On Thu, Sep 15, 2016 at 04:37:47AM -0700, fleon wrote:
> After two years of successful emails sent by postfix through our exchange
> 2007 server i have started having problems. I did update debian 7 to debian
> 8, so i don't know what postfix/openssl version i had back then.
In Debian 8 you have a newer version of OpenSSL which supports TLS
ciphers. And is patched with various recent security fixes.
> Sep 14 11:52:54 mar-zabbix postfix/smtp[10382]: SSL_connect error to
> mar-exch01.mydomain.com[192.168.100.223]:25: lost connection
> Sep 14 11:52:54 mar-zabbix postfix/smtp[10382]: 32D975004EE: Cannot start
> TLS: handshake failure
> [ ... start of server connection details ... ]
> New, TLSv1/SSLv3, Cipher is RC4-MD5
> Secure Renegotiation IS NOT supported
> Protocol : TLSv1
> Cipher : RC4-MD5
Note that your server's idea of "optimal" TLS security is TLSv1
with RC4-MD5.
This server is likely of the same vintage that only looks at the
topmost 64 ciphers offered by the STARTTLS client, and fails if
RC4 is not in one of those top 54 slots. This is exceedingly dated
software. it probably does not support AES at all. You *will* need
to upgrade in the relatively near future, start planning that now.
> Postfix is 2.11.3 and openssl 1.0.1t. Is this an openssl bug?
No, just time marching on. In OpenSSL 1.1.0 both RC4 and 3DES TLS
cipher support no longer compiled into the library by default.
You can temporarily hold back the tide with:
smtp_tls_exclude_ciphers = MD5, aDSS, kECDH, kDH, SEED, IDEA, RC2, RC5
smtp_tls_protocols = !SSLv2:!SSLv3
smtp_tls_mandatory_protocols = !SSLv2:!SSLv3
See:
https://www.ietf.org/mail-archive/web/tls/current/msg10471.html
http://postfix.1071664.n5.nabble.com/What-is-a-good-and-very-secure-configuration-for-public-postfix-server-nowadays-tt76918.html#a76996
> debug_peer_level = 5
Way overkill. The usual "2" is quite enough.
> debug_peer_list = [192.168.100.222]
No need for that, revert to empty.
--
Viktor.
