Files @ 01f4b619cfa6
Branch filter:

Location: majic-ansible-roles/roles/mail_forwarder/tests/test_optional.py

01f4b619cfa6 4.0 KiB text/x-python Show Annotation Show as Raw Download as Raw
branko
MAR-27: Update mail_forwarder role/tests:

- Install swaks on mail-server instance for testing SMTP.
- Install procmail via mail_forwarder role (needed to be explicit for Debian
Stretch).
- Introduce small sleep when mails are sent to localhost for delivery to remote
hosts before checking the logs in order to allow Postfix to process the
queue.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import re
import time


import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    '.molecule/ansible_inventory').get_hosts('parameters-optional')


def test_smtp_relay_truststore_file(File):
    """
    Tests if SMTP relay truststore has correct content.
    """

    truststore = File('/etc/ssl/certs/smtp_relay_truststore.pem')

    assert truststore.content == open("tests/data/x509/ca.cert.pem", "r").read().rstrip()


def test_smtp_mailname(File):
    """
    Tests if SMTP mailname has been configured correctly.
    """

    mailname = File('/etc/mailname')

    assert mailname.content == "parameters-optional"


def test_postfix_main_cf_file_content(File):
    """
    Tests if the Postfix main configuration file content is correct.
    """

    config = File('/etc/postfix/main.cf')
    config_lines = config.content.split("\n")

    assert "myhostname = parameters-optional" in config_lines
    assert "mydestination = parameters-optional, parameters-optional, localhost.localdomain, localhost" in config_lines
    assert "relayhost = mail-server" in config_lines
    assert "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" in config_lines
    assert "smtp_tls_security_level=verify" in config_lines
    assert "smtp_tls_CAfile=/etc/ssl/certs/smtp_relay_truststore.pem" in config_lines
    assert "smtp_host_lookup = dns, native" in config_lines


def test_local_aliases(Command, File, Sudo):
    """
    Tests if local aliases are configured correctly.
    """

    send = Command('swaks --suppress-data --to root@localhost')
    assert send.rc == 0
    message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)

    # Wait for a little while for message to be processed.
    time.sleep(5)

    with Sudo():
        mail_log = File('/var/log/mail.log')
        pattern1 = "%s: to=<root@parameters-optional>, orig_to=<root@localhost>.*status=sent" % message_id
        pattern2 = "%s: to=<testuser@parameters-optional>, orig_to=<root@localhost>.*status=sent" % message_id

        assert re.search(pattern1, mail_log.content) is not None
        assert re.search(pattern2, mail_log.content) is not None


def test_relay_mail_sending(Command, File, Sudo):
    """
    Tests if mails are sent correctly via relay if relay has been configured.
    """

    send = Command('swaks --suppress-data --to root@domain1 --server localhost')
    assert send.rc == 0
    message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)

    # Wait for a little while for message to be processed.
    time.sleep(5)

    with Sudo():
        mail_log = File('/var/log/mail.log')
        pattern = "%s: to=<root@domain1>, relay=mail-server.*status=sent" % message_id

        assert re.search(pattern, mail_log.content) is not None


def test_tls_enforced_towards_relay_mail_server(Command, File, Sudo):
    """
    Tests if TLS verification is enfoced towards the relay mail server.
    """

    with Sudo():
        # Replace the relayhost with name that is not present in relay's
        # certificate.
        command = Command("sed -i -e s#relayhost\\ =\\ mail-server#relayhost\\ =\\ domain1# /etc/postfix/main.cf")
        assert command.rc == 0
        command = Command("service postfix restart")
        assert command.rc == 0

        # Try to send out an e-mail
        send = Command('swaks --suppress-data --to root@domain1 --server localhost')

        # Restore correct relay name in the configuration file.
        command = Command("sed -i -e s#relayhost\\ =\\ domain1#relayhost\\ =\\ mail-server# /etc/postfix/main.cf")
        assert command.rc == 0
        command = Command("service postfix restart")
        assert command.rc == 0

        # Finally check the results.
        assert send.rc == 0
        message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)

        with Sudo():
            mail_log = File('/var/log/mail.log')
            pattern = "%s: to=<root@domain1>, relay=domain1.*status=deferred \(Server certificate not verified\)" % message_id

            assert re.search(pattern, mail_log.content) is not None
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.