On Fri, Oct 13, 2023 at 11:53:06AM +0200, Joachim Lindenberg via Postfix-users
wrote:
> Are there any ideas or plans to implement SMTP Require TLS Option (RFC
> 8689) in postfix?
No current plans. The most viable and useful part of the RFC is the
part that allows a message to *opt out* of TLS, so that one can, for
example, send email to a postmaster of a domain whose TLS setup is
not working as expected. That part is not too difficult to implement.
> I am aware of that in order to really leverage that, one needs a MUA
> using it, plus a MTA supporting SMTP-DANE (RFC 7672) or MTA-STS (RFC
> 8461), but sure I may be missing something.
Postfix supports DANE, but there's no MTA-STS support. And I've not
seen much by way of receiving MTAs advertising REQUIRETLS as a
capability, so opportunities for the *require* part of the spec are
extremely limited.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
