Add support for MacroList option
This commit is contained in:
Scott Kitterman
@@ -1,5 +1,6 @@
|
|||||||
0.9.5 UNRELEASED
|
0.9.5 UNRELEASED
|
||||||
- Beta 1 (updated Alpha -> Beta warning in README and trove classifiers)
|
- Beta 1 (updated Alpha -> Beta warning in README and trove classifiers)
|
||||||
|
- Add support for MacroList option
|
||||||
|
|
||||||
0.9.4 2018-03-09
|
0.9.4 2018-03-09
|
||||||
- Create PID directory if it is missing
|
- Create PID directory if it is missing
|
||||||
|
|||||||
@@ -74,6 +74,15 @@ class dkimMilter(Milter.Base):
|
|||||||
self.internal_connection = True
|
self.internal_connection = True
|
||||||
else: ipaddr = ''
|
else: ipaddr = ''
|
||||||
self.connectip = ipaddr
|
self.connectip = ipaddr
|
||||||
|
if milterconfig.get('MacroList') and not self.internal_connection:
|
||||||
|
macrolist = milterconfig.get('MacroList')
|
||||||
|
for macro in macrolist:
|
||||||
|
macroname = macro.split('|')[0]
|
||||||
|
macroname = '{' + macroname + '}'
|
||||||
|
macroresult = self.getsymval(macroname)
|
||||||
|
if (len(macro.split('|')) == 1 and macroresult) or macroresult in \
|
||||||
|
macro.split('|')[1:]:
|
||||||
|
self.internal_connection = True
|
||||||
if self.internal_connection:
|
if self.internal_connection:
|
||||||
connecttype = 'INTERNAL'
|
connecttype = 'INTERNAL'
|
||||||
else:
|
else:
|
||||||
@@ -99,22 +108,6 @@ class dkimMilter(Milter.Base):
|
|||||||
self.author = None
|
self.author = None
|
||||||
self.arheaders = []
|
self.arheaders = []
|
||||||
self.arresults = []
|
self.arresults = []
|
||||||
'''if self.user:
|
|
||||||
# Very simple SMTP AUTH policy by default:
|
|
||||||
# any successful authentication is considered INTERNAL
|
|
||||||
self.internal_connection = True
|
|
||||||
auth_type = self.getsymval('{auth_type}')
|
|
||||||
ssl_bits = self.getsymval('{cipher_bits}')
|
|
||||||
if milterconfig.get('Syslog'):
|
|
||||||
syslog.syslog(
|
|
||||||
"SMTP AUTH:",self.user,"sslbits =",ssl_bits, auth_type,
|
|
||||||
"ssf =",self.getsymval('{auth_ssf}'), "INTERNAL"
|
|
||||||
)
|
|
||||||
# Detailed authorization policy is configured in the access file below.
|
|
||||||
self.arresults.append(
|
|
||||||
authres.SMTPAUTHAuthenticationResult(result = 'pass',
|
|
||||||
result_comment = auth_type+' sslbits='+ssl_bits, smtp_auth = self.user)
|
|
||||||
)'''
|
|
||||||
return Milter.CONTINUE
|
return Milter.CONTINUE
|
||||||
|
|
||||||
@Milter.noreply
|
@Milter.noreply
|
||||||
|
|||||||
@@ -47,7 +47,8 @@ defaultConfigData = {
|
|||||||
'Canonicalization' : 'relaxed/simple',
|
'Canonicalization' : 'relaxed/simple',
|
||||||
'InternalHosts' : '127.0.0.1',
|
'InternalHosts' : '127.0.0.1',
|
||||||
'InternalHostsObj' : False,
|
'InternalHostsObj' : False,
|
||||||
'DiagnosticDirectory' : ''
|
'DiagnosticDirectory' : '',
|
||||||
|
'MacroList' : ''
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -335,7 +336,8 @@ def _readConfigFile(path, configData = None, configGlobal = {}):
|
|||||||
'Canonicalization' : 'str',
|
'Canonicalization' : 'str',
|
||||||
'InternalHosts' : 'dataset',
|
'InternalHosts' : 'dataset',
|
||||||
'InternalHostsObj': 'bool',
|
'InternalHostsObj': 'bool',
|
||||||
'DiagnosticDirectory' : 'str'
|
'DiagnosticDirectory' : 'str',
|
||||||
|
'MacroList' : 'dataset'
|
||||||
}
|
}
|
||||||
|
|
||||||
# check to see if it's a file
|
# check to see if it's a file
|
||||||
|
|||||||
@@ -262,6 +262,33 @@ generation (as used in dkimpy). Ignored if a
|
|||||||
.I KeyTableEd25519
|
.I KeyTableEd25519
|
||||||
is defined. [KeyTableEd25519 NOT IMPLEMENTED]
|
is defined. [KeyTableEd25519 NOT IMPLEMENTED]
|
||||||
|
|
||||||
|
.TP
|
||||||
|
.I MacroList (dataset)
|
||||||
|
Defines a set of MTA-provided
|
||||||
|
.I macros
|
||||||
|
that should be checked to see if the sender has been determined to be a
|
||||||
|
local user and therefore whether or not the message should be signed. If
|
||||||
|
a
|
||||||
|
.I value
|
||||||
|
is specified matching a macro name in the data set, the value of the macro
|
||||||
|
must match a value specified (matching is case-sensitive), otherwise the
|
||||||
|
macro must be defined but may contain any value. The set is empty by
|
||||||
|
default, meaning macros are not considered when making the sign-verify
|
||||||
|
decision. The general format of the value is
|
||||||
|
.I value1[|value2[|...]];
|
||||||
|
if one or more value is defined then the macro must be set to one of the
|
||||||
|
listed values, otherwise the macro must be set but can contain any
|
||||||
|
value.
|
||||||
|
|
||||||
|
In order for the macro and its value to be available to the filter for
|
||||||
|
checking, the MTA must send it during the protocol exchange. This is either
|
||||||
|
accomplished via manual configuration of the MTA to send the desired macros
|
||||||
|
or, for MTA/filter combinations that support the feature, the filter can
|
||||||
|
request those macros that are of interest. The latter is a feature negotiated
|
||||||
|
at the time the filter receives a connection from the MTA and its availability
|
||||||
|
depends upon the version of milter used to compile the filter and the version
|
||||||
|
of the MTA making the connection.
|
||||||
|
|
||||||
.TP
|
.TP
|
||||||
.I Mode (string)
|
.I Mode (string)
|
||||||
Selects operating modes. The string is a concatenation of characters that
|
Selects operating modes. The string is a concatenation of characters that
|
||||||
|
|||||||
@@ -55,6 +55,6 @@ setup(
|
|||||||
(os.path.join('/lib', 'systemd', 'system'),
|
(os.path.join('/lib', 'systemd', 'system'),
|
||||||
['system/dkimpy-milter.service']),(os.path.join('/etc', 'init.d'),
|
['system/dkimpy-milter.service']),(os.path.join('/etc', 'init.d'),
|
||||||
['system/dkimpy-milter'])],
|
['system/dkimpy-milter'])],
|
||||||
install_requires = ['dkimpy>=0.7', 'pymilter', 'authres>=1.1.0', 'PyNaCl', 'ipaddress', 'dns'],
|
install_requires = ['dkimpy>=0.7', 'pymilter', 'authres>=1.1.0', 'PyNaCl', 'ipaddress', 'dnspython'],
|
||||||
zip_safe = False,
|
zip_safe = False,
|
||||||
)
|
)
|
||||||
|
|||||||
Reference in New Issue
Block a user