chore(deps): update dependency font-awesome to v7

Cargo.toml

@@ -8,7 +8,7 @@ authors = ["Bill Thiede <git@xinu.tv>"]
 edition = "2021"
 license = "UNLICENSED"
 publish = ["xinu"]
-version = "0.17.27"
+version = "0.17.38"
 repository = "https://git.z.xinu.tv/wathiede/letterbox"
 
 [profile.dev]

server/.sqlx/query-126e16a4675e8d79f330b235f9e1b8614ab1e1526e4e69691c5ebc70d54a42ef.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\nSELECT\n  url\nFROM email_photo ep\nJOIN email_address ea\nON ep.id = ea.email_photo_id\nWHERE\n  address = $1\n    ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "url",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "126e16a4675e8d79f330b235f9e1b8614ab1e1526e4e69691c5ebc70d54a42ef"
-}

server/.sqlx/query-6c5b0a96f45f78795732ea428cc01b4eab28b7150aa37387e7439a6b0b58e88c.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n        SELECT rule as \"rule: Json<Rule>\"\n        FROM email_rule\n        ORDER BY sort_order\n        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "rule: Json<Rule>",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "6c5b0a96f45f78795732ea428cc01b4eab28b7150aa37387e7439a6b0b58e88c"
-}

server/Cargo.toml

@@ -12,8 +12,11 @@ version.workspace = true
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
+chrono-tz = "0.8"
+html2text = "0.6"
 ammonia = "4.1.0"
 anyhow = "1.0.98"
+askama = { version = "0.14.0", features = ["derive"] }
 async-graphql = { version = "7", features = ["log"] }
 async-graphql-axum = "7.0.16"
 async-trait = "0.1.88"
@@ -23,17 +26,20 @@ build-info = "0.0.41"
 cacher = { version = "0.2.0", registry = "xinu" }
 chrono = "0.4.40"
 clap = { version = "4.5.37", features = ["derive"] }
-css-inline = "0.16.0"
+css-inline = "0.17.0"
+flate2 = "1.1.2"
 futures = "0.3.31"
 headers = "0.4.0"
 html-escape = "0.2.13"
-letterbox-notmuch = { path = "../notmuch", version = "0.17.27", registry = "xinu" }
-letterbox-shared = { path = "../shared", version = "0.17.27", registry = "xinu" }
+ical = "0.10"
+letterbox-notmuch = { path = "../notmuch", version = "0.17.38", registry = "xinu" }
+letterbox-shared = { path = "../shared", version = "0.17.38", registry = "xinu" }
 linkify = "0.10.0"
 lol_html = "2.3.0"
 mailparse = "0.16.1"
 maplit = "1.0.2"
 memmap = "0.7.0"
+quick-xml = { version = "0.38.1", features = ["serialize"] }
 regex = "1.11.1"
 reqwest = { version = "0.12.15", features = ["blocking"] }
 scraper = "0.23.1"
@@ -50,6 +56,8 @@ urlencoding = "2.1.3"
 #xtracing = { git = "http://git-private.h.xinu.tv/wathiede/xtracing.git" }
 #xtracing = { path = "../../xtracing" }
 xtracing = { version = "0.3.2", registry = "xinu" }
+zip = "4.3.0"
+
 
 [build-dependencies]
 build-info-build = "0.0.41"

server/build.rs

@@ -2,4 +2,5 @@ fn main() {
     // Calling `build_info_build::build_script` collects all data and makes it available to `build_info::build_info!`
     // and `build_info::format!` in the main program.
     build_info_build::build_script();
+    println!("cargo:rerun-if-changed=templates");
 }

server/sql/label_unprocessed.sql

@@ -0,0 +1 @@
+SELECT rule as "rule: Json<Rule>" FROM email_rule ORDER BY sort_order

server/sql/photo_url_for_email_address.sql

@@ -0,0 +1 @@
+SELECT url FROM email_photo ep JOIN email_address ea ON ep.id = ea.email_photo_id WHERE address = $1

server/src/bin/letterbox-server.rs

@@ -119,9 +119,10 @@ async fn download_attachment(
     } else {
         format!("id:{}", id)
     };
-    info!("download attachment {mid} {idx}");
+    info!("download attachment message id '{mid}' idx '{idx}'");
     let idx: Vec<_> = idx
         .split('.')
+        .filter(|s| !s.is_empty())
         .map(|s| s.parse().expect("not a usize"))
         .collect();
     let attachment = attachment_bytes(&nm, &mid, &idx)?;

server/src/error.rs

@@ -39,4 +39,10 @@ pub enum ServerError {
     QueryParseError(#[from] QueryParserError),
     #[error("impossible: {0}")]
     InfaillibleError(#[from] Infallible),
+    #[error("askama error: {0}")]
+    AskamaError(#[from] askama::Error),
+    #[error("xml error: {0}")]
+    XmlError(#[from] quick_xml::Error),
+    #[error("xml encoding error: {0}")]
+    XmlEncodingError(#[from] quick_xml::encoding::EncodingError),
 }

server/src/graphql.rs

@@ -237,6 +237,24 @@ impl Body {
             content_tree: "".to_string(),
         })
     }
+
+    pub fn to_html(&self) -> Option<String> {
+        match self {
+            Body::Html(h) => Some(h.html.clone()),
+            Body::PlainText(p) => Some(format!("<pre>{}</pre>", html_escape::encode_text(&p.text))),
+            Body::UnhandledContentType(u) => {
+                Some(format!("<pre>{}</pre>", html_escape::encode_text(&u.text)))
+            }
+        }
+    }
+
+    pub fn to_html_content_tree(&self) -> Option<String> {
+        match self {
+            Body::Html(h) => Some(h.content_tree.clone()),
+            Body::PlainText(p) => Some(p.content_tree.clone()),
+            Body::UnhandledContentType(u) => Some(u.content_tree.clone()),
+        }
+    }
 }
 
 #[derive(Debug, SimpleObject)]

server/src/lib.rs

@@ -1,4 +1,5 @@
 pub mod config;
+pub mod email_extract;
 pub mod error;
 pub mod graphql;
 pub mod newsreader;

server/src/nm.rs

@@ -1,35 +1,31 @@
 use std::{
     collections::{HashMap, HashSet},
     fs::File,
+    io::{Cursor, Read},
 };
 
 use letterbox_notmuch::Notmuch;
 use letterbox_shared::{compute_color, Rule};
-use mailparse::{parse_content_type, parse_mail, MailHeader, MailHeaderMap, ParsedMail};
+use mailparse::{parse_mail, MailHeader, MailHeaderMap};
 use memmap::MmapOptions;
 use sqlx::{types::Json, PgPool};
 use tracing::{error, info, info_span, instrument, warn};
+use zip::ZipArchive;
 
 use crate::{
     compute_offset_limit,
+    email_extract::*,
     error::ServerError,
     graphql::{
-        Attachment, Body, Corpus, DispositionType, Email, EmailThread, Header, Html, Message,
-        PlainText, Tag, Thread, ThreadSummary, UnhandledContentType,
+        Attachment, Body, Corpus, EmailThread, Header, Html, Message, PlainText, Tag, Thread,
+        ThreadSummary, UnhandledContentType,
     },
     linkify_html, InlineStyle, Query, SanitizeHtml, Transformer,
 };
 
-const IMAGE_JPEG: &'static str = "image/jpeg";
-const IMAGE_PJPEG: &'static str = "image/pjpeg";
-const IMAGE_PNG: &'static str = "image/png";
-const MESSAGE_RFC822: &'static str = "message/rfc822";
-const MULTIPART_ALTERNATIVE: &'static str = "multipart/alternative";
-const MULTIPART_MIXED: &'static str = "multipart/mixed";
-const MULTIPART_RELATED: &'static str = "multipart/related";
-const TEXT_HTML: &'static str = "text/html";
-const TEXT_PLAIN: &'static str = "text/plain";
-
+const APPLICATION_GZIP: &'static str = "application/gzip";
+const APPLICATION_ZIP: &'static str = "application/zip";
+const MULTIPART_REPORT: &'static str = "multipart/report";
 const MAX_RAW_MESSAGE_SIZE: usize = 100_000;
 
 fn is_notmuch_query(query: &Query) -> bool {
@@ -169,7 +165,8 @@ pub async fn thread(
     // display names (that default to the most commonly seen name).
     let mut messages = Vec::new();
     for (path, id) in std::iter::zip(nm.files(&thread_id)?, nm.message_ids(&thread_id)?) {
-        let tags = nm.tags_for_query(&format!("id:{id}"))?;
+        let mut html_report_summary: Option<String> = None;
+        let tags = nm.tags_for_query(&format!("id:{}", id))?;
         let file = File::open(&path)?;
         let mmap = unsafe { MmapOptions::new().map(&file)? };
         let m = parse_mail(&mmap)?;
@@ -307,8 +304,109 @@ pub async fn thread(
             .collect();
         // TODO(wathiede): parse message and fill out attachments
         let attachments = extract_attachments(&m, &id)?;
+
+        let mut final_body = body;
+        let mut raw_report_content: Option<String> = None;
+
+        // Append TLS report if available
+        if m.ctype.mimetype.as_str() == MULTIPART_REPORT {
+            if let Ok(Body::Html(_html_body)) = extract_report(&m, &mut part_addr) {
+                // Extract raw JSON for pretty printing
+                if let Some(sp) = m
+                    .subparts
+                    .iter()
+                    .find(|sp| sp.ctype.mimetype.as_str() == "application/tlsrpt+gzip")
+                {
+                    if let Ok(gz_bytes) = sp.get_body_raw() {
+                        let mut decoder = flate2::read::GzDecoder::new(&gz_bytes[..]);
+                        let mut buffer = Vec::new();
+                        if decoder.read_to_end(&mut buffer).is_ok() {
+                            if let Ok(json_str) = String::from_utf8(buffer) {
+                                raw_report_content = Some(json_str);
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        // Append DMARC report if available
+        if m.ctype.mimetype.as_str() == APPLICATION_ZIP {
+            if let Ok(Body::Html(html_body)) = extract_zip(&m) {
+                html_report_summary = Some(html_body.html);
+                // Extract raw XML for pretty printing
+                if let Ok(zip_bytes) = m.get_body_raw() {
+                    if let Ok(mut archive) = ZipArchive::new(Cursor::new(&zip_bytes)) {
+                        for i in 0..archive.len() {
+                            if let Ok(mut file) = archive.by_index(i) {
+                                let name = file.name().to_lowercase();
+                                if is_dmarc_report_filename(&name) {
+                                    let mut xml = String::new();
+                                    use std::io::Read;
+                                    if file.read_to_string(&mut xml).is_ok() {
+                                        raw_report_content = Some(xml);
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        if m.ctype.mimetype.as_str() == APPLICATION_GZIP {
+            // Call extract_gzip to get the HTML summary and also to determine if it's a DMARC report
+            if let Ok((Body::Html(html_body), _)) = extract_gzip(&m) {
+                html_report_summary = Some(html_body.html);
+                // If extract_gzip successfully parsed a DMARC report, then extract the raw content
+                if let Ok(gz_bytes) = m.get_body_raw() {
+                    let mut decoder = flate2::read::GzDecoder::new(&gz_bytes[..]);
+                    let mut xml = String::new();
+                    use std::io::Read;
+                    if decoder.read_to_string(&mut xml).is_ok() {
+                        raw_report_content = Some(xml);
+                    }
+                }
+            }
+        }
+
+        let mut current_html = final_body.to_html().unwrap_or_default();
+
+        if let Some(html_summary) = html_report_summary {
+            current_html.push_str(&html_summary);
+        }
+
+        if let Some(raw_content) = raw_report_content {
+            let pretty_printed_content = if m.ctype.mimetype.as_str() == MULTIPART_REPORT {
+                // Pretty print JSON
+                if let Ok(parsed_json) = serde_json::from_str::<serde_json::Value>(&raw_content) {
+                    serde_json::to_string_pretty(&parsed_json).unwrap_or(raw_content)
+                } else {
+                    raw_content
+                }
+            } else {
+                // DMARC reports are XML
+                // Pretty print XML
+                match pretty_print_xml_with_trimming(&raw_content) {
+                    Ok(pretty_xml) => pretty_xml,
+                    Err(e) => {
+                        error!("Failed to pretty print XML: {:?}", e);
+                        raw_content
+                    }
+                }
+            };
+            current_html.push_str(&format!(
+                "\n<pre>{}</pre>",
+                html_escape::encode_text(&pretty_printed_content)
+            ));
+        }
+        final_body = Body::Html(Html {
+            html: current_html,
+            content_tree: final_body.to_html_content_tree().unwrap_or_default(),
+        });
+
         messages.push(Message {
-            id: format!("id:{id}"),
+            id: format!("id:{}", id),
             from,
             to,
             cc,
@@ -316,7 +414,7 @@ pub async fn thread(
             tags,
             timestamp,
             headers,
-            body,
+            body: final_body,
             path,
             attachments,
             delivered_to,
@@ -339,65 +437,17 @@ pub async fn thread(
     }))
 }
 
-fn email_addresses(
-    _path: &str,
-    m: &ParsedMail,
-    header_name: &str,
-) -> Result<Vec<Email>, ServerError> {
-    let mut addrs = Vec::new();
-    for header_value in m.headers.get_all_values(header_name) {
-        match mailparse::addrparse(&header_value) {
-            Ok(mal) => {
-                for ma in mal.into_inner() {
-                    match ma {
-                        mailparse::MailAddr::Group(gi) => {
-                            if !gi.group_name.contains("ndisclosed") {}
-                        }
-                        mailparse::MailAddr::Single(s) => addrs.push(Email {
-                            name: s.display_name,
-                            addr: Some(s.addr),
-                            photo_url: None,
-                        }), //println!("Single: {s}"),
-                    }
-                }
-            }
-            Err(_) => {
-                let v = header_value;
-                if v.matches('@').count() == 1 {
-                    if v.matches('<').count() == 1 && v.ends_with('>') {
-                        let idx = v.find('<').unwrap();
-                        let addr = &v[idx + 1..v.len() - 1].trim();
-                        let name = &v[..idx].trim();
-                        addrs.push(Email {
-                            name: Some(name.to_string()),
-                            addr: Some(addr.to_string()),
-                            photo_url: None,
-                        });
-                    }
-                } else {
-                    addrs.push(Email {
-                        name: Some(v),
-                        addr: None,
-                        photo_url: None,
-                    });
-                }
-            }
-        }
-    }
-    Ok(addrs)
-}
-
 pub fn cid_attachment_bytes(nm: &Notmuch, id: &str, cid: &str) -> Result<Attachment, ServerError> {
     let files = nm.files(id)?;
     let Some(path) = files.first() else {
-        warn!("failed to find files for message {id}");
+        warn!("failed to find files for message {}", id);
         return Err(ServerError::PartNotFound);
     };
     let file = File::open(&path)?;
     let mmap = unsafe { MmapOptions::new().map(&file)? };
     let m = parse_mail(&mmap)?;
     if let Some(attachment) = walk_attachments(&m, |sp, _cur_idx| {
-        info!("{cid} {:?}", get_content_id(&sp.headers));
+        info!("{} {:?}", cid, get_content_id(&sp.headers));
         if let Some(h_cid) = get_content_id(&sp.headers) {
             let h_cid = &h_cid[1..h_cid.len() - 1];
             if h_cid == cid {
@@ -418,12 +468,18 @@ pub fn cid_attachment_bytes(nm: &Notmuch, id: &str, cid: &str) -> Result<Attachm
 pub fn attachment_bytes(nm: &Notmuch, id: &str, idx: &[usize]) -> Result<Attachment, ServerError> {
     let files = nm.files(id)?;
     let Some(path) = files.first() else {
-        warn!("failed to find files for message {id}");
+        warn!("failed to find files for message {}", id);
         return Err(ServerError::PartNotFound);
     };
     let file = File::open(&path)?;
     let mmap = unsafe { MmapOptions::new().map(&file)? };
     let m = parse_mail(&mmap)?;
+    if idx.is_empty() {
+        let Some(attachment) = extract_attachment(&m, id, &[]) else {
+            return Err(ServerError::PartNotFound);
+        };
+        return Ok(attachment);
+    }
     if let Some(attachment) = walk_attachments(&m, |sp, cur_idx| {
         if cur_idx == idx {
             let attachment = extract_attachment(&sp, id, idx).unwrap_or(Attachment {
@@ -439,452 +495,6 @@ pub fn attachment_bytes(nm: &Notmuch, id: &str, idx: &[usize]) -> Result<Attachm
     Err(ServerError::PartNotFound)
 }
 
-fn extract_body(m: &ParsedMail, part_addr: &mut Vec<String>) -> Result<Body, ServerError> {
-    let body = m.get_body()?;
-    let ret = match m.ctype.mimetype.as_str() {
-        TEXT_PLAIN => return Ok(Body::text(body)),
-        TEXT_HTML => return Ok(Body::html(body)),
-        MULTIPART_MIXED => extract_mixed(m, part_addr),
-        MULTIPART_ALTERNATIVE => extract_alternative(m, part_addr),
-        MULTIPART_RELATED => extract_related(m, part_addr),
-        _ => extract_unhandled(m),
-    };
-    if let Err(err) = ret {
-        error!("Failed to extract body: {err:?}");
-        return Ok(extract_unhandled(m)?);
-    }
-    ret
-}
-
-fn extract_unhandled(m: &ParsedMail) -> Result<Body, ServerError> {
-    let msg = format!(
-        "Unhandled body content type:\n{}\n{}",
-        render_content_type_tree(m),
-        m.get_body()?,
-    );
-    Ok(Body::UnhandledContentType(UnhandledContentType {
-        text: msg,
-        content_tree: render_content_type_tree(m),
-    }))
-}
-
-// multipart/alternative defines multiple representations of the same message, and clients should
-// show the fanciest they can display. For this program, the priority is text/html, text/plain,
-// then give up.
-fn extract_alternative(m: &ParsedMail, part_addr: &mut Vec<String>) -> Result<Body, ServerError> {
-    let handled_types = vec![
-        MULTIPART_ALTERNATIVE,
-        MULTIPART_MIXED,
-        MULTIPART_RELATED,
-        TEXT_HTML,
-        TEXT_PLAIN,
-    ];
-    for sp in &m.subparts {
-        if sp.ctype.mimetype.as_str() == MULTIPART_ALTERNATIVE {
-            return extract_alternative(sp, part_addr);
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype.as_str() == MULTIPART_MIXED {
-            return extract_mixed(sp, part_addr);
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype.as_str() == MULTIPART_RELATED {
-            return extract_related(sp, part_addr);
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype.as_str() == TEXT_HTML {
-            let body = sp.get_body()?;
-            return Ok(Body::html(body));
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype.as_str() == TEXT_PLAIN {
-            let body = sp.get_body()?;
-            return Ok(Body::text(body));
-        }
-    }
-    Err(ServerError::StringError(format!(
-        "extract_alternative failed to find suitable subpart, searched: {:?}",
-        handled_types
-    )))
-}
-
-// multipart/mixed defines multiple types of context all of which should be presented to the user
-// 'serially'.
-fn extract_mixed(m: &ParsedMail, part_addr: &mut Vec<String>) -> Result<Body, ServerError> {
-    //todo!("add some sort of visual indicator there are unhandled types, i.e. .ics files");
-    let handled_types = vec![
-        IMAGE_JPEG,
-        IMAGE_PJPEG,
-        IMAGE_PNG,
-        MESSAGE_RFC822,
-        MULTIPART_ALTERNATIVE,
-        MULTIPART_RELATED,
-        TEXT_HTML,
-        TEXT_PLAIN,
-    ];
-    let mut unhandled_types: Vec<_> = m
-        .subparts
-        .iter()
-        .map(|sp| sp.ctype.mimetype.as_str())
-        .filter(|mt| !handled_types.contains(&mt))
-        .collect();
-    unhandled_types.sort();
-    if !unhandled_types.is_empty() {
-        warn!("{MULTIPART_MIXED} contains the following unhandled mimetypes {unhandled_types:?}");
-    }
-    let mut parts = Vec::new();
-    for (idx, sp) in m.subparts.iter().enumerate() {
-        part_addr.push(idx.to_string());
-        match sp.ctype.mimetype.as_str() {
-            MESSAGE_RFC822 => parts.push(extract_rfc822(&sp, part_addr)?),
-            MULTIPART_RELATED => parts.push(extract_related(sp, part_addr)?),
-            MULTIPART_ALTERNATIVE => parts.push(extract_alternative(sp, part_addr)?),
-            TEXT_PLAIN => parts.push(Body::text(sp.get_body()?)),
-            TEXT_HTML => parts.push(Body::html(sp.get_body()?)),
-            IMAGE_PJPEG | IMAGE_JPEG | IMAGE_PNG => {
-                let pcd = sp.get_content_disposition();
-                let filename = pcd
-                    .params
-                    .get("filename")
-                    .map(|s| s.clone())
-                    .unwrap_or("".to_string());
-                // Only add inline images, attachments are handled as an attribute of the top level Message and rendered separate client-side.
-                if pcd.disposition == mailparse::DispositionType::Inline {
-                    // TODO: make URL generation more programatic based on what the frontend has
-                    // mapped
-                    parts.push(Body::html(format!(
-                        r#"<img src="/api/view/attachment/{}/{}/{filename}">"#,
-                        part_addr[0],
-                        part_addr
-                            .iter()
-                            .skip(1)
-                            .map(|i| i.to_string())
-                            .collect::<Vec<_>>()
-                            .join(".")
-                    )));
-                }
-            }
-            mt => parts.push(unhandled_html(MULTIPART_MIXED, mt)),
-        }
-        part_addr.pop();
-    }
-    Ok(flatten_body_parts(&parts))
-}
-
-fn unhandled_html(parent_type: &str, child_type: &str) -> Body {
-    Body::Html(Html {
-        html: format!(
-            r#"
-<div class="p-4 error">
-Unhandled mimetype {child_type} in a {parent_type} message
-</div>
-    "#
-        ),
-        content_tree: String::new(),
-    })
-}
-fn flatten_body_parts(parts: &[Body]) -> Body {
-    let html = parts
-        .iter()
-        .map(|p| match p {
-            Body::PlainText(PlainText { text, .. }) => {
-                format!(
-                    r#"<p class="view-part-text-plain font-mono whitespace-pre-line">{}</p>"#,
-                    // Trim newlines to prevent excessive white space at the beginning/end of
-                    // presenation. Leave tabs and spaces incase plain text attempts to center a
-                    // header on the first line.
-                    linkify_html(&html_escape::encode_text(text).trim_matches('\n'))
-                )
-            }
-            Body::Html(Html { html, .. }) => html.clone(),
-            Body::UnhandledContentType(UnhandledContentType { text, .. }) => {
-                error!("text len {}", text.len());
-                format!(
-                    r#"<p class="view-part-unhandled">{}</p>"#,
-                    // Trim newlines to prevent excessive white space at the beginning/end of
-                    // presenation. Leave tabs and spaces incase plain text attempts to center a
-                    // header on the first line.
-                    linkify_html(&html_escape::encode_text(text).trim_matches('\n'))
-                )
-            }
-        })
-        .collect::<Vec<_>>()
-        .join("\n");
-
-    info!("flatten_body_parts {}", parts.len());
-    Body::html(html)
-}
-
-fn extract_related(m: &ParsedMail, part_addr: &mut Vec<String>) -> Result<Body, ServerError> {
-    // TODO(wathiede): collect related things and change return type to new Body arm.
-    let handled_types = vec![
-        MULTIPART_ALTERNATIVE,
-        TEXT_HTML,
-        TEXT_PLAIN,
-        IMAGE_JPEG,
-        IMAGE_PJPEG,
-        IMAGE_PNG,
-    ];
-    let mut unhandled_types: Vec<_> = m
-        .subparts
-        .iter()
-        .map(|sp| sp.ctype.mimetype.as_str())
-        .filter(|mt| !handled_types.contains(&mt))
-        .collect();
-    unhandled_types.sort();
-    if !unhandled_types.is_empty() {
-        warn!("{MULTIPART_RELATED} contains the following unhandled mimetypes {unhandled_types:?}");
-    }
-
-    for (i, sp) in m.subparts.iter().enumerate() {
-        if sp.ctype.mimetype == IMAGE_PNG
-            || sp.ctype.mimetype == IMAGE_JPEG
-            || sp.ctype.mimetype == IMAGE_PJPEG
-        {
-            info!("sp.ctype {:#?}", sp.ctype);
-            //info!("sp.headers {:#?}", sp.headers);
-            if let Some(cid) = sp.headers.get_first_value("Content-Id") {
-                let mut part_id = part_addr.clone();
-                part_id.push(i.to_string());
-                info!("cid: {cid} part_id {part_id:?}");
-            }
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype == MULTIPART_ALTERNATIVE {
-            return extract_alternative(m, part_addr);
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype == TEXT_HTML {
-            let body = sp.get_body()?;
-            return Ok(Body::html(body));
-        }
-    }
-    for sp in &m.subparts {
-        if sp.ctype.mimetype == TEXT_PLAIN {
-            let body = sp.get_body()?;
-            return Ok(Body::text(body));
-        }
-    }
-    Err(ServerError::StringError(format!(
-        "extract_related failed to find suitable subpart, searched: {:?}",
-        handled_types
-    )))
-}
-
-fn walk_attachments<T, F: Fn(&ParsedMail, &[usize]) -> Option<T> + Copy>(
-    m: &ParsedMail,
-    visitor: F,
-) -> Option<T> {
-    let mut cur_addr = Vec::new();
-    walk_attachments_inner(m, visitor, &mut cur_addr)
-}
-
-fn walk_attachments_inner<T, F: Fn(&ParsedMail, &[usize]) -> Option<T> + Copy>(
-    m: &ParsedMail,
-    visitor: F,
-    cur_addr: &mut Vec<usize>,
-) -> Option<T> {
-    for (idx, sp) in m.subparts.iter().enumerate() {
-        cur_addr.push(idx);
-        let val = visitor(sp, &cur_addr);
-        if val.is_some() {
-            return val;
-        }
-        let val = walk_attachments_inner(sp, visitor, cur_addr);
-        if val.is_some() {
-            return val;
-        }
-        cur_addr.pop();
-    }
-    None
-}
-
-// TODO(wathiede): make this walk_attachments that takes a closure.
-// Then implement one closure for building `Attachment` and imlement another that can be used to
-// get the bytes for serving attachments of HTTP
-fn extract_attachments(m: &ParsedMail, id: &str) -> Result<Vec<Attachment>, ServerError> {
-    let mut attachments = Vec::new();
-    for (idx, sp) in m.subparts.iter().enumerate() {
-        if let Some(attachment) = extract_attachment(sp, id, &[idx]) {
-            // Filter out inline attachements, they're flattened into the body of the message.
-            if attachment.disposition == DispositionType::Attachment {
-                attachments.push(attachment);
-            }
-        }
-    }
-    Ok(attachments)
-}
-
-fn extract_attachment(m: &ParsedMail, id: &str, idx: &[usize]) -> Option<Attachment> {
-    let pcd = m.get_content_disposition();
-    let pct = m
-        .get_headers()
-        .get_first_value("Content-Type")
-        .map(|s| parse_content_type(&s));
-    let filename = match (
-        pcd.params.get("filename").map(|f| f.clone()),
-        pct.map(|pct| pct.params.get("name").map(|f| f.clone())),
-    ) {
-        // Use filename from Content-Disposition
-        (Some(filename), _) => filename,
-        // Use filename from Content-Type
-        (_, Some(Some(name))) => name,
-        // No known filename, assume it's not an attachment
-        _ => return None,
-    };
-    info!("filename {filename}");
-
-    // TODO: grab this from somewhere
-    let content_id = None;
-    let bytes = match m.get_body_raw() {
-        Ok(bytes) => bytes,
-        Err(err) => {
-            error!("failed to get body for attachment: {err}");
-            return None;
-        }
-    };
-    return Some(Attachment {
-        id: id.to_string(),
-        idx: idx
-            .iter()
-            .map(|i| i.to_string())
-            .collect::<Vec<_>>()
-            .join("."),
-        disposition: pcd.disposition.into(),
-        filename: Some(filename),
-        size: bytes.len(),
-        // TODO: what is the default for ctype?
-        // TODO: do we want to use m.ctype.params for anything?
-        content_type: Some(m.ctype.mimetype.clone()),
-        content_id,
-        bytes,
-    });
-}
-fn email_address_strings(emails: &[Email]) -> Vec<String> {
-    emails
-        .iter()
-        .map(|e| e.to_string())
-        .inspect(|e| info!("e {e}"))
-        .collect()
-}
-
-fn extract_rfc822(m: &ParsedMail, part_addr: &mut Vec<String>) -> Result<Body, ServerError> {
-    fn extract_headers(m: &ParsedMail) -> Result<Body, ServerError> {
-        let path = "<in-memory>";
-        let from = email_address_strings(&email_addresses(path, &m, "from")?).join(", ");
-        let to = email_address_strings(&email_addresses(path, &m, "to")?).join(", ");
-        let cc = email_address_strings(&email_addresses(path, &m, "cc")?).join(", ");
-        let date = m.headers.get_first_value("date").unwrap_or(String::new());
-        let subject = m
-            .headers
-            .get_first_value("subject")
-            .unwrap_or(String::new());
-        let text = format!(
-            r#"
----------- Forwarded message ----------
-From: {from}
-To: {to}
-CC: {cc}
-Date: {date}
-Subject: {subject}
-"#
-        );
-        Ok(Body::text(text))
-    }
-    let inner_body = m.get_body()?;
-    let inner_m = parse_mail(inner_body.as_bytes())?;
-    let headers = extract_headers(&inner_m)?;
-    let body = extract_body(&inner_m, part_addr)?;
-
-    Ok(flatten_body_parts(&[headers, body]))
-}
-
-pub fn get_attachment_filename(header_value: &str) -> &str {
-    info!("get_attachment_filename {header_value}");
-    // Strip last "
-    let v = &header_value[..header_value.len() - 1];
-    if let Some(idx) = v.rfind('"') {
-        &v[idx + 1..]
-    } else {
-        ""
-    }
-}
-
-pub fn get_content_type<'a>(headers: &[MailHeader<'a>]) -> Option<String> {
-    if let Some(v) = headers.get_first_value("Content-Type") {
-        if let Some(idx) = v.find(';') {
-            return Some(v[..idx].to_string());
-        } else {
-            return Some(v);
-        }
-    }
-    None
-}
-
-fn get_content_id<'a>(headers: &[MailHeader<'a>]) -> Option<String> {
-    headers.get_first_value("Content-Id")
-}
-
-fn render_content_type_tree(m: &ParsedMail) -> String {
-    const WIDTH: usize = 4;
-    const SKIP_HEADERS: [&str; 4] = [
-        "Authentication-Results",
-        "DKIM-Signature",
-        "Received",
-        "Received-SPF",
-    ];
-    fn render_ct_rec(m: &ParsedMail, depth: usize) -> String {
-        let mut parts = Vec::new();
-        let msg = format!("{} {}", "-".repeat(depth * WIDTH), m.ctype.mimetype);
-        parts.push(msg);
-        for sp in &m.subparts {
-            parts.push(render_ct_rec(sp, depth + 1))
-        }
-        parts.join("\n")
-    }
-    fn render_rec(m: &ParsedMail, depth: usize) -> String {
-        let mut parts = Vec::new();
-        let msg = format!("{} {}", "-".repeat(depth * WIDTH), m.ctype.mimetype);
-        parts.push(msg);
-        let indent = " ".repeat(depth * WIDTH);
-        if !m.ctype.charset.is_empty() {
-            parts.push(format!("{indent} Character Set: {}", m.ctype.charset));
-        }
-        for (k, v) in m.ctype.params.iter() {
-            parts.push(format!("{indent} {k}: {v}"));
-        }
-        if !m.headers.is_empty() {
-            parts.push(format!("{indent} == headers =="));
-            for h in &m.headers {
-                if h.get_key().starts_with('X') {
-                    continue;
-                }
-                if SKIP_HEADERS.contains(&h.get_key().as_str()) {
-                    continue;
-                }
-
-                parts.push(format!("{indent} {}: {}", h.get_key_ref(), h.get_value()));
-            }
-        }
-        for sp in &m.subparts {
-            parts.push(render_rec(sp, depth + 1))
-        }
-        parts.join("\n")
-    }
-    format!(
-        "Outline:\n{}\n\nDetailed:\n{}\n\nNot showing headers:\n  {}\n  X.*",
-        render_ct_rec(m, 1),
-        render_rec(m, 1),
-        SKIP_HEADERS.join("\n  ")
-    )
-}
-
 #[instrument(name="nm::set_read_status", skip_all, fields(query=%query, unread=unread))]
 pub async fn set_read_status<'ctx>(
     nm: &Notmuch,
@@ -896,7 +506,7 @@ pub async fn set_read_status<'ctx>(
         .iter()
         .filter(|uid| is_notmuch_thread_or_id(uid))
         .collect();
-    info!("set_read_status({unread} {uids:?})");
+    info!("set_read_status({} {:?})", unread, uids);
     for uid in uids {
         if unread {
             nm.tag_add("unread", uid)?;
@@ -911,21 +521,12 @@ async fn photo_url_for_email_address(
     pool: &PgPool,
     addr: &str,
 ) -> Result<Option<String>, ServerError> {
-    let row = sqlx::query!(
-        r#"
-SELECT
-  url
-FROM email_photo ep
-JOIN email_address ea
-ON ep.id = ea.email_photo_id
-WHERE
-  address = $1
-    "#,
-        addr
-    )
+    let row =
+        sqlx::query_as::<_, (String,)>(include_str!("../sql/photo_url_for_email_address.sql"))
+            .bind(addr)
             .fetch_optional(pool)
             .await?;
-    Ok(row.map(|r| r.url))
+    Ok(row.map(|r| r.0))
 }
 
