Fix CVE-2016-1531
[exim.git] / test / confs / 3700
1 # Exim test configuration 3700
2
3 SERVER=
4
5 exim_path = EXIM_PATH
6 keep_environment =
7 host_lookup_order = bydns
8 primary_hostname = myhost.test.ex
9 spool_directory = DIR/spool
10 log_file_path = DIR/spool/log/SERVER%slog
11 gecos_pattern = ""
12 gecos_name = CALLER_NAME
13
14 log_selector = +received_recipients +outgoing_port
15
16 # ----- Main settings -----
17
18 acl_smtp_mail = check_authd
19 acl_smtp_rcpt = check_authd
20 queue_only
21 queue_run_in_order
22 trusted_users = CALLER
23
24 tls_on_connect_ports = PORT_S
25 tls_advertise_hosts = *
26 tls_certificate = DIR/aux-fixed/cert1
27
28 tls_verify_hosts = *
29 tls_verify_certificates = DIR/aux-fixed/cert2
30
31
32 # ----- ACL -----
33
34 begin acl
35
36 check_authd:
37   deny     message = authentication required
38           !authenticated = *
39   accept
40
41
42 # ----- Authentication -----
43
44 begin authenticators
45
46 tls:
47   driver = tls
48   server_debug_print = +++TLS \$auth1="$auth1"
49   server_param1 =    ${quote:${certextract {subject,CN,>:} \
50                                   {$tls_in_peercert}}}
51   server_condition = ${if def:auth1}
52   server_set_id =    $auth1
53
54
55 # ----- Routers -----
56
57 begin routers
58
59 r1:
60   driver = accept
61   transport = ${if eq {$local_part}{smtps} {t2}{t1}}
62
63
64 # ----- Transports -----
65
66 begin transports
67
68 t1:
69   driver = smtp
70   hosts = 127.0.0.1
71   port = PORT_D
72   allow_localhost
73   tls_certificate =         DIR/aux-fixed/cert2
74   tls_verify_certificates = DIR/aux-fixed/cert1
75   tls_verify_cert_hostnames = :
76
77 t2:
78   driver = smtp
79   hosts = 127.0.0.1
80   port = PORT_S
81   protocol = smtps
82   allow_localhost
83   tls_certificate =         DIR/aux-fixed/cert2
84   tls_verify_certificates = DIR/aux-fixed/cert1
85   tls_verify_cert_hostnames = :
86
87 # End