mirror of
https://github.com/simple-login/app.git
synced 2024-11-13 23:51:13 +01:00
193 lines
6.6 KiB
Python
193 lines
6.6 KiB
Python
"""
|
|
Handle the email *forward* and *reply*. phase. There are 3 actors:
|
|
- website: who sends emails to alias@sl.co address
|
|
- SL email handler (this script)
|
|
- user personal email: to be protected. Should never leak to website.
|
|
|
|
This script makes sure that in the forward phase, the email that is forwarded to user personal email has the following
|
|
envelope and header fields:
|
|
Envelope:
|
|
mail from: srs@sl.co # managed by SRS
|
|
rcpt to: @personal_email
|
|
Header:
|
|
From: @website
|
|
To: alias@sl.co # so user knows this email is sent to alias
|
|
Reply-to: special@sl.co # magic HERE
|
|
|
|
And in the reply phase:
|
|
Envelope:
|
|
mail from: srs@sl.co # managed by SRS
|
|
rcpt to: @website
|
|
|
|
Header:
|
|
From: alias@sl.co # so for website the email comes from alias. magic HERE
|
|
To: @website
|
|
|
|
The special@sl.co allows to hide user personal email when user clicks "Reply" to the forwarded email.
|
|
It should contain the following info:
|
|
- alias
|
|
- @website
|
|
|
|
|
|
"""
|
|
import time
|
|
from email.parser import Parser
|
|
from email.policy import default
|
|
from smtplib import SMTP
|
|
|
|
from aiosmtpd.controller import Controller
|
|
|
|
from app.config import EMAIL_DOMAIN
|
|
from app.email_utils import notify_admin
|
|
from app.extensions import db
|
|
from app.log import LOG
|
|
from app.models import GenEmail, ForwardEmail, ForwardEmailLog
|
|
from app.utils import random_words
|
|
from server import create_app
|
|
|
|
|
|
def parse_srs_email(srs) -> str:
|
|
"""
|
|
Parse srs0=8lgw=y6=outlook.com=abcd@mailsl.meo.ovh and return abcd@outlook.com
|
|
"""
|
|
local_part = srs[: srs.find("@")] # srs0=8lgw=y6=outlook.com=abcd
|
|
local_email_part = local_part[local_part.rfind("=") + 1 :] # abcd
|
|
|
|
rest = local_part[: local_part.rfind("=")] # srs0=8lgw=y6=outlook.com
|
|
domain_email_part = rest[rest.rfind("=") + 1 :] # outlook.com
|
|
|
|
return f"{local_email_part}@{domain_email_part}"
|
|
|
|
|
|
class MailHandler:
|
|
async def handle_RCPT(self, server, session, envelope, address, rcpt_options):
|
|
if not address.endswith(EMAIL_DOMAIN):
|
|
LOG.error(f"Not handle email {address}")
|
|
return "550 not relaying to that domain"
|
|
|
|
envelope.rcpt_tos.append(address)
|
|
|
|
return "250 OK"
|
|
|
|
async def handle_DATA(self, server, session, envelope):
|
|
LOG.debug(">>> New message <<<")
|
|
|
|
LOG.debug("Mail from %s", envelope.mail_from)
|
|
LOG.debug("Rcpt to %s", envelope.rcpt_tos)
|
|
message_data = envelope.content.decode("utf8", errors="replace")
|
|
|
|
# Only when debug
|
|
# LOG.debug("Message data:\n")
|
|
# LOG.debug(message_data)
|
|
|
|
# host IP, setup via Docker network
|
|
smtp = SMTP("1.1.1.1", 25)
|
|
msg = Parser(policy=default).parsestr(message_data)
|
|
|
|
if not envelope.rcpt_tos[0].startswith("reply+"): # Forward case
|
|
LOG.debug("Forward phase, add Reply-To header")
|
|
alias = envelope.rcpt_tos[0] # alias@SL
|
|
|
|
app = create_app()
|
|
|
|
with app.app_context():
|
|
gen_email = GenEmail.get_by(email=alias)
|
|
website_email = parse_srs_email(envelope.mail_from)
|
|
|
|
forward_email = ForwardEmail.get_by(
|
|
gen_email_id=gen_email.id, website_email=website_email
|
|
)
|
|
if not forward_email:
|
|
LOG.debug(
|
|
"create forward email for alias %s and website email %s",
|
|
alias,
|
|
website_email,
|
|
)
|
|
# todo: make sure reply_email is unique
|
|
reply_email = f"reply+{random_words()}@{EMAIL_DOMAIN}"
|
|
forward_email = ForwardEmail.create(
|
|
gen_email_id=gen_email.id,
|
|
website_email=website_email,
|
|
reply_email=reply_email,
|
|
)
|
|
db.session.commit()
|
|
|
|
forward_log = ForwardEmailLog.create(forward_id=forward_email.id)
|
|
|
|
if gen_email.enabled:
|
|
# add custom header
|
|
msg.add_header("X-SimpleLogin-Type", "Forward")
|
|
try:
|
|
msg.add_header("Reply-To", forward_email.reply_email)
|
|
except ValueError:
|
|
# the header exists already
|
|
msg.replace_header("Reply-To", forward_email.reply_email)
|
|
|
|
LOG.d(
|
|
"Send mail from %s to %s, mail_options %s, rcpt_options %s ",
|
|
envelope.mail_from,
|
|
gen_email.user.email,
|
|
envelope.mail_options,
|
|
envelope.rcpt_options,
|
|
)
|
|
|
|
smtp.send_message(
|
|
msg,
|
|
from_addr=envelope.mail_from,
|
|
to_addrs=[gen_email.user.email], # user personal email
|
|
mail_options=envelope.mail_options,
|
|
rcpt_options=envelope.rcpt_options,
|
|
)
|
|
else:
|
|
LOG.d("%s is disabled, do not forward", gen_email)
|
|
forward_log.blocked = True
|
|
|
|
db.session.commit()
|
|
else:
|
|
LOG.debug("Reply phase")
|
|
reply_email = envelope.rcpt_tos[0]
|
|
|
|
app = create_app()
|
|
|
|
with app.app_context():
|
|
forward_email = ForwardEmail.get_by(reply_email=reply_email)
|
|
alias = forward_email.gen_email.email
|
|
|
|
notify_admin(
|
|
f"Reply phase used by user: {forward_email.gen_email.user.email} "
|
|
)
|
|
|
|
# email seems to come from alias
|
|
msg.replace_header("From", alias)
|
|
msg.replace_header("To", forward_email.website_email)
|
|
|
|
LOG.d(
|
|
"send email from %s to %s, mail_options:%s,rcpt_options:%s",
|
|
alias,
|
|
forward_email.website_email,
|
|
envelope.mail_options,
|
|
envelope.rcpt_options,
|
|
)
|
|
|
|
smtp.send_message(
|
|
msg,
|
|
from_addr=alias,
|
|
to_addrs=[forward_email.website_email],
|
|
mail_options=envelope.mail_options,
|
|
rcpt_options=envelope.rcpt_options,
|
|
)
|
|
|
|
ForwardEmailLog.create(forward_id=forward_email.id, is_reply=True)
|
|
db.session.commit()
|
|
|
|
return "250 Message accepted for delivery"
|
|
|
|
|
|
if __name__ == "__main__":
|
|
controller = Controller(MailHandler(), hostname="0.0.0.0", port=20381)
|
|
|
|
controller.start()
|
|
LOG.d("Start mail controller %s %s", controller.hostname, controller.port)
|
|
|
|
while True:
|
|
time.sleep(10)
|