On 2013-09-11 08:52, Matthias Wimmer wrote:
> Hi Anders,
>
> El 2013-09-11 08:05:30, Anders escribió:
>> Although this doesn't fail, it still doesn't change the RC4-SHA that
>> Courier/ESMTPD uses against Gmail. Look at the following email header:
>>
>> Received: from mail.tnonline.net
>> by mx.google.com with ESMTPS id
>> pw1si236926lbb.136.1969.12.31.16.00.00
>> (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
>>
>> Granted, TLSv1.2 is supposed to be safe against the published attacks,
>> so it might be OK anyway.... Still would be nice to know why
>> Courier/GnuTLS doesn't choose highest supported cipher?
> TLS works in a way that one side suggests ciphers in order of
> preference. The other side than compares this list to the ciphers it
> supports itself and selects one.
>
> Normally its the client (connecting side) that suggests, and the server
> (connected side) that selects. As the server selects the cipher, it may
> honor the precedence proposed by the client, but it may also decide to
> follow its own policy. (GnuTLS has for this the keyword
> „%SERVER_PRECEDENCE“ which can also be added to the cipher list.)
>
> If Google has a policy of prefering RC4 in any case when the client
> supports this algorithm, you cannot force them to not select this
> algorithm other than completely removing it from your list.
>
> (The reason why they might push usage of RC4 is an attack against SSL/TLS
> called „BEAST“. Using RC4 is the algorithm supported by TLS 1.0, that is
> able to resist this attack on all SSL/TLS implementations.)
>
>
> Regards,
> Matthias
Yes, I read about BEAST attacks, and others too. Though is seems as
BEAST is easier to perform than the RC4 attacks, I am not liking it
much. For example here in Sweden all traffic exiting/entering the
country is logged and stored by our intelligence agecy. It is easy
enough for them to gather enough (millions-billions) of data to perform
RC4 decryption. I bet this is the case with all nation-wide survailance
these days.
Can we make courier force the use of the highest protocol available? Is
that what the "%SERVER_PRECEDENCE" option is for?
One example is that when Courier sends email to Gmail it uses TLS1.2,
but when Gmail sends to Courier it uses TLS1.0:
Sending to gmail:
Received: from mail.tnonline.net
by mx.google.com with ESMTPS id pw1si236926lbb.136.1969.12.31.16.00.00
(version=TLSv1.2 cipher=RC4-SHA bits=128/128);
Receiving from gmail:
Received: from mail-bk0-x234.google.com (mail-bk0-x234.google.com
[2a00:1450:4008:c01::234])
(TLS: TLS1.0,128bits,RSA_ARCFOUR_SHA1)
A side note, I wonder why courier doesn't use IPv6 by default?
~A
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
