Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
opensmtpd-filter-rspamd: init at 0.1.7 (#122823)
- Loading branch information
Showing
5 changed files
with
175 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,142 @@ | ||
import ./make-test-python.nix { | ||
name = "opensmtpd-rspamd"; | ||
|
||
nodes = { | ||
smtp1 = { pkgs, ... }: { | ||
imports = [ common/user-account.nix ]; | ||
networking = { | ||
firewall.allowedTCPPorts = [ 25 143 ]; | ||
useDHCP = false; | ||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ | ||
{ address = "192.168.1.1"; prefixLength = 24; } | ||
]; | ||
}; | ||
environment.systemPackages = [ pkgs.opensmtpd ]; | ||
services.opensmtpd = { | ||
enable = true; | ||
extraServerArgs = [ "-v" ]; | ||
serverConfiguration = '' | ||
listen on 0.0.0.0 | ||
action dovecot_deliver mda \ | ||
"${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}" | ||
match from any for local action dovecot_deliver | ||
action do_relay relay | ||
# DO NOT DO THIS IN PRODUCTION! | ||
# Setting up authentication requires a certificate which is painful in | ||
# a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A | ||
# WELL-CONTROLLED ENVIRONMENT! | ||
match from any for any action do_relay | ||
''; | ||
}; | ||
services.dovecot2 = { | ||
enable = true; | ||
enableImap = true; | ||
mailLocation = "maildir:~/mail"; | ||
protocols = [ "imap" ]; | ||
}; | ||
}; | ||
|
||
smtp2 = { pkgs, ... }: { | ||
imports = [ common/user-account.nix ]; | ||
virtualisation.memorySize = 512; | ||
networking = { | ||
firewall.allowedTCPPorts = [ 25 143 ]; | ||
useDHCP = false; | ||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ | ||
{ address = "192.168.1.2"; prefixLength = 24; } | ||
]; | ||
}; | ||
environment.systemPackages = [ pkgs.opensmtpd ]; | ||
services.rspamd = { | ||
enable = true; | ||
locals."worker-normal.inc".text = '' | ||
bind_socket = "127.0.0.1:11333"; | ||
''; | ||
}; | ||
services.opensmtpd = { | ||
enable = true; | ||
extraServerArgs = [ "-v" ]; | ||
serverConfiguration = '' | ||
filter rspamd proc-exec "${pkgs.opensmtpd-filter-rspamd}/bin/filter-rspamd" | ||
listen on 0.0.0.0 filter rspamd | ||
action dovecot_deliver mda \ | ||
"${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}" | ||
match from any for local action dovecot_deliver | ||
''; | ||
}; | ||
services.dovecot2 = { | ||
enable = true; | ||
enableImap = true; | ||
mailLocation = "maildir:~/mail"; | ||
protocols = [ "imap" ]; | ||
}; | ||
}; | ||
|
||
client = { pkgs, ... }: { | ||
networking = { | ||
useDHCP = false; | ||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ | ||
{ address = "192.168.1.3"; prefixLength = 24; } | ||
]; | ||
}; | ||
environment.systemPackages = let | ||
sendTestMail = pkgs.writeScriptBin "send-a-test-mail" '' | ||
#!${pkgs.python3.interpreter} | ||
import smtplib, sys | ||
with smtplib.SMTP('192.168.1.1') as smtp: | ||
smtp.sendmail('alice@[192.168.1.1]', 'bob@[192.168.1.2]', """ | ||
From: alice@smtp1 | ||
To: bob@smtp2 | ||
Subject: Test | ||
Hello World | ||
Here goes the spam test | ||
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X | ||
""") | ||
''; | ||
|
||
checkMailBounced = pkgs.writeScriptBin "check-mail-bounced" '' | ||
#!${pkgs.python3.interpreter} | ||
import imaplib | ||
with imaplib.IMAP4('192.168.1.1', 143) as imap: | ||
imap.login('alice', 'foobar') | ||
imap.select() | ||
status, refs = imap.search(None, 'ALL') | ||
assert status == 'OK' | ||
assert len(refs) == 1 | ||
status, msg = imap.fetch(refs[0], 'BODY[TEXT]') | ||
assert status == 'OK' | ||
content = msg[0][1] | ||
print("===> content:", content) | ||
assert b"An error has occurred while attempting to deliver a message" in content | ||
''; | ||
in [ sendTestMail checkMailBounced ]; | ||
}; | ||
}; | ||
|
||
testScript = '' | ||
start_all() | ||
client.wait_for_unit("network-online.target") | ||
smtp1.wait_for_unit("opensmtpd") | ||
smtp2.wait_for_unit("opensmtpd") | ||
smtp2.wait_for_unit("rspamd") | ||
smtp2.wait_for_unit("dovecot2") | ||
# To prevent sporadic failures during daemon startup, make sure | ||
# services are listening on their ports before sending requests | ||
smtp1.wait_for_open_port(25) | ||
smtp2.wait_for_open_port(25) | ||
smtp2.wait_for_open_port(143) | ||
smtp2.wait_for_open_port(11333) | ||
client.succeed("send-a-test-mail") | ||
smtp1.wait_until_fails("smtpctl show queue | egrep .") | ||
client.succeed("check-mail-bounced >&2") | ||
''; | ||
|
||
meta.timeout = 1800; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
{ lib | ||
, buildGoModule | ||
, fetchFromGitHub | ||
, nixosTests | ||
}: | ||
|
||
buildGoModule rec { | ||
pname = "opensmtpd-filter-rspamd"; | ||
version = "0.1.7"; | ||
|
||
src = fetchFromGitHub { | ||
owner = "poolpOrg"; | ||
repo = "filter-rspamd"; | ||
rev = "v${version}"; | ||
sha256 = "pcHj4utpf/AIUv8/7mE8BLbE8LYkzNKfc4T4hIHgGeI="; | ||
}; | ||
|
||
vendorSha256 = "sNF2c+22FMvKoROkA/3KtSnRdJh4YZLaIx35HD896HI="; | ||
|
||
passthru.tests = { | ||
opensmtpd-rspamd-integration = nixosTests.opensmtpd-rspamd; | ||
}; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/poolpOrg/filter-rspamd"; | ||
description = "OpenSMTPD filter integration for the Rspamd daemon"; | ||
license = licenses.isc; | ||
maintainers = with maintainers; [ Flakebi ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters