take into account authorized_address when checking email loop

app/email_utils.py

@@ -1392,7 +1392,7 @@ def parse_full_address(full_address) -> (str, str):
     if full_address is None:
         raise ValueError
 
-    # address.parse can also parse an URL and return UrlAddress
+    # address.parse can also parse a URL and return UrlAddress
     if type(full_address) is not EmailAddress:
         raise ValueError
 

app/models.py

@@ -1242,6 +1242,18 @@ class Alias(Base, ModelMixin):
 
         return ret
 
+    def authorized_addresses(self) -> [str]:
+        """return addresses that can send on behalf of this alias, i.e. can send emails to this alias's reverse-aliases
+        Including its mailboxes and their authorized addresses
+        """
+        mailboxes = self.mailboxes
+        ret = [mb.email for mb in mailboxes]
+        for mailbox in mailboxes:
+            for aa in mailbox.authorized_addresses:
+                ret.append(aa.email)
+
+        return ret
+
     def mailbox_support_pgp(self) -> bool:
         """return True of one of the mailboxes support PGP"""
         for mb in self.mailboxes:

email_handler.py

@@ -493,7 +493,7 @@ def sign_msg(msg: Message) -> Message:
     return container
 
 
-def handle_email_sent_to_ourself(alias, mailbox, msg: Message, user):
+def handle_email_sent_to_ourself(alias, from_addr: str, msg: Message, user):
     # store the refused email
     random_name = str(uuid.uuid4())
     full_report_path = f"refused-emails/cycle-{random_name}.eml"
@@ -509,18 +509,18 @@ def handle_email_sent_to_ourself(alias, mailbox, msg: Message, user):
     send_email_at_most_times(
         user,
         ALERT_SEND_EMAIL_CYCLE,
-        mailbox.email,
+        from_addr,
-        f"Email sent to {alias.email} from its own mailbox {mailbox.email}",
+        f"Email sent to {alias.email} from its own mailbox {from_addr}",
         render(
             "transactional/cycle-email.txt.jinja2",
             alias=alias,
-            mailbox=mailbox,
+            from_addr=from_addr,
             refused_email_url=refused_email_url,
         ),
         render(
             "transactional/cycle-email.html",
             alias=alias,
-            mailbox=mailbox,
+            from_addr=from_addr,
             refused_email_url=refused_email_url,
         ),
     )
@@ -558,11 +558,11 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
 
     # check if email is sent from alias's owning mailbox(es)
     mail_from = envelope.mail_from
-    for mb in alias.mailboxes:
+    for addr in alias.authorized_addresses():
         # email sent from a mailbox to its alias
-        if mb.email == mail_from:
+        if addr == mail_from:
-            LOG.i("cycle email sent from %s to %s", mb, alias)
+            LOG.i("cycle email sent from %s to %s", addr, alias)
-            handle_email_sent_to_ourself(alias, mb, msg, user)
+            handle_email_sent_to_ourself(alias, addr, msg, user)
             return [(True, status.E209)]
 
     from_header = get_header_unicode(msg[headers.FROM])

templates/emails/transactional/cycle-email.html

@@ -4,7 +4,7 @@
   {% call text() %}
     <h1>
       An email was sent to your alias <b>{{ alias.email }}</b> from its own mailbox
-      <b>{{ mailbox.email }}</b>.
+      <b>{{ from_addr }}</b>.
     </h1>
   {% endcall %}
 

templates/emails/transactional/cycle-email.txt.jinja2

@@ -1,4 +1,4 @@
-An email was sent to your alias {{ alias.email }} from its own mailbox {{ mailbox.email }}.
+An email was sent to your alias {{ alias.email }} from its own mailbox {{ from_addr }}.
 
 SimpleLogin doesn't send this email back to your mailbox as it would be refused or hidden anyway by your email service.