[pfx] Re: tls_high_cipherlist parameter

Mon, 01 May 2023 07:10:47 -0700 

On Mon, May 01, 2023 at 11:01:56AM +0200, Bernardo Reino via Postfix-users 
wrote:

> > Sadly, the documentation lacks specificness, and the output spit out about 
> > 500 lines, so I am not sure what I am suppose to be looking at.
> 
> postconf -d will print all the (default) settings, you can use grep to filter 
> the specific line you're looking for.

No need for grep (output for Postfix 3.8):

    $ postconf -d tls_high_cipherlist
    tls_high_cipherlist = 
aNULL:-aNULL:HIGH:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:@STRENGTH

  or,

    $ postconf -dhx tls_high_cipherlist
    
aNULL:-aNULL:HIGH:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:@STRENGTH

  which then makes it possible to, for example, list the ciphers that
  could be used when TLS 1.2 is negotiated):

    $ openssl ciphers -v -tls1_2 -s "$(postconf -dhx tls_high_cipherlist)"
    ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) 
Mac=AEAD
    ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) 
Mac=AEAD
    DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) 
Mac=AEAD
    ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
    ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  
Enc=CHACHA20/POLY1305(256) Mac=AEAD
    ...

However, the advice in the documentation to NOT tinker with the
"tls_*_cipherlist" settings should not be taken lightly.  A common
rookie mistake is to cut/paste a cipherlist recommended in some random
HOWTO, and assume that using that particular cipherlist will improve
"security".  The various HOWTO's that recommend an explicit list of
concrete ciphers are all wrong, and their notion of "security" maps
poorly onto opportunistic TLS.

I repeat: DO NOT tinker with the "tls_*_cipherlist" parameters, they're
for emergency use only, in case many years after initial release some
new surprise vulnerability makes it necessary to fine-tune the list.  If
that should some day happen, we'll update the documentation and post a
message to the list.  For now, let the defaults stand.

If some test you run against your server tells you that your server uses
insecure cipher settings, and you haven't changed the Postfix defaults,
the problem is a misguided test, not incorrect settings.

-- 
    Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to