 /*
@@ -949,18 +550,15 @@ pub async fn label_unprocessed(
     use futures::StreamExt;
     let ids = nm.message_ids(query)?;
     info!(
-        "Processing {limit:?} of {} messages with '{query}'",
-        ids.len()
+        "Processing {:?} of {} messages with '{}'",
+        limit,
+        ids.len(),
+        query
     );
-    let rules: Vec<_> = sqlx::query!(
-        r#"
-        SELECT rule as "rule: Json<Rule>"
-        FROM email_rule
-        ORDER BY sort_order
-        "#,
-    )
+    let rules: Vec<_> =
+        sqlx::query_as::<_, (Json<Rule>,)>(include_str!("../sql/label_unprocessed.sql"))
             .fetch(pool)
-    .map(|r| r.unwrap().rule.0)
+            .map(|r| r.unwrap().0 .0)
             .collect()
             .await;
     /*
@@ -983,11 +581,11 @@ pub async fn label_unprocessed(
     let mut add_mutations = HashMap::new();
     let mut rm_mutations = HashMap::new();
     for id in ids {
-        let id = format!("id:{id}");
+        let id = format!("id:{}", id);
         let files = nm.files(&id)?;
         // Only process the first file path is multiple files have the same id
         let Some(path) = files.iter().next() else {
-            error!("No files for message-ID {id}");
+            error!("No files for message-ID {}", id);
             let t = "Letterbox/Bad";
             nm.tag_add(t, &id)?;
             let t = "unprocessed";
@@ -995,12 +593,12 @@ pub async fn label_unprocessed(
             continue;
         };
         let file = File::open(&path)?;
-        info!("parsing {path}");
+        info!("parsing {}", path);
         let mmap = unsafe { MmapOptions::new().map(&file)? };
         let m = match info_span!("parse_mail", path = path).in_scope(|| parse_mail(&mmap)) {
             Ok(m) => m,
             Err(err) => {
-                error!("Failed to parse {path}: {err}");
+                error!("Failed to parse {}: {}", path, err);
                 let t = "Letterbox/Bad";
                 nm.tag_add(t, &id)?;
                 let t = "unprocessed";
@@ -1012,7 +610,8 @@ pub async fn label_unprocessed(
         if matched_rule {
             if dryrun {
                 info!(
-                    "\nAdd tags: {add_tags:?}\nTo: {} From: {} Subject: {}\n",
+                    "\nAdd tags: {:?}\nTo: {} From: {} Subject: {}\n",
+                    add_tags,
                     m.headers.get_first_value("to").expect("no from header"),
                     m.headers.get_first_value("from").expect("no from header"),
                     m.headers
@@ -1067,7 +666,7 @@ pub async fn label_unprocessed(
     }
     info!("Adding {} distinct labels", add_mutations.len());
     for (tag, ids) in add_mutations.iter() {
-        info!("  {tag}: {}", ids.len());
+        info!("  {}: {}", tag, ids.len());
         if !dryrun {
             let ids: Vec<_> = ids.iter().map(|s| s.as_str()).collect();
             info_span!("tags_add", tag = tag, count = ids.len())
@@ -1076,7 +675,7 @@ pub async fn label_unprocessed(
     }
     info!("Removing {} distinct labels", rm_mutations.len());
     for (tag, ids) in rm_mutations.iter() {
-        info!("  {tag}: {}", ids.len());
+        info!("  {}: {}", tag, ids.len());
         if !dryrun {
             let ids: Vec<_> = ids.iter().map(|s| s.as_str()).collect();
             info_span!("tags_remove", tag = tag, count = ids.len())
@@ -1092,7 +691,7 @@ fn find_tags<'a, 'b>(rules: &'a [Rule], headers: &'b [MailHeader]) -> (bool, Has
     for rule in rules {
         for hdr in headers {
             if rule.is_match(&hdr.get_key(), &hdr.get_value()) {
-                //info!("Matched {rule:?}");
+                //info!("Matched {:?}", rule);
                 matched_rule = true;
                 add_tags.insert(rule.tag.as_str());
                 if rule.stop_on_match {
@@ -1101,5 +700,118 @@ fn find_tags<'a, 'b>(rules: &'a [Rule], headers: &'b [MailHeader]) -> (bool, Has
             }
         }
     }
-    return (matched_rule, add_tags);
+    (matched_rule, add_tags)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    const REPORT_V1: &str = r#"
+    {
+        "organization-name": "Google Inc.",
+        "date-range": {
+            "start-datetime": "2025-08-09T00:00:00Z",
+            "end-datetime": "2025-08-09T23:59:59Z"
+        },
+        "contact-info": "smtp-tls-reporting@google.com",
+        "report-id": "2025-08-09T00:00:00Z_xinu.tv",
+        "policies": [
+            {
+                "policy": {
+                    "policy-type": "sts",
+                    "policy-string": [
+                        "version: STSv1",
+                        "mode: testing",
+                        "mx: mail.xinu.tv",
+                        "max_age: 86400"
+                    ],
+                    "policy-domain": "xinu.tv"
+                },
+                "summary": {
+                    "total-successful-session-count": 20,
+                    "total-failure-session-count": 0
+                }
+            }
+        ]
+    }
+    "#;
+
+    // The following constants are kept for future test expansion, but are currently unused.
+    /*
+    const REPORT_V2: &str = r#"
+    {
+        "organization-name": "Google Inc.",
+        "date-range": {
+            "start-datetime": "2025-08-09T00:00:00Z",
+            "end-datetime": "2025-08-09T23:59:59Z"
+        },
+        "contact-info": "smtp-tls-reporting@google.com",
+        "report-id": "2025-08-09T00:00:00Z_xinu.tv",
+        "policies": [
+            {
+                "policy": {
+                    "policy-type": "sts",
+                    "policy-string": [
+                        "version: STSv1",
+                        "mode": "testing",
+                        "mx": "mail.xinu.tv",
+                        "max_age": "86400"
+                    ],
+                    "policy-domain": "xinu.tv",
+                    "mx-host": [
+                        "mail.xinu.tv"
+                    ]
+                },
+                "summary": {
+                    "total-successful-session-count": 3,
+                    "total-failure-session-count": 0
+                }
+            }
+        ]
+    }
+    "#;
+
+    const REPORT_V3: &str = r#"
+    {
+        "organization-name": "Google Inc.",
+        "date-range": {
+            "start-datetime": "2025-08-09T00:00:00Z",
+            "end-datetime": "2025-08-09T23:59:59Z"
+        },
+        "contact-info": "smtp-tls-reporting@google.com",
+        "report-id": "2025-08-09T00:00:00Z_xinu.tv",
+        "policies": [
+            {
+                "policy": {
+                    "policy-type": "sts",
+                    "policy-string": [
+                        "version: STSv1",
+                        "mode": "testing",
+                        "mx": "mail.xinu.tv",
+                        "max_age": "86400"
+                    ],
+                    "policy-domain": "xinu.tv",
+                    "mx-host": [
+                        {
+                            "hostname": "mail.xinu.tv",
+                            "failure-count": 0,
+                            "result-type": "success"
+                        }
+                    ]
+                },
+                "summary": {
+                    "total-successful-session-count": 3,
+                    "total-failure-session-count": 0
+                }
+            }
+        ]
+    }
+    "#;
+    */
+
+    #[test]
+    fn test_parse_tls_report_v1() {
+        let _report: TlsRpt = serde_json::from_str(REPORT_V1).unwrap();
+    }
 }

server/templates/dmarc_report.html

@@ -0,0 +1,99 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>DMARC Report</title>
+</head>
+<body>
+    {% if report.report_metadata.is_some() %}
+        {% let meta = report.report_metadata.as_ref().unwrap() %}
+        <b>Reporter:</b> {{ meta.org_name }}<br>
+        <b>Contact:</b> {{ meta.email }}<br>
+        <b>Report ID:</b> {{ meta.report_id }}<br>
+        {% if meta.date_range.is_some() %}
+            {% let dr = meta.date_range.as_ref().unwrap() %}
+            <b>Date range:</b>
+            {{ dr.begin }}
+            to
+            {{ dr.end }}
+            <br>
+        {% endif %}
+    {% endif %}
+
+    {% if report.policy_published.is_some() %}
+        {% let pol = report.policy_published.as_ref().unwrap() %}
+        <b>Policy Published:</b>
+        <ul>
+            <li>Domain: {{ pol.domain }}</li>
+            <li>ADKIM: {{ pol.adkim }}</li>
+            <li>ASPF: {{ pol.aspf }}</li>
+            <li>Policy: {{ pol.p }}</li>
+            <li>Subdomain Policy: {{ pol.sp }}</li>
+            <li>Percent: {{ pol.pct }}</li>
+        </ul>
+    {% endif %}
+
+    {% if report.record.is_some() %}
+        <b>Records:</b>
+        <table style="border-collapse:collapse;width:100%;font-size:0.95em;">
+            <thead>
+                <tr style="background:#f0f0f0;">
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Source IP</th>
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Count</th>
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Header From</th>
+                    {% if report.has_envelope_to %}
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Envelope To</th>
+                    {% endif %}
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Disposition</th>
+                    <th style="border:1px solid #bbb;padding:4px 8px;">DKIM</th>
+                    <th style="border:1px solid #bbb;padding:4px 8px;">SPF</th>
+                    <th style="border:1px solid #bbb;padding:4px 8px;">Auth Results</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for rec in report.record.as_ref().unwrap() %}
+                    <tr>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.source_ip }}</td>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.count }}</td>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.header_from }}</td>
+                        {% if report.has_envelope_to %}
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.envelope_to }}</td>
+                        {% endif %}
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.disposition }}</td>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.dkim }}</td>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">{{ rec.spf }}</td>
+                        <td style="border:1px solid #bbb;padding:4px 8px;">
+                            {% if rec.auth_results.is_some() %}
+                                {% let auth = rec.auth_results.as_ref().unwrap() %}
+                                {% for dkimres in auth.dkim %}
+                                        <span style="white-space:nowrap;">
+                                            DKIM: domain=<b>{{ dkimres.domain }}</b>
+                                            selector=<b>{{ dkimres.selector }}</b>
+                                            result=<b>{{ dkimres.result }}</b>
+                                        </span><br>
+                                    {% endfor %}
+
+                                {% for spfres in auth.spf %}
+                                        <span style="white-space:nowrap;">
+                                            SPF: domain=<b>{{ spfres.domain }}</b>
+                                            scope=<b>{{ spfres.scope }}</b>
+                                            result=<b>{{ spfres.result }}</b>
+                                        </span><br>
+                                    {% endfor %}
+
+                            {% for reason in rec.reason %}
+                                <span style="white-space:nowrap;">Reason: {{ reason }}</span><br>
+                            {% endfor %}
+
+                            {% endif %}
+                        </td>
+                    </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    {% endif %}
+
+    {% if report.report_metadata.is_none() && report.policy_published.is_none() && report.record.is_none() %}
+        <p>No DMARC summary found.</p>
+    {% endif %}
+</body>
+</html>

server/templates/ical_summary.html

@@ -0,0 +1,108 @@
+<style>
+    .ical-flex {
+        display: flex;
+        flex-direction: row;
+        flex-wrap: wrap;
+        align-items: stretch;
+        gap: 0.5em;
+        max-width: 700px;
+        width: 100%;
+    }
+
+    .ical-flex .summary-block {
+        flex: 1 1 0%;
+    }
+
+    .ical-flex .calendar-block {
+        flex: none;
+        margin-left: auto;
+    }
+
+    @media (max-width: 599px) {
+        .ical-flex {
+            flex-direction: column;
+        }
+
+        .ical-flex>div.summary-block {
+            margin-bottom: 0.5em;
+            margin-left: 0;
+        }
+
+        .ical-flex>div.calendar-block {
+            margin-left: 0;
+        }
+    }
+</style>
+<div class="ical-flex">
+    <div class="summary-block"
+        style="background:#f7f7f7; border-radius:8px; box-shadow:0 2px 8px #bbb; padding:16px 18px; margin:0 0 8px 0; min-width:220px; max-width:700px; font-size:15px; color:#222;">
+        <div
+            style="display: flex; flex-direction: row; flex-wrap: wrap; align-items: flex-start; gap: 0.5em; width: 100%;">
+            <div style="flex: 1 1 220px; min-width: 180px;">
+                <div style="font-size:17px; font-weight:bold; margin-bottom:8px; color:#333;"><b>Summary:</b> {{ summary
+                    }}</div>
+                <div style="margin-bottom:4px;"><b>Start:</b> {{ local_fmt_start }}</div>
+                <div style="margin-bottom:4px;"><b>End:</b> {{ local_fmt_end }}</div>
+                {% if !organizer_cn.is_empty() %}
+                <div style="margin-bottom:4px;"><b>Organizer:</b> {{ organizer_cn }}</div>
+                {% elif !organizer.is_empty() %}
+                <div style="margin-bottom:4px;"><b>Organizer:</b> {{ organizer }}</div>
+                {% endif %}
+            </div>
+            {% if all_days.len() > 0 %}
+            <div class="calendar-block" style="flex: none; margin-left: auto; min-width: 180px;">
+                <table class="ical-month"
+                    style="border-collapse:collapse; min-width:220px; background:#fff; box-shadow:0 2px 8px #bbb; font-size:14px; margin:0;">
+                    <caption
+                        style="caption-side:top; text-align:center; font-weight:bold; font-size:16px; padding-bottom:8px 0;">
+                        {{ caption }}</caption>
+                    <thead>
+                        <tr>
+                            {% for wd in ["Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"] %}
+                            <th
+                                style="padding:4px 6px; border-bottom:1px solid #ccc; color:#666; font-weight:600; background:#f7f7f7">
+                                {{ wd }}</th>
+                            {% endfor %}
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for week in all_days|batch(7) %}
+                        <tr>
+                            {% for day in week %}
+                            {% if event_days.contains(day) && today.is_some() && today.unwrap() == day %}
+                            <td
+                                style="background:#ffd700; color:#222; font-weight:bold; border:2px solid #2196f3; border-radius:4px; text-align:center; box-shadow:0 0 0 2px #2196f3;">
+                                {{ day.day() }}
+                            </td>
+                            {% elif event_days.contains(day) %}
+                            <td
+                                style="background:#ffd700; color:#222; font-weight:bold; border:1px solid #aaa; border-radius:4px; text-align:center;">
+                                {{ day.day() }}
+                            </td>
+                            {% elif today.is_some() && today.unwrap() == day %}
+                            <td
+                                style="border:2px solid #2196f3; border-radius:4px; text-align:center; background:#e3f2fd; color:#222; box-shadow:0 0 0 2px #2196f3;">
+                                {{ day.day() }}
+                            </td>
+                            {% else %}
+                            <td style="border:1px solid #eee; text-align:center;background:#f7f7f7;color:#bbb;">
+                                {{ day.day() }}
+                            </td>
+                            {% endif %}
+                            {% endfor %}
+                        </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
+            </div>
+            {% endif %}
+        </div>
+    </div>
+</div>
+{% if !description_paragraphs.is_empty() %}
+<div style="max-width:700px; width:100%;">
+    {% for p in description_paragraphs %}
+    <p style="margin: 0 0 8px 0; color:#444;">{{ p }}</p>
+    {% endfor %}
+</div>
+{% endif %}

server/templates/tls_report.html

@@ -0,0 +1,48 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>TLS Report</title>
+</head>
+
+<body>
+    <h3>TLS Report Summary:</h3>
+    <p>Organization: {{ report.organization_name }}</p>
+    <p>Date Range: {{ report.date_range.start_datetime }} to {{ report.date_range.end_datetime }}</p>
+    <p>Contact: {{ report.contact_info }}</p>
+    <p>Report ID: {{ report.report_id }}</p>
+
+    <h4><b>Policies:</b></h4>
+    {% for policy in report.policies %}
+    <h5><b>Policy Domain:</b> {{ policy.policy.policy_domain }}</h5>
+    <ul>
+        <li><b>Policy Type:</b> {{ policy.policy.policy_type }}</li>
+        <li><b>Policy String:</b> {{ policy.policy.policy_string | join(", ") }}</li>
+        <li><b>Successful Sessions:</b> {{ policy.summary.total_successful_session_count }}</li>
+        <li><b>Failed Sessions:</b> {{ policy.summary.total_failure_session_count }}</li>
+    </ul>
+
+    <ul>
+        {% for mx_host in policy.policy.mx_host %}
+        <li><b>Hostname:</b> {{ mx_host.hostname }}, <b>Failures:</b> {{ mx_host.failure_count }}, <b>Result:</b> {{
+            mx_host.result_type }}</li>
+        {% endfor %}
+    </ul>
+
+    <ul>
+        {% for detail in policy.failure_details %}
+        <li><b>Result:</b> {{ detail.result_type }}, <b>Sending IP:</b> {{ detail.sending_mta_ip }}, <b>Failed
+                Sessions:</b> {{ detail.failed_session_count }}
+            {% if detail.failure_reason_code != "" %}
+            (<b>Reason:</b> {{ detail.failure_reason_code }})
+            {% endif %}
+        </li>
+        (<b>Receiving IP:</b> {{ detail.receiving_ip }})
+        (<b>Receiving MX:</b> {{ detail.receiving_mx_hostname }})
+        (<b>Additional Info:</b> {{ detail.additional_info }})
+        {% endfor %}
+    </ul>
+    {% endfor %}
+</body>
+
+</html>

server/testdata/dmarc-example-no-envelope-to.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<feedback>
+    <version>1.0</version>
+    <report_metadata>
+        <org_name>google.com</org_name>
+        <email>noreply-dmarc-support@google.com</email>
+        <extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info>
+        <report_id>5142106658860834914</report_id>
+        <date_range>
+            <begin>1755302400</begin>
+            <end>1755388799</end>
+        </date_range>
+    </report_metadata>
+    <policy_published>
+        <domain>xinu.tv</domain>
+        <adkim>s</adkim>
+        <aspf>s</aspf>
+        <p>quarantine</p>
+        <sp>reject</sp>
+        <pct>100</pct>
+        <np>reject</np>
+    </policy_published>
+    <record>
+        <row>
+            <source_ip>74.207.253.222</source_ip>
+            <count>1</count>
+            <policy_evaluated>
+                <disposition>none</disposition>
+                <dkim>pass</dkim>
+                <spf>pass</spf>
+            </policy_evaluated>
+        </row>
+        <identifiers>
+            <header_from>xinu.tv</header_from>
+        </identifiers>
+        <auth_results>
+            <dkim>
+                <domain>xinu.tv</domain>
+                <result>pass</result>
+                <selector>mail</selector>
+            </dkim>
+            <spf>
+                <domain>xinu.tv</domain>
+                <result>pass</result>
+            </spf>
+        </auth_results>
+    </record>
+</feedback>

server/testdata/dmarc-example.xml

@@ -0,0 +1,78 @@
+<?xml version="1.0"?>
+<feedback xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <version>1.0</version>
+    <report_metadata>
+        <org_name>Outlook.com</org_name>
+        <email>dmarcreport@microsoft.com</email>
+        <report_id>e6c5a2ce6e074d7d8cd041a0d6f32a3d</report_id>
+        <date_range>
+            <begin>1755302400</begin>
+            <end>1755388800</end>
+        </date_range>
+    </report_metadata>
+    <policy_published>
+        <domain>xinu.tv</domain>
+        <adkim>s</adkim>
+        <aspf>s</aspf>
+        <p>quarantine</p>
+        <sp>reject</sp>
+        <pct>100</pct>
+        <fo>1</fo>
+    </policy_published>
+    <record>
+        <row>
+            <source_ip>74.207.253.222</source_ip>
+            <count>1</count>
+            <policy_evaluated>
+                <disposition>none</disposition>
+                <dkim>pass</dkim>
+                <spf>pass</spf>
+            </policy_evaluated>
+        </row>
+        <identifiers>
+            <envelope_to>msn.com</envelope_to>
+            <envelope_from>xinu.tv</envelope_from>
+            <header_from>xinu.tv</header_from>
+        </identifiers>
+        <auth_results>
+            <dkim>
+                <domain>xinu.tv</domain>
+                <selector>mail</selector>
+                <result>pass</result>
+            </dkim>
+            <spf>
+                <domain>xinu.tv</domain>
+                <scope>mfrom</scope>
+                <result>pass</result>
+            </spf>
+        </auth_results>
+    </record>
+    <record>
+        <row>
+            <source_ip>74.207.253.222</source_ip>
+            <count>1</count>
+            <policy_evaluated>
+                <disposition>none</disposition>
+                <dkim>pass</dkim>
+                <spf>pass</spf>
+            </policy_evaluated>
+        </row>
+        <identifiers>
+            <envelope_to>hotmail.com</envelope_to>
+            <envelope_from>xinu.tv</envelope_from>
+            <header_from>xinu.tv</header_from>
+        </identifiers>
+        <auth_results>
+            <dkim>
+                <domain>xinu.tv</domain>
+                <selector>mail</selector>
+                <result>pass</result>
+            </dkim>
+            <spf>
+                <domain>xinu.tv</domain>
+                <scope>mfrom</scope>
+                <result>pass</result>
+            </spf>
+        </auth_results>
+    </record>
+</feedback>

server/testdata/google-calendar-example.eml

@@ -0,0 +1,169 @@
+Return-Path: <couchmoney+caf_=gmail=xinu.tv@gmail.com>
+Delivered-To: bill@xinu.tv
+Received: from phx.xinu.tv [74.207.253.222]
+	by nixos-01.h.xinu.tv with IMAP (fetchmail-6.4.39)
+	for <wathiede@localhost> (single-drop); Mon, 02 Jun 2025 07:06:34 -0700 (PDT)
+Received: from phx.xinu.tv
+	by phx.xinu.tv with LMTP
+	id qDo+FuqvPWh51xIAJR8clQ
+	(envelope-from <couchmoney+caf_=gmail=xinu.tv@gmail.com>)
+	for <bill@xinu.tv>; Mon, 02 Jun 2025 07:06:34 -0700
+X-Original-To: gmail@xinu.tv
+Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=2a00:1450:4864:20::130; helo=mail-lf1-x130.google.com; envelope-from=couchmoney+caf_=gmail=xinu.tv@gmail.com; receiver=xinu.tv 
+Authentication-Results: phx.xinu.tv;
+	dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20230601 header.b=zT2yUtVH;
+	dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=nmJW8N67
+Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130])
+	by phx.xinu.tv (Postfix) with ESMTPS id 912AC80034
+	for <gmail@xinu.tv>; Mon, 02 Jun 2025 07:06:32 -0700 (PDT)
+Received: by mail-lf1-x130.google.com with SMTP id 2adb3069b0e04-54e7967cf67so5267078e87.0
+        for <gmail@xinu.tv>; Mon, 02 Jun 2025 07:06:32 -0700 (PDT)
+ARC-Seal: i=2; a=rsa-sha256; t=1748873190; cv=pass;
+        d=google.com; s=arc-20240605;
+        b=W3s0wT+CV1W21AldY9lfxPlKRbc7XMoorEnilNq5iGjlw18vDM6eFPb+btqaGAPOPe
+         CMyGeinsFPuql+S7u6HgjZcf9ZFH71sKoFoQytm30hAXB76GO06qi1jRW6o0miuGt/j/
+         bb8qWAiAsGr34mHIbE5fBdkNOGcqW85oI78GolLqpROgn/42boEYxiGAQjybPtO4L84J
+         wP2RBkHiQQGXUjL6b02tozCji1w2XdfYqtW8RteUs1pqYdXl4GUilMLt5C0d2bhSGksS
+         3tMTFjuycbaj+F6QFCkQfEsHx/I7GjuD4mToLcYpzrNnmZZUidAoKuh+uin0cEVvnQ1j
+         V8aA==
+ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
+        h=to:from:subject:date:message-id:auto-submitted:sender:reply-to
+         :mime-version:dkim-signature:dkim-signature:delivered-to;
+        bh=dgRmOj3aABlB3SNw+xxlI8L9ugJFZ1WMJrtLw/W8tnA=;
+        fh=5zy5Gi9ngAea7dC9ZKKPh/BZlFmotJq74g9KHrEIwaE=;
+        b=QTAjqit0gYnuGa1lbO9RUXOVpyutliNo+tG6irWFsjGhnvMkis2KdLb6saYPnLCG7F
+         rSRXvw0HwuaJfXAV3XvIT0pxTg3PXYnc8kt/F8OtG+LiakJbMV1soj8OJ+5lZPKFmvna
+         i2T5mJjEknZsc9qWYmaAEVqIg71jhPH5CjJyehNhsIJ1/O9CH4VF8L0yv9KUMAA4tzog
+         LfI+SpOE2z/wYuMDxi2Ld3FgaVCQgkMM2Tlys8P0DjCaewWeaZFmZKIEEZUbKWbrivTa
+         RSO+Us+9yrt8hDdJuvtf9eXsGvuZtdj/2APRts/0cd7SFAQqRd0DnhGIHoXR74YVHaqi
+         U7IQ==;
+        darn=xinu.tv
+ARC-Authentication-Results: i=2; mx.google.com;
+       dkim=pass header.i=@google.com header.s=20230601 header.b=zT2yUtVH;
+       dkim=pass header.i=@gmail.com header.s=20230601 header.b=nmJW8N67;
+       spf=pass (google.com: domain of tconvertino@gmail.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=tconvertino@gmail.com;
+       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
+       dara=pass header.i=@gmail.com
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
+        d=1e100.net; s=20230601; t=1748873190; x=1749477990;
+        h=to:from:subject:date:message-id:auto-submitted:sender:reply-to
+         :mime-version:dkim-signature:dkim-signature:delivered-to
+         :x-forwarded-for:x-forwarded-to:x-gm-message-state:from:to:cc
+         :subject:date:message-id:reply-to;
+        bh=dgRmOj3aABlB3SNw+xxlI8L9ugJFZ1WMJrtLw/W8tnA=;
+        b=dBjp6JdmFUj0jKPDo9r2/xvfVSvxKaF15UYwYU7itdM18qpCnrgQdHMP2ST7EQBxou
+         58yZfVjrx84gg9phedpVSg4SaBaPIhXsLuUeVQZtPd7J3WYiH4+OGcecjV+cD0dG0TUi
+         o/FbZULNl3REysvoAj+AwUL/ny2FnNU4PIhkeSq+d6iNztkexIKLS8qWqHosenPlVX+E
+         Z7OGQZpK6m1LB5UbCsaODQq5wbNIxlOxqTP1rCHe/hHk53ljiNegzaOS31mVvp1n8/g1
+         pWIZltyZORs0zi6U9+mNd9ZbaeQjHqBrcb2bsTxCD+u0DBuF2RjLguS/feaB25TG8LAg
+         szYg==
+X-Forwarded-Encrypted: i=2; AJvYcCXfGRAIDqrPsT1vzTMSiuMrlTj/DbRrr+8w7X+iLRH2XK/n8MZhV3UaT0Zia6c6jMrf3s3eHA==@xinu.tv
+X-Gm-Message-State: AOJu0YxOQEmNiUg4NKf4NM1BgQMqTJaFM6txPnL6u74ff1dZvoSgTC4d
+	TtJJqfdHsajxloSGDsSPqIQ/M/Se/sfymEExFQxDXYA/XasA6+sdye/Ihl9QekGJK9jet1VtQ3r
+	dcg89xnFcxezg3ji6xH8jnSULlp350K9K7LR0LfTQqg6e/BEKEF8XDaNgmJC+RQ==
+X-Received: by 2002:a05:6512:2246:b0:553:35bb:f7b7 with SMTP id 2adb3069b0e04-55342f92776mr2472199e87.32.1748873190333;
+        Mon, 02 Jun 2025 07:06:30 -0700 (PDT)
+X-Forwarded-To: gmail@xinu.tv
+X-Forwarded-For: couchmoney@gmail.com gmail@xinu.tv
+Delivered-To: couchmoney@gmail.com
+Received: by 2002:ab3:7457:0:b0:2b1:14e:dc2b with SMTP id g23csp2818972lti;
+        Mon, 2 Jun 2025 07:06:29 -0700 (PDT)
+X-Received: by 2002:a05:6602:6a8b:b0:86c:f898:74b8 with SMTP id ca18e2360f4ac-86d0521552emr1082401939f.10.1748873188734;
+        Mon, 02 Jun 2025 07:06:28 -0700 (PDT)
+ARC-Seal: i=1; a=rsa-sha256; t=1748873188; cv=none;
+        d=google.com; s=arc-20240605;
+        b=d2PNXrTE3VYjml3FmbC5rBW6XnsyuyVO3lPyM6VoVKFcvZ7a8tDRB+sh1ibo0D5Nvg
+         3i/Qon0RV401WFb9NQf5P048wpj19G8bOGPZUKMioBZcSxkr1RwH/GW6GBvGS+d+iqbW
+         43KWc6Px7RGOEeYfp8D88CuJ/5kMcsLMfDV1FRHo6T+chVY6c9fQkHjRreSGQcFXglt5
+         yaCpFKkAODO7rSHl2OW2kQ6eGgR0tUjb95+jdZXoU0GS3119CBYK9n9UhNaeXHIk/Zyy
+         f08r4Ce/m3Y6ISr4ovXxDeYNpeeUN1HT3XVyCVQJHjfWrHypKTiOt4q6yBhCgOgZTXJq
+         pL5A==;
+ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
+        h=to:from:subject:date:message-id:auto-submitted:sender:reply-to
+         :mime-version:dkim-signature:dkim-signature;
+        bh=dgRmOj3aABlB3SNw+xxlI8L9ugJFZ1WMJrtLw/W8tnA=;
+        fh=mbzrMIWIgWMC0ni1xEx+ViW4J0RLAdLdPT2cX81nTlk=;
+        b=YiMakYeE05UctWy9sW90/a3l1Hk1pAPv0+fpk5vmWrADcMwwI8cHVqBp+Nxds5psWa
+         a/zrw9UlxV4HgjLUP+ella/pK8XxK+sitKg0IhPOntwKbq1KfTNheufh4HtWj5yWedHE
+         sO/dVs6z/EW/gWrfBK/3JMgsnz3HrHmaoJ6caCaGI6t5jHxEXI+eJc5zILY+n0MdivkX
+         tJOo0L1s/k6MAdyLr4/IVqpxdhXbUPq44twCBNheHd8T5w1DC9ZXcr54X79fW8Vzbm8/
+         A++H3gnZRGtOayRySYQl04LFLk4YsisdhsKuaJV+WKYCW58wQqJT04mrVkx+m96qr1q0
+         BQtw==;
+        dara=google.com
+ARC-Authentication-Results: i=1; mx.google.com;
+       dkim=pass header.i=@google.com header.s=20230601 header.b=zT2yUtVH;
+       dkim=pass header.i=@gmail.com header.s=20230601 header.b=nmJW8N67;
+       spf=pass (google.com: domain of tconvertino@gmail.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=tconvertino@gmail.com;
+       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
+       dara=pass header.i=@gmail.com
+Received: from mail-sor-f73.google.com (mail-sor-f73.google.com. [209.85.220.73])
+        by mx.google.com with SMTPS id ca18e2360f4ac-86d0213d491sor465078439f.8.2025.06.02.07.06.28
+        for <couchmoney@gmail.com>
+        (Google Transport Security);
+        Mon, 02 Jun 2025 07:06:28 -0700 (PDT)
+Received-SPF: pass (google.com: domain of tconvertino@gmail.com designates 209.85.220.73 as permitted sender) client-ip=209.85.220.73;
+Authentication-Results: mx.google.com;
+       dkim=pass header.i=@google.com header.s=20230601 header.b=zT2yUtVH;
+       dkim=pass header.i=@gmail.com header.s=20230601 header.b=nmJW8N67;
+       spf=pass (google.com: domain of tconvertino@gmail.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=tconvertino@gmail.com;
+       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
+       dara=pass header.i=@gmail.com
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
+        d=google.com; s=20230601; t=1748873188; x=1749477988; dara=google.com;
+        h=to:from:subject:date:message-id:auto-submitted:sender:reply-to
+         :mime-version:from:to:cc:subject:date:message-id:reply-to;
+        bh=dgRmOj3aABlB3SNw+xxlI8L9ugJFZ1WMJrtLw/W8tnA=;
+        b=zT2yUtVHhNy5fFiy6YKzfYCQPlCnufAEoWmbvjvj7mFNYUlLJHZ5FUeNnDs06Z1icR
+         bSVtejKixrz4hjFh9KeKvV9EQNGU7UFgySwqdy6szm+sHZQj+iJAXy85A1QaL6+0Swup
+         2y8QsjVJ96uugM0SaAYZqe+lmLBk6zFWqkg0U37vgwOupAcNsNBd7tos7cxO5eK6Aops
+         FJjr9JAD+ddX03ngH9zfnvlNV/+qbmiP6Hs8OmaJtZof2GLucpHgqUpIdolCh7F72v4p
+         DibO4RShI/IQCw9ejZxhRPBPWQwIdOYLjD/sDunX63M4NCS/63jZfhwqsAVgtmN/cUGq
+         spHQ==
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
+        d=gmail.com; s=20230601; t=1748873188; x=1749477988; dara=google.com;
+        h=to:from:subject:date:message-id:auto-submitted:sender:reply-to
+         :mime-version:from:to:cc:subject:date:message-id:reply-to;
+        bh=dgRmOj3aABlB3SNw+xxlI8L9ugJFZ1WMJrtLw/W8tnA=;
+        b=nmJW8N67IylgMNprzzf/IC7V2r7xeY0+8Bl0KcAak6Xly+IhVv3nyccvgdKsp+8Ccd
+         NcikfVOtCsE3gTqviReUbTAKy7PyClAbBTEHC0Ne71549BN+v8zX64RpGDFJGX5pJMG5
+         r0Ak88nxzjWkvDLhlnHmWdt/NggdQEI6T7oP4VZo0f0/Ym7g1WJhSItfdIhSRDNzK3ed
+         WPRXUIb1sW3+N0My4Os6L4IA9kdRk5z0qpQxtsIL9N0dzv4q18q6eH3KfTzVPr59PsYT
+         uSgkWoLQZdfA70MMlIRU5CnGbVDRH4TO/ib433vIblOmtLTkQ4EaOTzncbs0tovVes4z
+         evsQ==
+X-Google-Smtp-Source: AGHT+IETNpLvkLm7t8VAdDcEcVtxFCttPh/uVZhoQCRlhUNlx9bmg67olJiD9EOND8g0z43NnM8iK4FxezZondExIawx
+MIME-Version: 1.0
+X-Received: by 2002:a05:6602:4183:b0:864:4a1b:dfc5 with SMTP id
+ ca18e2360f4ac-86d052154eamr1431889339f.9.1748873188195; Mon, 02 Jun 2025
+ 07:06:28 -0700 (PDT)
+Reply-To: tconvertino@gmail.com
+Sender: Google Calendar <calendar-notification@google.com>
+Auto-Submitted: auto-generated
+Message-ID: <calendar-093be1c9-5d94-4994-8bc5-7daa1cfae47b@google.com>
+Date: Mon, 02 Jun 2025 14:06:28 +0000
+Subject: New event: Tamara and Scout in Alaska @ Tue Jun 24 - Mon Jun 30, 2025 (tconvertino@gmail.com)
+From: tconvertino@gmail.com
+To: couchmoney@gmail.com
+Content-Type: multipart/alternative; boundary="00000000000023c70606369745e9"
+
+--00000000000023c70606369745e9
+Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes
+Content-Transfer-Encoding: base64
+
+VGFtYXJhIGFuZCBTY291dCBpbiBBbGFza2ENClR1ZXNkYXkgSnVuIDI0IOKAkyBNb25kYXkgSnVu
+IDMwLCAyMDI1DQoNCg0KDQpPcmdhbml6ZXINCnRjb252ZXJ0aW5vQGdtYWlsLmNvbQ0KdGNvbnZl
+cnRpbm9AZ21haWwuY29tDQoNCn5+Ly9+fg0KSW52aXRhdGlvbiBmcm9tIEdvb2dsZSBDYWxlbmRh
+cjogaHR0cHM6Ly9jYWxlbmRhci5nb29nbGUuY29tL2NhbGVuZGFyLw0KDQpZb3UgYXJlIHJlY2Vp
+dmluZyB0aGlzIGVtYWlsIGJlY2F1c2UgeW91IGFyZSBzdWJzY3JpYmVkIHRvIGNhbGVuZGFyICAN
+Cm5vdGlmaWNhdGlvbnMuIFRvIHN0b3AgcmVjZWl2aW5nIHRoZXNlIGVtYWlscywgZ28gdG8gIA0K
+aHR0cHM6Ly9jYWxlbmRhci5nb29nbGUuY29tL2NhbGVuZGFyL3Ivc2V0dGluZ3MsIHNlbGVjdCB0
+aGlzIGNhbGVuZGFyLCBhbmQgIA0KY2hhbmdlICJPdGhlciBub3RpZmljYXRpb25zIi4NCg0KRm9y
+d2FyZGluZyB0aGlzIGludml0YXRpb24gY291bGQgYWxsb3cgYW55IHJlY2lwaWVudCB0byBzZW5k
+IGEgcmVzcG9uc2UgdG8gIA0KdGhlIG9yZ2FuaXplciwgYmUgYWRkZWQgdG8gdGhlIGd1ZXN0IGxp
+c3QsIGludml0ZSBvdGhlcnMgcmVnYXJkbGVzcyBvZiAgDQp0aGVpciBvd24gaW52aXRhdGlvbiBz
+dGF0dXMsIG9yIG1vZGlmeSB5b3VyIFJTVlAuDQoNCkxlYXJuIG1vcmUgaHR0cHM6Ly9zdXBwb3J0
+Lmdvb2dsZS5jb20vY2FsZW5kYXIvYW5zd2VyLzM3MTM1I2ZvcndhcmRpbmcNCg==
+--00000000000023c70606369745e9
+Content-Type: text/html; charset="UTF-8"
+Content-Transfer-Encoding: quoted-printable
+
+<!doctype html><html xmlns=3D"http://www.w3.org/1999/xhtml" xmlns:v=3D"urn:="...truncated for brevity...

server/testdata/ical-example-1.ics

@@ -0,0 +1,57 @@
+BEGIN:VCALENDAR
+METHOD:REQUEST
+PRODID:Microsoft Exchange Server 2010
+VERSION:2.0
+BEGIN:VTIMEZONE
+TZID:Pacific Standard Time
+BEGIN:STANDARD
+DTSTART:16010101T020000
+TZOFFSETFROM:-0700
+TZOFFSETTO:-0800
+RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=11
+END:STANDARD
+BEGIN:DAYLIGHT
+DTSTART:16010101T020000
+TZOFFSETFROM:-0800
+TZOFFSETTO:-0700
+RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=2SU;BYMONTH=3
+END:DAYLIGHT
+END:VTIMEZONE
+BEGIN:VEVENT
+ORGANIZER;CN=Bill Thiede:mailto:wthiede@nvidia.com
+ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=Bill:mailt
+ o:couchmoney@gmail.com
+DESCRIPTION;LANGUAGE=en-US:\n
+UID:040000008200E00074C5B7101A82E00800000000A1458AEA8E4DDB01000000000000000
+ 010000000988BC323BE65A8458B718B5EF8FE8152
+SUMMARY;LANGUAGE=en-US:dentist night guard 
+DTSTART;TZID=Pacific Standard Time:20250108T080000
+DTEND;TZID=Pacific Standard Time:20250108T090000
+CLASS:PUBLIC
+PRIORITY:5
+DTSTAMP:20241213T184408Z
+TRANSP:OPAQUE
+STATUS:CONFIRMED
+SEQUENCE:0
+LOCATION;LANGUAGE=en-US:
+X-MICROSOFT-CDO-APPT-SEQUENCE:0
+X-MICROSOFT-CDO-OWNERAPPTID:2123132523
+X-MICROSOFT-CDO-BUSYSTATUS:TENTATIVE
+X-MICROSOFT-CDO-INTENDEDSTATUS:BUSY
+X-MICROSOFT-CDO-ALLDAYEVENT:FALSE
+X-MICROSOFT-CDO-IMPORTANCE:1
+X-MICROSOFT-CDO-INSTTYPE:0
+X-MICROSOFT-ONLINEMEETINGEXTERNALLINK:
+X-MICROSOFT-ONLINEMEETINGCONFLINK:
+X-MICROSOFT-DONOTFORWARDMEETING:FALSE
+X-MICROSOFT-DISALLOW-COUNTER:FALSE
+X-MICROSOFT-REQUESTEDATTENDANCEMODE:DEFAULT
+X-MICROSOFT-ISRESPONSEREQUESTED:TRUE
+X-MICROSOFT-LOCATIONS:[]
+BEGIN:VALARM
+DESCRIPTION:REMINDER
+TRIGGER;RELATED=START:-PT5M
+ACTION:DISPLAY
+END:VALARM
+END:VEVENT
+END:VCALENDAR

server/testdata/ical-example-2.ics

@@ -0,0 +1,30 @@
+BEGIN:VCALENDAR
+PRODID:-//Google Inc//Google Calendar 70.9054//EN
+VERSION:2.0
+CALSCALE:GREGORIAN
+METHOD:REPLY
+X-GOOGLE-CALID:g66m0feuqsao8l1c767pvvcg4k@group.calendar.google.com
+BEGIN:VEVENT
+DTSTART:20250813T010000Z
+DTEND:20250813T030000Z
+DTSTAMP:20250801T022550Z
+ORGANIZER;CN=Family:mailto:g66m0feuqsao8l1c767pvvcg4k@group.calendar.google
+ .com
+UID:6os3ap346th6ab9nckp30b9kc8sm2bb160q3gb9l6lgm6or160rjee1mco@google.com
+ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;CN=superm
+ atute@gmail.com;X-NUM-GUESTS=0:mailto:supermatute@gmail.com
+X-GOOGLE-CONFERENCE:https://meet.google.com/dcu-hykx-vym
+CREATED:20250801T015712Z
+DESCRIPTION:-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~
+ :~:~:~:~:~:~:~:~::~:~::-\nJoin with Google Meet: https://meet.google.com/dc
+ u-hykx-vym\n\nLearn more about Meet at: https://support.google.com/a/users/
+ answer/9282720\n\nPlease do not edit this section.\n-::~:~::~:~:~:~:~:~:~:~
+ :~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-
+LAST-MODIFIED:20250801T022549Z
+LOCATION:
+SEQUENCE:0
+STATUS:CONFIRMED
+SUMMARY:[tenative] dinner w/ amatute
+TRANSP:OPAQUE
+END:VEVENT
+END:VCALENDAR

server/testdata/ical-multiday.ics

@@ -0,0 +1,9 @@
+BEGIN:VCALENDAR
+VERSION:2.0
+BEGIN:VEVENT
+SUMMARY:Multi-day Event
+DTSTART;VALUE=DATE:20250828
+DTEND;VALUE=DATE:20250831
+DESCRIPTION:This event spans multiple days.
+END:VEVENT
+END:VCALENDAR

server/testdata/ical-straddle-real.ics

@@ -0,0 +1,36 @@
+BEGIN:VCALENDAR
+PRODID:-//Google Inc//Google Calendar 70.9054//EN
+VERSION:2.0
+CALSCALE:GREGORIAN
+METHOD:REQUEST
+BEGIN:VEVENT
+DTSTART;VALUE=DATE:20250830
+DTEND;VALUE=DATE:20250902
+DTSTAMP:20250819T183713Z
+ORGANIZER;CN=Bill Thiede:mailto:couchmoney@gmail.com
+UID:37kplskaimjnhdnt8r5ui9pv7f@google.com
+ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=
+ TRUE;CN=bill@xinu.tv;X-NUM-GUESTS=0:mailto:bill@xinu.tv
+ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=TRUE
+ ;CN=Bill Thiede;X-NUM-GUESTS=0:mailto:couchmoney@gmail.com
+X-MICROSOFT-CDO-OWNERAPPTID:1427505964
+CREATED:20250819T183709Z
+DESCRIPTION:
+LAST-MODIFIED:20250819T183709Z
+LOCATION:
+SEQUENCE:0
+STATUS:CONFIRMED
+SUMMARY:Test Straddle Month
+TRANSP:TRANSPARENT
+BEGIN:VALARM
+ACTION:DISPLAY
+DESCRIPTION:This is an event reminder
+TRIGGER:-P0DT0H30M0S
+END:VALARM
+BEGIN:VALARM
+ACTION:DISPLAY
+DESCRIPTION:This is an event reminder
+TRIGGER:-P0DT7H30M0S
+END:VALARM
+END:VEVENT
+END:VCALENDAR

server/testdata/ical-straddle.ics

@@ -0,0 +1,9 @@
+BEGIN:VCALENDAR
+VERSION:2.0
+BEGIN:VEVENT
+SUMMARY:Straddle Month Event
+DTSTART;VALUE=DATE:20250830
+DTEND;VALUE=DATE:20250903
+DESCRIPTION:This event straddles two months.
+END:VEVENT
+END:VCALENDAR

shared/Cargo.toml

@@ -12,7 +12,7 @@ version.workspace = true
 
 [dependencies]
 build-info = "0.0.41"
-letterbox-notmuch = { path = "../notmuch", version = "0.17.27", registry = "xinu" }
+letterbox-notmuch = { path = "../notmuch", version = "0.17.38", registry = "xinu" }
 regex = "1.11.1"
 serde = { version = "1.0.219", features = ["derive"] }
 sqlx = "0.8.5"

web/Cargo.toml

@@ -33,7 +33,7 @@ wasm-bindgen = "=0.2.100"
 uuid = { version = "1.16.0", features = [
   "js",
 ] } # direct dep to set js feature, prevents Rng issues
-letterbox-shared = { path = "../shared/", version = "0.17.27", registry = "xinu" }
+letterbox-shared = { path = "../shared/", version = "0.17.38", registry = "xinu" }
 seed_hooks = { version = "0.4.1", registry = "xinu" }
 strum_macros = "0.27.1"
 gloo-console = "0.3.0"

web/index.html

@@ -4,8 +4,8 @@
 <head>
   <meta charset="utf-8">
   <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css"
-    integrity="sha512-DxV+EoADOkOygM4IR9yXP8Sb2qwgidEmeqAEmDKIOfPRQZOWbXCzLC6vjbZyy0vPisbH2SyW27+ddLVCN+OMzQ=="
+  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.1/css/all.min.css"
+    integrity="sha512-2SwdPD6INVrV/lHTZbO2nodKhrnDdJK9/kg2XD1r9uGqPo1cUbujc+IYdlYdEErWNu69gVcYgdxlmVmzTWnetw=="
     crossorigin="anonymous" referrerpolicy="no-referrer" />
   <link rel="icon" href="https://static.xinu.tv/favicon/letterbox.svg" />
   <!-- tall thin font for user icon -->
@@ -16,6 +16,7 @@
   <link data-trunk rel="css" href="static/vars.css" />
   <link data-trunk rel="tailwind-css" href="./src/tailwind.css" />
   <link data-trunk rel="css" href="static/overrides.css" />
+  <link data-trunk rel="css" href="static/email-specific.css" />
 </head>
 
 <body>

web/src/view/mod.rs

@@ -901,13 +901,22 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
         .collect();
     let show_x_original_to = !*to_xinu.borrow() && msg.x_original_to.is_some();
     let show_delivered_to = !*to_xinu.borrow() && !show_x_original_to && msg.delivered_to.is_some();
+    let common_style = C!["text-sm", "pr-2", "text-gray-500"];
     div![
-        C!["flex", "p-4", "bg-neutral-800"],
-        div![avatar],
+        C!["flex", "bg-neutral-800"],
+        div![C!["self-center"], avatar],
         div![
-            C!["px-4", "mr-auto"],
-            span![
-                C!["font-semibold", "text-sm"],
+            C![
+                "mx-2",
+                "flex-1",
+                "flex",
+                "flex-nowrap",
+                "items-center",
+                "truncate",
+            ],
+            div![
+                C!["font-semibold", "text-white"],
+                &common_style,
                 from_detail.as_ref().map(|addr| attrs! {
                     At::Title => addr
                 }),
@@ -915,7 +924,7 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
             ],
             " ",
             IF!(!msg.to.is_empty() => div![
-                C!["text-xs"],
+                &common_style,
                 span![
                     C!["font-semibold"],
                     "To: "
@@ -926,7 +935,7 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
                 " "
             ]),
             IF!(!msg.cc.is_empty() => div![
-                C!["text-xs", "max-w-full", "overflow-clip", "text-ellipsis"],
+                &common_style,
                 span![
                     C!["font-semibold"],
                     "CC: "
@@ -934,7 +943,7 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
                 cc_addrs
             ]),
             IF!(show_x_original_to => div![
-                C!["text-xs"],
+                &common_style,
                 span![
                     C!["font-semibold"],
                     "Original To: "
@@ -953,7 +962,7 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
                 ]
             ]),
             IF!(show_delivered_to => div![
-                C!["text-xs"],
+                &common_style,
                 span![
                     C!["font-semibold"],
                     "Delivered To: "
@@ -972,14 +981,13 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
                 ]
             ]),
         ],
-        span![
-            C!["text-right"],
-            msg.timestamp
-                .map(|ts| div![C!["text-xs", "text-nowrap"], human_age(ts)]),
+        msg.timestamp.map(|ts| div![
+            C!["text-xs", "text-nowrap", "justify-self-end", "self-center"],
+            human_age(ts)
+        ]),
         div![
-                C!["p-2"],
             i![C![
-                    "mx-4",
+                "m-2",
                 "read-status",
                 "far",
                 if is_unread {
@@ -992,7 +1000,6 @@ fn render_closed_header(msg: &ShowThreadQueryThreadOnEmailThreadMessages) -> Nod
                 e.stop_propagation();
                 Msg::SetUnread(id, !is_unread)
             })
-            ],
         ]
     ]
 }
@@ -1007,7 +1014,7 @@ fn message_render(msg: &ShowThreadQueryThreadOnEmailThreadMessages, open: bool)
     };
     let from = from.map(|f| f.replace('.', "-").replace('@', "-"));
     div![
-        C!["lg:mb-4"],
+        C!["pb-1"],
         div![
             if open {
                 render_open_header(&msg)
@@ -1025,7 +1032,7 @@ fn message_render(msg: &ShowThreadQueryThreadOnEmailThreadMessages, open: bool)
         ],
         IF!(open =>
         div![
-            C!["content", "bg-white", "text-black", "p-4", "min-w-full", "w-0","overflow-x-auto", from],
+            C!["content", "bg-white", "text-black", "p-4", "min-w-full", "w-0","overflow-x-auto", from.map(|f|format!("from-{f}"))],
             match &msg.body {
                 ShowThreadQueryThreadOnEmailThreadMessagesBody::UnhandledContentType(
                     ShowThreadQueryThreadOnEmailThreadMessagesBodyOnUnhandledContentType { contents ,content_tree},

web/static/email-specific.css

@@ -0,0 +1,11 @@
+.mail-thread .content.from-noreply-news-bloomberg-com a {
+  background-color: initial !important;
+}
+
+.mail-thread .content.from-noreply-news-bloomberg-com h2 {
+  margin: 0 !important;
+  padding: 0 !important;
+}
+.mail-thread .content.from-dmarcreport-microsoft-com div {
+  font-family:  ui-sans-serif, system-ui, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji" !important;
+}

web/static/overrides.css

@@ -57,15 +57,6 @@ html {
   margin-left: 2em;
 }
 
-.mail-thread .content .noreply-news-bloomberg-com a {
-  background-color: initial !important;
-}
-
-.mail-thread .content .noreply-news-bloomberg-com h2 {
-  margin: 0 !important;
-  padding: 0 !important;
-}
-
 /* Hackaday figures have unreadable black on dark grey */
 .news-post figcaption.wp-caption-text {
   background-color: initial !important;