forked from simple-login/app
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathemail_handler.py
362 lines (294 loc) · 12.6 KB
/
email_handler.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
"""
Handle the email *forward* and *reply*. phase. There are 3 actors:
- website: who sends emails to [email protected] address
- SL email handler (this script)
- user personal email: to be protected. Should never leak to website.
This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following
envelope and header fields:
Envelope:
mail from: @website
rcpt to: @personal_email
Header:
From: @website
To: [email protected] # so user knows this email is sent to alias
Reply-to: [email protected] # magic HERE
And in the reply phase:
Envelope:
mail from: @website
rcpt to: @website
Header:
From: [email protected] # so for website the email comes from alias. magic HERE
To: @website
The [email protected] allows to hide user personal email when user clicks "Reply" to the forwarded email.
It should contain the following info:
- alias
- @website
"""
import time
from email.message import Message
from email.parser import Parser
from email.policy import SMTPUTF8
from smtplib import SMTP
from aiosmtpd.controller import Controller
from app.config import EMAIL_DOMAIN, POSTFIX_SERVER, URL
from app.email_utils import (
get_email_name,
get_email_part,
send_email,
add_dkim_signature,
get_email_domain_part,
add_or_replace_header,
delete_header,
send_cannot_create_directory_alias,
send_cannot_create_domain_alias,
)
from app.extensions import db
from app.log import LOG
from app.models import GenEmail, ForwardEmail, ForwardEmailLog, CustomDomain, Directory
from app.utils import random_string
from server import create_app
# fix the database connection leak issue
# use this method instead of create_app
def new_app():
app = create_app()
@app.teardown_appcontext
def shutdown_session(response_or_exc):
# same as shutdown_session() in flask-sqlalchemy but this is not enough
db.session.remove()
# dispose the engine too
db.engine.dispose()
return app
class MailHandler:
async def handle_DATA(self, server, session, envelope):
LOG.debug(">>> New message <<<")
LOG.debug("Mail from %s", envelope.mail_from)
LOG.debug("Rcpt to %s", envelope.rcpt_tos)
message_data = envelope.content.decode("utf8", errors="replace")
# Only when debug
# LOG.debug("Message data:\n")
# LOG.debug(message_data)
# host IP, setup via Docker network
smtp = SMTP(POSTFIX_SERVER, 25)
msg = Parser(policy=SMTPUTF8).parsestr(message_data)
rcpt_to = envelope.rcpt_tos[0].lower()
# Reply case
# reply+ or ra+ (reverse-alias) prefix
if rcpt_to.startswith("reply+") or rcpt_to.startswith("ra+"):
LOG.debug("Reply phase")
app = new_app()
with app.app_context():
return self.handle_reply(envelope, smtp, msg)
else: # Forward case
LOG.debug("Forward phase")
app = new_app()
with app.app_context():
return self.handle_forward(envelope, smtp, msg)
def handle_forward(self, envelope, smtp: SMTP, msg: Message) -> str:
"""return *status_code message*"""
alias = envelope.rcpt_tos[0].lower() # alias@SL
gen_email = GenEmail.get_by(email=alias)
if not gen_email:
LOG.d(
"alias %s not exist. Try to see if it can be created on the fly", alias
)
# try to see if alias could be created on-the-fly
on_the_fly = False
# check if alias belongs to a directory, ie having directory/anything@EMAIL_DOMAIN format
if alias.endswith(EMAIL_DOMAIN):
if "/" in alias:
directory_name = alias[: alias.find("/")]
LOG.d("directory_name %s", directory_name)
directory = Directory.get_by(name=directory_name)
# Only premium user can continue using the directory feature
if directory:
dir_user = directory.user
if dir_user.is_premium():
LOG.d("create alias %s for directory %s", alias, directory)
on_the_fly = True
gen_email = GenEmail.create(
email=alias,
user_id=directory.user_id,
directory_id=directory.id,
)
db.session.commit()
else:
LOG.error(
"User %s is not premium anymore and cannot create alias with directory",
dir_user,
)
send_cannot_create_directory_alias(
dir_user, alias, directory_name
)
else:
# check if alias is custom-domain alias and if the custom-domain has catch-all enabled
alias_domain = get_email_domain_part(alias)
custom_domain = CustomDomain.get_by(domain=alias_domain)
# Only premium user can continue using the catch-all feature
if custom_domain and custom_domain.catch_all:
domain_user = custom_domain.user
if domain_user.is_premium():
LOG.d("create alias %s for domain %s", alias, custom_domain)
on_the_fly = True
gen_email = GenEmail.create(
email=alias,
user_id=custom_domain.user_id,
custom_domain_id=custom_domain.id,
automatic_creation=True,
)
db.session.commit()
else:
LOG.error(
"User %s is not premium anymore and cannot create alias with domain %s",
domain_user,
alias_domain,
)
send_cannot_create_domain_alias(
domain_user, alias, alias_domain
)
if not on_the_fly:
LOG.d("alias %s not exist, return 510", alias)
return "510 Email not exist"
user_email = gen_email.user.email
website_email = get_email_part(msg["From"])
forward_email = ForwardEmail.get_by(
gen_email_id=gen_email.id, website_email=website_email
)
if not forward_email:
LOG.debug(
"create forward email for alias %s and website email %s",
alias,
website_email,
)
# generate a reply_email, make sure it is unique
# not use while to avoid infinite loop
for _ in range(1000):
reply_email = f"reply+{random_string(30)}@{EMAIL_DOMAIN}"
if not ForwardEmail.get_by(reply_email=reply_email):
break
forward_email = ForwardEmail.create(
gen_email_id=gen_email.id,
website_email=website_email,
website_from=msg["From"],
reply_email=reply_email,
)
db.session.commit()
forward_log = ForwardEmailLog.create(forward_id=forward_email.id)
if gen_email.enabled:
# add custom header
add_or_replace_header(msg, "X-SimpleLogin-Type", "Forward")
# remove reply-to header if present
delete_header(msg, "Reply-To")
# change the from header so the sender comes from @SL
# so it can pass DMARC check
# replace the email part in from: header
from_header = (
get_email_name(msg["From"])
+ " - "
+ website_email.replace("@", " at ")
+ f" <{forward_email.reply_email}>"
)
msg.replace_header("From", from_header)
LOG.d("new from header:%s", from_header)
# add List-Unsubscribe header
unsubscribe_link = f"{URL}/dashboard/unsubscribe/{gen_email.id}"
add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
add_or_replace_header(
msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
)
add_dkim_signature(msg, EMAIL_DOMAIN)
LOG.d(
"Forward mail from %s to %s, mail_options %s, rcpt_options %s ",
website_email,
user_email,
envelope.mail_options,
envelope.rcpt_options,
)
# smtp.send_message has UnicodeEncodeErroremail issue
# encode message raw directly instead
msg_raw = msg.as_string().encode()
smtp.sendmail(
forward_email.reply_email,
user_email,
msg_raw,
envelope.mail_options,
envelope.rcpt_options,
)
else:
LOG.d("%s is disabled, do not forward", gen_email)
forward_log.blocked = True
db.session.commit()
return "250 Message accepted for delivery"
def handle_reply(self, envelope, smtp: SMTP, msg: Message) -> str:
reply_email = envelope.rcpt_tos[0].lower()
# reply_email must end with EMAIL_DOMAIN
if not reply_email.endswith(EMAIL_DOMAIN):
LOG.error(f"Reply email {reply_email} has wrong domain")
return "550 wrong reply email"
forward_email = ForwardEmail.get_by(reply_email=reply_email)
alias: str = forward_email.gen_email.email
# alias must end with EMAIL_DOMAIN or custom-domain
alias_domain = alias[alias.find("@") + 1 :]
if alias_domain != EMAIL_DOMAIN:
if not CustomDomain.get_by(domain=alias_domain):
return "550 alias unknown by SimpleLogin"
user_email = forward_email.gen_email.user.email
if envelope.mail_from.lower() != user_email.lower():
LOG.error(
f"Reply email can only be used by user email. Actual mail_from: %s. User email %s. reply_email %s",
envelope.mail_from,
user_email,
reply_email,
)
send_email(
envelope.mail_from,
f"Your email ({envelope.mail_from}) is not allowed to send email to {reply_email}",
"",
"",
)
return "550 ignored"
delete_header(msg, "DKIM-Signature")
# the email comes from alias
msg.replace_header("From", alias)
# some email providers like ProtonMail adds automatically the Reply-To field
# make sure to delete it
delete_header(msg, "Reply-To")
msg.replace_header("To", forward_email.website_email)
# add List-Unsubscribe header
unsubscribe_link = f"{URL}/dashboard/unsubscribe/{forward_email.gen_email_id}"
add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
add_or_replace_header(
msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click"
)
# Received-SPF is injected by postfix-policyd-spf-python can reveal user original email
delete_header(msg, "Received-SPF")
LOG.d(
"send email from %s to %s, mail_options:%s,rcpt_options:%s",
alias,
forward_email.website_email,
envelope.mail_options,
envelope.rcpt_options,
)
if alias_domain == EMAIL_DOMAIN:
add_dkim_signature(msg, EMAIL_DOMAIN)
# add DKIM-Signature for non-custom-domain alias
else:
custom_domain: CustomDomain = CustomDomain.get_by(domain=alias_domain)
if custom_domain.dkim_verified:
add_dkim_signature(msg, alias_domain)
msg_raw = msg.as_string().encode()
smtp.sendmail(
alias,
forward_email.website_email,
msg_raw,
envelope.mail_options,
envelope.rcpt_options,
)
ForwardEmailLog.create(forward_id=forward_email.id, is_reply=True)
db.session.commit()
return "250 Message accepted for delivery"
if __name__ == "__main__":
controller = Controller(MailHandler(), hostname="0.0.0.0", port=20381)
controller.start()
LOG.d("Start mail controller %s %s", controller.hostname, controller.port)
while True:
time.sleep(2)