initial commit from appmail

config/initializers/application_controller_renderer.rb

@@ -0,0 +1,6 @@
+# Be sure to restart your server when you modify this file.
+
+# ApplicationController.renderer.defaults.merge!(
+#   http_host: 'example.org',
+#   https: false
+# )

config/initializers/assets.rb

@@ -0,0 +1,11 @@
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+Rails.application.config.assets.version = '1.0'
+
+# Add additional assets to the asset load path
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+# Rails.application.config.assets.precompile += %w( search.js )

config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

config/initializers/cookies_serializer.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Specify a serializer for the signed and encrypted cookie jars.
+# Valid options are :json, :marshal, and :hybrid.
+Rails.application.config.action_dispatch.cookies_serializer = :json

config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password]

config/initializers/inflections.rb

@@ -0,0 +1,23 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+ActiveSupport::Inflector.inflections(:en) do |inflect|
+  inflect.acronym 'API'
+  inflect.acronym 'SMTP'
+  inflect.acronym 'IP'
+  inflect.acronym 'DNS'
+  inflect.acronym 'UUID'
+  inflect.acronym 'HTTP'
+  inflect.acronym 'DB'
+  inflect.acronym 'DKIM'
+end

config/initializers/mail_extensions.rb

@@ -0,0 +1,111 @@
+require 'mail'
+module Mail
+  module Encodings
+    # Handle windows-1258 as windows-1252 when decoding
+    def Encodings.q_value_decode(str)
+      str = str.sub(/\=\?windows-?1258\?/i, '\=?windows-1252?')
+      RubyVer.q_value_decode(str)
+    end
+    def Encodings.b_value_decode(str)
+      str = str.sub(/\=\?windows-?1258\?/i, '\=?windows-1252?')
+      RubyVer.b_value_decode(str)
+    end
+  end
+
+  class Message
+    ## Extract plain text body of message
+    def plain_body
+      if self.multipart? and self.text_part
+        self.text_part.decoded
+      elsif self.mime_type == 'text/plain' || self.mime_type.nil?
+        self.decoded
+      else
+        nil
+      end
+    end
+
+    ## Extract HTML text body of message
+    def html_body
+      if self.multipart? and self.html_part
+        self.html_part.decoded
+      elsif self.mime_type == 'text/html'
+        self.decoded
+      else
+        nil
+      end
+    end
+
+    private
+
+    ## Fix bug in basic parsing
+    def parse_message
+      self.header, self.body = raw_source.split(/\r?\n\r?\n/m, 2)
+    end
+
+    # Handle attached emails as attachments
+    # Returns the filename of the attachment (if it exists) or returns nil
+    # Make up a filename for rfc822 attachments if it isn't specified
+    def find_attachment
+      content_type_name = header[:content_type].filename rescue nil
+      content_disp_name = header[:content_disposition].filename rescue nil
+      content_loc_name = header[:content_location].location rescue nil
+
+      if content_type && content_type_name
+        filename = content_type_name
+      elsif content_disposition && content_disp_name
+        filename = content_disp_name
+      elsif content_location && content_loc_name
+        filename = content_loc_name
+      elsif self.mime_type == "message/rfc822"
+        filename = "#{rand(100000000)}.eml"
+      else
+        filename = nil
+      end
+
+      if filename
+        # Normal decode
+        filename = Mail::Encodings.decode_encode(filename, :decode) rescue filename
+      end
+      filename
+    end
+
+    def decode_body_as_text
+      body_text = decode_body
+      charset_tmp = Encoding.find(Ruby19.pick_encoding(charset)) rescue 'ASCII'
+      charset_tmp = 'Windows-1252' if charset_tmp.to_s =~ /windows-?1258/i
+      if charset_tmp == Encoding.find('UTF-7')
+        body_text.force_encoding('UTF-8')
+        decoded = body_text.gsub(/\+.*?\-/m) {|n|Base64.decode64(n[1..-2]+'===').force_encoding('UTF-16BE').encode('UTF-8')}
+      else
+        body_text.force_encoding(charset_tmp)
+        decoded = body_text.encode("utf-8", :invalid => :replace, :undef => :replace)
+      end
+      decoded.valid_encoding? ? decoded : decoded.encode("utf-16le", :invalid => :replace, :undef => :replace).encode("utf-8")
+    end
+  end
+
+  # Handle attached emails as attachments
+  class AttachmentsList < Array
+    def initialize(parts_list)
+      @parts_list = parts_list
+      @content_disposition_type = 'attachment'
+      parts_list.map { |p|
+        (p.parts.empty? and p.attachment?) ? p : p.attachments
+      }.flatten.compact.each { |a| self << a }
+      self
+    end
+  end
+end
+
+class Array
+  def decoded
+    return nil if self.empty?
+    return self.first.decoded
+  end
+end
+
+class NilClass
+  def decoded
+    nil
+  end
+end

config/initializers/mime_types.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf

config/initializers/new_framework_defaults.rb

@@ -0,0 +1,24 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains migration options to ease your Rails 5.0 upgrade.
+#
+# Read the Rails 5.0 release notes for more info on each option.
+
+# Enable per-form CSRF tokens. Previous versions had false.
+Rails.application.config.action_controller.per_form_csrf_tokens = true
+
+# Enable origin-checking CSRF mitigation. Previous versions had false.
+Rails.application.config.action_controller.forgery_protection_origin_check = true
+
+# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
+# Previous versions had false.
+ActiveSupport.to_time_preserves_timezone = true
+
+# Require `belongs_to` associations by default. Previous versions had false.
+Rails.application.config.active_record.belongs_to_required_by_default = true
+
+# Do not halt callback chains when a callback returns false. Previous versions had true.
+ActiveSupport.halt_callback_chains_on_return_false = false
+
+# Configure SSL options to enable HSTS with subdomains. Previous versions had false.
+Rails.application.config.ssl_options = false

config/initializers/postal.rb

@@ -0,0 +1,2 @@
+require 'postal/error'
+require 'postal/message_db/mysql'

config/initializers/record_key_for_dom.rb

@@ -0,0 +1,12 @@
+module ActionView
+  module RecordIdentifier
+    def dom_id(record, prefix = nil)
+      if record.new_record?
+        dom_class(record, prefix || NEW)
+      else
+        id = record.respond_to?(:uuid) ? record.uuid : record.id
+        "#{dom_class(record, prefix)}#{JOIN}#{id}"
+      end
+    end
+  end
+end

config/initializers/secret_key.rb

@@ -0,0 +1,6 @@
+if Postal.config.rails&.secret_key
+  Rails.application.secrets.secret_key_base = Postal.config.rails.secret_key
+else
+  $stderr.puts "No secret key was specified in the Postal config file. Using one for just this session"
+  Rails.application.secrets.secret_key_base = SecureRandom.hex(128)
+end

config/initializers/secure_headers.rb

@@ -0,0 +1,10 @@
+SecureHeaders::Configuration.default do |config|
+
+  config.hsts = SecureHeaders::OPT_OUT
+
+  config.csp[:default_src] = []
+  config.csp[:script_src] = ["'self'"]
+  config.csp[:child_src] = ["'self'"]
+  config.csp[:connect_src] = ["'self'"]
+
+end

config/initializers/sentry.rb

@@ -0,0 +1,14 @@
+require 'postal/config'
+
+if Postal.config.general&.exception_url
+  require 'raven'
+  Raven.configure do |config|
+    config.dsn = Postal.config.general.exception_url
+    config.environments = ['production']
+    if ENV['DEV_EXCEPTIONS']
+      config.environments << 'development'
+    end
+    config.silence_ready = true
+    config.tags = {:process => ENV['PROC_NAME']}
+  end
+end

config/initializers/session_store.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.session_store :cookie_store, key: '_deliver_session'

config/initializers/smtp.rb

@@ -0,0 +1,5 @@
+require 'postal/config'
+if Postal.config&.smtp
+  ActionMailer::Base.delivery_method = :smtp
+  ActionMailer::Base.smtp_settings = {:address => Postal.config.smtp.host, :user_name => Postal.config.smtp.username, :password => Postal.config.smtp.password}
+end

config/initializers/smtp_extensions.rb

@@ -0,0 +1,34 @@
+class Net::SMTP::Response
+  def message
+    @string
+  end
+end
+
+class Net::SMTP
+  attr_accessor :source_address
+
+  def secure_socket?
+    @socket.is_a?(OpenSSL::SSL::SSLSocket)
+  end
+
+  #
+  # We had an issue where a message was sent to a server and was greylisted. It returned
+  # a Net::SMTPUnknownError error. We then tried to send another message on the same
+  # connection after running `rset` the next message didn't raise any exceptions because
+  # net/smtp returns a '200 dummy reply code' and doesn't raise any exceptions.
+  #
+  def rset
+    @error_occurred = false
+    getok('RSET')
+  end
+
+  def rset_errors
+    @error_occurred = false
+  end
+
+  private
+
+  def tcp_socket(address, port)
+    TCPSocket.open(address, port, self.source_address)
+  end
+end

config/initializers/trusted_proxies.rb

@@ -0,0 +1,9 @@
+module Rack
+  class Request
+    module Helpers
+      def trusted_proxy?(ip)
+        ip =~ /^127\.0\.0\.1$|^localhost$|^unix$$/i
+      end
+    end
+  end
+end

config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters format: [:json]
+end
+
+# To enable root element in JSON for ActiveRecord objects.
+# ActiveSupport.on_load(:active_record) do
+#   self.include_root_in_json = true
+# end