Refactor sendEmail function and add support for multiple SMTP auth methods (LOGIN, PLAIN, CRAM-MD5) and TLS verification option, fix syntax error in sendSMTPMessage function

2026-04-17 14:03:15 +02:00 · 2026-01-22 19:34:05 +01:00
parent 4e61fdf9f4
commit 90d4ff4e9a
11 changed files with 275 additions and 81 deletions
--- a/internal/config/settings.go
+++ b/internal/config/settings.go
@@ -40,12 +40,14 @@ import (

 // SMTPSettings holds the SMTP server configuration for sending alert emails
 type SMTPSettings struct {
-	Host     string `json:"host"`
-	Port     int    `json:"port"`
-	Username string `json:"username"`
-	Password string `json:"password"`
-	From     string `json:"from"`
-	UseTLS   bool   `json:"useTLS"`
+	Host               string `json:"host"`
+	Port               int    `json:"port"`
+	Username           string `json:"username"`
+	Password           string `json:"password"`
+	From               string `json:"from"`
+	UseTLS             bool   `json:"useTLS"`
+	InsecureSkipVerify bool   `json:"insecureSkipVerify"`
+	AuthMethod         string `json:"authMethod"`
 }

 // AppSettings holds the main UI settings and Fail2ban configuration
@@ -413,12 +415,14 @@ func applyAppSettingsRecordLocked(rec storage.AppSettingsRecord) {
 	currentSettings.Banaction = rec.Banaction
 	currentSettings.BanactionAllports = rec.BanactionAllports
 	currentSettings.SMTP = SMTPSettings{
-		Host:     rec.SMTPHost,
-		Port:     rec.SMTPPort,
-		Username: rec.SMTPUsername,
-		Password: rec.SMTPPassword,
-		From:     rec.SMTPFrom,
-		UseTLS:   rec.SMTPUseTLS,
+		Host:               rec.SMTPHost,
+		Port:               rec.SMTPPort,
+		Username:           rec.SMTPUsername,
+		Password:           rec.SMTPPassword,
+		From:               rec.SMTPFrom,
+		UseTLS:             rec.SMTPUseTLS,
+		InsecureSkipVerify: rec.SMTPInsecureSkipVerify,
+		AuthMethod:         rec.SMTPAuthMethod,
 	}

 	if rec.AlertCountriesJSON != "" {
@@ -504,12 +508,14 @@ func toAppSettingsRecordLocked() (storage.AppSettingsRecord, error) {
 		EmailAlertsForBans:   currentSettings.EmailAlertsForBans,
 		EmailAlertsForUnbans: currentSettings.EmailAlertsForUnbans,
 		// SMTP settings
-		SMTPHost:     currentSettings.SMTP.Host,
-		SMTPPort:     currentSettings.SMTP.Port,
-		SMTPUsername: currentSettings.SMTP.Username,
-		SMTPPassword: currentSettings.SMTP.Password,
-		SMTPFrom:     currentSettings.SMTP.From,
-		SMTPUseTLS:   currentSettings.SMTP.UseTLS,
+		SMTPHost:               currentSettings.SMTP.Host,
+		SMTPPort:               currentSettings.SMTP.Port,
+		SMTPUsername:           currentSettings.SMTP.Username,
+		SMTPPassword:           currentSettings.SMTP.Password,
+		SMTPFrom:               currentSettings.SMTP.From,
+		SMTPUseTLS:             currentSettings.SMTP.UseTLS,
+		SMTPInsecureSkipVerify: currentSettings.SMTP.InsecureSkipVerify,
+		SMTPAuthMethod:         currentSettings.SMTP.AuthMethod,
 		// Fail2Ban DEFAULT settings
 		BantimeIncrement:  currentSettings.BantimeIncrement,
 		DefaultJailEnable: currentSettings.DefaultJailEnable,
@@ -654,6 +660,9 @@ func setDefaultsLocked() {
 	if !currentSettings.SMTP.UseTLS {
 		currentSettings.SMTP.UseTLS = true
 	}
+	if currentSettings.SMTP.AuthMethod == "" {
+		currentSettings.SMTP.AuthMethod = "auto"
+	}
 	if len(currentSettings.IgnoreIPs) == 0 {
 		currentSettings.IgnoreIPs = []string{"127.0.0.1/8", "::1"}
 	}