Update comments in expample config file to match current default for TLS

[exim.git] / src / src / configure.default

diff --git a/src/src/configure.default b/src/src/configure.default
index 87f255aa91fbdd7f6c8c383f633dc5eb04954c62..3761dafbf4de1cf5204bf2bf90975f51266cb43d 100644 (file)
--- a/src/src/configure.default
+++ b/src/src/configure.default
@@ -147,15 +147,15 @@ acl_smtp_data =         acl_check_data
 # spamd_address = 127.0.0.1 783
 
 
-# If Exim is compiled with support for TLS, you may want to enable the
-# following options so that Exim allows clients to make encrypted
-# connections. In the authenticators section below, there are template
-# configurations for plaintext username/password authentication. This kind
-# of authentication is only safe when used within a TLS connection, so the
-# authenticators will only work if the following TLS settings are turned on
-# as well.
+# If Exim is compiled with support for TLS, you may want to change the
+# following option so that Exim disallows certain clients from makeing encrypted
+# connections. The default is to allow all.
+# In the authenticators section below, there are template configurations for
+# plaintext username/password authentication. This kind of authentication is
+# only safe when used within a TLS connection, so the authenticators will only
+# work if TLS is allowed here.
 
-# Allow any client to use TLS.
+# This is equivalent to the default.
 
 # tls_advertise_hosts = *
 
@@ -504,11 +504,6 @@ acl_check_rcpt:
           control       = submission
           control       = dkim_disable_verify
 
-  # Insist that a HELO/EHLO was accepted.
-
-  require message       = nice hosts say HELO first
-          condition     = ${if def:sender_helo_name}
-
   # Insist that any other recipient address that we accept is either in one of
   # our local domains, or is in a domain for which we explicitly allow
   # relaying. Any other domain is rejected as being unacceptable for relaying.