email_handler.py 48 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507
  1. """
  2. Handle the email *forward* and *reply*. phase. There are 3 actors:
  3. - contact: who sends emails to alias@sl.co address
  4. - SL email handler (this script)
  5. - user personal email: to be protected. Should never leak to contact.
  6. This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following
  7. envelope and header fields:
  8. Envelope:
  9. mail from: @contact
  10. rcpt to: @personal_email
  11. Header:
  12. From: @contact
  13. To: alias@sl.co # so user knows this email is sent to alias
  14. Reply-to: special@sl.co # magic HERE
  15. And in the reply phase:
  16. Envelope:
  17. mail from: @contact
  18. rcpt to: @contact
  19. Header:
  20. From: alias@sl.co # so for contact the email comes from alias. magic HERE
  21. To: @contact
  22. The special@sl.co allows to hide user personal email when user clicks "Reply" to the forwarded email.
  23. It should contain the following info:
  24. - alias
  25. - @contact
  26. """
  27. import asyncio
  28. import email
  29. import os
  30. import time
  31. import uuid
  32. from email import encoders
  33. from email.message import Message
  34. from email.mime.application import MIMEApplication
  35. from email.mime.multipart import MIMEMultipart
  36. from email.utils import parseaddr, formataddr, make_msgid
  37. from io import BytesIO
  38. from smtplib import SMTP, SMTPRecipientsRefused
  39. from typing import List, Tuple
  40. import aiosmtpd
  41. import aiospamc
  42. import arrow
  43. import spf
  44. from aiosmtpd.smtp import Envelope
  45. from app import pgp_utils, s3
  46. from app.alias_utils import try_auto_create
  47. from app.config import (
  48. EMAIL_DOMAIN,
  49. POSTFIX_SERVER,
  50. URL,
  51. ALIAS_DOMAINS,
  52. POSTFIX_SUBMISSION_TLS,
  53. UNSUBSCRIBER,
  54. LOAD_PGP_EMAIL_HANDLER,
  55. ENFORCE_SPF,
  56. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  57. ALERT_BOUNCE_EMAIL,
  58. ALERT_SPAM_EMAIL,
  59. ALERT_SPF,
  60. POSTFIX_PORT,
  61. SENDER,
  62. SENDER_DIR,
  63. SPAMASSASSIN_HOST,
  64. MAX_SPAM_SCORE,
  65. MAX_REPLY_PHASE_SPAM_SCORE,
  66. ALERT_SEND_EMAIL_CYCLE,
  67. ALERT_MAILBOX_IS_ALIAS,
  68. )
  69. from app.email_utils import (
  70. send_email,
  71. add_dkim_signature,
  72. add_or_replace_header,
  73. delete_header,
  74. email_belongs_to_alias_domains,
  75. render,
  76. get_orig_message_from_bounce,
  77. delete_all_headers_except,
  78. get_addrs_from_header,
  79. get_spam_info,
  80. get_orig_message_from_spamassassin_report,
  81. parseaddr_unicode,
  82. send_email_with_rate_control,
  83. get_email_domain_part,
  84. copy,
  85. to_bytes,
  86. get_header_from_bounce,
  87. send_email_at_most_times,
  88. )
  89. from app.extensions import db
  90. from app.greylisting import greylisting_needed
  91. from app.log import LOG
  92. from app.models import (
  93. Alias,
  94. Contact,
  95. EmailLog,
  96. CustomDomain,
  97. User,
  98. RefusedEmail,
  99. Mailbox,
  100. )
  101. from app.pgp_utils import PGPException
  102. from app.utils import random_string
  103. from init_app import load_pgp_public_keys
  104. from server import create_app, create_light_app
  105. # forward or reply
  106. _DIRECTION = "X-SimpleLogin-Type"
  107. _IP_HEADER = "X-SimpleLogin-Client-IP"
  108. _MAILBOX_ID_HEADER = "X-SimpleLogin-Mailbox-ID"
  109. _EMAIL_LOG_ID_HEADER = "X-SimpleLogin-EmailLog-ID"
  110. _MESSAGE_ID = "Message-ID"
  111. # fix the database connection leak issue
  112. # use this method instead of create_app
  113. def new_app():
  114. app = create_light_app()
  115. @app.teardown_appcontext
  116. def shutdown_session(response_or_exc):
  117. # same as shutdown_session() in flask-sqlalchemy but this is not enough
  118. db.session.remove()
  119. # dispose the engine too
  120. db.engine.dispose()
  121. return app
  122. def get_or_create_contact(
  123. contact_from_header: str, mail_from: str, alias: Alias
  124. ) -> Contact:
  125. """
  126. contact_from_header is the RFC 2047 format FROM header
  127. """
  128. # contact_from_header can be None, use mail_from in this case instead
  129. contact_from_header = contact_from_header or mail_from
  130. # force convert header to string, sometimes contact_from_header is Header object
  131. contact_from_header = str(contact_from_header)
  132. contact_name, contact_email = parseaddr_unicode(contact_from_header)
  133. if not contact_email:
  134. # From header is wrongly formatted, try with mail_from
  135. LOG.warning("From header is empty, parse mail_from %s %s", mail_from, alias)
  136. contact_name, contact_email = parseaddr_unicode(mail_from)
  137. if not contact_email:
  138. LOG.exception(
  139. "Cannot parse contact from from_header:%s, mail_from:%s",
  140. contact_from_header,
  141. mail_from,
  142. )
  143. contact = Contact.get_by(alias_id=alias.id, website_email=contact_email)
  144. if contact:
  145. if contact.name != contact_name:
  146. LOG.d(
  147. "Update contact %s name %s to %s",
  148. contact,
  149. contact.name,
  150. contact_name,
  151. )
  152. contact.name = contact_name
  153. db.session.commit()
  154. else:
  155. LOG.debug(
  156. "create contact for alias %s and contact %s",
  157. alias,
  158. contact_from_header,
  159. )
  160. reply_email = generate_reply_email()
  161. contact = Contact.create(
  162. user_id=alias.user_id,
  163. alias_id=alias.id,
  164. website_email=contact_email,
  165. name=contact_name,
  166. reply_email=reply_email,
  167. )
  168. db.session.commit()
  169. return contact
  170. def replace_header_when_forward(msg: Message, alias: Alias, header: str):
  171. """
  172. Replace CC or To header by Reply emails in forward phase
  173. """
  174. addrs = get_addrs_from_header(msg, header)
  175. # Nothing to do
  176. if not addrs:
  177. return
  178. new_addrs: [str] = []
  179. for addr in addrs:
  180. contact_name, contact_email = parseaddr_unicode(addr)
  181. # no transformation when alias is already in the header
  182. if contact_email == alias.email:
  183. new_addrs.append(addr)
  184. continue
  185. contact = Contact.get_by(alias_id=alias.id, website_email=contact_email)
  186. if contact:
  187. # update the contact name if needed
  188. if contact.name != contact_name:
  189. LOG.d(
  190. "Update contact %s name %s to %s",
  191. contact,
  192. contact.name,
  193. contact_name,
  194. )
  195. contact.name = contact_name
  196. db.session.commit()
  197. else:
  198. LOG.debug(
  199. "create contact for alias %s and email %s, header %s",
  200. alias,
  201. contact_email,
  202. header,
  203. )
  204. reply_email = generate_reply_email()
  205. contact = Contact.create(
  206. user_id=alias.user_id,
  207. alias_id=alias.id,
  208. website_email=contact_email,
  209. name=contact_name,
  210. reply_email=reply_email,
  211. is_cc=header.lower() == "cc",
  212. )
  213. db.session.commit()
  214. new_addrs.append(contact.new_addr())
  215. if new_addrs:
  216. new_header = ",".join(new_addrs)
  217. LOG.d("Replace %s header, old: %s, new: %s", header, msg[header], new_header)
  218. add_or_replace_header(msg, header, new_header)
  219. else:
  220. LOG.d("Delete %s header, old value %s", header, msg[header])
  221. delete_header(msg, header)
  222. def replace_header_when_reply(msg: Message, alias: Alias, header: str):
  223. """
  224. Replace CC or To Reply emails by original emails
  225. """
  226. addrs = get_addrs_from_header(msg, header)
  227. # Nothing to do
  228. if not addrs:
  229. return
  230. new_addrs: [str] = []
  231. for addr in addrs:
  232. name, reply_email = parseaddr(addr)
  233. # no transformation when alias is already in the header
  234. if reply_email == alias.email:
  235. continue
  236. contact = Contact.get_by(reply_email=reply_email)
  237. if not contact:
  238. LOG.warning(
  239. "%s email in reply phase %s must be reply emails", header, reply_email
  240. )
  241. # still keep this email in header
  242. new_addrs.append(addr)
  243. else:
  244. new_addrs.append(formataddr((contact.name, contact.website_email)))
  245. if new_addrs:
  246. new_header = ",".join(new_addrs)
  247. LOG.d("Replace %s header, old: %s, new: %s", header, msg[header], new_header)
  248. add_or_replace_header(msg, header, new_header)
  249. else:
  250. LOG.d("delete the %s header. Old value %s", header, msg[header])
  251. delete_header(msg, header)
  252. def replace_str_in_msg(msg: Message, fr: str, to: str):
  253. if msg.get_content_maintype() != "text":
  254. return msg
  255. new_body = msg.get_payload(decode=True).replace(fr.encode(), to.encode())
  256. # If utf-8 decoding fails, do not touch message part
  257. try:
  258. new_body = new_body.decode("utf-8")
  259. except:
  260. return msg
  261. cte = (
  262. msg["Content-Transfer-Encoding"].lower()
  263. if msg["Content-Transfer-Encoding"]
  264. else None
  265. )
  266. subtype = msg.get_content_subtype()
  267. delete_header(msg, "Content-Transfer-Encoding")
  268. delete_header(msg, "Content-Type")
  269. email.contentmanager.set_text_content(msg, new_body, subtype=subtype, cte=cte)
  270. return msg
  271. def generate_reply_email():
  272. # generate a reply_email, make sure it is unique
  273. # not use while loop to avoid infinite loop
  274. reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
  275. for _ in range(1000):
  276. if not Contact.get_by(reply_email=reply_email):
  277. # found!
  278. break
  279. reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
  280. return reply_email
  281. def should_append_alias(msg: Message, address: str):
  282. """whether an alias should be appended to TO header in message"""
  283. # # force convert header to string, sometimes addrs is Header object
  284. if msg["To"] and address.lower() in str(msg["To"]).lower():
  285. return False
  286. if msg["Cc"] and address.lower() in str(msg["Cc"]).lower():
  287. return False
  288. return True
  289. _MIME_HEADERS = [
  290. "MIME-Version",
  291. "Content-Type",
  292. "Content-Disposition",
  293. "Content-Transfer-Encoding",
  294. ]
  295. _MIME_HEADERS = [h.lower() for h in _MIME_HEADERS]
  296. def prepare_pgp_message(orig_msg: Message, pgp_fingerprint: str):
  297. msg = MIMEMultipart("encrypted", protocol="application/pgp-encrypted")
  298. # copy all headers from original message except all standard MIME headers
  299. for i in reversed(range(len(orig_msg._headers))):
  300. header_name = orig_msg._headers[i][0].lower()
  301. if header_name.lower() not in _MIME_HEADERS:
  302. msg[header_name] = orig_msg._headers[i][1]
  303. # Delete unnecessary headers in orig_msg except to save space
  304. delete_all_headers_except(
  305. orig_msg,
  306. _MIME_HEADERS,
  307. )
  308. first = MIMEApplication(
  309. _subtype="pgp-encrypted", _encoder=encoders.encode_7or8bit, _data=""
  310. )
  311. first.set_payload("Version: 1")
  312. msg.attach(first)
  313. second = MIMEApplication("octet-stream", _encoder=encoders.encode_7or8bit)
  314. second.add_header("Content-Disposition", "inline")
  315. # encrypt original message
  316. encrypted_data = pgp_utils.encrypt_file(
  317. BytesIO(orig_msg.as_bytes()), pgp_fingerprint
  318. )
  319. second.set_payload(encrypted_data)
  320. msg.attach(second)
  321. return msg
  322. def handle_email_sent_to_ourself(alias, mailbox, msg: Message, user):
  323. # store the refused email
  324. random_name = str(uuid.uuid4())
  325. full_report_path = f"refused-emails/cycle-{random_name}.eml"
  326. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  327. refused_email = RefusedEmail.create(
  328. path=None, full_report_path=full_report_path, user_id=alias.user_id
  329. )
  330. db.session.commit()
  331. LOG.d("Create refused email %s", refused_email)
  332. # link available for 6 days as it gets deleted in 7 days
  333. refused_email_url = refused_email.get_url(expires_in=518400)
  334. send_email_at_most_times(
  335. user,
  336. ALERT_SEND_EMAIL_CYCLE,
  337. mailbox.email,
  338. f"Email sent to {alias.email} from its own mailbox {mailbox.email}",
  339. render(
  340. "transactional/cycle-email.txt",
  341. name=user.name or "",
  342. alias=alias,
  343. mailbox=mailbox,
  344. refused_email_url=refused_email_url,
  345. ),
  346. render(
  347. "transactional/cycle-email.html",
  348. name=user.name or "",
  349. alias=alias,
  350. mailbox=mailbox,
  351. refused_email_url=refused_email_url,
  352. ),
  353. )
  354. async def handle_forward(
  355. envelope, smtp: SMTP, msg: Message, rcpt_to: str
  356. ) -> List[Tuple[bool, str]]:
  357. """return an array of SMTP status (is_success, smtp_status)
  358. is_success indicates whether an email has been delivered and
  359. smtp_status is the SMTP Status ("250 Message accepted", "550 Non-existent email address", etc)
  360. """
  361. address = rcpt_to.lower().strip().replace(" ", "") # alias@SL
  362. alias = Alias.get_by(email=address)
  363. if not alias:
  364. LOG.d("alias %s not exist. Try to see if it can be created on the fly", address)
  365. alias = try_auto_create(address)
  366. if not alias:
  367. LOG.d("alias %s cannot be created on-the-fly, return 550", address)
  368. return [(False, "550 SL E3 Email not exist")]
  369. mail_from = envelope.mail_from.lower().strip()
  370. for mb in alias.mailboxes:
  371. # email send from a mailbox to alias
  372. if mb.email.lower().strip() == mail_from:
  373. LOG.warning("cycle email sent from %s to %s", mb, alias)
  374. handle_email_sent_to_ourself(alias, mb, msg, alias.user)
  375. return [(True, "250 Message accepted for delivery")]
  376. contact = get_or_create_contact(msg["From"], envelope.mail_from, alias)
  377. email_log = EmailLog.create(contact_id=contact.id, user_id=contact.user_id)
  378. db.session.commit()
  379. if not alias.enabled:
  380. LOG.d("%s is disabled, do not forward", alias)
  381. email_log.blocked = True
  382. db.session.commit()
  383. # do not return 5** to allow user to receive emails later when alias is enabled
  384. return [(True, "250 Message accepted for delivery")]
  385. user = alias.user
  386. ret = []
  387. mailboxes = alias.mailboxes
  388. # no valid mailbox
  389. if not mailboxes:
  390. return [(False, "550 SL E16 invalid mailbox")]
  391. # no need to create a copy of message
  392. if len(mailboxes) == 1:
  393. mailbox = mailboxes[0]
  394. ret.append(
  395. await forward_email_to_mailbox(
  396. alias, msg, email_log, contact, envelope, smtp, mailbox, user
  397. )
  398. )
  399. # create a copy of message for each forward
  400. else:
  401. for mailbox in mailboxes:
  402. ret.append(
  403. await forward_email_to_mailbox(
  404. alias, copy(msg), email_log, contact, envelope, smtp, mailbox, user
  405. )
  406. )
  407. return ret
  408. async def forward_email_to_mailbox(
  409. alias,
  410. msg: Message,
  411. email_log: EmailLog,
  412. contact: Contact,
  413. envelope,
  414. smtp: SMTP,
  415. mailbox,
  416. user,
  417. ) -> (bool, str):
  418. LOG.d("Forward %s -> %s -> %s", contact, alias, mailbox)
  419. # sanity check: make sure mailbox is not actually an alias
  420. if get_email_domain_part(alias.email) == get_email_domain_part(mailbox.email):
  421. LOG.warning(
  422. "Mailbox has the same domain as alias. %s -> %s -> %s",
  423. contact,
  424. alias,
  425. mailbox,
  426. )
  427. mailbox_url = f"{URL}/dashboard/mailbox/{mailbox.id}/"
  428. send_email_with_rate_control(
  429. user,
  430. ALERT_MAILBOX_IS_ALIAS,
  431. user.email,
  432. f"Your SimpleLogin mailbox {mailbox.email} cannot be an email alias",
  433. render(
  434. "transactional/mailbox-invalid.txt",
  435. name=user.name or "",
  436. mailbox=mailbox,
  437. mailbox_url=mailbox_url,
  438. ),
  439. render(
  440. "transactional/mailbox-invalid.html",
  441. name=user.name or "",
  442. mailbox=mailbox,
  443. mailbox_url=mailbox_url,
  444. ),
  445. max_nb_alert=1,
  446. )
  447. # retry later
  448. # so when user fixes the mailbox, the email can be delivered
  449. return False, "421 SL E14"
  450. # Spam check
  451. spam_status = ""
  452. is_spam = False
  453. if SPAMASSASSIN_HOST:
  454. start = time.time()
  455. spam_score = await get_spam_score(msg)
  456. LOG.d(
  457. "%s -> %s - spam score %s in %s seconds",
  458. contact,
  459. alias,
  460. spam_score,
  461. time.time() - start,
  462. )
  463. email_log.spam_score = spam_score
  464. db.session.commit()
  465. if (user.max_spam_score and spam_score > user.max_spam_score) or (
  466. not user.max_spam_score and spam_score > MAX_SPAM_SCORE
  467. ):
  468. is_spam = True
  469. spam_status = "Spam detected by SpamAssassin server"
  470. else:
  471. is_spam, spam_status = get_spam_info(msg, max_score=user.max_spam_score)
  472. if is_spam:
  473. LOG.warning("Email detected as spam. Alias: %s, from: %s", alias, contact)
  474. email_log.is_spam = True
  475. email_log.spam_status = spam_status
  476. db.session.commit()
  477. handle_spam(contact, alias, msg, user, mailbox, email_log)
  478. return False, "550 SL E1 Email detected as spam"
  479. # create PGP email if needed
  480. if mailbox.pgp_finger_print and user.is_premium() and not alias.disable_pgp:
  481. LOG.d("Encrypt message using mailbox %s", mailbox)
  482. try:
  483. msg = prepare_pgp_message(msg, mailbox.pgp_finger_print)
  484. except PGPException:
  485. LOG.exception(
  486. "Cannot encrypt message %s -> %s. %s %s", contact, alias, mailbox, user
  487. )
  488. # so the client can retry later
  489. return False, "421 SL E12 Retry later"
  490. # add custom header
  491. add_or_replace_header(msg, _DIRECTION, "Forward")
  492. # remove reply-to & sender header if present
  493. delete_header(msg, "Reply-To")
  494. delete_header(msg, "Sender")
  495. delete_header(msg, _IP_HEADER)
  496. add_or_replace_header(msg, _MAILBOX_ID_HEADER, str(mailbox.id))
  497. add_or_replace_header(msg, _EMAIL_LOG_ID_HEADER, str(email_log.id))
  498. add_or_replace_header(msg, _MESSAGE_ID, make_msgid(str(email_log.id), EMAIL_DOMAIN))
  499. # change the from header so the sender comes from @SL
  500. # so it can pass DMARC check
  501. # replace the email part in from: header
  502. contact_from_header = msg["From"]
  503. new_from_header = contact.new_addr()
  504. add_or_replace_header(msg, "From", new_from_header)
  505. LOG.d("new_from_header:%s, old header %s", new_from_header, contact_from_header)
  506. # replace CC & To emails by reply-email for all emails that are not alias
  507. replace_header_when_forward(msg, alias, "Cc")
  508. replace_header_when_forward(msg, alias, "To")
  509. # append alias into the TO header if it's not present in To or CC
  510. if should_append_alias(msg, alias.email):
  511. LOG.d("append alias %s to TO header %s", alias, msg["To"])
  512. if msg["To"]:
  513. to_header = msg["To"] + "," + alias.email
  514. else:
  515. to_header = alias.email
  516. add_or_replace_header(msg, "To", to_header.strip())
  517. # add List-Unsubscribe header
  518. if UNSUBSCRIBER:
  519. unsubscribe_link = f"mailto:{UNSUBSCRIBER}?subject={alias.id}="
  520. add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
  521. else:
  522. unsubscribe_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  523. add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
  524. add_or_replace_header(
  525. msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
  526. )
  527. add_dkim_signature(msg, EMAIL_DOMAIN)
  528. LOG.d(
  529. "Forward mail from %s to %s, mail_options %s, rcpt_options %s ",
  530. contact.website_email,
  531. mailbox.email,
  532. envelope.mail_options,
  533. envelope.rcpt_options,
  534. )
  535. # smtp.send_message has UnicodeEncodeErroremail issue
  536. # encode message raw directly instead
  537. try:
  538. smtp.sendmail(
  539. contact.reply_email,
  540. mailbox.email,
  541. msg.as_bytes(),
  542. envelope.mail_options,
  543. envelope.rcpt_options,
  544. )
  545. except SMTPRecipientsRefused:
  546. # that means the mailbox is maybe invalid
  547. LOG.warning(
  548. "SMTPRecipientsRefused forward phase %s -> %s -> %s",
  549. contact,
  550. alias,
  551. mailbox,
  552. )
  553. # return 421 so Postfix can retry later
  554. return False, "421 SL E17 Retry later"
  555. else:
  556. db.session.commit()
  557. return True, "250 Message accepted for delivery"
  558. async def handle_reply(envelope, smtp: SMTP, msg: Message, rcpt_to: str) -> (bool, str):
  559. """
  560. return whether an email has been delivered and
  561. the smtp status ("250 Message accepted", "550 Non-existent email address", etc)
  562. """
  563. reply_email = rcpt_to.lower().strip()
  564. # reply_email must end with EMAIL_DOMAIN
  565. if not reply_email.endswith(EMAIL_DOMAIN):
  566. LOG.warning(f"Reply email {reply_email} has wrong domain")
  567. return False, "550 SL E2"
  568. contact = Contact.get_by(reply_email=reply_email)
  569. if not contact:
  570. LOG.warning(f"No such forward-email with {reply_email} as reply-email")
  571. return False, "550 SL E4 Email not exist"
  572. alias = contact.alias
  573. address: str = contact.alias.email
  574. alias_domain = address[address.find("@") + 1 :]
  575. # alias must end with one of the ALIAS_DOMAINS or custom-domain
  576. if not email_belongs_to_alias_domains(alias.email):
  577. if not CustomDomain.get_by(domain=alias_domain):
  578. return False, "550 SL E5"
  579. user = alias.user
  580. mail_from = envelope.mail_from.lower().strip()
  581. # bounce email initiated by Postfix
  582. # can happen in case emails cannot be delivered to user-email
  583. # in this case Postfix will try to send a bounce report to original sender, which is
  584. # the "reply email"
  585. if mail_from == "<>":
  586. LOG.warning(
  587. "Bounce when sending to alias %s from %s, user %s",
  588. alias,
  589. contact,
  590. user,
  591. )
  592. handle_bounce(contact, alias, msg, user)
  593. return False, "550 SL E6"
  594. mailbox = Mailbox.get_by(email=mail_from, user_id=user.id)
  595. if not mailbox or mailbox not in alias.mailboxes:
  596. if alias.disable_email_spoofing_check:
  597. # ignore this error, use default alias mailbox
  598. LOG.warning(
  599. "ignore unknown sender to reverse-alias %s: %s -> %s",
  600. mail_from,
  601. alias,
  602. contact,
  603. )
  604. mailbox = alias.mailbox
  605. else:
  606. # only mailbox can send email to the reply-email
  607. handle_unknown_mailbox(envelope, msg, reply_email, user, alias)
  608. return False, "550 SL E7"
  609. if ENFORCE_SPF and mailbox.force_spf and not alias.disable_email_spoofing_check:
  610. ip = msg[_IP_HEADER]
  611. if not spf_pass(ip, envelope, mailbox, user, alias, contact.website_email, msg):
  612. # cannot use 4** here as sender will retry. 5** because that generates bounce report
  613. return True, "250 SL E11"
  614. email_log = EmailLog.create(
  615. contact_id=contact.id, is_reply=True, user_id=contact.user_id
  616. )
  617. # Spam check
  618. spam_status = ""
  619. is_spam = False
  620. # do not use user.max_spam_score here
  621. if SPAMASSASSIN_HOST:
  622. start = time.time()
  623. spam_score = await get_spam_score(msg)
  624. LOG.d(
  625. "%s -> %s - spam score %s in %s seconds",
  626. alias,
  627. contact,
  628. spam_score,
  629. time.time() - start,
  630. )
  631. email_log.spam_score = spam_score
  632. if spam_score > MAX_REPLY_PHASE_SPAM_SCORE:
  633. is_spam = True
  634. spam_status = "Spam detected by SpamAssassin server"
  635. else:
  636. is_spam, spam_status = get_spam_info(msg, max_score=MAX_REPLY_PHASE_SPAM_SCORE)
