[exim] Diffie-Hellman?

Top Page
Delete this message
Reply to this message
Author: Oliver Howe
Date:  
To: exim-users
Subject: [exim] Diffie-Hellman?
I've recently started seeing these error messages when sending to yahoo

2014-01-15 10:49:55 1W3O2j-0002iY-Mv TLS error on connection to
mta5.am0.yahoodns.net [98.138.112.34] (gnutls_handshake): The
Diffie-Hellman prime sent by the server is not acceptable (not long enough)
2014-01-15 10:49:55 1W3O2j-0002iY-Mv TLS session failure: delivering
unencrypted to mta5.am0.yahoodns.net [98.138.112.34] (not in
hosts_require_tls)


After some googling I thought maybe my self signed TLS key was not strong
enough and so regenerated it with -

openssl req -x509 -newkey rsa:2048 -keyout /etc/exim4/eximcert -out
/etc/exim4/eximcert -days 9999 -nodes

but I still get the same error message. Am I on the right track or is there
something else I need to do in order to get yahoo to accept the TLS session?

thanks