implement "allowedRecipentAddresses" configuration in app.yml

gessnerfl / fake-smtp-server

A simple SMTP Server for Testing purposes. Emails are stored in an in-memory database and rendered in a Web UI

Apache License 2.0

430 stars 90 forks source link

implement "allowedRecipentAddresses" configuration in app.yml #154

Closed NileshKSingh closed 1 year ago

NileshKSingh commented 1 year ago

There is "blockedRecipientAddresses" in the yml configuration:

blockedRecipientAddresses:
    - blocked@example.com
    - foo@eample.com

Do we have similar config, where we can only allowed only specific email address ?

The above is a requirement for me, because in public cloud when i was running this SMTP service, I was getting some spam mails - hacker were using some port scanner to find vulnerabilities.

gessnerfl commented 1 year ago

@NileshKSingh the application is intended for development/testing purposes. The feature would be possible. However considering your use case I would strongly recommend you to consider other security measures such as not exposing the application to public or at least to implement IP allow lists.

NileshKSingh commented 1 year ago

Thanks gessnerfl for your suggestion. I can quickly check 'IP allow lists' settings with my hosting-provider