On Tue, Mar 04, 2014 at 10:24:06AM +0100, Peer Heinlein wrote:
> And: It's not a surprise and not a "man made problem", but an
> interesting new use-case where we can provide additional mailadresses
> with TLS-encrypted SMTP (next hop)-transfer to/from the recipient's
> provider.
>
> The forced use of TLS-encryption can by triggered by the user who knows,
> what he's doing. But the user need's a fast DSN if the enforced TLS is
> not possible.
Wietse's proposed design will bounce when the last MX host tried
(default the second to which a TCP connection is made) reports a
remote-at-fault TLS error. This is about the best approach possible
under the circumstances. This of course requires new code.
--
Viktor.
