Versions of Messaging Gateway (SMG) prior to SMG 10.7.0 may use a 1024 bit temporary key for secure Diffie-Hellman key exchange during TLS negotiation. More recent security requirements do not consider a 1024 bit temporary key to be sufficiently secure and demand a temporary key length of 2048 bits or more.
This issue has been resolved with SMG 10.7 by removing ciphersuites which use ephemeral Diffie-Hellman (DHE) or Diffie-Hellman (DH) key exchange. This may be confirmed by running the following command from the admin command line (CLI) which will list all ciphers available to the SMG mail transfer agent (MTA):
smg> mta-control all set-tls-ciphers
Subscribing will provide email updates when this Article is updated. Login is required.