mirror of
https://github.com/chillout2k/ldap-acl-milter.git
synced 2025-12-13 19:30:18 +00:00
96 lines
2.7 KiB
Plaintext
96 lines
2.7 KiB
Plaintext
# ldap-acl-milter https://github.com/chillout2k/ldap-acl-milter
|
|
#
|
|
# https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers
|
|
# DC IT-Consulting
|
|
# Dominik Chilla
|
|
#
|
|
# OID prefix: 1.3.6.1.4.1.53501
|
|
#
|
|
# Attributes: 1.3.6.1.4.1.53501.1.1
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.1
|
|
NAME 'policyID'
|
|
DESC 'Policy ID'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128}
|
|
SINGLE-VALUE)
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.2
|
|
NAME 'authType'
|
|
DESC 'Authentication type: sasl_user, client_addr, none'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
|
|
SINGLE-VALUE)
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.3
|
|
NAME 'allowedSenders'
|
|
DESC 'Allowed RFC5321.from'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{254})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.4
|
|
NAME 'allowedRcpts'
|
|
DESC 'Denied RFC5321.to'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{254})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.5
|
|
NAME 'deniedSenders'
|
|
DESC 'Allowed RFC5321.from'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{254})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.6
|
|
NAME 'deniedRcpts'
|
|
DESC 'Denied RFC5321.to'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{254})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.7
|
|
NAME 'allowedClientAddr'
|
|
DESC 'Allowed client IPv4/IPv6 address'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.8
|
|
NAME 'deniedClientAddr'
|
|
DESC 'Denied client IPv4/IPv6 address'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.9
|
|
NAME 'allowedSaslUser'
|
|
DESC 'Allowed SASL authentication user'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.10
|
|
NAME 'extBLOB'
|
|
DESC 'placeholder for binary extensions'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4096})
|
|
|
|
attributetype ( 1.3.6.1.4.1.53501.1.1.11
|
|
NAME 'allowedx509CN'
|
|
DESC 'Allowed x509 Common Name - CN'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64})
|
|
|
|
#
|
|
# Objects: 1.3.6.1.4.1.53501.1.2
|
|
#
|
|
objectclass ( 1.3.6.1.4.1.53501.1.2.1
|
|
NAME 'lamPolicy'
|
|
DESC 'ldap-acl-milter policy'
|
|
SUP top
|
|
STRUCTURAL
|
|
MUST ( policyID $ allowedRcpts $ allowedSenders )
|
|
MAY ( authType $ deniedSenders $ deniedRcpts $ allowedClientAddr $ deniedClientAddr $ allowedSaslUser $ extBLOB $ allowedx509CN ))
|