[pfx] Re: old printer with weak TLS cipher selection

2024-12-13 Thread Matus UHLAR - fantomas via Postfix-users

> Have you tries connecting to this server with:
>
>$ openssl s_client -connect :25 \
>-starttls smtp -tls1_2 -cipher 'HIGH+AES+kRSA+CBC:@STRENGTH'
>
> Seems like determining whether the ciphers could interoperate is the
> first step.



On Mon, Nov 25, 2024 at 03:29:54PM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:

works with tls1.3, doesn't work otherwise:


On 26.11.24 02:24, Viktor Dukhovni via Postfix-users wrote:

Of course, because TLS 1.3 ignores "-ciphers", it does algorithm
negotiation very differently.


Aha, that explains it, thanks.


00A77BF7:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake 
failure:../ssl/record/rec_layer_s3.c:1605:SSL alert number 40


Ah, so the server refuses these, sending an alert.  Now you need to
determine why the server is unwilling.



> > Alert Message
> > Level: Fatal (2)
> > Description: Handshake Failure (40)
>
> That's not useful, without known which party sent the alert.

sorry, forgot to say it was server reply to TLS helo.


As confirmed by the s_client test.  It sure looks like RSA key exchange
is disabled in your OpenSSL (unless you've not Postfix settings you have
that disable 'kRSA' or CBC ciphers).  In which case you'd need to figure
out how to reënable it, or build your own OpenSSL to link Postfix with,
that is not crippled.  To avoid problems with shared library conflicts,
you'd need a "shlib_variant".  In my builds I add file to the
"Configurations" directory of the source tree:


I believe I found the problem and it was caused by dehydrated, script to 
generate Let's Encrypt certificates.
- after upgrade to 0.7.0, dehydrated started requesting secp384r1 
algorithms, which apparently disabled rsa negotiation


after requesting RSA certificate, the client's device succeeded connecting 
with TLS1.2.  It even works with:


smtpd_tls_mandatory_ciphers=high

and I haven't changed any _cipherlist variiable.


Thanks Viktor for assistance

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-25 Thread Viktor Dukhovni via Postfix-users
On Mon, Nov 25, 2024 at 03:29:54PM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:

> > Have you tries connecting to this server with:
> > 
> >$ openssl s_client -connect :25 \
> >-starttls smtp -tls1_2 -cipher 'HIGH+AES+kRSA+CBC:@STRENGTH'
> > 
> > Seems like determining whether the ciphers could interoperate is the
> > first step.
> 
> works with tls1.3, doesn't work otherwise:

Of course, because TLS 1.3 ignores "-ciphers", it does algorithm
negotiation very differently.

> 00A77BF7:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake 
> failure:../ssl/record/rec_layer_s3.c:1605:SSL alert number 40

Ah, so the server refuses these, sending an alert.  Now you need to
determine why the server is unwilling.

> I have also tried this from Debian 10 machine without success, it doesn't
> understand the "CBC" part

The client OS does not matter.

> > > Alert Message
> > > Level: Fatal (2)
> > > Description: Handshake Failure (40)
> > 
> > That's not useful, without known which party sent the alert.
> 
> sorry, forgot to say it was server reply to TLS helo.

As confirmed by the s_client test.  It sure looks like RSA key exchange
is disabled in your OpenSSL (unless you've not Postfix settings you have
that disable 'kRSA' or CBC ciphers).  In which case you'd need to figure
out how to reënable it, or build your own OpenSSL to link Postfix with,
that is not crippled.  To avoid problems with shared library conflicts,
you'd need a "shlib_variant".  In my builds I add file to the
"Configurations" directory of the source tree:

Configurations/99-viktor.conf:
my %targets = (
"linux-x86_64-rpk" => {
inherit_from => [ "linux-x86_64" ],
shlib_variant=> "rpk",
},
"BSD-x86_64-rpk" => {
inherit_from => [ "BSD-x86_64" ],
shlib_variant=> "rpk",
},
);

The string "rpk" can be anything else you want, just not already
used with another custom OpenSSL build.

Then, I run 

$ ./Configure --prefix=/opt/openssl/3.4 -Wl,-rpath,/opt/openssl/3.4/lib64 
linux-x86_64-rpk
$ make
$ make test
# make install_sw
# make install_ssldirs

to create a build in a non-default location with the non-default SO_NAME
variant libraries.  I then configure Postfix with:

#! /bin/sh

PFIX=/opt/postfix
OSSL=/opt/openssl/3.4
OSSL_LDFLAGS="-Wl,-R,$OSSL/lib64 -L$OSSL/lib64 -lssl -lcrypto"
OSSL_CFLAGS="-I$OSSL/include"

make -f Makefile.init dynamicmaps=yes shared=yes pie=yes 
openssl_path=$OSSL/bin/openssl \
"CCARGS=$OSSL_CFLAGS "'-DNO_NIS -DUSE_SASL_AUTH -I/usr/include/sasl 
-DHAS_PCRE=2 -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_CDB -DHAS_LMDB' \
"AUXLIBS=$OSSL_LDFLAGS "'-lsasl2 -ldb' \
'AUXLIBS_CDB=-lcdb' \
'AUXLIBS_PCRE=-lpcre2-8' \
'AUXLIBS_LMDB=-llmdb' \
command_directory=$PFIX/sbin \
config_directory=$PFIX/etc \
daemon_directory=$PFIX/libexec \
data_directory=/var/lib/postfix \
mailq_path=$PFIX/sbin/mailq \
newaliases_path=$PFIX/sbin/newaliases \
queue_directory=/var/spool/postfix \
sendmail_path=$PFIX/sbin/sendmail \
shlib_directory=$PFIX/lib64/MAIL_VERSION \
html_directory=no \
manpage_directory=$PFIX/man \
readme_directory=no \
makefiles

After running that:

$ make
# make upgrade
# install bin/posttls-finger /opt/postfix/sbin/posttls-finger
# install -m 0444 man/man1/posttls-finger.1 
/opt/postfix/man/man1/posttls-finger.1

Running that build instead of the vendor's' means tweaking the init or
systemd configs accordingly.

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-25 Thread Matus UHLAR - fantomas via Postfix-users

On Mon, Nov 25, 2024 at 11:52:07AM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:


This is Debian 12, postfix 3.7.11 and SSL 3.0.15.


On 25.11.24 22:26, Viktor Dukhovni via Postfix-users wrote:

Does Debian do anything similar to RedHat's crypto policy?


Nothing I know of. 
The closest to crypto policy was the openssl.conf setting I mentioned 
before.



I can see these ciphers when I fed the command above with contents of
tls_medium_cipherlist/tls_high_cipherlist


Have you tries connecting to this server with:

   $ openssl s_client -connect :25 \
   -starttls smtp -tls1_2 -cipher 'HIGH+AES+kRSA+CBC:@STRENGTH'

Seems like determining whether the ciphers could interoperate is the
first step.


works with tls1.3, doesn't work otherwise:

00A77BF7:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake 
failure:../ssl/record/rec_layer_s3.c:1605:SSL alert number 40

I have also tried this from Debian 10 machine without success, it doesn't 
understand the "CBC" part



Looking back at pcap output:

Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)


That's not useful, without known which party sent the alert.


sorry, forgot to say it was server reply to TLS helo.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much deeper the ocean would be without sponges.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-25 Thread Viktor Dukhovni via Postfix-users
On Mon, Nov 25, 2024 at 11:52:07AM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:

> This is Debian 12, postfix 3.7.11 and SSL 3.0.15.

Does Debian do anything similar to RedHat's crypto policy?

> > Note that these ciphers don't enable "forward-secrecy", they use RSA key
> > exchange:
> > 
> >$ openssl ciphers -V -stdname -s -tls1_2 -v 'HIGH+AES+kRSA+CBC:@STRENGTH'
> >  0x00,0x3D - TLS_RSA_WITH_AES_256_CBC_SHA256   - 
> > AES256-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(256)
> >Mac=SHA256
> >  0x00,0x35 - TLS_RSA_WITH_AES_256_CBC_SHA  - 
> > AES256-SHA SSLv3   Kx=RSA  Au=RSA   Enc=AES(256)
> >Mac=SHA1
> >  0x00,0x3C - TLS_RSA_WITH_AES_128_CBC_SHA256   - 
> > AES128-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(128)
> >Mac=SHA256
> >  0x00,0x2F - TLS_RSA_WITH_AES_128_CBC_SHA  - 
> > AES128-SHA SSLv3   Kx=RSA  Au=RSA   Enc=AES(128)
> >Mac=SHA1
> > 
> > So, my money is on RSA key exchange being disabled in your OpenSSL,
> > unless there are other Postfix settings you've not shared that do that.
> 
> I can see these ciphers when I fed the command above with contents of
> tls_medium_cipherlist/tls_high_cipherlist

Have you tries connecting to this server with:

$ openssl s_client -connect :25 \
-starttls smtp -tls1_2 -cipher 'HIGH+AES+kRSA+CBC:@STRENGTH'

Seems like determining whether the ciphers could interoperate is the
first step.

> Looking back at pcap output:
> 
> Alert Message
> Level: Fatal (2)
> Description: Handshake Failure (40)

That's not useful, without known which party sent the alert.

> Now I am not even sure it's problem of ciphers (don't that error produce
> different output?), can this be caused by other property?
> 
> Signature Hash Algorithms (10 algorithms)
> Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
> Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
> Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
> Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
> Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
> Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
> Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
> Signature Algorithm: SHA1 DSA (0x0202)
> Signature Algorithm: ecdsa_sha1 (0x0203)
> Signature Algorithm: MD5 RSA (0x0101)

Let's avoid random guesses.

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-25 Thread Matus UHLAR - fantomas via Postfix-users

On 2024-11-22 at 13:24:33 UTC-0500 (Fri, 22 Nov 2024 19:24:33 +0100)
Matus UHLAR - fantomas via Postfix-users 
is rumored to have said:
Now I'm searching for the proper smtpd_tls_exclude_ciphers setting 
to get at least some, possibly most secure ciphers of those provided 
in my first mail.



smtpd_tls_exclude_ciphers = 
MD5,SRP,PSK,aDSS,kECDH,kDH,SEED,IDEA,RC2,RC5,RC4,3DES


On 22.11.24 18:20, Bill Cole via Postfix-users wrote:
If you're up to date with Postfix, you probably do not need to list 
anything in smtpd_tls_exclude_ciphers.


perhaps yes, I have postfix 3.7.11

- IIRC this setting was here to disable weak ciphers in case TLS1.0 is 
enabled, which is default on 25 with opportunistic encryption



 Cipher Suites (13 suites)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)


On 23.11.24 18:41, Viktor Dukhovni via Postfix-users wrote:

These first four should work fine, unless you're using a version of
OpenSSL that disabled these, at compile time or runtime, perhaps
Redhat/Fedora Crypto policies?


This is Debian 12, postfix 3.7.11 and SSL 3.0.15. 

smtpd_tls_exclude_ciphers is the only place I tried to raise security level 
for client connections.


I have even reenabled TLS1.0 in openssl.cnf according to:
https://github.com/openssl/openssl/discussions/22752#discussioncomment-7617584
- this should get used only for client connections so I can run 
  "openssl s_client -tls1"

severs like postfix have their own ssl configuration directives.



Note that these ciphers don't enable "forward-secrecy", they use RSA key
exchange:

   $ openssl ciphers -V -stdname -s -tls1_2 -v 'HIGH+AES+kRSA+CBC:@STRENGTH'
 0x00,0x3D - TLS_RSA_WITH_AES_256_CBC_SHA256   - 
AES256-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(256)
   Mac=SHA256
 0x00,0x35 - TLS_RSA_WITH_AES_256_CBC_SHA  - AES256-SHA 
SSLv3   Kx=RSA  Au=RSA   Enc=AES(256)   
Mac=SHA1
 0x00,0x3C - TLS_RSA_WITH_AES_128_CBC_SHA256   - 
AES128-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(128)
   Mac=SHA256
 0x00,0x2F - TLS_RSA_WITH_AES_128_CBC_SHA  - AES128-SHA 
SSLv3   Kx=RSA  Au=RSA   Enc=AES(128)   
Mac=SHA1

So, my money is on RSA key exchange being disabled in your OpenSSL,
unless there are other Postfix settings you've not shared that do that.


I can see these ciphers when I fed the command above with contents of 
tls_medium_cipherlist/tls_high_cipherlist


Looking back at pcap output:

Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)


Now I am not even sure it's problem of ciphers (don't that error produce 
different output?), can this be caused by other property?


Signature Hash Algorithms (10 algorithms)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
Signature Algorithm: SHA1 DSA (0x0202)
Signature Algorithm: ecdsa_sha1 (0x0203)
Signature Algorithm: MD5 RSA (0x0101)



--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"One World. One Web. One Program." - Microsoft promotional advertisement
"Ein Volk, ein Reich, ein Fuhrer!" - Adolf Hitler
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Viktor Dukhovni via Postfix-users
On Fri, Nov 22, 2024 at 01:09:06PM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:

> Our customer has an old scanner/printer seems to support TLS1.2, but only a
> few weak ciphers that are forbidden in out postfix configuration, according
> to old discussion in this list:

TLS 1.2 is acceptable, and the supported ciphers should overlap with
ones you should be willing to support, provided your OpenSSL library
is not compiled or configured to turn crypto security up to 11.

> smtpd_tls_exclude_ciphers = 
> MD5,SRP,PSK,aDSS,kECDH,kDH,SEED,IDEA,RC2,RC5,RC4,3DES

The "SRP" and "PSK" exclusions are only there to not clutter the
cipherlist, they can't be used without additional configuration, so
their exclusion is *cosmetic*.  The rest are indeed obsolete, and are
excluded by default in recent Postfix versions:

$ postconf -d  | grep MD5
tls_high_cipherlist = 
aNULL:-aNULL:HIGH:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:@STRENGTH
tls_medium_cipherlist = 
aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH
tls_null_cipherlist = eNULL:!kDH:!kECDH:!aDSS:!MD5:!aNULL

But that's not your problem.

> According to wireshark input its supported ciphers are:
> 
> Handshake Protocol: Client Hello
> Version: TLS 1.2 (0x0303)
> 
>  Cipher Suites (13 suites)
> Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
> Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
> Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
> Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)

These first four should work fine, unless you're using a version of
OpenSSL that disabled these, at compile time or runtime, perhaps
Redhat/Fedora Crypto policies?

Note that these ciphers don't enable "forward-secrecy", they use RSA key
exchange:

$ openssl ciphers -V -stdname -s -tls1_2 -v 'HIGH+AES+kRSA+CBC:@STRENGTH'
  0x00,0x3D - TLS_RSA_WITH_AES_256_CBC_SHA256   - 
AES256-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(256)
   Mac=SHA256
  0x00,0x35 - TLS_RSA_WITH_AES_256_CBC_SHA  - 
AES256-SHA SSLv3   Kx=RSA  Au=RSA   Enc=AES(256)
   Mac=SHA1
  0x00,0x3C - TLS_RSA_WITH_AES_128_CBC_SHA256   - 
AES128-SHA256  TLSv1.2 Kx=RSA  Au=RSA   Enc=AES(128)
   Mac=SHA256
  0x00,0x2F - TLS_RSA_WITH_AES_128_CBC_SHA  - 
AES128-SHA SSLv3   Kx=RSA  Au=RSA   Enc=AES(128)
   Mac=SHA1

So, my money is on RSA key exchange being disabled in your OpenSSL,
unless there are other Postfix settings you've not shared that do that.

> IIUC, as CBC ciphers are unsafe, it would make most sense to allow RC4 on
> specialised submission service on different TCP port.

No, as correctly noted by Bill Cole, the CBC ciphers are more
appropriate in SMTP than is RC4.

On Fri, Nov 22, 2024 at 03:12:01PM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:

> so I guess I'll have to exclude SRP or PSK [...]

That would be a NOOP, as noted above, just keeps the list tidy, but has
no effect on the wire.

On Fri, Nov 22, 2024 at 01:01:40PM -0500, Bill Cole via Postfix-users wrote:
> 
> The HTTP-relevant attacks (e.g. BEAST) I am aware of on CBC ciphersuites are
> infeasible against SMTP and similar protocols.
> 
> https://marc.info/?l=postfix-users&m=133649211220443&w=2
> https://success.qualys.com/discussions/s/question/0D52L4TntrHSAR/weak-cbc-mode-vulnerability-on-smtp&ved=2ahUKEwjV6r-IwfCJAxULj4kEHV_wJGUQFnoECC4QAQ&usg=AOvVaw3-avte1ZFDupDEI4r7shA1
> https://blog.qualys.com/product-tech/2011/10/17/mitigating-the-beast-attack-on-tls#comment-8481

Thanks for saving me the trouble.

On Fri, Nov 22, 2024 at 07:24:33PM +0100, Matus UHLAR - fantomas via 
Postfix-users wrote:
> Now I'm searching for the proper smtpd_tls_exclude_ciphers setting to get at
> least some, possibly most secure ciphers of those provided in my first mail.

Well, nothing you've reported explicitly disables the CBC ciphers, but
see above re forward-secrecy and kRSA.

