2 # Pipelining the early part of the SMTP conversation, starttls
8 keep_environment = PATH
9 add_environment = SSLKEYLOGFILE=DIR/spool/sslkeys
11 host_lookup_order = bydns
12 spool_directory = DIR/spool
15 log_file_path = DIR/spool/log/SERVER%slog
17 log_file_path = DIR/spool/log/%slog
21 gecos_name = CALLER_NAME
23 chunking_advertise_hosts = OPT
24 tls_advertise_hosts = *
25 tls_certificate = DIR/aux-fixed/cert1
27 .ifdef _HAVE_TLS_CA_CACHE
28 tls_verify_certificates = system,cache
35 # Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
37 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
39 tls_require_ciphers = DEFAULT:!kECDHE
42 pipelining_connect_advertise_hosts = CONTROL
43 log_selector = +received_recipients +millisec +pipelining
46 acl_smtp_rcpt = accept
53 condition = ${if eq {SERVER}{server}}
58 route_data = 127.0.0.1::PORT_D
67 hosts_try_fastopen = CONNECTCOND
68 hosts_pipe_connect = CONTROL
70 tls_try_verify_hosts =