Hi Crypto-guys, First, thanks a lot for your excellent work related to the BetterCrypto.org guide, it is really an excellent starting point and quick ref guide!
I went through it several times since I discovered it some years ago, and was recently hardening my MTA / Postfix crypto behaviour (Postfix 6.6) - STARTTLS on 25 port. I followed your guide to disable low cipher suites and made some tests on it. After applying it and checking that there was no errors in my logs, I saw that I was still having issues with low ciphers suites when I did some scans with OpenVAS and sslscan tool. I had a look to Postfix configuration and saw a missing parameter in the configuration you suggest. NB: I am working with a fresh download copy of the released pdf (august 7 2016). P30, as required by RFC, you enable opportunistic TLS support with following parameters: smtpd_tls_security_level = may smtp_tls_security_level = may P31, you define several high grade ciphers: smtpd_tls_mandatory_ciphers=high tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:\ \EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS\ \:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA What is missing here is that by default in a "TLS may" aka opportunistic configuration, the ciphers used are driven by the parameter "smtpd_tls_ciphers", wich is defined by default to medium, thus not applying low ciphers restriction comming from the tls_high_cipherlist defined before. ==> CF doc Postfix: http://www.postfix.org/TLS_README.html "The Postfix SMTP server supports 5 distinct cipher grades as specified by the smtpd_tls_mandatory_ciphers configuration parameter, which determines the minimum cipher grade with mandatory TLS encryption. The default minimum cipher grade for mandatory TLS is "medium" which is essentially 128-bit encryption or better. The smtpd_tls_ciphers parameter (Postfix ≥ 2.6) controls the minimum cipher grade used with opportunistic TLS. Here, the default minimum cipher grade is "medium" for Postfix releases after the middle of 2015, "export" for older Postfix releases. With Postfix < 2.6, the minimum opportunistic TLS cipher grade is always "export"." http://www.postfix.org/postconf.5.html#smtpd_tls_ciphers Thus, to make the hardening effective with your configuration, could you add the following parameter to the section P31: smtpd_tls_ciphers=high After reloading Postfix with this additionnal parameter, all vulnerabilities scan are OK and I checked that the ciphers being used are driven by the tls_high_cipherlist. Kind regards, Guillaume REMBERT _______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
