[Chugalug] Mail headers show SSL for mail server connections.
cluon at geeklabs.com
Mon Sep 2 18:52:47 UTC 2013
This is what I do on rainy holiday weekends: Linux Server Maintenance:
Google/Gmail is now happy with the SSL Certs, DNS, Hostname, etc.. on this
mail server. I'm not sure AES128 is awesome, but it's at least good. It
looks like it'll negotiate the highest commong method from this list:
AES256, 3DES, AES128, ARC128, ARC40, RC2, DES
In my headers from a message from this server to a gmail account I can
Received: from mail.geeklabs.com (li466-195.members.linode.com.
[22.214.171.124]) by mx.google.com with ESMTPS id
xq2si6788714obc.83.19126.96.36.199.00.00 (version=TLSv1.1 cipher=AES128-SHA
bits=128/128); Mon, 02 Sep 2013 11:28:21 -0700 (PDT)
I'd be interested if anyone sees anything better or much different in
their mail servers.
In case you can't tell, I'm on a crusade:
a. Any IT professional that can not send/receive important information
via a secure method like GPG/PGP email is a clown and a danger to
network and operational security.
b. As much else as is practical, should also not be in plain text protocols.
hence the effort to get things right on this mail server.
c. I'm working hard to not be a hypocrite about A and B. I'm not done
yet, for example this email is being sent via pine, and is not
integrated yet with these tools. And I'm still wondering if I trust
installing my private keys on my Android phone.
More information about the Chugalug