Commits

Zhang Huangbin committed 68800eb

New plugin for LDAP backend: ldap_expired_password. Used to force mail user to change the password in 90 days.

  • Participants
  • Parent commits 5b499b4
  • Tags 1.3.7

Comments (0)

Files changed (3)

 iRedAPD-1.3.7:
+    * New plugin for LDAP backend: ldap_expired_password. Used to force mail
+      user to change the password in 90 days.
     * Log client IP address.
     * Supports PostgreSQL.
     * Excluding mail user in SQL query (plugin: sql_alias_access_policy).

File src/plugins-rr/ldap_expired_password.py

+# Author:   Zhang Huangbin <zhb _at_ iredmail.org>
+# Purpose:  Force user to change account password in 90 days.
+
+import datetime
+from libs import SMTP_ACTIONS
+
+# Force mail user to change password in how many days. Default is 90.
+EXPIRED_DAYS = 90
+
+def restriction(smtpSessionData, ldapSenderLdif, **kargs):
+    # Check password last change days
+    last_changed_day = int(ldapSenderLdif.get('shadowLastChange', [0])[0])
+
+    # Convert today to shadowLastChange
+    today = datetime.date.today()
+    changed_days_of_today = (datetime.date(today.year, today.month, today.day) - datetime.date(1970, 1, 1)).days
+
+    if (last_changed_day + EXPIRED_DAYS) < changed_days_of_today:
+        return 'REJECT Password expired, please change the password before sending email.'
+
+    return SMTP_ACTIONS['default']
+

File src/plugins-rr/ldap_recipient_restrictions.py

-#!/usr/bin/env python
-# encoding: utf-8
-
-# Author:   Zhang Huangbin <zhb (at) iredmail.org>
+# Author:   Zhang Huangbin <zhb _at_ iredmail.org>
 # Date:     2010-04-20
 # Purpose:  Per-user whitelist/blacklist for recipient restrictions.
 #           Bypass all whitelisted recipients, reject all blacklisted recipients.