4.65.4

app/.github/workflows/main.yml

@@ -107,7 +107,7 @@ jobs:
 
       - name: Prepare version file
         run: |
-          scripts/generate-build-info.sh ${{ github.sha }}
+          scripts/generate-build-info.sh ${{ github.sha }} ${{ github.ref_name }}
           cat app/build_info.py
 
       - name: Test with pytest
@@ -164,7 +164,7 @@ jobs:
 
       - name: Prepare version file
         run: |
-          scripts/generate-build-info.sh ${{ github.sha }}
+          scripts/generate-build-info.sh ${{ github.sha }} ${{ github.ref_name }}
           cat app/build_info.py
 
       - name: Build image and publish to Docker Registry

app/app/admin_model.py

@@ -1,21 +1,25 @@
 from __future__ import annotations
+
 from typing import Optional, List
 
 import arrow
 import sqlalchemy
-from flask_admin import BaseView
-from flask_admin.form import SecureForm
-from flask_admin.model.template import EndpointLinkRowAction
-from markupsafe import Markup
-
-from app import models, s3, config
 from flask import redirect, url_for, request, flash, Response
+from flask_admin import BaseView
 from flask_admin import expose, AdminIndexView
 from flask_admin.actions import action
 from flask_admin.contrib import sqla
+from flask_admin.form import SecureForm
+from flask_admin.model.template import EndpointLinkRowAction
 from flask_login import current_user
+from markupsafe import Markup
 
-from app.custom_domain_validation import CustomDomainValidation, DomainValidationResult
+from app import models, s3, config
+from app.custom_domain_validation import (
+    CustomDomainValidation,
+    DomainValidationResult,
+    ExpectedValidationRecords,
+)
 from app.db import Session
 from app.dns_utils import get_network_dns_client
 from app.events.event_dispatcher import EventDispatcher
@@ -44,6 +48,7 @@ from app.models import (
     CustomDomain,
 )
 from app.newsletter_utils import send_newsletter_to_user, send_newsletter_to_address
+from app.proton.proton_unlink import perform_proton_account_unlink
 from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 
 
@@ -121,7 +126,7 @@ class SLAdminIndexView(AdminIndexView):
         if not current_user.is_authenticated or not current_user.is_admin:
             return redirect(url_for("auth.login", next=request.url))
 
-        return redirect("/admin/email_search")
+        return redirect(url_for("admin.email_search.index"))
 
 
 class UserAdmin(SLModelView):
@@ -913,7 +918,7 @@ class EmailSearchAdmin(BaseView):
     @expose("/", methods=["GET", "POST"])
     def index(self):
         search = EmailSearchResult()
-        email = request.args.get("email")
+        email = request.args.get("query")
         if email is not None and len(email) > 0:
             email = email.strip()
             search = EmailSearchResult.from_request_email(email)
@@ -925,17 +930,48 @@ class EmailSearchAdmin(BaseView):
             helper=EmailSearchHelpers,
         )
 
+    @expose("/partner_unlink", methods=["POST"])
+    def delete_partner_link(self):
+        user_id = request.form.get("user_id")
+        if not user_id:
+            flash("Missing user_id", "error")
+            return redirect(url_for("admin.email_search.index"))
+        try:
+            user_id = int(user_id)
+        except ValueError:
+            flash("Missing user_id", "error")
+            return redirect(url_for("admin.email_search.index", query=user_id))
+        user = User.get(user_id)
+        if user is None:
+            flash("User not found", "error")
+            return redirect(url_for("admin.email_search.index", query=user_id))
+        external_user_id = perform_proton_account_unlink(user, skip_check=True)
+        if not external_user_id:
+            flash("User unlinked", "success")
+            return redirect(url_for("admin.email_search.index", query=user_id))
+
+        AdminAuditLog.create(
+            admin_user_id=user.id,
+            model=User.__class__.__name__,
+            model_id=user.id,
+            action=AuditLogActionEnum.unlink_user.value,
+            data={"external_user_id": external_user_id},
+        )
+        Session.commit()
+
+        return redirect(url_for("admin.email_search.index", query=user_id))
+
 
 class CustomDomainWithValidationData:
     def __init__(self, domain: CustomDomain):
         self.domain: CustomDomain = domain
-        self.ownership_expected: Optional[str] = None
+        self.ownership_expected: Optional[ExpectedValidationRecords] = None
         self.ownership_validation: Optional[DomainValidationResult] = None
-        self.mx_expected: Optional[str] = None
+        self.mx_expected: Optional[dict[int, ExpectedValidationRecords]] = None
         self.mx_validation: Optional[DomainValidationResult] = None
-        self.spf_expected: Optional[str] = None
+        self.spf_expected: Optional[ExpectedValidationRecords] = None
         self.spf_validation: Optional[DomainValidationResult] = None
-        self.dkim_expected: {str: str} = {}
+        self.dkim_expected: {str: ExpectedValidationRecords} = {}
         self.dkim_validation: {str: str} = {}
 
 
@@ -990,7 +1026,6 @@ class CustomDomainSearchResult:
                     custom_domain
                 )
             out.domains.append(validation_data)
-            print(validation_data.dkim_expected, validation_data.dkim_validation)
 
         return out
 
@@ -1020,7 +1055,6 @@ class CustomDomainSearchAdmin(BaseView):
                     if cd is not None:
                         user = cd.user
             search = CustomDomainSearchResult.from_user(user)
-            print("NEW", search.domains)
 
         return self.render(
             "admin/custom_domain_search.html",

app/app/alias_mailbox_utils.py

@@ -36,6 +36,7 @@ def set_mailboxes_for_alias(
             Mailbox.user_id == user_id,
             Mailbox.verified == True,  # noqa: E712
         )
+        .order_by(Mailbox.id.asc())
         .all()
     )
     if len(mailboxes) != len(mailbox_ids):

app/app/api/serializer.py

@@ -191,15 +191,8 @@ def get_alias_infos_with_pagination_v3(
         q = q.order_by(Alias.email.desc())
     else:
         # default sorting
-        latest_activity = case(
-            [
-                (Alias.created_at > EmailLog.created_at, Alias.created_at),
-                (Alias.created_at < EmailLog.created_at, EmailLog.created_at),
-            ],
-            else_=Alias.created_at,
-        )
         q = q.order_by(Alias.pinned.desc())
-        q = q.order_by(latest_activity.desc())
+        q = q.order_by(func.greatest(Alias.created_at, EmailLog.created_at).desc())
 
     q = q.limit(page_limit).offset(page_id * page_size)
 

app/app/api/views/new_custom_alias.py

@@ -62,8 +62,17 @@ def new_custom_alias_v2():
     if not data:
         return jsonify(error="request body cannot be empty"), 400
 
-    alias_prefix = data.get("alias_prefix", "").strip().lower().replace(" ", "")
+    alias_prefix = data.get("alias_prefix", "")
-    signed_suffix = data.get("signed_suffix", "").strip()
+    if not isinstance(alias_prefix, str) or not alias_prefix:
+        return jsonify(error="invalid value for alias_prefix"), 400
+
+    alias_prefix = alias_prefix.strip().lower().replace(" ", "")
+    signed_suffix = data.get("signed_suffix", "")
+    if not isinstance(signed_suffix, str) or not signed_suffix:
+        return jsonify(error="invalid value for signed_suffix"), 400
+
+    signed_suffix = signed_suffix.strip()
+
     note = data.get("note")
     alias_prefix = convert_to_id(alias_prefix)
 

app/app/api/views/setting.py

@@ -12,7 +12,7 @@ from app.models import (
     SenderFormatEnum,
     AliasSuffixEnum,
 )
-from app.proton.utils import perform_proton_account_unlink
+from app.proton.proton_unlink import perform_proton_account_unlink
 
 
 def setting_to_dict(user: User):
@@ -144,5 +144,6 @@ def get_available_domains_for_random_alias_v2():
 @require_api_auth
 def unlink_proton_account():
     user = g.user
-    perform_proton_account_unlink(user)
+    if not perform_proton_account_unlink(user):
+        return jsonify(error="The account cannot be unlinked"), 400
     return jsonify({"ok": True})

app/app/api/views/user_info.py

@@ -12,7 +12,7 @@ from app.dashboard.views.index import get_stats
 from app.db import Session
 from app.image_validation import detect_image_format, ImageFormat
 from app.models import ApiKey, File, PartnerUser, User
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.session import logout_session
 from app.utils import random_string
 

app/app/auth/views/proton.py

@@ -23,7 +23,7 @@ from app.proton.proton_callback_handler import (
     ProtonCallbackHandler,
     Action,
 )
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.utils import sanitize_next_url, sanitize_scheme
 
 _authorization_base_url = PROTON_BASE_URL + "/oauth/authorize"

app/app/build_info.py

@@ -1,2 +1,3 @@
 SHA1 = "dev"
 BUILD_TIME = "1652365083"
+VERSION = SHA1

app/app/config.py

@@ -62,6 +62,17 @@ def get_env_dict(env_var: str) -> dict[str, str]:
     return result
 
 
+def get_env_csv(env_var: str, default: Optional[str]) -> list[str]:
+    """
+    Get an env variable and convert it into a list of strings separated by,
+    Syntax is: val1,val2
+    """
+    value = os.getenv(env_var, default)
+    if not value:
+        return []
+    return [field.strip() for field in value.split(",") if field.strip()]
+
+
 config_file = os.environ.get("CONFIG")
 if config_file:
     config_file = get_abs_path(config_file)
@@ -171,6 +182,14 @@ FIRST_ALIAS_DOMAIN = os.environ.get("FIRST_ALIAS_DOMAIN") or EMAIL_DOMAIN
 # e.g. [(10, "mx1.hostname."), (10, "mx2.hostname.")]
 EMAIL_SERVERS_WITH_PRIORITY = sl_getenv("EMAIL_SERVERS_WITH_PRIORITY")
 
+PROTON_MX_SERVERS = get_env_csv(
+    "PROTON_MX_SERVERS", "mail.protonmail.ch., mailsec.protonmail.ch."
+)
+
+PROTON_EMAIL_DOMAINS = get_env_csv(
+    "PROTON_EMAIL_DOMAINS", "proton.me, protonmail.com, protonmail.ch, proton.ch, pm.me"
+)
+
 # disable the alias suffix, i.e. the ".random_word" part
 DISABLE_ALIAS_SUFFIX = "DISABLE_ALIAS_SUFFIX" in os.environ
 

app/app/coupon_utils.py

@@ -9,7 +9,14 @@ from app.email_utils import send_email
 from app.events.event_dispatcher import EventDispatcher
 from app.events.generated.event_pb2 import EventContent, UserPlanChanged
 from app.log import LOG
-from app.models import User, ManualSubscription, Coupon, LifetimeCoupon
+from app.models import (
+    User,
+    ManualSubscription,
+    Coupon,
+    LifetimeCoupon,
+    PartnerSubscription,
+    PartnerUser,
+)
 from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 
 
@@ -87,6 +94,16 @@ def redeem_coupon(coupon_code: str, user: User) -> Optional[Coupon]:
 
 
 def redeem_lifetime_coupon(coupon_code: str, user: User) -> Optional[Coupon]:
+    if user.lifetime:
+        return None
+    partner_sub = (
+        Session.query(PartnerSubscription)
+        .join(PartnerUser, PartnerUser.id == PartnerSubscription.partner_user_id)
+        .filter(PartnerUser.user_id == user.id, PartnerSubscription.lifetime == True)  # noqa: E712
+        .first()
+    )
+    if partner_sub is not None:
+        return None
     coupon: LifetimeCoupon = LifetimeCoupon.get_by(code=coupon_code)
     if not coupon:
         return None

app/app/custom_domain_validation.py

@@ -5,9 +5,7 @@ from app import config
 from app.constants import DMARC_RECORD
 from app.db import Session
 from app.dns_utils import (
-    MxRecord,
     DNSClient,
-    is_mx_equivalent,
     get_network_dns_client,
 )
 from app.models import CustomDomain
@@ -21,6 +19,39 @@ class DomainValidationResult:
     errors: [str]
 
 
+@dataclass
+class ExpectedValidationRecords:
+    recommended: str
+    allowed: list[str]
+
+
+def is_mx_equivalent(
+    mx_domains: dict[int, list[str]],
+    expected_mx_domains: dict[int, ExpectedValidationRecords],
+) -> bool:
+    """
+    Compare mx_domains with ref_mx_domains to see if they are equivalent.
+    mx_domains and ref_mx_domains are list of (priority, domain)
+
+    The priority order is taken into account but not the priority number.
+    For example, [(1, domain1), (2, domain2)] is equivalent to [(10, domain1), (20, domain2)]
+    """
+
+    expected_prios = []
+    for prio in expected_mx_domains:
+        expected_prios.append(prio)
+
+    if len(expected_prios) != len(mx_domains):
+        return False
+
+    for prio_position, prio_value in enumerate(sorted(mx_domains.keys())):
+        for domain in mx_domains[prio_value]:
+            if domain not in expected_mx_domains[expected_prios[prio_position]].allowed:
+                return False
+
+    return True
+
+
 class CustomDomainValidation:
     def __init__(
         self,
@@ -37,59 +68,88 @@ class CustomDomainValidation:
             or config.PARTNER_CUSTOM_DOMAIN_VALIDATION_PREFIXES
         )
 
-    def get_ownership_verification_record(self, domain: CustomDomain) -> str:
+    def get_ownership_verification_record(
-        prefix = "sl"
+        self, domain: CustomDomain
+    ) -> ExpectedValidationRecords:
+        prefixes = ["sl"]
         if (
             domain.partner_id is not None
             and domain.partner_id in self._partner_domain_validation_prefixes
         ):
-            prefix = self._partner_domain_validation_prefixes[domain.partner_id]
+            prefixes.insert(
+                0, self._partner_domain_validation_prefixes[domain.partner_id]
+            )
 
         if not domain.ownership_txt_token:
             domain.ownership_txt_token = random_string(30)
             Session.commit()
 
-        return f"{prefix}-verification={domain.ownership_txt_token}"
+        valid = [
+            f"{prefix}-verification={domain.ownership_txt_token}" for prefix in prefixes
+        ]
+        return ExpectedValidationRecords(recommended=valid[0], allowed=valid)
 
-    def get_expected_mx_records(self, domain: CustomDomain) -> list[MxRecord]:
+    def get_expected_mx_records(
-        records = []
+        self, domain: CustomDomain
+    ) -> dict[int, ExpectedValidationRecords]:
+        records = {}
         if domain.partner_id is not None and domain.partner_id in self._partner_domains:
             domain = self._partner_domains[domain.partner_id]
-            records.append(MxRecord(10, f"mx1.{domain}."))
+            records[10] = [f"mx1.{domain}."]
-            records.append(MxRecord(20, f"mx2.{domain}."))
+            records[20] = [f"mx2.{domain}."]
-        else:
+        # Default ones
-            # Default ones
+        for priority, domain in config.EMAIL_SERVERS_WITH_PRIORITY:
-            for priority, domain in config.EMAIL_SERVERS_WITH_PRIORITY:
+            if priority not in records:
-                records.append(MxRecord(priority, domain))
+                records[priority] = []
+            records[priority].append(domain)
 
-        return records
+        return {
+            priority: ExpectedValidationRecords(
+                recommended=records[priority][0], allowed=records[priority]
+            )
+            for priority in records
+        }
 
-    def get_expected_spf_domain(self, domain: CustomDomain) -> str:
+    def get_expected_spf_domain(
+        self, domain: CustomDomain
+    ) -> ExpectedValidationRecords:
+        records = []
         if domain.partner_id is not None and domain.partner_id in self._partner_domains:
-            return self._partner_domains[domain.partner_id]
+            records.append(self._partner_domains[domain.partner_id])
         else:
-            return config.EMAIL_DOMAIN
+            records.append(config.EMAIL_DOMAIN)
+        return ExpectedValidationRecords(recommended=records[0], allowed=records)
 
     def get_expected_spf_record(self, domain: CustomDomain) -> str:
         spf_domain = self.get_expected_spf_domain(domain)
-        return f"v=spf1 include:{spf_domain} ~all"
+        return f"v=spf1 include:{spf_domain.recommended} ~all"
 
-    def get_dkim_records(self, domain: CustomDomain) -> {str: str}:
+    def get_dkim_records(
+        self, domain: CustomDomain
+    ) -> {str: ExpectedValidationRecords}:
         """
         Get a list of dkim records to set up. Depending on the custom_domain, whether if it's from a partner or not,
         it will return the default ones or the partner ones.
         """
 
         # By default use the default domain
-        dkim_domain = self.dkim_domain
+        dkim_domains = [self.dkim_domain]
         if domain.partner_id is not None:
-            # Domain is from a partner. Retrieve the partner config and use that domain if exists
+            # Domain is from a partner. Retrieve the partner config and use that domain as preferred if it exists
-            dkim_domain = self._partner_domains.get(domain.partner_id, dkim_domain)
+            partner_domain = self._partner_domains.get(domain.partner_id, None)
+            if partner_domain is not None:
+                dkim_domains.insert(0, partner_domain)
 
-        return {
+        output = {}
-            f"{key}._domainkey": f"{key}._domainkey.{dkim_domain}"
+        for key in ("dkim", "dkim02", "dkim03"):
-            for key in ("dkim", "dkim02", "dkim03")
+            records = [
-        }
+                f"{key}._domainkey.{dkim_domain}" for dkim_domain in dkim_domains
+            ]
+            output[f"{key}._domainkey"] = ExpectedValidationRecords(
+                recommended=records[0], allowed=records
+            )
+
+        return output
 
     def validate_dkim_records(self, custom_domain: CustomDomain) -> dict[str, str]:
         """
@@ -102,7 +162,7 @@ class CustomDomainValidation:
         for prefix, expected_record in expected_records.items():
             custom_record = f"{prefix}.{custom_domain.domain}"
             dkim_record = self._dns_client.get_cname_record(custom_record)
-            if dkim_record == expected_record:
+            if dkim_record in expected_record.allowed:
                 correct_records[prefix] = custom_record
             else:
                 invalid_records[custom_record] = dkim_record or "empty"
@@ -138,11 +198,15 @@ class CustomDomainValidation:
         Check if the custom_domain has added the ownership verification records
         """
         txt_records = self._dns_client.get_txt_record(custom_domain.domain)
-        expected_verification_record = self.get_ownership_verification_record(
+        expected_verification_records = self.get_ownership_verification_record(
             custom_domain
         )
-
+        found = False
-        if expected_verification_record in txt_records:
+        for verification_record in expected_verification_records.allowed:
+            if verification_record in txt_records:
+                found = True
+                break
+        if found:
             custom_domain.ownership_verified = True
             emit_user_audit_log(
                 user=custom_domain.user,
@@ -161,10 +225,11 @@ class CustomDomainValidation:
         expected_mx_records = self.get_expected_mx_records(custom_domain)
 
         if not is_mx_equivalent(mx_domains, expected_mx_records):
-            return DomainValidationResult(
+            errors = []
-                success=False,
+            for prio in mx_domains:
-                errors=[f"{record.priority} {record.domain}" for record in mx_domains],
+                for mx_domain in mx_domains[prio]:
-            )
+                    errors.append(f"{prio} {mx_domain}")
+            return DomainValidationResult(success=False, errors=errors)
         else:
             custom_domain.verified = True
             emit_user_audit_log(
@@ -180,7 +245,7 @@ class CustomDomainValidation:
     ) -> DomainValidationResult:
         spf_domains = self._dns_client.get_spf_domain(custom_domain.domain)
         expected_spf_domain = self.get_expected_spf_domain(custom_domain)
-        if expected_spf_domain in spf_domains:
+        if len(set(expected_spf_domain.allowed).intersection(set(spf_domains))) > 0:
             custom_domain.spf_verified = True
             emit_user_audit_log(
                 user=custom_domain.user,
@@ -221,8 +286,8 @@ class CustomDomainValidation:
         self, txt_records: List[str], custom_domain: CustomDomain
     ) -> List[str]:
         final_records = []
-        verification_record = self.get_ownership_verification_record(custom_domain)
+        verification_records = self.get_ownership_verification_record(custom_domain)
         for record in txt_records:
-            if record != verification_record:
+            if record not in verification_records.allowed:
                 final_records.append(record)
         return final_records

app/app/dashboard/views/account_setting.py

@@ -39,7 +39,7 @@ from app.models import (
     SenderFormatEnum,
     UnsubscribeBehaviourEnum,
 )
-from app.proton.utils import perform_proton_account_unlink
+from app.proton.proton_unlink import perform_proton_account_unlink
 from app.utils import (
     random_string,
     CSRFValidationForm,
@@ -239,6 +239,8 @@ def unlink_proton_account():
         flash("Invalid request", "warning")
         return redirect(url_for("dashboard.setting"))
 
-    perform_proton_account_unlink(current_user)
+    if not perform_proton_account_unlink(current_user):
-    flash("Your Proton account has been unlinked", "success")
+        flash("Account cannot be unlinked", "warning")
+    else:
+        flash("Your Proton account has been unlinked", "success")
     return redirect(url_for("dashboard.setting"))

app/app/dashboard/views/domain_detail.py

@@ -5,8 +5,8 @@ from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
 from wtforms import StringField, validators, IntegerField
 
-from app.constants import DMARC_RECORD
 from app.config import EMAIL_SERVERS_WITH_PRIORITY, EMAIL_DOMAIN
+from app.constants import DMARC_RECORD
 from app.custom_domain_utils import delete_custom_domain, set_custom_domain_mailboxes
 from app.custom_domain_validation import CustomDomainValidation
 from app.dashboard.base import dashboard_bp
@@ -137,7 +137,7 @@ def domain_detail_dns(custom_domain_id):
     return render_template(
         "dashboard/domain_detail/dns.html",
         EMAIL_SERVERS_WITH_PRIORITY=EMAIL_SERVERS_WITH_PRIORITY,
-        ownership_record=domain_validator.get_ownership_verification_record(
+        ownership_records=domain_validator.get_ownership_verification_record(
             custom_domain
         ),
         expected_mx_records=domain_validator.get_expected_mx_records(custom_domain),

app/app/dashboard/views/enter_sudo.py

@@ -11,7 +11,7 @@ from app.dashboard.base import dashboard_bp
 from app.extensions import limiter
 from app.log import LOG
 from app.models import PartnerUser, SocialAuth
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.utils import sanitize_next_url
 
 _SUDO_GAP = 120

app/app/dashboard/views/mailbox_detail.py

@@ -267,12 +267,13 @@ def cancel_mailbox_change_route(mailbox_id):
 
 
 @dashboard_bp.route("/mailbox/confirm_change")
+@login_required
+@limiter.limit("3/minute")
 def mailbox_confirm_email_change_route():
     mailbox_id = request.args.get("mailbox_id")
 
     code = request.args.get("code")
     if code:
-        print("HAS OCO", code)
         try:
             mailbox = mailbox_utils.verify_mailbox_code(current_user, mailbox_id, code)
             flash("Successfully changed mailbox email", "success")
@@ -280,7 +281,6 @@ def mailbox_confirm_email_change_route():
                 url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox.id)
             )
         except mailbox_utils.MailboxError as e:
-            print(e)
             flash(f"Cannot verify mailbox: {e.msg}", "error")
             return redirect(url_for("dashboard.mailbox_route"))
     else:

app/app/dashboard/views/pricing.py

@@ -22,7 +22,7 @@ from app.models import (
     PartnerUser,
     PartnerSubscription,
 )
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 
 
 @dashboard_bp.route("/pricing", methods=["GET", "POST"])

app/app/dashboard/views/setting.py

@@ -41,7 +41,8 @@ from app.models import (
     PartnerSubscription,
     UnsubscribeBehaviourEnum,
 )
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
+from app.proton.proton_unlink import can_unlink_proton_account
 from app.utils import (
     random_string,
     CSRFValidationForm,
@@ -323,4 +324,5 @@ def setting():
         ALIAS_RAND_SUFFIX_LENGTH=ALIAS_RANDOM_SUFFIX_LENGTH,
         connect_with_proton=CONNECT_WITH_PROTON,
         proton_linked_account=proton_linked_account,
+        can_unlink_proton_account=can_unlink_proton_account(current_user),
     )

app/app/dns_utils.py

@@ -1,5 +1,4 @@
 from abc import ABC, abstractmethod
-from dataclasses import dataclass
 from typing import List, Optional
 
 import dns.resolver
@@ -9,42 +8,13 @@ from app.config import NAMESERVERS
 _include_spf = "include:"
 
 
-@dataclass
-class MxRecord:
-    priority: int
-    domain: str
-
-
-def is_mx_equivalent(
-    mx_domains: List[MxRecord], ref_mx_domains: List[MxRecord]
-) -> bool:
-    """
-    Compare mx_domains with ref_mx_domains to see if they are equivalent.
-    mx_domains and ref_mx_domains are list of (priority, domain)
-
-    The priority order is taken into account but not the priority number.
-    For example, [(1, domain1), (2, domain2)] is equivalent to [(10, domain1), (20, domain2)]
-    """
-    mx_domains = sorted(mx_domains, key=lambda x: x.priority)
-    ref_mx_domains = sorted(ref_mx_domains, key=lambda x: x.priority)
-
-    if len(mx_domains) < len(ref_mx_domains):
-        return False
-
-    for actual, expected in zip(mx_domains, ref_mx_domains):
-        if actual.domain != expected.domain:
-            return False
-
-    return True
-
-
 class DNSClient(ABC):
     @abstractmethod
     def get_cname_record(self, hostname: str) -> Optional[str]:
         pass
 
     @abstractmethod
-    def get_mx_domains(self, hostname: str) -> List[MxRecord]:
+    def get_mx_domains(self, hostname: str) -> dict[int, list[str]]:
         pass
 
     def get_spf_domain(self, hostname: str) -> List[str]:
@@ -88,21 +58,24 @@ class NetworkDNSClient(DNSClient):
         except Exception:
             return None
 
-    def get_mx_domains(self, hostname: str) -> List[MxRecord]:
+    def get_mx_domains(self, hostname: str) -> dict[int, list[str]]:
         """
         return list of (priority, domain name) sorted by priority (lowest priority first)
         domain name ends with a "." at the end.
         """
+        ret = {}
         try:
             answers = self._resolver.resolve(hostname, "MX", search=True)
-            ret = []
             for a in answers:
                 record = a.to_text()  # for ex '20 alt2.aspmx.l.google.com.'
                 parts = record.split(" ")
-                ret.append(MxRecord(priority=int(parts[0]), domain=parts[1]))
+                prio = int(parts[0])
-            return sorted(ret, key=lambda x: x.priority)
+                if prio not in ret:
+                    ret[prio] = []
+                ret[prio].append(parts[1])
         except Exception:
-            return []
+            pass
+        return ret
 
     def get_txt_record(self, hostname: str) -> List[str]:
         try:
@@ -119,14 +92,14 @@ class NetworkDNSClient(DNSClient):
 class InMemoryDNSClient(DNSClient):
     def __init__(self):
         self.cname_records: dict[str, Optional[str]] = {}
-        self.mx_records: dict[str, List[MxRecord]] = {}
+        self.mx_records: dict[int, dict[int, list[str]]] = {}
         self.spf_records: dict[str, List[str]] = {}
         self.txt_records: dict[str, List[str]] = {}
 
     def set_cname_record(self, hostname: str, cname: str):
         self.cname_records[hostname] = cname
 
-    def set_mx_records(self, hostname: str, mx_list: List[MxRecord]):
+    def set_mx_records(self, hostname: str, mx_list: dict[int, list[str]]):
         self.mx_records[hostname] = mx_list
 
     def set_txt_record(self, hostname: str, txt_list: List[str]):
@@ -135,17 +108,27 @@ class InMemoryDNSClient(DNSClient):
     def get_cname_record(self, hostname: str) -> Optional[str]:
         return self.cname_records.get(hostname)
 
-    def get_mx_domains(self, hostname: str) -> List[MxRecord]:
+    def get_mx_domains(self, hostname: str) -> dict[int, list[str]]:
-        mx_list = self.mx_records.get(hostname, [])
+        return self.mx_records.get(hostname, {})
-        return sorted(mx_list, key=lambda x: x.priority)
 
     def get_txt_record(self, hostname: str) -> List[str]:
         return self.txt_records.get(hostname, [])
 
 
-def get_network_dns_client() -> NetworkDNSClient:
+global_dns_client: Optional[DNSClient] = None
+
+
+def get_network_dns_client() -> DNSClient:
+    global global_dns_client
+    if global_dns_client is not None:
+        return global_dns_client
     return NetworkDNSClient(NAMESERVERS)
 
 
-def get_mx_domains(hostname: str) -> List[MxRecord]:
+def set_global_dns_client(dns_client: Optional[DNSClient]):
+    global global_dns_client
+    global_dns_client = dns_client
+
+
+def get_mx_domains(hostname: str) -> dict[int, list[str]]:
     return get_network_dns_client().get_mx_domains(hostname)

app/app/email_utils.py

@@ -657,7 +657,11 @@ def get_mx_domain_list(domain) -> [str]:
     """
     priority_domains = get_mx_domains(domain)
 
-    return [d.domain[:-1] for d in priority_domains]
+    mx_domains = []
+    for prio in priority_domains:
+        for domain in priority_domains[prio]:
+            mx_domains.append(domain[:-1])
+    return mx_domains
 
 
 def personal_email_already_used(email_address: str) -> bool:

app/app/events/event_dispatcher.py

@@ -8,7 +8,7 @@ from app.errors import ProtonPartnerNotSetUp
 from app.events.generated import event_pb2
 from app.log import LOG
 from app.models import User, PartnerUser, SyncEvent
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from typing import Optional
 
 NOTIFICATION_CHANNEL = "simplelogin_sync_events"

app/app/events/generated/event_pb2.py

@@ -24,7 +24,7 @@ _sym_db = _symbol_database.Default()
 
 
 
-DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0b\x65vent.proto\x12\x12simplelogin_events\":\n\x0fUserPlanChanged\x12\x15\n\rplan_end_time\x18\x01 \x01(\r\x12\x10\n\x08lifetime\x18\x02 \x01(\x08\"\r\n\x0bUserDeleted\"\\\n\x0c\x41liasCreated\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x0c\n\x04note\x18\x03 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x04 \x01(\x08\x12\x12\n\ncreated_at\x18\x05 \x01(\r\"T\n\x12\x41liasStatusChanged\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x03 \x01(\x08\x12\x12\n\ncreated_at\x18\x04 \x01(\r\")\n\x0c\x41liasDeleted\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\"D\n\x10\x41liasCreatedList\x12\x30\n\x06\x65vents\x18\x01 \x03(\x0b\x32 .simplelogin_events.AliasCreated\"\x93\x03\n\x0c\x45ventContent\x12?\n\x10user_plan_change\x18\x01 \x01(\x0b\x32#.simplelogin_events.UserPlanChangedH\x00\x12\x37\n\x0cuser_deleted\x18\x02 \x01(\x0b\x32\x1f.simplelogin_events.UserDeletedH\x00\x12\x39\n\ralias_created\x18\x03 \x01(\x0b\x32 .simplelogin_events.AliasCreatedH\x00\x12\x45\n\x13\x61lias_status_change\x18\x04 \x01(\x0b\x32&.simplelogin_events.AliasStatusChangedH\x00\x12\x39\n\ralias_deleted\x18\x05 \x01(\x0b\x32 .simplelogin_events.AliasDeletedH\x00\x12\x41\n\x11\x61lias_create_list\x18\x06 \x01(\x0b\x32$.simplelogin_events.AliasCreatedListH\x00\x42\t\n\x07\x63ontent\"y\n\x05\x45vent\x12\x0f\n\x07user_id\x18\x01 \x01(\r\x12\x18\n\x10\x65xternal_user_id\x18\x02 \x01(\t\x12\x12\n\npartner_id\x18\x03 \x01(\r\x12\x31\n\x07\x63ontent\x18\x04 \x01(\x0b\x32 .simplelogin_events.EventContentb\x06proto3')
+DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0b\x65vent.proto\x12\x12simplelogin_events\":\n\x0fUserPlanChanged\x12\x15\n\rplan_end_time\x18\x01 \x01(\r\x12\x10\n\x08lifetime\x18\x02 \x01(\x08\"\r\n\x0bUserDeleted\"\\\n\x0c\x41liasCreated\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x0c\n\x04note\x18\x03 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x04 \x01(\x08\x12\x12\n\ncreated_at\x18\x05 \x01(\r\"T\n\x12\x41liasStatusChanged\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x03 \x01(\x08\x12\x12\n\ncreated_at\x18\x04 \x01(\r\")\n\x0c\x41liasDeleted\x12\n\n\x02id\x18\x01 \x01(\r\x12\r\n\x05\x65mail\x18\x02 \x01(\t\"D\n\x10\x41liasCreatedList\x12\x30\n\x06\x65vents\x18\x01 \x03(\x0b\x32 .simplelogin_events.AliasCreated\"\x0e\n\x0cUserUnlinked\"\xce\x03\n\x0c\x45ventContent\x12?\n\x10user_plan_change\x18\x01 \x01(\x0b\x32#.simplelogin_events.UserPlanChangedH\x00\x12\x37\n\x0cuser_deleted\x18\x02 \x01(\x0b\x32\x1f.simplelogin_events.UserDeletedH\x00\x12\x39\n\ralias_created\x18\x03 \x01(\x0b\x32 .simplelogin_events.AliasCreatedH\x00\x12\x45\n\x13\x61lias_status_change\x18\x04 \x01(\x0b\x32&.simplelogin_events.AliasStatusChangedH\x00\x12\x39\n\ralias_deleted\x18\x05 \x01(\x0b\x32 .simplelogin_events.AliasDeletedH\x00\x12\x41\n\x11\x61lias_create_list\x18\x06 \x01(\x0b\x32$.simplelogin_events.AliasCreatedListH\x00\x12\x39\n\ruser_unlinked\x18\x07 \x01(\x0b\x32 .simplelogin_events.UserUnlinkedH\x00\x42\t\n\x07\x63ontent\"y\n\x05\x45vent\x12\x0f\n\x07user_id\x18\x01 \x01(\r\x12\x18\n\x10\x65xternal_user_id\x18\x02 \x01(\t\x12\x12\n\npartner_id\x18\x03 \x01(\r\x12\x31\n\x07\x63ontent\x18\x04 \x01(\x0b\x32 .simplelogin_events.EventContentb\x06proto3')
 
 _globals = globals()
 _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals)
@@ -43,8 +43,10 @@ if not _descriptor._USE_C_DESCRIPTORS:
   _globals['_ALIASDELETED']._serialized_end=331
   _globals['_ALIASCREATEDLIST']._serialized_start=333
   _globals['_ALIASCREATEDLIST']._serialized_end=401
-  _globals['_EVENTCONTENT']._serialized_start=404
+  _globals['_USERUNLINKED']._serialized_start=403
-  _globals['_EVENTCONTENT']._serialized_end=807
+  _globals['_USERUNLINKED']._serialized_end=417
-  _globals['_EVENT']._serialized_start=809
+  _globals['_EVENTCONTENT']._serialized_start=420
-  _globals['_EVENT']._serialized_end=930
+  _globals['_EVENTCONTENT']._serialized_end=882
+  _globals['_EVENT']._serialized_start=884
+  _globals['_EVENT']._serialized_end=1005
 # @@protoc_insertion_point(module_scope)

app/app/events/generated/event_pb2.pyi

@@ -57,21 +57,27 @@ class AliasCreatedList(_message.Message):
     events: _containers.RepeatedCompositeFieldContainer[AliasCreated]
     def __init__(self, events: _Optional[_Iterable[_Union[AliasCreated, _Mapping]]] = ...) -> None: ...
 
+class UserUnlinked(_message.Message):
+    __slots__ = ()
+    def __init__(self) -> None: ...
+
 class EventContent(_message.Message):
-    __slots__ = ("user_plan_change", "user_deleted", "alias_created", "alias_status_change", "alias_deleted", "alias_create_list")
+    __slots__ = ("user_plan_change", "user_deleted", "alias_created", "alias_status_change", "alias_deleted", "alias_create_list", "user_unlinked")
     USER_PLAN_CHANGE_FIELD_NUMBER: _ClassVar[int]
     USER_DELETED_FIELD_NUMBER: _ClassVar[int]
     ALIAS_CREATED_FIELD_NUMBER: _ClassVar[int]
     ALIAS_STATUS_CHANGE_FIELD_NUMBER: _ClassVar[int]
     ALIAS_DELETED_FIELD_NUMBER: _ClassVar[int]
     ALIAS_CREATE_LIST_FIELD_NUMBER: _ClassVar[int]
+    USER_UNLINKED_FIELD_NUMBER: _ClassVar[int]
     user_plan_change: UserPlanChanged
     user_deleted: UserDeleted
     alias_created: AliasCreated
     alias_status_change: AliasStatusChanged
     alias_deleted: AliasDeleted
     alias_create_list: AliasCreatedList
-    def __init__(self, user_plan_change: _Optional[_Union[UserPlanChanged, _Mapping]] = ..., user_deleted: _Optional[_Union[UserDeleted, _Mapping]] = ..., alias_created: _Optional[_Union[AliasCreated, _Mapping]] = ..., alias_status_change: _Optional[_Union[AliasStatusChanged, _Mapping]] = ..., alias_deleted: _Optional[_Union[AliasDeleted, _Mapping]] = ..., alias_create_list: _Optional[_Union[AliasCreatedList, _Mapping]] = ...) -> None: ...
+    user_unlinked: UserUnlinked
+    def __init__(self, user_plan_change: _Optional[_Union[UserPlanChanged, _Mapping]] = ..., user_deleted: _Optional[_Union[UserDeleted, _Mapping]] = ..., alias_created: _Optional[_Union[AliasCreated, _Mapping]] = ..., alias_status_change: _Optional[_Union[AliasStatusChanged, _Mapping]] = ..., alias_deleted: _Optional[_Union[AliasDeleted, _Mapping]] = ..., alias_create_list: _Optional[_Union[AliasCreatedList, _Mapping]] = ..., user_unlinked: _Optional[_Union[UserUnlinked, _Mapping]] = ...) -> None: ...
 
 class Event(_message.Message):
     __slots__ = ("user_id", "external_user_id", "partner_id", "content")

app/app/fake_data.py

@@ -33,8 +33,11 @@ from app.models import (
     SLDomain,
     Hibp,
     AliasHibp,
+    PartnerUser,
+    PartnerSubscription,
 )
 from app.pgp_utils import load_public_key
+from app.proton.proton_partner import get_proton_partner
 
 
 def fake_data():
@@ -269,3 +272,27 @@ def fake_data():
     CustomDomain.create(
         user_id=user.id, domain="old.com", verified=True, ownership_verified=True
     )
+
+    # Create a user
+    proton_partner = get_proton_partner()
+    user = User.create(
+        email="test@proton.me",
+        name="Proton test",
+        password="password",
+        activated=True,
+        is_admin=False,
+        intro_shown=True,
+        from_partner=True,
+        flush=True,
+    )
+    pu = PartnerUser.create(
+        user_id=user.id,
+        partner_id=proton_partner.id,
+        partner_email="test@proton.me",
+        external_user_id="DUMMY",
+        flush=True,
+    )
+    PartnerSubscription.create(
+        partner_user_id=pu.id, end_at=arrow.now().shift(years=1, days=1)
+    )
+    Session.commit()

app/app/handler/unsubscribe_generator.py

@@ -2,8 +2,8 @@ import urllib
 from email.header import Header
 from email.message import Message
 
-from app.email import headers
 from app import config
+from app.email import headers
 from app.email_utils import add_or_replace_header, delete_header
 from app.handler.unsubscribe_encoder import (
     UnsubscribeEncoder,
@@ -46,7 +46,11 @@ class UnsubscribeGenerator:
             if start == -1 or end == -1 or start >= end:
                 continue
             method = raw_method[start + 1 : end]
-            url_data = urllib.parse.urlparse(method)
+            try:
+                url_data = urllib.parse.urlparse(method)
+            except ValueError:
+                LOG.debug(f"Unsub has invalid method {method}. Ignoring.")
+                continue
             if url_data.scheme == "mailto":
                 if url_data.path == config.UNSUBSCRIBER:
                     LOG.debug(

app/app/jobs/send_event_job.py

@@ -14,7 +14,7 @@ from app.models import (
     Job,
     PartnerUser,
 )
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from events.event_sink import EventSink
 
 

app/app/log.py

@@ -10,7 +10,7 @@ from app.config import (
 
 # this format allows clickable link to code source in PyCharm
 _log_format = (
-    "%(asctime)s - %(name)s - %(levelname)s - %(process)d - "
+    "%(asctime)s - %(name)s - %(levelname)s - %(process)d - %(request_id)s"
     '"%(pathname)s:%(lineno)d" - %(funcName)s() - %(message_id)s - %(message)s'
 )
 _log_formatter = logging.Formatter(_log_format)
@@ -37,6 +37,21 @@ class EmailHandlerFilter(logging.Filter):
         return _MESSAGE_ID
 
 
+class RequestIdFilter(logging.Filter):
+    """automatically add request-id to keep track of a request"""
+
+    def filter(self, record):
+        from flask import g, has_request_context
+
+        request_id = ""
+        if has_request_context() and hasattr(g, "request_id"):
+            ctx_request_id = getattr(g, "request_id")
+            if ctx_request_id:
+                request_id = f"{ctx_request_id} - "
+        record.request_id = request_id
+        return True
+
+
 def _get_console_handler():
     console_handler = logging.StreamHandler(sys.stdout)
     console_handler.setFormatter(_log_formatter)
@@ -54,6 +69,7 @@ def _get_logger(name) -> logging.Logger:
     logger.addHandler(_get_console_handler())
 
     logger.addFilter(EmailHandlerFilter())
+    logger.addFilter(RequestIdFilter())
 
