4.36.3

.drone.yml

@@ -36,6 +36,7 @@ steps:
     status:
     - success
     - failure
+    - killed
   settings:
     webhook: 
       from_secret: slack_webhook

app/.github/workflows/main.yml

@@ -15,9 +15,15 @@ jobs:
 
       - uses: actions/setup-python@v4
         with:
-          python-version: '3.9'
+          python-version: '3.10'
           cache: 'poetry'
 
+      - name: Install OS dependencies
+        if: ${{ matrix.python-version }} == '3.10'
+        run: |
+          sudo apt update
+          sudo apt install -y libre2-dev libpq-dev
+
       - name: Install dependencies
         if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
         run: poetry install --no-interaction

app/Dockerfile

@@ -23,7 +23,7 @@ COPY poetry.lock pyproject.toml ./
 # Install and setup poetry
 RUN pip install -U pip \
     && apt-get update \
-    && apt install -y curl netcat-traditional gcc python3-dev gnupg git libre2-dev \
+    && apt install -y curl netcat-traditional gcc python3-dev gnupg git libre2-dev cmake ninja-build\
     && curl -sSL https://install.python-poetry.org | python3 - \
     # Remove curl and netcat from the image
     && apt-get purge -y curl netcat-traditional \
@@ -31,7 +31,7 @@ RUN pip install -U pip \
     && poetry config virtualenvs.create false \
     && poetry install  --no-interaction --no-ansi --no-root \
     # Clear apt cache \
-    && apt-get purge -y libre2-dev \
+    && apt-get purge -y libre2-dev cmake ninja-build\
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
 

app/app/account_linking.py

@@ -5,13 +5,15 @@ from typing import Optional
 
 from arrow import Arrow
 from newrelic import agent
+from sqlalchemy import or_
 
 from app.db import Session
 from app.email_utils import send_welcome_email
-from app.utils import sanitize_email
+from app.utils import sanitize_email, canonicalize_email
 from app.errors import (
     AccountAlreadyLinkedToAnotherPartnerException,
     AccountIsUsingAliasAsEmail,
+    AccountAlreadyLinkedToAnotherUserException,
 )
 from app.log import LOG
 from app.models import (
@@ -130,8 +132,9 @@ class ClientMergeStrategy(ABC):
 class NewUserStrategy(ClientMergeStrategy):
     def process(self) -> LinkResult:
         # Will create a new SL User with a random password
+        canonical_email = canonicalize_email(self.link_request.email)
         new_user = User.create(
-            email=self.link_request.email,
+            email=canonical_email,
             name=self.link_request.name,
             password=random_string(20),
             activated=True,
@@ -179,7 +182,7 @@ class ExistingUnlinkedUserStrategy(ClientMergeStrategy):
 
 class LinkedWithAnotherPartnerUserStrategy(ClientMergeStrategy):
     def process(self) -> LinkResult:
-        raise AccountAlreadyLinkedToAnotherPartnerException()
+        raise AccountAlreadyLinkedToAnotherUserException()
 
 
 def get_login_strategy(
@@ -212,11 +215,21 @@ def process_login_case(
         partner_id=partner.id, external_user_id=link_request.external_user_id
     )
     if partner_user is None:
+        canonical_email = canonicalize_email(link_request.email)
         # We didn't find any SimpleLogin user registered with that partner user id
         # Make sure they aren't using an alias as their link email
         check_alias(link_request.email)
+        check_alias(canonical_email)
         # Try to find it using the partner's e-mail address
-        user = User.get_by(email=link_request.email)
+        users = User.filter(
+            or_(User.email == link_request.email, User.email == canonical_email)
+        ).all()
+        if len(users) > 1:
+            user = [user for user in users if user.email == canonical_email][0]
+        elif len(users) == 1:
+            user = users[0]
+        else:
+            user = None
         return get_login_strategy(link_request, user, partner).process()
     else:
         # We found the SL user registered with that partner user id

app/app/admin_model.py

@@ -256,6 +256,17 @@ class UserAdmin(SLModelView):
 
         Session.commit()
 
+    @action(
+        "clear_delete_on",
+        "Remove scheduled deletion of user",
+        "This will remove the scheduled deletion for this users",
+    )
+    def clean_delete_on(self, ids):
+        for user in User.filter(User.id.in_(ids)):
+            user.delete_on = None
+
+        Session.commit()
+
     # @action(
     #     "login_as",
     #     "Login as this user",
@@ -600,6 +611,26 @@ class NewsletterAdmin(SLModelView):
             else:
                 flash(error_msg, "error")
 
+    @action(
+        "clone_newsletter",
+        "Clone this newsletter",
+    )
+    def clone_newsletter(self, newsletter_ids):
+        if len(newsletter_ids) != 1:
+            flash("you can only select 1 newsletter", "error")
+            return
+
+        newsletter_id = newsletter_ids[0]
+        newsletter: Newsletter = Newsletter.get(newsletter_id)
+        new_newsletter = Newsletter.create(
+            subject=newsletter.subject,
+            html=newsletter.html,
+            plain_text=newsletter.plain_text,
+            commit=True,
+        )
+
+        flash(f"Newsletter {new_newsletter.subject} has been cloned", "success")
+
 
 class NewsletterUserAdmin(SLModelView):
     column_searchable_list = ["id"]

app/app/alias_utils.py

@@ -21,6 +21,8 @@ from app.email_utils import (
     send_cannot_create_directory_alias_disabled,
     get_email_local_part,
     send_cannot_create_domain_alias,
+    send_email,
+    render,
 )
 from app.errors import AliasInTrashError
 from app.log import LOG
@@ -36,6 +38,8 @@ from app.models import (
     EmailLog,
     Contact,
     AutoCreateRule,
+    AliasUsedOn,
+    ClientUser,
 )
 from app.regex_utils import regex_match
 
@@ -399,3 +403,58 @@ def alias_export_csv(user, csv_direct_export=False):
     output.headers["Content-Disposition"] = "attachment; filename=aliases.csv"
     output.headers["Content-type"] = "text/csv"
     return output
+
+
+def transfer_alias(alias, new_user, new_mailboxes: [Mailbox]):
+    # cannot transfer alias which is used for receiving newsletter
+    if User.get_by(newsletter_alias_id=alias.id):
+        raise Exception("Cannot transfer alias that's used to receive newsletter")
+
+    # update user_id
+    Session.query(Contact).filter(Contact.alias_id == alias.id).update(
+        {"user_id": new_user.id}
+    )
+
+    Session.query(AliasUsedOn).filter(AliasUsedOn.alias_id == alias.id).update(
+        {"user_id": new_user.id}
+    )
+
+    Session.query(ClientUser).filter(ClientUser.alias_id == alias.id).update(
+        {"user_id": new_user.id}
+    )
+
+    # remove existing mailboxes from the alias
+    Session.query(AliasMailbox).filter(AliasMailbox.alias_id == alias.id).delete()
+
+    # set mailboxes
+    alias.mailbox_id = new_mailboxes.pop().id
+    for mb in new_mailboxes:
+        AliasMailbox.create(alias_id=alias.id, mailbox_id=mb.id)
+
+    # alias has never been transferred before
+    if not alias.original_owner_id:
+        alias.original_owner_id = alias.user_id
+
+    # inform previous owner
+    old_user = alias.user
+    send_email(
+        old_user.email,
+        f"Alias {alias.email} has been received",
+        render(
+            "transactional/alias-transferred.txt",
+            alias=alias,
+        ),
+        render(
+            "transactional/alias-transferred.html",
+            alias=alias,
+        ),
+    )
+
+    # now the alias belongs to the new user
+    alias.user_id = new_user.id
+
+    # set some fields back to default
+    alias.disable_pgp = False
+    alias.pinned = False
+
+    Session.commit()

app/app/api/views/auth.py

@@ -63,6 +63,11 @@ def auth_login():
     elif user.disabled:
         LoginEvent(LoginEvent.ActionType.disabled_login, LoginEvent.Source.api).send()
         return jsonify(error="Account disabled"), 400
+    elif user.delete_on is not None:
+        LoginEvent(
+            LoginEvent.ActionType.scheduled_to_be_deleted, LoginEvent.Source.api
+        ).send()
+        return jsonify(error="Account scheduled for deletion"), 400
     elif not user.activated:
         LoginEvent(LoginEvent.ActionType.not_activated, LoginEvent.Source.api).send()
         return jsonify(error="Account not activated"), 422

app/app/auth/views/login.py

@@ -54,6 +54,12 @@ def login():
                 "error",
             )
             LoginEvent(LoginEvent.ActionType.disabled_login).send()
+        elif user.delete_on is not None:
+            flash(
+                f"Your account is scheduled to be deleted on {user.delete_on}",
+                "error",
+            )
+            LoginEvent(LoginEvent.ActionType.scheduled_to_be_deleted).send()
         elif not user.activated:
             show_resend_activation = True
             flash(

app/app/dashboard/views/alias_transfer.py

@@ -7,79 +7,19 @@ from flask import render_template, redirect, url_for, flash, request
 from flask_login import login_required, current_user
 
 from app import config
+from app.alias_utils import transfer_alias
 from app.dashboard.base import dashboard_bp
 from app.dashboard.views.enter_sudo import sudo_required
 from app.db import Session
-from app.email_utils import send_email, render
 from app.extensions import limiter
 from app.log import LOG
 from app.models import (
     Alias,
-    Contact,
-    AliasUsedOn,
-    AliasMailbox,
-    User,
-    ClientUser,
 )
 from app.models import Mailbox
 from app.utils import CSRFValidationForm
 
 
-def transfer(alias, new_user, new_mailboxes: [Mailbox]):
-    # cannot transfer alias which is used for receiving newsletter
-    if User.get_by(newsletter_alias_id=alias.id):
-        raise Exception("Cannot transfer alias that's used to receive newsletter")
-
-    # update user_id
-    Session.query(Contact).filter(Contact.alias_id == alias.id).update(
-        {"user_id": new_user.id}
-    )
-
-    Session.query(AliasUsedOn).filter(AliasUsedOn.alias_id == alias.id).update(
-        {"user_id": new_user.id}
-    )
-
-    Session.query(ClientUser).filter(ClientUser.alias_id == alias.id).update(
-        {"user_id": new_user.id}
-    )
-
-    # remove existing mailboxes from the alias
-    Session.query(AliasMailbox).filter(AliasMailbox.alias_id == alias.id).delete()
-
-    # set mailboxes
-    alias.mailbox_id = new_mailboxes.pop().id
-    for mb in new_mailboxes:
-        AliasMailbox.create(alias_id=alias.id, mailbox_id=mb.id)
-
-    # alias has never been transferred before
-    if not alias.original_owner_id:
-        alias.original_owner_id = alias.user_id
-
-    # inform previous owner
-    old_user = alias.user
-    send_email(
-        old_user.email,
-        f"Alias {alias.email} has been received",
-        render(
-            "transactional/alias-transferred.txt",
-            alias=alias,
-        ),
-        render(
-            "transactional/alias-transferred.html",
-            alias=alias,
-        ),
-    )
-
-    # now the alias belongs to the new user
-    alias.user_id = new_user.id
-
-    # set some fields back to default
-    alias.disable_pgp = False
-    alias.pinned = False
-
-    Session.commit()
-
-
 def hmac_alias_transfer_token(transfer_token: str) -> str:
     alias_hmac = hmac.new(
         config.ALIAS_TRANSFER_TOKEN_SECRET.encode("utf-8"),
@@ -214,7 +154,7 @@ def alias_transfer_receive_route():
             mailboxes,
             token,
         )
-        transfer(alias, current_user, mailboxes)
+        transfer_alias(alias, current_user, mailboxes)
 
         # reset transfer token
         alias.transfer_token = None

app/app/dashboard/views/mailbox_detail.py

@@ -30,7 +30,7 @@ class ChangeEmailForm(FlaskForm):
 @dashboard_bp.route("/mailbox/<int:mailbox_id>/", methods=["GET", "POST"])
 @login_required
 def mailbox_detail_route(mailbox_id):
-    mailbox = Mailbox.get(mailbox_id)
+    mailbox: Mailbox = Mailbox.get(mailbox_id)
     if not mailbox or mailbox.user_id != current_user.id:
         flash("You cannot see this page", "warning")
         return redirect(url_for("dashboard.index"))
@@ -144,6 +144,15 @@ def mailbox_detail_route(mailbox_id):
                         url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
                     )
 
+                if mailbox.is_proton():
+                    flash(
+                        "Enabling PGP for a Proton Mail mailbox is redundant and does not add any security benefit",
+                        "info",
+                    )
+                    return redirect(
+                        url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
+                    )
+
                 mailbox.pgp_public_key = request.form.get("pgp")
                 try:
                     mailbox.pgp_finger_print = load_public_key_and_check(
@@ -182,25 +191,16 @@ def mailbox_detail_route(mailbox_id):
             )
         elif request.form.get("form-name") == "generic-subject":
             if request.form.get("action") == "save":
-                if not mailbox.pgp_enabled():
-                    flash(
-                        "Generic subject can only be used on PGP-enabled mailbox",
-                        "error",
-                    )
-                    return redirect(
-                        url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
-                    )
-
                 mailbox.generic_subject = request.form.get("generic-subject")
                 Session.commit()
-                flash("Generic subject for PGP-encrypted email is enabled", "success")
+                flash("Generic subject is enabled", "success")
                 return redirect(
                     url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
                 )
             elif request.form.get("action") == "remove":
                 mailbox.generic_subject = None
                 Session.commit()
-                flash("Generic subject for PGP-encrypted email is disabled", "success")
+                flash("Generic subject is disabled", "success")
                 return redirect(
                     url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
                 )

app/app/dns_utils.py

@@ -34,7 +34,7 @@ def get_cname_record(hostname) -> Optional[str]:
 
 
 def get_mx_domains(hostname) -> [(int, str)]:
-    """return list of (priority, domain name).
+    """return list of (priority, domain name) sorted by priority (lowest priority first)
     domain name ends with a "." at the end.
     """
     try:
@@ -50,7 +50,7 @@ def get_mx_domains(hostname) -> [(int, str)]:
 
         ret.append((int(parts[0]), parts[1]))
 
-    return ret
+    return sorted(ret, key=lambda prio_domain: prio_domain[0])
 
 
 _include_spf = "include:"

app/app/errors.py

@@ -121,3 +121,10 @@ class AccountAlreadyLinkedToAnotherUserException(LinkException):
 class AccountIsUsingAliasAsEmail(LinkException):
     def __init__(self):
         super().__init__("Your account has an alias as it's email address")
+
+
+class ProtonAccountNotVerified(LinkException):
+    def __init__(self):
+        super().__init__(
+            "The Proton account you are trying to use has not been verified"
+        )

app/app/events/auth_event.py

@@ -9,6 +9,7 @@ class LoginEvent:
         failed = 1
         disabled_login = 2
         not_activated = 3
+        scheduled_to_be_deleted = 4
 
     class Source(EnumE):
         web = 0

app/app/handler/unsubscribe_generator.py

@@ -1,4 +1,5 @@
 import urllib
+from email.header import Header
 from email.message import Message
 
 from app.email import headers
@@ -33,6 +34,8 @@ class UnsubscribeGenerator:
         if not unsubscribe_data:
             LOG.info("Email has no unsubscribe header")
             return message
+        if isinstance(unsubscribe_data, Header):
+            unsubscribe_data = str(unsubscribe_data.encode())
         raw_methods = [method.strip() for method in unsubscribe_data.split(",")]
         mailto_unsubs = None
         other_unsubs = []

app/app/models.py

@@ -30,6 +30,8 @@ from sqlalchemy_utils import ArrowType
 from app import config
 from app import s3
 from app.db import Session
+from app.dns_utils import get_mx_domains
+
 from app.errors import (
     AliasInTrashError,
     DirectoryInTrashError,
@@ -278,6 +280,7 @@ class IntEnumType(sa.types.TypeDecorator):
 class AliasOptions:
     show_sl_domains: bool = True
     show_partner_domains: Optional[Partner] = None
+    show_partner_premium: Optional[bool] = None
 
 
 class Hibp(Base, ModelMixin):
@@ -537,10 +540,14 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
         nullable=False,
     )
 
+    # Trigger hard deletion of the account at this time
+    delete_on = sa.Column(ArrowType, default=None)
+
     __table_args__ = (
         sa.Index(
             "ix_users_activated_trial_end_lifetime", activated, trial_end, lifetime
         ),
+        sa.Index("ix_users_delete_on", delete_on),
     )
 
     @property
@@ -831,6 +838,17 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
                 < self.max_alias_for_free_account()
             )
 
+    def can_send_or_receive(self) -> bool:
+        if self.disabled:
+            LOG.i(f"User {self} is disabled. Cannot receive or send emails")
+            return False
+        if self.delete_on is not None:
+            LOG.i(
+                f"User {self} is scheduled to be deleted. Cannot receive or send emails"
+            )
+            return False
+        return True
+
     def profile_picture_url(self):
         if self.profile_picture_id:
             return self.profile_picture.get_url()
@@ -1021,29 +1039,35 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
     ) -> list["SLDomain"]:
         if alias_options is None:
             alias_options = AliasOptions()
-        conditions = [SLDomain.hidden == False]  # noqa: E712
+        top_conds = [SLDomain.hidden == False]  # noqa: E712
-        if not self.is_premium():
+        or_conds = []  # noqa:E711
-            conditions.append(SLDomain.premium_only == False)  # noqa: E712
-        partner_domain_cond = []  # noqa:E711
         if self.default_alias_public_domain_id is not None:
-            partner_domain_cond.append(
+            default_domain_conds = [SLDomain.id == self.default_alias_public_domain_id]
-                SLDomain.id == self.default_alias_public_domain_id
+            if not self.is_premium():
-            )
+                default_domain_conds.append(
+                    SLDomain.premium_only == False  # noqa: E712
+                )
+            or_conds.append(and_(*default_domain_conds).self_group())
         if alias_options.show_partner_domains is not None:
             partner_user = PartnerUser.filter_by(
                 user_id=self.id, partner_id=alias_options.show_partner_domains.id
             ).first()
             if partner_user is not None:
-                partner_domain_cond.append(
+                partner_domain_cond = [SLDomain.partner_id == partner_user.partner_id]
-                    SLDomain.partner_id == partner_user.partner_id
+                if alias_options.show_partner_premium is None:
-                )
+                    alias_options.show_partner_premium = self.is_premium()
+                if not alias_options.show_partner_premium:
+                    partner_domain_cond.append(
+                        SLDomain.premium_only == False  # noqa: E712
+                    )
+                or_conds.append(and_(*partner_domain_cond).self_group())
         if alias_options.show_sl_domains:
-            partner_domain_cond.append(SLDomain.partner_id == None)  # noqa:E711
+            sl_conds = [SLDomain.partner_id == None]  # noqa: E711
-        if len(partner_domain_cond) == 1:
+            if not self.is_premium():
-            conditions.append(partner_domain_cond[0])
+                sl_conds.append(SLDomain.premium_only == False)  # noqa: E712
-        else:
+            or_conds.append(and_(*sl_conds).self_group())
-            conditions.append(or_(*partner_domain_cond))
+        top_conds.append(or_(*or_conds))
-        query = Session.query(SLDomain).filter(*conditions).order_by(SLDomain.order)
+        query = Session.query(SLDomain).filter(*top_conds).order_by(SLDomain.order)
         return query.all()
 
     def available_alias_domains(
@@ -1923,6 +1947,7 @@ class Contact(Base, ModelMixin):
 
 class EmailLog(Base, ModelMixin):
     __tablename__ = "email_log"
+    __table_args__ = (Index("ix_email_log_created_at", "created_at"),)
 
     user_id = sa.Column(
         sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
@@ -2569,6 +2594,28 @@ class Mailbox(Base, ModelMixin):
             + Alias.filter_by(mailbox_id=self.id).count()
         )
 
+    def is_proton(self) -> bool:
+        if (
+            self.email.endswith("@proton.me")
+            or self.email.endswith("@protonmail.com")
+            or self.email.endswith("@protonmail.ch")
+            or self.email.endswith("@proton.ch")
+            or self.email.endswith("@pm.me")
+        ):
+            return True
+
+        from app.email_utils import get_email_local_part
+
+        mx_domains: [(int, str)] = get_mx_domains(get_email_local_part(self.email))
+        # Proton is the first domain
+        if mx_domains and mx_domains[0][1] in (
+            "mail.protonmail.ch.",
+            "mailsec.protonmail.ch.",
+        ):
+            return True
+
+        return False
+
     @classmethod
     def delete(cls, obj_id):
         mailbox: Mailbox = cls.get(obj_id)
@@ -3137,7 +3184,7 @@ class MessageIDMatching(Base, ModelMixin):
 
     # to track what email_log that has created this matching
     email_log_id = sa.Column(
-        sa.ForeignKey("email_log.id", ondelete="cascade"), nullable=True
+        sa.ForeignKey("email_log.id", ondelete="cascade"), nullable=True, index=True
     )
 
     email_log = orm.relationship("EmailLog")
@@ -3470,7 +3517,7 @@ class PartnerSubscription(Base, ModelMixin):
 
 class Newsletter(Base, ModelMixin):
     __tablename__ = "newsletter"
-    subject = sa.Column(sa.String(), nullable=False, unique=True, index=True)
+    subject = sa.Column(sa.String(), nullable=False, index=True)
 
     html = sa.Column(sa.Text)
     plain_text = sa.Column(sa.Text)

app/app/proton/proton_client.py

@@ -7,11 +7,12 @@ from typing import Optional
 
 from app.account_linking import SLPlan, SLPlanType
 from app.config import PROTON_EXTRA_HEADER_NAME, PROTON_EXTRA_HEADER_VALUE
+from app.errors import ProtonAccountNotVerified
 from app.log import LOG
 
 _APP_VERSION = "OauthClient_1.0.0"
 
-PROTON_ERROR_CODE_NOT_EXISTS = 2501
+PROTON_ERROR_CODE_HV_NEEDED = 9001
 
 PLAN_FREE = 1
 PLAN_PREMIUM = 2
@@ -57,6 +58,15 @@ def convert_access_token(access_token_response: str) -> AccessCredentials:
     )
 
 
+def handle_response_not_ok(status: int, body: dict, text: str) -> Exception:
+    if status == HTTPStatus.UNPROCESSABLE_ENTITY:
+        res_code = body.get("Code")
+        if res_code == PROTON_ERROR_CODE_HV_NEEDED:
+            return ProtonAccountNotVerified()
+
+    return Exception(f"Unexpected status code. Wanted 200 and got {status}: " + text)
+
+
 class ProtonClient(ABC):
     @abstractmethod
     def get_user(self) -> Optional[UserInformation]:
@@ -124,11 +134,11 @@ class HttpProtonClient(ProtonClient):
     @staticmethod
     def __validate_response(res: Response) -> dict:
         status = res.status_code
-        if status != HTTPStatus.OK:
-            raise Exception(
-                f"Unexpected status code. Wanted 200 and got {status}: " + res.text
-            )
         as_json = res.json()
+        if status != HTTPStatus.OK:
+            raise HttpProtonClient.__handle_response_not_ok(
+                status=status, body=as_json, text=res.text
+            )
         res_code = as_json.get("Code")
         if not res_code or res_code != 1000:
             raise Exception(

app/cron.py

@@ -5,11 +5,11 @@ from typing import List, Tuple
 
 import arrow
 import requests
-from sqlalchemy import func, desc, or_
+from sqlalchemy import func, desc, or_, and_
 from sqlalchemy.ext.compiler import compiles
 from sqlalchemy.orm import joinedload
 from sqlalchemy.orm.exc import ObjectDeletedError
-from sqlalchemy.sql import Insert
+from sqlalchemy.sql import Insert, text
 
 from app import s3, config
 from app.alias_utils import nb_email_log_for_mailbox
@@ -85,23 +85,43 @@ def delete_logs():
     delete_refused_emails()
     delete_old_monitoring()
 
-    for t in TransactionalEmail.filter(
+    for t_email in TransactionalEmail.filter(
         TransactionalEmail.created_at < arrow.now().shift(days=-7)
     ):
-        TransactionalEmail.delete(t.id)
+        TransactionalEmail.delete(t_email.id)
 
     for b in Bounce.filter(Bounce.created_at < arrow.now().shift(days=-7)):
         Bounce.delete(b.id)
 
     Session.commit()
 
-    LOG.d("Delete EmailLog older than 2 weeks")
+    LOG.d("Deleting EmailLog older than 2 weeks")
 
-    max_dt = arrow.now().shift(weeks=-2)
+    total_deleted = 0
-    nb_deleted = EmailLog.filter(EmailLog.created_at < max_dt).delete()
+    batch_size = 500
-    Session.commit()
+    Session.execute("set session statement_timeout=30000").rowcount
+    queries_done = 0
+    cutoff_time = arrow.now().shift(days=-14)
+    rows_to_delete = EmailLog.filter(EmailLog.created_at < cutoff_time).count()
+    expected_queries = int(rows_to_delete / batch_size)
+    sql = text(
+        f"DELETE FROM email_log WHERE id IN (SELECT id FROM email_log WHERE created_at < :cutoff_time order by created_at limit :batch_size)"
+    )
+    str_cutoff_time = cutoff_time.isoformat()
+    while total_deleted < rows_to_delete:
+        deleted_count = Session.execute(
+            sql, {"cutoff_time": str_cutoff_time, "batch_size": batch_size}
+        ).rowcount
+        Session.commit()
+        total_deleted += deleted_count
+        queries_done += 1
+        LOG.i(
+            f"[{queries_done}/{expected_queries}] Deleted {total_deleted} EmailLog entries"
+        )
+        if deleted_count < batch_size:
+            break
 
-    LOG.i("Delete %s email logs", nb_deleted)
+    LOG.i("Deleted %s email logs", total_deleted)
 
 
 def delete_refused_emails():
@@ -1106,6 +1126,18 @@ def notify_hibp():
         Session.commit()
 
 
+def clear_users_scheduled_to_be_deleted():
+    users = User.filter(
+        and_(User.delete_on.isnot(None), User.delete_on < arrow.now())
+    ).all()
+    for user in users:
+        LOG.i(
+            f"Scheduled deletion of user {user} with scheduled delete on {user.delete_on}"
+        )
+        User.delete(user.id)
+        Session.commit()
+
+
 if __name__ == "__main__":
     LOG.d("Start running cronjob")
     parser = argparse.ArgumentParser()
@@ -1172,3 +1204,6 @@ if __name__ == "__main__":
         elif args.job == "send_undelivered_mails":
             LOG.d("Sending undelivered emails")
             load_unsent_mails_from_fs_and_resend()
+        elif args.job == "delete_scheduled_users":
+            LOG.d("Deleting users scheduled to be deleted")
+            clear_users_scheduled_to_be_deleted()

app/crontab.yml

@@ -61,7 +61,12 @@ jobs:
     schedule: "15 10 * * *"
     captureStderr: true
 
-
+  - name: SimpleLogin delete users scheduled to be deleted
+    command: echo disabled_user_deletion #python /code/cron.py -j delete_scheduled_users
+    shell: /bin/bash
+    schedule: "15 11 * * *"
+    captureStderr: true
+    concurrencyPolicy: Forbid
 
   - name: SimpleLogin send unsent emails
     command: python /code/cron.py -j send_undelivered_mails

app/email_handler.py

@@ -637,8 +637,8 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
 
     user = alias.user
 
-    if user.disabled:
+    if not user.can_send_or_receive():
-        LOG.w("User %s disabled, disable forwarding emails for %s", user, alias)
+        LOG.i(f"User {user} cannot receive emails")
         if should_ignore_bounce(envelope.mail_from):
             return [(True, status.E207)]
         else:
@@ -878,21 +878,22 @@ def forward_email_to_mailbox(
         headers_to_keep.append(headers.AUTHENTICATION_RESULTS)
     delete_all_headers_except(msg, headers_to_keep)
 
+    if mailbox.generic_subject:
+        LOG.d("Use a generic subject for %s", mailbox)
+        orig_subject = msg[headers.SUBJECT]
+        orig_subject = get_header_unicode(orig_subject)
+        add_or_replace_header(msg, "Subject", mailbox.generic_subject)
+        sender = msg[headers.FROM]
+        sender = get_header_unicode(sender)
+        msg = add_header(
+            msg,
+            f"""Forwarded by SimpleLogin to {alias.email} from "{sender}" with "{orig_subject}" as subject""",
+            f"""Forwarded by SimpleLogin to {alias.email} from "{sender}" with <b>{orig_subject}</b> as subject""",
+        )
+
     # create PGP email if needed
     if mailbox.pgp_enabled() and user.is_premium() and not alias.disable_pgp:
         LOG.d("Encrypt message using mailbox %s", mailbox)
-        if mailbox.generic_subject:
-            LOG.d("Use a generic subject for %s", mailbox)
-            orig_subject = msg[headers.SUBJECT]
-            orig_subject = get_header_unicode(orig_subject)
-            add_or_replace_header(msg, "Subject", mailbox.generic_subject)
-            sender = msg[headers.FROM]
-            sender = get_header_unicode(sender)
-            msg = add_header(
-                msg,
-                f"""Forwarded by SimpleLogin to {alias.email} from "{sender}" with "{orig_subject}" as subject""",
-                f"""Forwarded by SimpleLogin to {alias.email} from "{sender}" with <b>{orig_subject}</b> as subject""",
-            )
 
         try:
             msg = prepare_pgp_message(
@@ -1069,13 +1070,8 @@ def handle_reply(envelope, msg: Message, rcpt_to: str) -> (bool, str):
     user = alias.user
     mail_from = envelope.mail_from
 
-    if user.disabled:
+    if not user.can_send_or_receive():
-        LOG.e(
+        LOG.i(f"User {user} cannot send emails")
-            "User %s disabled, disable sending emails from %s to %s",
-            user,
-            alias,
-            contact,
-        )
         return False, status.E504
 
     # Check if we need to reject or quarantine based on dmarc
@@ -1256,7 +1252,6 @@ def handle_reply(envelope, msg: Message, rcpt_to: str) -> (bool, str):
         if str(msg[headers.TO]).lower() == "undisclosed-recipients:;":
             # no need to replace TO header
             LOG.d("email is sent in BCC mode")
-            del msg[headers.TO]
         else:
             replace_header_when_reply(msg, alias, headers.TO)
 

app/local_data/words.txt

@@ -89,7 +89,6 @@ aghast
 agile
 agility
 aging
-agnostic
 agonize
 agonizing
 agony
@@ -375,8 +374,6 @@ augmented
 august
 authentic
 author
-autism
-autistic
 autograph
 automaker
 automated
@@ -446,7 +443,6 @@ backyard
 bacon
 bacteria
 bacterium
-badass
 badge
 badland
 badly
@@ -1106,7 +1102,6 @@ clinic
 clinking
 clip
 clique
-cloak
 clobber
 clock
 clone
@@ -1776,7 +1771,6 @@ diagnosis
 diagram
 dial
 diameter
-diaper
 diaphragm
 diary
 dice
@@ -2032,9 +2026,6 @@ duffel
 dugout
 duh
 duke
-duller
-dullness
-duly
 dumping
 dumpling
 dumpster
@@ -2527,8 +2518,6 @@ feisty
 feline
 felt-tip
 feminine
-feminism
-feminist
 feminize
 femur
 fence
@@ -2667,7 +2656,6 @@ fondness
 fondue
 font
 food
-fool
 footage
 football
 footbath
@@ -2777,7 +2765,6 @@ gag
 gainfully
 gaining
 gains
-gala
 gallantly
 galleria
 gallery
@@ -3164,8 +3151,6 @@ hardware
 hardwired
 hardwood
 hardy
-harmful
-harmless
 harmonica
 harmonics
 harmonize
@@ -3340,7 +3325,6 @@ identical
 identify
 identity
 ideology
-idiocy
 idiom
 idly
 igloo
@@ -3357,7 +3341,6 @@ imaging
 imbecile
 imitate
 imitation
-immature
 immerse
 immersion
 imminent
@@ -3387,14 +3370,10 @@ implode
 implosion
 implosive
 imply
-impolite
 important
 importer
 impose
 imposing
-impotence
-impotency
-impotent
 impound
 imprecise
 imprint
@@ -3424,8 +3403,6 @@ irritable
 irritably
 irritant
 irritate
-islamic
-islamist
 isolated
 isolating
 isolation
@@ -3524,7 +3501,6 @@ june
 junior
 juniper
 junkie
-junkman
 junkyard
 jurist
 juror
@@ -3570,9 +3546,6 @@ king
 kinship
 kinsman
 kinswoman
-kissable
-kisser
-kissing
 kitchen
 kite
 kitten
@@ -3649,7 +3622,6 @@ laundry
 laurel
 lavender
 lavish
-laxative
 lazily
 laziness
 lazy
@@ -3690,7 +3662,6 @@ liable
 liberty
 librarian
 library
-licking
 licorice
 lid
 life
@@ -3741,8 +3712,6 @@ livestock
 lividly
 living
 lizard
-lubricant
-lubricate
 lucid
 luckily
 luckiness
@@ -3878,7 +3847,6 @@ marshland
 marshy
 marsupial
 marvelous
-marxism
 mascot
 masculine
 mashed
@@ -3914,8 +3882,6 @@ maximum
 maybe
 mayday
 mayflower
-moaner
-moaning
 mobile
 mobility
 mobilize
@@ -4124,7 +4090,6 @@ nemeses
 nemesis
 neon
 nephew
-nerd
 nervous
 nervy
 nest
@@ -4139,7 +4104,6 @@ never
 next
 nibble
 nickname
-nicotine
 niece
 nifty
 nimble
@@ -4167,14 +4131,10 @@ nuptials
 nursery
 nursing
 nurture
-nutcase
 nutlike
 nutmeg
 nutrient
 nutshell
-nuttiness
-nutty
-nuzzle
 nylon
 oaf
 oak
@@ -4205,7 +4165,6 @@ obstinate
 obstruct
 obtain
 obtrusive
-obtuse
 obvious
 occultist
 occupancy
@@ -4446,7 +4405,6 @@ palpitate
 paltry
 pampered
 pamperer
-pampers
 pamphlet
 panama
 pancake
@@ -4651,7 +4609,6 @@ plated
 platform
 plating
 platinum
-platonic
 platter
 platypus
 plausible
@@ -4777,8 +4734,6 @@ prancing
 pranker
 prankish
 prankster
-prayer
-praying
 preacher
 preaching
 preachy
@@ -4796,8 +4751,6 @@ prefix
 preflight
 preformed
 pregame
-pregnancy
-pregnant
 preheated
 prelaunch
 prelaw
@@ -4937,7 +4890,6 @@ prudishly
 prune
 pruning
 pry
-psychic
 public
 publisher
 pucker
@@ -4957,8 +4909,7 @@ punctual
 punctuate
 punctured
 pungent
-punisher
+punishe
-punk
 pupil
 puppet
 puppy
@@ -5040,7 +4991,6 @@ quote
 rabid
 race
 racing
-racism
 rack
 racoon
 radar
@@ -5155,7 +5105,6 @@ recount
 recoup
 recovery
 recreate
-rectal
 rectangle
 rectified
 rectify
@@ -5622,7 +5571,6 @@ sarcastic
 sardine
 sash
 sasquatch
-sassy
 satchel
 satiable
 satin
@@ -5651,7 +5599,6 @@ scaling
 scallion
 scallop
 scalping
-scam
 scandal
 scanner
 scanning
@@ -5928,8 +5875,6 @@ silent
 silica
 silicon
 silk
-silliness
-silly
 silo
 silt
 silver
@@ -5991,7 +5936,6 @@ skimmer
 skimming
 skimpily
 skincare
-skinhead
 skinless
 skinning
 skinny
@@ -6197,7 +6141,6 @@ splinter
 splotchy
 splurge
 spoilage
-spoiled
 spoiler
 spoiling
 spoils
@@ -7079,7 +7022,6 @@ undocked
 undoing
 undone
 undrafted
-undress
 undrilled
 undusted
 undying

app/local_data/words_alpha.txt

@@ -158677,16 +158677,6 @@ isis
 isize
 isl
 islay
-islam
-islamic
-islamism
-islamist
-islamistic
-islamite
-islamitic
-islamitish
-islamization
-islamize
 island
 islanded
 islander

app/migrations/versions/2023_090715_0a5701a4f5e4_.py

@@ -0,0 +1,33 @@
+"""empty message
+
+Revision ID: 0a5701a4f5e4
+Revises: 01827104004b
+Create Date: 2023-09-07 15:28:10.122756
+
+"""
+import sqlalchemy_utils
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '0a5701a4f5e4'
+down_revision = '01827104004b'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('users', sa.Column('delete_on', sqlalchemy_utils.types.arrow.ArrowType(), nullable=True))
+    with op.get_context().autocommit_block():
+        op.create_index('ix_users_delete_on', 'users', ['delete_on'], unique=False, postgresql_concurrently=True)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.get_context().autocommit_block():
+        op.drop_index('ix_users_delete_on', table_name='users', postgresql_concurrently=True)
+    op.drop_column('users', 'delete_on')
+    # ### end Alembic commands ###

app/migrations/versions/2023_092818_ec7fdde8da9f_.py

@@ -0,0 +1,34 @@
+"""empty message
+
+Revision ID: ec7fdde8da9f
+Revises: 0a5701a4f5e4
+Create Date: 2023-09-28 18:09:48.016620
+
+"""
+import sqlalchemy_utils
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = "ec7fdde8da9f"
+down_revision = "0a5701a4f5e4"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.get_context().autocommit_block():
+        op.create_index(
+            "ix_email_log_created_at", "email_log", ["created_at"], unique=False
+        )
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.get_context().autocommit_block():
+        op.drop_index("ix_email_log_created_at", table_name="email_log")
+    # ### end Alembic commands ###

app/migrations/versions/2023_100510_46ecb648a47e_.py

@@ -0,0 +1,39 @@
+"""empty message
+
+Revision ID: 46ecb648a47e
+Revises: ec7fdde8da9f
+Create Date: 2023-10-05 10:43:35.668902
+
+"""
+import sqlalchemy_utils
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = "46ecb648a47e"
+down_revision = "ec7fdde8da9f"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.get_context().autocommit_block():
+        op.create_index(
+            op.f("ix_message_id_matching_email_log_id"),
+            "message_id_matching",
+            ["email_log_id"],
+            unique=False,
+        )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.get_context().autocommit_block():
+        op.drop_index(
+            op.f("ix_message_id_matching_email_log_id"),
+            table_name="message_id_matching",
+        )
+    # ### end Alembic commands ###

app/migrations/versions/2023_110714_4bc54632d9aa_.py

@@ -0,0 +1,31 @@
+"""empty message
+
+Revision ID: 4bc54632d9aa
+Revises: 46ecb648a47e
+Create Date: 2023-11-07 14:02:17.610226
+
+"""
+import sqlalchemy_utils
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '4bc54632d9aa'
+down_revision = '46ecb648a47e'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index('ix_newsletter_subject', table_name='newsletter')
+    op.create_index(op.f('ix_newsletter_subject'), 'newsletter', ['subject'], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f('ix_newsletter_subject'), table_name='newsletter')
+    op.create_index('ix_newsletter_subject', 'newsletter', ['subject'], unique=True)
+    # ### end Alembic commands ###

app/poetry.lock

@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
 
 [[package]]
 name = "aiohttp"
@@ -99,12 +99,10 @@ files = [
 [package.dependencies]
 aiosignal = ">=1.1.2"
 async-timeout = ">=4.0.0a3,<5.0"
-asynctest = {version = "0.13.0", markers = "python_version < \"3.8\""}
 attrs = ">=17.3.0"
 charset-normalizer = ">=2.0,<4.0"
 frozenlist = ">=1.1.1"
 multidict = ">=4.5,<7.0"
-typing-extensions = {version = ">=3.7.4", markers = "python_version < \"3.8\""}
 yarl = ">=1.0,<2.0"
 
 [package.extras]
@@ -138,7 +136,6 @@ files = [
 [package.dependencies]
 atpublic = "*"
 attrs = "*"
-typing-extensions = {version = "*", markers = "python_version < \"3.8\""}
 
 [[package]]
 name = "aiosmtplib"
@@ -157,17 +154,20 @@ uvloop = ["uvloop (>=0.13,<0.15)"]
 
 [[package]]
 name = "aiospamc"
-version = "0.6.1"
+version = "0.10.0"
 description = "An asyncio-based library to communicate with SpamAssassin's SPAMD service."
 optional = false
-python-versions = ">=3.5,<4.0"
+python-versions = ">=3.8,<4.0"
 files = [
-    {file = "aiospamc-0.6.1-py3-none-any.whl", hash = "sha256:63b7d213d6af01058b855ddcde2147485ea4e685d6d13ee682ad12cb1fa87ca6"},
+    {file = "aiospamc-0.10.0-py3-none-any.whl", hash = "sha256:53381adc53814647608ec864263eb975cf9bf04370f16adc2e1c1fa7aca2f538"},
-    {file = "aiospamc-0.6.1.tar.gz", hash = "sha256:4923bf3d1bf5a07151a3a9ea8be7862d9dcdef37a858035668ad1c726b7b98c1"},
+    {file = "aiospamc-0.10.0.tar.gz", hash = "sha256:a31abdbd809c7f74352e03166ec98685677a97ed8d1cbbbd6e1274cb8919c0d4"},
 ]
 
 [package.dependencies]
-certifi = ">=2019.9,<2020.0"
+certifi = "*"
+loguru = ">=0.7.0,<0.8.0"
+typer = ">=0.9.0,<0.10.0"
+typing-extensions = ">=4.6.2,<5.0.0"
 
 [[package]]
 name = "alembic"
@@ -225,8 +225,6 @@ files = [
 [package.dependencies]
 lazy-object-proxy = ">=1.4.0"
 setuptools = ">=20.0"
-typed-ast = {version = ">=1.4.0,<2.0", markers = "implementation_name == \"cpython\" and python_version < \"3.8\""}
-typing-extensions = {version = ">=3.10", markers = "python_version < \"3.10\""}
 wrapt = ">=1.11,<2"
 
 [[package]]
@@ -240,20 +238,6 @@ files = [
     {file = "async_timeout-4.0.2-py3-none-any.whl", hash = "sha256:8ca1e4fcf50d07413d66d1a5e416e42cfdf5851c981d679a09851a6853383b3c"},
 ]
 
-[package.dependencies]
-typing-extensions = {version = ">=3.6.5", markers = "python_version < \"3.8\""}
-
-[[package]]
-name = "asynctest"
-version = "0.13.0"
-description = "Enhance the standard unittest package with features for testing asyncio libraries"
-optional = false
-python-versions = ">=3.5"
-files = [
-    {file = "asynctest-0.13.0-py3-none-any.whl", hash = "sha256:5da6118a7e6d6b54d83a8f7197769d046922a44d2a99c21382f0a6e4fadae676"},
-    {file = "asynctest-0.13.0.tar.gz", hash = "sha256:c27862842d15d83e6a34eb0b2866c323880eb3a75e4485b079ea11748fd77fac"},
-]
-
 [[package]]
 name = "atpublic"
 version = "2.0"
@@ -264,9 +248,6 @@ files = [
     {file = "atpublic-2.0.tar.gz", hash = "sha256:ebeb62b71a5c683a84c1b16bbf415708af5a46841b142b85ac3a22ec2d7613b0"},
 ]
 
-[package.dependencies]
-typing_extensions = {version = "*", markers = "python_version < \"3.8\""}
-
 [[package]]
 name = "attrs"
 version = "20.2.0"
@@ -306,9 +287,6 @@ files = [
     {file = "backports.entry_points_selectable-1.1.1.tar.gz", hash = "sha256:914b21a479fde881635f7af5adc7f6e38d6b274be32269070c53b698c60d5386"},
 ]
 
-[package.dependencies]
-importlib-metadata = {version = "*", markers = "python_version < \"3.8\""}
-
 [package.extras]
 docs = ["jaraco.packaging (>=8.2)", "rst.linker (>=1.9)", "sphinx"]
 testing = ["pytest", "pytest-black (>=0.3.7)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=1.0.1)", "pytest-flake8", "pytest-mypy"]
@@ -378,8 +356,6 @@ mypy-extensions = ">=0.4.3"
 pathspec = ">=0.9.0"
 platformdirs = ">=2"
 tomli = ">=1.1.0"
-typed-ast = {version = ">=1.4.2", markers = "python_version < \"3.8\" and implementation_name == \"cpython\""}
-typing-extensions = {version = ">=3.10.0.0", markers = "python_version < \"3.10\""}
 
 [package.extras]
 colorama = ["colorama (>=0.4.3)"]
@@ -562,7 +538,6 @@ files = [
 
 [package.dependencies]
 colorama = {version = "*", markers = "platform_system == \"Windows\""}
-importlib-metadata = {version = "*", markers = "python_version < \"3.8\""}
 
 [[package]]
 name = "coinbase-commerce"
@@ -1192,12 +1167,12 @@ files = [
 
 [[package]]
 name = "future"
-version = "0.18.2"
+version = "0.18.3"
 description = "Clean single-source support for Python 3 and 2"
 optional = false
 python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*"
 files = [
-    {file = "future-0.18.2.tar.gz", hash = "sha256:b1bead90b70cf6ec3f0710ae53a525360fa360d306a86583adc6bf83a4db537d"},
+    {file = "future-0.18.3.tar.gz", hash = "sha256:34a17436ed1e96697a86f9de3d15a3b0be01d8bc8de9c1dffd59fb8234ed5307"},
 ]
 
 [[package]]
@@ -1383,6 +1358,7 @@ files = [
     {file = "greenlet-2.0.2-cp27-cp27m-win32.whl", hash = "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74"},
     {file = "greenlet-2.0.2-cp27-cp27m-win_amd64.whl", hash = "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343"},
     {file = "greenlet-2.0.2-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae"},
+    {file = "greenlet-2.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:d967650d3f56af314b72df7089d96cda1083a7fc2da05b375d2bc48c82ab3f3c"},
     {file = "greenlet-2.0.2-cp310-cp310-macosx_11_0_x86_64.whl", hash = "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df"},
     {file = "greenlet-2.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088"},
     {file = "greenlet-2.0.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb"},
@@ -1391,6 +1367,7 @@ files = [
     {file = "greenlet-2.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91"},
     {file = "greenlet-2.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645"},
     {file = "greenlet-2.0.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c"},
+    {file = "greenlet-2.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:d4606a527e30548153be1a9f155f4e283d109ffba663a15856089fb55f933e47"},
     {file = "greenlet-2.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca"},
     {file = "greenlet-2.0.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0"},
     {file = "greenlet-2.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2"},
@@ -1420,6 +1397,7 @@ files = [
     {file = "greenlet-2.0.2-cp37-cp37m-win32.whl", hash = "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7"},
     {file = "greenlet-2.0.2-cp37-cp37m-win_amd64.whl", hash = "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3"},
     {file = "greenlet-2.0.2-cp38-cp38-macosx_10_15_x86_64.whl", hash = "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30"},
+    {file = "greenlet-2.0.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:1087300cf9700bbf455b1b97e24db18f2f77b55302a68272c56209d5587c12d1"},
     {file = "greenlet-2.0.2-cp38-cp38-manylinux2010_x86_64.whl", hash = "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b"},
     {file = "greenlet-2.0.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526"},
     {file = "greenlet-2.0.2-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b"},
@@ -1428,6 +1406,7 @@ files = [
     {file = "greenlet-2.0.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a"},
     {file = "greenlet-2.0.2-cp38-cp38-win32.whl", hash = "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249"},
     {file = "greenlet-2.0.2-cp38-cp38-win_amd64.whl", hash = "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40"},
+    {file = "greenlet-2.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:8512a0c38cfd4e66a858ddd1b17705587900dd760c6003998e9472b77b56d417"},
     {file = "greenlet-2.0.2-cp39-cp39-macosx_11_0_x86_64.whl", hash = "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8"},
     {file = "greenlet-2.0.2-cp39-cp39-manylinux2010_x86_64.whl", hash = "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6"},
     {file = "greenlet-2.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df"},
@@ -1488,15 +1467,18 @@ files = [
 
 [[package]]
 name = "httplib2"
-version = "0.18.1"
+version = "0.22.0"
 description = "A comprehensive HTTP client library."
 optional = false
-python-versions = "*"
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
 files = [
-    {file = "httplib2-0.18.1-py3-none-any.whl", hash = "sha256:ca2914b015b6247791c4866782fa6042f495b94401a0f0bd3e1d6e0ba2236782"},
+    {file = "httplib2-0.22.0-py3-none-any.whl", hash = "sha256:14ae0a53c1ba8f3d37e9e27cf37eabb0fb9980f435ba405d546948b009dd64dc"},
-    {file = "httplib2-0.18.1.tar.gz", hash = "sha256:8af66c1c52c7ffe1aa5dc4bcd7c769885254b0756e6e69f953c7f0ab49a70ba3"},
+    {file = "httplib2-0.22.0.tar.gz", hash = "sha256:d7a10bc5ef5ab08322488bde8c726eeee5c8618723fdb399597ec58f3d82df81"},
 ]
 
+[package.dependencies]
+pyparsing = {version = ">=2.4.2,<3.0.0 || >3.0.0,<3.0.1 || >3.0.1,<3.0.2 || >3.0.2,<3.0.3 || >3.0.3,<4", markers = "python_version > \"3.0\""}
+
 [[package]]
 name = "humanfriendly"
 version = "8.2"
@@ -1548,7 +1530,6 @@ files = [
 ]
 
 [package.dependencies]
-typing-extensions = {version = ">=3.6.4", markers = "python_version < \"3.8\""}
 zipp = ">=0.5"
 
 [package.extras]
@@ -1763,14 +1744,32 @@ files = [
 six = ">=1.4.1"
 
 [[package]]
-name = "mako"
+name = "loguru"
-version = "1.1.3"
+version = "0.7.2"
-description = "A super-fast templating language that borrows the  best ideas from the existing templating languages."
+description = "Python logging made (stupidly) simple"
 optional = false
-python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
+python-versions = ">=3.5"
 files = [
-    {file = "Mako-1.1.3-py2.py3-none-any.whl", hash = "sha256:93729a258e4ff0747c876bd9e20df1b9758028946e976324ccd2d68245c7b6a9"},
+    {file = "loguru-0.7.2-py3-none-any.whl", hash = "sha256:003d71e3d3ed35f0f8984898359d65b79e5b21943f78af86aa5491210429b8eb"},
-    {file = "Mako-1.1.3.tar.gz", hash = "sha256:8195c8c1400ceb53496064314c6736719c6f25e7479cd24c77be3d9361cddc27"},
+    {file = "loguru-0.7.2.tar.gz", hash = "sha256:e671a53522515f34fd406340ee968cb9ecafbc4b36c679da03c18fd8d0bd51ac"},
+]
+
+[package.dependencies]
+colorama = {version = ">=0.3.4", markers = "sys_platform == \"win32\""}
+win32-setctime = {version = ">=1.0.0", markers = "sys_platform == \"win32\""}
+
+[package.extras]
+dev = ["Sphinx (==7.2.5)", "colorama (==0.4.5)", "colorama (==0.4.6)", "exceptiongroup (==1.1.3)", "freezegun (==1.1.0)", "freezegun (==1.2.2)", "mypy (==v0.910)", "mypy (==v0.971)", "mypy (==v1.4.1)", "mypy (==v1.5.1)", "pre-commit (==3.4.0)", "pytest (==6.1.2)", "pytest (==7.4.0)", "pytest-cov (==2.12.1)", "pytest-cov (==4.1.0)", "pytest-mypy-plugins (==1.9.3)", "pytest-mypy-plugins (==3.0.0)", "sphinx-autobuild (==2021.3.14)", "sphinx-rtd-theme (==1.3.0)", "tox (==3.27.1)", "tox (==4.11.0)"]
+
+[[package]]
+name = "mako"
+version = "1.2.4"
+description = "A super-fast templating language that borrows the best ideas from the existing templating languages."
+optional = false
+python-versions = ">=3.7"
+files = [
+    {file = "Mako-1.2.4-py3-none-any.whl", hash = "sha256:c97c79c018b9165ac9922ae4f32da095ffd3c4e6872b45eded42926deea46818"},
+    {file = "Mako-1.2.4.tar.gz", hash = "sha256:d60a3903dc3bb01a18ad6a89cdbe2e4eadc69c0bc8ef1e3773ba53d44c3f7a34"},
 ]
 
 [package.dependencies]
@@ -1779,6 +1778,7 @@ MarkupSafe = ">=0.9.2"
 [package.extras]
 babel = ["Babel"]
 lingua = ["lingua"]
+testing = ["pytest"]
 
 [[package]]
 name = "markupsafe"
@@ -2101,9 +2101,6 @@ files = [
     {file = "pluggy-0.13.1.tar.gz", hash = "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0"},
 ]
 
-[package.dependencies]
-importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""}
-
 [package.extras]
 dev = ["pre-commit", "tox"]
 
@@ -2132,7 +2129,6 @@ files = [
 [package.dependencies]
 cfgv = ">=2.0.0"
 identify = ">=1.0.0"
-importlib-metadata = {version = "*", markers = "python_version < \"3.8\""}
 nodeenv = ">=0.11.1"
 pyyaml = ">=5.1"
 toml = "*"
@@ -2154,36 +2150,26 @@ wcwidth = "*"
 
 [[package]]
 name = "protobuf"
-version = "3.15.0"
+version = "4.24.3"
-description = "Protocol Buffers"
+description = ""
 optional = false
-python-versions = "*"
+python-versions = ">=3.7"
 files = [
-    {file = "protobuf-3.15.0-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:44d824adb48fe8baf81e628c2edaf9911912cd592a83621d2b877ccfde631d61"},
+    {file = "protobuf-4.24.3-cp310-abi3-win32.whl", hash = "sha256:20651f11b6adc70c0f29efbe8f4a94a74caf61b6200472a9aea6e19898f9fcf4"},
-    {file = "protobuf-3.15.0-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:b04449133e31b65924650d758efbc2397c2d0e5eb3c8cae7428ffc4fa9c3403d"},
+    {file = "protobuf-4.24.3-cp310-abi3-win_amd64.whl", hash = "sha256:3d42e9e4796a811478c783ef63dc85b5a104b44aaaca85d4864d5b886e4b05e3"},
-    {file = "protobuf-3.15.0-cp35-cp35m-macosx_10_9_intel.whl", hash = "sha256:ef69a10d45529a08367e70e736b3ce8e2af51360f23650ef1d4381ff9038467a"},
+    {file = "protobuf-4.24.3-cp37-abi3-macosx_10_9_universal2.whl", hash = "sha256:6e514e8af0045be2b56e56ae1bb14f43ce7ffa0f68b1c793670ccbe2c4fc7d2b"},
-    {file = "protobuf-3.15.0-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:50f28efa66232a2fbbdd638dd61d9399ff66bcfde40ff305263b229692928081"},
+    {file = "protobuf-4.24.3-cp37-abi3-manylinux2014_aarch64.whl", hash = "sha256:ba53c2f04798a326774f0e53b9c759eaef4f6a568ea7072ec6629851c8435959"},
-    {file = "protobuf-3.15.0-cp35-cp35m-win32.whl", hash = "sha256:25f0ee57684f7bc3f0511b73cf55c016a891d09079c357794759663fe3da9cd3"},
+    {file = "protobuf-4.24.3-cp37-abi3-manylinux2014_x86_64.whl", hash = "sha256:f6ccbcf027761a2978c1406070c3788f6de4a4b2cc20800cc03d52df716ad675"},
-    {file = "protobuf-3.15.0-cp35-cp35m-win_amd64.whl", hash = "sha256:94b34486986d7683e83f9d02a0112533263fc20fae54fff3f4fd69451e682ec7"},
+    {file = "protobuf-4.24.3-cp37-cp37m-win32.whl", hash = "sha256:1b182c7181a2891e8f7f3a1b5242e4ec54d1f42582485a896e4de81aa17540c2"},
-    {file = "protobuf-3.15.0-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:11f192d491613f692b3ddc18f06c925785b3019c8e35d32c811421ca9ff7d50e"},
+    {file = "protobuf-4.24.3-cp37-cp37m-win_amd64.whl", hash = "sha256:b0271a701e6782880d65a308ba42bc43874dabd1a0a0f41f72d2dac3b57f8e76"},
-    {file = "protobuf-3.15.0-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:867635c1d541ce336a1a4df3379d1116f02eba6dc326d080c8ef02f34036c415"},
+    {file = "protobuf-4.24.3-cp38-cp38-win32.whl", hash = "sha256:e29d79c913f17a60cf17c626f1041e5288e9885c8579832580209de8b75f2a52"},
-    {file = "protobuf-3.15.0-cp36-cp36m-win32.whl", hash = "sha256:f6d10b1f86cebb8008a256f474948fc6204391e02a9c12935eebf036bbb07b65"},
+    {file = "protobuf-4.24.3-cp38-cp38-win_amd64.whl", hash = "sha256:067f750169bc644da2e1ef18c785e85071b7c296f14ac53e0900e605da588719"},
-    {file = "protobuf-3.15.0-cp36-cp36m-win_amd64.whl", hash = "sha256:5c2ee13f5ea237a17bd81f52f972b7d334c0a43330d2a2a7b25b07f16eb146d8"},
+    {file = "protobuf-4.24.3-cp39-cp39-win32.whl", hash = "sha256:2da777d34b4f4f7613cdf85c70eb9a90b1fbef9d36ae4a0ccfe014b0b07906f1"},
-    {file = "protobuf-3.15.0-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:2ccc0169b5145b3af676b6997be6fe62961edfc12bb524a7b9c46fb5d208a3d4"},
+    {file = "protobuf-4.24.3-cp39-cp39-win_amd64.whl", hash = "sha256:f631bb982c5478e0c1c70eab383af74a84be66945ebf5dd6b06fc90079668d0b"},
-    {file = "protobuf-3.15.0-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:51e080fb1de5db54b0a6b1519ba8dda55e57404b0a4948e58f1342a3e15d89ec"},
+    {file = "protobuf-4.24.3-py3-none-any.whl", hash = "sha256:f6f8dc65625dadaad0c8545319c2e2f0424fede988368893ca3844261342c11a"},
-    {file = "protobuf-3.15.0-cp37-cp37m-win32.whl", hash = "sha256:d892e487bd544463ce1e656434591593f710169335ac3f02ce30ee866c2f2464"},
+    {file = "protobuf-4.24.3.tar.gz", hash = "sha256:12e9ad2ec079b833176d2921be2cb24281fa591f0b119b208b788adc48c2561d"},
-    {file = "protobuf-3.15.0-cp37-cp37m-win_amd64.whl", hash = "sha256:40f031f79b0254aa62082ca87776c0959d85adf99f09cdef9d0b320bb772a609"},
-    {file = "protobuf-3.15.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:ae4bcd5a0ce3f77d0523c3e5ed0d04ed2af454f7bf7cef08cb7a8d0915ac80a9"},
-    {file = "protobuf-3.15.0-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:830a9c71df347b3fb3cd24ec985c4ed64f6e75983f543a1d8a3c96302dae915c"},
-    {file = "protobuf-3.15.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:fecf1b00ccc87bb8debca8b56458cc57c486d2d7afe22c7526728f79ffe232f4"},
-    {file = "protobuf-3.15.0-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:0e00b4e4a4800b389ae7f0058e1fc9d012444fdde926569d8cce55c84a01ef74"},
-    {file = "protobuf-3.15.0-py2.py3-none-any.whl", hash = "sha256:013a9ec4dccad9a6ed3aa1ad9e86a25a4e0d6d3bbe059b6f6502db20473c3e69"},
-    {file = "protobuf-3.15.0.tar.gz", hash = "sha256:e9f13fadb15b80e4a83ef5d9fa44e19243b1e2d96e84ee2228ca305180ca059e"},
 ]
 
-[package.dependencies]
-six = ">=1.9"
-
 [[package]]
 name = "psutil"
 version = "5.7.2"
@@ -2414,7 +2400,6 @@ mccabe = ">=0.6,<0.8"
 platformdirs = ">=2.2.0"
 tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""}
 tomlkit = ">=0.10.1"
-typing-extensions = {version = ">=3.10.0", markers = "python_version < \"3.10\""}
 
 [package.extras]
 spelling = ["pyenchant (>=3.2,<4.0)"]
@@ -2525,7 +2510,6 @@ files = [
 [package.dependencies]
 colorama = {version = "*", markers = "sys_platform == \"win32\""}
 exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""}
-importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""}
 iniconfig = "*"
 packaging = "*"
 pluggy = ">=0.12,<2.0"
@@ -2665,19 +2649,17 @@ files = [
 
 [[package]]
 name = "redis"
-version = "4.5.3"
+version = "4.6.0"
 description = "Python client for Redis database and key-value store"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "redis-4.5.3-py3-none-any.whl", hash = "sha256:7df17a0a2b72a4c8895b462dd07616c51b1dcb48fdd7ecb7b6f4bf39ecb2e94e"},
+    {file = "redis-4.6.0-py3-none-any.whl", hash = "sha256:e2b03db868160ee4591de3cb90d40ebb50a90dd302138775937f6a42b7ed183c"},
-    {file = "redis-4.5.3.tar.gz", hash = "sha256:56732e156fe31801c4f43396bd3ca0c2a7f6f83d7936798531b9848d103381aa"},
+    {file = "redis-4.6.0.tar.gz", hash = "sha256:585dc516b9eb042a619ef0a39c3d7d55fe81bdb4df09a52c9cdde0d07bf1aa7d"},
 ]
 
 [package.dependencies]
-async-timeout = {version = ">=4.0.2", markers = "python_version < \"3.11\""}
+async-timeout = {version = ">=4.0.2", markers = "python_full_version <= \"3.11.2\""}
-importlib-metadata = {version = ">=1.0", markers = "python_version < \"3.8\""}
-typing-extensions = {version = "*", markers = "python_version < \"3.8\""}
 
 [package.extras]
 hiredis = ["hiredis (>=1.0.0)"]
@@ -2768,24 +2750,24 @@ files = [
 
 [[package]]
 name = "requests"
-version = "2.25.1"
+version = "2.31.0"
 description = "Python HTTP for Humans."
 optional = false
-python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
+python-versions = ">=3.7"
 files = [
-    {file = "requests-2.25.1-py2.py3-none-any.whl", hash = "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"},
+    {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"},
-    {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"},
+    {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"},
 ]
 
 [package.dependencies]
 certifi = ">=2017.4.17"
-chardet = ">=3.0.2,<5"
+charset-normalizer = ">=2,<4"
-idna = ">=2.5,<3"
+idna = ">=2.5,<4"
-urllib3 = ">=1.21.1,<1.27"
+urllib3 = ">=1.21.1,<3"
 
 [package.extras]
-security = ["cryptography (>=1.3.4)", "pyOpenSSL (>=0.14)"]
+socks = ["PySocks (>=1.5.6,!=1.5.7)"]
-socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"]
+use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]
 
 [[package]]
 name = "requests-file"
@@ -2845,53 +2827,10 @@ files = [
     {file = "ruamel.yaml-0.16.12.tar.gz", hash = "sha256:076cc0bc34f1966d920a49f18b52b6ad559fbe656a0748e3535cf7b3f29ebf9e"},
 ]
 
-[package.dependencies]
-"ruamel.yaml.clib" = {version = ">=0.1.2", markers = "platform_python_implementation == \"CPython\" and python_version < \"3.9\""}
-
 [package.extras]
 docs = ["ryd"]
 jinja2 = ["ruamel.yaml.jinja2 (>=0.2)"]
 
-[[package]]
-name = "ruamel.yaml.clib"
-version = "0.2.2"
-description = "C version of reader, parser and emitter for ruamel.yaml derived from libyaml"
-optional = false
-python-versions = "*"
-files = [
-    {file = "ruamel.yaml.clib-0.2.2-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:28116f204103cb3a108dfd37668f20abe6e3cafd0d3fd40dba126c732457b3cc"},
-    {file = "ruamel.yaml.clib-0.2.2-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:daf21aa33ee9b351f66deed30a3d450ab55c14242cfdfcd377798e2c0d25c9f1"},
-    {file = "ruamel.yaml.clib-0.2.2-cp27-cp27m-win32.whl", hash = "sha256:30dca9bbcbb1cc858717438218d11eafb78666759e5094dd767468c0d577a7e7"},
-    {file = "ruamel.yaml.clib-0.2.2-cp27-cp27m-win_amd64.whl", hash = "sha256:f6061a31880c1ed6b6ce341215336e2f3d0c1deccd84957b6fa8ca474b41e89f"},
-    {file = "ruamel.yaml.clib-0.2.2-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:73b3d43e04cc4b228fa6fa5d796409ece6fcb53a6c270eb2048109cbcbc3b9c2"},
-    {file = "ruamel.yaml.clib-0.2.2-cp35-cp35m-macosx_10_6_intel.whl", hash = "sha256:53b9dd1abd70e257a6e32f934ebc482dac5edb8c93e23deb663eac724c30b026"},
-    {file = "ruamel.yaml.clib-0.2.2-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:839dd72545ef7ba78fd2aa1a5dd07b33696adf3e68fae7f31327161c1093001b"},
-    {file = "ruamel.yaml.clib-0.2.2-cp35-cp35m-manylinux2014_aarch64.whl", hash = "sha256:1236df55e0f73cd138c0eca074ee086136c3f16a97c2ac719032c050f7e0622f"},
-    {file = "ruamel.yaml.clib-0.2.2-cp35-cp35m-win32.whl", hash = "sha256:b1e981fe1aff1fd11627f531524826a4dcc1f26c726235a52fcb62ded27d150f"},
-    {file = "ruamel.yaml.clib-0.2.2-cp35-cp35m-win_amd64.whl", hash = "sha256:4e52c96ca66de04be42ea2278012a2342d89f5e82b4512fb6fb7134e377e2e62"},
-    {file = "ruamel.yaml.clib-0.2.2-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:a873e4d4954f865dcb60bdc4914af7eaae48fb56b60ed6daa1d6251c72f5337c"},
-    {file = "ruamel.yaml.clib-0.2.2-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:ab845f1f51f7eb750a78937be9f79baea4a42c7960f5a94dde34e69f3cce1988"},
-    {file = "ruamel.yaml.clib-0.2.2-cp36-cp36m-manylinux2014_aarch64.whl", hash = "sha256:2fd336a5c6415c82e2deb40d08c222087febe0aebe520f4d21910629018ab0f3"},
-    {file = "ruamel.yaml.clib-0.2.2-cp36-cp36m-win32.whl", hash = "sha256:e9f7d1d8c26a6a12c23421061f9022bb62704e38211fe375c645485f38df34a2"},
-    {file = "ruamel.yaml.clib-0.2.2-cp36-cp36m-win_amd64.whl", hash = "sha256:2602e91bd5c1b874d6f93d3086f9830f3e907c543c7672cf293a97c3fabdcd91"},
-    {file = "ruamel.yaml.clib-0.2.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:44c7b0498c39f27795224438f1a6be6c5352f82cb887bc33d962c3a3acc00df6"},
-    {file = "ruamel.yaml.clib-0.2.2-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:8e8fd0a22c9d92af3a34f91e8a2594eeb35cba90ab643c5e0e643567dc8be43e"},
-    {file = "ruamel.yaml.clib-0.2.2-cp37-cp37m-manylinux2014_aarch64.whl", hash = "sha256:75f0ee6839532e52a3a53f80ce64925ed4aed697dd3fa890c4c918f3304bd4f4"},
-    {file = "ruamel.yaml.clib-0.2.2-cp37-cp37m-win32.whl", hash = "sha256:464e66a04e740d754170be5e740657a3b3b6d2bcc567f0c3437879a6e6087ff6"},
-    {file = "ruamel.yaml.clib-0.2.2-cp37-cp37m-win_amd64.whl", hash = "sha256:52ae5739e4b5d6317b52f5b040b1b6639e8af68a5b8fd606a8b08658fbd0cab5"},
-    {file = "ruamel.yaml.clib-0.2.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:4df5019e7783d14b79217ad9c56edf1ba7485d614ad5a385d1b3c768635c81c0"},
-    {file = "ruamel.yaml.clib-0.2.2-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:5254af7d8bdf4d5484c089f929cb7f5bafa59b4f01d4f48adda4be41e6d29f99"},
-    {file = "ruamel.yaml.clib-0.2.2-cp38-cp38-manylinux2014_aarch64.whl", hash = "sha256:8be05be57dc5c7b4a0b24edcaa2f7275866d9c907725226cdde46da09367d923"},
-    {file = "ruamel.yaml.clib-0.2.2-cp38-cp38-win32.whl", hash = "sha256:74161d827407f4db9072011adcfb825b5258a5ccb3d2cd518dd6c9edea9e30f1"},
-    {file = "ruamel.yaml.clib-0.2.2-cp38-cp38-win_amd64.whl", hash = "sha256:058a1cc3df2a8aecc12f983a48bda99315cebf55a3b3a5463e37bb599b05727b"},
-    {file = "ruamel.yaml.clib-0.2.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:c6ac7e45367b1317e56f1461719c853fd6825226f45b835df7436bb04031fd8a"},
-    {file = "ruamel.yaml.clib-0.2.2-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:b4b0d31f2052b3f9f9b5327024dc629a253a83d8649d4734ca7f35b60ec3e9e5"},
-    {file = "ruamel.yaml.clib-0.2.2-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:1f8c0a4577c0e6c99d208de5c4d3fd8aceed9574bb154d7a2b21c16bb924154c"},
-    {file = "ruamel.yaml.clib-0.2.2-cp39-cp39-win32.whl", hash = "sha256:46d6d20815064e8bb023ea8628cfb7402c0f0e83de2c2227a88097e239a7dffd"},
-    {file = "ruamel.yaml.clib-0.2.2-cp39-cp39-win_amd64.whl", hash = "sha256:6c0a5dc52fc74eb87c67374a4e554d4761fd42a4d01390b7e868b30d21f4b8bb"},
-    {file = "ruamel.yaml.clib-0.2.2.tar.gz", hash = "sha256:2d24bd98af676f4990c4d715bcdc2a60b19c56a3fb3a763164d2d8ca0e806ba7"},
-]
-
 [[package]]
 name = "s3transfer"
 version = "0.3.3"
@@ -3106,15 +3045,20 @@ url = ["furl (>=0.4.1)"]
 
 [[package]]
 name = "sqlparse"
-version = "0.4.2"
+version = "0.4.4"
 description = "A non-validating SQL parser."
 optional = false
 python-versions = ">=3.5"
 files = [
-    {file = "sqlparse-0.4.2-py3-none-any.whl", hash = "sha256:48719e356bb8b42991bdbb1e8b83223757b93789c00910a616a071910ca4a64d"},
+    {file = "sqlparse-0.4.4-py3-none-any.whl", hash = "sha256:5430a4fe2ac7d0f93e66f1efc6e1338a41884b7ddf2a350cedd20ccc4d9d28f3"},
-    {file = "sqlparse-0.4.2.tar.gz", hash = "sha256:0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae"},
+    {file = "sqlparse-0.4.4.tar.gz", hash = "sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c"},
 ]
 
+[package.extras]
+dev = ["build", "flake8"]
+doc = ["sphinx"]
+test = ["pytest", "pytest-cov"]
+
 [[package]]
 name = "strictyaml"
 version = "1.1.0"
@@ -3249,47 +3193,35 @@ pytz = "*"
 requests = ">=2.0.0"
 
 [[package]]
-name = "typed-ast"
+name = "typer"
-version = "1.5.2"
+version = "0.9.0"
-description = "a fork of Python 2 and 3 ast modules with type comment support"
+description = "Typer, build great CLIs. Easy to code. Based on Python type hints."
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "typed_ast-1.5.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:183b183b7771a508395d2cbffd6db67d6ad52958a5fdc99f450d954003900266"},
+    {file = "typer-0.9.0-py3-none-any.whl", hash = "sha256:5d96d986a21493606a358cae4461bd8cdf83cbf33a5aa950ae629ca3b51467ee"},
-    {file = "typed_ast-1.5.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:676d051b1da67a852c0447621fdd11c4e104827417bf216092ec3e286f7da596"},
+    {file = "typer-0.9.0.tar.gz", hash = "sha256:50922fd79aea2f4751a8e0408ff10d2662bd0c8bbfa84755a699f3bada2978b2"},
-    {file = "typed_ast-1.5.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bc2542e83ac8399752bc16e0b35e038bdb659ba237f4222616b4e83fb9654985"},
-    {file = "typed_ast-1.5.2-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:74cac86cc586db8dfda0ce65d8bcd2bf17b58668dfcc3652762f3ef0e6677e76"},
-    {file = "typed_ast-1.5.2-cp310-cp310-win_amd64.whl", hash = "sha256:18fe320f354d6f9ad3147859b6e16649a0781425268c4dde596093177660e71a"},
-    {file = "typed_ast-1.5.2-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:31d8c6b2df19a777bc8826770b872a45a1f30cfefcfd729491baa5237faae837"},
-    {file = "typed_ast-1.5.2-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:963a0ccc9a4188524e6e6d39b12c9ca24cc2d45a71cfdd04a26d883c922b4b78"},
-    {file = "typed_ast-1.5.2-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:0eb77764ea470f14fcbb89d51bc6bbf5e7623446ac4ed06cbd9ca9495b62e36e"},
-    {file = "typed_ast-1.5.2-cp36-cp36m-win_amd64.whl", hash = "sha256:294a6903a4d087db805a7656989f613371915fc45c8cc0ddc5c5a0a8ad9bea4d"},
-    {file = "typed_ast-1.5.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:26a432dc219c6b6f38be20a958cbe1abffcc5492821d7e27f08606ef99e0dffd"},
-    {file = "typed_ast-1.5.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c7407cfcad702f0b6c0e0f3e7ab876cd1d2c13b14ce770e412c0c4b9728a0f88"},
-    {file = "typed_ast-1.5.2-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f30ddd110634c2d7534b2d4e0e22967e88366b0d356b24de87419cc4410c41b7"},
-    {file = "typed_ast-1.5.2-cp37-cp37m-win_amd64.whl", hash = "sha256:8c08d6625bb258179b6e512f55ad20f9dfef019bbfbe3095247401e053a3ea30"},
-    {file = "typed_ast-1.5.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:90904d889ab8e81a956f2c0935a523cc4e077c7847a836abee832f868d5c26a4"},
-    {file = "typed_ast-1.5.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:bbebc31bf11762b63bf61aaae232becb41c5bf6b3461b80a4df7e791fabb3aca"},
-    {file = "typed_ast-1.5.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c29dd9a3a9d259c9fa19d19738d021632d673f6ed9b35a739f48e5f807f264fb"},
-    {file = "typed_ast-1.5.2-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:58ae097a325e9bb7a684572d20eb3e1809802c5c9ec7108e85da1eb6c1a3331b"},
-    {file = "typed_ast-1.5.2-cp38-cp38-win_amd64.whl", hash = "sha256:da0a98d458010bf4fe535f2d1e367a2e2060e105978873c04c04212fb20543f7"},
-    {file = "typed_ast-1.5.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:33b4a19ddc9fc551ebabca9765d54d04600c4a50eda13893dadf67ed81d9a098"},
-    {file = "typed_ast-1.5.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:1098df9a0592dd4c8c0ccfc2e98931278a6c6c53cb3a3e2cf7e9ee3b06153344"},
-    {file = "typed_ast-1.5.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:42c47c3b43fe3a39ddf8de1d40dbbfca60ac8530a36c9b198ea5b9efac75c09e"},
-    {file = "typed_ast-1.5.2-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f290617f74a610849bd8f5514e34ae3d09eafd521dceaa6cf68b3f4414266d4e"},
-    {file = "typed_ast-1.5.2-cp39-cp39-win_amd64.whl", hash = "sha256:df05aa5b241e2e8045f5f4367a9f6187b09c4cdf8578bb219861c4e27c443db5"},
-    {file = "typed_ast-1.5.2.tar.gz", hash = "sha256:525a2d4088e70a9f75b08b3f87a51acc9cde640e19cc523c7e41aa355564ae27"},
 ]
 
+[package.dependencies]
+click = ">=7.1.1,<9.0.0"
+typing-extensions = ">=3.7.4.3"
+
+[package.extras]
+all = ["colorama (>=0.4.3,<0.5.0)", "rich (>=10.11.0,<14.0.0)", "shellingham (>=1.3.0,<2.0.0)"]
+dev = ["autoflake (>=1.3.1,<2.0.0)", "flake8 (>=3.8.3,<4.0.0)", "pre-commit (>=2.17.0,<3.0.0)"]
+doc = ["cairosvg (>=2.5.2,<3.0.0)", "mdx-include (>=1.4.1,<2.0.0)", "mkdocs (>=1.1.2,<2.0.0)", "mkdocs-material (>=8.1.4,<9.0.0)", "pillow (>=9.3.0,<10.0.0)"]
+test = ["black (>=22.3.0,<23.0.0)", "coverage (>=6.2,<7.0)", "isort (>=5.0.6,<6.0.0)", "mypy (==0.910)", "pytest (>=4.4.0,<8.0.0)", "pytest-cov (>=2.10.0,<5.0.0)", "pytest-sugar (>=0.9.4,<0.10.0)", "pytest-xdist (>=1.32.0,<4.0.0)", "rich (>=10.11.0,<14.0.0)", "shellingham (>=1.3.0,<2.0.0)"]
+
 [[package]]
 name = "typing-extensions"
-version = "4.0.1"
+version = "4.8.0"
-description = "Backported and Experimental Type Hints for Python 3.6+"
+description = "Backported and Experimental Type Hints for Python 3.8+"
 optional = false
-python-versions = ">=3.6"
+python-versions = ">=3.8"
 files = [
-    {file = "typing_extensions-4.0.1-py3-none-any.whl", hash = "sha256:7f001e5ac290a0c0401508864c7ec868be4e701886d5b573a9528ed3973d9d3b"},
+    {file = "typing_extensions-4.8.0-py3-none-any.whl", hash = "sha256:8f92fc8806f9a6b641eaa5318da32b44d401efaac0f6678c9bc448ba3605faa0"},
-    {file = "typing_extensions-4.0.1.tar.gz", hash = "sha256:4ca091dea149f945ec56afb48dae714f21e8692ef22a395223bcd328961b6a0e"},
+    {file = "typing_extensions-4.8.0.tar.gz", hash = "sha256:df8e4339e9cb77357558cbdbceca33c303714cf861d1eef15e1070055ae8b7ef"},
 ]
 
 [[package]]
@@ -3345,7 +3277,6 @@ files = [
 "backports.entry-points-selectable" = ">=1.0.4"
 distlib = ">=0.3.1,<1"
 filelock = ">=3.0.0,<4"
-importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""}
 platformdirs = ">=2,<3"
 six = ">=1.9.0,<2"
 
@@ -3426,6 +3357,20 @@ files = [
 dev = ["coverage", "pallets-sphinx-themes", "pytest", "pytest-timeout", "sphinx", "sphinx-issues", "tox"]
 watchdog = ["watchdog"]
 
+[[package]]
+name = "win32-setctime"
+version = "1.1.0"
+description = "A small Python utility to set file creation time on Windows"
+optional = false
+python-versions = ">=3.5"
+files = [
+    {file = "win32_setctime-1.1.0-py3-none-any.whl", hash = "sha256:231db239e959c2fe7eb1d7dc129f11172354f98361c4fa2d6d2d7e278baa8aad"},
+    {file = "win32_setctime-1.1.0.tar.gz", hash = "sha256:15cf5750465118d6929ae4de4eb46e8edae9a5634350c01ba582df868e932cb2"},
+]
+
+[package.extras]
+dev = ["black (>=19.3b0)", "pytest (>=4.6.2)"]
+
 [[package]]
 name = "wrapt"
 version = "1.15.0"
@@ -3635,7 +3580,6 @@ files = [
 [package.dependencies]
 idna = ">=2.0"
 multidict = ">=4.0"
-typing-extensions = {version = ">=3.7.4", markers = "python_version < \"3.8\""}
 
 [[package]]
 name = "zipp"
@@ -3729,5 +3673,5 @@ testing = ["coverage (>=5.0.3)", "zope.event", "zope.testing"]
 
 [metadata]
 lock-version = "2.0"
-python-versions = "^3.7.2"
+python-versions = "^3.10"
-content-hash = "9cf184eded5a8fb41f7725ff5ed0f26ad5bbd44b9d59a9180abb4c6bf3fe278a"
+content-hash = "8bf71c74c8f4d1afe6b1ab0912702cdb47086474168bed8a9230c398abf349dd"

app/pyproject.toml

@@ -53,7 +53,7 @@ packages = [
 include = ["templates/*", "templates/**/*", "local_data/*.txt"]
 
 [tool.poetry.dependencies]
-python = "^3.7.2"
+python = "^3.10"
 flask = "^1.1.2"
 flask_login = "^0.5.0"
 wtforms = "^2.3.3"
@@ -96,7 +96,6 @@ pyspf = "^2.0.14"
 Flask-Limiter = "^1.4"
 memory_profiler = "^0.57.0"
 gevent = "22.10.2"
-aiospamc = "^0.6.1"
 email_validator = "^1.1.1"
 PGPy = "0.5.4"
 coinbase-commerce = "^1.0.1"
@@ -112,6 +111,7 @@ cryptography = "37.0.1"
 SQLAlchemy = "1.3.24"
 redis = "^4.5.3"
 newrelic-telemetry-sdk = "^0.5.0"
+aiospamc = "0.10"
 
