[Top] [All Lists]

Re: [ietf-smtp] How to encrypt SMTP?

2019-10-26 19:36:39
On 10/26/19 8:25 PM, John Levine wrote:

Yes but IMO we should be moving toward a world in which TLS is mandatory for 
SMTP relay.    Clear guidance to implementors
and operators on what TLS versions, cert algorithms, and ciphersuites a client 
and server should support, might help us get there.
I don't think that's the problem.  I don't see any SMTP TLS failures other than 
from spambots.
That sounds good, but I'd like to understand more precisely what you're observing.
(perhaps as a stepping stone, cleartext mail relay could be pessimized ...
We already have mta-sts, which says that cleartext is forbidden for
the domains it's published for.  Why reinvent another wheel?

Maybe it's not necessary, but I don't know how widely mta-sts is being required.   What are the barriers to server operators turning on MTA-STS everywhere?


ietf-smtp mailing list