I am probably overlooking it, but I cannot find any detailed information about this feature in the documentation. Would someone be willing to explain in greater detail what this means and what the recommended settings are?
My understanding is that it enforces TLS for all server-to-server inbound or outbound communication. If that’s the case I don’t understand why this is a user-configurable option. How would that work on a per-mailbox basis?
This seems like something that should be enabled by default, but I don’t want to disrupt any mail delivery. Does anyone have a feel for how many other servers do or do not use TLS these days? In other words, if I enable this, would I only be blocking traffic from a small percentage of poorly configured servers, or is this not yet widely adopted?
What I would really prefer is a way to enforce that all users connect to the mailcow server via TLS for both incoming and outgoing. Server-to-server is less of a concern. Is this possible?