diff -Naur a/libs/ldaplib/conn_utils.py b/libs/ldaplib/conn_utils.py--- a/libs

1. diff -Naur a/libs/ldaplib/conn_utils.py b/libs/ldaplib/conn_utils.py
2. --- a/libs/ldaplib/conn_utils.py    2016-05-10 08:26:17.000000000 +0800
3. +++ b/libs/ldaplib/conn_utils.py    2016-07-20 11:58:42.000000000 +0800
4. @@ -1,6 +1,7 @@
5.  # Author: Zhang Huangbin <zhb _at_ iredmail.org>
6.  
7.  from libs.logger import logger
8. +from libs import utils
9.  import ldap
10.  import settings
11.  from libs import MAILLIST_POLICY_MEMBERSONLY, \
12. @@ -63,6 +64,10 @@
13.      basedn = domaindn
14.      search_scope = 2
15.  
16. +    # Use 'moderatorsonly' instead of 'allowedonly'
17. +    if policy == 'allowedonly':
18. +        policy = 'moderatorsonly'
19. +
20.      # Set search filter, attributes based on policy.
21.      # Override base dn, scope if necessary.
22.      if policy == MAILLIST_POLICY_MEMBERSONLY:
23. @@ -73,7 +78,7 @@
24.                          ')'
25.  
26.          # Get both mail and shadowAddress.
27. -        search_attrs = ['mail', 'shadowAddress', ]
28. +        search_attrs = ['mail', 'shadowAddress']
29.      elif policy == MAILLIST_POLICY_MEMBERSANDMODERATORSONLY:
30.          # Policy: policy==
31.          # Filter used to get both members and moderators.
32. @@ -186,3 +191,27 @@
33.                          allowed_senders += ['.' + d for d in domains]
34.  
35.      return [u.lower() for u in allowed_senders]
36. +
37. +
38. +def is_local_domain(conn, domain):
39. +    if not utils.is_domain(domain):
40. +        return False
41. +
42. +    if utils.is_server_hostname(domain):
43. +        return True
44. +
45. +    try:
46. +        filter_domains = '(&(objectClass=mailDomain)'
47. +        filter_domains += '(|(domainName=%s)(domainAliasName=%s))' % (domain, domain)
48. +        filter_domains += ')'
49. +
50. +        qr = conn.search_s(settings.ldap_basedn,
51. +                           1,   # 1 == ldap.SCOPE_ONELEVEL
52. +                           filter_domains,
53. +                           ['dn'])
54. +        if qr:
55. +            return True
56. +    except Exception, e:
57. +        logger.error('<!> Error while querying alias domain: %s' % str(e))
58. +
59. +    return False
60. diff -Naur a/libs/sql/__init__.py b/libs/sql/__init__.py
61. --- a/libs/sql/__init__.py  2016-05-10 08:26:17.000000000 +0800
62. +++ b/libs/sql/__init__.py  2016-07-20 11:58:48.000000000 +0800
63. @@ -0,0 +1,27 @@
64. +from libs.logger import logger
65. +from libs import utils
66. +
67. +def is_local_domain(conn, domain):
68. +    if not utils.is_domain(domain):
69. +        return False
70. +
71. +    if utils.is_server_hostname(domain):
72. +        return True
73. +
74. +    try:
75. +        sql = """SELECT alias_domain
76. +                   FROM alias_domain
77. +                  WHERE alias_domain='%s' OR target_domain='%s'
78. +                  LIMIT 1""" % (domain, domain)
79. +        logger.debug('[SQL] query alias domains: \n%s' % sql)
80. +
81. +        qr = conn.execute(sql)
82. +        sql_record = qr.fetchone()
83. +        logger.debug('SQL query result: %s' % str(sql_record))
84. +
85. +        if sql_record:
86. +            return True
87. +    except Exception, e:
88. +        logger.error('<!> Error while querying alias domain: %s' % str(e))
89. +
90. +    return False
91. diff -Naur a/plugins/amavisd_wblist.py b/plugins/amavisd_wblist.py
92. --- a/plugins/amavisd_wblist.py 2016-05-10 08:26:17.000000000 +0800
93. +++ b/plugins/amavisd_wblist.py 2016-07-20 11:58:10.000000000 +0800
94. @@ -50,6 +50,11 @@
95.  
96.  REQUIRE_AMAVISD_DB = True
97.  
98. +if settings.backend == 'ldap':
99. +    from libs.ldaplib.conn_utils import is_local_domain
100. +else:
101. +    from libs.sql import is_local_domain
102. +
103.  
104.  def query_external_addresses(conn, addresses):
105.      '''Return list of `mailaddr.id` of external addresses.'''
106. @@ -179,6 +184,7 @@
107.  
108.  def restriction(**kwargs):
109.      conn = kwargs['conn_amavisd']
110. +    conn_vmail = kwargs['conn_vmail']
111.  
112.      if not conn:
113.          logger.error('Error, no valid Amavisd database connection.')
114. @@ -186,9 +192,11 @@
115.  
116.      # Get sender
117.      sender = kwargs['sender']
118. +    sender_domain = kwargs['sender_domain']
119.      if kwargs['sasl_username']:
120.          # Use sasl_username as sender for outgoing email
121.          sender = kwargs['sasl_username']
122. +        sender_domain = kwargs['sasl_username_domain']
123.  
124.      if not sender:
125.          logger.debug('Bypass: both sender and sasl_username are empty.')
126. @@ -221,7 +229,7 @@
127.      logger.debug('Possible policy senders: %s' % str(valid_senders))
128.      logger.debug('Possible policy recipients: %s' % str(valid_recipients))
129.  
130. -    if kwargs['sasl_username']:
131. +    if kwargs['sasl_username'] or is_local_domain(conn=conn_vmail, domain=sender_domain):
132.          logger.debug('Apply wblist for outbound message.')
133.  
134.          id_of_ext_addresses = []
135. --- a/libs/utils.py 2016-05-10 08:26:17.000000000 +0800
136. +++ b/libs/utils.py 2016-07-20 12:05:44.000000000 +0800
137. @@ -1,5 +1,6 @@
138.  import re
139.  import time
140. +import socket
141.  
142.  from sqlalchemy import create_engine
143.  
144. @@ -355,3 +356,12 @@
145.              return _user + '@' + _domain
146.  
147.      return mail
148. +
149. +
150. +def is_server_hostname(domain):
151. +    name = socket.gethostname()
152. +
153. +    if domain == name:
154. +        return True
155. +    else:
156. +        return False