Autor: Cyborg Data: Para: exim-users Asunto: [exim] OT/2: TLS on gnu.org,
better named: the insecured gnu.org mailserver
Hi,
this message is not about exim problems, it's about problems involving
exim.
As you all heared, Richard Stallmann as resigned from it's positions.
Not the topic here,
but it caused me to send him a letter, which I do once in a while.
Unfortunately, the admins at gnu don't think much about security, as
their mailserver,
revealed itself to be a very outdated exim 4.71 .
New, SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
...
this server does only speak TLS 1.0 from 1998.
If you have the opportunity to inform those admins, please do so.
I can't, because our server does not longer speak
outdated-broken-beyond-repair-protocols from the last millenium and
refuses plaintext smtp too ;)