On 2021-09-24 at 19:05:00 UTC-0400 (Fri, 24 Sep 2021 19:05:00 -0400) Alex <mysqlstud...@gmail.com> is rumored to have said:
Hi, I recently ran testssl.sh (https://github.com/drwetter/testssl.sh) on my mail server,
Presumably on port 25 with STARTTLS?
and it's still showing TLS 1 and 1.1 still being offered, as well as DES:
All entirely reasonable. SMTP with STARTTLS is naturally an opportunistic mechanism from which a fallback to transport in the clear is the standard. As such, unless you are mandating encryption for all mail, it makes no sense to refuse to support not-great encryption if that's all a peer can do.
What are the proper crypto settings for the safest configuration?
The defaults for protocols and ciphers in Postfix are good. There's no compelling reason to change any of them for port 25 STARTTLS at most sites. I think setting "tls_preempt_cipherlist=yes" is prudent if you have a current Postfix and OpenSSL with default settings, because the Postfix default cipher list & order will be as good as possible, where a client could be quite silly.
It's good to keep in mind that SSL testing tools naturally look for the full spectrum of possible issues in all applications, with a particular focus on HTTPS in most tools. Some vulnerabilities of TLS with HTTPS are meaningless for SMTPS, due to the limits of the trust model for opportunistic TLS. Others are dependent on attack modes that are infeasible against a SMTP server.
-- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
