Hi On Wed, Jul 12, 2023 at 01:00:43AM +0300, Taavi Eomäe via mailop wrote: > On 11/07/2023 20:43, Bastian Blank via mailop wrote: > > Given that this host only reacts on port 25 but not on port 587, I > > assume this is MX. > Ideally one would offer implicit TLS on port 465 as well (RFC8314).
But this RFC talks about submission of e-mail, exactly not what this thread is about. > > You are talking about MX, which is unauthenticated in the absence of DANE. > There's also MTA-STS, which doesn't rely on DNSSEC and introduce operational > complexity. This, the same way as DANE, asks the client to do authentication. So it is not included in my statement. And in that case the client enforces more strict rules normally. Bastian -- We Klingons believe as you do -- the sick should die. Only the strong should live. -- Kras, "Friday's Child", stardate 3497.2 _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop