On 1/5/19 9:58 PM, Viruthagiri Thirumavalavan wrote:
Requiring TLS is pointless if the MX record is not secure.Alice,If the DNS is not secure, then that's a completely different issue. It should be fixed in the DNS rather than SMTP. And that's the reason DNSSEC was introduced, right?.
That's why I use DNSSEC.But MTA-STS provides a way to leverage PKI to secure the MX record when DNSSEC validation is not available. That can be either because the receiving domain is not protected by DNSSEC or because the sending MTA is not able to validate DNSSEC.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
