On 2020-07-24 at 15:29 -0700, Luis E. Muñoz wrote: > I would push DANE a bit up in the list. DNSSEC can be a drag to some, but it > is really the way to go in terms of decentralization of encryption. It is > also a good practice.
Absolutely, but the context here was sending to Gmail, who don't (as far as we on the outside know) implement DNSSEC verification or DANE. So I moved it down the list. The big webmail providers don't do DANE, so for "how to deliver to them", DANE stays lower on the list. For Best Current Practices which focus more on "how to be compliant with current changes in privacy legislation in the EU", then yes DANE moves up the list. Folks really should do that. For clarity: none of the 14 (!!!) points in the main deliverability list are optional, if you care about your outbound mail being delivered. > You may find this helpful > > https://esmtp.email/tools/mta-sts/ Ooh, thanks. I'll update the blog-post with a link. -Phil _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
