Discussion:
Disable SSLv3, POODLE: SSLv3 vulnerability
(too old to reply)
Nikolay Mitev
2014-10-15 21:36:07 UTC
Permalink
Hi Team,

How can you exclude SSLv3 for the case POODLE: SSLv3 vulnerability
(CVE-2014-3566) for /SMTPs,POP3s and IMAPs/.

Best regards,
Nikolay
Eric Shubert
2014-10-15 22:51:05 UTC
Permalink
Post by Nikolay Mitev
Hi Team,
How can you exclude SSLv3 for the case POODLE: SSLv3 vulnerability
(CVE-2014-3566) for /SMTPs,POP3s and IMAPs/.
Best regards,
Nikolay
My first overall impression is, no more encrypted email, until this is
fixed. Or you can use encrypted email, and be vulnerable. How bad the
vulnerability is I'm not sure.

This was just announced, so we'll see how fast a patch comes out.

In order to disable SSLv3, you need to change your cyphers list in
/etc/dovecot/toaster.conf file for dovecot, and
/var/qmail/control/tlsserverciphers for qmail-smtpd.

If you turn off SSLv3, that includes TLS, so you'd better turn off plain
and login authentication methods as well. Looks like digest-md5 or
cram-md5 would be the only non-plain-text authentication methods
available. I imagine Dan's loving that. ;)

Hopefully there will be patches forthcoming soon.

Any insights you folks have are welcome. I haven't had time to look into
this much yet.
--
-Eric 'shubes'


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
a***@globalgate.com.ar
2014-10-16 19:03:16 UTC
Permalink
Date: Wed, 15 Oct 2014 15:51:05 -0700
Subject: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability
Post by Nikolay Mitev
Hi Team,
How can you exclude SSLv3 for the case POODLE: SSLv3 vulnerability
(CVE-2014-3566) for /SMTPs,POP3s and IMAPs/.
Best regards,
Nikolay
My first overall impression is, no more encrypted email, until this is fixed.
Or you can use encrypted email, and be vulnerable. How bad the vulnerability
is I'm not sure.
This was just announced, so we'll see how fast a patch comes out.
In order to disable SSLv3, you need to change your cyphers list in
/etc/dovecot/toaster.conf file for dovecot, and
/var/qmail/control/tlsserverciphers for qmail-smtpd.
If you turn off SSLv3, that includes TLS, so you'd better turn off plain and
login authentication methods as well. Looks like digest-md5 or cram-md5 would
be the only non-plain-text authentication methods available. I imagine Dan's
loving that. ;)
Hello Eric,

Could be possible to define one control file to populate with the domains
against i donŽt want to do TLS/SSL?

Honestly i have not yet look deeply into qmail-smtpd code to conclude that if
you turn on TLS, it will be active for all smtp transactions and you could avoid
this for some specific domains.


best regards,



--

Abel Lucano ____________________________________________________

GlobalGate Ingeniería


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Peter Peltonen
2014-10-16 20:05:32 UTC
Permalink
Hi,
Post by Eric Shubert
In order to disable SSLv3, you need to change your cyphers list in
/etc/dovecot/toaster.conf file for dovecot, and
/var/qmail/control/tlsserverciphers for qmail-smtpd.
If you turn off SSLv3, that includes TLS, so you'd better turn off plain and
login authentication methods as well. Looks like digest-md5 or cram-md5
would be the only non-plain-text authentication methods available. I imagine
Dan's loving that. ;)
Regarding this StackExchange information:

http://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites

there is no need to disable ciphers, but only SSL v3 protocol (POODLE
is a protocol, not cipher, problem)?

Here you can find software specific instructions for disabling SSL v3,
including Dovecot:

https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle

I haven't tried these yet as it seems I need to upgrade my Dovecot
installations first to be able to disable sslv3...

Best,
Peter

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Nikolay Mitev
2014-10-17 06:34:25 UTC
Permalink
Hi Eric,

Thanks for the tip, we expect the update.

Best regards,
Nikolay
Post by Eric Shubert
Hi,
Post by Eric Shubert
In order to disable SSLv3, you need to change your cyphers list in
/etc/dovecot/toaster.conf file for dovecot, and
/var/qmail/control/tlsserverciphers for qmail-smtpd.
If you turn off SSLv3, that includes TLS, so you'd better turn off plain
and
Post by Eric Shubert
login authentication methods as well. Looks like digest-md5 or cram-md5
would be the only non-plain-text authentication methods available. I
imagine
Post by Eric Shubert
Dan's loving that. ;)
http://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites
there is no need to disable ciphers, but only SSL v3 protocol (POODLE
is a protocol, not cipher, problem)?
Here you can find software specific instructions for disabling SSL v3,
https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
I haven't tried these yet as it seems I need to upgrade my Dovecot
installations first to be able to disable sslv3...
Best,
Peter
---------------------------------------------------------------------
Catalin Leanca
2014-10-17 07:52:12 UTC
Permalink
Hi everyone,

I managed to disable SSLv3 in /etc/courier/imapd-ssl and
/etc/courier/pop3-ssl
Changed TLS_PROTOCOL=SSLv3 to TLS_PROTOCOL=TLS1

But how about SMTP ? How to disable SSLv3 over 587 submission port ?

Regards,
Catalin L
Post by Nikolay Mitev
Hi Eric,
Thanks for the tip, we expect the update.
Best regards,
Nikolay
On Thu, Oct 16, 2014 at 11:05 PM, Peter Peltonen
Hi,
Post by Eric Shubert
In order to disable SSLv3, you need to change your cyphers list in
/etc/dovecot/toaster.conf file for dovecot, and
/var/qmail/control/tlsserverciphers for qmail-smtpd.
If you turn off SSLv3, that includes TLS, so you'd better turn
off plain and
Post by Eric Shubert
login authentication methods as well. Looks like digest-md5 or
cram-md5
Post by Eric Shubert
would be the only non-plain-text authentication methods
available. I imagine
Post by Eric Shubert
Dan's loving that. ;)
http://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites
there is no need to disable ciphers, but only SSL v3 protocol (POODLE
is a protocol, not cipher, problem)?
Here you can find software specific instructions for disabling SSL v3,
https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
I haven't tried these yet as it seems I need to upgrade my Dovecot
installations first to be able to disable sslv3...
Best,
Peter
---------------------------------------------------------------------
--
CS Catalin LEANCA
ICI ROTLD - Serviciul Tehnic
Bd. Maresal Averescu 8-10,
Sector 1, Bucuresti
Quinn Comendant
2014-10-21 17:42:35 UTC
Permalink
Post by Catalin Leanca
But how about SMTP ? How to disable SSLv3 over 587 submission port ?
I couldn't find the answer with 10 minutes of googling, but I did find this (UNTESTED!):

How to take down SSLv3 in your network using iptables firewall:
https://blog.g3rt.nl/take-down-sslv3-using-iptables.html

Quinn

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Quinn Comendant
2014-10-21 18:40:23 UTC
Permalink
Post by Catalin Leanca
But how about SMTP ? How to disable SSLv3 over 587 submission port ?
Here's a comprehensive list of how to disable SSLv3 in everything *except* qmail:

http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566

Perhaps if anybody does discover how they can update this answer.

Q

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Eric Shubert
2014-10-22 02:02:09 UTC
Permalink
Post by Quinn Comendant
Post by Catalin Leanca
But how about SMTP ? How to disable SSLv3 over 587 submission port ?
http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
Perhaps if anybody does discover how they can update this answer.
Q
---------------------------------------------------------------------
I haven't researched this poodle thing thoroughly, but have learned that
TLS isn't affected. That's not all bad, as TLS should be preferred anywise.

In order to disable SSL in dovecot, you could either block the SSL ports
(993, 995) in the firewall, or change /etc/dovecot/toaster.conf file by
adding :!SSLv3 to the list of ciphers:
ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:DES-CBC3-SHA

While SSLv3 is technically not a cipher, this tells dovecot to not use
any ciphers which use SSLv3. Of course, having port 993 open if there's
no SSL being used is pointless.

There's no real need to disable SSLv3, because it cannot be used on port
587, only TLS can, and TLS is ok. If you're using smtps on port 465, you
might want to discontinue doing that.

BL, TLS should be used for everything. Unfortunately, some older email
clients (Outlook'03 comes to mind) can't use TLS.

Thanks.
--
-Eric 'shubes'


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Quinn Comendant
2014-10-22 07:18:00 UTC
Permalink
Post by Eric Shubert
In order to disable SSL in dovecot, you could either block the SSL
ports (993, 995) in the firewall, or change /etc/dovecot/toaster.conf
ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:DES-CBC3-SHA
Reconsider disabling SSLv3 ciphers! In OpenSSL they're used by TLSv1.0 and TLSv1.1. The TLSv1.1 protocol didn't introduce any new ciphers, it uses SSLv3 ciphers. If you do this—as far as I've read, I didn't try—TLS for clients that don't support at least version 1.2 will stop working.

https://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites

The correct action is to disable the SSLv3 protocol itself, if possible. Limiting connections to clients capable of => TLSv1.2 might be fine, but I do know how many support that; maybe
Eric Shubert
2014-10-22 14:45:21 UTC
Permalink
Post by Quinn Comendant
Post by Eric Shubert
In order to disable SSL in dovecot, you could either block the SSL
ports (993, 995) in the firewall, or change /etc/dovecot/toaster.conf
ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:DES-CBC3-SHA
Reconsider disabling SSLv3 ciphers! In OpenSSL they're used by TLSv1.0 and TLSv1.1. The TLSv1.1 protocol didn't introduce any new ciphers, it uses SSLv3 ciphers. If you do this—as far as I've read, I didn't try—TLS for clients that don't support at least version 1.2 will stop working.
https://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites
The correct action is to disable the SSLv3 protocol itself, if possible. Limiting connections to clients capable of => TLSv1.2 might be fine, but I do know how many support that; maybe most?
Quinn
Good points, thanks. Given this bit, it would seem that closing the SSL
ports, either at the firewall or by restricting the ports dovecot uses
by adding a listen option to the pop3 and imap sections, would be
effective. Here's the bit from dovecot's example.conf file (which has
been somewhat negligently omitted from the QMT dovecot package - my
mistake):
# If you want to specify ports for each service, you will need to configure
# these settings inside the protocol imap/pop3 { ... } section, so you can
# specify different ports for IMAP/POP3. For example:
# protocol imap {
# listen = *:10143
# ssl_listen = *:10943
# ..
# }
# protocol pop3 {
# listen = *:10100
# ..
# }
#listen = *

I expect there will always be some confusion about SSL/TLS. The dovecot
wiki (http://wiki2.dovecot.org/SSL) explains things pretty well.

I'm still not real clear though on where the poodle vulnerability
exactly lies, so I'm a little unsure. What I do know is that Qualys
regards the risk as relatively low, so I wouldn't lose any sleep over
this one.

Thanks.
--
-Eric 'shubes'


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Quinn Comendant
2014-10-22 15:21:52 UTC
Permalink
Post by Catalin Leanca
I managed to disable SSLv3 in /etc/courier/imapd-ssl and
/etc/courier/pop3-ssl
Changed TLS_PROTOCOL=SSLv3 to TLS_PROTOCOL=TLS1
Catalin (and others): have you succeeded in disabling SSLv3 in courier? When I try this configuration, I am unable to connect even with a TLS-compatible client, not even the openssl itself:

openssl s_client -state -nbio -connect mail.example.com:993

I get this output:

CONNECTED(00000003)
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
SSL_connect:error in SSLv2/v3 read server hello A
read:errno=54

According to the openssl documentation, this error usually results from the connection not being able to auto-negotiate a suitable ssl version to use. So, I force a TLS connection using -tls1:

openssl s_client -state -nbio -connect oak2.strangecode.com:993 -tls1

And then I get a successful connection with the openssl client. The problem is the real IMAP client I use (Gyazmail) doesn't connect (thought it does support TLS). Perhaps it is trying SSLv3 first, and fails to negotiate to TLS?

I read also some Courier versions have this problem, some not [1]. I'd appreciate if you could run the above openssl command (without -tls1) and let me know if it connects for you or not.

BTW, if you want to test that your server refuses SSLv3 connections, run the openssl client with '-ssl3'.

Quinn

[1] http://sourceforge.net/p/courier/mailman/message/17185523/

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Catalin Leanca
2014-10-22 17:01:54 UTC
Permalink
For me , that command works.
I also modified IMAPDSSLSTART=NO and IMAP_TLS_REQUIRED=1
Post by Quinn Comendant
Post by Catalin Leanca
I managed to disable SSLv3 in /etc/courier/imapd-ssl and
/etc/courier/pop3-ssl
Changed TLS_PROTOCOL=SSLv3 to TLS_PROTOCOL=TLS1
openssl s_client -state -nbio -connect mail.example.com:993
CONNECTED(00000003)
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
SSL_connect:error in SSLv2/v3 read server hello A
read:errno=54
openssl s_client -state -nbio -connect oak2.strangecode.com:993 -tls1
And then I get a successful connection with the openssl client. The problem is the real IMAP client I use (Gyazmail) doesn't connect (thought it does support TLS). Perhaps it is trying SSLv3 first, and fails to negotiate to TLS?
I read also some Courier versions have this problem, some not [1]. I'd appreciate if you could run the above openssl command (without -tls1) and let me know if it connects for you or not.
BTW, if you want to test that your server refuses SSLv3 connections, run the openssl client with '-ssl3'.
Quinn
[1] http://sourceforge.net/p/courier/mailman/message/17185523/
---------------------------------------------------------------------
--
CS Catalin LEANCA
ICI ROTLD - Serviciul Tehnic
Bd. Maresal Averescu 8-10,
Sector 1, Bucuresti


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Loading...