Files
@ 17cf34f73ca6
Branch filter:
Location: majic-ansible-roles/testsite/group_vars/mail.yml - annotation
17cf34f73ca6
1.4 KiB
text/x-yaml
MAR-28: Implemented additional tests for mail_server role:
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
be262063970c be262063970c 0f17841d0aad 1b05bae8e440 4313878669b1 1b50bc1cc817 1b50bc1cc817 ce1b1a242584 1b50bc1cc817 1b50bc1cc817 1b50bc1cc817 85d2a408fd21 3bd270c9e860 3bd270c9e860 3bd270c9e860 18cd76ec050d 18cd76ec050d 18cd76ec050d 18cd76ec050d 67d9190a521a 67d9190a521a 67d9190a521a 1bdb64307968 1bdb64307968 0f17841d0aad 298c0dbe1698 298c0dbe1698 0f17841d0aad 0f17841d0aad 111e954e826d 24c957d877de 111e954e826d 8548876c068b 8548876c068b 8548876c068b 8548876c068b 8548876c068b 8548876c068b 4b964a31bd96 | ---
mail_ldap_url: ldap://ldap.{{ testsite_domain }}/
mail_ldap_tls_truststore: "{{ lookup('file', inventory_dir + '/tls/ca.pem') }}"
mail_ldap_base_dn: "{{ testsite_ldap_base }}"
mail_ldap_postfix_password: postfix
mail_ldap_dovecot_password: dovecot
mail_user: vmail
mail_user_uid: 5000
mail_user_gid: 5000
local_mail_aliases:
root: "root john.doe@{{ testsite_domain }}"
imap_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.pem') }}"
imap_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.key') }}"
smtp_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.pem') }}"
smtp_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.key') }}"
imap_folder_separator: /
smtp_rbl:
- bl.spamcop.net
- zen.spamhaus.org
mail_postmaster: postmaster@{{ testsite_domain }}
smtp_allow_relay_from:
- ldap.{{ testsite_domain }}
- xmpp.{{ testsite_domain }}
- web.{{ testsite_domain }}
- ws01.{{ testsite_domain }}
imap_max_user_connections_per_ip: 50
mail_server_tls_protocols:
- TLSv1.2
- TLSv1.1
mail_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA:!aNULL:!MD5:!EXPORT"
|