>> [...].  One can of course automate periodic SMTP TLS policy
>> updates from the STS URIs of a handful of providers, and let the
>> usual outbound TLS policy take care of the rest:
>>    http://www.postfix.org/TLS_README.html#client_tls_policy
> I'm much in favor of reusing the Postfix SMTP client's TLS policy
> lookup mechanism for this, for example
>     smtp_policy_maps = socketmap:inet:host:port:name
> and to extend the policy map feature set as needed.
> If the (key, value) interface turns out to be too restrictive, this
> interface could be generalized towards something like the SMTP
> server access policy delegation protocol (possibly with multiple
> commands, multiple request attributes, or multiple reply attributes).
> Like DKIM/DMARC I do not think that complex policies like STS should
> be built into core Postfix SMTP components.

It sounds like it is a fairly "easy" implementation? If so, when can
expect a testing version for this?
I will gladly test this!


Attachment: 0x94B964DD.asc
Description: application/pgp-keys

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to