# Don't offer resumption to (most) MUAs, who we don't want to reuse
# tickets. Once the TLS extension for vended ticket numbers comes
# though, re-examine since resumption on a single-use ticket is still a benefit.
+.ifdef _HAVE_TLS_RESUME
tls_resumption_hosts = ${if inlist {$received_port}{587:465} {:}{*}}
+.endif
# In order to support roaming users who wish to send email from anywhere,
# you may want to make Exim listen on other ports as well as port 25, in
# examples of how you can get Exim to perform a DNS black list lookup at this
# point. The first one denies, whereas the second just warns.
#
- # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
- # dnslists = black.list.example
+ # deny dnslists = black.list.example
+ # message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
#
# warn dnslists = black.list.example
# add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain
# Deny if the message contains an overlong line. Per the standards
# we should never receive one such via SMTP.
#
- deny message = maximum allowed line length is 998 octets, \
+ deny condition = ${if > {$max_received_linelength}{998}}
+ message = maximum allowed line length is 998 octets, \
got $max_received_linelength
- condition = ${if > {$max_received_linelength}{998}}
# Deny if the headers contain badly-formed addresses.
#
remote_smtp:
driver = smtp
-.ifdef _HAVE_TLS
+.ifdef _HAVE_TLS_RESUME
tls_resumption_hosts = *
-#endif
-.ifdef _HAVE_PRDR
- hosts_try_prdr = *
.endif
.ifdef _HAVE_GNUTLS
tls_require_ciphers = SECURE192:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
.endif
+.ifdef _HAVE_TLS_RESUME
tls_resumption_hosts = *
.endif
-.ifdef _HAVE_PRDR
- hosts_try_prdr = *
.endif