←back to thread

MailCatcher runs a super simple SMTP server

(mailcatcher.me)
297 points mooreds | 5 comments | 18 Nov 24 16:51 UTC | HN request time: 0.826s | source
1. Saris ◴[18 Nov 24 19:42 UTC] No.42176115[source]
Does it need maintenance? It doesn't seem like much of a problem for working software that is local only.
replies(2): >>42176910 #>>42177607 #
2. hoistbypetard ◴[18 Nov 24 20:55 UTC] No.42176910[source]
It really only likely matters if you're one of those who is tempted to let it run on `0.0.0.0` instead of loopback only.

Assuming you're not, there's certainly no urgency to migrate. But keep it in the back of your mind that it's unmaintained, and if things go weirdly wrong during an OS or ruby upgrade, remember that you will need to fix it or pick up something else that's kind of similar.

If you're not already using it, it might be a good idea to pick up something else.

I like [mailpit](https://github.com/axllent/mailpit) because it's a single static binary and because it has a nice api I can use during testing to see if a message made it out of the system I'm testing.

But none of that argues for switching away from a thing that's working for you.

replies(1): >>42177346 #
3. nicoburns ◴[18 Nov 24 21:35 UTC] No.42177346[source]
This kind of product could also be useful in shared development environments (such as the sort that QA teams might have access to for example).
replies(1): >>42177634 #
4. andix ◴[18 Nov 24 22:02 UTC] No.42177607[source]
It depends. If it's not exposed to a network and doesn't have any awful bugs, than it should be fine.

Usually those mailtrap servers have some exposure to the company intranet or sometimes the internet, which could be problematic. Even test systems might receive sensitive data in the emails, that shouldn't be leaked to an attacker. An unmaintained software might have well known security issues.

5. andix ◴[18 Nov 24 22:05 UTC] No.42177634{3}[source]
I've seen a few shared Mailpit installations in companies. I think that's a quite popular pattern.