Mark & list:
I'm always glad to hear of more LDAP-sourced functionality being added
to amavisd-new, the separate DKIM daemon sounds like a particularly
useful prize.
Attached is an updated version of a patch I mailed to the list in early
March, updated for 2.7.0-pre4. So far it's working fine on my low
volume test system.
The patch provides provides:
1. the ability to specify custom LDAP attributes for amavis maps at
the configuration file level, instead of having to hack amavisd.
Adds the use of HASH::Util to lock the ldap attribute hashes as a
means to detect faults.
2. exposure of $subject_tag_maps_by_ccat{+CC_VIRUS} as
virus_subject_tag2_maps, similar to what spam_subject_tag2_maps
does. LDAP attribute added to schema. I use this in policy banks
to provide a differing virus infect subject tags (legacy customer
1 wants X, legacy customer 2 wants Y,...). If the feature has
value to other users, it should probably be pushed into the new
%subject_tag_maps
More doco included in the patch, README.ldap reproduced here:
Using custom LDAP attributes
----------------------------
This readme uses the default amavis attribute names, from the default amavis
LDAP schema. In order to facilitate integrating amavis into
environments where
required policy information is already be stored in a directory, but under
different attribute names, a facility is provided to specify a custom
attribute
name for a given amavis map.
The attributes used for a given map lookup are overriden by setting the
%ldap_attr (single-valued attributes) and %ldap_attr_mv (multi-valued
attributes) hashes in the configuration file.
Again take note that it is not the default attribute name that is specified,
but the amavis map name. (below: spam_tag2_level_maps, not
amavisSpamTag2Level)
examples:
single-valued example, specify in configuration file after enabling ldap.
use "spamThreshold" attribute instead of default "amavisSpamTag2Level":
$ldap_attr_maps{spam_tag2_level_maps} = "spamThreshold";
multi-valued example,
use "senderWhitelist" attribute instead of default "amavisWhitelistSender":
$ldap_attr_maps_mv{whitelist_sender_maps} = "senderWhitelist";
Amavis maps, LDAP attribute field type, default LDAP attribute name
-------------------------------------------------------------------
A helper table of all amavis maps that can be looked up per-use in LDAP,
the attribute field type for these maps, and the default LDAP attribute name
used in the lookup.
attribute field types, from amavis source:
B=boolean, N=numeric, S=string, L=list
B-, N-, S-, L- returns undef if field does not exist
B0: boolean, nonexistent field treated as false,
B1: boolean, nonexistent field treated as true
amavis map, single value default LDAP attribute field type
--------------------------------- ------------------------------- ----------
addr_extension_bad_header_maps amavisAddrExtensionBadHeader S-
addr_extension_banned_maps amavisAddrExtensionBanned S-
addr_extension_spam_maps amavisAddrExtensionSpam S-
addr_extension_virus_maps amavisAddrExtensionVirus S-
archive_quarantine_to_maps amavisArchiveQuarantineTo S-
bad_header_admin_maps amavisBadHeaderAdmin S-
bad_header_lovers_maps amavisBadHeaderLover B-
bad_header_quarantine_to_maps amavisBadHeaderQuarantineTo S-
banned_admin_maps amavisBannedAdmin S-
banned_filename_maps amavisBannedRuleNames S-
banned_files_lovers_maps amavisBannedFilesLover B-
banned_quarantine_to_maps amavisBannedQuarantineTo S-
bypass_banned_checks_maps amavisBypassBannedChecks B-
bypass_header_checks_maps amavisBypassHeaderChecks B-
bypass_spam_checks_maps amavisBypassSpamChecks B-
bypass_virus_checks_maps amavisBypassVirusChecks B-
clean_quarantine_to_maps amavisCleanQuarantineTo S-
disclaimer_options_bysender_maps amavisDisclaimerOptions S-
local_domains_maps amavisLocal B1
message_size_limit_maps amavisMessageSizeLimit N-
newvirus_admin_maps amavisNewVirusAdmin S-
spam_admin_maps amavisSpamAdmin S-
spam_dsn_cutoff_level_maps amavisSpamDsnCutoffLevel N-
spam_kill_level_maps amavisSpamKillLevel N-
spam_lovers_maps amavisSpamLover B-
spam_modifies_subj_maps amavisSpamModifiesSubj B-
spam_quarantine_cutoff_level_maps amavisSpamQuarantineCutoffLevel N-
spam_quarantine_to_maps amavisSpamQuarantineTo S-
spam_subject_tag2_maps amavisSpamSubjectTag2 S-
spam_subject_tag_maps amavisSpamSubjectTag S-
spam_tag2_level_maps amavisSpamTag2Level N-
spam_tag_level_maps amavisSpamTagLevel N-
virus_admin_maps amavisVirusAdmin S-
virus_lovers_maps amavisVirusLover B-
virus_quarantine_to_maps amavisVirusQuarantineTo S-
virus_subject_tag2_maps amavisVirusSubjectTag2 S-
warnbadhrecip_maps amavisWarnBadHeaderRecip B-
warnbannedrecip_maps amavisWarnBannedRecip B-
warnvirusrecip_maps amavisWarnVirusRecip B-
amavis map, multiple values default LDAP attribute field type
--------------------------------- ------------------------------- ----------
blacklist_sender_maps amavisBlacklistSender L-
whitelist_sender_maps amavisWhitelistSender L-
Cheers,
-Martin Foster
Le 25/04/2010 12:24, Mark Martinec a écrit :
A pre-release of amavisd-new-2.7.0 is available at:
http://www.ijs.si/software/amavisd/amavisd-new-2.7.0-pre4.tar.gz
with its release notes at:
http://www.ijs.si/software/amavisd/release-notes.txt
There are some incompatibilities with older versions, so please
review at least the compatibility section of the release notes.
One noteworthy incompatibility is a need to add two more fields
to an SQL table msgrcpt when using SQL for logging/pen-pals.
The main goal of 2.7.0 is to better support pre-queue content
filtering setups like a Postfix proxy mode.
The -pre4 is still missing one or two features, which is why it
isn't called a release candidate yet. Other than that, it should be
stable and ready for use - with some caution. It is being used in
production at a couple of sites.
One noteworthy missing feature is the DKIM signing service, which is
a separate daemon process which is intended to provide the only access
to DKIM signing keys, avoiding the need to have these files readable
to UID under which amavisd is running.
Testing and feedback is welcome (but it may take some time for me
to reply:)
Mark
------------------------------------------------------------------------------
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
diff -urN amavisd-new-2.7.0-pre4.ORIG/README_FILES/README.ldap
amavisd-new-2.7.0-pre4/README_FILES/README.ldap
--- amavisd-new-2.7.0-pre4.ORIG/README_FILES/README.ldap 2010-02-05
04:28:53.000000000 +1100
+++ amavisd-new-2.7.0-pre4/README_FILES/README.ldap 2010-04-27
16:41:32.000000000 +1000
@@ -159,3 +159,93 @@
In general LDAP lookups are similar to SQL lookups except for the low level
LDAP/SQL specific code. The overall functionality, lookup rules, etc. are
identical.
+
+Using custom LDAP attributes
+----------------------------
+
+This readme uses the default amavis attribute names, from the default amavis
+LDAP schema. In order to facilitate integrating amavis into environments where
+required policy information is already be stored in a directory, but under
+different attribute names, a facility is provided to specify a custom attribute
+name for a given amavis map.
+
+The attributes used for a given map lookup are overriden by setting the
+%ldap_attr (single-valued attributes) and %ldap_attr_mv (multi-valued
+attributes) hashes in the configuration file.
+
+Again take note that it is not the default attribute name that is specified,
+but the amavis map name. (below: spam_tag2_level_maps, not amavisSpamTag2Level)
+
+examples:
+
+single-valued example, specify in configuration file after enabling ldap.
+use "spamThreshold" attribute instead of default "amavisSpamTag2Level":
+
+ $ldap_attr_maps{spam_tag2_level_maps} = "spamThreshold";
+
+multi-valued example,
+use "senderWhitelist" attribute instead of default "amavisWhitelistSender":
+
+ $ldap_attr_maps_mv{whitelist_sender_maps} = "senderWhitelist";
+
+Amavis maps, LDAP attribute field type, default LDAP attribute name
+-------------------------------------------------------------------
+
+A helper table of all amavis maps that can be looked up per-use in LDAP,
+the attribute field type for these maps, and the default LDAP attribute name
+used in the lookup.
+
+attribute field types, from amavis source:
+
+B=boolean, N=numeric, S=string, L=list
+B-, N-, S-, L- returns undef if field does not exist
+B0: boolean, nonexistent field treated as false,
+B1: boolean, nonexistent field treated as true
+
+amavis map, single value default LDAP attribute field type
+--------------------------------- ------------------------------- ----------
+addr_extension_bad_header_maps amavisAddrExtensionBadHeader S-
+addr_extension_banned_maps amavisAddrExtensionBanned S-
+addr_extension_spam_maps amavisAddrExtensionSpam S-
+addr_extension_virus_maps amavisAddrExtensionVirus S-
+archive_quarantine_to_maps amavisArchiveQuarantineTo S-
+bad_header_admin_maps amavisBadHeaderAdmin S-
+bad_header_lovers_maps amavisBadHeaderLover B-
+bad_header_quarantine_to_maps amavisBadHeaderQuarantineTo S-
+banned_admin_maps amavisBannedAdmin S-
+banned_filename_maps amavisBannedRuleNames S-
+banned_files_lovers_maps amavisBannedFilesLover B-
+banned_quarantine_to_maps amavisBannedQuarantineTo S-
+bypass_banned_checks_maps amavisBypassBannedChecks B-
+bypass_header_checks_maps amavisBypassHeaderChecks B-
+bypass_spam_checks_maps amavisBypassSpamChecks B-
+bypass_virus_checks_maps amavisBypassVirusChecks B-
+clean_quarantine_to_maps amavisCleanQuarantineTo S-
+disclaimer_options_bysender_maps amavisDisclaimerOptions S-
+local_domains_maps amavisLocal B1
+message_size_limit_maps amavisMessageSizeLimit N-
+newvirus_admin_maps amavisNewVirusAdmin S-
+spam_admin_maps amavisSpamAdmin S-
+spam_dsn_cutoff_level_maps amavisSpamDsnCutoffLevel N-
+spam_kill_level_maps amavisSpamKillLevel N-
+spam_lovers_maps amavisSpamLover B-
+spam_modifies_subj_maps amavisSpamModifiesSubj B-
+spam_quarantine_cutoff_level_maps amavisSpamQuarantineCutoffLevel N-
+spam_quarantine_to_maps amavisSpamQuarantineTo S-
+spam_subject_tag2_maps amavisSpamSubjectTag2 S-
+spam_subject_tag_maps amavisSpamSubjectTag S-
+spam_tag2_level_maps amavisSpamTag2Level N-
+spam_tag_level_maps amavisSpamTagLevel N-
+virus_admin_maps amavisVirusAdmin S-
+virus_lovers_maps amavisVirusLover B-
+virus_quarantine_to_maps amavisVirusQuarantineTo S-
+virus_subject_tag2_maps amavisVirusSubjectTag2 S-
+warnbadhrecip_maps amavisWarnBadHeaderRecip B-
+warnbannedrecip_maps amavisWarnBannedRecip B-
+warnvirusrecip_maps amavisWarnVirusRecip B-
+
+amavis map, multiple values default LDAP attribute field type
+--------------------------------- ------------------------------- ----------
+blacklist_sender_maps amavisBlacklistSender L-
+whitelist_sender_maps amavisWhitelistSender L-
+
diff -urN amavisd-new-2.7.0-pre4.ORIG/RELEASE_NOTES
amavisd-new-2.7.0-pre4/RELEASE_NOTES
--- amavisd-new-2.7.0-pre4.ORIG/RELEASE_NOTES 2010-04-25 11:51:22.000000000
+1000
+++ amavisd-new-2.7.0-pre4/RELEASE_NOTES 2010-04-27 16:35:24.000000000
+1000
@@ -401,6 +401,15 @@
suggested by Quanah Gibson-Mount;
(TODO: update LDAP schema)
+- LDAP attributes can be overriden from the default amavis schema. Avoids
+ having to make major changes to an existing LDAP directory if different
+ attribute names already contain required policy information.
+ See README.ldap for usage details.
+
+- new map for specifying a subject tag on virus infected messages
+ virus_subject_tag2_maps. amavisVirusSubjectTag2 attribute added to
+ LDAP schema. Equivalent to: $subject_tag_maps_by_ccat{+CC_VIRUS}
+
- added a variable $myprogram_name, which defaults to a program name
(perl variable $0), but may be modified in a configuration file typically
depending on a value of $instance_name. It is used to dynamically change
@@ -10888,6 +10897,9 @@
| query_filter => '(&(objectClass=amavisAccount)(mail=%m))'
| };
+ WARNING: the information below relating to overriding LDAP attributes
+ is no longer valid, see README.ldap for the new form.
