mozilla / ssl-config-generator

Mozilla SSL Configuration Generator
https://ssl-config.mozilla.org/
Mozilla Public License 2.0
374 stars 60 forks source link

Postfix config misses smtp_* parameters and includes several default settings #114

Open gsauthof opened 4 years ago

gsauthof commented 4 years ago

Take this generated config: https://ssl-config.mozilla.org/#server=postfix&version=3.5.6&config=intermediate&openssl=1.1.1g&guideline=5.6

The following values are already Postfix defaults:

smtpd_tls_mandatory_ciphers = medium
tls_preempt_cipherlist = no

I've checked the Postfix documentation and postconf -d output on Fedora 32.

Then there are some settings for when doing mandatory TLS, i.e.

smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_mandatory_ciphers = medium

although mandatory TLS isn't configured - cf. the smtpd_tls_security_level = may line which configures opportunistic TLS. Thus, those options aren't effective here.

On the other hand, the sister options for opportunistic TLS are missing, i.e. this one is missing:

smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1

Also, the generated config only includes smtpd_* options and no smtp_* variants. Note that opportunistic TLS also makes sense when the mail server is sending mail, i.e. e.g. when SMTP relaying mail to a destination server. Thus, the config is missing at least the following smtp options:

smtp_tls_security_level = may
smtp_tls_protocols  = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
DG1000 commented 4 years ago

I agree. I just updated my configuration and was wondering why the smtp_* variants are missing.

polarathene commented 9 months ago
Regarding cipher selection I would imagine that `smtp_*` aren't set as delivery via port 25: - Is expected to support plain-text if STARTTLS is unable to establish a secure connection. - Nor is a secure connection to the MTA necessarily secure throughout the full transit to the recipient as there may be other hops involved afterwards out of your influence. If you choose to restrict the ciphers that could be used, the fallback thus is to continue the connection and deliver without any encryption. For connections to a relay host like SendGrid you may prefer to set the security level to `encrypt` instead of `my` to avoid plain-text, then it is up to SendGrid from then on which will probably be much more relaxed. Ideally you'd also relay over implicit TLS (port 465) instead of opportunistic (port 587).

Note:


The following values are already Postfix defaults:

smtpd_tls_mandatory_ciphers = medium
tls_preempt_cipherlist = no

It's ok to be explicit with security settings that are still the defaults. A user may be applying the suggested config to an already configured instance where these may have been configured differently by mistake or intentionally.

IIRC:

While mandatory ciphers is set to medium, some may adjust this to high to alter the high cipher list if they customize the cipher list (against the advice of Postfix). Which can be useful when you use a security level of encrypt.

The config only focuses on main.cf, and not master.cf where the submission(s) ports will apply their overrides for the additional security expectations. smtpd_tls_auth_only = yes presently used in the generator shouldn't be relevant if port 25 doesn't offer SASL auth (which it shouldn't, but you do see this in the wild), it's implicit when using a security level of encrypt, by default SASL auth is disabled as per smtpd_sasl_auth_enable.

smtpd_tls_exclude_ciphers can be relevant when you're comfortable dismissing the official Postfix docs advice to avoid configuring it. DMS sets this (see git blame history for reference, this explains SEED / CAMELLIA, and this for SHA1).