Re: enable DANE
This is not a solution to the issue at hand; whilst it has use in other contexts, it will not in any way prevent your system from the bug that's been patched today (unless you've found something that hasn't been discussed).
Mitigation if you cannot patch: do not offer TLS to connecting hosts at that prevents the vulnerable code path being hit*. Additionally, Heiko has provided additional mitigation on the exim-users mailing list which prevents acceptance (and writing to spool) of messages with 'dangerous' SNI values.
*this is not recommended, but is a quick and dirty hack while you patch/wait for updates.
Biting the hand that feeds IT
