Email notifications does not send Base64 encoded images

speedygonzales391 commented 3 years ago

Email notifications does not send Base64 encoded images from templates

We would like to use email templates with Base64 encoded images. So we use own templates - it works. But if we use <img src="data:image/png;base64,iVBORw...." alt="aaa" />, images are not send.

Deployment environment

Your environment (Generated via diagnostics page)

Bitwarden_rs version: v1.19.0
Web-vault version: v2.18.1
Running within Docker: true
Internet access: false
Uses a proxy: false
DNS Check: true
Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: MySQL
Database version: 5.7.22
Clients used:
Reverse proxy and version:
Other relevant information:

Config (Generated via diagnostics page)

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_ip_header_enabled": true,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "*****://***********:*********@***.***.***.***/*********",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://**********.*****.**/",
  "domain_origin": "*****://**********.*****.**",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "enable_db_wal": false,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "invitation_org_name": "***** Test",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "show_password_hint": true,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_explicit_tls": false,
  "smtp_from": "**********@*****.**",
  "smtp_from_name": "Bitwarden_RS Test",
  "smtp_host": "****.*****.**",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_ssl": false,
  "smtp_timeout": 15,
  "smtp_username": null,
  "templates_folder": "data/templates",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Steps to reproduce

Use own email templates with image encoded into Base64 and tag for example <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAPUAAACzCAIAAADe0s1DAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAK/SURBVHhe7dnBbepAFEDR1OWCXA/V0IyL4ZvgJOaTBZuRMlfnbEDmLa+eZszHDbr0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZfqmTN+U6ZsyfVOmb8r0TZm+KdM3ZTP2vV0vl3VZPr4ty7Jet+PXsxGTzGS6vq/rEeBub/CU5N7jMfMwYpLJzNj3sl6eN+t2eRS5XM6PR0wymcj5+9jAb2zbEZP8WZG+j237xrIdMcmfNWnf234fXNf9QvjlXuKvLY6YZBrz9b1d16O8V88tjphkLrP1fRyK7/fB7dTdL2eJEZPMZrK+jxRfmnttccQk05mz75d3Gq+NjphkOpP1fezUp+i2y/fh+fR4xCTTme5+eWzVu593HPevnx/nFkdMMpnp+t7d33Z8RbhX+PnP4yPR/1scMclMZuwb3qVvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6ZvyvRNmb4p0zdl+qZM35TpmzJ9U6Zvum63f2lFcr95QrhyAAAAAElFTkSuQmCC" alt="aaa" /> and use for example Test SMTP email from Bitwarden_rs admin.

Expected behaviour

Bitwarden_rs send email with image in html message.

Actual behaviour

Images in email does not send.

Troubleshooting data

daniel-qima commented 3 years ago

try to login /admin and check the General Setting > Domain URL, make sure the value is your domain.

speedygonzales391 commented 3 years ago

Yes Domain URL is set

paolobarbolini commented 3 years ago

Hello, I'm not part of the bitwarden_rs team, but I do maintain the lettre crate, which bitwarden_rs uses for sending emails.

Assuming the template has been written correctly, one way of debugging this issue could be to download the raw email from your email client as an .eml file and attaching it here.

Before posting the .eml file open it with a text editor and remove all of the private email headers. Basically the part we are interested in begins here, everything that comes before should be erased: Interesting part of the .eml file

One last note: since the SMTP test email body contains the instance url, to avoid posting it publicly you could temporarily configure a different url as the instance url.

BlackDex commented 3 years ago

I just did a test my self, and it DOES add the image, only Google/Gmail if filtering this during the view in the web-interface. I also tested this on Outlook365, and it works there too.

This is on gmail:

This is that same mail on thunderbird:

dani-garcia / vaultwarden