Increasing the Cipher Strength in Postfix 3.3.0

by Super User

nmap smtp port scan ciphers Increasing the Cipher Strength in Postfix 3.3.0In some situations, it's necessary to increase the cipher strength of the software we use, in order to meet certain compliance regulations, such as PCI/DSS and HIPPA. In order to meet these requirements, we must implement stronger TLS cipher requirements. These measures include, removing SSL and the lower versions of TLS, such as TLSv1.0.

In order to perform these operations, Postfix has flags we can enable in the main.cf file. Keep in mind, there are two different types of settings you'll see here

  • smtpd_... - refers to the server.
  • smtp_... - refers to the client.

First, we have to tell Postfix the security level we want to accept. There are two options here, smtpd_tls_security_level = may is an t optional level. It will encrypt the channel, if the client supports encryption. To make the setting mandatory, set the smtpd_tls_security_level to "encrypt" like so smtpd_tls_security_level = encrypt This tutorial deals with smtpd_tls_security_level set to "may". There are other flags to use, if you want to set the encryption level to "encrypt" Search for "mandatory" options, in the Postfix manual.

Next, let's tell the server which protocols we DON'T want it to use or accept, since this is the preferred method.

smtpd_tls_protocols = !TLSv1, !SSLv2, !SSLv3
smtp_tls_protocols = !TLSv1, !SSLv2, !SSLv3

This tells the server NOT (!) to accept TLSv1, SSLv2 and SSLv3 connections and will eliminate all the ciphers associated with them. Although you can specify which protocols to use, specifically, it's not the preferred method. You can do this by simply listing the protocols you want. For example smtpd_tls_protocols = TLSv1.3 will exclude all the other protocols and only use TLSv1.3.

Next, we want to spell out a list of ciphers we want Postfix to use. This list will be built in the tls_high_ciphers setting. Here is an example:

tls_high_cipherlist = AES256:CAMELLIA256:ARIA256:!aNULL:!eNULL

This setting tells Postfix to build the "high" ciphers list to include only AES256, CAMELLIA256 and ARIA256 encryption, with none of the anonymous ciphers. You could further force Postfix to use only SHA256 or SHA384, by appending the ciphers with the level of MAC you want to accept. This might, however, interfere with some client's ability to connect, as they may not have enough encryption abilities built in. For instance:

tls_high_cipherlist =AES256+SHA256:CAMELLIA256:ARIA256:!aNULL:!eNULL

Now we have to tell Postfix to use our newly modified list by using the smtp_tls_ciphers and smtpd_tls_ciphers parameters, in main.cf.

smtp_tls_ciphers = high
smtpd_tls_ciphers = high

Restart postfix to apply the changes by issuing the command: postfix reload or systemctl restart postfix

Now, you can test to see which ciphers the server accepts, using Nmap.

nmap --script ssl-enum-ciphers -p 587

PORT STATE SERVICE
587/tcp open submission
| ssl-enum-ciphers:
| TLSv1.1:
| ciphers:
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| TLSv1.2:
| ciphers:
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
| TLS_DHE_RSA_WITH_AES_256_CCM (dh 2048) - A
| TLS_DHE_RSA_WITH_AES_256_CCM_8 (dh 2048) - A
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
| TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 (dh 2048) - A
| TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (dh 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CCM (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CCM_8 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_ARIA_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
|_ least strength: A


Nmap done: 1 IP address (1 host up) scanned in 54.20 seconds

 

Comments? Corrections? Questions? Let us know, below.

 

Leave a comment

Comments

  • No comments found