blob: 8a8b38f96083cbad51c5ebf29a019184cc84bb9f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# test config 4065
# Early-pipe, AUTH, GnuTLS, tls-on-connect
keep_environment = PATH
exim_path = EXIM_PATH
host_lookup_order = bydns
spool_directory = DIR/spool
.ifdef SERVER
log_file_path = DIR/spool/log/SERVER%slog
.else
log_file_path = DIR/spool/log/%slog
.endif
gecos_pattern = ""
gecos_name = CALLER_NAME
dns_cname_loops = 9
chunking_advertise_hosts =
tls_on_connect_ports = PORT_D
tls_advertise_hosts = *
tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
# Avoid ECDHE key-exchange so that we can wireshark-decode
.ifdef _HAVE_GNUTLS
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
.endif
pipelining_connect_advertise_hosts = *
auth_advertise_hosts = *
log_selector = +received_recipients +pipelining
queue_only
acl_smtp_rcpt = accept
#
begin routers
server:
driver = redirect
condition = ${if eq {SERVER}{server}}
data = :blackhole:
client:
driver = manualroute
route_data = 127.0.0.1
self = send
transport = smtp
#
begin transports
smtp:
driver = smtp
hosts_pipe_connect = *
protocol = smtps
port = PORT_D
tls_verify_hosts =
tls_try_verify_hosts =
hosts_require_auth = *
#
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_condition = "\
${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
server_set_id = $auth2
client_send = ^userx^secret
|
