It appears that Michael Ströder via mailop <mich...@stroeder.com> said: >> And skipping it avoids the pain of setting up a number of steps and, >> for some reason, introducing an HTTP server into your mail-receiving >> stack?! >Is that simple HTTP server serving a tiny static file is really such a >big deal? Personally I don't see why.
It's a scale problem. My tiny system handles mail for 180 domains, so the tiny web site has 180 names and 180 TLS certificates. In fact it's not a static file, it's a tiny python script that synthesizes the returned page from the web config and as a bonus feature, also receives the few reports posted using https. It's not immensely hard but if I didn't already havs scripts set up to handle automated Let's Encrypt TLS certs it would have been more trouble than it's worth. DANE was a lot easier, just make up the TLSA records when I got the certs for the mail servers and I was done. Of course, since I am that kind of person, my mail servers also have 180 names and 180 TLS certs. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop