I did look for a JIRA Issue but couldn't find one.
There was one issue about being able to set custom smtp-headers:
https://issues.jboss.org/browse/KEYCLOAK-3605
@1) yes I'll send a PR ;-)
@2) The idea is to add a user specific bounce address to every email sent
out by keycloak.
So if an admin sends an email to a user with a non-existing email one would
get a bounce from the particular email-provider.
After some time the e-mail provider will sent a bounce mail to the address
that was mentioned in the
MAIL FROM, or to be more specific in the smtp.mailfrom SMTP-header header.
Those emails can now be collected in a central inbox. The e-mails contain
the previously set
bounce email address with some additional information like service, realm,
userId, e.g.:
smtp.mailfrom=
bounces+sso_acme-test_0b21aecc-4145-464f-86fa-719559b08869(a)example.org
This information can now be used to lookup the user with the bad email
address and flag the user
or even require the user to enter a new e-mail.
One could also use a similar trick to encode some additional information
like (user realm, user-d) into the
custom reply-to address.
Based on a generic Help Desk address like helpdesk(a)example.org one could
generate a user specific address like:
helpdesk+sso_realm-name_user-id(a)example.org
A CRM application could now lookup the user by it's user-id to add
additional information to the helpdesk ticket.
The following Java program demonstrates the usage of JavMail with SMTP
Envelope From.
See the attached image for how this will look for the end-user in gmail.
import java.util.Properties;
import javax.mail.Message.RecipientType;
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import com.sun.mail.smtp.SMTPMessage;
public class JavaMailSmtpBounceExample {
public static void main(String[] args) throws Exception {
Properties properties = new Properties();
properties.put("mail.smtp.auth", "false");
properties.put("mail.smtp.host", "smtp4server");
properties.put("mail.smtp.port", "25");
Session session = Session.getInstance(properties);
SMTPMessage smtpMessage = new SMTPMessage(session);
smtpMessage.setContent("Hello World", "text/plain");
smtpMessage.setSubject("Test Mail " + System.currentTimeMillis());
String userDisplayName = "Thomas Darimont";
String userId = "0b21aecc-4145-464f-86fa-719559b08869";
String userEmail = "thomas.darimont(a)gmail.com";
String realmDisplayName = "acme SSO (test)";
String realmName = "acme-test";
String replyToDisplayName = "Help Desk";
String replyToEmailLocalPart = "helpdesk";
String realmFromEmailLocalPart = "no-reply";
String serviceDomain = "example.org";
String to = String.format("\"%s\"<%s>", userDisplayName,
userEmail);
String from = String.format("\"%s\"<%s@%s>",
realmDisplayName,
realmFromEmailLocalPart,
serviceDomain);
String envelopeFrom = String.format("bounces+sso_%s_%s@%s",
realmName, userId,
serviceDomain);
String replyTo = String.format("\"%s\"<%s@%s>",
replyToDisplayName,
replyToEmailLocalPart, serviceDomain);
System.out.printf("to: %s%n", to);
System.out.printf("from: %s%n", from);
System.out.printf("envelopeFrom: %s%n", envelopeFrom);
System.out.printf("replyTo: %s%n", replyTo);
smtpMessage.addRecipient(RecipientType.TO,
InternetAddress.parse(to)[0]);
smtpMessage.setReplyTo(InternetAddress.parse(replyTo));
smtpMessage.setFrom(InternetAddress.parse(from)[0]);
smtpMessage.setEnvelopeFrom(envelopeFrom);
Transport.send(smtpMessage);
}
}
Output:
to: "Thomas Darimont"<thomas.darimont(a)gmail.com>
from: "acme SSO (test)"<no-reply(a)example.org>
envelopeFrom:
bounces+sso_acme-test_0b21aecc-4145-464f-86fa-719559b08869(a)example.org
replyTo: "Help Desk"<helpdesk(a)example.org>
The email
smtp.mailfrom=
bounces+sso_acme-test_0b21aecc-4145-464f-86fa-719559b08869(a)example.org
2017-01-05 9:44 GMT+01:00 Stian Thorgersen <sthorger(a)redhat.com>:
On 5 January 2017 at 09:21, Thomas Darimont <thomas.darimont(a)googlemail.co
m> wrote:
> Hello group,
>
> currently Keycloak allows to configure the "from" address per realm which
> all emails sent from that particular realm use.
>
> Often a generic address like no-reply(a)mycorp.com or a realm specific
> address like
> no-reply-myrealm(a)mycorp.com is used as "from" address.
>
> It would be nice if one would have more options here like:
>
> 1) Use the realm name or a custom string as the display name for the
> "from"
> Address
> Display Name<actual-address(a)mycorp.com>
> e.g.: "MyCorp SSO"<no-reply(a)mycorp.com>
> "MyCorp Helpdesk"<helpdesk(a)mycorp.com>
>
We had someone request that in the past and I think there's a issue
already open for it. If not then you can create one. Would it come with a
PR ;)?
>
> 2) Allow to specify a Bounce Address (MAIL FROM) with some place-holders
> (user-id, realm-id)
> e.g.: sso-bounces+${realm-id}_${user-id}(a)mycorp.com
> This is especially useful when integrating with legacy user stores with
> unreliable e-mail addresses.
>
Can you explain this a bit more as I don't understand this
>
> Shall I create JIRA issues for that?
>
> Cheers,
> Thomas
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>