serv/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2024-12-27 08:53:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
mox/testdata/integration/moxmail2.sh
Mechiel Lukkien db3fef4981
when suggesting CAA records for a domain, suggest variants that bind to the account id and with validation methods used by mox 
should prevent potential mitm attacks. especially when done close to the
machine itself (where a http/tls challenge is intercepted to get a valid
certificate), as seen on the internet last month.
2023-12-21 15:53:32 +01:00

38 lines
1.3 KiB
Bash
Executable file
Raw Blame History

#!/bin/sh
set -x # print commands
set -e # exit on failed command
apk add unbound
(rm -r /tmp/mox 2>/dev/null || exit 0) # clean slate
mkdir /tmp/mox
cd /tmp/mox
mox quickstart moxtest2@mox2.example "$MOX_UID" > output.txt
cp config/mox.conf config/mox.conf.orig
sed -i -e 's,ACME: .*$,KeyCerts:\n\t\t\t\t-\n\t\t\t\t\tCertFile: /integration/tls/moxmail2.pem\n\t\t\t\t\tKeyFile: /integration/tls/moxmail2-key.pem\n\t\t\t\t-\n\t\t\t\t\tCertFile: /integration/tls/mox2-autoconfig.pem\n\t\t\t\t\tKeyFile: /integration/tls/mox2-autoconfig-key.pem\n\t\t\t\t-\n\t\t\t\t\tCertFile: /integration/tls/mox2-mtasts.pem\n\t\t\t\t\tKeyFile: /integration/tls/mox2-mtasts-key.pem\n,' -e 's/SMTP:$/SMTP:\n\t\t\tFirstTimeSenderDelay: 1s/' config/mox.conf
cat <<EOF >>config/mox.conf
TLS:
CA:
CertFiles:
# CA of our own certificates.
- /integration/tls/ca.pem
# CA used by moxacmepebble.
- /integration/tmp-pebble-ca.pem
EOF
# A fresh file was set up by moxacmepebble.
sed -n '/^;/,/will be suggested/p' output.txt >>/integration/example-integration.zone
unbound-control -s 172.28.1.30 reload # reload unbound with zone file changes
mox -checkconsistency serve &
while true; do
if test -e data/ctl; then
echo -n accountpass4321 | mox setaccountpassword moxtest2
break
fi
sleep 0.1
done
wait
Reference in a new issue View git blame Copy permalink