On 10/26/19 8:25 PM, John Levine wrote:
Yes but IMO we should be moving toward a world in which TLS is mandatory for
SMTP relay. Clear guidance to implementors
and operators on what TLS versions, cert algorithms, and ciphersuites a client
and server should support, might help us get there.
I don't think that's the problem. I don't see any SMTP TLS failures other than
from spambots.
That sounds good, but I'd like to understand more precisely what you're
observing.
(perhaps as a stepping stone, cleartext mail relay could be pessimized ...
We already have mta-sts, which says that cleartext is forbidden for
the domains it's published for. Why reinvent another wheel?
Maybe it's not necessary, but I don't know how widely mta-sts is being
required. What are the barriers to server operators turning on MTA-STS
everywhere?
Keith
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp