It's no longer generated with the `SMTP_TRANS_DHBITS' macro. Since it's
only used when the recipient domain is unknown, the various tunable
parameters are never actually tuned.
This has another happy effect: it bodges around Exim bug #1413.
## `domains.conf' file. Annoyingly, the `tls_dh_min_bits' setting isn't
## expanded before use, so we can't set it the obvious way. Instead, encode
## it into the transport name. This is very unpleasant, of course.
+smtp:
+ driver = smtp
+ tls_require_ciphers = CONF_acceptable_ciphers
+ tls_dh_min_bits = 1020
+ tls_tempfail_tryclear = true
+
m4_define(<:SMTP_TRANS_DHBITS:>,
<:driver = smtp
hosts_try_auth = *
{CONF_acceptable_ciphers})
tls_dh_min_bits = $1
tls_tempfail_tryclear = true:>)m4_dnl
-smtp:
- SMTP_TRANS_DHBITS(1020)
smtp_dhbits_1024:
SMTP_TRANS_DHBITS(1020)
smtp_dhbits_2048: