app/email_handler.py

"""
Handle the email *forward* and *reply*. phase. There are 3 actors:
- website: who sends emails to alias@sl.co address
- SL email handler (this script)
- user personal email: to be protected. Should never leak to website.

This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following
envelope and header fields:
Envelope:
    mail from: @website
    rcpt to: @personal_email
Header:
    From: @website
    To: alias@sl.co # so user knows this email is sent to alias
    Reply-to: special@sl.co # magic HERE

And in the reply phase:
Envelope:
    mail from: @website
    rcpt to: @website

Header:
    From: alias@sl.co # so for website the email comes from alias. magic HERE
    To: @website

The special@sl.co allows to hide user personal email when user clicks "Reply" to the forwarded email.
It should contain the following info:
- alias
- @website


"""
import time
from email.message import EmailMessage
from email.parser import Parser
from email.policy import SMTPUTF8
from smtplib import SMTP

from aiosmtpd.controller import Controller

from app.config import EMAIL_DOMAIN, POSTFIX_SERVER, URL
from app.email_utils import (
    get_email_name,
    get_email_part,
    send_email,
    add_dkim_signature,
    get_email_domain_part,
)
from app.extensions import db
from app.log import LOG
from app.models import GenEmail, ForwardEmail, ForwardEmailLog, CustomDomain
from app.utils import random_string
from server import create_app


# fix the database connection leak issue
# use this method instead of create_app
def new_app():
    app = create_app()

    @app.teardown_appcontext
    def shutdown_session(response_or_exc):
        # same as shutdown_session() in flask-sqlalchemy but this is not enough
        db.session.remove()

        # dispose the engine too
        db.engine.dispose()

    return app


class MailHandler:
    async def handle_DATA(self, server, session, envelope):
        LOG.debug(">>> New message <<<")

        LOG.debug("Mail from %s", envelope.mail_from)
        LOG.debug("Rcpt to %s", envelope.rcpt_tos)
        message_data = envelope.content.decode("utf8", errors="replace")

        # Only when debug
        # LOG.debug("Message data:\n")
        # LOG.debug(message_data)

        # host IP, setup via Docker network
        smtp = SMTP(POSTFIX_SERVER, 25)
        msg = Parser(policy=SMTPUTF8).parsestr(message_data)

        # Reply case
        # reply+ or ra+ (reverse-alias) prefix
        if envelope.rcpt_tos[0].startswith("reply+") or envelope.rcpt_tos[0].startswith(
            "ra+"
        ):
            LOG.debug("Reply phase")
            app = new_app()

            with app.app_context():
                return self.handle_reply(envelope, smtp, msg)
        else:  # Forward case
            LOG.debug("Forward phase")
            app = new_app()

            with app.app_context():
                return self.handle_forward(envelope, smtp, msg)

    def handle_forward(self, envelope, smtp: SMTP, msg: EmailMessage) -> str:
        """return *status_code message*"""
        alias = envelope.rcpt_tos[0]  # alias@SL

        gen_email = GenEmail.get_by(email=alias)
        if not gen_email:
            LOG.d("alias %s not exist")

            # check if alias is custom-domain alias and if the custom-domain has catch-all enabled
            alias_domain = get_email_domain_part(alias)
            custom_domain = CustomDomain.get_by(domain=alias_domain)
            if custom_domain and custom_domain.catch_all:
                LOG.d("create alias %s for domain %s", alias, custom_domain)

                gen_email = GenEmail.create(
                    email=alias,
                    user_id=custom_domain.user_id,
                    custom_domain_id=custom_domain.id,
                    automatic_creation=True,
                )
                db.session.commit()
            else:
                return "510 Email not exist"

        user_email = gen_email.user.email

        website_email = get_email_part(msg["From"])

        forward_email = ForwardEmail.get_by(
            gen_email_id=gen_email.id, website_email=website_email
        )
        if not forward_email:
            LOG.debug(
                "create forward email for alias %s and website email %s",
                alias,
                website_email,
            )

            # generate a reply_email, make sure it is unique
            # not use while to avoid infinite loop
            for _ in range(1000):
                reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
                if not ForwardEmail.get_by(reply_email=reply_email):
                    break

            forward_email = ForwardEmail.create(
                gen_email_id=gen_email.id,
                website_email=website_email,
                website_from=msg["From"],
                reply_email=reply_email,
            )
            db.session.commit()

        forward_log = ForwardEmailLog.create(forward_id=forward_email.id)

        if gen_email.enabled:
            # add custom header
            add_or_replace_header(msg, "X-SimpleLogin-Type", "Forward")

            # remove reply-to header if present
            if msg["Reply-To"]:
                LOG.d("Delete reply-to header %s", msg["Reply-To"])
                del msg["Reply-To"]

            # change the from header so the sender comes from @SL
            # so it can pass DMARC check
            # replace the email part in from: header
            from_header = (
                get_email_name(msg["From"])
                + " - "
                + website_email.replace("@", " at ")
                + f" <{forward_email.reply_email}>"
            )
            msg.replace_header("From", from_header)
            LOG.d("new from header:%s", from_header)

            # add List-Unsubscribe header
            unsubscribe_link = f"{URL}/dashboard/unsubscribe/{gen_email.id}"
            add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
            add_or_replace_header(
                msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
            )

            add_dkim_signature(msg, EMAIL_DOMAIN)

            LOG.d(
                "Forward mail from %s to %s, mail_options %s, rcpt_options %s ",
                website_email,
                user_email,
                envelope.mail_options,
                envelope.rcpt_options,
            )

            # smtp.send_message has UnicodeEncodeErroremail issue
            # encode message raw directly instead
            msg_raw = msg.as_string().encode()
            smtp.sendmail(
                forward_email.reply_email,
                user_email,
                msg_raw,
                envelope.mail_options,
                envelope.rcpt_options,
            )
        else:
            LOG.d("%s is disabled, do not forward", gen_email)
            forward_log.blocked = True

        db.session.commit()
        return "250 Message accepted for delivery"

    def handle_reply(self, envelope, smtp: SMTP, msg: EmailMessage) -> str:
        reply_email = envelope.rcpt_tos[0]

        # reply_email must end with EMAIL_DOMAIN
        if not reply_email.endswith(EMAIL_DOMAIN):
            LOG.error(f"Reply email {reply_email} has wrong domain")
            return "550 wrong reply email"

        forward_email = ForwardEmail.get_by(reply_email=reply_email)
        alias: str = forward_email.gen_email.email

        # alias must end with EMAIL_DOMAIN or custom-domain
        alias_domain = alias[alias.find("@") + 1 :]
        if alias_domain != EMAIL_DOMAIN:
            if not CustomDomain.get_by(domain=alias_domain):
                return "550 alias unknown by SimpleLogin"

        user_email = forward_email.gen_email.user.email
        if envelope.mail_from != user_email:
            LOG.error(
                f"Reply email can only be used by user email. Actual mail_from: %s. User email %s",
                envelope.mail_from,
                user_email,
            )

            send_email(
                envelope.mail_from,
                f"Your email ({envelope.mail_from}) is not allowed to send email to {reply_email}",
                "",
                "",
            )

            return "250 ignored"

        # remove DKIM-Signature
        if msg["DKIM-Signature"]:
            LOG.d("Remove DKIM-Signature %s", msg["DKIM-Signature"])
            del msg["DKIM-Signature"]

        # email seems to come from alias
        msg.replace_header("From", alias)
        msg.replace_header("To", forward_email.website_email)

        # add List-Unsubscribe header
        unsubscribe_link = f"{URL}/dashboard/unsubscribe/{forward_email.gen_email_id}"
        add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
        add_or_replace_header(
            msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
        )

        LOG.d(
            "send email from %s to %s, mail_options:%s,rcpt_options:%s",
            alias,
            forward_email.website_email,
            envelope.mail_options,
            envelope.rcpt_options,
        )

        if alias_domain == EMAIL_DOMAIN:
            add_dkim_signature(msg, EMAIL_DOMAIN)
        # add DKIM-Signature for non-custom-domain alias
        else:
            custom_domain: CustomDomain = CustomDomain.get_by(domain=alias_domain)
            if custom_domain.dkim_verified:
                add_dkim_signature(msg, alias_domain)

        msg_raw = msg.as_string().encode()
        smtp.sendmail(
            alias,
            forward_email.website_email,
            msg_raw,
            envelope.mail_options,
            envelope.rcpt_options,
        )

        ForwardEmailLog.create(forward_id=forward_email.id, is_reply=True)
        db.session.commit()

        return "250 Message accepted for delivery"


def add_or_replace_header(msg: EmailMessage, header: str, value: str):
    try:
        msg.add_header(header, value)
    except ValueError:
        # the header exists already
        msg.replace_header(header, value)


if __name__ == "__main__":
    controller = Controller(MailHandler(), hostname="0.0.0.0", port=20381)

    controller.start()
    LOG.d("Start mail controller %s %s", controller.hostname, controller.port)

    while True:
        time.sleep(2)
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`"""`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`Handle the email forward and reply. phase. There are 3 actors:`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`- website: who sends emails to alias@sl.co address`
			`- SL email handler (this script)`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`- user personal email: to be protected. Should never leak to website.`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
			`This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following`
			`envelope and header fields:`
			`Envelope:`
remove srs 2019-11-21 20:42:48 +08:00			`mail from: @website`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`rcpt to: @personal_email`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`Header:`
			`From: @website`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`To: alias@sl.co # so user knows this email is sent to alias`
			`Reply-to: special@sl.co # magic HERE`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
			`And in the reply phase:`
			`Envelope:`
remove srs 2019-11-21 20:42:48 +08:00			`mail from: @website`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`rcpt to: @website`

			`Header:`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`From: alias@sl.co # so for website the email comes from alias. magic HERE`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`To: @website`

			`The special@sl.co allows to hide user personal email when user clicks "Reply" to the forwarded email.`
			`It should contain the following info:`
			`- alias`
			`- @website`


			`"""`
			`import time`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`from email.message import EmailMessage`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`from email.parser import Parser`
tentative to fix UnicodeEncodeError https://sentry.io/organizations/son/issues/1339911828/?project=1478143&query=is%3Aunresolved 2019-11-18 21:14:01 +08:00			`from email.policy import SMTPUTF8`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`from smtplib import SMTP`

			`from aiosmtpd.controller import Controller`

use send_by_postfix instead of sending bounce email directly 2019-12-16 00:27:07 +08:00			`from app.config import EMAIL_DOMAIN, POSTFIX_SERVER, URL`
Sign DKIM at app level - add DKIM_PRIVATE_KEY_PATH param - create email_utils.add_dkim_signature - add DKIM signature for transactional emails - add DKIM signature for forward & reply emails. In reply phase, only non-custom-domain emails have DKIM added. 2019-12-18 00:48:06 +08:00			`from app.email_utils import (`
			`get_email_name,`
			`get_email_part,`
			`send_email,`
			`add_dkim_signature,`
Create alias on-the-fly if the corresponding custom domain allows catch-all 2019-12-31 01:26:07 +08:00			`get_email_domain_part,`
Sign DKIM at app level - add DKIM_PRIVATE_KEY_PATH param - create email_utils.add_dkim_signature - add DKIM signature for transactional emails - add DKIM signature for forward & reply emails. In reply phase, only non-custom-domain emails have DKIM added. 2019-12-18 00:48:06 +08:00			`)`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`from app.extensions import db`
			`from app.log import LOG`
add DKIM signature for domain that is dkim verified 2019-12-26 01:23:43 +08:00			`from app.models import GenEmail, ForwardEmail, ForwardEmailLog, CustomDomain`
send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00			`from app.utils import random_string`
try to make working with postfix outside docker (in host) 2019-11-08 16:11:01 +08:00			`from server import create_app`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00

fix db connections leaks in email_handler: override the default app.teardown_appcontext 2019-12-13 00:27:31 +08:00			`# fix the database connection leak issue`
			`# use this method instead of create_app`
			`def new_app():`
			`app = create_app()`

			`@app.teardown_appcontext`
			`def shutdown_session(response_or_exc):`
			`# same as shutdown_session() in flask-sqlalchemy but this is not enough`
			`db.session.remove()`

			`# dispose the engine too`
			`db.engine.dispose()`

			`return app`


email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`class MailHandler:`
			`async def handle_DATA(self, server, session, envelope):`
use 1.1.1.1 as host IP 2019-11-08 17:51:30 +08:00			`LOG.debug(">>> New message <<<")`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
			`LOG.debug("Mail from %s", envelope.mail_from)`
			`LOG.debug("Rcpt to %s", envelope.rcpt_tos)`
			`message_data = envelope.content.decode("utf8", errors="replace")`

use 1.1.1.1 as host IP 2019-11-08 17:51:30 +08:00			`# Only when debug`
			`# LOG.debug("Message data:\n")`
			`# LOG.debug(message_data)`

