- Fix signature checking to avoid false validation errors
on webhook payloads including `/` (including all "clicked"
and most "opened" events). And in general, avoid depending
on specific details of Unisender Go's JSON serialization.
(Fixes #398.)
- Handle "use single event" webhook option (which has a different
payload format).
- Verify basic auth when Anymail's WEBHOOK_SECRET is used.
(This is optional for Unisender Go, since payloads are signed,
but it needs to be checked when enabled.)
- Treat "soft_bounced" events as "deferred" rather than "bounced",
since they will be retried later.
- Update validation error to reference Project ID if the webhook
is configured for a specific project.
- Expose Unisender Go's delivery_status code and unsubscribe form
comment as Anymail's normalized event.description.
- Update webhook tests based on actual payloads and add several
missing tests.
- Update docs to clarify webhook use with Unisender Go projects.
- Support Postmark's RawEmail option;
recommend it in docs
- Handle Bcc when provided by Postmark
- Obtain `envelope_sender` from Return-Path info
Postmark now adds, rather than parsing Received-SPF
Related:
- Add `AnymailInboundMessage.bcc` convenience prop
- Test against full Postmark "check" inbound payloads
(which don't match their docs or real inbound payloads)
- Don't warn about receiving "check" payload
