blob: fa643ae4c5f825da07043ef531cc2355c27fa530 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
# test config 4060
# Pipelining the early part of the SMTP conversation, starttls
CONTROL=*
OPT=
CONNECTCOND=
keep_environment = PATH
add_environment = SSLKEYLOGFILE=DIR/spool/sslkeys
exim_path = EXIM_PATH
host_lookup_order = bydns
spool_directory = DIR/spool
.ifdef SERVER
log_file_path = DIR/spool/log/SERVER%slog
.else
log_file_path = DIR/spool/log/%slog
.endif
gecos_pattern = ""
gecos_name = CALLER_NAME
dns_cname_loops = 9
chunking_advertise_hosts = OPT
tls_advertise_hosts = *
tls_certificate = DIR/aux-fixed/cert1
.ifdef _HAVE_TLS_CA_CACHE
tls_verify_certificates = system,cache
.endif
.ifdef _HAVE_DMARC
dmarc_tld_file =
.endif
# Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
.ifdef _HAVE_GNUTLS
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
.else
tls_require_ciphers = DEFAULT:!kECDHE
.endif
pipelining_connect_advertise_hosts = CONTROL
log_selector = +received_recipients +millisec +pipelining
queue_only
acl_smtp_rcpt = accept
#
begin routers
server:
driver = redirect
condition = ${if eq {SERVER}{server}}
data = :blackhole:
client:
driver = manualroute
route_data = 127.0.0.1::PORT_D
self = send
transport = smtp
#
begin transports
smtp:
driver = smtp
hosts_try_fastopen = CONNECTCOND
hosts_pipe_connect = CONTROL
tls_verify_hosts =
tls_try_verify_hosts =
|
