def command(self): session = self.session if session.config.sys.lockdown: return self._error(_('In lockdown, doing nothing.')) # Perform any required migrations Migrate(session).run(before_setup=True, after_setup=False) # Create local mailboxes session.config.open_local_mailbox(session) # Create standard tags and filters created = [] for t in self.TAGS: if not session.config.get_tag_id(t): AddTag(session, arg=[t]).run(save=False) created.append(t) session.config.get_tag(t).update(self.TAGS[t]) for stype, statuses in (('sig', SignatureInfo.STATUSES), ('enc', EncryptionInfo.STATUSES)): for status in statuses: tagname = 'mp_%s-%s' % (stype, status) if not session.config.get_tag_id(tagname): AddTag(session, arg=[tagname]).run(save=False) created.append(tagname) session.config.get_tag(tagname).update({ 'type': 'attribute', 'display': 'invisible', 'label': False, }) if 'New' in created: session.ui.notify(_('Created default tags')) # Import all the basic plugins for plugin in PLUGINS: if plugin not in session.config.sys.plugins: session.config.sys.plugins.append(plugin) try: # If spambayes is not installed, this will fail import mailpile.plugins.autotag_sb if 'autotag_sb' not in session.config.sys.plugins: session.config.sys.plugins.append('autotag_sb') session.ui.notify(_('Enabling spambayes autotagger')) except ImportError: session.ui.warning( _('Please install spambayes ' 'for super awesome spam filtering')) session.config.save() session.config.load(session) vcard_importers = session.config.prefs.vcard.importers if not vcard_importers.gravatar: vcard_importers.gravatar.append({'active': True}) session.ui.notify(_('Enabling gravatar image importer')) gpg_home = os.path.expanduser('~/.gnupg') if os.path.exists(gpg_home) and not vcard_importers.gpg: vcard_importers.gpg.append({'active': True, 'gpg_home': gpg_home}) session.ui.notify(_('Importing contacts from GPG keyring')) if ('autotag_sb' in session.config.sys.plugins and len(session.config.prefs.autotag) == 0): session.config.prefs.autotag.append({ 'match_tag': 'spam', 'unsure_tag': 'maybespam', 'tagger': 'spambayes', 'trainer': 'spambayes' }) session.config.prefs.autotag[0].exclude_tags[0] = 'ham' # Assumption: If you already have secret keys, you want to # use the associated addresses for your e-mail. # If you don't already have secret keys, you should have # one made for you, if GnuPG is available. # If GnuPG is not available, you should be warned. gnupg = GnuPG() accepted_keys = [] if gnupg.is_available(): keys = gnupg.list_secret_keys() for key, details in keys.iteritems(): # Ignore revoked/expired keys. if ("revocation-date" in details and details["revocation-date"] <= date.today().strftime("%Y-%m-%d")): continue accepted_keys.append(key) for uid in details["uids"]: if "email" not in uid or uid["email"] == "": continue if uid["email"] in [ x["email"] for x in session.config.profiles ]: # Don't set up the same e-mail address twice. continue # FIXME: Add route discovery mechanism. profile = { "email": uid["email"], "name": uid["name"], } session.config.profiles.append(profile) if (not session.config.prefs.gpg_recipient and details["capabilities_map"][0]["encrypt"]): session.config.prefs.gpg_recipient = key session.ui.notify(_('Encrypting config to %s') % key) if session.config.prefs.crypto_policy == 'none': session.config.prefs.crypto_policy = 'openpgp-sign' if len(accepted_keys) == 0: # FIXME: Start background process generating a key once a user # has supplied a name and e-mail address. pass else: session.ui.warning(_('Oh no, PGP/GPG support is unavailable!')) if (session.config.prefs.gpg_recipient and not (self._idx() and self._idx().INDEX) and not session.config.prefs.obfuscate_index): randcrap = sha512b64( open('/dev/urandom').read(1024), session.config.prefs.gpg_recipient, '%s' % time.time()) session.config.prefs.obfuscate_index = randcrap session.config.prefs.index_encrypted = True session.ui.notify( _('Obfuscating search index and enabling ' 'indexing of encrypted e-mail. ')) # Perform any required migrations Migrate(session).run(before_setup=False, after_setup=True) session.config.save() return self._success(_('Performed initial Mailpile setup'))
def setup_command(self, session): # Stop the workers... want_daemons = session.config.cron_worker is not None session.config.stop_workers() # Perform any required migrations Migrate(session).run(before_setup=True, after_setup=False) # Create local mailboxes session.config.open_local_mailbox(session) # Create standard tags and filters created = [] for t in self.TAGS: if not session.config.get_tag_id(t): AddTag(session, arg=[t]).run(save=False) created.append(t) session.config.get_tag(t).update(self.TAGS[t]) for stype, statuses in (('sig', SignatureInfo.STATUSES), ('enc', EncryptionInfo.STATUSES)): for status in statuses: tagname = 'mp_%s-%s' % (stype, status) if not session.config.get_tag_id(tagname): AddTag(session, arg=[tagname]).run(save=False) created.append(tagname) session.config.get_tag(tagname).update({ 'type': 'attribute', 'display': 'invisible', 'label': False, }) if 'New' in created: session.ui.notify(_('Created default tags')) # Import all the basic plugins for plugin in PLUGINS: if plugin not in session.config.sys.plugins: session.config.sys.plugins.append(plugin) try: # If spambayes is not installed, this will fail import mailpile.plugins.autotag_sb if 'autotag_sb' not in session.config.sys.plugins: session.config.sys.plugins.append('autotag_sb') session.ui.notify(_('Enabling spambayes autotagger')) except ImportError: session.ui.warning(_('Please install spambayes ' 'for super awesome spam filtering')) session.config.save() session.config.load(session) vcard_importers = session.config.prefs.vcard.importers if not vcard_importers.gravatar: vcard_importers.gravatar.append({'active': True}) session.ui.notify(_('Enabling gravatar image importer')) gpg_home = os.path.expanduser('~/.gnupg') if os.path.exists(gpg_home) and not vcard_importers.gpg: vcard_importers.gpg.append({'active': True, 'gpg_home': gpg_home}) session.ui.notify(_('Importing contacts from GPG keyring')) if ('autotag_sb' in session.config.sys.plugins and len(session.config.prefs.autotag) == 0): session.config.prefs.autotag.append({ 'match_tag': 'spam', 'unsure_tag': 'maybespam', 'tagger': 'spambayes', 'trainer': 'spambayes' }) session.config.prefs.autotag[0].exclude_tags[0] = 'ham' # Assumption: If you already have secret keys, you want to # use the associated addresses for your e-mail. # If you don't already have secret keys, you should have # one made for you, if GnuPG is available. # If GnuPG is not available, you should be warned. gnupg = GnuPG() accepted_keys = [] if gnupg.is_available(): keys = gnupg.list_secret_keys() for key, details in keys.iteritems(): # Ignore revoked/expired keys. if ("revocation-date" in details and details["revocation-date"] <= date.today().strftime("%Y-%m-%d")): continue accepted_keys.append(key) for uid in details["uids"]: if "email" not in uid or uid["email"] == "": continue if uid["email"] in [x["email"] for x in session.config.profiles]: # Don't set up the same e-mail address twice. continue # FIXME: Add route discovery mechanism. profile = { "email": uid["email"], "name": uid["name"], } session.config.profiles.append(profile) if (not session.config.prefs.gpg_recipient and details["capabilities_map"][0]["encrypt"]): session.config.prefs.gpg_recipient = key session.ui.notify(_('Encrypting config to %s') % key) if session.config.prefs.crypto_policy == 'none': session.config.prefs.crypto_policy = 'openpgp-sign' if len(accepted_keys) == 0: # FIXME: Start background process generating a key once a user # has supplied a name and e-mail address. pass else: session.ui.warning(_('Oh no, PGP/GPG support is unavailable!')) if (session.config.prefs.gpg_recipient and not (self._idx() and self._idx().INDEX) and not session.config.prefs.obfuscate_index): randcrap = sha512b64(open('/dev/urandom').read(1024), session.config.prefs.gpg_recipient, '%s' % time.time()) session.config.prefs.obfuscate_index = randcrap session.config.prefs.index_encrypted = True session.ui.notify(_('Obfuscating search index and enabling ' 'indexing of encrypted e-mail. ')) # Perform any required migrations Migrate(session).run(before_setup=False, after_setup=True) session.config.save() session.config.prepare_workers(session, daemons=want_daemons) return self._success(_('Performed initial Mailpile setup'))
def PrepareMessage(config, msg, sender=None, rcpts=None, events=None): msg = copy.deepcopy(msg) # Short circuit if this message has already been prepared. if 'x-mp-internal-sender' in msg and 'x-mp-internal-rcpts' in msg: return (sender or msg['x-mp-internal-sender'], rcpts or [r.strip() for r in msg['x-mp-internal-rcpts'].split(',')], msg, events) crypto_policy = config.prefs.crypto_policy.lower() rcpts = rcpts or [] # Iterate through headers to figure out what we want to do... need_rcpts = not rcpts for hdr, val in msg.items(): lhdr = hdr.lower() if lhdr == 'from': sender = sender or val elif lhdr == 'encryption': crypto_policy = val.lower() elif need_rcpts and lhdr in ('to', 'cc', 'bcc'): rcpts += ExtractEmails(val, strip_keys=False) # Are we sane? if not sender: raise NoFromAddressError() if not rcpts: raise NoRecipientError() # Are we encrypting? Signing? if crypto_policy == 'default': crypto_policy = config.prefs.crypto_policy # This is the BCC hack that Brennan hates! rcpts += [sender] sender = ExtractEmails(sender, strip_keys=False)[0] sender_keyid = None if config.prefs.openpgp_header: try: gnupg = GnuPG() seckeys = dict([(x["email"], y["fingerprint"]) for y in gnupg.list_secret_keys().values() for x in y["uids"]]) sender_keyid = seckeys[sender] except: pass rcpts, rr = [sender], rcpts for r in rr: for e in ExtractEmails(r, strip_keys=False): if e not in rcpts: rcpts.append(e) # Add headers we require if 'date' not in msg: msg['Date'] = email.utils.formatdate() if sender_keyid and config.prefs.openpgp_header: msg["OpenPGP"] = "id=%s; preference=%s" % (sender_keyid, config.prefs.openpgp_header) if 'openpgp' in crypto_policy: # FIXME: Make a more efficient sign+encrypt wrapper cleaner = lambda m: CleanMessage(config, m) if 'sign' in crypto_policy: msg = OpenPGPMimeSigningWrapper(config, sender=sender, cleaner=cleaner, recipients=rcpts).wrap(msg) if 'encrypt' in crypto_policy: msg = OpenPGPMimeEncryptingWrapper(config, sender=sender, cleaner=cleaner, recipients=rcpts).wrap(msg) rcpts = set([r.rsplit('#', 1)[0] for r in rcpts]) msg['x-mp-internal-readonly'] = str(int(time.time())) msg['x-mp-internal-sender'] = sender msg['x-mp-internal-rcpts'] = ', '.join(rcpts) return (sender, rcpts, msg, events)
def PrepareMessage(config, msg, sender=None, rcpts=None): msg = copy.deepcopy(msg) # Short circuit if this message has already been prepared. if 'x-mp-internal-sender' in msg and 'x-mp-internal-rcpts' in msg: return (sender or msg['x-mp-internal-sender'], rcpts or [r.strip() for r in msg['x-mp-internal-rcpts'].split(',')], msg) crypto_policy = config.prefs.crypto_policy.lower() rcpts = rcpts or [] # Iterate through headers to figure out what we want to do... need_rcpts = not rcpts for hdr, val in msg.items(): lhdr = hdr.lower() if lhdr == 'from': sender = sender or val elif lhdr == 'encryption': crypto_policy = val.lower() elif need_rcpts and lhdr in ('to', 'cc', 'bcc'): rcpts += ExtractEmails(val, strip_keys=False) # Are we sane? if not sender: raise NoFromAddressError() if not rcpts: raise NoRecipientError() # Are we encrypting? Signing? if crypto_policy == 'default': crypto_policy = config.prefs.crypto_policy # This is the BCC hack that Brennan hates! rcpts += [sender] sender = ExtractEmails(sender, strip_keys=False)[0] sender_keyid = None if config.prefs.openpgp_header: try: gnupg = GnuPG() seckeys = dict([(x["email"], y["fingerprint"]) for y in gnupg.list_secret_keys().values() for x in y["uids"]]) sender_keyid = seckeys[sender] except: pass rcpts, rr = [sender], rcpts for r in rr: for e in ExtractEmails(r, strip_keys=False): if e not in rcpts: rcpts.append(e) # Add headers we require if 'date' not in msg: msg['Date'] = email.utils.formatdate() if sender_keyid and config.prefs.openpgp_header: msg["OpenPGP"] = "id=%s; preference=%s" % (sender_keyid, config.prefs.openpgp_header) if 'openpgp' in crypto_policy: # FIXME: Make a more efficient sign+encrypt wrapper cleaner = lambda m: CleanMessage(config, m) if 'sign' in crypto_policy: msg = OpenPGPMimeSigningWrapper(config, sender=sender, cleaner=cleaner, recipients=rcpts).wrap(msg) if 'encrypt' in crypto_policy: msg = OpenPGPMimeEncryptingWrapper(config, sender=sender, cleaner=cleaner, recipients=rcpts).wrap(msg) rcpts = set([r.rsplit('#', 1)[0] for r in rcpts]) msg['x-mp-internal-readonly'] = str(int(time.time())) msg['x-mp-internal-sender'] = sender msg['x-mp-internal-rcpts'] = ', '.join(rcpts) return (sender, rcpts, msg)
def setup_command(self, session, do_gpg_stuff=False): do_gpg_stuff = do_gpg_stuff or ('do_gpg_stuff' in self.args) # Stop the workers... want_daemons = session.config.cron_worker is not None session.config.stop_workers() # Perform any required migrations Migrate(session).run(before_setup=True, after_setup=False) # Basic app config, tags, plugins, etc. self.basic_app_config(session, save_and_update_workers=False, want_daemons=want_daemons) # Assumption: If you already have secret keys, you want to # use the associated addresses for your e-mail. # If you don't already have secret keys, you should have # one made for you, if GnuPG is available. # If GnuPG is not available, you should be warned. if do_gpg_stuff: gnupg = GnuPG(None) accepted_keys = [] if gnupg.is_available(): keys = gnupg.list_secret_keys() for key, details in keys.iteritems(): # Ignore revoked/expired keys. if ("revocation-date" in details and details["revocation-date"] <= date.today().strftime("%Y-%m-%d")): continue accepted_keys.append(key) for uid in details["uids"]: if "email" not in uid or uid["email"] == "": continue if uid["email"] in [x["email"] for x in session.config.profiles]: # Don't set up the same e-mail address twice. continue # FIXME: Add route discovery mechanism. profile = { "email": uid["email"], "name": uid["name"], } session.config.profiles.append(profile) if (session.config.prefs.gpg_recipient in (None, '', '!CREATE') and details["capabilities_map"][0]["encrypt"]): session.config.prefs.gpg_recipient = key session.ui.notify(_('Encrypting config to %s') % key) if session.config.prefs.crypto_policy == 'none': session.config.prefs.crypto_policy = 'openpgp-sign' if len(accepted_keys) == 0: # FIXME: Start background process generating a key once a user # has supplied a name and e-mail address. pass else: session.ui.warning(_('Oh no, PGP/GPG support is unavailable!')) # If we have a GPG key, but no master key, create it self.make_master_key() # Perform any required migrations Migrate(session).run(before_setup=False, after_setup=True) session.config.save() session.config.prepare_workers(session, daemons=want_daemons) return self._success(_('Performed initial Mailpile setup'))
def command(self): g = GnuPG() res = g.list_secret_keys() return self._success("Searched for secret keys", res)
def PrepareMail(config, mailobj, sender=None, rcpts=None): if not sender or not rcpts: tree = mailobj.get_message_tree() sender = sender or tree['headers_lc']['from'] if not rcpts: rcpts = ExtractEmails(tree['headers_lc'].get('to', '')) rcpts += ExtractEmails(tree['headers_lc'].get('cc', '')) rcpts += ExtractEmails(tree['headers_lc'].get('bcc', '')) if not rcpts: raise NoRecipientError() rcpts += [sender] # Cleanup... sender = ExtractEmails(sender)[0] sender_keyid = None if config.prefs.openpgp_header: try: gnupg = GnuPG() seckeys = dict([(x["email"], y["fingerprint"]) for y in gnupg.list_secret_keys().values() for x in y["uids"]]) sender_keyid = seckeys[sender] except: pass rcpts, rr = [sender], rcpts for r in rr: for e in ExtractEmails(r): if e not in rcpts: rcpts.append(e) msg = copy.deepcopy(mailobj.get_msg()) # Remove headers we don't want to expose for bcc in ('bcc', 'Bcc', 'BCc', 'BCC', 'BcC', 'bcC'): if bcc in msg: del msg[bcc] if 'date' not in msg: msg['Date'] = email.utils.formatdate() if sender_keyid and config.prefs.openpgp_header: msg["OpenPGP"] = "id=%s; preference=%s" % (sender_keyid, config.prefs.openpgp_header) # Sign and encrypt signatureopt = bool(int(tree['headers_lc'].get('do_sign', 0))) encryptopt = bool(int(tree['headers_lc'].get('do_encrypt', 0))) gnupg = GnuPG() if signatureopt: signingstring = MessageAsString(msg) signature = gnupg.sign(signingstring, fromkey=sender, armor=True) # FIXME: Create attachment, attach signature. if signature[0] == 0: # sigblock = MIMEMultipart(_subtype="signed", # protocol="application/pgp-signature") # sigblock.attach(msg) msg.set_type("multipart/signed") msg.set_param("micalg", "pgp-sha1") # need to find this! msg.set_param("protocol", "application/pgp-signature") sigblock = MIMEText(str(signature[1]), _charset=None) sigblock.set_type("application/pgp-signature") sigblock.set_param("name", "signature.asc") sigblock.add_header("Content-Description", "OpenPGP digital signature") sigblock.add_header("Content-Disposition", "attachment; filename=\"signature.asc\"") msg.attach(sigblock) else: # Raise stink about signing having failed. pass #print signature #if encryptopt: # encrypt_to = tree['headers_lc'].get('encrypt_to') # newmsg = gnupg.encrypt(msg.as_string(), encrypt_to) # # TODO: Replace unencrypted message # When a mail has been signed or encrypted, it should be saved as such. del(msg["do_sign"]) del(msg["do_encrypt"]) del(msg["encrypt_to"]) return (sender, set(rcpts), msg)
def command(self): session = self.session if session.config.sys.lockdown: session.ui.warning(_("In lockdown, doing nothing.")) return False # Create local mailboxes session.config.open_local_mailbox(session) # Create standard tags and filters created = [] for t in self.TAGS: if not session.config.get_tag_id(t): AddTag(session, arg=[t]).run(save=False) created.append(t) session.config.get_tag(t).update(self.TAGS[t]) for stype, statuses in (("sig", SignatureInfo.STATUSES), ("enc", EncryptionInfo.STATUSES)): for status in statuses: tagname = "mp_%s-%s" % (stype, status) if not session.config.get_tag_id(tagname): AddTag(session, arg=[tagname]).run(save=False) created.append(tagname) session.config.get_tag(tagname).update({"type": "attribute", "display": "invisible", "label": False}) if "New" in created: Filter(session, arg=["new", "@incoming", "+Inbox", "+New", "Incoming mail filter"]).run(save=False) session.ui.notify(_("Created default tags")) # Import all the basic plugins for plugin in PLUGINS: if plugin not in session.config.sys.plugins: session.config.sys.plugins.append(plugin) try: # If spambayes is not installed, this will fail import mailpile.plugins.autotag_sb if "autotag_sb" not in session.config.sys.plugins: session.config.sys.plugins.append("autotag_sb") session.ui.notify(_("Enabling spambayes autotagger")) except ImportError: session.ui.warning(_("Please install spambayes " "for super awesome spam filtering")) session.config.save() session.config.load(session) vcard_importers = session.config.prefs.vcard.importers if not vcard_importers.gravatar: vcard_importers.gravatar.append({"active": True}) session.ui.notify(_("Enabling gravatar image importer")) gpg_home = os.path.expanduser("~/.gnupg") if os.path.exists(gpg_home) and not vcard_importers.gpg: vcard_importers.gpg.append({"active": True, "gpg_home": gpg_home}) session.ui.notify(_("Importing contacts from GPG keyring")) if "autotag_sb" in session.config.sys.plugins and len(session.config.prefs.autotag) == 0: session.config.prefs.autotag.append( {"match_tag": "spam", "unsure_tag": "maybespam", "tagger": "spambayes", "trainer": "spambayes"} ) session.config.prefs.autotag[0].exclude_tags[0] = "ham" # Assumption: If you already have secret keys, you want to # use the associated addresses for your e-mail. # If you don't already have secret keys, you should have # one made for you, if GnuPG is available. # If GnuPG is not available, you should be warned. gnupg = GnuPG() if gnupg.is_available(): keys = gnupg.list_secret_keys() if len(keys) == 0: # FIXME: Start background process generating a key once a user # has supplied a name and e-mail address. pass else: for key, details in keys.iteritems(): # Ignore revoked/expired keys. if "revocation-date" in details and details["revocation-date"] <= date.today().strftime("%Y-%m-%d"): continue for uid in details["uids"]: if "email" not in uid or uid["email"] == "": continue if uid["email"] in [x["email"] for x in session.config.profiles]: # Don't set up the same e-mail address twice. continue # FIXME: Add route discovery mechanism. profile = {"email": uid["email"], "name": uid["name"]} session.config.profiles.append(profile) if not session.config.prefs.gpg_recipient: session.config.prefs.gpg_recipient = key session.ui.notify(_("Encrypting config to %s") % key) if session.config.prefs.crypto_policy == "none": session.config.prefs.crypto_policy = "openpgp-sign" else: session.ui.warning(_("Oh no, PGP/GPG support is unavailable!")) if ( session.config.prefs.gpg_recipient and not (self._idx() and self._idx().INDEX) and not session.config.prefs.obfuscate_index ): randcrap = sha512b64( open("/dev/urandom").read(1024), session.config.prefs.gpg_recipient, "%s" % time.time() ) session.config.prefs.obfuscate_index = randcrap session.config.prefs.index_encrypted = True session.ui.notify(_("Obfuscating search index and enabling " "indexing of encrypted e-mail. ")) session.config.save() return True