Merge branch 'exim-4.96+security' into master+security
[exim.git] / test / confs / 1103
index 52f471b798ca069b87b7007cb80113ec4ba07793..b122e9cf1bac874f96274a64e5ef769b2c48fff4 100644 (file)
@@ -6,39 +6,55 @@ primary_hostname = myhost.test.ex
 
 # ----- Main settings -----
 
+acl_smtp_rcpt = check_recipient
+
+queue_only
+queue_run_in_order
+
+tls_certificate = DIR/aux-fixed/cert1
+tls_privatekey = DIR/aux-fixed/cert1
+
 tls_advertise_hosts = *
 
-tls_certificate = DIR/tmp/certs/servercert
-tls_privatekey = DIR/tmp/certs/serverkey
-tls_try_verify_hosts = *
-tls_verify_certificates = DIR/aux-fixed/cert2
-#tls_verify_certificates = system,cache
 
-queue_only
-log_selector = +millisec
+# ------ ACL ------
+
+begin acl
 
-# --- ACL ---
+check_recipient:
+  deny   message = unacceptable cipher $tls_cipher
+        !encrypted = ${if eq {$sender_host_address}{HOSTIPV4}{IDEA-CBC-MD5}{*}}
+  accept
 
-acl_smtp_rcpt = accept
 
-# ----
+# ----- Routers -----
 
 begin routers
 
-all:
+abc:
   driver = accept
-  transport = smtp
+  retry_use_local_part
+  transport = local_delivery
+
+
+# ----- Transports -----
 
 begin transports
 
-smtp:
-  driver =             smtp
-  hosts =              127.0.0.1
-  allow_localhost
-  port =               PORT_D
-  hosts_try_fastopen = :
-  tls_certificate =    DIR/aux-fixed/cert2
-  tls_verify_certificates =    DIR/aux-fixed/cert1
-  tls_verify_cert_hostnames =  :
+local_delivery:
+  driver = appendfile
+  file = DIR/test-mail/$local_part
+  create_file = DIR/test-mail
+  headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
+  user = CALLER
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
 
 # End