-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Drop support for deprecated TLS versions #2945
chore: Drop support for deprecated TLS versions #2945
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍🏼
For those who are interested, here is a bash one-liner to check
or to check all mail logs, including gziped ones:
This gives an output like this:
Shodan & Internet.nl are internet scanner and can be ignored. |
Removes support of the following cipher suites that are only valid for TLS 1.0 + 1.1: - `ECDHE-ECDSA-AES128-SHA` - `ECDHE-RSA-AES128-SHA` - `ECDHE-ECDSA-AES256-SHA` - `ECDHE-RSA-AES256-SHA` - `DHE-RSA-AES128-SHA` - `DHE-RSA-AES256-SHA`
These are now the same as modern settings.
No longer required now that outdated TLS versions have been dropped.
The removed SHA1 cipher suites are still supported in TLS 1.2, thus they've been excluded for port 25 via the `SHA1` exclusion pattern in `main.cf`.
e3a3afe
to
1bc5c5f
Compare
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
…er-mailserver#2945)" Partial revert "4dda5f8b1ff66cdc4d1adbd3b0de3c8e82db1af9"
@miles170 I see that you're reverting the changes from this PR while rebasing to new releases with a commit reference adding the noise above. I'd rather hear about your need for that so we're better aware of it and can support the functionality without you needing to carry the patch.
Our "intermediate" security level I don't think I've altered like the "modern" level when I did an audit due to reviewer concerns at the time. I have considered dropping the "intermediate" level in future but I'm still open towards replacing it with a "legacy" security level for those preferring broader compatibility over what is considered secure (the dropped ciphers from this PR have some security concerns, but mostly regarding CBC prior to TLS 1.2). |
Sorry for the noise. I'm currently facing an issue where some of our legacy Windows 7 systems are unable to use TLSv1.2 and can only use TLSv1 (we cannot update the Microsoft-provided packages). |
No worries, was just concerned about the why :)
Good to know thanks 👍 So to confirm this is for internal systems you manage where you're more concerned about connections to DMS on ports that are enforcing a secure connection, not third-party inbound/outbound traffic on port 25? Just trying to understand the remaining scenarios where reducing the security of TLS is still necessary.
|
Yes, and legacy internal systems need to communicate with ports 587 and 993 via TLSv1.
The
This tradeoff is very reasonable and acceptable, but it is not clear whether the semi-ok cipher suites can be used on Windows 7. |
Great!
Oh you're fine! 👍 The "semi-ok" cipher suites I was referring to are listed at the top of this PR and part of what you reverted. With our They should still be available if the other maintainers approve of the proposal. If anything, less secure ciphers may become available which would be the tradeoff, but as it's internal traffic only connecting this that shouldn't be an issue. Alternative workaround -
|
Mhh, this is a difficult one. I absolutely understand the issue at hand, but I am also not a fan of bending software to such "edge cases". Whether it actually is "edge" I am not sure. If the implementation is not too big and easily maintainable, then I see no issue; otherwise, I'd prefer |
It mostly would just replace / deprecate |
Description
As per the relevant deprecation notice (since July), TLS 1.0 and 1.1 have finally been deprecated by RFC 8896 (Mar 2021).
Support has been dropped from DMS. TLS 1.2 is the new minimum version supported.
Closes #2679
Removes support of the following cipher suites:
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES256-SHA
DHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
Impact:
TLS_LEVEL=intermediate
).main.cf
adds an additional exclude pattern (SHA1
) to prevent these cipher suites from being offered on port 25 (uses Postfixmedium
cipher list minus excluded cipher suites). This was required as the cipher suites are still part of TLS 1.2, but are no longer being supported due to the MAC being SHA1 (see cipher suite links for more details).user-patches.sh
.Type of change
Checklist: