steffen: server/kolab/kolab kolab_smtpdpolicy,1.1,1.2

[cvs at intevation.de]

Author: steffen

Update of /kolabrepository/server/kolab/kolab
In directory doto:/tmp/cvs-serv9264/kolab

Modified Files:
	kolab_smtpdpolicy 
Log Message:
smtp policy fixes

Index: kolab_smtpdpolicy
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab_smtpdpolicy,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- kolab_smtpdpolicy	7 Jun 2004 10:04:12 -0000	1.1
+++ kolab_smtpdpolicy	14 Jun 2004 11:05:18 -0000	1.2
@@ -120,6 +120,7 @@
   my $sender = $attr{'sender'};
   my $recip  = $attr{'recipient'};
   my $username = $attr{'sasl_username'};
+  my $mydomain = $Kolab::config{'postfix-mydomain'};
 
   mylog($syslog_priority, "Checking sender=\"$sender\", recipient=\"$recip\", username=\"$username\"") if $verbose;
 
@@ -128,25 +129,31 @@
   #### not authenticated
 
   # Check for allowed sender
-  my $mesg = $ldap->search( base=> $conf_ldapbase,
-			    scope=> 'sub', filter=> "(&(mail=$sender)(objectclass=kInetOrgPerson))");
-  if( !$mesg->code ) {
-    mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
-    foreach $ldapobject ($mesg->entries) {
-      mylog($syslog_priority, "Got object ".$ldapobject->get_value('uid') ) if $verbose;
-      if( $username eq $ldapobject->get_value('uid') ) {
-	# All OK, user is sending as herself
-	mylog($syslog_priority, "$username using valid from address $sender") if $verbose;	
-      } else {
-	# UPS, fake sender
-	mylog($syslog_priority, "Attempt to fake address $sender") if $verbose;	
-	return "REJECT Invalid sender";
+ CHECKSENDER:
+
+  if( $sender =~ /.*@$mydomain/ ) {
+    my $mesg = $ldap->search( base=> $conf_ldapbase,
+			      scope=> 'sub', filter=> "(&(mail=$sender)(objectclass=kInetOrgPerson))");
+    if( !$mesg->code ) {
+      mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
+      foreach $ldapobject ($mesg->entries) {
+	mylog($syslog_priority, "Got object ".$ldapobject->get_value('uid') ) if $verbose;
+	if( $username eq $ldapobject->get_value('uid') ) {
+	  # All OK, user is sending as herself
+	  mylog($syslog_priority, "$username using valid from address $sender") if $verbose;	
+	  return "DUNNO";
+	}
       }
+    } else {
+      # LDAP error?
+      mylog($syslog_priority, "Query returned error: ".$mesg->error ) if $verbose;	
     }
-  } else {
-    # LDAP error?
-    mylog($syslog_priority, "Query returned error: ".$mesg->error ) if $verbose;	
+    # UPS, fake sender
+    mylog($syslog_priority, "Attempt to fake address $sender") if $verbose;	
+    return "REJECT Invalid sender";
   }
+
+ CHECKDISTLIST:
 
   # Now check for valid access to restricted distribution lists
   if( !$username ) {