; This is a testing zone file for use when testing DNS handling in Exim. This
-; is a fake zone of no real use - hence no SOA record. The zone name is
+; is a fake zone of no real use. The zone name is
; test.ex. This file is passed through the substitution mechanism before being
; used by the fakens auxiliary program. This inserts the actual IP addresses
; of the local host into the zone.
; host ever uses them.
test.ex. NS exim.test.ex.
+test.ex. SOA exim.test.ex. hostmaster.exim.test.ex 1430683638 1200 120 604800 3600
test.ex. TXT "A TXT record for test.ex."
s/lash TXT "A TXT record for s/lash.test.ex."
UpperCase A 127.0.0.1
-; A host with UTF-8 characters in its name
+; A host with punycoded UTF-8 characters used for its lookup ( mx.π.test.ex )
-mx.π A V4NET.255.255.255
+mx.xn--1xa A V4NET.255.255.255
; A non-standard name for localhost
thishost A 127.0.0.1
+localhost4 A 127.0.0.1
+
; Something that gives both the IP and the loopback
v6 AAAA V6NET:ffff:836f:0a00:000a:0800:200a:c032
; Alias A and CNAME records for the local host, under the name "eximtesthost"
+; Make the A covered by DNSSEC and add a TLSA for it.
-DNSSEC eximtesthost A HOSTIPV4
+eximtesthost A HOSTIPV4
alias-eximtesthost CNAME eximtesthost.test.ex.
; A bad CNAME
recurse.test.ex A V4NET.99.0.2
+; a CNAME pointing to a name with both ipv4 and ipv6 A-records
+; and one with only ipv4
+
+cname46 CNAME localhost
+cname4 CNAME thishost
+
; -------- Testing RBL records -------
; V4NET.11.12.13 is deliberately not reverse-registered
; -------- Testing MX records --------
-DNSSEC mxplain MX 1 eximtesthost.
-
mxcased MX 5 ten-99.TEST.EX.
; Points to a host with both A and AAAA
mxt1c MX 1 dontqualify.
-; MX with UTF-8 characters in its name
+; MX with punycoded UTF-8 characters used for its lookup ( π.test.ex )
+
+xn--1xa MX 0 mx.π.test.ex.
+
+; MX with actual UTF-8 characters in its name, for allow_utf8_domains mode test
-π MX 0 mx.π.test.ex.
+π MX 0 mx.xn--1xa.test.ex.
; -------- Testing SRV records --------
csa1 A V4NET.9.8.7
csa2 A V4NET.9.8.8
+; ------- Testing DNSSEC ----------
+
+mx-unsec-a-unsec MX 5 a-unsec
+mx-unsec-a-sec MX 5 a-sec
+DNSSEC mx-sec-a-unsec MX 5 a-unsec
+DNSSEC mx-sec-a-sec MX 5 a-sec
+DNSSEC mx-sec-a-aa MX 5 a-aa
+AA mx-aa-a-sec MX 5 a-sec
+
+a-unsec A V4NET.0.0.100
+DNSSEC a-sec A V4NET.0.0.100
+DNSSEC l-sec A 127.0.0.1
+
+AA a-aa A V4NET.0.0.100
+
+; ------- Testing DANE ------------
+
+; full suite dns chain, sha512
+DNSSEC mxdane512ee MX 1 dane512ee
+DNSSEC dane512ee A HOSTIPV4
+DNSSEC _1225._tcp.dane512ee TLSA 3 1 2 3d5eb81b1dfc3f93c1fa8819e3fb3fdb41bb590441d5f3811db17772f4bc6de29bdd7c4f4b723750dda871b99379192b3f979f03db1252c4f08b03ef7176528d
+
+; A-only, sha256
+DNSSEC dane256ee A HOSTIPV4
+DNSSEC _1225._tcp.dane256ee TLSA 3 1 1 2bb55f418bb03411a5007cecbfcd3ec1c94404312c0d53a44bb2166b32654db3
+
+; full MX, sha256, TA-mode
+DNSSEC mxdane256ta MX 1 dane256ta
+DNSSEC dane256ta A HOSTIPV4
+DNSSEC _1225._tcp.dane256ta TLSA 2 0 1 b2c6f27f2d16390b4f71cacc69742bf610d750534fab240516c0f2deb4042ad4
+
+
+; A multiple-return MX where all TLSA lookups defer
+DNSSEC mxdanelazy MX 1 danelazy
+DNSSEC MX 2 danelazy2
+
+DNSSEC danelazy A HOSTIPV4
+DNSSEC danelazy2 A 127.0.0.1
+
+DNSSEC _1225._tcp.danelazy CNAME test.again.dns.
+DNSSEC _1225._tcp.danelazy2 CNAME test.again.dns.
+
+; hosts with no TLSA
+DNSSEC dane.no.1 A HOSTIPV4
+DNSSEC dane.no.2 A 127.0.0.1
+
+; ------- Testing delays ------------
+
+DELAY=500 delay500 A HOSTIPV4
+DELAY=1500 delay1500 A HOSTIPV4
+
+
; End