On 10/26/19 8:25 PM, John Levine wrote:
That sounds good, but I'd like to understand more precisely what you're
Yes but IMO we should be moving toward a world in which TLS is mandatory for
SMTP relay. Clear guidance to implementors
and operators on what TLS versions, cert algorithms, and ciphersuites a client
and server should support, might help us get there.
I don't think that's the problem. I don't see any SMTP TLS failures other than
(perhaps as a stepping stone, cleartext mail relay could be pessimized ...
We already have mta-sts, which says that cleartext is forbidden for
the domains it's published for. Why reinvent another wheel?
Maybe it's not necessary, but I don't know how widely mta-sts is being
required. What are the barriers to server operators turning on MTA-STS
ietf-smtp mailing list