Zitat von Viktor Dukhovni <postfix-us...@dukhovni.org>:
On Wed, Apr 23, 2014 at 04:21:14PM +0200, Per Thorsheim wrote:RFC3207 says publicly available servers are required to support plaintext and fallback to plaintext if cipher negotations etc fail.Correct.It seems to me as if mailadmins prefer supporting "everything", since anything is better than plaintext.Correct. This is called "opportunistic TLS". For an explanation of why that's the best possible for SMTP at Internet scale without DNSSEC see (version may change from 08 at some point):http://vdukhovni.github.io/ietf/draft-ietf-dane-smtp-with-dane-08.html#channelsecurityOn the other side webadmins and crypto people saying that SSLv3, 128 bit, 2048 bit key and valid cert should be a minimum.HTTPS is not SMTP and PKIX TLS is not opportunistic TLS.I would really like to hear honest and justified opinions on what to consider "good" and "best" practices on this matter.There's an air of superiority in that question, avoid the temptation to demand explanations. Better than opportunistic TLS for SMTP requires DNSSEC + DANE. Have you implemented DNSSEC for your domain? Published TLSA records?
[OT]Are there any experience with DNSSEC capable DNS Providers at the lower cost range suitable for KMU? We are now at a quote for ~300 Euro/month as all-inclusive-DNS (web based management, automatic key handling, anycast etc.).
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
