Bug 38063 - ucs-test: Postfix allows MAIL FROM address spoofing
ucs-test: Postfix allows MAIL FROM address spoofing
Status: NEW
Product: UCS Test
Classification: Unclassified
Component: Mail
unspecified
Other Linux
: P5 normal (vote)
: ---
Assigned To: Mail maintainers
:
Depends on: 31738 38061
Blocks:
  Show dependency treegraph
 
Reported: 2015-03-17 13:59 CET by Sönke Schwardt-Krummrich
Modified: 2016-10-05 20:20 CEST (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
testSMTP script (5.40 KB, text/plain)
2015-03-17 13:59 CET, Sönke Schwardt-Krummrich
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Sönke Schwardt-Krummrich univentionstaff 2015-03-17 13:59:43 CET
Created attachment 6765 [details]
testSMTP script

Bug 31738|38061 describes a way to implement a sender address restriction.
This should be tested automatically. The attached script was used during development, to have an idea which mails were rejected (or not).

testSMTP requires the hostname/IP address of the mailserver and the port to be tested (25 or 465; other ports are not supported!).

Usage:
==> on the test system
# eval $(ucr shell)
# udm users/user create --ignore_exists --position "cn=users,$ldap_base" \
                        --set username="ding" --set lastname=Ding \
                        --set password=univention \
                        --set mailPrimaryAddress=ding@$domainname \
                        --set mailAlternativeAddress=ding2@$domainname
# udm users/user create --ignore_exists --position "cn=users,$ldap_base" \
                        --set username="dong" --set lastname=Dong \
                        --set password=univention \
                        --set mailPrimaryAddress=dong@$domainname

==> on an external system
# univention-install swaks
# vim ./testSMTP
(alter the DOMAIN variable and enter the value of $domainname of the mailserver)
# ./testSMTP 10.200.18.40 25 > /dev/null
or 
# ./testSMTP 10.200.18.40 465 > /dev/null