Defend against symlink attack by another process running as exim
[users/heiko/exim.git] / test / confs / 2100
1 # Exim test configuration 2100
2
3 SERVER=
4
5 .include DIR/aux-var/tls_conf_prefix
6
7 primary_hostname = myhost.test.ex
8
9 # ----- Main settings -----
10
11 acl_smtp_rcpt = accept
12
13 log_selector =  +tls_peerdn
14
15 queue_only
16 queue_run_in_order
17
18 tls_advertise_hosts = *
19
20 # Set certificate only if server
21
22 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
23 tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
24
25 tls_verify_hosts = *
26 tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
27
28
29 # ----- Routers -----
30
31 begin routers
32
33 client:
34   driver = accept
35   condition = ${if eq {SERVER}{server}{no}{yes}}
36   retry_use_local_part
37   transport = send_to_server
38
39
40 # ----- Transports -----
41
42 begin transports
43
44 send_to_server:
45   driver = smtp
46   allow_localhost
47   hosts = 127.0.0.1
48   port = PORT_D
49   tls_certificate = DIR/aux-fixed/cert2
50   tls_privatekey = DIR/aux-fixed/cert2
51   tls_verify_certificates = DIR/aux-fixed/cert2
52   tls_try_verify_hosts = :
53
54
55 # ----- Retry -----
56
57
58 begin retry
59
60 * * F,5d,10s
61
62
63 # End