drop legacy, export-grade, and anonymous ciphers from SMTP (port 25, opportunistic)

Even though SMTP (on port 25) is typically opportunistic and a MitM attack can't be prevented, we may as well only offer ciphers that provide some level of security. If a client is so old or misconfigured that it doesn't support newer ciphers, it should hopefully fall back to a non-TLS connection.

Postfix's default was basically anything goes (anonymous and 40-bit ciphers!). Google's MTA's only offer ciphers at 112 bits at greater, and this change approximates that with Postfix's "medium" setting.

Fixes #371
This commit is contained in:
Joshua Tauberer 2015-05-05 23:50:07 +00:00
parent 8c6363f792
commit 7ca42489ae
1 changed files with 2 additions and 0 deletions

View File

@ -94,6 +94,8 @@ tools/editconf.py /etc/postfix/main.cf \
smtpd_tls_cert_file=$STORAGE_ROOT/ssl/ssl_certificate.pem \
smtpd_tls_key_file=$STORAGE_ROOT/ssl/ssl_private_key.pem \
smtpd_tls_dh1024_param_file=$STORAGE_ROOT/ssl/dh2048.pem \
smtpd_tls_ciphers=medium \
smtpd_tls_exclude_ciphers=aNULL \
smtpd_tls_received_header=yes
# Prevent non-authenticated users from sending mail that requires being