From ea5c81fb5c45d75528de81b91019af58782e2d91 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Fri, 10 Jan 2020 22:55:30 +0000 Subject: examples/unsubscribe.milter: support unique mailto: Instead of providing a generic "mailto:foo+unsubscribe@example.com" address in List-Unsubscribe which requires confirmation, replace it with a mailto: header with a unique subject which contains the same unique ID we put in the https:// URL. This makes it easier for some MUAs without https:// support to unsubscribe with a single action via the List-Unsubscribe header. --- examples/unsubscribe-milter@.service | 6 ++++++ examples/unsubscribe.milter | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) (limited to 'examples') diff --git a/examples/unsubscribe-milter@.service b/examples/unsubscribe-milter@.service index 98e3d478..eb5dcbe4 100644 --- a/examples/unsubscribe-milter@.service +++ b/examples/unsubscribe-milter@.service @@ -14,6 +14,12 @@ After = unsubscribe-milter.socket # copy+paste errors # umask 077 && dd if=/dev/urandom bs=16 count=1 of=.unsubscribe.key ExecStart = /usr/local/sbin/unsubscribe.milter /home/mlmmj/.unsubscribe.key + +# UNIQUE_MAILTO makes the List-Unsubscribe mailto: header unique +# so unsubcribing becomes one-step (requires MDA/MTA configuration, +# see the bottom of examples/unsubscribe.milter +# Environment = UNIQUE_MAILTO=1 + Sockets = unsubscribe-milter.socket # the corresponding PSGI app needs permissions to modify the diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter index f7bf6f1d..266596fa 100644 --- a/examples/unsubscribe.milter +++ b/examples/unsubscribe.milter @@ -16,6 +16,10 @@ if (read($fh, $key, 8) != 8 || read($fh, $iv, 8) != 8 || die "KEY_FILE must be 16 bytes\n"; } +# optionally support unique mailto: subject in List-Unsubscribe, +# requires a custom rule in front of mlmmj, see __END__ +my $unique_mailto = $ENV{UNIQUE_MAILTO}; + # these parameters were chosen to generate shorter parameters # to reduce the possibility of copy+paste errors my $crypt = Crypt::CBC->new(-key => $key, @@ -102,6 +106,12 @@ $cbs{eom} = sub { next unless $k && $v && $list && $domain; my $u = $crypt->encrypt($rcpt[0]); $u = encode_base64url($u); + if ($unique_mailto) { + # $u needs to be in the Subject: header since + # +$EXTENSION is case-insensitive + my $s = "subject=$u"; + $v = ""; + } $v .= ",\n "; $ctx->chgheader($k, $index, $v); @@ -132,3 +142,28 @@ if ($fds && (($ENV{LISTEN_PID} || 0) == $$)) { $milter->register('unsubscribe', \%cbs, SMFI_CURR_ACTS); $milter->main(); +__END__ +# TMPMSG comes from dc-dlvr, it's populated before the above runs: +# TMPMSG=$(mktemp -t dc-dlvr.orig.$USER.XXXXXX || exit 1) +# cat >$TMPMSG + +# I use something like this in front of mlmmj for UNIQUE_MAILTO +# $EXTENSION and $ORIGINAL_RECIPIENT are set by postfix, $list +# is a local mapping of addresses to mailing list names. +case $ORIGINAL_RECIPIENT in +foo+*) list=foo ;; +# ... +esac + +case $EXTENSION in +unique-unsub) + u="$(formail -z -c -x Subject <$TMPMSG)" + d=$(expr "$ORIGINAL_RECIPIENT" : '^.*@\(.*\)') + + # forward this to the unsubscribe.psgi service + curl -sSf https://$d/u/$u/$list >/dev/null + exit + ;; +esac +/usr/bin/mlmmj-receive -L /path/to/mlmmj-spool/$list <"$TMPMSG" +exit -- cgit v1.2.3-24-ge0c7