From 8f961658b1bcb414edd9178e760d3575a5d9f2b6 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Tue, 12 Nov 2013 12:18:36 +0100
Subject: [PATCH 01/58] Adapt perl lib path for SME9

---
 .../perl5/vendor_perl}/esmith/FormMagick/Panel/userinfo.pm                | 0
 .../perl5/vendor_perl}/esmith/FormMagick/Panel/userpanelViewgroups.pm     | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename root/usr/{lib/perl5/site_perl => share/perl5/vendor_perl}/esmith/FormMagick/Panel/userinfo.pm (100%)
 rename root/usr/{lib/perl5/site_perl => share/perl5/vendor_perl}/esmith/FormMagick/Panel/userpanelViewgroups.pm (100%)

diff --git a/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userinfo.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm
similarity index 100%
rename from root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userinfo.pm
rename to root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm
diff --git a/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm
similarity index 100%
rename from root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm
rename to root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm

From 4dcc72561d4577355bebb9608d0f032ad94634f3 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Tue, 12 Nov 2013 12:51:36 +0100
Subject: [PATCH 02/58] update spec file

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index ca63e08..5f0f3d5 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.36
+%define version 0.2.37
 %define release 1
 %define name ipasserelle-base
 
@@ -7,6 +7,7 @@ Summary: Meta-Package to turn a SME Server into an iPasserelle
 Name: %{name}
 Version: %{version}
 Release: %{release}%{?dist}
+Epoch: 9
 License: GPL
 Group: Networking/Daemons
 Source: %{name}-%{version}.tar.gz
@@ -47,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.37-1
+- New branch for SME9
+
 * Fri Nov 8 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.36-1
 - Allow placeholders in signatures templates to be removed if the
   corresponding value is empty

From b6f6e876f293c2b947b8b225d318a41400e4ece2 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 10:37:08 +0100
Subject: [PATCH 03/58] Fix qmail-notify cron

---
 createlinks                                                   | 3 ---
 root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All | 3 ---
 2 files changed, 6 deletions(-)
 delete mode 100644 root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All

diff --git a/createlinks b/createlinks
index 91b1e0a..8c28406 100644
--- a/createlinks
+++ b/createlinks
@@ -26,9 +26,6 @@ foreach my $event (qw/ipasserelle-update bootstrap-ldap-save/){
     event_link("private-cacert", "$event", "25");
 }
 
-# Activation de qmail-notify
-templates2events("/etc/cron.hourly/qmail-notify", qw(email-update bootstrap-console-save));
-
 # Desactivation des checks RAID
 templates2events("/etc/sysconfig/raid-check", qw(ipasserelle-update bootstrap-console-save));
 
diff --git a/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All b/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All
deleted file mode 100644
index 2657edc..0000000
--- a/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg
-

From a9ba1df1ba061a467d305d6a45d0120ba68a7a30 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 10:38:19 +0100
Subject: [PATCH 04/58] spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 5f0f3d5..5278718 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.37
+%define version 0.2.38
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.38-1
+- Fix qmail-notify cron
+
 * Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.37-1
 - New branch for SME9
 

From 94bb024fa2c575fd1daf7c2cc2a4e4b476b075bd Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 10:39:20 +0100
Subject: [PATCH 05/58] Add missing cron file

---
 root/etc/cron.hourly/qmail-notify | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 root/etc/cron.hourly/qmail-notify

diff --git a/root/etc/cron.hourly/qmail-notify b/root/etc/cron.hourly/qmail-notify
new file mode 100644
index 0000000..9d39f57
--- /dev/null
+++ b/root/etc/cron.hourly/qmail-notify
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg

From 9fdd47a27b39ee9f8fa577acaefbca65e2b7edbd Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 13:49:24 +0100
Subject: [PATCH 06/58] Really fix qmail-notify cron

---
 createlinks                                                      | 4 ++++
 ipasserelle-base.spec                                            | 1 -
 root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify | 1 +
 root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All    | 1 +
 4 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify
 create mode 100644 root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All

diff --git a/createlinks b/createlinks
index 8c28406..041914f 100644
--- a/createlinks
+++ b/createlinks
@@ -26,6 +26,10 @@ foreach my $event (qw/ipasserelle-update bootstrap-ldap-save/){
     event_link("private-cacert", "$event", "25");
 }
 
+# Activation de qmail-notify
+safe_symlink("/etc/e-smith/templates-default/template-begin-shell", "root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/template-begin");
+templates2events("/etc/cron.hourly/qmail-notify", qw(email-update bootstrap-console-save));
+
 # Desactivation des checks RAID
 templates2events("/etc/sysconfig/raid-check", qw(ipasserelle-update bootstrap-console-save));
 
diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 5278718..77a5dac 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -288,7 +288,6 @@ perl createlinks
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
    --file /etc/cron.hourly/qpsmtpd-cleanup 'attr(0755,root,root)' \
    --file /etc/cron.monthly/maillog-rotate 'attr(0755,root,root)' \
-   --file /etc/cron.hourly/qmail-notify 'attr(0755,root,root)' \
    --file /etc/cron.hourly/cacrl 'attr(0755,root,root)' \
    --file /etc/cron.daily/purge-homes-recycle 'attr(0755,root,root)' \
    --file /etc/cron.daily/download-updates 'attr(0755,root,root)' \
diff --git a/root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify b/root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify
new file mode 100644
index 0000000..6bbf39b
--- /dev/null
+++ b/root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify
@@ -0,0 +1 @@
+PERMS=0755
diff --git a/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All b/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All
new file mode 100644
index 0000000..5d491d0
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All
@@ -0,0 +1 @@
+exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg

From cbee1dfa8bcf43babdf0a0a1f08ef03d7099814c Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 13:50:27 +0100
Subject: [PATCH 07/58] spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 77a5dac..bd4bc4f 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.38
+%define version 0.2.39
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.39-1
+- Really fix qmail-notify cron
+
 * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.38-1
 - Fix qmail-notify cron
 

From b3d6cb34f1b42083585f2a5a9a19b5e7ddd60717 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 15:47:36 +0100
Subject: [PATCH 08/58] Remove the non templated qmail-notify cron file (which
 somehow is still there)

---
 root/etc/cron.hourly/qmail-notify | 2 --
 1 file changed, 2 deletions(-)
 delete mode 100644 root/etc/cron.hourly/qmail-notify

diff --git a/root/etc/cron.hourly/qmail-notify b/root/etc/cron.hourly/qmail-notify
deleted file mode 100644
index 9d39f57..0000000
--- a/root/etc/cron.hourly/qmail-notify
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg

From df913714dddb57351acb93688b0da2702391237c Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 Dec 2013 15:56:04 +0100
Subject: [PATCH 09/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index bd4bc4f..11efc22 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.39
+%define version 0.2.40
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.40-1
+- Remove the non templated qmail-notify cron file
+
 * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.39-1
 - Really fix qmail-notify cron
 

From 7c37c312b0843875456ed5c1e7b0dd355902e514 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 20 Jan 2014 10:27:02 +0100
Subject: [PATCH 10/58] Also update LDAP email address if the order has changed
 (at least if the first address of the list is not the same)

---
 root/etc/e-smith/events/actions/update-ldap-pseudonyms | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/root/etc/e-smith/events/actions/update-ldap-pseudonyms b/root/etc/e-smith/events/actions/update-ldap-pseudonyms
index aa2ccf3..8fba291 100644
--- a/root/etc/e-smith/events/actions/update-ldap-pseudonyms
+++ b/root/etc/e-smith/events/actions/update-ldap-pseudonyms
@@ -137,10 +137,12 @@ foreach my $acct (@accounts){
     foreach my $entry ($result->all_entries()){
         push @mails, $entry->get_value('mail');
     }
+    my $oldfirst = $mails[0];
+    my $newfirst = $alias[0];
     my $alias = join('\0', sort @alias);
     my $mails = join('\0', sort @mails);
 
-    unless ($alias eq $mails){ 
+    if (($alias ne $mails) or ($oldfirst ne $newfirst)){ 
         $result = $ldap->modify(
                      "$dn=$key,ou=$ou,$base",
                          replace => {

From 1a273e616c2c3302692562e8ff083da4d70f6479 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 20 Jan 2014 10:56:53 +0100
Subject: [PATCH 11/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 11efc22..415607b 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.40
+%define version 0.2.41
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Mon Jan 20 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.41-1
+- Update email address in LDAP if the first one in the list has changed
+
 * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.40-1
 - Remove the non templated qmail-notify cron file
 

From 0e4f2b8b0257734eb0ec63335aacd146c14b834e Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 24 Jan 2014 16:22:05 +0100
Subject: [PATCH 12/58] Add a simple audit page in userinfo panel to show which
 shares are accessible for each user (read only and read/write)

---
 .../locale/fr/etc/e-smith/web/functions/userinfo   | 24 ++++++
 root/etc/e-smith/web/functions/userinfo            | 22 +++++-
 .../esmith/FormMagick/Panel/userinfo.pm            | 91 ++++++++++++++++++----
 3 files changed, 121 insertions(+), 16 deletions(-)

diff --git a/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo b/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo
index 78d9dcc..9ac1f5a 100644
--- a/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo
+++ b/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo
@@ -12,6 +12,30 @@
         <trans>Cette page vous permet de modifier certaines informations liées aux utiliseurs. Ces informations seront publiées dans l'annuaire LDAP.</trans>
     </entry>
     <entry>
+        <base>AUDIT</base>
+        <trans>Audit</trans>
+    </entry>
+    <entry>
+        <base>USER_AUDIT</base>
+        <trans>Audit Utilisateur</trans>
+    </entry>
+    <entry>
+        <base>AUDIT_DESC</base>
+        <trans>Cette page permet d'obtenir la liste des partages auxquels l'utilisateur a accès</trans>
+    </entry>
+    <entry>
+        <base>USER_LOGIN</base>
+        <trans>Identifiant</trans>
+    </entry>
+    <entry>
+        <base>SHARE_READ</base>
+        <trans>Accès en lecture</trans>
+    </entry>
+    <entry>
+        <base>SHARE_WRITE</base>
+        <trans>Accès en écriture</trans>
+    </entry>
+    <entry>
         <base>USER_MODIFIED</base>
         <trans>Utilisateur modifié avec succès</trans>
     </entry>
diff --git a/root/etc/e-smith/web/functions/userinfo b/root/etc/e-smith/web/functions/userinfo
index 7519761..7510750 100644
--- a/root/etc/e-smith/web/functions/userinfo
+++ b/root/etc/e-smith/web/functions/userinfo
@@ -7,7 +7,7 @@
 # navigation  : 2000 2100
 #----------------------------------------------------------------------
 #----------------------------------------------------------------------
-# copyright (C) 2011 Firewall-Services
+# Copyright (C) 2011-2014 Firewall-Services
 # daniel@firewall-services.com
 # 
 # This program is free software; you can redistribute it and/or modify
@@ -34,8 +34,6 @@ use esmith::FormMagick::Panel::userinfo;
 
 my $fm = esmith::FormMagick::Panel::userinfo->new();
 
-use CGI;
-my $q = new CGI;
 $fm->display();
 
 __DATA__
@@ -44,6 +42,24 @@ __DATA__
         <description>FIRSTPAGE_DESC</description>
         <subroutine src="print_user_table()" />
     </page>
+    <page name="Audit" pre-event="turn_off_buttons()">
+        <title>USER_AUDIT</title>
+        <description>AUDIT_DESC</description>
+        <field type="literal" id="acctName" value="$q->param('acctName')">
+            <label>USER_LOGIN</label>
+        </field>
+        <field type="literal" id="userName" value="get_name()">
+            <label>USER_NAME</label>
+        </field>
+        <subroutine src="print_section_bar()" />
+        <field type="literal" id="readShares" value="get_shares('read')">
+            <label>SHARE_READ</label>
+        </field>
+        <subroutine src="print_section_bar()" />
+        <field type="literal" id="writeShares" value="get_shares('write')">
+            <label>SHARE_WRITE</label>
+        </field>
+    </page>
     <page name="Modify" pre-event="turn_off_buttons()" post-event="modify_user()">
         <description>MODIFY_DESC</description>
         <field type="text" size="30" id="FirstName" validation="nonblank, pseudonym_clash"
diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm
index afae1fd..15d093a 100644
--- a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm
+++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm
@@ -1,7 +1,7 @@
 #!/usr/bin/perl -w 
 
 #---------------------------------------------------------------------
-# copyright (C) 2011 Firewall-Services
+# Copyright (C) 2011-2014 Firewall-Services
 # daniel@firewall-services.com
 # 
 # This program is free software; you can redistribute it and/or modify
@@ -27,6 +27,7 @@ use esmith::AccountsDB;
 use esmith::ConfigDB;
 use esmith::cgi;
 use esmith::util;
+use List::MoreUtils qw(uniq);
 use File::Basename;
 use Exporter;
 use Carp qw(verbose);
@@ -35,6 +36,9 @@ our @ISA = qw(esmith::FormMagick Exporter);
 
 our @EXPORT = qw(
     print_user_table
+    print_section_bar
+    get_name
+    get_shares
     get_ldap_value
     print_save_button
     get_prop
@@ -54,10 +58,6 @@ sub new {
 sub print_user_table {
     my $self = shift;
     my $q = $self->{cgi};
-    my $account = $self->localise('ACCOUNT');
-    my $acctName = $self->localise('USER_NAME');
-
-    my $modify  = $self->localise('MODIFY');
 
     my @users = $accountdb->get('admin');
     push @users, $accountdb->users();
@@ -69,23 +69,27 @@ sub print_user_table {
     print "  <tr>\n    <td colspan=\"2\">\n      ";
     print $q->start_table ({-CLASS => "sme-border"}),"\n        ";
     print $q->Tr(
-        esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
-        esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
-        esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
+        esmith::cgi::genSmallCell($q, $self->localise('ACCOUNT'),"header"),
+        esmith::cgi::genSmallCell($q, $self->localise('USER_NAME'),"header"),
+        esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4)
+    );
 
     my $scriptname = basename($0);
-    my $index=0;
 
     foreach my $u (@users) {
         my $username = $u->key();
         my $first    = $u->prop('FirstName');
         my $last     = $u->prop('LastName');
 
-        my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=Modify\">$modify</a>";
+        my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Modify\">" .
+                      $self->localise('MODIFY') . "</a>";
+        my $action2 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Audit\">" .
+                      $self->localise('AUDIT') . "</a>";
 
         print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal"),"        ",
         esmith::cgi::genSmallCell($q, "$first $last","normal"),"        ",
-        esmith::cgi::genSmallCell($q, "$action1","normal"));
+        esmith::cgi::genSmallCell($q, "$action1","normal"),"        ",
+        esmith::cgi::genSmallCell($q, "$action2","normal"));
     }
 
     print qq(</table></td></tr>\n);
@@ -93,6 +97,69 @@ sub print_user_table {
     return "";
 }
 
+sub print_section_bar{
+        my $self = shift;
+        print "  <tr>\n    <td colspan='2'>\n";
+        print "<hr class=\"sectionbar\"/>\n";
+        return undef;
+}
+
+sub get_shares {
+    my ($self, $mode) = @_;
+    my $q = $self->{cgi};
+
+    my $user = $q->param('acctName');
+
+    my @read;
+    my @write;
+
+    # Loop through all the ibays to check which ones are accessible
+    foreach my $ibay ($accountdb->ibays){
+        my $name = $ibay->key;
+        my $desc = $ibay->prop('Name');
+        my $group = $ibay->prop('Group');
+        next unless $accountdb->is_user_in_group($user, $group);
+        my $perm = $ibay->prop('UserAccess');
+        if ($perm eq 'wr-admin-rd-group'){
+            push @read, $name . " ($desc)";
+        }
+        else{
+            push @write, $name . " ($desc)";
+        }
+    }
+    # Now check shared folders
+    foreach my $share ($accountdb->get_all_by_prop(type=>'share')){
+        my $name = $share->key;
+        my $desc = $share->prop('Name');
+        foreach my $group (split /[;,]/, ($share->prop('ReadGroups') || '')){
+            push @read, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
+        }
+        foreach my $u (split /[;,]/, ($share->prop('ReadUsers') || '')){
+            push @read, $name . " ($desc)" if $user eq $u;
+        }
+        foreach my $group (split /[;,]/, ($share->prop('WriteGroups') || '')){
+            push @write, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
+        }
+        foreach my $u (split /[;,]/, ($share->prop('WriteUsers') || '')){
+            push @write, $name . " ($desc)" if $user eq $u;
+        }
+    }
+    @write = uniq @write;
+    @read = uniq @read;
+    my @tmp = ();
+    foreach my $r (@read){
+        push @tmp, $r unless grep { $r eq $_ } @write;
+    }
+    @read = @tmp;
+    my @res = ($mode eq 'write') ? @write : @read;
+    return join "<br>", @res;
+}
+
+sub get_name {
+    my ($self) = @_;
+    return get_ldap_value($self, 'FirstName') . " " . get_ldap_value($self, 'LastName');
+}
+
 sub get_ldap_value {
     my ($self, $field) = @_;
 
@@ -105,8 +172,6 @@ sub print_save_button {
 
     my ($self) = @_;
 
-    my $cgi = $self->{cgi};
-
     $self->print_button("SAVE");
 }
 

From 8dfcf0d61111feaae7a9e45e50dea031e8f466f7 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 24 Jan 2014 16:56:12 +0100
Subject: [PATCH 13/58] SPec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 415607b..3aabe41 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.41
+%define version 0.2.42
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri Jan 24 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.42-1
+- Add a simple audit page in userinfo panel
+
 * Mon Jan 20 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.41-1
 - Update email address in LDAP if the first one in the list has changed
 

From f0b7be3e8ba1f6a07f2ec25339bd5a55c63f02c2 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 12 Mar 2014 11:57:32 +0100
Subject: [PATCH 14/58] Add SPF config

---
 .../var/service/qpsmtpd/config/peers/0/30check_spf       |  5 +++++
 .../templates/var/service/tinydns/root/data/85Spf        | 16 ++++++++++++++++
 2 files changed, 21 insertions(+)
 create mode 100644 root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/30check_spf
 create mode 100644 root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf

diff --git a/root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/30check_spf b/root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/30check_spf
new file mode 100644
index 0000000..25b28da
--- /dev/null
+++ b/root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/30check_spf
@@ -0,0 +1,5 @@
+{
+    my $spf = $qpsmtpd{'CheckSPF'} || 'disabled';
+    return '' unless ($spf =~ m/^[012]$/);
+    return "sender_permitted_from spf_deny $spf";
+}
diff --git a/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf b/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
new file mode 100644
index 0000000..7153f2e
--- /dev/null
+++ b/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
@@ -0,0 +1,16 @@
+{
+  if (($qpsmtpd{RejectSpoofedLocalDomains} || 'disabled') eq 'enabled'){
+    $OUT .= "# SPF entries for local domains\n";
+    my $allowed = '';
+    foreach my $ip ( split /[;,]/, ($qpsmtpd{AllowedRemoteIP} || '')){
+      my $allowed .= 'ip4\072'.$ip.' ';
+    }
+    foreach my $domain (get_domains()){
+        $OUT .= "'$domain:v=spf1 mx $allowed-all:3600\n";
+        $OUT .= ":$domain:99:\041v=spf1 mx $allowed-all:3600\n";
+    }
+  }
+  else{
+    $OUT .= "\n";
+  }
+}

From de210a53034ea3dbcb2067eacaf0f42fa66c625a Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 12 Mar 2014 14:23:37 +0100
Subject: [PATCH 15/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 3aabe41..d513fa6 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.42
+%define version 0.2.43
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Mar 12 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.43-1
+- Add SPF support (qpsmtpd and tinydns)
+
 * Fri Jan 24 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.42-1
 - Add a simple audit page in userinfo panel
 

From c976e1ebd98e6d939d8389ffe669f17835e0c0dc Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 21 Mar 2014 16:55:05 +0100
Subject: [PATCH 16/58] Fix AllowedRemoteIP (SPF Whitelist)

---
 root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf b/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
index 7153f2e..7c3b8fc 100644
--- a/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
+++ b/root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
@@ -3,7 +3,7 @@
     $OUT .= "# SPF entries for local domains\n";
     my $allowed = '';
     foreach my $ip ( split /[;,]/, ($qpsmtpd{AllowedRemoteIP} || '')){
-      my $allowed .= 'ip4\072'.$ip.' ';
+        $allowed .= 'ip4\072'.$ip.' ';
     }
     foreach my $domain (get_domains()){
         $OUT .= "'$domain:v=spf1 mx $allowed-all:3600\n";

From 345a38b106444e297e60164e18ba496ff481bba8 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 21 Mar 2014 16:56:15 +0100
Subject: [PATCH 17/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index d513fa6..b0c0595 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.43
+%define version 0.2.44
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri Mar 21 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.44-1
+- Fix AllowedRemoteIP (SPF Whitelist)
+
 * Wed Mar 12 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.43-1
 - Add SPF support (qpsmtpd and tinydns)
 

From 64459f1b5de87c1d291a81dc2a0bc597cd0802cf Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 23 Jun 2014 22:13:24 +0200
Subject: [PATCH 18/58] Replace syslog templates-custom with rsyslog.conf
 fragment

---
 root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit

diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit b/root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit
new file mode 100644
index 0000000..4ce282e
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit
@@ -0,0 +1,3 @@
+local5.notice						/var/log/smb_audit.log
+local5.notice ~
+

From 36eb420fff172fdf8677602b86caf48a5d9aa396 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 23 Jun 2014 23:06:06 +0200
Subject: [PATCH 19/58] Remove syslog templates-custom

---
 root/etc/e-smith/templates-custom/etc/syslog.conf/local5        | 2 --
 root/etc/e-smith/templates-custom/etc/syslog.conf/local5.notice | 1 -
 2 files changed, 3 deletions(-)
 delete mode 100644 root/etc/e-smith/templates-custom/etc/syslog.conf/local5
 delete mode 100644 root/etc/e-smith/templates-custom/etc/syslog.conf/local5.notice

diff --git a/root/etc/e-smith/templates-custom/etc/syslog.conf/local5 b/root/etc/e-smith/templates-custom/etc/syslog.conf/local5
deleted file mode 100644
index 644a1b3..0000000
--- a/root/etc/e-smith/templates-custom/etc/syslog.conf/local5
+++ /dev/null
@@ -1,2 +0,0 @@
-local5.=notice					-/var/log/smb_audit.log
-local5.*;local5.!=notice			-{ "${messages}" }
diff --git a/root/etc/e-smith/templates-custom/etc/syslog.conf/local5.notice b/root/etc/e-smith/templates-custom/etc/syslog.conf/local5.notice
deleted file mode 100644
index a01fe63..0000000
--- a/root/etc/e-smith/templates-custom/etc/syslog.conf/local5.notice
+++ /dev/null
@@ -1 +0,0 @@
-# Disable default samba logging, we log into /var/log/smb_audit.log

From c44af7780b9cea95aa04b88cb33f3cf5948d70df Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 23 Jun 2014 23:06:37 +0200
Subject: [PATCH 20/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index b0c0595..f1b170f 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.44
+%define version 0.2.45
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.45-1
+- Replace syslog templates-custom with rsyslog fragment
+
 * Fri Mar 21 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.44-1
 - Fix AllowedRemoteIP (SPF Whitelist)
 

From 7b7fe1cd4c7417ff751d939eeb1734b1b7b59701 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 30 Jun 2014 16:49:19 +0200
Subject: [PATCH 21/58] Update header_access directive to request_header_access

---
 root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor b/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
index 77b2d3c..ec11b2b 100644
--- a/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
+++ b/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
@@ -6,7 +6,7 @@ unless ($fwd =~ m/^yes|enabled|on|1$/i){
     $OUT .=<<"EOF";
 
 forwarded_for off
-header_access X-Forwarded-For deny all
+request_header_access X-Forwarded-For deny all
 
 EOF
 }

From 8c392fdf5a1ba1924a6fcebff3e9aa35739e1e33 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 2 Jul 2014 09:31:45 +0200
Subject: [PATCH 22/58] Spec file update"

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index b0c0595..f067e3e 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.44
+%define version 0.2.45
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Mon Jun 30 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.45-1
+- Replace header_access directive with request_header_access
+
 * Fri Mar 21 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.44-1
 - Fix AllowedRemoteIP (SPF Whitelist)
 

From e6993a39b7d9a4740c21b3673fc9fdf339aad7a0 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 30 Jan 2015 16:17:13 +0100
Subject: [PATCH 23/58] Add --skip-broken to nightly updates downloader So
 updates are still fetch even if there's a dep issue in the transaction

---
 root/etc/cron.daily/download-updates | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/cron.daily/download-updates b/root/etc/cron.daily/download-updates
index 1978192..728a30e 100644
--- a/root/etc/cron.daily/download-updates
+++ b/root/etc/cron.daily/download-updates
@@ -1,4 +1,4 @@
 #!/bin/bash
 
-/usr/bin/yum --downloadonly -y update > /dev/null 2>&1
+/usr/bin/yum --downloadonly --skip-broken -y update > /dev/null 2>&1
 exit 0

From 9f4ac7b4ed03c1421682973e7bb0bd80b3e7f5e7 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 30 Jan 2015 16:19:58 +0100
Subject: [PATCH 24/58] Spec file update

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index f95c3ff..f395342 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.46
+%define version 0.2.47
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri Jan 30 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.47-1
+- Download updates even when a dependencie issue would prevent the
+  transaction
+
 * Mon Jun 30 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.46-1
 - Replace header_access directive with request_header_access
 

From 41aaa1592021f5a6c0aaa1b2141385bb12e1906a Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 9 Feb 2015 11:58:08 +0100
Subject: [PATCH 25/58] Add a new EmailPrimaryDomain prop to user accounts To
 control how unqualified pseudonymes are created in LDAP

---
 root/etc/e-smith/events/actions/update-ldap-pseudonyms | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/e-smith/events/actions/update-ldap-pseudonyms b/root/etc/e-smith/events/actions/update-ldap-pseudonyms
index 8fba291..a760a26 100644
--- a/root/etc/e-smith/events/actions/update-ldap-pseudonyms
+++ b/root/etc/e-smith/events/actions/update-ldap-pseudonyms
@@ -119,7 +119,7 @@ foreach my $acct (@accounts){
 
     my @alias = ();
     foreach (@pseudo){
-        $_ = $_ . "\@$domain" if $_ !~ /\@/;
+        $_ = $_ . "\@" . ($acct->prop('EmailPrimaryDomain') || $domain) if $_ !~ /\@/;
         push (@alias, unac_string(decode('utf-8',$_)));
     }
     @alias = uniq(@alias);

From edb1aceded5fae6b68b1504b3e980ace0393168e Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 9 Feb 2015 12:00:16 +0100
Subject: [PATCH 26/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index f395342..b9fd83b 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.47
+%define version 0.2.48
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Mon Feb 9 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.48-1
+- Add a EmailPrimaryDomain prop to user account
+
 * Fri Jan 30 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.47-1
 - Download updates even when a dependencie issue would prevent the
   transaction

From b7e846cb3345d8bb4e56e5a6ae4bbf312ef58a53 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 6 Jul 2015 11:35:05 +0200
Subject: [PATCH 27/58] Remove hardcoded open_files_limit for mysql And make
 the default 8192

---
 root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit | 1 +
 root/etc/e-smith/templates/etc/my.cnf/035openfiles               | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit
 delete mode 100644 root/etc/e-smith/templates/etc/my.cnf/035openfiles

diff --git a/root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit b/root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit
new file mode 100644
index 0000000..252cb66
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit
@@ -0,0 +1 @@
+8192
diff --git a/root/etc/e-smith/templates/etc/my.cnf/035openfiles b/root/etc/e-smith/templates/etc/my.cnf/035openfiles
deleted file mode 100644
index 6d52c2f..0000000
--- a/root/etc/e-smith/templates/etc/my.cnf/035openfiles
+++ /dev/null
@@ -1 +0,0 @@
-open_files_limit = 4096

From f13eaf390e926c00f58c43ac424addbe226fef28 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 6 Jul 2015 11:37:12 +0200
Subject: [PATCH 28/58] Spec file update

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index b9fd83b..7ce1eb9 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.48
+%define version 0.2.49
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Mon Jul 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.49-1
+- Remove hardcoded value for open_files_limit
+- Set the default open_files_limit to 8192
+
 * Mon Feb 9 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.48-1
 - Add a EmailPrimaryDomain prop to user account
 

From 44817a59cdc1ce9dc8ae217eeb9920c8a838732c Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 7 Aug 2015 14:22:50 +0200
Subject: [PATCH 29/58] Fix yum-plugin-downloadonly dependency

---
 ipasserelle-base.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 7ce1eb9..6e1d894 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.49
+%define version 0.2.50
 %define release 1
 %define name ipasserelle-base
 
@@ -37,7 +37,7 @@ Requires: perl(Net::LDAP)
 Requires: perl(Proc::ProcessTable)
 Requires: perl(Proc::ProcessTable::Process)
 Requires: pbzip2
-Requires: yum-downloadonly
+Requires: yum >= 3.2.29-69
 Requires: smeserver-fail2ban
 Obsoletes: smeserver-denyhosts
 Obsoletes: smeserver-mailstats
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri Aug 7 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.20-1
+- Requires recent enough yum instead of yum-downloadonly
+
 * Mon Jul 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.49-1
 - Remove hardcoded value for open_files_limit
 - Set the default open_files_limit to 8192

From 16d30204a0a17111689a016562d4fddc17635d07 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 27 Nov 2015 10:56:29 +0100
Subject: [PATCH 30/58] Ignore winnow.spam.ts.brokenspam.1 sig If you use the
 unofficial sigs

---
 root/var/clamav/ipasserelle.ign2 | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 root/var/clamav/ipasserelle.ign2

diff --git a/root/var/clamav/ipasserelle.ign2 b/root/var/clamav/ipasserelle.ign2
new file mode 100644
index 0000000..e555104
--- /dev/null
+++ b/root/var/clamav/ipasserelle.ign2
@@ -0,0 +1 @@
+winnow.spam.ts.brokenspam.1

From 02f452bb4efe069d0399ba31dca816cffd809dae Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 27 Nov 2015 10:59:41 +0100
Subject: [PATCH 31/58] Spec file update

---
 ipasserelle-base.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 6e1d894..9252e85 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.50
+%define version 0.2.51
 %define release 1
 %define name ipasserelle-base
 
@@ -48,7 +48,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
-* Fri Aug 7 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.20-1
+* Fri Nov 27 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.51-1
+- Ignore winnow.spam.ts.brokenspam.1 virus
+
+* Fri Aug 7 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.50-1
 - Requires recent enough yum instead of yum-downloadonly
 
 * Mon Jul 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.49-1

From 2f22d3fcce92ea2803027b6af9dd8d7e70c19826 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 2 Dec 2015 14:37:59 +0100
Subject: [PATCH 32/58] Spec file update

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 9252e85..625196b 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.51
+%define version 0.2.52
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Dec 2 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.52-1
+- Fix /var/clamav ownership
+
 * Fri Nov 27 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.51-1
 - Ignore winnow.spam.ts.brokenspam.1 virus
 
@@ -335,6 +338,7 @@ perl createlinks
    --dir /home/e-smith/files/scan 'attr(0750,root,shared)' \
    --dir /var/lib/qpsmtpd/greylisting 'attr(0750,qpsmtpd,qpsmtpd)' \
    --file /usr/bin/make-srv 'attr(0755,root,root)' \
+   --dir /var/clamav 'attr(0755,clamav,clamav)' \
   > %{name}-%{version}-filelist
 echo "%doc CHANGELOG.git" >> %{name}-%{version}-filelist
 

From 5659fc8ea2aa92eb1b925baa29b142516ed4fc48 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 4 Dec 2015 09:33:42 +0100
Subject: [PATCH 33/58] Define netfs service

---
 createlinks                                             | 3 +++
 root/etc/e-smith/db/configuration/defaults/netfs/status | 1 +
 root/etc/e-smith/db/configuration/defaults/netfs/type   | 1 +
 3 files changed, 5 insertions(+)
 create mode 100644 root/etc/e-smith/db/configuration/defaults/netfs/status
 create mode 100644 root/etc/e-smith/db/configuration/defaults/netfs/type

diff --git a/createlinks b/createlinks
index 041914f..1a466ef 100644
--- a/createlinks
+++ b/createlinks
@@ -61,6 +61,9 @@ service_link_enhanced("ipmi", "K74", "6");
 # Autofs
 service_link_enhanced("autofs", "S28", "7");
 service_link_enhanced("autofs", "K72", "6");
+# Netfs
+service_link_enhanced("netfs", "S25", "7");
+service_link_enhanced("netfs", "K75", "6");
 
 # Panels
 panel_link('userinfo','manager');
diff --git a/root/etc/e-smith/db/configuration/defaults/netfs/status b/root/etc/e-smith/db/configuration/defaults/netfs/status
new file mode 100644
index 0000000..7a68b11
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/netfs/status
@@ -0,0 +1 @@
+disabled
diff --git a/root/etc/e-smith/db/configuration/defaults/netfs/type b/root/etc/e-smith/db/configuration/defaults/netfs/type
new file mode 100644
index 0000000..24e1098
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/netfs/type
@@ -0,0 +1 @@
+service

From 1fb3be07ab3f7596b8f20f916fbfe279b18dd39b Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 4 Dec 2015 09:34:31 +0100
Subject: [PATCH 34/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 625196b..9618a91 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.52
+%define version 0.2.53
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri Dec 4 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.53-1
+- Define netfs service in the DB
+
 * Wed Dec 2 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.52-1
 - Fix /var/clamav ownership
 

From 74846a25bb1d513cad0f3e3c849fd63b04074654 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 23 Dec 2015 11:30:36 +0100
Subject: [PATCH 35/58] Fix home RecycleBin purge by using mtime instead of
 atime

---
 root/etc/cron.daily/purge-homes-recycle | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/root/etc/cron.daily/purge-homes-recycle b/root/etc/cron.daily/purge-homes-recycle
index ee6c992..8d25df0 100644
--- a/root/etc/cron.daily/purge-homes-recycle
+++ b/root/etc/cron.daily/purge-homes-recycle
@@ -46,8 +46,8 @@ foreach my $user ($a->get_all_by_prop(type=>'user')){
 sub remove{
     # Remove files with last modification older than $retention
     if ( -f ){
-        my $atime = stat($_)->atime;
-        (time() - $atime > $retention) && unlink($_);
+        my $mtime = stat($_)->mtime;
+        (time() - $mtime > $retention) && unlink($_);
     }
     # Remove empty directories
     elsif ( -d ){

From a4f84cd38d24650818868336e67797e5adac8656 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 23 Dec 2015 11:31:39 +0100
Subject: [PATCH 36/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 9618a91..8e93b9f 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.53
+%define version 0.2.54
 %define release 1
 %define name ipasserelle-base
 
@@ -48,6 +48,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Dec 23 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.54-1
+- FIx home RecycleBin purge by using mtime instead of atime
+
 * Fri Dec 4 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.53-1
 - Define netfs service in the DB
 

From fc137ef269110bac96f251834c414967d3d9ca77 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 13 Apr 2016 18:04:56 +0200
Subject: [PATCH 37/58] Small S-A score adjustements

---
 .../e-smith/templates/etc/mail/spamassassin/local.cf/91Scores    | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores
index a7ccdcb..ab60cb3 100644
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores
@@ -7,9 +7,9 @@ score RP_MATCHES_RCVD -0.001
 score DKIM_VALID_AU 0.1
 score T_KHOP_FOREIGN_CLICK 0.4
 score HTML_IMAGE_RATIO_02 1
-score URIBL_BLACK 2.0
-score SPF_FAIL 2
-score SPF_SOFTFAIL 1.0
+score URIBL_BLACK 2.5
+score SPF_FAIL 3
+score SPF_SOFTFAIL 1.5
 score MIME_QP_LONG_LINE 0.2
 score FREEMAIL_FROM 0.3
 score HTML_IMAGE_RATIO_06 0.4
@@ -20,7 +20,7 @@ score RAZOR2_CHECK 1.0
 score LOTS_OF_MONEY 0.8
 score SUBJECT_NEEDS_ENCODING 0.5
 score HTML_MIME_NO_HTML_TAG 0.5
-score HTML_FONT_SIZE_LARGE 0.4
+score HTML_FONT_SIZE_LARGE 0.7
 score MSGID_FROM_MTA_HEADER 0.5
 score T_DKIM_INVALID 0.8
 score FILL_THIS_FORM 1.0
@@ -31,6 +31,5 @@ score T_REMOTE_IMAGE 0.5
 score HTML_FONT_SIZE_LARGE 0.3
 score MISSING_MID 0.5
 score T_FILL_THIS_FORM_SHORT 1.0
-score BAYES_50 1.5
 score KHOP_BIG_TO_CC 1.5
 score FSL_HELO_FIREWALL 0.5

From f7b55dd28ace8646068069a9cb49cb05347c6620 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 13 Apr 2016 18:07:42 +0200
Subject: [PATCH 38/58] Add MailSpike BL to spamassassin

---
 .../etc/mail/spamassassin/local.cf/90MailSpike     | 49 ++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike
new file mode 100644
index 0000000..71bd866
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike
@@ -0,0 +1,49 @@
+# Spam sources
+header __RCVD_IN_MSPIKE eval:check_rbl('mspike-lastexternal', 'bl.mailspike.net.')
+tflags __RCVD_IN_MSPIKE net
+
+# Bad senders
+header __RCVD_IN_MSPIKE_Z eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.2$')
+describe __RCVD_IN_MSPIKE_Z Spam wave participant
+tflags __RCVD_IN_MSPIKE_Z net
+header RCVD_IN_MSPIKE_L5 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.10$')
+describe RCVD_IN_MSPIKE_L5 Very bad reputation (-5)
+tflags RCVD_IN_MSPIKE_L5 net
+header RCVD_IN_MSPIKE_L4 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.11$')
+describe RCVD_IN_MSPIKE_L4 Bad reputation (-4)
+tflags RCVD_IN_MSPIKE_L4 net
+header RCVD_IN_MSPIKE_L3 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.12$')
+describe RCVD_IN_MSPIKE_L3 Low reputation (-3)
+tflags RCVD_IN_MSPIKE_L3 net
+header RCVD_IN_MSPIKE_L2 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.13$')
+describe RCVD_IN_MSPIKE_L2 Suspicious reputation (-2)
+tflags RCVD_IN_MSPIKE_L2 net
+
+# Good senders
+header RCVD_IN_MSPIKE_H5 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.20$')
+describe RCVD_IN_MSPIKE_H5 Excellent reputation (+5)
+tflags RCVD_IN_MSPIKE_H5 nice net
+header RCVD_IN_MSPIKE_H4 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.19$')
+describe RCVD_IN_MSPIKE_H4 Very Good reputation (+4)
+tflags RCVD_IN_MSPIKE_H4 nice net
+header RCVD_IN_MSPIKE_H3 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.18$')
+describe RCVD_IN_MSPIKE_H3 Good reputation (+3)
+tflags RCVD_IN_MSPIKE_H3 nice net
+header RCVD_IN_MSPIKE_H2 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.17$')
+describe RCVD_IN_MSPIKE_H2 Average reputation (+2)
+tflags RCVD_IN_MSPIKE_H2 nice net
+
+# *_L and *_Z may overlap, so account for that
+meta __RCVD_IN_MSPIKE_LOW RCVD_IN_MSPIKE_L5 || RCVD_IN_MSPIKE_L4 || RCVD_IN_MSPIKE_L3 || RCVD_IN_MSPIKE_L2
+meta RCVD_IN_MSPIKE_ZBI __RCVD_IN_MSPIKE_Z && !__RCVD_IN_MSPIKE_LOW
+
+# Scores
+score RCVD_IN_MSPIKE_ZBI 4.1
+score RCVD_IN_MSPIKE_L5 5.2
+score RCVD_IN_MSPIKE_L4 4.2
+score RCVD_IN_MSPIKE_L3 3.9
+score RCVD_IN_MSPIKE_L2 0.8
+score RCVD_IN_MSPIKE_H2 -0.5
+score RCVD_IN_MSPIKE_H3 -1.0
+score RCVD_IN_MSPIKE_H4 -1.5
+score RCVD_IN_MSPIKE_H5 -2.0

From ae3c93945d86fbd7ef79ee81f198a79435a93174 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 14 Apr 2016 18:27:06 +0200
Subject: [PATCH 39/58] Remove custom scores, better to leave this to rules
 updates

---
 .../etc/mail/spamassassin/local.cf/91Scores        | 35 ----------------------
 1 file changed, 35 deletions(-)
 delete mode 100644 root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores
deleted file mode 100644
index ab60cb3..0000000
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/91Scores
+++ /dev/null
@@ -1,35 +0,0 @@
-# Ajustement de scores divers
-score HTML_MESSAGE 0.2
-score DKIM_VALID 0.1
-score DKIM_SIGNED 0.1
-score SPF_PASS -0.001
-score RP_MATCHES_RCVD -0.001
-score DKIM_VALID_AU 0.1
-score T_KHOP_FOREIGN_CLICK 0.4
-score HTML_IMAGE_RATIO_02 1
-score URIBL_BLACK 2.5
-score SPF_FAIL 3
-score SPF_SOFTFAIL 1.5
-score MIME_QP_LONG_LINE 0.2
-score FREEMAIL_FROM 0.3
-score HTML_IMAGE_RATIO_06 0.4
-score HTML_IMAGE_RATIO_04 0.4
-score SPF_HELO_FAIL 0.6
-score HTML_IMAGE_RATIO_08 0.4
-score RAZOR2_CHECK 1.0
-score LOTS_OF_MONEY 0.8
-score SUBJECT_NEEDS_ENCODING 0.5
-score HTML_MIME_NO_HTML_TAG 0.5
-score HTML_FONT_SIZE_LARGE 0.7
-score MSGID_FROM_MTA_HEADER 0.5
-score T_DKIM_INVALID 0.8
-score FILL_THIS_FORM 1.0
-score MPART_ALT_DIFF 1.5
-score URIBL_JP_SURBL 2.0
-score RCVD_IN_BRBL_LASTEXT 1.5
-score T_REMOTE_IMAGE 0.5
-score HTML_FONT_SIZE_LARGE 0.3
-score MISSING_MID 0.5
-score T_FILL_THIS_FORM_SHORT 1.0
-score KHOP_BIG_TO_CC 1.5
-score FSL_HELO_FIREWALL 0.5

From 601887020990956c4526d2429adb2abbb3bf2877 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 14 Apr 2016 18:38:59 +0200
Subject: [PATCH 40/58] Add BayesAutoLearn param

---
 .../templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
new file mode 100644
index 0000000..9c86f1d
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
@@ -0,0 +1,11 @@
+{
+  if (($spamassassin{UseBayes} || '0') m/^1|on|yes|enabled$/ && ($spamassassin{BayesAutoLearn} || 'no') =~ m/^1|on|yes|enabled$/){
+    my $ham_thres  = $spamassassin{BayesHamThreshold} || '-0.1';
+    my $spam_thres = $spamassassin{BayesSpamThreshold} || '8';
+    $OUT .=<<"_EOF";
+bayes_auto_learn 1 
+bayes_auto_learn_threshold_nonspam $ham_thres
+bayes_auto_learn_threshold_spam $spam_thres
+_EOF
+  }
+}

From 5f07f6f73c949d0f08e8334fdcc831494a7f54ae Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 11 May 2016 17:07:06 +0200
Subject: [PATCH 41/58] Spec file update

---
 ipasserelle-base.spec | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 9618a91..2997ade 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.53
+%define version 0.2.54
 %define release 1
 %define name ipasserelle-base
 
@@ -26,6 +26,7 @@ Requires: smeserver-shared-folders
 Requires: smeserver-qos
 Requires: smeserver-fetchmail
 Requires: smeserver-webapps-common
+Requires: smeserver-expire-accounts
 Requires: bash-completion
 Requires: ipasserelle-repo
 Requires: qmail-notify
@@ -48,6 +49,12 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Apr 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.54-1
+- Remove S-A custom scores
+- Add MailSpike BL
+- Requires smeserver-expire-accounts
+- Add spamassassin autolear param
+
 * Fri Dec 4 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.53-1
 - Define netfs service in the DB
 

From af3c75e04644d166ac6a734d69a2b942b41b4232 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 13 May 2016 10:08:00 +0200
Subject: [PATCH 42/58] Syntax error in spamass conf template

---
 .../e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
index 9c86f1d..d1605c9 100644
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
@@ -1,5 +1,5 @@
 {
-  if (($spamassassin{UseBayes} || '0') m/^1|on|yes|enabled$/ && ($spamassassin{BayesAutoLearn} || 'no') =~ m/^1|on|yes|enabled$/){
+  if (($spamassassin{UseBayes} || '0') =~ m/^1|on|yes|enabled$/ && ($spamassassin{BayesAutoLearn} || 'no') =~ m/^1|on|yes|enabled$/){
     my $ham_thres  = $spamassassin{BayesHamThreshold} || '-0.1';
     my $spam_thres = $spamassassin{BayesSpamThreshold} || '8';
     $OUT .=<<"_EOF";

From 09c1a681afa59c3ef189eda1aac72ee972246327 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Fri, 13 May 2016 10:08:56 +0200
Subject: [PATCH 43/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 2e6fac1..b808ffe 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.55
+%define version 0.2.56
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Fri May 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.56-1
+- Fix a syntax error in spamassassin conf template
+
 * Wed Apr 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.55-1
 - Remove S-A custom scores
 - Add MailSpike BL

From 85422e9e68a44800972ad45695e66ab41138ab53 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 18 May 2016 09:25:30 +0200
Subject: [PATCH 44/58] Remove MailSpike, as it doesn't help with spam

---
 .../etc/mail/spamassassin/local.cf/90MailSpike     | 49 ----------------------
 1 file changed, 49 deletions(-)
 delete mode 100644 root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike
deleted file mode 100644
index 71bd866..0000000
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90MailSpike
+++ /dev/null
@@ -1,49 +0,0 @@
-# Spam sources
-header __RCVD_IN_MSPIKE eval:check_rbl('mspike-lastexternal', 'bl.mailspike.net.')
-tflags __RCVD_IN_MSPIKE net
-
-# Bad senders
-header __RCVD_IN_MSPIKE_Z eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.2$')
-describe __RCVD_IN_MSPIKE_Z Spam wave participant
-tflags __RCVD_IN_MSPIKE_Z net
-header RCVD_IN_MSPIKE_L5 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.10$')
-describe RCVD_IN_MSPIKE_L5 Very bad reputation (-5)
-tflags RCVD_IN_MSPIKE_L5 net
-header RCVD_IN_MSPIKE_L4 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.11$')
-describe RCVD_IN_MSPIKE_L4 Bad reputation (-4)
-tflags RCVD_IN_MSPIKE_L4 net
-header RCVD_IN_MSPIKE_L3 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.12$')
-describe RCVD_IN_MSPIKE_L3 Low reputation (-3)
-tflags RCVD_IN_MSPIKE_L3 net
-header RCVD_IN_MSPIKE_L2 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.13$')
-describe RCVD_IN_MSPIKE_L2 Suspicious reputation (-2)
-tflags RCVD_IN_MSPIKE_L2 net
-
-# Good senders
-header RCVD_IN_MSPIKE_H5 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.20$')
-describe RCVD_IN_MSPIKE_H5 Excellent reputation (+5)
-tflags RCVD_IN_MSPIKE_H5 nice net
-header RCVD_IN_MSPIKE_H4 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.19$')
-describe RCVD_IN_MSPIKE_H4 Very Good reputation (+4)
-tflags RCVD_IN_MSPIKE_H4 nice net
-header RCVD_IN_MSPIKE_H3 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.18$')
-describe RCVD_IN_MSPIKE_H3 Good reputation (+3)
-tflags RCVD_IN_MSPIKE_H3 nice net
-header RCVD_IN_MSPIKE_H2 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.17$')
-describe RCVD_IN_MSPIKE_H2 Average reputation (+2)
-tflags RCVD_IN_MSPIKE_H2 nice net
-
-# *_L and *_Z may overlap, so account for that
-meta __RCVD_IN_MSPIKE_LOW RCVD_IN_MSPIKE_L5 || RCVD_IN_MSPIKE_L4 || RCVD_IN_MSPIKE_L3 || RCVD_IN_MSPIKE_L2
-meta RCVD_IN_MSPIKE_ZBI __RCVD_IN_MSPIKE_Z && !__RCVD_IN_MSPIKE_LOW
-
-# Scores
-score RCVD_IN_MSPIKE_ZBI 4.1
-score RCVD_IN_MSPIKE_L5 5.2
-score RCVD_IN_MSPIKE_L4 4.2
-score RCVD_IN_MSPIKE_L3 3.9
-score RCVD_IN_MSPIKE_L2 0.8
-score RCVD_IN_MSPIKE_H2 -0.5
-score RCVD_IN_MSPIKE_H3 -1.0
-score RCVD_IN_MSPIKE_H4 -1.5
-score RCVD_IN_MSPIKE_H5 -2.0

From 5c1386aad2037aeb2cd836c8bd7377024f3ad46b Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 18 May 2016 09:50:31 +0200
Subject: [PATCH 45/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index b808ffe..469e85b 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.56
+%define version 0.2.57
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed May 18 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.57-1
+- Remove MailSpike BL
+
 * Fri May 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.56-1
 - Fix a syntax error in spamassassin conf template
 

From a41d770ad20f402be2ac668136e0de899aed3754 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 9 Nov 2016 17:09:12 +0100
Subject: [PATCH 46/58] Enable access to /server-status for localhost

---
 root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status

diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status
new file mode 100644
index 0000000..be3f3f8
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status
@@ -0,0 +1,7 @@
+<Location /server-status>
+    SetHandler server-status
+    Order deny,allow
+    deny from all
+    allow from 127.0.0.1
+</Location>
+ExtendedStatus On

From 6e9d745fc88ad1d25c79aba29310938f164c5915 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 9 Nov 2016 18:51:10 +0100
Subject: [PATCH 47/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 469e85b..134f7dc 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.57
+%define version 0.2.58
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Nov 9 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.58-1
+- Enable access to /server-status for localhost
+
 * Wed May 18 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.57-1
 - Remove MailSpike BL
 

From 8ca6849166b9289e547dc132e35ba9ac3b6aaedb Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 8 Mar 2017 17:21:06 +0100
Subject: [PATCH 48/58] Makes sure bayes autolearn is disabled if not enabled
 Also adjust default thresholds for autolearning

---
 .../templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn    | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
index d1605c9..8026678 100644
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
@@ -1,11 +1,16 @@
 {
   if (($spamassassin{UseBayes} || '0') =~ m/^1|on|yes|enabled$/ && ($spamassassin{BayesAutoLearn} || 'no') =~ m/^1|on|yes|enabled$/){
-    my $ham_thres  = $spamassassin{BayesHamThreshold} || '-0.1';
-    my $spam_thres = $spamassassin{BayesSpamThreshold} || '8';
+    my $ham_thres  = $spamassassin{BayesHamThreshold} || '-1.0';
+    my $spam_thres = $spamassassin{BayesSpamThreshold} || '6';
     $OUT .=<<"_EOF";
 bayes_auto_learn 1 
 bayes_auto_learn_threshold_nonspam $ham_thres
 bayes_auto_learn_threshold_spam $spam_thres
 _EOF
   }
+  else{
+    $OUT .=<<"_EOF";
+bayes_auto_learn 0
+_EOF
+  }
 }

From cc261b3ad861be0779cf7a44ef25eae36db62789 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 8 Mar 2017 17:25:25 +0100
Subject: [PATCH 49/58] Spec file update

---
 ipasserelle-base.spec | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 134f7dc..5c26ef0 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.58
+%define version 0.2.59
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Mar 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.59-1
+- Make sure bayes auto learn is disabled when not enabled
+- Adjust default bayes auto learn threshold
+
 * Wed Nov 9 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.58-1
 - Enable access to /server-status for localhost
 
@@ -62,7 +66,7 @@ SME Server, with some additionnal modules
 - Remove S-A custom scores
 - Add MailSpike BL
 - Requires smeserver-expire-accounts
-- Add spamassassin autolear param
+- Add spamassassin autolearn param
 
 * Wed Dec 23 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.54-1
 - Fix home RecycleBin purge by using mtime instead of atime

From 6b221a9f2f21d1191e51d562a17869ec0d45a8b2 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 6 Apr 2017 16:18:15 +0200
Subject: [PATCH 50/58] Add support for separated __VILLE__ __RUE__ and
 __CODE_POSTAL__ tags for signature

---
 root/etc/e-smith/events/actions/generate-email-sign | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/root/etc/e-smith/events/actions/generate-email-sign b/root/etc/e-smith/events/actions/generate-email-sign
index 7c92e36..e036aff 100644
--- a/root/etc/e-smith/events/actions/generate-email-sign
+++ b/root/etc/e-smith/events/actions/generate-email-sign
@@ -121,6 +121,9 @@ foreach my $user (@users){
         $src =~ s/__START_FONCTION3__.*__END_FONCTION3__//smg if ($func3 eq '');
         $src =~ s/__START_FONCTION4__.*__END_FONCTION4__//smg if ($func4 eq '');
         $src =~ s/__START_ENTREPRISE__.*__END_ENTREPRISE__//smg if ($comp eq '');
+        $src =~ s/__START_CODE_POSTAL__.*__END_CODE_POSTAL__//smg if ($postalcode eq '');
+        $src =~ s/__START_RUE__.*__END_RUE__//smg if ($street eq '');
+        $src =~ s/__START_VILLE__.*__END_VILLE__//smg if ($city eq '');
         $src =~ s/__START_ADRESSE__.*__END_ADRESSE__//smg if ($addr eq '');
         $src =~ s/__START_URL__.*__END_URL__//smg if ($url eq '');
 
@@ -137,6 +140,9 @@ foreach my $user (@users){
         $src =~ s/__SERVICE__/$dep/g;
         $src =~ s/__ENTREPRISE__/$comp/g;
         $src =~ s/__ADRESSE__/$addr/g;
+        $src =~ s/__CODE_POSTAL__/$postalcode/g;
+        $src =~ s/__RUE__/$street/g;
+        $src =~ s/__VILLE__/$city/g;
         $src =~ s/__URL__/$url/g;
 
         # Now remove any remaining __START_ and __END_ tags

From 0bd7b716509643036b7fc387896049f61fb13329 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Tue, 11 Apr 2017 12:19:50 +0200
Subject: [PATCH 51/58] Spec file update

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 5c26ef0..f50658f 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.59
+%define version 0.2.60
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Thu Apr 6 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.60-1
+- Add support for separated __VILLE__ __RUE__ and __CODE_POSTAL__ tags
+  for email signature
+
 * Wed Mar 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.59-1
 - Make sure bayes auto learn is disabled when not enabled
 - Adjust default bayes auto learn threshold

From bbc852b1d56fcfa29d339e78fe17093878c93b58 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Mon, 5 Jun 2017 10:21:20 +0200
Subject: [PATCH 52/58] Add some blacklists (DNSBL/RHSBL) to spamassassin

---
 .../etc/mail/spamassassin/local.cf/95Blacklists    | 129 +++++++++++++++++++++
 1 file changed, 129 insertions(+)
 create mode 100644 root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
new file mode 100644
index 0000000..21964fd
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
@@ -0,0 +1,129 @@
+# Check someblacklists
+
+header      RCVD_IN_GBUDB               eval:check_rbl('gbudb', 'truncate.gbudb.net.', '127.0.0.2')
+describe    RCVD_IN_GBUDB               Listed in truncate.gbudb.net
+tflags      RCVD_IN_GBUDB               net
+score       RCVD_IN_GBUDB               1.5
+
+header      RCVD_IN_IMP_SPAMLIST        eval:check_rbl('spamrbl-lastexternal','spamrbl.imp.ch.','127.0.1.5')
+describe    RCVD_IN_IMP_SPAMLIST        Listed in spamrbl.imp.ch
+tflags      RCVD_IN_IMP_SPAMLIST        net
+score       RCVD_IN_IMP_SPAMLIST        1.5
+
+header      RCVD_IN_INPS                eval:check_rbl('inps-de-lastexternal','dnsbl.inps.de.')
+describe    RCVD_IN_INPS                Received via a relay in inps.de DNSBL
+tflags      RCVD_IN_INPS                net
+score       RCVD_IN_INPS                1.5
+
+header      RCVD_IN_JMF_BL              eval:check_rbl_sub('JMF-lastexternal','hostkarma.junkemailfilter.com','127.0.0.2')
+describe    RCVD_IN_JMF_BL              Sender listed in JMF-BLACK
+tflags      RCVD_IN_JMF_BL              net
+score       RCVD_IN_JMF_BL              1.5
+
+header      RCVD_IN_NIX_SPAM            eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
+describe    RCVD_IN_NIX_SPAM            Listed in NIX-SPAM DNSBL (heise.de)
+tflags      RCVD_IN_NIX_SPAM            net
+score       RCVD_IN_NIX_SPAM            1.5
+
+header      RCVD_IN_SORBS               eval:check_rbl('sorbscombined','dnsbl.sorbs.net.')
+describe    RCVD_IN_SORBS               Sender listed at http://www.sorbs.net
+tflags      RCVD_IN_SORBS               net
+score       RCVD_IN_SORBS               1.5
+
+header      RCVD_IN_SEM_BLACK           eval:check_rbl('semblack-lastexternal','bl.spameatingmonkey.net')
+tflags      RCVD_IN_SEM_BLACK           net
+describe    RCVD_IN_SEM_BLACK           Received from an IP listed by SEM-BLACK
+score       RCVD_IN_SEM_BLACK           1.5
+
+header      RCVD_IN_SEMNETBLACK         eval:check_rbl('semnetblack-lastexternal', 'netbl.spameatingmonkey.net')
+tflags      RCVD_IN_SEMNETBLACK         net
+describe    RCVD_IN_SEMNETBLACK         Received from an IP listed by SEM-NETBLACK
+score       RCVD_IN_SEMNETBLACK         1.5
+
+urirhssub   SEM_URIRED                  urired.spameatingmonkey.net. A 2
+body        SEM_URIRED                  eval:check_uridnsbl('SEM_URIRED')
+describe    SEM_URIRED                  Contains a URI listed by SEM-URIRED
+tflags      SEM_URIRED                  net
+score       SEM_URIRED                  1.5
+
+urirhssub   SEM_FRESH                   fresh.spameatingmonkey.net. A 2
+body        SEM_FRESH                   eval:check_uridnsbl('SEM_FRESH')
+describe    SEM_FRESH                   Contains a domain registered less than 5 days ago
+tflags      SEM_FRESH                   net
+score       SEM_FRESH                   1.5
+
+header      RCVD_IN_SPAMRATS_DYNA       eval:check_rbl('spamratsdyna-lastexternal','dyna.spamrats.com.')
+describe    RCVD_IN_SPAMRATS_DYNA       Sender listed in spamratsdyna
+tflags      RCVD_IN_SPAMRATS_DYNA       net
+score       RCVD_IN_SPAMRATS_DYNA       1.5
+
+header      RCVD_IN_SPAMRATS_NOPTR      eval:check_rbl('spamratsnoptr-lastexternal','noptr.spamrats.com.')
+describe    RCVD_IN_SPAMRATS_NOPTR      Sender listed in spamratsnoptr
+tflags      RCVD_IN_SPAMRATS_NOPTR      net
+score       RCVD_IN_SPAMRATS_NOPTR      1.5
+
+urirhsbl    URIBL_SC_SWINOG             uribl.swinog.ch.   A
+body        URIBL_SC_SWINOG             eval:check_uridnsbl('URIBL_SC_SWINOG')
+describe    URIBL_SC_SWINOG             URI's listed in uribl.swinog.ch.
+tflags      URIBL_SC_SWINOG             net
+score       URIBL_SC_SWINOG             1.5
+
+header      RCVD_IN_UCEPROTECT1         eval:check_rbl_txt('uceprotect1-lastexternal','dnsbl-1.uceprotect.net.')
+describe    RCVD_IN_UCEPROTECT1         Listed in dnsbl-1.uceprotect.net (open relay/proxy/dialup)
+tflags      RCVD_IN_UCEPROTECT1         net
+score       RCVD_IN_UCEPROTECT1         1.5
+
+header      RCVD_IN_UNSUBSCORE          eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
+describe    RCVD_IN_UNSUBSCORE          Listed in Lashback unsubscore.com
+tflags      RCVD_IN_UNSUBSCORE          net
+score       RCVD_IN_UNSUBSCORE          1.5
+
+header      RCVD_IN_WPBL                eval:check_rbl('wpbl-lastexternal','db.wpbl.info.','127.0.0.2')
+describe    RCVD_IN_WPBL                Listed in wpbl
+tflags      RCVD_IN_WPBL                net
+score       RCVD_IN_WPBL                1.5
+
+header      RCVD_IN_S5HBL               eval:check_rbl_txt('s5hbl', 'all.s5h.net')
+describe    RCVD_IN_S5HBL               Listed in all.s5h.net
+tflags      RCVD_IN_S5HBL               net
+score       RCVD_IN_S5HBL               1.5
+
+header      RCVD_IN_SPAMCANNIBAL        eval:check_rbl('spamcannibal', 'bl.spamcannibal.org')
+describe    RCVD_IN_SPAMCANNIBAL        Listed in bl.spamcannibal.org
+tflags      RCVD_IN_SPAMCANNIBAL        net
+score       RCVD_IN_SPAMCANNIBAL        1.5
+
+header      RCVD_IN_BACKSCATTERER       eval:check_rbl('backscatterer', 'ips.backscatterer.org')
+describe    RCVD_IN_BACKSCATTERER       Listed in ips.backscatterer.org
+tflags      RCVD_IN_BACKSCATTERER       net
+score       RCVD_IN_BACKSCATTERER       1.5
+
+header      RCVD_IN_FABEL               eval:check_rbl('fabel', 'spamsources.fabel.dk.')
+describe    RCVD_IN_FABEL               Received via a relay in spamsources.fabel.dk
+tflags      RCVD_IN_FABEL               net
+score       RCVD_IN_FABEL               1.5
+
+header      RCVD_IN_DRONEBL             eval:check_rbl('dronebl', 'dnsbl.dronebl.org')
+describe    RCVD_IN_DRONEBL             Listed in dnsbl.dronebl.org
+tflags      RCVD_IN_DRONEBL             net
+score       RCVD_IN_DRONEBL             1.5
+
+header      RCVD_IN_MANITU              eval:check_rbl('manitu', 'ix.dnsbl.manitu.net')
+describe    RCVD_IN_MANITU              Listed in ix.dnsbl.manitu.net
+tflags      RCVD_IN_MANITU              net
+score       RCVD_IN_MANITU              1.5
+
+header      RCVD_IN_SINGULAR            eval:check_rbl('singular', 'singular.ttk.pte.hu')
+describe    RCVD_IN_SINGULAR            Listed in singular.ttk.pte.hu
+tflags      RCVD_IN_SINGULAR            net
+score       RCVD_IN_SINGULAR            1.5
+
+header      RCVD_IN_SPAMBOT_DIGIBASE    eval:check_rbl('spambot-digibase', 'spambot.bls.digibase.ca')
+describe    RCVD_IN_SPAMBOT_DIGIBASE    Listed in spambot.bls.digibase.ca
+tflags      RCVD_IN_SPAMBOT_DIGIBASE    net
+score       RCVD_IN_SPAMBOT_DIGIBASE    1.5
+
+header      RCVD_IN_OPENPROXY_DIGIBASE  eval:check_rbl('openproxy-digibase', 'openproxy.bls.digibase.ca')
+describe    RCVD_IN_OPENPROXY_DIGIBASE  Listed in openproxy.bls.digibase.ca
+tflags      RCVD_IN_OPENPROXY_DIGIBASE  net
+score       RCVD_IN_OPENPROXY_DIGIBASE  1.5

From aabe9eec892e20005883ddb4dbb81c48a79567ab Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 8 Jun 2017 10:53:54 +0200
Subject: [PATCH 53/58] Slightly reduce spamassassin BL scores to limit risks
 for false positives

