Commit | Line | Data |
---|---|---|
b53c265b JH |
1 | # Exim test configuration 3720 |
2 | ||
3 | SERVER= | |
4 | ||
5 | .include DIR/aux-var/tls_conf_prefix | |
6 | ||
7 | primary_hostname = myhost.test.ex | |
8 | log_selector = +received_recipients +outgoing_port | |
9 | ||
10 | # ----- Main settings ----- | |
11 | ||
12 | acl_smtp_auth = log_call | |
13 | acl_smtp_mail = check_authd | |
14 | acl_smtp_rcpt = check_authd | |
15 | acl_smtp_data = ar_header | |
16 | ||
17 | queue_only | |
18 | queue_run_in_order | |
19 | trusted_users = CALLER | |
20 | ||
21 | tls_advertise_hosts = * | |
22 | tls_certificate = DIR/aux-fixed/cert1 | |
23 | ||
24 | tls_verify_hosts = * | |
25 | tls_verify_certificates = DIR/aux-fixed/cert2 | |
26 | ||
27 | ||
28 | # ----- ACL ----- | |
29 | ||
30 | begin acl | |
31 | ||
32 | log_call: | |
33 | accept logwrite = Auth ACL called, after smtp cmd "$smtp_command" | |
34 | ||
35 | check_authd: | |
36 | deny message = authentication required | |
37 | !authenticated = * | |
38 | accept | |
39 | ||
40 | ar_header: | |
41 | accept add_header = :at_start:${authresults {$primary_hostname}} | |
42 | ||
43 | # ----- Authentication ----- | |
44 | ||
45 | begin authenticators | |
46 | ||
47 | ext_ccert_cn: | |
48 | driver = external | |
49 | public_name = EXTERNAL | |
50 | ||
51 | server_advertise_condition = ${if eq{$tls_in_cipher}{}{no}{yes}} | |
52 | server_param2 = ${certextract {subject,CN} {$tls_in_peercert}} | |
53 | server_condition = ${if eq {$auth2}{$auth1}} | |
54 | server_set_id = $auth1 | |
55 | server_debug_print = +++TLS \$auth1="$auth1" | |
56 | ||
57 | client_send = "Phil Pennock" | |
58 | ||
59 | ||
60 | # ----- Routers ----- | |
61 | ||
62 | begin routers | |
63 | ||
64 | server_r: | |
65 | driver = accept | |
66 | condition = ${if eq {server}{SERVER}} | |
67 | transport = file | |
68 | ||
69 | client_r1: | |
70 | driver = accept | |
71 | transport = t1 | |
72 | ||
73 | ||
74 | # ----- Transports ----- | |
75 | ||
76 | begin transports | |
77 | ||
78 | t1: | |
79 | driver = smtp | |
80 | hosts = 127.0.0.1 | |
81 | port = PORT_D | |
277b9979 | 82 | hosts_try_fastopen = : |
b53c265b JH |
83 | allow_localhost |
84 | tls_certificate = DIR/aux-fixed/cert2 | |
85 | tls_verify_certificates = DIR/aux-fixed/cert1 | |
86 | tls_verify_cert_hostnames = : | |
87 | hosts_try_auth = * | |
88 | ||
89 | file: | |
90 | driver = appendfile | |
0d2e392e | 91 | file = DIR/test-mail/${bless:$local_part} |
b53c265b JH |
92 | user = CALLER |
93 | ||
94 | # End |