Commits

Zhang Huangbin committed 279cc71

Allow to use domain name as mail list moderator.

  • Participants
  • Parent commits 720284c

Comments (0)

Files changed (3)

libs/ldaplib/conn_utils.py

                 searchFilter += '(mail=%s)' % i
             searchFilter += '))'
 
-            searchAttrs = ['shadowAddress', ]
+            searchAttrs = ['shadowAddress']
 
             logging.debug('base dn: %s' % basedn)
             logging.debug('search scope: 2 (ldap.SCOPE_SUBTREE)')
                     'ou=Users,' + domaindn,
                     2,  # ldap.SCOPE_SUBTREE
                     searchFilter,
-                    ['mail', 'shadowAddress', ],
+                    ['mail', 'shadowAddress'],
                 )
 
                 for obj in resultOfShadowAddresses:

libs/ldaplib/modeler.py

         if not plugins:
             return 'DUNNO'
 
+        sender = smtp_session_data['sender'].lower()
+        recipient = smtp_session_data['recipient'].lower()
+
         plugin_kwargs = {'smtp_session_data': smtp_session_data,
                          'conn': self.conn,
                          'base_dn': settings.ldap_basedn,
+                         'sender': sender,
+                         'sender_domain': sender.split('@', 1)[-1],
+                         'recipient': recipient,
+                         'recipient_domain': recipient.split('@', 1)[-1],
                          'sender_dn': None,
                          'sender_ldif': None,
                          'recipient_dn': None,
                     and plugin_kwargs['sender_dn'] is None:
                 sender_dn, sender_ldif = conn_utils.get_account_ldif(
                     conn=self.conn,
-                    account=smtp_session_data['sender'],
+                    account=sender,
                     attrlist=sender_search_attrlist,
                 )
                 plugin_kwargs['sender_dn'] = sender_dn
                     and plugin_kwargs['recipient_dn'] is None:
                 recipient_dn, recipient_ldif = conn_utils.get_account_ldif(
                     conn=self.conn,
-                    account=smtp_session_data['recipient'],
+                    account=recipient,
                     attrlist=recipient_search_attrlist,
                 )
                 plugin_kwargs['recipient_dn'] = recipient_dn
                 plugin_kwargs['recipient_ldif'] = recipient_ldif
 
-            # Apply plugin
+            # Apply plugins
             action = utils.apply_plugin(plugin, **plugin_kwargs)
             if not action.startswith('DUNNO'):
                 return action

plugins/ldap_maillist_access_policy.py

 
 
 def restriction(**kwargs):
-    smtp_session_data = kwargs['smtp_session_data']
     conn = kwargs['conn']
     base_dn = kwargs['base_dn']
+    sender = kwargs['sender']
+    recipient = kwargs['recipient']
     recipient_dn = kwargs['recipient_dn']
     recipient_ldif = kwargs['recipient_ldif']
 
     if not 'mailList' in recipient_ldif['objectClass']:
         return 'DUNNO (Not mail list)'
 
-    sender = smtp_session_data['sender'].lower()
-    recipient = smtp_session_data['recipient'].lower()
     recipient_alias_domains = []
 
     policy = recipient_ldif.get('accessPolicy', ['public'])[0].lower()
             policy=policy,
         )
 
+        if policy in ['moderatorsonly', 'moderators',
+                      'allowedonly', 'membersandmoderatorsonly']:
+            # Check allowed sender domain or sub-domains
+            sender_domain = kwargs['sender_domain']
+            if sender_domain in allowedSenders \
+                    or '.' + sender_domain in allowedSenders:
+                return 'DUNNO (Sender domain is allowed)'
+
         if sender in allowedSenders:
             return 'DUNNO (Sender is allowed)'
         else: