X-Git-Url: https://iankelling.org/git/?p=distro-setup;a=blobdiff_plain;f=mailtest-check;h=7adec9281f094932ae30efee2651bbf3f65ac8cd;hp=036aeff1a2faf981367d7ff69f9ebb98cff26a58;hb=HEAD;hpb=d6def754cd241538c61456536b52ee51cbd85b42 diff --git a/mailtest-check b/mailtest-check index 036aeff..856d774 100755 --- a/mailtest-check +++ b/mailtest-check @@ -1,14 +1,35 @@ #!/bin/bash +# I, Ian Kelling, follow the GNU license recommendations at +# https://www.gnu.org/licenses/license-recommendations.en.html. They +# recommend that small programs, < 300 lines, be licensed under the +# Apache License 2.0. This file contains or is part of one or more small +# programs. If a small program grows beyond 300 lines, I plan to switch +# its license to GPL. -# Usage: mail-test-check [slow] [anything] +# Copyright 2024 Ian Kelling + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Usage: mail-test-check [slow] [int|nonint] # # slow: do slow checks, like spamassassin # -# anything: consider non-interactive, dont print unless something went +# for non-interactive, dont print unless something went # wrong -source /b/errhandle/err +source /b/bash-bear-trap/bash-bear [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@" @@ -19,7 +40,7 @@ e() { $int || return 0; printf "mailtest-check: %s\n" "$*"; } getspamdpid() { if [[ ! $spamdpid || ! -d /proc/$spamdpid ]]; then # try twice in case we are restarting, it happens. - for i in 1 2; do + for (( i=0; i<2; i++ )); do spamdpid=$(systemctl show --property MainPID --value spamassassin | sed 's/^[10]$//' ||:) if [[ $spamdpid ]]; then break @@ -28,11 +49,6 @@ getspamdpid() { done fi } -pr() { - if $doprom && [[ -e /var/lib/prometheus/node-exporter ]]; then - cat >>/var/lib/prometheus/node-exporter/mailtest-check.prom.$$ - fi -} #### begin arg processing #### @@ -81,6 +97,7 @@ esac main() { + local -a p_unexpected_spamd_results p_missing_dnswl p_last_usec case $HOSTNAME in bk) folders=(/m/md/{expertpathologyreview.com,amnimal.ninja}/testignore) @@ -92,7 +109,7 @@ main() { ;; *) folders=(/m/md/l/testignore) - froms=(testignore@je.b8.nz testignore@expertpathologyreview.com testignore@amnimal.ninja ian@iankelling.org z@zroe.org iank@gnu.org) + froms=(testignore@je.b8.nz testignore@expertpathologyreview.com testignore@amnimal.ninja ian@iankelling.org z@zroe.org) if ! $int; then ### begin rsyncing fencepost email ### # We dont want to exit if rsync fails, that will get caught by @@ -149,7 +166,7 @@ EOF for folder in ${folders[@]}; do for from in ${froms[@]}; do declare -i missing_dnswl=0 - declare -i dnsfail=0 + #declare -i dnsfail=0 declare -i unexpected=0 latest= last_sec=0 @@ -199,6 +216,10 @@ EOF # it seems like some versions of spamassassin do BODY_SINGLE_WORD, others dont, we dun care. # bayes_00 is a new one indicating ham, we dont care if its missing. BAYES_00|BODY_SINGLE_WORD|FROM_FMBLA_NEWDOM*|autolearn) : ;; + + # These have somewhat randomly been added and removed, resulting in useless alerts, so ignore them. + RCVD_IN_DNSWL_MED|DKIMWL_WL_HIGH) : ;; + SPF_HELO_NEUTRAL) # some of my domains use neutral spf, treat them the same. results[SPF_HELO_PASS]=t @@ -215,12 +236,7 @@ EOF keys=(DKIM_SIGNED DKIM_VALID{,_AU,_EF} SPF_HELO_PASS SPF_PASS TVD_SPACE_RATIO) if [[ $to == *@gnu.org && $from == *@gnu.org ]]; then keys=(ALL_TRUSTED TVD_SPACE_RATIO) - elif [[ $to == *@gnu.org ]]; then - # eggs has RCVD_IN_DNSWL_MED - keys+=(RCVD_IN_DNSWL_MED) - elif [[ $from == *@gnu.org ]]; then - # eggs has this. it used to have DKIMWL_WL_HIGH sometime in 2022 - keys+=(RCVD_IN_DNSWL_MED) + # from eggs had DKIMWL_WL_HIGH sometime in 2022, then DKIMWL_WL_MED unti march 2023 fi for t in ${keys[@]}; do @@ -262,13 +278,13 @@ EOF # echo mailtest-check: cat $latest: # cat $latest # echo mailtest-check: end of cat - # echo "$(tput setaf 5 2>/dev/null ||:)█$(tput sgr0 2>/dev/null||:)%.0s" $(eval echo "{1..${COLUMNS:-60}}") #fi fi rm -f $resultfile for r in ${results[@]}; do case $r in - # iank: for when we want to handle dns errors differently + # iank: for when we want to handle dns errors differently. + # also uncomment declaration of dnsfail above. # DKIM_INVALID|T_SPF_TEMPERROR|T_SPF_HELO_TEMPERROR) # dnsfail+=1 # ;; @@ -278,21 +294,19 @@ EOF esac done for miss in ${missing[@]}; do - # We expect dns failures from time to time, so - # we count them separately and alert differently. + # At some point we had annoying dns failures that we couldn't solve so we + # we counted dns fail related results separately and alert differently. + # DKIM_VALID|DKIM_VALID_AU|DKIM_VALID_EF|SPF_HELO_PASS|SPF_PASS| case $miss in - # iank: dns fail - # DKIM_VALID|DKIM_VALID_AU|DKIM_VALID_EF|SPF_HELO_PASS|SPF_PASS| - RCVD_IN_DNSWL_MED|DKIMWL_WL_HIGH) - missing_dnswl+=1 - ;; *) unexpected+=1 ;; esac done - pr <>$path + done + for l in "${p_missing_dnswl[@]}"; do + printf "%s\n" "$l" >>$path + done + for l in "${p_last_usec[@]}"; do + printf "%s\n" "$l" >>$path + done + mv $path $dir/mailtest-check.prom # note: node_textfile_mtime_seconds will tell us when this last happened. useful for debugging. fi }