[GTALUG] accessing smtp server with weak dh encryption?
D. Hugh Redelmeier
hugh at mimosa.com
Wed Jul 1 02:32:24 UTC 2015
| From: Matt Price <moptop99 at gmail.com>
| I use the u of t smtp servers for outgoing mail from my laptop, including
| some automated mails that I send out. Postfix's sendmail will no longer
| complete the TLS handshake with the server, because the U of T server
| hasn't been updated to fix the logjam attack (still using a 512kb temporary
| key).
512kb is a very long key :-)
Temporary key? You mean the key generated by the DH exchange? The
normal term is "ephemeral".
I don't understand U of T's email systems. I connect to the Department of
Computer Science servers sometimes. I think that they are run by DCS.
There was a big fight last year or so in which the university outsourced
email to google (I think; horrible for privacy). Are you talking to a
departmental server or a university-wide server?
In any case, they should be easily shamed into upgrading.
More information about the talk
mailing list