Enforce MTA-STS policy about maddy HOT 3 CLOSED

Another idea to secure local server configurations using MTA-STS:

• Check if we have the MTA-STS policy set (try to get it, check if our hostname is listed in mx directives).
• If policy exists and applied for us - reject messages sent over plain-text connections.
• Add configuration directive to disallow plain-text submission manually

from maddy.

First two points may break interoperability with non-MTA-STS-capable senders, so I guess it makes sense to leave them out by default and instead add option to disable unencrypted sessions. Same goes for #50.

In the light of HTTP endpoint design mentioned in #67, we might want to add endpoint to allow easier configuration for MTA-STS:

mta_sts {
  endpoint https://0.0.0.0:443 # can be ommited, implied by default
  max_age 600 # seconds
  mx *.asd.sd
  # our hostname is added implicitly
}

from maddy.

First two points may break interoperability with non-MTA-STS-capable senders, so I guess it makes sense to leave them out by default and instead add option to disable unencrypted sessions.

Yes. It's the sender's responsibility to check the MTA-STS policy. Indeed, we can always add an option to disable unencrypted sessions.

In the light of HTTP endpoint design mentioned in #67, we might want to add endpoint to allow easier configuration for MTA-STS

I'd really like MTA-STS to be enabled by default. It's an important part of e-mail security. Without it, encryption is basically useless (because of downgrade attacks).

from maddy.