From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mira@nena.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 7CB91EA48
 for <pmg-devel@lists.proxmox.com>; Wed, 19 Jul 2023 17:14:28 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 5FABA9FB4
 for <pmg-devel@lists.proxmox.com>; Wed, 19 Jul 2023 17:13:58 +0200 (CEST)
Received: from nena.proxmox.com (unknown [94.136.29.99])
 by firstgate.proxmox.com (Proxmox) with ESMTP
 for <pmg-devel@lists.proxmox.com>; Wed, 19 Jul 2023 17:13:54 +0200 (CEST)
Received: by nena.proxmox.com (Postfix, from userid 1000)
 id 4901E2F0DF2; Wed, 19 Jul 2023 17:13:54 +0200 (CEST)
From: Mira Limbeck <m.limbeck@proxmox.com>
To: pmg-devel@lists.proxmox.com
Date: Wed, 19 Jul 2023 17:13:52 +0200
Message-Id: <20230719151352.1438974-2-m.limbeck@proxmox.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230719151352.1438974-1-m.limbeck@proxmox.com>
References: <20230719151352.1438974-1-m.limbeck@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.626 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pmg-devel] [PATCH log-tracker 2/2] tests: add clamd signature
 found log test
X-BeenThere: pmg-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Mail Gateway development discussion
 <pmg-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pmg-devel/>
List-Post: <mailto:pmg-devel@lists.proxmox.com>
List-Help: <mailto:pmg-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2023 15:14:28 -0000

Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
---
 ...st_input_after_queue_clamd_signature_found | 13 +++++++++
 ...t_output_after_queue_clamd_signature_found | 29 +++++++++++++++++++
 tests/tests_after_queue.rs                    | 24 +++++++++++++++
 3 files changed, 66 insertions(+)
 create mode 100644 tests/test_input_after_queue_clamd_signature_found
 create mode 100644 tests/test_output_after_queue_clamd_signature_found

diff --git a/tests/test_input_after_queue_clamd_signature_found b/tests/test_input_after_queue_clamd_signature_found
new file mode 100644
index 0000000..72d24eb
--- /dev/null
+++ b/tests/test_input_after_queue_clamd_signature_found
@@ -0,0 +1,13 @@
+2023-07-19T16:04:27.415550+02:00 pmg postfix/smtpd[1165]: connect from pmghost.mydomain.tld[192.168.1.001]
+2023-07-19T16:04:27.415823+02:00 pmg postfix/smtpd[1165]: 65810380099: client=pmghost.mydomain.tld[192.168.1.001]
+2023-07-19T16:04:27.459569+02:00 pmg postfix/cleanup[1169]: 65810380099: message-id=<redacted:msgid>
+2023-07-19T16:04:27.473604+02:00 pmg postfix/qmgr[746]: 65810380099: from=<redacted:return-path@domain.tld>, size=1968, nrcpt=1 (queue active)
+2023-07-19T16:04:27.473656+02:00 pmg postfix/smtpd[1165]: disconnect from pmghost.mydomain.tld[192.168.1.001] ehlo=1 mail=1 rcpt=1 data=1 commands=4
+2023-07-19T16:04:27.519674+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: new mail message-id=<redacted:msgid>#012
+2023-07-19T16:04:27.528730+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+2023-07-19T16:04:27.528789+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+2023-07-19T16:04:27.528963+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: virus detected: Eicar-Signature (clamav)
+2023-07-19T16:04:27.538824+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: moved mail for <redacted:recipient@mydomain.tld> to virus quarantine - 3835A764B7ED6B8146A (rule: block all)
+2023-07-19T16:04:27.543650+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: processing time: 0.023 seconds (0, 0.009, 0)
+2023-07-19T16:04:27.543837+02:00 pmg postfix/lmtp[1170]: 65810380099: to=<redacted:recipient@mydomain.tld>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.13, delays=0.06/0/0.04/0.03, dsn=2.5.0, status=sent (250 2.5.0 OK (38089764B7ED6B7DE74))
