Okay, I'm pleading with developers. I'm very impressed at the number of options and switches that your program exposes via its configuration file(s) / directories / databases. Bonus points for those of you who have managed to extensively document each switch and its default setting with inline comments.
Actually, that strategy even works up to a point. But once your configuration file exceeds a few screens in length you're starting to go off the deep end. Your program's defaults should be minimal, sensible and secure, especially in the case of network daemons.
There are some hideous offenders out there like Asterisk, whose Christmas tree default configuration is often only lightly modified by novice administrators. A default RPM installation of Asterisk on my development virtual machine ships with 63 configuration files -- 7511 lines in total. But I run some perfectly good inbound SIP IVRs with 10 files and 251 lines.
When you throw a huge mess of a default configuration in my face, you leave me with the feeling that I can't even approach your software until I have had the time to digest the security implications of every one of the switches you are exposing.
There are other programs which do it well like OpenVPN. They ship sample configuration files for different configurations, from which you can copy and paste your own configuration files together. This approach is much saner than editing a huge file -- take what you need, leave what you don't.
I advise all system administrators faced with such configuration mountains to grit their teeth and write their own configs from scratch after carefully studying the stock configuration. Turn on and configure only the specific features you need, lightly document your intent with comments, and leave the other garbage out of the configuration files. The more scrolling past heaps of irrelevant comments and settings you must do to scan the configuration file, the less you will be able to focus on the big picture of how your system is set up.