Re: TLS security rules - perfect setup and issue with anonymous cipher

2017-05-05 Thread Viktor Dukhovni 

> On May 5, 2017, at 7:07 AM, Zalezny Niezalezny  
> wrote:
> 
> I have a security question. My Postfix 2.10.1

Postfix 3.2, 3.1, 3.0 and 2.11 are all available.

   http://cdn.postfix.johnriley.me/mirrors/postfix-release/index.html

while Postfix 2.10 is no longer supported.  If you want to keep up with
best practice, upgrade.


> Server TLS configuration looks like this at the moment.
> 
> #TLS Server configuration
> smtpd_tls_security_level = may
> smtpd_tls_cert_file = /etc/postfix/ssl/2017.cer
> smtpd_tls_key_file = /etc/postfix/ssl/2017.key

You should have, if not already default values with your 2.10.1
(with some vendor patch backports?) Postfix release:

smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = medium
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = medium

smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers = medium
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = medium

Some people add:

smtp_tls_exclude_ciphers = MD5, aDSS, kECDH, kDH, SEED, IDEA, RC2, RC5

to trim obsolete baggage from the list of ciphers offered by the SMTP client
to remote servers.  This can actually improve interoperability in some edge 
cases,
and should not cause any loss of ability to negotiate TLS with remote systems.
That said, this is not required.  You can, if you wish, include RC4 in that 
list,
but it is not as bad as it is made out to be, and would only be negotiated when
nothing else better is available, almost all systems prefer AES these days, when
available.

> One time per month some external company doing security scan on all Postfix 
> instances. Last time there was a big discussion about anonymous Ciphers. 
> 
> Do I need to disable them ?

No. See https://tools.ietf.org/html/rfc7672#section-8.2

> What else should I configured for public server?

Not much.  TLS in SMTP is opportunistic and unauthenticated in the vast majority
of cases.  Therefore, liberal settings, considered "insecure" in some quarters 
are
entirely appropriate.

> Maybe somebody will be so kind and paste here some perfect, working TLS 
> configuration for public server?

There's no such thing as "perfect", but speaking of "perfect" see

   http://www.postfix.org/FORWARD_SECRECY_README.html#quick-start

with Postfix >= 3.2 leave "smtpd_tls_eecdh_grade = auto" in place, that's better
than choosing a fixed "curve" (Diffie Hellman group of the "elliptic curve" 
kind).

Also make sure your OpenSSL runtime is up to date.  OpenSSL 1.0.1 and earlier 
are
no longer supported, so use a system with 1.0.2 or 1.1.0 patched up to date.

-- 
Viktor.

TLS security rules - perfect setup and issue with anonymous cipher

2017-05-05 Thread Zalezny Niezalezny 
Hi,

first of all I would like to say "thank You" for the answers on my previous
questions. I read all of them, they were helpful but I missed to say "BIG
THANKS!"


I have a security question. My Postfix 2.10.1 Server TLS configuration
looks like this at the moment.


#TLS Server configuration
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/ssl/2017.cer
smtpd_tls_key_file = /etc/postfix/ssl/2017.key


One time per month some external company doing security scan on all Postfix
instances. Last time there was a big discussion about anonymous Ciphers.

Do I need to disable them ?

What else should I configured for public server ?
Maybe somebody will be so kind and paste here some perfect, working TLS
configuration for public server ?



Cheers

Zalezny