Russell Coker <russell@coker.com.au> writes:
Is there any way to publish the fact that I would prefer to receive mail via SSL?
Not that I know of. I think you would have to configure the sending server to require it for the destination server. Which really isn't what you wanted.
My understanding is that if a hostile party proxies the SMTP session such that the sender thinks that my MTA is incapable of SSL then the sender will happily send it unencrypted.
Yes, I believe you could be correct here. The sending server has no secure way of knowing that the remote server supports SSL. Ideally this could be published in DNS, I am not aware of any standards to do this however. I haven't looked either. -- Brian May <brian@linuxpenguins.xyz> https://linuxpenguins.xyz/brian/