Commit | Line | Data |
---|---|---|
98eb9592 JH |
1 | # Exim test configuration 3820 |
2 | ||
3 | SERVER= | |
4 | ||
14a806d6 JH |
5 | .ifdef TRUSTED |
6 | .include DIR/aux-var/tls_conf_prefix | |
7 | .else | |
98eb9592 | 8 | .include DIR/aux-var/std_conf_prefix |
14a806d6 | 9 | .endif |
98eb9592 JH |
10 | |
11 | primary_hostname = myhost.test.ex | |
14a806d6 | 12 | tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} |
98eb9592 JH |
13 | |
14 | # ----- Main settings ----- | |
15 | ||
14a806d6 JH |
16 | acl_smtp_rcpt = accept |
17 | queue_only | |
18 | ||
19 | ||
20 | begin routers | |
21 | ||
22 | client_r: | |
23 | driver = accept | |
24 | condition = ${if !eq {SERVER}{server}} | |
25 | transport = smtp | |
49d47806 | 26 | errors_to = |
14a806d6 JH |
27 | |
28 | begin transports | |
29 | ||
30 | smtp: | |
fdc7c95e JH |
31 | driver = smtp |
32 | hosts = 127.0.0.1 | |
14a806d6 | 33 | allow_localhost |
fdc7c95e | 34 | port = PORT_D |
14a806d6 | 35 | .ifdef TRUSTED |
fdc7c95e | 36 | hosts_require_tls = * |
14a806d6 JH |
37 | tls_verify_certificates = DIR/aux-fixed/cert1 |
38 | tls_verify_cert_hostnames = : | |
49d47806 JH |
39 | .else |
40 | hosts_avoid_tls = * | |
14a806d6 | 41 | .endif |
fdc7c95e | 42 | hosts_require_auth = * |
98eb9592 JH |
43 | |
44 | # ----- Authentication ----- | |
45 | ||
46 | begin authenticators | |
47 | ||
14a806d6 | 48 | .ifndef TRUSTED |
98eb9592 | 49 | sasl1: |
fdc7c95e JH |
50 | driver = gsasl |
51 | public_name = ANONYMOUS | |
98eb9592 JH |
52 | server_set_id = $auth1 |
53 | server_condition = true | |
54 | ||
55 | sasl2: | |
fdc7c95e JH |
56 | driver = gsasl |
57 | public_name = PLAIN | |
98eb9592 | 58 | server_set_id = $auth1 |
14a806d6 JH |
59 | server_condition = ${if eq {$auth3}{pencil}} |
60 | ||
61 | client_condition = ${if eq {plain}{$local_part}} | |
62 | client_username = ph10 | |
63 | client_password = pencil | |
64 | .endif | |
98eb9592 JH |
65 | |
66 | sasl3: | |
fdc7c95e | 67 | driver = gsasl |
14a806d6 | 68 | .ifdef TRUSTED |
fdc7c95e | 69 | public_name = SCRAM-SHA-1-PLUS |
14a806d6 JH |
70 | server_advertise_condition = ${if def:tls_in_cipher} |
71 | server_channelbinding = true | |
72 | .else | |
fdc7c95e | 73 | public_name = SCRAM-SHA-1 |
14a806d6 | 74 | .endif |
98eb9592 | 75 | |
2b615f22 | 76 | server_scram_salt = ${if eq {$auth1}{ph10} {QSXCR+Q6sek8bf92}} |
49d47806 JH |
77 | .ifdef _HAVE_AUTH_GSASL_SCRAM_S_KEY |
78 | server_key = D+CSWLOshSulAsxiupA+qs2/fTE= | |
79 | server_skey = 6dlGYMOdZcOPutkcNY8U2g7vK9Y= | |
80 | .endif | |
2b615f22 | 81 | server_password = ${if eq {$auth1}{ph10} {pencil}{unset_password}} |
98eb9592 JH |
82 | server_condition = true |
83 | server_set_id = $auth1 | |
84 | ||
14a806d6 JH |
85 | client_condition = ${if eq {scram_sha_1}{$local_part}} |
86 | client_username = ph10 | |
87 | client_password = pencil | |
49d47806 JH |
88 | .ifdef _HAVE_AUTH_GSASL_SCRAM_S_KEY |
89 | client_spassword = 1d96ee3a529b5a5f9e47c01f229a2cb8a6e15f7d | |
90 | .endif | |
14a806d6 JH |
91 | .ifdef TRUSTED |
92 | client_channelbinding = true | |
93 | .endif | |
94 | ||
fdc7c95e JH |
95 | .ifdef _HAVE_AUTH_GSASL_SCRAM_SHA_256 |
96 | sasl4: | |
97 | driver = gsasl | |
98 | .ifdef TRUSTED | |
99 | public_name = SCRAM-SHA-256-PLUS | |
100 | server_advertise_condition = ${if def:tls_in_cipher} | |
101 | server_channelbinding = true | |
102 | .else | |
103 | public_name = SCRAM-SHA-256 | |
104 | .endif | |
105 | ||
106 | server_scram_salt = QSXCR+Q6sek8bf92 | |
107 | server_password = pencil | |
108 | server_condition = true | |
109 | server_set_id = $auth1 | |
110 | ||
111 | client_condition = ${if eq {scram_sha_256}{$local_part}} | |
112 | client_username = ph10 | |
113 | client_password = pencil | |
114 | .ifdef TRUSTED | |
115 | client_channelbinding = true | |
116 | .endif | |
117 | .endif | |
118 | ||
98eb9592 JH |
119 | |
120 | # End |