Taint: fix multiple ACL actions to properly manage tainted argument data
[users/jgh/exim.git] / test / confs / 4064
1 # test config 4064
2 # Early-pipe, AUTH, GnuTLS
3
4 keep_environment = PATH
5 exim_path = EXIM_PATH
6 host_lookup_order = bydns
7 spool_directory = DIR/spool
8
9 .ifdef SERVER
10 log_file_path = DIR/spool/log/SERVER%slog
11 .else
12 log_file_path = DIR/spool/log/%slog
13 .endif
14
15 gecos_pattern = ""
16 gecos_name = CALLER_NAME
17 dns_cname_loops = 9
18 chunking_advertise_hosts = OPT
19 tls_advertise_hosts = *
20 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
21
22 # Avoid ECDHE key-exchange so that we can wireshark-decode
23 .ifdef _HAVE_GNUTLS
24 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
25 .endif
26
27 .ifdef _HAVE_DMARC
28 dmarc_tld_file =
29 .endif
30
31 pipelining_connect_advertise_hosts = *
32 auth_advertise_hosts = *
33
34 log_selector = +received_recipients +pipelining
35 queue_only
36
37 acl_smtp_rcpt = accept
38
39 #
40 begin routers
41
42 server:
43   driver =      redirect
44   condition =   ${if eq {SERVER}{server}}
45   data =        :blackhole:
46
47 client:
48   driver =      manualroute
49   route_data =  127.0.0.1::PORT_D
50   self =        send
51   transport =   smtp
52
53 #
54 begin transports
55
56 smtp:
57   driver =              smtp
58   hosts_try_fastopen =  :
59   hosts_pipe_connect =  *
60   tls_verify_hosts =
61   tls_try_verify_hosts =
62   hosts_require_auth =  *
63
64 #
65 begin authenticators
66
67 plain:
68   driver = plaintext
69   public_name = PLAIN
70
71   server_advertise_condition = ${if eq{$tls_in_cipher}{}{no}{yes}}
72   server_condition = "\
73     ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
74   server_set_id = $auth2
75
76   client_send = ^userx^secret
77