Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Tobias Goeller
Hi Tobi Well, you actually *can* technically enforce TLS. I'm not saying that it would make any... but if you want to revive don quixote one more time... yes, you can. I would be happy already if people would create working SPF records with enforcement for all domains (and stop using outlook

Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Marc Balmer
Some folks obviously have too much time, lol ...;) Am 02.02.2018 um 15:58 schrieb Daniel Stirnimann : >> Since you seem to like quotes, Jon Postel had one for you: >> >> "Be liberal in what you accept, and conservative in what you send" > > I thought this mindset

Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Daniel Stirnimann
> Since you seem to like quotes, Jon Postel had one for you: > > "Be liberal in what you accept, and conservative in what you send" I thought this mindset is outdated: https://tools.ietf.org/html/draft-thomson-postel-was-wrong-02 Daniel ___ swinog

Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Massimiliano Stucchi
On 02/02/2018 09:36, Peter Keel wrote: > Since I've made TLS for SMTP mandatory. The respective admins of these servers > might want finally at least enable voluntary TLS; some of their customers > apparently would like to receive mails from my server. Since you seem to like quotes, Jon

Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Tobi
You cannot force any other party to apply YOUR policy to THEIR systems. "Your server your rules, but my server my rules" :-) Furthermore mandatory tls can fail for a bunch of other reasons except from "not offering tls at all" ex no common cipher/tls version can be negotiated. I do mandatory tls

Re: [swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Viktor Steinmann
Mimimi? Seriously? If you chose to configure TLS mandatory, you'll have to live with the fact, that some servers will not offer this service. Don't try to force others to apply your policy, instead relax your own policy. You can still monitor your maillog for non-TLS connections and from

[swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers

2018-02-02 Diskussionsfäden Peter Keel
Hi I get these errors: | TLS is required, but was not offered by host mx1.datacomm.ch[212.40.2.32] and | TLS is required, but was not offered by host relay.kfsb.ch[213.202.32.8] Since I've made TLS for SMTP mandatory. The respective admins of these servers might want finally at least enable