[exim.git] / test / confs / 5822

# Exim test configuration 5822
# DANE/GnuTLS

SERVER=

.include DIR/aux-var/tls_conf_prefix

primary_hostname = myhost.test.ex

# ----- Main settings -----

acl_smtp_rcpt = accept logwrite = "rcpt ACL"

log_selector =  +received_recipients +tls_peerdn +tls_certificate_verified

queue_run_in_order

tls_advertise_hosts = *
# needed to force generation
tls_dhparam = historic

tls_certificate = ${if eq {SERVER}{server} {DIR/aux-fixed/cert1} fail}

# ----- Routers -----

begin routers

client:
  driver = dnslookup
  condition = ${if eq {SERVER}{}}
  dnssec_request_domains = *
  self = send
  transport = send_to_server
  errors_to = ""

server:
  driver = redirect
  condition = ${if !eq {SERVER}{}}
  data = :blackhole:


# ----- Transports -----

begin transports

send_to_server:
  driver = smtp
  allow_localhost
  port = PORT_D

  hosts_try_dane =     *
  hosts_require_dane = HOSTIPV4
  tls_verify_cert_hostnames = :
  tls_try_verify_hosts = thishost.test.ex
#  tls_verify_certificates = CDIR2/ca_chain.pem


# ----- Retry -----


begin retry

* * F,5d,10s


# End
Commit	Line	Data
624f33df JH	1	# Exim test configuration 5822
	2	# DANE/GnuTLS
	3
	4	SERVER=
	5
	6	.include DIR/aux-var/tls_conf_prefix
	7
	8	primary_hostname = myhost.test.ex
	9
	10	# ----- Main settings -----
	11
	12	acl_smtp_rcpt = accept logwrite = "rcpt ACL"
	13
	14	log_selector = +received_recipients +tls_peerdn +tls_certificate_verified
	15
	16	queue_run_in_order
	17
	18	tls_advertise_hosts = *
	19	# needed to force generation
	20	tls_dhparam = historic
	21
	22	tls_certificate = ${if eq {SERVER}{server} {DIR/aux-fixed/cert1} fail}
	23
	24	# ----- Routers -----
	25
	26	begin routers
	27
	28	client:
	29	driver = dnslookup
	30	condition = ${if eq {SERVER}{}}
	31	dnssec_request_domains = *
	32	self = send
	33	transport = send_to_server
	34	errors_to = ""
	35
	36	server:
	37	driver = redirect
	38	condition = ${if !eq {SERVER}{}}
	39	data = :blackhole:
	40
	41
	42	# ----- Transports -----
	43
	44	begin transports
	45
	46	send_to_server:
	47	driver = smtp
	48	allow_localhost
	49	port = PORT_D
	50
	51	hosts_try_dane = *
	52	hosts_require_dane = HOSTIPV4
	53	tls_verify_cert_hostnames = :
	54	tls_try_verify_hosts = thishost.test.ex
	55	# tls_verify_certificates = CDIR2/ca_chain.pem
	56
	57
	58
	59	# ----- Retry -----
	60
	61
	62	begin retry
	63
	64	* * F,5d,10s
65
66
67	# End