> On Sep 30, 2018, at 2:11 PM, Hanno Böck <[email protected]> wrote:
>
> I did now some more scans for MTA-STS and I thought it might be
> interesting for the list to learn the results.
Thanks for the data collection!
> A very effective way of finding hosts that support mta-sts is to scrape
> the Certificate Transparency logs. (With the exception of hosts that
> use wildcard certificates.)
>
> This gave me 697 hosts with an mta-sts subdomain.
A small comment on terminology, I find your use of "host" here rather
confusing. I'm used to speak of "domains" that receive email, and
a given domain's MX hosts ("MX host" is not a formal IETF term, but
is widely used and understood). The domain part of an email address
need not correspond to any host, and many don't. The domain names
that appear as the "exchange" field of an MX record RDATA (i.e.
MX hosts) are of course names of hosts, since they are expected to
terminate TCP connections to the SMTP (port 25) service.
Thus, with MTA-STS, the policy is associated with a domain, and is
provided via HTTPS by the host whose name is constructed by prefixing
the label "mta-sts" the policy domain.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
