[Ach] SSLyze / GnuTLS
Michael Zeltner
m at niij.org
Fri Nov 22 18:53:10 CET 2013
On 22 Nov 12:31, christian mock wrote:
> Is that really the *full* list of ciphers? Because then your config is
> quite broken, and I'd like to debug this.
No, I attached a full sslyze report as txt file. This is for
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers=high
tls_high_cipherlist=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA
Michael
--
https://niij.org/
-------------- next part --------------
$ sslyze.py --tlsv1 --tlsv1_1 --tlsv1_2 --sslv3 --compression --reneg --resum --starttls smtp niij.org:25
REGISTERING AVAILABLE PLUGINS
-----------------------------
PluginCertInfo - Import Error: cannot import name X509_NAME_MISMATCH
PluginSessionResumption
PluginOpenSSLCipherSuites
PluginHSTS
PluginCompression
PluginSessionRenegotiation
CHECKING HOST(S) AVAILABILITY
-----------------------------
niij.org:25 => 2a01:4f8:120:2104::defe:c7:25
SCAN RESULTS FOR NIIJ.ORG:25 - 2A01:4F8:120:2104::DEFE:C7:25
------------------------------------------------------------
* Compression :
DEFLATE Compression: Disabled
* Session Renegotiation :
Client-initiated Renegotiations: Honored
Secure Renegotiation: Supported
* Session Resumption :
With Session IDs: Partially supported (2 successful, 0 failed, 3 errors, 5 total attempts). Try --resum_rate.
Error #1: utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
Error #2: utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
Error #3: socket.timeout - timed out
With TLS Session Tickets: Error: socket.timeout - timed out
* SSLV3 Cipher Suites :
Preferred Cipher Suite:
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
Accepted Cipher Suite(s):
EXP-ADH-RC4-MD5 Anon 250 2.0.0 Ok
EXP-ADH-DES-CBC-SHA Anon 250 2.0.0 Ok
AECDH-RC4-SHA Anon 250 2.0.0 Ok
AECDH-AES256-SHA Anon 250 2.0.0 Ok
ADH-RC4-MD5 Anon 250 2.0.0 Ok
ADH-DES-CBC3-SHA Anon 250 2.0.0 Ok
ADH-DES-CBC-SHA Anon 250 2.0.0 Ok
ADH-AES256-SHA Anon 250 2.0.0 Ok
EDH-RSA-DES-CBC-SHA 56 bits 250 2.0.0 Ok
DES-CBC-SHA 56 bits 250 2.0.0 Ok
EXP-RC4-MD5 40 bits 250 2.0.0 Ok
EXP-RC2-CBC-MD5 40 bits 250 2.0.0 Ok
EXP-EDH-RSA-DES-CBC-SHA 40 bits 250 2.0.0 Ok
EXP-DES-CBC-SHA 40 bits 250 2.0.0 Ok
DHE-RSA-CAMELLIA256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
CAMELLIA256-SHA 256 bits 250 2.0.0 Ok
EDH-RSA-DES-CBC3-SHA 168 bits 250 2.0.0 Ok
SEED-SHA 128 bits 250 2.0.0 Ok
RC4-SHA 128 bits 250 2.0.0 Ok
RC4-MD5 128 bits 250 2.0.0 Ok
ECDHE-RSA-RC4-SHA 128 bits 250 2.0.0 Ok
DHE-RSA-AES128-SHA 128 bits 250 2.0.0 Ok
CAMELLIA128-SHA 128 bits 250 2.0.0 Ok
AES128-SHA 128 bits 250 2.0.0 Ok
Undefined - An unexpected error happened:
SRP-DSS-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-AES256-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-DSS-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES256-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AECDH-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-CAMELLIA256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-RSA-AES-128-CBC-SHA socket.timeout - timed out
SRP-DSS-AES-128-CBC-SHA socket.timeout - timed out
SRP-AES-128-CBC-SHA socket.timeout - timed out
ECDHE-RSA-AES128-SHA256 socket.timeout - timed out
ECDHE-RSA-AES128-SHA socket.timeout - timed out
ECDHE-RSA-AES128-GCM-SHA256 socket.timeout - timed out
ECDHE-ECDSA-AES128-SHA256 socket.timeout - timed out
ECDHE-ECDSA-AES128-SHA socket.timeout - timed out
ECDHE-ECDSA-AES128-GCM-SHA256 socket.timeout - timed out
