summaryrefslogtreecommitdiffstats
path: root/tests/conf/test-inspect-smtp.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'tests/conf/test-inspect-smtp.cfg')
-rw-r--r--tests/conf/test-inspect-smtp.cfg44
1 files changed, 44 insertions, 0 deletions
diff --git a/tests/conf/test-inspect-smtp.cfg b/tests/conf/test-inspect-smtp.cfg
new file mode 100644
index 0000000..5cfc864
--- /dev/null
+++ b/tests/conf/test-inspect-smtp.cfg
@@ -0,0 +1,44 @@
+# This is a test configuration. It listens on port 8025, waits for an incoming
+# connection, and applies the following rules :
+# - if the address is in the white list, then accept it and forward the
+# connection to the server (local port 25)
+# - if the address is in the black list, then immediately drop it
+# - otherwise, wait up to 35 seconds. If the client talks during this time,
+# drop the connection.
+# - then accept the connection if it passes all the tests.
+#
+# Note that the rules are evaluated at every new chunk of data read, and at
+# delay expiration. Rules which apply to incomplete data don't match as long
+# as the timer has not expired.
+
+listen block-fake-mailers
+ log 127.0.0.1:514 local0
+ option tcplog
+
+ mode tcp
+ bind :8025
+ timeout client 60s
+ timeout server 60s
+ timeout queue 60s
+ timeout connect 5s
+
+ tcp-request inspect-delay 35s
+
+ acl white_list src 127.0.0.2
+ acl black_fast src 127.0.0.3 # those ones are immediately rejected
+ acl black_slow src 127.0.0.4 # those ones are rejected after a delay
+
+ tcp-request content accept if white_list
+ tcp-request content reject if black_fast
+ tcp-request content reject if black_slow WAIT_END
+ tcp-request content reject if REQ_CONTENT
+ # note that it is possible to wait for the end of the analysis period
+ # before rejecting undesired contents
+ # tcp-request content reject if REQ_CONTENT WAIT_END
+
+ # on Linux+transparent proxy patch, it's useful to reuse the client'IP
+ # source 0.0.0.0 usesrc clientip
+
+ balance roundrobin
+ server mail 127.0.0.1:25
+