Re: [exim] TLS problems of late

Top Page
Delete this message
Reply to this message
Author: Warren Baker
Date:  
To: Alan Hicks
CC: exim-users
Subject: Re: [exim] TLS problems of late
On Fri, Feb 22, 2013 at 7:27 PM, Alan Hicks <ahicks@???> wrote:
>>
>>
> This may be a cipher issue as they are different in your two examples.
>
> Non Working
> 14:28:59 95534 Cipher: TLSv1:DES-CBC3-SHA:168
> Working
> Cipher: TLSv1:RC4-MD5:128
>
> You could try the tls_require_ciphers option as per chapter 41 of the the
> excellent exim manual. http://exim.org/exim-html-
> current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html
>
> A list of supported ciphers can be found with 'openssl ciphers'.



Thanks Alan.
If it was a cipher issue then surely the TLS session would fail to negotiate?

I do see there is the switch tls_tempfail_tryclear however this does
not take affect as the TLS session is successfully negotiated
(according to the debug).


thanks

--
.warren