On 08/19/2015 10:08 AM, Viktor Dukhovni wrote:
On Wed, Aug 19, 2015 at 09:57:37AM -0700, Alice Wonder wrote:
smtpd_tls_exclude_ciphers = RC4, 3DES, IDEA
I still have to go through.
It is not (yet) a good idea to disable RC4 or 3DES on the server
side. IDEA is essentially unused, so removing it harmless.
Don't (yet) disable RC4 or 3DES, this just makes it harder for
some systems to send you email.
I'm not that worried about RC4 or 3DES in smtp to smtp
Perhaps you mean MTA-to-MTA?
What I'm worried about is a cipher downgrade attack between an e-mail client
and the server that causes a weaker cipher to be used allowed authentication
information to potentially be compromised.
That's why I don't want RC4 and if I could do it without impacting port 25
traffic, go to strict strong ECDHE and maybe DHE ciphers on 587 only, so it
doesn't impact smtp to smtp where login credential theft isn't an issue.
That's why I suggested:
main.cf:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers = high
Oh okay it just clicked.
smtpd_tls_mandatory_ciphers only applies when TLS is mandatory, which is
only case for the authentication.
Got it. Thanks.
which combined with:
master.cf:
submission inet ... smtpd
-o smtpd_tls_security_level=encrypt
avoids weak ciphersuites with MUA to MSA submissions.
