diff --git a/crates/directory/src/backend/ldap/lookup.rs b/crates/directory/src/backend/ldap/lookup.rs index cb503fa0..c33c4298 100644 --- a/crates/directory/src/backend/ldap/lookup.rs +++ b/crates/directory/src/backend/ldap/lookup.rs @@ -327,6 +327,13 @@ impl LdapMappings { fn entry_to_principal(&self, entry: SearchEntry) -> Principal { let mut principal = Principal::default(); + tracing::debug!( + context = "ldap", + event = "fetch_princpal", + entry = ?entry, + "LDAP entry" + ); + for (attr, value) in entry.attrs { if self.attr_name.contains(&attr) { principal.name = value.into_iter().next().unwrap_or_default(); diff --git a/crates/utils/src/config/utils.rs b/crates/utils/src/config/utils.rs index 598de524..a4f6a49a 100644 --- a/crates/utils/src/config/utils.rs +++ b/crates/utils/src/config/utils.rs @@ -481,11 +481,11 @@ impl ParseValue for Canonicalization { impl ParseValue for IpLookupStrategy { fn parse_value(key: impl AsKey, value: &str) -> super::Result { Ok(match value.to_lowercase().as_str() { - "ipv4-only" => IpLookupStrategy::Ipv4Only, - "ipv6-only" => IpLookupStrategy::Ipv6Only, - //"ipv4-and-ipv6" => IpLookupStrategy::Ipv4AndIpv6, - "ipv6-then-ipv4" => IpLookupStrategy::Ipv6thenIpv4, - "ipv4-then-ipv6" => IpLookupStrategy::Ipv4thenIpv6, + "ipv4_only" => IpLookupStrategy::Ipv4Only, + "ipv6_only" => IpLookupStrategy::Ipv6Only, + //"ipv4_and_ipv6" => IpLookupStrategy::Ipv4AndIpv6, + "ipv6_then_ipv4" => IpLookupStrategy::Ipv6thenIpv4, + "ipv4_then_ipv6" => IpLookupStrategy::Ipv4thenIpv6, _ => { return Err(format!( "Invalid IP lookup strategy {:?} for property {:?}.", diff --git a/resources/config/smtp/auth.toml b/resources/config/smtp/auth.toml index d124ab42..2e77d92c 100644 --- a/resources/config/smtp/auth.toml +++ b/resources/config/smtp/auth.toml @@ -4,25 +4,25 @@ ############################################# [auth.iprev] -verify = [ { if = "listener", eq = "smtp", then = "relaxed" }, +verify = [ { if = "listener = 'smtp'", then = "relaxed" }, { else = "disable" } ] [auth.dkim] verify = "relaxed" -sign = [ { if = "listener", ne = "smtp", then = ["rsa"] }, - { else = [] } ] +sign = [ { if = "listener != 'smtp'", then = "['rsa']" }, + { else = false } ] [auth.spf.verify] -ehlo = [ { if = "listener", eq = "smtp", then = "relaxed" }, +ehlo = [ { if = "listener = 'smtp'", then = "relaxed" }, { else = "disable" } ] -mail-from = [ { if = "listener", eq = "smtp", then = "relaxed" }, +mail-from = [ { if = "listener = 'smtp'", then = "relaxed" }, { else = "disable" } ] [auth.arc] verify = "relaxed" -seal = ["rsa"] +seal = "['rsa']" [auth.dmarc] -verify = [ { if = "listener", eq = "smtp", then = "relaxed" }, +verify = [ { if = "listener = 'smtp'", then = "relaxed" }, { else = "disable" } ] diff --git a/resources/config/smtp/milter.toml b/resources/config/smtp/milter.toml index 0c208e5d..4086b33a 100644 --- a/resources/config/smtp/milter.toml +++ b/resources/config/smtp/milter.toml @@ -3,7 +3,7 @@ ############################################# #[session.data.milter."rspamd"] -#enable = [ { if = "listener", eq = "smtp", then = true }, +#enable = [ { if = "listener = 'smtp'", then = true }, # { else = false } ] #hostname = "127.0.0.1" #port = 11332 diff --git a/resources/config/smtp/queue.toml b/resources/config/smtp/queue.toml index 4d5da24b..84e6f0d6 100644 --- a/resources/config/smtp/queue.toml +++ b/resources/config/smtp/queue.toml @@ -7,15 +7,15 @@ path = "%{BASE_PATH}%/queue" hash = 64 [queue.schedule] -retry = ["2m", "5m", "10m", "15m", "30m", "1h", "2h"] -notify = ["1d", "3d"] +retry = "[2m, 5m, 10m, 15m, 30m, 1h, 2h]" +notify = "[1d, 3d]" expire = "5d" [queue.outbound] #hostname = "%{HOST}%" -next-hop = [ { if = "rcpt-domain", in-list = "%{DEFAULT_DIRECTORY}%/domains", then = "local" }, +next-hop = [ { if = "is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain)", then = "'local'" }, { else = false } ] -ip-strategy = "ipv4-then-ipv6" +ip-strategy = "ipv4_then_ipv6" [queue.outbound.tls] dane = "optional" @@ -24,8 +24,8 @@ starttls = "require" allow-invalid-certs = false #[queue.outbound.source-ip] -#v4 = ["10.0.0.10", "10.0.0.11"] -#v6 = ["a::b", "a::c"] +#v4 = "['10.0.0.10', '10.0.0.11']" +#v6 = "['a::b', 'a::c']" [queue.outbound.limits] mx = 7 @@ -42,12 +42,12 @@ data = "10m" mta-sts = "2m" [[queue.quota]] -#match = {if = "sender-domain", eq = "foobar.org"} +#match = "sender_domain = 'foobar.org'" #key = ["rcpt"] messages = 100000 size = 10737418240 # 10gb [[queue.throttle]] -key = ["rcpt-domain"] +key = ["rcpt_domain"] #rate = "100/1h" concurrency = 5 diff --git a/resources/config/smtp/report.toml b/resources/config/smtp/report.toml index 39fea895..34c001ca 100644 --- a/resources/config/smtp/report.toml +++ b/resources/config/smtp/report.toml @@ -13,45 +13,45 @@ forward = true #store = "%{BASE_PATH}%/incoming" [report.dsn] -from-name = "Mail Delivery Subsystem" -from-address = "MAILER-DAEMON@%{DEFAULT_DOMAIN}%" -sign = ["rsa"] +from-name = "'Mail Delivery Subsystem'" +from-address = "'MAILER-DAEMON@%{DEFAULT_DOMAIN}%'" +sign = "['rsa']" [report.dkim] -from-name = "Report Subsystem" -from-address = "noreply-dkim@%{DEFAULT_DOMAIN}%" -subject = "DKIM Authentication Failure Report" -sign = ["rsa"] -send = "1/1d" +from-name = "'Report Subsystem'" +from-address = "'noreply-dkim@%{DEFAULT_DOMAIN}%'" +subject = "'DKIM Authentication Failure Report'" +sign = "['rsa']" +send = "[1, 1d]" [report.spf] -from-name = "Report Subsystem" -from-address = "noreply-spf@%{DEFAULT_DOMAIN}%" -subject = "SPF Authentication Failure Report" -send = "1/1d" -sign = ["rsa"] +from-name = "'Report Subsystem'" +from-address = "'noreply-spf@%{DEFAULT_DOMAIN}%'" +subject = "'SPF Authentication Failure Report'" +send = "[1, 1d]" +sign = "['rsa']" [report.dmarc] -from-name = "Report Subsystem" -from-address = "noreply-dmarc@%{DEFAULT_DOMAIN}%" -subject = "DMARC Authentication Failure Report" -send = "1/1d" -sign = ["rsa"] +from-name = "'Report Subsystem'" +from-address = "'noreply-dmarc@%{DEFAULT_DOMAIN}%'" +subject = "'DMARC Authentication Failure Report'" +send = "[1, 1d]" +sign = "['rsa']" [report.dmarc.aggregate] -from-name = "DMARC Report" -from-address = "noreply-dmarc@%{DEFAULT_DOMAIN}%" -org-name = "%{DEFAULT_DOMAIN}%" +from-name = "'DMARC Report'" +from-address = "'noreply-dmarc@%{DEFAULT_DOMAIN}%'" +org-name = "'%{DEFAULT_DOMAIN}%'" #contact-info = "" send = "daily" max-size = 26214400 # 25mb -sign = ["rsa"] +sign = "['rsa']" [report.tls.aggregate] -from-name = "TLS Report" -from-address = "noreply-tls@%{DEFAULT_DOMAIN}%" -org-name = "%{DEFAULT_DOMAIN}%" +from-name = "'TLS Report'" +from-address = "'noreply-tls@%{DEFAULT_DOMAIN}%'" +org-name = "'%{DEFAULT_DOMAIN}%'" #contact-info = "" send = "daily" max-size = 26214400 # 25 mb -sign = ["rsa"] +sign = "['rsa']" diff --git a/resources/config/smtp/session.toml b/resources/config/smtp/session.toml index 687e5830..13484a75 100644 --- a/resources/config/smtp/session.toml +++ b/resources/config/smtp/session.toml @@ -8,38 +8,38 @@ transfer-limit = 262144000 # 250 MB duration = "10m" [session.connect] -#script = "connect.sieve" +#script = "'connect'" [session.ehlo] require = true -reject-non-fqdn = [ { if = "listener", eq = "smtp", then = true}, +reject-non-fqdn = [ { if = "listener = 'smtp'", then = true}, { else = false } ] -#script = "ehlo" +#script = "'ehlo'" [session.extensions] pipelining = true chunking = true requiretls = true no-soliciting = "" -dsn = [ { if = "authenticated-as", ne = "", then = true}, +dsn = [ { if = "!is_empty(authenticated_as)", then = true}, { else = false } ] -expn = [ { if = "authenticated-as", ne = "", then = true}, +expn = [ { if = "!is_empty(authenticated_as)", then = true}, { else = false } ] -vrfy = [ { if = "authenticated-as", ne = "", then = true}, +vrfy = [ { if = "!is_empty(authenticated_as)", then = true}, { else = false } ] -future-release = [ { if = "authenticated-as", ne = "", then = "7d"}, +future-release = [ { if = "!is_empty(authenticated_as)", then = "7d"}, { else = false } ] -deliver-by = [ { if = "authenticated-as", ne = "", then = "15d"}, +deliver-by = [ { if = "!is_empty(authenticated_as)", then = "15d"}, { else = false } ] -mt-priority = [ { if = "authenticated-as", ne = "", then = "mixer"}, +mt-priority = [ { if = "!is_empty(authenticated_as)", then = "mixer"}, { else = false } ] [session.auth] -mechanisms = [ { if = "listener", ne = "smtp", then = ["plain", "login"]}, - { else = [] } ] -directory = [ { if = "listener", ne = "smtp", then = "%{DEFAULT_DIRECTORY}%" }, +mechanisms = [ { if = "listener != 'smtp'", then = "[plain, login]"}, + { else = false } ] +directory = [ { if = "listener != 'smtp'", then = "'%{DEFAULT_DIRECTORY}%'" }, { else = false } ] -require = [ { if = "listener", ne = "smtp", then = true}, +require = [ { if = "listener != 'smtp'", then = true}, { else = false } ] allow-plain-text = false @@ -49,29 +49,25 @@ wait = "5s" [session.mail] #script = "mail-from" -#rewrite = [ { all-of = [ { if = "listener", ne = "smtp" }, -# { if = "rcpt", matches = "^([^.]+)@([^.]+)\.(.+)$"}, -# ], then = "${1}@${3}" }, +#rewrite = [ { if = "listener != 'smtp' & matches('^([^.]+)@([^.]+)\.(.+)$', rcpt)", then = "$1 + '@' + $3" }, # { else = false } ] [session.rcpt] #script = "greylist" -relay = [ { if = "authenticated-as", ne = "", then = true }, +relay = [ { if = "!is_empty(authenticated_as)", then = true }, { else = false } ] -#rewrite = [ { all-of = [ { if = "rcpt-domain", in-list = "%{DEFAULT_DIRECTORY}%/domains" }, -# { if = "rcpt", matches = "^([^.]+)\.([^.]+)@(.+)$"}, -# ], then = "${1}+${2}@${3}" }, +#rewrite = [ { if = "is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain) & matches('^([^.]+)\.([^.]+)@(.+)$', rcpt)", then = "$1 + '+' + $2 + '@' + $3" }, # { else = false } ] max-recipients = 25 -directory = "%{DEFAULT_DIRECTORY}%" +directory = "'%{DEFAULT_DIRECTORY}%'" [session.rcpt.errors] total = 5 wait = "5s" [session.data] -script = [ { if = "authenticated-as", eq = "", then = "spam-filter"}, - { else = "track-replies" } ] +script = [ { if = "is_empty(authenticated_as)", then = "'spam-filter'"}, + { else = "'track-replies'" } ] [session.data.limits] messages = 10 @@ -79,24 +75,24 @@ size = 104857600 received-headers = 50 [session.data.add-headers] -received = [ { if = "listener", eq = "smtp", then = true }, +received = [ { if = "listener = 'smtp'", then = true }, { else = false } ] -received-spf = [ { if = "listener", eq = "smtp", then = true }, +received-spf = [ { if = "listener = 'smtp'", then = true }, { else = false } ] -auth-results = [ { if = "listener", eq = "smtp", then = true }, +auth-results = [ { if = "listener = 'smtp'", then = true }, { else = false } ] -message-id = [ { if = "listener", eq = "smtp", then = false }, +message-id = [ { if = "listener = 'smtp'", then = false }, { else = true } ] -date = [ { if = "listener", eq = "smtp", then = false }, +date = [ { if = "listener = 'smtp'", then = false }, { else = true } ] return-path = false [[session.throttle]] -#match = {if = "remote-ip", eq = "10.0.0.1"} -key = ["remote-ip"] +#match = "remote_ip = '10.0.0.1'" +key = ["remote_ip"] concurrency = 5 #rate = "5/1h" [[session.throttle]] -key = ["sender-domain", "rcpt"] +key = ["sender_domain", "rcpt"] rate = "25/1h" diff --git a/tests/resources/scripts/create_test_env.sh b/tests/resources/scripts/create_test_env.sh index 8f61a22b..4ee7628e 100644 --- a/tests/resources/scripts/create_test_env.sh +++ b/tests/resources/scripts/create_test_env.sh @@ -10,6 +10,11 @@ DOMAIN="example.org" STORE="rocksdb" FTS_STORE="rocksdb" BLOB_STORE="rocksdb" +#STORE="sqlite" +#FTS_STORE="sqlite" +#BLOB_STORE="sqlite" +FEATURES="foundationdb postgres mysql rocks elastic s3 redis" +#FEATURES="sqlite" # Directories DIRECTORY="internal" @@ -59,5 +64,5 @@ mkdir -p $BASE_DIR/etc/dkim openssl genpkey -algorithm RSA -out $BASE_DIR/etc/dkim/$DOMAIN.key # Create admin user -SET_ADMIN_USER="admin" SET_ADMIN_PASS="secret" cargo run -p mail-server --no-default-features --features "foundationdb postgres mysql rocks elastic s3 redis" -- --config=/tmp/stalwart-test/etc/config.toml -cargo run -p mail-server --no-default-features --features "foundationdb postgres mysql rocks elastic s3 redis" -- --config=/tmp/stalwart-test/etc/config.toml +SET_ADMIN_USER="admin" SET_ADMIN_PASS="secret" cargo run -p mail-server --no-default-features --features "$FEATURES" -- --config=/tmp/stalwart-test/etc/config.toml +cargo run -p mail-server --no-default-features --features "$FEATURES" -- --config=/tmp/stalwart-test/etc/config.toml diff --git a/tests/src/imap/mod.rs b/tests/src/imap/mod.rs index a0d7254a..c5a1a54c 100644 --- a/tests/src/imap/mod.rs +++ b/tests/src/imap/mod.rs @@ -93,9 +93,9 @@ certificate = "default" reject-non-fqdn = false [session.rcpt] -relay = [ { if = "authenticated-as", ne = "", then = true }, +relay = [ { if = "!is_empty(authenticated_as)", then = true }, { else = false } ] -directory = "auth" +directory = "'auth'" [session.rcpt.errors] total = 5 @@ -113,8 +113,8 @@ hash = 64 type = "system" [queue.outbound] -next-hop = [ { if = "rcpt-domain", in-list = "local/domains", then = "local" }, - { if = "rcpt-domain", in-list = "local/remote-domains", then = "mock-smtp" }, +next-hop = [ { if = "key_exists('local/domains', rcpt_domain)", then = "'local'" }, + { if = "key_exists('local/remote-domains', rcpt_domain)", then = "'mock-smtp'" }, { else = false } ] [remote."mock-smtp"] @@ -127,7 +127,7 @@ implicit = false allow-invalid-certs = true [session.extensions] -future-release = [ { if = "authenticated-as", ne = "", then = "99999999d"}, +future-release = [ { if = "!is_empty(authenticated_as)", then = "99999999d"}, { else = false } ] [store."sqlite"] diff --git a/tests/src/jmap/mod.rs b/tests/src/jmap/mod.rs index b356dbf8..ffe24fe4 100644 --- a/tests/src/jmap/mod.rs +++ b/tests/src/jmap/mod.rs @@ -105,9 +105,9 @@ fail2ban = "101/5s" reject-non-fqdn = false [session.rcpt] -relay = [ { if = "authenticated-as", ne = "", then = true }, +relay = [ { if = "!is_empty(authenticated_as)", then = true }, { else = false } ] -directory = "auth" +directory = "'auth'" [session.rcpt.errors] total = 5 @@ -125,8 +125,8 @@ hash = 64 type = "system" [queue.outbound] -next-hop = [ { if = "rcpt-domain", in-list = "local/domains", then = "local" }, - { if = "rcpt-domain", in-list = "local/remote-domains", then = "mock-smtp" }, +next-hop = [ { if = "key_exists('local/domains', rcpt_domain)", then = "'local'" }, + { if = "key_exists('local/remote-domains', rcpt_domain)", then = "'mock-smtp'" }, { else = false } ] [remote."mock-smtp"] @@ -139,7 +139,7 @@ implicit = false allow-invalid-certs = true [session.extensions] -future-release = [ { if = "authenticated-as", ne = "", then = "99999999d"}, +future-release = [ { if = "!is_empty(authenticated_as)", then = "99999999d"}, { else = false } ] [store."sqlite"]