On Sat, Aug 15, 2015 at 09:02:24PM +0200, Thomas Keller wrote:
> > # Exclude obsolete weak crypto.
> > #
> > smtpd_tls_protocols = !SSLv2, !SSLv3
> > smtpd_tls_ciphers = medium
> > smtp_tls_protocols = !SSLv2, !SSLv3
> > smtp_tls_ciphers = medium
> >
>
> If I set "smtpd_tls_ciphers = medium", then the 512-bit DH parameter
> file will no longer be used for forward secrecy. Correct?
Correct.
> can I delete the following line?
>
> smtpd_tls_dh512_param_file = /etc/ssl/private/dh512.pem
Yes, but it does no harm. I would consider something more
radical:
smtpd_tls_dh512_param_file = /etc/ssl/private/dh2048.pem
If you somehow negotiate an EXPORT ciphersuite and the 2048-bit
parameters work, great, you're protected from Logjam. More likely
the handshake might fail, that would be even better, since the
EXPORT ciphers are supposed to be disabled.
The premise is of course false, unless you accidentally go back
from "medium" to "export".
--
Viktor.
