On Sat, Sep 18, 2021 at 12:44:30AM +0200, Gerald Galster wrote:
> > Sure, but the forensic value of the signal is rather weak, since you
> > learn nothing about the names in the certificate, and anyone can get
> > a certificate from Let's Encrypt. So your connection was to some
> > server that had some certificate, ... now what?
>
> You'll get the information that a valid, CA-issued certificate was
> used and you can extract the relay from the maillog.
Yes, but at security level "may" the relay name need not have been any
of the names in the certificate. At this TLS security level, the
Postfix SMTP client neither knows which name to expect to find, nor
goes to the trouble of looking to see which names if any are present.
So a "Trusted" certificate tells you exceedingly little.
> I'd guess for real mailservers that certificate would verify with the
> mx/relay servername, which could be enforced and monitored.
Which in the absence of DNSSEC is not MiTM-resistant. The "verify"
security level uses (MX) "hostname" matching by default, and the
documentation warns about the associated security weakness if the
name comes from unsigned DNS.
--
Viktor.
