feat: add ENABLE_CHECK_JUNK_MAIL (#469)

2026-05-11 18:10:01 +08:00 · 2024-11-07 00:58:15 +08:00
parent 49b3f10838
commit ddfa2c5d03
9 changed files with 72 additions and 2 deletions
--- a/worker/src/admin_api/worker_config.ts
+++ b/worker/src/admin_api/worker_config.ts
@@ -40,7 +40,8 @@ export default {
            "S3_ENABLED": isS3Enabled(c),
            "VERSION": CONSTANTS.VERSION,
            "DISABLE_SHOW_GITHUB": !getBooleanValue(c.env.DISABLE_SHOW_GITHUB),
-            "DISABLE_ADMIN_PASSWORD_CHECK": getBooleanValue(c.env.DISABLE_ADMIN_PASSWORD_CHECK)
+            "DISABLE_ADMIN_PASSWORD_CHECK": getBooleanValue(c.env.DISABLE_ADMIN_PASSWORD_CHECK),
+            "ENABLE_CHECK_JUNK_MAIL": getBooleanValue(c.env.ENABLE_CHECK_JUNK_MAIL),
        })
    }
 }
--- a/worker/src/common.ts
+++ b/worker/src/common.ts
@@ -260,7 +260,8 @@ export const commonParseMail = async (raw_mail: string | undefined | null): Prom
    sender: string,
    subject: string,
    text: string,
-    html: string
+    html: string,
+    headers?: Record<string, string>[]
 } | undefined> => {
    if (!raw_mail) {
        return undefined;
@@ -287,6 +288,7 @@ export const commonParseMail = async (raw_mail: string | undefined | null): Prom
            subject: parsedEmail.subject || "",
            text: parsedEmail.text || "",
            html: parsedEmail.html || "",
+            headers: parsedEmail.headers || [],
        };
    }
    catch (e) {
--- a/worker/src/email/check_junk.ts
+++ b/worker/src/email/check_junk.ts
@@ -0,0 +1,44 @@
+import { Bindings } from "../types";
+import { getBooleanValue } from "../utils";
+import { commonParseMail } from "../common";
+
+export const check_if_junk_mail = async (
+    env: Bindings, address: string,
+    raw_mail: string, message_id: string | null
+): Promise<boolean> => {
+    if (!getBooleanValue(env.ENABLE_CHECK_JUNK_MAIL)) {
+        return false;
+    }
+    const parsedEmail = await commonParseMail(raw_mail);
+    if (!parsedEmail?.headers) return false;
+    const headers = parsedEmail.headers;
+    for (const header of headers) {
+        if (!header["key"]) continue;
+        if (!header["value"]) continue;
+
+        // check spf
+        if (header["key"].toLowerCase() == "received-spf"
+            &&
+            !header["value"].toLowerCase().includes("pass")
+        ) {
+            return true;
+        }
+
+        // check dkim and dmarc
+        if (header["key"].toLowerCase() == "authentication-results") {
+            if (header["value"].toLowerCase().includes("dkim=")
+                &&
+                !header["value"].toLowerCase().includes("dkim=pass")
+            ) {
+                return true;
+            }
+            if (header["value"].toLowerCase().includes("dmarc=")
+                &&
+                !header["value"].toLowerCase().includes("dmarc=pass")
+            ) {
+                return true;
+            }
+        }
+    }
+    return false;
+}
--- a/worker/src/email/index.ts
+++ b/worker/src/email/index.ts
@@ -6,6 +6,7 @@ import { Bindings, HonoCustomType } from "../types";
 import { auto_reply } from "./auto_reply";
 import { isBlocked } from "./black_list";
 import { triggerWebhook } from "../common";
+import { check_if_junk_mail } from "./check_junk";


 async function email(message: ForwardableEmailMessage, env: Bindings, ctx: ExecutionContext) {
@@ -15,6 +16,19 @@ async function email(message: ForwardableEmailMessage, env: Bindings, ctx: Execu
        return;
    }
    const rawEmail = await new Response(message.raw).text();
+
+    // check if junk mail
+    try {
+        const is_junk = await check_if_junk_mail(env, message.to, rawEmail, message.headers.get("Message-ID"));
+        if (is_junk) {
+            message.setReject("Junk mail");
+            console.log(`Junk mail from ${message.from} to ${message.to}`);
+            return;
+        }
+    } catch (error) {
+        console.log("check junk mail error", error);
+    }
+
    const message_id = message.headers.get("Message-ID");
    // save email
    const { success } = await env.DB.prepare(
--- a/worker/src/types.d.ts
+++ b/worker/src/types.d.ts
@@ -42,6 +42,8 @@ export type Bindings = {
    DISABLE_SHOW_GITHUB: string | boolean | undefined
    FORWARD_ADDRESS_LIST: string | string[] | undefined

+    ENABLE_CHECK_JUNK_MAIL: string | boolean | undefined
+
    // s3 config
    S3_ENDPOINT: string | undefined
    S3_ACCESS_KEY_ID: string | undefined
--- a/worker/wrangler.toml.template
+++ b/worker/wrangler.toml.template
@@ -72,6 +72,8 @@ ENABLE_AUTO_REPLY = false
 # FORWARD_ADDRESS_LIST = ["xxx@xxx.com"]
 # Frontend URL
 # FRONTEND_URL = "https://xxxx.xxx"
+# Enable check junk mail
+# ENABLE_CHECK_JUNK_MAIL = false

 [[d1_databases]]
 binding = "DB"