Any Microsoft Exchange employees monitoring this list? If so, you may want to pay attention to this thread:
A preview of the latest response from Wietse...
---------- Forwarded message ----------
From: Wietse Venema
Date: Oct 24, 2006 2:27 PM
Subject: Re: Postfix/Exchange TLS interoperability
> On Mon, Oct 23, 2006 at 10:00:50PM -0400, Victor Duchovni wrote:
> > There was a recent report of interoperability issues between Exchange
> > acting as TLS client, and Postfix acting as a TLS server. I have just
> > experienced the converse problem, and the packet capture shows severe
> > breakage on the Exchange side...
> I have found that this happens when the Postfix SMTP client insists on
> "HIGH" grade ciphers, causing Exchange to negotiate DES-CBC3-SHA, which
> it then gets wrong.
> When the Postfix SMTP client proposes both "HIGH" and "MEDIUM" strength
> ciphers (in that order) the Exchange server overrides the client cipher
> preference and elects RC4-MD5, which does not exhibit the problem.
> So the trick with at least some versions of the Exchange software is to
> allow Exchange to select the RC4-MD5 combination despite the fact that
> both are deprecated (RC4 has a poor key-schedule, and MD5 is no longer
> collision resistant).
Is the Postfix default setting OK for Exchange?
- If yes, then we need to add a warning to Postfix documentation
so that people know bad things may happen when they make a change.
- If no, then we may have ti change the default. The primary purpose
of Postfix is to deliver mail, not to satisfy purists.