 [tool.poetry.dev-dependencies]
 pytest = "^7.0.0"

app/templates/base.html

@@ -86,6 +86,12 @@
   </head>
   <body>
     <div class="page">
+      {% if current_user.is_authenticated and current_user.should_show_upgrade_button() %}
+
+        <div class="alert alert-success text-center mb-0" role="alert">
+          Black Friday: $20 for the first year instead of $30. Available until December 1st.
+        </div>
+      {% endif %}
       {% block announcement %}{% endblock %}
       <div class="container">
         <!-- For flash messages -->

app/templates/dashboard/alias_contact_manager.html

@@ -133,6 +133,7 @@
           <div>
             <span>
               <a href="{{ 'mailto:' + contact.website_send_to() }}"
+                 target="_blank"
                  data-toggle="tooltip"
                  title="You can click on this to open your email client. Or use the copy button 👉"
                  class="font-weight-bold">

app/templates/dashboard/app.html

@@ -48,7 +48,7 @@
                         {% if scope == "email" %}
 
                           Email:
-                          <a href="mailto:{{ val }}">{{ val }}</a>
+                          <a href="mailto:{{ val }}" target="_blank">{{ val }}</a>
                         {% elif scope == "name" %}
                           Name: {{ val }}
                         {% endif %}

app/templates/dashboard/domain_detail/dns.html

@@ -268,7 +268,7 @@
           If you are using a subdomain, e.g. <i>subdomain.domain.com</i>,
           you need to use <i>dkim._domainkey.subdomain</i> as the domain instead.
           <br />
-          That means, if your domain is <i>mail.domain.com</i> you should enter <i>dkim._domainkey.mail.domain.com</i> as the Domain.
+          That means, if your domain is <i>mail.domain.com</i> you should enter <i>dkim._domainkey.mail</i> as the Domain.
           <br />
         </div>
         <div class="alert alert-info">

app/templates/dashboard/mailbox_detail.html

@@ -71,177 +71,181 @@
         </form>
       </div>
       <!-- END Change email -->
-      {% if mailbox.pgp_finger_print and not mailbox.disable_pgp and current_user.include_sender_in_reverse_alias %}
+      <!-- Not show PGP option for Proton mailbox -->
+      {% if mailbox.is_proton() and not mailbox.pgp_enabled() %}
 
         <div class="alert alert-info">
-          Email headers like <span class="italic">From, To, Subject</span> aren't encrypted by PGP.
+          As an email is always encrypted at rest in Proton Mail, having SimpleLogin also encrypt your email is redundant and does not add any security benefit.
-          Currently, your reverse alias includes the sender address.
+          <br>
-          You can disable this on <a href="/dashboard/setting#sender-in-ra">Settings</a>.
+          The PGP option on SimpleLogin is instead useful for when your mailbox provider isn't encrypted by default like Gmail, Outlook, etc.
         </div>
       {% endif %}
-      <div class="card">
+      <div class="{% if mailbox.is_proton() and not mailbox.pgp_enabled() %}
-        <div class="card-body">
+         disabled-content{% endif %}">
-          <div class="card-title">
+        {% if mailbox.pgp_finger_print and not mailbox.disable_pgp and current_user.include_sender_in_reverse_alias and not mailbox.is_proton() %}
-            <div class="d-flex">
+
-              Pretty Good Privacy (PGP)
+          <div class="alert alert-info">
+            Email headers like <span class="italic">From, To, Subject</span> aren't encrypted by PGP.
+            Currently, your reverse alias includes the sender address.
+            You can disable this on <a href="/dashboard/setting#sender-in-ra">Settings</a>.
+          </div>
+        {% endif %}
+        <div class="card">
+          <div class="card-body">
+            <div class="card-title">
+              <div class="d-flex">
+                Pretty Good Privacy (PGP)
+                {% if mailbox.pgp_finger_print %}
+
+                  <form method="post">
+                    {{ csrf_form.csrf_token }}
+                    <input type="hidden" name="form-name" value="toggle-pgp">
+                    <label class="custom-switch cursor" style="padding-left: 1rem" data-toggle="tooltip" {% if mailbox.disable_pgp %}
+                       title="Enable PGP" {% else %} title="Disable PGP" {% endif %}>
+                      <input type="checkbox" class="custom-switch-input" name="pgp-enabled" {{ "" if mailbox.disable_pgp else "checked" }}>
+                      <span class="custom-switch-indicator"></span>
+                    </label>
+                  </form>
+                {% endif %}
+              </div>
+              <div class="small-text mt-1">
+                By importing your PGP Public Key into SimpleLogin, all emails sent to {{ mailbox.email }} are
+                <b>encrypted</b> with your key.
+                <br />
+                {% if PGP_SIGNER %}All forwarded emails will be signed with <b>{{ PGP_SIGNER }}</b>.{% endif %}
+              </div>
+            </div>
+            {% if not current_user.is_premium() %}
+
+              <div class="alert alert-danger" role="alert">This feature is only available in premium plan.</div>
+            {% endif %}
+            <form method="post">
+              {{ csrf_form.csrf_token }}
+              <div class="form-group">
+                <label class="form-label">PGP Public Key</label>
+                <textarea name="pgp" {% if not current_user.is_premium() %} disabled {% endif %} class="form-control" rows=10 id="pgp-public-key" placeholder="(Drag and drop or paste your pgp public key here)&#10;-----BEGIN PGP PUBLIC KEY BLOCK-----">{{ mailbox.pgp_public_key or "" }}</textarea>
+              </div>
+              <input type="hidden" name="form-name" value="pgp">
+              <button class="btn btn-primary" name="action" {% if not current_user.is_premium() %}
+                 disabled {% endif %} value="save">
+                Save
+              </button>
               {% if mailbox.pgp_finger_print %}
 
-                <form method="post">
+                <button class="btn btn-danger float-right" name="action" value="remove">Remove</button>
-                  {{ csrf_form.csrf_token }}
-                  <input type="hidden" name="form-name" value="toggle-pgp">
-                  <label class="custom-switch cursor" style="padding-left: 1rem" data-toggle="tooltip" {% if mailbox.disable_pgp %}
-                     title="Enable PGP" {% else %} title="Disable PGP" {% endif %}>
-                    <input type="checkbox" class="custom-switch-input" name="pgp-enabled" {{ "" if mailbox.disable_pgp else "checked" }}>
-                    <span class="custom-switch-indicator"></span>
-                  </label>
-                </form>
               {% endif %}
-            </div>
+            </form>
-            <div class="small-text mt-1">
-              By importing your PGP Public Key into SimpleLogin, all emails sent to {{ mailbox.email }} are
-              <b>encrypted</b> with your key.
-              <br />
-              {% if PGP_SIGNER %}All forwarded emails will be signed with <b>{{ PGP_SIGNER }}</b>.{% endif %}
-            </div>
           </div>
-          {% if not current_user.is_premium() %}
-
-            <div class="alert alert-danger" role="alert">This feature is only available in premium plan.</div>
-          {% endif %}
-          <form method="post">
-            {{ csrf_form.csrf_token }}
-            <div class="form-group">
-              <label class="form-label">PGP Public Key</label>
-              <textarea name="pgp" {% if not current_user.is_premium() %} disabled {% endif %} class="form-control" rows=10 id="pgp-public-key" placeholder="(Drag and drop or paste your pgp public key here)&#10;-----BEGIN PGP PUBLIC KEY BLOCK-----">{{ mailbox.pgp_public_key or "" }}</textarea>
-            </div>
-            <input type="hidden" name="form-name" value="pgp">
-            <button class="btn btn-primary" name="action" {% if not current_user.is_premium() %}
-               disabled {% endif %} value="save">
-              Save
-            </button>
-            {% if mailbox.pgp_finger_print %}
-
-              <button class="btn btn-danger float-right" name="action" value="remove">Remove</button>
-            {% endif %}
-          </form>
         </div>
       </div>
-      <div class="card" {% if not mailbox.pgp_enabled() %}
+      <div class="card" id="generic-subject">
-         disabled {% endif %}>
+        <form method="post" action="#generic-subject">
-        <form method="post">
           {{ csrf_form.csrf_token }}
           <input type="hidden" name="form-name" value="generic-subject">
           <div class="card-body">
             <div class="card-title">
-              Hide email subject when PGP is enabled
+              Hide email subject
               <div class="small-text mt-1">
-                When PGP is enabled, you can choose to use a <b>generic</b> subject for the forwarded emails.
+                The original subject will be added to the email body and all forwarded emails will have the generic subject.
-                The original subject is then added into the email body.
                 <br />
-                As PGP does not encrypt the email subject and the email subject might contain sensitive information,
+                This option is often used when PGP is enabled.
-                this option will allow a further protection of your email content.
+                As PGP does not encrypt the email subject, it allows a further protection of your email content.
               </div>
             </div>
-            <div class="alert alert-info">
-              As the email is encrypted, a subject like "Email for you"
-              will probably be rejected by your mailbox since it sounds like a spam.
-              <br />
-              Something like "Encrypted Email" would work much better :).
-            </div>
             <div class="form-group">
               <label class="form-label">Generic Subject</label>
-              <input name="generic-subject" {% if not mailbox.pgp_enabled() %}
+              <input name="generic-subject"
-                 disabled {% endif %} class="form-control" maxlength="78" placeholder="Generic Subject" value="{{ mailbox.generic_subject or "" }}">
+                     class="form-control"
-              </div>
+                     maxlength="78"
-              <button class="btn btn-primary" name="action" {% if not mailbox.pgp_enabled() %}
+                     placeholder="Generic Subject"
-                 disabled {% endif %} value="save">
+                     value="{{ mailbox.generic_subject or "" }}">
-                Save
+            </div>
-              </button>
+            <button class="btn btn-primary" name="action" value="save">Save</button>
-              {% if mailbox.generic_subject %}
+            {% if mailbox.generic_subject %}
 
-                <button class="btn btn-danger float-right" name="action" value="remove">Remove</button>
+              <button class="btn btn-danger float-right" name="action" value="remove">Remove</button>
-              {% endif %}
+            {% endif %}
+          </div>
+        </form>
+      </div>
+      <hr />
+      <h2 class="h4">Advanced Options</h2>
+      {% if spf_available %}
+
+        <div class="card" id="spf">
+          <form method="post">
+            {{ csrf_form.csrf_token }}
+            <input type="hidden" name="form-name" value="force-spf">
+            <div class="card-body">
+              <div class="card-title">
+                Enforce SPF
+                <div class="small-text">
+                  To avoid email-spoofing, SimpleLogin blocks email that
+                  <em data-toggle="tooltip"
+                      title="Email that has your mailbox as envelope-sender address">seems</em> to come from your
+                  mailbox
+                  but sent from <em data-toggle="tooltip"
+     title="IP Address that is not known by your mailbox email service">unknown</em>
+                  IP address.
+                  <br />
+                  Only turn off this option if you know what you're doing :).
+                </div>
+              </div>
+              <label class="custom-switch cursor mt-2 pl-0" data-toggle="tooltip" {% if mailbox.force_spf %}
+                 title="Disable SPF enforcement" {% else %} title="Enable SPF enforcement" {% endif %}>
+                <input type="checkbox" name="spf-status" class="custom-switch-input" {{ "checked" if mailbox.force_spf else "" }}>
+                <span class="custom-switch-indicator"></span>
+              </label>
             </div>
           </form>
         </div>
-        <hr />
+      {% endif %}
-        <h2 class="h4">Advanced Options</h2>
+      <div class="card" id="authorized-address">
-        {% if spf_available %}
+        <div class="card-body">
-
+          <div class="card-title">
-          <div class="card" id="spf">
+            Authorized addresses
-            <form method="post">
+            <div class="small-text">
-              {{ csrf_form.csrf_token }}
+              Emails sent from these addresses to a <b>reverse-alias</b> are considered as being sent
-              <input type="hidden" name="form-name" value="force-spf">
+              from {{ mailbox.email }}
-              <div class="card-body">
-                <div class="card-title">
-                  Enforce SPF
-                  <div class="small-text">
-                    To avoid email-spoofing, SimpleLogin blocks email that
-                    <em data-toggle="tooltip"
-                        title="Email that has your mailbox as envelope-sender address">seems</em> to come from your
-                    mailbox
-                    but sent from <em data-toggle="tooltip"
-     title="IP Address that is not known by your mailbox email service">unknown</em>
-                    IP address.
-                    <br />
-                    Only turn off this option if you know what you're doing :).
-                  </div>
-                </div>
-                <label class="custom-switch cursor mt-2 pl-0" data-toggle="tooltip" {% if mailbox.force_spf %}
-                   title="Disable SPF enforcement" {% else %} title="Enable SPF enforcement" {% endif %}>
-                  <input type="checkbox" name="spf-status" class="custom-switch-input" {{ "checked" if mailbox.force_spf else "" }}>
-                  <span class="custom-switch-indicator"></span>
-                </label>
-              </div>
-            </form>
-          </div>
-        {% endif %}
-        <div class="card" id="authorized-address">
-          <div class="card-body">
-            <div class="card-title">
-              Authorized addresses
-              <div class="small-text">
-                Emails sent from these addresses to a <b>reverse-alias</b> are considered as being sent
-                from {{ mailbox.email }}
-              </div>
             </div>
-            {% if mailbox.authorized_addresses | length == 0 %}
-
-            {% else %}
-              <ul>
-                {% for authorized_address in mailbox.authorized_addresses %}
-
-                  <li>
-                    {{ authorized_address.email }}
-                    <form method="post" action="#authorized-address" style="display: inline">
-                      {{ csrf_form.csrf_token }}
-                      <input type="hidden" name="form-name" value="delete-authorized-address">
-                      <input type="hidden"
-                             name="authorized-address-id"
-                             value="{{ authorized_address.id }}">
-                      <input type="submit" class="btn btn-sm btn-outline-warning" value="Delete">
-                    </form>
-                  </li>
-                {% endfor %}
-              </ul>
-            {% endif %}
-            <form method="post" action="#authorized-address" class="form-inline">
-              {{ csrf_form.csrf_token }}
-              <input type="hidden" name="form-name" value="add-authorized-address">
-              <input type="email" name="email" size="50" class="form-control" required>
-              <input type="submit" class="btn btn-primary" value="Add">
-            </form>
           </div>
+          {% if mailbox.authorized_addresses | length == 0 %}
+
+          {% else %}
+            <ul>
+              {% for authorized_address in mailbox.authorized_addresses %}
+
+                <li>
+                  {{ authorized_address.email }}
+                  <form method="post" action="#authorized-address" style="display: inline">
+                    {{ csrf_form.csrf_token }}
+                    <input type="hidden" name="form-name" value="delete-authorized-address">
+                    <input type="hidden"
+                           name="authorized-address-id"
+                           value="{{ authorized_address.id }}">
+                    <input type="submit" class="btn btn-sm btn-outline-warning" value="Delete">
+                  </form>
+                </li>
+              {% endfor %}
+            </ul>
+          {% endif %}
+          <form method="post" action="#authorized-address" class="form-inline">
+            {{ csrf_form.csrf_token }}
+            <input type="hidden" name="form-name" value="add-authorized-address">
+            <input type="email" name="email" size="50" class="form-control" required>
+            <input type="submit" class="btn btn-primary" value="Add">
+          </form>
         </div>
       </div>
     </div>
-  {% endblock %}
+  </div>
-  {% block script %}
+{% endblock %}
-    <script src="/static/js/utils/drag-drop-into-text.js"></script>
+{% block script %}
-    <script>
+  <script src="/static/js/utils/drag-drop-into-text.js"></script>
+  <script>
     $(".custom-switch-input").change(function (e) {
       $(this).closest("form").submit();
     });
     enableDragDropForPGPKeys('#pgp-public-key');
-    </script>
+  </script>
-  {% endblock %}
+{% endblock %}

