[Chugalug] Mail headers show SSL for mail server connections.

Mike Harrison cluon at geeklabs.com
Mon Sep 2 18:52:47 UTC 2013


This is what I do on rainy holiday weekends: Linux Server Maintenance:

Google/Gmail is now happy with the SSL Certs, DNS, Hostname, etc.. on this 
mail server. I'm not sure AES128 is awesome, but it's at least good. It 
looks like it'll negotiate the highest commong method from this list: 
AES256, 3DES, AES128, ARC128, ARC40, RC2, DES

In my headers from a message from this server to a gmail account I can 
see:

Received: from mail.geeklabs.com (li466-195.members.linode.com. 
[50.116.40.195]) by mx.google.com with ESMTPS id 
xq2si6788714obc.83.1969.12.31.16.00.00 (version=TLSv1.1 cipher=AES128-SHA 
bits=128/128); Mon, 02 Sep 2013 11:28:21 -0700 (PDT)

I'd be interested if anyone sees anything better or much different in 
their mail servers.

In case you can't tell, I'm on a crusade:

   a. Any IT professional that can not send/receive important information
      via a secure method like GPG/PGP email is a clown and a danger to
      network and operational security.

   b. As much else as is practical, should also not be in plain text protocols.
      hence the effort to get things right on this mail server.

   c. I'm working hard to not be a hypocrite about A and B. I'm not done
      yet, for example this email is being sent via pine, and is not
      integrated yet with these tools. And I'm still wondering if I trust
      installing my private keys on my Android phone.

--Mike--











More information about the Chugalug mailing list