git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
safer coding of router toplevel
[exim.git]
/
test
/
confs
/
5600
diff --git
a/test/confs/5600
b/test/confs/5600
index cd5f3c8e782105407503d3c6ecdd89110b552ec9..6d1559e0113e76789a78046e0f26d7a0bd92121f 100644
(file)
--- a/
test/confs/5600
+++ b/
test/confs/5600
@@
-3,14
+3,9
@@
CRL=
CRL=
-exim_path = EXIM_PATH
-host_lookup_order = bydns
+.include DIR/aux-var/tls_conf_prefix
+
primary_hostname = server1.example.com
primary_hostname = server1.example.com
-rfc1413_query_timeout = 0s
-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
# ----- Main settings -----
# ----- Main settings -----
@@
-32,7
+27,7
@@
tls_verify_hosts = HOSTIPV4
tls_try_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2
tls_crl = CRL
tls_try_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2
tls_crl = CRL
-tls_ocsp_file =
OCSP
+tls_ocsp_file =
RETURN
# ------ ACL ------
# ------ ACL ------
@@
-40,10
+35,14
@@
tls_ocsp_file = OCSP
begin acl
check_connect:
begin acl
check_connect:
- accept logwrite = acl_conn: ocsp in status: $tls_in_ocsp
+ accept logwrite = acl_conn: ocsp in status: $tls_in_ocsp \
+ (${listextract {${eval:$tls_in_ocsp+1}} \
+ {notreq:notresp:vfynotdone:failed:verified}})
check_mail:
check_mail:
- accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp
+ accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
+ (${listextract {${eval:$tls_in_ocsp+1}} \
+ {notreq:notresp:vfynotdone:failed:verified}})
check_recipient:
deny message = certificate not verified: peerdn=$tls_peerdn
check_recipient:
deny message = certificate not verified: peerdn=$tls_peerdn
@@
-68,6
+67,7
@@
begin transports
local_delivery:
driver = appendfile
file = DIR/test-mail/$local_part
local_delivery:
driver = appendfile
file = DIR/test-mail/$local_part
+ create_file = DIR/test-mail
headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
user = CALLER
headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
user = CALLER