Re: [exim] PFS encryption

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MCyborg at <-
MCyborg at ->
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: Cyborg
CC: Exim-users
Subject: Re: [exim] PFS encryption
On 30 Jul 2013, at 08:56, Cyborg <cyborg2@???> wrote:
> as i just read about PFS, i was wondering how exim is handling the key exchange.
>
> the article suggested to use these ciphers in this order:
>
> TLS_ECDHE_RSA_WITH_RC4_128_SHA
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

Look for tls_require_ciphers in the docs.

Also read up on openssl_options, and

http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphssl
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphgnu

Graeme
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] PFS encryptionRe: [exim] PFS encryption->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)