Am 19.05.19 um 20:17 schrieb Richard Jones via Exim-users:
> # egrep -o 'X=TLS[^ ]+' /var/log/exim4/mainlog | sort | uniq -c | sort
> -n | tail
> 82 X=TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128
> 167 X=TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256
> 272 X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256
> 289 X=TLS1.2:ECDHE_ECDSA_AES_128_CBC_SHA256:128
> 296 X=TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256
> 466 X=TLS1.2:ECDHE_ECDSA_CHACHA20_POLY1305:256
> 691 X=TLS1.2:ECDHE_ECDSA_AES_256_GCM_SHA384:256
> 727 X=TLS1.2:ECDHE_ECDSA_AES_128_GCM_SHA256:128
> 1053 X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128
> 15878 X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256
>
> Sadly I want to continue to receive some of those TLS1.0 inbound
> connections. One of them is from the OWASP CRS mailing list. Of all
> people!
You have no idea whos mailserver used TLS 1.1 in 2018: The Germany
Federal Security Agency :D
And tons of other update denier :D
Best regards,
Marius
