SSL/TLS -- STARTTLS

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
deadManN
New user
New user
Posts: 10
Joined: 2018-10-29 15:49

SSL/TLS -- STARTTLS

Post by deadManN » 2018-12-12 10:58

Dear folks,

I just had some question regarding encryption, and secure channel...

First: I configure my server using SSL/TLS and for other application the default port seem to be: 587,993,995, while for STARTTLS they offer normal non encrypted ports.... does it mean that i should modify my other ports, and assign certificate and STARTTLS to it and publish it as plain/non-encrypted channel? (as i hear it promote a non-encrypted channel to use encryption while sending data)

Second: When i configure thunderbird to use my ssl/tls it doesn't support encrypted password, and when i search the net, it always come up with starttls, not the ssl/tls... it encrypted password part of STARTTLS? is SSL/TLS safe for password transfer?

Any other information that may help?

palinka
Senior user
Senior user
Posts: 510
Joined: 2017-09-12 17:57

Re: SSL/TLS -- STARTTLS

Post by palinka » 2018-12-12 12:04

SSL and TLS both provide a way to encrypt a communication channel between two computers (e.g. your computer and our server). TLS is the successor to SSL and the terms SSL and TLS are used interchangeably unless you're referring to a specific version of the protocol.

STARTTLS is a way to take an existing insecure connection, and upgrade it to a secure connection using SSL/TLS. Note that despite having TLS in the name, STARTTLS doesn't mean you have to use TLS, you can use SSL.
I copied this from the web. Good, concise explanation.

Make ports 25, 110 & 143 starttls optional and whoever connects has the ability to upgrade to a secure connection.

Passwords will be exchanged in an encrypted format with both ssl/tls and starttls.

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2018-12-12 13:05

In hmailserver terminology it is a little different

There are SSL connections - ports 465, 993 and 995 typically (not 587)
For these the connection is made secure from the outset. Very first thing is certificate exchange.

There are StartTLS connections - typically port 25 optional, 110 required, 143 required and 587 required
Optional means that a connection may be StartTLS or may be unencrypted (normal)
Required means that the connections MUST be StartTLS encrypted.

StartTLS is where the connections happens, then security certificates and protocols are negotiated, before user names or passwords are exchanged.

In Hmailserver we also have SSL/TLS options of SSLv3.0, TLSv1.0, TLSv1.1 and TLSv1,2
This is where SSL encryption protocols have been replaced over time with TLS protocols
SSLv3.0 is obsolete and is broken, and definitely should not be used
TLSv1.0 is becoming obsolete, but typically about 1/5 of normal mail would still use it
TLSv1.1 is very rarely used in my experience
TLSv1.2 has just been superseded by TLSv1.3, but TLSv1.3 is so new that many security people are 'watching this space' before committing resources to implement it. And when I say just superseded, in mean in the last few months.

I have been running my server on TLSv1.2 for just over a month, with no visible signs of missing any emails except one newsletter from the Australian Tax Office (but I get their regular mail)

Office365 have threatened to go TLS1.2 only, but haven't made the jump yet.

SO I say
port 25 - SMTP -StartTLS optional
Port 110 - PO3 - StartTLS required (make sure that your mail clients match this before making it required, start with optional)
Port 143 - IMAP - StartTLS required (make sure that your mail clients match this before making it required, start with optional)
Port 465 - SMTP - SSL
port 587 - SMTP (or called submission) - StartTLS required
port 993 - IMAP - SSL
port 995 - POP3 - SSL

And also check the 'protocol >> SMTP >> Advanced >> 'Use StartTLS if available' is checked - this is for outgoing communication
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2018-12-12 13:08

deadManN wrote:
2018-12-12 10:58
Second: When i configure thunderbird to use my ssl/tls it doesn't support encrypted password, and when i search the net, it always come up with starttls, not the ssl/tls... it encrypted password part of STARTTLS? is SSL/TLS safe for password transfer?
Password is PLAIN for hMailserver
The connection is encrypted with SSL or StartTLS, then the username and password exchange is encrypted.

You do need to watch for man in the middle attacks, so verify certificates when ever you can. Many antivirus that do mail inspection are essentially a man in the middle, so they use their own certs, which won't validate.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

deadManN
New user
New user
Posts: 10
Joined: 2018-10-29 15:49

Re: SSL/TLS -- STARTTLS

Post by deadManN » 2018-12-12 14:49

Thank you

User avatar
jim.bus
Normal user
Normal user
Posts: 115
Joined: 2011-05-28 11:49
Location: US

Re: SSL/TLS -- STARTTLS

Post by jim.bus » 2018-12-16 07:36

In my case (but my server is pretty much isolated to users completely under my control), I simply do not want any Client Connections (ex. Outlook or Thunderbird) connections to my hMailServer which are not encrypted no matter what client connection port is being used (25, 465, 110, 995, 587 - I do not use IMAP). So I just require all Client Connections to my hMailServer to be encrypted with either SSL/TLS or StartTLS Required.

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2018-12-16 09:41

including for incoming port 25 mail messages ?
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jim.bus
Normal user
Normal user
Posts: 115
Joined: 2011-05-28 11:49
Location: US

Re: SSL/TLS -- STARTTLS

Post by jim.bus » 2018-12-19 10:50

MattG,

You got me there regarding Port 25.

There are incoming messages to hMailServer using Port 25 and there are incoming message to hMailServer coming from the Client (in my case Outlook) which potentially could come through Port 25.

Because I cannot require Port 25 to use StartTLS (Required) for server to server connections, I have to specify hMailServer to use StartTLS (Optionall) which means Outlook could get away with sending email messages unencrypted on Port 25. I suppose I could set up a non-standard Outlook outgoing Port and specify StartTLS (Required) for that non-standard Outlook Port but I opted to keep Port 25 because I preferred to keep using the standard Ports most Client Users are used to using (it also wouldn't prevent an Outlook User to specify Port 25 anyway) and since I pretty much control all my Client Users meaning my hMailServer is only for my personal use and is not used as a Commercial Server or in an operation with many Client Users it works well for me. I only have about 5 actual user accounts (of which 3 of the accounts I alone use and the other 2 are used by another person) though I have somewhere between 200 to 300 Email IDs of which the ones over the 5 users are all forwarding Email IDs. The other user also wouldn't know how to change the Outlook Port Setting as well.

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2018-12-20 00:56

In the hMailserver.ini

You could add this to the bottom

Code: Select all

[settings]
DisableAUTHList=25
; Setting DisableAUTHList allows you to specify a comma-separated list of SMTP ports which authentication should not be enabled for.
; This is useful when working with legacy systems with malfunctioning SMTP support.
This makes your hmailserver to NOT allow AUTH from the specified port.
Others servers can still connect using StartTLS Optional
However your users have to use other ports, which could include the standard SSL/TLS port 465, or the standard Submission port of 587 - StartTLS Required

This stops the dozens of attempts per day to guess credentials, when ever they try AUTH on port 25, they are just dropped

I also require SSL connections for AUTH in all IP ranges
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jim.bus
Normal user
Normal user
Posts: 115
Joined: 2011-05-28 11:49
Location: US

Re: SSL/TLS -- STARTTLS

Post by jim.bus » 2018-12-30 10:49

MattG,

Interesting. I will have to look into that as I really don't want anybody to connect from a client to send email using Port 25 such as with Outlook and I only want the client (such as Outlook) to be able to send emails which are use Ports 465 or 587 encrypted to hMailServer. Your suggestion does look like it would make that possible.

Thanks.

User avatar
Dravion
Senior user
Senior user
Posts: 1150
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: SSL/TLS -- STARTTLS

Post by Dravion » 2018-12-30 11:34

STARTLS isnt really a encryption.

Its more like:

*Client logs on to server (unencrpted)
*Check if the Server respomds with STARTLS
*If yes, upgrading to SSL/TLS

So, STARTTLS is short and simple SSL/TLS
behind the curtains.
64-Bit builds of hMailserver

hMailServer-5.6.+ (HCD) https://github.com/hMailServer-ComDevs/hmailserver
hMailServer-5.6.+ (LTS) https://github.com/Dravion/hMailServer/releases

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2018-12-30 22:41

You forgot the 'for StartTLS Required' step

*If client doesn't respond to server's offer of StartTLS by upgrading connection to SSL/TLS, then connection dropped
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
RvdH
Senior user
Senior user
Posts: 629
Joined: 2008-06-27 14:42
Location: Netherlands

