On Wed, Apr 23, 2014 at 05:53:31PM +0200, Per Thorsheim wrote:
> My worries here, as with HTTPS, is users (mailadmins?) putting way too
> much trust into it, as soon as they see a mailheader saying SSLv2
> ciphers were used.
In opportunistic TLS mode, Postfix by default sets no floor on
cipher suite selection beyond disabling the SSLv2 protocol.
When encryption is mandatory, the floor is raised to "medium" cipher
suites. I think that support for "export" and "low" cipher suites
is no longer required for interoperability. I'm considering raising
the default floor for opportunistic TLS to "medium" also. This
will not impact interoperability.
In most other ways attempting to raise the policy floor with
opportunistic TLS leads to reduced security, because failure to
negotiate a working TLS session leads to plaintext tranmission
instead.
--
Viktor.
