[eze]

Please pardon my security ignorance, but I can't understand why Gmail takes this action while accepting incoming email from unsigned servers. That is, I like to toy with out-of-the-box Postfix setups in VPSes, and Gmail (still) accepts messages from my test domains. (Well, maybe the first one gets flagged as spam, but still.)

Considering that I have taken no actions whatsoever to secure/sign my server, why does Google consider this legitimate? I find it inconsistent. Also, isn't DNS unencrypted in the first place? Is there something like HSTS for mail?

Thanks in advance for any help in clarifying this.

Edit: HSTS, grammar.