[wila]

My email server passed, but the test mentioned, it could be better by adding it to the EFF's STARTTLS policy list [1].

The only problem being that that list is currently practically empty.

So while I was considering adding that email server which I maintain, when I saw the items on the list it makes me reconsider.

The only email servers currently on the list are : google, yandex, yahoo, icloud, outlook, comcast, eff, qq and facebook.

So while it might be an opportunity to get your server on the list early, personally I worry more about what it will break as to what it will help.

In conclusion, it looks like a great initiative, but it will have to be in production for a while before I would recommend anybody to add their server to that list.

[1] https://dl.eff.org/starttls-everywhere.policy.json

[the_zeroth_law]

One of the nice features of the policy list is that you can put your server on it in testing mode. In testing mode, any failure in TLS negotiation is logged and reported, but the message is sent over the insecure communication. So it shouldn't cause any breakage.

See https://github.com/EFForg/starttls-everywhere/blob/master/RU... for more info.

[wila]

OK, that's interesting and does indeed help in taking away that concern.

Another question if I may.

The site mentions:

> the STARTTLS Policy List gives mail servers another point of reference to discover whether other mail servers support STARTTLS

Is there any email provider, email server component or email client that already uses this policy list?

Because that's another thing I miss from the FAQ.