On 07/27/2015 10:14 PM, Seth wrote: > Copying my comment on this ticket[1] to the list for discussion > --- > > I would like to re-open discussion on this issue for a different use case: In > light of more vulnerabilities discovered in the TLSv1.0 protocol since Dec > 2013, I no longer feel it provides acceptable security and would like a > configuration option to disable support for it. Going even further, I would > also like to be able to disable TLSv1.1, and force all incoming connections > to use TLSv1.2. > > Seeing as how this does not downgrade security, but rather upgrades it, I > think it merits consideration. > > Syntax could be something like dovecot's 10-ssl.conf option > > tls_protocols = !TLSv1 !TLSv1.1
Would this be for incoming or outgoing connections? For incoming connections this would downgrade security, if remote server uses TLSv1.1 and fails to make a connection to OpenSMTPD (because it requires TLSv1.2) then it'll fall back to plaintext which is worse than a hard to exploit vulnerability in TLS. For outgoing connections you could require tls always, but I'm not sure thats realistic yet if you actually want to deliver mail, and if you're not careful it might cause plaintext fallbacks. Just looking at my personal mail server I have roughly: smtp-in: TLSv1/SSLv3 (TLSv1.2) 63% TLSv1/SSLv3 (SSLv3) 24% TLSv1/SSLv3 () 7% plaintext (proto=SMTP) 6% If I reject SSLv3, TLSv1 and 1.1 I'd have: TLSv1.2 63% plaintext 37% The SSLv3 seems to come from public mailing list servers. smtp-out: TLSv1/SSLv3 (TLSv1.2) 96% TLSv1/SSLv3 () 4% I wouldn't be opposed to deprecating SSLv3, but what is the right way to do that without breaking mail deliverability or causing plaintext fallbacks? Perhaps you could accept the connection and reject immediately with an SMTP error code and a message describing the problem? Best regards, --Edwin -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
