Re: openssl3+postfix issue (ca md too weak)

[Steffen Nurpmeso <steffen%sdaoden.eu@localhost>]

Manuel Bouyer wrote in
 <ZVKXHU06IovpfKIt%antioche.eu.org@localhost>:
 |On Mon, Nov 13, 2023 at 10:24:56PM +0100, Steffen Nurpmeso wrote:
 |> Manuel Bouyer wrote in
 |>  <ZVJ6LIrEPxlCEbNB%antioche.eu.org@localhost>:
 |>|Hello
 |>|I'm facing an issue with postfix+openssl3 which may be critical (dependi\
 |>|ng
 |>|on how it can be fixed).
 |>|
 |>|Now my postfix setup fails to send mails with
 ...
 |>|>From what I understood, this is the remote certificate which is not \
 |>|>accepted:
 |>|openssl 3 deprecated some signature algorithm, which are no longer \
 |>|accepted
 ...
 |> Isn't that just postfix config.
 |
 |It's possible; but I didn't find anything relevant in the postfix docs
 |
 |> Btw *i* have no problem with
 |> 
 |>   smtpd_tls_ask_ccert = no
 |>   smtpd_tls_auth_only = yes
 |>   smtpd_tls_loglevel = 1
 |>   #SMART The next is usually nice but when using client certificates
 |>   smtpd_tls_received_header = no
 |>   smtpd_tls_fingerprint_digest = sha256
 |>   smtpd_tls_mandatory_protocols = >=TLSv1.2
 |>   smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
 |>   # super modern, forward secrecy TLSv1.2 / TLSv1.3 selection..
 |>   tls_high_cipherlist = EECDH+AESGCM:EECDH+AES256:EDH+AESGCM:CHACHA20
 |>   smtpd_tls_mandatory_ciphers = high
 |>   smtpd_tls_mandatory_exclude_ciphers = TLSv1
 |> 
 |> ^ This works in practice without any noticeable trouble.
 |> (But then i again i do not have to make money from that or my
 |> customers who must talk to ten year old refrigerators.)
 |
 |this is only server-side configuration; my problem is with client-side
 |rejecting the server's certificate

Well i have

  #SMART comment out next
  smtp_tls_security_level = may
  # To always go directly SMTPS/SUBMISSIONS
  #smtp_tls_wrappermode = yes
  smtp_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest
  smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
  smtp_tls_protocols = $smtpd_tls_protocols
  #SMART When only relaying to smarthost, the next should be =high _or_better_!
  smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
  smtp_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
  smtp_tls_ciphers = $smtpd_tls_ciphers
  smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
  smtp_tls_connection_reuse = yes

But if you have a problem with only one permanent remote partner
you surely want a dedicated map for that one.
Now by sheer accident i am subscribed to postfix-users for about
two years (one permanently), and in
4PkSdg3w7vzJrP3%spike.porcupine.org@localhost Wietse Venema answered on
March 25 this year in the thread "Re: smtp_tls_security_level per
user"

  Use sender_dependent_default_transport_maps to choose a delivery
  agent from:

  /etc/postfix/master.cf:
      smtp-may      unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = may }
      smtp-encrypt      unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = encrypt }
      smtp-whatever     unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = whatever }

  Keep in mind that SMTP is not HTTP. A destination can have multiple
  MXes, and you have no contol over TLS usage between them.

This surely can be extended to configure ciphers etc.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)