Re: STARTTLS and PCI requirements

Thu, 02 Jan 2020 10:18:32 -0800 

On Thu, Jan 02, 2020 at 06:35:17PM +0100, Bastian Blank wrote:

> On Thu, Jan 02, 2020 at 12:16:33PM -0500, James B. Byrne wrote:
> > Our revised cipher list is:
>
> Don't, as long as you don't enforce encryption as well.
> Don't use mail to transport payment data, so PCI is not applicable.

The above sounds quite reasonable to me.

On Thu, Jan 02, 2020 at 12:16:33PM -0500, James B. Byrne wrote:

> Jan  2 11:32:20 mx31 postfix-p25/smtpd[55167]: connect from
> rockmx03.rockwool.com[195.191.109.227]
> Jan  2 11:32:20 mx31 postfix-p25/smtpd[55167]: SSL_accept error from
> rockmx03.rockwool.com[195.191.109.227]: -1

That seems to suggest that the client disconnected in the middle of the
TLS handshake, leaving no usable SSL-layer error reason.

> When I connect to the sender I see this:

There's little reason to expect to learn much by connecting to the
sending domain's MX hosts.

> New, TLSv1.0, Cipher is ECDHE-RSA-AES256-SHA

The only think that's perhaps relevant is that TLSv1 was used
and not TLSv1.2, suggesting a rather dated inbound stack.

> 250 CHUNKING

The server runs Windows.

> We recently were forced by our PCI compliance audit to change our
> permissible ciphers.

It should be possible in many cases to talk some sense into the
auditors.  Was STARTTLS from the senders in question working before
the changes?

> # postconf | grep tls | grep cipher

[ Next time, "postconf -n" please. ]

> smtp_tls_ciphers = high
> smtp_tls_exclude_ciphers = MD5, aDSS, SRP, PSK, aECDH, aDH, SEED, IDEA, RC2, 
> RC4, RC5, DES, 3DES
> smtp_tls_mandatory_ciphers = high

These don't affect inbound mail.

> smtpd_tls_ciphers = high
> smtpd_tls_mandatory_ciphers = high
> smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK,
>    aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA

The cipher exclusions above look rather haphazard.  Saner would be:

    smtpd_tls_exclude_ciphers = MD5, aDSS, kECDH, kDH, 3DES, RC4, SEED, IDEA, 
RC2, RC5

What protocol versions do you have enabled?  More likely the issue is
that you've disabled TLS 1.0.

> I would appreciate any guidance as to how to correct this issue
> without running afoul of the PCI DSS.

Leave TLS 1.0 enabled for now, it is adequately secure for opportunistic
TLS in SMTP.

-- 
    Viktor.

Reply via email to