Re: [exim] setup Exim to improve SMTP performance

Top Page
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: Olivier Bonvalet
CC: exim-users
Subject: Re: [exim] setup Exim to improve SMTP performance
Quoting Olivier Bonvalet:

> I haven't got enough entropy on my servers, and "/dev/random" is
> "blocking".
> Now, I'll search to a "true" solution :


Do you really need TLS for sending out your newsletter?

If not: hosts_avoid_tls is expanded, so you could use it for disabling
TLS when sending out the newsletter (detected by sender address, header,
subject etc.).

If yes: I think there's not much you can do in Exim, it's caused by the
system itself. You can try to get more entropy, either by using a script
as the one on the page you posted, or by patching the kernel. As the
page mentions, there was a change somewhere between 2.6.9 and 2.6.12
(AFAIR), where the network interface was removed as an entropy source
for security reasons. I saw a kernel patch to change that back a while ago.

Other possible ways are:
- a hardware RNG, either in the chipset (supported by the kernel) or
from a cheap microphone (kernel patch available)
- Entropy Gathering Daemon (EGD) or similar user space tools, must be
supported by your software (patched openssl?)