Permalink
Browse files

Merge branch 'auth' into naughty

  • Loading branch information...
2 parents 7720e04 + 30e0eba commit f48ed400caa0e4c706437f0e176624b97e73c061 @msimerson committed Jun 7, 2012
@@ -1,2 +1,4 @@
+# used by plugins/auth/auth_flat_file
+# example entries
good@example.com:good_pass
bad@example.com:bad_pass
View
@@ -45,6 +45,10 @@ check_spamhelo
# sender_permitted_from
# greylisting p0f genre,windows
+#auth/auth_checkpassword checkpw /usr/local/vpopmail/bin/vchkpw true /usr/bin/true
+#auth/auth_vpopmail
+#auth/auth_vpopmaild
+#auth/auth_vpopmail_sql
auth/auth_flat_file
auth/authdeny
@@ -0,0 +1 @@
+/usr/local/vpopmail/bin/vchkpw /bin/true
@@ -124,6 +124,7 @@ sub auth_checkpassword {
my $binary = $self->connection->notes('auth_checkpassword_bin');
my $true = $self->connection->notes('auth_checkpassword_true');
+ chomp ($binary, $true);
my $sudo = get_sudo($binary);
@@ -45,7 +45,7 @@ use warnings;
use Qpsmtpd::Auth;
use Qpsmtpd::Constants;
-#use vpopmail; # we eval this in $test_vpopmail
+#use vpopmail; # we eval this in $test_vpopmail_module
sub register {
my ($self, $qp) = @_;
@@ -86,7 +86,7 @@ sub test_vpopmail_module {
my $self = shift;
# vpopmail will not allow vauth_getpw to succeed unless the requesting user is vpopmail or root.
# by default, qpsmtpd runs as the user 'qpsmtpd' and does not have permission.
- eval "use vpopmail";
+ eval 'use vpopmail';
if ( $@ ) {
$self->log(LOGERROR, "skip: is vpopmail perl module installed?");
return;
@@ -69,11 +69,18 @@ use warnings;
use Qpsmtpd::Auth;
use Qpsmtpd::Constants;
-use DBI;
+#use DBI; # done in ->register
sub register {
my ( $self, $qp ) = @_;
+ eval 'use DBI';
+ if ( $@ ) {
+ warn "plugin disabled. is DBI installed?\n";
+ $self->log(LOGERROR, "skip: plugin disabled. is DBI installed?\n");
+ return;
+ };
+
$self->register_hook('auth-plain', 'auth_vmysql');
$self->register_hook('auth-login', 'auth_vmysql');
$self->register_hook('auth-cram-md5', 'auth_vmysql');
View
@@ -69,6 +69,7 @@ sub input {
}
sub config_dir {
+ return './t/config' if $ENV{QPSMTPD_DEVELOPER};
'./config.sample';
}
View
@@ -5,8 +5,10 @@ package Test::Qpsmtpd::Plugin;
package Qpsmtpd::Plugin;
use strict;
-use Test::More;
+use warnings;
+
use Qpsmtpd::Constants;
+use Test::More;
sub register_tests {
# Virtual base method - implement in plugin
View
@@ -5,12 +5,17 @@ use strict;
use lib 't';
use_ok('Test::Qpsmtpd');
+my @mes;
+
BEGIN { # need this to happen before anything else
my $cwd = `pwd`;
chomp($cwd);
- open my $me_config, '>', "./config.sample/me";
- print $me_config "some.host.example.org";
- close $me_config;
+ @mes = qw{ ./config.sample/me ./t/config/me };
+ foreach my $f ( @mes ) {
+ open my $me_config, '>', $f;
+ print $me_config "some.host.example.org";
+ close $me_config;
+ };
}
ok(my ($smtpd, $conn) = Test::Qpsmtpd->new_conn(), "get new connection");
@@ -22,6 +27,8 @@ is($smtpd->config('me'), 'some.host.example.org', 'config("me")');
my $relayclients = join ",", sort $smtpd->config('relayclients');
is($relayclients, '127.0.0.1,192.168.', 'config("relayclients") are trimmed');
-unlink "./config.sample/me";
+foreach my $f ( @mes ) {
+ unlink $f if -f $f;
+};
View
@@ -0,0 +1,4 @@
+# these domains never uses their domain when greeting us, so reject transactions
+aol.com
+yahoo.com
+
View
@@ -0,0 +1,9 @@
+######## entries used for testing ###
+bad@example.com
+@bad.example.com
+######## Example patterns #######
+# Format is pattern\s+Response
+# Don't forget to anchor the pattern if required
+! Sorry, bang paths not accepted here
+@.*@ Sorry, multiple at signs not accepted here
+% Sorry, percent hack not accepted here
View
@@ -0,0 +1 @@
+zen.spamhaus.org
View
@@ -0,0 +1,2 @@
+good@example.com:good_pass
+bad@example.com:bad_pass
@@ -0,0 +1,6 @@
+# include full network block including mask
+127.0.0.0/8
+0.0.0.0/8
+224.0.0.0/4
+169.254.0.0/16
+10.0.0.0/8
View
@@ -0,0 +1,94 @@
+#
+# Example configuration file for plugins
+#
+
+# enable this to get configuration via http; see perldoc
+# plugins/http_config for details.
+# http_config http://localhost/~smtpd/config/ http://www.example.com/smtp.pl?config=
+
+# hosts_allow does not work with the tcpserver deployment model!
+# perldoc plugins/hosts_allow for an alternative.
+#
+# The hosts_allow module must be loaded if you want the -m / --max-from-ip /
+# my $MAXCONNIP = 5; # max simultaneous connections from one IP
+# settings... without this it will NOT refuse more than $MAXCONNIP connections
+# from one IP!
+hosts_allow
+
+# information plugins
+ident/geoip
+#ident/p0f /tmp/.p0f_socket version 3
+connection_time
+
+# enable to accept MAIL FROM:/RCPT TO: addresses without surrounding <>
+dont_require_anglebrackets
+
+# enable to reject MAIL FROM:/RCPT TO: parameters if client helo was HELO
+# (strict RFC 821)... this is not used in EHLO ...
+parse_addr_withhelo
+
+quit_fortune
+# tls should load before count_unrecognized_commands
+#tls
+check_earlytalker
+count_unrecognized_commands 4
+check_relay
+
+require_resolvable_fromhost
+
+rhsbl
+dnsbl
+check_badmailfrom
+check_badrcptto
+check_spamhelo
+
+sender_permitted_from
+greylisting p0f genre,windows
+
+auth/auth_checkpassword checkpw /usr/local/vpopmail/bin/vchkpw true /usr/bin/true
+auth/auth_vpopmail
+auth/auth_vpopmaild
+auth/auth_vpopmail_sql
+auth/auth_flat_file
+auth/authdeny
+
+# this plugin needs to run after all other "rcpt" plugins
+rcpt_ok
+
+check_basicheaders days 5 reject_type temp
+domainkeys
+
+# content filters
+virus/klez_filter
+
+
+# You can run the spamassassin plugin with options. See perldoc
+# plugins/spamassassin for details.
+#
+spamassassin
+
+# rejects mails with a SA score higher than 20 and munges the subject
+# of the score is higher than 10.
+#
+# spamassassin reject_threshold 20 munge_subject_threshold 10
+
+# dspam must run after spamassassin for the learn_from_sa feature to work
+dspam learn_from_sa 7 reject 1
+
+# run the clamav virus checking plugin
+virus/clamav
+
+# You must enable a queue plugin - see the options in plugins/queue/ - for example:
+
+# queue to a maildir
+# queue/maildir /home/spamtrap/mail
+
+# queue the mail with qmail-queue
+queue/qmail-queue
+
+
+# If you need to run the same plugin multiple times, you can do
+# something like the following
+# check_relay
+# check_relay:0 somearg
+# check_relay:1 someotherarg
View
@@ -0,0 +1 @@
+localhost
View
@@ -0,0 +1,5 @@
+# Format is IP, or IP part with trailing dot
+# e.g. "127.0.0.1", or "192.168."
+127.0.0.1
+# leading/trailing whitespace is ignored
+ 192.168.
View
@@ -7,3 +7,11 @@ my $qp = Test::Qpsmtpd->new();
$qp->run_plugin_tests();
+foreach my $file (
+ "./t/config/greylist.dbm",
+ "./t/config/greylist.dbm.lock"
+ ) {
+ next if ! -f $file;
+ unlink $file;
+};
+
@@ -23,7 +23,7 @@ sub test_auth_vpopmail {
if ( ! $self->test_vpopmail_module ) {
warn "vpopmail plugin not configured\n";
- foreach ( 0..2) { ok( 1, "test_auth_vpopmail, skipped") };
+ foreach ( 0..2) { ok( 1, "skipped") };
return;
};
@@ -6,6 +6,11 @@ use warnings;
sub register_tests {
my $self = shift;
+ eval 'use DBI';
+ if ( $@ ) {
+ warn "skipping auth_vpopmail_sql tests, is DBI installed?\n";
+ return;
+ };
$self->register_test("auth_vpopmail_sql", 3);
}
@@ -15,7 +20,7 @@ sub auth_vpopmail_sql {
my $dbh = $self->get_db_handle() or do {
foreach ( 0..2 ) {
- ok( 1, "auth_vpopmail_sql, skipped (no DB)" );
+ ok( 1, "skipped (no DB)" );
};
return;
};
@@ -24,11 +29,11 @@ sub auth_vpopmail_sql {
my $vuser = $self->get_vpopmail_user( $dbh, 'postmaster@example.com' );
if ( ! $vuser || ! $vuser->{pw_passwd} ) {
foreach ( 0..1 ) {
- ok( 1, "auth_vpopmail_sql, no example.com domain" );
+ ok( 1, "no example.com domain" );
};
return;
};
- ok( ref $vuser, "auth_vpopmail_sql, found example.com domain" );
+ ok( ref $vuser, "found example.com domain" );
ok( $self->auth_vmysql(
$self->qp->transaction,
@@ -38,6 +43,6 @@ sub auth_vpopmail_sql {
$vuser->{pw_passwd},
$ticket,
),
- "auth_vpopmail_sql, postmaster"
+ "postmaster"
);
}

0 comments on commit f48ed40

Please sign in to comment.