Son
845b53b03f
not send emails to inform about an alias can't be created to disabled user
2022-04-28 12:10:40 +02:00
Son
7b7cb0b571
prevent disabled user from using the api
2022-04-27 16:24:38 +02:00
Son
eab7606f93
make sure disabled user can't create new alias
2022-04-27 16:06:54 +02:00
Adrià Casajús
657cae53a6
Remove it for all creds
2022-04-26 18:44:57 +02:00
Adrià Casajús
ff33380bed
Do not send the transports to the js part since we have not stored them previously
2022-04-26 18:41:12 +02:00
Adrià Casajús
5208c549fa
Rename TransactionalComplaint to ProviderComplaint
2022-04-25 14:40:42 +02:00
Son
58b332b7bc
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
Adrià Casajús
fcd2ab6fed
Set data to non-nullable
2022-04-22 14:53:04 +02:00
Adrià Casajús
89d94963d7
PR comments
2022-04-22 14:49:03 +02:00
Son Nguyen Kim
5053d9f1f5
Merge pull request #918 from simple-login/handle-error-as-bytes
...
handle the AttributeError that can also be raised by as_bytes()
2022-04-22 10:51:55 +02:00
Son
68ec159d91
catch all exception in to_bytes
2022-04-22 10:20:43 +02:00
Son Nguyen Kim
2bcc22c391
Merge pull request #906 from simple-login/ac-hash-change
...
Support python>3.8 for verp emails and reduce size by truncating hmac and storing time in minutes since 2022-01-01
2022-04-22 10:11:31 +02:00
Adrià Casajús
0f14c3e74e
Move some comments as docstrings
2022-04-21 15:25:06 +02:00
Adrià Casajús
112b2c77c3
Add backwards compat with shake128 signed verp emails
2022-04-21 11:30:39 +02:00
Son
0f7ccec51a
handle the AttributeError that can also be raised by as_bytes()
2022-04-21 11:28:11 +02:00
Adrià Casajús
c573ef655e
Store bounces in the reply phase to prevent abuse
2022-04-21 11:23:58 +02:00
Son
bddb5e500a
able to handle several noreply addresses
...
This prepares the change of noreply@simplelogin.co to noreply@simplelogin.io
2022-04-21 08:59:46 +02:00
Adrià Casajús
af24876c71
Use sha3 and truncate to 8 bytes and store time in minutes starting at 2022-01-01
2022-04-20 20:46:35 +02:00
Son Nguyen Kim
9b624edf11
Merge pull request #901 from simple-login/no-dot-in-reverse-alias
...
use _ instead of . in reverse alias
2022-04-19 18:24:37 +02:00
Adrià Casajús
bad9202cf8
Calculate proper padding when decoding base32
2022-04-19 10:50:25 +02:00
Son Nguyen Kim
259851a04e
Merge pull request #860 from acasajus/remove-softfail
...
Generate secure transactional emails from address
2022-04-19 09:28:47 +02:00
Son
8dfdac79bf
use _ instead of . in reverse alias
...
to avoid AC_FROM_MANY_DOTS SpamAssassin rule
2022-04-15 17:34:29 +02:00
Adrià Casajús
d28980a810
Format
2022-04-14 18:27:20 +02:00
Adrià Casajús
4bcc728222
Merge remote-tracking branch 'origin/master' into remove-softfail
...
* origin/master: (34 commits)
fix flake8
add link to the anti phishing page
improve email wording
Move tests
Only send enum names
Only send enum name for events intead of the full class.enum
Also track login and register events from the api routes
typo
revert changes
Added fix for parts that are not messages
Add missing formatting place
Revert unwanted changes
Do not show an error if we receive an unsubscribe from a different address
Revert changes to pgp_utils
fix import
Send newrelic events on login and register
PR changes
format
Move dmarc management to its own file
ignore VERPTransactional
...
2022-04-14 18:25:03 +02:00
Son
debed67c68
return whether a domain is custom or primary in GET /api/v5/alias/options
2022-04-14 17:28:40 +02:00
Son
a957cbb3c0
fix flake8
2022-04-14 09:47:58 +02:00
Son
1709de93ef
add link to the anti phishing page
2022-04-14 09:28:26 +02:00
Son
95770de4d5
improve email wording
2022-04-14 09:23:49 +02:00
Adrià Casajús
ca93c8e603
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
...
