Pull from tomav/docker-mailserver and resolve Dockerfile conflict

2017-05-03 22:45:21 +02:00 · 2017-05-03 22:45:21 +02:00 · 0060a76f3f
parent f70ab01d79 feff849d62
commit 0060a76f3f
19 changed files with 326 additions and 55 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,3 +7,4 @@ test/config/without-virtual/
 test/config/postfix-accounts.cf
 test/config/letsencrypt/mail.my-domain.com/combined.pem
 test/onedir
+config/opendkim/
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -23,6 +23,7 @@ The development workflow is the following:

 - Fork project and clone your fork
 - Create a branch using `git checkout -b branch_name` (you can use `issue-xxx` if fixing an existing issue)
+- Run `git submodule init` and `git submodule update` to get the BATS submodules
 - Code :-)
 - Add integration tests in `test/tests.bats`
 - Use `make` to build image locally and run tests
--- a/15
+++ b/15
@ -1,4 +1,4 @@
-FROM ubuntu:14.04
+FROM ubuntu:16.04
 MAINTAINER Thomas VIAL

 ENV DEBIAN_FRONTEND noninteractive
@ -6,12 +6,16 @@ ENV VIRUSMAILS_DELETE_DELAY=7
 ENV ONE_DIR=0

 # Packages
+RUN apt-get update -q --fix-missing && \
+  apt-get -y upgrade && \
+  apt-get -y install postfix
 RUN apt-get update -q --fix-missing && \
  apt-get -y upgrade && \
  apt-get -y install --no-install-recommends \
    amavisd-new \
    arj \
    bzip2 \
+    ca-certificates \
    clamav \
    clamav-daemon \
    curl \
@ -29,14 +33,15 @@ RUN apt-get update -q --fix-missing && \
    gamin \
    gzip \
    iptables \
+    locales \
    libmail-spf-perl \
    libnet-dns-perl \
    libsasl2-modules \
+    netcat-openbsd \
    opendkim \
    opendkim-tools \
    opendmarc \
    p7zip \
-    postfix \
    postfix-ldap \
    postfix-policyd-spf-python \
    pyzor \
@ -47,8 +52,6 @@ RUN apt-get update -q --fix-missing && \
    postgrey \
    unzip \
    && \
-  curl -sk http://neuro.debian.net/lists/trusty.de-m.libre > /etc/apt/sources.list.d/neurodebian.sources.list && \
-  apt-key adv --recv-keys --keyserver hkp://pgp.mit.edu:80 0xA5D32F012649A5A9 && \
  curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \
  echo "deb http://packages.elastic.co/beats/apt stable main" | tee -a /etc/apt/sources.list.d/beats.list && \
  apt-get update -q --fix-missing && apt-get -y upgrade fail2ban filebeat && \
@ -69,6 +72,7 @@ RUN sed -i -e 's/^.*postmaster_address.*/postmaster_address = '${POSTMASTER_ADDR
 RUN sed -i 's/#imap_idle_notify_interval = 2 mins/imap_idle_notify_interval = 29 mins/' /etc/dovecot/conf.d/20-imap.conf
 COPY target/dovecot/auth-passwdfile.inc /etc/dovecot/conf.d/
 COPY target/dovecot/??-*.conf /etc/dovecot/conf.d/
+RUN cd /usr/share/dovecot && ./mkcert.sh
 # See https://dovecot.org/list/dovecot/2014-March/095194.html
 RUN mkdir /usr/lib/dovecot/modules/sieve/
 RUN ln -s /usr/lib/dovecot/modules/lib90_sieve_extprograms_plugin.so /usr/lib/dovecot/modules/sieve
@ -82,7 +86,7 @@ COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/l
 # Enables Spamassassin CRON updates
 RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin

-#Enables Postgrey
+# Enables Postgrey
 COPY target/postgrey/postgrey /etc/default/postgrey
 COPY target/postgrey/postgrey.init /etc/init.d/postgrey
 RUN chmod 755 /etc/init.d/postgrey
@ -91,6 +95,7 @@ RUN chown postgrey:postgrey /var/run/postgrey

