[pmg-devel] [PATCH log-tracker 2/2] tests: add clamd signature found log test

Mira Limbeck m.limbeck at proxmox.com
Wed Jul 19 17:13:52 CEST 2023 

Signed-off-by: Mira Limbeck <m.limbeck at proxmox.com>
---
 ...st_input_after_queue_clamd_signature_found | 13 +++++++++
 ...t_output_after_queue_clamd_signature_found | 29 +++++++++++++++++++
 tests/tests_after_queue.rs                    | 24 +++++++++++++++
 3 files changed, 66 insertions(+)
 create mode 100644 tests/test_input_after_queue_clamd_signature_found
 create mode 100644 tests/test_output_after_queue_clamd_signature_found

diff --git a/tests/test_input_after_queue_clamd_signature_found b/tests/test_input_after_queue_clamd_signature_found
new file mode 100644
index 0000000..72d24eb
--- /dev/null
+++ b/tests/test_input_after_queue_clamd_signature_found
@@ -0,0 +1,13 @@
+2023-07-19T16:04:27.415550+02:00 pmg postfix/smtpd[1165]: connect from pmghost.mydomain.tld[192.168.1.001]
+2023-07-19T16:04:27.415823+02:00 pmg postfix/smtpd[1165]: 65810380099: client=pmghost.mydomain.tld[192.168.1.001]
+2023-07-19T16:04:27.459569+02:00 pmg postfix/cleanup[1169]: 65810380099: message-id=<redacted:msgid>
+2023-07-19T16:04:27.473604+02:00 pmg postfix/qmgr[746]: 65810380099: from=<redacted:return-path at domain.tld>, size=1968, nrcpt=1 (queue active)
+2023-07-19T16:04:27.473656+02:00 pmg postfix/smtpd[1165]: disconnect from pmghost.mydomain.tld[192.168.1.001] ehlo=1 mail=1 rcpt=1 data=1 commands=4
+2023-07-19T16:04:27.519674+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: new mail message-id=<redacted:msgid>#012
+2023-07-19T16:04:27.528730+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+2023-07-19T16:04:27.528789+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+2023-07-19T16:04:27.528963+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: virus detected: Eicar-Signature (clamav)
+2023-07-19T16:04:27.538824+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: moved mail for <redacted:recipient at mydomain.tld> to virus quarantine - 3835A764B7ED6B8146A (rule: block all)
+2023-07-19T16:04:27.543650+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: processing time: 0.023 seconds (0, 0.009, 0)
+2023-07-19T16:04:27.543837+02:00 pmg postfix/lmtp[1170]: 65810380099: to=<redacted:recipient at mydomain.tld>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.13, delays=0.06/0/0.04/0.03, dsn=2.5.0, status=sent (250 2.5.0 OK (38089764B7ED6B7DE74))
+2023-07-19T16:04:27.543930+02:00 pmg postfix/qmgr[746]: 65810380099: removed
diff --git a/tests/test_output_after_queue_clamd_signature_found b/tests/test_output_after_queue_clamd_signature_found
new file mode 100644
index 0000000..fde5459
--- /dev/null
+++ b/tests/test_output_after_queue_clamd_signature_found
@@ -0,0 +1,29 @@
+# LogReader: 3430
+# Query options
+# Start: 2023-07-19 00:00:00 (1689724800)
+# End: 2023-07-20 00:00:00 (1689811200)
+# End Query Options
+
+QENTRY: 65810380099
+CTIME: 64B8098B
+SIZE: 1968
+CLIENT: pmghost.mydomain.tld[192.168.1.001]
+MSGID: <redacted:msgid>
+TO:64B8098B:65810380099:Q: from <redacted:return-path at domain.tld> to <redacted:recipient at mydomain.tld> (3835A764B7ED6B8146A)
+SMTP:
+L00000001 2023-07-19T16:04:27.415550+02:00 pmg postfix/smtpd[1165]: connect from pmghost.mydomain.tld[192.168.1.001]
+L00000002 2023-07-19T16:04:27.415823+02:00 pmg postfix/smtpd[1165]: 65810380099: client=pmghost.mydomain.tld[192.168.1.001]
+L00000005 2023-07-19T16:04:27.473656+02:00 pmg postfix/smtpd[1165]: disconnect from pmghost.mydomain.tld[192.168.1.001] ehlo=1 mail=1 rcpt=1 data=1 commands=4
+FILTER: 38089764B7ED6B7DE74
+L00000006 2023-07-19T16:04:27.519674+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: new mail message-id=<redacted:msgid>#012
+L00000007 2023-07-19T16:04:27.528730+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+L00000008 2023-07-19T16:04:27.528789+02:00 pmg clamd[638]: /var/spool/pmg/active/38089764B7ED6B7DE74: Eicar-Signature FOUND
+L00000009 2023-07-19T16:04:27.528963+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: virus detected: Eicar-Signature (clamav)
+L0000000A 2023-07-19T16:04:27.538824+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: moved mail for <redacted:recipient at mydomain.tld> to virus quarantine - 3835A764B7ED6B8146A (rule: block all)
+L0000000B 2023-07-19T16:04:27.543650+02:00 pmg pmg-smtp-filter[783]: 38089764B7ED6B7DE74: processing time: 0.023 seconds (0, 0.009, 0)
+QMGR:
+L00000003 2023-07-19T16:04:27.459569+02:00 pmg postfix/cleanup[1169]: 65810380099: message-id=<redacted:msgid>
+L00000004 2023-07-19T16:04:27.473604+02:00 pmg postfix/qmgr[746]: 65810380099: from=<redacted:return-path at domain.tld>, size=1968, nrcpt=1 (queue active)
+L0000000C 2023-07-19T16:04:27.543837+02:00 pmg postfix/lmtp[1170]: 65810380099: to=<redacted:recipient at mydomain.tld>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.13, delays=0.06/0/0.04/0.03, dsn=2.5.0, status=sent (250 2.5.0 OK (38089764B7ED6B7DE74))
+L0000000D 2023-07-19T16:04:27.543930+02:00 pmg postfix/qmgr[746]: 65810380099: removed
+
diff --git a/tests/tests_after_queue.rs b/tests/tests_after_queue.rs
index 8e13564..b6e08b3 100644
--- a/tests/tests_after_queue.rs
+++ b/tests/tests_after_queue.rs
@@ -202,3 +202,27 @@ fn after_queue_duplicate_msgid() {
     let output_reader = BufReader::new(&output.stdout[..]);
     utils::compare_output(output_reader, expected_output);
 }
+
+#[test]
+fn after_queue_clamd_signature_found() {
+    let output = Command::new("faketime")
+        .env("TZ", "Europe/Vienna")
+        .arg("2023-07-20 23:59:59")
+        .arg(utils::log_tracker_path())
+        .arg("-vv")
+        .arg("-s")
+        .arg("2023-07-19 00:00:00")
+        .arg("-e")
+        .arg("2023-07-20 00:00:00")
+        .arg("-i")
+        .arg("tests/test_input_after_queue_clamd_signature_found")
+        .output()
+        .expect("failed to execute pmg-log-tracker");
+
+    let expected_file = File::open("tests/test_output_after_queue_clamd_signature_found")
+        .expect("failed to open test_output");
+
+    let expected_output = BufReader::new(&expected_file);
+    let output_reader = BufReader::new(&output.stdout[..]);
+    utils::compare_output(output_reader, expected_output);
+}
-- 
2.39.2

More information about the pmg-devel mailing list