[pmg-api.git] / src / tests / test_greylist.pl

#!/usr/bin/perl

use strict;
use warnings;
use lib '..';

use Socket;
use IO::Socket::INET;
use DBI;

use PVE::SafeSyslog;

use PMG::DBTools;
use PMG::RuleDB;

my $greylist_delay = 3*60;
my $greylist_lifetime = 3600*24*2; #retry window
my $greylist_awlifetime = 3600*24*36;

initlog($0, 'mail');

my $testdb = 'Proxmox_testdb';
my $testport = 10122;
my $testpidfn = "greylist-test-$$.pid";

system ("perl -I.. ../bin/pmgpolicy -d $testdb -t --port $testport --pidfile '$testpidfn'");

sub exit_test_pmgpolicy {
    my $pid = PVE::Tools::file_read_firstline($testpidfn);
    die "could not read pidfile: $!\n" if !$pid;

    die "could not find pid in pidfile\n" if $pid !~ m/^(\d+)$/;
    $pid = $1;

    kill ('TERM', $pid);
    unlink($testpidfn);
}

sub reset_gldb {
    my $dbh = PMG::DBTools::open_ruledb($testdb);
    $dbh->do ("DELETE FROM CGreylist");
    $dbh->disconnect();
}

reset_gldb();

my $sock = IO::Socket::INET->new(
    PeerAddr => '127.0.0.1',
    PeerPort => $testport) ||
    die "unable to open socket -  $!";

$/ = "\n\n";

my $testtime = 1;
my $starttime = $testtime;

my $icount = 0;

sub gltest {
    my ($data, $ttime, $eres) = @_;

    $icount++;

    print $sock "testtime=$ttime\ninstance=$icount\n$data\n";
    $sock->flush;
    my $res = <$sock>;
    chomp $res;
    if ($res !~ m/^action=$eres(\s.*)?/) {
	my $timediff = $ttime - $starttime;
	exit_test_pmgpolicy();
	die "unexpected result at time $timediff: $res != $eres\n$data"
    }
}

# a normal record

my $data = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=1.2.3.4
client_name=test.domain.tld
helo_name=test.domain.tld
sender=test1\@test.domain.tld
recipient=test1\@proxmox.com
_EOD

# time 0
reset_gldb ();
gltest ($data, $testtime, 'defer');
gltest ($data, $testtime+$greylist_delay-3, 'defer');
gltest ($data, $testtime+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime-1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');

# time 0
reset_gldb ();
gltest ($data, $testtime, 'defer');
gltest ($data, $testtime+$greylist_delay-3, 'defer');
gltest ($data, $testtime+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');

# a record with sender = <> (bounce)

$data = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=1.2.3.4
client_name=test.domain.tld
helo_name=test.domain.tld
sender=
recipient=test1\@proxmox.com
_EOD

# time 0
reset_gldb ();

gltest ($data, $testtime, 'defer');
gltest ($data, $testtime+$greylist_delay-3, 'defer');
gltest ($data, $testtime+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime-1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime+1, 'defer');

# time 0
reset_gldb ();

gltest ($data, $testtime, 'defer');
gltest ($data, $testtime+$greylist_delay-3, 'defer');
gltest ($data, $testtime+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+2, 'defer');

# greylist ipv6
my $data6 = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=2001:db8::1
client_name=test.domain.tld
helo_name=test.domain.tld
sender=test1\@test.domain.tld
recipient=test1\@proxmox.com
_EOD

# time 0
reset_gldb ();
gltest ($data6, $testtime, 'defer');
gltest ($data6, $testtime+$greylist_delay-3, 'defer');
gltest ($data6, $testtime+$greylist_delay-1, 'defer');
gltest ($data6, $testtime+$greylist_lifetime-1, 'dunno');
gltest ($data6, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1, 'dunno');
gltest ($data6, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');

# time 0
reset_gldb ();
gltest ($data6, $testtime, 'defer');
gltest ($data6, $testtime+$greylist_delay-3, 'defer');
gltest ($data6, $testtime+$greylist_delay-1, 'defer');
gltest ($data6, $testtime+$greylist_lifetime+1, 'defer');
gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1, 'dunno');
gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');


my $testdomain = "interspar.at";
my $testipok = "68.232.133.35";
my $testipfail = "1.2.3.4";

my $data_ok = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=$testipok
helo_name=$testdomain
sender=xyz\@$testdomain
recipient=testspf\@maurer-it.com
_EOD

gltest ($data_ok, $testtime, 'prepend'); # helo pass

$data_ok = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=$testipok
helo_name=
sender=xyz\@$testdomain
recipient=testspf\@proxmox.com
_EOD

gltest ($data_ok, $testtime, 'prepend'); # mform pass

$data_ok = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=88.198.105.243
helo_name=
sender=xyz\@$testdomain
recipient=testspf\@maurer-it.com
_EOD

# we currently hav no backup mx, so we can't test this
#gltest ($data_ok, $testtime, 'dunno'); # mail from backup mx

$testdomain = "openspf.org"; # rejects everything

my $data_fail = <<_EOD;
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
client_address=$testipfail
helo_name=$testdomain
sender=xyz\@$testdomain
recipient=testspf\@maurer-it.com
_EOD

gltest ($data_fail, $testtime, 'reject');

exit_test_pmgpolicy();

print "ALL TESTS OK\n";

$sock->close();

exit (0);
Commit	Line	Data
a75bd17b DM	1	#!/usr/bin/perl
	2
	3	use strict;
	4	use warnings;
7f0a6c36 DM	5	use lib '..';
7f0a6c36 DM	6
a75bd17b DM	7	use Socket;
	8	use IO::Socket::INET;
	9	use DBI;
	10
	11	use PVE::SafeSyslog;
	12
	13	use PMG::DBTools;
	14	use PMG::RuleDB;
	15
	16	my $greylist_delay = 3*60;
	17	my $greylist_lifetime = 3600242; #retry window
	18	my $greylist_awlifetime = 36002436;
	19
	20	initlog($0, 'mail');
	21
7e293a63 TL	22	my $testdb = 'Proxmox_testdb';
	23	my $testport = 10122;
	24	my $testpidfn = "greylist-test-$$.pid";
a75bd17b	25
7e293a63	26	system ("perl -I.. ../bin/pmgpolicy -d $testdb -t --port $testport --pidfile '$testpidfn'");
a75bd17b	27
fbe17229 SI	28	sub exit_test_pmgpolicy {
	29	my $pid = PVE::Tools::file_read_firstline($testpidfn);
	30	die "could not read pidfile: $!\n" if !$pid;
	31
	32	die "could not find pid in pidfile\n" if $pid !~ m/^(\d+)$/;
	33	$pid = $1;
	34
	35	kill ('TERM', $pid);
	36	unlink($testpidfn);
	37	}
	38
a75bd17b	39	sub reset_gldb {
7e293a63	40	my $dbh = PMG::DBTools::open_ruledb($testdb);
a75bd17b DM	41	$dbh->do ("DELETE FROM CGreylist");
	42	$dbh->disconnect();
	43	}
	44
	45	reset_gldb();
	46
	47	my $sock = IO::Socket::INET->new(
7e293a63 TL	48	PeerAddr => '127.0.0.1',
7e293a63 TL	49	PeerPort => $testport) \|\|
a75bd17b DM	50	die "unable to open socket - $!";
	51
	52	$/ = "\n\n";
	53
	54	my $testtime = 1;
	55	my $starttime = $testtime;
	56
	57	my $icount = 0;
	58
	59	sub gltest {
	60	my ($data, $ttime, $eres) = @_;
7e293a63	61
a75bd17b DM	62	$icount++;
	63
	64	print $sock "testtime=$ttime\ninstance=$icount\n$data\n";
	65	$sock->flush;
	66	my $res = <$sock>;
	67	chomp $res;
e68a3b47 SI	68	if ($res !~ m/^action=$eres(\s.*)?/) {
e68a3b47 SI	69	my $timediff = $ttime - $starttime;
fbe17229	70	exit_test_pmgpolicy();
e68a3b47 SI	71	die "unexpected result at time $timediff: $res != $eres\n$data"
e68a3b47 SI	72	}
a75bd17b DM	73	}
	74
	75	# a normal record
	76
	77	my $data = <<_EOD;
	78	request=smtpd_access_policy
	79	protocol_state=RCPT
	80	protocol_name=SMTP
	81	client_address=1.2.3.4
	82	client_name=test.domain.tld
	83	helo_name=test.domain.tld
	84	sender=test1\@test.domain.tld
	85	recipient=test1\@proxmox.com
	86	_EOD
	87
	88	# time 0
	89	reset_gldb ();
	90	gltest ($data, $testtime, 'defer');
	91	gltest ($data, $testtime+$greylist_delay-3, 'defer');
	92	gltest ($data, $testtime+$greylist_delay-1, 'defer');
	93	gltest ($data, $testtime+$greylist_lifetime-1, 'dunno');
	94	gltest ($data, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1, 'dunno');
	95	gltest ($data, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');
	96
	97	# time 0
	98	reset_gldb ();
	99	gltest ($data, $testtime, 'defer');
	100	gltest ($data, $testtime+$greylist_delay-3, 'defer');
	101	gltest ($data, $testtime+$greylist_delay-1, 'defer');
	102	gltest ($data, $testtime+$greylist_lifetime+1, 'defer');
	103	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
	104	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
	105	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1, 'dunno');
	106	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');
	107
	108	# a record with sender = <> (bounce)
	109
	110	$data = <<_EOD;
	111	request=smtpd_access_policy
	112	protocol_state=RCPT
	113	protocol_name=SMTP
	114	client_address=1.2.3.4
	115	client_name=test.domain.tld
	116	helo_name=test.domain.tld
	117	sender=
	118	recipient=test1\@proxmox.com
	119	_EOD
	120
	121	# time 0
	122	reset_gldb ();
	123
	124	gltest ($data, $testtime, 'defer');
	125	gltest ($data, $testtime+$greylist_delay-3, 'defer');
	126	gltest ($data, $testtime+$greylist_delay-1, 'defer');
	127	gltest ($data, $testtime+$greylist_lifetime-1, 'dunno');
	128	gltest ($data, $testtime+$greylist_lifetime+1, 'defer');
	129
	130	# time 0
	131	reset_gldb ();
	132
	133	gltest ($data, $testtime, 'defer');
	134	gltest ($data, $testtime+$greylist_delay-3, 'defer');
	135	gltest ($data, $testtime+$greylist_delay-1, 'defer');
	136	gltest ($data, $testtime+$greylist_lifetime+1, 'defer');
137	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
138	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
139	gltest ($data, $testtime+$greylist_lifetime+1+$greylist_delay+2, 'defer');
140
951a5ed9 SI	141	# greylist ipv6
	142	my $data6 = <<_EOD;
	143	request=smtpd_access_policy
	144	protocol_state=RCPT
	145	protocol_name=SMTP
	146	client_address=2001:db8::1
	147	client_name=test.domain.tld
	148	helo_name=test.domain.tld
	149	sender=test1\@test.domain.tld
	150	recipient=test1\@proxmox.com
	151	_EOD
	152
	153	# time 0
	154	reset_gldb ();
	155	gltest ($data6, $testtime, 'defer');
	156	gltest ($data6, $testtime+$greylist_delay-3, 'defer');
	157	gltest ($data6, $testtime+$greylist_delay-1, 'defer');
	158	gltest ($data6, $testtime+$greylist_lifetime-1, 'dunno');
	159	gltest ($data6, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1, 'dunno');
	160	gltest ($data6, $testtime+$greylist_lifetime-1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');
	161
	162	# time 0
	163	reset_gldb ();
	164	gltest ($data6, $testtime, 'defer');
	165	gltest ($data6, $testtime+$greylist_delay-3, 'defer');
	166	gltest ($data6, $testtime+$greylist_delay-1, 'defer');
	167	gltest ($data6, $testtime+$greylist_lifetime+1, 'defer');
	168	gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay-1, 'defer');
	169	gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1, 'dunno');
	170	gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1, 'dunno');
	171	gltest ($data6, $testtime+$greylist_lifetime+1+$greylist_delay+1+$greylist_awlifetime-1+$greylist_awlifetime, 'defer');
	172
a75bd17b DM	173
	174	my $testdomain = "interspar.at";
	175	my $testipok = "68.232.133.35";
	176	my $testipfail = "1.2.3.4";
	177
	178	my $data_ok = <<_EOD;
	179	request=smtpd_access_policy
	180	protocol_state=RCPT
	181	protocol_name=SMTP
	182	client_address=$testipok
	183	helo_name=$testdomain
	184	sender=xyz\@$testdomain
	185	recipient=testspf\@maurer-it.com
	186	_EOD
	187
	188	gltest ($data_ok, $testtime, 'prepend'); # helo pass
	189
	190	$data_ok = <<_EOD;
	191	request=smtpd_access_policy
	192	protocol_state=RCPT
	193	protocol_name=SMTP
	194	client_address=$testipok
	195	helo_name=
	196	sender=xyz\@$testdomain
	197	recipient=testspf\@proxmox.com
	198	_EOD
	199
	200	gltest ($data_ok, $testtime, 'prepend'); # mform pass
	201
	202	$data_ok = <<_EOD;
	203	request=smtpd_access_policy
	204	protocol_state=RCPT
	205	protocol_name=SMTP
	206	client_address=88.198.105.243
	207	helo_name=
	208	sender=xyz\@$testdomain
	209	recipient=testspf\@maurer-it.com
	210	_EOD
	211
1359baef	212	# we currently hav no backup mx, so we can't test this
a75bd17b DM	213	#gltest ($data_ok, $testtime, 'dunno'); # mail from backup mx
	214
	215	$testdomain = "openspf.org"; # rejects everything
	216
	217	my $data_fail = <<_EOD;
	218	request=smtpd_access_policy
	219	protocol_state=RCPT
	220	protocol_name=SMTP
	221	client_address=$testipfail
	222	helo_name=$testdomain
	223	sender=xyz\@$testdomain
	224	recipient=testspf\@maurer-it.com
	225	_EOD
	226
	227	gltest ($data_fail, $testtime, 'reject');
	228
fbe17229	229	exit_test_pmgpolicy();
a75bd17b DM	230
	231	print "ALL TESTS OK\n";
	232
7e293a63	233	$sock->close();
b1060628	234
a75bd17b	235	exit (0);