On 3/23/18 1:19 AM, Tim Hollebeek wrote: >> to (easy with e.g. Postfix header_checks): >> >> Require-TLS: NO >> Subject: [insecure-delivery]: actual subject >> >> or (not easy with header_checks, but hides the subject tag): >> >> Require-TLS: NO >> Subject: actual subject > I think leaving [insecure-delivery] in the subject is a feature of > such a configuration, not a bug. It conveys important information > about the delivery of the message.
RequireTLS: NO only overrides policy mechanisms (DANE, MTA-STS) that may be present. It does not cause delivery of the message to be insecure. TLS may be negotiated with RequireTLS: NO, it just isn't required. It just causes TLS to be negotiated very much like it is today (in the absence of DANE and MTA-STS). Header field munging is an ugly business, and (as an individual) I am opposed to it, especially since this doesn't seem to be a very compelling usage. As document editor, I haven't heard WG consensus to include that in the REQUIRETLS draft, so I won't be adding that. Of course, some operators might munge the Subject header field anyway, as they do for other things. -Jim _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
