BadSMTP – the reliably unreliable mail server
K.4.201 | Day 1 | 18:10 - 18:40 | Speakers: Marcus Bointon
Abstract
I'm the maintainer of a very popular email client library, PHPMailer, and have found that it's difficult to test reliably because mocks get overcomplicated and unrepresentative, and it's difficult to configure mail servers to produce specific errors, for example to test what happens in your client if the server rejects a message with an unknown user, greylisting, spam filter, or authentication failure response. To this end I have created BadSMTP, a mail server written in Go that produces specific errors on demand, easily driven by client configuration alone. It's a single, standalone binary, designed to run in CI systems, or as part of a larger system along the lines of mailhog. Essentially I want to do for SMTP what badssl.com does for TLS. This talk is a simple overview of the project, why it was needed, and how to use it.
Speakers
When not writing & pentesting for Radically Open Security, working on smartmessages.net, or supporting 1CRM, I'm the maintainer of PHPMailer, the second-most forked PHP project on GitHub, and probably the world's most popular email sending code. I'm a contributor to many other open-source projects, and author of "The HTTP/3 book". I'm an accomplished PHP coder, Linux sysadmin, technical writer, and MySQL DBA. I'm a strong advocate of digital rights and privacy – I love GDPR! I've been speaking at technical conferences around the world since 2006. I write songs about web development. I live in the French alps with my wife, kids, cat, guitars, bikes, and far too many skis.
Links
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.