1 Reply Latest reply on Feb 4, 2012 12:03 AM by ajclements

    Minimum Cipher Required

      Ironmail 6.7.2 has an SMTPI configuration option called Minimum Cipher Required.  You can select: none, low, medium, or high.

      But I can find no documentation on what you get when you select low, medium, or high.

      What do low, medium and high actually select / change on the back end configuration?

       

      In the administrator's manual, it says the default option is "EXPORT", which is not even an option.

       

      Message was edited by: bpetersen on 2/3/12 10:59:59 AM CST

       

      Message was edited by: bpetersen on 2/3/12 11:04:30 AM CST
        • 1. Re: Minimum Cipher Required

          The IronMail follows the OpenSSL definitions of cipher strengths.  High means 128 bits or higher (no RC4 ciphers), medium is 128, and low is below 128 bits.  Low and no minimum seem to have the same ciphers, and we only support TLS1, not SSLv3.  As a sample, here are some of the ciphers offered at each level:

           

          High:

          AES256-SHA - 256 bits
          DES-CBC3-SHA - 168 bits
          AES128-SHA - 128 bits
          

           

          Medium:

          AES256-SHA - 256 bits
          DES-CBC3-SHA - 168 bits
          AES128-SHA - 128 bits
          RC4-SHA - 128 bits
          RC4-MD5 - 128 bits
          

           

          Low and No Minimum:

          AES256-SHA - 256 bitsDES-CBC3-SHA - 168 bits
          AES128-SHA - 128 bits
          RC4-SHA - 128 bits
          RC4-MD5 - 128 bits
          DES-CBC-SHA - 56 bits