On 2017-04-13 08:16:29 (-0600), @lbutlr <krem...@kreme.com> wrote:
On 2017-04-13 (07:50 MDT), Philip Paeps <phi...@trouble.is> wrote:
egrep "TLS connection established from.*with cipher" \
/var/log/maillog* | awk \
'{printf("%s %s %s %s\n", $12, $13, $14, $15)}' | \
sort | uniq -c | sort -n
Interesting. Ran this over a few days of logs:
5288 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384
4633 TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384
2343 TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256
1527 TLSv1 with cipher ECDHE-RSA-AES128-SHA
1250 TLSv1.2 with cipher AECDH-AES256-SHA
Everything else is under 500, and the next 2 are the top 2 TLSv1.2 without GCM.
That's a pretty good situation to be in. :)
I've been trying to reach out to the RC4-MD5 users who are unfortunately
still in the top 10 of one of the mail systems I manage.
Philip
--
Philip Paeps
Senior Reality Engineer
Ministry of Information