     # no propagation to avoid propagating to root logger
     logger.propagate = False

app/app/mailbox_utils.py

@@ -2,7 +2,9 @@ import dataclasses
 import secrets
 from enum import Enum
 from typing import Optional
+
 import arrow
+from sqlalchemy.exc import IntegrityError
 
 from app import config
 from app.config import JOB_DELETE_MAILBOX
@@ -245,7 +247,7 @@ def verify_mailbox_code(user: User, mailbox_id: int, code: str) -> Mailbox:
             message=f"Verify mailbox {mailbox_id} ({mailbox.email})",
         )
         if Mailbox.get_by(email=mailbox.new_email, user_id=user.id):
-            raise MailboxError("That addres is already in use")
+            raise MailboxError("That address is already in use")
 
     else:
         LOG.i(
@@ -351,6 +353,8 @@ def request_mailbox_email_change(
     check_email_for_mailbox(new_email, user)
     if email_ownership_verified:
         mailbox.email = new_email
+        mailbox.new_email = None
+        mailbox.verified = True
     else:
         mailbox.new_email = new_email
     emit_user_audit_log(
@@ -358,7 +362,12 @@ def request_mailbox_email_change(
         action=UserAuditLogAction.UpdateMailbox,
         message=f"Updated mailbox {mailbox.id} email ({new_email}) pre-verified({email_ownership_verified}",
     )
-    Session.commit()
+    try:
+        Session.commit()
+    except IntegrityError:
+        LOG.i(f"This email {new_email} is already pending for some mailbox")
+        Session.rollback()
+        raise MailboxError("Email already in use")
 
     if email_ownership_verified:
         LOG.i(f"User {user} as created a pre-verified mailbox with {new_email}")

app/app/models.py

@@ -32,7 +32,6 @@ from app import config, rate_limiter
 from app import s3
 from app.db import Session
 from app.dns_utils import get_mx_domains
-
 from app.errors import (
     AliasInTrashError,
     DirectoryInTrashError,
@@ -239,6 +238,7 @@ class AuditLogActionEnum(EnumE):
     disable_user = 9
     enable_user = 10
     stop_trial = 11
+    unlink_user = 12
 
 
 class Phase(EnumE):
@@ -362,7 +362,7 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
         sa.Boolean, default=True, nullable=False, server_default="1"
     )
 
-    activated = sa.Column(sa.Boolean, default=False, nullable=False, index=True)
+    activated = sa.Column(sa.Boolean, default=False, nullable=False)
 
     # an account can be disabled if having harmful behavior
     disabled = sa.Column(sa.Boolean, default=False, nullable=False, server_default="0")
@@ -576,6 +576,12 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
             "ix_users_default_alias_custom_domain_id", default_alias_custom_domain_id
         ),
         sa.Index("ix_users_profile_picture_id", profile_picture_id),
+        sa.Index(
+            "idx_users_email_trgm",
+            "email",
+            postgresql_ops={"email": "gin_trgm_ops"},
+            postgresql_using="gin",
+        ),
     )
 
     @property
@@ -1924,13 +1930,16 @@ class Contact(Base, ModelMixin):
 
     __table_args__ = (
         sa.UniqueConstraint("alias_id", "website_email", name="uq_contact"),
+        sa.Index("ix_contact_user_id_id", "user_id", "id"),
     )
 
     user_id = sa.Column(
-        sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
+        sa.ForeignKey(User.id, ondelete="cascade"),
+        nullable=False,
     )
     alias_id = sa.Column(
-        sa.ForeignKey(Alias.id, ondelete="cascade"), nullable=False, index=True
+        sa.ForeignKey(Alias.id, ondelete="cascade"),
+        nullable=False,
     )
 
     name = sa.Column(
@@ -2115,11 +2124,10 @@ class EmailLog(Base, ModelMixin):
         Index("ix_email_log_mailbox_id", "mailbox_id"),
         Index("ix_email_log_bounced_mailbox_id", "bounced_mailbox_id"),
         Index("ix_email_log_refused_email_id", "refused_email_id"),
+        Index("ix_email_log_user_id_email_log_id", "user_id", "id"),
     )
 
-    user_id = sa.Column(
+    user_id = sa.Column(sa.ForeignKey(User.id, ondelete="cascade"), nullable=False)
-        sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
-    )
     contact_id = sa.Column(
         sa.ForeignKey(Contact.id, ondelete="cascade"), nullable=False, index=True
     )
@@ -2395,7 +2403,8 @@ class AliasUsedOn(Base, ModelMixin):
     )
 
     alias_id = sa.Column(
-        sa.ForeignKey(Alias.id, ondelete="cascade"), nullable=False, index=True
+        sa.ForeignKey(Alias.id, ondelete="cascade"),
+        nullable=False,
     )
     user_id = sa.Column(sa.ForeignKey(User.id, ondelete="cascade"), nullable=False)
 
@@ -2418,10 +2427,7 @@ class ApiKey(Base, ModelMixin):
 
     user = orm.relationship(User)
 
-    __table_args__ = (
+    __table_args__ = (sa.Index("ix_api_key_user_id", "user_id"),)
-        sa.Index("ix_api_key_code", "code"),
-        sa.Index("ix_api_key_user_id", "user_id"),
-    )
 
     @classmethod
     def create(cls, user_id, name=None, **kwargs):
@@ -2581,7 +2587,6 @@ class AutoCreateRule(Base, ModelMixin):
         sa.UniqueConstraint(
             "custom_domain_id", "order", name="uq_auto_create_rule_order"
         ),
-        sa.Index("ix_auto_create_rule_custom_domain_id", "custom_domain_id"),
     )
 
     custom_domain_id = sa.Column(
@@ -2764,7 +2769,6 @@ class Job(Base, ModelMixin):
         nullable=False,
         server_default=str(JobState.ready.value),
         default=JobState.ready.value,
-        index=True,
     )
     attempts = sa.Column(sa.Integer, nullable=False, server_default="0", default=0)
     taken_at = sa.Column(ArrowType, nullable=True)
@@ -2777,9 +2781,7 @@ class Job(Base, ModelMixin):
 
 class Mailbox(Base, ModelMixin):
     __tablename__ = "mailbox"
-    user_id = sa.Column(
+    user_id = sa.Column(sa.ForeignKey(User.id, ondelete="cascade"), nullable=False)
-        sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
-    )
     email = sa.Column(sa.String(256), nullable=False, index=True)
     verified = sa.Column(sa.Boolean, default=False, nullable=False)
     force_spf = sa.Column(sa.Boolean, default=True, server_default="1", nullable=False)
@@ -2808,6 +2810,13 @@ class Mailbox(Base, ModelMixin):
     __table_args__ = (
         sa.UniqueConstraint("user_id", "email", name="uq_mailbox_user"),
         sa.Index("ix_mailbox_pgp_finger_print", "pgp_finger_print"),
+        # index on email column using pg_trgm
+        Index(
+            "ix_mailbox_email_trgm_idx",
+            "email",
+            postgresql_ops={"email": "gin_trgm_ops"},
+            postgresql_using="gin",
+        ),
     )
 
     user = orm.relationship(User, foreign_keys=[user_id])
@@ -2830,24 +2839,20 @@ class Mailbox(Base, ModelMixin):
         return len(alias_ids)
 
     def is_proton(self) -> bool:
-        if (
+        for proton_email_domain in config.PROTON_EMAIL_DOMAINS:
-            self.email.endswith("@proton.me")
+            if self.email.endswith(f"@{proton_email_domain}"):
-            or self.email.endswith("@protonmail.com")
+                return True
-            or self.email.endswith("@protonmail.ch")
-            or self.email.endswith("@proton.ch")
-            or self.email.endswith("@pm.me")
-        ):
-            return True
 
         from app.email_utils import get_email_local_part
 
         mx_domains = get_mx_domains(get_email_local_part(self.email))
+
+        proton_mx_domains = config.PROTON_MX_SERVERS
         # Proton is the first domain
-        if mx_domains and mx_domains[0].domain in (
+        for prio in mx_domains:
-            "mail.protonmail.ch.",
+            for mx_domain in mx_domains[prio]:
-            "mailsec.protonmail.ch.",
+                if mx_domain in proton_mx_domains:
-        ):
+                    return True
-            return True
 
         return False
 
@@ -3010,7 +3015,11 @@ class SentAlert(Base, ModelMixin):
     to_email = sa.Column(sa.String(256), nullable=False)
     alert_type = sa.Column(sa.String(256), nullable=False)
 
-    __table_args__ = (sa.Index("ix_sent_alert_user_id", "user_id"),)
+    __table_args__ = (
+        sa.Index("ix_sent_alert_user_id", "user_id"),
+        sa.Index("ix_sent_alert_to_email", "to_email"),
+        sa.Index("ix_sent_alert_alert_type", "alert_type"),
+    )
 
 
 class AliasMailbox(Base, ModelMixin):
@@ -3020,7 +3029,8 @@ class AliasMailbox(Base, ModelMixin):
     )
 
     alias_id = sa.Column(
-        sa.ForeignKey(Alias.id, ondelete="cascade"), nullable=False, index=True
+        sa.ForeignKey(Alias.id, ondelete="cascade"),
+        nullable=False,
     )
     mailbox_id = sa.Column(
         sa.ForeignKey(Mailbox.id, ondelete="cascade"), nullable=False, index=True
@@ -3035,7 +3045,8 @@ class AliasHibp(Base, ModelMixin):
     __table_args__ = (sa.UniqueConstraint("alias_id", "hibp_id", name="uq_alias_hibp"),)
 
     alias_id = sa.Column(
-        sa.Integer(), sa.ForeignKey("alias.id", ondelete="cascade"), index=True
+        sa.Integer(),
+        sa.ForeignKey("alias.id", ondelete="cascade"),
     )
     hibp_id = sa.Column(
         sa.Integer(), sa.ForeignKey("hibp.id", ondelete="cascade"), index=True
@@ -3751,7 +3762,8 @@ class PartnerUser(Base, ModelMixin):
         index=True,
     )
     partner_id = sa.Column(
-        sa.ForeignKey("partner.id", ondelete="cascade"), nullable=False, index=True
+        sa.ForeignKey("partner.id", ondelete="cascade"),
+        nullable=False,
     )
     external_user_id = sa.Column(sa.String(128), unique=False, nullable=False)
     partner_email = sa.Column(sa.String(255), unique=False, nullable=True)

app/app/monitor/views.py

@@ -1,4 +1,4 @@
-from app.build_info import SHA1
+from app.build_info import SHA1, VERSION
 from app.monitor.base import monitor_bp
 
 
@@ -7,6 +7,11 @@ def git_sha1():
     return SHA1
 
 
+@monitor_bp.route("/version")
+def version():
+    return VERSION
+
+
 @monitor_bp.route("/live")
 def live():
     return "live"

app/app/monitor_utils.py

@@ -0,0 +1,8 @@
+from app.build_info import VERSION
+import newrelic.agent
+
+
+def send_version_event(service: str):
+    newrelic.agent.record_custom_event(
+        "ServiceVersion", {"service": service, "version": VERSION}
+    )

app/app/proton/proton_partner.py

@@ -0,0 +1,23 @@
+from typing import Optional
+
+from app.db import Session
+from app.errors import ProtonPartnerNotSetUp
+from app.models import Partner
+
+PROTON_PARTNER_NAME = "Proton"
+_PROTON_PARTNER: Optional[Partner] = None
+
+
+def get_proton_partner() -> Partner:
+    global _PROTON_PARTNER
+    if _PROTON_PARTNER is None:
+        partner = Partner.get_by(name=PROTON_PARTNER_NAME)
+        if partner is None:
+            raise ProtonPartnerNotSetUp
+        Session.expunge(partner)
+        _PROTON_PARTNER = partner
+    return _PROTON_PARTNER
+
+
+def is_proton_partner(partner: Partner) -> bool:
+    return partner.name == PROTON_PARTNER_NAME

app/app/proton/proton_unlink.py

@@ -1,32 +1,23 @@
 from newrelic import agent
-from typing import Optional
 
 from app.db import Session
+from app.events.event_dispatcher import EventDispatcher
+from app.events.generated.event_pb2 import EventContent, UserUnlinked
 from app.log import LOG
-from app.errors import ProtonPartnerNotSetUp
+from app.models import User, PartnerUser
-from app.models import Partner, PartnerUser, User
+from app.proton.proton_partner import get_proton_partner
 from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 
-PROTON_PARTNER_NAME = "Proton"
+
-_PROTON_PARTNER: Optional[Partner] = None
+def can_unlink_proton_account(user: User) -> bool:
+    return (user.flags & User.FLAG_CREATED_FROM_PARTNER) == 0
 
 
-def get_proton_partner() -> Partner:
+def perform_proton_account_unlink(
-    global _PROTON_PARTNER
+    current_user: User, skip_check: bool = False
-    if _PROTON_PARTNER is None:
+) -> None | str:
-        partner = Partner.get_by(name=PROTON_PARTNER_NAME)
+    if not skip_check and not can_unlink_proton_account(current_user):
-        if partner is None:
+        return None
-            raise ProtonPartnerNotSetUp
-        Session.expunge(partner)
-        _PROTON_PARTNER = partner
-    return _PROTON_PARTNER
-
-
-def is_proton_partner(partner: Partner) -> bool:
-    return partner.name == PROTON_PARTNER_NAME
-
-
-def perform_proton_account_unlink(current_user: User):
     proton_partner = get_proton_partner()
     partner_user = PartnerUser.get_by(
         user_id=current_user.id, partner_id=proton_partner.id
@@ -38,6 +29,11 @@ def perform_proton_account_unlink(current_user: User):
             action=UserAuditLogAction.UnlinkAccount,
             message=f"User has unlinked the account (email={partner_user.partner_email} | external_user_id={partner_user.external_user_id})",
         )
+        EventDispatcher.send_event(
+            partner_user.user, EventContent(user_unlinked=UserUnlinked())
+        )
         PartnerUser.delete(partner_user.id)
+    external_user_id = partner_user.external_user_id
     Session.commit()
     agent.record_custom_event("AccountUnlinked", {"partner": proton_partner.name})
+    return external_user_id

app/app/request_utils.py

@@ -0,0 +1,6 @@
+from random import randbytes
+from base64 import b64encode
+
+
+def generate_request_id() -> str:
+    return b64encode(randbytes(6)).decode()

app/cron.py

@@ -14,9 +14,9 @@ from sqlalchemy.sql import Insert, text
 from app import s3, config
 from app.alias_utils import nb_email_log_for_mailbox
 from app.api.views.apple import verify_receipt
-from app.custom_domain_validation import CustomDomainValidation
+from app.custom_domain_validation import CustomDomainValidation, is_mx_equivalent
 from app.db import Session
-from app.dns_utils import get_mx_domains, is_mx_equivalent
+from app.dns_utils import get_mx_domains
 from app.email_utils import (
     send_email,
     send_trial_end_soon_email,
@@ -59,7 +59,7 @@ from app.models import (
     ApiToCookieToken,
 )
 from app.pgp_utils import load_public_key_and_check, PGPException
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 from app.utils import sanitize_email
 from server import create_light_app

app/email_handler.py

@@ -167,6 +167,7 @@ from app.models import (
     VerpType,
     SLDomain,
 )
+from app.monitor_utils import send_version_event
 from app.pgp_utils import (
     PGPException,
     sign_data_with_pgpy,
@@ -602,13 +603,19 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
                 for reply_to in reply_to_header_contents.split(",")
                 if reply_to.strip()
             ]:
-                reply_to_name, reply_to_email = parse_full_address(reply_to)
+                try:
+                    reply_to_name, reply_to_email = parse_full_address(reply_to)
+                except ValueError:
+                    LOG.d(f"Could not parse reply-to address {reply_to}")
+                    continue
                 if reply_to_email == alias.email:
                     LOG.i("Reply-to same as alias %s", alias)
                 else:
-                    reply_to_contact.append(
+                    reply_contact = get_or_create_reply_to_contact(
-                        get_or_create_reply_to_contact(reply_to_email, alias, msg)
+                        reply_to_email, alias, msg
                     )
+                    if reply_contact:
+                        reply_to_contact.append(reply_contact)
 
     if alias.user.delete_on is not None:
         LOG.d(f"user {user} is pending to be deleted. Do not forward")
@@ -2354,6 +2361,7 @@ class MailHandler:
             "Custom/nb_rcpt_tos", len(envelope.rcpt_tos)
         )
 
+        send_version_event("email_handler")
         with create_light_app().app_context():
             return_status = handle(envelope, msg)
             elapsed = time.time() - start
@@ -2389,6 +2397,7 @@ def main(port: int):
 
     controller.start()
     LOG.d("Start mail controller %s %s", controller.hostname, controller.port)
+    send_version_event("email_handler")
 
     if LOAD_PGP_EMAIL_HANDLER:
         LOG.w("LOAD PGP keys")

app/event_listener.py

@@ -4,6 +4,7 @@ from sys import argv, exit
 
 from app.config import EVENT_LISTENER_DB_URI
 from app.log import LOG
+from app.monitor_utils import send_version_event
 from events import event_debugger
 from events.runner import Runner
 from events.event_source import DeadLetterEventSource, PostgresEventSource
@@ -30,9 +31,11 @@ def main(mode: Mode, dry_run: bool, max_retries: int):
     if mode == Mode.DEAD_LETTER:
         LOG.i("Using DeadLetterEventSource")
         source = DeadLetterEventSource(max_retries)
+        service_name = "event_listener_dead_letter"
     elif mode == Mode.LISTENER:
         LOG.i("Using PostgresEventSource")
         source = PostgresEventSource(EVENT_LISTENER_DB_URI)
+        service_name = "event_listener"
     else:
         raise ValueError(f"Invalid mode: {mode}")
 
@@ -43,7 +46,8 @@ def main(mode: Mode, dry_run: bool, max_retries: int):
         LOG.i("Starting with HttpEventSink")
         sink = HttpEventSink()
 
-    runner = Runner(source=source, sink=sink)
+    send_version_event(service_name)
+    runner = Runner(source=source, sink=sink, service_name=service_name)
     runner.run()
 
 

app/events/runner.py

@@ -4,20 +4,24 @@ import newrelic.agent
 from app.log import LOG
 from app.db import Session
 from app.models import SyncEvent
+from app.monitor_utils import send_version_event
 from events.event_sink import EventSink
 from events.event_source import EventSource
 
 
 class Runner:
-    def __init__(self, source: EventSource, sink: EventSink):
+    def __init__(self, source: EventSource, sink: EventSink, service_name: str = ""):
         self.__source = source
         self.__sink = sink
+        self.__service_name = service_name
 
     def run(self):
         self.__source.run(self.__on_event)
 
     @newrelic.agent.background_task()
     def __on_event(self, event: SyncEvent):
+        if self.__service_name:
+            send_version_event(self.__service_name)
         try:
             event_created_at = event.created_at
             start_time = arrow.now()

app/init_app.py

@@ -6,7 +6,7 @@ from app.db import Session
 from app.log import LOG
 from app.models import Mailbox, Contact, SLDomain, Partner
 from app.pgp_utils import load_public_key
-from app.proton.utils import PROTON_PARTNER_NAME
+from app.proton.proton_partner import PROTON_PARTNER_NAME
 from server import create_light_app
 
 
@@ -56,14 +56,15 @@ def add_sl_domains():
     Session.commit()
 
 
-def add_proton_partner():
+def add_proton_partner() -> Partner:
     proton_partner = Partner.get_by(name=PROTON_PARTNER_NAME)
     if not proton_partner:
-        Partner.create(
+        proton_partner = Partner.create(
             name=PROTON_PARTNER_NAME,
             contact_email="simplelogin@protonmail.com",
         )
         Session.commit()
+    return proton_partner
 
 
 if __name__ == "__main__":

app/job_runner.py

@@ -21,6 +21,7 @@ from app.jobs.export_user_data_job import ExportUserDataJob
 from app.jobs.send_event_job import SendEventToWebhookJob
 from app.log import LOG
 from app.models import User, Job, BatchImport, Mailbox, CustomDomain, JobState
+from app.monitor_utils import send_version_event
 from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
 from server import create_light_app
 
@@ -189,6 +190,7 @@ SimpleLogin team.
 
 
 def process_job(job: Job):
+    send_version_event("job_runner")
     if job.name == config.JOB_ONBOARDING_1:
         user_id = job.payload.get("user_id")
         user = User.get(user_id)
@@ -334,6 +336,7 @@ def get_jobs_to_run() -> List[Job]:
 
 
 if __name__ == "__main__":
+    send_version_event("job_runner")
     while True:
         # wrap in an app context to benefit from app setup like database cleanup, sentry integration, etc
         with create_light_app().app_context():

app/migrations/versions/2025_013015_d3ff8848c930_index_cleanup.py

@@ -0,0 +1,91 @@
+"""index cleanup
+
+Revision ID: d3ff8848c930
+Revises: 085f77996ce3
+Create Date: 2025-01-30 15:00:02.995813
+
+"""
+from alembic import op
+
+
+# revision identifiers, used by Alembic.
+revision = "d3ff8848c930"
+down_revision = "085f77996ce3"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    with op.get_context().autocommit_block():
+        op.drop_index("ix_alias_hibp_alias_id", table_name="alias_hibp")
+        op.drop_index("ix_alias_mailbox_alias_id", table_name="alias_mailbox")
+        op.drop_index("ix_alias_used_on_alias_id", table_name="alias_used_on")
+        op.drop_index("ix_api_key_code", table_name="api_key")
+        op.drop_index(
+            "ix_auto_create_rule_custom_domain_id", table_name="auto_create_rule"
+        )
+        op.drop_index("ix_contact_alias_id", table_name="contact")
+        op.create_index(
+            "ix_email_log_user_id_email_log_id",
+            "email_log",
+            ["user_id", "id"],
+            unique=False,
+        )
+        op.drop_index("ix_job_state", table_name="job")
+        op.create_index(
+            "ix_mailbox_email_trgm_idx",
+            "mailbox",
+            ["email"],
+            unique=False,
+            postgresql_ops={"email": "gin_trgm_ops"},
+            postgresql_using="gin",
+        )
+        op.drop_index("ix_partner_user_partner_id", table_name="partner_user")
+        op.create_index(
+            "ix_sent_alert_alert_type", "sent_alert", ["alert_type"], unique=False
+        )
+        op.create_index(
+            "ix_sent_alert_to_email", "sent_alert", ["to_email"], unique=False
+        )
+        op.create_index(
+            "idx_users_email_trgm",
+            "users",
+            ["email"],
+            unique=False,
+            postgresql_ops={"email": "gin_trgm_ops"},
+            postgresql_using="gin",
+        )
+        op.drop_index("ix_users_activated", table_name="users")
+        op.drop_index("ix_mailbox_user_id", table_name="users")
+
+
+def downgrade():
+    with op.get_context().autocommit_block():
+        op.create_index("ix_users_activated", "users", ["activated"], unique=False)
+        op.drop_index("idx_users_email_trgm", table_name="users")
+        op.drop_index("ix_sent_alert_to_email", table_name="sent_alert")
+        op.drop_index("ix_sent_alert_alert_type", table_name="sent_alert")
+        op.create_index(
+            "ix_partner_user_partner_id", "partner_user", ["partner_id"], unique=False
+        )
+        op.drop_index("ix_mailbox_email_trgm_idx", table_name="mailbox")
+        op.create_index("ix_job_state", "job", ["state"], unique=False)
+        op.drop_index("ix_email_log_user_id_email_log_id", table_name="email_log")
+        op.create_index("ix_contact_alias_id", "contact", ["alias_id"], unique=False)
+        op.create_index(
+            "ix_auto_create_rule_custom_domain_id",
+            "auto_create_rule",
+            ["custom_domain_id"],
+            unique=False,
+        )
+        op.create_index("ix_api_key_code", "api_key", ["code"], unique=False)
+        op.create_index(
+            "ix_alias_used_on_alias_id", "alias_used_on", ["alias_id"], unique=False
+        )
+        op.create_index(
+            "ix_alias_mailbox_alias_id", "alias_mailbox", ["alias_id"], unique=False
+        )
+        op.create_index(
+            "ix_alias_hibp_alias_id", "alias_hibp", ["alias_id"], unique=False
+        )
+        op.create_index("ix_mailbox_user_id", "users", ["user_id"], unique=False)

app/migrations/versions/2025_013114_97edba8794f8_index_cleanup.py

@@ -0,0 +1,23 @@
+"""index cleanup
+
+Revision ID: 97edba8794f8
+Revises: d3ff8848c930
+Create Date: 2025-01-31 14:42:22.590597
+
+"""
+from alembic import op
+
+
+# revision identifiers, used by Alembic.
+revision = '97edba8794f8'
+down_revision = 'd3ff8848c930'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.drop_index('ix_email_log_user_id', table_name='email_log')
+
+
+def downgrade():
+    op.create_index('ix_email_log_user_id', 'email_log', ['user_id'], unique=False)

app/migrations/versions/2025_020316_20e7d3ca289a_contact_index.py

@@ -0,0 +1,27 @@
+"""contact index
+
+Revision ID: 20e7d3ca289a
+Revises: 97edba8794f8
+Create Date: 2025-02-03 16:52:06.775032
+
+"""
+from alembic import op
+
+
+# revision identifiers, used by Alembic.
+revision = '20e7d3ca289a'
+down_revision = '97edba8794f8'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    with op.get_context().autocommit_block():
+        op.create_index('ix_contact_user_id_id', 'contact', ['user_id', 'id'], unique=False)
+        op.drop_index('ix_contact_user_id', table_name='contact')
+
+
+def downgrade():
+    with op.get_context().autocommit_block():
+        op.create_index('ix_contact_user_id', 'contact', ['user_id'], unique=False)
+        op.drop_index('ix_contact_user_id_id', table_name='contact')

app/proto/event.proto

@@ -34,6 +34,9 @@ message AliasCreatedList {
   repeated AliasCreated events = 1;
 }
 
+message UserUnlinked {
+}
+
 message EventContent {
   oneof content {
     UserPlanChanged user_plan_change = 1;
@@ -42,6 +45,7 @@ message EventContent {
     AliasStatusChanged alias_status_change = 4;
     AliasDeleted alias_deleted = 5;
     AliasCreatedList alias_create_list = 6;
+    UserUnlinked user_unlinked = 7;
   }
 }
 

app/scripts/generate-build-info.sh

@@ -4,12 +4,14 @@ SCRIPT_DIR="$(cd "$(dirname "$0")" || exit 1; pwd -P)"
 REPO_ROOT=$(echo "${SCRIPT_DIR}" | sed 's:scripts::g')
 BUILD_INFO_FILE="${REPO_ROOT}/app/build_info.py"
 
-if [[ -z "$1" ]]; then
+if [[ -z "$2" ]]; then
-  echo "This script needs to be invoked with the version as an argument"
+  echo "Invalid usage. Usage: $0 SHA VERSION"
   exit 1
 fi
 
-VERSION="$1"
+SHA="$1"
-echo "SHA1 = \"${VERSION}\"" > $BUILD_INFO_FILE
+echo "SHA1 = \"${SHA}\"" > $BUILD_INFO_FILE
 BUILD_TIME=$(date +%s)
 echo "BUILD_TIME = \"${BUILD_TIME}\"" >> $BUILD_INFO_FILE
+VERSION="$2"
+echo "VERSION = \"${VERSION}\"" >> $BUILD_INFO_FILE

app/server.py

@@ -8,7 +8,6 @@ import flask_limiter
 import flask_profiler
 import newrelic.agent
 import sentry_sdk
-
 from flask import (
     Flask,
     redirect,
@@ -100,6 +99,7 @@ from app.models import (
     InvalidMailboxDomain,
 )
 from app.monitor.base import monitor_bp
+from app.monitor_utils import send_version_event
 from app.newsletter_utils import send_newsletter_to_user
 from app.oauth.base import oauth_bp
 from app.onboarding.base import onboarding_bp
@@ -107,6 +107,7 @@ from app.payments.coinbase import setup_coinbase_commerce
 from app.payments.paddle import setup_paddle_callback
 from app.phone.base import phone_bp
 from app.redis_services import initialize_redis_services
+from app.request_utils import generate_request_id
 from app.sentry_utils import sentry_before_send
 
 if SENTRY_DSN:
@@ -264,6 +265,7 @@ def set_index_page(app):
             and not request.path.startswith("/_debug_toolbar")
         ):
             g.start_time = time.time()
+            g.request_id = generate_request_id()
 
             # to handle the referral url that has ?slref=code part
             ref_code = request.args.get("slref")
@@ -294,6 +296,7 @@ def set_index_page(app):
             newrelic.agent.record_custom_event(
                 "HttpResponseStatus", {"code": res.status_code}
             )
+            send_version_event("app")
         return res
 
 
@@ -443,10 +446,10 @@ def init_admin(app):
     admin = Admin(name="SimpleLogin", template_mode="bootstrap4")
 
     admin.init_app(app, index_view=SLAdminIndexView())
-    admin.add_view(EmailSearchAdmin(name="Email Search", endpoint="email_search"))
+    admin.add_view(EmailSearchAdmin(name="Email Search", endpoint="admin.email_search"))
     admin.add_view(
         CustomDomainSearchAdmin(
-            name="Custom domain search", endpoint="custom_domain_search"
+            name="Custom domain search", endpoint="admin.custom_domain_search"
         )
     )
     admin.add_view(UserAdmin(User, Session))
@@ -498,9 +501,9 @@ def register_custom_commands(app):
         from init_app import add_sl_domains, add_proton_partner
 
         LOG.w("reset db, add fake data")
+        add_proton_partner()
         fake_data()
         add_sl_domains()
-        add_proton_partner()
 
     @app.cli.command("send-newsletter")
     @click.option("-n", "--newsletter_id", type=int, help="Newsletter ID to be sent")

app/templates/admin/custom_domain_search.html

@@ -1,118 +1,181 @@
 {% extends 'admin/master.html' %}
 
+{% block head_css %}
+
+  {{ super() }}
+  <style>
+        .card-shadow {
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.15);
+            border-radius: 8px;
+        }
+        .domain-title {
+            background-color: #007bff;
+            color: white;
+            padding: 10px;
+            border-radius: 8px 8px 0 0;
+        }
+        .status-icon {
+            font-size: 1.2em;
+        }
+  </style>
+{% endblock %}
 {% macro show_user(user) -%}
-    <h4>User <a href="/admin/email_search?email={{ user.email }}">{{ user.email }}</a> with ID {{ user.id }}.</h4>
+  <h4>
-    <table class="table">
+    User <a href="/admin/email_search?email={{ user.email }}">{{ user.email }}</a> with ID {{ user.id }}.
-        <thead>
+  </h4>
-        <tr>
+  <table class="table">
-            <th scope="col">User ID</th>
+    <thead>
-            <th scope="col">Email</th>
+      <tr>
-            <th scope="col">Verified</th>
+        <th scope="col">User ID</th>
-            <th scope="col">Status</th>
+        <th scope="col">Email</th>
-            <th scope="col">Paid</th>
+        <th scope="col">Verified</th>
-            <th scope="col">Premium</th>
+        <th scope="col">Status</th>
-        </tr>
+        <th scope="col">Paid</th>
-        </thead>
+        <th scope="col">Premium</th>
-        <tbody>
+      </tr>
-        <tr>
+    </thead>
-            <td>{{ user.id }}</td>
+    <tbody>
-            <td>
+      <tr>
-                <a href="/admin/email_search?email={{ user.email }}">{{ user.email }}</a>
+        <td>{{ user.id }}</td>
-            </td>
+        <td>
-            {% if user.activated %}
+          <a href="/admin/email_search?email={{ user.email }}">{{ user.email }}</a>
+        </td>
+        {% if user.activated %}
 
-                <td class="text-success">Activated</td>
+          <td class="text-success">Activated</td>
-            {% else %}
+        {% else %}
-                <td class="text-warning">Pending</td>
+          <td class="text-warning">Pending</td>
-            {% endif %}
+        {% endif %}
-            {% if user.disabled %}
+        {% if user.disabled %}
 
-                <td class="text-danger">Disabled</td>
+          <td class="text-danger">Disabled</td>
-            {% else %}
+        {% else %}
-                <td class="text-success">Enabled</td>
+          <td class="text-success">Enabled</td>
-            {% endif %}
+        {% endif %}
-            <td>{{ "yes" if user.is_paid() else "No" }}</td>
+        <td>{{ "yes" if user.is_paid() else "No" }}</td>
-            <td>{{ "yes" if user.is_premium() else "No" }}</td>
+        <td>{{ "yes" if user.is_premium() else "No" }}</td>
-        </tr>
+      </tr>
-        </tbody>
+    </tbody>
-    </table>
+  </table>
 {%- endmacro %}
-
-
 {% macro show_verification(title, expected, errors) -%}
-    {% if not expected %}
+  {% if not expected %}
-        <h4 class="mb-3">{{ title }} <span class="text-success">Verified</span></h4>
+
-    {% else %}
+    <li class="list-group-item d-flex justify-content-between align-items-center">
-        <h4 class="mb-3">{{ title }}</h4>
+      <h5>{{ title }}</h5>
-        <p>Expected</p>
+      <span class="text-success status-icon"><i class="fa fa-check-circle"></i></span>
-        <p>{{expected}}</p>
+    </li>
-        <p>Current response</p>
+  {% else %}
-        <ul class="list-group">
+    <li class="list-group-item">
-        {% for error in errors %}
+      <h5>{{ title }}</h5>
-            <li class="list-group-item">{{ error }}</li>
+      <p>
-        {% endfor %}
+        <strong>Expected:</strong> {{ expected.recommended }}
+      </p>
+      <p>
+        <strong>Allowed:</strong>
+        <ul>
+          {% for expected_record in expected.allowed %}<li>{{ expected_record }}</li>{% endfor %}
         </ul>
-    {% endif %}
+      </p>
+      <p>
+        <strong>Current response:</strong>
+      </p>
+      {% for error in errors %}
+
+        <ul class="list-group">
+          <li class="list-group-item">{{ error }}</li>
+        </ul>
+      {% endfor %}
+    </li>
+  {% endif %}
 {%- endmacro %}
+{% macro show_mx_verification(title, expected, errors) -%}
+  {% if not expected %}
 
+    <li class="list-group-item d-flex justify-content-between align-items-center">
+      <h5>{{ title }}</h5>
+      <span class="text-success status-icon"><i class="fa fa-check-circle"></i></span>
+    </li>
+  {% else %}
+    <li class="list-group-item">
+      <h5>{{ title }}</h5>
+      <ul>
+        <li class="list-group-item">
+          {% for prio in expected %}
 
-{% macro show_domain(domain_with_data) -%}
+            <p>
-    <h3>Domain {{ domain_with_data.domain.domain }}</h3>
+              <strong>Priority {{ prio }}:</strong> {{ expected[prio].recommended }}
-    {% set domain = domain_with_data.domain %}
+            </p>
-    <ul class="list-group">
+            <p>
-        <li class="list-group-item">
+              <strong>Allowed:</strong>
-            {{ show_verification("Ownership", domain_with_data.ownership_expected, domain_with_data.ownership_validation.errors) }}
+              <ul>
-        </li>
+                {% for expected_record in expected[prio].allowed %}<li>{{ expected_record }}</li>{% endfor %}
-        <li class="list-group-item">
+              </ul>
-            {{ show_verification("MX", domain_with_data.mx_expected, domain_with_data.mx_validation.errors) }}
+            </p>
-        </li>
+            <p>
-        <li class="list-group-item">
+              <strong>Current response:</strong>
-            {{ show_verification("SPF", domain_with_data.spf_expected, domain_with_data.spf_validation.errors) }}
+            </p>
-        </li>
+            {% for error in errors %}
-        {% for dkim_domain in domain_with_data.dkim_expected %}
+
-            <li class="list-group-item">
+              <ul class="list-group">
-            {{ show_verification("DKIM {}.{}".format(dkim_domain, domain.domain), domain_with_data.dkim_expected[dkim_domain], [domain_with_data.dkim_validation.get(dkim_domain+"."+domain.domain,'')]) }}
+                <li class="list-group-item">{{ error }}</li>
-            </li>
+              </ul>
+            {% endfor %}
+          </li>
         {% endfor %}
-    </ul>
+      </ul>
-
+    </li>
+  {% endif %}
 {%- endmacro %}
+{% macro show_domain(domain_with_data) -%}
+  <div class="col-md-3 mb-4">
+    <div class="card card-shadow">
+      <div class="domain-title text-center">
+        <h4>Domain {{ domain_with_data.domain.domain }}</h4>
+      </div>
+      <div class="card-body">
+        {% set domain = domain_with_data.domain %}
+        <ul class="list-group">
+          {{ show_verification("Ownership", domain_with_data.ownership_expected, domain_with_data.ownership_validation.errors) }}
+          {{ show_mx_verification("MX", domain_with_data.mx_expected, domain_with_data.mx_validation.errors) }}
+          {{ show_verification("SPF", domain_with_data.spf_expected, domain_with_data.spf_validation.errors) }}
+          {% for dkim_domain in domain_with_data.dkim_expected %}
 
-
+            {{ show_verification("DKIM {}.{}".format(dkim_domain, domain.domain) , domain_with_data.dkim_expected[dkim_domain], [domain_with_data.dkim_validation.get(dkim_domain+"."+domain.domain,'')]) }}
+          {% endfor %}
+        </ul>
+      </div>
+    </div>
+  </div>
+{%- endmacro %}
 {% block body %}
 
+  <div class="border border-dark border-2 mt-1 mb-2 p-3">
+    <form method="get">
+      <div class="form-group">
+        <label for="email">User or domain to search:</label>
+        <input type="text"
+               class="form-control"
+               name="user"
+               value="{{ query or '' }}" />
+      </div>
+      <button type="submit" class="btn btn-primary">Submit</button>
+    </form>
+  </div>
+  {% if data.no_match and query %}
+
+    <div class="border border-dark border-2 mt-1 mb-2 p-3 alert alert-warning"
+         role="alert">No user, alias or mailbox found for {{ query }}</div>
+  {% endif %}
+  {% if data.user %}
+
     <div class="border border-dark border-2 mt-1 mb-2 p-3">
-        <form method="get">
+      <h3 class="mb-3">Found User {{ data.user.email }}</h3>
-            <div class="form-group">
+      {{ show_user(data.user) }}
-                <label for="email">User or domain to search:</label>
-                <input type="text"
-                       class="form-control"
-                       name="user"
-                       value="{{ query or '' }}" />
-            </div>
-            <button type="submit" class="btn btn-primary">Submit</button>
-        </form>
     </div>
-    {% if data.no_match and query %}
+  {% endif %}
-        <div class="border border-dark border-2 mt-1 mb-2 p-3 alert alert-warning"
+  <div class="row mt-4">
-             role="alert">No user, alias or mailbox found for {{ query }}</div>
+    {% for domain_with_data in data.domains %}{{ show_domain(domain_with_data) }}{% endfor %}
-    {% endif %}
+  </div>
-    {% if data.user %}
+</div>
-        <div class="border border-dark border-2 mt-1 mb-2 p-3">
-            <h3 class="mb-3">Found User {{ data.user.email }}</h3>
-            {{ show_user(data.user) }}
-        </div>
-    {% endif %}
-    <div class="d-flex">
-
-    {% for domain_with_data in data.domains  %}
-        <div class="card m-2 border-dark" style="width: 30rem;">
-        <div class="card-body">
-            {{ show_domain(domain_with_data) }}
-        </div>
-        </div>
-    {% endfor %}
-    </div>
-
-
 {% endblock %}

app/templates/admin/email_search.html

@@ -22,7 +22,7 @@
       <tr>
         <td>{{ user.id }}</td>
         <td>
-          <a href="?email={{ user.email }}">{{ user.email }}</a>
+          <a href="?query={{ user.email }}">{{ user.email }}</a>
         </td>
         {% if user.activated %}
 
@@ -43,8 +43,16 @@
         <td>{{ user.updated_at }}</td>
         {% if pu %}
 
-          <td>
+          <td class="flex">
-            <a href="?email={{ pu.partner_email }}">{{ pu.partner_email }}</a>
+            <a href="?query={{ pu.partner_email }}">{{ pu.partner_email }}</a>
+            <form class="d-inline"
+                  action="{{ url_for("admin.email_search.delete_partner_link") }}"
+                  method="POST">
+              <input type="hidden" name="user_id" value="{{ user.id }}">
+              <button type="submit"
+                      onclick="return confirm('Are you sure you would like to unlink the user?');"
+                      class="btn btn-danger d-inline">Unlink</button>
+            </form>
           </td>
         {% else %}
           <td>No</td>
@@ -72,7 +80,7 @@
         <tr>
           <td>{{ mailbox.id }}</td>
           <td>
-            <a href="?email={{ mailbox.email }}">{{ mailbox.email }}</a>
+            <a href="?query={{ mailbox.email }}">{{ mailbox.email }}</a>
           </td>
           <td>{{ "Yes" if mailbox.verified else "No" }}</td>
           <td>{{ mailbox.created_at }}</td>
@@ -101,7 +109,7 @@
         <tr>
           <td>{{ alias.id }}</td>
           <td>
-            <a href="?email={{ alias.email }}">{{ alias.email }}</a>
+            <a href="?query={{ alias.email }}">{{ alias.email }}</a>
           </td>
           <td>{{ "Yes" if alias.enabled else "No" }}</td>
           <td>{{ alias.created_at }}</td>
@@ -181,7 +189,7 @@
           <td>{{ entry.user_id }}</td>
           <td>{{ entry.alias_id }}</td>
           <td>
-            <a href="?email={{ entry.alias_email }}">{{ entry.alias_email }}</a>
+            <a href="?query={{ entry.alias_email }}">{{ entry.alias_email }}</a>
           </td>
           <td>{{ entry.action }}</td>
           <td>{{ entry.message }}</td>
@@ -207,7 +215,7 @@
 
