Testsuite: tidying

[exim.git] / src / src / configure.default

diff --git a/src/src/configure.default b/src/src/configure.default
index fd27d6b45cdfe054bb816dd3c2133112f731ad43..633c6539e96979c24f12a0708ba87d685218247f 100644 (file)
--- a/src/src/configure.default
+++ b/src/src/configure.default
@@ -147,15 +147,15 @@ acl_smtp_data =         acl_check_data
 # spamd_address = 127.0.0.1 783
 
 
-# If Exim is compiled with support for TLS, you may want to enable the
-# following options so that Exim allows clients to make encrypted
-# connections. In the authenticators section below, there are template
-# configurations for plaintext username/password authentication. This kind
-# of authentication is only safe when used within a TLS connection, so the
-# authenticators will only work if the following TLS settings are turned on
-# as well.
+# If Exim is compiled with support for TLS, you may want to change the
+# following option so that Exim disallows certain clients from makeing encrypted
+# connections. The default is to allow all.
+# In the authenticators section below, there are template configurations for
+# plaintext username/password authentication. This kind of authentication is
+# only safe when used within a TLS connection, so the authenticators will only
+# work if TLS is allowed here.
 
-# Allow any client to use TLS.
+# This is equivalent to the default.
 
 # tls_advertise_hosts = *
 
@@ -183,11 +183,15 @@ tls_resumption_hosts = ${if inlist {$received_port}{587:465} {:}{*}}
 # In order to support roaming users who wish to send email from anywhere,
 # you may want to make Exim listen on other ports as well as port 25, in
 # case these users need to send email from a network that blocks port 25.
-# The standard port for this purpose is port 587, the "message submission"
-# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
+# The standard ports for this purpose are:
+# port 587, the "message submission" port - see RFC 4409 for details,
+# and 465 the TLS-encrypted "submission" port, service name is "submissions",
+# see RFC 8314.
+
+# Microsoft MUAs cannot be configured to
 # talk the message submission protocol correctly, so if you need to support
-# them you should also allow TLS-on-connect on the traditional but
-# non-standard port 465.
+# them you should also allow TLS-on-connect on the traditional (and now
+# standard) port 465.
 
 # daemon_smtp_ports = 25 : 465 : 587
 # tls_on_connect_ports = 465
@@ -843,7 +847,7 @@ smarthost_smtp:
   # request with your smarthost provider to get things fixed:
   hosts_require_tls = *
   tls_verify_hosts = *
-  # As long as tls_verify_hosts is enabled, this this will have no effect,
+  # As long as tls_verify_hosts is enabled this will have no effect,
   # but if you have to comment it out then this will at least log whether
   # you succeed or not:
   tls_try_verify_hosts = *