Ejemplo n.º 1
0
	def apply_untrusted(self, user, mailfrom, rcpttos, msg):

		if 'In-Reply-To' in msg:
			hashmsg = self.db.hash_data(msg['In-Reply-To'], user.get_salt())
		else:
			return # TODO: error; message-id should always be present

		self.db.set_untrusted_alias(user.get_uid(), hashmsg)
		return
Ejemplo n.º 2
0
	def apply_aliasing(self, user, mailfrom, rcpttos, msg):
		""" Applies an alias as the sender of a message or attempts to infer
		it if none was given by the sender.

		Handles cases 1d and 1e of the specification.
		"""
		usralias = None
		alias_addx = None
		is_alias_address = lambda entry: entry.parse_alias_address()

		logging.debug('Attempting to apply aliasing')

		# look for use of existing alias in To field (case 1d);
		for cur_addx in msg.search_header_addresses('to', is_alias_address):
			alias_pair = cur_addx.parse_alias_address()
			alias_data = self.db.get_alias_data(*alias_pair,	\
							    uid=user.get_uid())

			if not alias_data:
				continue

			usralias = Alias(**alias_data)
			alias_addx = cur_addx

			#if not usralias.is_active():
			#	continue

			# remove alias from rcpttos and all To fields
			for i in range(len(rcpttos)):
				if alias_addx == rcpttos[i]:
					del rcpttos[i]
					break

			msg.replace_address('to', alias_addx, None)
			break

		# if no alias in To field, try to infer the correct one (case 1e);
		if not alias_addx:

			logging.debug("Couldn't find alias to use in headers; " \
				      'attempting to infer correct alias')

			alias_data = self.db.infer_alias(user.get_uid(),
							 msg.get_header_addresses('to'),
							 user.get_salt())

			if not alias_data:
				logging.debug('Failed to infer alias')

				err = ErrorMessage('applyalias.noinfer',
						   fromaddx = self.cfg.SVCALIAS,
						   toaddx = user.get_account_address(),
						   subject = msg['Subject'])
	
				self.send(err['From'], [user.get_forwarding_address()], err)

				return False

			usralias = Alias(**alias_data)

			#if not usralias.is_active():
			#	return False

			logging.debug('Succesfully inferred alias "%s"', str(usralias))

			alias_addx = Address(usralias.get_alias_address())

		# if we found an alias to use, apply it, send the
		# message, and record in history table;
		alias_addx.realname = Address(mailfrom).realname

		msg.replace_address('from', None, alias_addx)
		#del msg['message-id']

		if rcpttos == []:
			logging.info('No recipients left; ignoring');
			return

		rcpt_aliases = []
		rcpt_nonaliases = []

		for entry in rcpttos:
			rcpt_addx = Address(entry)
			if rcpt_addx.is_servername():
				rcpt_aliases.append(entry)
			else:
				rcpt_nonaliases.append(entry)

		self.send(str(alias_addx), rcpt_nonaliases, msg)
		self.forward(str(alias_addx), rcpt_aliases, msg)

		self.db.add_history(usralias.get_rid(),
				    True,
				    address.getaddresses(rcpttos),
				    msg['Message-ID'],
				    user.get_salt())

		return
Ejemplo n.º 3
0
	def forward(self, mailfrom, rcpttos, msg):
		""" Handles Case 2, where email is not from a service user and so
		needs to be forwarded to various aliases.
		"""
		for rcpt in rcpttos:
			prcpt = Address(rcpt)
			alias_pair = prcpt.parse_alias_address()
			logging.debug(rcpt)
			if not alias_pair:
				# if the domain is SERVERNAME, sender screwed up; return error to sender...
				if prcpt.is_servername():
					logging.info('Encountered improperly formatted '
						     'address "%s" in recipients field', prcpt.address)

					# Create error response message
					err = ErrorMessage('forward.badformat',
							   fromaddx	= self.cfg.SVCALIAS,
							   toaddx	= mailfrom,
							   badalias	= prcpt.address)

					self.send(err['From'], [mailfrom], err)

				# ... otherwise ignore; not our job to send to non-users
				logging.info('Encountered recipient outside our domain; ignoring')

			else:
				alias_data = self.db.get_alias_data(*alias_pair)

				if alias_data:
					fwd_alias = Alias(**alias_data)

					userdata = self.db.get_user(uid=fwd_alias.get_uid())
					assert userdata is not None
					user = User(**userdata)

					logging.debug('is trusted? %s', fwd_alias.is_trusted())

					# handle trustedness here;
					if not fwd_alias.is_trusted():

						mfrom = Address(mailfrom)

						# if sender is in trusted group, then it's all right;
						if self.db.is_trusted_correspondent(mfrom,			\
										    user.get_salt(),		\
										    fwd_alias.get_rid(),	\
										    fwd_alias.get_trusted_timestamp()):
							pass # TODO: send/append something about newer alias to send to?

						else:
							capstat = self.db.get_capstat(mfrom,		\
										      user.get_salt(),	\
										      fwd_alias.get_rid())

							logging.debug('capstat=%s', capstat)

							if capstat < self.db.CAPTCHA_PENDING:
								logging.debug('captcha not yet sent; trying to send one')
								# If not approved, send captcha to sender and drop mail.
								# TODO: Perhaps we can cache the mail somewhere.
								cid = self.db.get_cid(mfrom, user.get_salt())
								self.send_captcha(mailfrom, cid, fwd_alias)
								#self.db.set_capstat(cid,
								#		    fwd_alias.get_rid(),
								#		    self.db.CAPTCHA_PENDING)
								logging.debug('done sending captcha')

							elif capstat == self.db.CAPTCHA_PENDING:
								logging.debug('captcha was already sent; still waiting for solution')

							elif capstat == self.db.CAPTCHA_APPROVED:
								logging.debug('captcha approved, but not yet user approved')
								# if user denied,
								# TODO: just ignore? or do something more?
								#	pass

								# if user judgement pending, send message
								# informing them they must wait for user's approval?
								if capstat == self.db.USER_PENDING:
									pass # TODO: send message

							return

					# TODO: can consult a whitelist/blacklist/etc. here

					fwd_addx = Address(user.get_forwarding_address())
					fwd_addx.realname = prcpt.realname

					logging.info('Found alias for account (%s) Forwarding message to %s', \
						      user.get_username(), fwd_addx.address)

					# Add hint as recipient name. The hint/domain is used as a reminder
					# to the user where this email address was originally created for.
					# But since we did not update Reply-To, it will drop off when the
					# user replies to the message.
					rcptaddr = Address(rcpt)

					if rcptaddr.get_realname() == '':
						if fwd_alias.get_hint() != None:
							rcptaddr.set_realname(fwd_alias.get_hint())

						elif fwd_alias.get_domain() != None:
							rcptaddr.set_realname(fwd_alias.get_domain())

						msg.replace_address('To', rcpt, rcptaddr)

					acct_addx = Address(user.get_account_address())
					acct_addx.realname = prcpt.realname

					#del msg['message-id']
					#del msg['DKIM-Signature']

					if 'To' in msg:
						msg.replace_header('To', msg['To'] + ', ' + str(acct_addx))

					if 'Reply-To' in msg:
						msg.replace_header('Reply-To', msg['reply-to'] + ', ' + rcpt);
					else:
						msg.add_header('Reply-To', mailfrom + ', ' + rcpt);

					if 'Message-ID' not in msg:
						msg.generate_message_id(self.cfg.DOMAIN)

					self.send(mailfrom, [str(fwd_addx)], msg)
					self.db.add_history(fwd_alias.get_rid(), False, [Address(mailfrom)], msg['Message-ID'], user.get_salt())

				else:
					logging.info("Couldn't find data for alias (%s,%d)", *alias_pair)

		return
Ejemplo n.º 4
0
	def create_alias_helper(self, user, aliasname, \
	primary=False, rcpt=None, trusted=True, hint=None):
		""" Helper function to create alias.
		Generates <rand> for user for the <aliasname> specified.
		If <aliasname> belonging to the user already exists, the existing aid is used.
		If <aliasname> belonging to another user already exists, an error is returned.
		"""
		(aid, uid) = self.db.get_aliasname_data(aliasname)

		# Error if user doesn't own the aliasname
		if uid != None and uid != user.get_uid():
			logging.info('User %d does not own "%s".', user.get_uid(), aliasname)

			# Create error response message
			err = ErrorMessage('createalias.notowner',
					   fromaddx	 = self.cfg.GETALIAS,
				           toaddx	 = user.get_account_address(),
					   aliasname	 = aliasname)

			self.send(err['From'], [user.get_forwarding_address()], err)
			return None

		#
		# Now, aliasname either belongs to the user or is not in use.
		#

		# Gets the alias id, either by getting an existing one or create a new one.
		if uid == user.get_uid():
			newaid = aid
			logging.debug('Using existing aid %d for aliasname "%s"',	\
					newaid, aliasname)
		elif uid == None:
			newaid = self.db.insert_alias(user.get_uid(), aliasname, primary)
			logging.debug('Created new aid %d for aliasname "%s"',	\
					newaid, aliasname)
		else:
			return None

		#
		# If a recipient is given, check history to see if there was any
		# previously generated <rand> that we can use.
		# TODO: We might have to make sure the recipient is active.
		#

		newalias = None
		cid = None
		if rcpt != None:
			cid = self.db.peek_cid(rcpt, user.get_salt())

		rid = None
		if cid != None:
			rid = self.db.get_history_rid(aliasname, cid)
			if rid != None:
				# Found a history correspondence
				hist_alias = Alias(self.db.get_alias_data(rid))
				hist_aliasname, hist_aliasrand = hist_alias.get_alias_pair()

				logging.debug('History aliasname\t:"%s"', hist_aliasname)

				if hist_aliasname == aliasname:
					logging.debug('Reuse history aliasrand\t:"%s"', \
							hist_aliasrand)
					newalias = Alias(hist_aliasname, hist_aliasrand)
				else:
					# Can't use the rid found since aliasname differs
					rid = None


		# Create a new alias (aka aliasrand or <aliasname>.<rand>)
		if newalias == None:
			logging.debug('Generating new aliasrand')
			newalias = Alias(aliasname, alias.generate_rint())

		logging.debug('Using alias\t\t: %s', newalias)

		# Update aid, uid and set isactive for new alias
		newalias.set_values(aid=newaid, uid=user.get_uid(), isactive=1)

		# Sets up alias pair
		alias_pair = newalias.get_alias_pair()

		# If we don't have rid yet, insert aliasrand to DB and mark as active
		if rid == None:
			rid = self.db.insert_aliasrnd(user.get_uid(),	\
				newaid,					\
				alias_pair[0], alias_pair[1],		\
				1, trusted, hint)
		if rid == None:
			return None

		# Looks like this double counts in the history table;
		#if rcpt != None:
		#	self.db.add_history(rid, True, [rcpt], user.get_salt())


		# Creates the alias address, which includes the domain
		aliasaddx = Address(newalias.get_alias_address())
		logging.info('Aliasrnd Address\t\t: %s', str(aliasaddx))
		return aliasaddx