Viktor Dukhovni <postfix-us...@dukhovni.org> writes:
>> On Oct 11, 2019, at 10:19 AM, micah anderson <mi...@riseup.net> wrote:
>>
>> I am aware of that, but I'm not asking specifically how to implement
>> this, I'm more trying to find out what really is the concern here with
>> enabling this, and what we need to do to fix that.
>
> The concern is as stated, we don't know what remote MTAs will do if
> they receive an unexpected SNI. You can try it I guess, and see
> what happens.
Indeed, this is why I was wondering how we could go about probing these
remote MTAs to track down what exactly they would do. We'd need someone
who has a significant number of remote clients that they send to, over
TLS, to gather those and attempt to connect using SNI to see what would
happen.
Or is there a good 'gamification' site that people use that could be
convinced to add this check?
--
micah