---
 .../etc/mail/spamassassin/local.cf/95Blacklists    | 50 +++++++++++-----------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
index 21964fd..e3a55f3 100644
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
@@ -3,127 +3,127 @@
 header      RCVD_IN_GBUDB               eval:check_rbl('gbudb', 'truncate.gbudb.net.', '127.0.0.2')
 describe    RCVD_IN_GBUDB               Listed in truncate.gbudb.net
 tflags      RCVD_IN_GBUDB               net
-score       RCVD_IN_GBUDB               1.5
+score       RCVD_IN_GBUDB               1.2
 
 header      RCVD_IN_IMP_SPAMLIST        eval:check_rbl('spamrbl-lastexternal','spamrbl.imp.ch.','127.0.1.5')
 describe    RCVD_IN_IMP_SPAMLIST        Listed in spamrbl.imp.ch
 tflags      RCVD_IN_IMP_SPAMLIST        net
-score       RCVD_IN_IMP_SPAMLIST        1.5
+score       RCVD_IN_IMP_SPAMLIST        1.2
 
 header      RCVD_IN_INPS                eval:check_rbl('inps-de-lastexternal','dnsbl.inps.de.')
 describe    RCVD_IN_INPS                Received via a relay in inps.de DNSBL
 tflags      RCVD_IN_INPS                net
-score       RCVD_IN_INPS                1.5
+score       RCVD_IN_INPS                1.2
 
 header      RCVD_IN_JMF_BL              eval:check_rbl_sub('JMF-lastexternal','hostkarma.junkemailfilter.com','127.0.0.2')
 describe    RCVD_IN_JMF_BL              Sender listed in JMF-BLACK
 tflags      RCVD_IN_JMF_BL              net
-score       RCVD_IN_JMF_BL              1.5
+score       RCVD_IN_JMF_BL              1.2
 
 header      RCVD_IN_NIX_SPAM            eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
 describe    RCVD_IN_NIX_SPAM            Listed in NIX-SPAM DNSBL (heise.de)
 tflags      RCVD_IN_NIX_SPAM            net
-score       RCVD_IN_NIX_SPAM            1.5
+score       RCVD_IN_NIX_SPAM            1.2
 
 header      RCVD_IN_SORBS               eval:check_rbl('sorbscombined','dnsbl.sorbs.net.')
 describe    RCVD_IN_SORBS               Sender listed at http://www.sorbs.net
 tflags      RCVD_IN_SORBS               net
-score       RCVD_IN_SORBS               1.5
+score       RCVD_IN_SORBS               1.2
 
 header      RCVD_IN_SEM_BLACK           eval:check_rbl('semblack-lastexternal','bl.spameatingmonkey.net')
 tflags      RCVD_IN_SEM_BLACK           net
 describe    RCVD_IN_SEM_BLACK           Received from an IP listed by SEM-BLACK
-score       RCVD_IN_SEM_BLACK           1.5
+score       RCVD_IN_SEM_BLACK           1.2
 
 header      RCVD_IN_SEMNETBLACK         eval:check_rbl('semnetblack-lastexternal', 'netbl.spameatingmonkey.net')
 tflags      RCVD_IN_SEMNETBLACK         net
 describe    RCVD_IN_SEMNETBLACK         Received from an IP listed by SEM-NETBLACK
-score       RCVD_IN_SEMNETBLACK         1.5
+score       RCVD_IN_SEMNETBLACK         1.2
 
 urirhssub   SEM_URIRED                  urired.spameatingmonkey.net. A 2
 body        SEM_URIRED                  eval:check_uridnsbl('SEM_URIRED')
 describe    SEM_URIRED                  Contains a URI listed by SEM-URIRED
 tflags      SEM_URIRED                  net
-score       SEM_URIRED                  1.5
+score       SEM_URIRED                  1.2
 
 urirhssub   SEM_FRESH                   fresh.spameatingmonkey.net. A 2
 body        SEM_FRESH                   eval:check_uridnsbl('SEM_FRESH')
 describe    SEM_FRESH                   Contains a domain registered less than 5 days ago
 tflags      SEM_FRESH                   net
-score       SEM_FRESH                   1.5
+score       SEM_FRESH                   1.2
 
 header      RCVD_IN_SPAMRATS_DYNA       eval:check_rbl('spamratsdyna-lastexternal','dyna.spamrats.com.')
 describe    RCVD_IN_SPAMRATS_DYNA       Sender listed in spamratsdyna
 tflags      RCVD_IN_SPAMRATS_DYNA       net
-score       RCVD_IN_SPAMRATS_DYNA       1.5
+score       RCVD_IN_SPAMRATS_DYNA       1.2
 
 header      RCVD_IN_SPAMRATS_NOPTR      eval:check_rbl('spamratsnoptr-lastexternal','noptr.spamrats.com.')
 describe    RCVD_IN_SPAMRATS_NOPTR      Sender listed in spamratsnoptr
 tflags      RCVD_IN_SPAMRATS_NOPTR      net
-score       RCVD_IN_SPAMRATS_NOPTR      1.5
+score       RCVD_IN_SPAMRATS_NOPTR      1.2
 
 urirhsbl    URIBL_SC_SWINOG             uribl.swinog.ch.   A
 body        URIBL_SC_SWINOG             eval:check_uridnsbl('URIBL_SC_SWINOG')
 describe    URIBL_SC_SWINOG             URI's listed in uribl.swinog.ch.
 tflags      URIBL_SC_SWINOG             net
-score       URIBL_SC_SWINOG             1.5
+score       URIBL_SC_SWINOG             1.2
 
 header      RCVD_IN_UCEPROTECT1         eval:check_rbl_txt('uceprotect1-lastexternal','dnsbl-1.uceprotect.net.')
 describe    RCVD_IN_UCEPROTECT1         Listed in dnsbl-1.uceprotect.net (open relay/proxy/dialup)
 tflags      RCVD_IN_UCEPROTECT1         net
-score       RCVD_IN_UCEPROTECT1         1.5
+score       RCVD_IN_UCEPROTECT1         1.2
 
 header      RCVD_IN_UNSUBSCORE          eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
 describe    RCVD_IN_UNSUBSCORE          Listed in Lashback unsubscore.com
 tflags      RCVD_IN_UNSUBSCORE          net
-score       RCVD_IN_UNSUBSCORE          1.5
+score       RCVD_IN_UNSUBSCORE          1.2
 
 header      RCVD_IN_WPBL                eval:check_rbl('wpbl-lastexternal','db.wpbl.info.','127.0.0.2')
 describe    RCVD_IN_WPBL                Listed in wpbl
 tflags      RCVD_IN_WPBL                net
-score       RCVD_IN_WPBL                1.5
+score       RCVD_IN_WPBL                1.2
 
 header      RCVD_IN_S5HBL               eval:check_rbl_txt('s5hbl', 'all.s5h.net')
 describe    RCVD_IN_S5HBL               Listed in all.s5h.net
 tflags      RCVD_IN_S5HBL               net
-score       RCVD_IN_S5HBL               1.5
+score       RCVD_IN_S5HBL               1.2
 
 header      RCVD_IN_SPAMCANNIBAL        eval:check_rbl('spamcannibal', 'bl.spamcannibal.org')
 describe    RCVD_IN_SPAMCANNIBAL        Listed in bl.spamcannibal.org
 tflags      RCVD_IN_SPAMCANNIBAL        net
-score       RCVD_IN_SPAMCANNIBAL        1.5
+score       RCVD_IN_SPAMCANNIBAL        1.2
 
 header      RCVD_IN_BACKSCATTERER       eval:check_rbl('backscatterer', 'ips.backscatterer.org')
 describe    RCVD_IN_BACKSCATTERER       Listed in ips.backscatterer.org
 tflags      RCVD_IN_BACKSCATTERER       net
-score       RCVD_IN_BACKSCATTERER       1.5
+score       RCVD_IN_BACKSCATTERER       1.2
 
 header      RCVD_IN_FABEL               eval:check_rbl('fabel', 'spamsources.fabel.dk.')
 describe    RCVD_IN_FABEL               Received via a relay in spamsources.fabel.dk
 tflags      RCVD_IN_FABEL               net
-score       RCVD_IN_FABEL               1.5
+score       RCVD_IN_FABEL               1.2
 
 header      RCVD_IN_DRONEBL             eval:check_rbl('dronebl', 'dnsbl.dronebl.org')
 describe    RCVD_IN_DRONEBL             Listed in dnsbl.dronebl.org
 tflags      RCVD_IN_DRONEBL             net
-score       RCVD_IN_DRONEBL             1.5
+score       RCVD_IN_DRONEBL             1.2
 
 header      RCVD_IN_MANITU              eval:check_rbl('manitu', 'ix.dnsbl.manitu.net')
 describe    RCVD_IN_MANITU              Listed in ix.dnsbl.manitu.net
 tflags      RCVD_IN_MANITU              net
-score       RCVD_IN_MANITU              1.5
+score       RCVD_IN_MANITU              1.2
 
 header      RCVD_IN_SINGULAR            eval:check_rbl('singular', 'singular.ttk.pte.hu')
 describe    RCVD_IN_SINGULAR            Listed in singular.ttk.pte.hu
 tflags      RCVD_IN_SINGULAR            net
-score       RCVD_IN_SINGULAR            1.5
+score       RCVD_IN_SINGULAR            1.2
 
 header      RCVD_IN_SPAMBOT_DIGIBASE    eval:check_rbl('spambot-digibase', 'spambot.bls.digibase.ca')
 describe    RCVD_IN_SPAMBOT_DIGIBASE    Listed in spambot.bls.digibase.ca
 tflags      RCVD_IN_SPAMBOT_DIGIBASE    net
-score       RCVD_IN_SPAMBOT_DIGIBASE    1.5
+score       RCVD_IN_SPAMBOT_DIGIBASE    1.2
 
 header      RCVD_IN_OPENPROXY_DIGIBASE  eval:check_rbl('openproxy-digibase', 'openproxy.bls.digibase.ca')
 describe    RCVD_IN_OPENPROXY_DIGIBASE  Listed in openproxy.bls.digibase.ca
 tflags      RCVD_IN_OPENPROXY_DIGIBASE  net
-score       RCVD_IN_OPENPROXY_DIGIBASE  1.5
+score       RCVD_IN_OPENPROXY_DIGIBASE  1.2

From f49438f554c7754a7ffb36dcb036426a08c94345 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 8 Jun 2017 10:57:10 +0200
Subject: [PATCH 54/58] Spec file update

---
 ipasserelle-base.spec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index f50658f..3ee823c 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.60
+%define version 0.2.62
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,12 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.62-1
+- Slightly reduce spamassassin BL scores
+
+* Mon Jun 5 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.61-1
+- Add some blacklists to spamassassin
+
 * Thu Apr 6 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.60-1
 - Add support for separated __VILLE__ __RUE__ and __CODE_POSTAL__ tags
   for email signature

From bf10e5cfc59930caca94202ceea20caee91a9644 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 8 Jun 2017 17:06:33 +0200
Subject: [PATCH 55/58] Set members of the admins gorup full permissions on
 public mailboxes Requires smeserver-dovecot-extras >= 0.1.3

---
 .../etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 root/etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins

diff --git a/root/etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins b/root/etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins
new file mode 100644
index 0000000..ab6cdb9
--- /dev/null
+++ b/root/etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins
@@ -0,0 +1 @@
+group=admins lrswtipekxa

From 0f6db72852968f5c63c210b3118c13a0332a3cf1 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 8 Jun 2017 17:09:03 +0200
Subject: [PATCH 56/58] Spec file update

---
 ipasserelle-base.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 3ee823c..440bcfd 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.62
+%define version 0.2.63
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,10 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.63-1
+- Set admins member full privileges on public mailboxes
+  If smeserver-dovecot-extras >= 0.1.3
+
 * Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.62-1
 - Slightly reduce spamassassin BL scores
 

From bb4300af1b7bb7b67302e516c932ffa7133949c8 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 19 Jul 2017 10:42:49 +0200
Subject: [PATCH 57/58] Reduce score of SPamass blacklists to 1.0 (from 1.2)

