Skip to content
Permalink
Browse files

Include examples

  • Loading branch information...
desh-se committed Jul 31, 2019
1 parent b1b7573 commit d9ff3859c4af7ee83c8b6f5b8ee41ec0af4416f0
Showing with 40 additions and 1 deletion.
  1. +40 −1 protocols/mta-sts/README.md
@@ -1,2 +1,41 @@
## SMTP MTA Strict Transport Security (MTA-STS)
A MTA-STS implementation based on [draft-ietf-uta-mta-sts-09](https://tools.ietf.org/html/draft-ietf-uta-mta-sts-09).
An MTA-STS implementation based on [rfc8461](https://tools.ietf.org/html/rfc8461).

You can test it by running:

```
$domain = "gmail.com";
import { mta_sts } from "mtasts";
$mtasts = mta_sts($domain);
if (is_array($mtasts) and $mtasts["mode"] == "enforce")
{
smtp_lookup_rcpt([
"host" => "lookup-mx",
"mx_include" => $mtasts["mx"],
"tls" => "require_verify",
"tls_sni" => true,
"tls_verify_host" => true,
"tls_default_ca" => true,
"tls_protocols" => "!SSLv2,!SSLv3,!TLSv1,!TLSv1.1"
], "", "test@$domain");
}
else echo "No MTA-STS for $domain";
```

and it should normally be used in the [pre-delivery script](https://docs.halon.io/hsl/archive/master/predelivery.html) like

```
import { mta_sts } from "mtasts";
$mtasts = mta_sts($message["recipientaddress"]["domain"]);
if (is_array($mtasts) and $mtasts["mode"] == "enforce")
{
Try([
"mx_include" => $mtasts["mx"],
"tls" => "require_verify",
"tls_sni" => true,
"tls_verify_host" => true,
"tls_default_ca" => true,
"tls_protocols" => "!SSLv2,!SSLv3,!TLSv1,!TLSv1.1"
]);
...
```

0 comments on commit d9ff385

Please sign in to comment.
You can’t perform that action at this time.