Commit | Line | Data |
---|---|---|
b3ef41c9 JH |
1 | # Exim test configuration 3700 |
2 | ||
3 | SERVER= | |
4 | ||
5 | exim_path = EXIM_PATH | |
bc3c7bb7 | 6 | keep_environment = |
b3ef41c9 JH |
7 | host_lookup_order = bydns |
8 | primary_hostname = myhost.test.ex | |
9 | spool_directory = DIR/spool | |
10 | log_file_path = DIR/spool/log/SERVER%slog | |
11 | gecos_pattern = "" | |
12 | gecos_name = CALLER_NAME | |
13 | ||
14 | log_selector = +received_recipients +outgoing_port | |
15 | ||
16 | # ----- Main settings ----- | |
17 | ||
18 | acl_smtp_mail = check_authd | |
19 | acl_smtp_rcpt = check_authd | |
20 | queue_only | |
21 | queue_run_in_order | |
22 | trusted_users = CALLER | |
23 | ||
24 | tls_on_connect_ports = PORT_S | |
25 | tls_advertise_hosts = * | |
26 | tls_certificate = DIR/aux-fixed/cert1 | |
27 | ||
28 | tls_verify_hosts = * | |
29 | tls_verify_certificates = DIR/aux-fixed/cert2 | |
30 | ||
31 | ||
32 | # ----- ACL ----- | |
33 | ||
34 | begin acl | |
35 | ||
36 | check_authd: | |
37 | deny message = authentication required | |
38 | !authenticated = * | |
39 | accept | |
40 | ||
41 | ||
42 | # ----- Authentication ----- | |
43 | ||
44 | begin authenticators | |
45 | ||
46 | tls: | |
47 | driver = tls | |
48 | server_debug_print = +++TLS \$auth1="$auth1" | |
49 | server_param1 = ${quote:${certextract {subject,CN,>:} \ | |
50 | {$tls_in_peercert}}} | |
51 | server_condition = ${if def:auth1} | |
52 | server_set_id = $auth1 | |
53 | ||
54 | ||
55 | # ----- Routers ----- | |
56 | ||
57 | begin routers | |
58 | ||
59 | r1: | |
60 | driver = accept | |
61 | transport = ${if eq {$local_part}{smtps} {t2}{t1}} | |
62 | ||
63 | ||
64 | # ----- Transports ----- | |
65 | ||
66 | begin transports | |
67 | ||
68 | t1: | |
69 | driver = smtp | |
70 | hosts = 127.0.0.1 | |
71 | port = PORT_D | |
72 | allow_localhost | |
73 | tls_certificate = DIR/aux-fixed/cert2 | |
74 | tls_verify_certificates = DIR/aux-fixed/cert1 | |
75 | tls_verify_cert_hostnames = : | |
76 | ||
77 | t2: | |
78 | driver = smtp | |
79 | hosts = 127.0.0.1 | |
80 | port = PORT_S | |
81 | protocol = smtps | |
82 | allow_localhost | |
83 | tls_certificate = DIR/aux-fixed/cert2 | |
84 | tls_verify_certificates = DIR/aux-fixed/cert1 | |
85 | tls_verify_cert_hostnames = : | |
86 | ||
87 | # End |