[exim.git] / test / confs / 3700

# Exim test configuration 3700

SERVER=

.include DIR/aux-var/tls_conf_prefix

primary_hostname = myhost.test.ex
log_selector = +received_recipients +outgoing_port

# ----- Main settings -----

acl_smtp_auth = log_call
acl_smtp_mail = check_authd
acl_smtp_rcpt = check_authd
queue_only
queue_run_in_order
trusted_users = CALLER

tls_on_connect_ports = PORT_S
tls_advertise_hosts = *
tls_certificate = DIR/aux-fixed/cert1

tls_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2


# ----- ACL -----

begin acl

log_call:
  accept   logwrite = Auth ACL called, after smtp cmd "$smtp_command"

check_authd:
  deny     message = authentication required
          !authenticated = *
  accept


# ----- Authentication -----

begin authenticators

tls:
  driver = tls
  server_debug_print = +++TLS \$auth1="$auth1"
  server_param1 =    ${quote:${certextract {subject,CN,>:} \
                                  {$tls_in_peercert}}}
  server_condition = ${if def:auth1}
  server_set_id =    $auth1


# ----- Routers -----

begin routers

r1:
  driver = accept
  transport = ${if eq {$local_part}{smtps} {t2}{t1}}


# ----- Transports -----

begin transports

t1:
  driver = smtp
  hosts = 127.0.0.1
  port = PORT_D
  allow_localhost
  tls_certificate =         DIR/aux-fixed/cert2
  tls_verify_certificates = DIR/aux-fixed/cert1
  tls_verify_cert_hostnames = :

t2:
  driver = smtp
  hosts = 127.0.0.1
  port = PORT_S
  protocol = smtps
  allow_localhost
  tls_certificate =         DIR/aux-fixed/cert2
  tls_verify_certificates = DIR/aux-fixed/cert1
  tls_verify_cert_hostnames = :

# End
Commit	Line	Data
b3ef41c9 JH	1	# Exim test configuration 3700
	2
	3	SERVER=
	4
d4dc049f	5	.include DIR/aux-var/tls_conf_prefix
b3ef41c9	6
d4dc049f	7	primary_hostname = myhost.test.ex
b3ef41c9 JH	8	log_selector = +received_recipients +outgoing_port
	9
	10	# ----- Main settings -----
	11
69d8eed7	12	acl_smtp_auth = log_call
b3ef41c9 JH	13	acl_smtp_mail = check_authd
	14	acl_smtp_rcpt = check_authd
	15	queue_only
	16	queue_run_in_order
	17	trusted_users = CALLER
	18
	19	tls_on_connect_ports = PORT_S
	20	tls_advertise_hosts = *
	21	tls_certificate = DIR/aux-fixed/cert1
	22
	23	tls_verify_hosts = *
	24	tls_verify_certificates = DIR/aux-fixed/cert2
	25
	26
	27	# ----- ACL -----
	28
	29	begin acl
	30
69d8eed7 JH	31	log_call:
	32	accept logwrite = Auth ACL called, after smtp cmd "$smtp_command"
	33
b3ef41c9 JH	34	check_authd:
	35	deny message = authentication required
	36	!authenticated = *
	37	accept
	38
	39
	40	# ----- Authentication -----
	41
	42	begin authenticators
	43
	44	tls:
	45	driver = tls
	46	server_debug_print = +++TLS \$auth1="$auth1"
	47	server_param1 = ${quote:${certextract {subject,CN,>:} \
	48	{$tls_in_peercert}}}
	49	server_condition = ${if def:auth1}
	50	server_set_id = $auth1
	51
	52
	53	# ----- Routers -----
	54
	55	begin routers
	56
	57	r1:
	58	driver = accept
	59	transport = ${if eq {$local_part}{smtps} {t2}{t1}}
	60
	61
	62	# ----- Transports -----
	63
	64	begin transports
	65
	66	t1:
	67	driver = smtp
	68	hosts = 127.0.0.1
	69	port = PORT_D
	70	allow_localhost
	71	tls_certificate = DIR/aux-fixed/cert2
	72	tls_verify_certificates = DIR/aux-fixed/cert1
	73	tls_verify_cert_hostnames = :
	74
	75	t2:
	76	driver = smtp
	77	hosts = 127.0.0.1
	78	port = PORT_S
	79	protocol = smtps
	80	allow_localhost
	81	tls_certificate = DIR/aux-fixed/cert2
	82	tls_verify_certificates = DIR/aux-fixed/cert1
	83	tls_verify_cert_hostnames = :
	84
	85	# End