On 10/23/23 7:11 PM, Richard Clayton via mailop wrote:
In message <a04a3efd-f48a-4971-a688-900e644d6...@as397444.net>, Matt
Corallo via mailop <mailop@mailop.org> writes
On 10/23/23 3:26 AM, Jaroslaw Rafa via mailop wrote:
However, all this discussion is hardly related to email, as - as many have
noted - there's hardly any certificate checking at all between MTAs.
Indeed, MTAs mostly use DNSSEC/DANE which would have prevented this issue
entirely! MUAs much less
so, however.
I see nearly 100 MTA-STS reports (including most large mailbox
providers) every day ... that's about doubled over a year
Apologies, not quite sure I understood your point here - MTA-STS wasn't a topic of conversation, as
far as I can tell. MTA-STS would not have prevented or materially mitigated this attack, DANE would
have. (MTA-STS also happens to be a rather nuts rube goldberg machine, but that's a separate matter)
Matt
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
