Hi Jasper
On Tue, Feb 21, 2023 at 08:40:06AM +0100, Jasper Spaans via mailop wrote:
> At StartMail we've recently changed our incoming MXes to only allow
> TLSv1.2 and 1.3 on incoming connections - but because there are still
> some legitimate sources of mail that only support TLSv1 or 1.1 we've set
> up a fallback mx that also supports TLSv1 and TLSv1.1.
Could you explain what you think you gain from restricting TLSv1? I
don't think you restrict unencrypted connections? So it can't be
downgrade attacks, as unencrypted is the ultimate downgrade attack.
> The idea here is that an outdated (or misconfigured) server tries to
> connect to our regular MXes, fails to negotiate in the starttls phase
> and then retries with a lower priority server which does allow a
> successful starttls negotiation.
I see four MX, aka at least eight address records (A and AAAA). This is
more then for example Postfix is willing to use. The default is set to
five.
I know someone who tried something similar:
- four MX
- only the last two reachable on the public internet
They lost quite some e-mail.
> This fallback MX however is not listed in our MTA-STS thing nor does it
> have DANE records, so sending parties that care about that should not
> connect to it and are not exposed to the dangers of downgrade attacks.
Both DANE and MTA-STS require the enforcement of modern encryption and
authentication on _client side_, so servers are not involved into
enforcing them.
But now you have MX, which look like they don't belong there. We don't
monitor that, but those who do will now consider your domains insecure,
because someone intercepts stuff.
> Parties that don't care about DANE/MTA-STS but do support modern TLS may
> be tricked into connecting to the backup mx and be at risk of a
> downgrade attack, but if you ask me, that is a small price to pay for
> allowing people with outdated stacks to use any form of TLS instead of
> having to fall back to plaintext.
If an attacker can downgrade, then it can downgrade to plaintext without
anyone noticing. So again, no gain.
> Did we miss something or should I start chasing down folks to improve
> their tools?
Maybe you should describe where the RFC explicitly tells that you are
allowed to do that. They are usually written in a way that assumes
equal management through out the fleet.
Bastian
--
... The prejudices people feel about each other disappear when they get
to know each other.
-- Kirk, "Elaan of Troyius", stardate 4372.5
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
