On the Fediverse, I said:

Today's sysadmin tip: if you don't want to be depressed, don't look at how many other mail servers are still connecting to your external mail gateway with TLS 1.0, and especially not exactly who they are.

Today I feel like providing some statistics on that, partly for my own interest. All of these are over the past full nine days, which means that they mostly cover the end of April 2023 (plus May 1st).

Over this time we accepted 94,037 messages, of which 62,885 were encrypted with some version of TLS. The TLS versions used break down like this:

 36426  X=TLS1.2
 26209  X=TLS1.3
   229  X=TLS1.0
    21  X=TLS1.1

After my Fediverse post, I'm actually surprised to see such a low usage of TLS 1.0 and 1.1. I'm pleased to see that TLS 1.3 is so close to TLS 1.2.

(I think what I was seeing in my Fediverse post was that outside mailers were making a handful of connections a day with TLS 1.0 and TLS 1.1. At the time the TLS 1.0 connections stood out more.)

I don't particularly know why TLS 1.1 is so uncommon compared to TLS 1.0. It may be that TLS 1.1 was only the latest version of TLS for a few years (based on Wikipedia's dates). There was probably a relatively narrow window of time for people to have developed and shipped TLS 1.1 products (and then never updated them to TLS 1.2).

Ubuntu 22.04's version of Exim conveniently formats the full cipher name in a way that makes it easy to get a top level view of the broad signature schemes in use:

 25774  X=TLS1.3:ECDHE_X25519
 19678  X=TLS1.2:ECDHE_SECP256R1
 11159  X=TLS1.2:ECDHE_SECP384R1
  2916  X=TLS1.2:ECDHE_SECP521R1
  2599  X=TLS1.2:ECDHE_X25519
   435  X=TLS1.3:ECDHE_SECP256R1
   203  X=TLS1.0:ECDHE_SECP256R1
    74  X=TLS1.2:RSA
    26  X=TLS1.0:RSA
    16  X=TLS1.1:ECDHE_SECP521R1
     5  X=TLS1.1:RSA

Overall, there were 34 different full cipher suites used, and so I'll give a little breakdown by TLS protocols (partial for TLS 1.2):

 13796  X=TLS1.3: ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM: 128
 11960  X=TLS1.3: ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM: 256
   424  X=TLS1.3: ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM: 256
    18  X=TLS1.3: ECDHE_X25519__RSA_PSS_RSAE_SHA512__AES_256_GCM: 256
    11  X=TLS1.3: ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM: 128

 13377  X=TLS1.2: ECDHE_SECP256R1__RSA_SHA512__AES_256_GCM: 256
 11089  X=TLS1.2: ECDHE_SECP384R1__RSA_SHA256__AES_256_GCM: 256
  3719  X=TLS1.2: ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_CBC__SHA1: 128
  2880  X=TLS1.2: ECDHE_SECP521R1__RSA_SHA512__AES_256_GCM: 256
  2037  X=TLS1.2: ECDHE_SECP256R1__RSA_SHA256__AES_128_GCM: 128
  1820  X=TLS1.2: ECDHE_X25519__RSA_SHA512__AES_256_GCM: 256
   497  X=TLS1.2: ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM: 128
   433  X=TLS1.2: ECDHE_SECP256R1__RSA_SHA512__AES_128_GCM: 128
 [...]

    16  X=TLS1.1: ECDHE_SECP521R1__RSA_SHA1__AES_256_CBC__SHA1: 256
     5  X=TLS1.1: RSA__AES_256_CBC__SHA1: 256

   203  X=TLS1.0: ECDHE_SECP256R1__RSA_SHA1__AES_256_CBC__SHA1: 256
    26  X=TLS1.0: RSA__AES_256_CBC__SHA1: 256

(I've added spaces after the :s for better line wrapping.)

As we can see here, TLS 1.2 contributed the largest diversity; it has 25 different full cipher strings. I believe this reflects a wide diversity of opinions in the sending MTAs, because the Exim documentation says that the client (here, the sending MTA) picks the preferred cipher if you're using GnuTLS, as the Ubuntu Exim is.

Sidebar: the TLS 1.2 RSA ciphers

These are:

    44  X=TLS1.2: RSA__AES_256_CBC__SHA1: 256
    18  X=TLS1.2: RSA__AES_256_GCM: 256
    12  X=TLS1.2: RSA__AES_128_CBC__SHA1: 128

I don't know how horrified I should be here.