On Mon, Jan 05, 2026 at 07:21:26AM +0100, Fourhundred Thecat via Postfix-users
wrote:
> I am on Postfix 3.4.23. I currently have this in my main.cf:
>
> smtpd_tls_dh1024_param_file = /etc/ssl/private/dh/dh2048.pem
> smtpd_tls_dh512_param_file = /etc/ssl/private/dh/dh512.pem
>
> now I read that Postfix already includes a high-quality 2048-bit prime by
> default (despite the name dh1024), and that 512 should not be used at all
I hope that what you read was the Postfix documentation:
https://www.postfix.org/postconf.5.html#smtpd_tls_dh1024_param_file
File with DH parameters that the Postfix SMTP server should use with
non-export EDH ciphers.
With Postfix ≥ 3.7, built with OpenSSL version is 3.0.0 or later, if
the parameter value is either empty or "auto", then the DH parameter
selection is delegated to the OpenSSL library, which selects
appropriate parameters based on the TLS handshake. This choice is
likely to be the most interoperable with SMTP clients using various
TLS libraries, and custom local parameters are no longer recommended
when using Postfix ≥ 3.7 built against OpenSSL 3.0.0.
...
This should probably recommend that "auto" setting more strongly, if for
no other reason than that ad hoc DH parameters are only possible with
TLS <= 1.2. In TLS 1.3 only the standard FFDHE groups (ffdhe2048,
ffdhe3072, ...) are supported, and the default Postfix configuration
enables the first two. Stronger FFDHE groups are silly, if for some
reason your use case demands stronger security, the one of ECDHE curves
or X25519MLKEM768 are better choices.
And even with TLS 1.2, OpenSSL will to its best to choose a sensible
FFDHE key exchange parameter set (if for some reason no ECDHE options
are mutually agreeable), and this will likely work better.
Bottom line, the best thing to do, as with most of the cryptographic
parameters, is to leave them at their default values.
> is there any advantage using my own generated dh2048.pem ?
A decade or more ago, that might have made some sense.
> or should I remove both lines from main.cf ? or only the 512 key?
Best to just let these go.
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
