Merge pull request #58 from systemli/Support-Postfix-Recipent-Delimiter

✨ Support Postfix Recipent Delimiter

Author: 0x46616c6b

README.md

@@ -11,6 +11,7 @@ The adapter is configured via environment variables:
 
 - `USERLI_TOKEN`: The token to authenticate against the userli API.
 - `USERLI_BASE_URL`: The base URL of the userli API.
+- `POSTFIX_RECIPIENT_DELIMITER`: The recipient delimiter used in Postfix (e.g., `+`). Default: empty.
 - `SOCKETMAP_LISTEN_ADDR`: The address to listen on for socketmap requests. Default: `:10001`.
 - `METRICS_LISTEN_ADDR`: The address to listen on for metrics. Default: `:10002`.
 

config.go

@@ -14,6 +14,9 @@ type Config struct {
 	// UserliBaseURL is the base URL for the userli service.
 	UserliBaseURL string
 
+	// PostfixRecipientDelimiter is the recipient delimiter used by Postfix.
+	PostfixRecipientDelimiter string
+
 	// SocketmapListenAddr is the address to listen for socketmap requests.
 	SocketmapListenAddr string
 
@@ -55,6 +58,8 @@ func NewConfig() *Config {
 		log.Fatal("USERLI_TOKEN is required")
 	}
 
+	postfixRecipientDelimiter := os.Getenv("POSTFIX_RECIPIENT_DELIMITER")
+
 	socketmapListenAddr := os.Getenv("SOCKETMAP_LISTEN_ADDR")
 	if socketmapListenAddr == "" {
 		socketmapListenAddr = ":10001"
@@ -66,9 +71,10 @@ func NewConfig() *Config {
 	}
 
 	return &Config{
-		UserliBaseURL:       userliBaseURL,
-		UserliToken:         userliToken,
-		SocketmapListenAddr: socketmapListenAddr,
-		MetricsListenAddr:   metricsListenAddr,
+		UserliBaseURL:             userliBaseURL,
+		UserliToken:               userliToken,
+		PostfixRecipientDelimiter: postfixRecipientDelimiter,
+		SocketmapListenAddr:       socketmapListenAddr,
+		MetricsListenAddr:         metricsListenAddr,
 	}
 }

config_test.go

@@ -36,20 +36,23 @@ func (s *ConfigTestSuite) TestNewConfig() {
 
 		s.Equal("token", config.UserliToken)
 		s.Equal("http://localhost:8000", config.UserliBaseURL)
+		s.Equal("", config.PostfixRecipientDelimiter)
 		s.Equal(":10001", config.SocketmapListenAddr)
 		s.Equal(":10002", config.MetricsListenAddr)
 	})
 
 	s.Run("custom config", func() {
 		os.Setenv("USERLI_TOKEN", "token")
 		os.Setenv("USERLI_BASE_URL", "http://example.com")
+		os.Setenv("POSTFIX_RECIPIENT_DELIMITER", "+")
 		os.Setenv("SOCKETMAP_LISTEN_ADDR", ":20001")
 		os.Setenv("METRICS_LISTEN_ADDR", ":20002")
 
 		config := NewConfig()
 
 		s.Equal("token", config.UserliToken)
 		s.Equal("http://example.com", config.UserliBaseURL)
+		s.Equal("+", config.PostfixRecipientDelimiter)
 		s.Equal(":20001", config.SocketmapListenAddr)
 		s.Equal(":20002", config.MetricsListenAddr)
 	})

main.go

@@ -11,7 +11,7 @@ import (
 
 func main() {
 	config := NewConfig()
-	userli := NewUserli(config.UserliToken, config.UserliBaseURL)
+	userli := NewUserli(config.UserliToken, config.UserliBaseURL, WithDelimiter(config.PostfixRecipientDelimiter))
 	socketmapAdapter := NewSocketmapAdapter(userli)
 
 	ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)

userli.go

@@ -5,11 +5,17 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"regexp"
 	"strings"
 	"sync"
 	"time"
+
+	log "github.com/sirupsen/logrus"
 )
 
+// validLocalPartRegex validates that the local part only contains allowed characters: a-z, 0-9, -, _, .
+var validLocalPartRegex = regexp.MustCompile(`^[a-z0-9\-_.]*$`)
+
 type UserliService interface {
 	GetAliases(ctx context.Context, email string) ([]string, error)
 	GetDomain(ctx context.Context, domain string) (bool, error)
@@ -18,8 +24,9 @@ type UserliService interface {
 }
 
 type Userli struct {
-	token   string
-	baseURL string
+	token     string
+	baseURL   string
+	delimiter string
 
 	mu     sync.RWMutex // Protects Client field
 	Client *http.Client
@@ -49,6 +56,14 @@ func WithTransport(transport *http.Transport) Option {
 	}
 }
 
