> On May 26, 2017, at 9:40 PM, John <j...@klam.ca> wrote: > > I currently use "smtp_tls_security_level = dane" but recent discussion have > made me wonder if I should change that. Maybe encrypt.
These address entirely different use-cases. So no.
Use "encrypt" when all mail goes to a single relayhost with no way
to authenticate that relayhost.
Use "dane" when delivering "direct to MX", that is, wherever the
MX records of various domains might point.
--
Viktor.
