On Fri, Jun 05, 2015 at 10:36:03AM +0200, Per Thorsheim wrote:
> RFC2595 says that TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is REQUIRED when
> configuring TLS for IMAP, POP & AMAP.
>
> All other cipher suites are OPTIONAL.
Time marches on, while old RFCs stay the same.
> I'm sure I'm missing out on some info, but basically I'm trying to
> figure out the min/max & recommended cipher suite settings for POP/IMAP,
> as well as for STARTTLS TCP/25 & TCP/587 without breaking RFCs, "best
> practices", or cryptographers ability to sleep well.
Postfix by default enables all ciphers, but in upcoming releases
we'll disable at least "EXPORT" and likely also "LOW" (single DES).
I'd recommend similarly simple settings elsewhere. Don't over-optimize
the cipherlists. While this may matter for HTTPS, for email
protocols overly-specific cipherlist tweaks are often counterproductive.
If it were not for Exchange 2003, the simplest setting would work
well across the board. To use TLS with Exchange 2003 servers, the
Postfix SMTP client needs to trim enough "exotic" cipher suites so
that RC4-SHA appears in the top 64.
That tweak applies only to outbound MTA to MTA email.
--
Viktor.
