5 # Please report bugs to https://github.com/acmesh-official/acme.sh/issues/3358
7 # This implementation uses either curl or Python (3 or 2.7).
8 # (See also the "mail" notify hook, which supports other ways to send mail.)
10 # SMTP_FROM="from@example.com" # required
11 # SMTP_TO="to@example.com" # required
12 # SMTP_HOST="smtp.example.com" # required
13 # SMTP_PORT="25" # defaults to 25, 465 or 587 depending on SMTP_SECURE
14 # SMTP_SECURE="none" # one of "none", "ssl" (implicit TLS, TLS Wrapper), "tls" (explicit TLS, STARTTLS)
15 # SMTP_USERNAME="" # set if SMTP server requires login
16 # SMTP_PASSWORD="" # set if SMTP server requires login
17 # SMTP_TIMEOUT="30" # seconds for SMTP operations to timeout
18 # SMTP_BIN="/path/to/curl_or_python" # default finds first of curl, python3, or python on PATH
20 # subject content statuscode
24 # UNUSED: _statusCode="$3" # 0: success, 1: error 2($RENEW_SKIP): skipped
27 SMTP_FROM
="${SMTP_FROM:-$(_readaccountconf_mutable SMTP_FROM)}"
28 SMTP_TO
="${SMTP_TO:-$(_readaccountconf_mutable SMTP_TO)}"
29 SMTP_HOST
="${SMTP_HOST:-$(_readaccountconf_mutable SMTP_HOST)}"
30 SMTP_PORT
="${SMTP_PORT:-$(_readaccountconf_mutable SMTP_PORT)}"
31 SMTP_SECURE
="${SMTP_SECURE:-$(_readaccountconf_mutable SMTP_SECURE)}"
32 SMTP_USERNAME
="${SMTP_USERNAME:-$(_readaccountconf_mutable SMTP_USERNAME)}"
33 SMTP_PASSWORD
="${SMTP_PASSWORD:-$(_readaccountconf_mutable SMTP_PASSWORD)}"
34 SMTP_TIMEOUT
="${SMTP_TIMEOUT:-$(_readaccountconf_mutable SMTP_TIMEOUT)}"
35 SMTP_BIN
="${SMTP_BIN:-$(_readaccountconf_mutable SMTP_BIN)}"
37 _debug
"SMTP_FROM" "$SMTP_FROM"
38 _debug
"SMTP_TO" "$SMTP_TO"
39 _debug
"SMTP_HOST" "$SMTP_HOST"
40 _debug
"SMTP_PORT" "$SMTP_PORT"
41 _debug
"SMTP_SECURE" "$SMTP_SECURE"
42 _debug
"SMTP_USERNAME" "$SMTP_USERNAME"
43 _secure_debug
"SMTP_PASSWORD" "$SMTP_PASSWORD"
44 _debug
"SMTP_TIMEOUT" "$SMTP_TIMEOUT"
45 _debug
"SMTP_BIN" "$SMTP_BIN"
47 _debug
"_SMTP_SUBJECT" "$_SMTP_SUBJECT"
48 _debug
"_SMTP_CONTENT" "$_SMTP_CONTENT"
50 # Validate config and apply defaults:
51 # _SMTP_* variables are the resolved (with defaults) versions of SMTP_*.
52 # (The _SMTP_* versions will not be stored in account conf.)
54 if [ -n "$SMTP_BIN" ] && ! _exists
"$SMTP_BIN"; then
55 _err
"SMTP_BIN '$SMTP_BIN' does not exist."
59 if [ -z "$_SMTP_BIN" ]; then
60 # Look for a command that can communicate with an SMTP server.
61 # (Please don't add sendmail, ssmtp, mutt, mail, or msmtp here.
62 # Those are already handled by the "mail" notify hook.)
63 for cmd
in curl python3 python2.7 python pypy3 pypy
; do
64 if _exists
"$cmd"; then
69 if [ -z "$_SMTP_BIN" ]; then
70 _err
"The smtp notify-hook requires curl or Python, but can't find any."
71 _err
'If you have one of them, define SMTP_BIN="/path/to/curl_or_python".'
72 _err
'Otherwise, see if you can use the "mail" notify-hook instead.'
75 _debug
"_SMTP_BIN" "$_SMTP_BIN"
78 if [ -z "$SMTP_FROM" ]; then
79 _err
"You must define SMTP_FROM as the sender email address."
82 _SMTP_FROM
="$SMTP_FROM"
84 if [ -z "$SMTP_TO" ]; then
85 _err
"You must define SMTP_TO as the recipient email address."
90 if [ -z "$SMTP_HOST" ]; then
91 _err
"You must define SMTP_HOST as the SMTP server hostname."
94 _SMTP_HOST
="$SMTP_HOST"
96 _SMTP_SECURE
="${SMTP_SECURE:-none}"
97 case "$_SMTP_SECURE" in
98 "none") smtp_default_port
="25" ;;
99 "ssl") smtp_default_port
="465" ;;
100 "tls") smtp_default_port
="587" ;;
102 _err
"Invalid SMTP_SECURE='$SMTP_SECURE'. It must be 'ssl', 'tls' or 'none'."
107 _SMTP_PORT
="${SMTP_PORT:-$smtp_default_port}"
108 if [ -z "$SMTP_PORT" ]; then
109 _debug
"_SMTP_PORT" "$_SMTP_PORT"
112 _SMTP_USERNAME
="$SMTP_USERNAME"
113 _SMTP_PASSWORD
="$SMTP_PASSWORD"
114 _SMTP_TIMEOUT
="${SMTP_TIMEOUT:-30}"
115 _SMTP_X_MAILER
="${PROJECT_NAME} ${VER} --notify-hook smtp"
117 # Run with --debug 2 (or above) to echo the transcript of the SMTP session.
118 # Careful: this may include SMTP_PASSWORD in plaintext!
119 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_2" ]; then
120 _SMTP_SHOW_TRANSCRIPT
="True"
122 _SMTP_SHOW_TRANSCRIPT
=""
126 case "$(basename "$_SMTP_BIN")" in
127 curl
) _smtp_send
=_smtp_send_curl
;;
128 py
*) _smtp_send
=_smtp_send_python
;;
130 _err
"Can't figure out how to invoke $_SMTP_BIN."
131 _err
"Check your SMTP_BIN setting."
136 if ! smtp_output
="$($_smtp_send)"; then
137 _err
"Error sending message with $_SMTP_BIN."
138 if [ -n "$smtp_output" ]; then
144 # Save config only if send was successful:
145 _saveaccountconf_mutable SMTP_BIN
"$SMTP_BIN"
146 _saveaccountconf_mutable SMTP_FROM
"$SMTP_FROM"
147 _saveaccountconf_mutable SMTP_TO
"$SMTP_TO"
148 _saveaccountconf_mutable SMTP_HOST
"$SMTP_HOST"
149 _saveaccountconf_mutable SMTP_PORT
"$SMTP_PORT"
150 _saveaccountconf_mutable SMTP_SECURE
"$SMTP_SECURE"
151 _saveaccountconf_mutable SMTP_USERNAME
"$SMTP_USERNAME"
152 _saveaccountconf_mutable SMTP_PASSWORD
"$SMTP_PASSWORD"
153 _saveaccountconf_mutable SMTP_TIMEOUT
"$SMTP_TIMEOUT"
158 # Send the message via curl using _SMTP_* variables
160 # curl passes --mail-from and --mail-rcpt directly to the SMTP protocol without
161 # additional parsing, and SMTP requires addr-spec only (no display names).
162 # In the future, maybe try to parse the addr-spec out for curl args (non-trivial).
163 if _email_has_display_name
"$_SMTP_FROM"; then
164 _err
"curl smtp only allows a simple email address in SMTP_FROM."
165 _err
"Change your SMTP_FROM='$SMTP_FROM' to remove the display name."
168 if _email_has_display_name
"$_SMTP_TO"; then
169 _err
"curl smtp only allows simple email addresses in SMTP_TO."
170 _err
"Change your SMTP_TO='$SMTP_TO' to remove the display name(s)."
174 # Build curl args in $@
176 case "$_SMTP_SECURE" in
178 set -- --url "smtp://${_SMTP_HOST}:${_SMTP_PORT}"
181 set -- --url "smtps://${_SMTP_HOST}:${_SMTP_PORT}"
184 set -- --url "smtp://${_SMTP_HOST}:${_SMTP_PORT}" --ssl-reqd
187 # This will only occur if someone adds a new SMTP_SECURE option above
188 # without updating this code for it.
189 _err
"Unhandled _SMTP_SECURE='$_SMTP_SECURE' in _smtp_send_curl"
190 _err
"Please re-run with --debug and report a bug."
197 --mail-from "$_SMTP_FROM" \
198 --max-time "$_SMTP_TIMEOUT"
200 # Burst comma-separated $_SMTP_TO into individual --mail-rcpt args.
202 while [ -n "$_to" ]; do
205 set -- "$@" --mail-rcpt "$_rcpt"
208 _smtp_login
="${_SMTP_USERNAME}:${_SMTP_PASSWORD}"
209 if [ "$_smtp_login" != ":" ]; then
210 set -- "$@" --user "$_smtp_login"
213 if [ "$_SMTP_SHOW_TRANSCRIPT" = "True" ]; then
214 set -- "$@" --verbose
216 set -- "$@" --silent --show-error
219 raw_message
="$(_smtp_raw_message)"
221 _debug2
"curl command:" "$_SMTP_BIN" "$*"
222 _debug2
"raw_message:\n$raw_message"
224 echo "$raw_message" |
"$_SMTP_BIN" "$@"
227 # Output an RFC-822 / RFC-5322 email message using _SMTP_* variables
228 _smtp_raw_message
() {
229 echo "From: $_SMTP_FROM"
231 echo "Subject: $(_mime_encoded_word "$_SMTP_SUBJECT")"
232 if _exists
date; then
233 echo "Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')"
235 echo "Content-Type: text/plain; charset=utf-8"
236 echo "X-Mailer: $_SMTP_X_MAILER"
238 echo "$_SMTP_CONTENT"
241 # Convert text to RFC-2047 MIME "encoded word" format if it contains non-ASCII chars
243 _mime_encoded_word
() {
245 # (regex character ranges like [a-z] can be locale-dependent; enumerate ASCII chars to avoid that)
246 _ascii
='] $`"'"[!#%&'()*+,./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ~^_abcdefghijklmnopqrstuvwxyz{|}~-"
247 if expr "$_text" : "^.*[^$_ascii]" >/dev
/null
; then
248 # At least one non-ASCII char; convert entire thing to encoded word
249 printf "%s" "=?UTF-8?B?$(printf "%s
" "$_text" | _base64)?="
251 # Just printable ASCII, no conversion needed
256 # Simple check for display name in an email address (< > or ")
258 _email_has_display_name
() {
260 expr "$_email" : '^.*[<>"]' >/dev
/null
263 # Send the message via Python using _SMTP_* variables
264 _smtp_send_python
() {
265 _debug
"Python version" "$("$_SMTP_BIN" --version 2>&1)"
269 # This code is meant to work with either Python 2.7.x or Python 3.4+.
272 from email.message import EmailMessage
274 from email.mime.text import MIMEText as EmailMessage # Python 2
275 from smtplib import SMTP, SMTP_SSL, SMTPException
276 from socket import error as SocketError
277 except ImportError as err:
278 print("A required Python standard package is missing. This system may have"
279 " a reduced version of Python unsuitable for sending mail: %s" % err)
282 show_transcript = """$_SMTP_SHOW_TRANSCRIPT""" == "True"
284 smtp_host = """$_SMTP_HOST"""
285 smtp_port = int("""$_SMTP_PORT""")
286 smtp_secure = """$_SMTP_SECURE"""
287 username = """$_SMTP_USERNAME"""
288 password = """$_SMTP_PASSWORD"""
289 timeout=int("""$_SMTP_TIMEOUT""") # seconds
290 x_mailer="""$_SMTP_X_MAILER"""
292 from_email="""$_SMTP_FROM"""
293 to_emails="""$_SMTP_TO""" # can be comma-separated
294 subject="""$_SMTP_SUBJECT"""
295 content="""$_SMTP_CONTENT"""
299 msg.set_content(content)
300 except (AttributeError, TypeError):
302 msg = EmailMessage(content)
303 msg["Subject"] = subject
304 msg["From"] = from_email
305 msg["To"] = to_emails
306 msg["X-Mailer"] = x_mailer
310 if smtp_secure == "ssl":
311 smtp = SMTP_SSL(smtp_host, smtp_port, timeout=timeout)
313 smtp = SMTP(smtp_host, smtp_port, timeout=timeout)
314 smtp.set_debuglevel(show_transcript)
315 if smtp_secure == "tls":
317 if username or password:
318 smtp.login(username, password)
319 smtp.sendmail(msg["From"], msg["To"].split(","), msg.as_string())
321 except SMTPException as err:
322 # Output just the error (skip the Python stack trace) for SMTP errors
323 print("Error sending: %r" % err)
326 except SocketError as err:
327 print("Error connecting to %s:%d: %r" % (smtp_host, smtp_port, err))