On 20 May 2014, at 15:25, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> On Tue, May 20, 2014 at 02:11:34PM +0100, Colin Fowler wrote:
>
>> I've heard anecdotes of clients not using the best mutually supported
>> encryption and instead just using whatever's first in the list of methods
>> accepted by the server. I don't have anything to back this up though. Ever
>> heard of this? If this was true, then disabling weak methods might be
>> beneficial.
>
> This is not how TLS works, the client sends a list of cipher-suites,
> and the server chooses exactly one of these. Depending on server
> configuration, this is either the client's most preferred cipher
> also supported by the server or else the server's most preferred
> cipher supported by the client.
>
> Grossly misconfigured clients or servers might choose weak
> cipher-suites, but I've never seen this happen in practice.
In our experience, the reverse is actually true; over time, we are
seeing a slow but steady upgrade in the TLS version and ciphers used in
both incoming and outgoing connections. SSLv3 connections are now in
the single digits for us, and TLSv1.2 has gained a lot of ground over
the past six months or so.
If you want to monitor this, you can set 'smtp_tls_loglevel' and
'smtpd_tls_loglevel' to 1, and then check your logs for the relevant
entries.
Outgoing (client) grep pattern;
'postfix/smtp\[.* connection established to .* with cipher'
Incoming (server) grep pattern;
'postfix/smtpd\[.* connection established from .* with cipher'
Then pipe it through the following to get a reverse sorted list, most
used at the top;
sed 's/^.* connection established from .*\]: //' | sort \
| uniq -c | sort -r -n
We run this daily, on the logs from the day before. It keeps my need to
'optimize' the default settings in check ;-)
This is for our relay servers, by the way. Our mailbox servers, that
also do submission, use stricter settings, no longer accept SSLv3 or
medium ciphers etc.
Mvg,
Joni
