On Tue, Nov 14, 2023 at 02:39:53AM +0000, Taylor R Campbell wrote: > [trimming tech-crypto from cc because this is a policy and > configuration issue, not a cryptography issue] > > > Date: Mon, 13 Nov 2023 20:34:04 +0100 > > From: Manuel Bouyer <[email protected]> > > > > I'm facing an issue with postfix+openssl3 which may be critical (depending > > on how it can be fixed). > > > > Now my postfix setup fails to send mails with > > Nov 13 20:20:53 comore postfix/smtp[6449]: warning: TLS library problem: > > error:0A00018E:SSL routines::ca md too > > weak:/usr/src/crypto/external/bsd/openssl/dist/ssl/statem/statem_lib.c:984: > > 1. This says `warning'; does the mail actually fail to go through, or > are you just alarmed by the warning?
it fails: Nov 13 20:21:48 comore postfix/smtp[4182]: warning: TLS library problem: error:0A00018E:SSL routines::ca md too weak:/usr/src/crypto/external/bsd/openssl/dist/ssl/statem/statem_lib.c:984: Nov 13 20:21:48 comore postfix/smtp[4182]: D2EF31805C: to=<[email protected]>, relay=mail.soc.lip6.fr[132.227.86.2]:465, delay=1441, delays=1441/0.05/0.02/0, dsn=4.7.5, status=deferred (Cannot start TLS: handshake failure) > > 2. Can you describe your mail topology? This is a simple mail client (my laptop); outgoing emails go through 2 mails servers (depending on the from, and a relay map). Both mail servers requires SMTP AUTH (which is why I enforce smtp_tls_security_level = verify), configured as: smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/home/bouyer/.postfix/sasl_passwd smtp_sasl_security_options = noanonymous > > 3. Can you describe the postfix configuration on every node involved > in the topology? the mails servers this client talks to are both running sendmail, on netbsd-9 > 4. Can you share master.cf on every node involved if it's not the > default? on the client master.cf is the default, with this additional line: relay-smtps unix - - n - - smtp # Client-side SMTPS requires "encrypt" or stronger. -o smtp_tls_security_level=verify -o smtp_tls_wrappermode=yes -o smtp_starttls_timeout=60 -o smtp_helo_timeout=60 > > 5. If you connect to the server with `openssl s_client', what happens? It works: openssl s_client -connect mail.soc.lip6.fr:465 -verify_return_error [...] Start Time: 1699948718 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK 220 asim.lip6.fr ESMTP Sendmail 8.15.2/8.15.2; Tue, 14 Nov 2023 08:58:37 +0100 (MET) Also, tnftp talking to a web server with the exact same certificate and certificate chain has no problem either This is one of the thing I have a hard time to understand: why can't I reproduce this error with other TLS client ? > > > So, as far as I understand, we end up with a postfix installation which > > can't talk to servers with valid certificates. > > Unless anything has changed in the past couple years, I don't think > there is any widespread deployment of SMTP TLS server authentication > that means anything for general MTAs -- at best, TLS in SMTP serves as > opportunistic encryption to defend against passive eavesdroppers. There is actually, for SMTP AUTH And I don't think using an MTA for SMTP AUTH is that unusual -- Manuel Bouyer <[email protected]> NetBSD: 26 ans d'experience feront toujours la difference --
