X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/b3ef41c94af9aefec7b6855cf2ce73ffeaba9d9a..46a36afae41f63de654269c8a0b7cf5852a85a14:/test/confs/3700 diff --git a/test/confs/3700 b/test/confs/3700 index 1565b5f79..598bc7f1a 100644 --- a/test/confs/3700 +++ b/test/confs/3700 @@ -2,41 +2,45 @@ SERVER= -exim_path = EXIM_PATH -host_lookup_order = bydns -primary_hostname = myhost.test.ex -spool_directory = DIR/spool -log_file_path = DIR/spool/log/SERVER%slog -gecos_pattern = "" -gecos_name = CALLER_NAME +.include DIR/aux-var/tls_conf_prefix +primary_hostname = myhost.test.ex log_selector = +received_recipients +outgoing_port # ----- Main settings ----- +acl_smtp_auth = log_call acl_smtp_mail = check_authd acl_smtp_rcpt = check_authd +acl_smtp_data = ar_header + queue_only queue_run_in_order trusted_users = CALLER tls_on_connect_ports = PORT_S tls_advertise_hosts = * -tls_certificate = DIR/aux-fixed/cert1 +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key tls_verify_hosts = * -tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ----- ACL ----- begin acl +log_call: + accept logwrite = Auth ACL called, after smtp cmd "$smtp_command" + check_authd: deny message = authentication required !authenticated = * accept +ar_header: + accept add_header = :at_start:${authresults {$primary_hostname}} # ----- Authentication ----- @@ -55,9 +59,14 @@ tls: begin routers -r1: - driver = accept - transport = ${if eq {$local_part}{smtps} {t2}{t1}} +server_r: + driver = accept + condition = ${if eq {server}{SERVER}} + transport = file + +client_r1: + driver = accept + transport = ${if eq {$local_part}{smtps} {t2}{t1}} # ----- Transports ----- @@ -68,19 +77,29 @@ t1: driver = smtp hosts = 127.0.0.1 port = PORT_D + hosts_try_fastopen = : allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : t2: driver = smtp hosts = 127.0.0.1 port = PORT_S + hosts_try_fastopen = : protocol = smtps allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : +file: + driver = appendfile + file = DIR/test-mail/$local_part + create_file = DIR/test-mail + user = CALLER + # End