Could you simulate this by having your outbound not attempt STARTTLS (perhaps
just to a specific host)? If your MTA code understands the difference between
not-offered and not-attempted, that wouldn't work. Just a thought.
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
-----Original Message-----
From: ietf-smtp <ietf-smtp-bounces(_at_)ietf(_dot_)org> On Behalf Of ?????
????????
Sent: Monday, January 10, 2022 11:53 AM
To: ietf-smtp(_at_)ietf(_dot_)org
Subject: [ietf-smtp] Validating MTA-STS setup, by writing to improperly
configured MTA-STS sites
Hello,
I want to validate, that outgoing MTA-STS does work correctly. I want to
send an email to a site, which has broken MTA-STS, and see what happens.
Can somebody name a sample site, which (on purpose, for testing purposes,
unintentionally for the moment) announces MTA-STS, but does not offer
STARTTLS?
I found only
https://urldefense.com/v3/__https://mtasts.xyz/__;!!CQl3mcHX2A!TTR4o6
1qatE9S6m9-9E3V266j07tny3GsF_Gb-Cme7r-
bqM2EnnrsBWVuvBYC0D3pGbE_raAtg$ trying to perform outbound tests,
but its MTA-STA setup is too broken - the certificates are outdated and the
HTTP-policy is thus ignored.
Greetings
Дилян
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ietf-
smtp__;!!CQl3mcHX2A!TTR4o61qatE9S6m9-9E3V266j07tny3GsF_Gb-Cme7r-
bqM2EnnrsBWVuvBYC0D3pGYo8Sdz-Q$
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp