On Wed, Sep 28, 2022 at 06:47:39PM +0200, Lists Nethead wrote:
> >> smtpd_tls_protocols = >=TLSv1.2
> >
> > That's not the default setting.
> >
> >> smtpd_tls_exclude_ciphers = aNULL
> >
> > This is only appeases clueless auditors, in reality it is silly.
> >
> >> From what I can see, this is what they want:
> >> TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128
> >
> > What certificate did you deploy? What is the name of the server,
> > would I be able to connect to it?
>
> Hm, what is the default then?
The default is to allow TLS 1.0 or higher. If you want to be broadly
interoperable, this is the recommended setting. There is no actual risk
in SMTP from leaving TLS 1.0 enabled. When you support TLS 1.2, and
the client does too, there is no known downgrade attack to TLS 1.0.
> Yes, nh1.nethead.se and vrt.nethead.se
Your server defaults to an ECDSA P-384 certificate, the client may not
support ECDSA at all, or may not support P-384 (P-256 is a more broadly
supported choice):
$ posttls-finger -c -lmay -Lsummary "[nh1.nethead.se]"
posttls-finger: Untrusted TLS connection established
to nh1.nethead.se[5.150.237.137]:25:
TLSv1.3 with
cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519
server-signature ECDSA (P-384)
server-digest SHA384
There appears to be no additional RSA certificate configured:
$ posttls-finger -p TLSv1.2 -o tls_medium_cipherlist="aRSA" -c -lmay
-Lsummary "[nh1.nethead.se]"
posttls-finger: SSL_connect error to nh1.nethead.se[5.150.237.137]:25: -1
posttls-finger: warning: TLS library problem: error:14094410:SSL
routines:ssl3_read_bytes:sslv3 alert handshake
failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40:
$ posttls-finger -p TLSv1.2 -o tls_medium_cipherlist="aECDSA" -c -lmay
-Lsummary "[nh1.nethead.se]"
posttls-finger: Untrusted TLS connection established to
nh1.nethead.se[5.150.237.137]:25: TLSv1.2 with cipher
ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)
Your choice of private key (ECDSA P-384) is likely the problem.
--
Viktor.
