use another DKIM header if one fails
This commit is contained in:
parent
6e42e536db
commit
b3012376c3
|
@ -157,7 +157,6 @@ DISABLE_ALIAS_SUFFIX = "DISABLE_ALIAS_SUFFIX" in os.environ
|
||||||
UNSUBSCRIBER = os.environ.get("UNSUBSCRIBER")
|
UNSUBSCRIBER = os.environ.get("UNSUBSCRIBER")
|
||||||
|
|
||||||
DKIM_SELECTOR = b"dkim"
|
DKIM_SELECTOR = b"dkim"
|
||||||
DKIM_HEADERS = [b"from", b"to"]
|
|
||||||
DKIM_PRIVATE_KEY = None
|
DKIM_PRIVATE_KEY = None
|
||||||
|
|
||||||
if "DKIM_PRIVATE_KEY_PATH" in os.environ:
|
if "DKIM_PRIVATE_KEY_PATH" in os.environ:
|
||||||
|
|
|
@ -31,7 +31,6 @@ from app.config import (
|
||||||
NOT_SEND_EMAIL,
|
NOT_SEND_EMAIL,
|
||||||
DKIM_SELECTOR,
|
DKIM_SELECTOR,
|
||||||
DKIM_PRIVATE_KEY,
|
DKIM_PRIVATE_KEY,
|
||||||
DKIM_HEADERS,
|
|
||||||
ALIAS_DOMAINS,
|
ALIAS_DOMAINS,
|
||||||
SUPPORT_NAME,
|
SUPPORT_NAME,
|
||||||
POSTFIX_SUBMISSION_TLS,
|
POSTFIX_SUBMISSION_TLS,
|
||||||
|
@ -391,7 +390,31 @@ def get_email_domain_part(address):
|
||||||
return address[address.find("@") + 1 :]
|
return address[address.find("@") + 1 :]
|
||||||
|
|
||||||
|
|
||||||
|
# headers used to DKIM sign in order of preference
|
||||||
|
_DKIM_HEADERS = [
|
||||||
|
[b"Message-ID", b"Date", b"subject", b"from", b"to"],
|
||||||
|
[b"from", b"to"],
|
||||||
|
[b"Message-ID", b"Date"],
|
||||||
|
[b"from"],
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
def add_dkim_signature(msg: Message, email_domain: str):
|
def add_dkim_signature(msg: Message, email_domain: str):
|
||||||
|
for dkim_headers in _DKIM_HEADERS:
|
||||||
|
try:
|
||||||
|
add_dkim_signature_with_header(msg, email_domain, dkim_headers)
|
||||||
|
return
|
||||||
|
except dkim.DKIMException:
|
||||||
|
LOG.w("DKIM fail with %s", dkim_headers)
|
||||||
|
# try with another headers
|
||||||
|
continue
|
||||||
|
|
||||||
|
raise Exception("Cannot create DKIM signature")
|
||||||
|
|
||||||
|
|
||||||
|
def add_dkim_signature_with_header(
|
||||||
|
msg: Message, email_domain: str, dkim_headers: [bytes]
|
||||||
|
):
|
||||||
delete_header(msg, "DKIM-Signature")
|
delete_header(msg, "DKIM-Signature")
|
||||||
|
|
||||||
# Specify headers in "byte" form
|
# Specify headers in "byte" form
|
||||||
|
@ -402,7 +425,7 @@ def add_dkim_signature(msg: Message, email_domain: str):
|
||||||
DKIM_SELECTOR,
|
DKIM_SELECTOR,
|
||||||
email_domain.encode(),
|
email_domain.encode(),
|
||||||
DKIM_PRIVATE_KEY.encode(),
|
DKIM_PRIVATE_KEY.encode(),
|
||||||
include_headers=DKIM_HEADERS,
|
include_headers=dkim_headers,
|
||||||
)
|
)
|
||||||
sig = sig.decode()
|
sig = sig.decode()
|
||||||
|
|
||||||
|
|
|
@ -577,7 +577,7 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
|
||||||
if user.ignore_loop_email:
|
if user.ignore_loop_email:
|
||||||
mail_from = envelope.mail_from
|
mail_from = envelope.mail_from
|
||||||
for mb in alias.mailboxes:
|
for mb in alias.mailboxes:
|
||||||
# email send from a mailbox to its alias
|
# email sent from a mailbox to its alias
|
||||||
if mb.email == mail_from:
|
if mb.email == mail_from:
|
||||||
LOG.w("cycle email sent from %s to %s", mb, alias)
|
LOG.w("cycle email sent from %s to %s", mb, alias)
|
||||||
handle_email_sent_to_ourself(alias, mb, msg, user)
|
handle_email_sent_to_ourself(alias, mb, msg, user)
|
||||||
|
|
Loading…
Reference in a new issue