Dear Bastian,
Thank you for your reply.
Am 11.07.23 um 19:43 schrieb Bastian Blank:
On Tue, Jul 11, 2023 at 05:47:12PM +0200, Paul Menzel via mailop wrote:
Testing the mail setup, I was surprised to have the key exchange parameters
flagged [1]:
a1241.mx.srv.dfn.de.DH-2048
Hi
On Wed, Jul 12, 2023 at 01:00:43AM +0300, Taavi Eomäe via mailop wrote:
> On 11/07/2023 20:43, Bastian Blank via mailop wrote:
> > Given that this host only reacts on port 25 but not on port 587, I
> > assume this is MX.
> Ideally one would offer implicit TLS on port 465 as well (RFC8314).
On 11/07/2023 20:43, Bastian Blank via mailop wrote:
Given that this host only reacts on port 25 but not on port 587, I
assume this is MX.
Ideally one would offer implicit TLS on port 465 as well (RFC8314).
You are talking about MX, which is unauthenticated in the absence of DANE.
There's
Hi
On Tue, Jul 11, 2023 at 05:47:12PM +0200, Paul Menzel via mailop wrote:
> Testing the mail setup, I was surprised to have the key exchange parameters
> flagged [1]:
> > a1241.mx.srv.dfn.de.DH-2048 insufficient
This test is for web or e-mail? MX or MSA?
Given that this host
Dňa 11. júla 2023 15:47:12 UTC používateľ Paul Menzel via mailop
napísal:
>Have most of you moved to ECDHE? If not, are you using the predefined finite
>field groups specified in RFC 7919 [5]?
I do not know what most of others, but i disabled DHE
ciphersuites, including all FFDH groups some
Dear mail operators,
Testing the mail setup, I was surprised to have the key exchange
parameters flagged [1]:
a1241.mx.srv.dfn.de.DH-2048 insufficient
Explanation:
DHE: The security of Diffie-Hellman Ephemeral (DHE) key exchange
depends on the lengths of the public and