On 28 May 2015, at 12:16, A. Schulze <s...@andreasschulze.de> wrote: >> There are several problems with your configuration. Please refer to the >> mailinglist archive for how to configure Postfix to deal with Logjam. >> It has been discussed extensively in this thread; >> >> http://marc.info/?t=143239334800001&r=1&w=2 > > I read this as "how do I provide strong Crypto at my Server" > > But I'm more concernd about "how to notice if my SMTP Client connect to a > broken Server I don't control". > So I set up a weak server as described. And, no suprise, there is no warning > from the postfix smtp client connecting to that server. > > As users expect their browser deny to connect to https://dh512.zmap.io > I would love to see postfix smtp client reject connections to my weak Server. > > And *that* is the point...
Even if a server you do not control presents weak encryption, there's no reason to deliberately reject this. It is a problem for the recipient to solve. The alternative is plain text transmission, with no transport encryption at all. No encryption is worse than weak encryption. Also, remember that SMTP is based on opportunistic encryption, triggered by the presence of 'STARTTLS' in the EHLO response. All a MitM attack needs to do is to intercept that EHLO response, remove STARTTLS as a listed capability, and the communication will take place without it. Again, in plain text. If you want to be proactive, set 'smtp_tls_loglevel = 1', and monitor your logs for the outgoing ciphers used. Mvg, Joni
