From e27326d3176974a98b2a557fd35ce97394991aa7 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Fri, 13 Jun 2025 01:42:48 +0200 Subject: [PATCH 1/5] postfix: refactor and prune TLS settings - Groups settings between server and client - Uses a range comparator for supported TLS versions - Prune excluded primitives to what affects the supported TLS versions --- mail-server/postfix.nix | 50 +++++++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 76f65a9..9f25971 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -240,11 +240,6 @@ in # Avoid leakage of X-Original-To, X-Delivered-To headers between recipients lmtp_destination_recipient_limit = "1"; - # Opportunistic DANE support - # https://www.postfix.org/postconf.5.html#smtp_tls_security_level - smtp_dns_support_level = "dnssec"; - smtp_tls_security_level = "dane"; - # sasl with dovecot smtpd_sasl_type = "dovecot"; smtpd_sasl_path = "/run/dovecot2/auth"; @@ -266,33 +261,44 @@ in "check_policy_service unix:/run/dovecot2/quota-status" ]; - # TLS settings, inspired by https://github.com/jeaye/nix-files - # Submission by mail clients is handled in submissionOptions + # TLS for incoming mail is optional smtpd_tls_security_level = "may"; - # Disable obselete protocols - smtpd_tls_protocols = "TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3"; - smtp_tls_protocols = "TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3"; - smtpd_tls_mandatory_protocols = "TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3"; - smtp_tls_mandatory_protocols = "TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3"; + # But required for authentication attempts + smtpd_tls_auth_only = true; - smtp_tls_ciphers = "high"; + # TLS versions supported for the SMTP server + smtpd_tls_protocols = ">=TLSv1.2"; + smtpd_tls_mandatory_protocols = ">=TLSv1.2"; + + # Require ciphersuites that OpenSSL classifies as "High" smtpd_tls_ciphers = "high"; - smtp_tls_mandatory_ciphers = "high"; smtpd_tls_mandatory_ciphers = "high"; - # Disable deprecated ciphers - smtpd_tls_mandatory_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL"; - smtpd_tls_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL"; - smtp_tls_mandatory_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL"; - smtp_tls_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL"; + # Exclude cipher suites with undesirable properties + smtpd_tls_exclude_ciphers = "eNULL, aNULL"; + smtpd_tls_mandatory_exclude_ciphers = "eNULL, aNULL"; + + # Opportunistic DANE support when delivering mail to other servers + # https://www.postfix.org/postconf.5.html#smtp_tls_security_level + smtp_dns_support_level = "dnssec"; + smtp_tls_security_level = "dane"; + + # TLS versions supported for the SMTP client + smtp_tls_protocols = ">=TLSv1.2"; + smtp_tls_mandatory_protocols = ">=TLSv1.2"; + + # Require ciphersuites that OpenSSL classifies as "High" + smtp_tls_ciphers = "high"; + smtp_tls_mandatory_ciphers = "high"; + + # Exclude ciphersuites with undesirable properties + smtp_tls_exclude_ciphers = "eNULL, aNULL"; + smtp_tls_mandatory_exclude_ciphers = "eNULL, aNULL"; # As long as all cipher suites are considered safe, let the client use its preferred cipher tls_preempt_cipherlist = false; - # Allowing AUTH on a non encrypted connection poses a security risk - smtpd_tls_auth_only = true; - # Log only a summary message on TLS handshake completion smtp_tls_loglevel = "1"; smtpd_tls_loglevel = "1"; From 3828b00deac1713117e8bbd0bf31b3ffbfe7e2a5 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Fri, 13 Jun 2025 03:02:26 +0200 Subject: [PATCH 2/5] postfix: configure preferred curves and disable FFDHE This aligns with the intermediate configuration recommended by Mozilla. --- mail-server/postfix.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 9f25971..0c52d7c 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -296,6 +296,20 @@ in smtp_tls_exclude_ciphers = "eNULL, aNULL"; smtp_tls_mandatory_exclude_ciphers = "eNULL, aNULL"; + # Restrict and prioritize the following curves in the given order + # Excludes curves that have no widespread support, so we don't bloat the handshake needlessly. + # https://www.postfix.org/postconf.5.html#tls_eecdh_auto_curves + # https://ssl-config.mozilla.org/#server=postfix&version=3.10&config=intermediate&openssl=3.4.1&guideline=5.7 + tls_eecdh_auto_curves = [ + "X25519" + "prime256v1" + "secp384r1" + ]; + + # Disable FFDHE on TLSv1.3 because it is slower than elliptic curves + # https://www.postfix.org/postconf.5.html#tls_ffdhe_auto_groups + tls_ffdhe_auto_groups = [ ]; + # As long as all cipher suites are considered safe, let the client use its preferred cipher tls_preempt_cipherlist = false; From 4fd9508d41145c6e9a4018f4f85811d0a3cbeb4a Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Fri, 13 Jun 2025 03:04:49 +0200 Subject: [PATCH 3/5] postfix: drop tls_random_source config The setting already defaults to /dev/urandom. --- mail-server/postfix.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 0c52d7c..1a5d1f9 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -317,9 +317,6 @@ in smtp_tls_loglevel = "1"; smtpd_tls_loglevel = "1"; - # Configure a non blocking source of randomness - tls_random_source = "dev:/dev/urandom"; - smtpd_milters = smtpdMilters; non_smtpd_milters = lib.mkIf cfg.dkimSigning [ "unix:/run/rspamd/rspamd-milter.sock" ]; milter_protocol = "6"; From efebf59b137b269ee5716aa82b6d377c22580fb5 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Fri, 13 Jun 2025 03:13:27 +0200 Subject: [PATCH 4/5] dovecot: configure preferred elliptic curves --- mail-server/dovecot.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index edb244c..375bfe8 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -298,9 +298,12 @@ in } mail_access_groups = ${vmailGroupName} + + # https://ssl-config.mozilla.org/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.1&guideline=5.7 ssl = required ssl_min_protocol = TLSv1.2 ssl_prefer_server_ciphers = no + ssl_curve_list = X25519:prime256v1:secp384r1 service lmtp { unix_listener dovecot-lmtp { From 21ce4b4ff86ba0771e41551c6144396a930773a9 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Fri, 13 Jun 2025 03:20:14 +0200 Subject: [PATCH 5/5] dovecot: disable Diffie-Hellman support Recommended in the modern recommendation by Mozilla. Support for elliptic curves is widespread and they are much faster. --- mail-server/dovecot.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index 375bfe8..c06b478 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -182,6 +182,7 @@ in mailLocation = dovecotMaildir; sslServerCert = certificatePath; sslServerKey = keyPath; + enableDHE = lib.mkDefault false; enableLmtp = true; mailPlugins.globally.enable = lib.optionals cfg.fullTextSearch.enable [ "fts"