Hi Tobi Well, you actually *can* technically enforce TLS. I'm not saying that it would make any... but if you want to revive don quixote one more time... yes, you can.
I would be happy already if people would create working SPF records with enforcement for all domains (and stop using outlook and thinking of exchange as a technologically sound mailserver) Even big financial companies fail at creating SPF Records... and wonder why they have so many bounces. I do have mandatory TLS for some domains... but not as a global requirement (although... in a perfect world...) Tobias -- E = M * C^2 +/- 3.2db > On 2 Feb 2018, at 11:22 , Tobi <tobs...@brain-force.ch> wrote: > > You cannot force any other party to apply YOUR policy to THEIR systems. > "Your server your rules, but my server my rules" :-) > Furthermore mandatory tls can fail for a bunch of other reasons except > from "not offering tls at all" ex no common cipher/tls version can be > negotiated. > I do mandatory tls on my servers too, but not globally. Just for > selected rcpt-domains/next-hops > > Cheers > > tobi > > Am 02.02.2018 um 09:36 schrieb Peter Keel: >> Hi >> >> I get these errors: >> >> | TLS is required, but was not offered by host mx1.datacomm.ch[212.40.2.32] >> >> and >> >> | TLS is required, but was not offered by host relay.kfsb.ch[213.202.32.8] >> >> Since I've made TLS for SMTP mandatory. The respective admins of these >> servers >> might want finally at least enable voluntary TLS; some of their customers >> apparently would like to receive mails from my server. >> >> And by the way, RFC 2487 that is referred to for instance in the postfix >> manpage >> and stated that one must not make TLS mandatory has been obsoleted by RFC >> 3207. >> >> Cheers >> Seegras >> > > > _______________________________________________ > swinog mailing list > swinog@lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog