On Thu, Jul 29, 2021 at 09:13:39AM +0200, Josh Good <postfix.2016...@naleco.com> wrote:
> Well, it's not exactly clear, in the Rhenus notification, whether they > are just disabling TLS 1.0, or that plus also disabling plain text SMTP. > > Viktor thinks it's just the first case. But we should not underestimate > the push that a checklist-based security audit can exert on an > overburdened IT Dept. > > I will find out for sure on the first of August, or the following days, > for if they (Rhenus) disable plain text SMTP in their publicly-referenced > SMTP servers, PAIN will ensue and my urgent intervention will probably > be requested to "fix" things... > > Regards, > Josh Good The Rhenus email did say: "...must be sent with the TLS 1.2 protocol or higher. Any mail received without fulfilling this condition will be rejected by our server." That second sentence sounds to me like a definite statement that an SMTP connection that doesn't initiate STARTTLS will not be able to send email. At least, I can't see how else to interpret those words. cheers, raf
