Disabling a cipher / cipher suite in postfix / TLS for specific recipient

We use Postfix 2.9.4 and OpenSSL 0.9.8j-fips 07 Jan 2009 (SLES11 SP4).

We get this error message while sending mail to a specific recipient:

error:1408D13A:SSL routines:SSL3_GET_KEY_EXCHANGE:unable to find ecdh parameters:s3_clnt.c:1336

Reading the code in s3_clnt.c for our OpenSSL version it says in a comment

For now we only support named (not generic) curve and the ECParameters in this case is just three bytes.

Analyzing the code this is either not a named curve type or the parameter is out of range.

My question is: How do I teach our SMTP client (or else the receiving server) to omit this cipher/cipher suite or parameter set?


Solution 1:

TLS Policy Per Domain

You can use the Postfix TLS Policy Map to create a list of domains and what TLS policies apply to them.

You can also change your global smtp and smtpd options in postfix to limit what ciphers may or must be used.

Another option in this case would be to specify what ciphers to use as seen in TLS Forward Secrecy in Postfix and perhaqps just use strong.

    smtpd_tls_eecdh_grade = strong | ultra

Here is an example /etc/postfix/tls_policy

.google.com     secure match=.google.com:.gmail.com protocols=TLSv1 ciphers=high
.paypal.com     secure match=.paypal.com protocols=TLSv1 ciphers=high
.example.tld    ciphers=medium
.blizzard.com   may

Then create the map with:

postmap tls_policy

In /etc/postfix/main.cf you would need:

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

In /etc/postfix/main.cf you might try excluding ciphers with smtpd_tls_exclude_ciphers and smtpd_tls_mandatory_exclude_ciphers and/or set smtpd_tls_eecdh_grade = strong

If adjusting the cipher exclusions or setting a tls_policy does not help, then you may want to consider updating openssl and postfix.

Solution 2:

Solution for defining a specific cipher list for only one recipient:

master.cf: smtp2 unix - - n - - smtp -o tls_high_cipherlist=!ECDH:...(some more)

transport_map: <domain> smtp2:<domain> (second domain omittable?)

tls_policy_map: <domain> verify match=hostname ciphers=high

This omitts the problematic ECDH algorithms and worked in this szenario.