From ea0d0cfba5fa9267c0f82af617f2094bc7545745 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 11 Mar 2017 20:42:36 +0000 Subject: [PATCH 1/1] Docs: fix description of tls_advertise_hosts --- doc/doc-docbook/spec.xfpt | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e6a46c58a..44f9d26ff 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -27213,10 +27213,12 @@ tls_require_ciphers = ${if =={$received_port}{25}\ .cindex "TLS" "configuring an Exim server" When Exim has been built with TLS support, it advertises the availability of the STARTTLS command to client hosts that match &%tls_advertise_hosts%&, -but not to any others. The default value of this option is unset, which means -that STARTTLS is not advertised at all. This default is chosen because you -need to set some other options in order to make TLS available, and also it is -sensible for systems that want to use TLS only as a client. +but not to any others. The default value of this option is *, which means +that STARTTLS is alway advertised. Set it to blank to never advertise; +this is reasonble for systems that want to use TLS only as a client. + +If STARTTLS is to be used you +need to set some other options in order to make TLS available. If a client issues a STARTTLS command and there is some configuration problem in the server, the command is rejected with a 454 error. If the client -- 2.30.2