Introduce TLS_PERMISSIVE for port 25

This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.
2 years ago · 6a0e881522
parent 48e1e91a2c
commit 6a0e881522
4 changed files with 6 additions and 0 deletions
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@ -74,6 +74,7 @@ DEFAULT_CONFIG = {
    'PERMANENT_SESSION_LIFETIME': 30*24*3600,
    'SESSION_COOKIE_SECURE': True,
    'CREDENTIAL_ROUNDS': 12,
+    'TLS_PERMISSIVE': True,
    'TZ': 'Etc/UTC',
    # Host settings
    'HOST_IMAP': 'imap',
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@ -317,9 +317,11 @@ mail {
      ssl_certificate /certs/letsencrypt/live/mailu/fullchain.pem;
      ssl_certificate /certs/letsencrypt/live/mailu-ecdsa/fullchain.pem;
      {% endif %}
+      {% if TLS_PERMISSIVE == 'true' %}
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
      ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA;
      ssl_prefer_server_ciphers on;
+      {% endif %}
      starttls on;
      {% endif %}
      protocol smtp;
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@ -215,6 +215,8 @@ The ``LETSENCRYPT_SHORTCHAIN`` (default: False) setting controls whether we send
 ISRG Root X1 certificate in TLS handshakes. This is required for `android handsets older than 7.1.1` 
 but slows down the performance of modern devices.

+The ``TLS_PERMISSIVE`` (default: true) setting controls whether ciphers and protocols offered on port 25 for STARTTLS are optimized for maximum compatibility. We **strongly recommend** that you do **not** change this setting on the basis that any encryption beats no encryption. If you are subject to compliance requirements and are not afraid of loosing emails as a result of artificially reducing compatibility, set it to 'false'. Keep in mind that servers that are running a software stack old enough to not be compatible with the current TLS requirements will either a) deliver in plaintext b) bounce emails c) silently drop emails; modern servers will benefit from various downgrade protections (DOWNGRD, RFC7507) making the security argument mostly a moot point.
+
 .. _`android handsets older than 7.1.1`: https://community.letsencrypt.org/t/production-chain-changes/150739

 .. _reverse_proxy_headers:
--- a/towncrier/newsfragments/2449.feature
+++ b/towncrier/newsfragments/2449.feature
@ -0,0 +1 @@
+Introduce TLS_PERMISSIVE, a new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.
				`@ -0,0 +1 @@`
				`Introduce TLS_PERMISSIVE, a new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.`