## The user who runs verification filters.
DEFCONF(filter_user, Debian-exim)
+## Administrative groups.
+DEFCONF(admin_groups, root : adm)
+
## Where the spam filter is.
DEFCONF(spamd_address, 172.29.199.179)
DEFCONF(spamd_port, 783)
## Default spam limit for incoming mail (multiplied by ten).
DEFCONF(spam_max, 50)
+## Userv stuff for debugging.
+DEFCONF(userv_opts, )
+
## Which interfaces to listen on. Exim checks for the literal string `::0'
## when setting things up: don't use `::', or we'll be tripped up by Linux's
## demented non-`IPV6_V6ONLY' behaviour.
DEFCONF(ca_dir, /etc/ca)
## User address suffix handling.
-DEFCONF(user_suffix_list, -* : +*)
+DEFCONF(user_suffix_list, +* : -*)
DEFCONF(user_extaddr_regexp, $acl_c_user([-+@]|\$))
DEFCONF(user_extaddr_fixup, ${sg {$local_part_suffix}{^[-+]}{}})
## fairly hard to encourage any kind of crypto on the grounds that probably
## nobody can verify our certificate anyway.
DEFCONF(good_ciphers, NONE<::>m4_dnl
-:+VERS-TLS1.2:+VERS-TLS1.1<::>m4_dnl
+:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0<::>m4_dnl
:+DHE-RSA:+DHE-DSS<::>m4_dnl
:+AES-256-CBC:+AES-128-CBC<::>m4_dnl
-:+SHA256<::>m4_dnl
+:+SHA256:+SHA384:+SHA512:+SHA1<::>m4_dnl
:+SIGN-RSA-SHA512:+SIGN-RSA-SHA384:+SIGN-RSA-SHA256:+SIGN-DSA-SHA256<::>m4_dnl
:+CTYPE-X.509<::>m4_dnl
:+COMP-NULL<::>m4_dnl