From fda0d62087ae9d54876eef4bc4031d4c248158c0 Mon Sep 17 00:00:00 2001 From: Aine Date: Sun, 4 Sep 2022 22:09:53 +0300 Subject: [PATCH 01/26] send emails --- README.md | 70 +++++++++++- bot/access.go | 31 +++++- bot/bot.go | 5 +- bot/command.go | 44 ++++++++ bot/email.go | 166 ++++++++++++++++++++++++++++- bot/settings_room.go | 5 + smtp/{server.go => msa.go} | 19 ++-- smtp/{session.go => msasession.go} | 16 +-- smtp/mta.go | 116 ++++++++++++++++++++ smtp/smtp.go | 15 --- utils/email.go | 5 + utils/matrix.go | 39 +++++++ 12 files changed, 489 insertions(+), 42 deletions(-) rename smtp/{server.go => msa.go} (68%) rename smtp/{session.go => msasession.go} (81%) create mode 100644 smtp/mta.go delete mode 100644 smtp/smtp.go diff --git a/README.md b/README.md index c7ea409..2cc34a2 100644 --- a/README.md +++ b/README.md @@ -20,12 +20,14 @@ It can't be used with arbitrary email providers, but setup your own provider "wi ### Send -- [ ] SMTP client +- [x] SMTP client +- [x] Send a message to matrix room with special format to send a new email - [ ] Reply to matrix thread sends reply into email thread -- [ ] Send a message to matrix room with special format to send a new email ## Configuration +### 1. Bot (mandatory) + env vars * **POSTMOOGLE_HOMESERVER** - homeserver url, eg: `https://matrix.example.com` @@ -50,6 +52,70 @@ You can find default values in [config/defaults.go](config/defaults.go) +### 2. DNS (optional) + +The following configuration needed only if you want to send emails using postmoogle + +First, add new DMARC DNS record of `TXT` type for subdomain `_dmarc` with a proper policy, the easiest one is: `v=DMARC1; p=quarantine;`. + +
+Example + +```bash +$ dig txt _dmarc.DOMAIN + +; <<>> DiG 9.18.6 <<>> txt _dmarc.DOMAIN +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57306 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 1232 +;; QUESTION SECTION: +;_dmarc.DOMAIN. IN TXT + +;; ANSWER SECTION: +_dmarc.DOMAIN. 1799 IN TXT "v=DMARC1; p=quarantine;" + +;; Query time: 46 msec +;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) +;; WHEN: Sun Sep 04 21:31:30 EEST 2022 +;; MSG SIZE rcvd: 79 +``` + +
+ +Second, add new SPF DNS record of `TXT` type for your domain that will be used with postmoogle, with format: `v=spf1 ip4:SERVER_IP -all` + +
+Example + +```bash +$ dig txt DOMAIN + +; <<>> DiG 9.18.6 <<>> txt DOMAIN +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24796 +;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 1232 +;; QUESTION SECTION: +;DOMAIN. IN TXT + +;; ANSWER SECTION: +DOMAIN. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all" + +;; Query time: 36 msec +;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) +;; WHEN: Sun Sep 04 21:35:04 EEST 2022 +;; MSG SIZE rcvd: 255 +``` + +
+ ## Usage ### How to start diff --git a/bot/access.go b/bot/access.go index bcb99fc..18291f6 100644 --- a/bot/access.go +++ b/bot/access.go @@ -17,17 +17,24 @@ func parseMXIDpatterns(patterns []string, defaultPattern string) ([]*regexp.Rege return utils.WildcardMXIDsToRegexes(patterns) } -func (b *Bot) allowAnyone(actorID id.UserID, targetRoomID id.RoomID) bool { - return true -} - -func (b *Bot) allowOwner(actorID id.UserID, targetRoomID id.RoomID) bool { +func (b *Bot) allowUsers(actorID id.UserID) bool { if len(b.allowedUsers) != 0 { if !utils.Match(actorID.String(), b.allowedUsers) { return false } } + return true +} + +func (b *Bot) allowAnyone(actorID id.UserID, targetRoomID id.RoomID) bool { + return true +} + +func (b *Bot) allowOwner(actorID id.UserID, targetRoomID id.RoomID) bool { + if !b.allowUsers(actorID) { + return false + } cfg, err := b.getRoomSettings(targetRoomID) if err != nil { b.Error(context.Background(), targetRoomID, "failed to retrieve settings: %v", err) @@ -45,3 +52,17 @@ func (b *Bot) allowOwner(actorID id.UserID, targetRoomID id.RoomID) bool { func (b *Bot) allowAdmin(actorID id.UserID, targetRoomID id.RoomID) bool { return utils.Match(actorID.String(), b.allowedAdmins) } + +func (b *Bot) allowSend(actorID id.UserID, targetRoomID id.RoomID) bool { + if !b.allowUsers(actorID) { + return false + } + + cfg, err := b.getRoomSettings(targetRoomID) + if err != nil { + b.Error(context.Background(), targetRoomID, "failed to retrieve settings: %v", err) + return false + } + + return !cfg.NoSend() +} diff --git a/bot/bot.go b/bot/bot.go index d3a695b..07d7b9b 100644 --- a/bot/bot.go +++ b/bot/bot.go @@ -13,6 +13,8 @@ import ( "maunium.net/go/mautrix/event" "maunium.net/go/mautrix/format" "maunium.net/go/mautrix/id" + + "gitlab.com/etke.cc/postmoogle/utils" ) // Bot represents matrix bot @@ -25,6 +27,7 @@ type Bot struct { rooms sync.Map botcfg cache.Cache[botSettings] cfg cache.Cache[roomSettings] + mta utils.MTA log *logger.Logger lp *linkpearl.Linkpearl mu map[id.RoomID]*sync.Mutex @@ -77,7 +80,7 @@ func (b *Bot) Error(ctx context.Context, roomID id.RoomID, message string, args sentry.GetHubFromContext(ctx).CaptureException(err) if roomID != "" { - b.SendError(ctx, roomID, message) + b.SendError(ctx, roomID, err.Error()) } } diff --git a/bot/command.go b/bot/command.go index ad8418c..892cee1 100644 --- a/bot/command.go +++ b/bot/command.go @@ -14,6 +14,7 @@ import ( const ( commandHelp = "help" commandStop = "stop" + commandSend = "send" commandUsers = botOptionUsers commandDelete = "delete" commandMailboxes = "mailboxes" @@ -51,6 +52,11 @@ func (b *Bot) initCommands() commandList { description: "Disable bridge for the room and clear all configuration", allowed: b.allowOwner, }, + { + key: commandSend, + description: "Send email", + allowed: b.allowSend, + }, {allowed: b.allowOwner}, // delimiter // options commands { @@ -66,6 +72,15 @@ func (b *Bot) initCommands() commandList { allowed: b.allowOwner, }, {allowed: b.allowOwner}, // delimiter + { + key: roomOptionNoSend, + description: fmt.Sprintf( + "Get or set `%s` of the room (`true` - enable email sending; `false` - disable email sending)", + roomOptionNoSend, + ), + sanitizer: utils.SanitizeBoolString, + allowed: b.allowOwner, + }, { key: roomOptionNoSender, description: fmt.Sprintf( @@ -146,6 +161,8 @@ func (b *Bot) handleCommand(ctx context.Context, evt *event.Event, commandSlice b.sendHelp(ctx) case commandStop: b.runStop(ctx) + case commandSend: + b.runSend(ctx, commandSlice) case commandUsers: b.runUsers(ctx, commandSlice) case commandDelete: @@ -237,3 +254,30 @@ func (b *Bot) sendHelp(ctx context.Context) { b.SendNotice(ctx, evt.RoomID, msg.String()) } + +func (b *Bot) runSend(ctx context.Context, commandSlice []string) { + evt := eventFromContext(ctx) + if !b.allowSend(evt.Sender, evt.RoomID) { + return + } + + if len(commandSlice) < 3 { + b.SendNotice(ctx, evt.RoomID, fmt.Sprintf("Usage:\n```\n%s send EMAIL\nSubject\nBody\n```", b.prefix)) + return + } + message := strings.Join(commandSlice, " ") + lines := strings.Split(message, "\n") + commandSlice = strings.Split(lines[0], " ") + to := commandSlice[1] + subject := lines[1] + body := strings.Join(lines[2:], "\n") + + b.log.Debug("to=%s subject=%s body=%s", to, subject, body) + err := b.Send2Email(ctx, to, subject, body) + if err != nil { + b.Error(ctx, evt.RoomID, "cannot send email: %v", err) + return + } + + b.SendNotice(ctx, evt.RoomID, "Email has been sent") +} diff --git a/bot/email.go b/bot/email.go index 2981136..2342199 100644 --- a/bot/email.go +++ b/bot/email.go @@ -3,7 +3,9 @@ package bot import ( "context" "errors" + "fmt" "strings" + "time" "maunium.net/go/mautrix/event" "maunium.net/go/mautrix/format" @@ -12,13 +14,18 @@ import ( "gitlab.com/etke.cc/postmoogle/utils" ) -// account data key -const acMessagePrefix = "cc.etke.postmoogle.message" +// account data keys +const ( + acMessagePrefix = "cc.etke.postmoogle.message" + acLastEventPrefix = "cc.etke.postmoogle.last" +) // event keys const ( eventMessageIDkey = "cc.etke.postmoogle.messageID" eventInReplyToKey = "cc.etke.postmoogle.inReplyTo" + eventSubjectKey = "cc.etke.postmoogle.subject" + eventFromKey = "cc.etke.postmoogle.from" ) func email2content(email *utils.Email, cfg roomSettings, threadID id.EventID) *event.Content { @@ -46,12 +53,19 @@ func email2content(email *utils.Email, cfg roomSettings, threadID id.EventID) *e Raw: map[string]interface{}{ eventMessageIDkey: email.MessageID, eventInReplyToKey: email.InReplyTo, + eventSubjectKey: email.Subject, + eventFromKey: email.From, }, Parsed: parsed, } return &content } +// SetSMTPAuth sets dynamic login and password to auth against built-in smtp server +func (b *Bot) SetMTA(mta utils.MTA) { + b.mta = mta +} + // GetMapping returns mapping of mailbox = room func (b *Bot) GetMapping(mailbox string) (id.RoomID, bool) { v, ok := b.rooms.Load(mailbox) @@ -67,7 +81,7 @@ func (b *Bot) GetMapping(mailbox string) (id.RoomID, bool) { } // Send email to matrix room -func (b *Bot) Send(ctx context.Context, email *utils.Email) error { +func (b *Bot) Send2Matrix(ctx context.Context, email *utils.Email) error { roomID, ok := b.GetMapping(utils.Mailbox(email.To)) if !ok { return errors.New("room not found") @@ -98,6 +112,7 @@ func (b *Bot) Send(ctx context.Context, email *utils.Email) error { b.setThreadID(roomID, email.MessageID, eventID) threadID = eventID } + b.setLastEventID(roomID, threadID, eventID) if !cfg.NoFiles() { b.sendFiles(ctx, roomID, email.Files, cfg.NoThreads(), threadID) @@ -105,6 +120,123 @@ func (b *Bot) Send(ctx context.Context, email *utils.Email) error { return nil } +func (b *Bot) getBody(content *event.MessageEventContent) string { + if content.FormattedBody != "" { + return content.FormattedBody + } + + return content.Body +} + +func (b *Bot) getSubject(content *event.MessageEventContent) string { + if content.Body == "" { + return "" + } + + return strings.SplitN(content.Body, "\n", 1)[0] +} + +func (b *Bot) getParentEmail(evt *event.Event) (string, string, string) { + content := evt.Content.AsMessage() + parentID := utils.EventParent(evt.ID, content) + if parentID == evt.ID { + return "", "", "" + } + parentID = b.getLastEventID(evt.RoomID, parentID) + parentEvt, err := b.lp.GetClient().GetEvent(evt.RoomID, parentID) + if err != nil { + b.log.Error("cannot get parent event: %v", err) + return "", "", "" + } + if parentEvt.Content.Parsed == nil { + perr := parentEvt.Content.ParseRaw(event.EventMessage) + if perr != nil { + b.log.Error("cannot parse event content: %v", perr) + return "", "", "" + } + } + + to := utils.EventField[string](&parentEvt.Content, eventFromKey) + inReplyTo := utils.EventField[string](&parentEvt.Content, eventMessageIDkey) + if inReplyTo == "" { + inReplyTo = parentID.String() + } + + subject := utils.EventField[string](&parentEvt.Content, eventSubjectKey) + if subject != "" { + subject = "Re: " + subject + } else { + subject = strings.SplitN(content.Body, "\n", 1)[0] + } + + return to, inReplyTo, subject +} + +// Send2Email sends message to email +func (b *Bot) Send2Email(ctx context.Context, to, subject, body string) error { + var inReplyTo string + evt := eventFromContext(ctx) + cfg, err := b.getRoomSettings(evt.RoomID) + if err != nil { + return err + } + mailbox := cfg.Mailbox() + if mailbox == "" { + return fmt.Errorf("mailbox not configured, kupo") + } + from := mailbox + "@" + b.domain + pTo, pInReplyTo, pSubject := b.getParentEmail(evt) + inReplyTo = pInReplyTo + if pTo != "" && to == "" { + to = pTo + } + if pSubject != "" && subject == "" { + subject = pSubject + } + + content := evt.Content.AsMessage() + if subject == "" { + subject = b.getSubject(content) + } + if body == "" { + body = b.getBody(content) + } + + var msg strings.Builder + msg.WriteString("From: ") + msg.WriteString(from) + msg.WriteString("\r\n") + + msg.WriteString("To: ") + msg.WriteString(to) + msg.WriteString("\r\n") + + msg.WriteString("Message-Id: ") + msg.WriteString(evt.ID.String()[1:] + "@" + b.domain) + msg.WriteString("\r\n") + + msg.WriteString("Date: ") + msg.WriteString(time.Now().UTC().Format(time.RFC1123Z)) + msg.WriteString("\r\n") + + if inReplyTo != "" { + msg.WriteString("In-Reply-To: ") + msg.WriteString(inReplyTo) + msg.WriteString("\r\n") + } + + msg.WriteString("Subject: ") + msg.WriteString(subject) + msg.WriteString("\r\n") + + msg.WriteString("\r\n") + + msg.WriteString(body) + msg.WriteString("\r\n") + + return b.mta.Send(from, to, msg.String()) +} + func (b *Bot) sendFiles(ctx context.Context, roomID id.RoomID, files []*utils.File, noThreads bool, parentID id.EventID) { for _, file := range files { req := file.Convert() @@ -152,3 +284,31 @@ func (b *Bot) setThreadID(roomID id.RoomID, messageID string, eventID id.EventID } } } + +func (b *Bot) getLastEventID(roomID id.RoomID, threadID id.EventID) id.EventID { + key := acLastEventPrefix + "." + threadID.String() + data := map[string]id.EventID{} + err := b.lp.GetClient().GetRoomAccountData(roomID, key, &data) + if err != nil { + if !strings.Contains(err.Error(), "M_NOT_FOUND") { + b.log.Error("cannot retrieve account data %s: %v", key, err) + return threadID + } + } + + return data["eventID"] +} + +func (b *Bot) setLastEventID(roomID id.RoomID, threadID id.EventID, eventID id.EventID) { + key := acLastEventPrefix + "." + threadID.String() + data := map[string]id.EventID{ + "eventID": eventID, + } + + err := b.lp.GetClient().SetRoomAccountData(roomID, key, data) + if err != nil { + if !strings.Contains(err.Error(), "M_NOT_FOUND") { + b.log.Error("cannot save account data %s: %v", key, err) + } + } +} diff --git a/bot/settings_room.go b/bot/settings_room.go index 6e357d9..4423c80 100644 --- a/bot/settings_room.go +++ b/bot/settings_room.go @@ -15,6 +15,7 @@ const acRoomSettingsKey = "cc.etke.postmoogle.settings" const ( roomOptionOwner = "owner" roomOptionMailbox = "mailbox" + roomOptionNoSend = "nosend" roomOptionNoSender = "nosender" roomOptionNoSubject = "nosubject" roomOptionNoHTML = "nohtml" @@ -42,6 +43,10 @@ func (s roomSettings) Owner() string { return s.Get(roomOptionOwner) } +func (s roomSettings) NoSend() bool { + return utils.Bool(s.Get(roomOptionNoSend)) +} + func (s roomSettings) NoSender() bool { return utils.Bool(s.Get(roomOptionNoSender)) } diff --git a/smtp/server.go b/smtp/msa.go similarity index 68% rename from smtp/server.go rename to smtp/msa.go index a06ce77..90d4261 100644 --- a/smtp/server.go +++ b/smtp/msa.go @@ -10,14 +10,15 @@ import ( "gitlab.com/etke.cc/go/logger" ) -type backend struct { +// msa is mail submission agent +type msa struct { log *logger.Logger domain string client Client } -func (b *backend) newSession() *session { - return &session{ +func (b *msa) newSession() *msasession { + return &msasession{ ctx: sentry.SetHubOnContext(context.Background(), sentry.CurrentHub().Clone()), log: b.log, domain: b.domain, @@ -25,28 +26,30 @@ func (b *backend) newSession() *session { } } -func (b *backend) Login(state *smtp.ConnectionState, username, password string) (smtp.Session, error) { +func (b *msa) Login(state *smtp.ConnectionState, username, password string) (smtp.Session, error) { return nil, smtp.ErrAuthUnsupported } -func (b *backend) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, error) { +func (b *msa) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, error) { return b.newSession(), nil } func Start(domain, port, loglevel string, maxSize int, client Client) error { log := logger.New("smtp.", loglevel) - be := &backend{ + sender := NewMTA(loglevel) + receiver := &msa{ log: log, domain: domain, client: client, } - s := smtp.NewServer(be) + receiver.client.SetMTA(sender) + s := smtp.NewServer(receiver) s.Addr = ":" + port s.Domain = domain - s.AuthDisabled = true s.ReadTimeout = 10 * time.Second s.WriteTimeout = 10 * time.Second s.MaxMessageBytes = maxSize * 1024 * 1024 + s.AllowInsecureAuth = true if log.GetLevel() == "DEBUG" || log.GetLevel() == "TRACE" { s.Debug = os.Stdout } diff --git a/smtp/session.go b/smtp/msasession.go similarity index 81% rename from smtp/session.go rename to smtp/msasession.go index a267a48..76e652f 100644 --- a/smtp/session.go +++ b/smtp/msasession.go @@ -12,7 +12,7 @@ import ( "gitlab.com/etke.cc/postmoogle/utils" ) -type session struct { +type msasession struct { log *logger.Logger domain string client Client @@ -22,14 +22,14 @@ type session struct { from string } -func (s *session) Mail(from string, opts smtp.MailOptions) error { +func (s *msasession) Mail(from string, opts smtp.MailOptions) error { sentry.GetHubFromContext(s.ctx).Scope().SetTag("from", from) s.from = from s.log.Debug("mail from %s, options: %+v", from, opts) return nil } -func (s *session) Rcpt(to string) error { +func (s *msasession) Rcpt(to string) error { sentry.GetHubFromContext(s.ctx).Scope().SetTag("to", to) if utils.Hostname(to) != s.domain { @@ -48,7 +48,7 @@ func (s *session) Rcpt(to string) error { return nil } -func (s *session) parseAttachments(parts []*enmime.Part) []*utils.File { +func (s *msasession) parseAttachments(parts []*enmime.Part) []*utils.File { files := make([]*utils.File, 0, len(parts)) for _, attachment := range parts { for _, err := range attachment.Errors { @@ -61,7 +61,7 @@ func (s *session) parseAttachments(parts []*enmime.Part) []*utils.File { return files } -func (s *session) Data(r io.Reader) error { +func (s *msasession) Data(r io.Reader) error { parser := enmime.NewParser() eml, err := parser.ReadEnvelope(r) if err != nil { @@ -84,11 +84,11 @@ func (s *session) Data(r io.Reader) error { eml.HTML, files) - return s.client.Send(s.ctx, email) + return s.client.Send2Matrix(s.ctx, email) } -func (s *session) Reset() {} +func (s *msasession) Reset() {} -func (s *session) Logout() error { +func (s *msasession) Logout() error { return nil } diff --git a/smtp/mta.go b/smtp/mta.go new file mode 100644 index 0000000..54de3b6 --- /dev/null +++ b/smtp/mta.go @@ -0,0 +1,116 @@ +package smtp + +import ( + "context" + "crypto/tls" + "fmt" + "io" + "net" + "net/smtp" + "strings" + + "gitlab.com/etke.cc/go/logger" + "maunium.net/go/mautrix/id" + + "gitlab.com/etke.cc/postmoogle/utils" +) + +// Client interface to send emails into matrix +type Client interface { + GetMapping(string) (id.RoomID, bool) + Send2Matrix(ctx context.Context, email *utils.Email) error + SetMTA(mta utils.MTA) +} + +// mta is Mail Transfer Agent +type mta struct { + log *logger.Logger +} + +func NewMTA(loglevel string) utils.MTA { + return &mta{ + log: logger.New("smtp/mta.", loglevel), + } +} + +func (m *mta) Send(from, to, data string) error { + m.log.Debug("Sending email from %s to %s", from, to) + conn, err := m.connect(from, to) + if err != nil { + m.log.Error("cannot connect to SMTP server of %s: %v", to, err) + return err + } + defer conn.Close() + err = conn.Mail(from) + if err != nil { + m.log.Error("cannot call MAIL command: %v", err) + return err + } + err = conn.Rcpt(to) + if err != nil { + m.log.Error("cannot send RCPT command: %v", err) + return err + } + + var w io.WriteCloser + w, err = conn.Data() + if err != nil { + m.log.Error("cannot send DATA command: %v", err) + return err + } + defer w.Close() + m.log.Debug("sending DATA:\n%s", data) + _, err = strings.NewReader(data).WriteTo(w) + if err != nil { + m.log.Debug("cannot write DATA: %v", err) + return err + } + + m.log.Debug("email has been sent") + return nil +} + +func (m *mta) tryServer(localname, mxhost string) *smtp.Client { + m.log.Debug("trying SMTP connection to %s", mxhost) + conn, err := smtp.Dial(mxhost + ":smtp") + if err != nil { + m.log.Warn("cannot connect to the %s: %v", mxhost, err) + return nil + } + err = conn.Hello(localname) + if err != nil { + m.log.Warn("cannot call HELLO command of the %s: %v", mxhost, err) + return nil + } + if ok, _ := conn.Extension("STARTTLS"); ok { + m.log.Debug("%s supports STARTTLS", mxhost) + config := &tls.Config{ServerName: mxhost} + err = conn.StartTLS(config) + if err != nil { + m.log.Warn("STARTTLS connection to the %s failed: %v", mxhost, err) + } + } + + return conn +} + +func (m *mta) connect(from, to string) (*smtp.Client, error) { + localname := strings.SplitN(from, "@", 2)[1] + hostname := strings.SplitN(to, "@", 2)[1] + + m.log.Debug("performing MX lookup of %s", hostname) + mxs, err := net.LookupMX(hostname) + if err != nil { + m.log.Error("cannot perform MX lookup: %v", err) + return nil, err + } + + for _, mx := range mxs { + client := m.tryServer(localname, mx.Host) + if client != nil { + return client, nil + } + } + + return nil, fmt.Errorf("target SMTP server not found") +} diff --git a/smtp/smtp.go b/smtp/smtp.go deleted file mode 100644 index 15edba5..0000000 --- a/smtp/smtp.go +++ /dev/null @@ -1,15 +0,0 @@ -package smtp - -import ( - "context" - - "maunium.net/go/mautrix/id" - - "gitlab.com/etke.cc/postmoogle/utils" -) - -// Client interface to send emails -type Client interface { - GetMapping(string) (id.RoomID, bool) - Send(ctx context.Context, email *utils.Email) error -} diff --git a/utils/email.go b/utils/email.go index 5e3f24e..bb14e7e 100644 --- a/utils/email.go +++ b/utils/email.go @@ -1,5 +1,10 @@ package utils +// MTA is mail transfer agent +type MTA interface { + Send(from, to, data string) error +} + // Email object type Email struct { MessageID string diff --git a/utils/matrix.go b/utils/matrix.go index 0115996..47e4f03 100644 --- a/utils/matrix.go +++ b/utils/matrix.go @@ -26,6 +26,45 @@ func RelatesTo(noThreads bool, parentID id.EventID) *event.RelatesTo { } } +// EventParent returns parent event - either thread ID or reply-to ID +func EventParent(currentID id.EventID, content *event.MessageEventContent) id.EventID { + if content == nil { + return currentID + } + + if content.GetRelatesTo() == nil { + return currentID + } + + threadParent := content.RelatesTo.GetThreadParent() + if threadParent != "" { + return threadParent + } + + replyParent := content.RelatesTo.GetReplyTo() + if replyParent != "" { + return replyParent + } + + return currentID +} + +// EventField returns field value from raw event content +func EventField[T comparable](content *event.Content, field string) T { + var zero T + raw := content.Raw[field] + if raw == nil { + return zero + } + + v, ok := raw.(T) + if !ok { + return zero + } + + return v +} + // UnwrapError tries to unwrap a error into something meaningful, like mautrix.HTTPError or mautrix.RespError func UnwrapError(err error) error { switch err.(type) { From 12a2d4c6f978652d745eae68dbce1b4b5cdb0a8a Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 5 Sep 2022 17:02:00 +0300 Subject: [PATCH 02/26] dkim --- README.md | 53 +++++++++++++++++++++++++++++++++++++++++--- bot/command.go | 9 +++++++- bot/command_admin.go | 30 +++++++++++++++++++++++++ bot/email.go | 40 +++++++++++++++++++++++++++++++++ bot/settings_bot.go | 14 +++++++++++- go.mod | 3 +++ go.sum | 19 ++++++++++++++++ 7 files changed, 163 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 2cc34a2..2636f9d 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ You can find default values in [config/defaults.go](config/defaults.go) The following configuration needed only if you want to send emails using postmoogle -First, add new DMARC DNS record of `TXT` type for subdomain `_dmarc` with a proper policy, the easiest one is: `v=DMARC1; p=quarantine;`. +**First**, add new DMARC DNS record of `TXT` type for subdomain `_dmarc` with a proper policy, the easiest one is: `v=DMARC1; p=quarantine;`.
Example @@ -86,7 +86,7 @@ _dmarc.DOMAIN. 1799 IN TXT "v=DMARC1; p=quarantine;"
-Second, add new SPF DNS record of `TXT` type for your domain that will be used with postmoogle, with format: `v=spf1 ip4:SERVER_IP -all` +**Second**, add new SPF DNS record of `TXT` type for your domain that will be used with postmoogle, with format: `v=spf1 ip4:SERVER_IP -all`
Example @@ -116,6 +116,52 @@ DOMAIN. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all"
+**Third**, add new DKIM DNS record of `TXT` type for subdomain `postmoogle._domainkey` that will be used with postmoogle. + +You can get that signature using the `!pm dkim` command: + +
+!pm dkim +DKIM signature is: `v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw=`. +You need to add it to your DNS records (if not already): +Add new DNS record with type = `TXT`, key (subdomain/from): `postmoogle._domainkey` and value (to): + +``` +v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw= +``` + +Without that record other email servers may reject your emails as spam, kupo. + +
+ +
+Example + +```bash +$ dig TXT postmoogle._domainkey.DOMAIN + +; <<>> DiG 9.18.6 <<>> TXT postmoogle._domainkey.DOMAIN +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59014 +;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 1232 +;; QUESTION SECTION: +;postmoogle._domainkey.DOMAIN. IN TXT + +;; ANSWER SECTION: +postmoogle._domainkey.DOMAIN. 600 IN TXT "v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw=" + +;; Query time: 90 msec +;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) +;; WHEN: Mon Sep 05 16:16:21 EEST 2022 +;; MSG SIZE rcvd: 525 +``` + +
+ ## Usage ### How to start @@ -147,8 +193,9 @@ If you want to change them - check available options in the help message (`!pm h --- -* **!pm mailboxes** - Show the list of all mailboxes +* **!pm dkim** - Get DKIM signature * **!pm users** - Get or set allowed users patterns +* **!pm mailboxes** - Show the list of all mailboxes * **!pm delete** <mailbox> - Delete specific mailbox diff --git a/bot/command.go b/bot/command.go index 892cee1..de96e60 100644 --- a/bot/command.go +++ b/bot/command.go @@ -15,6 +15,7 @@ const ( commandHelp = "help" commandStop = "stop" commandSend = "send" + commandDKIM = "dkim" commandUsers = botOptionUsers commandDelete = "delete" commandMailboxes = "mailboxes" @@ -132,6 +133,11 @@ func (b *Bot) initCommands() commandList { description: "Get or set allowed users", allowed: b.allowAdmin, }, + { + key: commandDKIM, + description: "Get DKIM signature", + allowed: b.allowAdmin, + }, { key: commandMailboxes, description: "Show the list of all mailboxes", @@ -163,6 +169,8 @@ func (b *Bot) handleCommand(ctx context.Context, evt *event.Event, commandSlice b.runStop(ctx) case commandSend: b.runSend(ctx, commandSlice) + case commandDKIM: + b.runDKIM(ctx) case commandUsers: b.runUsers(ctx, commandSlice) case commandDelete: @@ -272,7 +280,6 @@ func (b *Bot) runSend(ctx context.Context, commandSlice []string) { subject := lines[1] body := strings.Join(lines[2:], "\n") - b.log.Debug("to=%s subject=%s body=%s", to, subject, body) err := b.Send2Email(ctx, to, subject, body) if err != nil { b.Error(ctx, evt.RoomID, "cannot send email: %v", err) diff --git a/bot/command_admin.go b/bot/command_admin.go index 978d8eb..c5a9f6c 100644 --- a/bot/command_admin.go +++ b/bot/command_admin.go @@ -6,6 +6,7 @@ import ( "sort" "strings" + "gitlab.com/etke.cc/go/secgen" "maunium.net/go/mautrix/id" "gitlab.com/etke.cc/postmoogle/utils" @@ -130,3 +131,32 @@ func (b *Bot) runUsers(ctx context.Context, commandSlice []string) { b.allowedUsers = allowedUsers b.SendNotice(ctx, evt.RoomID, "allowed users updated") } + +func (b *Bot) runDKIM(ctx context.Context) { + evt := eventFromContext(ctx) + cfg := b.getBotSettings() + signature := cfg.DKIMSignature() + if signature == "" { + var private string + var derr error + signature, private, derr = secgen.DKIM() + if derr != nil { + b.Error(ctx, evt.RoomID, "cannot generate DKIM signature: %v", derr) + return + } + cfg.Set(botOptionDKIMSignature, signature) + cfg.Set(botOptionDKIMPrivateKey, private) + err := b.setBotSettings(cfg) + if err != nil { + b.Error(ctx, evt.RoomID, "cannot save bot options: %v", err) + return + } + } + + b.SendNotice(ctx, evt.RoomID, fmt.Sprintf( + "DKIM signature is: `%s`.