On Fri, Nov 14, 2014 at 10:58:08PM +0100, Tom Hendrikx wrote:
> Nov 14 22:55:56 hostname postfix-out/smtp[11505]: Verified TLS
> connection established to mail.sys4.de[2001:1578:400:111::7]:25: TLSv1
> with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
> Nov 14 22:55:57 hostname postfix-out/smtp[11505]: 66FCB8049:
> to=<e...@sys4.de>, relay=mail.sys4.de[2001:1578:400:111::7]:25,
> delay=0.83, delays=0.16/0.05/0.17/0.45, dsn=2.1.5, status=deliverable
> (250 2.1.5 Ok)
Do keep in mind that if your /etc/resolv.conf does in fact list
remote DNS caches, the reported security can be illusory. Run a
local unbound listening on 127.0.0.1, list only that in /etc/resolv.conf,
and don't let DHCP or other automation replace this with some remote
nameserver.
--
Viktor.
