X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/468c0c7e3066886ff5028bb423b96712a155fe05..4b7a74717ed76f5336fe677bb360fe3da0e47aa6:/src/src/configure.default diff --git a/src/src/configure.default b/src/src/configure.default index ee94d2f91..79bbc8c30 100644 --- a/src/src/configure.default +++ b/src/src/configure.default @@ -40,6 +40,7 @@ ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### +# # Specify your host's canonical name here. This should normally be the fully # qualified "official" name of your host. If this option is not set, the @@ -152,6 +153,9 @@ acl_smtp_data = acl_check_data # tls_certificate = /etc/ssl/exim.crt # tls_privatekey = /etc/ssl/exim.pem +# For OpenSSL, prefer EC- over RSA-authenticated ciphers +# tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT + # In order to support roaming users who wish to send email from anywhere, # you may want to make Exim listen on other ports as well as port 25, in # case these users need to send email from a network that blocks port 25. @@ -329,6 +333,18 @@ timeout_frozen_after = 7d # accept_8bitmime = false +# Exim does not make use of environment variables itself. However, +# libraries that Exim uses (e.g. LDAP) depend on specific environment settings. +# There are two lists: keep_environment for the variables we trust, and +# add_environment for variables we want to set to a specific value. +# Note that TZ is handled separately by the timezone runtime option +# and TIMEZONE_DEFAULT buildtime option. + +# keep_environment = ^LDAP +# add_environment = PATH=/usr/bin::/bin + + + ###################################################################### # ACL CONFIGURATION # # Specifies access control lists for incoming SMTP mail # @@ -500,7 +516,15 @@ acl_check_data: # Deny if the message contains an overlong line. Per the standards # we should never receive one such via SMTP. # - deny condition = ${if > {$max_received_linelength}{998}} + deny message = maximum allowed line length is 998 octets, \ + got $max_received_linelength + condition = ${if > {$max_received_linelength}{998}} + + # Deny if the headers contain badly-formed addresses. + # + deny !verify = header_syntax + message = header syntax + log_message = header syntax ($acl_verify_message) # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. @@ -694,8 +718,8 @@ begin transports # This transport is used for delivering messages over SMTP connections. -# Refuse to send any messsage with over-long lines, which could have -# been receved other than via SMTP. The use of message_size_limit to +# Refuse to send any message with over-long lines, which could have +# been received other than via SMTP. The use of message_size_limit to # enforce this is a red herring. remote_smtp: