Re: [exim] 'X=TLSv1: ...' in exim log file

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSander Smeenk at <-
M 
Delete this message
Reply to this message
Author: Ian FREISLICH
Date:  
To: exim-users
Subject: Re: [exim] 'X=TLSv1: ...' in exim log file
Sander Smeenk wrote:
> Quoting Robert Cates (robert@???):
>
> > What would I need to do to increase my Exim TLS/SSL connections to 256-bit?
>
> I've wondered about this too. I think it has to do with the type of cert
> you create for Exim to use. Not sure though. Could also be a compiletime
> setting maybe...
>
> It's still on my 'Need-to-check-that-out-soon'-list.

Maybe you should have a look at:

tls_require_ciphers
Use: main
Type: string, expanded
Default: unset

This option controls which ciphers can be used for incoming TLS
connections. The smtp transport has an option of the same name for
controlling outgoing connections. This option is expanded for each
connection, so can be varied for different clients if required. The
value of this option must be a list of permitted cipher suites. The
OpenSSL and GnuTLS libraries handle cipher control in somewhat
different ways. If GnuTLS is being used, the client controls the
preference order of the available ciphers. Details are given in
sections 38.3 and 38.4

Ian

--
Ian Freislich


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] LDAP lookup over SSLRe: [exim] LDAP lookup over SSL->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)