From d415974e3beab9cf863eacba734f8286fde100c0 Mon Sep 17 00:00:00 2001 From: Son Nguyen Kim Date: Tue, 27 Sep 2022 09:43:58 +0200 Subject: [PATCH] Handle undisclosed recipients header (#1314) * remove TO header if it's set to "undisclosed-recipients:;" more info on https://www.rfc-editor.org/rfc/rfc4356.txt * remove unnecessary indentation character in plain text email --- email_handler.py | 8 ++++++- .../message-quarantine-dmarc.txt.jinja2 | 8 +++---- .../non-reverse-alias-reply-phase.txt.jinja2 | 22 +++++++++---------- .../emails/transactional/noreply.text.jinja2 | 4 +++- .../transactional/spoof-reply.txt.jinja2 | 8 +++---- 5 files changed, 29 insertions(+), 21 deletions(-) diff --git a/email_handler.py b/email_handler.py index b8522927..9d8b5233 100644 --- a/email_handler.py +++ b/email_handler.py @@ -1171,7 +1171,13 @@ def handle_reply(envelope, msg: Message, rcpt_to: str) -> (bool, str): add_or_replace_header(msg, headers.FROM, from_header) try: - replace_header_when_reply(msg, alias, headers.TO) + if str(msg[headers.TO]).lower() == "undisclosed-recipients:;": + # no need to replace TO header + LOG.d("email is sent in BCC mode") + del msg[headers.TO] + else: + replace_header_when_reply(msg, alias, headers.TO) + replace_header_when_reply(msg, alias, headers.CC) except NonReverseAliasInReplyPhase as e: LOG.w("non reverse-alias in reply %s %s %s", e, contact, alias) diff --git a/templates/emails/transactional/message-quarantine-dmarc.txt.jinja2 b/templates/emails/transactional/message-quarantine-dmarc.txt.jinja2 index 5b917c1f..68d15af8 100644 --- a/templates/emails/transactional/message-quarantine-dmarc.txt.jinja2 +++ b/templates/emails/transactional/message-quarantine-dmarc.txt.jinja2 @@ -1,11 +1,11 @@ {% extends "base.txt.jinja2" %} {% block content %} - An email from {{ from_header }} to {{ alias.email }} is put into Quarantine as it fails anti-phishing check. +An email from {{ from_header }} to {{ alias.email }} is put into Quarantine as it fails anti-phishing check. - You can view the email at {{ refused_email_url }}. - This email is automatically deleted in 7 days. +You can view the email at {{ refused_email_url }}. +This email is automatically deleted in 7 days. - More info about the anti-phishing measure on https://simplelogin.io/docs/getting-started/anti-phishing/ +More info about the anti-phishing measure on https://simplelogin.io/docs/getting-started/anti-phishing/ {% endblock %} diff --git a/templates/emails/transactional/non-reverse-alias-reply-phase.txt.jinja2 b/templates/emails/transactional/non-reverse-alias-reply-phase.txt.jinja2 index 8de942f6..c0ac8642 100644 --- a/templates/emails/transactional/non-reverse-alias-reply-phase.txt.jinja2 +++ b/templates/emails/transactional/non-reverse-alias-reply-phase.txt.jinja2 @@ -1,19 +1,19 @@ {% extends "base.txt.jinja2" %} {% block content %} - Hi +Hi - Your email sent to {{ destination }} from {{ alias }} ({{ subject }}) contains an address - which isn't a reverse-alias in the To: or Cc: field. +Your email sent to {{ destination }} from {{ alias }} ({{ subject }}) contains an address +which isn't a reverse-alias in the To: or Cc: field. - The email was then directly sent to this recipient and doesn't pass by SimpleLogin. - Unfortunately, it reveals your real mailbox address to the recipient. - Please create a reverse alias for each recipient to make sure your mailbox stays hidden and re-send the email. +The email was then directly sent to this recipient and doesn't pass by SimpleLogin. +Unfortunately, it reveals your real mailbox address to the recipient. +Please create a reverse alias for each recipient to make sure your mailbox stays hidden and re-send the email. - In case some reverse aliases are also present in To: or Cc:, SimpleLogin won't deliver this email to the - corresponding contacts to avoid any potential side effect. Please remove the non reverse-alias addresses and - re-send the email. +In case some reverse aliases are also present in To: or Cc:, SimpleLogin won't deliver this email to the +corresponding contacts to avoid any potential side effect. Please remove the non reverse-alias addresses and +re-send the email. - More info about reverse-alias can be found on https://simplelogin.io/docs/getting-started/reverse-alias/ - and how to send an email from your alias on https://simplelogin.io/docs/getting-started/send-email/ +More info about reverse-alias can be found on https://simplelogin.io/docs/getting-started/reverse-alias/ +and how to send an email from your alias on https://simplelogin.io/docs/getting-started/send-email/ {% endblock %} diff --git a/templates/emails/transactional/noreply.text.jinja2 b/templates/emails/transactional/noreply.text.jinja2 index 86606234..5e321b33 100644 --- a/templates/emails/transactional/noreply.text.jinja2 +++ b/templates/emails/transactional/noreply.text.jinja2 @@ -1,6 +1,8 @@ Hi! -Thanks for getting in touch. This mailbox cannot receive any emails. If you need help, please go to https://app.simplelogin.io/dashboard/support to contact us. +Thanks for getting in touch. This mailbox cannot receive any emails. + +If you need help, please go to https://app.simplelogin.io/dashboard/support to contact us. Best! SimpleLogin team diff --git a/templates/emails/transactional/spoof-reply.txt.jinja2 b/templates/emails/transactional/spoof-reply.txt.jinja2 index 7a1e0d9f..640e1026 100644 --- a/templates/emails/transactional/spoof-reply.txt.jinja2 +++ b/templates/emails/transactional/spoof-reply.txt.jinja2 @@ -1,10 +1,10 @@ {% extends "base.txt.jinja2" %} {% block content %} - Unauthorized attempt to send an email to {{ contact.email }} from your alias {{ alias.email }} using - {{ sender }} has been blocked. +Unauthorized attempt to send an email to {{ contact.email }} from your alias {{ alias.email }} using +{{ sender }} has been blocked. - To protect against email spoofing, only your mailbox can send emails on behalf of your alias. - SimpleLogin also refuses emails that claim to come from your mailbox but fail DMARC. +To protect against email spoofing, only your mailbox can send emails on behalf of your alias. +SimpleLogin also refuses emails that claim to come from your mailbox but fail DMARC. {% endblock %}