On Thu, Jul 30, 2015 at 08:25:54AM -0400, 3YSTech Services wrote:
> I am trying to force TLS v1.2 on EXIM server. All Linux clients and Exim
> servers have openssl-1.0.1e-42 rpm. I keep getting TLSv1 on logs.
There is still a lot of software that only supports TLS 1.0, so
forcing 1.2 or higher limits interoperability...
> ** I tried adding tls_require_ciphers (below) on server but won't be able
> to send email from clients .
>
> openssl_options = +no_sslv2 +no_sslv3
> tls_require_ciphers = ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP
This is unwise, the majority of the ciphers used in TLS 1.2 are
carried over from SSL 3.0, so you SHOULD NOT disable SSLv3 ciphers,
rather just disabling the protocols suffices. And your cipherlist
is unwise. For decent security and maximum interoperability try:
HIGH:MEDIUM:@STRENGTH:+RC4:!MD5:!SRP:!PSK:!aDSS:!kECDH:!kDH:!SEED:!IDEA:!RC2:!RC5
The reason for all those exclusions ("!foo") at the end is to reduce
the cipher count in the client HELLO below 64 so that older Microsoft
Server 2003 systems don't fail to find common interoperable ciphers.
Don't be scared off by the !kECDH and !kDH, these disable the "fixed
DH" ciphersuites that nobody uses, they do not disable kEECDH or
kEDH "forward secrecy" key exchange methods. Removing the disused
cruft from the cipherlist saves bandwidth and improves interoperability.
In Postfix, these exclusions are client-side only, the SMTP server
just disables SSL 2.0 and SSL 3.0 protocols, and (lately) also
EXPORT and LOW ciphers.
> ** I tried to remove SSLv3 from ciphers and keep it in openssl_options and
> I am back to TLSv1
The peer you're communicating with might not support TLS 1.2, or
the logging may not indicate the protocol accurately. Use a packet
capture to determine what protocols are offered by the client and
ultimately negotiated by the server.
--
Viktor.