test/confs/5650

   1 # Exim test configuration 5650
   2 # OCSP stapling, server
   3
   4 CRL=
   5
   6 exim_path = EXIM_PATH
   7 keep_environment =
   8 host_lookup_order = bydns
   9 primary_hostname = server1.example.com
  10 rfc1413_query_timeout = 0s
  11 spool_directory = DIR/spool
  12 log_file_path = DIR/spool/log/%slog
  13 gecos_pattern = ""
  14 gecos_name = CALLER_NAME
  15
  16 # ----- Main settings -----
  17
  18 acl_smtp_connect = check_connect
  19 acl_smtp_mail = check_mail
  20 acl_smtp_rcpt = check_recipient
  21
  22 log_selector = +tls_peerdn
  23
  24 queue_only
  25 queue_run_in_order
  26
  27 tls_advertise_hosts = *
  28
  29 tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
  30 tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
  31 tls_crl = CRL
  32 tls_ocsp_file = OCSP
  33
  34 #tls_verify_hosts = HOSTIPV4
  35 #tls_try_verify_hosts = *
  36 #tls_verify_certificates = DIR/aux-fixed/cert2
  37
  38
  39
  40 # ------ ACL ------
  41
  42 begin acl
  43
  44 check_connect:
  45   accept   logwrite = acl_conn: ocsp in status: $tls_in_ocsp \
  46     (${listextract {${eval:$tls_in_ocsp+1}} \
  47                 {notreq:notresp:vfynotdone:failed:verified}})
  48
  49 check_mail:
  50   accept   logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
  51     (${listextract {${eval:$tls_in_ocsp+1}} \
  52                 {notreq:notresp:vfynotdone:failed:verified}})
  53
  54 check_recipient:
  55   accept
  56
  57
  58 # ----- Routers -----
  59
  60 begin routers
  61
  62 abc:
  63   driver = accept
  64   retry_use_local_part
  65   transport = local_delivery
  66
  67
  68 # ----- Transports -----
  69
  70 begin transports
  71
  72 local_delivery:
  73   driver = appendfile
  74   file = DIR/test-mail/$local_part
  75   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
  76   user = CALLER
  77
  78 # End