[zinekeller]

> This attack is much easier - I did it against a popular mail provider a few years ago.

I guess this is Fastmail :)

[holigot]

Can't even understand, why they do not give us some features like IPv6, DANE, DNSSEC and so on... https://fastmail.blog/historical/fastmail-dns-hosting/

In 2014 Rob Mueller wrote: "Our future DNS plans include DNSSEC support (which then means we can also do DANE properly, which allows server-to-server email sending to be more secure), DMARC record support, and ideally one day Anycast support to make DNS lookups faster."