Compare commits

..

No commits in common. 'master' and 'sigintools' have entirely different histories.

  1. 3
      .tito/packages/.readme
  2. 1
      .tito/packages/ipasserelle-base
  3. 1
      .tito/releasers.conf
  4. 6
      .tito/tito.props
  5. 4
      createlinks
  6. 228
      ipasserelle-base.spec
  7. 4
      root/etc/cron.daily/download-updates
  8. 57
      root/etc/cron.daily/purge-homes-recycle
  9. 11
      root/etc/cron.monthly/maillog-rotate
  10. 1
      root/etc/e-smith/db/configuration/defaults/mysqld/OpenFilesLimit
  11. 1
      root/etc/e-smith/db/configuration/defaults/netfs/status
  12. 1
      root/etc/e-smith/db/configuration/defaults/netfs/type
  13. 1
      root/etc/e-smith/db/configuration/defaults/qmail/KeepLogFiles
  14. 1
      root/etc/e-smith/db/configuration/defaults/qpsmtpd/KeepLogFiles
  15. 1
      root/etc/e-smith/db/configuration/defaults/spamassassin/PyzorTimeout
  16. 1
      root/etc/e-smith/db/configuration/defaults/sqpsmtpd/KeepLogFiles
  17. 76
      root/etc/e-smith/events/actions/generate-email-sign
  18. 9
      root/etc/e-smith/events/actions/ipasserelle-init-shares
  19. 5
      root/etc/e-smith/events/actions/ldap-update-info
  20. 21
      root/etc/e-smith/events/actions/share-modify-scan
  21. 6
      root/etc/e-smith/events/actions/update-ldap-pseudonyms
  22. 40
      root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo
  23. 2
      root/etc/e-smith/templates-custom/etc/syslog.conf/local5
  24. 1
      root/etc/e-smith/templates.metadata/etc/cron.hourly/qmail-notify
  25. 2
      root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All
  26. 7
      root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/99Status
  27. 16
      root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/10BayesAutoLearn
  28. 83
      root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/90SpamFr
  29. 129
      root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/95Blacklists
  30. 1
      root/etc/e-smith/templates/etc/my.cnf/009innodb_file_per_table
  31. 1
      root/etc/e-smith/templates/etc/my.cnf/035openfiles
  32. 1
      root/etc/e-smith/templates/etc/my.cnf/037maxconnections
  33. 3
      root/etc/e-smith/templates/etc/rsyslog.conf/45smbAudit
  34. 2
      root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
  35. 1
      root/etc/e-smith/templates/home/e-smith/files/public/dovecot-acl/20Admins
  36. 5
      root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/30check_spf
  37. 11
      root/etc/e-smith/templates/var/service/tinydns/root/data/80srvEmail
  38. 16
      root/etc/e-smith/templates/var/service/tinydns/root/data/85Spf
  39. 32
      root/etc/e-smith/web/functions/userinfo
  40. 181
      root/usr/bin/make-srv
  41. 110
      root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userinfo.pm
  42. 5
      root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm
  43. 1
      root/var/clamav/ipasserelle.ign2

@ -1,3 +0,0 @@
the .tito/packages directory contains metadata files
named after their packages. Each file has the latest tagged
version and the project's relative directory.

@ -1 +0,0 @@
../../tito_libs/releasers.conf

@ -1,6 +0,0 @@
[buildconfig]
builder = tito.builder.Builder
tagger = tito.tagger.VersionTagger
changelog_do_not_remove_cherrypick = 0
changelog_format = %s (%ae)
lib_dir = ../tito_libs

@ -27,7 +27,6 @@ foreach my $event (qw/ipasserelle-update bootstrap-ldap-save/){
} }
# Activation de qmail-notify # Activation de qmail-notify
safe_symlink("/etc/e-smith/templates-default/template-begin-shell", "root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/template-begin");
templates2events("/etc/cron.hourly/qmail-notify", qw(email-update bootstrap-console-save)); templates2events("/etc/cron.hourly/qmail-notify", qw(email-update bootstrap-console-save));
# Desactivation des checks RAID # Desactivation des checks RAID
@ -61,9 +60,6 @@ service_link_enhanced("ipmi", "K74", "6");
# Autofs # Autofs
service_link_enhanced("autofs", "S28", "7"); service_link_enhanced("autofs", "S28", "7");
service_link_enhanced("autofs", "K72", "6"); service_link_enhanced("autofs", "K72", "6");
# Netfs
service_link_enhanced("netfs", "S25", "7");
service_link_enhanced("netfs", "K75", "6");
# Panels # Panels
panel_link('userinfo','manager'); panel_link('userinfo','manager');

@ -1,13 +1,12 @@
%define version 0.2.64 %define version 0.2.11
%define release 1 %define release 1
%define name ipasserelle-base %define name ipasserelle-base
Summary: Meta-Package to turn a SME Server into an iPasserelle Summary: Meta-Package to turn a SME Server into an iPasserelle
Name: ipasserelle-base Name: %{name}
Version: 0.2.70 Version: %{version}
Release: 1%{?dist} Release: %{release}%{?dist}
Epoch: 9
License: GPL License: GPL
Group: Networking/Daemons Group: Networking/Daemons
Source: %{name}-%{version}.tar.gz Source: %{name}-%{version}.tar.gz
@ -21,12 +20,13 @@ Requires: e-smith-ldap
Requires: smeserver-remoteuseraccess Requires: smeserver-remoteuseraccess
Requires: smeserver-zabbix-agent Requires: smeserver-zabbix-agent
Requires: smeserver-zabbix-proxy Requires: smeserver-zabbix-proxy
Requires: smeserver-denyhosts
Requires: logwatch Requires: logwatch
Requires: smeserver-shared-folders Requires: smeserver-shared-folders
Requires: smeserver-qos Requires: smeserver-qos
Requires: smeserver-fetchmail Requires: smeserver-fetchmail
Requires: smeserver-mailstats
Requires: smeserver-webapps-common Requires: smeserver-webapps-common
Requires: smeserver-expire-accounts
Requires: bash-completion Requires: bash-completion
Requires: ipasserelle-repo Requires: ipasserelle-repo
Requires: qmail-notify Requires: qmail-notify
@ -38,10 +38,7 @@ Requires: perl(Net::LDAP)
Requires: perl(Proc::ProcessTable) Requires: perl(Proc::ProcessTable)
Requires: perl(Proc::ProcessTable::Process) Requires: perl(Proc::ProcessTable::Process)
Requires: pbzip2 Requires: pbzip2
Requires: yum >= 3.2.29-69
Requires: smeserver-fail2ban
Obsoletes: smeserver-denyhosts
Obsoletes: smeserver-mailstats
%description %description
Meta package to configure an iPasserelle Server Meta package to configure an iPasserelle Server
@ -49,208 +46,10 @@ Based on SMEServer, iPasserelle is a specially configured
SME Server, with some additionnal modules SME Server, with some additionnal modules
%changelog %changelog
* Thu Dec 19 2019 Daniel Berteaud <daniel@firewall-services.com> 0.2.70-1
- Hide warning if year maildir already exists (daniel@firewall-services.com)
* Thu Mar 14 2019 Daniel Berteaud <daniel@firewall-services.com> 0.2.69-1
- Don't try to create or delete scan dir if no user has been passed
(daniel@firewall-services.com)
* Tue Feb 06 2018 Daniel Berteaud <daniel@firewall-services.com> 0.2.68-1
- Handle Bcc being a fully qualified address in rotate script GLPI #30996
(daniel@firewall-services.com)
* Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.67-1
- Typo in Category CGI param id (daniel@firewall-services.com)
* Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.66-1
- Remove GIT Changelog (daniel@firewall-services.com)
* Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.65-1
- new package built with tito
- Add Support for buisnessCategory LDAP field
* Wed Jul 19 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.64-1
- Reduce spamassassin's BL score to 1.0 each
* Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.63-1
- Set admins member full privileges on public mailboxes
If smeserver-dovecot-extras >= 0.1.3
* Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.62-1
- Slightly reduce spamassassin BL scores
* Mon Jun 5 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.61-1
- Add some blacklists to spamassassin
* Thu Apr 6 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.60-1
- Add support for separated __VILLE__ __RUE__ and __CODE_POSTAL__ tags
for email signature
* Wed Mar 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.59-1
- Make sure bayes auto learn is disabled when not enabled
- Adjust default bayes auto learn threshold
* Wed Nov 9 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.58-1
- Enable access to /server-status for localhost
* Wed May 18 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.57-1
- Remove MailSpike BL
* Fri May 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.56-1
- Fix a syntax error in spamassassin conf template
* Wed Apr 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.55-1
- Remove S-A custom scores
- Add MailSpike BL
- Requires smeserver-expire-accounts
- Add spamassassin autolearn param
* Wed Dec 23 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.54-1
- Fix home RecycleBin purge by using mtime instead of atime
* Fri Dec 4 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.53-1
- Define netfs service in the DB
* Wed Dec 2 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.52-1
- Fix /var/clamav ownership
* Fri Nov 27 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.51-1
- Ignore winnow.spam.ts.brokenspam.1 virus
* Fri Aug 7 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.50-1
- Requires recent enough yum instead of yum-downloadonly
* Mon Jul 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.49-1
- Remove hardcoded value for open_files_limit
- Set the default open_files_limit to 8192
* Mon Feb 9 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.48-1
- Add a EmailPrimaryDomain prop to user account
* Fri Jan 30 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.47-1
- Download updates even when a dependencie issue would prevent the
transaction
* Mon Jun 30 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.46-1
- Replace header_access directive with request_header_access
* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.45-1
- Replace syslog templates-custom with rsyslog fragment
* Fri Mar 21 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.44-1
- Fix AllowedRemoteIP (SPF Whitelist)
* Wed Mar 12 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.43-1
- Add SPF support (qpsmtpd and tinydns)
* Fri Jan 24 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.42-1
- Add a simple audit page in userinfo panel
* Mon Jan 20 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.41-1
- Update email address in LDAP if the first one in the list has changed
* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.40-1
- Remove the non templated qmail-notify cron file
* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.39-1
- Really fix qmail-notify cron
* Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.38-1
- Fix qmail-notify cron
* Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.37-1
- New branch for SME9
* Fri Nov 8 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.36-1
- Allow placeholders in signatures templates to be removed if the
corresponding value is empty
- Strip http:// or https at the begining and / at the end of the Url
prop in the signature
* Tue Oct 15 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.35-1
- Remove phpmailer from the potential spam mailers
- Reduce scrore for FSL_HELO_FIREWALL
* Fri Sep 27 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.34-1
- Reduce score for KHOP_BIG_TO_CC to 1.5
- Fix a warning in purge-home-recycle script
* Thu Sep 26 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.33-1
- Reduce a few spamassassin score, which were too agressive
* Wed Sep 25 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.32-1
- Fix the purge-home-recycle script
* Tue Sep 17 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.31-1
- Other spamassassin scores adjustments
* Thu Jun 13 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.30-1
- Disable default samba logging
* Thu Jun 6 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.29-1
- Set default pyzor timeout to 15 sec
- Add some spamassassin rules to fight against spam in french
- Adjust some spamassassin scores
- Fix another syntax erreor in share-modify-scan script
* Wed Jun 5 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.28-1
- Replace denyhosts with fail2ban
- Obsoletes smeserver-mailstats
* Fri Apr 19 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.27-1
- add innodb_file_per_table directive to my.cnf
* Fri Apr 19 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.26-1
- Allow up to 500 connections to MySQL
* Fri Dec 21 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.25-1
- Fix updates download cron job
* Mon Dec 3 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.24-1
- Some scan require read permissions on directories
* Wed Nov 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.23-1
- Download available updates nightly
* Tue Nov 20 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.22-1
- More fixes for scan ACLs
* Mon Nov 19 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.21-1
- Fix a typo in share-modify-scan script
* Thu Nov 15 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.20-1
- Fix default ACL for admins group in scan share
* Thu Nov 15 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.19-1
- Several fixes in scan share ACL
* Fri Sep 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.18-1
- Add SRV records for imap, imaps, smtp and smtps services
* Fri Sep 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.17-1
- add make-srv script to generate SRV records in tinydns
* Mon Sep 10 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.16-1
- Validation for the shell field
- accept empty value for the shell and the chroot dir
- add a script to purge home dir recycle bin
* Fri Aug 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.15-1
- Add a chroot field in user info panel
* Tue Jul 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.14-1
- Keep last 50 log files for mail services instead of 10
* Tue Jun 26 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.13-1
- Fix group mail addresses in viewgroup userpanel
* Sun Jun 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.12-1
- Move generated signatures in tools share
* Sun Jun 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.11-1 * Sun Jun 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.11-1
- Copy cacert in Primary ibay - Copy cacert in Primary ibay
* Fri Jun 8 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.10-1.sme * Fri Jun 7 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.10-1.sme
- Copy cacrl in Primary ibay - Copy cacrl in Primary ibay
* Tue May 29 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.9-1.sme * Tue May 29 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.9-1.sme
@ -372,7 +171,7 @@ SME Server, with some additionnal modules
- Add postalCode LDAP attribute - Add postalCode LDAP attribute
- Add validation routine for some fields - Add validation routine for some fields
* Tue Mar 8 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2.sme * Tue Mar 7 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2.sme
- Add extensionNumber LDAP attribute - Add extensionNumber LDAP attribute
* Thu Jan 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1.sme * Thu Jan 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1.sme
@ -383,7 +182,7 @@ SME Server, with some additionnal modules
%setup -q -n %{name}-%{version} %setup -q -n %{name}-%{version}
%build %build
%{__mkdir_p} root/home/e-smith/files/shares/tools/files/signatures/templates %{__mkdir_p} root/home/e-smith/files/shares/tools/files/templates_signatures/
%{__mkdir_p} root/home/e-smith/files/scan %{__mkdir_p} root/home/e-smith/files/scan
%{__mkdir_p} root/var/lib/qpsmtpd/greylisting %{__mkdir_p} root/var/lib/qpsmtpd/greylisting
perl createlinks perl createlinks
@ -395,15 +194,12 @@ perl createlinks
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
--file /etc/cron.hourly/qpsmtpd-cleanup 'attr(0755,root,root)' \ --file /etc/cron.hourly/qpsmtpd-cleanup 'attr(0755,root,root)' \
--file /etc/cron.monthly/maillog-rotate 'attr(0755,root,root)' \ --file /etc/cron.monthly/maillog-rotate 'attr(0755,root,root)' \
--file /etc/cron.hourly/qmail-notify 'attr(0755,root,root)' \
--file /etc/cron.hourly/cacrl 'attr(0755,root,root)' \ --file /etc/cron.hourly/cacrl 'attr(0755,root,root)' \
--file /etc/cron.daily/purge-homes-recycle 'attr(0755,root,root)' \
--file /etc/cron.daily/download-updates 'attr(0755,root,root)' \
--dir /home/e-smith/files/scan 'attr(0750,root,shared)' \ --dir /home/e-smith/files/scan 'attr(0750,root,shared)' \
--dir /var/lib/qpsmtpd/greylisting 'attr(0750,qpsmtpd,qpsmtpd)' \ --dir /var/lib/qpsmtpd/greylisting 'attr(0750,qpsmtpd,qpsmtpd)' \
--file /usr/bin/make-srv 'attr(0755,root,root)' \
--dir /var/clamav 'attr(0755,clamav,clamav)' \
> %{name}-%{version}-filelist > %{name}-%{version}-filelist
echo "%doc" >> %{name}-%{version}-filelist echo "%doc CHANGELOG.git" >> %{name}-%{version}-filelist
%files -f %{name}-%{version}-filelist %files -f %{name}-%{version}-filelist
%defattr(-,root,root) %defattr(-,root,root)

@ -1,4 +0,0 @@
#!/bin/bash
/usr/bin/yum --downloadonly --skip-broken -y update > /dev/null 2>&1
exit 0

@ -1,57 +0,0 @@
#!/usr/bin/perl -w
#----------------------------------------------------------------------
# Copyright (C) 2012 Firewall Services
# daniel@firewall-services.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#----------------------------------------------------------------------
use esmith::AccountsDB;
use esmith::ConfigDB;
use File::Find;
use File::stat;
my $c = esmith::ConfigDB->open_ro || die "Error opening ConfigDB\n";
my $a = esmith::AccountsDB->open_ro || die "Error opening AccountsDB\n";
my $smb = $c->get('smb') || die "Can't find the smb service in the ConfigDB\n";
my $recycle = $smb->prop('RecycleBin') || 'disabled';
our $retention = $smb->prop('RecycleBinRetention') || 'unlimited';
$retention = 'unlimited' unless ($retention =~ m/^\d+$/);
exit(0) if (($recycle ne 'enabled') || ($retention eq 'unlimited'));
# Convert retention in seconds
$retention = 60*60*24*$retention;
foreach my $user ($a->get_all_by_prop(type=>'user')){
my $key = $user->key;
# Skip the user if RecycleBin doesn't exists
next unless (-d "/home/e-smith/files/users/$key/home/Recycle Bin");
finddepth(\&remove, "/home/e-smith/files/users/$key/home/Recycle Bin/");
}
sub remove{
# Remove files with last modification older than $retention
if ( -f ){
my $mtime = stat($_)->mtime;
(time() - $mtime > $retention) && unlink($_);
}
# Remove empty directories
elsif ( -d ){
(scalar <"$_/*">) || rmdir("$_");
}
}

@ -11,22 +11,15 @@ if [ "$BCC" != "enabled" -o "$ARCHIVE" != "enabled" ]; then
fi fi
USER=$(db configuration getprop qpsmtpd BccUser || echo 'maillog') USER=$(db configuration getprop qpsmtpd BccUser || echo 'maillog')
# Truncate if it's a mail address
USER=${USER%@*}
HOME="/home/e-smith/files/users/$USER" HOME="/home/e-smith/files/users/$USER"
# Stop here if the home dir doesn't exist
if [ \! -d $HOME ]; then
echo "$HOME doesn't exist"
exit 1
fi
MONTH=$(date +%m) MONTH=$(date +%m)
YEAR=$(date +%Y) YEAR=$(date +%Y)
su - -s /bin/bash $USER -c "maildirmake -f $YEAR $HOME/Maildir" 2>&1 > /dev/null su - -s /bin/bash $USER -c "maildirmake -f $YEAR $HOME/Maildir"
su - -s /bin/bash $USER -c "maildirmake -f $YEAR.$MONTH $HOME/Maildir" su - -s /bin/bash $USER -c "maildirmake -f $YEAR.$MONTH $HOME/Maildir"
# Lock mail delivery # Lock mail delivery
chmod +t $HOME chmod +t $HOME
cd $HOME cd $HOME

@ -83,72 +83,50 @@ foreach my $user (@users){
my $first = $user->prop('FirstName') || ''; my $first = $user->prop('FirstName') || '';
my $last = $user->prop('LastName') || ''; my $last = $user->prop('LastName') || '';
my $mail = $user->prop('PreferredEmail') || "$userName\@$domain"; my $mail = $user->prop('PreferredEmail') || "$userName\@$domain";
my $tel = $user->prop('Phone') || ''; my $tel = $user->prop('Phone') || $defTel;
my $mob = $user->prop('Mobile') || ''; my $mob = $user->prop('Mobile') || '';
my $fax = $user->prop('Fax') || ''; my $fax = $user->prop('Fax') || '';
my $func = $user->prop('Function1') || ''; my $func = $user->prop('Function1') || '';
my $func2 = $user->prop('Function2') || ''; my $func2 = $user->prop('Function2') || '';
my $func3 = $user->prop('Function3') || ''; my $func3 = $user->prop('Function3') || '';
my $func4 = $user->prop('Function4') || ''; my $func4 = $user->prop('Function4') || '';
my $comp = $user->prop('Company') || ''; my $comp = $user->prop('Company') || $defComp;
my $dep = $user->prop('Dept') || ''; my $dep = $user->prop('Dept') || $defDep;
my $postalcode = $user->prop('PostalCode') || ''; my $postalcode = $user->prop('PostalCode') || '';
my $street = $user->prop('Street') || ''; my $street = $user->prop('Street') || $defStreet;
my $city = $user->prop('City') || ''; my $city = $user->prop('City') || $defCity;
my $url = $user->prop('Url') || ''; my $url = $user->prop('Url') || '';
$url =~ s/^https?:\/\///;
$url =~ s/\/$//;
my $template = $user->prop('SignatureTemplate') || "email"; my $template = $user->prop('SignatureTemplate') || "email";
my $addr = "$street $postalcode $city"; my $addr = "$street $postalcode $city";
$tel = ($tel eq '') ? '':"Tél.: $tel";
$mob = ($mob eq '') ? '':"Mobile: $mob";
$fax = ($fax eq '') ? '':"Fax: $fax";
$url = ($url eq '') ? '':"Web: $url";
foreach my $ext (qw/txt html/){ foreach my $ext (qw/txt html/){
open(R, '<', "/home/e-smith/files/shares/tools/files/signatures/templates/$template.$ext") || open(R, '<', "/home/e-smith/files/shares/tools/files/signatures/templates/$template.$ext") ||
next; next;
open(W, '>', "$dir/email.$ext") || die "Error opening output file $dir/email.$ext\n"; open(W, '>', "$dir/email.$ext") || die "Error opening output file $dir/email.$ext\n";
my $src = '';
$src .= $_ foreach (<R>);
# Delete if value is empty
$src =~ s/__START_NOM__.*__END_NOM__//smg if ($last eq '');
$src =~ s/__START_PRENOM__.*__END_PRENOM__//smg if ($first eq '');
$src =~ s/__START_EMAIL__.*__END_EMAIL__//smg if ($mail eq '');
$src =~ s/__START_TEL__.*__END_TEL__//smg if ($tel eq '');
$src =~ s/__START_MOBILE__.*__END_MOBILE__//smg if ($mob eq '');
$src =~ s/__START_FAX__.*__END_FAX__//smg if ($fax eq '');
$src =~ s/__START_FONCTION__.*__END_FONCTION__//smg if ($func eq '');
$src =~ s/__START_FONCTION2__.*__END_FONCTION2__//smg if ($func2 eq '');
$src =~ s/__START_FONCTION3__.*__END_FONCTION3__//smg if ($func3 eq '');
$src =~ s/__START_FONCTION4__.*__END_FONCTION4__//smg if ($func4 eq '');
$src =~ s/__START_ENTREPRISE__.*__END_ENTREPRISE__//smg if ($comp eq '');
$src =~ s/__START_CODE_POSTAL__.*__END_CODE_POSTAL__//smg if ($postalcode eq '');
$src =~ s/__START_RUE__.*__END_RUE__//smg if ($street eq '');
$src =~ s/__START_VILLE__.*__END_VILLE__//smg if ($city eq '');
$src =~ s/__START_ADRESSE__.*__END_ADRESSE__//smg if ($addr eq '');
$src =~ s/__START_URL__.*__END_URL__//smg if ($url eq '');
$src =~ s/__NOM__/$last/g;
$src =~ s/__PRENOM__/$first/g;
$src =~ s/__EMAIL__/$mail/g;
$src =~ s/__TEL__/$tel/g;
$src =~ s/__MOBILE__/$mob/g;
$src =~ s/__FAX__/$fax/g;
$src =~ s/__FONCTION__/$func/g;
$src =~ s/__FONCTION2__/$func2/g;
$src =~ s/__FONCTION3__/$func3/g;
$src =~ s/__FONCTION4__/$func4/g;
$src =~ s/__SERVICE__/$dep/g;
$src =~ s/__ENTREPRISE__/$comp/g;
$src =~ s/__ADRESSE__/$addr/g;
$src =~ s/__CODE_POSTAL__/$postalcode/g;
$src =~ s/__RUE__/$street/g;
$src =~ s/__VILLE__/$city/g;
$src =~ s/__URL__/$url/g;
# Now remove any remaining __START_ and __END_ tags
$src =~ s/__(START|END)_\w+__//g;
print W $src;
foreach (<R>){
s/__NOM__/$last/g;
s/__PRENOM__/$first/g;
s/__EMAIL__/$mail/g;
s/__TEL__/$tel/g;
s/__MOBILE__/$mob/g;
s/__FAX__/$fax/g;
s/__FONCTION__/$func/g;
s/__FONCTION2__/$func2/g;
s/__FONCTION3__/$func3/g;
s/__FONCTION4__/$func4/g;
s/__SERVICE__/$dep/g;
s/__ENTREPRISE__/$comp/g;
s/__ADRESSE__/$addr/g;
s/__URL__/$url/g;
print W $_;
}
close R; close R;
close W; close W;
} }

@ -37,8 +37,7 @@ if (!$intranet){
WriteGroups => 'admins,equipe', WriteGroups => 'admins,equipe',
smbAccess => 'browseable', smbAccess => 'browseable',
httpAccess => 'none', httpAccess => 'none',
RecycleBin => 'disabled', RecycleBin => 'disabled'
Removable => 'no'
}); });
unless ( system("/sbin/e-smith/signal-event", "share-create", "intranet") == 0 ){ unless ( system("/sbin/e-smith/signal-event", "share-create", "intranet") == 0 ){
@ -59,8 +58,7 @@ if (!$extranet){
RequireSSL => 'disabled', RequireSSL => 'disabled',
Indexes => 'enabled', Indexes => 'enabled',
DynamicContent => 'disabled', DynamicContent => 'disabled',
RecycleBin => 'disabled', RecycleBin => 'disabled'
Removable => 'no'
}); });
unless ( system("/sbin/e-smith/signal-event", "share-create", "extranet") == 0 ){ unless ( system("/sbin/e-smith/signal-event", "share-create", "extranet") == 0 ){
@ -82,8 +80,7 @@ if (!$tools){
RequireSSL => 'disabled', RequireSSL => 'disabled',
Indexes => 'enabled', Indexes => 'enabled',
DynamicContent => 'disabled', DynamicContent => 'disabled',
RecycleBin => 'disabled', RecycleBin => 'disabled'
Removable => 'no'
}); });
unless ( system("/sbin/e-smith/signal-event", "share-create", "tools") == 0 ){ unless ( system("/sbin/e-smith/signal-event", "share-create", "tools") == 0 ){

@ -69,16 +69,14 @@ foreach my $acc (@accounts){
my $initials = $acc->prop('Initials') || ''; my $initials = $acc->prop('Initials') || '';
my $dshell = $acc->prop('DesktopShell') || ''; my $dshell = $acc->prop('DesktopShell') || '';
my $preferredemail = $acc->prop('PreferredEmail') || ''; my $preferredemail = $acc->prop('PreferredEmail') || '';
my $category = $acc->prop('Category') || '';
$preferredemail = "$user\@$domain" if ($preferredemail eq ''); $preferredemail = "$user\@$domain" if ($preferredemail eq '');
my $web = $acc->prop('Url') || ''; my $web = $acc->prop('Url') || '';
my (@postalcode,@mobile,@extension,@fax,@titles,@initials,@dshell,@preferredemail,@category,@web) = (); my (@postalcode,@mobile,@extension,@fax,@titles,@initials,@dshell,@preferredemail,@web) = ();
@postalcode = ($postalcode) unless ($postalcode eq ''); @postalcode = ($postalcode) unless ($postalcode eq '');
@mobile = ($mobile) unless ($mobile eq ''); @mobile = ($mobile) unless ($mobile eq '');
@extension = ($extension) unless ($extension eq ''); @extension = ($extension) unless ($extension eq '');
@fax = ($fax) unless ($fax eq ''); @fax = ($fax) unless ($fax eq '');
@category = ($category) unless ($category eq '');
foreach ($function1, $function2, $function3, $function4){ foreach ($function1, $function2, $function3, $function4){
push @titles, $_ if ($_ ne ''); push @titles, $_ if ($_ ne '');
} }
@ -96,7 +94,6 @@ foreach my $acc (@accounts){
initials => \@initials, initials => \@initials,
desktopLoginShell => \@dshell, desktopLoginShell => \@dshell,
preferredMail => \@preferredemail, preferredMail => \@preferredemail,
businessCategory => \@category,
labeledURI => \@web labeledURI => \@web
} }
); );

@ -12,17 +12,15 @@ my $setfacl = "/usr/bin/setfacl";
my $event = $ARGV [0]; my $event = $ARGV [0];
my $name = $ARGV [1]; my $name = $ARGV [1];
die "Event name missing\n" unless (defined $event); if ($event eq 'user-create'){
if ($event eq 'user-create' and defined $name){
mkpath "/home/e-smith/files/scan/$name"; mkpath "/home/e-smith/files/scan/$name";
system ("$setfacl", system ("$setfacl",
'-m', '-m',
"u:scanner:rwX,u:$name:rwX,g:admins:rwX,d:u:$name:rwX,d:g:admins:rwX", "u:scanner:w,u:$name:rwX,d:u:$name:rw",
'--', '--',
"/home/e-smith/files/scan/$name"); "/home/e-smith/files/scan/$name");
} }
elsif ($event eq 'user-delete' and defined $name){ elsif ($event eq 'user-delete'){
rmtree "/home/e-smith/files/scan/$name"; rmtree "/home/e-smith/files/scan/$name";
} }
else { else {
@ -34,22 +32,15 @@ else {
"/home/e-smith/files/scan/"); "/home/e-smith/files/scan/");
foreach ($a->users,$a->get('admin')){ foreach ($a->users,$a->get('admin')){
$name = $_->key; my $name = $_->key;
if (-d "/home/e-smith/files/scan/$name"){ mkdir "/home/e-smith/files/scan/$name", 0700
chmod 0700, "/home/e-smith/files/scan/$name"; unless (-d "/home/e-smith/files/scan/$name");
}
else {
mkdir "/home/e-smith/files/scan/$name", 0700;
}
system ("$setfacl", system ("$setfacl",
'-R',
'-m', '-m',
"u:scanner:rwX,u:$name:rwX,d:u:$name:rwX", "u:scanner:rwX,u:$name:rwX,d:u:$name:rwX",
'--', '--',
"/home/e-smith/files/scan/$name"); "/home/e-smith/files/scan/$name");
} }
chmod 0755, "/home/e-smith/files/scan/";
system ("$setfacl", "-R", "-m", "g:admins:rwX,d:g:admins:rwX", "/home/e-smith/files/scan/");
} }
exit (0); exit (0);

@ -119,7 +119,7 @@ foreach my $acct (@accounts){
my @alias = (); my @alias = ();
foreach (@pseudo){ foreach (@pseudo){
$_ = $_ . "\@" . ($acct->prop('EmailPrimaryDomain') || $domain) if $_ !~ /\@/; $_ = $_ . "\@$domain" if $_ !~ /\@/;
push (@alias, unac_string(decode('utf-8',$_))); push (@alias, unac_string(decode('utf-8',$_)));
} }
@alias = uniq(@alias); @alias = uniq(@alias);
@ -137,12 +137,10 @@ foreach my $acct (@accounts){
foreach my $entry ($result->all_entries()){ foreach my $entry ($result->all_entries()){
push @mails, $entry->get_value('mail'); push @mails, $entry->get_value('mail');
} }
my $oldfirst = $mails[0];
my $newfirst = $alias[0];
my $alias = join('\0', sort @alias); my $alias = join('\0', sort @alias);
my $mails = join('\0', sort @mails); my $mails = join('\0', sort @mails);
if (($alias ne $mails) or ($oldfirst ne $newfirst)){ unless ($alias eq $mails){
$result = $ldap->modify( $result = $ldap->modify(
"$dn=$key,ou=$ou,$base", "$dn=$key,ou=$ou,$base",
replace => { replace => {

@ -12,30 +12,6 @@
<trans>Cette page vous permet de modifier certaines informations liées aux utiliseurs. Ces informations seront publiées dans l'annuaire LDAP.</trans> <trans>Cette page vous permet de modifier certaines informations liées aux utiliseurs. Ces informations seront publiées dans l'annuaire LDAP.</trans>
</entry> </entry>
<entry> <entry>
<base>AUDIT</base>
<trans>Audit</trans>
</entry>
<entry>
<base>USER_AUDIT</base>
<trans>Audit Utilisateur</trans>
</entry>
<entry>
<base>AUDIT_DESC</base>
<trans>Cette page permet d'obtenir la liste des partages auxquels l'utilisateur a accès</trans>
</entry>
<entry>
<base>USER_LOGIN</base>
<trans>Identifiant</trans>
</entry>
<entry>
<base>SHARE_READ</base>
<trans>Accès en lecture</trans>
</entry>
<entry>
<base>SHARE_WRITE</base>
<trans>Accès en écriture</trans>
</entry>
<entry>
<base>USER_MODIFIED</base> <base>USER_MODIFIED</base>
<trans>Utilisateur modifié avec succès</trans> <trans>Utilisateur modifié avec succès</trans>
</entry> </entry>
@ -64,10 +40,6 @@
<trans>Société</trans> <trans>Société</trans>
</entry> </entry>
<entry> <entry>
<base>CATEGORY</base>
<trans>Catégorie</trans>
</entry>
<entry>
<base>STREET_ADDRESS</base> <base>STREET_ADDRESS</base>
<trans>Adresse</trans> <trans>Adresse</trans>
</entry> </entry>
@ -127,16 +99,4 @@
<base>DESKTOP_SHELL</base> <base>DESKTOP_SHELL</base>
<trans>Shell de connexion aux postes de travail</trans> <trans>Shell de connexion aux postes de travail</trans>
</entry> </entry>
<entry>
<base>CHROOT_DIR</base>
<trans>Répertoire racine (chroot)</trans>
</entry>
<entry>
<base>DIR_DOES_NOT_EXIST</base>
<trans>Ce répertoire n'existe pas</trans>
</entry>
<entry>
<base>IS_NOT_AN_EXECUTABLE</base>
<trans>Veuillez sélectionner un exécutable</trans>
</entry>
</lexicon> </lexicon>

@ -0,0 +1,2 @@
local5.=notice -/var/log/smb_audit.log
local5.*;local5.!=notice -{ "${messages}" }

@ -1 +1,3 @@
#!/bin/sh
exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg

@ -1,7 +0,0 @@
<Location /server-status>
SetHandler server-status
Order deny,allow
deny from all
allow from 127.0.0.1
</Location>
ExtendedStatus On

@ -1,16 +0,0 @@
{
if (($spamassassin{UseBayes} || '0') =~ m/^1|on|yes|enabled$/ && ($spamassassin{BayesAutoLearn} || 'no') =~ m/^1|on|yes|enabled$/){
my $ham_thres = $spamassassin{BayesHamThreshold} || '-1.0';
my $spam_thres = $spamassassin{BayesSpamThreshold} || '6';
$OUT .=<<"_EOF";
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam $ham_thres
bayes_auto_learn_threshold_spam $spam_thres
_EOF
}
else{
$OUT .=<<"_EOF";
bayes_auto_learn 0
_EOF
}
}

@ -1,83 +0,0 @@
#####################################################################################
##### FRENCH SPECIFIC SPAMASSASSIN RULES.
##### USE AND REDISTRIBUTE WITH THIS NOTE AT YOUR OWN RISK AND PLEASURE.
##### AUTHOR: John GALLET
##### Version: 2008-JUNE-21
##### Latest: http://www.saphirtech.fr/
##### Status: It Works For Me (tm)
#####################################################################################
# Spam is legal in France !
body FR_SPAMISLEGAL /\b(Conform.+ment|En vertu).\{0,5\}(article.\{0,4\}34.\{0,4\})?la loi\b/i
describe FR_SPAMISLEGAL French: pretends spam is (l)awful.
lang fr describe FR_SPAMISLEGAL Invoque la loi informatique et libertes.
score FR_SPAMISLEGAL 1.0
body FR_SPAMISLEGAL_2 /\bdroit d.acc.+s.\{1,3\}(de modification)?.\{0,5\}de rectification\b/i
describe FR_SPAMISLEGAL_2 French: pretends spam is (l)awful.
lang fr describe FR_SPAMISLEGAL_2 Invoque le droit de rectification cnil.
score FR_SPAMISLEGAL_2 1.0
#####
# yeah, sure.
body FR_NOTSPAM /\b(ceci|ce).\{1,9\} n.est pas.\{1,5\}spam\b/i
describe FR_NOTSPAM French: claims not to be spam.
lang fr describe FR_NOTSPAM Affirme ne pas etre du spam.
score FR_NOTSPAM 2.5
#####
## I can pay my taxes
body FR_PAYLESSTAXES /\b(paye|calcul|simul|r.+dui|investi).\{1,7\}(moins|vo|ses).\{0,5\}imp.+t(s)?\b/i
describe FR_PAYLESSTAXES French: Pay less taxes
lang fr describe FR_PAYLESSTAXES Simulateurs et reductions d'impots.
score FR_PAYLESSTAXES 2.0
body FR_REALESTATE_INVEST /\b(loi)? (de.robien|girardin).\{1,15\}(neuf|recentr.+|ancien|IR|IS|imp.+t(s)?|industriel(le)?)\b/i
describe FR_REALESTATE_INVEST French: Invest in real-estate with tax-reductions
lang fr describe FR_REALESTATE_INVEST Reduction impots immobilier.
score FR_REALESTATE_INVEST 2.5
#####
# I won at the casino
body FR_ONLINEGAMBLING /\b(casino(s)?|jeu(x)?|joueur(s)?) (en ligne|de grattage)\b/i
describe FR_ONLINEGAMBLING French: Online gambling
lang fr describe FR_ONLINEGAMBLING Jeux en ligne.
score FR_ONLINEGAMBLING 2.0
#####
# Baby, did you forget to take your meds ?
body FR_ONLINEMEDS /\bpharmacie(s)? (en ligne|internet)\b/i
describe FR_ONLINEMEDS French: Online meds ordering
lang fr describe FR_ONLINEMEDS Achat de medicaments en ligne.
score FR_ONLINEMEDS 2.5
######
# Tell me why
body FR_REASON_SUBSCRIBE /\bVous recevez ce(t|tte)? (message|mail|m.+l|lettre|news.+|information) (car|parce que)\b/i
describe FR_REASON_SUBSCRIBE French: you subscribed to my spam.
lang fr describe FR_REASON_SUBSCRIBE Indique pourquoi vous recevez le courrier.
score FR_REASON_SUBSCRIBE 0.8
#####
# How to unsubscribe
body FR_HOWTOUNSUBSCRIBE /\b(souhaitez|d.+sirez|pour).\{1,10\}(plus.\{1,\}recevoir|d.+sincrire|d.+sinscription|d.+sabonner).\{0,10\}(information|email|mail|mailing|newsletter|lettre|liste|message|offre|promotion|programme)(s)?\b/i
describe FR_HOWTOUNSUBSCRIBE French: how to unsubscribe
lang fr describe FR_HOWTOUNSUBSCRIBE Indique comment se desabonner.
score FR_HOWTOUNSUBSCRIBE 0.8
####
# Various "CRM" (Could Remove Me)
#####
header FR_MAILER_1 X-Mailer =~ /(delosmail|cabestan|ems|mp6|wamailer|eMailink|Accucast|Benchmail|MailChimp)/i
describe FR_MAILER_1 French spammy X-Mailer
lang fr describe FR_MAILER_1 X-Mailer couramment employe pour des spams en francais.
score FR_MAILER_1 1.0
header FR_MAILER_2 X-EMV-CampagneId =~ /.+/
describe FR_MAILER_2 French spammy mailer header
lang fr describe FR_MAILER_2 X-Mailer couramment employe pour des spams en francais.
score FR_MAILER_2 2.0
#####################################################################################
##### END FRENCH SPECIFIC SPAMASSASSIN RULES.
#####################################################################################

