Re: [exim] Exclude TLS_RSA_WITH_SEED_CBC_SHA from cipher lis…

Top Page

Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Exclude TLS_RSA_WITH_SEED_CBC_SHA from cipher list
On 31/03/18 09:17, Konstantin Boyandin via Exim-users wrote:
> Do I understand correctly, that *tls_require_ciphers accepts
> OpenSSL-style list (the one also used by Apache and Dovecot), i.e.
> something like
>
> tls_require_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL


Yes, if your exim is build with OpenSSL. For GnuTLS it
is different. Docs are at:

http://exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphssl

--
Cheers,
Jeremy