X-Git-Url: http://www.git.stargrave.org/?p=public-inbox.git;a=blobdiff_plain;f=examples%2Funsubscribe.milter;h=232295112d54b4e6b51716cf814da433ee97a1f9;hp=e19363862b8eaa82d55a6ce573449e8fd25b995c;hb=95bdac7f09c69036efed537a4d03d5bdd2ae4eb6;hpb=1f29b33d3f71b8a40f5ae76bf20b95618b518654 diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter index e1936386..23229511 100644 --- a/examples/unsubscribe.milter +++ b/examples/unsubscribe.milter @@ -1,5 +1,5 @@ #!/usr/bin/perl -w -# Copyright (C) 2016 all contributors +# Copyright (C) 2016-2020 all contributors # License: AGPL-3.0+ use strict; use warnings; @@ -16,6 +16,10 @@ if (read($fh, $key, 8) != 8 || read($fh, $iv, 8) != 8 || die "KEY_FILE must be 16 bytes\n"; } +# optionally support unique mailto: subject in List-Unsubscribe, +# requires a custom rule in front of mlmmj, see __END__ +my $unique_mailto = $ENV{UNIQUE_MAILTO}; + # these parameters were chosen to generate shorter parameters # to reduce the possibility of copy+paste errors my $crypt = Crypt::CBC->new(-key => $key, @@ -72,16 +76,13 @@ $cbs{header} = sub { SMFIS_CONTINUE; }; -# only whitelist a few users for testing: -my $whitelist = '/etc/unsubscribe-milter.whitelist'; -my %TEST_WHITELIST = map { $_ => 1 } eval { - open my $fh, '<', $whitelist or - die "Failed to open $whitelist: $!"; - local $/ = "\n"; - chomp(my @lines = (<$fh>)); - @lines; - }; -die "No whitelist at $whitelist\n" unless scalar keys %TEST_WHITELIST; +# We don't want people unsubscribing archivers: +sub archive_addr { + my ($addr) = @_; + return 1 if ($addr =~ /\@m\.gmane(?:-mx)?\.org\z/); + return 1 if ($addr eq 'archive@mail-archive.com'); + 0 +} $cbs{eom} = sub { my ($ctx) = @_; @@ -92,7 +93,7 @@ $cbs{eom} = sub { # one recipient, one unique HTTP(S) URL return SMFIS_CONTINUE if @rcpt != 1; - return SMFIS_CONTINUE unless $TEST_WHITELIST{$rcpt[0]}; + return SMFIS_CONTINUE if archive_addr(lc($rcpt[0])); my $unsub = $priv->{header}->{'list-unsubscribe'} || []; my $n = 0; @@ -105,6 +106,12 @@ $cbs{eom} = sub { next unless $k && $v && $list && $domain; my $u = $crypt->encrypt($rcpt[0]); $u = encode_base64url($u); + if ($unique_mailto) { + # $u needs to be in the Subject: header since + # +$EXTENSION is case-insensitive + my $s = "subject=$u"; + $v = ""; + } $v .= ",\n "; $ctx->chgheader($k, $index, $v); @@ -134,6 +141,29 @@ if ($fds && (($ENV{LISTEN_PID} || 0) == $$)) { } $milter->register('unsubscribe', \%cbs, SMFI_CURR_ACTS); -my $dispatcher = Sendmail::PMilter::prefork_dispatcher(max_children => 2); -$milter->set_dispatcher($dispatcher); $milter->main(); +__END__ +# TMPMSG comes from dc-dlvr, it's populated before the above runs: +# TMPMSG=$(mktemp -t dc-dlvr.orig.$USER.XXXXXX || exit 1) +# cat >$TMPMSG + +# I use something like this in front of mlmmj for UNIQUE_MAILTO +# $EXTENSION and $ORIGINAL_RECIPIENT are set by postfix, $list +# is a local mapping of addresses to mailing list names. +case $ORIGINAL_RECIPIENT in +foo+*) list=foo ;; +# ... +esac + +case $EXTENSION in +unique-unsub) + u="$(formail -z -c -x Subject <$TMPMSG)" + d=$(expr "$ORIGINAL_RECIPIENT" : '^.*@\(.*\)') + + # forward this to the unsubscribe.psgi service + curl -sSf https://$d/u/$u/$list >/dev/null + exit + ;; +esac +/usr/bin/mlmmj-receive -L /path/to/mlmmj-spool/$list <"$TMPMSG" +exit