test/confs/5600

   1 # Exim test configuration 5600
   2 # OCSP stapling, server
   3
   4 CRL=
   5
   6 exim_path = EXIM_PATH
   7 keep_environment =
   8 host_lookup_order = bydns
   9 primary_hostname = server1.example.com
  10 rfc1413_query_timeout = 0s
  11 spool_directory = DIR/spool
  12 log_file_path = DIR/spool/log/%slog
  13 gecos_pattern = ""
  14 gecos_name = CALLER_NAME
  15
  16 # ----- Main settings -----
  17
  18 acl_smtp_rcpt = check_recipient
  19
  20 log_selector = +tls_peerdn
  21
  22 queue_only
  23 queue_run_in_order
  24
  25 tls_advertise_hosts = *
  26
  27 tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
  28 tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
  29
  30 tls_verify_hosts = HOSTIPV4
  31 tls_try_verify_hosts = *
  32 tls_verify_certificates = DIR/aux-fixed/cert2
  33 tls_crl = CRL
  34 tls_ocsp_file = OCSP
  35
  36
  37 # ------ ACL ------
  38
  39 begin acl
  40
  41 check_recipient:
  42   deny     message = certificate not verified: peerdn=$tls_peerdn
  43          ! verify = certificate
  44   accept
  45
  46
  47 # ----- Routers -----
  48
  49 begin routers
  50
  51 abc:
  52   driver = accept
  53   retry_use_local_part
  54   transport = local_delivery
  55
  56
  57 # ----- Transports -----
  58
  59 begin transports
  60
  61 local_delivery:
  62   driver = appendfile
  63   file = DIR/test-mail/$local_part
  64   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
  65   user = CALLER
  66
  67 # End