Fix CVE-2016-1531
[exim.git] / test / confs / 2111
1 # Exim test configuration 2111
2
3 SERVER =
4
5 exim_path = EXIM_PATH
6 keep_environment =
7 host_lookup_order = bydns
8 primary_hostname = myhost.test.ex
9 spool_directory = DIR/spool
10 log_file_path = DIR/spool/log/SERVER%slog
11 gecos_pattern = ""
12 gecos_name = CALLER_NAME
13
14 # ----- Main settings -----
15
16 acl_smtp_rcpt = accept
17 log_selector = +tls_peerdn
18 queue_only
19 queue_run_in_order
20
21 tls_advertise_hosts = *
22
23 # Set certificate only if server
24
25 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
26 tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
27
28 tls_verify_hosts = *
29 tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
30
31
32 # ----- Routers -----
33
34 begin routers
35
36 client:
37   driver = accept
38   condition = ${if eq {SERVER}{server}{no}{yes}}
39   retry_use_local_part
40   transport = send_to_server
41
42
43 # ----- Transports -----
44
45 begin transports
46
47 send_to_server:
48   driver = smtp
49   allow_localhost
50   hosts = HOSTIPV4 : 127.0.0.1
51   hosts_require_tls = HOSTIPV4
52   port = PORT_D
53   tls_certificate = DIR/aux-fixed/cert2
54   tls_privatekey = DIR/aux-fixed/cert2
55   tls_require_ciphers = IDEA-CBC-MD5 \
56     ${if eq{$host_address}{127.0.0.1}{:DES-CBC3-SHA:RSA_ARCFOUR_SHA}}
57
58 # End