Add checksmtp functionality for SMTP configuration verification

[fer]

Description

Introduces the checksmtp command to the Bitwarden self-hosted management script, enabling administrators to easily verify the SMTP configuration directly from the command line. This functionality aims to streamline the troubleshooting process of email delivery issues by providing a quick and straightforward method to test the SMTP server connection, authentication, and secure communication.

Features

• Validates the connection to the SMTP server specified in the global.override.env file, ensuring that the Bitwarden instance can communicate with the mail server.
• Confirms the validity of the SMTP username and password, ensuring that Bitwarden is capable of authenticating with the SMTP server for email delivery.
• Verifies the secure communication with the SMTP server, based on the SSL configuration globalSettings__mail__smtp__ssl to ensure that emails are sent over a secure channel.

Usage examples

To use this functionality, run the following command from the Bitwarden self-hosted script directory:

./bitwarden.sh checksmtp

When SMTP configuration is wrong:

SMTP authentication failed or connection error occurred.

When SMTP configuration is right:

SMTP settings are correct.

Testing

Please review this PR for inclusion in the next release of Bitwarden self-hosted. Your feedback and suggestions are welcome!

[bitwarden-bot]

Checkmarx One – Scan Summary & Details – 404a0a53-277f-481b-96d5-564e88dd38a3

No New Or Fixed Issues Found

[vgrassia]

I would check to see if the openssl binary is available before calling it. Shouldn't the AUTH LOGIN section only execute if there is a username or password defined? This doesn't work on my self-host that doesn't use authentication. Also, I'm not sure every SMTP server returns 235 for a successful message, it could be any number of 2XX codes. How do we make sure it actually sent the message?

[fer]

@vgrassia, thank you very much for your comments!

I've implemented the following enhancements:

• Added a preliminary check to ensure openssl is installed before proceeding.
• Modified the script to accept any 2xx SMTP status code as a successful response.
• Modified the script to only attempt the AUTH section if both the username and password are provided and are not empty.

Currently, this script is designed to verify connectivity without sending any messages. However, I'm open to incorporating a feature to send a test message if we determine it's beneficial for our testing process.

Please let me know if you'd like me to proceed with that addition as your valuable suggestions.

[CLAassistant]

All committers have signed the CLA.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud