X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=examples%2Funsubscribe.milter;h=216b0dddd0cf737e77dfb3780f48b48c5fc9d1cd;hb=HEAD;hp=e19363862b8eaa82d55a6ce573449e8fd25b995c;hpb=1f29b33d3f71b8a40f5ae76bf20b95618b518654;p=public-inbox.git diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter index e1936386..216b0ddd 100644 --- a/examples/unsubscribe.milter +++ b/examples/unsubscribe.milter @@ -1,8 +1,7 @@ #!/usr/bin/perl -w -# Copyright (C) 2016 all contributors +# Copyright (C) all contributors # License: AGPL-3.0+ use strict; -use warnings; use Sendmail::PMilter qw(:all); use IO::Socket; use Crypt::CBC; @@ -16,6 +15,10 @@ if (read($fh, $key, 8) != 8 || read($fh, $iv, 8) != 8 || die "KEY_FILE must be 16 bytes\n"; } +# optionally support unique mailto: subject in List-Unsubscribe, +# requires a custom rule in front of mlmmj, see __END__ +my $unique_mailto = $ENV{UNIQUE_MAILTO}; + # these parameters were chosen to generate shorter parameters # to reduce the possibility of copy+paste errors my $crypt = Crypt::CBC->new(-key => $key, @@ -72,16 +75,13 @@ $cbs{header} = sub { SMFIS_CONTINUE; }; -# only whitelist a few users for testing: -my $whitelist = '/etc/unsubscribe-milter.whitelist'; -my %TEST_WHITELIST = map { $_ => 1 } eval { - open my $fh, '<', $whitelist or - die "Failed to open $whitelist: $!"; - local $/ = "\n"; - chomp(my @lines = (<$fh>)); - @lines; - }; -die "No whitelist at $whitelist\n" unless scalar keys %TEST_WHITELIST; +# We don't want people unsubscribing archivers: +sub archive_addr { + my ($addr) = @_; + return 1 if ($addr =~ /\@m\.gmane(?:-mx)?\.org\z/); + return 1 if ($addr eq 'archive@mail-archive.com'); + 0 +} $cbs{eom} = sub { my ($ctx) = @_; @@ -92,10 +92,11 @@ $cbs{eom} = sub { # one recipient, one unique HTTP(S) URL return SMFIS_CONTINUE if @rcpt != 1; - return SMFIS_CONTINUE unless $TEST_WHITELIST{$rcpt[0]}; + return SMFIS_CONTINUE if archive_addr(lc($rcpt[0])); my $unsub = $priv->{header}->{'list-unsubscribe'} || []; my $n = 0; + my $added; foreach my $u (@$unsub) { # Milter indices are 1-based, # not 0-based like Perl arrays @@ -105,10 +106,20 @@ $cbs{eom} = sub { next unless $k && $v && $list && $domain; my $u = $crypt->encrypt($rcpt[0]); $u = encode_base64url($u); + if ($unique_mailto) { + # $u needs to be in the Subject: header since + # +$EXTENSION is case-insensitive + my $s = "subject=$u"; + $v = ""; + } $v .= ",\n "; $ctx->chgheader($k, $index, $v); + $added = 1; } + # RFC 8058 + $added and $ctx->addheader('List-Unsubscribe-Post', + 'List-Unsubscribe=One-Click'); }; warn $@ if $@; SMFIS_CONTINUE; @@ -134,6 +145,29 @@ if ($fds && (($ENV{LISTEN_PID} || 0) == $$)) { } $milter->register('unsubscribe', \%cbs, SMFI_CURR_ACTS); -my $dispatcher = Sendmail::PMilter::prefork_dispatcher(max_children => 2); -$milter->set_dispatcher($dispatcher); $milter->main(); +__END__ +# TMPMSG comes from dc-dlvr, it's populated before the above runs: +# TMPMSG=$(mktemp -t dc-dlvr.orig.$USER.XXXXXX || exit 1) +# cat >$TMPMSG + +# I use something like this in front of mlmmj for UNIQUE_MAILTO +# $EXTENSION and $ORIGINAL_RECIPIENT are set by postfix, $list +# is a local mapping of addresses to mailing list names. +case $ORIGINAL_RECIPIENT in +foo+*) list=foo ;; +# ... +esac + +case $EXTENSION in +unique-unsub) + u="$(formail -z -c -x Subject <$TMPMSG)" + d=$(expr "$ORIGINAL_RECIPIENT" : '^.*@\(.*\)') + + # forward this to the unsubscribe.psgi service + curl -sSf https://$d/u/$u/$list >/dev/null + exit + ;; +esac +/usr/bin/mlmmj-receive -L /path/to/mlmmj-spool/$list <"$TMPMSG" +exit