24 May
2025
24 May
'25
7:53 a.m.
John Levine via NANOG <nanog@lists.nanog.org> writes:
This is a waste of time. If people want to believe that SMTP clients send certificates, there's not much I can do to persuade them otherwise.
Let's just disagree then. But when my secondary MX receives an email and later forwards it to my primary MX over a mTLS channel, then I call that SMTP. If you want to call it submission because the secondary MX operates as an authenticated client, then fine.
But in any event, I hope we have established that the number of people affected by the LE change to stop signing client certs rounds to zero.
Sure. Bjørn