Jim,
I’m not sure how much of an impact this might have, but should there be a
reference to TLSRPT? Either not to be counted or to explain the lack of TLS
based on “TLS-Required: no” being set?
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
From: Uta On Behalf Of Jim Fen
Good thought. Since it's acting as though it doesn't implement MTA-STS,
then it should not include these messages in TLSRPT reports, correct?
On 3/28/19 2:51 PM, Brotman, Alexander wrote:
>
> Jim,
>
>
>
> I’m not sure how much of an impact this might have, but should there
> be a reference to TL
Or state that the request to use DANE/MTA-STS was ignored as requested by the
sender. There’s a free-text option for the TLS failure reason, which could
perhaps suffice here. That would allow for a more complete data picture for
the receiver of the reports.
--
Alex Brotman
Sr. Engineer, Anti-
But then we would want to have a consistent failure reason for this, so
to do this right we would want to add a new entry to the STARTTLS
Validation Result Types registry. Not a free-text entry that could vary
from implementation to implementation.
Wish we had caught this earlier!
On 3/28/19 3:00