 # Enables Amavis
 RUN sed -i -r 's/#(@|   \\%)bypass/\1bypass/g' /etc/amavis/conf.d/15-content_filter_mode
+COPY target/amavis/conf.d/60-dms_default_config /etc/amavis/conf.d/
 RUN adduser clamav amavis && adduser amavis clamav
 RUN useradd -u 5000 -d /home/docker -s /bin/bash -p $(echo docker | openssl passwd -1 -stdin) docker
 RUN (echo "0 4 * * * /usr/local/bin/virus-wiper" ; crontab -l) | crontab -
--- a/13
+++ b/13
@ -24,7 +24,7 @@ run:
 		-v "`pwd`/test/onedir":/var/mail-state \
 		-e ENABLE_CLAMAV=1 \
 		-e ENABLE_SPAMASSASSIN=1 \
-		-e SA_TAG=1.0 \
+		-e SA_TAG=-5.0 \
 		-e SA_TAG2=2.0 \
 		-e SA_KILL=3.0 \
 		-e VIRUSMAILS_DELETE_DELAY=7 \
@ -56,7 +56,7 @@ run:
 		-v "`pwd`/test":/tmp/docker-mailserver-test \
 		-e PERMIT_DOCKER=network \
 		-e OVERRIDE_HOSTNAME=mail.my-domain.com \
-		-h unknown.domain.tld \
+		-h mail.my-domain.com \
 		-t $(NAME)
 	sleep 15
 	docker run -d --name mail_fail2ban \
@ -150,7 +150,8 @@ fixtures:
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-alias-external.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-alias-local.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-alias-recipient-delimiter.txt"
-	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
+	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"
+	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user2.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user-and-cc-local-alias.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-regexp-alias-external.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-regexp-alias-local.txt"
@ -158,11 +159,11 @@ fixtures:
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/sieve-spam-folder.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/sieve-pipe.txt"
 	docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/non-existing-user.txt"
-	docker exec mail_disabled_clamav_spamassassin /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
+	docker exec mail_disabled_clamav_spamassassin /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"
 	# postfix virtual transport lmtp
-	docker exec mail_lmtp_ip /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
+	docker exec mail_lmtp_ip /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"

-	docker exec mail_override_hostname /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
+	docker exec mail_override_hostname /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"
 	# Wait for mails to be analyzed
 	sleep 20

--- a/README.md
+++ b/README.md
@ -49,7 +49,7 @@ version: '2'

 services:
  mail:
-    image: tvial/docker-mailserver:2.1
+    image: tvial/docker-mailserver:latest
    hostname: mail
    domainname: domain.com
    container_name: mail
--- a/setup.sh
+++ b/setup.sh
@ -47,6 +47,11 @@ SUBCOMMANDS:
    $0 email del <email>
    $0 email list

+  alias:
+    $0 alias add <email> <recipient>
+    $0 alias del <email> <recipient>
+    $0 alias list
+
  config:

    $0 config dkim
@ -133,6 +138,27 @@ case $1 in
    esac
    ;;

