Early-pipe: invalidate cache on a failure of required-auth
[exim.git] / test / confs / 2014
1 # Exim test configuration 2014
2
3 CRL=
4
5 .include DIR/aux-var/tls_conf_prefix
6
7 primary_hostname = myhost.test.ex
8
9 # ----- Main settings -----
10
11 acl_smtp_rcpt = check_recipient
12
13 log_selector = +tls_peerdn
14
15 queue_only
16 queue_run_in_order
17
18 tls_advertise_hosts = *
19
20 tls_certificate = DIR/aux-fixed/cert1
21 tls_privatekey = DIR/aux-fixed/cert1
22
23 tls_verify_hosts = HOSTIPV4
24 tls_try_verify_hosts = *
25 tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
26 tls_crl = CRL
27
28
29 # ------ ACL ------
30
31 begin acl
32
33 check_recipient:
34   deny     message = certificate not verified: peerdn=$tls_in_peerdn
35          ! verify = certificate
36   accept
37
38
39 # ----- Routers -----
40
41 begin routers
42
43 abc:
44   driver = accept
45   retry_use_local_part
46   transport = local_delivery
47
48
49 # ----- Transports -----
50
51 begin transports
52
53 local_delivery:
54   driver = appendfile
55   file = DIR/test-mail/${bless:$local_part}
56   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_in_peerdn
57   user = CALLER
58
59 # End