From 7a62e15de8455c3aaad25dbda5a9299dbb6010df Mon Sep 17 00:00:00 2001
From: Janosch Rux <jru@netuse.de>
Date: Mon, 24 Jul 2023 11:38:34 +0200
Subject: [PATCH] Add --spoofed-sender-list to test multiple spoofed addresses

Extends the Spoofed Sender Address test so that optionally
a list of sender addresses can be supplied via a file.

Also adds the used address to the subject.
---
 mail-tester.py    |  3 ++-
 tests/impostor.py | 19 +++++++++++--------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/mail-tester.py b/mail-tester.py
index dfee902..b2f2c5e 100755
--- a/mail-tester.py
+++ b/mail-tester.py
@@ -81,7 +81,8 @@ def convert_arg_line_to_args(self, line : str):
 argparser.add_argument("--log", "-L", help="Test result log in CSV format")
 argparser.add_argument("--output", "-o", help="Dump tests into files in this path. By default one plain file is created per message. Further formats can be created by usage of --mbox and --maildir.")
 argparser.add_argument("--backconnect-domain", "-b", default="localhost", help="Domain that is used for test cases where a communication backchannel is required. This should be a domain that allows the recognition of DNS queries.")
-argparser.add_argument("--spoofed-sender", "-F", help="Mail address used for testing of internal sender spoofing from the Internet. If this is not set, the first recipient address is used.")
+argparser.add_argument("--spoofed-sender", "-F", default=None, help="Mail address used for testing of internal sender spoofing from the Internet. If this is not set, the first recipient address is used.")
+argparser.add_argument("--spoofed-sender-list", default=None, help="File to read emails from for testing internal sender spoofing. See --spoofed-sender")
 argparser.add_argument("--blacklist", "-B", action=BlacklistArgumentParser, default=list(), nargs="+", help="Files containing black lists. One mail address per line. Entries beginning with @ are prepended with local part 'test'.")
 argparser.add_argument("--spam-folder", "-j", nargs="+", default=list(), help="Folder with spam messages in EML format")
 argparser.add_argument("--malware-folder", "-w", default=list(), nargs="+", help="Folder with malware samples that are sent as attachment")
diff --git a/tests/impostor.py b/tests/impostor.py
index ff7fcb1..d68bc0e 100644
--- a/tests/impostor.py
+++ b/tests/impostor.py
@@ -87,16 +87,19 @@ class LocalSenderTest(MailTestBase):
     name = "Spoofed Sender Address"
     description = "Mail with internal sender address sent from the Internet"
 
-    subject = "Spoofed Sender"
+    subject = "Spoofed Sender from {}"
     body = "This is s test mail with spoofed sender address"
 
     def generateTestCases(self):
-        if self.args.spoofed_sender is None:
-            spoofed_sender = self.recipient
+        if self.args.spoofed_sender:
+            spoofed_senders = [self.args.spoofed_sender]
+        elif self.args.spoofed_sender_list:
+            spoofed_senders = open(self.args.spoofed_sender_list).readlines()
         else:
-            spoofed_sender = self.args.spoofed_sender
+            spoofed_senders = [self.recipient]
 
-        msg = MIMEText(self.body)
-        msg["Subject"] = self.subject
-        msg["From"] = spoofed_sender
-        yield msg
+        for spoofed_sender in spoofed_senders:
+            msg = MIMEText(self.body)
+            msg["Subject"] = self.subject.format(spoofed_sender)
+            msg["From"] = spoofed_sender
+            yield msg