Re: SSL/TLS -- STARTTLS

Post by RvdH » 2019-01-04 17:21

@ mattg

how do you (if you did) update the cipherlist used by hmailserver for use with tls 1.2 only?

https://www.openssl.org/docs/man1.0.2/apps/ciphers.html

Code: Select all

openssl ciphers -v TLSv1.2

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
DH-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH/DSS   Au=DH   Enc=AESGCM(256) Mac=AEAD
DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
DH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH/RSA   Au=DH   Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
DH-RSA-AES256-SHA256    TLSv1.2 Kx=DH/RSA   Au=DH   Enc=AES(256)  Mac=SHA256
DH-DSS-AES256-SHA256    TLSv1.2 Kx=DH/DSS   Au=DH   Enc=AES(256)  Mac=SHA256
ADH-AES256-GCM-SHA384   TLSv1.2 Kx=DH       Au=None Enc=AESGCM(256) Mac=AEAD
ADH-AES256-SHA256       TLSv1.2 Kx=DH       Au=None Enc=AES(256)  Mac=SHA256
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
DH-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH/DSS   Au=DH   Enc=AESGCM(128) Mac=AEAD
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
DH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH/RSA   Au=DH   Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256
DH-RSA-AES128-SHA256    TLSv1.2 Kx=DH/RSA   Au=DH   Enc=AES(128)  Mac=SHA256
DH-DSS-AES128-SHA256    TLSv1.2 Kx=DH/DSS   Au=DH   Enc=AES(128)  Mac=SHA256
ADH-AES128-GCM-SHA256   TLSv1.2 Kx=DH       Au=None Enc=AESGCM(128) Mac=AEAD
ADH-AES128-SHA256       TLSv1.2 Kx=DH       Au=None Enc=AES(128)  Mac=SHA256
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-RSA-AES128-SHA256  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128)  Mac=SHA256
ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128)  Mac=SHA256
AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
NULL-SHA256             TLSv1.2 Kx=RSA      Au=RSA  Enc=None      Mac=SHA256

running

Code: Select all

openssl ciphers TLSv1.2
returns:

Code: Select all

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:ADH-AES256-GCM-SHA384:ADH-AES256-SHA256:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:AES256-GCM-SHA384:AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:ADH-AES128-GCM-SHA256:ADH-AES128-SHA256:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:AES128-GCM-SHA256:AES128-SHA256:NULL-SHA256
Should/could that be used in hmailadmin cipherlist to be tls 1.2 only?
CIDR to RegEx: d-fault.nl/CIDRtoRegEx
DNS Lookup: d-fault.nl/DNSTools
DNSBL Lookup: d-fault.nl/DNSBLLookup
GEOIP Lookup: d-fault.nl/GeoipLookup

User avatar
Dravion
Senior user
Senior user
Posts: 1150
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: SSL/TLS -- STARTTLS

Post by Dravion » 2019-01-04 21:27

Thunderbird has a long History of STARTTLS Problems for Port 993 and 995. This seems to be fixed in version 60+. As workarround SMTP and IMAP/POP3 Serveradmins used STARTTLS Required on IMAP unencrypted Port 143 and unencrypted POP3 with STARTTLS Required.

Its more a Workarround for Broken-Clients.

ps: This is not hMailServer specific Problem, its the same on UNIX/LINUX for example Cyrus IMAP, Dovecot IMAP, Courier IMAP or UW-IMAPD.
64-Bit builds of hMailserver

hMailServer-5.6.+ (HCD) https://github.com/hMailServer-ComDevs/hmailserver
hMailServer-5.6.+ (LTS) https://github.com/Dravion/hMailServer/releases

User avatar
mattg
Moderator
Moderator
Posts: 19366
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SSL/TLS -- STARTTLS

Post by mattg » 2019-01-05 00:02

This is my current list

Code: Select all

kEDH+AESGCM
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
DHE-RSA-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA256
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA
DHE-RSA-AES256-SHA
!aNULL
!eNULL
!EXPORT
!DES
!3DES
!MD5
!PSK;
I used advice from this site >> https://ssl-tools.net/mailservers/ssllabs.com
(currently down)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Post Reply