Am 30.07.2013 11:19, schrieb Graeme Fowler:
On 30 Jul 2013, at 08:56, Cyborg <[email protected]> wrote:
as i just read about PFS, i was wondering how exim is handling the key exchange.
the article suggested to use these ciphers in this order:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Look for tls_require_ciphers in the docs.
But was is the DEFAULT ?
Is it the output of "openssl ciphers" ?
if so, i don't see any ellipticbased ciphers there, but at least they
use DHE, which indicates PFS is used, which is good.
Next question, out of curiosity :
are there any statistics about the usage of ciphers in exim mailservers ?
( google returns only the exim specs as result for "statistics about
exim cipher usage" )
Marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
