search

mail-in-a-box / mailinabox

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
https://mailinabox.email/
Creative Commons Zero v1.0 Universal
13.92k stars 1.43k forks source link

mta-sts configuration wrong in 4.50 #1828

Open ondrejvaroscak opened 4 years ago

ondrejvaroscak commented 4 years ago
  1. only _mta-sts record is created for box.domain - no _smtp._tls record
  2. no _mta-sts is created for domain itself
  3. no _smtp._tls record is created for domain itself
  4. no additional MX entries in mta-sts.txt if you have multiple MX entries in DNS
  5. max_age: in mta-sts.txt policy file is set too low

I would fork it, do the changes and make pull request, but I am a newbie and don't want to screw things up :-)

JoshData commented 4 years ago

no _smtp._tls record

This record is optional. I found the reporting to be unhelpful, so it is off by default, with an undocumented way to turn it on. If you want to open a PR that adds some documentation for how to turn it on, that'd be great.

no _mta-sts is created for domain itself

It's working for me... As seen in some discussion forum posts, it may not appear immediately because the box needs to provision a TLS certificate for the policy domain first.

no additional MX entries in mta-sts.txt if you have multiple MX entries in DNS

I understand some folks use complex setups, but this isn't a supported setup, at least not currently. The box assumes that the MX record is sets is the only one.

max_age: in mta-sts.txt policy file is set too low

That may be true. I'm open to a PR that sets it to a normal value.