Dan Mahoney via Postfix-users:
> Folks,
>
> Are these features on the roadmap in the future in mainline at any
> point, or is the current way of doing things (snawoot's mta-sts-resolver
> and sys4's libtlsrpt) basically the canonical method?
>
> The postfix port under FreeBSD isn't linked against the tlsrpt
> libs, although I've asked the maintainer if it's possible.
There are no short-term plans to build a libtlsrpt client into
Postfix. That might happen after the client-server protocol has
been stable for a few years.
Before we can even think of building STS into Postfix, its SMTP TLS
policy support needs to be overhauled first. Viktor and I have been
thinking on and off about that since 2022 (instead of one level,
one would configure a range, or a collection of levels).
Additionally, STS requires an HTTPS client. This involves a) dragging
in a large C library dependency (never!), b) re-inventing that wheel
with Postfix C code, or c) implementing it in a better language
that has decent HTTPS support.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
