X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/d5c0d8c9374623620844d539d4810da63e9abca1..d011368ae0e05db3dd79c111020686f3a1364ab0:/src/src/configure.default

diff --git a/src/src/configure.default b/src/src/configure.default
index a294dc3e6..79bbc8c30 100644
--- a/src/src/configure.default
+++ b/src/src/configure.default
@@ -153,6 +153,9 @@ acl_smtp_data = acl_check_data
 # tls_certificate = /etc/ssl/exim.crt
 # tls_privatekey = /etc/ssl/exim.pem
 
+# For OpenSSL, prefer EC- over RSA-authenticated ciphers
+# tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT
+
 # In order to support roaming users who wish to send email from anywhere,
 # you may want to make Exim listen on other ports as well as port 25, in
 # case these users need to send email from a network that blocks port 25.
@@ -517,6 +520,12 @@ acl_check_data:
                        got $max_received_linelength
           condition  = ${if > {$max_received_linelength}{998}}
 
+  # Deny if the headers contain badly-formed addresses.
+  #
+  deny	  !verify =	header_syntax
+	  message =	header syntax
+	  log_message = header syntax ($acl_verify_message)
+
   # Deny if the message contains a virus. Before enabling this check, you
   # must install a virus scanner and set the av_scanner option above.
   #