diff --git a/bin/tests/system/emptyzones/ns1/named2.conf.in b/bin/tests/system/emptyzones/ns1/named.conf.j2
similarity index 88%
rename from bin/tests/system/emptyzones/ns1/named2.conf.in
rename to bin/tests/system/emptyzones/ns1/named.conf.j2
index 89fe2b475c..2787ccba75 100644
--- a/bin/tests/system/emptyzones/ns1/named2.conf.in
+++ b/bin/tests/system/emptyzones/ns1/named.conf.j2
@@ -44,6 +44,11 @@ zone "." {
 	file "root.hint";
 };
 
+{% set automatic_empty_zones = automatic_empty_zones | default(False) %}
+{% if automatic_empty_zones %}
 zone "1.10.in-addr.arpa" {
 	type primary; file "empty.db";
 };
+{% else %}
+include "rfc1918.zones";
+{% endif %}
diff --git a/bin/tests/system/emptyzones/ns1/named1.conf.in b/bin/tests/system/emptyzones/ns1/named1.conf.in
deleted file mode 100644
index 4aad843482..0000000000
--- a/bin/tests/system/emptyzones/ns1/named1.conf.in
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0.  If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-key rndc_key {
-	algorithm       @DEFAULT_HMAC@;
-	secret          "1234abcd8765";
-};
-
-controls {
-	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
-};
-
-options {
-	query-source address 10.53.0.1;
-	notify-source 10.53.0.1;
-	transfer-source 10.53.0.1;
-	port @PORT@;
-	pid-file "named.pid";
-	listen-on { 10.53.0.1; };
-	listen-on-v6 { none; };
-	recursion yes;
-	dnssec-validation no;
-	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
-		 except-from { "example.org"; };
-	deny-answer-aliases { "example.org"; }
-		except-from { "goodcname.example.net";
-			      "gooddname.example.net"; };
-	allow-query {!10.53.0.8; any; };
-};
-
-zone "." {
-	type hint;
-	file "root.hint";
-};
-
-include "rfc1918.zones";
diff --git a/bin/tests/system/emptyzones/setup.sh b/bin/tests/system/emptyzones/setup.sh
deleted file mode 100644
index f3f0088a23..0000000000
--- a/bin/tests/system/emptyzones/setup.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0.  If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-. ../conf.sh
-
-copy_setports ns1/named1.conf.in ns1/named.conf
diff --git a/bin/tests/system/emptyzones/tests.sh b/bin/tests/system/emptyzones/tests.sh
deleted file mode 100644
index af9c88e240..0000000000
--- a/bin/tests/system/emptyzones/tests.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0.  If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-set -e
-
-. ../conf.sh
-
-DIGOPTS="-p ${PORT}"
-RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
-
-status=0
-n=0
-
-n=$((n + 1))
-echo_i "check that switching to automatic empty zones works ($n)"
-ret=0
-rndc_reload ns1 10.53.0.1
-
-copy_setports ns1/named2.conf.in ns1/named.conf
-$RNDCCMD 10.53.0.1 reload >/dev/null || ret=1
-sleep 5
-
-$DIG $DIGOPTS +vc version.bind txt ch @10.53.0.1 >/dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "check that allow-transfer { none; } works ($n)"
-ret=0
-$DIG $DIGOPTS axfr 10.in-addr.arpa @10.53.0.1 +all >dig.out.test$n || ret=1
-grep "status: REFUSED" dig.out.test$n >/dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-echo_i "exit status: $status"
-[ $status -eq 0 ] || exit 1
diff --git a/bin/tests/system/emptyzones/tests_emptyzones.py b/bin/tests/system/emptyzones/tests_emptyzones.py
new file mode 100644
index 0000000000..7a8d3966bd
--- /dev/null
+++ b/bin/tests/system/emptyzones/tests_emptyzones.py
@@ -0,0 +1,30 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+import dns.message
+
+import isctest
+
+
+def test_emptyzones(servers, templates):
+    # check that switching to automatic empty zones works
+    ns1 = servers["ns1"]
+    ns1.rndc("reload")
+    templates.render("ns1/named.conf", {"automatic_empty_zones": True})
+    ns1.rndc("reload")
+    msg = dns.message.make_query("version.bind", "TXT", "CH")
+    res = isctest.query.tcp(msg, "10.53.0.1")
+    isctest.check.noerror(res)
+
+    # check that allow-transfer { none; } works
+    msg = dns.message.make_query("10.in-addr.arpa", "AXFR")
+    res = isctest.query.tcp(msg, "10.53.0.1")
+    isctest.check.refused(res)
diff --git a/bin/tests/system/emptyzones/tests_sh_emptyzones.py b/bin/tests/system/emptyzones/tests_sh_emptyzones.py
deleted file mode 100644
index 3d4039d509..0000000000
--- a/bin/tests/system/emptyzones/tests_sh_emptyzones.py
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0.  If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-import pytest
-
-pytestmark = pytest.mark.extra_artifacts(
-    [
-        "dig.out.*",
-    ]
-)
-
-
-def test_emptyzones(run_tests_sh):
-    run_tests_sh()
diff --git a/bin/tests/system/isctest/check.py b/bin/tests/system/isctest/check.py
index d56f4ae8ee..afcc2db6ff 100644
--- a/bin/tests/system/isctest/check.py
+++ b/bin/tests/system/isctest/check.py
@@ -32,6 +32,10 @@ def notimp(message: dns.message.Message) -> None:
     rcode(message, dns_rcode.NOTIMP)
 
 
+def refused(message: dns.message.Message) -> None:
+    rcode(message, dns_rcode.REFUSED)
+
+
 def servfail(message: dns.message.Message) -> None:
     rcode(message, dns_rcode.SERVFAIL)