On Sun, Mar 19, 2023 at 11:37:57PM +1300, Peter via Postfix-users wrote: > On 19/03/23 12:13, Steffen Nurpmeso via Postfix-users wrote: > > |> smtpd_tls_protocols = $smtpd_tls_mandatory_protocols > > | > > |This will simply result in clients that can't support at least TLSv1.2 > > |connecting in plain text instead. So rather than having (arguably not > > |so) poor encryption for those client you would rather have no encryption > > |at all? This does not make any sense. > > > > There is none. I have looked, there is only a single server of > > value, and it does not even try starttls. (And he won the USENIX > > Flame award.) > > Assuming you are correct then you still gain nothing with this setting, > and if you are not correct then it will cause you to downgrade potential > encrypted connections to plain text. I know someone will likely argue > with me, but I can really think of no valid reason to set this.
Once clients capable of only TLSv1 become an exotic rarity, one might in principle be prudent to disable it in order to reduce the "attack surface" and thwart "cross-protocol" attacks. This is why we disable especially SSL 2.0 and also SSL 3.0. However, the protocol differences between TLS 1.0 and TLS 1.2 are much less significant. There are no known MiTM downgrade attacks that can cause a client and server that are both capable of TLS 1.2 to negotiate TLS 1.0, and no "cross-protocol" attacks, the two protocols are essentially identical (just more negotiable features and ciphers in TLS 1.2). Therefore, particularly opportunistic TLS, which falls back to cleartext when TLS connections fail, does not gain security by disabling TLS 1.0 while there still exists a non-negligible population of TLS 1.0-only peers. So the key question is whether the number of TLS 1.0-only SMTP systems has become "negligible" or not. That judgement may vary from site to site. So it is neither compelling nor necessarily wrong to disable TLS 1.0, do it if you have good reason to not expect legitimate TLS 1.0 traffic, don't if you still see some, or are not sure. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org