email_handler.py 48 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516
  1. """
  2. Handle the email *forward* and *reply*. phase. There are 3 actors:
  3. - contact: who sends emails to alias@sl.co address
  4. - SL email handler (this script)
  5. - user personal email: to be protected. Should never leak to contact.
  6. This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following
  7. envelope and header fields:
  8. Envelope:
  9. mail from: @contact
  10. rcpt to: @personal_email
  11. Header:
  12. From: @contact
  13. To: alias@sl.co # so user knows this email is sent to alias
  14. Reply-to: special@sl.co # magic HERE
  15. And in the reply phase:
  16. Envelope:
  17. mail from: @contact
  18. rcpt to: @contact
  19. Header:
  20. From: alias@sl.co # so for contact the email comes from alias. magic HERE
  21. To: @contact
  22. The special@sl.co allows to hide user personal email when user clicks "Reply" to the forwarded email.
  23. It should contain the following info:
  24. - alias
  25. - @contact
  26. """
  27. import argparse
  28. import asyncio
  29. import email
  30. import os
  31. import time
  32. import uuid
  33. from email import encoders
  34. from email.message import Message
  35. from email.mime.application import MIMEApplication
  36. from email.mime.multipart import MIMEMultipart
  37. from email.utils import parseaddr, formataddr, make_msgid
  38. from io import BytesIO
  39. from smtplib import SMTP, SMTPRecipientsRefused
  40. from typing import List, Tuple
  41. import aiosmtpd
  42. import aiospamc
  43. import arrow
  44. import spf
  45. from aiosmtpd.smtp import Envelope
  46. from app import pgp_utils, s3
  47. from app.alias_utils import try_auto_create
  48. from app.config import (
  49. EMAIL_DOMAIN,
  50. POSTFIX_SERVER,
  51. URL,
  52. ALIAS_DOMAINS,
  53. POSTFIX_SUBMISSION_TLS,
  54. UNSUBSCRIBER,
  55. LOAD_PGP_EMAIL_HANDLER,
  56. ENFORCE_SPF,
  57. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  58. ALERT_BOUNCE_EMAIL,
  59. ALERT_SPAM_EMAIL,
  60. ALERT_SPF,
  61. POSTFIX_PORT,
  62. SENDER,
  63. SENDER_DIR,
  64. SPAMASSASSIN_HOST,
  65. MAX_SPAM_SCORE,
  66. MAX_REPLY_PHASE_SPAM_SCORE,
  67. ALERT_SEND_EMAIL_CYCLE,
  68. ALERT_MAILBOX_IS_ALIAS,
  69. )
  70. from app.email_utils import (
  71. send_email,
  72. add_dkim_signature,
  73. add_or_replace_header,
  74. delete_header,
  75. email_belongs_to_alias_domains,
  76. render,
  77. get_orig_message_from_bounce,
  78. delete_all_headers_except,
  79. get_addrs_from_header,
  80. get_spam_info,
  81. get_orig_message_from_spamassassin_report,
  82. parseaddr_unicode,
  83. send_email_with_rate_control,
  84. get_email_domain_part,
  85. copy,
  86. to_bytes,
  87. get_header_from_bounce,
  88. send_email_at_most_times,
  89. )
  90. from app.extensions import db
  91. from app.greylisting import greylisting_needed
  92. from app.log import LOG
  93. from app.models import (
  94. Alias,
  95. Contact,
  96. EmailLog,
  97. CustomDomain,
  98. User,
  99. RefusedEmail,
  100. Mailbox,
  101. )
  102. from app.pgp_utils import PGPException
  103. from app.utils import random_string
  104. from init_app import load_pgp_public_keys
  105. from server import create_app, create_light_app
  106. # forward or reply
  107. _DIRECTION = "X-SimpleLogin-Type"
  108. _IP_HEADER = "X-SimpleLogin-Client-IP"
  109. _MAILBOX_ID_HEADER = "X-SimpleLogin-Mailbox-ID"
  110. _EMAIL_LOG_ID_HEADER = "X-SimpleLogin-EmailLog-ID"
  111. _MESSAGE_ID = "Message-ID"
  112. # fix the database connection leak issue
  113. # use this method instead of create_app
  114. def new_app():
  115. app = create_light_app()
  116. @app.teardown_appcontext
  117. def shutdown_session(response_or_exc):
  118. # same as shutdown_session() in flask-sqlalchemy but this is not enough
  119. db.session.remove()
  120. # dispose the engine too
  121. db.engine.dispose()
  122. return app
  123. def get_or_create_contact(
  124. contact_from_header: str, mail_from: str, alias: Alias
  125. ) -> Contact:
  126. """
  127. contact_from_header is the RFC 2047 format FROM header
  128. """
  129. # contact_from_header can be None, use mail_from in this case instead
  130. contact_from_header = contact_from_header or mail_from
  131. # force convert header to string, sometimes contact_from_header is Header object
  132. contact_from_header = str(contact_from_header)
  133. contact_name, contact_email = parseaddr_unicode(contact_from_header)
  134. if not contact_email:
  135. # From header is wrongly formatted, try with mail_from
  136. LOG.warning("From header is empty, parse mail_from %s %s", mail_from, alias)
  137. contact_name, contact_email = parseaddr_unicode(mail_from)
  138. if not contact_email:
  139. LOG.exception(
  140. "Cannot parse contact from from_header:%s, mail_from:%s",
  141. contact_from_header,
  142. mail_from,
  143. )
  144. contact = Contact.get_by(alias_id=alias.id, website_email=contact_email)
  145. if contact:
  146. if contact.name != contact_name:
  147. LOG.d(
  148. "Update contact %s name %s to %s",
  149. contact,
  150. contact.name,
  151. contact_name,
  152. )
  153. contact.name = contact_name
  154. db.session.commit()
  155. else:
  156. LOG.debug(
  157. "create contact for alias %s and contact %s",
  158. alias,
  159. contact_from_header,
  160. )
  161. reply_email = generate_reply_email()
  162. contact = Contact.create(
  163. user_id=alias.user_id,
  164. alias_id=alias.id,
  165. website_email=contact_email,
  166. name=contact_name,
  167. reply_email=reply_email,
  168. )
  169. db.session.commit()
  170. return contact
  171. def replace_header_when_forward(msg: Message, alias: Alias, header: str):
  172. """
  173. Replace CC or To header by Reply emails in forward phase
  174. """
  175. addrs = get_addrs_from_header(msg, header)
  176. # Nothing to do
  177. if not addrs:
  178. return
  179. new_addrs: [str] = []
