On 25 May 2015, at 13:23, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> On Mon, May 25, 2015 at 10:36:24AM +0200, DTNX Postmaster wrote: > >> I am talking about the MSA here, Viktor, not MTA to MTA traffic. That's >> what the previous poster was asking about; > > My advice stands. Avoid overly explicit cipher lists. Go with > broad categories, with some exclusions as necessary. > > The main thing that's changed since Postfix default settings were > put in place is that it is no longer necessary or advisavle to > support "export" or "low" ciphersuites. We'll likely disable > "export" and "low" by default in Postfix 3.1 (subject to a suitable > compatibility control). > > -- > Viktor. No, not for submission, where clients will submit their authentication details, allowing them to bypass most of the restrictions that are in place for MTA to MTA communication. Especially older clients have less than optimal cipher selections if you leave the choice to the connecting software, whereas deliberately specifying a fairly strict set of ciphers and enforcing the cipher order leads to better behaviour. There is no reason to let Outlook Express on Windows XP prefer RC4 over 3DES, for example. But that's what Schannel clients on XP/2003 will do if you let them, and I bet it isn't the only older toolkit that does this. For the MSA, be overly specific. Enforce cipher order. Enforce STARTTLS, make sure there is no plain text fallback. If you think you might still need RC4, add 'RC4-SHA' at the end of the list, then monitor your logs for actual usage. There's a pretty big chance you'll be able to disable it altogether, followed by 3DES at a later date, when the need arises. Mvg, Joni
