Re: [exim] Expiriences with TLS 1.3

Top Page

Reply to this message
Author: Phil Pennock
Date:  
To: Exim-users
Subject: Re: [exim] Expiriences with TLS 1.3
On 2019-01-28 at 15:09 +0000, Andrew C Aitchison via Exim-users wrote:
> I see many header lines like:
>
> Received: from smtp.spodhuis.org ([2a02:898:31:0:48:4558:736d:7470]:34422
> helo=mx.spodhuis.org)
> by hummus.csx.cam.ac.uk with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
> (Exim 4.91) (envelope-from <pdp@???>) id 1f8ZjZ-0007nY-8Q
> for exim-dev@???; Wed, 18 Apr 2018 00:09:57 +0100


FWIW, I use a Transport override so that mail going to the Hummus
machine connects to port 26 instead of port 25. Port 26 is where we
install things like RCs or run tests before rolling changes out to port
25. Anyone who wants can make a similar change, I don't anticipate us
ending the use of port 26 for "next-exim". Just beware that things
might break so if you get mail queuing up, be prepared to switch back
(and provide logs pointing to what we've/I've messed up).

I do need to get around to installing the latest RC. Sorry Heiko.

next-exim is currently:
Library version: OpenSSL: Compile: OpenSSL 1.1.1-pre5 (beta) 17 Apr 2018
                          Runtime: OpenSSL 1.1.1-pre8 (beta) 20 Jun 2018
and I should fix that too.


-Phil