send alert email when a mailbox is an email alias

app/config.py

@@ -127,7 +127,6 @@ DKIM_SELECTOR = b"dkim"
 with open(DKIM_PRIVATE_KEY_PATH) as f:
     DKIM_PRIVATE_KEY = f.read()
 
-
 with open(DKIM_PUBLIC_KEY_PATH) as f:
     DKIM_DNS_VALUE = (
         f.read()
@@ -137,7 +136,6 @@ with open(DKIM_PUBLIC_KEY_PATH) as f:
         .replace("\n", "")
     )
 
-
 DKIM_HEADERS = [b"from", b"to"]
 
 # Database
@@ -207,7 +205,6 @@ else:
 GITHUB_CLIENT_ID = os.environ.get("GITHUB_CLIENT_ID")
 GITHUB_CLIENT_SECRET = os.environ.get("GITHUB_CLIENT_SECRET")
 
-
 GOOGLE_CLIENT_ID = os.environ.get("GOOGLE_CLIENT_ID")
 GOOGLE_CLIENT_SECRET = os.environ.get("GOOGLE_CLIENT_SECRET")
 
@@ -223,7 +220,6 @@ MFA_USER_ID = "mfa_user_id"
 FLASK_PROFILER_PATH = os.environ.get("FLASK_PROFILER_PATH")
 FLASK_PROFILER_PASSWORD = os.environ.get("FLASK_PROFILER_PASSWORD")
 
-
 # Job names
 JOB_ONBOARDING_1 = "onboarding-1"
 JOB_ONBOARDING_2 = "onboarding-2"
@@ -294,6 +290,11 @@ ALERT_SEND_EMAIL_CYCLE = "cycle"
 
 ALERT_SPF = "spf"
 
+# when a mailbox is also an alias
+# happens when user adds a mailbox with their domain
+# then later adds this domain into SimpleLogin
+ALERT_MAILBOX_IS_ALIAS = "mailbox_is_alias"
+
 # <<<<< END ALERT EMAIL >>>>
 
 # Disable onboarding emails

app/dashboard/templates/dashboard/mailbox.html

@@ -113,8 +113,8 @@
 
         {{ new_mailbox_form.email(class="form-control", placeholder="email@example.com") }}
         {{ render_field_errors(new_mailbox_form.email) }}
-        <div class="small-text">
-          A verification email will be sent to this email address.
+        <div class="small-text alert alert-info">
+          A mailbox needs to be a <b>final</b> email address and can't be an email alias or a disposable email address.
         </div>
 
         <button class="btn btn-lg btn-success mt-2">Create</button>

email_handler.py

@@ -72,6 +72,7 @@ from app.config import (
     MAX_SPAM_SCORE,
     MAX_REPLY_PHASE_SPAM_SCORE,
     ALERT_SEND_EMAIL_CYCLE,
+    ALERT_MAILBOX_IS_ALIAS,
 )
 from app.email_utils import (
     send_email,
@@ -492,12 +493,33 @@ async def forward_email_to_mailbox(
 
     # sanity check: make sure mailbox is not actually an alias
     if get_email_domain_part(alias.email) == get_email_domain_part(mailbox.email):
-        LOG.exception(
+        LOG.warning(
             "Mailbox has the same domain as alias. %s -> %s -> %s",
             contact,
             alias,
             mailbox,
         )
+        mailbox_url = f"{URL}/dashboard/mailbox/{mailbox.id}/"
+        send_email_with_rate_control(
+            user,
+            ALERT_MAILBOX_IS_ALIAS,
+            user.email,
+            f"Your SimpleLogin mailbox {mailbox.email} cannot be an email alias",
+            render(
+                "transactional/mailbox-invalid.txt",
+                name=user.name or "",
+                mailbox=mailbox,
+                mailbox_url=mailbox_url,
+            ),
+            render(
+                "transactional/mailbox-invalid.html",
+                name=user.name or "",
+                mailbox=mailbox,
+                mailbox_url=mailbox_url,
+            ),
+            max_alert_24h=1,
+        )
+
         return False, "550 SL E14"
 
     # Spam check

templates/emails/transactional/mailbox-invalid.html

@@ -0,0 +1,27 @@
+{% extends "base.html" %}
+
+{% block content %}
+  {{ render_text("Hi " + name) }}
+
+  {% call text() %}
+    We have detected that your mailbox <b>{{ mailbox.email }}</b> cannot receive emails as it's a SimpleLogin alias.
+  {% endcall %}
+
+  {% call text() %}
+    A mailbox needs to be a "final" email address and cannot be an email alias.
+  {% endcall %}
+
+  {% call text() %}
+    Please update this mailbox to a non-alias email address on
+    <a href="{{ mailbox_url }}">{{ mailbox.email }} setting</a>.
+  {% endcall %}
+
+  {% call text() %}
+    Feel free reply to this email if you have any question. <br>
+    Best, <br>
+    SimpleLogin team.
+  {% endcall %}
+
+{% endblock %}
+
+

templates/emails/transactional/mailbox-invalid.txt

@@ -0,0 +1,13 @@
+Hi {{name}}
+
+We have detected that your mailbox {{ mailbox.email }} cannot receive emails as it's a SimpleLogin alias.
+
+A mailbox needs to be a "final" email address and cannot be an email alias.
+
+Please update this mailbox to a non-alias email address on
+{{ mailbox_url }}
+
+Feel free reply to this email if you have any question.
+
+Best,
+SimpleLogin team.