adjust base image

spamlist wildcards

See merge request etke.cc/postmoogle!35

.gitlab-ci.yml

@@ -4,13 +4,13 @@ stages:
 
 lint:
   stage: test
-  image: registry.gitlab.com/etke.cc/base
+  image: registry.gitlab.com/etke.cc/base/build
   script:
     - make lint
 
 unit:
   stage: test
-  image: registry.gitlab.com/etke.cc/base
+  image: registry.gitlab.com/etke.cc/base/build
   script:
     - make test
 

.golangci.yml

@@ -1,6 +1,6 @@
 run:
   concurrency: 4
-  timeout: 5m
+  timeout: 30m
   issues-exit-code: 1
   tests: true
   build-tags: []

Dockerfile

@@ -1,20 +1,16 @@
-FROM registry.gitlab.com/etke.cc/base AS builder
+FROM registry.gitlab.com/etke.cc/base/build AS builder
 
 WORKDIR /postmoogle
 COPY . .
 RUN make build
 
-FROM alpine:latest
+FROM registry.gitlab.com/etke.cc/base/app
 
 ENV POSTMOOGLE_DB_DSN /data/postmoogle.db
 
-RUN apk --no-cache add ca-certificates tzdata olm && \
-    adduser -D -g '' postmoogle && \
-    mkdir /data && chown -R postmoogle /data
-
 COPY --from=builder /postmoogle/postmoogle /bin/postmoogle
 
-USER postmoogle
+USER app
 
 ENTRYPOINT ["/bin/postmoogle"]
 

Makefile

@@ -50,4 +50,4 @@ login:
 # docker build
 docker:
 	docker buildx create --use
-	docker buildx build --platform linux/arm/v7,linux/arm64/v8,linux/amd64 --push -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} .
+	docker buildx build --platform linux/arm64/v8,linux/amd64 --push -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} .

README.md

@@ -33,7 +33,7 @@ so you can use it to send emails from your apps and scripts as well.
 
 - [x] SMTP client
 - [x] SMTP server (you can use Postmoogle as general purpose SMTP server to send emails from your scripts or apps)
-- [x] Send a message to matrix room with special format to send a new email
+- [x] Send a message to matrix room with special format to send a new email, even to multiple email addresses at once
 - [ ] Reply to matrix thread sends reply into email thread
 
 ## Configuration
@@ -246,6 +246,7 @@ If you want to change them - check available options in the help message (`!pm h
 ---
 
 * **!pm nosender** - Get or set `nosender` of the room (`true` - hide email sender; `false` - show email sender)
+* **!pm norecipient** - Get or set `norecipient` of the room (`true` - hide recipient; `false` - show recipient)
 * **!pm nosubject** - Get or set `nosubject` of the room (`true` - hide email subject; `false` - show email subject)
 * **!pm nohtml** - Get or set `nohtml` of the room (`true` - ignore HTML in email; `false` - parse HTML in emails)
 * **!pm nothreads** - Get or set `nothreads` of the room (`true` - ignore email threads; `false` - convert email threads into matrix threads)
@@ -253,6 +254,12 @@ If you want to change them - check available options in the help message (`!pm h
 
 ---
 
+* **!pm spamcheck:mx** - only accept email from servers which seem prepared to receive it (those having valid MX records) (`true` - enable, `false` - disable)
+* **!pm spamcheck:smtp** - only accept email from servers which seem prepared to receive it (those listening on an SMTP port) (`true` - enable, `false` - disable)
+* **!pm spamlist** - Get or set `spamlist` of the room (comma-separated list), eg: `spammer@example.com,*@spammer.org,noreply@*`
+
+---
+
 * **!pm dkim** - Get DKIM signature
 * **!pm catch-all** - Configure catch-all mailbox
 * **!pm users** - Get or set allowed users patterns

bot/access.go

@@ -5,6 +5,7 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/getsentry/sentry-go"
 	"github.com/raja/argon2pw"
 	"gitlab.com/etke.cc/go/mxidwc"
 	"maunium.net/go/mautrix/id"
@@ -40,7 +41,7 @@ func (b *Bot) allowOwner(actorID id.UserID, targetRoomID id.RoomID) bool {
 	}
 	cfg, err := b.getRoomSettings(targetRoomID)
 	if err != nil {
-		b.Error(context.Background(), targetRoomID, "failed to retrieve settings: %v", err)
+		b.Error(sentry.SetHubOnContext(context.Background(), sentry.CurrentHub()), targetRoomID, "failed to retrieve settings: %v", err)
 		return false
 	}
 
@@ -63,7 +64,7 @@ func (b *Bot) allowSend(actorID id.UserID, targetRoomID id.RoomID) bool {
 
 	cfg, err := b.getRoomSettings(targetRoomID)
 	if err != nil {
-		b.Error(context.Background(), targetRoomID, "failed to retrieve settings: %v", err)
+		b.Error(sentry.SetHubOnContext(context.Background(), sentry.CurrentHub()), targetRoomID, "failed to retrieve settings: %v", err)
 		return false
 	}
 

bot/bot.go

@@ -73,7 +73,9 @@ func (b *Bot) Error(ctx context.Context, roomID id.RoomID, message string, args
 	b.log.Error(message, args...)
 	err := fmt.Errorf(message, args...)
 
-	sentry.GetHubFromContext(ctx).CaptureException(err)
+	if hub := sentry.GetHubFromContext(ctx); hub != nil {
+		sentry.GetHubFromContext(ctx).CaptureException(err)
+	}
 	if roomID != "" {
 		b.SendError(ctx, roomID, err.Error())
 	}

bot/command.go

@@ -98,6 +98,15 @@ func (b *Bot) initCommands() commandList {
 			sanitizer: utils.SanitizeBoolString,
 			allowed:   b.allowOwner,
 		},
+		{
+			key: roomOptionNoRecipient,
+			description: fmt.Sprintf(
+				"Get or set `%s` of the room (`true` - hide recipient; `false` - show recipient)",
+				roomOptionNoRecipient,
+			),
+			sanitizer: utils.SanitizeBoolString,
+			allowed:   b.allowOwner,
+		},
 		{
 			key: roomOptionNoSubject,
 			description: fmt.Sprintf(
@@ -134,6 +143,28 @@ func (b *Bot) initCommands() commandList {
 			sanitizer: utils.SanitizeBoolString,
 			allowed:   b.allowOwner,
 		},
+		{allowed: b.allowOwner}, // delimiter
+		{
+			key:         roomOptionSpamcheckMX,
+			description: "only accept email from servers which seem prepared to receive it (those having valid MX records) (`true` - enable, `false` - disable)",
+			sanitizer:   utils.SanitizeBoolString,
+			allowed:     b.allowOwner,
+		},
+		{
+			key:         roomOptionSpamcheckSMTP,
+			description: "only accept email from servers which seem prepared to receive it (those listening on an SMTP port) (`true` - enable, `false` - disable)",
+			sanitizer:   utils.SanitizeBoolString,
+			allowed:     b.allowOwner,
+		},
+		{
+			key: roomOptionSpamlist,
+			description: fmt.Sprintf(
+				"Get or set `%s` of the room (comma-separated list), eg: `spammer@example.com,*@spammer.org,spam@*`",
+				roomOptionSpamlist,
+			),
+			sanitizer: utils.SanitizeStringSlice,
+			allowed:   b.allowOwner,
+		},
 		{allowed: b.allowAdmin}, // delimiter
 		{
 			key:         botOptionUsers,
@@ -306,11 +337,6 @@ func (b *Bot) runSend(ctx context.Context) {
 		return
 	}
 
-	if !utils.AddressValid(to) {
-		b.Error(ctx, evt.RoomID, "email address is not valid")
-		return
-	}
-
 	cfg, err := b.getRoomSettings(evt.RoomID)
 	if err != nil {
 		b.Error(ctx, evt.RoomID, "failed to retrieve room settings: %v", err)
@@ -323,16 +349,29 @@ func (b *Bot) runSend(ctx context.Context) {
 		return
 	}
 
-	from := mailbox + "@" + b.domain
-	ID := fmt.Sprintf("<%s@%s>", evt.ID, b.domain)
-	data := utils.
-		NewEmail(ID, "", subject, from, to, body, "", nil).
-		Compose(b.getBotSettings().DKIMPrivateKey())
-	err = b.mta.Send(from, to, data)
-	if err != nil {
-		b.Error(ctx, evt.RoomID, "cannot send email: %v", err)
-		return
+	tos := strings.Split(to, ",")
+	// validate first
+	for _, to := range tos {
+		if !utils.AddressValid(to) {
+			b.Error(ctx, evt.RoomID, "email address is not valid")
+			return
+		}
 	}
 
-	b.SendNotice(ctx, evt.RoomID, "Email has been sent")
+	from := mailbox + "@" + b.domain
+	ID := fmt.Sprintf("<%s@%s>", evt.ID, b.domain)
+	for _, to := range tos {
+		data := utils.
+			NewEmail(ID, "", subject, from, to, body, "", nil).
+			Compose(b.getBotSettings().DKIMPrivateKey())
+		err = b.mta.Send(from, to, data)
+		if err != nil {
+			b.Error(ctx, evt.RoomID, "cannot send email to %s: %v", to, err)
+		} else {
+			b.SendNotice(ctx, evt.RoomID, "Email has been sent to "+to)
+		}
+	}
+	if len(tos) > 1 {
+		b.SendNotice(ctx, evt.RoomID, "All emails were sent.")
+	}
 }

bot/command_owner.go

@@ -83,7 +83,7 @@ func (b *Bot) setOption(ctx context.Context, name, value string) {
 
 	evt := eventFromContext(ctx)
 	if name == roomOptionMailbox {
-		existingID, ok := b.GetMapping(value)
+		existingID, ok := b.getMapping(value)
 		if ok && existingID != "" && existingID != evt.RoomID {
 			b.SendNotice(ctx, evt.RoomID, fmt.Sprintf("Mailbox `%s@%s` already taken, kupo", value, b.domain))
 			return

bot/data.go

@@ -39,9 +39,9 @@ func (b *Bot) syncRooms() error {
 	for _, roomID := range resp.JoinedRooms {
 		cfg, serr := b.getRoomSettings(roomID)
 		if serr != nil {
-			b.log.Warn("cannot get %s settings: %v", roomID, err)
 			continue
 		}
+		b.migrateRoomSettings(roomID)
 		mailbox := cfg.Mailbox()
 		if mailbox != "" {
 			b.rooms.Store(mailbox, roomID)

bot/email.go

@@ -59,6 +59,17 @@ func (b *Bot) GetMapping(mailbox string) (id.RoomID, bool) {
 	return roomID, ok
 }
 
+// GetIFOptions returns incoming email filtering options (room settings)
+func (b *Bot) GetIFOptions(roomID id.RoomID) utils.IncomingFilteringOptions {
+	cfg, err := b.getRoomSettings(roomID)
+	if err != nil {
+		b.log.Error("cannot retrieve room settings: %v", err)
+		return roomSettings{}
+	}
+
+	return cfg
+}
+
 // Send email to matrix room
 func (b *Bot) Send2Matrix(ctx context.Context, email *utils.Email, incoming bool) error {
 	roomID, ok := b.GetMapping(email.Mailbox(incoming))
@@ -189,7 +200,9 @@ func (b *Bot) sendFiles(ctx context.Context, roomID id.RoomID, files []*utils.Fi
 	for _, file := range files {
 		req := file.Convert()
 		err := b.lp.SendFile(roomID, req, file.MsgType, utils.RelatesTo(!noThreads, parentID))
-		b.Error(ctx, roomID, "cannot upload file %s: %v", req.FileName, err)
+		if err != nil {
+			b.Error(ctx, roomID, "cannot upload file %s: %v", req.FileName, err)
+		}
 	}
 }
 

bot/settings_bot.go

@@ -78,6 +78,9 @@ func (b *Bot) getBotSettings() botSettings {
 	if err != nil {
 		b.log.Error("cannot get bot settings: %v", utils.UnwrapError(err))
 	}
+	if config == nil {
+		config = map[string]string{}
+	}
 
 	return config
 }

bot/settings_room.go

@@ -13,15 +13,19 @@ const acRoomSettingsKey = "cc.etke.postmoogle.settings"
 
 // option keys
 const (
-	roomOptionOwner     = "owner"
-	roomOptionMailbox   = "mailbox"
-	roomOptionNoSend    = "nosend"
-	roomOptionNoSender  = "nosender"
-	roomOptionNoSubject = "nosubject"
-	roomOptionNoHTML    = "nohtml"
-	roomOptionNoThreads = "nothreads"
-	roomOptionNoFiles   = "nofiles"
-	roomOptionPassword  = "password"
+	roomOptionOwner         = "owner"
+	roomOptionMailbox       = "mailbox"
+	roomOptionNoSend        = "nosend"
+	roomOptionNoSender      = "nosender"
+	roomOptionNoRecipient   = "norecipient"
+	roomOptionNoSubject     = "nosubject"
+	roomOptionNoHTML        = "nohtml"
+	roomOptionNoThreads     = "nothreads"
+	roomOptionNoFiles       = "nofiles"
+	roomOptionPassword      = "password"
+	roomOptionSpamcheckSMTP = "spamcheck:smtp"
+	roomOptionSpamcheckMX   = "spamcheck:mx"
+	roomOptionSpamlist      = "spamlist"
 )
 
 type roomSettings map[string]string
@@ -56,6 +60,10 @@ func (s roomSettings) NoSender() bool {
 	return utils.Bool(s.Get(roomOptionNoSender))
 }
 
+func (s roomSettings) NoRecipient() bool {
+	return utils.Bool(s.Get(roomOptionNoRecipient))
+}
+
 func (s roomSettings) NoSubject() bool {
 	return utils.Bool(s.Get(roomOptionNoSubject))
 }
@@ -72,13 +80,71 @@ func (s roomSettings) NoFiles() bool {
 	return utils.Bool(s.Get(roomOptionNoFiles))
 }
 
+func (s roomSettings) SpamcheckSMTP() bool {
+	return utils.Bool(s.Get(roomOptionSpamcheckSMTP))
+}
+
+func (s roomSettings) SpamcheckMX() bool {
+	return utils.Bool(s.Get(roomOptionSpamcheckMX))
+}
+
+func (s roomSettings) Spamlist() []string {
+	return utils.StringSlice(s.Get(roomOptionSpamlist))
+}
+
+func (s roomSettings) migrateSpamlistSettings() {
+	uniq := map[string]struct{}{}
+	emails := utils.StringSlice(s.Get("spamlist:emails"))
+	localparts := utils.StringSlice(s.Get("spamlist:localparts"))
+	hosts := utils.StringSlice(s.Get("spamlist:hosts"))
+	list := utils.StringSlice(s.Get(roomOptionSpamlist))
+	delete(s, "spamlist:emails")
+	delete(s, "spamlist:localparts")
+	delete(s, "spamlist:hosts")
+
+	for _, email := range emails {
+		if email == "" {
+			continue
+		}
+		uniq[email] = struct{}{}
+	}
+
+	for _, localpart := range localparts {
+		if localpart == "" {
+			continue
+		}
+		uniq[localpart+"@*"] = struct{}{}
+	}
+
+	for _, host := range hosts {
+		if host == "" {
+			continue
+		}
+		uniq["*@"+host] = struct{}{}
+	}
+
+	for _, item := range list {
+		if item == "" {
+			continue
+		}
+		uniq[item] = struct{}{}
+	}
+
+	spamlist := make([]string, 0, len(uniq))
+	for item := range uniq {
+		spamlist = append(spamlist, item)
+	}
+	s.Set(roomOptionSpamlist, strings.Join(spamlist, ","))
+}
+
 // ContentOptions converts room display settings to content options
 func (s roomSettings) ContentOptions() *utils.ContentOptions {
 	return &utils.ContentOptions{
-		HTML:    !s.NoHTML(),
-		Sender:  !s.NoSender(),
-		Subject: !s.NoSubject(),
-		Threads: !s.NoThreads(),
+		HTML:      !s.NoHTML(),
+		Sender:    !s.NoSender(),
+		Recipient: !s.NoRecipient(),
+		Subject:   !s.NoSubject(),
+		Threads:   !s.NoThreads(),
 
 		FromKey:      eventFromKey,
 		SubjectKey:   eventSubjectKey,
@@ -89,9 +155,30 @@ func (s roomSettings) ContentOptions() *utils.ContentOptions {
 
 func (b *Bot) getRoomSettings(roomID id.RoomID) (roomSettings, error) {
 	config, err := b.lp.GetRoomAccountData(roomID, acRoomSettingsKey)
+	if config == nil {
+		config = map[string]string{}
+	}
+
 	return config, utils.UnwrapError(err)
 }
 
 func (b *Bot) setRoomSettings(roomID id.RoomID, cfg roomSettings) error {
 	return utils.UnwrapError(b.lp.SetRoomAccountData(roomID, acRoomSettingsKey, cfg))
 }
+
+func (b *Bot) migrateRoomSettings(roomID id.RoomID) {
+	cfg, err := b.getRoomSettings(roomID)
+	if err != nil {
+		b.log.Error("cannot retrieve room settings: %v", err)
+		return
+	}
+
+	if cfg["spamlist:emails"] == "" && cfg["spamlist:localparts"] == "" && cfg["spamlist:hosts"] == "" {
+		return
+	}
+	cfg.migrateSpamlistSettings()
+	err = b.setRoomSettings(roomID, cfg)
+	if err != nil {
+		b.log.Error("cannot migrate room settings: %v", err)
+	}
+}

go.mod

@@ -11,7 +11,7 @@ require (
 	github.com/gabriel-vasile/mimetype v1.4.1
 	github.com/getsentry/sentry-go v0.13.0
 	github.com/jhillyerd/enmime v0.10.0
-	github.com/lib/pq v1.10.6
+	github.com/lib/pq v1.10.7
 	github.com/mattn/go-sqlite3 v1.14.15
 	github.com/raja/argon2pw v1.0.2-0.20210910183755-a391af63bd39
 	gitlab.com/etke.cc/go/env v1.0.0
@@ -19,9 +19,10 @@ require (
 	gitlab.com/etke.cc/go/mxidwc v1.0.0
 	gitlab.com/etke.cc/go/secgen v1.1.1
 	gitlab.com/etke.cc/go/trysmtp v1.0.0
-	gitlab.com/etke.cc/linkpearl v0.0.0-20221002171411-bb783f7e50f0
-	golang.org/x/net v0.0.0-20221002022538-bcab6841153b
-	maunium.net/go/mautrix v0.12.1
+	gitlab.com/etke.cc/go/validator v1.0.2
+	gitlab.com/etke.cc/linkpearl v0.0.0-20221012104738-a977907db8b9
+	golang.org/x/net v0.0.0-20221014081412-f15817d10f9b
+	maunium.net/go/mautrix v0.12.2
 )
 
 require (
@@ -45,9 +46,9 @@ require (
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
-	github.com/yuin/goldmark v1.4.13 // indirect
-	golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be // indirect
-	golang.org/x/sys v0.0.0-20220928140112-f11e5e49a4ec // indirect
+	github.com/yuin/goldmark v1.5.2 // indirect
+	golang.org/x/crypto v0.0.0-20221012134737-56aed061732a // indirect
+	golang.org/x/sys v0.0.0-20221013171732-95e765b1cc43 // indirect
 	golang.org/x/text v0.3.7 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	maunium.net/go/maulogger/v2 v2.3.2 // indirect

go.sum

@@ -38,8 +38,8 @@ github.com/jaytaylor/html2text v0.0.0-20200412013138-3577fbdbcff7 h1:g0fAGBisHaE
 github.com/jaytaylor/html2text v0.0.0-20200412013138-3577fbdbcff7/go.mod h1:CVKlgaMiht+LXvHG173ujK6JUhZXKb2u/BQtjPDIvyk=
 github.com/jhillyerd/enmime v0.10.0 h1:DZEzhptPRBesvN3gf7K1BOh4rfpqdsdrEoxW1Edr/3s=
 github.com/jhillyerd/enmime v0.10.0/go.mod h1:Qpe8EEemJMFAF8+NZoWdpXvK2Yb9dRF0k/z6mkcDHsA=
-github.com/lib/pq v1.10.6 h1:jbk+ZieJ0D7EVGJYpL9QTz7/YW6UHbmdnZWYyK5cdBs=
-github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw=
+github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/martinlindhe/base36 v1.0.0/go.mod h1:+AtEs8xrBpCeYgSLoY/aJ6Wf37jtBuR0s35750M27+8=
 github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
@@ -85,8 +85,8 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
 github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
 github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
-github.com/yuin/goldmark v1.4.13 h1:fVcFKWvrslecOb/tg+Cc05dkeYx540o0FuFt3nUVDoE=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/yuin/goldmark v1.5.2 h1:ALmeCk/px5FSm1MAcFBAsVKZjDuMVj8Tm7FFIlMJnqU=
+github.com/yuin/goldmark v1.5.2/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 gitlab.com/etke.cc/go/env v1.0.0 h1:J98BwzOuELnjsVPFvz5wa79L7IoRV9CmrS41xLYXtSw=
 gitlab.com/etke.cc/go/env v1.0.0/go.mod h1:e1l4RM5MA1sc0R1w/RBDAESWRwgo5cOG9gx8BKUn2C4=
 gitlab.com/etke.cc/go/logger v1.1.0 h1:Yngp/DDLmJ0jJNLvLXrfan5Gi5QV+r7z6kCczTv8t4U=
@@ -97,16 +97,18 @@ gitlab.com/etke.cc/go/secgen v1.1.1 h1:RmKOki725HIhWJHzPtAc9X4YvBneczndchpMgoDkE
 gitlab.com/etke.cc/go/secgen v1.1.1/go.mod h1:3pJqRGeWApzx7qXjABqz2o2SMCNpKSZao/gXVdasqE8=
 gitlab.com/etke.cc/go/trysmtp v1.0.0 h1:f/7gSmzohKniVeLSLevI+ZsySYcPUGkT9cRlOTwjOr8=
 gitlab.com/etke.cc/go/trysmtp v1.0.0/go.mod h1:KqRuIB2IPElEEbAxXmFyKtm7S5YiuEb4lxwWthccqyE=
-gitlab.com/etke.cc/linkpearl v0.0.0-20221002171411-bb783f7e50f0 h1:B5YV62XKsLb9sCu9jW4Pnc5HDNRzdR1FswtRBMw1sR0=
-gitlab.com/etke.cc/linkpearl v0.0.0-20221002171411-bb783f7e50f0/go.mod h1:hjn0SVswej+Jo3+MycLm+lTsAVFy047Df+adX6MoXoE=
+gitlab.com/etke.cc/go/validator v1.0.2 h1:7iVHG9sh1Hz6YcNT+tTLDm60B2PVSz6eh9nh6KOx7LI=
+gitlab.com/etke.cc/go/validator v1.0.2/go.mod h1:3vdssRG4LwgdTr9IHz9MjGSEO+3/FO9hXPGMuSeweJ8=
+gitlab.com/etke.cc/linkpearl v0.0.0-20221012104738-a977907db8b9 h1:CJyYRf4KGmaFJDBJS5NXkt9v5ICi/AHrJIIOinQD/os=
+gitlab.com/etke.cc/linkpearl v0.0.0-20221012104738-a977907db8b9/go.mod h1:HkUHUkhbkDueEJVc7h/zBfz2hjhl4xxjQKv9Itrdf9k=
 golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be h1:fmw3UbQh+nxngCAHrDCCztao/kbYFnWjoqop8dHx05A=
-golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20221012134737-56aed061732a h1:NmSIgad6KjE6VvHciPZuNRTKxGhlPfD6OA87W/PLkqg=
+golang.org/x/crypto v0.0.0-20221012134737-56aed061732a/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/net v0.0.0-20210501142056-aec3718b3fa0/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.0.0-20221002022538-bcab6841153b h1:6e93nYa3hNqAvLr0pD4PN1fFS+gKzp2zAXqrnTCstqU=
-golang.org/x/net v0.0.0-20221002022538-bcab6841153b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
+golang.org/x/net v0.0.0-20221014081412-f15817d10f9b h1:tvrvnPFcdzp294diPnrdZZZ8XUt2Tyj7svb7X52iDuU=
+golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -114,8 +116,8 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220928140112-f11e5e49a4ec h1:BkDtF2Ih9xZ7le9ndzTA7KJow28VbQW3odyk/8drmuI=
-golang.org/x/sys v0.0.0-20220928140112-f11e5e49a4ec/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20221013171732-95e765b1cc43 h1:OK7RB6t2WQX54srQQYSXMW8dF5C6/8+oA/s5QBmmto4=
+golang.org/x/sys v0.0.0-20221013171732-95e765b1cc43/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -131,5 +133,5 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 maunium.net/go/maulogger/v2 v2.3.2 h1:1XmIYmMd3PoQfp9J+PaHhpt80zpfmMqaShzUTC7FwY0=
 maunium.net/go/maulogger/v2 v2.3.2/go.mod h1:TYWy7wKwz/tIXTpsx8G3mZseIRiC5DoMxSZazOHy68A=
-maunium.net/go/mautrix v0.12.1 h1:MLfkWkpRIgUn7lueDSlPwYOeIuGF+NrAHW0hInIuVAw=
-maunium.net/go/mautrix v0.12.1/go.mod h1:/jxQFIipObSsjZPH6o3xyUi8uoULz3Hfr/8p9loqpYE=
+maunium.net/go/mautrix v0.12.2 h1:HuIDgigR6VY2QUPyZADCwn8UZWYAqi31a77qd1jMPA4=
+maunium.net/go/mautrix v0.12.2/go.mod h1:bCw45Qx/m9qsz7eazmbe7Rzq5ZbTPzwRE1UgX2S9DXs=

smtp/msasession.go

@@ -9,6 +9,7 @@ import (
 	"github.com/getsentry/sentry-go"
 	"github.com/jhillyerd/enmime"
 	"gitlab.com/etke.cc/go/logger"
+	"gitlab.com/etke.cc/go/validator"
 
 	"gitlab.com/etke.cc/postmoogle/utils"
 )
@@ -43,6 +44,7 @@ func (s *msasession) Mail(from string, opts smtp.MailOptions) error {
 
 func (s *msasession) Rcpt(to string) error {
 	sentry.GetHubFromContext(s.ctx).Scope().SetTag("to", to)
+	s.to = to
 
 	if s.incoming {
 		if utils.Hostname(to) != s.domain {
@@ -50,14 +52,18 @@ func (s *msasession) Rcpt(to string) error {
 			return smtp.ErrAuthRequired
 		}
 
-		_, ok := s.bot.GetMapping(utils.Mailbox(to))
+		roomID, ok := s.bot.GetMapping(utils.Mailbox(to))
 		if !ok {
 			s.log.Debug("mapping for %s not found", to)
 			return smtp.ErrAuthRequired
 		}
+
+		validations := s.bot.GetIFOptions(roomID)
+		if !s.validate(validations) {
+			return smtp.ErrAuthRequired
+		}
 	}
 
-	s.to = to
 	s.log.Debug("mail to %s", to)
 	return nil
 }
@@ -75,6 +81,17 @@ func (s *msasession) parseAttachments(parts []*enmime.Part) []*utils.File {
 	return files
 }
 
+func (s *msasession) validate(options utils.IncomingFilteringOptions) bool {
+	enforce := validator.Enforce{
+		Email: true,
+		MX:    options.SpamcheckMX(),
+		SMTP:  options.SpamcheckMX(),
+	}
+	v := validator.New(options.Spamlist(), enforce, s.to, s.log)
+
+	return v.Email(s.from)
+}
+
 func (s *msasession) Data(r io.Reader) error {
 	parser := enmime.NewParser()
 	eml, err := parser.ReadEnvelope(r)

smtp/mta.go

@@ -16,6 +16,7 @@ import (
 type Bot interface {
 	AllowAuth(string, string) bool
 	GetMapping(string) (id.RoomID, bool)
+	GetIFOptions(id.RoomID) utils.IncomingFilteringOptions
 	Send2Matrix(ctx context.Context, email *utils.Email, incoming bool) error
 	SetMTA(mta utils.MTA)
 }

utils/email.go

@@ -19,6 +19,13 @@ type MTA interface {
 	Send(from, to, data string) error
 }
 
+// IncomingFilteringOptions for incoming mail
+type IncomingFilteringOptions interface {
+	SpamcheckSMTP() bool
+	SpamcheckMX() bool
+	Spamlist() []string
+}
+
 // Email object
 type Email struct {
 	Date      string
@@ -35,10 +42,11 @@ type Email struct {
 // ContentOptions represents settings that specify how an email is to be converted to a Matrix message
 type ContentOptions struct {
 	// On/Off
-	Sender  bool
-	Subject bool
-	HTML    bool
-	Threads bool
+	Sender    bool
+	Recipient bool
+	Subject   bool
+	HTML      bool
+	Threads   bool
 
 	// Keys
 	MessageIDKey string
@@ -92,7 +100,12 @@ func (e *Email) Content(threadID id.EventID, options *ContentOptions) *event.Con
 	if options.Sender {
 		text.WriteString("From: ")
 		text.WriteString(e.From)
-		text.WriteString("\n\n")
+		text.WriteString("\n")
+	}
+	if options.Recipient {
+		text.WriteString("To: ")
+		text.WriteString(e.To)
+		text.WriteString("\n")
 	}
 	if options.Subject {
 		text.WriteString("# ")

utils/utils.go

@@ -33,3 +33,31 @@ func Bool(str string) bool {
 func SanitizeBoolString(str string) string {
 	return strconv.FormatBool(Bool(str))
 }
+
+// StringSlice converts comma-separated string to slice
+func StringSlice(str string) []string {
+	if str == "" {
+		return nil
+	}
+
+	str = strings.TrimSpace(str)
+	if strings.IndexByte(str, ',') == -1 {
+		return []string{str}
+	}
+
+	return strings.Split(str, ",")
+}
+
+// SanitizeBoolString converts string to slice and back to string
+func SanitizeStringSlice(str string) string {
+	parts := StringSlice(str)
+	if len(parts) == 0 {
+		return str
+	}
+
+	for i, part := range parts {
+		parts[i] = strings.TrimSpace(part)
+	}
+
+	return strings.Join(parts, ",")
+}