Improve handling when pgp key is invalid (#1264)

* remove unused email statuses * add more logging * use text_header if html_header not set * improve email * add a header about PGP failure when forward emails can't be encrypted * remove unused email status
2022-09-02 11:47:04 +02:00 · 2022-09-02 11:47:04 +02:00 · cea139b7d5
parent 25773448c2
commit cea139b7d5
6 changed files with 18 additions and 13 deletions
--- a/app/email/status.py
+++ b/app/email/status.py
@ -31,11 +31,7 @@ E402 = "421 SL E402 Encryption failed - Retry later"
 # E403 = "421 SL E403 Retry later"
 E404 = "421 SL E404 Unexpected error - Retry later"
 E405 = "421 SL E405 Mailbox domain problem - Retry later"
-E406 = "421 SL E406 Retry later"
 E407 = "421 SL E407 Retry later"
-E408 = "421 SL E408 Retry later"
-E409 = "421 SL E409 Retry later"
-E410 = "421 SL E410 Retry later"
 # endregion

 # region 5** errors
--- a/app/email_utils.py
+++ b/app/email_utils.py
@ -931,7 +931,9 @@ def decode_text(text: str, encoding: EmailEncoding = EmailEncoding.NO) -> str:
        return text


-def add_header(msg: Message, text_header, html_header) -> Message:
+def add_header(msg: Message, text_header, html_header=None) -> Message:
+    if not html_header:
+        html_header = text_header
    content_type = msg.get_content_type().lower()
    if content_type == "text/plain":
        encoding = get_encoding(msg)
--- a/cron.py
+++ b/cron.py
@ -842,8 +842,11 @@ def check_mailbox_valid_pgp_keys():
        mailbox = Mailbox.get(mailbox_id)
        # a mailbox has been deleted
        if not mailbox:
+            LOG.d(f"Mailbox {mailbox_id} not found")
            continue

+        LOG.d(f"Checking PGP key for {mailbox}")
+
        try:
            load_public_key_and_check(mailbox.pgp_public_key)
        except PGPException:
--- a/email_handler.py
+++ b/email_handler.py
@ -515,6 +515,9 @@ def prepare_pgp_message(

        encrypted = pgp_utils.encrypt_file_with_pgpy(msg_bytes, public_key)
        second.set_payload(str(encrypted))
+        LOG.i(
+            f"encryption works with pgpy and not with python-gnupg, public key {public_key}"
+        )

    msg.attach(second)

@ -853,12 +856,13 @@ def forward_email_to_mailbox(
                msg, mailbox.pgp_finger_print, mailbox.pgp_public_key, can_sign=True
            )
        except PGPException:
-            LOG.e(
+            LOG.w(
                "Cannot encrypt message %s -> %s. %s %s", contact, alias, mailbox, user
            )
-            EmailLog.delete(email_log.id, commit=True)
-            # so the client can retry later
-            return False, status.E406
+            msg = add_header(
+                msg,
+                f"""PGP encryption fails with {mailbox.email}'s PGP key""",
+            )

    # add custom header
    add_or_replace_header(msg, headers.SL_DIRECTION, "Forward")
--- a/templates/emails/base.txt.jinja2
+++ b/templates/emails/base.txt.jinja2
@ -3,4 +3,4 @@
 Best,
 SimpleLogin team.

-Do you have a question? Contact us at https://app.simplelogin.io/dashboard/support.
+Do you have a question? Contact us at https://app.simplelogin.io/dashboard/support
--- a/templates/emails/transactional/invalid-mailbox-pgp-key.txt.jinja2
+++ b/templates/emails/transactional/invalid-mailbox-pgp-key.txt.jinja2
@ -2,10 +2,10 @@

 {% block content %}

-  We have detected that your mailbox {{ mailbox.email }}'s PGP key is invalid.
+We have detected that your mailbox {{ mailbox.email }}'s PGP key is invalid.

-  A potential cause is the key is already expired.
+A potential cause is the PGP key is already expired.

-  Please update the key so forwarded emails can be properly encrypted.
+Please update your PGP key on {{URL}}/dashboard/mailbox/{{ mailbox.id }}/ so forwarded emails can be properly encrypted.

 {% endblock %}