treewide: run update-copyrights from gnulib for 2019

[public-inbox.git] / examples / unsubscribe.milter

diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter
index e19363862b8eaa82d55a6ce573449e8fd25b995c..232295112d54b4e6b51716cf814da433ee97a1f9 100644 (file)
--- a/examples/unsubscribe.milter
+++ b/examples/unsubscribe.milter
@@ -1,5 +1,5 @@
 #!/usr/bin/perl -w
-# Copyright (C) 2016 all contributors <meta@public-inbox.org>
+# Copyright (C) 2016-2020 all contributors <meta@public-inbox.org>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 use strict;
 use warnings;
@@ -16,6 +16,10 @@ if (read($fh, $key, 8) != 8 || read($fh, $iv, 8) != 8 ||
        die "KEY_FILE must be 16 bytes\n";
 }
 
+# optionally support unique mailto: subject in List-Unsubscribe,
+# requires a custom rule in front of mlmmj, see __END__
+my $unique_mailto = $ENV{UNIQUE_MAILTO};
+
 # these parameters were chosen to generate shorter parameters
 # to reduce the possibility of copy+paste errors
 my $crypt = Crypt::CBC->new(-key => $key,
@@ -72,16 +76,13 @@ $cbs{header} = sub {
        SMFIS_CONTINUE;
 };
 
-# only whitelist a few users for testing:
-my $whitelist = '/etc/unsubscribe-milter.whitelist';
-my %TEST_WHITELIST = map { $_ => 1 } eval {
-               open my $fh, '<', $whitelist or
-                       die "Failed to open $whitelist: $!";
-               local $/ = "\n";
-               chomp(my @lines = (<$fh>));
-               @lines;
-       };
-die "No whitelist at $whitelist\n" unless scalar keys %TEST_WHITELIST;
+# We don't want people unsubscribing archivers:
+sub archive_addr {
+       my ($addr) = @_;
+       return 1 if ($addr =~ /\@m\.gmane(?:-mx)?\.org\z/);
+       return 1 if ($addr eq 'archive@mail-archive.com');
+       0
+}
 
 $cbs{eom} = sub {
        my ($ctx) = @_;
@@ -92,7 +93,7 @@ $cbs{eom} = sub {
 
                # one recipient, one unique HTTP(S) URL
                return SMFIS_CONTINUE if @rcpt != 1;
-               return SMFIS_CONTINUE unless $TEST_WHITELIST{$rcpt[0]};
+               return SMFIS_CONTINUE if archive_addr(lc($rcpt[0]));
 
                my $unsub = $priv->{header}->{'list-unsubscribe'} || [];
                my $n = 0;
@@ -105,6 +106,12 @@ $cbs{eom} = sub {
                        next unless $k && $v && $list && $domain;
                        my $u = $crypt->encrypt($rcpt[0]);
                        $u = encode_base64url($u);
+                       if ($unique_mailto) {
+                               # $u needs to be in the Subject: header since
+                               # +$EXTENSION is case-insensitive
+                               my $s = "subject=$u";
+                               $v = "<mailto:$list+unique-unsub\@$domain?$s>";
+                       }
                        $v .= ",\n <https://$domain/u/$u/$list>";
 
                        $ctx->chgheader($k, $index, $v);
@@ -134,6 +141,29 @@ if ($fds && (($ENV{LISTEN_PID} || 0) == $$)) {
 }
 
 $milter->register('unsubscribe', \%cbs, SMFI_CURR_ACTS);
-my $dispatcher = Sendmail::PMilter::prefork_dispatcher(max_children => 2);
-$milter->set_dispatcher($dispatcher);
 $milter->main();
+__END__
+# TMPMSG comes from dc-dlvr, it's populated before the above runs:
+# TMPMSG=$(mktemp -t dc-dlvr.orig.$USER.XXXXXX || exit 1)
+# cat >$TMPMSG
+
+# I use something like this in front of mlmmj for UNIQUE_MAILTO
+# $EXTENSION and $ORIGINAL_RECIPIENT are set by postfix, $list
+# is a local mapping of addresses to mailing list names.
+case $ORIGINAL_RECIPIENT in
+foo+*) list=foo ;;
+# ...
+esac
+
+case $EXTENSION in
+unique-unsub)
+       u="$(formail -z -c -x Subject <$TMPMSG)"
+       d=$(expr "$ORIGINAL_RECIPIENT" : '^.*@\(.*\)')
+
+       # forward this to the unsubscribe.psgi service
+       curl -sSf https://$d/u/$u/$list >/dev/null
+       exit
+       ;;
+esac
+/usr/bin/mlmmj-receive -L /path/to/mlmmj-spool/$list <"$TMPMSG"
+exit