Postfix “Conexão TLS confiável estabelecida”, mas “Certificado de servidor não verificado”

Question

Postfix “Conexão TLS confiável estabelecida”, mas “Certificado de servidor não verificado”

#1 resposta do (2 votos)
#2 resposta do (1 votos)

6

Estou usando uma política TLS do Postfix para impor o TLS a emails enviados. Infelizmente, em alguns casos, a verificação do certificado falha e eu não sei por quê.

Por exemplo, este é um extrato da minha Política TLS

#/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA 
facebook.com    secure ciphers=high 
hearst.com      secure match=gslb.pphosted.com ciphers=high 
fastmail.fm     secure ciphers=high

Todos esses três provedores usam a mesma autoridade de certificação raiz. Eu posso enviar e-mails para facebook.com sem problemas. No caso de hearst.com, tenho que especificar uma correspondência CN porque o certificado não possui o campo SAN adequado. O que eu não entendo é porque eu também tenho que adicionar uma correspondência CN para o fastmail.fm. Caso contrário, a validação do certifcate falhará. O certificado é confiável, o nome do servidor de destino é smtp.messagingengine.com e o certificado tem um campo SAN que corresponde a ele (* .messagingengine.com)

Feb 25 21:57:22 mail postfix/smtp[25291]: Trusted TLS connection established to in1-smtp.messagingengine.com[66.111.4.74]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) 
Feb 25 21:57:22 mail postfix/smtp[25291]: D33A02504112: to=<[email protected]>, relay=in1-smtp.messagingengine.com[66.111.4.74]:25, delay=8.4, delays=0.02/0/8.4/0, dsn=4.7.5, status=deferred (Server certificate not verified)

Alguém sabe por que o certificado não é aceito? Qualquer sugestão para aplicar uma política TLS "segura" sem ter que especificar a regra correspondência ?

Detalhes da versão

root@mail:/etc/postfix# uname -a
Linux mail.EXAMPLE.com 3.13.0-65-generic #106-Ubuntu SMP Fri Oct 2 22:08:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
root@mail:/etc/postfix# postconf -d | grep mail_version
mail_version = 2.11.0
milter_macro_v = $mail_name $mail_version

Log estendido

Feb 25 21:57:22 mail postfix/smtp[25291]: setting up TLS connection to in1-smtp.messagingengine.com[66.111.4.74]:25 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH:!MD5:!DES:!ADH:!RC4:!PSD:!SRP:!3DES:!eNULL:!aNULL" 
Feb 25 21:57:22 mail postfix/smtp[25291]: looking for session smtp&fastmail.fm&in1-smtp.messagingengine.com&66.111.4.74&&FC83E1ADCEDFC581CE5F87CAF6E49FEFFF83CD0F9EBC0B57C4A19ED3DC3416EC in smtp cache 
Feb 25 21:57:22 mail postfix/tlsmgr[25292]: lookup smtp session id=smtp&fastmail.fm&in1-smtp.messagingengine.com&66.111.4.74&&FC83E1ADCEDFC581CE5F87CAF6E49FEFFF83CD0F9EBC0B57C4A19ED3DC3416EC 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:before/connect initialization 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:unknown state 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read server hello A 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: depth=2 verify=1 subject=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: depth=1 verify=1 subject=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: depth=0 verify=1 subject=/C=AU/ST=Victoria/L=Melbourne/O=FastMail Pty Ltd/CN=*.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read server certificate A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read server key exchange A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read server done A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 write client key exchange A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 write change cipher spec A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 write finished A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 flush data 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read server session ticket A 
Feb 25 21:57:22 mail postfix/smtp[25291]: SSL_connect:SSLv3 read finished A 
Feb 25 21:57:22 mail postfix/smtp[25291]: save session smtp&fastmail.fm&in1-smtp.messagingengine.com&66.111.4.74&&FC83E1ADCEDFC581CE5F87CAF6E49FEFFF83CD0F9EBC0B57C4A19ED3DC3416EC to smtp cache 
Feb 25 21:57:22 mail postfix/tlsmgr[25292]: put smtp session id=smtp&fastmail.fm&in1-smtp.messagingengine.com&66.111.4.74&&FC83E1ADCEDFC581CE5F87CAF6E49FEFFF83CD0F9EBC0B57C4A19ED3DC3416EC [data 1788 bytes] 
Feb 25 21:57:22 mail postfix/tlsmgr[25292]: write smtp TLS cache entry smtp&fastmail.fm&in1-smtp.messagingengine.com&66.111.4.74&&FC83E1ADCEDFC581CE5F87CAF6E49FEFFF83CD0F9EBC0B57C4A19ED3DC3416EC: time=1456433842 [data 1788 bytes] 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: *.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: mail.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: dav.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: caldav.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subjectAltName: carddav.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25 CommonName *.messagingengine.com 
Feb 25 21:57:22 mail postfix/smtp[25291]: in1-smtp.messagingengine.com[66.111.4.74]:25: subject_CN=*.messagingengine.com, issuer_CN=DigiCert SHA2 High Assurance Server CA, fingerprint=D8:F5:7E:43:A8:DA:29:22:6B:7E:90:A6:31:86:C8:CD, pkey_fingerprint=49:07:46:E5:F1:35:C2:96:75:09:67:BE:D9:FE:DB:46 
Feb 25 21:57:22 mail postfix/smtp[25291]: Trusted TLS connection established to in1-smtp.messagingengine.com[66.111.4.74]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) 
Feb 25 21:57:22 mail postfix/smtp[25291]: D33A02504112: to=<[email protected]>, relay=in1-smtp.messagingengine.com[66.111.4.74]:25, delay=8.4, delays=0.02/0/8.4/0, dsn=4.7.5, status=deferred (Server certificate not verified)

main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = mail.EXAMPLE.com ESMTP $mail_name (nou)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/EXAMPLE.com.crt
smtpd_tls_key_file = /etc/ssl/private/EXAMPLE.com.key
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_security_level = may
smtpd_tls_mandatory_ciphers = high
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL 
smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL 
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL 
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_starttls_timeout = 300s
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_tls_dh1024_param_file = /etc/postfix/dh_1024.pem
smtpd_tls_dh512_param_file = /etc/postfix/dh_512.pem
smtpd_tls_eecdh_grade = strong
tls_preempt_cipherlist = yes

#smtp_tls_note_starttls_offer = yes
#smtp_tls_per_site = may

# Logging
smtp_tls_loglevel = 2 
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

myhostname = mail.EXAMPLE.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.EXAMPLE.com, localhost.contabo.host, localhost
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

# Handing off local delivery to Dovecot's LMTP
virtual_transport = lmtp:unix:private/dovecot-lmtp

#Enabling SMTP for authenticated users, and handing off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

smtp_tls_security_level = may
# Force TLS for outgoing server connection
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_CApath = /etc/postfix/rootcas/ 

#Virtual domains, users, and aliases
virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains
virtual_mailbox_base =  /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_alias_maps = hash:/etc/postfix/valias

# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

content_filter = smtp-amavis:[127.0.0.1]:10024
message_size_limit = 0

master.cf

smtp      inet  n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd
  -o smtpd_tls_security_level=may
pickup    unix  n       -       -       60      1       pickup
   -o content_filter=
   -o receive_override_options=no_header_body_checks
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache

maildrop  unix  -       n       n       -       -       pipe
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

smtp-amavis     unix    -       -       -       -       2       smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes
        -o max_use=20

127.0.0.1:10025 inet    n       -       -       -       -       smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_delay_reject=no
        -o smtpd_client_restrictions=permit_mynetworks,reject
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_data_restrictions=reject_unauth_pipelining
        -o smtpd_end_of_data_restrictions=
        -o mynetworks=127.0.0.0/8
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o smtpd_client_connection_count_limit=0
        -o smtpd_client_connection_rate_limit=0
        -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

tls postfix starttls

por Jofre 26.02.2016 / 10:53

2 respostas

Tags tls postfix starttls

Status misterioso 11 erros nos servidores Hyper-V HAProxy não tem servidor disponível

score 2 · Answer 1

com secure level você está pedindo ao postfix para verificar a relação do destinatário e do servidor, mas de uma maneira segura (sem confiar nos dados do DNS)

Ele inicia corretamente a conexão TLS confiável (o certificado é assinado por uma CA conhecida / confiável)

Em seguida, ele tenta verificar com segurança o servidor / destinatário, se qualquer correspondência de CN / SAN fastmail.fm - e eles não. Então a mensagem é adiada na fila local.

Os

certificados de messagingengine.com/gslb.pphosted.com não atestam outros domínios que aceitam. facebook.com valida a si mesmo.

você modificou secure com uma% adicionadamatch do MX - é o que o verify realmente faz. para que você possa verificá-lo ou apenas continuar adicionando as correspondências.

smtp_tls_security_level

may TLS? Boa. sem TLS? bom.
encrypt aceita qualquer certificado de servidor inválido, exige criptografia.
verify aceitar certificado de servidor confiável (eu confio na CA? O CN corresponde ao MX?), exige criptografia.
secure só aceita certificado confiável se CN / SAN corresponder ao domínio do destinatário - e ignora informações inseguras (MX) para validação.

os documentos postfix não são claros para explicar as diferenças.

score 1 · Answer 2

no arquivo /etc/postfix/main.cf você pode colocar esta diretiva:

smtp_tls_secure_cert_match = hostname, nexthop, dot-nexthop

colocar isso no main.cf permitirá que uma correspondência de nome de host dos registros MX do DNS seja permitida para o nível de política seguro. Tudo o que isso em essência faz é converter o nível de política segura em nível de política de verificação, portanto, você pode simplesmente alterar o nível de política de tls para verificar ou diminuir. Para responder à sua pergunta sobre o que está causando falha no seu destinatário original,

[email protected]

quando você define sua política de tls para proteger a variável de controle é

smtp_tls_secure_cert_match (default: nexthop, dot-nexthop)

e nexthop, a menos que tenha uma sobreposição em uma tabela de transporte, é determinado conforme discutido na página 5 postconf man postada abaixo.

the next-hop domain, which is either the recipient domain, or the transport next-hop configured for the domain

seu próximo salto na política segura com esse endereço de e-mail é fastmail.fm enquanto o único domínio que está no registro MX é o messagingengine.com , nunca corresponderá à política de segurança. No entanto, olhando para o registro MX de fastmail.fm.

[[email protected] openssl]# host -t MX fastmail.fm
fastmail.fm mail is handled by 10 in1-smtp.messagingengine.com.
fastmail.fm mail is handled by 20 in2-smtp.messagingengine.com.

se você relaxasse a diretiva de correspondência de certificado seguro para incluir o nome do host ( novamente exatamente a mesma coisa que smtp_tls_security_level = verify ), o certificado verificaria com base no registro MX que aponta para in1 -smtp.messagingengine.com que corresponde ao CommonName * .messagingengine.com . Isso também acontece com [email protected] , e tenho certeza que muitos outros, so como eles dizem no man 5 pagina para postconf

smtp_tls_security_level (default: empty)
     verify Mandatory TLS verification. At this security level, DNS MX lookups are trusted to be secure enough, and the name verified in the server certificate is usually
          obtained  indirectly  via  unauthenticated  DNS  MX  lookups.  The  smtp_tls_verify_cert_match parameter controls how the server name is verified. In practice
          explicit control over matching is more common at the "secure" level, described below. This security level is not an appropriate default for systems delivering
          mail to the Internet.

     secure Secure-channel TLS.  At this security level, DNS MX lookups, though potentially used to determine the candidate next-hop gateway IP addresses, are not trusted
          to be secure enough for TLS peername verification. Instead, the default name verified in the server certificate is obtained from the next-hop domain as speci‐
          fied in the smtp_tls_secure_cert_match configuration parameter. The default matching rule is that a server certificate matches when its name is equal to or is
          a sub-domain of the nexthop domain. This security level is not an appropriate default for systems delivering mail to the Internet.

This security level is not an appropriate default for systems delivering mail to the Internet.

em seguida, novamente, diz que também para a política de tls verificar também, mas é por isso que sempre falhará.

para referência a página postconf man5 para as duas diretivas mencionadas acima:

smtp_tls_secure_cert_match (default: nexthop, dot-nexthop)
   How the Postfix SMTP client verifies the server certificate peername for the "secure" TLS security level. In a  "secure"  TLS  policy  table  ($smtp_tls_policy_maps)
   entry the optional "match" attribute overrides this main.cf setting.

   This  parameter  specifies  one  or more patterns or strategies separated by commas, whitespace or colons.  In the policy table the only valid separator is the colon
   character.

   For a description of the pattern and strategy syntax see the smtp_tls_verify_cert_match parameter. The "hostname" strategy should be avoided in this context,  as  in
   the absence of a secure global DNS, using the results of MX lookups in certificate verification is not immune to active (man-in-the-middle) attacks on DNS.

   Sample main.cf setting:

       smtp_tls_secure_cert_match = nexthop

   Sample policy table override:

       example.net     secure match=example.com:.example.com
       .example.net    secure match=example.com:.example.com

   This feature is available in Postfix 2.3 and later.

também faz referência a smtp_tls_verify_cert_match para entender melhor

smtp_tls_verify_cert_match (default: hostname)
   How the Postfix SMTP client verifies the server certificate peername for the "verify" TLS security level. In a  "verify"  TLS  policy  table  ($smtp_tls_policy_maps)
   entry the optional "match" attribute overrides this main.cf setting.

   This  parameter  specifies  one  or more patterns or strategies separated by commas, whitespace or colons.  In the policy table the only valid separator is the colon
   character.

   Patterns specify domain names, or domain name suffixes:

   example.com
          Match the example.com domain, i.e. one of the names the server certificate must be example.com, upper and lower case distinctions are ignored.

   .example.com
          Match subdomains of the example.com domain, i.e. match a name in the server certificate that consists of a non-zero number of  labels  followed  by  a  .exam‐
          ple.com suffix. Case distinctions are ignored.

   Strategies specify a transformation from the next-hop domain to the expected name in the server certificate:

   nexthop
          Match  against  the next-hop domain, which is either the recipient domain, or the transport next-hop configured for the domain stripped of any optional socket
          type prefix, enclosing square brackets and trailing port. When MX lookups are not suppressed, this is the original nexthop domain prior to the MX lookup,  not
          the result of the MX lookup. For LMTP delivery via UNIX-domain sockets, the verified next-hop name is $myhostname.  This strategy is suitable for use with the
          "secure" policy. Case is ignored.

   dot-nexthop
          As above, but match server certificate names that are subdomains of the next-hop domain. Case is ignored.

   hostname
          Match against the hostname of the server, often obtained via an unauthenticated DNS MX lookup. For LMTP delivery via UNIX-domain sockets, the verified name is
          $myhostname.  This  matches the verification strategy of the "MUST" keyword in the obsolete smtp_tls_per_site table, and is suitable for use with the "verify"
          security level. When the next-hop name is enclosed in square brackets to suppress MX lookups, the "hostname" strategy is the same as the  "nexthop"  strategy.
          Case is ignored.

   Sample main.cf setting:

   smtp_tls_verify_cert_match = hostname, nexthop, dot-nexthop

   Sample policy table override:

   example.com     verify  match=hostname:nexthop
   .example.com    verify  match=example.com:.example.com:hostname