chiark / gitweb /
~mdw / exim-config / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
base.m4, exchange.m4, config.m4: Tweak TLS settings.
[exim-config] / config.m4
diff --git a/config.m4 b/config.m4
index 5901edcff9518136f472d970a8adf5b1e869b321..d84f648e18d70c0af771505f37cba509e6fd9a04 100644 (file)
--- a/config.m4
+++ b/config.m4
@@ -43,7 +43,9 @@ DEFCONF(spam_max, 50)
 DEFCONF(interfaces, m4_ifelse(MODE, satellite, 127.0.0.1 ; ::1,
                              0.0.0.0 ; ::0))
 
-## Submission port number.  (This is sometimes tweaked for testing.)
+## Main and submission port numbers.  (This is sometimes tweaked for
+## testing.)
+DEFCONF(smtp_port, 25)
 DEFCONF(submission_port, 587)
 
 ## Locations of other configuration files.
@@ -65,10 +67,10 @@ DEFCONF(relay_clients, +trusted)
 ## fairly hard to encourage any kind of crypto on the grounds that probably
 ## nobody can verify our certificate anyway.
 DEFCONF(good_ciphers, NONE<::>m4_dnl
-:+VERS-TLS1.2:+VERS-TLS1.1<::>m4_dnl
+:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0<::>m4_dnl
 :+DHE-RSA:+DHE-DSS<::>m4_dnl
 :+AES-256-CBC:+AES-128-CBC<::>m4_dnl
-:+SHA256<::>m4_dnl
+:+SHA256:+SHA384:+SHA512:+SHA1<::>m4_dnl
 :+SIGN-RSA-SHA512:+SIGN-RSA-SHA384:+SIGN-RSA-SHA256:+SIGN-DSA-SHA256<::>m4_dnl
 :+CTYPE-X.509<::>m4_dnl
 :+COMP-NULL<::>m4_dnl
The distorted.org.uk Exim configuration.