On Thu, Aug 20, 2020 at 01:33:16AM +1000, Nikolai Lusan wrote:
> Personally I have:
>
> smtp_tls_security_level = may
> smtpd_tls_security_level = may
> smtp_tls_note_starttls_offer = yes
The last one one is redundant, unless you also have a policy table with
security level set to "none" for some destinatons.
> smtpd_tls_protocols = !SSLv2, !SSLv3 !TLSv1 !TLSv1.1 TLSv1.2 TLSv1.3
> smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 TLSv1.2 TLSv1.3
It is best to NOT list the inclusions, instead, list only the
exclusions. With Postfix 3.6, the preferred syntax will be:
smtp_tls_protocols = >=TLSv1.2
smtp_tls_mandatory_protocols = >=TLSv1.2
Which is a lower-bound, you can alternatively/also set an upper bound,
for example:
smtp_tls_protocols = >=TLSv1, <=TLSv1.2
smtp_tls_mandatory_protocols = >=TLSv1.2, <=TLSv1.3
> smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, KDH, SEED, aNULL, RC4,
> PSD, SRP, 3DES, RC2, aDSS, IDEA, kECDH, eNULL
> smtpd_tls_exclude_ciphers = MD5, DES, ADH, KDH, SEED, aNULL, RC4,PSD, SRP,
> 3DES, RC2, aDSS, IDEA, kECDH, eNULL
This looks somewhat cargo-culted, in particular:
- There was IIRC never any set of "PSD" ciphers, perhaps you meant "PSK"?
- There was never any set of "KDH" ciphers, you likely meant "kDH",
to go along with "kECDH", both are indeed deprecated, and by
default no longer enabled in OpenSSL 1.1.1.
- Why are you disabling aNULL? Generally, when Postfix does
opportunistic TLS (security level "may" or "encrypt"), the aNULL
(i.e. ADH + AECDH) ciphers are left enabled.
- Why are you disabling ADH? It is a strict subset of aNULL.
- There is no need to exclue "eNULL" (twice!), that exclusion is built-in.
> tls_high_cipherlist =
> EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:!CAMELLIA128:!AES128:!SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:!CAMELLIA128-SHA:!AES128-SHA
This is not a good idea. Go with the defaults.
--
Viktor.
