On Mon, 11 May 2015 17:15:35 +0200 Gilles Chehade wrote: > I can't honestly recall if we still do this without checking first, but there > was some code in OpenSMTPD to always attempt SMTPS before attempting STARTTLS > when trying to do opportunistic crypto. This means that for hosts that would > setup both SMTPS and STARTTLS, we would always take SMTPS. > > In practice, I'm not even sure we still do this because our stats showed that > we _never_ exchanged with a host over SMTPS, no hosts ever offers it.
I wonder what is best more likely and easier to accomplish or gain traction. SMTPS or DNSSEC DNSSEC causes problems but people seem to be wanting it enough to implement it anyway, though many providers still including I believe Google cloud dns do not. I am still in two minds about it. SMTPS would be best and doesn't create problems but is getting traction mainly a matter of getting postfix, exim and opensmtpd to enable it "by default"? How long would either take to become widespread? -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
