From: David Hill (no email)
Date: Thu Sep 08 2005 - 18:06:30 EDT
On Thu, Sep 08, 2005 at 05:27:59PM -0400, Christian von Roques wrote:
> David Hill <> writes:
> > My tally is:
> > 150188 TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
> > 38037 TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
> > 4027 SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
> > 691 TLSv1 with cipher RC4-SHA (128/128 bits)
> > 483 TLSv1 with cipher AES256-SHA (256/256 bits)
> > 372 TLSv1 with cipher RC4-MD5 (128/128 bits)
> > 309 SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
> > 108 TLSv1 with cipher DES-CBC3-SHA (168/168 bits)
> > 89 SSLv3 with cipher DES-CBC3-SHA (168/168 bits)
> > 10 SSLv3 with cipher RC4-MD5 (128/128 bits)
> > 5 SSLv3 with cipher RC4-SHA (128/128 bits)
> > 1 SSLv2 with cipher DES-CBC3-MD5 (168/168 bits)
> ^^^^^
>
> Can you please try to find out what software actually negotiated a
> SSLv2 connection? All SSLv2 connections in our maillogs were
> caused by me running "openssl s_client -ssl2 -starttls smtp".
>
> Christian.
>
Aug 24 00:24:30 mx1 postfix/smtpd[11443]: connect from blh.k12.mn.us[64.8.149.82]
Aug 24 00:24:31 mx1 postfix/smtpd[11443]: setting up TLS connection from blh.k12.mn.us[64.8.149.82]
Aug 24 00:24:31 mx1 postfix/smtpd[11443]: TLS connection established from blh.k12.mn.us[64.8.149.82]: SSLv2 with cipher DES-CBC3-MD5 (168/168 bits)
Aug 24 00:24:31 mx1 postfix/smtpd[11443]: NOQUEUE: reject: RCPT from blh.k12.mn.us[64.8.149.82]: 554 Service unavailable; Client host [64.8.149.82] blocked using relays.ordb.org; This mail was handled by an open relay - please visit <http://ORDB.org/lookup/?host=64.8.149.82>; from=<> to=<> proto=ESMTP helo=<mail.blh.k12.mn.us>
Aug 24 00:24:32 mx1 postfix/smtpd[11443]: lost connection after RCPT from blh.k12.mn.us[64.8.149.82]
Aug 24 00:24:32 mx1 postfix/smtpd[11443]: disconnect from blh.k12.mn.us[64.8.149.82]
I think k12 schools usually use groupwise (which doesn't follow SMTP RFC's) or older software anyways.
David
|
|
|