[exim.git] / test / confs / 5600

# Exim test configuration 5600
# OCSP stapling, server

CRL=

exim_path = EXIM_PATH
host_lookup_order = bydns
primary_hostname = server1.example.com
rfc1413_query_timeout = 0s
spool_directory = DIR/spool
log_file_path = DIR/spool/log/%slog
gecos_pattern = ""
gecos_name = CALLER_NAME

# ----- Main settings -----

acl_smtp_rcpt = check_recipient

log_selector = +tls_peerdn

queue_only
queue_run_in_order

tls_advertise_hosts = *

tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key

tls_verify_hosts = HOSTIPV4
tls_try_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2
tls_crl = CRL
tls_ocsp_file = OCSP


# ------ ACL ------

begin acl

check_recipient:
  deny     message = certificate not verified: peerdn=$tls_peerdn
         ! verify = certificate
  accept


# ----- Routers -----

begin routers

abc:
  driver = accept
  retry_use_local_part
  transport = local_delivery


# ----- Transports -----

begin transports

local_delivery:
  driver = appendfile
  file = DIR/test-mail/$local_part
  headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
  user = CALLER

# End
Commit	Line	Data
f5d78688 JH	1	# Exim test configuration 5600
	2	# OCSP stapling, server
	3
	4	CRL=
	5
	6	exim_path = EXIM_PATH
	7	host_lookup_order = bydns
	8	primary_hostname = server1.example.com
	9	rfc1413_query_timeout = 0s
	10	spool_directory = DIR/spool
	11	log_file_path = DIR/spool/log/%slog
	12	gecos_pattern = ""
	13	gecos_name = CALLER_NAME
	14
	15	# ----- Main settings -----
	16
	17	acl_smtp_rcpt = check_recipient
	18
	19	log_selector = +tls_peerdn
	20
	21	queue_only
	22	queue_run_in_order
	23
	24	tls_advertise_hosts = *
	25
	26	tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
	27	tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
	28
	29	tls_verify_hosts = HOSTIPV4
	30	tls_try_verify_hosts = *
	31	tls_verify_certificates = DIR/aux-fixed/cert2
	32	tls_crl = CRL
	33	tls_ocsp_file = OCSP
	34
	35
	36	# ------ ACL ------
	37
	38	begin acl
	39
	40	check_recipient:
	41	deny message = certificate not verified: peerdn=$tls_peerdn
	42	! verify = certificate
	43	accept
	44
	45
	46	# ----- Routers -----
	47
	48	begin routers
	49
	50	abc:
	51	driver = accept
	52	retry_use_local_part
	53	transport = local_delivery
	54
	55
	56	# ----- Transports -----
	57
	58	begin transports
	59
	60	local_delivery:
	61	driver = appendfile
	62	file = DIR/test-mail/$local_part
	63	headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
	64	user = CALLER
65
66	# End