On 5/14/18 7:08 AM, Viktor Dukhovni wrote:
Allowing the TXT record do specify the authority domain of the MTA-STS policy URL would allow any party in control of some HTTPS endpoint in the domain to forge the domain's MTA-STS policy, provided they are able to MiTM the lookup of the TXT record. I think this needlessly weakens MTA-STS security.
The point is: that same person could install an MX record that points to an (out-of-domain) MTA that they control, which implements whatever policy they want, and then forwards mail to the real MTA in a way that complies with the original policy. Clearly they're in a position to do far more than violating STS policy, but if that's what they're after, there's a clear path.
/a _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
