On 04/13/17 10:16, @lbutlr wrote:
> On 2017-04-13 (07:50 MDT), Philip Paeps <phi...@trouble.is> wrote:
>>
>> egrep "TLS connection established from.*with cipher" \
>> /var/log/maillog* | awk \
>> '{printf("%s %s %s %s\n", $12, $13, $14, $15)}' | \
>> sort | uniq -c | sort -n
>
> Interesting. Ran this over a few days of logs:
>
> 5288 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384
> 4633 TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384
> 2343 TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256
> 1527 TLSv1 with cipher ECDHE-RSA-AES128-SHA
> 1250 TLSv1.2 with cipher AECDH-AES256-SHA
>
> Everything else is under 500, and the next 2 are the top 2 TLSv1.2 without
> GCM.
>From today's log only (the rest are compressed):
402 TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256
110 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384
106 TLSv1 with cipher ADH-CAMELLIA256-SHA
54 TLSv1 with cipher DHE-RSA-AES256-SHA
32 TLSv1.2 with cipher AECDH-AES256-SHA
28 TLSv1 with cipher ECDHE-RSA-AES128-SHA
18 TLSv1 with cipher ECDHE-RSA-AES256-SHA
16 TLSv1 with cipher AES256-SHA
12 TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384
4 TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA
4 TLSv1 with cipher ADH-AES256-SHA
This is Postfix 3.2.0 with untouched default cipher settings.
--
Phil Stracchino
Babylon Communications
ph...@caerllewys.net
p...@co.ordinate.org
Landline: 603.293.8485
