From a3437bcd185d533199ebd7c3e0f69b816cc904af Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 14 Jul 2009 10:18:25 +0200
Subject: [PATCH] Add mailContentInspectionAction attribute.  Possible values
 are reject, blackhole and markup.

---
 debian/changelog           |  4 +++-
 ud-generate                | 23 ++++++++++++-----------
 ud-info                    |  2 ++
 ud-mailgate                |  2 ++
 userdir-ldap-slapd.conf.in |  2 +-
 userdir-ldap.schema        | 13 +++++++++++--
 6 files changed, 31 insertions(+), 15 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 13abc52..a821a90 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,8 +13,10 @@ userdir-ldap (0.3.66+XX) unstable; urgency=low
   [ Peter Palfrader ]
   * .debian.net DNS creates BSMTP maps for MX 0 master in addition to gluck.
   * Remove mailSpamOptOut ldap attribute - it isn't used anywhere.
+  * schema, ud-info, ud-mailgate, ud-generate: Add mailContentInspectionAction
+    attribute.  Possible values are reject, blackhole and markup.
 
- -- Peter Palfrader <weasel@debian.org>  Tue, 14 Jul 2009 09:32:25 +0200
+ -- Peter Palfrader <weasel@debian.org>  Tue, 14 Jul 2009 09:57:36 +0200
 
 userdir-ldap (0.3.66) unstable; urgency=low
 
diff --git a/ud-generate b/ud-generate
index 633a5d9..56ce036 100755
--- a/ud-generate
+++ b/ud-generate
@@ -511,26 +511,24 @@ def GenForward(File):
       raise
    Done(File, F, None)
 
-def GenAllForward(File):
+def GenCDB(File, Key):
    Fdb = None
    try:
       OldMask = os.umask(0022)
       Fdb = os.popen("cdbmake %s %s.tmp"%(File, File), "w")
       os.umask(OldMask)
-     
+
       # Fetch all the users
       global DebianUsers
-     
+
       # Write out the email address for each user
       for x in DebianUsers:
-         if x[1].has_key("emailForward") == 0:
+         if not Key in x[1]:
             continue
-     
-         Forward = GetAttr(x, "emailForward")
-     
+         Value = GetAttr(x, Key)
          User = GetAttr(x, "uid")
-         Fdb.write("+%d,%d:%s->%s\n" % (len(User), len(Forward), User, Forward))
-  
+         Fdb.write("+%d,%d:%s->%s\n" % (len(User), len(Value), User, Value))
+
       Fdb.write("\n")
    # Oops, something unspeakable happened.
    except:
@@ -1025,7 +1023,8 @@ PasswdAttrs = l.search_s(BaseDn, ldap.SCOPE_ONELEVEL, "uid=*",\
                  "allowedHost", "sshRSAAuthKey", "dnsZoneEntry", "cn", "sn",\
                  "keyFingerPrint", "privateSub", "mailDisableMessage",\
                  "mailGreylisting", "mailCallout", "mailRBL", "mailRHSBL",\
-                 "mailWhitelist", "sudoPassword", "objectClass", "accountStatus"])
+                 "mailWhitelist", "sudoPassword", "objectClass", "accountStatus",\
+                 "mailContentInspectionAction"])
 
 if PasswdAttrs is None:
    raise UDEmptyList, "No Users"
@@ -1051,7 +1050,8 @@ DebianUsers = PasswdAttrs
 CheckForward()
 
 GenMailDisable(GlobalDir + "mail-disable")
-GenAllForward(GlobalDir + "mail-forward.cdb")
+GenCDB(GlobalDir + "mail-forward.cdb", 'emailForward')
+GenCDB(GlobalDir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction')
 GenPrivate(GlobalDir + "debian-private")
 #GenSSHKnown(l,GlobalDir+"authorized_keys", 'authorized_keys')
 GenMailBool(GlobalDir + "mail-greylist", "mailGreylisting")
@@ -1131,6 +1131,7 @@ while(1):
    if not ExtraList.has_key("[NOMARKERS]"):
       DoLink(GlobalDir, OutDir, "markers")
    DoLink(GlobalDir, OutDir, "mail-forward.cdb")
+   DoLink(GlobalDir, OutDir, "mail-contentinspectionaction.cdb")
    DoLink(GlobalDir, OutDir, "mail-disable")
    DoLink(GlobalDir, OutDir, "mail-greylist")
    DoLink(GlobalDir, OutDir, "mail-callout")
diff --git a/ud-info b/ud-info
index 60ea404..228e284 100755
--- a/ud-info
+++ b/ud-info
@@ -76,6 +76,7 @@ AttrInfo = {"cn": ["First Name", 101],
             "mailRBL": ["Mail RBLs",22],
             "mailRHSBL": ["Mail RHSBLs",23],
             "mailWhitelist": ["Mail Whitelist",24],
+	    "mailContentInspectionAction": ["mail C-I Action",25],
 	    "VoIP": ["VoIP Address",26],
 	    "comment": ["Comment",116],
 	    "userPassword": ["Crypted Password",117],
@@ -110,6 +111,7 @@ AttrPrompt = {"cn": ["Common name or first name"],
               "mailRBL": ["SMTP time RBL lists"],
               "mailRHSBL": ["SMTP time RHSBL lists"],
               "mailWhitelist": ["SMTP time whitelist from other checks"],
+              "mailContentInspectionAction": ["Content Inspection Action (reject, blackhole, markup)"],
               "member": ["LDAP Group Member for slapd ACLs"],
 	      "latitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"],
 	      "longitude": ["XEarth latitude in ISO 6709 format - see /usr/share/zoneinfo/zone.tab or etak.com"],
diff --git a/ud-mailgate b/ud-mailgate
index 3ca7f81..533800c 100755
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -65,6 +65,7 @@ ArbChanges = {"c": "..",
 	      "mailCallout": "^(TRUE|FALSE)$",
 	      "VoIP": ".*",
 	      "gender": "^(1|2|9|male|female|unspecified)$",
+         "mailContentInspectionAction": "^(reject|blackhole|markup)$",
 };
 
 DelItems = {"c": None,
@@ -92,6 +93,7 @@ DelItems = {"c": None,
             "mailWhitelist": None,
             "mailDisableMessage": None,
             "VoIP": None,
+            "mailContentInspectionAction": None,
             };
 
 
diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 18c9a24..f586e39 100644
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -42,7 +42,7 @@ access to attrs=activity-pgp,activity-from,dnsZoneEntry
 	by * none
 
 # owner writeable, debian readable, authenticated user readable
-access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist
+access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction
 	by group="cn=LDAP Administrator,ou=users,@@DN@@" write
 	by dn="uid=sshdist,ou=users,@@DN@@" write
 	by self write
diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index f79c7e3..35df6da 100644
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -103,6 +103,7 @@
 #   .35 - VoIP
 #   .36 - sudoPassword
 #   .37 - subGroup
+#   .38 - mailContentInspectionAction
 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper
@@ -480,6 +481,14 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.4.13
 	SUBSTR caseIgnoreIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
+	NAME 'mailContentInspectionAction'
+	DESC 'what to do on content inspection hits'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+
 # Experimental objectclasses:
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
@@ -493,7 +502,7 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
 	      jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
 	      onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
 	      access $ gender $ birthDate $ mailCallout $ mailGreylisting $
-              mailRBL $ mailRHSBL $ mailWhitelist $ VoIP
+              mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction
 	) )
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
@@ -512,5 +521,5 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
 	SUP account STRUCTURAL
 	MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
 	      mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
-	      mailWhitelist $ dnsZoneEntry
+	      mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction
 	) )
-- 
2.20.1