Support REQUIRETLS
[users/jgh/exim.git] / test / confs / 5910
1 # Exim test configuration 5910
2
3 SERVER=
4
5 # advertise REQUIRETLS unless commandline override
6 SRV= *
7 # set on commandline to add an extra rcpt-time acl condition
8 ACL=
9
10 exim_path = EXIM_PATH
11 keep_environment =
12 host_lookup_order = bydns
13 spool_directory = DIR/spool
14
15 .ifdef SERVER
16 log_file_path = DIR/spool/log/SERVER%slog
17 .else
18 log_file_path = DIR/spool/log/%slog
19 .endif
20
21 gecos_pattern = ""
22 gecos_name = CALLER_NAME
23 chunking_advertise_hosts =
24
25 primary_hostname = myhost.test.ex
26
27 # ----- Main settings -----
28
29 acl_smtp_mail = m
30 acl_smtp_rcpt = r
31 acl_not_smtp = n
32
33 log_selector =  +tls_peerdn +received_recipients
34
35 queue_only
36 queue_run_in_order
37
38 tls_advertise_hosts = *
39 tls_advertise_requiretls = SRV
40
41 # Set certificate only if server
42
43 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
44 tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
45
46 #tls_verify_hosts = *
47 #tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
48
49
50 # ----- ACL -----
51
52 begin acl
53
54 m:
55   accept        senders = :
56   deny          condition = ${if eq {SERVER}{server}}
57                 !sender_domains = test.ex : myhost.test.ex
58   accept
59  
60 r:
61   warn          condition = ${if eq {SERVER}{server}}
62                 logwrite = requiretls: $requiretls
63
64 # define this to upgrade messages to REQUIRETLS
65 .ifdef OPT
66   warn
67                 condition = ${if !bool{$requiretls}}
68                 logwrite = upgrading
69                 control = requiretls
70 .endif
71   accept        ACL
72
73 n:
74 .ifdef OPT
75   accept
76                 condition = ${if !bool{$requiretls}}
77                 logwrite = upgrading
78                 control = requiretls
79 .endif
80   accept
81 # ----- Routers -----
82
83 begin routers
84
85 bounces:
86   driver = redirect
87   condition = ${if !def:sender_address}
88   condition = ${if first_delivery}
89   data = :defer:
90   allow_defer
91
92 final:
93   driver = accept
94   condition = ${if eq {$received_ip_address}{HOSTIPV4} {yes}{no}}
95   transport = file_a_bounce
96
97 client:
98   driver = accept
99   transport = send_to_server
100
101
102 # ----- Transports -----
103
104 begin transports
105
106 file_a_bounce:
107   driver = appendfile
108   delivery_date_add
109   envelope_to_add
110   file = DIR/test-mail/$local_part
111   return_path_add
112   user = CALLER
113
114 send_to_server:
115   driver = smtp
116   allow_localhost
117   hosts = HOSTIPV4
118   port = PORT_D
119   tls_certificate = DIR/aux-fixed/cert2
120   tls_privatekey = DIR/aux-fixed/cert2
121   tls_verify_certificates = DIR/aux-fixed/cert2
122   tls_try_verify_hosts = :
123
124
125 # ----- Retry -----
126
127
128 begin retry
129
130 * * F,5d,10s
131
132
133 # End