## `domains.conf' file. Annoyingly, the `tls_dh_min_bits' setting isn't
## expanded before use, so we can't set it the obvious way. Instead, encode
## it into the transport name. This is very unpleasant, of course.
+smtp:
+ driver = smtp
+ tls_require_ciphers = CONF_acceptable_ciphers
+ tls_dh_min_bits = 1020
+ tls_tempfail_tryclear = true
+
m4_define(<:SMTP_TRANS_DHBITS:>,
<:driver = smtp
hosts_try_auth = *
{CONF_acceptable_ciphers})
tls_dh_min_bits = $1
tls_tempfail_tryclear = true:>)m4_dnl
-smtp:
- SMTP_TRANS_DHBITS(1020)
smtp_dhbits_1024:
SMTP_TRANS_DHBITS(1020)
smtp_dhbits_2048: