mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-3.10-20250215

Browse Source
This commit is contained in:
Wietse Z Venema 2025-02-15 00:00:00 -05:00 committed by Viktor Dukhovni
parent d2018d3930
commit a5f2cae618
20 changed files with 622 additions and 555 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
postfix/HISTORY
View File

@ -28941,4 +28941,45 @@ Apologies for any names omitted.
requests for 60s. Files: global/dict_pgsql.c, global/dict_mysql.c,
proto/pgsql_table, proto/mysql_table.
20250210
Bugfix (defect introduced: Postfix 3.6): Reverted the default
smtp_tls_dane_insecure_mx_policy setting to "dane" as of Postfix
3.6.17, 3.7.13, 3.8.8, 3.9.2, and 3.10.0. By mistake the default
was dependent on the smtp_tls_security_level setting. Files:
global/mail_params.h, proto/postconf.proto, smtp/smtp.c.
20250210
Documentation: prefer 'submissions' over 'smtps'. Files:
proto/postconf.proto, proto/TLS_README.html.
20250212
Support for OpenSSL 3.5 post-quantum cryptography. To manage
algorithm selection, OpenSSL introduces new TLS group syntax
that Postfix will not attempt to imitate. Instead, Postfix
now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups
parameter values to have an empty value. When both are set
empty, the algorithm selection can be managed through OpenSSL
configuration. Viktor Dukhovni. Files: tls/tls_dh.c,
tls/tls_misc.c.
Bugfix (defect introduced: Postfix 3.4, date 20181113): a
server with multiple TLS certificates could report for a
resumed TLS session, in logging and Received: message
headers, the wrong server-signature and server-digest names.
Viktor Dukhovni. File: tls/tls_misc.c.
20250213
Documentation: updated postconf(5) that the parameters
smtpd_tls_eecdh_grade, tls_eecdh_strong_curve,
tls_eecdh_ultra_curve, and tlsproxy_tls_eecdh_grade, are
not used since Postfix 3.6; updated the tls_eecdh_auto_curves
and tls_ffdhe_auto_groups description with post-quantum
configuration; added a post-quantum example to the
tls_config_file description. File: proto/postconf.proto.
The unused parameters will be deleted in Postfix 3.11.
Postfix 3.10 code freeze.

3
postfix/README_FILES/TLSRPT_README
View File

@ -235,7 +235,8 @@ Examples of smtp_tls_policy_maps plugins with MTA-STS support are:
* postfix-tlspol, supports domains with DANE (using Postfix built-in DANE),
and domains with MTA-STS.
* postfix-mta-sts-resolver, supports domains with MTA-STS.
* postfix-mta-sts-resolver, supports domains with MTA-STS as of release 1.5.0
(February 2025).
Both plugins can generate the additional name=value attributes that Postfix
needs for TLSRPT support (as of February 2025). This is enabled by setting a

99
postfix/README_FILES/TLS_README
View File

@ -374,12 +374,13 @@ This is true for OE (Win32 < 5.0 and Win32 >=5.0 when run on a port<>25 and OE
It is strictly discouraged to use this mode from main.cf. If you want to
support this service, enable a special port in master.cf and specify "-
o smtpd_tls_wrappermode=yes" (note: no space around the "=") as an smtpd(8)
command line option. Port 465 (smtps) was once chosen for this feature.
command line option. Port 465 (submissions, formerly called smtps) is the most
common example.
Example:
/etc/postfix/master.cf:
smtps inet n - n - - smtpd
submissions inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
CClliieenntt cceerrttiiffiiccaattee vveerriiffiiccaattiioonn
@ -760,7 +761,7 @@ Topics covered in this section:
* Discovering servers that support TLS
* Server certificate verification depth
* Client-side cipher controls
* Client-side SMTPS support
* Client-side submissions (formerly called smtps) support
* Miscellaneous client controls
CCoonnffiigguurriinngg TTLLSS iinn tthhee SSMMTTPP//LLMMTTPP cclliieenntt
@ -1970,48 +1971,51 @@ Example:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_protocols = !SSLv2,!SSLv3
CClliieenntt--ssiiddee SSMMTTPPSS ssuuppppoorrtt
CClliieenntt--ssiiddee ssuubbmmiissssiioonnss ((ffoorrmmeerrllyy ccaalllleedd ssmmttppss)) ssuuppppoorrtt
These sections show how to send mail to a server that does not support
STARTTLS, but that provides the SMTPS service on TCP port 465. Depending on the
Postfix version, some additional tooling may be required.
STARTTLS, but that provides the submissions (smtps) service on TCP port 465.
Depending on the Postfix version, some additional tooling may be required.
PPoossttffiixx >>== 33..00
The Postfix SMTP client has SMTPS support built-in as of version 3.0. Use one
of the following examples, to send all remote mail, or to send only some remote
mail, to an SMTPS server.
The Postfix SMTP client has submissions service support built-in as of version
3.0. Use one of the following examples, to send all remote mail, or to send
only some remote mail, to a submissions (smtps) server.
PPoossttffiixx >>== 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aann SSMMTTPPSS sseerrvveerr
PPoossttffiixx >>== 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aa ssuubbmmiissssiioonnss ((ffoorrmmeerrllyy ccaalllleedd
ssmmttppss)) sseerrvveerr
The first example will send all remote mail over SMTPS through a provider's
The first example will send all remote mail to through a provider's submissions
server called "mail.example.com":
/etc/postfix/main.cf:
# Client-side SMTPS requires "encrypt" or stronger.
# Client-side submissions requires "encrypt" or stronger.
smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
# The [] suppress MX lookups.
relayhost = [mail.example.com]:465
relayhost = [mail.example.com]:submissions
Use "postfix reload" to make the change effective.
See SOHO_README for additional information about SASL authentication.
PPoossttffiixx >>== 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn vviiaa SSMMTTPPSS
PPoossttffiixx >>== 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn ttoo aa ssuubbmmiissssiioonnss
((ffoorrmmeerrllyy ccaalllleedd ssmmttppss)) sseerrvviiccee
The second example will send only mail for "example.com" via SMTPS. This time,
Postfix uses a transport map to deliver only mail for "example.com" via SMTPS:
The second example will send only mail for "example.com" using the submissions
(smtps) service. This time, Postfix uses a transport map to deliver only mail
for "example.com" using the submissions (smtps) service:
/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
example.com relay-smtps:example.com:465
example.com relay-submissions:example.com:submissions
/etc/postfix/master.cf:
relay-smtps unix - - n - - smtp
# Client-side SMTPS requires "encrypt" or stronger.
relay-submissions unix - - n - - smtp
# Client-side submissions service requires "encrypt" or stronger.
-o smtp_tls_security_level=encrypt
-o smtp_tls_wrappermode=yes
@ -2022,62 +2026,7 @@ See SOHO_README for additional information about SASL authentication.
PPoossttffiixx << 33..00
Although older Postfix SMTP client versions do not support TLS wrapper mode, it
is relatively easy to forward a connection through the stunnel program if
Postfix needs to deliver mail to some legacy system that doesn't support
STARTTLS.
PPoossttffiixx << 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aann SSMMTTPPSS sseerrvveerr
The first example uses SMTPS to send all remote mail to a provider's mail
server called "mail.example.com".
A minimal stunnel.conf file is sufficient to set up a tunnel from local port
11125 to the remote destination "mail.example.com" and port "smtps". Postfix
will later use this tunnel to connect to the remote server.
/path/to/stunnel.conf:
[smtp-tls-wrapper]
accept = 11125
client = yes
connect = mail.example.com:smtps
To test this tunnel, use:
$ telnet localhost 11125
This should produce the greeting from the remote SMTP server at
mail.example.com.
On the Postfix side, the relayhost feature sends all remote mail through the
local stunnel listener on port 11125:
/etc/postfix/main.cf:
relayhost = [127.0.0.1]:11125
Use "postfix reload" to make the change effective.
See SOHO_README for additional information about SASL authentication.
PPoossttffiixx << 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn vviiaa SSMMTTPPSS
The second example will use SMTPS to send only mail for "example.com" via
SMTPS. It uses the same stunnel configuration file as the first example, so it
won't be repeated here.
This time, the Postfix side uses a transport map to direct only mail for
"example.com" through the tunnel:
/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
example.com relay:[127.0.0.1]:11125
Use "postmap hash:/etc/postfix/transport" and "postfix reload" to make the
change effective.
See SOHO_README for additional information about SASL authentication.
Please see TLS_LEGACY_README.
MMiisscceellllaanneeoouuss cclliieenntt ccoonnttrroollss

3
postfix/html/TLSRPT_README.html
View File

@ -345,7 +345,8 @@ postfix-tlspol</a>, supports domains with DANE (using Postfix
built-in DANE), and domains with MTA-STS. </p>
<li> <p> <a href="https://github.com/Snawoot/postfix-mta-sts-resolver">
postfix-mta-sts-resolver</a>, supports domains with MTA-STS. </p>
postfix-mta-sts-resolver</a>, supports domains with MTA-STS as of
release 1.5.0 (February 2025). </p>
</ul>

118
postfix/html/TLS_README.html
View File

@ -552,8 +552,8 @@ and OE (5.01 Mac on all ports). </p>
<p> It is strictly discouraged to use this mode from <a href="postconf.5.html">main.cf</a>. If
you want to support this service, enable a special port in <a href="master.5.html">master.cf</a>
and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" (note: no space around
the "=") as an <a href="smtpd.8.html">smtpd(8)</a> command line option. Port 465 (smtps) was
once chosen for this feature.
the "=") as an <a href="smtpd.8.html">smtpd(8)</a> command line option. Port 465 (submissions,
formerly called smtps) is the most common example.
</p>
<p> Example: </p>
@ -561,7 +561,7 @@ once chosen for this feature.
<blockquote>
<pre>
/etc/postfix/<a href="master.5.html">master.cf</a>:
smtps inet n - n - - smtpd
submissions inet n - n - - smtpd
-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes -o <a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>=yes
</pre>
</blockquote>
@ -1065,7 +1065,7 @@ key configuration </a>
<li> <a href="#client_cipher">Client-side cipher controls </a>
<li> <a href="#client_smtps">Client-side SMTPS support </a>
<li> <a href="#client_smtps">Client-side submissions (formerly called smtps) support </a>
<li> <a href="#client_misc"> Miscellaneous client controls </a>
@ -2560,32 +2560,33 @@ the TLS protocols used with opportunistic TLS. </p>
</pre>
</blockquote>
<h3> <a name="client_smtps">Client-side SMTPS support </a> </h3>
<h3> <a name="client_smtps">Client-side submissions (formerly called smtps) support </a> </h3>
<p> These sections show how to send mail to a server that does not
support STARTTLS, but that provides the SMTPS service
support STARTTLS, but that provides the submissions (smtps) service
on TCP port 465. Depending on the Postfix version, some additional
tooling may be required. </p>
<h4> Postfix &ge; 3.0 </h4>
<p> The Postfix SMTP client has SMTPS support built-in as of version
<p> The Postfix SMTP client has submissions service support built-in
as of version
3.0. Use one of the following examples, to send all remote mail,
or to send only some remote mail, to an SMTPS server. </p>
or to send only some remote mail, to a submissions (smtps) server. </p>
<h5> Postfix &ge; 3.0: Sending all remote mail to an SMTPS server </h5>
<h5> Postfix &ge; 3.0: Sending all remote mail to a submissions (formerly called smtps) server </h5>
<p> The first example will send all remote mail over SMTPS through
a provider's server called "mail.example.com": </p>
<p> The first example will send all remote mail to through a
provider's submissions server called "mail.example.com": </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
# Client-side SMTPS requires "encrypt" or stronger.
# Client-side submissions requires "encrypt" or stronger.
<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
<a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> = yes
# The [] suppress MX lookups.
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:465
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:submissions
</pre>
</blockquote>
@ -2595,11 +2596,12 @@ a provider's server called "mail.example.com": </p>
</p>
<h5> Postfix &ge; 3.0: Sending only mail for a specific destination
via SMTPS </h5>
to a submissions (formerly called smtps) service </h5>
<p> The second example will send only mail for "example.com" via
SMTPS. This time, Postfix uses a transport map to deliver only
mail for "example.com" via SMTPS: </p>
<p> The second example will send only mail for "example.com" using
the submissions (smtps) service.
This time, Postfix uses a transport map to deliver only
mail for "example.com" using the submissions (smtps) service: </p>
<blockquote>
<pre>
@ -2607,11 +2609,11 @@ mail for "example.com" via SMTPS: </p>
<a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
/etc/postfix/transport:
example.com relay-smtps:example.com:465
example.com relay-submissions:example.com:submissions
/etc/postfix/<a href="master.5.html">master.cf</a>:
relay-smtps unix - - n - - smtp
# Client-side SMTPS requires "encrypt" or stronger.
relay-submissions unix - - n - - smtp
# Client-side submissions service requires "encrypt" or stronger.
-o <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a>=encrypt
-o <a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a>=yes
</pre>
@ -2625,81 +2627,7 @@ authentication. </p>
<h4> Postfix &lt; 3.0 </h4>
<p> Although older Postfix SMTP client versions do not support TLS
wrapper mode, it is relatively easy to forward a connection through
the stunnel program if Postfix needs to deliver mail to some legacy
system that doesn't support STARTTLS. </p>
<h5> Postfix &lt; 3.0: Sending all remote mail to an SMTPS server </h5>
<p> The first example uses SMTPS to send all remote mail to a
provider's mail server called "mail.example.com". </p>
<p> A minimal stunnel.conf file is sufficient to set up a tunnel
from local port 11125 to the remote destination "mail.example.com"
and port "smtps". Postfix will later use this tunnel to connect to
the remote server. </p>
<blockquote>
<pre>
/path/to/stunnel.conf:
[smtp-tls-wrapper]
accept = 11125
client = yes
connect = mail.example.com:smtps
</pre>
</blockquote>
<p> To test this tunnel, use: </p>
<blockquote>
<pre>
$ telnet localhost 11125
</pre>
</blockquote>
<p> This should produce the greeting from the remote SMTP server
at mail.example.com. </p>
<p> On the Postfix side, the <a href="postconf.5.html#relayhost">relayhost</a> feature sends all remote
mail through the local stunnel listener on port 11125: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#relayhost">relayhost</a> = [127.0.0.1]:11125
</pre>
</blockquote>
<p> Use "postfix reload" to make the change effective. </p>
<p> See <a href="SOHO_README.html">SOHO_README</a> for additional information about SASL
authentication. </p>
<h4> Postfix &lt; 3.0: Sending only mail for a specific destination via SMTPS </h4>
<p> The second example will use SMTPS to send only mail for
"example.com" via SMTPS. It uses the same stunnel configuration
file as the first example, so it won't be repeated here. </p>
<p> This time, the Postfix side uses a transport map to direct only
mail for "example.com" through the tunnel: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
/etc/postfix/transport:
example.com relay:[127.0.0.1]:11125
</pre>
</blockquote>
<p> Use "postmap <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport" and "postfix reload"
to make the change effective. </p>
<p> See <a href="SOHO_README.html">SOHO_README</a> for additional information about SASL authentication.
</p>
<p> Please see <a href="TLS_LEGACY_README.html">TLS_LEGACY_README</a>. </p>
<h3> <a name="client_misc"> Miscellaneous client controls </a> </h3>

5
postfix/html/lmtp.8.html
View File

@ -691,11 +691,12 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
Request that the Postfix SMTP client connects using the SUBMIS-
SIONS/SMTPS protocol instead of using the STARTTLS command.
SIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (see 'postconf -d' output)</b>
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup.

120
postfix/html/postconf.5.html
View File

@ -11010,11 +11010,11 @@ use the same program name. </p>
<p> Example <a href="master.5.html">master.cf</a> entries: </p>
<pre>
# Distinguish inbound MTA logging from submission and smtps logging.
# Distinguish inbound MTA logging from submission and submissions logging.
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/$<a href="postconf.5.html#service_name">service_name</a>
smtps inet n - n - - smtpd
submissions inet n - n - - smtpd
-o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/$<a href="postconf.5.html#service_name">service_name</a>
</pre>
@ -13274,7 +13274,7 @@ TLS connection reuse</a>" for background details. </p>
</DD>
<DT><b><a name="smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a>
(default: see "postconf -d" output)</b></DT><DD>
(default: dane)</b></DT><DD>
<p> The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX
@ -13298,10 +13298,9 @@ authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged. </dd>
</dl>
<p> The default setting for Postfix &ge; 3.6 is "dane" with
"<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = dane", otherwise "may". This behavior
was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
With earlier Postfix versions the default setting was always "dane".
<p> The default setting is "dane" as of Postfix versions 3.6.17,
3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
was mistakenly dependent on the <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> setting.
</p>
<p> Though with "insecure" MX records an active attacker can
@ -14823,21 +14822,22 @@ example.com verify match=hostname:nexthop
(default: no)</b></DT><DD>
<p> Request that the Postfix SMTP client connects using the
SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command. </p>
SUBMISSIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command. </p>
<p> This mode requires "<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt" or
stronger. </p>
<p> Example: deliver all remote mail via a provider's server
"mail.example.com". </p>
<p> Example: deliver all remote mail via a provider's submissions
service at "mail.example.com". </p>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
# Client-side SMTPS requires "encrypt" or stronger.
# Client-side SUBMISSIONS requires "encrypt" or stronger.
<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
<a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> = yes
# The [] suppress MX lookups.
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:465
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:submissions
</pre>
<p> More examples are in <a href="TLS_README.html">TLS_README</a>, including examples for older
@ -17925,7 +17925,8 @@ envelope sender
<blockquote> <p> Note: to enforce that the From: header address
matches the envelope sender (MAIL FROM) address, use an external
filter such as a Milter, for the submission, submissions, or smtps
filter such as a Milter, for the submission or submissions (formerly
called smtps )
services. For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>. </p>
</blockquote>
@ -18033,8 +18034,8 @@ that they do not explicitly own.
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
for the submission or submissions (formerly called smtps) services.
For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
<br>
This feature is available in Postfix version 2.1 and later. </dd>
@ -18054,8 +18055,8 @@ unlisted MAIL FROM address.
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
for the submission or submissions (formerly called smtps) services.
For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
<br>
This feature is available in Postfix version 2.11 and later.</dd>
@ -18100,8 +18101,8 @@ using any MAIL FROM address that is listed in $<a href="postconf.5.html#smtpd_se
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
for the submission or submissions (formerly called smtps) services.
For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
<br>
This feature is available in Postfix version 2.1 and later.</dd>
@ -18872,6 +18873,8 @@ this parameter is always ignored, and Postfix behaves as though the
<b>auto</b> value (described below) was chosen.
</p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> The available choices are: </p>
<dl>
@ -19526,8 +19529,8 @@ instead of using the STARTTLS command. </p>
<p> If you want to support this service, enable a special port in
<a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
server's command line. Port 465 (submissions/smtps) is reserved for
this purpose. </p>
server's command line. Port 465 (submissions, formerly called smtps)
is reserved for this purpose. </p>
<p> This feature is available in Postfix 2.2 and later. </p>
@ -20083,6 +20086,47 @@ MinProtocol = TLSv1
</pre>
</blockquote>
<p> Example: Custom OpenSSL group settings. </p>
<pre>
<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#tls_config_file">tls_config_file</a> = ${<a href="postconf.5.html#config_directory">config_directory</a>}/openssl.cnf
<a href="postconf.5.html#tls_config_name">tls_config_name</a> = postfix
</pre>
<pre>
openssl.cnf:
postfix = postfix_settings
</pre>
<pre>
[postfix_settings]
ssl_conf = postfix_ssl_settings
</pre>
<pre>
[postfix_ssl_settings]
system_default = baseline_postfix_settings
</pre>
<pre>
[baseline_postfix_settings]
# New OpenSSL 3.5 syntax, for older releases consider
# the Postfix default:
#
# Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
#
Groups = *X25519MLKEM768 / *X25519:X448 / P-256:P-384
</pre>
<p> Caution: It is typically best to just use the default group
settings, for which no $<a href="postconf.5.html#tls_config_file">tls_config_file</a> is required (you can set
"<a href="postconf.5.html#tls_config_file">tls_config_file</a> = none", to avoid unwanted leakage of system-wide
settings that strive to harden HTTPS against mostly browser-specific
security and privacy issues into Postfix use of opportunistic TLS,
where they're they can be counterproductive, leading to downgrades
to cleartext, rather than more "secure" TLS). </p>
<p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
3.6.10, and 3.5.20. </p>
@ -20274,8 +20318,7 @@ be using 0.9.6! </dd>
(default: see "postconf -d" output)</b></DT><DD>
<p> The prioritized list of elliptic curves, that should be enabled in the
Postfix SMTP client and server. These are used by the Postfix SMTP server when
"<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = auto". The selected curves should be implemented
Postfix SMTP client and server. The selected curves should be implemented
by OpenSSL and be standardized for use in the TLS "supported groups" extension
(<a href="https://tools.ietf.org/html/rfc8422">RFC8422</a>, <a href="https://tools.ietf.org/html/rfc8446">RFC8446</a> and <a href="https://tools.ietf.org/html/rfc8447">RFC8447</a>). Be sure to include at least "x25519" and
"prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256"). The default
@ -20300,6 +20343,14 @@ customizing the list of FFDHE groups enabled with TLS 1.3. That setting
is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
</p>
<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both <a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> and if available <a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a>
to the empty value, to enable algorithm selection through OpenSSL
configuration. See <a href="postconf.5.html#tls_config_file">tls_config_file</a> for a configuration example.
</p>
<p> This feature is available in Postfix 3.2 and later, when it is
compiled and linked with OpenSSL 1.0.2 or later on platforms where
EC algorithms have not been disabled by the vendor. </p>
@ -20323,6 +20374,8 @@ must support this curve for EECDH key exchange to take place. It
is unwise to choose only "bleeding-edge" curves supported by only a
small subset of clients. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> The default "strong" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
B</a> for information classified up to SECRET. </p>
@ -20367,6 +20420,8 @@ client implementations must support this curve for EECDH key exchange
to take place. It is unwise to choose only "bleeding-edge" curves
supported by only a small subset of clients. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> This default "ultra" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
B</a> for information classified up to TOP SECRET. </p>
@ -20443,10 +20498,15 @@ on whether any of the "kDHE" ciphers are included in the cipherlist.
</p>
<p> Conversely, setting "<a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a>" empty disables TLS 1.3
EC key agreement in OpenSSL 3.0 and later. Note that at least one of
"<a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a>" and "<a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a>" must be non-empty,
this is required by OpenSSL 3.0. If both are inadvertently set empty,
Postfix will fall back to the compiled-in defaults. </p>
EC key agreement in OpenSSL 3.0 and later. If both are set empty,
Postfix will fall back to OpenSSL preferences as described next. </p>
<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both <a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> and <a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a> to the empty
value, to enable algorithm selection through OpenSSL configuration.
See <a href="postconf.5.html#tls_config_file">tls_config_file</a> for a configuration example. </p>
<p> All the default groups and EC curves should be sufficiently strong to make
"pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the
@ -21401,7 +21461,7 @@ the "<a href="postconf.5.html#tlsproxy_tls_chain_files">tlsproxy_tls_chain_files
elliptic-curve Diffie-Hellman (EECDH) key exchange. See
<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> for further details. </p>
<p> This feature is deprecated as of Postfix 3.9. Do not specify. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> This feature is available in Postfix 2.8 and later. </p>
@ -22352,8 +22412,8 @@ process. </p>
<p> Specify zero or more service names separated by comma and/or
whitespace. Any name in the services(5) database may be specified,
though in practice only submission, submissions, and smtp make
sense. </p>
though in practice only submission or submissions (formerly called
smtp) make sense. </p>
<p> When SRV record lookup is enabled with <a href="postconf.5.html#use_srv_lookup">use_srv_lookup</a>, you can
enclose a domain name in "[]" to force IP address lookup instead

5
postfix/html/smtp.8.html
View File

@ -691,11 +691,12 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
Request that the Postfix SMTP client connects using the SUBMIS-
SIONS/SMTPS protocol instead of using the STARTTLS command.
SIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (see 'postconf -d' output)</b>
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup.

129
postfix/man/man5/postconf.5
View File

@ -6872,11 +6872,11 @@ Example master.cf entries:
.PP
.nf
.na
# Distinguish inbound MTA logging from submission and smtps logging.
# Distinguish inbound MTA logging from submission and submissions logging.
smtp inet n \- n \- \- smtpd
submission inet n \- n \- \- smtpd
\-o syslog_name=postfix/$service_name
smtps inet n \- n \- \- smtpd
submissions inet n \- n \- \- smtpd
\-o syslog_name=postfix/$service_name
.fi
.ad
@ -8477,7 +8477,7 @@ See "Client\-side
TLS connection reuse" for background details.
.PP
This feature is available in Postfix 3.4 and later.
.SH smtp_tls_dane_insecure_mx_policy (default: see "postconf \-d" output)
.SH smtp_tls_dane_insecure_mx_policy (default: dane)
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is \fBdane\fR, but the MX
record was found via an "insecure" MX lookup. The choices are:
@ -8498,10 +8498,9 @@ authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged.
.br
.br
The default setting for Postfix >= 3.6 is "dane" with
"smtp_tls_security_level = dane", otherwise "may". This behavior
was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
With earlier Postfix versions the default setting was always "dane".
The default setting is "dane" as of Postfix versions 3.6.17,
3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
was mistakenly dependent on the smtp_tls_security_level setting.
.PP
Though with "insecure" MX records an active attacker can
compromise SMTP transport security by returning forged MX records,
@ -9883,22 +9882,23 @@ example.com verify match=hostname:nexthop
This feature is available in Postfix 2.3 and later.
.SH smtp_tls_wrappermode (default: no)
Request that the Postfix SMTP client connects using the
SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
SUBMISSIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command.
.PP
This mode requires "smtp_tls_security_level = encrypt" or
stronger.
.PP
Example: deliver all remote mail via a provider's server
"mail.example.com".
Example: deliver all remote mail via a provider's submissions
service at "mail.example.com".
.PP
.nf
.na
/etc/postfix/main.cf:
# Client\-side SMTPS requires "encrypt" or stronger.
# Client\-side SUBMISSIONS requires "encrypt" or stronger.
smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
# The [] suppress MX lookups.
relayhost = [mail.example.com]:465
relayhost = [mail.example.com]:submissions
.fi
.ad
.PP
@ -12171,7 +12171,8 @@ envelope sender
.in +4
Note: to enforce that the From: header address
matches the envelope sender (MAIL FROM) address, use an external
filter such as a Milter, for the submission, submissions, or smtps
filter such as a Milter, for the submission or submissions (formerly
called smtps )
services. For example: https://github.com/magcks/milterfrom.
.in -4
.PP
@ -12248,8 +12249,8 @@ that they do not explicitly own.
.br
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
.br
This feature is available in Postfix version 2.1 and later.
.br
@ -12268,8 +12269,8 @@ unlisted MAIL FROM address.
.br
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
.br
This feature is available in Postfix version 2.11 and later.
.br
@ -12314,8 +12315,8 @@ using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
.br
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
.br
This feature is available in Postfix version 2.1 and later.
.br
@ -12973,6 +12974,8 @@ Diffie\-Hellman (EECDH) key exchange. As of Postfix 3.6, the value of
this parameter is always ignored, and Postfix behaves as though the
\fBauto\fR value (described below) was chosen.
.PP
This feature is not used as of Postfix 3.6. Do not specify.
.PP
The available choices are:
.IP "\fBauto\fR"
Use the most preferred curve that is
@ -13566,8 +13569,8 @@ instead of using the STARTTLS command.
.PP
If you want to support this service, enable a special port in
master.cf, and specify "\-o smtpd_tls_wrappermode=yes" on the SMTP
server's command line. Port 465 (submissions/smtps) is reserved for
this purpose.
server's command line. Port 465 (submissions, formerly called smtps)
is reserved for this purpose.
.PP
This feature is available in Postfix 2.2 and later.
.SH smtpd_upstream_proxy_protocol (default: empty)
@ -13942,6 +13945,57 @@ MinProtocol = TLSv1
.ad
.in -4
.PP
Example: Custom OpenSSL group settings.
.PP
.nf
.na
main.cf:
tls_config_file = ${config_directory}/openssl.cnf
tls_config_name = postfix
.fi
.ad
.PP
.nf
.na
openssl.cnf:
postfix = postfix_settings
.fi
.ad
.PP
.nf
.na
[postfix_settings]
ssl_conf = postfix_ssl_settings
.fi
.ad
.PP
.nf
.na
[postfix_ssl_settings]
system_default = baseline_postfix_settings
.fi
.ad
.PP
.nf
.na
[baseline_postfix_settings]
# New OpenSSL 3.5 syntax, for older releases consider
# the Postfix default:
#
# Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
#
Groups = *X25519MLKEM768 / *X25519:X448 / P\-256:P\-384
.fi
.ad
.PP
Caution: It is typically best to just use the default group
settings, for which no $tls_config_file is required (you can set
"tls_config_file = none", to avoid unwanted leakage of system\-wide
settings that strive to harden HTTPS against mostly browser\-specific
security and privacy issues into Postfix use of opportunistic TLS,
where they're they can be counterproductive, leading to downgrades
to cleartext, rather than more "secure" TLS).
.PP
This feature is available in Postfix >= 3.9, 3.8.1, 3.7.6,
3.6.10, and 3.5.20.
.SH tls_config_name (default: empty)
@ -14102,8 +14156,7 @@ Postfix >= 3.4. See \fBSSL_CTX_set_options\fR(3).
This feature is available in Postfix 2.8 and later.
.SH tls_eecdh_auto_curves (default: see "postconf \-d" output)
The prioritized list of elliptic curves, that should be enabled in the
Postfix SMTP client and server. These are used by the Postfix SMTP server when
"smtpd_tls_eecdh_grade = auto". The selected curves should be implemented
Postfix SMTP client and server. The selected curves should be implemented
by OpenSSL and be standardized for use in the TLS "supported groups" extension
(RFC8422, RFC8446 and RFC8447). Be sure to include at least "x25519" and
"prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P\-256"). The default
@ -14127,6 +14180,13 @@ See also the "tls_ffdhe_auto_groups" parameter, which supports
customizing the list of FFDHE groups enabled with TLS 1.3. That setting
is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
.PP
Post\-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both tls_eecdh_auto_curves and if available tls_ffdhe_auto_groups
to the empty value, to enable algorithm selection through OpenSSL
configuration. See tls_config_file for a configuration example.
.PP
This feature is available in Postfix 3.2 and later, when it is
compiled and linked with OpenSSL 1.0.2 or later on platforms where
EC algorithms have not been disabled by the vendor.
@ -14144,6 +14204,8 @@ must support this curve for EECDH key exchange to take place. It
is unwise to choose only "bleeding\-edge" curves supported by only a
small subset of clients.
.PP
This feature is not used as of Postfix 3.6. Do not specify.
.PP
The default "strong" curve is rated in NSA Suite
B for information classified up to SECRET.
.PP
@ -14179,6 +14241,8 @@ client implementations must support this curve for EECDH key exchange
to take place. It is unwise to choose only "bleeding\-edge" curves
supported by only a small subset of clients.
.PP
This feature is not used as of Postfix 3.6. Do not specify.
.PP
This default "ultra" curve is rated in NSA Suite
B for information classified up to TOP SECRET.
.PP
@ -14233,10 +14297,15 @@ Whether FFDHE key agreement is enabled in TLS 1.2 and earlier depends
on whether any of the "kDHE" ciphers are included in the cipherlist.
.PP
Conversely, setting "tls_eecdh_auto_curves" empty disables TLS 1.3
EC key agreement in OpenSSL 3.0 and later. Note that at least one of
"tls_eecdh_auto_curves" and "tls_ffdhe_auto_groups" must be non\-empty,
this is required by OpenSSL 3.0. If both are inadvertently set empty,
Postfix will fall back to the compiled\-in defaults.
EC key agreement in OpenSSL 3.0 and later. If both are set empty,
Postfix will fall back to OpenSSL preferences as described next.
.PP
Post\-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both tls_eecdh_auto_curves and tls_ffdhe_auto_groups to the empty
value, to enable algorithm selection through OpenSSL configuration.
See tls_config_file for a configuration example.
.PP
All the default groups and EC curves should be sufficiently strong to make
"pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the
@ -14874,7 +14943,7 @@ The Postfix \fBtlsproxy\fR(8) server security grade for ephemeral
elliptic\-curve Diffie\-Hellman (EECDH) key exchange. See
smtpd_tls_eecdh_grade for further details.
.PP
This feature is deprecated as of Postfix 3.9. Do not specify.
This feature is not used as of Postfix 3.6. Do not specify.
.PP
This feature is available in Postfix 2.8 and later.
.SH tlsproxy_tls_enable_rpk (default: $smtpd_tls_enable_rpk)
@ -15428,8 +15497,8 @@ process.
.PP
Specify zero or more service names separated by comma and/or
whitespace. Any name in the \fBservices\fR(5) database may be specified,
though in practice only submission, submissions, and smtp make
sense.
though in practice only submission or submissions (formerly called
smtp) make sense.
.PP
When SRV record lookup is enabled with use_srv_lookup, you can
enclose a domain name in "[]" to force IP address lookup instead

5
postfix/man/man8/smtp.8
View File

@ -628,10 +628,11 @@ The name of the \fBtlsmgr\fR(8) service entry in master.cf.
Available in Postfix version 3.0 and later:
.IP "\fBsmtp_tls_wrappermode (no)\fR"
Request that the Postfix SMTP client connects using the
SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
SUBMISSIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command.
.PP
Available in Postfix version 3.1 and later:
.IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
.IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is \fBdane\fR, but the MX
record was found via an "insecure" MX lookup.

3
postfix/proto/TLSRPT_README.html
View File

@ -345,7 +345,8 @@ postfix-tlspol</a>, supports domains with DANE (using Postfix
built-in DANE), and domains with MTA-STS. </p>
<li> <p> <a href="https://github.com/Snawoot/postfix-mta-sts-resolver">
postfix-mta-sts-resolver</a>, supports domains with MTA-STS. </p>
postfix-mta-sts-resolver</a>, supports domains with MTA-STS as of
release 1.5.0 (February 2025). </p>
</ul>

118
postfix/proto/TLS_README.html
View File

@ -552,8 +552,8 @@ and OE (5.01 Mac on all ports). </p>
<p> It is strictly discouraged to use this mode from main.cf. If
you want to support this service, enable a special port in master.cf
and specify "-o smtpd_tls_wrappermode=yes" (note: no space around
the "=") as an smtpd(8) command line option. Port 465 (smtps) was
once chosen for this feature.
the "=") as an smtpd(8) command line option. Port 465 (submissions,
formerly called smtps) is the most common example.
</p>
<p> Example: </p>
@ -561,7 +561,7 @@ once chosen for this feature.
<blockquote>
<pre>
/etc/postfix/master.cf:
smtps inet n - n - - smtpd
submissions inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
</pre>
</blockquote>
@ -1065,7 +1065,7 @@ key configuration </a>
<li> <a href="#client_cipher">Client-side cipher controls </a>
<li> <a href="#client_smtps">Client-side SMTPS support </a>
<li> <a href="#client_smtps">Client-side submissions (formerly called smtps) support </a>
<li> <a href="#client_misc"> Miscellaneous client controls </a>
@ -2560,32 +2560,33 @@ the TLS protocols used with opportunistic TLS. </p>
</pre>
</blockquote>
<h3> <a name="client_smtps">Client-side SMTPS support </a> </h3>
<h3> <a name="client_smtps">Client-side submissions (formerly called smtps) support </a> </h3>
<p> These sections show how to send mail to a server that does not
support STARTTLS, but that provides the SMTPS service
support STARTTLS, but that provides the submissions (smtps) service
on TCP port 465. Depending on the Postfix version, some additional
tooling may be required. </p>
<h4> Postfix &ge; 3.0 </h4>
<p> The Postfix SMTP client has SMTPS support built-in as of version
<p> The Postfix SMTP client has submissions service support built-in
as of version
3.0. Use one of the following examples, to send all remote mail,
or to send only some remote mail, to an SMTPS server. </p>
or to send only some remote mail, to a submissions (smtps) server. </p>
<h5> Postfix &ge; 3.0: Sending all remote mail to an SMTPS server </h5>
<h5> Postfix &ge; 3.0: Sending all remote mail to a submissions (formerly called smtps) server </h5>
<p> The first example will send all remote mail over SMTPS through
a provider's server called "mail.example.com": </p>
<p> The first example will send all remote mail to through a
provider's submissions server called "mail.example.com": </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
# Client-side SMTPS requires "encrypt" or stronger.
# Client-side submissions requires "encrypt" or stronger.
smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
# The [] suppress MX lookups.
relayhost = [mail.example.com]:465
relayhost = [mail.example.com]:submissions
</pre>
</blockquote>
@ -2595,11 +2596,12 @@ a provider's server called "mail.example.com": </p>
</p>
<h5> Postfix &ge; 3.0: Sending only mail for a specific destination
via SMTPS </h5>
to a submissions (formerly called smtps) service </h5>
<p> The second example will send only mail for "example.com" via
SMTPS. This time, Postfix uses a transport map to deliver only
mail for "example.com" via SMTPS: </p>
<p> The second example will send only mail for "example.com" using
the submissions (smtps) service.
This time, Postfix uses a transport map to deliver only
mail for "example.com" using the submissions (smtps) service: </p>
<blockquote>
<pre>
@ -2607,11 +2609,11 @@ mail for "example.com" via SMTPS: </p>
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
example.com relay-smtps:example.com:465
example.com relay-submissions:example.com:submissions
/etc/postfix/master.cf:
relay-smtps unix - - n - - smtp
# Client-side SMTPS requires "encrypt" or stronger.
relay-submissions unix - - n - - smtp
# Client-side submissions service requires "encrypt" or stronger.
-o smtp_tls_security_level=encrypt
-o smtp_tls_wrappermode=yes
</pre>
@ -2625,81 +2627,7 @@ authentication. </p>
<h4> Postfix &lt; 3.0 </h4>
<p> Although older Postfix SMTP client versions do not support TLS
wrapper mode, it is relatively easy to forward a connection through
the stunnel program if Postfix needs to deliver mail to some legacy
system that doesn't support STARTTLS. </p>
<h5> Postfix &lt; 3.0: Sending all remote mail to an SMTPS server </h5>
<p> The first example uses SMTPS to send all remote mail to a
provider's mail server called "mail.example.com". </p>
<p> A minimal stunnel.conf file is sufficient to set up a tunnel
from local port 11125 to the remote destination "mail.example.com"
and port "smtps". Postfix will later use this tunnel to connect to
the remote server. </p>
<blockquote>
<pre>
/path/to/stunnel.conf:
[smtp-tls-wrapper]
accept = 11125
client = yes
connect = mail.example.com:smtps
</pre>
</blockquote>
<p> To test this tunnel, use: </p>
<blockquote>
<pre>
$ telnet localhost 11125
</pre>
</blockquote>
<p> This should produce the greeting from the remote SMTP server
at mail.example.com. </p>
<p> On the Postfix side, the relayhost feature sends all remote
mail through the local stunnel listener on port 11125: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
relayhost = [127.0.0.1]:11125
</pre>
</blockquote>
<p> Use "postfix reload" to make the change effective. </p>
<p> See SOHO_README for additional information about SASL
authentication. </p>
<h4> Postfix &lt; 3.0: Sending only mail for a specific destination via SMTPS </h4>
<p> The second example will use SMTPS to send only mail for
"example.com" via SMTPS. It uses the same stunnel configuration
file as the first example, so it won't be repeated here. </p>
<p> This time, the Postfix side uses a transport map to direct only
mail for "example.com" through the tunnel: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
example.com relay:[127.0.0.1]:11125
</pre>
</blockquote>
<p> Use "postmap hash:/etc/postfix/transport" and "postfix reload"
to make the change effective. </p>
<p> See SOHO_README for additional information about SASL authentication.
</p>
<p> Please see TLS_LEGACY_README. </p>
<h3> <a name="client_misc"> Miscellaneous client controls </a> </h3>

120
postfix/proto/postconf.proto
View File

@ -6708,7 +6708,8 @@ envelope sender
<blockquote> <p> Note: to enforce that the From: header address
matches the envelope sender (MAIL FROM) address, use an external
filter such as a Milter, for the submission, submissions, or smtps
filter such as a Milter, for the submission or submissions (formerly
called smtps )
services. For example: https://github.com/magcks/milterfrom. </p>
</blockquote>
@ -6812,8 +6813,8 @@ that they do not explicitly own.
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
<br>
This feature is available in Postfix version 2.1 and later. </dd>
@ -6833,8 +6834,8 @@ unlisted MAIL FROM address.
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
<br>
This feature is available in Postfix version 2.11 and later.</dd>
@ -6879,8 +6880,8 @@ using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
<br>
Note: to enforce that the From: header address matches the envelope
sender (MAIL FROM) address, use an external filter such as a Milter,
for the submission, submissions, or smtps services. For example:
https://github.com/magcks/milterfrom.
for the submission or submissions (formerly called smtps) services.
For example: https://github.com/magcks/milterfrom.
<br>
This feature is available in Postfix version 2.1 and later.</dd>
@ -8466,11 +8467,11 @@ use the same program name. </p>
<p> Example master.cf entries: </p>
<pre>
# Distinguish inbound MTA logging from submission and smtps logging.
# Distinguish inbound MTA logging from submission and submissions logging.
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o syslog_name=postfix/$service_name
smtps inet n - n - - smtpd
submissions inet n - n - - smtpd
-o syslog_name=postfix/$service_name
</pre>
@ -9930,8 +9931,8 @@ instead of using the STARTTLS command. </p>
<p> If you want to support this service, enable a special port in
master.cf, and specify "-o smtpd_tls_wrappermode=yes" on the SMTP
server's command line. Port 465 (submissions/smtps) is reserved for
this purpose. </p>
server's command line. Port 465 (submissions, formerly called smtps)
is reserved for this purpose. </p>
<p> This feature is available in Postfix 2.2 and later. </p>
@ -13349,8 +13350,7 @@ parameter. See there for details. </p>
%PARAM tls_eecdh_auto_curves see "postconf -d" output
<p> The prioritized list of elliptic curves, that should be enabled in the
Postfix SMTP client and server. These are used by the Postfix SMTP server when
"smtpd_tls_eecdh_grade = auto". The selected curves should be implemented
Postfix SMTP client and server. The selected curves should be implemented
by OpenSSL and be standardized for use in the TLS "supported groups" extension
(RFC8422, RFC8446 and RFC8447). Be sure to include at least "x25519" and
"prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256"). The default
@ -13375,6 +13375,14 @@ customizing the list of FFDHE groups enabled with TLS 1.3. That setting
is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
</p>
<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both tls_eecdh_auto_curves and if available tls_ffdhe_auto_groups
to the empty value, to enable algorithm selection through OpenSSL
configuration. See tls_config_file for a configuration example.
</p>
<p> This feature is available in Postfix 3.2 and later, when it is
compiled and linked with OpenSSL 1.0.2 or later on platforms where
EC algorithms have not been disabled by the vendor. </p>
@ -13405,10 +13413,15 @@ on whether any of the "kDHE" ciphers are included in the cipherlist.
</p>
<p> Conversely, setting "tls_eecdh_auto_curves" empty disables TLS 1.3
EC key agreement in OpenSSL 3.0 and later. Note that at least one of
"tls_eecdh_auto_curves" and "tls_ffdhe_auto_groups" must be non-empty,
this is required by OpenSSL 3.0. If both are inadvertently set empty,
Postfix will fall back to the compiled-in defaults. </p>
EC key agreement in OpenSSL 3.0 and later. If both are set empty,
Postfix will fall back to OpenSSL preferences as described next. </p>
<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
configuration syntax that Postfix will not attempt to imitate.
Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
both tls_eecdh_auto_curves and tls_ffdhe_auto_groups to the empty
value, to enable algorithm selection through OpenSSL configuration.
See tls_config_file for a configuration example. </p>
<p> All the default groups and EC curves should be sufficiently strong to make
"pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the
@ -13433,6 +13446,8 @@ must support this curve for EECDH key exchange to take place. It
is unwise to choose only "bleeding-edge" curves supported by only a
small subset of clients. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> The default "strong" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
B</a> for information classified up to SECRET. </p>
@ -13473,6 +13488,8 @@ client implementations must support this curve for EECDH key exchange
to take place. It is unwise to choose only "bleeding-edge" curves
supported by only a small subset of clients. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> This default "ultra" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
B</a> for information classified up to TOP SECRET. </p>
@ -13499,6 +13516,8 @@ this parameter is always ignored, and Postfix behaves as though the
<b>auto</b> value (described below) was chosen.
</p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> The available choices are: </p>
<dl>
@ -15979,7 +15998,7 @@ the "tlsproxy_tls_chain_files" parameter. </p>
elliptic-curve Diffie-Hellman (EECDH) key exchange. See
smtpd_tls_eecdh_grade for further details. </p>
<p> This feature is deprecated as of Postfix 3.9. Do not specify. </p>
<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
<p> This feature is available in Postfix 2.8 and later. </p>
@ -17507,21 +17526,22 @@ with valid PTR etc. records. </p>
%PARAM smtp_tls_wrappermode no
<p> Request that the Postfix SMTP client connects using the
SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command. </p>
SUBMISSIONS (formerly called SMTPS) protocol instead of using the
STARTTLS command. </p>
<p> This mode requires "smtp_tls_security_level = encrypt" or
stronger. </p>
<p> Example: deliver all remote mail via a provider's server
"mail.example.com". </p>
<p> Example: deliver all remote mail via a provider's submissions
service at "mail.example.com". </p>
<pre>
/etc/postfix/main.cf:
# Client-side SMTPS requires "encrypt" or stronger.
# Client-side SUBMISSIONS requires "encrypt" or stronger.
smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
# The [] suppress MX lookups.
relayhost = [mail.example.com]:465
relayhost = [mail.example.com]:submissions
</pre>
<p> More examples are in TLS_README, including examples for older
@ -17591,7 +17611,7 @@ clients). </p>
This feature is available in Postfix 3.1 and later.
</p>
%PARAM smtp_tls_dane_insecure_mx_policy see "postconf -d" output
%PARAM smtp_tls_dane_insecure_mx_policy dane
<p> The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX
@ -17615,10 +17635,9 @@ authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged. </dd>
</dl>
<p> The default setting for Postfix &ge; 3.6 is "dane" with
"smtp_tls_security_level = dane", otherwise "may". This behavior
was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
With earlier Postfix versions the default setting was always "dane".
<p> The default setting is "dane" as of Postfix versions 3.6.17,
3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
was mistakenly dependent on the smtp_tls_security_level setting.
</p>
<p> Though with "insecure" MX records an active attacker can
@ -18985,8 +19004,8 @@ process. </p>
<p> Specify zero or more service names separated by comma and/or
whitespace. Any name in the services(5) database may be specified,
though in practice only submission, submissions, and smtp make
sense. </p>
though in practice only submission or submissions (formerly called
smtp) make sense. </p>
<p> When SRV record lookup is enabled with use_srv_lookup, you can
enclose a domain name in "[]" to force IP address lookup instead
@ -19193,6 +19212,47 @@ MinProtocol = TLSv1
</pre>
</blockquote>
<p> Example: Custom OpenSSL group settings. </p>
<pre>
main.cf:
tls_config_file = ${config_directory}/openssl.cnf
tls_config_name = postfix
</pre>
<pre>
openssl.cnf:
postfix = postfix_settings
</pre>
<pre>
[postfix_settings]
ssl_conf = postfix_ssl_settings
</pre>
<pre>
[postfix_ssl_settings]
system_default = baseline_postfix_settings
</pre>
<pre>
[baseline_postfix_settings]
# New OpenSSL 3.5 syntax, for older releases consider
# the Postfix default:
#
# Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
#
Groups = *X25519MLKEM768 / *X25519:X448 / P-256:P-384
</pre>
<p> Caution: It is typically best to just use the default group
settings, for which no $tls_config_file is required (you can set
"tls_config_file = none", to avoid unwanted leakage of system-wide
settings that strive to harden HTTPS against mostly browser-specific
security and privacy issues into Postfix use of opportunistic TLS,
where they're they can be counterproductive, leading to downgrades
to cleartext, rather than more "secure" TLS). </p>
<p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
3.6.10, and 3.5.20. </p>

2
postfix/proto/stop
View File

@ -1670,3 +1670,5 @@ SIGKILL
URI
URIs
bugfix
MLKEM
cleartext

2
postfix/proto/stop.double-history
View File

@ -164,3 +164,5 @@ proto proto socketmap_table
cleanup cleanup_message c smtp smtp c smtp smtp_connect c
Documentation edited for clarity Files pipe pipe c
global mail_params h smtpd smtpd c
global mail_params h proto postconf proto smtp smtp c
proto postconf proto proto TLS_README html

2
postfix/src/global/mail_params.h
View File

@ -1660,7 +1660,7 @@ extern bool var_smtp_tls_force_tlsa;
/* SMTP only */
#define VAR_SMTP_TLS_INSECURE_MX_POLICY "smtp_tls_dane_insecure_mx_policy"
#define DEF_SMTP_TLS_INSECURE_MX_POLICY "${{$smtp_tls_security_level} == {dane} ? {dane} : {may}}"
#define DEF_SMTP_TLS_INSECURE_MX_POLICY "dane"
extern char *var_smtp_tls_insecure_mx_policy;
/*

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20250207"
#define MAIL_RELEASE_DATE "20250215"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT

5
postfix/src/smtp/smtp.c
View File

@ -594,10 +594,11 @@
/* Available in Postfix version 3.0 and later:
/* .IP "\fBsmtp_tls_wrappermode (no)\fR"
/* Request that the Postfix SMTP client connects using the
/* SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
/* SUBMISSIONS (formerly called SMTPS) protocol instead of using the
/* STARTTLS command.
/* .PP
/* Available in Postfix version 3.1 and later:
/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
/* The TLS policy for MX hosts with "secure" TLSA records when the
/* nexthop destination security level is \fBdane\fR, but the MX
/* record was found via an "insecure" MX lookup.

6
postfix/src/tls/tls_dh.c
View File

@ -393,7 +393,6 @@ static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
void tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
{
#ifndef OPENSSL_NO_ECDH
char *def_eecdh = DEF_TLS_EECDH_AUTO;
#if OPENSSL_VERSION_PREREQ(3, 0)
@ -407,6 +406,10 @@ void tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
#endif
const char *origin;
/* Use OpenSSL defaults */
if (!*eecdh && !*ffdhe)
return;
/*
* Try the user-specified list first. If that fails (empty list or no
* known group name), try again with the Postfix defaults. We assume that
@ -432,7 +435,6 @@ void tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
return;
}
}
#endif
}
#ifdef TEST

55
postfix/src/tls/tls_misc.c
View File

@ -674,8 +674,8 @@ void tls_param_init(void)
VAR_TLS_EXPORT_CLIST, DEF_TLS_EXPORT_CLIST, &var_tls_export_ignored, 0, 0,
VAR_TLS_NULL_CLIST, DEF_TLS_NULL_CLIST, &var_tls_null_clist, 1, 0,
VAR_TLS_EECDH_AUTO, DEF_TLS_EECDH_AUTO, &var_tls_eecdh_auto, 0, 0,
VAR_TLS_EECDH_STRONG, DEF_TLS_EECDH_STRONG, &var_tls_eecdh_strong, 1, 0,
VAR_TLS_EECDH_ULTRA, DEF_TLS_EECDH_ULTRA, &var_tls_eecdh_ultra, 1, 0,
VAR_TLS_EECDH_STRONG, DEF_TLS_EECDH_STRONG, &var_tls_eecdh_strong, 0, 0,
VAR_TLS_EECDH_ULTRA, DEF_TLS_EECDH_ULTRA, &var_tls_eecdh_ultra, 0, 0,
VAR_TLS_FFDHE_AUTO, DEF_TLS_FFDHE_AUTO, &var_tls_ffdhe_auto, 0, 0,
VAR_TLS_BUG_TWEAKS, DEF_TLS_BUG_TWEAKS, &var_tls_bug_tweaks, 0, 0,
VAR_TLS_SSL_OPTIONS, DEF_TLS_SSL_OPTIONS, &var_tls_ssl_options, 0, 0,
@ -1084,8 +1084,17 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
break;
#endif
}
EVP_PKEY_free(dh_pkey);
}
if (kex_name) {
TLScontext->kex_name = mystrdup(kex_name);
TLScontext->kex_curve = kex_curve;
}
/* Not a problem if NULL */
EVP_PKEY_free(dh_pkey);
/* Resumption makes no use of signature keys or digests */
if (TLScontext->session_reused)
return;
/*
* On the client end, the certificate may be present, but not used, so we
@ -1111,12 +1120,19 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
* the more familiar name. For "RSA" keys report "RSA-PSS", which
* must be used with TLS 1.3.
*/
if ((nid = EVP_PKEY_type(EVP_PKEY_id(local_pkey))) != NID_undef) {
if ((nid = EVP_PKEY_id(local_pkey)) != NID_undef) {
switch (nid) {
default:
if ((nid = EVP_PKEY_type(nid)) != NID_undef)
locl_sig_name = OBJ_nid2sn(nid);
break;
#if defined(EVP_PKEY_KEYMGMT)
case EVP_PKEY_KEYMGMT:
locl_sig_name = EVP_PKEY_get0_type_name(local_pkey);
break;
#endif
case EVP_PKEY_RSA:
/* For RSA, TLS 1.3 mandates PSS signatures */
locl_sig_name = "RSA-PSS";
@ -1138,6 +1154,13 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
*/
if (SSL_get_signature_nid(ssl, &nid) && nid != NID_undef)
locl_sig_dgst = OBJ_nid2sn(nid);
if (locl_sig_name) {
SIG_PROP(TLScontext, srvr, name) = mystrdup(locl_sig_name);
SIG_PROP(TLScontext, srvr, curve) = locl_sig_curve;
if (locl_sig_dgst)
SIG_PROP(TLScontext, srvr, dgst) = mystrdup(locl_sig_dgst);
}
}
peer_cert = TLS_PEEK_PEER_CERT(ssl);
if (peer_cert != 0) {
@ -1165,12 +1188,19 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
* the more familiar name. For "RSA" keys report "RSA-PSS", which
* must be used with TLS 1.3.
*/
if ((nid = EVP_PKEY_type(EVP_PKEY_id(peer_pkey))) != NID_undef) {
if ((nid = EVP_PKEY_id(peer_pkey)) != NID_undef) {
switch (nid) {
default:
if ((nid = EVP_PKEY_type(nid)) != NID_undef)
peer_sig_name = OBJ_nid2sn(nid);
break;
#if defined(EVP_PKEY_KEYMGMT)
case EVP_PKEY_KEYMGMT:
peer_sig_name = EVP_PKEY_get0_type_name(peer_pkey);
break;
#endif
case EVP_PKEY_RSA:
/* For RSA, TLS 1.3 mandates PSS signatures */
peer_sig_name = "RSA-PSS";
@ -1193,19 +1223,6 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
if (SSL_get_peer_signature_nid(ssl, &nid) && nid != NID_undef)
peer_sig_dgst = OBJ_nid2sn(nid);
}
TLS_FREE_PEER_CERT(peer_cert);
if (kex_name) {
TLScontext->kex_name = mystrdup(kex_name);
TLScontext->kex_curve = kex_curve;
}
if (locl_sig_name) {
SIG_PROP(TLScontext, srvr, name) = mystrdup(locl_sig_name);
SIG_PROP(TLScontext, srvr, curve) = locl_sig_curve;
if (locl_sig_dgst)
SIG_PROP(TLScontext, srvr, dgst) = mystrdup(locl_sig_dgst);
}
if (peer_sig_name) {
SIG_PROP(TLScontext, !srvr, name) = mystrdup(peer_sig_name);
SIG_PROP(TLScontext, !srvr, curve) = peer_sig_curve;
@ -1213,6 +1230,8 @@ void tls_get_signature_params(TLS_SESS_STATE *TLScontext)
SIG_PROP(TLScontext, !srvr, dgst) = mystrdup(peer_sig_dgst);
}
}
TLS_FREE_PEER_CERT(peer_cert);
}
/* tls_log_summary - TLS loglevel 1 one-liner, embellished with TLS 1.3 details */