			`# host IP, setup via Docker network`
create POSTFIX server 2019-11-19 17:11:18 +08:00			`smtp = SMTP(POSTFIX_SERVER, 25)`
tentative to fix UnicodeEncodeError https://sentry.io/organizations/son/issues/1339911828/?project=1478143&query=is%3Aunresolved 2019-11-18 21:14:01 +08:00			`msg = Parser(policy=SMTPUTF8).parsestr(message_data)`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
handle both emails with reply+ and ra+ prefix 2019-12-15 22:09:24 +08:00			`# Reply case`
			`# reply+ or ra+ (reverse-alias) prefix`
			`if envelope.rcpt_tos[0].startswith("reply+") or envelope.rcpt_tos[0].startswith(`
			`"ra+"`
			`):`
			`LOG.debug("Reply phase")`
fix db connections leaks in email_handler: override the default app.teardown_appcontext 2019-12-13 00:27:31 +08:00			`app = new_app()`
try to make working with postfix outside docker (in host) 2019-11-08 16:11:01 +08:00
			`with app.app_context():`
handle both emails with reply+ and ra+ prefix 2019-12-15 22:09:24 +08:00			`return self.handle_reply(envelope, smtp, msg)`
			`else: # Forward case`
			`LOG.debug("Forward phase")`
fix db connections leaks in email_handler: override the default app.teardown_appcontext 2019-12-13 00:27:31 +08:00			`app = new_app()`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
try to make working with postfix outside docker (in host) 2019-11-08 16:11:01 +08:00			`with app.app_context():`
handle both emails with reply+ and ra+ prefix 2019-12-15 22:09:24 +08:00			`return self.handle_forward(envelope, smtp, msg)`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00			`def handle_forward(self, envelope, smtp: SMTP, msg: EmailMessage) -> str:`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`"""return status_code message"""`
			`alias = envelope.rcpt_tos[0] # alias@SL`

			`gen_email = GenEmail.get_by(email=alias)`
			`if not gen_email:`
			`LOG.d("alias %s not exist")`
Create alias on-the-fly if the corresponding custom domain allows catch-all 2019-12-31 01:26:07 +08:00
			`# check if alias is custom-domain alias and if the custom-domain has catch-all enabled`
			`alias_domain = get_email_domain_part(alias)`
			`custom_domain = CustomDomain.get_by(domain=alias_domain)`
			`if custom_domain and custom_domain.catch_all:`
			`LOG.d("create alias %s for domain %s", alias, custom_domain)`

			`gen_email = GenEmail.create(`
			`email=alias,`
			`user_id=custom_domain.user_id,`
			`custom_domain_id=custom_domain.id,`
Set automatic_creation flag when alias is created with catch-all feature 2019-12-31 01:48:25 +08:00			`automatic_creation=True,`
Create alias on-the-fly if the corresponding custom domain allows catch-all 2019-12-31 01:26:07 +08:00			`)`
			`db.session.commit()`
			`else:`
			`return "510 Email not exist"`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
change the to: header so target is user email 2019-11-21 20:58:06 +08:00			`user_email = gen_email.user.email`

handle the case email from header has the format "First Last <ab@cd.com>" 2019-12-10 05:26:20 +08:00			`website_email = get_email_part(msg["From"])`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
			`forward_email = ForwardEmail.get_by(`
			`gen_email_id=gen_email.id, website_email=website_email`
			`)`
			`if not forward_email:`
			`LOG.debug(`
			`"create forward email for alias %s and website email %s",`
			`alias,`
			`website_email,`
			`)`
generate a reply_email, make sure it is unique 2019-12-15 17:18:33 +08:00
			`# generate a reply_email, make sure it is unique`
			`# not use while to avoid infinite loop`
			`for _ in range(1000):`
use random_string for email_handler as reply email is not user-facing 2019-12-15 23:14:33 +08:00			`reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"`
generate a reply_email, make sure it is unique 2019-12-15 17:18:33 +08:00			`if not ForwardEmail.get_by(reply_email=reply_email):`
			`break`

refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`forward_email = ForwardEmail.create(`
			`gen_email_id=gen_email.id,`
			`website_email=website_email,`
display website_from on alias log 2019-12-10 05:40:49 +08:00			`website_from=msg["From"],`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`reply_email=reply_email,`
			`)`
			`db.session.commit()`

