I have done a fair amount of searching on this topic, both here and elsewhere, and I've found no solution. I will share what I have found.
Disabling SSLv2 and SSLv3 was easy for IMAP/POP3 by setting "TLS_PROTOCOL=TLS1" in /etc/courier/imap-ssl and /etc/courier/pop3-ssl. Dovecot reportedly works similarly.
But the smtp ports (25 and 587) are another story. One post on this maillist stated that port 587 will only accept TLS, so we should not worry about it. That is not the case on my machine (yum updated qmailtoaster on Cent5). As installed, I could connect both SSLv2 and SSLv3 to ports 25 and 587 (via: openssl s_client -starttls smtp -crlf -connect localhost:587 -ssl2). I found this unsettling. I like qmail for its security-focused design and track record. Yet the toaster accepts SSLv2 depsite the entire internet proclaiming that it is outdated, broken, and should simply not be used by anyone for anything (except maybe political aids who want to deniably leak stories).
SSLv2 was easily disabled with "!SSLv2" in /var/qmail/control/tlsserverciphers, but that is not the case with SSLv3. Since the SSLv3, TLSv1, and TLSv1.1 protocols share the same ciphers, putting "!SSLv3" in /var/qmail/control/tlsserverciphers disables all three of these protocols and thus disables STARTTLS altogether (unless you have a version of openssl which supports TLSv1.2, which qmailtoaster on Cent5 does not). I tested this, and it was indeed the case.
Though qmailtoaster has /var/qmail/control/tlsserverciphers for specification of TLS ciphers, it seems to have no corresponding way to specify the TLS protocols.
The next logical step would be to disable SSLv3 is OpenSSL. Unfortunately, I have found no way to do this via openssl.cnf, neither by going through the file or by extensive searches on this question. Several posts have explicitly stated it is not possible, and that is consistent with the man page.
It is possible to compile openssl with the "no-SSL3" option (http://wiki.openssl.org/index.php/Compilation_and_Installation). Though I am comfortable compiling my own small programs, or things I download which do not have things which depend on them, I am not comfortable trying to figure out how to do it for a RPM/Yum managed package with many dependencies.
Unfortunately, waiting for QmailToaster to migrate to Cent6 is not the answer. Cent6 can update to OpenSSL 1.0.1 which has TLSv1.2 support, but without a patch to qmail or a "no-ssl3" built openssl RPM, one must fall back to "!SSLv3" in /var/qmail/control/tlsserverciphers. Doing that would leave ONLY the TLSv1.2 protocol, which would severely restrict compatability with existing infrastructure.
So it seems that for now I just sit and wait for a patch. In the mean time, my choices seem to be: (plaintext) OR (encrypted AND POODLE-vulnerable)The latter seems less risky than the former, so that is what I'm going with for now. For me, it's not just SMTP-AUTH password protection. I think ALL MTA-to-MTA traffic should be encrypted. If anyone is going to read/scan all our mails, then they should at least have to work hard to do so.
I'd be curious to hear others' thoughts on this.I'd love for someone to point out a simple solution which I've overlooked. :)
-Andy
smime.p7s
Description: S/MIME Cryptographic Signature
