On Mon, 24 Feb 2014, Viktor Dukhovni wrote:
With a bit of luck roughly 5 years. Exim has not implemented DANE
yet, and the RFC for DANE TLS for SMTP has not yet been ratified
by the IETF. The first Postfix release with DANE just came out
last month, and is not in most O/S distributions.
You're optimistic. Let's hope you're right, but I doubt it.
But you din't answer my question: What harm would it do, when the
checks implemented already to verify certs and domain names and
maybe TLS protocol quality are also executed for "Opportunistic TLS"
and the results printed in the log?
You're asking for a verification status that would indicate
conditional MITM protection:
- False negative: MITM protection is illusory when the MX
hostname is compromised through DNS record forgery.
- False positive: No claim of MITM protection when the MX
host's certificate does not match what was expected, even
though it is the right MX host.
- False negative: Your root CA list contains a rogue CA, or
an intermediate CA signed by a trusted CA is rogue.
- False positive: Your root CA list contains too few CAs.
Hmm, point 1,3,4 are already true for the current output. Adding the info
that Cert and hostname matched wont add additional drawbacks. Point 2 can
be addressed by the text. Don't write "VERIFIED", write "cert-match" or
whatever is suggesting less MITM protection level. Don't add any text,
when not matching or write the (first) certificate domain as reference.
If e.g. Google mail suddenly is sent to the mail.badguy.de it is much more
obvious in the log then if gmail-smtp-in.l.google.com gets a different IP.
Such an output would help to find second case easily.
Is there a test server I can use to verify correct function? It does
not sound like a good idea to send some test mails to a server
without a permission to do so.
Testing is possible without sending email. You just need to complete
a TLS handshake.
My setup should now be correct (at least according to docs). DNS responses
seem to be verified (positive and negative), so I assume it works.
But I have no idea how to use the postfix tools to start a TLS connection
to such an server without sending an email. This requires too much
internal knowledge I fear. Last time I tried to call smtp tool by hand it
told me not to do so and I took that advice.
I can use mail(x) or telnet or openssl, but this does not tell me if the
postfix settings are right.
Since with DANE we know what an authenticated connection means, we
can and likely will soon add a setting which allows DANE to optionally
fall back to an MITM vulnerable mode ("encrypt" or "may") after
logging a warning, when authentication fails or TLS is unavailable
on the server. That will allow more cautious users to pilot DANE
without worrying about denial of service.
This affects receiving servers with wrong configured TLSA/DNSSEC settings?
Actually I thought that stopping mail delivery in case DANE is detected
and defective is a very good idea.
Shouldn't that case be obvious in the "broken" server log - connection
aborts after the TLS phase?
Ciao
--
http://www.dstoecker.eu/ (PGP key available)
