diff options
Diffstat (limited to '')
-rw-r--r-- | src/smtpd/smtpd_dns_filter.in | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/src/smtpd/smtpd_dns_filter.in b/src/smtpd/smtpd_dns_filter.in new file mode 100644 index 0000000..df1d8ef --- /dev/null +++ b/src/smtpd/smtpd_dns_filter.in @@ -0,0 +1,83 @@ +# +# Initialize +# +client localhost 127.0.0.1 +smtpd_delay_reject 0 +# +# Test reject_unknown_helo_hostname +# +smtpd_dns_reply_filter regexp:../dns/no-mx.reg +helo_restrictions reject_unknown_helo_hostname,permit +# EXPECT OK + "all MX records dropped" warning. +helo xn--1xa.porcupine.org +# EXPECT OK (nullmx has A record) +helo nullmx.porcupine.org +# EXPECT reject (nxdomain is not filtered). +helo nxdomain.porcupine.org +smtpd_dns_reply_filter regexp:../dns/no-a.reg +# EXPECT OK (host has AAAA record). +mail user@spike.porcupine.org +helo spike.porcupine.org +# EXPECT OK + "all A records dropped" warning + no delayed reject. +helo fist.porcupine.org +mail user@spike.porcupine.org +rcpt user@spike.porcupine.org +smtpd_dns_reply_filter regexp:../dns/error.reg +# EXPECT OK + "filter config error" warning + delayed reject. +helo spike.porcupine.org +mail user@spike.porcupine.org +rcpt user@spike.porcupine.org +# EXPECT OK + "filter config error" warning (nullmx has A record) + delayed reject. +helo nullmx.porcupine.org +mail user@spike.porcupine.org +rcpt user@spike.porcupine.org +# EXPECT reject (nxdomain is not filtered). +helo nxdomain.porcupine.org +# +# Test reject_unknown_sender_domain (same code as +# reject_unknown_recipient_domain). +# +smtpd_dns_reply_filter regexp:../dns/no-mx.reg +helo localhost +sender_restrictions reject_unknown_sender_domain +# EXPECT OK + "all MX records dropped" warning. +mail user@xn--1xa.porcupine.org +# EXPECT reject (nullmx is not filtered). +mail user@nullmx.porcupine.org +# EXPECT reject (nxdomain is not filtered). +mail user@nxdomain.porcupine.org +# EXPECT OK +mail user@localhost +smtpd_dns_reply_filter regexp:../dns/no-a.reg +# EXPECT OK (host has AAAA record). +mail user@spike.porcupine.org +# EXPECT OK + "all A records dropped" warning. +mail user@fist.porcupine.org +smtpd_dns_reply_filter regexp:../dns/error.reg +# EXPECT OK + "filter config error" warning + delayed reject. +mail user@xn--1xa.porcupine.org +rcpt user +# EXPECT reject (nullmx is not filtered). +mail user@nullmx.porcupine.org +# EXPECT reject (nxdomain is not filtered). +mail user@nxdomain.porcupine.org +# +# Test reject_rbl_client +# +client_restrictions reject_rbl_client,dnsbltest.porcupine.org +smtpd_dns_reply_filter regexp:../dns/no-mx.reg +flush_dnsxl_cache +# EXPECT reject + A and TXT record. +client localhost 127.0.0.2 +smtpd_dns_reply_filter regexp:../dns/no-a.reg +flush_dnsxl_cache +# EXPECT OK + "all A results dropped" warning. +client localhost 127.0.0.2 +smtpd_dns_reply_filter regexp:../dns/no-txt.reg +flush_dnsxl_cache +# EXPECT reject + A record, "all TXT results dropped" warning. +client localhost 127.0.0.2 +smtpd_dns_reply_filter regexp:../dns/error.reg +flush_dnsxl_cache +# EXPECT OK + "filter configuration error" +client localhost 127.0.0.2 |