[Twisted-Python] SMTP: Authenticating on Outbound emails only

Anthony Lukach anthonylukach at gmail.com
Thu Feb 9 10:29:21 MST 2017 

I am working on putting together an SMTP server implemented within
Twisted.  This will act as a conduit to my API, where there are two basic
flows:

1) A device that supports sending email can "send" an email through the
SMTP server. This is, in effect, the SMTP server handling the message as an
outbound request.  The device would authenticate with the server and then
provide it the message to be sent (which in reality will be uploaded to my
API).

2) A device can send an email to my SMTP server via their own SMTP server.
My server would receive the incoming message, parse its contents, and then
upload the data to my API. Naturally, these incoming messages would not be
required to authenticate with the server.

I'm having trouble constructing the server in a way that outbound messages
require authentication but incoming messages do not.

My service currently looks more or less like below:

from twisted.cred.portal import Portal

from twisted.mail import smtpfrom twisted.mail.imap4 import
LOGINCredentials, PLAINCredentialsclass SMTPFactory(smtp.SMTPFactory):
   protocol = smtp.ESMTP    def buildProtocol(self, addr):        #
Add authentication to SMTP server        p =
smtp.SMTPFactory.buildProtocol(self, addr)        p.challengers = {
        "LOGIN": LOGINCredentials,            "PLAIN":
PLAINCredentials        }        # Set a timeout for the connection
message to be processed        p.timeout = 200        return p

provider = Provider('localhost', settings)

# Multiple checkers that for backwards compatibilitycascade =
CascadeChecker()cascade.registerChecker(FilePasswordDB(pw_file))

# ... some other checks


portal = Portal(SimpleRealm(options, provider))

portal.registerChecker(cascade) internet.TCPServer(2500, SMTPFactory(portal
))



The problem is that, as currently written, I need to authenticate with the
server upon connection. Naturally, this doesn't make sense for the inbound
emails. It seems that a common pattern is to analyze the "to" address of
the emails and to allow any incoming emails (without authentication) that
have a matching domain, however this seems difficult to configure with
Twisted as I don't have the context of the email at the time the
authentication check is done.

Can anyone direct me to an example of an SMTP server that is both accepting
inbound and outbound emails and authenticates only on outbound emails?

PS, I'm not super familiar with the inner workings of email or the SMTP
protocol, please let me know if I'm heading in the wrong direction

Best,

Anthony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://twistedmatrix.com/pipermail/twisted-python/attachments/20170209/d869b1c6/attachment-0001.html>

More information about the Twisted-Python mailing list