Refactor the postfix views and implement sender checks

2025-09-16 09:06:32 +02:00 · 2018-10-07 16:24:48 +02:00
parent 8b189ed145
commit 508e519a34
2 changed files with 42 additions and 35 deletions
--- a/core/admin/mailu/internal/views/postfix.py
+++ b/core/admin/mailu/internal/views/postfix.py
@@ -18,37 +18,32 @@ def postfix_mailbox_map(email):

@internal.route("/postfix/alias/<alias>")
 def postfix_alias_map(alias):
-    localpart, domain = alias.split('@', 1) if '@' in alias else (None, alias)
-    alternative = models.Alternative.query.get(domain)
-    if alternative:
-        domain = alternative.domain_name
-    email = '{}@{}'.format(localpart, domain)
+    localpart, domain_name = models.Email.resolve_domain(alias)
    if localpart is None:
-        return flask.jsonify(domain)
-    else:
-        alias_obj = models.Alias.resolve(localpart, domain)
-        if alias_obj:
-            return flask.jsonify(",".join(alias_obj.destination))
-        user_obj = models.User.query.get(email)
-        if user_obj:
-            return flask.jsonify(user_obj.destination)
-        return flask.abort(404)
+        return flask.jsonify(domain_name)
+    destination = models.Email.resolve_destination(localpart, domain_name)
+    return flask.jsonify(",".join(destination)) if destination else flask.abort(404)


@internal.route("/postfix/transport/<email>")
 def postfix_transport(email):
-    localpart, domain = email.split('@', 1) if '@' in email else (None, email)
-    relay = models.Relay.query.get(domain) or flask.abort(404)
+    localpart, domain = models.Email.resolve_domain(email)
+    relay = models.Relay.query.get(domain_name) or flask.abort(404)
    return flask.jsonify("smtp:[{}]".format(relay.smtp))


-@internal.route("/postfix/sender/<sender>")
-def postfix_sender(sender):
+@internal.route("/postfix/sender/login/<sender>")
+def postfix_sender_login(sender):
+    localpart, domain_name = models.Email.resolve_domain(sender)
+    if localpart is None:
+        return flask.abort(404)
+    destination = models.Email.resolve_destination(localpart, domain_name, True)
+    return flask.jsonify(",".join(destination)) if destination else flask.abort(404)
+
+
+@internal.route("/postfix/sender/access/<sender>")
+def postfix_sender_access(sender):
    """ Simply reject any sender that pretends to be from a local domain
    """
-    localpart, domain_name = sender.split('@', 1) if '@' in sender else (None, sender)
-    domain = models.Domain.query.get(domain_name)
-    alternative = models.Alternative.query.get(domain_name)
-    if domain or alternative:
-        return flask.jsonify("REJECT")
-    return flask.abort(404)
+    localpart, domain_name = models.Email.resolve_domain(sender)
+    return flask.jsonify("REJECT") if models.Domain.query.get(domain_name) else flask.abort(404)
--- a/core/admin/mailu/models.py
+++ b/core/admin/mailu/models.py
@@ -221,6 +221,28 @@ class Email(object):
            msg['To'] = to_address
            smtp.sendmail(from_address, [to_address], msg.as_string())

+    @classmethod
+    def resolve_domain(cls, email):
+        localpart, domain_name = email.split('@', 1) if '@' in email else (None, email)
+        alternative = models.Alternative.query.get(domain_name)
+        if alternative:
+            domain_name = alternative.domain_name
+        return (localpart, domain_name)
+
+    @classmethod
+    def resolve_destination(cls, localpart, domain_name, ignore_forward_keep=False):
+        alias = models.Alias.resolve(localpart, domain_name)
+        if alias:
+            return alias.destination
+        user = models.User.query.get('{}@{}'.format(localpart, domain_name))
+        if user:
+            if user.forward_enabled:
+                destination = user.forward_destination
+                if user.forward_keep or ignore_forward_keep:
+                    destination.append(user.email)
+            else:
+                destination = [user.email]
+            return destination

    def __str__(self):
        return self.email
@@ -245,7 +267,7 @@ class User(Base, Email):

    # Filters
    forward_enabled = db.Column(db.Boolean(), nullable=False, default=False)
-    forward_destination = db.Column(db.String(255), nullable=True, default=None)
+    forward_destination = db.Column(CommaSeparatedList(), nullable=True, default=None)
    forward_keep = db.Column(db.Boolean(), nullable=False, default=True)
    reply_enabled = db.Column(db.Boolean(), nullable=False, default=False)
    reply_subject = db.Column(db.String(255), nullable=True, default=None)
@@ -266,16 +288,6 @@ class User(Base, Email):
    def get_id(self):
        return self.email

-    @property
-    def destination(self):
-        if self.forward_enabled:
-            result = self.self.forward_destination
-            if self.forward_keep:
-                result += ',' + self.email
-            return result
-        else:
-            return self.email
-
    scheme_dict = {'SHA512-CRYPT': "sha512_crypt",
                   'SHA256-CRYPT': "sha256_crypt",
                   'MD5-CRYPT': "md5_crypt",