test/confs/3700

   1 # Exim test configuration 3700
   2
   3 SERVER=
   4
   5 .include DIR/aux-var/tls_conf_prefix
   6
   7 primary_hostname = myhost.test.ex
   8 log_selector = +received_recipients +outgoing_port
   9
  10 # ----- Main settings -----
  11
  12 acl_smtp_mail = check_authd
  13 acl_smtp_rcpt = check_authd
  14 queue_only
  15 queue_run_in_order
  16 trusted_users = CALLER
  17
  18 tls_on_connect_ports = PORT_S
  19 tls_advertise_hosts = *
  20 tls_certificate = DIR/aux-fixed/cert1
  21
  22 tls_verify_hosts = *
  23 tls_verify_certificates = DIR/aux-fixed/cert2
  24
  25
  26 # ----- ACL -----
  27
  28 begin acl
  29
  30 check_authd:
  31   deny     message = authentication required
  32           !authenticated = *
  33   accept
  34
  35
  36 # ----- Authentication -----
  37
  38 begin authenticators
  39
  40 tls:
  41   driver = tls
  42   server_debug_print = +++TLS \$auth1="$auth1"
  43   server_param1 =    ${quote:${certextract {subject,CN,>:} \
  44                                   {$tls_in_peercert}}}
  45   server_condition = ${if def:auth1}
  46   server_set_id =    $auth1
  47
  48
  49 # ----- Routers -----
  50
  51 begin routers
  52
  53 r1:
  54   driver = accept
  55   transport = ${if eq {$local_part}{smtps} {t2}{t1}}
  56
  57
  58 # ----- Transports -----
  59
  60 begin transports
  61
  62 t1:
  63   driver = smtp
  64   hosts = 127.0.0.1
  65   port = PORT_D
  66   allow_localhost
  67   tls_certificate =         DIR/aux-fixed/cert2
  68   tls_verify_certificates = DIR/aux-fixed/cert1
  69   tls_verify_cert_hostnames = :
  70
  71 t2:
  72   driver = smtp
  73   hosts = 127.0.0.1
  74   port = PORT_S
  75   protocol = smtps
  76   allow_localhost
  77   tls_certificate =         DIR/aux-fixed/cert2
  78   tls_verify_certificates = DIR/aux-fixed/cert1
  79   tls_verify_cert_hostnames = :
  80
  81 # End