1 Topic by ict4ngo

  • ict4ngo
  • Member
  • Offline
  • Registered: 2014-11-08
  • Posts: 11

Topic: deactivate reject_sender_login_mismatch for one domain only

==== Required information ====
- iRedMail version: v2.1.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): (LDAP)
- Linux/BSD distribution name and version: ubuntu 14.04
- Related log if you're reporting an issue:
====

I would like to deactivate  reject_sender_login_mismatch for one domain only. There's the reject_sender_login_mismatch.py plugin but I need to put ALL the user from ALL the domain. It will be unmaintainable. Is it possible to do it for one domain only ?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: deactivate reject_sender_login_mismatch for one domain only

I will improve this plugin to allow you to specify a domain name to bypass whole domain. Come back to you later.

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: deactivate reject_sender_login_mismatch for one domain only

Done. Here's patch for iRedAPD-1.4.3, let me know whether or not it works for you.

--- reject_sender_login_mismatch.py    2014-12-30 08:17:48.000000000 +0800
+++ reject_sender_login_mismatch.py.new    2014-12-30 08:22:23.000000000 +0800
@@ -6,7 +6,7 @@
 *) Please list all allowed senders in in iRedAPD config file (settings.py),
    parameter ALLOWED_LOGIN_MISMATCH_SENDERS. For example:
 
-    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
+    ALLOWED_LOGIN_MISMATCH_SENDERS = ['domain.com', 'user2@here.com']
 """
 
 import logging
@@ -26,15 +26,17 @@
 
 def restriction(**kwargs):
     sender = kwargs['sender']
+    sender_domain = kwargs['sender_domain']
     sasl_username = kwargs['sasl_username']
 
     logging.debug('Allowed SASL username: %s' % ', '.join(ALLOWED_LOGIN_MISMATCH_SENDERS))
-    logging.debug('Sender: %s, SASL username: %s' % (sender, sasl_username))
+    logging.debug('Sender: %s, SASL username: %s, domain: %s' % (sender, sasl_username, sender_domain))
 
     # Apply on outgoing emails
     if sasl_username:
         if sender != sasl_username:
-            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS:
+            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS \
+               or sender_domain in ALLOWED_LOGIN_MISMATCH_SENDERS:
                 return SMTP_ACTIONS['default']
             else:
                 # Reject with reason.

4 Reply by ict4ngo

  • ict4ngo
  • Member
  • Offline
  • Registered: 2014-11-08
  • Posts: 11

Re: deactivate reject_sender_login_mismatch for one domain only

ZhangHuangbin wrote:

Done. Here's patch for iRedAPD-1.4.3, let me know whether or not it works for you.

--- reject_sender_login_mismatch.py    2014-12-30 08:17:48.000000000 +0800
+++ reject_sender_login_mismatch.py.new    2014-12-30 08:22:23.000000000 +0800
@@ -6,7 +6,7 @@
 *) Please list all allowed senders in in iRedAPD config file (settings.py),
    parameter ALLOWED_LOGIN_MISMATCH_SENDERS. For example:
 
-    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
+    ALLOWED_LOGIN_MISMATCH_SENDERS = ['domain.com', 'user2@here.com']
 """
 
 import logging
@@ -26,15 +26,17 @@
 
 def restriction(**kwargs):
     sender = kwargs['sender']
+    sender_domain = kwargs['sender_domain']
     sasl_username = kwargs['sasl_username']
 
     logging.debug('Allowed SASL username: %s' % ', '.join(ALLOWED_LOGIN_MISMATCH_SENDERS))
-    logging.debug('Sender: %s, SASL username: %s' % (sender, sasl_username))
+    logging.debug('Sender: %s, SASL username: %s, domain: %s' % (sender, sasl_username, sender_domain))
 
     # Apply on outgoing emails
     if sasl_username:
         if sender != sasl_username:
-            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS:
+            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS \
+               or sender_domain in ALLOWED_LOGIN_MISMATCH_SENDERS:
                 return SMTP_ACTIONS['default']
             else:
                 # Reject with reason.


thanks, that was fast, let me test it I will come back with results

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: deactivate reject_sender_login_mismatch for one domain only

Above patch is not correct, please try below one instead:

--- reject_sender_login_mismatch.py    2014-12-30 08:24:03.000000000 +0800
+++ reject_sender_login_mismatch.py.new    2014-12-31 09:01:46.000000000 +0800
@@ -27,6 +27,7 @@
 def restriction(**kwargs):
     sender = kwargs['sender']
     sasl_username = kwargs['sasl_username']
+    sasl_sender_domain = sasl_username.split('@', 1)[-1]
 
     logging.debug('Allowed SASL username: %s' % ', '.join(ALLOWED_LOGIN_MISMATCH_SENDERS))
     logging.debug('Sender: %s, SASL username: %s' % (sender, sasl_username))
@@ -34,7 +35,8 @@
     # Apply on outgoing emails
     if sasl_username:
         if sender != sasl_username:
-            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS:
+            if sasl_username in ALLOWED_LOGIN_MISMATCH_SENDERS \
+               or sasl_sender_domain in ALLOWED_LOGIN_MISMATCH_SENDERS:
                 return SMTP_ACTIONS['default']
             else:
                 # Reject with reason.