+# * mail monitoring / testing
+
+# note, to test clamav, send an email with body that only contains
+# https://en.wikipedia.org/wiki/EICAR_test_file
+# which set malware_name to Eicar-Signature
+case $HOSTNAME in
+ $MAIL_HOST|bk|je)
+ # note: cronjob "ian" also does some important monitoring
+ # todo: this will sometimes cause an alert because mailtest-check will run
+ # before we have setup network namespace and spamassassin
+ u /etc/cron.d/mailtest <<EOF
+SHELL=/bin/bash
+PATH=/usr/bin:/bin:/usr/local/bin
+MAILTO=daylert@iankelling.org
+*/5 * * * * $u send-test-forward |& log-once send-test-forward
+*/10 * * * * root chmod -R g+rw /m/md/bounces |& log-once -1 bounces-chmod
+# if a bounce happened yesterday, dont let it slip through the cracks
+8 1 * * * root export MAILTO=alerts@iankelling.org; [[ -s /var/log/exim4/mainlog.1 ]] && awk '\$5 == "**"' /var/log/exim4/mainlog.1
+EOF
+
+
+ m sudo rsync -ahhi --chown=root:root --chmod=0755 \
+ /b/ds/mailtest-check /b/ds/check-remote-mailqs /usr/local/bin/
+ u /etc/systemd/system/mailtest-check.service <<'EOF'
+[Unit]
+Description=mailtest-check
+After=local-fs.target
+StartLimitIntervalSec=0
+
+[Service]
+# avoid fans spinning up
+CPUQuota=22%
+Type=simple
+ExecStart=/usr/local/bin/mailtest-check slow
+Restart=always
+RestartSec=60
+
+[Install]
+WantedBy=graphical.target
+EOF
+ sysd-prom-fail-install mailtest-check
+ ;;&
+ $MAIL_HOST)
+ test_froms=(ian@iankelling.org z@zroe.org iank@gnu.org)
+ test_tos=(testignore@expertpathologyreview.com testignore@je.b8.nz testignore@amnimal.ninja jtuttle@gnu.org)
+
+ cat >>/etc/cron.d/mailtest <<EOF
+# 10 am friday
+0 10 * * 5 root echo "weekly alert. You are not in the matrix."
+2 * * * * root check-remote-mailqs |& log-once check-remote-mailqs
+EOF
+ ;;&
+ bk)
+ test_froms=(testignore@amnimal.ninja testignore@expertpathologyreview.com)
+ test_tos=(testignore@iankelling.org testignore@je.b8.nz)
+ # We dont need to send from different addresses to the same
+ # address. this breaks down our nice elegant logic of building up
+ # froms and tos , so I just handle expertpath in a special case
+ # below and set the to: to be testignore@zroe.org. If we did sent
+ # that way, it would also mess up our mailtest-check logic that
+ # finds which messages to check.
+ # for example: from testignore@amnimal.ninja to: testignore@iankelling.org testignore@zroe.org
+ # that would become 2 messages and we'd only check 1.
+ ;;&
+ je)
+ test_froms=(testignore@je.b8.nz)
+ test_tos=(testignore@iankelling.org testignore@zroe.org testignore@expertpathologyreview.com testignore@amnimal.ninja)
+ ;;&
+ $MAIL_HOST|bk|je)
+
+ # Dont put these test messages into the sent folder or else it will
+ # overwhelm it, plus i dont want to save a copy at all.
+ # Plus addresses we generally want to ignore.
+ u /etc/exim4/ignore-sent <<EOF
+$(printf "%s\n" ${test_tos[@]})
+vojdedIdNejyebni@b8.nz
+b@eximbackup.b8.nz
+EOF
+
+ cat >/usr/local/bin/send-test-forward <<'EOF'
+#!/bin/bash
+# we remove from the queue older than 4.3 minutes since we send every 5 minutes.
+olds=(
+$(/usr/sbin/exiqgrep -o 260 -i -r '^(testignore@(iankelling\.org|zroe\.org|expertpathologyreview\.com|amnimal\.ninja|je\.b8\.nz)|jtuttle@gnu\.org)$')
+)
+if (( ${#olds[@]} )); then
+ /usr/sbin/exim -Mrm "${olds[@]}" >/dev/null
+fi
+EOF
+ for test_from in ${test_froms[@]}; do
+
+ test_to=${test_tos[0]}
+ for t in ${test_tos[@]:1}; do
+ if [[ $test_from == *@gnu.org && $t == *@gnu.org ]]; then
+ continue
+ fi
+ test_to+=", $t"
+ done
+ case $test_from in
+ testignore@expertpathologyreview.com)
+ test_to=testignore@zroe.org
+ ;;
+ esac
+
+ cat >>/usr/local/bin/send-test-forward <<EOFOUTER
+/usr/sbin/exim -odf -f $test_from -t <<EOF
+From: $test_from
+To: $test_to
+Subject: test \$(date +%Y-%m-%dT%H:%M:%S%z) \$EPOCHSECONDS
+
+/usr/local/bin/send-test-forward
+EOF
+EOFOUTER
+ done
+ m chmod +x /usr/local/bin/send-test-forward
+ ;;
+ *)
+ soff mailtest-check.service
+ rm -fv /etc/cron.d/mailtest \
+ /var/lib/prometheus/node-exporter/mailtest-check.prom* \
+ /var/local/cron-errors/check-remote-mailqs*
+ ;;
+esac
+
+