Hi,
Sorry for my poor expression, :)
All our MX servers can be setup with tls secure.
But as people have said in the list, we should accept the messages which
are not encrypted otherwise it will break RFC.
If the peer MTAs send messages to us, with non-encrypted content, these
messages should not be secure at all, regardless they are stored within
our systems with/without encrypted.
Here the gov etc owns strong wiretap technology. They don't have to go
into our systems, but do the wiretap on internet, will get everything
they want, unless the transfer is also going with strong SSL.
This is what I actually want to ask for, about the transfer secure.
Thx.
On 2015/9/14 ζζδΈ 10:15, Benny Pedersen wrote:
On September 14, 2015 4:04:51 AM Ken Peng <k...@cloud-china.org> wrote:
From production viewpoints, we can develop that a encrypted-email
service easily. But if we can't assure the secure transfer, what
destination these systems should exist for?
is your asking how to setup smtp_ to only send mail to other mail
servers that are tls secure ?
then install postfix 3.0.x and configure dane client, for recipient
domains its still just std tls, but if you want to force tls it would be
dane_only as client in postfix
please sharw your customs to postfix, that helps others to help you aswell
simply postconf -n would be nice, and postconf -nf if you use postfix 3.x.x
--
B. Regards,
Ken Peng - k...@cloud-china.org