         <tr>
           <td>
-            <a href="?email={{ entry.user_email }}">{{ entry.user_email }}</a>
+            <a href="?query={{ entry.user_email }}">{{ entry.user_email }}</a>
           </td>
           <td>{{ entry.action }}</td>
           <td>{{ entry.message }}</td>
@@ -222,10 +230,10 @@
   <div class="border border-dark border-2 mt-1 mb-2 p-3">
     <form method="get">
       <div class="form-group">
-        <label for="email">Email to search:</label>
+        <label for="email">UserID or Email to search:</label>
         <input type="text"
                class="form-control"
-               name="email"
+               name="query"
                value="{{ email or '' }}" />
       </div>
       <button type="submit" class="btn btn-primary">Submit</button>

app/templates/dashboard/domain_detail/dns.html

@@ -38,7 +38,7 @@
             Value: <em data-toggle="tooltip"
      title="Click to copy"
      class="clipboard"
-     data-clipboard-text="{{ ownership_record }}">{{ ownership_record }}</em>
+     data-clipboard-text="{{ ownership_records.recommended }}">{{ ownership_records.recommended }}</em>
           </div>
           <form method="post" action="#ownership-form">
             {{ csrf_form.csrf_token }}
@@ -91,7 +91,7 @@
           <br />
           Some domain registrars (Namecheap, CloudFlare, etc) might also use <em>@</em> for the root domain.
         </div>
-        {% for record in expected_mx_records %}
+        {% for prio in expected_mx_records %}
 
           <div class="mb-3 p-3 dns-record">
             Record: MX
@@ -99,12 +99,12 @@
             Domain: {{ custom_domain.domain }} or
             <b>@</b>
             <br />
-            Priority: {{ record.priority }}
+            Priority: {{ prio }}
             <br />
             Target: <em data-toggle="tooltip"
      title="Click to copy"
      class="clipboard"
-     data-clipboard-text="{{ record.domain }}">{{ record.domain }}</em>
+     data-clipboard-text="{{ expected_mx_records[prio].recommended }}">{{ expected_mx_records[prio].recommended }}</em>
           </div>
         {% endfor %}
         <form method="post" action="#mx-form">
@@ -251,8 +251,8 @@
             <em data-toggle="tooltip"
                 title="Click to copy"
                 class="clipboard"
-                data-clipboard-text="{{ dkim_cname_value }}."
+                data-clipboard-text="{{ dkim_cname_value.recommended }}."
-                style="overflow-wrap: break-word">{{ dkim_cname_value }}.</em>
+                style="overflow-wrap: break-word">{{ dkim_cname_value.recommended }}.</em>
           </div>
         {% endfor %}
         <div class="alert alert-info">

app/templates/dashboard/setting.html

@@ -144,7 +144,7 @@
       </div>
       <!-- END change name & profile picture -->
       <!-- Connect with Proton -->
-      {% if connect_with_proton %}
+      {% if connect_with_proton and can_unlink_proton_account %}
 
         <div class="card" id="connect-with-proton">
           <div class="card-body">

app/tests/api/test_user_info.py

@@ -3,7 +3,7 @@ from flask import url_for
 from app import config
 from app.db import Session
 from app.models import User, PartnerUser
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from tests.api.utils import get_new_user_and_api_key
 from tests.utils import login, random_token, random_email
 

app/tests/cron/test_get_alias_for_hibp.py

@@ -14,7 +14,7 @@ from app.models import (
     PartnerSubscription,
     User,
 )
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from tests.utils import create_new_user, random_token
 
 

app/tests/events/event_test_utils.py

@@ -1,7 +1,7 @@
 from app.events.event_dispatcher import Dispatcher
 from app.events.generated import event_pb2
 from app.models import PartnerUser, User
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from tests.utils import create_new_user, random_token
 from typing import Tuple
 

app/tests/jobs/test_send_event_to_webhook.py

@@ -4,7 +4,7 @@ from app import config
 from app.events.generated.event_pb2 import EventContent, AliasDeleted
 from app.jobs.send_event_job import SendEventToWebhookJob
 from app.models import PartnerUser
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from events.event_sink import ConsoleEventSink
 from tests.utils import create_new_user, random_token
 

app/tests/models/test_mailbox.py

@@ -0,0 +1,37 @@
+from app import config
+from app.dns_utils import set_global_dns_client, InMemoryDNSClient
+from app.email_utils import get_email_local_part
+from app.models import Mailbox
+from tests.utils import create_new_user, random_email
+
+dns_client = InMemoryDNSClient()
+
+
+def setup_module():
+    set_global_dns_client(dns_client)
+
+
+def teardown_module():
+    set_global_dns_client(None)
+
+
+def test_is_proton_with_email_domain():
+    user = create_new_user()
+    mailbox = Mailbox.create(
+        user_id=user.id, email=f"test@{config.PROTON_EMAIL_DOMAINS[0]}"
+    )
+    assert mailbox.is_proton()
+    mailbox = Mailbox.create(user_id=user.id, email="a@b.c")
+    assert not mailbox.is_proton()
+
+
+def test_is_proton_with_mx_domain():
+    email = random_email()
+    dns_client.set_mx_records(
+        get_email_local_part(email), {10: config.PROTON_MX_SERVERS}
+    )
+    user = create_new_user()
+    mailbox = Mailbox.create(user_id=user.id, email=email)
+    assert mailbox.is_proton()
+    dns_client.set_mx_records(get_email_local_part(email), {10: ["nowhere.net"]})
+    assert not mailbox.is_proton()

app/tests/models/test_user.py

@@ -2,7 +2,7 @@ import arrow
 from app import config
 from app.db import Session
 from app.models import User, Job, PartnerSubscription, PartnerUser, ManualSubscription
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from tests.utils import random_email, random_token
 
 

app/tests/proton/test_account_linking.py

@@ -7,7 +7,7 @@ from app.account_linking import (
 )
 from app.db import Session
 from app.models import User, PartnerUser, PartnerSubscription
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.utils import random_string
 from tests.utils import random_email
 

app/tests/proton/test_proton_callback_handler.py

@@ -11,7 +11,7 @@ from app.proton.proton_callback_handler import (
     generate_account_not_allowed_to_log_in,
 )
 from app.models import User, PartnerUser, Job, JobState
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.utils import random_string
 from typing import Optional
 from tests.utils import random_email

app/tests/test_account_linking.py

@@ -19,7 +19,7 @@ from app.account_linking import (
 from app.db import Session
 from app.errors import AccountAlreadyLinkedToAnotherPartnerException
 from app.models import Partner, PartnerUser, User, UserAuditLog
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.user_audit_log_utils import UserAuditLogAction
 from app.utils import random_string, canonicalize_email
 from tests.utils import random_email

app/tests/test_alias_mailbox_utils.py

@@ -59,11 +59,17 @@ def test_set_mailboxes_for_alias_mailbox_success():
     assert db_alias is not None
     assert db_alias.mailbox_id == mb1.id
 
-    alias_mailboxes = AliasMailbox.filter_by(alias_id=alias.id).all()
+    alias_mailboxes = (
+        AliasMailbox.filter_by(alias_id=alias.id).order_by(AliasMailbox.id.asc()).all()
+    )
     assert len(alias_mailboxes) == 1
     assert alias_mailboxes[0].mailbox_id == mb2.id
 
-    audit_logs = AliasAuditLog.filter_by(alias_id=alias.id).all()
+    audit_logs = (
+        AliasAuditLog.filter_by(alias_id=alias.id)
+        .order_by(AliasAuditLog.id.asc())
+        .all()
+    )
     assert len(audit_logs) == 2
     assert audit_logs[0].action == AliasAuditLogAction.CreateAlias.value
     assert audit_logs[1].action == AliasAuditLogAction.ChangedMailboxes.value

app/tests/test_alias_suffixes.py

@@ -3,7 +3,7 @@ import re
 from app.alias_suffix import get_alias_suffixes
 from app.db import Session
 from app.models import SLDomain, PartnerUser, AliasOptions, CustomDomain
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from init_app import add_sl_domains
 from tests.utils import create_new_user, random_token
 

app/tests/test_coupon_utils.py

@@ -6,6 +6,7 @@ from app.coupon_utils import (
     CouponUserCannotRedeemError,
     redeem_lifetime_coupon,
 )
+from app.db import Session
 from app.models import (
     Coupon,
     Subscription,
@@ -14,8 +15,11 @@ from app.models import (
     CoinbaseSubscription,
     LifetimeCoupon,
     User,
+    PartnerSubscription,
+    PartnerUser,
 )
-from tests.utils import create_new_user, random_string
+from app.proton.proton_partner import get_proton_partner
+from tests.utils import create_new_user, random_string, random_email
 
 
 def test_use_coupon():
@@ -157,3 +161,55 @@ def test_used_lifetime_coupon():
     user = User.get(user.id)
     assert not user.lifetime
     assert not user.paid_lifetime
+
+
+def test_used_lifetime_coupon_with_lifetime_user():
+    user = create_new_user()
+    user.lifetime = True
+    code = random_string(10)
+    LifetimeCoupon.create(code=code, nb_used=10, paid=True)
+    coupon = redeem_lifetime_coupon(code, user)
+    assert coupon is None
+
+
+def test_used_lifetime_coupon_with_lifetime_partner():
+    email = random_email()
+    user = User.create(email=email)
+    pu = PartnerUser.create(
+        user_id=user.id,
+        partner_id=get_proton_partner().id,
+        partner_email=email,
+        external_user_id=random_string(10),
+        flush=True,
+    )
+    PartnerSubscription.create(
+        partner_user_id=pu.id, end_at=arrow.utcnow().shift(years=10), lifetime=True
+    )
+    Session.flush()
+    code = random_string(10)
+    LifetimeCoupon.create(code=code, nb_used=10, paid=True)
+    coupon = redeem_lifetime_coupon(code, user)
+    assert coupon is None
+
+
+def test_used_lifetime_coupon_with_partner_sub():
+    email = random_email()
+    user = User.create(email=email)
+    pu = PartnerUser.create(
+        user_id=user.id,
+        partner_id=get_proton_partner().id,
+        partner_email=email,
+        external_user_id=random_string(10),
+        flush=True,
+    )
+    PartnerSubscription.create(
+        partner_user_id=pu.id, end_at=arrow.utcnow().shift(years=10)
+    )
+    Session.flush()
+    code = random_string(10)
+    LifetimeCoupon.create(code=code, nb_used=10, paid=True)
+    coupon = redeem_lifetime_coupon(code, user)
+    assert coupon
+    user = User.get(user.id)
+    assert user.lifetime
+    assert user.paid_lifetime

app/tests/test_custom_domain_utils.py

@@ -13,8 +13,8 @@ from app.custom_domain_utils import (
 )
 from app.db import Session
 from app.models import User, CustomDomain, Mailbox, DomainMailbox
-from tests.utils import get_proton_partner, random_email
 from tests.utils import create_new_user, random_string, random_domain
+from tests.utils import get_proton_partner, random_email
 
 user: Optional[User] = None
 
@@ -195,7 +195,11 @@ def test_set_custom_domain_mailboxes_success():
     assert res.success is True
     assert res.reason is None
 
-    domain_mailboxes = DomainMailbox.filter_by(domain_id=domain.id).all()
+    domain_mailboxes = (
+        DomainMailbox.filter_by(domain_id=domain.id)
+        .order_by(DomainMailbox.mailbox_id.asc())
+        .all()
+    )
     assert len(domain_mailboxes) == 2
     assert domain_mailboxes[0].domain_id == domain.id
     assert domain_mailboxes[0].mailbox_id == user.default_mailbox_id
@@ -219,7 +223,11 @@ def test_set_custom_domain_mailboxes_set_twice():
     assert res.success is True
     assert res.reason is None
 
-    domain_mailboxes = DomainMailbox.filter_by(domain_id=domain.id).all()
+    domain_mailboxes = (
+        DomainMailbox.filter_by(domain_id=domain.id)
+        .order_by(DomainMailbox.mailbox_id.asc())
+        .all()
+    )
     assert len(domain_mailboxes) == 2
     assert domain_mailboxes[0].domain_id == domain.id
     assert domain_mailboxes[0].mailbox_id == user.default_mailbox_id

app/tests/test_custom_domain_validation.py

@@ -4,9 +4,9 @@ from app import config
 from app.constants import DMARC_RECORD
 from app.custom_domain_validation import CustomDomainValidation
 from app.db import Session
+from app.dns_utils import InMemoryDNSClient
 from app.models import CustomDomain, User
-from app.dns_utils import InMemoryDNSClient, MxRecord
+from app.proton.proton_partner import get_proton_partner
-from app.proton.utils import get_proton_partner
 from app.utils import random_string
 from tests.utils import create_new_user, random_domain
 
@@ -33,9 +33,12 @@ def test_custom_domain_validation_get_dkim_records():
     records = validator.get_dkim_records(custom_domain)
 
     assert len(records) == 3
-    assert records["dkim02._domainkey"] == f"dkim02._domainkey.{domain}"
+    assert records["dkim02._domainkey"].recommended == f"dkim02._domainkey.{domain}"
-    assert records["dkim03._domainkey"] == f"dkim03._domainkey.{domain}"
+    assert records["dkim02._domainkey"].allowed == [f"dkim02._domainkey.{domain}"]
-    assert records["dkim._domainkey"] == f"dkim._domainkey.{domain}"
+    assert records["dkim03._domainkey"].recommended == f"dkim03._domainkey.{domain}"
+    assert records["dkim03._domainkey"].allowed == [f"dkim03._domainkey.{domain}"]
+    assert records["dkim._domainkey"].recommended == f"dkim._domainkey.{domain}"
+    assert records["dkim._domainkey"].allowed == [f"dkim._domainkey.{domain}"]
 
 
 def test_custom_domain_validation_get_dkim_records_for_partner():
@@ -53,9 +56,25 @@ def test_custom_domain_validation_get_dkim_records_for_partner():
     records = validator.get_dkim_records(custom_domain)
 
     assert len(records) == 3
-    assert records["dkim02._domainkey"] == f"dkim02._domainkey.{dkim_domain}"
+    assert (
-    assert records["dkim03._domainkey"] == f"dkim03._domainkey.{dkim_domain}"
+        records["dkim02._domainkey"].recommended == f"dkim02._domainkey.{dkim_domain}"
-    assert records["dkim._domainkey"] == f"dkim._domainkey.{dkim_domain}"
+    )
+    assert records["dkim02._domainkey"].allowed == [
+        f"dkim02._domainkey.{dkim_domain}",
+        f"dkim02._domainkey.{domain}",
+    ]
+    assert (
+        records["dkim03._domainkey"].recommended == f"dkim03._domainkey.{dkim_domain}"
+    )
+    assert records["dkim03._domainkey"].allowed == [
+        f"dkim03._domainkey.{dkim_domain}",
+        f"dkim03._domainkey.{domain}",
+    ]
+    assert records["dkim._domainkey"].recommended == f"dkim._domainkey.{dkim_domain}"
+    assert records["dkim._domainkey"].allowed == [
+        f"dkim._domainkey.{dkim_domain}",
+        f"dkim._domainkey.{domain}",
+    ]
 
