DKIM: Force use of tainted mem for headers
[exim.git] / test / confs / 5840
index 10ca2111b25dbf938ef1e2801f73407461b1f784..1b3b122b34d7b15782ee8d98d9bc0dae3a093d57 100644 (file)
@@ -2,6 +2,7 @@
 # DANE/OpenSSL
 
 SERVER=
+CONTROL= *
 
 .include DIR/aux-var/tls_conf_prefix
 
@@ -15,7 +16,8 @@ acl_smtp_rcpt = accept logwrite = "rcpt ACL"
 acl_smtp_rcpt = accept verify = recipient/callout
 .endif
 
-log_selector =  +received_recipients +tls_peerdn +tls_certificate_verified
+log_selector =  +received_recipients +tls_peerdn +tls_certificate_verified \
+               +tls_sni
 
 queue_run_in_order
 
@@ -69,13 +71,14 @@ begin transports
 send_to_server:
   driver = smtp
   allow_localhost
-  port = ${if match {$host}{\Ntest.ex$\N} {PORT_D}{25}}
+  port = PORT_D
+  hosts_try_fastopen = :
 
-  hosts_try_dane =     *
+  hosts_try_dane =     CONTROL
   hosts_require_dane = HOSTIPV4
   tls_verify_cert_hostnames = ${if eq {OPT}{no_certname} {}{*}}
   tls_try_verify_hosts = thishost.test.ex
-  tls_verify_certificates = CDIR2/ca_chain.pem
+  tls_verify_certificates = ${if eq {DETAILS}{ca} {CDIR2/ca_chain.pem} {}}