Question regarding smtpd and log of “Untrusted TLS connection”

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Question regarding smtpd and log of “Untrusted TLS connection”

J Doe
Hello,

I currently have a Postfix 3.1.0 server with smtpd configured to use opportunistic TLS encryption:

    /etc/postfix/main.cf
        smtpd_tls_security_level = may

In the documentation I have noted that even if STARTTLS is enabled, mail delivery will not be stopped even if the certificate at the other server is invalid or is a self-signed certificate.  As such, TLS encryption is used but authentication of the remote server does not happen.

I have noticed in my logs today an entry:

    postfix/smtpd[1234]: Untrusted TLS connection established from example.com[1.2.3.4]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)

...where example.com is not the real server name.

When smtpd parsed the certificate before this log entry, I noticed that the subject_CN of the certificate is the same as the issuer - for example:

    subject_CN=example
    issuer=example

...where example is not a FQDN but the hostname of the remote server.  There is also no references to certificate authorities.

I am wondering two things:

[1] Am I correct that the remote server has not been authenticated but has used encryption ?

[2] Is it not authenticated in this case because the remote server appears to be a self-signed certificate ?

Thanks,

- J
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding smtpd and log of “Untrusted TLS connection”

Noel Jones-2
On 10/20/2017 3:54 PM, J Doe wrote:
> I am wondering two things:
>
> [1] Am I correct that the remote server has not been authenticated but has used encryption ?
>

Correct.

> [2] Is it not authenticated in this case because the remote server appears to be a self-signed certificate ?
>

No certificate is exchanged; all connections are unauthenticated.



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding smtpd and log of “Untrusted TLS connection”

Viktor Dukhovni
In reply to this post by J Doe


> On Oct 20, 2017, at 4:54 PM, J Doe <[hidden email]> wrote:
>
> I currently have a Postfix 3.1.0 server with smtpd configured to use
> opportunistic TLS encryption:
>
>    /etc/postfix/main.cf
>        smtpd_tls_security_level = may

This setting is for inbound mail from remote servers to you.

> In the documentation I have noted that even if STARTTLS is enabled, mail
> delivery will not be stopped even if the certificate at the other server
> is invalid or is a self-signed certificate. As such, TLS encryption is
> used but authentication of the remote server does not happen.

Now you've switched to talking to about outbound mail (delivery from
your system to other systems).

> I have noticed in my logs today an entry:
>
>    postfix/smtpd[1234]: Untrusted TLS connection established from example.com[1.2.3.4]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
>
> ...where example.com is not the real server name.

And now you're looking at inbound mail again, and it seems that you've
enabled receipt of client certificates, which is generally not a good
idea on port 25 (the default is smtpd_tls_ask_ccert = no).

> When smtpd parsed the certificate before this log entry, I noticed that
> the subject_CN of the certificate is the same as the issuer - for example:
>
>    subject_CN=example
>    issuer=example
>
> ...where example is not a FQDN but the hostname of the remote server.
> There is also no references to certificate authorities.

Perfectly normal even for receiving server, but escpecially for SMTP
client certificates CA-issued names are not especially meaningful.
What would you do differently on port 25 when receiving inbound mail
from a client with a given certificate?

More generally, see:

        http://www.postfix.org/TLS_README.html#client_tls_limits

> I am wondering two things:
>
> [1] Am I correct that the remote server has not been authenticated but
> has used encryption ?

The transmission channel is encrypted all the way from the remote
server to any TLS man in the middle attacker, and again all the
way from the man in the middle attacker to you. :-)

More seriously, the channel is immune to passive wiretaps, but
unless the client authenticated your server somehow, and would
not have continued sans authenticated TLS, MiTM attacks cannot
be excluded.

> [2] Is it not authenticated in this case because the remote server
> appears to be a self-signed certificate ?

You're still confusing the sending and receiving sides...

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Question regarding smtpd and log of “Untrusted TLS connection”

J Doe
Hi Viktor,

> On Oct 20, 2017, at 6:14 PM, Viktor Dukhovni <[hidden email]> wrote:
>
>> In the documentation I have noted that even if STARTTLS is enabled, mail
>> delivery will not be stopped even if the certificate at the other server
>> is invalid or is a self-signed certificate. As such, TLS encryption is
>> used but authentication of the remote server does not happen.
>
> Now you've switched to talking to about outbound mail (delivery from
> your system to other systems).

Oops.  You are totally right - that terminology came from the smtp section of the Postfix doc’s as it was the last section I read yesterday.

>> I have noticed in my logs today an entry:
>>
>>   postfix/smtpd[1234]: Untrusted TLS connection established from example.com[1.2.3.4]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
>>
>> ...where example.com is not the real server name.
>
> And now you're looking at inbound mail again, and it seems that you've
> enabled receipt of client certificates, which is generally not a good
> idea on port 25 (the default is smtpd_tls_ask_ccert = no).

Yes, I checked my main.cf and saw I had smtpd_tls_ask_ccert = yes.  I have since corrected it.

>> When smtpd parsed the certificate before this log entry, I noticed that
>> the subject_CN of the certificate is the same as the issuer - for example:
>>
>>   subject_CN=example
>>   issuer=example
>>
>> ...where example is not a FQDN but the hostname of the remote server.
>> There is also no references to certificate authorities.
>
> Perfectly normal even for receiving server, but escpecially for SMTP
> client certificates CA-issued names are not especially meaningful.
> What would you do differently on port 25 when receiving inbound mail
> from a client with a given certificate?

Ok.  So the certificate that smtpd was presented with was a CLIENT certificate in this case.  Was I right that it was a self-signed certificate ?

>> I am wondering two things:
>>
>> [1] Am I correct that the remote server has not been authenticated but
>> has used encryption ?
>
> The transmission channel is encrypted all the way from the remote
> server to any TLS man in the middle attacker, and again all the
> way from the man in the middle attacker to you. :-)

Ahhhhhh!

Just kidding - I am more concerned with passive wiretaps, as you mention below.

> More seriously, the channel is immune to passive wiretaps, but
> unless the client authenticated your server somehow, and would
> not have continued sans authenticated TLS, MiTM attacks cannot
> be excluded.
>
>> [2] Is it not authenticated in this case because the remote server
>> appears to be a self-signed certificate ?

Ok.  In the context of smtpd (receiving mail), I note three states in the log:

    Authenticated TLS ...
    Untrusted TLS ...
    Anonymous TLS ...

I am pretty sure what most of those are referring to, but not totally sure.

Thanks again,

- J
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding smtpd and log of “Untrusted TLS connection”

Viktor Dukhovni


> On Oct 21, 2017, at 2:03 AM, J Doe <[hidden email]> wrote:
>
> Ok.  In the context of smtpd (receiving mail), I note three states in the log:
>
>    Authenticated TLS ...
>    Untrusted TLS ...
>    Anonymous TLS ...
>
> I am pretty sure what most of those are referring to, but not totally sure.

http://www.postfix.org/FORWARD_SECRECY_README.html#status

--
        Viktor.