Menu
▾
▴
[AMaViS-user] patch: specify ldap attributes in configuration file + virus_subject_tag2_maps
|
From: Martin F. F. <mar...@ne...> - 2010-03-03 22:59:50
|
Hello list,
I used to patch amavis to use custom ldap attributes. I figured it
would be a better idea in the long run to allow these to be overiden in
the configuration file, and contribute the changes to the project in the
attached patch.
patch feature 1: specify ldap attribute in configuration file
----------------------------------------------------------------
The patch applies to amavisd, and updates RELEASE_NOTES + README.ldap
for usage specifics.
patch feature 2: add map virus_subject_tag2_maps
------------------------------------------------
the patch also exposes $subject_tag_maps_by_ccat{+CC_VIRUS} as new map
virus_subject_tag2_maps for consistency with spam_subject_tag2_maps.
LDAP.schema is updated to match.
RELEASE_NOTES changes:
NEW FEATURES SUMMARY
- LDAP attributes can be overriden from the default amavis schema. Avoids
having to make major changes to an existing LDAP directory if different
attribute names already contain required policy information.
See README.ldap for usage details.
- new map for specifying a subject tag on virus infected messages
virus_subject_tag2_maps. amavisVirusSubjectTag2 attribute added to
LDAP schema. Equivalent to: $subject_tag_maps_by_ccat{+CC_VIRUS}
I have placed a warning in the release notes regarding the original
documentation on specifying different ldap attributes, which hasn't been valid for a while (amavisd-new
2.4.x or so?):
$virus_lovers_ldap = {res_attr => 'amavisVirusLover'}; # don't do this, no effect
README.ldap changes:
Using custom LDAP attributes
----------------------------
This readme uses the default amavis attribute names, from the default amavis
LDAP schema. In order to facilitate integrating amavis into
environments where
required policy information is already be stored in a directory, but under
different attribute names, a facility is provided to specify a custom
attribute
name for a given amavis map.
The attributes used for a given map lookup are overriden by setting the
%ldap_attr (single-valued attributes) and %ldap_attr_mv (multi-valued
attributes) hashes in the configuration file.
Again take note that it is not the default attribute name that is specified,
but the amavis map name. (below: spam_tag2_level_maps, not
amavisSpamTag2Level)
examples:
single-valued example, specify in configuration file after enabling ldap.
use "spamThreshold" attribute instead of default "amavisSpamTag2Level":
$ldap_attr_maps{spam_tag2_level_maps} = "spamThreshold";
multi-valued example,
use "senderWhitelist" attribute instead of default "amavisWhitelistSender":
$ldap_attr_maps_mv{whitelist_sender_maps} = "senderWhitelist";
Amavis maps, LDAP attribute field type, default LDAP attribute name
-------------------------------------------------------------------
A helper table of all amavis maps that can be looked up per-use in LDAP,
the attribute field type for these maps, and the default LDAP attribute name
used in the lookup.
attribute field types, from amavis source:
B=boolean, N=numeric, S=string, L=list
B-, N-, S-, L- returns undef if field does not exist
B0: boolean, nonexistent field treated as false,
B1: boolean, nonexistent field treated as true
amavis map, single value default LDAP attribute field type
--------------------------------- ------------------------------- ----------
archive_quarantine_to_maps amavisArchiveQuarantineTo S-
bad_header_admin_maps amavisBadHeaderAdmin S-
bad_header_lovers_maps amavisBadHeaderLover B-
bad_header_quarantine_to_maps amavisBadHeaderQuarantineTo S-
banned_admin_maps amavisBannedAdmin S-
banned_filename_maps amavisBannedRuleNames S-
banned_files_lovers_maps amavisBannedFilesLover B-
banned_quarantine_to_maps amavisBannedQuarantineTo S-
bypass_banned_checks_maps amavisBypassBannedChecks B-
bypass_header_checks_maps amavisBypassHeaderChecks B-
bypass_spam_checks_maps amavisBypassSpamChecks B-
bypass_virus_checks_maps amavisBypassVirusChecks B-
clean_quarantine_to_maps amavisCleanQuarantineTo S-
local_domains_maps amavisLocal B1
message_size_limit_maps amavisMessageSizeLimit N-
newvirus_admin_maps amavisNewVirusAdmin S-
spam_admin_maps amavisSpamAdmin S-
spam_dsn_cutoff_level_maps amavisSpamDsnCutoffLevel N-
spam_kill_level_maps amavisSpamKillLevel N-
spam_lovers_maps amavisSpamLover B-
spam_modifies_subj_maps amavisSpamModifiesSubj B-
spam_quarantine_cutoff_level_maps amavisSpamQuarantineCutoffLevel N-
spam_quarantine_to_maps amavisSpamQuarantineTo S-
spam_subject_tag2_maps amavisSpamSubjectTag2 S-
spam_subject_tag_maps amavisSpamSubjectTag S-
spam_tag2_level_maps amavisSpamTag2Level N-
spam_tag_level_maps amavisSpamTagLevel N-
virus_admin_maps amavisVirusAdmin S-
virus_lovers_maps amavisVirusLover B-
virus_quarantine_to_maps amavisVirusQuarantineTo S-
virus_subject_tag2_maps amavisVirusSubjectTag2 S-
warnbadhrecip_maps amavisWarnBadHeaderRecip B-
warnbannedrecip_maps amavisWarnBannedRecip B-
warnvirusrecip_maps amavisWarnVirusRecip B-
amavis map, multiple values default LDAP attribute field type
--------------------------------- ------------------------------- ----------
blacklist_sender_maps amavisBlacklistSender L-
whitelist_sender_maps amavisWhitelistSender L-
Feedback welcome, of course.
-Martin Foster
mar...@ne...
|
