mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Added tests for SMTP auth
This commit is contained in:
parent
796699f0f1
commit
e97ce868eb
|
@ -30,7 +30,6 @@ smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
|
||||||
smtpd_sender_restrictions = permit_mynetworks
|
smtpd_sender_restrictions = permit_mynetworks
|
||||||
smtp_tls_security_level = may
|
smtp_tls_security_level = may
|
||||||
smtp_tls_loglevel = 1
|
smtp_tls_loglevel = 1
|
||||||
smtpd_tls_auth_only = yes
|
|
||||||
tls_ssl_options = NO_COMPRESSION
|
tls_ssl_options = NO_COMPRESSION
|
||||||
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
|
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
|
||||||
smtpd_tls_protocols=!SSLv2,!SSLv3
|
smtpd_tls_protocols=!SSLv2,!SSLv3
|
||||||
|
@ -40,6 +39,9 @@ smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
|
||||||
smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL
|
smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL
|
||||||
|
|
||||||
# SASL
|
# SASL
|
||||||
|
smtp_sasl_auth_enable = yes
|
||||||
|
smtp_sasl_type = cyrus
|
||||||
|
smtp_sasl_security_options = noanonymous
|
||||||
smtpd_sasl_auth_enable = yes
|
smtpd_sasl_auth_enable = yes
|
||||||
smtpd_sasl_path = smtpd
|
smtpd_sasl_path = smtpd
|
||||||
smtpd_sasl_type = cyrus
|
smtpd_sasl_type = cyrus
|
||||||
|
|
26
test/auth/smtp-auth-cram-md5.txt
Normal file
26
test/auth/smtp-auth-cram-md5.txt
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# This is the output of a manual test.
|
||||||
|
# CRAM-MD5 is not (yet) testable with telnet.
|
||||||
|
#
|
||||||
|
# # telnet localhost 25
|
||||||
|
# Trying ::1...
|
||||||
|
# Connected to localhost.
|
||||||
|
# Escape character is '^]'.
|
||||||
|
# 220 mail.my-domain.com ESMTP Postfix (Ubuntu)
|
||||||
|
# ehlo test
|
||||||
|
# 250-mail.my-domain.com
|
||||||
|
# 250-PIPELINING
|
||||||
|
# 250-SIZE 10240000
|
||||||
|
# 250-VRFY
|
||||||
|
# 250-ETRN
|
||||||
|
# 250-STARTTLS
|
||||||
|
# 250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5
|
||||||
|
# 250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5
|
||||||
|
# 250-ENHANCEDSTATUSCODES
|
||||||
|
# 250-8BITMIME
|
||||||
|
# 250 DSN
|
||||||
|
# AUTH CRAM-MD5
|
||||||
|
# 334 PDIxMDMyODkzMTMuMTA2Mzg2MjhAbWFpbC5teS1kb21haW4uY29tPg==
|
||||||
|
# dXNlcjFAbG9jYWxob3N0LmxvY2FsZG9tYWluIGJlYjUxNzg4OGE5ZWI0OGM1NjQ2MTYwZGY3NTY1ZWNh
|
||||||
|
# 235 2.7.0 Authentication successful
|
||||||
|
# QUIT
|
||||||
|
# 221 2.0.0 Bye
|
4
test/auth/smtp-auth-login.txt
Normal file
4
test/auth/smtp-auth-login.txt
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
EHLO mail
|
||||||
|
AUTH LOGIN dXNlcjFAbG9jYWxob3N0LmxvY2FsZG9tYWlu
|
||||||
|
bXlwYXNzd29yZA==
|
||||||
|
QUIT
|
3
test/auth/smtp-auth-plain.txt
Normal file
3
test/auth/smtp-auth-plain.txt
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
EHLO mail
|
||||||
|
AUTH PLAIN dXNlcjFAbG9jYWxob3N0LmxvY2FsZG9tYWluAHVzZXIxQGxvY2FsaG9zdC5sb2NhbGRvbWFpbgBteXBhc3N3b3Jk
|
||||||
|
QUIT
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Set up test framework
|
# Set up test framework
|
||||||
wget -q https://raw.github.com/lehmannro/assert.sh/master/assert.sh -O assert.sh
|
|
||||||
source assert.sh
|
source assert.sh
|
||||||
|
|
||||||
# Testing that services are running
|
# Testing that services are running
|
||||||
|
@ -12,11 +11,13 @@ assert_raises "docker exec mail ps aux --forest | grep '/usr/sbin/amavisd-new'"
|
||||||
|
|
||||||
# Testing IMAP server
|
# Testing IMAP server
|
||||||
assert_raises "docker exec mail nc -w 1 0.0.0.0 143 | grep '* OK' | grep 'STARTTLS' | grep 'Courier-IMAP ready'" 0
|
assert_raises "docker exec mail nc -w 1 0.0.0.0 143 | grep '* OK' | grep 'STARTTLS' | grep 'Courier-IMAP ready'" 0
|
||||||
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 143 < /tmp/test/email-templates/test-imap.txt'" 0
|
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 143 < /tmp/test/auth/imap-auth.txt'" 0
|
||||||
|
|
||||||
# Testing SASL
|
# Testing SASL
|
||||||
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p mypassword | grep 'OK \"Success.\"'" 0
|
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p mypassword | grep 'OK \"Success.\"'" 0
|
||||||
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p BADPASSWORD | grep 'NO \"authentication failed\"'" 0
|
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p BADPASSWORD | grep 'NO \"authentication failed\"'" 0
|
||||||
|
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-plain.txt' | grep 'Authentication successful'"
|
||||||
|
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login.txt' | grep 'Authentication successful'"
|
||||||
|
|
||||||
# Testing user creation
|
# Testing user creation
|
||||||
assert "docker exec mail sasldblistusers2" "user1@localhost.localdomain: userPassword\nuser2@otherdomain.tld: userPassword"
|
assert "docker exec mail sasldblistusers2" "user1@localhost.localdomain: userPassword\nuser2@otherdomain.tld: userPassword"
|
||||||
|
|
Loading…
Reference in a new issue