Not sure if this is a question for the community or just the devs but
one of the credos this user swears by is “If it isn’t broken, then
don’t go fixin’ it…”
There’s this FUD out there that all sites MUST be https. Of course I
disagree with this sentiment but perhaps there is something I’m
missing.
So, to the community: What is gained by requiring postfix.org to use
https?
- - -
On 6 Jan 2022, at 17:34, Nilo César Teixeira wrote:
Hi,
First message on this group, thanks for all good advice so far.
Regarding https, why not host Postfix website here:
https://pages.github.com/ ?
We could leverage auto https ideally, but perhaps for custom domain
certbot
would be necessary haven't researched yet.
Em seg., 3 de jan. de 2022 11:29, Viktor Dukhovni <
postfix-us...@dukhovni.org> escreveu:
On Mon, Jan 03, 2022 at 03:19:36PM +0100, Jaap van Wingerde wrote:
try plaintext http: http://www.postfix.org/ currently works for me.
Firefox (with 'only-https' off, still redirects to https).
Then you've failed to completely turn off 'only-https'. The pages at
"http://www.postfix.org/"; load just fine with the latest Firefox
95.0.2.
There's no imminent risk of browsers dropping HTTP support. They
just
flag the connection as "insecure".
--
Viktor.
