-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exim with GnuTLS #115
Comments
email is a tricky beast, as vast majority of mail servers will gladly drop down to plaintext, so disabling protocols or ciphers on port 25 (i.e. MX port) is counter productive: even 3DES in SSLv3 or anonymous Diffie-Hellman is better than plaintext... So unless you're willing to disallow plaintext communication on port 25, you shouldn't change ciphers used by exim |
Then why are there any recommendations (for OpenSSL) at all? Also, there's clients (authenticating with a password) connecting to the server. I'm going to disallow these without encryption. |
With my exim maintainer hat on, there's two very different issues (and some misinformation) here:
and 1 is in turn divided up into (a) "when using DANE so that cleartext fallback is disabled" and (b) "in the normal RFC-compliant fallback-to-cleartext" cases. The misinformation: Exim supports OpenSSL and GnuTLS. AFAIK most people building Exim for themselves seem to choose OpenSSL. On Debian and derivatives (such as Ubuntu) using GnuTLS is instead more common. So the TLS strings depend upon which SSL library is in used. For myself, I define macros For the |
Hm, I'm no wiser than before now. What is the correct config syntax for getting a recommended security with GnuTLS? I'm not building anything but use the Ubuntu distribution packages. People building stuff themselves use other distributions that are made for that. I did that many years ago but it was just way too much work to keep up with all relevant updates. Does GnuTLS understand the same config values as OpenSSL? I couldn't find any documentation about that, so it looks to me that GnuTLS is unconfigurable. Why is that even used when everybody (except the Exim developers maybe) prefers OpenSSL? |
For GnuTLS, the syntax of those strings is a "priority string": The GnuTLS docs: https://www.gnutls.org/manual/html_node/Priority-Strings.html Exim just passes the strings through to the GnuTLS library. |
OK, and which of these should I use? After all, that's the purpose of this tool. I'm not a security professional, I don't know much about the details of all these algorithms. |
If there's not an equivalent to the Mozilla ssl-config generator and you don't have the expertise to make calls, then keep it simple and avoid naming explicit ciphers. For the high-sec cases (server listening on 465/587, NOT for the MX port 25; the
Run: That would be "anything of at least 128 bits security, disabling TLS1.0 and TLS1.1". This avoids you having to get involved in deciding what is or is not secure, but involves trusting the decisions of the library maintainers. Otherwise, you use the ssl-config strings and the GnuTLS docs and spend time figuring out how well each one does or does not translate to GnuTLS. Use |
(For clarity: I am not a maintainer of the Mozilla tool, I'm an Exim maintainer and saw your issue which looking for something else) |
Strange, this command seems to include some TLS 1.0, but no TLS 1.1. Both seem to be explicitly excluded. |
@ygoe I observe the same behavior. |
@philpennock Thanks for your comments here. Are there any concrete changes we (Mozilla) should make to the Exim config to improve things? |
I am no longer an Exim maintainer. Invoking
You might want to refer people to https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html for the docs on TLS with Exim. I would definitely push for a configuration such as the Take a look over the DANE section and figure out what you want to configure for the Anything in terms of policy beyond that, I defer to the current maintainers rather than step on their toes. |
I don't see how the generator could generate anything for gnutls syntax (instead of openssl). The preference seems to provide a good baseline, forcibly removing CBC (and breaking compatibility for some I guess) TLS1.0 cyphers as well. (It provides, on my current config:
Naturally this holds ony for the gnutls-compiled versions, namely all Debian and clones. |
Yep, still broken. Can't generate config for gnutls. Happy anniversary! Technically I don't see what the problem is. Exim+gnutls uses the standard gnutls syntax and opions, using the aforementioned All the tls related config options are, for the record:
|
@grinapo Thanks for your comments here. Are there any concrete changes we (Mozilla) should make to the Exim config to improve things? |
@gene1wood Definitely. I have tried to figure out how and where you generate the specifics but run beyond my allocated timeframe, so unfortunately I cannot come up with a useful patch. Do you generate Since picking the proper crypto isn't a simple task I cannot assure that the example I have shared above is either optimal or secure, but it's probably a good starting point to test. (I believe it can be tested with GNUTLS command line utilities.) So, you should have two exim: one with openssl and one with gnutls (or, have one exim but offer two config versions, I believe that's harder to implement with the current scheme), and provide the proper |
Thanks for the details.
I see that the lighthttpd generator seems to support gnutls though it doesn't appear to manifest in the config differently than if openssl was used. Ok so it sounds like the ask is, if someone would PR an addition of Exim but with GnuTLS, potentially basing it on this block of config settings that would come into play and using Mozilla's TLS profiles as the guide for the values. |
@gene1wood The It's something the generator can't do right now, generating (As a sidenote there's currently no config with GnuTLS in place. The cipher naming is in the JSON specs so in theory this could work; in reality we don't have any feedback about real world usage of GnuTLS tuned to Mozilla SSTLS outputs. Every distro has their own defaults, and unlike OpenSSL things once disabled in GnuTLS conf then can't be re-enabled application-side in server configurations later on so e. g. you might be unable to run "old" configs completely as re-enabling old TLS versions that are disabled on OS level isn't possible.) |
Exim uses GnuTLS by default, so the OpenSSL config options do not apply. Exim does not come with any documentation about what exactly we should set in the configuration and does not recommend any security config itself. So we're left alone with this. Can you make a suggestion here?
My config still only disables SSLv3 and leaves the rest unconfigured. This might need to be updated. The GnuTLS version is 3.
The text was updated successfully, but these errors were encountered: