tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: openssl3+postfix issue (ca md too weak)

Manuel Bouyer wrote in
 |On Mon, Nov 13, 2023 at 10:24:56PM +0100, Steffen Nurpmeso wrote:
 |> Manuel Bouyer wrote in
 |>  <>:
 |>|I'm facing an issue with postfix+openssl3 which may be critical (dependi\
 |>|on how it can be fixed).
 |>|Now my postfix setup fails to send mails with
 |>|>From what I understood, this is the remote certificate which is not \
 |>|openssl 3 deprecated some signature algorithm, which are no longer \
 |> Isn't that just postfix config.
 |It's possible; but I didn't find anything relevant in the postfix docs
 |> Btw *i* have no problem with
 |>   smtpd_tls_ask_ccert = no
 |>   smtpd_tls_auth_only = yes
 |>   smtpd_tls_loglevel = 1
 |>   #SMART The next is usually nice but when using client certificates
 |>   smtpd_tls_received_header = no
 |>   smtpd_tls_fingerprint_digest = sha256
 |>   smtpd_tls_mandatory_protocols = >=TLSv1.2
 |>   smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
 |>   # super modern, forward secrecy TLSv1.2 / TLSv1.3 selection..
 |>   tls_high_cipherlist = EECDH+AESGCM:EECDH+AES256:EDH+AESGCM:CHACHA20
 |>   smtpd_tls_mandatory_ciphers = high
 |>   smtpd_tls_mandatory_exclude_ciphers = TLSv1
 |> ^ This works in practice without any noticeable trouble.
 |> (But then i again i do not have to make money from that or my
 |> customers who must talk to ten year old refrigerators.)
 |this is only server-side configuration; my problem is with client-side
 |rejecting the server's certificate

Well i have

  #SMART comment out next
  smtp_tls_security_level = may
  # To always go directly SMTPS/SUBMISSIONS
  #smtp_tls_wrappermode = yes
  smtp_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest
  smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
  smtp_tls_protocols = $smtpd_tls_protocols
  #SMART When only relaying to smarthost, the next should be =high _or_better_!
  smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
  smtp_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
  smtp_tls_ciphers = $smtpd_tls_ciphers
  smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
  smtp_tls_connection_reuse = yes

But if you have a problem with only one permanent remote partner
you surely want a dedicated map for that one.
Now by sheer accident i am subscribed to postfix-users for about
two years (one permanently), and in Wietse Venema answered on
March 25 this year in the thread "Re: smtp_tls_security_level per

  Use sender_dependent_default_transport_maps to choose a delivery
  agent from:

      smtp-may      unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = may }
      smtp-encrypt      unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = encrypt }
      smtp-whatever     unix  ..  ..  ..  ..  ..  smtp
          -o { smtp_tls_security_level = whatever }

  Keep in mind that SMTP is not HTTP. A destination can have multiple
  MXes, and you have no contol over TLS usage between them.

This surely can be extended to configure ciphers etc.

|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

Home | Main Index | Thread Index | Old Index