The same way bug 506924 called for updating apache2 default cipher list, using the suggested ciphers by Mozilla, should we do the same for dovecot config? Also, should we suggest forcing server cipher preference and disable SSLv2 / SSLv3? The proposal would be to update conf.d/10-ssl.conf and use ssl_protocols = !SSLv2:!SSLv3 ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:HIGH:!RC4:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK ssl_prefer_server_ciphers = yes instead of # SSL protocols to use #ssl_protocols = !SSLv2 # SSL ciphers to use #ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL # Prefer the server's order of ciphers over client's. #ssl_prefer_server_ciphers = no
*** This bug has been marked as a duplicate of bug 508554 ***
I'm replying here to not "pollute" the duplicate bug, since this is not about SMTP and being able to communicate with the rest of the world. (In reply to Eray Aslan from comment #8 (Bug 508554)) > (In reply to Jorge Manuel B. S. Vicetto from comment #6) > > I disagree with you closing the dovecot bug as a duplicate > > Same points really. Interoperability (this time between MUA and server), > any cipher being better than plaintext, specifying dicrete ciphers is bad ... > > But feel free to remove the duplicate if you like. While I agree with you that for SMTP and postfix there's an issue with interoperability, since no SMTP server can "control" what the rest of the world uses, a dovecot admin can "control" and setup a policy about the clients and or encryption protocols used.
(In reply to Jorge Manuel B. S. Vicetto from comment #2) > a dovecot admin can "control" and setup a policy about the > clients and or encryption protocols used. This is somewhat true in a corporate environment - and even then one might have to support windows xp era clients - but it is usually out of the question when one has paying customers. We can add a strongly worded comment to 10-ssl.conf to encourage (but not make default) something along these lines. However, I am open to persuasion. ssl_cipher_list = ALL:!EXPORT:!LOW:!MEDIUM:!aNULL:+RC4:@STRENGTH ssl_protocols = !SSLv2 !SSLv3 Robin, Tim any comments?
Eray, then what about adding this suggestion as a comment to the file with a note about it increasing the strength of the encryption at the cost of compatibility with older software? That way, any admin valuing security over compatibility only needs to uncomment it.
(In reply to Jorge Manuel B. S. Vicetto from comment #4) > then what about adding this suggestion as a comment to the file Done in net-mail/dovecot-2.2.13.