+2023-07-19T16:04:27.543930+02:00 pmg postfix/qmgr[746]: 65810380099: removed
diff --git a/tests/test_output_after_queue_clamd_signature_found b/tests/test_output_after_queue_clamd_signature_found
new file mode 100644
index 0000000..fde5459
--- /dev/null
+++ b/tests/test_output_after_queue_clamd_signature_found
@@ -0,0 +1,29 @@
+# LogReader: 3430
+# Query options
+# Start: 2023-07-19 00:00:00 (1689724800)
+# End: 2023-07-20 00:00:00 (1689811200)
+# End Query Options
+
+QENTRY: 65810380099
+CTIME: 64B8098B
+SIZE: 1968
+CLIENT: pmghost.mydomain.tld[192.168.1.001]
+MSGID: <redacted:msgid>
+TO:64B8098B:65810380099:Q: from <redacted:return-path@domain.tld> to <redacted:recipient@mydomain.tld> (3835A764B7ED6B8146A)
+SMTP:
+L00000001 2023-07-19T16:04:27.415550+02:00 pmg postfix/smtpd[1165]: connect from pmghost.mydomain.tld[192.168.1.001]
+L00000002 2023-07-19T16:04:27.415823+02:00 pmg postfix/smtpd[1165]: 65810380099: client=pmghost.mydomain.tld[192.168.1.001]
+L00000005 2023-07-19T16:04:27.473656+02:00 pmg postfix/smtpd[1165]: disconnect from pmghost.mydomain.tld[192.168.1.001] ehlo=1 mail=1 rcpt=1 data=1 commands=4
+FILTER: 38089764B7ED6B7DE74
+L00000006 2023-07-19T16:04:27.519674+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: new mail message-id=<redacted:msgid>#012
+L00000007 2023-07-19T16:04:27.528730+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+L00000008 2023-07-19T16:04:27.528789+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+L00000009 2023-07-19T16:04:27.528963+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: virus detected: Eicar-Signature (clamav)
+L0000000A 2023-07-19T16:04:27.538824+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: moved mail for <redacted:recipient@mydomain.tld> to virus quarantine - 3835A764B7ED6B8146A (rule: block all)
+L0000000B 2023-07-19T16:04:27.543650+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: processing time: 0.023 seconds (0, 0.009, 0)
+QMGR:
+L00000003 2023-07-19T16:04:27.459569+02:00 pmg postfix/cleanup[1169]: 65810380099: message-id=<redacted:msgid>
+L00000004 2023-07-19T16:04:27.473604+02:00 pmg postfix/qmgr[746]: 65810380099: from=<redacted:return-path@domain.tld>, size=1968, nrcpt=1 (queue active)
+L0000000C 2023-07-19T16:04:27.543837+02:00 pmg postfix/lmtp[1170]: 65810380099: to=<redacted:recipient@mydomain.tld>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.13, delays=0.06/0/0.04/0.03, dsn=2.5.0, status=sent (250 2.5.0 OK (38089764B7ED6B7DE74))
+L0000000D 2023-07-19T16:04:27.543930+02:00 pmg postfix/qmgr[746]: 65810380099: removed
+
diff --git a/tests/tests_after_queue.rs b/tests/tests_after_queue.rs
index 8e13564..b6e08b3 100644
--- a/tests/tests_after_queue.rs
+++ b/tests/tests_after_queue.rs
@@ -202,3 +202,27 @@ fn after_queue_duplicate_msgid() {
     let output_reader = BufReader::new(&output.stdout[..]);
     utils::compare_output(output_reader, expected_output);
 }
+
+#[test]
+fn after_queue_clamd_signature_found() {
+    let output = Command::new("faketime")
+        .env("TZ", "Europe/Vienna")
+        .arg("2023-07-20 23:59:59")
+        .arg(utils::log_tracker_path())
+        .arg("-vv")
+        .arg("-s")
+        .arg("2023-07-19 00:00:00")
+        .arg("-e")
+        .arg("2023-07-20 00:00:00")
+        .arg("-i")
+        .arg("tests/test_input_after_queue_clamd_signature_found")
+        .output()
+        .expect("failed to execute pmg-log-tracker");
+
+    let expected_file = File::open("tests/test_output_after_queue_clamd_signature_found")
+        .expect("failed to open test_output");
+
+    let expected_output = BufReader::new(&expected_file);
+    let output_reader = BufReader::new(&output.stdout[..]);
+    utils::compare_output(output_reader, expected_output);
+}
-- 
2.39.2