From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 48DAA92C6 for ; Wed, 8 Mar 2023 15:53:20 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 29D8921B96 for ; Wed, 8 Mar 2023 15:52:50 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 8 Mar 2023 15:52:48 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id C712645F9A for ; Wed, 8 Mar 2023 15:52:47 +0100 (CET) From: Stoiko Ivanov To: pmg-devel@lists.proxmox.com Date: Wed, 8 Mar 2023 15:52:29 +0100 Message-Id: <20230308145235.37342-1-s.ivanov@proxmox.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.143 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [smtp.pm, quarantine.pm, postfix.org, notify.pm, proxmox.com, config.pm, 5-opts.pl, utils.pm, cf.in] Subject: [pmg-devel] [PATCH pmg-api v2 0/4] improve local mail injection and add smtputf8 support X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2023 14:53:20 -0000 This series is the improved second part of: https://lists.proxmox.com/pipermail/pmg-devel/2023-January/002257.html and incorporates a few other improvments, which came up during implementation. Changes from v1: 1 dropped the already applied and released stop-gap fix 2 added 'reinject_local_mail` helper to scan and check the mail, instead of checking with mail_needs_smtputf8 at all call-sites (Thanks to Thomas for the suggestion!) 3 while add it went ahead and added smtputf8 as new option to the mail section of pmg.conf (reason for the docs and gui patch) 4 during testing noted the duplication of reinject_mail in deliver_quarantined_mail (with the latter not receiving any of the improvments for the former) leading to the refactoring in api-patch 3 and 4 point 4 is independent of the rest, but review should be easier after looking through the other patches. the docs-patch is needed (as build-depends), due to the new pmg.conf option original cover-letter for v1: This series addresses an issue some of our users reported in our community forum with pmg-api_7.2-3: * the decision if smtputf8 is needed is based on the envelope-addresses and the headers (if they contain non-ascii characters we use SMTPUTF8 * this breaks environments where SMTPUTF8 is disabled (mostly because some downstream servers do not support this), but mails still contain non-ascii data (while this is against the relevant rfc, which say that header-data must contain only ascii characters (and should be encoded with MIME-words otherwise), it is seemingly quite common in the wild) one testmail I got from a user from the forum had the From header correctly encoded, but added an X-DFrom header with the unencoded from. The first patch simply drops the header-inspection and should enable most of the reporters to receive mail again. The second patch tries to address the smtputf8 issue a bit differently than what we currently do - For mails received via SMTP it simply sets SMTPUTF8 if the original postfix processes sent pmg-smtp-filter the mail with the flag, and does not set it otherwise - For locally generated mail it detects if its needed by checking the envelope-addresses and the headers for non-ascii characters. This should follow postfix own functioning quite closely: https://www.postfix.org/SMTPUTF8_README.html processing by pmg-smtp-filter should not change the need for the flag, since we don't rewrite envelope-addresses, and modify filed does mime-encode the resulting header. Sending as two patches, since the first one would be good to get out soon (as it's affecting a few setups), while the second one might benefit from a bit more testing (I did some tests, which all looked good, but might have overlooked some cases) pmg-api: Stoiko Ivanov (4): smtputf8: keep smtputf8 from incoming postfix, detect for local mail config: make smtputf8 configurable through the API reinject mail: improve error logging quarantine: use reinject_local_mail to deliver quarantined mail src/PMG/API2/Quarantine.pm | 2 +- src/PMG/Config.pm | 7 +++++ src/PMG/Quarantine.pm | 64 +++++++++----------------------------- src/PMG/RuleDB/Notify.pm | 2 +- src/PMG/SMTP.pm | 3 +- src/PMG/Utils.pm | 53 +++++++++++++++++++++---------- src/templates/main.cf.in | 4 +++ 7 files changed, 67 insertions(+), 68 deletions(-) pmg-gui: Stoiko Ivanov (1): mail proxy options: add smtputf8 checkbox js/MailProxyOptions.js | 3 +++ 1 file changed, 3 insertions(+) pmg-docs: Stoiko Ivanov (1): doc-generator: add new option smtputf8 gen-pmg.conf.5-opts.pl | 1 + 1 file changed, 1 insertion(+) -- 2.30.2