Right, I figured they were from your stats, but figured I'd ask since I never saw any MTA-STS data on your site :)
Anyway, I'm happy I didn't misunderstand the state of things, at least. Looking forward to getting a "secure-but-also-dane" option in smtp_tls_policy_maps eventually :) Matt On 7/4/20 4:31 PM, Viktor Dukhovni wrote: > On Sat, Jul 04, 2020 at 01:20:59PM -0700, Matt Corallo wrote: > >> Oh wow, thanks for the numbers. Where did you get those, btw? > > https://stats.dnssec-tools.org/ > https://stats.dnssec-tools.org/about.html > >> I guess, indeed, it’s not much of an issue until 2021 when outlook >> deploys DANE for inbound (at least so they claim), at which point a >> substantial volume of mail will hit this. > > The customer domains opting-in to DANE on Microsoft's cloud platform > will not quickly alter the landscape. And quite possibly not all of > them will also enable MTA-STS. > >> Of course but the time most users adopt code written today it’ll be >> 2021 at least (thanks Debian, Redhat, et al). > > Perhaps so, but the present options are workable, and the requirements > will be more clear a couple of years from now. >