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Bill Cole via Postfix-users

On 2024-11-22 at 13:24:33 UTC-0500 (Fri, 22 Nov 2024 19:24:33 +0100)
Matus UHLAR - fantomas via Postfix-users 
is rumored to have said:
[...]


Thanks.
Now I'm searching for the proper smtpd_tls_exclude_ciphers setting to 
get at least some, possibly most secure ciphers of those provided in 
my first mail.


If you're up to date with Postfix, you probably do not need to list 
anything in smtpd_tls_exclude_ciphers.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com 
addresses)

Not Currently Available For Hire
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Matus UHLAR - fantomas via Postfix-users

On 2024-11-22 at 07:09:06 UTC-0500 (Fri, 22 Nov 2024 13:09:06 +0100)
Matus UHLAR - fantomas via Postfix-users 
is rumored to have said:


IIUC, as CBC ciphers are unsafe,


On 22.11.24 13:01, Bill Cole via Postfix-users wrote:

What is your basis for understanding that, in regards to SMTP?


Nothing, just remembered there were problems related to CBC mode, without 
details. These links explain it nicely.


The HTTP-relevant attacks (e.g. BEAST) I am aware of on CBC 
ciphersuites are infeasible against SMTP and similar protocols.


https://marc.info/?l=postfix-users&m=133649211220443&w=2

https://success.qualys.com/discussions/s/question/0D52L4TntrHSAR/weak-cbc-mode-vulnerability-on-smtp&ved=2ahUKEwjV6r-IwfCJAxULj4kEHV_wJGUQFnoECC4QAQ&usg=AOvVaw3-avte1ZFDupDEI4r7shA1

https://blog.qualys.com/product-tech/2011/10/17/mitigating-the-beast-attack-on-tls#comment-8481


Thanks.
Now I'm searching for the proper smtpd_tls_exclude_ciphers setting to get at 
least some, possibly most secure ciphers of those provided in my first mail.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Bill Cole via Postfix-users

On 2024-11-22 at 07:09:06 UTC-0500 (Fri, 22 Nov 2024 13:09:06 +0100)
Matus UHLAR - fantomas via Postfix-users 
is rumored to have said:


IIUC, as CBC ciphers are unsafe,


What is your basis for understanding that, in regards to SMTP?

The HTTP-relevant attacks (e.g. BEAST) I am aware of on CBC ciphersuites 
are infeasible against SMTP and similar protocols.


https://marc.info/?l=postfix-users&m=133649211220443&w=2

https://success.qualys.com/discussions/s/question/0D52L4TntrHSAR/weak-cbc-mode-vulnerability-on-smtp&ved=2ahUKEwjV6r-IwfCJAxULj4kEHV_wJGUQFnoECC4QAQ&usg=AOvVaw3-avte1ZFDupDEI4r7shA1

https://blog.qualys.com/product-tech/2011/10/17/mitigating-the-beast-attack-on-tls#comment-8481


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com 
addresses)

Not Currently Available For Hire
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Mauricio Tavares via Postfix-users
On Fri, Nov 22, 2024 at 7:51 AM Matthew McGehrin via Postfix-users
 wrote:
>
> Hello
>
> Perhaps just a secondary port without TLS for legacy devices. TLS isn't 
> required for SMTP.

  And maybe a separate vlan for printers or legacy devices.

> See also:
>
> https://ciphersuite.info/
>
> For looking up various cipher suites.
>
>
> On 11/22/2024 6:09 AM, Matus UHLAR - fantomas via Postfix-users wrote:
>
> Hello,
> Our customer has an old scanner/printer seems to support TLS1.2, but only a 
> few weak ciphers that are forbidden in out postfix configuration, according 
> to old discussion in this list:
>
>
> ___
> Postfix-users mailing list -- postfix-users@postfix.org
> To unsubscribe send an email to postfix-users-le...@postfix.org
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: old printer with weak TLS cipher selection

2024-11-22 Thread Matthew McGehrin via Postfix-users
Hello

Perhaps just a secondary port without TLS for legacy devices. TLS isn't 
required for SMTP.

See also:

https://ciphersuite.info/

For looking up various cipher suites.


On 11/22/2024 6:09 AM, Matus UHLAR - fantomas via Postfix-users wrote:
> Hello,
> Our customer has an old scanner/printer seems to support TLS1.2, but > only a 
> few weak ciphers that are forbidden in out postfix > configuration, according 
> to old discussion in this list:
>
>
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org