- All published Tarballs are signed. The signatures are created with keys belonging to the developers:
- <a href="{$staticroot}/keys/jgh@wizmail.org.asc">Jeremy Harris</a>,
- <a href="{$staticroot}/keys/phil.pennock@spodhuis.org.asc">Phil Pennock</a>, or
- <a href="{$staticroot}/keys/hs@schlittermann.de.asc">Heiko Schlittermann</a>. (Please crosscheck these keys
- with keys you can find at other sources.)
-
- <h3>Mirroring Exim</h3>
-
- <p>If you are interested in running a mirror for exim, please look at <a href="howto/mirroring.html">Mirroring The Exim Website</a></p>
+ <p>
+ All published tarballs are cryptographically signed with an OpenPGP implementation (such as GnuPG).
+ The signatures are distributed alongside the tarballs.
+ The signatures are created with keys belonging to the developers.
+ The keys can be found in our
+ <a href="https://downloads.exim.org/Exim-Maintainers-Keyring.asc">maintainers keyring</a>.
+ (Please crosscheck these keys with keys you can find at other sources.)
+ </p>