On Mon, May 09, 2016 at 10:44:11PM -0000, John Levine wrote:
> It occurs to me that another reason to prefer out of band reporting is
> that it's a lot easier to ramp up.
>
> My impression is that many, perhaps most, existing MTAs can be
> configured to do STARTTLS. But of course, at this point none of them
> have any reporting extensions. Viktor and I can write reporting
> extensions for our favorite MTAs, but under the most optimistic
> scenario it'll take quite a while for those extensions to become
> popular in all the MTAs that people use, and no extension, no in-band
> reporting.
Legacy MTAs also won't have STS support. We won't get new security
capabilitie ex nihilo.
> On the other hand, you can set up out of band reporting with a DNS
> record pointing to the URL, and a little mail handling script or web
> CGI script to accept all of your reports, no MTA patches needed. Once
> you start getting the reports, you can start adjusting the existing
> STARTTLS configs, again most likely no MTA patches needed.
I'm not suggesting that out-of-band reporting should not also be
specified. Let's also specify in-band reporting.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
