From 275e584bed9af8f5ed68b282b1fb0e056ee09623 Mon Sep 17 00:00:00 2001 From: Dominik Chilla Date: Wed, 17 Apr 2019 23:19:08 +0200 Subject: [PATCH] not worth a push --- app/ldap-acl-milter.py | 17 +++++++++-------- docker/debian/Dockerfile | 1 + 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/app/ldap-acl-milter.py b/app/ldap-acl-milter.py index af1712f..eeae860 100644 --- a/app/ldap-acl-milter.py +++ b/app/ldap-acl-milter.py @@ -114,14 +114,15 @@ class LdapAclMilter(Milter.Base): pass else: # Authentication hierarchy! - # 1. SASL authenticated - # TODO: if auth_type sasl_user, check if authenticated user matches sasl_user and - # TODO: check if sender/recipient pair match - # 2. Client-IP authenticated - # TODO: if auth_type client_addr, check if client-ip matches client_addr - # TODO: check if sender/recipient pair match - # 3. not authenticated - # TODO: ldap-search with excluded sasl_user and client_addr attributes! + # 1. x509 client certificate + # 2. SASL authenticated + # if auth_type sasl_user, check if authenticated user matches sasl_user and + # check if sender/recipient pair match + # 3. Client-IP authenticated + # if auth_type client_addr, check if client-ip matches client_addr + # check if sender/recipient pair match + # 4. not authenticated + # ldap-search with excluded sasl_user and client_addr attributes! self.ldap_conn.search(g_ldap_base, "(&(allowedRcpts="+to+")(allowedSenders="+self.env_from+"))" ) diff --git a/docker/debian/Dockerfile b/docker/debian/Dockerfile index f1032b9..b077732 100644 --- a/docker/debian/Dockerfile +++ b/docker/debian/Dockerfile @@ -2,6 +2,7 @@ ARG http_proxy ARG https_proxy FROM debian LABEL maintainer="Dominik Chilla " +LABEL git_repo="https://github.com/chillout2k/ldap-acl-milter/tree/devel" ENV DEBIAN_FRONTEND=noninteractive \ TZ=Europe/Berlin