1. Zhang Huangbin
  2. iredapd

Source

iredapd / plugins / ldap_maillist_access_policy.py

Diff from to

File plugins/ldap_maillist_access_policy.py

 
 
 def restriction(**kwargs):
-    smtp_session_data = kwargs['smtp_session_data']
     conn = kwargs['conn']
     base_dn = kwargs['base_dn']
+    sender = kwargs['sender']
+    recipient = kwargs['recipient']
     recipient_dn = kwargs['recipient_dn']
     recipient_ldif = kwargs['recipient_ldif']
 
     if not 'mailList' in recipient_ldif['objectClass']:
         return 'DUNNO (Not mail list)'
 
-    sender = smtp_session_data['sender'].lower()
-    recipient = smtp_session_data['recipient'].lower()
     recipient_alias_domains = []
 
     policy = recipient_ldif.get('accessPolicy', ['public'])[0].lower()
             policy=policy,
         )
 
+        if policy in ['moderatorsonly', 'moderators',
+                      'allowedonly', 'membersandmoderatorsonly']:
+            # Check allowed sender domain or sub-domains
+            sender_domain = kwargs['sender_domain']
+            if sender_domain in allowedSenders \
+                    or '.' + sender_domain in allowedSenders:
+                return 'DUNNO (Sender domain is allowed)'
+
         if sender in allowedSenders:
             return 'DUNNO (Sender is allowed)'
         else: