[exim] Problem disabling SSLv3 ciphers on Exim 4.72 to deal …

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: TPCexim
Ημερομηνία:  
Προς: exim-users
Υ/ο: TPXexim
Αντικείμενο: [exim] Problem disabling SSLv3 ciphers on Exim 4.72 to deal with Poodle vunerability (CVE-2014-3566)
Dear All,
    I have been going round and round in circles trying to do this :-{. I have tried lots of different incantations using tls_require_ciphers but without success.  
My exim which came ready built in an RPM is linked with OpenSSL rather than GnuTLS. I am using 'nmap --script ssl-enum-ciphers -p 465' to see what ciphers are offered.


Without a tls_require_ciphers statement I get the following protocols offered; SSLv3, TLSv1.0, TLSv1.1, TLSv1.2; each with at least 13 ciphers included. Ideally I would
like to just eliminate all the SSLv3 ones. The closest I have been able to come to doing this is to get only TLSv1.2 protocol with the following four ciphers
(TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only). External relay machines
delivering mail (eg. Microsoft's FOPE servers) do not find an acceptable choice amongst these.

I am at a loss to know why 'tls_require_ciphers = All:!SSLv2:!SSLv3' does not do what I want. It just results in no ciphers being offered.

Below is the full list of every combination I tried in /etc/exim.conf, together with an appended one line summary of what resulting ciphers were offered as available.

I would like to get the system secured against SSLv3 ASAP. Please help!

System details:
OS: SLC6 (derivative of RHEL6).
Arch: X86_64

Thanks
Tom Crane

tls_on_connect_ports = 465
# TLS settings 
tls_advertise_hosts = *
tls_certificate = /etc/exim/certs/smtp.pem
tls_privatekey = /etc/exim/certs/smtp.key
#gnutls_require_protocols = !SSLv2:!SSLv3:TLSv1
#tls_require_ciphers = All:!SSLv2:!SSLv3                -- Ciphers available: None
#tls_require_ciphers = TLSv1                            -- Ciphers available: SSLv3, TLSv1.0, TLSv1.1, TLSv1.2
#tls_require_ciphers = !SSLv2:!SSLv3:TLSv1              -- Ciphers available: None
#tls_require_ciphers = TLSv1:!SSLv2:!SSLv3              -- Ciphers available: None
#tls_require_ciphers = TLSv1+HIGH:!SSLv2:!SSLv3         -- Ciphers available: None
#tls_require_ciphers = TLSv1:!SSLv3                     -- Ciphers available: None
#tls_require_ciphers = TLSv1:!SSLv2                     -- Ciphers available: None
#No tls_require_ciphers statement                       -- Ciphers available: SSLv3, TLSv1.0, TLSv1.1, TLSv1.2
#tls_require_ciphers = HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3 -- Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)
#tls_require_ciphers = All:+TLSv1:!SSLv2:!SSLv3         -- Ciphers available: None
#tls_require_ciphers = ALL:+TLSv1:!SSLv2:!SSLv3         -- Ciphers available: None
#tls_require_ciphers = HIGH:+TLSv1:!SSLv2:!SSLv3        -- Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)
#tls_require_ciphers = MEDIUM:+TLSv1:!SSLv2:!SSLv3      -- Ciphers available: None
#tls_require_ciphers = LOW:+TLSv1:!SSLv2:!SSLv3         -- Ciphers available: None
#tls_require_ciphers = :+TLSv1:!SSLv2:!SSLv3            -- Ciphers available: None
#tls_require_ciphers =  +TLSv1:!SSLv2:!SSLv3            -- Ciphers available: None
#tls_require_ciphers = HIGH:MEDIUM:+TLSv1.1:!SSLv2:!SSLv3 -- Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)
#tls_require_ciphers = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:+TLSv1:!SSLv2:!SSLv3  Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)
#tls_require_ciphers = TLS_RSA_WITH_AES_128_CBC_SHA256:+TLSv1:!SSLv2:!SSLv3  -- Ciphers available: None
#tls_require_ciphers = TLSv1+HIGH                       -- Ciphers available: SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 (reduced set of ciphers in each protocol)
#tls_require_ciphers = +TLSv1:!SSLv2:!SSLv3:+TLSv1      -- Ciphers available: None
#tls_require_ciphers = HIGH:MEDIUM:+TLSv1.2:!SSLv2:!SSLv3 -- Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)
#tls_require_ciphers = NORMAL:-VERS+TLSv1               -- Ciphers available: None
#tls_require_ciphers = NORMAL:+TLSv1                    -- Ciphers available: None
#tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP -- Ciphers available: TLSv1.2 (TLS_RSA_WITH_AES_128_CBC_SHA256,  TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384 only)



-- 
Tom Crane, Dept. Physics, Royal Holloway, University of London, Egham Hill,
Egham, Surrey, TW20 0EX, England. 
Email:  T.Crane@???
Fax:    +44 (0) 1784 472794