			`forward_log = ForwardEmailLog.create(forward_id=forward_email.id)`

			`if gen_email.enabled:`
			`# add custom header`
change the to: header so target is user email 2019-11-21 20:58:06 +08:00			`add_or_replace_header(msg, "X-SimpleLogin-Type", "Forward")`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
			`# remove reply-to header if present`
			`if msg["Reply-To"]:`
			`LOG.d("Delete reply-to header %s", msg["Reply-To"])`
			`del msg["Reply-To"]`

put original name and email to from: header 2019-11-20 04:47:58 +08:00			`# change the from header so the sender comes from @SL`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`# so it can pass DMARC check`
put original name and email to from: header 2019-11-20 04:47:58 +08:00			`# replace the email part in from: header`
			`from_header = (`
handle both emails with reply+ and ra+ prefix 2019-12-15 22:09:24 +08:00			`get_email_name(msg["From"])`
			`+ " - "`
			`+ website_email.replace("@", " at ")`
			`+ f" <{forward_email.reply_email}>"`
put original name and email to from: header 2019-11-20 04:47:58 +08:00			`)`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`msg.replace_header("From", from_header)`
put original name and email to from: header 2019-11-20 04:47:58 +08:00			`LOG.d("new from header:%s", from_header)`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
add List-Unsubscribe header to block quickly an alias 2019-11-21 01:52:49 +08:00			`# add List-Unsubscribe header`
			`unsubscribe_link = f"{URL}/dashboard/unsubscribe/{gen_email.id}"`
			`add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")`
change the to: header so target is user email 2019-11-21 20:58:06 +08:00			`add_or_replace_header(`
			`msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"`
			`)`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
remove email subject logging 2019-12-19 00:07:20 +08:00			`add_dkim_signature(msg, EMAIL_DOMAIN)`

refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`LOG.d(`
remove email subject logging 2019-12-19 00:07:20 +08:00			`"Forward mail from %s to %s, mail_options %s, rcpt_options %s ",`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`website_email,`
change the to: header so target is user email 2019-11-21 20:58:06 +08:00			`user_email,`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`envelope.mail_options,`
			`envelope.rcpt_options,`
			`)`

send raw message instead of using EmailMessage object 2019-12-08 06:25:55 +08:00			`# smtp.send_message has UnicodeEncodeErroremail issue`
			`# encode message raw directly instead`
			`msg_raw = msg.as_string().encode()`
			`smtp.sendmail(`
			`forward_email.reply_email,`
			`user_email,`
			`msg_raw,`
			`envelope.mail_options,`
			`envelope.rcpt_options,`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`)`
			`else:`
			`LOG.d("%s is disabled, do not forward", gen_email)`
			`forward_log.blocked = True`

			`db.session.commit()`
			`return "250 Message accepted for delivery"`

send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00			`def handle_reply(self, envelope, smtp: SMTP, msg: EmailMessage) -> str:`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`reply_email = envelope.rcpt_tos[0]`

remove redundant check in handle_RCPT to support custom domain. Add check to reply phase. 2019-12-01 03:34:52 +08:00			`# reply_email must end with EMAIL_DOMAIN`
			`if not reply_email.endswith(EMAIL_DOMAIN):`
			`LOG.error(f"Reply email {reply_email} has wrong domain")`
			`return "550 wrong reply email"`

refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`forward_email = ForwardEmail.get_by(reply_email=reply_email)`
remove DKIM-Signature for custom domain 2019-12-07 04:06:38 +08:00			`alias: str = forward_email.gen_email.email`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00
add DKIM signature for domain that is dkim verified 2019-12-26 01:23:43 +08:00			`# alias must end with EMAIL_DOMAIN or custom-domain`
			`alias_domain = alias[alias.find("@") + 1 :]`
			`if alias_domain != EMAIL_DOMAIN:`
			`if not CustomDomain.get_by(domain=alias_domain):`
			`return "550 alias unknown by SimpleLogin"`

forward reply email can only by used by user email 2019-12-15 22:50:04 +08:00			`user_email = forward_email.gen_email.user.email`
			`if envelope.mail_from != user_email:`
			`LOG.error(`
			`f"Reply email can only be used by user email. Actual mail_from: %s. User email %s",`
			`envelope.mail_from,`
			`user_email,`
			`)`
send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00
make ADMIN_EMAIL optional 2019-12-17 01:36:59 +08:00			`send_email(`
send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00			`envelope.mail_from,`
use send_by_postfix instead of sending bounce email directly 2019-12-16 00:27:07 +08:00			`f"Your email ({envelope.mail_from}) is not allowed to send email to {reply_email}",`
			`"",`
			`"",`
send bounce directly instead of return 550 2019-12-16 00:04:46 +08:00			`)`

			`return "250 ignored"`
forward reply email can only by used by user email 2019-12-15 22:50:04 +08:00
fix DKIM fail on reply phase: the DKIM-signature should be added at the end of processing 2019-12-18 03:43:31 +08:00			`# remove DKIM-Signature`
			`if msg["DKIM-Signature"]:`
			`LOG.d("Remove DKIM-Signature %s", msg["DKIM-Signature"])`
			`del msg["DKIM-Signature"]`
Sign DKIM at app level - add DKIM_PRIVATE_KEY_PATH param - create email_utils.add_dkim_signature - add DKIM signature for transactional emails - add DKIM signature for forward & reply emails. In reply phase, only non-custom-domain emails have DKIM added. 2019-12-18 00:48:06 +08:00
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`# email seems to come from alias`
			`msg.replace_header("From", alias)`
			`msg.replace_header("To", forward_email.website_email)`

add List-Unsubscribe header to block quickly an alias 2019-11-21 01:52:49 +08:00			`# add List-Unsubscribe header`
			`unsubscribe_link = f"{URL}/dashboard/unsubscribe/{forward_email.gen_email_id}"`
			`add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")`
change the to: header so target is user email 2019-11-21 20:58:06 +08:00			`add_or_replace_header(`
			`msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"`
			`)`
add List-Unsubscribe header to block quickly an alias 2019-11-21 01:52:49 +08:00
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`LOG.d(`
			`"send email from %s to %s, mail_options:%s,rcpt_options:%s",`
			`alias,`
			`forward_email.website_email,`
			`envelope.mail_options,`
			`envelope.rcpt_options,`
			`)`

add DKIM signature for domain that is dkim verified 2019-12-26 01:23:43 +08:00			`if alias_domain == EMAIL_DOMAIN:`
fix DKIM fail on reply phase: the DKIM-signature should be added at the end of processing 2019-12-18 03:43:31 +08:00			`add_dkim_signature(msg, EMAIL_DOMAIN)`
add DKIM signature for domain that is dkim verified 2019-12-26 01:23:43 +08:00			`# add DKIM-Signature for non-custom-domain alias`
			`else:`
			`custom_domain: CustomDomain = CustomDomain.get_by(domain=alias_domain)`
			`if custom_domain.dkim_verified:`
fix domain used in dkim signature 2019-12-26 01:33:24 +08:00			`add_dkim_signature(msg, alias_domain)`
fix DKIM fail on reply phase: the DKIM-signature should be added at the end of processing 2019-12-18 03:43:31 +08:00
use sendmail instead of send_message in reply phase to avoid unicode problem 2019-12-13 04:11:01 +08:00			`msg_raw = msg.as_string().encode()`
			`smtp.sendmail(`
			`alias,`
			`forward_email.website_email,`
			`msg_raw,`
			`envelope.mail_options,`
			`envelope.rcpt_options,`
refactor email_handler: create handle_forward and handle_reply 2019-11-19 17:23:06 +08:00			`)`

			`ForwardEmailLog.create(forward_id=forward_email.id, is_reply=True)`
			`db.session.commit()`
log forwarded emails 2019-11-17 00:07:59 +08:00
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00			`return "250 Message accepted for delivery"`


add List-Unsubscribe header to block quickly an alias 2019-11-21 01:52:49 +08:00			`def add_or_replace_header(msg: EmailMessage, header: str, value: str):`
			`try:`
			`msg.add_header(header, value)`
			`except ValueError:`
			`# the header exists already`
			`msg.replace_header(header, value)`


fix test 2019-11-08 14:55:29 +08:00			`if __name__ == "__main__":`
try to make working with postfix outside docker (in host) 2019-11-08 16:11:01 +08:00			`controller = Controller(MailHandler(), hostname="0.0.0.0", port=20381)`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
fix test 2019-11-08 14:55:29 +08:00			`controller.start()`
v1 of email handler, forward and reply phase work! 2019-11-08 18:05:34 +08:00			`LOG.d("Start mail controller %s %s", controller.hostname, controller.port)`
email handler: forward phase. Todo: reply phase 2019-11-08 00:49:26 +08:00
fix test 2019-11-08 14:55:29 +08:00			`while True:`
reduce sleep time in email_handler 2019-12-10 05:09:28 +08:00			`time.sleep(2)`