On 12 Nov 2016, at 18:59, li...@lazygranch.com wrote:
# postconf tls_high_cipherlist
tls_high_cipherlist = aNULL:-aNULL:HIGH:@STRENGTH
verified
Assuming the default "high" setting is sufficient, why wouldn't I
change
this parameter to high rather than medium.
postconf smtpd_tls_mandatory_ciphers
smtpd_tls_mandatory_ciphers = medium
Because if you set it to 'high' then you will be unable to negotiate ANY
encryption with some senders, and they will either fall back to sending
in cleartext or they will keep trying to negotiate TLS sessions with
you, fail, and retry until their queue timeout has passed. With the
default 'medium' setting, you still use the (probably) stronger
ciphersuites when possible, so using 'medium' only switches some
sessions from cleartext to encrypted and some others from slow failure
to normal success.
The difference between "high" and "medium" ciphersuites is roughly the
difference between whether the NSA/GCHQ will be able to crack your SMTP
sessions in 10 years or >20 years, assuming that they are capturing and
archiving it today. Unless you have "smtpd_tls_security_level=encrypt"
in your config, most of the SMTP sessions that could use the 'medium'
ciphersuites would end up running in the clear, so the practical
difference is between readable in realtime with 'high' and readable
(maybe) many years from now with 'medium'.
If the NSA/GCHQ capturing all of your SMTP traffic and saving it for
hypothetical future decryption is a realistic and significant scenario
in your threat model, you should reconsider your use of email.
Actually
smtp_tls_mandatory_protocols = high, !SSLv2, !SSLv3
since I excluded sslv2 and v3 after drown.
What makes you think "high" is a valid token for that parameter or for
its server-side equivalent analog smtpd_tls_mandatory_protocols?
Seriously: RTFM. It's pretty clear that you haven't done that or
carefully read my messages in this thread, so I'm unlikely to waste any
more time on it.
