Hi Viktor, Thanks for the quick reply.
Am 24.02.2015 um 19:48 schrieb Viktor Dukhovni: >> For me, it's not 100% clear, how the Postfix smtp client chooses the TLS >> cipher. In a setup, where a Postfix server connects to mail.dogan.ch, >> I've experienced this behaviour: >> >> 1. smtp_tls_security_level = verify >> >> Feb 24 18:51:28 bender postfix/smtp[26237]: [ID 197553 mail.info] >> Verified TLS connection established to mail.dogan.ch[77.109.151.89]:25: >> TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) > > [ Note "verify" is not recommended, use "secure" instead. However, > these coincide when the [nexthop] is not subject to MX lookups. ] > > This ciphersuite involves use of an RSA key to sign the server's > ephemeral ECDH key agreement parameters, thereby authenticating the > server to the client. > >> 2. smtp_tls_security_level = may >> >> Feb 24 19:16:51 bender postfix/smtp[26830]: [ID 197553 mail.info] >> Untrusted TLS connection established to mail.dogan.ch[77.109.151.89]:25: >> TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) > > [ Note, sufficiently recent Postfix versions correctly report this > as "Anonymous" rather than "Untrusted". ] > > Here, since no authentication is performed, an anonymous ciphersuite > is used, saving the server pointless cycles signing the ECDH > parameters. It's still not clear to me, why in this case there was no authentication performed. With the same configuration, an SMTP connection Gmail is authenticated: Feb 24 20:09:36 bender postfix/smtp[27726]: [ID 197553 mail.info] Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.136.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) For me still the question remains, why one connection is authenticated and one not. Is there any criteria that needs to be met? Ihsan -- ih...@dogan.ch http://blog.dogan.ch/