Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge 140cbc787b into 4872d0e777

This commit is contained in:
Thomas VIAL 2016-08-17 12:18:08 +00:00 committed by GitHub
parent 4872d0e777 140cbc787b
commit 44f301f74f
8 changed files with 373 additions and 278 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
.travis.yml
View File

@ -2,5 +2,28 @@ language: bash
sudo: required
services:
- docker
before_script:
- make build-no-cache generate-accounts run fixtures
script:
- make all
- make tests
after_script:
- make clean
env:
- ENABLE_POP3=0
- ENABLE_POP3=1
- SA_TAG= SA_TAG2= SA_KILL=
- SA_TAG=1.0 SA_TAG2=2.0 SA_KILL=3.0
- SASL_PASSWD=
- SASL_PASSWD="external-domain.com username:password"
- SMTP_ONLY=0
- SMTP_ONLY=1
# - ENABLE_FAIL2BAN=0
# - ENABLE_FAIL2BAN=1
# - ENABLE_MANAGESIEVE=0
# - ENABLE_MANAGESIEVE=1
# - ONE_DIR=0
# - ONE_DIR=1
# - SSL_TYPE
# - DISABLE_AMAVIS=0
# - DISABLE_SPAMASSASSIN=1
# - DISABLE_CLAMAV=1

60
Makefile
View File

@ -20,51 +20,15 @@ run:
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-v "`pwd`/test/onedir":/var/mail-state \
-e SA_TAG=1.0 \
-e SA_TAG2=2.0 \
-e SA_KILL=3.0 \
-e SASL_PASSWD="external-domain.com username:password" \
-e ENABLE_MANAGESIEVE=1 \
-e ONE_DIR=1 \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_pop3 \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \
-e ENABLE_POP3=1 \
-e SSL_TYPE=letsencrypt \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_smtponly \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-e SMTP_ONLY=1 \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_fail2ban \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-e ENABLE_FAIL2BAN=1 \
--cap-add=NET_ADMIN \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_disabled_amavis \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-e DISABLE_AMAVIS=1 \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_disabled_spamassassin \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-e DISABLE_SPAMASSASSIN=1 \
-h mail.my-domain.com -t $(NAME)
sleep 20
docker run -d --name mail_disabled_clamav \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
-e DISABLE_CLAMAV=1 \
-e ENABLE_POP3=$(ENABLE_POP3) \
-e ENABLE_FAIL2BAN=$(ENABLE_FAIL2BAN) \
-e ENABLE_MANAGESIEVE=$(ENABLE_MANAGESIEVE) \
-e SMTP_ONLY=$(SMTP_ONLY) \
-e SA_TAG=$(SA_TAG) \
-e SA_TAG2=$(SA_TAG2) \
-e SA_KILL=$(SA_KILL) \
-e SASL_PASSWD="$(SASL_PASSWD)" \
-e ONE_DIR=$(ONE_DIR) \
-h mail.my-domain.com -t $(NAME)
# Wait for containers to fully start
sleep 20
@ -91,8 +55,8 @@ fixtures:
tests:
# Start tests
./test/bats/bats test/tests.bats
./test/bats/bats test/*.bats
clean:
# Remove running test containers
docker rm -f mail mail_pop3 mail_smtponly mail_fail2ban fail-auth-mailer mail_disabled_amavis mail_disabled_spamassassin mail_disabled_clamav
# Remove running test container
docker rm -f mail

52
test/env_ENABLE_POP3.bats Normal file
View File

@ -0,0 +1,52 @@
####################################################################################################
#
# ENABLE_POP3=1
#
####################################################################################################
@test "checking pop: process is running" {
if [ "$ENABLE_POP3" != 1 ]; then
skip
fi
run docker exec mail /bin/bash -c "ps aux | grep 'dovecot/pop'"
[ "$status" -eq 0 ]
}
@test "checking pop: server responds on port 110" {
if [ "$ENABLE_POP3" != 1 ]; then
skip
fi
run docker exec mail /bin/bash -c "nc -w 1 0.0.0.0 110 | grep '+OK'"
[ "$status" -eq 0 ]
}
@test "checking pop: authentication works" {
if [ "$ENABLE_POP3" != 1 ]; then
skip
fi
run docker exec mail /bin/sh -c "nc -w 1 0.0.0.0 110 < /tmp/docker-mailserver-test/auth/pop3-auth.txt"
[ "$status" -eq 0 ]
}
####################################################################################################
#
# ENABLE_POP3!=1
#
####################################################################################################
@test "checking pop: process is not running" {
if [ "$ENABLE_POP3" = 1 ]; then
skip
fi
run docker exec mail /bin/bash -c "ps aux | grep -v grep | grep 'dovecot/pop'"
[ "$status" -eq 1 ]
}
@test "checking pop: server does not respond on port 110" {
if [ "$ENABLE_POP3" = 1 ]; then
skip
fi
run docker exec mail /bin/bash -c "nc -w 1 0.0.0.0 110"
[ "$status" -eq 1 ]
}

43
test/env_SASL_PASSWD.bats Normal file
View File

@ -0,0 +1,43 @@
####################################################################################################
#
# SASL_PASSWD provided
#
####################################################################################################
@test "checking sasl: doveadm auth test works with good password" {
if [ -z "$SASL_PASSWD" ]; then
skip
fi
run docker exec mail /bin/sh -c "doveadm auth test -x service=smtp user2@otherdomain.tld mypassword | grep 'auth succeeded'"
[ "$status" -eq 0 ]
}
@test "checking sasl: doveadm auth test fails with bad password" {
if [ -z "$SASL_PASSWD" ]; then
skip
fi
run docker exec mail /bin/sh -c "doveadm auth test -x service=smtp user2@otherdomain.tld BADPASSWORD | grep 'auth failed'"
[ "$status" -eq 0 ]
}
@test "checking sasl: sasl_passwd.db exists" {
if [ -z "$SASL_PASSWD" ]; then
skip
fi
run docker exec mail [ -f /etc/postfix/sasl_passwd.db ]
[ "$status" -eq 0 ]
}
####################################################################################################
#
# SASL_PASSWD not provided
#
####################################################################################################
@test "checking sasl: sasl_passwd.db should not exist" {
if [ -n "$SASL_PASSWD" ]; then
skip
fi
run docker exec mail [ -f /etc/postfix/sasl_passwd.db ]
[ "$status" -eq 1 ]
}

59
test/env_SA_XXX.bats Normal file
View File

@ -0,0 +1,59 @@
####################################################################################################
#
# SA_XXX with default configuraton
#
####################################################################################################
@test "checking spamassassin: sa_tag_level_deflt is set correctly (default)" {
if [ -n "$SA_TAG" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
[ "$status" -eq 0 ]
}
@test "checking spamassassin: sa_tag2_level_deflt is set correctly (default)" {
if [ -n "$SA_TAG2" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'"
[ "$status" -eq 0 ]
}
@test "checking spamassassin: sa_kill_level_deflt is set correctly (default)" {
if [ -n "$SA_KILL" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'"
[ "$status" -eq 0 ]
}
####################################################################################################
#
# SA_XXX with custom configuraton
#
####################################################################################################
@test "checking spamassassin: sa_tag_level_deflt is set correctly (custom)" {
if [ -z "$SA_TAG" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= $SA_TAG'"
[ "$status" -eq 0 ]
}
@test "checking spamassassin: sa_tag2_level_deflt is set correctly (custom)" {
if [ -z "$SA_TAG" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= $SA_TAG2'"
[ "$status" -eq 0 ]
}
@test "checking spamassassin: sa_kill_level_deflt is set correctly (custom)" {
if [ -z "$SA_TAG" ]; then
skip
fi
run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= $SA_KILL'"
[ "$status" -eq 0 ]
}

7
test/env_SMTP_ONLY.bats Normal file
View File

@ -0,0 +1,7 @@
@test "checking process: dovecot imaplogin (disabled using SMTP_ONLY)" {
if [ "$SMTP_ONLY" != 1 ]; then
skip
fi
run docker exec mail_smtponly /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/dovecot'"
[ "$status" -eq 1 ]
}

160
test/global.bats Normal file
View File

@ -0,0 +1,160 @@
#
# imap
#
@test "checking process: dovecot imaplogin (enabled in default configuration)" {
run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/dovecot'"
[ "$status" -eq 0 ]
}
@test "checking imap: server is ready with STARTTLS" {
run docker exec mail /bin/bash -c "nc -w 2 0.0.0.0 143 | grep '* OK' | grep 'STARTTLS' | grep 'ready'"
[ "$status" -eq 0 ]
}
@test "checking imap: authentication works" {
run docker exec mail /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-auth.txt"
[ "$status" -eq 0 ]
}
#
# logs
#
@test "checking logs: mail related logs should be located in a subdirectory" {
run docker exec mail /bin/sh -c "ls -1 /var/log/mail/ | grep -E 'clamav|freshclam|mail'|wc -l"
[ "$status" -eq 0 ]
[ "$output" = 3 ]
}
#
# smtp
#
@test "checking smtp: authentication works with good password (plain)" {
run docker exec mail /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain.txt | grep 'Authentication successful'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication fails with wrong password (plain)" {
run docker exec mail /bin/sh -c "nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain-wrong.txt | grep 'authentication failed'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication works with good password (login)" {
run docker exec mail /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt | grep 'Authentication successful'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication fails with wrong password (login)" {
run docker exec mail /bin/sh -c "nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt | grep 'authentication failed'"
[ "$status" -eq 0 ]
}
@test "checking smtp: delivers mail to existing account" {
run docker exec mail /bin/sh -c "grep 'status=sent (delivered via dovecot service)' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 6 ]
}
@test "checking smtp: delivers mail to existing alias" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: delivers mail to existing catchall" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<wildcard@localdomain2.com>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: delivers mail to regexp alias" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<test123@localhost.localdomain>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: user1 should have received 5 mails" {
run docker exec mail /bin/sh -c "ls -A /var/mail/localhost.localdomain/user1/new | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 5 ]
}
@test "checking smtp: rejects mail to unknown user" {
run docker exec mail /bin/sh -c "grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: redirects mail to external aliases" {
run docker exec mail /bin/sh -c "grep -- '-> <external1@otherdomain.tld>' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 2 ]
}
@test "checking smtp: rejects spam" {
run docker exec mail /bin/sh -c "grep 'Blocked SPAM' /var/log/mail/mail.log | grep spam@external.tld | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: rejects virus" {
run docker exec mail /bin/sh -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | grep virus@external.tld | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
#
# accounts
#
@test "checking accounts: user accounts" {
run docker exec mail doveadm user '*'
[ "$status" -eq 0 ]
[ "${lines[0]}" = "user1@localhost.localdomain" ]
[ "${lines[1]}" = "user2@otherdomain.tld" ]
}
@test "checking accounts: user mail folders for user1" {
run docker exec mail /bin/bash -c "ls -A /var/mail/localhost.localdomain/user1 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 7 ]
}
@test "checking accounts: user mail folders for user2" {
run docker exec mail /bin/bash -c "ls -A /var/mail/otherdomain.tld/user2 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 7 ]
}
#
# postfix
#
@test "checking postfix: vhost file is correct" {
run docker exec mail cat /etc/postfix/vhost
[ "$status" -eq 0 ]
[ "${lines[0]}" = "localdomain2.com" ]
[ "${lines[1]}" = "localhost.localdomain" ]
[ "${lines[2]}" = "otherdomain.tld" ]
}
@test "checking postfix: main.cf overrides" {
run docker exec mail grep -q 'max_idle = 600s' /tmp/docker-mailserver/postfix-main.cf
[ "$status" -eq 0 ]
run docker exec mail grep -q 'readme_directory = /tmp' /tmp/docker-mailserver/postfix-main.cf
[ "$status" -eq 0 ]
}
#
# dovecot
#
@test "checking dovecot: config additions" {
run docker exec mail grep -q 'mail_max_userip_connections = 69' /tmp/docker-mailserver/dovecot.cf
[ "$status" -eq 0 ]
run docker exec mail /bin/sh -c "doveconf | grep 'mail_max_userip_connections = 69'"
[ "$status" -eq 0 ]
[ "$output" = 'mail_max_userip_connections = 69' ]
}

245
test/tests.bats → test/tests._bats
View File

@ -27,15 +27,23 @@
[ "$status" -eq 0 ]
}
@test "checking process: fail2ban (disabled in default configuration)" {
run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 1 ]
}
if [ $ENABLE_FAIL2BAN = 0 ]; then
@test "checking process: fail2ban (fail2ban server enabled)" {
run docker exec mail_fail2ban /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 0 ]
}
@test "checking process: fail2ban (disabled in default configuration)" {
run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 1 ]
}
fi
if [ $ENABLE_FAIL2BAN = 1 ]; then
@test "checking process: fail2ban (fail2ban server enabled)" {
run docker exec mail_fail2ban /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 0 ]
}
fi
@test "checking process: amavis (amavis disabled by DISABLE_AMAVIS)" {
run docker exec mail_disabled_amavis /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new'"
@ -52,227 +60,6 @@
[ "$status" -eq 1 ]
}
#
# imap
#
@test "checking process: dovecot imaplogin (enabled in default configuration)" {
run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/dovecot'"
[ "$status" -eq 0 ]
}
@test "checking process: dovecot imaplogin (disabled using SMTP_ONLY)" {
run docker exec mail_smtponly /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/dovecot'"
[ "$status" -eq 1 ]
}
@test "checking imap: server is ready with STARTTLS" {
run docker exec mail /bin/bash -c "nc -w 2 0.0.0.0 143 | grep '* OK' | grep 'STARTTLS' | grep 'ready'"
[ "$status" -eq 0 ]
}
@test "checking imap: authentication works" {
run docker exec mail /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-auth.txt"
[ "$status" -eq 0 ]
}
#
# pop
#
@test "checking pop: server is ready" {
run docker exec mail_pop3 /bin/bash -c "nc -w 1 0.0.0.0 110 | grep '+OK'"
[ "$status" -eq 0 ]
}
@test "checking pop: authentication works" {
run docker exec mail_pop3 /bin/sh -c "nc -w 1 0.0.0.0 110 < /tmp/docker-mailserver-test/auth/pop3-auth.txt"
[ "$status" -eq 0 ]
}
#
# sasl
#
@test "checking sasl: doveadm auth test works with good password" {
run docker exec mail /bin/sh -c "doveadm auth test -x service=smtp user2@otherdomain.tld mypassword | grep 'auth succeeded'"
[ "$status" -eq 0 ]
}
@test "checking sasl: doveadm auth test fails with bad password" {
run docker exec mail /bin/sh -c "doveadm auth test -x service=smtp user2@otherdomain.tld BADPASSWORD | grep 'auth failed'"
[ "$status" -eq 0 ]
}
@test "checking sasl: sasl_passwd.db exists" {
run docker exec mail [ -f /etc/postfix/sasl_passwd.db ]
[ "$status" -eq 0 ]
}
#
# logs
#
@test "checking logs: mail related logs should be located in a subdirectory" {
run docker exec mail /bin/sh -c "ls -1 /var/log/mail/ | grep -E 'clamav|freshclam|mail'|wc -l"
[ "$status" -eq 0 ]
[ "$output" = 3 ]
}
#
# smtp
#
@test "checking smtp: authentication works with good password (plain)" {
run docker exec mail /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain.txt | grep 'Authentication successful'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication fails with wrong password (plain)" {
run docker exec mail /bin/sh -c "nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain-wrong.txt | grep 'authentication failed'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication works with good password (login)" {
run docker exec mail /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt | grep 'Authentication successful'"
[ "$status" -eq 0 ]
}
@test "checking smtp: authentication fails with wrong password (login)" {
run docker exec mail /bin/sh -c "nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt | grep 'authentication failed'"
[ "$status" -eq 0 ]
}
@test "checking smtp: delivers mail to existing account" {
run docker exec mail /bin/sh -c "grep 'status=sent (delivered via dovecot service)' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 6 ]
}
@test "checking smtp: delivers mail to existing alias" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: delivers mail to existing catchall" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<wildcard@localdomain2.com>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: delivers mail to regexp alias" {
run docker exec mail /bin/sh -c "grep 'to=<user1@localhost.localdomain>, orig_to=<test123@localhost.localdomain>' /var/log/mail/mail.log | grep 'status=sent' | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: user1 should have received 5 mails" {
run docker exec mail /bin/sh -c "ls -A /var/mail/localhost.localdomain/user1/new | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 5 ]
}
@test "checking smtp: rejects mail to unknown user" {
run docker exec mail /bin/sh -c "grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: redirects mail to external aliases" {
run docker exec mail /bin/sh -c "grep -- '-> <external1@otherdomain.tld>' /var/log/mail/mail.log | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 2 ]
}
@test "checking smtp: rejects spam" {
run docker exec mail /bin/sh -c "grep 'Blocked SPAM' /var/log/mail/mail.log | grep spam@external.tld | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
@test "checking smtp: rejects virus" {
run docker exec mail /bin/sh -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | grep virus@external.tld | wc -l"
[ "$status" -eq 0 ]
[ "$output" = 1 ]
}
#
# accounts
#
@test "checking accounts: user accounts" {
run docker exec mail doveadm user '*'
[ "$status" -eq 0 ]
[ "${lines[0]}" = "user1@localhost.localdomain" ]
[ "${lines[1]}" = "user2@otherdomain.tld" ]
}
@test "checking accounts: user mail folders for user1" {
run docker exec mail /bin/bash -c "ls -A /var/mail/localhost.localdomain/user1 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 7 ]
}
@test "checking accounts: user mail folders for user2" {
run docker exec mail /bin/bash -c "ls -A /var/mail/otherdomain.tld/user2 | grep -E '.Drafts|.Sent|.Trash|cur|new|subscriptions|tmp' | wc -l"
[ "$status" -eq 0 ]
[ "$output" -eq 7 ]
}
#
# postfix
#
@test "checking postfix: vhost file is correct" {
run docker exec mail cat /etc/postfix/vhost
[ "$status" -eq 0 ]
[ "${lines[0]}" = "localdomain2.com" ]
[ "${lines[1]}" = "localhost.localdomain" ]
[ "${lines[2]}" = "otherdomain.tld" ]
}
@test "checking postfix: main.cf overrides" {
run docker exec mail grep -q 'max_idle = 600s' /tmp/docker-mailserver/postfix-main.cf
[ "$status" -eq 0 ]
run docker exec mail grep -q 'readme_directory = /tmp' /tmp/docker-mailserver/postfix-main.cf
[ "$status" -eq 0 ]
}
#
# dovecot
#
@test "checking dovecot: config additions" {
run docker exec mail grep -q 'mail_max_userip_connections = 69' /tmp/docker-mailserver/dovecot.cf
[ "$status" -eq 0 ]
run docker exec mail /bin/sh -c "doveconf | grep 'mail_max_userip_connections = 69'"
[ "$status" -eq 0 ]
[ "$output" = 'mail_max_userip_connections = 69' ]
}
#
# spamassassin
#
@test "checking spamassassin: docker env variables are set correctly (default)" {
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
[ "$status" -eq 0 ]
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'"
[ "$status" -eq 0 ]
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'"
[ "$status" -eq 0 ]
}
@test "checking spamassassin: docker env variables are set correctly (custom)" {
run docker exec mail /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 1.0'"
[ "$status" -eq 0 ]
run docker exec mail /bin/sh -c "grep '\$sa_tag2_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
[ "$status" -eq 0 ]
run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 3.0'"
[ "$status" -eq 0 ]
}
#
# opendkim
#