Hello Marius and everyone having responded. Thanks, the pieces of advice taken and studied. Looks like I have, indeed, to allow weaker ciphers for the time being and watch the mail server for possible problems, otherwise I risk rejecting legitimate mail sent from ancient mail servers.
Do I understand correctly, that *tls_require_ciphers accepts OpenSSL-style list (the one also used by Apache and Dovecot), i.e. something like tls_require_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL or I should use notation like TLS_RSA_WITH_SEED_CBC_SHA ? Thanks for insights. Sincerely, Konstantin On 28.03.2018 15:36, Cyborg via Exim-users wrote: > Am 28.03.2018 um 09:10 schrieb Konstantin Boyandin via Exim-users: >> After having scanned 4.90.1 installation with OpenVAS, the below was >> reported: >> >> 'Weak' cipher suites accepted by this service via the >> TLSv1.0/TLSv1.1/TLSv1.2 protocols: TLS_RSA_WITH_SEED_CBC_SHA >> >> Default settings (no explicit "tls_require_ciphers", >> "openssl_options") are in use. >> >> Can someone recommend simplest ciphers selection for Exim, to exclude >> the mentioned cipher? The settings present on cipherli.st: >> >> tls_require_ciphers = AES128+EECDH:AES128+EDH >> openssl_options = +no_sslv2 +no_sslv3 >> >> seem kind of too strict, there were reported problems receiving email >> after the above were put in effect. > > in theorie: > > If you disable sslv3 your doing the world a big favor, but > unfortunately, the world hates you for it. > > in practis: > > A "*******" of mailserver implementations worldwide still uses sslv3 to > connect to your mailserver. > Disabling it, removes your ability to get that email, which result in > all sorts of problems. > > You can find a list of ciphers typically used here: > > https://marius.bloggt-in-braunschweig.de/2017/05/30/haeufigkeit-von-tls-ciphern/ > > This statistics was made by analyzing our mailservercluster ( which has > also lead to > some f****** hilarious discoveries in crypto fails in germanies "secure" > goverment infrastructure . I could still LOL all the day :D ) > > As you can see from the list, a lot of connections are made with TLS > 1.0, which has the same problems as sslv3 > and should not be used. Even TLS 1.1 should not be used, but (again) a > lot of systems don't care. > > If you rely on TLS 1.2 alone, your mailbox will stay empty most of the day. > > General guideline : > > First, make sure your server favors tls1.2 over any other protocol ( > exim ensures it, so your good ) > Second, make sure it favors a good cipher over weak ones. Use -LOW:-MID > > "You can only be as secure, as the other part of the connection wants > you to be secure." > > Whats a good cipher ? Let others decide this, who know it better than > you and me ;) > > https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet > > Cipherlist : A+ => A => B => C => C- > > > best regards, > Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
