> On Mar 20, 2017, at 7:23 AM, Postfix User <[email protected]> wrote:
>
> I am looking for a little guidance regarding deploying Diffie-Hellman
> for TLS. According to this URL: https://www.weakdh.org/sysadmin.html,
> the following are recommended settings for Postfix.
I'd suggest the Postfix documentation:
http://www.postfix.org/FORWARD_SECRECY_README.html
There's only one small correction, with Postfix >= 3.2, the default
EECDH grade is "auto" only if the OpenSSL version is at least 1.0.2.
Regardless, with Postfix >= 2.8 let the default stand.
As for the guide you found, all sorts of people make stuff up and
post it in the Internet.
The recommended:
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK,
aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA
is a rather odd mishmash, don't use it. Instead, the typically default:
smtpd_tls_ciphers = medium
is quite sufficient. If the client does not support forward secrecy, you
should still do TLS, rather than require the client to perform a cleartext
fallback. Similarly there's no need to disable anon-DH ciphers, ...
https://tools.ietf.org/html/rfc7672#section-8.2
https://tools.ietf.org/html/rfc7435#section-4
Bottom line, stick with the Postfix defaults, and only if you're running a
"long-term support" O/S with a rather old Postfix version, update some
settings to match changes in later releases.
The settings that may need updating in older versions of Postfix are:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = medium
smtpd_tls_ciphers = medium
For Postfix <= 3.0 also see:
http://www.postfix.org/FORWARD_SECRECY_README.html#quick-start
for instructions on setting up 2048-bit DH parameters. As of Postfix
3.1, the default built-in DH prime is a 2048-bit strong prime.
--
Viktor.
