On 28 May 2015, at 11:38, A. Schulze <s...@andreasschulze.de> wrote: > the crypto weakness of the month is named "logjam". > If you could connect to https://dhe512.zmap.io your SSL-Client / Browser > support weak crypto. > What does that mean for postfix? > > We setup a postfix smtp server with > > smtpd_tls_dh1024_param_file = /path/to/dh_512.pem > smtpd_tls_exclude_ciphers = ECDH > smtpd_tls_ciphers = high > smtpd_tls_protocols = TLSv1.2 > > and connect to that server > > posttls-finger -g high -c -p TLSv1.2 $testserver > > There is no warning about the weak DH key used by the server nor is the > connection rejected. > > Next we replaced the RSA Key + certificate. We created a weak 512 bit RSA key > together > with a selfsigned certificate and disabled DH at all. > > smtpd_tls_exclude_ciphers = DH,ECDH > > Also in this case we could use ciphers up to TLS_RSA_WITH_AES_256_GCM_SHA384 > / AES256-GCM-SHA384 > But also no warning about the very small RSA key. > > Is it possible for the postfix smtp client to gather information about the > currently used key length > or is this hidden by the ssl library at all? > > Andreas
There are several problems with your configuration. Please refer to the mailinglist archive for how to configure Postfix to deal with Logjam. It has been discussed extensively in this thread; http://marc.info/?t=143239334800001&r=1&w=2 Specifically Viktor's advice; http://marc.info/?l=postfix-users&m=143247471717341&w=2 http://marc.info/?l=postfix-users&m=143251190223247&w=2 And the Postfix documentation on Forward Secrecy; http://www.postfix.org/FORWARD_SECRECY_README.html#quick-start Mvg, Joni
