On Sat, Jun 21, 2014, at 10:07 AM, Viktor Dukhovni wrote: > > During a security audit, it was determined that the MX supported what > > the auditors called "weak" ciphers and protocols (SSLv3, TLSv1.0, > > RC4-MD5, anonymous ciphers and so on). The auditors demanded that we > > disable all those - not considering the fact that our Postifx _did_ > > assing a higher priority to "more secure" ciphers. > > > > Not surprisingly, a lot of sending systems failed back to plain text > > after we pushed the change to production. > > A my previous employer a clueless checklist zombie auditor tried > to pull the same trick. Though it took much spine, the postmaster > who succeeded me managed to convince management that the auditor > was wrong, and no settings were changed.
I've been trying to follow this, and related threads, as well as reading @ Postfix http://www.postfix.org/TLS_README.html#server_cipher http://www.postfix.org/FORWARD_SECRECY_README.html and poking around at http://sendgrid.com/blog/sendgrid-and-the-future-of-email-security/ http://checktls.com/ I think I see the variety of options, and understand some of the pitfalls, as discussed, but TBH am a bit lost as to what the 'best practices' *recommendation* for the cipher list to use is? specifically for a PFS-capable Postfix server, with as-robust-as-possible fallback to secured traffic, even if weak-cipher encrypted. If there's a "given these discussions, do this" doc or thread that someone can kindly point to, or simply state here in-thread, I'd appreciate it. Just looking for some 'distillation' ... Thanks, Grant
