Thanks you very much! Very informative!
On 2017-11-23 16:03, Mel Pilgrim wrote: > On 2017-11-23 01:30, Jonathan Sélea wrote: >> Hi, >> >> I did struggle alot to understand and deploy a secure cipher list that >> https://hardenize.com and https://ssl-tool.net would not complain on, so >> I came up with this: >> >> smtpd_tls_protocols = !SSLv2 !SSLv3 >> smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 >> smtp_tls_protocols = !SSLv2 !SSLv3 >> smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 >> lmtp_tls_protocols = !SSLv2 !SSLv3 >> lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3 >> smtpd_tls_mandatory_ciphers=high >> tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:AES256-SHA:CAMELLIA128-SHA:AES128-SHA >> >> smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, >> aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA, >> CAMELLIA, SEED, 3DES, AES128-GCM-SHA256, AES256-GCM-SHA384, >> AES128-SHA256, AES256-SHA256, AES256-SHA, AES128-SHA >> smtpd_tls_eecdh_grade=ultra >> tls_preempt_cipherlist = yes >> tls_eecdh_strong_curve = prime256v1 >> tls_eecdh_ultra_curve = secp384r1 >> >> My question is, can I improve this futher or do you guys/girls have any >> opinion regarding this? >> I am grateful for all comments, tips or other suggestions :) > > For your public facing ports, the point is to provide an encrypted > channel as often as possible. Public SMTP is effectively anonymous, so > forcing high grade encryption is counterproductive. I do suggest setting > > *_ciphers = high > > because the default of "medium" includes RC4 and 3DES, and I believe > actively eradicating those from the wild is necessary and good. I > maintain some statistics about opportunistic STARTTLS and the last > time I saw mandatory RC4 was 2015. I have yet to see mandatory 3DES. > > The other thing is to set is > > *_protocols = !SSLv2, !SSLv3, TLSv1, TLSv1.1, TLSv1.2 > > because some SSL libraries won't enable TLSv1.2 unless you explicitly > tell it to do so. > > For internal SMTP, I have to deal with PCI and other infosec > "standards", so the crypto used already requires regular review. I > also get to control the SMTP talker population, so I use > certificate-based authentication with the following: > > *_tls_ciphers = !aNULL:AES256+kEECDH > *_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1, TLSv1.2 > > In a heterogenous network, particularly one with mobile devices or > Window/MacOS that aren't on current release, you will need to relax > the cipherspec to something like '!aNULL:AES+kEECDH:AES+kEDH:+SHA1' > and enable TLSv1 and TLSv1.1.
smime.p7s
Description: S/MIME Cryptographic Signature
