[exim] PFS encryption

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: Exim-users
Subject: [exim] PFS encryption
Hi all,

as i just read about PFS, i was wondering how exim is handling the key
exchange.

the article suggested to use these ciphers in this order:

TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

as they implement the PFS Keyexchange, which prevents a sniffed
datastream from being decrypted in the future.

( for anyone wondering, thats because the session key never gets
directly transmitted )

So, whats exim prefering as cipher and how can that be controlled via
exim.conf , if it's configureable at all.

Marius