hi,
with a recent OS upgrade, i've now
openssl --version
OpenSSL 3.5.4 30 Sep 2025 (Library: OpenSSL 3.5.4 30 Sep 2025)
noting Viktor's recent admonition
[pfx] Please ensure your servers can handle "post-quantum" STARTTLS
https://marc.info/?l=postfix-users&m=176144559012548&w=2
i first started checking through my general & app-specific openssl configs --
now for v3.5+ -- before getting to the post-quantum hardening ...
i'm interested in current statistics for ssl usage/support specifically for
smtp.
i understand it's a prior discussion topic -- for smtp, dane & ssl generally --
but the status changes;
hence, now -- post openssl v3.5 & "pre-post-quantum" -- this revisit.
starting with this slicing of what i typically think of as mostly-modern ssl
strings
_INCL_STR='ECDH@STRENGTH:EECDH@STRENGTH:HIGH:!aNULL:!eNULL:!MD5:!RC4'
_EXCL_STR='CAMELLIA|ARIA|CCM|DSS|PSK|Kx=DH'
one gets for "CipherSuites:"
openssl ciphers -v "${_INCL_STR}" \
| grep -Evi "${_EXCL_STR}" \
| grep -E "TLSv1.3"
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any
Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any
Enc=AESGCM(256) Mac=AEAD
and for "CipherStrings:"
openssl ciphers -v "${_INCL_STR}" \
| grep -Evi "${_EXCL_STR}" \
| grep -E "TLSv1.2" \
| awk '{print $1}' \
| sort
AES128-GCM-SHA256
AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-CHACHA20-POLY1305
inasmuch as it's accurate (? hmmm), mozilla's
Postfix 3.10.5, OpenSSL 3.5.0, intermediate config
https://ssl-config.mozilla.org/#server=postfix&version=3.10.5&config=intermediate&openssl=3.5.0&guideline=5.7
recommended postfix CipherString consists of
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-CHACHA20-POLY1305
and pfx itself
postconf mail_version
mail_version = 3.10.5
postconf -d | grep -E "mandatory_exclude|mandatory_cipher"
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_exclude_ciphers =
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers =
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers =
tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
tlsproxy_tls_mandatory_exclude_ciphers =
$smtpd_tls_mandatory_exclude_ciphers
postconf -d tls_medium_cipherlist
tls_medium_cipherlist =
aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH
where
_INCL_STR_PFX=$(postconf -d tls_medium_cipherlist | awk '{print $3}')
openssl ciphers -v "${_INCL_STR_PFX}" \
| grep -E "TLSv1.2" \
| sort
is a much longer list of 77 ciphers ...
generally, for my usage, i'll config system openssl with the first list above.
for smtp, i'm trying to get a sense for what are the current real world stats
for sane acceptance/rejection rates.
i'll decide my _policy_ later ...
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
