$this = (new Soapbox())->shout(array_map('strtoupper', $opinions)); //Shaun's blog

Get Postfix 2.6 speaking TLS on CentOS 6

Posted February 24, 2016 by shaun

In an age where SSL/TLS certificates are free via Let's Encrypt, if you're running a Postfix mail server, you should make sure it's capable of speaking TLS.

Here's the output from postconf -n | grep tls on my machine, which lists all of the TLS options in main.cf that I've changed from their defaults:

smtp_tls_CAfile = /etc/pki/tls/cert.pem
smtp_tls_ciphers = medium
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !TLSv1, !SSLv2, !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtpd_tls_CAfile = /etc/pki/tls/cert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/letsencrypt/live/my.example.com/fullchain.pem
smtpd_tls_ciphers = medium
smtpd_tls_dh1024_param_file = /etc/postfix/ssl/dh_2048.pem
smtpd_tls_dh512_param_file = /etc/postfix/ssl/dh_512.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, CAMELLIA, DES, IDEA, RC4, MD5, \
smtpd_tls_key_file = /etc/letsencrypt/live/my.example.com/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, CAMELLIA, EXPORT, DES, IDEA, RC4, MD5, \
smtpd_tls_mandatory_protocols = !TLSv1, !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

The two CAfile entries point to cert.pem from the CentOS ca-certificates package; this will probably need to point somewhere else on other distros.

The dh1024_param_file and dh512_param_file are generated like this:

mkdir -p /etc/postfix/ssl
openssl gendh -out /etc/postfix/ssl/dh_512.pem -2 512
openssl gendh -out /etc/postfix/ssl/dh_2048.pem -2 2048

As noted in TLS Forward Secrecy in the Postfix SMTP Server, the smtpd_tls_dh1024_param_file directive is a bit of a misnomer. This file can be generated with a prime >1024 bits, and 2048 bits or higher is suggested.

The above configuration works fine with all the major providers like Gmail, Microutlook Hotchangeffice365, Yahoo, etc. In cases where TLS negotiation fails, the SMTP transaction will fall back to plain unencrypted text, and your server will still send and receive messages. Depending on which servers your MTA talks to, you might need to allow TLSv1 (by removing !TLSv1 from the mandatory_protocols settings), and/or be more permissive in which ciphers you'll accept.

Recent articles

📰 Let's Encrypt Readies for Certificate Transparency with Embedded SCTs

📰 Evaluating DNSBL Effectiveness with Postfix Logs

📰 Russian/Ukrainian Referer Spam Campaign IPs

📰 Resolving subversion error E145001: Node has unexpectedly changed kind

📰 Installing PHP 7.2 with pthreads on CentOS 6

📰 LocalStorage kills another site, or: Working around Zap2it's new interface

📰 A new DNS geolocation service from PowerDNS

📰 Firefox's privacy.resistFingerprinting option reports a very old User-Agent (50.0)

📰 Undefined symbol "Py_InitModule4_64" while upgrading harfbuzz

📰 ipid.shat.net is back online for now

📰 Implementing a report-uri endpoint for Expect-CT (and other headers)

📰 A curious UDAP packet from DirecTV hardware

▲ Back to top | Permalink to this page