config: disable SMTP authentication on port 25 (#3006)

* postfix: remove smtpd_sasl_auth_enable global setting * tests: disable auth on 25 port * tests: revert ldap-smtp-auth-spoofed-sender-with-filter-exception.txt * Skip failing test The test seems to have been broken from the beginning. Sadly, no LDAP maintainers can verify. Added a TODO item if ever a LDAP maintainer comes around. * Apply PR feedback --------- Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2025-08-08 23:06:49 +02:00 · 2023-02-23 20:19:39 +06:00
parent 4e82d4de54
commit 199e3c7721
8 changed files with 44 additions and 23 deletions
--- a/test/tests/serial/tests.bats
+++ b/test/tests/serial/tests.bats
@ -483,12 +483,12 @@ EOF
@test "spoofing: rejects sender forging" {
  # rejection of spoofed sender
  _wait_for_smtp_port_in_container_to_respond
-  _run_in_container_bash "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-spoofed.txt"
+  _run_in_container_bash "openssl s_client -quiet -connect 0.0.0.0:465 < /tmp/docker-mailserver-test/auth/added-smtp-auth-spoofed.txt"
  assert_output --partial 'Sender address rejected: not owned by user'
 }

@test "spoofing: accepts sending as alias" {
-  _run_in_container_bash "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-spoofed-alias.txt | grep 'End data with'"
+  _run_in_container_bash "openssl s_client -quiet -connect 0.0.0.0:465 < /tmp/docker-mailserver-test/auth/added-smtp-auth-spoofed-alias.txt | grep 'End data with'"
  assert_success
 }