test/confs/5650

   1 # Exim test configuration 5650
   2 # OCSP stapling, server
   3
   4 CRL=
   5
   6 exim_path = EXIM_PATH
   7 keep_environment =
   8 host_lookup_order = bydns
   9 primary_hostname = server1.example.com
  10 spool_directory = DIR/spool
  11 log_file_path = DIR/spool/log/%slog
  12 gecos_pattern = ""
  13 gecos_name = CALLER_NAME
  14
  15 # ----- Main settings -----
  16
  17 acl_smtp_connect = check_connect
  18 acl_smtp_mail = check_mail
  19 acl_smtp_rcpt = check_recipient
  20
  21 log_selector = +tls_peerdn
  22
  23 queue_only
  24 queue_run_in_order
  25
  26 tls_advertise_hosts = *
  27
  28 tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
  29 tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
  30 tls_crl = CRL
  31 tls_ocsp_file = OCSP
  32
  33 #tls_verify_hosts = HOSTIPV4
  34 #tls_try_verify_hosts = *
  35 #tls_verify_certificates = DIR/aux-fixed/cert2
  36
  37
  38
  39 # ------ ACL ------
  40
  41 begin acl
  42
  43 check_connect:
  44   accept   logwrite = acl_conn: ocsp in status: $tls_in_ocsp \
  45     (${listextract {${eval:$tls_in_ocsp+1}} \
  46                 {notreq:notresp:vfynotdone:failed:verified}})
  47
  48 check_mail:
  49   accept   logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
  50     (${listextract {${eval:$tls_in_ocsp+1}} \
  51                 {notreq:notresp:vfynotdone:failed:verified}})
  52
  53 check_recipient:
  54   accept
  55
  56
  57 # ----- Routers -----
  58
  59 begin routers
  60
  61 abc:
  62   driver = accept
  63   retry_use_local_part
  64   transport = local_delivery
  65
  66
  67 # ----- Transports -----
  68
  69 begin transports
  70
  71 local_delivery:
  72   driver = appendfile
  73   file = DIR/test-mail/$local_part
  74   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
  75   user = CALLER
  76
  77 # End