From 1705dd20918634cfce236049e47d0fe43753dbc8 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 19 May 2015 20:28:42 +0100 Subject: Change HELO-verify forward case from byname to bydns and add DNSSEC tracking --- test/confs/0608 | 24 ++++++++++++++++++++++++ test/dnszones-src/db.test.ex | 2 ++ test/log/0608 | 3 +++ test/scripts/0000-Basic/0608 | 20 ++++++++++++++++++++ test/stderr/0070 | 15 +++++++++------ test/stdout/0608 | 14 ++++++++++++++ 6 files changed, 72 insertions(+), 6 deletions(-) create mode 100644 test/confs/0608 create mode 100644 test/log/0608 create mode 100644 test/scripts/0000-Basic/0608 create mode 100644 test/stdout/0608 (limited to 'test') diff --git a/test/confs/0608 b/test/confs/0608 new file mode 100644 index 000000000..d04dc369f --- /dev/null +++ b/test/confs/0608 @@ -0,0 +1,24 @@ +# Exim test configuration 0608 + +exim_path = EXIM_PATH +host_lookup_order = bydns +primary_hostname = myhost.test.ex +spool_directory = DIR/spool +log_file_path = DIR/spool/log/%slog +gecos_pattern = "" +gecos_name = CALLER_NAME + +# ----- Main settings ----- + +acl_smtp_helo = check_helo + + +# ----- ACLs ----- + +begin acl + +check_helo: + require verify = helo + accept logwrite = helo $sender_helo_name dnssec <$sender_helo_dnssec> + +# End diff --git a/test/dnszones-src/db.test.ex b/test/dnszones-src/db.test.ex index da084529f..9cc709ecc 100644 --- a/test/dnszones-src/db.test.ex +++ b/test/dnszones-src/db.test.ex @@ -406,6 +406,8 @@ DNSSEC mx-sec-a-sec MX 5 a-sec a-unsec A V4NET.0.0.100 DNSSEC a-sec A V4NET.0.0.100 +DNSSEC l-sec A 127.0.0.1 + ; ------- Testing DANE ------------ ; full suite dns chain, sha512 diff --git a/test/log/0608 b/test/log/0608 new file mode 100644 index 000000000..7d807e8f0 --- /dev/null +++ b/test/log/0608 @@ -0,0 +1,3 @@ +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 helo localhost dnssec +1999-03-02 09:44:33 helo l-sec dnssec diff --git a/test/scripts/0000-Basic/0608 b/test/scripts/0000-Basic/0608 new file mode 100644 index 000000000..1715fd200 --- /dev/null +++ b/test/scripts/0000-Basic/0608 @@ -0,0 +1,20 @@ +# HELO verify dnssec +# Exim test configuration 0608 +# +exim -DSERVER=server -bd -oX PORT_D +**** +# +client 127.0.0.1 PORT_D +??? 220 +HELO localhost +??? 250 +**** +# +client 127.0.0.1 PORT_D +??? 220 +HELO l-sec +??? 250 +**** +# +killdaemon +no_msglog_check diff --git a/test/stderr/0070 b/test/stderr/0070 index 2bf1e9cdf..c50f93612 100644 --- a/test/stderr/0070 +++ b/test/stderr/0070 @@ -137,10 +137,10 @@ MUNGED: ::1 will be omitted in what follows >>> matched alias ten-3-alias.test.ex >>> verifying EHLO/HELO argument "ten-3xtra.test.ex" >>> getting IP address for ten-3xtra.test.ex -MUNGED: ::1 will be omitted in what follows ->>> get[host|ipnode]byname[2] looked up these IP addresses: ->>> name=ten-3xtra.test.ex address=V4NET.0.0.3 +>>> ten-3xtra.test.ex in ""? no (end of list) +>>> ten-3xtra.test.ex in "*"? yes (matched "*") >>> IP address for ten-3xtra.test.ex matches calling address +>>> Forward DNS security status: unverified >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) >>> host in host_reject_connection? no (option unset) @@ -158,7 +158,8 @@ MUNGED: ::1 will be omitted in what follows >>> checking addresses for ten-1.test.ex >>> V4NET.0.0.1 OK >>> getting IP address for rhubarb ->>> no IP address found for host rhubarb (during SMTP connection from (rhubarb) [V4NET.0.0.1]) +>>> rhubarb in ""? no (end of list) +>>> rhubarb in "*"? yes (matched "*") LOG: rejected "EHLO rhubarb" from (rhubarb) [V4NET.0.0.1] >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) @@ -178,7 +179,8 @@ MUNGED: ::1 will be omitted in what follows >>> looking up host name for 99.99.99.99 >>> Test harness: host name lookup returns DEFER >>> getting IP address for rhubarb ->>> no IP address found for host rhubarb (during SMTP connection from (rhubarb) [99.99.99.99]) +>>> rhubarb in ""? no (end of list) +>>> rhubarb in "*"? yes (matched "*") LOG: temporarily rejected "EHLO rhubarb" from (rhubarb) [99.99.99.99] >>> host in hosts_connection_nolog? no (option unset) >>> host in host_lookup? no (option unset) @@ -264,7 +266,8 @@ MUNGED: ::1 will be omitted in what follows >>> looking up host name for 99.99.99.99 >>> Test harness: host name lookup returns DEFER >>> getting IP address for rhubarb ->>> no IP address found for host rhubarb (during SMTP connection from (rhubarb) [99.99.99.99]) +>>> rhubarb in ""? no (end of list) +>>> rhubarb in "*"? yes (matched "*") >>> require: condition test failed in ACL "rcpt" >>> end of ACL "rcpt": not OK LOG: H=(rhubarb) [99.99.99.99] F= rejected RCPT : helo not verified diff --git a/test/stdout/0608 b/test/stdout/0608 new file mode 100644 index 000000000..9681d83d6 --- /dev/null +++ b/test/stdout/0608 @@ -0,0 +1,14 @@ +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> HELO localhost +??? 250 +<<< 250 myhost.test.ex Hello localhost [127.0.0.1] +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> HELO l-sec +??? 250 +<<< 250 myhost.test.ex Hello localhost [127.0.0.1] +End of script -- cgit v1.2.3