2 # Early-pipe, AUTH, GnuTLS
4 keep_environment = PATH
6 host_lookup_order = bydns
7 spool_directory = DIR/spool
10 log_file_path = DIR/spool/log/SERVER%slog
12 log_file_path = DIR/spool/log/%slog
16 gecos_name = CALLER_NAME
18 chunking_advertise_hosts = OPT
19 tls_advertise_hosts = *
20 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
22 # Avoid ECDHE key-exchange so that we can wireshark-decode
24 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
31 pipelining_connect_advertise_hosts = *
32 auth_advertise_hosts = *
34 log_selector = +received_recipients +pipelining
37 acl_smtp_rcpt = accept
44 condition = ${if eq {SERVER}{server}}
49 route_data = 127.0.0.1::PORT_D
58 hosts_pipe_connect = *
60 tls_try_verify_hosts =
61 hosts_require_auth = *
70 server_advertise_condition = ${if eq{$tls_in_cipher}{}{no}{yes}}
72 ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
73 server_set_id = $auth2
75 client_send = ^userx^secret