it is a normal behavior since years.
Depending on your users activity you see
All there four Mail server have this same habit, but it depends on the
type of mail how they are transport encrypted.
All instant messages come with TLSv1, like paying or receiving money and
all requests to the support.
The only messages coming with TLSv1.2 are the monthly reports informing
you to look at your online account.
It was similar at ebay in the past before they separated from paypal.
Ebay has than afterwards improved there mail systems but not paypal.
On 3/11/18 2:10 PM, Cyborg via Exim-users wrote:
> Hi guys,
> paypal seems to have a "small" problem to maintain it's servers with the
> same patch level:
> 2018-03-11 13:47:14 1ev0Nd-0006bI-Ss <= serv...@paypal.de
> H=mx0.slc.paypal.com (mx2.slc.paypal.com) [220.127.116.11] P=esmtps
> X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no S=39287
> 2018-03-11 13:48:02 1ev0OO-0006e9-4U <= serv...@paypal.de
> H=mx1.slc.paypal.com (mx2.slc.paypal.com) [18.104.22.168] P=esmtps
> X=TLSv1:DHE-RSA-AES256-SHA:256 CV=no S=41659 id=1520772477.30...@paypal.com
> Those two messages arrived on the same server system, so our part of the
> connection was the same. There is no reason to have on connection TLS 1
> and the other TLS 1.2 without a misconfiguration at paypal's
> Can anyone confirm similar sightings on your servers?
> best regards,
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/