feat: |UI| add JUNK_MAIL_FORCE_PASS_LIST (#539)

dreamhunter2333 · Dec 30, 2024 · c964d77 · c964d77
1 parent 8a03d3e
commit c964d77
Show file tree

Hide file tree

Showing 7 changed files with 37 additions and 18 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@
 
 - feat: |Github Action| 增加自动更新并部署功能
 - feat: |UI| admin 用户设置，支持 oauth2 配置的删除
+- feat: 增加垃圾邮件检测必须通过的列表 `JUNK_MAIL_FORCE_PASS_LIST` 配置
 
 ## v0.8.2
 

diff --git a/vitepress-docs/docs/en/cli.md b/vitepress-docs/docs/en/cli.md
@@ -132,6 +132,8 @@ ENABLE_AUTO_REPLY = false
 # FRONTEND_URL = "https://xxxx.xxx"
 # Enable check junk mail
 # ENABLE_CHECK_JUNK_MAIL = false
+# junk mail force check pass list, if no status or status is not pass, will be marked as junk mail
+# JUNK_MAIL_FORCE_PASS_LIST = ["spf", "dkim", "dmarc"]
 
 [[d1_databases]]
 binding = "DB"

diff --git a/vitepress-docs/docs/zh/guide/cli/worker.md b/vitepress-docs/docs/zh/guide/cli/worker.md
@@ -102,8 +102,10 @@ ENABLE_AUTO_REPLY = false
 # FORWARD_ADDRESS_LIST = ["[email protected]"]
 # 前端地址，用于发送 webhook 的邮件 url
 # FRONTEND_URL = "https://xxxx.xxx"
-# 是否启用垃圾邮件检查
+# 是否启用垃圾邮件检查，默认任何一项存在配置且不通过则被判定为垃圾邮件
 # ENABLE_CHECK_JUNK_MAIL = false
+# 垃圾邮件检查配置, 任何一项不存在或者不通过则被判定为垃圾邮件
+# JUNK_MAIL_FORCE_PASS_LIST = ["spf", "dkim", "dmarc"]
 
 # D1 数据库的名称和 ID 可以在 cloudflare 控制台查看
 [[d1_databases]]

diff --git a/worker/src/admin_api/worker_config.ts b/worker/src/admin_api/worker_config.ts
@@ -42,6 +42,7 @@ export default {
             "DISABLE_SHOW_GITHUB": !getBooleanValue(c.env.DISABLE_SHOW_GITHUB),
             "DISABLE_ADMIN_PASSWORD_CHECK": getBooleanValue(c.env.DISABLE_ADMIN_PASSWORD_CHECK),
             "ENABLE_CHECK_JUNK_MAIL": getBooleanValue(c.env.ENABLE_CHECK_JUNK_MAIL),
+            "JUNK_MAIL_FORCE_PASS_LIST": getStringArray(c.env.JUNK_MAIL_FORCE_PASS_LIST),
         })
     }
 }
diff --git a/worker/src/email/check_junk.ts b/worker/src/email/check_junk.ts
@@ -1,5 +1,5 @@
 import { Bindings } from "../types";
-import { getBooleanValue } from "../utils";
+import { getBooleanValue, getStringArray } from "../utils";
 import { commonParseMail } from "../common";
 
 export const check_if_junk_mail = async (
@@ -11,34 +11,44 @@ export const check_if_junk_mail = async (
     }
     const parsedEmail = await commonParseMail(raw_mail);
     if (!parsedEmail?.headers) return false;
+
+    const forcePassList = getStringArray(env.JUNK_MAIL_FORCE_PASS_LIST);
+    const passedList: string[] = [];
+
     const headers = parsedEmail.headers;
     for (const header of headers) {
         if (!header["key"]) continue;
         if (!header["value"]) continue;
 
         // check spf
-        if (header["key"].toLowerCase() == "received-spf"
-            &&
-            !header["value"].toLowerCase().includes("pass")
-        ) {
-            return true;
+        if (header["key"].toLowerCase() == "received-spf") {
+            if (!header["value"].toLowerCase().includes("pass")) {
+                return true;
+            }
+            passedList.push("spf");
         }
 
         // check dkim and dmarc
         if (header["key"].toLowerCase() == "authentication-results") {
-            if (header["value"].toLowerCase().includes("dkim=")
-                &&
-                !header["value"].toLowerCase().includes("dkim=pass")
-            ) {
-                return true;
+            if (header["value"].toLowerCase().includes("dkim=")) {
+                if (!header["value"].toLowerCase().includes("dkim=pass")) {
+                    return true;
+                }
+                passedList.push("dkim");
             }
-            if (header["value"].toLowerCase().includes("dmarc=")
-                &&
-                !header["value"].toLowerCase().includes("dmarc=pass")
-            ) {
-                return true;
+            if (header["value"].toLowerCase().includes("dmarc=")) {
+                if (!header["value"].toLowerCase().includes("dmarc=pass")) {
+                    return true;
+                }
+                passedList.push("dmarc");
             }
         }
     }
-    return false;
+
+    if (forcePassList?.length == 0) return false;
+
+    // check force pass list
+    return forcePassList.some(
+        (checkName) => !passedList.includes(checkName.toLowerCase())
+    );
 }
diff --git a/worker/src/types.d.ts b/worker/src/types.d.ts
@@ -43,6 +43,7 @@ export type Bindings = {
     FORWARD_ADDRESS_LIST: string | string[] | undefined
 
     ENABLE_CHECK_JUNK_MAIL: string | boolean | undefined
+    JUNK_MAIL_FORCE_PASS_LIST: string | string[] | undefined
 
     // s3 config
     S3_ENDPOINT: string | undefined

diff --git a/worker/wrangler.toml.template b/worker/wrangler.toml.template
@@ -74,6 +74,8 @@ ENABLE_AUTO_REPLY = false
 # FRONTEND_URL = "https://xxxx.xxx"
 # Enable check junk mail
 # ENABLE_CHECK_JUNK_MAIL = false
+# junk mail force check pass list, if no status or status is not pass, will be marked as junk mail
+# JUNK_MAIL_FORCE_PASS_LIST = ["spf", "dkim", "dmarc"]
 
 [[d1_databases]]
 binding = "DB"