anyone? success with smtpd_tls_req_ccert and iPhone as client?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

anyone? success with smtpd_tls_req_ccert and iPhone as client?

Florin Andrei
Using smtpd_tls_req_ccert=yes on port 587.

########################################
submission inet n       -       -       -       -       smtpd
   -o smtpd_tls_cert_file=/blah/server.crt
   -o smtpd_tls_key_file=/blah/server.key
   -o smtpd_tls_CAfile=/blah/ca.crt
   -o smtpd_tls_security_level=encrypt
   -o smtpd_tls_loglevel=2
   -o smtpd_tls_req_ccert=yes
   -o smtpd_tls_session_cache_database=btree:${data_directory}/smtpd_scache
   -o smtpd_sasl_type=dovecot
   -o smtpd_sasl_path=private/auth
   -o smtpd_sasl_auth_enable=yes
   -o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
########################################

The client is an iPhone 3G, latest OS. TLS on the iPhone works pretty
well with Dovecot and imaps ("ssl_require_client_cert: yes" in
dovecot.conf). Dovecot uses exactly the same certificates (ca.crt,
server.crt, server.key) like Postfix. All is well with imaps.

But when trying to send email from the iPhone on port 587, I get this:

#############################################
Aug 21 00:06:09 server postfix/smtpd[15709]: connect from some.host[X.Y.Z.K]
Aug 21 00:06:09 server postfix/smtpd[15709]: setting up TLS connection
from some.host[X.Y.Z.K]
Aug 21 00:06:09 server postfix/smtpd[15709]: some.host[X.Y.Z.K]: TLS
cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!aNULL"
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:before/accept
initialization
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 read
client hello B
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 write
server hello A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 write
certificate A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 write
server done A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 flush data
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 read
client key exchange A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 read
finished A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 write
change cipher spec A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 write
finished A
Aug 21 00:06:09 server postfix/smtpd[15709]: SSL_accept:SSLv3 flush data
Aug 21 00:06:09 server postfix/smtpd[15709]: Anonymous TLS connection
established from some.host[X.Y.Z.K]: TLSv1 with cipher AES128-SHA
(128/128 bits)
Aug 21 00:06:09 server postfix/smtpd[15709]: NOQUEUE: abort: TLS from
some.host[X.Y.Z.K]: No client certificate presented
Aug 21 00:06:09 server postfix/smtpd[15709]: disconnect from
some.host[X.Y.Z.K]
Aug 21 00:06:09 server postfix/smtpd[15709]: connect from some.host[X.Y.Z.K]
Aug 21 00:06:09 server postfix/smtpd[15709]: lost connection after HELO
from some.host[X.Y.Z.K]
Aug 21 00:06:09 server postfix/smtpd[15709]: disconnect from
some.host[X.Y.Z.K]
#########################################

If I change it to smtpd_tls_req_ccert=no then everything is fine, an
anonymous TLS connection is established and email is delivered:

###########################################
Aug 21 00:13:37 server postfix/smtpd[16301]: connect from some.host[X.Y.Z.K]
Aug 21 00:13:37 server postfix/smtpd[16301]: setting up TLS connection
from some.host[X.Y.Z.K]
Aug 21 00:13:37 server postfix/smtpd[16301]: some.host[X.Y.Z.K]: TLS
cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:before/accept
initialization
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 read
client hello B
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 write
server hello A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 write
certificate A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 write
server done A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 flush data
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 read
client key exchange A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 read
finished A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 write
change cipher spec A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 write
finished A
Aug 21 00:13:37 server postfix/smtpd[16301]: SSL_accept:SSLv3 flush data
Aug 21 00:13:37 server postfix/smtpd[16301]: Anonymous TLS connection
established from some.host[X.Y.Z.K]: TLSv1 with cipher AES128-SHA
(128/128 bits)
#####################################

Is there any magic incantation that needs to be performed to convince
the iPhone to present the certificate to Postfix? The puzzling part is
that it seems to work fine with Dovecot and imaps.

I installed the client cert on the iPhone by uploading it to a local web
server and browsing it on the iPhone - Safari detects the cert and
installs it automatically.

--
Florin Andrei

http://florin.myip.org/

Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Noel Jones-2
Florin Andrei wrote:
>
> Is there any magic incantation that needs to be performed to convince
> the iPhone to present the certificate to Postfix? The puzzling part is
> that it seems to work fine with Dovecot and imaps.
>

Very few mail clients support client certificates.  Unless you
will be using only clients known to support certificates,
don't bother with them.

   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Victor Duchovni
On Fri, Aug 21, 2009 at 06:02:41AM -0500, Noel Jones wrote:

> Florin Andrei wrote:
>> Is there any magic incantation that needs to be performed to convince
>> the iPhone to present the certificate to Postfix? The puzzling part is
>> that it seems to work fine with Dovecot and imaps.
>
> Very few mail clients support client certificates.  Unless you will be
> using only clients known to support certificates, don't bother with them.

