Mail headers show SSL for mail server connections.

From: Mike Harrison 

This is what I do on rainy holiday weekends: Linux Server Maintenance:

Google/Gmail is now happy with the SSL Certs, DNS, Hostname, etc.. on this 
mail server. I'm not sure AES128 is awesome, but it's at least good. It 
looks like it'll negotiate the highest commong method from this list: 
AES256, 3DES, AES128, ARC128, ARC40, RC2, DES

In my headers from a message from this server to a gmail account I can 

Received: from ( 
[]) by with ESMTPS id 
xq2si6788714obc.83.1969. (version=TLSv1.1 cipher=AES128-SHA 
bits=128/128); Mon, 02 Sep 2013 11:28:21 -0700 (PDT)

I'd be interested if anyone sees anything better or much different in 
their mail servers.

In case you can't tell, I'm on a crusade:

   a. Any IT professional that can not send/receive important information
      via a secure method like GPG/PGP email is a clown and a danger to
      network and operational security.

   b. As much else as is practical, should also not be in plain text protocols.
      hence the effort to get things right on this mail server.

   c. I'm working hard to not be a hypocrite about A and B. I'm not done
      yet, for example this email is being sent via pine, and is not
      integrated yet with these tools. And I'm still wondering if I trust
      installing my private keys on my Android phone.


=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I don't. I don't trust the iphone with them either. Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJSJOB3AAoJEMP+wtEOVbcdQ68IAJfhY4iYneh6E2zuWG093yL3 nvTI+mKT0o/R68ojajIdxxhWRwY+PElQ0w6GV438sXpxksAgpdTcsvbYdzu3FMB+ 1D57ClH1QAPFMyFcSw+sxN2a0MbEuhd+SWlD+azyK8nhVUkEkgRzgZR1i3yUXWxd 4PaiwfcnDO0mSbZIaDsRlFQcjLwCaHZw8YhRk5iAJ0GhIzLKNhBOVYCsZFP+FVey g/RNCPyNbjmCNZ/reJkgqIsREM+8aieZH1HvnNKTN/vk2qzpuX2NoqHk6mxIMeBm uZWziqiuAXYpiIAUdSnbC3A8M7taUboqkFsyEccggnFJrIfRdDwj2p9XG0W14Rg= =1zXA -----END PGP SIGNATURE-----

=============================================================== From: Stephen Haywood ------------------------------------------------------ Your lack of trusting the Android phone with your private keys is well = founded. = fi-password-world. I imagine that Apple is the same. -- Stephen Haywood Owner, ASG Consulting CISSP, GSEC, OSCP 423.305.3700