* origin/master:
Only send enum name for events intead of the full class.enum
Also track login and register events from the api routes
typo
revert changes
Added fix for parts that are not messages
Add missing formatting place
Revert unwanted changes
Do not show an error if we receive an unsubscribe from a different address
Revert changes to pgp_utils
Send newrelic events on login and register
2022-04-12 12:48:46 +02:00
Adrià Casajús
0f91effce9
Only send enum names
2022-04-12 09:34:05 +02:00
Adrià Casajús
9928525cf9
Only send enum name for events intead of the full class.enum
2022-04-12 09:04:57 +02:00
Son Nguyen Kim
7a0fd34823
Merge pull request #886 from simple-login/ac-fix-unauthorized-email
...
Do not assume all parts in multipart messages are processed as messages
2022-04-11 17:54:35 +02:00
Adrià Casajús
2b149747f5
Also track login and register events from the api routes
2022-04-11 16:11:01 +02:00
Adrià Casajús
8da4293305
typo
2022-04-11 16:04:28 +02:00
Adrià Casajús
c16fd25b2e
Added fix for parts that are not messages
2022-04-11 15:52:31 +02:00
Adrià Casajús
ae8824a356
Revert unwanted changes
2022-04-11 14:20:56 +02:00
Adrià Casajús
7649f6b822
Do not show an error if we receive an unsubscribe from a different address
2022-04-11 14:19:32 +02:00
Adrià Casajús
dc59b61fba
Revert changes to pgp_utils
2022-04-11 10:20:02 +02:00
Adrià Casajús
f333bb00c5
fix import
2022-04-11 10:19:25 +02:00
Adrià Casajús
60a070731e
Send newrelic events on login and register
2022-04-11 10:18:22 +02:00
Adrià Casajús
7fdd7d7f6a
PR changes
2022-04-11 09:28:57 +02:00
Adrià Casajús
0dbe504329
format
2022-04-08 14:23:59 +02:00
Adrià Casajús
8df6d98522
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
2022-04-08 11:34:12 +02:00
Adrià Casajús
68e58c0876
Move dmarc management to its own file
2022-04-08 11:28:14 +02:00
Adrià Casajús
b128d64563
Moved spamd check to a custom file and cached the result
2022-04-07 19:17:37 +02:00
Adrià Casajús
0e3c46d944
Save original envelope for debugging
2022-04-06 17:31:46 +02:00
Adrià Casajús
8ca1be0166
Apply dmarc policy to the reply phase
2022-04-06 12:51:04 +02:00
Adrià Casajús
451e69a3c4
More rebase fixes
2022-03-30 16:09:17 +02:00
Adrià Casajús
dce9e633bf
fix
2022-03-30 16:02:05 +02:00
Adrià Casajús
db06ce0ae6
Create signed email addresses for VERP emails
2022-03-30 16:00:02 +02:00
Son
67c2c6afad
add warning to email content when dmarc softfail
2022-03-30 19:48:07 +07:00
Son Nguyen Kim
110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter
...
Reduce backscatter by checking return-path domain SPF status
2022-03-30 19:44:39 +07:00
Son Nguyen Kim
f7a98bc7d2
Merge pull request #862 from simple-login/ac/sanitize-next
...
Properly validate //host.com urls
2022-03-30 19:40:36 +07:00
Adrià Casajús
83fc8964a8
PR comments
2022-03-30 09:53:35 +02:00
Son Nguyen Kim
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
...
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
Adrià Casajús
1555bc6346
fix test
2022-03-29 21:03:55 +02:00
Adrià Casajús
19e87a7156
More random to secrets
2022-03-29 18:42:28 +02:00
Adrià Casajús
b15facb6e4
Use secrets instead of random
2022-03-29 18:40:52 +02:00
Adrià Casajús
97ef5ff765
Fix oauth redirect when clientid is invalid
2022-03-29 18:37:01 +02:00
Adrià Casajús
a9e31cff26
Fix tests
2022-03-29 18:34:13 +02:00
Adrià Casajús
c5b0f5304e
Format
2022-03-29 18:18:11 +02:00
Adrià Casajús
d6df5e0ea0
Add limiters to auth routes
2022-03-29 18:14:13 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places
2022-03-29 18:03:18 +02:00
Adrià Casajús
fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param
2022-03-29 17:53:00 +02:00
Adrià Casajús
085c166cb2
Replace 5XX with 2XX for return path that fail SPF check
2022-03-29 15:09:10 +02:00
Adrià Casajús
7d36256b7c
Check return-path spf record before bouncing a message
2022-03-29 10:52:11 +02:00
Son
0d7d56c0ea
send email when an email is put to quarantine
2022-03-25 18:02:17 +01:00
Son
63b1100a8b
log event when there's no dmarc result
2022-03-25 16:19:11 +01:00
Son
ce2d2a3b3a
fix case where header isn't string
2022-03-25 16:17:58 +01:00
Son
32fd65b69b
add more log for alias transfer
2022-03-23 18:33:33 +01:00
Son Nguyen Kim
3d30870395
Merge pull request #849 from acasajus/new/parse-rpamd-headers
...
Return 200 on fishy dmarc result
2022-03-22 17:36:45 +01:00
Son Nguyen Kim
99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers
...
Parse rspamd headers and apply dmarc policy if found.
2022-03-22 17:13:11 +01:00
Adrià Casajús
517bcb632e
MR changes
2022-03-22 17:02:59 +01:00
Son
5b3688b6df
set a domain for message-id
2022-03-22 11:02:02 +01:00
Adrià Casajús
5f831d593a
CamelCase to snake_case
2022-03-21 17:59:43 +01:00
Adrià Casajús
45459d65be
PR comments
2022-03-21 17:43:26 +01:00
Son
f554375f23
decode, replace and encode for base64 encoding
2022-03-21 17:29:22 +01:00
Son
1952f368a8
require password to use the api key page
2022-03-21 14:40:47 +01:00
Son
9dc7cff87f
add rate limiting for /auth/mfa
2022-03-21 14:23:35 +01:00
Son
a662ef4aee
remove g.deduct_limit in api auth endpoint
2022-03-21 14:23:20 +01:00
Adrià Casajús
06a1363e92
Updated MR comments
2022-03-21 12:03:11 +01:00
Adrià Casajús
cdea0f5ee2
Rename header
2022-03-21 10:43:19 +01:00
Adrià Casajús
44dd06fabf
Added spoofed email test
2022-03-21 10:43:18 +01:00
Adrià Casajús
c9cbaeb460
format
2022-03-21 10:43:17 +01:00
Adrià Casajús
e8013f8e0c
Initial parse of rpamd extra headers
2022-03-21 10:43:17 +01:00
Son
0931642d11
use 10.0.0.0 network instead of 240.0.0.0
2022-03-20 10:38:58 +01:00
Son
fa2f83dbf4
fix and refactor
2022-03-16 10:24:59 +01:00
Son
7e0992b767
add mime version header for transactional email
2022-03-14 19:23:38 +01:00
Son Nguyen Kim
79154378f2
Merge pull request #836 from cquintana92/feature/allow-to-edit-manual-subscription
...
Allow to edit manual subscription
2022-03-14 18:07:07 +01:00
Carlos Quintana
ed58e811d1
Allow to edit manual subscription
2022-03-14 16:47:30 +01:00
Adrià Casajús
479a7420cb
Useful time format
2022-03-14 15:40:50 +01:00
Adrià Casajús
b463ba8f41
Added filter
2022-03-14 15:33:09 +01:00
Adrià Casajús
bf177ac5ba
Remove unused
2022-03-14 15:29:17 +01:00
Adrià Casajús
9b16143e59
Show nicer admin logs
2022-03-14 15:28:53 +01:00
Adrià Casajús
553d8976be
Added extend subscription log
2022-03-14 15:07:51 +01:00
Adrià Casajús
549c6ec7d3
Comment changes
2022-03-11 11:37:14 +01:00
Adrià Casajús
4368fd323f
Less changes
2022-03-10 18:13:33 +01:00
Adrià Casajús
d0860cd54d
Merge remote-tracking branch 'origin/master' into new/admin-audit-trail
...
* origin/master: (35 commits)
reduce nb of commit
show "more" only when a notification has a title. Show either title or message. Use bold font when a notification isn't read
create a notification when an alias is disabled
mark a notification as read when user arrives on the notification page
Use plausible outbound link tracking
add more log
fix discover page
fix
fix "local variable 'alias_id' referenced before assignment"
make sure to close session in monitoring
use Date instead of date for header value
lessen alias automatic disable check
refactor
return the block reason in should_disable()
add adhoc upgrade on admin
add extend subscription for 1 month to admin
disable edition on admin
comment out some admin pages
fix migration
fix duplicated stats
...
2022-03-10 18:10:13 +01:00
Adrià Casajús
733efc387c
Updated admin view
2022-03-10 17:49:30 +01:00
Adrià Casajús
98c942d84a
Added admin log view
2022-03-10 17:32:35 +01:00