The only mainstream fully-featured MUA I've found that supports client
certs with SMTP is Mulberry. Outlook, Mail.app, Thunderbird, ... do not
IIRC.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Patrick Ben Koetter
* Victor Duchovni <[hidden email]>:

> On Fri, Aug 21, 2009 at 06:02:41AM -0500, Noel Jones wrote:
>
> > Florin Andrei wrote:
> >> Is there any magic incantation that needs to be performed to convince
> >> the iPhone to present the certificate to Postfix? The puzzling part is
> >> that it seems to work fine with Dovecot and imaps.
> >
> > Very few mail clients support client certificates.  Unless you will be
> > using only clients known to support certificates, don't bother with them.
>
> The only mainstream fully-featured MUA I've found that supports client
> certs with SMTP is Mulberry. Outlook, Mail.app, Thunderbird, ... do not
> IIRC.

Thunderbird does.
Turn on smtpd_tls_req_ccert and try to send using Thunderbird.

p@rick

--
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.

saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Victor Duchovni
On Fri, Aug 21, 2009 at 04:51:45PM +0200, Patrick Ben Koetter wrote:

> * Victor Duchovni <[hidden email]>:
> > On Fri, Aug 21, 2009 at 06:02:41AM -0500, Noel Jones wrote:
> >
> > > Florin Andrei wrote:
> > >> Is there any magic incantation that needs to be performed to convince
> > >> the iPhone to present the certificate to Postfix? The puzzling part is
> > >> that it seems to work fine with Dovecot and imaps.
> > >
> > > Very few mail clients support client certificates.  Unless you will be
> > > using only clients known to support certificates, don't bother with them.
> >
> > The only mainstream fully-featured MUA I've found that supports client
> > certs with SMTP is Mulberry. Outlook, Mail.app, Thunderbird, ... do not
> > IIRC.
>
> Thunderbird does.
> Turn on smtpd_tls_req_ccert and try to send using Thunderbird.

It has been some time since I looked at this, hence the IIRC. Mulberry
made the setting explicit, and perhaps allowed one to choose the right
client cert. If I recall correctly, Thunderbird uses certificates
silently, without explicit configuration control... I any case, this
is not a very frequently used MUA feature.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Florin Andrei
Victor Duchovni wrote:
>
> It has been some time since I looked at this, hence the IIRC. Mulberry
> made the setting explicit, and perhaps allowed one to choose the right
> client cert. If I recall correctly, Thunderbird uses certificates
> silently, without explicit configuration control... I any case, this
> is not a very frequently used MUA feature.

That's pretty disappointing. Sounds like man-in-the-middle attacks might
actually be doable then.

Would y'all be worried about the SASL authentication, given that the SSL
layer has holes? I'm talking from a real-world perspective. Data -
forget it, it's SMTP anyway. But the user/pass credentials - that's a
different story.

Would you be comfortable sending authentication over this kind of SSL
channel?

I'm trying pretty hard to avoid building a full-blown VPN just for the
iPhone. I already use OpenVPN, but it doesn't work on the iPhone, so I
would have to install / configure an IPSec thing from scratch if the
iPhone doesn't play nice with SMTP / SSL / SASL. It's not rocket science
but it's a lot of tedious work.

--
Florin Andrei

http://florin.myip.org/
Reply | Threaded
Open this post in threaded view
|

Re: anyone? success with smtpd_tls_req_ccert and iPhone as client?

Victor Duchovni
On Fri, Aug 21, 2009 at 11:08:31AM -0700, Florin Andrei wrote:

> Victor Duchovni wrote:
>> It has been some time since I looked at this, hence the IIRC. Mulberry
>> made the setting explicit, and perhaps allowed one to choose the right
>> client cert. If I recall correctly, Thunderbird uses certificates
>> silently, without explicit configuration control... I any case, this
>> is not a very frequently used MUA feature.
>
> That's pretty disappointing. Sounds like man-in-the-middle attacks might
> actually be doable then.

If the client has robust server certificate verification, there is no
need for client certs to fend off MITM.

The Postfix SMTP client has robust server certificate verification. As
for various MUAs, they typically validate the server certificate even
when they don't support client certs.

Unlike the Postfix SMTP client, their verification code may be vulnerable
to the NULL byte issue disclosed by Dan Kaminsky and "Moxie Marlinspike"
at the most recent Black Hat conference, but bugs aside, the MUAs should
be able resist MITM without client certs.

> Would y'all be worried about the SASL authentication, given that the SSL
> layer has holes? I'm talking from a real-world perspective. Data - forget
> it, it's SMTP anyway. But the user/pass credentials - that's a different
> story.

Attacks on SSL would not be my primary concern, rather I'd be more
worried about phishing, malware, ... and other less sophisticated means
of compromising user credentials.

> Would you be comfortable sending authentication over this kind of SSL
> channel?

If you want to avoid password compromise, use CRAM-MD5 or GSSAPI, ...

> I'm trying pretty hard to avoid building a full-blown VPN just for the
> iPhone. I already use OpenVPN, but it doesn't work on the iPhone, so I
> would have to install / configure an IPSec thing from scratch if the iPhone
> doesn't play nice with SMTP / SSL / SASL. It's not rocket science but it's
> a lot of tedious work.

If you are using the Carrier networks, active attacks are not easy to
carry out. If you are using Wi-Fi, perhaps you need a client patched
against the NULL byte problem. Client certs are OK if the iPhone
mail client supports them, but it may not...

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.