From 40e10d755dda8efeb83bc55b2e0a3b311ce3bbd1 Mon Sep 17 00:00:00 2001
From: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Date: Sat, 18 Feb 2023 19:22:20 +0100
Subject: [PATCH] setup: improve Amavis setup routine (#3079)

* improve Amavis setup routine

see https://github.com/docker-mailserver/docker-mailserver/pull/3046#issuecomment-1423718811
---
 target/postfix/main.cf                        |  3 -
 target/scripts/startup/setup-stack.sh         |  6 +-
 .../parallel/set1/spam_virus/amavis.bats      | 56 +++++++++++++++++--
 3 files changed, 55 insertions(+), 10 deletions(-)

diff --git a/target/postfix/main.cf b/target/postfix/main.cf
index a8dff257..72117b07 100644
--- a/target/postfix/main.cf
+++ b/target/postfix/main.cf
@@ -85,9 +85,6 @@ virtual_mailbox_domains = /etc/postfix/vhost
 virtual_mailbox_maps = texthash:/etc/postfix/vmailbox
 virtual_alias_maps = texthash:/etc/postfix/virtual
 
-# Additional option for filtering
-content_filter = smtp-amavis:[127.0.0.1]:10024
-
 # Milters used by DKIM
 milter_protocol = 6
 milter_default_action = accept
diff --git a/target/scripts/startup/setup-stack.sh b/target/scripts/startup/setup-stack.sh
index 6780eab0..0e862f21 100644
--- a/target/scripts/startup/setup-stack.sh
+++ b/target/scripts/startup/setup-stack.sh
@@ -73,14 +73,14 @@ function _setup_amavis
   if [[ ${ENABLE_AMAVIS} -eq 1 ]]
   then
     _log 'debug' 'Setting up Amavis'
+
     cat /etc/dms/postfix/master.d/postfix-amavis.cf >>/etc/postfix/master.cf
+    postconf 'content_filter = smtp-amavis:[127.0.0.1]:10024'
+
     sed -i \
       "s|^#\$myhostname = \"mail.example.com\";|\$myhostname = \"${HOSTNAME}\";|" \
       /etc/amavis/conf.d/05-node_id
   else
-    _log 'debug' "Removing Amavis from Postfix's configuration"
-    sed -i 's|content_filter =.*|content_filter =|' /etc/postfix/main.cf
-
     _log 'debug' 'Disabling Amavis cron job'
     mv /etc/cron.d/amavisd-new /etc/cron.d/amavisd-new.disabled
     chmod 0 /etc/cron.d/amavisd-new.disabled
diff --git a/test/tests/parallel/set1/spam_virus/amavis.bats b/test/tests/parallel/set1/spam_virus/amavis.bats
index 18097e69..c687a70c 100644
--- a/test/tests/parallel/set1/spam_virus/amavis.bats
+++ b/test/tests/parallel/set1/spam_virus/amavis.bats
@@ -2,23 +2,52 @@ load "${REPOSITORY_ROOT}/test/helper/common"
 load "${REPOSITORY_ROOT}/test/helper/setup"
 
 BATS_TEST_NAME_PREFIX='[Amavis + SA] '
-CONTAINER_NAME='dms-test_amavis'
+CONTAINER1_NAME='dms-test_amavis_enabled'
+CONTAINER2_NAME='dms-test_amavis_disabled'
 
 function setup_file() {
-  _init_with_defaults
+  export CONTAINER_NAME
 
+  CONTAINER_NAME=${CONTAINER1_NAME}
+  _init_with_defaults
   local CUSTOM_SETUP_ARGUMENTS=(
     --env ENABLE_AMAVIS=1
     --env AMAVIS_LOGLEVEL=2
     --env ENABLE_SPAMASSASSIN=1
   )
+  _common_container_setup 'CUSTOM_SETUP_ARGUMENTS'
 
+  CONTAINER_NAME=${CONTAINER2_NAME}
+  _init_with_defaults
+   local CUSTOM_SETUP_ARGUMENTS=(
+    --env ENABLE_AMAVIS=0
+    --env ENABLE_SPAMASSASSIN=0
+  )
   _common_container_setup 'CUSTOM_SETUP_ARGUMENTS'
 }
 
 function teardown_file() { _default_teardown ; }
 
-@test 'SpamAssassin integration should be active' {
+@test '(Amavis enabled) configuration should be correct' {
+  export CONTAINER_NAME=${CONTAINER1_NAME}
+
+  _run_in_container postconf -h content_filter
+  assert_success
+  assert_line 'smtp-amavis:[127.0.0.1]:10024'
+  _run_in_container grep 'smtp-amavis' /etc/postfix/master.cf
+  assert_success
+  _run_in_container grep -F '127.0.0.1:10025' /etc/postfix/master.cf
+  assert_success
+
+  _run_in_container_bash '[[ -f /etc/cron.d/amavisd-new.disabled ]]'
+  assert_failure
+  _run_in_container_bash '[[ -f /etc/cron.d/amavisd-new ]]'
+  assert_success
+}
+
+@test '(Amavis enabled) SA integration should be active' {
+  export CONTAINER_NAME=${CONTAINER1_NAME}
+
   # give Amavis just a bit of time to print out its full debug log
   run _repeat_in_container_until_success_or_timeout 5 "${CONTAINER_NAME}" grep 'ANTI-SPAM-SA' /var/log/mail/mail.log
   assert_success
@@ -26,7 +55,9 @@ function teardown_file() { _default_teardown ; }
   refute_output --partial 'NOT loaded'
 }
 
-@test 'SA ENV should update Amavis config' {
+@test '(Amavis enabled) SA ENV should update Amavis config' {
+  export CONTAINER_NAME=${CONTAINER1_NAME}
+
   local AMAVIS_DEFAULTS_FILE='/etc/amavis/conf.d/20-debian_defaults'
   _run_in_container grep '\$sa_tag_level_deflt' "${AMAVIS_DEFAULTS_FILE}"
   assert_success
@@ -44,3 +75,20 @@ function teardown_file() { _default_teardown ; }
   assert_success
   assert_output --partial "= '***SPAM*** ';"
 }
+
+@test '(Amavis disabled) configuration should be correct' {
+  export CONTAINER_NAME=${CONTAINER2_NAME}
+
+  _run_in_container postconf -h content_filter
+  assert_success
+  refute_output --partial 'smtp-amavis:[127.0.0.1]:10024'
+  _run_in_container grep 'smtp-amavis' /etc/postfix/master.cf
+  assert_failure
+  _run_in_container grep -F '127.0.0.1:10025' /etc/postfix/master.cf
+  assert_failure
+
+  _run_in_container_bash '[[ -f /etc/cron.d/amavisd-new.disabled ]]'
+  assert_success
+  _run_in_container_bash '[[ -f /etc/cron.d/amavisd-new ]]'
+  assert_failure
+}