mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
new setup.sh function, new tests, new script
This commit is contained in:
parent
115ad555be
commit
5394a505b9
12
setup.sh
12
setup.sh
|
@ -42,9 +42,10 @@ SUBCOMMANDS:
|
|||
|
||||
email:
|
||||
|
||||
$0 email add <email> <password>
|
||||
$0 email update <email> <password>
|
||||
$0 email add <email> [<password>]
|
||||
$0 email update <email> [<password>]
|
||||
$0 email del <email>
|
||||
$0 email restrict <add|del|list> <send|receive> [<email>]
|
||||
$0 email list
|
||||
|
||||
alias:
|
||||
|
@ -60,7 +61,7 @@ SUBCOMMANDS:
|
|||
debug:
|
||||
|
||||
$0 debug fetchmail
|
||||
$0 debug fail2ban <unban> <ip-address>
|
||||
$0 debug fail2ban [<unban> <ip-address>]
|
||||
$0 debug show-mail-logs
|
||||
$0 debug inspect
|
||||
$0 debug login <commands>
|
||||
|
@ -117,7 +118,6 @@ case $1 in
|
|||
email)
|
||||
shift
|
||||
case $1 in
|
||||
|
||||
add)
|
||||
shift
|
||||
_docker_image addmailuser $@
|
||||
|
@ -130,6 +130,10 @@ case $1 in
|
|||
shift
|
||||
_docker_image delmailuser $@
|
||||
;;
|
||||
restrict)
|
||||
shift
|
||||
_docker_image restrict-access $@
|
||||
;;
|
||||
list)
|
||||
_docker_image listmailuser
|
||||
;;
|
||||
|
|
56
target/bin/restrict-access
Executable file
56
target/bin/restrict-access
Executable file
|
@ -0,0 +1,56 @@
|
|||
#! /bin/bash
|
||||
|
||||
MODE="$1"
|
||||
USER="$3"
|
||||
|
||||
usage() {
|
||||
echo "Usage: $0 <add|del|list> <send|receive> [<email@domain.com>]"
|
||||
}
|
||||
|
||||
raise() {
|
||||
echo "$@" 1>&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
escape() {
|
||||
echo "${1//./\\.}"
|
||||
}
|
||||
[ -z "$MODE" ] && raise "missing parameters: <add|del|list> <send|receive> [<email@domain.com>]"
|
||||
|
||||
case $2 in
|
||||
send)
|
||||
DATABASE="/tmp/docker-mailserver/postfix-send-access.cf"
|
||||
;;
|
||||
receive)
|
||||
DATABASE="/tmp/docker-mailserver/postfix-receive-access.cf"
|
||||
;;
|
||||
*)
|
||||
usage; raise "missing parameters. Specify \"send\" or \"receive\"";
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -z "$USER" ] && [ "$MODE" != list ]; then
|
||||
read -p "User(user@domain.com): " USER
|
||||
echo
|
||||
[ -z "$USER" ] && raise "User must not be empty"
|
||||
fi
|
||||
|
||||
|
||||
case $MODE in
|
||||
add)
|
||||
grep -qi "^$(escape "$USER")" $DATABASE 2>/dev/null &&
|
||||
raise "User \"$USER\" already denied to $2 mails"
|
||||
echo -e "$USER \t\t REJECT" >>$DATABASE
|
||||
;;
|
||||
del)
|
||||
sed -ie "/^$(escape "$USER")/d" $DATABASE 2>/dev/null ||
|
||||
raise "User \"$USER\" not found."
|
||||
;;
|
||||
list)
|
||||
grep "REJECT" $DATABASE 2>/dev/null ||
|
||||
echo "Everyone is allowed to $2 mails."
|
||||
;;
|
||||
*)
|
||||
usage; raise "missing mode. Specify \"add\", \"del\" or \"list\"";
|
||||
;;
|
||||
esac
|
|
@ -44,10 +44,9 @@ smtpd_helo_required = yes
|
|||
smtpd_delay_reject = yes
|
||||
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
|
||||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
||||
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf,
|
||||
reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
|
||||
smtpd_recipient_restrictions = check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
|
||||
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining
|
||||
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_sender_login_mismatch
|
||||
smtpd_sender_restrictions = check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf, permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_sender_login_mismatch
|
||||
disable_vrfy_command = yes
|
||||
|
||||
# Postscreen settings to drop zombies/open relays/spam early
|
||||
|
|
1
test/config/postfix-receive-access.cf
Normal file
1
test/config/postfix-receive-access.cf
Normal file
|
@ -0,0 +1 @@
|
|||
|
1
test/config/postfix-send-access.cf
Normal file
1
test/config/postfix-send-access.cf
Normal file
|
@ -0,0 +1 @@
|
|||
|
|
@ -146,7 +146,7 @@ load 'test_helper/bats-assert/load'
|
|||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/permit_sasl_authenticated.*policyd-spf,$//g' /etc/postfix/main.cf"
|
||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_unauth_pipelining.*reject_unknown_recipient_domain,$//g' /etc/postfix/main.cf"
|
||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_rbl_client.*inet:127\.0\.0\.1:10023$//g' /etc/postfix/main.cf"
|
||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/smtpd_recipient_restrictions = /smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023/g' /etc/postfix/main.cf"
|
||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/smtpd_recipient_restrictions =/smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023/g' /etc/postfix/main.cf"
|
||||
|
||||
run docker exec mail_with_postgrey /bin/sh -c "/etc/init.d/postfix reload"
|
||||
run docker exec mail_with_postgrey /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/postgrey.txt"
|
||||
|
@ -1122,6 +1122,27 @@ load 'test_helper/bats-assert/load'
|
|||
[ -z "$value" ]
|
||||
}
|
||||
|
||||
@test "checking setup.sh: setup.sh email restrict" {
|
||||
run ./setup.sh -c mail email restrict
|
||||
assert_failure
|
||||
run ./setup.sh -c mail email restrict add
|
||||
assert_failure
|
||||
./setup.sh -c mail email restrict add send lorem@impsum.org
|
||||
run ./setup.sh -c mail email restrict list send
|
||||
assert_output --regexp "^lorem@impsum.org.*REJECT"
|
||||
|
||||
run ./setup.sh -c mail email restrict del send lorem@impsum.org
|
||||
assert_success
|
||||
run ./setup.sh -c mail email restrict list send
|
||||
assert_output --partial "Everyone is allowed"
|
||||
|
||||
./setup.sh -c mail email restrict add receive rec_lorem@impsum.org
|
||||
run ./setup.sh -c mail email restrict list receive
|
||||
assert_output --regexp "^rec_lorem@impsum.org.*REJECT"
|
||||
run ./setup.sh -c mail email restrict del receive rec_lorem@impsum.org
|
||||
assert_success
|
||||
}
|
||||
|
||||
# alias
|
||||
@test "checking setup.sh: setup.sh alias list" {
|
||||
echo "test@example.org test@forward.com" > ./config/postfix-virtual.cf
|
||||
|
|
Loading…
Reference in a new issue