On Fri 27/May/2016 14:39:59 +0200 Matus UHLAR - fantomas wrote: > >> I don't know how to check what percentage of port 25 mailserver to >> mailserver connections may be SSL encrypted to justify leaving SSL >> on port 25 for server to server connections. Would you (or anyone) >> have any idea how many mailservers are successfully connecting to >> each other via SSL these days?
What I do is checking courierd's Received: line; "with ESMTPS" stands for "ESMTP with STARTTLS", according to: http://www.iana.org/assignments/mail-parameters/mail-parameters.xhtml#mail-parameters-7 > % grep relay= /var/log/mail | grep sm-mta | grep -c STARTTLS=server > 261 > % grep relay= /var/log/mail | grep sm-mta | grep -c from= > 1007 Cute, I guess sm-mta is the machine name... but wait, why do I miss the STARTTLS=server part? Also, doesn't the from= include errors? Most errors and unencrypted sessions seem to be related to spammers... Ale -- ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users