GithubHelp home page GithubHelp logo

aiopopd's Introduction

POP3 server proxying to remote IMAP server

aiopopd allows you to import your email on an IMAP server into your Gmail account.

Since Gmail only supports retrieving email from a remote POP3 server, not a remote IMAP server, this project implements a POP3 server that takes a username and password from a client, uses the credentials to log on to another IMAP server, and sends the email on that remote IMAP server to the POP3 client (i.e. Gmail).

Security concerns

By giving your IMAP password to Gmail, you are giving your IMAP password to Gmail. If your IMAP provider forbids you from giving your password to strangers, then you shouldn't give your password to Gmail!

If you decide to give your password to Gmail, then Gmail will send your password along to aiopopd. If you don't control the configuration of aiopopd, the server it is running on, or the DNS entry managing the domain name, then you shouldn't give your password to Gmail!

Although there are standards for challenge-response authentication (e.g. CRAM-MD5) such that you could have a POP3 server proxying to a remote IMAP server where the POP3 proxy never learns the client's password, these standards are rarely implemented and enabled.

You should use a TLS certificate for your POP3 server. Consider using Let's Encrypt to obtain a free TLS certificate: The simplest way is by installing certbot and running sudo certbot certonly -d pop.example.com --webroot -w /var/www/pop.example.com/htdocs, assuming you have configured a webserver to serve http://pop.example.com from /var/www/pop.example.com/htdocs.

Running aiopopd

  • (Install python3 and pipenv)
  • Clone the project with git: git clone https://github.com/Mortal/aiopopd
  • cd aiopopd
  • pipenv install --three && pipenv shell
  • To run a POP3 server, listening on port 9955, proxying to a fixed IMAP server: python -m aiopopd -H imap.example.com -p 993 --imap-ssl -P 9955 -n --ssl-key key.pem --ssl-cert fullchain.pem --ssl-generate

Implementation

aiopopd is implemented in Python 3 using asyncio and is closely modeled after the aiosmtpd project.

The IMAP client portion was taken from the mailtk project.

The POP3 server runs in a single thread, while each IMAP client runs on a separate thread (since the IMAP client implementation is synchronous).

client.py - POP3 client for testing

Before testing with your Gmail account, it can be useful to check manually that your configuration works with any POP3 client.

Usage: python3 client.py -u USERNAME

By default, client.py asks for your IMAP password on standard input. For more options, see python3 client.py --help.

If you use the standard UNIX password manager, you can use the option -p pass:NAME to retrieve the password using the pass NAME command.

aiopopd's People

Contributors

mortal avatar tyilo avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

tyilo raedle

aiopopd's Issues

Number of open files keep increasing

I have run aiopopd on my server for about a month now and using lsof I can see that the python process has 2138 open files. Most of these are pipes.

After restarting aiopopd it only has 98 files open.

There is probably a resource leak somewhere.

Implement RFC 2195

When proxying a remote IMAP server, plain text authentication is a security risk, even over TLS. If upstream IMAP server and downstream POP client supports CRAM-MD5 and the downstream POP client does not verify that the challenge data contains the server's fully-qualified primary host name (as required by the RFC), then we can use that instead of plain text authentication.

Potential typo in readme

The readme states under Security concerns:

By giving your IMAP password to Gmail, you are giving your IMAP password to Gmail.

Should one of those Gmails have been aiopopd?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.