Heho, > ...and now it gives me 9 out of 10, acknowledging that my MTA > verifies DNSSEC and honors TLSA records. My own domain (and the sending for email-security-scans.org) scores 9/10 as well; Mostly because OpenSMTPd lacks DANE and MTA-STS validation... and TLS-RPT sending... that is a whole nother beast.
> Of course, I'll never get a 10 out of 10. I'll implement TLS > reports, by and by, but MTA-STS will be supported here over my dead > body. :) I share your sentiment. I am not a fan of MTA-STS, and honestly not really sure which problem it solves. > This is the most impressive email testing system I've ever seen. Thanks. The todo is still long, and the code bad. ;-) But i am trying to get it into a robust state; It can be rather surprising how emails look in the wild. Newest find: Bump message storage in the DB from BLOB to LONGBLOB, because apparently there are 167KB(!) bounces these days... size mostly added by the NDR. -.-' With best regards, Tobias _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop