Keep original From

email_handler.py

@@ -539,7 +539,9 @@ def handle_email_sent_to_ourself(alias, from_addr: str, msg: Message, user):
     )
 
 
-def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional[str]:
+def apply_dmarc_policy(
+    alias: Alias, contact: Contact, envelope: Envelope, msg: Message
+) -> Optional[str]:
     dmarc_result = get_dmarc_status(msg)
     newrelic.agent.record_custom_event(
         "Custom/dmarc_check", {"result": dmarc_result.name}
@@ -551,8 +553,16 @@ def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional
         DmarcCheckResult.reject,
         DmarcCheckResult.soft_fail,
     ):
+        quarantine_dmarc_failed_email(alias, contact, envelope, msg)
+        add_quarantine_notification_for_alias(alias)
+        return status.E519
+    return None
+
+
+def quarantine_dmarc_failed_email(alias, contact, envelope, msg):
     add_or_replace_header(msg, headers.SL_DIRECTION, "Forward")
     msg[headers.SL_ENVELOPE_TO] = alias.email
+    msg[headers.SL_ENVELOPE_FROM] = envelope.mail_from
     add_or_replace_header(msg, "From", contact.new_addr())
     # replace CC & To emails by reverse-alias for all emails that are not alias
     try:
@@ -561,7 +571,6 @@ def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional
     except CannotCreateContactForReverseAlias:
         Session.commit()
         raise
-
     random_name = str(uuid.uuid4())
     s3_report_path = f"refused-emails/full-{random_name}.eml"
     s3.upload_email_from_bytesio(
@@ -582,6 +591,8 @@ def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional
         commit=True,
     )
 
+
+def add_quarantine_notification_for_alias(alias: Alias):
     notification_title = f"{alias.email} has a new mail in quarantine"
     notifications = (
         Notification.filter_by(user_id=alias.user_id)
@@ -594,7 +605,6 @@ def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional
         if notification.title == notification_title:
             already_notified = True
             break
-
     if not already_notified:
         Notification.create(
             user_id=alias.user_id,
@@ -602,9 +612,8 @@ def apply_dmarc_policy(alias: Alias, contact: Contact, msg: Message) -> Optional
             message=Notification.render(
                 "notification/message-quarantine.html", alias=alias
             ),
+            commit=True,
         )
-        return status.E519
-    return None
 
 
 def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str]]:
@@ -688,7 +697,7 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
         return [(True, res_status)]
 
     # Check if we need to reject or quarantine based on dmarc
-    dmarc_delivery_status = apply_dmarc_policy(alias, contact, msg)
+    dmarc_delivery_status = apply_dmarc_policy(alias, contact, envelope, msg)
     if dmarc_delivery_status is not None:
         return [(False, dmarc_delivery_status)]