On a host lookup name->MX->A->ip sequence, require both stages to

be dnssec before declaring the lookup was secure.
author: Jeremy Harris <jgh146exb@wizmail.org> 2014-08-10 11:49:49 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2014-08-10 11:49:49 +0100
commit: cf2b569e3a2f8956b7045191e96bc5edfd366c78 (patch)
tree: 50ccf981fdaf0a21cf295373314e3210159a41f3 /test
parent: 2eb77f91023a3279166810a7ce9f15508d244e65 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/test/confs/5850 b/test/confs/5850
index 53cb78ae1..0b132e29e 100644
--- a/test/confs/5850
+++ b/test/confs/5850
@@ -37,9 +37,11 @@ tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
 begin routers
 
 client:
-  driver = accept
+  driver = dnslookup
   condition = ${if eq {SERVER}{server}{no}{yes}}
-  retry_use_local_part
+#  retry_use_local_part
+  dnssec_request_domains = *
+  self = send
   transport = send_to_server
 
 server:
@@ -54,7 +56,7 @@ begin transports
 send_to_server:
   driver = smtp
   allow_localhost
-  hosts = 127.0.0.1
+#  hosts = 127.0.0.1
   port = PORT_D
 #  tls_certificate = DIR/aux-fixed/cert2
 #  tls_privatekey = DIR/aux-fixed/cert2
author	Jeremy Harris <jgh146exb@wizmail.org>	2014-08-10 11:49:49 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2014-08-10 11:49:49 +0100
commit	cf2b569e3a2f8956b7045191e96bc5edfd366c78 (patch)
tree	50ccf981fdaf0a21cf295373314e3210159a41f3 /test
parent	2eb77f91023a3279166810a7ce9f15508d244e65 (diff)