On 1/5/19 7:50 AM, Viruthagiri Thirumavalavan wrote:
Hello UTA WG,
I have a proposal for SMTPS (Implicit TLS), port 25 secure alternative
on a new dedicated port 26.
Both MTA-STS and MTA-DANE tries to fix the STARTTLS downgrade issue.
However the implementation is not simple. The former requires a HTTPS
server and the latter requires DNSSEC
Hi,
While it is true MTA-STS requires a web server, it can be a static host
and does not need to be run on same IP / host as the SMTP server.
There are plenty of lightweight free daemons out there that can securely
serve static content over TLS.
For those who do not yet implement DNSSEC it is a very easy solution and
is not a barrier to advertising that MTA clients should use TLS when
connecting and require they use a validating certificate.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
