Mailcow-dockerized: Disable TLSv1.0 and Disable Cipher

Disabling TLS 1.0 would cause issue for older browsers that don't support it e.g. IE 8, 9, 10 in Windows 7 got version higher than TLS 1.0 disabled by default, IE 7, 8, 9 in vista can't do TLS 1.1, none of the IE version for XP can do TLS 1.1.

https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers

Nist might of claimed they disabled it on there website but they haven't anyway https://www.ssllabs.com/ssltest/analyze.html?d=www.nist.gov&s=54.225.149.38&hideResults=on&latest

Not the Webserver.
I mean for postfix.

Am 12. September 2017 15:56:03 MESZ schrieb James Smith notifications@github.com:

Disabling TLS 1.0 would cause issue for older browsers that don't
support it e.g. IE 8, 9, 10 in Windows 7 got version higher than TLS
1.0 disabled by default, IE 7, 8, 9 in vista can't do TLS 1.1, none of
the IE version for XP can do TLS 1.1.

https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers

Nist might of claimed they disabled it on there website but they
haven't anyway
https://www.ssllabs.com/ssltest/analyze.html?d=www.nist.gov&s=54.225.149.38&hideResults=on&latest

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328860728

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

Ah ok am not too sure what the TLS support is like on older email client's.

I'm not sure. Connections may be downgraded to no ssl when TLS 1.0 is not available. And a bad encryption is still better than no encryption. Well, sometimes. :)

Am 12.09.2017 um 16:28 schrieb Malte Kiefer notifications@github.com:

Not the Webserver.
I mean for postfix.

Am 12. September 2017 15:56:03 MESZ schrieb James Smith notifications@github.com:

Disabling TLS 1.0 would cause issue for older browsers that don't
support it e.g. IE 8, 9, 10 in Windows 7 got version higher than TLS
1.0 disabled by default, IE 7, 8, 9 in vista can't do TLS 1.1, none of
the IE version for XP can do TLS 1.1.

https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers

Nist might of claimed they disabled it on there website but they
haven't anyway
https://www.ssllabs.com/ssltest/analyze.html?d=www.nist.gov&s=54.225.149.38&hideResults=on&latest

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328860728

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

The same response was saying when SSLv3 where hit. So I think it would be a good idea to deactivate TLSv1.0.

Am 12. September 2017 16:33:58 MESZ schrieb "André Peters" notifications@github.com:

I'm not sure. Connections may be downgraded to no ssl when TLS 1.0 is
not available. And a bad encryption is still better than no encryption.
Well, sometimes. :)

Am 12.09.2017 um 16:28 schrieb Malte Kiefer
notifications@github.com:

Not the Webserver.
I mean for postfix.

Am 12. September 2017 15:56:03 MESZ schrieb James Smith
notifications@github.com:

Disabling TLS 1.0 would cause issue for older browsers that don't
support it e.g. IE 8, 9, 10 in Windows 7 got version higher than TLS
1.0 disabled by default, IE 7, 8, 9 in vista can't do TLS 1.1, none
of
the IE version for XP can do TLS 1.1.

https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers

Nist might of claimed they disabled it on there website but they
haven't anyway

https://www.ssllabs.com/ssltest/analyze.html?d=www.nist.gov&s=54.225.149.38&hideResults=on&latest
>

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:

https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328860728

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328871918

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

Actually, all supported clients nowadays support TLS 1.2. Windows XP, Vista, IE 10 and lower and Android 2.3 and lower are all long out of support. So it's safe to require TLS 1.2 on any client-facing service (Web, IMAP, SMTP on port 587/465). Older clients would then show a TLS error, but they might do that already because they might not support Server Name Indication or have the Let's Encrypt root CA.

Postfix on port 25 is a different matter though. There are still many mail servers out there that only support TLS 1.0 (CentOS 6 comes to mind), so those would be downgraded to unencrypted connections (if they encrypt opportunistically) or fail to deliver at all (if they support DANE, which is highly unlikely on such old platforms).

So we should hold off requiring TLS 1.2 on port 25, at least until CentOS 6 goes out of support or until a viable downgrade attack becomes known. Even though TLS 1.0 is being deprecated, I don't think there are any downgrade attacks yet that pose a serious threat.

OK but then we should update nginx and apache config to use the new TLS protocol.

Am 12. September 2017 18:15:51 MESZ schrieb Michael Kuron notifications@github.com:

Actually, all supported clients nowadays support TLS 1.2. Windows XP,
Vista, IE 10 and lower and Android 2.3 and lower are all long out of
support. So it's safe to require TLS 1.2 on any client-facing service
(Web, IMAP, SMTP on port 587/465). Older clients would then show a TLS
error, but they might do that already because they might not support
Server Name Indication or have the Let's Encrypt root CA.

Postfix on port 25 is a different matter though. There are still many
mail servers out there that only support TLS 1.0 (CentOS 6 comes to
mind), so those would be downgraded to unencrypted connections (if they
encrypt opportunistically) or fail to deliver at all (if they support
DANE, which is highly unlikely on such old platforms).

So we should hold off requiring TLS 1.2 on port 25, at least until
CentOS 6 goes out of support or until a viable downgrade attack becomes
known. Even though TLS 1.0 is being deprecated, I don't think there are
any downgrade attacks yet that pose a serious threat.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328903505

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

XP supports 1.2? Crazy. With which ciphers?

Let us keep it for a while. I'm fine with it on submission ports and Nginx. But please test it before creating a PR. And comment the changes, please. The last ssl fix broke Nginx. :-)

Am 12.09.2017 um 18:19 schrieb Malte Kiefer notifications@github.com:

downgraded

XP doesn't support TLS 1.2. but it's been out of support for three years, so nobody should care anymore.

Vista too

Am 12. September 2017 18:37:59 MESZ schrieb Michael Kuron notifications@github.com:

XP doesn't support TLS 1.2. but it's been out of support for three
years, so nobody should care anymore.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328910605

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

You think this is a reliable source? => https://cipherli.st/

I am not up to date with ciphers.

I tested it with https://www.hardenize.com , Kuketz Blog wrote about it.

Am 12. September 2017 19:03:36 MESZ schrieb "André Peters" notifications@github.com:

You think this is a reliable source? => https://cipherli.st/

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328918226

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

You think this is a reliable source? => https://cipherli.st/

That list is suspiciously short. I find it hard to believe that three ciphers are sufficient to support all possible clients.

What you guys think about Bettercrypto?

Am 12. September 2017 19:58:17 MESZ schrieb Michael Kuron notifications@github.com:

You think this is a reliable source? => https://cipherli.st/

That list is suspiciously short. I find it hard to believe that three
ciphers are sufficient to support all possible clients.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-328933204

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

I tend to use these for cipher lists:

• https://wiki.mozilla.org/Security/Server_Side_TLS
• https://mozilla.github.io/server-side-tls/ssl-config-generator/

I think the Mozilla "modern" compatibility would be fine for Nginx and I'd suggest it probably makes sense to switch to using ECC certs as well.

For authenticated SMTP and IMAP I'd suggest something like the "Intermediate" list and for unauthenticated SMTP something like the "Old" list and RSA certs -- there are lots of old mail servers out there...

You think this is a reliable source? => https://cipherli.st/

for me yes, I use that list on production servers for a few years without issues. But I'm in Europe, can't tell about third world software diversity.

I have updated https://cipherlist.st nginx config, they pushed it today.
So there are a little bit more cipher.

Am 13. September 2017 08:58:03 MESZ schrieb marrco notifications@github.com:

You think this is a reliable source? => https://cipherli.st/

for me yes, I use that list on production servers for a few years
without issues. But I'm in Europe, can't tell about third world
software diversity.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/mailcow/mailcow-dockerized/issues/587#issuecomment-329076908

--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

For the smtp submission part do not forget all the IOT out there still using deprecated TLS...

(see 0cf22b6)

@Skydiver84de, there will still be outdated IoT devices in 10 years. The day will come when TLS 1.0 is broken (and probably a lot sooner than in 10 years) and we need to switch it off. So you should start using unencrypted connections for them. Mailcow currently prohibits unencrypted connections, but you should be able to easily add a switch to allow them for individual accounts. Pull requests are appreciated.

@mkuron I agree in all aspects :-)

Cool idea to have a separated account for unencrypted submission for IoT. Will have to think about how to implement it.

Guys status on this?
TLSv1.0 is still active

Any news on this? PCI also removes tls1.0 from their specs
https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

Why was this closed without comment? TLS 1.0 and 1.1 is being depreciated by pretty much every vendor in March 2020 at the latest. There's no good reason to continue supporting it.

There is a newer ticket about it, #3127.

It is a sticky issue.

There are good reasons.

We will disable it around the same time.