Am 26.09.18 um 18:52 schrieb [email protected]:
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 8461
>
> Title: SMTP MTA Strict Transport Security
> (MTA-STS)
> SMTP MTA Strict Transport Security (MTA-STS) is a mechanism enabling
> mail service providers (SPs) to declare their ability to receive
> Transport Layer Security (TLS) secure SMTP connections and to specify
> whether sending SMTP servers should refuse to deliver to MX hosts
> that do not offer TLS with a trusted server certificate.
Hello WG,
I consider implementing MTA-STS on our platform hosting thousand+ Domains.
Now I just found the following text:
Note that in all such cases, the policy endpoint
("https://mta-sts.user.example/.well-known/mta-sts.txt"; in this
example) must still present a certificate valid for the Policy Host
("mta-sts.user.example"), and not for that host at the provider's
domain ("mta-sts.provider.example").
Does that really mean I have to setup thousand+ virtual hosts
https://mta-sts.domain1...1000.example?
Or are there other strategies for hosting provider?
Andreas
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
