I'm running Exim 4.76 on Ubuntu server 12. I presume this issue will go away if I install the latest version of Exim as it looks like the dh_min_bits was released in 4.80, according to https://lists.exim.org/lurker/message/20120601.101708.8a0ac655.en.html
On Wed, Jan 15, 2014 at 10:36 PM, Viktor Dukhovni <[email protected]>wrote: > On Wed, Jan 15, 2014 at 01:07:09PM -0800, Todd Lyons wrote: > > > (Not) funny. I was wrong on BOTH counts. It is a runtime > > configuration and it is the user's problem. I guess I have been > > fortunate enough to have only ever used OpenSSL because it has always > > just worked without need for tweaking. > > Note, some Debian releases patched Exim to make it "more secure", > thereby breaking TLS handshakes with most servers, and making Exim > less secure when Exim falls back to cleartext delivery. The OP > may well have one of the "improved" Debian Exim versions. > > This has been discussed on either Exim-dev or Exim-users before. > It is also documented in > > http://www.postfix.org/FORWARD_SECRECY_README.html#server_fs > > near the bottom of that section. This motivated the recommendation > for Postfix administrators to create 2048-bit DHE parameter files. > > -- > Viktor. > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
