From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-3.9 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 5C5581FD50 for ; Fri, 10 Jan 2020 22:55:30 +0000 (UTC) From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 2/2] examples/unsubscribe.milter: support unique mailto: Date: Fri, 10 Jan 2020 22:55:30 +0000 Message-Id: <20200110225530.17615-3-e@yhbt.net> In-Reply-To: <20200110225530.17615-1-e@yhbt.net> References: <20200110225530.17615-1-e@yhbt.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: Instead of providing a generic "mailto:foo+unsubscribe@example.com" address in List-Unsubscribe which requires confirmation, replace it with a mailto: header with a unique subject which contains the same unique ID we put in the https:// URL. This makes it easier for some MUAs without https:// support to unsubscribe with a single action via the List-Unsubscribe header. --- examples/unsubscribe-milter@.service | 6 +++++ examples/unsubscribe.milter | 35 ++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/examples/unsubscribe-milter@.service b/examples/unsubscribe-milter@.service index 98e3d478..eb5dcbe4 100644 --- a/examples/unsubscribe-milter@.service +++ b/examples/unsubscribe-milter@.service @@ -14,6 +14,12 @@ After = unsubscribe-milter.socket # copy+paste errors # umask 077 && dd if=/dev/urandom bs=16 count=1 of=.unsubscribe.key ExecStart = /usr/local/sbin/unsubscribe.milter /home/mlmmj/.unsubscribe.key + +# UNIQUE_MAILTO makes the List-Unsubscribe mailto: header unique +# so unsubcribing becomes one-step (requires MDA/MTA configuration, +# see the bottom of examples/unsubscribe.milter +# Environment = UNIQUE_MAILTO=1 + Sockets = unsubscribe-milter.socket # the corresponding PSGI app needs permissions to modify the diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter index f7bf6f1d..266596fa 100644 --- a/examples/unsubscribe.milter +++ b/examples/unsubscribe.milter @@ -16,6 +16,10 @@ if (read($fh, $key, 8) != 8 || read($fh, $iv, 8) != 8 || die "KEY_FILE must be 16 bytes\n"; } +# optionally support unique mailto: subject in List-Unsubscribe, +# requires a custom rule in front of mlmmj, see __END__ +my $unique_mailto = $ENV{UNIQUE_MAILTO}; + # these parameters were chosen to generate shorter parameters # to reduce the possibility of copy+paste errors my $crypt = Crypt::CBC->new(-key => $key, @@ -102,6 +106,12 @@ $cbs{eom} = sub { next unless $k && $v && $list && $domain; my $u = $crypt->encrypt($rcpt[0]); $u = encode_base64url($u); + if ($unique_mailto) { + # $u needs to be in the Subject: header since + # +$EXTENSION is case-insensitive + my $s = "subject=$u"; + $v = ""; + } $v .= ",\n "; $ctx->chgheader($k, $index, $v); @@ -132,3 +142,28 @@ if ($fds && (($ENV{LISTEN_PID} || 0) == $$)) { $milter->register('unsubscribe', \%cbs, SMFI_CURR_ACTS); $milter->main(); +__END__ +# TMPMSG comes from dc-dlvr, it's populated before the above runs: +# TMPMSG=$(mktemp -t dc-dlvr.orig.$USER.XXXXXX || exit 1) +# cat >$TMPMSG + +# I use something like this in front of mlmmj for UNIQUE_MAILTO +# $EXTENSION and $ORIGINAL_RECIPIENT are set by postfix, $list +# is a local mapping of addresses to mailing list names. +case $ORIGINAL_RECIPIENT in +foo+*) list=foo ;; +# ... +esac + +case $EXTENSION in +unique-unsub) + u="$(formail -z -c -x Subject <$TMPMSG)" + d=$(expr "$ORIGINAL_RECIPIENT" : '^.*@\(.*\)') + + # forward this to the unsubscribe.psgi service + curl -sSf https://$d/u/$u/$list >/dev/null + exit + ;; +esac +/usr/bin/mlmmj-receive -L /path/to/mlmmj-spool/$list <"$TMPMSG" +exit