+  alias)
+    shift
+    case $1 in
+        add)
+          shift
+          _docker_image addalias $@
+          ;;
+        del)
+          shift
+          _docker_image delalias $@
+          ;;
+        list)
+          shift
+          _docker_image listalias $@
+          ;;
+        *)
+          _usage
+          ;;
+    esac
+    ;;
+
  config)
    shift
    case $1 in
--- a/target/amavis/conf.d/60-dms_default_config
+++ b/target/amavis/conf.d/60-dms_default_config
@ -0,0 +1,7 @@
+use strict;
+
+@local_domains_maps = (
+   read_hash('/etc/postfix/vhost')
+);
+
+1;  # ensure a defined return
--- a/target/bin/addalias
+++ b/target/bin/addalias
@ -0,0 +1,30 @@
+#! /bin/bash
+
+DATABASE=${DATABASE:-/tmp/docker-mailserver/postfix-virtual.cf}
+
+EMAIL="$1"
+RECIPIENT="$2"
+
+usage() {
+	echo "Usage: addalias <user@domain> <recipient@other>"
+}
+
+errex() {
+	echo "$@" 1>&2
+	exit 1
+}
+
+escape() {
+	echo "${1//./\\.}"
+}
+
+[ -z "$EMAIL" ] && { usage; errex "no email specified"; }
+
+grep -qi "^$(escape $EMAIL)[a-zA-Z@.\ ]*$(escape $RECIPIENT)" $DATABASE 2>/dev/null &&
+	errex "Alias \"$EMAIL $RECIPIENT\" already exists"
+
+if grep -qi "^$(escape $EMAIL)" $DATABASE 2>/dev/null; then
+        sed -i "/$EMAIL/s/$/ $RECIPIENT,/" $DATABASE
+    else
+        echo "$EMAIL $RECIPIENT," >> $DATABASE
+fi
--- a/target/bin/delalias
+++ b/target/bin/delalias
@ -0,0 +1,30 @@
+#! /bin/bash
+
+DATABASE=${DATABASE:-/tmp/docker-mailserver/postfix-virtual.cf}
+
+EMAIL="$1"
+RECIPIENT="$2"
+
+usage() {
+	echo "Usage: delalias <user@domain> <recipient@other>"
+}
+
+errex() {
+	echo "$@" 1>&2
+	exit 1
+}
+
+escape() {
+	echo "${1//./\\.}"
+}
+
+[ -z "$EMAIL" ] || [ -z "$RECIPIENT" ]  && { usage; errex "No email specifed"; }
+[ -s "$DATABASE" ] || exit 0
+
+CNT=$(grep "^$EMAIL" $DATABASE | wc -w | awk '{print $1}')
+
+if [[ $CNT -eq 2 ]]; then
+        sed -i "/^$EMAIL/d" $DATABASE
+    else
+        sed -i "/^$EMAIL/s/ $RECIPIENT,//g" $DATABASE
+fi
--- a/target/bin/listalias
+++ b/target/bin/listalias
@ -0,0 +1,13 @@
+#! /bin/bash
+
+DATABASE=${DATABASE:-/tmp/docker-mailserver/postfix-virtual.cf}
+
+errex() {
+	echo "$@" 1>&2
+	exit 1
+}
+
+[ -f $DATABASE ] || errex "No postfix-virtual.cf file"
+[ -s $DATABASE ] || errex "Empty postfix-virtual.cf - no aliases have been added"
+
+cat $DATABASE
--- a/target/fail2ban/jail.conf
+++ b/target/fail2ban/jail.conf
@ -224,7 +224,6 @@ action = %(action_)s

 port    = ssh
 logpath = %(sshd_log)s
-backend = %(sshd_backend)s


 [sshd-ddos]
@ -233,14 +232,12 @@ backend = %(sshd_backend)s
 # in the body.
 port    = ssh
 logpath = %(sshd_log)s
-backend = %(sshd_backend)s


 [dropbear]

 port     = ssh
 logpath  = %(dropbear_log)s
-backend  = %(dropbear_backend)s


 [selinux-ssh]
@ -419,7 +416,6 @@ port     = http,https

 port     = http,https
 logpath  = %(syslog_daemon)s
-backend  = %(syslog_backend)s

 [guacamole]

@ -436,14 +432,12 @@ logpath  = /var/log/monit

 port    = 10000
 logpath = %(syslog_authpriv)s
-backend = %(syslog_backend)s


 [froxlor-auth]

 port    = http,https
 logpath  = %(syslog_authpriv)s
-backend  = %(syslog_backend)s


 #
@ -472,28 +466,24 @@ logpath = /var/log/3proxy.log

 port     = ftp,ftp-data,ftps,ftps-data
 logpath  = %(proftpd_log)s
-backend  = %(proftpd_backend)s


 [pure-ftpd]

 port     = ftp,ftp-data,ftps,ftps-data
 logpath  = %(pureftpd_log)s
-backend  = %(pureftpd_backend)s


 [gssftpd]

 port     = ftp,ftp-data,ftps,ftps-data
 logpath  = %(syslog_daemon)s
-backend  = %(syslog_backend)s


 [wuftpd]

 port     = ftp,ftp-data,ftps,ftps-data
 logpath  = %(wuftpd_log)s
-backend  = %(wuftpd_backend)s


 [vsftpd]
@ -520,14 +510,12 @@ logpath  = /root/path/to/assp/logs/maillog.txt

 port     = smtp,465,submission
 logpath  = %(syslog_mail)s
-backend  = %(syslog_backend)s


 [postfix]

 port     = smtp,465,submission
 logpath  = /var/log/mail/mail.log
-backend  = %(postfix_backend)s
 enabled  = true


@ -535,7 +523,6 @@ enabled  = true

 port     = smtp,465,submission
 logpath  = %(postfix_log)s
-backend  = %(postfix_backend)s
 maxretry = 1


@ -543,14 +530,12 @@ maxretry = 1

 port    = submission,465,smtp
 logpath = %(syslog_mail)s
-backend = %(syslog_backend)s


 [sendmail-reject]

 port     = smtp,465,submission
 logpath  = %(syslog_mail)s
-backend  = %(syslog_backend)s


 [qmail-rbl]
@ -566,7 +551,6 @@ logpath = /service/qmail/log/main/current

 port    = pop3,pop3s,imap,imaps,submission,465,sieve
 logpath = /var/log/mail/mail.log
-backend = %(dovecot_backend)s
 enabled = true


@ -574,7 +558,6 @@ enabled = true

 port   = smtp,465,submission
 logpath = %(dovecot_log)s
-backend = %(dovecot_backend)s


 [solid-pop3d]
@ -610,7 +593,6 @@ logpath = /opt/kerio/mailserver/store/logs/security.log

 port     = smtp,465,submission,imap3,imaps,pop3,pop3s
 logpath  = %(syslog_mail)s
-backend  = %(syslog_backend)s


 [postfix-sasl]
@ -620,7 +602,6 @@ port     = smtp,465,submission,imap3,imaps,pop3,pop3s
 # running postfix since it would provide the same log lines at the
 # "warn" level but overall at the smaller filesize.
 logpath  = /var/log/mail/mail.log
-backend  = %(postfix_backend)s
 enabled  = true


@ -628,7 +609,6 @@ enabled  = true

 port   = imap3,imaps,pop3,pop3s
 logpath = %(syslog_mail)s
-backend = %(syslog_backend)s


 [squirrelmail]
@ -641,14 +621,12 @@ logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log

 port   = imap3,imaps
 logpath = %(syslog_mail)s
-backend = %(syslog_backend)s


 [uwimap-auth]

 port   = imap3,imaps
 logpath = %(syslog_mail)s
-backend = %(syslog_backend)s


 #
@ -730,7 +708,6 @@ maxretry = 10

 port     = 3306
 logpath  = %(mysql_log)s
-backend  = %(mysql_backend)s


 # Jail for more extended banning of persistent abusers
@ -755,14 +732,12 @@ findtime = 86400   ; 1 day
 # pam-generic filter can be customized to monitor specific subset of 'tty's
 banaction = %(banaction_allports)s
 logpath  = %(syslog_authpriv)s
-backend  = %(syslog_backend)s


 [xinetd-fail]

 banaction = iptables-multiport-log
 logpath   = %(syslog_daemon)s
-backend   = %(syslog_backend)s
 maxretry  = 2


@ -792,7 +767,6 @@ action  = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp
 [nagios]

 logpath  = %(syslog_daemon)s     ; nrpe.cfg may define a different log_facility
-backend  = %(syslog_backend)s
 maxretry = 1


--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@ -90,7 +90,6 @@ function register_functions() {

 	if [ "$ENABLE_SASLAUTHD" = 1 ];then
 		_register_setup_function "_setup_saslauthd"
-		_register_setup_function "_setup_postfix_sasl"
 	fi

 	if [ "$ENABLE_POSTGREY" = 1 ];then
@ -107,6 +106,7 @@ function register_functions() {
 	_register_setup_function "_setup_postfix_hostname"
 	_register_setup_function "_setup_dovecot_hostname"

+	_register_setup_function "_setup_postfix_sasl"
 	_register_setup_function "_setup_postfix_override_configuration"
 	_register_setup_function "_setup_postfix_sasl_password"
 	_register_setup_function "_setup_security_stack"
@ -316,6 +316,50 @@ function display_startup_daemon() {
 	return $res
 }

+function override_config() {
+    notify "task" "Starting do do overrides"
+
+    declare -A config_overrides
+
+    _env_variable_prefix=$1
+    [ -z ${_env_variable_prefix} ] && return 1
+
+    
+    IFS=" " read -r -a _config_files <<< $2
+
+    # dispatch env variables
+    for env_variable in $(printenv | grep $_env_variable_prefix);do
+	# get key
+	# IFS not working because values like ldap_query_filter or search base consists of several '='
+	# IFS="=" read -r -a __values <<< $env_variable
+	# key="${__values[0]}"
+	# value="${__values[1]}"
+	key=$(echo $env_variable | cut -d "=" -f1)
+	key=${key#"${_env_variable_prefix}"}
+	# make key lowercase
+	key=${key,,}
+	# get value
+	value=$(echo $env_variable | cut -d "=" -f2-)
+
+	config_overrides[$key]=$value
+    done
+
+    for f in "${_config_files[@]}"
+    do
+	if [ ! -f "${f}" ];then
+	    echo "Can not find ${f}. Skipping override" 
+	else
+	    for key in ${!config_overrides[@]} 
+	    do
+		[ -z $key ] && echo -e "\t no key provided" && return 1
+		
+		sed -i -e "s|^${key}[[:space:]]\+.*|${key} = "${config_overrides[$key]}'|g' \
+		    ${f}
+	    done
+	fi
+    done
+}
+
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # !  CARE --> DON'T CHANGE, except you know exactly what you are doing
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
@ -509,21 +553,27 @@ function _setup_dovecot_local_user() {

 function _setup_ldap() {
 	notify 'task' 'Setting up Ldap'
+
+	notify 'inf' 'Checking for custom configs'
+	# cp config files if in place
 	for i in 'users' 'groups' 'aliases'; do
-		sed -i -e 's|^server_host.*|server_host = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
-			-e 's|^search_base.*|search_base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
-			-e 's|^bind_dn.*|bind_dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
-			-e 's|^bind_pw.*|bind_pw = '${LDAP_BIND_PW:="admin"}'|g' \
-			/etc/postfix/ldap-${i}.cf
+	    fpath="/tmp/docker-mailserver/ldap-${i}.cf"
+	    if [ -f $fpath ]; then
+		cp ${fpath} /etc/postfix/ldap-${i}.cf 
+	    fi
 	done

+	notify 'inf' 'Starting to override configs'
+	override_config "LDAP_" "/etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf"
+
+	# @TODO: Environment Variables for DOVECOT ldap integration to configure for better control
 	notify 'inf' "Configuring dovecot LDAP authentification"
 	sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
 		-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
 		-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
 		-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
 		/etc/dovecot/dovecot-ldap.conf.ext
-
+					  
 	# Add  domainname to vhost.
 	echo $DOMAINNAME >> /tmp/vhost.tmp

@ -557,11 +607,21 @@ function _setup_postgrey() {


 function _setup_postfix_sasl() {
+    if [[ ${ENABLE_SASLAUTHD} == 1 ]];then
 	[ ! -f /etc/postfix/sasl/smtpd.conf ] && cat > /etc/postfix/sasl/smtpd.conf << EOF
 pwcheck_method: saslauthd
 mech_list: plain login
 EOF
-	return 0
+    fi
+
+    # cyrus sasl or dovecot sasl
+    if [[ ${ENABLE_SASLAUTHD} == 1 ]] || [[ ${SMTP_ONLY} == 0 ]];then
+	sed -i -e 's|^smtpd_sasl_auth_enable[[:space:]]\+.*|smtpd_sasl_auth_enable = yes|g' /etc/postfix/main.cf
+    else 
+	sed -i -e 's|^smtpd_sasl_auth_enable[[:space:]]\+.*|smtpd_sasl_auth_enable = no|g' /etc/postfix/main.cf
+    fi
+
+    return 0
 }

 function _setup_saslauthd() {
@ -872,7 +932,7 @@ function _setup_security_stack() {
 	notify 'task' "Setting up Security Stack"

 	# recreate auto-generated file
-	dms_amavis_file="/etc/amavis/conf.d/51-dms_auto_generated"
+	dms_amavis_file="/etc/amavis/conf.d/61-dms_auto_generated"
  echo "# WARNING: this file is auto-generated." > $dms_amavis_file
 	echo "use strict;" >> $dms_amavis_file

@ -974,7 +1034,7 @@ function _fix_var_mail_permissions() {
 }

 function _fix_var_amavis_permissions() {
-	if [ "$ONE_DIR" -eq 0 ]; then
+	if [[ "$ONE_DIR" -eq 0 ]]; then
 		amavis_state_dir=/var/lib/amavis
 	else
 		amavis_state_dir=/var/mail-state/lib-amavis
--- a/test/config/ldap-aliases.cf
+++ b/test/config/ldap-aliases.cf
@ -0,0 +1,9 @@
+# Testconfig for ldap integration
+bind             = yes
+bind_dn          = cn=admin,dc=domain,dc=com
+bind_pw          = admin
+query_filter     = (&(mailAlias=%s)(mailEnabled=TRUE))
+result_attribute = mail
+search_base      = ou=people,dc=domain,dc=com
+server_host      = mail.domain.com
+version          = 3
--- a/test/config/ldap-groups.cf
+++ b/test/config/ldap-groups.cf
@ -0,0 +1,9 @@
+# Testconfig for ldap integration
+bind                     = yes
+bind_dn                  = cn=admin,dc=domain,dc=com
+bind_pw                  = admin
+query_filter             = (&(mailGroupMember=%s)(mailEnabled=TRUE))
+result_attribute         = mail
+search_base              = ou=people,dc=domain,dc=com
+server_host              = mail.domain.com
+version                  = 3
--- a/test/config/ldap-users.cf
+++ b/test/config/ldap-users.cf
@ -0,0 +1,9 @@
+# Testconfig for ldap integration
+bind             = yes
+bind_dn          = cn=admin,dc=domain,dc=com
+bind_pw          = admin
+query_filter     = (&(mail=%s)(mailEnabled=TRUE))
+result_attribute = mail
+search_base      = ou=people,dc=domain,dc=com
+server_host      = mail.domain.com
+version          = 3
--- a/test/email-templates/existing-user1.txt
+++ b/test/email-templates/existing-user1.txt
--- a/test/email-templates/existing-user2.txt
+++ b/test/email-templates/existing-user2.txt
@ -0,0 +1,12 @@
+HELO mail.external.tld
+MAIL FROM: user@external.tld
+RCPT TO: user2@otherdomain.tld
+DATA
+From: Docker Mail Server <dockermailserver@external.tld>
+To: Existing Local User <user2@otherdomain.tld>
+Date: Sat, 22 May 2010 07:43:25 -0400
+Subject: Test Message
+This is a test mail.
+
+.
+QUIT
--- a/test/email-templates/smtp-only.txt
+++ b/test/email-templates/smtp-only.txt
@ -0,0 +1,8 @@
+HELO mail.localhost
+MAIL FROM: test@localhost
+RCPT TO: user2@external.tld
+DATA
+This is a test mail.
+
+.
+QUIT
--- a/test/tests.bats
+++ b/test/tests.bats
@ -15,7 +15,7 @@ load 'test_helper/bats-assert/load'
 }

@test "checking configuration: hostname/domainname override: check container hostname is applied correctly" {
-  run docker exec mail_override_hostname /bin/bash -c "hostname | grep unknown.domain.tld"
+  run docker exec mail_override_hostname /bin/bash -c "hostname | grep mail.my-domain.com"
  assert_success
 }

@ -57,7 +57,7 @@ load 'test_helper/bats-assert/load'
 #

@test "checking process: postfix" {
-  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/lib/postfix/master'"
+  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/lib/postfix/sbin/master'"
  assert_success
 }

@ -82,12 +82,12 @@ load 'test_helper/bats-assert/load'
 }

@test "checking process: fail2ban (disabled in default configuration)" {
-  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
+  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python3 /usr/bin/fail2ban-server'"
  assert_failure
 }

@test "checking process: fail2ban (fail2ban server enabled)" {
-  run docker exec mail_fail2ban /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
+  run docker exec mail_fail2ban /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python3 /usr/bin/fail2ban-server'"
  assert_success
 }

@ -121,7 +121,7 @@ load 'test_helper/bats-assert/load'
 #

@test "checking process: postgrey (disabled in default configuration)" {
-  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/postgrey'"
+  run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep 'postgrey'"
  assert_failure
 }

@ -141,7 +141,7 @@ load 'test_helper/bats-assert/load'
 }

@test "checking process: postgrey (postgrey server enabled)" {
-  run docker exec mail_with_postgrey /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/postgrey'"
+  run docker exec mail_with_postgrey /bin/bash -c "ps aux --forest | grep -v grep | grep 'postgrey'"
  assert_success
 }

@ -331,6 +331,19 @@ load 'test_helper/bats-assert/load'
  assert_output 1
 }

+@test "checking smtp_only: mail send should work" {
+  run docker exec mail_smtponly /bin/sh -c "postconf -e smtp_host_lookup=no"
+  assert_success
+  run docker exec mail_smtponly /bin/sh -c "/etc/init.d/postfix reload"
+  assert_success
+  run docker exec mail_smtponly /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/smtp-only.txt"
+  assert_success
+  run docker exec mail_smtponly /bin/sh -c 'grep -cE "to=<user2\@external.tld>.*status\=sent" /var/log/mail/mail.log'
+  [ "$status" -ge 0 ]
+}
+  
+
+
 #
 # accounts
 #
@ -414,7 +427,7 @@ load 'test_helper/bats-assert/load'
 }

@test "checking spamassassin: docker env variables are set correctly (custom)" {
-  run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 1.0'"
+  run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= -5.0'"
  assert_success
  run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
  assert_success
@ -422,6 +435,14 @@ load 'test_helper/bats-assert/load'
  assert_success
 }

+@test "checking spamassassin: all registered domains should see spam headers" {
+  run docker exec mail /bin/sh -c "grep -ir 'X-Spam-' /var/mail/localhost.localdomain/user1/new"
+  assert_success
+  run docker exec mail /bin/sh -c "grep -ir 'X-Spam-' /var/mail/otherdomain.tld/user2/new"
+  assert_success
+}
+
+
 #
 # clamav
 #
@ -942,6 +963,28 @@ load 'test_helper/bats-assert/load'
  [ -z "$value" ]
 }

+# alias
+@test "checking setup.sh: setup.sh alias list" {
+  echo "test@example.org test@forward.com" > ./config/postfix-virtual.cf
+  run ./setup.sh -c mail alias list
+  assert_success
+}
+@test "checking setup.sh: setup.sh alias add" {
+  echo "" > ./config/postfix-virtual.cf
+  ./setup.sh -c mail alias add test1@example.org test1@forward.com
+  ./setup.sh -c mail alias add test1@example.org test2@forward.com
+
+  run /bin/sh -c 'cat ./config/postfix-virtual.cf | grep "test1@example.org test1@forward.com, test2@forward.com," | wc -l | grep 1'
+  assert_success
+}
+@test "checking setup.sh: setup.sh alias del" {
+  echo 'test1@example.org test1@forward.com, test2@forward.com,' > ./config/postfix-virtual.cf
+  ./setup.sh -c mail alias del test1@example.org test1@forward.com
+  ./setup.sh -c mail alias del test1@example.org test2@forward.com
+  run cat ./config/postfix-virtual.cf | wc -l | grep 0
+  assert_success
+}
+
 # config
@test "checking setup.sh: setup.sh config dkim" {
  run ./setup.sh -c mail config dkim
@ -988,6 +1031,38 @@ load 'test_helper/bats-assert/load'
  assert_output "some.user@localhost.localdomain"
 }

+@test "checking postfix: ldap custom config files copied" {
+ run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-users.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-groups.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-aliases.cf" 
+ assert_success
+}
+
+@test "checking postfix: ldap config overwrites success" {
+ run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-users.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf" 
+ assert_success
+
+ run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-groups.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf" 
+ assert_success
+
+ run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-aliases.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf" 
+ assert_success
+ run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf" 
+ assert_success
+}
+
 # dovecot
@test "checking dovecot: ldap imap connection and authentication works" {
  run docker exec mail_with_ldap /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-ldap-auth.txt"
@ -1013,6 +1088,7 @@ load 'test_helper/bats-assert/load'
  assert_success
 }

+
 #
 # RIMAP
 #