Re: [exim] Exim 4.95 released

Top Page

Reply to this message
Author: Jeremy Harris
To: exim-users
Subject: Re: [exim] Exim 4.95 released
On 28/09/2021 23:41, Viktor Dukhovni via Exim-users wrote:
>>    - fast-ramp queue run
>>    - native SRS
>>    - TLS resumption

> I'd like to ask, if I may, how TLS resumption interacts with DANE or
> other authenticated TLS policy, assuming potential earlier
> unauthenticated TLS connections to the same IP:port or name:port on
> behalf of some other domain (or via an alternate "router") which did not
> require an authenticated connection, or otherwise had a different set of
> TLS requirements.

If enabled for a target host (default being no)
then the session cache lookup key is the unadorned IP.

>>    - faster TLS startup

> May I ask what this means?

Caching of the CA bundle, and similar setup,
by loading it in the daemon process (which forks
for receive processes).