2 ปีที่แล้ว·discuss
The 429 response is sent when rate-limiting (based on IP address).

Either something is wrong with my rate-limiting code or there are many people behind a single IP address.

Anyway the limits are increased now.