git://git.exim.org
/
users
/
jgh
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug...
[users/jgh/exim.git]
/
test
/
confs
/
4500
diff --git
a/test/confs/4500
b/test/confs/4500
index f2e44beff244d7b059a8d65705154144b55049c9..9f0829c1a2b23e8379e64cfebf8bf05723b4a989 100644
(file)
--- a/
test/confs/4500
+++ b/
test/confs/4500
@@
-10,6
+10,13
@@
primary_hostname = myhost.test.ex
acl_smtp_rcpt = accept
acl_smtp_dkim = check_dkim
acl_smtp_rcpt = accept
acl_smtp_dkim = check_dkim
+acl_smtp_data = check_data
+
+log_selector = +dkim_verbose
+dkim_verify_hashes = sha256 : sha512 : sha1
+.ifdef MSIZE
+dkim_verify_min_keysizes = MSIZE
+.endif
queue_only
queue_run_in_order
queue_only
queue_run_in_order
@@
-18,6
+25,9
@@
queue_run_in_order
begin acl
check_dkim:
begin acl
check_dkim:
+.ifdef BAD
+ warn logwrite = ${lookup dnsdb{defer_never,txt=_adsp._domainkey.$dkim_cur_signer}{$value}{unknown}}
+.endif
.ifdef OPTION
warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
condition = ${if eq {$dkim_verify_status}{pass}}
.ifdef OPTION
warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
condition = ${if eq {$dkim_verify_status}{pass}}
@@
-25,7
+35,13
@@
check_dkim:
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
.endif
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
.endif
- accept
+ warn
logwrite = signer: $dkim_cur_signer bits: $dkim_key_length
logwrite = signer: $dkim_cur_signer bits: $dkim_key_length
+.ifndef STRICT
+ accept
+.endif
+
+check_data:
+ accept logwrite = ${authresults {$primary_hostname}}
# End
# End