---
 .../etc/mail/spamassassin/local.cf/95Blacklists    | 50 +++++++++++-----------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
index e3a55f3..dee2050 100644
--- a/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
+++ b/root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
@@ -3,127 +3,127 @@
 header      RCVD_IN_GBUDB               eval:check_rbl('gbudb', 'truncate.gbudb.net.', '127.0.0.2')
 describe    RCVD_IN_GBUDB               Listed in truncate.gbudb.net
 tflags      RCVD_IN_GBUDB               net
-score       RCVD_IN_GBUDB               1.2
+score       RCVD_IN_GBUDB               1.0
 
 header      RCVD_IN_IMP_SPAMLIST        eval:check_rbl('spamrbl-lastexternal','spamrbl.imp.ch.','127.0.1.5')
 describe    RCVD_IN_IMP_SPAMLIST        Listed in spamrbl.imp.ch
 tflags      RCVD_IN_IMP_SPAMLIST        net
-score       RCVD_IN_IMP_SPAMLIST        1.2
+score       RCVD_IN_IMP_SPAMLIST        1.0
 
 header      RCVD_IN_INPS                eval:check_rbl('inps-de-lastexternal','dnsbl.inps.de.')
 describe    RCVD_IN_INPS                Received via a relay in inps.de DNSBL
 tflags      RCVD_IN_INPS                net
-score       RCVD_IN_INPS                1.2
+score       RCVD_IN_INPS                1.0
 
 header      RCVD_IN_JMF_BL              eval:check_rbl_sub('JMF-lastexternal','hostkarma.junkemailfilter.com','127.0.0.2')
 describe    RCVD_IN_JMF_BL              Sender listed in JMF-BLACK
 tflags      RCVD_IN_JMF_BL              net
-score       RCVD_IN_JMF_BL              1.2
+score       RCVD_IN_JMF_BL              1.0
 
 header      RCVD_IN_NIX_SPAM            eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
 describe    RCVD_IN_NIX_SPAM            Listed in NIX-SPAM DNSBL (heise.de)
 tflags      RCVD_IN_NIX_SPAM            net
-score       RCVD_IN_NIX_SPAM            1.2
+score       RCVD_IN_NIX_SPAM            1.0
 
 header      RCVD_IN_SORBS               eval:check_rbl('sorbscombined','dnsbl.sorbs.net.')
 describe    RCVD_IN_SORBS               Sender listed at http://www.sorbs.net
 tflags      RCVD_IN_SORBS               net
-score       RCVD_IN_SORBS               1.2
+score       RCVD_IN_SORBS               1.0
 
 header      RCVD_IN_SEM_BLACK           eval:check_rbl('semblack-lastexternal','bl.spameatingmonkey.net')
 tflags      RCVD_IN_SEM_BLACK           net
 describe    RCVD_IN_SEM_BLACK           Received from an IP listed by SEM-BLACK
-score       RCVD_IN_SEM_BLACK           1.2
+score       RCVD_IN_SEM_BLACK           1.0
 
 header      RCVD_IN_SEMNETBLACK         eval:check_rbl('semnetblack-lastexternal', 'netbl.spameatingmonkey.net')
 tflags      RCVD_IN_SEMNETBLACK         net
 describe    RCVD_IN_SEMNETBLACK         Received from an IP listed by SEM-NETBLACK
-score       RCVD_IN_SEMNETBLACK         1.2
+score       RCVD_IN_SEMNETBLACK         1.0
 
 urirhssub   SEM_URIRED                  urired.spameatingmonkey.net. A 2
 body        SEM_URIRED                  eval:check_uridnsbl('SEM_URIRED')
 describe    SEM_URIRED                  Contains a URI listed by SEM-URIRED
 tflags      SEM_URIRED                  net
-score       SEM_URIRED                  1.2
+score       SEM_URIRED                  1.0
 
 urirhssub   SEM_FRESH                   fresh.spameatingmonkey.net. A 2
 body        SEM_FRESH                   eval:check_uridnsbl('SEM_FRESH')
 describe    SEM_FRESH                   Contains a domain registered less than 5 days ago
 tflags      SEM_FRESH                   net
-score       SEM_FRESH                   1.2
+score       SEM_FRESH                   1.0
 
 header      RCVD_IN_SPAMRATS_DYNA       eval:check_rbl('spamratsdyna-lastexternal','dyna.spamrats.com.')
 describe    RCVD_IN_SPAMRATS_DYNA       Sender listed in spamratsdyna
 tflags      RCVD_IN_SPAMRATS_DYNA       net
-score       RCVD_IN_SPAMRATS_DYNA       1.2
+score       RCVD_IN_SPAMRATS_DYNA       1.0
 
 header      RCVD_IN_SPAMRATS_NOPTR      eval:check_rbl('spamratsnoptr-lastexternal','noptr.spamrats.com.')
 describe    RCVD_IN_SPAMRATS_NOPTR      Sender listed in spamratsnoptr
 tflags      RCVD_IN_SPAMRATS_NOPTR      net
-score       RCVD_IN_SPAMRATS_NOPTR      1.2
+score       RCVD_IN_SPAMRATS_NOPTR      1.0
 
 urirhsbl    URIBL_SC_SWINOG             uribl.swinog.ch.   A
 body        URIBL_SC_SWINOG             eval:check_uridnsbl('URIBL_SC_SWINOG')
 describe    URIBL_SC_SWINOG             URI's listed in uribl.swinog.ch.
 tflags      URIBL_SC_SWINOG             net
-score       URIBL_SC_SWINOG             1.2
+score       URIBL_SC_SWINOG             1.0
 
 header      RCVD_IN_UCEPROTECT1         eval:check_rbl_txt('uceprotect1-lastexternal','dnsbl-1.uceprotect.net.')
 describe    RCVD_IN_UCEPROTECT1         Listed in dnsbl-1.uceprotect.net (open relay/proxy/dialup)
 tflags      RCVD_IN_UCEPROTECT1         net
-score       RCVD_IN_UCEPROTECT1         1.2
+score       RCVD_IN_UCEPROTECT1         1.0
 
 header      RCVD_IN_UNSUBSCORE          eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
 describe    RCVD_IN_UNSUBSCORE          Listed in Lashback unsubscore.com
 tflags      RCVD_IN_UNSUBSCORE          net
-score       RCVD_IN_UNSUBSCORE          1.2
+score       RCVD_IN_UNSUBSCORE          1.0
 
 header      RCVD_IN_WPBL                eval:check_rbl('wpbl-lastexternal','db.wpbl.info.','127.0.0.2')
 describe    RCVD_IN_WPBL                Listed in wpbl
 tflags      RCVD_IN_WPBL                net
-score       RCVD_IN_WPBL                1.2
+score       RCVD_IN_WPBL                1.0
 
 header      RCVD_IN_S5HBL               eval:check_rbl_txt('s5hbl', 'all.s5h.net')
 describe    RCVD_IN_S5HBL               Listed in all.s5h.net
 tflags      RCVD_IN_S5HBL               net
-score       RCVD_IN_S5HBL               1.2
+score       RCVD_IN_S5HBL               1.0
 
 header      RCVD_IN_SPAMCANNIBAL        eval:check_rbl('spamcannibal', 'bl.spamcannibal.org')
 describe    RCVD_IN_SPAMCANNIBAL        Listed in bl.spamcannibal.org
 tflags      RCVD_IN_SPAMCANNIBAL        net
-score       RCVD_IN_SPAMCANNIBAL        1.2
+score       RCVD_IN_SPAMCANNIBAL        1.0
 
 header      RCVD_IN_BACKSCATTERER       eval:check_rbl('backscatterer', 'ips.backscatterer.org')
 describe    RCVD_IN_BACKSCATTERER       Listed in ips.backscatterer.org
 tflags      RCVD_IN_BACKSCATTERER       net
-score       RCVD_IN_BACKSCATTERER       1.2
+score       RCVD_IN_BACKSCATTERER       1.0
 
 header      RCVD_IN_FABEL               eval:check_rbl('fabel', 'spamsources.fabel.dk.')
 describe    RCVD_IN_FABEL               Received via a relay in spamsources.fabel.dk
 tflags      RCVD_IN_FABEL               net
-score       RCVD_IN_FABEL               1.2
+score       RCVD_IN_FABEL               1.0
 
 header      RCVD_IN_DRONEBL             eval:check_rbl('dronebl', 'dnsbl.dronebl.org')
 describe    RCVD_IN_DRONEBL             Listed in dnsbl.dronebl.org
 tflags      RCVD_IN_DRONEBL             net
-score       RCVD_IN_DRONEBL             1.2
+score       RCVD_IN_DRONEBL             1.0
 
 header      RCVD_IN_MANITU              eval:check_rbl('manitu', 'ix.dnsbl.manitu.net')
 describe    RCVD_IN_MANITU              Listed in ix.dnsbl.manitu.net
 tflags      RCVD_IN_MANITU              net
-score       RCVD_IN_MANITU              1.2
+score       RCVD_IN_MANITU              1.0
 
 header      RCVD_IN_SINGULAR            eval:check_rbl('singular', 'singular.ttk.pte.hu')
 describe    RCVD_IN_SINGULAR            Listed in singular.ttk.pte.hu
 tflags      RCVD_IN_SINGULAR            net
-score       RCVD_IN_SINGULAR            1.2
+score       RCVD_IN_SINGULAR            1.0
 
 header      RCVD_IN_SPAMBOT_DIGIBASE    eval:check_rbl('spambot-digibase', 'spambot.bls.digibase.ca')
 describe    RCVD_IN_SPAMBOT_DIGIBASE    Listed in spambot.bls.digibase.ca
 tflags      RCVD_IN_SPAMBOT_DIGIBASE    net
-score       RCVD_IN_SPAMBOT_DIGIBASE    1.2
+score       RCVD_IN_SPAMBOT_DIGIBASE    1.0
 
 header      RCVD_IN_OPENPROXY_DIGIBASE  eval:check_rbl('openproxy-digibase', 'openproxy.bls.digibase.ca')
 describe    RCVD_IN_OPENPROXY_DIGIBASE  Listed in openproxy.bls.digibase.ca
 tflags      RCVD_IN_OPENPROXY_DIGIBASE  net
-score       RCVD_IN_OPENPROXY_DIGIBASE  1.2
+score       RCVD_IN_OPENPROXY_DIGIBASE  1.0

From 2ddd3f802a200791b78db77f85859af031024482 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 19 Jul 2017 11:22:25 +0200
Subject: [PATCH 58/58] Spec file update

---
 ipasserelle-base.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipasserelle-base.spec b/ipasserelle-base.spec
index 440bcfd..2009f59 100644
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@@ -1,4 +1,4 @@
-%define version 0.2.63
+%define version 0.2.64
 %define release 1
 %define name ipasserelle-base
 
@@ -49,6 +49,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules
 
 %changelog
+* Wed Jul 19 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.64-1
+- Reduce spamassassin's BL score to 1.0 each
+
 * Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.63-1
 - Set admins member full privileges on public mailboxes
   If smeserver-dovecot-extras >= 0.1.3