Issue #338 new

Mail (bounce) handling

Bastian Blank avatarBastian Blank created an issue

Moin can send mails on several occasions, mostly related to user handling and notifications on changes. It currently does not handle bounces and they usually get unnoticed. Moin should be able to handle bounces and re-act on them.

Two things are needed to do this. It needs a script that receives mails, parses them and acts on them. It should also encode some more information into the from address, like user-id, so each bounce can be easily identified without extra code to handle many broken systems out there.

Sending mail

Each mail should get some more information about the recipient. This is usually encoded into the from-address of the e-mail, like wiki-main+$uid@example.com. All major MTA supports this recipient delimiter addressing, so all mails are delivered wiki-main@example.com. With this information the mail can be accounted to the correct account even if some system in between does not support DSN.

All sent mails must follow some rules. They must be sent with a Auto-Submitted: auto-generated header (see RFC 3834). Also Moin should assume DSN is supported by the local MSA (ten years is enough) and send mails with RET=HDRS, NOTIFY=FAILURE and ORCPT=… (see RFC 3461).

Receiving mail

Moin needs a script that can be called by the MDA. This script gets the recipient of the mail and the contents at least. It parses the mail as needed and possible. It can act on the contents depending on the type of mail.

A DSN as specified in RFC 3464 can be handled completely automatic. Each failed account should be disabled. However we need some way to tell the user the account was disabled on the next attempted log-in. He may get the option to specify a new e-mail-address to regain access to the account.

All other mails should be forwarded to the admin for inspection. This mail should include all available user information if the id encoded into the bounce address is available.

Comments (3)

  1. ana-balica

    Transferring the task details from a moin fork

    Tweak sendmail() func by setting some additional mail headers for receiving DSN

     NOTIFY=FAILURE
     ORCPT=rfc822;receiver@example.org
     RET=HDRS
    

    And encode the userid (uid = user.meta['itemid']) in the FROM address of moin - from_mail+$uid@example.org

    We need a function for determining if the inbound mail is a DSN. For that we need to check mail headers. A mail is a DSN if:

    • Content-Type: multipart/report; report-type=delivery-status;
    • Action: failed (rfc3464)

    How to react on DSN:

    Disable the user account (user.meta['disabled'] = True) and on next logins flash a message saying that "Your account was disabled due to some mail address problems. Please verify if the email address you have provided is valid and active."

    That implies that we need a form, where the user can introduce his old login and a new email. The account will be activated and a new email will be set. Also we need to inform the admins on the DSN and provide user information. For instance we could email the admins the DSN headers and include minimal necessary information about the user.

  2. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.