ECDH-RSA-AES128-SHA256 socket.timeout - timed out
ECDH-RSA-AES128-SHA socket.timeout - timed out
ECDH-RSA-AES128-GCM-SHA256 socket.timeout - timed out
DHE-RSA-SEED-SHA socket.timeout - timed out
DHE-RSA-CAMELLIA128-SHA socket.timeout - timed out
DHE-RSA-AES128-GCM-SHA256 socket.timeout - timed out
DHE-DSS-SEED-SHA socket.timeout - timed out
DHE-DSS-CAMELLIA128-SHA socket.timeout - timed out
DHE-DSS-AES128-GCM-SHA256 socket.timeout - timed out
AES128-SHA256 socket.timeout - timed out
AES128-GCM-SHA256 socket.timeout - timed out
AECDH-AES128-SHA socket.timeout - timed out
ADH-SEED-SHA socket.timeout - timed out
ADH-CAMELLIA128-SHA socket.timeout - timed out
ADH-AES128-SHA socket.timeout - timed out
ECDHE-ECDSA-AES256-SHA384 socket.error - [Errno 104] Connection reset by peer
Rejected Cipher Suite(s):
PSK-RC4-SHA TLS - No ciphers available
PSK-AES128-CBC-SHA TLS - No ciphers available
NULL-SHA256 TLS - No ciphers available
ECDH-RSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDH-ECDSA-AES256-SHA384 TLS - No ciphers available
ECDH-ECDSA-AES128-SHA256 TLS - No ciphers available
ECDH-ECDSA-AES128-GCM-SHA256 TLS - No ciphers available
DHE-RSA-AES256-SHA256 TLS - No ciphers available
DHE-RSA-AES256-GCM-SHA384 TLS - No ciphers available
DHE-RSA-AES128-SHA256 TLS - No ciphers available
DHE-DSS-AES256-SHA256 TLS - No ciphers available
DHE-DSS-AES256-GCM-SHA384 TLS - No ciphers available
DHE-DSS-AES128-SHA256 TLS - No ciphers available
ADH-AES256-SHA256 TLS - No ciphers available
ADH-AES256-GCM-SHA384 TLS - No ciphers available
ADH-AES128-SHA256 TLS - No ciphers available
ADH-AES128-GCM-SHA256 TLS - No ciphers available
SRP-RSA-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-RSA-3DES-EDE-CBC-SHA TLS - Alert handshake failure
SRP-DSS-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-AES-256-CBC-SHA TLS - Alert handshake failure
NULL-SHA TLS - Alert handshake failure
NULL-MD5 TLS - Alert handshake failure
IDEA-CBC-SHA TLS - Alert handshake failure
EXP-EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
ECDHE-RSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-RC4-SHA TLS - Alert handshake failure
ECDHE-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDH-RSA-RC4-SHA TLS - Alert handshake failure
ECDH-RSA-NULL-SHA TLS - Alert handshake failure
ECDH-RSA-DES-CBC3-SHA TLS - Alert handshake failure
ECDH-ECDSA-RC4-SHA TLS - Alert handshake failure
ECDH-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDH-ECDSA-AES128-SHA TLS - Alert handshake failure
DHE-DSS-CAMELLIA256-SHA TLS - Alert handshake failure
DHE-DSS-AES256-SHA TLS - Alert handshake failure
DHE-DSS-AES128-SHA TLS - Alert handshake failure
AECDH-NULL-SHA TLS - Alert handshake failure
* TLSV1 Cipher Suites :
Preferred Cipher Suite:
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
Accepted Cipher Suite(s):
EXP-ADH-RC4-MD5 Anon 250 2.0.0 Ok
EXP-ADH-DES-CBC-SHA Anon 250 2.0.0 Ok
AECDH-RC4-SHA Anon 250 2.0.0 Ok
AECDH-DES-CBC3-SHA Anon 250 2.0.0 Ok
AECDH-AES256-SHA Anon 250 2.0.0 Ok
ADH-DES-CBC3-SHA Anon 250 2.0.0 Ok
ADH-CAMELLIA256-SHA Anon 250 2.0.0 Ok
EDH-RSA-DES-CBC-SHA 56 bits 250 2.0.0 Ok
DES-CBC-SHA 56 bits 250 2.0.0 Ok
EXP-RC4-MD5 40 bits 250 2.0.0 Ok
EXP-RC2-CBC-MD5 40 bits 250 2.0.0 Ok
EXP-DES-CBC-SHA 40 bits 250 2.0.0 Ok
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
ECDHE-RSA-RC4-SHA 128 bits 250 2.0.0 Ok
ECDHE-RSA-AES128-SHA 128 bits 250 2.0.0 Ok
CAMELLIA128-SHA 128 bits 250 2.0.0 Ok
Undefined - An unexpected error happened:
SRP-RSA-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-DSS-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-DSS-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-AES-256-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-AES256-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-DSS-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-AES256-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-SEED-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-CAMELLIA256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-CAMELLIA128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-SEED-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
CAMELLIA256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AECDH-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SEED-SHA socket.timeout - timed out
RC4-SHA socket.timeout - timed out
RC4-MD5 socket.timeout - timed out
PSK-RC4-SHA socket.timeout - timed out
EXP-EDH-RSA-DES-CBC-SHA socket.timeout - timed out
EXP-EDH-DSS-DES-CBC-SHA socket.timeout - timed out
ECDH-RSA-RC4-SHA socket.timeout - timed out
ECDH-RSA-AES128-SHA256 socket.timeout - timed out
ECDH-RSA-AES128-SHA socket.timeout - timed out
ECDH-RSA-AES128-GCM-SHA256 socket.timeout - timed out
ECDH-ECDSA-RC4-SHA socket.timeout - timed out
ECDH-ECDSA-AES128-SHA256 socket.timeout - timed out
ECDH-ECDSA-AES128-SHA socket.timeout - timed out
ECDH-ECDSA-AES128-GCM-SHA256 socket.timeout - timed out
AES128-SHA socket.timeout - timed out
ADH-SEED-SHA socket.timeout - timed out
ADH-RC4-MD5 socket.timeout - timed out
ADH-DES-CBC-SHA socket.timeout - timed out
ADH-CAMELLIA128-SHA socket.timeout - timed out
ADH-AES128-SHA256 socket.timeout - timed out
ADH-AES128-SHA socket.timeout - timed out
ADH-AES128-GCM-SHA256 socket.timeout - timed out
SRP-RSA-AES-128-CBC-SHA socket.error - [Errno 104] Connection reset by peer
DHE-DSS-AES128-SHA256 socket.error - [Errno 104] Connection reset by peer
DHE-DSS-AES128-GCM-SHA256 socket.error - [Errno 104] Connection reset by peer
Rejected Cipher Suite(s):
PSK-AES128-CBC-SHA TLS - No ciphers available
NULL-SHA256 TLS - No ciphers available
ECDHE-RSA-AES256-SHA384 TLS - No ciphers available
ECDHE-RSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDHE-ECDSA-AES256-SHA384 TLS - No ciphers available
ECDHE-ECDSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDHE-ECDSA-AES128-SHA256 TLS - No ciphers available
ECDH-ECDSA-AES256-GCM-SHA384 TLS - No ciphers available
DHE-RSA-AES256-SHA256 TLS - No ciphers available
DHE-RSA-AES256-GCM-SHA384 TLS - No ciphers available
DHE-DSS-AES256-SHA256 TLS - No ciphers available
DHE-DSS-AES256-GCM-SHA384 TLS - No ciphers available
AES128-SHA256 TLS - No ciphers available
AES128-GCM-SHA256 TLS - No ciphers available
ADH-AES256-SHA256 TLS - No ciphers available
ADH-AES256-GCM-SHA384 TLS - No ciphers available
SRP-RSA-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-DSS-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-3DES-EDE-CBC-SHA TLS - Alert handshake failure
NULL-SHA TLS - Alert handshake failure
NULL-MD5 TLS - Alert handshake failure
IDEA-CBC-SHA TLS - Alert handshake failure
EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
ECDHE-RSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-RC4-SHA TLS - Alert handshake failure
ECDHE-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-AES256-SHA TLS - Alert handshake failure
ECDHE-ECDSA-AES128-SHA TLS - Alert handshake failure
ECDH-RSA-NULL-SHA TLS - Alert handshake failure
ECDH-ECDSA-NULL-SHA TLS - Alert handshake failure
DHE-DSS-CAMELLIA256-SHA TLS - Alert handshake failure
DHE-DSS-CAMELLIA128-SHA TLS - Alert handshake failure
AECDH-NULL-SHA TLS - Alert handshake failure
* TLSV1_2 Cipher Suites :
Preferred Cipher Suite:
ECDHE-RSA-AES256-GCM-SHA384 256 bits 250 2.0.0 Ok
Accepted Cipher Suite(s):
EXP-ADH-RC4-MD5 Anon 250 2.0.0 Ok
EXP-ADH-DES-CBC-SHA Anon 250 2.0.0 Ok
AECDH-RC4-SHA Anon 250 2.0.0 Ok
AECDH-DES-CBC3-SHA Anon 250 2.0.0 Ok
AECDH-AES256-SHA Anon 250 2.0.0 Ok
ADH-DES-CBC-SHA Anon 250 2.0.0 Ok
ADH-CAMELLIA256-SHA Anon 250 2.0.0 Ok
ADH-AES256-SHA256 Anon 250 2.0.0 Ok
ADH-AES256-SHA Anon 250 2.0.0 Ok
ADH-AES128-SHA256 Anon 250 2.0.0 Ok
EDH-RSA-DES-CBC-SHA 56 bits 250 2.0.0 Ok
DES-CBC-SHA 56 bits 250 2.0.0 Ok
EXP-RC4-MD5 40 bits 250 2.0.0 Ok
EXP-RC2-CBC-MD5 40 bits 250 2.0.0 Ok
EXP-EDH-RSA-DES-CBC-SHA 40 bits 250 2.0.0 Ok
EXP-DES-CBC-SHA 40 bits 250 2.0.0 Ok
ECDHE-RSA-AES256-SHA384 256 bits 250 2.0.0 Ok
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
ECDHE-RSA-AES256-GCM-SHA384 256 bits 250 2.0.0 Ok
DHE-RSA-CAMELLIA256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-SHA256 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-GCM-SHA384 256 bits 250 2.0.0 Ok
AES256-GCM-SHA384 256 bits 250 2.0.0 Ok
ECDHE-RSA-DES-CBC3-SHA 168 bits 250 2.0.0 Ok
SEED-SHA 128 bits 250 2.0.0 Ok
ECDHE-RSA-RC4-SHA 128 bits 250 2.0.0 Ok
AES128-SHA256 128 bits 250 2.0.0 Ok
AES128-SHA 128 bits 250 2.0.0 Ok
Undefined - An unexpected error happened:
SRP-RSA-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-DSS-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-AES256-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-ECDSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
CAMELLIA256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-AES-128-CBC-SHA socket.timeout - timed out
RC4-SHA socket.timeout - timed out
RC4-MD5 socket.timeout - timed out
IDEA-CBC-SHA socket.timeout - timed out
ECDH-RSA-AES128-SHA256 socket.timeout - timed out
ECDH-RSA-AES128-SHA socket.timeout - timed out
ECDH-RSA-AES128-GCM-SHA256 socket.timeout - timed out
ECDH-ECDSA-RC4-SHA socket.timeout - timed out
ECDH-ECDSA-AES128-SHA256 socket.timeout - timed out
ECDH-ECDSA-AES128-SHA socket.timeout - timed out
DHE-RSA-SEED-SHA socket.timeout - timed out
DHE-RSA-CAMELLIA128-SHA socket.timeout - timed out
DHE-RSA-AES128-SHA socket.timeout - timed out
DHE-DSS-SEED-SHA socket.timeout - timed out
DHE-DSS-CAMELLIA128-SHA socket.timeout - timed out
DHE-DSS-AES128-SHA256 socket.timeout - timed out
DHE-DSS-AES128-SHA socket.timeout - timed out
CAMELLIA128-SHA socket.timeout - timed out
AES128-GCM-SHA256 socket.timeout - timed out
AECDH-AES128-SHA socket.timeout - timed out
ADH-SEED-SHA socket.timeout - timed out
ADH-RC4-MD5 socket.timeout - timed out
ADH-CAMELLIA128-SHA socket.timeout - timed out
ADH-AES128-SHA socket.timeout - timed out
ADH-AES128-GCM-SHA256 socket.timeout - timed out
Rejected Cipher Suite(s):
PSK-RC4-SHA TLS - No ciphers available
PSK-AES128-CBC-SHA TLS - No ciphers available
PSK-3DES-EDE-CBC-SHA TLS - No ciphers available
SRP-RSA-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-RSA-3DES-EDE-CBC-SHA TLS - Alert handshake failure
SRP-DSS-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-DSS-3DES-EDE-CBC-SHA TLS - Alert handshake failure
SRP-AES-256-CBC-SHA TLS - Alert handshake failure
NULL-SHA256 TLS - Alert handshake failure
NULL-SHA TLS - Alert handshake failure
NULL-MD5 TLS - Alert handshake failure
EXP-EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
EDH-DSS-DES-CBC3-SHA TLS - Alert handshake failure
EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
ECDHE-RSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-RC4-SHA TLS - Alert handshake failure
ECDHE-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-AES256-SHA384 TLS - Alert handshake failure
ECDHE-ECDSA-AES256-SHA TLS - Alert handshake failure
ECDHE-ECDSA-AES256-GCM-SHA384 TLS - Alert handshake failure
ECDHE-ECDSA-AES128-GCM-SHA256 TLS - Alert handshake failure
ECDH-RSA-RC4-SHA TLS - Alert handshake failure
ECDH-RSA-NULL-SHA TLS - Alert handshake failure
ECDH-RSA-AES256-SHA384 TLS - Alert handshake failure
ECDH-RSA-AES256-SHA TLS - Alert handshake failure
ECDH-RSA-AES256-GCM-SHA384 TLS - Alert handshake failure
ECDH-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDH-ECDSA-AES256-SHA384 TLS - Alert handshake failure
ECDH-ECDSA-AES256-SHA TLS - Alert handshake failure
ECDH-ECDSA-AES256-GCM-SHA384 TLS - Alert handshake failure
ECDH-ECDSA-AES128-GCM-SHA256 TLS - Alert handshake failure
DHE-DSS-CAMELLIA256-SHA TLS - Alert handshake failure
DHE-DSS-AES256-SHA256 TLS - Alert handshake failure
DHE-DSS-AES256-SHA TLS - Alert handshake failure
DHE-DSS-AES256-GCM-SHA384 TLS - Alert handshake failure
AECDH-NULL-SHA TLS - Alert handshake failure
* TLSV1_1 Cipher Suites :
Preferred Cipher Suite:
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
Accepted Cipher Suite(s):
AECDH-AES256-SHA Anon 250 2.0.0 Ok
ADH-SEED-SHA Anon 250 2.0.0 Ok
ADH-DES-CBC3-SHA Anon 250 2.0.0 Ok
ADH-CAMELLIA256-SHA Anon 250 2.0.0 Ok
ADH-AES256-SHA Anon 250 2.0.0 Ok
EDH-RSA-DES-CBC-SHA 56 bits 250 2.0.0 Ok
EXP-RC4-MD5 40 bits 250 2.0.0 Ok
ECDHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-CAMELLIA256-SHA 256 bits 250 2.0.0 Ok
DHE-RSA-AES256-SHA 256 bits 250 2.0.0 Ok
ECDHE-RSA-DES-CBC3-SHA 168 bits 250 2.0.0 Ok
DES-CBC3-SHA 168 bits 250 2.0.0 Ok
RC4-SHA 128 bits 250 2.0.0 Ok
RC4-MD5 128 bits 250 2.0.0 Ok
ECDHE-RSA-AES128-SHA 128 bits 250 2.0.0 Ok
Undefined - An unexpected error happened:
SRP-RSA-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-RSA-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-DSS-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-DSS-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-AES-128-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SRP-3DES-EDE-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
PSK-AES256-CBC-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-RSA-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
EDH-DSS-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDHE-ECDSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ECDH-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-SEED-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-CAMELLIA128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-RSA-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-SEED-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-CAMELLIA128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
DHE-DSS-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
CAMELLIA256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AES256-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AECDH-DES-CBC3-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
AECDH-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-CAMELLIA128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES256-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES256-GCM-SHA384 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES128-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES128-SHA utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
ADH-AES128-GCM-SHA256 utils.SSLyzeSSLConnection.StartTLSError - SMTP EHLO was rejected
SEED-SHA socket.timeout - timed out
PSK-AES128-CBC-SHA socket.timeout - timed out
IDEA-CBC-SHA socket.timeout - timed out
EXP-RC2-CBC-MD5 socket.timeout - timed out
EXP-EDH-RSA-DES-CBC-SHA socket.timeout - timed out
EXP-DES-CBC-SHA socket.timeout - timed out
EXP-ADH-RC4-MD5 socket.timeout - timed out
EXP-ADH-DES-CBC-SHA socket.timeout - timed out
ECDHE-RSA-RC4-SHA socket.timeout - timed out
ECDHE-RSA-NULL-SHA socket.timeout - timed out
ECDHE-ECDSA-RC4-SHA socket.timeout - timed out
ECDH-RSA-RC4-SHA socket.timeout - timed out
ECDH-RSA-AES128-SHA256 socket.timeout - timed out
ECDH-RSA-AES128-SHA socket.timeout - timed out
ECDH-ECDSA-RC4-SHA socket.timeout - timed out
ECDH-ECDSA-AES128-SHA256 socket.timeout - timed out
ECDH-ECDSA-AES128-SHA socket.timeout - timed out
ECDH-ECDSA-AES128-GCM-SHA256 socket.timeout - timed out
DES-CBC-SHA socket.timeout - timed out
CAMELLIA128-SHA socket.timeout - timed out
AES128-SHA256 socket.timeout - timed out
AES128-SHA socket.timeout - timed out
AES128-GCM-SHA256 socket.timeout - timed out
AECDH-RC4-SHA socket.timeout - timed out
ADH-RC4-MD5 socket.timeout - timed out
ADH-DES-CBC-SHA socket.timeout - timed out
Rejected Cipher Suite(s):
PSK-RC4-SHA TLS - No ciphers available
PSK-3DES-EDE-CBC-SHA TLS - No ciphers available
NULL-SHA256 TLS - No ciphers available
ECDHE-RSA-AES256-SHA384 TLS - No ciphers available
ECDHE-RSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDHE-RSA-AES128-SHA256 TLS - No ciphers available
ECDHE-ECDSA-AES256-SHA384 TLS - No ciphers available
ECDHE-ECDSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDH-RSA-AES256-SHA384 TLS - No ciphers available
ECDH-RSA-AES256-GCM-SHA384 TLS - No ciphers available
ECDH-ECDSA-AES256-SHA384 TLS - No ciphers available
ECDH-ECDSA-AES256-GCM-SHA384 TLS - No ciphers available
DHE-RSA-AES256-SHA256 TLS - No ciphers available
DHE-RSA-AES256-GCM-SHA384 TLS - No ciphers available
DHE-DSS-AES256-SHA256 TLS - No ciphers available
DHE-DSS-AES256-GCM-SHA384 TLS - No ciphers available
AES256-SHA256 TLS - No ciphers available
AES256-GCM-SHA384 TLS - No ciphers available
SRP-RSA-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-DSS-AES-256-CBC-SHA TLS - Alert handshake failure
SRP-AES-256-CBC-SHA TLS - Alert handshake failure
NULL-SHA TLS - Alert handshake failure
NULL-MD5 TLS - Alert handshake failure
EXP-EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
EDH-DSS-DES-CBC-SHA TLS - Alert handshake failure
ECDHE-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDHE-ECDSA-DES-CBC3-SHA TLS - Alert handshake failure
ECDHE-ECDSA-AES256-SHA TLS - Alert handshake failure
ECDH-RSA-NULL-SHA TLS - Alert handshake failure
ECDH-RSA-DES-CBC3-SHA TLS - Alert handshake failure
ECDH-ECDSA-NULL-SHA TLS - Alert handshake failure
ECDH-ECDSA-DES-CBC3-SHA TLS - Alert handshake failure
ECDH-ECDSA-AES256-SHA TLS - Alert handshake failure
DHE-DSS-CAMELLIA256-SHA TLS - Alert handshake failure
DHE-DSS-AES256-SHA TLS - Alert handshake failure
AECDH-NULL-SHA TLS - Alert handshake failure
SCAN COMPLETED IN 5.45 S
------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20131122/7e1be7e8/attachment.sig>
More information about the Ach
mailing list