smtpd_dns_filter.ref   [plain text]

>>> #
>>> # Initialize
>>> #
>>> client localhost 127.0.0.1
OK
>>> smtpd_delay_reject 0
OK
>>> #
>>> # Test reject_unknown_helo_hostname
>>> #
>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg
OK
>>> helo_restrictions reject_unknown_helo_hostname,permit
OK
>>> # EXPECT OK + "all MX records dropped" warning.
>>> helo xn--1xa.porcupine.org
./smtpd_check: ignoring DNS RR: xn--1xa.porcupine.org. TTL IN MX 10 spike.porcupine.org.
./smtpd_check: warning: xn--1xa.porcupine.org: address or MX lookup error: DNS reply filter drops all results
OK
>>> # EXPECT OK (nullmx has A record)
>>> helo nullmx.porcupine.org
OK
>>> # EXPECT reject (nxdomain is not filtered).
>>> helo nxdomain.porcupine.org
./smtpd_check: <queue id>: reject: HELO from localhost[127.0.0.1]: 450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found; proto=SMTP helo=<nxdomain.porcupine.org>
450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found
>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg
OK
>>> # EXPECT OK (host has AAAA record).
>>> mail user@spike.porcupine.org
OK
>>> helo spike.porcupine.org
./smtpd_check: ignoring DNS RR: spike.porcupine.org. TTL IN A 168.100.189.2
OK
>>> # EXPECT OK + "all A records dropped" warning + no delayed reject.
>>> helo fist.porcupine.org
./smtpd_check: ignoring DNS RR: fist.porcupine.org. TTL IN A 168.100.189.4
./smtpd_check: warning: fist.porcupine.org: address or MX lookup error: DNS reply filter drops all results
OK
>>> mail user@spike.porcupine.org
OK
>>> rcpt user@spike.porcupine.org
OK
>>> smtpd_dns_reply_filter regexp:../dns/error.reg
OK
>>> # EXPECT OK + "filter config error" warning + delayed reject.
>>> helo spike.porcupine.org
./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops"
./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops"
OK
>>> mail user@spike.porcupine.org
OK
>>> rcpt user@spike.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <spike.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> to=<user@spike.porcupine.org> proto=SMTP helo=<spike.porcupine.org>
450 4.7.1 <spike.porcupine.org>: Helo command rejected: Host not found
>>> # EXPECT OK + "filter config error" warning (nullmx has A record) + delayed reject.
>>> helo nullmx.porcupine.org
./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops"
OK
>>> mail user@spike.porcupine.org
OK
>>> rcpt user@spike.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <nullmx.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> to=<user@spike.porcupine.org> proto=SMTP helo=<nullmx.porcupine.org>
450 4.7.1 <nullmx.porcupine.org>: Helo command rejected: Host not found
>>> # EXPECT reject (nxdomain is not filtered).
>>> helo nxdomain.porcupine.org
./smtpd_check: <queue id>: reject: HELO from localhost[127.0.0.1]: 450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found; from=<user@spike.porcupine.org> proto=SMTP helo=<nxdomain.porcupine.org>
450 4.7.1 <nxdomain.porcupine.org>: Helo command rejected: Host not found
>>> #
>>> # Test reject_unknown_sender_domain (same code as
>>> # reject_unknown_recipient_domain).
>>> #
>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg
OK
>>> helo localhost
OK
>>> sender_restrictions reject_unknown_sender_domain
OK
>>> # EXPECT OK + "all MX records dropped" warning.
>>> mail user@xn--1xa.porcupine.org
./smtpd_check: ignoring DNS RR: xn--1xa.porcupine.org. TTL IN MX 10 spike.porcupine.org.
./smtpd_check: warning: xn--1xa.porcupine.org: MX or address lookup error: DNS reply filter drops all results
OK
>>> # EXPECT reject (nullmx is not filtered).
>>> mail user@nullmx.porcupine.org
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX); from=<user@nullmx.porcupine.org> proto=SMTP helo=<localhost>
550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX)
>>> # EXPECT reject (nxdomain is not filtered).
>>> mail user@nxdomain.porcupine.org
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost>
450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found
>>> # EXPECT OK
>>> mail user@localhost
OK
>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg
OK
>>> # EXPECT OK (host has AAAA record).
>>> mail user@spike.porcupine.org
./smtpd_check: ignoring DNS RR: spike.porcupine.org. TTL IN A 168.100.189.2
OK
>>> # EXPECT OK + "all A records dropped" warning.
>>> mail user@fist.porcupine.org
./smtpd_check: ignoring DNS RR: fist.porcupine.org. TTL IN A 168.100.189.4
./smtpd_check: warning: fist.porcupine.org: MX or address lookup error: DNS reply filter drops all results
OK
>>> smtpd_dns_reply_filter regexp:../dns/error.reg
OK
>>> # EXPECT OK + "filter config error" warning + delayed reject.
>>> mail user@xn--1xa.porcupine.org
./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops"
OK
>>> rcpt user
./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 450 4.1.8 <user@xn--1xa.porcupine.org>: Sender address rejected: Domain not found; from=<user@xn--1xa.porcupine.org> to=<user> proto=SMTP helo=<localhost>
450 4.1.8 <user@xn--1xa.porcupine.org>: Sender address rejected: Domain not found
>>> # EXPECT reject (nullmx is not filtered).
>>> mail user@nullmx.porcupine.org
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX); from=<user@nullmx.porcupine.org> proto=SMTP helo=<localhost>
550 5.7.27 <user@nullmx.porcupine.org>: Sender address rejected: Domain nullmx.porcupine.org does not accept mail (nullMX)
>>> # EXPECT reject (nxdomain is not filtered).
>>> mail user@nxdomain.porcupine.org
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost>
450 4.1.8 <user@nxdomain.porcupine.org>: Sender address rejected: Domain not found
>>> #
>>> # Test reject_rbl_client
>>> #
>>> client_restrictions reject_rbl_client,dnsbltest.porcupine.org
OK
>>> smtpd_dns_reply_filter regexp:../dns/no-mx.reg
OK
>>> flush_dnsxl_cache
OK
>>> # EXPECT reject + A and TXT record.
>>> client localhost 127.0.0.2
./smtpd_check: <queue id>: reject: CONNECT from localhost[127.0.0.2]: 554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; DNS blocklist test; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost>
554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; DNS blocklist test
>>> smtpd_dns_reply_filter regexp:../dns/no-a.reg
OK
>>> flush_dnsxl_cache
OK
>>> # EXPECT OK + "all A results dropped" warning.
>>> client localhost 127.0.0.2
./smtpd_check: ignoring DNS RR: 2.0.0.127.dnsbltest.porcupine.org. TTL IN A 127.0.0.2
./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: RBL lookup error: Error looking up name=2.0.0.127.dnsbltest.porcupine.org type=A: DNS reply filter drops all results
OK
>>> smtpd_dns_reply_filter regexp:../dns/no-txt.reg
OK
>>> flush_dnsxl_cache
OK
>>> # EXPECT reject + A record, "all TXT results dropped" warning.
>>> client localhost 127.0.0.2
./smtpd_check: ignoring DNS RR: 2.0.0.127.dnsbltest.porcupine.org. TTL IN TXT DNS blocklist test
./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: TXT lookup error: DNS reply filter drops all results
./smtpd_check: <queue id>: reject: CONNECT from localhost[127.0.0.2]: 554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org; from=<user@nxdomain.porcupine.org> proto=SMTP helo=<localhost>
554 5.7.1 Service unavailable; Client host [127.0.0.2] blocked using dnsbltest.porcupine.org
>>> smtpd_dns_reply_filter regexp:../dns/error.reg
OK
>>> flush_dnsxl_cache
OK
>>> # EXPECT OK + "filter configuration error"
>>> client localhost 127.0.0.2
./smtpd_check: warning: smtpd_dns_reply_filter: unknown DNS filter action: "oops"
./smtpd_check: warning: 2.0.0.127.dnsbltest.porcupine.org: RBL lookup error: Error looking up name=2.0.0.127.dnsbltest.porcupine.org type=A: Invalid DNS reply filter syntax
OK