diff options
Diffstat (limited to 'actionmailbox/app')
20 files changed, 697 insertions, 0 deletions
diff --git a/actionmailbox/app/controllers/action_mailbox/base_controller.rb b/actionmailbox/app/controllers/action_mailbox/base_controller.rb new file mode 100644 index 0000000000..d4169cc9bb --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/base_controller.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +# The base class for all Active Mailbox ingress controllers. +class ActionMailbox::BaseController < ActionController::Base + skip_forgery_protection + + before_action :ensure_configured + + def self.prepare + # Override in concrete controllers to run code on load. + end + + private + def ensure_configured + unless ActionMailbox.ingress == ingress_name + head :not_found + end + end + + def ingress_name + self.class.name.remove(/\AActionMailbox::Ingresses::/, /::InboundEmailsController\z/).underscore.to_sym + end + + + def authenticate_by_password + if password.present? + http_basic_authenticate_or_request_with name: "actionmailbox", password: password, realm: "Action Mailbox" + else + raise ArgumentError, "Missing required ingress credentials" + end + end + + def password + Rails.application.credentials.dig(:action_mailbox, :ingress_password) || ENV["RAILS_INBOUND_EMAIL_PASSWORD"] + end +end diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb new file mode 100644 index 0000000000..2a8ec375c7 --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb @@ -0,0 +1,52 @@ +# frozen_string_literal: true + +# Ingests inbound emails from Amazon's Simple Email Service (SES). +# +# Requires the full RFC 822 message in the +content+ parameter. Authenticates requests by validating their signatures. +# +# Returns: +# +# - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox +# - <tt>401 Unauthorized</tt> if the request's signature could not be validated +# - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from SES +# - <tt>422 Unprocessable Entity</tt> if the request is missing the required +content+ parameter +# - <tt>500 Server Error</tt> if one of the Active Record database, the Active Storage service, or +# the Active Job backend is misconfigured or unavailable +# +# == Usage +# +# 1. Install the {aws-sdk-sns}[https://rubygems.org/gems/aws-sdk-sns] gem: +# +# # Gemfile +# gem "aws-sdk-sns", ">= 1.9.0", require: false +# +# 2. Tell Action Mailbox to accept emails from SES: +# +# # config/environments/production.rb +# config.action_mailbox.ingress = :amazon +# +# 3. {Configure SES}[https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-notifications.html] +# to deliver emails to your application via POST requests to +/rails/action_mailbox/amazon/inbound_emails+. +# If your application lived at <tt>https://example.com</tt>, you would specify the fully-qualified URL +# <tt>https://example.com/rails/action_mailbox/amazon/inbound_emails</tt>. +class ActionMailbox::Ingresses::Amazon::InboundEmailsController < ActionMailbox::BaseController + before_action :authenticate + + cattr_accessor :verifier + + def self.prepare + self.verifier ||= begin + require "aws-sdk-sns/message_verifier" + Aws::SNS::MessageVerifier.new + end + end + + def create + ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:content) + end + + private + def authenticate + head :unauthorized unless verifier.authentic?(request.body) + end +end diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb new file mode 100644 index 0000000000..225bcc5565 --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb @@ -0,0 +1,101 @@ +# frozen_string_literal: true + +# Ingests inbound emails from Mailgun. Requires the following parameters: +# +# - +body-mime+: The full RFC 822 message +# - +timestamp+: The current time according to Mailgun as the number of seconds passed since the UNIX epoch +# - +token+: A randomly-generated, 50-character string +# - +signature+: A hexadecimal HMAC-SHA256 of the timestamp concatenated with the token, generated using the Mailgun API key +# +# Authenticates requests by validating their signatures. +# +# Returns: +# +# - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox +# - <tt>401 Unauthorized</tt> if the request's signature could not be validated, or if its timestamp is more than 2 minutes old +# - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from Mailgun +# - <tt>422 Unprocessable Entity</tt> if the request is missing required parameters +# - <tt>500 Server Error</tt> if the Mailgun API key is missing, or one of the Active Record database, +# the Active Storage service, or the Active Job backend is misconfigured or unavailable +# +# == Usage +# +# 1. Give Action Mailbox your {Mailgun API key}[https://help.mailgun.com/hc/en-us/articles/203380100-Where-can-I-find-my-API-key-and-SMTP-credentials-] +# so it can authenticate requests to the Mailgun ingress. +# +# Use <tt>rails credentials:edit</tt> to add your API key to your application's encrypted credentials under +# +action_mailbox.mailgun_api_key+, where Action Mailbox will automatically find it: +# +# action_mailbox: +# mailgun_api_key: ... +# +# Alternatively, provide your API key in the +MAILGUN_INGRESS_API_KEY+ environment variable. +# +# 2. Tell Action Mailbox to accept emails from Mailgun: +# +# # config/environments/production.rb +# config.action_mailbox.ingress = :mailgun +# +# 3. {Configure Mailgun}[https://documentation.mailgun.com/en/latest/user_manual.html#receiving-forwarding-and-storing-messages] +# to forward inbound emails to `/rails/action_mailbox/mailgun/inbound_emails/mime`. +# +# If your application lived at <tt>https://example.com</tt>, you would specify the fully-qualified URL +# <tt>https://example.com/rails/action_mailbox/mailgun/inbound_emails/mime</tt>. +class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox::BaseController + before_action :authenticate + + def create + ActionMailbox::InboundEmail.create_and_extract_message_id! params.require("body-mime") + end + + private + def authenticate + head :unauthorized unless authenticated? + end + + def authenticated? + if key.present? + Authenticator.new( + key: key, + timestamp: params.require(:timestamp), + token: params.require(:token), + signature: params.require(:signature) + ).authenticated? + else + raise ArgumentError, <<~MESSAGE.squish + Missing required Mailgun API key. Set action_mailbox.mailgun_api_key in your application's + encrypted credentials or provide the MAILGUN_INGRESS_API_KEY environment variable. + MESSAGE + end + end + + def key + Rails.application.credentials.dig(:action_mailbox, :mailgun_api_key) || ENV["MAILGUN_INGRESS_API_KEY"] + end + + class Authenticator + attr_reader :key, :timestamp, :token, :signature + + def initialize(key:, timestamp:, token:, signature:) + @key, @timestamp, @token, @signature = key, Integer(timestamp), token, signature + end + + def authenticated? + signed? && recent? + end + + private + def signed? + ActiveSupport::SecurityUtils.secure_compare signature, expected_signature + end + + # Allow for 2 minutes of drift between Mailgun time and local server time. + def recent? + Time.at(timestamp) >= 2.minutes.ago + end + + def expected_signature + OpenSSL::HMAC.hexdigest OpenSSL::Digest::SHA256.new, key, "#{timestamp}#{token}" + end + end +end diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb new file mode 100644 index 0000000000..5a85e6b7f0 --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb @@ -0,0 +1,80 @@ +# frozen_string_literal: true + +# Ingests inbound emails from Mandrill. +# +# Requires a +mandrill_events+ parameter containing a JSON array of Mandrill inbound email event objects. +# Each event is expected to have a +msg+ object containing a full RFC 822 message in its +raw_msg+ property. +# +# Returns: +# +# - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox +# - <tt>401 Unauthorized</tt> if the request's signature could not be validated +# - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from Mandrill +# - <tt>422 Unprocessable Entity</tt> if the request is missing required parameters +# - <tt>500 Server Error</tt> if the Mandrill API key is missing, or one of the Active Record database, +# the Active Storage service, or the Active Job backend is misconfigured or unavailable +class ActionMailbox::Ingresses::Mandrill::InboundEmailsController < ActionMailbox::BaseController + before_action :authenticate + + def create + raw_emails.each { |raw_email| ActionMailbox::InboundEmail.create_and_extract_message_id! raw_email } + head :ok + rescue JSON::ParserError => error + logger.error error.message + head :unprocessable_entity + end + + private + def raw_emails + events.select { |event| event["event"] == "inbound" }.collect { |event| event.dig("msg", "raw_msg") } + end + + def events + JSON.parse params.require(:mandrill_events) + end + + + def authenticate + head :unauthorized unless authenticated? + end + + def authenticated? + if key.present? + Authenticator.new(request, key).authenticated? + else + raise ArgumentError, <<~MESSAGE.squish + Missing required Mandrill API key. Set action_mailbox.mandrill_api_key in your application's + encrypted credentials or provide the MANDRILL_INGRESS_API_KEY environment variable. + MESSAGE + end + end + + def key + Rails.application.credentials.dig(:action_mailbox, :mandrill_api_key) || ENV["MANDRILL_INGRESS_API_KEY"] + end + + class Authenticator + attr_reader :request, :key + + def initialize(request, key) + @request, @key = request, key + end + + def authenticated? + ActiveSupport::SecurityUtils.secure_compare given_signature, expected_signature + end + + private + def given_signature + request.headers["X-Mandrill-Signature"] + end + + def expected_signature + Base64.strict_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, key, message) + end + + def message + request.url + request.POST.sort.flatten.join + end + end +end diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb new file mode 100644 index 0000000000..a3b794c65b --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb @@ -0,0 +1,57 @@ +# frozen_string_literal: true + +# Ingests inbound emails relayed from Postfix. +# +# Authenticates requests using HTTP basic access authentication. The username is always +actionmailbox+, and the +# password is read from the application's encrypted credentials or an environment variable. See the Usage section below. +# +# Note that basic authentication is insecure over unencrypted HTTP. An attacker that intercepts cleartext requests to +# the Postfix ingress can learn its password. You should only use the Postfix ingress over HTTPS. +# +# Returns: +# +# - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox +# - <tt>401 Unauthorized</tt> if the request could not be authenticated +# - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from Postfix +# - <tt>415 Unsupported Media Type</tt> if the request does not contain an RFC 822 message +# - <tt>500 Server Error</tt> if the ingress password is not configured, or if one of the Active Record database, +# the Active Storage service, or the Active Job backend is misconfigured or unavailable +# +# == Usage +# +# 1. Tell Action Mailbox to accept emails from Postfix: +# +# # config/environments/production.rb +# config.action_mailbox.ingress = :postfix +# +# 2. Generate a strong password that Action Mailbox can use to authenticate requests to the Postfix ingress. +# +# Use <tt>rails credentials:edit</tt> to add the password to your application's encrypted credentials under +# +action_mailbox.ingress_password+, where Action Mailbox will automatically find it: +# +# action_mailbox: +# ingress_password: ... +# +# Alternatively, provide the password in the +RAILS_INBOUND_EMAIL_PASSWORD+ environment variable. +# +# 3. {Configure Postfix}{https://serverfault.com/questions/258469/how-to-configure-postfix-to-pipe-all-incoming-email-to-a-script} +# to pipe inbound emails to <tt>bin/rails action_mailbox:ingress:postfix</tt>, providing the +URL+ of the Postfix +# ingress and the +INGRESS_PASSWORD+ you previously generated. +# +# If your application lived at <tt>https://example.com</tt>, the full command would look like this: +# +# URL=https://example.com/rails/action_mailbox/postfix/inbound_emails INGRESS_PASSWORD=... bin/rails action_mailbox:ingress:postfix +class ActionMailbox::Ingresses::Postfix::InboundEmailsController < ActionMailbox::BaseController + before_action :authenticate_by_password, :require_valid_rfc822_message + + def create + ActionMailbox::InboundEmail.create_and_extract_message_id! request.body.read + end + + private + def require_valid_rfc822_message + unless request.content_type == "message/rfc822" + head :unsupported_media_type + end + end +end diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb new file mode 100644 index 0000000000..c48abae66c --- /dev/null +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb @@ -0,0 +1,52 @@ +# frozen_string_literal: true + +# Ingests inbound emails from SendGrid. Requires an +email+ parameter containing a full RFC 822 message. +# +# Authenticates requests using HTTP basic access authentication. The username is always +actionmailbox+, and the +# password is read from the application's encrypted credentials or an environment variable. See the Usage section below. +# +# Note that basic authentication is insecure over unencrypted HTTP. An attacker that intercepts cleartext requests to +# the SendGrid ingress can learn its password. You should only use the SendGrid ingress over HTTPS. +# +# Returns: +# +# - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox +# - <tt>401 Unauthorized</tt> if the request's signature could not be validated +# - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from SendGrid +# - <tt>422 Unprocessable Entity</tt> if the request is missing the required +email+ parameter +# - <tt>500 Server Error</tt> if the ingress password is not configured, or if one of the Active Record database, +# the Active Storage service, or the Active Job backend is misconfigured or unavailable +# +# == Usage +# +# 1. Tell Action Mailbox to accept emails from SendGrid: +# +# # config/environments/production.rb +# config.action_mailbox.ingress = :sendgrid +# +# 2. Generate a strong password that Action Mailbox can use to authenticate requests to the SendGrid ingress. +# +# Use <tt>rails credentials:edit</tt> to add the password to your application's encrypted credentials under +# +action_mailbox.ingress_password+, where Action Mailbox will automatically find it: +# +# action_mailbox: +# ingress_password: ... +# +# Alternatively, provide the password in the +RAILS_INBOUND_EMAIL_PASSWORD+ environment variable. +# +# 3. {Configure SendGrid Inbound Parse}{https://sendgrid.com/docs/for-developers/parsing-email/setting-up-the-inbound-parse-webhook/} +# to forward inbound emails to +/rails/action_mailbox/sendgrid/inbound_emails+ with the username +actionmailbox+ and +# the password you previously generated. If your application lived at <tt>https://example.com</tt>, you would +# configure SendGrid with the following fully-qualified URL: +# +# https://actionmailbox:PASSWORD@example.com/rails/action_mailbox/sendgrid/inbound_emails +# +# *NOTE:* When configuring your SendGrid Inbound Parse webhook, be sure to check the box labeled *"Post the raw, +# full MIME message."* Action Mailbox needs the raw MIME message to work. +class ActionMailbox::Ingresses::Sendgrid::InboundEmailsController < ActionMailbox::BaseController + before_action :authenticate_by_password + + def create + ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:email) + end +end diff --git a/actionmailbox/app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb b/actionmailbox/app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb new file mode 100644 index 0000000000..7f7b0e004e --- /dev/null +++ b/actionmailbox/app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +class Rails::Conductor::ActionMailbox::InboundEmailsController < Rails::Conductor::BaseController + def index + @inbound_emails = ActionMailbox::InboundEmail.order(created_at: :desc) + end + + def new + end + + def show + @inbound_email = ActionMailbox::InboundEmail.find(params[:id]) + end + + def create + inbound_email = create_inbound_email(new_mail) + redirect_to main_app.rails_conductor_inbound_email_url(inbound_email) + end + + private + def new_mail + Mail.new params.require(:mail).permit(:from, :to, :cc, :bcc, :in_reply_to, :subject, :body).to_h + end + + def create_inbound_email(mail) + ActionMailbox::InboundEmail.create! raw_email: \ + { io: StringIO.new(mail.to_s), filename: "inbound.eml", content_type: "message/rfc822" } + end +end diff --git a/actionmailbox/app/controllers/rails/conductor/action_mailbox/reroutes_controller.rb b/actionmailbox/app/controllers/rails/conductor/action_mailbox/reroutes_controller.rb new file mode 100644 index 0000000000..c53203049b --- /dev/null +++ b/actionmailbox/app/controllers/rails/conductor/action_mailbox/reroutes_controller.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +# Rerouting will run routing and processing on an email that has already been, or attempted to be, processed. +class Rails::Conductor::ActionMailbox::ReroutesController < Rails::Conductor::BaseController + def create + inbound_email = ActionMailbox::InboundEmail.find(params[:inbound_email_id]) + reroute inbound_email + + redirect_to main_app.rails_conductor_inbound_email_url(inbound_email) + end + + private + def reroute(inbound_email) + inbound_email.pending! + inbound_email.route_later + end +end diff --git a/actionmailbox/app/controllers/rails/conductor/base_controller.rb b/actionmailbox/app/controllers/rails/conductor/base_controller.rb new file mode 100644 index 0000000000..c95a7f3b93 --- /dev/null +++ b/actionmailbox/app/controllers/rails/conductor/base_controller.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +# TODO: Move this to Rails::Conductor gem +class Rails::Conductor::BaseController < ActionController::Base + layout "rails/conductor" + before_action :ensure_development_env + + private + def ensure_development_env + head :forbidden unless Rails.env.development? + end +end diff --git a/actionmailbox/app/jobs/action_mailbox/incineration_job.rb b/actionmailbox/app/jobs/action_mailbox/incineration_job.rb new file mode 100644 index 0000000000..b12ff6f88e --- /dev/null +++ b/actionmailbox/app/jobs/action_mailbox/incineration_job.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# You can configure when this `IncinerationJob` will be run as a time-after-processing using the +# `config.action_mailbox.incinerate_after` or `ActionMailbox.incinerate_after` setting. +# +# Since this incineration is set for the future, it'll automatically ignore any `InboundEmail`s +# that have already been deleted and discard itself if so. +class ActionMailbox::IncinerationJob < ActiveJob::Base + queue_as { ActionMailbox.queues[:incineration] } + + discard_on ActiveRecord::RecordNotFound + + def self.schedule(inbound_email) + set(wait: ActionMailbox.incinerate_after).perform_later(inbound_email) + end + + def perform(inbound_email) + inbound_email.incinerate + end +end diff --git a/actionmailbox/app/jobs/action_mailbox/routing_job.rb b/actionmailbox/app/jobs/action_mailbox/routing_job.rb new file mode 100644 index 0000000000..fc3388daff --- /dev/null +++ b/actionmailbox/app/jobs/action_mailbox/routing_job.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +# Routing a new InboundEmail is an asynchronous operation, which allows the ingress controllers to quickly +# accept new incoming emails without being burdened to hang while they're actually being processed. +class ActionMailbox::RoutingJob < ActiveJob::Base + queue_as { ActionMailbox.queues[:routing] } + + def perform(inbound_email) + inbound_email.route + end +end diff --git a/actionmailbox/app/models/action_mailbox/inbound_email.rb b/actionmailbox/app/models/action_mailbox/inbound_email.rb new file mode 100644 index 0000000000..88df7a929a --- /dev/null +++ b/actionmailbox/app/models/action_mailbox/inbound_email.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require "mail" + +# The `InboundEmail` is an Active Record that keeps a reference to the raw email stored in Active Storage +# and tracks the status of processing. By default, incoming emails will go through the following lifecycle: +# +# * Pending: Just received by one of the ingress controllers and scheduled for routing. +# * Processing: During active processing, while a specific mailbox is running its #process method. +# * Delivered: Successfully processed by the specific mailbox. +# * Failed: An exception was raised during the specific mailbox's execution of the `#process` method. +# * Bounced: Rejected processing by the specific mailbox and bounced to sender. +# +# Once the `InboundEmail` has reached the status of being either `delivered`, `failed`, or `bounced`, +# it'll count as having been `#processed?`. Once processed, the `InboundEmail` will be scheduled for +# automatic incineration at a later point. +# +# When working with an `InboundEmail`, you'll usually interact with the parsed version of the source, +# which is available as a `Mail` object from `#mail`. But you can also access the raw source directly +# using the `#source` method. +# +# Examples: +# +# inbound_email.mail.from # => 'david@loudthinking.com' +# inbound_email.source # Returns the full rfc822 source of the email as text +class ActionMailbox::InboundEmail < ActiveRecord::Base + self.table_name = "action_mailbox_inbound_emails" + + include Incineratable, MessageId, Routable + + has_one_attached :raw_email + enum status: %i[ pending processing delivered failed bounced ] + + def mail + @mail ||= Mail.from_source(source) + end + + def source + @source ||= raw_email.download + end + + def processed? + delivered? || failed? || bounced? + end +end diff --git a/actionmailbox/app/models/action_mailbox/inbound_email/incineratable.rb b/actionmailbox/app/models/action_mailbox/inbound_email/incineratable.rb new file mode 100644 index 0000000000..825e300648 --- /dev/null +++ b/actionmailbox/app/models/action_mailbox/inbound_email/incineratable.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# Ensure that the `InboundEmail` is automatically scheduled for later incineration if the status has been +# changed to `processed`. The later incineration will be invoked at the time specified by the +# `ActionMailbox.incinerate_after` time using the `IncinerationJob`. +module ActionMailbox::InboundEmail::Incineratable + extend ActiveSupport::Concern + + included do + after_update_commit :incinerate_later, if: -> { status_previously_changed? && processed? } + end + + def incinerate_later + ActionMailbox::IncinerationJob.schedule self + end + + def incinerate + Incineration.new(self).run + end +end diff --git a/actionmailbox/app/models/action_mailbox/inbound_email/incineratable/incineration.rb b/actionmailbox/app/models/action_mailbox/inbound_email/incineratable/incineration.rb new file mode 100644 index 0000000000..4656f359bf --- /dev/null +++ b/actionmailbox/app/models/action_mailbox/inbound_email/incineratable/incineration.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +# Command class for carrying out the actual incineration of the `InboundMail` that's been scheduled +# for removal. Before the incineration – which really is just a call to `#destroy!` – is run, we verify +# that it's both eligible (by virtue of having already been processed) and time to do so (that is, +# the `InboundEmail` was processed after the `incinerate_after` time). +class ActionMailbox::InboundEmail::Incineratable::Incineration + def initialize(inbound_email) + @inbound_email = inbound_email + end + + def run + @inbound_email.destroy! if due? && processed? + end + + private + def due? + @inbound_email.updated_at < ActionMailbox.incinerate_after.ago.end_of_day + end + + def processed? + @inbound_email.processed? + end +end diff --git a/actionmailbox/app/models/action_mailbox/inbound_email/message_id.rb b/actionmailbox/app/models/action_mailbox/inbound_email/message_id.rb new file mode 100644 index 0000000000..244a2e439b --- /dev/null +++ b/actionmailbox/app/models/action_mailbox/inbound_email/message_id.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: true + +# The `Message-ID` as specified by rfc822 is supposed to be a unique identifier for that individual email. +# That makes it an ideal tracking token for debugging and forensics, just like `X-Request-Id` does for +# web request. +# +# If an inbound email does not, against the rfc822 mandate, specify a Message-ID, one will be generated +# using the approach from `Mail::MessageIdField`. +module ActionMailbox::InboundEmail::MessageId + extend ActiveSupport::Concern + + included do + before_save :generate_missing_message_id + end + + class_methods do + # Create a new `InboundEmail` from the raw `source` of the email, which be uploaded as a Active Storage + # attachment called `raw_email`. Before the upload, extract the Message-ID from the `source` and set + # it as an attribute on the new `InboundEmail`. + def create_and_extract_message_id!(source, **options) + create! message_id: extract_message_id(source), **options do |inbound_email| + inbound_email.raw_email.attach io: StringIO.new(source), filename: "message.eml", content_type: "message/rfc822" + end + end + + private + def extract_message_id(source) + Mail.from_source(source).message_id rescue nil + end + end + + private + def generate_missing_message_id + self.message_id ||= Mail::MessageIdField.new.message_id.tap do |message_id| + logger.warn "Message-ID couldn't be parsed or is missing. Generated a new Message-ID: #{message_id}" + end + end +end diff --git a/actionmailbox/app/models/action_mailbox/inbound_email/routable.rb b/actionmailbox/app/models/action_mailbox/inbound_email/routable.rb new file mode 100644 index 0000000000..58d67eb20c --- /dev/null +++ b/actionmailbox/app/models/action_mailbox/inbound_email/routable.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +# A newly received `InboundEmail` will not be routed synchronously as part of ingress controller's receival. +# Instead, the routing will be done asynchronously, using a `RoutingJob`, to ensure maximum parallel capacity. +# +# By default, all newly created `InboundEmail` records that have the status of `pending`, which is the default, +# will be scheduled for automatic, deferred routing. +module ActionMailbox::InboundEmail::Routable + extend ActiveSupport::Concern + + included do + after_create_commit :route_later, if: :pending? + end + + # Enqueue a `RoutingJob` for this `InboundEmail`. + def route_later + ActionMailbox::RoutingJob.perform_later self + end + + # Route this `InboundEmail` using the routing rules declared on the `ApplicationMailbox`. + def route + ApplicationMailbox.route self + end +end diff --git a/actionmailbox/app/views/layouts/rails/conductor.html.erb b/actionmailbox/app/views/layouts/rails/conductor.html.erb new file mode 100644 index 0000000000..75157feb78 --- /dev/null +++ b/actionmailbox/app/views/layouts/rails/conductor.html.erb @@ -0,0 +1,7 @@ +<html> +<head> + <title>Rails Conductor: <%= yield :title %></title> +</head> +<body> +<%= yield %> +</html> diff --git a/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/index.html.erb b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/index.html.erb new file mode 100644 index 0000000000..19c53984e2 --- /dev/null +++ b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/index.html.erb @@ -0,0 +1,15 @@ +<% provide :title, "Deliver new inbound email" %> + +<h1>All inbound emails</h1> + +<table> + <tr><th>Message ID</th><th>Status</th></tr> + <% @inbound_emails.each do |inbound_email| %> + <tr> + <td><%= link_to inbound_email.message_id, main_app.rails_conductor_inbound_email_path(inbound_email) %></td> + <td><%= inbound_email.status %></td> + </tr> + <% end %> +</table> + +<%= link_to "Deliver new inbound email", main_app.new_rails_conductor_inbound_email_path %>
\ No newline at end of file diff --git a/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/new.html.erb b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/new.html.erb new file mode 100644 index 0000000000..7f1ec74496 --- /dev/null +++ b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/new.html.erb @@ -0,0 +1,42 @@ +<% provide :title, "Deliver new inbound email" %> + +<h1>Deliver new inbound email</h1> + +<%= form_with(url: main_app.rails_conductor_inbound_emails_path, scope: :mail, local: true) do |form| %> + <div> + <%= form.label :from, "From" %><br> + <%= form.text_field :from %> + </div> + + <div> + <%= form.label :to, "To" %><br> + <%= form.text_field :to %> + </div> + + <div> + <%= form.label :cc, "CC" %><br> + <%= form.text_field :cc %> + </div> + + <div> + <%= form.label :bcc, "BCC" %><br> + <%= form.text_field :bcc %> + </div> + + <div> + <%= form.label :in_reply_to, "In-Reply-To" %><br> + <%= form.text_field :in_reply_to %> + </div> + + <div> + <%= form.label :subject, "Subject" %><br> + <%= form.text_field :subject %> + </div> + + <div> + <%= form.label :body, "Body" %><br> + <%= form.text_area :body, size: "40x20" %> + </div> + + <%= form.submit "Deliver inbound email" %> +<% end %> diff --git a/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/show.html.erb b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/show.html.erb new file mode 100644 index 0000000000..e761904196 --- /dev/null +++ b/actionmailbox/app/views/rails/conductor/action_mailbox/inbound_emails/show.html.erb @@ -0,0 +1,15 @@ +<% provide :title, @inbound_email.message_id %> + +<h1><%= @inbound_email.message_id %>: <%= @inbound_email.status %></h1> + +<ul> + <li><%= button_to "Route again", main_app.rails_conductor_inbound_email_reroute_path(@inbound_email), method: :post %></li> + <li>Incinerate</li> +</ul> + +<details> + <summary>Full email source</summary> + <pre><%= @inbound_email.source %></pre> +</details> + +<%= link_to "Back to all inbound emails", main_app.rails_conductor_inbound_emails_path %>
\ No newline at end of file |