Univention Bugzilla – Bug 38063
ucs-test: Postfix allows MAIL FROM address spoofing
Last modified: 2016-10-05 20:20:04 CEST
Created attachment 6765 [details] testSMTP script Bug 31738|38061 describes a way to implement a sender address restriction. This should be tested automatically. The attached script was used during development, to have an idea which mails were rejected (or not). testSMTP requires the hostname/IP address of the mailserver and the port to be tested (25 or 465; other ports are not supported!). Usage: ==> on the test system # eval $(ucr shell) # udm users/user create --ignore_exists --position "cn=users,$ldap_base" \ --set username="ding" --set lastname=Ding \ --set password=univention \ --set mailPrimaryAddress=ding@$domainname \ --set mailAlternativeAddress=ding2@$domainname # udm users/user create --ignore_exists --position "cn=users,$ldap_base" \ --set username="dong" --set lastname=Dong \ --set password=univention \ --set mailPrimaryAddress=dong@$domainname ==> on an external system # univention-install swaks # vim ./testSMTP (alter the DOMAIN variable and enter the value of $domainname of the mailserver) # ./testSMTP 10.200.18.40 25 > /dev/null or # ./testSMTP 10.200.18.40 465 > /dev/null