TLSMGR(8) System Manager's Manual TLSMGR(8)
NAME
tlsmgr - Postfix TLS session cache and PRNG handling manager
SYNOPSIS
tlsmgr [generic Postfix daemon options]
DESCRIPTION
The tlsmgr process does housekeeping on the session cache database files. It runs through the databases and removes expired entries and
entries written by older (incompatible) versions.
The tlsmgr is responsible for the PRNG handling. The used internal OpenSSL PRNG has a pool size of 8192 bits (= 1024 bytes). The pool is
initially seeded at startup from an external source (EGD or /dev/urandom) and additional seed is obtained later during program run at a
configurable period. The exact time of seed query is using random information and is equally distributed in the range of [0-tls_ran-
dom_reseed_period] with a tls_random_reseed_period having a default of 1 hour.
Tlsmgr can be run chrooted and with dropped privileges, as it will connect to the entropy source at startup.
The PRNG is additionally seeded internally by the data found in the session cache and timevalues.
Tlsmgr reads the old value of the exchange file at startup to keep entropy already collected during previous runs.
From the PRNG random pool a cryptographically strong 1024 byte random sequence is written into the PRNG exchange file. The file is updated
periodically with the time changing randomly from [0-tls_random_prng_update_period].
STANDARDS
SECURITY
Tlsmgr is not security-sensitive. It only deals with external data to be fed into the PRNG, the contents is never trusted. The session
cache housekeeping will only remove entries if expired and will never touch the contents of the cached data.
DIAGNOSTICS
Problems and transactions are logged to the syslog daemon.
BUGS
There is no automatic means to limit the number of entries in the session caches and/or the size of the session cache files.
CONFIGURATION PARAMETERS
The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax details and for default
values. Use the postfix reload command after a configuration change.
Session Cache
smtpd_tls_session_cache_database
Name of the SDBM file (type sdbm:) containing the SMTP server session cache. If the file does not exist, it is created.
smtpd_tls_session_cache_timeout
Expiry time of SMTP server session cache entries in seconds. Entries older than this are removed from the session cache. A cleanup-
run is performed periodically every smtpd_tls_session_cache_timeout seconds. Default is 3600 (= 1 hour).
smtp_tls_session_cache_database
Name of the SDBM file (type sdbm:) containing the SMTP client session cache. If the file does not exist, it is created.
smtp_tls_session_cache_timeout
Expiry time of SMTP client session cache entries in seconds. Entries older than this are removed from the session cache. A cleanup-
run is performed periodically every smtp_tls_session_cache_timeout seconds. Default is 3600 (= 1 hour).
Pseudo Random Number Generator
tls_random_source
Name of the EGD socket or device or regular file to obtain entropy from. The type of entropy source must be specified by preceding
the name with the appropriate type: egd:/path/to/egd_socket, dev:/path/to/devicefile, or /path/to/regular/file. tlsmgr opens
tls_random_source and tries to read tls_random_bytes from it.
tls_random_bytes
Number of bytes to be read from tls_random_source. Default value is 32 bytes. If using EGD, a maximum of 255 bytes is read.
tls_random_exchange_name
Name of the file written by tlsmgr and read by smtp and smtpd at startup. The length is 1024 bytes. Default value is /etc/post-
fix/prng_exch.
tls_random_reseed_period
Time in seconds until the next reseed from external sources is due. This is the maximum value. The actual point in time is calcu-
lated with a random factor equally distributed between 0 and this maximum value. Default is 3600 (= 60 minutes).
tls_random_prng_update_period
Time in seconds until the PRNG exchange file is updated with new pseude random values. This is the maximum value. The actual point
in time is calculated with a random factor equally distributed between 0 and this maximum value. Default is 60 (= 1 minute).
SEE ALSO
smtp(8) SMTP client
smtpd(8) SMTP server
LICENSE
The Secure Mailer license must be distributed with this software.
AUTHOR(S)
TLSMGR(8)