Use partner domains always in the validation (#2482)

2025-09-06 22:54:42 +08:00 · 2025-05-27 12:18:14 +02:00 · 2025-05-27 12:18:14 +02:00 · ee04839572
commit ee04839572
parent 720b4a0608
2 changed files with 14 additions and 6 deletions
--- a/app/dashboard/views/domain_detail.py
+++ b/app/dashboard/views/domain_detail.py
@ -5,7 +5,7 @@ from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
 from wtforms import StringField, validators, IntegerField

-from app.config import EMAIL_SERVERS_WITH_PRIORITY, EMAIL_DOMAIN
+from app import config
 from app.constants import DMARC_RECORD
 from app.custom_domain_utils import delete_custom_domain, set_custom_domain_mailboxes
 from app.custom_domain_validation import CustomDomainValidation
@ -37,7 +37,11 @@ def domain_detail_dns(custom_domain_id):
        custom_domain.ownership_txt_token = random_string(30)
        Session.commit()

-    domain_validator = CustomDomainValidation(EMAIL_DOMAIN)
+    domain_validator = CustomDomainValidation(
+        dkim_domain=config.EMAIL_DOMAIN,
+        partner_domains=config.PARTNER_DNS_CUSTOM_DOMAINS,
+        partner_domains_validation_prefixes=config.PARTNER_CUSTOM_DOMAIN_VALIDATION_PREFIXES,
+    )
    csrf_form = CSRFValidationForm()

    mx_ok = spf_ok = dkim_ok = dmarc_ok = ownership_ok = True
@ -96,7 +100,7 @@ def domain_detail_dns(custom_domain_id):
                )
            else:
                flash(
-                    f"SPF: {EMAIL_DOMAIN} is not included in your SPF record.",
+                    f"SPF: {config.EMAIL_DOMAIN} is not included in your SPF record.",
                    "warning",
                )
                spf_ok = False
@ -136,7 +140,7 @@ def domain_detail_dns(custom_domain_id):

    return render_template(
        "dashboard/domain_detail/dns.html",
-        EMAIL_SERVERS_WITH_PRIORITY=EMAIL_SERVERS_WITH_PRIORITY,
+        EMAIL_SERVERS_WITH_PRIORITY=config.EMAIL_SERVERS_WITH_PRIORITY,
        ownership_records=domain_validator.get_ownership_verification_record(
            custom_domain
        ),
--- a/cron.py
+++ b/cron.py
@ -64,8 +64,8 @@ from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 from app.utils import sanitize_email
 from server import create_light_app
 from tasks.clean_alias_audit_log import cleanup_alias_audit_log
-from tasks.cleanup_alias import cleanup_alias
 from tasks.clean_user_audit_log import cleanup_user_audit_log
+from tasks.cleanup_alias import cleanup_alias
 from tasks.cleanup_old_imports import cleanup_old_imports
 from tasks.cleanup_old_jobs import cleanup_old_jobs
 from tasks.cleanup_old_notifications import cleanup_old_notifications
@ -938,7 +938,11 @@ def check_custom_domain():

 def check_single_custom_domain(custom_domain: CustomDomain):
    mx_domains = get_mx_domains(custom_domain.domain)
-    validator = CustomDomainValidation(dkim_domain=config.EMAIL_DOMAIN)
+    validator = CustomDomainValidation(
+        dkim_domain=config.EMAIL_DOMAIN,
+        partner_domains=config.PARTNER_DNS_CUSTOM_DOMAINS,
+        partner_domains_validation_prefixes=config.PARTNER_CUSTOM_DOMAIN_VALIDATION_PREFIXES,
+    )
    expected_custom_domains = validator.get_expected_mx_records(custom_domain)
    if not is_mx_equivalent(mx_domains, expected_custom_domains):
        user = custom_domain.user