1

Topic: mailing list restrictions settings not working for mail aliases

==== Required information ====
- iRedMail version: 1.7.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: CENTOS 5
- Related log if you're reporting an issue:
====


Hi

Mailing list restrictions settings is not working for mail aliases. For example I have a domain name called portal.test.com and the aliases name for the domain is test.com. I created a mailing list like qa@portal.test.com. I have  placed a restriction in such a way that, only users existing in the domain can send emails to this mailing list & all other mails from external id will be rejected. ie.., abc [at] gmail.com will not be able to send mails to qa@portal.test.com.

However, the same (abc [at] gmail.com)  user tries to send an email to the mailing list alias (qa@test.com). The mail are received to the members in the mailing list.

how can we make sure that the previous restriction (mentioned above) applies also to the alias mailing list name(qa@test.com)

Domain alias   Log

2013-01-17 15:30:29 DEBUG smtp session: request=smtpd_access_policy
2013-01-17 15:30:29 DEBUG smtp session: protocol_state=RCPT
2013-01-17 15:30:29 DEBUG smtp session: protocol_name=ESMTP
2013-01-17 15:30:29 DEBUG smtp session: client_address=74.125.82.41
2013-01-17 15:30:29 DEBUG smtp session: client_name=unknown
2013-01-17 15:30:29 DEBUG smtp session: reverse_client_name=unknown
2013-01-17 15:30:29 DEBUG smtp session: helo_name=mail-wg0-f41.google.com
2013-01-17 15:30:29 DEBUG smtp session: sender=abc@gmail.com
2013-01-17 15:30:29 DEBUG smtp session: recipient=qa@test.com
2013-01-17 15:30:29 DEBUG smtp session: recipient_count=0
2013-01-17 15:30:29 DEBUG smtp session: queue_id=
2013-01-17 15:30:29 DEBUG smtp session: instance=1c5.50f7cbbd.188f6.0
2013-01-17 15:30:29 DEBUG smtp session: size=0
2013-01-17 15:30:29 DEBUG smtp session: etrn_domain=
2013-01-17 15:30:29 DEBUG smtp session: stress=
2013-01-17 15:30:29 DEBUG smtp session: sasl_method=
2013-01-17 15:30:29 DEBUG smtp session: sasl_username=
2013-01-17 15:30:29 DEBUG smtp session: sasl_sender=
2013-01-17 15:30:29 DEBUG smtp session: ccert_subject=
2013-01-17 15:30:29 DEBUG smtp session: ccert_issuer=
2013-01-17 15:30:29 DEBUG smtp session: ccert_fingerprint=
2013-01-17 15:30:29 DEBUG smtp session: encryption_protocol=TLSv1
2013-01-17 15:30:29 DEBUG smtp session: encryption_cipher=RC4-SHA
2013-01-17 15:30:29 DEBUG smtp session: encryption_keysize=128
2013-01-17 15:30:29 DEBUG LDAP connection initialied success.
2013-01-17 15:30:29 DEBUG LDAP bind success.
2013-01-17 15:30:29 DEBUG __get_recipient_dn_ldif (recipient): qa@test.com
2013-01-17 15:30:29 DEBUG __get_recipient_dn_ldif (ldap query filter): (&(|(mail=qa@test.com)(shadowAddress=qa@test.com))(|(objectClass=mailUser)(objectClass=mailList)(objectClass=mailAlias)))
2013-01-17 15:30:29 DEBUG __get_recipient_dn_ldif: Can not find recipient in LDAP server.
2013-01-17 15:30:29 DEBUG Recipient DN or LDIF is None.
2013-01-17 15:30:29 DEBUG Final action: DUNNO.
2013-01-17 15:30:29 INFO abc@gmail.com -> qa@test.com, DUNNO
2013-01-17 15:30:29 DEBUG Connection closed
2013-01-17 15:30:33 DEBUG Connect from 127.0.0.1


Domain log


2013-01-17 15:47:53 DEBUG Connect from 127.0.0.1
2013-01-17 15:47:53 DEBUG smtp session: request=smtpd_access_policy
2013-01-17 15:47:53 DEBUG smtp session: protocol_state=RCPT
2013-01-17 15:47:53 DEBUG smtp session: protocol_name=ESMTP
2013-01-17 15:47:53 DEBUG smtp session: client_address=209.85.212.180
2013-01-17 15:47:53 DEBUG smtp session: client_name=unknown
2013-01-17 15:47:53 DEBUG smtp session: reverse_client_name=unknown
2013-01-17 15:47:53 DEBUG smtp session: helo_name=mail-wi0-f180.google.com
2013-01-17 15:47:53 DEBUG smtp session: sender=abc@gmail.com
2013-01-17 15:47:53 DEBUG smtp session: recipient=qa@portal.test.com
2013-01-17 15:47:53 DEBUG smtp session: recipient_count=0
2013-01-17 15:47:53 DEBUG smtp session: queue_id=
2013-01-17 15:47:53 DEBUG smtp session: instance=586e.50f7cfd1.95cfb.0
2013-01-17 15:47:53 DEBUG smtp session: size=0
2013-01-17 15:47:53 DEBUG smtp session: etrn_domain=
2013-01-17 15:47:53 DEBUG smtp session: stress=
2013-01-17 15:47:53 DEBUG smtp session: sasl_method=
2013-01-17 15:47:53 DEBUG smtp session: sasl_username=
2013-01-17 15:47:53 DEBUG smtp session: sasl_sender=
2013-01-17 15:47:53 DEBUG smtp session: ccert_subject=
2013-01-17 15:47:53 DEBUG smtp session: ccert_issuer=
2013-01-17 15:47:53 DEBUG smtp session: ccert_fingerprint=
2013-01-17 15:47:53 DEBUG smtp session: encryption_protocol=TLSv1
2013-01-17 15:47:53 DEBUG smtp session: encryption_cipher=RC4-SHA
2013-01-17 15:47:53 DEBUG smtp session: encryption_keysize=128
2013-01-17 15:47:53 DEBUG LDAP connection initialied success.
2013-01-17 15:47:53 DEBUG LDAP bind success.
2013-01-17 15:47:53 DEBUG __get_recipient_dn_ldif (recipient): qa@portal.test.com
2013-01-17 15:47:53 DEBUG __get_recipient_dn_ldif (ldap query filter): (&(|(mail=qa@portal.test.com)(shadowAddress=qa@portal.test.com))(|(objectClass=mailUser)(objectClass=mailList)(objectClass=mailAlias)))
2013-01-17 15:47:53 DEBUG __get_recipient_dn_ldif (ldap query result): [('mail=qa@portal.test.com,ou=Groups,domainName=portal.test.com,o=domains,dc=xxxx,dc=com', {'cn': ['QA TEAM'], 'objectClass': ['mailList', 'top'], 'accountStatus': ['active'], 'accessPolicy': ['domain'], 'mail': ['qa@portal.test.com'], 'enabledService': ['mail', 'deliver']})]
2013-01-17 15:47:53 DEBUG Apply plugin (ldap_maillist_access_policy).
2013-01-17 15:47:53 DEBUG (ldap_maillist_access_policy.pyc) Recipient domain and alias domains: portal.test.com,take10.in
2013-01-17 15:47:53 DEBUG (ldap_maillist_access_policy.pyc) Sender: abc@gmail.com
2013-01-17 15:47:53 DEBUG (ldap_maillist_access_policy.pyc) Recipient: qa@portal.test.com
2013-01-17 15:47:53 DEBUG (ldap_maillist_access_policy.pyc) Policy: domain
2013-01-17 15:47:53 DEBUG Response from plugin (ldap_maillist_access_policy): REJECT Permission denied Access policy: domain.
2013-01-17 15:47:53 INFO Response from plugin (ldap_maillist_access_policy): REJECT Permission denied Access policy: domain.
2013-01-17 15:47:53 DEBUG Final action: REJECT Permission denied Access policy: domain..
2013-01-17 15:47:53 INFO abc@gmail.com -> qa@portal.test.com, REJECT Permission denied Access policy: domain.
2013-01-17 15:47:53 DEBUG Connection closed
2013-01-17 15:47:54 DEBUG Connect from 127.0.0.1

2

Re: mailing list restrictions settings not working for mail aliases

Sorry about this trouble. This is a bug in iRedAdmin-Pro-LDAP-1.8.1 (and earlier versions), it was fixed in the development version.

I can sen you the development edition if you like, please mail "support@ iredmail.org" to get one.
What you need to do to fix this issue is removing alias domain "test.com" first, then re-add it.

3

Re: mailing list restrictions settings not working for mail aliases

Issues solved with development edition: delete alias domain, then re-add it.