  180. for addr in addrs:
  181. contact_name, contact_email = parseaddr_unicode(addr)
  182. # no transformation when alias is already in the header
  183. if contact_email == alias.email:
  184. new_addrs.append(addr)
  185. continue
  186. contact = Contact.get_by(alias_id=alias.id, website_email=contact_email)
  187. if contact:
  188. # update the contact name if needed
  189. if contact.name != contact_name:
  190. LOG.d(
  191. "Update contact %s name %s to %s",
  192. contact,
  193. contact.name,
  194. contact_name,
  195. )
  196. contact.name = contact_name
  197. db.session.commit()
  198. else:
  199. LOG.debug(
  200. "create contact for alias %s and email %s, header %s",
  201. alias,
  202. contact_email,
  203. header,
  204. )
  205. reply_email = generate_reply_email()
  206. contact = Contact.create(
  207. user_id=alias.user_id,
  208. alias_id=alias.id,
  209. website_email=contact_email,
  210. name=contact_name,
  211. reply_email=reply_email,
  212. is_cc=header.lower() == "cc",
  213. )
  214. db.session.commit()
  215. new_addrs.append(contact.new_addr())
  216. if new_addrs:
  217. new_header = ",".join(new_addrs)
  218. LOG.d("Replace %s header, old: %s, new: %s", header, msg[header], new_header)
  219. add_or_replace_header(msg, header, new_header)
  220. else:
  221. LOG.d("Delete %s header, old value %s", header, msg[header])
  222. delete_header(msg, header)
  223. def replace_header_when_reply(msg: Message, alias: Alias, header: str):
  224. """
  225. Replace CC or To Reply emails by original emails
  226. """
  227. addrs = get_addrs_from_header(msg, header)
  228. # Nothing to do
  229. if not addrs:
  230. return
  231. new_addrs: [str] = []
  232. for addr in addrs:
  233. name, reply_email = parseaddr(addr)
  234. # no transformation when alias is already in the header
  235. if reply_email == alias.email:
  236. continue
  237. contact = Contact.get_by(reply_email=reply_email)
  238. if not contact:
  239. LOG.warning(
  240. "%s email in reply phase %s must be reply emails", header, reply_email
  241. )
  242. # still keep this email in header
  243. new_addrs.append(addr)
  244. else:
  245. new_addrs.append(formataddr((contact.name, contact.website_email)))
  246. if new_addrs:
  247. new_header = ",".join(new_addrs)
  248. LOG.d("Replace %s header, old: %s, new: %s", header, msg[header], new_header)
  249. add_or_replace_header(msg, header, new_header)
  250. else:
  251. LOG.d("delete the %s header. Old value %s", header, msg[header])
  252. delete_header(msg, header)
  253. def replace_str_in_msg(msg: Message, fr: str, to: str):
  254. if msg.get_content_maintype() != "text":
  255. return msg
  256. new_body = msg.get_payload(decode=True).replace(fr.encode(), to.encode())
  257. # If utf-8 decoding fails, do not touch message part
  258. try:
  259. new_body = new_body.decode("utf-8")
  260. except:
  261. return msg
  262. cte = (
  263. msg["Content-Transfer-Encoding"].lower()
  264. if msg["Content-Transfer-Encoding"]
  265. else None
  266. )
  267. subtype = msg.get_content_subtype()
  268. delete_header(msg, "Content-Transfer-Encoding")
  269. delete_header(msg, "Content-Type")
  270. email.contentmanager.set_text_content(msg, new_body, subtype=subtype, cte=cte)
  271. return msg
  272. def generate_reply_email():
  273. # generate a reply_email, make sure it is unique
  274. # not use while loop to avoid infinite loop
  275. reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
  276. for _ in range(1000):
  277. if not Contact.get_by(reply_email=reply_email):
  278. # found!
  279. break
  280. reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
  281. return reply_email
  282. def should_append_alias(msg: Message, address: str):
  283. """whether an alias should be appended to TO header in message"""
  284. # # force convert header to string, sometimes addrs is Header object
  285. if msg["To"] and address.lower() in str(msg["To"]).lower():
  286. return False
  287. if msg["Cc"] and address.lower() in str(msg["Cc"]).lower():
  288. return False
  289. return True
  290. _MIME_HEADERS = [
  291. "MIME-Version",
  292. "Content-Type",
  293. "Content-Disposition",
  294. "Content-Transfer-Encoding",
  295. ]
  296. _MIME_HEADERS = [h.lower() for h in _MIME_HEADERS]
  297. def prepare_pgp_message(orig_msg: Message, pgp_fingerprint: str):
  298. msg = MIMEMultipart("encrypted", protocol="application/pgp-encrypted")
  299. # copy all headers from original message except all standard MIME headers
  300. for i in reversed(range(len(orig_msg._headers))):
  301. header_name = orig_msg._headers[i][0].lower()
  302. if header_name.lower() not in _MIME_HEADERS:
  303. msg[header_name] = orig_msg._headers[i][1]
  304. # Delete unnecessary headers in orig_msg except to save space
  305. delete_all_headers_except(
  306. orig_msg,
  307. _MIME_HEADERS,
  308. )
  309. first = MIMEApplication(
  310. _subtype="pgp-encrypted", _encoder=encoders.encode_7or8bit, _data=""
  311. )
  312. first.set_payload("Version: 1")
  313. msg.attach(first)
  314. second = MIMEApplication("octet-stream", _encoder=encoders.encode_7or8bit)
  315. second.add_header("Content-Disposition", "inline")
  316. # encrypt original message
  317. encrypted_data = pgp_utils.encrypt_file(
  318. BytesIO(orig_msg.as_bytes()), pgp_fingerprint
  319. )
  320. second.set_payload(encrypted_data)
  321. msg.attach(second)
  322. return msg
  323. def handle_email_sent_to_ourself(alias, mailbox, msg: Message, user):
  324. # store the refused email
  325. random_name = str(uuid.uuid4())
  326. full_report_path = f"refused-emails/cycle-{random_name}.eml"
  327. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  328. refused_email = RefusedEmail.create(
  329. path=None, full_report_path=full_report_path, user_id=alias.user_id
  330. )
  331. db.session.commit()
  332. LOG.d("Create refused email %s", refused_email)
  333. # link available for 6 days as it gets deleted in 7 days
  334. refused_email_url = refused_email.get_url(expires_in=518400)
  335. send_email_at_most_times(
  336. user,
  337. ALERT_SEND_EMAIL_CYCLE,
  338. mailbox.email,
  339. f"Email sent to {alias.email} from its own mailbox {mailbox.email}",
  340. render(
  341. "transactional/cycle-email.txt",
  342. name=user.name or "",
  343. alias=alias,
  344. mailbox=mailbox,
  345. refused_email_url=refused_email_url,
  346. ),
  347. render(
  348. "transactional/cycle-email.html",
  349. name=user.name or "",
  350. alias=alias,
  351. mailbox=mailbox,
  352. refused_email_url=refused_email_url,
  353. ),
  354. )
  355. async def handle_forward(
  356. envelope, smtp: SMTP, msg: Message, rcpt_to: str
  357. ) -> List[Tuple[bool, str]]:
  358. """return an array of SMTP status (is_success, smtp_status)
  359. is_success indicates whether an email has been delivered and
  360. smtp_status is the SMTP Status ("250 Message accepted", "550 Non-existent email address", etc)
  361. """
  362. address = rcpt_to.lower().strip().replace(" ", "") # alias@SL
  363. alias = Alias.get_by(email=address)
  364. if not alias:
  365. LOG.d("alias %s not exist. Try to see if it can be created on the fly", address)
  366. alias = try_auto_create(address)
  367. if not alias:
  368. LOG.d("alias %s cannot be created on-the-fly, return 550", address)
  369. return [(False, "550 SL E3 Email not exist")]
  370. mail_from = envelope.mail_from.lower().strip()
  371. for mb in alias.mailboxes:
  372. # email send from a mailbox to alias
  373. if mb.email.lower().strip() == mail_from:
  374. LOG.warning("cycle email sent from %s to %s", mb, alias)
  375. handle_email_sent_to_ourself(alias, mb, msg, alias.user)
  376. return [(True, "250 Message accepted for delivery")]
  377. contact = get_or_create_contact(msg["From"], envelope.mail_from, alias)
  378. email_log = EmailLog.create(contact_id=contact.id, user_id=contact.user_id)
  379. db.session.commit()
  380. if not alias.enabled:
  381. LOG.d("%s is disabled, do not forward", alias)
  382. email_log.blocked = True
  383. db.session.commit()
  384. # do not return 5** to allow user to receive emails later when alias is enabled
  385. return [(True, "250 Message accepted for delivery")]
  386. user = alias.user
  387. ret = []
  388. mailboxes = alias.mailboxes
  389. # no valid mailbox
  390. if not mailboxes:
  391. return [(False, "550 SL E16 invalid mailbox")]
  392. # no need to create a copy of message
  393. if len(mailboxes) == 1:
  394. mailbox = mailboxes[0]
  395. ret.append(
  396. await forward_email_to_mailbox(
  397. alias, msg, email_log, contact, envelope, smtp, mailbox, user
  398. )
  399. )
  400. # create a copy of message for each forward
  401. else:
  402. for mailbox in mailboxes:
  403. ret.append(
  404. await forward_email_to_mailbox(
  405. alias, copy(msg), email_log, contact, envelope, smtp, mailbox, user
  406. )
  407. )
  408. return ret
  409. async def forward_email_to_mailbox(
  410. alias,
  411. msg: Message,
  412. email_log: EmailLog,
  413. contact: Contact,
  414. envelope,
  415. smtp: SMTP,
  416. mailbox,
  417. user,
  418. ) -> (bool, str):
  419. LOG.d("Forward %s -> %s -> %s", contact, alias, mailbox)
  420. # sanity check: make sure mailbox is not actually an alias
  421. if get_email_domain_part(alias.email) == get_email_domain_part(mailbox.email):
  422. LOG.warning(
  423. "Mailbox has the same domain as alias. %s -> %s -> %s",
  424. contact,
  425. alias,
  426. mailbox,
  427. )
  428. mailbox_url = f"{URL}/dashboard/mailbox/{mailbox.id}/"
  429. send_email_with_rate_control(
  430. user,
  431. ALERT_MAILBOX_IS_ALIAS,
  432. user.email,
  433. f"Your SimpleLogin mailbox {mailbox.email} cannot be an email alias",
  434. render(
  435. "transactional/mailbox-invalid.txt",
  436. name=user.name or "",
  437. mailbox=mailbox,
  438. mailbox_url=mailbox_url,
  439. ),
  440. render(
  441. "transactional/mailbox-invalid.html",
  442. name=user.name or "",
  443. mailbox=mailbox,
  444. mailbox_url=mailbox_url,
  445. ),
  446. max_nb_alert=1,
  447. )
  448. # retry later
  449. # so when user fixes the mailbox, the email can be delivered
  450. return False, "421 SL E14"
  451. # Spam check
  452. spam_status = ""
  453. is_spam = False
  454. if SPAMASSASSIN_HOST:
  455. start = time.time()
  456. spam_score = await get_spam_score(msg)
  457. LOG.d(
  458. "%s -> %s - spam score %s in %s seconds",
  459. contact,
  460. alias,
  461. spam_score,
  462. time.time() - start,
  463. )
  464. email_log.spam_score = spam_score
  465. db.session.commit()
  466. if (user.max_spam_score and spam_score > user.max_spam_score) or (
  467. not user.max_spam_score and spam_score > MAX_SPAM_SCORE
  468. ):
  469. is_spam = True
  470. spam_status = "Spam detected by SpamAssassin server"
  471. else:
  472. is_spam, spam_status = get_spam_info(msg, max_score=user.max_spam_score)
  473. if is_spam:
  474. LOG.warning("Email detected as spam. Alias: %s, from: %s", alias, contact)
  475. email_log.is_spam = True
  476. email_log.spam_status = spam_status
  477. db.session.commit()
  478. handle_spam(contact, alias, msg, user, mailbox, email_log)
  479. return False, "550 SL E1 Email detected as spam"
  480. # create PGP email if needed
  481. if mailbox.pgp_finger_print and user.is_premium() and not alias.disable_pgp:
  482. LOG.d("Encrypt message using mailbox %s", mailbox)
  483. try:
  484. msg = prepare_pgp_message(msg, mailbox.pgp_finger_print)
  485. except PGPException:
  486. LOG.exception(
  487. "Cannot encrypt message %s -> %s. %s %s", contact, alias, mailbox, user
  488. )
  489. # so the client can retry later
  490. return False, "421 SL E12 Retry later"
  491. # add custom header
  492. add_or_replace_header(msg, _DIRECTION, "Forward")
  493. # remove reply-to & sender header if present
  494. delete_header(msg, "Reply-To")
  495. delete_header(msg, "Sender")
  496. delete_header(msg, _IP_HEADER)
  497. add_or_replace_header(msg, _MAILBOX_ID_HEADER, str(mailbox.id))
  498. add_or_replace_header(msg, _EMAIL_LOG_ID_HEADER, str(email_log.id))
  499. add_or_replace_header(msg, _MESSAGE_ID, make_msgid(str(email_log.id), EMAIL_DOMAIN))
  500. # change the from header so the sender comes from @SL
  501. # so it can pass DMARC check
  502. # replace the email part in from: header
  503. contact_from_header = msg["From"]
  504. new_from_header = contact.new_addr()
  505. add_or_replace_header(msg, "From", new_from_header)
  506. LOG.d("new_from_header:%s, old header %s", new_from_header, contact_from_header)
  507. # replace CC & To emails by reply-email for all emails that are not alias
  508. replace_header_when_forward(msg, alias, "Cc")
  509. replace_header_when_forward(msg, alias, "To")
  510. # append alias into the TO header if it's not present in To or CC
  511. if should_append_alias(msg, alias.email):
  512. LOG.d("append alias %s to TO header %s", alias, msg["To"])
  513. if msg["To"]:
  514. to_header = msg["To"] + "," + alias.email
  515. else:
  516. to_header = alias.email
  517. add_or_replace_header(msg, "To", to_header.strip())
  518. # add List-Unsubscribe header
  519. if UNSUBSCRIBER:
  520. unsubscribe_link = f"mailto:{UNSUBSCRIBER}?subject={alias.id}="
  521. add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
  522. else:
  523. unsubscribe_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  524. add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
  525. add_or_replace_header(
  526. msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
  527. )
  528. add_dkim_signature(msg, EMAIL_DOMAIN)
  529. LOG.d(
  530. "Forward mail from %s to %s, mail_options %s, rcpt_options %s ",
  531. contact.website_email,
  532. mailbox.email,
  533. envelope.mail_options,
  534. envelope.rcpt_options,
  535. )
  536. # smtp.send_message has UnicodeEncodeErroremail issue
  537. # encode message raw directly instead
  538. try:
  539. smtp.sendmail(
  540. contact.reply_email,
  541. mailbox.email,
  542. msg.as_bytes(),
  543. envelope.mail_options,
  544. envelope.rcpt_options,
  545. )
  546. except SMTPRecipientsRefused:
  547. # that means the mailbox is maybe invalid
  548. LOG.warning(
  549. "SMTPRecipientsRefused forward phase %s -> %s -> %s",
  550. contact,
  551. alias,
  552. mailbox,
  553. )
  554. # return 421 so Postfix can retry later
  555. return False, "421 SL E17 Retry later"
  556. else:
  557. db.session.commit()
  558. return True, "250 Message accepted for delivery"
  559. async def handle_reply(envelope, smtp: SMTP, msg: Message, rcpt_to: str) -> (bool, str):
  560. """
  561. return whether an email has been delivered and
  562. the smtp status ("250 Message accepted", "550 Non-existent email address", etc)
  563. """
  564. reply_email = rcpt_to.lower().strip()
  565. # reply_email must end with EMAIL_DOMAIN
  566. if not reply_email.endswith(EMAIL_DOMAIN):
  567. LOG.warning(f"Reply email {reply_email} has wrong domain")
  568. return False, "550 SL E2"
  569. contact = Contact.get_by(reply_email=reply_email)
  570. if not contact:
  571. LOG.warning(f"No such forward-email with {reply_email} as reply-email")
  572. return False, "550 SL E4 Email not exist"
  573. alias = contact.alias
  574. address: str = contact.alias.email
  575. alias_domain = address[address.find("@") + 1 :]
  576. # alias must end with one of the ALIAS_DOMAINS or custom-domain
  577. if not email_belongs_to_alias_domains(alias.email):
  578. if not CustomDomain.get_by(domain=alias_domain):
  579. return False, "550 SL E5"
  580. user = alias.user
  581. mail_from = envelope.mail_from.lower().strip()
  582. # bounce email initiated by Postfix
  583. # can happen in case emails cannot be delivered to user-email
  584. # in this case Postfix will try to send a bounce report to original sender, which is
  585. # the "reply email"
  586. if mail_from == "<>":
  587. LOG.warning(
  588. "Bounce when sending to alias %s from %s, user %s",
  589. alias,
  590. contact,
  591. user,
  592. )
  593. handle_bounce(contact, alias, msg, user)
  594. return False, "550 SL E6"
  595. mailbox = Mailbox.get_by(email=mail_from, user_id=user.id)
  596. if not mailbox or mailbox not in alias.mailboxes:
  597. if alias.disable_email_spoofing_check:
  598. # ignore this error, use default alias mailbox
  599. LOG.warning(
  600. "ignore unknown sender to reverse-alias %s: %s -> %s",
  601. mail_from,
  602. alias,
  603. contact,
  604. )
  605. mailbox = alias.mailbox
  606. else:
  607. # only mailbox can send email to the reply-email
  608. handle_unknown_mailbox(envelope, msg, reply_email, user, alias)
  609. return False, "550 SL E7"
  610. if ENFORCE_SPF and mailbox.force_spf and not alias.disable_email_spoofing_check:
  611. ip = msg[_IP_HEADER]
  612. if not spf_pass(ip, envelope, mailbox, user, alias, contact.website_email, msg):
  613. # cannot use 4** here as sender will retry. 5** because that generates bounce report
  614. return True, "250 SL E11"
  615. email_log = EmailLog.create(
  616. contact_id=contact.id, is_reply=True, user_id=contact.user_id
  617. )
  618. # Spam check
  619. spam_status = ""
  620. is_spam = False
  621. # do not use user.max_spam_score here
  622. if SPAMASSASSIN_HOST:
  623. start = time.time()
  624. spam_score = await get_spam_score(msg)
  625. LOG.d(
  626. "%s -> %s - spam score %s in %s seconds",
  627. alias,
  628. contact,
  629. spam_score,
  630. time.time() - start,
  631. )
  632. email_log.spam_score = spam_score
  633. if spam_score > MAX_REPLY_PHASE_SPAM_SCORE:
  634. is_spam = True
  635. spam_status = "Spam detected by SpamAssassin server"
  636. else:
  637. is_spam, spam_status = get_spam_info(msg, max_score=MAX_REPLY_PHASE_SPAM_SCORE)
  638. if is_spam:
  639. LOG.exception(
  640. "Reply phase - email sent from %s to %s detected as spam", alias, contact
