add warning to email content when dmarc softfail

2022-03-30 11:59:32 +07:00 · 2022-03-30 11:59:32 +07:00 · 67c2c6afad
parent 110f2f2f2c
commit 67c2c6afad
2 changed files with 22 additions and 7 deletions
--- a/app/errors.py
+++ b/app/errors.py
@ -56,3 +56,8 @@ class MailSentFromReverseAlias(SLException):
    """raised when receiving an email sent from a reverse alias"""

    pass
+
+
+class DmarcSoftFail(SLException):
+
+    pass
--- a/email_handler.py
+++ b/email_handler.py
@ -138,6 +138,7 @@ from app.errors import (
    VERPForward,
    VERPReply,
    CannotCreateContactForReverseAlias,
+    DmarcSoftFail,
 )
 from app.log import LOG, set_message_id
 from app.models import (
@ -549,18 +550,17 @@ def apply_dmarc_policy(
        return None

    from_header = get_header_unicode(msg[headers.FROM])
-    # todo: remove when soft_fail email is put into quarantine
+
    if spam_result.dmarc == DmarcCheckResult.soft_fail:
        LOG.w(
            f"dmarc soft_fail from contact {contact.email} to alias {alias.email}."
            f"mail_from:{envelope.mail_from}, from_header: {from_header}"
        )
-        return None
+        raise DmarcSoftFail
+
    if spam_result.dmarc in (
        DmarcCheckResult.quarantine,
        DmarcCheckResult.reject,
-        # todo: disable soft_fail for now
-        # DmarcCheckResult.soft_fail,
    ):
        LOG.w(
            f"put email from {contact} to {alias} to quarantine. {spam_result.event_data()}, "
@ -597,6 +597,7 @@ def apply_dmarc_policy(
            ignore_smtp_error=True,
        )
        return status.E215
+
    return None


@ -715,9 +716,18 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
        return [(True, res_status)]

    # Check if we need to reject or quarantine based on dmarc
-    dmarc_delivery_status = apply_dmarc_policy(alias, contact, envelope, msg)
-    if dmarc_delivery_status is not None:
-        return [(False, dmarc_delivery_status)]
+    try:
+        dmarc_delivery_status = apply_dmarc_policy(
+            alias, contact, envelope, msg, from_header
+        )
+        if dmarc_delivery_status is not None:
+            return [(False, dmarc_delivery_status)]
+    except DmarcSoftFail:
+        msg = add_header(
+            msg,
+            f"""This email failed anti-phishing checks when it’s received by SimpleLogin, be careful with its content.""",
+            f"""This email failed anti-phishing checks when it’s received by SimpleLogin, be careful with its content.""",
+        )

    ret = []
    mailboxes = alias.mailboxes