So should we use this setting for TLS options in main.cf in order to slow down the key generation time:
tls_random_source = dev:/dev/urandom ??? Thanks again. 2017-03-27 16:30 GMT-03:00 Kenneth Marshall <k...@rice.edu>: > On Mon, Mar 27, 2017 at 04:06:46PM -0300, Alejandro Cabrera Obed wrote: >> Dear, thanks....is it possible that the STARTTLS settings slow down mail >> processing? In this mail relay server, the connections as "client" to the >> corporate mail server are always encrypted with the TLS, with the >> corresponding negotiation. >> >> Thanks and I will analyze all you said. >> >> Thanks to all. >> >> Roberto > > Hi Roberto, > > If you have a shortage of entropy, and you require it for your random > number source, it can slow TLS connections. The typical solution is > to use either a pseudo-random source or a hw-based entropy source. > > Regards, > Ken