\n"+ + "You need to add it to your DNS records (if not already):\n"+ + "Add new DNS record with type = `TXT`, key (subdomain/from): `postmoogle._domainkey` and value (to):\n ```\n%s\n```\n"+ + "Without that record other email servers may reject your emails as spam, kupo.", + signature, signature)) +} diff --git a/bot/email.go b/bot/email.go index 2342199..030edc6 100644 --- a/bot/email.go +++ b/bot/email.go @@ -2,11 +2,15 @@ package bot import ( "context" + "crypto" + "crypto/x509" + "encoding/pem" "errors" "fmt" "strings" "time" + "github.com/emersion/go-msgauth/dkim" "maunium.net/go/mautrix/event" "maunium.net/go/mautrix/format" "maunium.net/go/mautrix/id" @@ -234,9 +238,45 @@ func (b *Bot) Send2Email(ctx context.Context, to, subject, body string) error { msg.WriteString(body) msg.WriteString("\r\n") + msg = b.signDKIM(msg) + return b.mta.Send(from, to, msg.String()) } +func (b *Bot) signDKIM(body strings.Builder) strings.Builder { + privkey := b.getBotSettings().DKIMPrivateKey() + if privkey == "" { + b.log.Warn("DKIM private key not found, email will be sent unsigned") + return body + } + pemblock, _ := pem.Decode([]byte(privkey)) + if pemblock == nil { + b.log.Error("cannot decode DKIM private key") + return body + } + parsedkey, err := x509.ParsePKCS8PrivateKey(pemblock.Bytes) + if err != nil { + b.log.Error("cannot parse PKCS8 private key: %v", err) + return body + } + signer := parsedkey.(crypto.Signer) + + options := &dkim.SignOptions{ + Domain: b.domain, + Selector: "postmoogle", + Signer: signer, + } + + var msg strings.Builder + err = dkim.Sign(&msg, strings.NewReader(body.String()), options) + if err != nil { + b.log.Error("cannot sign email: %v", err) + return body + } + + return msg +} + func (b *Bot) sendFiles(ctx context.Context, roomID id.RoomID, files []*utils.File, noThreads bool, parentID id.EventID) { for _, file := range files { req := file.Convert() diff --git a/bot/settings_bot.go b/bot/settings_bot.go index 23ba72a..d45cbe4 100644 --- a/bot/settings_bot.go +++ b/bot/settings_bot.go @@ -11,7 +11,9 @@ const acBotSettingsKey = "cc.etke.postmoogle.config" // bot options keys const ( - botOptionUsers = "users" + botOptionUsers = "users" + botOptionDKIMSignature = "dkim.pub" + botOptionDKIMPrivateKey = "dkim.pem" ) type botSettings map[string]string @@ -40,6 +42,16 @@ func (s botSettings) Users() []string { return []string{value} } +// DKIMSignature (DNS TXT record) +func (s botSettings) DKIMSignature() string { + return s.Get(botOptionDKIMSignature) +} + +// DKIMPrivateKey keep it secret +func (s botSettings) DKIMPrivateKey() string { + return s.Get(botOptionDKIMPrivateKey) +} + func (b *Bot) initBotUsers() ([]string, error) { config := b.getBotSettings() cfgUsers := config.Users() diff --git a/go.mod b/go.mod index 7aee223..68631fa 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.18 require ( git.sr.ht/~xn/cache/v2 v2.0.0 + github.com/emersion/go-msgauth v0.6.6 github.com/emersion/go-smtp v0.15.0 github.com/getsentry/sentry-go v0.13.0 github.com/jhillyerd/enmime v0.10.0 @@ -11,6 +12,7 @@ require ( github.com/mattn/go-sqlite3 v1.14.14 gitlab.com/etke.cc/go/env v1.0.0 gitlab.com/etke.cc/go/logger v1.1.0 + gitlab.com/etke.cc/go/secgen v1.1.0 gitlab.com/etke.cc/linkpearl v0.0.0-20220831124140-598117f26c77 golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b maunium.net/go/mautrix v0.12.0 @@ -27,6 +29,7 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/go-runewidth v0.0.12 // indirect + github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/rivo/uniseg v0.2.0 // indirect diff --git a/go.sum b/go.sum index f7a2f5c..b8768be 100644 --- a/go.sum +++ b/go.sum @@ -6,10 +6,18 @@ github.com/cention-sany/utf7 v0.0.0-20170124080048-26cad61bd60a/go.mod h1:2GxOXO github.com/coreos/go-systemd/v22 v22.3.3-0.20220203105225-a9a7ef127534/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emersion/go-message v0.11.2/go.mod h1:C4jnca5HOTo4bGN9YdqNQM9sITuT3Y0K6bSUw9RklvY= +github.com/emersion/go-message v0.15.0/go.mod h1:wQUEfE+38+7EW8p8aZ96ptg6bAb1iwdgej19uXASlE4= +github.com/emersion/go-milter v0.3.3/go.mod h1:ablHK0pbLB83kMFBznp/Rj8aV+Kc3jw8cxzzmCNLIOY= +github.com/emersion/go-msgauth v0.6.6 h1:buv5lL8v/3v4RpHnQFS2IPhE3nxSRX+AxnrEJbDbHhA= +github.com/emersion/go-msgauth v0.6.6/go.mod h1:A+/zaz9bzukLM6tRWRgJ3BdrBi+TFKTvQ3fGMFOI9SM= github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21 h1:OJyUGMJTzHTd1XQp98QTaHernxMYzRaOasRir9hUlFQ= github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21/go.mod h1:iL2twTeMvZnrg54ZoPDNfJaJaqy0xIQFuBdrLsmspwQ= github.com/emersion/go-smtp v0.15.0 h1:3+hMGMGrqP/lqd7qoxZc1hTU8LY8gHV9RFGWlqSDmP8= github.com/emersion/go-smtp v0.15.0/go.mod h1:qm27SGYgoIPRot6ubfQ/GpiPy/g3PaZAVRxiO/sDUgQ= +github.com/emersion/go-textwrapper v0.0.0-20160606182133-d0e65e56babe/go.mod h1:aqO8z8wPrjkscevZJFVE1wXJrLpC5LtJG7fqLOsPb2U= +github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594/go.mod h1:aqO8z8wPrjkscevZJFVE1wXJrLpC5LtJG7fqLOsPb2U= github.com/getsentry/sentry-go v0.13.0 h1:20dgTiUSfxRB/EhMPtxcL9ZEbM1ZdR+W/7f7NWD+xWo= github.com/getsentry/sentry-go v0.13.0/go.mod h1:EOsfu5ZdvKPfeHYV6pTVQnsjfp30+XA7//UooKNumH0= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= @@ -30,6 +38,7 @@ github.com/jhillyerd/enmime v0.10.0 h1:DZEzhptPRBesvN3gf7K1BOh4rfpqdsdrEoxW1Edr/ github.com/jhillyerd/enmime v0.10.0/go.mod h1:Qpe8EEemJMFAF8+NZoWdpXvK2Yb9dRF0k/z6mkcDHsA= github.com/lib/pq v1.10.6 h1:jbk+ZieJ0D7EVGJYpL9QTz7/YW6UHbmdnZWYyK5cdBs= github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/martinlindhe/base36 v1.0.0/go.mod h1:+AtEs8xrBpCeYgSLoY/aJ6Wf37jtBuR0s35750M27+8= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= @@ -41,6 +50,8 @@ github.com/mattn/go-runewidth v0.0.12 h1:Y41i/hVW3Pgwr8gV+J23B9YEY0zxjptBuCWEaxm github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-sqlite3 v1.14.14 h1:qZgc/Rwetq+MtyE18WhzjokPD93dNqLGNT3QJuLvBGw= github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a h1:eU8j/ClY2Ty3qdHnn0TyW3ivFoPC/0F1gQZz8yTxbbE= +github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a/go.mod h1:v8eSC2SMp9/7FTKUncp7fH9IwPfw+ysMObcEz5FWheQ= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4= @@ -57,6 +68,7 @@ github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6us github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf h1:pvbZ0lM0XWPBqUKqFU8cmavspvIl9nulOYwdy6IFRRo= github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf/go.mod h1:RJID2RhlZKId02nZ62WenDCkgHFerpIOmW0iT7GKmXM= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= @@ -74,21 +86,28 @@ gitlab.com/etke.cc/go/env v1.0.0 h1:J98BwzOuELnjsVPFvz5wa79L7IoRV9CmrS41xLYXtSw= gitlab.com/etke.cc/go/env v1.0.0/go.mod h1:e1l4RM5MA1sc0R1w/RBDAESWRwgo5cOG9gx8BKUn2C4= gitlab.com/etke.cc/go/logger v1.1.0 h1:Yngp/DDLmJ0jJNLvLXrfan5Gi5QV+r7z6kCczTv8t4U= gitlab.com/etke.cc/go/logger v1.1.0/go.mod h1:8Vw5HFXlZQ5XeqvUs5zan+GnhrQyYtm/xe+yj8H/0zk= +gitlab.com/etke.cc/go/secgen v1.1.0 h1:KFjFEXNlSPtY19ichNL+lQF2Q0vP3/9O2rVGZzVrqq0= +gitlab.com/etke.cc/go/secgen v1.1.0/go.mod h1:3pJqRGeWApzx7qXjABqz2o2SMCNpKSZao/gXVdasqE8= gitlab.com/etke.cc/linkpearl v0.0.0-20220831124140-598117f26c77 h1:O9t4Sw/nu0JDUX+3KYjaqBi887opyNZ0imE+i2sV+q8= gitlab.com/etke.cc/linkpearl v0.0.0-20220831124140-598117f26c77/go.mod h1:CqwzwxVogKG6gDWTPTen3NyWbTESg42jxoTfXXwDGKQ= +golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/net v0.0.0-20210501142056-aec3718b3fa0/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b h1:ZmngSVLe/wycRns9MKikG9OWIEjGcGAkacif7oYQaUY= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 h1:v6hYoSR9T5oet+pMXwUWkbiVqx/63mlHjefrHmxwfeY= golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= From 41f3ad947e471d427b5440993831413890380a13 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 5 Sep 2022 17:02:45 +0300 Subject: [PATCH 03/26] fix readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2636f9d..7062a5c 100644 --- a/README.md +++ b/README.md @@ -122,6 +122,7 @@ You can get that signature using the `!pm dkim` command:
!pm dkim + DKIM signature is: `v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw=`. You need to add it to your DNS records (if not already): Add new DNS record with type = `TXT`, key (subdomain/from): `postmoogle._domainkey` and value (to): From e4c425fb2e89a7ca4429dd26e5eb6ea110d8515a Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 5 Sep 2022 18:00:09 +0300 Subject: [PATCH 04/26] update readme --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 7062a5c..a16c156 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,15 @@ It can't be used with arbitrary email providers, but setup your own provider "wi - [x] Receive attachments - [x] Map email threads to matrix threads +#### deep dive + +> features in that section considered as "nice to have", but not a priority + +- [ ] DKIM verification +- [ ] SPF verification +- [ ] DMARC verification +- [ ] Blocklists + ### Send - [x] SMTP client From 2427d41ae3a0f5d0c656685df0783e8d4fb25851 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 5 Sep 2022 20:10:07 +0300 Subject: [PATCH 05/26] move parsing of !pm send to utils, update !pm send instructions --- bot/command.go | 23 +++++++++++++---------- utils/command.go | 25 +++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 10 deletions(-) create mode 100644 utils/command.go diff --git a/bot/command.go b/bot/command.go index de96e60..87341ca 100644 --- a/bot/command.go +++ b/bot/command.go @@ -268,19 +268,22 @@ func (b *Bot) runSend(ctx context.Context, commandSlice []string) { if !b.allowSend(evt.Sender, evt.RoomID) { return } - - if len(commandSlice) < 3 { - b.SendNotice(ctx, evt.RoomID, fmt.Sprintf("Usage:\n```\n%s send EMAIL\nSubject\nBody\n```", b.prefix)) + to, subject, body, err := utils.ParseSend(commandSlice) + if err == utils.ErrInvalidArgs { + b.SendNotice(ctx, evt.RoomID, fmt.Sprintf( + "Usage:\n"+ + "```\n"+ + "%s send someone@example.com\n"+ + "Subject goes here on a line of its own\n"+ + "Email content goes here\n"+ + "on as many lines\n"+ + "as you want.\n"+ + "```", + b.prefix)) return } - message := strings.Join(commandSlice, " ") - lines := strings.Split(message, "\n") - commandSlice = strings.Split(lines[0], " ") - to := commandSlice[1] - subject := lines[1] - body := strings.Join(lines[2:], "\n") - err := b.Send2Email(ctx, to, subject, body) + err = b.Send2Email(ctx, to, subject, body) if err != nil { b.Error(ctx, evt.RoomID, "cannot send email: %v", err) return diff --git a/utils/command.go b/utils/command.go new file mode 100644 index 0000000..91e7a04 --- /dev/null +++ b/utils/command.go @@ -0,0 +1,25 @@ +package utils + +import ( + "fmt" + "strings" +) + +// ErrInvalidArgs returned when a command's arguments are invalid +var ErrInvalidArgs = fmt.Errorf("invalid arguments") + +// ParseSend parses "!pm send" command, returns to, subject, body, err +func ParseSend(commandSlice []string) (string, string, string, error) { + if len(commandSlice) < 3 { + return "", "", "", ErrInvalidArgs + } + + message := strings.Join(commandSlice, " ") + lines := strings.Split(message, "\n") + commandSlice = strings.Split(lines[0], " ") + to := commandSlice[1] + subject := lines[1] + body := strings.Join(lines[2:], "\n") + + return to, subject, body, nil +} From 7d435f7ba831af239d74716b9ad8c7823485f736 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 5 Sep 2022 20:38:58 +0300 Subject: [PATCH 06/26] move email composing to utils --- bot/email.go | 79 +++--------------------------------------------- utils/email.go | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+), 74 deletions(-) diff --git a/bot/email.go b/bot/email.go index 030edc6..9b5639a 100644 --- a/bot/email.go +++ b/bot/email.go @@ -2,15 +2,10 @@ package bot import ( "context" - "crypto" - "crypto/x509" - "encoding/pem" "errors" "fmt" "strings" - "time" - "github.com/emersion/go-msgauth/dkim" "maunium.net/go/mautrix/event" "maunium.net/go/mautrix/format" "maunium.net/go/mautrix/id" @@ -206,75 +201,11 @@ func (b *Bot) Send2Email(ctx context.Context, to, subject, body string) error { body = b.getBody(content) } - var msg strings.Builder - msg.WriteString("From: ") - msg.WriteString(from) - msg.WriteString("\r\n") - - msg.WriteString("To: ") - msg.WriteString(to) - msg.WriteString("\r\n") - - msg.WriteString("Message-Id: ") - msg.WriteString(evt.ID.String()[1:] + "@" + b.domain) - msg.WriteString("\r\n") - - msg.WriteString("Date: ") - msg.WriteString(time.Now().UTC().Format(time.RFC1123Z)) - msg.WriteString("\r\n") - - if inReplyTo != "" { - msg.WriteString("In-Reply-To: ") - msg.WriteString(inReplyTo) - msg.WriteString("\r\n") - } - - msg.WriteString("Subject: ") - msg.WriteString(subject) - msg.WriteString("\r\n") - - msg.WriteString("\r\n") - - msg.WriteString(body) - msg.WriteString("\r\n") - - msg = b.signDKIM(msg) - - return b.mta.Send(from, to, msg.String()) -} - -func (b *Bot) signDKIM(body strings.Builder) strings.Builder { - privkey := b.getBotSettings().DKIMPrivateKey() - if privkey == "" { - b.log.Warn("DKIM private key not found, email will be sent unsigned") - return body - } - pemblock, _ := pem.Decode([]byte(privkey)) - if pemblock == nil { - b.log.Error("cannot decode DKIM private key") - return body - } - parsedkey, err := x509.ParsePKCS8PrivateKey(pemblock.Bytes) - if err != nil { - b.log.Error("cannot parse PKCS8 private key: %v", err) - return body - } - signer := parsedkey.(crypto.Signer) - - options := &dkim.SignOptions{ - Domain: b.domain, - Selector: "postmoogle", - Signer: signer, - } - - var msg strings.Builder - err = dkim.Sign(&msg, strings.NewReader(body.String()), options) - if err != nil { - b.log.Error("cannot sign email: %v", err) - return body - } - - return msg + ID := evt.ID.String()[1:] + "@" + b.domain + data := utils. + NewEmail(ID, inReplyTo, subject, from, to, body, "", nil). + Compose(b.getBotSettings().DKIMPrivateKey()) + return b.mta.Send(from, to, data) } func (b *Bot) sendFiles(ctx context.Context, roomID id.RoomID, files []*utils.File, noThreads bool, parentID id.EventID) { diff --git a/utils/email.go b/utils/email.go index bb14e7e..3e60e95 100644 --- a/utils/email.go +++ b/utils/email.go @@ -1,5 +1,15 @@ package utils +import ( + "crypto" + "crypto/x509" + "encoding/pem" + "strings" + "time" + + "github.com/emersion/go-msgauth/dkim" +) + // MTA is mail transfer agent type MTA interface { Send(from, to, data string) error @@ -7,6 +17,9 @@ type MTA interface { // Email object type Email struct { + data strings.Builder + + Date string MessageID string InReplyTo string From string @@ -20,6 +33,7 @@ type Email struct { // NewEmail constructs Email object func NewEmail(messageID, inReplyTo, subject, from, to, text, html string, files []*File) *Email { email := &Email{ + Date: time.Now().UTC().Format(time.RFC1123Z), MessageID: messageID, InReplyTo: inReplyTo, From: from, @@ -40,3 +54,71 @@ func NewEmail(messageID, inReplyTo, subject, from, to, text, html string, files return email } + +// Compose converts email object to string and (optionally) signs it +func (e *Email) Compose(privkey string) string { + domain := strings.SplitN(e.From, "@", 2)[0] + + e.data.WriteString("From: ") + e.data.WriteString(e.From) + e.data.WriteString("\r\n") + + e.data.WriteString("To: ") + e.data.WriteString(e.To) + e.data.WriteString("\r\n") + + e.data.WriteString("Message-Id: ") + e.data.WriteString(e.MessageID) + e.data.WriteString("\r\n") + + e.data.WriteString("Date: ") + e.data.WriteString(e.Date) + e.data.WriteString("\r\n") + + if e.InReplyTo != "" { + e.data.WriteString("In-Reply-To: ") + e.data.WriteString(e.InReplyTo) + e.data.WriteString("\r\n") + } + + e.data.WriteString("Subject: ") + e.data.WriteString(e.Subject) + e.data.WriteString("\r\n") + + e.data.WriteString("\r\n") + + e.data.WriteString(e.Text) + e.data.WriteString("\r\n") + + e.sign(domain, privkey) + return e.data.String() +} + +func (e *Email) sign(domain, privkey string) { + if privkey == "" { + return + } + pemblock, _ := pem.Decode([]byte(privkey)) + if pemblock == nil { + return + } + parsedkey, err := x509.ParsePKCS8PrivateKey(pemblock.Bytes) + if err != nil { + return + } + signer := parsedkey.(crypto.Signer) + + options := &dkim.SignOptions{ + Domain: domain, + Selector: "postmoogle", + Signer: signer, + } + + var msg strings.Builder + err = dkim.Sign(&msg, strings.NewReader(e.data.String()), options) + if err != nil { + return + } + + e.data = msg +} From 1f896d1b26db96224f2ba8d62ddb4aeec70d435b Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 16:46:14 +0300 Subject: [PATCH 07/26] add note about MX record --- README.md | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a16c156..e69418d 100644 --- a/README.md +++ b/README.md @@ -125,7 +125,38 @@ DOMAIN. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all"
-**Third**, add new DKIM DNS record of `TXT` type for subdomain `postmoogle._domainkey` that will be used with postmoogle. +**Third**, add new MX DNS record of `MX` type for your domain that will be used with postmoogle, it should point to the same (sub-)domain. +Looks odd, but some mail servers will refuse to interact with your mail server (and Postmoogle is already a mail server) without MX records. + +
+Example + +```bash +dig MX DOMAIN + +; <<>> DiG 9.18.6 <<>> MX DOMAIN +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12688 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 1232 +;; QUESTION SECTION: +;DOMAIN. IN MX + +;; ANSWER SECTION: +DOMAIN. 1799 IN MX 10 DOMAIN. + +;; Query time: 40 msec +;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) +;; WHEN: Tue Sep 06 16:44:47 EEST 2022 +;; MSG SIZE rcvd: 59 +``` + +
+ +**Fourth** (and the last one), add new DKIM DNS record of `TXT` type for subdomain `postmoogle._domainkey` that will be used with postmoogle. You can get that signature using the `!pm dkim` command: From 085cdf5dbf9a980cad7d771cdd1fb56a444103a6 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 18:39:35 +0300 Subject: [PATCH 08/26] refactor email2content --- bot/email.go | 39 ++------------------------------- bot/settings_room.go | 15 +++++++++++++ utils/email.go | 52 ++++++++++++++++++++++++++++++++++++++++++++ utils/matrix.go | 14 ++++++------ 4 files changed, 76 insertions(+), 44 deletions(-) diff --git a/bot/email.go b/bot/email.go index 9b5639a..449f7d6 100644 --- a/bot/email.go +++ b/bot/email.go @@ -7,7 +7,6 @@ import ( "strings" "maunium.net/go/mautrix/event" - "maunium.net/go/mautrix/format" "maunium.net/go/mautrix/id" "gitlab.com/etke.cc/postmoogle/utils" @@ -27,39 +26,6 @@ const ( eventFromKey = "cc.etke.postmoogle.from" ) -func email2content(email *utils.Email, cfg roomSettings, threadID id.EventID) *event.Content { - var text strings.Builder - if !cfg.NoSender() { - text.WriteString("From: ") - text.WriteString(email.From) - text.WriteString("\n\n") - } - if !cfg.NoSubject() { - text.WriteString("# ") - text.WriteString(email.Subject) - text.WriteString("\n\n") - } - if email.HTML != "" && !cfg.NoHTML() { - text.WriteString(format.HTMLToMarkdown(email.HTML)) - } else { - text.WriteString(email.Text) - } - - parsed := format.RenderMarkdown(text.String(), true, true) - parsed.RelatesTo = utils.RelatesTo(cfg.NoThreads(), threadID) - - content := event.Content{ - Raw: map[string]interface{}{ - eventMessageIDkey: email.MessageID, - eventInReplyToKey: email.InReplyTo, - eventSubjectKey: email.Subject, - eventFromKey: email.From, - }, - Parsed: parsed, - } - return &content -} - // SetSMTPAuth sets dynamic login and password to auth against built-in smtp server func (b *Bot) SetMTA(mta utils.MTA) { b.mta = mta @@ -100,8 +66,7 @@ func (b *Bot) Send2Matrix(ctx context.Context, email *utils.Email) error { b.setThreadID(roomID, email.MessageID, threadID) } } - - content := email2content(email, cfg, threadID) + content := email.Content(threadID, cfg.ContentOptions()) eventID, serr := b.lp.Send(roomID, content) if serr != nil { return utils.UnwrapError(serr) @@ -220,7 +185,7 @@ func (b *Bot) sendFiles(ctx context.Context, roomID id.RoomID, files []*utils.Fi MsgType: event.MsgFile, Body: req.FileName, URL: resp.ContentURI.CUString(), - RelatesTo: utils.RelatesTo(noThreads, parentID), + RelatesTo: utils.RelatesTo(!noThreads, parentID), }) if err != nil { b.Error(ctx, roomID, "cannot send uploaded file %s: %v", req.FileName, err) diff --git a/bot/settings_room.go b/bot/settings_room.go index 4423c80..411d33d 100644 --- a/bot/settings_room.go +++ b/bot/settings_room.go @@ -67,6 +67,21 @@ func (s roomSettings) NoFiles() bool { return utils.Bool(s.Get(roomOptionNoFiles)) } +// ContentOptions converts room display settings to content options +func (s roomSettings) ContentOptions() *utils.ContentOptions { + return &utils.ContentOptions{ + HTML: !s.NoHTML(), + Sender: !s.NoSender(), + Subject: !s.NoSubject(), + Threads: !s.NoThreads(), + + FromKey: eventFromKey, + SubjectKey: eventSubjectKey, + MessageIDKey: eventMessageIDkey, + InReplyToKey: eventInReplyToKey, + } +} + func (b *Bot) getRoomSettings(roomID id.RoomID) (roomSettings, error) { cfg := b.cfg.Get(roomID.String()) if cfg != nil { diff --git a/utils/email.go b/utils/email.go index 3e60e95..b70d156 100644 --- a/utils/email.go +++ b/utils/email.go @@ -8,6 +8,9 @@ import ( "time" "github.com/emersion/go-msgauth/dkim" + "maunium.net/go/mautrix/event" + "maunium.net/go/mautrix/format" + "maunium.net/go/mautrix/id" ) // MTA is mail transfer agent @@ -30,6 +33,21 @@ type Email struct { Files []*File } +// ContentOptions used to convert email to matrix event content +type ContentOptions struct { + // On/Off + Sender bool + Subject bool + HTML bool + Threads bool + + // Keys + MessageIDKey string + InReplyToKey string + SubjectKey string + FromKey string +} + // NewEmail constructs Email object func NewEmail(messageID, inReplyTo, subject, from, to, text, html string, files []*File) *Email { email := &Email{ @@ -55,6 +73,40 @@ func NewEmail(messageID, inReplyTo, subject, from, to, text, html string, files return email } +// Content converts email to matrix event content +func (e *Email) Content(threadID id.EventID, options *ContentOptions) *event.Content { + var text strings.Builder + if options.Sender { + text.WriteString("From: ") + text.WriteString(e.From) + text.WriteString("\n\n") + } + if options.Subject { + text.WriteString("# ") + text.WriteString(e.Subject) + text.WriteString("\n\n") + } + if e.HTML != "" && options.HTML { + text.WriteString(format.HTMLToMarkdown(e.HTML)) + } else { + text.WriteString(e.Text) + } + + parsed := format.RenderMarkdown(text.String(), true, true) + parsed.RelatesTo = RelatesTo(options.Threads, threadID) + + content := event.Content{ + Raw: map[string]interface{}{ + options.MessageIDKey: e.MessageID, + options.InReplyToKey: e.InReplyTo, + options.SubjectKey: e.Subject, + options.FromKey: e.From, + }, + Parsed: parsed, + } + return &content +} + // Compose converts email object to string and (optionally) signs it func (e *Email) Compose(privkey string) string { domain := strings.SplitN(e.From, "@", 2)[0] diff --git a/utils/matrix.go b/utils/matrix.go index 47e4f03..3af5de4 100644 --- a/utils/matrix.go +++ b/utils/matrix.go @@ -7,22 +7,22 @@ import ( ) // RelatesTo block of matrix event content -func RelatesTo(noThreads bool, parentID id.EventID) *event.RelatesTo { +func RelatesTo(threads bool, parentID id.EventID) *event.RelatesTo { if parentID == "" { return nil } - if noThreads { + if threads { return &event.RelatesTo{ - InReplyTo: &event.InReplyTo{ - EventID: parentID, - }, + Type: event.RelThread, + EventID: parentID, } } return &event.RelatesTo{ - Type: event.RelThread, - EventID: parentID, + InReplyTo: &event.InReplyTo{ + EventID: parentID, + }, } } From 17c8d06a3317a627cf090f97214c9e75d67be5eb Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 18:51:46 +0300 Subject: [PATCH 09/26] disable insecure auth --- smtp/msa.go | 1 - 1 file changed, 1 deletion(-) diff --git a/smtp/msa.go b/smtp/msa.go index 90d4261..feb6158 100644 --- a/smtp/msa.go +++ b/smtp/msa.go @@ -49,7 +49,6 @@ func Start(domain, port, loglevel string, maxSize int, client Client) error { s.ReadTimeout = 10 * time.Second s.WriteTimeout = 10 * time.Second s.MaxMessageBytes = maxSize * 1024 * 1024 - s.AllowInsecureAuth = true if log.GetLevel() == "DEBUG" || log.GetLevel() == "TRACE" { s.Debug = os.Stdout } From af1b66427478c347a9c08a6aa0c3a3fce3e09ca2 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:02:21 +0300 Subject: [PATCH 10/26] cache empty settings --- bot/settings_room.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bot/settings_room.go b/bot/settings_room.go index 411d33d..f2a6b6c 100644 --- a/bot/settings_room.go +++ b/bot/settings_room.go @@ -97,7 +97,9 @@ func (b *Bot) getRoomSettings(roomID id.RoomID) (roomSettings, error) { // In such cases, just return a default (empty) settings object. err = nil } - } else { + } + + if err == nil { b.cfg.Set(roomID.String(), config) } From 2b5095b0b25b5e2d64c77024a472bbb3a3e71708 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:03:10 +0300 Subject: [PATCH 11/26] add note about interface --- smtp/msa.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/smtp/msa.go b/smtp/msa.go index feb6158..887ed66 100644 --- a/smtp/msa.go +++ b/smtp/msa.go @@ -10,7 +10,7 @@ import ( "gitlab.com/etke.cc/go/logger" ) -// msa is mail submission agent +// msa is mail submission agent, implements smtp.Backend type msa struct { log *logger.Logger domain string From 5945ddc8a010b72adbdd3621cc4b3a16ead78794 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:16:28 +0300 Subject: [PATCH 12/26] rename internal thigs of smtp/ --- smtp/msa.go | 22 +++++++++++----------- smtp/msasession.go | 6 +++--- smtp/mta.go | 4 ++-- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/smtp/msa.go b/smtp/msa.go index 887ed66..94922ba 100644 --- a/smtp/msa.go +++ b/smtp/msa.go @@ -14,35 +14,35 @@ import ( type msa struct { log *logger.Logger domain string - client Client + bot Bot } -func (b *msa) newSession() *msasession { +func (m *msa) newSession() *msasession { return &msasession{ ctx: sentry.SetHubOnContext(context.Background(), sentry.CurrentHub().Clone()), - log: b.log, - domain: b.domain, - client: b.client, + log: m.log, + bot: m.bot, + domain: m.domain, } } -func (b *msa) Login(state *smtp.ConnectionState, username, password string) (smtp.Session, error) { +func (m *msa) Login(state *smtp.ConnectionState, username, password string) (smtp.Session, error) { return nil, smtp.ErrAuthUnsupported } -func (b *msa) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, error) { - return b.newSession(), nil +func (m *msa) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, error) { + return m.newSession(), nil } -func Start(domain, port, loglevel string, maxSize int, client Client) error { +func Start(domain, port, loglevel string, maxSize int, bot Bot) error { log := logger.New("smtp.", loglevel) sender := NewMTA(loglevel) receiver := &msa{ log: log, + bot: bot, domain: domain, - client: client, } - receiver.client.SetMTA(sender) + receiver.bot.SetMTA(sender) s := smtp.NewServer(receiver) s.Addr = ":" + port s.Domain = domain diff --git a/smtp/msasession.go b/smtp/msasession.go index 76e652f..4003717 100644 --- a/smtp/msasession.go +++ b/smtp/msasession.go @@ -14,8 +14,8 @@ import ( type msasession struct { log *logger.Logger + bot Bot domain string - client Client ctx context.Context to string @@ -37,7 +37,7 @@ func (s *msasession) Rcpt(to string) error { return smtp.ErrAuthRequired } - _, ok := s.client.GetMapping(utils.Mailbox(to)) + _, ok := s.bot.GetMapping(utils.Mailbox(to)) if !ok { s.log.Debug("mapping for %s not found", to) return smtp.ErrAuthRequired @@ -84,7 +84,7 @@ func (s *msasession) Data(r io.Reader) error { eml.HTML, files) - return s.client.Send2Matrix(s.ctx, email) + return s.bot.Send2Matrix(s.ctx, email) } func (s *msasession) Reset() {} diff --git a/smtp/mta.go b/smtp/mta.go index 54de3b6..b29ed66 100644 --- a/smtp/mta.go +++ b/smtp/mta.go @@ -15,8 +15,8 @@ import ( "gitlab.com/etke.cc/postmoogle/utils" ) -// Client interface to send emails into matrix -type Client interface { +// Bot interface to send emails into matrix +type Bot interface { GetMapping(string) (id.RoomID, bool) Send2Matrix(ctx context.Context, email *utils.Email) error SetMTA(mta utils.MTA) From bbb6bec35f29dec53f9267bef76b7ac6d195accd Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:21:23 +0300 Subject: [PATCH 13/26] update SetMTA comment --- bot/email.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bot/email.go b/bot/email.go index 449f7d6..908224d 100644 --- a/bot/email.go +++ b/bot/email.go @@ -26,7 +26,7 @@ const ( eventFromKey = "cc.etke.postmoogle.from" ) -// SetSMTPAuth sets dynamic login and password to auth against built-in smtp server +// SetMTA sets mail transfer agent instance to the bot func (b *Bot) SetMTA(mta utils.MTA) { b.mta = mta } From db135c0cb1072b8885622013c625b77b2ad6b400 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:34:21 +0300 Subject: [PATCH 14/26] deconstruct getSubject and getBody --- bot/email.go | 24 ++++++------------------ 1 file changed, 6 insertions(+), 18 deletions(-) diff --git a/bot/email.go b/bot/email.go index 908224d..d3c015d 100644 --- a/bot/email.go +++ b/bot/email.go @@ -84,22 +84,6 @@ func (b *Bot) Send2Matrix(ctx context.Context, email *utils.Email) error { return nil } -func (b *Bot) getBody(content *event.MessageEventContent) string { - if content.FormattedBody != "" { - return content.FormattedBody - } - - return content.Body -} - -func (b *Bot) getSubject(content *event.MessageEventContent) string { - if content.Body == "" { - return "" - } - - return strings.SplitN(content.Body, "\n", 1)[0] -} - func (b *Bot) getParentEmail(evt *event.Event) (string, string, string) { content := evt.Content.AsMessage() parentID := utils.EventParent(evt.ID, content) @@ -160,10 +144,14 @@ func (b *Bot) Send2Email(ctx context.Context, to, subject, body string) error { content := evt.Content.AsMessage() if subject == "" { - subject = b.getSubject(content) + subject = strings.SplitN(content.Body, "\n", 1)[0] } if body == "" { - body = b.getBody(content) + if content.FormattedBody != "" { + body = content.FormattedBody + } else { + body = content.Body + } } ID := evt.ID.String()[1:] + "@" + b.domain From 4d015795055f9ca943e9c1e499be509350c4df3a Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:43:04 +0300 Subject: [PATCH 15/26] move email sending to b.runSend() --- bot/command.go | 19 ++++++++++++++++++- bot/email.go | 1 + 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/bot/command.go b/bot/command.go index 87341ca..9aa3925 100644 --- a/bot/command.go +++ b/bot/command.go @@ -283,7 +283,24 @@ func (b *Bot) runSend(ctx context.Context, commandSlice []string) { return } - err = b.Send2Email(ctx, to, subject, body) + cfg, err := b.getRoomSettings(evt.RoomID) + if err != nil { + b.Error(ctx, evt.RoomID, "failed to retrieve room settings: %v", err) + return + } + + mailbox := cfg.Mailbox() + if mailbox == "" { + b.SendNotice(ctx, evt.RoomID, "mailbox is not configured, kupo") + return + } + + from := mailbox + "@" + b.domain + ID := evt.ID.String()[1:] + "@" + b.domain + data := utils. + NewEmail(ID, "", subject, from, to, body, "", nil). + Compose(b.getBotSettings().DKIMPrivateKey()) + err = b.mta.Send(from, to, data) if err != nil { b.Error(ctx, evt.RoomID, "cannot send email: %v", err) return diff --git a/bot/email.go b/bot/email.go index d3c015d..10f1a84 100644 --- a/bot/email.go +++ b/bot/email.go @@ -121,6 +121,7 @@ func (b *Bot) getParentEmail(evt *event.Event) (string, string, string) { } // Send2Email sends message to email +// TODO rewrite to thread replies only func (b *Bot) Send2Email(ctx context.Context, to, subject, body string) error { var inReplyTo string evt := eventFromContext(ctx) From 4c96e6a11f62121b3900c1aef69d28090e5e9f23 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:44:05 +0000 Subject: [PATCH 16/26] Apply 1 suggestion(s) to 1 file(s) --- smtp/mta.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/smtp/mta.go b/smtp/mta.go index b29ed66..3b7c44e 100644 --- a/smtp/mta.go +++ b/smtp/mta.go @@ -112,5 +112,14 @@ func (m *mta) connect(from, to string) (*smtp.Client, error) { } } + // If there are no MX records, according to https://datatracker.ietf.org/doc/html/rfc5321#section-5.1, + // we're supposed to try talking directly to the host. + if len(mxs) == 0 { + client := m.tryServer(localname, hostname) + if client != nil { + return client, nil + } + } + return nil, fmt.Errorf("target SMTP server not found") } From 86890c1f89ff23bfa5200c16c2ff9d040d569aba Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:48:37 +0300 Subject: [PATCH 17/26] refactor email.Compose() --- utils/email.go | 64 ++++++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 33 deletions(-) diff --git a/utils/email.go b/utils/email.go index b70d156..2349262 100644 --- a/utils/email.go +++ b/utils/email.go @@ -20,8 +20,6 @@ type MTA interface { // Email object type Email struct { - data strings.Builder - Date string MessageID string InReplyTo string @@ -109,54 +107,54 @@ func (e *Email) Content(threadID id.EventID, options *ContentOptions) *event.Con // Compose converts email object to string and (optionally) signs it func (e *Email) Compose(privkey string) string { + var data strings.Builder + domain := strings.SplitN(e.From, "@", 2)[0] + data.WriteString("From: ") + data.WriteString(e.From) + data.WriteString("\r\n") - e.data.WriteString("From: ") - e.data.WriteString(e.From) - e.data.WriteString("\r\n") + data.WriteString("To: ") + data.WriteString(e.To) + data.WriteString("\r\n") - e.data.WriteString("To: ") - e.data.WriteString(e.To) - e.data.WriteString("\r\n") + data.WriteString("Message-Id: ") + data.WriteString(e.MessageID) + data.WriteString("\r\n") - e.data.WriteString("Message-Id: ") - e.data.WriteString(e.MessageID) - e.data.WriteString("\r\n") - - e.data.WriteString("Date: ") - e.data.WriteString(e.Date) - e.data.WriteString("\r\n") + data.WriteString("Date: ") + data.WriteString(e.Date) + data.WriteString("\r\n") if e.InReplyTo != "" { - e.data.WriteString("In-Reply-To: ") - e.data.WriteString(e.InReplyTo) - e.data.WriteString("\r\n") + data.WriteString("In-Reply-To: ") + data.WriteString(e.InReplyTo) + data.WriteString("\r\n") } - e.data.WriteString("Subject: ") - e.data.WriteString(e.Subject) - e.data.WriteString("\r\n") + data.WriteString("Subject: ") + data.WriteString(e.Subject) + data.WriteString("\r\n") - e.data.WriteString("\r\n") + data.WriteString("\r\n") - e.data.WriteString(e.Text) - e.data.WriteString("\r\n") + data.WriteString(e.Text) + data.WriteString("\r\n") - e.sign(domain, privkey) - return e.data.String() + return e.sign(domain, privkey, data) } -func (e *Email) sign(domain, privkey string) { +func (e *Email) sign(domain, privkey string, data strings.Builder) string { if privkey == "" { - return + return data.String() } pemblock, _ := pem.Decode([]byte(privkey)) if pemblock == nil { - return + return data.String() } parsedkey, err := x509.ParsePKCS8PrivateKey(pemblock.Bytes) if err != nil { - return + return data.String() } signer := parsedkey.(crypto.Signer) @@ -167,10 +165,10 @@ func (e *Email) sign(domain, privkey string) { } var msg strings.Builder - err = dkim.Sign(&msg, strings.NewReader(e.data.String()), options) + err = dkim.Sign(&msg, strings.NewReader(data.String()), options) if err != nil { - return + return data.String() } - e.data = msg + return msg.String() } From bac3447db28766e1bb1e6f0cfb21ef3bb4aa4057 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:49:02 +0000 Subject: [PATCH 18/26] Apply 1 suggestion(s) to 1 file(s) --- utils/email.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/email.go b/utils/email.go index 2349262..904cfe8 100644 --- a/utils/email.go +++ b/utils/email.go @@ -31,7 +31,7 @@ type Email struct { Files []*File } -// ContentOptions used to convert email to matrix event content +// ContentOptions represents settings that specify how an email is to be converted to a Matrix message type ContentOptions struct { // On/Off Sender bool From 321d1da79fe5abdb5947cd80f6612d1f28c69ad5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:49:13 +0000 Subject: [PATCH 19/26] Apply 1 suggestion(s) to 1 file(s) --- utils/email.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/email.go b/utils/email.go index 904cfe8..80be37e 100644 --- a/utils/email.go +++ b/utils/email.go @@ -105,7 +105,7 @@ func (e *Email) Content(threadID id.EventID, options *ContentOptions) *event.Con return &content } -// Compose converts email object to string and (optionally) signs it +// Compose converts the email object to a string (to be used for delivery via SMTP) and possibly DKIM-signs it func (e *Email) Compose(privkey string) string { var data strings.Builder From ca758f8825c3c810c375747a8188abf5646661dd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:49:30 +0000 Subject: [PATCH 20/26] Apply 1 suggestion(s) to 1 file(s) --- utils/email.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/email.go b/utils/email.go index 80be37e..ff86db3 100644 --- a/utils/email.go +++ b/utils/email.go @@ -71,7 +71,7 @@ func NewEmail(messageID, inReplyTo, subject, from, to, text, html string, files return email } -// Content converts email to matrix event content +// Content converts the email object to a Matrix event content func (e *Email) Content(threadID id.EventID, options *ContentOptions) *event.Content { var text strings.Builder if options.Sender { From 78210e6487f528d31bad04c6b0823c0bca261400 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:52:40 +0300 Subject: [PATCH 21/26] update utils.RelatesTo and utils.EventParent comments --- utils/matrix.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/matrix.go b/utils/matrix.go index 3af5de4..be96e4b 100644 --- a/utils/matrix.go +++ b/utils/matrix.go @@ -6,7 +6,7 @@ import ( "maunium.net/go/mautrix/id" ) -// RelatesTo block of matrix event content +// RelatesTo returns relation object of a matrix event (either threads or reply-to) func RelatesTo(threads bool, parentID id.EventID) *event.RelatesTo { if parentID == "" { return nil @@ -26,7 +26,7 @@ func RelatesTo(threads bool, parentID id.EventID) *event.RelatesTo { } } -// EventParent returns parent event - either thread ID or reply-to ID +// EventParent returns parent event ID (either from thread or from reply-to relation) func EventParent(currentID id.EventID, content *event.MessageEventContent) id.EventID { if content == nil { return currentID From eacdbe587b6f4af11a0eb1678d589dbefe95f603 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:53:00 +0000 Subject: [PATCH 22/26] Apply 1 suggestion(s) to 1 file(s) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e69418d..aaa57bb 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ You can find default values in [config/defaults.go](config/defaults.go) ### 2. DNS (optional) -The following configuration needed only if you want to send emails using postmoogle +The following configuration is needed only if you want to send outgoing emails via Postmoogle (it's not necessary if you only want to receive emails). **First**, add new DMARC DNS record of `TXT` type for subdomain `_dmarc` with a proper policy, the easiest one is: `v=DMARC1; p=quarantine;`. From d5676ecc07d5298a189e38ae5fabc4f57e0a2f21 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 6 Sep 2022 22:55:08 +0300 Subject: [PATCH 23/26] replace DOMAIN to example.com in readme --- README.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index aaa57bb..2f7e154 100644 --- a/README.md +++ b/README.md @@ -71,9 +71,9 @@ The following configuration is needed only if you want to send outgoing emails v Example ```bash -$ dig txt _dmarc.DOMAIN +$ dig txt _dmarc.example.com -; <<>> DiG 9.18.6 <<>> txt _dmarc.DOMAIN +; <<>> DiG 9.18.6 <<>> txt _dmarc.example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57306 @@ -82,10 +82,10 @@ $ dig txt _dmarc.DOMAIN ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: -;_dmarc.DOMAIN. IN TXT +;_dmarc.example.com. IN TXT ;; ANSWER SECTION: -_dmarc.DOMAIN. 1799 IN TXT "v=DMARC1; p=quarantine;" +_dmarc.example.com. 1799 IN TXT "v=DMARC1; p=quarantine;" ;; Query time: 46 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) @@ -101,9 +101,9 @@ _dmarc.DOMAIN. 1799 IN TXT "v=DMARC1; p=quarantine;" Example ```bash -$ dig txt DOMAIN +$ dig txt example.com -; <<>> DiG 9.18.6 <<>> txt DOMAIN +; <<>> DiG 9.18.6 <<>> txt example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24796 @@ -112,10 +112,10 @@ $ dig txt DOMAIN ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: -;DOMAIN. IN TXT +;example.com. IN TXT ;; ANSWER SECTION: -DOMAIN. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all" +example.com. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all" ;; Query time: 36 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) @@ -132,9 +132,9 @@ Looks odd, but some mail servers will refuse to interact with your mail server ( Example ```bash -dig MX DOMAIN +dig MX example.com -; <<>> DiG 9.18.6 <<>> MX DOMAIN +; <<>> DiG 9.18.6 <<>> MX example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12688 @@ -143,10 +143,10 @@ dig MX DOMAIN ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: -;DOMAIN. IN MX +;example.com. IN MX ;; ANSWER SECTION: -DOMAIN. 1799 IN MX 10 DOMAIN. +example.com. 1799 IN MX 10 example.com. ;; Query time: 40 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) @@ -179,9 +179,9 @@ Without that record other email servers may reject your emails as spam, kupo. Example ```bash -$ dig TXT postmoogle._domainkey.DOMAIN +$ dig TXT postmoogle._domainkey.example.com -; <<>> DiG 9.18.6 <<>> TXT postmoogle._domainkey.DOMAIN +; <<>> DiG 9.18.6 <<>> TXT postmoogle._domainkey.example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59014 @@ -190,10 +190,10 @@ $ dig TXT postmoogle._domainkey.DOMAIN ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: -;postmoogle._domainkey.DOMAIN. IN TXT +;postmoogle._domainkey.example.com. IN TXT ;; ANSWER SECTION: -postmoogle._domainkey.DOMAIN. 600 IN TXT "v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw=" +postmoogle._domainkey.example.com. 600 IN TXT "v=DKIM1; k=ed25519; p=OcVzOwAONDfgbJX/5vwzlXOs9gUDO0YKlXHaDnBJtXw=" ;; Query time: 90 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) From d4b6c7bd1fd6a246ca447c559952b3e19dfa2e38 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:55:27 +0000 Subject: [PATCH 24/26] Apply 1 suggestion(s) to 1 file(s) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2f7e154..3ea2758 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ You can find default values in [config/defaults.go](config/defaults.go) The following configuration is needed only if you want to send outgoing emails via Postmoogle (it's not necessary if you only want to receive emails). -**First**, add new DMARC DNS record of `TXT` type for subdomain `_dmarc` with a proper policy, the easiest one is: `v=DMARC1; p=quarantine;`. +**First**, add a new DMARC DNS record of the `TXT` type for subdomain `_dmarc` with a proper policy. The simplest policy you can use is: `v=DMARC1; p=quarantine;`.
Example From c4e136674a8af36c3be29d479060f4699bd26b93 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:55:38 +0000 Subject: [PATCH 25/26] Apply 1 suggestion(s) to 1 file(s) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3ea2758..100495a 100644 --- a/README.md +++ b/README.md @@ -95,7 +95,7 @@ _dmarc.example.com. 1799 IN TXT "v=DMARC1; p=quarantine;"
-**Second**, add new SPF DNS record of `TXT` type for your domain that will be used with postmoogle, with format: `v=spf1 ip4:SERVER_IP -all` +**Second**, add a new SPF DNS record of the `TXT` type for your domain that will be used with Postmoogle, with format: `v=spf1 ip4:SERVER_IP -all` (replace `SERVER_IP` with your server's IP address)
Example From 8823867ba56817834ecc4ec6fdd40348c1ff6afd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 19:55:46 +0000 Subject: [PATCH 26/26] Apply 1 suggestion(s) to 1 file(s) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 100495a..ec74e8e 100644 --- a/README.md +++ b/README.md @@ -125,7 +125,7 @@ example.com. 1799 IN TXT "v=spf1 ip4:111.111.111.111 -all"
-**Third**, add new MX DNS record of `MX` type for your domain that will be used with postmoogle, it should point to the same (sub-)domain. +**Third**, add a new MX DNS record of the `MX` type for your domain that will be used with postmoogle. It should point to the same (sub-)domain. Looks odd, but some mail servers will refuse to interact with your mail server (and Postmoogle is already a mail server) without MX records.