Mailing List Archive

Expiriences with TLS 1.3
Hi,

is anyone of you running TLS 1.3 already ?

If so, any problems ?

best regards,
Marius

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On 28/01/2019 10:50, Cyborg via Exim-users wrote:
> is anyone of you running TLS 1.3 already ?

It functions fine in the Exim regression-test suite,
on systems having suitable library support.

I've not seen any such connections in production yet.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Am 28.01.19 um 12:56 schrieb Jeremy Harris via Exim-users:
> On 28/01/2019 10:50, Cyborg via Exim-users wrote:
>> is anyone of you running TLS 1.3 already ?
> It functions fine in the Exim regression-test suite,
> on systems having suitable library support.
>
> I've not seen any such connections in production yet.

Got this info this morning:

Fedora has released  an openssl 1.1.1a testpackage for F30 and F29, but
does not plan to port it to F28.

Which is good, and sad on the other hand, because half the users are not
getting it :(

is there any special exim version needed to test it? I may have options
to test it on a server?

best regards,
Marius



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On Mon, 28 Jan 2019, Jeremy Harris via Exim-users wrote:

> On 28/01/2019 10:50, Cyborg via Exim-users wrote:
>> is anyone of you running TLS 1.3 already ?
>
> It functions fine in the Exim regression-test suite,
> on systems having suitable library support.
>
> I've not seen any such connections in production yet.

I see many header lines like:

Received: from smtp.spodhuis.org ([2a02:898:31:0:48:4558:736d:7470]:34422
helo=mx.spodhuis.org)
by hummus.csx.cam.ac.uk with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
(Exim 4.91) (envelope-from <pdp@exim.org>) id 1f8ZjZ-0007nY-8Q
for exim-dev@exim.org; Wed, 18 Apr 2018 00:09:57 +0100

in my exim email folder.

I believe this means that at least the exim server receives TLSv1.3
connections from at least one exim developer
and has been doing so for about nine months.

--
Andrew C. Aitchison Cambridge, UK
andrew@aitchison.me.uk

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On 28/01/2019 14:13, Cyborg via Exim-users wrote:
> is there any special exim version needed to test it?

The yet-to-be-released 4.92 has significant changes
supporting the more-recent TLS library versions
required. 4.92-RC5 was just announced, or you
can build from source using either the master or
4.next branches.

> I may have options
> to test it on a server?

Sorry, I can't parse what you're asking.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On Mon, 28 Jan 2019, Jeremy Harris via Exim-users wrote:

> On 28/01/2019 10:50, Cyborg via Exim-users wrote:
>> is anyone of you running TLS 1.3 already ?
>
> It functions fine in the Exim regression-test suite,
> on systems having suitable library support.
>
> I've not seen any such connections in production yet.

I see many header lines like:

Received: from smtp.spodhuis.org ([2a02:898:31:0:48:4558:736d:7470]:34422
helo=mx.spodhuis.org)
by hummus.csx.cam.ac.uk with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
(Exim 4.91) (envelope-from <pdp@exim.org>) id 1f8ZjZ-0007nY-8Q
for exim-dev@exim.org; Wed, 18 Apr 2018 00:09:57 +0100

in my exim email folder.

I believe this means that at least the exim server receives TLSv1.3
connections from at least one exim developer
and has been doing so for about nine months.

--
Andrew C. Aitchison Cambridge, UK
andrew@aitchison.me.uk

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
> On Jan 28, 2019, at 6:56 AM, Jeremy Harris via Exim-users <exim-users@exim.org> wrote:
>
>> is anyone of you running TLS 1.3 already ?
>
> It functions fine in the Exim regression-test suite,
> on systems having suitable library support.
>
> I've not seen any such connections in production yet.

As part of the DANE adoption survey I record the negotiated TLS
version for the various MX hosts involved.

Out of 9287 IP endpoints, the top 10 TLS protocol + cipher counts
were:

5765 TLS = TLS12 with ECDHE-RSA-AES256GCM-SHA384,P256
955 TLS = TLS12 with ECDHE-RSA-AES256GCM-SHA384,X25519
554 TLS = TLS13 with AES256GCM-SHA384,X25519,RSA
548 TLS = TLS12 with DHE-RSA-AES256GCM-SHA384
398 TLS = TLS12 with ECDHE-RSA-AES256GCM-SHA384,P384
156 TLS = TLS13 with AES256GCM-SHA384,P256,RSA
130 TLS = TLS12 with ECDHE-RSA-AES128GCM-SHA256,P256
117 TLS = TLS13 with AES256GCM-SHA384,P384,RSA
86 TLS = TLS13 with CHACHA20POLY1305-SHA256,X25519,RSA
76 TLS = TLS12 with ECDHE-RSA-CHACHA20POLY1305-SHA256,P384

So TLS 1.3 is getting used. For example, at udmedia.de which handles
over 20k customer DANE domains and vevida.com which handles over 30k
customer domains. DANE domains with TLS 1.3 that exchange enough email
volume with Gmail to appear in Google's email transparency report include:

univie.ac.at
open.ch
vevida.com
ruhr-uni-bochum.de
xs4all.nl
freebsd.org

--
Viktor.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On 28/01/2019 15:43, Viktor Dukhovni via Exim-users wrote:
> DANE domains with TLS 1.3 that exchange enough email
> volume with Gmail to appear in Google's email transparency report include:
>
> univie.ac.at

Univie, at least, are claiming Exim 4.91 in their banner. I don't
know if they run patches, but I do know that at least one person
there is an active supporter of Exim development.

vevida.com and freebsd.org look like Postfix.
xs4ll.nl is Sendmail.

I couldn't identify the others - but it seems there's quite reasonable
coverage for TLS1.3 in available MTAs.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
It could be a transparent reverse Proxy, or firewall that are
responsible for the encryption in case Exim 4.91 does not support TLS
1.3.

Den mån 28 jan. 2019 kl 17:16 skrev Jeremy Harris via Exim-users
<exim-users@exim.org>:
>
> On 28/01/2019 15:43, Viktor Dukhovni via Exim-users wrote:
> > DANE domains with TLS 1.3 that exchange enough email
> > volume with Gmail to appear in Google's email transparency report include:
> >
> > univie.ac.at
>
> Univie, at least, are claiming Exim 4.91 in their banner. I don't
> know if they run patches, but I do know that at least one person
> there is an active supporter of Exim development.
>
> vevida.com and freebsd.org look like Postfix.
> xs4ll.nl is Sendmail.
>
> I couldn't identify the others - but it seems there's quite reasonable
> coverage for TLS1.3 in available MTAs.
> --
> Cheers,
> Jeremy
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On 28/01/2019 17:09, Jeremy Harris via Exim-users wrote:
> On 28/01/2019 15:43, Viktor Dukhovni via Exim-users wrote:
>> univie.ac.at
>
> Univie, at least, are claiming Exim 4.91 in their banner. I don't
> know if they run patches, but I do know that at least one person
> there is an active supporter of Exim development.

That's correct;-) I tried 4.91 with OpenSSL 1.1.1 on a smaller system and
since it did well I use it on all MX and MSA hosts for univie.ac.at since last
October. It works pretty well without specific SSL patches. No troubles so
far. In 4.91 you can't define the new ciphers or other settings for 1.3, but
that's not necessary currently IMO since the defaults are fine.

Especially on the MSAs I see many Thunderbirds (mostly Linux) connecting with
1.3 already since recent NSS supports it as well.

Feel free to send mail to echo@univie.ac.at to test against our Exim.

I use 4.92-RCx on an other system with OpenSSL 1.1.1 and it works fine as well.

Greetings, Wolfgang
--
Wolfgang Breyha <wbreyha@gmx.net> | http://www.blafasel.at/
Vienna University Computer Center | Austria


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Am 28.01.19 um 17:55 schrieb Wolfgang Breyha via Exim-users:
> On 28/01/2019 17:09, Jeremy Harris via Exim-users wrote:
>> On 28/01/2019 15:43, Viktor Dukhovni via Exim-users wrote:
>>> univie.ac.at
>> Univie, at least, are claiming Exim 4.91 in their banner. I don't
>> know if they run patches, but I do know that at least one person
>> there is an active supporter of Exim development.
> That's correct;-) I tried 4.91 with OpenSSL 1.1.1 on a smaller system and
> since it did well I use it on all MX and MSA hosts for univie.ac.at since last
> October. It works pretty well without specific SSL patches. No troubles so
> far. In 4.91 you can't define the new ciphers or other settings for 1.3, but
> that's not necessary currently IMO since the defaults are fine.
>
So a stock 4.91 will work . Thanks for the info, i will try it out asap.

best regards,
Marius


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Cyborg via Exim-users <exim-users@exim.org> wrote:
[TLS 1.3]
> So a stock 4.91 will work . Thanks for the info, i will try it out asap.

For GnuTLS you will need exim 4.92(beta/rc). See #2359

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Hi,

On 28.01.19 11:50, Cyborg via Exim-users wrote:
> is anyone of you running TLS 1.3 already ?

I am using it on stock Ubuntu 18.10 (Exim is version 4.91-6ubuntu1,
gnutls is 3.6.4-2ubuntu1) on a relatively low volume secondary MX.

> If so, any problems ?

Works fine, beside the fact that the Exim version shipped with Ubuntu
18.10 does not give you full control over the TLS 1.3 details in the
cipher string (I usually define ciphers I allow and even more important
the server precende via tls_require_ciphers). However, in contrast to
TLS 1.2 (which has some weak ciphers) all ciphers available in the
current TLS 1.3 implementation are fine (as of now) and there is no need
to tune that now.

hth.
--
Thomas

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Am 28.01.19 um 22:29 schrieb exim-users--- via Exim-users:
> Hi,
>
> On 28.01.19 11:50, Cyborg via Exim-users wrote:
>> is anyone of you running TLS 1.3 already ?
> I am using it on stock Ubuntu 18.10 (Exim is version 4.91-6ubuntu1,
> gnutls is 3.6.4-2ubuntu1) on a relatively low volume secondary MX.
>

Good News everyone!

Thanks for all the input... I may present Fedora 28's first TLS 1.3 Exim
Server :D

confirmed by checktls.com

[000.099]
Connected to server
[000.201] <--  220 xxx.resellerdesktop.de ESMTP Exim 4.91 Mon, 28 Jan
2019 22:49:51 +0100
[000.201]
We are allowed to connect
[000.201]  --> EHLO www6.CheckTLS.com
[000.299] <--  250-XXX.resellerdesktop.de Hello www6.checktls.com
[159.89.187.50]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
[000.300]
We can use this server
[000.300]
TLS is an option on this server
[000.300]  --> STARTTLS
[000.425] <--  220 TLS go ahead
[000.425]
STARTTLS command works on this server
[000.557]
Connection converted to SSL


SSLVersion in use: *TLSv1_3*


Cipher in use: TLS_AES_256_GCM_SHA384


serialNumber=03:06:78:2c:10:74:ad:f3:10:91:27:d2:92:a5:a1:8b:81:38


issuer= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3


-----------------

and all it took was to install these 3 packages :

-rw-r--r-- 1 root root   46760 26. Okt 11:46
crypto-policies-20181026-1.gitd42aaa6.fc29.noarch.rpm
-rw-r--r-- 1 root root  625824 15. Jan 15:43
openssl-1.1.1a-1.fc29.x86_64.rpm
-rw-r--r-- 1 root root 1395348 15. Jan 15:43
openssl-libs-1.1.1a-1.fc29.x86_64.rpm

and restarting Exim.


good night,
Marius

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
On 28/01/2019 10:50, Cyborg via Exim-users wrote:
> is anyone of you running TLS 1.3 already ?

In other related news, iOS 12.2 (just out for developers)
enables TLS 1.3 by default.
--
Cheers,
Jeremy


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Jeremy Harris via Exim-users ????? 2019-01-28 13:56:
> I've not seen any such connections in production yet.

FreeBSD 12 have OpenSSL 1.1.1 in base system so I see entries in the
Exim log.

Jan 29 08:30:44 beta exim[2522]: 1goMux-0000eg-Dq <=
bugzilla-noreply@freebsd.org H=mx2.freebsd.org
[2001:1900:2254:206a::19:2] I=[2001:470:28:26f::1]:25 P=esmtps
X=TLSv1.3:TLS_AES_256_GCM_SHA384:256 CV=no S=3612 from
<bugzilla-noreply@freebsd.org> for max@kostikov.co

--
With best regards,
Max Kostikov

W: https://kostikov.co | BBM: 24CA5DF8
Re: Expiriences with TLS 1.3 [ In reply to ]
On Tue, Jan 29, 2019 at 06:53:33PM +0200, Max Kostikov via Exim-users wrote:

> Jeremy Harris via Exim-users ????? 2019-01-28 13:56:
> > I've not seen any such connections in production yet.
>
> FreeBSD 12 have OpenSSL 1.1.1 in base system so I see entries in the
> Exim log.

For the record, not in the base system, which has OpenSSL 1.0.2,
but in ports (unless my FreeBSD 12 release is already dated).

> Jan 29 08:30:44 beta exim[2522]: 1goMux-0000eg-Dq <=
> bugzilla-noreply@freebsd.org H=mx2.freebsd.org
> [2001:1900:2254:206a::19:2] I=[2001:470:28:26f::1]:25 P=esmtps
> X=TLSv1.3:TLS_AES_256_GCM_SHA384:256 CV=no S=3612 from
> <bugzilla-noreply@freebsd.org> for max@kostikov.co

And similar in Postfix:

Jan 28 14:24:59 straasha postfix/smtp[81533]:
Verified TLS connection established to mx.halon.io[159.253.27.254]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256)
server-signature RSA-PSS (2048 bits) server-digest SHA256

Jan 29 11:42:45 straasha postfix/smtpd[7070]:
Anonymous TLS connection established from mx2.freebsd.org[8.8.178.116]:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519
server-signature RSA-PSS (2048 bits) server-digest SHA256

--
Viktor.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Expiriences with TLS 1.3 [ In reply to ]
Viktor Dukhovni via Exim-users ????? 2019-01-29 19:18:
> On Tue, Jan 29, 2019 at 06:53:33PM +0200, Max Kostikov via Exim-users
> wrote:
>
>> Jeremy Harris via Exim-users ????? 2019-01-28 13:56:
>> > I've not seen any such connections in production yet.
>>
>> FreeBSD 12 have OpenSSL 1.1.1 in base system so I see entries in the
>> Exim log.
>
> For the record, not in the base system, which has OpenSSL 1.0.2,
> but in ports (unless my FreeBSD 12 release is already dated).

Wrong.

https://www.freebsd.org/releases/12.0R/relnotes.html
> ...
> OpenSSL has been updated to version 1.1.1a
> ...

Console output from one of my FreeBSD systems:
> root@eprove:~ # uname -v
> FreeBSD 12.0-RELEASE-p2 GENERIC
> root@eprove:~ # openssl version
> OpenSSL 1.1.1a-freebsd 20 Nov 2018


--
With best regards,
Max Kostikov

W: https://kostikov.co | BBM: 24CA5DF8
Re: Expiriences with TLS 1.3 [ In reply to ]
On 2019-01-28 at 15:09 +0000, Andrew C Aitchison via Exim-users wrote:
> I see many header lines like:
>
> Received: from smtp.spodhuis.org ([2a02:898:31:0:48:4558:736d:7470]:34422
> helo=mx.spodhuis.org)
> by hummus.csx.cam.ac.uk with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
> (Exim 4.91) (envelope-from <pdp@exim.org>) id 1f8ZjZ-0007nY-8Q
> for exim-dev@exim.org; Wed, 18 Apr 2018 00:09:57 +0100

FWIW, I use a Transport override so that mail going to the Hummus
machine connects to port 26 instead of port 25. Port 26 is where we
install things like RCs or run tests before rolling changes out to port
25. Anyone who wants can make a similar change, I don't anticipate us
ending the use of port 26 for "next-exim". Just beware that things
might break so if you get mail queuing up, be prepared to switch back
(and provide logs pointing to what we've/I've messed up).

I do need to get around to installing the latest RC. Sorry Heiko.

next-exim is currently:
Library version: OpenSSL: Compile: OpenSSL 1.1.1-pre5 (beta) 17 Apr 2018
Runtime: OpenSSL 1.1.1-pre8 (beta) 20 Jun 2018
and I should fix that too.

-Phil

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/