 
 # get_expected_mx_records
@@ -75,8 +94,8 @@ def test_custom_domain_validation_get_expected_mx_records_regular_domain():
     assert len(records) == len(config.EMAIL_SERVERS_WITH_PRIORITY)
     for i in range(len(config.EMAIL_SERVERS_WITH_PRIORITY)):
         config_record = config.EMAIL_SERVERS_WITH_PRIORITY[i]
-        assert records[i].priority == config_record[0]
+        assert records[config_record[0]].recommended == config_record[1]
-        assert records[i].domain == config_record[1]
+        assert records[config_record[0]].allowed == [config_record[1]]
 
 
 def test_custom_domain_validation_get_expected_mx_records_domain_from_partner():
@@ -89,14 +108,15 @@ def test_custom_domain_validation_get_expected_mx_records_domain_from_partner():
 
     dkim_domain = random_domain()
     validator = CustomDomainValidation(dkim_domain)
-    records = validator.get_expected_mx_records(custom_domain)
+    expected_records = validator.get_expected_mx_records(custom_domain)
     # As the domain is a partner_domain but there is no custom config for partner, default records
     # should be used
-    assert len(records) == len(config.EMAIL_SERVERS_WITH_PRIORITY)
+    assert len(expected_records) == len(config.EMAIL_SERVERS_WITH_PRIORITY)
     for i in range(len(config.EMAIL_SERVERS_WITH_PRIORITY)):
         config_record = config.EMAIL_SERVERS_WITH_PRIORITY[i]
-        assert records[i].priority == config_record[0]
+        expected = expected_records[config_record[0]]
-        assert records[i].domain == config_record[1]
+        assert expected.recommended == config_record[1]
+        assert expected.allowed == [config_record[1]]
 
 
 def test_custom_domain_validation_get_expected_mx_records_domain_from_partner_with_custom_config():
@@ -112,15 +132,21 @@ def test_custom_domain_validation_get_expected_mx_records_domain_from_partner_wi
     validator = CustomDomainValidation(
         dkim_domain, partner_domains={partner_id: expected_mx_domain}
     )
-    records = validator.get_expected_mx_records(custom_domain)
+    expected_records = validator.get_expected_mx_records(custom_domain)
     # As the domain is a partner_domain and there is a custom config for partner, partner records
     # should be used
-    assert len(records) == 2
+    assert len(expected_records) == 2
+    sl_domains = config.EMAIL_SERVERS_WITH_PRIORITY
 
-    assert records[0].priority == 10
+    assert expected_records[10].recommended == f"mx1.{expected_mx_domain}."
-    assert records[0].domain == f"mx1.{expected_mx_domain}."
+    expected = [f"mx1.{expected_mx_domain}."]
-    assert records[1].priority == 20
+    expected.extend([sl_dom[1] for sl_dom in sl_domains if sl_dom[0] == 10])
-    assert records[1].domain == f"mx2.{expected_mx_domain}."
+    assert expected_records[10].allowed == expected
+
+    assert expected_records[20].recommended == f"mx2.{expected_mx_domain}."
+    expected = [f"mx2.{expected_mx_domain}."]
+    expected.extend([sl_dom[1] for sl_dom in sl_domains if sl_dom[0] == 20])
+    assert expected_records[20].allowed == expected
 
 
 # get_expected_spf_records
@@ -309,7 +335,7 @@ def test_custom_domain_validation_validate_ownership_success():
     domain = create_custom_domain(random_domain())
 
     dns_client.set_txt_record(
-        domain.domain, [validator.get_ownership_verification_record(domain)]
+        domain.domain, validator.get_ownership_verification_record(domain).allowed
     )
     res = validator.validate_domain_ownership(domain)
 
@@ -336,7 +362,7 @@ def test_custom_domain_validation_validate_ownership_from_partner_success():
     Session.commit()
 
     dns_client.set_txt_record(
-        domain.domain, [validator.get_ownership_verification_record(domain)]
+        domain.domain, validator.get_ownership_verification_record(domain).allowed
     )
     res = validator.validate_domain_ownership(domain)
 
@@ -370,7 +396,7 @@ def test_custom_domain_validation_validate_mx_records_wrong_records_failure():
 
     wrong_record_1 = random_string()
     wrong_record_2 = random_string()
-    wrong_records = [MxRecord(10, wrong_record_1), MxRecord(20, wrong_record_2)]
+    wrong_records = {10: [wrong_record_1], 20: [wrong_record_2]}
     dns_client.set_mx_records(domain.domain, wrong_records)
     res = validator.validate_mx_records(domain)
 
@@ -387,7 +413,12 @@ def test_custom_domain_validation_validate_mx_records_success():
 
     domain = create_custom_domain(random_domain())
 
-    dns_client.set_mx_records(domain.domain, validator.get_expected_mx_records(domain))
+    mx_records_by_prio = validator.get_expected_mx_records(domain)
+    dns_records = {
+        priority: mx_records_by_prio[priority].allowed
+        for priority in mx_records_by_prio
+    }
+    dns_client.set_mx_records(domain.domain, dns_records)
     res = validator.validate_mx_records(domain)
 
     assert res.success is True
@@ -485,16 +516,19 @@ def test_custom_domain_validation_validate_spf_cleans_verification_record():
     domain.partner_id = proton_partner_id
     Session.commit()
 
-    wrong_record = random_string()
+    ownership_records = validator.get_ownership_verification_record(domain)
-    dns_client.set_txt_record(
-        hostname=domain.domain,
-        txt_list=[wrong_record, validator.get_ownership_verification_record(domain)],
-    )
-    res = validator.validate_spf_records(domain)
 
-    assert res.success is False
+    for ownership_record in ownership_records.allowed:
-    assert len(res.errors) == 1
+        wrong_record = random_string()
-    assert res.errors[0] == wrong_record
+        dns_client.set_txt_record(
+            hostname=domain.domain,
+            txt_list=[wrong_record, ownership_record],
+        )
+        res = validator.validate_spf_records(domain)
+
+        assert res.success is False
+        assert len(res.errors) == 1
+        assert res.errors[0] == wrong_record
 
 
 # validate_dmarc_records

app/tests/test_dns_utils.py

@@ -1,9 +1,8 @@
+from app.custom_domain_validation import is_mx_equivalent, ExpectedValidationRecords
 from app.dns_utils import (
     get_mx_domains,
     get_network_dns_client,
-    is_mx_equivalent,
     InMemoryDNSClient,
-    MxRecord,
 )
 
 from tests.utils import random_domain
@@ -17,9 +16,9 @@ def test_get_mx_domains():
 
     assert len(r) > 0
 
-    for x in r:
+    for prio in r:
-        assert x.priority > 0
+        assert prio > 0
-        assert x.domain
+        assert len(r[prio]) > 0
 
 
 def test_get_spf_domain():
@@ -33,33 +32,49 @@ def test_get_txt_record():
 
 
 def test_is_mx_equivalent():
-    assert is_mx_equivalent([], [])
+    assert is_mx_equivalent({}, {})
     assert is_mx_equivalent(
-        mx_domains=[MxRecord(1, "domain")], ref_mx_domains=[MxRecord(1, "domain")]
+        mx_domains={1: ["domain"]},
+        expected_mx_domains={
+            1: ExpectedValidationRecords(recommended="nop", allowed=["domain"])
+        },
     )
     assert is_mx_equivalent(
-        mx_domains=[MxRecord(10, "domain1"), MxRecord(20, "domain2")],
+        mx_domains={10: ["domain10"], 20: ["domain20"]},
-        ref_mx_domains=[MxRecord(10, "domain1"), MxRecord(20, "domain2")],
+        expected_mx_domains={
+            10: ExpectedValidationRecords(recommended="nop", allowed=["domain10"]),
+            20: ExpectedValidationRecords(recommended="nop", allowed=["domain20"]),
+        },
     )
+
     assert is_mx_equivalent(
-        mx_domains=[MxRecord(5, "domain1"), MxRecord(10, "domain2")],
+        mx_domains={5: ["domain1"], 10: ["domain2"]},
-        ref_mx_domains=[MxRecord(10, "domain1"), MxRecord(20, "domain2")],
+        expected_mx_domains={
+            10: ExpectedValidationRecords(recommended="nop", allowed=["domain1"]),
+            20: ExpectedValidationRecords(recommended="nop", allowed=["domain2"]),
+        },
     )
-    assert is_mx_equivalent(
+
-        mx_domains=[
+    assert not is_mx_equivalent(
-            MxRecord(5, "domain1"),
+        mx_domains={10: ["domain10", "domain11"], 20: ["domain20"]},
-            MxRecord(10, "domain2"),
+        expected_mx_domains={
-            MxRecord(20, "domain3"),
+            10: ExpectedValidationRecords(recommended="nop", allowed=["domain10"]),
-        ],
+            20: ExpectedValidationRecords(recommended="nop", allowed=["domain20"]),
-        ref_mx_domains=[MxRecord(10, "domain1"), MxRecord(20, "domain2")],
+        },
     )
     assert not is_mx_equivalent(
-        mx_domains=[MxRecord(5, "domain1"), MxRecord(10, "domain2")],
+        mx_domains={5: ["domain1"], 10: ["domain2"], 20: ["domain3"]},
-        ref_mx_domains=[
+        expected_mx_domains={
-            MxRecord(10, "domain1"),
+            10: ExpectedValidationRecords(recommended="nop", allowed=["domain1"]),
-            MxRecord(20, "domain2"),
+            20: ExpectedValidationRecords(recommended="nop", allowed=["domain2"]),
-            MxRecord(20, "domain3"),
+        },
-        ],
+    )
+    assert not is_mx_equivalent(
+        mx_domains={10: ["domain1"]},
+        expected_mx_domains={
+            10: ExpectedValidationRecords(recommended="nop", allowed=["domain1"]),
+            20: ExpectedValidationRecords(recommended="nop", allowed=["domain2"]),
+        },
     )
 
 

app/tests/test_domains.py

@@ -1,6 +1,6 @@
 from app.db import Session
 from app.models import SLDomain, PartnerUser, AliasOptions
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from init_app import add_sl_domains
 from tests.utils import create_new_user, random_token
 

app/tests/test_mailbox_utils.py

@@ -25,7 +25,6 @@ from app.user_audit_log_utils import UserAuditLogAction
 from app.utils import random_string, canonicalize_email
 from tests.utils import create_new_user, random_email
 
-
 user: Optional[User] = None
 
 
@@ -598,3 +597,68 @@ def test_change_mailbox_verified_address(flask_client):
     assert changed_mailbox.email == mail2
     assert out.activation is None
     assert 0 == len(mail_sender.get_stored_emails())
+
+
+def test_change_mailbox_email_duplicate(flask_client):
+    user = create_new_user()
+    domain = f"{random_string(10)}.com"
+    mail1 = f"mail_1@{domain}"
+    mbox = Mailbox.create(email=mail1, user_id=user.id, verified=True, flush=True)
+    mail2 = f"mail_2@{domain}"
+    request_mailbox_email_change(user, mbox, mail2, email_ownership_verified=True)
+    with pytest.raises(mailbox_utils.MailboxError):
+        request_mailbox_email_change(user, mbox, mail2, email_ownership_verified=True)
+
+
+def test_change_mailbox_email_duplicate_in_another_mailbox(flask_client):
+    user = create_new_user()
+    domain = f"{random_string(10)}.com"
+    mail1 = f"mail_1@{domain}"
+    mbox1 = Mailbox.create(email=mail1, user_id=user.id, verified=True, flush=True)
+    mail2 = f"mail_2@{domain}"
+    mbox2 = Mailbox.create(email=mail2, user_id=user.id, verified=True, flush=True)
+    mail3 = f"mail_3@{domain}"
+    request_mailbox_email_change(user, mbox1, mail3)
+    with pytest.raises(mailbox_utils.MailboxError):
+        request_mailbox_email_change(user, mbox2, mail3)
+
+
+def test_change_mailbox_verified_email_clears_pending_email(flask_client):
+    user = create_new_user()
+    domain = f"{random_string(10)}.com"
+    mail = f"mail_1@{domain}"
+    mbox1 = Mailbox.create(
+        email=mail,
+        new_email=f"oldpending_{mail}",
+        user_id=user.id,
+        verified=True,
+        flush=True,
+    )
+    new_email = f"new_{mail}"
+    out = request_mailbox_email_change(
+        user, mbox1, new_email, email_ownership_verified=True
+    )
+    assert out.activation is None
+    assert out.mailbox.email == new_email
+    assert out.mailbox.new_email is None
+
+
+def test_change_mailbox_verified_email_sets_mailbox_as_verified(flask_client):
+    user = create_new_user()
+    domain = f"{random_string(10)}.com"
+    mail = f"mail_1@{domain}"
+    mbox1 = Mailbox.create(
+        email=mail,
+        new_email=f"oldpending_{mail}",
+        user_id=user.id,
+        verified=False,
+        flush=True,
+    )
+    new_email = f"new_{mail}"
+    out = request_mailbox_email_change(
+        user, mbox1, new_email, email_ownership_verified=True
+    )
+    assert out.activation is None
+    assert out.mailbox.email == new_email
+    assert out.mailbox.new_email is None
+    assert out.mailbox.verified is True

app/tests/utils.py

@@ -10,7 +10,7 @@ import jinja2
 from flask import url_for
 
 from app.models import User, PartnerUser
-from app.proton.utils import get_proton_partner
+from app.proton.proton_partner import get_proton_partner
 from app.utils import random_string