Add email forwarding to external SMTP servers

Author: jimmystridh

Cargo.toml

@@ -34,6 +34,7 @@ chrono = { version = "0.4", features = ["serde"] }
 futures-util = "0.3"
 base64 = "0.22"
 rusqlite = { version = "0.32", features = ["bundled"] }
+lettre = { version = "0.11", default-features = false, features = ["tokio1-rustls-tls", "smtp-transport", "builder"] }
 
 [dev-dependencies]
 lettre = { version = "0.11", default-features = false, features = ["tokio1-rustls-tls", "smtp-transport", "builder"] }

README.md

@@ -17,6 +17,7 @@ A minimal SMTP sink for local development and testing. Receives emails via SMTP
 - **Attachment parsing and download** via API
 - **SQLite persistence** (optional) - survive restarts
 - **Search/filter API** - query by from, to, subject, date
+- **Email forwarding** - relay to external SMTP server
 
 ## Installation
 
@@ -90,6 +91,13 @@ smtp-sink --tls --tls-key ./key.pem --tls-cert ./cert.pem
 
 # With SQLite persistence (emails survive restart)
 smtp-sink --db ./emails.db
+
+# Forward all emails to another server
+smtp-sink --forward-host smtp.example.com --forward-port 587 --forward-tls \
+  --forward-username user --forward-password pass
+
+# Forward with recipient override (catch-all redirect)
+smtp-sink --forward-host smtp.example.com --forward-to dev@example.com
 ```
 
 ## Options
@@ -108,6 +116,14 @@ smtp-sink --db ./emails.db
     --auth-username <USER> Username for SMTP AUTH
     --auth-password <PASS> Password for SMTP AUTH
     --db <PATH>            SQLite database path for persistence
+    --forward-host <HOST>  Forward emails to this SMTP host
+    --forward-port <PORT>  Forward SMTP port (default: 587/465)
+    --forward-tls          Use STARTTLS when forwarding
+    --forward-implicit-tls Use implicit TLS (SMTPS) when forwarding
+    --forward-username <U> SMTP username for forwarding
+    --forward-password <P> SMTP password for forwarding
+    --forward-to <ADDR>    Override all recipients (catch-all redirect)
+    --forward-from <ADDR>  Override sender when forwarding
 ```
 
 ## API

src/forward.rs

@@ -0,0 +1,189 @@
+//! Email forwarding to external SMTP servers.
+
+use lettre::message::Mailbox;
+use lettre::transport::smtp::authentication::Credentials;
+use lettre::transport::smtp::client::{Tls, TlsParameters};
+use lettre::{AsyncSmtpTransport, AsyncTransport, Message, Tokio1Executor};
+use std::sync::Arc;
+use tokio::sync::mpsc;
+use tracing::{debug, error, info};
+
+use crate::email::MailRecord;
+
+/// Configuration for email forwarding.
+#[derive(Debug, Clone)]
+pub struct ForwardConfig {
+    /// SMTP host to forward to
+    pub host: String,
+    /// SMTP port (default: 25 or 587)
+    pub port: u16,
+    /// Use TLS (STARTTLS or implicit)
+    pub tls: bool,
+    /// Use implicit TLS (SMTPS)
+    pub implicit_tls: bool,
+    /// Username for SMTP AUTH
+    pub username: Option<String>,
+    /// Password for SMTP AUTH
+    pub password: Option<String>,
+    /// Rewrite all recipients to this address
+    pub to_override: Option<String>,
+    /// Rewrite sender to this address
+    pub from_override: Option<String>,
+}
+
+impl ForwardConfig {
+    /// Check if forwarding is configured.
+    #[must_use]
+    pub const fn is_enabled(&self) -> bool {
+        !self.host.is_empty()
+    }
+}
+
+/// Email forwarder that sends emails to an external SMTP server.
+pub struct Forwarder {
+    config: ForwardConfig,
+}
+
+impl Forwarder {
+    /// Create a new forwarder with the given config.
+    /// Returns the forwarder and a handle for submitting emails.
+    #[must_use]
+    pub fn new(config: ForwardConfig) -> (Arc<Self>, ForwardHandle) {
+        let (tx, rx) = mpsc::channel(100);
+        let forwarder = Arc::new(Self { config });
+
+        // Spawn the forwarding task
+        let forwarder_clone = Arc::clone(&forwarder);
+        tokio::spawn(async move {
+            forwarder_clone.run(rx).await;
+        });
+
+        let handle = ForwardHandle { tx };
+        (forwarder, handle)
+    }
+
+    async fn run(self: Arc<Self>, mut rx: mpsc::Receiver<MailRecord>) {
+        info!(
+            "Email forwarder started, forwarding to {}:{}",
+            self.config.host, self.config.port
+        );
+
+        while let Some(email) = rx.recv().await {
+            if let Err(e) = self.forward_email(&email).await {
+                error!("Failed to forward email {}: {}", email.id, e);
+            } else {
+                debug!("Forwarded email {} to {}", email.id, self.config.host);
+            }
+        }
+    }
+
+    async fn forward_email(&self, email: &MailRecord) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
+        // Build the email message
+        let from: Mailbox = self
+            .config
+            .from_override
+            .as_ref()
+            .unwrap_or(&email.from)
+            .parse()
+            .map_err(|_| format!("Invalid from address: {}", email.from))?;
+
+        // Determine recipients
+        let recipients: Vec<String> = self.config.to_override.as_ref().map_or_else(
+            || email.to.clone(),
+            |override_to| vec![override_to.clone()],
+        );
+
+        if recipients.is_empty() {
+            return Err("No recipients".into());
+        }
+
+        // Build message
+        let mut builder = Message::builder()
+            .from(from)
+            .subject(email.subject.as_deref().unwrap_or("(no subject)"));
+
+        for recipient in &recipients {
+            let mailbox: Mailbox = recipient
+                .parse()
+                .map_err(|_| format!("Invalid recipient: {recipient}"))?;
+            builder = builder.to(mailbox);
+        }
+
+        // Add Date header
+        if let Ok(dt) = chrono::DateTime::parse_from_rfc3339(&email.date) {
+            builder = builder.date(std::time::SystemTime::from(dt));
+        }
+
+        // Create the message with body
+        let message = if let Some(ref html) = email.html {
+            if let Some(ref text) = email.text {
+                builder.multipart(
+                    lettre::message::MultiPart::alternative()
+                        .singlepart(
+                            lettre::message::SinglePart::builder()
+                                .header(lettre::message::header::ContentType::TEXT_PLAIN)
+                                .body(text.clone()),
+                        )
+                        .singlepart(
+                            lettre::message::SinglePart::builder()
+                                .header(lettre::message::header::ContentType::TEXT_HTML)
+                                .body(html.clone()),
+                        ),
+                )?
+            } else {
+                builder.header(lettre::message::header::ContentType::TEXT_HTML).body(html.clone())?
+            }
+        } else if let Some(ref text) = email.text {
+            builder.header(lettre::message::header::ContentType::TEXT_PLAIN).body(text.clone())?
+        } else {
+            builder.body(String::new())?
+        };
+
+        // Build SMTP transport
+        let transport = self.build_transport()?;
+
+        // Send the email
+        transport.send(message).await?;
+
+        Ok(())
+    }
+
+    fn build_transport(
+        &self,
+    ) -> Result<AsyncSmtpTransport<Tokio1Executor>, Box<dyn std::error::Error + Send + Sync>> {
+        let mut builder = if self.config.implicit_tls {
+            AsyncSmtpTransport::<Tokio1Executor>::relay(&self.config.host)?
+        } else if self.config.tls {
+            AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.config.host)?
+        } else {
+            let tls_params = TlsParameters::builder(self.config.host.clone())
+                .dangerous_accept_invalid_certs(true)
+                .build()?;
+            AsyncSmtpTransport::<Tokio1Executor>::builder_dangerous(&self.config.host)
+                .tls(Tls::Opportunistic(tls_params))
+        };
+
+        builder = builder.port(self.config.port);
+
+        if let (Some(ref user), Some(ref pass)) = (&self.config.username, &self.config.password) {
+            builder = builder.credentials(Credentials::new(user.clone(), pass.clone()));
+        }
+
+        Ok(builder.build())
+    }
+}
+
+/// Handle for submitting emails to be forwarded.
+#[derive(Clone)]
+pub struct ForwardHandle {
+    tx: mpsc::Sender<MailRecord>,
+}
+
+impl ForwardHandle {
+    /// Queue an email for forwarding.
+    pub async fn forward(&self, email: MailRecord) {
+        if let Err(e) = self.tx.send(email).await {
+            error!("Failed to queue email for forwarding: {}", e);
+        }
+    }
+}

src/lib.rs

@@ -1,13 +1,15 @@
 //! SMTP sink library for receiving and exposing emails via HTTP.
 
 mod email;
+mod forward;
 mod http;
 mod smtp;
 mod sqlite_store;
 mod store;
 mod tls;
 
 pub use email::{Attachment, MailRecord};
+pub use forward::{ForwardConfig, ForwardHandle, Forwarder};
 pub use smtp::SmtpConfig;
 pub use sqlite_store::SqliteStore;
 pub use store::{EmailQuery, EmailStorage, EmailStore, MemoryStore};
@@ -41,6 +43,22 @@ pub struct SinkOptions {
     pub auth_password: Option<String>,
     /// `SQLite` database path for persistence
     pub db_path: Option<String>,
+    /// Forward emails to external SMTP server
+    pub forward_host: Option<String>,
+    /// Forward SMTP port
+    pub forward_port: Option<u16>,
+    /// Use TLS for forwarding
+    pub forward_tls: bool,
+    /// Use implicit TLS for forwarding
+    pub forward_implicit_tls: bool,
+    /// Forward SMTP username
+    pub forward_username: Option<String>,
+    /// Forward SMTP password
+    pub forward_password: Option<String>,
+    /// Override all recipients when forwarding
+    pub forward_to: Option<String>,
+    /// Override sender when forwarding
+    pub forward_from: Option<String>,
 }
 
 /// Running server handles.
@@ -116,6 +134,25 @@ pub async fn start_sink(opts: SinkOptions) -> std::io::Result<RunningServers> {
         http_addr.port()
     );
 
+    // Set up email forwarding if configured
+    let forward_handle: Option<ForwardHandle> = if let Some(ref host) = opts.forward_host {
+        let forward_config = ForwardConfig {
+            host: host.clone(),
+            port: opts.forward_port.unwrap_or(if opts.forward_implicit_tls { 465 } else { 587 }),
+            tls: opts.forward_tls,
+            implicit_tls: opts.forward_implicit_tls,
+            username: opts.forward_username.clone(),
+            password: opts.forward_password.clone(),
+            to_override: opts.forward_to.clone(),
+            from_override: opts.forward_from.clone(),
+        };
+        let (_, handle) = Forwarder::new(forward_config);
+        println!("Forwarding emails to {}:{}", host, opts.forward_port.unwrap_or(587));
+        Some(handle)
+    } else {
+        None
+    };
+
     // Build SMTP config
     let smtp_config = SmtpConfig {
         whitelist: whitelist.clone(),
@@ -127,6 +164,7 @@ pub async fn start_sink(opts: SinkOptions) -> std::io::Result<RunningServers> {
         auth_required: opts.auth_required,
         auth_username: opts.auth_username.clone(),
         auth_password: opts.auth_password.clone(),
+        forward_handle,
     };
 
     // Start SMTP server task

src/main.rs

@@ -60,6 +60,38 @@ struct Cli {
     /// `SQLite` database path for persistence (e.g., ./emails.db)
     #[arg(long)]
     db: Option<String>,
+
+    /// Forward emails to this SMTP host
+    #[arg(long)]
+    forward_host: Option<String>,
+
+    /// Forward SMTP port (default: 587 for STARTTLS, 465 for implicit TLS)
+    #[arg(long)]
+    forward_port: Option<u16>,
+
+    /// Use STARTTLS when forwarding
+    #[arg(long)]
+    forward_tls: bool,
+
+    /// Use implicit TLS (SMTPS) when forwarding
+    #[arg(long)]
+    forward_implicit_tls: bool,
+
+    /// SMTP username for forwarding
+    #[arg(long)]
+    forward_username: Option<String>,
+
+    /// SMTP password for forwarding
+    #[arg(long)]
+    forward_password: Option<String>,
+
+    /// Override all recipients when forwarding (catch-all redirect)
+    #[arg(long)]
+    forward_to: Option<String>,
+
+    /// Override sender when forwarding
+    #[arg(long)]
+    forward_from: Option<String>,
 }
 
 #[tokio::main]
@@ -89,6 +121,14 @@ async fn main() -> std::io::Result<()> {
         auth_username: cli.auth_username,
         auth_password: cli.auth_password,
         db_path: cli.db,
+        forward_host: cli.forward_host,
+        forward_port: cli.forward_port,
+        forward_tls: cli.forward_tls,
+        forward_implicit_tls: cli.forward_implicit_tls,
+        forward_username: cli.forward_username,
+        forward_password: cli.forward_password,
+        forward_to: cli.forward_to,
+        forward_from: cli.forward_from,
     };
 
     let servers = start_sink(opts).await?;

src/smtp.rs

@@ -1,6 +1,7 @@
 //! SMTP server implementation with AUTH and STARTTLS support.
 
 use crate::email::MailRecord;
+use crate::forward::ForwardHandle;
 use crate::store::EmailStorage;
 use base64::prelude::*;
 use mail_parser::{MessageParser, MimeHeaders};
@@ -23,6 +24,7 @@ pub struct SmtpConfig {
     pub auth_required: bool,
     pub auth_username: Option<String>,
     pub auth_password: Option<String>,
+    pub forward_handle: Option<ForwardHandle>,
 }
 
 /// Run the SMTP server (plain text, with optional STARTTLS).
@@ -407,6 +409,12 @@ where
 
             let data = read_data(&mut stream.inner).await?;
             let record = parse_email(&data, session);
+            
+            // Forward email if configured
+            if let Some(ref fwd) = config.forward_handle {
+                fwd.forward(record.clone()).await;
+            }
+            
             store.push(record);
             session.reset();