DKIM: make verification results visible in data ACL

[exim.git] / test / confs / 4500

diff --git a/test/confs/4500 b/test/confs/4500
index 61a04f6b0de000c7408898f562a96005fc6e727f..f2e44beff244d7b059a8d65705154144b55049c9 100644 (file)
--- a/test/confs/4500
+++ b/test/confs/4500
@@ -2,22 +2,30 @@
 
 SERVER=
 
 
 SERVER=
 

-exim_path = EXIM_PATH
-keep_environment =
-host_lookup_order = bydns
+.include DIR/aux-var/std_conf_prefix
+

 primary_hostname = myhost.test.ex
 primary_hostname = myhost.test.ex

-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/SERVER%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
-tls_advertise_hosts =

 
 # ----- Main settings -----
 
 acl_smtp_rcpt = accept
 
 # ----- Main settings -----
 
 acl_smtp_rcpt = accept

-acl_smtp_dkim = accept logwrite = signer: $dkim_cur_signer bits: $dkim_key_length
+acl_smtp_dkim = check_dkim

 
 queue_only
 queue_run_in_order
 
 
 queue_only
 queue_run_in_order
 

+
+begin acl
+
+check_dkim:
+.ifdef OPTION
+  warn condition =     ${if eq {$dkim_algo}{rsa-sha1}}
+       condition =     ${if eq {$dkim_verify_status}{pass}}
+       logwrite =      NOTE: forcing dkim verify fail (was pass)
+       set dkim_verify_status = fail
+       set dkim_verify_reason = hash too weak
+.endif
+  accept
+       logwrite = signer: $dkim_cur_signer bits: $dkim_key_length
+

 # End
 # End