On Fri, Apr 17, 2020 at 06:46:27PM -0400, Wietse Venema wrote:
> 1) Infrastructure mail server. DNS configuration is not supposed
> to change. People who care about TLSA/DANE will provision a secure
> and stable DNS resolver.
>
> 2) Personal laptop, roaming between trusted and untrusted networks.
> People who care about their email won't send directly to arbitrary
> remote destinations. Instead they will relay through a trusted
> infrastructrure server (see above), and not rely on TLSA/DANE.
>
> 3) ???
>
> What use cases did you have in mind?
Mostly case 1), but for a fresh install where out of the box default
installation gets you "smtp_tls_security_level = none". You configure
a stable local resolver, but then also need to configure multiple
Postfix settings to get what could be a default setting:
smtp_dns_support_level = dnssec
smtp_tls_security_level = dane
We should probably walk before we run and go with a default of:
smtp_tls_security_level = may
but eventually, we could select the default in a more nuanced manner.
This assumes that turning on DANE is by then a common practice and that
DANE is applicable to a more substantial fraction of Internet email.
--
Viktor.
