On Sat, Aug 12, 2023 at 09:47:57AM -0400, pgnd via Postfix-users wrote:
> postconf mail_version
> mail_version = 3.8.1
As background, the RELEASE_NOTES for 3.8 mention:
- Postfix default settings now exclude the following deprecated or
unused ciphers (SEED, IDEA, 3DES, RC2, RC4, RC5), digest (MD5),
key exchange algorithms (DH, ECDH), and public key algorithm
(DSS).
> postfix/psint/smtpd[27820]:
> esa.hc2802-61.iphmx.com[139.138.32.157]: TLS cipher list
>
> "aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH:!aNULL"
Which is most of the above, but you also disable aNULL, which though
unrelated to the problem, is counter-productive. Let the checklists
give you a lower score for this, they're all wrong:
https://datatracker.ietf.org/doc/html/rfc7672#section-8.2
> Handshake type: 01 (Client Hello)
> Length: 00 00 9c (156)
> Version: 03 03 (TLS 1.2)
> Random: 7fbaca0fba3b79079e6a72e14386d52b89659fa1756b243e2b84673ad8faa72a
> Session ID length: 00 (0)
> Cipher Suites length: 00 2e (46)
> 0xC0,0x30 1 ECDHE-RSA-AES256-GCM-SHA384 Au=RSA
> 0xC0,0x28 2 ECDHE-RSA-AES256-SHA384 Au=RSA
> 0xC0,0x14 3 ECDHE-RSA-AES256-SHA Au=RSA
> 0x00,0x9F 4 DHE-RSA-AES256-GCM-SHA384 Au=RSA
> 0x00,0x6B 5 DHE-RSA-AES256-SHA256 Au=RSA
> 0x00,0x39 6 DHE-RSA-AES256-SHA Au=RSA
> 0x01,0x88 7 ???
> 0x00,0x9D 8 AES256-GCM-SHA384 Au=RSA
> 0x00,0x3D 9 AES256-SHA256 Au=RSA
> 0x00,0x35 10 AES256-SHA Au=RSA
> 0x00,0x84 11 CAMELLIA256-SHA Au=RSA
> 0xC0,0x2F 12 ECDHE-RSA-AES128-GCM-SHA256 Au=RSA
> 0xC0,0x27 13 ECDHE-RSA-AES128-SHA256 Au=RSA
> 0xC0,0x12 14 ECDHE-RSA-DES-CBC3-SHA Au=RSA
> 0x00,0x9E 15 DHE-RSA-AES128-GCM-SHA256 Au=RSA
> 0x00,0x67 16 DHE-RSA-AES128-SHA256 Au=RSA
> 0x00,0x33 17 DHE-RSA-AES128-SHA Au=RSA
> 0x00,0x45 18 DHE-RSA-CAMELLIA128-SHA Au=RSA
> 0x00,0x9C 19 AES128-GCM-SHA256 Au=RSA
> 0x00,0x3C 20 AES128-SHA256 Au=RSA
> 0x00,0x2F 21 AES128-SHA Au=RSA
> 0x00,0x40 22 DHE-DSS-AES128-SHA256 Au=DSS
> 0x00,0xFF 23 TLS_EMPTY_RENEGOTIATION_INFO_SCSV
> ...
All the ciphersuites offered except one (DSS) are RSA.
> i've been dialing up logging, and dialing down sec levels, trying to
> figure out what specific cipher from the sender's server is causing
> the problem, not being offered/found, etc.
Less verbose logging, and a PCAP capture of an attempted TLS handshake
would have been more useful. My money is on an ECDSA server
certificate, which is still a bit too "exotic" for some older SMTP
clients.
> currently / so far, this server's config is
>
> $ postconf -n | grep -i tls | grep -i cipher
> smtp_tls_exclude_ciphers = EXP, LOW, MEDIUM, aNULL, eNULL, SRP, PSK,
> kDH, DH, kRSA, DHE, DSS, RC4, DES, IDEA, SEED, ARIA, CAMELLIA,
> AESCCM8, 3DES, ECDHE-ECDSA-AES256-SHA384,
> ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384,
> ECDHE-RSA-AES128-SHA256, MD5, SHA
Though not relevant for the SMTP server, just stick with the defaults,
the above hodge-podge just leads to more email going out in the clear.
--
Viktor.
P.S. I don't see where the '!aNULL' came from. Do you have
"smtpd_tls_ask_ccert = yes" in master.cf? Or some other reason why
anonymous DH ciphers would have been excluded?
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