@ -1,129 +0,0 @@
# Check someblacklists
header RCVD_IN_GBUDB eval:check_rbl('gbudb', 'truncate.gbudb.net.', '127.0.0.2')
describe RCVD_IN_GBUDB Listed in truncate.gbudb.net
tflags RCVD_IN_GBUDB net
score RCVD_IN_GBUDB 1.0
header RCVD_IN_IMP_SPAMLIST eval:check_rbl('spamrbl-lastexternal','spamrbl.imp.ch.','127.0.1.5')
describe RCVD_IN_IMP_SPAMLIST Listed in spamrbl.imp.ch
tflags RCVD_IN_IMP_SPAMLIST net
score RCVD_IN_IMP_SPAMLIST 1.0
header RCVD_IN_INPS eval:check_rbl('inps-de-lastexternal','dnsbl.inps.de.')
describe RCVD_IN_INPS Received via a relay in inps.de DNSBL
tflags RCVD_IN_INPS net
score RCVD_IN_INPS 1.0
header RCVD_IN_JMF_BL eval:check_rbl_sub('JMF-lastexternal','hostkarma.junkemailfilter.com','127.0.0.2')
describe RCVD_IN_JMF_BL Sender listed in JMF-BLACK
tflags RCVD_IN_JMF_BL net
score RCVD_IN_JMF_BL 1.0
header RCVD_IN_NIX_SPAM eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
describe RCVD_IN_NIX_SPAM Listed in NIX-SPAM DNSBL (heise.de)
tflags RCVD_IN_NIX_SPAM net
score RCVD_IN_NIX_SPAM 1.0
header RCVD_IN_SORBS eval:check_rbl('sorbscombined','dnsbl.sorbs.net.')
describe RCVD_IN_SORBS Sender listed at http://www.sorbs.net
tflags RCVD_IN_SORBS net
score RCVD_IN_SORBS 1.0
header RCVD_IN_SEM_BLACK eval:check_rbl('semblack-lastexternal','bl.spameatingmonkey.net')
tflags RCVD_IN_SEM_BLACK net
describe RCVD_IN_SEM_BLACK Received from an IP listed by SEM-BLACK
score RCVD_IN_SEM_BLACK 1.0
header RCVD_IN_SEMNETBLACK eval:check_rbl('semnetblack-lastexternal', 'netbl.spameatingmonkey.net')
tflags RCVD_IN_SEMNETBLACK net
describe RCVD_IN_SEMNETBLACK Received from an IP listed by SEM-NETBLACK
score RCVD_IN_SEMNETBLACK 1.0
urirhssub SEM_URIRED urired.spameatingmonkey.net. A 2
body SEM_URIRED eval:check_uridnsbl('SEM_URIRED')
describe SEM_URIRED Contains a URI listed by SEM-URIRED
tflags SEM_URIRED net
score SEM_URIRED 1.0
urirhssub SEM_FRESH fresh.spameatingmonkey.net. A 2
body SEM_FRESH eval:check_uridnsbl('SEM_FRESH')
describe SEM_FRESH Contains a domain registered less than 5 days ago
tflags SEM_FRESH net
score SEM_FRESH 1.0
header RCVD_IN_SPAMRATS_DYNA eval:check_rbl('spamratsdyna-lastexternal','dyna.spamrats.com.')
describe RCVD_IN_SPAMRATS_DYNA Sender listed in spamratsdyna
tflags RCVD_IN_SPAMRATS_DYNA net
score RCVD_IN_SPAMRATS_DYNA 1.0
header RCVD_IN_SPAMRATS_NOPTR eval:check_rbl('spamratsnoptr-lastexternal','noptr.spamrats.com.')
describe RCVD_IN_SPAMRATS_NOPTR Sender listed in spamratsnoptr
tflags RCVD_IN_SPAMRATS_NOPTR net
score RCVD_IN_SPAMRATS_NOPTR 1.0
urirhsbl URIBL_SC_SWINOG uribl.swinog.ch. A
body URIBL_SC_SWINOG eval:check_uridnsbl('URIBL_SC_SWINOG')
describe URIBL_SC_SWINOG URI's listed in uribl.swinog.ch.
tflags URIBL_SC_SWINOG net
score URIBL_SC_SWINOG 1.0
header RCVD_IN_UCEPROTECT1 eval:check_rbl_txt('uceprotect1-lastexternal','dnsbl-1.uceprotect.net.')
describe RCVD_IN_UCEPROTECT1 Listed in dnsbl-1.uceprotect.net (open relay/proxy/dialup)
tflags RCVD_IN_UCEPROTECT1 net
score RCVD_IN_UCEPROTECT1 1.0
header RCVD_IN_UNSUBSCORE eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
describe RCVD_IN_UNSUBSCORE Listed in Lashback unsubscore.com
tflags RCVD_IN_UNSUBSCORE net
score RCVD_IN_UNSUBSCORE 1.0
header RCVD_IN_WPBL eval:check_rbl('wpbl-lastexternal','db.wpbl.info.','127.0.0.2')
describe RCVD_IN_WPBL Listed in wpbl
tflags RCVD_IN_WPBL net
score RCVD_IN_WPBL 1.0
header RCVD_IN_S5HBL eval:check_rbl_txt('s5hbl', 'all.s5h.net')
describe RCVD_IN_S5HBL Listed in all.s5h.net
tflags RCVD_IN_S5HBL net
score RCVD_IN_S5HBL 1.0
header RCVD_IN_SPAMCANNIBAL eval:check_rbl('spamcannibal', 'bl.spamcannibal.org')
describe RCVD_IN_SPAMCANNIBAL Listed in bl.spamcannibal.org
tflags RCVD_IN_SPAMCANNIBAL net
score RCVD_IN_SPAMCANNIBAL 1.0
header RCVD_IN_BACKSCATTERER eval:check_rbl('backscatterer', 'ips.backscatterer.org')
describe RCVD_IN_BACKSCATTERER Listed in ips.backscatterer.org
tflags RCVD_IN_BACKSCATTERER net
score RCVD_IN_BACKSCATTERER 1.0
header RCVD_IN_FABEL eval:check_rbl('fabel', 'spamsources.fabel.dk.')
describe RCVD_IN_FABEL Received via a relay in spamsources.fabel.dk
tflags RCVD_IN_FABEL net
score RCVD_IN_FABEL 1.0
header RCVD_IN_DRONEBL eval:check_rbl('dronebl', 'dnsbl.dronebl.org')
describe RCVD_IN_DRONEBL Listed in dnsbl.dronebl.org
tflags RCVD_IN_DRONEBL net
score RCVD_IN_DRONEBL 1.0
header RCVD_IN_MANITU eval:check_rbl('manitu', 'ix.dnsbl.manitu.net')
describe RCVD_IN_MANITU Listed in ix.dnsbl.manitu.net
tflags RCVD_IN_MANITU net
score RCVD_IN_MANITU 1.0
header RCVD_IN_SINGULAR eval:check_rbl('singular', 'singular.ttk.pte.hu')
describe RCVD_IN_SINGULAR Listed in singular.ttk.pte.hu
tflags RCVD_IN_SINGULAR net
score RCVD_IN_SINGULAR 1.0
header RCVD_IN_SPAMBOT_DIGIBASE eval:check_rbl('spambot-digibase', 'spambot.bls.digibase.ca')
describe RCVD_IN_SPAMBOT_DIGIBASE Listed in spambot.bls.digibase.ca
tflags RCVD_IN_SPAMBOT_DIGIBASE net
score RCVD_IN_SPAMBOT_DIGIBASE 1.0
header RCVD_IN_OPENPROXY_DIGIBASE eval:check_rbl('openproxy-digibase', 'openproxy.bls.digibase.ca')
describe RCVD_IN_OPENPROXY_DIGIBASE Listed in openproxy.bls.digibase.ca
tflags RCVD_IN_OPENPROXY_DIGIBASE net
score RCVD_IN_OPENPROXY_DIGIBASE 1.0

@ -1,3 +0,0 @@
local5.notice /var/log/smb_audit.log
local5.notice ~

@ -6,7 +6,7 @@ unless ($fwd =~ m/^yes|enabled|on|1$/i){
$OUT .=<<"EOF"; $OUT .=<<"EOF";
forwarded_for off forwarded_for off
request_header_access X-Forwarded-For deny all header_access X-Forwarded-For deny all
EOF EOF
} }

@ -1,5 +0,0 @@
{
my $spf = $qpsmtpd{'CheckSPF'} || 'disabled';
return '' unless ($spf =~ m/^[012]$/);
return "sender_permitted_from spf_deny $spf";
}

@ -1,11 +0,0 @@
{
return "" unless (-x '/usr/bin/make-srv');
$OUT .= "# SRV Records for Email services\n";
$OUT .= `/usr/bin/make-srv -service _imap._tcp.$DomainName -target $SystemName.$DomainName -port 143`;
$OUT .= `/usr/bin/make-srv -service _imaps._tcp.$DomainName -target $SystemName.$DomainName -port 993`;
$OUT .= `/usr/bin/make-srv -service _smtp._tcp.$DomainName -target $SystemName.$DomainName -port 25`;
$OUT .= `/usr/bin/make-srv -service _smtps._tcp.$DomainName -target $SystemName.$DomainName -port 465`;
}

@ -1,16 +0,0 @@
{
if (($qpsmtpd{RejectSpoofedLocalDomains} || 'disabled') eq 'enabled'){
$OUT .= "# SPF entries for local domains\n";
my $allowed = '';
foreach my $ip ( split /[;,]/, ($qpsmtpd{AllowedRemoteIP} || '')){
$allowed .= 'ip4\072'.$ip.' ';
}
foreach my $domain (get_domains()){
$OUT .= "'$domain:v=spf1 mx $allowed-all:3600\n";
$OUT .= ":$domain:99:\041v=spf1 mx $allowed-all:3600\n";
}
}
else{
$OUT .= "\n";
}
}

@ -7,7 +7,7 @@
# navigation : 2000 2100 # navigation : 2000 2100
#---------------------------------------------------------------------- #----------------------------------------------------------------------
#---------------------------------------------------------------------- #----------------------------------------------------------------------
# Copyright (C) 2011-2014 Firewall-Services # copyright (C) 2011 Firewall-Services
# daniel@firewall-services.com # daniel@firewall-services.com
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@ -34,6 +34,8 @@ use esmith::FormMagick::Panel::userinfo;
my $fm = esmith::FormMagick::Panel::userinfo->new(); my $fm = esmith::FormMagick::Panel::userinfo->new();
use CGI;
my $q = new CGI;
$fm->display(); $fm->display();
__DATA__ __DATA__
@ -42,24 +44,6 @@ __DATA__
<description>FIRSTPAGE_DESC</description> <description>FIRSTPAGE_DESC</description>
<subroutine src="print_user_table()" /> <subroutine src="print_user_table()" />
</page> </page>
<page name="Audit" pre-event="turn_off_buttons()">
<title>USER_AUDIT</title>
<description>AUDIT_DESC</description>
<field type="literal" id="acctName" value="$q->param('acctName')">
<label>USER_LOGIN</label>
</field>
<field type="literal" id="userName" value="get_name()">
<label>USER_NAME</label>
</field>
<subroutine src="print_section_bar()" />
<field type="literal" id="readShares" value="get_shares('read')">
<label>SHARE_READ</label>
</field>
<subroutine src="print_section_bar()" />
<field type="literal" id="writeShares" value="get_shares('write')">
<label>SHARE_WRITE</label>
</field>
</page>
<page name="Modify" pre-event="turn_off_buttons()" post-event="modify_user()"> <page name="Modify" pre-event="turn_off_buttons()" post-event="modify_user()">
<description>MODIFY_DESC</description> <description>MODIFY_DESC</description>
<field type="text" size="30" id="FirstName" validation="nonblank, pseudonym_clash" <field type="text" size="30" id="FirstName" validation="nonblank, pseudonym_clash"
@ -78,10 +62,6 @@ __DATA__
value="get_ldap_value('Company')"> value="get_ldap_value('Company')">
<label>COMPANY</label> <label>COMPANY</label>
</field> </field>
<field type="text" size="30" id="Category"
value="get_ldap_value('Category')">
<label>CATEGORY</label>
</field>
<field type="text" size="30" id="Street" <field type="text" size="30" id="Street"
value="get_ldap_value('Street')"> value="get_ldap_value('Street')">
<label>STREET_ADDRESS</label> <label>STREET_ADDRESS</label>
@ -155,17 +135,13 @@ __DATA__
<label>URL</label> <label>URL</label>
</field> </field>
<field type="text" size="30" id="Shell" <field type="text" size="30" id="Shell"
value="get_ldap_value('Shell')" validation="exec_exists_or_empty"> value="get_ldap_value('Shell')">
<label>SHELL</label> <label>SHELL</label>
</field> </field>
<field type="text" size="30" id="DesktopShell" <field type="text" size="30" id="DesktopShell"
value="get_ldap_value('DesktopShell')"> value="get_ldap_value('DesktopShell')">
<label>DESKTOP_SHELL</label> <label>DESKTOP_SHELL</label>
</field> </field>
<field type="text" size="30" id="ChrootDir"
value="get_ldap_value('ChrootDir')" validation="dir_exists_or_empty">
<label>CHROOT_DIR</label>
</field>
<subroutine src="print_save_button()" /> <subroutine src="print_save_button()" />
</page> </page>
</form> </form>

@ -1,181 +0,0 @@
#!/usr/bin/perl
# $Header: /u/cvsroot/env/b/make-srv,v 1.3 2002/10/30 17:26:42 mayoff Exp $
use strict;
use Getopt::Long;
use Pod::Usage;
my $priority = 0;
my $weight = 0;
my $service;
my $port;
my $target;
my $help = 0;
my $result = GetOptions(
'help|?' => \$help,
'service=s' => \$service,
'priority=i' => \$priority,
'weight=i' => \$weight,
'port=i' => \$port,
'target=s' => \$target
) || pod2usage(2);
pod2usage(1) if $help;
pod2usage(3) if (!defined($service) || !defined($port) || !defined($target));
my $data = tinydns_escape(
pack("nnn", $priority, $weight, $port)
. dotted_sequence_to_label_sequence($target));
print ":$service:33:$data\n";
exit 0;
sub tinydns_escape {
my ($data) = @_;
$data =~ s{[\000-\037:\\\177-\377]}{
sprintf("\\%03o", unpack('C', $&))
}ge;
return $data;
}
sub dotted_sequence_to_label_sequence {
my ($dotted) = @_;
my @chars = split(//, $dotted);
my $l = scalar(@chars);
my $out = '';
my $label = '';
my $i = 0;
while (1) {
my $c;
if ($i < $l) {
$c = $chars[$i];
$i++;
}
else {
$c = '.';
}
if ($c eq '.') {
my $ll = length($label);
if ($ll > 63) {
die "$dotted contains a label of length $ll, but max length is 63";
}
if ($ll > 0) {
$out .= pack('C', $ll);
$out .= $label;
$label = '';
}
last if ($i >= $l);
next;
}
if ($c eq '\\') {
if ($i < $l) {
$c = $chars[$i];
$i++;
if ($c ge '0' && $c le '7') {
my $o = $c;
if ($i < $l) {
$c = $chars[$i];
if ($c ge '0' && $c le '7') {
$i++;
$o .= $c;
if ($i < $l) {
$c = $chars[$i];
if ($c ge '0' && $c le '7') {
$i++;
$o .= $c;
}
}
}
}
$c = pack('C', oct($o));
}
}
}
$label .= $c;
}
$out .= "\000";
return $out;
}
__END__
=head1 NAME
make-srv - Make an SRV record for tinydns
=head1 SYNOPSIS
make-srv -service I<service> -target I<target> -port I<port> [I<options>]
Options:
=over 4
=item -priority I<priority>
=item -weight I<weight>
=head1 DESCRIPTION
This command prints a DNS SRV record to standard output in
C<tinydns-data> format. This record is defined by RFC 2052.
The C<-service> flag specifies the domain name for which
the SRV record is defined. This name should have the format
I<service>C<.>I<protocol>C<.>I<domain>. For example:
C<http.tcp.dqd.com>. You must specify the C<-service> flag.
The C<-target> flag specifies the target domain name of the record. The
I<target> must be a domain name with an associated A record. (This
command doesn't verify that, but the RFC says it's a requirement.) You
must specify the C<-target> flag.
The C<-port> flag specifies the port number of the record. You must
specify the C<-port> flag.
The C<-priority> and C<-weight> flags specify the priority and weight of
the record. These flags are optional; I<priority> and I<weight> are
zero by default.
Example:
$ make-srv -service http.tcp.dqd.com -target zot.dqd.com -port 80
:http.tcp.dqd.com:33:\000\000\000\000\000P\003zot\003dqd\003com\000
You may add the I<ttl>, I<timestamp>, and I<lo> fields to the end of the
line yourself if necessary. For example,
:http.tcp.dqd.com:33:\000\000\000\000\000P\003zot\003dqd\003com\000:::in
is the same SRV record as in the example above, but will be visible only
to clients in the C<in> location. See the C<tinydns-data> documentation
for help with these fields.
=head1 LINKS
=over
=item *
RFC 2052: L<http://www.ietf.org/rfc/rfc2052.txt>
=item *
C<tinydns-data> documentation: L<http://cr.yp.to/djbdns/tinydns-data.html>
=back
=cut

@ -1,7 +1,7 @@
#!/usr/bin/perl -w #!/usr/bin/perl -w
#--------------------------------------------------------------------- #---------------------------------------------------------------------
# Copyright (C) 2011-2014 Firewall-Services # copyright (C) 2011 Firewall-Services
# daniel@firewall-services.com # daniel@firewall-services.com
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@ -27,7 +27,6 @@ use esmith::AccountsDB;
use esmith::ConfigDB; use esmith::ConfigDB;
use esmith::cgi; use esmith::cgi;
use esmith::util; use esmith::util;
use List::MoreUtils qw(uniq);
use File::Basename; use File::Basename;
use Exporter; use Exporter;
use Carp qw(verbose); use Carp qw(verbose);
@ -36,9 +35,6 @@ our @ISA = qw(esmith::FormMagick Exporter);
our @EXPORT = qw( our @EXPORT = qw(
print_user_table print_user_table
print_section_bar
get_name
get_shares
get_ldap_value get_ldap_value
print_save_button print_save_button
get_prop get_prop
@ -58,6 +54,10 @@ sub new {
sub print_user_table { sub print_user_table {
my $self = shift; my $self = shift;
my $q = $self->{cgi}; my $q = $self->{cgi};
my $account = $self->localise('ACCOUNT');
my $acctName = $self->localise('USER_NAME');
my $modify = $self->localise('MODIFY');
my @users = $accountdb->get('admin'); my @users = $accountdb->get('admin');
push @users, $accountdb->users(); push @users, $accountdb->users();
@ -69,27 +69,23 @@ sub print_user_table {
print " <tr>\n <td colspan=\"2\">\n "; print " <tr>\n <td colspan=\"2\">\n ";
print $q->start_table ({-CLASS => "sme-border"}),"\n "; print $q->start_table ({-CLASS => "sme-border"}),"\n ";
print $q->Tr( print $q->Tr(
esmith::cgi::genSmallCell($q, $self->localise('ACCOUNT'),"header"), esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
esmith::cgi::genSmallCell($q, $self->localise('USER_NAME'),"header"), esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4) esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
);
my $scriptname = basename($0); my $scriptname = basename($0);
my $index=0;
foreach my $u (@users) { foreach my $u (@users) {
my $username = $u->key(); my $username = $u->key();
my $first = $u->prop('FirstName'); my $first = $u->prop('FirstName');
my $last = $u->prop('LastName'); my $last = $u->prop('LastName');
my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Modify\">" . my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=Modify\">$modify</a>";
$self->localise('MODIFY') . "</a>";
my $action2 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Audit\">" .
$self->localise('AUDIT') . "</a>";
print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ", print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ",
esmith::cgi::genSmallCell($q, "$first $last","normal")," ", esmith::cgi::genSmallCell($q, "$first $last","normal")," ",
esmith::cgi::genSmallCell($q, "$action1","normal")," ", esmith::cgi::genSmallCell($q, "$action1","normal"));
esmith::cgi::genSmallCell($q, "$action2","normal"));
} }
print qq(</table></td></tr>\n); print qq(</table></td></tr>\n);
@ -97,69 +93,6 @@ sub print_user_table {
return ""; return "";
} }
sub print_section_bar{
my $self = shift;
print " <tr>\n <td colspan='2'>\n";
print "<hr class=\"sectionbar\"/>\n";
return undef;
}
sub get_shares {
my ($self, $mode) = @_;
my $q = $self->{cgi};
my $user = $q->param('acctName');
my @read;
my @write;
# Loop through all the ibays to check which ones are accessible
foreach my $ibay ($accountdb->ibays){
my $name = $ibay->key;
my $desc = $ibay->prop('Name');
my $group = $ibay->prop('Group');
next unless $accountdb->is_user_in_group($user, $group);
my $perm = $ibay->prop('UserAccess');
if ($perm eq 'wr-admin-rd-group'){
push @read, $name . " ($desc)";
}
else{
push @write, $name . " ($desc)";
}
}
# Now check shared folders
foreach my $share ($accountdb->get_all_by_prop(type=>'share')){
my $name = $share->key;
my $desc = $share->prop('Name');
foreach my $group (split /[;,]/, ($share->prop('ReadGroups') || '')){
push @read, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
}
foreach my $u (split /[;,]/, ($share->prop('ReadUsers') || '')){
push @read, $name . " ($desc)" if $user eq $u;
}
foreach my $group (split /[;,]/, ($share->prop('WriteGroups') || '')){
push @write, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
}
foreach my $u (split /[;,]/, ($share->prop('WriteUsers') || '')){
push @write, $name . " ($desc)" if $user eq $u;
}
}
@write = uniq @write;
@read = uniq @read;
my @tmp = ();
foreach my $r (@read){
push @tmp, $r unless grep { $r eq $_ } @write;
}
@read = @tmp;
my @res = ($mode eq 'write') ? @write : @read;
return join "<br>", @res;
}
sub get_name {
my ($self) = @_;
return get_ldap_value($self, 'FirstName') . " " . get_ldap_value($self, 'LastName');
}
sub get_ldap_value { sub get_ldap_value {
my ($self, $field) = @_; my ($self, $field) = @_;
@ -172,6 +105,8 @@ sub print_save_button {
my ($self) = @_; my ($self) = @_;
my $cgi = $self->{cgi};
$self->print_button("SAVE"); $self->print_button("SAVE");
} }
@ -213,11 +148,9 @@ sub modify_user {
'AltEmail3' => $self->{cgi}->param('AltEmail3'), 'AltEmail3' => $self->{cgi}->param('AltEmail3'),
'AltEmail4' => $self->{cgi}->param('AltEmail4'), 'AltEmail4' => $self->{cgi}->param('AltEmail4'),
'PreferredEmail' => $self->{cgi}->param('PreferredEmail'), 'PreferredEmail' => $self->{cgi}->param('PreferredEmail'),
'Category' => $self->{cgi}->param('Category'),
'Url' => $self->{cgi}->param('Url'), 'Url' => $self->{cgi}->param('Url'),
'Shell' => $self->{cgi}->param('Shell'), 'Shell' => $self->{cgi}->param('Shell'),
'DesktopShell' => $self->{cgi}->param('DesktopShell'), 'DesktopShell' => $self->{cgi}->param('DesktopShell'),
'ChrootDir' => $self->{cgi}->param('ChrootDir'),
); );
$acct->merge_props(%newProperties); $acct->merge_props(%newProperties);
@ -301,21 +234,4 @@ sub url_or_empty {
return $ret; return $ret;
} }
sub dir_exists_or_empty {
my ($self, $field) = @_;
my $ret = $self->localise('DIR_DOES_NOT_EXIST');
$ret = 'OK' if ((-d "$field") || ($field eq ''));
return $ret;
}
sub exec_exists_or_empty {
my ($self, $field) = @_;
my $ret = $self->localise('IS_NOT_AN_EXECUTABLE');
$ret = 'OK' if ((-x "$field") || ($field eq ''));
return $ret;
}
1; 1;

@ -82,10 +82,7 @@ sub get_group_mail {
my $domain = $db->get('DomainName')->value(); my $domain = $db->get('DomainName')->value();
my @mails = ("$group\@$domain"); my @mails = ("$group\@$domain");
foreach ($accounts->pseudonyms()){ foreach ($accounts->pseudonyms()){
next unless (($_->prop('Account') || '') eq $group); push @mails, $_->key . "\@$domain" if (($_->prop('Account') || '') eq $group);
my $mail = $_->key;
$mail .= "\@$domain" if ($mail !~ /\@/);
push @mails, $mail;
} }
return join("<br>",@mails); return join("<br>",@mails);
} }

@ -1 +0,0 @@
winnow.spam.ts.brokenspam.1
Loading…
Cancel
Save