> On May 26, 2017, at 10:01 PM, John <j...@klam.ca> wrote:
>
>>> I currently use "smtp_tls_security_level = dane" but recent discussion
>>> have made me wonder if I should change that. Maybe encrypt.
>> These address entirely different use-cases. So no.
>>
>> Use "encrypt" when all mail goes to a single relayhost with no way
>> to authenticate that relayhost.
>>
>> Use "dane" when delivering "direct to MX", that is, wherever the
>> MX records of various domains might point.
Do you now understand why each setting is applicable to the use-case
in question? Or still not really? It's a shame to just cargo-cult
settings without knowing what they mean...
--
Viktor.
