From e245a1bac669cf4f384fa62c6d073bcd8d6e72c1 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Mon, 4 Jul 2022 10:12:35 +0200
Subject: [PATCH] utils: do not try to send mail to clearly unusable email
 addresses (#62354)

---
 .../commands/clean-unused-accounts.py         |  3 +-
 src/authentic2/utils/misc.py                  | 29 +++++++++++++++++--
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/src/authentic2/management/commands/clean-unused-accounts.py b/src/authentic2/management/commands/clean-unused-accounts.py
index 25b65caf..079d72b9 100644
--- a/src/authentic2/management/commands/clean-unused-accounts.py
+++ b/src/authentic2/management/commands/clean-unused-accounts.py
@@ -129,10 +129,9 @@ class Command(BaseCommand):
         else:
             logger.debug('sending mail to %s', user.email)
             if not self.fake:
-                email = user.email
 
                 def send_mail():
-                    send_templated_mail(email, prefix, ctx)
+                    send_templated_mail(user, prefix, ctx)
 
                 transaction.on_commit(send_mail)
 
diff --git a/src/authentic2/utils/misc.py b/src/authentic2/utils/misc.py
index f9ed83d9..a92e225e 100644
--- a/src/authentic2/utils/misc.py
+++ b/src/authentic2/utils/misc.py
@@ -32,7 +32,7 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth import authenticate as dj_authenticate
 from django.contrib.auth import get_user_model
 from django.contrib.auth import login as auth_login
-from django.core.exceptions import FieldDoesNotExist, ImproperlyConfigured
+from django.core.exceptions import FieldDoesNotExist, ImproperlyConfigured, ValidationError
 from django.core.mail import EmailMessage, send_mail
 from django.forms.utils import ErrorList, to_current_timezone
 from django.http import HttpResponse, HttpResponseRedirect
@@ -47,6 +47,7 @@ from django.utils.formats import localize
 from django.utils.translation import ngettext
 
 from authentic2.saml.saml2utils import filter_attribute_private_key, filter_element_private_key
+from authentic2.validators import EmailValidator
 
 from .. import app_settings, constants, crypto, plugins
 from .cache import GlobalCache
@@ -662,6 +663,10 @@ def render_plain_text_template_to_string(template_names, ctx, request=None):
     return template.template.render(make_context(ctx, request=request, autoescape=False))
 
 
+class SendEmailError(Exception):
+    pass
+
+
 def send_templated_mail(
     user_or_email,
     template_names,
@@ -691,7 +696,25 @@ def send_templated_mail(
             new_template_names.append(template)
         template_names = new_template_names
     if hasattr(user_or_email, 'email'):
-        user_or_email = user_or_email.email
+        email = user_or_email.email
+        user = user_or_email
+    else:
+        email = user_or_email
+        user = None
+
+    # check email is syntaxically valid before trying to send it
+    try:
+        EmailValidator()(email)
+    except ValidationError as e:
+        logger = logging.getLogger(__name__)
+        extra = {}
+        if user:
+            extra['user'] = user
+        logger.warning(
+            'send_templated_email: user=%s email=%r templates=%s error=%s', user, email, template_names, e
+        )
+        return
+
     if not request:
         request = middleware.StoreRequestMiddleware().get_request()
 
@@ -732,7 +755,7 @@ def send_templated_mail(
             subject,
             body,
             from_email or settings.DEFAULT_FROM_EMAIL,
-            [user_or_email],
+            [email],
             html_message=html_body,
             **kwargs,
         )
-- 
2.35.1