diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 19:59:03 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 19:59:03 +0000 |
commit | a848231ae0f346dc7cc000973fbeb65b0894ee92 (patch) | |
tree | 44b60b367c86723cc78383ef247885d72b388afe /src/smtpd/smtpd_dns_filter.ref | |
parent | Initial commit. (diff) | |
download | postfix-a848231ae0f346dc7cc000973fbeb65b0894ee92.tar.xz postfix-a848231ae0f346dc7cc000973fbeb65b0894ee92.zip |
Adding upstream version 3.8.5.upstream/3.8.5
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/smtpd/smtpd_dns_filter.ref')
-rw-r--r-- | src/smtpd/smtpd_dns_filter.ref | 163 |
1 files changed, 163 insertions, 0 deletions
diff --git a/src/smtpd/smtpd_dns_filter.ref b/src/smtpd/smtpd_dns_filter.ref new file mode 100644 index 0000000..ce1710f --- /dev/null +++ b/src/smtpd/smtpd_dns_filter.ref @@ -0,0 +1,163 @@ +>>> # +>>> # Initialize +>>> # +>>> client localhost 127.0.0.1 +OK +>>> smtpd_delay_reject 0 +OK +>>> # +>>> # Test reject_unknown_helo_hostname +>>> # +>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg +OK +>>> helo_restrictions reject_unknown_helo_hostname,permit +OK +>>> # EXPECT OK + "all MX records dropped" warning. +>>> helo xn--1xa.porcupine.org +./smtpd_check: ignoring DNS RR: xn--1xa.porcupine.org. TTL IN MX 10 spike.porcupine.org. +./smtpd_check: warning: xn--1xa.porcupine.org: address or MX lookup error: DNS reply filter drops all results +OK +>>> # EXPECT OK (nullmx has A record) +>>> helo nullmx.porcupine.org +OK +>>> # EXPECT reject (nxdomain is not filtered). +>>> helo nxdomain.porcupine.org +./smtpd_check: <queue id>: reject: HELO from localhost[127.0.0.1]: 450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found; proto=SMTP helo=<nxdomain.porcupine.org> +450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found +>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg +OK +>>> # EXPECT OK (host has AAAA record). +>>> mail user@spike.porcupine.org +OK +>>> helo spike.porcupine.org +./smtpd_check: ignoring DNS RR: spike.porcupine.org. TTL IN A 168.100.3.2 +OK +>>> # EXPECT OK + "all A records dropped" warning + no delayed reject. +>>> helo fist.porcupine.org +./smtpd_check: ignoring DNS RR: fist.porcupine.org. TTL IN A 168.100.3.4 +./smtpd_check: warning: fist.porcupine.org: address or MX lookup error: DNS reply filter drops all results +OK +>>> mail user@spike.porcupine.org +OK +>>> rcpt user@spike.porcupine.org +OK +>>> smtpd_dns_reply_filter regexp:../dns/error.reg +OK +>>> # EXPECT OK + "filter config error" warning + delayed reject. +>>> helo spike.porcupine.org +./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops" +./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops" +OK +>>> mail user@spike.porcupine.org +OK +>>> rcpt user@spike.porcupine.org +./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <spike.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> to=<user@spike.porcupine.org> proto=SMTP helo=<spike.porcupine.org> +450 4.7.1 <spike.porcupine.org>: Helo command rejected: Host not found +>>> # EXPECT OK + "filter config error" warning (nullmx has A record) + delayed reject. +>>> helo nullmx.porcupine.org +./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops" +OK +>>> mail user@spike.porcupine.org +OK +>>> rcpt user@spike.porcupine.org +./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <nullmx.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> to=<user@spike.porcupine.org> proto=SMTP helo=<nullmx.porcupine.org> +450 4.7.1 <nullmx.porcupine.org>: Helo command rejected: Host not found +>>> # EXPECT reject (nxdomain is not filtered). +>>> helo nxdomain.porcupine.org +./smtpd_check: <queue id>: reject: HELO from localhost[127.0.0.1]: 450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> proto=SMTP helo=<nxdomain.porcupine.org> +450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found +>>> # +>>> # Test reject_unknown_sender_domain (same code as +>>> # reject_unknown_recipient_domain). +>>> # +>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg +OK +>>> helo localhost +OK +>>> sender_restrictions reject_unknown_sender_domain +OK +>>> # EXPECT OK + "all MX records dropped" warning. +>>> mail user@xn--1xa.porcupine.org +./smtpd_check: ignoring DNS RR: xn--1xa.porcupine.org. TTL IN MX 10 spike.porcupine.org. +./smtpd_check: warning: xn--1xa.porcupine.org: MX or address lookup error: DNS reply filter drops all results +OK +>>> # EXPECT reject (nullmx is not filtered). +>>> mail user@nullmx.porcupine.org +./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX); from=<user@nullmx.porcupine.org> proto=SMTP helo=<localhost> +550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX) +>>> # EXPECT reject (nxdomain is not filtered). +>>> mail user@nxdomain.porcupine.org +./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost> +450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found +>>> # EXPECT OK +>>> mail user@localhost +OK +>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg +OK +>>> # EXPECT OK (host has AAAA record). +>>> mail user@spike.porcupine.org +./smtpd_check: ignoring DNS RR: spike.porcupine.org. TTL IN A 168.100.3.2 +OK +>>> # EXPECT OK + "all A records dropped" warning. +>>> mail user@fist.porcupine.org +./smtpd_check: ignoring DNS RR: fist.porcupine.org. TTL IN A 168.100.3.4 +./smtpd_check: warning: fist.porcupine.org: MX or address lookup error: DNS reply filter drops all results +OK +>>> smtpd_dns_reply_filter regexp:../dns/error.reg +OK +>>> # EXPECT OK + "filter config error" warning + delayed reject. +>>> mail user@xn--1xa.porcupine.org +./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops" +OK +>>> rcpt user +./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.1.8 <user@xn--1xa.porcupine.org>: Sender address rejected: Domain not found; from=<user@xn--1xa.porcupine.org> to=<user> proto=SMTP helo=<localhost> +450 4.1.8 <user@xn--1xa.porcupine.org>: Sender address rejected: Domain not found +>>> # EXPECT reject (nullmx is not filtered). +>>> mail user@nullmx.porcupine.org +./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX); from=<user@nullmx.porcupine.org> proto=SMTP helo=<localhost> +550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX) +>>> # EXPECT reject (nxdomain is not filtered). +>>> mail user@nxdomain.porcupine.org +./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost> +450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found +>>> # +>>> # Test reject_rbl_client +>>> # +>>> client_restrictions reject_rbl_client,dnsbltest.porcupine.org +OK +>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg +OK +>>> flush_dnsxl_cache +OK +>>> # EXPECT reject + A and TXT record. +>>> client localhost 127.0.0.2 +./smtpd_check: <queue id>: reject: CONNECT from localhost[127.0.0.2]: 554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; DNS blocklist test; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost> +554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; DNS blocklist test +>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg +OK +>>> flush_dnsxl_cache +OK +>>> # EXPECT OK + "all A results dropped" warning. +>>> client localhost 127.0.0.2 +./smtpd_check: ignoring DNS RR: 2.0.0.127.dnsbltest.porcupine.org. TTL IN A 127.0.0.2 +./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: RBL lookup error: Error looking up name=2.0.0.127.dnsbltest.porcupine.org type=A: DNS reply filter drops all results +OK +>>> smtpd_dns_reply_filter regexp:../dns/no-txt.reg +OK +>>> flush_dnsxl_cache +OK +>>> # EXPECT reject + A record, "all TXT results dropped" warning. +>>> client localhost 127.0.0.2 +./smtpd_check: ignoring DNS RR: 2.0.0.127.dnsbltest.porcupine.org. TTL IN TXT DNS blocklist test +./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: TXT lookup error: DNS reply filter drops all results +./smtpd_check: <queue id>: reject: CONNECT from localhost[127.0.0.2]: 554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost> +554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org +>>> smtpd_dns_reply_filter regexp:../dns/error.reg +OK +>>> flush_dnsxl_cache +OK +>>> # EXPECT OK + "filter configuration error" +>>> client localhost 127.0.0.2 +./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops" +./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: RBL lookup error: Error looking up name=2.0.0.127.dnsbltest.porcupine.org type=A: Invalid DNS reply filter syntax +OK |