Merge pull request #1479 from youtous/fix-ldap-quotas

fix 1478
This commit is contained in:
Erik Wramner 2020-04-30 16:54:55 +02:00 committed by GitHub
commit 46c50f93ad
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 6 deletions

View file

@ -634,14 +634,18 @@ function _setup_dovecot() {
function _setup_dovecot_quota() {
notify 'task' 'Setting up Dovecot quota'
if [ "$ENABLE_LDAP" = 1 ]; then
notify 'inf' "Dovecot quota is not implemented with LDAP."
if [ "$ENABLE_LDAP" = 1 ] || [ "$SMTP_ONLY" = 1 ]; then
# Dovecot quota is disabled when using LDAP or SMTP_ONLY
# disable dovecot quota in docevot confs
if [ -f /etc/dovecot/conf.d/90-quota.conf ]; then
mv /etc/dovecot/conf.d/90-quota.conf /etc/dovecot/conf.d/90-quota.conf.disab
sed -i "s/mail_plugins = \$mail_plugins quota/mail_plugins = \$mail_plugins/g" /etc/dovecot/conf.d/10-mail.conf
sed -i "s/mail_plugins = \$mail_plugins imap_quota/mail_plugins = \$mail_plugins/g" /etc/dovecot/conf.d/20-imap.conf
fi
# disable quota policy check in postfix
sed -i "s/check_policy_service inet:localhost:65265//g" /etc/postfix/main.cf
else
if [ -f /etc/dovecot/conf.d/90-quota.conf.disab ]; then
mv /etc/dovecot/conf.d/90-quota.conf.disab /etc/dovecot/conf.d/90-quota.conf
@ -659,11 +663,8 @@ function _setup_dovecot_quota() {
notify 'inf' "'config/docker-mailserver/dovecot-quotas.cf' is not provided. Using default quotas."
echo -n >/tmp/docker-mailserver/dovecot-quotas.cf
fi
fi
if [ "$SMTP_ONLY" = 1 ]; then
sed -i "s/check_policy_service inet:localhost:65265//g" /etc/postfix/main.cf
else
# enable quota policy check in postfix
sed -i "s/reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org/reject_unknown_recipient_domain, check_policy_service inet:localhost:65265, reject_rbl_client zen.spamhaus.org/g" /etc/postfix/main.cf
fi
}

View file

@ -179,6 +179,11 @@ function teardown_file() {
assert_success
}
@test "checking postfix: dovecot quota absent in postconf" {
run docker exec mail_with_ldap /bin/bash -c "postconf | grep 'check_policy_service inet:localhost:65265'"
assert_failure
}
@test "checking spoofing: rejects sender forging" {
run docker exec mail_with_ldap /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/ldap-smtp-auth-spoofed.txt | grep 'Sender address rejected: not owned by user'"
assert_success