-
Notifications
You must be signed in to change notification settings - Fork 3
/
test.sh
executable file
·78 lines (63 loc) · 2.63 KB
/
test.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/bash
set -e
docker compose --env-file dev.env build
docker compose --env-file dev.env down || true
# Purge old DB
docker volume rm postfix-tls-audit_postfix-audit-db || true
docker compose --env-file dev.env up -d --wait --remove-orphans
subdomains=(a b c d e f)
ips=(127.0.0.1 127.0.0.2 "::1" 127.0.0.10 127.0.0.11 127.0.0.12)
for i in {0..5}
do
subdomain=${subdomains[$i]}
ip=${ips[$i]}
echo "Checking server ($i / $ip) $subdomain"
UUID=$(uuidgen)
echo "Using USERID: ${UUID}"
# Ensure the MTA-STS policy is available on both HTTP and HTTPS
# Not on 5th, or 6th
if (( $i != 5 && $i != 6 ));
then
curl -k -H "Host: mta-sts.$subdomain.audit.alexsci.com" https://127.0.0.1:8443/.well-known/mta-sts.txt | grep "enforce"
# Make sure it was logged
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/poll -F users= | grep "mta-sts.${subdomain}.audit.alexsci.com"
else
echo "$subdomain won't have a policy hosted"
fi
echo "Checking that email hasn't been seen"
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/health | grep "pong"
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/poll -F users=$UUID | grep "{}"
echo "Send the emails"
if (( $i == 2 ));
then
# This one uses IPv6
./test-send-email.exp "[${ip}]" "${UUID}" "${subdomain}.audit.alexsci.com"
elif (( $i == 1 || $i == 5));
then
# These ones doesn't support TLS
./test-send-email-no-tls.exp "${ip}" "${UUID}" "${subdomain}.audit.alexsci.com"
else
./test-send-email.exp "${ip}" "${UUID}" "${subdomain}.audit.alexsci.com"
fi
if (( $i != 4 && $i != 6));
then
# All but the 4th and 6th support unencrypted emails
# Try to send an email to an unrelated domain (should fail)
./test-open-relay.exp "${ip}" "${UUID}" "${subdomain}.audit.alexsci.com"
fi
# Email processing takes some time...
sleep 1
echo "Checking that email has been seen"
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/poll -F users=$UUID | grep "$UUID" | grep "Message Received"
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/poll -F users=$UUID -F secret=INSECURE-1234 | grep "$UUID" | grep "MSG: This Is The Message"
echo ""
echo "Server $subdomain looks OK!"
echo ""
done
# Check TLS reporting
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/tlsrpt -d "TLS REPORT"
curl -k -H "Host: api.audit.alexsci.com" https://127.0.0.1:8443/poll -F users= | grep "TLS REPORT"
docker compose --env-file dev.env down
echo ""
echo "SUCCESS!"
echo ""