Wietse Venema: > John Levine: > > MTA-STS is a newish IETF spec that lets mail operators declare that > > all of their incoming mail servers support STARTTLS. (See RFC 8461.) > > > > The idea is to preclude mailstream hijacking. If a domain publishes > > MTA-STS, it says what what the names MX'es should be; Before they > > start sending mail, client systems check that STARTTLS works, and (if > > MTA-STS is in enforced mode) that the TLS certificate from the mail > > server is the right one. If not, the mail is presumably about to be > > hijacked by a middlebox and the sending system doesn't send it. > > > > For example, here's where you can find the MTA-STS for my iecc.com: > > > > https://mta-sts.iecc.com/.well-known/mta-sts.txt > > > > The big gorilla mail systems are implementing this now that they all > > have STARTTLS support. > > > > A detail a lot of people forget is that a mail server can have > > multiple names, just like a web server can. During the TLS startup, > > the client system sends SNI saying what name it expects, so the server > > can send the correct certificate. At least that's the plan -- in my > > experience a lot of mail client software doesn't send SNI, so MTA-STS > > verification fails on servers with multiple names since the server > > sends a default certificate that isn't the one the client expects. > > > > Looking at the mail logs for my servers, it's pretty clear that > > Postfix doesn't send SNI. I would also guess that if a Postfix MTA has > > multiple names, it doesn't have any way to select a certificate using > > SNI. This is not hard to fix; I added SNI support to the mailfront > > SMTP daemon in a couple of hours. It took longer to get all the > > certificates signed.
Postfix 3.4 and later have server-side SNI support. Were in the Postfix 3.6 development cycle now, so that was added 2 years ago. > Postfix will send SNI when it is told (by policy) what servername > to use. It can be statically configured as smtp_tls_servername, > or dynamically in an smtp_tls_policy_map lookup result with the > servername attribute. > > There are several MTA-STS plugins for Postfix that provide that > dynamic policy. It is not built into Postfix at this time, just > like DKIM and a lot of other protocols. > > Wietse > > > FYI, it's not just me. Real systems use multiple names, e.g., Tucows' > > large whitelabel mail service has a unique MX name for each hosted > > domain, like this: > > > > $ host tucows.com > > tucows.com mail is handled by 0 mx.tucows.com.cust.hostedemail.com. > > $ host tucows.net > > tucows.net mail is handled by 10 mx.tucows.net.cust.a.hostedemail.com. > > $ host opensrs.com > > opensrs.com mail is handled by 0 mx.opensrs.com.cust.a.hostedemail.com. > > > > If you're keeping score, Gmail gets SNI correct, Microsoft's Outlook.com > > doesn't, but I think I've found the right people to fix it. > > > > R's, > > John > > >