feat: Allow app services to send marketing emails (#4320)

Preserve mail server used for transactional emails from spam detection
by allowing webapps to send marketing emails via a dedicated mail
server.

cmd/serve.go

@@ -89,6 +89,9 @@ example), you can use the --appdir flag like this:
 			cfg.Mail.NativeTLS = false
 			cfg.Mail.DisableTLS = true
 			cfg.Mail.Port = 1025
+			cfg.CampaignMail.NativeTLS = false
+			cfg.CampaignMail.DisableTLS = true
+			cfg.CampaignMail.Port = 1025
 		}
 
 		processes, services, err := stack.Start()

cozy.example.yaml

@@ -234,6 +234,45 @@ mail:
       username: {{.Env.COZY_BETA_MAIL_USERNAME}}
       password: {{.Env.COZY_BETA_MAIL_PASSWORD}}
 
+# campaign mail service parameters for sending campaign emails via SMTP
+# If campaign_mail.host is empty, the default mail config will be used.
+campaign_mail:
+  # SMTP server host
+  # Defaults to empty string
+  host: smtp.home
+  # SMTP server port
+  # Defaults to 25
+  port: 587
+  # SMTP server username
+  # Defaults to empty string
+  username: {{.Env.COZY_MAIL_USERNAME}}
+  # SMTP server password
+  # Defaults to empty string
+  password: {{.Env.COZY_MAIL_PASSWORD}}
+  # Use SSL connection (SMTPS)
+  # Means no STARTTLS
+  # Defaults to false
+  use_ssl: false
+  # Disable STARTTLS for SMTP server
+  # Means using plain unencrypted SMTP
+  # Defaults to true
+  disable_tls: false
+  # Skip the certificate validation (may be useful on localhost)
+  # Defaults to false
+  skip_certificate_validation: false
+  # Local Name
+  # The hostname sent to the SMTP server with the HELO command
+  # Defaults to empty string
+  local_name: cozy.domain.example
+  # It is also possible to override the campaign mail config per context.
+  contexts:
+    beta:
+      # If the host is set to "-", no mail will be sent on this context
+      host: smtp.cozy.beta
+      port: 587
+      username: {{.Env.COZY_BETA_MAIL_USERNAME}}
+      password: {{.Env.COZY_BETA_MAIL_PASSWORD}}
+
 # location of the database for IP -> City lookups - flags: --geodb
 # See https://dev.maxmind.com/geoip/geoip2/geolite2/
 geodb: ""

docs/jobs.md

@@ -458,6 +458,66 @@ Content-Type: application/vnd.api+json
 HTTP/1.1 204 No Content
 ```
 
+### POST /jobs/campaign-emails
+
+Send a non transactional (or campaign) email to the user via the dedicated
+campaign mail server (configured via `campaign_mail` attributes in the config
+file, or overwritten by context with `campaign_mail.contexts.<name>`
+attributes).
+
+Both the subject and at least one part are required.
+
+#### Request
+
+```http
+POST /jobs/campaign-emails HTTP/1.1
+Content-Type: application/vnd.api+json
+```
+
+```json
+{
+  "data": {
+    "attributes": {
+      "arguments": {
+        "subject": "Checkout the new cool stuff!",
+        "parts": [
+          {
+            "body": "So many new features to check out!",
+            "type": "text/plain"
+          }
+        ]
+      }
+    }
+  }
+}
+```
+
+#### Response
+
+```http
+HTTP/1.1 204 No Content
+```
+
+#### Permissions
+
+To use this endpoint, an application needs a permission on the type
+`io.cozy.jobs` for the verb `POST` and the `sendmail` worker.
+This can be defined like so:
+
+```json
+{
+  "permissions": {
+    "campaign-emails": {
+      "description": "Required to send campaign emails to the user",
+      "type": "io.cozy.jobs",
+      "verbs": ["POST"],
+      "selector": "worker",
+      "values": ["sendmail"]
+    }
+  }
+}
+```
+
 ### GET /jobs/queue/:worker-type
 
 List the jobs in the queue.

docs/workers.md

@@ -194,6 +194,11 @@ file at the root of this repository.
     -   `from` to send a mail from the user
     -   `support` to send both an email to the support and a confirmation to
         the user
+    -   `campaign` to send a non transactional email to the user via an SMTP
+        server using the following configurations, in order of priority:
+        1. `campaign_mail.contexts.<context name>` if defined
+        2. `campaign_mail` otherwise
+        3. `mail` as the final fallback
 -   `to`: list of object `{name, email}` representing the addresses of the
     recipients. (should not be used in `noreply` mode)
 -   `subject`: string specifying the subject of the mail

model/instance/lifecycle/magic_link.go

@@ -28,7 +28,7 @@ func SendMagicLink(inst *instance.Instance, redirect string) error {
 		"redirect": []string{redirect},
 	})
 	publicName, _ := csettings.PublicName(inst)
-	return emailer.SendEmail(inst, &emailer.SendEmailCmd{
+	return emailer.SendEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "magic_link",
 		TemplateValues: map[string]interface{}{
 			"MagicLink":  link,

model/instance/lifecycle/passphrase.go

@@ -81,7 +81,7 @@ func SendHint(inst *instance.Instance) error {
 	if err != nil {
 		return err
 	}
-	return emailer.SendEmail(inst, &emailer.SendEmailCmd{
+	return emailer.SendEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "passphrase_hint",
 		TemplateValues: map[string]interface{}{
 			"BaseURL":    inst.PageURL("/", nil),
@@ -125,7 +125,7 @@ func RequestPassphraseReset(inst *instance.Instance, from string) error {
 	if err != nil {
 		return err
 	}
-	return emailer.SendEmail(inst, &emailer.SendEmailCmd{
+	return emailer.SendEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "passphrase_reset",
 		TemplateValues: map[string]interface{}{
 			"BaseURL":             inst.PageURL("/", nil),

model/instance/lifecycle/two_factor_auth.go

@@ -12,7 +12,7 @@ func SendTwoFactorPasscode(inst *instance.Instance) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	err = emailer.SendEmail(inst, &emailer.SendEmailCmd{
+	err = emailer.SendEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName:   "two_factor",
 		TemplateValues: map[string]interface{}{"TwoFactorPasscode": passcode},
 	})
@@ -29,7 +29,7 @@ func SendMailConfirmationCode(inst *instance.Instance) error {
 	if err != nil {
 		return err
 	}
-	return emailer.SendEmail(inst, &emailer.SendEmailCmd{
+	return emailer.SendEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName:   "two_factor_mail_confirmation",
 		TemplateValues: map[string]interface{}{"TwoFactorActivationPasscode": passcode},
 	})

model/session/login_history.go

@@ -226,7 +226,7 @@ func sendLoginNotification(i *instance.Instance, l *LoginEntry) error {
 		"ActivateTwoFALink":    activateTwoFALink,
 	}
 
-	return emailer.SendEmail(i, &emailer.SendEmailCmd{
+	return emailer.SendEmail(i, &emailer.TransactionalEmailCmd{
 		TemplateName:   "new_connection",
 		TemplateValues: templateValues,
 	})
@@ -244,7 +244,7 @@ func SendNewRegistrationNotification(i *instance.Instance, clientRegistrationID
 		"RevokeLink":  revokeLink.String(),
 	}
 
-	return emailer.SendEmail(i, &emailer.SendEmailCmd{
+	return emailer.SendEmail(i, &emailer.TransactionalEmailCmd{
 		TemplateName:   "new_registration",
 		TemplateValues: templateValues,
 	})

model/settings/service.go

@@ -124,7 +124,7 @@ func (s *SettingsService) StartEmailUpdate(inst *instance.Instance, cmd *UpdateE
 		"token": []string{token},
 	})
 
-	err = s.emailer.SendPendingEmail(inst, &emailer.SendEmailCmd{
+	err = s.emailer.SendPendingEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "update_email",
 		TemplateValues: map[string]interface{}{
 			"PublicName":      publicName,
@@ -164,7 +164,7 @@ func (s *SettingsService) ResendEmailUpdate(inst *instance.Instance) error {
 		"token": []string{token},
 	})
 
-	err = s.emailer.SendPendingEmail(inst, &emailer.SendEmailCmd{
+	err = s.emailer.SendPendingEmail(inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "update_email",
 		TemplateValues: map[string]interface{}{
 			"PublicName":      publicName,

model/settings/service_test.go

@@ -51,7 +51,7 @@ func Test_StartEmailUpdate_success(t *testing.T) {
 		},
 	}).Return(nil).Once()
 
-	emailerSvc.On("SendPendingEmail", &inst, &emailer.SendEmailCmd{
+	emailerSvc.On("SendPendingEmail", &inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "update_email",
 		TemplateValues: map[string]interface{}{
 			"PublicName":      "Jane Doe",
@@ -122,7 +122,7 @@ func Test_StartEmailUpdate_with_a_missing_public_name(t *testing.T) {
 		},
 	}).Return(nil).Once()
 
-	emailerSvc.On("SendPendingEmail", &inst, &emailer.SendEmailCmd{
+	emailerSvc.On("SendPendingEmail", &inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "update_email",
 		TemplateValues: map[string]interface{}{
 			"PublicName":      "foo", // Change here
@@ -310,7 +310,7 @@ func Test_ResendEmailUpdate_success(t *testing.T) {
 	tokenSvc.On("GenerateAndSave", &inst, token.EmailUpdate, "foo.mycozy.cloud", TokenExpiration).
 		Return("some-token", nil).Once()
 
-	emailerSvc.On("SendPendingEmail", &inst, &emailer.SendEmailCmd{
+	emailerSvc.On("SendPendingEmail", &inst, &emailer.TransactionalEmailCmd{
 		TemplateName: "update_email",
 		TemplateValues: map[string]interface{}{
 			"PublicName":      "Jane Doe",

model/stack/main.go

@@ -50,6 +50,7 @@ func (g gopAgent) Shutdown(ctx context.Context) error {
 }
 
 type Services struct {
+	Emailer  emailer.Emailer
 	Settings settings.Service
 }
 
@@ -111,6 +112,7 @@ security features. Please do not use this binary as your production server.
 	clouderySvc := cloudery.Init(config.GetConfig().Clouderies)
 
 	services := Services{
+		Emailer:  emailerSvc,
 		Settings: settings.Init(emailerSvc, instanceSvc, tokenSvc, clouderySvc),
 	}
 

pkg/config/config/config.go

@@ -114,17 +114,19 @@ type Config struct {
 	RemoteAssets   map[string]string
 	DeprecatedApps DeprecatedAppsCfg
 
-	Avatars        *avatar.Service
-	Fs             Fs
-	Keyring        keyring.Keyring
-	CouchDB        CouchDB
-	Jobs           Jobs
-	Konnectors     Konnectors
-	Mail           *gomail.DialerOptions
-	MailPerContext map[string]interface{}
-	Move           Move
-	Notifications  Notifications
-	Flagship       Flagship
+	Avatars                *avatar.Service
+	Fs                     Fs
+	Keyring                keyring.Keyring
+	CouchDB                CouchDB
+	Jobs                   Jobs
+	Konnectors             Konnectors
+	Mail                   *gomail.DialerOptions
+	MailPerContext         map[string]interface{}
+	CampaignMail           *gomail.DialerOptions
+	CampaignMailPerContext map[string]interface{}
+	Move                   Move
+	Notifications          Notifications
+	Flagship               Flagship
 
 	Lock              lock.Getter
 	Limiter           *limits.RateLimiter
@@ -756,6 +758,47 @@ func UseViper(v *viper.Viper) error {
 		return fmt.Errorf("failed to setup the keyring: %w", err)
 	}
 
+	// Setup default SMTP server
+	mail := &gomail.DialerOptions{
+		Host:                      v.GetString("mail.host"),
+		Port:                      v.GetInt("mail.port"),
+		Username:                  v.GetString("mail.username"),
+		Password:                  v.GetString("mail.password"),
+		NativeTLS:                 v.GetBool("mail.use_ssl"),
+		DisableTLS:                v.GetBool("mail.disable_tls"),
+		SkipCertificateValidation: v.GetBool("mail.skip_certificate_validation"),
+		LocalName:                 v.GetString("mail.local_name"),
+	}
+
+	// Setup campaign mail SMTP server
+	var campaignMail *gomail.DialerOptions
+	if host := v.GetString("campaign_mail.host"); host != "" {
+		viper.SetDefault("campaign_mail.port", 25)
+		viper.SetDefault("campaign_mail.disable_tls", true)
+
+		campaignMail = &gomail.DialerOptions{
+			Host:                      host,
+			Port:                      v.GetInt("campaign_mail.port"),
+			Username:                  v.GetString("campaign_mail.username"),
+			Password:                  v.GetString("campaign_mail.password"),
+			NativeTLS:                 v.GetBool("campaign_mail.use_ssl"),
+			DisableTLS:                v.GetBool("campaign_mail.disable_tls"),
+			SkipCertificateValidation: v.GetBool("campaign_mail.skip_certificate_validation"),
+			LocalName:                 v.GetString("campaign_mail.local_name"),
+		}
+	} else {
+		campaignMail = &gomail.DialerOptions{
+			Host:                      mail.Host,
+			Port:                      mail.Port,
+			Username:                  mail.Username,
+			Password:                  mail.Password,
+			NativeTLS:                 mail.NativeTLS,
+			DisableTLS:                mail.DisableTLS,
+			SkipCertificateValidation: mail.SkipCertificateValidation,
+			LocalName:                 mail.LocalName,
+		}
+	}
+
 	config = &Config{
 		Host: v.GetString("host"),
 		Port: v.GetInt("port"),
@@ -822,28 +865,21 @@ func UseViper(v *viper.Viper) error {
 			PlayIntegrityVerificationKeys: v.GetStringSlice("flagship.play_integrity_verification_keys"),
 			AppleAppIDs:                   v.GetStringSlice("flagship.apple_app_ids"),
 		},
-		Lock:              lock.New(lockRedis),
-		SessionStorage:    sessionsRedis,
-		DownloadStorage:   downloadRedis,
-		Limiter:           limits.NewRateLimiter(rateLimitingRedis),
-		OauthStateStorage: oauthStateRedis,
-		Realtime:          realtimeRedis,
-		CacheStorage:      cacheStorage,
-		Mail: &gomail.DialerOptions{
-			Host:                      v.GetString("mail.host"),
-			Port:                      v.GetInt("mail.port"),
-			Username:                  v.GetString("mail.username"),
-			Password:                  v.GetString("mail.password"),
-			NativeTLS:                 v.GetBool("mail.use_ssl"),
-			DisableTLS:                v.GetBool("mail.disable_tls"),
-			SkipCertificateValidation: v.GetBool("mail.skip_certificate_validation"),
-			LocalName:                 v.GetString("mail.local_name"),
-		},
-		MailPerContext: v.GetStringMap("mail.contexts"),
-		Contexts:       v.GetStringMap("contexts"),
-		Authentication: v.GetStringMap("authentication"),
-		Office:         office,
-		Registries:     regs,
+		Lock:                   lock.New(lockRedis),
+		SessionStorage:         sessionsRedis,
+		DownloadStorage:        downloadRedis,
+		Limiter:                limits.NewRateLimiter(rateLimitingRedis),
+		OauthStateStorage:      oauthStateRedis,
+		Realtime:               realtimeRedis,
+		CacheStorage:           cacheStorage,
+		Mail:                   mail,
+		MailPerContext:         v.GetStringMap("mail.contexts"),
+		CampaignMail:           campaignMail,
+		CampaignMailPerContext: v.GetStringMap("campaign_mail.contexts"),
+		Contexts:               v.GetStringMap("contexts"),
+		Authentication:         v.GetStringMap("authentication"),
+		Office:                 office,
+		Registries:             regs,
 
 		CSPAllowList:  cspAllowList,
 		CSPPerContext: cspPerContext,