+
And then the lookups themselves:
| $virus_lovers_ldap = {res_attr => 'amavisVirusLover'};
diff -urN amavisd-new-2.7.0-pre4.ORIG/amavisd amavisd-new-2.7.0-pre4/amavisd
--- amavisd-new-2.7.0-pre4.ORIG/amavisd 2010-04-25 11:15:15.000000000 +1000
+++ amavisd-new-2.7.0-pre4/amavisd 2010-04-27 16:51:36.000000000 +1000
@@ -223,6 +223,7 @@
IO::Handle IO::File IO::Socket IO::Socket::UNIX IO::Socket::INET
IO::Stringy Digest::MD5 Unix::Syslog File::Basename
Compress::Zlib MIME::Base64 MIME::QuotedPrint MIME::Words
+ Hash::Util
MIME::Head MIME::Body MIME::Entity MIME::Parser MIME::Decoder
MIME::Decoder::Base64 MIME::Decoder::Binary MIME::Decoder::QuotedPrint
MIME::Decoder::NBit MIME::Decoder::UU MIME::Decoder::Gzip64
@@ -337,6 +338,7 @@
@bypass_virus_checks_maps @bypass_spam_checks_maps
@bypass_banned_checks_maps @bypass_header_checks_maps
@viruses_that_fake_sender_maps @virus_name_to_spam_score_maps
+ @virus_subject_tag2_maps
@remove_existing_spam_headers_maps
%final_destiny_by_ccat %lovers_maps_by_ccat
@@ -384,6 +386,7 @@
$spam_check_negative_ttl $spam_check_positive_ttl
$trim_trailing_space_in_lookup_result_fields
$enable_ldap $default_ldap
+ %ldap_attr_maps %ldap_attr_maps_mv
@keep_decoded_original_maps @map_full_type_to_short_type_maps
%banned_rules $penpals_threshold_low $penpals_threshold_high
$enable_dkim_verification $enable_dkim_signing
@@ -1530,6 +1533,7 @@
@addr_extension_bad_header_maps = (\$addr_extension_bad_header);
@debug_sender_maps = (\...@debug_sender_acl);
@remove_existing_spam_headers_maps = (\$remove_existing_spam_headers);
+ @virus_subject_tag2_maps = ( '***INFECTED*** ' ); # backwards compatibility
with %subject_tag_maps_by_ccat -> CC_VIRUS
# new variables, no backwards compatibility needed, empty by default
# @score_sender_maps, @author_to_policy_bank_maps, @signer_reputation_maps,
@@ -1592,7 +1596,7 @@
CC_BADH, sub { c('defang_bad_header') },
);
%subject_tag_maps_by_ccat = (
- CC_VIRUS, [ '***INFECTED*** ' ],
+ CC_VIRUS, sub { ca('virus_subject_tag2_maps') },
CC_BANNED, undef,
CC_UNCHECKED, sub { [ c('undecipherable_subject_tag') ] }, # not by-recip
CC_SPAM, undef,
@@ -1697,6 +1701,57 @@
);
%addr_rewrite_maps_by_ccat = ( );
+ # LDAP attribute default values for maps
+ %ldap_attr_maps = (
+ addr_extension_bad_header_maps =>
'amavisAddrExtensionBadHeader',
+ addr_extension_banned_maps => 'amavisAddrExtensionBanned',
+ addr_extension_spam_maps => 'amavisAddrExtensionSpam',
+ addr_extension_virus_maps => 'amavisAddrExtensionVirus',
+ archive_quarantine_to_maps => 'amavisArchiveQuarantineTo',
+ bad_header_admin_maps => 'amavisBadHeaderAdmin',
+ bad_header_lovers_maps => 'amavisBadHeaderLover',
+ bad_header_quarantine_to_maps => 'amavisBadHeaderQuarantineTo',
+ banned_admin_maps => 'amavisBannedAdmin',
+ banned_filename_maps => 'amavisBannedRuleNames',
+ banned_files_lovers_maps => 'amavisBannedFilesLover',
+ banned_quarantine_to_maps => 'amavisBannedQuarantineTo',
+ bypass_banned_checks_maps => 'amavisBypassBannedChecks',
+ bypass_header_checks_maps => 'amavisBypassHeaderChecks',
+ bypass_spam_checks_maps => 'amavisBypassSpamChecks',
+ bypass_virus_checks_maps => 'amavisBypassVirusChecks',
+ clean_quarantine_to_maps => 'amavisCleanQuarantineTo',
+ disclaimer_options_bysender_maps => 'amavisDisclaimerOptions',
+ local_domains_maps => 'amavisLocal',
+ message_size_limit_maps => 'amavisMessageSizeLimit',
+ newvirus_admin_maps => 'amavisNewVirusAdmin',
+ spam_admin_maps => 'amavisSpamAdmin',
+ spam_dsn_cutoff_level_maps => 'amavisSpamDsnCutoffLevel',
+ spam_kill_level_maps => 'amavisSpamKillLevel',
+ spam_lovers_maps => 'amavisSpamLover',
+ spam_modifies_subj_maps => 'amavisSpamModifiesSubj',
+ spam_quarantine_cutoff_level_maps =>
'amavisSpamQuarantineCutoffLevel',
+ spam_quarantine_to_maps => 'amavisSpamQuarantineTo',
+ spam_subject_tag2_maps => 'amavisSpamSubjectTag2',
+ spam_subject_tag_maps => 'amavisSpamSubjectTag',
+ spam_tag2_level_maps => 'amavisSpamTag2Level',
+ spam_tag_level_maps => 'amavisSpamTagLevel',
+ unchecked_quarantine_to_maps => 'amavisUncheckedQuarantineTo',
+ virus_admin_maps => 'amavisVirusAdmin',
+ virus_lovers_maps => 'amavisVirusLover',
+ virus_subject_tag2_maps => 'amavisVirusSubjectTag2',
+ virus_quarantine_to_maps => 'amavisVirusQuarantineTo',
+ warnbadhrecip_maps => 'amavisWarnBadHeaderRecip',
+ warnbannedrecip_maps => 'amavisWarnBannedRecip',
+ warnvirusrecip_maps => 'amavisWarnVirusRecip',
+ );
+ %ldap_attr_maps_mv = (
+ blacklist_sender_maps => 'amavisBlacklistSender',
+ whitelist_sender_maps => 'amavisWhitelistSender',
+ );
+ # Lock the keys to reduce the chance of a configuration file override error
+ Hash::Util::lock_keys(%ldap_attr_maps);
+ Hash::Util::lock_keys(%ldap_attr_maps_mv);
+
} # end BEGIN - init_tertiary
@@ -1826,6 +1880,7 @@
@addr_extension_virus_maps @addr_extension_spam_maps
@addr_extension_banned_maps @addr_extension_bad_header_maps
@spam_notifyadmin_cutoff_level_maps
+ @virus_subject_tag2_maps
))
{
my($g) = $varname; $g =~ s...@}{amavis::Conf::}; # qualified variable name
@@ -10370,55 +10425,46 @@
# B1: boolean, nonexistent field treated as true
my $lf = sub{Amavis::Lookup::LDAPattr->new($ldap_lookups,@_)};
- unshift(@Amavis::Conf::local_domains_maps, $lf->('amavisLocal',
'B1'));
-
- unshift(@Amavis::Conf::virus_lovers_maps,
$lf->('amavisVirusLover', 'B-'));
- unshift(@Amavis::Conf::spam_lovers_maps,
$lf->('amavisSpamLover', 'B-'));
- unshift(@Amavis::Conf::banned_files_lovers_maps,
$lf->('amavisBannedFilesLover', 'B-'));
- unshift(@Amavis::Conf::bad_header_lovers_maps,
$lf->('amavisBadHeaderLover', 'B-'));
-
- unshift(@Amavis::Conf::bypass_virus_checks_maps,
$lf->('amavisBypassVirusChecks', 'B-'));
- unshift(@Amavis::Conf::bypass_spam_checks_maps,
$lf->('amavisBypassSpamChecks', 'B-'));
-
unshift(@Amavis::Conf::bypass_banned_checks_maps,$lf->('amavisBypassBannedChecks',
'B-'));
-
unshift(@Amavis::Conf::bypass_header_checks_maps,$lf->('amavisBypassHeaderChecks',
'B-'));
-
- unshift(@Amavis::Conf::spam_tag_level_maps,
$lf->('amavisSpamTagLevel', 'N-'));
- unshift(@Amavis::Conf::spam_tag2_level_maps,
$lf->('amavisSpamTag2Level', 'N-'));
- unshift(@Amavis::Conf::spam_kill_level_maps,
$lf->('amavisSpamKillLevel', 'N-'));
-
unshift(@Amavis::Conf::spam_dsn_cutoff_level_maps,$lf->('amavisSpamDsnCutoffLevel','N-'));
-
unshift(@Amavis::Conf::spam_quarantine_cutoff_level_maps,$lf->('amavisSpamQuarantineCutoffLevel','N-'));
-
- unshift(@Amavis::Conf::spam_modifies_subj_maps,
$lf->('amavisSpamModifiesSubj', 'B-'));
- unshift(@Amavis::Conf::spam_subject_tag_maps,
$lf->('amavisSpamSubjectTag', 'S-'));
- unshift(@Amavis::Conf::spam_subject_tag2_maps,
$lf->('amavisSpamSubjectTag2', 'S-'));
-
- unshift(@Amavis::Conf::virus_quarantine_to_maps,
$lf->('amavisVirusQuarantineTo', 'S-'));
- unshift(@Amavis::Conf::spam_quarantine_to_maps,
$lf->('amavisSpamQuarantineTo', 'S-'));
- unshift(@Amavis::Conf::banned_quarantine_to_maps,
$lf->('amavisBannedQuarantineTo','S-'));
- unshift(@Amavis::Conf::unchecked_quarantine_to_maps,
$lf->('amavisUncheckedQuarantineTo','S-'));
- unshift(@Amavis::Conf::bad_header_quarantine_to_maps,
$lf->('amavisBadHeaderQuarantineTo', 'S-'));
- unshift(@Amavis::Conf::clean_quarantine_to_maps,
$lf->('amavisCleanQuarantineTo', 'S-'));
- unshift(@Amavis::Conf::archive_quarantine_to_maps,
$lf->('amavisArchiveQuarantineTo', 'S-'));
- unshift(@Amavis::Conf::message_size_limit_maps,
$lf->('amavisMessageSizeLimit', 'N-'));
-
- unshift(@Amavis::Conf::addr_extension_virus_maps,
$lf->('amavisAddrExtensionVirus', 'S-'));
- unshift(@Amavis::Conf::addr_extension_spam_maps,
$lf->('amavisAddrExtensionSpam', 'S-'));
- unshift(@Amavis::Conf::addr_extension_banned_maps,
$lf->('amavisAddrExtensionBanned','S-'));
- unshift(@Amavis::Conf::addr_extension_bad_header_maps,
$lf->('amavisAddrExtensionBadHeader','S-'));
-
- unshift(@Amavis::Conf::warnvirusrecip_maps,
$lf->('amavisWarnVirusRecip', 'B-'));
- unshift(@Amavis::Conf::warnbannedrecip_maps,
$lf->('amavisWarnBannedRecip', 'B-'));
- unshift(@Amavis::Conf::warnbadhrecip_maps,
$lf->('amavisWarnBadHeaderRecip', 'B-'));
-
- unshift(@Amavis::Conf::newvirus_admin_maps,
$lf->('amavisNewVirusAdmin', 'S-'));
- unshift(@Amavis::Conf::virus_admin_maps,
$lf->('amavisVirusAdmin', 'S-'));
- unshift(@Amavis::Conf::spam_admin_maps,
$lf->('amavisSpamAdmin', 'S-'));
- unshift(@Amavis::Conf::banned_admin_maps,
$lf->('amavisBannedAdmin', 'S-'));
- unshift(@Amavis::Conf::bad_header_admin_maps,
$lf->('amavisBadHeaderAdmin', 'S-'));
-
- unshift(@Amavis::Conf::banned_filename_maps,
$lf->('amavisBannedRuleNames', 'S-'));
- unshift(@Amavis::Conf::disclaimer_options_bysender_maps,
-
$lf->('amavisDisclaimerOptions', 'S-'));
+ unshift(@Amavis::Conf::addr_extension_bad_header_maps,
$lf->($Amavis::Conf::ldap_attr_maps{addr_extension_bad_header_maps}, 'S-'));
+ unshift(@Amavis::Conf::addr_extension_banned_maps,
$lf->($Amavis::Conf::ldap_attr_maps{addr_extension_banned_maps}, 'S-'));
+ unshift(@Amavis::Conf::addr_extension_spam_maps,
$lf->($Amavis::Conf::ldap_attr_maps{addr_extension_spam_maps}, 'S-'));
+ unshift(@Amavis::Conf::addr_extension_virus_maps,
$lf->($Amavis::Conf::ldap_attr_maps{addr_extension_virus_maps}, 'S-'));
+ unshift(@Amavis::Conf::archive_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{archive_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::bad_header_admin_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bad_header_admin_maps}, 'S-'));
+ unshift(@Amavis::Conf::bad_header_lovers_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bad_header_lovers_maps}, 'B-'));
+ unshift(@Amavis::Conf::bad_header_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bad_header_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::banned_admin_maps,
$lf->($Amavis::Conf::ldap_attr_maps{banned_admin_maps}, 'S-'));
+ unshift(@Amavis::Conf::banned_filename_maps,
$lf->($Amavis::Conf::ldap_attr_maps{banned_filename_maps}, 'S-'));
+ unshift(@Amavis::Conf::banned_files_lovers_maps,
$lf->($Amavis::Conf::ldap_attr_maps{banned_files_lovers_maps}, 'B-'));
+ unshift(@Amavis::Conf::banned_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{banned_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::bypass_banned_checks_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bypass_banned_checks_maps}, 'B-'));
+ unshift(@Amavis::Conf::bypass_header_checks_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bypass_header_checks_maps}, 'B-'));
+ unshift(@Amavis::Conf::bypass_spam_checks_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bypass_spam_checks_maps}, 'B-'));
+ unshift(@Amavis::Conf::bypass_virus_checks_maps,
$lf->($Amavis::Conf::ldap_attr_maps{bypass_virus_checks_maps}, 'B-'));
+ unshift(@Amavis::Conf::clean_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{clean_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::disclaimer_options_bysender_maps,
$lf->($Amavis::Conf::ldap_attr_maps{disclaimer_options_bysender_maps}, 'S-'));
+ unshift(@Amavis::Conf::local_domains_maps,
$lf->($Amavis::Conf::ldap_attr_maps{local_domains_maps}, 'B1'));
+ unshift(@Amavis::Conf::message_size_limit_maps,
$lf->($Amavis::Conf::ldap_attr_maps{message_size_limit_maps}, 'N-'));
+ unshift(@Amavis::Conf::newvirus_admin_maps,
$lf->($Amavis::Conf::ldap_attr_maps{newvirus_admin_maps}, 'S-'));
+ unshift(@Amavis::Conf::spam_admin_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_admin_maps}, 'S-'));
+ unshift(@Amavis::Conf::spam_dsn_cutoff_level_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_dsn_cutoff_level_maps}, 'N-'));
+ unshift(@Amavis::Conf::spam_kill_level_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_kill_level_maps}, 'N-'));
+ unshift(@Amavis::Conf::spam_lovers_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_lovers_maps}, 'B-'));
+ unshift(@Amavis::Conf::spam_modifies_subj_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_modifies_subj_maps}, 'B-'));
+ unshift(@Amavis::Conf::spam_quarantine_cutoff_level_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_quarantine_cutoff_level_maps}, 'N-'));
+ unshift(@Amavis::Conf::spam_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::spam_subject_tag2_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_subject_tag2_maps}, 'S-'));
+ unshift(@Amavis::Conf::spam_subject_tag_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_subject_tag_maps}, 'S-'));
+ unshift(@Amavis::Conf::spam_tag2_level_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_tag2_level_maps}, 'N-'));
+ unshift(@Amavis::Conf::spam_tag_level_maps,
$lf->($Amavis::Conf::ldap_attr_maps{spam_tag_level_maps}, 'N-'));
+ unshift(@Amavis::Conf::unchecked_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{unchecked_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::virus_admin_maps,
$lf->($Amavis::Conf::ldap_attr_maps{virus_admin_maps}, 'S-'));
+ unshift(@Amavis::Conf::virus_lovers_maps,
$lf->($Amavis::Conf::ldap_attr_maps{virus_lovers_maps}, 'B-'));
+ unshift(@Amavis::Conf::virus_quarantine_to_maps,
$lf->($Amavis::Conf::ldap_attr_maps{virus_quarantine_to_maps}, 'S-'));
+ unshift(@Amavis::Conf::virus_subject_tag2_maps,
$lf->($Amavis::Conf::ldap_attr_maps{virus_subject_tag2_maps}, 'S-'));
+ unshift(@Amavis::Conf::warnbadhrecip_maps,
$lf->($Amavis::Conf::ldap_attr_maps{warnbadhrecip_maps}, 'B-'));
+ unshift(@Amavis::Conf::warnbannedrecip_maps,
$lf->($Amavis::Conf::ldap_attr_maps{warnbannedrecip_maps}, 'B-'));
+ unshift(@Amavis::Conf::warnvirusrecip_maps,
$lf->($Amavis::Conf::ldap_attr_maps{warnvirusrecip_maps}, 'B-'));
section_time('ldap-prepare');
}
if (defined $sql_lookups && !$implicit_maps_inserted) {
@@ -16279,7 +16325,7 @@
BEGIN {
require Exporter;
use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $VERSION
- $ldap_sys_default @ldap_attrs @mv_ldap_attrs);
+ $ldap_sys_default @ldap_attrs @mv_ldap_attrs $key);
$VERSION = '2.211';
@ISA = qw(Exporter);
import Amavis::Conf qw(:platform :confvars c cr ca);
@@ -16294,22 +16340,22 @@
query_filter => '(&(objectClass=amavisAccount)(mail=%m))',
};
- @ldap_attrs = qw(amavisVirusLover amavisSpamLover amavisBannedFilesLover
- amavisBadHeaderLover amavisBypassVirusChecks amavisBypassSpamChecks
- amavisBypassBannedChecks amavisBypassHeaderChecks amavisSpamTagLevel
- amavisSpamTag2Level amavisSpamKillLevel
- amavisSpamDsnCutoffLevel amavisSpamQuarantineCutoffLevel
- amavisSpamSubjectTag amavisSpamSubjectTag2 amavisSpamModifiesSubj
- amavisVirusQuarantineTo amavisSpamQuarantineTo amavisBannedQuarantineTo
- amavisBadHeaderQuarantineTo amavisArchiveQuarantineTo
- amavisBlacklistSender amavisWhitelistSender
- amavisLocal amavisMessageSizeLimit amavisWarnVirusRecip
- amavisWarnBannedRecip amavisWarnBadHeaderRecip amavisVirusAdmin
- amavisNewVirusAdmin amavisSpamAdmin amavisBannedAdmin
- amavisBadHeaderAdmin amavisBannedRuleNames amavisDisclaimerOptions
- );
+ # single valued LDAP attribute, all future comparisons done lc()
+ @ldap_attrs = ();
+ foreach $key (sort keys %Amavis::Conf::ldap_attr_maps) {
+ $Amavis::Conf::ldap_attr_maps{$key} =
lc($Amavis::Conf::ldap_attr_maps{$key});
+ push(@ldap_attrs, $Amavis::Conf::ldap_attr_maps{$key});
+ }
- @mv_ldap_attrs = qw(amavisBlacklistSender amavisWhitelistSender);
+ # multi valued LDAP attributes, all future comparsions done lc()
+ # - separate array for MV attributes to quickly establish MV or SV
+ # - MV attrs need to be added to master list of attributes, ldap_attrs
+ @mv_ldap_attrs = ();
+ foreach $key (sort keys %Amavis::Conf::ldap_attr_maps_mv) {
+ $Amavis::Conf::ldap_attr_maps_mv{$key} =
lc($Amavis::Conf::ldap_attr_maps_mv{$key});
+ push(@mv_ldap_attrs, $Amavis::Conf::ldap_attr_maps_mv{$key});
+ push(@ldap_attrs, $Amavis::Conf::ldap_attr_maps_mv{$key});
+ }
}
sub new {
@@ -16420,11 +16466,12 @@
$match->{dn} = $entry->dn;
for my $attr (@ldap_attrs) {
my($value);
- do_log(9,'lookup_ldap: reading attribute "%s" from object', $attr);
$attr = lc($attr);
if ($mv_ldap_attrs{$attr}) { # multivalued
+ do_log(9,'lookup_ldap: reading multi-valued attribute "%s" from
object', $attr);
$value = $entry->get_value($attr, asref => 1);
} else {
+ do_log(9,'lookup_ldap: reading singlevalued attribute "%s" from
object', $attr);
$value = $entry->get_value($attr);
}
$match->{$attr} = $value if defined $value;
@@ -22364,7 +22411,7 @@
do_log(5,'wbl: (LDAP) query keys: %s', join(',
',map{"\"$_\""}...@keys));
$wblist = lookup(0,$recip,Amavis::Lookup::LDAPattr->new(
- $ldap_lookups,'amavisBlacklistSender','L-'));
+
$ldap_lookups,$Amavis::Conf::ldap_attr_maps_mv{blacklist_sender_maps},'L-'));
for my $key (@keys) {
if (grep {lc($_) eq lc($key)} @$wblist) {
$found=1; $wb = -1; $br = $recip; $any_b++;
@@ -22374,7 +22421,7 @@
}
}
$wblist = lookup(0,$recip,Amavis::Lookup::LDAPattr->new(
- $ldap_lookups,'amavisWhitelistSender','L-'));
+
$ldap_lookups,$Amavis::Conf::ldap_attr_maps_mv{whitelist_sender_maps},'L-'));
for my $key (@keys) {
if (grep {lc($_) eq lc($key)} @$wblist) {
$found=1; $wb = +1; $wr = $recip; $any_w++;
------------------------------------------------------------------------------
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
