iRedMail — Email handling issue in mail list or postfix

Re: Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Wed, 03 Mar 2010 09:03:29 +0000

can you give me an example of ldapsearch command to search one domain? As I tried to use
ldapsearch -h "objectClass=*"
and not work.

Re: Email handling issue in mail list or postfix

null@example.com (ZhangHuangbin) — Wed, 03 Mar 2010 08:10:58 +0000

You can use 'ldapsearch' command.

Re: Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Wed, 03 Mar 2010 08:08:45 +0000

I found a way to do on the postfix directly using restrict_sender. But I would like to know how to get the a domain user list from ldap? Any script or way to do on shell? As I need to generate a script to apply the setting.

Re: Email handling issue in mail list or postfix

null@example.com (ZhangHuangbin) — Wed, 03 Mar 2010 04:38:01 +0000

You need to be familiar with Python programming language: http://www.python.org/

Re: Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Wed, 03 Mar 2010 04:36:48 +0000

I have no idea about the plugin? Also I don't know how to apply even write this? So I think it's not easy and not possible to make it by ourselves?

Re: Email handling issue in mail list or postfix

null@example.com (ZhangHuangbin) — Wed, 03 Mar 2010 04:32:08 +0000

This is just for your reference, you have to write a new plugin to implement what you need.

Re: Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Wed, 03 Mar 2010 04:30:25 +0000

I have no idea how to apply on this? where to put domaina.com? where to put domaina.com and domainb.com as allow. And how to apply? Please advice.

#!/usr/bin/env python
# encoding: utf-8

# Author: Zhang Huangbin

import sys

ACTION_REJECT = 'REJECT Not Authorized'

def __get_allowed_senders(ldapConn, ldapBaseDn, listDn, sender, recipient, polic
y,):
"""return search_result_list_based_on_access_policy"""

# Set search base dn, scope, filter and attribute list based on access polic
y.
if policy == 'membersonly':
basedn = ldapBaseDn
searchScope = 2 # ldap.SCOPE_SUBTREE
# Filter used to get domain members.
searchFilter = "(&(|(objectclass=mailUser)(objectclass=mailExternalUser)
)(accountStatus=active)(memberOfGroup=%s))" % (recipient, )
searchAttr = 'mail'
else:
basedn = listDn
searchScope = 0 # Use SCOPE_BASE to improve performance.
# Filter used to get domain moderators.
searchFilter = "(&(objectclass=mailList)(mail=%s))" % (recipient, )
searchAttr = 'listAllowedUser'

try:
result = ldapConn.search_s(basedn, searchScope, searchFilter, [searchAtt
r])
userList = []
for obj in result:
if obj[1].has_key(searchAttr):
# Example of result data:
# [('dn', {'listAllowedUser': ['user@domain.ltd']})]
# [('dn', {'listAllowedUser': ['user@domain.ltd']})]
userList += obj[1][searchAttr]
else:
pass
return userList

except Exception, e:
return []

def restriction(ldapConn, ldapBaseDn, ldapRecipientDn, ldapRecipientLdif, smtpSe
ssionData, **kargs):
# Return if recipient is not a mail list object.
if 'maillist' not in [ v.lower() for v in ldapRecipientLdif['objectClass']]:
return 'DUNNO'

sender = smtpSessionData['sender'].lower()
recipient = smtpSessionData['recipient'].lower()
policy = ldapRecipientLdif.get('accessPolicy', ['public'])[0].lower()

if policy == "public": return 'DUNNO' # No restriction.
elif policy == "domain":
# Bypass all users under the same domain.
if sender.split('@')[1] == recipient.split('@')[1]: return 'DUNNO'
else: return ACTION_REJECT
else:
# Handle other access policies: membersOnly, allowedOnly.
allowedSenders = __get_allowed_senders(
ldapConn=ldapConn,
ldapBaseDn=ldapBaseDn,
listDn=ldapRecipientDn,
sender=sender,
recipient=recipient,
policy=policy,
)

if sender.lower() in [ v.lower() for v in allowedSenders ]:
return 'DUNNO'
else:
return ACTION_REJECT

Re: Email handling issue in mail list or postfix

null@example.com (ZhangHuangbin) — Wed, 03 Mar 2010 04:04:04 +0000

I'm so sorry that i can't understand what you mean of case #1.

For case 2: you have to write your own plugin to implement this feature. if you need a sample plugin, just refer to src/plugins/*.py in iRedAPD source code.

Re: Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Wed, 03 Mar 2010 04:00:09 +0000

For case 1, if I want to allow the email address to all maillist, I need to add the email from phpldap? Am I correct?

For case 2, can you provide an example for me. As I have no idea how to apply this to the system. Thanks.

For all domaina.com users, receipent != domaina.com and domainb.com, REJECT

Re: Email handling issue in mail list or postfix

null@example.com (ZhangHuangbin) — Wed, 03 Mar 2010 03:08:47 +0000

bongdotcom wrote:

Case 1: all email receive from to the server (Something like whitelisting)

You can use 'mynetworks' in postfix for whitelisting, policyd provides whitelisting feature for external mail servers.

bongdotcom wrote:

Case 2: allow xxx@domaina.com send to "@domaina.com|@domainb.com. The other domains are not allow.

Not implemented. But should be easy to implement in iRedAPD policy daemon, and use iRedAdmin-Pro to manage it.

Email handling issue in mail list or postfix

null@example.com (bongdotcom) — Fri, 26 Feb 2010 06:54:48 +0000

I received an update from the client today which is a exim filter file and 90% of rules can be handle by mail list. But I found few rules are in different format. I have simplified it and shown in below. And I would like to know whether we can support it or not. I can send you the full list as it included some audit on outgoing and spam rules. Thanks

Case 1: all email receive from to the server (Something like whitelisting)
Case 2: allow xxx@domaina.com send to "@domaina.com|@domainb.com. The other domains are not allow.