TLS: harden error-detection in TLS proxy process
[users/heiko/exim.git] / test / confs / 0900
1 # Exim test configuration 0900
2 SERVER=
3 SRV=
4 LIST=
5 ALLOW=
6
7 exim_path = EXIM_PATH
8 keep_environment =
9 add_environment = SSLKEYLOGFILE=DIR/spool/sslkeys
10 host_lookup_order = bydns
11 spool_directory = DIR/spool
12 log_file_path = DIR/spool/log/SERVER%slog
13 gecos_pattern = ""
14 gecos_name = CALLER_NAME
15 chunking_advertise_hosts = *
16 tls_advertise_hosts = ${if eq {SRV}{tls} {*}}
17 .ifdef _HAVE_REQTLS
18 tls_advertise_requiretls = :
19 .endif
20 .ifdef _HAVE_PIPE_CONNECT
21 pipelining_connect_advertise_hosts = :
22 .endif
23 .ifdef _HAVE_DMARC
24 dmarc_tld_file =
25 .endif
26
27
28 # ----- Main settings -----
29
30 primary_hostname = testhost.test.ex
31 domainlist local_domains = @ : test.ex
32
33 acl_smtp_rcpt = check_recipient
34 acl_smtp_data_prdr = check_prdr
35 acl_smtp_data = check_data
36 trusted_users = CALLER
37 queue_only
38 smtp_receive_timeout = 2s
39
40 .ifdef _HAVE_DKIM
41 log_selector = +received_recipients +millisec +dkim_verbose
42 .else
43 log_selector = +received_recipients +millisec
44 .endif
45
46 .ifdef _OPT_MAIN_TLS_CERTIFICATE
47 tls_certificate = DIR/aux-fixed/cert1
48 .endif
49
50 ALLOW
51
52 # ----- ACL -----
53
54 begin acl
55
56 check_recipient:
57   accept hosts = :
58   accept domains = +local_domains
59   deny   message = relay not permitted
60
61 check_prdr:
62   accept local_parts = good
63   deny
64
65 check_data:
66   warn   message = X-acl-message-linecount: $message_linecount
67   accept
68
69 # ----- Routers -----
70
71 begin routers
72
73 to_server:
74   driver = accept
75   condition =   ${if !eq {SERVER}{server}}
76   transport =   remote_smtp${if eq {SRV}{dkim} {_dkim}}
77   errors_to =   ""
78
79 fail_remote_domains:
80   driver = redirect
81   domains = ! +local_domains
82   data = :fail: unrouteable mail domain "$domain"
83
84 localuser:
85   driver = accept
86   check_local_user
87   transport = local_delivery
88   headers_add = X-local-user: uid=$local_user_uid gid=$local_user_gid
89
90
91 # ----- Transports -----
92
93 begin transports
94
95 local_delivery:
96   driver = appendfile
97   delivery_date_add
98   envelope_to_add
99   file = DIR/test-mail/${bless:$local_part}
100   headers_add = "X-body-linecount: $body_linecount\n\
101                  X-message-linecount: $message_linecount\n\
102                  X-received-count: $received_count"
103   return_path_add
104
105 remote_smtp:
106   driver = smtp
107   hosts =       127.0.0.1
108   port =        PORT_S
109   hosts_try_fastopen = :
110   tls_verify_certificates = DIR/aux-fixed/cert1
111   tls_verify_cert_hostnames =
112   allow_localhost
113   command_timeout = 2s
114   final_timeout = 2s
115
116 remote_smtp_dkim:
117   driver = smtp
118   hosts =       127.0.0.1
119   port =        PORT_S
120   hosts_try_fastopen = :
121   tls_verify_certificates = DIR/aux-fixed/cert1
122   tls_verify_cert_hostnames =
123   allow_localhost
124   command_timeout = 2s
125   final_timeout = 2s
126
127 .ifdef _HAVE_DKIM
128 .ifdef SRV
129   dkim_domain =         test.ex
130   dkim_selector =       sel
131   dkim_private_key =    DIR/aux-fixed/dkim/dkim.private
132 .ifndef HEADERS_MAXSIZE
133   dkim_sign_headers =   LIST
134 .endif
135 .endif
136 .endif
137
138 # ----- Retry -----
139
140 begin retry
141 * * F,30m,5m;
142 # End