
Enable MTA-STS in 5 Minutes with Nginx - rubatuga
https://www.naut.ca/blog/2020/04/07/mta-sts-in-5-minutes/
======
Snawoot
It's worth noting that blog post covers only one-way MTA-STS, announcing STS
policy to other SMTP peers, protecting only inbound mail from MTA-STS enabled
servers.

In order to ensure strict transport security on sender side (for mail outbound
from server), one have add support for MTA-STS to mail server itself.

I'm developer of such solution for Postfix mail server:
[https://github.com/Snawoot/postfix-mta-sts-
resolver](https://github.com/Snawoot/postfix-mta-sts-resolver)

It's an external policy server for Postfix which retrieves, validates, caches
and prefetches STS policies for target mail domains. postfix-mta-sts-resolver
package is already available in Debian repos and I guess it'll be included in
upcoming Ubuntu 20.04 LTS. If I recall correctly there are also FreeBSD port,
docker images and AUR package for Arch Linux.

------
geordee
Learned something new. Dates/inputs for data with Poisson distribution.

