On 1/11/19 9:38 AM, Viruthagiri Thirumavalavan wrote:
> Hello NANOG, Belated new year wishes.
>
> I would like to gather some feedback from you all.
>
> I'm trying to propose two things to the Internet Standard and it's
> related to SMTP.
>
> (1) STARTTLS downgrade protection in a dead simple way
>
> (2) SMTPS (Implicit TLS) on a new port (26). This is totally optional.
Why would anyone need this when you can just set an option in most (all
modern?) SMTP servers to refuse clear connections if you want to force
TLS at all times?