I’ve been tinkering with CentOS for a year or so, having used Ubuntu previously. I’ve tried to set up secure server (a VM at home) and came to the point where I wanted to add mail provision. There are countless online tutorials and, whilst most of them got me to 95% of where I wanted to be, it wasn’t until I stumbled upon your series (with the detailed testing processes) that I nailed secure Postfix! The only thing I had to add was the creation of a self-signed certificate and, fortunately, I had found a very good article which supplemented yours and covered this in detail. I haven’t had chance to do anything with Dovecot yet but am confident that your article will hold my hand down that path!

As well as congratulating you, the other reason for writing is to mention the recently publicised Logjam attack. I seem to recall somewhere on your site you mentioned that comments had been disabled because of the amount of spam, otherwise I would have posted there. I don’t know if you might consider an addendum to one of the mailserver articles (maybe the one dealing with hardening the SSL configuration) or a separate article dealing with the Logjam attack and how to mitigate against it. Here are some links that I found:

Weak Diffie-Hellman and the Logjam Attack
Guide to Deploying Diffie-Hellman for TLS

I’ll keep an eye on your blog as the articles are well written and relevant to my interests.

Iain