app/templates/dashboard/pricing.html

@@ -57,6 +57,19 @@
 {% endblock %}
 {% block default_content %}
 
+  <div class="alert alert-info">
+    Black Friday Deal: 33% off on the yearly plan for the <b>first</b> year ($20 instead of $30).
+    <br>
+    Please use this coupon code
+    <em data-toggle="tooltip"
+        title="Click to copy"
+        class="clipboard"
+        data-clipboard-text="BF2023">BF2023</em> during the checkout.
+    <br>
+    <img src="/static/images/coupon.png" class="m-2" style="max-width: 300px">
+    <br>
+    Available until December 1, 2023.
+  </div>
   <div class="pb-8">
     <div class="text-center mx-md-auto mb-8 mt-6">
       <h1>Upgrade to unlock premium features</h1>
@@ -207,7 +220,7 @@
                 <div class="card-body">
                   <div class="text-center">
                     <div class="h3">Proton plan</div>
-                    <div class="h3 my-3">Starts at $11.99 / month</div>
+                    <div class="h3 my-3">Starts at $12.99 / month</div>
                     <div class="text-center mt-4 mb-6">
                       <a class="btn btn-lg btn-outline-primary w-100"
                          role="button"
@@ -225,10 +238,6 @@
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
                       500 GB storage
                     </li>
-                    <li class="d-flex">
-                      <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      15 email addresses
-                    </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
                       Unlimited folders, labels, and filters
@@ -239,11 +248,7 @@
                     </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      15 email addresses
+                      25 calendars
-                    </li>
-                    <li class="d-flex">
-                      <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      20 Calendars
                     </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
@@ -376,10 +381,6 @@
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
                       500 GB storage
                     </li>
-                    <li class="d-flex">
-                      <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      15 email addresses/aliases
-                    </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
                       Unlimited folders, labels, and filters
@@ -390,11 +391,7 @@
                     </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      15 email addresses/aliases
+                      25 calendars
-                    </li>
-                    <li class="d-flex">
-                      <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
-                      20 Calendars
                     </li>
                     <li class="d-flex">
                       <i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
@@ -478,7 +475,7 @@
                 </a>, which currently supports Bitcoin, Bitcoin Cash, DAI, ApeCoin, Dogecoin, Ethereum, Litecoin, SHIBA INU, Tether and USD Coin.
               </p>
               <p>
-                In the future, we are going to support Monero as well. In the meantime, please send us an email at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> if you want to use this cryptocurrency.
+                In the future, we are going to support Monero as well. In the meantime, please send us an email at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> if you want to use this cryptocurrency.
               </p>
               <div class="d-flex justify-content-center">
                 <a class="btn btn-outline-primary text-center"
@@ -645,7 +642,7 @@
                 </li>
               </ul>
               <p>
-                Please send us an email at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> for more info.
+                Please send us an email at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> for more info.
               </p>
               <p>
                 We used to offer free premium accounts for students but this program ended at June 17 2021. Please note this doesn't affect existing accounts who have already benefited from the program or requests sent before this date.
@@ -708,7 +705,7 @@
                data-parent="#pricing-faq">
             <div class="card-body">
               <p>
-                No we don't have a family plan but offer 30% reduction for additional subscriptions. Please contact us at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> for more information.
+                No we don't have a family plan but offer 30% reduction for additional subscriptions. Please contact us at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> for more information.
               </p>
             </div>
           </div>

app/templates/dashboard/referral.html

@@ -22,7 +22,7 @@
       For every user who <b>upgrades</b> and stays with us at least 3 months, you'll get $5 :).
       <br />
       The payout can be initiated any time, just send us an email at
-      <a href="mailto:hi@simplelogin.io">hi@simplelogin.io</a>
+      <a href="mailto:hi@simplelogin.io" target="_blank">hi@simplelogin.io</a>
       when you want to receive the payout.
     </div>
     {% if referrals|length == 0 %}

app/templates/dashboard/unsubscribe.html

@@ -9,7 +9,7 @@
       <h1 class="h3">Block alias</h1>
       <p>
         You are about to block the alias
-        <a href="mailto:{{ alias }}">{{ alias }}</a>
+        <a href="mailto:{{ alias }}" target="_blank">{{ alias }}</a>
       </p>
       <p>After this, you will stop receiving all emails sent to this alias, please confirm.</p>
       <form method="post">

app/templates/oauth/authorize.html

@@ -61,7 +61,7 @@
                 <img src="{{ user_info[scope.value] }}" class="avatar">
               {% elif scope == Scope.EMAIL %}
                 {{ scope.value }}:
-                <a href="mailto:{{ user_info[scope.value] }}">{{ user_info[scope.value] }}</a>
+                <a href="mailto:{{ user_info[scope.value] }}" target="_blank">{{ user_info[scope.value] }}</a>
               {% elif scope == Scope.NAME %}
                 {{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
               {% endif %}

app/tests/dashboard/test_alias_transfer.py

@@ -1,4 +1,4 @@
-from app.dashboard.views import alias_transfer
+import app.alias_utils
 from app.db import Session
 from app.models import (
     Alias,
@@ -29,7 +29,7 @@ def test_alias_transfer(flask_client):
         user_id=new_user.id, email="hey2@example.com", verified=True, commit=True
     )
 
-    alias_transfer.transfer(alias, new_user, new_user.mailboxes())
+    app.alias_utils.transfer_alias(alias, new_user, new_user.mailboxes())
 
     # refresh from db
     alias = Alias.get(alias.id)

app/tests/proton/test_proton_client.py

@@ -1,5 +1,7 @@
 import pytest
+from http import HTTPStatus
 
+from app.errors import ProtonAccountNotVerified
 from app.proton import proton_client
 
 
@@ -19,3 +21,30 @@ def test_convert_access_token_not_containing_invalid_length():
     for case in cases:
         with pytest.raises(Exception):
             proton_client.convert_access_token(case)
+
+
+def test_handle_response_not_ok_account_not_verified():
+    res = proton_client.handle_response_not_ok(
+        status=HTTPStatus.UNPROCESSABLE_ENTITY,
+        body={"Code": proton_client.PROTON_ERROR_CODE_HV_NEEDED},
+        text="",
+    )
+    assert isinstance(res, ProtonAccountNotVerified)
+
+
+def test_handle_response_unprocessable_entity_not_account_not_verified():
+    error_text = "some error text"
+    res = proton_client.handle_response_not_ok(
+        status=HTTPStatus.UNPROCESSABLE_ENTITY, body={"Code": 4567}, text=error_text
+    )
+    assert error_text in res.args[0]
+
+
+def test_handle_response_not_ok_unknown_error():
+    error_text = "some error text"
+    res = proton_client.handle_response_not_ok(
+        status=123,
+        body={"Code": proton_client.PROTON_ERROR_CODE_HV_NEEDED},
+        text=error_text,
+    )
+    assert error_text in res.args[0]

app/tests/test_account_linking.py

@@ -18,7 +18,7 @@ from app.db import Session
 from app.errors import AccountAlreadyLinkedToAnotherPartnerException
 from app.models import Partner, PartnerUser, User
 from app.proton.utils import get_proton_partner
-from app.utils import random_string
+from app.utils import random_string, canonicalize_email
 from tests.utils import random_email
 
 
@@ -377,3 +377,48 @@ def test_link_account_with_uppercase(flask_client):
     )
     assert partner_user.partner_id == get_proton_partner().id
     assert partner_user.external_user_id == partner_user_id
+
+
+def test_login_to_account_with_canonical_email(flask_client):
+    email = "a.{rand}@gmail.com".format(rand=random_string(10))
+    canonical_email = canonicalize_email(email)
+    assert email != canonical_email
+    partner_user_id = random_string()
+    link_request = random_link_request(
+        external_user_id=partner_user_id, email=email.upper()
+    )
+    user = create_user(canonical_email)
+    assert user.email == canonical_email
+    res = process_login_case(link_request, get_proton_partner())
+    assert res.user.id == user.id
+
+
+def test_login_to_account_with_canonical_email_if_there_is_also_non_canonical(
+    flask_client,
+):
+    email = "a.{rand}@gmail.com".format(rand=random_string(10))
+    canonical_email = canonicalize_email(email)
+    assert email != canonical_email
+    partner_user_id = random_string()
+    link_request = random_link_request(
+        external_user_id=partner_user_id, email=email.upper()
+    )
+    user = create_user(canonical_email)
+    create_user(email)
+    assert user.email == canonical_email
+    res = process_login_case(link_request, get_proton_partner())
+    assert res.user.id == user.id
+
+
+def test_login_creates_account_with_canonical_email(
+    flask_client,
+):
+    email = "a.{rand}@gmail.com".format(rand=random_string(10))
+    canonical_email = canonicalize_email(email)
+    assert email != canonical_email
+    partner_user_id = random_string()
+    link_request = random_link_request(
+        external_user_id=partner_user_id, email=email.upper()
+    )
+    res = process_login_case(link_request, get_proton_partner())
+    assert res.user.email == canonical_email

app/tests/test_cron.py

@@ -1,18 +1,17 @@
 import arrow
 
-from app.models import CoinbaseSubscription, ApiToCookieToken, ApiKey
+import cron
-from cron import notify_manual_sub_end, delete_expired_tokens
+from app.db import Session
+from app.models import CoinbaseSubscription, ApiToCookieToken, ApiKey, User
 from tests.utils import create_new_user
 
 
 def test_notify_manual_sub_end(flask_client):
     user = create_new_user()
-
     CoinbaseSubscription.create(
         user_id=user.id, end_at=arrow.now().shift(days=13, hours=2), commit=True
     )
-
+    cron.notify_manual_sub_end()
-    notify_manual_sub_end()
 
 
 def test_cleanup_tokens(flask_client):
@@ -33,6 +32,22 @@ def test_cleanup_tokens(flask_client):
         api_key_id=api_key.id,
         commit=True,
     ).id
-    delete_expired_tokens()
+    cron.delete_expired_tokens()
     assert ApiToCookieToken.get(id_to_clean) is None
     assert ApiToCookieToken.get(id_to_keep) is not None
+
+
+def test_cleanup_users():
+    u_delete_none_id = create_new_user().id
+    u_delete_after = create_new_user()
+    u_delete_after_id = u_delete_after.id
+    u_delete_before = create_new_user()
+    u_delete_before_id = u_delete_before.id
+    now = arrow.now()
+    u_delete_after.delete_on = now.shift(minutes=1)
+    u_delete_before.delete_on = now.shift(minutes=-1)
+    Session.flush()
+    cron.clear_users_scheduled_to_be_deleted()
+    assert User.get(u_delete_none_id) is not None
+    assert User.get(u_delete_after_id) is not None
+    assert User.get(u_delete_before_id) is None

app/tests/test_domains.py

@@ -199,3 +199,31 @@ def test_get_free_partner_and_hidden_default_domain():
     assert [d.domain for d in domains] == user.available_sl_domains(
         alias_options=options
     )
+
+
+def test_get_free_partner_and_premium_partner():
+    user = create_new_user()
+    user.trial_end = None
+    PartnerUser.create(
+        partner_id=get_proton_partner().id,
+        user_id=user.id,
+        external_user_id=random_token(10),
+        flush=True,
+    )
+    user.default_alias_public_domain_id = (
+        SLDomain.filter_by(hidden=False, premium_only=False).first().id
+    )
+    Session.flush()
+    options = AliasOptions(
+        show_sl_domains=False,
+        show_partner_domains=get_proton_partner(),
+        show_partner_premium=True,
+    )
+    domains = user.get_sl_domains(alias_options=options)
+    assert len(domains) == 3
+    assert domains[0].domain == "premium_partner"
+    assert domains[1].domain == "free_partner"
+    assert domains[2].domain == "free_non_partner"
+    assert [d.domain for d in domains] == user.available_sl_domains(
+        alias_options=options
+    )

app/tests/test_models.py

@@ -315,3 +315,13 @@ def test_create_contact_for_noreply(flask_client):
         reply_email=generate_reply_email(NOREPLY, alias),
     )
     assert contact.website_email == NOREPLY
+
+
+def test_user_can_send_receive():
+    user = create_new_user()
+    assert user.can_send_or_receive()
+    user.disabled = True
+    assert not user.can_send_or_receive()
+    user.disabled = False
+    user.delete_on = arrow.now()
+    assert not user.can_send_or_receive()

app/tests/utils.py

@@ -71,7 +71,7 @@ def load_eml_file(
         if not template_values:
             template_values = {}
         rendered = template.render(**template_values)
-        return email.message_from_string(rendered)
+        return email.message_from_bytes(rendered.encode("utf-8"))
 
 
 def random_email() -> str: