tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: openssl3+postfix issue (ca md too weak)



[trimming tech-crypto from cc because this is a policy and
configuration issue, not a cryptography issue]

> Date: Mon, 13 Nov 2023 20:34:04 +0100
> From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
> 
> I'm facing an issue with postfix+openssl3 which may be critical (depending
> on how it can be fixed).
> 
> Now my postfix setup fails to send mails with
> Nov 13 20:20:53 comore postfix/smtp[6449]: warning: TLS library problem: error:0A00018E:SSL routines::ca md too weak:/usr/src/crypto/external/bsd/openssl/dist/ssl/statem/statem_lib.c:984:

1. This says `warning'; does the mail actually fail to go through, or
   are you just alarmed by the warning?

2. Can you describe your mail topology?

3. Can you describe the postfix configuration on every node involved
   in the topology?

      diff -u <(postconf -d) <(postconf)

   (not sure if there's an easier way to show the non-default
   settings; if there is, feel free to use that instead)

4. Can you share master.cf on every node involved if it's not the
   default?

5. If you connect to the server with `openssl s_client', what happens?

> So, as far as I understand, we end up with a postfix installation which
> can't talk to servers with valid certificates.

Unless anything has changed in the past couple years, I don't think
there is any widespread deployment of SMTP TLS server authentication
that means anything for general MTAs -- at best, TLS in SMTP serves as
opportunistic encryption to defend against passive eavesdroppers.

So I assume you must be talking about your own personal SMTP relay, or
your own personal submission endpoint, or something like that, meaning
this is not a general problem with sending mail on the internet.

(If a sender demanded that any receiving MTA show a valid certificate,
it would be a very lonely sender in the real world today -- there's no
mechanism (that I know of) for a sender to know which receiving MTAs
are expected to answer TLS with valid certificates, like writing http
vs https in the URL bar of a browser.)


Home | Main Index | Thread Index | Old Index