I was curious as to what amount of SMTP traffic is encrypted to our servers.
This assumes that you are running Postfix, and you might need to adjust smtpd_tls_loglevel to be 1 or 2. I'm not sure if this catches all instances where the SMTP connection switches to SSL, or just those that support TLS.
# fgrep 'postfix/smtpd' maillog* | fgrep ': connect from' | wc -l
# fgrep 'postfix/smtpd' maillog* | fgrep ': setting up TLS connection' | wc -l
One box #1 that we have at the office:
16151 out of 293746 connections were TLS (5.5%)
On box #2:
27485 out of 654294 connections were TLS (4.2%)
A very rough estimate is that one connection = one message delivered to the server. Assuming that is true, only 4-5% of SMTP traffic to our domains (via port 25/tcp) is sent over an encrypted channel. On the other hand, probably 90% of all of our connections are spam zombies who probably don't do TLS. In order to dig deeper, I would have to tie every non-spam message to a specific connection in the Postfix log file.
No comments:
Post a Comment