Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/mailfolder

This commit is contained in:
Steffen 2017-07-11 23:34:58 +02:00 committed by GitHub
parent 3f0108b9a6 dbf65789f2
commit f9ff2d1676
9 changed files with 204 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -7,3 +7,6 @@
[submodule "test/test_helper/bats-assert"]
path = test/test_helper/bats-assert
url = https://github.com/ztombol/bats-assert
[submodule "target/docker-configomat"]
path = target/docker-configomat
url = https://github.com/alinmear/docker-configomat

2
Dockerfile
View File

@ -144,7 +144,7 @@ RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > /et
COPY ./target/bin /usr/local/bin
# Start-mailserver script
COPY ./target/start-mailserver.sh /usr/local/bin/
COPY ./target/start-mailserver.sh ./target/docker-configomat/configomat.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/*
EXPOSE 25 587 143 993 110 995 4190

15
Makefile
View File

@ -27,6 +27,7 @@ run:
-e SA_TAG=-5.0 \
-e SA_TAG2=2.0 \
-e SA_KILL=3.0 \
-e SA_SPAM_SUBJECT="SPAM: " \
-e VIRUSMAILS_DELETE_DELAY=7 \
-e SASL_PASSWD="external-domain.com username:password" \
-e ENABLE_MANAGESIEVE=1 \
@ -51,6 +52,13 @@ run:
-e OVERRIDE_HOSTNAME=mail.my-domain.com \
-t $(NAME)
sleep 15
docker run -d --name mail_smtponly_without_config \
-e SMTP_ONLY=1 \
-e ENABLE_LDAP=1 \
-e PERMIT_DOCKER=network \
-e OVERRIDE_HOSTNAME=mail.mydomain.com \
-t $(NAME)
sleep 15
docker run -d --name mail_override_hostname \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test":/tmp/docker-mailserver-test \
@ -99,6 +107,12 @@ run:
-e LDAP_SERVER_HOST=ldap \
-e LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \
-e LDAP_BIND_DN=cn=admin,dc=localhost,dc=localdomain \
-e LDAP_BIND_PW=admin \
-e LDAP_QUERY_FILTER_USER="(&(mail=%s)(mailEnabled=TRUE))" \
-e LDAP_QUERY_FILTER_GROUP="(&(mailGroupMember=%s)(mailEnabled=TRUE))" \
-e LDAP_QUERY_FILTER_ALIAS="(&(mailAlias=%s)(mailEnabled=TRUE))" \
-e DOVECOT_PASS_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
-e DOVECOT_USER_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
-e ENABLE_SASLAUTHD=1 \
-e SASLAUTHD_MECHANISMS=ldap \
-e SASLAUTHD_LDAP_SERVER=ldap \
@ -177,6 +191,7 @@ clean:
mail \
mail_pop3 \
mail_smtponly \
mail_smtponly_without_config \
mail_fail2ban \
mail_fetchmail \
fail-auth-mailer \

122
README.md
View File

@ -44,7 +44,7 @@ Your configs must be mounted in `/tmp/docker-mailserver/`. To understand how thi
`restart: always` ensures that the mail server container (and ELK container when using the mail server together with ELK stack) is automatically restarted by Docker in cases like a Docker service or host restart or container exit.
```yaml
```yaml
version: '2'
services:
@ -79,6 +79,60 @@ volumes:
driver: local
```
__for ldap setup__:
```yaml
version: '2'
services:
mail:
image: tvial/docker-mailserver:latest
hostname: mail
domainname: domain.com
container_name: mail
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- ./config/:/tmp/docker-mailserver/
environment:
- ENABLE_SPAMASSASSIN=1
- ENABLE_CLAMAV=1
- ENABLE_FAIL2BAN=1
- ENABLE_POSTGREY=1
- ONE_DIR=1
- DMS_DEBUG=0
- ENABLE_LDAP=1
- LDAP_SERVER_HOST=ldap # your ldap container/IP/ServerName
- LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain
- LDAP_BIND_DN=cn=admin,dc=localhost,dc=localdomain
- LDAP_BIND_PW=admin
- LDAP_QUERY_FILTER_USER="(&(mail=%s)(mailEnabled=TRUE))"
- LDAP_QUERY_FILTER_GROUP="(&(mailGroupMember=%s)(mailEnabled=TRUE))"
- LDAP_QUERY_FILTER_ALIAS="(&(mailAlias=%s)(mailEnabled=TRUE))"
- DOVECOT_PASS_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))"
- DOVECOT_USER_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))"
- ENABLE_SASLAUTHD=1
- SASLAUTHD_MECHANISMS=ldap
- SASLAUTHD_LDAP_SERVER=ldap
- SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=localhost,dc=localdomain
- SASLAUTHD_LDAP_PASSWORD=admin
- SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain
- POSTMASTER_ADDRESS=postmaster@localhost.localdomain
cap_add:
- NET_ADMIN
volumes:
maildata:
driver: local
mailstate:
driver: local
```
#### Create your mail accounts
Don't forget to adapt MAIL_USER and MAIL_PASS to your needs
@ -146,6 +200,12 @@ Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
##### SA_SPAM_SUBJECT
- **\*\*\*SPAM\*\*\*** => add tag to subject if spam detected
Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
##### ONE_DIR
- **0** => state in default directories
@ -206,6 +266,29 @@ Otherwise, `iptables` won't be able to ban IPs.
- **empty** => admin
- => Specify the password to bind against ldap
##### LDAP_QUERY_FILTER_USER
- e.g. `"(&(mail=%s)(mailEnabled=TRUE))"`
- => Specify how ldap should be asked for users
##### LDAP_QUERY_FILTER_GROUP
- e.g. `"(&(mailGroupMember=%s)(mailEnabled=TRUE))"`
- => Specify how ldap should be asked for groups
##### LDAP_QUERY_FILTER_ALIAS
- e.g. `"(&(mailAlias=%s)(mailEnabled=TRUE))"`
- => Specify how ldap should be asked for aliases
##### DOVECOT_USER_FILTER
- e.g. `"(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))"`
##### DOVECOT_PASS_FILTER
- e.g. `"(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))"`
##### OVERRIDE_HOSTNAME
- **empty** => uses the `hostname` command to get the mail server's canonical hostname
@ -228,13 +311,13 @@ Otherwise, `iptables` won't be able to ban IPs.
Note: This postgrey setting needs `ENABLE_POSTGREY=1`
##### POSTGREY_MAX_AGE
- **35** => delete entries older than N days since the last time that they have been seen
Note: This postgrey setting needs `ENABLE_POSTGREY=1`
##### POSTGREY_TEXT
- **Delayed by postgrey** => response when a mail is greylisted
Note: This postgrey setting needs `ENABLE_POSTGREY=1`
@ -247,10 +330,10 @@ Note: This postgrey setting needs `ENABLE_POSTGREY=1`
##### SASLAUTHD_MECHANISMS
- empty => pam
- ldap => authenticate against ldap server
- shadow => authenticate against local user db
- mysql => authenticate against mysql db
- rimap => authenticate against imap server
- `ldap` => authenticate against ldap server
- `shadow` => authenticate against local user db
- `mysql` => authenticate against mysql db
- `rimap` => authenticate against imap server
- NOTE: can be a list of mechanisms like pam ldap shadow
##### SASLAUTHD_MECH_OPTIONS
@ -264,8 +347,8 @@ Note: This postgrey setting needs `ENABLE_POSTGREY=1`
##### SASLAUTHD_LDAP_SSL
- empty or 0 => ldap:// will be used
- 1 => ldaps:// will be used
- empty or 0 => `ldap://` will be used
- 1 => `ldaps://` will be used
##### SASLAUTHD_LDAP_BIND_DN
@ -285,9 +368,9 @@ Note: This postgrey setting needs `ENABLE_POSTGREY=1`
##### SASLAUTHD_LDAP_FILTER
- empty => default filter (&(uniqueIdentifier=%u)(mailEnabled=TRUE))
- e.g. for active directory: (&(sAMAccountName=%U)(objectClass=person))
- e.g. for openldap: (&(uid=%U)(objectClass=person))
- empty => default filter `(&(uniqueIdentifier=%u)(mailEnabled=TRUE))`
- e.g. for active directory: `(&(sAMAccountName=%U)(objectClass=person))`
- e.g. for openldap: `(&(uid=%U)(objectClass=person))`
##### SASL_PASSWD
@ -325,15 +408,16 @@ Set how many days a virusmail will stay on the server before being deleted
##### ENABLE_POSTFIX_VIRTUAL_TRANSPORT
This Option is activating the Usage of POSTFIX_DAGENT to specify a ltmp client different from default dovecot socket.
- **empty** => disabled
- 1 => enabled
- **empty** => disabled
- 1 => enabled
##### POSTFIX_DAGENT
Enabled by ENABLE_POSTFIX_VIRTUAL_TRANSPORT. Specify the final delivery of postfix
- **empty**: fail
- lmtp:unix:private/dovecot-lmtp (use socket)
- lmtps:inet:<host>:<port> (secure lmtp with starttls, take a look at https://sys4.de/en/blog/2014/11/17/sicheres-lmtp-mit-starttls-in-dovecot/)
- lmtp:<kopano-host>:2003 (use kopano as mailstore)
- etc.
- **empty**: fail
- `lmtp:unix:private/dovecot-lmtp` (use socket)
- `lmtps:inet:<host>:<port>` (secure lmtp with starttls, take a look at https://sys4.de/en/blog/2014/11/17/sicheres-lmtp-mit-starttls-in-dovecot/)
- `lmtp:<kopano-host>:2003` (use kopano as mailstore)
- etc.

0
config/postfix-master.cf Normal file
View File

1
target/docker-configomat Submodule

@ -0,0 +1 @@
Subproject commit e3e84ded29d88b2945c0782dbb43237c561a54a9

98
target/start-mailserver.sh
View File

@ -316,50 +316,6 @@ function display_startup_daemon() {
return $res
}
function override_config() {
notify "task" "Starting do do overrides"
declare -A config_overrides
_env_variable_prefix=$1
[ -z ${_env_variable_prefix} ] && return 1
IFS=" " read -r -a _config_files <<< $2
# dispatch env variables
for env_variable in $(printenv | grep $_env_variable_prefix);do
# get key
# IFS not working because values like ldap_query_filter or search base consists of several '='
# IFS="=" read -r -a __values <<< $env_variable
# key="${__values[0]}"
# value="${__values[1]}"
key=$(echo $env_variable | cut -d "=" -f1)
key=${key#"${_env_variable_prefix}"}
# make key lowercase
key=${key,,}
# get value
value=$(echo $env_variable | cut -d "=" -f2-)
config_overrides[$key]=$value
done
for f in "${_config_files[@]}"
do
if [ ! -f "${f}" ];then
echo "Can not find ${f}. Skipping override"
else
for key in ${!config_overrides[@]}
do
[ -z $key ] && echo -e "\t no key provided" && return 1
sed -i -e "s|^${key}[[:space:]]\+.*|${key} = "${config_overrides[$key]}'|g' \
${f}
done
fi
done
}
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# ! CARE --> DON'T CHANGE, except you know exactly what you are doing
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
@ -570,21 +526,37 @@ function _setup_ldap() {
for i in 'users' 'groups' 'aliases'; do
fpath="/tmp/docker-mailserver/ldap-${i}.cf"
if [ -f $fpath ]; then
cp ${fpath} /etc/postfix/ldap-${i}.cf
cp ${fpath} /etc/postfix/ldap-${i}.cf
fi
done
notify 'inf' 'Starting to override configs'
override_config "LDAP_" "/etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf"
for f in /etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf
do
[[ $f =~ ldap-user ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_USER}"
[[ $f =~ ldap-group ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_GROUP}"
[[ $f =~ ldap-aliases ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_ALIAS}"
configomat.sh "LDAP_" "${f}"
done
notify 'inf' "Configuring dovecot LDAP"
declare -A _dovecot_ldap_mapping
_dovecot_ldap_mapping["DOVECOT_BASE"]="${DOVECOT_BASE:="${LDAP_SEARCH_BASE}"}"
_dovecot_ldap_mapping["DOVECOT_DN"]="${DOVECOT_DN:="${LDAP_BIND_DN}"}"
_dovecot_ldap_mapping["DOVECOT_DNPASS"]="${DOVECOT_DNPASS:="${LDAP_BIND_PW}"}"
_dovecot_ldap_mapping["DOVECOT_HOSTS"]="${DOVECOT_HOSTS:="${LDAP_SERVER_HOST}"}"
# Not sure whether this can be the same or not
# _dovecot_ldap_mapping["DOVECOT_PASS_FILTER"]="${DOVECOT_PASS_FILTER:="${LDAP_QUERY_FILTER_USER}"}"
# _dovecot_ldap_mapping["DOVECOT_USER_FILTER"]="${DOVECOT_USER_FILTER:="${LDAP_QUERY_FILTER_USER}"}"
for var in ${!_dovecot_ldap_mapping[@]}; do
export $var=${_dovecot_ldap_mapping[$var]}
done
configomat.sh "DOVECOT_" "/etc/dovecot/dovecot-ldap.conf.ext"
# @TODO: Environment Variables for DOVECOT ldap integration to configure for better control
notify 'inf' "Configuring dovecot LDAP authentification"
sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
/etc/dovecot/dovecot-ldap.conf.ext
# Add domainname to vhost.
echo $DOMAINNAME >> /tmp/vhost.tmp
@ -630,7 +602,7 @@ EOF
# cyrus sasl or dovecot sasl
if [[ ${ENABLE_SASLAUTHD} == 1 ]] || [[ ${SMTP_ONLY} == 0 ]];then
sed -i -e 's|^smtpd_sasl_auth_enable[[:space:]]\+.*|smtpd_sasl_auth_enable = yes|g' /etc/postfix/main.cf
else
else
sed -i -e 's|^smtpd_sasl_auth_enable[[:space:]]\+.*|smtpd_sasl_auth_enable = no|g' /etc/postfix/main.cf
fi
@ -668,7 +640,7 @@ EOF
sed -i \
-e "/^[^#].*smtpd_sasl_type.*/s/^/#/g" \
-e "/^[^#].*smtpd_sasl_path.*/s/^/#/g" \
etc/postfix/master.cf
/etc/postfix/master.cf
sed -i \
-e "s|^START=.*|START=yes|g" \
@ -735,6 +707,9 @@ function _setup_dkim() {
chmod -R 0700 /etc/opendkim/keys/
else
notify 'warn' "No DKIM key provided. Check the documentation to find how to get your keys."
local _f_keytable="/etc/opendkim/KeyTable"
[ ! -f "$_f_keytable" ] && touch "$_f_keytable"
fi
}
@ -902,6 +877,16 @@ function _setup_postfix_override_configuration() {
else
notify 'inf' "No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' not provided."
fi
if [ -f /tmp/docker-mailserver/postfix-master.cf ]; then
while read line; do
if [[ "$line" =~ ^[a-z] ]]; then
postconf -P "$line"
fi
done < /tmp/docker-mailserver/postfix-master.cf
notify 'inf' "Loaded 'config/postfix-master.cf'"
else
notify 'inf' "No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-master.cf' not provided."
fi
}
function _setup_postfix_sasl_password() {
@ -958,6 +943,7 @@ function _setup_security_stack() {
SA_TAG=${SA_TAG:="2.0"} && sed -i -r 's/^\$sa_tag_level_deflt (.*);/\$sa_tag_level_deflt = '$SA_TAG';/g' /etc/amavis/conf.d/20-debian_defaults
SA_TAG2=${SA_TAG2:="6.31"} && sed -i -r 's/^\$sa_tag2_level_deflt (.*);/\$sa_tag2_level_deflt = '$SA_TAG2';/g' /etc/amavis/conf.d/20-debian_defaults
SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kill_level_deflt = '$SA_KILL';/g' /etc/amavis/conf.d/20-debian_defaults
SA_SPAM_SUBJECT=${SA_SPAM_SUBJECT:="***SPAM*** "} && sed -i -r 's/^\$sa_spam_subject_tag (.*);/\$sa_spam_subject_tag = '"'$SA_SPAM_SUBJECT'"';/g' /etc/amavis/conf.d/20-debian_defaults
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
fi

1
test/config/postfix-master.cf Normal file
View File

@ -0,0 +1 @@
submission/inet/smtpd_sasl_security_options=noanonymous

52
test/tests.bats
View File

@ -341,7 +341,7 @@ load 'test_helper/bats-assert/load'
run docker exec mail_smtponly /bin/sh -c 'grep -cE "to=<user2\@external.tld>.*status\=sent" /var/log/mail/mail.log'
[ "$status" -ge 0 ]
}
#
@ -391,6 +391,11 @@ load 'test_helper/bats-assert/load'
assert_success
}
@test "checking postfix: master.cf overrides" {
run docker exec mail grep -q 'submission/inet/smtpd_sasl_security_options=noanonymous' /tmp/docker-mailserver/postfix-master.cf
assert_success
}
#
# dovecot
#
@ -424,6 +429,8 @@ load 'test_helper/bats-assert/load'
assert_success
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 6.31'"
assert_success
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_spam_subject_tag' /etc/amavis/conf.d/20-debian_defaults | grep '= .\*\*\*SPAM\*\*\* .'"
assert_success
}
@test "checking spamassassin: docker env variables are set correctly (custom)" {
@ -433,6 +440,8 @@ load 'test_helper/bats-assert/load'
assert_success
run docker exec mail /bin/sh -c "grep '\$sa_kill_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 3.0'"
assert_success
run docker exec mail /bin/sh -c "grep '\$sa_spam_subject_tag' /etc/amavis/conf.d/20-debian_defaults | grep '= .SPAM: .'"
assert_success
}
@test "checking spamassassin: all registered domains should see spam headers" {
@ -472,6 +481,12 @@ load 'test_helper/bats-assert/load'
assert_output 2
}
@test "checking opendkim: /etc/opendkim/KeyTable dummy file generated without keys provided" {
run docker exec mail_smtponly_without_config /bin/bash -c "cat /etc/opendkim/KeyTable"
assert_success
}
@test "checking opendkim: /etc/opendkim/keys/ should contain 2 entries" {
run docker exec mail /bin/sh -c "ls -l /etc/opendkim/keys/ | grep '^d' | wc -l"
assert_success
@ -1036,34 +1051,34 @@ load 'test_helper/bats-assert/load'
}
@test "checking postfix: ldap custom config files copied" {
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-users.cf"
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-users.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-groups.cf"
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-groups.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-aliases.cf"
run docker exec mail_with_ldap /bin/sh -c "grep '# Testconfig for ldap integration' /etc/postfix/ldap-aliases.cf"
assert_success
}
@test "checking postfix: ldap config overwrites success" {
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-users.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-users.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-users.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-groups.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-groups.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-groups.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-aliases.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'server_host = ldap' /etc/postfix/ldap-aliases.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'search_base = ou=people,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf"
run docker exec mail_with_ldap /bin/sh -c "grep 'bind_dn = cn=admin,dc=localhost,dc=localdomain' /etc/postfix/ldap-aliases.cf"
assert_success
}
@ -1074,7 +1089,7 @@ load 'test_helper/bats-assert/load'
}
# This is ldap, so the mail directory gets set differently!
@test "checking dovecot: mail delivery works" {
@test "checking dovecot: ldap mail delivery works" {
run docker exec mail_with_ldap /bin/sh -c "sendmail -f user@external.tld some.user@localhost.localdomain < /tmp/docker-mailserver-test/email-templates/test-email.txt"
sleep 10
run docker exec mail_with_ldap /bin/sh -c "ls -A /var/mail/localhost.localdomain/some.user/new | wc -l"
@ -1082,6 +1097,15 @@ load 'test_helper/bats-assert/load'
assert_output 1
}
@test "checking dovecot: ldap config overwrites success" {
run docker exec mail_with_ldap /bin/sh -c "grep 'hosts = ldap' /etc/dovecot/dovecot-ldap.conf.ext"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'base = ou=people,dc=localhost,dc=localdomain' /etc/dovecot/dovecot-ldap.conf.ext"
assert_success
run docker exec mail_with_ldap /bin/sh -c "grep 'dn = cn=admin,dc=localhost,dc=localdomain' /etc/dovecot/dovecot-ldap.conf.ext"
assert_success
}
# saslauthd
@test "checking saslauthd: sasl ldap authentication works" {
run docker exec mail_with_ldap bash -c "testsaslauthd -u some.user -p secret"