mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-03 17:44:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

config: disable SMTP authentication on port 25 (#3006)

Browse source 
* postfix: remove smtpd_sasl_auth_enable global setting

* tests: disable auth on 25 port

* tests: revert ldap-smtp-auth-spoofed-sender-with-filter-exception.txt

* Skip failing test

The test seems to have been broken from the beginning.

Sadly, no LDAP maintainers can verify. Added a TODO item if ever a LDAP maintainer comes around.

* Apply PR feedback

---------

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
This commit is contained in:
Dmitry R 2023-02-23 20:19:39 +06:00 committed by GitHub
parent 4e82d4de54
commit 199e3c7721
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 44 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

4
test/tests/parallel/set1/spam_virus/fail2ban.bats
View file

@ -74,8 +74,8 @@ function teardown_file() {
@test "ban ip on multiple failed login" {
CONTAINER1_IP=$(_get_container_ip "${CONTAINER1_NAME}")
# Trigger a ban by failing to login twice:
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 465 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 465 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
# Checking that CONTAINER2_IP is banned in "${CONTAINER1_NAME}"
CONTAINER2_IP=$(_get_container_ip "${CONTAINER2_NAME}")

12
test/tests/parallel/set1/spam_virus/postscreen.bats
View file

@ -37,24 +37,24 @@ function teardown_file() {
docker rm -f "${CONTAINER1_NAME}" "${CONTAINER2_NAME}"
}
@test "should fail login when talking out of turn" {
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt"
@test "should fail send when talking out of turn" {
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/email-templates/postscreen.txt"
assert_success
assert_output --partial '502 5.5.2 Error: command not recognized'
assert_output --partial 'Protocol error'
# Expected postscreen log entry:
_run_in_container cat /var/log/mail/mail.log
assert_output --partial 'COMMAND PIPELINING'
}
@test "should successfully login (respecting postscreen_greet_wait time)" {
@test "should successfully pass postscreen and get postfix greeting message (respecting postscreen_greet_wait time)" {
# NOTE: Sometimes fails on first attempt (trying too soon?),
# Instead of a `run` + asserting partial, Using repeat + internal grep match:
_repeat_until_success_or_timeout 10 _should_wait_turn_speaking_smtp \
"${CONTAINER2_NAME}" \
"${CONTAINER1_IP}" \
'/tmp/docker-mailserver-test/auth/smtp-auth-login.txt' \
'Authentication successful'
'/tmp/docker-mailserver-test/email-templates/postscreen.txt' \
'220 mail.example.test ESMTP'
# Expected postscreen log entry:
_run_in_container cat /var/log/mail/mail.log