Fix CVE-2016-1531
[exim.git] / test / confs / 2119
1 # Exim test configuration 2119
2
3 exim_path = EXIM_PATH
4 keep_environment =
5 host_lookup_order = bydns
6 primary_hostname = myhost.test.ex
7 rfc1413_query_timeout = 0s
8 spool_directory = DIR/spool
9 log_file_path = DIR/spool/log/%slog
10 gecos_pattern = ""
11 gecos_name = CALLER_NAME
12
13 # ----- Main settings -----
14
15 acl_smtp_rcpt = check_recipient
16
17 log_selector = +tls_peerdn
18
19 queue_only
20 queue_run_in_order
21
22 tls_advertise_hosts = *
23
24 tls_certificate = DIR/aux-fixed/cert1
25 tls_privatekey = DIR/aux-fixed/cert1
26
27 tls_verify_hosts = HOSTIPV4
28 tls_verify_certificates = DIR/aux-fixed/cert2
29
30
31 # ------ ACL ------
32
33 begin acl
34
35 check_recipient:
36   accept  hosts = :
37   deny    hosts = HOSTIPV4
38          !encrypted = AES256-SHA:\
39                       AES256-GCM-SHA384:\
40                       IDEA-CBC-MD5:\
41                       DES-CBC3-SHA:\
42                       DHE-RSA-AES256-SHA:\
43                       DHE-RSA-AES256-GCM-SHA384:\
44                       DHE_RSA_AES_256_CBC_SHA1:\
45                       DHE_RSA_3DES_EDE_CBC_SHA
46   accept
47
48
49 # ----- Routers -----
50
51 begin routers
52
53 abc:
54   driver = accept
55   retry_use_local_part
56   transport = local_delivery
57
58
59 # ----- Transports -----
60
61 begin transports
62
63 local_delivery:
64   driver = appendfile
65   file = DIR/test-mail/$local_part
66   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
67   user = CALLER
68
69 # End