I can’t receive emails from certain hosts because of a
no shared cipher
error:postfix/smtpd[15934]: warning: TLS library problem: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1440:
I am using this postfix settings for receiving emails:
smtpd_tls_mandatory_ciphers = high smtpd_tls_ciphers = high
Looking up the
tls_high_cipherlist
yielded:$ postconf -d | grep tls_high_cipherlist tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
So I looked up the ciphers this will cover for TLSv1.2
$ openssl ciphers -v 'aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH' | grep TLSv1.2 ADH-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=None Enc=AESGCM(256) Mac=AEAD ADH-AES256-SHA256 TLSv1.2 Kx=DH Au=None Enc=AES(256) Mac=SHA256 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256 ...
So I thought this should also be the ones postfix is then using to accept as ciphers, but using testssl.sh to test supported ciphers I got this:
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC) ------------------------------------------------------------------------------------------------------ TLS 1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA xc019 AECDH-AES256-SHA ECDH 256 AES 256 TLS_ECDH_anon_WITH_AES_256_CBC_SHA xa7 ADH-AES256-GCM-SHA384 DH 4096 AESGCM 256 TLS_DH_anon_WITH_AES_256_GCM_SHA384 x6d ADH-AES256-SHA256 DH 4096 AES 256 TLS_DH_anon_WITH_AES_256_CBC_SHA256 x3a ADH-AES256-SHA DH 4096 AES 256 TLS_DH_anon_WITH_AES_256_CBC_SHA x89 ADH-CAMELLIA256-SHA DH 4096 Camellia 256 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA xc018 AECDH-AES128-SHA ECDH 256 AES 128 TLS_ECDH_anon_WITH_AES_128_CBC_SHA xa6 ADH-AES128-GCM-SHA256 DH 4096 AESGCM 128 TLS_DH_anon_WITH_AES_128_GCM_SHA256 x6c ADH-AES128-SHA256 DH 4096 AES 128 TLS_DH_anon_WITH_AES_128_CBC_SHA256 x34 ADH-AES128-SHA DH 4096 AES 128 TLS_DH_anon_WITH_AES_128_CBC_SHA x9b ADH-SEED-SHA DH 4096 SEED 128 TLS_DH_anon_WITH_SEED_CBC_SHA x46 ADH-CAMELLIA128-SHA DH 4096 Camellia 128 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA xc007 ECDHE-ECDSA-RC4-SHA ECDH 256 RC4 128 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA xc016 AECDH-RC4-SHA ECDH 256 RC4 128 TLS_ECDH_anon_WITH_RC4_128_SHA x18 ADH-RC4-MD5 DH 4096 RC4 128 TLS_DH_anon_WITH_RC4_128_MD5 xc008 ECDHE-ECDSA-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA xc017 AECDH-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA x1b ADH-DES-CBC3-SHA DH 4096 3DES 168 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
So for example
DHE-DSS-AES256-GCM-SHA384
is missing.Do I have to enable this ciphers also somewhere else? Also explicitly setting
tls_high_cipherlist
in themain.cf
did not change the results.
Answer
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_tls_loglevel = 1
# if you have authentication enabled, only offer it after STARTTLS
smtpd_tls_auth_only = yes
tls_ssl_options = NO_COMPRESSION
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers=high
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
By default You are strongly encouraged to not change the setting
You can insert your own ciphersuite here, but I don’t recommend that. The cipherstring chosen by the bettercrypto project has been widely tested and provides as much compatibility as reasonable while providing as much security as possible. The order of all the ciphers is very important so server and client are negotiating the best cipher possible, preferably with Forward Secrecy which is true for this one.
Attribution
Source : Link , Question Author : Finn , Answer Author : Sukhjinder Singh