micah anderson: > Eray Aslan <er...@a21an.org> writes: > > > On Wed, Dec 19, 2018 at 02:36:50PM -0500, Viktor Dukhovni wrote: > >> If there are no objections, I can change the default to "may" when > >> TLS is compiled in. > > > > No objections for setting smtp_tls_security_level. Thanks for your > > effort. > > I just wanted to circle back to this thread - it seems like nobody had > any objections to this change, and there were even proposed changes > sent, but I don't see that it ever got integrated?
What was the idea: change the default when built with TLS support? Meanwhile, we should consider enabling smtp_tls_connection_reuse, too, otherwise the high-volume case can have an unexpected performance difference between plaintext deliveries and TLS (namely, one TCP handshake plus one TLS handshake per delivery). Wietse