test/confs/3700

   1 # Exim test configuration 3700
   2
   3 SERVER=
   4
   5 .include DIR/aux-var/tls_conf_prefix
   6
   7 primary_hostname = myhost.test.ex
   8 log_selector = +received_recipients +outgoing_port
   9
  10 # ----- Main settings -----
  11
  12 acl_smtp_auth = log_call
  13 acl_smtp_mail = check_authd
  14 acl_smtp_rcpt = check_authd
  15 queue_only
  16 queue_run_in_order
  17 trusted_users = CALLER
  18
  19 tls_on_connect_ports = PORT_S
  20 tls_advertise_hosts = *
  21 tls_certificate = DIR/aux-fixed/cert1
  22
  23 tls_verify_hosts = *
  24 tls_verify_certificates = DIR/aux-fixed/cert2
  25
  26
  27 # ----- ACL -----
  28
  29 begin acl
  30
  31 log_call:
  32   accept   logwrite = Auth ACL called, after smtp cmd "$smtp_command"
  33
  34 check_authd:
  35   deny     message = authentication required
  36           !authenticated = *
  37   accept
  38
  39
  40 # ----- Authentication -----
  41
  42 begin authenticators
  43
  44 tls:
  45   driver = tls
  46   server_debug_print = +++TLS \$auth1="$auth1"
  47   server_param1 =    ${quote:${certextract {subject,CN,>:} \
  48                                   {$tls_in_peercert}}}
  49   server_condition = ${if def:auth1}
  50   server_set_id =    $auth1
  51
  52
  53 # ----- Routers -----
  54
  55 begin routers
  56
  57 r1:
  58   driver = accept
  59   transport = ${if eq {$local_part}{smtps} {t2}{t1}}
  60
  61
  62 # ----- Transports -----
  63
  64 begin transports
  65
  66 t1:
  67   driver = smtp
  68   hosts = 127.0.0.1
  69   port = PORT_D
  70   allow_localhost
  71   tls_certificate =         DIR/aux-fixed/cert2
  72   tls_verify_certificates = DIR/aux-fixed/cert1
  73   tls_verify_cert_hostnames = :
  74
  75 t2:
  76   driver = smtp
  77   hosts = 127.0.0.1
  78   port = PORT_S
  79   protocol = smtps
  80   allow_localhost
  81   tls_certificate =         DIR/aux-fixed/cert2
  82   tls_verify_certificates = DIR/aux-fixed/cert1
  83   tls_verify_cert_hostnames = :
  84
  85 # End