Changeset View
Changeset View
Standalone View
Standalone View
src/tests/Feature/Stories/SenderPolicyFrameworkTest.php
- This file was added.
<?php | |||||
namespace Tests\Feature\Stories; | |||||
use Tests\TestCase; | |||||
class SenderPolicyFrameworkTest extends TestCase | |||||
{ | |||||
/* | |||||
TODO: | |||||
- with cache, | |||||
- without cache, | |||||
- with expired cache? | |||||
*/ | |||||
public function testSenderFailv4() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-fail.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
} | |||||
public function testSenderFailv6() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-fail.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
// actually IN AAAA gmail.com. | |||||
'client_address' => '2a00:1450:400a:801::2005', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$this->assertFalse(strpos(':', $data['client_address'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
} | |||||
public function testSenderNone() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-none.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
} | |||||
public function testSenderNoNet() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-none.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '256.0.0.1', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
} | |||||
public function testSenderPass() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-pass.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
} | |||||
public function testSenderPassAll() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-passall.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
} | |||||
public function testSenderPermerror() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-permerror.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
} | |||||
public function testSenderSoftfail() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-fail.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
} | |||||
public function testSenderTemperror() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@spf-temperror.kolab.org', | |||||
'client_name' => 'mx.kolabnow.com', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
} | |||||
public function testSenderRelayPolicyHeloExactNegative() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['the.only.acceptable.helo'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
public function testSenderRelayPolicyHeloExactPositive() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['helo.some.relayservice.domain'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
public function testSenderRelayPolicyRegexpNegative() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['/a\.domain/'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
public function testSenderRelayPolicyRegexpPositive() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['/relayservice\.domain/'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
public function testSenderRelayPolicyWildcardSubdomainNegative() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['.helo.some.relayservice.domain'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
public function testSenderRelayPolicyWildcardSubdomainPositive() | |||||
{ | |||||
$data = [ | |||||
'instance' => 'test.local.instance', | |||||
'protocol_state' => 'RCPT', | |||||
'sender' => 'sender@amazon.co.uk', | |||||
'client_name' => 'helo.some.relayservice.domain', | |||||
'client_address' => '212.103.80.148', | |||||
'recipient' => $this->domainOwner->email | |||||
]; | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(403); | |||||
$this->domainOwner->setSetting('spf_whitelist', json_encode(['.some.relayservice.domain'])); | |||||
$response = $this->post('/api/webhooks/spf', $data); | |||||
$response->assertStatus(200); | |||||
$this->domainOwner->removeSetting('spf_whitelist'); | |||||
} | |||||
} |