[Dovecot] Wishlist: TLS,SSL cipher in a variable.
Hello again.
Just thought I'd ask and see if it would be possible to get this sometime in the future: TLS and SSL connection information in a variable like %c today, but more exhaustive.
For example I can from postfix get a log like: postfix/smtpd[432]: Anonymous TLS connection established from xxxxxx: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
This would be nice to see if you have a fairly low permissive level, to identify potential weak clients and be able to notify these to start with while still allowing connections.
-Roger
On Thu, 2008-08-28 at 11:17 +0800, R A wrote:
Hello again.
Just thought I'd ask and see if it would be possible to get this sometime in the future: TLS and SSL connection information in a variable like %c today, but more exhaustive.
For example I can from postfix get a log like: postfix/smtpd[432]: Anonymous TLS connection established from xxxxxx: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
OK, %k will be in v1.1.3:
imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, TLS: Disconnected, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
participants (2)
-
R A
-
Timo Sirainen