steffen: server/kolab/kolab kolab_smtpdpolicy,1.1,1.2
cvs at intevation.de
cvs at intevation.de
Mon Jun 14 13:05:20 CEST 2004
Author: steffen
Update of /kolabrepository/server/kolab/kolab
In directory doto:/tmp/cvs-serv9264/kolab
Modified Files:
kolab_smtpdpolicy
Log Message:
smtp policy fixes
Index: kolab_smtpdpolicy
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab_smtpdpolicy,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- kolab_smtpdpolicy 7 Jun 2004 10:04:12 -0000 1.1
+++ kolab_smtpdpolicy 14 Jun 2004 11:05:18 -0000 1.2
@@ -120,6 +120,7 @@
my $sender = $attr{'sender'};
my $recip = $attr{'recipient'};
my $username = $attr{'sasl_username'};
+ my $mydomain = $Kolab::config{'postfix-mydomain'};
mylog($syslog_priority, "Checking sender=\"$sender\", recipient=\"$recip\", username=\"$username\"") if $verbose;
@@ -128,25 +129,31 @@
#### not authenticated
# Check for allowed sender
- my $mesg = $ldap->search( base=> $conf_ldapbase,
- scope=> 'sub', filter=> "(&(mail=$sender)(objectclass=kInetOrgPerson))");
- if( !$mesg->code ) {
- mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
- foreach $ldapobject ($mesg->entries) {
- mylog($syslog_priority, "Got object ".$ldapobject->get_value('uid') ) if $verbose;
- if( $username eq $ldapobject->get_value('uid') ) {
- # All OK, user is sending as herself
- mylog($syslog_priority, "$username using valid from address $sender") if $verbose;
- } else {
- # UPS, fake sender
- mylog($syslog_priority, "Attempt to fake address $sender") if $verbose;
- return "REJECT Invalid sender";
+ CHECKSENDER:
+
+ if( $sender =~ /.*@$mydomain/ ) {
+ my $mesg = $ldap->search( base=> $conf_ldapbase,
+ scope=> 'sub', filter=> "(&(mail=$sender)(objectclass=kInetOrgPerson))");
+ if( !$mesg->code ) {
+ mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
+ foreach $ldapobject ($mesg->entries) {
+ mylog($syslog_priority, "Got object ".$ldapobject->get_value('uid') ) if $verbose;
+ if( $username eq $ldapobject->get_value('uid') ) {
+ # All OK, user is sending as herself
+ mylog($syslog_priority, "$username using valid from address $sender") if $verbose;
+ return "DUNNO";
+ }
}
+ } else {
+ # LDAP error?
+ mylog($syslog_priority, "Query returned error: ".$mesg->error ) if $verbose;
}
- } else {
- # LDAP error?
- mylog($syslog_priority, "Query returned error: ".$mesg->error ) if $verbose;
+ # UPS, fake sender
+ mylog($syslog_priority, "Attempt to fake address $sender") if $verbose;
+ return "REJECT Invalid sender";
}
+
+ CHECKDISTLIST:
# Now check for valid access to restricted distribution lists
if( !$username ) {
More information about the commits
mailing list