Re: [exim] Exclude TLS_RSA_WITH_SEED_CBC_SHA from cipher lis…

Pàgina inicial
Delete this message
Reply to this message
Autor: Cyborg
Data:  
A: exim-users
Assumpte: Re: [exim] Exclude TLS_RSA_WITH_SEED_CBC_SHA from cipher list
Am 28.03.2018 um 09:10 schrieb Konstantin Boyandin via Exim-users:
> Hello,
>
> After having scanned 4.90.1 installation with OpenVAS, the below was
> reported:
>
> 'Weak' cipher suites accepted by this service via the
> TLSv1.0/TLSv1.1/TLSv1.2 protocols: TLS_RSA_WITH_SEED_CBC_SHA
>
> Default settings (no explicit "tls_require_ciphers",
> "openssl_options") are in use.
>
> Can someone recommend simplest ciphers selection for Exim, to exclude
> the mentioned cipher? The settings present on cipherli.st:
>
> tls_require_ciphers = AES128+EECDH:AES128+EDH
> openssl_options = +no_sslv2 +no_sslv3
>
> seem kind of too strict, there were reported problems receiving email
> after the above were put in effect.
>
> Sincerely,
> Konstantin
>


in theorie:

If you disable sslv3 your doing the world a big favor, but
unfortunately, the world hates you for it.

in practis:

A "*******" of mailserver implementations worldwide still uses sslv3 to
connect to your mailserver.
Disabling it, removes your ability to get that email, which result in
all sorts of problems.

You can find a list of ciphers typically used here:

https://marius.bloggt-in-braunschweig.de/2017/05/30/haeufigkeit-von-tls-ciphern/

This statistics was made by analyzing our mailservercluster ( which has
also lead to
some f****** hilarious discoveries in crypto fails in germanies "secure"
goverment infrastructure . I could still LOL all the day :D )

As you can see from the list, a lot of connections are made with TLS
1.0, which has the same problems as sslv3
and should not be used. Even TLS 1.1 should not be used, but (again) a
lot of systems don't care.

If you rely on TLS 1.2 alone, your mailbox will stay empty most of the day.

General guideline :

First, make sure your server favors tls1.2 over any other protocol (
exim ensures it, so your good )
Second, make sure it favors a good cipher over weak ones. Use -LOW:-MID

"You can only be as secure, as the other part of the connection wants
you to be secure."

Whats a good cipher ?  Let others decide this, who know it better than
you and me ;)

https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet

Cipherlist : A+ => A => B => C => C-


best regards,
Marius