Add mailContentInspectionAction attribute. Possible values are reject, blackhole...

diff --git a/debian/changelog b/debian/changelog
index 13abc52..a821a90 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,8 +13,10 @@ userdir-ldap (0.3.66+XX) unstable; urgency=low
   [ Peter Palfrader ]
   * .debian.net DNS creates BSMTP maps for MX 0 master in addition to gluck.
   * Remove mailSpamOptOut ldap attribute - it isn't used anywhere.
+  * schema, ud-info, ud-mailgate, ud-generate: Add mailContentInspectionAction
+    attribute.  Possible values are reject, blackhole and markup.
 
- -- Peter Palfrader <weasel@debian.org>  Tue, 14 Jul 2009 09:32:25 +0200
+ -- Peter Palfrader <weasel@debian.org>  Tue, 14 Jul 2009 09:57:36 +0200
 
 userdir-ldap (0.3.66) unstable; urgency=low
 

diff --git a/ud-generate b/ud-generate
index 633a5d9..56ce036 100755 (executable)
--- a/ud-generate
+++ b/ud-generate
@@ -511,26 +511,24 @@ def GenForward(File):
       raise
    Done(File, F, None)
 
-def GenAllForward(File):
+def GenCDB(File, Key):
    Fdb = None
    try:
       OldMask = os.umask(0022)
       Fdb = os.popen("cdbmake %s %s.tmp"%(File, File), "w")
       os.umask(OldMask)
-     
+
       # Fetch all the users
       global DebianUsers
-     
+
       # Write out the email address for each user
       for x in DebianUsers:
-         if x[1].has_key("emailForward") == 0:
+         if not Key in x[1]:
             continue
-     
-         Forward = GetAttr(x, "emailForward")
-     
+         Value = GetAttr(x, Key)
          User = GetAttr(x, "uid")
-         Fdb.write("+%d,%d:%s->%s\n" % (len(User), len(Forward), User, Forward))
-  
+         Fdb.write("+%d,%d:%s->%s\n" % (len(User), len(Value), User, Value))
+
       Fdb.write("\n")
    # Oops, something unspeakable happened.
    except:
@@ -1025,7 +1023,8 @@ PasswdAttrs = l.search_s(BaseDn, ldap.SCOPE_ONELEVEL, "uid=*",\
                  "allowedHost", "sshRSAAuthKey", "dnsZoneEntry", "cn", "sn",\
                  "keyFingerPrint", "privateSub", "mailDisableMessage",\
                  "mailGreylisting", "mailCallout", "mailRBL", "mailRHSBL",\
-                 "mailWhitelist", "sudoPassword", "objectClass", "accountStatus"])
+                 "mailWhitelist", "sudoPassword", "objectClass", "accountStatus",\
+                 "mailContentInspectionAction"])
 
 if PasswdAttrs is None:
    raise UDEmptyList, "No Users"
@@ -1051,7 +1050,8 @@ DebianUsers = PasswdAttrs
 CheckForward()
 
 GenMailDisable(GlobalDir + "mail-disable")
-GenAllForward(GlobalDir + "mail-forward.cdb")
+GenCDB(GlobalDir + "mail-forward.cdb", 'emailForward')
+GenCDB(GlobalDir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
 GenPrivate(GlobalDir + "debian-private")
 #GenSSHKnown(l,GlobalDir+"authorized_keys", 'authorized_keys')
 GenMailBool(GlobalDir + "mail-greylist", "mailGreylisting")
@@ -1131,6 +1131,7 @@ while(1):
    if not ExtraList.has_key("[NOMARKERS]"):
       DoLink(GlobalDir, OutDir, "markers")
    DoLink(GlobalDir, OutDir, "mail-forward.cdb")
+   DoLink(GlobalDir, OutDir, "mail-contentinspectionaction.cdb")
    DoLink(GlobalDir, OutDir, "mail-disable")
    DoLink(GlobalDir, OutDir, "mail-greylist")
    DoLink(GlobalDir, OutDir, "mail-callout")

diff --git a/ud-info b/ud-info
index 60ea404..228e284 100755 (executable)
--- a/ud-info
+++ b/ud-info
@@ -76,6 +76,7 @@ AttrInfo = {"cn": ["First Name", 101],
             "mailRBL": ["Mail RBLs",22],
             "mailRHSBL": ["Mail RHSBLs",23],
             "mailWhitelist": ["Mail Whitelist",24],
+           "mailContentInspectionAction": ["mail C-I Action",25],
            "VoIP": ["VoIP Address",26],
            "comment": ["Comment",116],
            "userPassword": ["Crypted Password",117],
@@ -110,6 +111,7 @@ AttrPrompt = {"cn": ["Common name or first name"],
               "mailRBL": ["SMTP time RBL lists"],
               "mailRHSBL": ["SMTP time RHSBL lists"],
               "mailWhitelist": ["SMTP time whitelist from other checks"],
+              "mailContentInspectionAction": ["Content Inspection Action (reject, blackhole, markup)"],
               "member": ["LDAP Group Member for slapd ACLs"],
              "latitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"],
              "longitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"],

diff --git a/ud-mailgate b/ud-mailgate
index 3ca7f81..533800c 100755 (executable)
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -65,6 +65,7 @@ ArbChanges = {"c": "..",
              "mailCallout": "^(TRUE|FALSE)$",
              "VoIP": ".*",
              "gender": "^(1|2|9|male|female|unspecified)$",
+         "mailContentInspectionAction": "^(reject|blackhole|markup)$",
 };
 
 DelItems = {"c": None,
@@ -92,6 +93,7 @@ DelItems = {"c": None,
             "mailWhitelist": None,
             "mailDisableMessage": None,
             "VoIP": None,
+            "mailContentInspectionAction": None,
             };
 
 

diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 18c9a24..f586e39 100644 (file)
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -42,7 +42,7 @@ access to attrs=activity-pgp,activity-from,dnsZoneEntry
        by * none
 
 # owner writeable, debian readable, authenticated user readable
-access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist
+access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction
        by group="cn=LDAP Administrator,ou=users,@@DN@@" write
        by dn="uid=sshdist,ou=users,@@DN@@" write
        by self write

diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index f79c7e3..35df6da 100644 (file)
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -103,6 +103,7 @@
 #   .35 - VoIP
 #   .36 - sudoPassword
 #   .37 - subGroup
+#   .38 - mailContentInspectionAction
 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper
@@ -480,6 +481,14 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.4.13
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
+       NAME 'mailContentInspectionAction'
+       DESC 'what to do on content inspection hits'
+       EQUALITY caseIgnoreIA5Match
+       SUBSTR caseIgnoreIA5SubstringsMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+
 # Experimental objectclasses:
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
@@ -493,7 +502,7 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
              jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
              onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
              access $ gender $ birthDate $ mailCallout $ mailGreylisting $
-              mailRBL $ mailRHSBL $ mailWhitelist $ VoIP
+              mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction
        ) )
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
@@ -512,5 +521,5 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
        SUP account STRUCTURAL
        MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
              mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
-             mailWhitelist $ dnsZoneEntry
+             mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction
        ) )