  637. if is_spam:
  638. LOG.exception(
  639. "Reply phase - email sent from %s to %s detected as spam", alias, contact
  640. )
  641. email_log.is_spam = True
  642. email_log.spam_status = spam_status
  643. db.session.commit()
  644. handle_spam(contact, alias, msg, user, mailbox, email_log, is_reply=True)
  645. return False, "550 SL E15 Email detected as spam"
  646. delete_header(msg, _IP_HEADER)
  647. delete_header(msg, "DKIM-Signature")
  648. delete_header(msg, "Received")
  649. # make the email comes from alias
  650. from_header = alias.email
  651. # add alias name from alias
  652. if alias.name:
  653. LOG.d("Put alias name in from header")
  654. from_header = formataddr((alias.name, alias.email))
  655. elif alias.custom_domain:
  656. LOG.d("Put domain default alias name in from header")
  657. # add alias name from domain
  658. if alias.custom_domain.name:
  659. from_header = formataddr((alias.custom_domain.name, alias.email))
  660. add_or_replace_header(msg, "From", from_header)
  661. # some email providers like ProtonMail adds automatically the Reply-To field
  662. # make sure to delete it
  663. delete_header(msg, "Reply-To")
  664. # remove sender header if present as this could reveal user real email
  665. delete_header(msg, "Sender")
  666. delete_header(msg, "X-Sender")
  667. replace_header_when_reply(msg, alias, "To")
  668. replace_header_when_reply(msg, alias, "Cc")
  669. add_or_replace_header(
  670. msg,
  671. _MESSAGE_ID,
  672. make_msgid(str(email_log.id), get_email_domain_part(alias.email)),
  673. )
  674. add_or_replace_header(msg, _EMAIL_LOG_ID_HEADER, str(email_log.id))
  675. add_or_replace_header(msg, _DIRECTION, "Reply")
  676. # Received-SPF is injected by postfix-policyd-spf-python can reveal user original email
  677. delete_header(msg, "Received-SPF")
  678. LOG.d(
  679. "send email from %s to %s, mail_options:%s,rcpt_options:%s",
  680. alias.email,
  681. contact.website_email,
  682. envelope.mail_options,
  683. envelope.rcpt_options,
  684. )
  685. # replace "ra+string@simplelogin.co" by the contact email in the email body
  686. # as this is usually included when replying
  687. if user.replace_reverse_alias:
  688. if msg.is_multipart():
  689. for part in msg.walk():
  690. if part.get_content_maintype() != "text":
  691. continue
  692. part = replace_str_in_msg(part, reply_email, contact.website_email)
  693. else:
  694. msg = replace_str_in_msg(msg, reply_email, contact.website_email)
  695. if alias_domain in ALIAS_DOMAINS:
  696. add_dkim_signature(msg, alias_domain)
  697. # add DKIM-Signature for custom-domain alias
  698. else:
  699. custom_domain: CustomDomain = CustomDomain.get_by(domain=alias_domain)
  700. if custom_domain.dkim_verified:
  701. add_dkim_signature(msg, alias_domain)
  702. # create PGP email if needed
  703. if contact.pgp_finger_print and user.is_premium():
  704. LOG.d("Encrypt message for contact %s", contact)
  705. try:
  706. msg = prepare_pgp_message(msg, contact.pgp_finger_print)
  707. except PGPException:
  708. LOG.exception(
  709. "Cannot encrypt message %s -> %s. %s %s", alias, contact, mailbox, user
  710. )
  711. # to not save the email_log
  712. db.session.rollback()
  713. # return 421 so the client can retry later
  714. return False, "421 SL E13 Retry later"
  715. try:
  716. smtp.sendmail(
  717. alias.email,
  718. contact.website_email,
  719. msg.as_bytes(),
  720. envelope.mail_options,
  721. envelope.rcpt_options,
  722. )
  723. except Exception:
  724. # to not save the email_log
  725. db.session.rollback()
  726. LOG.warning("Cannot send email from %s to %s", alias, contact)
  727. send_email(
  728. mailbox.email,
  729. f"Email cannot be sent to {contact.email} from {alias.email}",
  730. render(
  731. "transactional/reply-error.txt",
  732. user=user,
  733. alias=alias,
  734. contact=contact,
  735. contact_domain=get_email_domain_part(contact.email),
  736. ),
  737. render(
  738. "transactional/reply-error.html",
  739. user=user,
  740. alias=alias,
  741. contact=contact,
  742. contact_domain=get_email_domain_part(contact.email),
  743. ),
  744. )
  745. # return 250 even if error as user is already informed of the incident and can retry sending the email
  746. db.session.commit()
  747. return True, "250 Message accepted for delivery"
  748. def spf_pass(
  749. ip: str,
  750. envelope,
  751. mailbox: Mailbox,
  752. user: User,
  753. alias: Alias,
  754. contact_email: str,
  755. msg: Message,
  756. ) -> bool:
  757. if ip:
  758. LOG.d("Enforce SPF")
  759. try:
  760. r = spf.check2(i=ip, s=envelope.mail_from.lower(), h=None)
  761. except Exception:
  762. LOG.exception("SPF error, mailbox %s, ip %s", mailbox.email, ip)
  763. else:
  764. # TODO: Handle temperr case (e.g. dns timeout)
  765. # only an absolute pass, or no SPF policy at all is 'valid'
  766. if r[0] not in ["pass", "none"]:
  767. LOG.warning(
  768. "SPF fail for mailbox %s, reason %s, failed IP %s",
  769. mailbox.email,
  770. r[0],
  771. ip,
  772. )
  773. send_email_with_rate_control(
  774. user,
  775. ALERT_SPF,
  776. mailbox.email,
  777. f"SimpleLogin Alert: attempt to send emails from your alias {alias.email} from unknown IP Address",
  778. render(
  779. "transactional/spf-fail.txt",
  780. name=user.name,
  781. alias=alias.email,
  782. ip=ip,
  783. mailbox_url=URL + f"/dashboard/mailbox/{mailbox.id}#spf",
  784. to_email=contact_email,
  785. subject=msg["Subject"],
  786. time=arrow.now(),
  787. ),
  788. render(
  789. "transactional/spf-fail.html",
  790. name=user.name,
  791. alias=alias.email,
  792. ip=ip,
  793. mailbox_url=URL + f"/dashboard/mailbox/{mailbox.id}#spf",
  794. to_email=contact_email,
  795. subject=msg["Subject"],
  796. time=arrow.now(),
  797. ),
  798. )
  799. return False
  800. else:
  801. LOG.warning(
  802. "Could not find %s header %s -> %s",
  803. _IP_HEADER,
  804. mailbox.email,
  805. contact_email,
  806. )
  807. return True
  808. def handle_unknown_mailbox(envelope, msg, reply_email: str, user: User, alias: Alias):
  809. LOG.warning(
  810. f"Reply email can only be used by mailbox. "
  811. f"Actual mail_from: %s. msg from header: %s, reverse-alias %s, %s %s",
  812. envelope.mail_from,
  813. msg["From"],
  814. reply_email,
  815. alias,
  816. user,
  817. )
  818. send_email_with_rate_control(
  819. user,
  820. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  821. user.email,
  822. f"Attempt to use your alias {alias.email} from {envelope.mail_from}",
  823. render(
  824. "transactional/reply-must-use-personal-email.txt",
  825. name=user.name,
  826. alias=alias,
  827. sender=envelope.mail_from,
  828. ),
  829. render(
  830. "transactional/reply-must-use-personal-email.html",
  831. name=user.name,
  832. alias=alias,
  833. sender=envelope.mail_from,
  834. ),
  835. )
  836. # Notify sender that they cannot send emails to this address
  837. send_email_with_rate_control(
  838. user,
  839. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  840. envelope.mail_from,
  841. f"Your email ({envelope.mail_from}) is not allowed to send emails to {reply_email}",
  842. render(
  843. "transactional/send-from-alias-from-unknown-sender.txt",
  844. sender=envelope.mail_from,
  845. reply_email=reply_email,
  846. ),
  847. render(
  848. "transactional/send-from-alias-from-unknown-sender.html",
  849. sender=envelope.mail_from,
  850. reply_email=reply_email,
  851. ),
  852. )
  853. def handle_bounce(contact: Contact, alias: Alias, msg: Message, user: User):
  854. disable_alias_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  855. # Store the bounced email
  856. # generate a name for the email
  857. random_name = str(uuid.uuid4())
  858. full_report_path = f"refused-emails/full-{random_name}.eml"
  859. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  860. file_path = None
  861. mailbox = None
  862. email_log: EmailLog = None
  863. orig_msg = get_orig_message_from_bounce(msg)
  864. if not orig_msg:
  865. # Some MTA does not return the original message in bounce message
  866. # nothing we can do here
  867. LOG.warning(
  868. "Cannot parse original message from bounce message %s %s %s %s",
  869. alias,
  870. user,
  871. contact,
  872. full_report_path,
  873. )
  874. else:
  875. file_path = f"refused-emails/{random_name}.eml"
  876. s3.upload_email_from_bytesio(
  877. file_path, BytesIO(orig_msg.as_bytes()), random_name
  878. )
  879. try:
  880. mailbox_id = int(orig_msg[_MAILBOX_ID_HEADER])
  881. except TypeError:
  882. LOG.exception(
  883. "cannot parse mailbox from original message header %s",
  884. orig_msg[_MAILBOX_ID_HEADER],
  885. )
  886. else:
  887. mailbox = Mailbox.get(mailbox_id)
  888. if not mailbox or mailbox.user_id != user.id:
  889. LOG.exception(
  890. "Tampered message mailbox_id %s, %s, %s, %s %s",
  891. mailbox_id,
  892. user,
  893. alias,
  894. contact,
  895. full_report_path,
  896. )
  897. # cannot use this tampered mailbox, reset it
  898. mailbox = None
  899. # try to get the original email_log
  900. try:
  901. email_log_id = int(orig_msg[_EMAIL_LOG_ID_HEADER])
  902. except TypeError:
  903. LOG.exception(
  904. "cannot parse email log from original message header %s",
  905. orig_msg[_EMAIL_LOG_ID_HEADER],
  906. )
  907. else:
  908. email_log = EmailLog.get(email_log_id)
  909. refused_email = RefusedEmail.create(
  910. path=file_path, full_report_path=full_report_path, user_id=user.id
  911. )
  912. db.session.flush()
  913. LOG.d("Create refused email %s", refused_email)
  914. if not mailbox:
  915. LOG.debug("Try to get mailbox from bounce report")
  916. try:
  917. mailbox_id = int(get_header_from_bounce(msg, _MAILBOX_ID_HEADER))
  918. except Exception:
  919. LOG.exception("cannot get mailbox-id from bounce report, %s", refused_email)
  920. else:
  921. mailbox = Mailbox.get(mailbox_id)
  922. if not mailbox or mailbox.user_id != user.id:
  923. LOG.exception(
  924. "Tampered message mailbox_id %s, %s, %s, %s %s",
  925. mailbox_id,
  926. user,
  927. alias,
  928. contact,
  929. full_report_path,
  930. )
  931. mailbox = None
  932. if not email_log:
  933. LOG.d("Try to get email log from bounce report")
  934. try:
  935. email_log_id = int(get_header_from_bounce(msg, _EMAIL_LOG_ID_HEADER))
  936. except Exception:
  937. LOG.warning("cannot get email log id from bounce report, %s", refused_email)
  938. else:
  939. email_log = EmailLog.get(email_log_id)
  940. # use the default mailbox as the last option
  941. if not mailbox:
  942. LOG.warning("Use %s default mailbox %s", alias, refused_email)
  943. mailbox = alias.mailbox
  944. # create a new email log as the last option
  945. if not email_log:
  946. LOG.warning("cannot get the original email_log, create a new one")
  947. email_log: EmailLog = EmailLog.create(
  948. contact_id=contact.id, user_id=contact.user_id
  949. )
  950. email_log.bounced = True
  951. email_log.refused_email_id = refused_email.id
  952. email_log.bounced_mailbox_id = mailbox.id
  953. db.session.commit()
  954. refused_email_url = (
  955. URL + f"/dashboard/refused_email?highlight_id=" + str(email_log.id)
  956. )
  957. nb_bounced = EmailLog.filter_by(contact_id=contact.id, bounced=True).count()
  958. if nb_bounced >= 2 and alias.cannot_be_disabled:
  959. LOG.warning("%s cannot be disabled", alias)
  960. # inform user if this is the first bounced email
  961. if nb_bounced == 1 or (nb_bounced >= 2 and alias.cannot_be_disabled):
  962. LOG.d(
  963. "Inform user %s about bounced email sent by %s to alias %s",
  964. user,
  965. contact.website_email,
  966. alias,
  967. )
  968. send_email_with_rate_control(
  969. user,
  970. ALERT_BOUNCE_EMAIL,
  971. user.email,
  972. f"Email from {contact.website_email} to {alias.email} cannot be delivered to your inbox",
  973. render(
  974. "transactional/bounced-email.txt",
  975. name=user.name,
  976. alias=alias,
  977. website_email=contact.website_email,
  978. disable_alias_link=disable_alias_link,
  979. refused_email_url=refused_email_url,
  980. mailbox_email=mailbox.email,
  981. ),
  982. render(
  983. "transactional/bounced-email.html",
  984. name=user.name,
  985. alias=alias,
  986. website_email=contact.website_email,
  987. disable_alias_link=disable_alias_link,
  988. refused_email_url=refused_email_url,
  989. mailbox_email=mailbox.email,
  990. ),
  991. )
  992. # disable the alias the second time email is bounced
  993. elif nb_bounced >= 2:
  994. LOG.d(
  995. "Bounce happens again with alias %s from %s. Disable alias now ",
  996. alias,
  997. contact.website_email,
  998. )
  999. alias.enabled = False
  1000. db.session.commit()
  1001. send_email_with_rate_control(
  1002. user,
  1003. ALERT_BOUNCE_EMAIL,
  1004. user.email,
  1005. f"Alias {alias.email} has been disabled due to second undelivered email from {contact.website_email}",
  1006. render(
  1007. "transactional/automatic-disable-alias.txt",
  1008. name=user.name,
  1009. alias=alias,
  1010. website_email=contact.website_email,
  1011. refused_email_url=refused_email_url,
  1012. mailbox_email=mailbox.email,
  1013. ),
  1014. render(
  1015. "transactional/automatic-disable-alias.html",
  1016. name=user.name,
  1017. alias=alias,
  1018. website_email=contact.website_email,
  1019. refused_email_url=refused_email_url,
  1020. mailbox_email=mailbox.email,
  1021. ),
  1022. )
  1023. def handle_spam(
  1024. contact: Contact,
  1025. alias: Alias,
  1026. msg: Message,
  1027. user: User,
  1028. mailbox: Mailbox,
  1029. email_log: EmailLog,
  1030. is_reply=False, # whether the email is in forward or reply phase
  1031. ):
  1032. # Store the report & original email
  1033. orig_msg = get_orig_message_from_spamassassin_report(msg)
  1034. # generate a name for the email
  1035. random_name = str(uuid.uuid4())
  1036. full_report_path = f"spams/full-{random_name}.eml"
  1037. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  1038. file_path = None
  1039. if orig_msg:
  1040. file_path = f"spams/{random_name}.eml"
  1041. s3.upload_email_from_bytesio(
  1042. file_path, BytesIO(orig_msg.as_bytes()), random_name
  1043. )
  1044. refused_email = RefusedEmail.create(
  1045. path=file_path, full_report_path=full_report_path, user_id=user.id
  1046. )
  1047. db.session.flush()
  1048. email_log.refused_email_id = refused_email.id
  1049. db.session.commit()
  1050. LOG.d("Create spam email %s", refused_email)
  1051. refused_email_url = (
  1052. URL + f"/dashboard/refused_email?highlight_id=" + str(email_log.id)
  1053. )
  1054. disable_alias_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  1055. if is_reply:
  1056. LOG.d(
  1057. "Inform %s (%s) about spam email sent from alias %s to %s",
  1058. mailbox,
  1059. user,
  1060. alias,
  1061. contact,
  1062. )
  1063. send_email_with_rate_control(
  1064. user,
  1065. ALERT_SPAM_EMAIL,
  1066. mailbox.email,
  1067. f"Email from {contact.website_email} to {alias.email} is detected as spam",
  1068. render(
  1069. "transactional/spam-email-reply-phase.txt",
  1070. name=user.name,
  1071. alias=alias,
  1072. website_email=contact.website_email,
  1073. disable_alias_link=disable_alias_link,
  1074. refused_email_url=refused_email_url,
  1075. ),
  1076. render(
  1077. "transactional/spam-email-reply-phase.html",
  1078. name=user.name,
  1079. alias=alias,
  1080. website_email=contact.website_email,
  1081. disable_alias_link=disable_alias_link,
  1082. refused_email_url=refused_email_url,
  1083. ),
  1084. )
  1085. else:
  1086. # inform user
  1087. LOG.d(
  1088. "Inform %s (%s) about spam email sent by %s to alias %s",
  1089. mailbox,
  1090. user,
  1091. contact,
  1092. alias,
  1093. )
  1094. send_email_with_rate_control(
  1095. user,
  1096. ALERT_SPAM_EMAIL,
  1097. mailbox.email,
  1098. f"Email from {contact.website_email} to {alias.email} is detected as spam",
  1099. render(
  1100. "transactional/spam-email.txt",
  1101. name=user.name,
  1102. alias=alias,
  1103. website_email=contact.website_email,
  1104. disable_alias_link=disable_alias_link,
  1105. refused_email_url=refused_email_url,
  1106. ),
  1107. render(
  1108. "transactional/spam-email.html",
  1109. name=user.name,
  1110. alias=alias,
  1111. website_email=contact.website_email,
  1112. disable_alias_link=disable_alias_link,
  1113. refused_email_url=refused_email_url,
  1114. ),
  1115. )
  1116. def handle_unsubscribe(envelope: Envelope):
  1117. msg = email.message_from_bytes(envelope.original_content)
  1118. # format: alias_id:
  1119. subject = msg["Subject"]
  1120. try:
  1121. # subject has the format {alias.id}=
  1122. if subject.endswith("="):
  1123. alias_id = int(subject[:-1])
  1124. # some email providers might strip off the = suffix
  1125. else:
  1126. alias_id = int(subject)
  1127. alias = Alias.get(alias_id)
  1128. except Exception:
  1129. LOG.warning("Cannot parse alias from subject %s", msg["Subject"])
  1130. return "550 SL E8 Wrongly formatted subject"
  1131. if not alias:
  1132. LOG.warning("No such alias %s", alias_id)
  1133. return "550 SL E9 Email not exist"
  1134. # This sender cannot unsubscribe
  1135. mail_from = envelope.mail_from.lower().strip()
  1136. mailbox = Mailbox.get_by(user_id=alias.user_id, email=mail_from)
  1137. if not mailbox or mailbox not in alias.mailboxes:
  1138. LOG.d("%s cannot disable alias %s", envelope.mail_from, alias)
  1139. return "550 SL E10 unauthorized"
  1140. # Sender is owner of this alias
  1141. alias.enabled = False
  1142. db.session.commit()
  1143. user = alias.user
  1144. enable_alias_url = URL + f"/dashboard/?highlight_alias_id={alias.id}"
  1145. for mailbox in alias.mailboxes:
  1146. send_email(
  1147. mailbox.email,
  1148. f"Alias {alias.email} has been disabled successfully",
  1149. render(
  1150. "transactional/unsubscribe-disable-alias.txt",
  1151. user=user,
  1152. alias=alias.email,
  1153. enable_alias_url=enable_alias_url,
  1154. ),
  1155. render(
  1156. "transactional/unsubscribe-disable-alias.html",
  1157. user=user,
  1158. alias=alias.email,
  1159. enable_alias_url=enable_alias_url,
  1160. ),
  1161. )
  1162. return "250 Unsubscribe request accepted"
  1163. def handle_sender_email(envelope: Envelope):
  1164. filename = (
  1165. arrow.now().format("YYYY-MM-DD_HH-mm-ss") + "_" + random_string(10) + ".eml"
  1166. )
  1167. filepath = os.path.join(SENDER_DIR, filename)
  1168. with open(filepath, "wb") as f:
  1169. f.write(envelope.original_content)
  1170. LOG.d("Write email to sender at %s", filepath)
  1171. msg = email.message_from_bytes(envelope.original_content)
  1172. orig = get_orig_message_from_bounce(msg)
  1173. if orig:
  1174. LOG.warning(
  1175. "Original message %s -> %s saved at %s", orig["From"], orig["To"], filepath
  1176. )
  1177. return "250 email to sender accepted"
  1178. async def handle(envelope: Envelope, smtp: SMTP) -> str:
  1179. """Return SMTP status"""
  1180. # unsubscribe request
  1181. if UNSUBSCRIBER and envelope.rcpt_tos == [UNSUBSCRIBER]:
  1182. LOG.d("Handle unsubscribe request from %s", envelope.mail_from)
  1183. return handle_unsubscribe(envelope)
  1184. # emails sent to sender. Probably bounce emails
  1185. if SENDER and envelope.rcpt_tos == [SENDER]:
  1186. LOG.d("Handle email sent to sender from %s", envelope.mail_from)
  1187. return handle_sender_email(envelope)
  1188. # Whether it's necessary to apply greylisting
  1189. if greylisting_needed(envelope.mail_from, envelope.rcpt_tos):
  1190. LOG.warning(
  1191. "Grey listing applied for %s %s", envelope.mail_from, envelope.rcpt_tos
  1192. )
  1193. return "421 SL Retry later"
  1194. # result of all deliveries
  1195. # each element is a couple of whether the delivery is successful and the smtp status
  1196. res: [(bool, str)] = []
  1197. for rcpt_to in envelope.rcpt_tos:
  1198. msg = email.message_from_bytes(envelope.original_content)
  1199. # Reply case
  1200. # recipient starts with "reply+" or "ra+" (ra=reverse-alias) prefix
  1201. if rcpt_to.startswith("reply+") or rcpt_to.startswith("ra+"):
  1202. LOG.debug(
  1203. ">>> Reply phase %s(%s) -> %s", envelope.mail_from, msg["From"], rcpt_to
  1204. )
  1205. is_delivered, smtp_status = await handle_reply(envelope, smtp, msg, rcpt_to)
  1206. res.append((is_delivered, smtp_status))
  1207. else: # Forward case
  1208. LOG.debug(
  1209. ">>> Forward phase %s(%s) -> %s",
  1210. envelope.mail_from,
  1211. msg["From"],
  1212. rcpt_to,
  1213. )
  1214. for is_delivered, smtp_status in await handle_forward(
  1215. envelope, smtp, msg, rcpt_to
  1216. ):
  1217. res.append((is_delivered, smtp_status))
  1218. for (is_success, smtp_status) in res:
  1219. # Consider all deliveries successful if 1 delivery is successful
  1220. if is_success:
  1221. return smtp_status
  1222. # Failed delivery for all, return the first failure
  1223. return res[0][1]
  1224. async def get_spam_score(message: Message) -> float:
  1225. sa_input = to_bytes(message)
  1226. # Spamassassin requires to have an ending linebreak
  1227. if not sa_input.endswith(b"\n"):
  1228. LOG.d("add linebreak to spamassassin input")
  1229. sa_input += b"\n"
  1230. try:
  1231. # wait for at max 300s which is the default spamd timeout-child
  1232. response = await asyncio.wait_for(
  1233. aiospamc.check(sa_input, host=SPAMASSASSIN_HOST), timeout=300
  1234. )
  1235. return response.headers["Spam"].score
  1236. except asyncio.TimeoutError:
  1237. LOG.exception("SpamAssassin timeout")
  1238. # return a negative score so the message is always considered as ham
  1239. return -999
  1240. except Exception:
  1241. LOG.exception("SpamAssassin exception")
  1242. return -999
  1243. class MailHandler:
  1244. def __init__(self, lock):
  1245. self.lock = lock
  1246. async def handle_DATA(self, server, session, envelope: Envelope):
  1247. try:
  1248. ret = await self._handle(envelope)
  1249. return ret
  1250. except Exception:
  1251. LOG.exception(
  1252. "email handling fail %s -> %s",
  1253. envelope.mail_from,
  1254. envelope.rcpt_tos,
  1255. )
  1256. return "421 SL Retry later"
  1257. async def _handle(self, envelope: Envelope):
  1258. async with self.lock:
  1259. start = time.time()
  1260. LOG.info(
  1261. "===>> New message, mail from %s, rctp tos %s ",
  1262. envelope.mail_from,
  1263. envelope.rcpt_tos,
  1264. )
  1265. if POSTFIX_SUBMISSION_TLS:
  1266. smtp = SMTP(POSTFIX_SERVER, 587)
  1267. smtp.starttls()
  1268. else:
  1269. smtp = SMTP(POSTFIX_SERVER, POSTFIX_PORT or 25)
  1270. app = new_app()
  1271. with app.app_context():
  1272. ret = await handle(envelope, smtp)
  1273. LOG.info("takes %s seconds <<===", time.time() - start)
  1274. return ret
  1275. if __name__ == "__main__":
  1276. if LOAD_PGP_EMAIL_HANDLER:
  1277. LOG.warning("LOAD PGP keys")
  1278. app = create_app()
  1279. with app.app_context():
  1280. load_pgp_public_keys()
  1281. loop = asyncio.new_event_loop()
  1282. asyncio.set_event_loop(loop)
  1283. lock = asyncio.Lock()
  1284. handler = MailHandler(lock)
  1285. def factory():
  1286. return aiosmtpd.smtp.SMTP(handler, enable_SMTPUTF8=True)
  1287. server = loop.run_until_complete(
  1288. loop.create_server(factory, host="0.0.0.0", port=20381)
  1289. )
  1290. try:
  1291. loop.run_forever()
  1292. except KeyboardInterrupt:
  1293. pass
  1294. # Close the server
  1295. LOG.info("Close SMTP server")
  1296. server.close()
  1297. loop.run_until_complete(server.wait_closed())
  1298. loop.close()