Securing postfix with SSL/TLS on RHEL7
Updated -
Securing postfix (postfix-2.10.1-7.el7) that uses openssl
This article is part of the Securing Applications Collection
Configuration File
/etc/postfix/main.cf
shortform
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_security_level = encrypt
smtpd_tls_auth_only = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_dh1024_param_file = /etc/pki/tls/private/postfix.dh.param
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
smtpd_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_medium_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
Currently recommended ciphers, excluding DES-based ciphers to avoid SWEET32 attack
Follow given link to know how to generate DH Parameter file for option smtpd_tls_dh1024_param_file : Generate DH Parameter file
Protocols
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
TLSv1 or better
Protocol - Alternative Values
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1Disable everything except TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = !SSLv2 smtp_tls_mandatory_protocols = !SSLv2 smtp_tls_protocols = !SSLv2Allow SSLv3 or better
Ciphers
smtp_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
smtpd_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_medium_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
Currently recommended ciphers, excluding DES-based ciphers to avoid SWEET32 attack
Ciphers - Alternative Values
smtp_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2 smtpd_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2 tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES:!SHA smtp_tls_ciphers = high smtpd_tls_ciphers = highRemove SHA1-based ciphers, leaves SHA256 & SHA256 variations
smtp_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2 smtpd_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2 tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES tls_medium_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES smtp_tls_ciphers = medium smtpd_tls_ciphers = mediumAdd RC4-SHA for older systems compatibility
Certificate Handling
postfix uses a key file and certificates file.
Key File
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
key should be readable only by root
Certificate File
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
Should contain the server certificate followed by any intermediate certificates and then the root certificate.
Diffie-Helman Parameter File
smtpd_tls_dh1024_param_file = /etc/pki/tls/private/postfix.dh.param
The use of stronger ciphers can be enabled by ensuring there is a Diffie-Helman parameter file available
This file should be renewed on a periodic (weekly) basis.openssl dhparam -out /etc/pki/tls/private/postfix.dh.param.tmp 1024 mv /etc/pki/tls/private/postfix.dh.param.tmp /etc/pki/tls/private/postfix.dh.param
7 Comments
I find this confusing. It is all mixed together. I would prefer to see a high security main.cf that supports FIPS. And then maybe a medium main.cf
Were you able to get an update on this? What is the key format for the TLS keys.
Nice article - thank you.
A 2048-bit key for Diffie-Helman should be used to avoid the Logjam attack:
openssl dhparam -out /etc/pki/tls/private/postfix.dh.param.tmp 2048
openssl dhparam parameter file creation fails when system is in FIPS enforcing mode. DH ciphers should be disabled in that case.
/etc/postfix/main.cf example:
How to renew /etc/pki/tls/certs/postfix.pem when it is expired? On RHEL 8 it lasts one year...
we could do with this being updated for RHEL9 when time permits, thanks,
Totally agree with both Fabio Adamo (pem renewal steps) and Gary Spencer (include RHEL8 and RHEL9).