On Fri, Jan 11, 2019 at 4:22 PM Viruthagiri Thirumavalavan <giri@dombox.org> wrote:
What IETF Mailing list thinks? - "Implicit TLS doesn't offer any additional security than a downgrade protected STARTTLS. Let's not waste a port."
In addition, it bypasses all the security folks have built around the idea of blocking port 25 traffic from sources which should not be operating as mail servers. Let's not make the network less secure in the name of making it more so.
e.g. mx1.example.com should be prefixed like smtps-mx1.example.com.
I'm not a fan over overloading semantic information in part of a protocol where it doesn't belong, That's dug us in to a lot of deep holes over the years. If you want to do this, seek a new DNS record type or do like everybody else and create a TXT record to inform internet peers of the availability of your new semantics for port 25. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>