Skip to content

MidalaNet/tawsil

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Makefile
Makefile
 
 
readme.md
readme.md
 
 

Repository files navigation

tawṣīl

tawsil (توصيل) is a minimal SMTP relay written in Rust. It accepts incoming SMTP messages and forwards them to a local sendmail-compatible MTA (such as nullmailer or msmtp). It is designed for simple mail relay on Linux servers.

In a Docker context, tawsil is useful as a lightweight SMTP gateway for containers that need to send email (e.g., web apps, cron jobs, monitoring tools) but do not include a full MTA. By running tawsil as a sidecar or service container, you can centralize outgoing mail handling, deduplicate messages, and forward them to a real MTA or mail relay, keeping your application containers minimal and secure.

RFC Compliance

tawsil implements the core SMTP protocol as described in RFC 5321, handling basic commands like HELO, MAIL FROM, RCPT TO, DATA, and QUIT. It does not implement advanced features (such as authentication, TLS, or extended SMTP commands), so it is compliant with the minimal requirements of RFC 5321 for simple message relay, but not with extensions from RFC 5322, RFC 4954 (AUTH), or RFC 3207 (STARTTLS).

Features

  • Minimal SMTP server: Handles basic SMTP commands (HELO, MAIL FROM, RCPT TO, DATA, etc.).
  • Deduplication: Suppresses duplicate emails within a 10-minute window using SHA-256 hashing.
  • Integration: Forwards mail to a local sendmail-compatible binary.
  • Systemd-ready: Includes a Makefile for installation and systemd service setup.
  • Logging: Logs all SMTP transactions with timestamps.

Security

tawsil is designed to be used in controlled environments, such as internal networks or as a sidecar in Docker setups. It must not be exposed to the public internet.
If you bind tawsil to a public interface (e.g., 0.0.0.0), it will act as an open relay, allowing anyone to send email through your server.
Always bind tawsil to a private interface or use firewall rules to restrict access.
The program does not implement authentication or access controls and is intentionally minimal to reduce attack surface, but this also means it relies on network-level security.

Usage

Prerequisites

  • Rust toolchain (cargo, rustc)
  • A local sendmail-compatible MTA (e.g., nullmailer, msmtp)
  • Linux system with systemd

Build

make

Install

Run as root or with sudo:

sudo make install

This will:

  • Install the binary to /opt/tawsil
  • Copy .env if present
  • Set up a systemd service

Uninstall

sudo make uninstall

Configuration

Create a .env file in the project root or in /opt/tawsil with the following variables:

SMTP_HOST=0.0.0.0
SMTP_PORT=2525
SENDMAIL_PATH=/usr/sbin/sendmail

SMTP_HOST: Address to bind (default: 0.0.0.0) SMTP_PORT: Port to listen on (default: 2525) SENDMAIL_PATH: Path to the sendmail-compatible binary

How it Works

  • Listens for SMTP connections.
  • Accepts and parses SMTP commands.
  • On DATA, collects the message and checks for duplicates.
  • Forwards unique messages to the configured sendmail binary.
  • Logs all actions and responses.

About

Minimal SMTP relay written in Rust

midala.net

Topics

docker rust relay smtp nullmailer

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages