How to harden your postfix setup after dhgate [Scratchbook]

This is an old revision of the document!

Warning: Declaration of syntax_plugin_indexmenu_tag::handle($match, $state, $pos, &$handler) should be compatible with DokuWiki_Syntax_Plugin::handle($match, $state, $pos, Doku_Handler $handler) in /home/httpd/vhosts/scratchbook.ch/wiki.scratchbook.ch/lib/plugins/indexmenu/syntax/tag.php on line 43 Warning: Declaration of syntax_plugin_indexmenu_tag::render($mode, &$renderer, $data) should be compatible with DokuWiki_Syntax_Plugin::render($format, Doku_Renderer $renderer, $data) in /home/httpd/vhosts/scratchbook.ch/wiki.scratchbook.ch/lib/plugins/indexmenu/syntax/tag.php on line 51 Warning: preg_match(): Compilation failed: invalid range in character class at offset 3135 in /home/httpd/vhosts/scratchbook.ch/wiki.scratchbook.ch/inc/parser/lexer.php on line 118

A PCRE internal error occured. This might be caused by a faulty plugin

====== How to harden your postfix setup after dhgate ====== This document shows you how to generate and use a custom 2048bit diffie-hellman parameter for postfix and how to disable export cipher suites. This mitigates at least a part of the problem in diffie-hellman found in may 2015, see [0]. You need postfix version 2.2 or higher. All commands should normally be run as root. NOTE: Using 2048bit Diffie-Hellman-parameter as proposed by this manual breaks compatibility to some other software. See also [1]. If you need the compatibility, use 1024 instead of 2048, the essential part to mitigate the DH problem is the generation of a new parameter. Please don't be confused by the use of "config[uration] param[eter]" (which means something in the postfix config file) and DH param[eter] (which means Diffie-Hellman parameter, essentially a big prime number or the file containing it). ===== Step 1: Generate a new DH parameter file with 2048 bit ===== Generation using openssl-dhparam. NOTE: If you have a separate readable-by-root-only folder (which you should have in a sensible TLS setup) then change the file path below to put the file in that folder. Also substitute your path in all subsequent commands. <code>openssl dhparam -out /etc/postfix/dh2048.pem 2048</code> The 2048 at the end makes the dh parameter 2048 bits. ===== Step 2: Set permissions ===== Ensure "root" is file owner and group. You can skip this command if you already know (eg. from "ls -l <filename>") the file has root:root owner/group. <code>chown root:root /etc/postfix/dh2048.pem</code> Set r-- --- --- (400) permissions for the param file. Nobody should have write or executable access. And read access should be restricted to root. <code>chmod 400 /etc/postfix/dh2048.pem</code> Postfix reads the file before switching to a less privileged user on startup, so if your postfix instance (or some of its daemons) is not running as root, the parameters can still be read. ===== Step 3: Configure Postfix to use the new parameters ===== The config parameter contains "dh1024", because until now 1024bit was recommended (see link at top). You can use a 2048bit file with this config parameter, postfix can handle that. Documentation: [2] Add this line to your main.cf: <code>smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem</code> ===== Step 4: Ciphersuite configuration ===== I'm not able to go into detail for each curve selection, maybe this configuration breaks compatibility to some older software. Use this only as a guideline and look up the parameters in case of doubt. You should already have a TLS configuration, check yours against this suggestion. The important part is to make sure you don't use export ciphers, which use dh parameters below 1024bit. THIS IS NOT A FULL POSTFIX TLS CONFIGURATION! <code> ## ciphers config (server side) # Cipher security grade to use. # Only for connections/services where TLS is set to mandatory # (eg. for SASL connections), smtpd_tls_ciphers is the # equivalent for non-mandatory connections smtpd_tls_mandatory_ciphers = high # set also non-mandatory to high. smtpd_tls_ciphers = high # Set protocols to not use smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = $smtpd_tls_mandatory_protocols # security grade for ephemeral elliptic-curve Diffie-Hellman KEX smtpd_tls_eecdh_grade = ultra # Exclude unsafe ciphers. smtpd_tls_exclude_ciphers = aNULL, MD5, DES, SSLv2, EXP, RC4, NULL, eNULL, EXP-ADH-DES-CBC-SHA, EXP-EDH-RSA-DES-CBC-SHA, EXP-DES-CBC-SHA ## Client ciphers # Exclude unsafe ciphers. smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers smtp_tls_mandatory_ciphers = high smtp_tls_ciphers = $smtp_tls_mandatory_ciphers # exclude unsafe protocols smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_protocols = $smtp_tls_mandatory_protocols </code> ===== Step 5: Restart Postfix. ===== <code>service postfix restart</code> NOTE: I don't know whether simply using "postfix reload" does guarantee the new diffie hellman parameter file is used. ---- This howto is Public Domain (CC-0). If you have suggestions for improvement of this document (NO support), mail to 0xBE53AA6C0175D01D Version 1, 2015-05-20 [0] https://weakdh.org/ [1] http://postfix.1071664.n5.nabble.com/Diffie-Hellman-parameters-tp63096p63098.html [2] http://www.postfix.org/postconf.5.html#smtpd_tls_dh1024_param_file

weakdh/postfix-harden.1432163020.txt · Last modified: 2015/05/21 01:03 by claude

Back to top