MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Reindl Harald
h.reindl at thelounge.net
Sat Dec 6 14:12:08 UTC 2014
Am 06.12.2014 um 14:40 schrieb Daniel Parthey:
> Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>:
>>
>> Am 06.12.2014 um 06:56 schrieb Jan Wideł:
>>> If you add disable_plaintext_auth=yes ssl=required settings, then
>>> dovecot will drop authentication without STARTTLS. But damage will be
>>> done, client will send unencrypted (or in this scenario MD5 or SHA512
>>> hash) login/password
>>
>> no, damage will *not* be done
>>
>> STARTTLS happens in context of connect and *log before* any
>> authentication is tried the handshake between client/server fails
>
> If the client is misconfigured to not strictly require STARTTLS, but to allow plaintext authentication too, and some man in the middle strips the STARTTLS capability from the server capability message, then the client will probably send its password login attempt in plaintext, without even trying to establish a STARTTLS session, because the server seemed to be incapable of STARTTLS.
>
> So you might need to teach your users to enforce STARTTLS in their email client in order to mitigate MITM attacks
that's so far true but:
* if you require STARTTLS try to setup the account without TLS
fails while "not strictly require STARTTLS" is a issue of the
past where Thunderbird offered "TLS if available"
* so that MITM needs to happen in the timeframe where the user
configures the account the first time not chose STARTTLS
* after the account was configured that MITM is no longer possible
MITM which strips STARTTLS is more an issue in case of opportunistic TLS
between MTA's
frankly i still don't understand the stupidity of deprecate 465 in favor
of STARTTLS instead use 465/993/995 in context of mail-clients which
would "MITM strip away STARTTLS" not make possible at all
from a straight technical point of view the only *real* use-case for
STARTTLS ist MTA-to-MTA on Port 25 which don't send credentials at all
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141206/e137a62e/attachment-0001.sig>
More information about the dovecot
mailing list