  641. )
  642. email_log.is_spam = True
  643. email_log.spam_status = spam_status
  644. db.session.commit()
  645. handle_spam(contact, alias, msg, user, mailbox, email_log, is_reply=True)
  646. return False, "550 SL E15 Email detected as spam"
  647. delete_header(msg, _IP_HEADER)
  648. delete_header(msg, "DKIM-Signature")
  649. delete_header(msg, "Received")
  650. # make the email comes from alias
  651. from_header = alias.email
  652. # add alias name from alias
  653. if alias.name:
  654. LOG.d("Put alias name in from header")
  655. from_header = formataddr((alias.name, alias.email))
  656. elif alias.custom_domain:
  657. LOG.d("Put domain default alias name in from header")
  658. # add alias name from domain
  659. if alias.custom_domain.name:
  660. from_header = formataddr((alias.custom_domain.name, alias.email))
  661. add_or_replace_header(msg, "From", from_header)
  662. # some email providers like ProtonMail adds automatically the Reply-To field
  663. # make sure to delete it
  664. delete_header(msg, "Reply-To")
  665. # remove sender header if present as this could reveal user real email
  666. delete_header(msg, "Sender")
  667. delete_header(msg, "X-Sender")
  668. replace_header_when_reply(msg, alias, "To")
  669. replace_header_when_reply(msg, alias, "Cc")
  670. add_or_replace_header(
  671. msg,
  672. _MESSAGE_ID,
  673. make_msgid(str(email_log.id), get_email_domain_part(alias.email)),
  674. )
  675. add_or_replace_header(msg, _EMAIL_LOG_ID_HEADER, str(email_log.id))
  676. add_or_replace_header(msg, _DIRECTION, "Reply")
  677. # Received-SPF is injected by postfix-policyd-spf-python can reveal user original email
  678. delete_header(msg, "Received-SPF")
  679. LOG.d(
  680. "send email from %s to %s, mail_options:%s,rcpt_options:%s",
  681. alias.email,
  682. contact.website_email,
  683. envelope.mail_options,
  684. envelope.rcpt_options,
  685. )
  686. # replace "ra+string@simplelogin.co" by the contact email in the email body
  687. # as this is usually included when replying
  688. if user.replace_reverse_alias:
  689. if msg.is_multipart():
  690. for part in msg.walk():
  691. if part.get_content_maintype() != "text":
  692. continue
  693. part = replace_str_in_msg(part, reply_email, contact.website_email)
  694. else:
  695. msg = replace_str_in_msg(msg, reply_email, contact.website_email)
  696. if alias_domain in ALIAS_DOMAINS:
  697. add_dkim_signature(msg, alias_domain)
  698. # add DKIM-Signature for custom-domain alias
  699. else:
  700. custom_domain: CustomDomain = CustomDomain.get_by(domain=alias_domain)
  701. if custom_domain.dkim_verified:
  702. add_dkim_signature(msg, alias_domain)
  703. # create PGP email if needed
  704. if contact.pgp_finger_print and user.is_premium():
  705. LOG.d("Encrypt message for contact %s", contact)
  706. try:
  707. msg = prepare_pgp_message(msg, contact.pgp_finger_print)
  708. except PGPException:
  709. LOG.exception(
  710. "Cannot encrypt message %s -> %s. %s %s", alias, contact, mailbox, user
  711. )
  712. # to not save the email_log
  713. db.session.rollback()
  714. # return 421 so the client can retry later
  715. return False, "421 SL E13 Retry later"
  716. try:
  717. smtp.sendmail(
  718. alias.email,
  719. contact.website_email,
  720. msg.as_bytes(),
  721. envelope.mail_options,
  722. envelope.rcpt_options,
  723. )
  724. except Exception:
  725. # to not save the email_log
  726. db.session.rollback()
  727. LOG.warning("Cannot send email from %s to %s", alias, contact)
  728. send_email(
  729. mailbox.email,
  730. f"Email cannot be sent to {contact.email} from {alias.email}",
  731. render(
  732. "transactional/reply-error.txt",
  733. user=user,
  734. alias=alias,
  735. contact=contact,
  736. contact_domain=get_email_domain_part(contact.email),
  737. ),
  738. render(
  739. "transactional/reply-error.html",
  740. user=user,
  741. alias=alias,
  742. contact=contact,
  743. contact_domain=get_email_domain_part(contact.email),
  744. ),
  745. )
  746. # return 250 even if error as user is already informed of the incident and can retry sending the email
  747. db.session.commit()
  748. return True, "250 Message accepted for delivery"
  749. def spf_pass(
  750. ip: str,
  751. envelope,
  752. mailbox: Mailbox,
  753. user: User,
  754. alias: Alias,
  755. contact_email: str,
  756. msg: Message,
  757. ) -> bool:
  758. if ip:
  759. LOG.d("Enforce SPF")
  760. try:
  761. r = spf.check2(i=ip, s=envelope.mail_from.lower(), h=None)
  762. except Exception:
  763. LOG.exception("SPF error, mailbox %s, ip %s", mailbox.email, ip)
  764. else:
  765. # TODO: Handle temperr case (e.g. dns timeout)
  766. # only an absolute pass, or no SPF policy at all is 'valid'
  767. if r[0] not in ["pass", "none"]:
  768. LOG.warning(
  769. "SPF fail for mailbox %s, reason %s, failed IP %s",
  770. mailbox.email,
  771. r[0],
  772. ip,
  773. )
  774. send_email_with_rate_control(
  775. user,
  776. ALERT_SPF,
  777. mailbox.email,
  778. f"SimpleLogin Alert: attempt to send emails from your alias {alias.email} from unknown IP Address",
  779. render(
  780. "transactional/spf-fail.txt",
  781. name=user.name,
  782. alias=alias.email,
  783. ip=ip,
  784. mailbox_url=URL + f"/dashboard/mailbox/{mailbox.id}#spf",
  785. to_email=contact_email,
  786. subject=msg["Subject"],
  787. time=arrow.now(),
  788. ),
  789. render(
  790. "transactional/spf-fail.html",
  791. name=user.name,
  792. alias=alias.email,
  793. ip=ip,
  794. mailbox_url=URL + f"/dashboard/mailbox/{mailbox.id}#spf",
  795. to_email=contact_email,
  796. subject=msg["Subject"],
  797. time=arrow.now(),
  798. ),
  799. )
  800. return False
  801. else:
  802. LOG.warning(
  803. "Could not find %s header %s -> %s",
  804. _IP_HEADER,
  805. mailbox.email,
  806. contact_email,
  807. )
  808. return True
  809. def handle_unknown_mailbox(envelope, msg, reply_email: str, user: User, alias: Alias):
  810. LOG.warning(
  811. f"Reply email can only be used by mailbox. "
  812. f"Actual mail_from: %s. msg from header: %s, reverse-alias %s, %s %s",
  813. envelope.mail_from,
  814. msg["From"],
  815. reply_email,
  816. alias,
  817. user,
  818. )
  819. send_email_with_rate_control(
  820. user,
  821. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  822. user.email,
  823. f"Attempt to use your alias {alias.email} from {envelope.mail_from}",
  824. render(
  825. "transactional/reply-must-use-personal-email.txt",
  826. name=user.name,
  827. alias=alias,
  828. sender=envelope.mail_from,
  829. ),
  830. render(
  831. "transactional/reply-must-use-personal-email.html",
  832. name=user.name,
  833. alias=alias,
  834. sender=envelope.mail_from,
  835. ),
  836. )
  837. # Notify sender that they cannot send emails to this address
  838. send_email_with_rate_control(
  839. user,
  840. ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
  841. envelope.mail_from,
  842. f"Your email ({envelope.mail_from}) is not allowed to send emails to {reply_email}",
  843. render(
  844. "transactional/send-from-alias-from-unknown-sender.txt",
  845. sender=envelope.mail_from,
  846. reply_email=reply_email,
  847. ),
  848. render(
  849. "transactional/send-from-alias-from-unknown-sender.html",
  850. sender=envelope.mail_from,
  851. reply_email=reply_email,
  852. ),
  853. )
  854. def handle_bounce(contact: Contact, alias: Alias, msg: Message, user: User):
  855. disable_alias_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  856. # Store the bounced email
  857. # generate a name for the email
  858. random_name = str(uuid.uuid4())
  859. full_report_path = f"refused-emails/full-{random_name}.eml"
  860. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  861. file_path = None
  862. mailbox = None
  863. email_log: EmailLog = None
  864. orig_msg = get_orig_message_from_bounce(msg)
  865. if not orig_msg:
  866. # Some MTA does not return the original message in bounce message
  867. # nothing we can do here
  868. LOG.warning(
  869. "Cannot parse original message from bounce message %s %s %s %s",
  870. alias,
  871. user,
  872. contact,
  873. full_report_path,
  874. )
  875. else:
  876. file_path = f"refused-emails/{random_name}.eml"
  877. s3.upload_email_from_bytesio(
  878. file_path, BytesIO(orig_msg.as_bytes()), random_name
  879. )
  880. try:
  881. mailbox_id = int(orig_msg[_MAILBOX_ID_HEADER])
  882. except TypeError:
  883. LOG.exception(
  884. "cannot parse mailbox from original message header %s",
  885. orig_msg[_MAILBOX_ID_HEADER],
  886. )
  887. else:
  888. mailbox = Mailbox.get(mailbox_id)
  889. if not mailbox or mailbox.user_id != user.id:
  890. LOG.exception(
  891. "Tampered message mailbox_id %s, %s, %s, %s %s",
  892. mailbox_id,
  893. user,
  894. alias,
  895. contact,
  896. full_report_path,
  897. )
  898. # cannot use this tampered mailbox, reset it
  899. mailbox = None
  900. # try to get the original email_log
  901. try:
  902. email_log_id = int(orig_msg[_EMAIL_LOG_ID_HEADER])
  903. except TypeError:
  904. LOG.exception(
  905. "cannot parse email log from original message header %s",
  906. orig_msg[_EMAIL_LOG_ID_HEADER],
  907. )
  908. else:
  909. email_log = EmailLog.get(email_log_id)
  910. refused_email = RefusedEmail.create(
  911. path=file_path, full_report_path=full_report_path, user_id=user.id
  912. )
  913. db.session.flush()
  914. LOG.d("Create refused email %s", refused_email)
  915. if not mailbox:
  916. LOG.debug("Try to get mailbox from bounce report")
  917. try:
  918. mailbox_id = int(get_header_from_bounce(msg, _MAILBOX_ID_HEADER))
  919. except Exception:
  920. LOG.warning("cannot get mailbox-id from bounce report, %s", refused_email)
  921. else:
  922. mailbox = Mailbox.get(mailbox_id)
  923. if not mailbox or mailbox.user_id != user.id:
  924. LOG.exception(
  925. "Tampered message mailbox_id %s, %s, %s, %s %s",
  926. mailbox_id,
  927. user,
  928. alias,
  929. contact,
  930. full_report_path,
  931. )
  932. mailbox = None
  933. if not email_log:
  934. LOG.d("Try to get email log from bounce report")
  935. try:
  936. email_log_id = int(get_header_from_bounce(msg, _EMAIL_LOG_ID_HEADER))
  937. except Exception:
  938. LOG.warning("cannot get email log id from bounce report, %s", refused_email)
  939. else:
  940. email_log = EmailLog.get(email_log_id)
  941. # use the default mailbox as the last option
  942. if not mailbox:
  943. LOG.warning("Use %s default mailbox %s", alias, refused_email)
  944. mailbox = alias.mailbox
  945. # create a new email log as the last option
  946. if not email_log:
  947. LOG.warning("cannot get the original email_log, create a new one")
  948. email_log: EmailLog = EmailLog.create(
  949. contact_id=contact.id, user_id=contact.user_id
  950. )
  951. email_log.bounced = True
  952. email_log.refused_email_id = refused_email.id
  953. email_log.bounced_mailbox_id = mailbox.id
  954. db.session.commit()
  955. refused_email_url = (
  956. URL + f"/dashboard/refused_email?highlight_id=" + str(email_log.id)
  957. )
  958. nb_bounced = EmailLog.filter_by(contact_id=contact.id, bounced=True).count()
  959. if nb_bounced >= 2 and alias.cannot_be_disabled:
  960. LOG.warning("%s cannot be disabled", alias)
  961. # inform user if this is the first bounced email
  962. if nb_bounced == 1 or (nb_bounced >= 2 and alias.cannot_be_disabled):
  963. LOG.d(
  964. "Inform user %s about bounced email sent by %s to alias %s",
  965. user,
  966. contact.website_email,
  967. alias,
  968. )
  969. send_email_with_rate_control(
  970. user,
  971. ALERT_BOUNCE_EMAIL,
  972. user.email,
  973. f"Email from {contact.website_email} to {alias.email} cannot be delivered to your inbox",
  974. render(
  975. "transactional/bounced-email.txt",
  976. name=user.name,
  977. alias=alias,
  978. website_email=contact.website_email,
  979. disable_alias_link=disable_alias_link,
  980. refused_email_url=refused_email_url,
  981. mailbox_email=mailbox.email,
  982. ),
  983. render(
  984. "transactional/bounced-email.html",
  985. name=user.name,
  986. alias=alias,
  987. website_email=contact.website_email,
  988. disable_alias_link=disable_alias_link,
  989. refused_email_url=refused_email_url,
  990. mailbox_email=mailbox.email,
  991. ),
  992. )
  993. # disable the alias the second time email is bounced
  994. elif nb_bounced >= 2:
  995. LOG.d(
  996. "Bounce happens again with alias %s from %s. Disable alias now ",
  997. alias,
  998. contact.website_email,
  999. )
  1000. alias.enabled = False
  1001. db.session.commit()
  1002. send_email_with_rate_control(
  1003. user,
  1004. ALERT_BOUNCE_EMAIL,
  1005. user.email,
  1006. f"Alias {alias.email} has been disabled due to second undelivered email from {contact.website_email}",
  1007. render(
  1008. "transactional/automatic-disable-alias.txt",
  1009. name=user.name,
  1010. alias=alias,
  1011. website_email=contact.website_email,
  1012. refused_email_url=refused_email_url,
  1013. mailbox_email=mailbox.email,
  1014. ),
  1015. render(
  1016. "transactional/automatic-disable-alias.html",
  1017. name=user.name,
  1018. alias=alias,
  1019. website_email=contact.website_email,
  1020. refused_email_url=refused_email_url,
  1021. mailbox_email=mailbox.email,
  1022. ),
  1023. )
  1024. def handle_spam(
  1025. contact: Contact,
  1026. alias: Alias,
  1027. msg: Message,
  1028. user: User,
  1029. mailbox: Mailbox,
  1030. email_log: EmailLog,
  1031. is_reply=False, # whether the email is in forward or reply phase
  1032. ):
  1033. # Store the report & original email
  1034. orig_msg = get_orig_message_from_spamassassin_report(msg)
  1035. # generate a name for the email
  1036. random_name = str(uuid.uuid4())
  1037. full_report_path = f"spams/full-{random_name}.eml"
  1038. s3.upload_email_from_bytesio(full_report_path, BytesIO(msg.as_bytes()), random_name)
  1039. file_path = None
  1040. if orig_msg:
  1041. file_path = f"spams/{random_name}.eml"
  1042. s3.upload_email_from_bytesio(
  1043. file_path, BytesIO(orig_msg.as_bytes()), random_name
  1044. )
  1045. refused_email = RefusedEmail.create(
  1046. path=file_path, full_report_path=full_report_path, user_id=user.id
  1047. )
  1048. db.session.flush()
  1049. email_log.refused_email_id = refused_email.id
  1050. db.session.commit()
  1051. LOG.d("Create spam email %s", refused_email)
  1052. refused_email_url = (
  1053. URL + f"/dashboard/refused_email?highlight_id=" + str(email_log.id)
  1054. )
  1055. disable_alias_link = f"{URL}/dashboard/unsubscribe/{alias.id}"
  1056. if is_reply:
  1057. LOG.d(
  1058. "Inform %s (%s) about spam email sent from alias %s to %s",
  1059. mailbox,
  1060. user,
  1061. alias,
  1062. contact,
  1063. )
  1064. send_email_with_rate_control(
  1065. user,
  1066. ALERT_SPAM_EMAIL,
  1067. mailbox.email,
  1068. f"Email from {contact.website_email} to {alias.email} is detected as spam",
  1069. render(
  1070. "transactional/spam-email-reply-phase.txt",
  1071. name=user.name,
  1072. alias=alias,
  1073. website_email=contact.website_email,
  1074. disable_alias_link=disable_alias_link,
  1075. refused_email_url=refused_email_url,
  1076. ),
  1077. render(
  1078. "transactional/spam-email-reply-phase.html",
  1079. name=user.name,
  1080. alias=alias,
  1081. website_email=contact.website_email,
  1082. disable_alias_link=disable_alias_link,
  1083. refused_email_url=refused_email_url,
  1084. ),
  1085. )
  1086. else:
  1087. # inform user
  1088. LOG.d(
  1089. "Inform %s (%s) about spam email sent by %s to alias %s",
  1090. mailbox,
  1091. user,
  1092. contact,
  1093. alias,
  1094. )
  1095. send_email_with_rate_control(
  1096. user,
  1097. ALERT_SPAM_EMAIL,
  1098. mailbox.email,
  1099. f"Email from {contact.website_email} to {alias.email} is detected as spam",
  1100. render(
  1101. "transactional/spam-email.txt",
  1102. name=user.name,
  1103. alias=alias,
  1104. website_email=contact.website_email,
  1105. disable_alias_link=disable_alias_link,
  1106. refused_email_url=refused_email_url,
  1107. ),
  1108. render(
  1109. "transactional/spam-email.html",
  1110. name=user.name,
  1111. alias=alias,
  1112. website_email=contact.website_email,
  1113. disable_alias_link=disable_alias_link,
  1114. refused_email_url=refused_email_url,
  1115. ),
  1116. )
  1117. def handle_unsubscribe(envelope: Envelope):
  1118. msg = email.message_from_bytes(envelope.original_content)
  1119. # format: alias_id:
  1120. subject = msg["Subject"]
  1121. try:
  1122. # subject has the format {alias.id}=
  1123. if subject.endswith("="):
  1124. alias_id = int(subject[:-1])
  1125. # some email providers might strip off the = suffix
  1126. else:
  1127. alias_id = int(subject)
  1128. alias = Alias.get(alias_id)
  1129. except Exception:
  1130. LOG.warning("Cannot parse alias from subject %s", msg["Subject"])
  1131. return "550 SL E8 Wrongly formatted subject"
  1132. if not alias:
  1133. LOG.warning("No such alias %s", alias_id)
  1134. return "550 SL E9 Email not exist"
  1135. # This sender cannot unsubscribe
  1136. mail_from = envelope.mail_from.lower().strip()
  1137. mailbox = Mailbox.get_by(user_id=alias.user_id, email=mail_from)
  1138. if not mailbox or mailbox not in alias.mailboxes:
  1139. LOG.d("%s cannot disable alias %s", envelope.mail_from, alias)
  1140. return "550 SL E10 unauthorized"
  1141. # Sender is owner of this alias
  1142. alias.enabled = False
  1143. db.session.commit()
  1144. user = alias.user
  1145. enable_alias_url = URL + f"/dashboard/?highlight_alias_id={alias.id}"
  1146. for mailbox in alias.mailboxes:
  1147. send_email(
  1148. mailbox.email,
  1149. f"Alias {alias.email} has been disabled successfully",
  1150. render(
  1151. "transactional/unsubscribe-disable-alias.txt",
  1152. user=user,
  1153. alias=alias.email,
  1154. enable_alias_url=enable_alias_url,
  1155. ),
  1156. render(
  1157. "transactional/unsubscribe-disable-alias.html",
  1158. user=user,
  1159. alias=alias.email,
  1160. enable_alias_url=enable_alias_url,
  1161. ),
  1162. )
  1163. return "250 Unsubscribe request accepted"
  1164. def handle_sender_email(envelope: Envelope):
  1165. filename = (
  1166. arrow.now().format("YYYY-MM-DD_HH-mm-ss") + "_" + random_string(10) + ".eml"
  1167. )
  1168. filepath = os.path.join(SENDER_DIR, filename)
  1169. with open(filepath, "wb") as f:
  1170. f.write(envelope.original_content)
  1171. LOG.d("Write email to sender at %s", filepath)
  1172. msg = email.message_from_bytes(envelope.original_content)
  1173. orig = get_orig_message_from_bounce(msg)
  1174. if orig:
  1175. LOG.warning(
  1176. "Original message %s -> %s saved at %s", orig["From"], orig["To"], filepath
  1177. )
  1178. return "250 email to sender accepted"
  1179. async def handle(envelope: Envelope, smtp: SMTP) -> str:
  1180. """Return SMTP status"""
  1181. # unsubscribe request
  1182. if UNSUBSCRIBER and envelope.rcpt_tos == [UNSUBSCRIBER]:
  1183. LOG.d("Handle unsubscribe request from %s", envelope.mail_from)
  1184. return handle_unsubscribe(envelope)
  1185. # emails sent to sender. Probably bounce emails
  1186. if SENDER and envelope.rcpt_tos == [SENDER]:
  1187. LOG.d("Handle email sent to sender from %s", envelope.mail_from)
  1188. return handle_sender_email(envelope)
  1189. # Whether it's necessary to apply greylisting
  1190. if greylisting_needed(envelope.mail_from, envelope.rcpt_tos):
  1191. LOG.warning(
  1192. "Grey listing applied for %s %s", envelope.mail_from, envelope.rcpt_tos
  1193. )
  1194. return "421 SL Retry later"
  1195. # result of all deliveries
  1196. # each element is a couple of whether the delivery is successful and the smtp status
  1197. res: [(bool, str)] = []
  1198. for rcpt_to in envelope.rcpt_tos:
  1199. msg = email.message_from_bytes(envelope.original_content)
  1200. # Reply case
  1201. # recipient starts with "reply+" or "ra+" (ra=reverse-alias) prefix
  1202. if rcpt_to.startswith("reply+") or rcpt_to.startswith("ra+"):
  1203. LOG.debug(
  1204. ">>> Reply phase %s(%s) -> %s", envelope.mail_from, msg["From"], rcpt_to
  1205. )
  1206. is_delivered, smtp_status = await handle_reply(envelope, smtp, msg, rcpt_to)
  1207. res.append((is_delivered, smtp_status))
  1208. else: # Forward case
  1209. LOG.debug(
  1210. ">>> Forward phase %s(%s) -> %s",
  1211. envelope.mail_from,
  1212. msg["From"],
  1213. rcpt_to,
  1214. )
  1215. for is_delivered, smtp_status in await handle_forward(
  1216. envelope, smtp, msg, rcpt_to
  1217. ):
  1218. res.append((is_delivered, smtp_status))
  1219. for (is_success, smtp_status) in res:
  1220. # Consider all deliveries successful if 1 delivery is successful
  1221. if is_success:
  1222. return smtp_status
  1223. # Failed delivery for all, return the first failure
  1224. return res[0][1]
  1225. async def get_spam_score(message: Message) -> float:
  1226. sa_input = to_bytes(message)
  1227. # Spamassassin requires to have an ending linebreak
  1228. if not sa_input.endswith(b"\n"):
  1229. LOG.d("add linebreak to spamassassin input")
  1230. sa_input += b"\n"
  1231. try:
  1232. # wait for at max 300s which is the default spamd timeout-child
  1233. response = await asyncio.wait_for(
  1234. aiospamc.check(sa_input, host=SPAMASSASSIN_HOST), timeout=300
  1235. )
  1236. return response.headers["Spam"].score
  1237. except asyncio.TimeoutError:
  1238. LOG.exception("SpamAssassin timeout")
  1239. # return a negative score so the message is always considered as ham
  1240. return -999
  1241. except Exception:
  1242. LOG.exception("SpamAssassin exception")
  1243. return -999
  1244. class MailHandler:
  1245. def __init__(self, lock):
  1246. self.lock = lock
  1247. async def handle_DATA(self, server, session, envelope: Envelope):
  1248. try:
  1249. ret = await self._handle(envelope)
  1250. return ret
  1251. except Exception:
  1252. LOG.exception(
  1253. "email handling fail %s -> %s",
  1254. envelope.mail_from,
  1255. envelope.rcpt_tos,
  1256. )
  1257. return "421 SL Retry later"
  1258. async def _handle(self, envelope: Envelope):
  1259. async with self.lock:
  1260. start = time.time()
  1261. LOG.info(
  1262. "===>> New message, mail from %s, rctp tos %s ",
  1263. envelope.mail_from,
  1264. envelope.rcpt_tos,
  1265. )
  1266. if POSTFIX_SUBMISSION_TLS:
  1267. smtp = SMTP(POSTFIX_SERVER, 587)
  1268. smtp.starttls()
  1269. else:
  1270. smtp = SMTP(POSTFIX_SERVER, POSTFIX_PORT or 25)
  1271. app = new_app()
  1272. with app.app_context():
  1273. ret = await handle(envelope, smtp)
  1274. LOG.info("takes %s seconds <<===", time.time() - start)
  1275. return ret
  1276. if __name__ == "__main__":
  1277. parser = argparse.ArgumentParser()
  1278. parser.add_argument(
  1279. "-p", "--port", help="SMTP port to listen for", type=int, default=20381
  1280. )
  1281. args = parser.parse_args()
  1282. LOG.info("Listen for port %s", args.port)
  1283. if LOAD_PGP_EMAIL_HANDLER:
  1284. LOG.warning("LOAD PGP keys")
  1285. app = create_app()
  1286. with app.app_context():
  1287. load_pgp_public_keys()
  1288. loop = asyncio.new_event_loop()
  1289. asyncio.set_event_loop(loop)
  1290. lock = asyncio.Lock()
  1291. handler = MailHandler(lock)
  1292. def factory():
  1293. return aiosmtpd.smtp.SMTP(handler, enable_SMTPUTF8=True)
  1294. server = loop.run_until_complete(
  1295. loop.create_server(factory, host="0.0.0.0", port=args.port)
  1296. )
  1297. try:
  1298. loop.run_forever()
  1299. except KeyboardInterrupt:
  1300. pass
  1301. # Close the server
  1302. LOG.info("Close SMTP server")
  1303. server.close()
  1304. loop.run_until_complete(server.wait_closed())
  1305. loop.close()