We want safer hops for email. Email goes through multiple computers (or multiple “hops”) to get to its destination, and each hop should be as secure as possible. More specific goals of the project include:
If you like the project, consider donating!
Alternative to DANE¶
However, operators have been very slow to roll out DNSSEC supprt.
We feel there is value in deploying an intermediate solution that does not rely on DNSSEC. This will improve the email security situation more quickly. It will also provide operational experience with authenticated SMTP over TLS that will make eventual rollout of DANE-based solutions easier.
Adding your Domain¶
If you followed this guide, your mail server should already be valid member for the StartTLS Everywhere Policy List.
Point you browser to https://www.starttls-everywhere.org/add-domain/
Fill in you domain, MX servers host names and you postmaster mail address.
You will receive an email with a verification URL. Click on that and you should be done.