Hello,
spec.txt says:
GnuTLS uses RSA and D-H parameters that take a substantial amount of
time to compute. It is unreasonable to recompute them for every
TLS session. Therefore, Exim keeps this data in a file in its spool
directory, called `gnutls-params'. The file is owned by the Exim user
and is readable only by its owner.
[...]
For maximum security, the parameters that are stored in this file
should be recalculated periodically, the frequency depending on your
paranoia level.
However I wonder what people would consider a reasonable default value
for a binary distribution of exim4 - once a day, weekly, every other
hour?
cu andreas