Constant Contact sends mail. Not sure how that relates to their receiving practices. Have you looked into MTA-STS? It does not fulfill your desire, but gets you a lot closer. Log data should give you an idea of how much breakage you can expect with forcing TLS.
Thanks, 🐜 > On Aug 26, 2020, at 9:50 AM, Scott Mutter via mailop <mailop@mailop.org> > wrote: > > How many mail operators out there are forcing outbound SMTP communications to > use TLS? Is this a common practice now? I know secure everything and TLS > everywhere is a popular movement at this moment. > > I've noticed that Constant Contact (constantcontact.com > <http://constantcontact.com/> - at least the mail server at 205.207.104.108) > and yahoo.co.jp <http://yahoo.co.jp/> (67.195.204.74) don't appear to be > accepting STARTTLS. Is that strange? > > yahoo.com <http://yahoo.com/> appears to handle STARTTLS but yahoo.co.jp > <http://yahoo.co.jp/> does not. There may be other country/region specific > Yahoo domains that don't. > > I'm just wondering if that is common. Perhaps the administrators of these > mail servers are unaware of this? Constant Contact - whose primary purpose > would seem to be to insure mail delivering - not accepting STARTTLS seems > extremely strange. > > I've been toying with the idea of forcing outbound SMTP connections to use > TLS, but thought I'd take a quick look and see who might miss mail if this > done. It looks like most mail servers handle TLS, I haven't extended this > test to a lot of servers yet so it may just be that the mail servers I have > enacted this on are small volume senders. > > I should note, forcing TLS is different from preferring TLS. I think a lot > of MTAs (at least Exim, I think?) prefer TLS and will attempt to negotiate a > STARTTLS session, but if that fails, then it will continue without TLS. By > forcing TLS, I'm telling my server to close the connection if a STARTTLS > session can't be started. Are any other mail server admins doing this? Or > is it still too early to require this? > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop