Blog-like notes

SMTP-over-TLS usage stats (2017 edition)

Two years ago I had a look at my mail server’s logs and compiled some data about the use of STARTTLS. Tonight I decided to do it again, so here are the results for the past month:

Table 1. Proportion of TLS connections
Connection type Count Proportion In 2015
No TLS 137 17 % 14 %
TLS 1.0 131 17 % 9 %
TLS 1.1 6 1 % 0 %
TLS 1.2 511 65 % 77 %

Overall, the proportion of TLS connections is similar to what I observed two years ago, although the proportion of TLS 1.2 connections is surprisingly decreasing in favor of TLS 1.0.

Table 2. Cipher suites
Cipher suite Count Proportion
ECDHE-RSA-AES256-GCM-SHA384 466 72 %
DHE-RSA-AES256-SHA 88 14 %
ECDHE-RSA-AES256-SHA 49 8 %
ECDHE-RSA-AES128-GCM-SHA256 35 5 %
DHE-RSA-AES256-SHA256 6 1 %
ECDHE-RSA-AES256-GCM-SHA384 2 < 1 %
ECDHE-RSA-AES256-SHA384 2 < 1 %

Things have changed a bit for the cipher suites used. The DHE-RSA-AES256-GCM-SHA384 cipher suite, which accounted for 46 % of all TLS connections in 2015, has now disappeared from the logs, replaced by its elliptic curve variant ECDHE-RSA-AES256-GCM-SHA384. 128-bit AES is being phased out (from 21 % to 5 %), but SHA-1 resists (from 28 % to 21 %), obviously helped by the resistance of TLS 1.0 (which does not allow SHA-2).

When TLS 1.2 is used, SHA-384 is largely preferred over SHA-256 (91 % vs 9 %), and almost all TLS 1.2 connections (98 %) use authenticated encryption in the form of the GCM mode.