Detect unknown mailbox using envelope mail_from
This commit is contained in:
parent
33d578c78e
commit
336bdb196d
|
@ -476,24 +476,26 @@ def handle_reply(envelope, smtp: SMTP, msg: Message, rcpt_to: str) -> (bool, str
|
|||
return False, "550 SL E5"
|
||||
|
||||
user = alias.user
|
||||
mailbox_email = alias.mailbox_email()
|
||||
mail_from = envelope.mail_from.lower().strip()
|
||||
|
||||
# bounce email initiated by Postfix
|
||||
# can happen in case emails cannot be delivered to user-email
|
||||
# in this case Postfix will try to send a bounce report to original sender, which is
|
||||
# the "reply email"
|
||||
if envelope.mail_from == "<>":
|
||||
if mail_from == "<>":
|
||||
LOG.warning(
|
||||
"Bounce when sending to alias %s from %s, user %s",
|
||||
alias,
|
||||
contact.website_email,
|
||||
alias.user,
|
||||
"Bounce when sending to alias %s from %s, user %s", alias, contact, user,
|
||||
)
|
||||
|
||||
handle_bounce(contact, alias, msg, user)
|
||||
return False, "550 SL E6"
|
||||
|
||||
mailbox: Mailbox = Mailbox.get_by(email=mailbox_email)
|
||||
mailbox = Mailbox.get_by(email=mail_from, user_id=user.id)
|
||||
if not mailbox or mailbox not in alias.mailboxes:
|
||||
# only mailbox can send email to the reply-email
|
||||
handle_unknown_mailbox(envelope, msg, reply_email, user, alias)
|
||||
return False, "550 SL E7"
|
||||
|
||||
if ENFORCE_SPF and mailbox.force_spf:
|
||||
ip = msg[_IP_HEADER]
|
||||
if not spf_pass(ip, envelope, mailbox, user, alias, contact.website_email, msg):
|
||||
|
@ -501,13 +503,7 @@ def handle_reply(envelope, smtp: SMTP, msg: Message, rcpt_to: str) -> (bool, str
|
|||
|
||||
delete_header(msg, _IP_HEADER)
|
||||
|
||||
# only mailbox can send email to the reply-email
|
||||
if envelope.mail_from.lower() != mailbox_email.lower():
|
||||
handle_unknown_mailbox(envelope, msg, mailbox, reply_email, user, alias)
|
||||
return False, "550 SL E7"
|
||||
|
||||
delete_header(msg, "DKIM-Signature")
|
||||
|
||||
delete_header(msg, "Received")
|
||||
|
||||
# make the email comes from alias
|
||||
|
@ -636,36 +632,33 @@ def spf_pass(
|
|||
return True
|
||||
|
||||
|
||||
def handle_unknown_mailbox(
|
||||
envelope, msg, mailbox: Mailbox, reply_email: str, user: User, alias: Alias
|
||||
):
|
||||
def handle_unknown_mailbox(envelope, msg, reply_email: str, user: User, alias: Alias):
|
||||
LOG.warning(
|
||||
f"Reply email can only be used by mailbox. "
|
||||
f"Actual mail_from: %s. msg from header: %s, Mailbox %s. reply_email %s",
|
||||
f"Actual mail_from: %s. msg from header: %s, reverse-alias %s, %s %s",
|
||||
envelope.mail_from,
|
||||
msg["From"],
|
||||
mailbox.email,
|
||||
reply_email,
|
||||
alias,
|
||||
user,
|
||||
)
|
||||
|
||||
send_email_with_rate_control(
|
||||
user,
|
||||
ALERT_REVERSE_ALIAS_UNKNOWN_MAILBOX,
|
||||
mailbox.email,
|
||||
user.email,
|
||||
f"Reply from your alias {alias.email} only works from your mailbox",
|
||||
render(
|
||||
"transactional/reply-must-use-personal-email.txt",
|
||||
name=user.name,
|
||||
alias=alias.email,
|
||||
alias=alias,
|
||||
sender=envelope.mail_from,
|
||||
mailbox_email=mailbox.email,
|
||||
),
|
||||
render(
|
||||
"transactional/reply-must-use-personal-email.html",
|
||||
name=user.name,
|
||||
alias=alias.email,
|
||||
alias=alias,
|
||||
sender=envelope.mail_from,
|
||||
mailbox_email=mailbox.email,
|
||||
),
|
||||
)
|
||||
|
||||
|
|
|
@ -2,10 +2,27 @@
|
|||
|
||||
{% block content %}
|
||||
{{ render_text("Hi " + name) }}
|
||||
{{ render_text("We have recorded an attempt to send an email from your alias <b>"+ alias +"</b> using <b>" + sender + "</b>.") }}
|
||||
{{ render_text("Please note that sending from this alias only works from <b>" + mailbox_email + "</b>.") }}
|
||||
{{ render_text("Indeed, only you (or the mailbox that owns <b>" + alias + "</b>) can send emails on behalf of this alias.") }}
|
||||
{{ render_text('Thanks, <br />SimpleLogin Team.') }}
|
||||
|
||||
{% call text() %}
|
||||
We have recorded an attempt to send an email from your alias <b>{{ alias.email }}</b> using <b>{{ sender }}</b>>
|
||||
{% endcall %}
|
||||
|
||||
{% call text() %}
|
||||
Please note that sending from this alias only works from one of these mailboxes: <br>
|
||||
{% for mailbox in alias.mailboxes %}
|
||||
- {{ mailbox.email }} <br>
|
||||
{% endfor %}
|
||||
{% endcall %}
|
||||
|
||||
{% call text() %}
|
||||
Indeed only you can send emails on behalf of your alias.
|
||||
{% endcall %}
|
||||
|
||||
{% call text() %}
|
||||
Thanks, <br/>
|
||||
SimpleLogin Team.
|
||||
{% endcall %}
|
||||
|
||||
{% endblock %}
|
||||
|
||||
|
||||
|
|
|
@ -1,8 +1,15 @@
|
|||
Hi {{name}}
|
||||
|
||||
We have recorded an attempt to send an email from your alias {{ alias }} using {{ sender }}.
|
||||
We have recorded an attempt to send an email from your alias {{ alias.email }} using {{ sender }}.
|
||||
|
||||
Please note that sending from this alias only works from {{mailbox_email}}: only you (i.e. no one else) can send emails on behalf of your alias.
|
||||
Please note that sending from this alias only works from one of these mailboxes:
|
||||
|
||||
{% for mailbox in alias.mailboxes %}
|
||||
- {{mailbox.email}}
|
||||
{% endfor %}
|
||||
|
||||
|
||||
Indeed only you can send emails on behalf of your alias.
|
||||
|
||||
Best,
|
||||
SimpleLogin team.
|
||||
|
|
Loading…
Reference in New Issue