On Wed, Jul 12, 2023 at 10:09:34AM +0200, Paul Menzel via Postfix-users wrote:
> The Internet.nl email test, reports for molgen.mpg.de [1]: Their criteria are cranked up to 11. Do not attempt to get a 100% score from their site. It will be counterproductive (reduce security) by making it difficult for some sites to negotiate an adequately secure connection. See <https://datatracker.ietf.org/doc/html/rfc7435>. > > Key exchange parameters > > > > Verdict: At least one of your mail servers supports insufficiently > > secure parameters for Diffie-Hellman key exchange. > > > > Technical details: > > > > c1241.mx.srv.dfn.de. DH-2048 insufficient > > b1241.mx.srv.dfn.de. DH-2048 insufficient > > a1241.mx.srv.dfn.de. DH-2048 insufficient This is misguided. If 2048-bit RSA root CAs are good enough for WebPKI, system software updates, ... then 2048-bit DH parameters are also good enough for opportunistic TLS in SMTP. > The test seems to follow Dutch recommendations: The recommendations are much too strict. > Postfix’ *TLS Forward Secrecy in Postfix* [4] says: > > > Postfix ≥ 3.1 supports 2048-bit-prime FFDHE out of the box, with no > > additional configuration. > > Where in the code would I find the key material? `tlsproxy/tlsproxy.c` > calls `TLS_SERVER_INIT()`, and `tls_server_init()` in `tls/tls_server.c` > contains: With sufficiently recent Postfix releases, just leave the dh parameters unset, and Postfix will choose an appropriate good based on the rest of handshake parameters (TLS 1.2) or as offered by the peer (TLS 1.3). The explicit "auto" setting is equivalent to empty: smtpd_tls_dh1024_param_file = auto -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