+func WithDelimiter(delimiter string) Option {
+	return func(u *Userli) {
+		u.mu.Lock()
+		defer u.mu.Unlock()
+		u.delimiter = delimiter
+	}
+}
+
 // WithTimeout sets a custom timeout (creates a new client with the specified timeout, thread-safe)
 func WithTimeout(timeout time.Duration) Option {
 	return func(u *Userli) {
@@ -113,11 +128,13 @@ func NewUserli(token, baseURL string, opts ...Option) *Userli {
 }
 
 func (u *Userli) GetAliases(ctx context.Context, email string) ([]string, error) {
-	if !strings.Contains(email, "@") {
-		return []string{}, nil
+	sanitizedEmail, err := u.sanitizeEmail(email)
+	if err != nil {
+		log.WithError(err).WithField("email", email).Info("unable to process the alias")
+		return []string{}, err
 	}
 
-	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/alias/%s", u.baseURL, email))
+	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/alias/%s", u.baseURL, sanitizedEmail))
 	if err != nil {
 		return []string{}, err
 	}
@@ -135,6 +152,7 @@ func (u *Userli) GetAliases(ctx context.Context, email string) ([]string, error)
 func (u *Userli) GetDomain(ctx context.Context, domain string) (bool, error) {
 	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/domain/%s", u.baseURL, domain))
 	if err != nil {
+		log.WithError(err).WithField("domain", domain).Info("unable to process the domain")
 		return false, err
 	}
 	defer resp.Body.Close()
@@ -149,11 +167,13 @@ func (u *Userli) GetDomain(ctx context.Context, domain string) (bool, error) {
 }
 
 func (u *Userli) GetMailbox(ctx context.Context, email string) (bool, error) {
-	if !strings.Contains(email, "@") {
-		return false, nil
+	sanitizedEmail, err := u.sanitizeEmail(email)
+	if err != nil {
+		log.WithError(err).WithField("email", email).Info("unable to process the mailbox")
+		return false, err
 	}
 
-	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/mailbox/%s", u.baseURL, email))
+	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/mailbox/%s", u.baseURL, sanitizedEmail))
 	if err != nil {
 		return false, err
 	}
@@ -169,11 +189,13 @@ func (u *Userli) GetMailbox(ctx context.Context, email string) (bool, error) {
 }
 
 func (u *Userli) GetSenders(ctx context.Context, email string) ([]string, error) {
-	if !strings.Contains(email, "@") {
-		return []string{}, nil
+	sanitizedEmail, err := u.sanitizeEmail(email)
+	if err != nil {
+		log.WithError(err).WithField("email", email).Info("unable to process the senders")
+		return []string{}, err
 	}
 
-	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/senders/%s", u.baseURL, email))
+	resp, err := u.call(ctx, fmt.Sprintf("%s/api/postfix/senders/%s", u.baseURL, sanitizedEmail))
 	if err != nil {
 		return []string{}, err
 	}
@@ -244,3 +266,46 @@ func (u *Userli) call(ctx context.Context, url string) (*http.Response, error) {
 
 	return resp, nil
 }
+
+func (u *Userli) sanitizeEmail(email string) (string, error) {
+	// Normalize email: lowercase and remove whitespace
+	email = strings.ToLower(email)
+	email = strings.TrimSpace(email)
+
+	// Remove all non-visible characters (control characters, zero-width spaces, etc.)
+	email = strings.TrimFunc(email, func(r rune) bool {
+		return r < 33 || r == 127 || // ASCII control characters
+			r == 0x200B || // Zero-width space
+			r == 0x200C || // Zero-width non-joiner
+			r == 0x200D || // Zero-width joiner
+			r == 0xFEFF // Zero-width no-break space (BOM)
+	})
+
+	// Split email by @
+	parts := strings.Split(email, "@")
+	if len(parts) != 2 {
+		return "", fmt.Errorf("invalid email format: %s", email)
+	}
+
+	localPart := parts[0]
+	domain := parts[1]
+
+	// Remove recipient delimiter from local part if configured
+	if u.delimiter != "" {
+		if idx := strings.Index(localPart, u.delimiter); idx != -1 {
+			localPart = localPart[:idx]
+		}
+	}
+
+	// Validate local part matches allowed pattern
+	if !validLocalPartRegex.MatchString(localPart) {
+		return "", fmt.Errorf("invalid local part: %s", localPart)
+	}
+
+	// Validate that local part is not empty
+	if localPart == "" {
+		return "", fmt.Errorf("invalid email format: empty local part after sanitization")
+	}
+
+	return fmt.Sprintf("%s@%s", localPart, domain), nil
+}