Speaking about not letting the terrorists win... My favorite MTA is qmail, for couple reasons. The TLS support is available as a thrid-party patch. However, the support for Diffie-Hellman cipher suites was missing, the initialization code was not there.
I borrowed code from stunnel, and implemented it into the qmail patch. >From now on, the ephemeral keying should work there. See http://213.246.91.154/patches/qmail/ Peer review more than welcomed. I am a very beginner in cryptography-related programming.
