···
1
+
# This tests parsedmarc by sending a report to its monitored email
2
+
# address and reading the results out of Elasticsearch.
6
+
inherit (import ../../lib/testing-python.nix args) makeTest;
8
+
dmarcTestReport = builtins.fetchurl {
9
+
name = "dmarc-test-report";
10
+
url = "https://github.com/domainaware/parsedmarc/raw/f45ab94e0608088e0433557608d9f4e9517d3afe/samples/aggregate/estadocuenta1.infonacot.gob.mx!example.com!1536853302!1536939702!2940.xml.zip";
11
+
sha256 = "0dq64cj49711kbja27pjl2hy0d3azrjxg91kqrh40x46fkn1dwkx";
14
+
sendEmail = address:
15
+
pkgs.writeScriptBin "send-email" ''
16
+
#!${pkgs.python3.interpreter}
18
+
from email import encoders
19
+
from email.mime.base import MIMEBase
20
+
from email.mime.multipart import MIMEMultipart
21
+
from email.mime.text import MIMEText
23
+
sender_email = "dmarc_tester@fake.domain"
24
+
receiver_email = "${address}"
26
+
message = MIMEMultipart()
27
+
message["From"] = sender_email
28
+
message["To"] = receiver_email
29
+
message["Subject"] = "DMARC test"
31
+
message.attach(MIMEText("Testing parsedmarc", "plain"))
33
+
attachment = MIMEBase("application", "zip")
35
+
with open("${dmarcTestReport}", "rb") as report:
36
+
attachment.set_payload(report.read())
38
+
encoders.encode_base64(attachment)
40
+
attachment.add_header(
41
+
"Content-Disposition",
42
+
"attachment; filename= estadocuenta1.infonacot.gob.mx!example.com!1536853302!1536939702!2940.xml.zip",
45
+
message.attach(attachment)
46
+
text = message.as_string()
48
+
with smtplib.SMTP('localhost') as server:
49
+
server.sendmail(sender_email, receiver_email, text)
54
+
localMail = makeTest
56
+
name = "parsedmarc-local-mail";
57
+
meta = with pkgs.lib.maintainers; {
58
+
maintainers = [ talyz ];
64
+
virtualisation.memorySize = 2048;
66
+
services.postfix = {
67
+
enableSubmission = true;
68
+
enableSubmissions = true;
69
+
submissionsOptions = {
70
+
smtpd_sasl_auth_enable = "yes";
71
+
smtpd_client_restrictions = "permit";
75
+
services.parsedmarc = {
81
+
hostname = "localhost";
86
+
services.elasticsearch.package = pkgs.elasticsearch7-oss;
88
+
environment.systemPackages = [
89
+
(sendEmail "dmarc@localhost")
94
+
testScript = { nodes }:
96
+
esPort = toString nodes.parsedmarc.config.services.elasticsearch.port;
99
+
parsedmarc.wait_for_unit("postfix.service")
100
+
parsedmarc.wait_for_unit("dovecot2.service")
101
+
parsedmarc.wait_for_unit("parsedmarc.service")
102
+
parsedmarc.wait_until_succeeds(
103
+
"curl -sS -f http://localhost:${esPort}"
107
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
109
+
parsedmarc.succeed("send-email")
110
+
parsedmarc.wait_until_succeeds(
111
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
118
+
certs = import ../common/acme/server/snakeoil-certs.nix;
119
+
mailDomain = certs.domain;
120
+
parsedmarcDomain = "parsedmarc.fake.domain";
123
+
name = "parsedmarc-external-mail";
124
+
meta = with pkgs.lib.maintainers; {
125
+
maintainers = [ talyz ];
132
+
virtualisation.memorySize = 2048;
134
+
security.pki.certificateFiles = [
138
+
networking.extraHosts = ''
139
+
127.0.0.1 ${parsedmarcDomain}
140
+
${nodes.mail.config.networking.primaryIPAddress} ${mailDomain}
143
+
services.parsedmarc = {
145
+
provision.geoIp = false;
151
+
password = "${pkgs.writeText "imap-password" "foobar"}";
156
+
services.elasticsearch.package = pkgs.elasticsearch7-oss;
158
+
environment.systemPackages = [
166
+
imports = [ ../common/user-account.nix ];
168
+
networking.extraHosts = ''
169
+
127.0.0.1 ${mailDomain}
170
+
${nodes.parsedmarc.config.networking.primaryIPAddress} ${parsedmarcDomain}
173
+
services.dovecot2 = {
175
+
protocols = [ "imap" ];
176
+
sslCACert = "${certs.ca.cert}";
177
+
sslServerCert = "${certs.${mailDomain}.cert}";
178
+
sslServerKey = "${certs.${mailDomain}.key}";
181
+
services.postfix = {
183
+
origin = mailDomain;
185
+
myhostname = mailDomain;
186
+
mydestination = mailDomain;
188
+
enableSubmission = true;
189
+
enableSubmissions = true;
190
+
submissionsOptions = {
191
+
smtpd_sasl_auth_enable = "yes";
192
+
smtpd_client_restrictions = "permit";
195
+
environment.systemPackages = [ (sendEmail "alice@${mailDomain}") ];
197
+
networking.firewall.allowedTCPPorts = [ 993 ];
201
+
testScript = { nodes }:
203
+
esPort = toString nodes.parsedmarc.config.services.elasticsearch.port;
206
+
mail.wait_for_unit("postfix.service")
207
+
mail.wait_for_unit("dovecot2.service")
210
+
parsedmarc.wait_for_unit("parsedmarc.service")
211
+
parsedmarc.wait_until_succeeds(
212
+
"curl -sS -f http://localhost:${esPort}"
216
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
218
+
mail.succeed("send-email")
219
+
parsedmarc.wait_until_succeeds(
220
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
pyrox.dev